MPLSL3×××+GRE+MCE+多角
发布时间:2019-09-02 07:40:41编辑:auto阅读(1654)
很喜欢用GRE做隧道,这样容易理解MPLS,当然LSP的隧道很EASY就KO了,主要是用/32的主机路由来建立LSP隧道的,注意隧道的起止为位置,LSP的话,就是2端LOOPBACK的起止,在用LOOPBACK建立BGP关系的时候需要注意指定源地址,否则关系起不来,这在EBGP和IBGP里都一样。隧道的起止要与BGP的邻居关系一致这样才能让BGP去利用你的GRE隧道,GRE隧道里切记一定要敲MPLS否则你数据不会被解封装,还有就是GRE隧道里不要配置IP,否则协议不稳定。MCE是多实例主机这个没什么好讲的,用来隔离业务的,多角色主机是接在MCE上的,然后由PE去帮助多角色主机,而不是在MCE上做,因此MCE的实例中必须加一条默认路由或是汇总路由,否则有可能不能通,提示找不到目标网络,主要是中间跨越了MCE,否则不会出现该问题。
详细配置如下:
<PE1>
<PE1>DIS CUR
#
sysname PE1
#
cpu-usage cycle 1min
#
mpls lsr-id 11.11.11.11
#
radius scheme system
#
mpls
#
ip ***-instance A
route-distinguisher 1:1
***-target 1:1 export-extcommunity
***-target 1:1 import-extcommunity
#
ip ***-instance B
route-distinguisher 1:2
***-target 1:2 export-extcommunity
***-target 1:2 import-extcommunity
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
#
interface Aux0
async mode flow
#
interface Ethernet0/0
ip address dhcp-alloc
#
interface Ethernet0/1
ip address dhcp-alloc
#
interface Serial0/0
clock DTECLK1
link-protocol ppp
ip address 1.1.1.1 255.255.255.252
#
interface Tunnel1
source 11.11.11.11
destination 22.22.22.22
mpls
#
interface NULL0
#
interface LoopBack1
ip address 11.11.11.11 255.255.255.255
#
interface LoopBack2
ip binding ***-instance A
ip address 111.111.111.111 255.255.255.0
#
interface LoopBack3
ip binding ***-instance B
ip address 222.222.222.221 255.255.255.0
#
bgp 1
undo synchronization
group m-ibgp internal
peer 22.22.22.22 group m-ibgp
peer 22.22.22.22 connect-interface LoopBack1
#
ipv4-family ***-instance A
import-route direct
undo synchronization
#
ipv4-family ***-instance B
import-route direct
undo synchronization
#
ipv4-family ***v4
peer m-ibgp enable
peer 22.22.22.22 group m-ibgp
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 11.11.11.11 0.0.0.0
#
FTP server enable
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
<PE1>DIS CUR
#
sysname PE1
#
cpu-usage cycle 1min
#
mpls lsr-id 11.11.11.11
#
radius scheme system
#
mpls
#
ip ***-instance A
route-distinguisher 1:1
***-target 1:1 export-extcommunity
***-target 1:1 import-extcommunity
#
ip ***-instance B
route-distinguisher 1:2
***-target 1:2 export-extcommunity
***-target 1:2 import-extcommunity
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
#
interface Aux0
async mode flow
#
interface Ethernet0/0
ip address dhcp-alloc
#
interface Ethernet0/1
ip address dhcp-alloc
#
interface Serial0/0
clock DTECLK1
link-protocol ppp
ip address 1.1.1.1 255.255.255.252
#
interface Tunnel1
source 11.11.11.11
destination 22.22.22.22
mpls
#
interface NULL0
#
interface LoopBack1
ip address 11.11.11.11 255.255.255.255
#
interface LoopBack2
ip binding ***-instance A
ip address 111.111.111.111 255.255.255.0
#
interface LoopBack3
ip binding ***-instance B
ip address 222.222.222.221 255.255.255.0
#
bgp 1
undo synchronization
group m-ibgp internal
peer 22.22.22.22 group m-ibgp
peer 22.22.22.22 connect-interface LoopBack1
#
ipv4-family ***-instance A
import-route direct
undo synchronization
#
ipv4-family ***-instance B
import-route direct
undo synchronization
#
ipv4-family ***v4
peer m-ibgp enable
peer 22.22.22.22 group m-ibgp
