H3C SR8800 10G Скачать руководство пользователя страница 254 | Manualshive

Страница: 254 / 410

background image

243

Figure 72

Application of BGP AS number substitution

, both CE 1 and CE 2 use the AS number of 800. AS number substitution is enabled on PE

2 for CE 2. Before advertising updates received from CE 1 to CE 2, PE 2 finds that an AS number in the

AS_PATH is the same as that of CE 2 and hence substitutes its own AS number 100 for the AS number.
In this way, CE 2 can normally receive the routing information from CE 1.
AS number substitution also applies to a PE connecting multiple CEs through different interfaces, such as

PE 2 in

, which connects CE 2 and CE 3.

NOTE:

For a multi-homed CE, that is, a CE connected with multiple PEs, the BGP AS number substitution function
must be used in combination with the site-of-origin (SOO) function. Otherwise, routing loops may appear.

Multi-VPN-instance CE

Background

BGP/MPLS VPN transmits private network data through MPLS tunnels over the public network. However,

the traditional MPLS L3VPN architecture requires that each VPN instance exclusively use a CE to connect
with a PE, as shown in

For better services and higher security, a private network is usually divided into multiple VPNs to isolate

services. To meet these requirements, you can configure a CE for each VPN, which, apparently, will

increase users’ device expense and maintenance costs. Or, you can configure multiple VPNs to use the
same CE and the same routing table, which cannot ensure the data security.
Using the Multi-VPN-Instance CE (MCE) function, you can remove the contradiction of low cost and high

security in multi-VPN networks. MCE allows you to bind each VPN to a VLAN interface. The MCE creates

and maintains a separate routing table for each VPN. This separates the forwarding paths of packets of

different VPNs and, in conjunction with the PE, can correctly advertise the routes of each VPN to the peer
PE, ensuring the normal transmission of VPN packets over the public network.

How MCE works

The following uses

to describe how an MCE maintains the routing entries for multiple VPNs and

exchanges VPN routes with PEs.

«
...
252
253
254
255
256
...
»

Содержание SR8800 10G

Страница 1: ...H3C SR8800 10G Core Routers MPLS Configuration Guide Hangzhou H3C Technologies Co Ltd http www h3c com Software version SR8800 CMW520 R3347 Document version 6W103 20120224...

Страница 2: ...ware Secware Storware NQA VVG V2 G Vn G PSPT XGbus N Bus TiGem InnoVision and HUASAN are trademarks of Hangzhou H3C Technologies Co Ltd All other trademarks that may be mentioned in this manual are th...

Страница 3: ...k administrators working with the SR8800 series Conventions This section describes the conventions used in this documentation set Command conventions Convention Description Boldface Bold text represen...

Страница 4: ...alert that calls attention to essential information NOTE An alert that contains additional or supplementary information TIP An alert that provides helpful information Network topology icons Represents...

Страница 5: ...a quick reference to all available commands Operations and maintenance Release notes Provide information about the product release including the version history hardware and software compatibility ma...

Страница 6: ...ring LDP loop detection 17 Configuring LDP MD5 authentication 18 Configuring LDP label filtering 18 Maintaining LDP sessions 20 Configuring BFD for MPLS LDP 20 Resetting LDP sessions 20 Managing and o...

Страница 7: ...re 60 Configuring RSVP TE advanced features 65 Configuration prerequisites 65 Configuration procedure 65 Tuning CR LSP setup 69 Configuration prerequisites 69 Configuration procedure 69 Tuning MPLS TE...

Страница 8: ...implementation 157 Hub spoke VPLS implementation 159 Multi hop PW 160 VPLS configuration task list 161 Configuring LDP VPLS 162 Configuration prerequisites 162 Enabling L2VPN and MPLS L2VPN 162 Config...

Страница 9: ...pella MPLS L2VPN 217 Example for configuring a Kompella local connection 219 Troubleshooting MPLS L2VPN 221 Configuring MPLS L3VPN 222 MPLS L3VPN overview 222 MPLS L3VPN concepts 223 MPLS L3VPN packet...

Страница 10: ...uses a GRE tunnel 295 Configuring inter AS option A 300 Configuring inter AS option B 305 Configuring inter AS option C 310 Configuring carrier s carrier 316 Configuring nested VPN 324 Configuring Ho...

Страница 11: ...369 Resetting BGP connections 369 Displaying information about IPv6 MPLS L3VPN 369 IPv6 MPLS L3VPN configuration examples 371 Configuring IPv6 MPLS L3VPNs 371 Configuring inter AS IPv6 VPN option A 37...

Страница 12: ...s Residing between the link layer and the network layer MPLS can work on various link layer protocols for example PPP ATM frame relay and Ethernet provide connection oriented services for various netw...

Страница 13: ...ER is an LSR that resides at the edge of an MPLS network and is connected to another network LSP A label switched path LSP is the path along which packets of a FEC travel through an MPLS network An LS...

Страница 14: ...Rs of the bindings so as to establish the LFIB on each LSR LSPs can be established through manual configuration or be established dynamically through label distribution protocols 1 Establishing a stat...

Страница 15: ...ng information After all LSRs along the packet forwarding path establish a LFIB entry for the FEC an LSP is established for packets of this FEC Figure 4 Process of dynamic LSP establishment Label dist...

Страница 16: ...de otherwise no LSP can be established normally 2 Label distribution control modes Two label distribution control modes are available independent and ordered In independent mode an LSR can distribute...

Страница 17: ...changes but will waste label resources as LSRs need to keep extra labels In conservative mode an LSR keeps only label bindings that are from its next hops for the FECs This allows LSRs to maintain fe...

Страница 18: ...ter B looks for the corresponding NHLFE entry of the Token value According to the NHLFE entry Router B pushes label 40 to the packet and then forwards the labeled packet to the next hop LSR Router C t...

Страница 19: ...implicit null label and never appears in the label stack When an LSR finds that it is assigned an implicit null label it directly performs a pop operation rather than substitutes the implicit null lab...

Страница 20: ...ndings between LDP peers and thereby establish LSPs For the LSP establishment process see LSP establishment and label distribution 4 Session termination An LSR terminates its LDP session with an LDP p...

Страница 21: ...el distribution control mode Optional Configuring LDP loop detection Optional Configuring LDP MD5 authentication Optional Configuring LDP label filtering Optional Maintaining LDP sessions Configuring...

Страница 22: ...otocol ensuring that LSRs can communicate with each other at the network layer Configuration procedure To enable MPLS Step Command Remarks 1 Enter system view system view N A 2 Configure the MPLS LSR...

Страница 23: ...ic lsp egress lsp name incoming interface interface type interface number in label in label NOTE If the outgoing interface specified for a static LSP is a P2MP interface such as a P2MP ATM subinterfac...

Страница 24: ...as local LDP sessions To establish a local LDP session Determine the LDP transport addresses of the two peers and make sure that the LDP transport addresses are reachable to each other This is to esta...

Страница 25: ...much you need to adjust timers to ensure the stability of the LDP sessions To configure remote LDP session parameters Step Command Remarks 1 Enter system view system view N A 2 Create a remote peer e...

Страница 26: ...iguring LDP to advertise prefix based labels through a remote session is for implementing MPLS LDP over MPLS TE For information about MPLS LDP over MPLS TE see the chapter Configuring MPLS TE Configur...

Страница 27: ...ks can trigger establishment of LSPs NOTE For an LSP to be established an exactly matching routing entry must exist on the LSR For example on an LSR to establish an LSP to a loopback address with a 32...

Страница 28: ...l request message or label mapping message carries path information in the form of path vector list When such a message reaches an LSR the LSR checks the path vector list of the message to see whether...

Страница 29: ...ep Command Remarks 1 Enter system view system view N A 2 Enter MPLS LDP view mpls ldp N A 3 Enable LDP MD5 authentication and set the password md5 password cipher plain peer lsr id password Disabled b...

Страница 30: ...tions permitted by prefix list C Figure 9 Network diagram for label advertisement control Configuration prerequisites Before you configure LDP label filtering policies you must create an IP prefix lis...

Страница 31: ...eers fails the LDP session will be down and as a result MPLS forwarding will fail By cooperating with bidirectional forwarding detection BFD MPLS LDP can be quickly aware of communication failures bet...

Страница 32: ...k adds the label stack back into each fragment and then forwards the fragments If fragmentation is not allowed the LSR drops the packet directly To configure the MPLS MTU of an interface Step Command...

Страница 33: ...agation disabled When the ingress labels a packet it does not copy the TTL value of the original IP packet to the TTL field of the label and the label TTL is set to 255 When an LSR forwards the labele...

Страница 34: ...cket sender it sends the ICMP TTL exceeded message to the packet sender directly through the IP route If the LSR has no route to the packet sender it forwards the ICMP TTL exceeded message along the L...

Страница 35: ...ne Using this feature LDP Graceful Restart GR preserves the LFIB information when the signaling protocol or control plane fails so that LSRs can still forward packets according to LFIB ensuring contin...

Страница 36: ...GR restarter 5 After the recovery time elapses the GR helper deletes the FEC label bindings that are still marked stale 6 When the MPLS forwarding state holding timer expires the GR restarter deletes...

Страница 37: ...istics Inspecting LSPs In MPLS the MPLS control plane is responsible for establishing LSPs However when an LSP fails to forward data the control plane cannot detect the LSP failure or cannot do so in...

Страница 38: ...into a BFD control packet forward the BFD control packet along the LSP to the egress and determine the status of the LSP according to the reply received Upon detecting an LSP failure BFD triggers a tr...

Страница 39: ...s in active mode and the egress node always works in passive mode The bfd session init mode command does not take effect on the ingress and egress nodes of such a BFD session Even if you configure the...

Страница 40: ...trap function Step Command Remarks 1 Enter system view system view N A 2 Enable the MPLS trap function snmp agent trap enable mpls Disabled by default NOTE For more information about the snmp agent tr...

Страница 41: ...xclude include regular expression Available in any view Display information about static LSPs display mpls static lsp lsp name lsp name include exclude dest addr mask length verbose begin exclude incl...

Страница 42: ...tatistics information about all LSP sessions display mpls ldp session all statistics begin exclude include regular expression Available in any view Display information about LSPs established by LDP di...

Страница 43: ...re is no need to configure such a static route on the transit and egress nodes and thus you do not need to configure any routing protocol on the routers Configuration procedure 1 Configure the IP addr...

Страница 44: ...incoming interface Pos 2 1 1 in label 30 nexthop 20 1 1 2 out label 50 Configure the LSP egress Router C RouterC static lsp egress AtoC incoming interface Pos 2 1 1 in label 50 5 Create a static LSP...

Страница 45: ...m Router C to Router A RouterC ping lsp a 21 1 1 1 ipv4 11 1 1 0 24 LSP Ping FEC IPV4 PREFIX 11 1 1 0 24 100 data bytes press CTRL_C to break Reply from 10 1 1 1 bytes 100 Sequence 1 time 3 ms Reply f...

Страница 46: ...erA ospf 1 area 0 0 0 0 quit RouterA ospf 1 quit Configure OSPF on Router B RouterB system view RouterB ospf RouterB ospf 1 area 0 RouterB ospf 1 area 0 0 0 0 network 2 2 2 9 0 0 0 0 RouterB ospf 1 ar...

Страница 47: ...ls RouterB mpls quit RouterB mpls ldp RouterB mpls ldp quit RouterB interface Pos 2 1 1 RouterB Pos2 1 1 mpls RouterB Pos2 1 1 mpls ldp RouterB Pos2 1 1 quit RouterB interface Pos 2 1 2 RouterB Pos2 1...

Страница 48: ...s RouterB mpls lsp trigger all RouterB mpls quit Configure the LSP establishment triggering policy on Router C RouterC mpls RouterC mpls lsp trigger all RouterC mpls quit 5 Verify the configuration Ex...

Страница 49: ...ms Reply from 10 1 1 1 bytes 100 Sequence 2 time 2 ms Reply from 10 1 1 1 bytes 100 Sequence 3 time 2 ms Reply from 10 1 1 1 bytes 100 Sequence 4 time 3 ms Reply from 10 1 1 1 bytes 100 Sequence 5 tim...

Страница 50: ...from 1 1 1 0 24 to 21 1 1 0 24 and the other for detecting the connectivity of the LSP from 21 1 1 0 24 to 1 1 1 0 24 Use the following command to view the verbose information of the BFD sessions Rou...

Страница 51: ...40 Hold Time 1900ms Connect Type Indirect Running Up for 00 02 28 Auth mode None Protocol MFW LSPV Diag Info No Diagnostic...

