-
[MPLS] OSPF Super Backbone Area (1)Protocols/BGP_OSPF_MPLS_VPN 2021. 6. 23. 13:25
<목적>
1. OSPF의 VRF는 어떻게 사용하는가
2. SuperBackbone Area의 존재, 어떻게 작동하는지 확인
<BASE>
Service Provider - EIGRP > LDP > MP-BGP(vpnv4), OSPF area 0 with CE
Company1 - OSPF area 0
<OSPF with VRF>
EIGRP와 RIP, BGP는 각 고객별 VRF를 각 해당 라우팅 프로세스 안에서 사용한다.
router bgp 1
address-family ipv4 vrf company1 // bgp 1 프로세스 안에서 구별되는 고객별 VRF.
redistribute ospf 1 match internal external 1 external 2
exit-address-family
하지만 OSPF는 하나의 Processor가 하나의 고객별 VRF를 가진다.
router ospf 1 vrf company1 // 각 고객이 개별로 OSPF process를 가진다.
router-id 1.1.1.1
redistribute bgp 1 subnets
network 1.1.14.1 0.0.0.0 area 0
<OSPF Area Types>- Backbone area (area 0)
- Standard area
- Stub area
- Totally stubby area
- Not-so-stubby area (NSSA)
모든 Area는 Backbone Area에 연결되어 있어야 한다. ‘일반적으로’ 다른 에어리어를 거쳐 연동되면 LSA를 받지 못한다.
나는 여기에 하나 더 Super Backbone Area를 이야기 하려고 한다.
<OSPF Super Backbone Area>
하지만, R1에서 OSPF DB를 확인하면, MPLS VPN으로 광고를 받은 1.1.5.5, 1.1.6.6, 1.1.25.0, 1.1.36.0 경로가 Summary Net Link States에 속해있다. 이말은, LSA type3으로 해당 경로를 받았다는 것을 의미한다.
그럼 LSA3이 뭔가?
LSA Type 3는 ABR이 만들며, 다른 AREA에 소속된 네트워크를 현재의 Area에 소속된 라우터들에게 알리기 위하여 사용된다. 다른 Area에 소속된 네트워크라고 알렸다고? 같은 Area 0인데?1234567891011121314151617181920212223242526272829R1#show ip ospf databaseOSPF Router with ID (1.1.1.1) (Process ID 1)Router Link States (Area 0)Link ID ADV Router Age Seq# Checksum Link count1.1.1.1 1.1.1.1 1397 0x80000006 0x00D222 11.1.4.4 1.1.4.4 1398 0x80000008 0x00BA0F 2Net Link States (Area 0)Link ID ADV Router Age Seq# Checksum1.1.14.4 1.1.4.4 1398 0x80000001 0x000C02Summary Net Link States (Area 0) // 같은 Area 0 인데 Type2가 아니다!Link ID ADV Router Age Seq# Checksum1.1.5.5 1.1.1.1 1244 0x80000001 0x00CFD11.1.6.6 1.1.1.1 1169 0x80000001 0x00BAE41.1.25.0 1.1.1.1 41 0x80000004 0x00BADE1.1.36.0 1.1.1.1 41 0x80000004 0x00414DType-5 AS External Link StatesLink ID ADV Router Age Seq# Checksum Tag4.4.4.4 1.1.4.4 86 0x80000004 0x00E39F 0R1#
LS UPDATE from R1
- 같은 Area 0인데, 왜 LSA type1,2가 아니라, LSA type3(summary net)인가?
