Hướng dẫn kỹ thuật CÔNG TY CỔ PHẦN DỊCH VỤ CÔNG NGHỆ DATECH
Số 23E4 KĐT Cầu Diễn, Tổ 7, Phú Diễn, Bắc Từ Liêm, Hà Nội
Email: info@datech.vn
Danh mục sản phẩm
CÔNG TY CỔ PHẦN DỊCH VỤ CÔNG NGHỆ DATECH
Số 23E4 KĐT Cầu Diễn, Tổ 7, Phú Diễn, Bắc Từ Liêm, Hà Nội
Danh mục sản phẩm
Router 
Firewall 
Switch 
Wifi - Access Point 
Máy chủ ( Server ) 
Thiết bị lưu trữ NAS 
Networking Accessories 
Video Conference 
Vật tư mạng 
Tổng đài & điện thoại 
Bộ lưu điện UPS 
13/12/2021
13/12/2021
Danh sách nội dung [Ẩn]
Cấu hình kỹ thuật định tuyến lưu lượng đầu ra bằng BGP Labeled Unicast
Ở trong ví dụ này Datech minh họa cho ANH/CHỊ cách cấu hình kỹ thuật định tuyến lưu lượng đầu ra (egress peer traffic engineering) bằng BGP Labeled Unicast. Kỹ thuật này cho phép một bộ điều khiển trung tâm hướng dẫn router đầu vào (ingress router) trong miền định tuyến điều hướng lưu lượng đến một router đầu ra (egress router) cụ thể và một giao diện bên ngoài cụ thể để tiếp cận một điểm đích ngoài mạng. Trong trường hợp cân bằng tải tại ingress, tính năng này giúp tối ưu hóa việc sử dụng các tuyến egress được quảng bá.
Yêu cầu
Tổng quan
Ví dụ này sử dụng các thành phần phần cứng và phần mềm sau:
Tổng quan
Bắt đầu từ phiên bản Junos OS 14.2R4, bạn có thể kích hoạt kỹ thuật lưu lượng (Traffic Engineering - TE) cho lưu lượng dịch vụ, chẳng hạn như lưu lượng MPLS LSP giữa các hệ thống tự trị (ASs), bằng cách sử dụng BGP Labeled Unicast để tối ưu hóa việc sử dụng các tuyến egress được quảng bá trong quá trình cân bằng tải.
Cấu hình kỹ thuật định tuyến lưu lượng đầu ra (egress peer TE) giúp điều hướng lưu lượng dịch vụ lõi, chẳng hạn như MPLS RSVP, đến một peer BGP egress cụ thể. Peer BGP ingress có thể thực hiện kỹ thuật lưu lượng (traffic engineering) đối với lưu lượng dịch vụ inet unicast và inet6 unicast trong mạng lõi bằng cách sử dụng BGP Labeled Unicast để điều hướng đến một peer BGP egress cụ thể.
**Lưu ý: Bạn không thể cấu hình kỹ thuật định tuyến lưu lượng đầu ra (egress peer TE) cho các peer eBGP multihop. Các tuyến ARP trong inet.3 chỉ được cài đặt cho các tuyến peer /32 và /128.
Topology
Hình 1 minh họa sơ đồ mẫu. Router R3 và Router R4 là các router biên của hệ thống tự trị (AS boundary routers). Kỹ thuật egress peer TE được kích hoạt trên R3. Router đầu vào R0 sẽ định tuyến lưu lượng đến mạng từ xa thông qua R3, nơi egress peer TE đã được kích hoạt.
Hình 1: Cấu hình kỹ thuật định tuyến lưu lượng đầu ra bằng BGP Labeled Unicast
Cấu hình Nhanh bằng CLI
Để nhanh chóng cấu hình ví dụ này, hãy sao chép các lệnh sau, dán vào một tệp văn bản, loại bỏ bất kỳ dấu ngắt dòng nào, thay đổi các chi tiết cần thiết để phù hợp với cấu hình mạng của bạn, sao chép và dán các lệnh vào CLI tại cấp độ phân cấp [edit], sau đó nhập commit trong chế độ cấu hình.