Страница 52: ...iprotocol Label Switching MPLS Because IGPs are topology driven and consider only network connectivity they fail to present some dynamic factors such as bandwidth and traffic characteristics This IGP...

Страница 53: ...e configured manually Dynamic CR LSP processing to handle three types of CR LSPs basic CR LSPs backup CR LSPs and fast rerouted CR LSPs Static CR LSP processing is simple while dynamic CR LSP processi...

Страница 54: ...lled Constraint based Routing CR CR LSP involves these concepts Strict and loose explicit routes Traffic characteristics Preemption Route pinning Administrative group and affinity attribute Reoptimiza...

Страница 55: ...ess of allocating reallocating network resources You may configure it to meet desired QoS Normally service providers use some mechanism to optimize CR LSPs for best use of network resources They can d...

Страница 56: ...h LSP set up using RSVP TE is assigned a resource reservation style During an RSVP session the receiver decides which reservation style can be used for this session and thus which LSPs can be used Two...

Страница 57: ...once created to remove the path state and related reservation state on each node along the path ResvTear messages Sent upstream immediately once created to remove the reservation state on each node a...

Страница 58: ...ay be unbearable As tuning refresh intervals is not adequate to address the two problems the refreshing mechanism was extended in RFC 2961 RSVP Refresh Overhead Reduction Extensions as follows to addr...

Страница 59: ...lo capability of RSVP TE A GR capable device advertises its GR capability and relevant time parameters to its neighbors by extended RSVP hello packets If a device and all its neighbors have the RSVP G...

Страница 60: ...int links and TE tunnel interfaces can be set as outgoing interfaces IGP shortcut also known as autoroute announce considers a TE tunnel as a logical interface directly connected to the destination wh...

Страница 61: ...tandard backup where a secondary CR LSP is created to take over after the primary CR LSP fails FRR Overview Fast Reroute FRR provides a quick per link or per node protection on an LSP In this approach...

Страница 62: ...A main tunnel and its protection tunnels form a protection group When the main tunnel fails data is switched to a protection tunnel immediately greatly improving the reliability of the network When t...

Страница 63: ...ndwidth constraints Essentially what DS TE does is to map traffic trunks with LSPs making each traffic trunk traverse the constraints compliant path The router supports the following DS TE modes Prest...

Страница 64: ...MPLS TE tunnel interface to configure the bandwidth constraints of the tunnel interface The router determines whether there is enough bandwidth to establish an MPLS TE tunnel for a traffic trunk accor...

Страница 65: ...ss The router checks whether the CT and the LSP setup holding priority of the traffic trunk matches an existing TE class An MPLS TE tunnel can be established for the traffic trunk only when the follow...

Страница 66: ...established between the MPLS TE tunnel headend and tailend The LDP LSP is carried on the MPLS TE tunnel In this way a hierarchical LSP is formed Figure 23 Configure an LDP LSP over an MPLS TE LSP NOT...

Страница 67: ...CR LSP backup Optional Configuring FRR Optional Inspecting an MPLS TE tunnel Optional Configuring protection switching Optional Configuring MPLS TE basic capabilities MPLS TE basic capabilities are es...

Страница 68: ...nel configuration mpls te commit N A NOTE For more information about tunnel interfaces see Layer 3 IP Services Configuration Guide Configuring DiffServ aware TE To configure DS TE Step Command Remarks...

Страница 69: ...nges Static CR LSPs are special static LSPs They share the same constraints and use the same label space Configuration prerequisites Before making the configuration do the following Configure static r...

Страница 70: ...TE tunnel carried over the static CR LSP The tunnel name argument in the static cr lsp ingress command is case sensitive Suppose you create a tunnel interface with the interface tunnel 2 command To sp...

Страница 71: ...iguring MPLS TE properties for a link Optional Configuring CSPF Optional Configuring OSPF TE Required when CSPF is configured Choose one depending on the IGP protocol used Configuring IS IS TE Configu...

Страница 72: ...h Optional 0 for BC 0 through BC 3 by default In RDM model BC 0 is the maximum reservable bandwidth of a link Configuring CSPF To configure CSPF Step Command Remarks 1 Enter system view system view N...

Страница 73: ...oded normally on all interfaces with IS IS enabled the MTU of any IS IS enabled interface including 27 octets of LSP header and two octets of TLV header cannot be less than 284 octets If an LSP must a...

Страница 74: ...MPLS TE explicit path Step Command Remarks 1 Enter system view system view N A 2 Create an explicit path for MPLS TE tunneling and enter its view explicit path path name disable enable N A 3 Add a no...

Страница 75: ...use and set the preference of the path mpls te path dynamic explicit path pathname preference value Optional By default a tunnel uses the dynamically calculated path 5 Submit current tunnel configura...

Страница 76: ...SP setup RSVP TE provides many configurable options with respect to reliability network resources and other advanced features of MPLS TE Before performing the configuration tasks in this section be aw...

Страница 77: ...l is 30 seconds 4 Configure the keep multiplier for PSB and RSB mpls rsvp te keep multiplier number Optional The default is 3 5 Configure the blockade timeout multiplier mpls rsvp te blockade multipli...

Страница 78: ...lost before the link is considered failed mpls rsvp te hello lost times Optional By default the link is considered failed if three consecutive hellos are lost 5 Configure the hello interval mpls rsvp...

Страница 79: ...svp te authentication cipher plain auth key NOTE FRR and RSVP authentication cannot run at the same time Configuring RSVP TE GR The RSVP TE GR function depends on the extended hello capability of RSVP...

Страница 80: ...R LSP can traverse Configuration prerequisites The configuration tasks described in this section are about CSPF of MPLS TE They must be used in conjunction with CSPF and the dynamic signal protocol CR...

Страница 81: ...trative group and affinity attribute The affinity attribute of an MPLS TE tunnel identifies the properties of the links that the tunnel can use Together with the link administrative group it decides w...

Страница 82: ...commit N A Configuring CR LSP reoptimization Dynamic CR LSP optimization involves periodic calculation of paths that traffic trunks should traverse If a better route is found for an existing CR LSP a...

Страница 83: ...ing To configure route and label recording Step Command Remarks 1 Enter system view system view N A 2 Enter MPLS TE tunnel interface view interface tunnel tunnel number N A 3 Enable the system to reco...

Страница 84: ...To avoid flapping caused by improper preemptions between CR LSPs the setup priority of a CR LSP should not be set higher than its holding priority To assign priorities to a tunnel Step Command Remark...

Страница 85: ...unnel interface address to IGPs such as OSPF and ISIS Before configuring automatic route advertisement enable OSPF or ISIS on the MPLS TE tunnel interface Two approaches IGP shortcut and forwarding ad...

Страница 86: ...nnel to IGP neighbors mpls te igp advertise hold time value Routes of MPLS TE tunnels are not advertised to IGP neighbors by default 4 Assign a metric to the MPLS TE tunnel mpls te igp metric absolute...

Страница 87: ...late paths This tends to be resource consuming as recalculation involves IGP flooding To reduce recalculations and flood only significant changes you may configure the following two IGP flooding thres...

Страница 88: ...e interface number N A 10 Assign a TE metric to the link mpls te metric value Optional If no TE metric is assigned to the link IGP metric is used as the TE metric by default NOTE If you do not configu...

Страница 89: ...As mentioned earlier Fast Reroute FRR provides quick but temporary per link or per node local protection on an LSP FRR uses bypass tunnels to protect primary tunnels As bypass tunnels are pre establi...

Страница 90: ...LSP becomes a bypass LSP The setup of a bypass LSP must be manually performed on the PLR The configuration of a bypass LSP is similar to that of a common LSP However a bypass LSP cannot be configured...

Страница 91: ...is can defeat your attempts to binding a primary LSP to a bypass tunnel Therefore when configuring a bypass tunnel you must configure the bandwidth that it is intended to protect with the mpls te back...

Страница 92: ...ring MPLS LSP ping MPLS LSP ping can be used to check the connectivity of an MPLS TE tunnel At the ingress it adds the label for the MPLS TE tunnel to be inspected into an MPLS echo request which then...

Страница 93: ...om remote to local between two routers Dynamic If you do not specify the local and remote discriminator values when configuring the mpls te bfd enable command the MPLS LSP ping will be run automatical...

Страница 94: ...nd does not take effect on the ingress and egress nodes of such a BFD session Even if you configure the two nodes to both work in passive mode the BFD session will still be established successfully Co...

Страница 95: ...an MPLS TE tunnel Configure BFD for the MPLS TE tunnel Before configuring a protection tunnel prepare the following data Interface number of the main tunnel in the protection group ID of the protectio...

Страница 96: ...information about RSVP TE PSB display mpls rsvp te psb content ingress lsr id lspid tunnel id egress lsr id begin include exclude regular expression Available in any view Display information about RSV...

Страница 97: ...in any view Display the latest TE information advertised by IS IS TE display isis traffic eng advertisements level 1 level 1 2 level 2 lsp id lsp id local process id vpn instance vpn instance name be...

Страница 98: ...configuration examples MPLS TE using static CR LSP configuration example Network requirements Router A Router B and Router C run IS IS Establish a TE tunnel using a static CR LSP between Router A and...

Страница 99: ...3 1 1 isis enable 1 RouterC GigabitEthernet3 1 1 quit RouterC interface loopback 0 RouterC LoopBack0 isis enable 1 RouterC LoopBack0 quit Perform the display ip routing table command on each router Yo...

Страница 100: ...3 1 1 mpls te RouterC GigabitEthernet3 1 1 quit 4 Configure an MPLS TE tunnel Configure an MPLS TE tunnel on Router A RouterA interface tunnel 3 RouterA Tunnel3 ip address 6 1 1 1 255 255 255 0 Router...

Страница 101: ...packets sec 0 packets input 0 bytes 0 input error 0 packets output 0 bytes 0 output error Perform the display mpls te tunnel command on each router to verify information about the MPLS TE tunnel Route...

Страница 102: ...EC field in the sample output is empty on Router B and Router C 7 Create a static route for routing MPLS TE tunnel traffic RouterA ip route static 3 2 1 2 24 tunnel 3 preference 1 Perform the display...

Страница 103: ...uterA GigabitEthernet3 1 1 quit RouterA interface loopback 0 RouterA LoopBack0 isis enable 1 RouterA LoopBack0 isis circuit level level 2 RouterA LoopBack0 quit Configure Router B RouterB system view...

Страница 104: ...able 1 RouterD LoopBack0 isis circuit level level 2 RouterD LoopBack0 quit Perform the display ip routing table command on each router You can see that all nodes learnt the host routes of other nodes...

Страница 105: ...pos 2 1 1 RouterB POS2 1 1 mpls RouterB POS2 1 1 mpls te RouterB POS2 1 1 mpls rsvp te RouterB POS2 1 1 quit Configure Router C RouterC mpls lsr id 3 3 3 9 RouterC mpls RouterC mpls mpls te RouterC mp...

Страница 106: ...n Router A RouterA interface GigabitEthernet 3 1 1 RouterA GigabitEthernet3 1 1 mpls te max link bandwidth 10000 RouterA GigabitEthernet3 1 1 mpls te max reservable bandwidth 5000 RouterA GigabitEther...

Страница 107: ...n Perform the display interface tunnel command on Router A You can find that the tunnel interface is up RouterA display interface tunnel Tunnel4 current state UP Line protocol current state UP Descrip...

Страница 108: ...BW Interfaces Protected VPN Bind Type NONE VPN Bind Value Car Policy Disabled Tunnel Group Primary Primary Tunnel Backup Tunnel Group Status Oam Status Perform the display mpls te cspf tedb all comman...

Страница 109: ...h is 10000 kbps and maximum reservable bandwidth is 5000 kbps Figure 26 Network diagram Device Interface IP address Device Interface IP address Router A Loop0 1 1 1 9 32 Router C Loop0 3 3 3 9 32 GE3...

Страница 110: ...RouterD ospf 1 area 0 0 0 0 network 30 1 1 0 0 0 0 255 RouterD ospf 1 area 0 0 0 0 network 4 4 4 9 0 0 0 0 RouterD ospf 1 area 0 0 0 0 quit RouterD ospf 1 quit After the configurations execute the dis...

