收藏小站
H3C MSR系列路由器MPLS L3VPN跨域方案【A B C功能配置】 下载本文

MSR系列路由器MPLS L3VPN跨域方案A功能的配置

关键词:MSR;MPLS;L3VPN;跨域;OptionA

一、组网需求:

peA和asbrA在AS1,peB和asbrB在AS2;peA和peB都下挂着vpna和vpnb的站点,peA下挂vpna和vpnb站点1,peB下挂vpna和vpnb站点2。

设备清单:MSR系列路由器4台

二、组网图:

三、配置步骤: peA配置:

#

router id 3.3.3.3 #

ip vpn-instance vpna route-distinguisher 3:1

vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity

#

ip vpn-instance vpnb route-distinguisher 3:2

vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity #

mpls lsr-id 3.3.3.3 # mpls #

mpls ldp #

interface Ethernet0/0 port link-mode route

ip address 1.3.0.3 255.255.255.0 mpls mpls ldp #

interface Ethernet0/1 port link-mode route

ip binding vpn-instance vpna

ip address 192.168.1.1 255.255.255.0 #

interface Ethernet1/0 port link-mode route

ip binding vpn-instance vpnb

ip address 172.32.1.1 255.255.255.0 #

interface LoopBack0

ip address 3.3.3.3 255.255.255.255

# bgp 1

undo synchronization peer 1.1.1.1 as-number 1

peer 1.1.1.1 connect-interface LoopBack0 #

ipv4-family vpnv4 peer 1.1.1.1 enable #

ipv4-family vpn-instance vpna import-route direct #

ipv4-family vpn-instance vpnb import-route direct # ospf 1 area 0.0.0.0

network 3.3.3.3 0.0.0.0 network 1.3.0.0 0.0.0.255 #

asbrA配置:

router id 1.1.1.1 #

ip vpn-instance vpna route-distinguisher 1:1

vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity #

ip vpn-instance vpnb route-distinguisher 1:2

vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity #

mpls lsr-id 1.1.1.1 # mpls #

mpls ldp #

interface Ethernet0/0.1 //asbr间用子接口区分不同vpn流量 vlan-type dot1q vid 1

ip binding vpn-instance vpna ip address 1.2.1.1 255.255.255.0 #

interface Ethernet0/0.2 //asbr间用子接口区分不同vpn流量 vlan-type dot1q vid 2

ip binding vpn-instance vpnb ip address 1.2.2.1 255.255.255.0 #

interface Ethernet0/1 port link-mode route

ip address 1.3.0.1 255.255.255.0 mpls mpls ldp #

interface LoopBack0

ip address 1.1.1.1 255.255.255.255 # bgp 1

undo synchronization

peer 3.3.3.3 as-number 1 //asbr和pe间是标准L3VPN配置 peer 3.3.3.3 connect-interface LoopBack0 #

ipv4-family vpnv4 peer 3.3.3.3 enable #

ipv4-family vpn-instance vpna //asbr间使用PE-CE模式传vpna路由 peer 1.2.1.2 as-number 2 #

ipv4-family vpn-instance vpnb //asbr间使用PE-CE模式传vpna路由 peer 1.2.2.2 as-number 2 # ospf 1 area 0.0.0.0

network 1.1.1.1 0.0.0.0 network 1.3.0.0 0.0.0.255 #

asbrB配置:

#

router id 2.2.2.2 #

ip vpn-instance vpna route-distinguisher 2:1

vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity #

ip vpn-instance vpnb route-distinguisher 2:2

vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity

#

mpls lsr-id 2.2.2.2 # mpls #

mpls ldp #

interface Ethernet0/0.1 //asbr间用子接口区分不同vpn流量 vlan-type dot1q vid 1

ip binding vpn-instance vpna ip address 1.2.1.2 255.255.255.0 #

interface Ethernet0/0.2 //asbr间用子接口区分不同vpn流量 vlan-type dot1q vid 2

ip binding vpn-instance vpnb ip address 1.2.2.2 255.255.255.0 #

interface Ethernet0/1 port link-mode route

ip address 2.4.0.2 255.255.255.0 mpls mpls ldp #

interface LoopBack0

ip address 2.2.2.2 255.255.255.255 # bgp 2

undo synchronization

peer 4.4.4.4 as-number 2 //asbr和pe间是标准L3VPN配置 peer 4.4.4.4 connect-interface LoopBack0

