manualshive.com logo in svg

H3C S5500-HI Switch Series, Mpls Configuration Manual

The H3C S5500-HI Switch Series is a high-performance network switch designed to meet the demands of today's business networks. Get the most out of your switch by downloading the Fundamentals Configuration Manual for free from manualshive.com. This comprehensive manual provides detailed instructions on how to configure your switch for optimal performance.

Share
Download
background image

H3C S5500-HI Switch Series

MPLS Configuration Guide

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 
Hangzhou H3C Technologies Co., Ltd.  
http://www.h3c.com 
 
Software version: Release 5501 
Document version: 6W100-20140103

 

Summary of Contents for S5500-HI Switch Series

Page 1: ...H3C S5500 HI Switch Series MPLS Configuration Guide Hangzhou H3C Technologies Co Ltd http www h3c com Software version Release 5501 Document version 6W100 20140103...

Page 2: ...ne SecPath SecCenter SecBlade Comware ITCMM and HUASAN are trademarks of Hangzhou H3C Technologies Co Ltd All other trademarks that may be mentioned in this manual are the property of their respective...

Page 3: ...I documentation set Obtaining documentation Technical support Documentation feedback Audience This documentation is intended for Network planners Field technical support and servicing engineers Networ...

Page 4: ...mes are inside angle brackets For example click OK Window names menu items data table and field names are inside square brackets For example pop up the New User window Multi level menus are separated...

Page 5: ...an modules available for the products User manuals for power modules Describe the specifications installation and replacement of hot swappable power modules RPS Ordering Information for H3C Low End Et...

Page 6: ...hardware installation software upgrading and software feature configuration and maintenance documentation Products Solutions Provides information about products and technologies as well as solutions T...

Page 7: ...outes to the PE 27 Using tunnels to advertise VPN routes 30 Configuring IPv6 MCE 37 Overview 37 Configuring an IPv6 MCE 37 Configuring VPN instances 37 Configuring routing on an IPv6 MCE 39 Configurat...

Page 8: ...ng MPLS trap 80 Displaying and maintaining MPLS 80 Displaying MPLS operation 80 Displaying MPLS LDP operation 81 Clearing MPLS statistics 82 MPLS configuration examples 82 Configuring static LSPs 82 C...

Page 9: ...ing FRR 119 Configuration prerequisites 119 Enabling FRR on the headend of a primary LSP 120 Configuring a bypass tunnel on its PLR 120 Configuring node protection 121 Configuring the FRR polling time...

Page 10: ...VPN 199 Configuring a PE CE interface of a PE 199 Configuring Ethernet encapsulation 199 Configuring VLAN encapsulation 200 Configuring a remote CCC connection 200 Configuring SVC MPLS L2VPN 200 Confi...

Page 11: ...es 271 Configuring MPLS L3VPNs using EBGP between PE and CE 271 Configuring MPLS L3VPNs using IBGP between PE and CE 278 Configuring a hub spoke network 286 Configuring inter AS option A 294 Configuri...

Page 12: ...VPN option C 357 Resetting BGP connections 358 Displaying information about IPv6 MPLS L3VPN 359 IPv6 MPLS L3VPN configuration examples 360 Configuring IPv6 MPLS L3VPNs 360 Configuring inter AS IPv6 V...

Page 13: ...se VPN routes and uses MPLS to forward VPN packets on service provider backbones MPLS L3VPN provides flexible networking modes excellent scalability and convenient support for MPLS QoS and MPLS TE The...

Page 14: ...ackbone the ingress PE functions as the ingress Label Switching Router LSR the egress PE functions as the egress LSR and P routers function as the transit LSRs MPLS L3VPN concepts Site Sites are often...

Page 15: ...ocess overlapping VPN routes If for example both VPN 1 and VPN 2 use addresses on the segment 10 1 10 10 0 24 and each advertise a route to the segment BGP selects only one of them which results in th...

Page 16: ...ort target attribute of the VPN instance the PE adds the routes to the VPN routing table In other words route target attributes define which sites can receive VPN IPv4 routes and from which sites that...

Page 17: ...the number of the interface receiving the information It then maintains the corresponding routing table accordingly You must also bind the interfaces to the VPNs on PE 1 in the same way as those on t...

Page 18: ...and VPNs Figure 5 Network diagram for using MCE in a tunneling application 2 MCE devices in a tunneling application can exchange VPN routing information with their peer MCE devices or CE devices dire...

Page 19: ...mains you must enable the redistributed routes to carry the OSPF domain ID by configuring the domain id command in OSPF view The domain ID is added to BGP VPN routes as an extended community attribute...

Page 20: ...a PE you isolate not only VPN routes from public network routes but also routes of a VPN from those of another VPN This feature allows VPN instances to be used in networking scenarios besides MCE Cre...

Page 21: ...mand Remarks 1 Enter system view system view N A 2 Enter interface view interface interface type interface number N A 3 Associate the current interface with the VPN instance ip binding vpn instance vp...

Page 22: ...ort route policy route policy Optional By default all VPN instance routes permitted by the export target attribute can be redistributed NOTE Only when BGP runs between the MCE and PE can the route tar...

Page 23: ...ance name gateway address preference preference value tag tag value description description text Use either command Perform this configuration on the MCE On a VPN site configure a normal static route...

Page 24: ...process that is bound with a VPN instance does not use the public network router ID configured in system view Therefore you must configure a router ID when starting the OSPF process All OSPF processes...

Page 25: ...The MCE advertises the default route to the site 8 Create an OSPF area and enter OSPF area view area area id By default no OSPF area is created 9 Enable OSPF on the interface attached to the specifie...

Page 26: ...and redistribute the IGP routes of each VPN instance on the VPN sites If EBGP is used for route exchange you also can configure filtering policies to filter the received routes and the routes to be ad...

Page 27: ...mal network For more information about BGP see Layer 3 IP Routing Configuration Guide 2 Configure a VPN site Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A...

Page 28: ...ed from the VPN site to other IBGP peers including VPNv4 peers Only when you configure the VPN site as a client of the RR the MCE does the MCE advertise routes learned from it to other IBGP peers 2 Co...

Page 29: ...ce value Optional 60 by default Configuring RIP between MCE and PE Step Command Remarks 1 Enter system view system view N A 2 Create a RIP process for a VPN instance and enter RIP view rip process id...

Page 30: ...ber of routes redistributed per time is 1000 the default tag is 1 and default type of redistributed routes is Type 2 8 Create an OSPF area and enter OSPF area view area area id By default no OSPF area...

Page 31: ...te import route protocol process id all processes med med value route policy route policy name By default no route redistribution is configured 6 Configure a filtering policy to filter the routes to b...

Page 32: ...oops 9 Configure a filtering policy to filter the routes to be advertised filter policy acl number ip prefix ip prefix name export direct isis process id ospf process id rip process id static Optional...

Page 33: ...lay fib vpn instance vpn instance name ip address mask mask length begin exclude include regular expression Available in any view Display information about a specific peer group or all BGP VPNv4 peer...

Page 34: ...view Clear the route flap dampening information of a VPN instance reset bgp vpn instance vpn instance name dampening network address mask mask length Available in user view Clear route flap history in...

Page 35: ...ip vpn instance vpn1 MCE vpn instance vpn1 route distinguisher 10 1 MCE vpn instance vpn1 vpn target 10 1 MCE vpn instance vpn1 quit MCE ip vpn instance vpn2 MCE vpn instance vpn2 route distinguisher...

Page 36: ...N 1 directly and no routing protocol is enabled in VPN 1 Therefore you can configure static routes On VR 1 assign IP address 10 214 10 2 24 to the interface connected to MCE and 192 168 0 1 24 to the...

Page 37: ...0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 192 168 10 0 24 RIP 100 1 10 214 20 2 Vlan20 The output shows that the MCE has learned the private routes of VPN 2 The MCE maintains the routes...

Page 38: ...E1 vlan40 quit PE1 interface vlan interface 40 PE1 Vlan interface40 ip binding vpn instance vpn2 PE1 Vlan interface40 ip address 40 1 1 2 24 PE1 Vlan interface40 quit Configure the IP address of the i...

Page 39: ...e following output shows that PE 1 has learned the private route of VPN 2 through OSPF PE1 display ip routing table vpn instance vpn2 Routing Tables vpn2 Destinations 5 Routes 5 Destination Mask Proto...

Page 40: ...shown Configure OSPF on the MCE and bind OSPF process 10 with VPN instance vpn1 to learn the routes of VPN 1 MCE system view MCE ospf router id 10 214 10 3 10 vpn instance vpn1 MCE ospf 10 area 0 MCE...

Page 41: ...ports The configuration procedure is similar to that described in Using OSPF to advertise VPN routes to the PE Details not shown Start BGP process 100 on the MCE and enter the IPv4 address family vie...

Page 42: ...stributed the OSPF routes of the two VPN instances into the EBGP routing tables of PE 1 Using tunnels to advertise VPN routes Network requirements As shown in Figure 8 MCE 1 and MCE 2 communicate with...

Page 43: ...VLAN 100 and VLAN 101 configure GigabitEthernet 1 0 15 as a trunk port and add it to the two VLANs MCE1 system view MCE1 vlan 100 to 101 MCE1 interface GigabitEthernet 1 0 15 MCE1 GigabitEthernet1 0 1...

Page 44: ...Configure an IP address for the Tunnel 1 interface MCE1 Tunnel1 ip address 10 1 2 1 255 255 255 0 Specify the tunnel protocol as GRE MCE1 Tunnel1 tunnel protocol gre Specify the source address of the...

Page 45: ...loopback group 1 Reference loopback group 1 on the tunnel interface MCE2 GigabitEthernet1 0 3 quit MCE2 interface tunnel 0 MCE2 Tunnel0 service loopback group 1 MCE2 Tunnel0 quit Create the Tunnel1 in...

Page 46: ...ace 11 MCE1 Vlan interface11 ip binding vpn instance vpn2 MCE1 Vlan interface11 ip address 10 214 20 1 24 MCE1 Vlan interface11 quit MCE1 interface tunnel 1 MCE1 Tunnel1 ip binding vpn instance vpn2 M...

Page 47: ...gured at site 1 of VPN 1 area 0 in this example MCE1 ospf 1 vpn instance vpn1 router id 192 168 1 1 MCE1 ospf 1 vpn instance capability simple MCE1 ospf 1 area 0 MCE1 ospf 1 area 0 0 0 0 Advertise the...

Page 48: ...bute routes learned by RIP process 1 to OSPF process 2 MCE1 ospf 2 MCE1 ospf 2 import route rip 1 On MCE 2 configure OSPF process 2 for VPN instance vpn2 and configure OSPF to support MCE Be sure to c...

Page 49: ...configure a description for a VPN instance to record its related information such as its relationship with a certain VPN To create and configure a VPN instance Step Command Remarks 1 Enter system view...

Page 50: ...ANT Create a routing policy before associating it with a VPN instance Otherwise the switch cannot filter the routes to be received and advertised To configure route related attributes for a VPN instan...

Page 51: ...IPv6 MCE and a VPN site or a PE Configuration prerequisites Before you configure routing on an IPv6 MCE complete the following tasks On the IPv6 MCE configure VPN instances and bind the VPN instances...

Page 52: ...Layer 3 IP Routing Configuration Guide To configure RIPng between IPv6 MCE and VPN site Step Command Remarks 1 Enter system view system view N A 2 Create a RIPng process for a VPN instance and enter R...

Page 53: ...ted OSPFv3 processes at the same time Configuring IPv6 IS IS between IPv6 MCE and VPN site An IPv6 IS IS process belongs to the public network or a single IPv6 VPN instance If you create an IPv6 IS IS...

Page 54: ...received routes and the routes to be advertised 1 Configure the IPv6 MCE Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Enter IPv6 BGP VPN instance view...

Page 55: ...routing configurations Redistribute IPv6 VPN routes into the routing protocol running between the IPv6 MCE and the PE Configuring IPv6 static routing between IPv6 MCE and PE To configure IPv6 static...