이유는 MPLS VPN은 OSPF에 대해서 추가적인 Super Backbone Area로 동작하기 때문이다.123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051R1#show ip ospfRouting Process "ospf 1" with ID 1.1.1.1Domain ID type 0x0005, value 0.0.0.1Start time: 00:00:06.825, Time elapsed: 01:53:14.727Supports only single TOS(TOS0) routesSupports opaque LSASupports Link-local Signaling (LLS)Supports area transit capabilitySupports NSSA (compatible with RFC 3101)Supports Database Exchange Summary List Optimization (RFC 5243)Connected to MPLS VPN Superbackbone, VRF company1 // MPLS VPN SUPER BACKBONE AREAEvent-log disabledIt is an area border and autonomous system boundary router // ABR (Area Border Router)Redistributing External Routes from,bgp 1, includes subnets in redistributionRouter is not originating router-LSAs with maximum metricInitial SPF schedule delay 5000 msecsMinimum hold time between two consecutive SPFs 10000 msecsMaximum wait time between two consecutive SPFs 10000 msecsIncremental-SPF disabledMinimum LSA interval 5 secsMinimum LSA arrival 1000 msecsLSA group pacing timer 240 secsInterface flood pacing timer 33 msecsRetransmission pacing timer 66 msecsNumber of external LSA 1. Checksum Sum 0x00E39FNumber of opaque AS LSA 0. Checksum Sum 0x000000Number of DCbitless external and opaque AS LSA 0Number of DoNotAge external and opaque AS LSA 0Number of areas in this router is 1. 1 normal 0 stub 0 nssaNumber of areas transit capable is 0External flood list length 0IETF NSF helper support enabledCisco NSF helper support enabledReference bandwidth unit is 100 mbpsArea BACKBONE(0)Number of interfaces in this area is 1Area has no authenticationSPF algorithm last executed 00:33:43.332 agoSPF algorithm executed 7 timesArea ranges areNumber of LSA 7. Checksum Sum 0x041916Number of opaque link LSA 0. Checksum Sum 0x000000Number of DCbitless LSA 0Number of indication LSA 0Number of DoNotAge LSA 0Flood list length 0R1#<결론>
R1, R2, R3는 MP-BGP를 사용하여 Company1의 CE 라우터와 MPLS VPN로 연동하였다.CE 라우터들과는 OSPF로 연동하였고 Area는 0으로 같이 맞추었다.
모든 라우터가 Area 0에 속해 있는 상황이나, R1, R2, R3가 MPLS VPN Superbackbone으로 다른 Area로 간주되면서, R4는 R5와 R6의 경로에 대해서 외부 Area에서 받은 것으로 간주된다.
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213R1#show runBuilding configuration...Current configuration : 2611 bytes!! Last configuration change at 06:04:17 EET Wed Jun 23 2021!version 15.5service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname R1!boot-start-markerboot-end-marker!!enable secret 5 $1$S/Tu$H3FW9hMmhPA0XRwpU2kjW1!no aaa new-model!!!bsd-client server url https://cloudsso.cisco.com/as/token.oauth2clock timezone EET 2 0mmi polling-interval 60no mmi auto-configureno mmi pvcmmi snmp-timeout 180!!!!!!!!!!!!!!ip vrf company1rd 1:100route-target export 1:100route-target import 1:100!!!!no ip domain lookupip cefno ipv6 cef!multilink bundle-name authenticated!!!!!!!cts logging verbose!!!redundancy!!!!!!!!!!!!!!!interface Loopback0ip address 1.1.1.1 255.255.255.255!interface Ethernet0/0no ip address!interface Ethernet0/0.12encapsulation dot1Q 12ip address 1.1.12.1 255.255.255.0mpls label protocol ldpmpls ip!interface Ethernet0/0.14encapsulation dot1Q 14ip vrf forwarding company1ip address 1.1.14.1 255.255.255.0!interface Ethernet0/0.17encapsulation dot1Q 17ip address 1.1.17.1 255.255.255.0!interface Ethernet0/1no ip addressshutdown!interface Ethernet0/2no ip addressshutdown!interface Ethernet0/3no ip addressshutdown!interface Ethernet1/0no ip addressshutdown!interface Ethernet1/1no ip addressshutdown!interface Ethernet1/2no ip addressshutdown!interface Ethernet1/3no ip addressshutdown!interface Serial2/0no ip addressshutdownserial restart-delay 0!interface Serial2/1no ip addressshutdownserial restart-delay 0!interface Serial2/2no ip addressshutdownserial restart-delay 0!interface Serial2/3no ip