Вы находитесь на странице: 1из 114

.....................................................................................................................................

3
1. ,
VPN . MPLS VPN ....6
1.1 , VPN . ........6
1.2 VPN- ............................................................................7
1.2.1 TDM ..................................................................................8
1.2.2 VPN- .................................................10
1.2.3 VPN- ......................................................11
1.2.4 VPN- 3- ................................................13
1.3 VPN- .........................................................................16
1.3.1 VPN- IP ...............................................................................16
1.3.2 VPN- MPLS ....................................................................18
1.4 VPN- ............................................................................................. 20
1.5 VPN- MPLS .....................................................................................20
1.6 ..................................................................................26
1.7 ................................................................................................................27
2. MPLS VPN. MPLS VPN. .............28
2.1 VPN- MPLS .................................................................................28
2.1.1 VPN ..................................................30
2.1.2 VPN- .........................................32
2.1.3 MPLS ................................................................................34
2.2 ........................................................................................................36
2.2.1 -................................................36
2.2.1.1 ............................................38
2.2.1.2 - ..39
2.2.1.3 ....................................................................................41
2.2.1.4 ............................................................................................... 43
2.2.2 ....................................................................................................43
2.2.3 ............................................................. 52
2.2.3.1 IGP......................................52
2.2.3.2 VPN- ...........................................................................53
2.2.3.3 - ............................................54
2.2.3.4 - ............................................55
2.2.3.5 - ............................................................... 56
2.2.3.6 - ............................................................ 57
2.2.3.7 QoS VPN- MPLS ....................................58
2.2.3.8 VPN-c QoS ..........................63
2.3 ....65
3. .........................................................................65
3.1 ........................................................66
3.2 ......68
3.2.1 ...............................................................................68
3.2.2 .................................................................71
3.3 74
4. VPN- ............................. 75
4.1 ............................................................................75
4.2 .............................................................................81
4.3 .............................................................................86
4.4 ......................................................................................91

4.5 ......................95
4.6 ...............................................................................................................97
...................................................................................................................................98
.........................................................................................99
........................................................................................................................100
2:.................................................................................100
3 ..................................................................................101
4 ..................................................................................102
5 ..................................................................................103
........................................................................................................................105
............................................................................105
..............................................................................108
.................................................................................111



,

,

, ,

() ,
. ,
, ,

. - ,
- ,
(, , ) ( ,
) , , ,
,
[1].

(
) (,
).
, .

:

.
:

IP-;

:
,
, ;

, ;

-;
3


. , ,
, ,
.
, ,
,
. ,
, ,
. ,
.
VPN ,

[5]. VPN
.

[8].

VPN, VPN-.

,
MPLS,
,


. , MPLS
IP ATM,
, ,
.
4

MPLS
, ,
IETF, MPLS, ,
.
, IP- MPLS
(QoS),
, ,
. QoS
, , ,
.
, , VPN MPLS,
,
.

VPN MPLS.
:

VPN;
VPN MPLS;
VPN MPLS;
VPN ,
.
,
VPN MPLS.

1. ,
VPN . MPLS
VPN
1.1 , VPN .
(Virtual Private Network VPN)
TDM .25 . Frame Relay
ATM
.25 .

VPN, ,
.
" " (VPN)
.25, Frame Relay
ATM [15].
(Enterprise Network Management)
IP-[8].
(outsourcing)
, . IP (Managed IP) (ServiceLevel Agreement SLA) (end-to-end) (QoS) [6].
VPN-

IP

.
(value-added)
VPN-.

VPN,
(IP Security - IPSec)
(Multiprotocol Label Switching MPLS).
VPN.
VPN- IP Cisco IOS VPN 3- IP 4 (IPv4). VPN- IP
6

,
, , ,
.
IP .

(WAN).
,
(
, ). ,
,
(Electronic Data Interchange EDI)
. ,
VPN- IP,
.
1.2 VPN-
VPN- 2- 3- . VPN- 2-
"-", Frame
Relay ATM.
VPN- 3-
VPN, -
IPSec ( ) (Generic Routing Encapsulation GRE).
VPN-
,

(intranet extranet)
, .
(Point of Presence )
ISP Internet
.

VPN-
. , VPN-
. , VPN- 3-
Internet
(Quality of Service QoS) .
(telecom management)
ATM Frame Relay
[13].
VPN-
, .
, .
VPN- 2- VPN .
, (.. ).
1.2.1 TDM

. ,

, .
DS1 DS3, , , 1 .
1.1,
,

, .
DACS (Digital Automatic and CrossConnect System
).
.
1.2 ,
.

TDM ,
.
,
64 / ( DS0).
TDM .

1.1 VPN-

1.2 VPN

1.2.2 VPN-
VPN- , Frame Relay .25,
,
. 1.3,
,
. ,
. PVC
SVC
(CIR) (
local loop).

1.3 VPN- Frame Relay


1.4 Frame Relay.
(Points of Presence POPs) TDM. Frame Relay CPE FRAD (, ) Frame Relay.
Frame Relay Frame
Relay ATM ATM.

10

Frame Relay
.
.25 2- .25, 3-
.25, Frame Relay,
2- . .25
SVC PVC,
(Logical Channel Identifier
LCI).

1.4 VPN Frame Relay


LCI 4-
(Logical Group Number LGN) 8- (Logical Channel
Number LCN). .25 2-
(Link Access Procedure Balanced LAPB).
1.2.3 VPN-
VPN- , ATM SMDS, , (SVC) (PVC) . , 1.5,
11


. , . PVC SVC
: CBR, VBR-RT, VBRNRT, ABR UBR. ATM
PVC (soft PVC), SVC PVC.

1.5 VPN- ATM


1.6 ATM.
(Points of Presence POPs) ATM
TDM SONET/SDH . () ATM
2- IP
3- .

12

1.6 VPN- ATM

1.2.4 VPN- 3-
VPN- 3- , , VPN. GRE
IP Security (IPSec) "-"
IP Internet,
(Virtual Private Dialup Network VPDN)

Internet ,
.
VPN- (Generic
Route Encapsulation GRE) IP-
"-". GRE-
VPN-. GRE-
, , GRE-
.
1.7, GRE- VPN- IP- .
3- , IP, IP-.
13

1.7 VPN- GRE and IPSec


VPN- IPSec
,
,
IP- [5]. IPSec, ,
, , IP-, Internet.
IPSec "-" VPN- IP-.
IPSec - ,
, , VPN-
IPSec (Managed IPSec). , IPSec,
1.7. , , IPSec

VPN-.
VPDN-, L2F L2TP,
, ,
IPSec. IPSec

(Data Encryption Standard DES), 168-
3DES .
14


(Public Switched Telephone Network
PSTN) ISDN. 1.8,
(Virtual Private Dialup Network VPDN)
IP- . VPDN
IP- , 2- (Layer 2
Forwarding L2F) 2- (Layer 2 Tunneling
Protocol L2TP).

(Network Access Server NAS), . NAS
L2F
L2TP . ,
NAS, ,
. ,
(Authentication, Authorization and Accounting AAA)
AAA, TACACS+.
. VPN-
, VPDN, :
"--".

1.8 (VPDN)

15

"-" (Point-to-Point Tunneling


Protocol PPTP), "-" Microsoft
(Microsoft Point-to-Point Encryption MPPE), VPN-
Cisco PPTP
[12].
VPN IP. (
, , client-initiated tunneling),

NAS
.

VPN-.
"-" Microsoft
(Microsoft Point-to-Point Compression MPPC).
40 128 .
. ,
,

Cisco-

Microsoft
, .
1.3 VPN-
VPN-

.
3- . .
1.3.1 VPN- IP
IP
(managed IP services), IP IP- .
IP IP- 2- , ATM
Frame Relay. VPN- IP 1.9.
16

1.9 VPN- IP

. , Cisco (Cisco Routing
engine)

, .