Router R0
set interfaces ge-2/0/1 unit 0 family inet address 10.1.1.1/24 set interfaces ge-2/0/1 unit 0 family inet6 address 2001:db8:10:1:1::1/64 set interfaces ge-2/1/4 unit 0 family inet address 10.100.100.1/30 set interfaces ge-2/1/4 unit 0 family inet6 address ::10.100.100.1/126 set interfaces ge-2/1/4 unit 0 family mpls set interfaces lo0 unit 0 family inet address 10.1.1.1/32 set interfaces lo0 unit 0 family inet6 address ::10.1.1.1/128 set routing-options router-id 01.1.1.1 set routing-options autonomous-system 64496 set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls ipv6-tunneling set protocols mpls no-cspf set protocols mpls label-switched-path to_asbr1_r3 to 10.6.6.6 set protocols mpls label-switched-path to_asbr2_r4 to 10.7.7.7 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp group RR-1-2 type internal set protocols bgp group RR-1-2 local-address 10.1.1.1 set protocols bgp group RR-1-2 family inet unicast add-path receive set protocols bgp group RR-1-2 family inet unicast add-path send path-count 6 set protocols bgp group RR-1-2 family inet labeled-unicast rib inet.3 set protocols bgp group RR-1-2 family inet6 unicast add-path receive set protocols bgp group RR-1-2 family inet6 unicast add-path send path-count 6 set protocols bgp group RR-1-2 family inet6 labeled-unicast rib inet6.3 set protocols bgp group RR-1-2 export exp-svr-pre set protocols bgp group RR-1-2 export nhs set protocols bgp group RR-1-2 neighbor 10.4.4.4 set protocols bgp group R0RT0 type external set protocols bgp group R0RT0 family inet unicast set protocols bgp group R0RT0 peer-as 64496 set protocols bgp group R0RT0 neighbor 10.1.1.2 set protocols bgp group R0RT0-v6 type external set protocols bgp group R0RT0-v6 family inet6 unicast set protocols bgp group R0RT0-v6 peer-as 64496 set protocols bgp group R0RT0-v6 neighbor 2001:db8:40::2 set protocols ospf area 0.0.0.0 interface ge-2/1/4.0 set protocols ospf area 0.0.0.0 interface fxp0.0 disable set protocols ospf area 0.0.0.0 interface lo0.0 passive set protocols ldp interface all set protocols ldp interface fxp0.0 disable set policy-options prefix-list server_v4_prefix 10.1.1.1/32 set policy-options prefix-list server_v6_prefix ::10.1.1.1/128 set policy-options policy-statement exp-svr-pre term 1 from prefix-list server_v4_prefix set policy-options policy-statement exp-svr-pre term 1 then accept set policy-options policy-statement exp-svr-pre term 2 from prefix-list server_v6_prefix set policy-options policy-statement exp-svr-pre term 2 then accept set policy-options policy-statement nhs then next-hop self |
Router R1
set interfaces ge-1/0/4 unit 0 family inet address 00.100.100.2/30 set interfaces ge-1/0/4 unit 0 family inet6 address ::00.100.100.2/126 set interfaces ge-1/0/4 unit 0 family mpls set interfaces ge-1/0/6 unit 0 family inet address 10.100.104.1/30 set interfaces ge-1/0/6 unit 0 family inet6 address ::10.100.104.1/126 set interfaces ge-1/0/6 unit 0 family mpls set interfaces ge-1/0/9 unit 0 family inet address 100.100.105.1/30 set interfaces ge-1/0/9 unit 0 family inet6 address ::10.100.105.1/126 set interfaces ge-1/0/9 unit 0 family mpls set interfaces ge-1/1/3 unit 0 family inet address 10.100.102.1/30 set interfaces ge-1/1/3 unit 0 family inet6 address ::10.100.102.1/126 set interfaces ge-1/1/3 unit 0 family mpls set interfaces lo0 unit 0 family inet address 10.3.3.3/32 set interfaces lo0 unit 0 family inet6 address ::10.3.3.3/128 set routing-options router-id 10.3.3.3 set routing-options autonomous-system 64496 set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls ipv6-tunneling set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols ospf area 0.0.0.0 interface all set protocols ospf area 0.0.0.0 interface fxp0.0 disable set protocols ospf area 0.0.0.0 interface lo0.0 passive set protocols ldp interface all set protocols ldp interface fxp0.0 disable |
Router R2
set interfaces et-0/0/0 unit 0 family inet address 10.100.102.2/30 set interfaces et-0/0/0 unit 0 family inet6 address ::10.100.102.2/126 set interfaces et-0/0/0 unit 0 family mpls set interfaces lo0 unit 0 family inet address 10.4.4.4/32 set interfaces lo0 unit 0 family inet6 address ::10.4.4.4/128 set routing-options router-id 10.4.4.4 set routing-options autonomous-system 64496 set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls ipv6-tunneling set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp group Client type internal set protocols bgp group Client local-address 10.4.4.4 set protocols bgp group Client advertise-inactive set protocols bgp group Client family inet unicast add-path receive set protocols bgp group Client family inet unicast add-path send path-count 6 set protocols bgp group Client family inet labeled-unicast rib inet.3 set protocols bgp group Client family inet6 unicast add-path receive set protocols bgp group Client family inet6 unicast add-path send path-count 6 set protocols bgp group Client family inet6 labeled-unicast rib inet6.3 set protocols bgp group Client cluster 10.4.4.4 set protocols bgp group Client neighbor 10.1.1.1 set protocols bgp group Client neighbor 10.6.6.6 set protocols bgp group Client neighbor 10.7.7.7 set protocols ospf area 0.0.0.0 interface et-0/0/0.0 set protocols ospf area 0.0.0.0 interface fxp0.0 disable set protocols ospf area 0.0.0.0 interface lo0.0 passive set protocols ldp interface all set protocols ldp interface fxp0.0 disable |
