华为的MPLS/VPM/BGP和思科的配置一样吗
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了华为的MPLS/VPM/BGP和思科的配置一样吗相关的知识,希望对你有一定的参考价值。
配置思路一致,命令格式不一致。对于一个mpls单域,配置思路如下:
1、配置各路由器接口ip及IGP路由选择协议,保证as内网络通畅;这是标签生成的基础;
2、配置mpls和ldp,ldp根据igp路由表生成标签;同时在相关接口运行mpls和ldp;
3、配置vpn实例(即VRF),包括RD,RT,并绑定到接用户的接口,
4、运行bgp协议,同时PE(接用户设备的路由器)之间运行MP-IBGP协议,据此协议,相互生成vpn站点的私网标签(即内层标签或vpnv4标签)。
用户的路由信息发给PE,PE通过MP-IBGP将路由变为VPNV4路由(加上rd,同时携带RT属性),和vpnv4标签一起发给远端PE,远端PE根据RT判断此路由应归属于哪个VPN,去掉RD,将路由和vpnv4标签一起纳入对应vpn。
报文转发过程是:远端PE接到用户数据后,首先打上vpnv4标签,然后再打上mpls标签,通过lsp通道一直送到PE,PE收到后,根据vpnv4标签,将数据导入对应vpn。
从路由控制层面来说,是RT来区分不同vpn。
从报文转发层面来说,是vpnv4标签来区分不同vpn。
若涉及到多个mpls域,还有OPTION-A/B/C三种解决方案,还要使用MP-EBGP和BGP4+协议。
写了这么多,给追加点分吧,兄弟。 参考技术A 两者的命令格式有点不一样。但是配置的思路和逻辑都是一样的,这是MPLS VPN是有国际标准。并不是私有协议,不够,某些特别的功能就2这多少有的不一样。例如我记得cisco就有自己的标签分发协议。思路如下:
首先,MPLS核心域内,启用IGP和MPLS,标签是根据IGP路由表分发的。然后,配置MP-BGP,这是用于内层标签,也就是用于VPN那层的标签。另外根据不同的VRF来区别一同的VPN,这样能使地址可以复用。当然,所有还要启用决定标签分发协议,例如LDP等。
其实思路就是,首先LDP(或者其他标签分发协议)根据MP-BGP的路由,来分发用于VPN的内层标签,而不同VPN之间可能都用同一网段,是根据不同VRF来区分的。然后有了一层标签的数据包进入MPLS核心交换域后,根据MPLS域中的IGP再次分发一层标签。
大概就是这样,因为我很久没配过了,可能有所遗漏,但是基本思路大概就是我说的。 参考技术B 配置的思路和逻辑都是一样,但是命令有点不一样的....
BGP MPLS Optionc配置
配置地址
CE1
[H3C]interface g0/2
[H3C-GigabitEthernet0/2]ip address 10.1.13.1 30
[H3C-GigabitEthernet0/2]qu
[H3C]interface LoopBack 0
[H3C-LoopBack0]ip address 172.16.255.1 32
[H3C-LoopBack0]qu
[H3C]sysname CE1
PE1
[H3C]sysname PE1
[PE1]in g0/2
[PE1-GigabitEthernet0/2]ip address 10.1.13.2 30
[PE1-GigabitEthernet0/2]qu
[PE1]int g0/0
[PE1-GigabitEthernet0/0]ip address 202.1.54.1 30
[PE1-GigabitEthernet0/0]qu
[PE1]interface LoopBack 0
[PE1-LoopBack0]ip address 1.1.1.1 32
P1
[H3C]sysname P1
[P1]int g0/1
[P1-GigabitEthernet0/1]ip address 202.1.54.2 30
[P1-GigabitEthernet0/1]in g0/0
[P1-GigabitEthernet0/0]ip address 202.1.34.1 30
[P1-GigabitEthernet0/0]qu
[P1]int LoopBack 0
[P1-LoopBack0]ip address 2.2.2.2 32
ASBR1
[H3C]sysname ASBR1
[ASBR1]int g0/0
[ASBR1-GigabitEthernet0/0]ip address 202.1.34.2 30
[ASBR1-GigabitEthernet0/0]in g0/1
[ASBR1-GigabitEthernet0/1]ip address 202.1.45.1 30
[ASBR1-GigabitEthernet0/1]qu
[ASBR1]interface LoopBack 0
[ASBR1-LoopBack0]ip address 3.3.3.3 32
ASBR2
[H3C]sysname ASBR2
[ASBR2]int g0/1
[ASBR2-GigabitEthernet0/1]ip address 202.1.45.2 30
[ASBR2-GigabitEthernet0/1]in g0/0
[ASBR2-GigabitEthernet0/0]ip address 202.1.56.1 30
[ASBR2-GigabitEthernet0/0]qu
[ASBR2]int LoopBack 0
[ASBR2-LoopBack0]ip address 4.4.4.4 32
P2
[H3C]sysname P2
[P2]int g0/0
[P2-GigabitEthernet0/0]ip address 202.1.56.2 30
[P2-GigabitEthernet0/0]int g0/1
[P2-GigabitEthernet0/1]ip address 202.1.70.1 30
[P2-GigabitEthernet0/1]qu
[P2]int LoopBack 0
[P2-LoopBack0]ip address 5.5.5.5 32
PE2
[H3C]in g0/1
[H3C-GigabitEthernet0/1]ip address 202.1.70.2 30
[H3C-GigabitEthernet0/1]in g0/2
[H3C-GigabitEthernet0/2]ip address 10.1.67.1 30
[H3C-GigabitEthernet0/2]qu
[H3C]interface LoopBack 0
[H3C-LoopBack0]ip address 6.6.6.6 32
[H3C-LoopBack0]qu
[H3C]sysname PE2
CE2
[H3C]in g0/0
[H3C-GigabitEthernet0/0]ip address 10.1.67.2 30
