Построение Виртуальных Частных Сетей (vpn) На Базе...
TRANSCRIPT
-
(VPN)
MPLS
-
MPLS - . - , MPLS-VPN; - - -, - , , - , , -, - . -- , - , , - MPLS.
1 2 , - , , -, - .
-
1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31.1. , . . . . . . . . . . . . . . . . . . . .31.2. -, ,
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
1.3. Cisco . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52. MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72.1. MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82.2. VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92.2.1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92.2.1.1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102.2.2 . (Peer Model) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102.2.2.1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112.2.2.2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112.3. MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112.3.1. MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122.3.2 MBGP . . . . . . . . . . . . . . . . . . . . . . . . . .132.3.3. / . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132.3.4. VRF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142.3.5. - P- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142.4. MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .152.4.1. MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .152.4.2. MPLS-VPN Hub-and-Spoke . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .162.5. MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .163. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .173.1. - / . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .173.2. VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .183.3. VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193.3.1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193.3.2. () . . . . . . . . . . . . . . . . . . . . . . . . . .193.3.3. . . . . . . . . . . . . . . . . . . . . .203.3.4. . . . . . . . . . . . . . . . . . . . .213.4. MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213.4.1. CE- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213.4.2. MPLS (P + PE) . . . . . . . . . . . . . . . . . . . . . .223.4.2.1. P PE VRF . . . . . . . . . . . . . . . . . . . . . . . .223.4.2.2. P PE . . . . . . . . . . . . . . . . . .233.4.3. : Extranet Multiple VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233.5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243.5.1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243.5.2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243.5.2.1. CE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243.5.2.2. ( ) . . . . . . . . . . . . . . . . . . . . . . .253.5.2.3. ( ) . . . . . . . . . . . . . . . . . . . . . . . . . .263.6. - . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27
1
-
3.6.1. - ( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27
3.6.2. - ( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28
3.6.3. - . . . . . . . . . . .293.7. (QoS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .293.7.1. IP Precedence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .303.7.2. Committed Access Rate (CAR) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .303.7.3. Weighted Random Early Detection (WRED) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .313.7.4. Weighted Fair Queuing (WFQ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .323.7.5. Class Based Weighted Fair Queuing (CBWFQ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .333.7.6. WFQ IP Precedence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .333.7.7. Modified Deficit Round Robin (MDRR) GSR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .343.8. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .343.8.1. . . . . . . . . . . . . . . . . . . . . . . . . .353.8.2. MPLS Diff-Serv (
GB TE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .364. MPLS-VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .374.1. ( ISDN) . . . . . . . . . . . . . . .374.2. DSL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .384.3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .394.4. (BBFW) . . . . . . . . . . . . . . . . . .394.5. Frame Relay/ATM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .404.6.
CoS/QoS PE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .404.7.
(CE PE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41 RIPv2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
4.8. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41 IS-IS OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41MP-BGP4 ( BGP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42 BGP (BGP Route Reflectors) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
4.9. (Customer Equipment CE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . .435. VPN Solutions Center ( VPN) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .435.1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .435.2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .435.3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .445.4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .455.5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .465.6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .465.6.1. (Fault Management) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .465.6.2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .465.6.3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
. MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
2
-
1.
,
IP-
-
. -
-
--
, ,
( -
), ,
(
), -
.
, - -
, -
, -
, .
,
.
, -
,
(),
-
. ,
,
,
.
(VPN)
. -
- -
VPN. ,
(e-commerce), -
, -
. , -
-
-
.
1.1. ,
-
,
(VPN), -
,
(.
1 2). 1 -
Yankee Group, 2
Infonetics. -
VPN.
1: Yankee Group VPN
2: Infonetics VPN ( . )
, Infonetics ( 2000 )
-
MPLS -, -
VPN. , 2004 -
- -
9,1 . , -
MPLS
, 83% -
MPLS
2001 (. 3).
3
VPN
VPN
-
3: Infonetics - VPN 2001
-
, , -
-, -
-
VPN -
, -
, .
Cahners In-stat Group , 2003
VPN ( ,
) -
VPN.
-
(SLA), -
-
VPN. -
VPN ,
.
4: Cahners In-stat Group VPN-,
VPN
, , -
2 3. -
VPN 3
-
-
. VPN ,
,
( IP) 2.
VPN -
, , ,
.
,
VPN , Frame Relay ATM.
VPN -
2. IP- 3 -
-
() ,
,
. -
, .
-
-
, --
-
IP -
. , -
,
IP-,
-
. -
IP-.
VPN
. , ,
- -
VPN,
,
. , -
,
-
. ,
, - -
-
VPN ,
.
- MPLS
MPLS-VPN
VPN
IP. -
4
Web-
MPLS
, ( ), VPN,
: Cahners In-stat Group, 1999
(% 2001 )
-
.
, (QoS)
MPLS, -
(connectionless features), -
VPN -
. -
,
(, IPSec),
, -
.
1.2. -, , -
, -
-,
,
MPLS ,
. --
MPLS -
, .
, - -
,
, ,
.
, -
, -
MPLS (fast re-route).
MPLS ,
. -
:
MPLS, -
, - -
.
,
VPNSC (Cisco VPN Solutions Center),
-
,
VPN 2.
MPLS
ATM (IP+ATM), PNNI
MPLS, -
.
,
.
MPLS, QoS -
. , -
-
,
.
MPLS-VPN
, -
:
;
( CAR);
VRF ;
(CoS), ..
;
VRF;
VPN;
PECE.
-
:
-
MPLS 75% -
Frame Relay DLCI;
-
MPLS , -
. -
-
.
1.3. Cisco Cisco Managed MPLS-VPN
Solutions -,
VPN,
-
.
MPLS
ATM
IP. MPLS -
IP ATM PNNI -
VCI/VPI. -
(Label Distribution Protocol), -
,
VPI/VCI ATM,
ATM
(Label Switch Routers LSR). -
5
-
, , -
MPLS , ,
, , -
SONET/SDH, DWDM
.
