所谓的Hub点就是汇聚Spoke节点的中心节点,而Spoke节点就是分支节点,如果在MPLS VPN中,Spoke节点需要通过中心节点Hub进行通信,那么就需要使用Hub&Spoke组网方式,在《MPLS和VPN体系结构》这本书中叫做星型拓扑,本实验的拓扑图是基于这本书中的拓扑图,由于书中并没有讲配置,并且进得也很模糊,现在就用实验进行分析,Spoke节点之间的流量是如何通过中心的CE进行通信的,实验拓扑图如下:
实验要求: 昆明分部的R7需要通过上海总部的R1和R2访问贵阳分部的R6;
测试方法:在CE-R7带上源地址7.7.7.7 ping R6上的环回接口6.6.6.6,并在traceroute 6.6.6.6 查看所经过的路径是否通过R1和R2。
关于PE-R3上的VRF配置及RT的设计分析,在PE-R3与上海总部互连时,需要配置两个不同的VRF,一个用于接收路由,一个用于发布路由,因此route-target的设计很重要,如果在PE-R3与上海总部互连的两个接口上配置同一个VRF的话,路由上就会存在问题,昆明分部想要通过上海总部访问贵阳分部是无法访问的,因此我们需要配置两个不同的VRF,分别为import_in用于路由的导入,export_out用于路由的导出,并且在设置route-target时,VRF import_in只配置import,不需要配置export,而export_out只需配置export,不需要配置import,具体参数见拓扑图。
CE-R1: interface Loopback0 ip address 1.1.1.1 255.255.255.255 interface FastEthernet0/0 ip address 13.1.1.1 255.255.255.252 interface FastEthernet0/1 ip address 12.1.1.1 255.255.255.252 router bgp 120 bgp router-id 1.1.1.1 bgp log-neighbor-changes network 1.1.1.1 mask 255.255.255.255 network 12.1.1.0 mask 255.255.255.252 network 13.1.1.0 mask 255.255.255.252 neighbor 12.1.1.2 remote-as 120 neighbor 12.1.1.2 next-hop-self neighbor 13.1.1.2 remote-as 100
CE-R2: interface Loopback0 ip address 2.2.2.2 255.255.255.255 interface FastEthernet0/0 ip address 12.1.1.2 255.255.255.252 interface FastEthernet0/1 ip address 23.1.1.1 255.255.255.252 router bgp 120 bgp router-id 2.2.2.2 bgp log-neighbor-changes network 2.2.2.2 mask 255.255.255.255 network 23.1.1.0 mask 255.255.255.252 neighbor 12.1.1.1 remote-as 120 neighbor 12.1.1.1 next-hop-self neighbor 23.1.1.2 remote-as 100
PE-R3: interface Loopback0 ip address 3.3.3.3 255.255.255.255 interface FastEthernet0/0 ip vrf forwarding import_in ip address 13.1.1.2 255.255.255.252 interface FastEthernet0/1 ip vrf forwarding export_out ip address 23.1.1.2 255.255.255.252 interface FastEthernet1/0 ip address 34.1.1.1 255.255.255.252 mpls ip interface FastEthernet1/1 ip address 35.1.1.1 255.255.255.252 mpls ip ! router ospf 1 router-id 3.3.3.3 network 3.3.3.3 0.0.0.0 area 0 network 34.1.1.0 0.0.0.3 area 0 network 35.1.1.0 0.0.0.3 area 0 ! router bgp 100 bgp router-id 3.3.3.3 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor 4.4.4.4 remote-as 100 neighbor 4.4.4.4 update-source Loopback0 neighbor 5.5.5.5 remote-as 100 neighbor 5.5.5.5 update-source Loopback0 address-family vpnv4 neighbor 4.4.4.4 activate neighbor 4.4.4.4 send-community extended neighbor 5.5.5.5 activate neighbor 5.5.5.5 send-community extended ! address-family ipv4 vrf export_out neighbor 23.1.1.1 remote-as 120 neighbor 23.1.1.1 activate address-family ipv4 vrf import_in neighbor 13.1.1.1 remote-as 120 neighbor 13.1.1.1 activate