Router R3
set interfaces ge-1/1/0 unit 0 family inet address 10.100.104.2/30 set interfaces ge-1/1/0 unit 0 family inet6 address ::10.100.104.2/126 set interfaces ge-1/1/0 unit 0 family mpls set interfaces ge-2/2/5 unit 0 family inet address 10.200.203.1/28 set interfaces ge-2/2/5 unit 0 family inet6 address ::10.200.203.1/124 set interfaces ge-2/2/8 unit 0 family inet address 10.200.202.1/30 set interfaces ge-2/2/8 unit 0 family inet6 address ::10.200.202.1/126 set interfaces lo0 unit 0 family inet address 10.6.6.6/32 set interfaces lo0 unit 0 family inet6 address ::10.6.6.6/128 set routing-options router-id 10.6.6.6 set routing-options autonomous-system 64496 set routing-options forwarding-table export pplb set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls ipv6-tunneling set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp log-updown set protocols bgp group RR-1-2 type internal set protocols bgp group RR-1-2 local-address 10.6.6.6 set protocols bgp group RR-1-2 family inet unicast add-path receive set protocols bgp group RR-1-2 family inet unicast add-path send path-count 6 set protocols bgp group RR-1-2 family inet labeled-unicast rib inet.3 set protocols bgp group RR-1-2 family inet6 unicast add-path receive set protocols bgp group RR-1-2 family inet6 unicast add-path send path-count 6 set protocols bgp group RR-1-2 family inet6 labeled-unicast rib inet6.3 set protocols bgp group RR-1-2 export exp-arp-to-rrs set protocols bgp group RR-1-2 neighbor 10.4.4.4 set protocols bgp group Peer1-lan-1 type external set protocols bgp group Peer1-lan-1 family inet unicast set protocols bgp group Peer1-lan-1 export exp_server_v4_v6_peers set protocols bgp group Peer1-lan-1 peer-as 64497 set protocols bgp group Peer1-lan-1 neighbor 10.200.202.2 egress-te set protocols bgp group Peer1-lan-1 neighbor 10.200.203.2 egress-te set protocols bgp group Peer1-lan-1-v6 family inet6 unicast set protocols bgp group Peer1-lan-1-v6 export exp_server_v4_v6_peers set protocols bgp group Peer1-lan-1-v6 peer-as 64497 set protocols bgp group Peer1-lan-1-v6 neighbor ::10.200.202.2 egress-te set protocols bgp group Peer1-lan-1-v6 neighbor ::10.200.203.2 egress-te set protocols ospf area 0.0.0.0 interface ge-1/1/0.0 set protocols ospf area 0.0.0.0 interface fxp0.0 disable set protocols ospf area 0.0.0.0 interface lo0.0 passive set protocols ldp interface all set protocols ldp interface fxp0.0 disable set policy-options prefix-list server_v4_pre 10.1.1.1/32 set policy-options prefix-list server_v6_pre ::10.1.1.1/128 set policy-options policy-statement exp-arp-to-rrs term 1 from protocol arp set policy-options policy-statement exp-arp-to-rrs term 1 from rib inet.3 set policy-options policy-statement exp-arp-to-rrs term 1 then next-hop self set policy-options policy-statement exp-arp-to-rrs term 1 then accept set policy-options policy-statement exp-arp-to-rrs term 2 from protocol arp set policy-options policy-statement exp-arp-to-rrs term 2 from rib inet6.3 set policy-options policy-statement exp-arp-to-rrs term 2 then next-hop self set policy-options policy-statement exp-arp-to-rrs term 2 then accept set policy-options policy-statement exp-arp-to-rrs term 3 from protocol bgp set policy-options policy-statement exp-arp-to-rrs term 3 then accept set policy-options policy-statement exp-arp-to-rrs term 4 then reject set policy-options policy-statement exp_server_v4_v6_peers term 1 from prefix-list server_v4_pre set policy-options policy-statement exp_server_v4_v6_peers term 1 then accept set policy-options policy-statement exp_server_v4_v6_peers term 2 from prefix-list server_v6_pre set policy-options policy-statement exp_server_v4_v6_peers term 2 then accept set policy-options policy-statement pplb then load-balance per-packet |
Router R4
set interfaces ge-3/0/2 vlan-tagging set interfaces ge-3/0/2 unit 0 vlan-id 1 set interfaces ge-3/0/2 unit 0 family inet address 10.200.204.1/24 set interfaces ge-3/0/2 unit 0 family inet6 address ::10.200.204.1/120 set interfaces ge-3/0/2 unit 0 family mpls set interfaces ge-3/0/2 unit 1 vlan-id 2 set interfaces ge-3/2/4 unit 0 family inet address 10.100.105.2/30 set interfaces ge-3/2/4 unit 0 family inet6 address ::10.100.105.2/126 set interfaces ge-3/2/4 unit 0 family mpls set interfaces lo0 unit 0 family inet address 10.7.7.7/32 set interfaces lo0 unit 0 family inet6 address ::10.7.7.7/128 set routing-options router-id 10.7.7.7 set routing-options autonomous-system 64496 set routing-options forwarding-table export pplb set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls ipv6-tunneling set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp group RR-1-2 type internal set protocols bgp group RR-1-2 local-address 10.7.7.7 set protocols bgp group RR-1-2 family inet unicast add-path receive set protocols bgp group RR-1-2 family inet unicast add-path send path-count 6 set protocols bgp group RR-1-2 family inet labeled-unicast rib inet.3 set protocols bgp group RR-1-2 family inet6 unicast add-path receive set protocols bgp group RR-1-2 family inet6 unicast add-path send path-count 6 set protocols bgp group RR-1-2 family inet6 labeled-unicast rib inet6.3 set protocols