MPLS Tieng Viet

CHUYN MCH NHN A GIAO THC
(MPLS MultiProtocol Label Switching)
Tc gi: Trn Th T Uyn
Trn Th T Uyn
Mc lc Ch ng 1: TNG QUAN V MPLS ........................................................................ 3 Ch ng 2: CU HNH MPLS C BN ................................................................. 13 LAB 2-1: Cu hnh MPLS frame-mode c bn .................................................... 16 Ch ng 3: TNG QUAN V MPLS VPN.............................................................. 28 Ch ng 4: GIAO THC NH TUYN EIGRP PE-CE......................................... 43 LAB 4-1: Cu hnh nh tuyn EIGRP PE-CE c bn.......................................... 46 LAB 4-2: Cu hnh mng s dng BGP CC v EIGRP SoO ................................ 62 Ch ng 5: GIAO THC NH TUYN OSPF PE-CE........................................... 75 LAB 5-1 Cu hnh nh tuyn OSPF PE-CE ..................................................... 86 LAB 5-2OSPF Sham-Links ............................................................................101 Ch ng 6: K THUT LU LNG TRONG MPLS.........................................112
Trn Th T Uyn
Chng 1: TNG QUAN V MPLS

MPLS l mt cng ngh kt hp c im tt nht gia nh tuyn lp ba v chuyn mch lp hai cho php chuyn ti cc gi rt nhanh trong mng li (core) v nh tuyn tt mng bin (edge) bng cch da vo nhn (label). MPLS l mt phng php ci tin vic chuyn tip gi trn mng bng cc nhn c gn vi mi gi IP, t bo ATM, hoc frame lp hai. Phng php chuyn mch nhn gip cc Router v MPLS-enable ATM switch ra quyt nh theo ni dung nhn tt hn vic nh tuyn phc tp theo a ch IP ch. MPLS kt ni tnh thc thi v kh nng chuyn mch lp hai vi nh tuyn lp ba. Cho php cc ISP cung cp nhiu dch v khc nhau m khng cn phi b i c s h tng sn c. Cu trc MPLS c tnh mm do trong b t k s phi hp vi cng ngh lp hai no. MPLS h tr mi giao thc lp hai, trin khai hiu qu cc dch c IP trn mt mng chuyn mch IP. MPLS h tr vic to ra cc tuyn khc nhau gia ngu n v ch trn mt ng trc Internet. Bng vic tch hp MPLS vo kin trc mng, Cc ISP c th gim chi ph, tng li nhun, cung cp nhiu hiu qu khc nhau v t c hiu qu cnh tranh cao. c im mng MPLS: - Khng c MPLS API, cng khng c thnh phn giao thc pha host. - MPLS ch nm trn cc router. - MPLS l giao thc c lp nn c th hot ng cng vi giao thc khc IP nh IPX, ATM, Frame Relay, - MPLS gip n gin ho qu trnh nh tuyn v lm tng tnh linh ng ca cc tng trung gian. Gii thiu v chuyn mch nhn a giao thc (MPLS):
Phng thc hot ng: Thay th c ch nh tuyn lp ba bng c ch chuyn mch lp hai. MPLS ho t ng trong li ca mng IP. Cc Router trong li phi enable MPLS trn tng giao tip. Nhn c gn thm vo gi IP khi gi i vo mng MPLS. Nhn c tch ra khi gi ra khi mng MPLS. Nhn (Label) c chn vo gia header lp ba v header lp hai. S dng nhn trong qu trnh gi gi sau khi thit lp ng i. MPLS tp trung vo qu trnh hon i nhn (Label Swapping). Mt trong nhng th mnh ca khin trc MPLS l t nh ngha chng nhn (Label Stack). Cng thc gn nhn gi tin l: Network Layer Packet + MPLS Label Stack
Mt s ng dng ca MPLS
Con ng chuyn nhn (LSP Label Switch Path): xc nh ng i ca gi tin MPLS. Gm hai lo i: Hop by hop signal LSP - xc nh ng i kh thi nht theo kiu best effort v Explicit route signal LSP - xc nh ng i t nt gc.
B nh tuyn chuyn nhn (LSR Label Switch Router): ra quyt nh chng k tip da trn ni dung ca nhn, cc LSP lm vic t v ho t ng gn ging nh Switch.
Khng gian nhn (Label Space): c hai loi. Mt l, cc giao tip dng chung gi tr nhn (per-platform label space). Hai l, mi giao tip mang gi tr nhn ring, (Perinterface Label Space).
Trn Th T Uyn
Mt s ng dng ang c trin khai l: MPLS VPN: Nh cung cp d ch c c th to VPN lp 3 dc theo mng ng trc cho nhiu khch hng, ch dng mt c s h tng cng cng sn c, khng cn cc ng d ng encrytion hoc end-user. MPLS Traggic Engineer: Cung cp kh nng thit lp mt hoc nhiu ng i iu khin lu lng mng v cc c trng thc thi cho mt loi lu lng. MPLS QoS (Quality of service): Dng QoS cc nh cung cp d ch v c th cung cp nhiu lo i dch v vi s m b o ti a v QoS cho khch hng. MPLS Unicast/Multicast IP routing.
Internet c ba nhm ng dng chnh: voice, data, video vi cc yu cu khc nhau. Voice yu cu tr thp, cho php tht thot d liu tng hiu qu . Video cho php tht thot d liu mc chp nhn c, mang tnh th i gian thc (realtime). Data yu cu b o mt v chnh xc cao. MPLS gip khai thc ti nguyn mng t hiu qu cao.
tin cy cao hn: Vi c s h tng ATM, MPLS c th kt hp hiu qu vi nhiu giao th c nh tuyn IP over ATM thit lp mt mng l i (mesh) dch v cng cng gi cc router xung quanh mt m my ATM. Tuy nhin c nhiu vn x y ra do cc PCV link gia cc router xp chng trn mng ATM. Cu trc mng ATM khng th thy b nh tuyn. Mt link ATM b hng lm hng nhiu router-to-router link, gy kh khn cho lng cp nht thng tin nh tuyn v nhiu tin trnh x l ko theo. Trc tip thc thi cc lo i dch v: MPLS s dng hng i v b m ca ATM cung cp nhiu lo i dch v khc nhau. N h tr quyn u tin IP v lo i dch v (class of service cos) trn chuyn mch ATM m khng cn chuyn i phc tp sang cc lp ATM Forum Service. H tr hiu qu cho Mulicast v RSVP: Khc vi MPLS, xp lp IP trn ATM ny sinh nhiu b t li, c bit trong vic h tr cc dch v IP nh IP muticast v RSVP( Resource Reservation Protocol - RSVP).
S tch hp: MPLS xc nhp tnh nng ca IP v ATM ch khng xp chng lp IP trn ATM. MPLS gip cho c s h tng ATM thy c nh tuyn IP v loi b cc yu cu nh x gia cc c tnh IP v ATM. MPLS khng cn a ch ATM v k thut nh tuyn (nh PNNI).
Khi hp nht vi chuyn mch ATM, chuyn mch nhn tn dng nh ng thu n l i ca cc t bo ATM - chiu di thch hp v chuyn vi tc cao. Trong mng a dch v chuyn mch nhn cho php chuyn mch BPX/MGX nhm cung cp dch v ATM, Frame, Replay v IP Internet trn mt mt phng n trong mt ng i tc cao. Cc mt phng (Platform) cng cng h tr cc d ch v ny tit kim chi ph v n gin ha ho t ng cho nh cung cp a d ch v. ISP s dng chuyn mch ATM trong mng li, chuyn mch nhn gip cc cc dng Cisco, BPX8600, MGX8800, Router chuyn mch a d ch v 8540 v cc chuyn m ch Cisco ATM gip qun l mng hiu qu hn xp chng (overlay) lp IP trn mng ATM. Chuyn mch nhn trnh nhng rc ri gy ra do c nhiu router ngang hng v h tr cu trc phn cp (hierarchical structure) trong mt mng ca ISP.
im vt tri ca MPLS so vi m hnh IP over ATM
Trn Th T Uyn
S o lng v qun l VPN: MPLS c th tnh c cc d ch v IP VPN v rt d qun l cc d ch v VPN quan trng cung cp cc mng IP ring trong c s h tng ca n. Khi mt ISP cung cp d ch v VPN h tr nhiu VPN ring trn mt c s h tng n.Vi mt ng trc MPLS, thng tin VPN ch c x l ti mt im ra vo. Cc gi mang nhn MPLS i qua mt ng trc v n im ra ng ca n. Kt hp MPLS vi MPBGP (Mutiprotocol Broder Gateway Protocol) to ra cc d ch v VNP d a trn nn MPLS (MPLS-based VNP) d qu n l hn vi s iu hnh chuyn tip qun l pha VNP v cc thnh vin VNP, dch v MPSL-based VNP cn c th m rng h tr hng trm nghn VPN. Gim ti trn mng li Cc d ch v VPN hng d n cch MPLS h tr mi thng tin nh tuyn phn cp. H n na,c th tch ri cc nh tuyn Internet khi li mng cung cp dch v. Ging nh d liu VPN, MPSL ch cho php truy sut bng nh tuyn Internet ti im ra vo ca mng. Vi MPSL, k thut lu lng truyn bin ca AS c gn nhn lin kt vi im tng ng. S tch ri ca nh tuyn ni khi nh tuyn Internet y cng gip hn ch li, n nh v tng tnh bo mt Kh nng iu khin lu lng: MPLS cung cp cc kh nng iu khin lu lng sng d ng hiu qu ti nguyn mng. K thu t lu lng gip chuyn ti t cc phn qu ti sang cc phn cn ri ca mng d a vo im ch, loi lu lng, ti, thi gian,
MPLS h tr cc d ch v ny, k tha thi gian v cng vic theo cc chu n v khuyn khch to nn nh x xp x ca cc c trng IP&ATM
Mng MPLS dng cc nhn chuyn tip cc gi. Khi mt gi i vo mng, Node MPLS li vo nh du mt gi n lp chuyn tip tng ng (FEC Forwarding Equivalence Class) c th.
Cc hnh thc hot ng ca MPLS
Trong mng MPLS nhn iu khin mi hot ng chuyn tip. iu ny c nhiu thu n l i hn s chuyn tip thng thng: - S chuyn tip MPLS c th thc hin bng cc b chuyn mch (switch), c th tra cu (lookup) thay th nhn m khng nh hng n header lp mng. Cc b chuyn ATM thc hic cc chc nng chuyn cc t bo d a trn gi tr nhn. ATM-switch cn c iu khin bi mt thnh phn iu khin MPLS d a vo IP (IP-base MPLS control element) nh b iu khin chuyn mch nhn (LSC Label Switch Controller). y l dng c bn ca s kt hp IP vi ATM. - Khi mt gi vo mng n c chuyn n lp chuyn tip tng ng (FEC Forwarding Equivalence Class). Router c th s dng thng tin gi, nh cng vo (ingress) hay giao tip (interface). Cc gi i vo mng c gn cc nhn khc nhau. Quyt nh chuyn tip c thc hin d dng bi router ng vo. iu ny khng c trong s chuyn tip thng thng, v s xc nh l trnh ca router khc vi thng tin l trnh trn gi. - Mng c qu n l lu lng buc gi i theo mt con ng c th, mt con ng cha c s dng. Con ng c chn trc hoc ngay khi gi i vo mng tt hn s la chn b i cc thu t ton nh tuyn thng th ng. Trong MPLS, mt nhn c th c dng i din cho tuyn, khng cn km trong gi. y l dng c bn ca MPLS Traffic Engineering.
Trn Th T Uyn
"Lp d ch v (Class of service)" ca gi c xc nh b i nt MPLS vo (ingress MPLS node). Mt nt MPLS vo c th hu tuyn hay sa i lch trnh iu khin cc gi khc nhau. Cc trm sau c th nh li rng buc d ch v bng cch thit lp PBH (per-hop behavior). MPLS cho php (khng yu cu) u tin mt phn hoc hon ton ca lp dch v t nhn. Trng lp ny nhn i din cho s kt hp ca mt FEC vi u tin hoc lp d ch v. y l dng c b n ca MPLS QoS.
Kiu khung (Frame mode): Kiu khung l thut ng khi chuyn tip mt gi vi nhn gn trc tiu lp ba. Mt nhn c m ho vi 20bit, ngha l c th c 220 gi tr khc nhau. Mt gi c nhiu nhn, gi l chng nhn (label stack). mi chng trong mng ch c mt nhn bn ngoi c xem xt. Hnh 2 m t nh dng tiu ca MPLS
Nhn (Label) trong MPLS
Trong : - EXP=Experimental (3 bit): dnh cho thc nghim. Cisco IOS s dng cc bit ny gi cc thng bo cho QoS; khi cc gi MPLS xp hng c th dng cc bit EXP tng t nh cc bit IP u tin (IP Precedence). - S=Bottom of stack (1 bit): l bt cui chng. Nhn cui chng bit ny c thit lp ln 1, cc nhn khc c bt ny l 0. - TTL=Time To Live (8 bit): thi gian sng l bn sao ca IP TTL. Gi tr ca n c gim ti mi chng trnh lp (ging nh trong IP). Thng dng khi ngi iu hnh mng mun che d u cu hnh m ng bn d i khi tm ng t mng bn ngoi. Kiu t bo (Cell mode): Thu t ng ny dng khi c mt mng gm cc ATM LSR dng MPLS trong mt phng iu khin trao i thng tin VPI/VCI thay v dng bo hiu ATM. Trong kiu t bo, nhn l trng VPI/VCI ca t bo. Sau khi trao i nhn trong mt phng iu khin, mt phng chuyn tip, router ng vo (ingress router) phn tch gi thnh cc t bo ATM, dng gi tr VCI/CPI tng ng trao i trong mt phng iu khin v truyn t bo i. Cc ATM LSR pha trong ho t ng nh chuyn mch ATM chng chuyn tip mt t bo da trn VPI/VCI vo v thng tin cng ra tng ng. Cu i cng, router ng ra (egress router) sp xp li cc t bo thnh mt gi.
Trn Th T Uyn
ATM Cell header
GFC
VPI
VCI
PT
CLP
HEC
Header lp 3
D liu
Nhn Gi qua SONET/SDH PPP Header Nhn Header lp 3 Shim header Header lp 3 D liu D liu
Ethernet
Ethernet Header
Nhn
Cu trc nt ca MPLS
Trong : GFC (Generic Flow Control): iu khin lu ng chung VPI (Virtual Path Identifier): nhn d ng ng o VCI (Virtual Channel Identifier): nhn d ng knh o PT (Payload Type): Ch th kiu trng tin CLP (Cell Loss Priority): Chc nng ch th u tin hu b t bo HEC (Header error check): Kim tra li tiu .
Mt nt ca MPLS c hai mt phng: mt phng chuyn tip MPLS v mt phng iu khin MPLS. Nt MPLS c th th c hin nh tuyn lp ba hoc chuyn mch lp hai. Kin trc c b n ca mt nt MPLS nh sau: Mt phng iu khin
Giao thc nh tuyn IP
Chuyn i thng tin nh tuyn
Giao thc phn phi nhn

Mt phng chuyn tip
Chuyn i thng tin lin kt nhn
Cc gi IP va n
Bng nh tuyn IP (ECF FIB)
Cc gi IP ra
Cc gi c gn nhn v a n
C s nh tuyn chuyn tip nhn (LFIB)
Cc gi IP c gn nhn ra
Mt phng chuyn tip s dng mt c s thng tin chuyn tip nhn (LFIB - Label Forwarding Information Base) chuyn tip cc gi. Mi nt MPLS c hai bng lin quan n vic chuyn tip l: c s thng tin nhn (LIB - Label Information Base) v LFIB. LIB cha tt c cc nhn c nt MPLS cc b nh du v nh x ca cc
Trn Th T Uyn 7
Mt phng chuyn tip (Forwarding plane)
nhn ny n cc nhn c nhn t lng ging (MPLS neighbor) ca n. LFIB s dng mt tp con cc nhn cha trong LIB thc hin chuyn tip gi. Mt phng iu khin MPLS chu trch nhim to ra v lu tr LFIB. Tt c cc nt MPLS phi ch y mt giao thc nh tuyn IP trao i thng tin nh tuyn n cc nt MPLS khc trong mng. Cc nt MPLS enable ATM s dng mt b iu khin nhn (LSC Label Switch Controller) nh router 7200, 7500 ho c dng mt m un x l tuyn (RMP Route Processor Module) tham gia x l nh tuyn IP. Mt phng iu khin (Control Plane)
Cc nhn c trao i gia cc nt MPLS k cn xy dng nn LFIB. MPLS dng mt mu chuyn tip d a trn s hon i nhn kt ni vi cc m un iu khin khc nhau. Mi m un iu khin chu trch nhim nh du v phn phi mt tp cc nhn cng nh lu tr cc thng tin iu khin c lin quan khc. Cc giao thc cng ni (IGP Interior Gateway Potocols) c dng xc nhn kh nng n c, s lin kt, v nh x gia FEC v a ch trm k (next-hop address). Cc m un iu khin MPLS gm: nh tuyn Unicast (Unicast Routing) nh tuyn Multicast (Multicast Routing) K thut lu lng (Traffic engineering) Mng ring o (VPN Virtual private Network) Cht lng d ch v (QoS Quality of service)
Mt phng iu khin mt nt mng
iu khin nh tuyn MPLS IP
Cc giao thc nh tuyn Link-state nh OSPF v IS-IS l cc giao thc c chn v chng cung cp cho mi nt MPLS thng tin ca ton mng. Trong cc b nh tuyn thng thng, b n nh tuyn IP dng xy d ng b lu tr chuyn mch nhanh (Fast switching cache) ho c FIB (dng bi CEF - Cisco Express Forwarding). Tuy nhin vi MPLS, bn nh tuyn IP cung cp thng tin ca mng ch v subnet prefix. Cc giao thc nh tuyn link-state gi thng tin nh tuyn (flood) gi a mt tp cc router ni trc tip (adjacent), thng tin lin kt nhn ch c phn phi gia cc router ni trc tip vi nhau bng cch dng giao thc phn phi (LDP Label Distribution Protocol) hoc TDP (Cisco s proproetary Tag Distribution protocol).
iu khin nh tuyn MPLS Multicast IP
iu khin nh tuyn MPLS/VPN
iu khin Lu lng (MPLS TE)
Cht lng dch v (QoS)
C s thng tin chuyn tip nhn LFIB
Mt phng d liu ti mt nt mng
Cc thnh phn mt phng d liu v mt phng iu khin ca MPLS

Trn Th T Uyn
Cisco Express Forwarding (CEF) l nn tng cho MPLS v hot ng trn cc router ca Cisco. Do , CEF l iu kin tin quyt trong thc thi MPLS trn mi thit b ca Cisco ngoi tr cc ATM switch ch h tr chc nng ca mt phng chuyn tip d liu. CEF l mt c ch chuyn mch thu c s hu ca Cisco nhm lm tng tnh n gin v kh nng chuyn tip gi IP. CEF trnh vic vit li overhead ca cache trong mi trng li IP b ng cch s dng mt c s thng tin chuyn tip (FIB Forwarding Information Base) quyt nh chuyn mch. N phn nh ton b ni dung ca b ng nh tuyn IP (IP routing table), nh x 1-1 gia FIB v bng nh tuyn. Khi router s dng CEF, n duy tr ti thiu 1 FIB, cha mt nh x cc mng ch trong bng nh tuyn vi cc trm k tip (next-hop adjacencies) tng ng. FIB trong mt phng d liu, ni router thc hin c ch chuyn tip v x l cc gi tin. Trn router cn duy tr hai cu trc khc l c s thng tin nhn (LIB Label Information Base) v c s thng tin chuyn tip nhn (LFIB Label Forwarding Information Base). Giao thc phn phi s dng gia cc lng ging MPLS c nhim v to ra cc ch mc (entry) trong hai bng ny. LIB thuc mt phng iu khin v c giao thc phn phi nhn s dng khi a ch mng ch trong b ng nh tuyn c nh x vi nhn nhn c t router xui dng. LFIB thu c mt phng d liu v cha nhn cc b (local label) n nhn trm k nh x vi giao tip ng ra (outgoing interface), c dng chuyn tip cc gi c gn nhn. Nh v y, thng tin v cc mng n c do cc giao thc nh tuyn cung cp dng xy dng bng nh tuyn (RIB - Routing Information Base). RIB cung cp thng tin cho FIB. LIB c to nn da vo giao thc phn phi nhn v t LIB kt hp vi FIB to ra LFIB.
B chuyn nhn s d ng mt thut ton chuyn tip d a vo vic hon i nhn. Nt MPLS l y gi tr trong nhn ca gi va n lm ch mc n LFIB. Khi gi tr nhn tng ng c tm th y, MPLS s thay th nhn trong gi bng nhn ra (outgoing label) t mc con (subentry) v g i gi qua giao tip ng ra tng ng n trm k c xc nh. Nu nt MPLS cha nhiu LFIB trn mi giao tip, n s dng giao tip vt l ni gi n chn mt LFIB c th phc v chuyn tip gi. Cc thu t
Trn Th T Uyn
Thut ton chuyn tip nhn (Label Forwarding Algorithm)
ton chuyn tip thng thng s dng nhiu thu t ton nh unicast, multicast v cc gi unicast c thit lp bit ToS. Tuy nhin, MPLS ch dng mt thut ton chuyn tip da trn s hon i nhn (Label swapping). Mt nt MPLS truy xut b nh n ly ra cc thng tin nh quyt nh dnh ra ti nguyn cn thit chuyn tip gi. Kh nng chuyn tip v tra cu tc nhanh gip chuyn nhn (label switching) tr thnh cng ngh chuyn mch c tnh thc thi cao. MPLS cn c th dng chuyn vn cc giao thc lp ba khc nh IPv6, IPX, hoc Apple Talk. Cc thu c tnh ny gip MPLS c th tng thch tt vi vic chuyn i cc mng t IPv4 ln IPv6. Hot ng chuyn tip ca MPLS Thc hin chuyn tip d liu vi MPLS gm cc bc sau: - Gn nhn MPLS (trn LSR). - Giao thc phn phi nhn (LDP - label distribution protocol hay TDP - tag distribution protocol ) thc hin gn nhn v trao i nhn gia cc LSR trong min MPLS thit lp cc phin lm vic (session). Vic gn nhn c th gn cc b trn router hoc trn giao tip ca router. - Thit lp LDP/TDP gia LSR/ELSR. - Mc nh trn router s dng LDP. Cu hnh: Router(config)#mpls label protocol {ldp | tdp} Thc hin lnh khi router khng mc nh dng LDP hoc mun chuyn t LDP sang TDP. Lnh ny c th c cu hnh ton cc ho c trn giao tip: Router(config-if)#mpls label protocol {ldp | tdp} Nu cu hnh trn giao tip th n s ghi ln lnh ton cc. TDP dng cng TCP 711. LDP dng cng TCP 646.
C 4 lo i thng ip LDP: Discovery: qu ng co v chp nhn s c mt ca LSR trong mng. Session: Thit lp, bo d ng v hy phin lm vic gia cc LSR. Advertisement: qung co nh x nhn ti FEC Notification: bo hiu li.
Trn Th T Uyn
10
Phn phi nhn bng giao thc phn phi nhn LDP Trong mt min MPLS, mt nhn gn ti mt a ch (FIB) ch c phn phi ti cc lng ging ngc dng sau khi thit lp session. Vic kt ni gia mng c th vi nhn cc b v mt nhn trm k (nhn t router xui dng) c lu tr trong LFIB v LIB. MPLS dng cc phng thc phn phi nhn nh sau: - Yu cu xui dng (Downstream on demand). - T nguyn xui dng (Unsolicited downstream).
S duy tr nhn MPLS

Trn Th T Uyn 11
Ch duy tr nhn t do (liberal label retention mode): duy tr kt ni gia nhn v mng ch nhng khng lu gi trm k cho ch n . LSR c th chuyn tip gi ngay khi IGP hi t v s lng nhn lu gi rt ln cho tng ch n c th nn tn b nh. Ch duy tr nhn thng xuyn (conservative label retention mode): duy tr nhn da vo hi p LDP hay TDP ca trm k. N hy cc kt ni t LSR xui dng m khng phi trm k ca ch n ch nh nn gim thiu c b nh. Untagged: gi MPLS n c chuyn thnh mt gi IP v chuyn tip n ch. N c dng trong thc thi MPLS VPN. Cc loi nhn c bit
C hai ch duy tr nhn:
Nhn Implicit-null hay POP: Nhn ny c gn khi nhn trn (top label) ca gi MPLS n b bc ra v gi MPLS hay IP c chuyn tip ti trm k xui dng. Gi tr ca nhn ny l 3 (trng nhn 20 bit). Nhn ny c dng trong mng MPLS cho nh ng trm k cui. Nhn Explicit-null: c gn gi gi tr EXP cho nhn trn (top label) ca gi n. Nhn trn c hon i vi gi tr 0 v chuyn tip nh mt gi MPLS ti trm k xui dng. Nhn ny s d ng khi thc hin QoS vi MPLS.
Nhn Aggregate: vi nhn ny, khi gi MPLS n n b bc tt c nhn trong chng nhn ra tr thnh mt gi IP v thc hin tra cu trong FIB xc nh giao tip ng ra cho n.
Trn Th T Uyn
12
Chng 2: CU HNH MPLS C BN

ch khung, MPLS s dng mt nhn 32 bit chn vo gia tiu lp 2 v lp 3. Cc dng ng gi lp 2 nh HDLC, PPP, Frame Relay, v Ethernet d a trn kiu khung (frame) nn c th hot ng ch khung (frame mode) hoc ch t bo (cell mode), ngo i tr ATM ch ho t ng ch t bo. Basic frame-mode MPLS Cu hnh v kim chng MPLS ch khung (Frame-mode MPLS)
Biu tin trnh cu hnh Frame-Mode MPLS
Trn Th T Uyn
13
Cc b c cu hnh d a trn s trn.
Cc bc cu hnh frame-mode MPLS c bn
Bc 1: Cho php CEF CEF l mt thnh phn thit yu cho chuyn m ch nhn (label switching) v chu trch nhim sp xp v ci t nhn trong mt mng MPLS. Cu hnh CEF ton cc trn cc router R1, R2, R3 v R4 b ng lnh: Router(config)#ip cef [distributed]. Chc chn rng CEF c cho php trn giao tip. Nu khng c th c th cho php CEF trn giao tip b ng cch dng lnh: Router(config-if)#ip route-cache cef. Dng t kha [distribute] th hin kh nng ca chuyn mch CEF c chia s.
Bc 2: Cu hnh giao thc nh tuyn IGP y ta xt giao thc OSPF. Cho php cc giao tip trn cc router tham gia vo mng ca nh cung cp bng lnh : Router(config)#router ospf process-id Router(config-router)#network ip-address wild-card mask area area-id
Cho php giao thc phn phi nhn l mt b c ty chn. Ngm nh, LDP l giao thc phn phi nhn. Lnh mpls label protocol {ldp | tdp} ch c dng nu LDP khng phi l giao thc ngm nh hoc nu mun chuyn i qua li gi a LDP v TDP. Lnh ny nn cu hnh trong ch ton cc ( Router(config)# ) tt hn trn giao tip ( Router(config-if)# ). Tuy nhin lnh cu hnh trn giao tip s ghi ln lnh cu hnh ton cc. Bc 3: Gn LDP router ID
Trn Th T Uyn
14
LDP s d ng a ch IP cao nht trn mt giao tip loopback nh l mt LDP router ID. Nu khng c a ch loopback th a ch IP cao nht trn router s tr thnh LDP router ID. Mun buc mt giao tip tr thnh LDP router ID dng lnh: Router(config)#mpls ldp router-id {interface | ip-address} [force] Giao tip loopback c khuyn khch v chng lun ho t ng. Bc 4: Cho php Ipv4 MPLS hay chuyn tip nhn trn giao tip Router(config-if)#mpls ip
Kim tra hot ng ca frame-mode MPLS c bn: Kim tra s cho php CEF trn router: Router#show ip cef Xc nh chuyn tip MPLS c cho php trn giao tip : Router#show mpls interfaces Xem trng thi ca tin trnh khm ph LDP. Hin th thng tin khm ph LDP ca lng ging v cc giao tip m tin trnh khm ph LDP ang ch y. Router#show mpls ldp discovery Trng xmit/recv th hin giao tip ang truyn v nhn cc gi LDP discovery Hello. Xc nh trng thi cc phin lm vic vi lng ging LDP: Router#show mpls ldp neighbor
S chuyn tip mt phng iu khin v mt phng d liu
Mt phng iu khin
Hnh trn th hin ho t ng ca mp phng iu khin cho prefix 10.10.10.101/32 t R1 n R4. Cc b c sau th hin tin trnh qu ng b nhn cho prefix 10.10.10.101/32:
Trn Th T Uyn
15
Bc 1: R1 gi mt implicit null hay POP label ti R2. Gi tr 3 i din cho nhn implicit-null. R1 qu ng b (propagates) implicit-null n R2, R2 thc hin ch c nng POP d liu chuyn tip t R4 ti 10.10.10.101/32. Nu R1 qung b mt nhn explicit-null, LSR R2 ngc dng khng POP nhn nhng gn mt gi tr nhn l 0 v g i mt gi c gn nhn ti R2. V d : R1#show mpls ldp bindings <output truncated>
Bc 3 : trn R3, prefix 10.10.10.101/32 c gn mt nhn cc b l 17 v mt nhn ra 16. Nhn ra c nhn t R2. Nhn cc b 17 c qu ng b bng s chia s nhn n R4. Nhn 17 c R4 dng chuyn tip d liu n 10.10.10.101/32. Ho t ng chuyn tip d liu
Bc 2 : R2 gn mt LSP label t i 10.10.10.101/32. Gi tr nhn ny c qu ng b ti R3. Gi tr ny c R3 p t trn ng chuyn tip d liu.
tib entry: 10.10.10.101/32, rev 4 local binding: tag: imp-null remote binding: tsr: 10.10.10.102:0, tag: 16
R4 p t nhn 17 ln gi d liu t R4 ti 10.10.10.101/32. R3 thc hin tra cu LFIB (LFIB lookup) v hon i nhn 17 thnh 16 v chuyn tip gi d lii ti R2. R2 nhn gi d liu t R3, thc hin chc nng pop ca trm k cui, bc nhn 16 v chuyn tip gi d liu ti R1. LAB 2-1: Cu hnh MPLS frame-mode c bn
Cc b c sau biu din ng chuyn tip d liu t R4 ti 10.10.10.101/32
M t
Cu hnh v kim tra LSR1#show run Building configuration...

