Оглавление Введение......................................................3 1. Общий анализ принципов построения современных глобальных сетей связи, применяемых для организации VPN сетей. Анализ и сравнение технологии MPLS VPN..................................6 1.1 Обзор технологий глобальных сетей, применяемых для построения VPN сетей..........................................6 1.2 VPN-сети с установлением соединения.......................7 1.2.1 Сети на основе технологии TDM.........................8 1.2.2 VPN-сети на основе технологии передачи фреймов.......10 1.2.3 VPN-сети на основе технологии передачи ячеек.........11 1.2.4 VPN-сети 3-го уровня с установлением соединения......13 1.3 VPN-сети без установления соединения.....................16 1.3.1 Обычные VPN-сети протокола IP........................16 1.3.2 VPN-сети на основе коммутации MPLS...................18 1.4 Сравнение VPN-технологий.................................20 1.5 Преимущества VPN-сетей MPLS..............................20 1.6 Постановка технического задания.........................26 1.7 Выводы по главе..........................................27 2. Исследование технологии MPLS VPN. Алгоритм настройки сетей MPLS VPN...................................................... 28 2.1 Принцип работы VPN-сетей MPLS............................28 2.1.1 Маршрутизация и пересылка пакетов в сетях VPN........30 2.1.2 Распространение маршрутной информации в VPN-сети.....32 2.1.3 Пересылка пакетов в сети MPLS........................34 2.2 Проектирование сети......................................36 2.2.1 Выбор протоколов используемых на участке СЕ-РЕ.......36 2.2.1.1 Внутренние и внешние протоколы маршрутизации.....38 2.2.1.2 Дистанционно-векторные и протоколы маршрутизации с учетом состояния.............................................39 2.2.1.3 Протоколы маршрутизации..........................41 2.2.1.4 Обоснование выбора...............................43 2.2.2 Выбор оборудования...................................43 2.2.3 Этапы конфигурирования маршрутизаторов...............52 2.2.3.1 Конфигурирование интерфейсов сети и протокола IGP 52 2.2.3.2 УказаниеVPN-сети пользователя....................53 2.2.3.3 Конфигурирование сеансов маршрутизации РЕ-РЕ.....54 2.2.3.4 Конфигурирование сеансов маршрутизации РЕ-СЕ.....55 2.2.3.5 Конфигурирование Р-маршрутизаторов...............56 2.2.3.6 Конфигурирование СЕ-маршрутизаторов..............57 2.2.3.7 Конфигурирование функций QoS для VPN-сетей MPLS. .58
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
31. , VPN . MPLS VPN61.1 , VPN .61.2 VPN- 7 1.2.1 TDM8 1.2.2 VPN- 10 1.2.3 VPN- 11 1.2.4 VPN- 3- 131.3 VPN- 16 1.3.1 VPN- IP16 1.3.2 VPN- MPLS181.4 VPN-201.5 VPN- MPLS201.6 261.7 272. MPLS VPN. MPLS VPN.282.1 VPN- MPLS28 2.1.1 VPN30 2.1.2 VPN-32 2.1.3 MPLS342.2 36 2.2.1 -36 2.2.1.1 38 2.2.1.2 - 39 2.2.1.3 41 2.2.1.4 43 2.2.2 43 2.2.3 52 2.2.3.1 IGP52 2.2.3.2 VPN- 53 2.2.3.3 -54 2.2.3.4 -55 2.2.3.5 -56 2.2.3.6 -57 2.2.3.7 QoS VPN- MPLS58 2.2.3.8 VPN-c QoS63 2.3 ....653. 653.1 663.2 68 3.2.1 68 3.2.2 71 3.3 744. VPN-754.1 754.2 814.3 864.4 914.5 954.6 9798 99 100 2:100 3101 4102 5103 105 105 108 111
, . , , , () , . , , , , . - , - , (, , ) ( , ) , , , , [1]. ( ) (, ). , . : ; ; ; . :
IP-; : , , ; , ; -; .
. , , . , , , , ., , , . , , , . , . VPN , [5]. VPN . , , [8]. , VPN, VPN-. , , MPLS, , , . , MPLS IP ATM, , , . MPLS , , IETF, MPLS, , ., IP- MPLS (QoS), , , . QoS , , , . , , VPN MPLS, , . VPN MPLS. : , VPN; VPN MPLS; VPN MPLS; VPN , . , VPN MPLS.
1. , VPN . MPLS VPN1.1 , VPN . (Virtual Private Network VPN) TDM .25 . Frame Relay ATM .25 . VPN, , . " " (VPN) .25, Frame Relay ATM [15]. (Enterprise Network Management) IP-[8]. (outsourcing) , . IP (Managed IP) (Service-Level Agreement SLA) (end-to-end) (QoS) [6].VPN- IP . (value-added) VPN-. VPN, (IP Security - IPSec) (Multiprotocol Label Switching MPLS). VPN. VPN- IP Cisco IOS VPN- 3- IP 4 (IPv4). VPN- IP , , , , . IP . (WAN). , ( , ). , , (Electronic Data Interchange EDI) . , VPN- IP, .1.2 VPN- VPN- 2- 3- . VPN- 2- "-", Frame Relay ATM. VPN- 3- VPN, - IPSec ( ) (Generic Routing Encapsulation GRE).VPN- , (intranet extranet) , . (Point of Presence ) ISP Internet . VPN- . , VPN- . , VPN- 3- Internet (Quality of Service QoS) . (telecom management) ATM Frame Relay [13]. VPN- , . , .VPN- 2- VPN- . , (.. ).1.2.1 TDM . , , . DS1 DS3, , , 1 . 1.1, , , . DACS (Digital Automatic and CrossConnect System ). . 1.2 , . TDM , . , 64 / ( DS0). TDM .
1.1 VPN-
1.2 VPN
1.2.2 VPN- VPN- , Frame Relay .25, , . 1.3, , . , . PVC SVC (CIR) ( local loop).
1.3 VPN- Frame Relay
1.4 Frame Relay. (Points of Presence POPs) TDM. Frame Relay CPE- FRAD (, ) Frame Relay. Frame Relay Frame Relay ATM ATM. Frame Relay . .25 2- .25, 3- .25, Frame Relay, 2- . .25 SVC PVC, (Logical Channel Identifier LCI).
1.4 VPN Frame Relay
LCI 4- (Logical Group Number LGN) 8- (Logical Channel Number LCN). .25 2- (Link Access Procedure Balanced LAPB).1.2.3 VPN- VPN- , ATM SMDS, , (SVC) (PVC) . , 1.5, . , . PVC SVC : CBR, VBR-RT, VBR-NRT, ABR UBR. ATM PVC (soft PVC), SVC PVC.
1.5 VPN- ATM
1.6 ATM. (Points of Presence POPs) ATM TDM SONET/SDH . - () ATM 2- IP 3- .
1.6 VPN- ATM
1.2.4 VPN- 3- VPN- 3- , , VPN. GRE IP Security (IPSec) "-" IP Internet, (Virtual Private Dialup Network VPDN) Internet , . VPN- (Generic Route Encapsulation GRE) IP- "-". GRE- VPN-. GRE- , , GRE- . 1.7, GRE- VPN- IP- . 3- , IP, IP-.