bgp group RR-1-2 export exp-arp-to-rrs set protocols bgp group RR-1-2 neighbor 10.4.4.4 set protocols bgp group Peer5-6-lan type external set protocols bgp group Peer5-6-lan family inet unicast set protocols bgp group Peer5-6-lan export exp_server_v4_v6_peers set protocols bgp group Peer5-6-lan peer-as 64497 set protocols bgp group Peer5-6-lan-v6 type external set protocols bgp group Peer5-6-lan-v6 family inet6 unicast set protocols bgp group Peer5-6-lan-v6 export exp_server_v4_v6_peers set protocols bgp group Peer5-6-lan-v6 peer-as 64497 set protocols ospf area 0.0.0.0 interface ge-3/2/4.0 set protocols ospf area 0.0.0.0 interface fxp0.0 disable set protocols ospf area 0.0.0.0 interface lo0.0 passive set protocols ldp interface all set protocols ldp interface fxp0.0 disable set policy-options prefix-list server_v4_pre 10.1.1.1/32 set policy-options prefix-list server_v6_pre ::10.1.1.1/128 set policy-options policy-statement exp-arp-to-rrs term 1 from protocol arp set policy-options policy-statement exp-arp-to-rrs term 1 from rib inet.3 set policy-options policy-statement exp-arp-to-rrs term 1 then next-hop self set policy-options policy-statement exp-arp-to-rrs term 1 then accept set policy-options policy-statement exp-arp-to-rrs term 2 from protocol arp set policy-options policy-statement exp-arp-to-rrs term 2 from rib inet6.3 set policy-options policy-statement exp-arp-to-rrs term 2 then next-hop self set policy-options policy-statement exp-arp-to-rrs term 2 then accept set policy-options policy-statement exp-arp-to-rrs term 3 from protocol bgp set policy-options policy-statement exp-arp-to-rrs term 3 then accept set policy-options policy-statement exp-arp-to-rrs term 4 then reject set policy-options policy-statement exp_server_v4_v6_peers term 1 from prefix-list server_v4_pre set policy-options policy-statement exp_server_v4_v6_peers term 1 then accept set policy-options policy-statement exp_server_v4_v6_peers term 2 from prefix-list server_v6_pre set policy-options policy-statement exp_server_v4_v6_peers term 2 then accept set policy-options policy-statement pplb then load-balance per-packet |
Router R5
set interfaces ge-0/2/1 unit 0 family inet address 10.100.140.1/30 set interfaces ge-0/2/1 unit 0 family inet6 address ::10.100.140.1/126 set interfaces ge-0/3/1 unit 0 family inet address 10.200.203.2/28 set interfaces ge-0/3/1 unit 0 family inet6 address ::10.200.203.2/124 set interfaces ge-0/3/4 unit 0 family inet address 10.200.202.2/30 set interfaces ge-0/3/4 unit 0 family inet6 address ::10.200.202.2/126 set interfaces lo0 unit 0 family inet address 10.8.8.8/32 set interfaces lo0 unit 0 family inet6 address ::10.8.8.8/128 set routing-options router-id 10.8.8.8 set routing-options autonomous-system 64497 set protocols bgp group Peer1-lan-1 type external set protocols bgp group Peer1-lan-1 family inet unicast set protocols bgp group Peer1-lan-1 export exp-lo0 set protocols bgp group Peer1-lan-1 peer-as 64497 set protocols bgp group Peer1-lan-1 neighbor 10.200.202.1 set protocols bgp group Peer1-lan-1 neighbor 10.200.203.1 set protocols bgp group Peer1-lan-1-v6 family inet6 unicast set protocols bgp group Peer1-lan-1-v6 export exp-lo0 set protocols bgp group Peer1-lan-1-v6 peer-as 64497 set protocols bgp group Peer1-lan-1-v6 neighbor ::10.200.202.1 set protocols bgp group Peer1-lan-1-v6 neighbor ::10.200.203.1 set protocols bgp group Peer1-H1 type external set protocols bgp group Peer1-H1 family inet unicast set protocols bgp group Peer1-H1 neighbor 10.100.140.2 peer-as 64498 set protocols bgp group Peer1-H1-v6 type external set protocols bgp group Peer1-H1-v6 family inet6 unicast set protocols bgp group Peer1-H1-v6 neighbor ::10.100.140.2 peer-as 64498 set policy-options policy-statement exp-lo0 term 1 from interface lo0.0 set policy-options policy-statement exp-lo0 term 1 then accept |
Router R6
set interfaces ge-1/1/2 unit 0 family inet address 10.100.140.2/30 set interfaces ge-1/1/2 unit 0 family inet6 address ::10.100.140.2/126 set interfaces ge-1/1/5 unit 0 family inet address 10.1.1.1/24 set interfaces ge-1/1/5 unit 0 family inet6 address 2001:db8:10:1:1::1/120 set interfaces lo0 unit 0 family inet address 10.17.17.1/32 set interfaces lo0 unit 0 family inet address 10.17.17.2/32 set interfaces lo0 unit 0 family inet address 10.17.17.3/32 set interfaces lo0 unit 0 family inet address 10.17.17.4/32 set interfaces lo0 unit 0 family inet address 10.17.17.5/32 set interfaces lo0 unit 0 family inet address 10.17.17.6/32 set interfaces lo0 unit 0 family inet address 10.17.17.7/32 set interfaces lo0 unit 0 family inet address 10.17.17.8/32 set interfaces lo0 unit 0 family inet address 10.17.17.9/32 set interfaces lo0 unit 0 family inet6 address ::10.17.17.1/128 set interfaces lo0 unit 0 family inet6 address ::10.17.17.2/128 set interfaces lo0 unit 0 family inet6 address ::10.17.17.3/128 set interfaces lo0 unit 0 family inet6 address ::10.17.17.4/128 set interfaces lo0 unit 0 family inet6 address ::10.17.17.5/128 set interfaces lo0 unit 0 family inet6 address ::10.17.17.6/128 set interfaces lo0 unit 0 family inet6 address ::10.17.17.7/128 set interfaces lo0 unit 0 family inet6 address ::10.17.17.8/128 set interfaces lo0 unit 0 family inet6 address ::10.17.17.9/128 set routing-options router-id 