addressshutdownserial restart-delay 0!!router eigrp 1network 1.1.1.1 0.0.0.0network 1.1.12.1 0.0.0.0!router ospf 1 vrf company1router-id 1.1.1.1redistribute bgp 1 subnetsnetwork 1.1.14.1 0.0.0.0 area 0!router bgp 1bgp router-id 1.1.1.1bgp log-neighbor-changesneighbor 1.1.2.2 remote-as 1neighbor 1.1.2.2 update-source Loopback0!address-family vpnv4neighbor 1.1.2.2 activateneighbor 1.1.2.2 send-community extendedexit-address-family!address-family ipv4 vrf company1redistribute ospf 1 match internal external 1 external 2exit-address-family!ip forward-protocol nd!!no ip http serverno ip http secure-server!!!mpls ldp router-id Loopback0!control-plane!!!!!!!!line con 0exec-timeout 0 0logging synchronousline aux 0line vty 0 4password ciscologintransport input none!!endR1#cs 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224R2#show runBuilding configuration...Current configuration : 2980 bytes!! Last configuration change at 05:08:31 EET Wed Jun 23 2021!version 15.5service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname R2!boot-start-markerboot-end-marker!!enable secret 5 $1$6vQn$mKSEEjCt7m/WM5tb.PpUE1!no aaa new-model!!!bsd-client server url https://cloudsso.cisco.com/as/token.oauth2clock timezone EET 2 0mmi polling-interval 60no mmi auto-configureno mmi pvcmmi snmp-timeout 180!!!!!!!!!!!!!!ip vrf company1rd 1:100route-target export 1:100route-target import 1:100!!!!no ip domain lookupip cefno ipv6 cef!multilink bundle-name authenticated!!!!!!!cts logging verbose!!!redundancy!!!!!!!!!!!!!!!interface Loopback0ip address 1.1.2.2 255.255.255.255!interface Ethernet0/0no ip address!interface Ethernet0/0.12encapsulation dot1Q 12ip address 1.1.12.2 255.255.255.0mpls label protocol ldpmpls ip!interface Ethernet0/0.23encapsulation dot1Q 23ip address 1.1.23.2 255.255.255.0mpls label protocol ldpmpls ip!interface Ethernet0/0.25encapsulation dot1Q 25ip vrf forwarding company1ip address 1.1.25.2 255.255.255.0!interface Ethernet0/1no ip addressshutdown!interface Ethernet0/2no ip addressshutdown!interface Ethernet0/3no ip addressshutdown!interface Ethernet1/0no ip addressshutdown!interface Ethernet1/1no ip addressshutdown!interface Ethernet1/2no ip addressshutdown!interface Ethernet1/3no ip addressshutdown!interface Serial2/0no ip addressshutdownserial restart-delay 0!interface Serial2/1no ip addressshutdownserial restart-delay 0!interface Serial2/2no ip addressshutdownserial restart-delay 0!interface Serial2/3no ip addressshutdownserial restart-delay 0!!router eigrp 1network 1.1.2.2 0.0.0.0network 1.1.12.2 0.0.0.0network 1.1.23.2 0.0.0.0!router ospf 1 vrf company1router-id 1.1.2.2redistribute bgp 1 subnetsnetwork 1.1.25.2 0.0.0.0 area 0!router bgp 1bgp router-id 1.1.2.2bgp log-neighbor-changesneighbor 1.1.1.1 remote-as 1neighbor 1.1.1.1 update-source Loopback0neighbor 1.1.1.1 route-reflector-clientneighbor 1.1.3.3 remote-as 1neighbor 1.1.3.3 update-source Loopback0neighbor 1.1.3.3 route-reflector-client!address-family vpnv4neighbor 1.1.1.1 activateneighbor 1.1.1.1 send-community extendedneighbor 1.1.1.1 route-reflector-clientneighbor 1.1.3.3 activateneighbor 1.1.3.3 send-community extendedneighbor 1.1.3.3 route-reflector-clientexit-address-family!address-family ipv4 vrf company1redistribute ospf 1 match internal external 1 external 2exit-address-family!ip forward-protocol nd!!no ip http serverno ip http secure-server!!!mpls ldp router-id Loopback0!control-plane!!!!!!!!line con 0exec-timeout 0 0logging synchronousline aux 0line vty 0 4password ciscologintransport input none!!endR2#cs 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214R3#show runBuilding configuration...Current configuration : 2611 bytes!! Last configuration change at 05:09:52 EET Wed Jun 23 2021!version 15.5service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname R3!boot-start-markerboot-end-marker!!enable secret 5 $1$yGWa$N3cE5cZw.K1pSDj6HIWQS1!no aaa new-model!!!bsd-client server url https://cloudsso.cisco.com/as/token.oauth2clock timezone EET 2 0mmi polling-interval 60no mmi auto-configureno mmi pvcmmi snmp-timeout 180!!!!!!!!!!!!!!ip vrf company1rd 1:100route-target export 1:100route-target import 1:100!!!!no ip domain lookupip cefno ipv6 cef!multilink bundle-name authenticated!!!!!!!cts logging verbose!!!redundancy!!!!!!!!!!!!!!!interface Loopback0ip address 1.1.3.3 255.255.255.255!interface Ethernet0/0no ip address!interface Ethernet0/0.23encapsulation dot1Q 23ip address 1.1.23.3 255.255.255.0mpls label protocol ldpmpls ip!interface Ethernet0/0.36encapsulation dot1Q 36ip vrf forwarding company1ip address 1.1.36.3 255.255.255.0!interface Ethernet0/0.38encapsulation dot1Q 38ip address 1.1.38.3 255.255.255.0!interface Ethernet0/1no ip addressshutdown!interface Ethernet0/2no ip addressshutdown!interface Ethernet0/3no ip addressshutdown!interface Ethernet1/0no ip addressshutdown!interface Ethernet1/1no ip addressshutdown!interface Ethernet1/2no ip addressshutdown!interface Ethernet1/3no ip addressshutdown!interface Serial2/0no ip addressshutdownserial restart-delay 0!interface Serial2/1no ip addressshutdownserial restart-delay 0!interface Serial2/2no ip addressshutdownserial restart-delay 0!interface Serial2/3no ip addressshutdownserial restart-delay 0!!router eigrp 1network 1.1.3.3 0.0.0.0network 1.1.23.3 0.0.0.0!router ospf 1 vrf company1router-id 1.1.3.3redistribute bgp 1 subnetsnetwork 1.1.36.3 0.0.0.0 area 0!router bgp 1bgp router-id 1.1.3.3bgp log-neighbor-changesneighbor 1.1.2.2 remote-as 1neighbor 1.1.2.2 update-source Loopback0!address-family vpnv4neighbor 1.1.2.2 activateneighbor 1.1.2.2 send-community extendedexit-address-family!address-family ipv4 vrf company1redistribute ospf 1 match internal external 1 external 2exit-address-family!ip forward-protocol nd!!no ip http serverno ip http secure-server!!!mpls ldp router-id Loopback0!control-plane!!!!!!!!line con 0exec-timeout 0 0logging synchronousline aux 0line vty 0 4password ciscologintransport input none!!endR3#cs 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180R4#show runBuilding configuration...Current configuration : 1907 bytes!! Last configuration change at 05:06:33 EET Wed Jun 23 2021!version 15.5service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname R4!boot-start-markerboot-end-marker!!enable secret 5 $1$hkoP$09LiVfpkOf3I3whsiGtrl/!no aaa new-model!!!bsd-client server url https://cloudsso.cisco.com/as/token.oauth2clock timezone EET 2 0mmi polling-interval 60no mmi auto-configureno mmi pvcmmi snmp-timeout 180!!!!!!!!!!!!!!!!!no ip domain lookupip cefno ipv6 cef!multilink bundle-name authenticated!!!!!!!cts logging verbose!!!redundancy!!!!!!!!!!!!!!!interface Loopback0ip address 1.1.4.4 255.255.255.255!interface Loopback4ip address 4.4.4.4 255.255.255.255!interface Ethernet0/0no ip address!interface Ethernet0/0.14encapsulation dot1Q 14ip address 1.1.14.4 255.255.255.0!interface Ethernet0/1no ip addressshutdown!interface Ethernet0/2no ip addressshutdown!interface Ethernet0/3no ip addressshutdown!interface Ethernet1/0no ip addressshutdown!interface Ethernet1/1no ip addressshutdown!interface Ethernet1/2no ip addressshutdown!interface Ethernet1/3no ip addressshutdown!interface Serial2/0no ip addressshutdownserial restart-delay 0!interface Serial2/1no ip addressshutdownserial restart-delay 0!interface Serial2/2no ip addressshutdownserial restart-delay 0!interface Serial2/3no ip addressshutdownserial restart-delay 0!router ospf 1router-id 1.1.4.4redistribute connected subnetsnetwork 1.1.4.4 0.0.0.0 area 0network 1.1.14.4 0.0.0.0 area 0!ip forward-protocol nd!!no ip http serverno ip http