MPLS： Multiprotocol label switching

multi-protocol ： Can be based on a variety of different 3 Layer protocol to generate 2.5 Label information of layer ;

Packet exchange — The packet is a network layer PDU, Therefore, packet switching is based on IP Address for data forwarding ; Is the routing behavior of the router ;

** Original packet exchange ：** After the packet enters the router , The router needs to query the local routing table （RIB- Routing information database ）, Based on the next jump or target ip Check the local ARP surface , To forward data ;

** Fast packet switching ：** One route, multiple exchanges ; The first packet in each data stream will be forwarded based on the original packet exchange rules ; Generate cache list in the process , Record the whole communication process , The remaining packets of the data traffic can only query the cache records ;

** Express packet exchange ：** No routing required , Direct exchange ; CEF-cisco Express exchange , by cisco Private technology ; Not cisco Manufacturer's equipment exists and cef The forwarding mechanism is the same technology ;

Routing table 、ARP – Convert to FIB（ Forwarding information database ） surface Only query during traffic forwarding FIB Just watch ;

FIB Characteristics ： During the conversion of router tables , Store recursive query results ; At the same time, bind the newly encapsulated layer-2 address ;

IP fast0/0 172.16.20.115(7)

​ ( Recursive out interface ) 0 packets, 0 bytes

​ epoch 0

​ sourced in sev-epoch 357

​ Encap length 14

​ 701CE7662A9768EFBD1D24C50800 New two-layer package

​ The goal is MAC Source MAC Type number

** Label switching ：** The packet enters the MPLS After , In the fourth 2 Layer and the 3 Press in the label number in the middle of the layer ; Make the router in the domain forward the packet , be based on 2.5 The tag number of the layer only needs to query the local one LFIB surface （ Tag forwarding information database ）

Initially, when packet switching only supports original switching , The meaning of tags is faster queries ; But as packet switching accelerates , Using label switching loses the advantage of fast table lookup ;

The present MPLS Meaning of existence ：

1、 solve BGP The routing black hole of 2、MPLS VPN 3、MPLS TE Flow engineering

in addition ： With the acceleration of packet switching , Make today's MPLS Technology is also beginning to be based on FIB Table work ; To improve the MPLS Work efficiency ;

One 、 working process

Control level ： Routing protocols work , Generate RIB, The direction of flow is the control flow ;

Data level ： The device accesses the destination based on the routing table , Generate data traffic ; In the opposite direction of the control level ;

Control level ：

1） In the absence of MPLS The control level only generates RIB（ Routing table ） and FIB（ Forwarding information database ）;FIB Is based on RIB Generate ;

2）MPLS The agreement will start TDP（cisco private ） or LDP（ public ）, A neighbor relationship will be established between directly connected devices ;

LDP-- be based on UDP and TCP Of 646 Port operation ; First use udp Send multicast hello The bag found a neighbor , Get neighbors ip Address , Then establish... With the direct neighbor TCP Conversation ; After the neighbor relationship is established ; For the stability of neighborhood relations , Generally, the loopback address of the device is used to establish tcp conversation ; It is recommended to set the loopback address to mpls Agreed route-id, The id The value will be carried in the multicast transceiver hello In the message , After that, it will automatically tcp Session creation ;

summary ：MPLS The protocol needs to be used between direct neighbors router-id Address to carry out TCP Conversation ; Therefore, the prerequisite is ,route-id Must be for real use of the equipment ip Address , Suggested loopback address — Stable ; Multicast hello Packets are sent and received on a directly connected physical interface , To get the opposite end router-id, Nature also requires router-id The route between values can reach ;

So normal is building LDP Between neighbors , The routing protocol has converged ,RIB and FIB Table has been generated ;

3）MPLS After building a neighborhood , Generate neighbor table ;LDP The protocol is then based on local FIB The route entries learned in the table generate tag numbers ;cisco The default device is based on FIB All learned routing entries in the table generate tag numbers , Huawei devices are only based on by default FIB In the table 32 Bit masked host routes generate tag numbers ; The reason is that normal 32 Bit host routing is ospf Learn the loopback interface , In normal engineering, there are only BGP and MPLS VPN Based on loopback communication , Use tags to forward ; Other ordinary traffic is based on express packet exchange ; take the reverse into consideration cisco Start up mpls in the future , All traffic will be forwarded based on tags , Reduces forwarding efficiency （ The premise is the default ）