10.17.17.1 set routing-options autonomous-system 64498 set protocols bgp group H1-Peer1 type external set protocols bgp group H1-Peer1 family inet unicast set protocols bgp group H1-Peer1 export exp-lo0 set protocols bgp group H1-Peer1 neighbor 10.100.140.1 peer-as 64497 set protocols bgp group H1-Peer1-v6 type external set protocols bgp group H1-Peer1-v6 family inet6 unicast set protocols bgp group H1-Peer1-v6 export exp-lo0 set protocols bgp group H1-Peer1-v6 neighbor ::100.100.140.1 peer-as 64497 set protocols bgp group R6RT0 type external set protocols bgp group R6RT0 family inet unicast set protocols bgp group R6RT0 peer-as 65300 set protocols bgp group R6RT0 neighbor 10.1.1.2 set protocols bgp group R6RT0-v6 type external set protocols bgp group R6RT0-v6 family inet6 unicast set protocols bgp group R6RT0-v6 peer-as 65300 set protocols bgp group R6RT0-v6 neighbor 2008:db8:50::2 set policy-options policy-statement exp-lo0 term 1 from interface lo0.0 set policy-options policy-statement exp-lo0 term 1 then accept set policy-options policy-statement exp-lo0 term 2 from protocol direct set policy-options policy-statement exp-lo0 term 2 from protocol local set policy-options policy-statement exp-lo0 term 2 then accept |
Router R7
set interfaces ge-1/0/6 unit 0 family inet address 10.100.141.1/30 set interfaces ge-1/0/6 unit 0 family inet6 address ::10.100.141.1/126 set interfaces ge-1/1/4 vlan-tagging set interfaces ge-1/1/4 unit 0 vlan-id 1 set interfaces ge-1/1/4 unit 0 family inet address 10.200.204.2/24 set interfaces ge-1/1/4 unit 0 family inet6 address ::10.200.204.2/120 set interfaces ge-1/1/4 unit 1 vlan-id 2 set interfaces ge-1/1/4 unit 2 vlan-id 3 set interfaces lo0 unit 0 family inet address 10.9.9.9/32 set interfaces lo0 unit 0 family inet6 address ::10.9.9.9/128 set routing-options router-id 10.9.9.9 set routing-options autonomous-system 64497 set protocols bgp group Peer1-lan-1 type external set protocols bgp group Peer1-lan-1 family inet unicast set protocols bgp group Peer1-lan-1 export exp-lo0 set protocols bgp group Peer1-lan-1 peer-as 64497 set protocols bgp group Peer1-lan-1 neighbor 10.200.204.1 set protocols bgp group Peer1-lan-1-v6 family inet6 unicast set protocols bgp group Peer1-lan-1-v6 export exp-lo0 set protocols bgp group Peer1-lan-1-v6 peer-as 64497 set protocols bgp group Peer1-lan-1-v6 neighbor ::10.200.204.1 set protocols bgp group Peer2-H2 type external set protocols bgp group Peer2-H2 family inet unicast set protocols bgp group Peer2-H2 neighbor 10.100.141.2 peer-as 64499 set protocols bgp group Peer2-H2-v6 type external set protocols bgp group Peer2-H2-v6 family inet6 unicast set protocols bgp group Peer2-H2-v6 neighbor ::10.100.141.2 peer-as 64499 set policy-options policy-statement exp-lo0 term 1 from interface lo0.0 set policy-options policy-statement exp-lo0 term 1 then accept |
Router R8
set interfaces ge-4/0/5 unit 0 family inet address 10.100.141.2/30 set interfaces ge-4/0/5 unit 0 family inet6 address ::10.100.141.2/126 set interfaces lo0 unit 0 family inet address 10.18.18.1/32 set interfaces lo0 unit 0 family inet address 10.18.18.2/32 set interfaces lo0 unit 0 family inet address 10.18.18.3/32 set interfaces lo0 unit 0 family inet address 10.18.18.4/32 set interfaces lo0 unit 0 family inet address 10.18.18.5/32 set interfaces lo0 unit 0 family inet address 10.18.18.6/32 set interfaces lo0 unit 0 family inet address 10.18.18.7/32 set interfaces lo0 unit 0 family inet address 10.18.18.8/32 set interfaces lo0 unit 0 family inet address 10.18.18.9/32 set interfaces lo0 unit 0 family inet6 address ::10.18.18.1/128 set interfaces lo0 unit 0 family inet6 address ::10.18.18.2/128 set interfaces lo0 unit 0 family inet6 address ::10.18.18.3/128 set interfaces lo0 unit 0 family inet6 address ::10.18.18.4/128 set interfaces lo0 unit 0 family inet6 address ::10.18.18.5/128 set interfaces lo0 unit 0 family inet6 address ::10.18.18.6/128 set interfaces lo0 unit 0 family inet6 address ::10.18.18.7/128 set interfaces lo0 unit 0 family inet6 address ::10.18.18.8/128 set interfaces lo0 unit 0 family inet6 address ::10.18.18.9/128 set routing-options router-id 10.18.18.1 set routing-options autonomous-system 64499 set protocols bgp group H2-Peer2 type external set protocols bgp group H2-Peer2 family inet unicast set protocols bgp group H2-Peer2 export exp-lo0 set protocols bgp group H2-Peer2 neighbor 10.100.141.1 peer-as 64497 set protocols bgp group H2-Peer2-v6 type external set protocols bgp group H2-Peer2-v6 family inet6 unicast set protocols bgp group H2-Peer2-v6 export exp-lo0 set protocols bgp group H2-Peer2-v6 neighbor ::10.100.141.1 peer-as 64497 set protocols bgp group R8RT0 type external set protocols bgp group R8RT0 family inet unicast set protocols bgp group R8RT0 peer-as 65400 set protocols bgp group R8RT0 neighbor 10.1.1.2 set policy-options policy-statement exp-lo0 term 1 from interface lo0.0 set policy-options policy-statement exp-lo0 term 1 then accept set policy-options policy-statement exp-lo0 term 2 then reject |
Quy trình từng bước
Ví dụ sau yêu cầu bạn điều hướng qua nhiều cấp độ trong hệ thống phân cấp cấu hình. Để biết thêm thông tin về cách điều hướng trong CLI, hãy tham khảo Hướng dẫn Sử dụng Trình chỉnh sửa CLI trong Chế độ Cấu hình trong CLI User Guide.
