- 产品与解决方案
- 行业解决方案
- 服务
- 支持
- 合作伙伴
- 新华三人才研学中心
- 关于我们
34-MSR系列路由器MPLS L3VPN TE功能的典型配置举例
本章节下载: 34-MSR系列路由器MPLS L3VPN TE功能的典型配置举例 (150.64 KB)
MSR系列路由器MPLS L3VPN TE功能的典型配置举例
|
Copyright © 2014 杭州华三通信技术有限公司 版权所有,保留一切权利。 非经本公司书面许可,任何单位和个人不得擅自摘抄、复制本文档内容的部分或全部, 并不得以任何形式传播。本文档中的信息可能变动,恕不另行通知。 |
|
目 录
本文档介绍使用MPLS TE隧道转发MPLS VPN报文的典型案例。
本文档不严格与具体软、硬件版本对应,如果使用过程中与产品实际情况有差异,请参考相关产品手册,或以设备实际情况为准。
本文档中的配置均是在实验室环境下进行的配置和验证,配置前设备的所有参数均采用出厂时的缺省配置。如果您已经对设备进行了配置,为了保证配置效果,请确认现有配置和以下举例中的配置不冲突。
本文档假设您已了解MPLS TE隧道的特性。
如图1所示,在MPLS骨干网上,CE A和CE B都属于vpna实例,分别通过PE A和PE B接入到MPLS骨干网中。现要求:在PE间配置MPLS TE隧道转发VPN流量,实现CE A和CE B的报文转发。
图1 MSR系列路由器采用MPLS TE隧道转发MPLS VPN报文组网图
在配置MPLS TE隧道时,由于MPLS TE的LSP隧道是单向的,因此需要在PE A和PE B都向对方建立一条LSP隧道,这样发送给对方的报文才能转发回来。
本举例是在Release 2311版本上进行配置和验证的。
# 配置PE A基本接口配置。
<PEA> system-view
[PEA] interface loopback 0
[PEA-LoopBack0] ip address 1.1.1.1 255.255.255.255
[PEA-LoopBack0] quit
[PEA] interface ethernet 0/0
[PEA-Ethernet0/0] port link-mode route
[PEA-Ethernet0/0] ip address 192.168.1.1 255.255.255.252
[PEA-Ethernet0/0] quit
[PEA] interface ethernet 0/1
[PEA-Ethernet0/1] port link-mode route
[PEA-Ethernet0/1] ip address 10.1.1.1 255.255.255.0
[PEA-Ethernet0/1] quit
# 配置OSPF协议,实现骨干网的互通。
[PEA] ospf 1
[PEA-ospf-1] area 0.0.0.0
[PEA-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.3
[PEA-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[PEA-ospf-1-area-0.0.0.0] quit
# 在PE A上使能MPLS基本能力,并使能RSVP-TE和CSPF。
[PEA] mpls lsr-id 1.1.1.1
[PEA] mpls
[PEA-mpls] lsp-trigger all
[PEA-mpls] mpls te
[PEA-mpls] mpls rsvp-te
[PEA-mpls] mpls te cspf
[PEA-mpls] quit
[PEA] interface ethernet0/0
[PEA-Ethernet0/0] mpls
[PEA-Ethernet0/0] mpls te
[PEA-Ethernet0/0] mpls rsvp-te
[PEA-Ethernet0/0] quit
# 使能OSPF TE和opaque LSA发布接收能力。
[PEA] ospf
[PEA-ospf-1] opaque-capability enable
[PEA-ospf-1] area 0
[PEA-ospf-1-area-0.0.0.0] mpls-te enable
[PEA-ospf-1-area-0.0.0.0] quit
[PEA-ospf-1] quit
# 以PE A为首端路由器,PE B为尾端路由器创建一条LSP隧道,隧道模式为MPLS TE,信令协议默认为RSVP-TE。
[PEA] interface tunnel 1
[PEA-Tunnel1] ip address 12.1.1.1 255.255.255.0
[PEA-Tunnel1] tunnel-protocol mpls te
[PEA-Tunnel1] destination 2.2.2.2
[PEA-Tunnel1] mpls te tunnel-id 10
[PEA-Tunnel1] mpls te signal-protocol rsvp-te
[PEA-Tunnel1] mpls te commit
[PEA-Tunnel1] quit
# 在PE A上创建隧道策略policy1,指定报文通过的隧道类型为CR-LSP,负载分担条数为1。
[PEA] tunnel-policy policy1
[PEA-tunnel-policy-policy1] tunnel select-seq cr-lsp load-balance-number 1
