BGP MPLS Optionc配置
Posted 害怕网络暴力
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了BGP MPLS Optionc配置相关的知识,希望对你有一定的参考价值。
配置地址
CE1
[H3C]interface g0/2
[H3C-GigabitEthernet0/2]ip address 10.1.13.1 30
[H3C-GigabitEthernet0/2]qu
[H3C]interface LoopBack 0
[H3C-LoopBack0]ip address 172.16.255.1 32
[H3C-LoopBack0]qu
[H3C]sysname CE1
PE1
[H3C]sysname PE1
[PE1]in g0/2
[PE1-GigabitEthernet0/2]ip address 10.1.13.2 30
[PE1-GigabitEthernet0/2]qu
[PE1]int g0/0
[PE1-GigabitEthernet0/0]ip address 202.1.54.1 30
[PE1-GigabitEthernet0/0]qu
[PE1]interface LoopBack 0
[PE1-LoopBack0]ip address 1.1.1.1 32
P1
[H3C]sysname P1
[P1]int g0/1
[P1-GigabitEthernet0/1]ip address 202.1.54.2 30
[P1-GigabitEthernet0/1]in g0/0
[P1-GigabitEthernet0/0]ip address 202.1.34.1 30
[P1-GigabitEthernet0/0]qu
[P1]int LoopBack 0
[P1-LoopBack0]ip address 2.2.2.2 32
ASBR1
[H3C]sysname ASBR1
[ASBR1]int g0/0
[ASBR1-GigabitEthernet0/0]ip address 202.1.34.2 30
[ASBR1-GigabitEthernet0/0]in g0/1
[ASBR1-GigabitEthernet0/1]ip address 202.1.45.1 30
[ASBR1-GigabitEthernet0/1]qu
[ASBR1]interface LoopBack 0
[ASBR1-LoopBack0]ip address 3.3.3.3 32
ASBR2
[H3C]sysname ASBR2
[ASBR2]int g0/1
[ASBR2-GigabitEthernet0/1]ip address 202.1.45.2 30
[ASBR2-GigabitEthernet0/1]in g0/0
[ASBR2-GigabitEthernet0/0]ip address 202.1.56.1 30
[ASBR2-GigabitEthernet0/0]qu
[ASBR2]int LoopBack 0
[ASBR2-LoopBack0]ip address 4.4.4.4 32
P2
[H3C]sysname P2
[P2]int g0/0
[P2-GigabitEthernet0/0]ip address 202.1.56.2 30
[P2-GigabitEthernet0/0]int g0/1
[P2-GigabitEthernet0/1]ip address 202.1.70.1 30
[P2-GigabitEthernet0/1]qu
[P2]int LoopBack 0
[P2-LoopBack0]ip address 5.5.5.5 32
PE2
[H3C]in g0/1
[H3C-GigabitEthernet0/1]ip address 202.1.70.2 30
[H3C-GigabitEthernet0/1]in g0/2
[H3C-GigabitEthernet0/2]ip address 10.1.67.1 30
[H3C-GigabitEthernet0/2]qu
[H3C]interface LoopBack 0
[H3C-LoopBack0]ip address 6.6.6.6 32
[H3C-LoopBack0]qu
[H3C]sysname PE2
CE2
[H3C]in g0/0
[H3C-GigabitEthernet0/0]ip address 10.1.67.2 30
[H3C-GigabitEthernet0/0]qu
[H3C]interface LoopBack 0
[H3C-LoopBack0]ip address 172.16.255.8 32
[H3C-LoopBack0]qu
[H3C]sysname CE2
公网内部跑ospf让环回口互通
PE1
[PE1]ospf 1 router-id 1.1.1.1
[PE1-ospf-1]area 0
[PE1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[PE1-ospf-1-area-0.0.0.0]network 202.1.54.1 0.0.0.0
P1
[P1]ospf 1 router-id 2.2.2.2
[P1-ospf-1]area 0
[P1-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[P1-ospf-1-area-0.0.0.0]network 202.1.54.2 0.0.0.0