Cấu hình Router R3:
**Lưu ý: Lặp lại quy trình này cho các router khác sau khi điều chỉnh tên giao diện, địa chỉ IP và các tham số phù hợp.
- Cấu hình các giao diện với địa chỉ IPv4 và IPv6.
[edit interfaces] user@R3# set ge-1/1/0 unit 0 family inet address 10.100.104.2/30 user@R3# set ge-1/1/0 unit 0 family inet6 address ::10.100.104.2/126 user@R3# set ge-1/1/0 unit 0 family mpls user@R3# set ge-2/2/5 unit 0 family inet address 10.200.203.1/28 user@R3# set ge-2/2/5 unit 0 family inet6 address ::10.200.203.1/124 user@R3# set ge-2/2/8 unit 0 family inet address 10.200.202.1/30 user@R3# set ge-2/2/8 unit 0 family inet6 address ::10.200.202.1/126 |
- Cấu hình địa chỉ loopback.
[edit interfaces] user@R3# set lo0 unit 0 family inet address 10.6.6.6/32 user@R3# set lo0 unit 0 family inet6 address ::10.6.6.6/128 |
- Cấu hình Router ID và số Autonomous System (AS).
[edit routing-options] user@R3# set router-id 10.6.6.6 user@R3# set autonomous-system 64496 |
- Cấu hình giao thức RSVP cho tất cả các giao diện, ngoại trừ giao diện quản lý.
[edit protocols] user@R3# set rsvp interface all user@R3# set rsvp interface fxp0.0 disable |
- Cấu hình giao thức MPLS cho tất cả các giao diện, ngoại trừ giao diện quản lý.
[edit protocols] user@R3# set mpls ipv6-tunneling user@R3# set mpls interface all user@R3# set mpls interface fxp0.0 disable |
- Cấu hình phiên IBGP peering trên giao diện hướng vào mạng lõi.
[edit protocols] user@R3# set bgp log-updown user@R3# set bgp group RR-1-2 type internal user@R3# set bgp group RR-1-2 local-address 10.6.6.6 user@R3# set bgp group RR-1-2 family inet unicast add-path receive user@R3# set bgp group RR-1-2 family inet unicast add-path send path-count 6 user@R3# set bgp group RR-1-2 family inet labeled-unicast rib inet.3 user@R3# set bgp group RR-1-2 family inet6 unicast add-path receive user@R3# set bgp group RR-1-2 family inet6 unicast add-path send path-count 6 user@R3# set bgp group RR-1-2 family inet6 labeled-unicast rib inet6.3 user@R3# set bgp group RR-1-2 neighbor 10.4.4.4 |
- Cấu hình phiên EBGP peering trên các giao diện kết nối với router biên bên ngoài.
[edit protocols] user@R3# set bgp group Peer1-lan-1 type external user@R3# set bgp group Peer1-lan-1 family inet unicast user@R3# set bgp group Peer1-lan-1 peer-as 64497 user@R3# set bgp group Peer1-lan-1-v6 family inet6 unicast user@R3# set bgp group Peer1-lan-1-v6 peer-as 64497 |
- Kích hoạt egress peer traffic engineering cho nhóm BGP bên ngoài Peer1-lan-1 và cho nhóm IPv6 Peer1-lan-1-v6.
[edit protocols] user@R3# set bgp group Peer1-lan-1 neighbor 10.200.202.2 egress-te user@R3# set bgp group Peer1-lan-1 neighbor 10.200.203.2 egress-te user@R3# set bgp group Peer1-lan-1-v6 neighbor ::10.200.202.2 egress-te user@R3# set bgp group Peer1-lan-1-v6 neighbor ::10.200.203.2 egress-te |
- Cấu hình giao thức OSPF làm giao thức định tuyến nội bộ (IGP).
[edit protocols] user@R3# set ospf area 0.0.0.0 interface ge-1/1/0.0 user@R3# set ospf area 0.0.0.0 interface fxp0.0 disable user@R3# set ospf area 0.0.0.0 interface lo0.0 passive user@R3# set ldp interface all user@R3# set ldp interface fxp0.0 disable |
- Định nghĩa một policy để xuất các tuyến ARP đến các route reflectors.
[edit policy-options] user@R3# set policy-statement exp-arp-to-rrs term 1 from protocol arp user@R3# set policy-statement exp-arp-to-rrs term 1 from rib inet.3 user@R3# set policy-statement exp-arp-to-rrs term 1 then next-hop self user@R3# set policy-statement exp-arp-to-rrs term 1 then accept user@R3# set policy-statement exp-arp-to-rrs term 2 from protocol arp user@R3# set policy-statement exp-arp-to-rrs term 2 from rib inet6.3 user@R3# set policy-statement exp-arp-to-rrs term 2 then next-hop self user@R3# set policy-statement exp-arp-to-rrs term 2 then accept user@R3# set policy-statement exp-arp-to-rrs term 3 from protocol bgp user@R3# set policy-statement exp-arp-to-rrs term 3 then accept user@R3# set policy-statement exp-arp-to-rrs term 4 then reject |
- Áp dụng policy exp-arp-to-rrs để xuất các tuyến ARP đến các route reflectors trong nhóm external BGP (ebgp-v6).
