CCIE lab対策(2.2.a Unified MPLS)その2
Unified MPLS が理解できたので自分のメモ用にアウトプットします。
今回はUnified MPLS 3面(ACCESS1、CORE、ACCESS2)の検証を記事にします。
- 1. Topology
- 2. 初期Config
- 3. IOS-XE v.s. IOS-XR Default-Topology
- 4. 検証(現状把握)
- 5. 検証(Unified MPLSの定義)
- 6. 最終Config
1. Topology
CE-PE-ABR-RR-ABR-PE-CE を含めた3面の最小構成としました。
VRFは前回と同様で、IPv4/IPv6のマルチVRFを使ってエンドポイントの疎通を確認します。
前回拡張性について説明していませんでしたが、Route-Refrector:RRを使うことにより増設PEは自domainのRRとpeeringするだけで良いことになります。
b_N1-5,CE1-2の構成にPEa-d,CEa-dを増設する場合を考えます。
PEaがb_N4とVPNv4/v6を、PEbがPEc・PEdとVPNv4/v6でpeeringしたい時に、それぞれのneighborを指定することなく最寄りのRRとpeeringするだけで良いことになります。
∵RRを使っているためフルメッシュ相当のルーティングが実現できているからです。
これは、ABRを増設する場合も同じことが言えます。ABRを増設したらCentral-RRとPeeringするだけで良いことになります。
ABRはPEのRRなので、必要に応じてPEとPeeringする必要はありますが。
2. 初期Config
a_N1のconfig
hostname b_N1
group CCIE-ISIS
router isis '.*'
is-type level-1
address-family ipv4 unicast
metric-style wide
segment-routing mpls
!
address-family ipv6 unicast
segment-routing mpls
!
interface 'Gi.*'
point-to-point
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
interface 'Loopback.*'
passive
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
!
end-group
!
vrf A
rd 1.1.1.1:100
address-family ipv4 unicast
import route-target
200:1
!
export route-target
100:1
!
!
address-family ipv6 unicast
import route-target
400:2
!
export route-target
300:2
!
!
!
!
interface Loopback0
ipv4 address 1.1.1.1 255.255.255.255
ipv6 address 1125:1:1:1::1/128
!
interface MgmtEth0/RP0/CPU0/0
shutdown
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.1.2.1 255.255.255.0
ipv6 address 1125:1:2::1/64
!
interface GigabitEthernet0/0/0/1
vrf A
ipv4 address 10.10.20.1 255.255.255.0
ipv6 address 1125:1010:20::1/64
!
!
route-policy PASS
pass
end-policy
!
router isis ACCESS1
apply-group CCIE-ISIS
net 49.0001.0000.0000.0001.00
instance-id 100
interface Loopback0
address-family ipv4 unicast
prefix-sid index 1
!
address-family ipv6 unicast
prefix-sid index 1001
!
!
interface GigabitEthernet0/0/0/0
!
!
router bgp 65001
bgp router-id 1.1.1.1
address-family ipv4 unicast
network 1.1.1.1/32
allocate-label all
!
address-family vpnv4 unicast
!
address-family ipv6 unicast
network 1125:1:1:1::1/128
allocate-label all
!
address-family vpnv6 unicast
!
neighbor 2.2.2.2
remote-as 65001
update-source Loopback0
address-family ipv4 labeled-unicast
!
address-family vpnv4 unicast
!
!
neighbor 1125:2:2:2::2
remote-as 65001
update-source Loopback0
address-family ipv6 labeled-unicast
!
address-family vpnv6 unicast
!
!
vrf A
rd 1.1.1.1:100
address-family ipv4 unicast
redistribute connected
!
address-family ipv6 unicast
redistribute connected
!
neighbor 10.10.20.2
remote-as 100
address-family ipv4 unicast
route-policy PASS in
route-policy PASS out
!
!
neighbor 1125:1010:20::2
remote-as 100
address-family ipv6 unicast
route-policy PASS in
route-policy PASS out
!
!
!
!
end
a_N2のconfig
hostname b_N2 group CCIE-ISIS router isis '.*' address-family ipv4 unicast metric-style wide segment-routing mpls ! address-family ipv6 unicast segment-routing mpls ! interface 'Gi.*' point-to-point address-family ipv4 unicast ! address-family ipv6 unicast ! ! interface 'Loopback.*' passive address-family ipv4 unicast ! address-family ipv6 unicast ! ! ! end-group ! interface Loopback0 ipv4 address 2.2.2.2 255.255.255.255 ipv6 address 1125:2:2:2::2/128 ! interface MgmtEth0/RP0/CPU0/0 shutdown ! interface GigabitEthernet0/0/0/0 ipv4 address 10.1.2.2 255.255.255.0 ipv6 address 1125:1:2::2/64 ! interface GigabitEthernet0/0/0/1 ipv4 address 10.2.3.2 255.255.255.0 ipv6 address 1125:2:3::2/64 ! interface GigabitEthernet0/0/0/2 ipv4 address 10.2.5.2 255.255.255.0 ipv6 address 1125:2:5::2/64 ! router isis CORE apply-group CCIE-ISIS is-type level-2-only net 49.0002.0000.0000.0002.00 address-family ipv6 unicast single-topology ! interface Loopback0 address-family ipv4 unicast prefix-sid index 2 ! address-family ipv6 unicast prefix-sid index 1002 ! ! interface GigabitEthernet0/0/0/1 ! interface GigabitEthernet0/0/0/2 ! ! router isis ACCESS1 apply-group CCIE-ISIS is-type level-1 net 49.0001.0000.0000.0002.00 instance-id 100 interface Loopback0 address-family ipv4 unicast prefix-sid index 2 ! address-family ipv6 unicast prefix-sid index 1002 ! ! interface GigabitEthernet0/0/0/0 ! ! router bgp 65001 bgp router-id 2.2.2.2 ibgp policy out enforce-modifications address-family ipv4 unicast network 2.2.2.2/32 allocate-label all ! address-family vpnv4 unicast ! address-family ipv6 unicast network 1125:2:2:2::2/128 allocate-label all ! address-family vpnv6 unicast ! neighbor-group RR_CORE remote-as 65001 update-source Loopback0 address-family ipv4 labeled-unicast ! address-family vpnv4 unicast next-hop-self ! ! neighbor-group RRV6_CORE remote-as 65001 update-source Loopback0 address-family ipv6 labeled-unicast ! address-family vpnv6 unicast ! ! neighbor-group RRC_ACCESS1 remote-as 65001 update-source Loopback0 address-family ipv4 labeled-unicast route-reflector-client ! address-family vpnv4 unicast route-reflector-client ! ! neighbor-group RRCV6_ACCESS1 remote-as 65001 update-source Loopback0 address-family ipv6 labeled-unicast route-reflector-client ! address-family vpnv6 unicast route-reflector-client ! ! neighbor 1.1.1.1 use neighbor-group RRC_ACCESS1 ! neighbor 5.5.5.5 use neighbor-group RR_CORE ! neighbor 1125:1:1:1::1 use neighbor-group RRCV6_ACCESS1 ! neighbor 1125:5:5:5::5 use neighbor-group RRV6_CORE ! ! end
a_N3のconfig
hostname b_N3 group CCIE-ISIS router isis '.*' address-family ipv4 unicast metric-style wide segment-routing mpls ! address-family ipv6 unicast segment-routing mpls ! interface 'Gi.*' point-to-point address-family ipv4 unicast ! address-family ipv6 unicast ! ! interface 'Loopback.*' passive address-family ipv4 unicast ! address-family ipv6 unicast ! ! ! end-group ! interface Loopback0 ipv4 address 3.3.3.3 255.255.255.255 ipv6 address 1125:3:3:3::3/128 ! interface GigabitEthernet0/0/0/0 ipv4 address 10.3.4.3 255.255.255.0 ipv6 address 1125:3:4::3/64 ! interface GigabitEthernet0/0/0/1 ipv4 address 10.2.3.3 255.255.255.0 ipv6 address 1125:2:3::3/64 ! interface GigabitEthernet0/0/0/2 ipv4 address 10.3.5.3 255.255.255.0 ipv6 address 1125:3:5::3/64 ! router isis CORE apply-group CCIE-ISIS is-type level-2-only net 49.0002.0000.0000.0003.00 address-family ipv6 unicast single-topology ! interface Loopback0 address-family ipv4 unicast prefix-sid index 3 ! address-family ipv6 unicast prefix-sid index 1003 ! ! interface GigabitEthernet0/0/0/1 ! interface GigabitEthernet0/0/0/2 ! ! router isis ACCESS2 apply-group CCIE-ISIS is-type level-1 net 49.0003.0000.0000.0003.00 instance-id 200 interface Loopback0 address-family ipv4 unicast prefix-sid index 3 ! address-family ipv6 unicast prefix-sid index 1003 ! ! interface GigabitEthernet0/0/0/0 ! ! router bgp 65001 bgp router-id 3.3.3.3 ibgp policy out enforce-modifications address-family ipv4 unicast network 3.3.3.3/32 allocate-label all ! address-family vpnv4 unicast ! address-family ipv6 unicast network 1125:3:3:3::3/128 allocate-label all ! address-family vpnv6 unicast ! neighbor-group RR_CORE remote-as 65001 update-source Loopback0 address-family ipv4 labeled-unicast ! address-family vpnv4 unicast ! ! neighbor-group RRV6_CORE remote-as 65001 update-source Loopback0 address-family ipv6 labeled-unicast ! address-family vpnv6 unicast ! ! neighbor-group RRC_ACCESS2 remote-as 65001 update-source Loopback0 address-family ipv4 labeled-unicast route-reflector-client ! address-family vpnv4 unicast route-reflector-client ! ! neighbor-group RRCV6_ACCESS2 remote-as 65001 update-source Loopback0 address-family ipv6 labeled-unicast route-reflector-client ! address-family vpnv6 unicast route-reflector-client ! ! neighbor 4.4.4.4 use neighbor-group RRC_ACCESS2 ! neighbor 5.5.5.5 use neighbor-group RR_CORE ! neighbor 1125:4:4:4::4 use neighbor-group RRCV6_ACCESS2 ! neighbor 1125:5:5:5::5 use neighbor-group RRV6_CORE ! ! end
a_N4のconfig
hostname b_N4
group CCIE-ISIS
router isis '.*'
is-type level-1
address-family ipv4 unicast
metric-style wide
segment-routing mpls
!
address-family ipv6 unicast
segment-routing mpls
!
interface 'Gi.*'
point-to-point
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
interface 'Loopback.*'
passive
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
!
end-group
!
vrf B
rd 4.4.4.4:200
address-family ipv4 unicast
import route-target
100:1
!
export route-target
200:1
!
