- 产品与解决方案
- 行业解决方案
- 服务
- 支持
- 合作伙伴
- 关于我们
07-MPLS L2VPN配置举例
本章节下载: 07-MPLS L2VPN配置举例 (421.29 KB)
目 录
用户网络有三个站点,站点CE分别为CE 1、CE 2和CE 3。站点1有两个用户VLAN(VLAN 10和VLAN 20),站点2有一个用户VLAN(VLAN 10),站点3有一个用户VLAN(VLAN 20)。
通过在骨干网的PE上配置本地交换,实现站点1与站点2之间的VLAN 10互联,站点1与站点3之间的VLAN 20互联,但不消耗PE设备上的VLAN资源。
表1-1 组网图示例接口与设备实际接口对应关系
|
组网图示例接口 |
设备实际接口 |
|
Interface1 |
Ten-GigabitEthernet3/0/1 |
|
Interface2 |
Ten-GigabitEthernet3/0/2 |
|
Interface3 |
Ten-GigabitEthernet3/0/3 |
(1) 配置CE 1
# 配置接口Ten-GigabitEthernet3/0/1为Trunk口,允许VLAN 10和VLAN 20的报文通过。
<Sysname> system-view
[Sysname] sysname CE1
[CE1] interface ten-gigabitethernet 3/0/1
[CE1-Ten-GigabitEthernet3/0/1] port link-type trunk
[CE1-Ten-GigabitEthernet3/0/1] port trunk permit vlan 10 20
[CE1-Ten-GigabitEthernet3/0/1] quit
# 创建VLAN 10,并配置接口Vlan-interface10的IP地址。
[CE1] vlan 10
[CE1-vlan10] quit
[CE1] interface vlan-interface 10
[CE1-Vlan-interface10] ip address 10.1.1.1 24
[CE1-Vlan-interface10] quit
# 创建VLAN 20,并配置接口Vlan-interface20的IP地址。
[CE1] vlan 20
[CE1-vlan20] quit
[CE1] interface vlan-interface 20
[CE1-Vlan-interface20] ip address 10.2.1.1 24
[CE1-Vlan-interface20] quit
(2) 配置CE 2
# 配置VLAN 10和接口Vlan-interface10。
<Sysname> system-view
[Sysname] sysname CE2
[CE2] vlan 10
[CE2-vlan10] port ten-gigabitethernet 3/0/1
[CE2-vlan10] quit
[CE2] interface vlan-interface 10
[CE2-Vlan-interface10] ip address 10.1.1.2 24
(3) 配置CE 3
# 配置VLAN 20和接口Vlan-interface20。
<Sysname> system-view
[Sysname] sysname CE3
[CE3] vlan 20
[CE3-vlan20] port ten-gigabitethernet 3/0/1
[CE3-vlan20] quit
[CE3] interface vlan-interface 20
[CE3-Vlan-interface20] ip address 10.2.1.2 24
(4) 配置PE
# 开启L2VPN功能。
<Sysname> system-view
[Sysname] sysname PE
[PE] l2vpn enable
# 在接口Ten-GigabitEthernet3/0/1上创建以太网服务实例10和20,用来匹配VLAN 10和20的报文。
[PE] vlan 10
[PE-vlan10] quit
[PE] vlan 20
[PE-vlan20] quit
[PE] interface ten-gigabitethernet 3/0/1
[PE-Ten-GigabitEthernet3/0/1] port link-type trunk
[PE-Ten-GigabitEthernet3/0/1] port trunk permit vlan 10 20
[PE-Ten-GigabitEthernet3/0/1] service-instance 10
[PE-Ten-GigabitEthernet3/0/1-srv10] encapsulation s-vid 10
[PE-Ten-GigabitEthernet3/0/1-srv10] quit
[PE-Ten-GigabitEthernet3/0/1] service-instance 20
[PE-Ten-GigabitEthernet3/0/1-srv20] encapsulation s-vid 20
[PE-Ten-GigabitEthernet3/0/1-srv20] quit
[PE-Ten-GigabitEthernet3/0/1] quit
# 在接口Ten-GigabitEthernet3/0/2上创建以太网服务实例10,用来匹配VLAN 10的报文。
[PE] interface ten-gigabitethernet 3/0/2
[PE-Ten-GigabitEthernet3/0/2] port access vlan 10
[PE-Ten-GigabitEthernet3/0/2] service-instance 10
[PE-Ten-GigabitEthernet3/0/2-srv10] encapsulation s-vid 10
[PE-Ten-GigabitEthernet3/0/2-srv10] quit
# 在接口Ten-GigabitEthernet3/0/3上创建以太网服务实例20,用来匹配VLAN 20的报文。
[PE] interface ten-gigabitethernet 3/0/3
[PE-Ten-GigabitEthernet3/0/3] port access vlan 20
[PE-Ten-GigabitEthernet3/0/3] service-instance 20
[PE-Ten-GigabitEthernet3/0/3-srv10] encapsulation s-vid 20
[PE-Ten-GigabitEthernet3/0/3-srv10] quit
# 创建交叉连接组vpn1,在该交叉连接组内创建名称为vlan10的交叉连接,并和接口Ten-GigabitEthernet3/0/1、Ten-GigabitEthernet3/0/2的服务实例10关联,用来实现VLAN 10报文的转发。
[PE] xconnect-group vpn1
[PE-xcg-vpn1] connection vlan10
[PE-xcg-vpn1-vlan10] ac interface ten-gigabitethernet 3/0/1 service-instance 10
[PE-xcg-vpn1-vlan10-Ten-GigabitEthernet3/0/1-srv10] quit
[PE-xcg-vpn1-vlan10] ac interface ten-gigabitethernet 3/0/2 service-instance 10
[PE-xcg-vpn1-vlan10-Ten-GigabitEthernet3/0/2] quit
[PE-xcg-vpn1-vlan10] quit
# 在交叉连接组vpn1内创建名称为vlan20的交叉连接,并和接口Ten-GigabitEthernet3/0/1、Ten-GigabitEthernet3/0/3的服务实例20关联,用来实现VLAN 20报文的转发。
[PE-xcg-vpn1] connection vlan20
[PE-xcg-vpn1-vlan20] ac interface ten-gigabitethernet 3/0/1 service-instance 20
[PE-xcg-vpn1-vlan20-Ten-GigabitEthernet3/0/1-srv20] quit
[PE-xcg-vpn1-vlan20] ac interface ten-gigabitethernet 3/0/3 service-instance 20
[PE-xcg-vpn1-vlan20-Ten-GigabitEthernet3/0/3] quit
[PE-xcg-vpn1-vlan20] quit
[PE-xcg-vpn1] quit
# 在PE上查看AC转发表项,可以看到四条AC表项。
[PE] display l2vpn forwarding ac
Total number of cross-connections: 2
Total number of ACs: 4
AC Xconnect-group Name Link ID
XGE1/0/1 srv10 vpn1 0
XGE1/0/1 srv20 vpn1 0
XGE1/0/2 vpn1 1
XGE1/0/3 vpn1 1
· CE1
#
sysname CE1
#
vlan 10
#
vlan 20
#
interface Vlan-interface10
ip address 10.1.1.1 255.255.255.0
#
interface Vlan-interface20
ip address 10.2.1.1 255.255.255.0
#
interface Ten-GigabitEthernet3/0/1
port link-type trunk
port trunk permit vlan 1 10 20
#
return
· CE2
#
sysname CE2
#
vlan 10
#
interface Vlan-interface10
ip address 10.1.1.2 255.255.255.0
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
#
return
· CE3
#
sysname CE3
#
vlan 20
#
interface Vlan-interface20
ip address 10.2.1.2 255.255.255.0
#
interface Ten-GigabitEthernet3/0/1
port access vlan 20
#
return
· PE
#
sysname PE
#
vlan 10
#
vlan 20
#
l2vpn enable
#
interface Ten-GigabitEthernet3/0/1
