PRÁTICA MPLS

8/10/2019 PRTICA MPLS

1/11

PRTICA MPLS

1. Adicione os scripts para configurao dos IPs das interfaces

2. Teste de conectividade


2/11


3/11

O 172.2.0.1 [110/129] via 192.168.0.18, 00:00:50, Serial1/3[110/129] via 192.168.0.14, 00:00:50, Serial1/2

172.10.0.0/32 is subnetted, 1 subnetsO 172.10.0.1 [110/65] via 192.168.0.14, 00:00:50, Serial1/2

172.20.0.0/32 is subnetted, 1 subnetsO 172.20.0.1 [110/65] via 192.168.0.18, 00:00:50, Serial1/3

192.168.0.0/30 is subnetted, 5 subnetsC 192.168.0.12 is directly connected, Serial1/2O 192.168.0.24 [110/128] via 192.168.0.18, 00:00:50, Serial1/3O 192.168.0.28 [110/128] via 192.168.0.18, 00:00:50, Serial1/3

[110/128] via 192.168.0.14, 00:00:50, Serial1/2C 192.168.0.16 is directly connected, Serial1/3O 192.168.0.20 [110/128] via 192.168.0.14, 00:00:51, Serial1/2

150.1.0.0/30 is subnetted, 2 subnetsC 150.1.1.4 is directly connected, Serial1/1C 150.1.1.0 is directly connected, Serial1/0

5.

Configurando MPLS

Em PE1PE1(config)#mpls label protocol ldpPE1(config)#interface serial 1/2PE1(config-if)#mpls ipPE1(config-if)#interface serial 1/3PE1(config-if)#mpls ipEm P2P2(config)#mpls label protocol ldpP2(config)#interface serial 1/0P2(config-if)#mpls ipP2(config-if)#interface serial 1/1P2(config-if)#mpls ipP2(config-if)#interface serial 1/2P2(config-if)#mpls ipEm P1P1(config)#mpls label protocol ldpP1(config)#interface serial 1/0P1(config-if)#mpls ipP1(config-if)#interface serial 1/1P1(config-if)#mpls ipP1(config-if)#interface serial 1/2P1(config-if)#mpls ipEm PE2PE2(config)#mpls label protocol ldpPE2(config)#interface serial 1/2PE2(config-if)#mpls ip

PE2(config-if)#interface serial 1/3PE2(config-if)#mpls ip

6.

Verificar as interfaces com o MPLS habilitado

P2#show mpls interfaceInterface IP Tunnel OperationalSerial1/0 Yes (ldp) No YesSerial1/1 Yes (ldp) No Yes


4/11

Serial1/2 Yes (ldp) No Yes

7.

Verificar os visinhos MPLS

P2#sh mpls ldp neighborPeer LDP Ident: 172.1.0.1:0; Local LDP Ident 172.20.0.1:0

TCP connection: 172.1.0.1.646 - 172.20.0.1.60439State: Oper; Msgs sent/rcvd: 21/22; DownstreamUp time: 00:07:33LDP discovery sources:

Serial1/0, Src IP addr: 192.168.0.17Addresses bound to peer LDP Ident:

150.1.1.1 150.1.1.5 192.168.0.13 192.168.0.17172.1.0.1

Peer LDP Ident: 172.10.0.1:0; Local LDP Ident 172.20.0.1:0TCP connection: 172.10.0.1.646 - 172.20.0.1.18612State: Oper; Msgs sent/rcvd: 20/20; DownstreamUp time: 00:07:14LDP discovery sources:


172.10.0.1 192.168.0.29 192.168.0.14 192.168.0.22Peer LDP Ident: 172.2.0.1:0; Local LDP Ident 172.20.0.1:0

TCP connection: 172.2.0.1.646 - 172.20.0.1.51798State: Oper; Msgs sent/rcvd: 15/17; DownstreamUp time: 00:03:16LDP discovery sources:


150.1.2.1 150.1.2.5 192.168.0.21 192.168.0.25172.2.0.1

8.