1.7 VPN- GRE and IPSec
VPN- IPSec , , IP- [5]. IPSec, , , , IP-, Internet. IPSec "-" VPN- IP-. IPSec - , , , VPN- IPSec (Managed IPSec). , IPSec, 1.7. , , IPSec VPN-.VPDN-, L2F L2TP, , , IPSec. IPSec (Data Encryption Standard DES), 168- 3DES . (Public Switched Telephone Network PSTN) ISDN. 1.8, (Virtual Private Dialup Network VPDN) IP- . VPDN IP- , 2- (Layer 2 Forwarding L2F) 2- (Layer 2 Tunneling Protocol L2TP). (Network Access Server NAS), . NAS L2F L2TP . , NAS, , . , (Authentication, Authorization and Accounting AAA) AAA, TACACS+. . VPN- , VPDN, : "--".
1.8 (VPDN)
"-" (Point-to-Point Tunneling Protocol PPTP), "-" Microsoft (Microsoft Point-to-Point Encryption MPPE), VPN- Cisco PPTP [12]. VPN IP-. ( , , client-initiated tunneling), NAS . VPN-. "-" Microsoft (Microsoft Point-to-Point Compression MPPC). 40 128 . . , , . Cisco- Microsoft , .1.3 VPN- VPN- . 3- . .1.3.1 VPN- IP IP (managed IP services), IP- IP- . IP IP- 2- , ATM Frame Relay. VPN- IP 1.9.
1.9 VPN- IP
. , Cisco (Cisco Routing engine) , . . . , RIP , EIGRP , . , Cisco, , 30 IP-. ( ): 30 IGRP-; 30 OSPF-; IS-IS; RIP; BGP; 30 EGP. VPN- IP , . , IP-, . , , VPN-.1.3.2 VPN- MPLSVPN- MPLS . MPLS 2- . . MPLS , Frame Relay ATM , VPN , , . VPN- MPLS 1.10. , . .
1.10 MPLS
MPLS , CPE- , CPE-, VPN. VPN- . , VPN-, VPN. , , , , . , (VPN Routing and Forwarding VRF). , LSR-. LSR- (Provider ) , . MPLS VPN- 3- 2- [5]. . 1.4 VPN- VPN- MPLS, IPSec. , VPN Internet. 1.1 VPN , , , .
1.1 VPN- 2- 3- VPN- MPLS
, ,
, , , (traffic separation),
1.1 2- 3- VPN- MPLS
VPN
QoS
VPN
1.5 VPN- MPLS VPN- MPLS: ; ; VPN; ; ; ; ; ( ); ; ; ; ; Cisco- (Cisco Service Management CSM). MPLS , , , . VPN-. VPN MPLS 3- VPN- . , (Provider Edge router -router), (Customer Edge router CE-router), VPN-. VPN- 3- , (VC).VPN- MPLS , VPN- (Frame Relay ATM). VPN- VPN, , , , VPN- [7]. VPN- . ( -) , IP- , VPN-. VPN VPN- "-" . (.. intranet extranet) . VPN- VPN-, . MPLS , , . MPLS CPE, CPE- MPLS . VPN , , . , RFC 1918 IP- . VPN- MPLS (Network Address Translation NAT) , . NAT , VPN- . IP-. MPLS , . Cisco IOS Cisco IP . , (SLA). MPLS QoS . () , .
(Traffic Engineering Routing with Resource Reservation RRR), RSVP . RRR , IP- . . VPN- 3- VPN. VPN- intranet-, . , (intranet extranet). MPLS , IP- : ; ; VPN; VPN; "--". VPN- IP. QoS VPN: ; VPN- MPLS. , , , . . VPN . VPN- MPLS , , IP, ATM, Frame Relay . , MPLS, .
1.6 , 1, VPN MPLS, Dynampis GNS3, . , . . , . . , RIP 2, OSPF , . . . , , Platinum, Gold Silver. 384 / - , 512 / B 768 / . . . . : , , .
1.7 " " (Virtual Private Network VPN) . VPN IP . IPSec MPLS .VPN- 2- 3- . 2- VPN- Frame Relay ATM. VPN- 3- 2- IPSec (L2TP), 2- (Layer 2 Forwarding L2F) (Generic Routing Encapsulation GRE). VPN- VPDN (Access VPDN).VPN- . 3- . . VPN- VPN- IP VPN- MPLS. VPN- : MPLS IPSec. , , , .
2. MPLS VPN. MPLS VPN.
(VPN) , 3- . VPN- MPLS , 2- 3- . VPN- MPLS , , VPN-. Internet VPN- , IP, ATM Frame Relay. VPN (Multiprotocol Label Switching MPLS) VPN- 3- IPv4. 3- , ATM [4]. MPLS . VPN- , Internet 2- , VPN- Frame Relay ATM. IP 3- , Cisco- MPLS VPN.2.1 VPN- MPLS 2.1 VPN-, . VPN- . , 2- , .
2.1 MPLS
MPLS, VPN-. MPLS (). , ( router), VPN-. LSR- - (provider edge router). - . MPLS (MPLS edge routers ). , (Provider Edge router router), VPN- VPN. , (Customer Edge router router) . - , -, - . (Customer Edge router router). MPLS, . , -, - -, VPN-, . - -. (Customer router -router). , -, MPLS, - .VPN- , -. - VPN- - . - -.2.1.1 VPN VPN- (VPN Routing and Forwarding instance VRF). VRF VPN- , -. VRF IP-, - Cisco (Cisco Express Forwarding CEF), , , , . VPN- . 2.2, VPN-. VRF VPN. VRF- , VPN-, . VRF IP- CEF. VRF CEF. VPN- VPN- , VPN.
2.2 , VPN-
VPN- IP-. , IP-, IP-. IP 4 - IP-. VRF- IP- VPN-. - VRF, VRF- IP- CEF- -. VRF- IP- , VPN-. , VPN-, VRF- VPN- (, VPN). - VRF. , , VRF (routing context). , RIP, , , OSPF, VRF. VPN- VPN, (Border Gateway Protocol communities BGP communities). VPN. VPN-, -, IBGP (Multiprotocol IBGP MP-IBGP), VPN VRF VRF-. , VRF, . VRF. , , VRF. , VRF , , VPN, , , VRF.2.1.2 VPN- (service Provider Edge router) IP- (Customer Edge router) , BGP - RIP 2 OSPF -. IP- IP . - IP-, VPN- IP 4, 64- (Route Distinguisher RD). 96- VPN- IP 4. () , IP-. , VPN- IP 4, , VRF- -.BGP , VPN-. , . , IGP, OSPF IS-IS, 3- BGP- . BGP (), MPLS VPN. BGP VPN- IP 4 VPN-. BGP : ( , BGP IBGP) ( , BGP EBGP). - PE-RR ( , Route Reflector RR) IBGP, - EBGP. VPN- EBGP - -. BGP - VPN- IP 4 BGP, , IP 4[8]. , VPN- , . , (Multiprotocol Border Gateway Protocol MP-BGP) , IP . BGP , (route target) (route origin). VRF. Cisco (Site of Origin SOO) . MP-BGP BGP- -.- VPN-, . VPN- IP 4, VRF-, -. BGP BGP-, , VRF-. , DRAM , -. (Route Refresh and Automatic Route Filtering) BGP-, -. -. -, , VRF, . (Automatic Route Filtering) VPN, , , VRF- -. (Outbound Route Filter ORF) , .2.1.3 MPLS MPLS , IP- CEF- VRF. - , -, , -. , - , - , - . - , -.- MP-BGP VPN-. , VPN-. - , IP-. MPLS, VPN- MPLS.- , IP- 32- ( host routes). BGP- VPN-, -. -; . MPLS- LDP - , -. MPLS VPN- , - -. , . . - , VRF, - . , . - - IP-, - VRF, (bottom label), - ( VRF- -). - , (top label), - ; - MPLS. VPN- . - MPLS . - , VRF- . , IP- -.