[P1-ospf-1-area-0.0.0.0]network 202.1.34.1 0.0.0.0
ASBR1
[ASBR1]ospf 1 router-id 3.3.3.3 0.0.0.0
[ASBR1-ospf-1]area 0
[ASBR1-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[ASBR1-ospf-1-area-0.0.0.0]network 202.1.34.2 0.0.0.0
ASBR2
[ASBR2]ospf 1 router-id 4.4.4.4
[ASBR2-ospf-1]a
[ASBR2-ospf-1]area 0
[ASBR2-ospf-1-area-0.0.0.0]network 202.1.56.1 0.0.0.0
[ASBR2-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0
P2
[P2]ospf 1 router-id 5.5.5.5
[P2-ospf-1]area 0
[P2-ospf-1-area-0.0.0.0]network 202.1.56.2 0.0.0.0
[P2-ospf-1-area-0.0.0.0]network 202.1.70.1 0.0.0.0
[P2-ospf-1-area-0.0.0.0]network 5.5.5.5 0.0.0.0
PE2
[PE2]ospf 1 router-id 6.6.6.6
[PE2-ospf-1]area 0
[PE2-ospf-1-area-0.0.0.0]network 202.1.70.2 0.0.0.0
[PE2-ospf-1-area-0.0.0.0]network 6.6.6.6 0.0.0.0
使能标签能力,ASBR之间没有ldp标签,不需要配置ldp
PE1
[PE1]mpls lsr-id 1.1.1.1
[PE1]mpls ldp
[PE1-ldp]qu
[PE1]in g0/0
[PE1-GigabitEthernet0/0]mpls ldp enable
[PE1-GigabitEthernet0/0]mpls enable
P1
[P1]mpls lsr-id 2.2.2.2
[P1]mpls ldp
[P1-ldp]qu
[P1]interface range g0/1 g0/0
[P1-if-range]mpls ldp enable
[P1-if-range]mpls enable
ASBR1
[ASBR1]mpls lsr-id 3.3.3.3
[ASBR1]mpls ldp
[ASBR1-ldp]qu
[ASBR1]interface g0/0
[ASBR1-GigabitEthernet0/0]mpls enable
[ASBR1-GigabitEthernet0/0]mpls ldp enable
[ASBR1-GigabitEthernet0/0]qu
[ASBR1]in g0/1
[ASBR1-GigabitEthernet0/1]mpls enable
[ASBR1-GigabitEthernet0/1]qu
ASBR2
[ASBR2]mpls lsr-id 4.4.4.4
[ASBR2]mpls ldp
[ASBR2-ldp]qu
[ASBR2]in g0/1
[ASBR2-GigabitEthernet0/1]mpls enable
[ASBR2-GigabitEthernet0/1]in g0/0
[ASBR2-GigabitEthernet0/0]mpls ldp enable
[ASBR2-GigabitEthernet0/0]mpls enable
P2
[P2]mpls lsr-id 5.5.5.5
[P2]mpls ldp
[P2-ldp]qu
[P2]interface range g0/0 g0/1
[P2-if-range]mpls ldp enable
[P2-if-range]mpls enable
PE2
[PE2]mpls lsr-id 6.6.6.6
[PE2]mpls ldp
[PE2-ldp]qu
[PE2]in g0/1
[PE2-GigabitEthernet0/1]mpls enable
[PE2-GigabitEthernet0/1]mpls ldp enable
1.1.1.1.1和6.6.6.6建立vpnv4bgp邻居
2.1.1.1.1和3.3.3.3建立ipv4邻居
3. 3.3.3.3和4.4.4.4建立ipv4-ebgp邻居
PE1
[PE1]bgp 65001
[PE1-bgp-default]router-id 1.1.1.1
[PE1-bgp-default]peer 3.3.3.3 as-number 65001
[PE1-bgp-default]peer 3.3.3.3 connect-interface LoopBack 0
[PE1-bgp-default]peer 6.6.6.6 as-number 65002
[PE1-bgp-default]peer 6.6.6.6 connect-interface LoopBack 0
[PE1-bgp-default]peer 6.6.6.6 ebgp-max-hop 5
[PE1-bgp-default]address-family ipv4
[PE1-bgp-default-ipv4]peer 3.3.3.3 next-hop-local
[PE1-bgp-default-ipv4]peer 3.3.3.3 enable
[PE1-bgp-default-ipv4]qu