port link-type trunk
port trunk permit vlan 1 10 20
service-instance 10
encapsulation s-vid 10
service-instance 20
encapsulation s-vid 20
#
interface Ten-GigabitEthernet3/0/2
port access vlan 10
service-instance 10
encapsulation s-vid 10
#
interface Ten-GigabitEthernet3/0/3
port access vlan 20
service-instance 20
encapsulation s-vid 20
#
xconnect-group vpn1
connection vlan10
ac interface Ten-GigabitEthernet3/0/1 service-instance 10
ac interface Ten-GigabitEthernet3/0/2 service-instance 10
connection vlan20
ac interface Ten-GigabitEthernet3/0/1 service-instance 20
ac interface Ten-GigabitEthernet3/0/3 service-instance 20
#
return
用户网络有若干个站点,希望通过在骨干网上建立静态PW,实现站点1的VLAN 10与站点2的VLAN 10互联。
在PE 1和PE 2分别创建以太网服务实例10,匹配接口Ten-GigabitEthernet3/0/1接收到的VLAN Tag为10的报文。
图1-2 静态PW配置组网图
表1-2 组网图示例接口与设备实际接口对应关系
|
组网图示例接口 |
设备实际接口 |
|
Interface1 |
Ten-GigabitEthernet3/0/1 |
表1-3 组网图接口与IP地址对应关系
|
设备 |
接口 |
IP地址 |
设备 |
接口 |
IP地址 |
|
CE 1 |
Vlan-int10 |
100.1.1.1/24 |
P |
Loop0 |
192.4.4.4/32 |
|
PE 1 |
Loop0 |
192.2.2.2/32 |
|
Vlan-int30 |
10.2.2.2/24 |
|
|
Vlan-int20 |
10.1.1.1/24 |
|
Vlan-int20 |
10.1.1.2/24 |
|
CE 2 |
Vlan-int10 |
100.1.1.2/24 |
PE 2 |
Loop0 |
192.3.3.3/32 |
|
|
|
|
|
Vlan-int30 |
10.2.2.1/24 |
(1) 配置CE 1
<Sysname> system-view
[Sysname] sysname CE1
[CE1] vlan 10
[CE1-vlan10] port ten-gigabitethernet 3/0/1
[CE1-vlan10] quit
[CE1] interface vlan-interface 10
[CE1-Vlan-interface10] ip address 100.1.1.1 24
[CE1-Vlan-interface10] quit
(2) 配置PE 1
# 配置LSR ID。
<Sysname> system-view
[Sysname] sysname PE1
[PE1] interface loopback 0
[PE1-LoopBack0] ip address 192.2.2.2 32
[PE1-LoopBack0] quit
[PE1] mpls lsr-id 192.2.2.2
# 开启L2VPN功能。
[PE1] l2vpn enable
# 全局使能LDP。
[PE1] mpls ldp
[PE1-ldp] quit
# 创建VLAN 20并将接口Ten-GigabitEthernet3/0/2加入VLAN 20。
[PE1] vlan 20
[PE1-vlan20] port ten-gigabitethernet 3/0/2
[PE1-vlan20] quit
# 配置连接P的接口Vlan-interface20,在此接口上使能LDP。
[PE1] interface vlan-interface 20
[PE1-Vlan-interface20] ip address 10.1.1.1 24
[PE1-Vlan-interface20] mpls enable
[PE1-Vlan-interface20] mpls ldp enable
[PE1-Vlan-interface20] quit
# 在PE 1上运行OSPF,用于建立LSP。
[PE1] ospf
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit
# 创建VLAN 10并将接口Ten-GigabitEthernet3/0/1加入VLAN 10。
[PE1] vlan 10
[PE1-vlan10] port ten-gigabitethernet 3/0/1
[PE1-vlan10] quit
# 在接口Ten-GigabitEthernet3/0/1上创建服务实例。
[PE1] interface ten-gigabitethernet 3/0/1
[PE1-Ten-GigabitEthernet3/0/1] service-instance 10
[PE1-Ten-GigabitEthernet3/0/1-srv10] encapsulation s-vid 10
[PE1-Ten-GigabitEthernet3/0/1-srv10] quit
[PE1-Ten-GigabitEthernet3/0/1] quit
# 创建交叉连接组vpna,在该交叉连接组内创建名称为svc的交叉连接,将Ten-GigabitEthernet3/0/1接口上的服务实例10与此交叉连接关联,并在交叉连接内创建静态PW,以便将AC和PW关联。
[PE1] xconnect-group vpna
[PE1-xcg-vpna] connection svc
[PE1-xcg-vpna-svc] ac interface ten-gigabitethernet 3/0/1 service-instance 10
[PE1-xcg-vpna-svc-Ten-GigabitEthernet3/0/1-srv10] quit
[PE1-xcg-vpna-svc] peer 192.3.3.3 pw-id 3 in-label 100 out-label 200
[PE1-xcg-vpna-svc-192.3.3.3-3] quit
[PE1-xcg-vpna-svc] quit
[PE1-xcg-vpna] quit
(3) 配置P
# 配置LSR ID。
<Sysname> system-view
[Sysname] sysname P
[P] interface loopback 0
[P-LoopBack0] ip address 192.4.4.4 32
[P-LoopBack0] quit
[P] mpls lsr-id 192.4.4.4
# 全局使能LDP。
[P] mpls ldp
[P-ldp] quit
# 创建VLAN 20并将接口Ten-GigabitEthernet3/0/1加入VLAN 20。
[P] vlan 20
[P-vlan20] port ten-gigabitethernet 3/0/1
[P-vlan20] quit
# 配置连接PE 1的接口Vlan-interface20,在此接口上使能LDP。
[P] interface vlan-interface 20
[P-Vlan-interface20] ip address 10.1.1.2 24
[P-Vlan-interface20] mpls enable
[P-Vlan-interface20] mpls ldp enable
[P-Vlan-interface20] quit
# 创建VLAN 30并将接口Ten-GigabitEthernet3/0/2加入VLAN 30。
[P] vlan 30
[P-vlan30] port ten-gigabitethernet 3/0/2
[P-vlan30] quit
# 配置连接PE 2的接口Vlan-interface30,在此接口上使能LDP。
[P] interface vlan-interface 30
[P-Vlan-interface30] ip address 10.2.2.2 24
[P-Vlan-interface30] mpls enable
[P-Vlan-interface30] mpls ldp enable
[P-Vlan-interface30] quit
# 在P上运行OSPF,用于建立LSP。
[P] ospf
[P-ospf-1] area 0
[P-ospf-1-area-0.0.0.0] network 10.1.1.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 10.2.2.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 192.4.4.4 0.0.0.0
[P-ospf-1-area-0.0.0.0] quit
[P-ospf-1] quit
(4) 配置PE 2
# 配置LSR ID。
<Sysname> system-view
[Sysname] sysname PE2
[PE2] interface loopback 0
[PE2-LoopBack0] ip address 192.3.3.3 32
[PE2-LoopBack0] quit
[PE2] mpls lsr-id 192.3.3.3
# 开启L2VPN功能。
[PE2] l2vpn enable
# 全局使能LDP。
[PE2] mpls ldp
[PE2-ldp] quit
# 创建VLAN 30并将接口Ten-GigabitEthernet3/0/2加入VLAN 30。
[PE2] vlan 30
[PE2-vlan20] port ten-gigabitethernet 3/0/2
[PE2-vlan20] quit
# 配置连接P的接口Vlan-interface30,在此接口上使能LDP。
[PE2] interface vlan-interface 30
[PE2-Vlan-interface30] ip address 10.2.2.1 24
[PE2-Vlan-interface30] mpls enable
[PE2-Vlan-interface30] mpls ldp enable
