Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Lab - Mpls - VPN Com Ospf Entre Ce e Pe

    Hochgeladen von

    Paulo Dembi
    65 Ansichten5 Seiten
    1) O documento descreve como configurar um serviço MPLS-VPN usando o emulador GNS3. 2) Dois VPNs (VPN_A e VPN_B) são criados isolando o tráfego. 3) Os protocolos OSPF e BGP são configurados nos roteadores para transportar as rotas entre as VPNs.

    Originalbeschreibung:

    mpls

    Originaltitel

    Lab_mpls_vpn Com Ospf Entre Ce e Pe

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    1) O documento descreve como configurar um serviço MPLS-VPN usando o emulador GNS3. 2) Dois VPNs (VPN_A e VPN_B) são criados isolando o tráfego. 3) Os protocolos OSPF e BGP são configurados nos roteadores para transportar as rotas entre as VPNs.

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    65 Ansichten5 Seiten

    Lab - Mpls - VPN Com Ospf Entre Ce e Pe

    Hochgeladen von

    Paulo Dembi
    1) O documento descreve como configurar um serviço MPLS-VPN usando o emulador GNS3. 2) Dois VPNs (VPN_A e VPN_B) são criados isolando o tráfego. 3) Os protocolos OSPF e BGP são configurados nos roteadores para transportar as rotas entre as VPNs.

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 5

    ____________________________________________________________________________________

    _____________________________________________________________
    Laboratrio - MPLS MPLS-VPN
    Usando o Emulador GNS3
    Treinamento MPLS 2013
    _______________________________________________________________

    Objetivo:
    - Configurar o servio MPLS-VPN;
    - Visualizar e testar as funcionalidades deste servio.

    Neste laboratrio, iremos utilizar o protocolo de roteamento OSPF entre os CEs e o


    PEs.

    Topologia:

    TOPOLOGIA - MPLS VPN

    VPN_A VPN_B

    S1/0 L0: 172.10.0.1/32


    S1/0 CE21
    CE11 .2
    .2
    S1/0 S1/1 150.1.2.0/30
    150.1.1.0/30 192.168.0.12/30 192.168.0.20/30
    .14 .22
    P1 S1/2
    S2/0 .29
    L0: 200.1.0.1/32 .9 S1/2 L0: 200.2.0.1/32
    S1/0 S1/2 S1/0
    .13
    .1 192.168.0.28/30 .21 .1
    S1/3 S1/3 S1/1
    S1/1
    .17 .25 PE2 .5
    .5 PE1
    L0: 172.1.0.1/32 S1/2 .30 L0: 172.2.0.1/32

    S1/0 S1/1
    VPN_B 192.168.0.24/30 VPN_A
    150.1.1.4/30 192.168.0.16/30 150.1.2.4/30
    S1/0 .18 .26 S1/0
    .6 .6
    CE12 L0: 172.20.0.1/32
    P2 CE22
    Backbone
    MPLS
    L0: 200.1.0.2/32
    L0: 200.2.0.2/32

    Consideramos para este Lab que todas as configuraes efetuadas no Laboratrio


    Funcionalidades Bsicas do MPLS, j estejam prontas, com exceo dos roteadores
    CEs, que iro utilizar o protocolo OSPF.
    ____________________________________________________________________________________

    Configurando o Servio MPLS-VPN:


    Nesse caso, iremos isolar o trfego fazendo uso de duas VPNs (VPN_A e VPN_B).
    Os roteadores CE11 e CE22 iro fazer parte da VPN_A, e os roteadores CE12 e CE21 faro
    parte da VPN_B.

    1- Configure duas VPNs e aplique as mesmas.

    Para VPN_A use RD e RT 65000:1. Para VPN_B use RD e RT 65000:2

    PE1(config)#ip vrf VPN_A


    PE1(config-vrf)#rd 65000:1
    PE1(config-vrf)#router-target 65000:1

    PE1(config)#ip vrf VPN_B


    PE1(config-vrf)#rd 65000:2
    PE1(config-vrf)#router-target 65000:2

    PE1(config)#interface serial 1/0


    PE1(config-if)#ip vrf forwarding VPN_A
    PE1(config-if)#ip address 150.1.1.1 255.255.255.252

    PE1(config)#interface serial 1/1


    PE1(config-if)#ip vrf forwarding VPN_B
    PE1(config-if)# ip address 150.1.1.5 255.255.255.252

    PE2(config)#ip vrf VPN_A


    PE2(config-vrf)#rd 65000:1
    PE2(config-vrf)#router-target 65000:1

    PE2(config)#ip vrf VPN_B


    PE2(config-vrf)#rd 65000:2
    PE2(config-vrf)#router-target 65000:2

    PE2(config)#interface serial 1/0


    PE2(config-if)#ip vrf forwarding VPN_B
    PE2(config-if)#ip address 150.1.2.1 255.255.255.252

    PE2(config)#interface serial 1/1


    PE2(config-if)#ip vrf forwarding VPN_A
    PE2(config-if)#ip address 150.1.2.5 255.255.255.252
    ____________________________________________________________________________________

    2- Efetue o comando abaixo para verificao das VRFs:

    PE1#show ip vrf VPN_A


    PE1#show ip vrf VPN_B

    3- Tente efetuar um ping ponto a ponto a partir do PE1, para o CE11.

    PE1#ping vrf VPN_A 150.1.1.2

    4- Configure o protocolo OSPF nos roteadores CEs. Utilize o processo 1 e rea 0.