ATM, MPLS ATM
( -
LSR) ,
,
(
VC-merge).
-
MPLS
,
5.
, -
, MPLS.
A, -
-
, .
(core network)
P- ( P
). MPLS P--
-
(Label Switch Routers LSR). -
, -
ATM, ATM
MPLS,
3, -
. P- -
(),
MPLS.
, -
(Label Distribution Protocol). -
(VPN) BGP-, -
-.
PE- ( PE -
)
-
MPLS (MPLS core) -
, . CE-
(CE ) -
PE- -
MPLS-VPN. PE--
-
BGP -
VPN. -
, PE- -
-
, -
. -
PE-
Route-Reflector (RR). -
RR- -
, PE--
.
. -
PE- -
.
6
VPNA2.2.0.0
VPNB1.2.0.0
VPN2.6.0.0
VPNB1.1.0.0
5. MPLS
C
CE
CE
CE
PE
PE
PE
PE
CE
CE
VPNA2.5.0.0
VPNA2.1.0.0
VPNB1.3.0.0
CE
iBGP
-
MPLS PE
VRF ( VPN)
VPN. VRF
,
VPN. MPLS- -
, VPN
(Route Distinguisher RD),
-
CE. (RD) -
PE-, P- -
,
.
,
P-,
, CE--
.
. PE- -
-
, VRF,
VPN,
CE. VRF
(import poli-
cy), , PE
, (export policy), -
, .
PE-
MPLS, ,
.
, LDP ,
P- ,
-
. MPLS -
, -
.
-
VRF, MPLS-
VPN. -
, -
,
VPN. -
, BGP,
OSPF RIPv2. 4 -
VPNA, 2.0.0.0
A. , 2.2.0.0,
VPN.
. -
VRF PE, -
, , -
VPNA.
, VPNA -
VPNB. -
-
,
MPLS-VPN,
, -
, .
2. MPLS
MPLS -
,
IP VPN. MPLS -
, -
IP VPN
, . MPLS -
- IP VPN
, -
( Frame
Relay ATM WAN)
( -
).
MPLS -
, -
Cisco (Cisco Tag Switching). -
IETF.
(Internet Draft), -
http://www.ietf.org/internet-
drafts/draft-ietf-mpls-arch-07.txt. Cisco MPLS
MPLS.
.
MPLS
.
, .
, ,
. -
. , -
. , -
(,
), ,
.
. --
-
7
-
IP-. -
, .
2.1. MPLS , MPLS,
--
, .
6.
1.
. -
IP+ATM,
-. -
, OSPF
IS-IS.
2. (Label
Distribution Protocol LDP)
, -
. -
(Label Switched Paths
LSP)
.
MPLS -
-
ATM PVC, -
VCI/VPI.
3.
Label Switch Router (LSR), , -
3- (,
QoS ).
-
(policies), LSR -
, -
, .
4. LSR, ,
,
( -
) .
.
5. LSR,
,
.
LSR MPLS -
-
3- .
LSR -
IP-. -
,
.
(,
-
8
1. (, OSPF, IGPR)
2. LDP ,
6. MPLS
3. LSR , 3
2b. LDP LFIB LSR
5. LSR
4. LSR ,
MPSL: (forwarding)
-
); MPLS -
. MPLS
(policy mechanisms),
-
IP. -
,
. -
IP- -
MPLS
, .
,
.
MPLS, 7, -
(MPLS forwarding tables).
7. MPLS (MPLS forwarding tables)
1.
LSR, -
, 128.89. LSR
4,
1.
2. LSR -
, -
, 4 9
0.
3. -
9 ,
, -
0. , -
IP
-
.
2.2. VPN -
MPLS-VPN ,
VPN,
. -
, -
, ,
.
2.2.1. -
-
WAN IP-.
-
- IGP--
. , -
- -
(private network
backbone).
-
, ,
.
-
-
-
. ,
, -
(VPN).
VPN ,
, -
,
. -
. Frame Relay ATM -
. -
9
In Address Out OutLbl Prefix Int Lbl 128.89 1 4 171.69 1 5
In IN Address Out OutLbl I/F Prefix Int Lbl4 2 128.89 0 98 1 128.89 0 105 2 171.69 1 7
In IN Address Out OutLbl I/F Prefix Int Lbl9 1 128.89 0 10 1 128.89 0
LSR LSRLSR
LSR
128.89.25.4 Data 4 128.89.25.4 Data 9 128.89.25.4 Data128.89.25.4 Data
1 2 0 1 0
1
1
-
, -, -
-
. , , -
.
IP--
, , IPSec GRE.
-
- ( -
). , -
,
-
. -
.
--
, -
,
, , . -
,
, -
. -
, -.
, IP-
, -
.
,
. -
. -
-
.
2.2.1.1.
-
, , -
(meshed network). ,
,
, -
.
-
(meshed), -
,
-
, -
() , -
()
. -
(-
-), ,
, -
, -
.
(fully
meshed), , -
.
(
-
), -
. -
, IP-
-
.
2.2.2. (Peer Model) , VPN, -
-
. --
,
, -
. VPN -
-
-.
VPN C
,
.
C1 ()
C2, -
, (
). , -
-
(CE), -
-
(PE).
CE-
. -
- CE--
. CE--
PE- --
-
P-. -
PE- - -
CE-.
10
-
.
CE-
,
. -
,
IP- ,
Frame Relay, -
CE-.
IP-. -
. -
.
2.2.2.1.
:
, -
- -
VPN,
,
VPN. -
-
, VPN.
-
-,
CE-.
. -
CE- .
, -
-, . -
, -
.
2.2.2.2.
-
, -
,
:
-
.
IP- -
(, , -
), -
. IP-
-
, P-
.
() -
. -- (ISP)
.
, -
, ISP.