4） After the tag number is generated , Will be stored locally LIB surface - Label information database ;LIB The table will be shared among neighbors ;

LIB Load the label numbers distributed by local and neighbors for each route in the table ;

5） function MPLS Agreed devices , take LIB and FIB Combine , Map the relationship between the tag number and the best path to generate LFIB surface （ Tag forwarding information database ）

notes ： Control level generated tables

RIB—》FIB—》LIB—》LFIB The first two tables are generated after the routing protocol works , The last two tables are MPLS Of LDP Protocol generation ;

Data level ：

1） No, MPLS agreement , be based on FIB The table can be forwarded normally

2） Noun ：MPLS domain – MPLS Working radius of

​ edge LSR（PE）– Border label switching router Work mpls The edge of the field , Connect extraterritorial devices

LSR （P） – Label switching router Overall work MPLS Intra domain

3） When the flow enters the first pe Equipment time , Before there is no express exchange , The router is based on the target IP Address query local RIB;

After that, we'll have to LIB The corresponding in the table can determine whether the flow should be pressed into the label , A query that requires two tables ;

When there is express exchange , The flow enters the first pe when , Direct inquiry FIB surface , Associated tag number in the table , It will be directly determined whether to press the label ;

Flow to P Router , If there is a tag in the received traffic, it is based on LFIB Table forwarding , If there is no label, it is based on FIB Just watch ;

The flow leaves the last boundary MPLS The label will pop up ;

Flow with tag number , When entering the router , Enter the number that the label table should assign to the local router , The label is local downstream （ Next jump ） Tag number assigned to the device ; The upstream and downstream concepts are calibrated based on the data level ;

Two 、 Tag number

The label is pressed into 2 Layer and 3 Between layers , be called 2.5 layer

[ Failed to transfer the external chain picture , The origin station may have anti-theft chain mechanism , It is suggested to save the pictures and upload them directly (img-hm53SLdh-1644507418046)(file:///C:\Users\asus\AppData\Local\Temp\ksohtml\wpsD38B.tmp.jpg)]

The format of the label —32 position ,4 Bytes

[ Failed to transfer the external chain picture , The origin station may have anti-theft chain mechanism , It is suggested to save the pictures and upload them directly (img-HlLYOweO-1644507418047)(file:///C:\Users\asus\AppData\Local\Temp\ksohtml\wpsD38C.tmp.jpg)]

front 20 Bit is tag number ,2^20 A tag number ; among 1-15 No. reserved , As a special number ;

The first 21-23 position exp,3 position 8 Number , For priority , be used for QOS Strategy use ;

The first 24 Bit is the bottom of the stack , This bit is 1 Identify the label as the last label ;MPLS It can be encapsulated in one packet at most 3 Layer labels ;

ordinary MPLS A layer of labels MPLS VPN Two layers of MPLS TE 3 layer

TTL Time to live When the label is pressed in for the first time , The... In the current packet 3 layer TTL Copy to label ; Then query the tag once TTL Minus one , When the tag pops up on the last hop device 2.5 Layer of TTL Copied to the 3 In the layer header ;

3、 ... and 、 MPLS The last jump – Penultimate jump Default execution

The border LSR Pass the local direct network segment to MPLS After the neighbors in the domain ,LDP The assigned tag number is 3, Tell the penultimate hop device its identity ; Cause the penultimate hop device to query LFIB After the table , If the forwarding path is known, pop up the label in advance , So that the last hop router only needs to query FIB surface ; Otherwise, the last hop router is querying LFIB After the table , The pop-up tag also needs to query FIB;

Four 、 MPLS Configuration of

1、 IP Can be up to — Using routing protocol, the whole network can reach

2、 To configure MPLS – LDP

[r2]mpls lsr-id 2.2.2.2   Must be defined first mpls Of router-id, For the real of the local device ip Address , And neighbors can reach , because    This address will be used to establish TCP conversation , A loopback address is recommended 
[r2]mpls        And open mpls agreement 

[r2-mpls]mpls ldp    Reactivate LDP agreement 

[r2-mpls-ldp]q

 After that, you need to open the protocol on the interface through which all tags pass 

