close
keyboard_arrow_left
Table of Contents
- play_arrow 概述
- play_arrow 了解 MPLS
- play_arrow 支持的标准
-
- play_arrow MPLS 配置
- play_arrow 配置 MPLS
- play_arrow 配置 MPLS 隧道
-
- play_arrow MPLS LSP
- play_arrow 了解 MPLS LSP
- play_arrow 配置 MPLS LSP
-
- play_arrow MPLS 信令协议
- play_arrow MPLS 流量工程
- play_arrow 配置 MPLS 信息流工程
-
- play_arrow MPLS 传输配置文件
- play_arrow MPLS 的操作、管理和维护 (OAM)
- play_arrow MPLS 伪线
- play_arrow MPLS 的服务等级 (CoS)
- play_arrow 广义 MPLS (GMPLS)
-
- play_arrow MPLS VPN 和电路
- play_arrow MPLS 以太网(L2 电路)
- play_arrow CCC、TCC 和 2.5 层交换
-
- play_arrow 面向软件定义网络 (SDN) 的 MPLS
- play_arrow 路径计算元素协议 (PCEP)
-
- play_arrow MPLS 故障排除
- play_arrow MPLS 故障排除
-
- play_arrow 配置语句和操作命令
list Table of Contents
MPLS LSP 的节点和路径保护
date_range
18-Jan-25
MPLS 和流量保护
通常,当 LSP 发生故障时,故障上游的路由器会向入口路由器发出中断信号。入口路由器计算到出口路由器的新路径,建立新的 LSP,然后将流量从故障路径定向到新路径。此重新路由过程可能非常耗时且容易失败。例如,传入路由器的中断信号可能会丢失,或者新路径可能需要很长时间才能启动,从而导致数据包丢失次数显著。Junos OS 提供了几种补充机制来防止 LSP 故障:
备用辅助路径 - 您可以配置主路径和辅助路径。您可以使用语句
standby配置辅助路径。要激活流量保护,只需在入口路由器上配置这些备用路径。如果主路径发生故障,入口路由器会立即将流量从故障路径重新路由到备用路径,这样就无需计算新路由并发出新路径信号。有关配置备用 LSP 的信息,请参阅 为 LSP 配置辅助路径的热备用。快速重新路由 — 您可以在 LSP 上配置快速重新路由,以最大程度地减少 LSP 故障的影响。快速重新路由使故障上游的路由器能够绕过故障快速路由到故障下游的路由器。然后,上游路由器向入口路由器发出中断信号,从而在建立新的 LSP 之前保持连接。有关快速重新路由的详细概述,请参阅 快速重新路由概述。有关配置快速重新路由的信息,请参阅 配置快速重新路由。
链路保护 — 您可以配置链路保护,以帮助确保在此接口发生故障时,从一个路由器遍历特定接口到另一个路由器的流量可以继续到达其目标。为接口配置链路保护并为遍历此接口的 LSP 配置链路保护时,将创建一个旁路 LSP,以便在接口发生故障时处理此流量。旁路 LSP 使用不同的接口和路径到达同一目标。有关配置链路保护的信息,请参阅 在 LSP 使用的接口上配置链路保护。
在 LSP 上配置备用辅助路径以及快速重新路由或链路保护时,将启用完全流量保护。当 LSP 中发生故障时,故障上游的路由器会围绕故障路由流量,并将故障通知入口路由器。这种重新路由使流量保持流动,同时等待入口路由器处理通知。收到故障通知后,入口路由器会立即将流量从修补的主路径重新路由到更理想的备用路径。
快速重新路由和链路保护可提供类似类型的流量保护。这两种功能都提供快速转移服务,并采用类似的设计。RFC 4090“ LSP 隧道的 RSVP-TE 快速重新路由扩展”中介绍了快速重新路由和链路保护。但是,您只需要配置其中一个。尽管您可以同时配置两者,但这样做几乎没有好处(如果有的话)。
节点链路保护概述
节点链路保护(多对一或设施备份)扩展了链路保护的功能,并提供与快速重新路由略有不同的保护。链路保护对于在特定链路发生故障时选择到同一路由器的备用路径很有用,而快速重新路由可以保护 LSP 整个路径上的接口或节点,而节点链路保护可建立绕过 LSP 路径中特定节点的旁路路径。
为 LSP 启用节点链路保护时,还必须在路径中的所有 RSVP 接口上启用链路保护。启用后,将建立以下类型的旁路路径:
下一跳旁路 LSP — 为 LSP 提供到达相邻路由器的备用路由。当您启用节点链路保护或链路保护时,将建立这种类型的旁路路径。
下一跳旁路 LSP — 为 LSP 提供通过相邻路由器到目标路由器的备用路由。这种类型的旁路路径仅在配置节点链路保护时建立。
图 1 说明了本主题中使用的 MPLS 网络拓扑示例。示例网络使用 OSPF 作为内部网关协议 (IGP) 和策略来创建流量。
图 1: 节点链路保护
中的 图 1 MPLS 网络说明了一种纯路由器网络,该网络由 和 、 (lsp2-r1-to-r5) 以及 和 R0R5()lsp1-r6-to-r0 之间的R1R6单向 LSP 组成。两个 LSP 都配置了通过接口 fe-0/1/0的严格路径。
在 中图 1所示的网络中,两种类型的旁路路径都是围绕受保护节点R2).预先建立的( 下一跃点旁路路径通过 来避开接口 fe-0/1/0R7,下一跃点旁路路径通过通过 和 R9 到 R4来完全R7避免R2接口。两条旁路路径由遍历故障链路或节点的所有受保护 LSP 共享(许多 LSP 受一条旁路路径保护)。
节点链路保护(多对一或设施备份)允许节点故障上游的路由器使用备用节点将流量转发到其下游邻居。这是通过预先建立一条旁路路径来实现的,该路径由遍历故障链路的所有受保护 LSP 共享。
发生中断时,紧接中断上游的路由器会将受保护的流量交换机到旁路节点,然后向入口路由器发出故障信号。与快速重新路由一样,节点链路保护提供本地修复,恢复连接的速度快于入口路由器建立备用辅助路径或发出新主 LSP 信号的速度。
节点链路保护适用于以下情况:
需要保护下游链路和节点。
要保护的 LSP 数量很多。
满足旁路路径的路径选择标准(优先级、带宽和链路着色)不太重要。
不需要对单个 LSP 进行粒度控制。
路径保护概述
路径保护的主要优点是控制故障后流量的去向,并与快速重新路由(一对一备份或链路保护)结合使用时将数据包丢失降至最低。路径保护是在标签交换路径 (LSP) 中配置两种类型的路径:正常操作中使用的主路径和主发生故障时使用的辅助路径,如 所示 图 2。
在 中图 2,由八个路由器组成的 MPLS 网络在 和 R5 之间R1有一条主路径,该路径受 和 R5之间的R1辅助路径保护。当检测到故障(例如接口关闭事件)时,系统会向入口路由器发送资源预留协议 (RSVP) 错误消息,该路由器会将流量切换到辅助路径,从而维护流量。
图 2: 路径保护
如果辅助路径已预先发出信号或处于待机状态,则故障恢复时间比辅助路径未预先发出信号时要快。当辅助路径未预先发出信号时,会发生呼叫建立延迟,在此期间将建立 LSP 的新物理路径,从而延长恢复时间。如果主路径中的故障得到纠正,并且在几分钟的等待时间后,入口路由器会将流量从辅助路径切换回主路径。
由于路径保护由入口路由器为整个路径提供,因此可能存在一些缺点,例如重复预订资源和不必要的链路保护。通过一次保护一个资源,本地保护可以弥补这些缺点。
在 MPLS 网络中配置路径保护(CLI 过程)
在 EX 系列交换机上实施 MPLS 的 Junos OS 提供路径保护,作为一种防止标签交换路径 (LSP) 故障的机制。路径保护可减少在 MPLS 隧道内发生故障时重新计算路由所需的时间。您可以在 MPLS 网络中的入口提供商边缘交换机上配置路径保护。请勿为出口提供商边缘交换机或提供商交换机配置路径保护。您可以显式指定用于主路径和辅助路径的提供商交换机,也可以让软件自动计算路径。
在配置路径保护之前,请确保您已:
已配置入口提供商边缘交换机和出口提供商边缘交换机。请参阅 使用 IP-over-MPLS 在提供商边缘交换机上配置 MPLS 或使用 电路交叉连接在提供商边缘 EX8200 和 EX4500 交换机上配置 MPLS。
配置了至少一个提供商(传输)交换机。请参阅 在 EX8200 和 EX4500 提供商交换机上配置 MPLS。
已验证MPLS网络的配置。
要配置路径保护,请在入口提供商边缘交换机上完成以下任务:
配置主路径
该 primary 语句创建主路径,这是 LSP 的首选路径。如果主路径无法再到达出口提供商边缘交换机,则该语句将 secondary 创建备用路径。
在本主题描述的任务中, lsp-name 入口提供商边缘交换机 lsp_to_240 上的 已配置为 ,远程提供商边缘交换机上的环路接口地址已配置为 127.0.0.8。
当软件从主路径切换到辅助路径时,它会不断尝试恢复到主路径,并在再次可访问时切换回主路径,但不早于语句中 revert-timer 指定的时间。
您可以配置零个主路径或一个主路径。如果未配置主路径,则会选择第一个辅助路径(如果已配置辅助路径)作为路径。如果未指定任何命名路径,或者指定的路径为空,软件将做出数据包到达出口提供商边缘交换机所需的所有路由决策。
要配置主路径:
为 LSP 创建主路径:
content_copy zoom_out_map[edit protocols mpls label-switched-path lsp_to_240 to 127.0.0.8] user@switch# set primary primary_path_lsp_to_240
通过指定环路接口的 IP 地址或 MPLS 隧道中使用的每台交换机的交换机 IP 地址或主机名,为主路径配置显式路由。可以将链接类型指定为 strict 或 loose 在每个语句中
path。如果链路类型为 strict,LSP 必须转到语句中path指定的下一个地址,而不遍历其他交换机。如果链路类型为 loose,则 LSP 可以在到达此交换机之前遍历其他交换机。此配置使用路径的默认 strict 指定。注:您可以启用路径保护,而无需指定使用哪些提供商交换机。如果未列出要用于 MPLS 隧道的特定提供商交换机,交换机将计算路由。
提示:请勿在这些语句中包含入口提供程序边缘交换机。按顺序列出环路接口的 IP 地址或所有其他交换机跃点的交换机地址或主机名,以出口提供商边缘交换机结尾。
content_copy zoom_out_map[edit protocols mpls label-switched-path lsp_to_240 to 127.0.0.8] user@switch# set path primary_path_lsp_to_240 127.0.0.2 user@switch# set path primary_path_lsp_to_240 127.0.0.3 user@switch# set path primary_path_lsp_to_240 127.0.0.8
配置辅助路径
您可以配置零个或多个辅助路径。所有辅助路径都是相等的,软件会按照配置中列出的顺序进行尝试。软件不会尝试在辅助路径之间切换。如果配置中的第一个辅助路径不可用,则尝试下一个辅助路径,依此类推。若要创建一组相等路径,请指定辅助路径而不指定主路径。如果未指定任何命名路径,或者指定的路径为空,软件将做出到达出口提供商边缘交换机所需的所有路由决策。
要配置辅助路径,请执行以下操作:
为 LSP 创建辅助路径:
content_copy zoom_out_map[edit protocols mpls label-switched-path lsp_to_240 to 127.0.0.8] user@switch# set secondary secondary_path_lsp_to_240 standby
通过指定环路接口的 IP 地址或 MPLS 隧道中使用的每台交换机的交换机 IP 地址或主机名,为辅助路径配置显式路由。可以将链接类型指定为 strict 或 loose 在每个语句中
path。此配置使用路径的默认 strict 指定。提示:请勿在这些语句中包含入口提供程序边缘交换机。按顺序列出环路接口的 IP 地址或所有其他交换机跃点的交换机地址或主机名,以出口提供商边缘交换机结尾。
content_copy zoom_out_map[edit protocols mpls label-switched-path lsp_to_240 to 127.0.0.8] user@switch# set path secondary_path_lsp_to_240 127.0.0.4 user@switch# set path primary_path_lsp_to_240 127.0.0.8
配置恢复计时器
对于同时配置了主路径和辅助路径的 LSP,您可以选择配置恢复计时器。如果主路径关闭且流量切换到辅助路径,则恢复计时器指定 LSP 在将流量恢复到主路径之前必须等待的时间量(以秒为单位)。如果主路径在此期间遇到任何连接问题或稳定性问题,计时器将重新启动。
提示:
如果未显式配置还原计时器,则默认情况下将其设置为 60 秒。
要为配置了主路径和辅助路径的 LSP 配置恢复计时器,请执行以下操作:
对于交换机上的所有 LSP:
content_copy zoom_out_map[edit protocols mpls] user@switch# set revert-timer 120
对于交换机上的特定 LSP:
content_copy zoom_out_map[edit protocols mpls label-switched-path] user@switch# set lsp_to_240 revert-timer 120
防止使用以前失败的路径
如果配置通过网络的备用路径以防活动路径发生故障,则可能不希望流量恢复到故障路径,即使该路径不再出现故障也是如此。配置主路径时,流量会在故障期间切换到辅助路径,并在返回时恢复为主路径。
有时,将流量切换回以前发生故障的主路径可能不是一个特别合理的主意。在这种情况下,请仅配置辅助路径,从而在第一个辅助路径发生故障时建立下一个配置的辅助路径。稍后,如果第一个辅助路径正常运行,Junos OS 将不会恢复到该路径,而是会继续使用第二个辅助路径。
使用标记的 BGP 配置 MPLS AS 间链路节点保护
了解 MPLS AS 间链路保护
链路保护在 MPLS 网络中至关重要,可确保在接口发生故障时恢复流量。入口路由器通过其他接口选择备用链路,将流量发送到其目标。
在 中 图 3,自治系统边界路由器 (ASBR) 将外部 BGP (EBGP) 运行到另一个自治系统 (AS) 中的 ASBR,以交换 /32 IPv4 路由的标签。在 AS 内,内部 BGP (IBGP) 将路由传播到提供商边缘 (PE) 设备。如果从设备 ASBR3 到设备 ASBR1 的链路断开,则在设备 ASBR3 重新安装新的下一跃点之前,将从 AS 64511 通过 ASBR3-ASBR1 链路流向 AS 64510 的所有流量都将被丢弃。如果设备 ASBR3 通过设备 ASBR4 或通过设备 ASBR2 的直接路径(如果存在)对备份路径进行预编程,则可以实现快速流量恢复。这假设设备 ASBR3 为需要通过 IBGP 或 EBGP 保护的路由学习无环路 MPLS 路径。
此解决方案无法处理设备 ASBR3 上的故障,相关流量从 AS 64510 通过 ASBR3-ASBR1 链路流向 AS 64511。此解决方案仅限于通过带标签的 BGP 进行下游的 AS 间链路节点保护。当 ASBR 发生故障时,此解决方案不支持提供商 (P) 和 ASBR 路由器之间的服务恢复。例如,此解决方案不处理 P3-ASBR3 链路上的故障。
此支持的功能类似于 BGP 多路径,只是只有一个下一跃点用于主动转发,第二个路径处于保护模式。
图 3: MPLS AS 间链路节点间保护概念拓扑
在 MPLS AS 间环境中,当用于在 AS 之间发送流量时 labeled-unicast ,可以启用链路保护。因此,会在处于不同 AS 中的两台路由器之间的链路上配置 MPLS AS 间链路保护。
要在接口上配置链路保护,请在层次结构级别使用以下protection[edit protocols bgp group group-name family inet labeled-unicast]语句:
content_copy zoom_out_map
protocols {
bgp {
group test1 {
type external;
local-address 192.168.1.2;
family inet {
labeled-unicast {
protection;
}
}
}
}
}
注:
MPLS AS 间链路保护仅 labeled-unicast 支持主路由实例中的外部对等方。
配置保护的链路称为保护路径。仅在选择最佳路径后选择保护路径,在以下情况下不会选择保护路径:
最佳路径是非 BGP 路径。
多个下一跃点处于活动状态,就像在 BGP 多路径中一样。
示例:配置 MPLS AS 间链路节点保护
此示例说明如何在具有第 3 层 VPN 的 AS 间部署中配置尾端保护。
要求
配置此示例之前,不需要除设备初始化之外的特殊配置。
概述
在 中 图 4,自治系统边界路由器 (ASBR) 将外部 BGP (EBGP) 运行到另一个自治系统 (AS) 中的 ASBR,以交换 /32 IPv4 路由的标签。在 AS 内,内部 BGP (IBGP) 将路由传播到提供商边缘 (PE) 设备。
如果从设备 ASBR3 到设备 ASBR1 的链路断开,在 ASBR3 重新安装新的下一跃点之前,将从 AS 64511 通过 ASBR3-ASBR1 链路流向 AS 64510 的所有流量都将被丢弃。
此示例说明如何通过将设备 ASBR3 配置为通过设备 ASBR2 对备份路径进行预编程来实现快速流量恢复。
注:
此解决方案不处理设备 P3 到设备 ASBR3 故障。对于从 AS 64510 通过 ASBR3-ASBR1 链路流向 AS 645111的流量,它也不会处理设备 ASBR3 上的故障。此流量将被丢弃。
拓扑学
图 4: MPLS AS 间链路节点保护示例拓扑
配置
CLI 快速配置
要快速配置此示例,请复制以下命令,将其粘贴到文本文件中,删除所有换行符,更改与您的网络配置匹配所需的任何详细信息,然后将命令复制并粘贴到层次结构级别的 CLI [edit] 中。
设备 ASBR1
content_copy zoom_out_map
set interfaces fe-1/2/2 unit 0 family inet address 10.20.20.2/30 set interfaces fe-1/2/2 unit 0 family mpls set interfaces fe-1/2/0 unit 0 family inet address 10.21.21.1/30 set interfaces fe-1/2/0 unit 0 family mpls set interfaces lo0 unit 0 family inet address 10.4.4.4/32 set protocols rsvp interface fe-1/2/2.0 set protocols rsvp interface lo0.0 set protocols mpls traffic-engineering bgp-igp-both-ribs set protocols mpls label-switched-path To_PE1 to 10.2.2.2 set protocols mpls interface fe-1/2/2.0 set protocols mpls interface fe-1/2/0.0 set protocols mpls interface lo0.0 set protocols bgp group To-PE1 type internal set protocols bgp group To-PE1 local-address 10.4.4.4 set protocols bgp group To-PE1 family inet unicast set protocols bgp group To-PE1 family inet labeled-unicast set protocols bgp group To-PE1 export next-hop-self set protocols bgp group To-PE1 neighbor 10.2.2.2 family inet labeled-unicast set protocols bgp group To-ASBR3 type external set protocols bgp group To-ASBR3 family inet labeled-unicast set protocols bgp group To-ASBR3 export To-ASBR3 set protocols bgp group To-ASBR3 neighbor 10.21.21.2 peer-as 64511 set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface fe-1/2/2.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive set policy-options policy-statement To-ASBR3 term 1 from route-filter 10.2.2.2/32 exact set policy-options policy-statement To-ASBR3 term 1 then accept set policy-options policy-statement To-ASBR3 term 2 then reject set policy-options policy-statement next-hop-self then next-hop self set routing-options autonomous-system 64510
设备 ASBR2
content_copy zoom_out_map
set interfaces fe-1/2/0 unit 0 description to-P2 set interfaces fe-1/2/0 unit 0 family inet address 10.25.25.1/30 set interfaces fe-1/2/0 unit 0 family mpls set interfaces fe-1/2/1 unit 0 description to-ASBR3 set interfaces fe-1/2/1 unit 0 family inet address 10.26.26.1/30 set interfaces fe-1/2/1 unit 0 family mpls set interfaces lo0 unit 0 family inet address 10.9.9.9/32 set protocols rsvp interface fe-1/2/0.0 set protocols rsvp interface lo0.0 set protocols mpls traffic-engineering bgp-igp-both-ribs set protocols mpls label-switched-path To_PE1 to 10.2.2.2 set protocols mpls interface fe-1/2/0.0 set protocols mpls interface fe-1/2/1.0 set protocols mpls interface lo0.0 set protocols bgp group To-PE1 type internal set protocols bgp group To-PE1 local-address 10.9.9.9 set protocols bgp group To-PE1 family inet unicast set protocols bgp group To-PE1 family inet labeled-unicast set protocols bgp group To-PE1 export next-hop-self set protocols bgp group To-PE1 neighbor 10.2.2.2 family inet labeled-unicast set protocols bgp group To-ASBR3 type external set protocols bgp group To-ASBR3 family inet labeled-unicast set protocols bgp group To-ASBR3 export To-ASBR3 set protocols bgp group To-ASBR3 neighbor 10.26.26.2 peer-as 64511 set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface fe-1/2/0.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive set policy-options policy-statement To-ASBR3 term 1 from route-filter 10.2.2.2/32 exact set policy-options policy-statement To-ASBR3 term 1 then accept set policy-options policy-statement To-ASBR3 term 2 then reject set policy-options policy-statement next-hop-self then next-hop self set routing-options autonomous-system 64510
设备 ASBR3
content_copy zoom_out_map
