IT运维管理,创造商业价值!
中国IT运维网首页 | 资讯中心 | 运维管理 | 信息安全 | CIO视界 | 云计算 | 最佳案例 | 运维资源 | 专题策划 | 知识库 | 论坛

某项目的CISCO产品测试报告基于IS-IS的MPLS/VPN实验

2008年06月24日
/
  1.实验项目:VPN、MPLS、多种协议下的MPLS/VPN、VOIP、IS-IS、RIP、静态路由、BGP
  
  1. 实验目的:
  
  验证MPLS/VPN的可实施性、及在MPLS/VPN基础上的可实时业务的应用。
  
  本实验验证以下技术点:
  
  a. VPN
  b. MPLS
  c. 多种环境下的MPLS/VPN
  d. VOIP的应用
  
  2. 实验方法:
  
  a. 验证基于IS-IS的MPLS/VPN
  b. 验证基于Inter AS 的 MPLS/VPN
  c. 验证基于Inter AS 的 MPLS/VPN中VOIP的应用
  
  
  2.基于IS-IS的MPLS/VPN
  
  1.实验方案:
  实验环境如图:
  
  骨干IGP为IS-IS,其中包括三个独立的L2域、每一个骨干路由器为一个独立的域,与骨干网的设计相符。
  MPLS/VPN 中,三台骨干路由器为PE、其它设备为CE。
  MPLS/VPN上建立三个VPN :
  
  a. VPN1的CE分别在两个不同的AS、采用EBGP和骨干路由器互联,AS号码为65505和65506。
  
  b. VPN2的两个CE采用不同的IGP路由协议互联、S3采用OSPF和R3连接、S2采用RIP和R2连接。
  
  c. VPN3的两个CE采用静态路由和PE连接。
  
  2. 方案技术要点:
  
  a. 网络协议IS-IS、EBGP、IBGP、OSPF、RIP、静态路由。
  b. 完全相同IP地址的VPN( VPN1与 VPN2 )。
  c. VPN中采用不同协议:VPN1 (EBGP-EBGP),VPN2 (RIP-OSPF), VPN3 ( 静态路由-静态路由)。
  
  
  3. 配置命令:
  
  version 12.0
  !
  hostname R2
  !
  boot system disk0:rsp-pv-mz.120-22.S.bin
  ip cef
  no ip domain-lookup
  !
  ip vrf vpn1
  rd 100:1
  route-target export 100:1
  route-target import 100:1
  !
  ip vrf vpn2
  rd 100:2
  route-target export 100:2
  route-target import 100:2
  !
  ip vrf vpn3
  rd 100:3
  route-target export 100:3
  route-target import 100:3
  clns routing
  !
  interface Loopback0
  ip address 10.10.20.2 255.255.255.255
  no ip directed-broadcast
  ip router isis
  isis circuit-type level-2-only
  !
  interface Multilink1
  ip address 10.10.12.2 255.255.255.0
  no ip directed-broadcast
  ip router isis
  tag-switching ip
  ppp multilink
  multilink-group 1
  isis circuit-type level-2-only
  !
  router isis
  net 00.1111.0000.0000.1112.00
  is-type level-2-only
  !
  router rip
  version 2
  !
  address-family ipv4 vrf vpn2
  version 2
  redistribute bgp 100 metric transparent
  network 10.0.0.0
  no auto-summary
  exit-address-family
  !
  router bgp 100
  bgp log-neighbor-changes
  bgp graceful-restart restart-time 120
  bgp graceful-restart stalepath-time 360
  bgp graceful-restart
  neighbor 10.10.10.1 remote-as 100
  neighbor 10.10.10.1 update-source Loopback0
  neighbor 10.10.30.3 remote-as 100
  neighbor 10.10.30.3 update-source Loopback0
  no auto-summary
  !
  address-family ipv4 multicast
  no auto-summary
  no synchronization
  exit-address-family
  !
  address-family vpnv4
  neighbor 10.10.10.1 activate
  neighbor 10.10.10.1 next-hop-self
  neighbor 10.10.10.1 send-community extended
  neighbor 10.10.30.3 activate
  neighbor 10.10.30.3 next-hop-self
  neighbor 10.10.30.3 send-community extended
  no auto-summary
  exit-address-family
  !
  address-family ipv4
  neighbor 10.10.10.1 activate
  neighbor 10.10.30.3 activate
  no auto-summary
  no synchronization
  exit-address-family
  !
  address-family ipv4 vrf vpn3
  redistribute connected
  redistribute static
  no auto-summary
  no synchronization
  exit-address-family
  !
  address-family ipv4 vrf vpn2
  redistribute connected
  redistribute static
  redistribute rip
  no auto-summary
  no synchronization
  exit-address-family
  !
  address-family ipv4 vrf vpn1
  neighbor 10.10.26.6 remote-as 65506
  neighbor 10.10.26.6 activate
  no auto-summary
  no synchronization
  exit-address-family
  !
  ip classless
  ip route vrf vpn3 10.10.60.0 255.255.255.0 10.10.26.6
  