secure-server!!!!control-plane!!!!!!!!line con 0exec-timeout 0 0logging synchronousline aux 0line vty 0 4password ciscologintransport input none!!endR4#cs 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176R5#show runBuilding configuration...Current configuration : 1817 bytes!! Last configuration change at 05:09:08 EET Wed Jun 23 2021!version 15.5service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname R5!boot-start-markerboot-end-marker!!enable secret 5 $1$KDg7$U1TApHAO57fTKQTanU2WA/!no aaa new-model!!!bsd-client server url https://cloudsso.cisco.com/as/token.oauth2clock timezone EET 2 0mmi polling-interval 60no mmi auto-configureno mmi pvcmmi snmp-timeout 180!!!!!!!!!!!!!!!!!no ip domain lookupip cefno ipv6 cef!multilink bundle-name authenticated!!!!!!!cts logging verbose!!!redundancy!!!!!!!!!!!!!!!interface Loopback0ip address 1.1.5.5 255.255.255.255!interface Ethernet0/0no ip address!interface Ethernet0/0.25encapsulation dot1Q 25ip address 1.1.25.5 255.255.255.0!interface Ethernet0/1no ip addressshutdown!interface Ethernet0/2no ip addressshutdown!interface Ethernet0/3no ip addressshutdown!interface Ethernet1/0no ip addressshutdown!interface Ethernet1/1no ip addressshutdown!interface Ethernet1/2no ip addressshutdown!interface Ethernet1/3no ip addressshutdown!interface Serial2/0no ip addressshutdownserial restart-delay 0!interface Serial2/1no ip addressshutdownserial restart-delay 0!interface Serial2/2no ip addressshutdownserial restart-delay 0!interface Serial2/3no ip addressshutdownserial restart-delay 0!router ospf 1router-id 1.1.5.5network 1.1.5.5 0.0.0.0 area 0network 1.1.25.5 0.0.0.0 area 0!ip forward-protocol nd!!no ip http serverno ip http secure-server!!!!control-plane!!!!!!!!line con 0exec-timeout 0 0logging synchronousline aux 0line vty 0 4password ciscologintransport input none!!endR5#cs 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176R6#show runBuilding configuration...Current configuration : 1817 bytes!! Last configuration change at 05:10:22 EET Wed Jun 23 2021!version 15.5service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname R6!boot-start-markerboot-end-marker!!enable secret 5 $1$kPrq$mZvHv88sU7TEOQdjpQVgj0!no aaa new-model!!!bsd-client server url https://cloudsso.cisco.com/as/token.oauth2clock timezone EET 2 0mmi polling-interval 60no mmi auto-configureno mmi pvcmmi snmp-timeout 180!!!!!!!!!!!!!!!!!no ip domain lookupip cefno ipv6 cef!multilink bundle-name authenticated!!!!!!!cts logging verbose!!!redundancy!!!!!!!!!!!!!!!interface Loopback0ip address 1.1.6.6 255.255.255.255!interface Ethernet0/0no ip address!interface Ethernet0/0.36encapsulation dot1Q 36ip address 1.1.36.6 255.255.255.0!interface Ethernet0/1no ip addressshutdown!interface Ethernet0/2no ip addressshutdown!interface Ethernet0/3no ip addressshutdown!interface Ethernet1/0no ip addressshutdown!interface Ethernet1/1no ip addressshutdown!interface Ethernet1/2no ip addressshutdown!interface Ethernet1/3no ip addressshutdown!interface Serial2/0no ip addressshutdownserial restart-delay 0!interface Serial2/1no ip addressshutdownserial restart-delay 0!interface Serial2/2no ip addressshutdownserial restart-delay 0!interface Serial2/3no ip addressshutdownserial restart-delay 0!router ospf 1router-id 1.1.6.6network 1.1.6.6 0.0.0.0 area 0network 1.1.36.6 0.0.0.0 area 0!ip forward-protocol nd!!no ip http serverno ip http secure-server!!!!control-plane!!!!!!!!line con 0exec-timeout 0 0logging synchronousline aux 0line vty 0 4password ciscologintransport input none!!endR6#cs 'Protocols > BGP_OSPF_MPLS_VPN' 카테고리의 다른 글
[MPLS] OSPF Super Backbone Area (2) (0) 2021.06.23 [MPLS] IP/MPLS Basics (0) 2021.06.08 OSPF metric/cost (0) 2021.02.16 OSPF Link-state/Adjacency changes (0) 2021.02.16 The OSPF Packet Types and Flow (0) 2021.02.11