Страница 111: ...0 1 10 1 1 2 GE3 1 1 3 3 3 9 32 O_ASE 150 1 10 1 1 2 GE3 1 1 4 4 4 9 32 O_ASE 150 1 10 1 1 2 GE3 1 1 10 1 1 0 24 Direct 0 0 10 1 1 1 GE3 1 1 10 1 1 1 32 Direct 0 0 127 0 0 1 InLoop0 20 1 1 0 24 O_ASE...

Страница 112: ...1 1 mpls RouterC GigabitEthernet3 1 1 mpls te RouterC GigabitEthernet3 1 1 mpls rsvp te RouterC GigabitEthernet3 1 1 quit RouterC interface POS 2 1 1 RouterC POS2 1 1 mpls RouterC POS2 1 1 mpls te Ro...

Страница 113: ...20 1 1 2 include loose RouterA explicit path atod next hop 30 1 1 2 include loose RouterA explicit path atod quit 7 Configure MPLS TE attributes of links Configure the maximum link bandwidth and maxi...

Страница 114: ...nel id 10 RouterA Tunnel1 mpls te signal protocol rsvp te RouterA Tunnel1 mpls te bandwidth 2000 RouterA Tunnel1 mpls te path explicit path atod preference 5 RouterA Tunnel1 mpls te commit RouterA Tun...

Страница 115: ...Loop Detection Disabled Record Route Disabled Record Label Disabled FRR Flag Disabled BackUpBW Flag Not Supported BackUpBW Type BackUpBW Route Pinning Disabled Retry Limit 10 Retry Interval 2 sec Reo...

Страница 116: ...0 1 InLoop0 10 1 1 0 24 Direct 0 0 10 1 1 1 GE3 1 1 10 1 1 1 32 Direct 0 0 127 0 0 1 InLoop0 20 1 1 0 24 O_ASE 150 1 10 1 1 2 GE3 1 1 30 1 1 0 24 Static 1 0 7 1 1 1 Tun1 127 0 0 0 8 Direct 0 0 127 0 0...

Страница 117: ...gabitEthernet 3 1 1 RouterB GigabitEthernet3 1 1 mpls RouterB GigabitEthernet3 1 1 mpls te RouterB GigabitEthernet3 1 1 mpls rsvp te RouterB GigabitEthernet3 1 1 mpls rsvp te hello RouterB GigabitEthe...

Страница 118: ...eighbor s GR status is Ready RouterA display mpls rsvp te peer Interface GigabitEthernet3 1 1 Neighbor Addr 10 1 1 2 SrcInstance 880 NbrSrcInstance 5017 PSB Count 0 RSB Count 1 Hello Type Sent REQ Nei...

Страница 119: ...B mpls quit RouterB interface GigabitEthernet 3 1 1 RouterB GigabitEthernet3 1 1 mpls RouterB GigabitEthernet3 1 1 mpls te RouterB GigabitEthernet3 1 1 mpls rsvp te RouterB GigabitEthernet3 1 1 mpls r...

Страница 120: ...n Display the detailed information of the BFD session between Router A and Router B RouterA display bfd session verbose Total Session Num 1 Init Mode Active Session Working Under Ctrl Mode Local Discr...

Страница 121: ...fter configuration you can perform the display ip routing table command on each router You can see that all nodes learnt the host routes of other nodes with LSR IDs as destinations 3 Configure MPLS TE...

Страница 122: ...erC GigabitEthernet3 1 2 mpls te RouterC GigabitEthernet3 1 2 quit Configure Router D RouterD mpls lsr id 4 4 4 9 RouterD mpls RouterD mpls mpls te RouterD mpls mpls te cspf RouterD mpls quit RouterD...

Страница 123: ...mpls te max link bandwidth 10000 RouterB GigabitEthernet3 1 2 mpls te max reservable bandwidth 5000 RouterB GigabitEthernet3 1 2 quit Configure maximum link bandwidth and maximum reservable bandwidth...

Страница 124: ...nterface GigabitEthernet 3 1 1 RouterC GigabitEthernet3 1 1 mpls ldp RouterC GigabitEthernet3 1 1 quit RouterC interface GigabitEthernet 3 1 2 RouterC GigabitEthernet3 1 2 mpls ldp RouterC GigabitEthe...

Страница 125: ...gent queuing Size Length Discards 0 100 0 Output queue Protocol queuing Size Length Discards 0 500 0 Output queue FIFO queuing Size Length Discards 0 75 0 Last 300 seconds input 0 bytes sec 0 packets...

Страница 126: ...Primary Tunnel Backup Tunnel Group Status Oam Status Perform the display ospf mpls te command on Router A to view LSAs of OSPF TE RouterA display ospf mpls te area 0 self originated OSPF Process 100 w...

Страница 127: ...erved BW 10 0 bytes sec Unreserved BW 11 0 bytes sec Unreserved BW 12 0 bytes sec Unreserved BW 13 0 bytes sec Unreserved BW 14 0 bytes sec Unreserved BW 15 0 bytes sec Bandwidth Constraints BC 0 6250...

Страница 128: ...1 24 POS 2 1 2 40 1 1 2 24 Configuration procedure 1 Assign IP addresses and masks to interfaces see Figure 30 Details not shown 2 Configure the IGP protocol Enable IS IS to advertise host routes with...

Страница 129: ...id 10 Enable hot LSP backup RouterA Tunnel4 mpls te backup hot standby RouterA Tunnel4 mpls te commit RouterA Tunnel4 quit Perform the display interface tunnel command on Router A You can find that T...

Страница 130: ...4 4 4 9 Hop 3 40 1 1 1 Hop 4 40 1 1 2 Hop 5 3 3 3 9 Perform the tracert command to draw the picture of the path that a packet must travel to reach the tunnel destination RouterA tracert a 1 1 1 9 3 3...

Страница 131: ...Tunnel4 as the outgoing interface FRR configuration example Network requirements On a primary LSP Router A Router B Router C Router D use FRR to protect the link Router B Router C Do the following Cr...

Страница 132: ...SIS 15 20 2 1 1 2 GE3 1 1 3 2 1 0 24 ISIS 15 20 2 1 1 2 GE3 1 1 3 3 1 0 24 ISIS 15 30 2 1 1 2 GE3 1 1 3 3 3 3 32 ISIS 15 20 2 1 1 2 GE3 1 1 4 1 1 0 24 ISIS 15 30 2 1 1 2 GE3 1 1 4 4 4 4 32 ISIS 15 30...

Страница 133: ...for the primary LSP RouterA explicit path pri path RouterA explicit path pri path next hop 2 1 1 2 RouterA explicit path pri path next hop 3 1 1 2 RouterA explicit path pri path next hop 4 1 1 2 Rout...

Страница 134: ...interface Tunnel Name Tunnel4 Tunnel Desc Tunnel4 Interface Tunnel State Desc CR LSP is Up Tunnel Attributes LSP ID 1 1 1 1 1 Session ID 10 Admin State UP Oper State UP Ingress LSR ID 1 1 1 1 Egress L...

Страница 135: ...Tunnel5 mpls te backup bandwidth 10000 RouterB Tunnel5 mpls te commit RouterB Tunnel5 quit Bind the bypass tunnel with the protected interface RouterB interface GigabitEthernet 3 1 2 RouterB GigabitEt...

Страница 136: ...2 2 1 3 3 3 3 POS2 1 1 Tunnel5 RouterC display mpls te tunnel LSP Id Destination In Out If Name 1 1 1 1 1 4 4 4 4 GE3 1 2 GE3 1 1 Tunnel4 2 2 2 2 1 3 3 3 3 POS2 1 1 Tunnel5 RouterD display mpls te tun...

Страница 137: ...rB IFNET 5 UPDOWN Line protocol on the interface GigabitEthernet3 1 2 turns into DOWN state Perform the display interface tunnel 4 command on Router A to identify the state of the primary LSP You can...

Страница 138: ...el Name Tunnel4 Tunnel Desc Tunnel4 Interface Tunnel State Desc Modifying CR LSP is setting up Tunnel Attributes LSP ID 1 1 1 1 1025 Session ID 10 Admin State Oper State Modified Ingress LSR ID 1 1 1...

Страница 139: ...P after a new LSP is created Perform the display mpls lsp verbose command on Router B You can find that the bypass tunnel is in use RouterB display mpls lsp verbose LSP Information RSVP LSP No 1 Ingre...

Страница 140: ...that Tunnel5 is still bound with interface GigabitEthernet 3 1 2 and is unused 7 Create a static route for routing MPLS TE tunnel traffic RouterA ip route static 4 1 1 2 24 tunnel 4 preference 1 Perf...

Страница 141: ...evel 2 RouterA GigabitEthernet3 1 1 quit RouterA interface loopback 0 RouterA LoopBack0 isis enable 1 RouterA LoopBack0 isis circuit level level 2 RouterA LoopBack0 quit Configurations on Router B Rou...

Страница 142: ...sis circuit level level 2 RouterD LoopBack0 quit Execute the display ip routing table command on each router You see that each router has learnt the routes to the LSR IDs of the other routers Take Rou...

Страница 143: ...rsvp te RouterB GigabitEthernet3 1 1 quit RouterB interface POS 2 1 1 RouterB POS2 1 1 mpls RouterB POS2 1 1 mpls te RouterB POS2 1 1 mpls rsvp te RouterB POS2 1 1 quit Configure Router C RouterC mpl...

Страница 144: ...t style wide RouterD isis 1 traffic eng level 2 RouterD isis 1 quit 5 Configure MPLS TE attributes of links Configure the maximum bandwidth and bandwidth constraints on Router A RouterA interface Giga...

Страница 145: ...uterA Tunnel1 ip address 7 1 1 1 255 255 255 0 RouterA Tunnel1 tunnel protocol mpls te RouterA Tunnel1 destination 4 4 4 9 RouterA Tunnel1 mpls te tunnel id 10 RouterA Tunnel1 mpls te signal protocol...

Страница 146: ...None Metric Type None Record Route Disabled Record Label Disabled FRR Flag Disabled BackUpBW Flag Not Supported BackUpBW Type BackUpBW Route Pinning Disabled Retry Limit 10 Retry Interval 10 sec Reopt...

Страница 147: ...ETF Mode MAM kbps 0 0 10000 0 1 0 8000 0 2 0 5000 0 3 0 2000 0 TE CLASS CLASS TYPE PRIORITY BW RESERVED kbps BW AVAILABLE kbps 0 0 7 0 6000 1 1 7 0 4000 2 2 7 0 1000 3 3 7 0 1000 4 0 0 0 6000 5 1 0 0...

Страница 148: ...ails not shown 2 Configure the IGP protocol Enable OSPF on each router to advertise subnets to which interfaces belong and the host routes with LSR IDs as destinations Details not shown 3 Configure MP...

Страница 149: ...outerC system view RouterC mpls lsr id 3 3 3 3 RouterC mpls RouterC mpls mpls te RouterC mpls mpls rsvp te RouterC mpls mpls te cspf RouterC mpls quit RouterC interface GigabitEthernet 2 1 1 RouterC G...

Страница 150: ...eue Protocol queuing Size Length Discards 0 500 0 Output queue FIFO queuing Size Length Discards 0 75 0 Last 300 seconds input 0 bytes sec 0 packets sec Last 300 seconds output 8 bytes sec 0 packets s...

Страница 151: ...quit RouterC interface GigabitEthernet 3 1 1 RouterC GigabitEthernet3 1 1 mpls RouterC GigabitEthernet3 1 1 mpls ldp RouterC GigabitEthernet3 1 1 quit RouterC mpls ldp remote peer b RouterC mpls ldp...

Страница 152: ...2 4 1 1 1 3 3 3 3 Execute the display mpls ldp lsp command on Router B You can see that Router C sent label mapping messages to Router B and established an LDP LSP RouterB display mpls ldp lsp LDP LS...

Страница 153: ...unnel ID 0x11000c LsrType Ingress Bypass In Use Not Exists BypassTunnel Tunnel Index LSP Information LDP LSP No 2 VrfIndex Fec 3 3 3 3 32 Nexthop 10 1 1 1 In Label NULL Out Label 3 In Interface Out In...

Страница 154: ...eling policy to use a CR LSP as the VPN tunnel when creating the VPN Figure 34 Network diagram Configuration procedure 1 Configure OSPF ensuring that PE 1 and PE 2 can learn routes from each other Con...

Страница 155: ...Process 1 with Router ID 2 2 2 2 Neighbors Area 0 0 0 0 interface 10 0 0 1 POS2 1 2 s neighbors Router ID 3 3 3 3 Address 10 0 0 2 GR State Normal State Full Mode Nbr is Master Priority 1 DR None BDR...