  
  
  
  4. 确认命令:
  
  
  R1# sh ip rou
  
  
  10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
  C 10.10.10.1/32 is directly connected, Loopback0
  C 10.10.12.0/24 is directly connected, Multilink1
  C 10.10.13.0/24 is directly connected, POS4/0/0
  C 10.10.12.2/32 is directly connected, Multilink1
  i L2 10.10.20.2/32 [115/17] via 10.10.13.2, POS4/0/0
  i L2 10.10.23.0/24 [115/7] via 10.10.13.2, POS4/0/0
  i L2 10.10.30.3/32 [115/15] via 10.10.13.2, POS4/0/0
  
  
  R1#sh ip router vrf vpn2
  
  10.0.0.0/24 is subnetted, 4 subnets
  C 10.10.15.0 is directly connected, FastEthernet2/0/1
  B 10.10.26.0 [200/0] via 10.10.20.2, 00:01:48
  B 10.10.50.0 [20/0] via 10.10.15.5, 00:01:54
  B 10.10.60.0 [200/0] via 10.10.20.2, 00:01:48
  
  R1#sh ip router vrf vpn3
  
  10.0.0.0/24 is subnetted, 3 subnets
  C 10.10.15.0 is directly connected, FastEthernet2/0/0
  B 10.10.26.0 [200/0] via 10.10.20.2, 00:01:57
  B 10.10.60.0 [200/0] via 10.10.20.2, 00:01:57
  
  R5-3640#sh ip rou
  
  10.0.0.0/24 is subnetted, 4 subnets
  C 10.10.15.0 is directly connected, FastEthernet0/0
  B 10.10.26.0 [20/0] via 10.10.15.1, 00:02:24
  C 10.10.50.0 is directly connected, Loopback0
  B 10.10.60.0 [20/0] via 10.10.15.1, 00:02:24
  
  R5-3640#ping 10.10.60.6
  
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 10.10.60.6, timeout is 2 seconds:
  !!!!!
  Success rate is 100 percent (5/5), round-trip min/avg/max = 12/12/12 ms
  
  R5-3640#trace 10.10.60.6
  
  Type escape sequence to abort.
  Tracing the route to 10.10.60.6
  
  1 10.10.15.1 0 msec 0 msec 4 msec
  2 10.10.13.2 [MPLS: Labels 17/18 Exp 0] 12 msec 12 msec 12 msec
  3 10.10.26.2 [AS 65506] [MPLS: Label 18 Exp 1] 4 msec 4 msec 4 msec
  4 10.10.26.6 [AS 65506] 12 msec 12 msec *
  
  S1-4006> (enable) trace 10.10.60.6
  traceroute to 10.10.60.6 (10.10.60.6), 30 hops max, 40 byte packets
  1 10.10.15.1 (10.10.15.1) 8 ms 24 ms 7 ms
  2 10.10.13.2 (10.10.13.2) 10 ms 9 ms 10 ms
  3 10.10.26.2 (10.10.26.2) 10 ms 7 ms 7 ms
  4 10.10.26.6 (10.10.26.6) 8 ms * 9 ms
  S1-4006> (enable) exit
  
  R2#sh ip rou
  10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
  i L2 10.10.10.1/32 [115/17] via 10.10.23.3, GigabitEthernet10/0/0
  C 10.10.12.0/24 is directly connected, Multilink1
  i L2 10.10.13.0/24 [115/7] via 10.10.23.3, GigabitEthernet10/0/0
  C 10.10.12.1/32 is directly connected, Multilink1
  C 10.10.20.2/32 is directly connected, Loopback0
  C 10.10.23.0/24 is directly connected, GigabitEthernet10/0/0
  i L2 10.10.30.3/32 [115/12] via 10.10.23.3, GigabitEthernet10/0/0
  
  R2#sh ip router vrf vpn1
  10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
  B 10.10.15.0/24 [200/0] via 10.10.10.1, 00:05:48
  C 10.10.26.0/24 is directly connected, Multilink2
  C 10.10.26.6/32 is directly connected, Multilink2
  B 10.10.50.0/24 [200/0] via 10.10.10.1, 00:05:48
  B 10.10.60.0/24 [20/0] via 10.10.26.6, 00:07:21
  
  
  R2#sh ip route vrf vpn2
  10.0.0.0/24 is subnetted, 3 subnets
  C 10.10.22.0 is directly connected, FastEthernet9/0/0
发表评论请到:http://bbs.cnitom.com

相关阅读

图文热点

以不变应万变 网络虚拟化应对园区网新挑战
以不变应万变 网络虚拟化应对园区网新挑战Forrester Research的分析师Robert Whiteley认为: “十年以来,虚拟化技术与网络...
OpenShift加入更多新元素 友好面对开发者
OpenShift加入更多新元素 友好面对开发者通过网络进行程序提供的服务称之为SaaS(Software as a Service),而将服务器平台...

本类热点