.
. , RIP , EIGRP ,
.
, Cisco, ,
30 IP-.

( ):
30 IGRP-;
30 OSPF-;
IS-IS;
RIP;
17

BGP;
30 EGP.
VPN- IP
, . ,
IP-,
.
, ,

VPN-.
1.3.2 VPN- MPLS
VPN- MPLS . MPLS
2- .
.
MPLS ,
Frame Relay ATM ,
VPN ,
,
. VPN- MPLS
1.10.
,

.
.

18

1.10 MPLS

MPLS

CPE-

, CPE, VPN.
VPN-
. ,
VPN-,
VPN.
, , , ,
. ,
(VPN Routing and Forwarding VRF).
,
LSR-. LSR- (Provider
) , .

MPLS

VPN-

3- 2- [5].
.
19

1.4 VPN-

VPN-


MPLS, IPSec.
,
VPN
Internet.
1.1 VPN ,
, , .
1.1 VPN-

VPN-

3-

MPLS

2-


,
,
,
(traffic separation),

20

1.1

2-

3-

VPN-

MPLS

VPN

QoS

VPN

1.5 VPN- MPLS


VPN- MPLS:

VPN;

( );

;
21

Cisco-

(Cisco Service Management CSM).

MPLS , ,
, .
VPN-. VPN MPLS
3-
VPN- . ,

(Provider Edge router -router),
(Customer Edge
router CE-router), VPN-.
VPN- 3- ,
(VC).

VPN- MPLS ,
VPN- (Frame Relay ATM). VPN-
VPN,
, ,
, VPN- [7].
VPN- . ( ) , IP-
,
VPN-.
VPN
VPN-
"-" .
(.. intranet extranet)
. VPN-
VPN-,
. MPLS ,
,
22

. MPLS CPE, CPE-


MPLS .

VPN ,
,
.
, RFC 1918
IP-
. VPN- MPLS
(Network Address Translation
NAT) , .
NAT , VPN .

IP-.

MPLS
,
.

Cisco IOS Cisco
IP
.


, (SLA).
MPLS QoS
.

() ,
.
23



(Traffic Engineering Routing with Resource Reservation RRR),
RSVP . RRR

, IP-

.
.

VPN- 3-
VPN. VPN-
intranet, . ,
(intranet extranet). MPLS
, IP- :
;
;
VPN;
VPN;
"--".


VPN- IP. QoS VPN:
;
VPN- MPLS.
,
, ,
.
24


.

VPN . VPN-
MPLS , ,
IP, ATM, Frame Relay .
,
MPLS,
.

25

1.6
, 1,
VPN
MPLS, Dynampis GNS3,
.
,
.
.
,
.
.
,
RIP 2, OSPF ,
.
.
.
, , Platinum, Gold
Silver. 384 / -
, 512 / B 768 / . .

.

. : ,
, .

26

1.7
" " (Virtual Private Network VPN)
. VPN
IP

IPSec

MPLS

.
VPN-
2- 3- . 2- VPN- Frame
Relay ATM. VPN- 3-
2- IPSec (L2TP),
2- (Layer 2 Forwarding L2F)
(Generic Routing Encapsulation GRE). VPN-
VPDN (Access
VPDN).
VPN-

. 3- .

. VPN-
VPN- IP VPN- MPLS.
VPN- :
MPLS IPSec.
, ,
, .

27

2. MPLS VPN.
MPLS VPN.
(VPN) , 3- . VPN- MPLS
,
2-
3- . VPN- MPLS
, ,
VPN-.

Internet
VPN- ,
IP, ATM Frame Relay.
VPN
(Multiprotocol Label Switching MPLS)
VPN- 3- IPv4.
3- ,
ATM [4].
MPLS .
VPN-
, Internet
2- , VPN- Frame Relay ATM.
IP 3- ,
Cisco- MPLS VPN.
2.1 VPN- MPLS
2.1 VPN-, .
VPN-
. ,
2- ,
.

28

2.1 MPLS
MPLS,
VPN-.
MPLS (). ,
( router), VPN-.
LSR-
-

(provider edge router). -


.
MPLS (MPLS edge routers ).
,
(Provider Edge router router), VPN-
VPN. ,
(Customer Edge router router)

, -,
- .
(Customer Edge router
router). MPLS,
29

.
,
-, - , VPN-,
. - .

(Customer

router

-router).

, , MPLS,
-
.
VPN- , . - VPN-
- . -
-.
2.1.1 VPN
VPN-

(VPN Routing and Forwarding instance VRF).


VRF VPN- , . VRF IP-,
- Cisco (Cisco Express Forwarding CEF),
, ,
, .
VPN-
. 2.2,
VPN-. VRF
VPN. VRF- ,
VPN-, .
VRF

IP-

CEF.

VRF

CEF.
VPN-
VPN- , VPN.

30

2.2 , VPN-

VPN-

IP-.

, IP-,
IP-.
IP 4 -
IP-. VRF- IP-
VPN-. -
VRF, VRF- IP CEF-
-.
VRF- IP- , VPN-.
, VPN-,
VRF- VPN- (,
VPN). VRF.

VRF
(routing context). , RIP,
, ,
OSPF,
VRF.
31

VPN- VPN,
(Border Gateway
Protocol communities BGP communities). VPN.
VPN-, -,
IBGP (Multiprotocol IBGP MP-IBGP),
VPN
VRF VRF.
, VRF,
.

VRF. , ,
VRF. ,
VRF , ,
VPN, ,
, VRF.
2.1.2 VPN-
(service Provider Edge router)
IP- (Customer Edge
router) , BGP
- RIP 2 OSPF . IP- IP
. - IP-, VPN IP 4, 64- (Route
Distinguisher RD). 96- VPN IP 4. ()
,
IP-.
, VPN- IP
4, , VRF- .
32

BGP ,

VPN-.

,
. ,
IGP, OSPF IS-IS,
3- BGP- . BGP
(),
MPLS
VPN.
BGP VPN-
IP 4 VPN-. BGP
: ( , BGP
IBGP) ( , BGP
EBGP). - PE-RR ( , Route Reflector RR)
IBGP, - EBGP.
VPN- EBGP - .
BGP - VPN- IP 4 BGP, ,
IP 4[8]. ,
VPN- ,
. ,
(Multiprotocol Border Gateway Protocol MP-BGP)
, IP .
BGP ,
(route target) (route origin).
VRF. Cisco
(Site of Origin SOO)
. MP-BGP

BGP-

.
- VPN-,
.
VPN- IP
33

4, VRF-, . BGP BGP-,


, VRF-.
, DRAM
,
-.
(Route Refresh and Automatic Route Filtering)
BGP-,
-.
-.
-, ,
VRF,
.
(Automatic Route Filtering)
VPN, ,
, VRF- .
(Outbound Route Filter ORF)
, .
2.1.3 MPLS
MPLS

IP-

CEF- VRF. -
, -,
,
-. , -
, - , . -
, .
-
MP-BGP VPN-.
, VPN-. -
34

, IP-. MPLS,
VPN- MPLS.
-

, IP- 32-
( host routes). BGP-

VPN-,

. -;
. MPLS- LDP
- , -.
MPLS VPN- , -.

,
.
. -
, VRF, - . , .
- - IP-, VRF,
(bottom label), -
( VRF- -). - , (top label), ; - MPLS. VPN-
. - MPLS
.
-
, VRF- .
, IP- .

35

2.2
2.2.1 -

.

,
. ,
;
, .
.
,
. ,
Internet.
.
,
, , .
.
.
, ,

, ,
.
.