!
address-family ipv6 unicast
import route-target
300:2
!
export route-target
400:2
!
!
!
!
interface Loopback0
ipv4 address 4.4.4.4 255.255.255.255
ipv6 address 1125:4:4:4::4/128
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.3.4.4 255.255.255.0
ipv6 address 1125:3:4::4/64
!
interface GigabitEthernet0/0/0/1
vrf B
ipv4 address 10.10.80.1 255.255.255.0
ipv6 address 1125:1010:80::1/64
!
route-policy PASS
pass
end-policy
!
router isis ACCESS2
apply-group CCIE-ISIS
net 49.0003.0000.0000.0004.00
instance-id 200
interface Loopback0
address-family ipv4 unicast
prefix-sid index 4
!
address-family ipv6 unicast
prefix-sid index 1004
!
!
interface GigabitEthernet0/0/0/0
!
!
router bgp 65001
bgp router-id 4.4.4.4
address-family ipv4 unicast
network 4.4.4.4/32
allocate-label all
!
address-family vpnv4 unicast
!
address-family ipv6 unicast
network 1125:4:4:4::4/128
allocate-label all
!
address-family vpnv6 unicast
!
neighbor 3.3.3.3
remote-as 65001
update-source Loopback0
address-family ipv4 labeled-unicast
!
address-family vpnv4 unicast
!
!
neighbor 1125:3:3:3::3
remote-as 65001
update-source Loopback0
address-family ipv6 labeled-unicast
!
address-family vpnv6 unicast
!
!
vrf B
rd 4.4.4.4:200
address-family ipv4 unicast
redistribute connected
!
address-family ipv6 unicast
redistribute connected
!
neighbor 10.10.80.2
remote-as 200
address-family ipv4 unicast
route-policy PASS in
route-policy PASS out
!
!
neighbor 1125:1010:80::2
remote-as 200
address-family ipv6 unicast
route-policy PASS in
route-policy PASS out
!
!
!
!
end
a_N5のconfig
hostname b_N5 ! no ip domain lookup ! ipv6 unicast-routing ! interface Loopback0 ip address 5.5.5.5 255.255.255.255 ip router isis CORE ipv6 address 1125:5:5:5::5/128 ipv6 router isis CORE ! interface GigabitEthernet1 ip address 10.2.5.5 255.255.255.0 ip router isis CORE ipv6 address 1125:2:5::5/64 ipv6 router isis CORE isis network point-to-point ! interface GigabitEthernet2 ip address 10.3.5.5 255.255.255.0 ip router isis CORE ipv6 address 1125:3:5::5/64 ipv6 router isis CORE isis network point-to-point ! ! segment-routing mpls ! connected-prefix-sid-map address-family ipv4 5.5.5.5/32 index 5 range 1 exit-address-family ! ! router isis CORE net 49.0002.0000.0000.0005.00 is-type level-2-only metric-style wide segment-routing mpls ! router bgp 65001 bgp router-id 5.5.5.5 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor RRC_CORE peer-group neighbor RRC_CORE remote-as 65001 neighbor RRC_CORE update-source Loopback0 neighbor RRCV6_CORE peer-group neighbor RRCV6_CORE remote-as 65001 neighbor RRCV6_CORE update-source Loopback0 neighbor 2.2.2.2 peer-group RRC_CORE neighbor 3.3.3.3 peer-group RRC_CORE neighbor 1125:2:2:2::2 peer-group RRCV6_CORE neighbor 1125:3:3:3::3 peer-group RRCV6_CORE ! address-family ipv4 neighbor RRC_CORE route-reflector-client neighbor RRC_CORE send-label neighbor 2.2.2.2 activate neighbor 3.3.3.3 activate exit-address-family ! address-family vpnv4 neighbor RRC_CORE send-community extended neighbor RRC_CORE route-reflector-client neighbor 2.2.2.2 activate neighbor 3.3.3.3 activate exit-address-family ! address-family ipv6 neighbor RRCV6_CORE route-reflector-client neighbor RRCV6_CORE send-label neighbor 1125:2:2:2::2 activate neighbor 1125:3:3:3::3 activate exit-address-family ! address-family vpnv6 neighbor RRCV6_CORE send-community extended neighbor RRCV6_CORE route-reflector-client neighbor 1125:2:2:2::2 activate neighbor 1125:3:3:3::3 activate exit-address-family ! end
3. IOS-XE v.s. IOS-XR Default-Topology
Cisco-Liveの資料を参考にしてCentral-RRをIOS-XEにしたのがきっかけでドハマりしました。IPv4/v6どちらも疎通できるのに何故かIPv4はISISのneighborが張れるのにIPv6だけneighborが張れません。
b_N5#show ipv6 route
IPv6 Routing Table - default - 6 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, RL - RPL, O - OSPF Intra, OI - OSPF Inter
OE1 - OSPF ext 1, OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1
ON2 - OSPF NSSA ext 2, la - LISP alt, lr - LISP site-registrations
ld - LISP dyn-eid, lA - LISP away, le - LISP extranet-policy
lp - LISP publications, a - Application, m - OMP
C 1125:2:5::/64 [0/0]
via GigabitEthernet1, directly connected
L 1125:2:5::5/128 [0/0]
via GigabitEthernet1, receive
C 1125:3:5::/64 [0/0]
via GigabitEthernet2, directly connected
L 1125:3:5::5/128 [0/0]
via GigabitEthernet2, receive
LC 1125:5:5:5::5/128 [0/0]
via Loopback0, receive
L FF00::/8 [0/0]
via Null0, receive
b_N5#
CCOに書いてある通り、IOS-XRにおけるISISのdefault TopologyはMulti-Topologyです。
困ったことにIOS-XEは逆で、Single-TopologyがISISのDefault Topologyです。
これを知らなくてかなりの時間を溶かしました。
b_N5#show clns neighbors Tag CORE: System Id Interface SNPA State Holdtime Type Protocol b_N2 Gi1 5000.001f.0005 Up 25 L2 M-ISIS b_N3 Gi2 5000.0020.0005 Up 24 L2 M-ISIS b_N5# b_N5#show clns neighbors detail Tag CORE: System Id Interface SNPA State Holdtime Type Protocol b_N2 Gi1 5000.001f.0005 Up 22 L2 M-ISIS Area Address(es): 49.0002 IP Address(es): 10.2.5.2* IPv6 Address(es): FE80::5200:FF:FE1F:5 Uptime: 00:00:24 NSF capable Topology: IPv4, IPv6 Interface name: GigabitEthernet1 b_N3 Gi2 5000.0020.0005 Up 22 L2 M-ISIS Area Address(es): 49.0002 IP Address(es): 10.3.5.3* IPv6 Address(es): FE80::5200:FF:FE20:5 Uptime: 00:31:01 NSF capable Topology: IPv4, IPv6 Interface name: GigabitEthernet2 b_N5#
種明かしが分かればIOS-XRのProtocolが”M-ISIS”になっていることに気づきやすくなります。恐らくneighborがMulti-Topologyと言う意味なのでしょう。
b_N5#show isis neighbors detail Tag CORE: System Id Type Interface IP Address State Holdtime Circuit Id b_N2 L2 Gi1 10.2.5.2 UP 28 00 Area Address(es): 49.0002 SNPA: 5000.001f.0005 IPv6 Address(es): FE80::5200:FF:FE1F:5 IPv6 Global Address: 1125:2:5::2 State Changed: 00:07:51 Format: Phase V Remote TID: 0, 2 Local TID: 0 Interface name: GigabitEthernet1 Neighbor Circuit Id: 8 L(2) Adjacency SID Value:16 f:0 b:0 v:1 l:1 s:0 p:0 weight:0 b_N3 L2 Gi2 10.3.5.3 UP 27 00 Area Address(es): 49.0002 SNPA: 5000.0020.0005 IPv6 Address(es): FE80::5200:FF:FE20:5 IPv6 Global Address: 1125:3:5::3 State Changed: 00:38:28 Format: Phase V Remote TID: 0, 2 System Id Type Interface IP Address State Holdtime Circuit Id Local TID: 0 Interface name: GigabitEthernet2 Neighbor Circuit Id: 8 L(2) Adjacency SID Value:17 f:0 b:0 v:1 l:1 s:0 p:0 weight:0 b_N5#
このコマンドからも、Remote TID:0,2に対してLocal TID:0と差異があることが分かります。
www.cisco.com
Single-Topology IPv6 Support
Multitopology IPv6 for IS-IS
Single-Topologyとは、IPv4/v6を1つのSPFで計算するもので、Multi-TopologyはIPv4/v6を別々のSPFで計算する。
ということでIOS-XEとIOS-XRでTopologyを統一すれば良いということになります。
COREドメインはSingle-Topologyとします。
RP/0/RP0/CPU0:b_N2#configure Sat Jan 14 13:36:57.234 UTC RP/0/RP0/CPU0:b_N2(config)#router isis CORE RP/0/RP0/CPU0:b_N2(config-isis)#address-family ipv6 RP/0/RP0/CPU0:b_N2(config-isis-af)#single-topology RP/0/RP0/CPU0:b_N2(config-isis-af)#commit
きたこれ!
