まず最初に
この検証内容は、2011年に MPLS VPN についてラボで確認した時の結果をローカルのwikiサーバーに保存していました。その後、誰かの参考になったのかどうかは分からないのですが、もうwikiサーバーも動いていませんので、誰もこの内容を見ることもないと思います。でも、最近になって自分でも見直すことがありましたので、少しでも参考になればと思い、こちらにアップすることにしました。
Topology
summary
configの注意点
-
send-labelの設定は両端のルータに設定すること - ASBRに
route-mapを設定する場合は、out側のroute-map内にsend-labelを明示的に書かないとラベルが送信されないので注意**(route-mapをneighborに設定していなければ問題ない)** - RRに
no bgp default route-target filterを設定する必要はない**(RRはデフォルトでroute-targetsをフィルタしない)**
send-labelの結果
peerルータのR2から、20.1.1.3(PE2のloopback)へのラベルは2001という情報が来る。
log
ASBR1#show ip bgp labels
Network Next Hop In label/Out label
10.1.1.1/32 0.0.0.0 imp-null/nolabel
10.1.1.2/32 172.10.13.3 nolabel/nolabel
10.1.1.3/32 172.10.13.3 1001/nolabel
20.1.1.2/32 172.30.12.2 nolabel/nolabel
20.1.1.3/32 172.30.12.2 nolabel/2001 <<<<<=====!!!!!
172.10.13.0/24 0.0.0.0 imp-null/nolabel
172.10.35.0/24 172.10.13.3 nolabel/nolabel
ASBR1#
log
RR1#show ip bgp labels
Network Next Hop In label/Out label
10.1.1.1/32 10.1.1.1 nolabel/imp-null
20.1.1.2/32 172.30.12.2 nolabel/nolabel
20.1.1.3/32 172.30.12.2 nolabel/2001 <<<<<=====!!!!!
172.10.13.0/24 10.1.1.1 nolabel/imp-null
RR1#
2001のラベル情報がPE1までRRを経由して届く。
log
PE1#show ip bgp labels
Network Next Hop In label/Out label
10.1.1.1/32 10.1.1.1 nolabel/imp-null
20.1.1.2/32 172.30.12.2 nolabel/nolabel
20.1.1.3/32 172.30.12.2 nolabel/2001 <<<<<=====!!!!!
172.10.13.0/24 10.1.1.1 nolabel/imp-null
PE1#
VPNラベルを見る
VPN用のラベルが、6005であることが分かる。 宛先は、20.1.1.3になっているが、これはVPNv4のpeerを張っているRR上でnext-hop-unchangedを設定しているから。
log
PE1#show ip bgp vpnv4 all 2.2.2.2
BGP routing table entry for 1:100:2.2.2.2/32, version 6
Paths: (1 available, best #1, table blue)
Not advertised to any peer
200
20.1.1.3 (metric 1) from 10.1.1.2 (10.1.1.2)
Origin incomplete, metric 0, localpref 100, valid, internal, best
Extended Community: RT:1:100
mpls labels in/out nolabel/6005
PE1#
send-labelの結果から、20.1.1.3へのラベルは、BGP経由で得た2001だけど、2001へのnext-hopは172.30.12.2なので、この宛先へのラベルを見ると3002であることが分かる。
log
PE1#show mpls forwarding-table 172.30.12.2
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
5003 3002 172.30.12.2/32 0 Et0/0 172.10.35.3
PE1#
最終的に、3000,2001,6005とラベルをpushする。
life of a ping
traceroute
log
CE1#traceroute 2.2.2.2
Type escape sequence to abort.
Tracing the route to 2.2.2.2
1 192.168.57.5 16 msec 20 msec 20 msec
2 172.10.35.3 [MPLS: Labels 3002/2001/6005 Exp 0] 60 msec 60 msec 60 msec
3 172.10.13.1 [MPLS: Labels 1000/2001/6005 Exp 0] 60 msec 72 msec 60 msec
4 172.30.12.2 [MPLS: Labels 2001/6005 Exp 0] 48 msec 52 msec 80 msec
5 172.20.24.4 [MPLS: Labels 4000/6005 Exp 0] 60 msec 60 msec 60 msec
6 192.168.68.6 [MPLS: Label 6005 Exp 0] 20 msec 28 msec 32 msec
7 192.168.68.8 60 msec * 32 msec
CE1#
log
CE2#traceroute 1.1.1.1
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 192.168.68.6 28 msec 20 msec 20 msec
2 172.20.46.4 [MPLS: Labels 4002/1001/5005 Exp 0] 60 msec 60 msec 60 msec
3 172.20.24.2 [MPLS: Labels 2000/1001/5005 Exp 0] 60 msec 56 msec 60 msec
4 172.30.12.1 [MPLS: Labels 1001/5005 Exp 0] 48 msec 60 msec 60 msec
5 172.10.13.3 [MPLS: Labels 3000/5005 Exp 0] 52 msec 60 msec 60 msec
6 192.168.57.5 [MPLS: Label 5005 Exp 0] 36 msec 28 msec 40 msec
7 192.168.57.7 40 msec * 24 msec
CE2#
R5 (PE1)
log
PE1#show ip cef vrf blue 2.2.2.2
2.2.2.2/32
nexthop 172.10.35.3 Ethernet0/0 label 3002 2001 6005
PE1#
R3 (RR1)
3002を1000にswap
log
RR1#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
3000 Pop Label 10.1.1.3/32 8620 Et1/0 172.10.35.5
3001 Pop Label 10.1.1.1/32 0 Et0/0 172.10.13.1
3002 1000 172.30.12.2/32 5396 Et0/0 172.10.13.1
3003 Pop Label 172.30.12.0/24 0 Et0/0 172.10.13.1
RR1#
R1 (ASBR1)
1000をpop
log
ASBR1#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
1000 Pop Label 172.30.12.2/32 32946 Se1/0 point2point
1001 3000 10.1.1.3/32 8404 Et0/0 172.10.13.3
1002 Pop Label 10.1.1.2/32 0 Et0/0 172.10.13.3
1003 Pop Label 172.10.35.0/24 0 Et0/0 172.10.13.3
ASBR1#
R2 (ASBR2)
2001を4000にswap
log
ASBR2#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
2000 Pop Label 172.30.12.1/32 35216 Se1/0 point2point
2001 4000 20.1.1.3/32 6964 Et0/0 172.20.24.4
2002 Pop Label 20.1.1.2/32 0 Et0/0 172.20.24.4
2003 Pop Label 172.20.46.0/24 0 Et0/0 172.20.24.4
ASBR2#
R4 (RR2)
4000をpop
log
RR2#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
4000 Pop Label 20.1.1.3/32 7620 Et1/0 172.20.46.6
4001 Pop Label 20.1.1.1/32 0 Et0/0 172.20.24.2
4002 2000 172.30.12.1/32 7732 Et0/0 172.20.24.2
4003 Pop Label 172.30.12.0/24 0 Et0/0 172.20.24.2
RR2#
R5 (PE1)
6005をpop
log
PE2#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
6000 Pop Label 20.1.1.2/32 0 Et0/0 172.20.46.4
6001 Pop Label 172.20.24.0/24 0 Et0/0 172.20.46.4
6002 4001 20.1.1.1/32 0 Et0/0 172.20.46.4
6003 4002 172.30.12.1/32 0 Et0/0 172.20.46.4
6004 4003 172.30.12.0/24 0 Et0/0 172.20.46.4
6005 No Label 2.2.2.2/32[V] 4984 Se1/0 point2point
6006 No Label 192.168.68.0/24[V] \
2772 aggregate/blue
PE2#
config
R1
config
hostname ASBR1
!
mpls label range 1000 1999
mpls label protocol ldp
!
interface Loopback0
ip address 10.1.1.1 255.255.255.255
!
interface Ethernet0/0
ip address 172.10.13.1 255.255.255.0
mpls ip
!
interface Serial1/0
ip address 172.30.12.1 255.255.255.0
mpls bgp forwarding
!
router ospf 1
log-adjacency-changes
redistribute connected metric 1 subnets
network 10.1.1.1 0.0.0.0 area 0
network 172.10.13.1 0.0.0.0 area 0
!
router bgp 100
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.1.1.2 remote-as 100
neighbor 10.1.1.2 update-source Loopback0
neighbor 172.30.12.2 remote-as 200
!
address-family ipv4
no synchronization
redistribute ospf 1
neighbor 10.1.1.2 activate
neighbor 10.1.1.2 send-label
neighbor 172.30.12.2 activate
neighbor 172.30.12.2 route-map map_in in
neighbor 172.30.12.2 route-map map_out out
neighbor 172.30.12.2 send-label
no auto-summary
exit-address-family
!
access-list 1 permit 10.1.1.3 log
access-list 2 permit 20.1.1.3 log
access-list 3 permit 10.1.1.2 log
access-list 4 permit 20.1.1.2 log
!
route-map map_in permit 10
match ip address 2
match mpls-label
!
route-map map_in permit 20
match ip address 4
!
route-map map_out permit 10
match ip address 3
!
route-map map_out permit 20
match ip address 1
set mpls-label
!
R2
config
hostname ASBR2
!
mpls label range 2000 2999
mpls label protocol ldp
!
interface Loopback0
ip address 20.1.1.1 255.255.255.255
!
interface Ethernet0/0
ip address 172.20.24.2 255.255.255.0
mpls ip
!
interface Serial1/0
ip address 172.30.12.2 255.255.255.0
mpls bgp forwarding
!
router ospf 1
log-adjacency-changes
redistribute connected metric 1 subnets
network 20.1.1.1 0.0.0.0 area 0
network 172.20.24.2 0.0.0.0 area 0
!
router bgp 200
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 20.1.1.2 remote-as 200
neighbor 20.1.1.2 update-source Loopback0
neighbor 172.30.12.1 remote-as 100
!
address-family ipv4
no synchronization
redistribute ospf 1
neighbor 20.1.1.2 activate
neighbor 20.1.1.2 send-label
neighbor 172.30.12.1 activate
neighbor 172.30.12.1 route-map map_in in
neighbor 172.30.12.1 route-map map_out out
neighbor 172.30.12.1 send-label
no auto-summary
exit-address-family
!
access-list 1 permit 20.1.1.3 log
access-list 2 permit 10.1.1.3 log
access-list 3 permit 20.1.1.2 log
access-list 4 permit 10.1.1.2 log
!
route-map map_in permit 10
match ip address 2
match mpls-label
!
route-map map_in permit 20
match ip address 4
!
route-map map_out permit 10
match ip address 1
set mpls-label
!
route-map map_out permit 20
match ip address 3
!
R3
config
hostname RR1
!
mpls label range 3000 3999
mpls label protocol ldp
!
interface Loopback0
ip address 10.1.1.2 255.255.255.255
!
interface Ethernet0/0
ip address 172.10.13.3 255.255.255.0
mpls ip
!
interface Ethernet1/0
ip address 172.10.35.3 255.255.255.0
mpls ip
!
router ospf 1
log-adjacency-changes
network 10.1.1.2 0.0.0.0 area 0
network 172.10.13.3 0.0.0.0 area 0
network 172.10.35.3 0.0.0.0 area 0
!
router bgp 100
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.1.1.1 remote-as 100
neighbor 10.1.1.1 update-source Loopback0
neighbor 10.1.1.3 remote-as 100
neighbor 10.1.1.3 update-source Loopback0
neighbor 20.1.1.2 remote-as 200
neighbor 20.1.1.2 ebgp-multihop 255
neighbor 20.1.1.2 update-source Loopback0
!
address-family ipv4
no synchronization
neighbor 10.1.1.1 activate
neighbor 10.1.1.1 route-reflector-client
neighbor 10.1.1.1 send-label
neighbor 10.1.1.3 activate
neighbor 10.1.1.3 route-reflector-client
neighbor 10.1.1.3 send-label
no auto-summary
exit-address-family
!
address-family vpnv4
neighbor 10.1.1.3 activate
neighbor 10.1.1.3 send-community extended
neighbor 10.1.1.3 route-reflector-client
neighbor 20.1.1.2 activate
neighbor 20.1.1.2 send-community extended
neighbor 20.1.1.2 next-hop-unchanged
exit-address-family
!
R4
config
hostname RR2
!
mpls label range 4000 4999
mpls label protocol ldp
!
interface Loopback0
ip address 20.1.1.2 255.255.255.255
!
interface Ethernet0/0
ip address 172.20.24.4 255.255.255.0
mpls ip
!
interface Ethernet1/0
ip address 172.20.46.4 255.255.255.0
mpls ip
!
router ospf 1
log-adjacency-changes
network 20.1.1.2 0.0.0.0 area 0
network 172.20.24.4 0.0.0.0 area 0
network 172.20.46.4 0.0.0.0 area 0
!
router bgp 200
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.1.1.2 remote-as 100
neighbor 10.1.1.2 ebgp-multihop 255
neighbor 10.1.1.2 update-source Loopback0
neighbor 20.1.1.1 remote-as 200
neighbor 20.1.1.1 update-source Loopback0
neighbor 20.1.1.3 remote-as 200
neighbor 20.1.1.3 update-source Loopback0
!
address-family ipv4
no synchronization
neighbor 20.1.1.1 activate
neighbor 20.1.1.1 route-reflector-client
neighbor 20.1.1.1 send-label
neighbor 20.1.1.3 activate
neighbor 20.1.1.3 route-reflector-client
neighbor 20.1.1.3 send-label
no auto-summary
exit-address-family
!
address-family vpnv4
neighbor 10.1.1.2 activate
neighbor 10.1.1.2 send-community extended
neighbor 10.1.1.2 next-hop-unchanged
neighbor 20.1.1.3 activate
neighbor 20.1.1.3 send-community extended
neighbor 20.1.1.3 route-reflector-client
exit-address-family
!
R5
config
hostname PE1
!
ip vrf blue
rd 1:100
route-target export 1:100
route-target import 1:100
!
mpls label range 5000 5999
mpls label protocol ldp
!
interface Loopback0
ip address 10.1.1.3 255.255.255.255
!
interface Ethernet0/0
ip address 172.10.35.5 255.255.255.0
mpls ip
!
interface Serial1/0
ip vrf forwarding blue
ip address 192.168.57.5 255.255.255.0
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 10.1.1.3 0.0.0.0 area 0
network 172.10.35.5 0.0.0.0 area 0
!
router rip
version 2
no auto-summary
!
address-family ipv4 vrf blue
redistribute bgp 100 metric 1
network 192.168.57.0
no auto-summary
version 2
exit-address-family
!
router bgp 100
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.1.1.2 remote-as 100
neighbor 10.1.1.2 update-source Loopback0
!
address-family ipv4
no synchronization
neighbor 10.1.1.2 activate
neighbor 10.1.1.2 send-label
no auto-summary
exit-address-family
!
address-family vpnv4
neighbor 10.1.1.2 activate
neighbor 10.1.1.2 send-community extended
exit-address-family
!
address-family ipv4 vrf blue
no synchronization
redistribute rip
exit-address-family
!
R6
config
hostname PE2
!
ip vrf blue
rd 1:100
route-target export 1:100
route-target import 1:100
!
mpls label range 6000 6999
mpls label protocol ldp
!
interface Loopback0
ip address 20.1.1.3 255.255.255.255
!
interface Ethernet0/0
ip address 172.20.46.6 255.255.255.0
mpls ip
!
interface Serial1/0
ip vrf forwarding blue
ip address 192.168.68.6 255.255.255.0
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 20.1.1.3 0.0.0.0 area 0
network 172.20.46.6 0.0.0.0 area 0
!
router rip
version 2
no auto-summary
!
address-family ipv4 vrf blue
redistribute bgp 200 metric 1
network 192.168.68.0
no auto-summary
version 2
exit-address-family
!
router bgp 200
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 20.1.1.2 remote-as 200
neighbor 20.1.1.2 update-source Loopback0
!
address-family ipv4
no synchronization
neighbor 20.1.1.2 activate
neighbor 20.1.1.2 send-label
no auto-summary
exit-address-family
!
address-family vpnv4
neighbor 20.1.1.2 activate
neighbor 20.1.1.2 send-community extended
exit-address-family
!
address-family ipv4 vrf blue
no synchronization
redistribute rip
exit-address-family
!
R7
config
hostname CE1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Serial0/0
ip address 192.168.57.7 255.255.255.0
serial restart-delay 0
!
router rip
version 2
network 1.0.0.0
network 192.168.57.0
no auto-summary
!
R8
config
hostname CE2
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Serial0/0
ip address 192.168.68.8 255.255.255.0
serial restart-delay 0
!
router rip
version 2
network 2.0.0.0
network 192.168.68.0
no auto-summary
!