Description of the existing two vpnA.vpnB to achieve the same through exports out of the Internet, including an export vpnC connected with the Internet, the introduction of acquiescence in vpnC routing, and then vpnA vpnC, vpnB with vpnC mutual introduction, and vpnB vpnA there is a default route out of the Internet. Question :
1. VpnC vpnA have acquiescence to the routing, and also to vpnA vpnC Lane, vpnB routing and routing at vpnC vpnB acquiescence is the same, why not visit vpnB??? vpnA
2. 2 VPN to export up to the Internet but the same can not visit each other whether there are other ways?
1) If you Lam Lam A Lam B, C, there are so routing can be with the A and B 2) mpls VPN routing out the use of the Internet can also be achieved leak
Vrf out using global addressable can do (that is, the above-mentioned "Routing leakage") The Internet can also export ce Department. Pe interconnection with the adapter on the giant ip adapter vpnA vrf forwarding and VPN B. Routing acquiescence issued to the A and B were vrf.
1. Now the situation is nowhere! RD is not doing strange? ? ? 2. Routing can point to the leaking of information ah? Thank you!
The only marking is used vrf RD. Should not be a problem. You see the problem is not your rt To finaljustice Rt should be no problem ah, I was mutual primers A and C, B and C each other primers, and the two sides have each other's respective routing.
Can you explain in detail the methodology behind! ! Or give examples. .
Http://www.cisco.com/en/US/tech/tk436/tk428/technologies_configuration_example09186a00801445fb.shtml To finaljustice Thank you for the information, but this method does not seem to conform to the requirements of the program will be put routing divulging private VPN network routing leaked to the Internet, I face, if I have a lot of VPN functions then I realized that a great many will be online routing ah, And VPNA and VPNB ah still will not have the same address.
Zaiding there is a question about the roof.
Your first question, you mpls Lane ttl ip with the ttl alluding to the open (not remember what order). Lane trace what the VPN. See where the problem is. Question 2, if your VPN is a and b VPN addresses the overlap. Then in obtaining a. If not overlap, or on your Internet exports ce pe? ? ?
Question 1 : VPNB following is the allocation and sharing of VPNA time, but if it were route-target VPNA VPNB the route-target import and import 100:31 100:32 not delete links, what is the reason? ? ? Ip vrf vpnA
Description VPNA
Rd 100:31
Route-target export 100:31
Route-target import 100:31
Route-target import 100:33
Interface FastEthernet2/0.31
Description connect vpnA
Encapsulation dot1Q 31
Ip vrf forwarding vpnA
255.255.255.0 ip address 31.31.31.31
Mls qos trust dscp
Router bgp 100
Address-family ipv4 vrf vpnA
Redistribute connected
No auto-summary
No MSG
Exit-address-family
Ip vrf vpnB
Description VPNB
Rd 100:32
Route-target export 100:32
Route-target import 100:32
Route-target import 100:33
Interface FastEthernet2/0.32
Description connect vpnB
Encapsulation dot1Q 32
Ip vrf forwarding vpnB
255.255.255.0 ip address 32.32.32.32
Mls qos trust dscp
Router bgp 100
Address-family ipv4 vrf vpnB
Redistribute connected
No auto-summary
No MSG
Exit-address-family
Ip vrf vpnC
Description VPNC
Rd 100:33
Route-target export 100:33
Route-target import 100:33
Route-target import 100:31
Route-target import 100:31
Interface FastEthernet2/0.33
Description connect vpnC
Encapsulation dot1Q 33
Ip vrf forwarding vpnC
255.255.255.0 ip address 33.33.33.33
Mls qos trust dscp
Router bgp 100
Address-family ipv4 vrf vpnC
Redistribute connected
No auto-summary
No MSG
Exit-address-family
Question 2, I think that would address not overlap onto vpnC routing acquiescence, and then the primers vpnC vpnB vpnA and good, I will not go to the Internet to route customers.
"If China route-target VPNA VPNB the route-target import and import 100:31 100:32 not delete links, what is the reason for 呢???" Because you have a VPN Lane interval export is 100:31, you must vrf into their routing. VPN is the same b
Furthermore, the allocation of bgp Lane neighbor?? how your pe allocation incomplete without bars.
Very sorry, I wrote the code above is a links can be done before me, I wonder why? I may be wrong. Now it changed again and found that really still is, as I started to the effect that, look at the following codes.
I understand it this way, you master that I am wrong.
I vpnA Ping Module 32.32.32.32, acquiescence vpnC routing packets to be transmitted, in a 31.31.31.31 vpnC routing, packet to be transmitted vpnB, with the tacit consent of the same route back to vpnC vpnB then vpnA completed.
However, this is not true! : (
Ip vrf vpnA
Description VPNA
Rd 100:31
Route-target export 100:31
Route-target import 100:33
Route-target import 100:31
!
Ip vrf vpnB
Description VPNB
Rd 100:32
Route-target export 100:32
Route-target import 100:33
Route-target import 100:32
!
Ip vrf vpnC
Description VPNC
Rd 100:33
Route-target export 100:33
Route-target import 100:33
Route-target import 100:31
Route-target import 100:32
Interface FastEthernet0/0.31
Description connect vpnA
Encapsulation dot1Q 31
Ip vrf forwarding vpnA
255.255.255.0 ip address 31.31.31.31
!
