为了帮助大家更好的复习2014年思科考试科目,我们考吧(kao8.cc)主要为大家汇编了以下辅导资料,希望考生们能够喜欢。想了解更多相关思科考试信息,我们考吧网会第一时间为大家奉上。
如下图的MPLS VPN实验拓扑中,R2-R3-R4处于同一AS,IGP使用OSPF,CE设备R1和R5和骨干网运行BGP协议。所有设备的loopback0地址配置24位的掩码。
按照MPLS VPN组网,完成所有配置,最后发现CE设备R1和R5可以相互学习到对方的路由,但是互ping不通,traceroute仅能到达互联的PE;PE设备R2和R4之间加入vrf的loopback接口,相互也不能ping通。整个网络,路由平面正常,但是数据转发平面不正常。
死活找不到原因,确认所有配置都完整,还是无法找到问题原因。无意中发现一条log信息:*Mar 1 00:27:00.187: %BGP-4-VPNV4NH_MASK: Nexthop 2.2.2.2 may not be reachable from neigbor 4
检索“%BGP-4-VPNV4NH_MASK”找到以下类似cisco官方资料:
Error Message
%BGP-4-VPNV4NH_MASK: Nexthop [IP_address] may not be reachable from neigbor [IP_address] - not /32 mask
Explanation A Virtual Private Network Version 4 (VPNv4) route is being sent to the specified internal BGP (IBGP) neighbor, and the next-hop address is a loopback that does not have the IP host mask /32. OSPF is being used on this loopback, and the OSPF network type of this interface is LOOPBACK. OSPF advertises this address as a host route with the IP host mask /32, regardless of what mask is configured. Because this configuration conflicts with Tag Distribution Protocol (TDP), which uses configured masks, the TDP neighbors may not receive a tag for this route. This problem can break connectivity between sites that belong to the same VPN.
Recommended Action Configure the loopback that is used as the next hop with the IP host mask /32.
从以上资料才得知,loopback0配置了24位掩码是问题根源,以前习惯使用32位掩码的时候从来也没有遇到这种问题。解决方法有两个:
1、修改loopback0的掩码为32位
2、在loopback0接口下增加一条命令,还原其网络类型ip ospf net point-to-point
推荐阅读:
请微信扫码打开
