关键词
MP-BGP,LDP,RR,ASBR,PE
优点
ASBR只需要维护公网IPv4路由信息,不再需要维护VPN信息;转发时也不需要交换底层标签,只需要交换公网标签即可,大幅降低ASBR在控制层面和转发层面的性能消耗。
关键技术
控制层面
控制层面主要涉及路由与标签分发的问题。
- 在AS内部,所有路由器通过IGP交换公网路由信息,并通过LDP相互分发外层公网标签;ASBR与PE/RR之间通过MP-IBGP建立IPv4和VPNv4地址簇的双毗邻关系。其中IPv4部分获取本端PE/RR的NLRI并传递给对端ASBR。VPNv4部分传递并通过携带扩展团体属性(extend community)交换VPN路由信息,同时承担本AS内部的底层私网标签的分发。
- 在AS之间,ASBR之间通过EBGP交换公网路由信息,并通过BGP更新消息中携带路由条目对应标签信息(RFC3107)交换中层BGP标签。ASBR通过IBGP把对端PE/RR的3层可达信息并传递给本AS的PE/RR。本端PE/RR与对端PE/RR之间通过MP-EBGP建立VPNv4地址簇的毗邻关系,并通过携带扩展团体属性(extend community)交换私网路由信息。MP-EBGP同时跨AS承担底层内网标签的分发。
转发层面(标签交换)
转发层面主要涉及LSP上的标签交换。标签交换主要分为从CE到PE,从PE/RR到PE/RR,从PE到CE三段LSP。
- PE从CE收到指向目的VPN的数据包后,检查FIB和LFIB,首先贴上由中转AS RR MP-BGP VPNv4分发的底层私网标签、中转AS RR MP-BGP IPv4分发的中层标签(为何是中转AS分发而非本地AS分发?因为IBGP默认不改变NLRI的next-hop属性)和IGP邻居LDP分发的外层公网标签,转发给下一跳。(如果PE与RR直连,则实际上只有一个私网标签,因为PHP)。
- RR收到后检查FIB和LFIB,底层私网标签、中层标签都不变,公网标签换成LDP下游分发的、指向对端中转PE/RR的标签。往后一直到对端PE/RR之前,途中LSR均只交换头标签,出标签均指向对端PE/RR。最终到达目的PE,并在倒数第二跳弹出顶层公网标签,只留下底层私网标签。
- 目的PE接到保留私网标签的数据包,检查LFIB知道目的地属于其中一个VRF实例,且不再使能mpls,因此弹出标签,将数据包转发至该出口并恢复路由转发。
详细介绍
Option C也称为Multihop EBGP redistribution of labeled VPN-IPv4 routes。与Option B相比,要求PE/RR之间直接建立域间VPNv4地址簇的eBGP邻居关系(需要支持eBGP多跳)。ASBR不再需要创建VRF,也不再传递VPN私网路由。
PE/RR的BGP从VRF实例提取IPv4路由,添加RD形成VPNv4 NLRI,由eBGP通告给对端PE/RR。RD通过NLRI里的扩展团体属性(extend community)携带。由于PE/RR的可达性信息只有在本AS内,对端AS无法获取该路由。有两种方式可以使对端PE/RR能够获得本地PE/RR的可达性路由信息:
方式一、本端ASBR通过其它路由协议(本实验中通过静态路由指定)获得对端AS中的PE/RR update-source,将其重分发到IGP中(本实验为OSPF),使本端PE/RR以Global Route的方式获得该路由。这时生成的LSP(标签交换路径)最多有2层标签:
- 内层为目的VPN的私网标签,由MP-BGP根据VPNv4 NLRI分发
- 外层为对端PE/RR的公网标签,由LDP分发
方式二、ASBR通过IBGP IPv4获取本地AS中PE/RR的update-source,并通过EBGP与对端ASBR交换。由于BGP默认不为ipv4路由绑定和分发标签,需要手动使能标签分发(RFC3107)。这时生成的LSP最多有3层标签:
- 内层为对端VPN的私网标签,由MP-BGP根据VPNv4 NLRI分发
- 中层为对端PE/RR的公网标签,由MP-BGP根据IPv4 NLRI分发
- 外层为本地ASBR的公网标签,由LDP分发
实验
上图中,AS100中的172.168.1.0/24要与AS300中的192.168.1.0/24通信。假设该VPN命名为VRF_1,ID统一分配为1。则AS100中的VRF RD为100:1,AS200中的VRF RD为200:1,AS300中的VRF RD为300:1。R1、R9分别作为AS100和AS300的PE;R2、R5、R8分别作为各自AS的RR;R3、R4、R6、R7分别作为各自AS的ASBR。为简化配置,PE接口直连终端,不再需要把MP-BGP所传送的VRF路由重分发到PE中。
邻接关系
本地PE与本地RR之间建立iBGP关系,交换VPNv4地址簇路由信息;不同AS的PE/RR相互间建立eBGP关系,交换VPNv4地址簇路由信息;本地ASBR与对端ASBR之间建立eBGP关系,交换IPv4路由。
配置
R1:
hostname R1 ! ip vrf VRF_1 rd 100:1 route-target export 100:1 route-target import 300:1 ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 interface Ethernet0/0 ip vrf forwarding VRF_1 ip address 172.16.1.1 255.255.255.0 interface Ethernet0/1 ip address 12.0.0.1 255.255.255.0 mpls ip ! router ospf 100 router-id 1.1.1.1 passive-interface Loopback0 network 1.1.1.1 0.0.0.0 area 0 network 12.0.0.1 0.0.0.0 area 0 ! router bgp 100 bgp router-id 1.1.1.1 no bgp default ipv4-unicast neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 ! address-family ipv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-label ! address-family vpnv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-community extended ! address-family ipv4 vrf VRF_1 redistribute connected ! mpls ldp router-id Loopback0 force end
