HCIP阶段MPLS实验

一、实验拓扑

 

 

二、实验思路

1.配置IP实现公网互通

2.在公网开启MPLS环境

3.创建VPN通道

4.公网启动BGP

5.内网按要求写静态路由、rip、OSPF

6.双向重发布获取路由

三、实验步骤

1.配置公网IP

R2

R3

 

 

R4

 

 

R7

 

 

2.在公网使用OSPF协议宣告

R2

[R2]ospf 1 router-id 2.2.2.2   
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 23.1.1.1 0.0.0.0

R3

[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 23.1.1.2 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 34.1.1.1 0.0.0.0

R4

[R4]ospf 1 router-id 4.4.4.4  
[R4-ospf-1]area 0
[R4-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 34.1.1.2 0.0.0.0

[R4-ospf-1-area-0.0.0.0]network 47.1.1.1 0.0.0.0

3.沉默R4到R7的接口g0/0/2，并加上认证

[R4-ospf-1]silent-interface GigabitEthernet 0/0/2
[R4-ospf-1]int g0/0/2
[R4-GigabitEthernet0/0/2]ospf authentication-mode md5 1 cipher 123456

4.R7上写缺省

[R7]ip route-static 0.0.0.0 0 47.1.1.1

5.在公网R2——R4上搭建MPLS环境

R2

[R2]mpls lsr-id 2.2.2.2
[R2]mpls
Info: Mpls starting, please wait... OK!
[R2-mpls]mpls ldp
[R2-mpls-ldp]int g0/0/1
[R2-GigabitEthernet0/0/1]mpls
[R2-GigabitEthernet0/0/1]mpls ldp 

R3

[R3]mpls lsr-id 3.3.3.3
[R3]mpls 
Info: Mpls starting, please wait... OK!
[R3-mpls]mpls ld    
[R3-mpls]mpls ldp
[R3-mpls-ldp]q
[R3]int g0/0/0 
[R3-GigabitEthernet0/0/0]mpls 
[R3-GigabitEthernet0/0/0]mpls ldp
[R3-GigabitEthernet0/0/0]int g0/0/1
[R3-GigabitEthernet0/0/1]mpls
[R3-GigabitEthernet0/0/1]mpls ldp

R4

[R4]mpls ls    
[R4]mpls lsr-id 4.4.4.4
[R4]mpls 
Info: Mpls starting, please wait... OK!
[R4-mpls]mpls ldp
[R4-mpls-ldp]int g0/0/0   
[R4-GigabitEthernet0/0/0]mpls  
[R4-GigabitEthernet0/0/0]mpls ldp

查看是否创建成功

 6.启动BGP协议

R2

[R2]bgp 1  
[R2-bgp]router-id 2.2.2.2
[R2-bgp]peer 4.4.4.4 as-number 1
[R2-bgp]peer 4.4.4.4 connect-interface LoopBack 0

R4

[R4]bgp 1
[R4-bgp]router-id 4.4.4.4  
[R4-bgp]peer 2.2.2.2 as-number 1
[R4-bgp]peer 2.2.2.2 connect-interface LoopBack 0

