产品
产品中心
< 返回主菜单
产品

交换机

交换机所有产品
< 返回产品
交换机
查看交换机首页 >

无线

无线所有产品
< 返回产品
无线
查看无线首页 >

云桌面

云桌面产品方案中心
< 返回产品
云桌面
查看云桌面首页 >

安全

安全所有产品
< 返回产品
安全
查看安全首页 >
产品中心首页 >
行业
行业中心
< 返回主菜单
行业
行业中心首页 >

【RSR】RSR如何配置MPLS OSPF VPN

发布时间:2013-09-12
点击量:4303

功能介绍:

OSPF VPN的配置非常简单,通过一条命令调整domain-id即可;本章节的重点是通过案例中的show一些设备信息来让大家更直观的了解OSPF VPN的工作效果。通过效果的演示,辅助工程师理解在实际MPLS-VPN网络中OSPF路由的存在形式,以用于指导路由设计。

配置

Router ospf 1 vrf ruijie

 Domain-id 1.1.1.1

原理总结:

在DOMAIN-ID一致情况下,PE将MBGP路由重发布给OSPF时,还原成了3类LSA,并且该3类LSA 的DN位置位,确保了CE双归属情况下不会产生次优路径或路由环路。

不论domain-id是否一致,只要从MBGP重发布到ospf,lsa的DN总是置位。

DN是否置位与DOMAIN-ID无关,而domain-id只是用来判断还原成3类还是5/7类LSA。

修改R1/R2的domain-tag一致或不一致,效果相同。

由于DN位应用到所有3/5/7类LSA中,DOMAIN-TAG的作用已经逐步被取代。按照我司现在的实现方式,只要满足DN置位或domain-tag一致其中一个条件,该LSA将不参与OSPF计算。

通过下面的信息验证,在DOMAIN-ID不一致情况下,PE将MBGP路由重发布给OSPF时,还原成了5类LSA,并且该5类LSA 的DN位置位,确保了CE双归属情况下不会产生次优路径或路由环路。

一、组网需求

拓扑模拟MPLS-VPN CE双归属环境,CE与PE间运行OSPF协议。R1/R2/R3为PE,R4/R5为CE。

二、组网拓扑

     

        

三、配置要点

1、设备基础配置

2、Domain-id一致情况下的OSPF-VPN

3、Domain-id不一致情况下的OSPF-VPN

 

四、配置步骤

1、基础配置:

这里的基础配置包括了完整的域内L3VPN的配置。通过以下配置,可以建立私网路由间vpn联通。

R1配置

hostname R1

mpls ip

!

ip vrf ruijie

 rd 1:1

 route-target both 1:1

!

interface GigabitEthernet 0/0

 ip vrf forwarding ruijie

 ip ref

 ip address 10.10.15.1 255.255.255.0

 duplex auto

 speed auto

!

interface GigabitEthernet 0/1

 ip ref

 ip address 1.1.13.1 255.255.255.0

 label-switching

 mpls ip

 duplex auto

 speed auto

!

!

interface Loopback 0

 ip ref

 ip address 1.1.1.1 255.255.255.255

!

router bgp 1

 bgp log-neighbor-changes

 neighbor 3.3.3.3 remote-as 1

 neighbor 3.3.3.3 update-source Loopback 0

 !

 address-family ipv4

 redistribute ospf 1 match internal

 neighbor 3.3.3.3 activate

 exit-address-family

 !

 address-family vpnv4 unicast

 neighbor 3.3.3.3 activate

 neighbor 3.3.3.3 send-community extended

 exit-address-family

 !

 address-family ipv4 vrf ruijie

 maximum-prefix 10000

 network 10.10.12.0 mask 255.255.255.0

 redistribute ospf 1 match internal external nssa-external

 exit-address-family

!

!

router ospf 1 vrf ruijie

 redistribute bgp subnets

 network 10.10.0.0 0.0.255.255 area 0

!

router ospf 100

 network 1.1.1.1 0.0.0.0 area 0

 network 1.1.0.0 0.0.255.255 area 0

!        