Страница 156: ...p session LDP Session s in Public Network Peer ID Status LAM SsnRole FT MD5 KA Sent Rcv 3 3 3 3 0 Operational DU Passive Off Off 2 2 LAM Label Advertisement Mode FT Fault Tolerance 3 Enable MPLS TE CS...

Страница 157: ...2 255 255 255 0 CE1 GigabitEthernet3 1 1 quit Configure the VPN instance on PE 1 and use CR LSP for VPN setup Bind the VPN instance with the interface connected to CE 1 PE1 ip vpn instance vpn1 PE1 vp...

Страница 158: ...k Reply from 192 168 1 2 bytes 56 Sequence 1 ttl 255 time 47 ms Reply from 192 168 1 2 bytes 56 Sequence 2 ttl 255 time 26 ms Reply from 192 168 1 2 bytes 56 Sequence 3 ttl 255 time 26 ms Reply from 1...

Страница 159: ...umber 100 Total number of peers 1 Peers in established state 1 Peer V AS MsgRcvd MsgSent OutQ Up Down State PrefRcv 3 3 3 3 4 100 3 3 0 00 00 11 Established 0 PE1 bgp display bgp vpn instance vpn1 pee...

Страница 160: ...Verify the configuration Perform the display mpls lsp verbose command on PE 1 You can find an LSP with LspIndex 2050 This is the LSP that is the MPLS TE tunnel established using CR LDP PE1 display mp...

Страница 161: ...tunnel command on PE 1 The output shows that traffic is being forwarded along the CR LSP of the TE tunnel PE1 display interface tunnel 4 Tunnel1 current state UP Line protocol current state UP Descrip...

Страница 162: ...mmand the Switch Result field has a value of Protect tunnel and the Work tunnel defect state field has a value of No defect Analysis Possible reasons include The reverting mode is non revertive The re...

Страница 163: ...ls te protection tunnel command If its value is Force a switching action with a higher priority than the signal switching is configured If you expect that signaling can trigger switchover when the mai...

Страница 164: ...f a VPLS network core domain and provides transparent VPLS transport services between core networks VSI Virtual switch instance that maps actual access links to virtual links PW Pseudo wire that is th...

Страница 165: ...ng includes two parts Remote MAC address learning associated with PWs A PW consists of two unidirectional VC LSPs A PW is up only when both of the VC LSPs are up When the inbound VC LSP learns a new M...

Страница 166: ...corresponding MAC entries in the FIB table of the VPLS instance and sends the message to other PEs that are directly connected through LDP sessions If the message contains a null MAC address TLV list...

Страница 167: ...l This mode is also called the Kompella mode NOTE For more information about the Martini mode and Kompella mode see the chapter Configuring MPLS L2VPN VPLS packet encapsulation Packet encapsulation on...

Страница 168: ...and the configuration complexity H VPLS with LSP access Figure 37 H VPLS with LSP access As shown in Figure 37 UPE functions as the convergence device MTU s and establishes only a virtual link U PW wi...

Страница 169: ...lag MPLS label for the PW Then it forwards the packet Upon receiving the packet from the PW PE 1 determines to which VSI the packet belongs by the multiplex distinguishing flag MPLS label and based on...

Страница 170: ...own BFD detects a primary link failure The LDP session between the peers of the primary PW goes down and the PW is deleted as a result Hub spoke VPLS implementation In hub spoke networking one of the...

Страница 171: ...and then forwards the packet back to Hub PE 4 Receiving the packet from the AC Hub PE determines by the VLAN tag the VSI that the packet is for inserts an MPLS label to which the PW corresponds based...

Страница 172: ...labels of the packet and then adds the inner and outer labels of PW 3 or PW 2 to the packet Thus PW 1 PW 2 and PW 3 are put end to end and a multi hop PW is formed across the ASs NOTE Only LDP VPLS c...

Страница 173: ...pls l2vpn NOTE For more information about the l2vpn command and the mpls l2vpn command see MPLS Command Reference Configuring an LDP VPLS instance Configuration prerequisites Configuring IGP on the PE...

Страница 174: ...ep Command Remarks 1 Enter system view system view N A 2 Create a PW class template and enter its view pw class pw class name Optional By default no PW class template is created 3 Configure the PW tra...

Страница 175: ...es PEs and P devices to establish LSP tunnels on the backbone network For configuration information see the chapter Configuring basic MPLS Configuring the BGP extension Before configuring BGP VPLS you...

Страница 176: ...em view 2 Create a BGP VPLS instance and enter VSI view vsi vsi name auto 3 Specify BGP as the PW signaling protocol and enter VSI BGP view pwsignal bgp 4 Configure an RD for the VPLS instance route d...

Страница 177: ...nterface interface type interface number N A 3 Bind the interface with a VPLS instance l2 binding vsi vsi name access mode ethernet vlan hub spoke By default an interface is not bound with any VPLS in...

Страница 178: ...TE You can configure up to 4094 service instances on a Layer 2 Ethernet port The xconnect vsi command is only available for service instances with the ID in the range of 1 to 4094 For the access mode...

Страница 179: ...VPLS service of the VPLS instance shutdown Optional Enabled by default 9 Specify a tunneling policy for the VPLS instance tnl policy tunnel policy name Optional By default no tunneling policy is spec...

Страница 180: ...expression Available in any view Display information about one or all VPLS instances display vsi vsi name verbose begin exclude include regular expression Available in any view Display information ab...

Страница 181: ...PE1 GigabitEthernet3 1 1 mpls ldp PE1 GigabitEthernet3 1 1 quit Configure the remote LDP session PE1 mpls ldp remote peer 1 PE1 mpls remote 1 remote ip 2 2 2 9 PE1 mpls remote 1 quit Configure BGP ex...

Страница 182: ...asic MPLS Sysname system view Sysname sysname PE2 PE2 interface loopback 0 PE2 LoopBack0 ip address 2 2 2 9 32 PE2 LoopBack0 quit PE2 mpls lsr id 2 2 2 9 PE2 mpls PE1 mpls quit PE2 mpls ldp PE2 mpls l...

Страница 183: ...rface GigabitEthernet 3 1 2 and bind VPLS instance aaa or bbb to the interface PE2 interface GigabitEthernet 3 1 2 To bind VPLS instance aaa to interface GigabitEthernet 3 1 2 PE2 GigabitEthernet3 1 2...

Страница 184: ...hernet3 1 1 quit Configure the remote LDP session UPE mpls ldp remote peer 1 UPE mpls remote 1 remote ip 2 2 2 9 UPE mpls remote 1 quit Enable L2VPN and MPLS L2VPN UPE l2vpn UPE l2vpn mpls l2vpn UPE l...

Страница 185: ...e remote LDP session with UPE NPE1 mpls ldp remote peer 2 NPE1 mpls remote 2 remote ip 1 1 1 9 NPE1 mpls remote 2 quit Configure the remote LDP session with NPE 3 NPE1 mpls ldp remote peer 3 NPE1 mpls...

Страница 186: ...ignaling NPE3 vsi aaa static NPE3 vsi aaa pwsignal ldp NPE3 vsi aaa ldp vsi id 500 NPE3 vsi aaa ldp peer 2 2 2 9 NPE3 vsi aaa ldp quit NPE3 vsi aaa quit Configure interface GigabitEthernet 3 1 2 and b...

Страница 187: ...PE1 mpls quit Spoke PE1 mpls ldp Spoke PE1 mpls ldp quit Configure basic MPLS on the interface connected to Hub PE Spoke PE1 interface GigabitEthernet 3 1 1 Spoke PE1 GigabitEthernet3 1 1 ip address 1...

Страница 188: ...LoopBack0 quit Spoke PE2 mpls lsr id 2 2 2 9 Spoke PE2 mpls Spoke PE2 mpls quit Spoke PE2 mpls ldp Spoke PE2 mpls ldp quit Configure basic MPLS on the interface connected to Hub PE Spoke PE2 interfac...

Страница 189: ...mpls Hub PE GigabitEthernet3 1 1 mpls ldp Hub PE GigabitEthernet3 1 1 quit Configure basic MPLS on the interface connected to Spoke PE 2 Hub PE interface GigabitEthernet 3 1 2 Hub PE GigabitEthernet3...

Страница 190: ...nection U PW with NPE 1 and NPE 2 with the NPE 2 link as the backup NPE 1 and NPE 2 each establish a PW connection N PW with NPE 3 CE 3 is connected to the network through NPE 3 UPE is connected to NP...

Страница 191: ...e LDP session with NPE 2 UPE mpls ldp remote peer 2 UPE mpls remote 1 remote ip 3 3 3 3 UPE mpls remote 1 quit Enable L2VPN and MPLS L2VPN UPE l2vpn UPE l2vpn mpls l2vpn UPE l2vpn quit Configure the V...

Страница 192: ...NPE1 GigabitEthernet3 1 2 mpls ldp NPE1 GigabitEthernet3 1 2 quit Configure an IP address for the interface connected to NPE 3 and then enable MPLS and MPLS LDP NPE1 interface GigabitEthernet 3 1 5 N...

Страница 193: ...GigabitEthernet3 1 5 mpls ldp NPE3 GigabitEthernet3 1 5 quit Configure an IP address for the interface connected to NPE 2 and then enable MPLS and MPLS LDP NPE3 interface GigabitEthernet 3 1 6 NPE3 G...

Страница 194: ...has been established Implementing multi AS VPN through multi hop PW Network requirements Each CE is connected to a PE through an Ethernet Create a VPLS instance that supports P2P on ASBR 1 and ASBR 2...

Страница 195: ...ew Sysname sysname ASBR1 ASBR1 interface loopback 0 ASBR1 LoopBack0 ip address 2 2 2 2 32 ASBR1 LoopBack0 quit ASBR1 mpls lsr id 2 2 2 2 ASBR1 mpls ASBR1 mpls quit ASBR1 mpls ldp ASBR1 mpls ldp quit C...

Страница 196: ...labeled unicast routes ASBR1 bgp 100 ASBR1 bgp import route direct ASBR1 bgp peer 11 1 1 3 as number 200 ASBR1 bgp peer 11 1 1 3 route policy map export ASBR1 bgp peer 11 1 1 3 label route capability...

Страница 197: ...pn mpls l2vpn ASBR2 l2vpn quit Configure a P2P capable VPLS instance aaa that uses LDP signaling ASBR2 vsi aaa static p2p ASBR2 vsi aaa pwsignal ldp ASBR2 vsi aaa ldp vsi id 500 ASBR2 vsi aaa ldp peer...

Страница 198: ...play vpls connection command on each device You will see that a PW in up state has been established between the devices Troubleshooting VPLS Symptom The VPLS link PW is not up Analysis The public netw...

Страница 199: ...188 Check whether the VPLS instances on the two peers are configured with the same MTU value...

Страница 200: ...nections over the network Consider ATM as an example Each customer edge CE device can connect to the MPLS network through an ATM virtual circuit VC to communicate with another CE This is similar to th...

Страница 201: ...other Inner label also called VC label is used to identify different connections between VPNs Upon receiving packets a PE determines to which CE the packets are to be forwarded according to the VC lab...

Страница 202: ...d resembles the Martini method closely and is in fact a static implementation of the Martini method The difference is that it does not use LDP to transfer Layer 2 VC and link information You only need...

Страница 203: ...nfiguration workload in the case of expansion Imagine that an enterprise VPN contains 10 CEs and the number may increase to 20 in future service expansion In this case you can set the CE range of each...

Страница 204: ...N mpls l2vpn Disabled by default Configuring CCC MPLS L2VPN Configuration prerequisites Before configuring CCC L2VPN complete the following tasks Configure basic MPLS on the PEs and P routers Enable M...

Страница 205: ...each remote CCC connection Instead you only need to configure the incoming and outgoing labels where the incoming label must be exclusively for the CCC connection The labels function as static LSPs On...

Страница 206: ...VPLS instance Configuring SVC MPLS L2VPN SVC MPLS L2VPN does not use any signaling protocol to transfer L2VPN information Instead it uses tunnels to transport data between PEs SVC supports these tunn...

Страница 207: ...t a VLAN interface see Creating a Martini MPLS L2VPN connection on a Layer 3 Ethernet interface sub interface Configuring it in a service instance see Creating a Martini MPLS L2VPN for a service insta...

Страница 208: ...as two main parameters IP address of the peer PE and VC ID Do not configure both MPLS and Martini MPLS L2VPN on a Layer 3 Ethernet interface sub interface Otherwise neither MPLS nor MPLS L2VPN service...