Configurar BGP nos PEs

PE 1Router bgp 65000neighbor 172.2.0.1 remote-as 65000neighbor 172.2.0.1 next-hop-selfneighbor 172.2.0.1 update-source loopback 0no auto-summaryno synchronizationPE 2Router bgp 65000neighbor 172.1.0.1 remote-as 65000neighbor 172.1.0.1 next-hop-selfneighbor 172.1.0.1 update-source loopback 0

no auto-summaryno synchronization

9.

Adicionar rotas estticas para redes locais

PE1(config)#ip route 200.1.0.1 255.255.255.255 s 1/0PE1(config)#ip route 200.1.0.2 255.255.255.255 s 1/1


5/11

PE2(config)#ip route 200.2.0.1 255.255.255.255 serial 1/0PE2(config)#ip route 200.2.0.2 255.255.255.255 serial 1/1

10.

Configurar BGP para redistribuir a rota estatica

Nos PEs:

Router bgp 65000Redistribute static

11.

Visualizando rotas aprendidas pelo BGP

PE2#sh ip route bgp200.1.0.0/32 is subnetted, 2 subnets

B 200.1.0.1 [200/0] via 172.1.0.1, 00:01:29B 200.1.0.2 [200/0] via 172.1.0.1, 00:01:29

12.Visualisando o LSP

CE11#traceroute 200.2.0.2 source 200.1.0.1

Type escape sequence to abort.Tracing the route to 200.2.0.2

1 150.1.1.1 200 msec 208 msec 244 msec2 192.168.0.18 [MPLS: Label 17 Exp 0] 320 msec 344 msec 556 msec3 192.168.0.25 428 msec 400 msec 568 msec4 150.1.2.6 472 msec 500 msec 628 msec

13.

Para visualizar a troca de tags se faz necessrio forar o caminho alternativo no roteadores

Caminho de ida:PE1(config)# interface Serial1/3PE1(config)#ip ospf cost 1000P1(config)# interface Serial1/1

P1(config)#ip ospf cost 1000Caminho de voltaPE2(config)# interface Serial1/2PE2(config)#ip ospf cost 1000P2(config)# interface Serial1/0P2(config)#ip ospf cost 1000

14.

Visualizando novo LSP

CE11#traceroute 200.2.0.2 source 200.1.0.1Type escape sequence to abort.Tracing the route to 200.2.0.2

1 150.1.1.1 152 msec 196 msec 228 msec2 192.168.0.14 [MPLS: Label 20 Exp 0] 476 msec 492 msec 472 msec3 192.168.0.30 [MPLS: Label 17 Exp 0] 304 msec 456 msec 316 msec4 192.168.0.25 440 msec 408 msec 508 msec5 150.1.2.6 576 msec 408 msec *

15.

Vendo a tabela LFIB de P1

P1#sh mpls forwarding-table


6/11

Local Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface16 Pop tag 172.1.0.1/32 516 Se1/0 point2point17 Pop tag 192.168.0.16/30 0 Se1/2 point2point18 Pop tag 172.20.0.1/32 1042 Se1/2 point2point19 Pop tag 192.168.0.24/30 0 Se1/2 point2point20 17 172.2.0.1/32 1081 Se1/2 point2point

16.

Verifique que os roteadores internos nem conhecem as redes 200.

P2#sh ip routeCodes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaN1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2ia - IS-IS inter area, * - candidate default, U - per-user static

routeo - ODR, P - periodic downloaded static route

Gateway of last resort is not set172.1.0.0/32 is subnetted, 1 subnets

O 172.1.0.1 [110/129] via 192.168.0.29, 00:08:31, Serial1/2172.2.0.0/32 is subnetted, 1 subnets



C 172.20.0.1 is directly connected, Loopback0192.168.0.0/30 is subnetted, 5 subnets

O 192.168.0.12 [110/128] via 192.168.0.29, 00:08:31, Serial1/2C 192.168.0.24 is directly connected, Serial1/1C 192.168.0.28 is directly connected, Serial1/2C 192.168.0.16 is directly connected, Serial1/0

O 192.168.0.20 [110/1064] via 192.168.0.29, 00:08:33, Serial1/2[110/1064] via 192.168.0.25, 00:08:33, Serial1/1

17.