Trn Th T Uyn
16
Current configuration : 912 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname LSR1 ! logging queue-limit 100 ! ip subnet-zero ! ip cef mpls ldp logging neighbor-changes tag-switching tdp router-id Loopback0 ! interface Loopback0 ip address 10.10.10.101 255.255.255.255 ! interface Serial0/1 ip address 10.10.10.1 255.255.255.252 tag-switching ip clockrate 72000 ! router ospf 100 log-adjacency-changes network 10.10.10.0 0.0.0.255 area 0 ! ip http server ip classless end LSR1#show ip route Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks 10.10.10.8/30 [110/192] via 10.10.10.2, 00:02:58, Serial0/1 10.10.10.0/30 is directly connected, Serial0/1 10.10.10.4/30 [110/128] via 10.10.10.2, 00:02:58, Serial0/1 10.10.10.104/32 [110/193] via 10.10.10.2, 00:02:58, Serial0/1 10.10.10.102/32 [110/65] via 10.10.10.2, 00:02:58, Serial0/1 10.10.10.103/32 [110/129] via 10.10.10.2, 00:02:58, Serial0/1 10.10.10.101/32 is directly connected, Loopback0
O C O O O O C
LSR1#show ip cef Prefix Next Hop 0.0.0.0/0 drop 0.0.0.0/32 receive

Trn Th T Uyn
Interface Null0 (default route handler entry)
17
10.10.10.0/30 attached 10.10.10.0/32 receive 10.10.10.1/32 receive 10.10.10.3/32 receive 10.10.10.4/30 10.10.10.2 10.10.10.8/30 10.10.10.2 10.10.10.101/32 receive 10.10.10.102/32 10.10.10.2 10.10.10.103/32 10.10.10.2 10.10.10.104/32 10.10.10.2 224.0.0.0/4 drop 224.0.0.0/24 receive 255.255.255.255/32 receive LSR1#show cef int s0/1
Serial0/1
Serial0/1 Serial0/1 Serial0/1 Serial0/1 Serial0/1
Serial0/1 is up (if_number 5) Corresponding hwidb fast_if_number 5 Corresponding hwidb firstsw->if_number 5 Internet address is 10.10.10.1/30 ICMP redirects are always sent Per packet load-sharing is disabled IP unicast RPF check is disabled Inbound access list is not set Outbound access list is not set IP policy routing is disabled BGP based policy accounting is disabled Interface is marked as point to point interface Hardware idb is Serial0/1 Fast switching type 4, interface type 60 IP CEF switching enabled IP CEF Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 4(4) Slot 0 Slot unit 1 Unit 1 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 LSR1#show mpls interfaces Interface IP Tunnel Operational Serial0/1 Yes (tdp) No Yes LSR1#show mpls ldp discovery Local LDP Identifier: 10.10.10.101:0 Discovery Sources: Interfaces: Serial0/1 (tdp): xmit LSR2#show run !
Trn Th T Uyn
18
hostname LSR2 ! logging queue-limit 100 ! memory-size iomem 10 ip subnet-zero ! ! ! ip cef mpls ldp logging neighbor-changes tag-switching tdp router-id Loopback0 ! interface Loopback0 ip address 10.10.10.102 255.255.255.255 ! interface Serial0/0 ip address 10.10.10.2 255.255.255.252 mpls label protocol ldp tag-switching ip ! interface Serial0/1 ip address 10.10.10.5 255.255.255.252 mpls label protocol ldp tag-switching ip ! router ospf 100 log-adjacency-changes network 10.10.10.0 0.0.0.255 area 0 ! end LSR2#show cdp nei .. Device ID Local Intrfce Holdtme Capability Platform Port ID LSR1 Ser 0/0 173 R 2610 Ser 0/1 LSR3 Ser 0/1 125 R 2610 Ser 0/1 LSR2#show ip route .. Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks 10.10.10.8/30 [110/128] via 10.10.10.6, 00:23:26, Serial0/1 10.10.10.0/30 is directly connected, Serial0/0 10.10.10.4/30 is directly connected, Serial0/1 10.10.10.104/32 [110/129] via 10.10.10.6, 00:23:26, Serial0/1 10.10.10.102/32 is directly connected, Loopback0 10.10.10.103/32 [110/65] via 10.10.10.6, 00:23:26, Serial0/1 10.10.10.101/32 [110/65] via 10.10.10.1, 00:23:26, Serial0/0
O C C O C O O
Trn Th T Uyn
19
LSR2#show ip cef Prefix Next Hop Interface 0.0.0.0/0 drop Null0 (default route handler entry) 0.0.0.0/32 receive 10.10.10.0/30 attached Serial0/0 10.10.10.0/32 receive 10.10.10.2/32 receive 10.10.10.3/32 receive 10.10.10.4/30 attached Serial0/1 10.10.10.4/32 receive 10.10.10.5/32 receive 10.10.10.7/32 receive 10.10.10.8/30 10.10.10.6 Serial0/1 10.10.10.101/32 10.10.10.1 Serial0/0 10.10.10.102/32 receive 10.10.10.103/32 10.10.10.6 Serial0/1 10.10.10.104/32 10.10.10.6 Serial0/1 224.0.0.0/4 drop 224.0.0.0/24 receive 255.255.255.255/32 receive LSR2#show cef int s0/0 Serial0/0 is up (if_number 4) Corresponding hwidb fast_if_number 4 Corresponding hwidb firstsw->if_number 4 Internet address is 10.10.10.2/30 ICMP redirects are always sent Per packet load-sharing is disabled IP unicast RPF check is disabled Inbound access list is not set Outbound access list is not set IP policy routing is disabled BGP based policy accounting is disabled Interface is marked as point to point interface Hardware idb is Serial0/0 Fast switching type 4, interface type 60 IP CEF switching enabled IP CEF Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 3(3) Slot 0 Slot unit 0 Unit 0 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 LSR2#show cef int s0/1 Serial0/1 is up (if_number 5) Corresponding hwidb fast_if_number 5 Corresponding hwidb firstsw->if_number 5 Internet address is 10.10.10.5/30
Trn Th T Uyn
20
ICMP redirects are always sent Per packet load-sharing is disabled IP unicast RPF check is disabled Inbound access list is not set Outbound access list is not set IP policy routing is disabled BGP based policy accounting is disabled Interface is marked as point to point interface Hardware idb is Serial0/1 Fast switching type 4, interface type 60 IP CEF switching enabled IP CEF Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 4(4) Slot 0 Slot unit 1 Unit 1 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 LSR2#show mpls int Interface IP Tunnel Operational Serial0/0 Yes (ldp) No Yes Serial0/1 Yes (ldp) No Yes LSR2#show mpls ldp dis Local LDP Identifier: 10.10.10.102:0 Discovery Sources: Interfaces: Serial0/0 (ldp): xmit Serial0/1 (ldp): xmit/recv LDP Id: 10.10.10.103:0 LSR2#show mpls ldp nei Peer LDP Ident: 10.10.10.103:0; Local LDP Ident 10.10.10.102:0 TCP connection: 10.10.10.103.11010 - 10.10.10.102.646 State: Oper; Ms LSR3#show run Building configuration... Current configuration : 947 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname LSR3 ! logging queue-limit 100
Trn Th T Uyn
21
! ip subnet-zero ! ! ! ip cef mpls label protocol ldp mpls ldp logging neighbor-changes ! interface Loopback0 ip address 10.10.10.103 255.255.255.255 ! interface Serial0/0 ip address 10.10.10.9 255.255.255.252 tag-switching ip clockrate 72000 no fair-queue ! interface Serial0/1 ip address 10.10.10.6 255.255.255.252 tag-switching ip clockrate 72000 ! router ospf 100 log-adjacency-changes network 10.10.10.0 0.0.0.255 area 0 ! end LSR3#show ip route . Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks 10.10.10.8/30 is directly connected, Serial0/0 10.10.10.0/30 [110/128] via 10.10.10.5, 00:11:19, Serial0/1 10.10.10.4/30 is directly connected, Serial0/1 10.10.10.104/32 [110/65] via 10.10.10.10, 00:11:19, Serial0/0 10.10.10.102/32 [110/65] via 10.10.10.5, 00:11:19, Serial0/1 10.10.10.103/32 is directly connected, Loopback0 10.10.10.101/32 [110/129] via 10.10.10.5, 00:11:19, Serial0/1
C O C O O C O
LSR3# show cdp nei Device ID Local Intrfce Holdtme Capability Platform Port ID LSR4 Ser 0/0 131 R 2610 Ser 0/1 LSR2 Ser 0/1 178 R 2610 Ser 0/1 LSR3#show ip cef Prefix Next Hop
Trn Th T Uyn
Interface
22
0.0.0.0/0 drop Null0 (default route handler entry) 0.0.0.0/32 receive 10.10.10.0/30 10.10.10.5 Serial0/1 10.10.10.4/30 attached Serial0/1 10.10.10.4/32 receive 10.10.10.6/32 receive 10.10.10.7/32 receive 10.10.10.8/30 attached Serial0/0 10.10.10.8/32 receive 10.10.10.9/32 receive 10.10.10.11/32 receive 10.10.10.101/32 10.10.10.5 Serial0/1 10.10.10.102/32 10.10.10.5 Serial0/1 10.10.10.103/32 receive 10.10.10.104/32 10.10.10.10 Serial0/0 224.0.0.0/4 drop 224.0.0.0/24 receive 255.255.255.255/32 receive LSR3#show cef int s0/0 Serial0/0 is up (if_number 4) Corresponding hwidb fast_if_number 4 Corresponding hwidb firstsw->if_number 4 Internet address is 10.10.10.9/30 ICMP redirects are always sent Per packet load-sharing is disabled IP unicast RPF check is disabled Inbound access list is not set Outbound access list is not set IP policy routing is disabled BGP based policy accounting is disabled Interface is marked as point to point interface Hardware idb is Serial0/0 Fast switching type 4, interface type 60 IP CEF switching enabled IP CEF Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 3(3) Slot 0 Slot unit 0 Unit 0 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 LSR3#show cef int s0/1 Serial0/1 is up (if_number 5) Corresponding hwidb fast_if_number 5 Corresponding hwidb firstsw->if_number 5 Internet address is 10.10.10.6/30 ICMP redirects are always sent Per packet load-sharing is disabled IP unicast RPF check is disabled
Trn Th T Uyn
23
Inbound access list is not set Outbound access list is not set IP policy routing is disabled BGP based policy accounting is disabled Interface is marked as point to point interface Hardware idb is Serial0/1 Fast switching type 4, interface type 60 IP CEF switching enabled IP CEF Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 4(4) Slot 0 Slot unit 1 Unit 1 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 LSR3#show mpls interfaces Interface IP Tunnel Operational Serial0/0 Yes (ldp) No Yes Serial0/1 Yes (ldp) No Yes LSR3#show mpls ldp dis Local LDP Identifier: 10.10.10.103:0 Discovery Sources: Interfaces: Serial0/0 (ldp): xmit/recv LDP Id: 10.10.10.104:0 Serial0/1 (ldp): xmit/recv LDP Id: 10.10.10.102:0 LSR3#show mpls ldp nei Peer LDP Ident: 10.10.10.102:0; Local LDP Ident 10.10.10.103:0 TCP connection: 10.10.10.102.646 - 10.10.10.103.11010 State: Oper; Msgs sent/rcvd: 53/49; Downstream Up time: 00:32:45 LDP discovery sources: Serial0/1, Src IP addr: 10.10.10.5 Addresses bound to peer LDP Ident: 10.10.10.102 10.10.10.2 10.10.10.5 Peer LDP Ident: 10.10.10.104:0; Local LDP Ident 10.10.10.103:0 TCP connection: 10.10.10.104.11004 - 10.10.10.103.646 State: Oper; Msgs sent/rcvd: 24/24; Downstream Up time: 00:12:43 LDP discovery sources: Serial0/0, Src IP addr: 10.10.10.10 Addresses bound to peer LDP Ident: 10.10.10.104 10.10.10.10 LSR4#show run Building configuration... !
Trn Th T Uyn
24
version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname LSR4 ! logging queue-limit 100 ! memory-size iomem 10 ip subnet-zero ! ip cef mpls label protocol ldp mpls ldp logging neighbor-changes ! interface Loopback0 ip address 10.10.10.104 255.255.255.255 ! interface Serial0/1 ip address 10.10.10.10 255.255.255.252 tag-switching ip ! router ospf 100 log-adjacency-changes network 10.10.10.0 0.0.0.255 area 0 ! end LSR4#show cdp nei Device ID Local Intrfce Holdtme Capability Platform Port ID LSR3 Ser 0/1 159 R 2610 Ser 0/0 LSR4#show ip route Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks 10.10.10.8/30 is directly connected, Serial0/1 10.10.10.0/30 [110/192] via 10.10.10.9, 00:13:46, Serial0/1 10.10.10.4/30 [110/128] via 10.10.10.9, 00:13:46, Serial0/1 10.10.10.104/32 is directly connected, Loopback0 10.10.10.102/32 [110/129] via 10.10.10.9, 00:13:46, Serial0/1 10.10.10.103/32 [110/65] via 10.10.10.9, 00:13:46, Serial0/1 10.10.10.101/32 [110/193] via 10.10.10.9, 00:13:46, Serial0/1
C O O C O O O
LSR4#show ip cef Prefix Next Hop 0.0.0.0/0 drop 0.0.0.0/32 receive

Trn Th T Uyn
Interface Null0 (default route handler entry)
25
10.10.10.0/30 10.10.10.9 10.10.10.4/30 10.10.10.9 10.10.10.8/30 attached 10.10.10.8/32 receive 10.10.10.10/32 receive 10.10.10.11/32 receive 10.10.10.101/32 10.10.10.9 10.10.10.102/32 10.10.10.9 10.10.10.103/32 10.10.10.9 10.10.10.104/32 receive 224.0.0.0/4 drop 224.0.0.0/24 receive 255.255.255.255/32 receive
Serial0/1 Serial0/1 Serial0/1
Serial0/1 Serial0/1 Serial0/1
LSR4#show cef int s0/1 Serial0/1 is up (if_number 5) Corresponding hwidb fast_if_number 5 Corresponding hwidb firstsw->if_number 5 Internet address is 10.10.10.10/30 ICMP redirects are always sent Per packet load-sharing is disabled IP unicast RPF check is disabled Inbound access list is not set Outbound access list is not set IP policy routing is disabled BGP based policy accounting is disabled Interface is marked as point to point interface Hardware idb is Serial0/1 Fast switching type 4, interface type 60 IP CEF switching enabled IP CEF Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 4(4) Slot 0 Slot unit 1 Unit 1 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 LSR4#show mpls int Interface IP Tunnel Operational Serial0/1 Yes (ldp) No Yes LSR4#show mpls ldp dis Local LDP Identifier: 10.10.10.104:0 Discovery Sources: Interfaces: Serial0/1 (ldp): xmit/recv LDP Id: 10.10.10.103:0 LSR4#show mpls ldp nei Peer LDP Ident: 10.10.10.103:0; Local LDP Ident 10.10.10.104:0 TCP connection: 10.10.10.103.646 - 10.10.10.104.11004
Trn Th T Uyn
26
State: Oper; Msgs sent/rcvd: 26/26; Downstream Up time: 00:14:34 LDP discovery sources: Serial0/1, Src IP addr: 10.10.10.9 Addresses bound to peer LDP Ident: 10.10.10.103 10.10.10.6 10.10.10.9
Trn Th T Uyn
27
VPN c gii thiu cho php cc nh cung cp dch v s dng c s h tng cng cng c sn thc thi cc kt ni point-to-point gia cc site khch hng. Mt mng khch hng thc thi vi b t k cng ngh VPN no s nm trong vng iu khin ca khch hng c gi l cc site khch hng, cc site ny c kt ni v i nhau thng qua mng ca nh cung cp dch v (SP service provider). Trong cc mng da trn b nh tuyn truyn thng (traditional router-based network), cc site khc nhau ca cng khch hng c kt ni vi nhau bng cc kt ni point-to-point chuyn dng (lease line, Frame Relay,). Chi ph thc hin ph thuc vo s lng site khch hng. Cc site kt ni d ng full mesh s lm gia tng chi ph theo cp s m. Frame Relay v ATM l nh ng cng ngh i u thch hp thc thi VPN. Cc mng ny bao gm cc thit b khc nhau thuc v khch hng hoc nh cung cp dch v, l cc thnh phn ca gii php VPN. Nhn chung, VPN gm cc vng sau: Mng khch hng (Customer network) gm cc router ti cc site khch hng khc nhau. Cc router kt ni cc site c nhn vi mng ca nh cung cp c gi l cc router bin pha khch hng (CE customer edge).
Tng quan v VPN
Chng 3: TNG QUAN V MPLS VPN
Ban u Overlay VPN c thc thi b i SP cung cp cc kt ni lp 1 (physical layer) hay mch chuyn vn lp 2 (d liu d ng frame ho c cell) gia cc site khch hng bng cch s dng cc thit b Frame Relay hay ATM switch lm PE. Do nh cung cp dch v khng th nhn bit c vic nh tuyn pha khch hng. Sau , Overlay VPN thc thi cc d ch v qua IP (lp 3) vi cc giao thc nh ng hm nh L2TP, GRE, v IPSec. Tuy nhin, d trong trng hp no th mng ca nh cung cp vn trong sut i vi khch hng, v cc giao thc nh tuyn chy trc tip gia cc router ca khch hng.
Khi Frame Relay v ATM cung cp cho khch hng cc mng ring, nh cung cp khng th tham gia vo vic nh tuyn khch hng. Cc nh cung cp d ch v ch vn chuyn d liu qua cc kt ni point-to-point o. Nh vy nh cung cp ch cung cp cho khch hng kt ni o ti lp 2; l m hnh Overlay. Nu mch o l c nh, sn sng cho khch hng s dng mi lc th c gi l mch o c nh (PVC permanent virtual circuit). Nu mch o c thit lp theo yu cu (on-demand) th c gi l mch o chuyn i (SVC switch virtual circuit). Hn ch chnh ca m hnh Overlay l cc mch o ca cc site khch hng kt ni d ng full mesh (ngoi tr trin khai d ng hub-and-spoke hay partial hub-and-spoke). Nu c N site khch hng th tng s lng mch o cn thit cho vic ti u nh tuyn l N(N-1)/2.
Mng nh cung cp (Provider network) c dng cung cp cc kt ni point-to-point qua h tng mng ca nh cung cp dch v. Cc thit b ca nh cung cp d ch v m ni trc tip vi CE router c gi l router bin pha nh cung cp (PE Provifer edge). Mng ca nh cung cp cn c cc thit b dng chuyn tip d liu trong mng trc (SP backbone) c gi l cc rouer nh cung cp (P - Provider). Da trn s tham gia ca nh cung cp d ch v trong vic nh tuyn cho khch hng, VPN c th chia thnh hai loi m hnh: Overlay v Peer-to-peer.
Trn Th T Uyn
28
M hnh ngang cp (peer-to-peer) c pht trin khc phc nhc im ca m hnh Overlay v cung cp cho khch hng c ch vn chuyn ti u qua SP backbone. Do nh cung cp dch v c th tham gia vo vic nh tuyn ca khch hng. Trong m hnh peer-to-peer, thng tin nh tuyn c trao i gia cc router khch hng v cc router ca nh cung cp d ch v, d liu ca khch hng c vn chuyn qua mng li ca nh cung cp. Thng tin nh tuyn ca khch hng c mang gia cc router trong mng ca nh cung cp (P v PE), v mng khch hng (cc CE router). M hnh ny khng yu cu to ra mch o. Quan st hnh trn ta th y, cc CE router trao i tuyn vi cc router PE trong SP domain. Thng tin nh tuyn ca khch hng c qu ng b qua SP backbone gia cc PE v P v xc nh c ng i ti u t mt site khch hng n mt site khc. Vic pht hin cc thng tin nh tuyn ring ca khc hng t c bng cch thc hin lc gi ti cc router kt ni vi mng khch hng. a ch IP ca khch hng do nh cung cp kim sot. Tin trnh ny xem nh l thc thi cc PE peer-topeer chia s (shared PE peer-to-peer). Hnh sau m t nhng vic trin khai m hnh peer-to-peer.
Trn Th T Uyn
29
Trong kin trc mng MPLS VPN, cc router bin mang thng tin nh tuyn khch hng, cung cp nh tuyn ti u cho lu lng gia cc site ca khch hng. M hnh MPLS-based VPN cng gip cho khch hng s dng khng gian a ch trng lp (overlapping address spaces), khng ging nh m hnh peer-to-peer truyn thng trong vic nh tuyn lu lng khch hng yu cu nh cung cp phi gn a ch IP ring cho mi khch hng (ho c khch hng phi thc hin NAT) trnh trng lp khng gian a ch. MPLS VPN l mt d ng thc thi y ca m hnh peer-to-peer; MPLS VPN backbone v cc site khch hng trao i thng tin nh tuyn lp 3, v d liu c chuyn tip gia cc site khch hng s dng MPLS-enable SP IP backbone. Min (domain) MPLS VPN, ging nh VPN truyn thng, gm mng ca khch hng v mng ca nh cung cp. M hnh MPLS VPN ging vi m hnh router PE dnh ring (dedicated PE router model) trong cc dng thc thi VPN ngang cp peer-to-peer VPN. Tuy nhin, thay v trin khai cc router PE khc nhau cho tng khch hng, lu l ng khch hng c tch ring trn cng router PE nhm cung cp kh nng kt ni vo mng ca nh cung cp cho nhiu khch hng. Cc thnh phn ca mt MPLS VPN c trnh by trong hnh sau:
Kin trc v thut ng trong MPLS VPN
Cc thnh phn chnh ca kin trc MPLS VPN:
Mng khch hng th ng l min iu khin ca khch hng gm cc thit b hay cc router tri rng trn nhiu site ca cng mt khch hng. Cc router CE l nhng router trong mng khch hng giao tip vi mng ca nh cung cp. hnh trn, mng khch hng ca CustomerA gm cc router CE1-A, CE2-A v cc thit b trong Site 1 v Site 2 ca CustomerA. Cc router CE ca Customer A l CE1-A v CE2-A, v router CE ca Customer B l CE1-B v CE2-B.
30
Trn Th T Uyn
Mng ca nh cung cp min thuc iu khin ca nh cung cp gm cc router bin (edge) v li (core) kt ni cc site thu c vo cc khch hng trong mt h tng mng chia s. Cc router PE l cc router trong mng ca nh cung cp giao tip vi router bin ca khch hng. Cc router P router trong li ca mng, giao tip vi cc router li khc hoc router bin ca nh cung cp. Trong hnh trn, mng ca nh cung cp gm cc router PE1, PE2, P1, P2, P3, v P4. PE1 v PE2 l router bin ca nh cung cp trong min MPLS VPN cho khch hng A v B. Router P1, P2, P3 v P4 l cc router nh cung cp (provider router). MPLS VPN ging nh m hnh mng ngang cp vi router dnh ring. T mt router CE, ch cp nht IPv4, d liu c chuyn tip n router PE. CE khng cn b t k mt cu hnh ring bit no cho php n tham gia vo min MPLS VPN. Yu cu duy nht trn CE l mt giao thc nh tuyn (hay tuyn tnh(static)/tuyn ngm nh (default)) cho php n trao i thng tin nh tuyn IPv4 vi cc router PE. Trong m hnh MPLS VPN, router PE thc hin rt nhiu chc nng. Trc tin n phi phn tch lu lng khch hng nu c nhiu hn mt khch hng kt ni ti n. V th, mi khch hng c gn vi mt b ng nh tuyn c lp. nh tuyn qua SP backbone thc hin b ng mt tin trnh nh tuyn trong b ng nh tuyn ton cc. Router P cung cp chuyn m ch nhn gia cc router bin ca nh cung cp v khng bit n cc tuyn VPN. Cc router CE trong mng khch hng khng nhn bit c cc router P v do cu trc mng ni b ca mng SP trong sut i vi khch hng. Hnh sau m t chc nng ca router PE. M hnh nh tuyn MPLS VPN
Khch hng c phn bit trn router PE b ng cc bng nh tuyn o (virtual routing tables) hoc cc instance, cn c gi l VRF (virtual routing and forwarding tables/instances). Th c cht n ging nh duy tr nhiu router ring bit cho cc khch hng kt ni vo mng ca nh cung cp. chc nng ca VRF ging nh mt bn nh tuyn ton cc, ngo i tr vic n cha mi tuyn lin quan n mt VPN c th. VRF cng cha mt bng chuyn tip CEF cho VRF ring bit (VRFspecific CEF forwarding table) tng ng vi bng CEF ton cc xc nh cc yu cu kt ni v cc giao thc cho mi site khch hng kt ni trn mt router PE. VRF xc nh b i cnh (context) giao thc nh tuyn tham gia vo mt VPN c th cng nh giao tip trn router PE cc b tham gia vo VPN, ngha l s d ng VRF. Giao tip tham gia vo VRF phi h tr chuyn mch CEF. Mt VRF c th gm mt giao tip (logical hay physical) ho c nhiu giao tip trn mt router.
Trn Th T Uyn 31
VRF - Virtual Routing and Forwarding Table
VRF cha mt b ng nh tuyn IP tng ng vi bng nh tuyn IP ton cc, mt bng CEF, lit k cc giao tip tham gia vo VRF, v mt tp hp cc nguyn tc xc nh giao thc nh tuyn trao i vi cc router CE (routing protocol contexts). VRF cn cha cc nh danh VPN (VPN identifier) nh thng tin thnh vin VPN (RD v RT). Hnh sau cho thy chc nng ca VRF trn mt touter PE thc hin tch tuyn khch hng.
Cisco IOS h tr cc giao thc nh tuyn khc nhau nh nhng tin trnh nh tuyn ring bit (OSPF, EIGRP,) trn router. Tuy nhin, mt s giao thc nh RIP v BGP, IOS ch h tr mt instance ca giao thc nh tuyn. Do , thc thi nh tuyn VRF b ng cc giao thc ny phi tch ring hon ton cc VRF vi nhau. Bi cnh nh tuyn (routing context) c thit k h tr cc b n sao ca cng giao thc nh tuyn VPN PE-CE. Cc bi cnh nh tuyn ny c th c thc thi nh cc tin trnh ring bit (OSPF), hay nh nhiu instance ca cng mt giao thc nh tuyn (BGP, RIP, ). Nu nhiu instance ca cng mt giao thc nh tuyn c s dng th mi instance c mt tp cc tham s ca ring n. Hin ti, Cisco IOS h tr RIPv2, EIGRP, BGPv4 (nhiu instance), v OSPFv2 (nhiu tin trnh) c dng cho VRF trao i thng tin nh tuyn gia CE v PE. Ch : cc giao tip VRF c th l lu n l (logical) hoc vt l (physical) nhng mi giao tip ch c gn vi mt VRF.
Trong m hnh MPLS VPN, router PE phn bit cc khch hng b ng VRF. Tuy nhin, thng tin ny cn c mang theo gia cc router PE cho php truyn d liu gia cc site khch hng qua MPLS VPN backbone. Router PE phi c kh nng thc thi cc tin trnh cho php cc mng khch hng kt ni vo c khng gian a ch trng lp (overlapping address spaces). Router PE hc cc tuyn ny t cc mng khch hng v qu ng b thng tin ny b ng mng trc chia s ca nh cung cp (shared provider backbone). iu ny th c hin bng vic kt hp vi RD (route distinguisher) trong b ng nh tuyn o (virtual routing table) trn mt router PE. RD l mt nh danh 64-bit duy nht, thm vo trc 32-bit a ch tuyn c hc t router CE to thnh a ch 96-bit duy nht c th c chuyn vn gia cc router PE trong min MPLS. Do ch duy nht mt RD c cu hnh cho 1 VRF trn router
Trn Th T Uyn 32
Route Distinguisher, Route Targets, MP-BGP, v Address Families
PE. a ch 96-bit cui cng (tng hp ca 32-bit a ch khch hng v 64-bit RD) c gi l mt a ch VPNv4. a ch VPNv4 trao i gia cc router PE trong mng nh cung cp. RD c th c hai nh dng: dng a ch IP ho c ch s AS. Hnh bn d i cho thy hai khch hng c a ch mng ging nhau, 172.16.10.0/24, c phn bit nh vo cc gi tr RD khc nhau, 1:100 v 1:101, u tin qung b a ch VPNv4 trn router PE.
Route targets (RT) l nhng nh danh dng trong MPLS VPN domain khi trin khai MPLS VPN nhm xc nh thnh vin VPN ca cc tuyn c hc t cc site c th. RT c thc thi b i cc BGP community m rng s d ng 16 bit cao ca BGP ecxtended community (64 bit) m ha vi mt ga tr tng ng vi thnh vin VPN ca site c th. Khi mt tuyn VPN hc t mt CE chn vo VPNv4 BGP, mt danh sch cc thu c tnh community m rng cho VPN router target c kt hp vi n. Export RT dng xc nh thnh vin VPN v c kt lp vi mi VRF. Export RT c ni thm vo a ch khch hng khi chuyn thnh a ch VPNv4 b i PE v qung b trong cc cp nht MP-BGP. Import RT kt hp vi mi VRF v xc nh cc tuyn VPNv4 c thm vo VRF cho khch hng c th. nh dng ca RT
Trn Th T Uyn 33
Mt phin lm vic MP-BGP gia cc PE trong mt BGP AS c gi l MP-iBGP session v km theo cc nguyn tc thc thi ca iBGP lin quan n thuc tnh ca BGP (BGP attributes). Nu VPN m rng ra khi phm vi mt AS, cc VPNv4 s trao i gia cc AS ti bin bng MP-eBGP session.
Giao thc dng trao i cc tuyn VPNv4 gia cc PE l multiprotocol BGP (MPBGP). IGP yu cu duy tr iBGP (internal BGP) khi thc thi MPLS VPN. Do , PE phi chy mt IGP cung cp thng tin NLRI cho iBGP nu c hai PE cng trong mt AS. Hin ti, Cisco h tr c OSPFv2 v ISIS trong mng nh cung cp nh l IGP. MP-BGP cng chu trch nhim ch nh nhn VPN. Kh nng m rng l l do chnh chn BGP lm giao thc mang thng tin nh tuyn khch hng. Hn na, BGP cho php s dng a ch VPNv4 trong mi trng MPLS VPN v i dy a ch trng lp cho nhiu khch hng.
ging nh gi tr RD. S t ng tc ca RT v gi tr RD trong MPLS VPN domain khi cp nht c chuyn thnh cp nht MP-BGP nh hnh sau.
Khi thc thi cc cu trc mng VPN phc tp (nh: extranet VPN, Internet access VPNs, network management VPN,) s dng cng ngh MPLS VPN th RT gi vai tr nng ct. Mt a ch mng c th c kt hp vi mt hoc nhiu export RT khi qung b qua mng MPLS VPN. Nh v y, RT c th kt hp vi nhiu site thnh vin ca nhiu VPN. Mng 172.16.10.0/24 c nhn t CE1-A, tham gia vo VRF CustomerA trn PE1AS1. PE1 kt hp mt gi tr RD 1:100 v mt gi tr export RT 1:100 khi cu hnh cho VRF trn router PE1-AS1. Cc tuyn hc t CE1-A c phn phi vo tin trnh MP-BGP trn PE1-AS1 vi prefix 172.16.10.0/24 v thm vo u gi tr RD 1:100 v ni thm export RT 1:100 gi i a ch VPNv4 khi tham gia cp nht MPiBGP gia cc PE. Nhn VPN (3 byte) c gn cho mi a ch hc t cc tin trnh ca CE kt ni trong mt VRF t tin trnh MP-BGP ca PE. MP-BGP chy trong min MPLS ca nh cung cp d ch v nn mang theo a ch VPNv4 (Ipv4 + RD) v BGP RT. Cc tin trnh x y ra trong su t qu trnh qung b tuyn hnh trn nh sau:
Lu : RT l cu hnh bt buc trong mt MPLS VPN cho mi VRF trn mt router, gi tr RT c th c dng thc thi trn cu trc mng VPN phc tp, trong mt site c th tham gia vo nhiu VPN. Gi tr RT cn c th dng chn tuyn nhp vo VRF khi cc tuyn VPNv4 c hc trong cc cp nht MP-iBGP. Nhn VPN ch c hiu b i egress PE (mt phng d liu) kt ni trc tip vi CE qu ng b mng . Cc trm k (next hop) phi c hc t IGP khi thc thi MPLS VPN ch khng phi qu ng co t tin trnh BGP. Trong hnh trn nhn VPN c m t bng trng V1 v V2.
Trn Th T Uyn
34
Cp nht MP-BGP c nhn bi PE2 v tuyn c lu tr trong b ng VRF tng ng cho Customer A da trn nhn VPN. Cc tuyn MP-BGP nhn c c phn phi vo cc tin trnh nh tuyn VRF PE-CE, v tuyn c qung b ti CE2-A. Cc thuc tnh commynity BGP m rng khc nh SoO (site of origin) c th dng ch yu trong qu ng b cp nht MP-iBGP. Thu c tnh SoO c dng xc nh site c th t tuyn hc c ca PE v ng dng trong vic chng vng lp tuyn (routing loop) v n xc nh c ngun ca site nn c th ngn vic qu ng co li mng cho site gi qung co . SoO xc nh duy nht mt site t mt tuyn m PE hc c. SoO cho php lc lu lng da trn site m lu lng xu t pht. Kh nng lc ca SoO gip qu n tr lu lng MPLS VPN v chng vng lp tuyn x y ra trong cu trc mng hn hp v phc tp, cc site khch hng trong c th x l cc kt ni qua MPLS VPN backbone nh cc kt ni ca sau (backdoor link) gia cc site.
Khi thc thi mt MPLS VPN, mi VPN site thuc vo mt khch hng c th lin lc vi mi site trong cng min ca khch hng c gi l VPN n gin hay intranet VPN. RT c th c s dng thc hin cu trc VPN phc tp, cc site ca mt khch hng c th truy cp n site ca cc khch hng khc. Dng thc thi ny c gi l extranet VPN. Cc bin th ca extranet VPN nh network management VPN, central services VPN v Internet access VPN c th c trin khai. Address family l mt khi nim quan trng trong hot ng ca MP-BGP cho php chuyn vn cc tuyn VPNv4 vi cc thuc tnh community m rng. Theo RFC 2283 Multiprotocol Extensions for BGP-4, BGPv4 ch c kh nng mang thng tin nh tuyn thuc vo IPv4. BGP-4 c th mang thng tin ca nhiu giao thc lp mng. BGP-4 h tr nh tuyn cho nhiu giao thc lp mng, BGP-4 phi ng k (account) mt giao thc lp mng c th lin quan mt trm k (next hop) nh NLRI (network layer reachability information). Hai thuc tnh mi c thm vo ca BGP l MP_REACH_NLRI (Multiprotocol Reachable NLRI ) v MP_UNREACH_NLRI (Multiprotocol Unreachable NLRI). MP_REACH_NLRI mang mt tp cc ch n c (reachable destination) vi thng tin trm k c dng chuyn tip cho cc ch n ny. MP_UNEACH_NLRI mang mt tp cc ch khng n c. C hai thuc tnh ny l optional v nontransitive. V th, mt BGP speaker khng h tr tnh nng a giao thc ny s b qua thng tin c mang trong cc thu c tnh ny v s khng chuyn n n cc BGP speaker khc.
Router P cn chy mt IGP (OSPF hoc ISIS) khi MPLS cho php chuyn tip cc gi c gn nhn (mt phng d liu data plane) gia cc PE. IGP qu ng b cc NLRI n cc P v PE thc thi mt MPiBGP session gia cc PE (mt phng iu khin control plane). LDP chy trn cc router P gn v phn phi nhn.
Trn Th T Uyn 35
PE thc cht l mt LER bin (Edge LSR) v thc hin tt c chc nng ca mt Edge LSR. PE yu cu LDP cho vic gn v phn phi nhn cng nh chuyn tip cc gi c gn nhn. Cng thm cc chc nng ca mt Edge LSR, PE thc thi mt giao thc nh tuyn (hay nh tuyn t nh) v i cc EC trong mt b ng nh tuyn o (virtual routing table) v yu cu MP-BGP qu ng b cc mng hc c t CE nh cc VPNv4 trong MP-iBGP n cc PE khc bng nhn VPN.
Mt address family l mt giao thc lp mng c nh ngh a. Mt nh danh h a ch (AFI address family identifier) mang mt nh danh ca giao thc lp mng kt hp vi a ch mng trong thuc tnh a giao thc ca BGP. AFI cho cc giao thc lp mng c xc nh trong RFC 1700, Assigned Numbers.
Mt phng iu khin trong MPLS VPN cha mi thng tin nh tuyn lp 3 v cc tin trnh trao i thng tin ca cc IP prefix c gn v phn phi nhn bng LDP. Mt phng d liu thc hin chc nng chuyn tip cc gi IP c gn nhn n trm k v ch. Hnh sau cho thy s tng tc ca cc giao thc trong mt phng iu khin ca MPLS VPN.
Hot ng ca mt phng iu khin MPLS VPN
Cc router CE c kt ni vi cc PE, v mt IGP, BGP, hay tuyn tnh (static route) c yu cu trn cc CE cng vi cc PE thu thp v qu ng co thng tin NLRI. Trong MPLS VPN backbone gm cc router P v PE, mt IGP kt hp vi LDP c s dng gi a cc PE v P. LDP dng phn phi nhn trong mt MPLS domain. IGP dng trao i thng tin NLRI, nh x (map) cc NLRI ny vo MPBGP. MP-BGP c duy tr gia cc PE trong mt min MPLS VPN v trao i cp nht MP-BGP. Cc gi t CE n PE lun c qu ng b nh cc gi Ipv4. Hot ng ca mt phng iu khin MPLS VPN nh hnh sau:
Trn Th T Uyn
36
Sau y l cc b c hot ng ca mt phng iu khin MPLS VPN (minh ha bng hnh trn): Cp nht Ipv4 cho mng 172.16.10.0 c nhn bi egress PE (mt phng d liu). PE1-AS1 nhn v vn chuyn tuyn Ipv4, 172.16.10.0/24, n mt tuyn VPNv4 gn vi RD 1:100, SoO, v RT 1:100 da trn cu hnh VRF trn PE1-AS1. N nh v mt nhn VPNv4 V1 ti cp nht 172.16.10.0/24 v vit li thuc tnh trm k cho a ch 10.10.10.101 ca loopback0 trn PE1-AS1. S qung b nhn cho 10.10.10.101/32 t PE1-AS1 ti PE2-AS2 nhanh chng c thay th ngay khi mng MPLS VPN ca nh cung cp c thit lp v thc hin qu ng b VPNv4 trong mng. Cc bc sau thc hin tin trnh qu ng b nhn cho 10.10.10.101/32:
Vic chuyn tip trong mng MPLS VPN i hi phi dng chng nhn (label stack).
Hot ng ca mt phng d liu MPLS VPN
2c: P2-AS1 dng nhn L1 lm gi tr nhn xut, xc nh nhn L2 cho 10.10.10.101/32, v sa mc trong LFIB cho 10.10.10.101/32. Sau P2-AS1 gi gi tr nhn ny n PE2-AS1 bng LDP reply. PE1-AS1 c cu hnh VRF nhn cc tuyn vi RT 1:100 nn chuyn cp nht VPNv4 thnh Ipv4 v chn tuyn trong VRF cho Customer A. Sau n qu ng b tuyn ny ti CE2-A.
2b: P1-AS1 s dng nhn implicit-null nhn c t PE1-AS1 lm gi tr nhn xut (outbound label) ca n, xc nh mt nhn (L1) cho 10.10.10.101/32, v sa mc trong LFIB cho 10.10.10.101/32. Sau P1-AS1 gi gi tr nhn ny n P2-AS1 bng LDP reply.
2a: Router PE2-AS1 yu cu mt nhn cho 10.10.10.101/32 s dng LDP nh x nhn yu cu t lng ging xui dng (downstream neighbor) ca n, P1AS1. PE1-AS1 xc nh mt nhn implicit-null cho 10.10.10.101/32, chnh sa mc trong LFIB lin quan n 10.10.10.101/32, v gi n P1-AS1 b ng LDP reply.
Nhn trn (top lable) c gn v hon i (swap) chuyn tip gi d liu i trong li MPLS. Nhn th hai (nhn VPN) c kt hp vi VRF router PE chuyn tip gi n cc CE. Hnh sau m t cc bc trong chuyn tip d liu khch hng ca mt phng d liu t mt site khch hng CE2-A ti CE1-A trong h tng mng ca SP.
Trn Th T Uyn
37
Khi d liu c chuyn tip ti mt mng c th dc theo mng VPN qua li MPLS, ch c nhn trn (top lable) trong chng nhn b hon i (swap) khi gi i qua backbone. Nhn VPN vn gi nguyn v c bc ra khi n router PE ng ra (egress)/xui dng(downstream). Mng gn vi mt giao tip ng ra thuc vo mt VRF c th trn router ph thuc vo gi tr ca nhn VPN.
Sau y l nhng bc trong vc chuyn tip ca mt phng d liu minh ha cho hnh trn: CE2-A to ra mt gi d liu vi a ch ngu n 172.16.20.1 v ch l 172.16.10.1. PE2-AS1 nhn gi d liu, thm vo nhn VPN V1 v nhn LDP L2 ri chuyn tip gi n P2-AS1. P2-AS1 nhn gi d liu v chuyn i (swap) nhn LDP L2 thnh L1. P1-AS1 nhn gi d liu v bc (pop) nhn trn (top label) ra v n nhn mt nh x nhn implicit-null cho 10.10.10.101/32 t PE1-AS1. Kt qu , gi c gn nhn (nhn VPN l V1) c chuyn tip n PE1-AS1. PE1-AS1 bc nhn VPN V1 ra v chuyn tip gi d liu n CE1-A n i c a ch mng 172.16.10.0 c nh v. Cu hnh MPLS VPN c bn M t
Cu hnh trao i tuyn gia PE v CE bao gm vic thc thi mt giao thc nh tuyn (hay tuyn tnh (static)/ngm nh (default)) trn cc router CE. Cu hnh theo cch ca mt giao thc nh tuyn thng thng. Trn PE, bi cnh nh tuyn (routing context) VRF (hay cc b i cnh h a ch (address family context)) c yu cu trao i tuyn gia PE v CE. Cc tuyn ny sau c phn phi ln nhau nh co tin trnh MP-BGP trn VRF. Cu hnh chuyn tip MPLS v nh danh VRF trn PE: Cu hnh chuyn tip MPLS l bc u tin xy d ng MPLS VPN backbone ca nh cung cp. Cc bc ti thiu cu hnh chuyn tip MPLS trn PE nh sau: 1. Cho php CEF. 2. Cu hnh giao thc nh tuyn IGP trn PE. 3. Cu hnh MPLS hay chuyn tip nhn trn giao tip PE kt ni vi P.
Cu hnh cho router CE
Cc bc ny c gii quyt nhng chng trc nn y ta ch quan tm n cu hnh nh danh VRF.

