本產品的文件集力求使用無偏見用語。針對本文件集的目的,無偏見係定義為未根據年齡、身心障礙、性別、種族身分、民族身分、性別傾向、社會經濟地位及交織性表示歧視的用語。由於本產品軟體使用者介面中硬式編碼的語言、根據 RFP 文件使用的語言,或引用第三方產品的語言,因此本文件中可能會出現例外狀況。深入瞭解思科如何使用包容性用語。
思科已使用電腦和人工技術翻譯本文件,讓全世界的使用者能夠以自己的語言理解支援內容。請注意,即使是最佳機器翻譯,也不如專業譯者翻譯的內容準確。Cisco Systems, Inc. 對這些翻譯的準確度概不負責,並建議一律查看原始英文文件(提供連結)。
本檔案介紹使用Cisco IOS® XR軟體驗證區段路由服務供應商(SP)間端對端連接的程序。
思科建議您瞭解以下主題:
本文中的資訊係根據以下軟體和硬體版本:
本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除(預設)的組態來啟動。如果您的網路運作中,請確保您瞭解任何指令可能造成的影響。
本文檔旨在演示建立分段路由雲的基本配置,以及如何驗證Cisco IOS XR路由器上的端到端連線。
CE-1
Loopback55模擬路由器CE-1的LAN端。您可以通過eBGP將此字首通告給PE-1鄰居:
CE-1#show run | section r b
router bgp 65535
bgp router-id 10.1.1.1
bgp log-neighbor-changes
redistribute connected
redistribute eigrp 10
neighbor 172.16.20.2 remote-as 8181
CE-1#show ip bgp neighbors 172.16.20.2 advertised-routes
BGP table version is 25, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.1.1.1/32 0.0.0.0 0 32768 ?
*> 10.11.11.11/32 192.168.1.1 10880 32768 ?
*> 10.55.55.55/32 0.0.0.0 0 32768 ?
*> 172.16.20.0/30 0.0.0.0 0 32768 ?
*> 192.168.1.0 0.0.0.0 0 32768 ?
Total number of prefixes 5
PE-1
此路由器收到字首10.55.55.55/32並且已連線,現在能夠將其通告到服務提供商雲中:
RP/0/RP0/CPU0:PE-1#show run vrf
Fri Jan 27 15:07:10.465 UTC
vrf Yellow
address-family ipv4 unicast
import route-target
200:200
!
export route-target
200:200
!
RP/0/RP0/CPU0:PE-1#show run router bgp
Fri Jan 27 14:54:33.488 UTC
router bgp 8181
bgp router-id 10.2.2.2
address-family ipv4 unicast
!
address-family vpnv4 unicast
!
neighbor 10.3.3.3
remote-as 8181
update-source Loopback0
address-family vpnv4 unicast
route-policy PASS in
route-policy PASS out
!
!
vrf Yellow
rd 200:200
address-family ipv4 unicast
!
neighbor 172.16.20.1
remote-as 65535
address-family ipv4 unicast
route-policy PASS in
route-policy PASS out
as-override
!
RP/0/RP0/CPU0:PE-1#show bgp vrf Yellow ipv4 unicast neighbors 172.16.20.1 routes
Fri Jan 27 14:54:48.433 UTC
BGP VRF Yellow, state: Active
BGP Route Distinguisher: 200:200
VRF ID: 0x60000001
BGP router identifier 10.2.2.2, local AS number 8181
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000001 RD version: 73
BGP main routing table version 73
BGP NSR Initial initsync version 2 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 200:200 (default for vrf Yellow)
*> 10.1.1.1/32 172.16.20.1 0 0 65535 ?
*> 10.11.11.11/32 172.16.20.1 10880 0 65535 ?
*> 10.55.55.55/32 172.16.20.1 0 0 65535 ?
*> 172.16.20.0/30 172.16.20.1 0 0 65535 ?
*> 192.168.1.0/24 172.16.20.1 0 0 65535 ?
