MPLS
{Back to Index}
Table of Contents
1 术语
1.1 FEC ( Forwarding Equivalence Class )
MPLS 实际上是一种 分类转发 的技术,它将具有相同转发处理方式(目的地相同,使用的转发路径相同,具有相同的服务等级等)的分组归为一类,这种类别就称为 转发等价类 。
1.2 CEF
Figure 1: CEF 组成
Figure 2: CEF 原理示意
使用 MPLS 首先要启用 CEF ,它的优点在于:
- 可被硬件(ASIC)调用,转发效率高
- 拓扑驱动 ,具有较快的收敛速度
- CEF 将路由和下一跳关联, 解决路由递归查询问题
- CEF 是唯一一种提供 MPLS 标签插入的转发机制
- CEF 形成 FIB ,而标签分发协议(TDP/LDP)根据 FIB 来分发标签
1.3 LSR
标签交换路由器。 运行 MPLS 的路由器即为 LSR 。
LSR 主要负责标签的 交换 。
Figure 3: 在 LSR 上,数据包 只 需要查 LFIB
1.4 FIB/LIB/LFIB
- FIB 是基于路由表 (RIB) 形成的,其中包含标签信息 2
- LIB 用于存放本地分配的标签信息和 所有学习到 的标签信息, 起到保存标签信息的作用
- LFIB 即标签转换信息表, 由 LIB 和 FIB 推导出来 ,用于查询某条路由的标签转换规则, 建立入标签与出标签的映射关系
Figure 6: 三张表的内在联系
2 标签格式
| 00 | 01 | 02 | 03 | 04 | 05 | 06 | 07 | 08 | 09 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Label | TC: Traffic Class (QoS and ECN) | S: Bottom-of-Stack | TTL: Time-to-Live | ||||||||||||||||||||||||||||
- 0-15 是保留标签,一般从 16 开始分配
- bottom-of-stack 主要用于多层标签的场景:
- 一层标签
- MPLS
- 两层标签
- MPLS VPN
- 三层标签
- MPLS TE (流量工程)
3 LDP
Figure 7: 实验环境
LDP Route ID 建议使用 /32 Loopback 地址. 3
3.1 基本配置
配置清单
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 1.1.1.1 255.255.255.255 exit int e0/0 ip address 10.1.12.1 255.255.255.0 mpls ip ! switch to establish LDP on this ifc no sh exit router ospf 110 router-id 1.1.1.1 network 10.1.12.1 0.0.0.0 area 0 network 1.1.1.1 0.0.0.0 area 0 exit ip cef ! must enable this mpls ldp router-id lo0 mpls label range 100 199 ! make it easy to debug end ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 2.2.2.2 255.255.255.255 exit int e0/0 ip address 10.1.12.2 255.255.255.0 mpls ip no sh exit int e0/1 ip address 10.1.23.2 255.255.255.0 mpls ip no sh exit router ospf 110 router-id 2.2.2.2 network 10.1.12.2 0.0.0.0 area 0 network 10.1.23.2 0.0.0.0 area 0 network 2.2.2.2 0.0.0.0 area 0 exit ip cef ! must enable this mpls ldp router-id lo0 mpls label range 200 299 end ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 3.3.3.3 255.255.255.255 exit int e0/0 ip address 10.1.23.3 255.255.255.0 mpls ip no sh exit router ospf 110 router-id 3.3.3.3 network 10.1.23.3 0.0.0.0 area 0 network 3.3.3.3 0.0.0.0 area 0 exit ip cef ! must enable this mpls ldp router-id lo0 mpls label range 300 399 end
3.2 查看命令
3.2.1 查看邻居
R2#sh mpls ldp neighbor
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.43796 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 49/49; Downstream
Up time: 00:35:31
LDP discovery sources:
Ethernet0/1, Src IP addr: 10.1.23.3
Addresses bound to peer LDP Ident:
10.1.23.3 3.3.3.3
Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38627
State: Oper; Msgs sent/rcvd: 48/48; Downstream
Up time: 00:35:29
LDP discovery sources:
Ethernet0/0, Src IP addr: 10.1.12.1
Addresses bound to peer LDP Ident:
10.1.12.1 1.1.1.1
R2#
3.2.2 查看是否收到 Hello
R2#sh mpls ldp discovery