Page 56: ...w ospfv3 process id vpn instance vpn instance name N A 3 Set the router ID router id router id N A 4 Redistribute the VPN routes import route protocol process id allow ibgp cost value route policy rou...

Page 57: ...r the IS IS process on the interface isis ipv6 enable process id Disabled by default Configuring EBGP between IPv6 MCE and PE Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view...

Page 58: ...ssion Available in any view Display information about the IPv6 FIB of a VPN instance display ipv6 fib vpn instance vpn instance name acl6 acl6 number ipv6 prefix ipv6 prefix name begin exclude include...

Page 59: ...names of the edge devices of VPN 1 and VPN 2 are VR1 and VR2 respectively and the system name of PE 1 is PE1 1 Configure the VPN instances on the MCE and PE 1 On the MCE configure VPN instances vpn1 a...

Page 60: ...e20 ipv6 address 2002 1 1 64 MCE Vlan interface20 quit On PE 1 configure VPN instances vpn1 and vpn2 and specify an RD and route targets for each VPN instance PE1 system view PE1 ip vpn instance vpn1...

Page 61: ...0 quit VR2 interface vlan interface 20 VR2 Vlan interface20 ripng 20 enable VR2 Vlan interface20 quit VR2 interface vlan interface 21 VR2 Vlan interface21 ripng 20 enable VR2 Vlan interface21 quit On...

Page 62: ...ackets of VLAN 30 and VLAN 40 to pass with VLAN tags MCE interface gigabitethernet 1 0 3 MCE GigabitEthernet1 0 3 port link type trunk MCE GigabitEthernet1 0 3 port trunk permit vlan 30 40 MCE Gigabit...

Page 63: ...quit Configure the IP address of the interface Loopback0 as 101 101 10 1 for the MCE and as 100 100 10 1 for PE 1 Specify the loopback interface address as the router ID for the MCE and PE 1 Details n...

Page 64: ...nd redistribute VPN 2 s routes from RIPng process 20 into the OSPFv3 routing table of the MCE The following output shows that PE 1 has learned the private route of VPN 2 through OSPFv3 PE1 display ipv...

Page 65: ...s functions such as VPN traffic engineering and QoS Basic concepts FEC MPLS groups packets with the same characteristics such as packets with the same destination or service class into a class called...

Page 66: ...A label switched path LSP is the path along which packets of a FEC travel through an MPLS network An LSP is a unidirectional path from the ingress of an MPLS network to the egress On an LSP two neighb...

Page 67: ...uration To establish a static LSP you must assign a label to the FEC on each LSR along the packet forwarding path Establishment of static LSPs consumes fewer resources than dynamic LSP establishment H...

Page 68: ...downstream on demand DoD The label distribution control modes include independent and ordered Label management specifies the mode for processing a received label binding that is not useful at the mom...

Page 69: ...7 Independent label distribution control mode In ordered mode an LSR distributes its label binding for a FEC upstream only when it receives a label binding for the FEC from its downstream or it is the...

Page 70: ...rward labeled packets When an LSR receives a labeled packet it looks for the corresponding ILM entry If the Token value of the ILM entry is not null the LSR looks for the corresponding NHLFE entry to...

Page 71: ...signs an IPv4 explicit null label to a FEC and advertises the FEC label binding to the upstream LSR When forwarding an MPLS packet the upstream LSR replaces the label at the stack top with the explici...

Page 72: ...so that the LSR with the IP address can discover the LDP peer If two LSRs each have the same transport address the source IP address used to establish a TCP connection to the peer for the basic and ex...

Page 73: ...palive timer times out if two LDP peers have no information to exchange they can send Keepalive messages to each other to maintain the LDP session If an LSR does not receive any LDP PDU from its peer...

Page 74: ...ng Optional Configuring MPLS LSP tracert Optional Configuring BFD for LSPs Optional Configuring periodic LSP tracert Optional Enabling MPLS trap Optional NOTE These types of interfaces support MPLS ca...

Page 75: ...LSR for the static LSP Enable MPLS on all these LSRs Make sure that the ingress LSR has a route to the FEC destination This is not required on the transit LSRs and egress LSR When you configure a stat...

Page 76: ...rough LDP Configuring MPLS LDP capability To configure MPLS LDP capability Step Command Remarks 1 Enter system view system view N A 2 Enable LDP capability globally and enter MPLS LDP view mpls ldp No...

Page 77: ...sessions Configuring remote LDP session parameters LDP sessions established between remote LDP peers are remote LDP sessions Remote LDP sessions are mainly used in Martini MPLS L2VPN and Martini VPLS...

Page 78: ...nal 45 seconds by default 7 Configure the LDP transport address mpls ldp transport address ip address Optional The default takes the value of the MPLS LSR ID The specified IP address must be the IP ad...

Page 79: ...onfiguration Guide To configure the policy for triggering LSP establishment Step Command Remarks 1 Enter system view system view N A 2 Enter MPLS view mpls N A 3 Configure the LSP establishment trigge...

Page 80: ...is present and terminates the establishment of the LSP 2 Path vector A label request message or label mapping message carries path information in the form of path vector list When such a message reac...

Page 81: ...MD5 authentication settings are the same To configure LDP MD5 authentication Step Command Remarks 1 Enter system view system view N A 2 Enter MPLS LDP view mpls ldp N A 3 Enable LDP MD5 authenticatio...

Page 82: ...advertises to upstream device LSR C only label bindings with FEC destinations permitted by prefix list C Figure 20 Network diagram of label advertisement control Configuration prerequisites Before yo...

Page 83: ...ew system view N A 2 Enter MPLS LDP view mpls ldp N A 3 Configure a DSCP value for outgoing LDP packets dscp dscp value By default the DSCP value for outgoing LDP packets is 48 Maintaining LDP session...

Page 84: ...pops a label it copies the TTL value of the label at the stack top back to the TTL field of the IP packet In this case the TTL value of a packet is decreased hop by hop when forwarded along the LSP Th...

Page 85: ...ptional Enabled for only public network packets by default Sending back ICMP TTL exceeded messages for MPLS TTL expired packets After you enable an LSR to send back ICMP TTL exceeded messages for MPLS...

Page 86: ...tes undo ttl expiration pop Optional Use either approach as required By default an ICMP TTL exceeded message is sent back along an IP route when the TTL of an MPLS packet with a one level label stack...

Page 87: ...ession fails to be re established the GR helper will delete the FEC label bindings marked stale 4 If the session is re established successfully during the LDP recovery time the GR helper and the GR re...

Page 88: ...task in user view Task Command Remarks Restart MPLS LDP gracefully graceful restart mpls ldp This command is only used to test MPLS LDP GR function It does not perform active standby switchover Do not...

Page 89: ...LS LSP connectivity Configuring MPLS LSP tracert MPLS LSP tracert is for locating LSP errors It consecutively sends the MPLS echo requests along the LSP to be inspected with the TTL increasing from 1...

Page 90: ...tiate the discriminator values and then the BFD session is established based on the negotiated discriminator values Such a BFD session is used for connectivity detection of an LSP from the local devic...

Page 91: ...LSP is deleted and a new BFD session is established according to the control plane Configuration prerequisites Enable sending ICMP TTL exceeded messages on the intermediate devices between the source...

Page 92: ...all interfaces with MPLS enabled display mpls interface interface type interface number verbose begin exclude include regular expression Available in any view Display information about ILM entries di...

Page 93: ...me lsp name begin exclude include regular expression Available in any view Display MPLS statistics for one or all interfaces display mpls statistics interface interface type interface number all begin...

Page 94: ...ask length begin exclude include regular expression Available in any view NOTE The vpn instance vpn instance name option is used to specify information about an LDP instance For information about LDP...

Page 95: ...hA system view SwitchA ip route static 21 1 1 0 24 10 1 1 2 On Switch C configure a static route to network 11 1 1 0 24 SwitchC system view SwitchC ip route static 11 1 1 0 255 255 255 0 20 1 1 1 3 En...

Page 96: ...SwitchB static lsp transit CtoA incoming interface vlan interface 3 in label 40 nexthop 10 1 1 1 out label 70 Configure the LSP egress Switch A SwitchA static lsp egress CtoA incoming interface vlan i...

Page 97: ...DP to establish LSPs between Switch A and Switch C so that subnets 1 1 1 1 0 24 and 21 1 1 0 24 can reach each other over MPLS Test the LSP connectivity Figure 25 Network diagram Configuration conside...

Page 98: ...network 3 3 3 9 0 0 0 0 SwitchC ospf 1 area 0 0 0 0 network 20 1 1 0 0 0 0 255 SwitchC ospf 1 area 0 0 0 0 network 21 1 1 0 0 0 0 255 SwitchC ospf 1 area 0 0 0 0 quit SwitchC ospf 1 quit Execute the...

Page 99: ...ure MPLS and MPLS LDP on Switch C SwitchC mpls lsr id 3 3 3 9 SwitchC mpls SwitchC mpls quit SwitchC mpls ldp SwitchC mpls ldp quit SwitchC interface vlan interface 3 SwitchC Vlan interface3 mpls Swit...

Page 100: ...n example SwitchA display mpls ldp lsp LDP LSP Information SN DestAddress Mask In OutLabel Next Hop In Out Interface 1 1 1 1 9 32 3 NULL 127 0 0 1 InLoop0 2 2 2 2 9 32 NULL 3 10 1 1 2 Vlan2 3 3 3 3 9...

Page 101: ...for LSPs Network requirements As shown in Figure 25 use LDP to establish an LSP from 1 1 1 1 0 24 to 21 1 1 0 24 and an LSP from 21 1 1 0 24 to 1 1 1 1 0 24 Configure BFD for the LSPs to detect LSP fa...

Page 102: ...sessions SwitchA display bfd session verbose Total session number 2 Up session number 2 Init mode Active IPv4 session working under Ctrl mode Local Discr 129 Remote Discr 129 Source IP 1 1 1 9 Destina...

Page 103: ...nectivity they fail to present some dynamic factors such as bandwidth and traffic characteristics This IGP disadvantage can be repaired by using an overlay model such as IP over ATM or IP over FR An o...

Page 104: ...ishing paths and forwarding packets Advertising TE attributes MPLS TE must be aware of dynamic TE attributes of each link on the network which is achieved by extending link state based IGPs such as OS...

Page 105: ...defined Traffic characteristics Traffic is described in terms of peak rate committed rate and service granularity The peak and committed rates describe the bandwidth constraints of a path Preemption...

Page 106: ...ice DiffServ Resource Reservation Protocol RSVP is designed for IntServ It reserves resources on each node along a path RSVP operates at the transport layer but does not participate in data transmissi...

Page 107: ...t allows the new path to share the bandwidth of the original path at the Router C Router D link Upon creation of the new path traffic is switched to the new path and the previous path is torn down Thi...

Page 108: ...message towards the ingress along the reverse direction of the path along which the Path message travels The LSRs that the Resv message traverses along the path reserve resources as required 3 When th...

Page 109: ...ion request does not pass admission control on some node you may want to store the resource reservation state for it while allowing other requests to use the resources reserved for the request In this...

Page 110: ...guration Guide Policy routing You can also use policy routing to route traffic over an MPLS TE tunnel In this approach you need to create a policy that specifies the MPLS TE tunnel interface as the ou...

Page 111: ...from FRR which provides quick but temporary per link or per node protection on an LSP In the same TE tunnel the LSP used to back up a primary LSP is called a secondary LSP When the ingress of a TE tu...

Page 112: ...is switched to the bypass LSP As shown in Figure 29 the primary LSP is Router A Router B Router C Router D and the bypass LSP is Router B Router F Router C Figure 29 FRR link protection Node protecti...

Page 113: ...uses the primary LSP to transfer data force forced switch Forces data to travel on the backup LSP manual manual switch Switches data from the primary LSP to the backup LSP or vice versa 2 Signal switc...

