Está en la página 1de 12

Bo co thc tp -

MPLS-VPN

Xun Thi

MPLS - VPN
1.1 Tng quan v VPN VPN l cng ngh cho php kt ni cc thnh phn ca mt mng ring (private network) thng qua h tng mng cng cng (Internet). VPN hot ng da trn k thut tunneling: gi tin trc khi c chuyn i trn VPN s c m ha v c t bn trong mt gi tin c th chuyn i c trn mng cng cng. Gi tin c truyn i n u bn kia ca kt ni VPN. Ti im n bn kia ca kt ni VPN, gi tin b m ha s c ly ra t trong gi tin ca mng cng cng v c gii m. 1.1.1 M hnh Overlay

Hnh 3.1: M hnh overlay VPN Khi Frame relay v ATM cung cp cho khch hng cc mng ring, nh cung cp khng th tham gia vo vic nh tuyn khch hng. Cc nh cung cp dch v ch vn chuyn d liu qua cc kt ni o. Nh vy, nh cung cp ch cung cp cho khch hng kt ni o ti lp 2. l m hnh Overlay. Nu mch o l c nh, sn sng cho khch hng s dng mi lc th c gi l mch o c nh PVC. Nu mch o c thit lp theo yu cu (on-demand) th c gi l mch o chuyn i SVC. Hn ch chnh ca m hnh Overlay l cc mch o ca cc site khch hng kt ni dng full mesh. Nu c N site khch hng th tng s lng mch o cn thit N(N-1)/2. Overlay VPN c thc thi bi SP cung cp cc kt ni layer 1 (physical) hay mch chuyn vn lp 2 (Data link dng d liu frame hoc cell) gia cc site khch hng bng cch s dng cc thit b Frame relay hay ATM Switch. Do , SP khng th nhn bit c vic nh tuyn khch hng.

Trang 1

Bo co thc tp -

MPLS-VPN

Xun Thi

Overlay VPN cn thc thi cc dch v qua layer 3 vi cc giao thc to ng hm nh GRE, IPSec Tuy nhin, d trong trng hp no th mng ca nh cung cp vn trong sut vi khch hng, v cc giao thc nh tuyn chy trc tip gia cc router ca khch hng. 1.1.2 M hnh peer-to-peer

Hnh 3.2: M hnh peer-to-peer VPN M hnh peer-to-peer khc phc nhng nhc im ca m hnh Overlay v cung cp cho khch hng c ch vn chuyn ti u qua SP backbone, v nh cung cp dch v bit m hnh mng khch hng v do c th thit lp nh tuyn ti u cho cc nh tuyn ca h. Nh cung cp dch v tham gia vo vic nh tuyn ca khch hng. Thng tin nh tuyn ca khch hng c qung b qua mng ca nh cung cp dch v. Mng ca nh cung cp dch v xc nh ng i ti u t mt site khch hng n mt site khc. Vic pht hin cc thng tin nh tuyn ring ca khch hng bng cch thc hin lc gi (packet) ti cc router kt ni vi mng khch hng. Peer-to-peer VPN chia lm 2 loi:

Shared-router Router dng chung, tc l khch hng VPN chia s cng router bin mng nh cung cp PE. phng php ny, nhiu khch hng c th kt ni n cng router PE. Trn router PE phi cu hnh access-list cho mi interface PE-CE m bo chc chn s cch ly gia cc khch hng VPN, ngn chn VPN ca khch hng ny thc hin cc tn cng t chi

Trang 2

Bo co thc tp -

MPLS-VPN

Xun Thi

dch v DoS vo VPN ca khch hng khc. Nh cung cp dch v chia mi phn trong khng gian a ch ca n cho khch hng v qun l vic lc gi tin trn Router PE.

Dedicated-router L phng php m khch hng VPN c router PE dnh ring. Trong phng php ny, mi khch hng VPN phi c router PE dnh ring v do ch truy cp n cc nh tuyn trong bng nh tuyn ca router PE . M hnh Dedicated-router s dng cc giao thc nh tuyn to ra bng nh tuyn trn mt VPN trn Router PE. Bng nh tuyn ch c cc nh tuyn c qung b bi khch hng VPN kt ni n chng, kt qu l to ra s cch ly gia cc VPN.