PE-R4: interface Loopback0 ip address 4.4.4.4 255.255.255.255 interface FastEthernet0/0 ip address 34.1.1.2 255.255.255.252 mpls ip interface FastEthernet0/1 ip vrf forwarding Ting ip address 46.1.1.1 255.255.255.252 router ospf 1 router-id 4.4.4.4 network 4.4.4.4 0.0.0.0 area 0 network 34.1.1.0 0.0.0.3 area 0 ! router bgp 100 bgp router-id 4.4.4.4 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor 3.3.3.3 remote-as 100 neighbor 3.3.3.3 update-source Loopback0 address-family vpnv4 neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-community extended address-family ipv4 vrf Ting neighbor 46.1.1.2 remote-as 60 neighbor 46.1.1.2 activate
CE-R5: interface Loopback0 ip address 5.5.5.5 255.255.255.255 interface FastEthernet0/0 ip address 35.1.1.2 255.255.255.252 mpls ip ! interface FastEthernet0/1 ip vrf forwarding Hai ip address 57.1.1.1 255.255.255.252 router ospf 1 router-id 5.5.5.5 network 5.5.5.5 0.0.0.0 area 0 network 35.1.1.0 0.0.0.3 area 0 router bgp 100 bgp router-id 5.5.5.5 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor 3.3.3.3 remote-as 100 neighbor 3.3.3.3 update-source Loopback0 address-family vpnv4 neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-community extended address-family ipv4 vrf Hai neighbor 57.1.1.2 remote-as 70 neighbor 57.1.1.2 activate
CE-R6: interface Loopback0 ip address 6.6.6.6 255.255.255.255 interface FastEthernet0/0 ip address 46.1.1.2 255.255.255.252 router bgp 60 bgp router-id 6.6.6.6 bgp log-neighbor-changes network 6.6.6.6 mask 255.255.255.255 network 46.1.1.0 mask 255.255.255.252 neighbor 46.1.1.1 remote-as 100
CE-R7: interface Loopback0 ip address 7.7.7.7 255.255.255.255 interface FastEthernet0/0 ip address 57.1.1.2 255.255.255.252 router bgp 70 bgp router-id 7.7.7.7 bgp log-neighbor-changes network 7.7.7.7 mask 255.255.255.255 network 57.1.1.0 mask 255.255.255.252 neighbor 57.1.1.1 remote-as 100
在PE-R3上查看BGP vpn4邻居情况
R3#show ip bgp vpnv4 all su
BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 61, main routing table version 61
18 network entries using 3024 bytes of memory
18 path entries using 1152 bytes of memory
6/6 BGP path/bestpath attribute entries using 864 bytes of memory
3 BGP AS-PATH entries using 72 bytes of memory
2 BGP extended community entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 5160 total bytes of memory
BGP activity 35/17 prefixes, 44/26 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
4.4.4.4 4 100 454 459 61 0 0 06:41:45 2
5.5.5.5 4 100 342 462 61 0 0 06:38:52 2
13.1.1.1 4 120 115 115 61 0 0 01:36:25 5
23.1.1.1 4 120 135 113 61 0 0 01:35:45 5
其四个邻居建立成功,并且收到相应的路由;
R3#show ip bgp vpnv4 all
BGP table version is 61, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:6
*>i 6.6.6.6/32 4.4.4.4 0 100 0 60 i
*>i 46.1.1.0/30 4.4.4.4 0 100 0 60 i
Route Distinguisher: 100:7
*>i 7.7.7.7/32 5.5.5.5 0 100 0 70 i
*>i 57.1.1.0/30 5.5.5.5 0 100 0 70 i
Route Distinguisher: 100:11 (default for vrf import_in)
*> 1.1.1.1/32 13.1.1.1 0 0 120 i
*> 2.2.2.2/32 13.1.1.1 0 120 i
*>i 6.6.6.6/32 4.4.4.4 0 100 0 60 i
*>i 7.7.7.7/32 5.5.5.5 0 100 0 70 i
*> 12.1.1.0/30 13.1.1.1 0 0 120 i
r> 13.1.1.0/30 13.1.1.1 0 0 120 i
*> 23.1.1.0/30 13.1.1.1 0 120 i
*>i 46.1.1.0/30 4.4.4.4 0 100 0 60 i
