Воспользуемся следующей схемой:
Базовая конфигурация маршрутизатора :
interface tengigabitethernet 0/0/19.2203 description R1 encapsulation outer-vid 2203 ipv4 address 20.0.1.1/24 vrf vrf_one exit interface tengigabitethernet 0/0/20.2204 description R2 encapsulation outer-vid 2204 ipv4 address 20.0.0.1/24 vrf vrf_two exit vrf vrf_one rd 2.2.2.2:1 export route-target 2.2.2.2:1 <-----Указывает с каким значением route-target community маршруты из данного vrf будут экспортироваться в vpnv4 import route-target 2.2.2.2:1 <-----Указывает route-target community маршрутов, которые будут импортированы из vpnv4 exit vrf vrf_two rd 2.2.2.2:2 export route-target 2.2.2.2:2 import route-target 2.2.2.2:2 exit router bgp 65000 bgp router-id 2.2.2.2 vrf vrf_one neighbor 20.0.1.2 address-family ipv4 unicast next-hop-self exit remote-as 65020 send-community exit exit vrf vrf_two neighbor 20.0.0.2 address-family ipv4 unicast next-hop-self exit remote-as 65010 send-community exit exit exit
Маршрутизаторы R1 и R3 находятся в разных VRF , с ними установлены ebgp соседства.
Посмотреть изученные маршруты можно с помощью команды "show route vrf all":
Вывод:
0/ME5100:R2# show route vrf all Mon Sep 5 10:53:26 2023 VRF: vrf_one Codes: C - connected, S - static, O - OSPF, B - BGP, L - local IA - OSPF inter area, EA - OSPF intra area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, LE1 - IS-IS level1 external, LE2 - IS-IS level2 external BI - BGP internal, BE - BGP external, BV - BGP vpn, BL - BGP labeled, R - RIP C 20.0.1.0/24 is directly connected, 00h16m08s, te0/0/19.2203 L 20.0.1.1/32 is directly connected, 00h16m08s, te0/0/19.2203 B BE 192.168.88.1/32 via 20.0.1.2 [20/0], 00h15m48s, te0/0/19.2203 B BE 192.168.88.2/32 via 20.0.1.2 [20/0], 00h15m48s, te0/0/19.2203 B BE 192.168.88.3/32 via 20.0.1.2 [20/0], 00h15m48s, te0/0/19.2203 B BE 192.168.88.4/32 via 20.0.1.2 [20/0], 00h15m48s, te0/0/19.2203 B BE 192.168.88.5/32 via 20.0.1.2 [20/0], 00h15m48s, te0/0/19.2203 B BE 192.168.88.6/32 via 20.0.1.2 [20/0], 00h15m48s, te0/0/19.2203 B BE 192.168.88.7/32 via 20.0.1.2 [20/0], 00h15m48s, te0/0/19.2203 B BE 192.168.88.8/32 via 20.0.1.2 [20/0], 00h15m48s, te0/0/19.2203 B BE 192.168.88.9/32 via 20.0.1.2 [20/0], 00h15m48s, te0/0/19.2203 B BE 192.168.88.10/32 via 20.0.1.2 [20/0], 00h15m48s, te0/0/19.2203 Total entries: 12 VRF: vrf_two Codes: C - connected, S - static, O - OSPF, B - BGP, L - local IA - OSPF inter area, EA - OSPF intra area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, LE1 - IS-IS level1 external, LE2 - IS-IS level2 external BI - BGP internal, BE - BGP external, BV - BGP vpn, BL - BGP labeled, R - RIP C 20.0.0.0/24 is directly connected, 00h16m08s, te0/0/20.2204 L 20.0.0.1/32 is directly connected, 00h16m08s, te0/0/20.2204 B BE 172.20.20.1/32 via 20.0.0.2 [20/0], 00h15m48s, te0/0/20.2204 B BE 172.20.20.2/32 via 20.0.0.2 [20/0], 00h15m48s, te0/0/20.2204 B BE 172.20.20.3/32 via 20.0.0.2 [20/0], 00h15m48s, te0/0/20.2204 B BE 172.20.20.4/32 via 20.0.0.2 [20/0], 00h15m48s, te0/0/20.2204 B BE 172.20.20.5/32 via 20.0.0.2 [20/0], 00h15m48s, te0/0/20.2204 B BE 172.20.20.6/32 via 20.0.0.2 [20/0], 00h15m48s, te0/0/20.2204 B BE 172.20.20.7/32 via 20.0.0.2 [20/0], 00h15m48s, te0/0/20.2204 B BE 172.20.20.8/32 via 20.0.0.2 [20/0], 00h15m48s, te0/0/20.2204 B BE 172.20.20.9/32 via 20.0.0.2 [20/0], 00h15m48s, te0/0/20.2204 B BE 172.20.20.10/32 via 20.0.0.2 [20/0], 00h15m48s, te0/0/20.2204 Total entries: 12