*Jan 14 13:38:57.069: %CLNS-5-ADJCHANGE: ISIS (CORE): Adjacency to b_N2 (GigabitEthernet1) topology changed, TID (2) deleted, not locally configured *Jan 14 13:38:57.069: %CLNS-5-ADJCHANGE: ISIS (CORE): Adjacency to b_N2 (GigabitEthernet1) Down, neighbor forgot us *Jan 14 13:38:59.069: %CLNS-5-ADJCHANGE: ISIS (CORE): Adjacency to b_N2 (GigabitEthernet1) Up, new adjacency
b_N2とb_N5でTopology一致しました。
b_N5#show clns neighbors Tag CORE: System Id Interface SNPA State Holdtime Type Protocol b_N2 Gi1 5000.001f.0005 Up 25 L2 IS-IS b_N3 Gi2 5000.0020.0005 Up 27 L2 M-ISIS b_N5# b_N5#show isis neighbors detail Tag CORE: System Id Type Interface IP Address State Holdtime Circuit Id b_N2 L2 Gi1 10.2.5.2 UP 27 00 Area Address(es): 49.0002 SNPA: 5000.001f.0005 IPv6 Address(es): FE80::5200:FF:FE1F:5 IPv6 Global Address: 1125:2:5::2 State Changed: 00:01:35 Format: Phase V Remote TID: 0 Local TID: 0 Interface name: GigabitEthernet1 Neighbor Circuit Id: 8 L(2) Adjacency SID Value:16 f:0 b:0 v:1 l:1 s:0 p:0 weight:0 b_N3 L2 Gi2 10.3.5.3 UP 21 00 Area Address(es): 49.0002 SNPA: 5000.0020.0005 IPv6 Address(es): FE80::5200:FF:FE20:5 IPv6 Global Address: 1125:3:5::3 State Changed: 01:05:44 Format: Phase V Remote TID: 0, 2 System Id Type Interface IP Address State Holdtime Circuit Id Local TID: 0 Interface name: GigabitEthernet2 Neighbor Circuit Id: 8 L(2) Adjacency SID Value:17 f:0 b:0 v:1 l:1 s:0 p:0 weight:0 b_N5#
無事neighborからIPv6ルーティング情報が入ってきました。
b_N5#show ipv6 route
IPv6 Routing Table - default - 8 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, RL - RPL, O - OSPF Intra, OI - OSPF Inter
OE1 - OSPF ext 1, OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1
ON2 - OSPF NSSA ext 2, la - LISP alt, lr - LISP site-registrations
ld - LISP dyn-eid, lA - LISP away, le - LISP extranet-policy
lp - LISP publications, a - Application, m - OMP
I2 1125:2:2:2::2/128 [115/10]
via FE80::5200:FF:FE1F:5, GigabitEthernet1
I2 1125:2:3::/64 [115/20]
via FE80::5200:FF:FE1F:5, GigabitEthernet1
C 1125:2:5::/64 [0/0]
via GigabitEthernet1, directly connected
L 1125:2:5::5/128 [0/0]
via GigabitEthernet1, receive
C 1125:3:5::/64 [0/0]
via GigabitEthernet2, directly connected
L 1125:3:5::5/128 [0/0]
via GigabitEthernet2, receive
LC 1125:5:5:5::5/128 [0/0]
via Loopback0, receive
L FF00::/8 [0/0]
via Null0, receive
b_N5#
b_N3も同様に対処してお終いです。
4. 検証(現状把握)
3domain構成(CORE:Instance-ID 0、ACCESS1:Instance-ID 100、ACCESS2:Instance-ID 200)とします。
IGPのスケールを小さくしたいので各domain同士のredistributeはしません。
b_N1には他ドメインであるb_N3、N4等のRouting情報は存在しません。
RP/0/RP0/CPU0:b_N1#show route | be Gate Sun Jan 15 01:40:52.675 UTC Gateway of last resort is not set L 1.1.1.1/32 is directly connected, 19:53:47, Loopback0 i L1 2.2.2.2/32 [115/10] via 10.1.2.2, 00:43:48, GigabitEthernet0/0/0/0 C 10.1.2.0/24 is directly connected, 19:53:03, GigabitEthernet0/0/0/0 L 10.1.2.1/32 is directly connected, 19:53:03, GigabitEthernet0/0/0/0 RP/0/RP0/CPU0:b_N1#
無論、LFIBにもb_N3、N4、N5のラベル情報は存在しません。
RP/0/RP0/CPU0:b_N1#show mpls forwarding
Sun Jan 15 01:41:23.378 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16002 Pop SR Pfx (idx 2) Gi0/0/0/0 10.1.2.2 4759
17002 Pop SR Pfx (idx 1002) Gi0/0/0/0 fe80::5200:ff:fe1f:3 \
5924
24004 Aggregate A: Per-VRF Aggr[V] A 0
24005 Unlabelled 100.100.100.100/32[V] \
Gi0/0/0/1 10.10.20.2 0
24006 Unlabelled 1125:100:100:100::100/128[V] \
Gi0/0/0/1 fe80::5200:ff:fe23:0 \
0
24007 Aggregate A: Per-VRF Aggr[V] A 0
24008 Aggregate default: Per-VRF Aggr[V] \
default 0
24012 Pop SR Adj (idx 0) Gi0/0/0/0 10.1.2.2 0
24013 Pop SR Adj (idx 2) Gi0/0/0/0 10.1.2.2 0
24014 Pop SR Adj (idx 0) Gi0/0/0/0 fe80::5200:ff:fe1f:3 \
0
24015 Pop SR Adj (idx 2) Gi0/0/0/0 fe80::5200:ff:fe1f:3 \
0
RP/0/RP0/CPU0:b_N1#
COREドメインに所属かつ他ドメインに隣接している場合のみ2ドメインの情報を保持しています。 ACCESS1ドメインとCOREドメインに隣接しているb_N2のルーティング情報は
RP/0/RP0/CPU0:b_N2#show route | b Gate
Sun Jan 15 01:42:30.659 UTC
Gateway of last resort is not set
i L1 1.1.1.1/32 [115/10] via 10.1.2.1, 00:45:26, GigabitEthernet0/0/0/0
L 2.2.2.2/32 is directly connected, 5d14h, Loopback0
i L2 3.3.3.3/32 [115/10] via 10.2.3.3, 00:31:58, GigabitEthernet0/0/0/1
i L2 5.5.5.5/32 [115/20] via 10.2.5.5, 00:31:58, GigabitEthernet0/0/0/2
C 10.1.2.0/24 is directly connected, 5d14h, GigabitEthernet0/0/0/0
L 10.1.2.2/32 is directly connected, 5d14h, GigabitEthernet0/0/0/0
C 10.2.3.0/24 is directly connected, 5d14h, GigabitEthernet0/0/0/1
L 10.2.3.2/32 is directly connected, 5d14h, GigabitEthernet0/0/0/1
C 10.2.5.0/24 is directly connected, 5d14h, GigabitEthernet0/0/0/2
L 10.2.5.2/32 is directly connected, 5d14h, GigabitEthernet0/0/0/2
i L2 10.3.5.0/24 [115/20] via 10.2.5.5, 00:31:58, GigabitEthernet0/0/0/2
[115/20] via 10.2.3.3, 00:31:58, GigabitEthernet0/0/0/1
RP/0/RP0/CPU0:b_N2#
ACCESS1ドメインとCOREドメインに隣接しているb_N2のラベル情報は
RP/0/RP0/CPU0:b_N2#show mpls forwarding
Sun Jan 15 01:44:34.931 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16001 Pop SR Pfx (idx 1) Gi0/0/0/0 10.1.2.1 7967
16003 Pop SR Pfx (idx 3) Gi0/0/0/1 10.2.3.3 236
16005 Pop SR Pfx (idx 5) Gi0/0/0/2 10.2.5.5 73501
17001 Pop SR Pfx (idx 1001) Gi0/0/0/0 fe80::5200:ff:fe1e:3 \
7730
17003 Pop SR Pfx (idx 1003) Gi0/0/0/1 fe80::5200:ff:fe20:4 \
0
24000 Aggregate default: Per-VRF Aggr[V] \
default 0
24009 Pop SR Adj (idx 1) Gi0/0/0/1 10.2.3.3 0
24010 Pop SR Adj (idx 3) Gi0/0/0/1 10.2.3.3 0
24011 Pop SR Adj (idx 1) Gi0/0/0/1 fe80::5200:ff:fe20:4 \
0
24012 Pop SR Adj (idx 3) Gi0/0/0/1 fe80::5200:ff:fe20:4 \
0
24015 Pop SR Adj (idx 1) Gi0/0/0/2 10.2.5.5 0
24016 Pop SR Adj (idx 3) Gi0/0/0/2 10.2.5.5 0
24021 Pop SR Adj (idx 1) Gi0/0/0/2 fe80::5200:ff:fe25:0 \
0
24022 Pop SR Adj (idx 3) Gi0/0/0/2 fe80::5200:ff:fe25:0 \
0
24023 Pop SR Adj (idx 0) Gi0/0/0/0 10.1.2.1 0
24024 Pop SR Adj (idx 2) Gi0/0/0/0 10.1.2.1 0
24025 Pop SR Adj (idx 0) Gi0/0/0/0 fe80::5200:ff:fe1e:3 \
0
24026 Pop SR Adj (idx 2) Gi0/0/0/0 fe80::5200:ff:fe1e:3 \
0
RP/0/RP0/CPU0:b_N2#
COREドメインにしか所属していないb_N5のルーティング情報は
b_N5#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, m - OMP
n - NAT, Ni - NAT inside, No - NAT outside, Nd - NAT DIA
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
H - NHRP, G - NHRP registered, g - NHRP registration summary
o - ODR, P - periodic downloaded static route, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
& - replicated local route overrides by connected
Gateway of last resort is not set
2.0.0.0/32 is subnetted, 1 subnets
i L2 2.2.2.2 [115/10] via 10.2.5.2, 3d17h, GigabitEthernet1
3.0.0.0/32 is subnetted, 1 subnets
i L2 3.3.3.3 [115/10] via 10.3.5.3, 3d17h, GigabitEthernet2
5.0.0.0/32 is subnetted, 1 subnets
C 5.5.5.5 is directly connected, Loopback0
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
i L2 10.2.3.0/24 [115/20] via 10.3.5.3, 3d17h, GigabitEthernet2
[115/20] via 10.2.5.2, 3d17h, GigabitEthernet1
C 10.2.5.0/24 is directly connected, GigabitEthernet1
L 10.2.5.5/32 is directly connected, GigabitEthernet1
C 10.3.5.0/24 is directly connected, GigabitEthernet2
L 10.3.5.5/32 is directly connected, GigabitEthernet2
b_N5#
COREドメインにしか所属していないb_N5のLFIB情報は