-
, -
-.
-
- ,
.
,
P-.
C-. -
. -
,
,
.
IP- -
-
, P- -
.
. -
-
CE- (
IPSec). -
,
CE-.
,
CE- -
, .
2.3. MPLS-VPN ,
IP VPN
, - , -
,
-
(QoS) ,
, -
, IP- -
(VC-meshed networks).
, VPN, -
IP, . -
, IP- -
, VPN , -
. -
-
. , -
IP,
11
-
TCP/IP.
VPN , -
(, SNA,
).
. , -
VPN- (VPN-aware), -
-
, . MPLS -
, -
VPN-. -
- -
VPN
.
, MPLS
-
. MPLS -
,
, Frame Relay ATM
. -
VPN
, MPLS -
VPN,
IP- -
VPN.
- --
,
.
MPLS-VPN VPN, -
3 -
IP VPN . MPLS-VPN
,
VPN
(VPN ID).
, ATM Frame Relay,
VPN , -
.
MPLS-VPN:
BGP IPv4
VPN-IPv4 NLRI.
-
MPLS. PE--
, . -
,
E-.
.
PE-.
, PE--
.
- -
-
(IP forwarding). PE
CE (forwarding table), -
, -
CE-.
2.3.1. MPLS-VPN MPLS-VPN MPLS
, BGP -
. -
, -
IP- . -
, -
.
, -
. ,
VPN -
IP- .
CE- -
PE- ( ),
,
CE-, -
. , -
,
, -
CE (
, -
).
VPN (.. VPN
), -
-
.
-
C-
P-. - -
PE- P-.
. -
, -
CE ( -
12
-
-).
C- -
; CE-, ,
, , External BGP -
PE--
. EBGP OSPF,
RIP II . -
C- (IGP) -
P-.
,
VPN -
P-, -
.
2.3.2. MBGP- IPv4 -
C- VPN-IPv4. -
VPN-IPv4 12 . 8 -
(Route Dis-tin-
guisher RD). 4 -
IPv4.
- C-
IP- C-, PE--
, C-, -
IPv4 VPN-
IPv4 ( RD). -
, C-
IPv4, VPN-IPv4
. P- , -
, C-,
VPN-IPv4.
, C-
P-.
, ,
VPN,
,
VPN-IPv4 .
-
IP- -. ,
-
BGP4 , IBGP- -
.
,
.
-
, -
-
.
VPN - BGP,
, -
VPN-IPv4, -
.
MPLS-VPN
PE-. -
VPN -
. -
,
VPN.
VPN-IPv4 C-
( BGP) PE-, -
C-. PE-, -
C-, .
,
PE-, -
VPN,
P-.
VPN, PE-
.
2.3.3. / MPLS-VPN PE-
(forwarding table)
C-, . -
,
C-. -
IBGP PE,
C-.
PE-
IP- -.
VPN B FIB, iBGP
(PE2)
: + .
P-
. -
PE-
,
VPN/CE .
, -
CE-.
,
PE-,
P--
13
-
. P- -
VPN -
IP-.
P- .
PE--
,
. PE-
-
( ), (
P-) PE-. -
P- ,
IP-. P--
C-
.
VPN-IPv4. , P- -
MPLS-VPN
LSR, -
.
, -
P-, -
PE-. ,
PE-,
( ),
. -
PE- IP--
, .
MPLS-VPN
P-
VPN
, P--
.
VPN, VPN
-
. ,
, VPN.
,
, -
.
-
,
P- .
2.3.4. VRF PE- -
(route/forwarding
tables VRF).
, PE-. IP--
,
A, (forwarding table)
, , -
(forwarding table) .
VPN, -
VRF
. , CE1
VPNA VPNB. VRF
PE1
VPNA VPNB. , 1
VRF. -
PE VRF , -
-
. ,
,
VRF.
VRF PE -
, , -
PE. -
, -
, -
-.
,
, . ,
, -
( -
), -
.
2.3.5 - P-P- P--
PE-. P--
.
MPLS.
MPLS-VPN - -
, -
VPN .
P-
IGP- (,
IS-IS OSPF) -
, , PE--
.
PE- IP--
/32
IGP. MPLS -
, -
, PE-.
PE CE,
VRF -
.
14
-
CE, -
PE-,
CE .
CE,
PE, -
(BGP Next Hop), ,
BGP next-hop -
. -
.
IGP (IBGP OSPF)
BGP, -
. ,
BGP, . ( -
BGP IGP, -
).
MPLS
CE
MPLS. ,
P- PE- -
MPLS, IP-
, -
PE-.
P- ( PE-), -
PE-,
MPLS -
PE-. PE--
CE. -
, CE IP-, -
MPLS.
VPN ,
, -
-
,
:
P- ( -
) ;
P- ( -
) ,
-
IP.
, -
VPN , -
.
2.4. MPLS-VPN , -
MPLS-VPN. -
,
. Hub-
and-Spoke (. ).
2.4.1. MPLS-VPN MPLS-VPN -
, -
VPN, CE- PE--
( LSR), -
, P- (-
LSR). 8
MPLS-VPN.
8 CE- -
15
VPN B/ 1
VPN A/ 2
VPN B/ 2
VPN B/ 3
VPN A/ 3
VPN A/ 1
10.1/16
10.1/16
10.4/16
10.3/16
10.2/16
10.2/16
CEB1 CEA2CEB2
CEB3
CEA3CEA1
P1 PE2
P2
P3
PE3PE1
8. MPLS-VPN
-
-. CE--
.
PE-
-
EBGP. CEA1 PE1 -
. CEA1 PE1
( IP--
, ). PE-
CE EBGP,
OSPF, RIPv2 .
LSR (PE-) -
CE--
,
VPN
VPN. , 8, PE2 -
VPNA/Site 2 (CEA2), VPNB/Site 1
Site 2 (CEB1 CEB2). PE2 MPLS
VPN A B VPN-Ipv4 -
VRF .