.
, , ,
, .
. ,
. ,
( ),
EIGRP, RIP.

,
.
,
36

-. ,
, .
,
, 2.3. ,
.

2.3
.
,
.

, ( Fast Ethernet
100 / , 512
/).
,
.
, ,
.

37

, , ,
, .

.
,
, .
, . ,
, , ,
, ,
. , ,
.

, ,
.
2.2.1.1

.

(.. ).
2.4,
(Interior Gateway Protocol IGP)
(Exterior Gateway Protocols EGP).
.

2.4 EGP IGP


38

(Autonomous System AS)


, , , ,
Cisco.com. ,
(.. ) .
IGP .
IGP :
RIP RIP V2;
IGRP;
EIGRP;
OSPF;
(Intermediate
system-to-Intermediate System IS-IS).
EGP .
BGP EGP.
2.2.1.2 -
,
, , .. EGP- IGP-.
, ,
: - (distansevector) (link-state)[16].
EGP- IGP-
,

.
-
() ( ) , .
(, 30
) .

- , .
,

. ,
.
39

- (Bellman-Ford) .
- :
(Routing Information Protocol RIP)
IGP-,
;
(Interior Gateway Routing
Protocol IGRP); Cisco
;

(Enhanced Interior Gateway Routing Protocol EIGRP),
IGRP Cisco;

, -
.
, ,
,
- .
,

( ) ,
30 . , ,
, (Link-State
Andvertisement LSA), (),
.

( ), .


, .
.

(Shortest Path First SPF) (Dijkstra) SPF-,
, .
()
40

. ,
, OSPF IS_IS.
2.2.1.3
,
.
RIP
(Routing Information Protocol RIP)

.
, RIP ,
. ,
RIP,
. RIP 1 (classfull)
. ,
, RIP 1
.
RIP 2
(prefix routing) :
.

.
(VariableLength Subnet Mask VLSM).
IGRP
(Interior Gateway Routing Protocol
IGRP), Cisco, -
, ,
, RIP. IGRP
, ,
. IGRP 24-
.
, RIP,
. IGRP
.
41

EIGRP
, IGRP, EIGRP (Enhanced Interior Gateway Routing Protocol
)
Cisco .
IGRP, 32- . , EIGRP

. ,
- .

EIGRP

.
IGRP.
OPFS
(Open Shortest Path First OSPF)
.
Internet (IETF) OSPF 1988 [6].
, OSPF 2, RFC 2328. OSPF
IGP-, ,
, . OSPF
,
RIP.
IS-IS

(Intermediate System-to-Intermediate System IS-IS)
OSI.
(Connectionless Network Protocol
CLNP), ISO-
(Connectionless Network Service CLNS). IS-IS
IS-IS
.

IS-IS

CLNP-

IP- . ISO CLNS IP IS-IS


OSPF IP-.
IP-, ISO- .
BGP
(Border Gateway Protocol BGP)
EGP-. BGP
42

Internet (ISP).
BGP-4 BGP,
(Classless InterDomain Routing CIDR), ,
.
IGP-, , RIP, OSPF EIGRP, BGP
, .
BGP ,
, BGP-.
2.2.1.4
, -
.
,
. ,
.
2.2.2
Cisco 7200,

/,

Cisco

7200

.
,
.

, ,
,
[1].
Cisco 7200:
IP/MPLS

Cisco

IOS

);
, ( DS0 OC12);
43

Fast Ethernet, Gigabit Ethernet, Packet Over Sonet


;
3RU;
L2TP PPP;
16000 ;
Cisco PXF;
;
;
; .

2.5 Cisco 7200


Cisco 7200
.
(-)
, Cisco IOS,
-
.
, , 7200

44

),

(NPE - Network Processing Engine) MIPS


RISC - 100, 200 300 , NPE-100,
150 , 1 SRAM,
. 32 ,
128 (NPE 300 - 256) 8 -, 40 .
NPE 7200


NPE. 7200 600 /.
7200VXR,
1 /. NPE : NPE-100
- 100 kpps, NPE - 150 kpps, NPE-200 - 200 kpps, NPE-300 - 300 kpps.
2.1 -

Cisco IOS.

NetFlow accounting

,
.

Service

Selection

Gateway

(SSG)


(MPLS).

-7

.
45

MIX.

Cisco

7200

,
:

PXF
(Parallel eXpress Forwarding);

Multichannel STM-1, Fast Ethernet, Gigabit Ethernet, Packet


Over SONET/SDH .;

IP ATM QoS/CoS;

MPLS VPN L2TP;

IP PPP;

Interchange)

DS0

MIX

(Multiservice

MIX

Cisco 7200
: ATM, Frame Relay
IP.

Cisco 7200
:

VoATM ATM Adapter


Layer 2 (AAL2);

FRF. 11 and FRF. 12;

H. 323 v2;

Cisco 7200, Cisco 7100,


Cisco 7400 Cisco 7500 .


IPSec ( SA-ISA, SA-VAM).
46

Cisco 7200

Cisco 7200 Cisco


IOS Hot Standby Router Protocol (HSRP)

.

Cisco 7200VXR
Cisco IOS

QoS,

ISA

(Integrated

Services

Adapter)

,
WAN VPN.

, (CBAC)
(IDS);

(NAT);

(ACL);

(Committed Access Rate,


CAR);

PPP ATM Ethernet;

Route Bridged Encapsulation;

L2TP, PPT ATMP;

MPLS VPN Full L2TP;

,
PXF.

47

2.2

Rack-mountable -

42.7 cm

43.2 cm

13.3 cm

RAM

1 GB DDR SDRAM

256 MB

Wired

Ethernet, Fast Ethernet, Gigabit Ethernet

TCP/IP, UDP/IP, PPPoA

OSPF, IGRP, RIP, IS-IS, BGP, EIGRP, HSRP

SNMP, Telnet, HTTP

Flow control, modular design, full duplex capability,


Layer 2 switching, auto-sensing per device,

DHCP, VPN, BOOTP support,


ARP,

MPLS,

VLAN,

manageable, IPv6

3 x network - Ethernet 10Base-T/100Base-TX/1000Base

T - RJ-45 1 x management - console - RJ-45 4 x serial auxiliary - RJ-45 1 x management - Ethernet 10BaseT/100Base-TX - RJ-45 2 x USB - 4 PIN USB A

48

2.3

Secure Shell (SSH), RADIUS, PAP, CHAP, TACACS


NEBS level 3, FCC Class A certified, CSA, EN 60950,
IEC 61000-3-2, IEC 61000-4-11, IEC 61000-4-2, IEC

61000-4-3, IEC 61000-4-4, IEC 61000-4-5, IEC 61000-46, IEC950, UL 1950, VCCI-II, CSA 22.2 No. 950,
EN55022 Class B, AS/NZ 3548 Class A

- redundant

- /

2 () / 2 ()

AC 120/230 V ( 50/60 Hz )

280 Watt

Cisco IOS

Cisco IOS IP Base

Included

5 C

40 C

5 - 85%


NPE-G2 Cisco 7200
,
Cisco IOS.

49

2.6 NPE-G2
NPE-G2:

( 2
Cisco);
3

RJ-45

10/100/1000Ethernet

), ;
;
2 USB ;
1 ;
/.
2.3

: 1
Compact Flash: 256

2 NVRAM
: 1-
USB Flash: 64-256

1.67 Motorola Freescale 7448

3,556 x 38, 481 x 28, 245

CE- Cisco
2600. CISCO 2600 -
50

,
LAN WAN , .
CISCO 2600
-
.