1.2 M hnh nh tuyn MPLS-VPN 1.2.1 Bng nh tuyn v chuyn tip o-VRF (Virtual Routing and Forwarding table) Khch hng c phn bit trn router PE bng cc bng nh tuyn o (virtual routing tables) hoc cc instance, cn c gi l VRF (virtual routing and forwarding tables/instances). Chc nng ca VRF ging nh mt bn nh tuyn ton cc, ngoi tr vic n cha mi tuyn lin quan n mt VPN c th. VRF cha mt bng nh tuyn IP tng ng vi bng nh tuyn IP ton cc, mt bng CEF, lit k cc cng giao tip tham gia vo VRF, v mt tp hp cc nguyn tc xc nh giao thc nh tuyn trao i vi cc router CE (routing protocol contexts). VRF cn cha cc nh danh VPN (VPN identifier) nh thng tin thnh vin VPN (RD v RT).

Hnh 3.4: Bng VRF 1.2.2 Route Distinguisher, Route Targets, MP-BGP, v Address Families

Route Distinguisher

Trong m hnh nh tuyn MPLS VPN, router PE to ra s c lp gia cc khch hng cch s dng cc bng nh tuyn v chuyn tip o VRF. Tuy nhin, cc route ca khch hng trong qu trnh c vn chuyn qua

Trang 3

Bo co thc tp -

MPLS-VPN

Xun Thi

mng backbone c th b chng lp (overlapping) vi nhau khi cc khch hng s dng cng khng gian a ch. RD gip to nn s duy nht gia cc route VPN v trnh vic overlapping address xy ra. Mt prefix 64 bits c gi l Route Distinguisher c s dng trong MPLS VPN bin i a ch IPv4 32 bits l khng duy nht thnh mt a ch 96 bits l a ch mang tnh duy nht cho mi VRF. a ch 96 bits ny s c truyn gia cc router PE v c gi l a ch VPNv4. Mc ch ca RD l to ra s duy nht cho cc route IPv4. Hnh v bn di m t a ch VPNv4.

Hnh 3.5: a ch VPNv4

Route Target

Route targets (RT) l nhng nh danh dng trong min MPLS VPN khi trin khai MPLS VPN nhm xc nh thnh vin VPN ca cc tuyn c hc t cc site c th. RT c thc thi bi cc BGP community m rng s dng 16 bit cao ca BGP extended community (64 bit) m ha vi mt gi tr tng ng vi thnh vin VPN ca site c th. Khi mt tuyn VPN hc t mt CE chn vo VPNv4 BGP, mt danh sch cc thuc tnh community m rng cho VPN router target c kt hp vi n.

RT c km theo nh tuyn c gi l export RT v c cu hnh ring bit cho mi VRF ti router PE. Export RT dng xc nh thnh vin VPN v c kt hp vi mi VRF. Export RT c ni thm vo a ch khch hng khi chuyn thnh a ch VPNv4 bi PE v qung b trong cc cp nht MP-BGP. Import RT kt hp vi mi VRF v xc nh cc tuyn VPNv4 c thm vo VRF cho khch hng c th. nh dng ca RT ging nh gi tr RD.

Khi thc thi cc cu trc mng VPN phc tp (nh: extranet VPN, Internet access VPNs, network management VPN,) s dng cng ngh MPLS VPN th RT gi vai tr nng ct. Mt a ch mng c th c kt hp vi mt hoc nhiu export RT khi qung b qua mng MPLS VPN. Nh vy, RT c th kt hp vi nhiu site thnh vin ca nhiu VPN. Multiprotocol BGP (MP-BGP)

MP-BGP chy gia cc router bin nh cung cp trao i thng tin cc tuyn VPNv4. MP-BGP l m rng ca giao thc BGP hin ti. a ch VPNv4 khch hng l mt a ch 12 byte, kt hp ca a ch IPv4 v RD. 8 byte u l RD; 4 byte tip theo l a ch IPv4. Mt phin lm vic MP-BGP gia cc PE trong mt BGP AS c gi l MP-iBGP session v km theo cc nguyn tc thc thi ca iBGP lin quan n thuc tnh ca BGP (BGP attributes). Nu VPN m rng ra khi phm vi mt AS, cc VPNv4 s trao i gia cc AS ti bin bng MP-eBGP session.
Trang 4