[PEA-tunnel-policy-policy1] quit
# 在PE A上创建VPN实例vpna,并与隧道策略policy1关联起来。
[PEA] ip vpn-instance vpna
[PEA-vpn-instance-vpna] route-distinguisher 1:1
[PEA-vpn-instance-vpna] vpn-target 1:1 export-extcommunity
[PEA-vpn-instance-vpna] vpn-target 1:1 import-extcommunity
[PEA-vpn-instance-vpna] tnl-policy policy1
[PEA-vpn-instance-vpna] quit
# 将PE A接口与vpna绑定,将CE接入PE A。
[PEA] interface ethernet 0/1
[PEA-Ethernet0/1] ip binding vpn-instance vpna
[PEA-Ethernet0/1] ip address 10.1.1.1 255.255.255.0
[PEA-Ethernet0/1] quit
# 在PE A与CE A之间建立EBGP对等体,引入VPN路由。
[PEA] bgp 100
[PEA-bgp] ipv4-family vpn-instance vpna
[PEA-bgp-vpna] peer 10.1.1.2 as-number 65410
[PEA-bgp-vpna] peer 10.1.1.2 next-hop-local
[PEA-bgp-vpna] import-route direct
[PEA-bgp-vpna] quit
[PEA-bgp] quit
# 在PE之间建立MP-IBGP对等体。
[PEA] bgp 100
[PEA-bgp] peer 2.2.2.2 as-number 100
[PEA-bgp] peer 2.2.2.2 connect-interface loopback 0
[PEA-bgp] ipv4-family vpnv4
[PEA-bgp-af-vpnv4] peer 2.2.2.2 enable
[PEA-bgp-af-vpnv4] quit
[PEA-bgp] quit
# 配置PE B基本接口配置。
<PEB> system-view
[PEB] interface loopback 0
[PEB-LoopBack0] ip address 2.2.2.2 255.255.255.255
[PEB-LoopBack0] quit
[PEB] interface ethernet 0/0
[PEB-Ethernet0/0] port link-mode route
[PEB-Ethernet0/0] ip address 192.168.1.2 255.255.255.252
[PEB-Ethernet0/0] quit
[PEB] interface ethernet 0/1
[PEB-Ethernet0/1] port link-mode route
[PEB-Ethernet0/1] ip address 10.1.2.1 255.255.255.0
[PEB-Ethernet0/1] quit
# 配置OSPF协议,实现骨干网的互通。
[PEB] ospf 1
[PEB-ospf-1] area 0.0.0.0
[PEB-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.3
[PEB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[PEB-ospf-1-area-0.0.0.0] quit
[PEB-ospf-1] quit
# 在PE B上使能MPLS基本能力,并使能RSVP-TE和CSPF。
[PEB] mpls lsr-id 2.2.2.2
[PEB] mpls
[PEB-mpls] lsp-trigger all
[PEB-mpls] mpls te
[PEB-mpls] mpls rsvp-te
[PEB-mpls] mpls te cspf
[PEB-mpls] quit
[PEB] interface ethernet0/0
[PEB-Ethernet0/0] mpls
[PEB-Ethernet0/0] mpls te
[PEB-Ethernet0/0] mpls rsvp-te
[PEB-Ethernet0/0] quit
# 使能OSPF TE和opaque LSA发布接收能力。
[PEB] ospf
[PEB-ospf-1] opaque-capability enable
[PEB-ospf-1] area 0
[PEB-ospf-1-area-0.0.0.0] mpls-te enable
[PEB-ospf-1-area-0.0.0.0] quit
[PEB-ospf-1] quit
# 以PE B为首端路由器,PE A为尾端路由器创建一条LSP隧道,隧道模式为MPLS TE,信令协议为默认的RSVP-TE。
[PEB] interface tunnel 2
[PEB-Tunnel2] ip address 12.1.1.2 255.255.255.0
[PEB-Tunnel2] tunnel-protocol mpls te