#

ipv4-family vpnv4 peer 4.4.4.4 enable #

ipv4-family vpn-instance vpna //asbr间使用PE-CE模式传vpna路由 peer 1.2.1.1 as-number 1 #

ipv4-family vpn-instance vpnb //asbr间使用PE-CE模式传vpnb路由 peer 1.2.2.1 as-number 1 # ospf 1 area 0.0.0.0

network 2.2.2.2 0.0.0.0 network 2.4.0.0 0.0.0.255 #

peB配置:

router id 4.4.4.4 #

ip vpn-instance vpna route-distinguisher 4:1

vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity #

ip vpn-instance vpnb route-distinguisher 4:2

vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity #

mpls lsr-id 4.4.4.4 #

mpls #

mpls ldp #

interface Ethernet0/0 port link-mode route

ip address 2.4.0.4 255.255.255.0 mpls mpls ldp #

interface Ethernet0/1 port link-mode route

ip binding vpn-instance vpna

ip address 192.168.2.1 255.255.255.0 #

interface Ethernet1/0 port link-mode route

ip binding vpn-instance vpnb

ip address 172.32.2.1 255.255.255.0 #

interface LoopBack0

ip address 4.4.4.4 255.255.255.255 # bgp 2

undo synchronization peer 2.2.2.2 as-number 2

peer 2.2.2.2 connect-interface LoopBack0 #

ipv4-family vpnv4 peer 2.2.2.2 enable

#

ipv4-family vpn-instance vpna import-route direct #

ipv4-family vpn-instance vpnb import-route direct # ospf 1 area 0.0.0.0

network 4.4.4.4 0.0.0.0 network 2.4.0.0 0.0.0.255 #

四、配置关键点:

1. asbr间需要用不同链路隔离不同vpn流量,可以使用不同物理链路

或逻辑链路如子接口或E1/T1通道;

2. asbr间互相把对方认为CE,所以要配置在bgp的vpn实例视图下配置。

MSR系列路由器MPLS L3VPN跨域方案B功能的配置

关键词:MSR;MPLS;L3VPN;跨域;OptionB 一、组网需求:

peA和asbrA在AS1,peB和asbrB在AS2;peA和peB都下挂着vpna和vpnb的站点,peA下挂vpna和vpnb站点1,peB下挂vpna和vpnb站点2。

设备清单:MSR系列路由器4台

二、组网图:

三、配置步骤:

适用设备和版本:MSR系列、Version 5.20, Beta 1105后所有版本。

peA配置:

#

router id 3.3.3.3 #

ip vpn-instance vpna route-distinguisher 3:1

vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity #

ip vpn-instance vpnb route-distinguisher 3:2

vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity #

mpls lsr-id 3.3.3.3

# mpls #

mpls ldp #

interface Ethernet0/0 port link-mode route

ip address 1.3.0.3 255.255.255.0 mpls mpls ldp #

interface Ethernet0/1 port link-mode route

ip binding vpn-instance vpna

ip address 192.168.1.1 255.255.255.0 #

interface Ethernet1/0 port link-mode route

ip binding vpn-instance vpnb

ip address 172.32.1.1 255.255.255.0 #

interface LoopBack0

ip address 3.3.3.3 255.255.255.255 # bgp 1

undo synchronization peer 1.1.1.1 as-number 1

peer 1.1.1.1 connect-interface LoopBack0 #

ipv4-family vpnv4

peer 1.1.1.1 enable #

ipv4-family vpn-instance vpna import-route direct #

ipv4-family vpn-instance vpnb import-route direct # ospf 1 area 0.0.0.0

network 3.3.3.3 0.0.0.0 network 1.3.0.0 0.0.0.255 #

asbrA配置:

router id 1.1.1.1 #

mpls lsr-id 1.1.1.1 # mpls #

mpls ldp #

interface Ethernet0/0 port link-mode route

ip address 1.2.0.1 255.255.255.0 mpls //使能MPLS流量转发能力 #

interface Ethernet0/1 port link-mode route

ip address 1.3.0.1 255.255.255.0

mpls mpls ldp #

interface LoopBack0

ip address 1.1.1.1 255.255.255.255 # bgp 1

undo synchronization

peer 1.2.0.2 as-number 2 //建立EBGP连接 peer 3.3.3.3 as-number 1

peer 3.3.3.3 connect-interface LoopBack0 #

ipv4-family vpnv4

undo policy vpn-target //取消vpn-target策略 peer 3.3.3.3 enable

peer 1.2.0.2 enable //向EBGP邻居发vpn所有vpn路由 # ospf 1 area 0.0.0.0

network 1.1.1.1 0.0.0.0 network 1.3.0.0 0.0.0.255 #

asbrB配置:

#

router id 2.2.2.2 #

mpls lsr-id 2.2.2.2 # mpls #

mpls ldp #

interface Ethernet0/0 port link-mode route

ip address 1.2.0.2 255.255.255.0 mpls //使能MPLS流量转发能力 #

interface Ethernet0/1 port link-mode route

ip address 2.4.0.2 255.255.255.0 mpls mpls ldp #

interface LoopBack0

ip address 2.2.2.2 255.255.255.255 # bgp 2

undo synchronization

peer 1.2.0.1 as-number 1 //建立EBGP连接 peer 4.4.4.4 as-number 2

peer 4.4.4.4 connect-interface LoopBack0 #

ipv4-family vpnv4

undo policy vpn-target //取消vpn-target策略 peer 4.4.4.4 enable

peer 1.2.0.1 enable //向EBGP邻居发vpn所有vpn路由 # ospf 1 area 0.0.0.0

network 2.2.2.2 0.0.0.0

network 2.4.0.0 0.0.0.255 #

peB配置:

router id 4.4.4.4 #

ip vpn-instance vpna route-distinguisher 4:1

vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity #

ip vpn-instance vpnb route-distinguisher 4:2

vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity #

mpls lsr-id 4.4.4.4 # mpls #

mpls ldp #

interface Ethernet0/0 port link-mode route

ip address 2.4.0.4 255.255.255.0 mpls mpls ldp #

interface Ethernet0/1 port link-mode route

ip binding vpn-instance vpna

ip address 192.168.2.1 255.255.255.0 #

interface Ethernet1/0 port link-mode route

ip binding vpn-instance vpnb

ip address 172.32.2.1 255.255.255.0 #

interface LoopBack0

ip address 4.4.4.4 255.255.255.255 # bgp 2

undo synchronization peer 2.2.2.2 as-number 2

peer 2.2.2.2 connect-interface LoopBack0 #

ipv4-family vpnv4 peer 2.2.2.2 enable #

ipv4-family vpn-instance vpna import-route direct #

ipv4-family vpn-instance vpnb import-route direct # ospf 1 area 0.0.0.0

network 4.4.4.4 0.0.0.0 network 2.4.0.0 0.0.0.255 #

四、配置关键点:

1. asbr间的直连链路必须要使能MPLS转发能力;

2. asbr间要建立MP-EBGP连接,配置类似于普通L3VPN的MP-IBGP连

接;

3. asbr可以不用配置vpn实例,需要在bgp的vpnv4视图下取消

vpn-target策略。

MSR系列路由器MPLS L3VPN跨域方案C功能的配置

关键词:MSR;MPLS;L3VPN;跨域;OptionC

一、组网需求:

peA和asbrA在AS1,peB和asbrB在AS2;peA和peB都下挂着vpna和vpnb的站点,peA下挂vpna和vpnb站点1,peB下挂vpna和vpnb站点2。

设备清单:MSR系列路由器4台

二、组网图:

三、配置步骤:

适用设备和版本:MSR系列、Version 5.20, Beta 1105后所有版本。

peA配置:

#

router id 3.3.3.3 #

ip vpn-instance vpna route-distinguisher 3:1

vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity #

ip vpn-instance vpnb route-distinguisher 3:2

vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity #

mpls lsr-id 3.3.3.3 # mpls #

mpls ldp #

interface Ethernet0/0 port link-mode route

ip address 1.3.0.3 255.255.255.0 mpls mpls ldp #

interface Ethernet0/1 port link-mode route

ip binding vpn-instance vpna

ip address 192.168.1.1 255.255.255.0 #

interface Ethernet1/0 port link-mode route

ip binding vpn-instance vpnb

ip address 172.32.1.1 255.255.255.0 #

interface LoopBack0

ip address 3.3.3.3 255.255.255.255 # bgp 1

undo synchronization

peer 4.4.4.4 as-number 2 //与peB建立EBGP连接

peer 1.1.1.1 as-number 1

peer 4.4.4.4 ebgp-max-hop 64 //支持多跳EBGP连接

peer 4.4.4.4 connect-interface LoopBack0 //使用环回口连接 peer 1.1.1.1 label-route-capability //使能标签路由能力 peer 1.1.1.1 connect-interface LoopBack0 #

ipv4-family vpnv4

peer 4.4.4.4 enable //与peB交换vpn路由 #

ipv4-family vpn-instance vpna import-route direct #

ipv4-family vpn-instance vpnb import-route direct # ospf 1 area 0.0.0.0

network 3.3.3.3 0.0.0.0 network 1.3.0.0 0.0.0.255 #

asbrA配置:

router id 1.1.1.1 #

mpls lsr-id 1.1.1.1 # mpls #

mpls ldp #

acl number 2000 //定义ACL用于路由策略 rule 0 permit source 3.3.3.3 0 rule 5 deny #

interface Ethernet0/0 port link-mode route

ip address 1.2.0.1 255.255.255.0 mpls //使能MPLS流量转发能力 #

interface Ethernet0/1 port link-mode route

ip address 1.3.0.1 255.255.255.0 mpls mpls ldp #

interface LoopBack0

ip address 1.1.1.1 255.255.255.255 # bgp 1

network 3.3.3.3 255.255.255.255 //引入peA路由

undo synchronization peer 1.2.0.2 as-number 2 peer 3.3.3.3 as-number 1

peer 1.2.0.2 route-policy asbrB export //应用路由策略 peer 1.2.0.2 label-route-capability //使能标签路由能力 peer 3.3.3.3 route-policy peA export //应用路由策略 peer 3.3.3.3 label-route-capability //使能标签路由能力 peer 3.3.3.3 connect-interface LoopBack0 # ospf 1

