CCIE Routing Protocol Part3MPLS VPNWord格式.docx
《CCIE Routing Protocol Part3MPLS VPNWord格式.docx》由会员分享,可在线阅读,更多相关《CCIE Routing Protocol Part3MPLS VPNWord格式.docx(11页珍藏版)》请在冰豆网上搜索。
MPLSLabelDistribution:
ForCell-mode:
LabelSpace(Per-interface),LabelGenerate/Distribute/Allocation(DownStream-on-demand/OrderedControlmode)andLabelretention(Conservativelabelretentionmode-onlykeeprequestedlabel)
ForFrame-Mode:
LabelSpace(Per-platform),LabelGenerate/Distribute/Allocation(UnsolicitedDownStream/Independentcontrolmode)andLabelretention(liberallabelretentionmode-keepallreceivedbutonlyonebeused)
ForCiscoRouter:
Per-platform/UnsolicitedDownStream/independentControl/Liberallabelretention
ForCiscoATM:
per-interface/Downstream-on-demenddistribute/independentcontrol/conservationlabelretention/orderedcontrol
ForRouterwithATMinterface:
likeATM,justuseconservativeorliberallabelretention.
LDP:
usesUDP/TCP646,TDPusesTCP711
LDPHellousingUDPpacketto224.0.0.2(allRouterMulticastaddress)withTTL=1tofindneighbor.thenuseTCPtoestablishthesessionfromHigherIP@tolowerip@andtheninitializationsessionformessageexchangethenexchangemessageafterthis,keepalive,andRouterbuildupLabelmaptable.
LabelTables:
FEC:
FECisusedtodescribethepacketsthatareforwardedbasedonacommoncharateristicsuchasDestinationaddress/subnet,Qosclass...,LabelisassignedtoaFEC.
LSP:
LabelSwitchedPath,ThatisasequenceofLSRsthatforwardlabeledpacketsthroughacertainFEC.itisuni-directional.
FIB/RIB:
DestinationsubnetandNext-hop
LIB:
Learnfromdownstreamneighborabout"
ipprefixwithitslabel"
basedonthismapping,generatealocalsignificantlabelandannouncethislabelandipprefixtoupstreamneighborviaLDP
LFIB:
Itisatableinculdes:
locallabel(whichbeadvertisedtoupstream)mapwithlearnlabel(whichislearnfromdownstream).iflearnFECfromtwoLSRs,localLSRselectoneofthembasedonFIB.
MPLSloopdetection:
LDPloopdetectionbuildintoIGPloopdetectandTTL.bydefault,oningress,TTLcopyfromIPpacket'
sTTL,ategress,LabelTTLcopiedtoIPheaderTTLfield.ifTTL=0,droppacket.
MPLSconvergence:
whenalinkfailure,IGPconvergenceandthenMPLSconvergence
whenthelinkrecovery,RoutingprotocolrebuildRTandatthistime,labelswitchingshouldbebrokenuntilLFIBandFIBrebuild.
MPLSMTU:
becauseaddlabels,theframesizeisbiggerthannormal,1500Bippacket+3labels(4timesof3is12B)
SotheMTUshouldbe1512BorforethernetswitchsupportsJumboFrame(GiantFrame).
MPLSTE:
requirement:
1:
everyLSRhavetoseetheentiretopologyoftheNetwork,
2:
Inthistopology,LSRneedsadditionalresourceinformationforlinks,suchasavailableresourceandconstrains
So,onlyextensionOSPFandISISfitfortheserequirements.
Then.LSRusesRSVP-TEandCR-LDPtoestablishtrafficengineeringtunnelsandpropagatelabels,eachELSRmustbeabletocreateanLSPtunnelondemand.
RSVP-TE:
Therearetwomessagetypes:
PATH(Tear/Error)andRESV(Tear/Error)
ERO/RRO:
EROExplicitRoutingObject,Downstreamdirection(likeAS_PATH,thatisLSPhopbyhoplist)toinfoeachLSRtocheckandreserveresource,therearetwoERO,oneisstrictandotherisloose.strictmeansthisHopmustbypassandthisHopandit'
slastHopmustconnectdirectly.
RROisRecordRouteObject,itisupstream
ResourceInformationDataBase,itisaextendnetworktopologywithresource,byCSPF(useLSA9,10tocarryTE-releventlinkattribute)andISIS-TE(newTLVs,TLV22,TLV134,TLV135)
PriorityandPreemption(Setuppriorityandholdingpriority):
MultipleLSPtunnelswillbeestablished,setupbasedonhigherpriorityfirst,Ifthelinkresourceisnotinsufficient,existingLSPtunnelwithlowerholdingprioritycouldbereleasedresourceforhighersetupprioritytunnelmeanspreemption.
MPLSTEhavetwolabels:
toplabelpointstotheendpointoftrafficengineeringtunnel,thesecondlablepointstodestination.
MPLSVPN(peertopeerVPN):
TherearetwotypesVPN,
oneisOverlayVPN,SPprovidesVirtualPoint-to-pointlinksbetweenCEs,
suchas(layer-1:
T1/ISDN/SONET;
Layer-2:
FR/ATM/X.25;
layer-3:
GRE,IPSec)
oneisPeer2PeerVPN:
SPparticipatesinCustomerroutingandseparateforwardingtableforeachcustomer.
ControlPlane:
(GlobalRoutingTable/BackBoneIGPTable/VRFtable/VPNv4RoutingTable/RD/RT)
VRFtable:
IPv4prefix,VRFroutingtableisisolatedbetweeneachother,setupVRFatPEconnectingtoCE
VPNv4RoutingTable:
VPNv4prefixarepropagatedacrosstheMPLS-VPNNetworktopeerPEbyMP-iBGP,soVPNv4prefixmustbeuniqueinthewholeMPLSnetwork.
RD(routedistinguisher):
64bits,MPLSVPNuseaddRDtomakeeachIPv4prefixtobecomeauniqueVNPv4prefix.SoallowCERoutesaddressoverlap.RDisnottheidentifieroftheVPN,SosameVPN,allowtohavedifferentRDs.
forexample:
RDtypeisASN:
nnorIP@:
nn,thefirstoneisprefer.ifaVRFipv4prefixis10.1.1.0/24,RDis65001:
11,soVPNv4prefixis65001:
11:
10.1.1.0/24
RT(Routertargets):
usingBGPextendedattribute(Community),itwillbepropagatedbyMP-iBGPupdate.
whentherouteprefixisredistributedfromVRFroutingtableintoMP-iBGP,addexportRT,toidentifythisroutebelongtowhichofVPN.AtthereceiverPE,comparevpnv4prefix'
scommunity(ExportRT/ImportRT)withlocalsettingwhichisImportRT,ifmatch,receivethevpnv4prefixandconverttoVRFipv4prefix,ifnotmatch,rejectit.
SoMPLS-VPNusingRDandRTtocompletetherouteprefixuniquenessandidentifierofVPNandpropagatetheseprefixusingMP-iBGPbetweentwoPEs.
aVPNv4prefixallowtocarrymultipleRTs(ImportRTsandExportRTs).ImportRTmeanswhichVPNv4prefixwillbeaccepted;
ExportRTmeanstowhomwillthisVPNv4prefixbeallowedtosend.
DataPlane:
TheCoreisBGPfree,SoonlyPEsrunMP-iBGP,OnlyPEsknowtheVPNv4prefix,Pdonotknowthem.Sotherearetwolabels,ToplabelusedtoforwardpackettoPeerPE,andtheBottomlabelusedtoidentifyVPN.
FortheToplabels,AllPEsandPsrunIGPandLDPorRSVP-TE.CoreIGPcreateaglobalroutingtable(ipv4prefix)andgenerateLFIBatallPsandPEs.ThisisToplabeltoensurepacketwillbeswitchingfromingressPEtoegressPE.
TheBottomLabel:
itisvpnlabel,beadvertisedbyMP-iBGP,WhenVPNv4prefixbepropagatedfromonePEtopeerPE,PeerPEdecidewhichVRFtheseprefixbelongto.
AtIngressPE,itaddtwolabels(GlobalIGPlabelasthetoplabel;
VPNlabelasthebottomlabel)
attheegressPE,ItcanmaplabeltoVPNv4prefix,thislabelisVPNlabel,andthisPEadvertisedthelabelalongwiththeVPNv4prefixtoallpossibleingressPEs,ThislabelcontainedintheNLRIfieldofBGP.
MP-iBGP:
allPEsrunMP-iBGP.soiftherearemanyPEs,youshouldsetupRRanduseRTtoletRRknowallVPNv4prefix.thatmeansRRwillreceiveallVPNv4prefix.
OryoucansubdividetheVPNv4prefixintogroupsandsetupseveralRRsorRRgroupstocarryoneofthosesubsets.
WhenaPEredistributeVRFipv4prefixintoMP-iBGP:
1:
AddRD
2:
Modifythenext-hoptoRE'
sRID
3:
AddVPNlabelbasedonVPNv4prefix
4:
AddRTs
MPLS-VPNPE-CERouting:
StaticRouting/connectedbetweenPEandCE
redistributeConnectedroutesintoBGP,LetremotePEknowtheseconnectedIP@,whenpingfromCEtoCE,pingsuccessfully.Soifpingwithaspecifiedip@assource,youmustmakesureRemotedevice(PEorCE)knowittoguaranteereplypacketsuccessfully.
Routerbgp65001
........
address-familyipv4vrfCus_A
redistributeconnected
neighbor10.10.10.2remoteas65001
neighbor10.10.10.2active
Forstatic:
iproutevrfCus_A10.100.0.0255.255.0.010.10.10.25
routerbgp65001
redistributestatic
RIPv2BetweenPEandCE
ipvrfCus_A
rd1:
1
route-tragetexport1:
import1:
routerrip
noauto-summary
version2
network10.0.0.0
redistributebgp65001
default-metric2
redistributerip
OSPFbetweenPEandCE
Q1:
usually,theMPLS-VPNasaSuper-BackBonearea,soCEsendOSPFLSA3toPE,whichisaintra-summaryrouteatPE,thenPEredistributetheseroutesintoBGP,thenremotePEredistributeBGPintoOSPFagain.atRemotePE,theseformerLSA3hadbeenchangedtoLSA5becausered
升级会员 