Cisco

2600

,
.
Cisco 2600 .
, :

, ISDN BRI, X.25, Frame
Relay ;

, ;
(Virtual Private Network, VPN)
;
,
VoIP;

(VLAN);
POS-
.
Cisco 2600 30
,
. Ethernet,
, E1 T1, ATM, , ISDN BRI,
(FXO, FXS, E&M, ISDN BRI-S/T), .
( ,
) Cisco 2600
(Quality of Service QoS).

51

2.2.3

. 2.5 MPLS VPN


VPN- MPLS
.
1. IGP.
2. VPN-.
3. -.
4. -.
5. -.
6. -.
7. QoS.
2.2.3.1 IGP
IGP,
.
1. CEF - . CEF-
MPLS-.

52

:
Router(conf ig) #ip f
2. IP-
IGP-:
Router(config) #interface loopback n
Router(config-interface) #ip address IP-address mask
3. IGP.
OSPF,
. :
Router(config)#router ospf ospf-process*id
4. ,
OSPF, (ID) :
Router(config-router)#network address wildcard-mask area area-id
5. , -
IP-.
DS3. :
Router(config)#interface Serial slot/adapter/port
Router(config-interface)#ip address IP-address mask
6. (Tag Switching):
Router(config-interf)#tag-switching IP
2.2.3.2 VPN-
, MPLS
VPN-
. VPN-
(VRF). VPN- -, .
1. VPN- VRF- VRF:
Router(config)#ip vrf vrf-name,
vrf-name , VRF.
VPN . vrf-name
. - , , .

53

2.
VPN (Route Distinguisher RD). RD
VRF. RD .

RD

VRF-. RD 64- 32 IP 4, 96- VPN-


IP. RD VPN RD. RD
IP , VPN . VPN-
IP:
Router(config-vrf)#rd route-distinguisher
3. VPN-
. VRF
route-target
VRF. VPN-
.
IP- .
:
Router(config-vrf)#route-target {import | export | both } route-target -ext-communit
4. VRF- . , MPLS
VRF. :
Router(config-if)#ip vrf forwarding vrf-name
VRF IP . VRF, IP .
2.2.3.3 -

IBGP , -
.
1. IBGP
- IBGP:
54

Router(config)#router bgp autonomous-system


2. IP 4:
Router{config-router)#no bgp default ipv4-unicast
3. IP- -
IBGP,
:
Router(config-router)#neighbor {ip-address | peer-group-name} remote-as number
4. IP 4
IBGP:
Router (conf ig-router) #neighbor ip-address activate
2.2.3.4 -
- , , ,
VRF.
, .
RIP 2 . , RIPv2 ( 2) -,
VRF, , . VRF IBGP .
RIP ,
network, , router rip.
, RIP-

-.

RIP-

VRF- VPN- .
address-family.
address-family IBGP, VPN-, IBGP, RIP-.
RIP- , .
55

1. RIP 2:
Router(config)#router rip
Router(config-router) #version 2
2. RIP
address-family
RIP:
Router(config-router)#address-family ipv4 [unicast] vrf vrf-name
3. RIP address-family:
Router(config-router-af) #network prefix
4. IBGP- RIP- ,
-:
Router(config-router-af)#redistribute bgp asn metric metric
2.2.3.5 -
(Provider core routers P-routers)

LSR-,

IGP, , , OSPF IS-IS.


IBGP, -,
. -
-.
-,
OSPF.
1. CEF -
.

CEF-

MPLS. :
Router(config)#ip cef
2. IP-
IGP-:
Router(config)#interface loopback n
Router(config-interface)#ip address IP-address mask
3. IGP.
OSPF; . :
Router(config)#router ospf ospf-process-id

56

4. , OSPF,
:
Router(config-router)#network address wildcard-mask area area-id
5. , -
IP-. DS3. :
Router(config)#interface Serial slot/adapter/port
Router(config-interface)#ip address IP-address mask
6. (Tag Switching) :
Router(config-interface)#tag-switching IP
2.2.3.6 -
-
:
;
RIP 2;
BGP4;
OSPF.
-
, -. . ,
VPN- IP (Managed IP), . IP-
IP- . -,
VPN- MPLS .
,
-.
RIP 2 -, -
.
1. RIP 2:
Router(config)#router rip
Router(config-router)#version 2

57

2.
RIP-:
Router(config-router)#network prefix
2.2.3.7 QoS VPN- MPLS
QoS -
CLI .
QoS.
CLI QoS , .
IP-
.
.

.

class-m (traffic class).
, , class -map
, match
. lass-m
:
class-map [match-any | natch-all] class-name no clasa-map [match-any | match-all] class-name
class-map match-all ,
. class-map match-any ,
. match-all match-any
, class-map match-all.
,
, match not.

(class map).
1. ,
:
Router (config) #class -map class-map-name

58

2. ,
:
Router(config-)#match criteria
.
match access-group access-group
ACL.
match any
, , .
match class-map class-map-name
, .
match cos cos-value [ cos-value cos-value cos-value]
, CoS- 2- .
match destination-address mac address
, - .
match input-interface interface-name
, .
match ip dscp dscp-value [deep-value dscp-value dscp-value dscp-value dscp-value
dscp-value dscp-value]
, DSCP (IP Differentiated Service Code Point
DSCP). match 8 IPDSCP. DSCP 0 63.
match

ip

precedence

precedence-value

(precedence-value

precedence-value

precedence-value] ,
IP-. match
4 IP-.
0 7.
match ip rtp starting-port-number port-range
,
(Real-Time Protocol-RTP). RTP
2000 6SS3S. RTP 0 16383.
match mpis experimental number
, .
0 7.

59

match not ,
.
match protocol protocol
, .
match qos-group gos-group-value
, QoS-. QoS-
0 99 . QoS .
QoS
.
match source-address mac address
, - .
3. :
Router(config-cmap)#end
( 2.1)
, , IP- 5,
critical.
2.1.
Router(config)#class-map critical
Router(config-cmap) #match ip precedence 5
Router(config-cmap)#end

policy-map .
class.
QoS
. QoS,
.
policy-map :
policy-map policy-name no policy-map policy-name
class :
class class-name no class class-name
, , , .
60

1. ,
. :
Router (config) #policy-map po2icy-map-name
2. , class-m:
Router (conf ig-pmap) #class lass-map-name
3. ,
:
Router(config-pmap)#class class-default
4.
.
/ :
Router(config-pmap-c)#bandwidth {bandwidth-kbps / percent percent}
5. :
Router(config-pmap-c)#default command
6. , :
Router(config-pmap-c)#fair-queue number-of-queues
7. ,
:
Router (conf ig-pmap-c) #police bps burst-normal burst-max conf orm-action action
exceed-action action violate-action action
police
:
drop ;
set-prec-transmit new-prec IP-
;
jset-qos-transmit new-qos QoS ;
set-dscp-transmit DSCP ;
set-atm-cip CLP ATM 0 1;
transmit .
8. ( /
) . bytes
,
/:
Router (config-pmap-c) #priority {kbps | percent percent} [bytes]
61

9. ,
( random-detect):
Router(config-pmap-c)#queue-limit packets
10. ,
:
Router(config-pmap-c)#random-detect
11. 1 ATM:
Router (conf ig-pmap-c) #set atm-clp
12. CoS ,
. 07:
Router(config-pmap-c)#sat cos cos-value
13. DSCP IP- .
DSCP IP 0 63:
Router(config-pmap-c)#set ip deep ip-dscp-value
14. IP- .
0-7:
Router(config-pmap-c)#set ip precedence ip-precedence-value
15. , MPLS ,
:
Router(config-pmap-)#set mpls experimental value
16. :
Router(config-pmap-)#end
( 2.2), 4 MPLS , critical.
2.2 MPLS
Router (config) #poliey-map set_experimental__4
Router(config-pmap)#class critical
Router(config-pmap-c)#set mpls experimental 4
Router(config-pmap-c)#end

service-policy ,
. service-policy :
62

service-policy {input | output} policy-map-name no service-policy {input | output}


policy-map
,
.
1. :
Router(config)#interface interface-name
2. :
Router (config-int) #service-policy input policy-map-name
3. :
Router(config-int)#end
( 2.3),
set__experimental__4 Ethernet.
2.3.
Router(config)#interf ethernet 1/0/0
Router(config-int)ttservice-policy input aet_experimental_4
Router(config-int)#end
2.2.3.8 VPN-c QoS
VPN-
.
1. VRF- :
Router#show ip vrf
2. VRF
:
Router#show ip vrf [{brief | detail | interfaces }] vrf-name
3. IP- VRF:
Router#show ip route vrf vrf-name
4. VRF:
Router#show ip protocols vrf vrf-name
5. CEF, VRF:
Router#show ip cef vrf vrf-name
6. VRF, :
Router#show ip interface interface-number vrf vrf-name
7. VPN- BGP:
Router#show ip bgp vpnv4 all [ tags ]
63

8.

