Nesta página
Exemplo: Tunelamento de LDP sobre SR-TE na rede IS-IS
Use este exemplo para aprender a tunelar LSPs LDP em SR-TE em sua rede principal.
Nossa equipe de testes de conteúdo validou e atualizou este exemplo.
Requisitos
Este exemplo usa os seguintes componentes de hardware e software:
Roteadores da Série MX como roteadores CE, PE e núcleo.
-
Junos OS Release 20.3R1 ou posterior em todos os dispositivos.
-
Atualizado e revalidado usando o vMX no Junos OS Release 21.1R1.
-
Você tem interesse em ter uma experiência prática nesse recurso?
Visite o Juniper vLabs para reservar seu vLab Sandbox pré-configurado : Roteamento por segmentos — Básico e experimente gratuitamente!
Visão geral
A topologia a seguir () mostra dois domínios LDP (LDP Domain A e LDP Domain B) conectados à rede núcleo SR-TE, que estende a sessão de LSP sobre o núcleo, tunelando-os em SR-TE.Figura 1
Topologia
Configuração
Para tunelar o LSP LDP sobre SR-TE em sua rede principal, execute essas tarefas:
Configuração rápida da CLI
Para configurar rapidamente este exemplo, copie os seguintes comandos, cole-os em um arquivo de texto, remova quaisquer quebras de linha, altere todos os detalhes necessários para combinar com a configuração da sua rede, copiar e colar os comandos na CLI no nível de hierarquia e, em seguida, entrar no modo de configuração.[edit]
commit
Dispositivo CE1
set chassis network-services enhanced-ip set interfaces ge-0/0/1 description CE1-to-PE1 set interfaces ge-0/0/1 unit 0 family inet address 10.1.1.1/24 set interfaces lo0 unit 0 family inet address 192.168.100.11/32 set protocols ospf area 0.0.0.0 interface ge-0/0/1.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive set routing-options router-id 192.168.100.11
Pe1 do dispositivo
set chassis network-services enhanced-ip set interfaces ge-0/0/1 description PE1-to-CE1 set interfaces ge-0/0/1 unit 0 family inet address 10.1.1.2/24 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/3 description PE1-to-R1 set interfaces ge-0/0/3 unit 0 family inet address 10.1.2.1/24 set interfaces ge-0/0/3 unit 0 family iso set interfaces ge-0/0/3 unit 0 family mpls set interfaces lo0 unit 0 family inet address 192.168.100.5/32 set interfaces lo0 unit 0 family iso address 49.0004.0192.0168.0005.00 set interfaces lo0 unit 0 family mpls set policy-options policy-statement export_bgp term a from protocol bgp set policy-options policy-statement export_bgp term a from protocol direct set policy-options policy-statement export_bgp term a then accept set routing-instances CE1_vpn1 instance-type vrf set routing-instances CE1_vpn1 protocols ospf area 0.0.0.0 interface ge-0/0/1.0 set routing-instances CE1_vpn1 protocols ospf export export_bgp set routing-instances CE1_vpn1 interface ge-0/0/1.0 set routing-instances CE1_vpn1 route-distinguisher 192.168.100.5:1 set routing-instances CE1_vpn1 vrf-target target:100:4 set routing-instances CE1_vpn1 vrf-table-label set protocols bgp group ibgp1 type internal set protocols bgp group ibgp1 local-address 192.168.100.5 set protocols bgp group ibgp1 family inet unicast set protocols bgp group ibgp1 family inet-vpn unicast set protocols bgp group ibgp1 neighbor 192.168.100.6 set protocols isis interface ge-0/0/3.0 point-to-point set protocols isis interface lo0.0 passive set protocols ldp interface ge-0/0/3.0 set protocols ldp interface lo0.0 set protocols mpls interface ge-0/0/3.0 set protocols mpls interface lo0.0 set routing-options router-id 192.168.100.5 set routing-options autonomous-system 65410
Dispositivo R1
set chassis network-services enhanced-ip set interfaces ge-0/0/1 description R1-to-R2 set interfaces ge-0/0/1 unit 0 family inet address 10.1.3.1/24 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls maximum-labels 8 set interfaces ge-0/0/2 description R1-to-R3 set interfaces ge-0/0/2 unit 0 family inet address 10.1.4.1/24 set interfaces ge-0/0/2 unit 0 family iso set interfaces ge-0/0/2 unit 0 family mpls maximum-labels 8 set interfaces ge-0/0/3 description R1-to-PE1 set interfaces ge-0/0/3 unit 0 family inet address 10.1.2.2/24 set interfaces ge-0/0/3 unit 0 family iso set interfaces ge-0/0/3 unit 0 family mpls maximum-labels 8 set interfaces lo0 unit 0 family inet address 192.168.100.1/32 set interfaces lo0 unit 0 family iso address 49.0004.0192.0168.0001.00 set interfaces lo0 unit 0 family mpls set protocols isis interface ge-0/0/1.0 level 2 ipv4-adjacency-segment protected index 108 set protocols isis interface ge-0/0/1.0 level 2 ipv4-adjacency-segment unprotected index 110 set protocols isis interface ge-0/0/1.0 level 2 ipv6-adjacency-segment protected index 109 set protocols isis interface ge-0/0/1.0 level 2 ipv6-adjacency-segment unprotected index 111 set protocols isis interface ge-0/0/1.0 level 2 post-convergence-lfa set protocols isis interface ge-0/0/1.0 point-to-point set protocols isis interface ge-0/0/2.0 level 2 ipv4-adjacency-segment protected index 104 set protocols isis interface ge-0/0/2.0 level 2 ipv4-adjacency-segment unprotected index 106 set protocols isis interface ge-0/0/2.0 level 2 ipv6-adjacency-segment protected index 105 set protocols isis interface ge-0/0/2.0 level 2 ipv6-adjacency-segment unprotected index 107 set protocols isis interface ge-0/0/2.0 level 2 post-convergence-lfa set protocols isis interface ge-0/0/2.0 point-to-point set protocols isis