MPLS-VPN -
(meshed topolo-
gy). CEA1 VPN A/Site 3,
PE1. PE1 -
P3. P3
PE3. PE3
MPLS, IP- -
CEA3. CEA3 , -
.
,
, , -
, .
2.4.2. MPLS-VPN Hub-and-Spoke MPLS-VPN -
Hub-and-Spoke.
MPLS-VPN , -
-
Hub-and-Spoke.
(spokes)
(hub). -
,
VPN -
. Hub-
and-Spoke MPLS-VPN 9.
CE3-Hub.
, , 2
1, --
, CE3-Hub,
-
1.
CE2 PE2, PE1
1.
9
Hub-and-Spoke. VPN -
,
. -
, - -
,
Hub-and-Spoke.
-
.
Hub-
and-Spoke MPLS-VPN.
2.5. MPLS-VPN , , , -
MPLS-VPN -
, -
Frame Relay ATM.
MPLS-VPN
16
Site-1
9. MLS-VPN Hub-and-Spoke
1
2
CE1
CE2
PE1
PE2
PE3
VPN A
CE3-Hub
CE3-Spoke
3
VPN A
BGP/RIPv2
BGP/RIPv2
-
BGP IP-.
BGP- -
. , -
community. VPN -
, VPN -
BGP Route
Distinguisher (RD). RD
,
-
. VPN
. VPN MPLS -
BGP FIB (Forwarding
Information Base) VPN -
VPN, -
-
.
,
VPN . -
RD, -
-
VPN. -
, -
-
RD. Cisco
MPLS-VPN .
Interior Gateway
Protocol (IGP), OSPF IS-IS.
PE
-, LDP .
() -
PE-
LDP,
BGP. Community BGP -
-
, -
. BGP -
-
PE, ,
FIB PE, -
VPN.
,
-
. , IP- -
.
-
VPN -
.
MPLS-VPN , ,
VPN , (-
) PE-.
IP- (forward-
ing table) VPN.
VPN . -
,
. -
VPN, -
.
3.
MPLS-VPN MPLS-VPN, -
- .
MPLS-VPN
.
:
Intranet VPN -
.
Extranet VPN -
.
VPN
CE, P PE.
-
.
-
-.
(QoS) -
.
-
.
3.1. - / MPLS, -
(..
-), 10.
MPLS
(Edge LSR),
(Core LSR). LSR
.
10 -
17
-
MPLS-VPN.
MPLS --
( ).
MPLS-VPN
Edge LSR, VPN-MPLS, -
PE.
(CE-)
IP- ( -
) , , MPLS.
, PE
. -, -
.
PE LSR.
MPLS-VPN LSR P--
. P-
--
.
3.2. VPN Intranet VPN -
VPN MPLS.
. -
(). ,
. IP-
, -
, .
11 . -
-
(VPN Route/Forwarding VRF)
18
10. MPLS-VPN
CE PE PE CE
LSR LSR
LSR LSR
LDP
LSR
LSR
LSR
LSR
( )
( )
( )
11. ()
CE 3
CE 2
CE 1
-
. , -
, -
VRF. -
VFR , -
--
.
3.3. VPN
3.3.1. () -
/ -
VRF . -
IP-, IP--
, -
VRF.
12 , 1
2, ,
A B. -
, : 1
A 2 B. -
,
VRF
.
VRF 1 A -
C1 (C1a, C1b ).
VRF 2 B
C2 (C2a, C2b).
, VRF -
/ , -
route-target. ,
VRF 1 A
C2b 2 B, -
VRF 2 B
C1a 1 A.
3.3.2. () , -
,
,
() ,
.
13 -19
12.
2 B
1 B
1 A
2 A
/
VRF
VRF
VRF
-
C. 1 A
2 B, -
(NAT), C1A
C2B .
MPLS PE--
VRF,
( ,
CE-).
3.3.3.
14 -
.
(NAT gate-
way), VRF
Intranet VPN. VRF,
NAT, -
. -
Ct1 VRF 2
B, Ct2 VRF
1 .
NAT.
NAT
NAT.
-
, .
3.3.4.
20
13. 2 B
1 B
1 A
2 A
/
VRF
VRF
VRF
14.
2 B
1 B
1 A
2 A
/
VRF
VRF
VRF
NAT
-
15 -
. Extranet/NAT Intranet/non-
NAT , -
PE--
.
CE- ,
-
, VRF,
. --
VRF -
( ,
).
, -
- -
. --
CE-
CE-
(end-to-end) NAT.
15 : 1
A (C1A) 2 B (C2B),
(NAT).
C1A C2B,
, Ct1, -
-
. C2B , -
, C1A , Ct2.
VRF
, -
.
,
CE NAT, -
, -
. -
-
, C.
, ,
,
. -
, , NAT--
x.
3.4. MPLS-VPN
3.4.1. CE--
, -
-
. , --
CE, -
CE ( )
.
.
VRF, -
VPN_Network_Management,
21
15. 2 B
1 B
1 A
2 A
/
VRF
VRF
VRF
Extranet_overlapping_nat13
-
CE-. --
(
)
VRF. , VRF -
-
- ( ), -
CE-.
VRF -
CE- .
CE-. 16 -
VRF.
CE- ,
-
, --
.
3.4.2. MPLS (P + PE)
-
, -
P- PE- -
VPN Solutions Center.
-
CE--
, PE- -
VRF, -
(Global Routing Table).
PE.
P- PE--
VRF,
.
3.4.2.1. P PE
VRF
P- PE--
VRF 17.
loopback P PE -
, -
VRF. -
22
16. VRF CE
VRF 2
()
VRF
VRF 3
VRF 1
17. VRF PE
VRF
()
-
MPLS -
,
VRF ,
MPLS, -
, -
.
3.4.2.2. P PE
, -
.
,
VRF.
. 18.
