使用SR替代LDP,配置ospfsham-link
免责声明:
1.本文所使用的软件均来自互联网,作者只为学习目的使用该软件,没有任何软件分发行为。
2.本文所展示的配置只适用于实验环境,不建议在生产环境使用完全相同的配置;由此导致的任何问题,作者不负任何责任。
实验拓扑
让客户满意是我们工作的目标,不断超越客户的期望值来自于我们对这个行业的热爱。我们立志把好的技术通过有效、简单的方式提供给客户,将通过不懈努力成为客户在信息化领域值得信任、有价值的长期合作伙伴,公司提供的服务项目有:申请域名、虚拟主机、营销软件、网站建设、黔西南州网站维护、网站推广。
IP地址规划
设备 | Loopback 0 | Loopback 1 | G1 | G2 |
---|---|---|---|---|
CSR1 | 11.1.1.1/32 | 11.1.1.2/32 | 172.16.0.1/30 | 14.1.1.1/30 |
CSS2 | 22.1.1.1/32 | -- | 172.16.0.2/30 | 172.16.0.6/30 |
xrv | 33.1.1.1/32 | 33.1.1.2/32 | G0/0/0/2 172.16.0.5/30 | G0/0/0/0 35.1.1.1/30 |
vIOS4 | 44.1.1.1/32 | -- | G0/0 14.1.1.2/30 | G0/1 45.1.1.1/30 |
vIOS5 | 55.1.1.1/32 | -- | G0/0 35.1.1.2/30 | G0/1 45.1.1.2/30 |
设备型号及软件版本
设备 | 平台 | 软件版本 |
---|---|---|
vIOS4、vIOS5 | VIOS-ADVENTERPRISEK9-M | 15.6(2)T |
CSR1, CSR2 | X86_64_LINUX_IOSD-UNIVERSALK9-M | 16.6.2 |
XRv | ASR9000 IOS-XR | 6.0.1 |
目标
1. CSR1, CSR2和xrv配置 IS-IS协议作为底层IGP,在此基础上配置segment-routing。
2. CSR1和xrv作为PE设备,配置×××v4 BGP邻居,AS号64512。
3. CSR1和vIOS4配置单区域OSPFv2,进程ID 2019;xrv与vIOS5配置单区域OSPFv2,进程ID 2019;PE设备配置OSPFv2和MP-BGP双向重分布。
4. CSR1和xrv配置loopback 1接口,将该接口划分为客户VRF下,并在MP-BGP进程,客户VRF下宣告主机路由。
5. CSR1和xrv的OSPFv2配置sham-link
配置步骤
MPLS ×××基本配置步骤:
1.配置IGP,
2.配置MPLS(segment-routing),
3.配置MP-BGP,
4.配置VRF,
5.配置PE-CE路由协议,
6.PE 配置MP-BGP和VRF路由重分布。
IOS-XE和IOS-XR配置IGP(IS-IS)
设备接口IP地址配置(略)
- XEv3
router isis igp
is-type level-2-only !---配置ISIS为骨干区域
net 49.2019.0519.0001.00
log-adjacency-changes !---记录邻接log信息
metric-style wide !---使能isis宽度量
exit
interface Loopback0
ip router isis igp
interface GigabitEthernet1
ip router isis igp
isis circuit-type level-2-only !---修改链路为level-2
isis network point-to-point !---修改ISIS网络类型
- XRv4
router isis igp
is-type level-2-only
net 49.2019.0519.0003.00
log adjacency changes
address-family ipv4 unicast
metric-style wide
interface Loopback0
address-family ipv4 unicast
interface GigabitEthernet0/0/0/0
address-family ipv4 unicast
circuit-type level-2-only
point-to-point
commit
2 验证IS-IS
CSR2#show ip route isis | b bn
11.0.0.0/32 is subnetted, 1 subnets
i L2 11.1.1.1 [115/20] via 172.16.0.1, 1d00h, GigabitEthernet1
33.0.0.0/32 is subnetted, 1 subnets
i L2 33.1.1.1 [115/20] via 172.16.0.5,19:06:28, GigabitEthernet2
RP/0/0/CPU0:xrv#show route ipv4 isis
i L2 11.1.1.1/32 [115/30] via 172.16.0.6, 19:11:15, GigabitEthernet0/0/0/2
i L2 22.1.1.1/32 [115/20] via 172.16.0.6, 19:11:15, GigabitEthernet0/0/0/2
i L2 172.16.0.0/30 [115/20] via 172.16.0.6, 19:11:15, GigabitEthernet0/0/0/2
3 配置MPLS(segment-routing)
XEv3
segment-routing mpls
connected-prefix-sid-map
address-family ipv4
11.1.1.1/32 index 1 range 1
exit-address-family
router isis igp
segment-routing mpls- XRv4
segment-routing
router isis igp
address-family ipv4 unicast
metric-style wide
segment-routing mpls
interface Loopback0
address-family ipv4 unicast
prefix-sid index 33
commit