area 0.0.0.0

network 1.1.1.1 0.0.0.0 network 1.3.0.0 0.0.0.255 #

route-policy asbrB permit node 0 //对asbrB的路由策略 if-match acl 2000 //匹配条件 apply mpls-label //分标签操作

route-policy peA permit node 0 //对peA的路由策略 if-match mpls-label //匹配条件 apply mpls-label //分标签 #

asbrB配置:

#

router id 2.2.2.2 #

mpls lsr-id 2.2.2.2 # mpls #

mpls ldp #

acl number 2000 //定义ACL用于路由策略 rule 0 permit source 4.4.4.4 0 rule 5 deny #

interface Ethernet0/0 port link-mode route

ip address 1.2.0.2 255.255.255.0 mpls //使能MPLS流量转发能力 #

interface Ethernet0/1 port link-mode route

ip address 2.4.0.2 255.255.255.0 mpls mpls ldp #

interface LoopBack0

ip address 2.2.2.2 255.255.255.255 # bgp 2

network 4.4.4.4 255.255.255.255 //引入peB路由

undo synchronization peer 1.2.0.1 as-number 1 peer 4.4.4.4 as-number 2

peer 1.2.0.1 route-policy asbrA export //应用路由策略 peer 1.2.0.1 label-route-capability //使能标签路由能力 peer 4.4.4.4 route-policy peB export //应用路由策略 peer 4.4.4.4 label-route-capability //使能标签路由能力 peer 4.4.4.4 connect-interface LoopBack0 # ospf 1 area 0.0.0.0

network 2.2.2.2 0.0.0.0 network 2.4.0.0 0.0.0.255 #

route-policy asbrA permit node 0 //对asbrA的路由策略 if-match acl 2000 //匹配条件 apply mpls-label //分标签操作

route-policy peB permit node 0 //对peB的路由策略 if-match mpls-label //匹配条件

apply mpls-label //分标签 #

peB配置:

router id 4.4.4.4 #

ip vpn-instance vpna route-distinguisher 4:1

vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity #

ip vpn-instance vpnb route-distinguisher 4:2

vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity #

mpls lsr-id 4.4.4.4 # mpls #

mpls ldp #

interface Ethernet0/0 port link-mode route

ip address 2.4.0.4 255.255.255.0 mpls mpls ldp #

interface Ethernet0/1 port link-mode route

ip binding vpn-instance vpna

ip address 192.168.2.1 255.255.255.0 #

interface Ethernet1/0 port link-mode route

ip binding vpn-instance vpnb

ip address 172.32.2.1 255.255.255.0 #

interface LoopBack0

ip address 4.4.4.4 255.255.255.255 # bgp 2

undo synchronization

peer 3.3.3.3 as-number 1 //与peA建立EBGP连接

peer 2.2.2.2 as-number 2

peer 3.3.3.3 ebgp-max-hop 64 //支持多跳EBGP连接

peer 3.3.3.3 connect-interface LoopBack0 //使用环回口连接 peer 2.2.2.2 label-route-capability //使能标签路由能力 peer 2.2.2.2 connect-interface LoopBack0 #

ipv4-family vpnv4

peer 3.3.3.3 enable //与peA交换vpn路由 #

ipv4-family vpn-instance vpna import-route direct #

ipv4-family vpn-instance vpnb import-route direct # ospf 1 area 0.0.0.0

network 4.4.4.4 0.0.0.0 network 2.4.0.0 0.0.0.255 #

四、配置关键点:

1. asbr上要配置匹配pe环回接口地址的ACL、对asbr和pe的路由策略; 2. asbr间不传递vpn路由,但是在bgp中要引入pe环回接口路由; 3. asbr上要仔细配置路由策略;

4. asbr间和asbr-pe间都要使能bgp路由标签能力; 5. pe间建立多跳EBGP连接必须要注意多跳选项; 6. pe间的多跳EBGP连接必须使用环回接口建立连接。

Word文档下载:H3C MSR系列路由器MPLS L3VPN跨域方案【A B.doc
搜索更多:H3C MSR系列路由器MPLS L3VPN跨域方案【A B


最新浏览


热门浏览
All rights reserved Powered by 南京廖华答案网 
资料来自互联网, 有任何疑问,请联系客服:779662525☒qq.com 苏ICP备20003344号-2