2.2 2.2.1 - , , . , . , ; , . . , . , Internet. . , , , . . . , , . , , . . . , , , , . . , . , ( ), EIGRP, RIP. , . , -. , , . , , 2.3. , .
2.3
. , . , ( Fast Ethernet 100 / , 512 /). , . , , . , , , , . . , , . , . , , , , , , . , , . , , , .2.2.1.1 . , , (.. ). 2.4, (Interior Gateway Protocol IGP) (Exterior Gateway Protocols EGP). . 2.4 EGP IGP (Autonomous System AS) , , , , Cisco.com. , (.. ) . IGP . IGP : RIP RIP V2; IGRP; EIGRP; OSPF; (Intermediate system-to-Intermediate System IS-IS). EGP . BGP EGP.2.2.1.2 - , , , .. EGP- IGP-. , , : - (distanse-vector) (link-state)[16]. EGP- IGP- , . - () ( ) , . (, 30 ) . , - , . , . , . - - (Bellman-Ford) .- : (Routing Information Protocol RIP) IGP-, ; (Interior Gateway Routing Protocol IGRP); Cisco ; (Enhanced Interior Gateway Routing Protocol EIGRP), IGRP Cisco; , , , - . , , , - . , ( ) , 30 . , , , (Link-State Andvertisement LSA), (), . ( ), . , , , . . (Shortest Path First SPF) (Dijkstra) SPF-, , . () . , , OSPF IS_IS.2.2.1.3 , . RIP (Routing Information Protocol RIP) . , RIP , . , RIP, . RIP 1 (classfull) . , , RIP 1 . RIP 2 (prefix routing) : . . (Variable-Length Subnet Mask VLSM). IGRP (Interior Gateway Routing Protocol IGRP), Cisco, - , , , RIP. IGRP , , . IGRP 24- . , RIP, . IGRP . EIGRP , IGRP, EIGRP (Enhanced Interior Gateway Routing Protocol ) Cisco . IGRP, 32- . , EIGRP . , - . EIGRP . IGRP. OPFS (Open Shortest Path First OSPF) . Internet (IETF) OSPF 1988 [6]. , OSPF 2, RFC 2328. OSPF IGP-, , , . OSPF , RIP. IS-IS (Intermediate System-to-Intermediate System IS-IS) OSI. (Connectionless Network Protocol CLNP), ISO- (Connectionless Network Service CLNS). IS-IS IS-IS . IS-IS CLNP- IP- . ISO CLNS IP- IS-IS OSPF IP-. IP-, ISO- . BGP (Border Gateway Protocol BGP) EGP-. BGP . , Internet (ISP). BGP-4 BGP, (Classless InterDomain Routing CIDR), , . IGP-, , RIP, OSPF EIGRP, BGP , . BGP , , BGP-.2.2.1.4 , - . , . , .2.2.2 Cisco 7200, . Cisco 7200 /, . , . , , , [1]. Cisco 7200: IP/MPLS Cisco IOS ( , , , , ); , ( DS0 OC12); Fast Ethernet, Gigabit Ethernet, Packet Over Sonet ; 3RU; L2TP PPP; 16000 ; Cisco PXF; ; ; ; .
2.5 Cisco 7200
Cisco 7200 . (-) , Cisco IOS, - . , , 7200 ( ), (NPE - Network Processing Engine) MIPS RISC - 100, 200 300 , NPE-100, 150 , 1 SRAM, . 32 , 128 (NPE 300 - 256) 8 -, 40 . NPE 7200 NPE. 7200 600 /. 7200VXR, 1 /. NPE : NPE-100 - 100 kpps, NPE - 150 kpps, NPE-200 - 200 kpps, NPE-300 - 300 kpps.
2.1
Cisco IOS. NetFlow accounting , . . . Service Selection Gateway (SSG) . (MPLS). -7 . MIX.
Cisco 7200 , : PXF (Parallel eXpress Forwarding); , Multichannel STM-1, Fast Ethernet, Gigabit Ethernet, Packet Over SONET/SDH .; IP ATM QoS/CoS; MPLS VPN L2TP; IP PPP; . MIX (Multiservice Interchange) DS0 . MIX . Cisco 7200 : ATM, Frame Relay IP. Cisco 7200 : VoATM ATM Adapter Layer 2 (AAL2); FRF. 11 and FRF. 12; H. 323 v2; Cisco 7200, Cisco 7100, Cisco 7400 Cisco 7500 . IPSec ( SA-ISA, SA-VAM).
Cisco 7200 , . Cisco 7200 Cisco IOS Hot Standby Router Protocol (HSRP) . .
Cisco 7200VXR Cisco IOS QoS, . ISA (Integrated Services Adapter) , WAN VPN. , (CBAC) (IDS); (NAT); (ACL); (Committed Access Rate, CAR); PPP ATM Ethernet; Route Bridged Encapsulation; L2TP, PPT ATMP; MPLS VPN Full L2TP; , PXF.
2.2
-Rack-mountable -
7
42.7 cm
43.2 cm
13.3 cm
RAM1 GB DDR SDRAM
-256 MB
Wired
Ethernet, Fast Ethernet, Gigabit Ethernet
/ TCP/IP, UDP/IP, PPPoA
OSPF, IGRP, RIP, IS-IS, BGP, EIGRP, HSRP
SNMP, Telnet, HTTP
Flow control, modular design, full duplex capability, Layer 2 switching, auto-sensing per device, DHCP, VPN, BOOTP support, ARP, MPLS, VLAN, manageable, IPv6
3 x network - Ethernet 10Base-T/100Base-TX/1000Base-T - RJ-45 1 x management - console - RJ-45 4 x serial - auxiliary - RJ-45 1 x management - Ethernet 10Base-T/100Base-TX - RJ-45 2 x USB - 4 PIN USB A
2.3
Secure Shell (SSH), RADIUS, PAP, CHAP, TACACS
NEBS level 3, FCC Class A certified, CSA, EN 60950, IEC 61000-3-2, IEC 61000-4-11, IEC 61000-4-2, IEC 61000-4-3, IEC 61000-4-4, IEC 61000-4-5, IEC 61000-4-6, IEC950, UL 1950, VCCI-II, CSA 22.2 No. 950, EN55022 Class B, AS/NZ 3548 Class A
- redundant
- / -2 () / 2 ()
AC 120/230 V ( 50/60 Hz )
280 Watt
/
Cisco IOS
IncludedCisco IOS IP Base
5 C
40 C
5 - 85%
NPE-G2 Cisco 7200 , Cisco IOS.
2.6 NPE-G2
NPE-G2: ( 2 Cisco); 3 RJ-45 10/100/1000Ethernet ( ), ; ; 2 USB ; 1 ; /.