Page 114: ...ong MPLS TE tunnels through automatic route advertisement Configuring traffic forwarding tuning parameters Optional Configuring CR LSP backup Optional Configuring FRR Optional Inspecting an MPLS TE tu...

Page 115: ...tion of tunnel constraints or the issue of IGP TE extension or CSPF Create a static CR LSP and a TE tunnel using static signaling and then associate them Despite its ease of configuration the applicat...

Page 116: ...the tunnel interface name is Tunnel2 Then the tunnel name in the static cr lsp ingress command must be in the form of Tunnel2 not tunnel2 or TUNNEL2 Otherwise the tunnel cannot be established on the i...

Page 117: ...e CSPF on your device mpls te cspf Disabled by default Configuring OSPF TE Configure OSPF TE if the routing protocol is OSPF and a dynamic signaling protocol is used for MPLS TE tunnel setup The OSPF...

Page 118: ...e of these reasons when TE is configured set the MTU of each IS IS enabled interface to be equal to or greater than 512 bytes to guarantee that IS IS LSPs can be flooded on the network For more inform...

Page 119: ...erses 5 Modify the IP address of current node on the explicit path modify hop ip address1 ip address2 include loose strict exclude Optional By default the include keyword and the strict keyword apply...

Page 120: ...r N A 8 Set the signaling protocol for setting up the MPLS TE tunnel to RSVP TE mpls te signal protocol rsvp te Optional RSVP TE applies by default 9 Submit current tunnel configuration mpls te commit...

Page 121: ...reservation state refresh interval of the node mpls rsvp te timer refresh timevalue Optional The default path reservation state refresh interval is 30 seconds 4 Configure the keep multiplier for PSB...

Page 122: ...mpls rsvp te hello Disabled by default 4 Configure the maximum number of consecutive hellos that must be lost before the link is considered failed mpls rsvp te hello lost times Optional By default the...

Page 123: ...ink interface interface type interface number N A 3 Enable RSVP authentication mpls rsvp te authentication cipher plain auth key Disabled by default Do not configure both FRR and RSVP authentication o...

Page 124: ...protocol RSVP TE Before performing them be aware of each configuration objective and its impact on your system Configuring route pinning Route pinning cannot be used together with reoptimization To c...

Page 125: ...up mpls te link administrative group value Optional The default is 0x00000000 4 Exit to system view quit N A 5 Enter MPLS TE tunnel interface view interface tunnel tunnel number N A 6 Configure the af...

Page 126: ...to perform loop detection when setting up a tunnel mpls te loop detection Disabled by default 4 Submit current tunnel configuration mpls te commit N A Configuring route and label recording Step Comman...

Page 127: ...ust be greater than the holding priority of the existing path To avoid flapping caused by improper preemptions between CR LSPs the setup priority of a CR LSP must not be set higher than its holding pr...

Page 128: ...ust be added to the metric before it can be used for path calculation Enable OSPF or IS IS on the tunnel interface of the MPLS TE tunnel before configuring automatic route advertisement To use automat...

Page 129: ...djacency enable traffic adjustment advertise Disabled by default Configuring traffic forwarding tuning parameters In MPLS TE you can configure traffic forwarding tuning parameters such as the failed l...

Page 130: ...pe command in MPLS TE tunnel interface view the metric type specified in MPLS view takes effect 7 Submit current tunnel configuration mpls te commit Optional 8 Return to system view quit N A 9 Enter i...

Page 131: ...tunnels to protect primary tunnels As bypass tunnels are pre established they require extra bandwidth and are usually used to protect crucial interfaces or links only You can define which type of LSP...

Page 132: ...her LSP at the same time When specifying a bypass tunnel for an interface ensure the following The bypass tunnel is up The protected interface is not the outgoing interface of the bypass tunnel Up to...

Page 133: ...e hello Disabled by default 4 Return to system view quit N A 5 Enter the view of the interface directly connected to the protected node or PLR interface interface type interface number N A 6 Enable RS...

Page 134: ...tracert MPLS LSP tracert can be used to locate errors of an MPLS TE tunnel It sends MPLS echo requests to the nodes along the MPLS TE tunnel to be inspected with the TTL increasing from 1 to a specifi...

Page 135: ...hen re establish it Configuration guidelines You cannot establish both a static BFD session and a dynamic BFD session for the same MPLS TE tunnel After establishing a static BFD session for an MPLS TE...

Page 136: ...S TE tunnel once the periodical LSP tracert function detects a fault or inconsistency of the forwarding plane and control plane of the MPLS TE tunnel the BFD session for the tunnel will be deleted and...

Page 137: ...e a protection tunnel for the primary tunnel mpls te protection tunnel tunnel id holdoff holdoff time mode non revertive revertive N A 4 Configure an external protection switching action mpls te prote...

Page 138: ...include regular expression Available in any view Display information about RSVP TE RSB display mpls rsvp te rsb content ingress lsr id Ispid tunnel id egress lsr id nexthop address begin exclude inclu...

Page 139: ...ion Available in any view Display the information of the specified or all OSPF processes about traffic tuning display ospf process id traffic adjustment begin exclude include regular expression Availa...

Page 140: ...tunnels display mpls te protection tunnel tunnel id all verbose begin exclude include regular expression Available in any view Clear the statistics about RSVP TE reset mpls rsvp te statistics global...

Page 141: ...tchB Vlan interface2 quit SwitchB interface loopback 0 SwitchB LoopBack0 isis enable 1 SwitchB LoopBack0 quit Configure Switch C SwitchC system view SwitchC isis 1 SwitchC isis 1 network entity 00 000...

Page 142: ...an interface1 mpls te SwitchB Vlan interface1 quit SwitchB interface vlan interface 2 SwitchB Vlan interface2 mpls SwitchB Vlan interface2 mpls te SwitchB Vlan interface2 quit Configure Switch C Switc...

Page 143: ...oup ID not set Tunnel source unknown destination 3 3 3 3 Tunnel protocol transport CR_LSP Output queue Urgent queuing Size Length Discards 0 100 0 Output queue Protocol queuing Size Length Discards 0...

Page 144: ...tunnel configured using a static CR LSP traffic is forwarded directly based on label at the transit nodes and egress node Therefore it is normal that the FEC field in the sample output is empty on Sw...

Page 145: ...sis 1 network entity 00 0005 0000 0000 0001 00 SwitchA isis 1 quit SwitchA interface vlan interface 1 SwitchA Vlan interface1 isis enable 1 SwitchA Vlan interface1 isis circuit level level 2 SwitchA V...

Page 146: ...SwitchD system view SwitchD isis 1 SwitchD isis 1 network entity 00 0005 0000 0000 0004 00 SwitchD isis 1 quit SwitchD interface vlan interface 3 SwitchD Vlan interface3 isis enable 1 SwitchD Vlan in...

Page 147: ...witchB mpls mpls te SwitchB mpls mpls rsvp te SwitchB mpls mpls te cspf SwitchB mpls quit SwitchB interface vlan interface 1 SwitchB Vlan interface1 mpls SwitchB Vlan interface1 mpls te SwitchB Vlan i...

Page 148: ...2 SwitchA isis 1 quit Configure Switch B SwitchB isis 1 SwitchB isis 1 cost style wide SwitchB isis 1 traffic eng level 2 SwitchB isis 1 quit Configure Switch C SwitchC isis 1 SwitchC isis 1 cost styl...

Page 149: ...bytes sec 0 packets sec 0 packets input 0 bytes 0 input error 0 packets output 0 bytes 0 output error Execute the display mpls te tunnel interface command on Switch A to verify information about the...

Page 150: ...static route for routing MPLS TE tunnel traffic SwitchA ip route static 30 1 1 2 24 tunnel 1 preference 1 Execute the display ip routing table command on Switch A You can see a static route entry with...

Page 151: ...lo SwitchB mpls interface vlan interface 1 SwitchB Vlan interface1 mpls SwitchB Vlan interface1 mpls te SwitchB Vlan interface1 mpls rsvp te SwitchB Vlan interface1 mpls rsvp te hello SwitchB Vlan int...

Page 152: ...play mpls rsvp te peer Interface Vlan interface1 Neighbor Addr 10 1 1 2 SrcInstance 880 NbrSrcInstance 5017 PSB Count 0 RSB Count 1 Hello Type Sent REQ Neighbor Hello Extension ENABLE SRefresh Enable...

Page 153: ...SwitchB interface vlan interface 12 SwitchB Vlan interface12 mpls SwitchB Vlan interface12 mpls te SwitchB Vlan interface12 mpls rsvp te SwitchB Vlan interface12 mpls rsvp te bfd enable SwitchB Vlan...

Page 154: ...mpls te commit SwitchA Tunnel1 return 5 Verify the configuration On Switch A display the detailed information about the BFD session between Switch A and Switch B SwitchA display bfd session verbose To...

Page 155: ...ode Details not shown Execute the display ip routing table command on each switch You can see that all nodes have learned the host routes of other nodes with LSR IDs as destinations 3 Configure basic...

Page 156: ...EL service loopback group ID not set Tunnel source unknown destination 3 3 3 9 Tunnel protocol transport CR_LSP Output queue Urgent queuing Size Length Discards 0 100 0 Output queue Protocol queuing S...

Page 157: ...ch D SwitchA tracert a 1 1 1 9 3 3 3 9 traceroute to 3 3 3 9 3 3 3 9 30 hops max 40 bytes packet 1 30 1 1 2 28 ms 27 ms 23 ms 2 40 1 1 2 50 ms 50 ms 49 ms Execute the display mpls te tunnel command on...

Page 158: ...itch D Loop0 4 4 4 4 32 Vlan int5 3 3 1 2 24 Vlan int3 4 1 1 2 24 Configuration procedure 1 Assign IP addresses and masks to interfaces see Figure 36 Details not shown 2 Configure the IGP protocol Ena...

Page 159: ...interface1 mpls te SwitchA Vlan interface1 mpls rsvp te SwitchA Vlan interface1 quit Configure Switch B SwitchB mpls lsr id 2 2 2 2 SwitchB mpls SwitchB mpls mpls te SwitchB mpls mpls rsvp te SwitchB...

Page 160: ...interface tunnel Tunnel4 current state UP Line protocol current state UP Description Tunnel4 Interface The Maximum Transmit Unit is 64000 Internet Address is 10 1 1 1 24 Primary Encapsulation is TUNN...

Page 161: ...atus 5 Configure a bypass tunnel on Switch B the PLR Create an explicit path for the bypass LSP SwitchB explicit path by path SwitchB explicit path by path next hop 3 2 1 2 SwitchB explicit path by pa...

Page 162: ...s lsp LSP Information RSVP LSP FEC In Out Label In Out IF Vrf Name 4 4 4 4 32 3 NULL Vlan3 SwitchE display mpls lsp LSP Information RSVP LSP FEC In Out Label In Out IF Vrf Name 3 3 3 3 32 1024 3 Vlan4...

Page 163: ...Label 1024 In Interface Vlan interface1 Out Interface Vlan interface2 LspIndex 4097 Tunnel ID 0x22001 LsrType Transit Bypass In Use Not Used BypassTunnel Tunnel Index Tunnel5 InnerLabel 1024 No 2 Ing...

Page 164: ...ss Type CT0 Tunnel BW 0 kbps Reserved BW 0 kbps Setup Priority 7 Hold Priority 7 Affinity Prop Mask 0x0 0x0 Explicit Path Name pri path Tie Breaking Policy None Metric Type None Record Route Enabled R...

Page 165: ...W Max BW Current Collected BW Interfaces Protected VPN Bind Type NONE VPN Bind Value Car Policy Disabled Tunnel Group Primary Primary Tunnel Backup Tunnel Group Status Oam Status If you execute the di...

Page 166: ...UPDOWN Line protocol on the interface Vlan interface2 turns into UP state Execute the display interface tunnel 4 command on Switch A to identify the state of the primary LSP You can see that the tunn...

