miércoles, 21 de julio de 2010

Inter-AS RR Multihop 5ª

5ª Prueba entre sitios
Finalmente los prefijos son instalados en el PE R2 y este los publica al CE R1.

--------------------------------------------------------------------------

R1#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

100.0.0.0/32 is subnetted, 2 subnets
O IA 100.0.0.8 [110/2] via 172.16.12.2, 00:01:22, FastEthernet0/0
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
O IA 172.16.78.0/24 [110/2] via 172.16.12.2, 00:01:22, FastEthernet0/0

R1#traceroute 100.0.0.8 source loopback 0 probe 1
1 172.16.12.2 40 msec
2 10.1.23.3 [MPLS: Labels 304/407/717 Exp 0] 664 msec
3 10.1.34.4 [MPLS: Labels 407/717 Exp 0] 576 msec
4 10.1.49.9 [MPLS: Labels 907/717 Exp 0] 568 msec
5 10.1.119.11 [MPLS: Labels 1110/1007/717 Exp 0] 648 msec
6 10.1.110.10 [MPLS: Labels 1007/717 Exp 0] 1024 msec
7 10.1.105.5 [MPLS: Labels 507/717 Exp 0] 648 msec
8 10.1.56.6 [MPLS: Labels 607/717 Exp 0] 424 msec
9 172.16.78.7 [MPLS: Label 717 Exp 0] 732 msec
10 172.16.78.8 504 msec

R8#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

100.0.0.0/32 is subnetted, 2 subnets
O IA 100.0.0.1 [110/2] via 172.16.78.7, 00:52:20, FastEthernet0/0
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
O IA 172.16.12.0/24 [110/2] via 172.16.78.7, 00:52:20, FastEthernet0/0

R8#traceroute 100.0.0.1 source loopback 0 probe 1
1 172.16.78.7 76 msec
2 10.1.67.6 [MPLS: Labels 605/502/216 Exp 0] 792 msec
3 10.1.56.5 [MPLS: Labels 502/216 Exp 0] 548 msec
4 10.1.105.10 [MPLS: Labels 1002/216 Exp 0] 384 msec
5 10.1.102.12 [MPLS: Labels 1209/902/216 Exp 0] 556 msec
6 10.1.129.9 [MPLS: Labels 902/216 Exp 0] 560 msec
7 10.1.49.4 [MPLS: Labels 402/216 Exp 0] 676 msec
8 10.1.34.3 [MPLS: Labels 302/216 Exp 0] 444 msec
9 172.16.12.2 [MPLS: Label 216 Exp 0] 400 msec
10 172.16.12.1 520 msec

--------------------------------------------------------------------------

Dos cosas antes de finalzar este laboratorio. Normalmente los prefijos MPLS VPN llevan dos etiquetas; la superior identifica el prefijo y IGP del LSR y la bottom label que corresponde al prefijo vpnv4. Al utilizar el comando traceroute notamos que cualquiera de los PEs (R2 o R7) agregan una tercera etiqueta. No es un error, esta es una etiqueta IGP asociada al AS.
Tambien es notar que la etiquetas de la vpnv4 (716) no cambia en todo el LSP.

Por último como tema de diseño, es recomendable que la red del Serice Provider no sea conocida por el cliente. El comando no mpls ip propagate-ttl permite esconder la red del SP. Pero tiene la gran desventaja de ocultarla al propio SP. (Es recomendable además deshabilitar CDP entre la red del Customer y el Provider Edge.

--------------------------------------------------------------------------
R2(config)#no mpls ip propagate-ttl

R7(config)#no mpls ip propagate-ttl

R1#traceroute 100.0.0.8 0 probe 1
1 172.16.12.2 280 msec
2 172.16.78.7 [MPLS: Label 716 Exp 0] 840 msec
3 172.16.78.8 1152 msec

R8#traceroute 100.0.0.1 probe 1
1 172.16.78.7 144 msec
2 172.16.12.2 [MPLS: Label 216 Exp 0] 476 msec
3 172.16.12.1 620 msec


R2#traceroute 10.0.0.7 probe 1
Type escape sequence to abort.
Tracing the route to 10.0.0.7
1 10.1.67.7 476 msec

R7#traceroute 10.0.0.2 probe 1
Type escape sequence to abort.
Tracing the route to 10.0.0.2
1 10.1.23.2 536 msec

--------------------------------------------------------------------------

El comando no mpls ip propagate-ttl forwarded solo esconde el LSP al cliente y las pruebas de troubleshooting del SP pueden hacerse sin restricciones.

--------------------------------------------------------------------------
R2(config)#no mpls ip propagate-ttl forwarded

R7(config)#no mpls ip propagate-ttl forwarded

R1#traceroute 100.0.0.8 source loopback 0 probe 1
1 172.16.12.2 84 msec
2 172.16.78.7 [MPLS: Label 716 Exp 0] 560 msec
3 172.16.78.8 588 msec

R2#traceroute 10.0.0.7 source loopback 0 probe 1
1 10.1.23.3 [MPLS: Labels 304/407 Exp 0] 416 msec
2 10.1.34.4 [MPLS: Label 407 Exp 0] 1108 msec
3 10.1.49.9 [MPLS: Label 907 Exp 0] 824 msec
4 10.1.119.11 [MPLS: Labels 1110/1007 Exp 0] 420 msec
5 10.1.110.10 [MPLS: Label 1007 Exp 0] 600 msec
6 10.1.105.5 [MPLS: Label 507 Exp 0] 404 msec
7 10.1.56.6 [MPLS: Label 607 Exp 0] 440 msec
8 10.1.67.7 544 msec



No hay comentarios:

Publicar un comentario