- 产品与解决方案
- 行业解决方案
- 服务
- 支持
- 合作伙伴
- 新华三人才研学中心
- 关于我们
02-H3C S12500 VPLS典型配置举例
本章节下载: 02-H3C S12500 VPLS典型配置举例 (630.58 KB)
H3C S12500 VPLS配置举例
|
Copyright © 2013 杭州华三通信技术有限公司 版权所有,保留一切权利。 非经本公司书面许可,任何单位和个人不得擅自摘抄、复制本文档内容的部分或全部, 并不得以任何形式传播。本文档中的信息可能变动,恕不另行通知。 |
|
目 录
本文档介绍了VPLS典型组网的配置举例。
VPLS(Virtual Private LAN Service,虚拟专用局域网服务)是在MPLS或IP骨干网上提供的一种点到多点的L2VPN业务。服务提供商通过在骨干网上为一个用户网络模拟一台连接多个异地站点的虚拟交换机来为用户网络提供VPLS服务。骨干网对于用户网络的站点来说是透明的,用户网络的各个站点就像工作在一个局域网中一样。
VPLS的典型组网分为两种模型:
(1) 全连接模型,此模型下有两种方式的组网:
· LDP方式:采用LDP协议作为信令协议,适用于用户站点较少且数量固定的环境。
· BGP方式:采用BGP扩展协议作为信令协议,适用于用户站点数量较多或有扩充需求的环境
(2) H-VPLS模型,此模型下有两种方式的组网:
· LSP接入方式:用户报文直接进入LSP隧道进行传输,适用于连接用户站点的设备支持MPLS功能的情况。
· QinQ接入方式: 用户报文被封装外层VLAN标签后,再进入LSP隧道进行传输,适用于连接用户站点的设备不支持MPLS功能的情况。
本文档中的配置均是在实验室环境下进行的配置和验证,配置前设备的所有参数均采用出厂时的缺省配置。如果您已经对设备进行了配置,为了保证配置效果,请确认现有配置和以下举例中的配置不冲突。
本文假设您已了解VPLS特性。
如图1所示,站点1、站点2和站点3分别为某公司在三个不同地区的分支机构,三个站点通过各自的出口设备CE1、CE2和CE3连入运营商MPLS网络,后续不会再增加新的站点。由于该公司希望各站点的Vlan1000互相通信时达到在同一局域网中访问的效果,因此运营商需要在MPLS网络中部署LDP方式的VPLS实例以满足该公司的需求。
图1 LDP方式VPLS实例组网图
|
设备 |
接口 |
IP地址 |
设备 |
接口 |
IP地址 |
|
PE1 |
Loopback0 |
192.0.0.1/32 |
P |
Loopback0 |
192.0.0.4/32 |
|
|
GE6/0/2(vlan 12) |
192.12.0.1/24 |
|
GE6/0/1(vlan 14) |
192.14.0.4/24 |
|
|
GE6/0/4(vlan 14) |
192.14.0.1/24 |
|
GE6/0/3(vlan 34) |
192.34.0.4/24 |
|
|
GE6/0/5(vlan 1000) |
|
|
|
|
|
PE2 |
Loopback0 |
192.0.0.2/32 |
PE3 |
Loopback0 |
192.0.0.3/32 |
|
|
GE4/0/1(vlan 12) |
192.12.0.2/24 |
|
GE4/0/2(vlan 23) |
192.23.0.3/24 |
|
|
GE4/0/3(vlan 23) |
192.23.0.2/24 |
|
GE4/0/4(vlan 34) |
192.34.0.3/24 |
|
|
GE4/0/5(vlan 1000) |
|
|
GE4/0/5(vlan 1000) |
|
· 为实现MPLS网络中各PE设备之间建立公网LSP,需要在MPLS网络中所有PE和P设备上使能MPLS基本能力和LDP。
· 为实现PE设备之间能传递私网标签,需要在各PE设备上创建VPLS实例,并相互配置为远程LDP对等体。
· 为实现对通过VPLS传输的私网数据进行辨识,需要在PE连接CE的端口上配置服务实例并配置相应的匹配规则(本例中MPLS网络只允许VLAN ID为1000的报文通过VPLS连接转发,因此为私网数据指定s-vid为1000),对符合匹配规则的报文才能够通过VPLS网络传输。
本举例在S12500-CMW520-R1825P01版本上进行配置和验证。
(1) 配置各接口以及接口地址。
# 配置PE1和PE2之间的接口。
<Sysname> system-view
[Sysname] sysname PE1
[PE1] vlan 12
[PE1-vlan12] port GigabitEthernet 6/0/2
[PE1-vlan12] quit
[PE1] interface vlan-interface 12
[PE1-Vlan-interface12] ip address 192.12.0.1 24
[PE1-Vlan-interface12] undo shutdown
[PE1-Vlan-interface12] quit
[PE1] interface GigabitEthernet 6/0/2
[PE1-GigabitEthernet6/0/2] undo shutdown
[PE1-GigabitEthernet6/0/2] quit
# 配置PE1和P之间的接口。
[PE1] vlan 14
[PE1-vlan14] port GigabitEthernet 6/0/4
[PE1-vlan14] quit
[PE1] interface vlan-interface 14
[PE1-Vlan-interface14] ip address 192.14.0.1 24
[PE1-Vlan-interface14] undo shutdown
[PE1-Vlan-interface14] quit
[PE1] interface GigabitEthernet 6/0/4
[PE1-GigabitEthernet6/0/4] undo shutdown
[PE1-GigabitEthernet6/0/4] quit
# 配置PE1上的环回口地址。
[PE1] interface LoopBack 0
[PE1-LoopBack0] ip address 192.0.0.1 32
[PE1-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID
[PE1] router id 192.0.0.1
# 配置OSPF路由协议,发布路由。
[PE1] ospf 1
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 192.12.0.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 192.14.0.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 192.0.0.1 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[PE1] mpls lsr-id 192.0.0.1
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[PE1] interface vlan-interface 12
[PE1-Vlan-interface12] mpls
[PE1-Vlan-interface12] mpls ldp
[PE1-Vlan-interface12] quit
[PE1] interface vlan-interface 14
[PE1-Vlan-interface14] mpls
[PE1-Vlan-interface14] mpls ldp
[PE1-Vlan-interface14] quit
(4) 配置远端LDP会话。
[PE1] mpls ldp remote-peer 2
[PE1-mpls-remote2] remote-ip 192.0.0.2
[PE1-mpls-remote2] quit
[PE1] mpls ldp remote-peer 3
[PE1-mpls-remote3] remote-ip 192.0.0.3
[PE1-mpls-remote3] quit
(5) 配置VPLS相关内容。
# 配置VPLS LDP方式实例vpn1000。
[PE1] vsi vpn1000 static
[PE1-vsi-vpn1000] pwsignal ldp
[PE1-vsi-vpn1000-ldp] vsi-id 1000
# 配置到PE2、PE3的PW。
[PE1-vsi-vpn1000-ldp] peer 192.0.0.2
[PE1-vsi-vpn1000-ldp] peer 192.0.0.3
[PE1-vsi-vpn1000-ldp] quit
[PE1-vsi-vpn1000] quit
# 配置VPLS实例绑定私网AC。
[PE1] vlan 1000
[PE1-vlan1000] quit
[PE1] interface GigabitEthernet 6/0/5
[PE1-GigabitEthernet6/0/5] port link-type trunk
[PE1-GigabitEthernet6/0/5] port trunk permit vlan 1000
Please wait... Done.
[PE1-GigabitEthernet6/0/5] service-instance 1000
[PE1-GigabitEthernet6/0/5] undo shutdown
[PE1-GigabitEthernet6/0/5-srv1000] encapsulation s-vid 1000
[PE1-GigabitEthernet6/0/5-srv1000] xconnect vsi vpn1000
[PE1-GigabitEthernet6/0/5-srv1000] quit
[PE1-GigabitEthernet6/0/5] quit
(1) 配置各接口以及接口地址。
# 配置PE2和PE1之间的接口。
<Sysname> system-view
[Sysname] sysname PE2
[PE2] vlan 12
[PE2-vlan12] port GigabitEthernet 4/0/1
[PE2-vlan12] quit
[PE2] interface vlan-interface 12
[PE2-Vlan-interface12] ip address 192.12.0.2 24
[PE2-Vlan-interface12] undo shutdown
[PE2-Vlan-interface12] quit
[PE2] interface GigabitEthernet 4/0/1
[PE2-GigabitEthernet4/0/1] undo shutdown
[PE2-GigabitEthernet4/0/1] quit
# 配置PE2和PE3之间的接口。
[PE2] vlan 23
[PE2-vlan23] port GigabitEthernet 4/0/3
[PE2-vlan23] quit
[PE2] interface vlan-interface 23
[PE2-Vlan-interface23] ip address 192.23.0.2 24
[PE2-Vlan-interface23] undo shutdown
[PE2-Vlan-interface23] quit
[PE2] interface GigabitEthernet 4/0/3
[PE2-GigabitEthernet4/0/3] undo shutdown
[PE2-GigabitEthernet4/0/3] quit
# 配置PE2上的环回口地址。
[PE2] interface LoopBack 0
[PE2-LoopBack0] ip address 192.0.0.2 32
[PE2-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID。
[PE2] router id 192.0.0.2
# 配置OSPF路由协议,发布路由。
[PE2] ospf 1
[PE2-ospf-1] area 0
[PE2-ospf-1-area-0.0.0.0] network 192.12.0.0 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] network 192.23.0.0 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] network 192.0.0.2 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[PE2] mpls lsr-id 192.0.0.2
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp
[PE2-mpls-ldp] quit
[PE2] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[PE2] interface vlan-interface 12
[PE2-Vlan-interface12] mpls
[PE2-Vlan-interface12] mpls ldp
[PE2-Vlan-interface12] quit
[PE2] interface vlan-interface 23
[PE2-Vlan-interface23] mpls
[PE2-Vlan-interface23] mpls ldp
[PE2-Vlan-interface23] quit
(4) 配置远端LDP会话。
[PE2] mpls ldp remote-peer 1
[PE2-mpls-remote1] remote-ip 192.0.0.1
[PE2-mpls-remote1] quit
[PE2] mpls ldp remote-peer 3
[PE2-mpls-remote3] remote-ip 192.0.0.3
[PE2-mpls-remote3] quit
(5) 配置VPLS相关内容。
# 配置VPLS实例vpn1000。
[PE2] vsi vpn1000 static
[PE2-vsi-vpn1000] pwsignal ldp
[PE2-vsi-vpn1000-ldp] vsi-id 1000
# 配置到PE1、PE3的PW。
[PE2-vsi-vpn1000-ldp] peer 192.0.0.1
[PE2-vsi-vpn1000-ldp] peer 192.0.0.3
[PE2-vsi-vpn1000-ldp] quit
[PE2-vsi-vpn1000] quit
# 配置VPLS实例绑定私网AC。
[PE2] vlan 1000
[PE2-vlan1000] quit
[PE2] interface GigabitEthernet 4/0/5
[PE2-GigabitEthernet4/0/5] port link-type trunk
[PE2-GigabitEthernet4/0/5] port trunk permit vlan 1000
Please wait... Done.
[PE2-GigabitEthernet4/0/5] service-instance 1000
[PE2-GigabitEthernet4/0/5] undo shutdown
[PE2-GigabitEthernet4/0/5-srv1000] encapsulation s-vid 1000
[PE2-GigabitEthernet4/0/5-srv1000] xconnect vsi vpn1000
[PE2-GigabitEthernet4/0/5-srv1000] quit
[PE2-GigabitEthernet4/0/5] quit
(1) 配置各接口以及接口地址。
# 配置PE3和PE2之间的接口。
<Sysname> system-view
[Sysname] sysname PE3
[PE3] vlan 23
[PE3-vlan23] port GigabitEthernet 4/0/2
[PE3-vlan23] quit
[PE3] interface vlan-interface 23
[PE3-Vlan-interface23] ip address 192.23.0.3 24
[PE3-Vlan-interface23] undo shutdown
[PE3-Vlan-interface23] quit
[PE3] interface GigabitEthernet 4/0/2
[PE3-GigabitEthernet4/0/2] undo shutdown
[PE3-GigabitEthernet4/0/2] quit
# 配置PE3和P之间的接口。
[PE3] vlan 34
[PE3-vlan34] port GigabitEthernet 4/0/4
[PE3-vlan34] quit
[PE3] interface vlan-interface 34
[PE3-Vlan-interface34] ip address 192.34.0.3 24
[PE3-Vlan-interface34] undo shutdown
[PE3-Vlan-interface34] quit
[PE3] interface GigabitEthernet 4/0/4
[PE3-GigabitEthernet4/0/4] undo shutdown
[PE3-GigabitEthernet4/0/4] quit
# 配置PE3上的环回口地址。
[PE3] interface LoopBack 0
[PE3-LoopBack0] ip address 192.0.0.3 32
[PE3-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID。
[PE3] router id 192.0.0.3
# 配置OSPF路由协议,发布路由。
[PE3] ospf 1
[PE3-ospf-1] area 0
[PE3-ospf-1-area-0.0.0.0] network 192.23.0.0 0.0.0.255
[PE3-ospf-1-area-0.0.0.0] network 192.34.0.0 0.0.0.255
[PE3-ospf-1-area-0.0.0.0] network 192.0.0.3 0.0.0.0
[PE3-ospf-1-area-0.0.0.0] quit
[PE3-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[PE3] mpls lsr-id 192.0.0.3
[PE3] mpls
[PE3-mpls] quit
[PE3] mpls ldp
[PE3-mpls-ldp] quit
[PE3] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[PE3] interface vlan-interface 23
[PE3-Vlan-interface23] mpls
[PE3-Vlan-interface23] mpls ldp
[PE3-Vlan-interface23] quit
[PE3] interface vlan-interface 34
[PE3-Vlan-interface34] mpls
[PE3-Vlan-interface34] mpls ldp
[PE3-Vlan-interface34] quit
(4) 配置远端LDP会话。
[PE3] mpls ldp remote-peer 1
[PE3-mpls-remote1] remote-ip 192.0.0.1
[PE3-mpls-remote1] quit
[PE3] mpls ldp remote-peer 2
[PE3-mpls-remote2] remote-ip 192.0.0.2
[PE3-mpls-remote2] quit
(5) 配置VPLS相关内容。
# 配置VPLS实例vpn1000。
[PE3] vsi vpn1000 static
[PE3-vsi-vpn1000] pwsignal ldp
[PE3-vsi-vpn1000-ldp] vsi-id 1000
# 配置到PE1、PE2的PW。
[PE3-vsi-vpn1000-ldp] peer 192.0.0.1
[PE3-vsi-vpn1000-ldp] peer 192.0.0.2
[PE3-vsi-vpn1000-ldp] quit
[PE3-vsi-vpn1000] quit
# 配置VPLS实例绑定私网AC。
[PE3] vlan 1000
[PE3-vlan1000] quit
[PE3] interface GigabitEthernet 4/0/5
[PE3-GigabitEthernet4/0/5] port link-type trunk
[PE3-GigabitEthernet4/0/5] port trunk permit vlan 1000
Please wait... Done.