[r2]interface GigabitEthernet 0/0/1

[r2-GigabitEthernet0/0/1]mpls   First open MPLS

[r2-GigabitEthernet0/0/1]mpls ldp   Reactivate LDP agreement 

When the boot configuration is complete , Use between neighbors UDP Message multicast sending and receiving hello package ; Then based on hello In bag router-id address TCP The establishment of conversation ;

[r3]display tcp status

TCPCB   Tid/Soid Local Add:port     Foreign Add:port    VPNID  State

b4cf3d64 167/6   3.3.3.3:646      4.4.4.4:50858     0    Established

b4cf3adc 167/3   3.3.3.3:50806     2.2.2.2:646      0    Established

When tcp After the session is established , Neighbors are based on TCP The conversation then establishes a neighbor relationship , Generate neighbor table ：

[r3]display  mpls ldp peer

And then based on local FIB surface , By default, Huawei is only for 32 Bit host route generation tag number ; Store in LIB In the table , Then neighbors share LIB surface ;

[r3]display  fib  see FIB surface 

[r4]display  mpls ldp  lsp   see LIB surface , Load the label number assigned by the local and neighbor for each route 

Finally, the router will LIB and FIB aggregate , Generate label forwarding rules for the best path —LFIB

[r4]display mpls lsp  see LFIB surface 

notes ： By default, Huawei is only for 32 Bit host routing assignment label

[r3]mpls 

[r3-mpls]lsp-trigger all   Turn on the function , Will target fib Label numbers are assigned to all routes in the table 

[r2]tracert -v -a 2.2.2.2 56.1.1.2

5、 ... and 、 Use mpls solve BGP The routing black hole of

MPLS The agreement will not be passed BGP The routing entries of protocol learning are assigned tag numbers ;

But visiting these BGP When routing the target network segment , When the traffic is pushed in, it reaches these network segments BGP Tag number of the next hop device address ;

example :R2 from BGP neighbor 5.5.5.5 Learning to 6.6.6.0 Route of network segment ;R2 During a visit to 6.6.6.0 when , Will be pushed in the packet to arrive 5.5.5.5ip Tag number of the address , To cross the middle without running BGP Agreed devices ; Break the routing black hole ;

notes : Huawei equipment is not... By default BGP The protocol implements the next hop label mechanism ,cisco Default execution ;

Huawei equipment needs to be turned on route recursive-lookup tunnel The route is recursively searched based on the tunnel

6、 ... and 、 MPLS VPN

1、 CE Pass private route to PE End

2、 PE The end receives different CE When sending the same network segment route , Use RD Value to distinguish — Format X:X 32 position

3、 PE The end will be attached with RD The private route of cannot be directly loaded into the local public route table , It needs to be placed in the corresponding VRF（ Virtual routing forwarding ） In space ; Then pay RT value , Used to pass to the opposite end PE equipment , Peer discrimination information ;

VPNV4 route = Ordinary IPV4 route +RD+RT

4、 VPNV4 Routing needs MP-BGP To deliver ; The opposite end is based on RT value , Load the route to the corresponding VRF In space , Then share it with the corresponding CE;

5、 After the control level work is completed , The data level needs to be based on MPLS Come to work , Because the data layer cannot carry RD/RT value ;

so mpls Two layers of labels will be pressed into the packet , The outer label is used to pass through intermediate equipment , break BGP Routing black holes ;

The inner label is used to correspond to VRF Space ;

------------------------------------------ Start the experiment ---------------------------------------

The experimental requirements ：

The topology ：

First step ：

First configure the public network ：

 To configure IP
[r2-LoopBack0]ip add 2.2.2.2 32
[r2-LoopBack0]int g0/0/2
[r2-GigabitEthernet0/0/2]ip add 23.1.1.1 24

[r3-LoopBack0]ip address 3.3.3.3 255.255.255.255 
[r3-LoopBack0]int g0/0/0
[r3-GigabitEthernet0/0/0]ip add 23.1.1.2 24
[r3-GigabitEthernet0/0/1]ip add 34.1.1.1 24

[r4]int g0/0/0
[r4-GigabitEthernet0/0/0]ip add 34.1.1.2 24 
[r4-GigabitEthernet0/0/0]int l0
[r4-LoopBack0]ip add 4.4.4.4 32
[r4]int g0/0/2
[r4-GigabitEthernet0/0/2]ip add 47.1.1.1 24
[r4-ospf-1]silent-interface  g0/0/2   # Set up with R7 The interface of is silent interface 