4 验证MPLS
CSR1#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 172.16.0.2-A 0 Gi1 172.16.0.2
21 Pop Label 11.1.1.2/32[V] 0 aggregate/ospf
16022 Pop Label 22.1.1.1/32 0 Gi1 172.16.0.2
16033 16033 33.1.1.1/32 0 Gi1 172.16.0.2RP/0/0/CPU0:xrv#show mpls forwarding
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched16011 16011 SR Pfx (idx 11) Gi0/0/0/2 172.16.0.6 208166
16022 Pop SR Pfx (idx 22) Gi0/0/0/2 172.16.0.6 0
24006 Pop SR Adj (idx 1) Gi0/0/0/2 172.16.0.6 0
24007 Pop SR Adj (idx 3) Gi0/0/0/2 172.16.0.6 0
5 配置MP-BGP
CSR1
router bgp 64512
bgp router-id 11.1.1.1
no bgp default ipv4-unicast
neighbor 33.1.1.1 remote-as 64512
neighbor 33.1.1.1 update-source Loopback0
address-family ***v4
neighbor 33.1.1.1 activatexrv
router bgp 64512
bgp router-id 33.1.1.1
address-family v4 unicast
neighbor 11.1.1.1
remote-as 64512
update-source Loopback0
address-family v4 unicast
commit- 验证如下:
CSR1#show bgp ***v4 unicast all sum | b gh
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
33.1.1.1 4 64512 1254 1429 315 0 0 20:17:43 4RP/0/0/CPU0:xrv#show bgp ***v4 unicast summary | b gh
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
11.1.1.1 0 64512 1890 1674 249 0 0 20:18:04 4
6 配置VRF and PE-CE routing protocol
6.1定义VRF
CSR1
vrf definition AAA
rd 64512:4
address-family ipv4
route-target export 64512:45
route-target import 64512:45
exit-address-family- xrv
vrf AAA
address-family ipv4 unicast
import route-target
64512:45
export route-target
64512:45
6.2 PE to CE Interface config
CSR1
interface GigabitEthernet2
vrf forwarding AAA
ip address 14.1.1.1 255.255.255.252
no shutdown- xrv
interface GigabitEthernet0/0/0/0
vrf AAA
ipv4 address 35.1.1.1 255.255.255.252
no shutdown
6.3 PE OSPFv2 config
CSR1
router ospf 2019 vrf AAA
router-id 14.1.1.1
interface GigabitEthernet2
ip ospf network point-to-point
ip ospf 14 area 0- xrv
router ospf 35
address-family ipv4 unicast
vrf AAA
router-id 35.1.1.1
address-family ipv4 unicast
area 0
interface GigabitEthernet0/0/0/0
network point-to-point
6.4 CE OSPFv2 config
vIOS4
interface GigabitEthernet0/0
ip address 14.1.1.2 255.255.255.252
no shutdown
ip ospf 2019 area 0
ip ospf network point-to-point
router ospf 2019
router-id 44.1.1.1- vIOS5
interface GigabitEthernet0/0
ipv4 address 35.1.1.2 255.255.255.252
no shutdown
ip ospf 2019 area 0
ip ospf network point-to-point
router ospf 2019
router-id 55.1.1.1
6.5 PE OSPFv2 and MP-BGP redistribute
CSR1
router ospf 14 vrf AAA
redistribute bgp 64512 metric-type 1 subnets
interface GigabitEthernet2
router bgp 64512
address-family ipv4 vrf AAA
redistribute ospf 14 match internal external 1 external 2- xrv
router ospf 35
vrf AAA
redistribute bgp 64512 metric-type 1
router bgp 64512
vrf AAA
rd 64512:5
address-family ipv4 unicast
redistribute ospf 35 match internal external
6.6 验证PE-CE OSPFv2配置