b_N5#show mpls forwarding-table Local Outgoing Prefix Bytes Label Outgoing Next Hop Label Label or Tunnel Id Switched interface 16 Pop Label 10.2.5.2-A 0 Gi1 10.2.5.2 17 Pop Label 10.3.5.3-A 0 Gi2 10.3.5.3 16002 Pop Label 2.2.2.2/32 0 Gi1 10.2.5.2 16003 Pop Label 3.3.3.3/32 0 Gi2 10.3.5.3 A - Adjacency SID b_N5#
ACCESS2ドメインとCOREドメインに隣接しているb_N3のルーティング情報は
RP/0/RP0/CPU0:b_N3#show route | b Gate
Sun Jan 15 01:47:24.295 UTC
Gateway of last resort is not set
i L2 2.2.2.2/32 [115/10] via 10.2.3.2, 00:02:55, GigabitEthernet0/0/0/1
L 3.3.3.3/32 is directly connected, 5d14h, Loopback0
i L1 4.4.4.4/32 [115/10] via 10.3.4.4, 00:35:43, GigabitEthernet0/0/0/0
i L2 5.5.5.5/32 [115/20] via 10.3.5.5, 00:02:55, GigabitEthernet0/0/0/2
C 10.2.3.0/24 is directly connected, 5d14h, GigabitEthernet0/0/0/1
L 10.2.3.3/32 is directly connected, 5d14h, GigabitEthernet0/0/0/1
i L2 10.2.5.0/24 [115/20] via 10.3.5.5, 00:02:55, GigabitEthernet0/0/0/2
[115/20] via 10.2.3.2, 00:02:55, GigabitEthernet0/0/0/1
C 10.3.4.0/24 is directly connected, 5d14h, GigabitEthernet0/0/0/0
L 10.3.4.3/32 is directly connected, 5d14h, GigabitEthernet0/0/0/0
C 10.3.5.0/24 is directly connected, 5d14h, GigabitEthernet0/0/0/2
L 10.3.5.3/32 is directly connected, 5d14h, GigabitEthernet0/0/0/2
RP/0/RP0/CPU0:b_N3#
ACCESS2ドメインとCOREドメインに隣接しているb_N3のラベル情報は
RP/0/RP0/CPU0:b_N3#show mpls forwarding
Sun Jan 15 01:48:08.939 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16002 Pop SR Pfx (idx 2) Gi0/0/0/1 10.2.3.2 0
16004 Pop SR Pfx (idx 4) Gi0/0/0/0 10.3.4.4 4345
16005 Pop SR Pfx (idx 5) Gi0/0/0/2 10.3.5.5 436
17002 Pop SR Pfx (idx 1002) Gi0/0/0/1 fe80::5200:ff:fe1f:4 \
0
17004 Pop SR Pfx (idx 1004) Gi0/0/0/0 fe80::5200:ff:fe21:3 \
5362
24000 Pop SR Adj (idx 1) Gi0/0/0/1 10.2.3.2 0
24001 Pop SR Adj (idx 3) Gi0/0/0/1 10.2.3.2 0
24002 Pop SR Adj (idx 0) Gi0/0/0/0 10.3.4.4 0
24003 Pop SR Adj (idx 2) Gi0/0/0/0 10.3.4.4 0
24004 Pop SR Adj (idx 1) Gi0/0/0/2 fe80::5200:ff:fe25:1 \
0
24005 Pop SR Adj (idx 3) Gi0/0/0/2 fe80::5200:ff:fe25:1 \
0
24006 Pop SR Adj (idx 1) Gi0/0/0/1 fe80::5200:ff:fe1f:4 \
0
24007 Pop SR Adj (idx 3) Gi0/0/0/1 fe80::5200:ff:fe1f:4 \
0
24008 Pop SR Adj (idx 1) Gi0/0/0/2 10.3.5.5 0
24009 Pop SR Adj (idx 3) Gi0/0/0/2 10.3.5.5 0
24014 Aggregate default: Per-VRF Aggr[V] \
default 0
24021 Pop SR Adj (idx 0) Gi0/0/0/0 fe80::5200:ff:fe21:3 \
0
24022 Pop SR Adj (idx 2) Gi0/0/0/0 fe80::5200:ff:fe21:3 \
0
RP/0/RP0/CPU0:b_N3#
b_N4には他ドメインであるb_N2、N1等のRouting情報は存在しません。
RP/0/RP0/CPU0:b_N4#show route | b Ga Sun Jan 15 01:49:07.818 UTC Gateway of last resort is not set i L1 3.3.3.3/32 [115/10] via 10.3.4.3, 00:37:27, GigabitEthernet0/0/0/0 L 4.4.4.4/32 is directly connected, 5d14h, Loopback0 C 10.3.4.0/24 is directly connected, 5d14h, GigabitEthernet0/0/0/0 L 10.3.4.4/32 is directly connected, 5d14h, GigabitEthernet0/0/0/0 RP/0/RP0/CPU0:b_N4#
LFIBにもb_N1、N2、N5のラベル情報は存在しません。
RP/0/RP0/CPU0:b_N4#show mpls forwarding
Sun Jan 15 01:49:46.642 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16003 Pop SR Pfx (idx 3) Gi0/0/0/0 10.3.4.3 3981
17003 Pop SR Pfx (idx 1003) Gi0/0/0/0 fe80::5200:ff:fe20:3 \
5421
24000 Aggregate B: Per-VRF Aggr[V] B 0
24001 Aggregate B: Per-VRF Aggr[V] B 0
24002 Aggregate default: Per-VRF Aggr[V] \
default 0
24007 Unlabelled 200.200.200.200/32[V] \
Gi0/0/0/1 10.10.80.2 0
24008 Unlabelled 1125:200:200:200::200/128[V] \
Gi0/0/0/1 fe80::5200:ff:fe24:0 \
3672
24012 Pop SR Adj (idx 0) Gi0/0/0/0 10.3.4.3 0
24013 Pop SR Adj (idx 2) Gi0/0/0/0 10.3.4.3 0
24014 Pop SR Adj (idx 0) Gi0/0/0/0 fe80::5200:ff:fe20:3 \
0
24015 Pop SR Adj (idx 2) Gi0/0/0/0 fe80::5200:ff:fe20:3 \
0
RP/0/RP0/CPU0:b_N4#
BGPの状態を確認します。 CE-PE間はeBGPがEstablishしています。
b_CE1#show bgp all neighbors | i BGP BGP neighbor is 10.10.20.1, remote AS 65001, external link BGP version 4, remote router ID 1.1.1.1 BGP state = Established, up for 02:51:07 External BGP neighbor configured for connected checks (single-hop no-disable-connected-check) BGP neighbor is 1125:1010:20::1, remote AS 65001, external link BGP version 4, remote router ID 1.1.1.1 BGP state = Established, up for 02:51:08 External BGP neighbor configured for connected checks (single-hop no-disable-connected-check) BGP neighbor is 10.10.20.1, remote AS 65001, external link BGP version 4, remote router ID 1.1.1.1 BGP state = Established, up for 02:51:07 External BGP neighbor configured for connected checks (single-hop no-disable-connected-check) BGP neighbor is 1125:1010:20::1, remote AS 65001, external link BGP version 4, remote router ID 1.1.1.1 BGP state = Established, up for 02:51:08 External BGP neighbor configured for connected checks (single-hop no-disable-connected-check) b_CE1#
PE(b_N1)からCEを見るとeBGPがEstablishしています。
RP/0/RP0/CPU0:b_N1#show bgp vrf A neighbors | i BGP Sun Jan 15 01:51:33.026 UTC BGP neighbor is 10.10.20.2, vrf A BGP state = Established, up for 19:55:40 BGP neighbor version 158 BGP neighbor is 1125:1010:20::2, vrf A BGP state = Established, up for 19:55:41 BGP neighbor version 30 RP/0/RP0/CPU0:b_N1#
逆サイドのCE-PE間もeBGPがEstablishしています。
b_CE2#show bgp all neighbors | i BGP BGP neighbor is 10.10.80.1, remote AS 65001, external link BGP version 4, remote router ID 4.4.4.4 BGP state = Established, up for 3d20h External BGP neighbor configured for connected checks (single-hop no-disable-connected-check) BGP neighbor is 1125:1010:80::1, remote AS 65001, external link BGP version 4, remote router ID 4.4.4.4 BGP state = Established, up for 3d20h External BGP neighbor configured for connected checks (single-hop no-disable-connected-check) BGP neighbor is 10.10.80.1, remote AS 65001, external link BGP version 4, remote router ID 4.4.4.4 BGP state = Established, up for 3d20h External BGP neighbor configured for connected checks (single-hop no-disable-connected-check) BGP neighbor is 1125:1010:80::1, remote AS 65001, external link BGP version 4, remote router ID 4.4.4.4 BGP state = Established, up for 3d20h External BGP neighbor configured for connected checks (single-hop no-disable-connected-check) b_CE2#
PE(a_N4)からCEを見るとeBGPがEstablishしています。
RP/0/RP0/CPU0:b_N4#show bgp vrf B neighbors | i BGP Sun Jan 15 01:52:15.394 UTC BGP neighbor is 10.10.80.2, vrf B BGP state = Established, up for 4d13h BGP neighbor version 149 BGP neighbor is 1125:1010:80::2, vrf B BGP state = Established, up for 4d13h BGP neighbor version 77 RP/0/RP0/CPU0:b_N4#
ABR-RR-ABR間もiBGPがEstablishしています。
RP/0/RP0/CPU0:b_N2#show bgp all all neighbors | i BGP Sun Jan 15 01:53:55.236 UTC BGP neighbor is 1.1.1.1 BGP state = Established, up for 00:56:46 BGP neighbor version 57 BGP neighbor version 185 Last reset 00:57:39, due to BGP Notification sent: hold time expired BGP neighbor is 5.5.5.5 BGP state = Established, up for 16:44:30 BGP neighbor version 57 BGP neighbor version 185 Last reset 16:44:36, due to BGP Notification received: administrative reset BGP neighbor is 1125:1:1:1::1 BGP state = Established, up for 00:56:40 BGP neighbor version 21 BGP neighbor version 63 Last reset 00:57:39, due to BGP Notification sent: hold time expired BGP neighbor is 1125:5:5:5::5 BGP state = Established, up for 12:16:33 BGP neighbor version 0 BGP neighbor version 63 Last reset 12:45:51, due to BGP Notification sent: hold time expired RP/0/RP0/CPU0:b_N2#