[PE2-Vlan-interface30] quit
# 在PE 2上运行OSPF,用于建立LSP。
[PE2] ospf
[PE2-ospf-1] area 0
[PE2-ospf-1-area-0.0.0.0] network 10.2.2.1 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] quit
# 创建VLAN 10并将接口Ten-GigabitEthernet3/0/1加入VLAN 10。
[PE2] vlan 10
[PE2-vlan10] port ten-gigabitethernet 3/0/1
[PE2-vlan10] quit
# 在接口Ten-GigabitEthernet3/0/1上创建服务实例。
[PE2] interface ten-gigabitethernet 3/0/1
[PE2-Ten-GigabitEthernet3/0/1] service-instance 10
[PE2-Ten-GigabitEthernet3/0/1-srv10]encapsulation s-vid 10
[PE2-Ten-GigabitEthernet3/0/1-srv10] quit
[PE2-Ten-GigabitEthernet3/0/1] quit
# 创建交叉连接组vpna,在该交叉连接组内创建名称为svc的交叉连接,将Ten-GigabitEthernet3/0/1接口上的服务实例10与此交叉连接关联,并在交叉连接内创建静态PW,以便将AC和PW关联。
[PE2] xconnect-group vpna
[PE2-xcg-vpna] connection svc
[PE2-xcg-vpna-svc] ac interface ten-gigabitethernet 3/0/1 service-instance 10
[PE2-xcg-vpna-svc-Ten-GigabitEthernet3/0/1-srv10] quit
[PE2-xcg-vpna-svc] peer 192.2.2.2 pw-id 3 in-label 200 out-label 100
[PE2-xcg-vpna-svc-192.2.2.2-3] quit
[PE2-xcg-vpna-svc] quit
[PE2-xcg-vpna] quit
(5) 配置CE 2
<Sysname> system-view
[Sysname] sysname CE2
[CE2] vlan 10
[CE2-vlan10] port ten-gigabitethernet 3/0/1
[CE2-vlan10] quit
[CE2] interface vlan-interface 10
[CE2-Vlan-interface10] ip address 100.1.1.2 24
[CE2-Vlan-interface10] quit
# 在PE 1上查看PW信息,可以看到建立了一条静态PW。
[PE1] display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY - ac-bypass
PBY - pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: vpna
Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State
192.3.3.3 3 100/200 Static M 0 Up
# 在PE 2上也可以看到静态PW的信息。
[PE2] display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY - ac-bypass
PBY - pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: vpna
Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State
192.2.2.2 3 200/100 Static M 0 Up
# CE 1与CE 2之间能够ping通。
· CE1
#
sysname CE1
#
vlan 10
#
interface Vlan-interface10
ip address 100.1.1.1 255.255.255.0
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
#
return
· CE2
#
sysname CE2
#
vlan 10
#
interface Vlan-interface10
ip address 100.1.1.2 255.255.255.0
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
#
return
· P
#
sysname P
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.2.0 0.0.0.255
network 192.4.4.4 0.0.0.0
#
mpls lsr-id 192.4.4.4
#
vlan 20
#
vlan 30
#
mpls ldp
#
interface LoopBack0
ip address 192.4.4.4 255.255.255.255
#
interface Vlan-interface20
ip address 10.1.1.2 255.255.255.0
mpls enable
mpls ldp enable
#
interface Vlan-interface30
ip address 10.2.2.2 255.255.255.0
mpls enable
mpls ldp enable
#
interface Ten-GigabitEthernet3/0/1
port access vlan 20
#
interface Ten-GigabitEthernet3/0/2
port access vlan 30
#
return
· PE1
#
sysname PE1
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 192.2.2.2 0.0.0.0
#
mpls lsr-id 192.2.2.2
#
vlan 10
#
vlan 20
#
mpls ldp
#
l2vpn enable
#
interface LoopBack0
ip address 192.2.2.2 255.255.255.255
#
interface Vlan-interface20
ip address 10.1.1.1 255.255.255.0
mpls enable
mpls ldp enable
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
service-instance 10
encapsulation s-vid 10
#
interface Ten-GigabitEthernet3/0/2
port access vlan 20
#
xconnect-group vpna
connection svc
ac interface Ten-GigabitEthernet3/0/1 service-instance 10
peer 192.3.3.3 pw-id 3 in-label 100 out-label 200
#
return
· PE2
#
sysname PE2
#
ospf 1
area 0.0.0.0
network 10.2.2.0 0.0.0.255
network 192.3.3.3 0.0.0.0
#
mpls lsr-id 192.3.3.3
#
vlan 10
#
vlan 30
#
mpls ldp
#
l2vpn enable
#
interface LoopBack0
ip address 192.3.3.3 255.255.255.255
#
interface Vlan-interface30
ip address 10.2.2.1 255.255.255.0
mpls enable
mpls ldp enable
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
service-instance 10
encapsulation s-vid 10
#
interface Ten-GigabitEthernet3/0/2
port access vlan 30
#
xconnect-group vpna
connection svc
ac interface Ten-GigabitEthernet3/0/1 service-instance 10
peer 192.2.2.2 pw-id 3 in-label 200 out-label 100
#
return
用户网络有两个站点,站点CE分别为CE 1和CE 2。站点1有一个用户VLAN(VLAN 10),站点2有一个用户VLAN(VLAN 10)。
通过在PE 1和PE 2上创建以太网服务实例,采用灵活匹配模式关联AC和PW,实现站点1与站点2之间的VLAN 10互联,但不消耗PE设备上的VLAN资源。
图1-3 LDP PW配置组网图
表1-4 组网图示例接口与设备实际接口对应关系
|
组网图示例接口 |
设备实际接口 |
|
Interface1 |
Ten-GigabitEthernet3/0/1 |
表1-5 组网图接口与IP地址对应关系
|
设备 |
接口 |
IP地址 |
设备 |
接口 |
IP地址 |
|
CE 1 |
Vlan-int10 |
100.1.1.1/24 |
P |
Loop0 |
192.4.4.4/32 |
|
PE 1 |
Loop0 |
192.2.2.2/32 |
|
Vlan-int23 |
23.1.1.2/24 |
|
|
Vlan-int23 |
23.1.1.1/24 |
|
Vlan-int26 |
26.2.2.2/24 |
|
CE 2 |
Vlan-int10 |
100.1.1.2/24 |
PE 2 |
Loop0 |
192.3.3.3/32 |
|
|
|
|
|
Vlan-int26 |
26.2.2.1/24 |
(1) 配置CE 1
<Sysname> system-view
[Sysname] sysname CE1
[CE1] vlan 10
[CE1-vlan10] port ten-gigabitethernet 3/0/1
[CE1-vlan10] quit
[CE1] interface vlan-interface 10
[CE1-Vlan-interface10] ip address 100.1.1.1 24
