Elementele cheie sunt:
- MPLS VPN Layer 3 in reteaua AS 200 in care sunt introduse cele doua ASBR-uri ale AS 100
- MPLS VPN Layer 3 in reteaua AS 100 in care sunt introduse cele doua CPE-uri
- sesiune eBGP IPv4 cu optiunea send-label intre ASBR-urile din AS 100 si PE-urile din AS 200
- sesiune iBGP VPNv4 intre PE-urile din AS 200 in care sunt direct conectate ASBR-urile din AS 100
- sesiune iBGP VPNv4 intre PE-urile din AS 100 in care sunt direct conectate CPE-urile
- in reteaua providerului AS100 se defineste un VPN MPLS Layer 3 pentru clientul care administreaza CPE-urile
- in reteaua providerului AS200 se defineste un VPN MPLS Layer 3 pentru providerul AS100
Topologie
Config routere AS200
PE2001hostname PE2001ip vrf ISP100 rd 200:1 route-target export 200:1 route-target import 200:1 interface Loopback1 ip address 2.2.2.2 255.255.255.255 !Ethernet0/0.24 - leg catre BR1001 interface Ethernet0/0.24 encapsulation dot1Q 24 ip vrf forwarding ISP100 ip address 192.168.24.2 255.255.255.0 !Ethernet0/1.12 - leg catre P200 interface Ethernet0/1.12 encapsulation dot1Q 12 ip address 172.16.12.2 255.255.255.0 ip router isis 1 mpls ip router isis 1 net 49.0001.0020.0200.2002.00 is-type level-2-only passive-interface Loopback1 router bgp 200 !iBGP VPNv4 cu PE2002 neighbor 3.3.3.3 remote-as 200 neighbor 3.3.3.3 update-source Loopback1 address-family vpnv4 neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-community both neighbor 3.3.3.3 next-hop-self exit-address-family address-family ipv4 vrf ISP100 !eBGP IPv4 cu BR1001 neighbor 192.168.24.4 remote-as 100 neighbor 192.168.24.4 activate neighbor 192.168.24.4 as-override neighbor 192.168.24.4 send-label exit-address-family |
P200hostname P200interface Loopback1 ip address 1.1.1.1 255.255.255.255 !Ethernet0/1.12 - leg catre PE2001 interface Ethernet0/1.12 encapsulation dot1Q 12 ip address 172.16.12.1 255.255.255.0 ip router isis 1 mpls ip !Ethernet0/1.13 - leg catre PE2002 interface Ethernet0/1.13 encapsulation dot1Q 13 ip address 172.16.13.1 255.255.255.0 ip router isis 1 mpls ip router isis 1 net 49.0001.0010.0100.1001.00 is-type level-2-only passive-interface Loopback1 |
PE2002hostname PE2002ip vrf ISP100 rd 200:1 route-target export 200:1 route-target import 200:1 interface Loopback1 ip address 3.3.3.3 255.255.255.255 !Ethernet0/0.36 - leg catre BR1002 interface Ethernet0/0.36 encapsulation dot1Q 36 ip vrf forwarding ISP100 ip address 192.168.36.3 255.255.255.0 !Ethernet0/1.13 - leg catre P200 interface Ethernet0/1.13 encapsulation dot1Q 13 ip address 172.16.13.3 255.255.255.0 ip router isis 1 mpls ip router isis 1 net 49.0001.0030.0300.3003.00 is-type level-2-only passive-interface Loopback1 router bgp 200 !iBGP VPNv4 cu PE2001 neighbor 2.2.2.2 remote-as 200 neighbor 2.2.2.2 update-source Loopback1 address-family vpnv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-community both neighbor 2.2.2.2 next-hop-self exit-address-family address-family ipv4 vrf ISP100 !eBGP IPv4 cu BR1002 neighbor 192.168.36.6 remote-as 100 neighbor 192.168.36.6 activate neighbor 192.168.36.6 as-override neighbor 192.168.36.6 send-label exit-address-family |
Config routere AS100 - stanga
BR1001hostname BR1001 interface Loopback1 ip address 4.4.4.4 255.255.255.255 !Ethernet0/0.24 - leg catre PE2001 interface Ethernet0/0.24 encapsulation dot1Q 24 ip address 192.168.24.4 255.255.255.0 !Ethernet0/0.45 - leg catre P1001 interface Ethernet0/0.45 encapsulation dot1Q 45 ip address 10.0.45.4 255.255.255.0 mpls ip router ospf 1 router-id 4.4.4.4 redistribute bgp 100 subnets network 4.4.4.4 0.0.0.0 area 0 network 10.0.45.4 0.0.0.0 area 0 ip prefix-list 1 seq 5 permit 11.11.11.11/32 route-map Loopbacks permit 10 match ip address prefix-list 1 router bgp 100 no bgp default ipv4-unicast !eBGP IPv4 cu PE2001 neighbor 192.168.24.2 remote-as 200 address-family ipv4 redistribute ospf 1 route-map Loopbacks neighbor 192.168.24.2 activate neighbor 192.168.24.2 send-label exit-address-family |