[edit protocols] user@R3# set bgp group RR-1-2 export exp-arp-to-rrs |
- Định nghĩa danh sách tiền tố (prefix lists) với các tuyến IPv4 và IPv6.
[edit policy-options] user@R3# set prefix-list server_v4_pre 10.1.1.1/32 user@R3# set prefix-list server_v6_pre ::10.1.1.1/128 |
- Định nghĩa policy để xuất các tuyến IPv4 và IPv6 đến máy chủ.
[edit policy-options] user@R3# set policy-statement exp_server_v4_v6_peers term 1 from prefix-list server_v4_pre user@R3# set policy-statement exp_server_v4_v6_peers term 1 then accept user@R3# set policy-statement exp_server_v4_v6_peers term 2 from prefix-list server_v6_pre user@R3# set policy-statement exp_server_v4_v6_peers term 2 then accept |
- Áp dụng policy để xuất các tuyến peer IPv4 và IPv6.
[edit protocols] user@R3# set bgp group Peer1-lan-1 export exp_server_v4_v6_peers user@R3# set bgp group Peer1-lan-1-v6 export exp_server_v4_v6_peers |
- Định nghĩa policy cân bằng tải theo từng gói tin (per-packet load balancing).
[edit policy-options] user@R3# set policy-statement pplb then load-balance per-packet |
- Áp dụng policy cân bằng tải theo từng gói tin (per-packet load balancing).
[edit routing-options] user@R3# set forwarding-table export pplb |
Kết quả
Từ chế độ cấu hình, xác nhận cấu hình của bạn bằng cách nhập các lệnh: show interfaces, show protocols, show routing-options, show policy-options. Nếu kết quả đầu ra không hiển thị đúng cấu hình mong muốn, hãy lặp lại các bước trong ví dụ này để chỉnh sửa cấu hình.
[edit] user@R3# show interfaces ge-1/1/0 { unit 0 { family inet { address 10.100.104.2/30; } family inet6 { address ::10.100.104.2/126; } family mpls; } } ge-2/2/5 { unit 0 { family inet { address 100.200.203.1/28; } family inet6 { address ::10.200.203.1/124; } } } ge-2/2/8 { unit 0 { family inet { address 10.200.202.1/30; } family inet6 { address ::10.200.202.1/126; } } } lo0 { unit 0 { family inet { address 10.6.6.6/32; } family inet6 { address ::10.6.6.6/128; } } } |
[edit] user@R3# show protocols rsvp { interface all; interface fxp0.0 { disable; } } mpls { ipv6-tunneling; interface all; interface fxp0.0 { disable; } } bgp { log-updown; group RR-1-2 { type internal; local-address 10.6.6.6; family inet { unicast { add-path { receive; send { path-count 6; } } } labeled-unicast { rib { inet.3; } } } family inet6 { unicast { add-path { receive; send { path-count 6; } } } labeled-unicast { rib { inet6.3; } } } export exp-arp-to-rrs; neighbor 10.4.4.4; } group Peer1-lan-1 { type external; family inet { unicast; } export exp_server_v4_v6_peers; peer-as 64497; neighbor 10.200.202.2 { egress-te; } neighbor 10.200.203.2 { egress-te; } } group Peer1-lan-1-v6 { family inet6 { unicast; } export exp_server_v4_v6_peers; peer-as 64497; neighbor ::10.200.202.2 { egress-te; } neighbor ::10.200.203.2 { egress-te; } } } ospf { area 0.0.0.0 { interface ge-1/1/0.0; interface fxp0.0 { disable; } interface lo0.0 { passive; } } } ldp { interface all; interface fxp0.0 { disable; } } |
[edit] user@R3# show routing-options router-id 10.6.6.6; autonomous-system 64496; forwarding-table { export pplb; } |
[edit] user@R3# show policy-options prefix-list server_v4_pre { 10.1.1.1/32; } prefix-list server_v6_pre { ::10.1.1.1/128; } policy-statement exp-arp-to-rrs { term 1 { from { protocol arp; rib inet.3; } then { next-hop self; accept; } } term 2 { from { protocol arp; rib inet6.3; } then { next-hop self; accept; } } term 3 { from protocol bgp; then accept; } term 4 { then reject; } } policy-statement exp_server_v4_v6_peers { term 1 { from { prefix-list server_v4_pre; } then accept; } term 2 { from { prefix-list server_v6_pre; } then accept; } } policy-statement pplb { then { load-balance per-packet; } } } |
Xác minh (Verification)
Xác nhận rằng cấu hình đang hoạt động đúng.
Xác định nhãn (Label) và giao thức Next Hop
Mục đích
Lấy số nhãn của gói tin được truyền từ R0 đến R6 và xác định next hop từ bảng định tuyến cho tuyến 10.17.17.2.
