华为运营商级路由器配置示例 | 配置OptionC方式跨域BGP AD VPLS示例
Posted 一个热爱编程的通信人
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了华为运营商级路由器配置示例 | 配置OptionC方式跨域BGP AD VPLS示例相关的知识,希望对你有一定的参考价值。
组网需求
如图1,CE1和CE2属于同一个VPLS,分别通过AS100内的PE1和AS200内的PE2接入骨干网。
当每个AS内有大量的跨域VPLS时,可以配置采用OptionC方式跨域BGP AD VPLS。在OptionC方式跨域BGP AD VPLS中,ASBR上不再维护VPLS标签块信息,而是PE之间直接交换VPLS标签块信息。
图1 配置OptionC方式跨域BGP AD VPLS组网图
配置思路
-
在骨干网上运行IGP协议,使同一个AS域内的各设备能互通。
-
在骨干网上使能MPLS,在PE与ASBR之间建立动态LSP隧道,并且在ASBR之间的接口上也要使能MPLS。
-
同一AS的PE和ASBR之间建立IBGP。
-
在各ASBR之间配置EBGP,在ASBR上需配置路由策略,使能标签路由功能。在PE1和PE2之间建立MP-EBGP对等体关系。
-
在PE1和PE2之间创建VSI实例,接入CE。
操作步骤
1.配置各设备接口的IP地址
# 配置CE1。
<HUAWEI> system-view
[~HUAWEI] sysname CE1
[*HUAWEI] commit
[~CE1] interface gigabitethernet 1/0/0.1
[*CE1-GigabitEthernet1/0/0.1] ip address 10.1.1.1 24
[*CE1-GigabitEthernet1/0/0.1] quit
[*CE1] commit# 配置PE1。
<HUAWEI> system-view
[~HUAWEI] sysname PE1
[*HUAWEI] commit
[~PE1] interface loopback1
[*PE1-Loopback1] ip address 1.1.1.1 32
[*PE1-Loopback1] quit
[*PE1] interface gigabitethernet 2/0/0
[*PE1-GigabitEthernet2/0/0] ip address 10.10.1.1 24
[*PE1-GigabitEthernet2/0/0] quit
[*PE1] commit# 配置ASBR1。
<HUAWEI> system-view
[~HUAWEI] sysname ASBR1
[*HUAWEI] commit
[~ASBR1] interface loopback1
[*ASBR1-Loopback1] ip address 2.2.2.2 32
[*ASBR1-Loopback1] quit
[*ASBR1] interface gigabitethernet 1/0/0
[*ASBR1-GigabitEthernet1/0/0] ip address 10.10.1.2 24
[*ASBR1-GigabitEthernet1/0/0] quit
[*ASBR1] interface gigabitethernet 2/0/0
[*ASBR1-GigabitEthernet2/0/0] ip address 10.20.1.1 24
[*ASBR1-GigabitEthernet2/0/0] quit
[*ASBR1] commit# 配置ASBR2。
<HUAWEI> system-view
[~HUAWEI] sysname ASBR2
[*HUAWEI] commit
[~ASBR2] interface loopback1
[*ASBR2-Loopback1] ip address 3.3.3.3 32
[*ASBR2-Loopback1] quit
[*ASBR2] interface gigabitethernet 1/0/0
[*ASBR2-GigabitEthernet1/0/0] ip address 10.20.1.2 24
[*ASBR2-GigabitEthernet1/0/0] quit
[*ASBR2] interface gigabitethernet 2/0/0
[*ASBR2-GigabitEthernet2/0/0] ip address 10.30.1.1 24
[*ASBR2-GigabitEthernet2/0/0] quit
[*ASBR2] commit# 配置PE2。
<HUAWEI> system-view
[~HUAWEI] sysname PE2
[*HUAWEI] commit
[~PE2] interface loopback1
[*PE2-Loopback1] ip address 4.4.4.4 32
[*PE2-Loopback1] quit
[*PE2] interface gigabitethernet 1/0/0
[*PE2-GigabitEthernet1/0/0] ip address 10.30.1.1 24
[*PE2-GigabitEthernet1/0/0] quit
[*PE2] commit# 配置CE2。
<HUAWEI> system-view
[~HUAWEI] sysname CE2
[*HUAWEI] commit
[*CE2] interface gigabitethernet 1/0/0.1
[*CE2-GigabitEthernet1/0/0.1] ip address 10.1.1.2 24
[*CE2-GigabitEthernet1/0/0.1] quit
[*CE2] commit2.配置骨干网的IGP协议
# 配置PE1。
[~PE1] ospf 1
[*PE1-ospf-1] area 0.0.0.0
[*PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[*PE1-ospf-1-area-0.0.0.0] network 10.10.1.0 0.0.0.255