[CE1-Vlan-interface10] quit
(2) 配置PE 1
# 配置LSR ID。
<Sysname> system-view
[Sysname] sysname PE1
[PE1] interface loopback 0
[PE1-LoopBack0] ip address 192.2.2.2 32
[PE1-LoopBack0] quit
[PE1] mpls lsr-id 192.2.2.2
# 开启L2VPN功能。
[PE1] l2vpn enable
# 全局使能LDP。
[PE1] mpls ldp
[PE1-ldp] quit
# 创建VLAN 23并将接口Ten-GigabitEthernet3/0/2加入VLAN 23。
[PE1] vlan 23
[PE1-vlan23] port ten-gigabitethernet 3/0/2
[PE1-vlan23] quit
# 配置连接P的接口Vlan-interface23,在此接口上使能LDP。
[PE1] interface vlan-interface 23
[PE1-Vlan-interface23] ip address 23.1.1.1 24
[PE1-Vlan-interface23] mpls enable
[PE1-Vlan-interface23] mpls ldp enable
[PE1-Vlan-interface23] quit
# 在PE 1上运行OSPF,用于建立LSP。
[PE1] ospf
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 23.1.1.1 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit
# 创建VLAN 10并将接口Ten-GigabitEthernet3/0/1加入VLAN 10。
[PE1] vlan 10
[PE1-vlan10] port ten-gigabitethernet 3/0/1
[PE1-vlan10] quit
# 在接入CE 1的接口Ten-GigabitEthernet3/0/1上创建服务实例。
[PE1] interface ten-gigabitethernet 3/0/1
[PE1-Ten-GigabitEthernet3/0/1] service-instance 1000
[PE1-Ten-GigabitEthernet3/0/1-srv1000] encapsulation s-vid 10
[PE1-Ten-GigabitEthernet3/0/1-srv1000] quit
[PE1-Ten-GigabitEthernet3/0/1] quit
# 创建交叉连接组vpn1,在该交叉连接组内创建名称为ldp的交叉连接,将接口Ten-GigabitEthernet3/0/1的服务实例1000与此交叉连接关联,并在交叉连接内创建LDP PW,以实现AC和PW关联。
[PE1] xconnect-group vpn1
[PE1-xcg-vpn1] connection ldp
[PE1-xcg-vpn1-ldp] ac interface ten-gigabitethernet 3/0/1 service-instance 1000
[PE1-xcg-vpn1-ldp-Ten-GigabitEthernet3/0/1-srv1000] quit
[PE1-xcg-vpn1-ldp] peer 192.3.3.3 pw-id 1000
[PE1-xcg-vpn1-ldp-192.3.3.3-1000] quit
[PE1-xcg-vpn1-ldp] quit
[PE1-xcg-vpn1] quit
(3) 配置P
# 配置LSR ID。
<Sysname> system-view
[Sysname] sysname P
[P] interface loopback 0
[P-LoopBack0] ip address 192.4.4.4 32
[P-LoopBack0] quit
[P] mpls lsr-id 192.4.4.4
# 全局使能LDP。
[P] mpls ldp
[P-ldp] quit
# 创建VLAN 23并将接口Ten-GigabitEthernet3/0/1加入VLAN 23。
[P] vlan 23
[P-vlan23] port ten-gigabitethernet 3/0/1
[P-vlan23] quit
# 配置连接PE 1的接口Vlan-interface23,在此接口上使能LDP。
[P] interface vlan-interface 23
[P-Vlan-interface23] ip address 23.1.1.2 24
[P-Vlan-interface23] mpls enable
[P-Vlan-interface23] mpls ldp enable
[P-Vlan-interface23] quit
# 创建VLAN 26并将接口Ten-GigabitEthernet3/0/2加入VLAN 26。
[P] vlan 26
[P-vlan26] port ten-gigabitethernet 3/0/2
[P-vlan26] quit
# 配置连接PE 2的接口Vlan-interface26,在此接口上使能LDP。
[P] interface vlan-interface 26
[P-Vlan-interface26] ip address 26.2.2.2 24
[P-Vlan-interface26] mpls enable
[P-Vlan-interface26] mpls ldp enable
[P-Vlan-interface26] quit
# 在P上运行OSPF,用于建立LSP。
[P] ospf
[P-ospf-1] area 0
[P-ospf-1-area-0.0.0.0] network 23.1.1.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 26.2.2.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 192.4.4.4 0.0.0.0
[P-ospf-1-area-0.0.0.0] quit
[P-ospf-1] quit
(4) 配置PE 2
# 配置LSR ID。
<Sysname> system-view
[Sysname] sysname PE2
[PE2] interface loopback 0
[PE2-LoopBack0] ip address 192.3.3.3 32
[PE2-LoopBack0] quit
[PE2] mpls lsr-id 192.3.3.3
# 开启L2VPN功能。
[PE2] l2vpn enable
# 全局使能LDP。
[PE2] mpls ldp
[PE2-ldp] quit
# 创建VLAN 26并将接口Ten-GigabitEthernet3/0/2加入VLAN 26。
[PE2] vlan 26
[PE2-vlan26] port ten-gigabitethernet 3/0/2
[PE2-vlan26] quit
# 配置连接P的接口Vlan-interface26,在此接口上使能LDP。
[PE2] interface vlan-interface 26
[PE2-Vlan-interface26] ip address 26.2.2.1 24
[PE2-Vlan-interface26] mpls enable
[PE2-Vlan-interface26] mpls ldp enable
[PE2-Vlan-interface26] quit
# 在PE 2上运行OSPF,用于建立LSP。
[PE2] ospf
[PE2-ospf-1] area 0
[PE2-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] network 26.2.2.0 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] quit
# 创建VLAN 10并将接口Ten-GigabitEthernet3/0/1加入VLAN 10。
[PE2] vlan 10
[PE2-vlan10] port ten-gigabitethernet 3/0/1
[PE2-vlan10] quit
# 在接入CE 2的接口Ten-GigabitEthernet3/0/1上创建服务实例。
[PE2] interface ten-gigabitethernet 3/0/1
[PE2-Ten-GigabitEthernet3/0/1] service-instance 1000
[PE2-Ten-GigabitEthernet3/0/1-srv1000] encapsulation s-vid 10
[PE2-Ten-GigabitEthernet3/0/1-srv1000] quit
[PE2-Ten-GigabitEthernet3/0/1] quit
# 创建交叉连接组vpn1,在该交叉连接组内创建名称为ldp的交叉连接,将接口Ten-GigabitEthernet3/0/1的服务实例1000与此交叉连接关联,并在交叉连接内创建LDP PW,以实现AC和PW关联。
[PE2] xconnect-group vpn1
[PE2-xcg-vpn1] connection ldp
[PE2-xcg-vpn1-ldp] ac interface ten-gigabitethernet 3/0/1 service-instance 1000
[PE2-xcg-vpn1-ldp-Ten-GigabitEthernet3/0/1-srv1000] quit
[PE2-xcg-vpn1-ldp] peer 192.2.2.2 pw-id 1000
[PE2-xcg-vpn1-ldp-192.2.2.2-1000] quit
[PE2-xcg-vpn1-ldp] quit
[PE2-xcg-vpn1] quit
(5) 配置CE 2
<Sysname> system-view
[Sysname] sysname CE2
[CE2] vlan 10
[CE2-vlan10] port ten-gigabitethernet 3/0/1
[CE2-vlan10] quit
[CE2] interface vlan-interface 10
[CE2-Vlan-interface10] ip address 100.1.1.2 24
[CE2-Vlan-interface10] quit
# 在PE 1上查看PW信息,可以看到建立了一条LDP PW。
[PE1] display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY - ac-bypass