R2:
hostname R2 ! ip vrf VRF_1 rd 100:1 route-target export 100:1 route-target export 300:1 route-target import 100:1 route-target import 300:1 ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 interface Ethernet0/0 ip address 12.0.0.2 255.255.255.0 mpls ip interface Ethernet0/1 ip address 23.0.0.2 255.255.255.0 mpls ip ! router ospf 100 router-id 2.2.2.2 passive-interface Loopback0 network 2.2.2.2 0.0.0.0 area 0 network 12.0.0.2 0.0.0.0 area 0 network 23.0.0.2 0.0.0.0 area 0 ! router bgp 100 bgp router-id 2.2.2.2 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor 1.1.1.1 remote-as 100 neighbor 1.1.1.1 update-source Loopback0 neighbor 3.3.3.3 remote-as 100 neighbor 3.3.3.3 update-source Loopback0 neighbor 5.5.5.5 remote-as 200 neighbor 5.5.5.5 ebgp-multihop 255 neighbor 5.5.5.5 update-source Loopback0 ! address-family ipv4 network 2.2.2.2 mask 255.255.255.255 neighbor 1.1.1.1 activate neighbor 1.1.1.1 route-reflector-client neighbor 1.1.1.1 send-label neighbor 3.3.3.3 activate neighbor 3.3.3.3 route-reflector-client neighbor 3.3.3.3 send-label ! address-family vpnv4 neighbor 1.1.1.1 activate neighbor 1.1.1.1 send-community extended neighbor 5.5.5.5 activate neighbor 5.5.5.5 send-community extended ! mpls ldp router-id Loopback0 force end
R3:
hostname R3 ! interface Loopback0 ip address 3.3.3.3 255.255.255.255 interface Ethernet0/0 ip address 23.0.0.3 255.255.255.0 mpls ip interface Ethernet0/1 ip address 34.0.0.3 255.255.255.0 mpls ip ! router ospf 100 router-id 3.3.3.3 passive-interface Loopback0 network 3.3.3.3 0.0.0.0 area 0 network 23.0.0.3 0.0.0.0 area 0 ! router bgp 100 bgp router-id 3.3.3.3 neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 neighbor 4.4.4.4 remote-as 200 neighbor 4.4.4.4 ebgp-multihop 2 neighbor 4.4.4.4 update-source Loopback0 ! address-family ipv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 next-hop-self neighbor 2.2.2.2 send-label neighbor 4.4.4.4 activate neighbor 4.4.4.4 send-label ! ip route 4.4.4.4 255.255.255.255 34.0.0.4 mpls ldp router-id Loopback0 force end
R4:
hostname R4 ! interface Loopback0 ip address 4.4.4.4 255.255.255.255 interface Ethernet0/0 ip address 34.0.0.4 255.255.255.0 mpls ip interface Ethernet0/1 ip address 45.0.0.4 255.255.255.0 mpls ip ! router ospf 100 router-id 4.4.4.4 passive-interface Loopback0 network 4.4.4.4 0.0.0.0 area 0 network 45.0.0.4 0.0.0.0 area 0 ! router bgp 200 bgp router-id 4.4.4.4 neighbor 3.3.3.3 remote-as 100 neighbor 3.3.3.3 ebgp-multihop 2 neighbor 3.3.3.3 update-source Loopback0 neighbor 5.5.5.5 remote-as 200 neighbor 5.5.5.5 update-source Loopback0 ! address-family ipv4 neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-label neighbor 5.5.5.5 activate neighbor 5.5.5.5 next-hop-self neighbor 5.5.5.5 send-label ! ip route 3.3.3.3 255.255.255.255 34.0.0.3 mpls ldp router-id Loopback0 force end