Page 167: ...interface2 ip address 10 0 0 1 255 255 255 0 PE1 Vlan interface2 quit PE1 ospf PE1 ospf 1 area 0 PE1 ospf 1 area 0 0 0 0 network 10 0 0 0 0 0 0 255 PE1 ospf 1 area 0 0 0 0 network 2 2 2 2 0 0 0 0 PE1...

Page 168: ...ng Tables Public Destinations 7 Routes 7 Destination Mask Proto Pre Cost NextHop Interface 2 2 2 2 32 Direct 0 0 127 0 0 1 InLoop0 3 3 3 3 32 OSPF 10 1563 10 0 0 2 Vlan2 10 0 0 0 24 Direct 0 0 10 0 0...

Page 169: ...nation 3 3 3 3 PE1 Tunnel1 mpls te tunnel id 10 PE1 Tunnel1 mpls te signal protocol rsvp te PE1 Tunnel1 mpls te commit PE1 Tunnel1 quit Execute the display interface tunnel command on PE 1 You can see...

Page 170: ...isplay ip vpn instance instance name vpn1 VPN Instance Name and ID vpn1 1 Create time 2006 09 27 15 10 29 Up time 0 days 00 hours 03 minutes and 09 seconds Route Distinguisher 100 1 Export VPN Targets...

Page 171: ...PE2 bgp vpn1 peer 192 168 2 2 as number 65002 PE2 bgp vpn1 import route direct PE2 bgp vpn1 quit PE2 bgp peer 2 2 2 2 as number 100 PE2 bgp peer 2 2 2 2 connect interface loopback 0 PE2 bgp ipv4 fami...

Page 172: ...53 time 38 ms Reply from 192 168 1 2 bytes 56 Sequence 2 ttl 253 time 61 ms Reply from 192 168 1 2 bytes 56 Sequence 3 ttl 253 time 74 ms Reply from 192 168 1 2 bytes 56 Sequence 4 ttl 253 time 36 ms...

Page 173: ...ation POP LSP Information LDP LSP No 3 VrfIndex Fec 2 2 2 2 32 Nexthop 127 0 0 1 In Label 3 Out Label NULL In Interface Vlan interface2 Out Interface LspIndex 10241 Tunnel ID 0x0 LsrType Egress Outgoi...

Page 174: ...0 Output queue FIFO queuing Size Length Discards 0 75 0 Last 300 seconds input 5 bytes sec 0 packets sec Last 300 seconds output 5 bytes sec 0 packets sec 34 packets input 2856 bytes 0 input error 34...

Page 175: ...he edge of a VPLS network core domain and provides transparent VPLS transport services between core networks VSI Virtual switch instances hereinafter referred to as VPLS instances maps actual access l...

Page 176: ...GRE tunnel To create a PW follow these steps 1 Establish an MPLS tunnel or a GRE tunnel between the local and peer PEs 2 Identify the address of the peer PE For PEs in the same VSI you can manually s...

Page 177: ...m Dynamic address learning must support refreshing and relearning The VPLS draft defines a dynamic address learning method that uses the address reclaim message which carries MAC TLV Upon receiving su...

Page 178: ...E to a PE or sent by a PE to a CE includes a VLAN tag that is added in the header as a service delimiter for the service provider network to identify the user The tag is called a P Tag Ethernet access...

Page 179: ...1 It does not establish virtual links with any other peers Data forwarding in H VPLS with LSP access is as follows 1 Upon receiving a packet from a CE UPE tags the packet with the MPLS label for the U...

Page 180: ...abels the packet with the VLAN tag Then it forwards the packet through the QinQ tunnel to MTU which in turn forwards the packet to the CE For packets to be exchanged between CE 1 and CE 2 MTU can forw...

Page 181: ...L2VPN Enable L2VPN and MPLS L2VPN before you perform VPLS related configurations To enable L2VPN and MPLS L2VPN Step Command 1 Enter system view system view 2 Enable L2VPN and enter L2VPN view l2vpn...

Page 182: ...nect to all NPEs PW class to be referenced A PW class defines the PW transport mode and tunneling policy for the PW To configure an LDP VPLS instance Step Command Remarks 1 Enter system view system vi...

Page 183: ...outing Configuration Guide To configure BGP extension Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Enter BGP VPLS address family view vpls family For m...

Page 184: ...packets received on the port packets carrying the specified VLAN tags all tagged packets and all packets with no VLAN tags providing a more flexible VPLS instance access control Use this method when u...

Page 185: ...coming port if the timeout timer of that existing MAC address entry does not expire You can disable MAC address move to block illegal users that use spoofed MAC addresses To enable MAC address move St...

Page 186: ...al PE determines whether the PW is valid and reachable according to the replies received from the peer PE To test the connectivity of a PW Task Command Remarks Use MPLS LSP ping to test the connectivi...

Page 187: ...ice instance instance id begin exclude include regular expression Available in any view Display information about one or all VPLS instances display vsi vsi name verbose begin exclude include regular e...

Page 188: ...obally PE1 mpls lsr id 1 1 1 9 PE1 mpls PE1 mpls quit Enable L2VPN and MPLS L2VPN PE1 l2vpn PE1 l2vpn mpls l2vpn PE1 l2vpn quit Enable LDP globally PE1 mpls ldp PE1 mpls ldp quit Configure PE 1 to est...

Page 189: ...distinguisher 100 1 PE1 vsi bbb bgp vpn target 111 1 PE1 vsi bbb bgp site 10 PE1 vsi bbb bgp quit PE1 vsi bbb quit On the interface connecting CE 1 create service instance 1000 and bind it with VPLS...

Page 190: ...ce3 quit Configure OSPF P ospf P ospf 1 area 0 P ospf 1 area 0 0 0 0 network 23 1 1 2 0 0 0 255 P ospf 1 area 0 0 0 0 network 26 2 2 2 0 0 0 255 P ospf 1 area 0 0 0 0 network 2 2 2 9 0 0 0 0 P ospf 1...

Page 191: ...wsignal ldp PE2 vsi aaa ldp vsi id 500 PE2 vsi aaa ldp peer 1 1 1 9 PE2 vsi aaa ldp quit PE2 vsi aaa quit Configure VPLS instance bbb that uses BGP signaling PE2 vsi bbb auto PE2 vsi bbb pwsignal bgp...

Page 192: ...bel 89766 Remote VC Label 81922 Link ID 1 Tunnel Policy Tunnel ID 0x4600068 Configuring PW redundancy for H VPLS access Network requirements As shown in Figure 44 CE 1 and CE 2 are connected to UPE th...

Page 193: ...1 255 255 255 0 UPE Vlan interface13 mpls UPE Vlan interface13 mpls ldp UPE Vlan interface13 quit Configure the remote LDP peer NPE 1 UPE mpls ldp remote peer 1 UPE mpls remote 1 remote ip 2 2 2 2 UPE...

Page 194: ...t Configure an IP address for the interface connected to UPE and enable MPLS and MPLS LDP NPE1 interface vlan interface 12 NPE1 Vlan interface12 ip address 12 1 1 2 24 NPE1 Vlan interface12 mpls NPE1...

Page 195: ...ce 15 NPE3 Vlan interface15 ip address 15 1 1 2 24 NPE3 Vlan interface15 mpls NPE3 Vlan interface15 mpls ldp NPE3 Vlan interface15 quit Configure an IP address for the interface connected to NPE 2 and...

Page 196: ...hows that a PW connection in up state has been established Configuring BFD for the primary link in an H VPLS network Network requirements In the H VPLS network Switch A is the UPE Switch B is the prim...

Page 197: ...ldp SwitchA Vlan interface12 quit SwitchA interface vlan interface 13 SwitchA Vlan interface13 mpls SwitchA Vlan interface13 mpls ldp SwitchA Vlan interface13 quit Configure Switch B SwitchB system v...

Page 198: ...SwitchA interface loopback 0 SwitchA LoopBack0 ip address 1 1 1 9 32 SwitchA LoopBack0 quit Configure Switch B SwitchB interface vlan interface 12 SwitchB Vlan interface12 ip address 12 1 1 2 24 Switc...

Page 199: ...tchA vsi vpna ldp vsi id 100 SwitchA vsi vpna ldp peer 2 2 2 9 backup peer 3 3 3 9 SwitchA vsi vpna ldp quit SwitchA vsi vpna quit SwitchA vlan 100 SwitchA vlan100 port gigabitethernet 1 0 1 SwitchA v...

Page 200: ...cr 0 Source IP 1 1 1 9 Destination IP 3 3 3 9 Session State Up Interface LoopBack0 Min Trans Inter 400ms Act Trans Inter 1000ms Min Recv Inter 400ms Act Detect Inter 3000ms Running Up for 00 00 01 Aut...

Page 201: ...sponding VPLS instance or the private network interface is not up Solution Check the routing tables of the PEs to see whether a route is available between the two PEs Check whether each device can pin...

Page 202: ...ormation of users This greatly reduces the load of provider edge PE devices and even the load of the whole service provider network enabling carriers to support more VPNs and to service more users Gua...

Page 203: ...works to the same PE The customer networks exchange packets with each other through the PE The PE functions like a Layer 2 switch Figure 47 Local connection NOTE The switch does not support the local...

Page 204: ...ing the PE forwards packets received from the AC to the bound VC and forwards packets received from the bound VC to the AC Packet forwarding process MPLS L2VPN implements transparent transmission of L...

Page 205: ...o LSPs to Interface A on PE 1 and to Interface B on PE 2 A CCC connection is successfully established The following describes how a packet is forwarded from CE 1 to CE 2 1 After PE 1 receives a packet...

Page 206: ...PN It allows CEs in the same VPN to establish a connection CEs in different VPNs cannot establish a connection Kompella MPLS L2VPN has the following basic concepts CE ID Kompella numbers CEs inside a...

Page 207: ...igned label blocks For example if the LR and LO of the first label block is 10 and 0 the LO of the second label block is 10 If the LR of the second label block is 20 the LO of the third label block is...

Page 208: ...s VC label 3001 Figure 52 Label distribution in Kompella mode As shown in Figure 52 CE 1 and CE 2 belong to VPN 1 CE 3 and CE 4 belong to VPN 2 Configure route targets for the two VPNs to make sure CE...

Page 209: ...ge Cannot automatically adapt to network changes Supports only remote connections Small scale network with a simple topology Martini VC label encapsulation two levels of labels VC label distribution L...

Page 210: ...apsulates the packet If the peer PE requires the ingress to rewrite the P tag For a packet from a CE to a PE if the packet contains a P tag the PE changes the P Tag to the VLAN tag the tag may be a nu...

Page 211: ...LS L2VPN mpls l2vpn Disabled by default Configuring a PE CE interface of a PE A PE CE interface of a PE refers to a PE s interface connected to a CE As shown in Table 2 a PE CE interface of a PE can u...

Page 212: ...w these guidelines to configure a remote CCC connection The label range for CCC is 16 to 1023 which is the label range for static LSPs In CCC mode if the PE CE interface of a PE is a VLAN interface al...

Page 213: ...figured on the peer PE Configuring Martini MPLS L2VPN To configure Martini MPLS L2VPN complete the following tasks 1 Configure the remote peer In Martini MPLS L2VPN implementation VC labels must be ex...

Page 214: ...VC on a Layer 3 interface of a PE Step Command 1 Enter system view system view 2 Enter the view of the interface connecting the CE interface interface type interface number 3 Create a Martini VC mpls...

Page 215: ...service instance and enter service instance view service instance instance id By default no service instance is created 8 Configure a packet matching rule for the service instance encapsulation s vid...

Page 216: ...VPN To configure a Kompella MPLS L2VPN perform the following configurations on PEs Configure BGP L2VPN capability Not needed for a local connection Create and configure MPLS L2VPN Create a CE connecti...

Page 217: ...an configure a CE range greater than what is required based on your estimate of the future VPN expansion This can reduce the configuration modification required when CEs are added into the VPN in futu...