P1001interface Loopback1 ip address 5.5.5.5 255.255.255.255 !Ethernet0/0.5 - le catre PE1001 interface Ethernet0/0.5 encapsulation dot1Q 5 ip address 10.0.5.5 255.255.255.0 mpls ip !Ethernet0/0.45 - leg catre BR1001 interface Ethernet0/0.45 encapsulation dot1Q 45 ip address 10.0.45.5 255.255.255.0 mpls ip router ospf 1 router-id 5.5.5.5 network 5.5.5.5 0.0.0.0 area 0 network 10.0.5.5 0.0.0.0 area 0 network 10.0.45.5 0.0.0.0 area 0 |
PE1001hostname PE1001 ip vrf Client rd 100:1 route-target export 100:1 route-target import 100:1 interface Loopback1 ip address 11.11.11.11 255.255.255.255 !Ethernet0/0.5 - leg catre P1001 interface Ethernet0/0.5 encapsulation dot1Q 5 ip address 10.0.5.11 255.255.255.0 mpls ip !Ethernet0/0.200 - leg catre CPE1 interface Ethernet0/0.200 encapsulation dot1Q 200 ip vrf forwarding Client ip address 100.50.25.1 255.255.255.0 router ospf 1 router-id 11.11.11.11 network 10.0.5.11 0.0.0.0 area 0 network 11.11.11.11 0.0.0.0 area 0 ip route vrf Client 22.22.22.22 255.255.255.255 100.50.25.2 router bgp 100 no bgp default ipv4-unicast !iBGP VPNv4 cu PE1002 neighbor 8.8.8.8 remote-as 100 neighbor 8.8.8.8 update-source Loopback1 address-family vpnv4 neighbor 8.8.8.8 activate neighbor 8.8.8.8 send-community both exit-address-family address-family ipv4 vrf Client redistribute connected redistribute static exit-address-family |
Config routere AS100 - dreapta
BR1002hostname BR1002 interface Loopback1 ip address 6.6.6.6 255.255.255.255 !Ethernet0/0.36 - leg catre PE2002 interface Ethernet0/0.36 encapsulation dot1Q 36 ip address 192.168.36.6 255.255.255.0 !Ethernet0/0.67 - leg catre P1002 interface Ethernet0/0.67 encapsulation dot1Q 67 ip address 172.16.67.6 255.255.255.0 mpls ip router ospf 1 router-id 6.6.6.6 redistribute bgp 100 subnets network 6.6.6.6 0.0.0.0 area 0 network 172.16.67.6 0.0.0.0 area 0 ip prefix-list 1 seq 5 permit 8.8.8.8/32 route-map Loopback permit 10 match ip address prefix-list 1 router bgp 100 no bgp default ipv4-unicast !eBGP IPv4 cu PE2002 neighbor 192.168.36.3 remote-as 200 address-family ipv4 redistribute ospf 1 route-map Loopback neighbor 192.168.36.3 activate neighbor 192.168.36.3 send-label exit-address-family |
P1002hostname P1002 interface Loopback1 ip address 7.7.7.7 255.255.255.255 !Ethernet0/0.67 - leg catre BR1002 interface Ethernet0/0.67 encapsulation dot1Q 67 ip address 172.16.67.7 255.255.255.0 mpls ip !Ethernet0/0.78 - leg catre PE1002 interface Ethernet0/0.78 encapsulation dot1Q 78 ip address 172.16.78.7 255.255.255.0 mpls ip router ospf 1 router-id 7.7.7.7 network 7.7.7.7 0.0.0.0 area 0 network 172.16.67.7 0.0.0.0 area 0 network 172.16.78.7 0.0.0.0 area 0 |
PE1002hostname PE1002 ip vrf Client rd 100:1 route-target export 100:1 route-target import 100:1 interface Loopback1 ip address 8.8.8.8 255.255.255.255 !Ethernet0/1.78 - leag catre P1002 interface Ethernet0/1.78 encapsulation dot1Q 78 ip address 172.16.78.8 255.255.255.0 mpls ip !Ethernet0/1.300 - leg catre CPE2 interface Ethernet0/1.300 encapsulation dot1Q 300 ip vrf forwarding Client ip address 200.100.50.1 255.255.255.0 router ospf 1 router-id 8.8.8.8 network 8.8.8.8 0.0.0.0 area 0 network 172.16.78.8 0.0.0.0 area 0 ip route vrf Client 33.33.33.33 255.255.255.255 200.100.50.2 router bgp 100 no bgp default ipv4-unicast !iBGP VPNv4 cu PE1001 neighbor 11.11.11.11 remote-as 100 neighbor 11.11.11.11 update-source Loopback1 address-family vpnv4 neighbor 11.11.11.11 activate neighbor 11.11.11.11 send-community extended exit-address-family address-family ipv4 vrf Client redistribute connected redistribute static exit-address-family |
Config routere CPE
CPE 1hostname CPE1interface Loopback1 ip address 22.22.22.22 255.255.255.255 !Ethernet0/0 - leg catre PE1001 interface Ethernet0/0 ip address 100.50.25.2 255.255.255.0 ip route 0.0.0.0 0.0.0.0 100.50.25.1 |
CPE 2hostname CPE2interface Loopback1 ip address 33.33.33.33 255.255.255.255 !Ethernet0/0 - leg catre PE1002 interface Ethernet0/0 ip address 200.100.50.2 255.255.255.0 ip route 0.0.0.0 0.0.0.0 200.100.50.1 |
Spor la studiu si pe cei dornici sa aprofundeze ii astept la cursurile academiei locale Cisco Netschool unde predau cursuri CCNA, CCNP si CCNA Security.
Niciun comentariu:
Trimiteți un comentariu