b_N5#show bgp ipv4 unicast neighbors | i BGP BGP neighbor is 2.2.2.2, remote AS 65001, internal link BGP version 4, remote router ID 2.2.2.2 BGP state = Established, up for 00:13:59 BGP table version 3, neighbor version 3/0 BGP table version 1, neighbor version 1/0 BGP neighbor is 3.3.3.3, remote AS 65001, internal link BGP version 4, remote router ID 3.3.3.3 BGP state = Established, up for 00:13:51 BGP table version 3, neighbor version 3/0 BGP table version 1, neighbor version 1/0 b_N5# b_N5# show bgp ipv6 neighbors | i BGP BGP neighbor is 1125:2:2:2::2, remote AS 65001, internal link BGP version 4, remote router ID 2.2.2.2 BGP state = Established, up for 00:14:08 BGP table version 1, neighbor version 1/0 BGP table version 5, neighbor version 5/0 BGP neighbor is 1125:3:3:3::3, remote AS 65001, internal link BGP version 4, remote router ID 3.3.3.3 BGP state = Established, up for 00:14:06 BGP table version 1, neighbor version 1/0 BGP table version 5, neighbor version 5/0 b_N5#
RP/0/RP0/CPU0:b_N3#show bgp all all neighbors | i BGP Sun Jan 15 01:54:40.406 UTC BGP neighbor is 4.4.4.4 BGP state = Established, up for 4d12h BGP neighbor version 49 BGP neighbor version 89 BGP neighbor is 5.5.5.5 BGP state = Established, up for 16:45:08 BGP neighbor version 49 BGP neighbor version 89 Last reset 16:45:21, due to BGP Notification received: administrative reset BGP neighbor is 1125:4:4:4::4 BGP state = Established, up for 4d12h BGP neighbor version 7 BGP neighbor version 49 BGP neighbor is 1125:5:5:5::5 BGP state = Established, up for 00:10:11 BGP neighbor version 0 BGP neighbor version 49 Last reset 13:17:02, due to BGP Notification sent: hold time expired RP/0/RP0/CPU0:b_N3#
vpnv4とvpnv6もiBGPがEstablishしています。
RP/0/RP0/CPU0:b_N2#show bgp vpnv4 unicast summary Sun Jan 15 02:04:58.482 UTC BGP router identifier 2.2.2.2, local AS number 65001 BGP generic scan interval 60 secs Non-stop routing is enabled BGP table state: Active Table ID: 0x0 RD version: 0 BGP main routing table version 185 BGP NSR Initial initsync version 3 (Reached) BGP NSR/ISSU Sync-Group versions 0/0 BGP scan interval 60 secs BGP is operating in STANDALONE mode. Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer Speaker 185 185 185 185 185 0 Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd 1.1.1.1 0 65001 6550 6689 185 0 0 01:07:49 2 5.5.5.5 0 65001 7384 6688 185 0 0 16:55:33 0 RP/0/RP0/CPU0:b_N2# RP/0/RP0/CPU0:b_N2#show bgp vpnv6 unicast summary Sun Jan 15 02:05:26.472 UTC BGP router identifier 2.2.2.2, local AS number 65001 BGP generic scan interval 60 secs Non-stop routing is enabled BGP table state: Active Table ID: 0x0 RD version: 0 BGP main routing table version 63 BGP NSR Initial initsync version 3 (Reached) BGP NSR/ISSU Sync-Group versions 0/0 BGP scan interval 60 secs BGP is operating in STANDALONE mode. Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer Speaker 63 63 63 63 63 0 Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd 1125:1:1:1::1 0 65001 6542 6575 63 0 0 01:08:12 2 1125:5:5:5::5 0 65001 7088 6471 63 0 0 12:28:04 0 RP/0/RP0/CPU0:b_N2#
RP/0/RP0/CPU0:b_N3#show bgp vpnv4 unicast summary Sun Jan 15 02:07:23.770 UTC BGP router identifier 3.3.3.3, local AS number 65001 BGP generic scan interval 60 secs Non-stop routing is enabled BGP table state: Active Table ID: 0x0 RD version: 0 BGP main routing table version 89 BGP NSR Initial initsync version 3 (Reached) BGP NSR/ISSU Sync-Group versions 0/0 BGP scan interval 60 secs BGP is operating in STANDALONE mode. Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer Speaker 89 89 89 89 89 0 Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd 4.4.4.4 0 65001 6552 6639 89 0 0 4d13h 2 5.5.5.5 0 65001 7383 6681 89 0 0 16:57:51 0 RP/0/RP0/CPU0:b_N3# RP/0/RP0/CPU0:b_N3#show bgp vpnv6 unicast summary Sun Jan 15 02:07:32.817 UTC BGP router identifier 3.3.3.3, local AS number 65001 BGP generic scan interval 60 secs Non-stop routing is enabled BGP table state: Active Table ID: 0x0 RD version: 0 BGP main routing table version 49 BGP NSR Initial initsync version 3 (Reached) BGP NSR/ISSU Sync-Group versions 0/0 BGP scan interval 60 secs BGP is operating in STANDALONE mode. Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer Speaker 49 49 49 49 49 0 Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd 1125:4:4:4::4 0 65001 6552 6571 49 0 0 4d13h 2 1125:5:5:5::5 0 65001 6244 5658 49 0 0 00:23:03 0 RP/0/RP0/CPU0:b_N3#
一旦現状のBGPステータスをまとめます。
Unified MPLSを実装するにあたり、SPネットワーク(b_N1、b_N2、b_N3、b_N4、b_N5)のインターフェースでLDPを有効にする必要があります。 今回はSegment Routing を使うため、LDPの定義を個別にしたり、IGPで mpls ldp auto-configを定義する必要はありません。 Segment Routing が有効なインターフェースではLDPが有効になるためです。
RP/0/RP0/CPU0:b_N1#show mpls interfaces Sat Jan 14 10:06:33.899 UTC Interface LDP Tunnel Static Enabled -------------------------- -------- -------- -------- -------- GigabitEthernet0/0/0/0 No No No Yes RP/0/RP0/CPU0:b_N1#
RP/0/RP0/CPU0:b_N2#show mpls interfaces Sat Jan 14 10:07:12.997 UTC Interface LDP Tunnel Static Enabled -------------------------- -------- -------- -------- -------- GigabitEthernet0/0/0/0 No No No Yes GigabitEthernet0/0/0/2 No No No Yes GigabitEthernet0/0/0/1 No No No Yes RP/0/RP0/CPU0:b_N2#
RP/0/RP0/CPU0:b_N3#show mpls interfaces Sat Jan 14 10:07:39.114 UTC Interface LDP Tunnel Static Enabled -------------------------- -------- -------- -------- -------- GigabitEthernet0/0/0/0 No No No Yes GigabitEthernet0/0/0/2 No No No Yes GigabitEthernet0/0/0/1 No No No Yes RP/0/RP0/CPU0:b_N3#
RP/0/RP0/CPU0:b_N4#show mpls interfaces Sat Jan 14 10:08:13.623 UTC Interface LDP Tunnel Static Enabled -------------------------- -------- -------- -------- -------- GigabitEthernet0/0/0/0 No No No Yes RP/0/RP0/CPU0:b_N4#
b_N5#show mpls interfaces Interface IP Tunnel BGP Static Operational GigabitEthernet1 No No No No Yes GigabitEthernet2 No No No No Yes b_N5#
5. 検証(Unified MPLSの定義)
BGPによるMPLSラベル割り当てを行います。
PE(b_N1)、ABR(b_N2)、ABR(b_N3)、RR(b_N5)、PE(b_N4)でBGP-LUの定義をします。
IPv4/IPv6 unicast SAFIにallocate-label allを定義します。
router bgp 65001 bgp router-id 1.1.1.1 address-family ipv4 unicast network 1.1.1.1/32 allocate-label all ! address-family vpnv4 unicast ! address-family ipv6 unicast network 1125:1:1:1::1/128 allocate-label all ! address-family vpnv6 unicast !
また、IPv4/IPv6 ラベル付きユニキャストも定義します。address-family ipvX labeled-unicast
neighbor 2.2.2.2 remote-as 65001 update-source Loopback0 address-family ipv4 labeled-unicast ! address-family vpnv4 unicast ! ! neighbor 1125:2:2:2::2 remote-as 65001 update-source Loopback0 address-family ipv6 labeled-unicast ! address-family vpnv6 unicast ! !
BGP-LUの定義はこれだけです。
前回も説明しましたが、iBGPはnext-hopを変更しないという決まりがあります。
b_N1とb_N3は同じAS65001に所属しているにもかかわらず通信することができません。
ここで、RR(b_N2)に”next-hop-self ”を定義します。
neighbor-group RR_CORE remote-as 65001 update-source Loopback0 address-family ipv4 labeled-unicast next-hop-self ! address-family vpnv4 unicast next-hop-self ! ! neighbor-group RRV6_CORE remote-as 65001 update-source Loopback0 address-family ipv6 labeled-unicast next-hop-self ! address-family vpnv6 unicast next-hop-self ! ! neighbor 5.5.5.5 use neighbor-group RR_CORE ! neighbor 1125:5:5:5::5 use neighbor-group RRV6_CORE ! !