3.4.3. : Extranet Multiple VPN Extranet Multiple VPN ( -
Rainbow Management)
VPN Solutions Center -
-
(management router MCE).
19 , -
MPE.
MCE, PE--
, non-MPLS-VPN MPLS-
VPN . MPLS-
VPN Extranet Multiple VPN. VPN -
VRF -
23
18. PE- (Global Routing Table)
()
19. VPN Solutions Center: Extranet Multiple VPN
(Out of Band)
:
MPLS
-
, MPLS-VPN , MPLS-VPN (In-Band) VPN VPN
, VPN , VRF VPN
VPN
VPN
CE VPN 1
(In-Band)
CE VPN 2
Netflow Collector
MPLS-VPN
MCE
,
VPN 1
CE
VPN SC IP Manager
(staged)
CE
VPN 2
LAN
PE
PE
PE
PE
-
CE, VPN
Solutions Center. non-MPLS-VPN -
MCE Netflow
Collector PE-. CE-
Extranet Multiple VPN, -
non-MPLS-VPN link -
PE.
MCE MPE MPLS-VPN -
. -
,
.
VPN Solutions Center
,
MCE, PE-
VPN
.
VPN Solutions Center -
VPN PE, -
CE
(Management VPN) (VPN). ,
, -
(access-lists)
PE, -
-
. CE
(spoke) VPN ,
-
MCE. -
VPN VPN .
3.5. MPLS-VPN ,
IP--
, -
--
.
.
, -
VPN . -
:
-
(), -
;
(DNS, web-
, web-,
);
-
(, ).
3.5.1.
-
IP, -
. -
,
, -
VRF. -
, . -
, MPLS-VPN, -
, -
.
, -
-
,
. --
, -
,
.
, -
(NAT)
-
.
3.5.2. -
(RFC 1918), -
VPN
- -
. ,
- -
, .
-
, -
VPN (
).
CISCO
(Network Address Translation NAT), -
IOS.
, -
. :
(Service Access at
the CE);
(Service Access at a
Gateway) -.
3.5.2.1. CE
NAT ,
-, -
.
NAT CE.
24
-
20 NAT, -
CE
. , -
(), -
,
. , -
- (ISP)
(ASP).
VRF C,
-
VRF, -
. VRF,
,
Intranet VPN.
VRF -
CT.
, -
P1 P3 VRF
, .
, CT -
VRF, -
, -
(ASP) .
, -
, -
C -
VPN -
, CE-
( ) IP-
PE.
C1 -
- P1, CE- -
C1 C1T, PE-, -
VRF, P1.
, -
CE .
, CE
-
, Hub-and-
Spoke. Hub-and-Spoke -
-, -
- , -
.
3.5.2.2.
( )
-
.
. -
,
. -
-
,
. -
25
20. CE
-
( VRF ),
-
. , -
VRF,
PE--
.
,
,
(service gateway router).
VRF -
. ,
, -
. -
,
. -
.
21 ,
, Service
Gateway 1.
.
(A, B, C), -
, -
VRF (Public
Service 1 Public Service 2).
PE-. -
IP-.
-
. -
PE-, -
VRF ,
, .
3.5.2.3
( )
, -
, .
(service gateway)
VRF . VRF -
, -
. ,
-
. , -
, (service
gateway), -
, (
, -
).
, -
, (route-
target),
VRF. , VRF
.
VRF , -
. -
,
26
21. ( )
-
.
22 (service gateway),
,
, VRF, -
,
VRF -
. 2
P2, P2 (route-target). 1
P1 A,
P1 A.
(service gateway),
, -
VRF -
Cxt . -
. Cxt -
VRF (P1 P2),
.
VRF -
PE-I
(P1 P2), . -
A, B C -
-
MPLS-VPN.
3.6. -
3.6.1. - ( )
-
, -
-
.
, -
- -
. -
- ( ).
-
IP-, (NAT)
, NAT .
-
-
, -
.
23 . -
I - 27
22. ( )
-
VRF ,
, -
, Internet Gateway.
-
VRF - PE-I.
Internet Gateway -
IP-,
(Cx -> Cxt), -
. -
.
, ,
, ,
, .
, -
, -
,
. -
, , -
, 23.
3.6.2. - ( )
- (..
-
)
, -
.
(double NAT). -
CE- -
, -
.
-
(
) .
28
23. - NAT
24. - NAT
-
24.
4 -
, 2, (Internet
NAT Gateway) . ,
4 ,
. -
C2T. -
-.
, (NAT
Gateway), C2T
4 -
, -
.
3.6.3. -
-
VRF,
(Internet
Gateway).
. -
:
MPLS , -
.
BGP . -
, BGP -
. P-
BGP.
, , -
,
VRF.
loopback-
Internet Gateway. -
, -
-
global. -
-
.
-
, CE.
BGP.
,
-
, -
, -.
3.7. (QoS)QoS , -
, ,
. QoS 3 -
, -
. , QoS -
(,
) -
IP VPN , -
-
(Service Level Agreements SLA).
MPLS QoS
, -
, -
. MPLS
. -
, -
IP Precedence, Type-of-Service (ToS)
DiffServ. -
QoS Cisco IP+ATM
MPLS. QoS -
-
. QoS -
, .
QoS,
MPLS
VPN.
VPN -
QoS -
IP- . -
QoS VPN -
(Layer 3 CoS). , -
- :
premium -
, mission-critical -
, , best-
effort. - , -
,
. , , -
-
.
QoS -
, -
. QoS -
, Cisco -
LSR LSR .
, -
29
-
-
. , -
,
. -, -
-
LSR (PE),
,
. ,
, ,
-
, -
. , -
-
. -, ,
, (CoS), -
. -, -
, , -
.
-
.
VPN.
