取消
显示结果 
搜索替代 
您的意思是: 
cancel
2494
查看次数
0
有帮助
3
评论
Kagamigawa
Spotlight
Spotlight
6 转发平面配置思路
6.1 构建LSP隧道骨干运营商AS65001,65002,65003域内使用IGP扩展Segment-routing自动生成Adjacency-sid,并在环回口下指定Node-sid。

骨干运营商AS跨域的ASBR之间使用BGPlabeled-unicast分发标签。

骨干运营商PE与次级运营商的ASBR在VRF下使用BGPlabeled-unicast分发标签。

次级运营商AS内RR与ASBR之间,RR与PE之间使用BGPlabeled-unicast分发标签。

次级运营商P节点之间建立MPLS_TE隧道接口并使能mplsip,建立Target-LDP邻居,使用RSVP分发标签。

最内层标签由MP-BGPVPNv4-unicast/l2VPN-vpls分发,自动传递,不需要操作。


6.2 流量工程:邻接转发(可选)在次级运营商AS内的P节点上全局使能MPLS_TE,接口使能TE与RSVP,同时扩展IGP支持TE,等待MPLS_TE拓扑状态数据库收敛完毕,在P节点之间建立MPLS_TE隧道并且使能forwarding-adjacency,调整隧道接口的IGP metric。

转发邻接(ForwardingAdjacency)会把 TE 隧道作为虚连接(一个接口)在 IGP 路由协议的内进行通告,这样所有区域内路由器都将知道该隧道的存在,解决了自动路由模式下的弊端。当 IGP 通告转发邻接时,只是把 TE 隧道作为一个 IP 链路进行通告。使用转发邻接时,隧道首端和尾端必须在同一个区域中,而且转发邻接的隧道必须双向配置。

mpls traffic-eng tunnels
!
interface GigabitEthernet1
mpls traffic-eng tunnels
iprsvp bandwidth 1000
!
router isis 65109

mplstraffic-eng level-2

mplstraffic-eng router-id loopback0
!
interface Tunnel10
ipunnumbered Loopback0
mplsip
tunnel mode mpls traffic-eng
tunnel destination 192.168.254.29
tunnel mpls traffic-eng forwarding-adjacency
tunnel mpls traffic-eng path-option 10 dynamic
isismetric 3
!

6.3 流量工程:隧道保护(可选)MPLS-TE对与LSP隧道的保护分为两种,全局保护(path-protection)和局部保护(Fast-Reroute)。
6.3.1 路径保护

路径保护也称为端到端保护(Endto End Protection),对于重要的主 LSP 建立备份
(Backup)隧道进行保护。路径保护在起点和终点间建立多条 TE 隧道,每条隧道穿越不同的路径。作为流量保护的一个重要组成部分,在主 LSP 隧道失败后,能够将流量及时切换到备份隧道上。路径保护一般情况下,需要提前建立备份的隧道,备份隧道在正常情况下是不承载流量的,但是也需要预留带宽。

可通过建立显示路径(explicit-path)来对LSP隧道进行整体的路径保护,当RSVP协议收到差错报文时,会自动切换到保护路径上。
ip explicit-path name backup enable
index 1 exclude-address 192.168.254.22
!
interface Tunnel10
ipunnumbered Loopback0
mplsip
tunnel mode mpls traffic-eng
tunnel destination 192.168.254.29
tunnel mpls traffic-eng forwarding-adjacency
tunnel mpls traffic-eng path-option 10 dynamic
tunnel mpls traffic-eng path-option protect 10explicit name backup
isismetric 3
=========================================================================================================
P2P TUNNELS:
LSR-P4_t10
LSPHead, Tunnel10, Admin: up, Oper: up
Src192.168.254.33, Dest 192.168.254.29, Instance 1085
Fast Reroute Protection: None
Path Protection: 1 Common Link(s), 1 Common Node(s)
Primary lsp path: 192.168.254.61 192.168.254.21 192.168.254.5192.168.254.29
Protect lsp path: 192.168.254.45 192.168.254.17 192.168.254.5192.168.254.29
Path Protect Parameters:
Bandwidth: 0 kbps(Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
InLabel : -
OutLabel : GigabitEthernet3, 28
Next Hop : 192.168.254.45
RSVP Signalling Info:
Src 192.168.254.33, Dst 192.168.254.29, Tun_Id 10, Tun_Instance 1035
RSVP Path Info:
My Address: 192.168.254.46
Explicit Route: 192.168.254.45 192.168.254.17 192.168.254.5192.168.254.29
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits

6.3.2 快速重路由

链路保护指建立一条起点为PLR,终点 MP 为 NHop 的保护隧道,保护 PLR-NHop间的链路。

当检测到链路发生故障时,保证 50 ms 内把流量切换到保护链路上。同时通告隧道的起点进行主隧道的重优化。链路保护是保护从 PLR->MP(NHop)的链路,而非特定的 LSP 隧道。所以备份隧道可以保护多条 LSP 隧道。但是需要手动指定需要被保护的多条 LSP。
由于链路保护为一对多的保护模式,所以倒换可能会带来网络局部的拥塞。
ip explicit-path name backupenable
index 1 next-address 192.168.254.34
index 2 next-address 192.168.254.31
!
interface Tunnel10
ip unnumbered Loopback0
mpls ip
tunnel mode mpls traffic-eng
tunnel destination 192.168.254.29
tunnel mpls traffic-eng forwarding-adjacency
tunnel mpls traffic-eng path-option 10 dynamic
tunnel mpls traffic-eng fast-reroute
isis metric 3
!
interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 192.168.254.31
tunnel mpls traffic-eng path-option 10explicit name backup
interface GigabitEthernet1
mpls traffic-eng backup-path tunnel0
!
===============================================================================================
P2P TUNNELS:
LSR-P4_t0
LSP Head, Tunnel0, Admin: up, Oper: up
Src 192.168.254.33, Dest 192.168.254.31, Instance 1
Fast Reroute Protection: None
Path Protection: None
LSR-P4_t10
LSP Head, Tunnel10, Admin: up, Oper: up
Src 192.168.254.33, Dest 192.168.254.29, Instance 2572
Fast Reroute Protection: Requested
Outbound: FRR Ready
Backup Tu0 to LSP nhop
Tu0: out i/f: Gi2, label: 36
LSP signalling info:
Original: out i/f: Gi1, label: 38,nhop: 192.168.254.61
With FRR: out i/f: Tu0, label: 38
LSP bw: 0 kbps, Backup level: any-unlim,type: any pool
Path Protection: None
===============================================================================================
P2P Headend FRR information:
Protected tunnel In-label Out intf/label FRR intf/label Status
--------------------------- -------- -------------- -------------- ------
Tunnel10 Tun hd Gi1:38 Tu0:38 ready

6.4 验证LSP隧道使能MPLS_OAM
从次级运营商PE端traceroute对端PE环回口,检查多层标签情况
Tracing theroute to 192.168.255.25
VRF info dmvrf in name/id, vrf out name/id)
1 192.168.254.54 [MPLS: Labels 26/27 Exp 0]37 msec 39 msec 39 msec
2 192.168.254.61 [MPLS: Labels 28/24003/27Exp 0] 33 msec 34 msec 34 msec
3 192.168.254.17 [MPLS: Labels 24003/27 Exp0] 35 msec 34 msec 33 msec
4 192.168.254.9 [MPLS: Label 27 Exp 0] 34msec 42 msec 36 msec
5 27.20.0.20 [MPLS: Label 24036 Exp 0] 34msec 33 msec 33 msec
6 192.168.0.17 [MPLS: Labels 16016/24036 Exp0] 35 msec 32 msec 36 msec
7 192.168.0.5 [MPLS: Label 24036 Exp 0] 33msec 34 msec 32 msec
8 16.7.0.7 [MPLS: Label 24034 Exp 0] 32 msec33 msec 36 msec
9 10.0.0.13 [MPLS: Labels 16009/24034 Exp 0]33 msec 33 msec 34 msec
10 10.0.0.18 [MPLS: Label 24034 Exp 0] 32 msec33 msec 34 msec
11 9.11.0.11 [MPLS: Label 24040 Exp 0] 33 msec35 msec 33 msec
12 172.16.0.14 [MPLS: Label 24040 Exp 0] 35msec 36 msec 34 msec
13 14.22.0.22 [MPLS: Label 16306 Exp 0] 39msec 33 msec 32 msec
14 * * *
15 192.168.255.10 [AS 65108] 37 msec * 43 msec