VRF-, :
Router#show tag-switching forwarding vrf vrf-name (prefixmask/length] [detail]
, CLI QoS, .
1. :
Router#show class-m
2. , :
Router#tshow class-map class-name
3. :
Router#show policy-map
4. :
Router#show policy-map policy-map-name
5.
, :
Route#show policy-map interface
6.
, :
Router#show policy-map interface interface-spec
7. , :
Router#tshow policy-map interface interface-spec input
8. ,
:
Router#show policy-map interface interface-spec output
9. ,
:
Router#show policy-map [ interface [ interface-spec [input | output ] [ class classname ]]]

64

2.3
MPLS.
MPLS. MPLS
P, PE,CE. MPLS- ,
,
. , , :
( P-);
( PE -);
( CE -).
, MPLS,
VPN.
.
, MPLS VPN,
.

. ,
, ..
.
MPLS VPN, ,
, .

65

3.

. 3.1 MPLS VPN

3.1
- .
iBGP. -
OSPF IGP.
1
!
hostname P1
!
ip cef
!
class-map match-all class2
match ip precedence 3
class-map match-all class3
match ip precedence 1
class-map match-all class1
match ip precedence 5
!
policy-map Isp
class class1
bandwidth 5120
queue-limit 900
66

class class2
bandwidth 2048
queue-limit 600
class class3
bandwidth 1024
queue-limit 900
!
interface Loopback0
ip address 10.10.6.1 255.255.255.255
!
interface Serial1/0
description ***Router_P2***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface Serial1/1
description ***Router_PE1***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface Serial1/2
description ***Router_P3***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
router ospf 100
log-adjacency-changes
network 10.10.6.1 0.0.0.0 area 0
!
P-.
2, 3, 4, 5 .

67

3.2
PE-
CE- .
3.2.1
PE-
(PE1) CE- .
PE1:
!
hostname Perm
!
ip vrf vrf1
rd 100:1
route-target export 100:1
route-target import 100:1
!
ip vrf vrf2
rd 100:2
route-target export 100:2
route-target import 100:2
!
ip cef
!
class-map match-all Gold
match input-interface FastEthernet2/1
class-map match-all Platinum
match input-interface FastEthernet2/0
!
policy-map Isp
class Platinum
bandwidth 5120
queue-limit 900
set ip precedence 5
class Gold
bandwidth 2048
queue-limit 600
set ip precedence 3
!
interface Loopback0
ip address 10.10.1.1 255.255.255.255
!
interface Serial1/0
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface FastEthernet2/0
68

ip vrf forwarding vrf1


ip address 172.16.254.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet2/1
ip vrf forwarding vrf2
ip address 172.17.254.1 255.255.255.252
duplex auto
speed auto
!
router ospf 100
log-adjacency-changes
network 10.10.1.1 0.0.0.0 area 0
!
router rip
version 2
network 172.16.0.0
network 172.17.0.0
!
address-family ipv4 vrf vrf2
redistribute bgp 64512 metric 1
network 172.17.0.0
no auto-summary
version 2
exit-address-family
!
address-family ipv4 vrf vrf1
redistribute bgp 64512 metric 1
network 172.16.0.0
no auto-summary
version 2
exit-address-family
!
router bgp 64512
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.10.2.1 remote-as 64512
neighbor 10.10.2.1 update-source Loopback0
neighbor 10.10.3.1 remote-as 64512
neighbor 10.10.3.1 update-source Loopback0
neighbor 10.10.4.1 remote-as 64512
neighbor 10.10.4.1 update-source Loopback0
neighbor 10.10.5.1 remote-as 64512
neighbor 10.10.5.1 update-source Loopback0
!
address-family vpnv4
neighbor 10.10.2.1 activate
neighbor 10.10.2.1 send-community extended
neighbor 10.10.3.1 activate
neighbor 10.10.3.1 send-community extended
neighbor 10.10.4.1 activate
69

neighbor 10.10.4.1 send-community extended


neighbor 10.10.5.1 activate
neighbor 10.10.5.1 send-community extended
exit-address-family
!
address-family ipv4 vrf vrf2
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf vrf1
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
:
!
hostname CE_A1
!
interface FastEthernet0/0
ip address 172.16.254.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.16.10.254 255.255.255.0
duplex auto
speed auto
!
router rip
version 2
network 172.16.0.0
!
B:
!
hostname CE_B1
!
interface FastEthernet0/0
ip address 172.17.254.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.17.10.254 255.255.255.255
shutdown
duplex auto
speed auto
!
70

router rip
version 2
network 172.17.0.0
!
3.2.2
PE (PE5) CE-
.
PE5:
!
hostname Ekaterinburg
!
ip vrf vrf1
rd 100:1
route-target export 100:1
route-target import 100:1
!
ip vrf vrf2
rd 100:2
route-target export 100:2
route-target import 100:2
!
ip cef
!
class-map match-all Gold
match input-interface FastEthernet2/1
class-map match-all Platinum
match input-interface FastEthernet2/0
!
policy-map Isp
class Platinum
bandwidth 5120
queue-limit 900
set ip precedence 5
class Gold
bandwidth 2048
queue-limit 600
set ip precedence 3
!
interface Loopback0
ip address 10.10.5.1 255.255.255.255
!
interface Serial1/0
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
71

interface FastEthernet2/0
ip vrf forwarding vrf1
ip address 172.16.251.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet2/1
ip vrf forwarding vrf2
ip address 172.17.252.1 255.255.255.252
duplex auto
speed auto
!
router ospf 100
log-adjacency-changes
network 10.10.5.1 0.0.0.0 area 0
!
router rip
version 2
network 172.16.0.0
network 172.17.0.0
!
address-family ipv4 vrf vrf2
redistribute bgp 64512 metric 1
network 172.17.0.0
no auto-summary
version 2
exit-address-family
!
address-family ipv4 vrf vrf1
redistribute bgp 64512 metric 1
network 172.16.0.0
no auto-summary
version 2
exit-address-family
!
router bgp 64512
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.10.1.1 remote-as 64512
neighbor 10.10.1.1 update-source Loopback0
neighbor 10.10.2.1 remote-as 64512
neighbor 10.10.2.1 update-source Loopback0
neighbor 10.10.3.1 remote-as 64512
neighbor 10.10.3.1 update-source Loopback0
neighbor 10.10.4.1 remote-as 64512
neighbor 10.10.4.1 update-source Loopback0
!
address-family vpnv4
neighbor 10.10.1.1 activate
neighbor 10.10.1.1 send-community extended
neighbor 10.10.2.1 activate
neighbor 10.10.2.1 send-community extended
72

neighbor 10.10.3.1 activate


neighbor 10.10.3.1 send-community extended
neighbor 10.10.4.1 activate
neighbor 10.10.4.1 send-community extended
exit-address-family
!
address-family ipv4 vrf vrf2
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf vrf1
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
:
!
hostname CE_A4
!
interface FastEthernet0/0
ip address 172.16.251.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.16.40.254 255.255.255.0
duplex auto
speed auto
!
router rip
version 2
network 172.16.0.0
!
B:
!
hostname CE_B3
!
interface FastEthernet0/0
ip address 172.17.252.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.17.30.254 255.255.255.255
shutdown
duplex auto
speed auto
73

!
router rip
version 2
network 172.17.0.0
!