Cisco IOS -
QoS 3, -
VPN. MPLS -
Cisco IOS -
QoS:
IP Precedence
Committed Access Rate (CAR)
Weighted Random Early Detection (WRED)
Weighted Fair Queuing (WFQ)
Class-Based Weighted Fair Queuing (CBWFQ)
Modified Deficit Round Robin (M-DRR)
3.7.1. IP PrecedenceIP Precedence
(precedence bits) IPv4.
(Type-of-Service), (CoS)
, 25. -
MPLS-VPN
.
-
(
).
1 -
IP Precedence.
-
-
. Weighted Random Early Detect -
(drop precedence), -
, , -
( -
).
(IP Precedence) ,
.
3.7.2. Committed Access Rate (CAR)Committed Access Rate
30
25. IP Precedence
3 IP Precedence
IPv4
TOS (1 )
1. , IP Precedence
IP Precedence
, 4 , IP (VoIP), 5
/ 2,3
web-/ 0,1IP-
-
Cisco, QoS
(edge). CAR
.
(policies) -
, ,
.
CAR
. -
,
, -
, / .. CAR -
, . -
,
(IP Precedence), IP-
(IP access control lists),
MAC-. CAR
,
.
, -
(PVC) Frame
Relay ATM, ,
(CIR, PCR .), -
,
. , CAR
,
.
Ethernet ,
(policing/shaping), -
,
2.
10M Ethernet, -
512 /,
.
,
DSL. -
-
(CE)
DOCSIS.
:
CE ( -
/ PE);
PE ( -
/ ,
CE-).
-
CE, PE--
. CAR CE -
, -
CE ,
PE -
.
CAR
:
, .
( )
-
. , -
, .
(normal burst size),
, , -
,
.
, .
, ,
,
,
. CAR .
-
.
( ) CAR -
. -
,
2 3.
3.7.3. Weighted Random Early Detection (WRED) WRED -
, -
. -
, .
WRED
.
. WRED -
, , , -
, .. .
WRED -
:
;
-
, ;
-
,
, -
;
-
, -
31
-
.
(
).
. ,
10% , -
25% 40%. , -
, - -
, -
.
-
2.
-
,
( 64 ). -
, ,
75%
. 25%
, -
.
,
.
WRED
-
. , -
.
WRED .
-
, .
-
, -
, -
( = 0) -
( ,
).
WRED 26.
(1292 ) -
10%. -
, -
5. , -
( -
) -
, -
.
, ,
.
-
.
3.7.4. Weighted Fair Queuing (WFQ)
(WFQ) ,
-
,
. WFQ -
-
, : -
, -
, -
.
WFQ , -
32
26. WRED
Prec OPrec 1
Prec 2Prec 3
Prec 4Prec 5
-
-
. , -
, -
-
. -
-
.
WFQ -
. -
.
WFQ ,
-
,
E1 (2,048 /) .
, WFQ
. -
WFQ
(TDM), -
, - . WFQ -
QoS IP Precedence
-
(QoS).
, WFQ -
. WFQ ,
-
,
-
. WFQ
, TCP
(slow-
start features). WFQ
-
-
.
3.7.5. Class Based Weighted Fair Queuing (CBWFQ) -
(CBWFQ) -
-
. -
, CBWFQ
-
.
, -
,
, -
.
CBWFQ
. ,
QoS ,
35% OC3. 27 -
, -
CBWFQ:
;
;
.
-
, -
. , -
, -
.
,
-
.
,
, ()
-
.
,
.
-
.
3.7.6. WFQ IP Precedence WFQ IP Precedence.
,
IP- -
, -
.
,
-
. WFQ -
, -
. -
.
-
33
27. Class Based Weighted Fair Queuing
-
. -
, (..,
).
3.7.7. Modified Deficit Round Robin (MDRR) GSR GSR
, -
Modified Deficit Round Robin (MDRR).
,
CBWFQ.
MDRR -
CoS/
MPLS. , IP Precedence -
PE , -
, , CoS,
MPLS. CoS
Transparency ( CoS) -
MPLS CoS.
, IP Precedence -
. IP-
-
CoS .
Round Robin,
.
,
. GSR
MDRR ( 0 6)
. MDRR
, -
(CoS). MDRR (-
) : 0-1-2-3-
4-5-6-0-1-2-3-4-5-6 ... - -
,
, , 36 -
. ,
.
-
, -
. -
-
.
-
,
- . -
. -
, -
-
.
: ,
, -
.
.
, -
. 1 ,
MTU. OC3/STM-1 4470 .
512 . 2 -
, -
.
3.8.
MPLS. MPLS Traffic Engineering (TE) -
- -
, -
2, Frame Relay ATM. -
3 -
, -
IP--
34
2. MDRR
20,00% 1 4470
30,00% 5 6705
50,00% 14 11175
-
. -
3 ,
.
IP , -
. -
, -
,
.
MPLS:
.
MPLS -
3- , -
IP- -
,
;
;
-
, ..
, (-
) . MPLS
, -
, -
..;
, -
,
.
-
-
-
.
, -
.
MPLS
-
. -
MPLS Traffic
Engineering, -
-
. -
-
. , MPLS Traffic
Engineering ,
.
, -
(Traffic Engineering Service Restoration), -
MPLS
(MPLS Routing for Resource Reservation
RRR) MPLS. -
,
Link State Routing Protocols (IS-IS, OSPF)
Distance Vector Routing
Protocols (RIP, EIGRP).
3.8.1. MPLS .
(Link Protection
Fast ReRoute).
35
28.
-
Fast ReRoute (FRR).
FRR
. FRR -
,
SONET/SDH ( 50 ).
, LSP -
, -
,
(head-end-router). -
, -
-
.
FRR, -
. -
, TE .
28 Fast ReRoute.
R6 R5 Fast ReRoute. -
R6 , ,
TE
{R2,R3,R4} R5. ,
, , -
, -
.
-
.
, -
, , -
.
-
LSP.
3.8.2. MPLS Diff-Serv ( GB TE)
Diff-Serv.