Configurando VRFs em PE1 e PE2

ip vrf CLIENTE1rd 65000:1route-target export 65000:1route-target import 65000:1

!ip vrf CLIENTE2rd 65000:2route-target export 65000:2

route-target import 65000:2

18.

Configurando interfaces na respective VRF

Em PE1:

PE1(config-if)#ip vrf forwarding CLIENTE1% Interface Serial1/0 IP address 150.1.1.1 removed due to enabling VRFCLIENTE1


7/11

PE1(config-if)#ip add 150.1.1.1 255.255.255.252PE1(config-if)#int s 1/1PE1(config-if)#ip vrf forwarding CLIENTE2% Interface Serial1/1 IP address 150.1.1.5 removed due to enabling VRFCLIENTE2PE1(config-if)#ip add 150.1.1.5 255.255.255.252PE1(config-if)#

Em PE2PE2(config-if)#ip vrf forwarding CLIENTE1% Interface Serial1/0 IP address 150.1.2.1 removed due to enabling VRFCLIENTE1PE2(config-if)#ip add 150.1.2.1 255.255.255.252PE2(config-if)#int s 1/1PE2(config-if)#ip vrf forwarding CLIENTE2% Interface Serial1/1 IP address 150.1.2.5 removed due to enabling VRFCLIENTE2PE2(config-if)#ip add 150.1.2.5 255.255.255.252

19.

Configurando Rota esttica da VRF

Em PE1:PE1(config)#ip route vrf CLIENTE1 200.1.0.1 255.255.255.255 150.1.1.2PE1(config)#ip route vrf CLIENTE2 200.1.0.2 255.255.255.255 150.1.1.6

Em PE2:PE2(config)#ip route vrf CLIENTE1 200.2.0.1 255.255.255.255 150.1.2.2PE2(config)#ip route vrf CLIENTE1 200.2.0.2 255.255.255.255 150.1.2.6

20.Verificando Rota adicionada em PE1:

sh ip route vrf CLIENTE1

Routing Table: CLIENTE1Codes: C - connected, S - static, R - RIP, M - mobile, B - BGPD - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaN1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2ia - IS-IS inter area, * - candidate default, U - per-user static

routeo - ODR, P - periodic downloaded static route

Gateway of last resort is not set

200.1.0.0/32 is subnetted, 1 subnets

S 200.1.0.1 [1/0] via 150.1.1.2150.1.0.0/30 is subnetted, 1 subnetsC 150.1.1.0 is directly connected, Serial1/0

21.Teste de conectividade com a rede local

Em PE1:PE1#ping vrf CLIENTE1 200.1.0.1Type escape sequence to abort.


8/11

Sending 5, 100-byte ICMP Echos to 200.1.0.1, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 16/84/192 msPE1#ping vrf CLIENTE1 200.1.0.2

Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 200.1.0.2, timeout is 2 seconds:.....Success rate is 0 percent (0/5)PE1#ping vrf CLIENTE2 200.1.0.2

Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 200.1.0.2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 16/75/148 ms

22.

Configurando BGP em PE2:

PE2(config)#router bgp 65000PE2(config-router)#no synchronizationPE2(config-router)#bgp log-neighbor-changesPE2(config-router)#neighbor 172.1.0.1 remote-as 65000PE2(config-router)#*Mar 1 00:29:58.427: %BGP-5-ADJCHANGE: neighbor 172.1.0.1 UpPE2(config-router)#neighbor 172.1.0.1 update-source Loopback0PE2(config-router)#no auto-summary

23.Verificando a vizinhana do BGP:

PE2#sh ip bgp neighborsBGP neighbor is 172.1.0.1, remote AS 65000, internal link

BGP version 4, remote router ID 172.1.0.1BGP state = Established, up for 00:04:56

Last read 00:00:55, last write 00:00:56, hold time is 180, keepaliveinterval is 60 seconds

Neighbor capabilities:Route refresh: advertised and received(old & new)Address family IPv4 Unicast: advertised and received

Message statistics:InQ depth is 0OutQ depth is 0

Sent RcvdOpens: 1 1Notifications: 0 0Updates: 0 0Keepalives: 6 6

Route Refresh: 0 0Total: 7 7

24.