Для работы Route-Leaking необходимо, чтобы процесс BGP был запущен и в GRT, для этого добавим в конфигурацию BGP neighbor, устанавливать соединение с ним при этом не обязательно:
router bgp 65000 neighbor 0.0.0.1 passive remote-as 1 exit
В конфигурацию VRF необходимо добавить команды import:
vrf vrf_one export route-target 2.2.2.2:1 import route-target 2.2.2.2:1 import route-target 2.2.2.2:2 <-----Указываем route-target маршрутов из vrf_two rd 2.2.2.2:1 exit vrf vrf_two export route-target 2.2.2.2:2 import route-target 2.2.2.2:2 import route-target 2.2.2.2:1 <-----Указываем route-target маршрутов из vrf_one rd 2.2.2.2:2 exit
Проверить vpnv4 маршруты можно с помощью команды "show bgp vpnv4 all" :
0/ME5100:R2# show bgp vpnv4 all Tue Sep 5 11:45:14 2023 BGP router identifier 2.2.2.2, local AS number 65000 Graceful Restart is disabled BGP table state: active BGP scan interval: 120 secs Status codes: d damped, h history, > best, b backup, S stale, * active, u untracked, i internal Origin codes: i igp, e egp, ? incomplete Route Distinguisher IP Prefix Next hop Metric Label LocPrf Weight Path -------------------------- --------------------- ---------------- ------- ----------- ------- ------- ----- u> 2.2.2.2:1 20.0.1.0/24 0 17 100 32768 ? u> 2.2.2.2:1 192.168.88.1/32 0 17 100 32768 65020 i u> 2.2.2.2:1 192.168.88.2/32 0 17 100 32768 65020 i u> 2.2.2.2:1 192.168.88.3/32 0 17 100 32768 65020 i u> 2.2.2.2:1 192.168.88.4/32 0 17 100 32768 65020 i u> 2.2.2.2:1 192.168.88.5/32 0 17 100 32768 65020 i u> 2.2.2.2:1 192.168.88.6/32 0 17 100 32768 65020 i u> 2.2.2.2:1 192.168.88.7/32 0 17 100 32768 65020 i u> 2.2.2.2:1 192.168.88.8/32 0 17 100 32768 65020 i u> 2.2.2.2:1 192.168.88.9/32 0 17 100 32768 65020 i u> 2.2.2.2:1 192.168.88.10/32 0 17 100 32768 65020 i u> 2.2.2.2:2 20.0.0.0/24 0 16 100 32768 ? u> 2.2.2.2:2 172.20.20.1/32 0 16 100 32768 65010 i u> 2.2.2.2:2 172.20.20.2/32 0 16 100 32768 65010 i u> 2.2.2.2:2 172.20.20.3/32 0 16 100 32768 65010 i u> 2.2.2.2:2 172.20.20.4/32 0 16 100 32768 65010 i u> 2.2.2.2:2 172.20.20.5/32 0 16 100 32768 65010 i u> 2.2.2.2:2 172.20.20.6/32 0 16 100 32768 65010 i u> 2.2.2.2:2 172.20.20.7/32 0 16 100 32768 65010 i u> 2.2.2.2:2 172.20.20.8/32 0 16 100 32768 65010 i u> 2.2.2.2:2 172.20.20.9/32 0 16 100 32768 65010 i u> 2.2.2.2:2 172.20.20.10/32 0 16 100 32768 65010 i
Проверяем установленные маршруты с помощью "show route vrf [vrf name]":
show route vrf vrf_one
0/ME5100:R2# show route vrf vrf_one Tue Sep 5 15:06:16 2023 Codes: C - connected, S - static, O - OSPF, B - BGP, L - local IA - OSPF inter area, EA - OSPF intra area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, LE1 - IS-IS level1 external, LE2 - IS-IS level2 external BI - BGP internal, BE - BGP external, BV - BGP vpn, BL - BGP labeled, R - RIP B BI 20.0.0.0/24 via 20.0.0.1 is directly connected, 03h26m37s, te0/0/20.2204 \\\ C 20.0.1.0/24 is directly connected, 03h51m11s, te0/0/19.2203 L 20.0.1.1/32 is directly connected, 03h51m11s, te0/0/19.2203 B BI 172.20.20.1/32 via 20.0.0.2 [200/0], 03h26m37s, te0/0/20.2204 \\\ B BI 172.20.20.2/32 via 20.0.0.2 [200/0], 03h26m37s, te0/0/20.2204 \\\ B BI 172.20.20.3/32 via 20.0.0.2 [200/0], 03h26m37s, te0/0/20.2204 \\\ B BI 