[PE3-GigabitEthernet4/0/5] service-instance 1000
[PE3-GigabitEthernet4/0/5] undo shutdown
[PE3-GigabitEthernet4/0/5-srv1000] encapsulation s-vid 1000
[PE3-GigabitEthernet4/0/5-srv1000] xconnect vsi vpn1000
[PE3-GigabitEthernet4/0/5-srv1000] quit
[PE3-GigabitEthernet4/0/5] quit
(1) 配置各接口以及接口地址。
# 配置P和PE1之间的接口。
<Sysname> system-view
[Sysname] sysname P
[P] vlan 14
[P-vlan14] port GigabitEthernet 6/0/1
[P-vlan14] quit
[P] interface vlan-interface 14
[P-Vlan-interface14] ip address 192.14.0.4 24
[P-Vlan-interface14] undo shutdown
[P-Vlan-interface14] quit
[P] interface GigabitEthernet 6/0/1
[P-GigabitEthernet6/0/1] undo shutdown
[P-GigabitEthernet6/0/1] quit
# 配置P和PE3之间的接口。
[P] vlan 34
[P-vlan34] port GigabitEthernet 6/0/3
[P-vlan34] quit
[P] interface vlan-interface 34
[P-Vlan-interface34] ip address 192.34.0.4 24
[P-Vlan-interface34] undo shutdown
[P-Vlan-interface34] quit
[P] interface GigabitEthernet 6/0/3
[P-GigabitEthernet6/0/3] undo shutdown
[P-GigabitEthernet6/0/3] quit
# 配置P上的环回口地址。
[P] interface LoopBack 0
[P-LoopBack0] ip address 192.0.0.4 32
[P-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID
[P] router id 192.0.0.4
# 配置OSPF路由协议,发布路由。
[P] ospf 1
[P-ospf-1] area 0
[P-ospf-1-area-0.0.0.0] network 192.14.0.0 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 192.34.0.0 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 192.0.0.4 0.0.0.0
[P-ospf-1-area-0.0.0.0] quit
[P-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP。
[P] mpls lsr-id 192.0.0.4
[P] mpls
[P-mpls] quit
[P] mpls ldp
[P-mpls-ldp] quit
# 使能各接口上的MPLS和MPLS LDP能力。
[P] interface vlan-interface 14
[P-Vlan-interface14] mpls
[P-Vlan-interface14] mpls ldp
[P-Vlan-interface14] quit
[P] interface vlan-interface 34
[P-Vlan-interface34] mpls
[P-Vlan-interface34] mpls ldp
[P-Vlan-interface34] quit
按照如上配置,PE1、PE2、PE3、P两两之间建立LDP会话,PW连接也建立起来。
如PE1上可通过以下方式验证上述配置:
(1) LDP会话成功建立
[PE1] display mpls ldp session
LDP Session(s) in Public Network
Total number of sessions: 3
-------------------------------------------------------------------------
Peer-ID Status LAM SsnRole FT MD5 KA-Sent/Rcv
-------------------------------------------------------------------------
192.0.0.2:0 Operational DU Passive Off Off 15/15
192.0.0.3:0 Operational DU Passive Off Off 15/15
192.0.0.4:0 Operational DU Passive Off Off 15/15
-------------------------------------------------------------------------
LAM : Label Advertisement Mode FT : Fault Tolerance
(2) PW连接建立
[PE1] display vpls connection vsi vpn1000
Total 2 connection(s),
connection(s): 2 up, 0 block, 0 down
VSI Name: vpn1000 Signaling: ldp
VsiID VsiType PeerAddr InLabel OutLabel LinkID VCState
1000 vlan 192.0.0.2 131090 131254 1 up
1000 vlan 192.0.0.3 131091 131330 2 up
在前面配置完成后,可以通过命令display current-configuration来查看当前的相关配置。
· PE1:
[PE1] display current-configuration
#
sysname PE2
#
router id 192.0.0.1
#
mpls lsr-id 192.0.0.1
#
vlan 12
#
vlan 14
#
vlan 1000
#
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 2
remote-ip 192.0.0.2
#
mpls ldp remote-peer 3
remote-ip 192.0.0.3
#
vsi vpn1000 static
pwsignal ldp
vsi-id 1000
peer 192.0.0.2
peer 192.0.0.3
#
interface LoopBack0
ip address 192.0.0.1 255.255.255.255
#
interface Vlan-interface12
ip address 192.12.0.1 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface14
ip address 192.14.0.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet6/0/2
port link-mode bridge
port access vlan 12
#
interface GigabitEthernet6/0/4
port link-mode bridge
port access vlan 14
#
interface GigabitEthernet6/0/5
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
service-instance 1000
encapsulation s-vid 1000
xconnect vsi vpn1000
#
ospf 1
area 0.0.0.0
network 192.12.0.0 0.0.0.255
network 192.14.0.0 0.0.0.255
network 192.0.0.1 0.0.0.0
#
· PE2:
[PE2] display current-configuration
#
sysname PE2
#
router id 192.0.0.2
#
mpls lsr-id 192.0.0.2
#
vlan 12
#
vlan 23
#
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 1
remote-ip 192.0.0.1
#
mpls ldp remote-peer 3
remote-ip 192.0.0.3
#
vsi vpn1000 static
pwsignal ldp
vsi-id 1000
peer 192.0.0.1
peer 192.0.0.3
#
interface LoopBack0
ip address 192.0.0.2 255.255.255.255
#
interface Vlan-interface12
ip address 192.12.0.2 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface23
ip address 192.23.0.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet4/0/1
port link-mode bridge
port access vlan 12
#
interface GigabitEthernet4/0/3
port link-mode bridge
port access vlan 23
#
interface GigabitEthernet4/0/5
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
service-instance 1000
encapsulation s-vid 1000
xconnect vsi vpn1000
#
ospf 1
area 0.0.0.0
network 192.12.0.0 0.0.0.255
network 192.23.0.0 0.0.0.255
network 192.0.0.2 0.0.0.0
#
· PE3:
[PE3] display current-configuration
#
sysname PE3
#
router id 192.0.0.3
#
mpls lsr-id 192.0.0.3
#
vlan 23
#
vlan 34
#
vlan 1000
#
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 1
remote-ip 192.0.0.1
#
mpls ldp remote-peer 2
remote-ip 192.0.0.2
#
vsi vpn1000 static
pwsignal ldp
vsi-id 1000
peer 192.0.0.1
peer 192.0.0.2
#
interface LoopBack0
ip address 192.0.0.3 255.255.255.255
#
interface Vlan-interface23
ip address 192.23.0.3 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface34
ip address 192.34.0.3 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet4/0/2
port link-mode bridge
port access vlan 23
#
interface GigabitEthernet4/0/4
port link-mode bridge
port access vlan 34
#
interface GigabitEthernet4/0/5
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
service-instance 1000
encapsulation s-vid 1000
xconnect vsi vpn1000
#
ospf 1
area 0.0.0.0
network 192.23.0.0 0.0.0.255
network 192.34.0.0 0.0.0.255
network 192.0.0.3 0.0.0.0
#
· P:
[P] display current-configuration
#
sysname P
#
router id 192.0.0.4
#
mpls lsr-id 192.0.0.4
#
vlan 14
#
vlan 34
#
mpls
#
mpls ldp
#
interface LoopBack0
ip address 192.0.0.4 255.255.255.255
#
interface Vlan-interface14
ip address 192.14.0.4 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface34
ip address 192.34.0.4 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet6/0/1
port link-mode bridge
port access vlan 14
#
interface GigabitEthernet6/0/3
port link-mode bridge
port access vlan 34
#
ospf 1
area 0.0.0.0
network 192.14.0.0 0.0.0.255
network 192.34.0.0 0.0.0.255
network 192.0.0.4 0.0.0.0
#
如图2所示,站点1、站点2和站点3分别为某公司在三个不同地区的分支机构,三个站点通过各自的出口设备CE1、CE2和CE3连入运营商MPLS网络,后续可能会在其他地区增加新的站点。由于公司希望各站点的Vlan1000互相通信时达到在同一局域网中访问的效果,因此运营商需要在MPLS网络中部署BGP方式的VPLS实例以满足该公司的需求。
图2 BGP方式VPLS实例组网图
|
设备 |
接口 |
IP地址 |
设备 |
接口 |
IP地址 |
|
PE1 |
Loopback0 |
192.0.0.1/32 |
P |
Loopback0 |
192.0.0.4/32 |
|
|
GE6/0/2(vlan 12) |
192.12.0.1/24 |
|
GE6/0/1(vlan 14) |
192.14.0.4/24 |
|
|
GE6/0/4(vlan 14) |
192.14.0.1/24 |
|
GE6/0/3(vlan 34) |
192.34.0.4/24 |
|
|
GE6/0/5(vlan 1000) |
|
|
|
|
|
PE2 |
Loopback0 |
192.0.0.2/32 |
PE3 |
Loopback0 |
192.0.0.3/32 |
|
|
GE4/0/1(vlan 12) |
192.12.0.2/24 |
|
GE4/0/2(vlan 23) |
192.23.0.3/24 |
|
|
GE4/0/3(vlan 23) |
192.23.0.2/24 |
|
GE4/0/4(vlan 34) |
192.34.0.3/24 |
|
|
GE4/0/5(vlan 1000) |
|
|
GE4/0/5(vlan 1000) |
|
· 为实现MPLS网络中各PE设备之间建立公网LSP,需要在MPLS网络中所有PE和P设备上使能MPLS基本能力和LDP。
· 为实现PE设备之间能传递私网标签,需要在各PE设备上创建VPLS实例和BGP扩展,并相互配置为VPLS地址族的BGP对等体。
· 为实现对通过VPLS传输的私网数据进行辨识,需要在PE连接CE的端口上配置服务实例并配置相应的匹配规则(本例中MPLS网络只允许VLAN ID为1000的报文通过VPLS连接转发,因此为私网数据指定s-vid为1000),对符合匹配规则的报文才能够通过VPLS网络传输。
本举例在S12500-CMW520-R1825P01版本上进行配置和验证。
(1) 配置各接口以及接口地址。
# 配置PE1和PE2之间的接口。
<Sysname> system-view
[Sysname] sysname PE1
[PE1] vlan 12
[PE1-vlan12] port GigabitEthernet 6/0/2
[PE1-vlan12] quit
[PE1] interface vlan-interface 12
[PE1-Vlan-interface12] ip address 192.12.0.1 24
[PE1-Vlan-interface12] undo shutdown
[PE1-Vlan-interface12] quit
[PE1] interface GigabitEthernet 6/0/2
[PE1-GigabitEthernet6/0/2] undo shutdown
[PE1-GigabitEthernet6/0/2] quit
# 配置PE1和P之间的接口。
[PE1] vlan 14
[PE1-vlan14] port GigabitEthernet 6/0/4
[PE1-vlan14] quit
[PE1] interface vlan-interface 14
[PE1-Vlan-interface14] ip address 192.14.0.1 24
[PE1-Vlan-interface14] undo shutdown
[PE1-Vlan-interface14] quit
[PE1] interface GigabitEthernet 6/0/4
[PE1-GigabitEthernet6/0/4] undo shutdown
[PE1-GigabitEthernet6/0/4] quit
# 配置PE1上的环回口地址。
[PE1] interface LoopBack 0
[PE1-LoopBack0] ip address 192.0.0.1 32
[PE1-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID
[PE1] router id 192.0.0.1
# 配置OSPF路由协议,发布路由。
[PE1] ospf 1
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 192.12.0.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 192.14.0.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 192.0.0.1 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[PE1] mpls lsr-id 192.0.0.1
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[PE1] interface vlan-interface 12
[PE1-Vlan-interface12] mpls
[PE1-Vlan-interface12] mpls ldp
[PE1-Vlan-interface12] quit
[PE1] interface vlan-interface 14
[PE1-Vlan-interface14] mpls
[PE1-Vlan-interface14] mpls ldp
[PE1-Vlan-interface14] quit
(4) 配置BGP及BGP扩展。
[PE1] bgp 100
[PE1-bgp] peer 192.0.0.2 as-number 100
[PE1-bgp] peer 192.0.0.3 as-number 100
[PE1-bgp] peer 192.0.0.2 connect-interface LoopBack0
[PE1-bgp] peer 192.0.0.3 connect-interface LoopBack0
[PE1-bgp] vpls-family
[PE1-bgp-af-vpls] peer 192.0.0.2 enable
[PE1-bgp-af-vpls] peer 192.0.0.3 enable
[PE1-bgp-af-vpls] quit
[PE1-bgp] quit
(5) 配置VPLS相关内容。
# 配置VPLS BGP方式实例vpn1000。
[PE1] vsi vpn1000 auto
[PE1-vsi-vpn1000] pwsignal bgp
[PE1-vsi-vpn1000-bgp] route-distinguisher 1000:1
[PE1-vsi-vpn1000-bgp] vpn-target 1000:1
[PE1-vsi-vpn1000-bgp] site 1 range 10
[PE1-vsi-vpn1000-bgp] quit
[PE1-vsi-vpn1000] quit
# 配置VPLS实例绑定私网AC。
[PE1] vlan 1000
[PE1-vlan1000] quit
[PE1] interface GigabitEthernet 6/0/5
[PE1-GigabitEthernet6/0/5] port link-type trunk
[PE1-GigabitEthernet6/0/5] port trunk permit vlan 1000
Please wait... Done.