7.创建MPLS的VPN

R2

[R2]ip vpn-instance a   
[R2-vpn-instance-a]
[R2-vpn-instance-a]
[R2-vpn-instance-a]
[R2-vpn-instance-a]ipv4-family    
[R2-vpn-instance-a-af-ipv4]
[R2-vpn-instance-a-af-ipv4]
[R2-vpn-instance-a-af-ipv4]
[R2-vpn-instance-a-af-ipv4]route-distinguisher 1:1   
[R2-vpn-instance-a-af-ipv4]
[R2-vpn-instance-a-af-ipv4]
[R2-vpn-instance-a-af-ipv4]
[R2-vpn-instance-a-af-ipv4]vpn-target 1:1   
 IVT Assignment result: 
Info: VPN-Target assignment is successful.
 EVT Assignment result: 
Info: VPN-Target assignment is successful.
[R2-vpn-instance-a-af-ipv4]
[R2-vpn-instance-a-af-ipv4]
[R2-vpn-instance-a-af-ipv4]
[R2-vpn-instance-a-af-ipv4]interface GigabitEthernet 0/0/1   
[R2-GigabitEthernet0/0/1]
[R2-GigabitEthernet0/0/1]
[R2-GigabitEthernet0/0/1]
[R2-GigabitEthernet0/0/1]ip binding vpn-instance a 
Info: All IPv4 related configurations on this interface are removed!
Info: All IPv6 related configurations on this interface are removed!
Aug 17 2023 00:13:39-08:00 R2 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the DOWN state. 
[R2-GigabitEthernet0/0/1]
Aug 17 2023 00:13:39-08:00 R2 %%01OSPF/3/NBR_CHG_DOWN(l)[2]:Neighbor event:neigh
bor state changed to Down. (ProcessId=256, NeighborAddress=3.3.3.3, NeighborEven
t=KillNbr, NeighborPreviousState=Full, NeighborCurrentState=Down) 
[R2-GigabitEthernet0/0/1]
[R2-GigabitEthernet0/0/1] 
[R2-GigabitEthernet0/0/1]
[R2-GigabitEthernet0/0/1]ip address 192.168.2.2 24 
Aug 17 2023 00:13:39-08:00 R2 %%01OSPF/3/NBR_DOWN_REASON(l)[3]:Neighbor state le
aves full or changed to Down. (ProcessId=256, NeighborRouterId=3.3.3.3, Neighbor
AreaId=0, NeighborInterface=GigabitEthernet0/0/1,NeighborDownImmediate reason=Ne
ighbor Down Due to Kill Neighbor, NeighborDownPrimeReason=Logical Interface Stat
e Change, NeighborChangeTime=2023-08-17 00:13:39-08:00) 
[R2-GigabitEthernet0/0/1]ip address 192.168.2.2 24 
Aug 17 2023 00:13:42-08:00 R2 %%01IFNET/4/LINK_STATE(l)[4]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the UP state. 
[R2-GigabitEthernet0/0/1]
[R2-GigabitEthernet0/0/1]q
[R2]ip vpn-instance c 
[R2-vpn-instance-c]
[R2-vpn-instance-c]
[R2-vpn-instance-c]
[R2-vpn-instance-c]ipv4-family    
[R2-vpn-instance-c-af-ipv4]
[R2-vpn-instance-c-af-ipv4]
[R2-vpn-instance-c-af-ipv4]
[R2-vpn-instance-c-af-ipv4]
[R2-vpn-instance-c-af-ipv4]
[R2-vpn-instance-c-af-ipv4]
[R2-vpn-instance-c-af-ipv4]
[R2-vpn-instance-c-af-ipv4]
[R2-vpn-instance-c-af-ipv4]
[R2-vpn-instance-c-af-ipv4]interface GigabitEthernet 0/0/2   
[R2-GigabitEthernet0/0/2]
[R2-GigabitEthernet0/0/2]
[R2-GigabitEthernet0/0/2]
[R2-GigabitEthernet0/0/2]ip binding vpn-instance c    
Info: All IPv4 related configurations on this interface are removed!
Info: All IPv6 related configurations on this interface are removed!
[R2-GigabitEthernet0/0/2]
[R2-GigabitEthernet0/0/2]
[R2-GigabitEthernet0/0/2]
[R2-GigabitEthernet0/0/2]ip address 192.168.3.2 24 
Aug 17 2023 00:15:53-08:00 R2 %%01BGP/3/STATE_CHG_UPDOWN(l)[5]:The status of the
 peer 4.4.4.4 changed from ESTABLISHED to IDLE. (InstanceName=Public, StateChang
eReason=Hold Timer Expired)  
[R2-GigabitEthernet0/0/2]ip address 192.168.3.2 24 
Aug 17 2023 00:19:41-08:00 R2 %%01IFNET/4/LINK_STATE(l)[6]:The line protocol IP 
on the interface GigabitEthernet0/0/2 has entered the UP state. 
[R2-GigabitEthernet0/0/2]