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 11.11.11.11 0.0.0.0
#
FTP server enable
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
-----------------------------------------------------------
[PE2]dis cur
#
sysname PE2
#
cpu-usage cycle 1min
#
mpls lsr-id 22.22.22.22
#
radius scheme system
#
mpls
#
ip ***-instance A
route-distinguisher 1:1
***-target 1:1 export-extcommunity
***-target 1:1 import-extcommunity
#
ip ***-instance B
route-distinguisher 1:2
***-target 1:2 export-extcommunity
***-target 1:2 import-extcommunity
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
#
acl number 2000
rule 1 permit ***-instance A source 192.168.10.0 0.0.0.255
#
interface Aux0
async mode flow
#
interface Ethernet0/0
ip address dhcp-alloc
#
interface Ethernet0/0.1
ip binding ***-instance A
ip address 1.1.1.5 255.255.255.252
ip policy route-policy DJS
vlan-type dot1q vid 1
#
interface Ethernet0/0.2
ip binding ***-instance B
ip address 1.1.1.5 255.255.255.252
vlan-type dot1q vid 2
#
interface Ethernet0/1
ip address dhcp-alloc
#
interface Serial0/0
link-protocol ppp
ip address 1.1.1.2 255.255.255.252
#
interface Tunnel1
source 22.22.22.22
destination 11.11.11.11
mpls
#
interface NULL0
#
interface LoopBack1
ip address 22.22.22.22 255.255.255.255
#
bgp 1
undo synchronization
group m-ibgp internal
peer 11.11.11.11 group m-ibgp
peer 11.11.11.11 connect-interface LoopBack1
#
ipv4-family ***-instance A
import-route direct
import-route ospf 2
undo synchronization
#
ipv4-family ***-instance B
import-route direct
import-route ospf 3
import-route static
undo synchronization
#
ipv4-family ***v4
peer m-ibgp enable
peer 11.11.11.11 group m-ibgp
#
ospf 1
area 0.0.0.0
network 1.1.1.0 0.0.0.3
network 22.22.22.22 0.0.0.0
#
ospf 2 ***-instance A
import-route bgp
area 0.0.0.0
network 1.1.1.5 0.0.0.0
#
ospf 3 ***-instance B
import-route bgp
area 0.0.0.0
network 1.1.1.5 0.0.0.0
#
route-policy DJS permit node 10
if-match acl 2000
apply access-*** ***-instance B A
#
FTP server enable
#
ip route-static ***-instance B 192.168.10.0 255.255.255.0 ***-instance A 1.1.1.6 preference 60
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
#
sysname PE2
#
cpu-usage cycle 1min
#
mpls lsr-id 22.22.22.22
#
radius scheme system
#
mpls
#
ip ***-instance A
route-distinguisher 1:1
***-target 1:1 export-extcommunity
***-target 1:1 import-extcommunity
#
ip ***-instance B
route-distinguisher 1:2
***-target 1:2 export-extcommunity
***-target 1:2 import-extcommunity
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
#
acl number 2000
rule 1 permit ***-instance A source 192.168.10.0 0.0.0.255
#
interface Aux0
async mode flow
#
interface Ethernet0/0
ip address dhcp-alloc
#
interface Ethernet0/0.1
ip binding ***-instance A
ip address 1.1.1.5 255.255.255.252
ip policy route-policy DJS
vlan-type dot1q vid 1
#
interface Ethernet0/0.2
ip binding ***-instance B
ip address 1.1.1.5 255.255.255.252
vlan-type dot1q vid 2
#
interface Ethernet0/1
ip address dhcp-alloc
#
interface Serial0/0
link-protocol ppp
ip address 1.1.1.2 255.255.255.252
#
interface Tunnel1
source 22.22.22.22
destination 11.11.11.11
mpls
