CISCO6509與JUNIPER做MPLS VPN
 

CISCO6509和JUNIPER做MPLS VPN
先說明一下,目的是要把6509上的VLAN1和VLAN10,透過自己建立的MPLS VPN與JUNIPER ROUTE上連接的3個VLAN連接,JUNIPER上與CISCO-2950做TRUNK,並擔當單網路卡的VLAN間路由,


6509
引擎用SUPER720 用WS-X6548-GE-TX上的G3/1和OLIVE1連接
IOS版本:s72033-psv-mz.122-17d.SXB.bin

6509--VRF
ip vrf red
rd 65000:1
route-target export 65000:1
route-target import 65000:1

G3/1的配置
interface GigabitEthernet3/1
ip address 172.16.4.1 255.255.255.0
mpls label protocol ldp
tag-switching ip

MPLS和BGP以及OSPF
interface Vlan1
ip vrf forwarding red
ip address 10.229.8.1 255.255.255.0
!
interface Vlan10
ip vrf forwarding red
ip address 10.229.1.1 255.255.255.0
!
router ospf 1
log-adjacency-changes
network 172.16.4.0 0.0.0.255 area 0
network 192.168.100.0 0.0.0.255 area 0
!
router ospf 25 vrf red
log-adjacency-changes
redistribute bgp 65000 subnets
network 10.229.1.0 0.0.0.255 area 0
network 10.229.8.0 0.0.0.255 area 0
!
router bgp 65000
no synchronization
bgp router-id 192.168.100.5
bgp log-neighbor-changes
neighbor 192.168.100.4 remote-as 65000
neighbor 192.168.100.4 update-source Loopback0
neighbor 192.168.100.4 next-hop-self
no auto-summary
!
address-family vpnv4
neighbor 192.168.100.4 activate
neighbor 192.168.100.4 send-community both
exit-address-family
!
address-family ipv4 vrf red
redistribute ospf 25 metric 50 match external 1 external 2
no auto-summary
no synchronization
exit-address-family

JUNIPER
VRF的配置
policy-options {
policy-statement MY_IMPORT {
term 1 {
from {
protocol bgp;
community VPN-RED;
}
then accept;
}
term 2 {
then reject;
}
}
policy-statement MY_EXPORT {
term 1 {
then {
community add VPN-RED;
accept;
}
}
term 2 {
then reject;
}
}
community VPN-RED members target:65000:01;
}
routing-instances {
red {
description red-vpn;
instance-type vrf;
interface fxp1.0;
interface fxp1.200;
interface fxp1.300;
route-distinguisher 65000:01;
vrf-import MY_IMPORT;
vrf-export MY_EXPORT;
routing-options {
auto-export;
}
protocols {
ospf {
area 0.0.0.0 {
interface fxp1.0;
interface fxp1.200;
interface fxp1.300;
}
}
}
}
}


FXP1的配置
fxp1 {
vlan-tagging;
unit 0 {
description red-vpn;
vlan-id 1;
family inet {
address 10.229.0.118/24;
}
family mpls;
}
unit 200 {
description red-vpn;
vlan-id 20;
family inet {
address 10.229.3.1/24;
}
family mpls;
}
unit 300 {
description red-vpn;
vlan-id 10;
family inet {
address 10.229.4.1/24;
}
family mpls;


c6509#show ip vrf red
Name Default RD Interfaces
red 65000:1 Vlan1
Vlan10
c6509#show ip rou
c6509#show ip route vrf red
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/24 is subnetted, 4 subnets
B 10.229.4.0 [200/0] via 192.168.100.4, 00:17:47
B 10.229.3.0 [200/0] via 192.168.100.4, 00:17:47
C 10.229.1.0 is directly connected, Vlan10
B 10.229.0.0 [200/0] via 192.168.100.4, 00:17:47



xxzx@olive4# run show route forwarding-table vpn red
Routing table: red.inet
Internet:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 dscd 14 2
10.229.0.0/24 intf 0 rslv 52 1 fxp1.0
10.229.0.0/32 dest 0 10.229.0.0 recv 50 1 fxp1.0
10.229.0.118/32 intf 0 10.229.0.118 locl 51 2
10.229.0.118/32 dest 0 10.229.0.118 locl 51 2
10.229.0.255/32 dest 0 10.229.0.255 bcst 49 1 fxp1.0
10.229.3.0/24 intf 0 rslv 56 1 fxp1.200
10.229.3.0/32 dest 0 10.229.3.0 recv 54 1 fxp1.200
10.229.3.1/32 intf 0 10.229.3.1 locl 55 2
10.229.3.1/32 dest 0 10.229.3.1 locl 55 2
10.229.3.99/32 dest 0 0:10:60:75:4c:a4 ucst 63 1 fxp1.200
10.229.3.255/32 dest 0 10.229.3.255 bcst 53 1 fxp1.200
10.229.4.0/24 intf 0 rslv 60 1 fxp1.300
10.229.4.0/32 dest 0 10.229.4.0 recv 58 1 fxp1.300
10.229.4.1/32 intf 0 10.229.4.1 locl 59 2
10.229.4.1/32 dest 0 10.229.4.1 locl 59 2
10.229.4.255/32 dest 0 10.229.4.255 bcst 57 1 fxp1.300
224.0.0.0/4 perm 1 mdsc 15 3
224.0.0.1/32 perm 0 224.0.0.1 mcst 11 7
224.0.0.5/32 user 1 224.0.0.5 mcst 11 7
255.255.255.255/32 perm 0 bcst 12 3
P ROUTE用得都是6.0
PE ROUTE用得5.4北美版
CISCO6509用得SUP720