{"id":157,"date":"2012-09-12T18:29:52","date_gmt":"2012-09-12T09:29:52","guid":{"rendered":"http:\/\/blog.k-goo.net\/?p=157"},"modified":"2012-09-12T18:29:52","modified_gmt":"2012-09-12T09:29:52","slug":"cisco-simulator-mpls-vpnl3","status":"publish","type":"post","link":"https:\/\/blog.k-goo.net\/?p=157","title":{"rendered":"cisco simulator \u2013 mpls-vpn(L3)"},"content":{"rendered":"

\u25cbcisco simulator\u306e\u7d9a\u304d
\n\u3053\u3053\u304b\u3089\u304c\u672c\u756a
\nMPLS\u306e\u809d\u3067\u3042\u308bVPN\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002
\nVPN\u3068\u3044\u3046\u3053\u3068\u306f\u3001Customer\u306e\u7d4c\u8def(L3)\u304c\u307e\u3056\u3089\u306a\u3044\u3088\u3046\u306b\u3057\u306a\u3044\u3068\u3044\u3051\u306a\u3044\u306e\u3067\u3001
\nPE\u914d\u4e0b\u306eCE\u3092\uff12\u7d44\u7528\u610f\u3057\u307e\u3057\u305f\u3002\u69cb\u6210\u56f3\u306f\u3053\u3061\u3089<\/a>
\n\u8d64\u3068\u9752\u3067\u305d\u308c\u305e\u308c\u7e4b\u304c\u308c\u305f\u3001R5 <-> R6, R7 <-> R8\u3067\u305d\u308c\u305e\u308cL3-VPN\u63a5\u7d9a\u3057\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002
\nPoint
\n\u30fbPE\u3067\u7d4c\u8def\u304c\u307e\u3056\u3089\u306a\u3044\u3088\u3046\u306bVRF\u3067\u5404customer\u306e\u7d4c\u8def\u60c5\u5831\u3092\u5206\u5272\u3057\u307e\u3059\u3002
\n\u30fbPE-PE\u9593\u3067”MP-BGP”\u3067peer\u3092\u5f35\u308a,customer\u540c\u58eb\u306e\u7d4c\u8def\u3092\u4ea4\u63db\u3057\u307e\u3059\u3002<\/p>\n

\r\n
\r\n\u307e\u305a\u306f\u3001CE\u3067\u3042\u308b\u3001R5\u306e\u8a2d\u5b9a\u304b\u3089\r\n
\r\n<\u7701\u7565>\r\ninterface Loopback0\r\n ip address 10.10.10.5 255.255.255.255\r\n !\r\n!\r\ninterface Loopback200\r\n ip address 10.10.10.11 255.255.255.255\r\n !\r\n!\r\ninterface FastEthernet0\/0\r\n description To:R1\r\n ip address 192.168.100.5 255.255.255.0\r\n duplex auto\r\n speed auto\r\n !\r\n!\r\n<\u7701\u7565>\r\nip route 0.0.0.0 0.0.0.0 192.168.100.1\r\n<\/p>\r\n\u3067\u3001R7\u306e\u8a2d\u5b9a\r\n
\r\n<\u7701\u7565>\r\ninterface Loopback0\r\n ip address 10.10.10.7 255.255.255.255\r\n !\r\n!\r\ninterface Loopback200\r\n ip address 10.10.10.11 255.255.255.255  < -- R5\u3068\u540c\u3058lo200\u30a2\u30c9\u30ec\u30b9\r\n !\r\n!\r\n<\u7701\u7565>\r\ninterface Serial1\/0\r\n ip address 192.168.100.7 255.255.255.0  < -- R5\u3068\u540c\u3058subnet\u30a2\u30c9\u30ec\u30b9\r\n serial restart-delay 0\r\n!\r\n<\u7701\u7565>\r\nip route 0.0.0.0 0.0.0.0 192.168.100.1\r\n<\/p>\r\n\u6b21\u306bR6\u306e\u8a2d\u5b9a\u3082\r\n
\r\n<\u7701\u7565>\r\ninterface Loopback0\r\n ip address 10.10.10.6 255.255.255.255\r\n !\r\n!\r\ninterface Loopback200\r\n ip address 10.10.10.22 255.255.255.255\r\n !\r\n!\r\ninterface FastEthernet0\/0\r\n description To:R1\r\n ip address 192.168.200.6 255.255.255.0\r\n duplex auto\r\n speed auto\r\n !\r\n!\r\n<\u7701\u7565>\r\nip route 0.0.0.0 0.0.0.0 192.168.200.3\r\n<\/p>\r\n\u6700\u5f8c\u3001R8\u306e\u8a2d\u5b9a\r\n