[PE1-GigabitEthernet6/0/5] service-instance 1000
[PE1-GigabitEthernet6/0/5] undo shutdown
[PE1-GigabitEthernet6/0/5-srv1000] encapsulation s-vid 1000
[PE1-GigabitEthernet6/0/5-srv1000] xconnect vsi vpn1000
[PE1-GigabitEthernet6/0/5-srv1000] quit
[PE1-GigabitEthernet6/0/5] quit
(1) 配置各接口以及接口地址。
# 配置PE2和PE1之间的接口。
<Sysname> system-view
[Sysname] sysname PE2
[PE2] vlan 12
[PE2-vlan12] port GigabitEthernet 4/0/1
[PE2-vlan12] quit
[PE2] interface vlan-interface 12
[PE2-Vlan-interface12] ip address 192.12.0.2 24
[PE2-Vlan-interface12] undo shutdown
[PE2-Vlan-interface12] quit
[PE2] interface GigabitEthernet 4/0/1
[PE2-GigabitEthernet4/0/1] undo shutdown
[PE2-GigabitEthernet4/0/1] quit
# 配置PE2和PE3之间的接口。
[PE2] vlan 23
[PE2-vlan23] port GigabitEthernet 4/0/3
[PE2-vlan23] quit
[PE2] interface vlan-interface 23
[PE2-Vlan-interface23] ip address 192.23.0.2 24
[PE2-Vlan-interface23] undo shutdown
[PE2-Vlan-interface23] quit
[PE2] interface GigabitEthernet 4/0/3
[PE2-GigabitEthernet4/0/3] undo shutdown
[PE2-GigabitEthernet4/0/3] quit
# 配置PE2上的环回口地址。
[PE2] interface LoopBack 0
[PE2-LoopBack0] ip address 192.0.0.2 32
[PE2-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID。
[PE2] router id 192.0.0.2
# 配置OSPF路由协议,发布路由。
[PE2] ospf 1
[PE2-ospf-1] area 0
[PE2-ospf-1-area-0.0.0.0] network 192.12.0.0 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] network 192.23.0.0 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] network 192.0.0.2 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[PE2] mpls lsr-id 192.0.0.2
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp
[PE2-mpls-ldp] quit
[PE2] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[PE2] interface vlan-interface 12
[PE2-Vlan-interface12] mpls
[PE2-Vlan-interface12] mpls ldp
[PE2-Vlan-interface12] quit
[PE2] interface vlan-interface 23
[PE2-Vlan-interface23] mpls
[PE2-Vlan-interface23] mpls ldp
[PE2-Vlan-interface23] quit
(4) 配置BGP及BGP扩展。
[PE2] bgp 100
[PE2-bgp] peer 192.0.0.1 as-number 100
[PE2-bgp] peer 192.0.0.3 as-number 100
[PE2-bgp] peer 192.0.0.1 connect-interface LoopBack0
[PE2-bgp] peer 192.0.0.3 connect-interface LoopBack0
[PE2-bgp] vpls-family
[PE2-bgp-af-vpls] peer 192.0.0.1 enable
[PE2-bgp-af-vpls] peer 192.0.0.3 enable
[PE2-bgp-af-vpls] quit
[PE2-bgp] quit
(5) 配置VPLS相关内容。
# 配置VPLS实例vpn1000。
[PE2] vsi vpn1000 auto
[PE2-vsi-vpn1000] pwsignal bgp
[PE2-vsi-vpn1000-bgp] route-distinguisher 1000:1
[PE2-vsi-vpn1000-bgp] vpn-target 1000:1
[PE2-vsi-vpn1000-bgp] site 2 range 10
[PE2-vsi-vpn1000-bgp] quit
[PE2-vsi-vpn1000] quit
# 配置VPLS实例绑定私网AC。
[PE2] vlan 1000
[PE2-vlan1000] quit
[PE2] interface GigabitEthernet 4/0/5
[PE2-GigabitEthernet4/0/5] port link-type trunk
[PE2-GigabitEthernet4/0/5] port trunk permit vlan 1000
Please wait... Done.
[PE2-GigabitEthernet4/0/5] service-instance 1000
[PE2-GigabitEthernet4/0/5] undo shutdown
[PE2-GigabitEthernet4/0/5-srv1000] encapsulation s-vid 1000
[PE2-GigabitEthernet4/0/5-srv1000] xconnect vsi vpn1000
[PE2-GigabitEthernet4/0/5-srv1000] quit
[PE2-GigabitEthernet4/0/5] quit
(1) 配置各接口以及接口地址。
# 配置PE3和PE2之间的接口。
<Sysname> system-view
[Sysname] sysname PE3
[PE3] vlan 23
[PE3-vlan23] port GigabitEthernet 4/0/2
[PE3-vlan23] quit
[PE3] interface vlan-interface 23
[PE3-Vlan-interface23] ip address 192.23.0.3 24
[PE3-Vlan-interface23] undo shutdown
[PE3-Vlan-interface23] quit
[PE3] interface GigabitEthernet 4/0/2
[PE3-GigabitEthernet4/0/2] undo shutdown
[PE3-GigabitEthernet4/0/2] quit
# 配置PE3和P之间的接口。
[PE3] vlan 34
[PE3-vlan34] port GigabitEthernet 4/0/4
[PE3-vlan34] quit
[PE3] interface vlan-interface 34
[PE3-Vlan-interface34] ip address 192.34.0.3 24
[PE3-Vlan-interface34] undo shutdown
[PE3-Vlan-interface34] quit
[PE3] interface GigabitEthernet 4/0/4
[PE3-GigabitEthernet4/0/4] undo shutdown
[PE3-GigabitEthernet4/0/4] quit
# 配置PE3上的环回口地址。
[PE3] interface LoopBack 0
[PE3-LoopBack0] ip address 192.0.0.3 32
[PE3-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID。
[PE3] router id 192.0.0.3
# 配置OSPF路由协议,发布路由。
[PE3] ospf 1
[PE3-ospf-1] area 0
[PE3-ospf-1-area-0.0.0.0] network 192.23.0.0 0.0.0.255
[PE3-ospf-1-area-0.0.0.0] network 192.34.0.0 0.0.0.255
[PE3-ospf-1-area-0.0.0.0] network 192.0.0.3 0.0.0.0
[PE3-ospf-1-area-0.0.0.0] quit
[PE3-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[PE3] mpls lsr-id 192.0.0.3
[PE3] mpls
[PE3-mpls] quit
[PE3] mpls ldp
[PE3-mpls-ldp] quit
[PE3] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[PE3] interface vlan-interface 23
[PE3-Vlan-interface23] mpls
[PE3-Vlan-interface23] mpls ldp
[PE3-Vlan-interface23] quit
[PE3] interface vlan-interface 34
[PE3-Vlan-interface34] mpls
[PE3-Vlan-interface34] mpls ldp
[PE3-Vlan-interface34] quit
(4) 配置BGP及BGP扩展。
[PE3] bgp 100
[PE3-bgp] peer 192.0.0.1 as-number 100
[PE3-bgp] peer 192.0.0.2 as-number 100
[PE3-bgp] peer 192.0.0.1 connect-interface LoopBack0
[PE3-bgp] peer 192.0.0.2 connect-interface LoopBack0
[PE3-bgp] vpls-family
[PE3-bgp-af-vpls] peer 192.0.0.1 enable
[PE3-bgp-af-vpls] peer 192.0.0.2 enable
[PE3-bgp-af-vpls] quit
[PE3-bgp] quit
(5) 配置VPLS相关内容。
# 配置VPLS实例vpn1000。
[PE3] vsi vpn1000 auto
[PE3-vsi-vpn1000] pwsignal bgp
[PE3-vsi-vpn1000-bgp] route-distinguisher 1000:1
[PE3-vsi-vpn1000-bgp] vpn-target 1000:1
[PE3-vsi-vpn1000-bgp] site 3 range 10
[PE3-vsi-vpn1000-bgp] quit
[PE3-vsi-vpn1000] quit
# 配置VPLS实例绑定私网AC。
[PE3] vlan 1000
[PE3-vlan1000] quit
[PE3] interface GigabitEthernet 4/0/5
[PE3-GigabitEthernet4/0/5] port link-type trunk
[PE3-GigabitEthernet4/0/5] port trunk permit vlan 1000
Please wait... Done.
[PE3-GigabitEthernet4/0/5] service-instance 1000
[PE3-GigabitEthernet4/0/5] undo shutdown
[PE3-GigabitEthernet4/0/5-srv1000] encapsulation s-vid 1000
[PE3-GigabitEthernet4/0/5-srv1000] xconnect vsi vpn1000
[PE3-GigabitEthernet4/0/5-srv1000] quit
[PE3-GigabitEthernet4/0/5] quit
(1) 配置各接口以及接口地址。
# 配置P和PE1之间的接口。
<Sysname> system-view
[Sysname] sysname P
[P] vlan 14
[P-vlan14] port GigabitEthernet 6/0/1
[P-vlan14] quit
[P] interface vlan-interface 14
[P-Vlan-interface14] ip address 192.14.0.4 24
[P-Vlan-interface14] undo shutdown
[P-Vlan-interface14] quit
[P] interface GigabitEthernet 6/0/1
[P-GigabitEthernet6/0/1] undo shutdown
[P-GigabitEthernet6/0/1] quit
# 配置P和PE3之间的接口。
[P] vlan 34
[P-vlan34] port GigabitEthernet 6/0/3
[P-vlan34] quit
[P] interface vlan-interface 34
[P-Vlan-interface34] ip address 192.34.0.4 24
[P-Vlan-interface34] undo shutdown
[P-Vlan-interface34] quit
[P] interface GigabitEthernet 6/0/3
[P-GigabitEthernet6/0/3] undo shutdown
[P-GigabitEthernet6/0/3] quit
# 配置P上的环回口地址。
[P] interface LoopBack 0
[P-LoopBack0] ip address 192.0.0.4 32
[P-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID
[PE] router id 192.0.0.4
# 配置OSPF路由协议,发布路由。
[P] ospf 1
[P-ospf-1] area 0
[P-ospf-1-area-0.0.0.0] network 192.14.0.0 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 192.34.0.0 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 192.0.0.4 0.0.0.0
[P-ospf-1-area-0.0.0.0] quit
[P-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP。
[P] mpls lsr-id 192.0.0.4
[P] mpls
[P-mpls] quit
[P] mpls ldp
[P-mpls-ldp] quit
# 使能各接口上的MPLS和MPLS LDP能力。
[P] interface vlan-interface 14
[P-Vlan-interface14] mpls
[P-Vlan-interface14] mpls ldp
[P-Vlan-interface14] quit
[P] interface vlan-interface 34
[P-Vlan-interface34] mpls
[P-Vlan-interface34] mpls ldp
[P-Vlan-interface34] quit
按照如上配置,PE1、PE2、PE3两两之间建立BGP VPLS连接,PW连接也建立起来。
如PE1上可通过以下方式验证上述配置:
(1) BGP VPLS连接成功建立
[PE1] display bgp vpls peer
BGP local router ID : 192.0.0.1
Local AS number : 100
Total number of peers : 2 Peers in established state : 2
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
192.0.0.2 1 5470 1789 0 0 22:55:15 Established
192.0.0.3 1 3394 1577 0 0 22:55:16 Established
(2) PW连接建立
[PE1] display vpls connection vsi vpn1000
Total 2 connection(s),
connection(s): 2 up, 0 block, 0 down
VSI Name: vpn1000 Signaling: bgp
SiteID RD PeerAddr InLabel OutLabel LinkID VCState
2 1000:1 192.0.0.2 132273 131174 2 up
3 1000:1 192.0.0.3 132273 131174 3 up
在前面配置完成后,可以通过命令display current-configuration来查看当前的相关配置。
· PE1:
[PE1] display current-configuration
#
sysname PE1
#
router id 192.0.0.1
#
mpls lsr-id 192.0.0.1
#
vlan 12
#
vlan 14
#
vlan 1000
#
mpls
#
mpls l2vpn
#
mpls ldp
#
vsi vpn1000 auto
pwsignal bgp
route-distinguisher 1000:1
vpn-target 1000:1 import-extcommunity
vpn-target 1000:1 export-extcommunity
site 1 range 10 default-offset 0
#
interface LoopBack0
ip address 192.0.0.1 255.255.255.255
#
interface Vlan-interface12
ip address 192.12.0.1 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface14
ip address 192.14.0.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet6/0/2
port link-mode bridge
port access vlan 12
#
interface GigabitEthernet6/0/4
port link-mode bridge
port access vlan 14
#
interface GigabitEthernet6/0/5
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
service-instance 1000
encapsulation s-vid 1000
xconnect vsi vpn1000
#
bgp 100
undo synchronization
peer 192.0.0.2 as-number 100
peer 192.0.0.3 as-number 100
peer 192.0.0.2 connect-interface LoopBack0
peer 192.0.0.3 connect-interface LoopBack0
#
vpls-family
peer 192.0.0.2 enable
peer 192.0.0.3 enable
#
ospf 1
area 0.0.0.0
network 192.12.0.0 0.0.0.255
network 192.14.0.0 0.0.0.255
network 192.0.0.1 0.0.0.0
#
· PE2:
[PE2] display current-configuration
#
sysname PE2
#
router id 192.0.0.2
#
mpls lsr-id 192.0.0.2
#
vlan 12
#
vlan 23
#
mpls
#
mpls l2vpn
#
mpls ldp
#
vsi vpn1000 auto
pwsignal bgp
route-distinguisher 1000:1
vpn-target 1000:1 import-extcommunity
vpn-target 1000:1 export-extcommunity
site 2 range 10 default-offset 0
#
interface LoopBack0
ip address 192.0.0.2 255.255.255.255
#
interface Vlan-interface12
ip address 192.12.0.2 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface23
ip address 192.23.0.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet4/0/1
port link-mode bridge
port access vlan 12
#
interface GigabitEthernet4/0/3
port link-mode bridge
port access vlan 23
#
interface GigabitEthernet4/0/5
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
service-instance 1000
encapsulation s-vid 1000
xconnect vsi vpn1000
#
bgp 100
undo synchronization
peer 192.0.0.1 as-number 100
peer 192.0.0.3 as-number 100
peer 192.0.0.1 connect-interface LoopBack0
peer 192.0.0.3 connect-interface LoopBack0
#
vpls-family
peer 192.0.0.1 enable
peer 192.0.0.3 enable
#
ospf 1
area 0.0.0.0
network 192.12.0.0 0.0.0.255
network 192.23.0.0 0.0.0.255
network 192.0.0.2 0.0.0.0
#
· PE3:
[PE3] display current-configuration
#
sysname PE3
#
router id 192.0.0.3
#
mpls lsr-id 192.0.0.3
#
vlan 23
#
vlan 34
#
vlan 1000
#
mpls
#
mpls l2vpn
#
mpls ldp
#
vsi vpn1000 auto
pwsignal bgp
route-distinguisher 1000:1
vpn-target 1000:1 import-extcommunity
vpn-target 1000:1 export-extcommunity
site 3 range 10 default-offset 0
#
interface LoopBack0
ip address 192.0.0.3 255.255.255.255
#
interface Vlan-interface23
ip address 192.23.0.3 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface34