CSR1#show ip route vrf AAA ospf | b bn
35.0.0.0/30 is subnetted, 1 subnets
O 35.1.1.0 [110/2] via 33.1.1.1, 00:00:32
44.0.0.0/32 is subnetted, 1 subnets
O 44.1.1.1 [110/2] via 14.1.1.2, 00:00:34, GigabitEthernet2
45.0.0.0/29 is subnetted, 1 subnets
O IA 45.1.1.0 [110/20001] via 14.1.1.2, 00:00:34, GigabitEthernet2vIOS4#sho ip route ospf | b bn
35.0.0.0/30 is subnetted, 1 subnets
O E1 35.1.1.0 [110/2] via 14.1.1.1, 00:23:54, GigabitEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
O E1 55.1.1.1 [110/3] via 14.1.1.1, 00:23:54, GigabitEthernet0/0vIOS4#ping 55.1.1.1 sour lo 0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 55.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 44.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 11/15/33 ms
vIOS4#traceroute 55.1.1.1 sour lo 0
Type escape sequence to abort.
Tracing the route to 55.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 14.1.1.1 8 msec 5 msec 3 msec
2 172.16.0.2 [MPLS: Labels 16033/24003 Exp 0] 19 msec 25 msec 10 msec
3 172.16.0.5 [MPLS: Label 24003 Exp 0] 13 msec 12 msec 8 msec
4 35.1.1.2 12 msec 19 msec *
vIOS4#CSR1#sho bgp *v4 uni all 44.1.1.1
BGP routing table entry for 64512:4:44.1.1.1/32, version 383
Paths: (1 available, best #1, table AAA)
Advertised to update-groups:
5
Refresh Epoch 1
Local
14.1.1.2 (via vrf ospf) from 0.0.0.0 (11.1.1.1)
Origin incomplete, metric 2, localpref 100, weight 32768, valid, sourced, best
Extended Community: RT:64512:45 OSPF DOMAIN ID:0x0005:0x0000000E0200
OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:14.1.1.1:0
mpls labels in/out 23/nolabel
rx pathid: 0, tx pathid: 0x0
!--- DOMAIN ID:0x0005:0x0000000E0200 16进制E=10进制14**(CSR1 ospfv2 进程ID)
6.7 修改/添加ospfv2 DOMAIN ID
IOS-XR默认不携带DOMAIN ID值
RP/0/0/CPU0:xrv#show bgp ***v4 uni vrf ospf 55.1.1.1/32
BGP routing table entry for 55.1.1.1/32, Route Distinguisher: 64512:5
Versions:
Process bRIB/RIB SendTblVer
Speaker 345 345
Local Label: 24003
Last Modified: May 22 02:21:42.463 for 06:05:44
Paths: (1 available, best #1)
Advertised to peers (in unique update groups):
11.1.1.1
Path #1: Received by speaker 0
Advertised to peers (in unique update groups):
11.1.1.1
Local
35.1.1.2 from 0.0.0.0 (33.1.1.1)
Origin incomplete, metric 2, localpref 100, weight 32768, valid, redistributed, best, group-best, import-candidate
Received Path ID 0, Local Path ID 1, version 345
Extended community: OSPF route-type:0:1:0x0 OSPF router-id:35.1.1.1 RT:64512:45CSR1#show bgp ***v4 uni vrf AAA 55.1.1.1/32
BGP routing table entry for 64512:4:55.1.1.1/32, version 417
Paths: (1 available, best #1, table ospf, RIB-failure(17))
Not advertised to any peer
Refresh Epoch 1
Local, imported path from 64512:5:55.1.1.1/32 (global)
33.1.1.1 (metric 30) (via default) from 33.1.1.1 (33.1.1.1)
Origin incomplete, metric 2, localpref 100, valid, internal, best