2.3
: 1 Compact Flash: 256 2 NVRAM : 1-USB Flash: 64-256
1.67 Motorola Freescale 7448
3,556 x 38, 481 x 28, 245
CE- Cisco 2600. CISCO 2600 - , LAN WAN , . CISCO 2600 - . Cisco 2600 , . Cisco 2600 . , : , ISDN BRI, X.25, Frame Relay ; , ; (Virtual Private Network, VPN) ; , VoIP; (VLAN); POS- . Cisco 2600 30 , . Ethernet, , E1 T1, ATM, , ISDN BRI, (FXO, FXS, E&M, ISDN BRI-S/T), . ( , ) Cisco 2600 (Quality of Service QoS).
2.2.3
. 2.5 MPLS VPN
VPN- MPLS . 1. IGP. 2. VPN-. 3. -. 4. -. 5. -. 6. -. 7. QoS.2.2.3.1 IGP IGP, . 1. CEF - . CEF- MPLS-.
:Router(conf ig) #ip f 2. IP- IGP-:Router(config) #interface loopback nRouter(config-interface) #ip address IP-address mask 3. IGP. OSPF, . :Router(config)#router ospf ospf-process*id 4. , OSPF, (ID) :Router(config-router)#network address wildcard-mask area area-id 5. , - IP-. DS3. :Router(config)#interface Serial slot/adapter/port Router(config-interface)#ip address IP-address mask 6. (Tag Switching):Router(config-interf)#tag-switching IP2.2.3.2 VPN- , MPLS VPN- . VPN- (VRF). VPN- -, . 1. VPN- VRF- VRF:Router(config)#ip vrf vrf-name, vrf-name , VRF. VPN . vrf-name . - , -, . 2. VPN (Route Distinguisher RD). RD VRF. RD . RD , VRF-. RD 64- 32- IP 4, 96- VPN- IP. RD VPN- RD. RD IP , VPN- . VPN- IP:Router(config-vrf)#rd route-distinguisher 3. VPN- . VRF route-target VRF. VPN- . IP- . :Router(config-vrf)#route-target {import | export | both } route-target -ext-communit 4. VRF- -. , MPLS VRF. :Router(config-if)#ip vrf forwarding vrf-name
VRF IP- . VRF, IP- .2.2.3.3 - - IBGP , - . 1. IBGP - IBGP:Router(config)#router bgp autonomous-system 2. IP 4:Router{config-router)#no bgp default ipv4-unicast 3. IP- - IBGP, :Router(config-router)#neighbor {ip-address | peer-group-name} remote-as number 4. IP 4 IBGP:Router (conf ig-router) #neighbor ip-address activate2.2.3.4 -- , , , VRF. , . RIP 2 . , - RIPv2 ( 2) -, VRF, , -. VRF IBGP - . RIP , network, , router rip. , RIP- -. , RIP- VRF- VPN- . address-family. address-family IBGP-, VPN-, IBGP, - RIP-. RIP- , - . 1. RIP 2:Router(config)#router rip Router(config-router) #version 2 2. RIP address-family RIP:Router(config-router)#address-family ipv4 [unicast] vrf vrf-name 3. RIP address-family:Router(config-router-af) #network prefix 4. IBGP- RIP- , -:Router(config-router-af)#redistribute bgp asn metric metric2.2.3.5 - (Provider core routers P-routers) LSR-, IGP, , , OSPF IS-IS. IBGP, -, . - -. -, OSPF. 1. CEF - . CEF- MPLS. :Router(config)#ip cef 2. IP- IGP-:Router(config)#interface loopback nRouter(config-interface)#ip address IP-address mask 3. IGP. OSPF; . :Router(config)#router ospf ospf-process-id
4. , OSPF, :Router(config-router)#network address wildcard-mask area area-id 5. , - IP-. DS3. :Router(config)#interface Serial slot/adapter/port Router(config-interface)#ip address IP-address mask 6. (Tag Switching) :Router(config-interface)#tag-switching IP2.2.3.6 -- : ; RIP 2; BGP4; OSPF.- , -. - . , VPN- IP (Managed IP), - . IP- IP- . -, VPN- MPLS . , -. RIP 2 -, - . 1. RIP 2:Router(config)#router rip Router(config-router)#version 2
2. RIP-:Router(config-router)#network prefix2.2.3.7 QoS VPN- MPLS QoS - CLI . QoS. CLI QoS , . IP- . . . class-m (traffic class). , , class -map , match . lass-m :class-map [match-any | natch-all] class-name no clasa-map [match-any | match-all] class-name class-map match-all , . class-map match-any , . match-all match-any , class-map match-all. , , match not. (class map). 1. , :Router (config) #class -map class-map-name
2. , :Router(config-)#match criteria . match access-group access-group ACL. match any , , . match class-map class-map-name , . match cos cos-value [ cos-value cos-value cos-value] , CoS- 2- . match destination-address mac address , - . match input-interface interface-name , . match ip dscp dscp-value [deep-value dscp-value dscp-value dscp-value dscp-value dscp-value dscp-value] , DSCP (IP Differentiated Service Code Point DSCP). match 8 IP-DSCP. DSCP 0 63. match ip precedence precedence-value (precedence-value precedence-value precedence-value] , IP-. match 4 IP-. 0 7. match ip rtp starting-port-number port-range , (Real-Time Protocol-RTP). RTP 2000 6SS3S. RTP 0 16383. match mpis experimental number , . 0 7. match not , . match protocol protocol , . match qos-group gos-group-value , QoS-. QoS- 0 99 . QoS- . QoS . match source-address mac address , - . 3. :Router(config-cmap)#end ( 2.1) , , IP- 5, critical. 2.1. Router(config)#class-map criticalRouter(config-cmap) #match ip precedence 5Router(config-cmap)#end
policy-map . class. QoS . QoS, . policy-map :policy-map policy-name no policy-map policy-name class :class class-name no class class-name , , , . 1. , . :Router (config) #policy-map po2icy-map-name 2. , class-m:Router (conf ig-pmap) #class lass-map-name 3. , :Router(config-pmap)#class class-default 4. . / :Router(config-pmap-c)#bandwidth {bandwidth-kbps / percent percent} 5. :Router(config-pmap-c)#default command 6. , :Router(config-pmap-c)#fair-queue number-of-queues 7. , :Router (conf ig-pmap-c) #police bps burst-normal burst-max conf orm-action action exceed-action action violate-action action police : drop ; set-prec-transmit new-prec IP- ; jset-qos-transmit new-qos QoS ; set-dscp-transmit DSCP ; set-atm-cip CLP ATM 0 1; transmit . 8. ( / ) . bytes , /:Router (config-pmap-c) #priority {kbps | percent percent} [bytes]
9. , ( random-detect):Router(config-pmap-c)#queue-limit packets 10. , :Router(config-pmap-c)#random-detect 11. 1 ATM:Router (conf ig-pmap-c) #set atm-clp 12. CoS , . 07:Router(config-pmap-c)#sat cos cos-value 13. DSCP IP- . DSCP IP 0 63:Router(config-pmap-c)#set ip deep ip-dscp-value 14. IP- . 0-7:Router(config-pmap-c)#set ip precedence ip-precedence-value 15. , MPLS , :Router(config-pmap-)#set mpls experimental value 16. :Router(config-pmap-)#end ( 2.2), 4 MPLS , critical. 2.2 MPLSRouter (config) #poliey-map set_experimental__4 Router(config-pmap)#class critical Router(config-pmap-c)#set mpls experimental 4 Router(config-pmap-c)#end
service-policy , . service-policy :service-policy {input | output} policy-map-name no service-policy {input | output} policy-map , . 1. :Router(config)#interface interface-name 2. :Router (config-int) #service-policy input policy-map-name 3. :Router(config-int)#end ( 2.3), set__experimental__4 Ethernet. 2.3. Router(config)#interf ethernet 1/0/0Router(config-int)ttservice-policy input aet_experimental_4Router(config-int)#end2.2.3.8 VPN-c QoS VPN- . 1. VRF- :Router#show ip vrf 2. VRF :Router#show ip vrf [{brief | detail | interfaces }] vrf-name 3. IP- VRF:Router#show ip route vrf vrf-name 4. VRF:Router#show ip protocols vrf vrf-name 5. CEF, VRF:Router#show ip cef vrf vrf-name 6. VRF, :Router#show ip interface interface-number vrf vrf-name 7. VPN- BGP:Router#show ip bgp vpnv4 all [ tags ]
8. , VRF-, :Router#show tag-switching forwarding vrf vrf-name (prefixmask/length] [detail] , CLI QoS, . 1. :Router#show class-m 2. , :Router#tshow class-map class-name 3. :Router#show policy-map 4. :Router#show policy-map policy-map-name 5. , :Route#show policy-map interface 6. , :Router#show policy-map interface interface-spec 7. , :Router#tshow policy-map interface interface-spec input 8. , :Router#show policy-map interface interface-spec output 9. , :Router#show policy-map [ interface [ interface-spec [input | output ] [ class class-name ]]]