ip address 192.34.0.3 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet4/0/2
port link-mode bridge
port access vlan 23
#
interface GigabitEthernet4/0/4
port link-mode bridge
port access vlan 34
#
interface GigabitEthernet4/0/5
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
service-instance 1000
encapsulation s-vid 1000
xconnect vsi vpn1000
#
bgp 100
undo synchronization
peer 192.0.0.1 as-number 100
peer 192.0.0.2 as-number 100
peer 192.0.0.1 connect-interface LoopBack0
peer 192.0.0.2 connect-interface LoopBack0
#
vpls-family
peer 192.0.0.1 enable
peer 192.0.0.2 enable
#
ospf 1
area 0.0.0.0
network 192.23.0.0 0.0.0.255
network 192.34.0.0 0.0.0.255
network 192.0.0.3 0.0.0.0
#
· P:
[P] display current-configuration
#
sysname P
#
router id 192.0.0.4
#
mpls lsr-id 192.0.0.4
#
vlan 14
#
vlan 34
#
mpls
#
mpls ldp
#
interface LoopBack0
ip address 192.0.0.4 255.255.255.255
#
interface Vlan-interface14
ip address 192.14.0.4 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface34
ip address 192.34.0.4 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet6/0/1
port link-mode bridge
port access vlan 14
#
interface GigabitEthernet6/0/3
port link-mode bridge
port access vlan 34
#
ospf 1
area 0.0.0.0
network 192.14.0.0 0.0.0.255
network 192.34.0.0 0.0.0.255
network 192.0.0.4 0.0.0.0
#
如图3所示,站点1、站点2和站点3分别为某公司在两个不同地区的分支机构,其中站点1和站点3属于同一地区,三个站点通过各自的出口设备CE连入运营商MPLS网络。公司希望:
· 各站点的Vlan1000互相通信时达到在同一局域网中访问的效果;
· 为提高链路可靠性,公司要求提供冗余链路以及相应的链路备份机制来保证运营商网络中VPN数据能够不中断传输。
因此运营商需要在MPLS网络中部署以LSP方式接入的H-VPLS以满足该公司的需求。
图3 以LSP方式接入的H-VPLS配置组网图
|
设备 |
接口 |
IP地址 |
设备 |
接口 |
IP地址 |
|
UPE |
Loopback0 |
192.0.0.4/32 |
NPE1 |
Loopback0 |
192.0.0.1/32 |
|
|
GE6/0/18(vlan 14) |
192.14.0.4/24 |
|
GE6/0/18(vlan 14) |
192.14.0.1/24 |
|
|
GE6/0/20(vlan 24) |
192.24.0.4/24 |
|
GE6/0/15(vlan 12) |
192.12.0.1/24 |
|
|
GE6/0/1(vlan 1000) |
|
|
GE6/0/24(vlan 13) |
192.13.0.1/24 |
|
NPE2 |
Loopback0 |
192.0.0.2/32 |
NPE3 |
Loopback0 |
192.0.0.3/32 |
|
|
GE4/0/20(vlan 24) |
192.24.0.2/24 |
|
GE4/0/24(vlan 13) |
192.13.0.3/24 |
|
|
GE4/0/15(vlan 12) |
192.12.0.2/24 |
|
GE4/0/10(vlan 23) |
192.23.0.3/24 |
|
|
GE4/0/10(vlan 23) |
192.23.0.2/24 |
|
GE4/0/1(vlan 1000) |
|
· 为实现MPLS网络中各PE设备之间建立公网LSP,需要在MPLS网络中所有PE和P设备上使能MPLS基本能力和LDP。
· 为实现PE设备之间能传递私网标签,需要完成:
¡ 在NPE设备上创建VPLS实例,配置UPE设备以及该VPN覆盖范围内的所有其它NPE设备为对等体;
¡ 在UPE设备上创建VPLS实例,配置NPE设备为对等体,将VPLS实例与报文的接收端口和报文所属VLAN进行绑定。
· 为实现对通过VPLS传输的私网数据进行辨识,需要在PE连接CE的端口上配置服务实例并配置相应的匹配规则(本例中MPLS网络只允许VLAN ID为1000的报文通过VPLS连接转发,因此为私网数据指定s-vid为1000),对符合匹配规则的报文才能够通过VPLS网络传输。
· 为提高链路可靠性,可在UPE设备上分别与NPE1、NPE2设备建立主备PW连接。在正常情况下,CE只通过主PW连接到MPLS网络,当主PW出现故障时,将启用备用PW继续提供VPN业务。
本举例在S12500-CMW520-R1825P01版本上进行配置和验证。
由于篇幅限制,本例仅列出Site 1以及Site 2之间互连的H-VPLS配置,其余站点的接入方式与之类似,请参考进行配置。
(1) 配置各接口以及接口地址。
# 配置NPE1和NPE2之间的接口。
<Sysname> system-view
[Sysname] sysname NPE1
[NPE1] vlan 12
[NPE1-vlan12] port GigabitEthernet 6/0/15
[NPE1-vlan12] quit
[NPE1] interfaece vlan-interface 12
[NPE1-Vlan-interface12] ip address 192.12.0.1 24
[NPE1-Vlan-interface12] undo shutdown
[NPE1-Vlan-interface12] quit
[NPE1] interface GigabitEthernet 6/0/15
[NPE1-GigabitEthernet6/0/15] undo shutdown
[NPE1-GigabitEthernet6/0/15] quit
# 配置NPE1和NPE3之间的接口。
[NPE1] vlan 13
[NPE1-vlan13] port GigabitEthernet 6/0/24
[NPE1-vlan13] quit
[NPE1] interface vlan-interface 13
[NPE1-Vlan-interface13] ip address 192.13.0.1 24
[NPE1-Vlan-interface13] undo shutdown
[NPE1-Vlan-interface13] quit
[NPE1] interface GigabitEthernet 6/0/24
[NPE1-GigabitEthernet6/0/24] undo shutdown
[NPE1-GigabitEthernet6/0/24] quit
# 配置NPE1和UPE之间的接口。
[NPE1] vlan 14
[NPE1-vlan14] port GigabitEthernet 6/0/18
[NPE1-vlan14] quit
[NPE1] interface vlan-interface 14
[NPE1-Vlan-interface14] ip address 192.14.0.1 24
[NPE1-Vlan-interface14] undo shutdown
[NPE1-Vlan-interface14] quit
[NPE1] interface GigabitEthernet 6/0/18
[NPE1-GigabitEthernet6/0/18] undo shutdown
[NPE1-GigabitEthernet6/0/18] quit
# 配置NPE1上的环回口地址。
[NPE1] interface LoopBack 0
[NPE1-LoopBack0] ip address 192.0.0.1 32
[NPE1-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID。
[NPE1] router id 192.0.0.1
# 配置OSPF路由协议,发布路由。
[NPE1] ospf 1
[NPE1-ospf-1] area 0
[NPE1-ospf-1-area-0.0.0.0] network 192.12.0.0 0.0.0.255
[NPE1-ospf-1-area-0.0.0.0] network 192.13.0.0 0.0.0.255
[NPE1-ospf-1-area-0.0.0.0] network 192.14.0.0 0.0.0.255
[NPE1-ospf-1-area-0.0.0.0] network 192.0.0.1 0.0.0.0
[NPE1-ospf-1-area-0.0.0.0] quit
[NPE1-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[NPE1] mpls lsr-id 192.0.0.1
[NPE1] mpls
[NPE1-mpls] quit
[NPE1] mpls ldp
[NPE1-mpls-ldp] quit
[NPE1] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[NPE1] interface vlan-interface 12
[NPE1-Vlan-interface12] mpls
[NPE1-Vlan-interface12] mpls ldp
[NPE1-Vlan-interface12] quit
[NPE1] interface vlan-interface 13
[NPE1-Vlan-interface13] mpls
[NPE1-Vlan-interface13] mpls ldp
[NPE1-Vlan-interface13] quit
[NPE1] interface vlan-interface 14
[NPE1-Vlan-interface14] mpls
[NPE1-Vlan-interface14] mpls ldp
[NPE1-Vlan-interface14] quit
# 配置MPLS LDP远程会话
[NPE1] mpls ldp remote-peer 1
[NPE1-mpls-ldp-remote-1] remote-ip 192.0.0.4
[NPE1-mpls-ldp-remote-1] quit
[NPE1] mpls ldp remote-peer 2
[NPE1-mpls-ldp-remote-2] remote-ip 192.0.0.2
[NPE1-mpls-ldp-remote-2] quit
[NPE1] mpls ldp remote-peer 3
[NPE1-mpls-ldp-remote-3] remote-ip 192.0.0.3
[NPE1-mpls-ldp-remote-3] quit
(4) 配置VPLS相关内容。
# 配置VPLS实例vpn1000。
[NPE1] vsi vpn1000 static
[NPE1-vsi-vpn1000] pwsignal ldp
[NPE1-vsi-vpn1000-ldp] vsi-id 1000
# 配置到NPE2、NPE3的NPW和到UPE的UPW。
[NPE1-vsi-vpn1000-ldp] peer 192.0.0.2
[NPE1-vsi-vpn1000-ldp] peer 192.0.0.3
[NPE1-vsi-vpn1000-ldp] peer 192.0.0.4 upe
[NPE1-vsi-vpn1000-ldp] quit
[NPE1-vsi-vpn1000] quit
(1) 配置各接口以及接口地址。
# 配置NPE2和NPE1之间的接口。
<Sysname> system-view
[Sysname] sysname NPE2
[NPE2] vlan 12
[NPE2-vlan12] port GigabitEthernet 4/0/15
[NPE2-vlan12] quit
[NPE2] interface vlan-interface 12
[NPE2-Vlan-interface12] ip address 192.12.0.2 24
[NPE2-Vlan-interface12] undo shutdown
[NPE2-Vlan-interface12] quit
[NPE2] interface GigabitEthernet 4/0/15
[NPE2-GigabitEthernet4/0/15] undo shutdown
[NPE2-GigabitEthernet4/0/15] quit
# 配置NPE2和NPE3之间的接口。
[NPE2] vlan 23
[NPE2-vlan23] port GigabitEthernet 4/0/10
[NPE2-vlan23] quit
[NPE2] interface vlan-interface 23
[NPE2-Vlan-interface23] ip address 192.23.0.2 24
[NPE2-Vlan-interface23] undo shutdown
[NPE2-Vlan-interface23] quit
[NPE2] interface GigabitEthernet 4/0/10
[NPE2-GigabitEthernet4/0/10] undo shutdown
[NPE2-GigabitEthernet4/0/10] quit
# 配置NPE2和UPE之间的接口。
[NPE2] vlan 24
[NPE2-vlan24] port GigabitEthernet 4/0/20
[NPE2-vlan24] quit
[NPE2] interface vlan-interface 24
[NPE2-Vlan-interface24] ip address 192.24.0.2 24
[NPE2-Vlan-interface24] undo shutdown
[NPE2-Vlan-interface24] quit
[NPE2] interface GigabitEthernet 4/0/20
[NPE2-GigabitEthernet4/0/20] undo shutdown
[NPE2-GigabitEthernet4/0/20] quit
# 配置NPE2上的环回口地址。
[NPE2] interface LoopBack 0
[NPE2-LoopBack0] ip address 192.0.0.2 32
[NPE2-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID
[NPE2] router id 192.0.0.2
# 配置OSPF路由协议,发布路由。
[NPE2] ospf 1
[NPE2-ospf-1] area 0
[NPE2-ospf-1-area-0.0.0.0] network 192.12.0.0 0.0.0.255
[NPE2-ospf-1-area-0.0.0.0] network 192.23.0.0 0.0.0.255
[NPE2-ospf-1-area-0.0.0.0] network 192.24.0.0 0.0.0.255
[NPE2-ospf-1-area-0.0.0.0] network 192.0.0.2 0.0.0.0
[NPE2-ospf-1-area-0.0.0.0] quit
[NPE2-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[NPE2] mpls lsr-id 192.0.0.2
[NPE2] mpls
[NPE2-mpls] quit
[NPE2] mpls ldp
[NPE2-mpls-ldp] quit
[NPE2] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[NPE2] interface vlan-interface 12
[NPE2-Vlan-interface12] mpls
[NPE2-Vlan-interface12] mpls ldp
[NPE2-Vlan-interface12] quit
[NPE2] interface vlan-interface 23
[NPE2-Vlan-interface23] mpls
[NPE2-Vlan-interface23] mpls ldp
[NPE2-Vlan-interface23] quit
[NPE2] interface vlan-interface 24
[NPE2-Vlan-interface24] mpls
[NPE2-Vlan-interface24] mpls ldp
[NPE2-Vlan-interface24] quit
# 配置MPLS LDP远程会话
[NPE2] mpls ldp remote-peer 1
[NPE2-mpls-ldp-remote-1] remote-ip 192.0.0.4
[NPE2-mpls-ldp-remote-1] quit
[NPE2] mpls ldp remote-peer 2
[NPE2-mpls-ldp-remote-2] remote-ip 192.0.0.1
[NPE2-mpls-ldp-remote-2] quit
[NPE2] mpls ldp remote-peer 3
[NPE2-mpls-ldp-remote-3] remote-ip 192.0.0.3
[NPE2-mpls-ldp-remote-3] quit
(4) 配置VPLS相关内容。
# 配置VPLS实例vpn1000。
[NPE2] vsi vpn1000 static
[NPE2-vsi-vpn1000] pwsignal ldp
[NPE2-vsi-vpn1000-ldp] vsi-id 1000
# 配置到NPE1、NPE3的NPW和到UPE的UPW。
[NPE2-vsi-vpn1000-ldp] peer 192.0.0.1
[NPE2-vsi-vpn1000-ldp] peer 192.0.0.3
[NPE2-vsi-vpn1000-ldp] peer 192.0.0.4 upe
[NPE2-vsi-vpn1000-ldp] quit
[NPE2-vsi-vpn1000] quit
(1) 配置各接口以及接口地址。
# 配置NPE3和NPE1之间的接口。
<Sysname> system-view
[Sysname] sysname NPE3
[NPE3] vlan 13
[NPE3-vlan13] port GigabitEthernet 4/0/24
[NPE3-vlan13] quit
[NPE3] interface vlan-interface 13
[NPE3-Vlan-interface13] ip address 192.13.0.3 24
[NPE3-Vlan-interface13] undo shutdown
[NPE3-Vlan-interface13] quit
[NPE3] interface GigabitEthernet 4/0/24
[NPE3-GigabitEthernet4/0/24] undo shutdown
[NPE3-GigabitEthernet4/0/24] quit
# 配置NPE3和NPE2之间的接口。
[NPE3] vlan 23
[NPE3-vlan23] port GigabitEthernet 4/0/10
[NPE3-vlan23] quit
[NPE3] interface vlan-interface 23
[NPE3-Vlan-interface23] ip address 192.23.0.3 24
[NPE3-Vlan-interface23] undo shutdown
[NPE3-Vlan-interface23] quit
[NPE3] interface GigabitEthernet 4/0/10
[NPE3-GigabitEthernet4/0/10] undo shutdown
[NPE3-GigabitEthernet4/0/10] quit
# 配置NPE3上的环回口地址。
[NPE3] interface LoopBack 0
[NPE3-LoopBack0] ip address 192.0.0.3 32
[NPE3-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID。
[NPE3] router id 192.0.0.3
# 配置OSPF路由协议,发布路由。
[NPE3] ospf 1
[NPE3-ospf-1] area 0
[NPE3-ospf-1-area-0.0.0.0] network 192.13.0.0 0.0.0.255
[NPE3-ospf-1-area-0.0.0.0] network 192.23.0.0 0.0.0.255
[NPE3-ospf-1-area-0.0.0.0] network 192.0.0.3 0.0.0.0
[NPE3-ospf-1-area-0.0.0.0] quit
[NPE3-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[NPE3] mpls lsr-id 192.0.0.3
[NPE3] mpls
[NPE3-mpls] quit
[NPE3] mpls ldp
[NPE3-mpls-ldp] quit
[NPE3] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[NPE3] interface vlan-interface 13
[NPE3-Vlan-interface13] mpls
[NPE3-Vlan-interface13] mpls ldp
[NPE3-Vlan-interface13] quit
[NPE3] interface vlan-interface 23
[NPE3-Vlan-interface23] mpls
[NPE3-Vlan-interface23] mpls ldp
[NPE3-Vlan-interface23] quit
# 配置MPLS LDP远程会话
[NPE3] mpls ldp remote-peer 1
[NPE3-mpls-ldp-remote-1] remote-ip 192.0.0.1
[NPE3-mpls-ldp-remote-1] quit
[NPE3] mpls ldp remote-peer 2
[NPE3-mpls-ldp-remote-2] remote-ip 192.0.0.2
[NPE3-mpls-ldp-remote-2] quit
(4) 配置VPLS相关内容。
# 配置VPLS实例vpn1000。
[NPE3] vsi vpn1000 static
[NPE3-vsi-vpn1000] pwsignal ldp
[NPE3-vsi-vpn1000-ldp] vsi-id 1000
# 配置到NPE1、NPE2的NPW。
[NPE3-vsi-vpn1000-ldp] peer 192.0.0.1
[NPE3-vsi-vpn1000-ldp] peer 192.0.0.2
[NPE3-vsi-vpn1000-ldp] quit
[NPE3-vsi-vpn1000] quit
# 配置VPLS实例绑定私网AC。
[NPE3] vlan 1000
[NPE3] interface GigabitEthernet 4/0/1
[NPE3-GigabitEthernet4/0/1] port link-type trunk
[NPE3-GigabitEthernet4/0/1] port trunk permit vlan 1000
Please wait... Done.