Page 218: ...an ID of previous connection CE ID 2 When you plan a VPN H3C recommends that you set CE IDs in incremental sequence and then configure connections in the sequence of the CE IDs in which case you can o...

Page 219: ...sions perform the following task in user view Task Command Reset L2VPN BGP sessions reset bgp l2vpn as number ip address all external internal Displaying and maintaining MPLS L2VPN Task Command Remark...

Page 220: ...MPLS L2VPN AC information display mpls l2vpn fib ac vpws interface interface type interface number service instance service instanceid slot slot number begin exclude include regular expression Availa...

Page 221: ...n the P device for packets to be transferred in both directions Configuration procedure 1 Configure CE 1 Configure an IP address for the interface connected to PE 1 Sysname system view Sysname sysname...

Page 222: ...lan interface 30 P Vlan interface30 ip address 10 1 1 2 24 P Vlan interface30 mpls P Vlan interface30 quit Configure interface VLAN interface 20 and enable MPLS P interface vlan interface 20 P Vlan in...

Page 223: ...e vlan interface 10 CE2 Vlan interface10 ip address 100 1 1 2 24 6 Verify your configuration Display CCC connection information on PE 1 The output shows that a remote CCC connection has been establish...

Page 224: ...ired 1 Configure basic MPLS settings on the PEs and P device Configure the LSR ID enable MPLS and LDP and run IGP OSPF in this example between PE 1 the P device and PE 2 to establish LSPs 2 Configure...

Page 225: ...5 PE1 ospf 1 area 0 0 0 0 network 192 2 2 2 0 0 0 0 PE1 ospf 1 area 0 0 0 0 quit PE1 ospf 1 quit Create a static VC on the interface connected to CE 1 The interface requires no IP address PE1 interfac...

Page 226: ...and enable MPLS globally Sysname system view Sysname sysname PE2 PE2 interface loopback 0 PE2 LoopBack0 ip address 192 3 3 3 32 PE2 LoopBack0 quit PE2 mpls lsr id 192 3 3 3 PE2 mpls PE2 mpls quit Enab...

Page 227: ...t shows that a VC has been established PE2 display mpls static l2vc Total connections 1 1 up 0 down ce intf state destination tr label rcv label tnl policy Vlan20 up 192 2 2 2 200 100 Ping CE 2 from C...

Page 228: ...erface 10 CE1 Vlan interface10 ip address 100 1 1 1 24 2 Configure PE 1 Configure the LSR ID and enable MPLS globally Sysname system view Sysname sysname PE1 PE1 interface loopback 0 PE1 LoopBack0 ip...

Page 229: ...2vc 192 3 3 3 101 PE1 Vlan interface10 quit 3 Configure the P device Configure the LSR ID and enable MPLS globally Sysname system view Sysname sysname P P interface loopback 0 P LoopBack0 ip address 1...

Page 230: ...mote peer 2 PE2 mpls ldp remote 2 remote ip 192 2 2 2 PE2 mpls ldp remote 2 quit Configure the interface connected with the P device and enable LDP on the interface PE2 interface vlan interface 30 PE2...

Page 231: ...Label 101 Vlan10 up 8192 8193 Ping CE 2 from CE 1 The output shows that CE 1 and CE 2 can ping each other CE1 ping 100 1 1 2 PING 100 1 1 2 56 data bytes press CTRL_C to break Reply from 100 1 1 2 byt...

Page 232: ...ve been established and reached Full state 2 Configure basic MPLS and LDP to establish LDP LSPs Details not shown After configuration issue the display mpls ldp session and display mpls ldp peer comma...

Page 233: ...es are similar to those for Martini MPLS L2VPN and are omitted PE1 mpls l2vpn vpn1 encapsulation vlan PE1 mpls l2vpn vpn1 route distinguisher 100 1 PE1 mpls l2vpn vpn1 vpn target 1 1 PE1 mpls l2vpn vp...

Page 234: ...packet s transmitted 5 packet s received 0 00 packet loss round trip min avg max 34 68 94 ms Example for configuring a VC for a service instance Network requirements CE 1 and CE 2 are connected to PE...

Page 235: ...3 3 3 PE1 mpls ldp remote 1 quit Configure the interface connected to the P device and enable LDP on the interface PE1 interface vlan interface 23 PE1 Vlan interface23 ip address 23 1 1 1 24 PE1 Vlan...

Page 236: ...nected with PE 2 and enable LDP on the interface P interface vlan interface 26 P Vlan interface26 ip address 26 2 2 2 24 P Vlan interface26 mpls P Vlan interface26 mpls ldp P Vlan interface26 quit Con...

Page 237: ...nterface gigabitethernet 1 0 1 PE2 GigabitEthernet1 0 1 port access vlan 10 PE2 GigabitEthernet1 0 1 service instance 1000 PE2 GigabitEthernet1 0 1 srv1000 encapsulation s vid 10 PE2 GigabitEthernet1...

Page 238: ...ence 5 ttl 255 time 94 ms 100 1 1 2 ping statistics 5 packet s transmitted 5 packet s received 0 00 packet loss round trip min avg max 34 68 94 ms Troubleshooting MPLS L2VPN This section describes tro...

Page 239: ...and convenient support for MPLS QoS and MPLS TE MPLS L3VPN comprises the following types of devices Customer edge device A CE resides on a customer network and has one or more interfaces directly con...

Page 240: ...cted to the same provider network can be classified into different sets by policies Only the sites in the same set can access each other through the provider network Such a set is called a VPN Address...

Page 241: ...ed by the Type field When the value of the Type field is 0 the Administrator subfield occupies two bytes the Assigned number subfield occupies four bytes and the RD format is 16 bit AS number 32 bit u...

Page 242: ...utes between PEs It is backward compatible and supports both traditional IPv4 address family and other address families such as VPN IPv4 address family Using MP BGP can guarantee that private routes o...

Page 243: ...ed on the inbound interface and destination address of the packet Once finding a matching entry PE 1 labels the packet with both inner and outer labels and forwards the packet out 3 The MPLS backbone...

Page 244: ...trol device is required and all users must communicate with each other through the access control device the hub and spoke networking scheme can be used to implement the monitoring and filtering of us...

Page 245: ...th each other through the hub site The import target attribute of any spoke PE is distinct from the export route targets of the other spoke PEs Therefore any two spoke PEs can neither directly adverti...

Page 246: ...L3VPN networking the advertisement of VPN routing information involves CEs and PEs A P router maintains only the routes of the backbone and does not need to know any VPN routing information A PE maint...

Page 247: ...routes and IBGP routes The exchange of routing information between the egress PE and the remote CE is the same as that between the local CE and the ingress PE Inter AS VPN In some networking scenarios...

Page 248: ...P EBGP to exchange labeled VPN IPv4 routes that they have obtained from the PEs in their respective ASs As shown in Figure 65 the routes are advertised through the following steps 1 PEs in AS 100 adve...

Page 249: ...he needs for inter AS VPNs However they require that the ASBRs maintain and advertise VPN IPv4 routes When every AS needs to exchange a great amount of VPN routes the ASBRs may become bottlenecks hind...

Page 250: ...e that a customer of the MPLS L3VPN service provider is also a service provider In this case the MPLS L3VPN service provider is called the provider carrier or the Level 1 carrier while the customer is...

Page 251: ...l the routes exchanged between them In either case you must enable MPLS on the CE of the Level 1 carrier Moreover the CE holds the VPN routes of the Level 2 carrier but it does not advertise the route...

Page 252: ...eploy but it increases the network operation cost and brings issues on management and security because of the following The number of VPNs that PEs must support will increase sharply Any modification...

Page 253: ...rtises VPNv4 routes carrying the comprehensive VPN information to the other PEs of the service provider 4 After another provider PE receives the VPNv4 routes it matches the VPNv4 routes based on its l...

Page 254: ...nce requirements on the devices decrease while the network expands MPLS L3VPN on the contrary is a plane model where performance requirements are the same for all PEs If a certain PE has limited perfo...

Page 255: ...he routes permitted by the routing policy By using routing policies you can control which nodes in a VPN can communicate with each other Different roles mean different requirements as follows An SPE i...

Page 256: ...d management because the CEs only need to support OSPF In addition if the customers require MPLS L3VPN services through conventional OSPF backbone using OSPF between PE and CE can simplify the transit...

Page 257: ...through Type 5 LSAs ASE LSAs However CE 11 CE 21 and CE 22 belong to the same OSPF domain and the route advertisement between them should use Type 3 LSAs inter AS routes To solve the problem the PE u...

Page 258: ...as an intra area point to point link and is advertised through the Type 1 LSA You can select a route between the sham link and backdoor link by adjusting the metric The sham link is considered the li...

Page 259: ...this way CE 2 can normally receive the routing information from CE 1 However the AS number substitution function also introduces a routing loop in Site 2 because route updates originated from CE3 can...

Page 260: ...VPN instances By configuring VPN instances on a PE you can isolate not only VPN routes from public network routes but also routes of a VPN from those of another VPN This feature allows VPN instances t...

Page 261: ...tributes for a VPN instance The control process of VPN route advertisement is as follows When a VPN route learned from a CE gets redistributed into BGP BGP associates it with a route target extended c...

Page 262: ...ls for load balancing With the preferred path command you can configure preferred tunnels that each correspond to a tunnel interface After a tunneling policy is applied on a PE the PE selects tunnels...

Page 263: ...nnel CR LSP tunnel NOTE A tunnel type closer to the select seq keyword has a higher priority For example with the tunnel select seq lsp cr lsp load balance number 1 command configured VPN uses a CR LS...

Page 264: ...ormation about MPLS LDP see Configuring basic MPLS Configurations in MPLS LDP VPN instance view affect only the LDP enabled interface bound to the VPN instance Configurations in MPLS LDP view do not a...

Page 265: ...nce the process belongs to the public network For more information about RIP see Layer 3 IP Routing Configuration Guide To configure RIP between PE and CE Step Command Remarks 1 Enter system view syst...

Page 266: ...fferent OSPF processes are independent of each other All OSPF processes of a VPN must be configured with the same domain ID for routes to be correctly advertised while OSPF processes on PEs in differe...

Page 267: ...cy acl number ip prefix ip prefix name export direct isis process id ospf process id rip process id static Optional By default BGP does not filter routes to be advertised 7 Configure BGP to filter rec...

Page 268: ...information see Layer 3 IP Routing Configuration Guide Configuring IBGP between PE and CE Use IBGP between PE and CE devices in only common MPLS L3VPN network In networks such as Extranet inter AS VPN...

Page 269: ...BGP VPN instance view and BGP VPNv4 subaddress family view The two commands take effect for only the RR in the view where they are executed For RRs in other views they do not take effect Configuring a...

Page 270: ...eatures as required Configuring common routing features for all types of subaddress families For VPN applications BGP address families include BGP VPN IPv4 address family BGP L2VPN address family and...

Page 271: ...e RR peer group name ip address reflect client Optional By default no RR or RR client is configured 11 Enable the Outbound Route Filtering ORF capability for a BGP peer or peer group peer group name i...

Page 272: ...e import Optional By default BGP does not filter received routes 10 Advertise community attributes to a peer or peer group peer group name ip address advertise community Optional By default no communi...

Page 273: ...ure inter AS VPN complete the following tasks Configure an IGP for the MPLS backbones in each AS to implement IP connectivity of the backbones in the AS Configure basic MPLS for the MPLS backbones of...

Page 274: ...PE interface interface type interface number N A 3 Configure the IP address of the interface ip address ip address mask mask length N A 4 Return to system view quit N A 5 Enter BGP view bgp as number...

Page 275: ...advertised between RRs cannot be changed Configuring the ASBR PEs In the inter AS option C solution an inter AS LSP is required and the routes advertised between the relevant PEs and ASBRs must carry...

Page 276: ...ed IPv4 routes to be advertised to the PEs in the same AS Which IPv4 routes are to be assigned with MPLS labels depends on the routing policy Only routes that satisfy the criteria are assigned with la...