set interfaces fe-1/2/0 unit 0 description to-ASBR1 set interfaces fe-1/2/0 unit 0 family inet address 10.21.21.2/30 set interfaces fe-1/2/0 unit 0 family mpls set interfaces fe-1/2/2 unit 0 description to-P3 set interfaces fe-1/2/2 unit 0 family inet address 10.22.22.1/30 set interfaces fe-1/2/2 unit 0 family mpls set interfaces fe-1/2/1 unit 0 description to-ASBR2 set interfaces fe-1/2/1 unit 0 family inet address 10.26.26.2/30 set interfaces fe-1/2/1 unit 0 family mpls set interfaces lo0 unit 0 family inet address 10.5.5.5/32 set protocols rsvp interface fe-1/2/2.0 set protocols rsvp interface lo0.0 set protocols rsvp interface fe-1/2/0.0 set protocols rsvp interface fe-1/2/1.0 set protocols mpls traffic-engineering bgp-igp-both-ribs set protocols mpls label-switched-path To_PE2 to 10.7.7.7 set protocols mpls interface lo0.0 set protocols mpls interface fe-1/2/0.0 set protocols mpls interface fe-1/2/2.0 set protocols mpls interface fe-1/2/1.0 set protocols bgp group To-PE2 type internal set protocols bgp group To-PE2 local-address 10.5.5.5 set protocols bgp group To-PE2 family inet unicast set protocols bgp group To-PE2 export next-hop-self set protocols bgp group To-PE2 neighbor 10.7.7.7 family inet labeled-unicast set protocols bgp group To-ASBR1 type external set protocols bgp group To-ASBR1 family inet labeled-unicast protection set protocols bgp group To-ASBR1 family inet labeled-unicast per-prefix-label set protocols bgp group To-ASBR1 export To-ASBR1 set protocols bgp group To-ASBR1 neighbor 10.21.21.1 peer-as 64510 set protocols bgp group To-ASBR2 type external set protocols bgp group To-ASBR2 family inet labeled-unicast protection set protocols bgp group To-ASBR2 family inet labeled-unicast per-prefix-label set protocols bgp group To-ASBR2 export To-ASBR2 set protocols bgp group To-ASBR2 neighbor 10.26.26.1 peer-as 64510 set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface fe-1/2/2.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive set protocols ospf area 0.0.0.0 interface fe-1/2/1.0 set policy-options policy-statement To-ASBR1 term 1 from route-filter 10.7.7.7/32 exact set policy-options policy-statement To-ASBR1 term 1 then accept set policy-options policy-statement To-ASBR1 term 2 then reject set policy-options policy-statement To-ASBR2 term 1 from route-filter 10.7.7.7/32 exact set policy-options policy-statement To-ASBR2 term 1 then accept set policy-options policy-statement To-ASBR2 term 2 then reject set policy-options policy-statement next-hop-self then next-hop self set routing-options autonomous-system 64511
设备 CE1
content_copy zoom_out_map
set interfaces fe-1/2/0 unit 0 family inet address 10.18.18.1/30 set interfaces lo0 unit 0 family inet address 10.1.1.1/32 set protocols ospf area 0.0.0.2 interface fe-1/2/0.0 set protocols ospf area 0.0.0.2 interface lo0.0 passive
设备 CE2
content_copy zoom_out_map
set interfaces fe-1/2/1 unit 0 family inet address 10.24.24.2/30 set interfaces lo0 unit 0 family inet address 10.8.8.8/32 set protocols bgp group To_PE2 neighbor 10.24.24.1 export myroutes set protocols bgp group To_PE2 neighbor 10.24.24.1 peer-as 64511 set policy-options policy-statement myroutes from protocol direct set policy-options policy-statement myroutes then accept set routing-options autonomous-system 64509
设备 P1
content_copy zoom_out_map
set interfaces fe-1/2/1 unit 0 family inet address 10.19.19.2/30 set interfaces fe-1/2/1 unit 0 family mpls set interfaces fe-1/2/2 unit 0 family inet address 10.20.20.1/30 set interfaces fe-1/2/2 unit 0 family mpls set interfaces lo0 unit 0 family inet address 10.3.3.3/32 set protocols rsvp interface fe-1/2/1.0 set protocols rsvp interface fe-1/2/2.0 set protocols rsvp interface lo0.0 set protocols mpls interface fe-1/2/1.0 set protocols mpls interface fe-1/2/2.0 set protocols mpls interface lo0.0 set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface fe-1/2/1.0 set protocols ospf area 0.0.0.0 interface fe-1/2/2.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive
设备 P2
content_copy zoom_out_map
set interfaces fe-1/2/0 unit 0 description to-ASBR2 set interfaces fe-1/2/0 unit 0 family inet address 10.25.25.2/30 set interfaces fe-1/2/0 unit 0 family mpls set interfaces fe-1/2/2 unit 0 description to-PE1 set interfaces fe-1/2/2 unit 0 family inet address 10.28.28.1/30 set interfaces fe-1/2/2 unit 0 family mpls set interfaces lo0 unit 0 family inet address 10.10.10.10/32 set protocols rsvp interface fe-1/2/0.0 set protocols rsvp interface fe-1/2/2.0 set protocols rsvp interface lo0.0 set protocols mpls interface fe-1/2/0.0 set protocols mpls interface fe-1/2/2.0 set protocols mpls interface lo0.0 set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface fe-1/2/0.0 set protocols ospf area 0.0.0.0 interface fe-1/2/2.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive
设备 P3
content_copy zoom_out_map
set interfaces fe-1/2/2 unit 0 family inet address 10.22.22.2/30 set interfaces fe-1/2/2 unit 0 family mpls set interfaces fe-1/2/0 unit 0 family inet address 10.23.23.1/30 set interfaces fe-1/2/0 unit 0 family mpls set interfaces lo0 unit 0 family inet address 10.6.6.6/32 set protocols rsvp interface fe-1/2/2.0 set protocols rsvp interface fe-1/2/0.0 set protocols rsvp interface lo0.0 set protocols mpls interface fe-1/2/2.0 set protocols mpls interface fe-1/2/0.0 set protocols mpls interface lo0.0 set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface fe-1/2/2.0 set protocols ospf area 0.0.0.0 interface fe-1/2/0.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive
设备 PE1
content_copy zoom_out_map
set interfaces fe-1/2/0 unit 0 family inet address 10.18.18.2/30 set interfaces fe-1/2/1 unit 0 family inet address 10.19.19.1/30 set interfaces fe-1/2/1 unit 0 family mpls set interfaces fe-1/2/2 unit 0 description to-P2 set interfaces fe-1/2/2 unit 0 family inet address 10.28.28.2/30 set interfaces lo0 unit 0 family inet address 10.2.2.2/32 set protocols rsvp interface fe-1/2/0.0 set protocols rsvp interface lo0.0 set protocols rsvp interface fe-1/2/2.0 set protocols mpls label-switched-path To-ASBR1 to 10.4.4.4 set protocols mpls label-switched-path To-ASBR2 to 10.9.9.9 set protocols mpls interface fe-1/2/0.0 set protocols mpls interface lo0.0 set protocols mpls interface fe-1/2/2.0 set protocols bgp group To_ASBR1 type internal set protocols bgp group To_ASBR1 local-address 10.2.2.2 set protocols bgp group To_ASBR1 family inet labeled-unicast set protocols bgp group To_ASBR1 neighbor 10.4.4.4 family inet labeled-unicast resolve-vpn set protocols bgp group To_PE2 type external set protocols bgp group To_PE2 multihop ttl 20 set protocols bgp group To_PE2 local-address 10.2.2.2 set protocols bgp group To_PE2 family inet-vpn unicast set protocols bgp group To_PE2 neighbor 10.7.7.7 peer-as 64511 set protocols bgp group To_ASBR2 type internal set protocols bgp group To_ASBR2 local-address 10.2.2.2 set protocols bgp group To_ASBR2 family inet labeled-unicast set protocols bgp group To_ASBR2 neighbor 10.9.9.9 family inet labeled-unicast resolve-vpn set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface fe-1/2/0.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive set protocols ospf area 0.0.0.0 interface fe-1/2/2.0 set policy-options policy-statement bgp-to-ospf term 1 from protocol bgp set policy-options policy-statement bgp-to-ospf term 1 then accept set policy-options policy-statement bgp-to-ospf term 2 then reject set policy-options policy-statement vpnexport term 1 from protocol ospf set policy-options policy-statement vpnexport term 1 then community add test_comm set policy-options policy-statement vpnexport term 1 then accept set policy-options policy-statement vpnexport term 2 then reject set policy-options policy-statement vpnimport term 1 from protocol bgp set policy-options policy-statement vpnimport term 1 from community test_comm set policy-options policy-statement vpnimport term 1 then accept set policy-options policy-statement vpnimport term 2 then reject set policy-options community test_comm members target:1:64510 set routing-instances vpn2CE1 instance-type vrf set routing-instances vpn2CE1 interface fe-1/2/0.0 set routing-instances vpn2CE1 route-distinguisher 1:64510 set routing-instances vpn2CE1 vrf-import vpnimport set routing-instances vpn2CE1 vrf-export vpnexport set routing-instances vpn2CE1 protocols ospf export bgp-to-ospf set routing-instances vpn2CE1 protocols ospf area 0.0.0.2 interface fe-1/2/0.0 set routing-options autonomous-system 64510
设备 PE2
content_copy zoom_out_map
set interfaces fe-1/2/0 unit 0 family inet address 10.23.23.2/30 set interfaces fe-1/2/0 unit 0 family mpls set interfaces fe-1/2/1 unit 0 family inet address 10.24.24.1/30 set interfaces lo0 unit 0 family inet address 10.7.7.7/32 set protocols rsvp interface fe-1/2/0.0 set protocols rsvp interface lo0.0 set protocols mpls label-switched-path To-ASBR3 to 10.5.5.5 set protocols mpls interface fe-1/2/0.0 set protocols mpls interface lo0.0 set protocols bgp group To_ASBR3 type internal set protocols bgp group To_ASBR3 local-address 10.7.7.7 set protocols bgp group To_ASBR3 family inet labeled-unicast set protocols bgp group To_ASBR3 neighbor 10.5.5.5 family inet labeled-unicast resolve-vpn set protocols bgp group To_PE1 type external set protocols bgp group To_PE1 multihop ttl 20 set protocols bgp group To_PE1 local-address 10.7.7.7 set protocols bgp group To_PE1 family inet-vpn unicast set protocols bgp group To_PE1 neighbor 10.2.2.2 peer-as 64510 set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface fe-1/2/0.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive set policy-options policy-statement vpnexport term 1 from protocol bgp set policy-options policy-statement vpnexport term 1 then community add test_comm set policy-options policy-statement vpnexport term 1 then accept set policy-options policy-statement vpnexport term 2 then reject set policy-options policy-statement vpnimport term 1 from protocol bgp set policy-options policy-statement vpnimport term 1 from community test_comm set policy-options policy-statement vpnimport term 1 then accept set policy-options policy-statement vpnimport term 2 then reject set policy-options community test_comm members target:1:64510 set routing-instances vpn2CE2 instance-type vrf set routing-instances vpn2CE2 interface fe-1/2/1.0 set routing-instances vpn2CE2 route-distinguisher 1:64510 set routing-instances vpn2CE2 vrf-import vpnimport set routing-instances vpn2CE2 vrf-export vpnexport set routing-instances vpn2CE2 protocols bgp group To_CE2 peer-as 64509 set routing-instances vpn2CE2 protocols bgp group To_CE2 neighbor 10.24.24.2 set routing-options autonomous-system 64511
程序
分步过程
下面的示例要求您在各个配置层级中进行导航。有关导航 CLI 的信息,请参阅《Junos OS CLI 用户指南》中的在配置模式下使用 CLI 编辑器。
要配置 EBGP 方案,请执行以下操作:
配置路由器接口。
content_copy zoom_out_map[edit interfaces] user@ASBR3# set fe-1/2/0 unit 0 description to-ASBR1 user@ASBR3# set fe-1/2/0 unit 0 family inet address 10.21.21.2/30 user@ASBR3# set fe-1/2/0 unit 0 family mpls user@ASBR3# set fe-1/2/2 unit 0 description to-P3 user@ASBR3# set fe-1/2/2 unit 0 family inet address 10.22.22.1/30 user@ASBR3# set fe-1/2/2 unit 0 family mpls user@ASBR3# set fe-1/2/1 unit 0 description to-ASBR2 user@ASBR3# set fe-1/2/1 unit 0 family inet address 10.26.26.2/30 user@ASBR3# set fe-1/2/1 unit 0 family mpls user@ASBR3# set lo0 unit 0 family inet address 10.5.5.5/32
配置内部网关协议 (IGP),例如 OSPF 或 IS-IS。
content_copy zoom_out_map[edit protocols ospf] user@ASBR3# set traffic-engineering [edit protocols ospf area 0.0.0.0] user@ASBR3# set interface fe-1/2/2.0 user@ASBR3# set interface lo0.0 passive user@ASBR3# set interface fe-1/2/1.0
配置自治系统 (AS) 编号。
content_copy zoom_out_map[edit routing-options] user@ASBR3# set autonomous-system 64511
配置路由策略。
content_copy zoom_out_map[edit policy-options policy-statement To-ASBR1] user@ASBR3# set term 1 from route-filter 10.7.7.7/32 exact user@ASBR3# set term 1 then accept user@ASBR3# set term 2 then reject [edit policy-options policy-statement To-ASBR2] user@ASBR3# set term 1 from route-filter 10.7.7.7/32 exact user@ASBR3# set term 1 then accept user@ASBR3# set term 2 then reject [edit policy-options policy-statement next-hop-self] user@ASBR3# set then next-hop self
配置 EBGP 会话。
