a. VPN1的CE分别在两个不同的AS、采用EBGP和骨干路由器互联,AS号码为65505和65506
b. VPN2的两个CE采用不同的IGP路由协议互联、S3采用OSPF和R3连接、S2采用Rip和R2连接
c. VPN3的两个CE采用静态路由和PE连接
2.方案技术要点:
a. Inter_AS 的MPLS/VPN,R1为AS200 PE、R2为 AS100PE。CE R5、R6通过不同的AS连通。 b. Inter_AS的MPLS/VPN可以实现夸骨干网、省网之间的VPN,也就是说可以在国调、省调甚至地调实现VPN。
3. 配置命令:
version 12.0
hostname R3 ! ip vrf vpn2 rd 100:2 route-target eXPort 100:2 route-target import 100:2 clns routing no mpls traffic-eng auto-bw timers frequency 0 ! interface Loopback0 ip address 10.10.30.3 255.255.255.255 no ip directed-broadcast ip router isis isis circuit-type level-2-only ! interface GigabitEthernet1/0/0 ip address 10.10.23.3 255.255.255.0 no ip directed-broadcast ip router isis load-interval 30 negotiation auto isis circuit-type level-2-only isis metric 2 level-2 ! interface POS5/0/0 ip address 10.10.13.3 255.255.255.0 no ip directed-broadcast ip router isis encapsulation ppp tag-switching ip isis circuit-type level-2-only isis metric 5 level-2 ! router ospf 33 vrf vpn2 log-adjacency-changes network 10.10.33.0 0.0.0.255 area 0 ! router isis net 00.1111.0000.0000.1113.00 is-type level-2-only nsf cisco ! router bgp 200 no bgp default ipv4-unicast no bgp default route-target filter bgp log-neighbor-changes bgp graceful-restart restart-time 120 bgp graceful-restart stalepath-time 360 bgp graceful-restart neighbor 10.10.10.1 remote-as 200 neighbor 10.10.10.1 update-source Loopback0 neighbor 10.10.23.2 remote-as 100 no auto-summary ! address-family ipv4 multicast no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 10.10.10.1 activate neighbor 10.10.10.1 next-hop-self neighbor 10.10.10.1 send-community extended neighbor 10.10.23.2 activate neighbor 10.10.23.2 next-hop-self neighbor 10.10.23.2 send-community extended no auto-summary exit-address-family ! address-family ipv4 redistribute isis level-1-2 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf vpn2 redistribute connected redistribute static redistribute ospf 33 no auto-summary no synchronization exit-address-family
4. 确认命令:
R1#sh ip rou
100.0.0.0/24 is subnetted, 2 subnets C 100.100.100.0 is directly connected, FastEthernet10/0/0 C 100.100.200.0 is directly connected, FastEthernet10/0/1 10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks C 10.10.10.1/32 is directly connected, Loopback0 C 10.10.12.0/24 is directly connected, Serial4/1/0 C 10.10.13.0/24 is directly connected, POS4/0/0 C 10.10.13.3/32 is directly connected, POS4/0/0 C 10.10.12.2/32 is directly connected, Serial4/1/0 i L2 10.10.23.0/24 [115/7] via 10.10.13.3, POS4/0/0 i L2 10.10.30.3/32 [115/15] via 10.10.13.3, POS4/0/0
R1#sh ip router vrf vpn1
10.0.0.0/24 is subnetted, 4 subnets C 10.10.15.0 is directly connected, FastEthernet2/0/1 B 10.10.26.0 [20/0] via 10.10.12.2, 00:01:41 B 10.10.50.0 [20/0] via 10.10.15.5, 00:05:31 B 10.10.60.0 [20/0] via 10.10.12.2, 00:01:41
R5-3640#sh ip rou
10.0.0.0/24 is subnetted, 4 subnets C 10.10.15.0 is directly connected, FastEthernet0/0 B 10.10.26.0 [20/0] via 10.10.15.1, 00:05:45 C 10.10.50.0 is directly connected, Loopback0 B 10.10.60.0 [20/0] via 10.10.15.1, 00:05:45
R5-3640#ping 10.10.60.6
Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.60.6, timeout is 2 seconds: !!!!! SUCcess rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
R5-3640#trace 10.10.60.6
Type escape sequence to abort. Tracing the route to 10.10.60.6