\r\n<\u7701\u7565>\r\ninterface Loopback0\r\n ip address 10.10.10.8 255.255.255.255\r\n !\r\n!\r\ninterface Loopback200\r\n ip address 10.10.10.22 255.255.255.255  < -- R6\u3068\u540c\u3058lo200\u30a2\u30c9\u30ec\u30b9\r\n !\r\n!\r\n<\u7701\u7565>\r\ninterface Serial1\/0\r\n ip address 192.168.200.8 255.255.255.0  < -- R5\u3068\u540c\u3058subnet\u30a2\u30c9\u30ec\u30b9\r\n serial restart-delay 0\r\n!\r\n<\u7701\u7565>\r\nip route 0.0.0.0 0.0.0.0 192.168.200.3\r\n<\/p>\r\nPE\u3067\u3042\u308bR1\u306b\u306f\u3001CE\u3067\u3042\u308bR5,R7\u304c\u63a5\u7d9a\u3055\u308c\u3001\u305d\u308c\u305e\u308c\u3001\r\n10.10.10.11\/32\r\n192.168.100.0\/24 \r\n\u306e\u540c\u4e00\u7d4c\u8def\u3092\u4fdd\u6301\u3057\u3066\u3044\u307e\u3059\u3002(R2\u3082\u540c\u3058\u69d8\u5b50)\r\n\u3053\u308c\u3092\u307e\u3056\u3089\u306a\u3044\u3088\u3046\u306b\u3001\u305d\u308c\u305e\u308c\u306eCE\u306b\u8ee2\u9001\u3059\u308b\u4ed5\u7d44\u307f\u304c\u5fc5\u8981\u3067\u3059\u3002\r\n\u3053\u308c\u3092PE\u3067\u5b9f\u73fe\u3057\u3066\u3044\u304d\u307e\u3059\u3002(VRF & MP-BGP)\r\n\r\n\u25cbR1\u306e\u8a2d\u5b9a\r\n\u3053\u3053\u3067\u306f\u3001CE R7 <->R8\u3067\u306eVPN\u8a2d\u5b9a\u306b\u3064\u3044\u3066\u8a18\u8ff0\u3057\u3066\u3044\u304d\u307e\u3059\u3002\r\n1.VRF\u7de8\r\n
\r\n** VPN\u7528\u306eVRF\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002\r\nR1(config)# ip vrf VPN002_BLUE\r\nR1(config-vrf)# rd 100:700\r\n* route-target\u306f\u8a72\u5f53VRF\u4e0a\u3067exp\/imp\u3059\u308b\u7d4c\u8def\u3092\u8b58\u5225\u3059\u308b\u305f\u3081\u306eID\u3067\u3059\u3002\r\n  BGP\u3067\u7d4c\u8def\u4ea4\u63db\u3059\u308b\u5834\u5408\u306b\u306f\u3001community\u306bset\u3055\u308c\u307e\u3059\u3002\r\nR1(config-vrf)# route-target export 100:2100\r\nR1(config-vrf)# route-target import 100:2100\r\n* CE\u3068\u63a5\u7d9a\u3057\u3066\u3044\u308binterface\u3092\u8a72\u5f53\u306evrf\u306bentry\u3055\u305b\u307e\u3059\r\nR1(config-if)# ip vrf forwarding VPN002_BLUE\r\n% Interface Serial1\/2 IPv4 disabled and address(es) removed due to disabling VRF VPN002_BLUE\r\n* ip address\u304cremove\u3055\u308c\u308b\u306e\u3067\u518d\u8a2d\u5b9a\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\r\nR1(config-if)# ip address 192.168.100.1 255.255.255.0\r\n* customer\u7d4c\u8def\u3092\u8ffd\u52a0(\u4eca\u56de\u306fstatic\u3067)\r\nR1(config)# ip route vrf VPN002_BLUE 10.10.10.7 255.255.255.255 Serial1\/2\r\nR1(config)# ip route vrf VPN002_BLUE 10.10.10.11 255.255.255.255 Serial1\/2\r\n\r\n* vrf VPN002_BLUE\u306e\u60c5\u5831\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002\r\nPE-R1#show ip vrf detail VPN002_BLUE\r\nVRF VPN002_BLUE (VRF Id = 4); default RD 100:700; default VPNID \r\n  Interfaces:\r\n    Se1\/2\r\nVRF Table ID = 4\r\n  Export VPN route-target communities\r\n    RT:100:2100\r\n  Import VPN route-target communities\r\n    RT:100:2100\r\n  No import route-map\r\n  No export route-map\r\n  VRF label distribution protocol: not configured\r\n  VRF label allocation mode: per-prefix\r\n\r\n* vrf VPN002_BLUE\u306e\u7d4c\u8def\u60c5\u5831\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002\r\nPE-R1#show