    CE11(config)#router ospf 1
    CE11(config-router)#network 150.1.1.2 0.0.0.0 area 0
    CE11(config-router)#network 200.1.0.1 0.0.0.0 area 0

    CE12(config)#router ospf 1
    CE12(config-router)#network 150.1.1.6 0.0.0.0 area 0
    CE12(config-router)#network 200.1.0.2 0.0.0.0 area 0

    CE21(config)#router ospf 1
    CE21(config-router)#network 150.1.2.2 0.0.0.0 area 0
    CE21(config-router)#network 200.2.0.1 0.0.0.0 area 0

    CE22(config)#router ospf 1
    CE22(config-router)#network 150.1.2.6 0.0.0.0 area 0
    CE22(config-router)#network 200.2.0.2 0.0.0.0 area 0

    5- Configure o BGP para o transporte das VPNs (MP-BGP)

    PE1(config)#router bgp 65000


    PE1(config-router)#address-family vpnv4
    PE1(config-router-af)#neighbor 172.2.0.1 activate
    PE1(config-router-af)#neighbor 172.2.0.1 send-community extended
    PE1(config-router-af)#neighbor 172.2.0.1 next-hop-self

    PE2(config)#router bgp 65000


    PE2(config-router)#address-family vpnv4
    PE2(config-router-af)#neighbor 172.1.0.1 activate
    PE2(config-router-af)#neighbor 172.1.0.1 send-community extended
    PE2(config-router-af)#neighbor 172.1.0.1 next-hop-self
    ____________________________________________________________________________________

    6- Crie o protocolo OSPF nos PEs, de forma que os roteadores PEs possam atingir as
    loopbacks de seus respectivos CEs.

    PE1(config)#router ospf 1 vrf VPN_A


    PE1(config-router)#network 150.1.1.1 0.0.0.0 area 0
    PE1(config-router)#redistribute bgp 65000 subnets

    PE1(config)#router bgp 65000


    PE1(config-router)#address-family ipv4 vrf VPN_A
    PE1(config-router-af)#redistribute ospf 1

    * Na prtica, importante que seja feito um filtro de roteamento, ao configurar o processo de


    redistribuio, de forma que apenas as rotas necessrias sejam redistribudas.
    Para a VRF_B, utilize o processo OSPF 2.

    PE1(config)#router ospf 2 vrf VPN_B


    PE1(config-router)#network 150.1.1.5 0.0.0.0 area 0
    PE1(config-router)#redistribute bgp 65000 subnets

    PE1(config)#router bgp 65000


    PE1(config-router)#address-family ipv4 vrf VPN_B
    PE1(config-router-af)#redistribute ospf 2

    PE2(config)#router ospf 1 vrf VPN_A


    PE2(config-router)#network 150.1.2.5 0.0.0.0 area 0
    PE2(config-router)#redistribute bgp 65000 subnets

    PE2(config)#router bgp 65000


    PE2(config-router)#address-family ipv4 vrf VPN_A
    PE2(config-router-af)#redistribute ospf 1

    PE2(config)#router ospf 2 vrf VPN_B


    PE2(config-router)#network 150.1.2.1 0.0.0.0 area 0
    PE2(config-router)#redistribute bgp 65000 subnets

    PE2(config)#router bgp 65000


    PE2(config-router)#address-family ipv4 vrf VPN_B
    PE2(config-router-af)#redistribute ospf 2
    ____________________________________________________________________________________

    7- Verifique a tabela de roteamento dos CEs e PEs, para as VPNs A e B.

    Ex. para o CE11 e PE1:

    CE11#sh ip route

    200.1.0.0/32 is subnetted, 1 subnets


    C 200.1.0.1 is directly connected, Loopback0
    200.2.0.0/32 is subnetted, 1 subnets
    O IA 200.2.0.2 [110/129] via 150.1.1.1, 00:21:47, Serial1/0
    10.0.0.0/24 is subnetted, 1 subnets
    C 10.1.1.0 is directly connected, FastEthernet0/0
    150.1.0.0/30 is subnetted, 2 subnets
    O IA 150.1.2.4 [110/65] via 150.1.1.1, 00:21:47, Serial1/0
    C 150.1.1.0 is directly connected, Serial1/0

    PE1#sh ip route vrf VPN_A

    200.1.0.0/32 is subnetted, 1 subnets


    O 200.1.0.1 [110/65] via 150.1.1.2, 00:26:09, Serial1/0
    200.2.0.0/32 is subnetted, 1 subnets
    B 200.2.0.2 [200/65] via 172.2.0.1, 00:11:25
    150.1.0.0/30 is subnetted, 2 subnets
    B 150.1.2.4 [200/0] via 172.2.0.1, 00:11:25
    C 150.1.1.0 is directly connected, Serial1/0

    PE1#sh ip route vrf VPN_B

    200.1.0.0/32 is subnetted, 1 subnets


    O 200.1.0.2 [110/65] via 150.1.1.6, 00:17:35, Serial1/1
    200.2.0.0/32 is subnetted, 1 subnets
    B 200.2.0.1 [200/65] via 172.2.0.1, 00:10:50
    150.1.0.0/30 is subnetted, 2 subnets
    C 150.1.1.4 is directly connected, Serial1/1
    B 150.1.2.0 [200/0] via 172.2.0.1, 00:10:50

    8- Teste agora a conectividade entre os CEs.

    CE11#ping 200.2.0.2
    CE12#ping 200.2.0.1

    *Todos os testes devem ser concludos com xito.

    Das könnte Ihnen auch gefallen