2.3 MPLS. MPLS. MPLS P, PE,CE. MPLS- , , . , , : ( P-); ( PE -); ( CE -).
, MPLS, VPN. ., MPLS VPN, . . , , .. . MPLS VPN, , , .
3.
. 3.1 MPLS VPN
3.1 - . iBGP. - OSPF IGP. 1!hostname P1!ip cef!class-map match-all class2match ip precedence 3 class-map match-all class3match ip precedence 1 class-map match-all class1match ip precedence 5 !policy-map Ispclass class1bandwidth 5120queue-limit 900class class2bandwidth 2048queue-limit 600class class3bandwidth 1024queue-limit 900!interface Loopback0ip address 10.10.6.1 255.255.255.255!interface Serial1/0description ***Router_P2***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface Serial1/1description ***Router_PE1***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface Serial1/2description ***Router_P3***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!router ospf 100log-adjacency-changesnetwork 10.10.6.1 0.0.0.0 area 0!
P-. 2, 3, 4, 5 .
3.2 PE- CE- .
3.2.1 PE- (PE1) CE- .
PE1:!hostname Perm!ip vrf vrf1rd 100:1route-target export 100:1route-target import 100:1!ip vrf vrf2rd 100:2route-target export 100:2route-target import 100:2!ip cef!class-map match-all Goldmatch input-interface FastEthernet2/1class-map match-all Platinummatch input-interface FastEthernet2/0!policy-map Ispclass Platinumbandwidth 5120queue-limit 900set ip precedence 5class Goldbandwidth 2048queue-limit 600set ip precedence 3!interface Loopback0ip address 10.10.1.1 255.255.255.255!interface Serial1/0bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface FastEthernet2/0ip vrf forwarding vrf1ip address 172.16.254.1 255.255.255.252duplex autospeed auto!interface FastEthernet2/1ip vrf forwarding vrf2ip address 172.17.254.1 255.255.255.252duplex autospeed auto!router ospf 100log-adjacency-changesnetwork 10.10.1.1 0.0.0.0 area 0!router ripversion 2network 172.16.0.0network 172.17.0.0! address-family ipv4 vrf vrf2 redistribute bgp 64512 metric 1 network 172.17.0.0 no auto-summary version 2 exit-address-family ! address-family ipv4 vrf vrf1 redistribute bgp 64512 metric 1 network 172.16.0.0 no auto-summary version 2 exit-address-family!router bgp 64512no bgp default ipv4-unicastbgp log-neighbor-changesneighbor 10.10.2.1 remote-as 64512neighbor 10.10.2.1 update-source Loopback0neighbor 10.10.3.1 remote-as 64512neighbor 10.10.3.1 update-source Loopback0neighbor 10.10.4.1 remote-as 64512neighbor 10.10.4.1 update-source Loopback0neighbor 10.10.5.1 remote-as 64512neighbor 10.10.5.1 update-source Loopback0!address-family vpnv4neighbor 10.10.2.1 activateneighbor 10.10.2.1 send-community extendedneighbor 10.10.3.1 activateneighbor 10.10.3.1 send-community extendedneighbor 10.10.4.1 activateneighbor 10.10.4.1 send-community extendedneighbor 10.10.5.1 activateneighbor 10.10.5.1 send-community extendedexit-address-family!address-family ipv4 vrf vrf2redistribute ripno auto-summaryno synchronizationexit-address-family!address-family ipv4 vrf vrf1redistribute ripno auto-summaryno synchronizationexit-address-family!
:!hostname CE_A1!interface FastEthernet0/0ip address 172.16.254.2 255.255.255.252duplex autospeed auto!interface FastEthernet0/1ip address 172.16.10.254 255.255.255.0duplex autospeed auto!router ripversion 2network 172.16.0.0!
B:!hostname CE_B1!interface FastEthernet0/0 ip address 172.17.254.2 255.255.255.252 duplex auto speed auto!interface FastEthernet0/1 ip address 172.17.10.254 255.255.255.255 shutdown duplex auto speed auto!router rip version 2 network 172.17.0.0!3.2.2 PE- (PE5) CE- .
PE5:!hostname Ekaterinburg!ip vrf vrf1rd 100:1route-target export 100:1route-target import 100:1!ip vrf vrf2rd 100:2route-target export 100:2route-target import 100:2!ip cef!class-map match-all Goldmatch input-interface FastEthernet2/1class-map match-all Platinummatch input-interface FastEthernet2/0!policy-map Ispclass Platinumbandwidth 5120queue-limit 900set ip precedence 5class Goldbandwidth 2048queue-limit 600set ip precedence 3!interface Loopback0ip address 10.10.5.1 255.255.255.255!interface Serial1/0bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface FastEthernet2/0ip vrf forwarding vrf1ip address 172.16.251.1 255.255.255.252duplex autospeed auto!interface FastEthernet2/1ip vrf forwarding vrf2ip address 172.17.252.1 255.255.255.252duplex autospeed auto!router ospf 100log-adjacency-changesnetwork 10.10.5.1 0.0.0.0 area 0!router ripversion 2network 172.16.0.0network 172.17.0.0!address-family ipv4 vrf vrf2redistribute bgp 64512 metric 1network 172.17.0.0no auto-summaryversion 2exit-address-family!address-family ipv4 vrf vrf1redistribute bgp 64512 metric 1network 172.16.0.0no auto-summaryversion 2exit-address-family!router bgp 64512no bgp default ipv4-unicastbgp log-neighbor-changesneighbor 10.10.1.1 remote-as 64512neighbor 10.10.1.1 update-source Loopback0neighbor 10.10.2.1 remote-as 64512neighbor 10.10.2.1 update-source Loopback0neighbor 10.10.3.1 remote-as 64512neighbor 10.10.3.1 update-source Loopback0neighbor 10.10.4.1 remote-as 64512neighbor 10.10.4.1 update-source Loopback0!address-family vpnv4neighbor 10.10.1.1 activateneighbor 10.10.1.1 send-community extendedneighbor 10.10.2.1 activateneighbor 10.10.2.1 send-community extendedneighbor 10.10.3.1 activateneighbor 10.10.3.1 send-community extendedneighbor 10.10.4.1 activateneighbor 10.10.4.1 send-community extendedexit-address-family!address-family ipv4 vrf vrf2redistribute ripno auto-summaryno synchronizationexit-address-family!address-family ipv4 vrf vrf1redistribute ripno auto-summaryno synchronizationexit-address-family!