6.5 标签分析我们在PE路由器上追踪对端PE路由器VRF下的接口地址,进行标签分析。
LSR-PE3#ship route vrf DMVPN bgp
RoutingTable: DMVPN
Gateway oflast resort is not set
10.0.0.0/8 is variably subnetted, 5subnets, 3 masks
B 10.145.0.0/30 [200/0] via192.168.254.28, 01:44:57
B 10.145.0.8/30 [200/0] via192.168.255.26, 00:46:20
B 10.145.0.12/30 [200/0] via192.168.255.24, 00:46:20
================================================================================
Tracingthe route to 10.145.0.13
VRF info:(vrf in name/id, vrf out name/id)
1 192.168.254.46 [MPLS: Labels 26/38/23 Exp0] 45 msec 37 msec 34 msec
2 192.168.254.61 [MPLS: Labels 28/24003/38/23Exp 0] 34 msec 33 msec 32 msec
3 192.168.254.17 [MPLS: Labels 24003/38/23Exp 0] 33 msec 34 msec 36 msec
4 192.168.254.9 [MPLS: Labels 38/23 Exp 0] 33msec 34 msec 34 msec
5 27.20.0.20 [MPLS: Labels 24035/23 Exp 0] 34msec 35 msec 33 msec
6 192.168.0.17 [MPLS: Labels 16016/24035/23Exp 0] 32 msec 32 msec 37 msec
7 192.168.0.5 [MPLS: Labels 24035/23 Exp 0]35 msec 36 msec 33 msec
8 16.7.0.7 [MPLS: Labels 24033/23 Exp 0] 34msec 33 msec 34 msec
9 10.0.0.13 [MPLS: Labels 16009/24033/23 Exp0] 33 msec 33 msec 31 msec
10 10.0.0.18 [MPLS: Labels 24033/23 Exp 0] 33msec 31 msec 33 msec
11 9.11.0.11 [MPLS: Labels 24039/23 Exp 0] 31msec 33 msec 34 msec
12 172.16.0.14 [MPLS: Labels 24039/23 Exp 0]31 msec 32 msec 31 msec
13 14.22.0.22 [MPLS: Labels 16304/23 Exp 0] 33msec 33 msec 34 msec
14 192.168.255.2 [AS 65108] [MPLS: Labels16300/23 Exp 0] 34 msec 34 msec 31 msec
15 10.145.0.13 32 msec * 37 msec

6.5.1 PE端标签分析

PE将ICMP请求包封装好发给P设备,标签栈为[MPLS:Labels 26/38/23 Exp 0]。

首先在标签栈低位压入23,此时是由MP-BGP VPNv4-unicast传递,对端PE设备分发的。
LSR-PE3#show bgp vpnv4 unicast all10.145.0.12 255.255.255.252
BGP routing table entry for192.168.254.32:0:10.145.0.12/30, version 173
Paths: (1 available, best #1,table DMVPN)
Not advertised to any peer
Refresh Epoch 1
65108, imported path from 192.168.255.24:0:10.145.0.12/30 (global)
192.168.255.24 (metric 33) (via default) from 192.168.254.34(192.168.254.34)
Origin incomplete, metric 0, localpref100, valid, internal, best
Extended Community: RT:1:1
mpls labels in/out nolabel/23
rx pathid: 0, tx pathid: 0x0