interface ge-0/0/3.0 level 2 ipv4-adjacency-segment protected index 100 set protocols isis interface ge-0/0/3.0 level 2 ipv4-adjacency-segment unprotected index 102 set protocols isis interface ge-0/0/3.0 level 2 ipv6-adjacency-segment protected index 101 set protocols isis interface ge-0/0/3.0 level 2 ipv6-adjacency-segment unprotected index 103 set protocols isis interface ge-0/0/3.0 level 2 post-convergence-lfa set protocols isis interface ge-0/0/3.0 point-to-point set protocols isis interface lo0.0 passive set protocols isis source-packet-routing srgb start-label 80000 set protocols isis source-packet-routing srgb index-range 50000 set protocols isis source-packet-routing node-segment ipv4-index 5001 set protocols isis source-packet-routing node-segment ipv6-index 5501 set protocols isis level 1 disable set protocols isis backup-spf-options use-post-convergence-lfa set protocols isis backup-spf-options use-source-packet-routing set protocols isis traffic-engineering l3-unicast-topology set protocols isis traffic-engineering credibility-protocol-preference set protocols isis traffic-engineering tunnel-source-protocol spring-te set protocols ldp auto-targeted-session set protocols ldp preference 1 set protocols ldp interface ge-0/0/1.0 set protocols ldp interface ge-0/0/3.0 set protocols ldp interface lo0.0 set protocols mpls interface ge-0/0/1.0 set protocols mpls interface ge-0/0/2.0 set protocols mpls interface ge-0/0/3.0 set protocols mpls interface lo0.0 set protocols source-packet-routing segment-list seg1 inherit-label-nexthops set protocols source-packet-routing segment-list seg1 auto-translate set protocols source-packet-routing segment-list seg1 hop1 ip-address 10.1.4.2 set protocols source-packet-routing segment-list seg1 hop2 ip-address 10.1.5.2 set protocols source-packet-routing segment-list seg1 hop3 ip-address 10.1.6.2 set protocols source-packet-routing source-routing-path sr_static_r5 ldp-tunneling set protocols source-packet-routing source-routing-path sr_static_r5 to 192.168.100.2 set protocols source-packet-routing source-routing-path sr_static_r5 binding-sid 1003001 set protocols source-packet-routing source-routing-path sr_static_r5 primary seg1 set routing-options router-id 192.168.100.1
Dispositivo R2
set chassis network-services enhanced-ip set interfaces ge-0/0/1 description R2-to-R1 set interfaces ge-0/0/1 unit 0 family inet address 10.1.3.2/24 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls maximum-labels 8 set interfaces ge-0/0/2 description R2-to-R4 set interfaces ge-0/0/2 unit 0 family inet address 10.1.6.2/24 set interfaces ge-0/0/2 unit 0 family iso set interfaces ge-0/0/2 unit 0 family mpls maximum-labels 8 set interfaces ge-0/0/3 description R2-to-PE2 set interfaces ge-0/0/3 unit 0 family inet address 10.1.7.1/24 set interfaces ge-0/0/3 unit 0 family iso set interfaces ge-0/0/3 unit 0 family mpls maximum-labels 8 set interfaces lo0 unit 0 family inet address 192.168.100.2/32 set interfaces lo0 unit 0 family iso address 49.0004.0192.0168.0002.00 set interfaces lo0 unit 0 family mpls set protocols isis interface ge-0/0/1.0 level 2 ipv4-adjacency-segment protected index 500 set protocols isis interface ge-0/0/1.0 level 2 ipv4-adjacency-segment unprotected index 502 set protocols isis interface ge-0/0/1.0 level 2 ipv6-adjacency-segment protected index 501 set protocols isis interface ge-0/0/1.0 level 2 ipv6-adjacency-segment unprotected index 503 set protocols isis interface ge-0/0/1.0 level 2 post-convergence-lfa set protocols isis interface ge-0/0/1.0 point-to-point set protocols isis interface ge-0/0/2.0 level 2 ipv4-adjacency-segment protected index 504 set protocols isis interface ge-0/0/2.0 level 2 ipv4-adjacency-segment unprotected index 506 set protocols isis interface ge-0/0/2.0 level 2 ipv6-adjacency-segment protected index 505 set protocols isis interface ge-0/0/2.0 level 2 ipv6-adjacency-segment unprotected index 507 set protocols isis interface ge-0/0/2.0 level 2 post-convergence-lfa set protocols isis interface ge-0/0/2.0 point-to-point set protocols isis interface ge-0/0/3.0 level 2 ipv4-adjacency-segment protected index 508 set protocols isis interface ge-0/0/3.0 level 2 ipv4-adjacency-segment unprotected index 510 set protocols isis interface ge-0/0/3.0 level 2 ipv6-adjacency-segment protected index 509 set protocols isis interface ge-0/0/3.0 level 2 ipv6-adjacency-segment unprotected index 511 set protocols isis interface ge-0/0/3.0 level 2 post-convergence-lfa set protocols isis interface ge-0/0/3.0 point-to-point set protocols isis interface lo0.0 passive set protocols isis source-packet-routing srgb start-label 80000 set protocols isis source-packet-routing srgb index-range 50000 set protocols isis source-packet-routing node-segment ipv4-index 5005 set protocols isis source-packet-routing node-segment ipv6-index 5505 set protocols isis source-packet-routing traffic-statistics statistics-granularity per-interface set protocols isis level 1 disable set protocols isis backup-spf-options use-post-convergence-lfa set protocols isis backup-spf-options use-source-packet-routing set protocols isis traffic-engineering l3-unicast-topology set protocols isis traffic-engineering credibility-protocol-preference set protocols isis traffic-engineering tunnel-source-protocol spring-te set protocols ldp interface