Processed 5 prefixes, 5 paths
RP/0/RP0/CPU0:PE-1#ping vrf Yellow 10.55.55.55
Fri Jan 27 14:55:06.077 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.55.55.55, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/7 ms
CE-2
Loopback66模擬CE-2路由器的LAN端。與CE-1類似,此路由器會通過eBGP向鄰居路由器PE-2通告字首。
CE-2#show run | section r b
router bgp 65535
bgp router-id 10.5.5.5
bgp log-neighbor-changes
redistribute connected
redistribute eigrp 10
neighbor 172.16.50.1 remote-as 8181
CE-2#show ip bgp neighbors 172.16.50.1 advertised-routes
BGP table version is 15, local router ID is 10.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.5.5.5/32 0.0.0.0 0 32768 ?
*> 10.22.22.22/32 192.168.4.1 10880 32768 ?
*> 10.66.66.66/32 0.0.0.0 0 32768 ?
*> 172.16.50.0/30 0.0.0.0 0 32768 ?
*> 192.168.4.0 0.0.0.0 0 32768 ?
Total number of prefixes 5
PE-2
此路由器收到字首10.66.66.66/32,現在能夠向服務提供商雲進行通告:
RP/0/RP0/CPU0:PE-2#show run vrf
Fri Jan 27 15:07:51.117 UTC
vrf Yellow
address-family ipv4 unicast
import route-target
200:200
!
export route-target
200:200
!
RP/0/RP0/CPU0:PE-2#show run router bgp
Fri Jan 27 14:59:56.957 UTC
router bgp 8181
bgp router-id 10.4.4.4
address-family ipv4 unicast
!
address-family vpnv4 unicast
!
neighbor 10.3.3.3
remote-as 8181
update-source Loopback0
address-family vpnv4 unicast
route-policy PASS in
route-policy PASS out
!
!
vrf Yellow
rd 200:200
address-family ipv4 unicast
!
neighbor 172.16.50.2
remote-as 65535
address-family ipv4 unicast
route-policy PASS in
route-policy PASS out
as-override
!
RP/0/RP0/CPU0:PE-2#show bgp vrf Yellow ipv4 unicast neighbors 172.16.50.2 routes
Fri Jan 27 15:00:10.383 UTC
BGP VRF Yellow, state: Active
BGP Route Distinguisher: 200:200
VRF ID: 0x60000001
BGP router identifier 10.4.4.4, local AS number 8181
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000001 RD version: 64
BGP main routing table version 64
BGP NSR Initial initsync version 2 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 200:200 (default for vrf Yellow)
*> 10.5.5.5/32 172.16.50.2 0 0 65535 ?
*> 10.22.22.22/32 172.16.50.2 10880 0 65535 ?
*> 10.66.66.66/32 172.16.50.2 0 0 65535 ?
*> 172.16.50.0/30 172.16.50.2 0 0 65535 ?
*> 192.168.4.0/24 172.16.50.2 0 0 65535 ?
Processed 5 prefixes, 5 paths
RP/0/RP0/CPU0:PE-2#ping vrf Yellow 10.66.66.66
Fri Jan 27 15:00:26.020 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.66.66.66, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/26/120 ms
來自PE-1、提供商和PE-2的路由資訊狀態
在本演示中,OSPF配置為IGP和iBGP。
PE-1
OSPF鄰居為UP,並且到作為路由反射器的10.3.3.3的iBGP會話為。
RP/0/RP0/CPU0:PE-1#show run router ospf
Fri Jan 27 15:09:23.910 UTC
router ospf 1
router-id 10.2.2.2
area 0
!
interface GigabitEthernet0/0/0/1
!
!
!
RP/0/RP0/CPU0:PE-1#show ospf neighbor
Fri Jan 27 15:09:31.435 UTC
* Indicates MADJ interface
# Indicates Neighbor awaiting BFD session up
Neighbors for OSPF 1
Neighbor ID Pri State Dead Time Address Interface
10.3.3.3 1 FULL/BDR 00:00:37 172.16.30.2 GigabitEthernet0/0/0/1
Neighbor is up for 16:59:30
Total neighbor count: 1
RP/0/RP0/CPU0:PE-1#show bgp vpnv4 unicast summary
Fri Jan 27 15:09:37.760 UTC
BGP router identifier 10.2.2.2, local AS number 8181
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 73
BGP NSR Initial initsync version 2 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
BGP is operating in STANDALONE mode.
Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer
Speaker 73 73 73 73 73 0
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
10.3.3.3 0 8181 1010 997 73 0 0 16:24:45 5
提供商路由器
在此裝置上,我們可以確認其充當路由反射器,且已建立與鄰居10.2.2.2和10.4.4.4的IBGP作業階段
RP/0/RP0/CPU0:Provider#show run router ospf
Fri Jan 27 15:19:33.250 UTC
router ospf 1
router-id 10.3.3.3
area 0
!
interface GigabitEthernet0/0/0/1
!
interface GigabitEthernet0/0/0/2
!
RP/0/RP0/CPU0:Provider#show run router bgp
Fri Jan 27 15:11:08.321 UTC
router bgp 8181
bgp router-id 10.3.3.3
address-family ipv4 unicast
!
address-family vpnv4 unicast
!
neighbor-group IBGP
remote-as 8181
update-source Loopback0
!
neighbor 10.2.2.2
use neighbor-group IBGP
address-family vpnv4 unicast
route-policy PASS in
route-reflector-client
route-policy PASS out
next-hop-self
!
!
neighbor 10.4.4.4
use neighbor-group IBGP
address-family vpnv4 unicast
route-policy PASS in
route-reflector-client
route-policy PASS out
next-hop-self
!
RP/0/RP0/CPU0:Provider#show bgp vpnv4 unicast summary
Fri Jan 27 15:11:19.263 UTC
BGP router identifier 10.3.3.3, local AS number 8181
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 25
BGP NSR Initial initsync version 1 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
BGP is operating in STANDALONE mode.
Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer
Speaker 25 25 25 25 25 0
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
10.2.2.2 0 8181 998 1011 25 0 0 16:26:27 5
10.4.4.4 0 8181 997 1009 25 0 0 16:24:25 5
PE-2
OSPF鄰居為up,且到路由反射器10.3.3.3的IBGP會話為up。
RP/0/RP0/CPU0:PE-2#show run router ospf
Fri Jan 27 15:12:47.741 UTC
router ospf 1
router-id 10.4.4.4
area 0
!
interface GigabitEthernet0/0/0/2
!
RP/0/RP0/CPU0:PE-2#show ospf neighbor
Fri Jan 27 15:12:55.229 UTC
* Indicates MADJ interface
# Indicates Neighbor awaiting BFD session up
Neighbors for OSPF 1
Neighbor ID Pri State Dead Time Address Interface
10.3.3.3 1 FULL/DR 00:00:35 172.16.40.1 GigabitEthernet0/0/0/2
Neighbor is up for 17:01:21
Total neighbor count: 1
RP/0/RP0/CPU0:PE-2#show bgp vpnv4 unicast summary
Fri Jan 27 15:13:01.911 UTC
BGP router identifier 10.4.4.4, local AS number 8181
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 64
BGP NSR Initial initsync version 2 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
BGP is operating in STANDALONE mode.
Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer
Speaker 64 64 64 64 64 0
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
10.3.3.3 0 8181 1011 998 64 0 0 16:26:08 5
RP/0/RP0/CPU0:PE-2#ping 10.2.2.2 source loopback0
Fri Jan 27 15:13:09.728 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 9/21/67 ms
RP/0/RP0/CPU0:PE-2#ping 10.3.3.3 source loopback0
Fri Jan 27 15:13:16.696 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 5/6/7 ms
PE-1
RP/0/RP0/CPU0:PE-1#show run router ospf
Fri Jan 27 16:15:56.479 UTC
router ospf 1
router-id 10.2.2.2
segment-routing mpls
area 0
segment-routing mpls
interface Loopback0
prefix-sid index 15
!
提供商
RP/0/RP0/CPU0:Provider#show run router ospf
Fri Jan 27 16:17:09.471 UTC
router ospf 1
router-id 10.3.3.3
segment-routing mpls
area 0
segment-routing mpls
interface Loopback0
prefix-sid index 16
!