再次压入标签38此时是由MP-BGP iPv4 labeled-unicast传递,自治系统内部ASBR分发的。
LSR-PE3#show bgp ipv4 unicast192.168.255.24 255.255.255.255
BGP routing table entry for192.168.255.24/32, version 338
Paths: (1 available, best #1,table default)
Not advertised to any peer
Refresh Epoch 1
65003 65001 65002 65108
192.168.254.27 (metric 33) from 192.168.254.34 (192.168.254.34)
Origin incomplete, metric 0, localpref100, valid, internal, best
Originator: 192.168.254.27,Cluster list: 192.168.254.34
mpls labels in/out nolabel/38
rx pathid: 0, tx pathid: 0x0

再次压入标签26此时是由LDP协议传递,由下一跳设备P路由器分发,关联出接口G1。
LSR-PE3#show mpls forwarding-table192.168.254.27 255.255.255.255 detail
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
24 26 192.168.254.27/32 \
0 Gi1 192.168.254.46
MAC/Encaps=14/18, MRU=1500, LabelStack{26}
5000001300025000001F00008847 0001A000
No output feature configured

6.5.2 P节点标签分析P设备将收到收到的MPLS数据包重封装后发给下一跳P设备,标签栈为[MPLS:Labels 28/24003/38/23 Exp 0]
首先检查LFIB ,发现栈顶位标签为26,执行 Swap操作,将顶层标签交换为24003(LDP协议传递,下一跳设备分发),关联出接口隧道10。
LSR-P4#show mpls forwarding-tablelabels 26 detail
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
26 24003 192.168.254.27/32 \
72763 Tu10 point2point
MAC/Encaps=14/22, MRU=1496, LabelStack{28 24003}, via Gi1
5000001E000150000013000088470001C00005DC3000
No output feature configured
由于关联的接口为MPLS_TE的隧道接口,所以会再压入标签28到栈顶位,此时标签由RSVP传递,隧道目的地址设备分发。
LSR-P4#show mpls traffic-engtunnels tunnel 10
Name: LSR-P4_t10 (Tunnel10) Destination: 192.168.254.29
Status:
Admin: up Oper: up Path: valid Signalling: connected
path option 10, type dynamic (Basis for Setup, path weight 20)
Config Parameters:
Bandwidth: 0 kbps(Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
Path-selection Tiebreaker:
Global: not set Tunnel Specific: not set Effective: min-fill (default)
Hop Limit: disabled
Cost Limit: disabled
Path-invalidation timeout: 10000 msec (default), Action: Tear
AutoRoute: disabled LockDown: disabled Loadshare: 0 [0] bw-based
Forwarding adjacency: holdtime 0 ms
auto-bw: disabled
Fault-OAM: disabled, Wrap-Protection: disabled, Wrap-Capable: No
Active Path Option Parameters:
State: dynamic path option 10 is active
BandwidthOverride: disabled LockDown: disabled Verbatim:disabled
Node Hop Count: 2
InLabel : -
OutLabel : GigabitEthernet1, 28
Next Hop : 192.168.254.61
RSVP Signalling Info:
Src 192.168.254.33, Dst 192.168.254.29,Tun_Id 10, Tun_Instance 7
RSVP Path Info:
My Address: 192.168.254.62
Explicit Route: 192.168.254.61192.168.254.17 192.168.254.29
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000bytes, peak rate=0 kbits
Shortest Unconstrained Path Info:
Path Weight: 20 (TE)
Explicit Route: 192.168.254.61 192.168.254.17 192.168.254.29
History:
Tunnel:
Time since created: 2 hours, 1 minutes
Time since path change: 1 hours, 55minutes
Number of LSP IDs (Tun_Instances) used: 7
Current LSP: [ID: 7]
Uptime: 1 hours, 55 minutes

相关分享

MPLS-CSC简单实验(一)
评论
moonieni
Level 1
Level 1
谢谢上传分享!
zhaowl168
Level 1
Level 1
学习了,很好的分享,赞
18653465190
Spotlight
Spotlight
厉害了我的楼主,谢谢分享
入门指南

使用上面的搜索栏输入关键字、短语或问题,搜索问题的答案。

我们希望您在这里的旅程尽可能顺利,因此这里有一些链接可以帮助您快速熟悉思科社区:









快捷链接