Страница 209: ...ports To solve the problem you can create a Martini MPLS L2VPN connection in a service instance More specifically 1 Create a service instance on a Layer 2 Ethernet port 2 Specify a packet matching VL...

Страница 210: ...ice instance and enter service instance view service instance instance id By default no service instance is created 13 Specify a packet matching VLAN ID for the service instance encapsulation s vid vl...

Страница 211: ...guring BGP L2VPN capability To configure BGP L2VPN capability Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Establish the peer relationship with the pee...

Страница 212: ...To facilitate the configuration encode the CE IDs in continuous natural numbers starting from 1 The CE range of a VPN indicates the maximum number of CEs that can be connected to the VPN You can conf...

Страница 213: ...LS instance Enabling the MPLS L2VPN mix function If you configure MPLS L2VPN services including VLL and VPLS on both the SPC card and the SPE card of a router you need to enable the MPLS L2VPN mix fun...

Страница 214: ...ailable in any view Display information about L2VPN in the BGP routing table display bgp l2vpn all group group name peer ip address verbose route distinguisher rd ce id ce id label offset label offset...

Страница 215: ...he PE through GigabitEthernet interfaces Create a local CCC connection between CE 1 and CE 2 NOTE Because a local CCC connection is bidirectional one is enough The PE interfaces connecting the CEs req...

Страница 216: ...ip address 100 1 1 2 24 4 Verify your configuration Display CCC connection information on the PE The output shows that a local CCC connection has been established PE display ccc Total ccc vc 1 Local...

Страница 217: ...packets to be transferred in both directions Figure 50 Network diagram Device Interface IP address Device Interface IP address CE 1 GE4 1 1 100 1 1 1 24 P Loop0 10 0 0 2 32 PE 1 Loop0 10 0 0 1 32 GE4...

Страница 218: ...obally Sysname system view Sysname sysname P P interface loopback 0 P LoopBack0 ip address 10 0 0 2 32 P LoopBack0 quit P mpls lsr id 10 0 0 2 P mpls P mpls quit Configure interface GigabitEthernet 4...

Страница 219: ...ting the P router as the outgoing interface setting the incoming label to 201 and the outgoing label to 101 PE2 ccc ce2 ce1 interface GigabitEthernet 4 1 2 in label 201 out label 101 nexthop 10 2 2 2...

Страница 220: ...dress Device Interface IP address CE 1 GE4 1 1 100 1 1 1 24 P Loop0 192 4 4 4 32 PE 1 Loop0 192 2 2 2 32 GE4 1 1 10 2 2 2 24 GE4 1 2 10 1 1 1 24 GE4 1 2 10 1 1 2 24 CE 2 GE4 1 1 100 1 1 2 24 PE 2 Loop...

Страница 221: ...PE1 GigabitEthernet4 1 2 ip address 10 1 1 1 24 PE1 GigabitEthernet4 1 2 mpls PE1 GigabitEthernet4 1 2 mpls ldp PE1 GigabitEthernet4 1 2 quit Configure OSPF on PE 1 for establishing LSPs PE1 ospf PE1...

Страница 222: ...net4 1 1 mpls P GigabitEthernet4 1 1 mpls ldp P GigabitEthernet4 1 1 quit Configure OSPF on the P router for establishing LSPs P ospf P ospf 1 area 0 P ospf 1 area 0 0 0 0 network 10 1 1 2 0 0 0 255 P...

Страница 223: ...1 1 CE2 GigabitEthernet4 1 1 ip address 100 1 1 2 24 6 Verify your configuration Display SVC L2VPN connection information on PE 1 or PE 2 The output shows that an L2VPN connection has been establishe...

Страница 224: ...32 PE 1 Loop0 192 2 2 2 32 GE4 1 1 10 1 1 2 24 GE4 1 2 10 1 1 1 24 GE4 1 2 10 2 2 2 24 CE 2 GE4 1 1 100 1 1 2 24 PE 2 Loop0 192 3 3 3 32 GE4 1 2 10 2 2 1 24 Configuration procedure 1 Configure CE 1 Sy...

Страница 225: ...ospf PE1 ospf 1 area 0 PE1 ospf 1 area 0 0 0 0 network 10 1 1 1 0 0 0 255 PE1 ospf 1 area 0 0 0 0 network 192 2 2 2 0 0 0 0 PE1 ospf 1 area 0 0 0 0 quit PE1 ospf 1 quit On the interface connecting CE...

Страница 226: ...Configure the LSR ID and enable MPLS globally Sysname system view Sysname sysname PE2 PE2 interface loopback 0 PE2 LoopBack0 ip address 192 3 3 3 32 PE2 LoopBack0 quit PE2 mpls lsr id 192 3 3 3 PE2 mp...

Страница 227: ...e output shows that an L2VPN connection is established PE1 display mpls l2vc Total ldp vc 1 1 up 0 down 0 blocked Transport Client VC Local Remote VC ID Intf State VC Label VC Label 101 GE4 1 1 up 102...

Страница 228: ...bone This example uses OSPF Details not shown After configuration issuing the display ip routing table command on each LSR you should see that it has learned the routes to the LSR IDs of the other LSR...

Страница 229: ...isplay bgp l2vpn peer BGP local router ID 1 1 1 9 Local AS number 100 Total number of peers 1 Peers in established state 1 Peer V AS MsgRcvd MsgSent OutQ PrefRcv Up Down State 3 3 3 9 4 100 2 5 0 0 00...

Страница 230: ...1 1 2 PING 30 1 1 2 56 data bytes press CTRL_C to break Reply from 30 1 1 2 bytes 56 Sequence 1 ttl 255 time 90 ms Reply from 30 1 1 2 bytes 56 Sequence 2 ttl 255 time 77 ms Reply from 30 1 1 2 bytes...

Страница 231: ...nnections connections 2 up 0 down 2 local 0 remote 0 unknown VPN name vpn1 2 total connections connections 2 up 0 down 2 local 0 remote 0 unknown CE name ce1 id 1 Rid type status peer id route disting...

Страница 232: ...te VC label is invalid Analysis The reason the VC is down may be that the PEs are configured with different encapsulation types Solution Check whether the local PE and the peer PE are configured with...

Страница 233: ...tomer edge CE device A CE resides on a customer network and has one or more interfaces directly connected to service provider networks It can be a router a switch or a host It can neither sense the pr...

Страница 234: ...ame provider network can be classified into different sets by policies Only the sites in the same set can access each other through the provider network Such a set is called a VPN Address space overla...

Страница 235: ...he Type field When the value of the Type field is 0 the Administrator subfield occupies two bytes the Assigned number subfield occupies four bytes and the RD format is 16 bit AS number 32 bit user def...

Страница 236: ...ommunities in the import target attribute An export routing policy can reject the routes selected by the communities in the export target attribute After a VPN instance is created you can configure an...

Страница 237: ...rds the packet out the interface to CE 2 5 CE 2 transmits the packet to the destination by IP forwarding MPLS L3VPN networking schemes In MPLS L3VPNs VPN target attributes are used to control the adve...

Страница 238: ...ing scheme can be used to implement the monitoring and filtering of user communications This networking scheme requires two VPN targets one for the hub and the other for the spoke The VPN target setti...

Страница 239: ...ith each other through the hub site The import target attribute of any spoke PE is distinct from the export VPN targets of the other spoke PEs Therefore any two spoke PEs can neither directly advertis...

Страница 240: ...In basic MPLS L3VPN networking the advertisement of VPN routing information involves CEs and PEs A P router maintains only the routes of the backbone and does not need to know any VPN routing informat...

Страница 241: ...and IBGP routes The exchange of routing information between the egress PE and the remote CE is the same as that between the local CE and the ingress PE Inter AS VPN In some networking scenarios multi...

Страница 242: ...Inter AS option B In this kind of solution two ASBRs use MP EBGP to exchange labeled VPN IPv4 routes that they have obtained from the PEs in their respective ASs As shown in Figure 62 the routes are a...

Страница 243: ...nter AS VPNs However they require that the ASBRs maintain and advertise VPN IPv4 routes When every AS needs to exchange a great amount of VPN routes the ASBRs may become bottlenecks hindering network...

Страница 244: ...is possible that a customer of the MPLS L3VPN service provider is also a service provider In this case the MPLS L3VPN service provider is called the provider carrier or the Level 1 carrier while the...

Страница 245: ...l the routes exchanged between them In either case you need to enable MPLS on the CE of the Level 1 carrier Moreover the CE holds the VPN routes of the Level 2 carrier but it does not advertise the ro...

Страница 246: ...easy to deploy but it increases the network operation cost and brings issues on management and security because The number of VPNs that PEs must support will increase sharply Any modification of an i...

Страница 247: ...er 4 After another provider PE receives the VPNv4 routes it matches the VPNv4 routes based on its local VPNs Each local VPN accepts routes of its own and advertises them to its connected sub VPN CEs s...

Страница 248: ...zing the addresses of each VPN to improve the forwarding efficiency HoVPN Why HoVPN In MPLS L3VPN solutions PEs are the key devices They provide the following functions User access This means that the...

Страница 249: ...tain the routes of the remote sites in the VPN or only maintains their summary routes A UPE assigns inner labels to the routes of its directly connected sites and advertises the labels to the SPE alon...

Страница 250: ...n SPE A HoPE can act as an SPE to form a new HoPE with multiple UPEs HoVPN supports multi level recursion With recursion of HoPEs a VPN can be extended infinitely in theory Figure 69 Recursion of HoPE...

Страница 251: ...VPN site contains an OSPF area 0 the connected PE must be connected to the backbone area of the VPN site through area 0 You can configure a logical connection by using a virtual link BGP OSPF interact...

Страница 252: ...es learned from MPLS BGP to the VPN site through LSAs the LSAs may be received by another PE resulting in a routing loop To avoid routing loops when creating Type 3 LSAs the PE always sets the flag bi...

Страница 253: ...ny area You need to configure it manually In addition the local VPN instance must have a route to the destination of the sham link NOTE When configuring an OSPF sham link redistribute OSPF VPN routes...

Страница 254: ...onal MPLS L3VPN architecture requires that each VPN instance exclusively use a CE to connect with a PE as shown in Figure 55 For better services and higher security a private network is usually divide...

Страница 255: ...packet through the corresponding tunnel You can configure static routes RIP OSPF IS IS EBGP or IBGP between MCE and VPN site and between MCE and PE NOTE To implement dynamic IP assignment for DHCP cli...

Страница 256: ...PLS L3VPN complete the following tasks Configure an IGP for the MPLS backbone on the PEs and Ps to achieve IP connectivity Configure basic MPLS for the MPLS backbone Configure MPLS LDP for the MPLS ba...

Страница 257: ...default NOTE The ip binding vpn instance command clears the IP address of the interface on which it is configured Be sure to re configure an IP address for the interface after configuring the command...

Страница 258: ...PN instance to support preventing too many routes from being redistributed into the PE Create a routing policy before associating it with a VPN instance Otherwise the router cannot filter the routes t...

Страница 259: ...e the LDP capability for an existing VPN instance create an LDP instance for the VPN instance and configure LDP parameters for the LDP instance To configure an LDP instance Step Command Remarks 1 Ente...

Страница 260: ...address vpn instance d vpn instance name gateway address preference preference value tag tag value description description text Use either command Perform this configuration on PEs On CEs configure no...

Страница 261: ...s ext community type domain id type code1 router id type code2 route type type code3 Optional The defaults are as follows 0x0005 for Domain ID 0x0107 for Router ID and 0x0306 for Route Type Perform th...

Страница 262: ...3 Configure a network entity title for the IS IS process network entity net Not configured by default 4 Return to system view quit N A 5 Enter interface view interface interface type interface number...

Страница 263: ...receives from the CE also include the number of the AS where the PE resides This causes the PE unable to receive the route updates In this case routing loops must be allowed 2 Configurations on a CE...

Страница 264: ...igure BGP to filter routes to be advertised filter policy acl number ip prefix ip prefix name export direct isis process id ospf process id rip process id static Optional By default BGP does not filte...

Страница 265: ...Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Configure the remote PE as the peer peer group name ip address as number as number N A 4 Specify the source int...

Страница 266: ...g information is exchanged between BGP peers 8 Add a peer into an existing peer group peer ip address group group name Optional 9 Configure the system to use the local address as the next hop of a rou...

Страница 267: ...dress family view ipv4 family vpnv4 N A 6 Set the default value of the local preference default local preference value Optional 100 by default 7 Set the default value for the system MED default med me...