[NPE3-GigabitEthernet4/0/1] service-instance 1000
[NPE3-GigabitEthernet4/0/1] undo shutdown
[NPE3-GigabitEthernet4/0/1-srv1000] encapsulation s-vid 1000
[NPE3-GigabitEthernet4/0/1-srv1000] xconnect vsi vpn1000
[NPE3-GigabitEthernet4/0/1-srv1000] quit
[NPE3-GigabitEthernet4/0/1] quit
(1) 配置各接口以及接口地址。
# 配置UPE和NPE1之间的接口。
<Sysname> system-view
[Sysname] sysname UPE
[UPE] vlan 14
[UPE-vlan14] port GigabitEthernet 6/0/18
[UPE-vlan14] quit
[UPE] interface vlan-interface 14
[UPE-Vlan-interface14] ip address 192.14.0.4 24
[UPE-Vlan-interface14] undo shutdown
[UPE-Vlan-interface14] quit
[UPE] interface GigabitEthernet 6/0/18
[UPE-GigabitEthernet6/0/18] undo shutdown
[UPE-GigabitEthernet6/0/18] quit
# 配置UPE和NPE2之间的接口。
[UPE] vlan 24
[UPE-vlan24] port GigabitEthernet 6/0/20
[UPE-vlan24] quit
[UPE] interface vlan-interface 24
[UPE-Vlan-interface24] ip address 192.24.0.4 24
[UPE-Vlan-interface24] undo shutdown
[UPE-Vlan-interface24] quit
[UPE] interface GigabitEthernet 6/0/20
[UPE-GigabitEthernet6/0/20] undo shutdown
[UPE-GigabitEthernet6/0/20] quit
# 配置UPE上的环回口地址。
[UPE] interface LoopBack 0
[UPE-LoopBack0] ip address 192.0.0.4 32
[UPE-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID。
[UPE] router id 192.0.0.4
# 配置OSPF路由协议,发布路由。
[UPE] ospf 1
[UPE-ospf-1] area 0
[UPE-ospf-1-area-0.0.0.0] network 192.14.0.0 0.0.0.255
[UPE-ospf-1-area-0.0.0.0] network 192.24.0.0 0.0.0.255
[UPE-ospf-1-area-0.0.0.0] network 192.0.0.4 0.0.0.0
[UPE-ospf-1-area-0.0.0.0] quit
[UPE-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[UPE] mpls lsr-id 192.0.0.4
[UPE] mpls
[UPE-mpls] quit
[UPE] mpls ldp
[UPE-mpls-ldp] quit
[UPE] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[UPE] interface vlan-interface 14
[UPE-Vlan-interface14] mpls
[UPE-Vlan-interface14] mpls ldp
[UPE-Vlan-interface14] quit
[UPE] interface vlan-interface 24
[UPE-Vlan-interface24] mpls
[UPE-Vlan-interface24] mpls ldp
[UPE-Vlan-interface24] quit
# 配置MPLS LDP远程会话。
[UPE] mpls ldp remote-peer 1
[UPE-mpls-ldp-remote-1] remote-ip 192.0.0.1
[UPE-mpls-ldp-remote-1] quit
[UPE] mpls ldp remote-peer 2
[UPE-mpls-ldp-remote-2] remote-ip 192.0.0.2
[UPE-mpls-ldp-remote-2] quit
(4) 配置VPLS相关内容。
# 配置VPLS实例vpn1000。
[UPE] vsi vpn1000 static
[UPE-vsi-vpn1000] pwsignal ldp
[UPE-vsi-vpn1000-ldp] vsi-id 1000
# 配置到NPE1、NPE2的主备PW。
[UPE-vsi-vpn1000-ldp] peer 192.0.0.1 backup-peer 192.0.0.2 dual-npe revertive wtr-time 1
[UPE-vsi-vpn1000-ldp] quit
[UPE-vsi-vpn1000] quit
# 配置VPLS实例绑定私网AC。
[UPE] vlan 1000
[UPE] interface GigabitEthernet 6/0/1
[UPE-GigabitEthernet6/0/1] port link-type trunk
[UPE-GigabitEthernet6/0/1] port trunk permit vlan 1000
Please wait... Done.
[UPE-GigabitEthernet6/0/1] service-instance 1000
[UPE-GigabitEthernet6/0/1] undo shutdown
[UPE-GigabitEthernet6/0/1-srv1000] encapsulation s-vid 1000
[UPE-GigabitEthernet6/0/1-srv1000] xconnect vsi vpn1000
[UPE-GigabitEthernet6/0/1-srv1000] quit
[UPE-GigabitEthernet6/0/1] quit
按照如上配置,NPE1、NPE2、NPE3之间建立全连接的VPLS PW,UPE和NPE1、NPE2之间建立主备PW。
(1) UPE下的CE通过NPE1或者NPE2和NPE3的CE相互访问。
(2) UPE下的主备关系的两条PW可以切换,即当主PW不可用时,业务可以切换到备用的PW上。
# 查看UPE上的PW状态。
[UPE] display vpls connection vsi vpn1000
Total 2 connection(s),
connections: 1 up, 1 block, 0 down
VSI Name: vpn1000 Signaling: ldp
VsiID VsiType PeerAddr InLabel OutLabel LinkID VCState
1000 vlan 192.0.0.1 131072 131074 1 up
1000 vlan 192.0.0.2 131073 131074 2 block
# 查看NPE1上的PW状态。
[NPE1] display vpls connection vsi vpn1000
Total 3 connection(s),
connections: 3 up, 0 block, 0 down
VSI Name: vpn1000 Signaling: ldp
VsiID VsiType PeerAddr InLabel OutLabel LinkID VCState
1000 vlan 192.0.0.2 131072 131072 1 up
1000 vlan 192.0.0.3 131073 131072 2 up
1000 vlan 192.0.0.4 131074 131072 3 up
# 查看NPE2上的PW状态。
[NPE2] display vpls connection vsi vpn1000
Total 3 connection(s),
connections: 3 up, 0 block, 0 down
VSI Name: vpn1000 Signaling: ldp
VsiID VsiType PeerAddr InLabel OutLabel LinkID VCState
1000 vlan 192.0.0.1 131072 131072 1 up
1000 vlan 192.0.0.3 131073 131073 2 up
1000 vlan 192.0.0.4 131074 131073 3 up
# 查看NPE3上的PW状态。
[NPE3] display vpls connection vsi vpn1000
Total 2 connection(s),
connections: 2 up, 0 block, 0 down
VSI Name: vpn1000 Signaling: ldp
VsiID VsiType PeerAddr InLabel OutLabel LinkID VCState
1000 vlan 192.0.0.1 131072 131073 1 up
1000 vlan 192.0.0.2 131073 131073 2 up
在前面配置完成后,可以通过命令display current-configuration来查看当前的相关配置。
· NPE1:
[NPE1] display current-configuration
#
sysname NPE1
#
domain default enable system
#
router id 192.0.0.1
#
xbar load-balance
#
forward-path check enable
#
mpls lsr-id 192.0.0.1
#
vlan 1
#
vlan 12
#
vlan 13
#
vlan 14
#
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 1
remote-ip 192.0.0.4
#
mpls ldp remote-peer 2
remote-ip 192.0.0.2
#
mpls ldp remote-peer 3
remote-ip 192.0.0.3
#
vsi vpn1000 static
pwsignal ldp
vsi-id 1000
peer 192.0.0.2
peer 192.0.0.3
peer 192.0.0.4 upe
#
interface LoopBack0
ip address 192.0.0.1 255.255.255.255
#
interface Vlan-interface12
ip address 192.12.0.1 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface13
ip address 192.13.0.1 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface14
ip address 192.14.0.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet6/0/15
port link-mode bridge
port access vlan 12
#
interface GigabitEthernet6/0/18
port link-mode bridge
port access vlan 14
#
interface GigabitEthernet6/0/24
port link-mode bridge
port access vlan 13
#
ospf 1
area 0.0.0.0
network 192.12.0.0 0.0.0.255
network 192.13.0.0 0.0.0.255
network 192.14.0.0 0.0.0.255
network 192.0.0.1 0.0.0.0
#
· NPE2:
[NPE2] display current-configuration
#
sysname NPE2
#
domain default enable system
#
router id 192.0.0.2
#
xbar load-balance
#
forward-path check enable
#
mpls lsr-id 192.0.0.2
#
vlan 1
#
vlan 12
#
vlan 23
#
vlan 24
#
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 1
remote-ip 192.0.0.4
#
mpls ldp remote-peer 2
remote-ip 192.0.0.1
#
mpls ldp remote-peer 3
remote-ip 192.0.0.3
#
vsi vpn1000 static
pwsignal ldp
vsi-id 1000
peer 192.0.0.1
peer 192.0.0.3
peer 192.0.0.4 upe
#
interface LoopBack0
ip address 192.0.0.2 255.255.255.255
#
interface Vlan-interface12
ip address 192.12.0.2 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface23
ip address 192.23.0.2 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface24
ip address 192.24.0.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet4/0/10
port link-mode bridge
port access vlan 23
#
interface GigabitEthernet4/0/15
port link-mode bridge
port access vlan 12
#
interface GigabitEthernet4/0/20
port link-mode bridge
port access vlan 24
#
ospf 1
area 0.0.0.0
network 192.12.0.0 0.0.0.255
network 192.23.0.0 0.0.0.255
network 192.24.0.0 0.0.0.255
network 192.0.0.2 0.0.0.0
#
· NPE3:
[NPE3] display current-configuration
#
sysname NPE3
#
domain default enable system
#
router id 192.0.0.3
#
xbar load-balance
#
forward-path check enable
#
mpls lsr-id 192.0.0.3
#
vlan 1
#
vlan 13
#
vlan 23
#
vlan 1000
#
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 1
remote-ip 192.0.0.1
#
mpls ldp remote-peer 2
remote-ip 192.0.0.2
#
vsi vpn1000 static
pwsignal ldp
vsi-id 1000
peer 192.0.0.1
peer 192.0.0.2
#
interface LoopBack0
ip address 192.0.0.3 255.255.255.255
#
interface Vlan-interface13
ip address 192.13.0.3 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface23
ip address 192.23.0.3 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet4/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
service-instance 1000
encapsulation s-vid 1000
xconnect vsi vpn1000
#
interface GigabitEthernet4/0/10
port link-mode bridge
port access vlan 23
#
interface GigabitEthernet4/0/24
port link-mode bridge
port access vlan 13
#
ospf 1
area 0.0.0.0
network 192.13.0.0 0.0.0.255
network 192.23.0.0 0.0.0.255
network 192.0.0.3 0.0.0.0
#
· UPE:
[UPE] display current-configuration
#
sysname UPE
#
domain default enable system
#
router id 192.0.0.4
#
xbar load-balance
#
forward-path check enable
#
mpls lsr-id 192.0.0.4
#
vlan 1
#
vlan 14
#
vlan 24
#
vlan 1000
#
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 1
remote-ip 192.0.0.1
#
mpls ldp remote-peer 2
remote-ip 192.0.0.2
#
vsi vpn1000 static
pwsignal ldp
vsi-id 1000
peer 192.0.0.1 backup-peer 192.0.0.2 dual-npe revertive wtr-time 1
#
interface LoopBack0
ip address 192.0.0.4 255.255.255.255
#
interface Vlan-interface14
ip address 192.14.0.4 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface24
ip address 192.24.0.4 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet6/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
service-instance 1000
encapsulation s-vid 1000
xconnect vsi vpn1000
#
interface GigabitEthernet6/0/18
port link-mode bridge
port access vlan 14
#
interface GigabitEthernet6/0/20
port link-mode bridge
port access vlan 24
#
ospf 1
area 0.0.0.0
network 192.14.0.0 0.0.0.255
network 192.24.0.0 0.0.0.255
network 192.0.0.4 0.0.0.0
#
如图4所示,站点1、站点2和站点3分别为某公司在两个不同地区的分支机构,其中站点1和站点3属于同一地区,三个站点通过各自的出口设备CE连入运营商MPLS网络。公司希望:
· 各站点的Vlan1000互相通信时达到在同一局域网中访问的效果;
· 不同地区的站点之间经常会进行语音或视频会议,需要保证运营商网络中VPN数据流量的高可靠性,出现故障时能快速切换到备份路径。
因此运营商需要在MPLS网络中部署BFD联动H-VPLS以满足该公司的需求。
图4 BFD联动H-VPLS组网图
|
设备 |
接口 |
IP地址 |
设备 |
接口 |
IP地址 |
|
UPE |
Loopback0 |
192.0.0.4/32 |
NPE1 |
Loopback0 |
192.0.0.1/32 |
|
|
GE6/0/18(vlan 14) |