!

mpls router ldp

 ldp router-id 1.1.1.1

!

R2配置

hostname R2

!

mpls ip

!

ip vrf ruijie

 rd 1:2

 route-target both 1:1

!

interface GigabitEthernet 0/0

 ip vrf forwarding ruijie

 ip ref

 ip address 10.10.25.2 255.255.255.0

 duplex auto

 speed auto

!

interface GigabitEthernet 0/1

 ip ref

 ip address 1.1.23.2 255.255.255.0

 label-switching

 mpls ip

 duplex auto

 speed auto

!

interface Loopback 0

 ip ref

 ip address 2.2.2.2 255.255.255.255

!

interface Loopback 1

 ip vrf forwarding ruijie

 ip ref

 ip address 22.22.22.22 255.255.255.255

!

router bgp 1

 bgp log-neighbor-changes

 neighbor 3.3.3.3 remote-as 1

 neighbor 3.3.3.3 update-source Loopback 0

 !

 address-family ipv4

 neighbor 3.3.3.3 activate

 exit-address-family

 !

 address-family vpnv4 unicast

 neighbor 3.3.3.3 activate

 neighbor 3.3.3.3 send-community extended

 exit-address-family

 !

 address-family ipv4 vrf ruijie

 maximum-prefix 10000

 network 10.10.12.0 mask 255.255.255.0

 network 22.22.22.22 mask 255.255.255.255

 redistribute ospf 1 match internal external nssa-external

 exit-address-family

!

router ospf 1 vrf ruijie

 redistribute bgp subnets

 network 10.10.0.0 0.0.255.255 area 0

 area 0 sham-link 22.22.22.22 33.33.33.33

!

router ospf 100

 network 1.1.0.0 0.0.255.255 area 0

 network 2.2.2.2 0.0.0.0 area 0

!

mpls router ldp

 ldp router-id 2.2.2.2

R3配置

hostname R3

!

mpls ip

!

ip vrf ruijie

 rd 1:3

 route-target both 1:1

!

interface GigabitEthernet 0/0

 ip ref

 ip address 1.1.13.3 255.255.255.0

 label-switching

 mpls ip 

 duplex auto

 speed auto

!

interface GigabitEthernet 0/1

 ip ref

 ip address 1.1.23.3 255.255.255.0

 label-switching

 mpls ip

 duplex auto

 speed auto

!

interface GigabitEthernet 0/2

 ip vrf forwarding ruijie

 ip ref

 ip address 20.20.34.3 255.255.255.0

 duplex auto

 speed auto

!

interface Loopback 0

 ip ref

 ip address 3.3.3.3 255.255.255.255

!

interface Loopback 1

 ip vrf forwarding ruijie

 ip ref

 ip address 33.33.33.33 255.255.255.255

!

router bgp 1

 bgp log-neighbor-changes

 neighbor 1.1.1.1 remote-as 1

 neighbor 1.1.1.1 update-source Loopback 0

 neighbor 2.2.2.2 remote-as 1

 neighbor 2.2.2.2 update-source Loopback 0

 !       

 address-family ipv4

 neighbor 1.1.1.1 activate

 neighbor 2.2.2.2 activate

 exit-address-family

 !

 address-family vpnv4 unicast

 neighbor 1.1.1.1 activate

 neighbor 1.1.1.1 send-community extended

 neighbor 2.2.2.2 activate

 neighbor 2.2.2.2 send-community extended

 exit-address-family

 !

 address-family ipv4 vrf ruijie

 maximum-prefix 10000

 network 20.20.34.0 mask 255.255.255.0

 network 33.33.33.33 mask 255.255.255.255

 redistribute ospf 1 match internal external nssa-external

 exit-address-family

!

router ospf 1 vrf ruijie

 redistribute bgp subnets

 network 20.20.0.0 0.0.255.255 area 0

 area 0 sham-link 33.33.33.33 22.22.22.22

!

router ospf 100

 network 1.1.0.0 0.0.255.255 area 0

 network 3.3.3.3 0.0.0.0 area 0

!

mpls router ldp

 ldp router-id 3.3.3.3

R4配置:

hostname R4

!

interface FastEthernet 0/0

 ip address 20.20.34.4 255.255.255.0

 duplex auto

 speed auto

!

interface Loopback 0

 ip address 4.4.4.4 255.255.255.255

!

router ospf 1

 network 0.0.0.0 255.255.255.255 area 0

!