Страница 268: ...eference value for the routes received from the peer peer group peer group name ip address preferred value value Optional 0 by default 17 Make BGP updates to be sent carry no private AS numbers peer g...

Страница 269: ...VPN the VPN targets configured on the PEs must match those configured on the ASBR PEs in the same AS to make sure that VPN routes sent by the PEs or ASBR PEs can be received by the ASBR PEs or PEs VPN...

Страница 270: ...the peer ip address group name next hop local command For information about the command see Layer 3 IP Routing Configuration Guide Configuring inter AS option C Configuring the PEs You need to establ...

Страница 271: ...ber N A 3 Configure each PE in the same AS as the IBGP peer peer group name ip address as number as number N A 4 Enable the ASBR PE to exchange labeled IPv4 routes with the PEs in the same AS peer gro...

Страница 272: ...ng Configuration Guide Configuring nested VPN For a network with many VPNs if you want to implement layered management of VPNs and to conceal the deployment of internal VPNs nested VPN is a good solut...

Страница 273: ...nce view Nested VPN does not support multi hop EBGP networking A service provider PE and its peer must use the addresses of the directly connected interfaces to establish neighbor relationship Nested...

Страница 274: ...a PE specifying the egress of another private network or public network as the egress of the static route Thus packets from the multi role host for accessing a certain VPN can return based on the rou...

Страница 275: ...ct an SPE to a CE directly If an SPE must be directly connected to a CE the VPN instance on the SPE and that on the UPE must be configured with different RDs Configuring an OSPF sham link The sham lin...

Страница 276: ...alue route policy route policy name 5 Redistribute OSPF VPN routes import route ospf process id all processes allow direct med med value route policy route policy name Creating a sham link To create a...

Страница 277: ...PN site routing configuration MCE PE routing configuration On the PE in an MCE network environment disable routing loop detection to avoid route loss during route calculation and disable route redistr...

Страница 278: ...figuring RIP to VPN bindings on a CE you allow routes of different VPNs to be exchanged between the CE and the sites through different RIP processes ensuring the separation and security of VPN routes...

Страница 279: ...F on the interface attached to the specified network in the area network ip address wildcard mask By default an interface neither belongs to any area nor runs OSPF NOTE An OSPF process that is bound w...

Страница 280: ...rface interface type interface number N A 7 Enable the IS IS process on the interface isis enable process id Disabled by default NOTE For more information about IS IS see Layer 3 IP Routing Configurat...

Страница 281: ...nal OSPF attribute cannot be restored making the route unable to be distinguished from routes redistributed from other domains To distinguish routes of different OSPF domains you need to enable a rout...

Страница 282: ...d static Optional By default BGP does not filter the routes to be advertised 8 Configure a filtering policy to filter received routes filter policy acl number ip prefix ip prefix name import Optional...

Страница 283: ...ress mask mask length gateway address public interface type interface number gateway address vpn instance d vpn instance name gateway address preference preference value tag tag value description desc...

Страница 284: ...umber ip prefix ip prefix name export protocol process id Optional By default redistributed routes are not filtered 7 Configure the default parameters for redistributed routes cost route number tag an...

Страница 285: ...N A 8 Enable the IS IS process on the interface isis enable process id Disabled by default NOTE For more information about IS IS see Layer 3 IP Routing Configuration Guide Configuring EBGP between MC...

Страница 286: ...to be advertised 7 Configure a filtering policy to filter the received routes filter policy acl number ip prefix ip prefix name import Optional By default BGP does not filter the received routes Spec...

Страница 287: ...emarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Enter BGP VPN instance view ipv4 family vpn instance vpn instance name N A 4 Enable the BGP AS number substitution funct...

Страница 288: ...vpn instance vpn instance name acl acl number ip prefix ip prefix name begin exclude include regular expression Available in any view Display information about the FIB of a VPN instance that matches t...

Страница 289: ...ance vpn instance name peer ip address received ip prefix begin exclude include regular expression Available in any view Display all BGP VPNv4 routing information display bgp vpnv4 all routing table n...

Страница 290: ...dampened dampening parameter different origin as flap info network address mask mask length longer match as path acl as path acl number peer ip address advertised routes received routes statistic beg...

Страница 291: ...E 2 and CE 4 belong to VPN 2 VPN 1 uses VPN target attributes 1 1 1 1 while VPN 2 uses VPN target attributes 222 2 Users of different VPNs cannot access each other EBGP is used to exchange VPN routing...

Страница 292: ...0 0 0 network 172 1 1 0 0 0 0 255 PE1 ospf 1 area 0 0 0 0 network 1 1 1 9 0 0 0 0 PE1 ospf 1 area 0 0 0 0 quit PE1 ospf 1 quit Configure the P device P system view P interface loopback 0 P LoopBack0 i...

Страница 293: ...ect 0 0 127 0 0 1 InLoop0 2 2 2 9 32 OSPF 10 1 172 1 1 2 POS2 1 1 3 3 3 9 32 OSPF 10 2 172 1 1 2 POS2 1 1 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 172 1 1 0 2...

Страница 294: ...ished between PE 1 P and PE 2 Issue the display mpls ldp session command The output shows that the session status is Operational Issue the display mpls ldp lsp command The output shows that the LSPs e...

Страница 295: ...vpn instance vpn1 quit PE2 ip vpn instance vpn2 PE2 vpn instance vpn2 route distinguisher 200 2 PE2 vpn instance vpn2 vpn target 222 2 PE2 vpn instance vpn2 quit PE2 interface GigabitEthernet 4 1 1 PE...

Страница 296: ...are similar to those for CE 1 Details not shown Configure PE 1 PE1 bgp 100 PE1 bgp ipv4 family vpn instance vpn1 PE1 bgp vpn1 peer 10 1 1 1 as number 65410 PE1 bgp vpn1 import route direct PE1 bgp vpn...

Страница 297: ...100 Total number of peers 1 Peers in established state 1 Peer AS MsgRcvd MsgSent OutQ PrefRcv Up Down State 3 3 3 9 100 2 6 0 0 00 00 12 Established 6 Verify your configurations Issue the display ip r...

Страница 298: ...s transmitted 5 packet s received 0 00 packet loss round trip min avg max 34 48 72 ms CE1 ping 10 4 1 1 PING 10 4 1 1 56 data bytes press CTRL_C to break Request time out Request time out Request tim...

Страница 299: ...Configure an IGP on the MPLS backbone to ensure IP connectivity within the backbone Configure PE 1 PE1 system view PE1 interface loopback 0 PE1 LoopBack0 ip address 1 1 1 9 32 PE1 LoopBack0 quit PE1...

Страница 300: ...3 3 3 9 0 0 0 0 PE2 ospf 1 area 0 0 0 0 quit PE2 ospf 1 quit After you complete the configurations P establishes an OSPF adjacency with PE 1 and PE 2 respectively Issue the display ospf peer command T...

Страница 301: ...PE1 POS5 1 1 quit Configure the P router P mpls lsr id 2 2 2 9 P mpls P mpls quit P mpls ldp P mpls ldp quit P interface pos 5 1 1 P POS5 1 1 mpls P POS5 1 1 mpls ldp P POS5 1 1 quit P interface pos...

Страница 302: ...rget 111 1 PE1 vpn instance vpn1 quit PE1 ip vpn instance vpn2 PE1 vpn instance vpn2 route distinguisher 100 2 PE1 vpn instance vpn2 vpn target 222 2 PE1 vpn instance vpn2 quit PE1 interface GigabitEt...

Страница 303: ...56 Sequence 2 ttl 255 time 4 ms Reply from 10 1 1 1 bytes 56 Sequence 3 ttl 255 time 4 ms Reply from 10 1 1 1 bytes 56 Sequence 4 ttl 255 time 52 ms Reply from 10 1 1 1 bytes 56 Sequence 5 ttl 255 ti...

Страница 304: ...eers 1 Peers in established state 1 Peer AS MsgRcvd MsgSent OutQ PrefRcv Up Down State 10 1 1 1 100 26 21 0 2 00 11 08 Established 5 Configure an MP IBGP peer relationship between PEs On PE 1 configur...

Страница 305: ...e the display ip routing table vpn instance command on the PEs The output shows the routes to the peer CEs Take PE 1 as an example PE1 display ip routing table vpn instance vpn1 Routing Tables vpn1 De...

Страница 306: ...g statistics 5 packet s transmitted 5 packet s received 0 00 packet loss round trip min avg max 34 48 72 ms CE1 ping 7 7 7 9 PING 7 7 7 9 56 data bytes press CTRL_C to break Request time out Request t...

Страница 307: ...backbone After you complete the configurations OSPF adjacencies are established between PE 1 P and PE 2 Issue the display ospf peer command The output shows that the adjacency status is Full Issue th...

Страница 308: ...n instance vpn1 PE2 GigabitEthernet3 1 1 ip address 10 2 1 2 24 PE2 GigabitEthernet3 1 1 quit Configure CE 1 CE1 system view CE1 interface GigabitEthernet 3 1 1 CE1 GigabitEthernet3 1 1 ip address 10...

Страница 309: ...ions for CE 2 are similar to those for CE 1 and the configurations for PE 2 are similar to those for PE 1 Details not shown After completing the configuration issue the display bgp vpnv4 vpn instance...

Страница 310: ...1 1 24 PE1 Tunnel0 mpls PE1 Tunnel0 quit Configure PE 2 PE2 interface tunnel 0 PE2 Tunnel0 tunnel protocol gre PE2 Tunnel0 source loopback 0 PE2 Tunnel0 destination 1 1 1 9 PE2 Tunnel0 ip address 20 1...

Страница 311: ...0 2 2 2 9 NULL0 The CEs can ping each other CE1 ping 10 2 1 1 PING 10 2 1 1 56 data bytes press CTRL_C to break Reply from 10 2 1 1 bytes 56 Sequence 1 ttl 253 time 41 ms Reply from 10 2 1 1 bytes 56...

Страница 312: ...by OSPF After you complete the configurations each ASBR PE and the PE in the same AS can establish OSPF adjacencies Issue the display ospf peer verbose command The output shows that the adjacencies r...

Страница 313: ...ace pos2 1 1 ASBR PE2 POS2 1 1 clock master ASBR PE2 POS2 1 1 mpls ASBR PE2 POS2 1 1 mpls ldp ASBR PE2 POS2 1 1 quit Configure basic MPLS on PE 2 and enable MPLS LDP on the interface connected to ASBR...

Страница 314: ...E2 interface GigabitEthernet 4 1 2 PE2 GigabitEthernet4 1 2 ip binding vpn instance vpn1 PE2 GigabitEthernet4 1 2 ip address 10 2 1 2 24 PE2 GigabitEthernet4 1 2 quit Configure ASBR PE 1 creating a VP...

Страница 315: ...p quit Configure CE 2 CE2 bgp 65002 CE2 bgp peer 10 2 1 2 as number 200 CE2 bgp import route direct CE2 bgp quit Configure PE 2 PE2 bgp 200 PE2 bgp ipv4 family vpn instance vpn1 PE2 bgp vpn1 peer 10 2...

Страница 316: ...ure PE 2 PE2 bgp 200 PE2 bgp peer 3 3 3 9 as number 200 PE2 bgp peer 3 3 3 9 connect interface loopback 0 PE2 bgp ipv4 family vpnv4 PE2 bgp af vpnv4 peer 3 3 3 9 enable PE2 bgp af vpnv4 peer 3 3 3 9 n...

Страница 317: ...0 1 8 Configuration procedure 1 Configure PE 1 Start IS IS on PE 1 PE1 system view PE1 isis 1 PE1 isis 1 network entity 10 1111 1111 1111 1111 00 PE1 isis 1 quit Configure LSR ID enable MPLS and LDP...

Страница 318: ...1 1 quit Start BGP on PE 1 PE1 bgp 100 Configure IBGP peer 3 3 3 9 as a VPNv4 peer PE1 bgp peer 3 3 3 9 as number 100 PE1 bgp peer 3 3 3 9 connect interface loopback 0 PE1 bgp ipv4 family vpnv4 PE1 bg...

Страница 319: ...600 Specify not to filter the received VPNv4 routes using the import target attribute ASBR PE1 bgp ipv4 family vpnv4 ASBR PE1 bgp af vpnv4 undo policy vpn target Configure both IBGP peer 2 2 2 0 and...

Страница 320: ...Nv4 routes using the import target attribute ASBR PE2 bgp ipv4 family vpnv4 ASBR PE2 bgp af vpnv4 undo policy vpn target Configure both IBGP peer 5 5 5 9 and EBGP peer 11 0 0 2 as VPNv4 peers ASBR PE2...