Page 277: ...instance vpn instance name enable By default only IPv4 routes and no BGP VPNv4 routes can be exchanged between nested VPN peers peer groups 9 Add a peer to the nested VPN peer group peer peer address...

Page 278: ...ses a default route using the local address as the next hop address to the UPE regardless of whether the default route is present in the local routing table or not Configuring an OSPF sham link The sh...

Page 279: ...ure the external route tag for imported VPN routes route tag tag value N A 4 Enter OSPF area view area area id N A 5 Configure a sham link sham link source ip address destination ip address cost cost...

Page 280: ...r system view system view N A 2 Create a routing policy and enter routing policy view route policy route policy name permit node node number Optional No routing policy is created by default 3 Specify...

Page 281: ...e name verbose begin exclude include regular expression Available in any view Display information about a specified or all VPN instances display ip vpn instance instance name vpn instance name begin e...

Page 282: ...rmation display bgp vpnv4 all routing table network address mask mask length longer prefixes as path acl as path acl number cidr community aa nn 1 13 no advertise no export no export subconfed whole m...

Page 283: ...iew Display information about a specified or all tunnel policies display tunnel policy all policy name tunnel policy name begin exclude include regular expression Available in any view Display informa...

Page 284: ...t12 10 2 1 1 24 Vlan int11 10 3 1 2 24 CE 3 Vlan int11 10 3 1 1 24 Vlan int13 10 4 1 2 24 CE 4 Vlan int13 10 4 1 1 24 Configuration procedure 1 Configure an IGP on the MPLS backbone to ensure IP conne...

Page 285: ...ce12 ip address 172 2 1 2 24 PE2 Vlan interface12 quit PE2 ospf PE2 ospf 1 area 0 PE2 ospf 1 area 0 0 0 0 network 172 2 1 0 0 0 0 255 PE2 ospf 1 area 0 0 0 0 network 3 3 3 9 0 0 0 0 PE2 ospf 1 area 0...

Page 286: ...stablish LDP LSPs Configure PE 1 PE1 mpls lsr id 1 1 1 9 PE1 mpls PE1 mpls quit PE1 mpls ldp PE1 mpls ldp quit PE1 interface vlan interface 13 PE1 Vlan interface13 mpls PE1 Vlan interface13 mpls ldp P...

Page 287: ...2 Vlan interface13 A before an LSP means the LSP is not established A before a Label means the USCB or DSCB is stale 3 Configure VPN instances on PEs to allow CEs to access Configure PE 1 PE1 ip vpn i...

Page 288: ...stance Name RD Create time vpn1 100 1 2009 01 22 13 02 21 vpn2 100 2 2009 01 22 13 02 40 PE1 ping vpn instance vpn1 10 1 1 1 PING 10 1 1 1 56 data bytes press CTRL_C to break Reply from 10 1 1 1 bytes...

Page 289: ...100 PE1 bgp peer 3 3 3 9 connect interface loopback 0 PE1 bgp ipv4 family vpnv4 PE1 bgp af vpnv4 peer 3 3 3 9 enable PE1 bgp af vpnv4 quit PE1 bgp quit Configure PE 2 PE2 bgp 100 PE2 bgp peer 1 1 1 9...

Page 290: ...xample CE 1 can ping CE 3 10 3 1 1 but cannot ping CE 4 10 4 1 1 CE1 ping 10 3 1 1 PING 10 3 1 1 56 data bytes press CTRL_C to break Reply from 10 3 1 1 bytes 56 Sequence 1 ttl 253 time 72 ms Reply fr...

Page 291: ...n int11 10 1 1 1 24 Vlan int12 172 2 1 1 24 CE 2 Loop0 5 5 5 9 32 Vlan int13 172 1 1 2 24 Vlan int12 10 2 1 1 24 CE 4 Loop0 7 7 7 9 32 CE 3 Loop0 6 6 6 9 32 Vlan int13 10 4 1 1 24 Vlan int11 10 3 1 1...

Page 292: ...ace loopback 0 PE2 LoopBack0 ip address 3 3 3 9 32 PE2 LoopBack0 quit PE2 interface vlan interface 12 PE2 Vlan interface12 ip address 172 2 1 2 24 PE2 Vlan interface12 quit PE2 ospf PE2 ospf 1 area 0...

Page 293: ...ence 0 Neighbor state change count 5 2 Configure basic MPLS and MPLS LDP on the MPLS backbone to establish LDP LSPs Configure PE 1 PE1 mpls lsr id 1 1 1 9 PE1 mpls PE1 mpls quit PE1 mpls ldp PE1 mpls...

Page 294: ...Loop0 2 2 2 2 9 32 NULL 3 172 1 1 2 Vlan interface13 3 3 3 3 9 32 NULL 1024 172 1 1 2 Vlan interface13 A before an LSP means the LSP is not established A before a Label means the USCB or DSCB is stale...

Page 295: ...Create time vpn1 100 1 2009 01 22 13 02 21 vpn2 100 2 2009 01 22 13 02 40 PE1 ping vpn instance vpn1 10 1 1 1 PING 10 1 1 1 56 data bytes press CTRL_C to break Reply from 10 1 1 1 bytes 56 Sequence 1...

Page 296: ...hed between the PEs and CEs and have reached the Established state Take the BGP peer relationship between PE 1 and CE 1 as an example PE1 display bgp vpnv4 vpn instance vpn1 peer BGP local router ID 1...

Page 297: ...1 1 9 Local AS number 100 Total number of peers 1 Peers in established state 1 Peer AS MsgRcvd MsgSent OutQ PrefRcv Up Down State 3 3 3 9 100 4 8 0 0 00 00 09 Established 6 Verify your configuration I...

Page 298: ...5 ttl 253 time 34 ms 6 6 6 9 ping statistics 5 packet s transmitted 5 packet s received 0 00 packet loss round trip min avg max 34 48 72 ms CE1 ping 7 7 7 9 PING 7 7 7 9 56 data bytes press CTRL_C to...

Page 299: ...dure 1 Configure an IGP in the MPLS backbone to ensure IP connectivity between spoke PE and hub PE Configure Spoke PE 1 Spoke PE1 system view Spoke PE1 interface loopback 0 Spoke PE1 LoopBack0 ip addr...

Page 300: ...72 2 1 0 0 0 0 255 Hub PE ospf 1 area 0 0 0 0 network 2 2 2 9 0 0 0 0 Hub PE ospf 1 area 0 0 0 0 quit Hub PE ospf 1 quit After the configuration OSPF adjacencies are established between Spoke PE 1 and...

Page 301: ...PE1 mpls ldp quit Spoke PE1 interface vlan interface 4 Spoke PE1 Vlan interface4 mpls Spoke PE1 Vlan interface4 mpls ldp Spoke PE1 Vlan interface4 quit Configure Spoke PE 2 Spoke PE2 mpls lsr id 3 3...

Page 302: ...DSCB is stale 3 Configure VPN instances on the spoke PEs and the hub PE to allow CEs to access the PEs Configure Spoke PE 1 Spoke PE1 ip vpn instance vpn1 Spoke PE1 vpn instance vpn1 route distinguis...

Page 303: ...ity between the PEs and their attached CEs The PEs can ping their attached CEs Take Spoke PE 1 as an example Spoke PE1 display ip vpn instance Total VPN Instances configured 1 VPN Instance Name RD Cre...

Page 304: ...bgp 100 Hub PE bgp ipv4 family vpn instance vpn1 in Hub PE bgp vpn1 in peer 10 3 1 1 as number 65430 Hub PE bgp vpn1 in import route direct Hub PE bgp vpn1 in quit Hub PE bgp ipv4 family vpn instance...

Page 305: ...9 as number 100 Hub PE bgp peer 3 3 3 9 connect interface loopback 0 Hub PE bgp ipv4 family vpnv4 Hub PE bgp af vpnv4 peer 1 1 1 9 enable Hub PE bgp af vpnv4 peer 3 3 3 9 enable Hub PE bgp af vpnv4 q...

Page 306: ...10 2 1 1 PING 10 2 1 1 56 data bytes press CTRL_C to break Reply from 10 2 1 1 bytes 56 Sequence 1 ttl 250 time 3 ms Reply from 10 2 1 1 bytes 56 Sequence 2 ttl 250 time 3 ms Reply from 10 2 1 1 bytes...

Page 307: ...2 bit loopback interface address used as the LSR ID needs to be advertised by OSPF After you complete the configurations each ASBR PE and the PE in the same AS can establish OSPF adjacencies Issue the...

Page 308: ...ASBR PE2 Vlan interface11 mpls ldp ASBR PE2 Vlan interface11 quit Configure MPLS basic capability on PE 2 and enable MPLS LDP on the interface connected to ASBR PE 2 PE2 system view PE2 mpls lsr id 4...

Page 309: ...instance and binding the instance to the interface connected with ASBR PE 2 ASBR PE 1 considers ASBR PE 2 its CE ASBR PE1 ip vpn instance vpn1 ASBR PE1 vpn instance vpn1 route distinguisher 100 2 ASB...

Page 310: ...number 65002 PE2 bgp vpn1 import route direct PE2 bgp vpn1 quit PE2 bgp quit 5 Establish an MP IBGP peer relationship between each PE and the ASBR PE in the same AS and an EBGP peer relationship betw...

Page 311: ...bgp ipv4 family vpnv4 PE2 bgp af vpnv4 peer 3 3 3 9 enable PE2 bgp af vpnv4 peer 3 3 3 9 next hop local PE2 bgp af vpnv4 quit PE2 bgp quit 6 Verify your configuration After you complete the configura...

Page 312: ...ration procedure 1 Configure PE 1 Run IS IS on PE 1 PE1 system view PE1 isis 1 PE1 isis 1 network entity 10 1111 1111 1111 1111 00 PE1 isis 1 quit Configure LSR ID enable MPLS and LDP PE1 mpls lsr id...

Page 313: ...e12 quit Start BGP on PE 1 PE1 bgp 100 Configure IBGP peer 3 3 3 9 as a VPNv4 peer PE1 bgp peer 3 3 3 9 as number 100 PE1 bgp peer 3 3 3 9 connect interface loopback 0 PE1 bgp ipv4 family vpnv4 PE1 bg...

Page 314: ...11 0 0 1 as number 600 Disable route target based filtering of received VPNv4 routes ASBR PE1 bgp ipv4 family vpnv4 ASBR PE1 bgp af vpnv4 undo policy vpn target Configure both IBGP peer 2 2 2 0 and E...

Page 315: ...of received VPNv4 routes ASBR PE2 bgp ipv4 family vpnv4 ASBR PE2 bgp af vpnv4 undo policy vpn target Configure both IBGP peer 5 5 5 9 and EBGP peer 11 0 0 2 as VPNv4 peers ASBR PE2 bgp af vpnv4 peer...

Page 316: ...ber 600 PE2 bgp peer 4 4 4 9 connect interface loopback 0 PE2 bgp ipv4 family vpnv4 PE2 bgp af vpnv4 peer 4 4 4 9 enable PE2 bgp af vpnv4 quit Redistribute direct routes to the VPN routing table of vp...

Page 317: ...figure PE 1 Run IS IS on PE 1 PE1 system view PE1 isis 1 PE1 isis 1 network entity 10 1111 1111 1111 1111 00 PE1 isis 1 quit Configure LSR ID enable MPLS and LDP PE1 mpls lsr id 2 2 2 9 PE1 mpls PE1 m...

Page 318: ...PE1 bgp peer 3 3 3 9 as number 100 PE1 bgp peer 3 3 3 9 connect interface loopback 0 PE1 bgp peer 3 3 3 9 label route capability Configure the maximum hop count from PE 1 to EBGP peer 5 5 5 9 as 10 P...

Page 319: ...quit ASBR PE1 route policy policy2 permit node 1 ASBR PE1 route policy2 if match mpls label ASBR PE1 route policy2 apply mpls label ASBR PE1 route policy2 quit Start BGP on ASBR PE 1 and redistribute...

