瑞星卡卡安全论坛

首页 » 技术交流区 » 系统软件 » MPLS网络改造中X.25路由的处理方法【转贴】
偶崃饭定 - 2007-11-28 21:09:00
转自杜松之家;http://www.juniperbbs.net/index.php
I、问题描述:
最近技术咨询中遇到的问题,某省运营商网络改造,建立MPLS骨干网络,MPLS目标省中心服务器将划分入对应VPN中。现网中
,地市有些很旧的话务采集机,系用X.25协议(不支持IP),现在穿过IP网络与省中心服务器有业务流量。勘查发现,现地市X .25配置类似:
------------------------------------------------------------
---
!
x25 route 1761 xot 15.14.10.9 xot-source
FastEthernet1/0.99
x25 route 1762 xot 15.14.10.9 xot-source
FastEthernet1/0.99
x25 route 1751 xot 15.14.10.71 xot-source
FastEthernet1/0.99
x25 route 1752 xot 15.14.10.71 xot-source
FastEthernet1/0.99
x25 route 1781 xot 15.19.10.111 xot-source
FastEthernet1/0.99
x25 route 1782 xot 15.14.10.111 xot-source
FastEthernet1/0.99
x25 route 1771 xot 15.14.10.8 xot-source
FastEthernet1/0.99
x25 route 1772 xot 15.14.10.8 xot-source
FastEthernet1/0.99
x25 route 1731 xot 15.14.10.141 xot-source
FastEthernet1/0.99
x25 route 1732 xot 15.14.10.141 xot-source
FastEthernet1/0.99


-----------------------------------------------------------
II、问题分析:
该配置可能存在问题,目前接口Fa1/0.99在路由器上已经不存在。可以推测这个子接口曾经是存在的,否之以上这些命令配置不
上。启用了MPLS VPN之后,只需保证XOT的源---目的地址连通,X.25的通讯即可维持现状,不致中断。但目前源地址并不可靠,需明确以上
路由是否仍在使用,并且使用何源地址?


III、调试过程:
实验室验证过程如下:
连接R1--R2---R3---R4
配置:

R1:
!
hostname R1
!
x25 routing
!
interface Serial1/0
no
ip address
encapsulation x25
no ip mroute-cache
x25
address 45678
x25 win 5
x25 wout 5
x25 ips
256
x25 ops 256
x25 idle 1
!
R2:
service pad to-xot
!
hostname R2
!
x25
routing
!
!
!
interface Loopback0
ip address 10.1.2.2
255.255.255.0
!
interface Loopback10
ip address 10.99.99.99
255.255.255.0
!
interface Ethernet0/0
ip address 10.64.9.101
255.255.255.0
!
interface Serial2/0
no ip
address
encapsulation x25 dce
no ip mroute-cache
x25
win 5
x25 wout 5
x25 ips 256
x25 ops 256
x25
idle 1
!
router rip
network 10.0.0.0
!
!
x25 route ^4
interface Serial2/0 xot-keepalive-period 10 xot-keepalive-tries 3
x25 route
^12 xot 10.64.9.100 xot-source Loopback10
!

R3:
!hostname R3!x25
routing!!!interface Loopback0 ip address
10.1.3.1 255.255.255.0!interface Ethernet0/0 ip address
10.64.9.100 255.255.255.0!interface Serial2/0 bandwidth
384 no ip address encapsulation x25 no ip
route-cache no ip mroute-cache x25 win
7 x25 wout 7 x25 ips
1024 x25 ops 1024 x25 idle
1!router rip network
10.0.0.0!!x25 route ^12 interface Serial2/0
xot-keepalive-period 10 xot-keepalive-tries 3x25 route ^4 xot
10.64.9.101 xot-keepalive-period 10 xot-keepalive-tries 3 xot-source
Loopback0!
R4:
!hostname R4!interface
Ethernet0/0 ip address 10.64.9.88 255.255.255.0 no
keepalive!interface Serial1/0 bandwidth
384 no ip address encapsulation x25 dce x25 address
123456 x25 win 7 x25 wout
7 x25 ips 1024 x25 ops
1024 x25 idle 1!
line vty
0 4
no
login
!

测试步骤:
1、R1:
R1#pad 123456
Trying
123456...Open

R4>
2、R2
R2#show tcp

Stand-alone TCP connection to host
10.64.9.100
Connection state is ESTAB, I/O status: 1, unread input bytes:
0
Local host: 10.99.99.99, Local port:
11004
Foreign host: 10.64.9.100, Foreign port:
1998
3、R2删除loopback10
4、R1退出R4,再pad
123456
5、R2
R2#show tcp

Stand-alone TCP connection to
host 10.64.9.100
Connection state is ESTAB, I/O status: 1, unread input
bytes: 0
Local host: 10.64.9.101, Local port:
11005
Foreign host: 10.64.9.100, Foreign port:
1998

可见即使源接口不存在,XOT仍可建立会话,采用直连地址。



IV、解决办法:通过查看对应目的地址的下一跳接口,本端接口即为源地址。这样源地址---目的地址明确,确保对应地址对可以通信即可。

V、调试命令汇总:
show x25 pad—Shows information about current open connections,
including packet transmissions, X.3 parameter settings, and the current status
of virtual circuits.
show x25 xot—Shows information for all XOT virtual circuits that match
a given criterion.
show tcp—Shows the status of TCP connections.
pad—Use this command to log onto a PAD.
VI、本问题讨论URL:
http://www.one-tom.com/bbs/forum_posts.asp?TID=1974&PN=1


[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
1
查看完整版本: MPLS网络改造中X.25路由的处理方法【转贴】