HCIP 第十二天作业

实验要求

 实验拓扑

 配置IP地址

R1

[R1]inter g0/0/0
[R1-GigabitEthernet0/0/0]ip ad 192.168.2.1 24
[R1-GigabitEthernet0/0/0]inter l0
[R1-LoopBack0]ip add 192.168.1.1 24

R2

[R2]inter g0/0/1
[R2-GigabitEthernet0/0/1]ip ad 23.1.1.2 24
[R2-GigabitEthernet0/0/1]inter lo0
[R2-LoopBack0]ip ad 2.2.2.2 24

R3

[R3]INT G0/0/0
[R3-GigabitEthernet0/0/0]IP ADD 23.0.0.2 24
[R3-GigabitEthernet0/0/0]INT G0/0/1
[R3-GigabitEthernet0/0/1]IP ADD 34.0.0.1 24
[R3-GigabitEthernet0/0/1]INT L0
[R3-LoopBack0]IP ADD 3.3.3.3 24

R4

[R4]INT L0 
[R4-LoopBack0]IP ADD 4.4.4.4 24
[R4-LoopBack0]inter g0/0/0
[R4-GigabitEthernet0/0/0]ip ad 34.1.1.4 24
[R4]inter g4/0/0
[R4-GigabitEthernet4/0/0]ip ad 100.1.1.1 24

R5

[R5]inter g0/0/0
[R5-GigabitEthernet0/0/0]ip ad 192.168.3.1 24
[R5-GigabitEthernet0/0/0]inter lo0
[R5-LoopBack0]ip ad 192.168.4.1 24

R6

[R6]inter g0/0/0
[R6-GigabitEthernet0/0/0]ip ad 192.168.2.1 24
[R6-GigabitEthernet0/0/0]inter lo0
[R6-LoopBack0]ip ad 192.168.1.2 24

R7

[R7]inter g0/0/0
[R7-GigabitEthernet0/0/0]ip ad 192.168.3.1 24
[R7-GigabitEthernet0/0/0]inter lo0
[R7-LoopBack0]ip ad 192.168.4.2 24
[R7]inter g0/0/1
[R7-GigabitEthernet0/0/1]ip ad 100.1.1.2 24

起OSPF

R2

[R2]OSPF 1 router-id 2.2.2.2
[R2-ospf-1]AREA 0
[R2-ospf-1-area-0.0.0.0]network 23.1.1.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]network 2.2.2.0 0.0.0.255 

R3

[R3]OSPF 1 router-id 3.3.3.3
[R3-ospf-1]AREA 0
[R3-ospf-1-area-0.0.0.0]network 23.1.1.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 34.1.1.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 3.3.3.0 0.0.0.255

R4 

[R4]OSPF 1 router-id 4.4.4.4
[R4-ospf-1]AREA 0
[R4-ospf-1-area-0.0.0.0]network 34.1.1.0 0.0.0.255
[R4-ospf-1-area-0.0.0.0]network 4.4.4.0 0.0.0.255

MPLS配置（注：设置之后需在所有标签经过的接口上开启协议）

R2

[R2]mpls lsr-id 2.2.2.2
[R2]mpls
Info: Mpls starting, please wait... OK!
[R2-mpls]mpls ldp
[R2-mpls-ldp]q
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]mpls
[R2-GigabitEthernet0/0/1]mpls ldp

R3

[R3]mpls lsr-id 3.3.3.3
[R3]mpls
Info: Mpls starting, please wait... OK!
[R3-mpls]mpls ldp
[R3-mpls-ldp]Q
[R3]interface GigabitEthernet 0/0/0
[R3-GigabitEthernet0/0/0]mpls
[R3-GigabitEthernet0/0/0]mpls ldp
[R3-GigabitEthernet0/0/0]interface GigabitEthernet 0/0/1
[R3-GigabitEthernet0/0/1]mpls
[R3-GigabitEthernet0/0/1]mpls ldp

R4

[R4]mpls lsr-id 4.4.4.4
[R4]mpls
Info: Mpls starting, please wait... OK!
[R4-mpls]mpls ldp
[R4-mpls-ldp]q
[R4]interface GigabitEthernet 0/0/0
[R4-GigabitEthernet0/0/0]mpls
[R4-GigabitEthernet0/0/0]mpls ldp

配置MPLS VPN

R2

[R2]ip vpn-instance a
[R2-vpn-instance-a]route-distinguisher 1:1
[R2-vpn-instance-a-af-ipv4]vpn-target 1:1
[R2-vpn-instance-a-af-ipv4]interface GigabitEthernet 0/0/0
[R2-GigabitEthernet0/0/0]ip binding vpn-instance a
[R2-GigabitEthernet0/0/0]ip address 192.168.2.2 24


[R2-GigabitEthernet0/0/0]ip vpn-instance b
[R2-vpn-instance-b]route-distinguisher 2:2
[R2-vpn-instance-b-af-ipv4]vpn-target 2:2
[R2-vpn-instance-b-af-ipv4]interface GigabitEthernet 0/0/2
[R2-GigabitEthernet0/0/2]ip binding vpn-instance b
[R2-GigabitEthernet0/0/2]ip address 192.168.2.2 24

