본문 바로가기
네트워크 & 클라우드/라우팅 & 스위칭

[MPLS] 실습 1 - MPLS 기본 구성 및 RT import & 필터링

김냥코오 2023. 9. 25. 15:39

RR
interface Loopback0
 ip address 10.255.0.6 255.255.255.255
 ip ospf network point-to-point

interface Ethernet0/0
 description ## P ##
 ip address 10.255.255.17 255.255.255.252
 ip ospf network point-to-point

router ospf 1
 mpls ldp sync
 mpls ldp autoconfig
 router-id 10.255.0.6
 network 10.255.0.6 0.0.0.0 area 0
 network 10.255.255.17 0.0.0.0 area 0

router bgp 65000
 bgp router-id 10.255.0.6
 neighbor RR-Client peer-group
 neighbor RR-Client remote-as 65000
 neighbor RR-Client update-source Loopback0
 neighbor RR-Client route-reflector-client
 neighbor 10.255.0.1 peer-group RR-Client
 neighbor 10.255.0.2 peer-group RR-Client
 neighbor 10.255.0.4 peer-group RR-Client
 neighbor 10.255.0.5 peer-group RR-Client
 
 address-family vpnv4
  neighbor RR-Client send-community extended
  neighbor RR-Client route-reflector-client
  neighbor 10.255.0.1 activate
  neighbor 10.255.0.2 activate
  neighbor 10.255.0.4 activate
  neighbor 10.255.0.5 activate
 exit-address-family

 

mpls label protocol ldp
mpls ldp router-id Loopback0

interface Loopback0
 ip address 10.255.0.3 255.255.255.255

interface Ethernet0/0
 description ## PE1/2 ##
 ip address 10.255.255.2 255.255.255.252
 ip ospf network point-to-point

interface Ethernet0/1
 description ## PE3/4 ##
 ip address 10.255.255.6 255.255.255.252
 ip ospf network point-to-point

interface Ethernet0/2
 description ## CPE1 ##
 ip address 10.255.255.10 255.255.255.252
 ip ospf network point-to-point

interface Ethernet0/3
 description ## CPE2 ##
 ip address 10.255.255.14 255.255.255.252
 ip ospf network point-to-point

interface Ethernet1/3
 description ## RR ##
 ip address 10.255.255.18 255.255.255.252
 ip ospf network point-to-point

router ospf 1
 mpls ldp sync
 mpls ldp autoconfig
 router-id 10.255.0.3
 network 10.255.0.3 0.0.0.0 area 0
 network 10.255.255.0 0.0.0.255 area 0

 

PE1,2
 ip vrf A
 rd 65000:100001
 route-target export 65000:2100
 route-target import 65000:2100

mpls label protocol ldp
mpls ldp router-id Loopback0

interface Loopback0
 ip address 10.255.0.1 255.255.255.255

interface Ethernet0/0
 description ## P ##
 ip address 10.255.255.1 255.255.255.252
 ip ospf network point-to-point

interface Ethernet0/1
 description ## PC(1.1.1.1) ##
 ip vrf forwarding A
 ip address 1.1.1.254 255.255.255.0

router ospf 1
 mpls ldp sync
 mpls ldp autoconfig
 router-id 10.255.0.1
 network 10.255.0.1 0.0.0.0 area 0
 network 10.255.255.1 0.0.0.0 area 0

router bgp 65000
 bgp router-id 10.255.0.1
 neighbor 10.255.0.6 remote-as 65000
 
 address-family vpnv4
  neighbor 10.255.0.6 activate
 exit-address-family
 
 address-family ipv4 vrf A
  redistribute connected
  maximum-paths ibgp 4
 exit-address-family

 

PE3,4
ip vrf B
 rd 65000:200002
 route-target export 65000:2200
 route-target import 65000:2200

mpls label protocol ldp

interface Loopback0
 ip address 10.255.0.2 255.255.255.255
 ip ospf network point-to-point

interface Ethernet0/0
 description ## P ##
 ip address 10.255.255.5 255.255.255.252
 ip ospf network point-to-point

interface Ethernet0/1
 description ## PC(2.2.2.2) ##
 ip vrf forwarding B
 ip address 2.2.2.254 255.255.255.0
 
 router ospf 1
 mpls ldp sync
 mpls ldp autoconfig
 router-id 10.255.0.2
 network 10.255.0.2 0.0.0.0 area 0
 network 10.255.255.5 0.0.0.0 area 0

router bgp 65000
 bgp router-id 10.255.0.2
 neighbor 10.255.0.6 remote-as 65000
 neighbor 10.255.0.6 update-source Loopback0
 
 address-family vpnv4
  neighbor 10.255.0.6 activate
  neighbor 10.255.0.6 send-community extended
 exit-address-family
 
 address-family ipv4 vrf B
  redistribute connected
  maximum-paths ibgp 4
 exit-address-family

mpls ldp router-id Loopback0

 