Thao tác
Từ chế độ vận hành (operational mode), chạy lệnh sau trên Router R0: show route 10.17.17.2 extensive active-path
user@R0> show route 10.17.17.2 extensive active-path inet.0: 262 destinations, 516 routes (261 active, 0 holddown, 1 hidden) 10.17.17.1/32 (3 entries, 1 announced) TSI: KRT in-kernel 10.17.17.1/32 -> {indirect(1048576)} Page 0 idx 0, (group R0RT0 type External) Type 1 val 0x9a87fe0 (adv_entry) Advertised metrics: Nexthop: Self AS path: [65100] 1 65010 I Communities: Path 10.17.17.1 from 10.4.4.4 Vector len 4. Val: 0 *BGP Preference: 170/-101 Next hop type: Indirect Address: 0x97724a0 Next-hop reference count: 339 Source: 10.4.4.4 Next hop type: Router, Next hop index: 624 Next hop: 10.100.100.2 via ge-2/1/4.0, selected Label-switched-path to_asbr1_r3 Label operation: Push 299888, Push 300128(top) Label TTL action: prop-ttl, prop-ttl(top) Load balance label: Label 299888: None; Label 300128: None; Session Id: 0x145 Protocol next hop: 10.200.201.2 Indirect next hop: 0x9a4c550 1048576 INH Session ID: 0x148 State: Local AS: 65100 Peer AS: 65100 Age: 1:33 Metric2: 2 Validation State: unverified Task: BGP_100.10.4.4.4+179 Announcement bits (3): 0-KRT 5-BGP_RT_Background 6-Resolve tree 2 AS path: 1 10 I (Originator) Cluster list: 10.4.4.4 Originator ID: 10.6.6.6 Accepted Localpref: 100 Router ID: 10.4.4.4 Addpath Path ID: 1 Indirect next hops: 1 Protocol next hop: 10.200.202.2 Metric: 2 Indirect next hop: 0x9a4c550 1048576 INH Session ID: 0x148 Indirect path forwarding next hops: 1 Next hop type: Router Next hop: 10.100.100.2 via ge-2/1/4.0 Session Id: 0x145 10.200.201.2/32 Originating RIB: inet.3 Metric: 2 Node path count: 1 Indirect nexthops: 1 Protocol Nexthop: 10.6.6.6 Metric: 2 Push 299888 Indirect nexthop: 0x9a4c220 - INH Session ID: 0x0 Indirect path forwarding nexthops: 1 Nexthop: 100.100.100.2 via ge-2/1/4.0 |
Ý nghĩa (Meaning)
Cả nhãn gói tin 299888 và next hop 10.200.202.2 đều xuất hiện trong kết quả đầu ra.
Xác minh đường đi của gói tin với nhãn 299888
Mục đích
Theo dõi đường đi của nhãn 299888 và xác minh rằng mục nhập VPN có trong bảng định tuyến mpls.0.
Thao tác
user@R3> show route table mpls.0 protocol vpn active-path label 299888 detail mpls.0: 17 destinations, 17 routes (17 active, 0 holddown, 0 hidden) 523440 (1 entry, 1 announced) *VPN Preference: 170 Next hop type: Router, Next hop index: 640 Address: 0xecfa130 Next-hop reference count: 2 Next hop: 10.200.202.2 via ge-2/2/8.0, selected Label operation: Pop Load balance label: None; Session Id: 0x16f State: Local AS: 64496 Age: 3:49:16 Validation State: unverified Task: BGP_RT_Background Announcement bits (1): 1-KRT AS path: I Ref Cnt: 1 |
Ý nghĩa (Meaning)
Nhãn 299888 cùng với mục nhập VPN và next hop 10.200.202.2 có trong bảng định tuyến mpls.0.
Xác minh rằng Egress Peer Traffic Engineering đã được kích hoạt trên Router R3
Mục đích
Xác minh rằng egress peer traffic engineering đã được cấu hình trên Router R3.
Thao tác
user@R3> show route protocol arp detail match-prefix 10.200.202.2 inet.0: 263 destinations, 514 routes (262 active, 0 holddown, 1 hidden)
inet.3: 10 destinations, 10 routes (10 active, 0 holddown, 0 hidden) 10.200.201.2/32 (1 entry, 1 announced) *ARP Preference: 170 Next hop type: Router Address: 0xecf91e0 Next-hop reference count: 5 Next hop: 10.200.202.2 via ge-2/2/8.0, selected Label operation: Pop Load balance label: None; Session Id: 0x0 State: Local AS: 64496 Age: 3:52:52 Validation State: unverified Task: BgpEgressPeeringTE Announcement bits (3): 2-Resolve tree 1 3-BGP_RT_Background 4-Resolve tree 2 |
Ý nghĩa
Kết quả đầu ra cho thấy rằng kỹ thuật định tuyến lưu lượng egress peer traffic engineering của BGP đã được bật trên Router R3.
Như vậy là chúng ta đã hoàn thành Cấu hình kỹ thuật định tuyến lưu lượng đầu ra bằng BGP Labeled Unicast trên Switch Juniper EX Series, chúc các bạn thực hiện thành công. Hi vọng bài viết này sẽ giúp ích cho các bạn trong công việc.
Nếu bạn có vấn đề gì thắc mắc đừng ngần ngại liên hệ với chúng tôi theo thông tin dưới đây để được hỗ trợ thêm.
Hẹn gặp lại các bạn trong các bài viết tiếp theo !
CÔNG TY CỔ PHẦN DỊCH VỤ CÔNG NGHỆ DATECH
• Địa chỉ: Số 23E4 KĐT Cầu Diễn, Tổ 7, Phú Diễn, Bắc Từ Liêm, Hà Nội
• Điện thoại: 02432012368
• Hotline: 098 115 6699
• Email: info@datech.vn
• Website: https://datech.vn