Page 320: ...k0 quit Configure interface VLAN interface 12 and enable MPLS on it ASBR PE2 interface vlan interface 12 ASBR PE2 Vlan interface12 ip address 11 0 0 1 255 0 0 0 ASBR PE2 Vlan interface12 mpls ASBR PE2...

Page 321: ...face 11 and start IS IS and enable MPLS and LDP on the interface PE2 interface vlan interface 11 PE2 Vlan interface11 ip address 9 1 1 2 255 0 0 0 PE2 Vlan interface11 isis enable 1 PE2 Vlan interface...

Page 322: ...onfigurations PE 1 and PE 2 can ping each other PE2 ping vpn instance vpn1 30 0 0 1 PE1 ping vpn instance vpn1 20 0 0 1 Configuring carrier s carrier Network requirements Configure carrier s carrier f...

Page 323: ...1 Loop0 3 3 3 9 32 PE 2 Loop0 4 4 4 9 32 Vlan int11 11 1 1 2 24 Vlan int12 30 1 1 2 24 Vlan int12 30 1 1 1 24 Vlan int11 21 1 1 1 24 Configuration procedure 1 Configure MPLS L3VPN on the provider carr...

Page 324: ...s been established and has reached the Established state Issue the display isis peer command the output shows that the IS IS neighbor relationship has been set up Take PE 1 as an example PE1 display m...

Page 325: ...2 9 CE1 mpls CE1 mpls quit CE1 mpls ldp CE1 mpls ldp quit CE1 isis 2 CE1 isis 2 network entity 10 0000 0000 0000 0002 00 CE1 isis 2 quit CE1 interface loopback 0 CE1 LoopBack0 isis enable 2 CE1 LoopBa...

Page 326: ...ly vpn instance vpn1 PE1 bgp vpn1 import isis 2 PE1 bgp vpn1 quit PE1 bgp quit Configure CE 1 CE1 interface vlan interface 11 CE1 Vlan interface11 ip address 11 1 1 1 24 CE1 Vlan interface11 isis enab...

Page 327: ...gure PE 3 Details not shown 6 Verify your configuration Issue the display ip routing table command on PE 1 and PE 2 The output shows that only routes of the provider carrier network are present in the...

Page 328: ...n11 6 6 6 9 32 ISIS 15 74 11 1 1 2 Vlan11 10 1 1 0 24 Direct 0 0 10 1 1 2 Vlan12 10 1 1 1 32 Direct 0 0 10 1 1 1 Vlan12 10 1 1 2 32 Direct 0 0 127 0 0 1 InLoop0 11 1 1 0 24 Direct 0 0 11 1 1 1 Vlan1 1...

Page 329: ...27 ms Reply from 20 1 1 2 bytes 56 Sequence 2 ttl 252 time 97 ms Reply from 20 1 1 2 bytes 56 Sequence 3 ttl 252 time 83 ms Reply from 20 1 1 2 bytes 56 Sequence 4 ttl 252 time 70 ms Reply from 20 1 1...

Page 330: ...rvice provider network to the extended community attribute list and then forwards the VPNv4 route as usual To implement exchange of sub VPN routes between customer PEs and service provider PEs MP EBGP...

Page 331: ...ce12 mpls ldp PE1 Vlan interface12 quit PE1 bgp 100 PE1 bgp peer 4 4 4 9 as number 100 PE1 bgp peer 4 4 4 9 connect interface loopback 0 PE1 bgp ipv4 family vpnv4 PE1 bgp af vpnv4 peer 4 4 4 9 enable...

Page 332: ...ack 0 PE3 LoopBack0 ip address 1 1 1 9 32 PE3 LoopBack0 quit PE3 mpls lsr id 1 1 1 9 PE3 mpls PE3 mpls quit PE3 mpls ldp PE3 mpls ldp quit PE3 isis 2 PE3 isis 2 network entity 10 0000 0000 0000 0001 0...

Page 333: ...t PE1 interface vlan interface 11 PE1 Vlan interface11 ip binding vpn instance vpn1 PE1 Vlan interface11 ip address 11 1 1 2 24 PE1 Vlan interface11 mpls PE1 Vlan interface11 quit PE1 bgp 100 PE1 bgp...

Page 334: ...PN2 vpn target 2 2 PE3 vpn instance SUB_VPN2 quit PE3 interface vlan interface 13 PE3 Vlan interface13 ip binding vpn instance SUB_VPN2 PE3 Vlan interface13 ip address 110 1 1 2 24 PE3 Vlan interface1...

Page 335: ...r 2 2 2 9 connect interface loopback 0 PE3 bgp ipv4 family vpnv4 PE3 bgp af vpnv4 peer 2 2 2 9 enable Allow the local AS number to appear in the AS PATH attribute of the routes received PE3 bgp af vpn...

Page 336: ...Direct 0 0 11 1 1 2 Vlan11 100 1 1 0 24 BGP 255 0 11 1 1 1 NULL0 110 1 1 0 24 BGP 255 0 11 1 1 1 NULL0 120 1 1 0 24 BGP 255 0 4 4 4 9 NULL0 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct...

Page 337: ...uting Tables SUB_VPN1 Destinations 5 Routes 5 Destination Mask Proto Pre Cost NextHop Interface 100 1 1 0 24 Direct 0 0 100 1 1 2 Vlan11 100 1 1 2 32 Direct 0 0 127 0 0 1 InLoop0 120 1 1 0 24 BGP 255...

Page 338: ...3 ttl 252 time 105 ms Reply from 120 1 1 1 bytes 56 Sequence 4 ttl 252 time 88 ms Reply from 120 1 1 1 bytes 56 Sequence 5 ttl 252 time 87 ms 120 1 1 1 ping statistics 5 packet s transmitted 5 packet...

Page 339: ...cies to UPEs permitting CE 1 and CE 3 in VPN 1 to communicate with each other and forbidding CE 2 and CE 4 in VPN 2 to communicate with each other Figure 84 Network diagram Device Interface IP address...

Page 340: ...UPE1 vpn instance vpn1 route distinguisher 100 1 UPE1 vpn instance vpn1 vpn target 100 1 both UPE1 vpn instance vpn1 quit UPE1 ip vpn instance vpn2 UPE1 vpn instance vpn2 route distinguisher 100 2 UPE...

Page 341: ...55 0 CE2 Vlan interface13 quit CE2 bgp 65420 CE2 bgp peer 10 4 1 2 as number 100 CE2 bgp import route direct CE2 quit 4 Configure UPE 2 Configure MPLS basic capability and MPLS LDP to establish LDP LS...

Page 342: ...establish MP IBGP peer relationship with SPE 2 and to inject VPN routes UPE2 bgp 100 UPE2 bgp peer 3 3 3 9 as number 100 UPE2 bgp peer 3 3 3 9 connect interface loopback 0 UPE2 bgp ipv4 family vpnv4 U...

Page 343: ...pls ldp SPE1 Vlan interface12 quit Configure the IGP protocol OSPF for example SPE1 ospf SPE1 ospf 1 area 0 SPE1 ospf 1 area 0 0 0 0 network 2 2 2 9 0 0 0 0 SPE1 ospf 1 area 0 0 0 0 network 172 1 1 0...

Page 344: ...uit SPE1 bgp 100 SPE1 bgp ipv4 family vpnv4 SPE1 bgp af vpnv4 peer 1 1 1 9 upe route policy hope export 8 Configure SPE 2 Configure MPLS basic capability and MPLS LDP to establish LDP LSPs SPE2 system...

Page 345: ...as number 100 SPE2 bgp peer 2 2 2 9 connect interface loopback 0 SPE2 bgp ipv4 family vpnv4 SPE2 bgp af vpnv4 peer 2 2 2 9 enable SPE2 bgp af vpnv4 peer 4 4 4 9 enable SPE2 bgp af vpnv4 peer 4 4 4 9...

Page 346: ...onfigure conventional OSPF on CE 1 Switch A and CE 2 to advertise segment addresses of the interfaces as shown in Figure 85 Details not shown After completing the configurations CE 1 and CE 2 can lear...

Page 347: ...1 bgp ipv4 family vpnv4 PE1 bgp af vpnv4 peer 2 2 2 9 enable PE1 bgp af vpnv4 quit PE1 bgp quit Configure OSPF on PE 1 PE1 ospf 1 PE1 ospf 1 area 0 PE1 ospf 1 area 0 0 0 0 network 1 1 1 9 0 0 0 0 PE1...

Page 348: ...n instance vpn1 PE1 Vlan interface11 ip address 100 1 1 2 24 PE1 Vlan interface11 quit PE1 ospf 100 vpn instance vpn1 PE1 ospf 100 domain id 10 PE1 ospf 100 area 1 PE1 ospf 100 area 0 0 0 1 network 10...

Page 349: ...SPF 10 3126 100 1 1 1 Vlan11 4 Configure a sham link Configure PE 1 PE1 interface loopback 1 PE1 LoopBack1 ip binding vpn instance vpn1 PE1 LoopBack1 ip address 3 3 3 3 32 PE1 LoopBack1 quit PE1 ospf...

Page 350: ...1 0 24 OSPF 10 1574 100 1 1 2 Vlan11 100 1 1 0 24 Direct 0 0 100 1 1 1 Vlan11 100 1 1 1 32 Direct 0 0 127 0 0 1 InLoop0 120 1 1 0 24 OSPF 10 12 100 1 1 2 Vlan11 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop...

Page 351: ...LSPs Establish MP IBGP peer relationship between the PEs to advertise VPN IPv4 routes Configure the VPN instance of VPN 1 on PE 2 to allow CE 2 to access the network Configure the VPN instance of VPN...

Page 352: ...bling BGP update packet debugging on PE 2 you can see that PE 2 advertises the route to 100 1 1 1 32 and the AS_PATH is 100 600 PE2 terminal monitor PE2 terminal debugging PE2 debugging bgp update vpn...

Page 353: ...100 10 2 1 1 32 10 2 1 2 0 0 100 100 1 1 1 32 10 2 1 2 0 100 100 CE2 display ip routing table Routing Tables Public Destinations 9 Routes 9 Destination Mask Proto Pre Cost NextHop Interface 10 1 1 0 2...

Page 354: ...E2 respectively to add the SoO attribute to routes received from CE 1 and CE 2 Figure 87 Network diagram Device Interface IP address Device Interface IP address CE 1 Loop0 100 1 1 1 32 CE 3 Loop0 200...

Page 355: ...routing table peer 10 2 1 2 received routes Total Number of Routes 8 BGP Local router ID is 10 2 1 1 Status codes valid VPN best best d damped h history i internal s suppressed S Stale Origin i IGP e...

Page 356: ...100 PE2 bgp ipv4 family vpn instance vpn1 PE2 bgp vpn1 peer 10 2 1 1 route policy soo import PE2 bgp vpn1 quit PE2 bgp quit PE 2 will not advertise routes received from CE 1 to CE 2 because the same...

Page 357: ...N functions similarly It uses BGP to advertise IPv6 VPN routes and uses MPLS to forward IPv6 VPN packets on the service provider backbone Figure 88 shows the typical IPv6 MPLS L3VPN model At present t...

Page 358: ...o the destination by IPv6 forwarding IPv6 MPLS L3VPN routing information advertisement The IPv6 VPN routing information of a local CE is advertised to a remote peer PE in three steps 1 From the local...

Page 359: ...ier s carrier Multi VPN instance CE IPv6 MPLS L3VPN configuration task list Complete the following tasks to configure IPv6 MPLS L3VPN Task Remarks Configuring basic IPv6 MPLS L3VPN By configuring basi...

Page 360: ...PN instance configurations are performed on PEs or MCEs Creating a VPN instance A VPN instance is associated with a site It is a collection of the VPN membership and routing rules of its associated si...

Page 361: ...community attribute list which is usually the export target attribute of the VPN instance associated with the CE The VPN instance determines which routes it can accept and redistribute according to th...

