CISCO 路由器OSPF+MPLS+BGP配置实例二OO八年九月四日目录一、网络环境 (3)二、网络描述 (3)三、网络拓扑图 (4)四、P路由器配置 (4)五、PE1路由器配置 (6)六、PE2路由器配置 (9)七、CE1路由器配置 (11)八、CE2路由器配置 (13)九、业务测试 (14)一、网络环境由5台CISCO7204组成的网络,一台为P路由器,两台PE路由器,两台CE 路由器;二、网络描述在P和两台PE路由器这间通过OSPF动态路由协议完成MPLS网络的建立，两台PE路由器这间启用BGP路由协议，在PE路由器上向所属的CE路由器指VPN 路由，在CE路由器中向PE路由器配置静态路由。

配置思路：1、在P和两台PE路由器这间通过OSPF动态路由协议，在P和PE路由器两两互连的端口上启用MPLS，两台PE之间的路为备份路由，这属公网路由。

2、两台PE路由器这间启用BGP路由协议，这使得属于VPN的IP地址能在两个网络（两台CE所属的网络）互相发布，这属私网（VPN）路由。

3、在PE路由器上向所属的CE路由器指VPN路由，这打通了两个网络（两台CE所属的网络）之间的路由。

三、网络拓扑图P路由器(r1)(r4) CE1路由器(r5)LOOP0:192.168.3.1/24LOOP0:192.168.4.1/24四、P路由器配置p#SHOW RUNBuilding configuration...Current configuration : 1172 bytes!version 12.3service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname p!boot-start-markerboot-end-marker!!no aaa new-modelip subnet-zero!!!ip cefip audit po max-events 100!!interface Loopback0ip address 202.98.4.3 255.255.255.255 !interface FastEthernet0/0description to_r2ip address 10.1.1.10 255.255.255.252 ip ospf cost 20duplex fulltag-switching mtu 1508tag-switching ip!interface FastEthernet1/0description to_r3ip address 10.1.1.6 255.255.255.252 ip ospf cost 20duplex fulltag-switching mtu 1508tag-switching ip!interface FastEthernet2/0no ip addressshutdownduplex half!interface FastEthernet3/0no ip addressshutdownduplex half!router ospf 100log-adjacency-changesredistribute connected subnets redistribute static subnetsnetwork 10.1.1.6 0.0.0.0 area 0 network 10.1.1.10 0.0.0.0 area 0!ip classlessno ip http serverno ip http secure-server!gatekeepershutdown!!line con 0exec-timeout 0 0logging synchronousstopbits 1line aux 0stopbits 1line vty 0 4login!!endp#五、PE1路由器配置pe1#show runBuilding configuration...Current configuration : 1813 bytes!version 12.3service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption!hostname pe1!boot-start-markerboot-end-marker!!no aaa new-modelip subnet-zero!!!ip vrf vpnard 1:100route-target export 200:1route-target import 200:1!ip cefip audit po max-events 100!!interface Loopback0ip address 202.98.4.1 255.255.255.255!interface FastEthernet0/0description to_r5ip vrf forwarding vpnaip address 172.16.1.1 255.255.255.252 duplex fulltag-switching ip!interface FastEthernet1/0description to_r1ip address 10.1.1.5 255.255.255.252ip ospf cost 20duplex fulltag-switching mtu 1508tag-switching ip!interface FastEthernet2/0ip address 10.1.1.1 255.255.255.252ip ospf cost 100duplex fulltag-switching mtu 1508tag-switching ip!interface FastEthernet3/0no ip addressshutdownduplex half!router ospf 100log-adjacency-changesredistribute connected metric-type 1 subnetsnetwork 10.1.1.0 0.0.0.255 area 0network 202.98.4.0 0.0.0.255 area 0!router bgp 100no bgp default ipv4-unicastbgp log-neighbor-changesneighbor 202.98.4.2 remote-as 100neighbor 202.98.4.2 update-source Loopback0 neighbor 202.98.4.2 version 4!address-family vpnv4neighbor 202.98.4.2 activateneighbor 202.98.4.2 send-community extendedexit-address-family!address-family ipv4 vrf vpnaredistribute connectedredistribute staticno auto-summaryno synchronizationexit-address-family!ip classlessip route vrf vpna 192.168.3.0 255.255.255.0 172.16.1.2 no ip http serverno ip http secure-server!ip ospf name-lookup!!gatekeepershutdown!!line con 0exec-timeout 0 0logging synchronousstopbits 1line aux 0stopbits 1line vty 0 4login!!endpe1#六、PE2路由器配置pe2#show runBuilding configuration...Current configuration : 1725 bytes!version 