Network Next Hop Metric LocPrf Weight Path
*>i 57.1.1.0/30 5.5.5.5 0 100 0 70 i
Route Distinguisher: 100:22 (default for vrf export_out)
*> 1.1.1.1/32 23.1.1.1 0 120 i
*> 2.2.2.2/32 23.1.1.1 0 0 120 i
*> 12.1.1.0/30 23.1.1.1 0 120 i
*> 13.1.1.0/30 23.1.1.1 0 120 i
r> 23.1.1.0/30 23.1.1.1 0 0 120 i
从以上可知RD为100:11的有import_in 为100:67,而PE-R4及PE-R5的export为100:67,因此R6和R7的路由加入路由表项中,而RD 为100:22的VRF中,并没有设置import,不能从BGP VPNV4中导入任何路由,因此其收到的路由都是CE-R2通过EBGP传递过来的,其下跳都为23.1.1.1;
在R2上查看BGP路由情况
R2#show ip bgp all
For address family: IPv4 Unicast
BGP table version is 24, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 1.1.1.1/32 12.1.1.1 0 100 0 i
*> 2.2.2.2/32 0.0.0.0 0 32768 i
*>i 6.6.6.6/32 12.1.1.1 0 100 0 100 60 i
*>i 7.7.7.7/32 12.1.1.1 0 100 0 100 70 i
r>i 12.1.1.0/30 12.1.1.1 0 100 0 i
*>i 13.1.1.0/30 12.1.1.1 0 100 0 i
*> 23.1.1.0/30 0.0.0.0 0 32768 i
*>i 46.1.1.0/30 12.1.1.1 0 100 0 100 60 i
*>i 57.1.1.0/30 12.1.1.1 0 100 0 100 70 i
从上可看出,其收到的路由都是来至于R1,并且通过ibgp传递过来,并且经过的AS号为100 60;
在PE-R3查看VRF export_out的路由表项
R3#show ip route vrf export_out
Routing Table: export_out
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [20/0] via 23.1.1.1, 01:41:20
2.0.0.0/32 is subnetted, 1 subnets
B 2.2.2.2 [20/0] via 23.1.1.1, 01:41:20
12.0.0.0/30 is subnetted, 1 subnets
B 12.1.1.0 [20/0] via 23.1.1.1, 01:41:20
13.0.0.0/30 is subnetted, 1 subnets
B 13.1.1.0 [20/0] via 23.1.1.1, 01:41:20
23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 23.1.1.0/30 is directly connected, FastEthernet0/1
L 23.1.1.2/32 is directly connected, FastEthernet0/1
从此可知,路由表中并没有R7及R6的路由,为什么R2从R1那儿收到了,没有传递给R3呢?因为BGP的防环机制,因为R7及R6的路由也是经过PE-R3传输给CE-R1的,其属性值带得有AS 100,因此在R2传递给R3时,查看到其带有自身AS号,拒绝将其加入路由表,那么此时我们在R6和R7上查看路由情况,会是怎么样呢?
R7#show ip route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [20/0] via 57.1.1.1, 01:46:35
2.0.0.0/32 is subnetted, 1 subnets
B 2.2.2.2 [20/0] via 57.1.1.1, 01:46:35
7.0.0.0/32 is subnetted, 1 subnets
C 7.7.7.7 is directly connected, Loopback0
12.0.0.0/30 is subnetted, 1 subnets
B 12.1.1.0 [20/0] via 57.1.1.1, 01:46:35
13.0.0.0/30 is subnetted, 1 subnets
B 13.1.1.0 [20/0] via 57.1.1.1, 01:46:35
23.0.0.0/30 is subnetted, 1 subnets
B 23.1.1.0 [20/0] via 57.1.1.1, 01:46:35
57.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 57.1.1.0/30 is directly connected, FastEthernet0/0
L 57.1.1.2/32 is directly connected, FastEthernet0/0
R6#show ip route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [20/0] via 46.1.1.1, 01:51:27
2.0.0.0/32 is subnetted, 1 subnets
B 2.2.2.2 [20/0] via 46.1.1.1, 01:51:27
6.0.0.0/32 is subnetted, 1 subnets
C 6.6.6.6 is directly connected, Loopback0
12.0.0.0/30 is subnetted, 1 subnets
B 12.1.1.0 [20/0] via 46.1.1.1, 01:51:27
13.0.0.0/30 is subnetted, 1 subnets
B 13.1.1.0 [20/0] via 46.1.1.1, 01:51:27
23.0.0.0/30 is subnetted, 1 subnets
B 23.1.1.0 [20/0] via 46.1.1.1, 01:51:27
46.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 46.1.1.0/30 is directly connected, FastEthernet0/0