Trn Th T Uyn 38
Cu hnh VRF trn PE
Cu hnh VRF CustomerA trn PE1-AS1 v PE2-AS1 to b ng nh tuyn VRF v bng CEF cho CustomerA. RouterPE(config)#ip vrf CustomerA Xa mt VRF : RouterPE(config-vrf)#no ip vrf CustomerA Ch : khi to ho c xa mt VRF s lm mt i a ch ip trn giao tip. Khi xu t hin thng ip : % IP addresses from all interfaces in VRF CustomerA have been removed
Cu hnh RD
RD to b ng chuyn tip v nh tuyn. RD c thm vo u a ch Ipv4 ca khch hng chuyn chng thnh a ch VPNv4 duy nht. Cu hnh thng s RD ca VRF: RouterPE(config-vrf)#rd route-distinguisher RD c th c dng theo cc d ng sau: Ch s AS-16 bit : ch s 32 bit (v d: 1:100) a ch IP 32 bit : ch s 16 bit (v d: 10.10.10.101:1) RD ch thay i khi xa VRF i. RD l duy nht cho mt VRF c th. Khng c hai VRF trn mt router m cng gi tr RD. Nu thit lp cng RD cho nhiu VRF trn mt router s c thng ip cnh bo sau: % Cannot set RD, check if it's unique Cu hnh chnh sch nhp (import) v xut (export)
Trn Th T Uyn
39
Cu hnh chnh sch nhp v xut cho cc community m rng ca MP-BGP. Chnh sch ny dng lc tuyn cho RT c th. Router(config-vrf)#route-target {import | export | both} route-target-ext-community Kt hp VRF vi giao tip. Nu trn giao tip cu hnh sn a ch IP th vic kt hp ny s lm mt a ch IP trn giao tip nn phi cu hnh li. V d: PE1-AS1(config)#interface serial4/0 PE1-AS1(config-if)#ip add 172.16.1.1 255.255.255.252 PE1-AS1(config-if)# ip vrf forwarding CustomerA
% Interface Serial4/0 IP address 172.16.1.1 removed due to enabling VRF CustomerA Kim chng cu hnh VRF trn PE: PE1-AS1(config-if)#ip add 172.16.1.1 255.255.255.252
Kim tra s tn ti ca VRF trn giao tip Router#show ip vrf
Lit k cc giao tip hot ng trong mt VRF c th Router#show ip vrf interfaces Cu hnh nh tuyn BGP PE-PE l bc k tip trong vic trin khai mt MPLS VPN. Mc ch ca bc ny l chc rng cc tuyn VPNv4 c th c chuyn vn qua mng trc ca nh cung cp bng MP-iBGP. Router P l trong sut i vi tin trnh ny nn n khng mang bt k tuyn no ca khch hng. Cc b c cu hnh tuyn BGP PE-PE gia cc PE nh s sau. Cu hnh nh tuyn BGP PE-PE trn router PE:
Trn Th T Uyn
40
Cu hnh nh tuyn BGP trn PE. Cho php BGP v xc nh AS trn router PE1AS1 v PE2-AS1. Router(config)#router bgp as-number Cu hnh lng ging cho MP-iBGP: Router(config-router)#neighbor {ip-address | peer-group-name} remote-as as-number Cu hnh h a ch VPNv4 (VPNv4 address family):
Cu hnh trong tin trnh ca BGP, cho php a ch VPNv4 ho t ng tn cc lng ging. Kch ho t cc lng ging iBGP chuyn vn a ch VPNv4 qua mng trc ca nh cung cp dch v. Router(config-router)#address-family vpnv4 Router(config-router-af)#neighbor {ip-address | peer-group-name | ipv6address} activate Router(config-router-af)#neighbor {ip-address | peer-group-name | ipv6address} send-community extended Cu hnh h a ch Ipv4: PE1-AS1(config-router)#address-family ipv4 vrf CustomerA PE1-AS1(config-router-af)# redistribute connected PE1-AS1(config-router-af)# exit-address-family S dng cc lnh sau: show ip bgp vpnv4 * summary show IP bgp vpnv4 all show ip bgp summary show ip bgp neighbor ip-address
Trn Th T Uyn
Kim chng v gim st nh tuyn BGP PE-PE trn router PE:
41
Cu hnh trn router P:
Router P l mt LSR ca mng MPLS, nn ch cn cu hnh cc chc nng sau : Cho php mt giao thc IGP. Cho php CEF trn mi giao tip chuyn tip MPLS. Cu hnh LDP gn v phn phi nhn.
Trn Th T Uyn
42
Giao thc nh tuyn EIGRP PE-CE c nh cung cp dch v s d ng i vi cc khch hng s d ng EIGRP lm giao thc nh tuyn IGP, v th nn dng EIGRP trao i thng tin nh tuyn gia cc site ca khch hng qua mt MPLS VPN backbone. Trong mi trng MPLS VPN EIGRP metric phi c mang vo cc cp nht MP-BGP (MP-BGP update). Cc thuc tnh BGP extended community gi nhim v mang v gi nguyn metric EIGRP khi i qua MP-iBGP domain. Cc community ny xc nh cc c tnh bn cht lin quan n EIGRP nh ch s AS hay EIGRP cost nh b ng thng (bandwidth), tr (delay), ti (load), tin cy (reliability), v MTU. Bng sau m t su loi extended BGP community c nh ngha mang theo cc tuyn EIGRP qua MPLS backbone b ng MP-BGP. EIGRP Attribute Type Usage Value
Giao thc nh tuyn EIGRP PE-CE
Chng 4: GIAO THC NH TUYN EIGRP PE-CE
General
0x8800 EIGRP General Route Information
Route Flag and Tag
Metric
0x8801 EIGRP Route Metric Information and AS
AS and Delay
0x8802 EIGRP Route Metric Information
Reliability, Next Hop, and Bandwidth
0x8803 EIGRP Route Metric Information
Reserve, Load, and Maximum Transmission Unit (MTU)
0x8804 EIGRP External Route Information
Remote AS and Remote ID
External
Hnh sau m t chi tit cc thu c tnh extended BGP community gn vi cc tuyn 192.168.20.0 v 192.168.99.0.
0x8805 EIGRP External Route Information
Remote Protocol and Remote Metric
Trn Th T Uyn
43
Qung b tuyn EIGRP
Vic qu ng b tuyn trong mng MPLS VPN s dng nh tuyn EIGRP PE-CE d a trn EIGRP AS c cu hnh trn router PE. Trong mi trng MPLS VPN, EIGRP AS c th ging hoc khc nhau trn mi router PE. Qu ng b tuyn khi EIGRP AS ging nhau trn mi PE:
Hnh bn d i m t mt mng MPLS VPN cung cp cc d ch v MPLS VPN cho Customer A. PE1-AS1 v PE2-AS1 c cu hnh vi EIGRP AS 101.
Trnh t thc hin khi CE2-A gi 172.16.20.0 v 209.165.201.0 ti CE1-A:
(1) CE2-A redistribute mng OSPF 209.165.127.0/27 (D EX) v 172.16.20.0/24 (D) cho PE2-AS1.
Trn Th T Uyn
44
Nu hai EIGRP AS khc nhau, cc nguyn tc redistribute bnh thng c p dng. Ngha l, cc external EIGRP route c to ra khi cc tuyn ca khch hng c redistribute vo EIGRP t cc cp nht MP-BGP. Hnh sau m t mt mng MPLS VPN s d ng cc EIGRP AS khc nhau trn cc PE. V MPLS backbone l trong sut i vi giao thc nh tuyn CE nn khng c EIGRP adjacency hay cp nht EIGRP (EIGRP update) v cc query gi qua cc PE.
Qu ng b tuyn khi EIGRP AS khc nhau trn cc router PE:
(2) Bng nh tuyn VRF Cust_A trn PE2-AS1 nhn 172.16.20.0/24 vi EIGRP metric 2195456 v 209.165.127.0/27 vi EIGRP metric 3097600. (3) EIGRP metric cho 172.16.20.0 v 209.165.127.0 c sao chp vo extended BGP attribute nh BGP MED, cc communitie ny cha thng tin EIGRP nh AS, MTU, route type, km theo cc tuyn EIGRP c redistribute vo MP-BGP. Sau cc tuyn 172.16.20.0 v 209.165.127.0 c qung b ti PE1-AS1 b ng MP-iBGP session. (4) PE1-AS1 nhn cc tuyn BGP VPNv4 172.16.20.0/24 v 209.165.127.0/27 t PE2-AS1. EIGRP metric ca cc tuyn ny khng b thay i khi i qua MPBGP backbone. (5) PE2-AS1 kim tra cc thuc tnh nhn c trong tuyn v nu route type l internal (nu bit MSB trong BGP extended community c thit lp b ng 0x8800) v AS ngun trng khp vi AS trn router nhn th tuyn c qung b nh mt tuyn ni EIGRP (EIGRP internal route). Nu route type l external (bit MSB c thit lp b ng 0x8800) th tuyn c qu ng b ti CE l mt tuyn ngo i EIGRP (external EIGRP route). PE1-AS1 s dng thng tin thuc tnh extended community cu trc li cp nht tuyn EIGRP gc khi redistribute t MP-BGP vo EIGRP. Dng ny ch c thc hin EIGRP AS ca PE2-AS1 v PE1-AS1 bng nhau. Cc PE ho t ng nh l cc EIGRP query boundary. Trong tr ng hp ny, AS 101 trng khp vi AS ca PE1-AS1 nn 172.16.20.0/24 c qung b l EIGRP internal route v 209.165.127.0/27 c qung b l mt external route ti CE1-A. (6) CE1-A nhn 172.16.20.0 v 209.165.127.0.
Trnh t thc hin t bc (1) ti (4) ging nh phn Qu ng b tuyn khi EIGRP AS ging nhau trn mi PE ngoi tr cc mng 192.168.99.0 v 192.168.20.0 v metric:
Trn Th T Uyn
45
S cu hnh nh tuyn EIGRP PE-CE
(1) PE2-AS1 kim tra cc thuc tnh nhn c trong tuyn v nu route type l internal v AS ngun khng trng khp hay nu route type l external, tuyn c qu ng b ti CE thnh mt external EIGRP route. Tuyn s khng s dng thng tin extended community v khng xu t pht cng AS. Route type cho 192.168.20.0 l internal v AS ngun l 202 khng trng khp vi cu hnh trn PE1-AS1 (201). Do , PE1-AS1 qung b thnh mt external route ti CE1-A. Route type ca 192.168.99.0 l external nn v th c hai tuyn c qu ng b l external route ti CE1-A. (2) CE1-A nhn cc tuyn 192.168.20.0/24 v 192.168.99.0/24 l cc external route.
Cn lu cc im sau:
Ch cu hnh address family c s dng khi cu hnh EIGRP AS cho VRF.
Cc bc cu hnh khc ging nh cu hnh EIGRP bnh thng, metric mc nh s c gn khi redistribute cc tuyn khng phi l EIGRP (non-EIGRP route). LAB 4-1: Cu hnh nh tuyn EIGRP PE-CE c bn
cho php s dng mt tin trnh EIGRP n (single EIGRP process), EIGRP AS phi c cu hnh trong ch EIGRP address family.
Mc tiu ca bi lab ny l minh ha cu hnh EIGRP PE-CE, vic qu ng b tuyn EIGRP khi cc PE thu c vo cng EIGRP AS v khc EIGRP AS vi mt VRF. Hnh
Trn Th T Uyn
M t
46
sau cho thy mt MPLS VPN cung cp cc dch v MPLS VPN cho cc site ca Customer A v Customer B. Mng ca Customer A Customer A c CE1-A v CE2-A trong cng VPN-A v cng thuc EIGRP AS 101. EIGRP AS 101 c cu hnh cho VRF CustomerA trn PE1-AS1 v PE2-AS1.
Mng ca Customer B Customer B c CE1-B v CE2-B trong cng VPN-B v thu c hai EIGRP AS khc nhau, 201 v 202. PE1-AS1 v PE2-AS1 cu hnh hai EIGRP AS, 201 v 202, cho VRF CustomerB.
Cc b c cu hnh nh tuyn EIGRP PE-CE nh sau:
Thc hin
(1) Cho php tin trnh nh tuyn EIGRP ton cc.
Cho php tin trnh nh tuyn EIGRP ton cc (global EIGRP routing process) trn cc router PE, PE1-AS1 v PE2-AS1.
Trn Th T Uyn
47
(2) nh ng cnh (context) v cc thng s (parameter) cho nh tuyn VRF EIGRP. Cho php cc mng c nh tuyn EIGRP Cu hnh no auto-summary.
nh ng cnh nh tuyn cho VRF CustomerA v CustomerB trong tin trnh EIGRP b c 1.
Thc hin cu hnh cho hai b c (1) v (2):
Cho php mt tin trnh EIGRP c s dng, EIGRP AS phi c cu hnh trong ch cu hnh EIGRP address family. Nhiu VRF c th s dng cng mt gi tr EIGRP AS.
PE1-AS1(config)#router eigrp 1 PE1-AS1(config-router)#address-family ipv4 vrf CustomerB PE1-AS1(config-router-af)# network 172.16.0.0 PE1-AS1(config-router-af)# no auto-summary PE1-AS1(config-router-af)# autonomous-system 201 PE1-AS1(config-router-af)# exit-address-family PE2-AS1(config)#router eigrp 1 PE2-AS1(config-router)# address-family ipv4 vrf CustomerB PE2-AS1(config-router-af)# network 172.16.0.0 PE2-AS1(config-router-af)# no auto-summary PE2-AS1(config-router-af)# autonomous-system 202 PE2-AS1(config-router-af)# exit-address-family (3) Redistribute cc tuyn BGP VPNv4 vo EIGRP. PE1-AS1(config)#router eigrp 1 PE1-AS1(config-router)# address-family ipv4 vrf Cust_A PE1-AS1(config-router-af)# redistribute bgp 1 metric 1000 100 255 1 1500 Thc hin tng t cho CustomerA.
(4) Redistribute cc tuyn EIGRP vo BGP.
PE1-AS1(config)#router bgp 1 PE1-AS1(config-router)#address-family ipv4 vrf Cust_A PE1-AS1(config-router-af)#redistribute eigrp 101 PE2-AS1(config)#router bgp 1 PE2-AS1(config-router)# address-family ipv4 vrf Cust_A PE2-AS1(config-router-af)# redistribute eigrp 101
Cu hnh
Thc hin tng t hon thnh cu hnh cho VRF CustomerA v CustomerB trn cc router PE.
Router P1-AS1
! hostname P1-AS1 ! ip subnet-zero !

Trn Th T Uyn 48
ip cef mpls ldp logging neighbor-changes ! interface Loopback0 ip address 10.10.10.200 255.255.255.255 ! interface Serial0/0 description Connected to PE1-AS1 ip address 10.10.10.2 255.255.255.252 tag-switching ip ! interface Serial0/1 description Connected to PE2-AS1 ip address 10.10.10.6 255.255.255.252 tag-switching ip ! router ospf 1 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! ip http server ip classless ! end Router PE1-AS1
! hostname PE1-AS1 ! ip subnet-zero ! ip vrf CustomerA rd 1:100 route-target export 1:100 route-target import 1:100 ! ip vrf CustomerB rd 1:200 route-target export 1:200 route-target import 1:200 ! ip cef mpls ldp logging neighbor-changes ! interface Loopback0 ip address 10.10.10.101 255.255.255.255 ! interface Serial0/0 description Connected to P1-AS1 ip address 10.10.10.1 255.255.255.252
Trn Th T Uyn
49
tag-switching ip clockrate 64000 no fair-queue ! interface Serial1/1 description Connected to CE1-A ip vrf forwarding CustomerA ip address 172.16.1.1 255.255.255.252 clockrate 64000 ! interface Serial1/3 description Connected to CE1-B ip vrf forwarding CustomerB ip address 192.168.1.1 255.255.255.252 tag-switching ip ! router eigrp 1 auto-summary ! address-family ipv4 vrf CustomerB redistribute bgp 1 metric 1000 100 255 1 1500 network 192.168.1.0 no auto-summary autonomous-system 201 exit-address-family ! address-family ipv4 vrf CustomerA redistribute bgp 1 metric 1000 100 255 1 1500 network 172.16.0.0 no auto-summary autonomous-system 101 exit-address-family ! router ospf 1 router-id 10.10.10.101 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! router bgp 1 no synchronization bgp log-neighbor-changes neighbor 10.10.10.102 remote-as 1 neighbor 10.10.10.102 update-source Loopback0 no auto-summary ! address-family vpnv4 neighbor 10.10.10.102 activate neighbor 10.10.10.102 send-community extended no auto-summary exit-address-family
Trn Th T Uyn
50
! address-family ipv4 vrf CustomerB redistribute eigrp 201 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf CustomerA redistribute eigrp 101 no auto-summary no synchronization exit-address-family ! ip http server ip classless ! end Router PE2-AS1
! hostname PE2-AS1 ! ip subnet-zero ! ip vrf CustomerA rd 1:100 route-target export 1:100 route-target import 1:100 ! ip vrf CustomerB rd 1:200 route-target export 1:200 route-target import 1:200 ! ip cef mpls ldp logging neighbor-changes ! interface Loopback0 ip address 10.10.10.102 255.255.255.255 ! interface Ethernet0/0 no ip address shutdown half-duplex ! interface Serial0/0 no ip address shutdown no fair-queue !
Trn Th T Uyn
51
interface Serial0/1 description Connected to P1-AS1 ip address 10.10.10.5 255.255.255.252 tag-switching ip clockrate 64000 ! interface Serial1/2 description Connected to CE2-A ip vrf forwarding CustomerA ip address 172.16.2.1 255.255.255.252 ! interface Serial1/4 description Connected to CE2-B ip vrf forwarding CustomerB ip address 192.168.2.1 255.255.255.252 clockrate 64000 ! router eigrp 1 auto-summary ! address-family ipv4 vrf CustomerB redistribute bgp 1 metric 1000 100 255 1 1500 network 192.168.2.0 no auto-summary autonomous-system 202 exit-address-family ! address-family ipv4 vrf CustomerA redistribute bgp 1 metric 1000 100 255 1 1500 network 172.16.0.0 no auto-summary autonomous-system 101 exit-address-family ! router ospf 1 router-id 10.10.10.102 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! router bgp 1 no synchronization bgp log-neighbor-changes neighbor 10.10.10.101 remote-as 1 neighbor 10.10.10.101 update-source Loopback0 no auto-summary ! address-family vpnv4 neighbor 10.10.10.101 activate neighbor 10.10.10.101 send-community extended no auto-summary
Trn Th T Uyn
52
exit-address-family ! address-family ipv4 vrf CustomerB redistribute eigrp 202 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf CustomerA redistribute eigrp 101 no auto-summary no synchronization exit-address-family ! ip http server ip classless ! end Router CE1-A
! hostname CE1-A ! ip subnet-zero ! interface Ethernet0/0 description VPN-A Site 1 network ip address 172.16.10.1 255.255.255.0 half-duplex no keepalive ! interface Serial0/0 description Connected to PE1-AS1 ip address 172.16.1.2 255.255.255.252 no fair-queue ! router eigrp 101 network 172.16.0.0 no auto-summary ! ip http server ip classless ! end Router CE2-A
! hostname CE2-A ! interface Ethernet0/0