ge-0/0/1.0 set protocols ldp interface ge-0/0/3.0 set protocols ldp interface lo0.0 set protocols mpls interface ge-0/0/1.0 set protocols mpls interface ge-0/0/2.0 set protocols mpls interface ge-0/0/3.0 set protocols mpls interface lo0.0 set protocols source-packet-routing segment-list seg1 inherit-label-nexthops set protocols source-packet-routing segment-list seg1 auto-translate set protocols source-packet-routing segment-list seg1 hop1 ip-address 10.1.6.1 set protocols source-packet-routing segment-list seg1 hop2 ip-address 10.1.5.1 set protocols source-packet-routing segment-list seg1 hop3 ip-address 10.1.4.1 set protocols source-packet-routing source-routing-path sr_static_r1 ldp-tunneling set protocols source-packet-routing source-routing-path sr_static_r1 to 192.168.100.1 set protocols source-packet-routing source-routing-path sr_static_r1 binding-sid 1003001 set protocols source-packet-routing source-routing-path sr_static_r1 primary seg1 set routing-options router-id 192.168.100.2
Dispositivo R3
set chassis network-services enhanced-ip set interfaces ge-0/0/1 description R3-to-R4 set interfaces ge-0/0/1 unit 0 family inet address 10.1.5.1/24 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls set interfaces ge-0/0/2 description R3-to-R1 set interfaces ge-0/0/2 unit 0 family inet address 10.1.4.2/24 set interfaces ge-0/0/2 unit 0 family iso set interfaces ge-0/0/2 unit 0 family mpls set interfaces lo0 unit 0 family inet address 192.168.100.3/32 set interfaces lo0 unit 0 family iso address 49.0004.0192.0168.0003.00 set interfaces lo0 unit 0 family mpls set protocols isis interface ge-0/0/1.0 level 2 ipv4-adjacency-segment protected index 204 set protocols isis interface ge-0/0/1.0 level 2 ipv4-adjacency-segment unprotected index 206 set protocols isis interface ge-0/0/1.0 level 2 ipv6-adjacency-segment protected index 205 set protocols isis interface ge-0/0/1.0 level 2 ipv6-adjacency-segment unprotected index 207 set protocols isis interface ge-0/0/1.0 level 2 post-convergence-lfa set protocols isis interface ge-0/0/1.0 point-to-point set protocols isis interface ge-0/0/2.0 level 2 ipv4-adjacency-segment protected index 200 set protocols isis interface ge-0/0/2.0 level 2 ipv4-adjacency-segment unprotected index 202 set protocols isis interface ge-0/0/2.0 level 2 ipv6-adjacency-segment protected index 201 set protocols isis interface ge-0/0/2.0 level 2 ipv6-adjacency-segment unprotected index 203 set protocols isis interface ge-0/0/2.0 level 2 post-convergence-lfa set protocols isis interface ge-0/0/2.0 point-to-point set protocols isis interface lo0.0 passive set protocols isis source-packet-routing srgb start-label 80000 set protocols isis source-packet-routing srgb index-range 50000 set protocols isis source-packet-routing node-segment ipv4-index 5003 set protocols isis source-packet-routing node-segment ipv6-index 5503 set protocols isis level 1 disable set protocols isis backup-spf-options use-post-convergence-lfa set protocols isis backup-spf-options use-source-packet-routing set protocols isis traffic-engineering l3-unicast-topology set protocols isis traffic-engineering credibility-protocol-preference set protocols mpls interface ge-0/0/1.0 set protocols mpls interface ge-0/0/2.0 set protocols mpls interface lo0.0 set routing-options router-id 192.168.100.3
Dispositivo R4
set chassis network-services enhanced-ip set interfaces ge-0/0/1 description R4-to-R3 set interfaces ge-0/0/1 unit 0 family inet address 10.1.5.2/24 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls set interfaces ge-0/0/2 description R4-to-R2 set interfaces ge-0/0/2 unit 0 family inet address 10.1.6.1/24 set interfaces ge-0/0/2 unit 0 family iso set interfaces ge-0/0/2 unit 0 family mpls set interfaces lo0 unit 0 family inet address 192.168.100.4/32 set interfaces lo0 unit 0 family iso address 49.0004.0192.0168.0004.00 set interfaces lo0 unit 0 family mpls set protocols isis interface ge-0/0/1.0 level 2 ipv4-adjacency-segment protected index 300 set protocols isis interface ge-0/0/1.0 level 2 ipv4-adjacency-segment unprotected index 302 set protocols isis interface ge-0/0/1.0 level 2 ipv6-adjacency-segment protected index 301 set protocols isis interface ge-0/0/1.0 level 2 ipv6-adjacency-segment unprotected index 303 set protocols isis interface ge-0/0/1.0 level 2 post-convergence-lfa set protocols isis interface ge-0/0/1.0 point-to-point set protocols isis interface ge-0/0/2.0 level 2 ipv4-adjacency-segment protected index 304 set protocols isis interface ge-0/0/2.0 level 2 ipv4-adjacency-segment unprotected index 306 set protocols isis interface ge-0/0/2.0 level 2 ipv6-adjacency-segment protected index 305 set protocols isis interface ge-0/0/2.0 level 2 ipv6-adjacency-segment unprotected index 307 set protocols isis interface ge-0/0/2.0 level 2 post-convergence-lfa set protocols isis interface ge-0/0/2.0 point-to-point set protocols isis interface lo0.0 passive set protocols isis source-packet-routing srgb start-label 80000 set protocols isis source-packet-routing srgb index-range 50000 set protocols isis source-packet-routing node-segment ipv4-index 5004 set protocols isis source-packet-routing node-segment ipv6-index 5504 set protocols isis source-packet-routing traffic-statistics statistics-granularity per-interface set protocols isis level 1 disable set protocols isis backup-spf-options use-post-convergence-lfa set protocols isis backup-spf-options use-source-packet-routing set protocols isis traffic-engineering l3-unicast-topology set protocols isis traffic-engineering credibility-protocol-preference set protocols mpls interface ge-0/0/1.0 set protocols mpls interface ge-0/0/2.0 set protocols mpls interface lo0.0 set routing-options router-id 192.168.100.4
