CISCO+OSPF+MPLS+BGP配置实例加讲解.doc

1、CISCO 路由器OSPF+MPLS+BGP 配置实例二 OO 八年九月四日 目 录一、网络环境 3二、网络描述 3三、网络拓扑图 4四、P 路由器配置 4五、PE1 路由器配置 6六、PE2 路由器配置 9七、CE1 路由器配置 .11八、CE2 路由器配置 .13九、业务测试 14一、网络环境由 5 台 CISCO7204 组成的网络,一台为 P 路由器,两台 PE 路由器,两台 CE路由器;二、网络描述在 P 和两台 PE 路由器这间通过 OSPF 动态路由协议完成 MPLS 网络的建立，两台 PE 路由器这间启用 BGP 路由协议，在 PE 路由器上向所属的 CE 路由器指VPN 路由

2、，在 CE 路由器中向 PE 路由器配置静态路由。配置思路：1、在 P 和两台 PE 路由器这间通过 OSPF 动态路由协议，在 P 和 PE 路由器两两互连的端口上启用 MPLS，两台 PE 之间的路为备份路由，这属公网路由。2、两台 PE 路由器这间启用 BGP 路由协议，这使得属于 VPN 的 IP 地址能在两个网络（两台 CE 所属的网络）互相发布，这属私网（VPN）路由。3、在 PE 路由器上向所属的 CE 路由器指 VPN 路由，这打通了两个网络（两台 CE 所属的网络）之间的路由。三、网络拓扑图P 路由器 ( r 1 )C E 2 路由器 ( r 4 )C E 1 路由器 ( r

3、 5 )P E 2 路由器 ( r 2 )P E 1 路由器 ( r 3 )L O O P 0 : 2 0 2 . 9 8 . 4 . 3 / 3 2L O O P 0 : 2 0 2 . 9 8 . 4 . 1 / 3 2L O O P 0 : 2 0 2 . 9 8 . 4 . 2 / 3 2L O O P 0 : 1 9 2 . 1 6 8 . 3 . 1 / 2 4L O O P 0 : 1 9 2 . 1 6 8 . 4 . 1 / 2 4F 1 / 0 : 1 0 . 1 . 1 . 6 / 3 0F 1 / 0 : 1 0 . 1 . 1 . 5 / 3 0F 0 / 0 : 1

4、 0 . 1 . 1 . 1 0 / 3 0F 0 / 0 : 1 0 . 1 . 1 . 9 / 3 0F 2 / 0 : 1 0 . 1 . 1 . 1 / 3 0F 2 / 0 : 1 0 . 1 . 1 . 2 / 3 0F 0 / 0 : 1 7 2 . 1 6 . 1 . 1 / 3 0F 0 / 0 : 1 7 2 . 1 6 . 1 . 2 / 3 0F 1 / 0 : 1 7 2 . 1 6 . 2 . 1 / 3 0F 1 / 0 : 1 7 2 . 1 6 . 2 . 2 / 3 0四、P 路由器配置p#SHOW RUNBuilding configuration.Cur

5、rent configuration : 1172 bytes!version 12.3service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname p!boot-start-markerboot-end-marker!no aaa new-modelip subnet-zero!ip cefip audit po max-events 100!interface Loopback0ip address 202.98.4.3 25

6、5.255.255.255!interface FastEthernet0/0description to_r2ip address 10.1.1.10 255.255.255.252ip ospf cost 20duplex fulltag-switching mtu 1508tag-switching ip!interface FastEthernet1/0description to_r3ip address 10.1.1.6 255.255.255.252ip ospf cost 20duplex fulltag-switching mtu 1508tag-switching ip!i

7、nterface FastEthernet2/0no ip addressshutdownduplex half!interface FastEthernet3/0no ip addressshutdownduplex half!router ospf 100log-adjacency-changesredistribute connected subnetsredistribute static subnetsnetwork 10.1.1.6 0.0.0.0 area 0network 10.1.1.10 0.0.0.0 area 0!ip classlessno ip http serve

8、rno ip http secure-server!gatekeepershutdown!line con 0exec-timeout 0 0logging synchronousstopbits 1line aux 0stopbits 1line vty 0 4login!endp#五、PE1 路由器配置pe1#show runBuilding configuration.Current configuration : 1813 bytes!version 12.3service timestamps debug datetime msecservice timestamps log dat

9、etime msecno service password-encryption!hostname pe1!boot-start-markerboot-end-marker!no aaa new-modelip subnet-zero!ip vrf vpnard 1:100route-target export 200:1route-target import 200:1! ip cefip audit po max-events 100!interface Loopback0ip address 202.98.4.1 255.255.255.255! interface FastEthern

10、et0/0description to_r5ip vrf forwarding vpnaip address 172.16.1.1 255.255.255.252duplex fulltag-switching ip!interface FastEthernet1/0description to_r1ip address 10.1.1.5 255.255.255.252ip ospf cost 20duplex fulltag-switching mtu 1508tag-switching ip!interface FastEthernet2/0ip address 10.1.1.1 255.