R5:
hostname R5 ! ip vrf VRF_1 rd 200:1 route-target export 100:1 route-target export 300:1 route-target import 100:1 route-target import 300:1 ! interface Loopback0 ip address 5.5.5.5 255.255.255.255 interface Ethernet0/0 ip address 45.0.0.5 255.255.255.0 mpls ip interface Ethernet0/1 ip address 56.0.0.5 255.255.255.0 mpls ip ! router ospf 100 router-id 5.5.5.5 passive-interface Loopback0 network 5.5.5.5 0.0.0.0 area 0 network 45.0.0.5 0.0.0.0 area 0 network 56.0.0.5 0.0.0.0 area 0 ! router bgp 200 bgp router-id 5.5.5.5 no bgp default ipv4-unicast neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 ebgp-multihop 255 neighbor 2.2.2.2 update-source Loopback0 neighbor 4.4.4.4 remote-as 200 neighbor 4.4.4.4 update-source Loopback0 neighbor 6.6.6.6 remote-as 200 neighbor 6.6.6.6 update-source Loopback0 neighbor 8.8.8.8 remote-as 300 neighbor 8.8.8.8 ebgp-multihop 255 neighbor 8.8.8.8 update-source Loopback0 ! address-family ipv4 network 5.5.5.5 mask 255.255.255.255 neighbor 4.4.4.4 activate neighbor 4.4.4.4 route-reflector-client neighbor 4.4.4.4 send-label neighbor 6.6.6.6 activate neighbor 6.6.6.6 route-reflector-client neighbor 6.6.6.6 send-label ! address-family vpnv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-community extended neighbor 8.8.8.8 activate neighbor 8.8.8.8 send-community extended ! mpls ldp router-id Loopback0 force end
R6:
hostname R6 ! interface Loopback0 ip address 6.6.6.6 255.255.255.255 interface Ethernet0/0 ip address 56.0.0.6 255.255.255.0 mpls ip interface Ethernet0/1 ip address 67.0.0.6 255.255.255.0 mpls ip ! router ospf 100 router-id 6.6.6.6 passive-interface Loopback0 network 6.6.6.6 0.0.0.0 area 0 network 56.0.0.6 0.0.0.0 area 0 ! router bgp 200 bgp router-id 6.6.6.6 neighbor 5.5.5.5 remote-as 200 neighbor 5.5.5.5 update-source Loopback0 neighbor 7.7.7.7 remote-as 300 neighbor 7.7.7.7 ebgp-multihop 2 neighbor 7.7.7.7 update-source Loopback0 ! address-family ipv4 neighbor 5.5.5.5 activate neighbor 5.5.5.5 next-hop-self neighbor 5.5.5.5 send-label neighbor 7.7.7.7 activate neighbor 7.7.7.7 send-label ! ip route 7.7.7.7 255.255.255.255 67.0.0.7 mpls ldp router-id Loopback0 force end
R7:
hostname R7 ! interface Loopback0 ip address 7.7.7.7 255.255.255.255 interface Ethernet0/0 ip address 67.0.0.7 255.255.255.0 mpls ip interface Ethernet0/1 ip address 78.0.0.7 255.255.255.0 mpls ip ! router ospf 100 router-id 7.7.7.7 passive-interface Loopback0 network 7.7.7.7 0.0.0.0 area 0 network 78.0.0.7 0.0.0.0 area 0 ! router bgp 300 bgp router-id 7.7.7.7 bgp log-neighbor-changes neighbor 6.6.6.6 remote-as 200 neighbor 6.6.6.6 ebgp-multihop 2 neighbor 6.6.6.6 update-source Loopback0 neighbor 8.8.8.8 remote-as 300 neighbor 8.8.8.8 update-source Loopback0 ! address-family ipv4 neighbor 6.6.6.6 activate neighbor 6.6.6.6 send-label neighbor 8.8.8.8 activate neighbor 8.8.8.8 next-hop-self neighbor 8.8.8.8 send-label ! ip route 6.6.6.6 255.255.255.255 67.0.0.6 mpls ldp router-id Loopback0 force end
R8:
hostname R8 ! ip vrf VRF_1 rd 300:1 route-target export 300:1 route-target export 100:1 route-target import 300:1 route-target import 100:1 ! interface Loopback0 ip address 8.8.8.8 255.255.255.255 interface Ethernet0/0 ip address 78.0.0.8 255.255.255.0 mpls ip interface Ethernet0/1 ip address 89.0.0.8 255.255.255.0 mpls ip ! router ospf 100 router-id 8.8.8.8 passive-interface Loopback0 network 8.8.8.8 0.0.0.0 area 0 network 78.0.0.8 0.0.0.0 area 0 network 89.0.0.8 0.0.0.0 area 0 ! router bgp 300 bgp router-id 8.8.8.8 no bgp default ipv4-unicast neighbor 5.5.5.5 remote-as 200 neighbor 5.5.5.5 ebgp-multihop 255 neighbor 5.5.5.5 update-source Loopback0 neighbor 7.7.7.7 remote-as 300 neighbor 7.7.7.7 update-source Loopback0 neighbor 9.9.9.9 remote-as 300 neighbor 9.9.9.9 update-source Loopback0 ! address-family ipv4 network 8.8.8.8 mask 255.255.255.255 neighbor 7.7.7.7 activate neighbor 7.7.7.7 route-reflector-client neighbor 7.7.7.7 send-label neighbor 9.9.9.9 activate neighbor 9.9.9.9 route-reflector-client neighbor 9.9.9.9 send-label ! address-family vpnv4 neighbor 5.5.5.5 activate neighbor 5.5.5.5 send-community extended neighbor 9.9.9.9 activate neighbor 9.9.9.9 send-community extended ! mpls ldp router-id Loopback0 force end
R9:
hostname R9 ! ip vrf VRF_1 rd 300:1 route-target export 300:1 route-target import 100:1 ! interface Loopback0 ip address 9.9.9.9 255.255.255.255 interface Ethernet0/0 ip address 89.0.0.9 255.255.255.0 mpls ip interface Ethernet0/1 ip vrf forwarding VRF_1 ip address 192.168.1.1 255.255.255.0 ! router ospf 100 router-id 9.9.9.9 network 9.9.9.9 0.0.0.0 area 0 network 89.0.0.9 0.0.0.0 area 0 ! router bgp 300 bgp router-id 9.9.9.9 no bgp default ipv4-unicast neighbor 8.8.8.8 remote-as 300 neighbor 8.8.8.8 update-source Loopback0 ! address-family ipv4 neighbor 8.8.8.8 activate neighbor 8.8.8.8 send-label ! address-family vpnv4 neighbor 8.8.8.8 activate neighbor 8.8.8.8 send-community extended ! address-family ipv4 vrf VRF_1 redistribute connected ! mpls ldp router-id Loopback0 force end
路由表
R1 MP-BGP已经将把VRF_1的路由转换成VPNv4 NLRI。
R1>show ip route vrf VRF_1
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.0/24 is directly connected, Ethernet0/0
L 172.16.1.1/32 is directly connected, Ethernet0/0
R1>show ip bgp vpnv4 all
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf VRF_1)
*> 172.16.1.0/24 0.0.0.0 0 32768 ?