 

CPE1
ip vrf A
 rd 65000:100004
 route-target export 65000:2100
 route-target import 65000:2100
 
 mpls label protocol ldp

interface Loopback0
 ip address 10.255.0.4 255.255.255.255
 ip ospf network point-to-point

interface Ethernet0/0
 description ## P ##
 ip address 10.255.255.9 255.255.255.252
 ip ospf network point-to-point

interface Ethernet0/1
 description ## PC(4.4.4.4) ##
 ip vrf forwarding A
 ip address 4.4.4.254 255.255.255.0

router ospf 1
 mpls ldp sync
 mpls ldp autoconfig
 router-id 10.255.0.4
 network 10.255.0.4 0.0.0.0 area 0
 network 10.255.255.9 0.0.0.0 area 0

router bgp 65000
 bgp router-id 10.255.0.4
 neighbor 10.255.0.6 remote-as 65000
 neighbor 10.255.0.6 update-source Loopback0
 
 address-family vpnv4
  neighbor 10.255.0.6 activate
  neighbor 10.255.0.6 send-community extended
 exit-address-family
 
 address-family ipv4 vrf A
  redistribute connected
  maximum-paths ibgp 4
 exit-address-family

mpls ldp router-id Loopback0

 

CPE2
ip vrf B
 rd 65000:200005
 route-target export 65000:2200
 route-target import 65000:2200
 
 mpls label protocol ldp

 interface Loopback0
 ip address 10.255.0.5 255.255.255.255
 ip ospf network point-to-point

interface Ethernet0/0
 description ## P ##
 ip address 10.255.255.13 255.255.255.252
 ip ospf network point-to-point

interface Ethernet0/1
 description ## PC(5.5.5.5) ##
 ip vrf forwarding B
 ip address 5.5.5.254 255.255.255.0

router ospf 1
 mpls ldp sync
 mpls ldp autoconfig
 router-id 10.255.0.5
 network 10.255.0.5 0.0.0.0 area 0
 network 10.255.255.13 0.0.0.0 area 0
 
router bgp 65000
 bgp router-id 10.255.0.5
 bgp log-neighbor-changes
 neighbor 10.255.0.6 remote-as 65000
 neighbor 10.255.0.6 update-source Loopback0
 
 address-family vpnv4
  neighbor 10.255.0.6 activate
  neighbor 10.255.0.6 send-community extended
 exit-address-family
 
 address-family ipv4 vrf B
  redistribute connected
  maximum-paths ibgp 4
 exit-address-family

mpls ldp router-id Loopback0

 

 

결과

 

  • PE12에서 CPE1의 vrf A를 import(rt 65000:2100) 하면, CPE1 vrf A에서 connected 재분배한 4.4.4.0/24가 PE12 라우팅 테이블에 인스톨 됨.

  • PE12에서 CPE2의 vrf B를 import(rt 65000:2200) 하면, CPE2 vrf B에서 connected 재분배한  4.4.4.0/24가 PE12 라우팅 테이블에 인스톨 됨. 원래라면 bgp의 속성에 의해 경합을 벌이고, 단일 경로로 라우팅 테이블에 인스톨 됨.
  • 하지만 나는 PE의 address-family ipv4 vrf A or B에 maximum-paths 설정을 넣었기에 로드 밸런싱 됨.

 

 

 

 

 

특정대역 차단

 

 

PE34
  • vrf A가 export 한 RT를 import 하고 라우팅 테이블을 봐보자
ip vrf B
 rd 65000:200002
 route-target export 65000:2200
 route-target import 65000:2200
 route-target import 65000:2100
!

 

 

  • 3.3.3.0/24 대역을 차단하고 싶다. 격하게..

 

PE34
  • acl, route-map 등을 만들어서, import map을 적용시키고 결과를 봐보자
ip vrf B
 rd 65000:200002
 import map B_IN
 route-target export 65000:2200
 route-target import 65000:2200
 route-target import 65000:2100
!
ip prefix-list B_IN seq 5 permit 3.3.3.0/24 le 32
!
route-map B_IN deny 10
 match ip address prefix-list B_IN
!
route-map B_IN permit 20

 

  • 3.3.3.0/24 대역 차단완료

 

 

 

 

 

 

'네트워크 & 클라우드 > 라우팅 & 스위칭' 카테고리의 다른 글

[근본투어 - 01] Floating Static Routing 확인 방법  (0) 2023.10.12
[MPLS] 실습 2 - RT 조정 없이 vrf 간 통신  (0) 2023.09.28
라우팅 테이블과 포워딩 테이블  (0) 2023.09.24
1. OSPF 개요 - 01  (0) 2023.04.19
MPLS-VPN 01. 기본 개념  (0) 2023.04.19

'네트워크 & 클라우드/라우팅 & 스위칭' Related Articles

티스토리툴바