[PE1-bgp-default]address-family vpnv4
[PE1-bgp-default-vpnv4]peer 6.6.6.6 enable
ASBR1
[ASBR1]bgp 65001
[ASBR1-bgp-default]router-id 3.3.3.3
[ASBR1-bgp-default]peer 1.1.1.1 as-number 65001
[ASBR1-bgp-default]peer 1.1.1.1 connect-interface LoopBack 0
[ASBR1-bgp-default]peer 202.1.45.2 as-number 65002
[ASBR1-bgp-default]address-family ipv4
[ASBR1-bgp-default-ipv4]network 1.1.1.1 32
[ASBR1-bgp-default-ipv4]peer 1.1.1.1 enable
[ASBR1-bgp-default-ipv4]peer 202.1.45.2 enable
[ASBR1-bgp-default-ipv4]peer 1.1.1.1 next-hop-local
ASBR2
[ASBR2]bgp 65002
[ASBR2-bgp-default]router-id 4.4.4.4
[ASBR2-bgp-default]peer 202.1.45.1 as-number 65001
[ASBR2-bgp-default]peer 6.6.6.6 as-number 65002
[ASBR2-bgp-default]peer 6.6.6.6 connect-interface LoopBack 0
[ASBR2-bgp-default]address-family ipv4
[ASBR2-bgp-default-ipv4]network 6.6.6.6 32
[ASBR2-bgp-default-ipv4]peer 202.1.45.1 enable
[ASBR2-bgp-default-ipv4]peer 6.6.6.6 enable
[ASBR2-bgp-default-ipv4]peer 6.6.6.6 next-hop-local
PE2
[PE2]bgp 65002
[PE2-bgp-default]router-id 6.6.6.6
[PE2-bgp-default]peer 1.1.1.1 as-number 65001
[PE2-bgp-default]peer 1.1.1.1 connect-interface LoopBack 0
[PE2-bgp-default]peer 1.1.1.1 ebgp-max-hop 5
[PE2-bgp-default]peer 4.4.4.4 as-number 65002
[PE2-bgp-default]peer 4.4.4.4 connect-interface LoopBack 0
[PE2-bgp-default]address-family vpnv4
[PE2-bgp-default-vpnv4]peer 1.1.1.1 enable
[PE2-bgp-default-vpnv4]qu
[PE2-bgp-default]address-family ipv4
[PE2-bgp-default-ipv4]peer 4.4.4.4 enable
互相使能标签能力,mpbgp之间不用
PE1
[PE1]bgp 65001
[PE1-bgp-default]address-family ipv4
[PE1-bgp-default-ipv4]peer 3.3.3.3 label-route-capability
ASBR1
[ASBR1]bgp 65001
[ASBR1-bgp-default]address-family ipv4
[ASBR1-bgp-default-ipv4]peer 1.1.1.1 label-route-capability
[ASBR1-bgp-default-ipv4]peer 202.1.45.2 label-route-capability
ASBR2
[ASBR2]bgp 65002
[ASBR2-bgp-default]address-family ipv4
[ASBR2-bgp-default-ipv4]peer 202.1.45.1 label-route-capability
[ASBR2-bgp-default-ipv4]peer 6.6.6.6 label-route-capability
PE2
[PE2]bgp 65002
[PE2-bgp-default]address-family ipv4
[PE2-bgp-default-ipv4]peer 4.4.4.4 label-route-capability
ASBR上做路由策略,向内向外都要使能标签能力
ASBR1
[ASBR1]route-policy bgp-mpls-L permit node 10
Routing policy node created.
[ASBR1-route-policy-bgp-mpls-L-10]if-match mpls-label
[ASBR1-route-policy-bgp-mpls-L-10]apply mpls-label
[ASBR1-route-policy-bgp-mpls-L-10]qu
[ASBR1]route-policy bgp-mpls-R permit node 10
Routing policy node created.
[ASBR1-route-policy-bgp-mpls-R-10]apply mpls-label
[ASBR1-route-policy-bgp-mpls-R-10]qu
[ASBR1]bgp 65001
[ASBR1-bgp-default]address-family ipv4
[ASBR1-bgp-default-ipv4]peer 1.1.1.1 route-policy bgp-mpls-L export
[ASBR1-bgp-default-ipv4]peer 202.1.45.2 route-policy bgp-mpls-R export
ASBR2
[ASBR2]route-policy bgp-mpls-L permit node 10
Routing policy node created.
[ASBR2-route-policy-bgp-mpls-L-10]if-match mpls-label
[ASBR2-route-policy-bgp-mpls-L-10]apply mpls-label
[ASBR2-route-policy-bgp-mpls-L-10]qu
[ASBR2]route-policy bgp-mpls-R permit node 10
Routing policy node created.
[ASBR2-route-policy-bgp-mpls-R-10]apply mpls-label
[ASBR2-route-policy-bgp-mpls-R-10]qu
[ASBR2]bgp 65002
[ASBR2-bgp-default]address-family ipv4
[ASBR2-bgp-default-ipv4]peer 202.1.45.1 route-policy bgp-mpls-R export
[ASBR2-bgp-default-ipv4]peer 6.6.6.6 route-policy bgp-mpls-L export
划分VPN 实例并在接口绑定
PE1
[PE1]ip vpn-instance vpn1
[PE1-vpn-instance-vpn1]route-distinguisher 100:1
[PE1-vpn-instance-vpn1]vpn-target 100:1
[PE1]in g0/2
[PE1-GigabitEthernet0/2]ip binding vpn-instance vpn1
Some configurations on the interface are removed.
[PE1-GigabitEthernet0/2]ip address 10.1.13.2 30
PE2
[PE2]ip vpn-instance vpn1
[PE2-vpn-instance-vpn1]route-distinguisher 100:1
[PE2-vpn-instance-vpn1]vpn-target 100:1
[PE2-vpn-instance-vpn1]qu
[PE2]in g0/2
[PE2-GigabitEthernet0/2]ip binding vpn-instance vpn1
Some configurations on the interface are removed.
[PE2-GigabitEthernet0/2]ip address 10.1.67.1 255.255.255.252
PE和CE之间运行路由协议
PE1
[PE1]bgp 65001
[PE1-bgp-default]ip vpn-instance vpn1
[PE1-bgp-default-vpn1]peer 10.1.13.1 as-number 100
[PE1-bgp-default-vpn1]address-family ipv4
[PE1-bgp-default-ipv4-vpn1]peer 10.1.13.1 enable
CE1
[CE1]bgp 100
[CE1-bgp-default]peer 10.1.13.2 as-number 65001
[CE1-bgp-default]address-family ipv4
[CE1-bgp-default-ipv4]network 172.16.255.1 32
[CE1-bgp-default-ipv4]peer 10.1.13.2 enable
PE2
[PE2]ospf 2 vpn-instance v
[PE2]ospf 2 vpn-instance vpn1
[PE2-ospf-2]area 0
[PE2-ospf-2-area-0.0.0.0]network 10.1.67.1 0.0.0.0
CE2
[CE2]ospf 2
[CE2-ospf-2]area 0
[CE2-ospf-2-area-0.0.0.0]network 10.1.67.2 0.0.0.0
[CE2-ospf-2-area-0.0.0.0]network 172.16.255.8 0.0.0.0
路由互引
PE2
[PE2]ospf 2
[PE2-ospf-2]import-route bgp 65002
[PE2-ospf-2]qu
[PE2]bgp 65002
[PE2-bgp-default]ip vpn-instance vpn1
[PE2-bgp-default-vpn1]address-family ipv4
[PE2-bgp-default-ipv4-vpn1]import-route ospf 2
测试
以上是关于BGP MPLS Optionc配置的主要内容,如果未能解决你的问题,请参考以下文章
华为运营商级路由器配置示例 | 配置OptionC方式跨域BGP VPLS示例