Trn Th T Uyn
53
description VPN-A Site 2 network ip address 172.16.20.1 255.255.255.0 no ip directed-broadcast no keepalive ! interface Serial0/0 description Connected to PE2-AS1 ip address 172.16.2.2 255.255.255.252 no ip directed-broadcast no ip mroute-cache no fair-queue clockrate 64000 ! router eigrp 101 network 172.16.0.0 no auto-summary ! ip classless ! end Router CE1-B
! hostname CE1-B ! ip subnet-zero ! interface Ethernet0/0 description VPN-B Site 1 network ip address 192.168.10.1 255.255.255.0 no ip directed-broadcast no keepalive ! interface Serial0/0 description Connected to PE1-AS1 ip address 192.168.1.2 255.255.255.252 no ip directed-broadcast no ip mroute-cache no fair-queue clockrate 64000 ! router eigrp 201 network 192.168.1.0 network 192.168.10.0 no auto-summary ! ip classless ! end Router CE2-B
Trn Th T Uyn 54
! hostname CE2-B ! ip subnet-zero ! interface Ethernet0/0 description VPN-B Site 2 network ip address 192.168.20.1 255.255.255.0 no ip directed-broadcast no keepalive ! interface Serial0/0 description Connected to PE2-AS1 ip address 192.168.2.2 255.255.255.252 no ip directed-broadcast no ip mroute-cache no fair-queue ! router eigrp 202 network 192.168.2.0 network 192.168.20.0 no auto-summary ! ip classless ! end Kim tra Cc b c kim tra nh tuyn EIGRP PE-CE nh sau:
(1) Kim tra quan h lng ging (neighbor) EIGRP trn cc router PE. PE1-AS1#show ip eigrp vrf CustomerA neighbors IP-EIGRP neighbors for process 201 H Address Interface Hold Uptime SRTT RTO Q Seq Type (sec) (ms) Cnt Num 0 192.168.1.2 Se1/3 12 05:27:05 214 1284 0 2 PE2-AS1#show ip eigrp vrf CustomerA neighbors IP-EIGRP neighbors for process 202 H Address Interface Hold Uptime SRTT RTO Q Seq Type (sec) (ms) Cnt Num 0 192.168.2.2 Se1/4 11 05:19:21 903 5000 0 2
(2) Kim tra cc thuc tnh BGP m rng gn vi tuyn 192.168.20.0 PE2-AS1#show ip bgp vpnv4 vrf CustomerB 192.168.20.1 BGP routing table entry for 1:200:192.168.20.0/24, version 9 Paths: (1 available, best #1, table CustomerB) Advertised to non peer-group peers: 10.10.10.101 Local
Trn Th T Uyn
55
192.168.2.2 from 0.0.0.0 (10.10.10.102) Origin incomplete, metric 20537600, localpref 100, weight 32768, valid, sourced, best Extended Community: RT:1:200 0x8800:32768:0 0x8801:202:537600 0x8802:62209:20000000 0x8803:62209:1500
PE1-AS1#show ip bgp vpnv4 vrf CustomerB 192.168.20.1 BGP routing table entry for 1:200:192.168.20.0/24, version 17 Paths: (1 available, best #1, table CustomerB) Not advertised to any peer Local 10.10.10.102 (metric 129) from 10.10.10.102 (10.10.10.102) Origin incomplete, metric 20537600, localpref 100, valid, internal, best Extended Community: RT:1:200 0x8800:32768:0 0x8801:202:537600 0x8802:62209:20000000 0x8803:62209:1500
(3) Kim vic qung b tuyn EIGRP cho CustomerA. PE2-AS1#show ip route vrf CustomerA eigrp D
Ta thy EIGRP metric khng i (metric 20537600) khi i qua MP-BGP domain.
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks 172.16.20.0/24 [90/20537600] via 172.16.2.2, 05:18:44, Serial1/2
PE2-AS1#show ip bgp vpnv4 vrf CustomerA 172.16.20.1 BGP routing table entry for 1:100:172.16.20.0/24, version 7 Paths: (1 available, best #1, table CustomerA) Advertised to non peer-group peers: 10.10.10.101 Local 172.16.2.2 from 0.0.0.0 (10.10.10.102) Origin incomplete, metric 20537600, localpref 100, weight 32768, valid, sourced, best Extended Community: RT:1:100 0x8800:32768:0 0x8801:101:537600 0x8802:62209:20000000 0x8803:62209:1500 PE1-AS1#show ip bgp vpnv4 vrf CustomerA 172.16.20.1 BGP routing table entry for 1:100:172.16.10.0/24, version 7 Paths: (1 available, best #1, table CustomerA) Advertised to non peer-group peers: 10.10.10.102 Local 172.16.2.2 from 0.0.0.0 (10.10.10.101) Origin incomplete, metric 20537600, localpref 100, weight 32768, valid, sourced, best Extended Community: RT:1:100 0x8800:32768:0 0x8801:101:537600 0x8802:62209:20000000 0x8803:62209:1500
(4) Kim tra cc tuyn EIGRP trn cc router CE CE1-A#show ip route eigrp
Trn Th T Uyn
56
D D
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks 172.16.20.0/24 [90/21049600] via 172.16.1.1, 04:40:11, Serial0/0 172.16.2.0/30 [90/21024000] via 172.16.1.1, 04:40:11, Serial0/0
CE1-B#show ip route eigrp
(5) Kim tra kt ni gia cc site CE1-A#ping 172.16.20.1
D EX 192.168.20.0/24 [170/3097600] via 192.168.1.1, 04:38:14, Serial0/0 192.168.2.0/30 is subnetted, 1 subnets D EX 192.168.2.0 [170/3097600] via 192.168.1.1, 04:38:14, Serial0/0
Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.20.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 116/116/117 ms CE1-B#ping 192.168.20.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.20.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 116/116/117 ms
Vng lp tuyn (Routing loop) -
Routing loop c th xy ra trong cc trng hp sau:
Mt tuyn nhn c bi mt multihomed site t backbone qua mt kt ni m c th chuyn tip ngc li backbone qua kt ni khc. Mt tuyn xu t pht t mt multihomed site v c gi ti backbone qua mt kt ni c th tr v t mt kt ni khc.
Hnh sau m t mt mng MPLS VPN cho Customer A c 3 site, Site 1, Site 2 v Site 3. Site 3 l multihomed. Site 3 nhn c tuyn EIGRP 172.16.20.0/24 v redistribute li vo backbone ti PE1-AS1.
Multihomed Site gi li cc tuyn cho Backbone
Trn Th T Uyn
57
Th t thc hin khi tuyn EIGRP c gi li vo backbone nh sau: (2) PE2-AS1 qung b 172.16.20.0/24 ti CE4-A qua EIGRP v g i 172.16.20.0/24 bng MP-iBGP session ti PE1-AS1. (1) 172.16.20.0/24 c qu ng b l internal route ti PE2-AS1.
PE1-AS1 phi ra quyt nh chn ng i: -
(4) CE3-A qung b 172.16.20.0/24 l mt EIGRP internal route ti PE1-AS1 Nu cp nht BGP cho 172.16.20.0/24 ti trc, n s redistribute vo EIGRP v gi ti CE3-A. V composite metric tt hn nn n chn ng ny v MPLS VPN khng thm vo gii hn tr (delay) v b ng thng (bandwidth). Ngha l PE1-AS1 s khng bao gi nhn c mt cp nht th hai v ch c mt ng i.
(3) CE4-A qung b 172.16.20.0/24 l mt EIGRP internal route ti CE3-A
H n na, Bng nh tuyn s chn ng c ch s AD (administrative distance) thp hn (EIGRP l 90 hoc 170; iBGP l 200). Backbone gi li tuyn vo Multihomed Site
Nu tuyn EIGRP ti trc, n s redistribute vo BGP v gi li cho PE2AS1. PE2-AS1 vn chn ng c cp nht t EIGRP.
Trng hp truyn 172.16.50.0/24 xut pht t multihomed site c gi ngc li qua kt ni vi PE.
m ra v cc (Count to Infinity)
Tnh trng ny khng x y ra nu mng gi nguyn AD mc nh v PE u tin cho cc tuyn hc t EIGRP hn.
Hnh trn cho th y PE1-AS1 v/hoc PE2-AS1 c hai ng i cho 172.16.50.0/24: mt hc t MP-iBGP v mt hc trc tip bng EIGRP. Nu 172.16.50.0/24 gp s c (down), trnh t x l xy ra nh sau: (1) CE3-A v CE4-A gi ra cc thng ip truy vn (query message).
Trn Th T Uyn
58
(2) Gi s PE1-AS1 c hai ng i nh trn, khi nhn 1 query message n s tr li vi mt ng i lin quan v vn cn hot ng qua MP-iBGP. (3) CE3-A s nhn c mt ng i ti 172.16.50.0/24 qua PE1-AS1. (4) PE1-AS1 nhn c mt thng ip hy tuyn (withdrawal message) t PE2AS1. (6) Query message b t ngun t PE1-AS1 tm mng 172.16.50.0/24. Khi query message n c PE2-AS1, PE2-AS1 va qu ng b mt cp nht tuyn mi n c cho mng 172.16.50.0/24 qua MP-iBGP ti PE1-AS1, PE1-AS1 s to li mt cp nht EIGRP tr li cho cc query trc . (5) PE1-AS1 s hy tuyn m n qu ng b ti CE3-A, router ny qung b thng tin n cho CE4-A, v CE4-A qu ng b li cho PE3-AS1.
Hin tng ny xy ra do AD ca EIGRP tt hn ca iBGP. Mt bng nh tuyn lun lun u tin cho cc tuyn hc c t IGP v c AD nh hn iBGP. Hnh bn di cho thy cc gi d liu t CE1-A ti CE2-A s c chuyn tip bi PE1-AS1 ti cho CE3-A to nn nh tuyn km ti u.
nh tuyn km ti u (Suboptimal Routing)
Hin tng ny c gi l count to infinity.
(7) Tin trnh lp ca cc thng ip reachable/unreachable tip tc n khi qua mt lng ti a cc hop .
Lp tuyn v nh tuyn km ti u c th trnh c b ng cch s dng: -
BGP cost community c th dng p BGP so snh cc tuyn xut pht t EIGRP v cc tuyn MP-iBGP da trn EIGRP metric.
EIGRP Site of Origin (SoO) trn cc router PE v CE c th dng chng lp tuyn.
BGP Cost Community
Trn Th T Uyn
59
BGP CC cho php PE so snh cc tuyn n t cc giao thc khc nhau s dng gi tr AD khc nhau da trn metric ca chng. Cc tuyn BGP mang thuc tnh BGP cost community s dng EIGRP AD thay v iBGP AD so snh m khng cn cu hnh tnh gi tr AD.
BGP cost community (BGP CC) l mt thuc tnh community m rng mi ca BGP. BGP CC l mt thu c tnh non-transitive extended community, n ch qua iBGP v cc confederation peer nhng khng n c external BGP peer.
Cc tuyn c redistribute t EIGRP vo MP-BGP, chng s c nh du (tag) vi thuc tnh BGP cost community mang composite EIGRP metric thm vo cc thu c tnh EIGRP ring. Thu c tnh BGP CC c m t trong hnh sau:
Gi tr im chn (POI point of insertion) chc rng tuyn BGP c chn s dng BGP CC. iu ny cho php so snh cc tuyn iBGP vi cc tuyn EIGRP. BGP CC c th phn bit gia cc tuyn EIGRP internal v external b ng trng ID: internal c ID l 128, external c ID l 129. Tuyn c BGP CC ID nh nht s c chn. Tuyn internal EIGRP c ID thp hn tuyn external. S la chn tuyn th ng da trn gi tr trong trng Cost ca BGP CC v n mang composite EIGRP metric.
Trnh t xy ra vi PE1-AS1 chn ng i tt nht d a trn EIGRP metric v khng d a trn AD gia EIGRP v iBGP (hnh trn): (2) PE2-AS1 chuyn tip tuyn ti CE4-A qua EIGRP v ti PE1-AS1 qua MPiBGP. (1) CE2-A xut pht tuyn 172.16.20.0/24 ti PE2-AS1.
Trn Th T Uyn
60
(3) PE1-AS1 nhn hai cp nht cho 172.16.20.0/24, mt qua EIGRP t CE3-A v mt qua MP-iBGP t PE2-AS1. PE1-AS1 s dng tuyn hc t MP-iBGP nh vo thu c tnh BGP CC. (4) Cc gi t CE1-A ti CE2-A s c chuyn tip bi PE1-AS1 ti PE2-AS1 v bng nh tuyn ca VRF A cha tuyn MP-iBGP, tuyn ny mang composite EIGRP metric nh hn.
EIGRP SoO c thm vo gn vi cc cc tuyn internal v external EIGRP. Thu c tnh ny c trao i t ng gia cc giao thc nh tuyn (SoO-cho php EIGRP v MP-BGP) chng lp tuyn trong mi trng multihome ni c s dng redistribute hai chiu. Tt c cc router CE, hay t nht ti cc multihomed site, phi h tr c tnh ny cho php qu ng b qua VPN. EIGRP SoO c dng trn PE v CE chng lp tuyn hiu qu nht. Cc tuyn backdoor c cu hnh vi EIGRP SoO hi t nhanh nht cho vic mt tuyn.
EIGRP SoO
Cc tuyn c y vo mt multihomed site v b tag vi mt gi tr EIGRP SoO 1:101. Router PE nhn c s kim tra mi cp nht gi tr SoO c cu hnh trn giao tip nhn cp nht . Nu gi tr b ng nhau, cp nht s b hy, gip chng lp tuyn v ti u vic nh tuyn.
Multihomed Site v EIGRP SoO
Trnh t x y ra khi 172.16.20.0/24 c qung b ti CE1-A: (1) CE2-A xut pht mt tuyn 172.16.20.0/24. (2) PE2-AS1 chuyn tip tuyn ti CE4-A qua EIGRP v ti PE1-AS1 qua MPiBGP. Tuyn EIGRP s c tag vi thuc tnh EIGRP SoO 1:101 cc nh tuyn ny n t backbone. (3) CE4-A chuyn tip cp nht 172.16.20.0/24 ti CE3-A.
(4) PE1-AS1 nhn hai cp nht cho 172.16.20.0/24, mt qua EIGRP t CE3-A v mt qua MP-iBGP t PE2-AS1. PE1-AS1 s s dng tuyn hc t BGP; tuyn EIGRP t CE3-A b lc i v c cng gi tr SoO vi giao tip nhn n. Backdoor Link v EIGRP SoO
Trn Th T Uyn 61
Tin trnh chn tuyn nh sau:
(1) CE2-A qung b 172.16.20.0/24 ti PE2-AS1.
(3) PE1-AS1 nhn hai cp nht cho 172.16.20.0, mt qua EIGRP t CE2 v mt qua MP-iBGP t PE2. Cp nht khi i qua backdoor link s mang EIGRP SoO gi tr 1:20 khi qung b ti CE3-A, v CE3-A s dng 1:10 qung b tuyn ny ti PE1-AS1.
(2) PE2-AS1 chuyn tip 172.16.20.0/24, tuyn ny ti CE4-A qua EIGRP v ti PE1-AS1 qua MP-iBGP. Tuyn EIGRP s b tag vi gi tr EIGRP SoO l 1:20 xc nh n n t MPLS backbone v c gi vo Site 4 vi gi tr 1:20.
LAB 4-2: Cu hnh mng s dng BGP CC v EIGRP SoO
(4) PE1-AS1 nhn hai cp nht cho 172.16.20.0/24, mt qua EIGRP t CE3-A vi SoO 1:10, tuyn ny b lc v cha trng gi tr SoO vi giao tip nhn n v ch nhn tuyn qua MP-iBGP t PE2-AS1.
M t
Trn Th T Uyn
62
Cu hnh Router P1-AS1
P1-AS1#show run Building configuration... Current configuration : 970 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname P1-AS1 ! logging queue-limit 100 ! ip subnet-zero ! ip cef mpls ldp logging neighbor-changes ! interface Loopback0 ip address 10.10.10.200 255.255.255.255 ! interface Serial0/0 description Connected to PE1-AS1 ip address 10.10.10.2 255.255.255.252
Trn Th T Uyn
63
tag-switching ip clockrate 64000 ! interface Serial0/1 description Connected to PE2-AS1 ip address 10.10.10.6 255.255.255.252 tag-switching ip ! router ospf 1 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! ip http server ip classless ! end Router PE1-AS1 PE1-AS1#show run Building configuration...
Current configuration : 2084 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname PE1-AS1 ! ip subnet-zero ! ip vrf CustomerA rd 1:100 route-target export 1:100 route-target import 1:100 ! ip cef mpls ldp logging neighbor-changes ! interface Loopback0 ip address 10.10.10.101 255.255.255.255 ! interface Serial0/0 description Connected to P1-AS1 ip address 10.10.10.1 255.255.255.252 tag-switching ip no fair-queue ! interface Serial1/1
Trn Th T Uyn
64
description Connected to CE1-A ip vrf forwarding CustomerA ip address 172.16.1.1 255.255.255.252 clockrate 64000 ! interface Serial1/3 description Connected to CE3-A ip vrf forwarding CustomerA ip vrf sitemap SOO-VPNA ip address 172.16.3.1 255.255.255.252 clockrate 64000 ! router eigrp 1 auto-summary ! address-family ipv4 vrf CustomerA redistribute bgp 1 metric 1000 100 255 1 1500 network 172.16.0.0 no auto-summary autonomous-system 101 exit-address-family ! router ospf 1 router-id 10.10.10.101 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! router bgp 1 no synchronization bgp log-neighbor-changes neighbor 10.10.10.102 remote-as 1 neighbor 10.10.10.102 update-source Loopback0 no auto-summary ! address-family vpnv4 neighbor 10.10.10.102 activate neighbor 10.10.10.102 send-community both no auto-summary exit-address-family ! address-family ipv4 vrf CustomerA redistribute eigrp 101 no auto-summary no synchronization exit-address-family ! ip http server ip classless ! route-map SOO-VPNA permit 10
Trn Th T Uyn
65
set extcommunity soo 1:10 ! call rsvp-sync ! ! end Router PE2-AS1
PE2-AS1#show run Building configuration... Current configuration : 2255 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname PE2-AS1 ! logging queue-limit 100 ! memory-size iomem 10 ip subnet-zero ! ! ! ip vrf CustomerA rd 1:100 route-target export 1:100 route-target import 1:100 ! ip cef mpls ldp logging neighbor-changes ! ! interface Loopback0 ip address 10.10.10.102 255.255.255.255 ! interface Ethernet0/0 no ip address shutdown half-duplex ! interface Serial0/1 description Connected to P1-AS1 ip address 10.10.10.5 255.255.255.252 tag-switching ip clockrate 64000 !
Trn Th T Uyn
66
interface Serial1/2 description Connected to CE2-A ip vrf forwarding CustomerA ip address 172.16.2.1 255.255.255.252 ! interface Serial1/4 description Connected to CE4-A ip vrf forwarding CustomerA ip vrf sitemap SOO-VPNA ip address 172.16.4.1 255.255.255.252 ! ! router eigrp 1 auto-summary ! address-family ipv4 vrf CustomerA redistribute bgp 1 metric 1000 100 255 1 1500 network 172.16.0.0 no auto-summary autonomous-system 101 exit-address-family ! router ospf 1 router-id 10.10.10.102 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! router bgp 1 no synchronization bgp log-neighbor-changes neighbor 10.10.10.101 remote-as 1 neighbor 10.10.10.101 update-source Loopback0 no auto-summary ! address-family vpnv4 neighbor 10.10.10.101 activate neighbor 10.10.10.101 send-community both no auto-summary exit-address-family ! address-family ipv4 vrf CustomerA redistribute eigrp 101 no auto-summary no synchronization exit-address-family ! ip http server ip classless !
Trn Th T Uyn
67
route-map SOO-VPNA permit 10 set extcommunity soo 1:20 ! call rsvp-sync ! ! end Router CE1-A
CE1-A#show run Building configuration... Current configuration : 817 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname CE1-A ! logging queue-limit 100 ! ip subnet-zero ! ! ! mpls ldp logging neighbor-changes ! interface Ethernet0/0 description VPN-A Site 1 network ip address 172.16.10.1 255.255.255.0 half-duplex no keepalive ! interface Serial0/0 description Connected to PE1-AS1 ip address 172.16.1.2 255.255.255.252 ! router eigrp 101 network 172.16.0.0 no auto-summary ! no ip http server ip classless ! call rsvp-sync ! ! end
Trn Th T Uyn
68
Router CE2-A
! hostname CE2-A ! ! memory-size iomem 10 ip subnet-zero ! interface Ethernet0/0 description VPN-A Site 2 network ip address 172.16.20.1 255.255.255.0 no keepalive half-duplex ! interface Serial0/0 description Connected to PE2-AS1 ip address 172.16.2.2 255.255.255.252 clockrate 64000 ! router eigrp 101 network 172.16.0.0 no auto-summary no eigrp log-neighbor-changes ! ip classless ip http server ! call rsvp-sync ! end Router CE3-A
CE3-A#show run Building configuration... Current configuration : 1034 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname CE3-A ! logging queue-limit 100 ! ip subnet-zero ! ! no ip domain lookup
Trn Th T Uyn 69
! mpls ldp logging neighbor-changes ! interface Ethernet0/0 description VPN-A Site 3 network ip address 172.16.30.1 255.255.255.0 half-duplex no keepalive ! interface Serial0/0 description Connected to PE1-AS1 ip address 172.16.3.2 255.255.255.252 no ip mroute-cache no fair-queue ! interface Serial0/1 description Connected to CE4-A bandwidth 1000 ip vrf sitemap SOO-VPNA ip address 172.16.5.1 255.255.255.252 clockrate 64000 ! router eigrp 101 network 172.16.0.0 no auto-summary ! no ip http server ip classless ! route-map SOO-VPNA permit 10 set extcommunity soo 1:10 ! ! call rsvp-sync ! end Router CE4-A
CE4-A#show running-config Building configuration... Current configuration : 1061 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname CE4-A !
Trn Th T Uyn 70
logging queue-limit 100 ! ip subnet-zero ! ! ! mpls ldp logging neighbor-changes ! interface Ethernet0/0 description VPN-A Site 4 network ip address 172.16.40.1 255.255.255.0 half-duplex no keepalive ! interface Serial0/0 description Connected to PE2-AS1 ip address 172.16.4.2 255.255.255.252 clockrate 64000 no fair-queue ! interface Serial0/1 description Connected to CE3-A bandwidth 1000 ip vrf sitemap SOO-VPNA ip address 172.16.5.2 255.255.255.252 ! router eigrp 101 network 172.16.0.0 no auto-summary ! ip http server ip classless ! route-map SOO-VPNA permit 10 set extcommunity soo 1:200 ! ! call rsvp-sync ! end Kim tra (1) Kim tra ng i CE1-A#traceroute 172.16.20.1 Type escape sequence to abort. Tracing the route to 172.16.20.1 1 172.16.1.1 16 msec 16 msec 16 msec 2 172.16.3.2 28 msec 28 msec 28 msec
Trn Th T Uyn
71
3 172.16.5.2 44 msec 40 msec 44 msec 4 172.16.4.1 56 msec 56 msec 56 msec 5 172.16.2.2 68 msec 68 msec * CE1-A#traceroute 172.16.40.1 Type escape sequence to abort. Tracing the route to 172.16.40.1 1 172.16.1.1 16 msec 16 msec 16 msec 2 172.16.3.2 28 msec 28 msec 28 msec 3 172.16.5.2 80 msec 40 msec * CE3-A#traceroute 172.16.20.1 Type escape sequence to abort. Tracing the route to 172.16.20.1 1 172.16.5.2 16 msec 16 msec 16 msec 2 172.16.4.1 28 msec 28 msec 28 msec 3 172.16.2.2 45 msec * 41 msec CE3-A#traceroute 172.16.40.1 Type escape sequence to abort. Tracing the route to 172.16.40.1 (2) Kim tra cc thu c tnh BGP extended community PE1-AS1#show ip bgp vpnv4 vrf CustomerA 172.16.20.1 BGP routing table entry for 1:100:172.16.20.0/24, version 19 Paths: (2 available, best #2, table CustomerA) Advertised to non peer-group peers: 10.10.10.102 Local 10.10.10.102 (metric 129) from 10.10.10.102 (10.10.10.102) Origin incomplete, metric 20537600, localpref 100, valid, internal Extended Community: RT:1:100 0x8800:32768:0 0x8801:101:537600 0x8802:32769:20000000 0x8803:32769:1500 Local 172.16.3.2 from 0.0.0.0 (10.10.10.101) Origin incomplete, metric 22073600, localpref 100, weight 32768, valid, sourced, best Extended Community: SoO:1:10 RT:1:100 0x8800:32768:0 0x8801:101:2073600 0x8802:32772:20000000 0x8803:32769:1500 PE1-AS1#show ip bgp vpnv4 vrf CustomerA 172.16.40.1 BGP routing table entry for 1:100:172.16.40.0/24, version 13 Paths: (2 available, best #2, table CustomerA) Advertised to non peer-group peers: 10.10.10.102 Local
Trn Th T Uyn
1 172.16.5.2 16 msec * 13 msec
72
10.10.10.102 (metric 129) from 10.10.10.102 (10.10.10.102) Origin incomplete, metric 20537600, localpref 100, valid, internal Extended Community: SoO:1:20 RT:1:100 0x8800:32768:0 0x8801:101:537600 0x8802:61697:20000000 0x8803:61697:1500 Local 172.16.3.2 from 0.0.0.0 (10.10.10.101) Origin incomplete, metric 21049600, localpref 100, weight 32768, valid, sourced, best Extended Community: SoO:1:10 RT:1:100 0x8800:32768:0 0x8801:101:1049600 0x8802:61698:20000000 0x8803:61697:1500 PE2-AS1#show ip bgp vpnv4 vrf CustomerA 172.16.10.0 BGP routing table entry for 1:100:172.16.10.0/24, version 16 Paths: (2 available, best #2, table CustomerA) Advertised to non peer-group peers: 10.10.10.101 Local 10.10.10.101 (metric 129) from 10.10.10.101 (10.10.10.101) Origin incomplete, metric 20537600, localpref 100, valid, internal Extended Community: RT:1:100 0x8800:32768:0 0x8801:101:537600 0x8802:32769:20000000 0x8803:32769:1500 Local 172.16.4.2 from 0.0.0.0 (10.10.10.102) Origin incomplete, metric 22073600, localpref 100, weight 32768, valid, sourced, best Extended Community: SoO:1:20 RT:1:100 0x8800:32768:0 0x8801:101:2073600 0x8802:32772:20000000 0x8803:32769:1500 PE2-AS1#show ip bgp vpnv4 vrf CustomerA 172.16.30.0 BGP routing table entry for 1:100:172.16.30.0/24, version 18 Paths: (2 available, best #2, table CustomerA) Advertised to non peer-group peers: 10.10.10.101 Local 10.10.10.101 (metric 129) from 10.10.10.101 (10.10.10.101) Origin incomplete, metric 20537600, localpref 100, valid, internal Extended Community: SoO:1:10 RT:1:100 0x8800:32768:0 0x8801:101:537600 0x8802:32769:20000000 0x8803:32769:1500 Local 172.16.4.2 from 0.0.0.0 (10.10.10.102) Origin incomplete, metric 21049600, localpref 100, weight 32768, valid, sourced, best Extended Community: SoO:1:20 RT:1:100 0x8800:32768:0 0x8801:101:1049600 0x8802:32770:20000000 0x8803:32769:1500 CE3-A#show ip route eigrp D D 172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks 172.16.40.0/24 [90/3097600] via 172.16.5.2, 00:45:57, Serial0/1 172.16.20.0/24 [90/21561600] via 172.16.5.2, 00:28:44, Serial0/1
(3) Kim tra b ng nh tuyn
Trn Th T Uyn
73
D D D D
172.16.10.0/24 [90/21049600] via 172.16.3.1, 00:37:54, Serial0/0 172.16.4.0/30 [90/3584000] via 172.16.5.2, 00:29:46, Serial0/1 172.16.1.0/30 [90/21024000] via 172.16.3.1, 00:37:56, Serial0/0 172.16.2.0/30 [90/21536000] via 172.16.5.2, 00:28:47, Serial0/1
CE4-A#show ip route eigrp D D D D D D 172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks 172.16.30.0/24 [90/3097600] via 172.16.5.1, 00:49:26, Serial0/1 172.16.20.0/24 [90/21049600] via 172.16.4.1, 00:32:12, Serial0/0 172.16.10.0/24 [90/21561600] via 172.16.5.1, 00:41:22, Serial0/1 172.16.1.0/30 [90/21536000] via 172.16.5.1, 00:41:25, Serial0/1 172.16.2.0/30 [90/21024000] via 172.16.4.1, 00:32:15, Serial0/0 172.16.3.0/30 [90/3584000] via 172.16.5.1, 00:42:40, Serial0/1
Trn Th T Uyn
74
OSPF PE-CE c pht trin h tr cc ISP cung cp cc d ch v MPLS VPN cho khch hng khi khch hng trin khai OSPF nh tuyn bn trong site ca h, khi OSPF c s dng nh giao thc nh tuyn gia cc site khch hng (inter-site routing protocol) trong mt mi trng MPLS VPN. M hnh nh tuyn OSPF truyn thng: Min OSPF truyn thng chia thnh mt backbone (area 0) v cc non-backbone v cc non-backbone kt ni vi area 0.
Chng 5: GIAO THC NH TUYN OSPF PE-CE
Customer A thc hin m hnh OSPF truyn thng, trong cc non-backbone area (Area 1 v Area 2) thuc Site 1 v Site 2 v c kt ni vo backbone area (Area 0)
Trong mt mi trng MPLS VPN, cc mng ca khch hng c kt ni vo mt backbone ca nh cung cp. Trong hnh trn, cc area ca Customer A (Area 1 v 2) kt ni vo mng MPLS VPN ca nh cung cp. Area 1 v Area 2 c router CE1-A v CE2-A chy giao thc nh tuyn OSPF. MP-iBGP c s dng gia PE1 v PE2 qu ng b cc tuyn gia Site 1 (Area 1) v Site 2 (Area 2). Thc hin phn phi (redistribute) OSPF-BGP ti cc router PE, PE1 v PE2. Qu trnh thc hin nh sau: (1) Mng 172.16.10.0/24 c CE1-A qung b ti PE1 bng LSA (link-state advertisement) Type 1 v Type 2.
Trn Th T Uyn
75
Do , lo i tuyn OSPF (LSA Type) khng c duy tr khi tuyn OSPF c redistribute vo BGP. Trong mi trng MPLS VPN, cc nguyn tc d nh tuyn OSPF truyn thng vn c s dng. Tuy nhin, mt s c tnh sau y ca tuyn OSPF external b thay i khi khch hng chuyn t nh tuyn OSPF truyn thng sang m hnh MPLS VPN: -
(2) Ti PE1, tuyn 172.16.10.0/24 c redistribute vo BGP. Sau tuyn ny c qu ng b nh l mt tuyn VPNv4 ti PE2. (3) Ti PE2 a ch BGP VPNv4 172.16.10.0/24 c redistribute vo OSPF. (4) Sau tuyn 172.16.10.0/24 c qu ng b nh mt tuyn OSPF vi LSA Type 5.
Khi thc thi OSPF vi MPLS VPN, khch hng c th c nhiu site trong Area 0. Do hi khc vi cu trc OSPF truyn thng - mt backbone Area 0 v nhiu nonbackbone area cn ni vo Area 0 ny.
Cc tuyn internal, khng quan tm n cost ca chng, lun c u tin hn tuyn external. Cc tuyn external khng c tm tt (summary). Cc tuyn external c flood ra mi OSPF area. Cc tuyn External c th dng mt lo i metric khc, khng th so snh vi OSPF cost. Cc tuyn External LSA Type 5 khng c thm vo mt stub area hay not-so-stubby area (NSSA).
Kin trc MPLS VPN cho nh tuyn OSPF PE-CE c m rng cho php s chuyn i khch hng mt cch trong su t t nh tuyn OSPF truyn thng sang m hnh nh tuyn MPLS VPN b ng cch gii thiu mt backbone khc vi OSPF Area 0. Backbone ny c gi l OSPF hay MPLS VPN superbackbone.
MPLS VPN hay khi nim OSPF Superbackbone
Trn Th T Uyn
76
Cc non-backbne area, Area 1 v Area 2, kt ni trc tip vo MPLS VPN superbackbone c chc nng nh mt OSPF Area 0. Do , khng yu cu mt Area 0 nh min OSPF truyn thng. Area 0 ch c yu cu khi router PE kt ni vo hai non-backbone area khc nhau cng thu c vo mt OSPF domain trn mt PE router. Cc router PE, PE1 v PE2, kt ni cc OSPF area trong min khch hng vo superbackbone, gi vai tr l ABR (OSPF Area Border Router) cho cc thit b trong min OSPF ca khch hng. Cc router CE, CE1 v CE2, khng nhn bit c b t k min OSPF no khc trong MPLS VPN superbackbone.
Cc BGP Extended Community cho nh tuyn OSPF PE-CE
Khng c cc ln cn OSPF (OSPF adjacencies) hay s flooding trong MPLS VPN superbackbone cho cc site khch hng kt ni vo superbackbone, tr khi s dng OSPF sham-link.
MPLS VPN superbackbone s d ng MP-iBGP gia cc PE. Thng tin OSPF c mang i trong MPLS VPN backbone bng cc BGP extended community. Cc extended community ny c thit lp v s dng bi cc router PE.
Trong MPLS VPN superbackbone, cc thuc tnh m rng ca BGP (BGP extended attribute) sau c mang theo: -
OSPF Route Type qung b thng tin loi tuyn OSPF qua MP-iBGP backbone. Hnh bn di cho thy thuc tnh community m rng OSPF route type v chi tit OSPF route type cho mng 172.16.20.0, 192.168.99.0 v 192.168.199.0. OSPF router ID xc nh router ID ca PE trong VRF instance ca OSPF c lin quan. a ch ny khng tham gia vo khng gian a ch ca nh cung cp v l duy nht trong mng OSPF.
OSPF domain ID xc nh min ca mt a ch mng OSPF c th trong MPLS VPN backbone. Mc nh, gi tr ny bng vi gi tr ca OSPF process ID v c th thit lp li bng lnh: Router(config-router)#domain ID ip-address. Nu domain ID ca tuyn khng trng khp domain ID ca PE nhn, tuyn c chuyn thnh tuyn OSPF ngoi (LSA Type 5) vi
Trn Th T Uyn
77
metric-type E2 trong bng VRF. Mi tuyn gia cc min OSPF c nhn bit l LSA Type 5.
Trn Th T Uyn
78
OSPF Domain ID ging nhau trn cc router PE.
Qu ng b tuyn OSPF trong mi trng MPLS VPN khng ging nh trong m hnh nh tuyn OSPF v ph thu c vo OSPF domain ID. Mc nh, OSPF domain ID bng vi process ID trn PE router. Domain ID c thit lp trong cp nht VPNv4 khi tuyn OSPF c redistribute vo MP-iBGP.
Qung b tuyn OSPF qua MPLS VPN Superbackbone
Hnh sau m t mt mng MPLS cung cp dch v MPLS VPN cho CustomerA. Cc router CE1-A v CE2-A cc mng 172.16.10.0/24 v 172.16.20.0/24 ti site khch hng thuc vo Area 1 v Area 2 trong khi kt ni PE-CE c hai site thuc vo Area 0. OSPF process ID trn c hai router PE l 101. CE2-A l mt ASBR gia min OSPF v hai min RIPv2 v EIGRP (AS 101).
Trn Th T Uyn 79
Qu trnh th c hin khi CE2-A gi 172.16.20.0/24, 209.165.201.0/27 v 209.165.202.128/27 ti CE1-A:
(1) CE2-A redistribute mng RIPv2 209.165.201.0 vo OSPF v qung b v i LSA Type 5 c metric-type loi 1 (O E1) cho PE2-AS1. Mng EIGRP 209.165.202.128/27 c redistribute ti CE2-A v qung b ti PE2-AS1 vi LSA Type 5 (O E2). CE2-A cng gi 172.16.20.0/24 vi LSA Type 3 (O IA) ti PE2-AS1. (2) Bng nh tuyn VRF CustomerA trn PE2-AS1 nhn c tuyn 172.16.20.0/24 nh l mt tuyn lin vng (O IA- OSPF Inter-Area route) vi OSPF metric (cost) 74, 209.165.201.0/27 l tuyn ngoi min loi 1 (O E1) metric 84 v tuyn 209.165.202.128/27 vi metric 20.
(3) OSPF cost cho 172.16.20.0/24, 209.165.201.0/27, v 209.165.202.128/27 c sao chp vo cc thu c tnh m rng ca BGP (extended BGP attributes) nh BGP MED khi OSPF c redistribute vo MP-BGP. Cc tuyn 172.16.20.0, 209.165.201.0/27, v 209.165.202.128/27 c qung b ti PE1-AS1 qua MP-iBGP session. (4) PE1-AS1 nhn cc tuyn BGP VPNv4 172.16.20.0/24, 209.165.201.0/27 v 209.165.202.128/27 t PE2-AS1 v thm vo b ng BGP. OSPF metric cho cc tuyn vn c gi nguyn khi qu ng b qu MP-BGP backbone.
(5) Router PE nhn, PE1-AS1 redistribute cc tuyn MP-BGP vo OSPF, kim tra domain ID, v nu domain ID ca tuyn trng khp domain ID trn router nhn, PE1-AS1, n dng LSA gc v thu c tnh MED pht sinh mt LSA Type 3. y, domain ID trng khp vi domain ID ca PE1-AS1 nn PE1AS1 cu trc li cp nht gc v cp nht metric da trn giao tip ng ra v qung b 172.126.20.0/24 l mt tuyn lin vng (O IA) ti CE1-A. 209.165.201.0/27 v 209.165.202.128/27 c qung b l tuyn lin min (O E1 v O E2) ti CE1-A.
Trn Th T Uyn
80
(6) CE1-A nhn 172.16.20.0 209.165.202.128/27 (O E2).
(O
IA),
209.165.201.0/27
(O
E1)
Nu process ID khc nhau trn cc router PE cho cc site thuc cng VPN, cc tuyn OSPF c xem nh cc tuyn OSPF ngoi (OSPF LSA Type 5). Khi PE1-AS1 trong OSPF Area 1 s dng OSPF process ID 201 cho Site 1 thu c VPN VPN-A, v PE2AS1 trong OSPF Area 2 s dng OSPF process ID 202 cho Site 2 thuc VPN VPN-A th ti Site 1 v Site 2 s thy cc tuyn bn ngoi (O E).
SPF Domain ID khc nhau trn cc router PE
Th t th c hin khi CE2-A gi 192.168.20.0, 192.168.99.0 v 192.168.199.0 ti CE1-A:
(1) CE2-A redistribute mng RIPv2 192.168.99.0 vo OSPF v qu ng b n vi mt LSA type 5 (O E1) ti PE2-AS1. Mng EIGRP 192.168.199.0/24 c redistribute v qung b vi OSPF LSA Type 5 (O E2). CE2-A cng g i 192.168.20.0/24 ti PE2-AS1. (2) Bng nh tuyn VRF CustomerA trn PE2-AS1 th y cc tuyn nhn c: 192.168.20.0 vi metric 74, 192.168.99.0/24 (O E2) c metric 84 v 192.168.199.0/24 c metric 20.
(3) PE2-AS1 redistribute cc tuyn OSPF 192.168.20.0, 192.168.99.0, 192.168.199.0 vo MP-BGP, sao chp OSPF cost cho cc tuyn ny vo thuc tnh MED (multi-exit discriminator), v thit lp community m rng ca BGP l RT (route type) ch nh lo i LSA t ngu n ca tuyn, cng nh thu c tnh OSPF domain ID ch nh ch s tin trnh (process number) ca tin trnh OSPF ngun (source OSPF process). OSPF RT mang thng tin vng gc (original area), loi LSA v metric-type ca LSA loi 5. (4) PE1-AS1 nhn cc tuyn BGP VPNv4 192.168.20.0, 192.168.99.0, v 192.168.199.0 vi cng thng tin metric t PE2-AS1. Thm thng tin nhn c vo bng BGP.
Trn Th T Uyn
81
Cu hnh OSPF domain ID lm thay i hnh vi (behavior) ca tuyn cho cc kt ni VPN vi nhiu OSPF domain. Cu hnh domain ID gip kim sot vic chuyn i LSA (cho LSA Type 3 v Type 5) gia cc OSPF domain v ng backdoor. Domain ID ngm nh l 0.0.0.0. Mi bng nh tuyn VPN trn mt router PE tng ng vi mt OSPF routing instance c cu hnh vi cng OSPF domain ID. V th, Domain ID c dng cc nh cc tuyn c ngu n gc t OSPF domain hay t cc giao thc nh tuyn bn ngoi da trn LSA. Trong hnh trn, tht kh xc nh tuyn no thuc OSPF domian, tuyn no thuc min nh tuyn bn ngoi. Trong hnh sau, cu hnh domain ID ging nhau trn PE1-AS1 v PE2-AS1, chng ta c th xc nh chnh xc ngu n gc ca cc tuyn.
nh hng ca vic cu hnh OSPF Domain ID trn router PE
(6) CE1-A nhn cc tuyn qu ng b ti.
(5) PE2-AS1 kim tra thu c tnh nhn c trong tuyn, v v domain ID ca tuyn khng trng khp vi domain ID trn router nhn nn tuyn c chuyn i thnh tuyn ngoi (LSA Type 5). Trong trng hp ny, domain ID trng khp vi domain ID trn PE1-AS1 nn PE1-AS1 s ti cu trc li cp nht gc v cp nht metric da trn cc giao tip ng ra v qu ng b li cho CE1-A.
Lp tuyn (routing loop) c th x y ra trong mi trng MPLS VPN khi cc router bin pha khch hng kt ni dng dual-home ti mng ca nh cung cp. Hnh bn di cho th y mt mng MPLS thc thi nh tuyn OSPF PE-CE cho nhiu site ca Customer A VPN-A, Stie 1 v Site 2. Site 2 nm trong OSPF Area 2 v c nhiu kt ni ti backbone ca nh cung cp.
OSPF Down Bit
Trn Th T Uyn
82
Vic qung b tuyn y khng thit lp OSPF Down Bit:
(1) CE1-A gi mt LSA Type 1 ho c LSA Type 2 ti router bin ca nh cung cp (PE1). (2) PE1 nhn tuyn OSPF ni vng (intra-areaa) t CE1-A v redistribute vo MP-BGP.
(4) Tuyn tm tt c qu ng b qua vng OSPF v c nhn bi PE3, trong cng Area 2.
(3) PE2 nhn c v redistribute tuyn MP-BGP vo OSPF Area 2 nh l mt tuyn lin vng (inter-area summary route) LSA Type 3.
C th ngn routing loop bng cch s d ng OSPF Down Bit, mt phn ca trng option trong OSPF header.
(5) PE3 chn tuyn OSPF, v AD (administrative distance) ca OSPF tt hn ca MP-iBGP. PE3 redistribute tuyn OSPF ngc vo MP-BGP nn x y ra routing loop.
Trn Th T Uyn
83
OSPF Down Bit c s dng chng routing loop:
Qu trnh qung b tuyn khi OSPF Down Bit c thit lp: (2) PE1 nhn tuyn OSPF ni vng (intra-area OSPF route) t CE1-A v redistribute vo MP-BGP. (3) PE2 nhn c v redistribute tuyn MP-BGP vo OSPF Area 2 vi LSA Type 3 v thit lp OSPF Down Bit. (4) Tuyn ny c qung b qua OSPF area v PE3 nhn c. (1) CE1-A gi LSA Type 1 hoc Type 2 ti PE1.
(5) Khi PE3 nhn LSA Type 3 vi Down Bit c thit lp th PE3 khng redistribute li vo MP-BGP. OSPF Route Tag hay VPN Route Tag
Trn Th T Uyn
84
Mt router khng chy MPLS (non-MPLS router) c th redistribute tuyn OSPF vo min OSPF khc. Tuyn OSPF c qu ng b qua min OSPF khc m khng c Down Bit. Mt router PE nhn c tuyn OSPF. Khi khng c Down Bit, tuyn li c redistribute vo MP-BGP backbone v gy ra routing loop. iu ny c th hin trong hnh sau vi cc tuyn ngoi c qung b vo cc VPN site.
Down Bit gip ngn lp tuyn gia MP-BGP v OSPF, nhng khng hiu qu vi cc tuyn ngoi (external route), nh khi redistribute gia nhiu OSPF domain hay xen external route vo mt vng c kt ni dual-homed ti mng ca nh cung cp. PE redistribute mt tuyn OSPF t cc min OSPF khc nhau vo mt min OSPF thnh cc external route. Down Bit khng c thit lp v LSA Type 5 khng h tr Down Bit. Tuyn c redistribute c qu ng b qua OSPF domain.
Cc b c thc hin nh sau:
(2) PE2-AS1 nhn tuyn OSPF ngoi (O E1) t CE2-A vi OSPF Down Bit c thit lp v redistribute n vo MP-BGP. (3) Gi s router nhn c l PE1-AS1, v n c redistribute ti mt min OSPF khc (201) nn PE1-AS1 xa OSPF Down Bit v qung b tuyn ti CE1-A nh l mt tuyn ngoi (O E1), LSA Type 5.
(1) CE2-A gi mt LSA Type 5 cho 209.165.201.0/27 ti PE2-AS1.
Routing loop xy ra cho cc tuyn redistribute gia cc min OSPF c th c gii quyt bng trng Tag, s dng cc nguyn tc redistribute BGP-OSPF chun. Mt tuyn khng phi OSPF (non-OSPF route) c redistribute nh l mt external OSPF route b i cc router PE. Mc nh, trng Tag c thit lp theo gi tr ca BGP-AS. Tuyn c redistibute s c qung b qua OSPF domain m khng c Down Bit nhng c thit lp trng Tag. Khi route c redistibute vo min OSPF domain th trng Tag cng c qung b. Cc router PE khc nhn c thc hin lc tuyn da trn trng Tag. Nu trng Tag trng khp vi ch s AS th tuyn khng c redistribute li vo MP-BGP.
Trn Th T Uyn
(6) PE3-AS1 qung b tuyn ny ti cho PE1-AS1 v PE2-AS1 nn c th xy ra routing loop.
(5) PE3-AS1 nhn c tuyn ny v redistribute tr vo MP-BGP.
(4) CE1-A nhn tuyn khng c thit lp OSPF Down Bit v qu ng b external route ti PE3-AS1.
85
C cu hnh thc thi nh tuyn OSPF PE-CE nh sau:
Cu hnh v kim chng nh tuyn OSPF PE-CE
Cc phin b n Cisco IOS trc 12.3(4)T, 12.0(27)S v 12.2(25)S c gii hn 32 tin trnh ring bit to ra cho mi VRF cc PE c th xc nh ng cc tuyn OSPF thu c vo tin trnh no. Trong mi trng MPLS VPN, mt tin trnh c s dng bi MP-iBGP, mt cho giao thc nh tuyn IGP (v d: OSPF), mt tin trnh cho cc tuyn ni trc tip (connected route) v mt tuyn cho tuyn tnh (static route). Do , ch cn li 28 tin trnh c th c to cho cc VRF s dng nh tuyn OSPF PE-CE. LAB 5-1 Cu hnh nh tuyn OSPF PE-CE
Ch :
OSPF process ID ging nhau Customer A v khc nhau Customer B Mc tiu ca bi ny l hiu c cch OSPF process ID tham gia quyt nh lo i tuyn thy c pha router bin ca khch hng ch y OSPF nh th no. Mng Customer A Customer A c CE2-A v CE2-A trong cng VPN-A v cng OSPF domain. PE1-AS1 v PE2-AS1 c OSPF process ID 101 c cu hnh cho VRF CustomerA trn PE1-AS1 v PE2-AS1. M t:
Mng Customer B Customer B c CE1-B v CE2-B trong VPN-B. PE1-AS1 v PE2-AS1 c OSPF process ID l 201 v 202 cho hai CustomerB VRF.
Trn Th T Uyn
86
Trc khi cu hnh, chc chn rng mng nh cung cp cung cp cc dch v MPLS VPN cho cc Site CustomerA v B. Cu hnh a ch IP v xc nh cc VRF trn cc router PE. V d: Cu hnh VRF v cc thuc tnh ca n trn router PE1-AS1 nh tuyn OSPF PE-CE cho VRF CustomerA:
Thc hin:
PE1-AS1(config)#ip vrf CustomerA PE1-AS1(config-vrf)# rd 1:100 PE1-AS1(config-vrf)# route-target both 1:100 PE1-AS1(config)#interface Serial1/0 PE1-AS1(config-if)# description connected to CE1-A PE1-AS1(config-if)# ip vrf forwarding CustomerA PE1-AS1(config-if)# ip address 172.16.1.1 255.255.255.252
Trn Th T Uyn
87
Cc b c cu hnh OSPF PE-CE trn cc router PE:
(1) Cho php d nh tuyn trn VRF OSPF
Cho php nh tuyn trn VRF OSPF cho CustomerA trn PE1-AS1 v PE2AS1: PE1-AS1(config)#router ospf 101 vrf CustomerA PE1-AS1(config-router)# router-id 172.16.101.1 PE1-AS1(config-router)# network 172.16.0.0 0.0.255.255 area 0 PE2-AS1(config)#router ospf 101 vrf CustomerA PE2-AS1(config-router)# router-id 172.16.102.1 PE2-AS1(conig-router)# network 172.16.0.0 0.0.255.255 area 0 Cc tuyn OSPF nhn c t cc router CE c redistribute vo MP-iBGP. Ch redistribute nhng tuyn ni (internal routes). PE1-AS1(config)#router bgp 1 PE1-AS1(config-router)#address-family ipv4 vrf CustomerA PE1-AS1(config-router-af)#redistribute ospf 101 vrf CustomerA match internal external 1 external 2
(2) Redistribute cc tuyn OSPF vo BGP
PE2-AS1(config)#router bgp 1 PE2-AS1(config-router)#address-family ipv4 vrf CustomerA PE2-AS1(config-router-af)#redistribute ospf 101 vrf CustmerA match internal external 1 external 2 (3) Redistribute MP-iBGP vo OSPF Thc hin redistribute cc tuyn BGP VPNv4 vo li OSPF trn cc router PE. PE1-AS1(config)#router ospf 100 vrf CustomerA PE1-AS1(config-router)# redistribute bgp 1 subnets Cu hnh tng t vi nh tuyn VRF OSPF cho CustomerB PE2-AS1(config)#router ospf 100 vrf CustomerA PE2-AS1(config-router)# redistribute bgp 1 subnets
Cu hnh
Router P1-AS1
! hostname P1-AS1 ! ip subnet-zero ! ip cef mpls ldp logging neighbor-changes ! interface Loopback0 ip address 10.10.10.200 255.255.255.255 ! interface Serial0/0
Trn Th T Uyn
88
description Connected to PE1-AS1 ip address 10.10.10.2 255.255.255.252 tag-switching ip clockrate 64000 ! interface Serial0/1 description Connected to PE2-AS1 ip address 10.10.10.6 255.255.255.252 tag-switching ip clockrate 64000 ! router ospf 1 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! ip classless ! call rsvp-sync ! end Router PE1-AS1
! hostname PE1-AS1 ! ip subnet-zero ! ip vrf CustomerA rd 1:100 route-target export 1:100 route-target import 1:100 ! ip vrf CustomerB rd 1:200 route-target export 1:200 route-target import 1:200 ! ip cef mpls ldp logging neighbor-changes ! interface Loopback0 ip address 10.10.10.101 255.255.255.255 ! interface Loopback101 description OSPF Router ID for VRF CustomerA ip vrf forwarding CustomerA ip address 172.16.101.1 255.255.255.255 ! interface Loopback201 description OSPF Router ID for VRF CustomerB
Trn Th T Uyn
89
ip vrf forwarding CustomerB ip address 192.168.201.1 255.255.255.255 ! interface Serial0/0 description Connected to P1-AS1 ip address 10.10.10.1 255.255.255.252 tag-switching ip ! interface Serial1/1 description Connected to CE1-A ip vrf forwarding CustomerA ip address 172.16.1.1 255.255.255.252 clockrate 64000 ! interface Serial1/3 description Connected to CE1-B ip vrf forwarding CustomerB ip address 192.168.1.1 255.255.255.252 ! router ospf 101 vrf CustomerA router-id 172.16.101.1 log-adjacency-changes redistribute bgp 1 subnets network 172.16.0.0 0.0.255.255 area 0 ! router ospf 201 vrf CustomerB router-id 192.168.201.1 log-adjacency-changes redistribute bgp 1 subnets network 192.168.0.0 0.0.255.255 area 1 ! router ospf 1 router-id 10.10.10.101 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! router bgp 1 no synchronization bgp log-neighbor-changes neighbor 10.10.10.102 remote-as 1 neighbor 10.10.10.102 update-source Loopback0 no auto-summary ! address-family vpnv4 neighbor 10.10.10.102 activate neighbor 10.10.10.102 send-community extended no auto-summary exit-address-family ! address-family ipv4 vrf CustomerB
Trn Th T Uyn
90
redistribute ospf 201 match internal external 1 external 2 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf CustomerA redistribute ospf 101 match internal external 1 external 2 no auto-summary no synchronization exit-address-family ! ip http server ip classless ! end Router PE2-AS1
! hostname PE2-AS1 ! ip subnet-zero ! ip vrf CustomerA rd 1:100 route-target export 1:100 route-target import 1:100 ! ip vrf CustomerB rd 1:200 route-target export 1:200 route-target import 1:200 ! ip cef mpls ldp logging neighbor-changes ! interface Loopback0 ip address 10.10.10.102 255.255.255.255 ! interface Loopback101 description OSPF Router ID for VRF CustomerA ip vrf forwarding CustomerA ip address 172.16.102.1 255.255.255.255 ! interface Loopback202 description OSPF Router ID for VRF CustomerB ip vrf forwarding CustomerB ip address 192.168.202.1 255.255.255.255 ! interface Serial0/1
Trn Th T Uyn
91
description Connected to P1-AS1 ip address 10.10.10.5 255.255.255.252 tag-switching ip ! interface Serial1/0 description Connected to CE2-A ip vrf forwarding CustomerA ip address 172.16.2.1 255.255.255.252 clockrate 64000 ! interface Serial1/2 description Connected to CE2-B ip vrf forwarding CustomerB ip address 192.168.2.1 255.255.255.252 clockrate 64000 ! router ospf 101 vrf CustomerA router-id 172.16.102.1 log-adjacency-changes redistribute bgp 1 subnets network 172.16.0.0 0.0.255.255 area 0 ! router ospf 202 vrf CustomerB router-id 192.168.202.1 log-adjacency-changes redistribute bgp 1 subnets network 192.168.0.0 0.0.255.255 area 2 ! router ospf 1 router-id 10.10.10.102 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! router bgp 1 no synchronization bgp log-neighbor-changes neighbor 10.10.10.101 remote-as 1 neighbor 10.10.10.101 update-source Loopback0 no auto-summary ! address-family vpnv4 neighbor 10.10.10.101 activate neighbor 10.10.10.101 send-community extended no auto-summary exit-address-family ! address-family ipv4 vrf CustomerB redistribute ospf 202 match internal external 1 external 2 no auto-summary no synchronization
Trn Th T Uyn
92
exit-address-family ! address-family ipv4 vrf CustomerA redistribute ospf 101 match internal external 1 external 2 no auto-summary no synchronization exit-address-family ! ip http server ip classless ! end Router CE1-A
! hostname CE1-A ! ip subnet-zero ! interface Ethernet0/0 description VPN-A Site 1 network ip address 172.16.10.1 255.255.255.0 half-duplex no keepalive ! interface Serial0/0 description Connected to PE1-AS1 ip address 172.16.1.2 255.255.255.252 no fair-queue ! router ospf 101 log-adjacency-changes network 172.16.1.0 0.0.0.255 area 0 network 172.16.10.0 0.0.0.255 area 1 ! ip classless ! end Router CE2-A
! hostname CE2-A ! ip subnet-zero ! interface Loopback0 description RIPv2 network ip address 209.165.201.1 255.255.255.224 ! interface Loopback1
Trn Th T Uyn
93
description EIGRP network ip address 209.165.202.129 255.255.255.224 ! interface Ethernet0/0 description VPN-A Site 2 network ip address 172.16.20.1 255.255.255.0 half-duplex no keepalive ! interface Serial0/0 description Connected to PE2-AS1 ip address 172.16.2.2 255.255.255.252 no fair-queue ! router eigrp 1 network 209.165.202.0 no auto-summary ! router ospf 101 log-adjacency-changes redistribute eigrp 1 subnets redistribute rip metric-type 1 subnets network 172.16.2.0 0.0.0.255 area 0 network 172.16.20.0 0.0.0.255 area 2 ! router rip version 2 redistribute ospf 101 match internal external 1 external 2 network 209.165.201.0 no auto-summary ! ip classless ! end Router CE1-B
! hostname CE1-B ! ip subnet-zero ! interface FastEthernet0/0 description VPN-B Site 1 network ip address 192.168.10.1 255.255.255.0 duplex auto speed auto no keepalive ! interface Serial0/0 description Connected to PE1-AS1
Trn Th T Uyn
94
ip address 192.168.1.2 255.255.255.252 clockrate 64000 no fair-queue ! router ospf 201 log-adjacency-changes network 192.168.1.0 0.0.0.255 area 1 network 192.168.10.0 0.0.0.255 area 1 ! ip classless ! end Router CE2-B
! hostname CE2-B ! ip subnet-zero ! interface Loopback0 description RIPv2 network ip address 192.168.99.1 255.255.255.0 ! interface Loopback1 description EIGRP network ip address 192.168.199.1 255.255.255.0 ! interface Ethernet0/0 description VPN-B site 2 network ip address 192.168.20.1 255.255.255.0 half-duplex no keepalive ! interface Serial0/0 description Connected to PE2-AS1 ip address 192.168.2.2 255.255.255.252 no fair-queue ! router eigrp 1 redistribute ospf 202 metric 1500 1 255 1 1500 match internal external 1 external 2 network 192.168.199.0 no auto-summary ! router ospf 202 log-adjacency-changes redistribute eigrp 1 subnets redistribute rip metric-type 1 subnets network 192.168.2.0 0.0.0.255 area 2 network 192.168.20.0 0.0.0.255 area 2 !
Trn Th T Uyn
95
router rip version 2 redistribute ospf 202 metric 1 match internal external 1 external 2 network 192.168.99.0 no auto-summary ! ip classless ! end Kim tra: Cc b c kim tra nh tuyn OSPF PE-CE nh sau:
(1) Kim tra quan h neighbor v adjacency gia cc router PE v cc router bin CE: PE1-AS1#show ip ospf neighbor Neighbor ID 10.10.10.200 192.168.10.1 172.16.10.1 Pri 0 0 0 State FULL/ FULL/ FULL/ Dead Time 00:00:37 00:00:35 00:00:30 Address Interface 10.10.10.2 Serial0/0 192.168.1.2 Serial1/3 172.16.1.2 Serial1/1 Interface Serial0/1 Serial1/2 Serial1/0
PE2-AS1#show ip ospf neighbor Neighbor ID 10.10.10.200 192.168.199.1 209.165.202.129 Pri State 0 FULL/ 0 FULL/ 0 FULL/ Dead Time Address 00:00:31 10.10.10.6 00:00:38 192.168.2.2 00:00:35 172.16.2.2
(2) Kim tra vic qung b tuyn cho CustomerA
Bng nh tuyn VRF cho CustomerA nhn c cc tuyn do CE2-A qu ng b ti. PE2-AS1#show ip route vrf CustomerA ospf 101 172.16.0.0/16 is variably subnetted, 6 subnets, 3 masks O IA 172.16.20.0/24 [110/791] via 172.16.2.2, 00:44:34, Serial1/0 209.165.201.0/27 is subnetted, 1 subnets O E1 209.165.201.0 [110/801] via 172.16.2.2, 00:44:34, Serial1/0 209.165.202.0/27 is subnetted, 1 subnets O E2 209.165.202.128 [110/20] via 172.16.2.2, 00:44:34, Serial1/0
Cc tuyn OSPF ny c redistribute vo MP-iBGP v cc metric ca tuyn OSPF c sao chp vo cc thu c tnh m rng ca BGP nh cc BGP MED. Sau cc tuyn ny c qung b ti PE1-AS1 bng MP-iBGP session. PE2-AS1#show ip bgp vpn vrf CustomerA BGP table version is 33, local router ID is 10.10.10.102 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete
Trn Th T Uyn
96
Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 1:100 (default for vrf CustomerA) *>i172.16.1.0/30 10.10.10.101 0 100 0? *> 172.16.2.0/30 0.0.0.0 0 32768 ? *>i172.16.10.0/24 10.10.10.101 791 100 0? *> 172.16.20.0/24 172.16.2.2 791 32768 ? *>i172.16.101.1/32 10.10.10.101 0 100 0? *> 172.16.102.1/32 0.0.0.0 0 32768 ? *> 209.165.201.0/27 172.16.2.2 801 32768 ? *> 209.165.202.128/27 172.16.2.2 20 32768 ? PE2-AS1#show ip bgp vpnv4 all 172.16.20.0 BGP routing table entry for 1:100:172.16.20.0/24, version 13 Paths: (1 available, best #1, table CustomerA) Advertised to non peer-group peers: 10.10.10.101 Local 172.16.2.2 from 0.0.0.0 (10.10.10.102) Origin incomplete, metric 791, localpref 100, weight 32768, valid, sourced, best Extended Community: RT:1:100 OSPF DOMAIN ID:0.0.0.101 OSPF RT:0.0.0.0:3:0 OSPF ROUTER ID:172.16.102.1:0 PE2-AS1#show ip bgp vpnv4 vrf CustomerA BGP table version is 33, local router ID is 10.10.10.102 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 1:100 (default for vrf CustomerA) *>i172.16.1.0/30 10.10.10.101 0 100 0? *> 172.16.2.0/30 0.0.0.0 0 32768 ? *>i172.16.10.0/24 10.10.10.101 791 100 0? *> 172.16.20.0/24 172.16.2.2 791 32768 ? *>i172.16.101.1/32 10.10.10.101 0 100 0? *> 172.16.102.1/32 0.0.0.0 0 32768 ? *> 209.165.201.0/27 172.16.2.2 801 32768 ? *> 209.165.202.128/27 172.16.2.2 20 32768 ? CE1-A#show ip route ospf 172.16.0.0/16 is variably subnetted, 6 subnets, 3 masks O IA 172.16.20.0/24 [110/855] via 172.16.1.1, 00:41:36, Serial0/0 O IA 172.16.2.0/30 [110/65] via 172.16.1.1, 00:41:36, Serial0/0 O 172.16.101.1/32 [110/65] via 172.16.1.1, 01:05:21, Serial0/0 O IA 172.16.102.1/32 [110/65] via 172.16.1.1, 00:41:36, Serial0/0 209.165.201.0/27 is subnetted, 1 subnets
Trn Th T Uyn
97
(3) Kim tra vic qung b tuyn cho CustomerB
O E1 209.165.201.0 [110/865] via 172.16.1.1, 00:41:36, Serial0/0 209.165.202.0/27 is subnetted, 1 subnets O E2 209.165.202.128 [110/20] via 172.16.1.1, 00:41:36, Serial0/0 PE2-AS1#show ip route vrf CustomerB ospf 202 O E2 192.168.199.0/24 [110/20] via 192.168.2.2, 00:44:06, Serial1/2 O E1 192.168.99.0/24 [110/801] via 192.168.2.2, 00:44:06, Serial1/2 O 192.168.20.0/24 [110/791] via 192.168.2.2, 00:44:06, Serial1/2 PE2-AS1#show ip bgp vpnv4 all | begin 192.168.20.0 *> 192.168.20.0 192.168.2.2 *> 192.168.99.0 192.168.2.2 *> 192.168.199.0 192.168.2.2 *>i192.168.20.0 10.10.10.102 *>i192.168.99.0 10.10.10.102 *>i192.168.199.0 10.10.10.102 CE1-B#show ip route ospf O E2 192.168.199.0/24 [110/20] via 192.168.1.1, 00:12:06, Serial0/0 192.168.201.0/32 is subnetted, 1 subnets O 192.168.201.1 [110/65] via 192.168.1.1, 00:35:15, Serial0/0 O E2 192.168.99.0/24 [110/801] via 192.168.1.1, 00:12:06, Serial0/0 O E2 192.168.20.0/24 [110/791] via 192.168.1.1, 00:12:06, Serial0/0 192.168.202.0/32 is subnetted, 1 subnets O E2 192.168.202.1 [110/1] via 192.168.1.1, 00:12:06, Serial0/0 192.168.2.0/30 is subnetted, 1 subnets O E2 192.168.2.0 [110/1] via 192.168.1.1, 00:12:06, Serial0/0 791 801 20 32768 ? 32768 ? 32768 ? 0? 0? 0?
PE1-AS1#show ip bgp vpnv4 all | begin 192.168.20.0 791 100 801 100 20 100
Hnh di m t mng ca ISP cung cp cc d ch v MPLS VPN cho cc Customer A thu c cng VPN-A c s dng Backdoor Link.
OSPF Sham-Link
Trn Th T Uyn
98
Customer A c 4 Site trong VPN-A. Cc site u thu c Area 0. Site 3 v Site 4 c kt ni vi nhau bng mt c backdoor link b ng thng thp (512 kbps). Backdoor link ny cung cp kt ni gia Site 3 v Site 4 khi kt ni n backbone ca nh cung cp b s c (down ho c disconnected ). Cc site ny cng kt ni ti BGP-based MPLS VPN backbone ca nh cung cp. Kiu tch hp ny c th xem l mt dng nh tuyn km ti u (suboptimal routing) nh hnh sau:
Trnh t thc hin khi CE4-A qung b 172.16.40.0/24 ti cho CE3-A:
(1) CE4-A gi mt LSA Type 1 cho 172.16.40.0/24 ti PE2-AS1 v CE3-A.
Trn Th T Uyn
99
Trnh t ny cng x y ra vi 172.16.30.0/24 khi n c CE2-A qu ng b i. Do , cc gi d liu xu t pht t 172.16.30.0 (Site 3) ti 172.16.40.0 (Site 4) s qua backdoor link. Tng t cho cc lung lu lng b t ngu n t 172.16.10.0 (Site 1) ti 172.16.20.0 (Site 2) v b t k tuyn lin quan no t MPLS VPN backbone s l cc inter-area route v intra-area route th c u tin hn. V th, vic chuyn tip lu lng dng ny c gi l suboptimal v backdoor link c bng thng thp v c dng d phng (backup). Bn d i cho th y ng chuyn tip lu lng trong mng MPLS VPN s dng backdoor link (khng sham link).
(2) PE2-AS1 nhn 172.16.40.0/4 l mt intra-area route, v redistribute vo MPBGP. (3) PE1-AS1 redistribute 172.16.40.0/24 vo OSPF v qung b 172.16.40.0/4 l mt intra-area route ti CE3-A. (4) CE3-A nhn c hai inter-area route 172.16.40.0/24 t PE1-AS1 v mt intra-area route t CE4-A. V intra-area route c u tin hn nn c thm vo c s d liu OSPF (OSPF database).
C th trnh trng hp ny b ng cch s dng m t sham-link. Mt sham-link l mt kt ni lu n l (logical link) thuc v ni vng (intra-area) nh ng khng c mang theo bi BGP-based superbackbone. Hai router PE s l endpoint ca sham-link. Chng s thit lp mt OSPF adjacency i qua v floot cc intra-area LSA qua kt ni ny. Sham-link c xem l mt mch o theo yu cu (DC demand circuit) ca OSPF nhm gim lu ng lu lng qua sham-link. iu ny gip trnh vic cc LSA c floot nh k qua sham-link. Hnh sau m t mt sham-link:
Trn Th T Uyn
100
CE4-A gi 172.16.40.0/24 v LSA Type 1 ti CE3-A, sau LSA ny c qung b ti PE1-AS1. PE1-AS1 nhn c OSPF-LSA Type 1 t CE4-A qua CE3-A v t PE2-AS1 qua OSPF sham-link. OSPF sham-link c i x nh mt kt ni ni vng (intra-area link) gia PE1-AS1 v PE2-AS1. Cost ca sham-link c th c cu hnh sao cho thp h n cost ca backup link gia CE3-A v CE4-A. Do PE2AS1 redistribute tuyn 172.16.40.0/24 vo MP-BGP v tuyn OSPF ny khng c nhn qua mt sham-link t PE1-AS1. PE1-AS1 cng khng redistribute tuyn ny vo MP-iBGP v n khng c nhn t PE2-AS1 qua OSPF sham-link. PE1-AS1 ci t tuyn OSPF nhn c t sham-link vo bng nh tuyn VRF ca n. LSA cho tuyn 172.16.40.0/24 c qung b n Site 4 cho php Site 3 chn ng i tt nht. Khi , cc gi nhn c t Site 4 s c nh tuyn qua MPLS VPN backbone v s dng kt ni bng thng cao. Nh vy, CE3-A ti Site 3 cng chn sham-link l ng i tt nht n 172.16.40.0/24. V th lu ng lu lng gia gia Site 3 v Site 4 c nh tuyn ti u qua sham-link gi a PE1-AS1 v PE2-AS1. S cu hnh cho OSPF Sham-Link
LAB 5-2 OSPF Sham-Links
M t
Trn Th T Uyn
101
Cu hnh OSPF Sham-link theo cc bc sau:
Cu hnh a ch ip v nh ngha cc VRF trn cc PE. (1) To cc u cui (endpoint) ca sham-link
Thc hin
To endpoint thc hin trn PE1-AS1 v PE2-AS1 nh sau:
To cc giao tip loopback trn mi router PE v gn kt n vo VRF CustomerA ca VPN. a ch loopback l mt a ch trong khng gian a ch ca VPN, khng c l khng gian a ch ca nh cung cp dch v MPLS VPN v sham-link l mt kt ni ca khch hng (CustomerA). PE1-AS1(config)#interface Loopback101 PE1-AS1(config-if)# description sham-link Endpoint on PE1-AS1 PE1-AS1(config-if)# ip vrf forwarding Cust_A PE1-AS1(config-if)# ip address 172.16.101.1 255.255.255.255 PE2-AS1(config)#interface Loopback101 PE2-AS1(config-if)# description sham-link Endpoint on PE2-AS1 PE2-AS1(config-if)# ip vrf forwarding Cust_A PE2-AS1(config-if)# ip address 172.16.102.1 255.255.255.255
(2) Redistribute endpoint vo MP-BGP PE1-AS1(config)#router bgp 1 PE1-AS1(config-router)#address-family ipv4 vrf Cust_A PE1-AS1(config-router-af)# redistribute connected PE2-AS1(config)#router bgp 1 PE2-AS1(config-router)#address-family ipv4 vrf Cust_A
Trn Th T Uyn
102
(3) Cho php sham-link qua tin trnh OSPF VRF
PE2-AS1(config-router-af)# redistribute connected PE1-AS1(config)#router ospf 101 vrf Cust_A PE1-AS1(config-router)#area 0 sham-link 172.16.101.1 172.16.102.1 cost 1
Cu hnh
PE2-AS1(config)#router ospf 101 vrf Cust_A PE2-AS1(config-router)#area 0 sham-link 172.16.102.1 172.16.101.1 cost 1
Router P1-AS1
! hostname P1-AS1 ! ip subnet-zero ! ip cef mpls ldp logging neighbor-changes ! interface Loopback0 ip address 10.10.10.200 255.255.255.255 ! interface Serial0/0 description Connected to PE1-AS1 ip address 10.10.10.2 255.255.255.252 tag-switching ip clockrate 64000 ! interface Serial0/1 description Connected to PE2-AS1 ip address 10.10.10.6 255.255.255.252 tag-switching ip clockrate 64000 ! router ospf 1 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! ip http server ip classless ! end Router PE1-AS1
! hostname PE1-AS1 ! ip subnet-zero ! !