Bo co thc tp

MPLS-VPN

Xun Thi

Address familys

H a ch (Address family) l mt khi nim quan trng trong hot ng ca MP-BGP cho php chuyn vn cc tuyn VPNv4 vi cc thuc tnh community m rng. Theo RFC 2283 Multiprotocol Extensions for BGP-4, BGPv4 ch c kh nng mang thng tin nh tuyn thuc vo IPv4. BGP-4 c th mang thng tin ca nhiu giao thc lp mng. BGP-4 h tr nh tuyn cho nhiu giao thc lp mng, BGP-4 phi ng k (account) mt giao thc lp mng c th lin quan mt trm k (next hop) nh NLRI (network layer reachability information). Router P cn chy mt IGP (OSPF hoc IS-IS) khi MPLS cho php chuyn tip cc gi c gn nhn (mt phng d liu data plane) gia cc PE. IGP qung b cc NLRI n cc P v PE thc thi mt MP-iBGP session gia cc PE (mt phng iu khin control plane). LDP chy trn cc router P gn v phn phi nhn. 1.2.3 Hot ng ca mt phng iu khin MPLS VPN Mt phng iu khin trong MPLS VPN cha mi thng tin nh tuyn lp 3 v cc tin trnh trao i thng tin ca cc IP prefix c gn v phn phi nhn bng LDP.

Hnh 3.7: Mt phng iu khin MPLS VPN Cc bc hot ng ca mt phng iu khin MPLS VPN: Mi router PE qung co a ch loopback ca n: PE1 qung co 1.1.1.1/32 v PE2 qung co 2.2.2.2/32. LDP dng phn phi thng tin gn nhn gia cc router chy MPLS. Trn mi router PE, LFIB cha mt nhn gn vi a ch loopback ca router PE khc. Khi PE1 chuyn tip gi t 2.2.2.2 trn PE2, n s gn thm nhn 20 cho gi v khi PE2 chuyn tip mt gi t 1.1.1.1, n s t nhn 10 cho gi. nh tuyn v chuyn tip VPN c to trn PE1 v PE2, gi l VPNA. PE1 dng giao tip S0/0 trong VPN ny v PE2 dng giao tip S0/1. OSPF chy gia cc PE1v CE1; PE2 v CE2. Khi PE1 nhn tuyn ng ti mng 10.1.1.0 t CE1, router t n trong bng nh tuyn ca VPNA. Lc ny, n gn nhn (5) cho prefix. Khi PE2 nhn tuyn ng ti mng 10.1.2.0 t CE2, n t vo bng nh tuyn ca VPNA. Lc ny nhn (6) c gn cho prefix. PE1 sau gi cp nht MP-iBGP a giao thc ti PE2 qung co mng 10.1.1.0. Cp nht cng cha nhn (5) m PE1 gn cho prefix 10.1.1.0, v PE2 gn thm vo bt k gi no ti mng 10.1.1.0 trc khi n chuyn tip gi. Khi PE1 qung co tuyn, n t a ch BGP chng k l 1.1.1.1/32, l a ch loopback ca n. PE2 sau gi cp nht iBGP a giao thc cho PE1
Trang 5