content_copy zoom_out_map[edit protocols bgp group To-ASBR1] user@ASBR3# set type external user@ASBR3# set family inet labeled-unicast protection user@ASBR3# set family inet labeled-unicast per-prefix-label user@ASBR3# set export To-ASBR1 user@ASBR3# set neighbor 10.21.21.1 peer-as 64510 [edit protocols bgp group To-ASBR2] user@ASBR3# set type external user@ASBR3# set family inet labeled-unicast protection user@ASBR3# set family inet labeled-unicast per-prefix-label user@ASBR3# set export To-ASBR2 user@ASBR3# set neighbor 10.26.26.1 peer-as 64510
配置 IBGP 会话。
content_copy zoom_out_map[edit protocols bgp group To-PE2] user@ASBR3# set type internal user@ASBR3# set local-address 10.5.5.5 user@ASBR3# set family inet unicast user@ASBR3# set export next-hop-self user@ASBR3# set neighbor 10.7.7.7 family inet labeled-unicast
配置 MPLS。
content_copy zoom_out_map[edit protocols mpls] user@ASBR3# set traffic-engineering bgp-igp-both-ribs user@ASBR3# set label-switched-path To_PE2 to 10.7.7.7 user@ASBR3# set interface lo0.0 user@ASBR3# set interface fe-1/2/0.0 user@ASBR3# set interface fe-1/2/2.0 user@ASBR3# set interface fe-1/2/1.0
配置信令协议。
content_copy zoom_out_map[edit protocols rsvp] user@ASBR3# set interface fe-1/2/2.0 user@ASBR3# set interface lo0.0 user@ASBR3# set interface fe-1/2/0.0 user@ASBR3# set interface fe-1/2/1.0
结果
在配置模式下,输入 show interfaces、 show protocolsshow policy-options和 show routing-options命令确认您的配置。如果输出未显示预期的配置,请重复此示例中的说明,以便进行更正。
content_copy zoom_out_map
user@ASBR3# show interfaces
fe-1/2/0 {
unit 0 {
description to-ASBR1;
family inet {
address 10.21.21.2/30;
}
family mpls;
}
}
fe-1/2/1 {
unit 0 {
description to-ASBR2;
family inet {
address 10.26.26.2/30;
}
family mpls;
}
}
fe-1/2/2 {
unit 0 {
description to-P3;
family inet {
address 10.22.22.1/30;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 10.5.5.5/32;
}
}
}
content_copy zoom_out_map
user@ASBR3# show protocols
rsvp {
interface fe-1/2/2.0;
interface lo0.0;
interface fe-1/2/0.0;
interface fe-1/2/1.0;
}
mpls {
traffic-engineering bgp-igp-both-ribs;
label-switched-path To_PE2 {
to 10.7.7.7;
}
interface lo0.0;
interface fe-1/2/0.0;
interface fe-1/2/2.0;
interface fe-1/2/1.0;
}
bgp {
group To-PE2 {
type internal;
local-address 10.5.5.5;
family inet {
unicast;
}
export next-hop-self;
neighbor 10.7.7.7 {
family inet {
labeled-unicast;
}
}
}
group To-ASBR1 {
type external;
family inet {
labeled-unicast {
protection;
}
}
export To-ASBR1;
neighbor 10.21.21.1 {
peer-as 64510;
}
}
group To-ASBR2 {
type external;
family inet {
labeled-unicast {
protection;
}
}
export To-ASBR2;
neighbor 10.26.26.1 {
peer-as 64510;
}
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface fe-1/2/2.0;
interface lo0.0 {
passive;
}
interface fe-1/2/1.0;
}
}
content_copy zoom_out_map
user@ASBR3# show policy-options
policy-statement To-ASBR1 {
term 1 {
from {
route-filter 10.7.7.7/32 exact;
}
then accept;
}
term 2 {
then reject;
}
}
policy-statement To-ASBR2 {
term 1 {
from {
route-filter 10.7.7.7/32 exact;
}
then accept;
}
term 2 {
then reject;
}
}
policy-statement next-hop-self {
then {
next-hop self;
}
}
content_copy zoom_out_map
user@ASBR3# show routing-options
autonomous-system 64511;
如果完成设备配置,请从配置模式输入 commit 。
验证
确认配置工作正常。
检查 BGP 邻居会话
目的
验证是否已启用 BGP 保护。
操作
content_copy zoom_out_map
user@ASBR3# show bgp neighbor 10.21.21.1
Peer:10.21.21.1+58259 AS 64510 Local: 10.21.21.2+179 AS 64511
Type: External State: Established Flags: <ImportEval Sync>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: None
Export: [ To-ASBR1 ]
Options: <Preference AddressFamily PeerAS Refresh>
Options: <Protection>
Address families configured: inet-labeled-unicast
Holdtime: 90 Preference: 170
NLRI configured with protection: inet-labeled-unicast
Number of flaps: 0
Peer ID: 10.4.4.4 Local ID: 10.5.5.5 Active Holdtime: 90
Keepalive Interval: 30 Group index: 4 Peer index: 0
BFD: disabled, down
Local Interface: fe-1/2/0.0
NLRI for restart configured on peer: inet-labeled-unicast
NLRI advertised by peer: inet-labeled-unicast
NLRI for this session: inet-labeled-unicast
Peer supports Refresh capability (2)
Stale routes from peer are kept for: 300
Peer does not support Restarter functionality
NLRI that restart is negotiated for: inet-labeled-unicast
NLRI of received end-of-rib markers: inet-labeled-unicast
NLRI of all end-of-rib markers sent: inet-labeled-unicast
Peer supports 4 byte AS extension (peer-as 64510)
Peer does not support Addpath
Table inet.0 Bit: 10001
RIB State: BGP restart is complete
Send state: in sync
Active prefixes: 2
Received prefixes: 1
Accepted prefixes: 1
Suppressed due to damping: 0
Advertised prefixes: 1
Last traffic (seconds): Received 7 Sent 20 Checked 32
Input messages: Total 170 Updates 2 Refreshes 0 Octets 3326
Output messages: Total 167 Updates 1 Refreshes 0 Octets 3288
Output Queue[0]: 0content_copy zoom_out_map
user@ASBR3# show bgp neighbor 10.26.26.1
Peer: 10.26.26.1+61072 AS 64510 Local: 10.26.26.2+179 AS 64511
Type: External State: Established Flags: <ImportEval Sync>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: None
Export: [ To-ASBR2 ]
Options: <Preference AddressFamily PeerAS Refresh>
Options: <Protection>
Address families configured: inet-labeled-unicast
Holdtime: 90 Preference: 170
NLRI configured with protection: inet-labeled-unicast
Number of flaps: 0
Peer ID: 10.9.9.9 Local ID: 10.5.5.5 Active Holdtime: 90
Keepalive Interval: 30 Group index: 5 Peer index: 0
BFD: disabled, down
Local Interface: fe-1/2/1.0
NLRI for restart configured on peer: inet-labeled-unicast
NLRI advertised by peer: inet-labeled-unicast
NLRI for this session: inet-labeled-unicast
Peer supports Refresh capability (2)
Stale routes from peer are kept for: 300
Peer does not support Restarter functionality
NLRI that restart is negotiated for: inet-labeled-unicast
NLRI of received end-of-rib markers: inet-labeled-unicast
NLRI of all end-of-rib markers sent: inet-labeled-unicast
Peer supports 4 byte AS extension (peer-as 64510)
Peer does not support Addpath
Table inet.0 Bit: 10002
RIB State: BGP restart is complete
Send state: in sync
Active prefixes: 1
Received prefixes: 1
Accepted prefixes: 1
Suppressed due to damping: 0
Advertised prefixes: 1
Last traffic (seconds): Received 21 Sent 9 Checked 42
Input messages: Total 170 Updates 2 Refreshes 0 Octets 3326
Output messages: Total 168 Updates 1 Refreshes 0 Octets 3307
Output Queue[0]: 0意义
输出显示已为 EBGP 对等方、设备 ASBR1 和设备 ASBR2 启用该 Protection 选项。
这也显示在屏幕输出中 NLRI configured with protection: inet-labeled-unicast 。
检查路由
目的
确保备份路径已安装在路由表中。
操作
content_copy zoom_out_map
user@ASBR3> show route 10.2.2.2
inet.0: 12 destinations, 14 routes (12 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.2.2.2/32 *[BGP/170] 01:36:25, MED 2, localpref 100
AS path: 64510 I, validation-state: unverified
> to 10.21.21.1 via fe-1/2/0.0, Push 299824
to 10.26.26.1 via fe-1/2/1.0, Push 299808
[BGP/170] 01:36:25, MED 2, localpref 100
AS path: 64510 I, validation-state: unverified
> to 10.26.26.1 via fe-1/2/1.0, Push 299808意义
该 show route 命令将显示设备 PE1 的活动路径和备份路径。
为 BGP 信号第 2 层服务配置出口保护服务镜像
从 Junos OS 14.2 版开始,Junos OS 支持在出口 PE 节点中出现链路或节点故障时恢复出口流量。如果核心网络中出现链路或节点故障,可以在 PE 路由器之间的传输 LSP 上触发 MPLS 快速重新路由等保护机制,在几十毫秒内修复连接。出口保护 LSP 可解决网络边缘的节点链路故障(例如,PE 路由器故障)的问题。
图 1 显示了解释此功能的用例的简化拓扑。
图 5: 从路由器 PE1 到路由器 PE2 配置的出口保护 LSP
CE1 是 PE1 和 PE2 的多宿主。有两条路径连接 CE1 和 CE2。工作路径为 CE2-PE3-P-PE1-CE1,通过伪线 PW21。保护路径为 CE2-PE3-P-PE2-CE1,通过伪线 PW22 正常情况量流经工作路径。当 CE1 和 CE2 之间的端到端 OAM 检测到工作路径上的故障时,流量将从工作路径切换到保护路径。端到端故障检测和恢复依赖于控制平面,因此应该相对较慢。为了实现更快的保护,应使用类似于 MPLS 快速重新路由使用的本地修复机制。在上面的图 1 中,如果核心网络中的链路或节点发生故障(如 P-PE1、P-PE3 上的链路故障或 P 上的节点故障),则 PE1 和 PE3 之间的传输 LSP 将发生 MPLS 快速重新路由。故障可以在几十毫秒内本地修复。但是,如果链路或节点故障发生在边缘(如 PE3-CE2 上的链路故障或 PE3 上的节点故障),则目前没有本地修复,因此我们必须依靠 CE1-CE2 端到端保护来修复故障。
设备 CE2 — 流量源
路由器 PE3 — 入口 PE 路由器
路由器 PE1 — (主)出口 PE 路由器
路由器 PE2 — 保护器 PE 路由器
设备 CE1 — 流量目标
当 CE1 与 PE1 之间的链路断开时,PE1 会短暂地将该流量重定向到 CE1,再定向到 PE2。PE2 将其转发到 CE1,直到入口路由器 PE3 重新计算以将流量转发到 PE2。
最初交通方向是;CE2 – PE3 – P – PE1 – CE1。
当 CE1 – PE1 之间的链路中断时,流量将是;CE2 – PE3 – P – PE1 – PE2 –CE1。然后 PE3 重新计算路径;CE2 – PE3 – P – PE2 – CE1。
示例:为 BGP 信号第 2 层服务配置 MPLS 出口保护服务镜像
从 Junos OS 14.2 版开始,Junos OS 支持在出口 PE 节点中出现链路或节点故障时恢复出口流量。如果核心网络中出现链路或节点故障,可以在 PE 路由器之间的传输 LSP 上触发 MPLS 快速重新路由等保护机制,在几十毫秒内修复连接。出口保护 LSP 可解决网络边缘的节点链路故障(例如,PE 路由器故障)的问题。
此示例说明如何为 BGP 信号第 2 层服务配置链路保护。
要求
运行 Junos OS 14.2 或更高版本的 MX 系列路由器。
概述
如果核心网络中出现链路或节点故障,可以在 PE 路由器之间的传输 LSP 上触发 MPLS 快速重新路由等保护机制,在几十毫秒内修复连接。出口保护 LSP 可解决网络边缘的节点链路故障(例如,PE 路由器故障)的问题。
此示例包括出口保护 LSP 配置所特有的以下配置概念和语句:
context-identifier— 指定用于定义参与出口保护 LSP 的一对 PE 路由器的 IPv4 或 IPv6 地址。它被分配给每个有序的主PE和保护器对,以方便保护建立。此地址是全局唯一的,或者在主 PE 和保护程序所在的网络的地址空间中是唯一的。egress-protection— 为受保护的第 2 层电路配置保护器信息,并在层次结构级别配置保护器第 2 层电路[edit protocols mpls]。将 LSP 配置为层次结构级别的出口保护 LSP[edit protocols mpls]。protector— 配置在备份 PE 上创建备用伪线,以便为实例提供链路或节点保护。
拓扑学
图 6: 从路由器 PE1 到路由器 PE2 配置的出口保护 LSP
如果出口 PE 路由器 PE1 发生故障,流量将切换到在路由器 PE1 和路由器 PE2 之间配置的出口保护 LSP(保护器 PE 路由器):
设备 CE2 — 流量源
路由器 PE3 — 入口 PE 路由器
路由器 PE1 — (主)出口 PE 路由器
路由器 PE2 — 保护器 PE 路由器
设备 CE1 — 流量目标
当 CE1 与 PE1 之间的链路断开时,PE1 会短暂地将该流量重定向到 CE1,再定向到 PE2。PE2 将其转发到 CE1,直到入口路由器 PE3 重新计算以将流量转发到 PE2。
最初的交通方向是:CE2 – PE3 – P – PE1 – CE1。
当 CE1 与 PE1 之间的链路断开时,流量将为:CE2 – PE3 – P – PE1 – PE2 –CE1。然后,PE3 会重新计算路径:CE2 – PE3 – P – PE2 – CE1。
此示例说明如何配置路由器 PE1、PE2 和 PE3。
配置
CLI 快速配置
要快速配置出口保护 LSP,请复制以下命令,将其粘贴到文本文件中,删除所有换行符,更改任何必要的详细信息以匹配您的网络配置,将命令复制并粘贴到 CLI 中,然后从配置模式进入 commit 。
PE1
content_copy zoom_out_map
set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols mpls egress-protection context-identifier 198.51.100.3 primary set protocols mpls egress-protection context-identifier 198.51.100.3 advertise-mode stub-alias set protocols mpls egress-protection traceoptions file ep size 100m set protocols mpls egress-protection traceoptions flag all set protocols bgp traceoptions file bgp.log world-readable set protocols bgp group ibgp type internal set protocols bgp group ibgp local-address 10.255.183.58 set protocols bgp group ibgp family inet unicast set protocols bgp group ibgp family l2vpn signaling egress-protection set protocols bgp group ibgp neighbor 192.0.2.3 set protocols bgp group ibgp neighbor 192.0.2.4 set protocols isis traceoptions file isis-edge size 10m world-readable set protocols isis traceoptions flag error set protocols isis level 1 disable set protocols isis level 2 wide-metrics-only set protocols isis interface all point-to-point set protocols isis interface all level 2 metric 10 set protocols isis interface fxp0.0 disable set protocols ldp interface all set protocols ldp interface fxp0.0 disable set policy-options policy-statement lb then load-balance per-packet set routing-options traceoptions file ro.log set routing-options traceoptions flag all set routing-options traceoptions flag route set routing-options autonomous-system 100 set routing-options forwarding-table export lb set routing-instances foo instance-type l2vpn set routing-instances foo egress-protection context-identifier 198.51.100.3 set routing-instances foo interface ge-2/0/2.0 set routing-instances foo route-distinguisher 10.255.183.58:1 set routing-instances foo vrf-target target:9000:1 set routing-instances foo protocols l2vpn encapsulation-type ethernet-vlan set routing-instances foo protocols l2vpn site foo site-identifier 1 set routing-instances foo protocols l2vpn site foo site-preference primary set routing-instances foo protocols l2vpn site foo interface ge-2/0/2.0 remote-site-id 2
PE2
content_copy zoom_out_map
