355
[PE1] ip route-static vpn-instance vpn2 100.1.1.0 24 vpn-instance vpn1 1.1.1.2
[PE1] bgp 100
[PE1-bgp] ipv4-family vpn-instance vpn2
[PE1-bgp-vpn2] import-route static
[PE1-bgp-vpn2] quit
[PE1-bgp] quit
# Configure a routing policy, allowing packets from Host A that have no routes in the native VPN
instance to be forwarded along private network routes in VPN instance vpn2.
[PE1] acl number 3001
[PE1-acl-adv-3001] rule 0 permit ip vpn-instance vpn1 source 100.1.1.2 0
[PE1-acl-adv-3001] quit
[PE1] policy-based-route policy1 permit node 10
[PE1-policy-based-route] if-match acl 3001
[PE1-policy-based-route] apply access-vpn vpn-instance vpn1 vpn2
[PE1-policy-based-route] quit
# Apply the defined routing policy to interface Serial 2/1/2.
[PE1] interface serial 2/1/2
[PE1-Serial2/1/2] ip policy-based-route policy1
The other configurations are similar to the basic ones for MPLS L3VPN.
Configuring HoVPN
Network requirements
There are two levels of networks, the backbone and the MPLS VPN networks, as shown in
•
SPEs act as PEs to allow MPLS VPNs to access the backbone.
•
UPEs act as PEs of the MPLS VPNs to allow end users to access the VPNs.
•
Performance requirements for the UPEs are lower than those for the SPEs.
•
SPEs advertise routes permitted by the routing policies to UPEs, permitting CE 1 and CE 3 in
VPN 1 to communicate with each other and forbidding CE 2 and CE 4 in VPN 2 to communicate
with each other.
Figure 96 Network diagram
Device
Interface
IP address
Device
Interface
IP address
SPE 1
SPE 2
UPE 1
UPE 2
CE 1
CE 2
CE 3
CE 4
GE2/1/2
GE2/1/1
Loop0
Loop0
AS 65410
AS 65420
AS 65430
AS 65440
GE2/1/1
GE2/1/1
GE2/1/2
GE2/1/3
Loop0
Loop0
GE2/1/2
GE2/1/1
GE2/1/1
GE2/1/1
GE2/1/3
GE2/1/1
GE2/1/1
GE2/1/2
VPN 1
VPN 1
VPN 2
VPN 2
AS 100