PE2 do dispositivo
set chassis network-services enhanced-ip set interfaces ge-0/0/2 description PE2-to-CE2 set interfaces ge-0/0/2 unit 0 family inet address 10.1.8.1/24 set interfaces ge-0/0/2 unit 0 family iso set interfaces ge-0/0/2 unit 0 family mpls maximum-labels 8 set interfaces ge-0/0/3 description PE2-to-R2 set interfaces ge-0/0/3 unit 0 family inet address 10.1.7.2/24 set interfaces ge-0/0/3 unit 0 family iso set interfaces ge-0/0/3 unit 0 family mpls maximum-labels 8 set interfaces lo0 unit 0 family inet address 192.168.100.6/32 set interfaces lo0 unit 0 family iso address 49.0004.0192.0168.0006.00 set interfaces lo0 unit 0 family mpls set policy-options policy-statement export_bgp term a from protocol bgp set policy-options policy-statement export_bgp term a from protocol direct set policy-options policy-statement export_bgp term a then accept set routing-instances CE2_vpn1 instance-type vrf set routing-instances CE2_vpn1 protocols ospf area 0.0.0.0 interface ge-0/0/2.0 set routing-instances CE2_vpn1 protocols ospf export export_bgp set routing-instances CE2_vpn1 interface ge-0/0/2.0 set routing-instances CE2_vpn1 route-distinguisher 192.168.100.6:1 set routing-instances CE2_vpn1 vrf-target target:100:4 set routing-instances CE2_vpn1 vrf-table-label set protocols bgp group ibgp1 type internal set protocols bgp group ibgp1 local-address 192.168.100.6 set protocols bgp group ibgp1 family inet unicast set protocols bgp group ibgp1 family inet-vpn unicast set protocols bgp group ibgp1 neighbor 192.168.100.5 set protocols isis interface ge-0/0/3.0 point-to-point set protocols isis interface lo0.0 passive set protocols ldp interface ge-0/0/3.0 set protocols ldp interface lo0.0 set protocols mpls interface ge-0/0/3.0 set protocols mpls interface lo0.0 set routing-options router-id 192.168.100.6 set routing-options autonomous-system 65410
Dispositivo CE2
set chassis network-services enhanced-ip set interfaces ge-0/0/1 description CE2-to-PE2 set interfaces ge-0/0/2 unit 0 family inet address 10.1.8.2/24 set interfaces lo0 unit 0 family inet address 192.168.100.22/32 set protocols ospf area 0.0.0.0 interface ge-0/0/2.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive set routing-options router-id 192.168.100.22
Configuração do PE1
Procedimento passo a passo
O exemplo a seguir exige que você navegue por vários níveis na hierarquia de configuração. Para obter informações sobre como navegar na CLI, consulte Usando o Editor de CLI no modo de configuração no Guia do usuário da CLI.https://www.juniper.net/documentation/en_US/junos/topics/reference/general/cli-editor-configuration-mode-quick-reference-using.htmlhttps://www.juniper.net/documentation/en_US/junos/information-products/pathway-pages/junos-cli/junos-cli.html
Para configurar o pe1 do dispositivo:
Configure o modo de serviços de rede como IP aprimorado. O IP aprimorado define os serviços de rede do roteador para um protocolo de Internet aprimorado e usa recursos aprimorados de modo.
[edit chassis] user@PE1#set network-services enhanced-ip
Depois de configurar a declaração e confirmar a configuração, a seguinte mensagem de aviso aparece solicitando que você reinicialize o roteador:
enhanced-ip
'chassis' WARNING: Chassis configuration for network services has been changed. A system reboot is mandatory. Please reboot the system NOW. Continuing without a reboot might result in unexpected system behavior. commit complete
A reinicialização traz os FPCs no roteador.
-
Configure as interfaces do dispositivo.
[edit interfaces] user@PE1#set ge-0/0/1 description PE1-to-CE1 user@PE1#set ge-0/0/1 unit 0 family inet address 10.1.1.2/24 user@PE1#set ge-0/0/1 unit 0 family iso user@PE1#set ge-0/0/3 description PE1-to-R1 user@PE1#set ge-0/0/3 unit 0 family inet address 10.1.2.1/24 user@PE1#set ge-0/0/3 unit 0 family iso user@PE1#set ge-0/0/3 unit 0 family mpls user@PE1#set lo0 unit 0 family inet address 192.168.100.5/32 user@PE1#set lo0 unit 0 family iso address 49.0004.0192.0168.0005.00 user@PE1#set lo0 unit 0 family mpls
-
Configure opções de políticas para exportar rotas BGP para o roteador CE, que executa o protocolo OSPF neste exemplo.
[edit policy-options] user@PE1#set policy-statement export_bgp term a from protocol bgp user@PE1#set policy-statement export_bgp term a from protocol direct user@PE1#set policy-statement export_bgp term a then accept
-
Configure uma instância de roteamento VPN de Camada 3 para oferecer suporte ao dispositivo CE1 baseado em OSPF.
[edit routing-instances] user@PE1#set CE1_vpn1 instance-type vrf user@PE1#set CE1_vpn1 protocols ospf area 0.0.0.0 interface ge-0/0/1.0 user@PE1#set CE1_vpn1 protocols ospf export export_bgp user@PE1#set CE1_vpn1 interface ge-0/0/1.0 user@PE1#set CE1_vpn1 route-distinguisher 192.168.100.5:1 user@PE1#set CE1_vpn1 vrf-target target:100:4 user@PE1#set CE1_vpn1 vrf-table-label
-
Configure a ID do roteador e o número do sistema autônomo para o Dispositivo PE1.