PE-, .

2 ,
3, , 4
, .

3.3.

MPLS

VPN,

2.
1. IGP.
2. VPN-.
3. -.
4. -.
5. -.
6. -.
7. QoS.

74

4. VPN-
,
. 3.2 Dynamips
GNS 3.
,
,
.
ping, ,
.
:
100
6000
12000
18000
VPN :

;

;

;

;
4.1
4
. (1),
(2), (3) (4).
1 4.
4 ,
4.1:
Ping 172.16.251.2 size 100 repeat 100
Ping 172.16.251.2 size 6000 repeat 100
Ping 172.16.251.2 size 12000 repeat 100
75

Ping 172.16.251.2 size 18000 repeat 100


4.1

()

()

()

100

12

49

84

6000

68

116

188

12000

140

184

276

18000

184

233

312

, 1-3
. 10-15
ping , .
4.2.
4.2
P1-P3

()

()

()

100

36

62

98

6000

80

140

210

12000

180

222

317

18000

199

303

432

, PE5-P3,
. ping PE5:
Ping 10.10.8.1 size 18000 repeat 500
4.3.

()

()

()

100

12

53

120

6000

110

160

272

12000

168

208

351

18000

212

273

503

76

4.3
(PE5-P3)
, PE1PE5 , .
:
Ping 172.17.252.2 size 18000 repeat 500
4.4.
4.4
(PE1-PE5)

()

()

()

100

28

58

136

6000

107

171

208

12000

168

241

364

18000

202

284

516

, 0 1-3 1-4,
.
1-3 4.5, 4.6, 4.7, 4.8, 1-4 4.9, 4.10,
4.11, 4.12.
4.5

()

()

()

100

32

65

98

6000

104

170

244

12000

176

265

368

18000

240

382

496

77

4.6
P1-P3

()

()

()

100

40

65

100

6000

120

207

368

12000

236

333

404

18000

320

423

528

4.7
(PE4-P5)

()

()

()

100

32

77

176

6000

152

197

272

12000

204

290

396

18000

292

410

564

4.8
(PE1-PE4)

()

()

()

100

32

80

156

6000

116

195

268

12000

192

295

460

18000

296

420

576

4.9

()

()

()

100

40

72

108

6000

115

174

260

12000

182

260

376

18000

258

394

481

78

4.10
P1-P2

()

()

()

100

48

83

120

6000

123

181

278

12000

240

315

420

18000

342

428

533

4.11
(PE3-P4)

()

()

()

100

44

80

151

6000

163

204

302

12000

216

285

391

18000

304

412

546

4.12
(PE1-PE3)

()

()

()

100

45

87

169

6000

160

210

334

12000

235

300

408

18000

312

422

599

.
, 4.1 ,
4.1. 4.1 ,
, .. .

79

250

()

200
150
100
50
0
100

6000

12000

18000

()

4.1
, 4.2,
, 4.1, 4.2, 4.3 4.4

()

18000 .
350
300
250
200
150
100
50
0
1

()

4.2
4.2 ,

.
,
.

18000 . 4.13

80

4.13

()

336

385

365

375

()

4.13 , 4.3.
390
380
370
360
350
340
330
320
310
1

()

4.3
4.2
4
. (1),
(2), (B3).
B1 B2.
B2 ,
4.14:
Ping 172.17.252.2 size 100 repeat 100
Ping 172.17.252.2 size 6000 repeat 100
Ping 172.17.252.2 size 12000 repeat 100
Ping 172.17.252.2 size 18000 repeat 100

81

4.14

()

()

()

100

12

51

100

6000

76

137

204

12000

156

203

276

18000

168

261

392

, 1-3
. 10-15
ping , .
4.15.
4.15
P1-P3

()

()

()

100

18

60

97

6000

98

145

201

12000

178

231

299

18000

205

294

403

, PE5-P3,
. ping PE5:
Ping 10.10.8.1 size 18000 repeat 500
4.16
(PE5-P3)

()

()

()

100

24

51

88

6000

100

165

252

12000

156

220

344

18000

192

286

468

82

, PE1-PE5
, .
, , :
Ping 172.16.251.2 size 18000 repeat 500
4.17.
4.17
(PE1-PE5)

()

()

()

100

28

54

120

6000

88

118

184

12000

156

232

324

18000

228

299

460

, B1-B3,
. B1-B3
4.18, 4.19, 4.20 4.21.
4.18

()

()

()

100

16

44

84

6000

96

155

236

12000

142

211

660

18000

184

269

416

83

4.19
P1-P2

()

()

()

100

32

53

84

6000

92

154

232

12000

176

265

352

18000

208

305

520

4.20
(PE2-P2)

()

()

()

100

24

47

100

6000

88

126

240

12000

140

219

336

18000

208

272

424

4.21
(PE1-PE2)

()

()

()

100

24

55

108

6000

92

140

220

12000

148

215

312

18000

224

294

404

.
, 4.4 ,
4.14. 4.1 ,
, .. .

84

300

()

250
200
150
100
50
0
100

6000

12000

18000

()

4.4
, 4.5,
, 4.14, 4.15, 4.16 4.17

()

18000 .
310
300
290
280
270
260
250
240
1

()

4.5
4.5 ,

.
,

.

85


18000 .
4.22.
4.22

()

265

300

279

297

()

4.22 , 4.6.
310
300
290
280
270
260
250
240
1

()

4.6
4.3
4
. (1),
(C2), (C3).
C1 C2.
C2 ,
4.23:
Ping 172.18.253.2 size 100 repeat 100
Ping 172.18.253.2 size 6000 repeat 100
Ping 172.18.253.2 size 12000 repeat 100
Ping 172.18.253.2 size 18000 repeat 100
86

4.23

()

()

()

100

12

40

84

6000

68

104

188

12000

96

138

204

18000

136

200

260

, 2-4
. 10-15
ping , .
4.24.
4.24
P2-P4

()

()

()

100

36

71

120

6000

108

174

236

12000

188

257

340

18000

260

326

380

, PE3-P4,
. ping PE3:
Ping 10.10.9.1 size 18000 repeat 500
4.25
(PE3-P4)

()

()

()

100

15

69

156

6000

60

110

180

12000

124

174

240

18000

144

194

280

87

, PE2-PE3
. PE3,
, :
Ping 10.10.2.1 size 18000 repeat 500
4.26.
4.26
(PE2-PE3)

()

()

()

100

28

57

116

6000

64

120

196

12000

92

158

212

18000

160

216

300

, 1-3,
. 1-3
4.27, 4.28, 4.29 4.30.
4.27

()

()

()

100

28

50

88

6000

72

111

172

12000

108

170

220

18000

180

230

352

88

4.28
P2-P4

()

()

()

100

32

60

88

6000

108

157

264

12000

164

246

324

18000

196

288

436

4.29
(PE4-P5)

()

()

()

100

32

59

108

6000

120

154

236

12000

168

235

344

18000

208

297

364

4.30
(PE2-PE4)

()

()

()

100

32

70

116

6000

108

157

212

12000

172

235

320

18000

240

302

388

.
, 4.7 ,
4.23. 4.7 ,
, .. .