Страница 321: ...4 peer PE2 bgp peer 4 4 4 9 as number 600 PE2 bgp peer 4 4 4 9 connect interface loopback 0 PE2 bgp ipv4 family vpnv4 PE2 bgp af vpnv4 peer 4 4 4 9 enable PE2 bgp af vpnv4 quit Redistribute direct rou...

Страница 322: ...4 1 1 9 1 1 1 8 POS4 1 2 11 0 0 2 8 POS4 1 2 11 0 0 1 8 Configuration procedure 1 Configure PE 1 Run IS IS on PE 1 PE1 system view PE1 isis 1 PE1 isis 1 network entity 10 1111 1111 1111 1111 00 PE1 is...

Страница 323: ...eled routes from the peer PE1 bgp peer 3 3 3 9 as number 100 PE1 bgp peer 3 3 3 9 connect interface loopback 0 PE1 bgp peer 3 3 3 9 label route capability Configure the maximum hop count from PE 1 to...

Страница 324: ...1 route policy1 quit ASBR PE1 route policy policy2 permit node 1 ASBR PE1 route policy2 if match mpls label ASBR PE1 route policy2 apply mpls label ASBR PE1 route policy2 quit Start BGP on ASBR PE 1 a...

Страница 325: ...LoopBack0 ip address 4 4 4 9 32 ASBR PE2 LoopBack0 isis enable 1 ASBR PE2 LoopBack0 quit Configure interface POS 4 1 2 and enable MPLS on it ASBR PE2 interface POS 4 1 2 ASBR PE2 POS4 1 2 ip address...

Страница 326: ...t PE2 mpls ldp PE2 mpls ldp quit Configure interface POS 4 1 1 and start IS IS and enable MPLS and LDP on the interface PE2 interface POS 4 1 1 PE2 POS4 1 1 ip address 9 1 1 2 255 0 0 0 PE2 POS4 1 1 i...

Страница 327: ...PE 1 and PE 2 can ping each other PE2 ping vpn instance vpn1 30 0 0 1 PE1 ping vpn instance vpn1 20 0 0 1 Configuring carrier s carrier Network requirements Configure carrier s carrier for the scenar...

Страница 328: ...2 Loop0 4 4 4 9 32 POS2 1 1 11 1 1 2 24 POS2 1 1 30 1 1 2 24 POS2 1 2 30 1 1 1 24 POS2 1 2 21 1 1 1 24 Configuration procedure 1 Configure MPLS L3VPN on the provider carrier backbone start IS IS as th...

Страница 329: ...been established and has reached the Established state Issue the display isis peer command the output shows that the IS IS neighbor relationship has been set up Take PE 1 as an example PE1 display mp...

Страница 330: ...erface loopback 0 CE1 LoopBack0 ip address 2 2 2 9 32 CE1 LoopBack0 quit CE1 mpls lsr id 2 2 2 9 CE1 mpls CE1 mpls quit CE1 mpls ldp CE1 mpls ldp quit CE1 isis 2 CE1 isis 2 network entity 10 0000 0000...

Страница 331: ...S2 1 1 mpls ldp PE1 POS2 1 1 mpls ldp transport address interface PE1 POS2 1 1 quit PE1 bgp 100 PE1 bgp ipv4 family vpn instance vpn1 PE1 bgp vpn1 import isis 2 PE1 bgp vpn1 quit PE1 bgp quit Configur...

Страница 332: ...ustomer carrier to exchange the VPN routes of the end customers Configure PE 3 PE3 bgp 100 PE3 bgp peer 6 6 6 9 as number 100 PE3 bgp peer 6 6 6 9 connect interface loopback 0 PE3 bgp ipv4 family vpnv...

Страница 333: ...and CE 2 The output shows that the internal routes of the customer carrier network are present in the public network routing tables but the VPN routes that the customer carrier maintains are not Take...

Страница 334: ...Destination Mask Proto Pre Cost NextHop Interface 100 1 1 0 24 Direct 0 0 100 1 1 2 GE4 1 1 100 1 1 2 32 Direct 0 0 127 0 0 1 InLoop0 120 1 1 0 24 BGP 255 0 6 6 6 9 NULL0 PE 3 and PE 4 can ping each...

Страница 335: ...erstand the processing of routes of sub VPNs on the service provider PEs which is described as follows When receiving a VPNv4 route from a CE CE 1 or CE 2 in this example a service provider PE replace...

Страница 336: ...ure PE 1 PE1 system view PE1 interface loopback 0 PE1 LoopBack0 ip address 3 3 3 9 32 PE1 LoopBack0 quit PE1 mpls lsr id 3 3 3 9 PE1 mpls PE1 mpls quit PE1 mpls ldp PE1 mpls ldp quit PE1 isis 1 PE1 is...

Страница 337: ...s in established state 1 Peer AS MsgRcvd MsgSent OutQ PrefRcv Up Down State 4 4 4 9 100 162 145 0 0 02 12 47 Established PE1 display isis peer Peer information for ISIS 1 System Id Interface Circuit I...

Страница 338: ...d IS IS neighbor relationship can be established between PE 3 and CE 1 NOTE Configurations on PE 4 and CE 2 are similar to those on PE 3 and CE 1 respectively and are thus omitted here 3 Connect CE 1...

Страница 339: ...ress 110 1 1 1 24 CE5 GigabitEthernet3 1 1 quit CE5 bgp 65411 CE5 bgp peer 110 1 1 2 as number 200 CE5 bgp import route direct CE5 bgp quit Configure PE 3 PE3 ip vpn instance SUB_VPN1 PE3 vpn instance...

Страница 340: ...n instance vpn1 enable PE1 bgp af vpnv4 quit PE1 bgp quit Configure CE 1 enabling VPNv4 capability and establishing VPNv4 neighbor relationship between CE 1 and PE 1 CE1 bgp 200 CE1 bgp ipv4 family vp...

Страница 341: ...lowing takes PE 1 for illustration PE1 display ip routing table Routing Tables Public Destinations 7 Routes 7 Destination Mask Proto Pre Cost NextHop Interface 3 3 3 9 32 Direct 0 0 127 0 0 1 InLoop0...

Страница 342: ...incomplete Total number of routes from all PE 4 Route Distinguisher 100 1 Network NextHop In Out Label MED LocPrf 100 1 1 0 24 1 1 1 9 1024 1024 Route Distinguisher 101 1 Network NextHop In Out Label...

Страница 343: ...p0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 Execute the display ip routing table command on CE 5 and CE 6 to verify that the routing tables contain routes of remote sub VPNs The following takes CE5 f...

Страница 344: ...ms CE 3 and CE 6 cannot ping each other CE3 ping 130 1 1 1 PING 130 1 1 1 56 data bytes press CTRL_C to break Request time out Request time out Request time out Request time out Request time out 130 1...

Страница 345: ...e basic MPLS and MPLS LDP to establish LDP LSPs UPE1 system view UPE1 interface loopback 0 UPE1 LoopBack0 ip address 1 1 1 9 32 UPE1 LoopBack0 quit UPE1 mpls lsr id 1 1 1 9 UPE1 mpls UPE1 mpls quit UP...

Страница 346: ...1 2 ip binding vpn instance vpn2 UPE1 GigabitEthernet4 1 2 ip address 10 4 1 2 24 UPE1 GigabitEthernet4 1 2 quit Configure UPE 1 to establish MP IBGP peer relationship with SPE 1 and to inject VPN ro...

Страница 347: ...le UPE2 ospf UPE2 ospf 1 area 0 UPE2 ospf 1 area 0 0 0 0 network 172 2 1 0 0 0 0 255 UPE2 ospf 1 area 0 0 0 0 network 4 4 4 9 0 0 0 0 UPE2 ospf 1 area 0 0 0 0 quit UPE2 ospf 1 quit Configure VPN insta...

Страница 348: ...CE3 interface GigabitEthernet 4 1 1 CE3 GigabitEthernet4 1 1 ip address 10 1 1 1 255 255 255 0 CE3 GigabitEthernet4 1 1 quit CE3 bgp 65430 CE3 bgp peer 10 1 1 2 as number 100 CE3 bgp import route dir...

Страница 349: ...vpn instance vpn2 route distinguisher 700 1 SPE1 vpn instance vpn2 vpn target 100 2 both SPE1 vpn instance vpn2 quit Configure SPE 1 to establish MP IBGP peer relationship with UPE 1 and to inject VPN...

Страница 350: ...SPE2 GigabitEthernet4 1 2 mpls ldp SPE2 GigabitEthernet4 1 2 quit Configure the IGP protocol OSPF for example SPE2 ospf SPE2 ospf 1 area 0 SPE2 ospf 1 area 0 0 0 0 network 3 3 3 9 0 0 0 0 SPE2 ospf 1...

Страница 351: ...icy hope permit node 0 SPE2 route policy if match ip prefix hope SPE2 route policy quit SPE2 bgp 100 SPE2 bgp ipv4 family vpnv4 SPE2 bgp af vpnv4 peer 4 4 4 9 upe route policy hope export Configuring...

Страница 352: ...ation Mask Proto Pre Cost NextHop Interface 20 1 1 0 24 Direct 0 0 20 1 1 1 POS2 1 2 20 1 1 1 32 Direct 0 0 127 0 0 1 InLoop0 20 1 1 2 32 Direct 0 0 20 1 1 2 POS2 1 2 30 1 1 0 24 OSPF 10 3124 20 1 1 2...

Страница 353: ...ldp quit PE2 interface POS 2 1 2 PE2 POS2 1 2 ip address 10 1 1 2 24 PE2 POS2 1 2 mpls PE2 POS2 1 2 mpls ldp PE2 POS2 1 2 quit Configure PE 2 to take PE 1 as the MP IBGP peer PE2 bgp 100 PE2 bgp peer...

Страница 354: ...1 ip binding vpn instance vpn1 PE2 GigabitEthernet4 1 1 ip address 120 1 1 2 24 PE2 GigabitEthernet4 1 1 quit PE2 ospf 100 vpn instance vpn1 PE2 ospf 100 domain id 10 PE2 ospf 100 area 1 PE2 ospf 100...

Страница 355: ...ckbone and that a route to the sham link destination address is present Take PE 1 as an example PE1 display ip routing table vpn instance vpn1 Routing Tables vpn1 Destinations 6 Routes 6 Destination M...

Страница 356: ...5 P 2 P 10 Issue the display ospf sham link area command You can see that the peer state is Full PE1 display ospf sham link area 1 OSPF Process 100 with Router ID 100 1 1 2 Sham Link 3 3 3 3 5 5 5 5...

Страница 357: ...by CE 1 to access PE 1 resides but has not learned the route to the VPN 100 1 1 0 24 behind CE 1 The situation on CE 1 is similar CE2 display ip routing table Routing Tables Public Destinations 8 Rou...

Страница 358: ...gin i IGP e EGP incomplete Network NextHop MED LocPrf PrefVal Path Ogn 10 1 1 0 24 10 2 1 2 0 100 10 1 1 1 32 10 2 1 2 0 100 10 2 1 0 24 10 2 1 2 0 0 100 10 2 1 1 32 10 2 1 2 0 0 100 2 Configure BGP A...

Страница 359: ...0 10 2 1 2 GE4 1 1 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 200 1 1 1 32 Direct 0 0 127 0 0 1 InLoop0 After configuring BGP AS substitution on PE 1 too the G...

Страница 360: ...packets on the service provider backbone Figure 85 shows the typical IPv6 MPLS L3VPN model At present the service provider backbone in the IPv6 MPLS L3VPN model is an IPv4 network IPv6 runs inside th...

Страница 361: ...ting information advertisement The IPv6 VPN routing information of a local CE is advertised to a remote peer PE in three steps 1 From the local CE to the ingress PE 2 From the ingress PE to the egress...

Страница 362: ...rier Multi VPN instance CE IPv6 MPLS L3VPN configuration task list Complete the following tasks to configure IPv6 MPLS L3VPN Task Remarks Configuring basic IPv6 MPLS L3VPN By configuring basic IPv6 MP...

Страница 363: ...utes but also routes of a VPN from those of another VPN This feature allows VPN instances to be used in networking scenarios besides MPLS L3VPNs All VPN instance configurations are performed on PEs or...

Страница 364: ...route advertisement is as follows When a VPN route learned from a CE gets redistributed into BGP BGP associates it with a VPN target extended community attribute list which is usually the export targ...