Local LDP Identifier:
2.2.2.2:0
Discovery Sources:
Interfaces:
Ethernet0/0 (ldp): xmit/recv
LDP Id: 1.1.1.1:0
Ethernet0/1 (ldp): xmit/recv
LDP Id: 3.3.3.3:0
假设 transport IP 不可达(比如 R1 没有通告 1.1.1.1/32 进 IGP),也能收到 Hello :
R2#sh mpls ldp discovery
Local LDP Identifier:
2.2.2.2:0
Discovery Sources:
Interfaces:
Ethernet0/0 (ldp): xmit/recv
LDP Id: 1.1.1.1:0; no route
Ethernet0/1 (ldp): xmit/recv
LDP Id: 3.3.3.3:0
3.2.3 查看 FIB 表
show ip cef detail
R1#sh ip cef 3.3.3.3 detail 3.3.3.3/32, epoch 0 dflt local label info: global/102 [0x0] nexthop 10.1.12.2 Ethernet0/0 label 201-(local:102)
3.2.4 查看 LIB 表
R2#sh mpls ldp bindings
lib entry: 1.1.1.1/32, rev 2
local binding: label: 200
remote binding: lsr: 1.1.1.1:0, label: imp-null
remote binding: lsr: 3.3.3.3:0, label: 300
lib entry: 2.2.2.2/32, rev 4
local binding: label: imp-null ! imp-null 即为 Label:3 ,表明该路由是本地产生的,收到该标签的路由器就是针对该路由的次末跳
remote binding: lsr: 1.1.1.1:0, label: 100
remote binding: lsr: 3.3.3.3:0, label: 301
lib entry: 3.3.3.3/32, rev 6
local binding: label: 201
remote binding: lsr: 3.3.3.3:0, label: imp-null
remote binding: lsr: 1.1.1.1:0, label: 102
lib entry: 10.1.12.0/24, rev 8
local binding: label: imp-null
remote binding: lsr: 1.1.1.1:0, label: imp-null
remote binding: lsr: 3.3.3.3:0, label: 302
lib entry: 10.1.23.0/24, rev 10
local binding: label: imp-null
remote binding: lsr: 1.1.1.1:0, label: 101
remote binding: lsr: 3.3.3.3:0, label: imp-null
3.2.5 查看 LFIB 表
R2#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
200 Pop Label 1.1.1.1/32 0 Et0/0 10.1.12.1 ! outgoing 是 Pop 的原因是从邻居收到的 label 是 3 (imp-null)
201 Pop Label 3.3.3.3/32 0 Et0/1 10.1.23.3
3.3 邻居建立过程
4 原理
4.1 标签建立过程 4
4.1.1 依赖 IGP 构建 RIB 与 FIB(CEF) 5
4.1.2 运行 LDP 以维护 LIB
为路由表中每一条路由前缀 ( BGP 路由除外 ) 分配 标签。同时,LSR 也会将本地的标签信息通告给 LDP 邻居。
4.1.3 基于 LIB 和 FIB 维护 LFIB
4.2 数据包传递过程
Figure 14: 数据包传递过程的标签查询与转换
4.3 Penultimate Hop Popping (次末跳优化)
Figure 15: 优化前
由于最后一跳收到的数据是带标签的,因此 会先查 FLIB 表 ,当去掉标签后 又 需要根据 NH IP 查询 FIB 找到转发接口。
标签在上一条就可以被去掉了。
Figure 16: 优化后
这样最后一跳收到不带标签的数据时,只需要查询 FIB 即可。
4.3.1 imp-null
直连路由 在本地分配到的标签为 imp-null(label:3) ,LDP 邻居收到这个标签后,会将 Outgoing Label 设置为 Pop 。
Figure 17: imp-null
4.3.2 POP 与 UNTAGGED 区别
- POP 是表示对端路由器发来 imp-null 的标签,说明对端是有这条路由的,当本地路由器收到数据时,会弹出标签,并以 IP 包的方式传给对端路由器。
- UNTAGGED 表示没有收到对端路由器发来关于此条路由的标签,说明对端路由器没有该路由或是不支持 mpls 。当本地路由器收到数据时, 会弹出标签,并查找 FIB 来寻找下一跳 。
4.3.3 exp-null
impl-null 会将二层帧中的 tag 信息全部弹出,包括涉及 QoS 的信息,为了保留 QoS 信息(EXP 字段),可以使用 exp-null 。
Figure 18: exp-null
R3(config)#mpls ldp explicit-null
R2#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
200 Pop Label 1.1.1.1/32 0 Et0/0 10.1.12.1
201 explicit-n 3.3.3.3/32 0 Et0/1 10.1.23.3
4.4 TTL propagation
Figure 19: 默认的 TTL 传播过程
默认的 TTL 操作方式在使用 traceroute 的时候暴露内部网络拓扑,可以通过命令关闭 TTL Propagation 。
Figure 20: 关闭 TTL Propagation 后的传播过程