[edit routing-options] user@PE1#set router-id 192.168.100.5 userPE1# set autonomous-system 65410
-
Configure ISIS, LDP e MPLS nas interfaces conectadas à rede central.
[edit protocols] user@PE1#set isis interface ge-0/0/3.0 point-to-point user@PE1#set isis interface lo0.0 passive user@PE1#set ldp interface ge-0/0/3.0 user@PE1#set ldp interface lo0.0 user@PE1#set mpls interface ge-0/0/3.0 user@PE1#set mpls interface lo0.0
-
Configure o BGP entre os dispositivos PE.
[edit protocols] user@PE1#set bgp group ibgp1 type internal user@PE1#set bgp group ibgp1 local-address 192.168.100.5 user@PE1#set bgp group ibgp1 family inet unicast user@PE1#set bgp group ibgp1 family inet-vpn unicast user@PE1#set bgp group ibgp1 neighbor 192.168.100.6
Resultados
A partir do modo de configuração, confirme sua configuração inserindo os comandos e comandos.show chassis
show interfaces
show policy-options
show routing-instances
show routing-options
show protocols
Se a saída não exibir a configuração pretendida, repita as instruções neste exemplo para corrigir a configuração.
user@PE1#show chassis network-services enhanced-ip;
user@PE1#show interfaces ge-0/0/1 { description PE1-to-CE1; unit 0 { family inet { address 10.1.1.2/24; } family iso; } } ge-0/0/3 { description PE1-to-R1; unit 0 { family inet { address 10.1.2.1/24; } family iso; family mpls; } } lo0 { unit 0 { family inet { address 192.168.100.5/32; } family iso { address 49.0004.0192.0168.0005.00; } family mpls; } }
user@PE1#show policy-options policy-statement export_bgp { term a { from protocol [ bgp direct ]; then accept; } }
user@PE1#show routing-instances CE1_vpn1 { instance-type vrf; protocols { ospf { area 0.0.0.0 { interface ge-0/0/1.0; } export export_bgp; } } interface ge-0/0/1.0; route-distinguisher 192.168.100.5:1; vrf-target target:100:4; vrf-table-label; }
user@PE1#show routing-options router-id 192.168.100.5; autonomous-system 65410;
user@PE1#show protocols bgp { group ibgp1 { type internal; local-address 192.168.100.5; family inet { unicast; } family inet-vpn { unicast; } neighbor 192.168.100.6; } } isis { interface ge-0/0/3.0 { point-to-point; } interface lo0.0 { passive; } } ldp { interface ge-0/0/3.0; interface lo0.0; } mpls { interface ge-0/0/3.0; interface lo0.0; }
Configuração do dispositivo R1
Procedimento passo a passo
O exemplo a seguir exige que você navegue por vários níveis na hierarquia de configuração. Para obter informações sobre como navegar na CLI, consulte Usando o Editor de CLI no modo de configuração no Guia do usuário da CLI.https://www.juniper.net/documentation/en_US/junos/topics/reference/general/cli-editor-configuration-mode-quick-reference-using.htmlhttps://www.juniper.net/documentation/en_US/junos/information-products/pathway-pages/junos-cli/junos-cli.html
Para configurar o dispositivo R1:
Configure o modo de serviços de rede como IP aprimorado. O IP aprimorado define os serviços de rede do roteador para um protocolo de Internet aprimorado e usa recursos aprimorados de modo.
[edit chassis] user@R1#set network-services enhanced-ip
Depois de configurar a declaração e confirmar a configuração, a seguinte mensagem de aviso aparece solicitando que você reinicialize o roteador:
enhanced-ip
'chassis' WARNING: Chassis configuration for network services has been changed. A system reboot is mandatory. Please reboot the system NOW. Continuing without a reboot might result in unexpected system behavior. commit complete
A reinicialização traz os FPCs no roteador.
-
Configure as interfaces do dispositivo.
[edit interfaces] user@R1#set ge-0/0/1 description R1-to-R2 user@R1#set ge-0/0/1 unit 0 family inet address 10.1.3.1/24 user@R1#set ge-0/0/1 unit 0 family iso user@R1#set ge-0/0/1 unit 0 family mpls maximum-labels 8 user@R1#set ge-0/0/2 description R1-to-R3 user@R1#set ge-0/0/2 unit 0 family inet address 10.1.4.1/24 user@R1#set ge-0/0/2 unit 0 family iso user@R1#set ge-0/0/2 unit 0 family mpls maximum-labels 8 user@R1#set ge-0/0/3 description R1-to-PE1 user@R1#set ge-0/0/3 unit 0 family inet address 10.1.2.2/24 user@R1#set ge-0/0/3 unit 0 family iso user@R1#set ge-0/0/3 unit 0 family mpls maximum-labels 8 user@R1#set lo0 unit 0 family inet address 192.168.100.1/32 user@R1#set lo0 unit 0 family iso address 49.0004.0192.0168.0001.00 user@R1#set lo0 unit 0 family mpls
Configure opções de roteamento para identificar o roteador no domínio.
[edit routing-options] user@R1#set router-id 192.168.100.1
-
Configure SIDs de adjacência do ISIS nas interfaces e aloce rótulos SRGB para permitir o roteamento por segmentos. As etiquetas em todo o SRGB estão disponíveis para ISIS. OS SIDs de prefixo (e SIDs de nós) são indexados pelo SRGB.
