跨国公司MPLS ***经典架构图
跨国公司MPLS经典架构图
要求:CNPO和 GZPO internet 流量都走总部SEBO Hub site出去
PE 配置如下:
R1#sh run
Building configuration...
Current configuration : 2051 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
ip vrf yeslab
rd 123:4
route-target export 123:4
route-target import 123:5
route-target import 123:6
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
mpls label range 100 199
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
interface Loopback0
ip address 11.1.1.1 255.255.255.255
ip ospf 110 area 0
!
interface FastEthernet0/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet0/1
ip vrf forwarding yeslab
ip address 14.1.1.1 255.255.255.0
speed auto
duplex auto
!
interface Serial1/0
ip address 17.1.1.1 255.255.255.0
ip ospf 110 area 0
mpls ip
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
description line for internet
ip address 41.1.1.1 255.255.255.0
serial restart-delay 0
!
router ospf 110
log-adjacency-changes
default-information originate
!
router bgp 123
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 11.1.1.7 remote-as 123
neighbor 11.1.1.7 update-source Loopback0
!
address-family ipv4
no synchronization
no auto-summary
exit-address-family
!
address-family ***v4
neighbor 11.1.1.7 activate
neighbor 11.1.1.7 send-community extended
exit-address-family
!
address-family ipv4 vrf yeslab
no synchronization
neighbor 14.1.1.4 remote-as 4
neighbor 14.1.1.4 ebgp-multihop 255
neighbor 14.1.1.4 activate
exit-address-family
!
no ip http server
no ip http secure-server
!
!
ip route 0.0.0.0 0.0.0.0 Serial1/3 41.1.1.4
!
!
mpls ldp router-id Loopback0 force
!
!
control-plane
R2#sh run
Building configuration...
Current configuration : 1908 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
ip vrf yeslab
rd 123:5
route-target export 123:5
route-target import 123:4
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
mpls label range 200 299
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
interface Loopback0
ip address 11.1.1.2 255.255.255.255
ip ospf 110 area 0
!
interface FastEthernet0/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet0/1
ip vrf forwarding yeslab
ip address 25.1.1.2 255.255.255.0
speed auto
duplex auto
!
interface Serial1/0
ip address 27.1.1.2 255.255.255.0
ip ospf 110 area 0
mpls ip
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router ospf 110
log-adjacency-changes
!
router bgp 123
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 11.1.1.7 remote-as 123
neighbor 11.1.1.7 update-source Loopback0
!
address-family ipv4
no synchronization
no auto-summary
exit-address-family
!
address-family ***v4
neighbor 11.1.1.7 activate
neighbor 11.1.1.7 send-community extended
exit-address-family
!
address-family ipv4 vrf yeslab
no synchronization
neighbor 25.1.1.5 remote-as 5
neighbor 25.1.1.5 ebgp-multihop 255
neighbor 25.1.1.5 activate
exit-address-family
!
no ip http server
no ip http secure-server
!
!
!
!
mpls ldp router-id Loopback0 force
!
!
control-plane
R3#sh run
Building configuration...
Current configuration : 1908 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
ip vrf yeslab
rd 123:6
route-target export 123:6
route-target import 123:4
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
mpls label range 300 399
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
interface Loopback0
ip address 11.1.1.3 255.255.255.255
ip ospf 110 area 0
!
interface FastEthernet0/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet0/1
ip vrf forwarding yeslab
ip address 36.1.1.3 255.255.255.0
speed auto
duplex auto
!
interface Serial1/0
ip address 37.1.1.3 255.255.255.0
ip ospf 110 area 0
mpls ip
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router ospf 110
log-adjacency-changes
!
router bgp 123
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 11.1.1.7 remote-as 123
neighbor 11.1.1.7 update-source Loopback0
!
address-family ipv4
no synchronization
no auto-summary
exit-address-family
!
address-family ***v4
neighbor 11.1.1.7 activate
neighbor 11.1.1.7 send-community extended
exit-address-family
!
address-family ipv4 vrf yeslab
no synchronization
neighbor 36.1.1.6 remote-as 6
neighbor 36.1.1.6 ebgp-multihop 255
neighbor 36.1.1.6 activate
exit-address-family
!
no ip http server
no ip http secure-server
!
!
!
!
mpls ldp router-id Loopback0 force
!
!
control-plane
P配置如下:
R7#sh run
Building configuration...