R2从R1传来的私网路由导入本地VRF。从EBGP传递过来的VPNv4 NLRI可以看到next-hop属性已经被修改为2.2.2.2。为了能和R5建立毗邻关系,R2在MP-BGP IPv4地址簇发布了2.2.2.2/32的路由。
R2>show ip route vrf VRF_1
172.16.0.0/24 is subnetted, 1 subnets
B 172.16.1.0 [200/0] via 1.1.1.1, 01:00:53
R2>show ip bgp vpnv4 all
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf VRF_1)
*>i 172.16.1.0/24 1.1.1.1 0 100 0 ?
R3只包含IPv4公网路由,因为ASBR没有本地VRF,也没有MP-BGP的VPNv4实例。为了与R4建立EBGP链接,使用了静态路由指向4.4.4.4。
R3>show ip route
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/11] via 23.0.0.2, 01:02:33, Ethernet0/0
4.0.0.0/32 is subnetted, 1 subnets
S 4.4.4.4 [1/0] via 34.0.0.4
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [20/0] via 4.4.4.4, 01:02:38
R4
R4>show ip route
3.0.0.0/32 is subnetted, 1 subnets
S 3.3.3.3 [1/0] via 34.0.0.3
5.0.0.0/32 is subnetted, 1 subnets
O 5.5.5.5 [110/11] via 45.0.0.5, 01:35:11, Ethernet0/1
R5:从AS100传来的私网路由导入本地VRF。从EBGP传递过来的VPNv4 NLRI可以看到next-hop属性已经被修改为2.2.2.2。2.2.2.2/32由R2通过MP-EBGP IPv4传递给R5。下一跳为4.4.4.4。为了能和R2、R8建立毗邻关系,R5在MP-BGP IPv4地址簇发布了5.5.5.5/32的路由。
R5>show ip route vrf VRF_1
172.16.0.0/24 is subnetted, 1 subnets
B 172.16.1.0 [20/0] via 2.2.2.2, 01:04:37
R5>show ip bgp vpnv4 all
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1
*> 172.16.1.0/24 2.2.2.2 0 100 ?
R5>show ip route
2.0.0.0/32 is subnetted, 1 subnets
B 2.2.2.2 [200/0] via 4.4.4.4, 01:04:50
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/11] via 45.0.0.4, 01:36:42, Ethernet0/0
6.0.0.0/32 is subnetted, 1 subnets
O 6.6.6.6 [110/11] via 56.0.0.6, 01:05:16, Ethernet0/1
8.0.0.0/32 is subnetted, 1 subnets
B 8.8.8.8 [200/0] via 6.6.6.6, 01:05:08
R6:
R6>show ip route
5.0.0.0/32 is subnetted, 1 subnets
O 5.5.5.5 [110/11] via 56.0.0.5, 01:07:09, Ethernet0/0
7.0.0.0/32 is subnetted, 1 subnets
S 7.7.7.7 [1/0] via 67.0.0.7
R7:注意静态路由6.6.6.6/32是为了与R6建立eBGP连接。
R7>show ip route
6.0.0.0/32 is subnetted, 1 subnets
S 6.6.6.6 [1/0] via 67.0.0.6
8.0.0.0/32 is subnetted, 1 subnets
O 8.8.8.8 [110/11] via 78.0.0.8, 01:39:37, Ethernet0/1
R8,注意到VPNv4 NLRI:100:1:172.16.1.0/24,是由R5的MP-EBGP VPNv4宣告的,因此next hop为5.5.5.5。5.5.5.5/32由R5的MP-EBGP IPv4地址簇通告,需要继续递归查找,下一跳为7.7.7.7。为了能和R5建立毗邻关系,R8在MP-BGP IPv4地址簇发布了8.8.8.8/32的路由。
R8>show ip route vrf VRF_1
172.16.0.0/24 is subnetted, 1 subnets
B 172.16.1.0 [20/0] via 5.5.5.5, 01:08:25
R8>show ip bgp vpnv4 all
Route Distinguisher: 100:1
*> 172.16.1.0/24 5.5.5.5 0 200 100 ?