[edit protocols] user@R1#set isis interface ge-0/0/1.0 level 2 ipv4-adjacency-segment protected index 108 user@R1#set isis interface ge-0/0/1.0 level 2 ipv4-adjacency-segment unprotected index 110 user@R1#set isis interface ge-0/0/1.0 level 2 ipv6-adjacency-segment protected index 109 user@R1#set isis interface ge-0/0/1.0 level 2 ipv6-adjacency-segment unprotected index 111 user@R1#set isis interface ge-0/0/1.0 level 2 post-convergence-lfa user@R1#set isis interface ge-0/0/1.0 point-to-point user@R1#set isis interface ge-0/0/2.0 level 2 ipv4-adjacency-segment protected index 104 user@R1#set isis interface ge-0/0/2.0 level 2 ipv4-adjacency-segment unprotected index 106 user@R1#set isis interface ge-0/0/2.0 level 2 ipv6-adjacency-segment protected index 105 user@R1#set isis interface ge-0/0/2.0 level 2 ipv6-adjacency-segment unprotected index 107 user@R1#set isis interface ge-0/0/2.0 level 2 post-convergence-lfa user@R1#set isis interface ge-0/0/2.0 point-to-point user@R1#set isis interface ge-0/0/3.0 level 2 ipv4-adjacency-segment protected index 100 user@R1#set isis interface ge-0/0/3.0 level 2 ipv4-adjacency-segment unprotected index 102 user@R1#set isis interface ge-0/0/3.0 level 2 ipv6-adjacency-segment protected index 101 user@R1#set isis interface ge-0/0/3.0 level 2 ipv6-adjacency-segment unprotected index 103 user@R1#set isis interface ge-0/0/3.0 level 2 post-convergence-lfa user@R1#set isis interface ge-0/0/3.0 point-to-point user@R1#set isis interface lo0.0 passive user@R1#set isis source-packet-routing srgb start-label 80000 user@R1#set isis source-packet-routing srgb index-range 50000 user@R1#set isis source-packet-routing node-segment ipv4-index 5001 user@R1#set isis source-packet-routing node-segment ipv6-index 5501 user@R1#set isis level 1 disable
Configure a TI-LFA para permitir a proteção contra falhas de link e nó. O SR usando TI-LFA oferece uma restauração mais rápida da conectividade de rede roteando o tráfego instantaneamente para um backup ou um caminho alternativo se o caminho primário falhar ou ficar indisponível.
[edit protocols] user@R1#set isis backup-spf-options use-post-convergence-lfa user@R1#set isis backup-spf-options use-source-packet-routing
Configure parâmetros de engenharia de tráfego do ISIS.
[edit protocols] user@R1#set isis traffic-engineering l3-unicast-topology user@R1#set isis traffic-engineering credibility-protocol-preference
Habilite o tunelamento de LDP pelo SR-TE.
[edit protocols] user@R1#set isis traffic-engineering tunnel-source-protocol spring-te
Configure protocolos MPLS e LDP nas interfaces do domínio LDP para trocar rótulos no domínio LDP.
[edit protocols] user@R1#set ldp preference 1 user@R1#set ldp interface ge-0/0/3.0 user@R1#set ldp interface lo0.0 user@R1#set mpls interface ge-0/0/1.0 user@R1#set mpls interface ge-0/0/2.0 user@R1#set mpls interface ge-0/0/3.0 user@R1#set mpls interface lo0.0
Habilite a sessão de LDP direcionada entre os roteadores de borda no domínio LDP.
[edit protocols] user@R1#set ldp auto-targeted-session
Configure uma lista de segmentos para encaminhar o tráfego para um caminho específico.
[edit protocols] user@R1#set source-packet-routing segment-list seg1 inherit-label-nexthops user@R1#set source-packet-routing segment-list seg1 auto-translate user@R1#set source-packet-routing segment-list seg1 hop1 ip-address 192.168.4.2 user@R1#set source-packet-routing segment-list seg1 hop2 ip-address 192.168.5.2 user@R1#set source-packet-routing segment-list seg1 hop3 ip-address 192.168.6.2
Configure o SR-TE LSP para os roteadores de borda remota para permitir o tunelamento de LDP em SR-TE.
[edit protocols] user@R1#set source-packet-routing source-routing-path sr_static_r5 ldp-tunneling user@R1#set source-packet-routing source-routing-path sr_static_r5 to 192.168.66.66 user@R1#set source-packet-routing source-routing-path sr_static_r5 binding-sid 1003001 user@R1#set source-packet-routing source-routing-path sr_static_r5 primary seg1
Resultados
A partir do modo de configuração, confirme sua configuração entrando no, e comandos.show chassis
show interfaces
show routing-options
show protocols
Se a saída não exibir a configuração pretendida, repita as instruções neste exemplo para corrigir a configuração.