:!hostname CE_A4!interface FastEthernet0/0ip address 172.16.251.2 255.255.255.252duplex autospeed auto!interface FastEthernet0/1ip address 172.16.40.254 255.255.255.0duplex autospeed auto!router ripversion 2network 172.16.0.0!
B:!hostname CE_B3!interface FastEthernet0/0 ip address 172.17.252.2 255.255.255.252 duplex auto speed auto!interface FastEthernet0/1 ip address 172.17.30.254 255.255.255.255 shutdown duplex auto speed auto!router rip version 2 network 172.17.0.0! PE-, .
2 , 3, , 4 , .
3.3. MPLS VPN, , 2. 1. IGP. 2. VPN-. 3. -. 4. -. 5. -. 6. -. 7. QoS.
4. VPN-
, . 3.2 Dynamips GNS 3. , , . ping, , . : 100 6000 12000 18000 VPN : ; ; ; ;4.1 4 . (1), (2), (3) (4). 1 4. 4 , 4.1:Ping 172.16.251.2 size 100 repeat 100Ping 172.16.251.2 size 6000 repeat 100Ping 172.16.251.2 size 12000 repeat 100Ping 172.16.251.2 size 18000 repeat 100
4.1 () () ()
100124984
600068116188
12000140184276
18000184233312
, 1-3 . 10-15 ping , . 4.2.
4.2 P1-P3 () () ()
100366298
600080140210
12000180222317
18000199303432
, PE5-P3, . ping PE5:Ping 10.10.8.1 size 18000 repeat 500 4.3. () () ()
1001253120
6000110160272
12000168208351
18000212273503
4.3 (PE5-P3)
, PE1-PE5 , . :Ping 172.17.252.2 size 18000 repeat 500 4.4.
4.4 (PE1-PE5) () () ()
1002858136
6000107171208
12000168241364
18000202284 516
, 0 1-3 1-4, . 1-3 4.5, 4.6, 4.7, 4.8, 1-4 4.9, 4.10, 4.11, 4.12.
4.5 () () ()
100326598
6000104170244
12000176265368
18000240382496
4.6 P1-P3 () () ()
1004065100
6000120207368
12000236333404
18000320423528
4.7 (PE4-P5) () () ()
1003277176
6000152197272
12000204290396
18000292410564
4.8 (PE1-PE4) () () ()
1003280156
6000116195268
12000192295460
18000296420576
4.9 () () ()
1004072108
6000115174260
12000182260376
18000258394481
4.10 P1-P2 () () ()
1004883120
6000123181278
12000240315420
18000342428533
4.11 (PE3-P4) () () ()
1004480151
6000163204302
12000216285391
18000304412546
4.12 (PE1-PE3) () () ()
1004587169
6000160210334
12000235300408
18000312422599
. , 4.1 , 4.1. 4.1 , , .. .
4.1
, 4.2, , 4.1, 4.2, 4.3 4.4 18000 .
4.2
4.2 , . , . 18000 . 4.13
4.13 ()
1336
2385
3365
4375
4.13 , 4.3.
4.3 4.2 4 . (1), (2), (B3). B1 B2. B2 , 4.14:Ping 172.17.252.2 size 100 repeat 100Ping 172.17.252.2 size 6000 repeat 100Ping 172.17.252.2 size 12000 repeat 100Ping 172.17.252.2 size 18000 repeat 100
4.14 () () ()
1001251100
600076137204
12000156203276
18000168261392
, 1-3 . 10-15 ping , . 4.15.
4.15 P1-P3 () () ()
100186097
600098145201
12000178231299
18000205294403
, PE5-P3, . ping PE5:Ping 10.10.8.1 size 18000 repeat 500
4.16 (PE5-P3) () () ()
100245188
6000100165252
12000156220344
18000192286468
, PE1-PE5 , . , , :Ping 172.16.251.2 size 18000 repeat 500 4.17.
4.17 (PE1-PE5) () () ()
1002854120
600088118184
12000156232324
18000228299460
, B1-B3, . B1-B3 4.18, 4.19, 4.20 4.21.
4.18 () () ()
100164484
600096155236
12000142211660
18000184269416
4.19 P1-P2 () () ()
100325384
600092154232
12000176265352
18000208305520
4.20 (PE2-P2) () () ()
1002447100
600088126240
12000140219336
18000208272424
4.21 (PE1-PE2) () () ()
1002455108
600092140220
12000148215312
18000224294404
. , 4.4 , 4.14. 4.1 , , .. .
4.4
, 4.5, , 4.14, 4.15, 4.16 4.17 18000 .
4.5
4.5 , . , . 18000 . 4.22.
4.22 ()
1265
2300
3279
4297
4.22 , 4.6.
4.6 4.3 4 . (1), (C2), (C3). C1 C2. C2 , 4.23:Ping 172.18.253.2 size 100 repeat 100Ping 172.18.253.2 size 6000 repeat 100Ping 172.18.253.2 size 12000 repeat 100Ping 172.18.253.2 size 18000 repeat 100
4.23 () () ()
100124084
600068104188
1200096138204
18000136200260
, 2-4 . 10-15 ping , . 4.24.
4.24 P2-P4 () () ()
1003671120
6000108174236
12000188257340
18000260326380
, PE3-P4, . ping PE3:Ping 10.10.9.1 size 18000 repeat 500
4.25 (PE3-P4) () () ()
1001569156
600060110180
12000124174240
18000144194280
, PE2-PE3 . PE3, , :Ping 10.10.2.1 size 18000 repeat 500 4.26.
4.26 (PE2-PE3) () () ()
1002857116
600064120196
1200092158212
18000160216300
, 1-3, . 1-3 4.27, 4.28, 4.29 4.30.
4.27 () () ()
100285088
600072111172
12000108170220
18000180230352
4.28 P2-P4 () () ()
100326088
6000108157264
12000164246324
18000196288436
4.29 (PE4-P5) () () ()
1003259108
6000120154236
12000168235344
18000208297364
4.30 (PE2-PE4) () () ()
1003270116
6000108157212
12000172235320
18000240302388
. , 4.7 , 4.23. 4.7 , , .. .
4.7
, 4.8, , 4.23, 4.24, 4.25 4.26 18000 .
4.8
4.8 , . , . 18000 . 4.31.
4.31 ()
1215
2307
3246
4259
4.31 , 4.9.
4.9
4.4 4.13, 4.22 4.31 4.10
4.10
, , - .