Extended Community: RT:64512:45 OSPF RT:0.0.0.0:1:0
OSPF ROUTER ID:35.1.1.1:0
mpls labels in/out nolabel/24003
rx pathid: 0, tx pathid: 0x0- 在IOS-XR设备添加DOMAIN ID
RP/0/0/CPU0:xrv#conf
RP/0/0/CPU0:xrv(config)#router ospf 35
RP/0/0/CPU0:xrv(config-ospf)#vrf AAA
RP/0/0/CPU0:xrv(config-ospf-vrf)#domain-id type 0005 value 000000230200
RP/0/0/CPU0:xrv(config-ospf-vrf)#commit
!--- 23(hex)=35(dec)
RP/0/0/CPU0:xrv(config-ospf-vrf)#do show bgp ***v4 uni vrf ospf 55.1.1.1/32 | in community
Wed May 22 09:38:03.422 UTC
Extended community: OSPF domain-id:0x5:0x000000230200 OSPF route-type:0:1:0x0 OSPF router-id:35.1.1.1 RT:64512:45CSR1#show bgp ***v4 uni vrf ospf 55.1.1.1/32 | i unity
Extended Community: RT:64512:45 OSPF DOMAIN ID:0x0005:0x000000230200
6.8 配置CE之间的backdoor link
- vIOS5
interface GigabitEthernet0/1
ip address 45.1.1.5 255.255.255.248
ip ospf network point-to-point
ip ospf 2019 area 45
ip ospf cost 20000
!---模拟×××链路故障,在vIOS5上手工shutdown链路
vIOS5(config-if)#int g0/0
vIOS5(config-if)#shu
May 20 10:17:09.190: %OSPF-5-ADJCHG: Process 2019, Nbr 35.1.1.1 on GigabitEthernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
May 20 10:17:11.136: %LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to administratively down
May 20 10:17:12.137: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to down
vIOS5(config-if)#
vIOS5(config-if)#do sho ip route ospf | b bn
14.0.0.0/30 is subnetted, 1 subnets
O IA 14.1.1.0 [110/20001] via 45.1.1.4, 00:00:33, GigabitEthernet0/1
35.0.0.0/30 is subnetted, 1 subnets
O 35.1.1.0 [110/20003] via 45.1.1.4, 00:00:33, GigabitEthernet0/1
44.0.0.0/32 is subnetted, 1 subnets
O IA 44.1.1.1 [110/20001] via 45.1.1.4, 00:00:33, GigabitEthernet0/1
vIOS5(config-if)#
!---在vIOS4上查看ospf路由
vIOS4#sho ip route ospf | b bn
35.0.0.0/30 is subnetted, 1 subnets
O IA 35.1.1.0 [110/3] via 14.1.1.1, 00:09:31, GigabitEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
O IA 55.1.1.1 [110/4] via 14.1.1.1, 00:09:31, GigabitEthernet0/0
vIOS4#sho ip route ospf | b bn
35.0.0.0/30 is subnetted, 1 subnets
O IA 35.1.1.0 [110/3] via 14.1.1.1, 00:11:41, GigabitEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
O IA 55.1.1.1 [110/20001] via 45.1.1.5, 00:00:05, GigabitEthernet0/1
!---恢复链路
vIOS5(config-if)#no shu
May 20 10:18:48.972: %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to up
May 20 10:18:49.971: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up
May 20 10:19:04.220: %OSPF-5-ADJCHG: Process 2019, Nbr 35.1.1.1 on GigabitEthernet0/0 from LOADING to FULL, Loading DonevIOS4#sho ip route ospf | b bn
35.0.0.0/30 is subnetted, 1 subnets
O IA 35.1.1.0 [110/3] via 14.1.1.1, 00:14:48, GigabitEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
O IA 55.1.1.1 [110/4] via 14.1.1.1, 00:01:18, GigabitEthernet0/0