R4

[R4]ip vpn-instance b  
[R4-vpn-instance-b]
[R4-vpn-instance-b]
[R4-vpn-instance-b]
[R4-vpn-instance-b]ipv4-family    
[R4-vpn-instance-b-af-ipv4]
[R4-vpn-instance-b-af-ipv4]
[R4-vpn-instance-b-af-ipv4]
[R4-vpn-instance-b-af-ipv4]route-distinguisher 1:1   
[R4-vpn-instance-b-af-ipv4]
[R4-vpn-instance-b-af-ipv4]
[R4-vpn-instance-b-af-ipv4]
[R4-vpn-instance-b-af-ipv4]vpn-target 1:1   
 IVT Assignment result: 
Info: VPN-Target assignment is successful.
 EVT Assignment result: 
Info: VPN-Target assignment is successful.
[R4-vpn-instance-b-af-ipv4]
[R4-vpn-instance-b-af-ipv4]
[R4-vpn-instance-b-af-ipv4]
[R4-vpn-instance-b-af-ipv4]interface GigabitEthernet 0/0/0   
[R4-GigabitEthernet0/0/0]
[R4-GigabitEthernet0/0/0]
[R4-GigabitEthernet0/0/0]
[R4-GigabitEthernet0/0/0]ip binding vpn-instance b 
Info: All IPv4 related configurations on this interface are removed!
Info: All IPv6 related configurations on this interface are removed!
Aug 17 2023 00:16:22-08:00 R4 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the DOWN state. 
[R4-GigabitEthernet0/0/0]
Aug 17 2023 00:16:22-08:00 R4 %%01OSPF/3/NBR_CHG_DOWN(l)[1]:Neighbor event:neigh
bor state changed to Down. (ProcessId=256, NeighborAddress=3.3.3.3, NeighborEven
t=KillNbr, NeighborPreviousState=Full, NeighborCurrentState=Down) 
[R4-GigabitEthernet0/0/0]
[R4-GigabitEthernet0/0/0]
[R4-GigabitEthernet0/0/0]
Aug 17 2023 00:16:22-08:00 R4 %%01OSPF/3/NBR_DOWN_REASON(l)[2]:Neighbor state le
aves full or changed to Down. (ProcessId=256, NeighborRouterId=3.3.3.3, Neighbor
AreaId=0, NeighborInterface=GigabitEthernet0/0/0,NeighborDownImmediate reason=Ne
ighbor Down Due to Kill Neighbor, NeighborDownPrimeReason=Logical Interface Stat
e Change, NeighborChangeTime=2023-08-17 00:16:22-08:00) 
[R4-GigabitEthernet0/0/0]
[R4-GigabitEthernet0/0/0]ip address 192.168.3.1 24 
Aug 17 2023 00:16:24-08:00 R4 %%01IFNET/4/LINK_STATE(l)[3]:The line protocol IP 
on the interface GigabitEthernet0/0/0 has entered the UP state. 
[R4-GigabitEthernet0/0/0]
[R4-GigabitEthernet0/0/0]
[R4-GigabitEthernet0/0/0]
[R4-GigabitEthernet0/0/0]q
[R4]ip vpn-instance d  
[R4-vpn-instance-d]
[R4-vpn-instance-d]
[R4-vpn-instance-d]
[R4-vpn-instance-d]ipv4-family    
[R4-vpn-instance-d-af-ipv4]
[R4-vpn-instance-d-af-ipv4]
[R4-vpn-instance-d-af-ipv4]
[R4-vpn-instance-d-af-ipv4]route-distinguisher 6:6 
[R4-vpn-instance-d-af-ipv4]
[R4-vpn-instance-d-af-ipv4]
[R4-vpn-instance-d-af-ipv4]
[R4-vpn-instance-d-af-ipv4]vpn-target 6:6
 IVT Assignment result: 
Info: VPN-Target assignment is successful.
 EVT Assignment result: 
Info: VPN-Target assignment is successful.
[R4-vpn-instance-d-af-ipv4]
[R4-vpn-instance-d-af-ipv4]
 

8.使内网互通

R1

[R1]ip route-static 192.168.3.0 255.255.255.0 192.168.2.2
[R1]ip route-static 192.168.4.0 255.255.255.0 192.168.2.2

R2

[R2]ip route-static vpn-instance a 192.168.1.0 255.255.255.0 192.168.2.1

[R2]rip 1 vpn-instance  c

[R2-rip-1]version 2

[R2-rip-1] network 192.168.2.0

R4

[R4]ip route-static vpn-instance b 192.168.4.0 255.255.255.0 192.168.3.2

[R4]ospf 2 vpn-instance d

[R4-ospf-2]area 0.0.0.0 

[R4-ospf-2]network 192.168.3.3 0.0.0.0

R5

[R5]ip route-static 192.168.1.0 255.255.255.0 192.168.3.1
[R5]ip route-static 192.168.2.0 255.255.255.0 192.168.3.1

R6

[R6]rip 1  router-id 6.6.6.6

[R6-rip-1]version 2

[R6-rip-1]network 192.168.1.0

[R6-rip-1-0.0.0.0]network 192.168.2.0

R7

[R7]ospf 1    router-id 7.7.7.7    

[R7-ospf-1]area 0  

[R7-ospf-1-area-0.0.0.0]network 192.168.4.2 0.0.0.0 

9.双向重发布

R2

[r2]bgp 1

 [r2-bgp]ipv4 vpn-instance a

 [r2-bgp-a]import-route direct      

[r2-bgp-a]import-route static

[R2]bgp 1

[R2-bgp]ipv4-family vpn-instance c 

[R2-bgp-c]  import-route rip 1

[R2] rip 1 vpn-instance c

[R2-rip-1]import-route bgp

R4

[r4]bgp 1

 [r4-bgp]ipv4 vpn-instance b

 [r4-bgp-a]import-route direct      

[r4-bgp-a]import-route static

[R4]bgp 1

[R4-bgp]ipv4-family vpn-instance d

[R4-bgp-c]  import-route ospf 2

[R4]ospf 2 vpn-instance d

[R4-ospf-2] import-route bgp

四、测试