【HCIE】跨域MPLS-VPN Option C 方式一

实验目的：R5与R7私网互通；R6与R8私网互通

说明：R1=PE1；R2=ASBR1；R3-ASBR2；R4=PE2；R5/R6/R7/R8=CE

          方式一图谱

步骤1：给R1 R9 R2 R3 R4 配置接口IP与环回IP （略）

步骤2：在AS12；AS34内配置IGP (这里采用ospf，进程1，区域0；略)

步骤3：在AS12；AS34内配置MPLS LDP,建立T标并解决路由黑洞 （略）

步骤4：PE1-ASBR1-ASBR2-PE2之间建立BGP公网邻居关系，为了传BGP路由

R1：

bgp 12
 router-id 1.1.1.1
 undo default ipv4-unicast
 peer 2.2.2.2 as-number 12 
 peer 2.2.2.2 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 2.2.2.2 enable
 

R2：

bgp 12
 router-id 2.2.2.2
 undo default ipv4-unicast
 peer 1.1.1.1 as-number 12 
 peer 1.1.1.1 connect-interface LoopBack0
 peer 23.1.1.3 as-number 34 
 #
 ipv4-family unicast
  undo synchronization
  peer 1.1.1.1 enable
  peer 23.1.1.3 enable

R3：

bgp 34
 router-id 3.3.3.3
 undo default ipv4-unicast
 peer 4.4.4.4 as-number 34 
 peer 4.4.4.4 connect-interface LoopBack0
 peer 23.1.1.2 as-number 12 
 #
 ipv4-family unicast
  undo synchronization
  peer 4.4.4.4 enable
  peer 23.1.1.2 enable

R4：

bgp 34
 router-id 4.4.4.4
 undo default ipv4-unicast
 peer 3.3.3.3 as-number 34 
 peer 3.3.3.3 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 3.3.3.3 enable

检查bgp邻居关系：dis bgp peer

步骤5：在ASBR1和ASBR2上发布PE1/PE2环回路由

R2：

bgp 12
 ipv4-family unicast
  network 1.1.1.1 255.255.255.255

R3：

bgp 34
  ipv4-family unicast
   network 4.4.4.4 255.255.255.255

步骤6：在ASBR上配置P1与P2策略

R2/R3：

route-policy p1 permit node 10 
 apply mpls-label
#
route-policy p2 permit node 10 
 if-match mpls-label 
 apply mpls-label

步骤7：PE1-ASBR1-ASBR2-PE2之间开启BGP公网路由的标签分配能力

R2：

bgp 12
 ipv4-family unicast
  undo synchronization
  peer 1.1.1.1 route-policy p2 export
  peer 1.1.1.1 label-route-capability
  peer 23.1.1.3 route-policy p1 export
  peer 23.1.1.3 label-route-capability

R3：

bgp 34
 ipv4-family unicast
  undo synchronization
  peer 4.4.4.4 route-policy p2 export
  peer 4.4.4.4 label-route-capability
  peer 23.1.1.2 route-policy p1 export
  peer 23.1.1.2 label-route-capability

R1：

bgp 12
 ipv4-family unicast
  peer 2.2.2.2 label-route-capability

R4：

bgp 34
 ipv4-family unicast
 peer 3.3.3.3 label-route-capability

步骤8：在PE1和PE2上看到直达对端的BGP LSP

步骤9：在PE建立实例与CE建立实例邻居关系

R1：

ip vpn-instance 5
 ipv4-family
  route-distinguisher 5:5
  vpn-target 5:7 export-extcommunity
  vpn-target 7:5 import-extcommunity
#
ip vpn-instance 6
 ipv4-family
  route-distinguisher 6:6
  vpn-target 6:8 export-extcommunity
  vpn-target 8:6 import-extcommunity

#
interface GigabitEthernet0/0/1
 ip binding vpn-instance 5
 ip address 192.168.15.1 255.255.255.0 
#
interface GigabitEthernet0/0/2
 ip binding vpn-instance 6
 ip address 192.168.16.1 255.255.255.0 

#
bgp 12
 ipv4-family vpn-instance 5 
  peer 192.168.15.5 as-number 5 
 #
 ipv4-family vpn-instance 6 
  peer 192.168.16.6 as-number 6 

R5：

interface GigabitEthernet0/0/0
 ip address 192.168.15.5 255.255.255.0 
#
interface LoopBack0
 ip address 192.168.5.5 255.255.255.255 
#
bgp 5
 router-id 5.5.5.5
 peer 192.168.15.1 as-number 12 
 #
 ipv4-family unicast
  undo synchronization
  network 192.168.5.5 255.255.255.255 
  peer 192.168.15.1 enable

R6：

interface GigabitEthernet0/0/0
 ip address 192.168.16.6 255.255.255.0 
#
interface LoopBack0
 ip address 192.168.6.6 255.255.255.255 
#
bgp 6
 router-id 6.6.6.6
 peer 192.168.16.1 as-number 12 
 #
 ipv4-family unicast
  undo synchronization
  network 192.168.6.6 255.255.255.255 
  peer 192.168.16.1 enable

R4：

ip vpn-instance 7
 ipv4-family
  route-distinguisher 7:7
  vpn-target 7:5 export-extcommunity
  vpn-target 5:7 import-extcommunity
#
ip vpn-instance 8
 ipv4-family
  route-distinguisher 8:8
  vpn-target 8:6 export-extcommunity
  vpn-target 6:8 import-extcommunity

#
interface GigabitEthernet0/0/1
 ip binding vpn-instance 7
 ip address 192.168.47.4 255.255.255.0 
#
interface GigabitEthernet0/0/2
 ip binding vpn-instance 8
 ip address 192.168.48.4 255.255.255.0

#
bgp 34
#
 ipv4-family vpn-instance 7 
  peer 192.168.47.7 as-number 7 
 #
 ipv4-family vpn-instance 8 
  peer 192.168.48.8 as-number 8

R7：

interface GigabitEthernet0/0/0
 ip address 192.168.47.7 255.255.255.0 
#
interface LoopBack0
 ip address 192.168.7.7 255.255.255.255 
#
bgp 7
 router-id 7.7.7.7
 peer 192.168.47.4 as-number 34 
 #
 ipv4-family unicast
  undo synchronization
  network 192.168.7.7 255.255.255.255 
  peer 192.168.47.4 enable

R8：

interface GigabitEthernet0/0/0
 ip address 192.168.48.8 255.255.255.0 
#
interface LoopBack0
 ip address 192.168.8.8 255.255.255.255 
#
bgp 8
 router-id 8.8.8.8
 peer 192.168.48.4 as-number 34 
 #
 ipv4-family unicast
  undo synchronization
  network 192.168.8.8 255.255.255.255 
  peer 192.168.48.4 enable

步骤10：PE1--PE2建立VPNV4邻居关系

R1：

bgp 12

 router-id 1.1.1.1
 undo default ipv4-unicast
 peer 4.4.4.4 as-number 34 
 peer 4.4.4.4 ebgp-max-hop 255   \\与R4建立ebgp邻居关系默认跳数1，修改为255
 peer 4.4.4.4 connect-interface LoopBack0
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 4.4.4.4 enable

R4：

bgp 34
 router-id 4.4.4.4
 undo default ipv4-unicast
 peer 1.1.1.1 as-number 12 
 peer 1.1.1.1 ebgp-max-hop 255 
 peer 1.1.1.1 connect-interface LoopBack0
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 1.1.1.1 enable

检查邻居vpnv4z邻居关系

步骤11：验证CE私网通讯