172.20.20.4/32 via 20.0.0.2 [200/0], 03h26m37s, te0/0/20.2204 \\\ B BI 172.20.20.5/32 via 20.0.0.2 [200/0], 03h26m37s, te0/0/20.2204 \\\ <---- Маршруты перешедшие из одного vrf в другой считаются Internal BGP (BI). B BI 172.20.20.6/32 via 20.0.0.2 [200/0], 03h26m37s, te0/0/20.2204 \\\ B BI 172.20.20.7/32 via 20.0.0.2 [200/0], 03h26m37s, te0/0/20.2204 \\\ B BI 172.20.20.8/32 via 20.0.0.2 [200/0], 03h26m37s, te0/0/20.2204 \\\ B BI 172.20.20.9/32 via 20.0.0.2 [200/0], 03h26m37s, te0/0/20.2204 \\\ B BI 172.20.20.10/32 via 20.0.0.2 [200/0], 03h26m37s, te0/0/20.2204 \\\ B BE 192.168.88.1/32 via 20.0.1.2 [20/0], 03h50m51s, te0/0/19.2203 B BE 192.168.88.2/32 via 20.0.1.2 [20/0], 03h50m51s, te0/0/19.2203 B BE 192.168.88.3/32 via 20.0.1.2 [20/0], 03h50m51s, te0/0/19.2203 B BE 192.168.88.4/32 via 20.0.1.2 [20/0], 03h50m51s, te0/0/19.2203 B BE 192.168.88.5/32 via 20.0.1.2 [20/0], 03h50m51s, te0/0/19.2203 B BE 192.168.88.6/32 via 20.0.1.2 [20/0], 03h50m51s, te0/0/19.2203 B BE 192.168.88.7/32 via 20.0.1.2 [20/0], 03h50m51s, te0/0/19.2203 B BE 192.168.88.8/32 via 20.0.1.2 [20/0], 03h50m51s, te0/0/19.2203 B BE 192.168.88.9/32 via 20.0.1.2 [20/0], 03h50m51s, te0/0/19.2203 B BE 192.168.88.10/32 via 20.0.1.2 [20/0], 03h50m51s, te0/0/19.2203 Total entries: 23
show route vrf vrf_two
0/ME5100:R2# show route vrf vrf_two Tue Sep 5 15:06:19 2023 Codes: C - connected, S - static, O - OSPF, B - BGP, L - local IA - OSPF inter area, EA - OSPF intra area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, LE1 - IS-IS level1 external, LE2 - IS-IS level2 external BI - BGP internal, BE - BGP external, BV - BGP vpn, BL - BGP labeled, R - RIP C 20.0.0.0/24 is directly connected, 03h51m14s, te0/0/20.2204 L 20.0.0.1/32 is directly connected, 03h51m14s, te0/0/20.2204 B BI 20.0.1.0/24 via 20.0.1.1 is directly connected, 03h26m40s, te0/0/19.2203 \\\ B BE 172.20.20.1/32 via 20.0.0.2 [20/0], 03h50m54s, te0/0/20.2204 B BE 172.20.20.2/32 via 20.0.0.2 [20/0], 03h50m54s, te0/0/20.2204 B BE 172.20.20.3/32 via 20.0.0.2 [20/0], 03h50m54s, te0/0/20.2204 B BE 172.20.20.4/32 via 20.0.0.2 [20/0], 03h50m54s, te0/0/20.2204 B BE 172.20.20.5/32 via 20.0.0.2 [20/0], 03h50m54s, te0/0/20.2204 B BE 172.20.20.6/32 via 20.0.0.2 [20/0], 03h50m54s, te0/0/20.2204 B BE 172.20.20.7/32 via 20.0.0.2 [20/0], 03h50m54s, te0/0/20.2204 B BE 172.20.20.8/32 via 20.0.0.2 [20/0], 03h50m54s, te0/0/20.2204 B BE 172.20.20.9/32 via 20.0.0.2 [20/0], 03h50m54s, te0/0/20.2204 B BE 172.20.20.10/32 via 20.0.0.2 [20/0], 03h50m54s, te0/0/20.2204 B BI 192.168.88.1/32 via 20.0.1.2 [200/0], 03h26m40s, te0/0/19.2203 \\\ B BI 192.168.88.2/32 via 20.0.1.2 [200/0], 03h26m40s, te0/0/19.2203 \\\ B BI 192.168.88.3/32 via 20.0.1.2 [200/0], 03h26m40s, te0/0/19.2203 \\\ B BI 192.168.88.4/32 via 20.0.1.2 [200/0], 03h26m40s, te0/0/19.2203 \\\ B BI 192.168.88.5/32 via 20.0.1.2 [200/0], 03h26m40s, te0/0/19.2203 \\\ <---- Маршруты перешедшие из одного vrf в другой считаются Internal BGP (BI). B BI 192.168.88.6/32 via 20.0.1.2 [200/0], 03h26m40s, te0/0/19.2203 \\\ B BI 192.168.88.7/32 via 20.0.1.2 [200/0], 03h26m40s, te0/0/19.2203 \\\ B BI 192.168.88.8/32 via 20.0.1.2 [200/0], 03h26m40s, te0/0/19.2203 \\\ B BI 192.168.88.9/32 via 20.0.1.2 [200/0], 03h26m40s, te0/0/19.2203 \\\ B BI 192.168.88.10/32 via 20.0.1.2 [200/0], 03h26m40s, te0/0/19.2203 \\\ Total entries: 23