PE-2
RP/0/RP0/CPU0:PE-2#show run router ospf
Fri Jan 27 16:18:11.090 UTC
router ospf 1
router-id 10.4.4.4
segment-routing mpls
area 0
segment-routing mpls
interface Loopback0
prefix-sid index 17
!
CE-1可以到達位於CE-2路由器上的介面loopback66。下一個Traceroute輸出顯示,當目的地為10.66.66.66字首時,資料包採用標籤交換路徑。還可以觀察到,標籤在通過路由器PE-2時使用字首sid 16017:
CE-1#ping 10.66.66.66 source loopback0 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.66.66.66, timeout is 2 seconds: Packet sent with a source address of 10.1.1.1 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 9/13/32 ms CE-1#traceroute 10.66.66.66 source loopback0 Type escape sequence to abort. Tracing the route to 10.66.66.66 VRF info: (vrf in name/id, vrf out name/id) 1 172.16.20.2 6 msec 5 msec 5 msec 2 172.16.30.2 [MPLS: Labels 16017/24003 Exp 0] 12 msec 13 msec 16 msec 3 172.16.40.2 [MPLS: Label 24003 Exp 0] 15 msec 13 msec 12 msec 4 172.16.50.2 [AS 8181] 13 msec 11 msec *
由於配置未使用絕對選項,因此標籤以16000值開始,並附加了為分段路由配置的字首sid。
RP/0/RP0/CPU0:PE-1#show cef 10.3.3.3/32
Fri Jan 27 21:32:42.813 UTC
10.3.3.3/32, version 43, labeled SR, internal 0x1000001 0x8110 (ptr 0xe3f6a00) [1], 0x600 (0xe593918), 0xa20 (0xee6e4b8)
Updated Jan 26 23:21:30.314
remote adjacency to GigabitEthernet0/0/0/1
Prefix Len 32, traffic index 0, precedence n/a, priority 1
gateway array (0xe3fbda8) reference count 3, flags 0x68, source rib (7), 0 backups
[3 type 4 flags 0x8401 (0xeeb1648) ext 0x0 (0x0)]
LW-LDI[type=1, refc=1, ptr=0xe593918, sh-ldi=0xeeb1648]
gateway array update type-time 1 Jan 26 23:21:30.314
LDI Update time Jan 26 23:21:30.315
LW-LDI-TS Jan 26 23:21:30.315
via 172.16.30.2/32, GigabitEthernet0/0/0/1, 8 dependencies, weight 0, class 0 [flags 0x0]
path-idx 0 NHID 0x0 [0xf427148 0xf4271e0]
next hop 172.16.30.2/32
remote adjacency
local label 16016 labels imposed {ImplNull}
Load distribution: 0 (refcount 3)
Hash OK Interface Address
0 Y GigabitEthernet0/0/0/1 remote
RP/0/RP0/CPU0:PE-1#show cef 10.4.4.4/32
Fri Jan 27 21:29:36.990 UTC
10.4.4.4/32, version 45, labeled SR, internal 0x1000001 0x8110 (ptr 0xe3f65c0) [1], 0x600 (0xe593e70), 0xa28 (0xee6e508)
Updated Jan 26 23:21:47.181
remote adjacency to GigabitEthernet0/0/0/1
Prefix Len 32, traffic index 0, precedence n/a, priority 1
gateway array (0xe3fbe90) reference count 3, flags 0x68, source rib (7), 0 backups
[2 type 5 flags 0x8401 (0xeeb16a8) ext 0x0 (0x0)]
LW-LDI[type=5, refc=3, ptr=0xe593e70, sh-ldi=0xeeb16a8]
gateway array update type-time 1 Jan 26 23:21:47.182
LDI Update time Jan 26 23:21:47.182
LW-LDI-TS Jan 26 23:21:47.182
via 172.16.30.2/32, GigabitEthernet0/0/0/1, 6 dependencies, weight 0, class 0 [flags 0x0]
path-idx 0 NHID 0x0 [0xf4271e0 0x0]
next hop 172.16.30.2/32
remote adjacency
local label 16017 labels imposed {16017}
Load distribution: 0 (refcount 2)
Hash OK Interface Address
0 Y GigabitEthernet0/0/0/1 remote
從另一端,CE-2也可以到達位於CE-1路由器上的環回55:
CE-2#ping 10.55.55.55 source loopback66
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.55.55.55, timeout is 2 seconds:
Packet sent with a source address of 10.66.66.66
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 11/12/15 ms
CE-2#traceroute 10.55.55.55 source loopback66
Type escape sequence to abort.