PBY - pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: vpn1
Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State
192.3.3.3 1000 1151/1279 LDP M 1 Up
# 在PE 2上也可以看到LDP PW信息。
[PE2] display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY - ac-bypass
PBY - pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: vpn1
Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State
192.2.2.2 1000 1279/1151 LDP M 1 Up
# CE 1与CE 2之间能够ping通。
· CE1
#
sysname CE1
#
vlan 10
#
interface Vlan-interface10
ip address 100.1.1.1 255.255.255.0
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
#
return
· CE2
#
sysname CE2
#
vlan 10
#
interface Vlan-interface10
ip address 100.1.1.2 255.255.255.0
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
#
return
· P
#
sysname P
#
ospf 1
area 0.0.0.0
network 23.1.1.0 0.0.0.255
network 26.2.2.0 0.0.0.255
network 192.4.4.4 0.0.0.0
#
mpls lsr-id 192.4.4.4
#
vlan 23
#
vlan 26
#
mpls ldp
#
interface LoopBack0
ip address 192.4.4.4 255.255.255.255
#
interface Vlan-interface23
ip address 23.1.1.2 255.255.255.0
mpls enable
mpls ldp enable
#
interface Vlan-interface26
ip address 26.2.2.2 255.255.255.0
mpls enable
mpls ldp enable
#
interface Ten-GigabitEthernet3/0/1
port access vlan 23
#
interface Ten-GigabitEthernet3/0/2
port access vlan 26
#
return
· PE1
#
sysname PE1
#
ospf 1
area 0.0.0.0
network 23.1.1.0 0.0.0.255
network 192.2.2.2 0.0.0.0
#
mpls lsr-id 192.2.2.2
#
vlan 10
#
vlan 23
#
mpls ldp
#
l2vpn enable
#
interface LoopBack0
ip address 192.2.2.2 255.255.255.255
#
interface Vlan-interface23
ip address 23.1.1.1 255.255.255.0
mpls enable
mpls ldp enable
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
service-instance 1000
encapsulation s-vid 10
#
xconnect-group vpn1
connection ldp
ac interface Ten-GigabitEthernet3/0/1 service-instance 1000
peer 192.3.3.3 pw-id 1000
#
return
· PE2
#
sysname PE2
#
ospf 1
area 0.0.0.0
network 26.2.2.0 0.0.0.255
network 192.3.3.3 0.0.0.0
#
mpls lsr-id 192.3.3.3
#
vlan 10
#
vlan 26
#
mpls ldp
#
l2vpn enable
#
interface LoopBack0
ip address 192.3.3.3 255.255.255.255
#
interface Vlan-interface26
ip address 26.2.2.1 255.255.255.0
mpls enable
mpls ldp enable
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
service-instance 1000
encapsulation s-vid 10
#
interface Ten-GigabitEthernet3/0/2
port access vlan 26
#
xconnect-group vpn1
connection ldp
ac interface Ten-GigabitEthernet3/0/1 service-instance 1000
peer 192.2.2.2 pw-id 1000
#
return
用户网络有若干个站点,希望通过在骨干网上建立BGP PW,实现站点1的VLAN 10与站点2的VLAN 10互联。
在PE 1和PE 2分别创建以太网服务实例10,匹配接口Ten-GigabitEthernet3/0/1接收到的VLAN Tag为10的报文。
图1-4 BGP PW配置组网图
表1-6 组网图示例接口与设备实际接口对应关系
|
组网图示例接口 |
设备实际接口 |
|
Interface1 |
Ten-GigabitEthernet3/0/1 |
表1-7 组网图接口与IP地址对应关系
|
设备 |
接口 |
IP地址 |
设备 |
接口 |
IP地址 |
|
CE 1 |
Vlan-int10 |
100.1.1.1/24 |
P |
Loop0 |
192.4.4.4/32 |
|
PE 1 |
Loop0 |
192.2.2.2/32 |
|
Vlan-int20 |
10.1.1.2/24 |
|
|
Vlan-int20 |
10.1.1.1/24 |
|
Vlan-int30 |
10.2.2.2/24 |
|
CE 2 |
Vlan-int10 |
100.1.1.2/24 |
PE 2 |
Loop0 |
192.3.3.3/32 |
|
|
|
|
|
Vlan-int30 |
10.2.2.1/24 |
(1) 配置CE 1
<Sysname> system-view
[Sysname] sysname CE1
[CE1] vlan 10
[CE1-vlan10] port ten-gigabitethernet 3/0/1
[CE1-vlan10] quit
[CE1] interface vlan-interface 10
[CE1-Vlan-interface10] ip address 100.1.1.1 24
[CE1-Vlan-interface10] quit
(2) 配置PE 1
# 配置LSR ID。
<Sysname> system-view
[Sysname] sysname PE1
[PE1] interface loopback 0
[PE1-LoopBack0] ip address 192.2.2.2 32
[PE1-LoopBack0] quit
[PE1] mpls lsr-id 192.2.2.2
# 开启L2VPN功能。
[PE1] l2vpn enable
# 全局使能LDP。
[PE1] mpls ldp
[PE1-ldp] quit
# 创建VLAN 20并将接口Ten-GigabitEthernet3/0/2加入VLAN 20。
[PE1] vlan 20
[PE1-vlan20] port ten-gigabitethernet 3/0/2
[PE1-vlan20] quit
# 配置连接P的接口Vlan-interface20,在此接口上使能LDP。
[PE1] interface vlan-interface 20
[PE1-Vlan-interface20] ip address 10.1.1.1 24
[PE1-Vlan-interface20] mpls enable
[PE1-Vlan-interface20] mpls ldp enable
[PE1-Vlan-interface20] quit
# 在PE 1上运行OSPF,用于建立LSP。
[PE1] ospf
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit
# 在PE 1和PE 2之间建立IBGP连接,并配置在二者之间通过BGP发布L2VPN信息。
[PE1] bgp 100
[PE1-bgp-default] peer 192.3.3.3 as-number 100
[PE1-bgp-default] peer 192.3.3.3 connect-interface loopback 0
[PE1-bgp-default] address-family l2vpn
[PE1-bgp-default-l2vpn] peer 192.3.3.3 enable
[PE1-bgp-default-l2vpn] quit
[PE1-bgp-default] quit
# 创建VLAN 10并将接口Ten-GigabitEthernet3/0/1加入VLAN 10。
[PE1] vlan 10
[PE1-vlan10] port ten-gigabitethernet 3/0/1
[PE1-vlan10] quit
# 在接口Ten-GigabitEthernet3/0/1上创建服务实例10。
[PE1] interface ten-gigabitethernet 3/0/1
[PE1-Ten-GigabitEthernet3/0/1] service-instance 10
[PE1-Ten-GigabitEthernet3/0/1-srv10]encapsulation s-vid 10
[PE1-Ten-GigabitEthernet3/0/1-srv10] quit
[PE1-Ten-GigabitEthernet3/0/1] quit