12.3service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption!hostname pe2!boot-start-markerboot-end-marker!!no aaa new-modelip subnet-zero!!!ip vrf vpnard 1:100route-target export 200:1route-target import 200:1!ip cefip audit po max-events 100!!interface Loopback0ip address 202.98.4.2 255.255.255.255 !interface FastEthernet0/0description to_r1ip address 10.1.1.9 255.255.255.252ip ospf cost 20duplex fulltag-switching ip!interface FastEthernet1/0ip vrf forwarding vpnaip address 172.16.2.1 255.255.255.0duplex fulltag-switching ip!interface FastEthernet2/0ip address 10.1.1.2 255.255.255.252ip ospf cost 100duplex fulltag-switching ip!interface FastEthernet3/0no ip addressshutdownduplex half!router ospf 100log-adjacency-changesredistribute connected metric 1 subnets redistribute static metric-type 1 subnets network 10.1.1.0 0.0.0.255 area 0!router bgp 100no bgp default ipv4-unicastbgp log-neighbor-changesneighbor 202.98.4.1 remote-as 100neighbor 202.98.4.1 update-source Loopback0 neighbor 202.98.4.1 version 4!address-family vpnv4neighbor 202.98.4.1 activateneighbor 202.98.4.1 send-community extended exit-address-family!address-family ipv4 vrf vpnaredistribute connectedredistribute staticno auto-summaryno synchronizationexit-address-family!ip classlessip route vrf vpna 192.168.4.0 255.255.255.0 172.16.2.2 no ip http serverno ip http secure-server!gatekeepershutdown!!line con 0exec-timeout 0 0logging synchronousstopbits 1line aux 0stopbits 1line vty 0 4login!!End七、CE1路由器配置ce1#show runBuilding configuration...Current configuration : 892 bytes!version 12.3service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname ce1!boot-start-markerboot-end-marker!!no aaa new-modelip subnet-zero!!!ip cefip audit po max-events 100!!interface Loopback0ip address 192.168.3.1 255.255.255.0 !interface FastEthernet0/0description to_r3ip address 172.16.1.2 255.255.255.252 duplex full!interface FastEthernet1/0no ip addressshutdownduplex half!interface FastEthernet2/0no ip addressshutdownduplex half!interface FastEthernet3/0no ip addressshutdownduplex half!ip classlessip route 0.0.0.0 0.0.0.0 172.16.1.1no ip http serverno ip http secure-server!!!gatekeepershutdown!!line con 0exec-timeout 0 0logging synchronousstopbits 1line aux 0stopbits 1line vty 0 4login!!end八、CE2路由器配置Ce2#show runBuilding configuration...*Sep 3 13:53:56.167: %SYS-5-CONFIG_I: Configured from console by console Current configuration : 888 bytes!version 12.3service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname ce2!boot-start-markerboot-end-marker!!no aaa new-modelip subnet-zero!!!ip cefip audit po max-events 100!!interface Loopback0ip address 10.10.13.1 255.255.255.0!interface FastEthernet0/0no ip addressshutdownduplex half!interface FastEthernet1/0description to_r2ip address 10.10.12.2 255.255.255.0duplex full!interface FastEthernet2/0no ip addressshutdownduplex half!interface FastEthernet3/0no ip addressshutdownduplex half!ip classlessip route 0.0.0.0 0.0.0.0 172.16.2.1no ip http serverno ip http secure-server!!gatekeepershutdown!!line con 0exec-timeout 0 0logging synchronousstopbits 1line aux 0stopbits 1line vty 0 4login!!end九、业务测试ce1# ping 172.16.1.1Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:Success rate is 100 percent (5/5), round-trip min/avg/max = 96/190/324 ms ce1#ce2#ping 192.168.3.1Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:Success rate is 100 percent (5/5), round-trip min/avg/max = 336/468/588 ms ce2#。