R8>show ip route
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [200/0] via 7.7.7.7, 01:08:40
7.0.0.0/32 is subnetted, 1 subnets
O 7.7.7.7 [110/11] via 78.0.0.7, 01:09:13, Ethernet0/0
9.0.0.0/32 is subnetted, 1 subnets
O 9.9.9.9 [110/11] via 89.0.0.9, 01:09:13, Ethernet0/1
R9,由于iBGP peer传递的VPNv4路由,next hop不改变,因此R9也必须要有5.5.5.5的公网路由。
R9>show ip route vrf VRF_1
172.16.0.0/24 is subnetted, 1 subnets
B 172.16.1.0 [200/0] via 5.5.5.5, 01:09:48
R9>show ip bgp vpnv4 all
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1
*>i 172.16.1.0/24 5.5.5.5 0 100 0 200 100 ?
R9>show ip route
8.0.0.0/32 is subnetted, 1 subnets
O 8.8.8.8 [110/11] via 89.0.0.8, 01:41:55, Ethernet0/0
标签绑定分发
R1为LSP的出口路由器。通过iBGP向R2通告172.16.1.0/24的标签为底层标签20。
R1>show ip bgp vpnv4 all la Network Next Hop In label/Out label Route Distinguisher: 100:1 (VRF_1) 172.16.1.0/24 0.0.0.0 20/nolabel(VRF_1) R1>show mpls for Local Outgoing Prefix Bytes Label Outgoing Next Hop Label Label or Tunnel Id Switched interface 20 No Label 172.16.1.0/24[V] 224224 aggregate/VRF_1
R2从R1接收到MP-BGP VPNv4为NLRI 100:1:172.16.1.0/24,为其分配底层标签16;下一跳的地址为1.1.1.1。因路由表中的1.1.1.1/32是通过OSPF而非IBGP学习到,因此BGP并不为该路由分配中层标签。1.1.1.1/32由LDP分配顶层标签19。
R2>show ip bgp vpnv4 all la Network Next Hop In label/Out label Route Distinguisher: 100:1 (VRF_1) 172.16.1.0/24 1.1.1.1 16/20 R2>show ip bgp la R2>show mpls for Local Outgoing Prefix Bytes Label Outgoing Next Hop Label Label or Tunnel Id Switched interface 19 Pop Label 1.1.1.1/32 0 Et0/0 12.0.0.1
R3没有配置MP-BGP,因此不处理VPNv4 NLRI,也没有接收底层标签。R3从R2接收到MP-BGP IPv4 NLRI 2.2.2.2/32,并为其分配中层标签19;该路由需要递归查找,下一跳地址为R2。2.2.2.2/32由LDP分配顶层标签19。
R3>show ip bgp vpnv4 all la R3>show ip bgp la Network Next Hop In label/Out label 2.2.2.2/32 2.2.2.2 19/imp-null R3>show mpls for Local Outgoing Prefix Bytes Label Outgoing Next Hop Label Label or Tunnel Id Switched interface 19 Pop Label 2.2.2.2/32 81768 Et0/0 23.0.0.2
R4没有配置MP-BGP,因此不处理VPNv4 NLRI,也没有分配底层标签。R4从R3接收到MP-BGP IPv4 NLRI 2.2.2.2/32,并为其分配中层标签16;该路由需要递归查找,下一跳地址为R3。3.3.3.3/32由LDP分配顶层标签18。
R4>show ip bgp vpnv4 all la R4>show ip bgp la Network Next Hop In label/Out label 2.2.2.2/32 3.3.3.3 16/19 R4>show mpls for Local Outgoing Prefix Bytes Label Outgoing Next Hop Label Label or Tunnel Id Switched interface 18 Pop Label 3.3.3.3/32 0 Et0/0 34.0.0.3