192.14.0.4/24 |
|
GE6/0/18(vlan 14) |
192.14.0.1/24 |
|
|
GE6/0/20(vlan 24) |
192.24.0.4/24 |
|
GE6/0/15(vlan 12) |
192.12.0.1/24 |
|
|
GE6/0/1(vlan 1000) |
|
|
GE6/0/24(vlan 13) |
192.13.0.1/24 |
|
NPE2 |
Loopback0 |
192.0.0.2/32 |
NPE3 |
Loopback0 |
192.0.0.3/32 |
|
|
GE4/0/20(vlan 24) |
192.24.0.2/24 |
|
GE4/0/24(vlan 13) |
192.13.0.3/24 |
|
|
GE4/0/15(vlan 12) |
192.12.0.2/24 |
|
GE4/0/10(vlan 23) |
192.23.0.3/24 |
|
|
GE4/0/10(vlan 23) |
192.23.0.2/24 |
|
GE4/0/1(vlan 1000) |
|
· 为实现MPLS网络中各PE设备之间建立公网LSP,需要在MPLS网络中所有PE和P设备上使能MPLS基本能力和LDP。
· 为实现PE设备之间能传递私网标签,需要完成:
¡ 在NPE设备上创建VPLS实例,配置UPE设备以及该VPN覆盖范围内的所有其它NPE设备为对等体;
¡ 在UPE设备上创建VPLS实例,配置NPE设备为对等体,将VPLS实例与报文的接收端口和报文所属VLAN进行绑定。
· 为实现对通过VPLS传输的私网数据进行辨识,需要在PE连接CE的端口上配置服务实例并配置相应的匹配规则(本例中MPLS网络只允许VLAN ID为1000的报文通过VPLS连接转发,因此为私网数据指定s-vid为1000),对符合匹配规则的报文才能够通过VPLS网络传输。
· 为确保语音、视讯业务的高可靠性,可在UPE设备上分别与NPE1、NPE2建立主备PW连接,实现链路的冗余备份;为实现主PW故障时,网络能及时检测并快速切换到备份PW,在UPE设备和NPE1设备之间的主链路上运行BFD检测,并配置BFD与H-VPLS联动。
本举例在S12500-CMW520-R1825P01版本上进行配置和验证。
由于篇幅限制,本例仅列出Site 1以及Site 2之间互连的H-VPLS配置,其余站点的接入方式与之类似,请参考进行配置。
# 配置端口和VLAN。
<Sysname> system-view
[Sysname] sysname LanSW
[LanSW] vlan 14
[LanSW-vlan14] port GigabitEthernet 6/0/18
[LanSW-vlan14] port GigabitEthernet 6/0/19
[LanSW] interface GigabitEthernet 6/0/18
[LanSW-GigabitEthernet6/0/18] undo shutdown
[LanSW-GigabitEthernet6/0/18] quit
[LanSW] interface GigabitEthernet 6/0/19
[LanSW-GigabitEthernet6/0/19] undo shutdown
[LanSW-GigabitEthernet6/0/19] quit
(1) 配置各接口以及接口地址。
# 配置NPE1和NPE2之间的接口。
<Sysname> system-view
[Sysname] sysname NPE1
[NPE1] vlan 12
[NPE1-vlan12] port GigabitEthernet 6/0/15
[NPE1-vlan12] quit
[NPE1] interfaece vlan-interface 12
[NPE1-Vlan-interface12] ip address 192.12.0.1 24
[NPE1-Vlan-interface12] undo shutdown
[NPE1-Vlan-interface12] quit
[NPE1] interface GigabitEthernet 6/0/15
[NPE1-GigabitEthernet6/0/15] undo shutdown
[NPE1-GigabitEthernet6/0/15] quit
# 配置NPE1和NPE3之间的接口。
[NPE1] vlan 13
[NPE1-vlan13] port GigabitEthernet 6/0/24
[NPE1-vlan13] quit
[NPE1] interface vlan-interface 13
[NPE1-Vlan-interface13] ip address 192.13.0.1 24
[NPE1-Vlan-interface13] undo shutdown
[NPE1-Vlan-interface13] quit
[NPE1] interface GigabitEthernet 6/0/24
[NPE1-GigabitEthernet6/0/24] undo shutdown
[NPE1-GigabitEthernet6/0/24] quit
# 配置NPE1和UPE之间的接口。
[NPE1] vlan 14
[NPE1-vlan14] port GigabitEthernet 6/0/18
[NPE1-vlan14] quit
[NPE1] interface vlan-interface 14
[NPE1-Vlan-interface14] ip address 192.14.0.1 24
[NPE1-Vlan-interface14] undo shutdown
[NPE1-Vlan-interface14] quit
[NPE1] interface GigabitEthernet 6/0/18
[NPE1-GigabitEthernet6/0/18] undo shutdown
[NPE1-GigabitEthernet6/0/18] quit
# 配置NPE1上的环回口地址。
[NPE1] interface LoopBack 0
[NPE1-LoopBack0] ip address 192.0.0.1 32
[NPE1-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID。
[NPE1] router id 192.0.0.1
# 配置OSPF路由协议,发布路由。
[NPE1] ospf 1
[NPE1-ospf-1] area 0
[NPE1-ospf-1-area-0.0.0.0] network 192.12.0.0 0.0.0.255
[NPE1-ospf-1-area-0.0.0.0] network 192.13.0.0 0.0.0.255
[NPE1-ospf-1-area-0.0.0.0] network 192.14.0.0 0.0.0.255
[NPE1-ospf-1-area-0.0.0.0] network 192.0.0.1 0.0.0.0
[NPE1-ospf-1-area-0.0.0.0] quit
[NPE1-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[NPE1] mpls lsr-id 192.0.0.1
[NPE1] mpls
[NPE1-mpls] quit
[NPE1] mpls ldp
[NPE1-mpls-ldp] quit
[NPE1] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[NPE1] interface vlan-interface 12
[NPE1-Vlan-interface12] mpls
[NPE1-Vlan-interface12] mpls ldp
[NPE1-Vlan-interface12] quit
[NPE1] interface vlan-interface 13
[NPE1-Vlan-interface13] mpls
[NPE1-Vlan-interface13] mpls ldp
[NPE1-Vlan-interface13] quit
[NPE1] interface vlan-interface 14
[NPE1-Vlan-interface14] mpls
[NPE1-Vlan-interface14] mpls ldp
[NPE1-Vlan-interface14] quit
(4) 配置VPLS相关内容。
# 配置VPLS实例vpn1000。
[NPE1] vsi vpn1000 static
[NPE1-vsi-vpn1000] pwsignal ldp
[NPE1-vsi-vpn1000-ldp] vsi-id 1000
# 配置到NPE2、NPE3的NPW和到UPE的UPW。
[NPE1-vsi-vpn1000-ldp] peer 192.0.0.2
[NPE1-vsi-vpn1000-ldp] peer 192.0.0.3
[NPE1-vsi-vpn1000-ldp] peer 192.0.0.4 upe
[NPE1-vsi-vpn1000-ldp] quit
[NPE1-vsi-vpn1000] quit
(5) 在主PW上配置BFD联动H-VPLS。
# 配置MPLS LDP会话。
[NPE1] mpls ldp remote-peer 1
[NPE1-mpls-ldp-remote-1] remote-ip 192.0.0.4
# 使能BFD,修改BFD检测周期为30ms。
[NPE1-mpls-ldp-remote-1] remote-ip bfd
[NPE1-mpls-ldp-remote-1] quit
[NPE1] interface LoopBack 0
[NPE1-LoopBack0] bfd min-transmit-interval 10
[NPE1-LoopBack0] bfd min-receive-interval 10
[NPE1-LoopBack0] bfd detect-multiplier 3
[NPE1-LoopBack0] quit
(1) 配置各接口以及接口地址。
# 配置NPE2和NPE1之间的接口。
<Sysname> system-view
[Sysname] sysname NPE2
[NPE2] vlan 12
[NPE2-vlan12] port GigabitEthernet 4/0/15
[NPE2-vlan12] quit
[NPE2] interface vlan-interface 12
[NPE2-Vlan-interface12] ip address 192.12.0.2 24
[NPE2-Vlan-interface12] undo shutdown
[NPE2-Vlan-interface12] quit
[NPE2] interface GigabitEthernet 4/0/15
[NPE2-GigabitEthernet4/0/15] undo shutdown
[NPE2-GigabitEthernet4/0/15] quit
# 配置NPE2和NPE3之间的接口。
[NPE2] vlan 23
[NPE2-vlan23] port GigabitEthernet 4/0/10
[NPE2-vlan23] quit
[NPE2] interface vlan-interface 23
[NPE2-Vlan-interface23] ip address 192.23.0.2 24
[NPE2-Vlan-interface23] undo shutdown
[NPE2-Vlan-interface23] quit
[NPE2] interface GigabitEthernet 4/0/10
[NPE2-GigabitEthernet4/0/10] undo shutdown
[NPE2-GigabitEthernet4/0/10] quit
# 配置NPE2和UPE之间的接口。
[NPE2] vlan 24
[NPE2-vlan24] port GigabitEthernet 4/0/20
[NPE2-vlan24] quit
[NPE2] interface vlan-interface 24
[NPE2-Vlan-interface24] ip address 192.24.0.2 24
[NPE2-Vlan-interface24] undo shutdown
[NPE2-Vlan-interface24] quit
[NPE2] interface GigabitEthernet 4/0/20
[NPE2-GigabitEthernet4/0/20] undo shutdown
[NPE2-GigabitEthernet4/0/20] quit
# 配置NPE2上的环回口地址。
[NPE2] interface LoopBack 0
[NPE2-LoopBack0] ip address 192.0.0.2 32
[NPE2-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID
[NPE2] router id 192.0.0.2
# 配置OSPF路由协议,发布路由。
[NPE2] ospf 1
[NPE2-ospf-1] area 0
[NPE2-ospf-1-area-0.0.0.0] network 192.12.0.0 0.0.0.255
[NPE2-ospf-1-area-0.0.0.0] network 192.23.0.0 0.0.0.255
[NPE2-ospf-1-area-0.0.0.0] network 192.24.0.0 0.0.0.255
[NPE2-ospf-1-area-0.0.0.0] network 192.0.0.2 0.0.0.0
[NPE2-ospf-1-area-0.0.0.0] quit
[NPE2-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[NPE2] mpls lsr-id 192.0.0.2
[NPE2] mpls
[NPE2-mpls] quit
[NPE2] mpls ldp
[NPE2-mpls-ldp] quit
[NPE2] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[NPE2] interface vlan-interface 12
[NPE2-Vlan-interface12] mpls
[NPE2-Vlan-interface12] mpls ldp
[NPE2-Vlan-interface12] quit
[NPE2] interface vlan-interface 23
[NPE2-Vlan-interface23] mpls
[NPE2-Vlan-interface23] mpls ldp
[NPE2-Vlan-interface23] quit
[NPE2] interface vlan-interface 24
[NPE2-Vlan-interface24] mpls
[NPE2-Vlan-interface24] mpls ldp
[NPE2-Vlan-interface24] quit
(4) 配置VPLS相关内容。
# 配置VPLS实例vpn1000。
[NPE2] vsi vpn1000 static
[NPE2-vsi-vpn1000] pwsignal ldp
[NPE2-vsi-vpn1000-ldp] vsi-id 1000
# 配置到NPE1、NPE3的NPW和到UPE的UPW。
[NPE2-vsi-vpn1000-ldp] peer 192.0.0.1
[NPE2-vsi-vpn1000-ldp] peer 192.0.0.3
[NPE2-vsi-vpn1000-ldp] peer 192.0.0.4 upe
[NPE2-vsi-vpn1000-ldp] quit
[NPE2-vsi-vpn1000] quit
(1) 配置各接口以及接口地址。
# 配置NPE3和NPE1之间的接口。
<Sysname> system-view
[Sysname] sysname NPE3
[NPE3] vlan 13
[NPE3-vlan13] port GigabitEthernet 4/0/24
[NPE3-vlan13] quit
[NPE3] interface vlan-interface 13
[NPE3-Vlan-interface13] ip address 192.13.0.3 24
[NPE3-Vlan-interface13] undo shutdown
[NPE3-Vlan-interface13] quit
[NPE3] interface GigabitEthernet 4/0/24
[NPE3-GigabitEthernet4/0/24] undo shutdown
[NPE3-GigabitEthernet4/0/24] quit
# 配置NPE3和NPE2之间的接口。
[NPE3] vlan 23
[NPE3-vlan23] port GigabitEthernet 4/0/10
[NPE3-vlan23] quit
[NPE3] interface vlan-interface 23
[NPE3-Vlan-interface23] ip address 192.23.0.3 24
[NPE3-Vlan-interface23] undo shutdown
[NPE3-Vlan-interface23] quit
[NPE3] interface GigabitEthernet 4/0/10
[NPE3-GigabitEthernet4/0/10] undo shutdown
[NPE3-GigabitEthernet4/0/10] quit
# 配置NPE3上的环回口地址。
[NPE3] interface LoopBack 0
[NPE3-LoopBack0] ip address 192.0.0.3 32
[NPE3-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID。
[NPE3] router id 192.0.0.3
# 配置OSPF路由协议,发布路由。
[NPE3] ospf 1
[NPE3-ospf-1] area 0
[NPE3-ospf-1-area-0.0.0.0] network 192.13.0.0 0.0.0.255
[NPE3-ospf-1-area-0.0.0.0] network 192.23.0.0 0.0.0.255
[NPE3-ospf-1-area-0.0.0.0] network 192.0.0.3 0.0.0.0
[NPE3-ospf-1-area-0.0.0.0] quit
[NPE3-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[NPE3] mpls lsr-id 192.0.0.3
[NPE3] mpls
[NPE3-mpls] quit
[NPE3] mpls ldp
[NPE3-mpls-ldp] quit
[NPE3] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[NPE3] interface vlan-interface 13
[NPE3-Vlan-interface13] mpls
[NPE3-Vlan-interface13] mpls ldp
[NPE3-Vlan-interface13] quit
[NPE3] interface vlan-interface 23
[NPE3-Vlan-interface23] mpls
[NPE3-Vlan-interface23] mpls ldp
[NPE3-Vlan-interface23] quit
(4) 配置VPLS相关内容。
# 配置VPLS实例vpn1000。
[NPE3] vsi vpn1000 static
[NPE3-vsi-vpn1000] pwsignal ldp
[NPE3-vsi-vpn1000-ldp] vsi-id 1000
# 配置到NPE1、NPE2的NPW。
[NPE3-vsi-vpn1000-ldp] peer 192.0.0.1
[NPE3-vsi-vpn1000-ldp] peer 192.0.0.2
[NPE3-vsi-vpn1000-ldp] quit
[NPE3-vsi-vpn1000] quit
# 配置VPLS实例绑定私网AC。
[NPE3] vlan 1000
[NPE3] interface GigabitEthernet 4/0/1
[NPE3-GigabitEthernet4/0/1] port link-type trunk
[NPE3-GigabitEthernet4/0/1] port trunk permit vlan 1000
Please wait... Done.