[PEB-Tunnel2] destination 1.1.1.1
[PEB-Tunnel2] mpls te tunnel-id 20
[PEB-Tunnel2] mpls te signal-protocol rsvp-te
[PEB-Tunnel2] mpls te commit
# 在PE B上创建隧道策略policy2,指定报文通过的隧道类型为CR-LSP,负载分担条数为1。
[PEB] tunnel-policy policy2
[PEB-tunnel-policy-policy2] tunnel select-seq cr-lsp load-balance-number 1
[PEB-tunnel-policy-policy2] quit
# 在PE B上创建VPN实例vpna,并与隧道策略policy2关联起来。
[PEB] ip vpn-instance vpna
[PEB-vpn-instance-vpna] route-distinguisher 1:2
[PEB-vpn-instance-vpna] vpn-target 1:1 export-extcommunity
[PEB-vpn-instance-vpna] vpn-target 1:1 import-extcommunity
[PEB-vpn-instance-vpna] tnl-policy policy2
[PEB-vpn-instance-vpna] quit
# 将PE B接口与vpna绑定,将CE接入PE B。
[PEB] interface ethernet0/1
[PEB-Ethernet0/1] ip binding vpn-instance vpna
[PEB-Ethernet0/1] ip address 10.1.2.1 255.255.255.0
[PEB-Ethernet0/1] quit
# 在PE与CE之间建立EBGP对等体,引入VPN路由。
[PEB] bgp 100
[PEB-bgp] ipv4-family vpn-instance vpna
[PEB-bgp-vpna] peer 10.1.2.2 as-number 65420
[PEB-bgp-vpna] peer 10.1.2.2 next-hop-local
[PEB-bgp-vpna] import-rute direct
[PEB-bgp-vpna] quit
[PEB-bgp] quit
# 在PE之间建立MP-IBGP对等体。
[PEB] bgp 100
[PEB-bgp] peer 1.1.1.1 as-number 100
[PEB-bgp] peer 1.1.1.1 connect-interface loopback 0
[PEB-bgp] ipv4-family vpnv4
[PEB-bgp-af-vpnv4] peer 1.1.1.1 enable
[PEB-bgp-af-vpnv4] quit
[PEB-bgp] quit
# 查看PE A的Tunnel接口状态。
<PEA> display interface tunnel 1
Tunnel1 current state: UP
Line protocol current state: UP
Description: Tunnel1 Interface
The Maximum Transmit Unit is 64000
Internet Address is 12.1.1.1/24 Primary
Encapsulation is TUNNEL, service-loopback-group ID not set.
Tunnel source unknown, destination 2.2.2.2
Tunnel bandwidth 64 (kbps)
Tunnel protocol/transport CR_LSP
Output queue : (Urgent queuing : Size/Length/Discards) 0/100/0
Output queue : (Protocol queuing : Size/Length/Discards) 0/500/0
Output queue : (FIFO queuing : Size/Length/Discards) 0/75/0
Last clearing of counters: Never
Last 300 seconds input: 0 bytes/sec, 0 packets/sec
Last 300 seconds output: 0 bytes/sec, 0 packets/sec
0 packets input, 0 bytes
0 input error
156 packets output, 13704 bytes
0 output error
# 查看PE B的Tunnel接口状态。
<PEB> display interface tunnel 2
Tunnel2 current state: UP
Line protocol current state: UP
Description: Tunnel2 Interface
The Maximum Transmit Unit is 64000
Internet Address is 12.1.1.2/24 Primary
Encapsulation is TUNNEL, service-loopback-group ID not set.