R5从R2接收到MP-BGP VPNv4 NLRI 100:1:172.16.1.0/24,并为其分配底层标签16;从R4接收到MP-BGP IPv4 NLRI 2.2.2.2/32;该路由需要递归查找,下一跳地址为4.4.4.4。4.4.4.4/32由LDP分配顶层标签18。
R5>show ip bgp vpnv4 all la Network Next Hop In label/Out label Route Distinguisher: 100:1 172.16.1.0/24 2.2.2.2 16/16 R5>show ip bgp la Network Next Hop In label/Out label 2.2.2.2/32 4.4.4.4 nolabel/16 R5>show mpls for Local Outgoing Prefix Bytes Label Outgoing Next Hop Label Label or Tunnel Id Switched interface 18 Pop Label 4.4.4.4/32 0 Et0/0 45.0.0.4
R6没有配置MP-BGP,因此不处理VPNv4 NLRI,也没有接收底层标签。R6从R5接收到MP-BGP IPv4 NLRI 5.5.5.5/32,并为其分配中层标签19;该路由需要递归查找,下一跳地址为R5。5.5.5.5/32由LDP分配顶层标签19。
R6>show ip bgp vpnv4 all la R6>show ip bgp la Network Next Hop In label/Out label 5.5.5.5/32 5.5.5.5 19/imp-null R6>show mpls for Local Outgoing Prefix Bytes Label Outgoing Next Hop Label Label or Tunnel Id Switched interface 19 Pop Label 5.5.5.5/32 80548 Et0/0 56.0.0.5
R7没有配置MP-BGP,因此不处理VPNv4 NLRI,也没有接收底层标签。R7从R5接收到MP-BGP IPv4 NLRI 5.5.5.5/32,并为其分配中层标签17;该路由需要递归查找,下一跳地址为R6。6.6.6.6/32由LDP分配顶层标签18。
R7>show ip bgp vpnv4 all la R7>show ip bgp la Network Next Hop In label/Out label 5.5.5.5/32 6.6.6.6 17/19 R7>show mpls for Local Outgoing Prefix Bytes Label Outgoing Next Hop Label Label or Tunnel Id Switched interface 18 Pop Label 6.6.6.6/32 0 Et0/0 67.0.0.6
R8从R5接收到MP-BGP VPNv4 NLRI 100:1:172.16.1.0/24,下一跳的地址为5.5.5.5;该路由需要递归查找,下一跳地址为R7。7.7.7.7/32由LDP分配顶层标签18。
R8>show ip bgp vpnv4 all la Network Next Hop In label/Out label Route Distinguisher: 100:1 172.16.1.0/24 5.5.5.5 nolabel/16 R8>show ip bgp la Network Next Hop In label/Out label 5.5.5.5/32 7.7.7.7 nolabel/17 R8>show mpls for Local Outgoing Prefix Bytes Label Outgoing Next Hop Label Label or Tunnel Id Switched interface 18 Pop Label 7.7.7.7/32 78440 Et0/0 78.0.0.7
R9从R8接收到MP-BGP VPNv4 NLRI 100:1:172.16.1.0/24,下一跳的地址为5.5.5.5,获取方式为MP-BGP IPv4,下一跳为R7;7.7.7.7/32由LDP分配顶层标签18。
R9>show ip bgp vpnv4 all la Network Next Hop In label/Out label Route Distinguisher: 100:1 172.16.1.0/24 5.5.5.5 nolabel/16 R9>show ip bgp la Network Next Hop In label/Out label 5.5.5.5/32 7.7.7.7 nolabel/17 R9>show mpls for Local Outgoing Prefix Bytes Label Outgoing Next Hop Label Label or Tunnel Id Switched interface 18 18 7.7.7.7/32 0 Et0/0 89.0.0.8
LSP
因此,从R9访问R1的VPN标签如下:
Internet Protocol Version 4, Src: 192.168.1.100, Dst: 172.16.1.100
R9-->R8
R8-->R7
R7-->R6
R6-->R5
R5-->R4
R4-->R3
R3-->R2
R2-->R1