ip route vrf VPN002_BLUE\r\n\r\nRouting Table: VPN002_BLUE\r\nCodes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP\r\n       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area\r\n       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2\r\n       E1 - OSPF external type 1, E2 - OSPF external type 2\r\n       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2\r\n       ia - IS-IS inter area, * - candidate default, U - per-user static route\r\n       o - ODR, P - periodic downloaded static route, + - replicated route\r\n\r\nGateway of last resort is not set\r\n\r\n      10.0.0.0\/32 is subnetted, 4 subnets\r\nS        10.10.10.7 is directly connected, Serial1\/2\r\nS        10.10.10.11 is directly connected, Serial1\/2\r\nC        192.168.100.0\/24 is directly connected, Serial1\/2\r\nL        192.168.100.1\/32 is directly connected, Serial1\/2\r\n<\/p>\r\n2.MP-BGP\u7de8\r\n
\r\n** PE-PE\u306eVPN-BGP\u306e\u8a2d\u5b9a\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002\r\nR1(config)# router bgp 100\r\n* bpg\u30bb\u30c3\u30b7\u30e7\u30f3\u3092\u306f\u308b\u306e\u306f\u3001vpnv4\u306a\u306e\u3067\u3001ipv4\u3092disable\u306b\u3057\u307e\u3059\u3002\r\nR1(config-router)# no bgp default ipv4-unicast\r\n* bgp-peer\u3092\u5f35\u308bRouter\u3002\u5bfe\u5411\u306ePE\u3068\u306f\u308b\u306e\u3067\u3001\u5bfe\u5411PE\u306eLo\u3067\r\nR1(config-router)# neighbor 10.10.10.3 remote-as 100\r\nR1(config-router)# neighbor 10.10.10.3 update-source loopback 0\r\n* vpnv4\u3067bgp\u30bb\u30c3\u30b7\u30e7\u30f3\u3092\u5f35\u308b\u3053\u3068\u3092\u5ba3\u8a00\u3057\u3066\u3001neighbor\u3092active\u306b\u8a2d\u5b9a\u3057\u307e\u3059\u3002\r\nR1(config-router)# address-family vpnv4\r\nR1(config-router-af)# neighbor 10.10.10.3 activate\r\nR1(config-router-af)# exit\r\n* address-family\u3067vrf-table\u3092\u6307\u5b9a\u3057\u3066\u3001\u4ea4\u63db\u3059\u308b\u7d4c\u8def\u60c5\u5831\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002\r\nR1(config-router)# address-family ipv4 vrf VPN002_BLUE\r\nR1(config-router)# redistribute connected\r\nR1(config-router)# redistribute static\r\n\r\n** \u3053\u3053\u307e\u3067\u540c\u3058\u5185\u5bb9\u306e\u8a2d\u5b9a\u3092\u5bfe\u5411PE\u3067\u3042\u308bR3\u306b\u3082\u4f5c\u6210\u3057\u307e\u3059\u3002\r\n** BGP\u306e\u72b6\u614b\u3068\u7d4c\u8def\u3092\u78ba\u8a8d\u3057\u3066\u3044\u304d\u307e\u3059\u3002\r\n* neighbor\u306e\u72b6\u614b\r\nR1# show ip bgp all neighbors 10.10.10.3\r\nFor address family: IPv4 Unicast\r\n\r\nFor address family: VPNv4 Unicast\r\nBGP neighbor is 10.10.10.3,  remote AS 100, internal link\r\n  BGP version 4, remote router ID 10.10.10.3\r\n  BGP state = Established, up for 02:59:19\r\n  Last read 00:00:47, last write 00:00:30, hold time is 180, keepalive interval is 60 seconds\r\n  Neighbor sessions:\r\n    1 active, is multisession capable\r\n  Neighbor capabilities:\r\n    Route refresh: advertised and received(new)\r\n    Four-octets ASN Capability: advertised and received\r\n    Address family VPNv4 Unicast: advertised and received  < -- vpnv4\u3067adv,rev\u3057\u3066\u3044\u307e\u3059\r\n    Multisession Capability: advertised and received\r\n  Message statistics, state Established:\r\n    InQ depth is 0\r\n    OutQ depth is 0\r\n\r\n* bgp table\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002\r\nR1# show ip bgp vpnv4 vrf VPN002_BLUE\r\nBGP table version is 24, local router ID is 10.10.10.1\r\nStatus codes: s suppressed, d damped, h history, * valid, > best, i - internal,\r\n              r RIB-failure, S Stale\r\nOrigin codes: i - IGP, e - EGP, ? - incomplete\r\n\r\n   Network          Next Hop            Metric LocPrf Weight Path\r\nRoute Distinguisher: 100:700 (default for vrf VPN002_BLUE)\r\n*> 10.10.10.7\/32    0.0.0.0                  0         32768 ?\r\n*>i10.10.10.8\/32    10.10.10.3               0    100      0 ?\r\n*> 10.10.10.11\/32   0.0.0.0                  0         32768 ?\r\n*>i10.10.10.22\/32   10.10.10.3               0    100      0 ?\r\n*> 192.168.100.0    0.0.0.0                  0         32768 ?\r\n*>i192.168.200.0    10.10.10.3               0    100      0 ?\r\n\r\n* vrf\u306erouting-table\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002BGP\u306e\u7d4c\u8def\u304centry\u3055\u308c\u3066\u3044\u308b\u3053\u3068\u3067\u3059\u3002\r\nR1# show ip route vrf VPN002_BLUE\r\n\r\nRouting Table: VPN002_BLUE\r\nCodes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP\r\n       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area\r\n       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2\r\n       E1 - OSPF external type 1, E2 - OSPF external type 2\r\n       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2\r\n       ia - IS-IS inter area, * - candidate default, U - per-user static route\r\n       o - ODR, P - periodic downloaded static route, + - replicated route\r\n\r\nGateway of last resort is not set\r\n\r\n      10.0.0.0\/32 is subnetted, 4 subnets\r\nS        10.10.10.7 is directly connected, Serial1\/2\r\nB        10.10.10.8 [200\/0] via 10.10.10.3, 00:19:52\r\nS        10.10.10.11 is directly connected, Serial1\/2\r\nB        10.10.10.22 [200\/0] via 10.10.10.3, 00:19:52\r\n      192.168.100.0\/24 is variably subnetted, 2 subnets, 2 masks\r\nC        192.168.100.0\/24 is directly connected, Serial1\/2\r\nL        192.168.100.1\/32 is directly connected, Serial1\/2\r\nB     192.168.200.0\/24 [200\/0] via 10.10.10.3, 00:18:14\r\n<\/p>\r\n\u5bfe\u5411\u306eCE\u540c\u58eb\u3067\u3001ping\u3068traceroute\u3092\u5b9f\u884c\u3057\u3066\u307f\u308b\r\n