[r7]int g0/0/0
[r7-GigabitEthernet0/0/0]ip add 47.1.1.2 24
[r7-LoopBack0]ip add 192.168.4.1 24
[r7-GigabitEthernet0/0/1]ip add 192.168.3.1 24

 function IGP
[r2]ospf 1 router-id 2.2.2.2
[r2-ospf-1]area 0
[r2-ospf-1-area-0.0.0.0]net 2.2.2.2 0.0.0.0
[r2-ospf-1-area-0.0.0.0]net 23.1.1.1 0.0.0.0

[r3]ospf 1 router-id 3.3.3.3
[r3-ospf-1]area 0
[r3-ospf-1-area-0.0.0.0]net 3.3.3.3 0.0.0.0
[r3-ospf-1-area-0.0.0.0]net 23.1.1.2 0.0.0.0

[r4]ospf 1 router-id 4.4.4.4
[r4-ospf-1]area 0
[r4-ospf-1-area-0.0.0.0]net 34.1.1.2 0.0.0.0
[r4-ospf-1-area-0.0.0.0]net 4.4.4.4 0.0.0.0
[r4-ospf-1-area-0.0.0.0]net 47.1.1.1 0.0.0.0

test ： stay R2 On ping R7

The second step ：

To configure vpn Space

[r1]int l0
[r1-LoopBack0]ip add 192.168.1.1 24
[r1-LoopBack0]int g0/0/1
[r1-GigabitEthernet0/0/1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip add 192.168.2.1 24

[r2]ip vpn-instance b1
[r2-vpn-instance-b1]route-distinguisher 1:1
[r2-vpn-instance-b1-af-ipv4]vpn-target 1:1
[r2]int g0/0/0
[r2-GigabitEthernet0/0/0]ip binding vpn-instance b1  # Binding interface 
[r2-GigabitEthernet0/0/0]ip add 192.168.2.2 24

test ：

Empathy , To configure R4 and R5

[r4]ip vpn-instance b2
[r4-vpn-instance-b2]route-distinguisher 1:1
[r4-vpn-instance-b2-af-ipv4]vpn-target 1:1
[r4-vpn-instance-b2]int g0/0/1
[r4-GigabitEthernet0/0/1]ip binding vpn-instance b2
[r4-GigabitEthernet0/0/1]ip add 192.168.3.2 24

[r5]int l0
[r5-LoopBack0]ip add 192.168.4.1 24
[r5-LoopBack0]int g0/0/0
[r5-GigabitEthernet0/0/0]ip add 192.168.3.1 24

test ：

The third step ： To configure MPLS and BGP

[r2]mpls lsr-id 2.2.2.2
[r2]mpls
[r2-mpls]mpls ldp
[r2-mpls-ldp]int g0/0/2
[r2-GigabitEthernet0/0/2]mpls
[r2-GigabitEthernet0/0/2]mpls ldp

[r3]mpls lsr-id 3.3.3.3
[r3]mpls
[r3-mpls]mpls ldp
[r3-mpls-ldp]int g0/0/0
[r3-GigabitEthernet0/0/0]mpls 
[r3-GigabitEthernet0/0/0]mpls ldp
[r3-GigabitEthernet0/0/0]int g0/0/1
[r3-GigabitEthernet0/0/1]mpls
[r3-GigabitEthernet0/0/1]mpls ldp

[r4]mpls lsr-id 4.4.4.4
[r4]mpls
[r4-mpls]mpls ldp
[r4-mpls-ldp]int g0/0/0
[r4-GigabitEthernet0/0/0]mpls 
[r4-GigabitEthernet0/0/0]mpls ldp

R2 and R4 Conduct BGP Jianlin 
[r2]bgp 1
[r2-bgp]router-id 2.2.2.2
[r2-bgp]peer 4.4.4.4 as-number 1
[r2-bgp]PEER 4.4.4.4 connect-interface LoopBack 0
[r2-bgp]ipv4-family vpnv4
[r2-bgp-af-vpnv4]peer 4.4.4.4 enable 

[r4]bgp 1 
[r4-bgp]router-id 4.4.4.4
[r4-bgp]peer 2.2.2.2 as-number 1
[r4-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[r4-bgp]ipv4-family vpnv4	
[r4-bgp-af-vpnv4]peer 2.2.2.2 enable 