# 创建交叉连接组vpnb,在该交叉连接组内创建本地站点1,在本地站点1和远端站点2之间建立BGP PW,并将Ten-GigabitEthernet3/0/1接口上的服务实例10与此PW关联。
[PE1] xconnect-group vpnb
[PE1-xcg-vpnb] auto-discovery bgp
[PE1-xcg-vpnb-auto] route-distinguisher 2:2
[PE1-xcg-vpnb-auto] vpn-target 2:2 export-extcommunity
[PE1-xcg-vpnb-auto] vpn-target 2:2 import-extcommunity
[PE1-xcg-vpnb-auto] site 1 range 10 default-offset 0
[PE1-xcg-vpnb-auto-1] connection remote-site-id 2
[PE1-xcg-vpnb-auto-1-2] ac interface ten-gigabitethernet 3/0/1 service-instance 10
[PE1-xcg-vpnb-auto-1-2] return
(3) 配置P
# 配置LSR ID。
<Sysname> system-view
[Sysname] sysname P
[P] interface loopback 0
[P-LoopBack0] ip address 192.4.4.4 32
[P-LoopBack0] quit
[P] mpls lsr-id 192.4.4.4
# 全局使能LDP。
[P] mpls ldp
[P-ldp] quit
# 创建VLAN 20并将接口Ten-GigabitEthernet3/0/1加入VLAN 20。
[P] vlan 20
[P-vlan20] port ten-gigabitethernet 3/0/1
[P-vlan20] quit
# 配置连接PE 1的接口Vlan-interface20,在此接口上使能LDP。
[P] interface vlan-interface 20
[P-Vlan-interface20] ip address 10.1.1.2 24
[P-Vlan-interface20] mpls enable
[P-Vlan-interface20] mpls ldp enable
[P-Vlan-interface20] quit
# 创建VLAN 30并将接口Ten-GigabitEthernet3/0/2加入VLAN 30。
[P] vlan 30
[P-vlan30] port ten-gigabitethernet 3/0/2
[P-vlan30] quit
# 配置连接PE 2的接口Vlan-interface30,在此接口上使能LDP。
[P] interface vlan-interface 30
[P-Vlan-interface30] ip address 10.2.2.2 24
[P-Vlan-interface30] mpls enable
[P-Vlan-interface30] mpls ldp enable
[P-Vlan-interface30] quit
# 在P上运行OSPF,用于建立LSP。
[P] ospf
[P-ospf-1] area 0
[P-ospf-1-area-0.0.0.0] network 10.1.1.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 10.2.2.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 192.4.4.4 0.0.0.0
[P-ospf-1-area-0.0.0.0] quit
[P-ospf-1] quit
(4) 配置PE 2
# 配置LSR ID。
<Sysname> system-view
[Sysname] sysname PE2
[PE2] interface loopback 0
[PE2-LoopBack0] ip address 192.3.3.3 32
[PE2-LoopBack0] quit
[PE2] mpls lsr-id 192.3.3.3
# 开启L2VPN功能。
[PE2] l2vpn enable
# 全局使能LDP。
[PE2] mpls ldp
[PE2-ldp] quit
# 创建VLAN 30并将接口Ten-GigabitEthernet3/0/2加入VLAN 30。
[PE2] vlan 30
[PE2-vlan30] port ten-gigabitethernet 3/0/2
[PE2-vlan30] quit
# 配置连接P的接口Vlan-interface30,在此接口上使能LDP。
[PE2] interface vlan-interface 30
[PE2-Vlan-interface30] ip address 10.2.2.1 24
[PE2-Vlan-interface30] mpls enable
[PE2-Vlan-interface30] mpls ldp enable
[PE2-Vlan-interface30] quit
# 在PE 2上运行OSPF,用于建立LSP。
[PE2] ospf
[PE2-ospf-1] area 0
[PE2-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] network 10.2.2.0 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] quit
# 在PE 1和PE 2之间建立IBGP连接,并配置在二者之间通过BGP发布L2VPN信息。
[PE2] bgp 100
[PE2-bgp-default] peer 192.2.2.2 as-number 100
[PE2-bgp-default] peer 192.2.2.2 connect-interface loopback 0
[PE2-bgp-default] address-family l2vpn
[PE2-bgp-default-l2vpn] peer 192.2.2.2 enable
[PE2-bgp-default-l2vpn] quit
[PE2-bgp-default] quit
# 创建VLAN 10并将接口Ten-GigabitEthernet3/0/1加入VLAN 10。
[PE2] vlan 10
[PE2-vlan10] port ten-gigabitethernet 3/0/1
[PE2-vlan10] quit
# 在接口Ten-GigabitEthernet3/0/1上创建服务实例10。
[PE2] interface ten-gigabitethernet 3/0/1
[PE2-Ten-GigabitEthernet3/0/1] service-instance 10
[PE2-Ten-GigabitEthernet3/0/1-srv10]encapsulation s-vid 10
[PE2-Ten-GigabitEthernet3/0/1-srv10] quit
[PE2-Ten-GigabitEthernet3/0/1] quit
# 创建交叉连接组vpnb,在该交叉连接组内创建本地站点2,在本地站点2和远端站点1之间建立BGP PW,并将Ten-GigabitEthernet3/0/1接口上的服务实例10与此PW关联。
[PE2] xconnect-group vpnb
[PE2-xcg-vpnb] auto-discovery bgp
[PE2-xcg-vpnb-auto] route-distinguisher 2:2
[PE2-xcg-vpnb-auto] vpn-target 2:2 export-extcommunity
[PE2-xcg-vpnb-auto] vpn-target 2:2 import-extcommunity
[PE2-xcg-vpnb-auto] site 2 range 10 default-offset 0
[PE2-xcg-vpnb-auto-2] connection remote-site-id 1
[PE2-xcg-vpnb-auto-2-1] ac interface ten-gigabitethernet 3/0/1 service-instance 10
[PE2-xcg-vpnb-auto-2-1] return
(5) 配置CE 2
<Sysname> system-view
[Sysname] sysname CE2
[CE2] vlan 10
[CE2-vlan10] port ten-gigabitethernet 3/0/1
[CE2-vlan10] quit
[CE2] interface vlan-interface 10
[CE2-Vlan-interface10] ip address 100.1.1.2 24
[CE2-Vlan-interface10] quit
# 在PE 1上查看PW信息,可以看到建立了一条BGP PW。
<PE1> display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY - ac-bypass
PBY - pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: vpnb
Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State
192.3.3.3 2 1036/1025 BGP M 1 Up
# 在PE 2上也可以看到PW信息。
<PE2> display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY - ac-bypass
PBY - pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: vpnb
Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State
192.2.2.2 1 1025/1036 BGP M 1 Up
# CE 1与CE 2之间能够ping通。
· CE1
#
sysname CE1
#
vlan 10
#
interface Vlan-interface10
ip address 100.1.1.1 255.255.255.0
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
#
return
· CE2
#
sysname CE2
#
vlan 10
#
interface Vlan-interface10