set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols mpls egress-protection context-identifier 198.51.100.3 protector set protocols mpls egress-protection context-identifier 198.51.100.3 advertise-mode stub-alias set protocols mpls egress-protection traceoptions file ep size 100m set protocols mpls egress-protection traceoptions flag all set protocols bgp traceoptions file bgp.log world-readable set protocols bgp group ibgp type internal set protocols bgp group ibgp local-address 10.255.183.57 set protocols bgp group ibgp family inet unicast set protocols bgp group ibgp family l2vpn signaling egress-protection set protocols bgp group ibgp neighbor 192.0.2.3 set protocols bgp group ibgp neighbor 192.0.2.4 set protocols isis traceoptions file isis-edge size 10m world-readable set protocols isis traceoptions flag error set protocols isis level 1 disable set protocols isis level 2 wide-metrics-only set protocols isis interface all point-to-point set protocols isis interface all level 2 metric 10 set protocols isis interface fxp0.0 disable set protocols ldp interface all set protocols ldp interface fxp0.0 disable set policy-options policy-statement lb then load-balance per-packet set routing-options traceoptions file ro.log set routing-options traceoptions flag normal set routing-options traceoptions flag route set routing-options autonomous-system 100 set routing-options forwarding-table export lb set routing-instances foo instance-type l2vpn set routing-instances foo egress-protection protector set routing-instances foo interface ge-2/0/2.0 set routing-instances foo route-distinguisher 10.255.183.57:1 set routing-instances foo vrf-target target:9000:1 set routing-instances foo protocols l2vpn encapsulation-type ethernet-vlan set routing-instances foo protocols l2vpn site foo hot-standby set routing-instances foo protocols l2vpn site foo site-identifier 1 set routing-instances foo protocols l2vpn site foo site-preference backup set routing-instances foo protocols l2vpn site foo interface ge-2/0/2.0 remote-site-id 2
PE3
content_copy zoom_out_map
set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp traceoptions file bgp.log world-readable set protocols bgp group ibgp type internal set protocols bgp group ibgp local-address 10.255.183.61 set protocols bgp group ibgp family inet unicast set protocols bgp group ibgp family l2vpn signaling set protocols bgp group ibgp neighbor 192.0.2.3 set protocols bgp group ibgp neighbor 192.0.2.4 set protocols isis traceoptions file isis-edge size 10m world-readable set protocols isis traceoptions flag error set protocols isis level 1 disable set protocols isis level 2 wide-metrics-only set protocols isis interface all point-to-point set protocols isis interface all level 2 metric 10 set protocols isis interface fxp0.0 disable set protocols ldp interface all set protocols ldp interface fxp0.0 disable set policy-options policy-statement lb then load-balance per-packet set routing-options traceoptions file ro.log set routing-options traceoptions flag normal set routing-options traceoptions flag route set routing-options autonomous-system 100 set routing-options forwarding-table export lb set routing-instances foo instance-type l2vpn set routing-instances foo interface ge-2/1/2.0 set routing-instances foo route-distinguisher 10.255.183.61:1 set routing-instances foo vrf-target target:9000:1 set routing-instances foo protocols l2vpn encapsulation-type ethernet-vlan set routing-instances foo protocols l2vpn site foo site-identifier 2 set routing-instances foo protocols l2vpn site foo interface ge-2/1/2.0 remote-site-id 1
分步过程
分步过程
下面的示例要求您在各个配置层级中进行导航。有关导航 CLI 的信息,请参阅 在配置模式下使用 CLI 编辑器。
要为路由器 PE1 配置出口保护 LSP,请执行以下操作:
配置 RSVP。
content_copy zoom_out_map[edit protocols rsvp] user@PE1# set interface all user@PE1# set interface fxp0.0 disable
将 MPLS 配置为使用出口保护 LSP 来防止设备 CE1 发生链路故障。
content_copy zoom_out_map[edit protocols mpls] user@PE1# set interface all user@PE1# set interface fxp0.0 disable user@PE1# set egress-protection context-identifier 198.51.100.3 primary user@PE1# set egress-protection context-identifier 198.51.100.3 advertise-mode stub-alias user@PE1# set egress-protection traceoptions file ep size 100m user@PE1# set egress-protection traceoptions flag all
配置 BGP。
content_copy zoom_out_map[edit protocols bgp] user@PE1# set traceoptions file bgp.log world-readable user@PE1# set group ibgp type internal user@PE1# set group ibgp local-address 10.255.183.58 user@PE1# set group ibgp family inet unicast user@PE1# set group ibgp family l2vpn signaling egress-protection user@PE1# set group ibgp neighbor 192.0.2.3 user@PE1# set group ibgp neighbor 192.0.2.4
配置 IS-IS。
content_copy zoom_out_map[edit protocols isis] user@PE1# set traceoptions file isis-edge size 10m world-readable user@PE1# set traceoptions flag error user@PE1# set level 1 disable user@PE1# set level 2 wide-metrics-only user@PE1# set interface all point-to-point user@PE1# set interface all level 2 metric 10 user@PE1# set interface fxp0.0 disable
配置 LDP。
content_copy zoom_out_map[edit protocols ldp] user@PE1# set interface all user@PE1# set interface fxp0.0 disable
配置负载均衡策略。
content_copy zoom_out_map[edit] user@PE1# set policy-options policy-statement lb then load-balance per-packet
配置路由选项以根据负载平衡策略导出路由。
content_copy zoom_out_map[edit routing-options] user@PE1# set traceoptions file ro.log user@PE1# set traceoptions flag all user@PE1# set autonomous-system 100 user@PE1# set forwarding-table export lb
将 BGP 配置为从路由实例播发 nrli,并将上下文 ID 作为下一跃点。
content_copy zoom_out_map[edit routing-instances] user@PE1# set foo instance-type l2vpn user@PE1# set foo egress-protection context-identifier 198.51.100.3 user@PE1# set foo interface ge-2/0/2.0 user@PE1# set foo route-distinguisher 10.255.183.58:1 user@PE1# set foo vrf-target target:9000:1
配置 l2vpn 实例以使用配置的出口 LSP。
content_copy zoom_out_map[edit routing-instances] user@PE1# set foo protocols l2vpn encapsulation-type ethernet-vlan user@PE1# set foo protocols l2vpn site foo site-identifier 1 user@PE1# set foo protocols l2vpn site foo site-preference primary user@PE1# set foo protocols l2vpn site foo interface ge-2/0/2.0 remote-site-id 2
如果完成设备配置,请从配置模式输入
commit。
分步过程
要为路由器 PE2 配置出口保护 LSP,请执行以下操作:
配置 RSVP。
content_copy zoom_out_map[edit protocols rsvp] user@PE2# set interface all user@PE2# set interface fxp0.0 disable
配置 MPLS 和充当出口保护 LSP 的 LSP。
content_copy zoom_out_map[edit protocols mpls] user@PE2# set interface all user@PE2# set interface fxp0.0 disable user@PE2# set egress-protection context-identifier 198.51.100.3 protector user@PE2# set egress-protection context-identifier 198.51.100.3 advertise-mode stub-alias user@PE2# set egress-protection traceoptions file ep size 100m user@PE2# set egress-protection traceoptions flag all
配置 BGP。
content_copy zoom_out_map[edit protocols bgp] user@PE2# set traceoptions file bgp.log world-readable user@PE2# set group ibgp type internal user@PE2# set group ibgp local-address 10.255.183.57 user@PE2# set group ibgp family inet unicast user@PE2# set group ibgp family l2vpn signaling user@PE2# set group ibgp family l2vpn egress-protection user@PE2# set group ibgp neighbor 192.0.2.3 user@PE2# set group ibgp neighbor 192.0.2.4
配置 IS-IS。
content_copy zoom_out_map[edit protocols isis] user@PE2# set traceoptions file isis-edge size 10m world-readable user@PE2# set traceoptions flag error user@PE2# set level 1 disable user@PE2# set level 2 wide-metrics-only user@PE2# set interface all point-to-point user@PE2# set interface all level 2 metric 10 user@PE2# set interface fxp0.0 disable
配置 LDP。
content_copy zoom_out_map[edit protocols ldp] user@PE2# set interface all user@PE2# set interface fxp0.0 disable
配置负载均衡策略。
content_copy zoom_out_map[edit] user@PE2# set policy-options policy-statement lb then load-balance per-packet
配置路由选项以根据负载平衡策略导出路由。
content_copy zoom_out_map[edit routing-options] user@PE2# set traceoptions file ro.log user@PE2# set traceoptions flag all user@PE2# set autonomous-system 100 user@PE2# set forwarding-table export lb
将 BGP 配置为从路由实例播发 nrli,并将上下文 ID 作为下一跃点。
content_copy zoom_out_map[edit routing-instances] user@PE2# set foo instance-type l2vpn user@PE2# set foo egress-protection protector user@PE2# set foo interface ge-2/0/2.0 user@PE2# set foo route-distinguisher 10.255.183.57:1 user@PE2# set foo vrf-target target:9000:1
配置 l2vpn 实例以使用配置的出口 LSP。
content_copy zoom_out_map[edit routing-instances] user@PE2# set foo protocols l2vpn encapsulation-type ethernet-vlan user@PE2# set foo protocols l2vpn site foo hot-standby user@PE2# set foo protocols l2vpn site foo site-identifier 1 user@PE2# set foo protocols l2vpn site foo site-preference backup user@PE2# set foo protocols l2vpn site foo interface ge-2/0/2.0 remote-site-id 2
如果完成设备配置,请从配置模式输入
commit。
分步过程
要为路由器 PE3 配置出口保护 LSP,请执行以下操作:
配置 RSVP。
content_copy zoom_out_map[edit protocols rsvp] user@PE3# set interface all user@PE3# set interface fxp0.0 disable
配置 MPLS。
content_copy zoom_out_map[edit protocols mpls] user@PE3# set interface all user@PE3# set interface fxp0.0 disable
配置 BGP。
content_copy zoom_out_map[edit protocols bgp] user@PE3# set traceoptions file bgp.log world-readable user@PE3# set group ibgp type internal user@PE3# set group ibgp local-address 10.255.183.61 user@PE3# set group ibgp family inet unicast user@PE3# set group ibgp family l2vpn signaling user@PE3# set group ibgp neighbor 192.0.2.3 user@PE3# set group ibgp neighbor 192.0.2.4
配置 IS-IS。
content_copy zoom_out_map[edit protocols isis] user@PE3# set traceoptions file isis-edge size 10m world-readable user@PE3# set traceoptions flag error user@PE3# set level 1 disable user@PE3# set level 2 wide-metrics-only user@PE3# set protocols isis interface all point-to-point [edit protocols isis] user@PE3# set protocols isis interface all level 2 metric 10 [edit protocols isis] user@PE3# set protocols isis interface fxp0.0 disable
配置 LDP。
content_copy zoom_out_map[edit protocols ldp] user@PE3# set interface all user@PE3# set interface fxp0.0 disable
配置负载均衡策略。
content_copy zoom_out_map[edit] user@PE3# set policy-options policy-statement lb then load-balance per-packet
配置路由选项以根据负载平衡策略导出路由。
content_copy zoom_out_map[edit routing-options] user@PE3# set traceoptions file ro.log user@PE3# set traceoptions flag normal user@PE3# set traceoptions flag route user@PE3# set autonomous-system 100 user@PE3# set forwarding-table export lb
将 BGP 配置为从路由实例播发具有上下文 ID 的 nlri 作为下一跃点。
content_copy zoom_out_map[edit] user@PE3# set routing-instances foo instance-type l2vpn user@PE3# set routing-instances foo interface ge-2/1/2.0 user@PE3# set routing-instances foo route-distinguisher 10.255.183.61:1 user@PE3# set routing-instances foo vrf-target target:9000:1
配置 l2vpn 以指定连接到站点的接口以及您希望指定接口连接到的远程接口。
content_copy zoom_out_map[edit routing-instances] user@PE3# set foo protocols l2vpn encapsulation-type ethernet-vlan user@PE3# set foo protocols l2vpn site foo site-identifier 2 user@PE3# set foo protocols l2vpn site foo interface ge-2/1/2.0 remote-site-id 1
如果完成设备配置,请从配置输入
commit。
结果
在配置模式下,输入 show protocols、 show policy-options和 show routing-options 命令,确认路由器 PE1 上的配置。如果输出未显示预期的配置,请重复此示例中的说明,以便进行更正。
content_copy zoom_out_map
[edit]
user@PE1# show protocols
rsvp {
interface all;
interface fxp0.0 {
disable;
}
}
mpls {
interface all;
interface fxp0.0 {
disable;
}
egress-protection {
context-identifier 198.51.100.3 {
primary;
advertise-mode stub-alias;
}
traceoptions {
file ep size 100m;
flag all;
}
}
}
bgp {
traceoptions {
file bgp.log world-readable;
}
group ibgp {
type internal;
local-address 10.255.183.58;
family inet {
unicast;
}
family l2vpn {
signaling {
egress-protection;
}
}
neighbor 192.0.2.3;
neighbor 192.0.2.4;
}
}
isis {
traceoptions {
file isis-edge size 10m world-readable;
flag error;
}
level 1 disable;
level 2 wide-metrics-only;
interface all {
point-to-point;
level 2 metric 10;
}
interface fxp0.0 {
disable;
}
}
ldp {
interface all;
interface fxp0.0 {
disable;
}
}
[edit]
user@PE1# show policy-options
policy-statement lb {
then {
load-balance per-packet;
}
}
[edit]
user@PE1# show routing-options
traceoptions {
file ro.log;
flag all;
}
autonomous-system 100;
forwarding-table {
export lb;
}
[edit]
user@PE1# show routing-instances
foo {
instance-type l2vpn;
egress-protection {
context-identifier {
198.51.100.3;
}
}
interface ge-2/0/2.0;
route-distinguisher 10.255.183.58:1;
vrf-target target:9000:1;
protocols {
l2vpn {
encapsulation-type ethernet-vlan;
site foo {
site-identifier 1;
