CISCO6509和JUNIPER做MPLS VPN

先说明一下,目的是要把6509上的VLAN1和VLAN10,透过自己建立的MPLS VPN与JUNIPER ROUTE上连接的3个VLAN连接,JUNIPER上与CISCO-2950做TRUNK,并担当单网卡的VLAN间路由,

6509

引擎用SUPER720 用WS-X6548-GE-TX上的G3/1和OLIVE1连接

IOS版本:s72033-psv-mz.122-17d.SXB.bin

6509--VRF

ip vrf red

rd 65000:1

route-target export 65000:1

route-target import 65000:1

G3/1的配置

interface GigabitEthernet3/1

ip address 172.16.4.1 255.255.255.0

mpls label protocol ldp

tag-switching ip

MPLS和BGP以及OSPF

interface Vlan1

ip vrf forwarding red

ip address 10.229.8.1 255.255.255.0

interface Vlan10

ip vrf forwarding red

router ospf 1

log-adjacency-changes

network 172.16.4.0 0.0.0.255 area 0

network 192.168.100.0 0.0.0.255 area 0

router ospf 25 vrf red

log-adjacency-changes

redistribute bgp 65000 subnets

network 10.229.1.0 0.0.0.255 area 0

network 10.229.8.0 0.0.0.255 area 0

router bgp 65000

no synchronization

bgp router-id 192.168.100.5

bgp log-neighbor-changes

neighbor 192.168.100.4 remote-as 65000

neighbor 192.168.100.4 update-source Loopback0

neighbor 192.168.100.4 next-hop-self

no auto-summary

address-family vpnv4

neighbor 192.168.100.4 activate

neighbor 192.168.100.4 send-community both

exit-address-family

address-family ipv4 vrf red

redistribute ospf 25 metric 50 match external 1 external 2

no auto-summary

no synchronization

exit-address-family

JUNIPER

VRF的配置

policy-options {

policy-statement MY_IMPORT {

term 1 {

from {

protocol bgp;

community VPN-RED;

then accept;

term 2 {

then reject;

policy-statement MY_EXPORT {

term 1 {

then {

community add VPN-RED;

accept;

term 2 {

then reject;

community VPN-RED members target:65000:01;

routing-instances {

red {

description red-vpn;

instance-type vrf;

interface fxp1.0;

interface fxp1.200;

interface fxp1.300;

route-distinguisher 65000:01;

vrf-export MY_EXPORT;

routing-options {

auto-export;

protocols {

ospf {

area 0.0.0.0 {

interface fxp1.0;

interface fxp1.200;

interface fxp1.300;

FXP1的配置

fxp1 {

vlan-tagging;

unit 0 {

description red-vpn;

vlan-id 1;

family inet {

address 10.229.0.118/24;

family mpls;

unit 200 {

description red-vpn;

vlan-id 20;

family inet {

address 10.229.3.1/24;

family mpls;

unit 300 {

description red-vpn;

vlan-id 10;

family inet {

address 10.229.4.1/24;

family mpls;

c6509#show ip vrf red

Name Default RD Interfaces

red 65000:1 Vlan1

Vlan10

c6509#show ip rou

c6509#show ip route vrf red

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/24 is subnetted, 4B 10.229.4.0 [200/0] via 192.168.100.4, 00:17:47

B 10.229.3.0 [200/0] via 192.168.100.4, 00:17:47

C 10.229.1.0 is directly connected, Vlan10

B 10.229.0.0 [200/0] via 192.168.100.4, 00:17:47

xxzx@olive4# run show route forwarding-table vpn red

Routing table: red.inet

Internet:

Destination Type RtRef Next hop Type Index NhRef Netif

default perm 0 dscd 14 2

10.229.0.0/24 intf 0 rslv 52 1 fxp1.0

10.229.0.0/32 dest 0 10.229.0.0 recv 50 1 fxp1.0

10.229.0.118/32 intf 0 10.229.0.118 locl 51 2

10.229.0.118/32 dest 0 10.229.0.118 locl 51 2

10.229.3.0/24 intf 0 rslv 56 1 fxp1.200

10.229.3.0/32 dest 0 10.229.3.0 recv 54 1 fxp1.200

10.229.3.1/32 intf 0 10.229.3.1 locl 55 2

10.229.3.1/32 dest 0 10.229.3.1 locl 55 2

10.229.3.99/32 dest 0 0:10:60:75:4c:a4 ucst 63 1 fxp1.200

10.229.3.255/32 dest 0 10.229.3.255 bcst 53 1 fxp1.200

10.229.4.0/24 intf 0 rslv 60 1 fxp1.300

10.229.4.0/32 dest 0 10.229.4.0 recv 58 1 fxp1.300

10.229.4.1/32 intf 0 10.229.4.1 locl 59 2

10.229.4.1/32 dest 0 10.229.4.1 locl 59 2

10.229.4.255/32 dest 0 10.229.4.255 bcst 57 1 fxp1.300

224.0.0.0/4 perm 1 mdsc 15 3

224.0.0.1/32 perm 0 224.0.0.1 mcst 11 7

224.0.0.5/32 user 1 224.0.0.5 mcst 11 7