【实验】MPLS LDP标签过滤

实验环境:

操作系统:Windows 10(1607,14393.351,当时最新测试版),模拟器:GNS3 IOU for Windows 1.5.2(当时最新正式版)
注:当然,只要有思科模拟器都可以做这个实验

【实验】MPLS LDP标签过滤
【实验】MPLS LDP标签过滤

实验需求:

  • 实验一:不发 —— 只把IOU5上关于5.5.5.5、6.6.6.6和56.1.1.0这三条路由的标签发给IOU4。
  • 实验二:不收 —— IOU4只从IOU5接收5.5.5.5、6.6.6.6和56.1.1.0这三条路由的标签。
  • 实验一和实验二是相互独立的两个实验。
  • 更多LDP的细节请看:《LDP的工作过程和LDP下的标签过滤方式

实验步骤:

1、先完成基础配置(IP地址和IGP):

IOU1:

conf t
int l 0
ip add 1.1.1.1 255.255.255.255

int e 0/0
ip add 12.1.1.1 255.255.255.0
no sh

router isis 1
net 49.0001.0000.0000.0001.00
is-type level-1
pass l 0
adv pass

int r e 0/0
ip router isis 1

 IOU2:

conf t
int l 0
ip add 2.2.2.2 255.255.255.255

int e 0/0
ip add 12.1.1.2 255.255.255.0
no sh

int e 0/1
ip add 23.1.1.2 255.255.255.0
no sh

router isis 1
net 49.0001.0000.0000.0002.00
is-type level-1
pass l 0
adv pass

int r e 0/0 , e 0/1
ip router isis 1
IOU3:

conf t
int l 0
ip add 3.3.3.3 255.255.255.255

int e 0/0
ip add 34.1.1.3 255.255.255.0
no sh

int e 0/1
ip add 23.1.1.3 255.255.255.0
no sh

router isis 1
net 49.0001.0000.0000.0003.00
is-type level-1
pass l 0
adv pass

int r e 0/0 , e 0/1
ip router isis 1

 IOU4:

conf t
int l 0
ip add 4.4.4.4 255.255.255.255

int e 0/0
ip add 34.1.1.4 255.255.255.0
no sh

int e 0/1
ip add 45.1.1.4 255.255.255.0
no sh

router isis 1
net 49.0001.0000.0000.0004.00
is-type level-1
pass l 0
adv pass

int r e 0/0 , e 0/1
ip router isis 1
IOU5:

conf t
int l 0
ip add 5.5.5.5 255.255.255.255

int e 0/0
ip add 56.1.1.5 255.255.255.0
no sh

int e 0/1
ip add 45.1.1.5 255.255.255.0
no sh

router isis 1
net 49.0001.0000.0000.0005.00
is-type level-1
pass l 0
adv pass

int r e 0/0 , e 0/1
ip router isis 1

 IOU6:

conf t
int l 0
ip add 6.6.6.6 255.255.255.255

int e 0/0
ip add 56.1.1.6 255.255.255.0
no sh

router isis 1
net 49.0001.0000.0000.0006.00
is-type level-1
pass l 0
adv pass

int r e 0/0
ip router isis 1

2、接着完成MPLS的配置:

IOU2:

mpls ip
mpls label protocol ldp
mpls ldp router-id Loopback0 force
mpls label range 2000 2999

int e 0/1
mpls ip

 IOU3:

mpls ip
mpls label protocol ldp
mpls ldp router-id Loopback0 force
mpls label range 3000 3999

router isis 1
mpls ldp autoconfig
IOU4:

mpls ip
mpls label protocol ldp
mpls ldp router-id Loopback0 force
mpls label range 4000 4999

router isis 1
mpls ldp autoconfig

 IOU5:

mpls ip
mpls label protocol ldp
mpls ldp router-id Loopback0 force
mpls label range 5000 5999

int e 0/1
mpls ip

3、实验一:不发 —— 只把IOU5上关于5.5.5.5、6.6.6.6和56.1.1.0这三条路由的标签发给IOU4:

IOU4#sh mpls ldp bindings neighbor 5.5.5.5
  lib entry: 4.4.4.4/32, rev 2
        remote binding: lsr: 5.5.5.5:0, label: 5000
  lib entry: 5.5.5.5/32, rev 8
        remote binding: lsr: 5.5.5.5:0, label: imp-null
  lib entry: 6.6.6.6/32, rev 11
        remote binding: lsr: 5.5.5.5:0, label: 5001
  lib entry: 45.1.1.0/24, rev 6
        remote binding: lsr: 5.5.5.5:0, label: imp-null
  lib entry: 56.1.1.0/24, rev 9
        remote binding: lsr: 5.5.5.5:0, label: imp-null

现在配置过滤命令:

IOU5:

access-list 10 permit host 5.5.5.5
access-list 10 permit host 6.6.6.6
access-list 10 permit host 56.1.1.0
access-list 4 permit 4.4.4.4

mpls ldp advertise-labels for 10 to 4
no mpls ldp advertise-labels

命令解释:

mpls ldp advertise-labels for 10 to 4:

for 10:access-list为10中过滤了一些标签,只有这些标签才能发送给LDP邻居;to 4:access-list为4中过滤了一些LDP邻居,只有这些LDP邻居才能收到上述过滤好的标签;将“10”中过滤好的标签通告给路由器“4”。

no mpls ldp advertise-labels:

MPLS LDP的标签过滤必须由该命令触发才生效,如果单独用会过滤所有标签。

IOU4#sh mpls ldp bindings neighbor 5.5.5.5
  lib entry: 5.5.5.5/32, rev 8
        remote binding: lsr: 5.5.5.5:0, label: imp-null
  lib entry: 6.6.6.6/32, rev 11
        remote binding: lsr: 5.5.5.5:0, label: 5001
  lib entry: 56.1.1.0/24, rev 9
        remote binding: lsr: 5.5.5.5:0, label: imp-null

过滤成功。

4、实验二:不收 —— IOU4只从IOU5接收5.5.5.5、6.6.6.6和56.1.1.0这三条路由的标签:

先清空实验一的配置:

IOU5:

mpls ldp advertise-labels
no mpls ldp advertise-labels for 10 to 4

no access-list 10
no access-list 4

IOU4能收到IOU5发的所有标签了,恢复正常:

IOU4#sh mpls ldp bindings neighbor 5.5.5.5
  lib entry: 4.4.4.4/32, rev 2
        remote binding: lsr: 5.5.5.5:0, label: 5000
  lib entry: 5.5.5.5/32, rev 8
        remote binding: lsr: 5.5.5.5:0, label: imp-null
  lib entry: 6.6.6.6/32, rev 11
        remote binding: lsr: 5.5.5.5:0, label: 5001
  lib entry: 45.1.1.0/24, rev 6
        remote binding: lsr: 5.5.5.5:0, label: imp-null
  lib entry: 56.1.1.0/24, rev 9
        remote binding: lsr: 5.5.5.5:0, label: imp-null

现在配置过滤命令:

IOU4:

ip access-list standard F5
permit host 5.5.5.5
permit host 6.6.6.6
permit host 56.1.1.0

mpls ldp neighbor 5.5.5.5 labels accept F5

再次过滤成功:

IOU4#sh mpls ldp bindings neighbor 5.5.5.5
  lib entry: 5.5.5.5/32, rev 8
        remote binding: lsr: 5.5.5.5:0, label: imp-null
  lib entry: 6.6.6.6/32, rev 11
        remote binding: lsr: 5.5.5.5:0, label: 5001
  lib entry: 56.1.1.0/24, rev 9
        remote binding: lsr: 5.5.5.5:0, label: imp-null
打赏分享

这篇文章对你有帮助吗?

相关文章

发表评论?

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据