[*PE1-ospf-1-area-0.0.0.0] quit
[*PE1-ospf-1] quit
[*PE1] commit# 配置ASBR1。
[~ASBR1] ospf 1
[*ASBR1-ospf-1] area 0.0.0.0
[*ASBR1-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[*ASBR1-ospf-1-area-0.0.0.0] network 10.10.1.0 0.0.0.255
[*ASBR1-ospf-1-area-0.0.0.0] quit
[*ASBR1-ospf-1] quit
[*ASBR1] commit# 配置ASBR2。
[*ASBR2] ospf 1
[*ASBR2-ospf-1] area 0.0.0.0
[*ASBR2-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0
[*ASBR2-ospf-1-area-0.0.0.0] network 10.30.1.0 0.0.0.255
[*ASBR2-ospf-1-area-0.0.0.0] quit
[*ASBR2-ospf-1] quit
[*ASBR2] commit# 配置PE2。
[~PE2] ospf 1
[*PE2-ospf-1] area 0.0.0.0
[*PE2-ospf-1-area-0.0.0.0] network 4.4.4.4 0.0.0.0
[*PE2-ospf-1-area-0.0.0.0] network 10.30.1.0 0.0.0.255
[*PE2-ospf-1-area-0.0.0.0] quit
[*PE2-ospf-1] quit
[*PE2] commit3.使能MPLS,建立LSP隧道
# 配置PE1。
[~PE1] mpls lsr-id 1.1.1.1
[*PE1] mpls
[*PE1-mpls] quit
[*PE1] mpls ldp
[*PE1-mpls-ldp] quit
[*PE1] interface gigabitethernet 2/0/0
[*PE1-GigabitEthernet2/0/0] mpls
[*PE1-GigabitEthernet2/0/0] mpls ldp
[*PE1-GigabitEthernet2/0/0] quit
[*PE1] commit# 配置ASBR1。
[*ASBR1] mpls lsr-id 2.2.2.2
[*ASBR1] mpls
[*ASBR1-mpls] quit
[*ASBR1] mpls ldp
[*ASBR1-mpls-ldp] quit
[*ASBR1] interface gigabitethernet 1/0/0
[*ASBR1-GigabitEthernet1/0/0] mpls
[*ASBR1-GigabitEthernet1/0/0] mpls ldp
[*ASBR1-GigabitEthernet1/0/0] quit
[*ASBR1] commit# 配置ASBR2。
[~ASBR2] mpls lsr-id 3.3.3.3
[*ASBR2] mpls
[*ASBR2-mpls] quit
[*ASBR2] mpls ldp
[*ASBR2-mpls-ldp] quit
[*ASBR2] interface gigabitethernet 2/0/0
[*ASBR2-GigabitEthernet2/0/0] mpls
[*ASBR2-GigabitEthernet2/0/0] mpls ldp
[*ASBR2-GigabitEthernet2/0/0] quit
[*ASBR2] commit# 配置PE2。
[~PE2] mpls lsr-id 4.4.4.4
[*PE2] mpls
[*PE2-mpls] quit
[*PE2] mpls ldp
[*PE2-mpls-ldp] quit
[*PE2] interface gigabitethernet 1/0/0
[*PE2-GigabitEthernet1/0/0] mpls
[*PE2-GigabitEthernet1/0/0] mpls ldp
[*PE2-GigabitEthernet1/0/0] quit
[*PE2] commit4.在ASBR上使能域间的MPLS功能
# 配置ASBR1。
[~ASBR1] interface gigabitethernet 2/0/0
[*ASBR1-GigabitEthernet2/0/0] mpls
[*ASBR1-GigabitEthernet2/0/0-mpls] quit
[*ASBR1] commit# 配置ASBR2。
[~ASBR2] interface gigabitethernet 1/0/0
[*ASBR2-GigabitEthernet1/0/0] mpls
[*ASBR2-GigabitEthernet1/0/0-mpls] quit
[*ASBR2] commit5.在PE1与ASBR1之间、PE2与ASBR2之间配置IBGP对等体,在ASBR1与ASBR2之间配置EBGP对等体,并在ASBR上配置路由策略,对于从本AS的PE接收的路由,在向对端ASBR发布时,分配MPLS标签。对于向本AS的PE发布的路由,如果是带标签的IPv4路由,为其重新分配MPLS标签。
# 配置PE1。
[~PE1] bgp 100
[*PE1-bgp] peer 2.2.2.2 as-number 100
[*PE1-bgp] peer 2.2.2.2 label-route-capability
[*PE1-bgp] peer 2.2.2.2 connect-interface LoopBack 1
[*PE1-bgp] quit
[*PE1] commit# 配置ASBR1。
[*ASBR1] route-policy policy1 permit node 1
[*ASBR1-route-policy] if-match mpls-label
[*ASBR1-route-policy] apply mpls-label
[*ASBR1-route-policy] quit
[*ASBR1] route-policy policy2 permit node 1