Trn Th T Uyn 103
! ip vrf CustomerA rd 1:100 route-target export 1:100 route-target import 1:100 ! ip cef mpls ldp logging neighbor-changes ! interface Loopback0 ip address 10.10.10.101 255.255.255.255 ! interface Loopback101 description Sham-link Endpoint on PE1-AS1 ip vrf forwarding CustomerA ip address 172.16.101.1 255.255.255.255 ! interface Serial0/0 description Connected to P1-AS1 ip address 10.10.10.1 255.255.255.252 tag-switching ip ! interface Serial1/1 description Connected to CE1-A ip vrf forwarding CustomerA ip address 172.16.1.1 255.255.255.252 clockrate 64000 ! interface Serial1/3 description Connected to CE3-A ip vrf forwarding CustomerA ip address 172.16.3.1 255.255.255.252 ! router ospf 101 vrf CustomerA router-id 172.16.101.1 log-adjacency-changes area 0 sham-link 172.16.101.1 172.16.102.1 redistribute bgp 1 subnets network 172.16.1.0 0.0.0.255 area 0 network 172.16.3.0 0.0.0.255 area 0 ! router ospf 1 router-id 10.10.10.101 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! router bgp 1 no synchronization bgp log-neighbor-changes neighbor 10.10.10.102 remote-as 1
Trn Th T Uyn
104
neighbor 10.10.10.102 update-source Loopback0 no auto-summary ! address-family vpnv4 neighbor 10.10.10.102 activate neighbor 10.10.10.102 send-community both no auto-summary exit-address-family ! address-family ipv4 vrf CustomerA redistribute connected redistribute ospf 101 match internal external 1 external 2 no auto-summary no synchronization exit-address-family ! ip http server ip classless ! end Router PE2-A
! hostname PE2-AS1 ! ip vrf CustomerA rd 1:100 route-target export 1:100 route-target import 1:100 ! ip cef mpls ldp logging neighbor-changes ! interface Loopback0 ip address 10.10.10.102 255.255.255.255 ! interface Loopback101 description Sham-link Endpoint on PE2-AS1 ip vrf forwarding CustomerA ip address 172.16.102.1 255.255.255.255 ! interface Serial0/1 description Connected to P1-AS1 ip address 10.10.10.5 255.255.255.252 tag-switching ip ! interface Serial1/0 description Connected to CE2-A ip vrf forwarding CustomerA ip address 172.16.2.1 255.255.255.252
Trn Th T Uyn
105
clockrate 64000 ! interface Serial1/2 description Connected to CE4-A ip vrf forwarding CustomerA ip address 172.16.4.1 255.255.255.252 clockrate 64000 ! router ospf 101 vrf CustomerA router-id 172.16.102.1 log-adjacency-changes area 0 sham-link 172.16.102.1 172.16.101.1 redistribute bgp 1 subnets network 172.16.2.0 0.0.0.255 area 0 network 172.16.4.0 0.0.0.255 area 0 ! router ospf 1 router-id 10.10.10.102 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! router bgp 1 no synchronization bgp log-neighbor-changes neighbor 10.10.10.101 remote-as 1 neighbor 10.10.10.101 update-source Loopback0 no auto-summary ! address-family vpnv4 neighbor 10.10.10.101 activate neighbor 10.10.10.101 send-community both no auto-summary exit-address-family ! address-family ipv4 vrf CustomerA redistribute connected redistribute ospf 101 match internal external 1 external 2 no auto-summary no synchronization exit-address-family ! ip classless ! end Router CE1-A
! hostname CE1-A ! mpls ldp logging neighbor-changes

