MPLS RT Rewrite(解決)

2023年8月13日 14:56

設定

解決編

iosv-6#sh bgp vpnv4 uni all | b validation
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf A)
 *>   7.7.7.7/32       192.168.67.7             2         32768 ?
 * i  8.8.8.8/32       192.168.23.2             0    100      0 200 ?
 * i  192.168.58.0     192.168.23.2             0    100      0 200 ?
 *>   192.168.67.0     0.0.0.0                  0         32768 ?
 *>   192.168.79.0     192.168.67.7             2         32768 ?
 * i  192.168.108.0    192.168.23.2             0    100      0 200 ?
Route Distinguisher: 200:1
 * i  8.8.8.8/32       192.168.23.2             0    100      0 200 ?
 * i  192.168.58.0     192.168.23.2             0    100      0 200 ?
 * i  192.168.108.0    192.168.23.2             0    100      0 200 ?

前回の記事での気づきが、こっちでも生かされるのではと考えた。
実際、AS200の経路のネクストホップが192.168.23.2(AS200内ルータ)になっている。これじゃ届きようがない。

next-hop-self

iosv-3(config)#router bgp 100
iosv-3(config-router)#add vpnv4  
iosv-3(config-router-af)#nei 6.6.6.6 next-hop-self

iosv-2(config-router-af)#nei 5.5.5.5 next-hop-self

結果

iosv-6#sh bgp vpnv4 uni all | b validation
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf A)
 *>   7.7.7.7/32       192.168.67.7             2         32768 ?
 *>i  8.8.8.8/32       3.3.3.3                  0    100      0 200 ?
 *>i  192.168.58.0     3.3.3.3                  0    100      0 200 ?
 *>   192.168.67.0     0.0.0.0                  0         32768 ?
 *>   192.168.79.0     192.168.67.7             2         32768 ?
 *>i  192.168.108.0    3.3.3.3                  0    100      0 200 ?
Route Distinguisher: 200:1
 *>i  8.8.8.8/32       3.3.3.3                  0    100      0 200 ?
 *>i  192.168.58.0     3.3.3.3                  0    100      0 200 ?
 *>i  192.168.108.0    3.3.3.3                  0    100      0 200 ?

iosv-6#sh ip ro vrf A | b Gate
Gateway of last resort is not set

      7.0.0.0/32 is subnetted, 1 subnets
O        7.7.7.7 [110/2] via 192.168.67.7, 00:07:40, GigabitEthernet0/1
      8.0.0.0/32 is subnetted, 1 subnets
B        8.8.8.8 [200/0] via 3.3.3.3, 00:00:45
B     192.168.58.0/24 [200/0] via 3.3.3.3, 00:00:45
      192.168.67.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.67.0/24 is directly connected, GigabitEthernet0/1
L        192.168.67.6/32 is directly connected, GigabitEthernet0/1
O     192.168.79.0/24 [110/2] via 192.168.67.7, 00:07:40, GigabitEthernet0/1
B     192.168.108.0/24 [200/0] via 3.3.3.3, 00:00:45

iosv-7#sh ip ro | b Gate
Gateway of last resort is not set

      7.0.0.0/32 is subnetted, 1 subnets
C        7.7.7.7 is directly connected, Loopback0
      8.0.0.0/32 is subnetted, 1 subnets
O IA     8.8.8.8 [110/2] via 192.168.67.6, 00:01:20, GigabitEthernet0/1
O IA  192.168.58.0/24 [110/2] via 192.168.67.6, 00:01:20, GigabitEthernet0/1
      192.168.67.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.67.0/24 is directly connected, GigabitEthernet0/1
L        192.168.67.7/32 is directly connected, GigabitEthernet0/1
      192.168.79.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.79.0/24 is directly connected, GigabitEthernet0/2
L        192.168.79.7/32 is directly connected, GigabitEthernet0/2
O IA  192.168.108.0/24 [110/2] via 192.168.67.6, 00:01:20, GigabitEthernet0/1

PE/CEどちらのルーティングテーブルにも経路情報が載った。

ping/trace

iosv-7#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 14/16/18 ms
iosv-7#trace 8.8.8.8 
Type escape sequence to abort.
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.67.6 9 msec 7 msec 4 msec
  2 192.168.16.1 [MPLS: Labels 16/23 Exp 0] 12 msec 16 msec 13 msec
  3 192.168.13.3 [MPLS: Label 23 Exp 0] 18 msec 14 msec 16 msec
  4 192.168.23.2 [MPLS: Label 20 Exp 0] 19 msec 16 msec 13 msec
  5 192.168.24.4 [MPLS: Labels 17/19 Exp 0] 11 msec 15 msec 14 msec
  6 192.168.58.5 [MPLS: Label 19 Exp 0] 16 msec 15 msec 14 msec
  7 192.168.58.8 16 msec 16 msec *

ばっちり。

show bgp vpnv4 uni all x.x.x.x

iosv-6#sh bgp vpnv4 uni all 8.8.8.8
BGP routing table entry for 100:1:8.8.8.8/32, version 12
Paths: (1 available, best #1, table A)
Flag: 0x100
  Not advertised to any peer
  Refresh Epoch 1
  200, imported path from 200:1:8.8.8.8/32 (global)
    3.3.3.3 (metric 3) (via default) from 3.3.3.3 (3.3.3.3)
      Origin incomplete, metric 0, localpref 100, valid, internal, best
      Extended Community: RT:100:1 OSPF DOMAIN ID:0x0005:0x000000640200 
        OSPF RT:0.0.0.1:2:0 OSPF ROUTER ID:192.168.58.5:0
      mpls labels in/out nolabel/23
      rx pathid: 0, tx pathid: 0x0
BGP routing table entry for 200:1:8.8.8.8/32, version 9
Paths: (1 available, best #1, no table)
Flag: 0x100
  Not advertised to any peer
  Refresh Epoch 1
  200
    3.3.3.3 (metric 3) (via default) from 3.3.3.3 (3.3.3.3)
      Origin incomplete, metric 0, localpref 100, valid, internal, best
      Extended Community: RT:100:1 OSPF DOMAIN ID:0x0005:0x000000640200 
        OSPF RT:0.0.0.1:2:0 OSPF ROUTER ID:192.168.58.5:0
      mpls labels in/out nolabel/23
      rx pathid: 0, tx pathid: 0x0

iosv-5#sh bgp vpnv4 uni all 8.8.8.8
BGP routing table entry for 200:1:8.8.8.8/32, version 7
Paths: (1 available, best #1, table B)
  Advertised to update-groups:
     1         
  Refresh Epoch 1
  Local
    192.168.58.8 (via vrf B) from 0.0.0.0 (5.5.5.5)
      Origin incomplete, metric 2, localpref 100, weight 32768, valid, sourced, best
      Extended Community: RT:200:1 OSPF DOMAIN ID:0x0005:0x000000640200 
        OSPF RT:0.0.0.1:2:0 OSPF ROUTER ID:192.168.58.5:0
      mpls labels in/out 19/nolabel
      rx pathid: 0, tx pathid: 0x0

iosv-6視点だと8.8.8.8/32のroute-targetは100:1で、iosv-5だと200:1と出力されていることから、route-targetの書き換えが成功していることがわかる。

参考

Chapter: MPLS VPN Route Target Rewrite

この記事が気に入ったらサポートをしてみませんか？