Bo co thc tp -

MPLS-VPN

Xun Thi

qung co mng 10.1.2.0. Cp nht cng cha nhn (6), m PE2 gn cho prefix 10.1.2.0 v PE1 phi gn thm vo cc gi ti mng 10.1.2.0 trc khi chuyn tip n. Khi PE2 qung co tuyn ng, n t a ch BGP chng k l 2.2.2.2/32 l a ch loopback ca n. PE1 a prefix 10.1.2.0 vo bng nh tuyn ca VPNA v PE2 a prefix 10.1.1.0 vo bng nh tuyn ca VPNA. 1.3 Nhng giao thc nh tuyn PE-CE. 1.3.1 nh tuyn tnh. nh tuyn tnh l dng nh tuyn n gin nht cu hnh. Tuy nhin, nhng n li t ra km hiu qu khi chng ta cn cu hnh nhiu tuyn tnh (static routes). cung cp cho cc VRF, cc tuyn tnh to ra VRF aware m chng c th c cu hnh trn router PE cho lu lng tuyn trong cc VRF. Tuyn tnh (static route) gn vo VRF cust-one v tuyn c t vo trong bng nh tuyn m c lin kt vi VRF cust-one. m bo l tuyn tnh c hc trn cc router PE nh l mt tuyn VPNv4, chng ta phi phn phi cc tuyn tnh vo BGP di a ch family cho VRF c bit. 1.3.2 RIPv2. RIP (Routing information Protocol) l mt giao thc nh tuyn min trong c s dng cho cc h thng t tr. Giao thc thng tin nh tuyn thuc loi giao thc nh tuyn khong cch vct, giao thc s dng gi tr o lng l s bc nhy (hop count) trong ng i t ngun n ch. Mi bc i trong ng i t ngun n ch c coi nh c gi tr l 1 hop count. Khi mt b nh tuyn nhn c 1 bn tin cp nht nh tuyn cho cc gi tin th n s cng 1 vo gi tr o lng (hop count) ng thi cp nht vo bng nh tuyn. nh tuyn khng theo lp a ch. C gi thng tin v mt n mng con trong thng tin nh tuyn.

RIP ch thch hp vi mng nh, yu cu thp do RIP khng hiu c cc cu hnh netmask, kh nng nhn thc km ( thiu trng a ch ngun, ch c trng a ch ch), khng c phn a ch Multicast. Cc nhc im trn c khc phc vi RIPv2. RIP phin bn 2 (RIPv2) ci tin mt s chi tit k thut ca RIP u tin, nhng n vn b hn ch giao thc nh tuyn. Mt s ci tin nh sau: Bao gm mng cp di vi nhng tin t (prefixes). Bao gm a ch k tip next-hop. Bao gm route tag. Quyn thm nh (ty ). Trong Cisco IOS, RIPv2 c ng dng nh l giao thc nh tuyn PE-CE, nhng RIP phin bn 1 th khng.

1.3.3 OSPF (Open Shortest Path First )


Trang 6

Bo co thc tp -

MPLS-VPN

Xun Thi

OSPF l mt giao thc nh tuyn trn kt ni PE-CE. vn chuyn tuyn khch hng t PE n PE, OSPF c phn phi li thnh iBGP v vice versa trn cc router PE. Bn di ci ny l ci m tt c cc tuyn OSPF tr thnh cc tuyn pha ngoi trn router PE xa khi cc tuyn c phn phi li tr thnh OSPF. Kt qu l tt c cc tuyn OSPF truyn qua mng trc MPLS VPN s thun tin hn so vi cc tuyn khng truyn qua mng trc m c gi qua kt ni intersite (backdoor link) t mt site OSPF n site khc. 1.3.4 EIGRP ( Enhanced IGRP ): EIGRP router lu tr cc thng tin v ng i v cu trc mng trn RAM, nh chng p ng nhanh chng theo s thay i. Ging nh OSPF, EIGRP cng lu nhng thng tin ny thnh tng bng v tng c s d liu khc nhau. EIGRP lu cc con ng m n hc c theo mt cch c bit. Mi con ng c trng thi ring v c nh du cung cp thm nhiu thng tin hu dng khc. EIGRP c ba loi bng sau: Bng lng ging (Neighbor table) Bng cu trc mng ( Topology table). Bng nh tuyn (Routing table).