89

250

()

200
150
100
50
0
100

6000

12000

18000

()

4.7
, 4.8,
, 4.23, 4.24, 4.25 4.26

()

18000 .
350
300
250
200
150
100
50
0
1

()

4.8
4.8 ,

.
,

.

90


18000 .
4.31.
4.31

()

215

307

246

259

()

4.31 , 4.9.
350
300
250
200
150
100
50
0
1

()

4.9

4.4
4.13, 4.22 4.31
4.10

91

450
400

()

350
300
250

VPN A

200

VPN B
VPN C

150
100
50
0
1

()

4.10
,
, -
.

.
4.13, 4.22 4.31
. 4.32.
4.32 VPN

()

369

285

257

4.32 4.11

92

400
350

()

300
250
200
150
100
50
0
VPN A

VPN B

VPN C

4.11

4.33 QoS .

4.1
N = (n1+n2++nk) / k

(4.1)

n1 ;
nk k- ;
k
.
VPN A
n1= PE1+P1+P3+PE5 .. n1= 4
n2= PE1+P1+P3+P5+PE4 .. n2= 5
n3= PE1+P1+P2+P4+PE3 .. n3= 5
N = (4+5+5)/3 = 4.7. N VPN B
VPN C.

93

4.33 VPN-

QoS

(/)

VPN A

384

900

4,7

365

VPN B

512

600

285

VPN C

640

900

4,5

257

4.33 ,
.
.
, ,
QoS. 4.2.

V = S / T,

(4.2)

V ;
S ;
T , .

VvpnA = (18000*8)/0,369 = 382 /


VvpnB = (18000*8)/0,285 = 505 /
VvpnC = (18000*8)/0,257 = 560 /
,
4.12.

94

700

(/)

600
500
400


QoS

300
200
100
0
1

4.12 QoS
, 4.12 ,
3- QoS,
. ,
. 3-
, Platinum, Gold Silver.
384 / - , 512
/ B 768 / . .
4.5
,
.
CE_A1#ping 172.17.254.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.17.254.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CE_A1#
,
.

95


.
Perm#ping 172.16.254.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.254.2, timeout is 2 seconds:
Success rate is 0 percent (0/5)
,
.

96

4.6

Dynamips GNS 3.
,
, QoS (
)
. ping,
, .
,

, .

97

MPLS
.
:

VPN MPLS;

.
, ,
;
Cisco IOS;
,

;

IP-
;
,
,
.

.

98


1. CISCO
Internetworking Technology Overview/ . . . URL:
http://lib.mexmat.ru/books/85359.
2. CISCO
Internetworking
Technology
Handbook.
URL:
http://www.cisco.com/en/US/docs/internetworking/technology/handbook/BridgingBasics.html
3. Ram Balakrishnan. Advanced QoS for MultiService IP/MPLS Networks.
Indianapolis: Wiley Publishing, Inc, 2008.-464 .
4. . . . // .. .:
, 2008.
5. . MPLS VPN. : Cisco Press, 2005. 312
6. . , . .: ,
2004 . 688 .
7.
..,

..

(MPLS) -,
- , 2008 .- 446 .
8. . MPLS. : Cisco Press, 2007. 651 .
9. .., . MPLS. .:
-, 2005. 304
10. . . . // -
.. .: ,
2007.
11. . MPLS VPN. : Cisco Press, 2006. 504 .
12. . (VPN)
MPLS. .: Cisco Systems, 2011. 52 .
13. . . . : , 2009 .
14. . MPLS. .:
, 2009. 480 .
15.

Cisco.

1.
(
)
.: , 2007 ., 512 .
16. . . . , , / .
, .. . - .: , 2010. - 429 .
17. OpenNet, - [
]. - : http://www.opennet.ru/. : 17.06.2013.
18. . MPLS . : Cisco Press, 2010. 408 .
19. .. . .
.: -, 2008 .- 304 .
20. . ., . .
. -, - , 2010 .146 .
21.
.

..:
,
2007
.,
992 .

99


P-
2:
!
hostname P2
!
ip cef
!
class-map match-all class2
match ip precedence 3
class-map match-all class3
match ip precedence 1
class-map match-all class1
match ip precedence 5
!
policy-map Isp
class class1
bandwidth 768
queue-limit 900
class class2
bandwidth 512
queue-limit 600
class class3
bandwidth 384
queue-limit 900
!
interface Loopback0
ip address 10.10.7.1 255.255.255.255
!
interface Serial1/0
description ***Router_P1***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface Serial1/1
description ***Router_P4***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface Serial1/2
description ***Router_PE2***
bandwidth 10240
100

ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface Serial1/3
description ***Router_P3***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
router ospf 100
log-adjacency-changes
network 10.10.7.1 0.0.0.0 area 0
!
3
!
hostname P3
!
ip cef
!
class-map match-all class2
match ip precedence 3
class-map match-all class3
match ip precedence 1
class-map match-all class1
match ip precedence 5
!
policy-map Isp
class class1
bandwidth 768
queue-limit 900
class class2
bandwidth 512
queue-limit 600
class class3
bandwidth 384
queue-limit 900
!
interface Loopback0
ip address 10.10.8.1 255.255.255.255
!
interface Serial1/0
description ***Router_P1***
bandwidth 10240
ip unnumbered Loopback0
101

tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface Serial1/1
description ***Router_P2***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface Serial1/2
description ***Router_P5***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface Serial1/3
description ***Router_PE5***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
router ospf 100
log-adjacency-changes
network 10.10.8.1 0.0.0.0 area 0
!
4
!
hostname P4
!
ip cef
!
class-map match-all class2
match ip precedence 3
class-map match-all class3
match ip precedence 1
class-map match-all class1
match ip precedence 5
!
policy-map Isp
class class1
102

bandwidth 768
queue-limit 900
class class2
bandwidth 512
queue-limit 600
class class3
bandwidth 384
queue-limit 900
!
interface Loopback0
ip address 10.10.9.1 255.255.255.255
!
interface Serial1/0
description ***Router_P2***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface Serial1/1
description ***Router_P5***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface Serial1/2
description ***Router_PE3***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
router ospf 100
log-adjacency-changes
network 10.10.9.1 0.0.0.0 area 0
!
5
!
hostname P5
!
ip cef
!
class-map match-all class2
match ip precedence 3
103

class-map match-all class3


match ip precedence 1
class-map match-all class1
match ip precedence 5
!
policy-map Isp
class class1
bandwidth 768
queue-limit 900
class class2
bandwidth 512
queue-limit 600
class class3
bandwidth 384
queue-limit 900
!
interface Loopback0
ip address 10.10.10.1 255.255.255.255
!
interface Serial1/0
description ***Router_P3***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface Serial1/1
description ***Router_P4***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface Serial1/2
description ***Router_PE4***
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
router ospf 100
log-adjacency-changes
network 10.10.10.1 0.0.0.0 area 0
!