After the above configuration , The intermediate environment has been set up

Step four ：

hold R1 and R5 Through static use mplsVPN Get through ：

 First in R1、R5 Write static ：
[r1]ip route-static 192.168.3.0 24 192.168.2.2
[r1]ip route-static 192.168.4.0 24 192.168.2.2
[r5]ip route-static 192.168.1.0 24 192.168.3.2 
[r5]ip route-static 192.168.2.0 24 192.168.3.2

 The next in R2 and R5 Make configuration on ：
[r2]ip route-static vpn-instance b1 192.168.1.0 24 192.168.2.1 # Write to R1 Static of online segment 
[r2]bgp 1
[r2-bgp]ipv4-family vpn-instance b1
[r2-bgp-b1]import-route direct      # Republish to B1 in 
[r2-bgp-b1]import-route static 

R5 Empathy ：
[r4]ip route-static vpn-instance b2 192.168.4.0 24 192.168.3.1
[r4]bgp 1
[r4-bgp]ipv4-family vpn-instance b2
[r4-bgp-b2]import-route direct 
[r4-bgp-b2]import-route static 

Respectively in R2 Check out bgp surface

test ： stay R1 On ping192.168.3.0 Network segment ：

hold R6 and R7 Through dynamic use mplsVPN Get through ：

 Create areas and bind interfaces 
[r2]ip vpn-instance a1
[r2-vpn-instance-a]ipv4-family
[r2-vpn-instance-a-af-ipv4]route-distinguisher 2:2
[r2-vpn-instance-a-af-ipv4]vpn-target 2:2
[r2-vpn-instance-a-af-ipv4]q
[r2-vpn-instance-a]int g0/0/2
[r2-GigabitEthernet0/0/2]ip binding vpn-instance a1
[r2-GigabitEthernet0/0/2]ip add 192.168.2.2 24

[r4]ip vpn-instance a2
[r4-vpn-instance-a]ipv4-family
[r4-vpn-instance-a-af-ipv4]route-distinguisher 2:2
[r4-vpn-instance-a-af-ipv4]vpn-target 2:2
[r4-vpn-instance-a-af-ipv4]q
[r4-vpn-instance-a]int g0/0/2
[r4-GigabitEthernet0/0/2]ip binding vpn-instance a2
[r4-GigabitEthernet0/0/2]ip add 192.168.3.2 24

[Huawei]sysname r6
[r6]int lo 0
[r6-LoopBack0]ip add 192.168.1.1 24
[r6-LoopBack0]int g0/0/2
[r6-GigabitEthernet0/0/2]ip add 192.168.2.1 24

[r7]int lo 0
[r7-LoopBack0]ip add 192.168.4.2 24
[r7-LoopBack0]int g0/0/2
[r7-GigabitEthernet0/0/2]ip add 192.168.3.2 24

[r6]rip 1
[r6-rip-1]version 2
[r6-rip-1]un summary
[r6-rip-1]network 192.168.1.0
[r6-rip-1]network 192.168.2.0

[r2]rip 1 vpn-instance a
[r2-rip-1]version 2
[r2-rip-1]un summary
[r2-rip-1]network 192.168.2.0

[r4]ospf 2 vpn-instance a
[r4-ospf-2]area 0
[r4-ospf-2-area-0.0.0.0]network 192.168.3.1 0.0.0.0

[r7]ospf 1 router-id 7.7.7.7
[r7-ospf-1]area 0
[r7-ospf-1-area-0.0.0.0]network 192.168.3.1 0.0.0.0
[r7-ospf-1-area-0.0.0.0]network 192.168.4.2 0.0.0.0

 Two way republication 
[r2]rip 1 vpn-instance a
[r2-rip-1]import-route bgp
[r2-rip-1]q
[r2]bgp 1
[r2-bgp]ipv4-family vpn-instance a
[r2-bgp-a]import-route rip 1

[r4]ospf 2 vpn-instance a
[r4-ospf-2]import-route bgp
[r4-ospf-2]q
[r4]bgp 1
[r4-bgp]ipv4-family vpn-instance a
[r4-bgp-a]import-route ospf 2

see 7 The routing table for ：

stay R6 On pingR7

thus , The experimental requirements have been fully met .