Trn Th T Uyn
106
! interface Ethernet0/0 description VPN-A Site 1 network ip address 172.16.10.1 255.255.255.0 half-duplex no keepalive ! interface Serial0/0 description Connected to PE1-AS1 ip address 172.16.1.2 255.255.255.252 no fair-queue ! router ospf 101 log-adjacency-changes network 172.16.0.0 0.0.255.255 area 0 ! ip http server ip classless ! end Router CE2-A
! hostname CE2-A ! interface Ethernet0/0 description VPN-A CustomerA Site 2 network ip address 172.16.20.1 255.255.255.0 half-duplex no keepalive ! interface Serial0/0 description Connected to PE2-AS1 ip address 172.16.2.2 255.255.255.252 ! router ospf 101 log-adjacency-changes network 172.16.0.0 0.0.255.255 area 0 ! ip classless ! end Router CE3-A
! hostname CE3-A ! interface FastEthernet0/0 description VPN-A CustomerA Site 3 network ip address 172.16.30.1 255.255.255.0
Trn Th T Uyn
107
duplex auto speed auto no keepalive ! interface Serial0/0 description Connected to PE1-AS1 ip address 172.16.3.2 255.255.255.252 clockrate 64000 no fair-queue ! interface Serial0/1 description Sham-link, connected to CE4-A bandwidth 512 ip address 172.16.5.1 255.255.255.252 ! router ospf 101 log-adjacency-changes network 172.16.0.0 0.0.255.255 area 0 ! ip classless ! end Router CE4-A
! hostname CE4-A ! interface Ethernet0/0 description VPN-A CustomerA Site 4 network ip address 172.16.40.1 255.255.255.0 half-duplex no keepalive ! interface Serial0/0 description Connected to PE2-AS1 ip address 172.16.4.2 255.255.255.252 no fair-queue ! interface Serial0/1 description Sham-link, connected to CE3-A bandwidth 512 ip address 172.16.5.2 255.255.255.252 clockrate 64000 ! router ospf 101 log-adjacency-changes network 172.16.0.0 0.0.255.255 area 0 ! ip classless !
Trn Th T Uyn
108
end
Kim tra hot ng ca Sham-link PE1-AS1#show ip route vrf CustomerA Routing Table: CustomerA Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 11 subnets, 3 masks 172.16.40.0/24 [110/792] via 10.10.10.102, 00:33:15 172.16.30.0/24 [110/782] via 172.16.3.2, 00:33:59, Serial1/3 172.16.20.0/24 [110/792] via 10.10.10.102, 00:33:15 172.16.10.0/24 [110/791] via 172.16.1.2, 00:33:59, Serial1/1 172.16.4.0/30 [110/782] via 10.10.10.102, 00:33:45 172.16.5.0/30 [110/976] via 172.16.3.2, 00:33:59, Serial1/3 172.16.1.0/30 is directly connected, Serial1/1 172.16.2.0/30 [110/782] via 10.10.10.102, 00:33:46 172.16.3.0/30 is directly connected, Serial1/3 172.16.101.1/32 is directly connected, Loopback101 172.16.102.1/32 [200/0] via 10.10.10.102, 00:34:17 172.16.0.0/16 is variably subnetted, 11 subnets, 3 masks 172.16.40.0/24 [110/791] via 172.16.4.2, 00:42:24, Serial1/2 172.16.30.0/24 [110/783] via 10.10.10.101, 00:42:24 172.16.20.0/24 [110/791] via 172.16.2.2, 00:42:24, Serial1/0 172.16.10.0/24 [110/792] via 10.10.10.101, 00:42:24 172.16.5.0/30 [110/976] via 172.16.4.2, 00:42:24, Serial1/2 172.16.1.0/30 [110/782] via 10.10.10.101, 00:42:24 172.16.3.0/30 [110/782] via 10.10.10.101, 00:42:24 172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks 172.16.40.0/24 [110/205] via 172.16.5.2, 00:17:34, Serial0/1 172.16.20.0/24 [110/856] via 172.16.3.1, 00:17:34, Serial0/0 172.16.10.0/24 [110/855] via 172.16.3.1, 00:17:34, Serial0/0 172.16.4.0/30 [110/259] via 172.16.5.2, 00:17:34, Serial0/1 172.16.1.0/30 [110/845] via 172.16.3.1, 00:17:34, Serial0/0 172.16.2.0/30 [110/846] via 172.16.3.1, 00:17:34, Serial0/0
O O O O O O C O C C B
PE2-AS1#show ip route vrf CustomerA ospf 101 O O O O O O O
CE3-A#show ip route ospf O O O O O O
CE4-A#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
Trn Th T Uyn
109
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks 172.16.40.0/24 is directly connected, Ethernet0/0 172.16.30.0/24 [110/196] via 172.16.5.1, 00:26:15, Serial0/1 172.16.20.0/24 [110/855] via 172.16.4.1, 00:26:15, Serial0/0 172.16.10.0/24 [110/856] via 172.16.4.1, 00:26:15, Serial0/0 172.16.4.0/30 is directly connected, Serial0/0 172.16.5.0/30 is directly connected, Serial0/1 172.16.1.0/30 [110/846] via 172.16.4.1, 00:26:15, Serial0/0 172.16.2.0/30 [110/845] via 172.16.4.1, 00:26:16, Serial0/0 172.16.3.0/30 [110/259] via 172.16.5.1, 00:26:16, Serial0/1
C O O O C C O O O
CE3-A#traceroute 172.16.40.1 Type escape sequence to abort. Tracing the route to 172.16.40.1 1 172.16.5.2 16 msec 12 msec * CE1-A#traceroute 172.16.20.1 Type escape sequence to abort. Tracing the route to 172.16.20.1 1 172.16.1.1 16 msec 16 msec 16 msec 2 10.10.10.2 [MPLS: Labels 17/23 Exp 0] 153 msec 153 msec 152 msec 3 172.16.2.1 [MPLS: Label 23 Exp 0] 88 msec 88 msec 88 msec 4 172.16.2.2 56 msec 56 msec * CE1-A#traceroute 172.16.40.1 Type escape sequence to abort. Tracing the route to 172.16.40.1 1 172.16.1.1 16 msec 16 msec 16 msec 2 10.10.10.2 [MPLS: Labels 17/22 Exp 0] 152 msec 152 msec 152 msec 3 172.16.4.1 [MPLS: Label 22 Exp 0] 88 msec 88 msec 88 msec 4 172.16.4.2 56 msec 56 msec * PE1-AS1#show ip ospf sham-links Sham Link OSPF_SL0 to address 172.16.102.1 is up Area 0 source address 172.16.101.1 Run as demand circuit DoNotAge LSA allowed. Cost of using 1 State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Hello due in 00:00:03 Adjacency State FULL (Hello suppressed)
Trn Th T Uyn 110
Index 3/3, retransmission queue length 0, number of retransmission 0 First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0) Last retransmission scan length is 0, maximum is 0 Last retransmission scan time is 0 msec, maximum is 0 msec PE1-AS1#show ip ospf neighbor Neighbor ID 10.10.10.200 172.16.30.1 172.16.10.1 172.16.102.1 Pri State 0 FULL/ 0 FULL/ 0 FULL/ 0 FULL/ Dead Time Address Interface 00:00:34 10.10.10.2 Serial0/0 00:00:39 172.16.3.2 Serial1/3 00:00:30 172.16.1.2 Serial1/1 172.16.102.1 OSPF_SL0
PE1-AS1#show ip route vrf CustomerA ospf 101 O O O O O O O 172.16.0.0/16 is variably subnetted, 11 subnets, 3 masks 172.16.40.0/24 [110/792] via 10.10.10.102, 00:35:18 172.16.30.0/24 [110/782] via 172.16.3.2, 00:36:02, Serial1/3 172.16.20.0/24 [110/792] via 10.10.10.102, 00:35:18 172.16.10.0/24 [110/791] via 172.16.1.2, 00:36:02, Serial1/1 172.16.4.0/30 [110/782] via 10.10.10.102, 00:35:47 172.16.5.0/30 [110/976] via 172.16.3.2, 00:36:02, Serial1/3 172.16.2.0/30 [110/782] via 10.10.10.102, 00:35:47 172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks 172.16.40.0/24 [110/205] via 172.16.5.2, 00:17:34, Serial0/1 172.16.20.0/24 [110/856] via 172.16.3.1, 00:17:34, Serial0/0 172.16.10.0/24 [110/855] via 172.16.3.1, 00:17:34, Serial0/0 172.16.4.0/30 [110/259] via 172.16.5.2, 00:17:34, Serial0/1 172.16.1.0/30 [110/845] via 172.16.3.1, 00:17:34, Serial0/0 172.16.2.0/30 [110/846] via 172.16.3.1, 00:17:34, Serial0/0 172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks 172.16.30.0/24 [110/196] via 172.16.5.1, 00:26:15, Serial0/1 172.16.20.0/24 [110/855] via 172.16.4.1, 00:26:15, Serial0/0 172.16.10.0/24 [110/856] via 172.16.4.1, 00:26:15, Serial0/0 172.16.1.0/30 [110/846] via 172.16.4.1, 00:26:15, Serial0/0 172.16.2.0/30 [110/845] via 172.16.4.1, 00:26:16, Serial0/0 172.16.3.0/30 [110/259] via 172.16.5.1, 00:26:16, Serial0/1
CE3-A#show ip route ospf O O O O O O
CE4-A#show ip route O O O O O O
Trn Th T Uyn
111
K thut lu lng trc MPLS
Khi i mt vi s pht trin v m rng mng c hai vn k thu t cn quan tm: k thu t mng (network engineering) v k thu t lu lng (traffic engineering). K thu t mng l t chc mng ph hp vi lu lng. Ban u phi c s d on tt nht v lu lng trn mng s dng cc mch v cc thit b mng (router, switch, ) thch hp. K thu t mng phi m bo hiu qu v sau ny v thi gian lp t mng c th din ra lu di. K thu t lu lng l thao tc trn lu lng ph hp vi mng. D c c gng n u th lu lng mng cng khng bao gi c p ng hon ton (100%) so vi d tnh. Gia thp nin 90 s tng trng lu lng vt qu mi d tnh v khng th nng cp mng kp thi c. i khi mt s kin ni bt (s kin th thao, v b bi chnh tr , mt trang web ph bin,) lm y lu lng trn mng, iu ny khng th tnh ton trc c. Do c th ti mt n i nhu cu b ng thng qu nhiu nhng ng thi c cc ng lin kt (link) khc cha c s dng. K thu t lu lng l mt ngh thu t chuyn lu lng t cc lin kt b y sang cc lin kt ri. K thut lu lng c th c b sung : IP metric trn giao tip,ch y mt mc l i ATM PVC v xc nh li ng PVC da trn yu cu v lu lng i qua n. K thu t lu lng trong MPLS nhm t n k thu t iu khin lu lng hng kt ni tt nht v kt hp vi nh tuyn IP. Ta s xem xt cc k thu t lu lng ca IP v ATM:
Khi nim v k thut lu lng (Traffic Engineering)
Chng 6: K THUT LU LNG TRONG MPLS
K thut lu lng IP th ph bin nhng cht lng kh km. Cch iu khin ch yu ca IP l thay i chi ph trn mt lin kt c th. Vic iu khin lu lng ch da trn mt con ng n s i ti khng hp l. Ngc li, ATM bn thay th cc PVC trn mng t ngu n n ch ca s lu thng. Ngha l t c quyn iu khin tt hn trn cc lung lu lng. Vi nh cung cp d ch v (ISP) ln trn th gii s d ng ATM qun l lu lng trn mng ca h bng cch xy dng mng li y cc ATM PVC gia mt tp cc router, ti nh kch thc v v tr cc ATM PVC mt cch nh k d a trn thng tin lu lng do cc router cung cp. Bi ton con c Trong mng IP: Trong hnh c hai con ng i t R2 n R6 : R2 R5 R6 R2 R3 R4 R6
Trn Th T Uyn
112
V cc lin kt ny c cng chi ph (cost = 15), theo chuyn tip ch thng thng, tt c cc gi n t R1 v R7 c ra cng giao tip ca R2 ti R5, v chi ph (cost) ca ng pha trn thp hn di. Tt c cc lin kt trong hnh c bng thng 150 Mbps, R1 g i 90 Mbps v R7 gi 100 Mbps. Lc ny n y sinh vn : R2 c gng chuyn 190 Mbps qua ng (pipe) 150 Mbps. Ngha l R2 phi hu 40 Mbps cho ph hp vi ng truyn. Vic chuyn tip hng ch (destination base forwarding) khng th gii quyt vn ny. Ch c th hu b lin kt ho c chuyn chi ph lin kt con ng ngn ln ng di u c cng chi ph nhm gim nh vn . Nhng ch p dng c trn mng nh. Trong mng ATM:
Xy dng hai PVC t R2 n R6 v thit lp cho chng cng chi ph. V R2 c hai con ng n R6 nn s s dng c hai con ng mang mt l ng d liu hp l. C ch chia ti c th thay i a dng nhng thng thng cn bng ti trn ngun v ch ca CEF (CEF 's per-source-destination load blancing) s dng c hai con ng theo cch cn bng th (roughly). Xy dng hai con ng c cng chi ph l gii php mm do hn thay i chi ph lin kt. Trong m ng ATM cc thit b khc ni n mng khng nh hng n bt k s thay i no ca metric. iu ny cho th y kh nng iu khin lu lng ca ATM tt hn ca IP. Gii quyt bi ton con c b ng MPLS TE:
C ba im khc bit v k thut lu lng gi a ATM v MPLS: -
MPLS TE chuyn tip gi (packet); ATM s dng t bo (Cell). ATM yu cu mng li y cc tuyn ln cn (routing adjacenies); MPLS khng cn.
Trn Th T Uyn
113
MPLS TE kt hp kh nng iu khin lu lng ca ATM vi s mm do ca IP v s khc nhau ca cc lp d ch v. MPLS cho php xy d ng cc con ng chuyn nhn (LSP - Label Switch Path) trong mng gim lu lng chuyn tip. MPLS TE (c th gi l ng hm iu khin lu lng - TE Tunnel) dng mt ng hm TE iu khin lu l ng trn ng n mt ch c th. Ph ng php ny mm d o hn k thut lu l ng chuyn tip ch da trn a ch ch. MPLS trnh c flooding O(N2) v O(N3). MPLS TE s dng c ch gi l nh tuyn ng (autoroute) xy dng bng nh tuyn bng MPLS TE LSP m khng cn mng li y cc tuyn lng ging (neighbor). MPLS TE d tr bng thng khi xy dng LSP. y gii thiu khi nim ti nguyn tiu th (consumable resource). Khi LSP c thm vo mng chng c th tm ra con ng c b ng thng c lu tr sn. MPLS b t buc c s d tr ca mt phng iu khin, ngha l nu mt LSR d tr 10Mb v gi n n 100Mb trn LSP , mng s th phn chia 100 Mb tr khi lu lng ngu n b k thu t QoS rng buc. Khi nghin cu v k thut lu lng ta quan tm n ba vn chnh: (1) S phn phi thng tin (Information distribution): Cch cc b nh tuyn nhn din ra mng v cc ti nguyn no sn sng. (2) Tnh ton v thit lp tuyn (Path calculation and setup): Cch cc b nh tuyn quyt nh to cc ng hm TE, v cch xy dng v duy tr cc ng hm TE ny mt cch chnh xc. (3) Chuyn tip lu l ng vo mt ng hm (Forwarding traffic down a tunnel): Sau khi ng hm c xy d ng th s dng n nh th no?
K thut lu lng vi MPLS
Trong ATM, cng ngh li khng th thy cc router trn bin ca mng; MPLS thy c nh cc giao thc nh tuyn IP qung co (advertise) thng tin ca n.
Cu hnh MPLS TE
Ci t h iu hnh Cisco (Cisco IOS) c h tr K thu t lu lng MPLS. Trong mng cho php CEF (Cisco Express Forwarding). Mt giao thc nh tuyn trng thi lin kt (OSPF ho c IS-IS) cng nh giao thc cng ni IGP (Interior Gateway Protocol). K thut lu lng c php trn ton b router. Mt giao din loopback (mt n 255.255.255.255) s dng nh MPLS Traffic Engineering router ID (RID). Cu hnh ng hm TE c b n. Cc lnh cu hnh quan trng cho mt giao tip ng hm MPLS c s: Lnh interface Tunnel0 M t Cc ng hm MPLS TE c c trng l mt giao tip ng hm trong phn mm Cisco IOS. N khng khc g i vi cc loi ng hm khc. ip unnumbered Phn mm Cisco IOS khng chuyn tip lu lng xung loopback0 mt giao tip khng c a ch IP nn phi gn a ch IP cho ng hm TE va to. Tuy nhin cc ng hm TE ch theo mt hng duy nht v khng tip nhn b t c lin kt lng ging no nn s lng ph a ch nu gn a ch IP cho giao tip . tunel mode mpls Lnh ny thng bo cho phn mm Cisco IOS bit giao tip
c th khi ng k thu t lu lng MPLS, mng cn c cc iu kin sau:
Trn Th T Uyn
114
traffic-eng ng hm ny l mt ng hm MPLS TE tunnel destination Cho Cisco IOS bit im kt thc ca ng hm. a ch destination-ip IP y l MPLS TE RouerID ca b nh tuyn m b n mun to ng hm ti. a ch IP ch l giao din Loopback0. tunnel mpls traffic-eng Cho Cisco IOS bit cch pht sinh ng i t u n cui paht-option 10 ng hm. dynamic
Mt l, thng tin v b ng thng c sn trn giao tip, cho php mt s ng hm lm vic trc nh ng ng hm khc nh vo u tin. Hai l, cc c thu c tnh trn giao tip. Ba l, trng lng qun tr trn giao tip. Mi thng tin ny c qu ng b (advertised) trn mt c s lin kt (per-link basis). Ni cch khc, mt router qung b bng thng c sn, cc c thuc tnh v trng lng qun tr trn tt c cc lin kt c lin quan trong MPLS TE. Mt thuc tnh quan trng ca MPLS TE l kh nng dnh ring b ng thng qua mng. Cu hnh mt lng bng thng dnh ring trn mt lin kt b ng cch s dng lnh sau: Lnh ny c th ly hai tham s. Tham s u l tng lng b ng thng dnh ring trn giao tip, tnh bng Kbps. Tham s th hai l lng b ng thng ti a c th dnh ring trong lung lu lng trn mt giao tip. Nu khng cu hnh lnh th b ng thng dnh ring ngm nh qung co cho giao tip bng 0. Nu khng ch nh gi tr cho total-reservable-bandwidth trong lnh ip rsvp bandwidth th gi tr mc nh l 75% ca b ng thng lin kt (link bandwidth). Bng thng lin kt c xc nh bi loi giao tip ho c lnh v b ng thng trn giao tip. T l trn lu ng lu lng (perflow) ti a c ngm nh l bng tham s total-reservable-bandwidth, nh ng khng nht thit phi lun lun nh th. Khi cc ng hm MPLS TE dnh ring bng thng lin kt, l ng bng thng c nh phn (allocated bandwidth) thay i nhng b ng thng c sn ti a (maximum available bandwidth) khng thay i. Cn cu hnh cho c hai: trn giao tip (per-interface) v bng thng ng hm (tunnel bandwidth). V hai mc ch. Mt l, cu hnh per-interface cho bit trong mng c bao nhiu b ng thng c sn trn mt giao tip. Hai l, cu hnh per-tunnel u ng hm cho bit n cn bao nhiu bng thng s dng. MPLS TE cung cp c ch u tin cho mt s ng hm lm vic trc nhng ng hm khc. Mi ng hm c mt u tin, cc ng hm t quan trng hn b y ra khi ng i v c tnh ton li ng i, v ti nguyn ca n nhng li cho ng hm quan trng h n. u tin ng hm (Tunnel Priortity) router(config-if)#ip rsvp bandwidth [<1-10000000 total-reservable-bandwidth>[perflow-bandwidth]] Bng thng c sn (available bandwidth)
Cc dng thng tin chnh c phn phi
Cc mc u tin (Priority Level):
Mt ng hm c th c thit lp u tin vi gi tr trong khong t 0 n 7. Gi tr u tin cng ln th s quan trng ca ng hm cng thp! V d , ng
Trn Th T Uyn
115
hm c u tin 3 th quan trng hn ng hm u tin 5. u tin 0 l quan trng nht. trnh nhm ln ngi ta thng dng thu t ng tt hn (better) v t hn (worse) hn thut ng cao hn (higher) v thp hn (lower). Cng c th dng thut ng quan trng hn (more important) v t quan trng hn (less important). Nhng c s ca s chim quyn(Preemption Basics):
Nhng ng hm quan trng h n c quyn y nhng ng hm khc ra khi ng i khi mun dnh ring b ng thng. iu ny c gi l s chim trc ng hm (tunnel preemption). u tin thit lp v u tin lu gi (Setup and Holding Priority):
Mi ng hm c hai u tin u tin thit lp (Setup priority) v u tin lu gi (Hold priority). C hai u tin c xc nh chi tit trong RFC 3209. Khi mt ng hm c thit lp ln u tin ta quan tm n u tin thit lp ca n lc quyt nh cng nhn ng hm . Khi c ng hm khc n cnh tranh bng thng trn lin kt vi ng hm u tin ny, u tin thit lp ca ng hm mi c so snh vi u tin lu gi ca ng hm u tin. u tin thit lp c th khc vi u tin lu gi cho mt vi ng dng thc t. V d, mt ng hm c u tin lu gi b ng 0, v u tin thit lp l 7. ng hm ny c th b b t k mt ng hm khc y ra khi ng i ca n chim ti nguyn v ng hm c u tin thit lp thp nht (7). Nhng ngay lc n c thit lp th khng ng hm no khc c th chim trc ng i ca n do c u tin lu gi cao nht (0).
Ch : cng mt ng hm th u tin thit lp khng c tt hn u tin lu gi. V nu hai ng hm (gi s l Tunnel1 v Tunnel2) ang tranh chp cng ti nguyn, v c hai u c u tin thit lp b ng 1 v u tin lu gi bng 7, iu g xy ra? Tunnel1 n u tin v gi b ng thng vi u tin lu gi bng 7. Tunnel2 n th hai v dng u tin thit lp ca n (1) y Tunnel1 ra chim ng lin kt (link). Sau Tunnel2 gi ng lin kt vi u tin lu gi bng 7. Tunnel1 n v s dng u tin thit lp (1) y Tunnel2 i v chim ng lin kt. Tunnel2 gi lin kt vi u tin lu gi bng 7. Tunnel2 n v dng u tin thit lp ca n (1) y Tunnel1 ra chim ng lin kt . Sau Tunnel2 gi ng lin kt vi u tin lu gi bng 7. C th v lp li.
Cc phin b n Cisco IOS u khng cho php cu hnh u tin thit lp thp hn u tin lu gi trn cng mt ng hm nn trong thc t khng x y ra hin tng trn. Tuy nhin, trong thc t him khi u tin thit lp v u tin lu gi khc nhau.
Vic cu hnh th n gin. Cu trc lnh : tunnel mpls traffic-eng priority setup [holding] Cc c thuc tnh (Attribute Flags) Nu khng ch nh mt u tin lu gi th ngm nh bng v i gi tr ca u tin thit lp. u tin ngm nh l 7 (cho c hai u tin thit lp v lu gi)
Cu hnh u tin cho ng hm
Mt c tnh khc ca MPLS TE l cc c thuc tnh. Mt c thuc tnh l mt nh bipmap 32-bit trn mt kt ni c th cha 32 thuc tnh ring bit trn mt kt ni. Lnh trn kt ni nh sau:
Trn Th T Uyn 116
Cc thu c tnh (attributes) c th t 0x0 n 0xFFFFFFFF. N i din mt nh bitmap ca 32 thuc tnh (bit), vi gi tr ca mt thu c tnh l 0 hoc 1. Ngm nh l 0x0, hay tt c 32 thuc tnh trong nh bitmap l 0. Bn c th t quyt nh cho nhng bit ny. V d , quyt nh gi tr c thuc tnh l 0x2 ngha l Kt ni ny c nh tuyn qua mt ng v tinh v do khng ph hp i qua nh ng ng c tr thp (low-delay). Trong trng hp ny b t k kt ni no qua v tinh s c cu hnh nh sau: Trng lng qun tr (Administrative Weight) router(config-if)#mpls traffic-eng attribute-flags 0x2
router(config-if)#mpls traffic-eng attribute-flags attributes (0x0-0xFFFFFFFF)
Chi ph trn kt ni chia lm hai lo i: chi ph iu khin lu l ng (TE cost) v chi ph ca giao thc cng ni (IGP cost). Cho php tnh ton ng i TE thit lp chi ph kt ni khc vi ng i ngn nht u tin ca giao thc IGP (IGP SPF).Chi ph TE ngm nh trn mt kt ni b ng vi chi ph IGP. Thay i chi ph TE khc vi chi ph IGP bng cch s dng lnh sau: administrative-weight l lnh dng thit lp trng lng qun tr hay metric trn mt giao tip. Lnh ny s dng cho hai trng hp: router(config-if)#mpls traffic-eng administrative-weight (0-4294967295)
Trng hp 1 c c OSPF v IS-IS quan tm, khi mt kt ni c qung b vo IGP n km theo mt metric ca kt ni (link metric). Metric ca kt ni trong ISIS mc nh l 10, v c th c cu hnh li bng lnh: per-interface commamd isis metric. Metric kt nt ngm nh ca OSPF bng bng thng trn kt ni chia 108, v c th c cu hnh bng lnh per-interface commamd ip ospf cost. Nu trng l ng qun tr iu khin lu lng mpls (mpls traffic-eng administrative-weight) cha c cu hnh trn mt giao tip, chi ph c qu ng b trn thng bo iu khin lu lng bng vi chi ph IGP cho kt ni . Tuy nhin c mt trng hp bn mun thay i gi tr chi ph c qung b trn kt ni cho TE. iu hy hu dng trong cc mng c c hai loi chuyn tip lu lng : IP v MPLS TE. Vic cu hnh trng lng qun tr trn lin kt s to nn s khc bit v tr nhng khng thay i bng thng. Trong mt mng khng s d ng k thu t lu lng MPLS, IGP lm trn (flood) thng tin v mt kt ni (link) trong ba trng hp: Mt l, khi mt kt ni ho t ng hay khng (up or down). Hai l, khi mt cu hnh ca kt ni thay i (V d: thay i chi ph kt ni,). Ba l, khi n thi gian lm trn thng tin IGP nh k ca router. Cc lo i b nh thi c kt hp vi cc hot ng ny. S khc bit ca chng ph thu c vo giao thc IGP c s dng. K thut lu lng MPLS thm vo l do khc lm trn thng tin: khi bng thng ca kt ni thay i. Khi cc ng hm c thit lp (set up) v c iu khin (turn down) qua cc giao tip, lng bng thng c sn trn giao tip b thay i dnh ring (reservation) cho mt giao tip. Khi cc ng hm c thit lp trn mt giao tip, chng yu cu bng thng, v
Trn Th T Uyn
Trng hp 2: l metric nhy cm (delay-sensitive metric) vi tr trn mt c s ng hm (per-tunnel basis)
Trng hp 1: ghi metric c IGP qu ng co nhng ch trn nhng thng tin qung b ca TE.
Thng tin c phn phi khi no?
117
lng bng thng c sn (available bandwith) gim xung; khi cc ng hm c iu khin xung qua mt giao tip c th, lng bng thng c sn tng ln.
C kh nng mt lng rt l n thng tin lm trn ngp chim ht b ng thng trn mng v cc ti nguyn quan trng trong CPU ca router. Mc khc, b n mun chc rng thng tin hnh trng mng (topology information) c cc b nh tuyn qu ng co nhm mc ch cp nht. Nu tt c bng thng trn mt kt ni c th c dnh ring, v iu ny khng qu ng b s tm ngng ca mng, lc mng ra khi s ng b ang c nn c th lm cho thit lp khng thnh cng (setup failures) v nhng bt li khc (suboptimalities). V th b n phi ch khi no lm trn nh ng thng tin thay i. C ba nguyn tc ca ngng lm trn (flooding threshold): (1) Lm trn ngay nhng thay i quan trng.
Cu tr li u tin l Khi no c thay i x y ra. Nhng n c th to nn s trn ngp rt ln (tremendous amuont of flooding). Trong cc mng MPLS TE ln c hng nghn ng hm; vic ti lm trn ngp (reflooding) khi c mt ng hm thay i ging nh thm hng nghn kt ni vo IGP. Vic ti lm trn nhng thay i TE khng t nh lm trn mt lng kt ni IGP tng ng khi b n khng ch y SPF mt cch y ngay khi c thng tin trng thi lin kt TE mi nhng c th vn c rt nhiu thng tin ang lm trn trn mng.
Khi no router qung b nhng thay i bng thng ny?
(2) Khi cc ng hm n v i, cc ngng c kim tra xem nu c bt k s thay i no i vi s dnh ring qua mt ngng, v thng tin trng thi lin kt TE s c lm trn khi cn thit. Bng thng thay i gy ra b i s dnh ring ng hm nh b ng sau: thng Lm Thi S thay i Bng thng Bng thng cn li (%) c chp nhn trn ? im bng (%) (%) Ng ng, chiu?
100
N/A
---
10
90
10
---
89
11
---
87
13
---
85
15
35
50
50
C 30% v 45%, ngc dng
15%, ngc dng
-8
58
42
---
-20
78
22
30%, xui dng
72
94
30%, 40%, ngc dng
Trn Th T Uyn
118
95
95%, ngc dng
10
97
96%, 97%
11
-3
94
96%, dng
95%,
xui
(3) Ln trn nhng thay i khng quan trng mt cch nh k , nhng thng xuyn hn khong thi gian lm ti IGP.
Thi gian nh k ngm nh l 180 giy (3 pht). Nhng c th thay i bng cch cu hnh s dng lnh ton cc sau: lsr1(config)#mpls traffic-eng link-management timers periodic-flooding 0-3600 second interval
Nhng thng tin ny c lm trn nu b ng thng c sn thay i v n cha c lm trn. Cng vic ngm nh l kim tra qun tr kt ni TE (TE link manager) mi 3 pht, nu b ng thng dnh ring c thay i trn b t k kt ni no th lm trn nhng thng tin mi v kt ni . Thng tin k thu t lu lng MPLS khng cn lm trn nh k (3 pht) nu khng c s thay i. Ch khi c nh ng thay i trong vng 3 pht th c lm trn. Ch lm trn nh k nh ng thng tin cha c lm trn (nh mt thay i b ng thng khng vt qua ng ng lm trn). Ci t mpls traffic-eng link-management timers periodic-flooding bng 0 lm v hiu vic lm trn nh k. Ngha l thng tin b ng thng c lm trn ch theo nguyn tc 1 v 3. Nu mt thay i cha c lm trn th xem nh gy ra mt li, phi lm trn ngay: RSVP gi mt li khi mt thit lp ng i khng thnh cng do thiu b ng thng. Nu mt router nhn mt yu cu dnh ring b ng thng nhiu hn b ng thng hin c trn mt kt ni c th, b ng thng kt ni c sn c thay i ti th i im lm trn thng tin gn nht v th rotuer nhn c s tip nhn dnh ring b nh tuyn g i s dnh ring cha nhng thng tin trong c s d liu cu trc mng (topology database) ca n v thc hin ti lm trn (reflood).
Tnh ton v thit lp tuyn