104


PE-

PE (PE4) CE-
.
PE4:
!
hostname Chel
!
ip vrf vrf1
rd 100:1
route-target export 100:1
route-target import 100:1
!
ip vrf vrf3
rd 100:3
route-target export 100:3
route-target import 100:3
!
ip cef
!
class-map match-all Platinum
match input-interface FastEthernet2/0
class-map match-all Silver
match input-interface FastEthernet2/1
!
policy-map Isp
class Platinum
bandwidth 768
queue-limit 900
set ip precedence 5
class Silver
bandwidth 512
queue-limit 900
set ip precedence 1
!
interface Loopback0
ip address 10.10.4.1 255.255.255.255
!
interface Serial1/0
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface FastEthernet2/0
ip vrf forwarding vrf1
105

ip address 172.16.252.1 255.255.255.252


duplex auto
speed auto
!
interface FastEthernet2/1
ip vrf forwarding vrf3
ip address 172.18.252.1 255.255.255.252
duplex auto
speed auto
!
router ospf 100
log-adjacency-changes
network 10.10.4.1 0.0.0.0 area 0
!
router rip
version 2
network 172.16.0.0
network 172.18.0.0
!
address-family ipv4 vrf vrf3
redistribute bgp 64512 metric 1
network 172.18.0.0
no auto-summary
version 2
exit-address-family
!
address-family ipv4 vrf vrf1
redistribute bgp 64512 metric 1
network 172.16.0.0
no auto-summary
version 2
exit-address-family
!
router bgp 64512
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.10.1.1 remote-as 64512
neighbor 10.10.1.1 update-source Loopback0
neighbor 10.10.2.1 remote-as 64512
neighbor 10.10.2.1 update-source Loopback0
neighbor 10.10.3.1 remote-as 64512
neighbor 10.10.3.1 update-source Loopback0
neighbor 10.10.5.1 remote-as 64512
neighbor 10.10.5.1 update-source Loopback0
!
address-family vpnv4
neighbor 10.10.1.1 activate
neighbor 10.10.1.1 send-community extended
neighbor 10.10.2.1 activate
neighbor 10.10.2.1 send-community extended
neighbor 10.10.3.1 activate
neighbor 10.10.3.1 send-community extended
106

neighbor 10.10.5.1 activate


neighbor 10.10.5.1 send-community extended
exit-address-family
!
address-family ipv4 vrf vrf3
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf vrf1
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
:
!
hostname CE_A3
!
interface FastEthernet0/0
ip address 172.16.252.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.16.30.254 255.255.255.0
duplex auto
speed auto
!
router rip
version 2
network 172.16.0.0
!
:
!
hostname CE_3
!
interface FastEthernet0/0
ip address 172.18.252.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.18.30.254 255.255.255.255
shutdown
duplex auto
speed auto
!
router rip
107

version 2
network 172.18.0.0
!

PE (PE3) CE-
.
PE3:
!
hostname Orenburg
!
ip vrf vrf1
rd 100:1
route-target export 100:1
route-target import 100:1
!
ip vrf vrf3
rd 100:3
route-target export 100:3
route-target import 100:3
!
ip cef
!
class-map match-all Platinum
match input-interface FastEthernet2/0
class-map match-all Silver
match input-interface FastEthernet2/1
!
policy-map Isp
class Platinum
bandwidth 768
queue-limit 900
set ip precedence 5
class Silver
bandwidth 512
queue-limit 900
set ip precedence 1
!
interface Loopback0
ip address 10.10.3.1 255.255.255.255
!
interface Serial1/0
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface FastEthernet2/0
108

ip vrf forwarding vrf1


ip address 172.16.253.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet2/1
ip vrf forwarding vrf3
ip address 172.18.253.1 255.255.255.252
duplex auto
speed auto
!
router ospf 100
log-adjacency-changes
network 10.10.3.1 0.0.0.0 area 0
!
router rip
version 2
network 172.16.0.0
network 172.18.0.0
!
address-family ipv4 vrf vrf3
redistribute bgp 64512 metric 1
network 172.18.0.0
no auto-summary
version 2
exit-address-family
!
address-family ipv4 vrf vrf1
redistribute bgp 64512 metric 1
network 172.16.0.0
no auto-summary
version 2
exit-address-family
!
router bgp 64512
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.10.1.1 remote-as 64512
neighbor 10.10.1.1 update-source Loopback0
neighbor 10.10.2.1 remote-as 64512
neighbor 10.10.2.1 update-source Loopback0
neighbor 10.10.4.1 remote-as 64512
neighbor 10.10.4.1 update-source Loopback0
neighbor 10.10.5.1 remote-as 64512
neighbor 10.10.5.1 update-source Loopback0
!
address-family vpnv4
neighbor 10.10.1.1 activate
neighbor 10.10.1.1 send-community extended
neighbor 10.10.2.1 activate
neighbor 10.10.2.1 send-community extended
neighbor 10.10.4.1 activate
109

neighbor 10.10.4.1 send-community extended


neighbor 10.10.5.1 activate
neighbor 10.10.5.1 send-community extended
exit-address-family
!
address-family ipv4 vrf vrf3
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf vrf1
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
:
!
hostname CE_A2
!
interface FastEthernet0/0
ip address 172.16.253.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.16.20.254 255.255.255.0
duplex auto
speed auto
!
router rip
version 2
network 172.16.0.0
!
:
!
hostname CE_2
!
interface FastEthernet0/0
ip address 172.18.253.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.18.20.254 255.255.255.255
shutdown
duplex auto
speed auto
!
110

router rip
version 2
network 172.18.0.0
!

PE-
(PE2) CE- .
PE2:
!
hostname Igevsk
!
ip vrf vrf2
rd 100:2
route-target export 100:2
route-target import 100:2
!
ip vrf vrf3
rd 100:3
route-target export 100:3
route-target import 100:3
!
ip cef
!
class-map match-all Gold
match input-interface FastEthernet2/0
class-map match-all Silver
match input-interface FastEthernet2/1
!
policy-map Isp
class Gold
bandwidth 512
queue-limit 600
set ip precedence 3
class Silver
bandwidth 384
queue-limit 900
set ip precedence 1
!
interface Loopback0
ip address 10.10.2.1 255.255.255.255
!
interface Serial1/0
bandwidth 10240
ip unnumbered Loopback0
tag-switching ip
serial restart-delay 0
max-reserved-bandwidth 90
service-policy output Isp
!
interface FastEthernet2/0
111

ip vrf forwarding vrf2


ip address 172.17.253.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet2/1
ip vrf forwarding vrf3
ip address 172.18.254.1 255.255.255.252
duplex auto
speed auto
!
router ospf 100
log-adjacency-changes
network 10.10.2.1 0.0.0.0 area 0
!
router rip
version 2
network 172.17.0.0
network 172.18.0.0
!
address-family ipv4 vrf vrf3
redistribute bgp 64512 metric 1
network 172.18.0.0
no auto-summary
version 2
exit-address-family
!
address-family ipv4 vrf vrf2
redistribute bgp 64512 metric 1
network 172.17.0.0
no auto-summary
version 2
exit-address-family
!
router bgp 64512
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.10.1.1 remote-as 64512
neighbor 10.10.1.1 update-source Loopback0
neighbor 10.10.3.1 remote-as 64512
neighbor 10.10.3.1 update-source Loopback0
neighbor 10.10.4.1 remote-as 64512
neighbor 10.10.4.1 update-source Loopback0
neighbor 10.10.5.1 remote-as 64512
neighbor 10.10.5.1 update-source Loopback0
!
address-family vpnv4
neighbor 10.10.1.1 activate
neighbor 10.10.1.1 send-community extended
neighbor 10.10.3.1 activate
neighbor 10.10.3.1 send-community extended
neighbor 10.10.4.1 activate
112

neighbor 10.10.4.1 send-community extended


neighbor 10.10.5.1 activate
neighbor 10.10.5.1 send-community extended
exit-address-family
!
address-family ipv4 vrf vrf3
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf vrf2
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
B:
!
hostname CE_B2
!
interface FastEthernet0/0
ip address 172.17.253.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.17.20.254 255.255.255.0
duplex auto
speed auto
!
router rip
version 2
network 172.17.0.0
!
:
!
hostname CE_1
!
interface FastEthernet0/0
ip address 172.18.254.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.18.10.254 255.255.255.255
shutdown
duplex auto
speed auto
!
113

router rip
version 2
network 172.18.0.0
!

114

Оценить