В данной статье описана конфигурация BGP Labeled Unicast для организации Inter-AS BGP OptC.
В качестве ASBR1 и ASBR2 будут выступать Eltex ME5100, PE1 — Cisco, PE2- Eltex ME5200. В качестве IGP протокола в AS100 выбран OSPF, а в AS200 ISIS. В качестве транспортного протокола — LDP.
1) Развернем IGP протоколы в своих AS, а так же LDP:
Настройка PE1:
ip cef ! mpls ip ! mpls ldp router-id Loopback1 force ! interface Loopback1 ip address 1.1.1.1 255.255.255.255 ! interface GigabitEthernet1.2102 <<<<<<<<<<< Линк в сторону ASBR1 encapsulation dot1Q 2102 ip address 10.0.0.14 255.255.255.252 mpls ip ! router ospf 1 router-id 1.1.1.1 network 1.1.1.1 0.0.0.0 area 0 network 10.0.0.12 0.0.0.3 area 0
Настройка ASBR1:
interface loopback 1
description "Main loopback"
ipv4 address 3.3.3.3/32
exit
interface tengigabitethernet 0/0/1.12 <<<<<<<<<<< Линк в сторону ASBR2
encapsulation outer-vid 12
ipv4 address 10.1.1.1/24
exit
interface tengigabitethernet 0/0/20.2102 <<<<<<<<<<< Линк в сторону PE1
encapsulation outer-vid 2102
ipv4 address 10.0.0.13/30
exit
mpls
forwarding
interface loopback 1
interface tengigabitethernet 0/0/1.12
interface tengigabitethernet 0/0/20.2102
exit
ldp
discovery interface tengigabitethernet 0/0/20.2102
exit
exit
router-id 3.3.3.3
transport-address 3.3.3.3
exit
router ospfv2 ospf
area 0.0.0.0
interface loopback 1
passive
exit
interface tengigabitethernet 0/0/20.2102
ldp-igp-synchronization
exit
exit
router-id 3.3.3.3
exit
Настройка ASBR2:
interface loopback 1
description "Main loopback"
ipv4 address 2.2.2.2/32
exit
interface tengigabitethernet 0/0/7 <<<<<<<<<<< Линк в сторону PE2
ipv4 address 172.16.16.14/30
exit
interface tengigabitethernet 0/0/2.12
encapsulation outer-vid 12
ipv4 address 10.1.1.2/24
exit
mpls
forwarding
interface loopback 1
interface tengigabitethernet 0/0/7
interface tengigabitethernet 0/0/2.12
exit
ldp
discovery interface tengigabitethernet 0/0/7
exit
exit
router-id 2.2.2.2
transport-address 2.2.2.2
exit
router isis 1
interface loopback 1
address-family ipv4 unicast
exit
passive
exit
interface tengigabitethernet 0/0/7
ldp-igp-synchronization
address-family ipv4 unicast
exit
exit
is-level level-2
microloop-avoidance rib-update-delay 140
net 49.0000.0000.1100.0099.00
exit
Настройка PE2:
interface tengigabitethernet 0/0/1 <<<<<<<<<<< Линк в сторону ASBR2
ipv4 address 172.16.16.13/30
exit
mpls
forwarding
interface loopback 1
interface tengigabitethernet 0/0/1
exit
ldp
discovery interface tengigabitethernet 0/0/1
exit
exit
router-id 4.4.4.4
transport-address 4.4.4.4
exit
router isis 1
interface loopback 1
address-family ipv4 unicast
exit
passive
exit
interface tengigabitethernet 0/0/1
ldp-igp-synchronization
address-family ipv4 unicast
exit
exit
host-name R4
is-level level-2
microloop-avoidance rib-update-delay 140
net 49.0000.0000.1100.0000.00
2) Далее настроим BGP LU на маршрутизаторах:
Настройка PE1:
router bgp 100 bgp router-id 1.1.1.1 bgp log-neighbor-changes neighbor 3.3.3.3 remote-as 100 neighbor 3.3.3.3 update-source Loopback1 ! address-family ipv4 network 1.1.1.1 mask 255.255.255.255 neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-label exit-address-family !
