1、先来认识一下VPNV4路由表和VPN路由表
<HUAWEI>dis bgp vpnv4 all routing-table 173.0.0.1 32
BGP local router ID : 45.21.0.3
Local AS number : 100
Total routes of Route Distinguisher(5000:1): 1 ——-先显示VPNv4路由,有可能有多个RD的路由
BGP routing table entry information of 173.0.0.1/32:
Label information (Received/Applied): 260303/NULL
From: 45.22.0.1 (77.1.1.1)
Route Duration: 0d12h13m03s
Relay IP Nexthop: 20.100.0.2
Relay IP Out-Interface: Eth-Trunk10
Relay Tunnel Out-Interface: Eth-Trunk10
Original nexthop: 45.22.0.1
Qos information : 0x0
Ext-Community: RT <5000 : 1>
AS-path 300, origin igp, localpref 100, pref-val 0, valid, internal, best, select, pre 255
Not advertised to any peer yet
VPN-Instance zwp, Router ID 45.21.0.3: ———-再遍历显示各个VPN的路由
Total Number of Routes: 1
BGP routing table entry information of 173.0.0.1/32:
Route Distinguisher: 5000:1
Remote-Cross route
Label information (Received/Applied): 260303/NULL
From: 45.22.0.1 (77.1.1.1)
Route Duration: 0d12h13m07s
Relay Tunnel Out-Interface: Eth-Trunk10
Original nexthop: 45.22.0.1
Qos information : 0x0
Ext-Community: RT <5000 : 1>
AS-path 300, origin igp, localpref 100, pref-val 0, valid, internal, best, select, pre 255
Not advertised to any peer yet
2、VPN路由表没有路由,VPNv4路由表有路由故障一:查看RT是否匹配:VPN实例的IRT是否和VPNv4路由的Ext-Community匹配
<HUAWEI>dis bgp vpnv4 all routing-table 1.2.3.4 32
BGP local router ID : 189.35.45.17
Local AS number : 100
Total routes of Route Distinguisher(1:1): 1
BGP routing table entry information of 1.2.3.4/32:
Label information (Received/Applied): 32797/NULL
From: 1.1.45.10 (189.35.45.10)
Route Duration: 00h00m25s
Relay IP Nexthop: 10.17.0.10
Relay IP Out-Interface: GigabitEthernet1/0/7
Relay Tunnel Out-Interface: GigabitEthernet1/0/7
Relay token: 0x2000033
Original nexthop: 1.1.45.10
Qos information : 0x0
Ext-Community:RT <1 : 1>
AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, best, select, pre 255, IGP cost 10
Not advertised to any peer yet
ip vpn-instance vrf1
ipv4-family
route-distinguisher 1:1
tnl-policy test
vpn-target 2:2 export-extcommunity
vpn-target 2:2 import-extcommunity ————–RT不匹配,无法交叉到VPN实例
3、VPN路由表没有路由,VPNv4路由表有路由故障二:查看VPN实例下是否配置入口策略
ip vpn-instance vrf1
ipv4-family
route-distinguisher 1:1
import route-policy test ————-通过此策略,才能交叉到VPN实例
vpn-target 2:2 1:1 export-extcommunity
vpn-target 2:2 1:1 import-extcommunity
#
<HUAWEI>dis c c route
#
route-policy test deny node 0
#
return
<HUAWEI>
4、VPN路由表没有路由,VPNv4路由表没路由故障可能原因
①相应的BGP邻居是否Established状态? display bgp vpnv4 all peer
②相应的BGP邻居是否发送了此路由?
③查看的路由掩码是否错误? display bgp vpnv4 all routing-table x.x.x.x x.x.x.x
④检查VPNv4地址族下的入口filter是否被deny?
ppeer x.x.x.x route-policy *** import
ppeer x.x.x.x ip-prefix *** import
ppeer x.x.x.x as-path-filter *** import
ppeer x.x.x.x filter-policy *** import
⑤检查是否存在as-path loop (display bgp error discard查看丢弃计数)
⑥检查是否配置了peer route-limit,路由超限导致被丢弃
⑦检查是否配置as-path-limit,路由的as-path个数超限导致被丢弃
⑧如果是从反射器学习路由,检查路由的Originator_ID(路由源的router-id )和本地router-id是否相同
⑨如果是直连EBGP邻居,如果下一跳不是接口地址,会丢弃
⑩检查VPNv4路由的ext-community和本地所有VPN实例的import vpn-target是否有匹配的(如果不匹配或者本地没有VPN实例,需要在VPNv4视图下undo policy vpn-target,反射器常用配置)
本文由 @哔哩哔哩 发布于弱电智能网 。
题图来自Unsplash,基于CC0协议
内容观点仅代表作者本人,弱电智能网平台仅提供信息存储空间服务。
如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。
文章名称:《华为NE路由器L3VPN故障分析之VPN路由表没有路由,VPNv4路由表有路由或者没路由》
文章链接:https://www.ruodian360.com/tech/networking/9606.html
添加微信ydian188免费入群,记得备注“弱电智能网”。