Trang 7

Bo co thc tp -

MPLS-VPN

Xun Thi

TM TT MPLS - VPN 1. Bng nh tuyn v chuyn tip VPN ( VPN routing forwarding - VRF) S kt hp gia bng nh tuyn VPN v bng chuyn tip VPN to thnh bng nh tuyn chuyn tip VPN (VRF) Mi VPN u c bng nh tuyn v chuyn tip ring ca n trong router PE Mi router PE duy tr mt hoc nhiu bng VRF Mt VRF n gin ch l mt tp hp cc route thch hp cho mt site no (hoc mt tp hp gm nhiu site) kt ni n router PE. Cc route ny c th thuc v hn mt VPN Nu mt site thuc vo nhiu VPN, bng chuyn tip tng ng vi site c th c nhiu route lin quan n tt c VPN m n thuc v PE ch duy tr mt bng VRF trn mt site Cc site khc nhau c th chia s cng bng VRF nu n s dng tp hp cc route mt cch chnh xc ging nh cc route trong bng VRF . Nu tt c cc site c thng tin nh tuyn ging nhau (iu ny thng l cc site cng thuc v tp hp VPN) s c php lin lc trc tip vi nhau v nu kt ni n cng mt router PE s c t vo cng mt bng VRF chung. Bt k router PE no trong mng MPLS/VPN c nhiu bng nh tuyn trn mi VRF v mt bng nh tuyn global, bng nh tuyn ny c s dng tm cc router khc trong mng nh cung cp dch v, cng nh tm cc ch thuc v mng bn ngoi (v d nh Internet).

Cu trc ca bng VRF c th bao gm Bng nh tuyn IP. Bng chuyn tip. Tp hp cc quy tc v cc tham s giao thc nh tuyn (gi l routing protocol context). Danh sch cc interface s dng trong VRF

2. Phn phi route VPN thng qua BGP trao i tt c cc route ca khch hng gia cc router PE vi vic trin khai mt giao thc nh tuyn nh l BGP, mt vn c t ra l: lm th no m BGP c th truyn nhiu prefix xc nh thuc v cc khch hng khc nhau gia cc router PE? BGP, trong format chun ca n, ch c th thc hin c i vi cc route IPv4. Trong MPLS/VPN, mi VPN phi c kh nng s dng cc IP prefix ging nhau MP-BGP khng th lm vic ng nu khch hng s dng cng khng gian a ch. Mt gii php gii quyt vn ny l m rng ip prefix khch hng vi mt prefix duy nht s lm cho a ch ca khch hng tr nn duy nht ngay c khi c s trng lp a ch Vic truyn route ca khch hng dc mng MPLS VPN s c thc hin nh sau: Router CE gi cp nht nh tuyn Ipv4 n Router PE.

Trang 8

Bo co thc tp -

MPLS-VPN

Xun Thi

Router PE sau thm vo Route Distinguisher 64 bit vo cp nht nh tuyn Ipv4 m n nhn , kt qu l to ra a ch VPNv4 96 bit duy nht. a ch VPNv4 ny c truyn i thng qua phin MP-IBGP n cc Router PE khc. Router PE nhn s loi b Route Distinguisher t a ch VPNv4 to thnh a ch Ipv4 nh ban u m CE u xa gi. a ch Ipv4 ny c chuyn tip n router CE khc trong bn cp nht nh tuyn Ipv4

3. Route Distinguisher (RD) Mt prefix 64 bit, c gi l Route Distinguisher, c s dng trong MPLS VPN bin i a ch IP 32 bit (l a ch khng duy nht) thnh a ch 96 bit (l a ch mang tnh duy nht). a ch 96 bit ny s c truyn gia cc router PE v c gi l a ch VPNv4 (hay cn gi l a ch VPN_Ipv4). Route distinguisher bn thn n khng c ngha hay gi tr g c, n khng c mang thng tin v ngun gc ca route hoc v tp hp cc VPN m route c phn phi ti. Mc ch ca RD ch l cho php to ra tnh duy nht cho cc route c a ch Ipv4. RD cng c th c s dng to ra nhiu route khc nhau trong cng mt h thng. Format ca a ch VPNv4