おぉ!きたこれ!
ABR(b_N3)のルーティングテーブルにb_N1's Loopbackの情報が入ってきました。
RP/0/RP0/CPU0:b_N3#show route
route router router-id
RP/0/RP0/CPU0:b_N3#show route | b Gate
Sun Jan 15 02:09:50.567 UTC
Gateway of last resort is not set
B 1.1.1.1/32 [200/0] via 2.2.2.2, 00:00:34
i L2 2.2.2.2/32 [115/10] via 10.2.3.2, 00:25:21, GigabitEthernet0/0/0/1
L 3.3.3.3/32 is directly connected, 5d14h, Loopback0
i L1 4.4.4.4/32 [115/10] via 10.3.4.4, 00:58:10, GigabitEthernet0/0/0/0
i L2 5.5.5.5/32 [115/20] via 10.3.5.5, 00:25:21, GigabitEthernet0/0/0/2
C 10.2.3.0/24 is directly connected, 5d14h, GigabitEthernet0/0/0/1
L 10.2.3.3/32 is directly connected, 5d14h, GigabitEthernet0/0/0/1
i L2 10.2.5.0/24 [115/20] via 10.3.5.5, 00:25:21, GigabitEthernet0/0/0/2
[115/20] via 10.2.3.2, 00:25:21, GigabitEthernet0/0/0/1
C 10.3.4.0/24 is directly connected, 5d14h, GigabitEthernet0/0/0/0
L 10.3.4.3/32 is directly connected, 5d14h, GigabitEthernet0/0/0/0
C 10.3.5.0/24 is directly connected, 5d14h, GigabitEthernet0/0/0/2
L 10.3.5.3/32 is directly connected, 5d14h, GigabitEthernet0/0/0/2
RP/0/RP0/CPU0:b_N3#
ABR(b_N3)でBGP-LUを確認します。
RP/0/RP0/CPU0:b_N3#show bgp labels
Sun Jan 15 02:11:08.736 UTC
BGP router identifier 3.3.3.3, local AS number 65001
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000 RD version: 51
BGP main routing table version 51
BGP NSR Initial initsync version 4 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
*>i1.1.1.1/32 2.2.2.2 24007 24010
*>i2.2.2.2/32 2.2.2.2 3 24020
*> 3.3.3.3/32 0.0.0.0 nolabel 3
*>i4.4.4.4/32 4.4.4.4 3 24016
*>i5.5.5.5/32 5.5.5.5 3 24023
Processed 5 prefixes, 5 paths
LFIBで同じ情報が確認できます。
RP/0/RP0/CPU0:b_N3#show mpls forwarding labels 24010 detail
Sun Jan 15 02:10:37.589 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24010 24007 1.1.1.1/32 2.2.2.2 0
Updated: Jan 15 02:09:16.534
Path Flags: 0x6000 [ ]
Version: 216, Priority: 4
Label Stack (Top -> Bottom): { 24007 }
NHID: 0x0, Encap-ID: N/A, Path idx: 0, Backup path idx: 0, Weight: 0
MAC/Encaps: 0/4, MTU: 0
Packets Switched: 0
RP/0/RP0/CPU0:b_N3#
IS-ISのCOREドメインに対して定義しました。もう一方のACCESS1ドメインに対しても同様に”next-hop-self ”を定義します。
neighbor-group RRC_ACCESS1 remote-as 65001 update-source Loopback0 address-family ipv4 labeled-unicast route-reflector-client next-hop-self ! address-family vpnv4 unicast route-reflector-client next-hop-self ! ! neighbor-group RRCV6_ACCESS1 remote-as 65001 update-source Loopback0 address-family ipv6 labeled-unicast route-reflector-client next-hop-self ! address-family vpnv6 unicast route-reflector-client next-hop-self ! ! neighbor 1.1.1.1 use neighbor-group RRC_ACCESS1 ! neighbor 1125:1:1:1::1 use neighbor-group RRCV6_ACCESS1 ! !
PE(b_N1)のルーティングテーブルにCOREドメインの情報が入ってきました。
RP/0/RP0/CPU0:b_N1#show route | b Gate Sun Jan 15 02:15:56.662 UTC Gateway of last resort is not set L 1.1.1.1/32 is directly connected, 20:28:51, Loopback0 i L1 2.2.2.2/32 [115/10] via 10.1.2.2, 01:18:52, GigabitEthernet0/0/0/0 B 3.3.3.3/32 [200/0] via 2.2.2.2, 00:00:25 B 5.5.5.5/32 [200/0] via 2.2.2.2, 00:00:25 C 10.1.2.0/24 is directly connected, 20:28:07, GigabitEthernet0/0/0/0 L 10.1.2.1/32 is directly connected, 20:28:07, GigabitEthernet0/0/0/0 RP/0/RP0/CPU0:b_N1#
ABR(b_N3)でBGP-LUを確認します。
RP/0/RP0/CPU0:b_N1#show bgp labels
Sun Jan 15 02:16:52.005 UTC
BGP router identifier 1.1.1.1, local AS number 65001
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000 RD version: 44
BGP main routing table version 44
BGP NSR Initial initsync version 6 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
*> 1.1.1.1/32 0.0.0.0 nolabel 3
*>i2.2.2.2/32 2.2.2.2 3 24009
*>i3.3.3.3/32 2.2.2.2 24019 24010
*>i5.5.5.5/32 2.2.2.2 24001 24000
Processed 4 prefixes, 4 paths
RP/0/RP0/CPU0:b_N1#
LFIBで同じ情報を確認できます。
RP/0/RP0/CPU0:b_N1#show mpls forwarding labels 24010 detail
Sun Jan 15 02:18:55.930 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24010 24019 3.3.3.3/32 2.2.2.2 0
Updated: Jan 15 02:15:31.154
Path Flags: 0x6000 [ ]
Version: 74, Priority: 4
Label Stack (Top -> Bottom): { 24019 }
NHID: 0x0, Encap-ID: N/A, Path idx: 0, Backup path idx: 0, Weight: 0
MAC/Encaps: 0/4, MTU: 0
Packets Switched: 0
RP/0/RP0/CPU0:b_N1#
RP/0/RP0/CPU0:b_N1#show mpls forwarding labels 24000 detail
Sun Jan 15 02:19:13.281 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24000 24001 5.5.5.5/32 2.2.2.2 0
Updated: Jan 15 02:15:31.155
Path Flags: 0x6000 [ ]
Version: 75, Priority: 4
Label Stack (Top -> Bottom): { 24001 }
NHID: 0x0, Encap-ID: N/A, Path idx: 0, Backup path idx: 0, Weight: 0
MAC/Encaps: 0/4, MTU: 0
Packets Switched: 0
RP/0/RP0/CPU0:b_N1#
ここまでは前回と同様です。
3面になってもすべきことは一緒です。他方のABR(b_N3)で同様の定義をします。
CEのルーティングテーブルにも対向のCE情報が入ってきました。
b_CE1#show ip route | begin Gate
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.10.20.0/24 is directly connected, GigabitEthernet1
L 10.10.20.2/32 is directly connected, GigabitEthernet1
B 10.10.80.0/24 [20/0] via 10.10.20.1, 00:00:30
100.0.0.0/32 is subnetted, 1 subnets
C 100.100.100.100 is directly connected, Loopback0
200.200.200.0/32 is subnetted, 1 subnets
B 200.200.200.200 [20/0] via 10.10.20.1, 00:00:30
b_CE1#
CE-CE間の疎通も確認できました。
b_CE1#ping 200.200.200.200 source 100.100.100.100 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 200.200.200.200, timeout is 2 seconds: Packet sent with a source address of 100.100.100.100 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 6/31/132 ms b_CE1# b_CE1#traceroute 200.200.200.200 source 100.100.100.100 Type escape sequence to abort. Tracing the route to 200.200.200.200 VRF info: (vrf in name/id, vrf out name/id) 1 10.10.20.1 [AS 65001] 6 msec 1 msec 2 msec 2 10.1.2.2 [MPLS: Label 24013 Exp 0] 12 msec 4 msec 4 msec 3 10.2.3.3 [MPLS: Label 24015 Exp 0] 9 msec 4 msec 3 msec 4 10.3.4.4 [MPLS: Label 24007 Exp 0] 5 msec 3 msec 4 msec 5 10.10.80.2 [AS 65001] 4 msec * 4 msec b_CE1#
ABR(b_N2)のラベル情報
RP/0/RP0/CPU0:b_N2#show mpls forwarding labels 24013 detail
Sun Jan 15 02:27:10.486 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24013 24015 4.4.4.4:200:200.200.200.200/32 \
3.3.3.3 612
Updated: Jan 15 02:24:03.658
Path Flags: 0x6000 [ ]
Version: 515, Priority: 4
Label Stack (Top -> Bottom): { 24015 }
NHID: 0x0, Encap-ID: N/A, Path idx: 0, Backup path idx: 0, Weight: 0
MAC/Encaps: 0/4, MTU: 0
Packets Switched: 6