通常在边界设备上配置关闭该特性 : no mpls ip propagate-ttl
5 MPLS 中 BGP 路由黑洞问题研究
5.1 实验一(原理)
Figure 21: 实验拓扑
实验环境特点: - R1 与 R4 之间建立 IBGP 邻接关系, IBGP 邻接关系建立在物理接口上 - OSPF 中宣告 R1-R5 和 R4-R6 的直连网段 - R5 及 R6 各自在 BGP 进程中宣告自己的 Loopback 路由
初始配置清单
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 1.1.1.1 255.255.255.255 exit int e0/0 ip address 10.1.12.1 255.255.255.0 no sh exit int e0/1 ip address 10.1.15.1 255.255.255.0 no sh exit router ospf 110 router-id 1.1.1.1 network 10.1.12.1 0.0.0.0 area 0 network 10.1.15.1 0.0.0.0 area 0 network 1.1.1.1 0.0.0.0 area 0 exit router bgp 1234 bgp router-id 1.1.1.1 neighbor 10.1.15.5 remote-as 500 neighbor 10.1.34.4 remote-as 1234 exit end ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 2.2.2.2 255.255.255.255 exit int e0/0 ip address 10.1.12.2 255.255.255.0 no sh exit int e0/1 ip address 10.1.23.2 255.255.255.0 no sh exit router ospf 110 router-id 2.2.2.2 network 10.1.12.2 0.0.0.0 area 0 network 10.1.23.2 0.0.0.0 area 0 network 2.2.2.2 0.0.0.0 area 0 exit end ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 3.3.3.3 255.255.255.255 exit int e0/0 ip address 10.1.23.3 255.255.255.0 no sh exit int e0/1 ip address 10.1.34.3 255.255.255.0 no sh exit router ospf 110 router-id 3.3.3.3 network 10.1.23.3 0.0.0.0 area 0 network 10.1.34.3 0.0.0.0 area 0 network 3.3.3.3 0.0.0.0 area 0 exit end ----------------- R4 ---------------------- en conf t hostname R4 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 4.4.4.4 255.255.255.255 exit int e0/0 ip address 10.1.34.4 255.255.255.0 no sh exit int e0/1 ip address 10.1.46.4 255.255.255.0 no sh exit router ospf 110 router-id 4.4.4.4 network 10.1.34.4 0.0.0.0 area 0 network 10.1.46.4 0.0.0.0 area 0 network 4.4.4.4 0.0.0.0 area 0 exit router bgp 1234 bgp router-id 4.4.4.4 neighbor 10.1.46.6 remote-as 600 neighbor 10.1.12.1 remote-as 1234 exit end ----------------- R5 ---------------------- en conf t hostname R5 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 5.5.5.5 255.255.255.255 exit int e0/0 ip address 10.1.15.5 255.255.255.0 no sh exit ip route 0.0.0.0 0.0.0.0 10.1.15.1 router bgp 500 bgp router-id 5.5.5.5 neighbor 10.1.15.1 remote-as 1234 network 5.5.5.5 mask 255.255.255.255 exit end ----------------- R6 ---------------------- en conf t hostname R6 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 6.6.6.6 255.255.255.255 exit int e0/0 ip address 10.1.46.6 255.255.255.0 no sh exit ip route 0.0.0.0 0.0.0.0 10.1.46.4 router bgp 600 bgp router-id 6.6.6.6 neighbor 10.1.46.4 remote-as 1234 network 6.6.6.6 mask 255.255.255.255 exit end
完整配置清单(高亮为 MPLS 相关配置)