Current configuration : 2151 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R7
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
mpls label range 700 799
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
interface Loopback0
ip address 11.1.1.7 255.255.255.255
ip ospf 110 area 0
!
interface FastEthernet0/0
ip address 78.1.1.7 255.255.255.0
ip ospf 110 area 0
speed auto
duplex auto
!
interface FastEthernet0/1
no ip address
shutdown
speed auto
duplex auto
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
ip address 17.1.1.7 255.255.255.0
ip ospf 110 area 0
mpls ip
serial restart-delay 0
!
interface Serial1/2
ip address 27.1.1.7 255.255.255.0
ip ospf 110 area 0
mpls ip
serial restart-delay 0
!
interface Serial1/3
ip address 37.1.1.7 255.255.255.0
ip ospf 110 area 0
mpls ip
serial restart-delay 0
!
router ospf 110
log-adjacency-changes
!
router bgp 123
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 11.1.1.1 remote-as 123
neighbor 11.1.1.1 update-source Loopback0
neighbor 11.1.1.2 remote-as 123
neighbor 11.1.1.2 update-source Loopback0
neighbor 11.1.1.3 remote-as 123
neighbor 11.1.1.3 update-source Loopback0
!
address-family ipv4
no synchronization
no auto-summary
exit-address-family
!
address-family ***v4
neighbor 11.1.1.1 activate
neighbor 11.1.1.1 send-community extended
neighbor 11.1.1.1 route-reflector-client
neighbor 11.1.1.2 activate
neighbor 11.1.1.2 send-community extended
neighbor 11.1.1.2 route-reflector-client
neighbor 11.1.1.3 activate
neighbor 11.1.1.3 send-community extended
neighbor 11.1.1.3 route-reflector-client
exit-address-family
!
no ip http server
no ip http secure-server
!
!
!
!
mpls ldp router-id Loopback0 force
!
!
control-plane
CE配置如下:
R4#sh run
Building configuration...
Current configuration : 1658 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R4
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
interface Loopback0
ip address 11.1.1.4 255.255.255.255
!
interface Loopback1
ip address 192.168.4.1 255.255.255.255
ip nat inside
!
interface FastEthernet0/0
ip address 14.1.1.4 255.255.255.0
ip nat inside
speed auto
duplex auto
!
interface FastEthernet0/1
no ip address
shutdown
speed auto
duplex auto
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
description for internet
ip address 41.1.1.4 255.255.255.0
ip nat outside
serial restart-delay 0
!
router bgp 4
no synchronization
bgp log-neighbor-changes
network 192.168.4.1 mask 255.255.255.255
neighbor 14.1.1.1 remote-as 123
neighbor 14.1.1.1 ebgp-multihop 255
neighbor 14.1.1.1 default-originate
no auto-summary
!
ip nat inside source list ALL interface Serial1/3 overload
no ip http server
no ip http secure-server
!
!
ip route 0.0.0.0 0.0.0.0 Serial1/3 41.1.1.1
!
ip access-list extended ALL
permit ip 192.168.0.0 0.0.255.255 any
!
!
!
!
control-plane
R5#sh run
Building configuration...
Current configuration : 1367 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R5
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
interface Loopback0
ip address 11.1.1.5 255.255.255.255
!
interface Loopback1
ip address 192.168.5.1 255.255.255.255
!
interface FastEthernet0/0
ip address 25.1.1.5 255.255.255.0
speed auto
duplex auto
!
interface FastEthernet0/1
no ip address
shutdown
speed auto
duplex auto
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router bgp 5
no synchronization
bgp log-neighbor-changes
network 192.168.5.1 mask 255.255.255.255
neighbor 25.1.1.2 remote-as 123
neighbor 25.1.1.2 ebgp-multihop 255
no auto-summary
!
no ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
R6#sh run
Building configuration...
Current configuration : 1367 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R6
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
interface Loopback0
ip address 11.1.1.6 255.255.255.255
!
interface Loopback1
ip address 192.168.6.1 255.255.255.255
!
interface FastEthernet0/0
ip address 36.1.1.6 255.255.255.0
speed auto
duplex auto
!
interface FastEthernet0/1
no ip address
shutdown
speed auto
duplex auto
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router bgp 6
no synchronization
bgp log-neighbor-changes
network 192.168.6.1 mask 255.255.255.255
neighbor 36.1.1.3 remote-as 123
neighbor 36.1.1.3 ebgp-multihop 255
no auto-summary
!
no ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
Internet 配置如下:
R8#sh run
Building configuration...
Current configuration : 948 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R8
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
ip source-route
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
interface Loopback0
ip address 8.8.8.8 255.255.255.255
ip ospf 110 area 0
!
interface Loopback1
no ip address
!
interface FastEthernet0/0
ip address 78.1.1.8 255.255.255.0
ip ospf 110 area 0
speed auto
duplex auto
!
interface FastEthernet0/1
no ip address
shutdown
speed auto
duplex auto
!
router ospf 110
log-adjacency-changes
!
no ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
转载于:https://blog.51cto.com/ericfu/1698320