user@R1#show chassis network-services enhanced-ip;
user@R1#show interfaces ge-0/0/1 { description R1-to-R2; unit 0 { family inet { address 10.1.3.1/24; } family iso; family mpls { maximum-labels 8; } } } ge-0/0/2 { description R1-to-R3; unit 0 { family inet { address 10.1.4.1/24; } family iso; family mpls { maximum-labels 8; } } } ge-0/0/3 { description R1-to-PE1; unit 0 { family inet { address 10.1.2.2/24; } family iso; family mpls { maximum-labels 8; } } } lo0 { unit 0 { family inet { address 192.168.100.1/32; } family iso { address 49.0004.0192.0168.0001.00; } family mpls; } }
user@R1#show protocols isis { interface ge-0/0/1.0 { level 2 { ipv4-adjacency-segment { protected index 108; unprotected index 110; } ipv6-adjacency-segment { protected index 109; unprotected index 111; } post-convergence-lfa; } point-to-point; } interface ge-0/0/2.0 { level 2 { ipv4-adjacency-segment { protected index 104; unprotected index 106; } ipv6-adjacency-segment { protected index 105; unprotected index 107; } post-convergence-lfa; } point-to-point; } interface ge-0/0/3.0 { level 2 { ipv4-adjacency-segment { protected index 100; unprotected index 102; } ipv6-adjacency-segment { protected index 101; unprotected index 103; } post-convergence-lfa; } point-to-point; } interface lo0.0 { passive; } source-packet-routing { srgb start-label 80000 index-range 50000; node-segment { ipv4-index 5001; ipv6-index 5501; } } level 1 disable; backup-spf-options { use-post-convergence-lfa; use-source-packet-routing; } traffic-engineering { l3-unicast-topology; credibility-protocol-preference; tunnel-source-protocol { spring-te; } } } ldp { auto-targeted-session; preference 1; interface ge-0/0/3.0; interface lo0.0; } mpls { interface ge-0/0/1.0; interface ge-0/0/2.0; interface ge-0/0/3.0; interface lo0.0; } source-packet-routing { segment-list seg1 { inherit-label-nexthops; auto-translate; hop1 ip-address 10.1.4.2; hop2 ip-address 10.1.5.2; hop3 ip-address 10.1.6.2; } source-routing-path sr_static_r5 { ldp-tunneling; to 192.168.100.4; binding-sid 1003001; primary { seg1; } } }
user@R1#show routing-options router-id 192.168.100.1;
Verificação
Para confirmar que a configuração está funcionando corretamente, execute as seguintes tarefas:
- Verificação do tunelamento de LDP no SR-TE
- Verifique o encaminhamento do LDP para o dispositivo PE remoto
- Verificando o rótulo anunciado
Verificação do tunelamento de LDP no SR-TE
Propósito
Verifique se o LDP sobre o túnel SR-TE está habilitado e o túnel LDP para o roteador de borda remota está tomando o caminho certo.
Ação
A partir do modo operacional, execute o comando.show spring-traffic-engineering lsp detail
No R1
user@R1>show spring-traffic-engineering lsp detail Name: sr_static_r5 Tunnel-source: Static configuration To: 192.168.100.2 State: Up LDP-tunneling enabled Path: seg1 Outgoing interface: NA Auto-translate status: Enabled Auto-translate result: Success Compute Status:Disabled , Compute Result:N/A , Compute-Profile Name:N/A BFD status: N/A BFD name: N/A ERO Valid: true SR-ERO hop count: 3 Hop 1 (Strict): NAI: IPv4 Adjacency ID, 0.0.0.0 -> 10.1.4.2 SID type: 20-bit label, Value: 80104 Hop 2 (Strict): NAI: IPv4 Adjacency ID, 0.0.0.0 -> 10.1.5.2 SID type: 20-bit label, Value: 80204 Hop 3 (Strict): NAI: IPv4 Adjacency ID, 0.0.0.0 -> 10.1.6.2 SID type: 20-bit label, Value: 80304 Total displayed LSPs: 1 (Up: 1, Down: 0)
No R2
user@R2>show spring-traffic-engineering lsp detail Name: sr_static_r1 Tunnel-source: Static configuration To: 192.168.100.1 State: Up LDP-tunneling enabled Path: seg1 Outgoing interface: NA Auto-translate status: Enabled Auto-translate result: Success Compute Status:Disabled , Compute Result:N/A , Compute-Profile Name:N/A BFD status: N/A BFD name: N/A ERO Valid: true SR-ERO hop count: 3 Hop 1 (Strict): NAI: IPv4 Adjacency ID, 0.0.0.0 -> 10.1.6.1 SID type: 20-bit label, Value: 80504 Hop 2 (Strict): NAI: IPv4 Adjacency ID, 0.0.0.0 -> 10.1.5.1 SID type: 20-bit label, Value: 80300 Hop 3 (Strict): NAI: IPv4 Adjacency ID, 0.0.0.0 -> 10.1.4.1 SID type: 20-bit label, Value: 80200 Total displayed LSPs: 1 (Up: 1, Down: 0)
Significado
No R1, o túnel LDP é estabelecido com o roteador de borda remoto na rede núcleo SR-TE.192.168.100.2 Você também pode ver os valores do rótulo SID na saída.80104, 80204, 80304
No R2, o túnel LDP é estabelecido com o roteador de borda remoto na rede núcleo SR-TE.192.168.100.1 Você também pode ver os valores do rótulo SID na saída.80504, 80300, 80200
Verifique o encaminhamento do LDP para o dispositivo PE remoto
Propósito
Verifique se a rota para o roteador PE remoto usa o encaminhamento de LDP e é tunelada pelo SR-TE.