[*ASBR1-route-policy] apply mpls-label
[*ASBR1-route-policy] quit
[*ASBR1] bgp 100
[*ASBR1-bgp] network 1.1.1.1 255.255.255.255
[*ASBR1-bgp] peer 1.1.1.1 as-number 100
[*ASBR1-bgp] peer 1.1.1.1 route-policy policy1 export
[*ASBR1-bgp] peer 1.1.1.1 label-route-capability
[*ASBR1-bgp] peer 1.1.1.1 connect-interface loopback 1
[*ASBR1-bgp] peer 10.20.1.2 as-number 200
[*ASBR1-bgp] peer 10.20.1.2 route-policy policy2 export
[*ASBR1-bgp] peer 10.20.1.2 label-route-capability
[*ASBR1-bgp] peer 10.20.1.2 connect-interface gigabitethernet 2/0/0
[*ASBR1-bgp]quit
[*ASBR1]commit# 配置ASBR2。
[*ASBR2] route-policy policy1 permit node 1
[*ASBR2-route-policy] if-match mpls-label
[*ASBR2-route-policy] apply mpls-label
[*ASBR2-route-policy] quit
[*ASBR2] route-policy policy2 permit node 1
[*ASBR2-route-policy] apply mpls-label
[*ASBR2-route-policy] quit
[*ASBR2] bgp 200
[*ASBR2-bgp] network 4.4.4.4 255.255.255.255
[*ASBR2-bgp] peer 4.4.4.4 as-number 200
[*ASBR2-bgp] peer 4.4.4.4 route-policy policy1 export
[*ASBR2-bgp] peer 4.4.4.4 label-route-capability
[*ASBR2-bgp] peer 4.4.4.4 connect-interface loopback 1
[*ASBR2-bgp] peer 10.20.1.1 as-number 100
[*ASBR2-bgp] peer 10.20.1.1 route-policy policy2 export
[*ASBR2-bgp] peer 10.20.1.1 label-route-capability
[*ASBR2-bgp] peer 10.20.1.1 connect-interface gigabitethernet 1/0/0
[*ASBR2-bgp] quit
[*ASBR2] commit# 配置PE2。
[~PE2] bgp 200
[*PE2-bgp] peer 3.3.3.3 as-number 200
[*PE2-bgp] peer 3.3.3.3 label-route-capability
[*PE2-bgp] peer 3.3.3.3 connect-interface loopback 1
[*PE2-bgp] quit
[*PE2] commit在ASBR上执行display tunnel-info all命令,可发现创建了“mpls local ifnet”类型的隧道。以ASBR1的显示为例:
[~ASBR1] display tunnel-info all
Tunnel ID Type Destination Status
-----------------------------------------------------------------------------
0x0000000001004c6b42 ldp 1.1.1.1 UP
0x000000000c00030000 mpls local ifnet 10.20.1.2 UP 在PE上执行display tunnel-info all命令,可发现跨域隧道建立成功。以PE1的显示为例:
[~PE1] display tunnel-info all
Tunnel ID Type Destination Status
-----------------------------------------------------------------------------
0x0000000001004c6b42 ldp 2.2.2.2 UP
0x000000000201040000 bgp 4.4.4.4 UP6.PE1和PE2之间建立MP-EBGP对等体
# 配置PE1。
[~PE1] bgp 100
[*PE1-bgp] peer 4.4.4.4 as-number 200
[*PE1-bgp] peer 4.4.4.4 ebgp-max-hop 255
[*PE1-bgp] peer 4.4.4.4 connect-interface loopback 1
[*PE1-bgp] l2vpn-ad-family
[*PE1-bgp-af-l2vpn-ad] peer 4.4.4.4 enable
[*PE1-bgp-af-l2vpn-ad] quit
[*PE1-bgp] quit
[*PE1] commit# 配置PE2。
[~PE2] bgp 200
[*PE2-bgp] peer 1.1.1.1 as-number 100
[*PE2-bgp] peer 1.1.1.1 ebgp-max-hop 255
[*PE2-bgp] peer 1.1.1.1 connect-interface loopback 1
[*PE2-bgp] l2vpn-ad-family
[*PE2-bgp-af-l2vpn-ad] peer 1.1.1.1 enable
[*PE2-bgp-af-l2vpn-ad] quit
