blob: dd265fa916263822065819eeea5393dfb89b1d35 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
########################
Dual-Hub DMVPN with VyOS
########################
DMVPN is a Dynamic Multipoint VPN technology that provides the capability
for creating a dynamic-mesh VPN network without having to pre-configure
(static) all possible tunnel end-point peers those simplifying deployment
and management of the newly added remote sites. There are 3 main protocols
primarily used to implement DMVPN:
* NHRP - provides the dynamic tunnel endpoint discovery mechanism (endpoint
registration, and endpoint discovery/lookup)
* mGRE - provides the tunnel encapsulation itself
* IPSec - protocols handle the key exchange, and crypto mechanism
For his example we are using the following devices:
* 2 x Hubs
* 3 x Spokes
* 1 x Client device (VPC)
* 1 x ISP router
The following software was used in the creation of this document:
* Operating system: VyOS
* Version: 1.3-beta-202112090443
* Image name: vyos-1.3-beta-202112090443-amd64.iso
********
Topology
********
.. image:: /_static/images/VyOS_Dual-Hub_DMVPN.png
:width: 80%
:align: center
:alt: Network Topology Diagram
******************************************
Network Addressing and Protocol Parameters
******************************************
The following ip addressing schema used for the devices IPv4 connectivity:
10.X1.0.0/30 - p2p Hubs to ISP networks, where X is Hub site number
10.Y1.1.0/24 - p2p Spokes to ISP networks(DHCP), where Y is Spoke site number
172.16.253.0/29 - tunnels addressing for Hub-1 connections
172.16.254.0/29 - tunnels addressing for Hub-2 connections
192.168.0.0/24 - HQ site local network
192.168.Z.0/24 - remote sites local network, where Z is Spoke site number
eBGP parameters for the routers:
AS65000 - HQ (Hub-1 and Hub-2)
AS6500X - Spokes, where X is Spoke site number
*************
Configuration
*************
Step-1: Configuring IGP and enabling MPLS LDP
=============================================
At the first step we need to configure the IP/MPLS backbone network using OSPF as
IGP protocol and LDP as label-switching protocol for the base connectivity between
**P** (rovider), **P** (rovider) **E** (dge) and **R** (oute) **R** (eflector) nodes:
- VyOS-P1:
.. code-block:: none
# interfaces
set interfaces dummy dum10 address '10.0.0.3/32'
set interfaces ethernet eth0 address '172.16.30.1/24'
set interfaces ethernet eth1 address '172.16.40.1/24'
set interfaces ethernet eth2 address '172.16.90.1/24'
set interfaces ethernet eth3 address '172.16.10.1/24'
set interfaces ethernet eth5 address '172.16.100.1/24'
# protocols ospf+ldp
set protocols mpls interface 'eth1'
set protocols mpls interface 'eth2'
set protocols mpls interface 'eth3'
set protocols mpls interface 'eth5'
set protocols mpls interface 'eth0'
set protocols mpls ldp discovery transport-ipv4-address '10.0.0.3'
set protocols mpls ldp interface 'eth0'
set protocols mpls ldp interface 'eth1'
set protocols mpls ldp interface 'eth2'
set protocols mpls ldp interface 'eth3'
set protocols mpls ldp interface 'eth5'
set protocols mpls ldp router-id '10.0.0.3'
set protocols ospf area 0 network '0.0.0.0/0'
set protocols ospf parameters abr-type 'cisco'
set protocols ospf parameters router-id '10.0.0.3
|