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 1.1.1.1 255.255.255.255 exit int e0/0 ip address 10.1.12.1 255.255.255.0 no sh exit int e0/1 ip address 10.1.15.1 255.255.255.0 no sh exit router ospf 110 router-id 1.1.1.1 network 10.1.12.1 0.0.0.0 area 0 network 10.1.15.1 0.0.0.0 area 0 network 1.1.1.1 0.0.0.0 area 0 exit router bgp 1234 bgp router-id 1.1.1.1 neighbor 10.1.15.5 remote-as 500 neighbor 10.1.34.4 remote-as 1234 exit ip cef mpls ldp router-id lo0 mpls label range 100 199 int e0/0 mpls ip exit end ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 2.2.2.2 255.255.255.255 exit int e0/0 ip address 10.1.12.2 255.255.255.0 no sh exit int e0/1 ip address 10.1.23.2 255.255.255.0 no sh exit router ospf 110 router-id 2.2.2.2 network 10.1.12.2 0.0.0.0 area 0 network 10.1.23.2 0.0.0.0 area 0 network 2.2.2.2 0.0.0.0 area 0 exit ip cef mpls ldp router-id lo0 mpls label range 200 299 int range e0/0,e0/1 mpls ip exit end ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 3.3.3.3 255.255.255.255 exit int e0/0 ip address 10.1.23.3 255.255.255.0 no sh exit int e0/1 ip address 10.1.34.3 255.255.255.0 no sh exit router ospf 110 router-id 3.3.3.3 network 10.1.23.3 0.0.0.0 area 0 network 10.1.34.3 0.0.0.0 area 0 network 3.3.3.3 0.0.0.0 area 0 exit ip cef mpls ldp router-id lo0 mpls label range 300 399 int range e0/0,e0/1 mpls ip exit end ----------------- R4 ---------------------- en conf t hostname R4 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 4.4.4.4 255.255.255.255 exit int e0/0 ip address 10.1.34.4 255.255.255.0 no sh exit int e0/1 ip address 10.1.46.4 255.255.255.0 no sh exit router ospf 110 router-id 4.4.4.4 network 10.1.34.4 0.0.0.0 area 0 network 10.1.46.4 0.0.0.0 area 0 network 4.4.4.4 0.0.0.0 area 0 exit router bgp 1234 bgp router-id 4.4.4.4 neighbor 10.1.46.6 remote-as 600 neighbor 10.1.12.1 remote-as 1234 exit ip cef mpls ldp router-id lo0 mpls label range 400 499 int e0/0 mpls ip exit end ----------------- R5 ---------------------- en conf t hostname R5 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 5.5.5.5 255.255.255.255 exit int e0/0 ip address 10.1.15.5 255.255.255.0 no sh exit ip route 0.0.0.0 0.0.0.0 10.1.15.1 router bgp 500 bgp router-id 5.5.5.5 neighbor 10.1.15.1 remote-as 1234 network 5.5.5.5 mask 255.255.255.255 exit end ----------------- R6 ---------------------- en conf t hostname R6 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 6.6.6.6 255.255.255.255 exit int e0/0 ip address 10.1.46.6 255.255.255.0 no sh exit ip route 0.0.0.0 0.0.0.0 10.1.46.4 router bgp 600 bgp router-id 6.6.6.6 neighbor 10.1.46.4 remote-as 1234 network 6.6.6.6 mask 255.255.255.255 exit end
5.1.1 连通性分析
R6#ping 5.5.5.5 source 6.6.6.6 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds: Packet sent with a source address of 6.6.6.6 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R6 始发的报文是基于 IP 的,到了 R4 ,R4 查 CEF 表,发现目的地:5.5.5.5 的条目,关联了一个 Label: 303,于是 R4 将 IP 包压上标签 303,然后传给下一跳,即 R3 :
R4#sh ip cef 5.5.5.5 detail