R5配置:

hostname R5

!

interface FastEthernet 0/0

 ip address 10.10.15.5 255.255.255.0

 duplex auto

 speed auto

!

interface FastEthernet 0/1

 ip address 10.10.25.5 255.255.255.0

 duplex auto

 speed auto

interface Loopback 0

 ip address 5.5.5.5 255.255.255.255

!

router ospf 1

 network 0.0.0.0 255.255.255.255 area 0

2、Domain-id一致情况下的OSPF-VPN:

将设备升级到10.4(3)以上软件版本,该版本以后支持OSPF-VPN功能。在默认情况下,DOMAIN-ID为空。

通过show ip bgp vrf ruijie 5.5.5.5来查看MBGP的OSPF扩展属性:

R3#sho ip bgp vrf ruijie 5.5.5.5

BGP routing table entry for 5.5.5.5/32

Paths: (2 available, best #1, table Default-IP-Routing-Table)

  Not advertised to any peer

  Local

    1.1.1.1 from 1.1.1.1 (1.1.1.1)

      Origin incomplete, metric 101, localpref 100, valid, internal, best

      Extended Community: RT:1:1 OSPF ROUTER ID:10.10.15.1:0 OSPF RT:0.0.0.0:1:0

      mpls labels in/out nolabel/1024

      Last update: Fri Mar 18 15:28:14 2011

 

  Local

    2.2.2.2 from 2.2.2.2 (2.2.2.2)

      Origin incomplete, metric 101, localpref 100, valid, internal

      Extended Community: RT:1:1 OSPF ROUTER ID:22.22.22.22:0 OSPF RT:0.0.0.0:1:0

      mpls labels in/out nolabel/1024

      Last update: Fri Mar 18 15:36:11 2011

R1/R2/R3添加配置:

Router ospf 1 vrf ruijie

Domain-id 1.1.1.1

通过show ip bgp vrf ruijie 5.5.5.5来查看MBGPOSPF扩展属性,可以看到,扩展属性中携带了DOMAIN

R3#sho ip bgp vrf ruijie 5.5.5.5

BGP routing table entry for 5.5.5.5/32

Paths: (2 available, best #1, table Default-IP-Routing-Table)

  Not advertised to any peer

  Local

    1.1.1.1 from 1.1.1.1 (1.1.1.1)

      Origin incomplete, metric 101, localpref 100, valid, internal, best

      Extended Community: RT:1:1 OSPF DOMAIN ID:0X0005:0X010101010200 OSPF ROUTER ID:10.10.15.1:0 OSPF RT:0.0.0.0:1:0

      mpls labels in/out nolabel/1024

      Last update: Fri Mar 18 16:17:54 2011

 

  Local

    2.2.2.2 from 2.2.2.2 (2.2.2.2)

      Origin incomplete, metric 101, localpref 100, valid, internal

      Extended Community: RT:1:1 OSPF DOMAIN ID:0X0005:0X010101010200 OSPF ROUTER ID:22.22.22.22:0 OSPF RT:0.0.0.0:1:0

      mpls labels in/out nolabel/1024

      Last update: Fri Mar 18 16:18:04 2011

通过show ip route vrf ruijie查看R1/R2的路由表,确认4.4.4.4的路由为B而不是O E2(如果没有OSPF-VPN功能,那么在CE双归属环境下,肯定有一台PE学习到的私网路由是从OSPF学习到的,这里也是典型的双向重发布产生的次优路径问题)

R1#sho ip route vrf ruijie

Routing Table: ruijie

 

Codes:  C - connected, S - static, R - RIP, B - BGP

        O - OSPF, IA - OSPF inter area

        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

        E1 - OSPF external type 1, E2 - OSPF external type 2

        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

        ia - IS-IS inter area, * - candidate default

 

Gateway of last resort is no set

B    4.4.4.4/32 [200/1] via 3.3.3.3, 01:49:02

O    5.5.5.5/32 [110/101] via 10.10.15.5, 01:24:29, GigabitEthernet 0/0

C    10.10.15.0/24 is directly connected, GigabitEthernet 0/0

C    10.10.15.1/32 is local host.

O    10.10.25.0/24 [110/2] via 10.10.15.5, 01:24:29, GigabitEthernet 0/0

B    20.20.34.0/24 [200/0] via 3.3.3.3, 01:49:02

 

R2# sho ip route vrf ruijie

Routing Table: ruijie

 

Codes:  C - connected, S - static, R - RIP, B - BGP

        O - OSPF, IA - OSPF inter area

        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

        E1 - OSPF external type 1, E2 - OSPF external type 2

        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

        ia - IS-IS inter area, * - candidate default

 

Gateway of last resort is no set

B    4.4.4.4/32 [200/1] via 3.3.3.3, 02:05:14

O    5.5.5.5/32 [110/101] via 10.10.25.5, 01:27:37, GigabitEthernet 0/0

O    10.10.15.0/24 [110/2] via 10.10.25.5, 02:29:57, GigabitEthernet 0/0

C    10.10.25.0/24 is directly connected, GigabitEthernet 0/0

C    10.10.25.2/32 is local host.

B    20.20.34.0/24 [200/0] via 3.3.3.3, 02:05:14

C    22.22.22.22/32 is local host.

通过show ip route 查看R4/R5路由表,确认学习到的私网路由为O IA(如果没有OSPF-VPN功能,那么BGP重发布到OSPF后,OSPF路由应该是 OE2

R4#sho ip route

 

Codes:  C - connected, S - static, R - RIP, B - BGP

        O - OSPF, IA - OSPF inter area

        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

        E1 - OSPF external type 1, E2 - OSPF external type 2

        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

        ia - IS-IS inter area, * - candidate default

 

Gateway of last resort is no set

C    4.4.4.4/32 is local host.

O IA 5.5.5.5/32 [110/102] via 20.20.34.3, 00:39:15, FastEthernet 0/0

O IA 10.10.15.0/24 [110/2] via 20.20.34.3, 00:39:15, FastEthernet 0/0

O IA 10.10.25.0/24 [110/2] via 20.20.34.3, 00:39:15, FastEthernet 0/0

C    20.20.34.0/24 is directly connected, FastEthernet 0/0

C    20.20.34.4/32 is local host.

 

R5#sho ip route

 

Codes:  C - connected, S - static, R - RIP, B - BGP

        O - OSPF, IA - OSPF inter area

        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

        E1 - OSPF external type 1, E2 - OSPF external type 2

        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

        ia - IS-IS inter area, * - candidate default

 

Gateway of last resort is no set

O IA 4.4.4.4/32 [110/2] via 10.10.15.1, 00:39:14, FastEthernet 0/0

                [110/2] via 10.10.25.2, 00:39:14, FastEthernet 0/1

C    5.5.5.5/32 is local host.

C    10.10.15.0/24 is directly connected, FastEthernet 0/0

C    10.10.15.5/32 is local host.

C    10.10.25.0/24 is directly connected, FastEthernet 0/1

C    10.10.25.5/32 is local host.

O E2 20.20.34.0/24 [110/1] via 10.10.15.1, 01:21:20, FastEthernet 0/0

                   [110/1] via 10.10.25.2, 01:21:20, FastEthernet 0/1

通过show ip ospf da su查看R1/R2OSPF数据库,确认收到彼此通告的针对私网4.4.4.43LSA,且DN置位

R1#sho ip os database summary

 

            OSPF Router with ID (10.10.15.1) (Process ID 1)

 

                Summary Link States (Area 0.0.0.0)

 

  LS age: 1309

  Options: 0x82 (DN|-|-|-|-|-|E|-)

  LS Type: summary-LSA

  Link State ID: 4.4.4.4 (summary Network Number)

  Advertising Router: 10.10.15.1

  LS Seq Number: 80000003

  Checksum: 0x178e

  Length: 28

  Network Mask: /32

        TOS: 0  Metric: 1

 

  LS age: 130

  Options: 0x82 (DN|-|-|-|-|-|E|-)

  LS Type: summary-LSA

  Link State ID: 4.4.4.4 (summary Network Number)

  Advertising Router: 22.22.22.22

  LS Seq Number: 80000003

  Checksum: 0x9ad6

  Length: 28

  Network Mask: /32

        TOS: 0  Metric: 1

 

R2#sho ip os da summary

 

            OSPF Router with ID (22.22.22.22) (Process ID 1)

 

                Summary Link States (Area 0.0.0.0)

 

  LS age: 88

  Options: 0x82 (DN|-|-|-|-|-|E|-)

  LS Type: summary-LSA

  Link State ID: 4.4.4.4 (summary Network Number)

  Advertising Router: 10.10.15.1

  LS Seq Number: 80000004

  Checksum: 0x158f

  Length: 28

  Network Mask: /32

        TOS: 0  Metric: 1

 

  LS age: 585

  Options: 0x82 (DN|-|-|-|-|-|E|-)

  LS Type: summary-LSA

  Link State ID: 4.4.4.4 (summary Network Number)

  Advertising Router: 22.22.22.22

  LS Seq Number: 80000003

  Checksum: 0x9ad6

  Length: 28

  Network Mask: /32

        TOS: 0  Metric: 1

 

通过以上信息验证,在DOMAIN-ID一致情况下,PEMBGP路由重发布给OSPF时,还原成了3LSA,并且该3LSA DN位置位,确保了CE双归属情况下不会产生次优路径或路由环路。

3Domain-id不一致情况下的OSPF-VPN

修改R3domain-id2.2.2.2使其与R1/R2domain-id不一致。

通过show ip route vrf ruijie查看R1/R2的路由表确认4.4.4.4的路由为B而不是O E2

R1#sho ip route vrf ruijie

Routing Table: ruijie

 

Codes:  C - connected, S - static, R - RIP, B - BGP

        O - OSPF, IA - OSPF inter area

        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

        E1 - OSPF external type 1, E2 - OSPF external type 2

        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

        ia - IS-IS inter area, * - candidate default

 

Gateway of last resort is no set

B    4.4.4.4/32 [200/1] via 3.3.3.3, 00:33:41

O    5.5.5.5/32 [110/101] via 10.10.15.5, 03:24:53, GigabitEthernet 0/0

C    10.10.15.0/24 is directly connected, GigabitEthernet 0/0

C    10.10.15.1/32 is local host.

O    10.10.25.0/24 [110/2] via 10.10.15.5, 00:34:32, GigabitEthernet 0/0

B    20.20.34.0/24 [200/0] via 3.3.3.3, 00:48:59

 

R2#sho ip route vrf ruijie

Routing Table: ruijie

 

Codes:  C - connected, S - static, R - RIP, B - BGP

        O - OSPF, IA - OSPF inter area

        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

        E1 - OSPF external type 1, E2 - OSPF external type 2

        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

        ia - IS-IS inter area, * - candidate default

 

Gateway of last resort is no set

B    4.4.4.4/32 [200/1] via 3.3.3.3, 00:34:04

O    5.5.5.5/32 [110/101] via 10.10.25.5, 00:34:06, GigabitEthernet 0/0

O    10.10.15.0/24 [110/2] via 10.10.25.5, 00:34:06, GigabitEthernet 0/0

C    10.10.25.0/24 is directly connected, GigabitEthernet 0/0

C    10.10.25.2/32 is local host.

B    20.20.34.0/24 [200/0] via 3.3.3.3, 00:49:15

通过show ip route 查看R5/R4路由表确认学习到的私网路由为O E2

R4#sho ip route

 

Codes:  C - connected, S - static, R - RIP, B - BGP

        O - OSPF, IA - OSPF inter area

        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

        E1 - OSPF external type 1, E2 - OSPF external type 2

        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

        ia - IS-IS inter area, * - candidate default

 

Gateway of last resort is no set

C    4.4.4.4/32 is local host.

O E2 5.5.5.5/32 [110/101] via 20.20.34.3, 00:36:16, FastEthernet 0/0

O E2 10.10.15.0/24 [110/1] via 20.20.34.3, 00:36:16, FastEthernet 0/0

O E2 10.10.25.0/24 [110/1] via 20.20.34.3, 00:36:16, FastEthernet 0/0

C    20.20.34.0/24 is directly connected, FastEthernet 0/0

C    20.20.34.4/32 is local host.

 

R5#sho ip route

 

Codes:  C - connected, S - static, R - RIP, B - BGP

        O - OSPF, IA - OSPF inter area

        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

        E1 - OSPF external type 1, E2 - OSPF external type 2

        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

        ia - IS-IS inter area, * - candidate default

 

Gateway of last resort is no set

O E2 4.4.4.4/32 [110/1] via 10.10.25.2, 00:36:28, FastEthernet 0/1

                [110/1] via 10.10.15.1, 00:36:28, FastEthernet 0/0

C    5.5.5.5/32 is local host.

C    10.10.15.0/24 is directly connected, FastEthernet 0/0

C    10.10.15.5/32 is local host.

C    10.10.25.0/24 is directly connected, FastEthernet 0/1

C    10.10.25.5/32 is local host.

O E2 20.20.34.0/24 [110/1] via 10.10.15.1, 00:36:32, FastEthernet 0/0

                   [110/1] via 10.10.25.2, 00:36:32, FastEthernet 0/1

 

通过show ip ospf da ex 查看R1/R2OSPF数据库确认收到彼此通告的针对私网4.4.4.45LSADN置位

R1#  sho ip ospf da external

 

            OSPF Router with ID (10.10.15.1) (Process ID 1)

 

                AS External Link States

 

  LS age: 151

  Options: 0x82 (DN|-|-|-|-|-|E|-)

  LS Type: AS-external-LSA

  Link State ID: 4.4.4.4 (External Network Number)

  Advertising Router: 10.10.15.1

  LS Seq Number: 80000002

  Checksum: 0xa278

  Length: 36

  Network Mask: /32

        Metric Type: 2 (Larger than any link state path)

        TOS: 0

        Metric: 1

        Forward Address: 0.0.0.0

        External Route Tag: 1

 

  LS age: 173

  Options: 0x82 (DN|-|-|-|-|-|E|-)

  LS Type: AS-external-LSA

  Link State ID: 4.4.4.4 (External Network Number)

  Advertising Router: 22.22.22.22

  LS Seq Number: 80000002

  Checksum: 0x26c0

  Length: 36

  Network Mask: /32

        Metric Type: 2 (Larger than any link state path)

        TOS: 0

        Metric: 1

        Forward Address: 0.0.0.0

        External Route Tag: 1

 

  LS age: 1111

  Options: 0x82 (DN|-|-|-|-|-|E|-)

  LS Type: AS-external-LSA

  Link State ID: 20.20.34.0 (External Network Number)

  Advertising Router: 10.10.15.1

  LS Seq Number: 80000002

  Checksum: 0xedf2

  Length: 36

  Network Mask: /24

        Metric Type: 2 (Larger than any link state path)

        TOS: 0

        Metric: 1

        Forward Address: 0.0.0.0

        External Route Tag: 1

 

  LS age: 173

  Options: 0x82 (DN|-|-|-|-|-|E|-)

  LS Type: AS-external-LSA

  Link State ID: 20.20.34.0 (External Network Number)

  Advertising Router: 22.22.22.22

  LS Seq Number: 80000002

  Checksum: 0x713b

  Length: 36

  Network Mask: /24

        Metric Type: 2 (Larger than any link state path)

        TOS: 0

        Metric: 1

        Forward Address: 0.0.0.0

        External Route Tag: 1

 

特别注意到以上红色部分LSA:该条路由是由R3 的VRF BGP 通过network命令引入的直连路由,该路由不是由OSPF引入到BGP的,那么这里也不会涉及到OSPF VPN才对?那么这里为什么DN位会置位呢?

通过sho ip bgp vrf ruijie 20.20.34.0查看是否携带OSPF的扩展属性:

R1#sho ip bgp vrf ruijie 20.20.34.0

BGP routing table entry for 20.20.34.0/24

Paths: (1 available, best #1, table Default-IP-Routing-Table)

  Not advertised to any peer

  Local

    3.3.3.3 from 3.3.3.3 (3.3.3.3)

      Origin IGP, metric 0, localpref 100, valid, internal, best

      Extended Community: RT:1:1  //可以看到,不携带OSPF扩展属性

      mpls labels in/out nolabel/1024

      Last update: Fri Mar 18 10:18:25 2011

R2G0/1shut断开与R3L3VPN观察R2VRF路由表是否加载20.20.34.0这条路由

R2#sho ip ospf da external

            OSPF Router with ID (22.22.22.22) (Process ID 1)

 

                AS External Link States

 

  LS age: 639

  Options: 0x82 (DN|-|-|-|-|-|E|-)

  LS Type: AS-external-LSA

  Link State ID: 4.4.4.4 (External Network Number)

  Advertising Router: 10.10.15.1

  LS Seq Number: 80000003

  Checksum: 0xa079

  Length: 36

  Network Mask: /32

        Metric Type: 2 (Larger than any link state path)

        TOS: 0

        Metric: 1

        Forward Address: 0.0.0.0

        External Route Tag: 1

 

  LS age: 1599

  Options: 0x82 (DN|-|-|-|-|-|E|-)

  LS Type: AS-external-LSA

  Link State ID: 20.20.34.0 (External Network Number)

  Advertising Router: 10.10.15.1

  LS Seq Number: 80000003

  Checksum: 0xebf3

  Length: 36

  Network Mask: /24

        Metric Type: 2 (Larger than any link state path)

        TOS: 0

        Metric: 1

        Forward Address: 0.0.0.0

        External Route Tag: 1

//可以看到,在R2OSPF 数据库中,依然收到了来自R1通告的20.20.34.0外部路由

 

R2#sho ip route vrf ruijie

Routing Table: ruijie

 

Codes:  C - connected, S - static, R - RIP, B - BGP

        O - OSPF, IA - OSPF inter area

        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

        E1 - OSPF external type 1, E2 - OSPF external type 2

        i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

        ia - IS-IS inter area, * - candidate default

 

Gateway of last resort is no set

O    5.5.5.5/32 [110/101] via 10.10.25.5, 01:13:41, GigabitEthernet 0/0

O    10.10.15.0/24 [110/2] via 10.10.25.5, 01:13:41, GigabitEthernet 0/0

C    10.10.25.0/24 is directly connected, GigabitEthernet 0/0

C    10.10.25.2/32 is local host.

//由于DN置位所以没有20.20.34.0没有加载进路由表

从这里验证了先前的结论

1不论domain-id是否一致只要从MBGP重发布到ospflsaDN总是置位。

2DN是否置位与DOMAIN-ID无关domain-id只是用来判断还原成3类还是5/7LSA

3修改R1/R2domain-tag一致或不一致实验效果同上。

前文已经提到由于DN位应用到所有3/5/7LSADOMAIN-TAG的作用已经逐步被取代。按照我司现在的实现方式,只要满足DN置位或domain-tag一致其中一个条件,该LSA将不参与OSPF计算。

通过以上信息验证,在DOMAIN-ID不一致情况下,PE将MBGP路由重发布给OSPF时,还原成了5类LSA,并且该5类LSA 的DN位置位,确保了CE双归属情况下不会产生次优路径或路由环路。

 

 

 

相关产品

返回顶部

请选择服务项目
关闭咨询页
售前咨询 售前咨询
售前咨询
售后服务 售后服务
售后服务
意见反馈 意见反馈
意见反馈
更多联系方式