VPNv4 route l NLRI 96 bit (RD + 32 bit Ipv4 NLRI) Mt bng VRF s ch c mt route VPNv4 cho tt c cc a ch prefix 32 bit thuc v VRF . Khi a ch ch ca gi tin tha mn (matched) c route VPNv4 th c ngha l phn prefix 32 bit trong route VPNv4 tha mn a ch ch . Route Distinguisher c to ra cho mi nh cung cp dch v c th qun tr khong gi tr - numbering space ca h, h c th thc hin vic ng k RD m khng mu thun vi vic ng k RD ca nh cung cp dch v khc (ngha l RD ca mi nh cung cp dch v khng trng nhau). Format ca RD bao gm cc trng: trng Type, trng Administrator , v trng Assigned number. Trng Type: 2 byte, xc nh chiu di ca hai trng cn li. Trng Administrator: dng nhn din quyn ca s c ng k (assigned number authority). Trng Assigned number: bao gm s c ng k cho mc ch c th no ca nh cung cp dch v. Ty vo trng Type m RD c format khc nhau, cu trc ca gi tr ny c th l ASN : nn hoc IP-address : nn. Vi ASN l Autonomous System Number c ng k bi Internet Assigned Number Authority (IANA), v nn l s c ng k bi nh cung cp dch v n IANA.
Trang 9

Bo co thc tp -

MPLS-VPN

Xun Thi

S nn l gi tr mang tnh duy nht trn mi VRF, mc d trong mt vi trng hp n c th duy nht trn mi khch hng VPN. Vy VPN c th c RD vi trng Administrator l ASN hay IP-address. Nhng cch s dng ASN c khuyn khch hn v n c ng k bi IANA, to ra c tnh duy nht gia cc nh cung cp dch v. S dng format IP-address : nn ch khi mng MPLS/VPN s dng private AS nhng a ch VPN-Ipv4 c truyn i khng phi b gii hn private AS (v d khi trao i VPN route gia cc nh cung cp dch v khc nhau).

4. Route Target (RT) Mc d Route Distinguisher cho php khch hng VPN s dng cng chung mt khng gian a ch mng ring, nhng n khng gii quyt c vn khi c nhiu khch hng trong cng mt VPN s dng chung khng gian a ch site ca h cng nh khi mt site thuc v nhiu VPN v mi RD ch nh x n mt VPN (nh x mt-mt). Do cn c mt phng php khc dng nhn dng VPN v xc nh mt route no thuc v VPN no. Khi nim Route Target ra i gii quyt vn Chc nng c thc hin bi Route Target tng t nh chc nng c thc hin bi thuc tnh BGP Community. Tuy nhin, format ca thuc tnh BGP Community khng thch hp, v n ch c hai byte dnh cho khong gi tr (numbering space). Do cn phi m rng thuc tnh Community cung cp khong gi tr ln hn. V thuc tnh ny c gi l BGP Community m rng (extended BGP Community). Thuc tnh BGP Community m rng trong cc cp nht nh tuyn c s dng mang Route Target ca cp nht , t s xc nh c cp nht thuc v VPN no. Do , Route Target chnh l thuc tnh c gn vo VPNv4 route. Mi bng VRF s c kt hp vi mt hay nhiu thuc tnh Route Target. Khi route VPNv4 c Router PE to ra, n s c kt hp vi mt hay nhiu thuc tnh Route Target. Bt k route no mang Route Target T s c phn phi n mi router PE c bng chuyn tip VRF c Route Target T. Khi PE nhn c mt route nh vy n c cp nht vo bng VRF m Route Target nhn din (v mi VPN ch c mt bng VRF). MPLS/VPN Route Target c gn n route ca khch hng ti thi im route c router PE chuyn i t route IPv4 thnh route VPNv4 c gi l RT xut (export RT). RT xut c cu hnh ring bit cho mi bng VRF trong router PE v n s nhn din c VPN ca site c bng VRF . Khi route VPNv4 c truyn n router PE khc, cc router cn la chn route nhp vo bng VRF. S la chn ny da vo RT nhp (import RT). Mi bng nh tuyn o trong router PE c th c mt s RT nhp c cu hnh nhn din route n l thuc VPN no, sau s nhp route vo bng nh tuyn o tng ng.

