Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 01-VPN instance configuration | 45.63 KB |
Configuring VPN instances
Basic concepts
Site
A site has the following features:
· A site is a group of IP systems with IP connectivity that does not rely on any service provider networks.
· The classification of a site depends on the topology relationship of the devices, rather than the geographical positions. However, the devices at a site are, in most cases, adjacent to each other geographically.
· The devices at a site can belong to multiple VPNs, which means that a site can belong to multiple VPNs.
Sites connected to the same provider network can be classified into different sets by policies. Only the sites in the same set can access each other through the provider network. Such a set is called a VPN.
VPN instance
In MPLS L3VPN, VPN instances implement route isolation for VPNs. A VPN instance is also called a Virtual Routing and Forwarding (VRF) instance.
Configuring VPN instances
Creating a VPN instance
A VPN instance is a collection of the VPN membership and routing rules of its associated site. A VPN instance might correspond to more than one VPN.
To create a VPN instance:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Create a VPN instance and enter its view. |
ip vpn-instance vpn-instance-name |
By default, no VPN instances exist. |
|
3. (Optional.) Configure a description for the VPN instance. |
description text |
By default, no description is configured for a VPN instance. |
Associating a VPN instance with an interface
To associate a VPN instance with an interface:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
|
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Associate a VPN instance with the interface. |
ip binding vpn-instance vpn-instance-name |
By default, an interface is not associated with a VPN instance and belongs to the public network. The ip binding vpn-instance command deletes the IP address of the interface. You must reconfigure an IP address for the interface after configuring the command. |
Displaying and maintaining VPN instances
Execute display commands in any view.
|
Task |
Command |
|
Display VPN instance information. |
display ip vpn-instance [ instance-name vpn-instance-name ] |