ip address 100.1.1.2 255.255.255.0
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
#
return
· P
#
sysname P
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.2.0 0.0.0.255
network 192.4.4.4 0.0.0.0
#
mpls lsr-id 192.4.4.4
#
vlan 20
#
vlan 30
#
mpls ldp
#
interface LoopBack0
ip address 192.4.4.4 255.255.255.255
#
interface Vlan-interface20
ip address 10.1.1.2 255.255.255.0
mpls enable
mpls ldp enable
#
interface Vlan-interface30
ip address 10.2.2.2 255.255.255.0
mpls enable
mpls ldp enable
#
interface Ten-GigabitEthernet3/0/1
port access vlan 20
#
interface Ten-GigabitEthernet3/0/2
port access vlan 30
#
return
· PE1
#
sysname PE1
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 192.2.2.2 0.0.0.0
#
mpls lsr-id 192.2.2.2
#
vlan 10
#
vlan 20
#
mpls ldp
#
l2vpn enable
#
interface LoopBack0
ip address 192.2.2.2 255.255.255.255
#
interface Vlan-interface20
ip address 10.1.1.1 255.255.255.0
mpls enable
mpls ldp enable
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
service-instance 10
encapsulation s-vid 10
#
interface Ten-GigabitEthernet3/0/2
port access vlan 20
#
bgp 100
peer 192.3.3.3 as-number 100
peer 192.3.3.3 connect-interface LoopBack0
#
address-family l2vpn
peer 192.3.3.3 enable
#
xconnect-group vpnb
auto-discovery bgp
route-distinguisher 22
vpn-target 22 export-extcommunity
vpn-target 22 import-extcommunity
site 1 range 10 default-offset 0
connection remote-site-id 2
ac interface Ten-GigabitEthernet3/0/1 service-instance 10
#
return
· PE2
#
sysname PE2
#
ospf 1
area 0.0.0.0
network 10.2.2.0 0.0.0.255
network 192.3.3.3 0.0.0.0
#
mpls lsr-id 192.3.3.3
#
vlan 10
#
vlan 30
#
mpls ldp
#
l2vpn enable
#
interface LoopBack0
ip address 192.3.3.3 255.255.255.255
#
interface Vlan-interface30
ip address 10.2.2.1 255.255.255.0
mpls enable
mpls ldp enable
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
service-instance 10
encapsulation s-vid 10
#
interface Ten-GigabitEthernet3/0/2
port access vlan 30
#
bgp 100
peer 192.2.2.2 as-number 100
peer 192.2.2.2 connect-interface LoopBack0
#
address-family l2vpn
peer 192.2.2.2 enable
#
xconnect-group vpnb
auto-discovery bgp
route-distinguisher 22
vpn-target 22 export-extcommunity
vpn-target 22 import-extcommunity
site 2 range 10 default-offset 0
connection remote-site-id 1
ac interface Ten-GigabitEthernet3/0/1 service-instance 10
#
return
用户网络有若干个站点,希望通过在骨干网上建立CCC远程连接,实现站点1的VLAN 10与站点2的VLAN 10互联。
在PE 1和PE 2分别创建以太网服务实例10,匹配接口Ten-GigabitEthernet3/0/1接收到的VLAN Tag为10的报文。
图1-5 CCC远程连接配置组网图
表1-8 组网图示例接口与设备实际接口对应关系
|
组网图示例接口 |
设备实际接口 |
|
Interface1 |
Ten-GigabitEthernet3/0/1 |
表1-9 组网图接口与IP地址对应关系
|
设备 |
接口 |
IP地址 |
设备 |
接口 |
IP地址 |
|
CE 1 |
Vlan-int10 |
100.1.1.1/24 |
P |
Loop0 |
192.4.4.4/32 |
|
PE 1 |
Loop0 |
192.2.2.2/32 |
|
Vlan-int20 |
10.1.1.2/24 |
|
|
Vlan-int20 |
10.1.1.1/24 |
|
Vlan-int30 |
10.2.2.2/24 |
|
CE 2 |
Vlan-int10 |
100.1.1.2/24 |
PE 2 |
Loop0 |
192.3.3.3/32 |
|
|
|
|
|
Vlan-int30 |
10.2.2.1/24 |
(1) 配置CE 1
<Sysname> system-view
[Sysname] sysname CE1
[CE1] vlan 10
[CE1-vlan10] port ten-gigabitethernet 3/0/1
[CE1-vlan10] quit
[CE1] interface vlan-interface 10
[CE1-Vlan-interface10] ip address 100.1.1.1 24
[CE1-Vlan-interface10] quit
(2) 配置PE 1
# 配置LSR ID。
<Sysname> system-view
[Sysname] sysname PE1
[PE1] interface loopback 0
[PE1-LoopBack0] ip address 192.2.2.2 32
[PE1-LoopBack0] quit
[PE1] mpls lsr-id 192.2.2.2
# 开启L2VPN功能。
[PE1] l2vpn enable
# 创建VLAN 20并将接口Ten-GigabitEthernet3/0/2加入VLAN 20。
[PE1] vlan 20
[PE1-vlan20] port ten-gigabitethernet 3/0/2
[PE1-vlan20] quit
# 配置连接P的接口Vlan-interface20,在此接口上使能MPLS。
[PE1] interface vlan-interface 20
[PE1-Vlan-interface20] ip address 10.1.1.1 24
[PE1-Vlan-interface20] mpls enable
[PE1-Vlan-interface20] quit
# 创建VLAN 10并将接口Ten-GigabitEthernet3/0/1加入VLAN 10。
[PE1] vlan 10
[PE1-vlan10] port ten-gigabitethernet 3/0/1
[PE1-vlan10] quit
# 在接口Ten-GigabitEthernet3/0/1上创建服务实例。
[PE1] interface ten-gigabitethernet 3/0/1
[PE1-Ten-GigabitEthernet3/0/1] service-instance 10
[PE1-Ten-GigabitEthernet3/0/1-srv10]encapsulation s-vid 10
[PE1-Ten-GigabitEthernet3/0/1-srv10] quit
[PE1-Ten-GigabitEthernet3/0/1] quit
# 创建交叉连接组ccc,在该交叉连接组内创建CCC远程连接(入标签为101、出标签为201、下一跳地址为10.1.1.2),并将Ten-GigabitEthernet3/0/1接口上的服务实例10与此CCC远程连接关联。
[PE1] xconnect-group ccc
[PE1-xcg-ccc] connection ccc
[PE1-xcg-ccc-ccc] ccc in-label 101 out-label 201 nexthop 10.1.1.2
[PE1-xcg-ccc-ccc] ac interface ten-gigabitethernet 3/0/1 service-instance 10
[PE1-xcg-ccc-ccc-Ten-GigabitEthernet3/0/1-srv10] quit
[PE1-xcg-ccc-ccc] quit
[PE1-xcg-ccc] quit
(3) 配置P
# 配置LSR ID。
<Sysname> system-view
[Sysname] sysname P
[P] interface loopback 0
[P-LoopBack0] ip address 192.4.4.4 32
[P-LoopBack0] quit
[P] mpls lsr-id 192.4.4.4
# 创建VLAN 20并将接口Ten-GigabitEthernet3/0/1加入VLAN 20。
[P] vlan 20