6.9 配置OSPFv2 sham-link
6.9.1 Config loopback 1 and propaganda into BGP VRF address-family IPv4
- CSR1
interface Loopback1
vrf forwarding ospf
ipv4 address 11.1.1.2 255.255.255.255
router bgp 64512
address-family ipv4 vrf AAA
network 11.1.1.2 mask 255.255.255.255
- xrv
interface Loopback1
vrf AAA
ipv4 address 33.1.1.2 255.255.255.255
router bgp 64512
vrf AAA
address-family ipv4 unicast
network 33.1.1.2/32
6.9.2 Under OSPFv2 process config sham-link
CSR1
router ospf 14 vrf AAA
area 0 sham-link 11.1.1.2 33.1.1.2 cost 200- xrv
router ospf 35
vrf AAA
address-family ipv4 unicast
area 0
sham-link 33.1.1.2 11.1.1.2
cost 200
6.10 验证sham-ink
CSR1(config-router)#area 0 sham-link 11.1.1.2 33.1.1.2 cost 200
CSR1(config-router)#do sho ip ospf neig
*May 22 08:45:02.593: %OSPF-5-ADJCHG: Process 14, Nbr 35.1.1.1 on OSPF_SL3 from LOADING to FULL, Loading Done
Neighbor ID Pri State Dead Time Address Interface
35.1.1.1 0 FULL/ - 00:00:37 33.1.1.2 OSPF_SL3
44.1.1.1 0 FULL/ - 00:00:34 14.1.1.2 GigabitEthernet2CSR1#show ip route vrf AAA ospf | b bn
35.0.0.0/30 is subnetted, 1 subnets
O 35.1.1.0 [110/201] via 33.1.1.1, 01:04:13
44.0.0.0/32 is subnetted, 1 subnets
O 44.1.1.1 [110/2] via 14.1.1.2, 01:05:46, GigabitEthernet2
45.0.0.0/29 is subnetted, 1 subnets
O IA 45.1.1.0 [110/20001] via 14.1.1.2, 01:05:46, GigabitEthernet2
55.0.0.0/32 is subnetted, 1 subnets
O 55.1.1.1 [110/202] via 33.1.1.1, 01:04:13
vIOS4#sho ip route ospf | b bn
11.0.0.0/32 is subnetted, 1 subnets
O E1 11.1.1.2 [110/2] via 14.1.1.1, 01:06:20, GigabitEthernet0/0
33.0.0.0/32 is subnetted, 1 subnets
O E1 33.1.1.2 [110/2] via 14.1.1.1, 01:06:20, GigabitEthernet0/0
35.0.0.0/30 is subnetted, 1 subnets
O 35.1.1.0 [110/202] via 14.1.1.1, 01:04:42, GigabitEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
O 55.1.1.1 [110/203] via 14.1.1.1, 01:04:42, GigabitEthernet0/0
6.11 隐藏sham-link地址
CSR1:
ip prefix-list conn seq 5 permit 11.1.1.2/32
ip prefix-list conn seq 10 permit 33.1.1.2/32
route-map deny-conn deny 10
match ip address prefix-list conn
route-map deny-conn permit 20
CSR1(config-router-af)#router ospf 14 vrf ospf
CSR1(config-router)#redis bgp 64512 subnets route-map deny-conn- xrv:
prefix-set conn
11.1.1.2/32,
33.1.1.2/32
end-setroute-policy deny-conn
if destination in conn then
drop
else
pass
endif
end-policyRP/0/0/CPU0:xrv(config)#router ospf 35
RP/0/0/CPU0:xrv(config-ospf)#vrf ospf
RP/0/0/CPU0:xrv(config-ospf-vrf)#redist bgp 64512 route-policy deny-conn
RP/0/0/CPU0:xrv(config-ospf-vrf)#commitvIOS5#sho ip route ospf | b bn
14.0.0.0/30 is subnetted, 1 subnets
O 14.1.1.0 [110/202] via 35.1.1.1, 00:07:05, GigabitEthernet0/0
44.0.0.0/32 is subnetted, 1 subnets
O 44.1.1.1 [110/203] via 35.1.1.1, 00:07:05, GigabitEthernet0/0
CE设备看不到sham-link地址
本文题目:使用SR替代LDP,配置ospfsham-link
URL网址:http://ybzwz.com/article/jcigos.html