MPLS Traffic Engineering
.
. -
(drafts) IETF:
a) Diff-Serv-Aware Traffic
Engineering;
b) RSVP-TE CR-LDP
Diff-Serv-Aware Traffic Engineering;
c) OSPF Diff-Serv-Aware
Traffic Engineering;
d) IS-IS Diff-Serv-Aware
Traffic Engineering.
Cisco -
MPLS -
. MPLS -
-
, -
-
.
MPLS Diff-Serv-Aware Traffic Engineering -
-
(explicit routing), -
IP -
.
.
,
. ,
,
.
MPLS Diff-Serv-Aware Traffic Engineering
: MPLS, OSPF, IS-
IS Resource Reservation Protocol (RSVP). -
RSVP
,
RSVP. RSVP -
(edge routers)
unicast, -
. -
RSVP
36
-
.
4. MPLS-VPN
Cisco VPN . -
, -
. -
PE-,
MPLS-VPN
37
29. MPLS-VPN
30. MPLS L2TP
. , -
PE-CE, MPLS-VPN.
4.1. ( ISDN)
-
POP MPLS-VPN.
PPP, -
(,
ISDN).
, PPP -
-
(NAS) -. -
. -
, -
PPP, (DNIS), -
, NAS -
2-
(Layer 2 Tunneling Protocol L2TP).
PPP PE--
.
PPP PE--
, -
VPN. -
VPN -
DNIS. PPP -
DNIS PE-
. -
, , -
RADIUS. PPP -
VPN -
. -
,
L2TP.
4.2. DSL (DSL)
, .
,
DSL
VPN.
DSL ,
(CPE), , .
,
PPP Ethernet PPP
ATM. Cisco
6400 -
PE-.
MPLS CPE. -
(bridged) CPE -
Cisco 6400
MPLS RD.
VCI/VPI.
MPLS RD.
-
PPP web- -
(dashboard). PPP,
(user-
name). UAC ,
-
, MPLS-VPN,
.
Cisco 6400 UAC
VPN.
web- -
,
Cisco 6400 UAC, (web
dashboard server). -
URL -
, .
MPLS-VPN. -
, , -
38
31. PPPoX DSL MPLS-VPN, SSG
-
.
-
MPLS-VPN.
4.3.
-
-
-
/ (HFC),
39
DOCSIS SID MPLS
HFCHub
PE PE
CATV
/
MS
ITSP
ISP
ISP
VPNCust. HQ
32. MPLS-VPN
.
uBR7200 PE--
.
4.4. (BBFW)
33 -
BBFW MPLS-VPN.
(Cisco uBR72xx/VXR ) -
PE- MPLS-VPN. -
(CPE,
Cisco 26xx/36xx BBFW), -
, CE-,
PE. , -
, -
, VPN -
33. DOCSIS SID => MPLS-VPN
-
40
(Service Identifiers SID),
DOCSIS. -
CPE -
SID.
4.5. Frame Relay/ATM Frame Relay ATM -
. -
2. -
Frame Relay ATM -
Cisco,
, Cisco 7200
Cisco 7500. --
Cisco 3600.
4.6. - CoS/QoS PE
34 CoS/QoS
- -
CoS.
CoS PE--
:
PE -
, ;
,
, ,
-
;
PE -
( -
: , ,
..);
-
;
WRED -
;
WRED,
.
4.7. (CE PE)
,
34. CoS/QoS - 7500/7200
-
41
CE PE
. , -
, PE -
.
-
VPN (VPN Routing
and Forwarding table VRF), -
.
,
PE/CE.
MPLS -
:
;
RIPv2;
eBGP;
OSPF.
VRF.
, address families (
). -
VRF, -
.
, , -
PE CE, IGP, -
. , -
IGP ,
PE/CE VRF. -
EIGRP
(WAN)
RIPv2 PE/CE,
VRF.
,
(Customer Edge) - -
MPLS.
IOS. -
MPLS, -
. -
PE/CE ( -
) ,
IGP .
-
(stub site), -
IP- .
, -
. CE-
,
MPLS. PE- -
-
VRF, .
, PE
,
,
IP-
PE LAN. , -
(LAN),
PE VRF.
RIPv2
RIPv2 ,
.
MPLS VRF. , RIPv2 -
CIDR ,
IP-
( RIPv1 ).
RIPv2 - -
, RIPv2 -
, -
,
(link state), OSPF.
4.8. PE-PE P-P -
, -
.
P-P IS-IS OSPF.
PE-PE MP-BGP.
IS-IS OSPF IS-IS/OSPF IGP, -
IP- LSR (P PE). -
-
LDP VPN (BGP4).
IS-IS OSPF
IGP -
. IS-IS OSPF
(link state)
RRR. - -
, EIRGP, RRR.
(global routing
table GRT) P- PE-
.
-
, VPN. -
loopback . GRT
, -
P/PE.
VRF.
VRF, -
- -
global.
MP-BGP4 ( BGP) VPN
BGP. MPLS
VPN, -, -
VRF, . -
VRF IPv4,
VPN-IPv4, BGP -
,
VPN-IPv4.
-
PE-. -
VPN VPN.
BGP -
VPN. VPN
.
BGP (BGP Route Reflectors)
BGP
MPLS,
-
.
,
PE
PE - -
(BGP neighbor command), -
. BGP , -
,
(AS),
. BGP -
42
35. BGP
-
(fully meshed),
,
BGP.
PE -
,
PE, -
BGP. -
-
BGP
PE.
, , -
PE , -
. ,
VRF,
. ,
, PE,
PE.
4.9. (Customer Equipment CE),
non-MPLS-VPN, MPLS-VPN.
MPLS-VPN. -
-
// -
.
5. VPN Solutions Center ( VPN)
, , , -
(Operations, Accounting, Maintentance, Provisioning
and Management OAM&P) -
MPLS-VPN. Cisco -
- VPN (VPN
Solutions Center VPNSC). --
:
VPN,
, -
VPN MPLS.