Ação
A partir do modo operacional, execute o comando.show route destination-prefix
No R1
Verifique se a rota para o roteador PE remoto () é pelo LDP pelo túnel SR-TE.PE2
user@R1>show route 192.168.100.6 inet.0: 24 destinations, 24 routes (24 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.100.6/32 *[IS-IS/18] 5d 13:10:09, metric 20 > to 10.1.3.2 via ge-0/0/1.0 inet.3: 8 destinations, 13 routes (5 active, 0 holddown, 6 hidden) + = Active Route, - = Last Active, * = Both 192.168.100.6/32 *[LDP/1] 5d 13:10:09, metric 1 > to 10.1.4.2 via ge-0/0/2.0, Push 16, Push 80304, Push 80204(top) to 10.1.3.2 via ge-0/0/1.0, Push 16, Push 80304, Push 80204, Push 85003, Push 85004(top)
No R2
Verifique se a rota para o roteador PE remoto () é pelo LDP pelo túnel SR-TE.PE1
user@R2>show route 192.168.100.5 inet.0: 24 destinations, 24 routes (24 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.100.5/32 *[IS-IS/18] 5d 13:20:15, metric 20 > to 10.1.3.1 via ge-0/0/1.0 inet.3: 8 destinations, 13 routes (5 active, 0 holddown, 6 hidden) + = Active Route, - = Last Active, * = Both 192.168.100.5/32 *[LDP/9] 5d 13:20:15, metric 1 > to 10.1.6.1 via ge-0/0/2.0, Push 16, Push 80200, Push 80300(top) to 10.1.3.1 via ge-0/0/1.0, Push 16, Push 80200, Push 80300, Push 85004, Push 85003(top)
No PE1
Verifique se a rota para o roteador PE remoto () é por meio de uma sessão LDP direcionada para o PE remoto.PE2
user@PE1>show route 192.168.100.6
inet.0: 22 destinations, 22 routes (22 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.100.6/32 *[IS-IS/18] 1w3d 15:58:20, metric 30
> to 10.1.2.2 via ge-0/0/3.0
inet.3: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.100.6/32 *[LDP/9] 1w0d 16:00:05, metric 1
> to 10.1.2.2 via ge-0/0/3.0, Push 18
No PE2
Verifique se a rota para o roteador PE remoto () é por meio de uma sessão LDP direcionada para o PE remoto.PE1
user@PE2>show route 192.168.100.5
inet.0: 22 destinations, 22 routes (22 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.100.5/32 *[IS-IS/18] 1w3d 15:59:19, metric 30
> to 10.1.7.1 via ge-0/0/3.0
inet.3: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.100.5/32 *[LDP/9] 1w0d 16:01:14, metric 1
> to 10.1.7.1 via ge-0/0/3.0, Push 18
Significado
No R1, você pode ver o rótulo LDP e as pilhas de rótulo SR-TE como .1680304, 80204, 85003, 85004
No R2, você pode ver o rótulo LDP e as pilhas de rótulo SR-TE como .1680200, 80300, 85004, 85003
No PE1 e pe2, você pode ver o rótulo LDP como e , respectivamente.1819
Verificando o rótulo anunciado
Propósito
Verifique os rótulos anunciados para a classe de equivalência de encaminhamento (FEC).
Ação
A partir do modo operacional, execute o comando.show ldp database
No R1
Verifique os rótulos anunciados em direção ao PE (PE1) diretamente conectado e às etiquetas recebidas do roteador de borda remoto (R2).
user@R1>show ldp database Input label database, 192.168.100.1:0--192.168.100.2:0 Labels received: 4 Label Prefix 17 192.168.100.1/32 3 192.168.100.2/32 18 192.168.100.5/32 16 192.168.100.6/32 Output label database, 192.168.100.1:0--192.168.100.2:0 Labels advertised: 4 Label Prefix 3 192.168.100.1/32 17 192.168.100.2/32 16 192.168.100.5/32 18 192.168.100.6/32 Input label database, 192.168.100.1:0--192.168.100.5:0 Labels received: 4 Label Prefix 17 192.168.100.1/32 18 192.168.100.2/32 3 192.168.100.5/32 19 192.168.100.6/32 Output label database, 192.168.100.1:0--192.168.100.5:0 Labels advertised: 4 Label Prefix 3 192.168.100.1/32 17 192.168.100.2/32 16 192.168.100.5/32 18 192.168.100.6/32
No R2
Verifique os rótulos anunciados em direção ao PE (PE2) diretamente conectado e às etiquetas recebidas do roteador de borda remoto (R1).
user@R2>show ldp database Input label database, 192.168.100.2:0--192.168.100.1:0 Labels received: 4 Label Prefix 3 192.168.100.1/32 17 192.168.100.2/32 16 192.168.100.5/32 18 192.168.100.6/32 Output label database, 192.168.100.2:0--192.168.100.1:0 Labels advertised: 4 Label Prefix 17 192.168.100.1/32 3 192.168.100.2/32 18 192.168.100.5/32 16 192.168.100.6/32 Input label database, 192.168.100.2:0--192.168.100.6:0 Labels received: 4 Label Prefix 18 192.168.100.1/32 17 192.168.100.2/32 19 192.168.100.5/32 3 192.168.100.6/32 Output label database, 192.168.100.2:0--192.168.100.6:0 Labels advertised: 4 Label Prefix 17 192.168.100.1/32 3 192.168.100.2/32 18 192.168.100.5/32 16 192.168.100.6/32
No PE1
Verifique se o endereço de loopback do dispositivo PE (PE2) remoto é anunciado pelo dispositivo de borda R1 para o dispositivo PE (PE1) local.
user@PE1>show ldp database
Input label database, 192.168.100.5:0--192.168.100.1:0
Labels received: 4
Label Prefix
3 192.168.100.1/32
17 192.168.100.2/32
16 192.168.100.5/32
18 192.168.100.6/32
Output label database, 192.168.100.5:0--192.168.100.1:0
Labels advertised: 4
Label Prefix
17 192.168.100.1/32
18 192.168.100.2/32
3 192.168.100.5/32
19 192.168.100.6/32
No PE2
Verifique se o endereço de loopback do dispositivo PE (PE1) remoto é anunciado pelo dispositivo de borda R2 para o dispositivo PE (PE2) local.
user@PE2>show ldp database
Input label database, 192.168.100.6:0--192.168.100.2:0
Labels received: 4
Label Prefix
17 192.168.100.1/32
3 192.168.100.2/32
18 192.168.100.5/32
16 192.168.100.6/32
Output label database, 192.168.100.6:0--192.168.100.2:0
Labels advertised: 4
Label Prefix
18 192.168.100.1/32
17 192.168.100.2/32
19 192.168.100.5/32
3 192.168.100.6/32
Significado
No R1, você pode ver que o rótulo é anunciado em direção ao PE conectado diretamente (PE1) e o rótulo é recebido do roteador de borda remota (R2).1819
No R2, você pode ver que o rótulo é anunciado em direção ao PE (PE2) diretamente conectado e o rótulo é recebido do roteador de borda remota (R1).1719
No PE1, você pode ver que o rótulo é recebido do roteador de borda local (R1).18
No PE2, você pode ver que o rótulo é recebido do roteador de borda local (R2).17