Ho t ng ca CSPF:
Thut ton CSPF (Constrained Shortest Path First)
C hai im khc bit ng quan tm gia SPF bnh thng do cc giao thc nh tuyn thc hin v CSPF ca MPLS TE. Th nht, tin trnh thit lp tuyn khng c thit k tm ra ng i tt nht n mi b nh tuyn m ch n im cui ng hm (tunnel endpoint). Th hai, thay v ch quan tm n mt lo i chi ph trn kt ni gia hai lng ging cn phi quan tm n: Bng thng (bandwidth). Cc thuc tnh kt ni (link attributes) Trng s qun tr (Administrative weight) Bn thu c tnh c th hin trong danh sch PATH/TENT: {link, cost, next hop, available bandwidth}
Cc b c thc hin thu t ton CSPF nh sau:
Bc 1: Mt nt t a thng tin ca chnh mnh vo danh sch PATH vi cost = 0, next hop l chnh n v thit lp b ng thng = N/A.
119
Trn Th T Uyn
Bc 2: Xem xt nt va vo danh sch PATH, v gi n l nt PATH. Kim tra danh sch cc nt lng ging ca n. Thm mi lng ging vo danh sch TENT vi mt next hop ca nt PATH, tr khi nt lng ging c c danh sch TENT hoc PATH vi chi ph thp hn. Khng thm ng i ny vo TENT tr khi n c cu hnh rng buc cho ng hm bng thng (bandwidth) v quan h (affinity). Nu nt va c thm vo danh sch TENT c trong danh sch, nh ng vi mt chi ph cao hn ho c thp hn bng thng ti thiu, thay th ng i c chi ph cao hn bng ng hin ti. Bc 3: Tm lng ging trong danh sch TENT vi chi ph thp hn, thm lng ging vo danh sch PATH, v lp li bc 2. Nu TENT rng ho c trn PATH cn li nt cui ng hm th d ng. V d: Minh ha thut ton CSPF
Quan st hnh trn ta th y, Router A mun to mt ng hm TE n router D vi bng thng 60 Mbps. Mi kt ni lit k metric v b ng thng sn c ca n. D th y, ng i tt nht t router A n Router D l A->B->C->D, vi tng chi ph b ng 12. Nhng khng tha b ng thng c sn bng 60 Mbps. CSPF cn tnh li ng i ngn nht vi bng thng c sn 60 Mbps.
Bc 1: t chnh n vo PATH vi gi tr ng i = 0, nexthop = self, bandwidth = N/A. PATH TENT
{A,0,self,N/A} (empty)
Bc 2: t cc lng ging ca router A vo TENT. PATH TENT
{A,0,self,N/A} {B,5,B,100}
{C,10,C,100}
Bc 3: Chuyn B t PATH sang TENT, v t lng ging ca B vo TENT. PATH

Trn Th T Uyn
TENT
120
{A,0,self,N/A} {C,10,C,100}
{B,5,B,100}
{D,13,B,90}
Bc 4: t lng ging ca B vo TENT, v chuyn C t TENT sang PATH. PATH TENT
{A,0,self,N/A} {D,13,B,90}
{B,5,B,100}
Bc 5: Ly D khi TENT. Lc ny, c i tt nht n D nm trong PATH. Trng hp ny TENT rng; D tr thnh nt cui cng c xem xt trong SPF. Nu tm c ng i tt nht n D m vn cn nt trong TENT, th vn dng thu t ton y. PATH TENT
{A,0,self,N/A}
{B,5,B,100}
{C,10,C,100}
{D,13,B,90}
Trong thc t vic tnh ton phc tp hn nhiu. CSPF phi lu gi mi nt trn ng i, khng ch l nt k tip. Cng nh, khng ch quan tm n bng thng m cn xem xt n cc thuc tnh kt ni v cc phng php quyt nh (tiebreakers). Cc phng php quyt nh trong CSPF (Tiebreakers in CSPF) SPF thng thng (dng trong OSPF, IS-IS) c th s dng nhiu ng i n ch c cng chi ph. iu ny th nh thong c gi l ECMP Equal-Cost MultiPath, v n rt hu dng trong giao thc nh tuyn ni (IGP Interior Gateway Protocol). Tuy nhin trong CSPF, khng c tnh mi ng i tt nht n mi ch c th. Bn phi tm mt ng i n mt ch. Bn s lm g khi t mt nt vo TENT v nt c trong TENT vi cng chi ph? Bn cn tm ra mt cch phn bit cc ng i vi nhau. y l cc phng php quyt nh ng i c cng chi ph: Nu cha c, chn ng i c hop count thp nht (s lng router trong ng i). Chn ng i c b ng thng c sn ti thiu rng nht.
Nu vn cha tha, chn ng i ngu nhin.
Mi th khng thc s l ngu nhin. Khi xem xt xa hn trong qu trnh quyt nh, b n chn ng i trn cng (top path) trong PATH. Khng ngu nhin khi mi ng i c th c mt c hi c la chn, nhng chn ngu nhin vi ng i cui cng (ends up on the top) ca PATH c cu trc c lp v c thc thi c lp. Cc phng php ny a ra cho mt nt trong TENT. Ti mt thi im no ,
Trn Th T Uyn 121
Ghi ch:
mt nt ch nn c lit k mt ln trong TENT. y l s khc bit vi IGP SPF c th chn nhiu ng cho mt nt v chia ti gia chng. Gi s, trong mng hnh bn d i bn mun to mt ng hm t RtrA ti RtrZ vi b ng thng 10 Mbps. Mi ng i trong mng ny ph hp vi m t . Khi b n chn ng no?
C 5 ng c th i t A n Z, gi l P1 n P5 (t trn xu ng d i). Bng 3 lit k cc thuc tnh ng i. Tn ng Cc router trn ng i
P1
RtrARtrL1RtrR1 RtrZ
Chi ph Bng thng ti thiu
21
100
P2
RtrARtrL2RtrR2 RtrZ
19
81
P3
RtrARtrL3RtrM3RtrR3 RtrZ 19
90
P4
RtrARtrL4RtrR4 RtrZ
19
90
P5
P1 khng c s dng v c chi ph ng i cao hn cc ng khc. P2 khng c chn v c bng thng ti thiu l 80 Mbps, thp hn bng thng ti thiu ca nhng ng khc. P3 khng chn v c hop count = 5, cc ng khc c hop count = 4. RtrA chn P4 hay P5 pha trn ca TENT. Phn chia s thng tin cho bit cch s dng v cu hnh ca b ng thng (bandwidth), cc thu c tnh kt ni (link attributes), v trng lng qu n tr (administrative weight) trong hon cnh lm trn thng tin (information flooding). N cng cho bit cch cu hnh mt ng hm MPLS TE s dng cc thuc tnh ny. Bng thng kh quan trng. Mt ng i khng c chn s d ng cho mt ng hm MPLS TE c th
Trn Th T Uyn 122
A la chn mt trong nhng ng sau:
RtrARtrL5RtrR5 RtrZ
19
90
Nhng yu t khc nh hng n CSPF
Xem xt cu trc mng trong hnh sau:
Nhng vi thoi th sao? Tho i (voice) i hi t hn v b ng thng v tr ln hn. Nhng khng c cch thng bo tr trn mt kt ni? Hay n u? C th vn d ng metric ca kt ni IGP i din cho tr hn l bng thng. Nh ng iu ny c th lm gim kh nng nh tuyn lung d liu mt cch chnh xc lm nh h ng nghim trng ti mng.
nu n khng c b ng thng yu cu. Nu cc affinity bits ca mt ng hm khng ph hp vi chui thuc tnh c cu hnh trn mt kt ni, kt ni khng c la chn s dng cho mt ng hm MPLS TE c th. Trng l ng qu n tr c s dng b i IGP khi n lm ngp lt thng tin iu khin lu lng (traffic enfineering information). Ngm nh ch trng lng qun tr c dng tnh ton ng i ca ng hm. Tuy nhin, nu ch thay i trng lng qun tr cho mt kt ni c th th kh c th to nn s mm d o cn thit. IGP metric thng c xu t pht t b ng thng. Trong OSPF, metric ngm nh ca kt ni l b ng thng tham chiu/ bng thng kt ni (reference-bandwidth/link bandwidth). Bng thng tham chiu ngm nh (c th c thay i bng lnh auto-cost reference-bandwidth) l 10 8, ngha l bt k mt kt ni no 100 Mbps ho c hn c chi ph l 1. Ta cng c th thit lp trn mt kt ni ring (individual link) v i lnh ip ospf cost cost. Trong IS-IS, chi ph kt ni ngm nh l 10. C th thay i chi ph ny b ng lnh isis metric. OSPF v IS-IS thng dng metric m ha vi s o ca bng thng kt ni. iu ny ch tt cho cc mng ch truyn d liu. C ch kim sot nghn mng ca TCP, khi lin kt vi hng i DiffServ, c th gip ci tin bng thng.
V tr thp (low-delay), ng i bng thng ln (high-bandwidth path) y, ta c th la cc u tin v iu khin lu lng ng vin thng OC3 khng b y, nhng khng c cp trong v d ny. N d n n hai cu hi n gin: ta chn ng i b ng thng cao, tr cao hay ng i b ng thng t, tr thp? Tr
Ba ng i gia RtrA v RtrZ l: P1 l mt ng v tinh OC3 vi 150 Mbps b ng thng c sn v tr cao. P2 l ng vin thng OC3 vi tr thp. Tuy nhin, ng vin thng OC3 khng c b ng thng c sn tt c b ng thng c dnh ring. P3 l mt ng vin thng DS3 vi 45 Mbps bng thng c sn v tr thp.
Trn Th T Uyn
123
Khng c n v no c hu c kt hp vi cu hnh ca trng lng qun tr. Nu bn cu hnh mpls traffic-eng administrative-weight 10, gi tr 10 c th c gii thch theo nhiu cch. 10 c phi l tr hon chuyn ti tnh b ng micro giy? Phn trm giy? Mili giy? Giy? Tuy nhin nn tnh tr theo mili giy (ms) v:
Bc 2: thay i tin trnh quyt nh ng hm (tunnel-decision) trn cc ng hm d liu dng IGP metric hn l dng TE metric, v tnh n chi ph kt ni. Bn c th thc hin iu ny b ng lnh ton cc mpls traffic-eng path-selection metric igp, hay lnh trn ng hm tunnel mpls traffic-eng path-selection metric igp.
Bc 1: Cu hnh tr ca kt ni bng lnh mpls traffic-eng administrative-weight 0-4294967295
MPLS TE cho ta kh nng quan tm n c b ng thng v tr ca kt ni, v th ta c th xem xt ring bit chi ph ca cc ng hm thoi v d liu. thc hin iu ny, phi thc hin cc b c sau:
li: Ty trng hp. D liu th vn n v i nh ng ng i tr cao, tho i th yu cu bng thng t hn.
TE metric l mt lng 32 bit, ngha l c th tnh tr trong khong 0 4.294.967.295 ms (tng ng 7 tu n, mt tr ln cha tng thy). ng dng VoIP tnh tr b ng ms nn tht s khng cn xem xt tr kt ni b ng b t c mt n v no khc. Tht kh nh gi c th tr u cui (end-to-end latency) trn mt mch (circuit) c th mt cch chi tit vi mt n v khc ms. C ba cch nh gi tr. Xt theo tnh phc tp tng dn nh sau: Ping t mt router ny ti mt router khc.
Ch nh tr mong mun d a trn khong cch nh tuyn (router-miles). Dng SAA ch nh tr.
CSPF Knobs -
C 3 mng ln v tnh ton tuyn cn quan tm l:
V d : lp li cu hnh ng hm c b n interface Tunnel0
Cu hnh ty chn ng i (path-option)
Cc lnh hin th CSPF thay i (Various CSPF show commands)
B nh thi CSPF bin thin (Various CSPF timers)
Cu hnh ty chn ng i u ng hm
ip unnumbered Loopback0 tunnel mode mpls traffic-eng tunnel destination destination-ip path-option ch nh mt hoc nhiu ng i c th to ng hm. Hon tt c php lnh nh sau : tunnel mpls traffic-eng path-option preference [dynamic | explicit [identifier C php lnh ca tunnel mpls traffic-eng path-option nh sau:
Trn Th T Uyn 124
tunnel mpls traffic-eng path-option 10 dynamic
identifier | name name]] {lockdown}
tunnel mpls Xc nh mt ty chn ng i (path-option) cho ng hm, traffic-eng path- tham bin l mt gi tr t 1 n 1000. option preference
Lnh
M t
dynamic
Cho router bit n tnh ton ng i tt nht ph hp v i cu hnh cc rng buc ca ng hm, nh bng thng v cc affinity bits.
explicit
identifier Khi cc ng tng minh c to ra, c nh danh ho c ch identifier | name nh. Ty chn ny ch nh ty chn ng i no cn quan tm. name
Cho php ch nh mt ng i tng minh (explicit path) i qua mng m ng hm c thit lp. ng tng minh ny phi tha cc rng buc cu hnh, v tunnel headend s kim tra ng tng minh chc rng cc rng buc c tha mn trc khi truyn tn hiu trn ng i.
lockdown
Cu hnh lockdown ngn mt ng hm TE khi b periodically reoptimized.
To mt ng i tng minh (Explicit Path)
Lnh cu hnh thng dng l tunnel mpls traffic-eng path-option 10 dynamic.
Tnh li ng hm (tunnel reoptimization)
S dng ty chn nhiu ng i (Multiple path option)
iu g x y ra nu trong lc mt ng hm ang ho t ng, mt ng i khc tt hn xut hin.
Trong hnh trn:
Tt c kt ni b t u vi b ng thng dnh ring l 100 Mbps C router A v D u mun xy d ng ng hm 60 Mbps n router H