Настройка ASBR1:
router bgp 100
address-family ipv4 labeled
labeled-unicast-rib-install
redistribution local Loop1
match prefix 3.3.3.3/32 <<<<<<<<<<< Редистрибьютим свой Loopback1
exit
redistribution ospf 1
match prefix 1.1.1.1/32 <<<<<<<<<<< Редистрибьютим Loopback1 PE1
exit
exit
bgp router-id 3.3.3.3
neighbor 1.1.1.1
address-family ipv4 labeled
exit
remote-as 100
send-community-ext
update-source 3.3.3.3
exit
neighbor 10.1.1.2
address-family ipv4 labeled
exit
remote-as 200
send-community-ext
exit
Настройка ASBR2:
router bgp 200
address-family ipv4 labeled
labeled-unicast-rib-install
redistribution isis 1
match prefix 4.4.4.4/32 <<<<<<<<<<< Редистрибьютим Loopback1 PE1
exit
redistribution local Loop1
match prefix 2.2.2.2/32 <<<<<<<<<<< Редистрибьютим свой Loopback1
exit
exit
bgp router-id 2.2.2.2
neighbor 10.1.1.1
address-family ipv4 labeled
exit
remote-as 100
send-community-ext
exit
neighbor 4.4.4.4
address-family ipv4 labeled
exit
remote-as 200
send-community-ext
update-source 2.2.2.2
exit
Настройка PE2:
router bgp 200
address-family ipv4 labeled
redistribution local Loop1
match prefix 4.4.4.4/32 <<<<<<<<<<< Редистрибьютим свой Loopback1
exit
exit
bgp router-id 4.4.4.4
neighbor 2.2.2.2
address-family ipv4 labeled
exit
remote-as 200
send-community-ext
update-source 4.4.4.4
exit
После данных настроек уже будут построены lsp до всех loopback — пример вывода с PE2:
show bgp ipv4 labeled
show bgp ipv4 labeled Fri Sep 23 07:17:22 2022 BGP router identifier 4.4.4.4, local AS number 200 Graceful Restart is disabled BGP table state: active BGP scan interval: 120 secs Status codes: d damped, h history, > best, b backup, S stale, * active, u untracked, i internal Origin codes: i igp, e egp, ? incomplete Network Next hop Metric LocPrf Weight Path ------------------------ ---------------- ------- ------- ------- ----- *>i 1.1.1.1/32 2.2.2.2 0 100 0 100 ? >i 2.2.2.2/32 2.2.2.2 0 100 0 ? *>i 3.3.3.3/32 2.2.2.2 0 100 0 100 ? *>i 4.4.4.4/32 2.2.2.2 0 100 0 ? Total entries: 4
Важно!
Из-за особенностей реализации BGP labeled Unicast в RIB устанавливаются пришедшие маршруты с длиной префикса */32 для IPv4 и */128 для IPv6.
3) Поднимем BGP vpnv4 сессию между PE1 и PE2. В нашем случае, мы не имеем CE устройств, поэтому в качестве клиентов мы поднимем интерфейсы в vrf и обеспечим связность между ними.
Настройка PE1:
interface GigabitEthernet1.3570 encapsulation dot1Q 3470 ip vrf forwarding VRF ip address 5.5.5.5 255.255.255.252 ! router bgp 100 neighbor 4.4.4.4 remote-as 200 neighbor 4.4.4.4 ebgp-multihop 3 neighbor 4.4.4.4 update-source Loopback1 ! address-family vpnv4 neighbor 4.4.4.4 activate neighbor 4.4.4.4 send-community both exit-address-family ! address-family ipv4 vrf VRF redistribute connected neighbor 4.4.4.4 remote-as 200 neighbor 4.4.4.4 activate exit-address-family ! ip vrf VRF rd 200:1 route-target export 1:1 route-target import 1:1
Настройка PE2:
interface tengigabitethernet 0/0/20.3470
encapsulation outer-vid 3470
ipv4 address 5.5.5.1/30
vrf test
exit
vrf test
export route-target 1:1
import route-target 1:1
rd 100:100
exit
router bgp 200
neighbor 1.1.1.1
address-family vpnv4 unicast
exit
ebgp-multihop ttl 3
remote-as 100
send-community-ext
exit
vrf test
address-family ipv4 unicast
exit
Проверим таблицу l3forwarding в vrf на PE2:
show l3forwarding vrf test
0/ME5200:R4_Pseudo_ME5100# show l3forwarding vrf test Fri Sep 23 07:47:19 2022 Prefix Nexthop Outgoing label Interface ---------------------------------------------- ------------------------------------------- ------------------ ---------- 5.5.5.0/30 attached --/-- te0/0/20.3470 5.5.5.1/32 receive --/-- te0/0/20.3470 5.5.5.4/30 172.16.16.14 19/19 te0/0/1
Проверим связность:
Проверка связности
ping 5.5.5.5 vrf test source 5.5.5.1 Fri Sep 23 07:52:16 2022 Sending 4, 56-byte ICMP Echos to 5.5.5.5, request send interval is 0.100 seconds, response wait timeout is 2.000 seconds: !!!! Success rate is 100 percent (4/4), round-trip min/avg/max = 2.622/2.961/3.628 ms