5.5.5.5/32, epoch 0, flags [rib only nolabel, rib defined all labels]
recursive via 10.1.15.5
recursive via 10.1.15.0/24
nexthop 10.1.34.3 Ethernet0/0 label 304-(local:404)
为什么 R4 CEF 显示要用 Label:304 呢? 通过查看 R4 的路由表可以发现,去往 5.5.5.5 的路由下一跳为 10.1.15.5 , 那么 R4 就要查看是否有从 LDP 邻居收到的关于 10.1.15.5 的标签 。
R4#sh ip route bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [200/0] via 10.1.15.5, 00:40:23
6.0.0.0/32 is subnetted, 1 subnets
B 6.6.6.6 [20/0] via 10.1.46.6, 00:24:39
再看下 R3 的 FIB 表,发现它为该路由分配的本地标签正是 304 。
R3#sh mpls ldp bindings local-label 304 ! FIB
lib entry: 10.1.15.0/24, rev 12
local binding: label: 304
R3#sh mpls forwarding-table ! LFIB
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
300 200 1.1.1.1/32 0 Et0/0 10.1.23.2
301 Pop Label 2.2.2.2/32 0 Et0/0 10.1.23.2
302 Pop Label 4.4.4.4/32 0 Et0/1 10.1.34.4
303 Pop Label 10.1.12.0/24 87330 Et0/0 10.1.23.2
304 203 10.1.15.0/24 4102 Et0/0 10.1.23.2
305 Pop Label 10.1.46.0/24 3502 Et0/1 10.1.34.4
顺便提一句,10.1.15.0/24 是属于 R1 的直连网段,因此 R2 的转发表中将显示 Pop (PHP 机制):
R2# sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
200 Pop Label 1.1.1.1/32 0 Et0/0 10.1.12.1
201 Pop Label 3.3.3.3/32 0 Et0/1 10.1.23.3
202 302 4.4.4.4/32 0 Et0/1 10.1.23.3
203 Pop Label 10.1.15.0/24 4446 Et0/0 10.1.12.1
204 Pop Label 10.1.34.0/24 88684 Et0/1 10.1.23.3
205 305 10.1.46.0/24 3626 Et0/1 10.1.23.3
也就是说 R1 将收到纯 IP 数据包,而 R1 上存在去往 5.5.5.5 的路由,所以数据包可以正确转发。
5.2 实验二(PHP 的影响)
Figure 22: 实验拓扑
上一个实验中,在 Core OSPF 中宣告了 R1-R5 及 R4-R6 的直连网段,然而在实际合中,往往不会在 Core IGP 中宣告 AS 外的链路。如果不在 OSPF 中宣告这两个直连链路,会有什么现象。
由于 OSPF 没有了这两个直连网段,那么 5.5.5.5 及 6.6.6.6 两条 EBGP 路由就不能被优化,需在 R1/R4 上对 R4/R1 使用 next-hop-self 。
配置清单
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 1.1.1.1 255.255.255.255 exit int e0/0 ip address 10.1.12.1 255.255.255.0 no sh exit int e0/1 ip address 10.1.15.1 255.255.255.0 no sh exit router ospf 110 router-id 1.1.1.1 network 10.1.12.1 0.0.0.0 area 0 ! network 10.1.15.1 0.0.0.0 area 0 network 1.1.1.1 0.0.0.0 area 0 exit router bgp 1234 bgp router-id 1.1.1.1 neighbor 10.1.15.5 remote-as 500 neighbor 10.1.34.4 remote-as 1234 neighbor 10.1.34.4 next-hop-self exit ip cef mpls ldp router-id lo0 mpls label range 100 199 int e0/0 mpls ip exit end ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 2.2.2.2 255.255.255.255 exit int e0/0 ip address 10.1.12.2 255.255.255.0 no sh exit int e0/1 ip address 10.1.23.2 255.255.255.0 no sh exit router ospf 110 router-id 2.2.2.2 network 10.1.12.2 0.0.0.0 area 0 network 10.1.23.2 0.0.0.0 area 0 network 2.2.2.2 0.0.0.0 area 0 exit ip cef mpls ldp router-id lo0 mpls label range 200 299 int range e0/0,e0/1 mpls ip exit end ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 3.3.3.3 255.255.255.255 exit int e0/0 ip address 10.1.23.3 255.255.255.0 no sh exit int e0/1 ip address 10.1.34.3 255.255.255.0 