IP VPN -
,
, ,
(SLA) -
.
5.1. Cisco VPN Solutions Center -
MPLS SLA, -
- MPLS-
VPN .
Cisco VPN Solutions Center -
MPLS-VPN .
-
, , -
(SLA),
. Cisco VPN Solutions Center -
(API). -
Cisco (Cisco
Service Management CSM). -, -
CSM, -
Cisco VPN Solutions Center CSM
VPN. -
, Cisco Provisioning Center
Cisco Info Center, Cisco
VPN Solutions Center ,
. Cisco VPN
Solutions Center -
(standalone) , --
, -
, VPN.
5.2. ,
MPLS-VPN.
QoS -
-
.
-
(wizards), .
(scheduler) -
.
VPN (hub-and-spoke
full-mesh).
IP-VPN
.
,
VPN .
-
(SLA)
SLA VPN.
API -
, ,
-
OSS (Operations
Support Systems).
43
-
, -
(GSR)
Cisco.
Cisco IOS
.
5.3. VPN
VPN
(wizards).
VPN -
.
web- -
, -
.
-
-
.
, -
.
-
.
VPN -
.
VPN
QoS.
44 36. VPN
-
5.4.
(Provisioning). Cisco VPN
Solutions Center , -
.
, VPN -
. , -
.
Cisco IOS,
.
(Scheduling).
-
, -
, -
.
(Activation). -
-
Cisco IOS.
, -
.
- (Post-activation
testing). ,
. ,
,
(site-to-site ping test) -
-
VPN.
(Service auditing). VPN Solutions Center
(
pending deployed). -
-
,
-
.
(Usage). -
Cisco NetFlow, VPN Solutions Center -
VPN
. NetFlow -
, -
IP- . ,
, -
-
.
SLA
. VPN Solutions Center
SLA, -
(round-trip time),
Cisco.
-
.
QoS. VPN Solutions Center QoS -
-
45
37:
VPN Solutions Center
-
. VPN Solutions Center -
, -
-
SLA
(Response Time Reporter RTR),
Cisco IOSTM.
5.5. VPN Solutions Center -
API
CSM. , API
, ,
(Belle Systems IMS), (Cisco
Info Center) (Concord eHealth). ,
Info Center -
, , -
. -
, -
VPN Solutions Center
API.
5.6.
5.6.1. (Fault Management) VPN Solutions Center -
Cisco Info Center
(CIC). CIC -
VPN
VPN
VPN Solutions Center.
5.6.2. VPN Solutions Center -
, -
,
, ,
, ..
, VPN Solutions Center -
VPN. ,
VPN Solutions
Center Con-
cord eHealth.
5.6.3. VPN Solutions Center
CORBA API
VPN Netflow. -
Portal and Belle System IMS VPN
Solutions Center , -
.
46
38: VPN Solutions Center
-
A. MPLS
Border Router . IBGP
( ) PE -
PE EBGP
- .
CEF Cisco Express Forwarding 3- .
MPLS-VPN CEF.
CE- . -
.
(PE-) .
Customer Network (C-Network) .
Customer Premise Equipment (CPE) , .
Edge LSR , .
LSR, , MPLS, -
Edge LSR.
Global Routing Table IP- Cisco IOS. -
( ) show ip route.
Label () , LSR
. MPLS
.
Label Switching (labels tags).
( ) MPLS -
(incoming label) (outgoing label).
LDP (Label Distribution Protocol), -
draft-ietf-mpls-ldp-05.
Label switched path (LSP) , , -
( ) . LSP
.
LSR: Label Switch Router ,
( .
)
MPLS (Multi-Protocol
Label Switching).
NLRI (Network Layer
Reachability Information).
VPN-IPv4 . : (,
, ).
P- , ..
MPLS-VPN. P-
P-.
, P-
PE-. P-
LSR.
47
-
PE- .
. CE- -
. PE- Ipv4
12- VPN-Ipv4. PE- -
Edge LSR.
Provider Network (P-Network) -, P-.
( )
Route Distinguisher (RD) , -
( ) VPN (64 ).
RD -
.
VPN (Vitural Private Network) . .
(.. -),
.
VPN Aware Network , MPLS-VPN.
VPN-IPV4 12- IP-. 8 -
(RD), 4 IP-.
VRF (VPN Routing & Forwarding) , -
. VRF
IP-, , -
, , -
, , -
. ()-
VRF.
VRF ForwardingTable ,
( VRF) . CEF. VPN
CEF.
VRF Routing Table , , -
( VRF) . -
IP-. VRF Routing Table
show ip route vrf vrf_name.
48
-
: CCIE, -
-
Cisco Systems113054 , ., 52. 1, 4- .: +7 (095) 961 14 10: +7 (095) 961 14 69World Wide Web: www.cisco.comWorld Wide Web: www.cisco.ru
Cisco Systems has more than 200 offices in the following countries. Addresses, phone numbers, and fax numbers are listed on theC i s c o C o n n e c t i o n O n l i n e W e b s i t e a t h t t p : / / w w w . c i s c o . c o m .
/ / w w w . c i s c o . r u .Argentina Australia Austria Belgium Brazil Canada Chile China Colombia Costa Rica Croatia Czech Republic DenmarkDubai, UAE Finland France Germany Greece Hong Kong Hungary India Indonesia Ireland Israel Italy Japan Korea Luxemburg Malaysia Mexico The Netherlands New Zealand Norway Peru Philippines Poland Portugal Puerto Rico Romania Russia Saudi Arabia Singapore Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand Turkey United Kingdom United States Venezuela
Copyright 2001 Cisco Systems Inc. All rights reserved. Printed in Russia. Cisco Systems logos are registered trademarks of Cisco Systems, Inc. in the U.S. and certain other countries. All other trade-marks mentioned in this document are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any of its resellers.