RP/0/RP0/CPU0:b_N2#
ABR(b_N3)のラベル情報
RP/0/RP0/CPU0:b_N3#show mpls forwarding labels 24015 detail
Sun Jan 15 02:28:01.946 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24015 24007 4.4.4.4:200:200.200.200.200/32 \
4.4.4.4 612
Updated: Jan 15 02:24:01.260
Path Flags: 0x6000 [ ]
Version: 283, Priority: 4
Label Stack (Top -> Bottom): { 24007 }
NHID: 0x0, Encap-ID: N/A, Path idx: 0, Backup path idx: 0, Weight: 0
MAC/Encaps: 0/4, MTU: 0
Packets Switched: 6
RP/0/RP0/CPU0:b_N3#
PE(b_N4)のラベル情報
RP/0/RP0/CPU0:b_N4#show mpls forwarding labels 24007 detail
Sun Jan 15 02:29:30.101 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24007 Unlabelled 200.200.200.200/32[V] \
Gi0/0/0/1 10.10.80.2 0
Updated: Jan 10 12:23:01.135
Path Flags: 0x6020 [ EXT ]
Version: 5, Priority: 3
Label Stack (Top -> Bottom): { Unlabelled }
NHID: 0x0, Encap-ID: N/A, Path idx: 0, Backup path idx: 0, Weight: 0
MAC/Encaps: 4/4, MTU: 1500
Outgoing Interface: GigabitEthernet0/0/0/1 (ifhandle 0x01000030)
Packets Switched: 0
RP/0/RP0/CPU0:b_N4#
ラベル情報も一致していることが確認できました。
IPv6ルーティングも確認します。
b_CE1#sh ipv6 route
IPv6 Routing Table - default - 6 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, RL - RPL, O - OSPF Intra, OI - OSPF Inter
OE1 - OSPF ext 1, OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1
ON2 - OSPF NSSA ext 2, la - LISP alt, lr - LISP site-registrations
ld - LISP dyn-eid, lA - LISP away, le - LISP extranet-policy
lp - LISP publications, a - Application, m - OMP
LC 1125:100:100:100::100/128 [0/0]
via Loopback0, receive
B 1125:200:200:200::200/128 [20/0], tag 65001
via FE80::5200:FF:FE1E:4, GigabitEthernet1
C 1125:1010:20::/64 [0/0]
via GigabitEthernet1, directly connected
L 1125:1010:20::2/128 [0/0]
via GigabitEthernet1, receive
B 1125:1010:80::/64 [20/0], tag 65001
via FE80::5200:FF:FE1E:4, GigabitEthernet1
L FF00::/8 [0/0]
via Null0, receive
b_CE1#
IPv6疎通も問題なし。
b_CE1#ping ipv6 1125:200:200:200::200 source 1125:100:100:100::100 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 1125:200:200:200::200, timeout is 2 seconds: Packet sent with a source address of 1125:100:100:100::100 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 3/5/10 ms b_CE1# b_CE1#traceroute ipv6 1125:200:200:200::200 source 1125:100:100:100::100 Type escape sequence to abort. Tracing the route to 1125:200:200:200::200 1 1125:1010:20::1 [AS 65001] 3 msec 2 msec 3 msec 2 1125:1:2::2 [MPLS: Label 24014 Exp 0] 4 msec 3 msec 4 msec 3 1125:2:3::3 [MPLS: Label 24024 Exp 0] 4 msec 3 msec 3 msec 4 1125:3:4::4 [MPLS: Label 24008 Exp 0] 3 msec 4 msec 4 msec 5 1125:1010:80::2 [AS 65001] 3 msec 3 msec 3 msec b_CE1#
ABR(b_N2)のラベル情報
RP/0/RP0/CPU0:b_N2#show mpls forwarding labels 24014 detail
Sun Jan 15 02:36:31.149 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24014 24024 4.4.4.4:200:1125:200:200:200::200/128 \
1125:3:3:3::3 1464
Updated: Jan 15 02:24:03.662
Path Flags: 0x6000 [ ]
Version: 516, Priority: 4
Label Stack (Top -> Bottom): { 24024 }
NHID: 0x0, Encap-ID: N/A, Path idx: 0, Backup path idx: 0, Weight: 0
MAC/Encaps: 0/4, MTU: 0
Packets Switched: 12
RP/0/RP0/CPU0:b_N2#
ABR(b_N3)のラベル情報
RP/0/RP0/CPU0:b_N3#show mpls forwarding labels 24024 detail
Sun Jan 15 02:37:36.560 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24024 24008 4.4.4.4:200:1125:200:200:200::200/128 \
1125:4:4:4::4 1464
Updated: Jan 15 02:24:01.261
Path Flags: 0x6000 [ ]
Version: 286, Priority: 4
Label Stack (Top -> Bottom): { 24008 }
NHID: 0x0, Encap-ID: N/A, Path idx: 0, Backup path idx: 0, Weight: 0
MAC/Encaps: 0/4, MTU: 0
Packets Switched: 12
RP/0/RP0/CPU0:b_N3#
PE(b_N4)のラベル情報
RP/0/RP0/CPU0:b_N4#show mpls forwarding labels 24008 detail
Sun Jan 15 02:38:16.588 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24008 Unlabelled 1125:200:200:200::200/128[V] \
Gi0/0/0/1 fe80::5200:ff:fe24:0 \
8344
Updated: Jan 10 12:23:03.701
Path Flags: 0x6020 [ EXT ]
Version: 5, Priority: 3
Label Stack (Top -> Bottom): { Unlabelled }
NHID: 0x0, Encap-ID: N/A, Path idx: 0, Backup path idx: 0, Weight: 0
MAC/Encaps: 4/4, MTU: 1500
Outgoing Interface: GigabitEthernet0/0/0/1 (ifhandle 0x01000030)
Packets Switched: 58
RP/0/RP0/CPU0:b_N4#
ラベル情報も一致していることが確認できました。
6. 最終Config
a_N1のconfig
hostname b_N1
group CCIE-ISIS
router isis '.*'
is-type level-1
address-family ipv4 unicast
metric-style wide
segment-routing mpls
!
address-family ipv6 unicast
segment-routing mpls
!
interface 'Gi.*'
point-to-point
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
interface 'Loopback.*'
passive
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
!
end-group
!
vrf A
rd 1.1.1.1:100
address-family ipv4 unicast
import route-target
200:1
!
export route-target
100:1
!
!
address-family ipv6 unicast
import route-target
400:2
!
export route-target
300:2
!
!
!
!
interface Loopback0
ipv4 address 1.1.1.1 255.255.255.255
ipv6 address 1125:1:1:1::1/128
!
interface MgmtEth0/RP0/CPU0/0
shutdown
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.1.2.1 255.255.255.0
ipv6 address 1125:1:2::1/64
!
interface GigabitEthernet0/0/0/1
vrf A
ipv4 address 10.10.20.1 255.255.255.0
ipv6 address 1125:1010:20::1/64
!
!
route-policy PASS
pass
end-policy
!
router isis ACCESS1
apply-group CCIE-ISIS
net 49.0001.0000.0000.0001.00
instance-id 100
interface Loopback0
address-family ipv4 unicast
prefix-sid index 1
!
address-family ipv6 unicast
prefix-sid index 1001
!
!
interface GigabitEthernet0/0/0/0
!
!
router bgp 65001
bgp router-id 1.1.1.1
address-family ipv4 unicast
network 1.1.1.1/32
allocate-label all
!
address-family vpnv4 unicast
!
address-family ipv6 unicast
network 1125:1:1:1::1/128
allocate-label all
!
address-family vpnv6 unicast
!
neighbor 2.2.2.2
remote-as 65001
update-source Loopback0
address-family ipv4 labeled-unicast
!
address-family vpnv4 unicast
!
!
neighbor 1125:2:2:2::2
remote-as 65001
update-source Loopback0
address-family ipv6 labeled-unicast
!
address-family vpnv6 unicast
!
!
vrf A
rd 1.1.1.1:100
address-family ipv4 unicast
redistribute connected
!
address-family ipv6 unicast
redistribute connected
!
neighbor 10.10.20.2
remote-as 100
address-family ipv4 unicast
route-policy PASS in
route-policy PASS out
!
!
neighbor 1125:1010:20::2
remote-as 100
address-family ipv6 unicast
route-policy PASS in
route-policy PASS out
!
!
!
!