no sh exit router ospf 110 router-id 3.3.3.3 network 10.1.23.3 0.0.0.0 area 0 network 10.1.34.3 0.0.0.0 area 0 network 3.3.3.3 0.0.0.0 area 0 exit ip cef mpls ldp router-id lo0 mpls label range 300 399 int range e0/0,e0/1 mpls ip exit end ----------------- R4 ---------------------- en conf t hostname R4 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 4.4.4.4 255.255.255.255 exit int e0/0 ip address 10.1.34.4 255.255.255.0 no sh exit int e0/1 ip address 10.1.46.4 255.255.255.0 no sh exit router ospf 110 router-id 4.4.4.4 network 10.1.34.4 0.0.0.0 area 0 ! network 10.1.46.4 0.0.0.0 area 0 network 4.4.4.4 0.0.0.0 area 0 exit router bgp 1234 bgp router-id 4.4.4.4 neighbor 10.1.46.6 remote-as 600 neighbor 10.1.12.1 remote-as 1234 neighbor 10.1.12.1 next-hop-self exit ip cef mpls ldp router-id lo0 mpls label range 400 499 int e0/0 mpls ip exit end ----------------- R5 ---------------------- en conf t hostname R5 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 5.5.5.5 255.255.255.255 exit int e0/0 ip address 10.1.15.5 255.255.255.0 no sh exit ip route 0.0.0.0 0.0.0.0 10.1.15.1 router bgp 500 bgp router-id 5.5.5.5 neighbor 10.1.15.1 remote-as 1234 network 5.5.5.5 mask 255.255.255.255 exit end ----------------- R6 ---------------------- en conf t hostname R6 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 6.6.6.6 255.255.255.255 exit int e0/0 ip address 10.1.46.6 255.255.255.0 no sh exit ip route 0.0.0.0 0.0.0.0 10.1.46.4 router bgp 600 bgp router-id 6.6.6.6 neighbor 10.1.46.4 remote-as 1234 network 6.6.6.6 mask 255.255.255.255 exit end
5.2.1 不连通性分析
R4#sh ip cef 5.5.5.5 detail
5.5.5.5/32, epoch 0, flags [rib only nolabel, rib defined all labels]
recursive via 10.1.12.1
recursive via 10.1.12.0/24 ! 本质上要贴上去往 10.1.12.0/24 网段的标签
nexthop 10.1.34.3 Ethernet0/0 label 303-(local:403)
R4#
而 R3 上针对这个网段的 LFIB 为:
R3#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
300 200 1.1.1.1/32 0 Et0/0 10.1.23.2
301 Pop Label 2.2.2.2/32 0 Et0/0 10.1.23.2
303 Pop Label 10.1.12.0/24 95034 Et0/0 10.1.23.2
304 Pop Label 4.4.4.4/32 0 Et0/1 10.1.34.4
因为 10.1.12.0/24 是属于 R2 的直连网段,所以 R2 发出的针对该网段的标签为 imp-null 。这样 R3 向 R2 转发的其实是 IP 数据包,而非标签数据包,由于 BGP 路由黑洞的存在,R2 上并没有去往 5.5.5.5 的路由,因此产生丢包。
解决方案见实验三。
5.3 实验三 (IBGP on Loopback)
Figure 23: 实验环境
配置清单
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 1.1.1.1 255.255.255.255 exit int e0/0 ip address 10.1.12.1 255.255.255.0 no sh exit int e0/1 ip address 10.1.15.1 255.255.255.0 no sh exit router ospf 110 router-id 1.1.1.1 network 10.1.12.1 0.0.0.0 area 0 network 1.1.1.1 0.0.0.0 area 0 exit router bgp 1234 bgp router-id 1.1.1.1 neighbor 10.1.15.5 remote-as 500 neighbor 4.4.4.4 remote-as 1234 neighbor 4.4.4.4 next-hop-self neighbor 4.4.4.4 update-source lo0 exit ip cef mpls ldp router-id lo0 mpls label