\r\nR8# ping 10.10.10.11\r\n\r\nType escape sequence to abort.\r\nSending 5, 100-byte ICMP Echos to 10.10.10.11, timeout is 2 seconds:\r\n!!!!!\r\nSuccess rate is 100 percent (5\/5), round-trip min\/avg\/max = 56\/70\/88 ms\r\nR8# ping 10.10.10.7\r\n\r\nType escape sequence to abort.\r\nSending 5, 100-byte ICMP Echos to 10.10.10.7, timeout is 2 seconds:\r\n!!!!!\r\nSuccess rate is 100 percent (5\/5), round-trip min\/avg\/max = 60\/149\/260 ms\r\nR8# traceroute 10.10.10.11\r\n\r\nType escape sequence to abort.\r\nTracing the route to 10.10.10.11\r\n\r\n  1 192.168.200.3 160 msec 56 msec 20 msec\r\n  2 192.168.34.4 [MPLS: Labels 18\/28 Exp 0] 1104 msec 128 msec 76 msec\r\n  3 192.168.100.1 [MPLS: Label 28 Exp 0] 744 msec 136 msec 48 msec\r\n  4 192.168.100.7 964 msec 52 msec *\r\n\r\n* \u3053\u308c\u3060\u3068mpls\u7db2\u306e\u7d4c\u8def\u304c\u898b\u3048\u3066\u3057\u307e\u3046\u306e\u3067\u3001PE\u306b\r\nR1(config)#n no mpls ip propagate-ttl\r\n* \u3082\u3046\u4e00\u5ea6trace\r\nR8# traceroute 10.10.10.11\r\n\r\nType escape sequence to abort.\r\nTracing the route to 10.10.10.11\r\n\r\n  1 192.168.200.3 228 msec 24 msec 24 msec\r\n  2 192.168.100.1 [MPLS: Label 28 Exp 0] 268 msec 132 msec 36 msec\r\n  3 192.168.100.7 240 msec 32 msec *\r\n<\/p><\/tt>\r\n\u3053\u3053\u307e\u3067\u3067\u57fa\u672c\u306e\u8a2d\u5b9a\u306f\u5b8c\u4e86\u3067\u3059\u3002\r\nVPN001_RED\u3068VPN001_BLUE\u306e\u30d1\u30b1\u30c3\u30c8\u304c\u307e\u3056\u3089\u305a\u306b\u3001routing\u3055\u308c\u308b\u304b\u3002\r\n\u3053\u3053\u307e\u3067\u306econfig-sample\u3092\r\nPE-R1<\/a>\r\nPE-R3<\/a>\r\nPC-R5<\/a>\r\nPC-R6<\/a>\r\nPC-R7<\/a>\r\nPC-R8<\/a>\r\n\r\n\u6b21\u56de\u306fL2-tunnel\u306b\u6311\u6226\u3057\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
\u25cbcisco simulator\u306e\u7d9a\u304d \u3053\u3053\u304b\u3089\u304c\u672c\u756a MPLS\u306e\u809d\u3067\u3042\u308bVPN\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002 VPN\u3068\u3044\u3046\u3053\u3068\u306f\u3001Customer\u306e\u7d4c\u8def(L3)\u304c\u307e\u3056\u3089\u306a\u3044\u3088\u3046\u306b\u3057\u306a\u3044\u3068\u3044\u3051\u306a\u3044\u306e\u3067\u3001 PE\u914d\u4e0b\u306eCE\u3092\uff12\u7d44\u7528\u610f\u3057\u307e\u3057\u305f […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7,6,8],"tags":[],"class_list":["post-157","post","type-post","status-publish","format-standard","hentry","category-cisco","category-lab","category-mpls"],"_links":{"self":[{"href":"https:\/\/blog.k-goo.net\/index.php?rest_route=\/wp\/v2\/posts\/157","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.k-goo.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.k-goo.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.k-goo.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.k-goo.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=157"}],"version-history":[{"count":33,"href":"https:\/\/blog.k-goo.net\/index.php?rest_route=\/wp\/v2\/posts\/157\/revisions"}],"predecessor-version":[{"id":198,"href":"https:\/\/blog.k-goo.net\/index.php?rest_route=\/wp\/v2\/posts\/157\/revisions\/198"}],"wp:attachment":[{"href":"https:\/\/blog.k-goo.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=157"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.k-goo.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=157"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.k-goo.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}