[NPE3-GigabitEthernet4/0/1] service-instance 1000
[NPE3-GigabitEthernet4/0/1] undo shutdown
[NPE3-GigabitEthernet4/0/1-srv1000] encapsulation s-vid 1000
[NPE3-GigabitEthernet4/0/1-srv1000] xconnect vsi vpn1000
[NPE3-GigabitEthernet4/0/1-srv1000] quit
[NPE3-GigabitEthernet4/0/1] quit
(1) 配置各接口以及接口地址。
# 配置UPE和NPE1之间的接口。
<Sysname> system-view
[Sysname] sysname UPE
[UPE] vlan 14
[UPE-vlan14] port GigabitEthernet 6/0/18
[UPE-vlan14] quit
[UPE] interface vlan-interface 14
[UPE-Vlan-interface14] ip address 192.14.0.4 24
[UPE-Vlan-interface14] undo shutdown
[UPE-Vlan-interface14] quit
[UPE] interface GigabitEthernet 6/0/18
[UPE-GigabitEthernet6/0/18] undo shutdown
[UPE-GigabitEthernet6/0/18] quit
# 配置UPE和NPE2之间的接口。
[UPE] vlan 24
[UPE-vlan24] port GigabitEthernet 6/0/20
[UPE-vlan24] quit
[UPE] interface vlan-interface 24
[UPE-Vlan-interface24] ip address 192.24.0.4 24
[UPE-Vlan-interface24] undo shutdown
[UPE-Vlan-interface24] quit
[UPE] interface GigabitEthernet 6/0/20
[UPE-GigabitEthernet6/0/20] undo shutdown
[UPE-GigabitEthernet6/0/20] quit
# 配置UPE上的环回口地址。
[UPE] interface LoopBack 0
[UPE-LoopBack0] ip address 192.0.0.4 32
[UPE-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID。
[UPE] router id 192.0.0.4
# 配置OSPF路由协议,发布路由。
[UPE] ospf 1
[UPE-ospf-1] area 0
[UPE-ospf-1-area-0.0.0.0] network 192.14.0.0 0.0.0.255
[UPE-ospf-1-area-0.0.0.0] network 192.24.0.0 0.0.0.255
[UPE-ospf-1-area-0.0.0.0] network 192.0.0.4 0.0.0.0
[UPE-ospf-1-area-0.0.0.0] quit
[UPE-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[UPE] mpls lsr-id 192.0.0.4
[UPE] mpls
[UPE-mpls] quit
[UPE] mpls ldp
[UPE-mpls-ldp] quit
[UPE] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[UPE] interface vlan-interface 14
[UPE-Vlan-interface14] mpls
[UPE-Vlan-interface14] mpls ldp
[UPE-Vlan-interface14] quit
[UPE] interface vlan-interface 24
[UPE-Vlan-interface24] mpls
[UPE-Vlan-interface24] mpls ldp
[UPE-Vlan-interface24] quit
(4) 配置VPLS相关内容。
# 配置VPLS实例vpn1000。
[UPE] vsi vpn1000 static
[UPE-vsi-vpn1000] pwsignal ldp
[UPE-vsi-vpn1000-ldp] vsi-id 1000
# 配置到NPE1、NPE2的主备PW。
[UPE-vsi-vpn1000-ldp] peer 192.0.0.1 backup-peer 192.0.0.2 dual-npe revertive wtr-time 1
[UPE-vsi-vpn1000-ldp] quit
[UPE-vsi-vpn1000] quit
# 配置VPLS实例绑定私网AC。
[UPE] vlan 1000
[UPE] interface gigabitEthernet 6/0/1
[UPE-GigabitEthernet6/0/1] port link-type trunk
[UPE-GigabitEthernet6/0/1] port trunk permit vlan 1000
Please wait... Done.
[UPE-GigabitEthernet6/0/1] service-instance 1000
[UPE-GigabitEthernet6/0/1] undo shutdown
[UPE-GigabitEthernet6/0/1-srv1000] encapsulation s-vid 1000
[UPE-GigabitEthernet6/0/1-srv1000] xconnect vsi vpn1000
[UPE-GigabitEthernet6/0/1-srv1000] quit
[UPE-GigabitEthernet6/0/1] quit
(5) 在主PW上配置BFD联动H-VPLS。
# 配置MPLS LDP会话。
[UPE] mpls ldp remote-peer 1
[UPE-mpls-ldp-remote-1] remote-ip 192.0.0.1
# 使能BFD,修改BFD检测周期为30ms。
[UPE-mpls-ldp-remote-1] remote-ip bfd
[UPE-mpls-ldp-remote-1] quit
[UPE] interface LoopBack 0
[UPE-LoopBack0] bfd min-transmit-interval 10
[UPE-LoopBack0] bfd min-receive-interval 10
[UPE-LoopBack0] bfd detect-multiplier 3
[UPE-LoopBack0] quit
按照如上配置,NPE1、NPE2、NPE3之间建立全连接的VPLS PW,UPE和NPE1、NPE2之间建立主备PW。UPE1和NPE1之间建立BFD会话,监测UPE和NPE1之间的链路。
(1) UPE下的CE通过NPE1或者NPE2和NPE3的CE相互访问。
(2) 当UPE和NPE1之间的链路故障时,BFD可以快速监测并通知UPE进行主备PW切换,UPE下的用户流量切换到和NPE2的PW转发。
# 查看UPE上的PW状态。
[UPE] display vpls connection vsi vpn1000
Total 2 connection(s),
connections: 1 up, 1 block, 0 down
VSI Name: vpn1000 Signaling: ldp
VsiID VsiType PeerAddr InLabel OutLabel LinkID VCState
1000 vlan 192.0.0.1 131072 131074 1 up
1000 vlan 192.0.0.2 131073 131074 2 block
# 查看UPE上的BFD会话状态。
[UPE] display bfd session
Total session number: 1 Up session number: 1 Init mode: Active
IPv4 session working under Ctrl mode:
LD/RD SourceAddr DestAddr State Holdtime Interface
7/20 192.0.0.4 192.0.0.1 Up 30ms Loop0
在前面配置完成后,可以通过命令display current-configuration来查看当前的相关配置。
· LanSW:
[LanSW] display current-configuration
#
sysname LanSW
#
domain default enable system
#
vlan 14
#
interface GigabitEthernet6/0/18
port link-mode bridge
port access vlan 14
#
interface GigabitEthernet6/0/19
port link-mode bridge
port access vlan 14
#
· NPE1:
[NPE1] display current-configuration
#
sysname NPE1
#
domain default enable system
#
router id 192.0.0.1
#
xbar load-balance
#
forward-path check enable
#
mpls lsr-id 192.0.0.1
#
vlan 1
#
vlan 12
#
vlan 13
#
vlan 14
#
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 1
remote-ip 192.0.0.4
remote-ip bfd
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
#
vsi vpn1000 static
pwsignal ldp
vsi-id 1000
peer 192.0.0.2
peer 192.0.0.3
peer 192.0.0.4 upe
#
interface NULL0
#
interface LoopBack0
ip address 192.0.0.1 255.255.255.255
bfd min-transmit-interval 10
bfd min-receive-interval 10
bfd detect-multiplier 3
#
interface Vlan-interface12
ip address 192.12.0.1 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface13
ip address 192.13.0.1 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface14
ip address 192.14.0.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet6/0/15
port link-mode bridge
port access vlan 12
#
interface GigabitEthernet6/0/18
port link-mode bridge
port access vlan 14
#
interface GigabitEthernet6/0/24
port link-mode bridge
port access vlan 13
#
interface M-Ethernet0/0/0
#
ospf 1
area 0.0.0.0
network 192.12.0.0 0.0.0.255
network 192.13.0.0 0.0.0.255
network 192.14.0.0 0.0.0.255
network 192.0.0.1 0.0.0.0
#
user-interface con 0 1
user-interface aux 0 1
user-interface vty 0 17
#
· NPE2:
[NPE2] display current-configuration
#
sysname NPE2
#
domain default enable system
#
router id 192.0.0.2
#
xbar load-balance
#
forward-path check enable
#
mpls lsr-id 192.0.0.2
#
vlan 1
#
vlan 12
#
vlan 23
#
vlan 24
#
mpls
#
mpls l2vpn
#
mpls ldp
#
vsi vpn1000 static
pwsignal ldp
vsi-id 1000
peer 192.0.0.1
peer 192.0.0.3
peer 192.0.0.4 upe
#
interface LoopBack0
ip address 192.0.0.2 255.255.255.255
#
interface Vlan-interface12
ip address 192.12.0.2 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface23
ip address 192.23.0.2 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface24
ip address 192.24.0.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet4/0/10
port link-mode bridge
port access vlan 23
#
interface GigabitEthernet4/0/15
port link-mode bridge
port access vlan 12
#
interface GigabitEthernet4/0/20
port link-mode bridge
port access vlan 24
#
ospf 1
area 0.0.0.0
network 192.12.0.0 0.0.0.255
network 192.23.0.0 0.0.0.255
network 192.24.0.0 0.0.0.255
network 192.0.0.2 0.0.0.0
#
· NPE3:
[NPE3] display current-configuration
#
sysname NPE3
#
domain default enable system
#
router id 192.0.0.3
#
xbar load-balance
#
forward-path check enable
#
mpls lsr-id 192.0.0.3
#
vlan 1
#
vlan 13
#
vlan 23
#
vlan 1000
#
mpls
#
mpls l2vpn
#
mpls ldp
#
vsi vpn1000 static
pwsignal ldp
vsi-id 1000
peer 192.0.0.1
peer 192.0.0.2
#
interface LoopBack0
ip address 192.0.0.3 255.255.255.255
#
interface Vlan-interface13
ip address 192.13.0.3 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface23
ip address 192.23.0.3 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet4/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
service-instance 1000
encapsulation s-vid 1000
xconnect vsi vpn1000
#
interface GigabitEthernet4/0/10
port link-mode bridge
port access vlan 23
#
interface GigabitEthernet4/0/24
port link-mode bridge
port access vlan 13
#
ospf 1
area 0.0.0.0
network 192.13.0.0 0.0.0.255
network 192.23.0.0 0.0.0.255
network 192.0.0.3 0.0.0.0
#
· UPE:
[UPE] display current-configuration
#
sysname UPE
#
domain default enable system
#
router id 192.0.0.4
#
xbar load-balance
#
forward-path check enable
#
mpls lsr-id 192.0.0.4
#
vlan 1
#
vlan 14
#
vlan 24
#
vlan 1000
#
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 1
remote-ip 192.0.0.1
remote-ip bfd
#
vsi vpn1000 static
pwsignal ldp
vsi-id 1000
peer 192.0.0.1 backup-peer 192.0.0.2 dual-npe revertive wtr-time 1
#
interface LoopBack0
ip address 192.0.0.4 255.255.255.255
bfd min-transmit-interval 10
bfd min-receive-interval 10
bfd detect-multiplier 3
#
interface Vlan-interface14
ip address 192.14.0.4 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface24
ip address 192.24.0.4 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet6/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
service-instance 1000
encapsulation s-vid 1000
xconnect vsi vpn1000
#
interface GigabitEthernet6/0/18
port link-mode bridge
port access vlan 14
#
interface GigabitEthernet6/0/20
port link-mode bridge
port access vlan 24
#
ospf 1
area 0.0.0.0
network 192.14.0.0 0.0.0.255
network 192.24.0.0 0.0.0.255
network 192.0.0.4 0.0.0.0
#
如图5所示,站点0、站点1、站点2和站点3分别为某公司在三个不同地区的办公场所(其中站点1和站点2属于同一地区),三个地区站点通过各自的出口设备CE连入运营商MPLS网络。为简化配置,公司希望:
· 各站点的Vlan1000互相通信时达到在同一局域网中访问的效果;
· 站点0为公司总部所在,公司希望不同地区站点之间的数据流通都要经过公司总部,不能直接访问。
因此运营商需要在MPLS网络中部署Hub-Spoke VPLS以满足该公司的需求。
图5 Hub-Spoke VPLS配置组网图
|
设备 |
接口 |
IP地址 |
设备 |
接口 |
IP地址 |
|
Spoke-PE1 |
Loopback0 |
192.0.0.1/32 |
Hub-PE |
Loopback0 |
192.0.0.3/32 |
|
|
GE6/0/24(vlan 13) |
192.13.0.1/24 |
|
GE4/0/24(vlan 13) |
192.13.0.3/24 |
|
|
GE6/0/1(vlan 1000) |
|
|
GE4/0/10(vlan 23) |
192.23.0.3/24 |
|
|
GE6/0/3(vlan 1001) |
|
|
GE4/0/1(vlan 1000) |
|
|
Spoke-PE2 |
Loopback0 |
192.0.0.2/32 |
|
|
|
|
|
GE4/0/10(vlan 23) |
192.23.0.2/24 |
|
|
|
|
|
GE4/0/1(vlan 1000) |
|
|
|
|
· 为实现MPLS网络中各PE设备之间建立公网LSP,需要在MPLS网络中所有PE和P设备上使能MPLS基本能力和LDP。
· 为实现PE设备之间能传递私网标签,需要完成:
¡ 在所有Spoke-PE设备上创建VPLS实例,并分别与Hub-PE设备配置为远程LDP对等体,指定与Hub-PE设备之间的PW类型为Hub;
¡ 在Hub-PE设备上创建VPLS实例,并分别与Spoke-PE配置为远程LDP对等体,指定与各个Spoke-PE设备之间的PW类型为Spoken。
· 为实现对通过VPLS传输的私网数据进行辨识,需要在PE连接CE的端口上配置服务实例并配置相应的匹配规则(本例中MPLS网络只允许VLAN ID为1000的报文通过VPLS连接转发,因此为私网数据指定s-vid为1000),对符合匹配规则的报文才能够通过VPLS网络传输。
本举例在S12500-CMW520-R1825P01版本上进行配置和验证。
(1) 配置各接口以及接口地址。
# 配置Spoke-PE1和Hub-PE之间的接口。
<Sysname> system-view
[Sysname] sysname Spoke-PE1
[Spoke-PE1] vlan 13
[Spoke-PE1-vlan13] port GigabitEthernet 6/0/24
[Spoke-PE1-vlan13] quit
[Spoke-PE1] interface vlan-interface 13
[Spoke-PE1-Vlan-interface13] ip address 192.13.0.1 24
[Spoke-PE1-Vlan-interface13] undo shutdown
[Spoke-PE1-Vlan-interface13] quit
[Spoke-PE1] interface GigabitEthernet 6/0/24
[Spoke-PE1-GigabitEthernet6/0/24] undo shutdown
[Spoke-PE1-GigabitEthernet6/0/24] quit
# 配置Spoke-PE1上的环回口地址。
[Spoke-PE1] interface LoopBack 0
[Spoke-PE1-LoopBack0] ip address 192.0.0.1 32
[Spoke-PE1-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID
[Spoke-PE1] router id 192.0.0.1
# 配置OSPF路由协议,发布路由。
[Spoke-PE1] ospf 1
[Spoke-PE1-ospf-1] area 0
[Spoke-PE1-ospf-1-area-0.0.0.0] network 192.13.0.0 0.0.0.255
[Spoke-PE1-ospf-1-area-0.0.0.0] network 192.0.0.1 0.0.0.0
[Spoke-PE1-ospf-1-area-0.0.0.0] quit