Страница 365: ...with a VPN instance Otherwise the device cannot filter the routes to be received and advertised Configuring a tunneling policy for a VPN instance To configure a tunneling policy for a VPN instance Ste...

Страница 366: ...VPN instance create an LDP instance for the VPN instance and configure LDP parameters for the LDP instance For LDP instance configuration information see the chapter Configuring MPLS L3VPN Configuring...

Страница 367: ...see Layer 3 IP Routing Configuration Guide Configuring OSPFv3 between PE and CE An OSPFv3 process belongs to the public network or a single VPN instance If you create an OSPF process without binding...

Страница 368: ...for the IS IS process on the interface isis ipv6 enable process id Disabled by default NOTE For more information about IPv6 IS IS see Layer 3 IP Routing Configuration Guide Configuring EBGP between PE...

Страница 369: ...an advertise them to the peer CE NOTE After an IPv6 BGP VPN instance is configured exchange of BGP routes for the VPN instance is the same as exchange of ordinary BGP routes The configuration commands...

Страница 370: ...default local preference value Optional 100 by default 7 Set the default value for the system MED default med med value Optional By default the default value of the system MED is 0 8 Configure a filt...

Страница 371: ...r id ip address Optional By default a route reflector uses its router ID as the cluster ID 19 Create an RR reflection policy rr filter extended community list number Optional NOTE For information abou...

Страница 372: ...ts configured on the PEs in different ASs do not have such requirements Configuring inter AS IPv6 VPN option C Configuring the PEs You need to establish ordinary IBGP peer relationships between PEs an...

Страница 373: ...edistribution between routing protocols to save system resources Configuration prerequisites Before you configure routing on an MCE complete the following tasks On the MCE configure VPN instances and...

Страница 374: ...enter RIPng view ripng process id vpn instance vpn instance name Perform this configuration on the MCE On a VPN site configure normal RIPng 3 Redistribute remote site routes advertised by the PE impor...

Страница 375: ...you create an IPv6 IS IS process without binding it to an IPv6 VPN instance the process belongs to the public network By configuring IPv6 IS IS process to IPv6 VPN instance bindings on a MCE you allo...

Страница 376: ...6 BGP VPN instance view ipv6 family vpn instance vpn instance name Required 4 Specify an IPv6 BGP peer in an AS peer ipv6 address as number as number Required 5 Redistribute remote site routes adverti...

Страница 377: ...n this section are configured on the MCE Configurations on the PE are similar to those on the PE in common IPv6 MPLS L3VPN network solutions see Configuring routing between PE and CE Configuring IPv6...

Страница 378: ...For more information about RIPng see Layer 3 IP Routing Configuration Guide Configuring OSPFv3 between MCE and PE To configure OSPFv3 between MCE and PE Step Command Remarks 1 Enter system view syste...

Страница 379: ...id allow ibgp cost cost level 1 level 1 2 level 2 route policy route policy name tag tag Optional By default IS IS does not redistribute routes of any other routing protocol If you do not specify the...

Страница 380: ...hin a VPN in the same way as it runs within a public network For more information about IPv6 BGP see Layer 3 IP Routing Configuration Guide Displaying and maintaining IPv6 MPLS L3VPN Resetting BGP con...

Страница 381: ...e verbose begin exclude include regular expression Available in any view Display information about IPv6 BGP peers established between the PE and CE in a VPN instance display bgp vpnv6 vpn instance vpn...

Страница 382: ...1 96 P Loop0 2 2 2 9 32 PE 1 Loop0 1 1 1 9 32 POS2 1 1 172 1 1 2 24 GE4 1 1 2001 1 2 96 POS2 1 2 172 2 1 1 24 GE4 1 2 2001 2 2 96 PE 2 Loop0 3 3 3 9 32 POS2 1 1 172 1 1 1 24 GE4 1 1 2001 3 2 96 CE 2...

Страница 383: ...pf 1 area 0 0 0 0 network 2 2 2 9 0 0 0 0 P ospf 1 area 0 0 0 0 quit P ospf 1 quit Configure PE 2 PE2 system view PE2 interface loopback 0 PE2 LoopBack0 ip address 3 3 3 9 32 PE2 LoopBack0 quit PE2 in...

Страница 384: ...OS2 1 1 s neighbors Router ID 172 1 1 2 Address 172 1 1 2 GR State Normal State Full Mode Nbr is Master Priority 1 DR None BDR None MTU 1500 Dead timer due in 38 sec Neighbor is up for 00 02 44 Authen...

Страница 385: ...rmation SN DestAddress Mask In OutLabel Next Hop In Out Interface 1 1 1 1 9 32 3 NULL 127 0 0 1 POS2 1 1 InLoop0 2 2 2 2 9 32 NULL 3 172 1 1 2 POS2 1 1 3 3 3 3 9 32 NULL 1024 172 1 1 2 POS2 1 1 A befo...

Страница 386: ...ot shown After completing the configurations issue the display ip vpn instance command on the PEs to view information about the VPN instances Use the ping command to test connectivity between the PEs...

Страница 387: ...NOTE The configurations for PE 2 are similar to those for PE 1 Details not shown After completing the configurations issue the display bgp vpnv6 vpn instance peer command on the PEs BGP peer relation...

Страница 388: ...nfigurations Issue the display ipv6 routing table vpn instance command on the PEs The output shows the routes to the CEs The following takes PE 1 as an example PE1 display ipv6 routing table vpn insta...

Страница 389: ...hop limit 64 time 1 ms 2001 3 1 ping statistics 5 packet s transmitted 5 packet s received 0 00 packet loss round trip min avg max 1 1 1 ms CE1 ping ipv6 2001 4 1 PING 2001 4 1 56 data bytes press CT...

Страница 390: ...s of a router is to be used as the router s LSR ID After you complete the configurations each ASBR PE and the PE in the same AS can establish an OSPF adjacency Issue the display ospf peer command and...

Страница 391: ...mpls lsr id 3 3 3 9 ASBR PE2 mpls ASBR PE2 mpls quit ASBR PE2 mpls ldp ASBR PE2 mpls ldp quit ASBR PE2 interface pos2 1 1 ASBR PE2 POS2 1 1 mpls ASBR PE2 POS2 1 1 mpls ldp ASBR PE2 POS2 1 1 quit Conf...

Страница 392: ...PE2 ip vpn instance vpn1 PE2 vpn instance vpn1 route distinguisher 200 2 PE2 vpn instance vpn1 vpn target 100 1 both PE2 vpn instance vpn1 quit PE2 interface GigabitEthernet 4 1 1 PE2 GigabitEthernet4...

Страница 393: ...pv6 family vpn instance vpn1 PE1 bgp ipv6 vpn1 peer 2001 1 1 as number 65001 PE1 bgp ipv6 vpn1 import route direct PE1 bgp ipv6 vpn1 quit PE1 bgp quit Configure CE 2 CE2 bgp 65002 CE1 bgp ipv6 family...

Страница 394: ...PE2 bgp 200 PE2 bgp peer 3 3 3 9 as number 200 PE2 bgp peer 3 3 3 9 connect interface loopback 0 PE2 bgp ipv6 family vpnv6 PE2 bgp af vpnv6 peer 3 3 3 9 enable PE2 bgp af vpnv6 quit PE2 bgp quit 6 Ver...

Страница 395: ...view PE1 isis 1 PE1 isis 1 network entity 10 111 111 111 111 00 PE1 isis 1 quit Configure an LSR ID and enable MPLS and LDP PE1 mpls lsr id 2 2 2 9 PE1 mpls PE1 mpls label advertise non null PE1 mpls...

Страница 396: ...gp peer 3 3 3 9 label route capability Configure the maximum hop count from PE 1 to EBGP peer 5 5 5 9 as 10 PE1 bgp peer 5 5 5 9 as number 600 PE1 bgp peer 5 5 5 9 connect interface loopback 0 PE1 bgp...

Страница 397: ...PE1 route policy2 quit Start BGP on ASBR PE 1 and redistribute routes from IS IS process 1 ASBR PE1 bgp 100 ASBR PE1 bgp import route isis 1 Apply routing policy policy2 to filter routes advertised to...

Страница 398: ...S4 1 2 mpls ASBR PE2 POS4 1 2 quit Create routing policies ASBR PE2 route policy policy1 permit node 1 ASBR PE2 route policy1 apply mpls label ASBR PE2 route policy1 quit ASBR PE2 route policy policy2...

Страница 399: ...S4 1 1 quit Configure interface Loopback 0 and start IS IS on it PE2 interface loopback 0 PE2 LoopBack0 ip address 5 5 5 9 32 PE2 LoopBack0 isis enable 1 PE2 LoopBack0 quit Create VPN instance vpn1 an...

Страница 400: ...ytes press CTRL_C to break Reply from 2001 1 1 bytes 56 Sequence 1 hop limit 64 time 1 ms Reply from 2001 1 1 bytes 56 Sequence 2 hop limit 64 time 1 ms Reply from 2001 1 1 bytes 56 Sequence 3 hop lim...

Страница 401: ...ers of the customer carrier The key to the carrier s carrier deployment is to configure exchange of two kinds of routes Exchange of the customer carrier s internal routes on the provider carrier s bac...

Страница 402: ...1 24 PE1 POS2 1 2 isis enable 1 PE1 POS2 1 2 mpls PE1 POS2 1 2 mpls ldp PE1 POS2 1 2 mpls ldp transport address interface PE1 POS2 1 2 quit PE1 bgp 100 PE1 bgp peer 4 4 4 9 as number 100 PE1 bgp peer...

Страница 403: ...rt IS IS as the IGP and enable LDP between PE 3 and CE 1 and between PE 4 and CE 2 Configure PE 3 PE3 system view PE3 interface loopback 0 PE3 LoopBack0 ip address 1 1 1 9 32 PE3 LoopBack0 quit PE3 mp...

Страница 404: ...for PE 3 and CE 1 Details not shown 3 Connect the customer carrier to the provider carrier Configure PE 1 PE1 ip vpn instance vpn1 PE1 vpn instance vpn1 route distinguisher 200 1 PE1 vpn instance vpn...

Страница 405: ...CE3 bgp ipv6 family CE3 bgp peer 2001 1 2 as number 100 CE3 bgp import route direct CE3 bgp quit Configure PE 3 PE3 ip vpn instance vpn1 PE3 vpn instance vpn1 route distinguisher 100 1 PE3 vpn instan...

Страница 406: ...uting table vpn instance command on PE 1 and PE 2 The output shows that the internal routes of the customer carrier network are present in the VPN routing tables Take PE 1 as an example PE1 display ip...

Страница 407: ...The output shows that the internal routes of the customer carrier network are present in the public network routing tables Take PE 3 as an example PE3 display ip routing table Routing Tables Public D...

Страница 408: ...a bytes press CTRL_C to break Reply from 2001 2 1 bytes 56 Sequence 1 hop limit 64 time 1 ms Reply from 2001 2 1 bytes 56 Sequence 2 hop limit 64 time 1 ms Reply from 2001 2 1 bytes 56 Sequence 3 hop...

Страница 409: ...warding 73 Configuring traffic forwarding tuning parameters 75 Configuring VPLS attributes 168 Creating MPLS TE tunnel over static CR LSP 58 D Displaying and maintaining IPv6 MPLS L3VPN 369 Displaying...

Страница 410: ...399 Troubleshooting MPLS TE 151 Troubleshooting VPLS 187 Tuning CR LSP setup 69 Tuning MPLS TE tunnel setup 71 V VPLS configuration examples 169 VPLS configuration task list 161 VPLS overview 153...

Отзывы:

Нет отзывов

Похожие инструкции для SR8800 10G

Бренд: Ubiquiti Страницы: 24

Express Ethernetwork DI-704P

Бренд: D-Link Страницы: 17

Бренд: D-Link Страницы: 11

Бренд: D-Link Страницы: 83

Бренд: D-Link Страницы: 129

Бренд: D-Link Страницы: 10

Бренд: D-Link Страницы: 21

Бренд: D-Link Страницы: 6

Бренд: D-Link Страницы: 17

Бренд: D-Link Страницы: 4

Бренд: D-Link Страницы: 6

Бренд: D-Link Страницы: 86

Бренд: D-Link Страницы: 3

Бренд: D-Link Страницы: 4

Бренд: D-Link Страницы: 4

DSL-3580L Series

Бренд: D-Link Страницы: 20

Бренд: D-Link Страницы: 64

Бренд: D-Link Страницы: 73

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды