功能介绍:
OSPF VPN的配置非常简单,通过一条命令调整domain-id即可;本章节的重点是通过案例中的show一些设备信息来让大家更直观的了解OSPF VPN的工作效果。通过效果的演示,辅助工程师理解在实际MPLS-VPN网络中OSPF路由的存在形式,以用于指导路由设计。
配置:
Router ospf 1 vrf ruijie
Domain-id 1.1.1.1
原理总结:
在DOMAIN-ID一致情况下,PE将MBGP路由重发布给OSPF时,还原成了3类LSA,并且该3类LSA 的DN位置位,确保了CE双归属情况下不会产生次优路径或路由环路。
不论domain-id是否一致,只要从MBGP重发布到ospf,lsa的DN总是置位。
DN是否置位与DOMAIN-ID无关,而domain-id只是用来判断还原成3类还是5/7类LSA。
修改R1/R2的domain-tag一致或不一致,效果相同。
由于DN位应用到所有3/5/7类LSA中,DOMAIN-TAG的作用已经逐步被取代。按照我司现在的实现方式,只要满足DN置位或domain-tag一致其中一个条件,该LSA将不参与OSPF计算。
通过下面的信息验证,在DOMAIN-ID不一致情况下,PE将MBGP路由重发布给OSPF时,还原成了5类LSA,并且该5类LSA 的DN位置位,确保了CE双归属情况下不会产生次优路径或路由环路。
一、组网需求
拓扑模拟MPLS-VPN CE双归属环境,CE与PE间运行OSPF协议。R1/R2/R3为PE,R4/R5为CE。
二、组网拓扑
三、配置要点
1、设备基础配置
2、Domain-id一致情况下的OSPF-VPN
3、Domain-id不一致情况下的OSPF-VPN
四、配置步骤
1、基础配置:
这里的基础配置包括了完整的域内L3VPN的配置。通过以下配置,可以建立私网路由间vpn联通。
R1配置:
hostname R1
mpls ip
!
ip vrf ruijie
rd 1:1
route-target both 1:1
!
interface GigabitEthernet 0/0
ip vrf forwarding ruijie
ip ref
ip address 10.10.15.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet 0/1
ip ref
ip address 1.1.13.1 255.255.255.0
label-switching
mpls ip
duplex auto
speed auto
!
!
interface Loopback 0
ip ref
ip address 1.1.1.1 255.255.255.255
!
router bgp 1
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 1
neighbor 3.3.3.3 update-source Loopback 0
!
address-family ipv4
redistribute ospf 1 match internal
neighbor 3.3.3.3 activate
exit-address-family
!
address-family vpnv4 unicast
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community extended
exit-address-family
!
address-family ipv4 vrf ruijie
maximum-prefix 10000
network 10.10.12.0 mask 255.255.255.0
redistribute ospf 1 match internal external nssa-external
exit-address-family
!
!
router ospf 1 vrf ruijie
redistribute bgp subnets
network 10.10.0.0 0.0.255.255 area 0
!
router ospf 100
network 1.1.1.1 0.0.0.0 area 0
network 1.1.0.0 0.0.255.255 area 0
!
!
mpls router ldp
ldp router-id 1.1.1.1
!
R2配置:
hostname R2
!
mpls ip
!
ip vrf ruijie
rd 1:2
route-target both 1:1
!
interface GigabitEthernet 0/0
ip vrf forwarding ruijie
ip ref
ip address 10.10.25.2 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet 0/1
ip ref
ip address 1.1.23.2 255.255.255.0
label-switching
mpls ip
duplex auto
speed auto
!
interface Loopback 0
ip ref
ip address 2.2.2.2 255.255.255.255
!
interface Loopback 1
ip vrf forwarding ruijie
ip ref
ip address 22.22.22.22 255.255.255.255
!
router bgp 1
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 1
neighbor 3.3.3.3 update-source Loopback 0
!
address-family ipv4
neighbor 3.3.3.3 activate
exit-address-family
!
address-family vpnv4 unicast
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community extended
exit-address-family
!
address-family ipv4 vrf ruijie
maximum-prefix 10000
network 10.10.12.0 mask 255.255.255.0
network 22.22.22.22 mask 255.255.255.255
redistribute ospf 1 match internal external nssa-external
exit-address-family
!
router ospf 1 vrf ruijie
redistribute bgp subnets
network 10.10.0.0 0.0.255.255 area 0
area 0 sham-link 22.22.22.22 33.33.33.33
!
router ospf 100
network 1.1.0.0 0.0.255.255 area 0
network 2.2.2.2 0.0.0.0 area 0
!
mpls router ldp
ldp router-id 2.2.2.2
R3配置:
hostname R3
!
mpls ip
!
ip vrf ruijie
rd 1:3
route-target both 1:1
!
interface GigabitEthernet 0/0
ip ref
ip address 1.1.13.3 255.255.255.0
label-switching
mpls ip
duplex auto
speed auto
!
interface GigabitEthernet 0/1
ip ref
ip address 1.1.23.3 255.255.255.0
label-switching
mpls ip
duplex auto
speed auto
!
interface GigabitEthernet 0/2
ip vrf forwarding ruijie
ip ref
ip address 20.20.34.3 255.255.255.0
duplex auto
speed auto
!
interface Loopback 0
ip ref
ip address 3.3.3.3 255.255.255.255
!
interface Loopback 1
ip vrf forwarding ruijie
ip ref
ip address 33.33.33.33 255.255.255.255
!
router bgp 1
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 update-source Loopback 0
neighbor 2.2.2.2 remote-as 1
neighbor 2.2.2.2 update-source Loopback 0
!
address-family ipv4
neighbor 1.1.1.1 activate
neighbor 2.2.2.2 activate
exit-address-family
!
address-family vpnv4 unicast
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf ruijie
maximum-prefix 10000
network 20.20.34.0 mask 255.255.255.0
network 33.33.33.33 mask 255.255.255.255
redistribute ospf 1 match internal external nssa-external
exit-address-family
!
router ospf 1 vrf ruijie
redistribute bgp subnets
network 20.20.0.0 0.0.255.255 area 0
area 0 sham-link 33.33.33.33 22.22.22.22
!
router ospf 100
network 1.1.0.0 0.0.255.255 area 0
network 3.3.3.3 0.0.0.0 area 0
!
mpls router ldp
ldp router-id 3.3.3.3
R4配置:
hostname R4
!
interface FastEthernet 0/0
ip address 20.20.34.4 255.255.255.0
duplex auto
speed auto
!
interface Loopback 0
ip address 4.4.4.4 255.255.255.255
!
router ospf 1
network 0.0.0.0 255.255.255.255 area 0
!
R5配置:
hostname R5
!
interface FastEthernet 0/0
ip address 10.10.15.5 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet 0/1
ip address 10.10.25.5 255.255.255.0
duplex auto
speed auto
interface Loopback 0
ip address 5.5.5.5 255.255.255.255
!
router ospf 1
network 0.0.0.0 255.255.255.255 area 0
2、Domain-id一致情况下的OSPF-VPN:
将设备升级到10.4(3)以上软件版本,该版本以后支持OSPF-VPN功能。在默认情况下,DOMAIN-ID为空。
通过show ip bgp vrf ruijie 5.5.5.5来查看MBGP的OSPF扩展属性:
R3#sho ip bgp vrf ruijie 5.5.5.5
BGP routing table entry for 5.5.5.5/32
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
Local
1.1.1.1 from 1.1.1.1 (1.1.1.1)
Origin incomplete, metric 101, localpref 100, valid, internal, best
Extended Community: RT:1:1 OSPF ROUTER ID:10.10.15.1:0 OSPF RT:0.0.0.0:1:0
mpls labels in/out nolabel/1024
Last update: Fri Mar 18 15:28:14 2011
Local
2.2.2.2 from 2.2.2.2 (2.2.2.2)
Origin incomplete, metric 101, localpref 100, valid, internal
Extended Community: RT:1:1 OSPF ROUTER ID:22.22.22.22:0 OSPF RT:0.0.0.0:1:0
mpls labels in/out nolabel/1024
Last update: Fri Mar 18 15:36:11 2011
在R1/R2/R3添加配置:
Router ospf 1 vrf ruijie
Domain-id 1.1.1.1
通过show ip bgp vrf ruijie 5.5.5.5来查看MBGP的OSPF扩展属性,可以看到,扩展属性中携带了DOMAIN
R3#sho ip bgp vrf ruijie 5.5.5.5
BGP routing table entry for 5.5.5.5/32
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
Local
1.1.1.1 from 1.1.1.1 (1.1.1.1)
Origin incomplete, metric 101, localpref 100, valid, internal, best
Extended Community: RT:1:1 OSPF DOMAIN ID:0X0005:0X010101010200 OSPF ROUTER ID:10.10.15.1:0 OSPF RT:0.0.0.0:1:0
mpls labels in/out nolabel/1024
Last update: Fri Mar 18 16:17:54 2011
Local
2.2.2.2 from 2.2.2.2 (2.2.2.2)
Origin incomplete, metric 101, localpref 100, valid, internal
Extended Community: RT:1:1 OSPF DOMAIN ID:0X0005:0X010101010200 OSPF ROUTER ID:22.22.22.22:0 OSPF RT:0.0.0.0:1:0
mpls labels in/out nolabel/1024
Last update: Fri Mar 18 16:18:04 2011
通过show ip route vrf ruijie查看R1/R2的路由表,确认4.4.4.4的路由为B而不是O E2(如果没有OSPF-VPN功能,那么在CE双归属环境下,肯定有一台PE学习到的私网路由是从OSPF学习到的,这里也是典型的双向重发布产生的次优路径问题)
R1#sho ip route vrf ruijie
Routing Table: ruijie
Codes: C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default
Gateway of last resort is no set
B 4.4.4.4/32 [200/1] via 3.3.3.3, 01:49:02
O 5.5.5.5/32 [110/101] via 10.10.15.5, 01:24:29, GigabitEthernet 0/0
C 10.10.15.0/24 is directly connected, GigabitEthernet 0/0
C 10.10.15.1/32 is local host.
O 10.10.25.0/24 [110/2] via 10.10.15.5, 01:24:29, GigabitEthernet 0/0
B 20.20.34.0/24 [200/0] via 3.3.3.3, 01:49:02
R2# sho ip route vrf ruijie
Routing Table: ruijie
Codes: C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default
Gateway of last resort is no set
B 4.4.4.4/32 [200/1] via 3.3.3.3, 02:05:14
O 5.5.5.5/32 [110/101] via 10.10.25.5, 01:27:37, GigabitEthernet 0/0
O 10.10.15.0/24 [110/2] via 10.10.25.5, 02:29:57, GigabitEthernet 0/0
C 10.10.25.0/24 is directly connected, GigabitEthernet 0/0
C 10.10.25.2/32 is local host.
B 20.20.34.0/24 [200/0] via 3.3.3.3, 02:05:14
C 22.22.22.22/32 is local host.
通过show ip route 查看R4/R5路由表,确认学习到的私网路由为O IA(如果没有OSPF-VPN功能,那么BGP重发布到OSPF后,OSPF路由应该是 OE2)
R4#sho ip route
Codes: C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default
Gateway of last resort is no set
C 4.4.4.4/32 is local host.
O IA 5.5.5.5/32 [110/102] via 20.20.34.3, 00:39:15, FastEthernet 0/0
O IA 10.10.15.0/24 [110/2] via 20.20.34.3, 00:39:15, FastEthernet 0/0
O IA 10.10.25.0/24 [110/2] via 20.20.34.3, 00:39:15, FastEthernet 0/0
C 20.20.34.0/24 is directly connected, FastEthernet 0/0
C 20.20.34.4/32 is local host.
R5#sho ip route
Codes: C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default
Gateway of last resort is no set
O IA 4.4.4.4/32 [110/2] via 10.10.15.1, 00:39:14, FastEthernet 0/0
[110/2] via 10.10.25.2, 00:39:14, FastEthernet 0/1
C 5.5.5.5/32 is local host.
C 10.10.15.0/24 is directly connected, FastEthernet 0/0
C 10.10.15.5/32 is local host.
C 10.10.25.0/24 is directly connected, FastEthernet 0/1
C 10.10.25.5/32 is local host.
O E2 20.20.34.0/24 [110/1] via 10.10.15.1, 01:21:20, FastEthernet 0/0
[110/1] via 10.10.25.2, 01:21:20, FastEthernet 0/1
通过show ip ospf da su查看R1/R2的OSPF数据库,确认收到彼此通告的针对私网4.4.4.4的3类LSA,且DN置位
R1#sho ip os database summary
OSPF Router with ID (10.10.15.1) (Process ID 1)
Summary Link States (Area 0.0.0.0)
LS age: 1309
Options: 0x82 (DN|-|-|-|-|-|E|-)
LS Type: summary-LSA
Link State ID: 4.4.4.4 (summary Network Number)
Advertising Router: 10.10.15.1
LS Seq Number: 80000003
Checksum: 0x178e
Length: 28
Network Mask: /32
TOS: 0 Metric: 1
LS age: 130
Options: 0x82 (DN|-|-|-|-|-|E|-)
LS Type: summary-LSA
Link State ID: 4.4.4.4 (summary Network Number)
Advertising Router: 22.22.22.22
LS Seq Number: 80000003
Checksum: 0x9ad6
Length: 28
Network Mask: /32
TOS: 0 Metric: 1
R2#sho ip os da summary
OSPF Router with ID (22.22.22.22) (Process ID 1)
Summary Link States (Area 0.0.0.0)
LS age: 88
Options: 0x82 (DN|-|-|-|-|-|E|-)
LS Type: summary-LSA
Link State ID: 4.4.4.4 (summary Network Number)
Advertising Router: 10.10.15.1
LS Seq Number: 80000004
Checksum: 0x158f
Length: 28
Network Mask: /32
TOS: 0 Metric: 1
LS age: 585
Options: 0x82 (DN|-|-|-|-|-|E|-)
LS Type: summary-LSA
Link State ID: 4.4.4.4 (summary Network Number)
Advertising Router: 22.22.22.22
LS Seq Number: 80000003
Checksum: 0x9ad6
Length: 28
Network Mask: /32
TOS: 0 Metric: 1
通过以上信息验证,在DOMAIN-ID一致情况下,PE将MBGP路由重发布给OSPF时,还原成了3类LSA,并且该3类LSA 的DN位置位,确保了CE双归属情况下不会产生次优路径或路由环路。
3、Domain-id不一致情况下的OSPF-VPN:
修改R3的domain-id为2.2.2.2,使其与R1/R2的domain-id不一致。
通过show ip route vrf ruijie查看R1/R2的路由表,确认4.4.4.4的路由为B而不是O E2:
R1#sho ip route vrf ruijie
Routing Table: ruijie
Codes: C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default
Gateway of last resort is no set
B 4.4.4.4/32 [200/1] via 3.3.3.3, 00:33:41
O 5.5.5.5/32 [110/101] via 10.10.15.5, 03:24:53, GigabitEthernet 0/0
C 10.10.15.0/24 is directly connected, GigabitEthernet 0/0
C 10.10.15.1/32 is local host.
O 10.10.25.0/24 [110/2] via 10.10.15.5, 00:34:32, GigabitEthernet 0/0
B 20.20.34.0/24 [200/0] via 3.3.3.3, 00:48:59
R2#sho ip route vrf ruijie
Routing Table: ruijie
Codes: C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default
Gateway of last resort is no set
B 4.4.4.4/32 [200/1] via 3.3.3.3, 00:34:04
O 5.5.5.5/32 [110/101] via 10.10.25.5, 00:34:06, GigabitEthernet 0/0
O 10.10.15.0/24 [110/2] via 10.10.25.5, 00:34:06, GigabitEthernet 0/0
C 10.10.25.0/24 is directly connected, GigabitEthernet 0/0
C 10.10.25.2/32 is local host.
B 20.20.34.0/24 [200/0] via 3.3.3.3, 00:49:15
通过show ip route 查看R5/R4路由表,确认学习到的私网路由为O E2:
R4#sho ip route
Codes: C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default
Gateway of last resort is no set
C 4.4.4.4/32 is local host.
O E2 5.5.5.5/32 [110/101] via 20.20.34.3, 00:36:16, FastEthernet 0/0
O E2 10.10.15.0/24 [110/1] via 20.20.34.3, 00:36:16, FastEthernet 0/0
O E2 10.10.25.0/24 [110/1] via 20.20.34.3, 00:36:16, FastEthernet 0/0
C 20.20.34.0/24 is directly connected, FastEthernet 0/0
C 20.20.34.4/32 is local host.
R5#sho ip route
Codes: C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default
Gateway of last resort is no set
O E2 4.4.4.4/32 [110/1] via 10.10.25.2, 00:36:28, FastEthernet 0/1
[110/1] via 10.10.15.1, 00:36:28, FastEthernet 0/0
C 5.5.5.5/32 is local host.
C 10.10.15.0/24 is directly connected, FastEthernet 0/0
C 10.10.15.5/32 is local host.
C 10.10.25.0/24 is directly connected, FastEthernet 0/1
C 10.10.25.5/32 is local host.
