Está en la página 1de 7

PD

PD

F-

XC

h a n g e Vi e

F-

XC

h a n g e Vi e

er

er

O W

bu

to

lic

.d o

c u -tr a c k

.c

Tm hiu cch cu hnh MPLS VPN v cc bi Lab

Mc lc

lic

to

bu

N
w

O W
.d o
c u -tr a c k

.c

Outline: Lab guide MPLS bao gm nhng bi lab sau:


* Lab 2-1: Thit lp mi trng nh tuyn IGP ca Service Provider * Lab 3-1: Thit lp mi trng mng li (core) MPLS * Lab 5-1: Cu hnh MPLS VPN * Lab 5-2: nh tuyn EIGRP gia router PE v router CE * Lab 5-3: nh tuyn OSPF gia router PE v router CE * Lab 5-4: nh tuyn BGP gia router PE v router CE * Lab 6-1: VPNs overlapping * Lab 6-2: Hp nht cc Service Provider * Lab 6-3: Cc dch v VPN chung * Lab 7-1: Tch cc Interface cho kt ni Internet * Lab 7-2: Nhiu Site truy cp Internet * Lab 7-3: Kt ni Internet trong mt MPLS VPN

Created by: Dng Vn Ton CCNP, CCSP, MCSE, LPI level 1.

http://www.vnexperts.net

w
w

w
w

PD

PD

F-

XC

h a n g e Vi e

F-

XC

h a n g e Vi e

er

er

O W

bu

to

lic

.d o

c u -tr a c k

.c

I. Lab 2-1: Thit lp mi trng nh tuyn IGP ca Service Provider. 1. Phm vi hot ng ca i tng:

lic

to

bu

N
w

O W
.d o
c u -tr a c k

.c

- Trong phm vi hot ng ca bi lab ny, bn s dng nhng nhim v v nhng cu lnh cn thit trin khai IGP Service Provider v mi trng nh tuyn. Sau khi hon thnh bi lab ny, bn s c kh nng thc hin c nhng cng vic sau: - Kim tra s a ch IP, Data-link connection Identifier (DLCI), v trng thi ca cc Interface ca Service Provider. - Enable IGP Service Provider v cu hnh ng a ch IP. 2. Quy c tn router: - P (Provider): Px1 v Px2 l cc router Core thuc mng ca nh cung cp dch v. - PE (Provider Edge): PEx1 v PEx2 l cc router bin kt ni t nh cung cp dch v n mng ca khch hng. - CE (Customer Edge): CEx1A v CEx2A, v CEx1B v CEx2B l cc router ca khch hng. 3. S a ch IP ca MPLS Lab:

- a ch IP ca cc router c thc thi bng cch s dng bng a ch IP di. Ch x chnh l ch s ca mi mt pod. - Bng chi tit a ch IP ca cc Router: Parameter CEx1A (S0/0.101) Cex1A (loopback0) Value 150.x.x1.17/28 10.1.x1.49/32 http://www.vnexperts.net

Created by: Dng Vn Ton CCNP, CCSP, MCSE, LPI level 1.

w
w

w
w

PD

PD

F-

XC

h a n g e Vi e

F-

XC

h a n g e Vi e

er

er

O W

bu

to

lic

.d o

c u -tr a c k

.c

Cex1A (E0/0) Cex2A (S0/0.101) Cex2A (loopback0) Cex2A (E0/0) Cex1B (S0/0.102) Cex1B (loopback0) Cex1B (E0/0) Cex2B (S0/0.102) Cex2b (loopback0) Cex2B (E0/0)

10.1.x1.17/28 150.x.x2.17/28 10.1.x2.49/32 10.1.x2.17/28 150.x.x1.33/28 10.2.x1.49/32 10.2.x1.17/28 150.x.x2.33/28 10.2.x2.49/32 10.2.x2.17/28

lic

to

bu

N
w

O W
.d o
c u -tr a c k

.c

Pex1 (S0/0.101) Pex1 (S0/0.102) Pex1 (loopback0) Pex1 (S0/0.111) Pex2 (S0/0.101) Pex2 (S0/0.102) Pex2 (loopback0) Pex2 (S0/0.111) Px1 (S0/0.111) Px1 (S0/0.112) Px2 (S0/0.111) Px2 (S0/0.112) 4. Ti liu cn thit:

150.x.x1.18/28 150.x.x1.34/28 192.168.x.17/32 192.168.x.49/28 150.x.x2.18/28 150.x.x2.34/28 192.168.x.33/32 192.168.x.65/28 192.168.x.50/28 192.168.x.113/28 192.168.x.66/28 192.168.x.114/28