Trang 10

Bo co thc tp -

MPLS-VPN

Xun Thi

Vy lm cch no m router PE c th xc nh thuc tnh Route Target no kt hp vo vi route c cho? C nhiu gii php a ra thc hin iu ny. PE c th c cu hnh lin kt tt c cc route n mt site no vi mt gi tr Route Target. PE c th c cu hnh lin kt mt s route no n site ta quan tm vi mt gi tr Route Target. Hoc Router CE, khi n phn phi cc route ny n router PE (s c phn tch chi tit sau), c th ch ra mt hoc nhiu Route Target cho route . 5. Route origin Route Target xc nh c VRF no, v do xc nh c VPN site no, s nhn c route Mc d Route Target cung cp c ch nhn din VRF nhng n khng cung cp tin ch c th ngn c loop nh tuyn. Loop ny c th xy ra nu route c hc t mt site v li qung b ngc tr li site . ngn chn iu ny, mt khi nim khc c gii thiu trong MPLS/VPN l Route Origin (RO), RO nhn din route xut pht t site no, v t site khng nn nhn route t bt k router PE. Nhng nu mng backbone MPLS/VPN c thit k theo kiu partitioned site (multihomed) th khng cn phi s dng Route Origin, v trong trng hp ny, cc route c hc t mt phn ca site s c qung b n phn khc cng thuc v site nhng trn router PE v tr khc. Route Origin l mt thuc tnh thuc v thuc tnh Community m rng ging nh Route Target. N c s dng ngn chn loop khi thuc tnh AS_Path khng th s dng. 6. Giao thc MP-BGP (Multiprotocol BGP) Thuc tnh Community m rng (Extended Community)

Thuc tnh community m rng l mt community c nh ngha mang code 16 v c m ha thnh gi tr 8 byte. C format ging nh Route Distinguisher. Hai octet u tin nh ngha loi thuc tnh, 6 octet tip theo l gi tr ca thuc tnh. Type mang gi tr t 0 n 0x7FFF c IANA ng k. Type mang gi tr t 0x8000 n 0xFFFF l dnh cho vendor. Route Target community m rng c type code l 0x0002 v 0x0102, Route Origin community m rng c type code l 0x0001 v 0x0101. Cu trc ca trng gi tr nh th no l ph thuc vo gi tr trng type. Nu trng Type mang gi tr l 0x00 th n c cu trc sau: ASN : nn Nu trng Type mang gi tr l 0x01 th n c cu trc l: Ip-add: nn Multiprotocol BGP (MP-BGP)

- MP- BGP l giao thc m rng ca BGP. N c s dng qung b cc route VPN khch hng gia cc router PE, cc route c PE hc c t router CE kt ni trc tip vo n.
Trang 11

Bo co thc tp -

MPLS-VPN

Xun Thi

- MP-BGP ch yu cu trong mng backbone ca nh cung cp dch v. Do , tt c cc phin MP-BGP u l internal, v phin c thit lp gia hai router thuc v cng mt AS. Do ta c th gi giao thc ny l MP-iBGP. - MP-BGP c yu cu trong kin trc MPLS/VPN v cp nht BGP cn mang nhiu thng tin hn bn cnh a ch Ipv4 nh BGP-4. V BGP m rng cung cp nhiu kh nng (capability) thm vo cn thit cho php BGP mang nhiu thng tin hn. Khi phin BGP c thit lp gia hai router BGP, vic trao i bn tin Open khi to cc tham s BGP, cc tham s nh l gi tr AS (AS-number) c s dng bi lng ging. Bn tin ny cng c thm nhiu tham s la chn (xem format ca bn tin Open trong phn Bn tin BGP), mt trong cc tham s la chn l Capabilities. Mt trong cc Capabilities l multiprotocol extensions. Cc multiprotocol extensions ny cung cp cho BGP kh nng mang thm nhiu thng tin khc ngoi a ch Ipv4 trong cc cp nht nh tuyn. - Multiprotocol extensions s dng hai thuc tnh mi l Multiprotocol Reachable NLRI (MPREACH_NLRI) v Multiprotocol Unreachable NLRI (MP_UNREACH_NLRI). MP_REACH_NLRI c s dng mang thng tin v cc ch hp l (reachable) vi thng tin v next-hop s dng chuyn tip gi tin n cc ch . MP_UNREACH_NLRI c s dng mang thng tin v cc ch khng hp l (unreachable).

C hai thuc tnh ni trn l u l thuc tnh optional non-transitive, c ngha l nu router BGP no khng h tr multiprotocol capabilities s b qua thng tin c mang trong cc thuc tnh ny, v s khng chuyn n n router BGP khc.

Trang 12