O E2 20.20.34.0/24 [110/1] via 10.10.15.1, 00:36:32, FastEthernet 0/0
[110/1] via 10.10.25.2, 00:36:32, FastEthernet 0/1
通过show ip ospf da ex 查看R1/R2的OSPF数据库,确认收到彼此通告的针对私网4.4.4.4的5类LSA,且DN置位:
R1# sho ip ospf da external
OSPF Router with ID (10.10.15.1) (Process ID 1)
AS External Link States
LS age: 151
Options: 0x82 (DN|-|-|-|-|-|E|-)
LS Type: AS-external-LSA
Link State ID: 4.4.4.4 (External Network Number)
Advertising Router: 10.10.15.1
LS Seq Number: 80000002
Checksum: 0xa278
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 1
LS age: 173
Options: 0x82 (DN|-|-|-|-|-|E|-)
LS Type: AS-external-LSA
Link State ID: 4.4.4.4 (External Network Number)
Advertising Router: 22.22.22.22
LS Seq Number: 80000002
Checksum: 0x26c0
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 1
LS age: 1111
Options: 0x82 (DN|-|-|-|-|-|E|-)
LS Type: AS-external-LSA
Link State ID: 20.20.34.0 (External Network Number)
Advertising Router: 10.10.15.1
LS Seq Number: 80000002
Checksum: 0xedf2
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 1
LS age: 173
Options: 0x82 (DN|-|-|-|-|-|E|-)
LS Type: AS-external-LSA
Link State ID: 20.20.34.0 (External Network Number)
Advertising Router: 22.22.22.22
LS Seq Number: 80000002
Checksum: 0x713b
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 1
特别注意到以上红色部分LSA:该条路由是由R3 的VRF BGP 通过network命令引入的直连路由,该路由不是由OSPF引入到BGP的,那么这里也不会涉及到OSPF VPN才对?那么这里为什么DN位会置位呢?
通过sho ip bgp vrf ruijie 20.20.34.0查看是否携带OSPF的扩展属性:
R1#sho ip bgp vrf ruijie 20.20.34.0
BGP routing table entry for 20.20.34.0/24
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
Local
3.3.3.3 from 3.3.3.3 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, internal, best
Extended Community: RT:1:1 //可以看到,不携带OSPF扩展属性
mpls labels in/out nolabel/1024
Last update: Fri Mar 18 10:18:25 2011
将R2的G0/1口shut,断开与R3的L3VPN,观察R2的VRF路由表是否加载20.20.34.0这条路由
R2#sho ip ospf da external
OSPF Router with ID (22.22.22.22) (Process ID 1)
AS External Link States
LS age: 639
Options: 0x82 (DN|-|-|-|-|-|E|-)
LS Type: AS-external-LSA
Link State ID: 4.4.4.4 (External Network Number)
Advertising Router: 10.10.15.1
LS Seq Number: 80000003
Checksum: 0xa079
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 1
LS age: 1599
Options: 0x82 (DN|-|-|-|-|-|E|-)
LS Type: AS-external-LSA
Link State ID: 20.20.34.0 (External Network Number)
Advertising Router: 10.10.15.1
LS Seq Number: 80000003
Checksum: 0xebf3
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 1
Forward Address: 0.0.0.0
External Route Tag: 1
//可以看到,在R2的OSPF 数据库中,依然收到了来自R1通告的20.20.34.0外部路由
R2#sho ip route vrf ruijie
Routing Table: ruijie
Codes: C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default
Gateway of last resort is no set
O 5.5.5.5/32 [110/101] via 10.10.25.5, 01:13:41, GigabitEthernet 0/0
O 10.10.15.0/24 [110/2] via 10.10.25.5, 01:13:41, GigabitEthernet 0/0
C 10.10.25.0/24 is directly connected, GigabitEthernet 0/0
C 10.10.25.2/32 is local host.
//由于DN置位,所以没有20.20.34.0没有加载进路由表
从这里验证了先前的结论:
1)不论domain-id是否一致,只要从MBGP重发布到ospf,lsa的DN总是置位。
2)DN是否置位与DOMAIN-ID无关,而domain-id只是用来判断还原成3类还是5/7类LSA。
3)修改R1/R2的domain-tag一致或不一致,实验效果同上。
前文已经提到,由于DN位应用到所有3/5/7类LSA中,DOMAIN-TAG的作用已经逐步被取代。按照我司现在的实现方式,只要满足DN置位或domain-tag一致其中一个条件,该LSA将不参与OSPF计算。
通过以上信息验证,在DOMAIN-ID不一致情况下,PE将MBGP路由重发布给OSPF时,还原成了5类LSA,并且该5类LSA 的DN位置位,确保了CE双归属情况下不会产生次优路径或路由环路。
发布时间:2013-09-12