. 4.13, 4.22 4.31 . 4.32.
4.32 VPN ()
A369
B285
C257
4.32 4.11
4.11
4.33 QoS . 4.1
N = (n1+n2++nk) / k (4.1)
n1 ;nk k- ;k . VPN A n1= PE1+P1+P3+PE5 .. n1= 4n2= PE1+P1+P3+P5+PE4 .. n2= 5n3= PE1+P1+P2+P4+PE3 .. n3= 5 N = (4+5+5)/3 = 4.7. N VPN B VPN C.
4.33 VPN- QoS (/)
VPN A3849004,7365
VPN B5126004285
VPN C6409004,5257
4.33 , . . , , QoS. 4.2.
V = S / T, (4.2)
V ;S ;T , . VvpnA = (18000*8)/0,369 = 382 /VvpnB = (18000*8)/0,285 = 505 /VvpnC = (18000*8)/0,257 = 560 / , 4.12.
4.12 QoS
, 4.12 , 3- QoS, . , . 3- , Platinum, Gold Silver. 384 / - , 512 / B 768 / . .4.5 , .CE_A1#ping 172.17.254.2Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 172.17.254.2, timeout is 2 seconds:.....Success rate is 0 percent (0/5)CE_A1# , . .Perm#ping 172.16.254.2Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 172.16.254.2, timeout is 2 seconds:Success rate is 0 percent (0/5) , .
4.6 Dynamips GNS 3. , , QoS ( ) . ping, , . , , .
MPLS . : VPN MPLS; . , , ; Cisco IOS; , ; IP- ; , , . .
1. CISCO Internetworking Technology Overview/ . . . URL: http://lib.mexmat.ru/books/85359.2. CISCO Internetworking Technology Handbook. URL: http://www.cisco.com/en/US/docs/internetworking/technology/handbook/Bridging-Basics.html3. Ram Balakrishnan. Advanced QoS for MultiService IP/MPLS Networks. Indianapolis: Wiley Publishing, Inc, 2008.-464 .4. . . . // - .. .: , 2008. 5. . MPLS VPN. : Cisco Press, 2005. 3126. . , . .: , 2004 . 688 .7. .., .. (MPLS) -, - , 2008 .- 446 .8. . MPLS. : Cisco Press, 2007. 651 .9. .., . MPLS. .: -, 2005. 304 10. . . . // - .. .: , 2007. 11. . MPLS VPN. : Cisco Press, 2006. 504 .12. . (VPN) MPLS. .: Cisco Systems, 2011. 52 .13. . . . : , 2009 .14. . MPLS. .: , 2009. 480 .15. Cisco. 1. ( ).: , 2007 ., 512 .16. . . . , , / . , .. . - .: , 2010. - 429 . 17. OpenNet, - [ ]. - : http://www.opennet.ru/. : 17.06.2013.18. . MPLS . : Cisco Press, 2010. 408 .19. .. . . .: -, 2008 .- 304 .20. . ., . . . -, - , 2010 .- 146 .21. . .- .: , 2007 ., 992 .
P-
2:!hostname P2!ip cef!class-map match-all class2match ip precedence 3 class-map match-all class3match ip precedence 1 class-map match-all class1match ip precedence 5 !policy-map Ispclass class1bandwidth 768queue-limit 900class class2bandwidth 512queue-limit 600class class3bandwidth 384queue-limit 900!interface Loopback0ip address 10.10.7.1 255.255.255.255!interface Serial1/0description ***Router_P1***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface Serial1/1description ***Router_P4***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface Serial1/2description ***Router_PE2***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface Serial1/3description ***Router_P3***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!router ospf 100log-adjacency-changesnetwork 10.10.7.1 0.0.0.0 area 0!
3!hostname P3!ip cef!class-map match-all class2match ip precedence 3 class-map match-all class3match ip precedence 1 class-map match-all class1match ip precedence 5 !policy-map Ispclass class1bandwidth 768queue-limit 900class class2bandwidth 512queue-limit 600class class3bandwidth 384queue-limit 900!interface Loopback0ip address 10.10.8.1 255.255.255.255!interface Serial1/0description ***Router_P1***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface Serial1/1description ***Router_P2***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface Serial1/2description ***Router_P5***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface Serial1/3description ***Router_PE5***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!router ospf 100log-adjacency-changesnetwork 10.10.8.1 0.0.0.0 area 0! 4!hostname P4!ip cef!class-map match-all class2match ip precedence 3 class-map match-all class3match ip precedence 1 class-map match-all class1match ip precedence 5 !policy-map Ispclass class1bandwidth 768queue-limit 900class class2bandwidth 512queue-limit 600class class3bandwidth 384queue-limit 900!interface Loopback0ip address 10.10.9.1 255.255.255.255!interface Serial1/0description ***Router_P2***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface Serial1/1description ***Router_P5***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface Serial1/2description ***Router_PE3***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!router ospf 100log-adjacency-changesnetwork 10.10.9.1 0.0.0.0 area 0! 5!hostname P5!ip cef!class-map match-all class2match ip precedence 3 class-map match-all class3match ip precedence 1 class-map match-all class1match ip precedence 5 !policy-map Ispclass class1bandwidth 768queue-limit 900class class2bandwidth 512queue-limit 600class class3bandwidth 384queue-limit 900!interface Loopback0ip address 10.10.10.1 255.255.255.255!interface Serial1/0description ***Router_P3***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface Serial1/1description ***Router_P4***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface Serial1/2description ***Router_PE4***bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!router ospf 100log-adjacency-changesnetwork 10.10.10.1 0.0.0.0 area 0!
PE-
PE- (PE4) CE- .
PE4:!hostname Chel!ip vrf vrf1rd 100:1route-target export 100:1route-target import 100:1!ip vrf vrf3rd 100:3route-target export 100:3route-target import 100:3!ip cef!class-map match-all Platinummatch input-interface FastEthernet2/0class-map match-all Silvermatch input-interface FastEthernet2/1!policy-map Ispclass Platinumbandwidth 768queue-limit 900set ip precedence 5class Silverbandwidth 512queue-limit 900set ip precedence 1!interface Loopback0ip address 10.10.4.1 255.255.255.255!interface Serial1/0bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface FastEthernet2/0ip vrf forwarding vrf1ip address 172.16.252.1 255.255.255.252duplex autospeed auto!interface FastEthernet2/1ip vrf forwarding vrf3ip address 172.18.252.1 255.255.255.252duplex autospeed auto!router ospf 100log-adjacency-changesnetwork 10.10.4.1 0.0.0.0 area 0!router ripversion 2network 172.16.0.0network 172.18.0.0!address-family ipv4 vrf vrf3redistribute bgp 64512 metric 1network 172.18.0.0no auto-summaryversion 2exit-address-family!address-family ipv4 vrf vrf1redistribute bgp 64512 metric 1network 172.16.0.0no auto-summaryversion 2exit-address-family!router bgp 64512no bgp default ipv4-unicastbgp log-neighbor-changesneighbor 10.10.1.1 remote-as 64512neighbor 10.10.1.1 update-source Loopback0neighbor 10.10.2.1 remote-as 64512neighbor 10.10.2.1 update-source Loopback0neighbor 10.10.3.1 remote-as 64512neighbor 10.10.3.1 update-source Loopback0neighbor 10.10.5.1 remote-as 64512neighbor 10.10.5.1 update-source Loopback0!address-family vpnv4neighbor 10.10.1.1 activateneighbor 10.10.1.1 send-community extendedneighbor 10.10.2.1 activateneighbor 10.10.2.1 send-community extendedneighbor 10.10.3.1 activateneighbor 10.10.3.1 send-community extendedneighbor 10.10.5.1 activateneighbor 10.10.5.1 send-community extendedexit-address-family!address-family ipv4 vrf vrf3redistribute ripno auto-summaryno synchronizationexit-address-family!address-family ipv4 vrf vrf1redistribute ripno auto-summaryno synchronizationexit-address-family!
