NETWORK ENGINEER BLOG

Tips and Reviews for Engineers

トップ > ネットワーク > Cisco L2TPv3 の冗長化

Cisco L2TPv3 の冗長化

ネットワーク ネットワーク-Cisco ネットワーク-Cisco-ルーティング

L2TPv3 の Peer に Loopback インターフェースを指定し、当該ネットワークを OSPF 等のダイナミックルーティングで解決させる事で冗長化が可能です。切替時間は、ダイナミックルーティングの収束時間に依存します。

検証環境

f:id:FriendsNow:20130817160554p:plain:w600

設定例

メイン及び、バックアップ回線は、マルチキャストを透過しない WAN(地域 IP 網等)を想定します。
L2TPv3 用の Peer ネットワーク(Loopback)を、GRE over OSPF でメイン回線へアドバタイズし、バックアップ回線向けの Floating Static を定義します。

R1: csr1000v-packages-adventerprisek9.03.09.01.S.153-2.S1

hostname R1
!
pseudowire-class l2tpv3
 encapsulation l2tpv3
 ip local interface Loopback1
!
interface Loopback1
 ip address 1.1.1.1 255.255.255.0
 ip ospf network point-to-point
!
interface Tunnel1
 ip address 172.16.11.1 255.255.255.252
 tunnel source GigabitEthernet2
 tunnel destination 172.16.1.2
!
interface Tunnel2
 ip address 172.16.12.1 255.255.255.252
 tunnel source GigabitEthernet3
 tunnel destination 172.16.2.2
!
interface GigabitEthernet1
 no ip address
 negotiation auto
 no keepalive
 xconnect 2.2.2.2 1 encapsulation l2tpv3 pw-class l2tpv3
!
interface GigabitEthernet2
 ip address 172.16.1.1 255.255.255.0
 shutdown
 negotiation auto
!
interface GigabitEthernet3
 ip address 172.16.2.1 255.255.255.0
 negotiation auto
!
router ospf 1
 network 1.1.1.0 0.0.0.255 area 0
 network 172.16.11.0 0.0.0.3 area 0
!
ip route 2.2.2.0 255.255.255.0 Tunnel2 200
!
end

R2: csr1000v-packages-adventerprisek9.03.09.01.S.153-2.S1

hostname R2
!
pseudowire-class l2tpv3
 encapsulation l2tpv3
 ip local interface Loopback1

interface Loopback1
 ip address 2.2.2.2 255.255.255.0
 ip ospf network point-to-point
!
interface Tunnel1
 ip address 172.16.11.2 255.255.255.252
 tunnel source GigabitEthernet2
 tunnel destination 172.16.1.1
!
interface Tunnel2
 ip address 172.16.12.2 255.255.255.252
 tunnel source GigabitEthernet3
 tunnel destination 172.16.2.1
!
interface GigabitEthernet1
 no ip address
 negotiation auto
 no keepalive
 xconnect 1.1.1.1 1 encapsulation l2tpv3 pw-class l2tpv3
!
interface GigabitEthernet2
 ip address 172.16.1.2 255.255.255.0
 negotiation auto
!
interface GigabitEthernet3
 ip address 172.16.2.2 255.255.255.0
 negotiation auto
!
router ospf 1
 network 2.2.2.0 0.0.0.255 area 0
 network 172.16.11.0 0.0.0.3 area 0
!
ip route 1.1.1.0 255.255.255.0 Tunnel2 200
!
end

R3: csr1000v-packages-universalk9.03.10.00.S.153-3.S

hostname R3
!
interface GigabitEthernet1
 no ip address
 negotiation auto
 service instance 1 ethernet
  encapsulation untagged
  bridge-domain 1
!
interface GigabitEthernet2
 no ip address
 negotiation auto
 service instance 1 ethernet
  encapsulation untagged
  bridge-domain 1
!
end

確認例

L2TPv3 を Loopback インターフェースで確立しています。

R1#show l2tp tunnel transport

L2TP Tunnel Information Total tunnels 1 sessions 1

LocTunID   Type Prot  Local Address   Port  Remote Address  Port
3886356642 IP   115   1.1.1.1         0     2.2.2.2         0

正常時、対向の Loopback は OSPF で学習しています。

R1#sh ip route 2.2.2.2
Routing entry for 2.2.2.0/24
  Known via "ospf 1", distance 110, metric 1001, type intra area
  Last update from 172.16.11.2 on Tunnel1, 01:20:40 ago
  Routing Descriptor Blocks:
  * 172.16.11.2, from 2.2.2.2, 01:20:40 ago, via Tunnel1
      Route metric is 1001, traffic share count is 1

R2-R3 間で障害発生時は、Floating Static により、Backup 経路を使用します。

R1#show ip route 2.2.2.2
Routing entry for 2.2.2.0/24
  Known via "static", distance 200, metric 0 (connected)
  Routing Descriptor Blocks:
  * directly connected, via Tunnel2
      Route metric is 0, traffic share count is 1

L2TPv3 は新しい経路で再確立します。

R1#show l2tp session all

L2TP Session Information Total tunnels 1 sessions 1

Session id 2380820166 is up, logical session id 32777, tunnel id 3886356642
  Remote session id is 375499793, remote tunnel id 303422462
  Locally initiated session
  Unique ID is 0
Session Layer 2 circuit, type is Ethernet, name is GigabitEthernet1
  Session vcid is 1
  Circuit state is UP
    Local circuit state is UP
    Remote circuit state is UP
Call serial number is 2047900001
Remote tunnel name is R2
  Internet address is 2.2.2.2
Local tunnel name is R1
  Internet address is 1.1.1.1
IP protocol 115
  Session is L2TP signaled
  Session state is established, time since change 01:28:06
    0 Packets sent, 0 received
    0 Bytes sent, 0 received
  Last clearing of counters never
  Counters, ignoring last clear:
    0 Packets sent, 0 received
    0 Bytes sent, 0 received
    Receive packets dropped:
      out-of-order:             0
      other:                    0
      total:                    0
    Send packets dropped:
      exceeded session MTU:     0
      other:                    0
      total:                    0
  DF bit off, ToS reflect disabled, ToS value 0, TTL value 255
  Sending UDP checksums are disabled
  Received UDP checksums are verified
  No session cookie information available
  FS cached header information:
    encap size = 24 bytes
    45000014 00000000 ff73b571 01010101
    02020202 1661ac11
  Sequencing is off
  Conditional debugging is disabled
  SSM switch id is 4096, SSM segment id is 12300

以上