一、 组网:
两台SR66路由器分别为PE1、PE2,中间为Mpls骨干网,PE1、PE2和P设备之间通过三层链路聚合互联,IGP为OSPF,SR66-PE1路由器和SR66-PE2路由器之间采用Kompella方式VPLS,具体组网参考下图:
二、 问题描述:
VPLS(Virtual Private LAN Service,虚拟专用局域网服务)是在公用网络中提供的一种点到多点的L2VPN业务。VPLS使地域上隔离的用户站点能通过MAN(Metropolitan Area Network,城域网)或WAN(Wide Area Network,广域网)相连,并且使各个站点间的连接效果像在一个LAN中一样。
在本组网中,客户反馈两台SR66路由器作为VPLS的PE,MPLS骨干网正常分发公网标签,dis bgp vpls peer的BGP邻居状态为Established,但是通过命令dis vpls connection、dis vpls connection vsi 查看无任何信息输出。
三、 过程分析:
SR66-PE1设备主要配置:
mpls lsr-id 1.1.1.1
#
Mpls
#
l2vpn
mpls l2vpn
#
mpls ldp
#vsi sccn_zg_l2_office auto
pwsignal bgp
route-distinguisher 65502:1000
vpn-target 65502:1000 import-extcommunity
vpn-target 65502:1000 export-extcommunity
site 1 range 10 default-offset 0
interface Route-Aggregation1
ip address 12.1.1.1 255.255.255.252
mpls
mpls ldp
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface GigabitEthernet0/0/2
l2 binding vsi sccn_zg_l2_office
bgp 65502
router-id 1.1.1.1
undo synchronization
peer 3.3.3.3 as-number 65502
peer 3.3.3.3 connect-interface LoopBack0
#
vpls-family
peer 3.3.3.3 enable
#
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 12.1.1.0 0.0.0.3
network 10.138.9.44 0.0.0.3
#
P设备的主要配置:
mpls lsr-id 2.2.2.2
#
mpls
#
l2vpn
mpls l2vpn
#
mpls ldp
#
interface Route-Aggregation2
ip address 23.1.1.1 255.255.255.252
mpls
mpls ldp
#
interface Route-Aggregation3
ip address 12.1.1.2 255.255.255.252
mpls
mpls ldp
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 12.1.1.0 0.0.0.3
network 23.1.1.0 0.0.0.3
network 2.2.2.2 0.0.0.0
PE2路由器的主要配置:
mpls lsr-id 3.3.3.3
#
mpls
#
l2vpn
mpls l2vpn
#
mpls ldp
# vsi sccn_zg_l2_office auto
pwsignal bgp
route-distinguisher 65502:1000
vpn-target 65502:1000 import-extcommunity
vpn-target 65502:1000 export-extcommunity
site 1 range 10 default-offset 0
#
interface Route-Aggregation1
ip address 23.1.1.2 255.255.255.252
mpls
mpls ldp
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
interface GigabitEthernet0/0/3
l2 binding vsi sccn_zg_l2_office
# bgp 65502
router-id 3.3.3.3
undo synchronization
peer 1.1.1.1 as-number 65502
peer 1.1.1.1 connect-interface LoopBack0
#
vpls-family
peer 1.1.1.1 enable
#
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 23.1.1.2 0.0.0.255
network 3.3.3.3 0.0.0.0
通过检查SR66-PE1路由器、SR66-PE2路由器的配置,发现在vsi sccn_zg_l2_office auto下面 site 1 range 10 default-offset 0的site值都为1。但是,在Kompella方式的VPLS VPN中,同一VPN内SITE-ID不允许重复,并且平台会检查如果site值配置成一样的话,会打印信息提示,但是现场在调试的时候并没有任何提示。通过查看诊断信息里面的日志发现:
%Aug 12 10:12:54:232 2014 SR66-PE1 BGP/5/BGP_STATE_CHANGED:
10.138.9.202 state is changed from OPENCONFIRM to ESTABLISHED.
%Aug 12 10:12:56:032 2014 SR66-PE1 L2V/5/VPLS_BGP_LOCAL_SITEID_CONFLICT: Remote site ID 1 (from PE 3.3.3.3, Route-Distinguisher 65502:1000) conflicts with local site ID.
但是为什么在现场两边PE配置site 1 range 10 default-offset 0的时候,为什么没有提示呢?后了解到现场当时是通过telnet远程到设备上,没有开启terminal monitor和terminal debugging。开启terminal monitor和terminal debugging再次测试:
[SR66-PE1-vsi-sccn_zg_l2_office-bgp]site 1 range 10
Error: Site ID is used by a remote site.
四、 解决方法:
修改SR66-PE1设备site值,保证同一VPN内SITE-ID不允许重复,问题解决。
SR66-PE1:
vsi sccn_zg_l2_office auto
pwsignal bgp
route-distinguisher 65502:1000
vpn-target 65502:1000 import-extcommunity
vpn-target 65502:1000 export-extcommunity
site 2 range 10 default-offset 0
SR66-PE2:
vsi sccn_zg_l2_office auto
pwsignal bgp
route-distinguisher 65502:1000
vpn-target 65502:1000 import-extcommunity
vpn-target 65502:1000 export-extcommunity
site 1 range 10 default-offset 0
Total 1 connection(s),
connection(s): 1 up, 0 block, 0 down, 0 ldp, 1 bgp, 0 static
VSI Name: sccn_zg_l2_office Signaling: bgp
SiteID RD PeerAddr InLabel OutLabel LinkID VCState
2 65502:1000 1.1.1.1 36866 36895 1 up
Total 1 connection(s),
connection(s): 1 up, 0 block, 0 down, 0 ldp, 1 bgp, 0 static
VSI Name: sccn_zg_l2_office Signaling: bgp
SiteID RD PeerAddr InLabel OutLabel LinkID VCState
1 65502:1000 3.3.3.3 36895 36866 1 up
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作