Tunnel source unknown, destination 1.1.1.1
Tunnel bandwidth 64 (kbps)
Tunnel protocol/transport CR_LSP
Output queue : (Urgent queuing : Size/Length/Discards) 0/100/0
Output queue : (Protocol queuing : Size/Length/Discards) 0/500/0
Output queue : (FIFO queuing : Size/Length/Discards) 0/75/0
Last clearing of counters: Never
Last 300 seconds input: 0 bytes/sec, 0 packets/sec
Last 300 seconds output: 0 bytes/sec, 0 packets/sec
0 packets input, 0 bytes
0 input error
65 packets output, 5700 bytes
0 output error
# 在CE A上ping CE 2的接口IP地址,验证是否能够ping通。
<CEA> ping 10.1.2.2
PING 10.1.2.2: 56 data bytes, press CTRL_C to break
Reply from 10.1.2.2: bytes=56 Sequence=0 ttl=253 time=1 ms
Reply from 10.1.2.2: bytes=56 Sequence=1 ttl=253 time=1 ms
Reply from 10.1.2.2: bytes=56 Sequence=2 ttl=253 time=1 ms
Reply from 10.1.2.2: bytes=56 Sequence=3 ttl=253 time=1 ms
Reply from 10.1.2.2: bytes=56 Sequence=4 ttl=253 time=1 ms
--- 10.1.2.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/1/1 ms
· PE A配置:
#
mpls lsr-id 1.1.1.1
#
ip vpn-instance vpna
route-distinguisher 1:1
tnl-policy policy1
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
mpls
mpls te
lsp-trigger all
mpls rsvp-te
mpls te cspf
#
tunnel-policy policy1
tunnel select-seq cr-lsp load-balance-number 1
#
interface Ethernet0/0
port link-mode route
ip address 192.168.1.1 255.255.255.252
mpls
mpls te
mpls rsvp-te
#
interface Ethernet0/1
port link-mode route
ip binding vpn-instance vpna
ip address 10.1.1.1 255.255.255.0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface Tunnel1
ip address 12.1.1.1 255.255.255.0
tunnel-protocol mpls te
destination 2.2.2.2
mpls te tunnel-id 10
mpls te commit
#
bgp 100
undo synchronization
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
#
ipv4-family vpn-instance vpna
peer 10.1.1.2 as-number 65410
import-route direct
peer 10.1.1.2 next-hop-local
#
ipv4-family vpnv4
peer 2.2.2.2 enable
#
ospf 1
opaque-capability enable
area 0.0.0.0
network 192.168.1.0 0.0.0.3
network 1.1.1.1 0.0.0.0
mpls-te enable
· PE B配置:
#
mpls lsr-id 2.2.2.2
#
ip vpn-instance vpna
route-distinguisher 1:2
tnl-policy policy2
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
mpls
mpls te
lsp-trigger all
mpls rsvp-te
mpls te cspf
#
tunnel-policy policy2
tunnel select-seq cr-lsp load-balance-number 1
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
interface Ethernet0/0
port link-mode route
ip address 192.168.1.2 255.255.255.252
mpls
mpls te
mpls rsvp-te
#
interface Ethernet0/1
port link-mode route
ip binding vpn-instance vpna
ip address 10.1.2.1 255.255.255.0
#
interface Tunnel2
ip address 12.1.1.2 255.255.255.0
tunnel-protocol mpls te
destination 1.1.1.1
mpls te tunnel-id 20
mpls te commit
#
bgp 100
undo synchronization
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
#
ipv4-family vpn-instance vpna
peer 10.1.2.2 as-number 65420
import-route direct
peer 10.1.2.2 next-hop-local
#
ipv4-family vpnv4
peer 1.1.1.1 enable
#
ospf 1
opaque-capability enable
area 0.0.0.0
network 192.168.1.0 0.0.0.3
network 2.2.2.2 0.0.0.0
mpls-te enable
· H3C MSR 系列路由器 命令参考(V5)-R2311
· H3C MSR 系列路由器 配置指导(V5)-R2311
不同款型规格的资料略有差异, 详细信息请向具体销售和400咨询。H3C保留在没有任何通知或提示的情况下对资料内容进行修改的权利!
支持
售前咨询
售后咨询
人工在线咨询