Configurando BGP entre VPNs:

Em PE1:

Router bgp 65000


9/11

address-family vpnv4neighbor 172.2.0.1 activateneighbor 172.2.0.1 send-community bothneighbor 172.2.0.1 next-hop-selfexit-address-family!address-family ipv4 vrf CLIENTE2redistribute connectedredistribute staticno synchronizationexit-address-family!address-family ipv4 vrf CLIENTE1redistribute connectedredistribute staticno synchronizationexit-address-family

Em PE2:

Router bgp 65000address-family vpnv4neighbor 172.1.0.1 activateneighbor 172.1.0.1 send-community bothneighbor 172.1.0.1 next-hop-selfexit-address-family!address-family ipv4 vrf CLIENTE2redistribute connectedredistribute staticno synchronizationexit-address-family!

address-family ipv4 vrf CLIENTE1redistribute connectedredistribute staticno synchronizationexit-address-family

25.

Verificando as rotas distribudas e aprendidas pelo roteador PE1:

PE1#sh ip bgp vpnv4 allBGP table version is 15, local router ID is 172.1.0.1Status codes: s suppressed, d damped, h history, * valid, > best, i -internal,

r RIB-failure, S StaleOrigin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight PathRoute Distinguisher: 65000:1 (default for vrf CLIENTE1)*> 150.1.1.0/30 0.0.0.0 0 32768 ?*>i150.1.2.0/30 172.2.0.1 0 100 0 ?*> 200.1.0.1/32 150.1.1.2 0 32768 ?*>i200.2.0.1/32 172.2.0.1 0 100 0 ?


10/11

Route Distinguisher: 65000:2 (default for vrf CLIENTE2)*> 150.1.1.4/30 0.0.0.0 0 32768 ?*>i150.1.2.4/30 172.2.0.1 0 100 0 ?*> 200.1.0.2/32 150.1.1.6 0 32768 ?

26.

Testando conectividade:

Em CE21:CE21#ping 200.1.0.1

Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 200.1.0.1, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 116/204/316 msCE21#traceroute 200.1.0.1


1 150.1.2.1 216 msec 84 msec 56 msec2 192.168.0.26 [MPLS: Labels 16/23 Exp 0] 284 msec 244 msec 240 msec3 150.1.1.1 [MPLS: Label 23 Exp 0] 248 msec 168 msec 152 msec4 150.1.1.2 332 msec 276 msec 168 msec

CE21#ping 200.1.0.2

Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 200.1.0.2, timeout is 2 seconds:UUUUUSuccess rate is 0 percent (0/5)CE21#traceroute 200.1.0.2


1 150.1.2.1 208 msec 84 msec 32 msec2 150.1.2.1 !H !H !H

Em CE22:CE22#ping 200.2.0.1

Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 200.2.0.1, timeout is 2 seconds:UUUUUSuccess rate is 0 percent (0/5)

CE22#traceroute 200.2.0.1


1 150.1.2.5 180 msec 88 msec 84 msec2 150.1.2.5 !H !H !H

CE22#ping 200.1.0.2


11/11

Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 200.1.0.2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 112/200/348 msCE22#traceroute 200.1.0.2


1 150.1.2.5 100 msec 148 msec 144 msec2 192.168.0.26 [MPLS: Labels 16/25 Exp 0] 244 msec 164 msec 216 msec3 150.1.1.5 [MPLS: Label 25 Exp 0] 212 msec 144 msec 212 msec4 150.1.1.6 148 msec 200 msec 112 msec

PRÁTICA MPLS

Documents

Transcript of PRÁTICA MPLS