[P-vlan20] port ten-gigabitethernet 3/0/1
[P-vlan20] quit
# 配置连接PE 1的接口Vlan-interface20,在此接口上使能MPLS。
[P] interface vlan-interface 20
[P-Vlan-interface20] ip address 10.1.1.2 24
[P-Vlan-interface20] mpls enable
[P-Vlan-interface20] quit
# 创建VLAN 30并将接口Ten-GigabitEthernet3/0/2加入VLAN 30。
[P] vlan 30
[P-vlan30] port ten-gigabitethernet 3/0/2
[P-vlan30] quit
# 配置连接PE 2的接口Vlan-interface30,在此接口上使能MPLS。
[P] interface vlan-interface 30
[P-Vlan-interface30] ip address 10.2.2.2 24
[P-Vlan-interface30] mpls enable
[P-Vlan-interface30] quit
# 配置一条静态LSP用于转发由PE 1去往PE 2的报文。
[P] static-lsp transit pe1-pe2 in-label 201 nexthop 10.2.2.1 out-label 202
# 配置另一条静态LSP用于转发由PE 2去往PE 1的报文。
[P] static-lsp transit pe2-pe1 in-label 102 nexthop 10.1.1.1 out-label 101
(4) 配置PE 2
# 配置LSR ID。
<Sysname> system-view
[Sysname] sysname PE2
[PE2] interface loopback 0
[PE2-LoopBack0] ip address 192.3.3.3 32
[PE2-LoopBack0] quit
[PE2] mpls lsr-id 192.3.3.3
# 开启L2VPN功能。
[PE2] l2vpn enable
# 创建VLAN 30并将接口Ten-GigabitEthernet3/0/2加入VLAN 30。
[PE2] vlan 30
[PE2-vlan30] port ten-gigabitethernet 3/0/2
[PE2-vlan30] quit
# 配置连接P的接口Vlan-interface30,在此接口上使能MPLS。
[PE2] interface vlan-interface 30
[PE2-Vlan-interface30] ip address 10.2.2.1 24
[PE2-Vlan-interface30] mpls enable
[PE2-Vlan-interface30] quit
# 创建VLAN 10并将接口Ten-GigabitEthernet3/0/1加入VLAN 10。
[PE2] vlan 10
[PE2-vlan10] port ten-gigabitethernet 3/0/1
[PE2-vlan10] quit
# 在接口Ten-GigabitEthernet3/0/1上创建服务实例。
[PE2] interface ten-gigabitethernet 3/0/1
[PE2-Ten-GigabitEthernet3/0/1] service-instance 10
[PE2-Ten-GigabitEthernet3/0/1-srv10]encapsulation s-vid 10
[PE2-Ten-GigabitEthernet3/0/1-srv10] quit
[PE2-Ten-GigabitEthernet3/0/1] quit
# 创建交叉连接组ccc,在该交叉连接组内创建CCC远程连接(入标签为202、出标签为102、下一跳地址为10.2.2.2),并将Ten-GigabitEthernet3/0/1接口上的服务实例10与此CCC远程连接关联。
[PE2] xconnect-group ccc
[PE2-xcg-ccc] connection ccc
[PE2-xcg-ccc-ccc] ccc in-label 202 out-label 102 nexthop 10.2.2.2
[PE2-xcg-ccc-ccc] ac interface ten-gigabitethernet 3/0/1 service-instance 10
[PE2-xcg-ccc-ccc-Ten-GigabitEthernet3/0/1-srv10] quit
[PE2-xcg-ccc-ccc] quit
[PE2-xcg-ccc] quit
(5) 配置CE 2
<Sysname> system-view
[Sysname] sysname CE2
[CE2] vlan 10
[CE2-vlan10] port ten-gigabitethernet 3/0/1
[CE2-vlan10] quit
[CE2] interface vlan-interface 10
[CE2-Vlan-interface10] ip address 100.1.1.2 24
[CE2-Vlan-interface10] quit
# 在PE 1上查看PW信息,可以看到建立了一条PW连接。PW ID/Rmt Site字段为“-”,Proto字段为“Static”,表示该PW连接为CCC远程连接。
[PE1] display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY - ac-bypass
PBY - pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: ccc
Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State
10.1.1.2 - 101/201 Static M 0 Up
# 在PE 2上也可以看到PW信息。
[PE2] display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY - ac-bypass
PBY - pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: ccc
Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State
10.2.2.2 - 202/102 Static M 0 Up
# CE 1与CE 2之间能够ping通。
· CE1
#
sysname CE1
#
vlan 10
#
interface Vlan-interface10
ip address 100.1.1.1 255.255.255.0
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
#
return
· CE2
#
sysname CE2
#
vlan 10
#
interface Vlan-interface10
ip address 100.1.1.2 255.255.255.0
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
#
return
· P
#
sysname P
#
mpls lsr-id 192.4.4.4
#
vlan 20
#
vlan 30
#
interface LoopBack0
ip address 192.4.4.4 255.255.255.255
#
interface Vlan-interface20
ip address 10.1.1.2 255.255.255.0
mpls enable
#
interface Vlan-interface30
ip address 10.2.2.2 255.255.255.0
mpls enable
#
interface Ten-GigabitEthernet3/0/1
port access vlan 20
#
interface Ten-GigabitEthernet3/0/2
port access vlan 30
#
return
· PE1
#
sysname PE1
#
mpls lsr-id 192.2.2.2
#
vlan 10
#
vlan 20
#
l2vpn enable
#
interface LoopBack0
ip address 192.2.2.2 255.255.255.255
#
interface Vlan-interface20
ip address 10.1.1.1 255.255.255.0
mpls enable
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
service-instance 10
encapsulation s-vid 10
#
interface Ten-GigabitEthernet3/0/2
port access vlan 20
#
xconnect-group ccc
connection ccc
ccc in-label 101 out-label 201 nexthop 10.1.1.2
ac interface Ten-GigabitEthernet3/0/1 service-instance 10
#
return
· PE2
#
sysname PE2
#
mpls lsr-id 192.3.3.3
#
vlan 10
#
vlan 30
#
l2vpn enable
#
interface LoopBack0
ip address 192.3.3.3 255.255.255.255
#
interface Vlan-interface30
ip address 10.2.2.1 255.255.255.0
mpls enable
#
interface Ten-GigabitEthernet3/0/1
port access vlan 10
service-instance 10
encapsulation s-vid 10
#
interface Ten-GigabitEthernet3/0/2
port access vlan 30
#
xconnect-group ccc
connection ccc
ccc in-label 202 out-label 102 nexthop 10.2.2.2
ac interface Ten-GigabitEthernet3/0/1 service-instance 10
#
return
不同款型规格的资料略有差异, 详细信息请向具体销售和400咨询。H3C保留在没有任何通知或提示的情况下对资料内容进行修改的权利!
支持