[Spoke-PE1-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[Spoke-PE1] mpls lsr-id 192.0.0.1
[Spoke-PE1] mpls
[Spoke-PE1-mpls] quit
[Spoke-PE1] mpls ldp
[Spoke-PE1-mpls-ldp] quit
[Spoke-PE1] mpls l2vpn
# 使能接口上的MPLS和MPLS LDP能力。
[Spoke-PE1] interface vlan-interface 13
[Spoke-PE1-Vlan-interface13] mpls
[Spoke-PE1-Vlan-interface13] mpls ldp
[Spoke-PE1-Vlan-interface13] quit
# 配置MPLS LDP远程会话。
[Spoke-PE1] mpls ldp remote-peer 1
[Spoke-PE1-mpls-ldp-remote-1] remote-ip 192.0.0.3
[Spoke-PE1-mpls-ldp-remote-1] quit
(4) 配置VPLS相关内容。
# 配置Hub-Spoke VPLS实例vpn1000。
[Spoke-PE1] vsi vpn1000 static hub-spoke
[Spoke-PE1-vsi-vpn1000] pwsignal ldp
[Spoke-PE1-vsi-vpn1000-ldp] vsi-id 1000
# 配置到Hub-PE之间的PW,PW类型为Hub。
[Spoke-PE1-vsi-vpn1000-ldp] peer 192.0.0.3 hub
[Spoke-PE1-vsi-vpn1000-ldp] quit
[Spoke-PE1-vsi-vpn1000] quit
# 将VPLS实例和AC绑定,指定AC类型为Spoke。
[Spoke-PE1] vlan 1000
[Spoke-PE1] interface GigabitEthernet 6/0/1
[Spoke-PE1-GigabitEthernet6/0/1] port link-type trunk
[Spoke-PE1-GigabitEthernet6/0/1] port trunk permit vlan 1000
[Spoke-PE1-GigabitEthernet6/0/1] service-instance 1000
[Spoke-PE1-GigabitEthernet6/0/1] undo shutdown
[Spoke-PE1-GigabitEthernet6/0/1-srv1000] encapsulation s-vid 1000
[Spoke-PE1-GigabitEthernet6/0/1-srv1000] xconnect vsi vpn1000 spoke
[Spoke-PE1-GigabitEthernet6/0/1-srv1000] quit
[Spoke-PE1-GigabitEthernet6/0/1] quit
[Spoke-PE1] vlan 1001
[Spoke-PE1-vlan1001] quit
[Spoke-PE1] interface GigabitEthernet 6/0/3
[Spoke-PE1-GigabitEthernet6/0/3] port link-type trunk
[Spoke-PE1-GigabitEthernet6/0/3] port trunk permit vlan 1001
[Spoke-PE1-GigabitEthernet6/0/3] service-instance 1001
[Spoke-PE1-GigabitEthernet6/0/3] undo shutdown
[Spoke-PE1-GigabitEthernet6/0/3-srv1001] encapsulation s-vid 1001
[Spoke-PE1-GigabitEthernet6/0/3-srv1001] xconnect vsi vpn1000 spoke
[Spoke-PE1-GigabitEthernet6/0/3-srv1001] quit
[Spoke-PE1-GigabitEthernet6/0/3] quit
(1) 配置接口以及接口地址。
# 配置Spoke-PE2和Hub-PE之间的接口。
<Sysname> system-view
[Sysname] sysname Spoke-PE2
[Spoke-PE2] vlan 23
[Spoke-PE2-vlan23] port GigabitEthernet 4/0/10
[Spoke-PE2-vlan23] quit
[Spoke-PE2] interface vlan-interface 23
[Spoke-PE2-Vlan-interface23] ip address 192.23.0.2 24
[Spoke-PE2-Vlan-interface23] undo shutdown
[Spoke-PE2-Vlan-interface23] quit
[Spoke-PE2] interface GigabitEthernet 6/0/24
[Spoke-PE2-GigabitEthernet6/0/24] undo shutdown
[Spoke-PE2-GigabitEthernet6/0/24] quit
# 配置Spoke-PE2上的环回口地址。
[Spoke-PE2] interface LoopBack 0
[Spoke-PE2-LoopBack0] ip address 192.0.0.2 32
[Spoke-PE2-LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID。
[Spoke-PE2] router id 192.0.0.2
# 配置OSPF路由协议,发布路由。
[Spoke-PE2] ospf 1
[Spoke-PE2-ospf-1] area 0
[Spoke-PE2-ospf-1-area-0.0.0.0] network 192.23.0.0 0.0.0.255
[Spoke-PE2-ospf-1-area-0.0.0.0] network 192.0.0.2 0.0.0.0
[Spoke-PE2-ospf-1-area-0.0.0.0] quit
[Spoke-PE2-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[Spoke-PE2] mpls lsr-id 192.0.0.2
[Spoke-PE2] mpls
[Spoke-PE2-mpls] quit
[Spoke-PE2] mpls ldp
[Spoke-PE2-mpls-ldp] quit
[Spoke-PE2] mpls l2vpn
# 使能接口上的MPLS和MPLS LDP能力。
[Spoke-PE2] interface vlan-interface 23
[Spoke-PE2-Vlan-interface23] mpls
[Spoke-PE2-Vlan-interface23] mpls ldp
[Spoke-PE2-Vlan-interface23] quit
# 配置MPLS LDP远程会话。
[Spoke-PE2] mpls ldp remote-peer 1
[Spoke-PE2-mpls-ldp-remote-1] remote-ip 192.0.0.3
[Spoke-PE2-mpls-ldp-remote-1] quit
(4) 配置VPLS相关内容。
# 配置Hub-Spoke VPLS实例vpn1000。
[Spoke-PE2] vsi vpn1000 static hub-spoke
[Spoke-PE2-vsi-vpn1000] pwsignal ldp
[Spoke-PE2-vsi-vpn1000-ldp] vsi-id 1000
# 配置到Hub-PE之间的PW,PW类型为Hub。
[Spoke-PE2-vsi-vpn1000-ldp] peer 192.0.0.3 hub
[Spoke-PE2-vsi-vpn1000-ldp] quit
[Spoke-PE2-vsi-vpn1000] quit
# 将VPLS实例和AC绑定,指定AC类型为Spoke。
[Spoke-PE2] vlan 1000
[Spoke-PE2-vlan1000] quit
[Spoke-PE2] interface GigabitEthernet 4/0/1
[Spoke-PE2-GigabitEthernet4/0/1] port link-type trunk
[Spoke-PE2-GigabitEthernet4/0/1] port trunk permit vlan 1000
[Spoke-PE2-GigabitEthernet4/0/1] service-instance 1000
[Spoke-PE2-GigabitEthernet4/0/1] undo shutdown
[Spoke-PE2-GigabitEthernet4/0/1-srv1000] encapsulation s-vid 1000
[Spoke-PE2-GigabitEthernet4/0/1-srv1000] xconnect vsi vpn1000 spoke
[Spoke-PE2-GigabitEthernet4/0/1-srv1000] quit
[Spoke-PE2-GigabitEthernet4/0/1] quit
(1) 配置各接口以及接口地址。
# 配置Hub-PE和Spoke-PE1之间的接口。
<Sysname> system-view
[Sysname] sysname Hub-PE
[Hub-PE] vlan 13
[Hub-PE-vlan13] port GigabitEthernet 4/0/24
[Hub-PE-vlan13] quit
[Hub-PE] interface vlan-interface 13
[Hub-PE-Vlan-interface13] ip address 192.13.0.3 24
[Hub-PE-Vlan-interface13] undo shutdown
[Hub-PE-Vlan-interface13] quit
[Hub-PE] interface GigabitEthernet 4/0/24
[Hub-PE-GigabitEthernet4/0/24] undo shutdown
[Hub-PE-GigabitEthernet4/0/24] quit
# 配置Hub-PE和Spoke-PE2之间的接口。
[Hub-PE] vlan 23
[Hub-PE-vlan23] port GigabitEthernet 4/0/10
[Hub-PE-vlan23] quit
[Hub-PE] interface vlan-interface 23
[Hub-PE-Vlan-interface23] ip address 192.23.0.3 24
[Hub-PE-Vlan-interface23] undo shutdown
[Hub-PE-Vlan-interface23] quit
[Hub-PE] interface GigabitEthernet 4/0/10
[Hub-PE-GigabitEthernet4/0/10] undo shutdown
[Hub-PE-GigabitEthernet4/0/10] quit
# 配置Hub-PE上的环回口地址。
[Hub-PE] interface LoopBack 0
[Hub-PE -LoopBack0] ip address 192.0.0.3 32
[Hub-PE -LoopBack0] quit
(2) 配置IGP路由协议。
# 配置Router ID。
[Hub-PE] router id 192.0.0.3
# 配置OSPF路由协议,发布路由。
[Hub-PE] ospf 1
[Hub-PE-ospf-1] area 0
[Hub-PE-ospf-1-area-0.0.0.0] network 192.13.0.0 0.0.0.255
[Hub-PE-ospf-1-area-0.0.0.0] network 192.23.0.0 0.0.0.255
[Hub-PE-ospf-1-area-0.0.0.0] network 192.0.0.3 0.0.0.0
[Hub-PE-ospf-1-area-0.0.0.0] quit
[Hub-PE-ospf-1] quit
(3) 配置MPLS基本能力。
# 配置MPLS LSR-ID,使能MPLS、MPLS LDP、MPLS L2VPN。
[Hub-PE] mpls lsr-id 192.0.0.3
[Hub-PE] mpls
[Hub-PE-mpls] quit
[Hub-PE] mpls ldp
[Hub-PE-mpls-ldp] quit
[Hub-PE] mpls l2vpn
# 使能各接口上的MPLS和MPLS LDP能力。
[Hub-PE] interface vlan-interface 13
[Hub-PE-Vlan-interface13] mpls
[Hub-PE-Vlan-interface13] mpls ldp
[Hub-PE-Vlan-interface13] quit
[Hub-PE] interface vlan-interface 23
[Hub-PE-Vlan-interface23] mpls
[Hub-PE-Vlan-interface23] mpls ldp
[Hub-PE-Vlan-interface23] quit
# 配置MPLS LDP远程会话。
[Hub-PE] mpls ldp remote-peer 1
[Hub-PE-mpls-ldp-remote-1] remote-ip 192.0.0.1
[Hub-PE-mpls-ldp-remote-1] quit
[Hub-PE] mpls ldp remote-peer 2
[Hub-PE-mpls-ldp-remote-2] remote-ip 192.0.0.2
[Hub-PE-mpls-ldp-remote-2] quit
(4) 配置VPLS相关内容。
# 配置Hub-Spoke VPLS实例vpn1000。
[Hub-PE] vsi vpn1000 static hub-spoke
[Hub-PE-vsi-vpn1000] pwsignal ldp
[Hub-PE-vsi-vpn1000-ldp] vsi-id 1000
# 配置到Spoke-PE1、Spoke-PE2的PW,PW类型为Spoke。
[Hub-PE-vsi-vpn1000-ldp] peer 192.0.0.1 spoke
[Hub-PE-vsi-vpn1000-ldp] peer 192.0.0.2 spoke
[Hub-PE-vsi-vpn1000-ldp] quit
[Hub-PE-vsi-vpn1000] quit
# 配置VPLS实例绑定私网AC,AC类型为Hub。
[Hub-PE] vlan 1000
[Hub-PE] interface GigabitEthernet 4/0/1
[Hub-PE-GigabitEthernet4/0/1] port link-type trunk
[Hub-PE-GigabitEthernet4/0/1] port trunk permit vlan 1000
Please wait... Done.
[Hub-PE-GigabitEthernet4/0/1] service-instance 1000
[Hub-PE-GigabitEthernet4/0/1] undo shutdown
[Hub-PE-GigabitEthernet4/0/1-srv1000] encapsulation s-vid 1000
[Hub-PE-GigabitEthernet4/0/1-srv1000] xconnect vsi vpn1000 hub
[Hub-PE-GigabitEthernet4/0/1-srv1000] quit
[Hub-PE-GigabitEthernet4/0/1] quit
按照如上配置,Spoke-PE1和Hub-PE、Spoke-PE2和Hub-PE之间建立Hub-Spoke关系的VPLS PW连接,Spoke-PE下的CE设备之间的流量都定向转发到Hub-CE上。
# 查看Hub-PE上的PW状态。
[Hub-PE] display vpls connection vsi vpn1000
Total 2 connection(s),
connections: 2 up, 0 block, 0 down
VSI Name: vpn1000 Signaling: ldp
VsiID VsiType PeerAddr InLabel OutLabel LinkID VCState
1000 vlan 192.0.0.1 131072 131074 1 up
1000 vlan 192.0.0.2 131073 131074 2 up
在前面配置完成后,可以通过命令display current-configuration来查看当前的相关配置。
· Spoke-PE1:
[Spoke-PE1] display current-configuration
#
sysname Spoke-PE1
#
domain default enable system
#
router id 192.0.0.1
#
xbar load-balance
#
forward-path check enable
#
mpls lsr-id 192.0.0.1
#
vlan 1
#
vlan 13
#
vlan 1000
#
vlan 1001
#
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 1
remote-ip 192.0.0.3
#
vsi vpn1000 static hub-spoke
pwsignal ldp
vsi-id 1000
peer 192.0.0.3 hub
#
interface LoopBack0
ip address 192.0.0.1 255.255.255.255
#
interface Vlan-interface13
ip address 192.13.0.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet6/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
service-instance 1000
encapsulation s-vid 1000
xconnect vsi vpn1000
#
interface GigabitEthernet6/0/3
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1001
service-instance 1001
encapsulation s-vid 1001
xconnect vsi vpn1000
#
interface GigabitEthernet6/0/24
port link-mode bridge
port access vlan 13
#
ospf 1
area 0.0.0.0
network 192.13.0.0 0.0.0.255
network 192.0.0.1 0.0.0.0
#
· Spoke-PE2:
[Spoke-PE2] display current-configuration
#
sysname Spoke-PE2
#
domain default enable system
#
router id 192.0.0.2
#
xbar load-balance
#
forward-path check enable
#
mpls lsr-id 192.0.0.2
#
vlan 1
#
vlan 23
#
vlan 1000
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 1
remote-ip 192.0.0.3
#
vsi vpn1000 static hub-spoke
pwsignal ldp
vsi-id 1000
peer 192.0.0.3 hub
#
interface LoopBack0
ip address 192.0.0.2 255.255.255.255
#
interface Vlan-interface23
ip address 192.23.0.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet4/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
service-instance 1000
encapsulation s-vid 1000
xconnect vsi vpn1000
#
interface GigabitEthernet4/0/10
port link-mode bridge
port access vlan 23
#
interface GigabitEthernet4/0/15
port link-mode bridge
port access vlan 12
#
ospf 1
area 0.0.0.0
network 192.23.0.0 0.0.0.255
network 192.0.0.2 0.0.0.0
#
· Hub-PE:
[Hub-PE] display current-configuration
#
sysname Hub-PE
#
domain default enable system
#
router id 192.0.0.3
#
xbar load-balance
#
forward-path check enable
#
mpls lsr-id 192.0.0.3
#
vlan 1
#
vlan 13
#
vlan 23
#
vlan 1000
#
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 1
remote-ip 192.0.0.1
#
mpls ldp remote-peer 2
remote-ip 192.0.0.2
#
vsi vpn1000 static hub-spoke
pwsignal ldp
vsi-id 1000
peer 192.0.0.1
peer 192.0.0.2
#
interface LoopBack0
ip address 192.0.0.3 255.255.255.255
#
interface Vlan-interface13
ip address 192.13.0.3 255.255.255.0
mpls
mpls ldp
#
interface Vlan-interface23
ip address 192.23.0.3 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet4/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
service-instance 1000
encapsulation s-vid 1000
xconnect vsi vpn1000 hub
#
interface GigabitEthernet4/0/10
port link-mode bridge
port access vlan 23
#
interface GigabitEthernet4/0/24
port link-mode bridge
port access vlan 13
#
ospf 1
area 0.0.0.0
network 192.13.0.0 0.0.0.255
network 192.23.0.0 0.0.0.255
network 192.0.0.3 0.0.0.0
#
· 《H3C S12500系列路由交换机 MPLS配置指导》中的“VPLS”
· 《H3C S12500系列路由交换机 MPLS命令参考》中的“VPLS”
不同款型规格的资料略有差异, 详细信息请向具体销售和400咨询。H3C保留在没有任何通知或提示的情况下对资料内容进行修改的权利!
支持
售前咨询
售后咨询
人工在线咨询