L 46.1.1.2/32 is directly connected, FastEthernet0/0
从上可知R7上并没有收到R6的路由,R7也没有收到R6的路由,但都能收到R1和R2的路由,其原因是PE-R3上配置的VRF export_out的RT export 为100:12,而在上面提到的VRF export_out中恰好有这些路由表项,在PE-R4和PE-R5上设置的import为100:12,因此能将其加入路由表,传输给CE路由器;
现在需要将PE-R3的VRF export_out中收到R6和R7的路由,上面已经提到原因了,因为BGP 的防环机制,所在需要在PE-R3上配置允许AS号相同的路由进入,如下配置:
R3(config)#router bgp 100
R3(config-router)#address-family ipv4 vrf export_out
R3(config-router-af)#neighbor 23.1.1.1 allowas-in 3 //允许其自治系统号重复的次数
现在查看PE-R3的路由情况
R3#show ip bgp vpnv4 all
BGP table version is 65, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:6
*>i 6.6.6.6/32 4.4.4.4 0 100 0 60 i
*>i 46.1.1.0/30 4.4.4.4 0 100 0 60 i
Route Distinguisher: 100:7
*>i 7.7.7.7/32 5.5.5.5 0 100 0 70 i
*>i 57.1.1.0/30 5.5.5.5 0 100 0 70 i
Route Distinguisher: 100:11 (default for vrf import_in)
*> 1.1.1.1/32 13.1.1.1 0 0 120 i
*> 2.2.2.2/32 13.1.1.1 0 120 i
*>i 6.6.6.6/32 4.4.4.4 0 100 0 60 i
*>i 7.7.7.7/32 5.5.5.5 0 100 0 70 i
*> 12.1.1.0/30 13.1.1.1 0 0 120 i
r> 13.1.1.0/30 13.1.1.1 0 0 120 i
*> 23.1.1.0/30 13.1.1.1 0 120 i
*>i 46.1.1.0/30 4.4.4.4 0 100 0 60 i
Network Next Hop Metric LocPrf Weight Path
*>i 57.1.1.0/30 5.5.5.5 0 100 0 70 i
Route Distinguisher: 100:22 (default for vrf export_out)
*> 1.1.1.1/32 23.1.1.1 0 120 i
*> 2.2.2.2/32 23.1.1.1 0 0 120 i
*> 6.6.6.6/32 23.1.1.1 0 120 100 60 i
*> 7.7.7.7/32 23.1.1.1 0 120 100 70 i
*> 12.1.1.0/30 23.1.1.1 0 120 i
*> 13.1.1.0/30 23.1.1.1 0 120 i
r> 23.1.1.0/30 23.1.1.1 0 0 120 i
*> 46.1.1.0/30 23.1.1.1 0 120 100 60 i
*> 57.1.1.0/30 23.1.1.1 0 120 100 70 i
从上述输出可看出,R6和R7上的路由已经加入路由表,并且其下一跳是23.1.1.1,由CE-R2通告过来的,其经过的路径为120 100 60、120 100 70;
R3#show ip bgp vpnv4 all 6.6.6.6
BGP routing table entry for 100:6:6.6.6.6/32, version 36
Paths: (1 available, best #1, no table)
Not advertised to any peer
Refresh Epoch 4
60
4.4.4.4 (metric 2) from 4.4.4.4 (4.4.4.4)
Origin IGP, metric 0, localpref 100, valid, internal, best
Extended Community: RT:100:67
mpls labels in/out nolabel/203
BGP routing table entry for 100:11:6.6.6.6/32, version 40
Paths: (1 available, best #1, table import_in)
Advertised to update-groups:
3
Refresh Epoch 3
60, imported path from 100:6:6.6.6.6/32
4.4.4.4 (metric 2) from 4.4.4.4 (4.4.4.4)
Origin IGP, metric 0, localpref 100, valid, internal, best
Extended Community: RT:100:67
mpls labels in/out nolabel/203
BGP routing table entry for 100:22:6.6.6.6/32, version 62
Paths: (1 available, best #1, table export_out)
Advertised to update-groups:
2
Refresh Epoch 6
120 100 60
23.1.1.1 from 23.1.1.1 (2.2.2.2)
Origin IGP, localpref 100, valid, external, best
Extended Community: RT:100:12
mpls labels in/out 105/nolabel
在R6和R7上查看路由情况
R6#show ip route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [20/0] via 46.1.1.1, 02:12:58
2.0.0.0/32 is subnetted, 1 subnets
B 2.2.2.2 [20/0] via 46.1.1.1, 02:12:58
6.0.0.0/32 is subnetted, 1 subnets