:!hostname CE_A3!interface FastEthernet0/0ip address 172.16.252.2 255.255.255.252duplex autospeed auto!interface FastEthernet0/1ip address 172.16.30.254 255.255.255.0duplex autospeed auto!router ripversion 2network 172.16.0.0!
:!hostname CE_3!interface FastEthernet0/0 ip address 172.18.252.2 255.255.255.252 duplex auto speed auto!interface FastEthernet0/1 ip address 172.18.30.254 255.255.255.255 shutdown duplex auto speed auto!router rip version 2 network 172.18.0.0!
PE- (PE3) CE- .
PE3:!hostname Orenburg!ip vrf vrf1rd 100:1route-target export 100:1route-target import 100:1!ip vrf vrf3rd 100:3route-target export 100:3route-target import 100:3!ip cef!class-map match-all Platinummatch input-interface FastEthernet2/0class-map match-all Silvermatch input-interface FastEthernet2/1!policy-map Ispclass Platinumbandwidth 768queue-limit 900set ip precedence 5class Silverbandwidth 512queue-limit 900set ip precedence 1!interface Loopback0ip address 10.10.3.1 255.255.255.255!interface Serial1/0bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface FastEthernet2/0ip vrf forwarding vrf1ip address 172.16.253.1 255.255.255.252duplex autospeed auto!interface FastEthernet2/1ip vrf forwarding vrf3ip address 172.18.253.1 255.255.255.252duplex autospeed auto!router ospf 100log-adjacency-changesnetwork 10.10.3.1 0.0.0.0 area 0!router ripversion 2network 172.16.0.0network 172.18.0.0!address-family ipv4 vrf vrf3redistribute bgp 64512 metric 1network 172.18.0.0no auto-summaryversion 2exit-address-family!address-family ipv4 vrf vrf1redistribute bgp 64512 metric 1network 172.16.0.0no auto-summaryversion 2exit-address-family!router bgp 64512no bgp default ipv4-unicastbgp log-neighbor-changesneighbor 10.10.1.1 remote-as 64512neighbor 10.10.1.1 update-source Loopback0neighbor 10.10.2.1 remote-as 64512neighbor 10.10.2.1 update-source Loopback0neighbor 10.10.4.1 remote-as 64512neighbor 10.10.4.1 update-source Loopback0neighbor 10.10.5.1 remote-as 64512neighbor 10.10.5.1 update-source Loopback0!address-family vpnv4neighbor 10.10.1.1 activateneighbor 10.10.1.1 send-community extendedneighbor 10.10.2.1 activateneighbor 10.10.2.1 send-community extendedneighbor 10.10.4.1 activateneighbor 10.10.4.1 send-community extendedneighbor 10.10.5.1 activateneighbor 10.10.5.1 send-community extendedexit-address-family!address-family ipv4 vrf vrf3redistribute ripno auto-summaryno synchronizationexit-address-family!address-family ipv4 vrf vrf1redistribute ripno auto-summaryno synchronizationexit-address-family!
:!hostname CE_A2!interface FastEthernet0/0ip address 172.16.253.2 255.255.255.252duplex autospeed auto!interface FastEthernet0/1ip address 172.16.20.254 255.255.255.0duplex autospeed auto!router ripversion 2network 172.16.0.0!
:!hostname CE_2!interface FastEthernet0/0 ip address 172.18.253.2 255.255.255.252 duplex auto speed auto!interface FastEthernet0/1 ip address 172.18.20.254 255.255.255.255 shutdown duplex auto speed auto!router rip version 2 network 172.18.0.0!
PE- (PE2) CE- .
PE2:!hostname Igevsk!ip vrf vrf2rd 100:2route-target export 100:2route-target import 100:2!ip vrf vrf3rd 100:3route-target export 100:3route-target import 100:3!ip cef!class-map match-all Goldmatch input-interface FastEthernet2/0class-map match-all Silvermatch input-interface FastEthernet2/1!policy-map Ispclass Goldbandwidth 512queue-limit 600set ip precedence 3class Silverbandwidth 384queue-limit 900set ip precedence 1!interface Loopback0ip address 10.10.2.1 255.255.255.255!interface Serial1/0bandwidth 10240ip unnumbered Loopback0tag-switching ipserial restart-delay 0max-reserved-bandwidth 90service-policy output Isp!interface FastEthernet2/0ip vrf forwarding vrf2ip address 172.17.253.1 255.255.255.252duplex autospeed auto!interface FastEthernet2/1ip vrf forwarding vrf3ip address 172.18.254.1 255.255.255.252duplex autospeed auto!router ospf 100log-adjacency-changesnetwork 10.10.2.1 0.0.0.0 area 0!router ripversion 2network 172.17.0.0network 172.18.0.0!address-family ipv4 vrf vrf3redistribute bgp 64512 metric 1network 172.18.0.0no auto-summaryversion 2exit-address-family!address-family ipv4 vrf vrf2redistribute bgp 64512 metric 1network 172.17.0.0no auto-summaryversion 2exit-address-family!router bgp 64512no bgp default ipv4-unicastbgp log-neighbor-changesneighbor 10.10.1.1 remote-as 64512neighbor 10.10.1.1 update-source Loopback0neighbor 10.10.3.1 remote-as 64512neighbor 10.10.3.1 update-source Loopback0neighbor 10.10.4.1 remote-as 64512neighbor 10.10.4.1 update-source Loopback0neighbor 10.10.5.1 remote-as 64512neighbor 10.10.5.1 update-source Loopback0!address-family vpnv4neighbor 10.10.1.1 activateneighbor 10.10.1.1 send-community extendedneighbor 10.10.3.1 activateneighbor 10.10.3.1 send-community extendedneighbor 10.10.4.1 activateneighbor 10.10.4.1 send-community extendedneighbor 10.10.5.1 activateneighbor 10.10.5.1 send-community extendedexit-address-family!address-family ipv4 vrf vrf3redistribute ripno auto-summaryno synchronizationexit-address-family!address-family ipv4 vrf vrf2redistribute ripno auto-summaryno synchronizationexit-address-family!
B:!hostname CE_B2!interface FastEthernet0/0ip address 172.17.253.2 255.255.255.252duplex autospeed auto!interface FastEthernet0/1ip address 172.17.20.254 255.255.255.0duplex autospeed auto!router ripversion 2network 172.17.0.0!
:!hostname CE_1!interface FastEthernet0/0 ip address 172.18.254.2 255.255.255.252 duplex auto speed auto!interface FastEthernet0/1 ip address 172.18.10.254 255.255.255.255 shutdown duplex auto speed auto!router rip version 2 network 172.18.0.0!
3
Related Documents