Tracing the route to 10.55.55.55
VRF info: (vrf in name/id, vrf out name/id)
1 172.16.50.1 6 msec 5 msec 4 msec
2 172.16.40.1 [MPLS: Labels 16015/24003 Exp 0] 9 msec 16 msec 10 msec
3 172.16.30.1 [MPLS: Label 24003 Exp 0] 10 msec 13 msec 8 msec
4 172.16.20.1 [AS 8181] 11 msec 7 msec *
MPLS標籤
在下一個輸出中,我們可以確認分段路由標籤用於端到端交換流量。
RP/0/RP0/CPU0:PE-1#show mpls forwarding
Fri Jan 27 20:32:13.697 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16016 Pop SR Pfx (idx 16) Gi0/0/0/1 172.16.30.2 126880
16017 16017 SR Pfx (idx 17) Gi0/0/0/1 172.16.30.2 17292
24000 Pop SR Adj (idx 0) Gi0/0/0/1 172.16.30.2 0
24001 Aggregate 172.16.20.0/30[V] Yellow 11384
24002 Unlabelled 192.168.1.0/24[V] Gi0/0/0/0 172.16.20.1 0
24003 Unlabelled 10.55.55.55/32[V] Gi0/0/0/0 172.16.20.1 0
24004 Unlabelled 10.11.11.11/32[V] Gi0/0/0/0 172.16.20.1 0
24005 Unlabelled 10.1.1.1/32[V] Gi0/0/0/0 172.16.20.1 0
RP/0/RP0/CPU0:Provider#show mpls forwarding Fri Jan 27 20:33:14.878 UTC Local Outgoing Prefix Outgoing Next Hop Bytes Label Label or ID Interface Switched ------ ----------- ------------------ ------------ --------------- ------------ 16015 Pop SR Pfx (idx 15) Gi0/0/0/1 172.16.30.1 151687 16017 Pop SR Pfx (idx 17) Gi0/0/0/2 172.16.40.2 147701 24000 Pop SR Adj (idx 0) Gi0/0/0/1 172.16.30.1 0 24001 Pop SR Adj (idx 0) Gi0/0/0/2 172.16.40.2 0
RP/0/RP0/CPU0:PE-2#show mpls forwarding
Fri Jan 27 20:33:49.201 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16015 16015 SR Pfx (idx 15) Gi0/0/0/2 172.16.40.1 25304
16016 Pop SR Pfx (idx 16) Gi0/0/0/2 172.16.40.1 128619
24000 Pop SR Adj (idx 0) Gi0/0/0/2 172.16.40.1 0
24001 Aggregate 172.16.50.0/30[V] Yellow 1200
24002 Unlabelled 192.168.4.0/24[V] Gi0/0/0/3 172.16.50.2 0
24003 Unlabelled 10.66.66.66/32[V] Gi0/0/0/3 172.16.50.2 0
24004 Unlabelled 10.5.5.5/32[V] Gi0/0/0/3 172.16.50.2 0
24005 Unlabelled 10.22.22.22/32[V] Gi0/0/0/3 172.16.50.2 0
CE-2#show ip bgp neighbors 172.16.50.1 advertised-routes
BGP table version is 5, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 5.5.5.5/32 0.0.0.0 0 32768 ?
*> 22.22.22.22/32 192.168.4.1 10880 32768 ?
*> 172.16.50.0/30 0.0.0.0 0 32768 ?
*> 192.168.4.0 0.0.0.0 0 32768 ?
Total number of prefixes 4
修訂 | 發佈日期 | 意見 |
---|---|---|
1.0 |
30-Jan-2023 |
初始版本 |