C 6.6.6.6 is directly connected, Loopback0
7.0.0.0/32 is subnetted, 1 subnets
B 7.7.7.7 [20/0] via 46.1.1.1, 00:11:02
12.0.0.0/30 is subnetted, 1 subnets
B 12.1.1.0 [20/0] via 46.1.1.1, 02:12:58
13.0.0.0/30 is subnetted, 1 subnets
B 13.1.1.0 [20/0] via 46.1.1.1, 02:12:58
23.0.0.0/30 is subnetted, 1 subnets
B 23.1.1.0 [20/0] via 46.1.1.1, 02:12:58
46.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 46.1.1.0/30 is directly connected, FastEthernet0/0
L 46.1.1.2/32 is directly connected, FastEthernet0/0
57.0.0.0/30 is subnetted, 1 subnets
B 57.1.1.0 [20/0] via 46.1.1.1, 00:11:02
R7#show ip route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [20/0] via 57.1.1.1, 02:13:11
2.0.0.0/32 is subnetted, 1 subnets
B 2.2.2.2 [20/0] via 57.1.1.1, 02:13:11
6.0.0.0/32 is subnetted, 1 subnets
B 6.6.6.6 [20/0] via 57.1.1.1, 00:11:14
7.0.0.0/32 is subnetted, 1 subnets
C 7.7.7.7 is directly connected, Loopback0
12.0.0.0/30 is subnetted, 1 subnets
B 12.1.1.0 [20/0] via 57.1.1.1, 02:13:11
13.0.0.0/30 is subnetted, 1 subnets
B 13.1.1.0 [20/0] via 57.1.1.1, 02:13:11
23.0.0.0/30 is subnetted, 1 subnets
B 23.1.1.0 [20/0] via 57.1.1.1, 02:13:11
46.0.0.0/30 is subnetted, 1 subnets
B 46.1.1.0 [20/0] via 57.1.1.1, 00:11:14
57.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 57.1.1.0/30 is directly connected, FastEthernet0/0
L 57.1.1.2/32 is directly connected, FastEthernet0/0
实验测试:
R6#ping 7.7.7.7 source loopback 0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
Packet sent with a source address of 6.6.6.6
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 180/196/208 ms
R6#traceroute 7.7.7.7 source loopback 0
Type escape sequence to abort.
Tracing the route to 7.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 46.1.1.1 96 msec 96 msec 100 msec
2 23.1.1.2 [AS 120] [MPLS: Label 102 Exp 0] 100 msec 96 msec 96 msec
3 23.1.1.1 [AS 120] 140 msec 96 msec 160 msec
4 12.1.1.1 [AS 120] 208 msec 136 msec 108 msec
5 13.1.1.2 [AS 120] 180 msec 224 msec 148 msec
6 57.1.1.1 [AS 70] [MPLS: Label 303 Exp 0] 168 msec 148 msec 104 msec
7 57.1.1.2 [AS 70] 228 msec 208 msec 176 msec
从上可知,路径为:R6->R4->R3->R2->R1->R3->R5->R7
R7#ping 6.6.6.6 source loopback 0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 6.6.6.6, timeout is 2 seconds:
Packet sent with a source address of 7.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 176/200/212 ms
R7#traceroute 6.6.6.6 source loopback 0
Type escape sequence to abort.
Tracing the route to 6.6.6.6
VRF info: (vrf in name/id, vrf out name/id)
1 57.1.1.1 92 msec 100 msec *
2 23.1.1.2 [AS 120] [MPLS: Label 105 Exp 0] 120 msec 116 msec 180 msec
3 23.1.1.1 [AS 120] 132 msec 168 msec 136 msec
4 12.1.1.1 [AS 120] 144 msec 96 msec 144 msec
5 13.1.1.2 [AS 120] 140 msec 224 msec 140 msec
6 46.1.1.1 [AS 60] [MPLS: Label 203 Exp 0] 212 msec 148 msec 136 msec
7 46.1.1.2 [AS 60] 204 msec * 172 msec
从上可知,路径为:R7->R5->R3->R2->R1->R3->R4->R6
MPLS VPN 之Hub&Spoke配置及路由分析