site-preference primary;
interface ge-2/0/2.0 {
remote-site-id 2;
}
}
}
}
}
在配置模式下,输入 show protocols、 show policy-options和 show routing-options 命令,确认路由器 PE2 上的配置。如果输出未显示预期的配置,请重复此示例中的说明,以便进行更正。
content_copy zoom_out_map
[edit]
user@PE2# show protocols
rsvp {
interface all;
interface fxp0.0 {
disable;
}
}
mpls {
interface all;
interface fxp0.0 {
disable;
}
egress-protection {
context-identifier 198.51.100.3 {
protector;
advertise-mode stub-alias;
}
traceoptions {
file ep size 100m;
flag all;
}
}
}
bgp {
traceoptions {
file bgp.log world-readable;
}
group ibgp {
type internal;
local-address 10.255.183.57;
family inet {
unicast;
}
family l2vpn {
signaling {
egress-protection;
}
}
neighbor 192.0.2.3;
neighbor 192.0.2.4;
}
}
isis {
traceoptions {
file isis-edge size 10m world-readable;
flag error;
}
level 1 disable;
level 2 wide-metrics-only;
interface all {
point-to-point;
level 2 metric 10;
}
interface fxp0.0 {
disable;
}
}
ldp {
interface all;
interface fxp0.0 {
disable;
}
}
[edit]
user@PE2# show policy-options
policy-statement lb {
then {
load-balance per-packet;
}
}
[edit]
user@PE2# show routing-options
traceoptions {
file ro.log;
flag normal;
flag route;
}
autonomous-system 100;
forwarding-table {
export lb;
}
[edit]
user@PE2# show routing-instances
foo {
instance-type l2vpn;
egress-protection {
protector;
}
interface ge-2/0/2.0;
route-distinguisher 10.255.183.57:1;
vrf-target target:9000:1;
protocols {
l2vpn {
encapsulation-type ethernet-vlan;
site foo {
hot-standby;
site-identifier 1;
site-preference backup;
interface ge-2/0/2.0 {
remote-site-id 2;
}
}
}
}
}
在配置模式下,输入 show protocols、 show policy-options和 show routing-options 命令,确认路由器 PE3 上的配置。如果输出未显示预期的配置,请重复此示例中的说明,以便进行更正。
content_copy zoom_out_map
[edit]
user@PE3# show protocols
rsvp {
interface all;
interface fxp0.0 {
disable;
}
}
mpls {
interface all;
interface fxp0.0 {
disable;
}
}
bgp {
traceoptions {
file bgp.log world-readable;
}
group ibgp {
type internal;
local-address 10.255.183.61;
family inet {
unicast;
}
family l2vpn {
signaling;
}
neighbor 192.0.2.3;
neighbor 192.0.2.4;
}
}
isis {
traceoptions {
file isis-edge size 10m world-readable;
flag error;
}
level 1 disable;
level 2 wide-metrics-only;
interface all {
point-to-point;
level 2 metric 10;
}
interface fxp0.0 {
disable;
}
}
ldp {
interface all;
interface fxp0.0 {
disable;
}
}
[edit]
user@PE3# show policy-options
policy-statement lb {
then {
load-balance per-packet;
}
}
[edit]
user@PE3# show routing-options
traceoptions {
file ro.log;
flag normal;
flag route;
}
autonomous-system 100;
forwarding-table {
export lb;
}
[edit]
user@PE3# show routing-instances
foo {
instance-type l2vpn;
interface ge-2/1/2.0;
route-distinguisher 10.255.183.61:1;
vrf-target target:9000:1;
protocols {
l2vpn {
encapsulation-type ethernet-vlan;
site foo {
site-identifier 2;
interface ge-2/1/2.0 {
remote-site-id 1;
}
}
}
}
}
验证
确认配置工作正常。
验证 L2VPN 配置
目的
验证 LSP 是否受连接保护逻辑保护。
操作
在操作模式下,运行 show l2vpn connections extensive 命令。
content_copy zoom_out_map
user@PE2> show l2vpn connections extensive
content_copy zoom_out_map
Layer-2 VPN connections:
Legend for connection status (St)
EI -- encapsulation invalid NC -- interface encapsulation not CCC/TCC/VPLS
EM -- encapsulation mismatch WE -- interface and instance encaps not same
VC-Dn -- Virtual circuit down NP -- interface hardware not present
CM -- control-word mismatch -> -- only outbound connection is up
CN -- circuit not provisioned <- -- only inbound connection is up
OR -- out of range Up -- operational
OL -- no outgoing label Dn -- down
LD -- local site signaled down CF -- call admission control failure
RD -- remote site signaled down SC -- local and remote site ID collision
LN -- local site not designated LM -- local site ID not minimum designated
RN -- remote site not designated RM -- remote site ID not minimum designated
XX -- unknown connection status IL -- no incoming label
MM -- MTU mismatch MI -- Mesh-Group ID not available
BK -- Backup connection ST -- Standby connection
PF -- Profile parse failure PB -- Profile busy
RS -- remote site standby SN -- Static Neighbor
LB -- Local site not best-site RB -- Remote site not best-site
VM -- VLAN ID mismatch
Legend for interface status
Up -- operational
Dn -- down
Instance: foo
Local site: foo (1)
connection-site Type St Time last up # Up trans
2 rmt Up Aug 3 00:08:14 2001 1
Local circuit: ge-2/0/2.0, Status: Up
Remote PE: 192.0.2.3
Incoming label: 32769, Outgoing label: 32768
Egress Protection: Yes
Time Event Interface/Lbl/PE
Aug 3 00:08:14 2001 PE route up
Aug 3 00:08:14 2001 Out lbl Update 32768
Aug 3 00:08:14 2001 In lbl Update 32769
Aug 3 00:08:14 2001 ckt0 up fe-0/0/0.0 意义
Egress Protection: Yes 输出显示给定的 PVC 受连接保护逻辑保护。
验证路由实例详细信息
目的
验证在主服务器上配置的路由实例信息和上下文标识符,在节点链路发生故障时用作下一跃点地址。
操作
在操作模式下,运行 show route foo detail 命令。
content_copy zoom_out_map
user@PE2> show route foo detail
content_copy zoom_out_map
foo:
Router ID: 0.0.0.0
Type: l2vpn non-forwarding State: Active
Interfaces:
lt-1/2/0.56
Route-distinguisher: 10.255.255.11:1
Vrf-import: [ __vrf-import-foo-internal__ ]
Vrf-export: [ __vrf-export-foo-internal__ ]
Vrf-import-target: [ target:100:200 ]
Vrf-export-target: [ target:100:200 ]
Fast-reroute-priority: low
Vrf-edge-protection-id: 198.51.100.3
Tables:
foo.l2vpn.0 : 5 routes (3 active, 0 holddown, 0 hidden)
foo.l2id.0 : 6 routes (2 active, 0 holddown, 0 hidden)
意义
上下文 ID 设置为 198.51.100.3 ,输出 Vrf-import: [ __vrf-import-foo-internal__] 中提及用于重写下一跃点地址的策略。
验证 IS-IS 配置
目的
验证 IS-IS 上下文标识符信息。
操作
在操作模式下,运行 show isis context-identifier detail 命令。
content_copy zoom_out_map
user@PE2> show isis context-identifier detail
content_copy zoom_out_map
IS-IS context database: Context L Owner Role Primary Metric 198.51.100.3 2 MPLS Protector pro17-b-lr-R1 0 Advertiser pro17-b, Router ID 10.255.107.49, Level 2, tlv protector Advertiser pro17-b-lr-R1, Router ID 10.255.255.11, Metric 1, Level 2, tlv prefix
意义
路由器 PE2 是保护程序,配置的上下文标识符用于 MPLS 协议。
验证 MPLS 配置
目的
验证主 PE 和保护器 PE 上的上下文标识符详细信息。
操作
在操作模式下,运行 show mpls context-identifier detail 命令。
content_copy zoom_out_map
user@PE1> show mpls context-identifier detail
content_copy zoom_out_map
ID: 198.51.100.3 Type: primary, Metric: 1, Mode: alias Total 1, Primary 1, Protector 0
content_copy zoom_out_map
user@PE2> show mpls context-identifier detail
content_copy zoom_out_map
ID: 198.51.100.3 Type: protector, Metric: 16777215, Mode: alias Context table: __198.51.100.3__.mpls.0, Label out: 299968
content_copy zoom_out_map
user@PE2> show mpls egress-protection detail
content_copy zoom_out_map
Instance Type Protection-Type foo local-l2vpn Protector Route Target 100:200
意义
上下文 ID 为 198.51.100.3,通告模式为 alias,为出口保护创建的 MPLS 表为 __198.51.100.3__.mpls.0,出口实例名称为 foo,类型为 local-l2vpn。
示例:使用 PLR 作为保护器配置第 3 层 VPN 出口保护
此示例说明当客户与服务提供商多宿主时,如何在第 3 层 VPN 的出口处配置快速服务恢复。
从 Junos OS 15.1 版开始,增强的本地修复点 (PLR) 功能解决了出口节点保护的特殊场景,其中 PLR 和保护器作为一个路由器位于同一位置。在这种情况下,在本地修复期间无需绕过 LSP 重新路由流量。相反,PLR 或保护程序可以将流量直接发送到目标 CE(在主机托管保护程序模型中,PLR 或保护程序也是直接连接到 CE 的备用 PE)或备份 PE(在集中式保护程序模型中,备份 PE 是单独的路由器)。
要求
配置此示例之前,不需要除设备初始化之外的特殊配置。
此示例需要 Junos OS 15.1 或更高版本。
概述
作为出口节点保护的特殊方案,如果路由器既是保护程序又是 PLR,则会安装备份下一跃点以保护传输 LSP。特别是,它不需要旁路 LSP 进行本地维修。
在主机托管保护器模型中,PLR 或保护器通过备用交流直接连接到 CE,而在集中式保护器模型中,PLR 或保护器具有到备用 PE 的 MPLS 隧道。在任何一种情况下,PLR 或保护程序都将安装带有标签的备份下一跃点,然后在表中进行查找 context label ,即 __context__.mpls.0. 当出口节点发生故障时,PLR 或保护程序会将流量切换到 PFE 中的此备份下一跃点。将弹出数据包的外部标签(传输 LSP 标签),并在 中 __context__.mpls.0查找内部标签(出口节点分配的第 3 层 VPN 标签),从而将数据包直接转发到 CE(在并置保护程序模型中)或备份 PE(在集中式保护程序模型中)。
配置
CLI 快速配置
要快速配置此示例,请复制以下命令,将其粘贴到文本文件中,删除所有换行符,更改与您的网络配置匹配所需的任何详细信息,然后将命令复制并粘贴到层次结构级别的 CLI [edit] 中。
设备 CE1
content_copy zoom_out_map
set interfaces ge-0/0/0 unit 0 family inet address 10.10.20.2/30 set interfaces lo0 unit 0 family inet address 10.255.162.87/32
设备 PE1
content_copy zoom_out_map
set interfaces ge-0/0/0 unit 0 family inet address 10.10.20.1/30 set interfaces ge-0/0/1 unit 0 family inet address 10.10.10.1/30 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls set interfaces lo0 unit 0 family inet address 127.0.0.1/32 set interfaces lo0 unit 0 family inet address 10.255.162.84/32 primary set interfaces lo0 unit 0 family iso address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2084.00 set policy-options policy-statement vpn-exp term 1 from protocol direct set policy-options policy-statement vpn-exp term 1 from route filter 10.10.20.0/24 exact set policy-options policy-statement vpn-exp term 1 then community add vpn set policy-options policy-statement vpn-exp term 1 then accept set policy-options policy-statement vpn-imp term 1 from community vpn set policy-options policy-statement vpn-imp term 1 then accept set policy-options policy-statement vpn-imp term 2 then reject set policy-options community vpn members traget:1:1 set routing-options autonomous-system 65000 set protocols rsvp interface all link-protection set protocols rsvp interface fxp0.0 disable set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp vpn-apply-export set protocols bgp group vpn type internal set protocols bgp group vpn local-address 10.255.162.84 set protocols bgp group vpn family inet-vpn unicast set protocols bgp group vpn neighbor 10.255.162.91 set protocols bgp group vpn neighbor 10.255.162.89 set protocols isis interface all set protocols isis interface fxp0.0 disable set protocols isis interface lo0.0 passive set routing-instances vpn instance-type vrf set routing-instances vpn interface ge-1/0/0.0 set routing-instances vpn route-distinguisher 100:100 set routing-instances vpn vrf-import vpn-imp set routing-instances vpn vrf-export vpn-exp set routing-instances vpn vrf-table-label set routing-instances vpn protocols bgp group vpn type external set routing-instances vpn protocols bgp group vpn family inet unicast set routing-instances vpn protocols bgp group vpn peer-as 65001 set routing-instances vpn protocols bgp group vpn as-override set routing-instances vpn protocols bgp group vpn neighbor 10.10.20.2
设备 P
content_copy zoom_out_map
set interfaces ge-0/0/0 unit 0 family inet address 10.10.11.2/30 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/1 unit 0 family inet address 10.10.10.2/30 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls set interfaces lo0 unit 0 family inet address 127.0.0.1/32 set interfaces lo0 unit 0 family inet address 10.255.162.86/32 primary set interfaces lo0 unit 0 family iso address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2086.00 set protocols rsvp interface all link-protection set protocols rsvp interface fxp0.0 disable set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols isis interface all set protocols isis interface fxp0.0 disable
设备 PE2
content_copy zoom_out_map