end
a_N2のconfig
hostname b_N2 group CCIE-ISIS router isis '.*' address-family ipv4 unicast metric-style wide segment-routing mpls ! address-family ipv6 unicast segment-routing mpls ! interface 'Gi.*' point-to-point address-family ipv4 unicast ! address-family ipv6 unicast ! ! interface 'Loopback.*' passive address-family ipv4 unicast ! address-family ipv6 unicast ! ! ! end-group ! interface Loopback0 ipv4 address 2.2.2.2 255.255.255.255 ipv6 address 1125:2:2:2::2/128 ! interface MgmtEth0/RP0/CPU0/0 shutdown ! interface GigabitEthernet0/0/0/0 ipv4 address 10.1.2.2 255.255.255.0 ipv6 address 1125:1:2::2/64 ! interface GigabitEthernet0/0/0/1 ipv4 address 10.2.3.2 255.255.255.0 ipv6 address 1125:2:3::2/64 ! interface GigabitEthernet0/0/0/2 ipv4 address 10.2.5.2 255.255.255.0 ipv6 address 1125:2:5::2/64 ! router isis CORE apply-group CCIE-ISIS is-type level-2-only net 49.0002.0000.0000.0002.00 address-family ipv6 unicast single-topology ! interface Loopback0 address-family ipv4 unicast prefix-sid index 2 ! address-family ipv6 unicast prefix-sid index 1002 ! ! interface GigabitEthernet0/0/0/1 ! interface GigabitEthernet0/0/0/2 ! ! router isis ACCESS1 apply-group CCIE-ISIS is-type level-1 net 49.0001.0000.0000.0002.00 instance-id 100 interface Loopback0 address-family ipv4 unicast prefix-sid index 2 ! address-family ipv6 unicast prefix-sid index 1002 ! ! interface GigabitEthernet0/0/0/0 ! ! router bgp 65001 bgp router-id 2.2.2.2 ibgp policy out enforce-modifications address-family ipv4 unicast network 2.2.2.2/32 allocate-label all ! address-family vpnv4 unicast ! address-family ipv6 unicast network 1125:2:2:2::2/128 allocate-label all ! address-family vpnv6 unicast ! neighbor-group RR_CORE remote-as 65001 update-source Loopback0 address-family ipv4 labeled-unicast next-hop-self ! address-family vpnv4 unicast next-hop-self ! ! neighbor-group RRV6_CORE remote-as 65001 update-source Loopback0 address-family ipv6 labeled-unicast next-hop-self ! address-family vpnv6 unicast next-hop-self ! ! neighbor-group RRC_ACCESS1 remote-as 65001 update-source Loopback0 address-family ipv4 labeled-unicast route-reflector-client next-hop-self ! address-family vpnv4 unicast route-reflector-client next-hop-self ! ! neighbor-group RRCV6_ACCESS1 remote-as 65001 update-source Loopback0 address-family ipv6 labeled-unicast route-reflector-client next-hop-self ! address-family vpnv6 unicast route-reflector-client next-hop-self ! ! neighbor 1.1.1.1 use neighbor-group RRC_ACCESS1 ! neighbor 5.5.5.5 use neighbor-group RR_CORE ! neighbor 1125:1:1:1::1 use neighbor-group RRCV6_ACCESS1 ! neighbor 1125:5:5:5::5 use neighbor-group RRV6_CORE ! ! end
a_N3のconfig
hostname b_N3 group CCIE-ISIS router isis '.*' address-family ipv4 unicast metric-style wide segment-routing mpls ! address-family ipv6 unicast segment-routing mpls ! interface 'Gi.*' point-to-point address-family ipv4 unicast ! address-family ipv6 unicast ! ! interface 'Loopback.*' passive address-family ipv4 unicast ! address-family ipv6 unicast ! ! ! end-group ! interface Loopback0 ipv4 address 3.3.3.3 255.255.255.255 ipv6 address 1125:3:3:3::3/128 ! interface GigabitEthernet0/0/0/0 ipv4 address 10.3.4.3 255.255.255.0 ipv6 address 1125:3:4::3/64 ! interface GigabitEthernet0/0/0/1 ipv4 address 10.2.3.3 255.255.255.0 ipv6 address 1125:2:3::3/64 ! interface GigabitEthernet0/0/0/2 ipv4 address 10.3.5.3 255.255.255.0 ipv6 address 1125:3:5::3/64 ! router isis CORE apply-group CCIE-ISIS is-type level-2-only net 49.0002.0000.0000.0003.00 address-family ipv6 unicast single-topology ! interface Loopback0 address-family ipv4 unicast prefix-sid index 3 ! address-family ipv6 unicast prefix-sid index 1003 ! ! interface GigabitEthernet0/0/0/1 ! interface GigabitEthernet0/0/0/2 ! ! router isis ACCESS2 apply-group CCIE-ISIS is-type level-1 net 49.0003.0000.0000.0003.00 instance-id 200 interface Loopback0 address-family ipv4 unicast prefix-sid index 3 ! address-family ipv6 unicast prefix-sid index 1003 ! ! interface GigabitEthernet0/0/0/0 ! ! router bgp 65001 bgp router-id 3.3.3.3 ibgp policy out enforce-modifications address-family ipv4 unicast network 3.3.3.3/32 allocate-label all ! address-family vpnv4 unicast ! address-family ipv6 unicast network 1125:3:3:3::3/128 allocate-label all ! address-family vpnv6 unicast ! neighbor-group RR_CORE remote-as 65001 update-source Loopback0 address-family ipv4 labeled-unicast next-hop-self ! address-family vpnv4 unicast next-hop-self ! ! neighbor-group RRV6_CORE remote-as 65001 update-source Loopback0 address-family ipv6 labeled-unicast next-hop-self ! address-family vpnv6 unicast next-hop-self ! ! neighbor-group RRC_ACCESS2 remote-as 65001 update-source Loopback0 address-family ipv4 labeled-unicast route-reflector-client next-hop-self ! address-family vpnv4 unicast route-reflector-client next-hop-self ! ! neighbor-group RRCV6_ACCESS2 remote-as 65001 update-source Loopback0 address-family ipv6 labeled-unicast route-reflector-client next-hop-self ! address-family vpnv6 unicast route-reflector-client next-hop-self ! ! neighbor 4.4.4.4 use neighbor-group RRC_ACCESS2 ! neighbor 5.5.5.5 use neighbor-group RR_CORE ! neighbor 1125:4:4:4::4 use neighbor-group RRCV6_ACCESS2 ! neighbor 1125:5:5:5::5 use neighbor-group RRV6_CORE ! ! end
a_N4のconfig
hostname b_N4
group CCIE-ISIS
router isis '.*'
is-type level-1
address-family ipv4 unicast
metric-style wide
segment-routing mpls
!
address-family ipv6 unicast
segment-routing mpls
!
interface 'Gi.*'
point-to-point
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
interface 'Loopback.*'
passive
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
!
end-group
!
vrf B
rd 4.4.4.4:200
address-family ipv4 unicast
import route-target
100:1
!
export route-target
200:1
!
!
address-family ipv6 unicast
import route-target
300:2
!
export route-target
400:2
!
!
!
!
interface Loopback0
ipv4 address 4.4.4.4 255.255.255.255
ipv6 address 1125:4:4:4::4/128
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.3.4.4 255.255.255.0
ipv6 address 1125:3:4::4/64
!
interface GigabitEthernet0/0/0/1
vrf B
ipv4 address 10.10.80.1 255.255.255.0
ipv6 address 1125:1010:80::1/64
!
route-policy PASS
pass
end-policy
!
router isis ACCESS2
apply-group CCIE-ISIS
net 49.0003.0000.0000.0004.00
instance-id 200
interface Loopback0
address-family ipv4 unicast
prefix-sid index 4
!
address-family ipv6 unicast
prefix-sid index 1004
!
!
interface GigabitEthernet0/0/0/0
!
!
router bgp 65001
bgp router-id 4.4.4.4
address-family ipv4 unicast
network 4.4.4.4/32
allocate-label all
!
address-family vpnv4 unicast
!
address-family ipv6 unicast
network 1125:4:4:4::4/128
allocate-label all
!
address-family vpnv6 unicast
!
neighbor 3.3.3.3
remote-as 65001
update-source Loopback0
address-family ipv4 labeled-unicast
!
address-family vpnv4 unicast
!
!
neighbor 1125:3:3:3::3
remote-as 65001
update-source Loopback0
address-family ipv6 labeled-unicast
!
address-family vpnv6 unicast
!
!
vrf B
rd 4.4.4.4:200
address-family ipv4 unicast
redistribute connected
!
address-family ipv6 unicast
redistribute connected
!
neighbor 10.10.80.2
remote-as 200
address-family ipv4 unicast
route-policy PASS in
route-policy PASS out
!
!
neighbor 1125:1010:80::2
remote-as 200
address-family ipv6 unicast
route-policy PASS in
route-policy PASS out
!
!
!
!
end
a_N5のconfig
hostname b_N5 ! no ip domain lookup ! ipv6 unicast-routing ! interface Loopback0 ip address 5.5.5.5 255.255.255.255 ip router isis CORE ipv6 address 1125:5:5:5::5/128 ipv6 router isis CORE ! interface GigabitEthernet1 ip address 10.2.5.5 255.255.255.0 ip router isis CORE ipv6 address 1125:2:5::5/64 ipv6 router isis CORE isis network point-to-point ! interface GigabitEthernet2 ip address 10.3.5.5 255.255.255.0 ip router isis CORE ipv6 address 1125:3:5::5/64 ipv6 router isis CORE isis network point-to-point ! ! segment-routing mpls ! router isis CORE net 49.0002.0000.0000.0005.00 is-type level-2-only metric-style wide ! router bgp 65001 bgp router-id 5.5.5.5 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor RRC_CORE peer-group neighbor RRC_CORE remote-as 65001 neighbor RRC_CORE update-source Loopback0 neighbor RRCV6_CORE peer-group neighbor RRCV6_CORE remote-as 65001 neighbor RRCV6_CORE update-source Loopback0 neighbor 2.2.2.2 peer-group RRC_CORE neighbor 3.3.3.3 peer-group RRC_CORE neighbor 1125:2:2:2::2 peer-group RRCV6_CORE neighbor 1125:3:3:3::3 peer-group RRCV6_CORE ! address-family ipv4 neighbor RRC_CORE route-reflector-client neighbor RRC_CORE send-label neighbor 2.2.2.2 activate neighbor 3.3.3.3 activate exit-address-family ! address-family vpnv4 neighbor RRC_CORE send-community extended neighbor RRC_CORE route-reflector-client neighbor 2.2.2.2 activate neighbor 3.3.3.3 activate exit-address-family ! address-family ipv6 neighbor RRCV6_CORE route-reflector-client neighbor RRCV6_CORE send-label neighbor 1125:2:2:2::2 activate neighbor 1125:3:3:3::3 activate exit-address-family ! address-family vpnv6 neighbor RRCV6_CORE send-community extended neighbor RRCV6_CORE route-reflector-client neighbor 1125:2:2:2::2 activate neighbor 1125:3:3:3::3 activate exit-address-family ! end
a_CE1のconfig
hostname b_CE1 ! no ip domain lookup ! ipv6 unicast-routing ! interface Loopback0 ip address 100.100.100.100 255.255.255.255 ipv6 address 1125:100:100:100::100/128 ! interface GigabitEthernet1 ip address 10.10.20.2 255.255.255.0 ipv6 address 1125:1010:20::2/64 ! router bgp 100 bgp router-id 100.100.100.100 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor 10.10.20.1 remote-as 65001 neighbor 1125:1010:20::1 remote-as 65001 ! address-family ipv4 network 100.100.100.100 mask 255.255.255.255 neighbor 10.10.20.1 activate exit-address-family ! address-family ipv6 network 1125:100:100:100::100/128 neighbor 1125:1010:20::1 activate exit-address-family ! end
a_CE2のconfig
hostname b_CE2 ! no ip domain lookup ! ipv6 unicast-routing ! interface Loopback0 ip address 200.200.200.200 255.255.255.255 ipv6 address 1125:200:200:200::200/128 ! interface GigabitEthernet1 ip address 10.10.80.2 255.255.255.0 ipv6 address 1125:1010:80::2/64 ! ! router bgp 200 bgp router-id 200.200.200.200 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor 10.10.80.1 remote-as 65001 neighbor 1125:1010:80::1 remote-as 65001 ! address-family ipv4 network 200.200.200.200 mask 255.255.255.255 neighbor 10.10.80.1 activate exit-address-family ! address-family ipv6 network 1125:200:200:200::200/128 neighbor 1125:1010:80::1 activate exit-address-family ! end
最後までお読みいただきありがとうございました!