Trn Th T Uyn 125
Kt ni gia router D v router H b t. Router D to ng hm: D C H Router A to mt ng hm : A B C E F G H Router D gim bng thng dnh ring trn ng D C H xu ng 30 Mbps bng cch cu hnh hoc iu chnh bng thng t ng. Tnh li nh k (periodic reoptimization). Ta thy cc s kin sau c th x y ra:
Khi mt router tm thy mt ng i tt hn ng hm c lp th c xem l reoptimization. Cc yu t tc ng n reoptimization: Tnh li th cng (manual reoptimization).
Reoptimization khng c thc hin khi ng hm b down. Nu mt ng b down th khng cn i b nh thi reoptimization (reoptimization timer) kch ho t trc khi tm ra ng hm mi m vic tnh ton s c thc hin ngay lp tc.
Tnh li h ng theo s kin (Event-driven reoptimization)
RSVP-TE c mt c ch gi l make-before-break thc hin to mt ng hm dnh ring mi m khng lm xo trn b t k s dnh ring ng hm no ang tn ti.
Ghi ch: d reoptimization timer ch c cu hnh ton cc nhng c lu theo tng ng hm. Gi s, c 20 ng hm khc nhau (t T1 n T20), mi ng hm c thit lp cch nhau 2 pht (T1 thit lp ti 00:00, T2 l 00:02,T20 lc 00:40). 20 pht sau b nh thi reoptimization ton cc (global reoptimization timer) cho T1 kch hot v c tm mt ng i tt hn, nh ng ch cho T1. T20 khng thc hin reoptimize n thi im sau khi n c thit lp 1 gi (01:40).
Cisco thc thi mt b nh thi reoptimization nh k (periodic reoptimization timer), n c th c cu hnh ton cc. Sau khi mt ng hm i vo ho t ng, tin hnh mt s c gng tm ra mt ng i mi cho n, theo cc rng buc c cu hnh ca ng hm. Ngm nh, vic ny c thc hin 1 ln mi gi; B nh thi ny c cu hnh b ng lnh mpls traffic-eng tunnels reoptimize timers frequency 0-604800. 0-604800 l thi gian tnh bng giy m Cisco IOS Software tm kim mt ng i tt nht cho mt ng hm. Thit lp b nh thi ny bng 0 ngha l ng hm khng bao gi reoptimize sau khi chng c thit lp.
Reoptimization nh k (periodic reoptimization)
Khi c mt thay i trong mng m bn khng mun i reoptimization timer ca ng hm kch ho t trc khi tm ra ng i tt hn, bn c th s dng lnh mc enable: mpls traffic-eng reoptimize [tunnel-name] buc router thc hin reoptimize mt ng hm c th ti bt k lc no.
Reoptimization th cng (manual reoptimization)
Xem xt kt ni gia RtrD v RtrH trong hnh trn. Nu kt ni hot ng, RtrD c nn reoptimize ng hm D H ca n ng hm ny i qua ng kt ni trc tip ny? C th! Nh ng c mt cch m mt kt ni thit lp nhng khng cn kch ho t mt reoptimization. C php lnh: mpls traffic-eng reoptimize events link-up
Trn Th T Uyn
Reoptimization hng theo s kin (Event-driven reoptimization)
126
C th c mt vi ng hm khng cn reoptimize. C th thc hin iu ny trong phn c s ca ng hm s dng ty chn lockdown trong cc lnh ty chn ng i: tunnel mpls traffic-eng path-option preference {dynamic | explicit name name | identifier id>} {lockdown} V d: mi kt ni b t u vi 100 Mbps b ng thng c sn
Lockdown
Ti th i im hai ng hm c thit lp, kt ni bn di gia RtrC v RtrD b down. Mt lc sau ho t ng tr li. Mt ng hm 60 Mbps t RtrA n RtrE qua kt ni trn C D v mt ng hm RtrB n RtrE i trn cng kt ni nh hnh sau:
Khi reoptimize x y ra trn cc ng hm ny, gi s xem xt trn ng hm B E, kt qu l ng hm B E c reoptimize.
Trn Th T Uyn
127
Sau khi mt ng i c tnh ton theo CSPF, ng i c bo hiu qua mng nhm: Thit lp mt chui cc nhn theo tng chn (hop-by-hop chain of labels) i din cho ng i. s dng b t k ti nguyn no c th dng c (bng thng) trn ng i.
Giao thc dnh ring ti nguyn (RSVP- Resource Reservation Protocol)
Nhng nu khng mun ng hm B E reoptimize th cu hnh ng hm vi tunnel mpls traffic-eng path-option lockdown, n s khng reoptimize v chuyn sang kt ni khc. Tuy nhin, n s v 1 kt ni C D nu kt ni C D pha trn b t.
Vic bo hiu hon thnh b ng RSVP, cng vi RSVP m rng cho MPLS TE. RSVP c xc nh RFC 2205, c mt s m rng trong RFC 2210. MPLS TE m rng thm RSVP c xc nh trong RFC 3209. RSVP l mt c ch bo hiu dng dnh ring ti nguyn trn mt mng. RSVP khng phi l mt giao thc nh tuyn. Vic quyt nh tuyn do IGP (gm c cc m rng TE) v CSPF. Tng quan v RSVP
Cng vic ca RSVP l bo hiu v duy tr ti nguyn dnh ring qua mt mng. Trong MPLS TE, RSVP d tr b ng thng ti mt phng iu khin (control-); khng c chnh sch lu lng trn mt phng chuyn tip (forwarding-plane). Khi s dng cho cc mc ch khc (nh VoIP hay DLSW+reservations), RSVP c th c dng dnh ring khng gian hng i cng b ng c trng s (WFQ Weighted Fair Queuing) hay xy d ng cc ATM SVC. Ba chc nng c bn ca RSVP c :
RSVP l mt soft-state protocol. Ngha l cn ti bo hiu trn mng lm ti nh k cho n. Vi RSVP, mt yu cu b hy nu n c ch nh xa khi mng bng RSVP hay ht thi gian dnh ring (reservation times out). Chn lo i thng ip RSVP khc nhau c nh ngha nh sau:
Bo li (Error signalling).
H y ng i (Path teardown).
Thit lp v duy tr ng i (Path setup and maintenance).
Loi thng ip Path Resv
PathTear
ResvTear
PathErr
ResvErr
Trn Th T Uyn
M t Dng thit lp v duy tr s dnh ring Gi hi p cho cc thng ip Path thit lp v duy tr s dnh ring Tng t cc thng ip Path, nhng c dng hy s dnh ring ra khi mng. Tng t nh cc thng ip Resv, nhng dng hy s dnh ring ra khi mng. c gi b i pha nhn thng thip Path bo rng pht hin ra mt li trong thng ip . c gi b i pha nhn thng thip Resv bo rng pht hin ra mt li trong thng ip .
128
ResvConf
ResvTearConf
Hello
Thit lp ng i (Path Setup)
Ty chn gi li cho pha gi thng ip Resv bo rng ti nguyn dnh ring a ra c thit lp. Mt thng ip ring ca Cisco tng t nh ResvConf. Bo rng s dnh ring b h y khi mng. Mt s m rng c xc nh trong RFC 3209 cho php kt ni cc b (link-local) c duy tr gia hai lng ging RSVP kt ni trc tip.
Sau khi u ng hm (tunnel headend) hon thnh CSPF cho mt ng hm c th, n gi mt thng ip Path n nt k tip (next-hop) dc theo ng i tnh ton n ch. LSR gi thng ip Path c gi l LSR ngc dng (upstream router), v LSR nhn thng ip c gi l LSR xui dng (down-stream router) hay trm trc ( phop previous hop). Sau khi LSR xui dng nhn mt thng ip Path, n kim tra nh dng ca thng ip, sau kim tra l ng bng thng m thng ip yu cu. Tin trnh ny c gi l iu khin nhp nhn (admission control).
ui ng hm thc hin iu khin chp nhn trn thng ip Path ging nh cc LSR xui dng khc. Khi n nhn ra rng n l ch n ca thng ip Path n tr li li b ng thng ip Resv. Resv ng vai tr nh l mt ACK bo v cho LSR ngc dng. Resv cha mt thng bo rng tha mn s dnh ring n cu i ng hm v thng tin nhn n (incoming label) cho LSR ngc dng s d ng gi cc gi dc theo TE LSP n ch. S trao i cc thng ip RSVP Path v Resv trong sut qu trnh thit lp LSP nh sau:
Nu vic kim tra ny thnh cng v thng ip Path c php dnh ring b ng thng nh n yu cu, LSR xui dng to mt thng ip Path mi v gi n nt k trong i tng tuyn tng minh (ERO Explicit Route Object). Thng ip Path tip tc c chuyn i n khi no chng n c nt cui cng trong ERO ui ng hm MPLS TE (tunnel tail).
Gi s rng R1 thc hin CSPF xong v bit rng n mun dnh ring b ng thng dc theo ng R1 R2 R3 R5 R6 R7: (1) R1 gi mt thng ip Path n R2. R2 nhn thng ip Path , kim tra c php thng ip v kim ra bng b qun l kt ni TE (TE Link Manager) chc rng bng thng m R1 yu cu hin ang c sn. Nu xy ra li R2 g i thng ip Error li cho R1. Gi s mi th u tt th chuyn sang bc 2.
129
Trn Th T Uyn
Lc ny, R1 nhn mt thng ip Resv cho ng hm n R7 v n bit nhn ra (outgoing label) no c s dng. Giao tip ng hm trn R1 tr thnh up/up (trc thi im ny l up/down). Tho t nhn, vic duy tr ng i ging nh thit lp ng i. Mi 30 giy u ng hm g i mt thng ip Path n lng ging xui dng ca n. Nu mt LSR gi i mt dy 4 thng ip Path v khng thy Resv, n ngh rng s dnh ring b mt v gi mt thng ip ngc dng (message upstream) bo rng s dnh ring b mt. Cc thng ip Path v Resv c gi c lp v bt ng b gia cc lng ging vi nhau. Mi 30 giy, R1 g i thng ip Path cho mt s dnh ring ca n ti R2. V mi 30 s, R2 gi mt thng ip Resv n R1 vi cng s dnh ring . Tuy nhin hai thng ip ny khng lin h nhau. Thng ip Resv c dng lm ti (refresh) mt s dnh ring dang tn ti ch khng phi tr li cho thng ip Path. Duy tr ng i (Path Maintenance)
(10) R2 gi mt thng ip Resv cho R1, bo hiu nhn 18.
(9) R3 gi mt thng ip Resv cho R2, bo hiu nhn 21.
(8) R5 gi thng ip Resv cho R3, bo hiu nhn 10921. Khi R5 nhn mt gi vi nhn 10921, n i (swap) nhn thnh nhn 42 v gi gi n R6.
(7) R6 gi mt thng ip Resv cho R5 v ch nh n mun th y nhn n l 42 cho ng hm ny. Ngha l khi R6 nhn nhn 42, n thc hin hy nhn (v implicit-null) v gi thng ip v cho R7.
(6) R7, ui ca ng hm, gi mt thng ip Resv n R6. Resv ch nh nhn R7 mun thy trn gi n; v R7 l ui nn n gi implicit-null.
(5) R5 gi thng ip Path n R6. R6 thc hin kim tra ging R5.
Nu mt nt (thng l u ng hm) quyt nh mt s dnh ring khng cn cn thit trong mng, n gi mt thng ip PathTear dc theo ng thng ip Path i v mt ResvTear dc theo ng ca Resv. Thng ip ResvTear c gi hi p cho PathTear bo hiu ui ng hm. PathTear v ResvTear cng c gi tr li mt iu kin li trong mng. Khng ging thng ip lm ti, PathTear khng cn i n ht downstream trc khi nhn c kt qu . Trong hnh trn, nu R1 gi PathTear n R2, ngay lp tc R2 tr li bng mt ResvTear, sau gi PathTear xui dng ca n. Bo li
Hy ng i (Path Teardown)
Thnh tho ng, tn hiu RSVP c th b li. Cc li ny c bo hiu b ng thng ip PathErr hay ResvErr. Thng ip li c g i ngc dng v pha ngu n ca li; mt PathErr c gi ngc dng t mt nt xui dng v mt ResvErr c gi xui dng t mt nt ngc dng. Cc gi RSVP
Trn Th T Uyn 130
nh dng gi RSVP kh n gin. Mi thng ip RSVP gm c mt tiu chung (common header), theo sau l mt hoc nhiu i tng. S lng i tng ph thu c vo thng ip ang c hon thnh. RSVP common header
Cc trng trong tiu chung RSVP: Trng M t Version Phin b n ca giao thc RSVP. Flags Ch a c c no c nh ngha. Message Type 1 = Path message 2 = Resv message 3 = PathErr message 4 = ResvErr message 5 = PathTear message 6 = ResvTear message 7 = ResvConf message 10 = ResvTearConf message 20 = Hello message RSVP Checksum Kim tra li ca thng ip RSVP. Send TTL Gi tr TTL trn gi IP. Reserved Khng s d ng. RSVP Length Chiu di ca thng ip RSVP tnh b ng byte bao gm c tiu chung, ti thiu l 8 byte.
Cc i tng RSVP c cng nh d ng c bn nh sau:
nh dng lp i tng RSVP
Cc trng trong nh d ng i tng RSVP c b n: Trng Object Length
Class-Num C-Type
Trn Th T Uyn
M t Kch thc ca i tng RSVP, gm c tiu i tng (object header), ti thiu l 4. N phi l bi s ca 4. Lp ca i tng (object's class). Loi lp ca i tng. C-Type l mt s duy nht trong lp.
131
Mi lp c khng gian ch s C-Type ca ring n. Cc ch s C-Type l duy nht trong mt lp.
Object Contents
Bn thn i tng .
V d: lp SESSION c 4 lo i C-Types: IPv4, IPv6, LSP_TUNNEL_IPv4, v LSP_TUNNEL_IPv6. Cc ch s c gn cho C-Types ny l 1, 2, 7, and 8. LABEL_REQUEST c 3 C-Types: Without Label Range, With ATM Label Range, v With Frame Relay Label Range. Cc s c gn l 1, 2, v 3. Nu ch c C-Type = 1 th khng xc nh duy nht ni dung mt thng ip; Bn cn phi xem xt c lp v ch s C-Type.
Mt thng ip RSVP cha mt ho c nhiu i tng. S i tng trong thng ip ph thuc vo nh ngha ca thng ip. Cc lp v C-Types c dng trong RSVP-TE ca Cisco: Lp i tng SESSION TIME_VALUES ERROR_SPEC SCOPE STYLE FLOWSPEC FILTER_SPEC SENDER_TEMPLATE SENDER_TSPEC ADSPEC RESV_CONFIRM RSVP_LABEL LABEL_REQUEST EXPLICIT_ROUTE RECORD_ROUTE HELLO HELLO SESSION_ATTRIBUTE C-Type LSP Tunnel IPv4 Refresh Period IPv4 Error Spec List of IPv4 Source Addresses Flags and Option Vector Intserv Flowspec LSP Tunnel IPv4 LSP Tunnel IPv4 Intserv Sender Tspec Intserv Adspec IPv4 RevConfirm Label Without Label Range Explicit Route Record Route Request Acknowledgment LSP Tunnel Gi tr C_type 4 1 1 1 1 2 7 7 2 2 1 1 1 1 1 1 2 7
Lp SESSION
i tng SESSION c xc nh trong RFC 2205. RFC 3209 nh ngha C-Type 7 (LSP_TUNNEL_IPV4), c 4 trng c m t trong bng 4-25.
Trn Th T Uyn
132
Trng IPv4 Tunnel Endpoint Address Reserved Tunnel ID
Cc trng trong lp SESSION:
Ni dung Router ID ca ui ng hm.
Extended Tunnel ID
Lp TIME_VALUES
=0 Mt 16-bit ID xc nh duy nht ng hm ny. y l ch s giao tip u ng hm (v th Tunnel8 c Tunnel ID b ng 8). Mt 32-bit ID. Thit lp tt c bng 0 ho c mt a ch IP ca giao tip.
RFC 2205 nh ngha i tng TIME_VALUES nh l chu k lm ti (refresh period) (tnh bng mili giy - ms gi thng ip Path hay Resv. Lp ERROR_SPEC
RFC 2205 nh ngha i tng ERROR_SPEC v cng xc nh cc m li t 00 n 23. RFC 3209 nh ngha m li 24, c t li cho MPLS TE. Trong MPLS TE, rt d gp m li 00 ( S xc nhn (Confirmation) gi trong phc p cho mt thng ip cha i tng CONFIRMATION) hay m li 24. Khi m li (error code) l 00, gi tr li (error value) cng l 00. Thng thng trng Flags bng 0 khi s dng MPLS TE. Lp SCOPE Khi m li l 24 th c th c 10 gi tr. Cng c mt m li 25 nhng ch th y khi s dng ti nh tuyn nhanh (Fast Reroute).
Trn Th T Uyn
133
RFC 2205 xc nh lp SCOPE. Lp SCOPE thc hin kiu dnh ring wildcard (wildcard reservation style) Lp STYLE
Lp STYLE c t kiu dnh ring. C th c 3 loi: Wildcard Filter Fixed Filter Shared Explicit
Cisco IOS Software s dng Shared Explicit cho s dnh ring MPLS TE. Lp FLOWSPEC
Trng Flags khng c s dng. Option Vector lun bng 0x12, ch nh lo i Share Explicit.
Trn Th T Uyn
134
FLOWSPEC c dng trong cc thng ip Resv - Resv, ResvTear, ResvErr, ResvConf, ResvTearConf. MPLS TE s dng phn tc trong bnh ca FLOWSPEC ch nh bng thng mong mu n, tnh bng byte (khng phi bit). V th nu bn cu hnh vi tunnel mpls traffic-eng 100000 yu cu 100 Mbps bng thng, n pht tn hiu 12,500,000 bytes trong mt giy (100 Mb = 100,000 Kb = 100,000,000 bits = 12,500,000 bytes). Lp FILTER_SPEC
Lp FLOWSPEC c xc nh trong RFC 2210. Cisco IOS Software yu cu dch v ti c iu khin (Controlled-Load) khi dnh ring cho mt ng hm TE. nh dng FLOWSPEC phc tp v c nhiu th trong m RSVP cho MPLS TE khng s dng.
Lp FILTER_SPEC c xc nh trong RFC 2205. RFC 3209 thm vo C-Type 7, LSP Tunnel IPv4. Trng IPv4 Tunnel Sender Address cho bit router ID ca u ng hm TE (TE tunnel headend), v trng LSP ID cho bit tunnel's LSP ID. LSP ID khi cc c tnh ca ng hm (tunnel's properties) thay i (bng thng, ng
Trn Th T Uyn 135
i thay i). FILTER_SPEC ch dng trong cc thng ip lin quan Resv (ResvTear, ResvErr, ...). Lp SENDER_TEMPLATE
Lp SENDER_TEMPLATE c xc nh trong RFC 2205, v RFC 3209 xc nh C-Type 7, LSP Tunnel IPv4. C cng nh dng v mc ch nh lp FILTER_SPEC nhng khc hng. Lp SENDER_TSPEC
Thng ch th y lp SENDER_TSPEC trong thng ip Path. Ging nh FLOWSPEC, MPLS TE ch quan tm ti phn tc trung bnh (average rate section). Lp ADSPEC
Trn Th T Uyn
136
Lp RESV_CONFIRM
Xc nh trong RFC 2210. Ging SENDER_TSPEC, ADSPEC ch dng trong cc thng ip Path.
RESV_CONFIRM c xc nh trong RFC 2205. N gi tn hiu yu cu mt chp nhn (confirmation); n xu t hin trong cc thng ip Resv v ResvTear. Lp RESV_CONFIRM thnh thong xem nh CONFIRM. Lp RSVP_LABEL
Lp LABEL_REQUEST
Lp RSVP_LABEL (thnh thong c gi l LABEL) c xc nh trong RFC 3209. kch thc 32-bit, mi i tng RSVP phi l b i s ca 4 byte, nhng trong ch khung (frame mode), n mang nhn 20-bit dng cho mt ng hm c th (particular tunnel). Lp RSVP_LABEL ch c trong thng ip Resv.
i tng LABEL_REQUEST yu cu mt nhn. Mt i tng RSVP_LABEL tr li cho n. i tng LABEL_REQUEST ch c trong thng ip Path. N cha, trong 16 bit cao, Layer 3 Protocol Identifier (L3PID) c mang trong nhn. Cisco IOS lun bo hiu 0x800 (IP); s tn ti ca L3PID mang tnh lch s. S tn ti ca
Trn Th T Uyn
137
i tng LABEL_REQUEST bo cho nt xui dng (downstream node) l n tip nhn nhn a ra. Lp EXPLICIT_ROUTE
ERO l mt tp cc i tng con (8-byte). i tng con IPv4 Prefix hin ti ch c h tr bi Cisco IOS. Cc trng trong ERO: Trng L(Loose)
i tng EXPLICIT_ROUTE ng i cho ng hm MPLS TE, thng c gi l ERO, v c xc nh trong RFC 3209. ERO ch c trong thng ip Path.
Ni dung Mt bit xc nh l mt trm rng buc cht (strict) hay lng (loose) Type Loi i tng. IPv4 loi 1. Cn c lo i khc nh : IPv6, AS Length Chiu di i tng (tnh b ng byte) IPv4 Address a ch IP k tip trong ERO Prefix Chiu di prefix ca a ch IP Length Reserved Dnh ring (cha dng)
Lp RECORD_ROUTE
i tng RECORD_ROUTE c m t trong RFC 3209. C hai i tng con RECORD_ROUTE khc nhau; mt lu a ch IP mi trm (hop) , v mt lu nhn (label) c dng mi trm. Cc trng trong i tng RECORD_ROUTE:
Trn Th T Uyn
138
Trng Type Length IPv4 Address Prefix Length Flags (trong i tng con a ch IP)
Ni dung 0x1 cho a ch IPv4. 0x3 cho nhn. Chiu di ca i tng. Mt a ch IP m LSP ny i qua. =32. 0x1 ch nh sn sng b o v cc b (Local Protection Available). 0x2 ch nh bo v cc b (Local Protection) ang c dng. Flags (trong i tng 0x1 xc nh nhn va c ghi l t khng gian nhn ton con - nhn) cc. C-Type C-Type ca nhn. Ging nh C-Type cho i tng RSVP_LABEL. (Hin ti gi tr c nh ngha l 1) Contents Nhn ca n, c m ha trong i tng RSVP_LABEL.
Lp HELLO
Lp HELLO c hai C-Types: Hello Request (Type 1) v Hello ACK (Type 2). C hai c m ha ging nhau. Source Instance v Destination Instance lu trng thi lng ging RSVP (RSVP neighbor state); xem thng ip HELLO nh l bo hiu tn ti mc RSVP (RSVP-level keepalives). Lp SESSION_ATTRIBUTE
Lp SESSION_ATTRIBUTE uc nh ngha trong RFC 3209. SESSION_ATTRIBUTE ch c trong thng ip Path. SESSION_ATTRIBUTE c hai lo ic hoc khng c resource affinity (RA). Hin ti, Cisco IOS ch h tr LSP Tunnel C-Type khng c RA (C-Type 7). Cc trng trong i tng SESSION_ATTRIBUTE: Trng Setup Priority Holding Priority Flags Ni dung u tin thit lp u tin chim gi 0x2 = b n ghi nhn (Label recording) 0x1 = S b o v cc b (Local protection)
139
Trn Th T Uyn
Bn t hi lm th no cc giao thc c th phi hp vi nhau. Phn ny s tr li cu hi: Make-before-break l g? C ch lm ti (refresh mechanism) ho t ng nh th no? Cc thng ip c gi khi no, u v cho ai? Cc i tng cin ERO cht (strict) v lng (loose) l g? Bo hiu Implicit v explicit null trm cui l g? Make-Before-Break Make-before-break l mt c ch RSVP-TE cho php thay i mt s c tnh ca ng hm TE (tn, bng thng v ng i) m khng lm mt d liu v khng cn double-booking bandwidth.
0x4 = Kiu SE. Name Length Chiu di ca chui Session Name, tnh b ng byte. Session Name Tn c gn cho LSP ny. Hot ng ca RSVP-TE
Kiu dnh ring chia s tng minh (Shared Explicit Reservation Style)
Bng thng c ch nh trc khi bt k bng thng no c c dnh ring t mng. Nu R1 truyn tnh hiu yu cu 35 Mb n mng, n i trn ng R1 R2 R5. Cn li b ng thng c sn trn R1 R2 10 Mb v trn R2 R5 65 Mb. iu g xy ra nu R1 mun tng kch thc bng thng dnh ring ca n ln 80 Mb? Bng thng ny phi i t ng d i v khng c cch no ly c b ng thng dnh ring 80 Mb trn ng R1 R2 R5. Cn li bng thng c sn 20 Mb trn mi kt ni ca ng di. Trong mt kho ng thi gian ngn, R1 dnh ring bng thng qua c hai ng v v th dnh ring tng cng l 115 Mb (35 Mb ng trn v 80 Mb qua ng di). Tuy nhin, s dnh ring 35 Mb sm c gii phng sau khi s dnh ring 80 Mb c to ra. Nguyn tc ca make-before-break lm cho u ng hm (tunnel headend) khng gii phng s dnh ring c n khi c s dnh ring mi thay th gip gim ti thiu vic mt d liu.
Trn Th T Uyn
140
Tng t nh trn, R1 c gng dnh ring 80 Mb qua R1 R3 R4 R2 R5. Nhng khng th! V hin gi bng thng c sn trn R2 R5 ch cn 65 Mb! R1 c th teardown dnh ring trn ng R1 R2 R5 v sau xy d ng s dnh ring trn R1 R3 R4 R2 R5. Khng nn thc hin nh vy! C cch tt hn khc phc hin tng ny. RSVP c mt kh nng gi l chia x tng minh (SE Share Explicit). Chia s tng minh SE l mt kiu dnh ring cho php mt LSP ang tn ti chia s bng thng vi chnh n trnh x y ra double booking. Ho t ng SE gm hai phn: Yu cu kiu dnh ring SE t mng v xc nh s dnh ring yu cu trng v i s dnh ring dang tn ti chia x b ng thng. u ng hm yu cu kiu dnh ring SE s dng mt c (flag) trong i tng SESSION_ATTTRIBUTE. Cn mt cch gii quyt khc lin quan n SE c gi l B lc tch hp (FF Fixed Filter) nhng khng c Cisco MPLS TE thc hin. N khng cho php chia x b ng thng nh SE nhng cng c th gii quyt c hin tng trn. Mi s dnh ring RSVP c xc nh duy nht b ng mt b nm thng s fivetuple {Sender Address, LSP ID, Endpoint Address, Tunnel ID, Extended Tunnel ID}. Hai mc u cha trong i tng SENDER_TEMPLATE (v FILTER_SPEC). Ba mc sau cha trong i tng SESSION. Nu hai thng ip Path c 5 mc yu cu ny trng nhau th chng cng quan tm n mt s dnh ring. a ch ngi gi (Sender Address) l RID ca u ng hm. a ch im cu i (Endpoint Address) l RID ca ui ng hm. Extended Tunnel ID l 0 ho c a ch IP trn b nh tuyn ; n c dng trong mt s k thut bo v. Tunnel ID l ch s giao tip ng hm ti u ng hm. LSP ID nh l b m (instantiation counter): mi ln ng hm thay i bng thng yu cu ca n hay ng i, LSP ID tng ln 1. Nguyn tc ca tin trnh dnh ring ES cho MPLS TE l nu hai s dnh ring c cc phn trong five-tuple ging nhau, ch khc khc LSP ID, nn khc LSP nh ng chng c chia x b ng thng. R2 Chuyn tip s dnh ring n R5. nh d u ng i R2 R5 l 35 Mb c dnh ring cho ng hm c cn li 65 Mb .
Cc b c trong Make-Before-Break:
Bc R1 1 Gi mt s dnh ring cho {SA=1.1.1.1, LSP ID=1, EA=5.5.5.5, TID=8, XTID=0}, yu cu 35 Mb dc ng i R1 R2 R5 . Gi l s dnh ring Res1.
Trn Th T Uyn
141
Gi mt yu cu dnh ring cho {SA=1.1.1.1, LSP ID=2, EA=5.5.5.5, TID=8, XTID=0} dc ng i R1 R3R4 R2R5, yu cu b ng thng 80 Mb. Gi l Res2.
Theo cch ny c Res1 v Res2 c php cng tn ti n khi Res1 b xa khi mng. Sau khi Res2 c chia x b ng thng vi Res1, th Res1 s khng c gng s dng bng thng cng thi im v i Res2. C ch lm ti
Kim tra s dnh ring v th y rng s dnh ring ny ging vi s dnh ring c ngo i tr LSP ID. Cho php s dnh ring mi ng vi bng thng dnh ring c v nh phn cho ng hm ny l 80 35 = 45 Mbps nhiu hn bng thng trn kt ni R2 R5. R2 R5 dnh du bng thng dnh ring l 80 Mbps v 20 Mbps cha uc s dng.
Hai im chnh cn nm khi ni n c ch lm ti l b nh thi lm ti c kch hot v thng ip Path v Resv c gi c lp gia hai b nh tuyn. Cc thng ip Path v Resv c gi mi 30 giy. Tuy nhin khng tht s l mi 30s; chng gi trn mt b nh thi 30s nhng kch hot 50 %. V th s dnh ring a ra c thng ip Path gi lm ti mi 15 n 45 giy. Tng t v i thng ip Resv. Vic tnh ton lm ti c xc nh trong RFC 2205. Thng thng mt lng ging gi kho ng thi gian lm ti R (Refresh interval) ti lng ging ca n trong i tng TIME_VALUES trong thng ip Path v Resv. Mi b nh tuyn cng bit c bao nhiu thng ip s c b qua trc khi tuyn b s dnh ring mt i (gi l K). Cc lng ging tnh ton thi gian gi (holdtime) thng ip ny bng cng thc: Hin ti, R = 30s v K = 3. Suy ra L t nht l 157,5 s. Ngha l b nh tuyn c th i 157,5 s trc khi tearing down mt lng ging. Hnh d i cho thy thng ip Path v Resv c gi mt cch c lp v nh thi lm ti ca thng ip Path l 00:00 v 00:45, v ca thng ip Resv l 00:15 v 00:30. L >= (K + 0,5) * 1,5 * R
RSVP l mt giao thc soft-state, s dnh ring c lm ti nh k . S dnh ring c gi bng thng ip Path v Resv. Vic lm ti kim tra xem s dnh ring ang tn ti vi five-tuple c ph lp vi yu cu trong thng ip Path hay Resv khng.
Trn Th T Uyn
142
Cc lo i thng ip RSVP: Thng ip
Cc thng ip c g i khi no? n u? V cho ai? Chc nng Hng a ch Cnh bo ch router ui (tail) C
Path
Gi tn hiu yu cu ti nguyn ln mng. Resv Tr li thng ip Path thnh cng. PathErr Gi v u ng hm khi c li thng ip Path. ResvErr Gi v pha ui nu c mt li trong vic x l thng ip Path. PathTear Gi v ui ng hm hy mt s dnh ring ang tn ti. ResvTear Gi v u ng hm h y mt s dnh ring dang tn ti. ResvConf Gi phc p cho Resv hay ResvTear yu cu xc nhn thng ip. ResvTearConf Gi hi p cho mt ResvTear bao gm mt thng ip Confirm. Hello Gi ti mt lng ging RSVP trn mt kt ni trc tip.
Xui dng
Ngc dng
Ngc dng
Trm k Khng (next hop) Trm k Khng
Xui dng
Trm k
Khng
Xui dng
ui
Ngc dng
Trm k
Khng
Xui dng
ui
Xui dng
Trm k
Khng
Ngc dng Trm k / Xui dng
Khng
Trn Th T Uyn
143
Ch :
RFC 2113 gii thiu mt ty chn IP c gi l ty chn cnh bo router (RA Router Alert). Hin ti RA c s dng trong c IGMP v RSVP. N cho php b nh tuyn kim tra cc gi c truyn v cho b nh tuyn ty chn sa i gi trc khi chuyn tip i. Mi thng ip c thit lp ty chn RA c gi theo h ng xui dng. Mi thng ip c thit lp ty chn RA c a ch IP ch l ui ng hm. Mi thng ip c thit lp ty chn RA hay t trm k (xui dng hoc ngc dng) a ch giao tip l a ch ch trn gi. Thc hin nh th cho php b nh tuyn pht hin ra cc b nh tuyn khng h tr RSVP (non-RSVP), v khng th xy d ng m t ng hm TE qua mt b nh tuyn khng giao tip vi RSVP do MPLS TE khng ch cn b ng thng dnh ring m cn cn s nh v nhn. Cc i tng con ERO strict v loose
ERO c m ha nh lm mt lo t cc i tng con c gi l nt tru tng (abstrat nodes). Mt nt tru tng c th l a ch IPv4, IPv6, hay mt AS (autonomous system). i tng con c th l mt trm cht hay lng. Cisco th ng dng trm cht (strict hop). Khi mt b nh tuyn x l mt trm cht, a ch IPv4 trong i tng con phi l kt ni trc tip ca b nh tuyn thc hin x l. Khi b nh tuyn x l mt trm lng (loose hop), n pht sinh mt tp cc trm cht l y thng ip Path v ch v thay th trm lng bng mt tp cc trm cht mi c pht sinh. Implicit v Explicit Null ui ng hm c hai lo i tn hiu nhnimplicit null v explicit null. Explicit null s dng gi tr 0 v Implicit null dng gi tr 3 trong trng Label ca i tng LABEL. Ngm nh nt cui ng hm gi tn hiu implicit null trong thng ip Resv ca n: LABEL type 1 length 8 : 00000000 Cch khong thng ip RSVP (RSVP spacing) Vi cht lng dch v th cn explicit null.
Cc ty chn ca lnh ip rsvp msg-pacing ?: Ty chn burst Ch c nng
Khi c mt s c trong mng (t kt ni, khi ng li router, ...). iu ny to ra mt lng rt ln s bo hiu. Nu t kt ni, cn g i PathErr hay ResvErr cho cc ng hm i qua kt ni. Nu c 2000 ng hm TE qua kt ni th cn 2000 PathErr/ResvErr. Mi thng ip RSVP n hng i ng vo ca mt router khc. Hng i ny c kch thc ngm nh l 75 gi. Nu qu nhiu thng ip v hng i y th c th lm mt gi. Mt im khng may na, khi thng ip RSVP mt, nt g i i s phi i n thi gian lm ti mi gi li thng ip 30 s - 50%. Gii quyt b ng cch tng b m? Tng bao nhiu cho ? Kt qu truyn lo t c th lm mt gi v hi t chm. Gii php tt nht l cch khong thng ip RSVP (RSVP Message Pacing), kim sot tc cc thng ip RSVP c gi hng i u cui kt ni khng b trn. Thc hin cu hnh chc nng ny bng lnh ip rsvp msg-pacing ? v i cc ty chn nh sau : Mc nh S lng ti a cc thng ip RSVP c th c gi trong 200 mt lo t truyn
Trn Th T Uyn
144
maxsize S lng ti a cc thng ip c vo hng i truyn period Khong thi gian m mt lo t thng ip c truyn Chuyn tip lu lng xung ng hm
500 1
Phn ny ta s kho st ba ph ng php chuyn tip lu lng mpls xung ng hm. Mt l dng cc tuyn tnh (static routes). Hai l dng nh tuyn d a trn chnh sch (policy base routing). Ba l nh tuyn t ng (Autoroute). Cch n gin nht nh tuyn mt lung lu lng xung mt giao tip ng hm l s dng nh tuyn tnh (static route). N ho t ng ging nh nh tuyn IP bnh thng. V d: S dng nh tuyn tnh (static route)
ip route 10.0.0.0 255.0.0.0 Tunnel0 ip route 10.0.0.0 255.0.0.0 POS0/0 S dng nh tuyn t nh quy : ip route 192.168.1.1 255.255.255.255 Tunnel0 ip route 10.0.0.0 255.0.0.0 192.168.1.1 nh tuyn da trn chnh sch (policy base routing) (vi: 192.168.1.1 : a ch cu i ng hm)
PBR (Policy Base Routing) c php s dng nh x tuyn theo chnh sch p dng cho giao tip ng vo. Vi PBR bn c th gi lo i lu lng c th xu ng mt giao tip ng hm m khng cn sa i bng nh tuyn ca b nh tuyn. V d:
C hai loi lu lng gi n Dst thoi v d liu. Nu ch mun lu lng tho i qua Tunnel0, bn c th thc hin bng PBR. Thc hin cu hnh trn b nh tuyn A nh sau : interface Ethernet0/0 ip policy route-map foo route-map foo match ip address 101 set interface Tunnel0 access-list 101 permit ip any host 5.5.5.5
Trn Th T Uyn
145
Nu c nhiu lo i giao tip trong Cisco IOS Software (mt giao tip vt l, giao tip con, hay ng hm GRE), b n cn cho php giao thc cng ni (IGP Interior Gateway Protocol) trn giao tip thit lp giao thc nh tuyn lng ging, hc tuyn, v xy d ng mt b ng nh tuyn cho giao tip . V d v hot ng chuyn tip lu lng xung ng hm
nh tuyn t ng
Bng nh tuyn ban u ca A:
y ta quan tm n bng nh tuyn ca b nh tuyn A sau khi s d ng nh tuyn tnh, nh tuyn d a trn chnh sch v nh tuyn t ng trong mng. Cc kt ni u c chi ph l 10. Trm ch A B C D E F G H I Trm k Chnh n B C C B B B B B Chi ph 0 10 10 20 20 30 30 40 40
nh tuyn tnh: Ta cu hnh cho lu lng n G
ip route router G's RID
Bng nh tuyn ca A nh sau:
255.255.255.255 Tunnel0 Trm ch A B C D E F G H I Trm k Chnh n B C C B B Tunnel0 B B Chi ph 0 10 10 20 20 30 30 40 40
Khng lm thay i b ng nh tuyn v quyt nh chuyn tip gi da trn chnh sch c cu hnh v giao tip, khng da trn b ng nh tuyn.
Trn Th T Uyn 146
nh tuyn d a trn chnh sch
nh tuyn t ng
Router xy d ng li bng nh tuyn b t k ch n (ui ng hm no cng c nh tuyn xu ng ng hm). Router A thc hin tin trnh IGP SPF vi nh tuyn t ng c cho php trn ng hm n router E. Bng nh tuyn ca A sau qu trnh ny nh sau: Trm ch A B C D E F G H I Trm k Chnh n B C C Tunnel0 Tunnel0 Tunnel0 Tunnel0 Tunnel0 Chi ph 0 10 10 20 20 30 30 40 40
Trn Th T Uyn
147

MPLS Tieng Viet

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

MPLS Tieng Viet

Uploaded by

Copyright:

Available Formats

CHUYN MCH NHN A GIAO THC

(MPLS MultiProtocol Label Switching)

Tc gi: Trn Th T Uyn

Chng 1: TNG QUAN V MPLS

im vt tri ca MPLS so vi m hnh IP over ATM

Cc hnh thc hot ng ca MPLS

Nhn (Label) trong MPLS

ATM Cell header

Giao thc nh tuyn IP

Chuyn i thng tin nh tuyn

Giao thc phn phi nhn

Chuyn i thng tin lin kt nhn

Bng nh tuyn IP (ECF FIB)

C s nh tuyn chuyn tip nhn (LFIB)

Mt phng chuyn tip (Forwarding plane)

iu khin nh tuyn MPLS Multicast IP

iu khin nh tuyn MPLS/VPN

iu khin Lu lng (MPLS TE)

Cht lng dch v (QoS)

C s thng tin chuyn tip nhn LFIB

Mt phng d liu ti mt nt mng

Cc thnh phn mt phng d liu v mt phng iu khin ca MPLS

Thut ton chuyn tip nhn (Label Forwarding Algorithm)

S duy tr nhn MPLS

C hai ch duy tr nhn:

Chng 2: CU HNH MPLS C BN

Biu tin trnh cu hnh Frame-Mode MPLS

Cc b c cu hnh d a trn s trn.

Cc bc cu hnh frame-mode MPLS c bn

S chuyn tip mt phng iu khin v mt phng d liu

Bc 2 : R2 gn mt LSP label t i 10.10.10.101/32. Gi tr nhn ny c qu ng b ti R3. Gi tr ny c R3 p t trn ng chuyn tip d liu.

Cc b c sau biu din ng chuyn tip d liu t R4 ti 10.10.10.101/32

Cu hnh v kim tra LSR1#show run Building configuration...

LSR1#show ip cef Prefix Next Hop 0.0.0.0/0 drop 0.0.0.0/32 receive

Interface Null0 (default route handler entry)

Serial0/1 Serial0/1 Serial0/1 Serial0/1 Serial0/1

LSR4#show ip cef Prefix Next Hop 0.0.0.0/0 drop 0.0.0.0/32 receive

Interface Null0 (default route handler entry)

Serial0/1 Serial0/1 Serial0/1

Serial0/1 Serial0/1 Serial0/1

Tng quan v VPN

Chng 3: TNG QUAN V MPLS VPN

Kin trc v thut ng trong MPLS VPN

Cc thnh phn chnh ca kin trc MPLS VPN:

VRF - Virtual Routing and Forwarding Table

Route Distinguisher, Route Targets, MP-BGP, v Address Families

Hot ng ca mt phng iu khin MPLS VPN

Hot ng ca mt phng d liu MPLS VPN

Cu hnh cho router CE

Cc bc ny c gii quyt nhng chng trc nn y ta ch quan tm n cu hnh nh danh VRF.

Cu hnh VRF trn PE

Kim tra s tn ti ca VRF trn giao tip Router#show ip vrf

Kim chng v gim st nh tuyn BGP PE-PE trn router PE:

Cu hnh trn router P:

Giao thc nh tuyn EIGRP PE-CE

Chng 4: GIAO THC NH TUYN EIGRP PE-CE

0x8800 EIGRP General Route Information

Route Flag and Tag

0x8801 EIGRP Route Metric Information and AS

0x8802 EIGRP Route Metric Information

Reliability, Next Hop, and Bandwidth

0x8803 EIGRP Route Metric Information

Reserve, Load, and Maximum Transmission Unit (MTU)