set interfaces ge-0/0/0 unit 0 family inet address 10.10.11.1/30 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/1 unit 0 family inet address 10.10.12.1/30 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls set interfaces ge-0/0/2 unit 0 family inet address 10.10.30.1/30 set interfaces lo0 unit 0 family inet address 127.0.0.1/32 set interfaces lo0 unit 0 family inet address 10.255.162.91/32 primary set interfaces lo0 unit 0 family iso address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2091.00 set routing-options graceful-restart set routing-options autonomous-system 65000 set routing-options forwarding-table export pplb set protocols rsvp interface all link-protection set protocols rsvp interface fxp0.0 disable set protocols mpls label-switched-path to_PE1 to 10.255.162.84 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols mpls egress-protection context-identifier 10.1.1.1 protector set protocols mpls egress-protection context-identifier 10.1.1.1 advertise-mode stub-alias set protocols bgp vpn-apply-export set protocols bgp group vpn type internal set protocols bgp group vpn local-address 10.255.162.91 set protocols bgp group vpn family inet-vpn unicast egress-protection set protocols bgp group vpn neighbor 10.255.162.84 set protocols bgp group vpn neighbor 10.255.162.89 set protocols isis traceoptions file isis.log set protocols isis traceoptions flag all detail set protocols isis level 2 disable set protocols isis interface all set protocols isis interface fxp0.0 disable set protocols isis interface lo0.0 passive set policy-options policy-statement pplb term 1 then load-balance per-packet set policy-options policy-statement vpn-exp term 1 from protocol bgp set policy-options policy-statement vpn-exp term 1 then community add vpn set policy-options policy-statement vpn-exp term 1 then accept set policy-options policy-statement vpn-imp term 1 from community vpn set policy-options policy-statement vpn-imp term 1 then accept set policy-options policy-statement vpn-imp term 2 then reject set policy-options community vpn members target:1:1 set routing-instances vpn instance-type vrf set routing-instances vpn interface ge-3/2/4.0 set routing-instances vpn route-distinguisher 100:100 set routing-instances vpn vrf-import vpn-imp set routing-instances vpn vrf-export vpn-exp set routing-instances vpn vrf-table-label set routing-instances vpn protocols bgp group vpn type external set routing-instances vpn protocols bgp group vpn family inet unicast set routing-instances vpn protocols bgp group vpn peer-as 65001 set routing-instances vpn protocols bgp group vpn as-override set routing-instances vpn protocols bgp group vpn neighbor 10.10.30.2
设备 PE3
content_copy zoom_out_map
set interfaces ge-0/0/0 unit 0 family inet address 10.10.40.1/30 set interfaces ge-0/0/1 unit 0 family inet address 10.10.12.2/30 set interfaces ge-0/0/1 unit 0 family iso set interfaces ge-0/0/1 unit 0 family mpls set interfaces lo0 unit 0 family inet address 127.0.0.1/32 set interfaces lo0 unit 0 family inet address 10.255.162.89/32 primary set interfaces lo0 unit 0 family iso address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2089.00 set routing-options graceful-restart set routing-options autonomous-system 65000 set routing-options forwarding-table export pplb set protocols rsvp interface all link-protection set protocols rsvp interface fxp0.0 disable set protocols mpls label-switched-path to_PE2 to 10.255.162.91 set protocols mpls label-switched-path to_PE1 to 10.255.162.84 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols mpls egress-protection context-identifier 10.1.1.1 primary set protocols mpls egress-protection context-identifier 10.1.1.1 advertise-mode stub-alias set protocols bgp vpn-apply-export set protocols bgp group vpn type internal set protocols bgp group vpn local-address 10.255.162.89 set protocols bgp group vpn family inet-vpn unicast set protocols bgp group vpn neighbor 10.255.162.84 local-preference 300 set protocols bgp group vpn neighbor 10.255.162.91 set protocols isis level 2 disable set protocols isis interface all set protocols isis interface fxp0.0 disable set protocols isis interface lo0.0 passive set routing-instances vpn instance-type vrf set routing-instances vpn egress-protection context-identifier 10.1.1.1 set routing-instances vpn interface ge-1/1/0.0 set routing-instances vpn route-distinguisher 100:100 set routing-instances vpn vrf-import vpn-imp set routing-instances vpn vrf-export vpn-exp set routing-instances vpn vrf-table-label set routing-instances vpn protocols bgp group vpn type external set routing-instances vpn protocols bgp group vpn family inet unicast set routing-instances vpn protocols bgp group vpn peer-as 65001 set routing-instances vpn protocols bgp group vpn as-override set routing-instances vpn protocols bgp group vpn neighbor 10.10.40.2
设备 CE2
content_copy zoom_out_map
set interfaces ge-0/0/0 unit 0 family inet address 10.10.40.2/30 set interfaces ge-0/0/2 unit 0 family inet address 10.10.30.2/30 set interfaces lo0 unit 0 family inet address 127.0.0.1/32 set interfaces lo0 unit 0 family inet address 10.255.162.88/32 primary set interfaces lo0 unit 0 family iso address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2088.00
配置设备 CE1
分步过程
以下示例要求您在配置层次结构中导航各个级别。有关导航 CLI 的信息,请参阅《Junos OS CLI 用户指南》中的在配置模式下使用 CLI 编辑器。
配置接口。
content_copy zoom_out_map[edit interfaces] user@CE1# set ge-0/0/0 unit 0 family inet address 10.10.20.2/30 user@CE1# set lo0 unit 0 family inet address 10.255.162.87/32
配置设备 PE1
分步过程
配置接口。
content_copy zoom_out_map[edit interfaces] user@PE1# set ge-0/0/0 unit 0 family inet address 10.10.20.1/30 user@PE1# set ge-0/0/1 unit 0 family inet address 10.10.10.1/30 user@PE1# set ge-0/0/1 unit 0 family iso user@PE1# set ge-0/0/1 unit 0 family mpls user@PE1# set lo0 unit 0 family inet address 127.0.0.1/32 user@PE1# set lo0 unit 0 family inet address 10.255.162.84/32 primary user@PE1# set lo0 unit 0 family iso address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2084.00
配置自治系统 (AS) 编号。
content_copy zoom_out_map[edit routing-options] user@PE1# set autonomous-system 65000 user@PE1# set forwarding-table export pplb
配置 RSVP。
content_copy zoom_out_map[edit protocols rsvp] user@PE1# set interface all link-protection user@PE1# set interface fxp0.0 disable
启用 MPLS。
content_copy zoom_out_map[edit protocols mpls] user@PE1# set interface all user@PE1# set interface fxp0.0 disable
配置 BGP。
content_copy zoom_out_map[edit protocols bgp] user@PE1# set group vpn type internal user@PE1# set group vpn local-address 10.255.162.84 user@PE1# set group vpn family inet-vpn unicast user@PE1# set group vpn neighbor 10.255.162.91 user@PE1# set group vpn neighbor 10.255.162.89 user@PE1# set vpn-apply-export
启用 IS-IS。
content_copy zoom_out_map[edit protocols isis] user@PE1# set interface all user@PE1# set interface fxp0.0 disable user@PE1# set interface lo0.0 passive
(可选)配置 OSPF
content_copy zoom_out_map[edit protocols ospf] user@PE1# set area 0.0.0.0 interface all user@PE1# set area 0.0.0.0 interface fxp0.0 disable user@PE1# set area 0.0.0.0 interface lo0.0 passive user@PE1# set traffic-engineering
配置路由实例。
content_copy zoom_out_map[edit routing-instances] user@PE1# set vpn instance-type vrf user@PE1# set vpn interface ge-1/0/0.0 user@PE1# set vpn route-distinguisher 100:100 user@PE1# set vpn vrf-import vpn-imp user@PE1# set vpn vrf-export vpn-exp user@PE1# set vpn vrf-table-label user@PE1# set vpn protocols bgp group vpn type external user@PE1# set vpn protocols bgp group vpn family inet unicast user@PE1# set vpn protocols bgp group vpn peer-as 65001 user@PE1# set vpn protocols bgp group vpn as-override user@PE1# set vpn protocols bgp group vpn neighbor 10.10.20.2
配置路由策略。
content_copy zoom_out_map[edit] user@PE1# set policy-options policy-statement vpn-exp term 1 from protocol direct user@PE1# set policy-options policy-statement vpn-exp term 1 from route filter 10.10.20.0/24 exact user@PE1# set policy-options policy-statement vpn-exp term 1 then community add vpn user@PE1# set policy-options policy-statement vpn-exp term 1 then accept user@PE1# set policy-options policy-statement vpn-imp term 1 from community vpn user@PE1# set policy-options policy-statement vpn-imp term 1 then accept user@PE1# set policy-options policy-statement vpn-imp term 2 then reject user@PE1# set policy-options community vpn members traget:1:1
配置设备 P
分步过程
配置设备接口。
content_copy zoom_out_map[edit interfaces] user@P# set ge-0/0/0 unit 0 family inet address 10.10.11.2/30 user@P# set ge-0/0/0 unit 0 family iso user@P# set ge-0/0/0 unit 0 family mpls user@P# set ge-0/0/1 unit 0 family inet address 10.10.10.2/30 user@P# set ge-0/0/1 unit 0 family iso user@P# set ge-0/0/1 unit 0 family mpls user@P# set lo0 unit 0 family inet address 127.0.0.1/32 user@P# set lo0 unit 0 family inet address 10.255.162.86/32 primary user@P# set lo0 unit 0 family iso address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2086.00
启用 IS-IS。
content_copy zoom_out_map[edit protocols isis] user@P# set interface all user@P# set interface fxp0.0 disable
启用 MPLS。
content_copy zoom_out_map[edit protocols mpls ] user@P# set interface all user@P# set interface fxp0.0 disable
配置 RSVP。
content_copy zoom_out_map[edit protocols rsvp] user@P# set interface all link-protection user@P# set interface fxp0.0 disable
(可选)配置 OSPF。
content_copy zoom_out_map[edit protocols ospf] user@P# set area 0.0.0.0 interface all user@P# set area 0.0.0.0 interface fxp0.0 disable user@P# set area 0.0.0.0 interface lo0.0 passive user@P# set traffic-engineering
配置设备 PE2
分步过程
配置接口。
content_copy zoom_out_map[edit interfaces] user@PE2# set ge-0/0/0 unit 0 family inet address 10.10.11.1/30 user@PE2# set ge-0/0/0 unit 0 family iso user@PE2# set ge-0/0/0 unit 0 family mpls user@PE2# set ge-0/0/1 unit 0 family inet address 10.10.12.1/30 user@PE2# set ge-0/0/1 unit 0 family iso user@PE2# set ge-0/0/1 unit 0 family mpls user@PE2# set ge-0/0/2 unit 0 family inet address 10.10.30.1/30 user@PE2# set lo0 unit 0 family inet address 127.0.0.1/32 user@PE2# set lo0 unit 0 family inet address 10.255.162.91/32 primary user@PE2# set lo0 unit 0 family iso address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2091.00
配置自治号码 (AS)。
content_copy zoom_out_map[edit routing-options] user@PE2# set autonomous-system 65000 user@PE2# set forwarding-table export pplb
配置 RSVP。
content_copy zoom_out_map[edit protocols rsvp] user@PE2# set interface all link-protection user@PE2# set interface fxp0.0 disable
配置 MPLS。
content_copy zoom_out_map[edit protocols mpls] user@PE2# set label-switched-path to_PE1 to 10.255.162.84 user@PE2# set interface all user@PE2# set interface fxp0.0 disable user@PE2# set egress-protection context-identifier 10.1.1.1 protector user@PE2# set egress-protection context-identifier 10.1.1.1 advertise-mode stub-alias
配置 BGP。
content_copy zoom_out_map[edit protocols bgp] user@PE2# set group vpn family inet-vpn unicast egress-protection user@PE2# set group vpn local-address 10.255.162.91 user@PE2# set group vpn neighbor 10.255.162.84 user@PE2# set group vpn neighbor 10.255.162.89 user@PE2# set group vpn type internal user@PE2# set vpn-apply-export
配置 IS-IS。
content_copy zoom_out_map[edit protocols isis] user@PE2# set interface all user@PE2# set interface fxp0.0 disable user@PE2# set interface lo0.0 passive user@PE2# set level 2 disable user@PE2# set traceoptions file isis.log user@PE2# set traceoptions flag all detail
(可选)配置 OSPF。
content_copy zoom_out_map[edit protocols ospf] user@PE2# set area 0.0.0.0 interface all user@PE2# set area 0.0.0.0 interface fxp0.0 disable user@PE2# set area 0.0.0.0 interface lo0.0 passive user@PE2# set traffic-engineering
配置路由策略。
content_copy zoom_out_map[edit policy-options] user@PE2# set community vpn members target:1:1 user@PE2# set policy-statement pplb term 1 then load-balance per-packet user@PE2# set policy-statement vpn-exp term 1 from protocol bgp user@PE2# set policy-statement vpn-exp term 1 then community add vpn user@PE2# set policy-statement vpn-exp term 1 then accept user@PE2# set policy-statement vpn-imp term 1 from community vpn user@PE2# set policy-statement vpn-imp term 1 then accept user@PE2# set policy-statement vpn-imp term 2 then reject
配置路由实例。
content_copy zoom_out_map[edit routing-instances] user@PE2# set vpn instance-type vrf user@PE2# set vpn interface ge-3/2/4.0 user@PE2# set vpn route-distinguisher 100:100 user@PE2# set vpn vrf-import vpn-imp user@PE2# set vpn vrf-export vpn-exp user@PE2# set vpn vrf-table-label user@PE2# set vpn protocols bgp group vpn type external user@PE2# set vpn protocols bgp group vpn family inet unicast user@PE2# set vpn protocols bgp group vpn peer-as 65001 user@PE2# set vpn protocols bgp group vpn as-override user@PE2# set vpn protocols bgp group vpn neighbor 10.10.30.2
配置设备 PE3
分步过程
配置接口。
content_copy zoom_out_map[edit interfaces] user@PE3# set ge-0/0/0 unit 0 family inet address 10.10.40.1/30 user@PE3# set ge-0/0/1 unit 0 family inet address 10.10.12.2/30 user@PE3# set ge-0/0/1 unit 0 family iso user@PE3# set ge-0/0/1 unit 0 family mpls user@PE3# set lo0 unit 0 family inet address 127.0.0.1/32 user@PE3# set lo0 unit 0 family inet address 10.255.162.89/32 primary user@PE3# set lo0 unit 0 family iso address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2089.00
