本文为原创,禁止转载。 文章是在个人研究怎么在LINUX上实现MPLS的总结。暂时LINUX上还没法实现BGP MPLS VPN
建立MPLS在linux上转发基础环境的步骤
It need linux kernel support mpls stack.Such kernel 4.6 需要linux内核支持mpls模块,更新内核
wget wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.6-yakkety/linux-headers-4.6.0-040600_4.6.0-040600.201606100558_all.deb wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.6-yakkety/linux-headers-4.6.0-040600-generic_4.6.0-040600.201606100558_amd64.deb wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.6-yakkety/linux-image-4.6.0-040600-generic_4.6.0-040600.201606100558_amd64.deb
install dpkg -i *.deb
update grub and reboot update-grub reboot
调整MPLS内核参数,启用MPLS stack
modprobe mpls_router modprobe mpls_gso modprobe mpls_iptunnel sysctl -w net.mpls.conf.eth0.input=1 sysctl -w net.mpls.conf.lo.input=1 sysctl -w net.mpls.platform_labels=1048575
You’ll need to set net.mpls.conf.[interface-name].input=1 for any other interfaces that you plan to receive MPLS packets on, otherwise the MPLS route table won’t accept your routes
安装quagga-ldpd,需要源码编译,因为直接的发行版本默认没有ldpd
git clone git clone https://github.com/rwestphal/quagga-ldpd.gitapt-get apt-get install autoconf automake texinfo libtoolcreate Makefile cd quagga-ldpd ./bootstrap.sh #autoreconf -i./configure ./configure --enable-tcp-zebra --enable-mpls --enable-ldpd --sysconfdir=/etc/quagga --localstatedir=/var/runmake & make install make make installldconfig ldconfig /usr/local/libERROR: 1. AWK \1 Error apt-get install gawk 2. configure: error: vtysh needs libreadline but was not found and usable on your system. apt-get install libreadline-dev
启动quagga,需手动建pid文件,已邮件联系开发者
user useradd quaggaset permission chown -R quagga.quagga /etc/quaggacreate pid information touch /var/run/zebra.pid chmod 755 /var/run/zebra.pid chown quagga.quagga /var/run/zebra.pidtouch /var/run/ospfd.pid chmod 755 /var/run/ospfd.pid chown quagga.quagga /var/run/ospfd.pid
touch /var/run/ldpd.pid chmod 755 /var/run/ldpd.pid chown quagga.quagga /var/run/ldpd.pid
create ldpd vty file touch /var/run/ldpd.vty chmod 755 /var/run/ldpd.vty chown quagga.quagga /var/run/ldpd.vty chmod 777 /var/run
config
安装完会有默认配置,直接最简单的配置用于启动即可 cp /etc/quagga/zebra.conf.sample /etc/quagga/zebra.conf cp /etc/quagga/ldpd.conf.sample /etc/quagga/ldpd.conf
start zebra -d -f /etc/quagga/zebra.conf ospfd -d -f /etc/quagga/ospfd.conf ldpd -d -f /etc/quagga/ldpd.conf
基础环境已经完成,正式实验开始
10.63.26.1x is Debian Linux IP for ssh to manage.And 4.4.4.4 / 9.9.9.9 / 6.6.6.6 is loopback IP for experiment.
10.63.26.x网段是用于管理的ssh网段。而4.4.4.4等IP是用于测试MPLS流量。
We can make it through such command: 通过以下命令创建lo1 ip link add name lo1 type dummy ip link set dev lo1 up ip addr add 4.4.4.4/32 dev lo1
we need to create a step by step environment ,so that we can catch the mpls tag changement .Rather than a next hop tag “3”.
用于建立一跳到一跳的情景,原因是机器同在一网段,如果使用OSPF协议,IP地址均为下一跳,MPLS的标签只会是3(即没MPLS标签, pop)
In 10.63.26.14 , config in zebra through : ip route 6.6.6.6/32 10.63.26.19 ip route 9.9.9.9/32 10.63.26.19
10.63.26.19: ip route 6.6.6.6/32 10.63.26.16 ip route 4.4.4.4/32 10.63.26.14
And 10.63.26.19: ip route 9.9.9.9/32 10.63.26.19 ip route 4.4.4.4/32 10.63.26.19
Now, every Linux can reach the others loopback IP step by step.
以下为不同机器ldpd中关键的配置,用于建立ldpd邻居,传递标签
In 10.63.26.14 config…
mpls ldp router-id 4.4.4.4 dual-stack transport-connection prefer ipv4 dual-stack cisco-interop neighbor 9.9.9.9 password testmpls ! address-family ipv4 discovery transport-address 4.4.4.4 ! interface eth0 ! ! !In 10.63.26.19 config…
mpls ldp router-id 9.9.9.9 dual-stack transport-connection prefer ipv4 dual-stack cisco-interop neighbor 4.4.4.4 password testmpls neighbor 6.6.6.6 password testmpls ! address-family ipv4 discovery transport-address 9.9.9.9 ! interface eth0 ! ! !In 10.63.26.16 config…
mpls ldp router-id 6.6.6.6 dual-stack transport-connection prefer ipv4 dual-stack cisco-interop neighbor 9.9.9.9 password testmpls ! address-family ipv4 discovery transport-address 6.6.6.6 ! interface eth0 ! ! !After that,we can show mpls ldp neighbor
从14机器用4.4.4.4ping6.6.6.6 In 10.63.26.14: ping -I 4.4.4.4 6.6.6.6
And we can catch packet in 10.63.26.19: tcpdump -ni eth0 mpls and icmp 通过在中间跳机器tcpdump抓取mpls的包
Done!