- Ti liu cn thit hon thnh bi lab ny l: Cisco IOS documentation 5. Danh sch cu lnh: - Bng ny s m t nhng cu lnh c s dng trong bi lab ny: Command Network mask] No network network-number network-number [networkM t nh ngha mt danh sch ca nhng mng cho tin trnh x l ca EIGRP routing, s dng cu lnh network cho vic cu hnh router. http://www.vnexperts.net

Created by: Dng Vn Ton CCNP, CCSP, MCSE, LPI level 1.

w
w

w
w

PD

PD

F-

XC

h a n g e Vi e

F-

XC

h a n g e Vi e

er

er

O W

bu

to

lic

.d o

c u -tr a c k

.c

[network-mask] Router eigrp as-number No router eigrp as-number

xa b mt mng no , dng t kha no trc cu lnh network. cu hnh giao thc nh tuyn EIGRP, s dng cu lnh router eigrp ch global

lic

to

bu

N
w

O W
.d o
c u -tr a c k

.c

configuration. shutdown EIGRP hot ng trn router, s dng t kha no trc cu lnh ny. Interface serial [slot/port] . nh ngha mt subinterface logical Pointto-Point cho mt interface vt l. Enable giao thc Frame Relay trong ch cu hnh interface. Frame-relay interface-dlci dlci Show frame-relay pvc Show interface serial [slot/port] Ch ra gi tr DLCI s lin kt vi kt ni pointto-point ca n. hin th cc thng tin v trng thi v cc PVC ca cc Interface cu hnh Frame Relay hin th thng tin v mt serial interface, s dng cu lnh show interfaces serial ch Privileged EXEC. Nu s dng Frame Relay Encapsution, th khi dng cu lnh show interface serial ch EXEC s hin th nhng thng tin v multicast DLCI, nhng DLCI s dng trn interface, v DLCI c s dng cho Local Management Interface (LMI). Show ip protocols hin th cc tham s v trng thi hin ti ca giao thc nh tuyn cu hnh trn router. Show ip route hin th trng thi hin ti ca bng nh tuyn. 5. Task 1: Cu hnh cc a ch IP ca cc interface Service Provider. - Nhim v ca bn l cu hnh a ch Layer 2 v Layer 3, m bo rng cu hnh ng cc interface cn thit. a. Cc bc cn lm: - Hon thnh nhng bc sau s l cng vic chun b cho s kt ni MPLS logical v s a ch IP. Workgroup 1 v 2 ca mi mt pod s cu hnh cc router nm trong nhng group ny: - Step 1: Cu hnh a ch IP v gi tr DLCI tng ng cho mi mt Interface trn router ca Service Provider P, subinterface, v loopback. - Step 2: Cu hnh a ch IP v gi tr DLCI tng ng cho mi mt Interface trn router PE, subinterface v loopback. Created by: Dng Vn Ton CCNP, CCSP, MCSE, LPI level 1. http://www.vnexperts.net subinterface point-to-point Encapsulation frame-relay

w
w

w
w

PD

PD

F-

XC

h a n g e Vi e

F-

XC

h a n g e Vi e

er

er

O W

bu

to

lic

.d o

c u -tr a c k

.c

- Step 3: Cu hnh a ch IP v gi tr DLCI tng ng cho mi mt Interface trn router w . d o c u


C

lic

to

bu

N
o
-tr a c

O W
k.

CE, subinterface v loopback - Step 4: Thc hin nhng th tc kim tra. b. Kim tra. Bn s hon thnh cng vic ny khi bn thu c nhng kt qu sau: - Ping n cc a ch IP ca cc router kim tra s hot ng ca mi mt link - Ping a ch IP ca interface loopback ca mt router remote. 6. Task 2: Cu hnh Service Provider IGP. - Cng vic tip theo bn s phi thit lp mi trng nh tuyn IGP ca Service Provider. Cng vic ny s bao gm vic enable giao thc nh tuyn EIGRP trn router . 6.a: Cc bc cn hon thnh: Hon thnh nhng bc sau cho workgroup 1 v 2 cho mi pod: - Step 1: Trn mi router CE, enable giao thc nh tuyn Rip version 2 (RIPv2). Disable tnh nng auto-summary ca giao thc nh tuyn ny i. - Step 2: Trn mi router P v PE, enable giao thc nh tuyn EIGRP, s dng AS number = 1, v chc chn rng cc mng ca Service provider c cu hnh v c qung b bi giao thc nh tuyn EIGRP. Disable tnh nng auto-summary ca giao thc nh tuyn ny. - Step 3: Chc chn rng cc workgroup khc cng hon thnh nhng cng vic nh trn. - Step 4: Tin hnh kim tra. 6.b: Kim tra: Bn s hon thnh cng vic kim tra khi bn thu c nhng kt qu sau: - Trn mi router P v PE, bn s kim tra giao thc EIGRP hot ng cha - Trn mi router P v PE, bn s kim tra EIGRP c enable trn tt c cc interface serial ca router cha. - Trn mi P v PE rouer, bn kim tra interface loopback ca tt c cc router P v PE c hin th trong bng nh tuyn. - Trn mi router P v PE, bn kim tra mng 192.168.x.0 ca tt c cc router P v PE c hin th trong bng nh tuyn cha. - Trn mi router PE, bn kim tra mng 150.x.0.0 ca tt c cc router P v PE c hin th trong bng nh tuyn cha. II. Lab 2-1 Answer Key: Thit lp mi trng nh tuyn IGP ca Service Provider 1. Task 2: Cu hnh Service Provider IGP - Cu hnh nhng bc sau trn router Pex1: Pex1(config)# router eigrp 1 Created by: Dng Vn Ton CCNP, CCSP, MCSE, LPI level 1. http://www.vnexperts.net