配置自治号码 (AS)。
content_copy zoom_out_map[edit routing-options] user@PE3# set autonomous-system 65000 user@PE3# set forwarding-table export pplb
配置 RSVP。
content_copy zoom_out_map[edit protocols rsvp] user@PE3# set interface all link-protection user@PE3# set interface fxp0.0 disable
配置 MPLS。
content_copy zoom_out_map[edit protocols mpls] user@PE3# set interface all user@PE3# set interface fxp0.0 disable user@PE3# set egress-protection context-identifier 10.1.1.1 primary user@PE3# set egress-protection context-identifier 10.1.1.1 advertise-mode stub-alias user@PE3# set label-switched-path to_PE2 to 10.255.162.91 user@PE3# set label-switched-path to_PE1 to 10.255.162.84
配置 BGP。
content_copy zoom_out_map[edit protocols bgp] user@PE3# set group vpn type internal user@PE3# set group vpn local-address 10.255.162.89 user@PE3# set group vpn family inet-vpn unicast user@PE3# set group vpn neighbor 10.255.162.84 local-preference 300 user@PE3# set group vpn neighbor 10.255.162.91 user@PE3# set vpn-apply-export
配置 IS-IS。
content_copy zoom_out_map[edit protocols isis] user@PE3# set interface all user@PE3# set interface fxp0.0 disable user@PE3# set interface lo0.0 passive user@PE3# set level 2 disable
(可选)配置 OSPF。
content_copy zoom_out_map[edit protocols ospf] user@PE3# set area 0.0.0.0 interface all user@PE3# set area 0.0.0.0 interface fxp0.0 disable user@PE3# set area 0.0.0.0 interface lo0.0 passive user@PE3# set traffic-engineering
配置路由实例。
content_copy zoom_out_map[edit routing-instances] user@PE3# set vpn egress-protection context-identifier 10.1.1.1 user@PE3# set vpn instance-type vrf user@PE3# set vpn interface ge-1/1/0.0 user@PE3# set vpn protocols bgp group vpn type external user@PE3# set vpn protocols bgp group vpn family inet unicast user@PE3# set vpn protocols bgp group vpn peer-as 65001 user@PE3# set vpn protocols bgp group vpn as-override user@PE3# set vpn protocols bgp group vpn neighbor 10.10.40.2 user@PE3# set vpn route-distinguisher 100:100 user@PE3# set vpn vrf-export vpn-exp user@PE3# set vpn vrf-import vpn-imp user@PE3# set vpn vrf-table-label
配置设备 CE2
分步过程
配置接口。
content_copy zoom_out_map[edit interfaces] user@CE2# set ge-0/0/0 unit 0 family inet address 10.10.40.2/30 user@CE2# set ge-0/0/2 unit 0 family inet address 10.10.30.2/30 user@CE2# set lo0 unit 0 family inet address 127.0.0.1/32 user@CE2# set lo0 unit 0 family inet address 10.255.162.88/32 primary user@CE2# set lo0 unit 0 family iso address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2088.00
结果
在配置模式下,输入 show interfaces 和 show protocols 命令,以确认您的配置。如果输出未显示预期的配置,请重复此示例中的说明,以便进行更正。
设备 CE1
content_copy zoom_out_map
user@CE1# show interfaces
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.20.2/30;
}
}
}
设备 PE1
content_copy zoom_out_map
user@PE1# show interfaces
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.20.1/30;
}
}
}
ge-0/0/1 {
unit 0 {
family inet {
address 10.10.10.1/30;
}
family iso;
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 127.0.0.1/32;
address 10.255.162.84/32 {
primary;
}
}
family iso {
address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2084.00;
}
}
}
content_copy zoom_out_map
user@PE1# show protocols
rsvp {
interface all {
link-protection;
}
interface fxp0.0 {
disable;
}
}
mpls {
interface all;
interface fxp0.0 {
disable;
}
}
bgp {
vpn-apply-export;
group vpn {
type internal;
local-address 10.255.162.84;
family inet-vpn {
unicast;
}
neighbor 10.255.162.91;
neighbor 10.255.162.89;
}
}
isis {
interface all;
interface fxp0.0 {
disable;
}
interface lo0.0 {
passive;
}
}
设备 P
content_copy zoom_out_map
user@P# show interfaces
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.11.2/30;
}
family iso;
family mpls;
}
}
ge-0/0/1 {
unit 0 {
family inet {
address 10.10.10.2/30;
}
family iso;
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 127.0.0.1/32;
address 10.255.162.86/32 {
primary;
}
}
family iso {
address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2086.00;
}
}
}
content_copy zoom_out_map
user@P# show protocols
rsvp {
interface all {
link-protection;
}
interface fxp0.0 {
disable;
}
}
mpls {
interface all;
interface fxp0.0 {
disable;
}
}
isis {
interface all;
interface fxp0.0 {
disable;
}
}
设备 PE2
content_copy zoom_out_map
user@PE2# show interfaces
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.11.1/30;
}
family iso;
family mpls;
}
}
ge-0/0/1 {
unit 0 {
family inet {
address 10.10.12.1/30;
}
family iso;
family mpls;
}
}
ge-0/0/2 {
unit 0 {
family inet {
address 10.10.30.1/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 127.0.0.1/32;
address 10.255.162.91/32 {
primary;
}
}
family iso {
address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2091.00;
}
}
}
content_copy zoom_out_map
user@PE2# show protocols
rsvp {
interface all {
link-protection;
}
interface fxp0.0 {
disable;
}
}
mpls {
label-switched-path to_PE1 {
to 10.255.162.84;
}
interface all;
interface fxp0.0 {
disable;
}
egress-protection {
context-identifier 10.1.1.1 {
protector;
advertise-mode stub-alias;
}
}
}
bgp {
vpn-apply-export;
group vpn {
type internal;
local-address 10.255.162.91;
family inet-vpn {
unicast {
egress-protection;
}
}
neighbor 10.255.162.84;
neighbor 10.255.162.89;
}
}
isis {
traceoptions {
file isis.log;
flag all detail;
}
level 2 disable;
interface all;
interface fxp0.0 {
disable;
}
interface lo0.0 {
passive;
}
}
设备 PE3
content_copy zoom_out_map
user@PE3# show interfaces
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.40.1/30;
}
}
}
ge-0/0/1 {
unit 0 {
family inet {
address 10.10.12.2/30;
}
family iso;
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 127.0.0.1/32;
address 10.255.162.89/32 {
primary;
}
}
family iso {
address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2089.00;
}
}
}
content_copy zoom_out_map
user@PE3# show protocols
rsvp {
interface all {
link-protection;
}
interface fxp0.0 {
disable;
}
}
mpls {
label-switched-path to_PE2 {
to 10.255.162.91;
}
label-switched-path to_PE1 {
to 10.255.162.84;
}
interface all;
interface fxp0.0 {
disable;
}
egress-protection {
context-identifier 10.1.1.1 {
primary;
advertise-mode stub-alias;
}
}
}
bgp {
vpn-apply-export;
group vpn {
type internal;
local-address 10.255.162.89;
family inet-vpn {
unicast;
}
neighbor 10.255.162.84 {
local-preference 300;
}
neighbor 10.255.162.91;
}
}
isis {
level 2 disable;
interface all;
interface fxp0.0 {
disable;
}
interface lo0.0 {
passive;
}
}
设备 CE2
content_copy zoom_out_map
user@CE2# show interfaces
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.40.2/30;
}
}
}
ge-0/0/2 {
unit 0 {
family inet {
address 10.10.30.2/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 127.0.0.1/32;
address 10.255.162.88/32 {
primary;
}
}
family iso {
address 47.0005.80ff.f800.0000.0108.0001.0102.5516.2088.00;
}
}
}
验证
验证路由实例
目的
检查路由表中的路由。
操作
content_copy zoom_out_map
user@PE1> show route 10.10.50 table vpn.inet.0
vpn.inet.0: 6 destinations, 7 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.10.50.0/24 *[BGP/170] 00:01:26, localpref 100, from 10.255.162.96
AS path: 65001 I, validation-state: unverified
> to 10.10.10.2 via ge-2/0/2.0, Push 16, Push 300064(top)
[BGP/170] 00:06:22, localpref 50, from 10.255.162.91
AS path: 65001 I, validation-state: unverified
> to 10.10.10.2 via ge-2/0/2.0, Push 17, Push 299920(top)content_copy zoom_out_map
user@PE1>show route 10.10.50 extensive table vpn.inet.0
vpn.inet.0: 6 destinations, 7 routes (6 active, 0 holddown, 0 hidden)
10.10.50.0/24 (2 entries, 1 announced)
TSI:
KRT in-kernel 10.10.50.0/24 -> {indirect(1048575)}
Page 0 idx 1, (group vpn type External) Type 1 val 0x9e33490 (adv_entry)
Advertised metrics:
Nexthop: Self
AS path: [65000] 65000 I
Communities: target:1:1
Path 10.10.50.0 from 10.255.162.96 Vector len 4. Val: 1
*BGP Preference: 170/-101
Route Distinguisher: 200:100
Next hop type: Indirect, Next hop index: 0
Address: 0x9db63f0
Next-hop reference count: 6
Source: 10.255.162.96
Next hop type: Router, Next hop index: 635
Next hop: 10.10.10.2 via ge-2/0/2.0, selected
Label operation: Push 16, Push 300064(top)
Label TTL action: prop-ttl, prop-ttl(top)
Load balance label: Label 16: None; Label 300064: None;
Label element ptr: 0x9db60e0
Label parent element ptr: 0x9db5e40
Label element references: 1
Label element child references: 0
Label element lsp id: 0
Session Id: 0x146
Protocol next hop: 10.1.1.1
Label operation: Push 16
Label TTL action: prop-ttl
Load balance label: Label 16: None;
Indirect next hop: 0x9e55440 1048575 INH Session ID: 0x14d
State: < Secondary Active Int Ext ProtectionCand >
Local AS: 65000 Peer AS: 65000
Age: 1:28 Metric2: 1
Validation State: unverified
Task: BGP_65000.10.255.162.96
Announcement bits (2): 0-KRT 1-BGP_RT_Background
AS path: 65001 I
Communities: target:1:1
Import Accepted
VPN Label: 16
Localpref: 100
Router ID: 10.255.162.96
Primary Routing Table bgp.l3vpn.0
Indirect next hops: 1
Protocol next hop: 10.1.1.1 Metric: 1
Label operation: Push 16
Label TTL action: prop-ttl
Load balance label: Label 16: None;
Indirect next hop: 0x9e55440 1048575 INH Session ID: 0x14d
Indirect path forwarding next hops: 1
Next hop type: Router
Next hop: 10.10.10.2 via ge-2/0/2.0
Session Id: 0x146
10.1.1.1/32 Originating RIB: inet.3
Metric: 1 Node path count: 1
Forwarding nexthops: 1
Nexthop: 10.10.10.2 via ge-2/0/2.0
BGP Preference: 170/-51
Route Distinguisher: 100:100
Next hop type: Indirect, Next hop index: 0
Address: 0x9db6390
Next-hop reference count: 5
Source: 10.255.162.91
Next hop type: Router, Next hop index: 636
Next hop: 10.10.10.2 via ge-2/0/2.0, selected
Label operation: Push 17, Push 299920(top)
Label TTL action: prop-ttl, prop-ttl(top)
Load balance label: Label 17: None; Label 299920: None;
Label element ptr: 0x9db62c0
Label parent element ptr: 0x9dc0d00
Label element references: 1
Label element child references: 0
Label element lsp id: 0
Session Id: 0x146
Protocol next hop: 10.255.162.91
Label operation: Push 17
Label TTL action: prop-ttl
Load balance label: Label 17: None;
Indirect next hop: 0x9e55580 1048574 INH Session ID: 0x14c
State: < Secondary Int Ext ProtectionCand >
Inactive reason: Local Preference
Local AS: 65000 Peer AS: 65000
Age: 6:24 Metric2: 1
Validation State: unverified
Task: BGP_65000.10.255.162.91
AS path: 65001 I
Communities: target:1:1
Import Accepted
VPN Label: 17
Localpref: 50
Router ID: 10.255.162.91
Primary Routing Table bgp.l3vpn.0
Indirect next hops: 1
Protocol next hop: 10.255.162.91 Metric: 1
Label operation: Push 17
Label TTL action: prop-ttl
Load balance label: Label 17: None;
Indirect next hop: 0x9e55580 1048574 INH Session ID: 0x14c
Indirect path forwarding next hops: 1
Next hop type: Router
Next hop: 10.10.10.2 via ge-2/0/2.0
Session Id: 0x146
10.255.162.91/32 Originating RIB: inet.3
Metric: 1 Node path count: 1
Forwarding nexthops: 1
Nexthop: 10.10.10.2 via ge-2/0/2.0
content_copy zoom_out_map
user@PE2> show route table mpls.0
mpls.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0 *[MPLS/0] 00:23:33, metric 1
to table inet.0
0(S=0) *[MPLS/0] 00:23:33, metric 1
to table mpls.0
1 *[MPLS/0] 00:23:33, metric 1
Receive
2 *[MPLS/0] 00:23:33, metric 1
to table inet6.0
2(S=0) *[MPLS/0] 00:23:33, metric 1
to table mpls.0
13 *[MPLS/0] 00:23:33, metric 1
Receive
17 *[VPN/0] 00:23:33
to table vpn.inet.0, Pop
299856(S=0) *[MPLS/0] 00:23:33
to table __10.1.1.1__.mpls.0
299904 *[LDP/9] 00:01:50, metric 1
> to 10.10.11.2 via xe-8/2/5.0, Pop
299904(S=0) *[LDP/9] 00:01:50, metric 1
> to 10.10.11.2 via xe-8/2/5.0, Pop
299920 *[LDP/9] 00:01:50, metric 1
> to 10.10.11.2 via xe-8/2/5.0, Swap 299904
300016 *[LDP/9] 00:01:50, metric 1
> to 10.10.12.1 via ge-3/0/2.0, Pop
to table __10.1.1.1__.mpls.0
300016(S=0) *[LDP/9] 00:01:50, metric 1
> to 10.10.12.1 via ge-3/0/2.0, Pop