#
interface NULL0
#
interface LoopBack1
ip address 22.22.22.22 255.255.255.255
#
bgp 1
undo synchronization
group m-ibgp internal
peer 11.11.11.11 group m-ibgp
peer 11.11.11.11 connect-interface LoopBack1
#
ipv4-family ***-instance A
import-route direct
import-route ospf 2
undo synchronization
#
ipv4-family ***-instance B
import-route direct
import-route ospf 3
import-route static
undo synchronization
#
ipv4-family ***v4
peer m-ibgp enable
peer 11.11.11.11 group m-ibgp
#
ospf 1
area 0.0.0.0
network 1.1.1.0 0.0.0.3
network 22.22.22.22 0.0.0.0
#
ospf 2 ***-instance A
import-route bgp
area 0.0.0.0
network 1.1.1.5 0.0.0.0
#
ospf 3 ***-instance B
import-route bgp
area 0.0.0.0
network 1.1.1.5 0.0.0.0
#
route-policy DJS permit node 10
if-match acl 2000
apply access-*** ***-instance B A
#
FTP server enable
#
ip route-static ***-instance B 192.168.10.0 255.255.255.0 ***-instance A 1.1.1.6 preference 60
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
-----------------------------------------------------
[MCE]dis cur#
sysname MCE
#
cpu-usage cycle 1min
#
radius scheme system
#
ip ***-instance A
route-distinguisher 1:1
#
ip ***-instance B
route-distinguisher 1:2
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
#
interface Aux0
async mode flow
#
interface GigabitEthernet0/0/0
ip address dhcp-alloc
#
interface GigabitEthernet0/0/0.1
ip binding ***-instance A
ip address 1.1.1.6 255.255.255.252
vlan-type dot1q vid 1
#
interface GigabitEthernet0/0/0.2
ip binding ***-instance B
ip address 1.1.1.6 255.255.255.252
vlan-type dot1q vid 2
#
interface GigabitEthernet0/0/1
ip binding ***-instance A
ip address 192.168.10.1 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address dhcp-alloc
#
interface NULL0
#
interface LoopBack1
ip address 33.33.33.33 255.255.255.255
#
interface LoopBack2
ip binding ***-instance A
ip address 123.123.123.123 255.255.255.0
#
interface LoopBack3
ip binding ***-instance B
ip address 124.124.124.124 255.255.255.0
#
ospf 2 ***-instance A
***-instance-capability simple
area 0.0.0.0
network 1.1.1.6 0.0.0.0
network 123.123.123.0 0.0.0.255
network 192.168.10.0 0.0.0.255
#
ospf 3 ***-instance B
***-instance-capability simple
area 0.0.0.0
network 1.1.1.6 0.0.0.0
network 124.124.124.0 0.0.0.255
#
FTP server enable
#
ip route-static ***-instance A 0.0.0.0 0.0.0.0 1.1.1.5 preference 60
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
[MCE]
--------------------------------------------------------------------
关于配置解释,就不解释了大家自己去看手册吧
上一篇: S3C2440 中文手册 -5
下一篇: 「深入 Exchange 2013」18
- openvpn linux客户端使用
48876
- H3C基本命令大全
47944
- openvpn windows客户端使用
38725
- H3C IRF原理及 配置
35866
- Python exit()函数
30292
- openvpn mac客户端使用
27048
- python全系列官方中文文档
26077
- 1.常用turtle功能函数
20911
- python 获取网卡实时流量
20718
- python 获取Linux和Windows硬件信息
19077
- 使用ms-swift基于Qwen3-8B微调小说模型
522°
- pythonp爬虫-fanqienovel字体反爬实战
615°
- 大模型基础架构
618°
- AI多模态- Janus-Pro-7B模型推理微调,融合实战2
623°
- Selenium加载用户目录爬取某宝电商数据
599°
- Scrapy对接Pyppeteer
582°
- WSL从C盘迁移到D盘
652°
- AI多模态- Janus-Pro-7B模型本地部署1
721°
- Dify+Ollama+deepseek部署本地大模型
844°
- Ubuntu上安装部署Dify
955°
- 姓名:Run
- 职业:谜
- 邮箱:383697894@qq.com
- 定位:上海 · 松江