Interface FastEthernet0/0.32
Description connect vpnB
Encapsulation dot1Q 32
Ip vrf forwarding vpnB
255.255.255.0 ip address 32.32.32.32
!
Interface FastEthernet2/0.33
Description connect vpnC
Encapsulation dot1Q 33
Ip vrf forwarding vpnC
255.255.255.0 ip address 33.33.33.33
Address-family ipv4 vrf vpnC
Redistribute static
Redistribute connected
Default-information origin
No auto-summary
No MSG
Exit-address-family
!
Address-family ipv4 vrf vpnB
Redistribute connected
No auto-summary
No MSG
Exit-address-family
!
Address-family ipv4 vrf vpnA
Redistribute connected
No auto-summary
No MSG
Exit-address-family
3640#sh ip route vrf vpnA
Gateway of last resort is to network 33.33.33.34 0.0.0.0
33.0.0.0/24 is subnetted, 1 subnets
B 33.33.33.0 is directly connected, 00:19:06, FastEthernet2/0.33
31.0.0.0/24 is subnetted, 1 subnets
C 31.31.31.0 is directly connected, FastEthernet2/0.31
French 0.0.0.0/0 is directly connected, 00:00:05
3640#sh ip route vrf vpnB
Gateway of last resort is to network 33.33.33.34 0.0.0.0
32.0.0.0/24 is subnetted, 1 subnets
C 32.32.32.0 is directly connected, FastEthernet2/0.32
33.0.0.0/24 is subnetted, 1 subnets
B 33.33.33.0 is directly connected, 00:19:25, FastEthernet2/0.33
French 0.0.0.0/0 is directly connected, 00:00:24
3640#sh ip route vrf vpnC
Gateway of last resort is to network 33.33.33.34 0.0.0.0
32.0.0.0/24 is subnetted, 1 subnets
B 32.32.32.0 is directly connected, 01:46:39, FastEthernet2/0.32
33.0.0.0/24 is subnetted, 1 subnets
C 33.33.33.0 is directly connected, FastEthernet2/0.33
31.0.0.0/24 is subnetted, 1 subnets
B 31.31.31.0 is directly connected, 01:49:24, FastEthernet2/0.31
33.33.33.34 [1/0] via S * 0.0.0.0/0
3640#ping vrf vpnA 31.31.31.31
Type escape sequence injured on.
Sending 5, 100-byte ICMP Echos to 31.31.31.31, timeout is 2 seconds :
!!!!!
Success rate is 100 BNHI (5/5) round-trip min/avg/max ms = 1/2/4
3640#ping vrf vpnA 32.32.32.32
Type escape sequence injured on.
Sending 5, 100-byte ICMP Echos to 32.32.32.32, timeout is 2 seconds :
.....
Success rate is 0 BNHI (neoplasms revealed high levels)
3640#ping vrf vpnA 33.33.33.33
Type escape sequence injured on.
Sending 5, 100-byte ICMP Echos to 33.33.33.33, timeout is 2 seconds :
!!!!!
Success rate is 100 BNHI (5/5) round-trip min/avg/max ms = 1/2/4
Come on you made a complete configuration. French 0.0.0.0/0 is directly connected, 00:00:05
Do not understand this. Routing out this how? You can only direct the release of the company, this 0.0.0.0? ? ?
In addition, or what do you trace /
I now do all three VPN in the same PE French 0.0.0.0/0 is directly connected, 00:00:05 routing is from the introduction to the VPNC ah. VPNA because there route-target import 100:33.
I have introduced a static routing VPNC ip route 0.0.0.0 0.0.0.0 33.33.33.34 vrf vpnC
*** Tracert I am always there, we do not see any Eastern. . .
Halo, you Lam chaos ah well, RD mistake again, although small, but will cost extra memory and cpu First, what is your logical topology? Hub? Or a fully connected?
Redesign
Route-target export X
Route-target import Y
Guangzhou is where the brothers? I was in Guangzhou, it seems only right business operators provided mpls VPN
And brother to 1000 Why is it that my good Lam chaos ah? RD wrong? ?
Now I just try in the Eastern, haha. Members also discussed! ! !
I have here is a star topology, the nodes do Routing reflectors.
You modified, you can clearly see that the routing is how matter. Mpls ip propagate-ttl about you. Trace try.
I have tried that order, but still not tracert. . Should focus on : Route-target export/import
Mpls VPN to connect to the Internet through proxy server is the best option. For example, a company mplsvpn linking all branches to be done on an agency Corporation (Senat can). Do not want to visit various branches can be used to control interval. To teru I route-target export/import following ah
Now I want to know is this understanding that in the wrong
"I understand it this way, you master that I am wrong.
I vpnA Ping Module 32.32.32.32, acquiescence vpnC routing packets to be transmitted, in a 31.31.31.31 vpnC routing, packet to be transmitted vpnB, with the tacit consent of the same route back to vpnC vpnB then vpnA completed.
However, this is not true! "
Ip vrf vpnA
Description VPNA
Rd 100:31
Route-target export 100:31
Route-target import 100:33
Route-target import 100:31
!
Ip vrf vpnB
Description VPNB
Rd 100:32
Route-target export 100:32
Route-target import 100:33
Route-target import 100:32
!
Ip vrf vpnC
Description VPNC
Rd 100:33
Route-target export 100:33
Route-target import 100:33
Route-target import 100:31
Route-target import 100:32
[ Closed window ]