to table __10.1.1.1__.mpls.0
300048 *[LDP/9] 00:01:50, metric 1
> to 10.10.12.1 via ge-3/0/2.0, Pop
300048(S=0) *[LDP/9] 00:01:50, metric 1
> to 10.10.12.1 via ge-3/0/2.0, Pop content_copy zoom_out_map
user@PE2> show route table __10.1.1.1__.mpls.0
__10.1.1.1__.mpls.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
16 *[Egress-Protection/170] 00:22:57
to table __10.1.1.1-vpn__.inet.0content_copy zoom_out_map
user@PE2> show route table __10.1.1.1__.mpls.0 extensive
__10.1.1.1__.mpls.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
16 (1 entry, 1 announced)
State: < CalcForwarding >
TSI:
KRT in-kernel 16 /52 -> {Table}
*Egress-Protection Preference: 170
Next table: __10.1.1.1-vpn__.inet.0
Next-hop index: 649
Address: 0x9dc2690
Next-hop reference count: 2
State: < Active NoReadvrt ForwardingOnly Int Ext >
Local AS: 65000
Age: 22:59
Validation State: unverified
Task: Protection
Announcement bits (1): 0-KRT
AS path: I
Protecting 2 routescontent_copy zoom_out_map
user@PE2> show route table __10.1.1.1-vpn__.inet.0
__10.1.1.1-vpn__.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.10.30.0/24 *[Egress-Protection/170] 00:02:11
to table vpn.inet.0
10.10.50.0/24 *[Egress-Protection/170] 00:02:11
> to 10.10.30.2 via ge-3/2/4.0content_copy zoom_out_map
user@PE2> show route table __10.1.1.1-vpn__.inet.0 extensive
__10.1.1.1-vpn__.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
10.10.30.0/24 (1 entry, 1 announced)
State: < CalcForwarding >
TSI:
KRT in-kernel 10.10.30.0/24 -> {Table}
*Egress-Protection Preference: 170
Next table: vpn.inet.0
Next-hop index: 592
Address: 0x9dc2630
Next-hop reference count: 2
State: < Active NoReadvrt ForwardingOnly Int Ext >
Local AS: 65000
Age: 2:13
Validation State: unverified
Task: Protection
Announcement bits (1): 0-KRT
AS path: I
Backup route 10.10.30.0 table vpn.inet.0
10.10.50.0/24 (1 entry, 1 announced)
State: < CalcForwarding >
TSI:
KRT in-kernel 10.10.50.0/24 -> {10.10.30.2}
*Egress-Protection Preference: 170
Next hop type: Router, Next hop index: 630
Address: 0x9dc1d90
Next-hop reference count: 7
Next hop: 10.10.30.2 via ge-3/2/4.0, selected
Session Id: 0x147
State: < Active NoReadvrt ForwardingOnly Int Ext >
Local AS: 65000
Age: 2:13
Validation State: unverified
Task: Protection
Announcement bits (1): 0-KRT
AS path: I
Backup route 10.10.50.0 table vpn.inet.0content_copy zoom_out_map
user@PE2> show route table mpls.0 label 17
mpls.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
17 *[VPN/0] 00:25:06
to table vpn.inet.0, Pop content_copy zoom_out_map
user@PE2> show route table mpls.0 label 17 extensive
mpls.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden)
17 (1 entry, 0 announced)
*VPN Preference: 0
Next table: vpn.inet.0
Next-hop index: 0
Label operation: Pop
Load balance label: None;
Label element ptr: 0x9db3920
Label parent element ptr: 0x0
Label element references: 1
Label element child references: 0
Label element lsp id: 0
Address: 0x9db3990
Next-hop reference count: 1
State: < Active NotInstall Int Ext >
Age: 25:30
Validation State: unverified
Task: RT
AS path: Icontent_copy zoom_out_map
user@PE3> show route table mpls.0
mpls.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0 *[MPLS/0] 00:24:16, metric 1
to table inet.0
0(S=0) *[MPLS/0] 00:24:16, metric 1
to table mpls.0
1 *[MPLS/0] 00:24:16, metric 1
Receive
2 *[MPLS/0] 00:24:16, metric 1
to table inet6.0
2(S=0) *[MPLS/0] 00:24:16, metric 1
to table mpls.0
13 *[MPLS/0] 00:24:16, metric 1
Receive
16 *[VPN/0] 00:24:15
to table vpn.inet.0, Pop
300096 *[LDP/9] 00:02:33, metric 1
> to 10.10.12.2 via ge-1/1/4.0, Swap 299920
300112 *[LDP/9] 00:02:33, metric 1
> to 10.10.12.2 via ge-1/1/4.0, Swap 299904
300128 *[LDP/9] 00:02:33, metric 1
> to 10.10.12.2 via ge-1/1/4.0, Pop
300128(S=0) *[LDP/9] 00:02:33, metric 1
> to 10.10.12.2 via ge-1/1/4.0, Pop content_copy zoom_out_map
user@PE3> show route table mpls.0 label 16
mpls.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
16 *[VPN/0] 00:24:22
to table vpn.inet.0, Pop content_copy zoom_out_map
user@PE3> show route table mpls.0 label 16 extensive
mpls.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden)
16 (1 entry, 0 announced)
*VPN Preference: 0
Next table: vpn.inet.0
Next-hop index: 0
Label operation: Pop
Load balance label: None;
Label element ptr: 0x31d1ec0
Label parent element ptr: 0x0
Label element references: 1
Label element child references: 0
Label element lsp id: 0
Address: 0x31d1f30
Next-hop reference count: 1
State: < Active NotInstall Int Ext >
Age: 24:24
Validation State: unverified
Task: RT
AS path: I检查上下文标识符路由
目的
检查有关上下文标识符 (10.1.1.1) 的信息。
操作
content_copy zoom_out_map
user@PE1> show route 10.1.1.1
inet.0: 47 destinations, 47 routes (46 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
10.1.1.1/32 *[IS-IS/15] 00:04:08, metric 31
> to 10.10.10.2 via ge-2/0/2.0
inet.3: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.1.1.1/32 *[LDP/9] 00:04:08, metric 1
> to 10.10.10.2 via ge-2/0/2.0, Push 300064
inet.5: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.1.1.1/32 *[IS-IS/15] 00:04:08, metric 31, metric2 1
> to 10.10.10.2 via ge-2/0/2.0, Push 299856, Push 299920(top)
content_copy zoom_out_map
user@PE2> show route 10.1.1.1
inet.0: 48 destinations, 49 routes (47 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
10.1.1.1/32 *[MPLS/2] 00:26:00, metric 16777215
Receive
[IS-IS/15] 00:04:17, metric 11
> to 10.10.12.1 via ge-3/0/2.0
inet.3: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.1.1.1/32 *[LDP/9] 00:04:17, metric 1
> to 10.10.12.1 via ge-3/0/2.0content_copy zoom_out_map
user@PE2> show mpls context-identifier ID Type Metric ContextTable 10.1.1.1 protector 16777215 __10.1.1.1__.mpls.0 Total 1, Primary 0, Protector 1
content_copy zoom_out_map
user@PE2> show mpls context-identifier detail ID: 10.1.1.1 Type: protector, Metric: 16777215, Mode: alias Context table: __10.1.1.1__.mpls.0, Label out: 299856 Total 1, Primary 0, Protector 1
content_copy zoom_out_map
user@PE3> show route 10.1.1.1
inet.0: 47 destinations, 47 routes (46 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
10.1.1.1/32 *[MPLS/1] 00:26:09, metric 1
Receive
inet.3: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.1.1.1/32 *[MPLS/1] 00:26:09, metric 1
Receive
inet.5: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.1.1.1/32 *[IS-IS/15] 00:04:27, metric 1, metric2 1
> to 10.10.12.2 via ge-1/1/4.0, Push 299856
content_copy zoom_out_map
user@PE3> show mpls context-identifier ID Type Metric ContextTable 10.1.1.1 primary 1 Total 1, Primary 1, Protector 0
content_copy zoom_out_map
user@PE3> show mpls context-identifier detail ID: 10.1.1.1 Type: primary, Metric: 1, Mode: alias Total 1, Primary 1, Protector 0
了解 EX 系列交换机上的 MPLS 和路径保护
适用于瞻博网络 EX 系列以太网交换机的 Junos OS MPLS 提供路径保护,保护您的 MPLS 网络免受标签交换路径 (LSP) 故障的影响。
默认情况下,LSP 从入口提供商边缘交换机逐跳路由自身,通过提供商交换机路由到出口提供商边缘交换机。LSP 通常遵循本地路由表指示的最短路径,通常采用与基于目标的尽力而为流量相同的路径。这些路径本质上是“软”路径,因为每当路由表或节点或链路的状态发生更改时,它们都会自动重新路由。
通常,当 LSP 发生故障时,故障上游的交换机会向入口提供商边缘交换机发出中断信号。入口提供商边缘交换机计算到出口提供商边缘交换机的新路径,建立新的 LSP,然后将流量从故障路径定向到新路径。此重新路由过程可能非常耗时且容易失败。例如,发往入换机的中断信号可能会丢失,或者新路径可能需要很长时间才能启动,从而导致数据包丢失次数显著。
您可以通过在入换机上配置主路径和辅助路径来配置路径保护。如果主路径发生故障,入换机会立即将流量从故障路径重新路由到备用路径,从此,入换机无需计算新路由并发出新路径信号。有关配置备用 LSP 的信息,请参阅在 MPLS 网络中配置路径保护(CLI 过程)。
验证 MPLS 网络中的路径保护
要验证 EX 系列交换机上的路径保护是否正常工作,请执行以下操作:
验证主路径
目的
验证主路径是否正常运行。
操作
content_copy zoom_out_map
user@switch> show mpls lsp extensive ingress
Ingress LSP: 2 sessions
127.1.8.8
From: 127.1.9.9, State: Up, ActiveRoute: 0, LSPname: lsp_to_240
ActivePath: primary_path_lsp_to_240 (primary)
LoadBalance: Random
Encoding type: Packet, Switching type: Packet, GPID: IPv4
*Primary primary_path_lsp_to_240 State: Up
Priorities: 7 0
SmartOptimizeTimer: 180
Exclude: red
Computed ERO (S [L] denotes strict [loose] hops): (CSPF metric: 2)
10.3.3.2 S 10.3.4.2 S
Received RRO (ProtectionFlag 1=Available 2=InUse 4=B/W 8=Node 10=SoftPreempt 20=Node-ID):
10.3.3.2 10.3.4.2
6 Mar 11 23:58:01.684 Selected as active path: due to 'primary'
5 Mar 11 23:57:00.750 Record Route: 10.3.3.2 10.3.4.2
4 Mar 11 23:57:00.750 Up
3 Mar 11 23:57:00.595 Originate Call
2 Mar 11 23:57:00.595 CSPF: computation result accepted 10.3.3.2 10.3.4.2
1 Mar 11 23:56:31.135 CSPF failed: no route toward 10.3.2.2[25 times]
Standby secondary_path_lsp_to_240 State: Up
Standby secondary_path_lsp_to_240 State: Up
Priorities: 7 0
SmartOptimizeTimer: 180
Computed ERO (S [L] denotes strict [loose] hops): (CSPF metric: 1)
10.3.5.2 S
Received RRO (ProtectionFlag 1=Available 2=InUse 4=B/W 8=Node 10=SoftPreempt 20=Node-ID):
10.3.5.2
7 Mar 11 23:58:01.684 Deselected as active: due to 'primary'
6 Mar 11 23:46:17.298 Selected as active path
5 Mar 11 23:46:17.295 Record Route: 5.5.5.2
4 Mar 11 23:46:17.287 Up
3 Mar 11 23:46:16.760 Originate Call
2 Mar 11 23:46:16.760 CSPF: computation result accepted 10.3.5.2
1 Mar 11 23:45:48.095 CSPF failed: no route toward 10.5.5.5[2 times]
Created: Wed Mar 11 23:44:37 2009
[Output truncated]
意义
如输出中的所示 ActivePath ,LSP primary_path_lsp_to_240 处于活动状态。
验证启用 RSVP 的接口
目的
验证启用了资源预留协议 (RSVP) 的接口和数据包统计信息的状态。
操作
content_copy zoom_out_map
user@switch> show rsvp interfaces
RSVP interface: 1 active
Active Subscr- Static Available Reserved Highwater
Interface State resv iption BW BW BW mark
ge-0/0/20.0 Up 2 100% 1000Mbps 1000Mbps 0bps 0bps
意义
此输出验证 RSVP 是否已启用并在接口 ge-0/0/20.0上运行。
验证辅助路径
目的
验证是否已建立辅助路径。
操作
停用对主路径至关重要的交换机,然后发出以下命令:
content_copy zoom_out_map
user@switch> show mpls lsp extensive
Ingress LSP: 1 sessions
127.0.0.8
From: 127.0.0.1, State: Up, ActiveRoute: 0, LSPname: lsp_to_240
ActivePath: secondary_path_lsp_to_240 (secondary)
LoadBalance: Random
Encoding type: Packet, Switching type: Packet, GPID: IPv4
Primary primary_path_lsp_to_240 State: Dn
Priorities: 7 0
SmartOptimizeTimer: 180
Exclude: red
Will be enqueued for recomputation in 8 second(s).
51 Mar 8 12:23:31.268 CSPF failed: no route toward 127.0.0.11[11420 times]
50 Mar 4 15:35:25.610 Clear Call: CSPF computation failed
49 Mar 4 15:35:25.610 CSPF: link down/deleted: 127.0.0.2(127.0.0.1:0)(127.0.0.1)->
0.0.0.0(127.0.0.20:0)(127.0.0.20)
48 Mar 4 15:35:25.576 Deselected as active
47 Mar 4 15:35:25.550 No Route toward dest
46 Mar 4 15:35:25.550 ?????
45 Mar 4 15:35:25.549 127.0.0.12: Down
44 Mar 4 15:33:29.839 Selected as active path
43 Mar 4 15:33:29.837 Record Route: 127.0.0.20 127.0.0.40
42 Mar 4 15:33:29.835 Up
41 Mar 4 15:33:29.756 Originate Call
40 Mar 4 15:33:29.756 CSPF: computation result accepted 127.0.0.20 127.0.0.40
39 Mar 4 15:33:00.395 CSPF failed: no route toward 127.0.0.11[7 times]
38 Mar 4 15:30:31.412 Clear Call: CSPF computation failed
37 Mar 4 15:30:31.412 CSPF: link down/deleted: 127.0.0.2(127.0.0.1:0)(127.0.0.1)->
0.0.0.0(127.0.0.20:0)(127.0.0.20)
36 Mar 4 15:30:31.379 Deselected as active
35 Mar 4 15:30:31.350 No Route toward dest
34 Mar 4 15:30:31.350 ?????
33 Mar 4 15:30:31.349 127.0.0.12: Down
32 Mar 4 15:29:05.802 Selected as active path
31 Mar 4 15:29:05.801 Record Route: 127.0.0.20 127.0.0.40
30 Mar 4 15:29:05.801 Up
29 Mar 4 15:29:05.686 Originate Call
28 Mar 4 15:29:05.686 CSPF: computation result accepted 127.0.0.20 127.0.0.40
27 Mar 4 15:28:35.852 CSPF failed: no route toward 127.0.0.11[132 times]
26 Mar 4 14:25:12.113 Clear Call: CSPF computation failed
25 Mar 4 14:25:12.113 CSPF: link down/deleted: 0.0.0.0(127.0.0.20:0)(127.0.0.20)->
0.0.0.0(10.10.10.10:0)(10.10.10.10)
*Standby secondary_path_lsp_to_240 State: Up
Priorities: 7 0
SmartOptimizeTimer: 180
Computed ERO (S [L] denotes strict [loose] hops): (CSPF metric: 1)
[Output truncated]意义
如输出中的所示 ActivePath ,LSP secondary_path_lsp_to_240 处于活动状态。
变更历史表
是否支持某项功能取决于您使用的平台和版本。 使用 Feature Explorer 查看您使用的平台是否支持某项功能。
版本
说明
15.1
从 Junos OS 15.1 版开始,增强的本地修复点 (PLR) 功能解决了出口节点保护的特殊场景,其中 PLR 和保护器作为一个路由器位于同一位置。在这种情况下,在本地修复期间无需绕过 LSP 重新路由流量。
14.2
从 Junos OS 14.2 版开始,Junos OS 支持在出口 PE 节点中出现链路或节点故障时恢复出口流量。
14.2
从 Junos OS 14.2 版开始,Junos OS 支持在出口 PE 节点中出现链路或节点故障时恢复出口流量。