o
c

w
w

PD

PD

F-

XC

h a n g e Vi e

F-

XC

h a n g e Vi e

er

er

O W

bu

to

lic

.d o

c u -tr a c k

.c

Pex1(config-router)# network 150.x.0.0 (ty chn) Pex1(config-router)# network 192.168.x.0 Pex1(config-router)# no auto-summary - Cu hnh nhng bc sau trn router Pex2: Pex2(config)# router eigrp 1 Pex2(config-router)# network 150.x.0.0 (ty chn) Pex2(config-router)# network 192.168.x.0 Pex2(config-router)# no auto-summary - Cu hnh nhng bc sau trn router Px1 : Px1(config)# router eigrp 1 Px1(config-router)# network 192.168.x.0 Px1(config-router)# no auto-summary - Cu hnh nhng bc sau trn router Px2: Px2(config)# router eigrp 1 Px2(config-router)# network 192.168.x.0 Px2(config-router)# no auto-summary - Cu hnh nhng bc sau trn tt c cc router CE: Cex**(config)# router rip Cex**(config-router)# network 10.0.0.0 Cex**(config-router)# network 150.x.0.0 (ty chn) Cex**(config-router)# no auto-summary III. Thit lp mi trng mng li MPLS 1. Phm vi hot ng ca bi lab:

lic

to

bu

N
w

O W
.d o
c u -tr a c k

.c

Trong bi lab ny, bn s s dng cc nhim v v cc cu lnh cn thit trin khai MPLS trn cc sn phm Cisco IOS. Sau khi hon thnh bi lab ny, bn s c th lm c nhng ni dung sau: - Enable LDP trn cc router PE v P - Disable s qung b ca MPLS TTL - Cu hnh cc iu kin qung b nhn (label) 2. S vt l ca bi lab - Khi trin khai bi lab cc bn c th dng s lab ca hnh di y.

Created by: Dng Vn Ton CCNP, CCSP, MCSE, LPI level 1.

http://www.vnexperts.net

w
w

w
w

PD

PD

F-

XC

h a n g e Vi e

F-

XC

h a n g e Vi e

er

er

O W

bu

to

lic

lic

to

bu

N
.c

O W
w
.d o
c u -tr a c k

.d o

c u -tr a c k

.c

3. Ti liu cn thit: - hon thnh bi lab ny cc bn cn tham kho: Cisco IOS documentation. 4. Danh sch nhng cu lnh cn thit ca bi lab ny MPLS command Cu lnh Access-list access-list-number { wildpermit | deny } { type-code mask | address mask } No Access-list access-list-number { permit | deny } { type-code mask | address mask } Ip cef enable CEF trn RP card, s dng cu lnh ip cef ch global configuration. disable CEF, s dng t kha no trc cu lnh ny. Mpls ip No mpls ip Mpls ip propagate-ttl No mpls ip propagate-ttl [ forwarded | local ] iu khin trng TTL trong header MPLS khi nhn ln u tin c gn vo mt gi tin IP, s dng cu lnh mpls ip propagate-ttl ch global configuration. s dng c nh gi tr TTL = 255 cho nhn u tin ca gi tin IP, th dng t kha no trc cu lnh ny. Mpls label protocol {ldp | tdp | ch ra giao thc phn phi nhn c s http://www.vnexperts.net enable MPLS chuyn tip cc gi tin Ipv4. wildM t cu hnh danh sch nhng iu kin cho mc ch lc cc gi tin, khi m cc gi tin tng ng vi mt iu kin no . xa b access-list to, dng t kha no trc cu lnh.

Created by: Dng Vn Ton CCNP, CCSP, MCSE, LPI level 1.

w
w

w
w