range 100 199 int e0/0 mpls ip exit end ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 2.2.2.2 255.255.255.255 exit int e0/0 ip address 10.1.12.2 255.255.255.0 no sh exit int e0/1 ip address 10.1.23.2 255.255.255.0 no sh exit router ospf 110 router-id 2.2.2.2 network 10.1.12.2 0.0.0.0 area 0 network 10.1.23.2 0.0.0.0 area 0 network 2.2.2.2 0.0.0.0 area 0 exit ip cef mpls ldp router-id lo0 mpls label range 200 299 int range e0/0,e0/1 mpls ip exit end ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 3.3.3.3 255.255.255.255 exit int e0/0 ip address 10.1.23.3 255.255.255.0 no sh exit int e0/1 ip address 10.1.34.3 255.255.255.0 no sh exit router ospf 110 router-id 3.3.3.3 network 10.1.23.3 0.0.0.0 area 0 network 10.1.34.3 0.0.0.0 area 0 network 3.3.3.3 0.0.0.0 area 0 exit ip cef mpls ldp router-id lo0 mpls label range 300 399 int range e0/0,e0/1 mpls ip exit end ----------------- R4 ---------------------- en conf t hostname R4 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 4.4.4.4 255.255.255.255 exit int e0/0 ip address 10.1.34.4 255.255.255.0 no sh exit int e0/1 ip address 10.1.46.4 255.255.255.0 no sh exit router ospf 110 router-id 4.4.4.4 network 10.1.34.4 0.0.0.0 area 0 ! network 10.1.46.4 0.0.0.0 area 0 network 4.4.4.4 0.0.0.0 area 0 exit router bgp 1234 bgp router-id 4.4.4.4 neighbor 10.1.46.6 remote-as 600 neighbor 1.1.1.1 remote-as 1234 neighbor 1.1.1.1 next-hop-self neighbor 1.1.1.1 update-source lo0 exit ip cef mpls ldp router-id lo0 mpls label range 400 499 int e0/0 mpls ip exit end ----------------- R5 ---------------------- en conf t hostname R5 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 5.5.5.5 255.255.255.255 exit int e0/0 ip address 10.1.15.5 255.255.255.0 no sh exit ip route 0.0.0.0 0.0.0.0 10.1.15.1 router bgp 500 bgp router-id 5.5.5.5 neighbor 10.1.15.1 remote-as 1234 network 5.5.5.5 mask 255.255.255.255 exit end ----------------- R6 ---------------------- en conf t hostname R6 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 6.6.6.6 255.255.255.255 exit int e0/0 ip address 10.1.46.6 255.255.255.0 no sh exit ip route 0.0.0.0 0.0.0.0 10.1.46.4 router bgp 600 bgp router-id 6.6.6.6 neighbor 10.1.46.4 remote-as 1234 network 6.6.6.6 mask 255.255.255.255 exit end
6 路由汇总对 MPLS 的影响
Figure 24: 路由汇总示例(该实例中数据仍可正常传输,虽然C上发生过重打标签的情况)
- 路由汇总会将原先完整一段 LSP 分割成两段
- 问题的本质在于,在汇聚点上由于数据包已被去除 tag 信息,会以纯 IP 包的方式查找 FIB ,如果此时无法找到下一跳,则会发生丢包,这在 MPLS VPN 环境尤为常见
Footnotes:
1
Ingress and Egress are known as Edge Routers
2
加入标签信息是因为如果是 Edge LSR ,当收到未加标签的数据时只会查询 FIB ,而这时就可以直接从 FIB 中提取需要压入的标签
4
Label allocation, label imposing, label swapping, and label popping usually happen in the service provider network, not the customer (enterprise) network. Customer routers will never see a label.
5
MPLS 只针对 IGP 分发标签,不会为 BGP 路由产生标签