11、255.255.252ip ospf cost 100duplex fulltag-switching mtu 1508tag-switching ip!interface FastEthernet3/0no ip addressshutdownduplex half!router ospf 100log-adjacency-changesredistribute connected metric-type 1 subnetsnetwork 10.1.1.0 0.0.0.255 area 0network 202.98.4.0 0.0.0.255 area 0!router bgp 100no

12、 bgp default ipv4-unicastbgp log-neighbor-changesneighbor 202.98.4.2 remote-as 100neighbor 202.98.4.2 update-source Loopback0neighbor 202.98.4.2 version 4!address-family vpnv4neighbor 202.98.4.2 activateneighbor 202.98.4.2 send-community extendedexit-address-family!address-family ipv4 vrf vpnaredist

13、ribute connectedredistribute staticno auto-summaryno synchronizationexit-address-family!ip classlessip route vrf vpna 192.168.3.0 255.255.255.0 172.16.1.2no ip http serverno ip http secure-server!ip ospf name-lookup!gatekeepershutdown! !line con 0exec-timeout 0 0logging synchronousstopbits 1line aux

14、 0stopbits 1line vty 0 4login!endpe1# 六、PE2 路由器配置pe2#show runBuilding configuration.Current configuration : 1725 bytes!version 12.3service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname pe2!boot-start-markerboot-end-marker!no aaa new-modelip

15、 subnet-zero!ip vrf vpnard 1:100route-target export 200:1route-target import 200:1! ip cefip audit po max-events 100!interface Loopback0ip address 202.98.4.2 255.255.255.255! interface FastEthernet0/0description to_r1ip address 10.1.1.9 255.255.255.252ip ospf cost 20duplex fulltag-switching ip!inter

16、face FastEthernet1/0ip vrf forwarding vpnaip address 172.16.2.1 255.255.255.0duplex fulltag-switching ip!interface FastEthernet2/0ip address 10.1.1.2 255.255.255.252ip ospf cost 100duplex fulltag-switching ip!interface FastEthernet3/0no ip addressshutdownduplex half!router ospf 100log-adjacency-chan

17、gesredistribute connected metric 1 subnetsredistribute static metric-type 1 subnetsnetwork 10.1.1.0 0.0.0.255 area 0!router bgp 100no bgp default ipv4-unicastbgp log-neighbor-changesneighbor 202.98.4.1 remote-as 100neighbor 202.98.4.1 update-source Loopback0neighbor 202.98.4.1 version 4!address-fami

18、ly vpnv4neighbor 202.98.4.1 activateneighbor 202.98.4.1 send-community extendedexit-address-family!address-family ipv4 vrf vpnaredistribute connectedredistribute staticno auto-summaryno synchronizationexit-address-family!ip classlessip route vrf vpna 192.168.4.0 255.255.255.0 172.16.2.2no ip http se

19、rverno ip http secure-server!gatekeepershutdown!line con 0exec-timeout 0 0logging synchronousstopbits 1line aux 0stopbits 1line vty 0 4login!End七、CE1 路由器配置ce1#show runBuilding configuration.Current configuration : 892 bytes!version 12.3service timestamps debug datetime msecservice timestamps log dat

20、etime msecno service password-encryption!hostname ce1!boot-start-markerboot-end-marker!no aaa new-modelip subnet-zero!ip cefip audit po max-events 100!interface Loopback0ip address 192.168.3.1 255.255.255.0!interface FastEthernet0/0description to_r3ip address 172.16.1.2 255.255.255.252duplex full! i

21、nterface FastEthernet1/0no ip addressshutdownduplex half!interface FastEthernet2/0no ip addressshutdownduplex half!interface FastEthernet3/0no ip addressshutdownduplex half!ip classlessip route 0.0.0.0 0.0.0.0 172.16.1.1no ip http serverno ip http secure-server!gatekeepershutdown!line con 0exec-time

22、out 0 0logging synchronousstopbits 1line aux 0stopbits 1line vty 0 4login!end八、CE2 路由器配置Ce2#show runBuilding configuration.*Sep 3 13:53:56.167: %SYS-5-CONFIG_I: Configured from console by consoleCurrent configuration : 888 bytes!version 12.3service timestamps debug datetime msecservice timestamps lo

23、g datetime msecno service password-encryption!hostname ce2!boot-start-markerboot-end-marker!no aaa new-modelip subnet-zero!ip cefip audit po max-events 100!interface Loopback0ip address 10.10.13.1 255.255.255.0!interface FastEthernet0/0no ip addressshutdownduplex half! interface FastEthernet1/0descr

24、iption to_r2ip address 10.10.12.2 255.255.255.0duplex full!interface FastEthernet2/0no ip addressshutdownduplex half!interface FastEthernet3/0no ip addressshutdownduplex half!ip classlessip route 0.0.0.0 0.0.0.0 172.16.2.1no ip http serverno ip http secure-server!gatekeepershutdown!line con 0exec-ti

25、meout 0 0logging synchronousstopbits 1line aux 0stopbits 1line vty 0 4login!end九、业务测试ce1# ping 172.16.1.1Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:!Success rate is 100 percent (5/5), round-trip min/avg/max = 96/190/324 msce1#ce2#ping 192.168.3.1Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:!Success rate is 100 percent (5/5), round-trip min/avg/max = 336/468/588 msce2#