[*PE2-bgp] quit
[*PE2] commit完成此步配置,在PE上执行display bgp l2vpn-ad peer命令,可发现PE1与PE2之间的MP-EBGP对等体状态为“Established”。以PE1的显示为例:
[~PE1] display bgp l2vpn-ad peer
BGP local router ID : 10.10.1.1
Local AS number : 100
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
4.4.4.4 4 200 5 6 0 00:00:41 Established 07.PE上配置VSI实例,接入CE
# 配置PE1。
[~PE1] mpls l2vpn
[*PE1] quit
[*PE1] vsi vplsad1
[*PE1-vsi-vplsad1] bgp-ad
[*PE1-vsi-vplsad1-bgpad] vpls-id 100:1
[*PE1-vsi-vplsad1-bgpad] vpn-target 200:1 import-extcommunity
[*PE1-vsi-vplsad1-bgpad] vpn-target 200:1 export-extcommunity
[*PE1-vsi-vplsad1-bgpad] quit
[*PE1-vsi-vplsad1] quit
[*PE1] interface gigabitethernet1/0/0.1
[*PE1-GigabitEthernet1/0/0.1] vlan-type dot1q 10
[*PE1-GigabitEthernet1/0/0.1] l2 binding vsi vplsad1
[*PE1-GigabitEthernet1/0/0.1] quit
[*PE1] commit# 配置PE2。
[*PE2] mpls l2vpn
[*PE2] quit
[*PE2] vsi vplsad1
[*PE2-vsi-vplsad1] bgp-ad
[*PE2-vsi-vplsad1-bgpad] vpls-id 100:1
[*PE2-vsi-vplsad1-bgpad] vpn-target 200:1 import-extcommunity
[*PE2-vsi-vplsad1-bgpad] vpn-target 200:1 export-extcommunity
[*PE2-vsi-vplsad1-bgpad] quit
[*PE2-vsi-vplsad1] quit
[~PE2] interface gigabitethernet2/0/0.1
[*PE2-GigabitEthernet2/0/0.1] vlan-type dot1q 10
[*PE2-GigabitEthernet2/0/0.1] l2 binding vsi vplsad1
[*PE2-GigabitEthernet2/0/0.1] quit
[*PE2] commit# 配置CE1。
[~CE1] interface gigabitethernet1/0/0.1
[*CE1-GigabitEthernet1/0/0.1] vlan-type dot1q 10
[*CE1-GigabitEthernet1/0/0.1] quit
[*CE1] commit# 配置CE2。
[~CE2] interface gigabitethernet1/0/0.1
[*CE2-GigabitEthernet1/0/0.1] vlan-type dot1q 10
[*CE2-GigabitEthernet1/0/0.1] quit
[*CE2] commit完成此步骤后,在PE上查看VSI信息,可以看到VSI状态为up。到远端PE的PW状态也为Up。以PE1显示为例:
[~PE1] display vsi
Total VSI number is 1, 1 is up, 0 is down, 0 is LDP mode, 0 is BGP mode, 1 is BGPAD mode, 0 is mixed mode, 0 is unspecified mode
--------------------------------------------------------------------------
Vsi Mem PW Mac Encap Mtu Vsi
Name Disc Type Learn Type Value State
--------------------------------------------------------------------------
vplsad1 -- bgpad unqualify vlan 1500 up8.验证配置结果
完成上述配置后,CE1与CE2可以相互ping通。以CE1的显示为例:
[~CE1] ping 10.1.1.2
PING 10.1.1.2: 56 data bytes, press CTRL_C to break
Reply from 10.1.1.2: bytes=56 Sequence=1 ttl=255 time=19 ms
Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=3 ms
Reply from 10.1.1.2: bytes=56 Sequence=3 ttl=255 time=4 ms
Reply from 10.1.1.2: bytes=56 Sequence=4 ttl=255 time=3 ms
Reply from 10.1.1.2: bytes=56 Sequence=5 ttl=255 time=3 ms
--- 10.1.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 3/6/19 ms以上是关于华为运营商级路由器配置示例 | 配置OptionC方式跨域BGP AD VPLS示例的主要内容,如果未能解决你的问题,请参考以下文章
华为运营商级路由器配置示例 | 配置OptionC方式跨域BGP AD VPLS示例
华为运营商级路由器配置示例 | 配置动态VPWS接入VPLS示例