R4

[R4]ip vpn-instance a
[R4-vpn-instance-a]route-distinguisher 1:1
[R4-vpn-instance-a-af-ipv4]vpn-target 1:1
[R4-vpn-instance-a-af-ipv4]interface GigabitEthernet 0/0/1
[R4-GigabitEthernet0/0/1]ip binding vpn-instance a
[R4-GigabitEthernet0/0/1]ip address 192.168.3.2 24


[R4-GigabitEthernet0/0/1]ip vpn-instance b
[R4-vpn-instance-b]route-distinguisher 2:2
[R4-vpn-instance-b-af-ipv4]vpn-target 2:2
[R4-vpn-instance-b-af-ipv4]interface GigabitEthernet 0/0/2
[R4-GigabitEthernet0/0/2]ip binding vpn-instance b
[R4-GigabitEthernet0/0/2]ip address 192.168.3.2 24

 补充路由（R2没有R1、R6还回的路由）（R4没有R5、R7环回的路由）

R1

[R1]ospf 2
[R1-ospf-2]area 0
[R1-ospf-2-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[R1-ospf-2-area-0.0.0.0]network 192.168.2.0 0.0.0.255

R2

[R2]ospf 2 vpn-instance a
[R2-ospf-2]area 0
[R2-ospf-2-area-0.0.0.0]network 192.168.2.0 0.0.0.255

[R2]ospf 3 vpn-instance b
[R2-ospf-3]area 0
[R2-ospf-3-area-0.0.0.0]network 192.168.2.0 0.0.0.255

R6

[R6]ospf 3
[R6-ospf-3]area 0
[R6-ospf-3-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[R6-ospf-3-area-0.0.0.0]network 192.168.2.0 0.0.0.255

R4

[R4]ospf 2 vpn-instance a
[R4-ospf-2]area 0
[R4-ospf-2-area-0.0.0.0]network 192.168.3.0 0.0.0.255


[R4]ospf 3 vpn-instance b
[R4-ospf-3]area 0
[R4-ospf-3-area-0.0.0.0]network 192.168.3.0 0.0.0.255

R5

[R5]ospf 2
[R5-ospf-2]area 0
[R5-ospf-2-area-0.0.0.0]network 192.168.3.0 0.0.0.255
[R5-ospf-2-area-0.0.0.0]network 192.168.4.0 0.0.0.255

R7

[R7]ospf 3
[R7-ospf-3]area 0
[R7-ospf-3-area-0.0.0.0]network 192.168.3.0 0.0.0.255
[R7-ospf-3-area-0.0.0.0]network 192.168.4.0 0.0.0.255

配置bgp

R2

[R2]bgp 1
[R2-bgp]peer 4.4.4.4 as-number 1
[R2-bgp]peer 4.4.4.4 connect-interface lo0
[R2-bgp]ipv4-family vpnv4
[R2-bgp-af-vpnv4]peer 4.4.4.4 enable

R4

[R4]bgp 1
[R4-bgp]peer 2.2.2.2 as-number 1
[R4-bgp]peer 2.2.2.2 connect-interface lo0
[R4-bgp]ipv4-family vpnv4
[R4-bgp-af-vpnv4]peer 2.2.2.2 enable

双向重发布

R2

[R2]bgp 1
[R2-bgp]ipv4-family vpn-instance a
[R2-bgp-a]import-route ospf 2
[R2-bgp-a]ipv4-family vpn-instance b
[R2-bgp-b]import-route ospf 3

[R2-bgp]ospf 2
[R2-ospf-2]import-route bgp
[R2-ospf-2]ospf 3
[R2-ospf-3]import-route bgp

R4 

[R4]bgp 1
[R4-bgp]ipv4-family vpn-instance a
[R4-bgp-a]import-route ospf 2
[R4-bgp-a]ipv4-family vpn-instance b
[R4-bgp-b]import-route ospf 3

[R4-bgp]ospf 2
[R4-ospf-2]import-route bgp
[R4-ospf-2]ospf 3
[R4-ospf-3]import-route bgp

验证

公网地址的配置 

R3(补充一条缺省路由-----r3到r4)

[R3]ip route-static 0.0.0.0 0 34.1.1.4

R4（宣告bgp路由条目100.1.1.0网段）

[R4]bgp 1
[R4-bgp]network 100.1.1.0 24

R6（补充缺省   由于R6上网路线为R6->R2->R3->R4->R7再通过R7上网,要在R4引入缺省）

[R6]ip route-static 0.0.0.0 0 192.168.2.2



[R4-bgp]ipv4-family vpn-instance b
[R4-bgp-b]def
[R4-bgp-b]default-r
[R4-bgp-b]default-route imported

R7（配置ACL）

[R7]acl 2000
[R7-acl-basic-2000]rule permit source any
[R7-acl-basic-2000]q
[R7]inter g0/0/1
[R7-GigabitEthernet0/0/1]nat outbound 2000

[R7]ospf 3
[R7-ospf-3]default-route-advertise always
[R7-ospf-3]q
[R7]ip route-static 0.0.0.0 0 100.1.1.1

验证