Page 362: ...With the tunnel select seq command you can specify the tunnel selection preference order and the number of tunnels for load balancing With the preferred path command you can configure preferred tunne...

Page 363: ...for load balancing tunnel select seq cr lsp lsp load balance number number By default only one tunnel is selected no load balancing in this order LSP tunnel CR LSP tunnel If you specify more than one...

Page 364: ...Configuration Guide Configuring RIPng between PE and CE A RIPng process belongs to the public network or a single VPN instance If you create a RIPng process without binding it to a VPN instance the p...

Page 365: ...nformation about IPv6 IS IS see Layer 3 IP Routing Configuration Guide To configure IPv6 IS IS between PE and CE Step Command Remarks 1 Enter system view system view N A 2 Create an IPv6 IS IS process...

Page 366: ...s 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Enter IPv6 BGP subaddress family view ipv6 family N A 4 Configure the PE as the EBGP peer peer ipv6 address as number as numb...

Page 367: ...ure the remote PE as the peer peer ip address as number as number N A 4 Specify the interface for TCP connections peer ip address connect interface interface type interface number N A 5 Enter BGP VPNv...

Page 368: ...ss reflect client Optional No route reflector or client is configured by default 17 Enable route reflection between clients reflect between clients Optional Enabled by default 18 Configure a cluster I...

Page 369: ...as its CE In other words configure VPN instances on both PEs and ASBR PEs The VPN instances on PEs allow CEs to access the network while those on ASBR PEs are for access of the peer ASBR PEs For confi...

Page 370: ...gns new MPLS labels to the labeled routes to be advertised to the PEs in the same AS The configuration is the same as that in the Inter AS IPv4 VPN option C solution For more information see Configuri...

Page 371: ...v6 peers established between PEs display bgp vpnv6 all peer ipv4 address verbose verbose begin exclude include regular expression Available in any view Display information about IPv6 BGP peers establi...

Page 372: ...2 PE 1 Loop0 1 1 1 9 32 Vlan int12 172 2 1 1 24 Vlan int11 2001 1 2 64 Vlan int13 172 1 1 2 24 Vlan int13 172 1 1 1 24 PE 2 Loop0 3 3 3 9 32 Vlan int12 2001 2 2 64 Vlan int12 172 2 1 2 24 CE 2 Vlan in...

Page 373: ...0 network 172 2 1 0 0 0 0 255 P ospf 1 area 0 0 0 0 network 2 2 2 9 0 0 0 0 P ospf 1 area 0 0 0 0 quit P ospf 1 quit Configure PE 2 PE2 system view PE2 interface loopback 0 PE2 LoopBack0 ip address 3...

Page 374: ...2 1 1 2 GR State Normal State Full Mode Nbr is Master Priority 1 DR None BDR None MTU 1500 Dead timer due in 38 sec Neighbor is up for 00 02 44 Authentication Sequence 0 Neighbor state change count 5...

Page 375: ...vertisement Mode FT Fault Tolerance PE1 display mpls ldp lsp LDP LSP Information SN DestAddress Mask In OutLabel Next Hop In Out Interface 1 1 1 1 9 32 3 NULL 127 0 0 1 Vlan interface13 InLoop0 2 2 2...

Page 376: ...ding to Figure 90 Details not shown After completing the configurations issue the display ip vpn instance command on the PEs to view the configuration of the VPN instance Use the ping command to test...

Page 377: ...you configure PE 1 Details not shown After completing the configurations issue the display bgp vpnv6 vpn instance peer command on the PEs The output shows that BGP peer relationship has been establis...

Page 378: ...e vpn instance command on the PEs The output shows the routes to the CEs Take PE 1 as an example PE1 display ipv6 routing table vpn instance vpn1 Routing Table Destinations 3 Routes 3 Destination 2001...

Page 379: ...4 time 1 ms 2001 3 1 ping statistics 5 packet s transmitted 5 packet s received 0 00 packet loss round trip min avg max 1 1 1 ms CE1 ping ipv6 2001 4 1 PING 2001 4 1 56 data bytes press CTRL_C to brea...

Page 380: ...each router through OSPF The loopback interface address of a switch is to be used as the switch s LSR ID After you complete the configurations each ASBR PE and the PE in the same AS can establish OSP...

Page 381: ...nterface 11 ASBR PE2 Vlan interface11 mpls ASBR PE2 Vlan interface11 mpls ldp ASBR PE2 Vlan interface11 quit Configure the MPLS basic capability on PE 2 and enable MPLS LDP for PE 2 for the interface...

Page 382: ...2001 2 2 64 PE2 Vlan interface12 quit Configure ASBR PE 1 creating a VPN instance and binding the VPN instance to the interface connected to ASBR PE 2 ASBR PE 1 considers ASBR PE 2 its attached CE AS...

Page 383: ...bgp ipv6 family CE2 bgp af ipv6 peer 2001 2 2 as number 200 CE2 bgp af ipv6 import route direct CE2 bgp af ipv6 quit Configure PE 2 PE2 bgp 200 PE2 bgp ipv6 family vpn instance vpn1 PE2 bgp ipv6 vpn1...

Page 384: ...vpnv6 PE2 bgp af vpnv6 peer 3 3 3 9 enable PE2 bgp af vpnv6 quit PE2 bgp quit 6 Verify your configuration After you complete the configurations display the routing table and use the ping command The C...

Page 385: ...network entity 10 111 111 111 111 00 PE1 isis 1 quit Configure an LSR ID and enable MPLS and LDP PE1 mpls lsr id 2 2 2 9 PE1 mpls PE1 mpls label advertise non null PE1 mpls quit PE1 mpls ldp PE1 mpls...

Page 386: ...3 9 connect interface loopback 0 PE1 bgp peer 3 3 3 9 label route capability Configure the maximum hop count from PE 1 to EBGP peer 5 5 5 9 as 10 PE1 bgp peer 5 5 5 9 as number 600 PE1 bgp peer 5 5 5...

Page 387: ...E1 route policy policy2 permit node 1 ASBR PE1 route policy2 if match mpls label ASBR PE1 route policy2 apply mpls label ASBR PE1 route policy2 quit Start BGP on ASBR PE 1 and redistribute routes from...

Page 388: ...on it ASBR PE2 interface vlan interface 12 ASBR PE2 Vlan interface12 ip address 11 0 0 1 255 0 0 0 ASBR PE2 Vlan interface12 mpls ASBR PE2 Vlan interface12 quit Create routing policies ASBR PE2 route...

Page 389: ...an interface 11 PE2 Vlan interface11 ip address 9 1 1 2 255 0 0 0 PE2 Vlan interface11 isis enable 1 PE2 Vlan interface11 mpls PE2 Vlan interface11 mpls ldp PE2 Vlan interface11 quit Configure interfa...

Page 390: ...r configuration From each PE ping the other PE PE 1 and PE 2 can ping each other PE2 ping ipv6 vpn instance vpn1 2001 1 1 PING 2001 1 1 56 data bytes press CTRL_C to break Reply from 2001 1 1 bytes 56...

Page 391: ...2 are the customer carrier s switches They connect to the provider carrier s backbone as CE switches PE 3 and PE 4 are the customer carrier s PE switches They provide IPv6 MPLS L3VPN services for the...

Page 392: ...E 1 Loop0 3 3 3 9 32 PE 2 Loop0 4 4 4 9 32 Vlan int11 11 1 1 2 24 Vlan int12 30 1 1 2 24 Vlan int12 30 1 1 1 24 Vlan int11 21 1 1 1 24 Configuration procedure 1 Configure MPLS L3VPN on the provider ca...

Page 393: ...nship has been established and has reached Established state Issue the display isis peer command The output shows that an IS IS neighbor relationship has been set up Take PE 1 as an example PE1 displa...

Page 394: ...9 32 CE1 LoopBack0 quit CE1 mpls lsr id 2 2 2 9 CE1 mpls CE1 mpls quit CE1 mpls ldp CE1 mpls ldp quit CE1 isis 2 CE1 isis 2 network entity 10 0000 0000 0000 0002 00 CE1 isis 2 quit CE1 interface loopb...

Page 395: ...E1 bgp vpn1 import isis 2 PE1 bgp vpn1 quit PE1 bgp quit Configure CE 1 CE1 interface vlan interface11 CE1 Vlan interface11 ip address 11 1 1 1 24 CE1 Vlan interface11 isis enable 2 CE1 Vlan interface...

Page 396: ...Details not shown 6 Verify your configuration Issue the display ip routing table command on PE 1 and PE 2 The output shows that only routes of the provider carrier network are present in the public n...

Page 397: ...ns 16 Routes 16 Destination Mask Proto Pre Cost NextHop Interface 1 1 1 9 32 ISIS 15 10 10 1 1 2 Vlan12 2 2 2 9 32 Direct 0 0 127 0 0 1 InLoop0 5 5 5 9 32 ISIS 15 74 11 1 1 2 Vlan11 6 6 6 9 32 ISIS 15...

Page 398: ...6 Sequence 3 ttl 252 time 83 ms Reply from 20 1 1 2 bytes 56 Sequence 4 ttl 252 time 70 ms Reply from 20 1 1 2 bytes 56 Sequence 5 ttl 252 time 60 ms 20 1 1 2 ping statistics 5 packet s transmitted 5...

Page 399: ...warding 1 15 Configuring traffic forwarding tuning parameters 1 17 Configuring VPLS instance attributes 173 Creating an MPLS TE Tunnel over a static CR LSP 103 Creating an MPLS TE tunnel with a dynami...

Page 400: ...esetting BGP connections 20 Resetting BGP connections 358 Resetting BGP connections 268 S Setting MPLS statistics reading interval 76 T Troubleshooting MPLS L2VPN 226 Troubleshooting MPLS TE 162 Troub...

Reviews:

No comments

Related manuals for S5500-HI Switch Series

Pakedge Device & Software X-Series Quick Start Manual preview
X-Series
Brand: Pakedge Device & Software Pages: 20
Axis AXIS P1354 Installation Manual preview
AXIS P1354
Brand: Axis Pages: 104
Westermo Ibex-RT-330-HV User Manual preview
Ibex-RT-330-HV
Brand: Westermo Pages: 34
i-MO OptiBond 210 C Series Hardware Installation Manual preview
OptiBond 210 C Series
Brand: i-MO Pages: 16
Digi 9P 9360/9750 User Manual preview
9P 9360/9750
Brand: Digi Pages: 75
Optus Ultra WiFi Booster Quick Manual preview
Ultra WiFi Booster
Brand: Optus Pages: 8
HMS Anybus AWB3000 Startup Manual preview
Anybus AWB3000
Brand: HMS Pages: 18
Ryobi RE180PL1 Operator'S Manual preview
RE180PL1
Brand: Ryobi Pages: 44
H3C WT2024-U-PWR Compliance And Safety Manual preview
WT2024-U-PWR
Brand: H3C Pages: 51
NETGEAR DG834GUV5 User Manual preview
DG834GUV5
Brand: NETGEAR Pages: 120
SMC Networks EZ Switch SMC-1026DT V.2 User Manual preview
EZ Switch SMC-1026DT V.2
Brand: SMC Networks Pages: 27
3Com 3C13755-US - Router 5642 Installation Manual preview
3C13755-US - Router 5642
Brand: 3Com Pages: 104
Siklu EtherHaul 500 Installation Manual preview
EtherHaul 500
Brand: Siklu Pages: 52
Allied Telesis 613-50550-00 Installation Manual preview
613-50550-00
Brand: Allied Telesis Pages: 2
Lantech TWAP-5006 User Manual preview
TWAP-5006
Brand: Lantech Pages: 20
socomec ATyS g M 2P Instruction Manual preview
ATyS g M 2P
Brand: socomec Pages: 54
Crestron C2N-NPA8 Operation Manual preview
C2N-NPA8
Brand: Crestron Pages: 40
Tripp Lite N308-05M Specification Sheet preview
N308-05M
Brand: Tripp Lite Pages: 2

Brands by name

Popular brands

Load more brands