[H3C-GigabitEthernet0/0]qu
[H3C]interface LoopBack 0
[H3C-LoopBack0]ip address 172.16.255.8 32
[H3C-LoopBack0]qu
[H3C]sysname CE2
公网内部跑ospf让环回口互通
PE1
[PE1]ospf 1 router-id 1.1.1.1
[PE1-ospf-1]area 0
[PE1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[PE1-ospf-1-area-0.0.0.0]network 202.1.54.1 0.0.0.0
P1
[P1]ospf 1 router-id 2.2.2.2
[P1-ospf-1]area 0
[P1-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[P1-ospf-1-area-0.0.0.0]network 202.1.54.2 0.0.0.0
[P1-ospf-1-area-0.0.0.0]network 202.1.34.1 0.0.0.0
ASBR1
[ASBR1]ospf 1 router-id 3.3.3.3 0.0.0.0
[ASBR1-ospf-1]area 0
[ASBR1-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[ASBR1-ospf-1-area-0.0.0.0]network 202.1.34.2 0.0.0.0
ASBR2
[ASBR2]ospf 1 router-id 4.4.4.4
[ASBR2-ospf-1]a
[ASBR2-ospf-1]area 0
[ASBR2-ospf-1-area-0.0.0.0]network 202.1.56.1 0.0.0.0
[ASBR2-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0
P2
[P2]ospf 1 router-id 5.5.5.5
[P2-ospf-1]area 0
[P2-ospf-1-area-0.0.0.0]network 202.1.56.2 0.0.0.0
[P2-ospf-1-area-0.0.0.0]network 202.1.70.1 0.0.0.0
[P2-ospf-1-area-0.0.0.0]network 5.5.5.5 0.0.0.0
PE2
[PE2]ospf 1 router-id 6.6.6.6
[PE2-ospf-1]area 0
[PE2-ospf-1-area-0.0.0.0]network 202.1.70.2 0.0.0.0
[PE2-ospf-1-area-0.0.0.0]network 6.6.6.6 0.0.0.0
使能标签能力,ASBR之间没有ldp标签,不需要配置ldp
PE1
[PE1]mpls lsr-id 1.1.1.1
[PE1]mpls ldp
[PE1-ldp]qu
[PE1]in g0/0
[PE1-GigabitEthernet0/0]mpls ldp enable
[PE1-GigabitEthernet0/0]mpls enable
P1
[P1]mpls lsr-id 2.2.2.2
[P1]mpls ldp
[P1-ldp]qu
[P1]interface range g0/1 g0/0
[P1-if-range]mpls ldp enable
[P1-if-range]mpls enable
ASBR1
[ASBR1]mpls lsr-id 3.3.3.3
[ASBR1]mpls ldp
[ASBR1-ldp]qu
[ASBR1]interface g0/0
[ASBR1-GigabitEthernet0/0]mpls enable
[ASBR1-GigabitEthernet0/0]mpls ldp enable
[ASBR1-GigabitEthernet0/0]qu
[ASBR1]in g0/1
[ASBR1-GigabitEthernet0/1]mpls enable
[ASBR1-GigabitEthernet0/1]qu
ASBR2
[ASBR2]mpls lsr-id 4.4.4.4
[ASBR2]mpls ldp
[ASBR2-ldp]qu
[ASBR2]in g0/1
[ASBR2-GigabitEthernet0/1]mpls enable
[ASBR2-GigabitEthernet0/1]in g0/0
[ASBR2-GigabitEthernet0/0]mpls ldp enable
[ASBR2-GigabitEthernet0/0]mpls enable
P2
[P2]mpls lsr-id 5.5.5.5
[P2]mpls ldp
[P2-ldp]qu
[P2]interface range g0/0 g0/1
[P2-if-range]mpls ldp enable
[P2-if-range]mpls enable
PE2
[PE2]mpls lsr-id 6.6.6.6
[PE2]mpls ldp
[PE2-ldp]qu
[PE2]in g0/1
[PE2-GigabitEthernet0/1]mpls enable
[PE2-GigabitEthernet0/1]mpls ldp enable
1.1.1.1.1和6.6.6.6建立vpnv4bgp邻居
2.1.1.1.1和3.3.3.3建立ipv4邻居
3. 3.3.3.3和4.4.4.4建立ipv4-ebgp邻居
PE1
[PE1]bgp 65001
[PE1-bgp-default]router-id 1.1.1.1
[PE1-bgp-default]peer 3.3.3.3 as-number 65001
[PE1-bgp-default]peer 3.3.3.3 connect-interface LoopBack 0
[PE1-bgp-default]peer 6.6.6.6 as-number 65002
[PE1-bgp-default]peer 6.6.6.6 connect-interface LoopBack 0
[PE1-bgp-default]peer 6.6.6.6 ebgp-max-hop 5
[PE1-bgp-default]address-family ipv4
[PE1-bgp-default-ipv4]peer 3.3.3.3 next-hop-local
[PE1-bgp-default-ipv4]peer 3.3.3.3 enable
[PE1-bgp-default-ipv4]qu
[PE1-bgp-default]address-family vpnv4
[PE1-bgp-default-vpnv4]peer 6.6.6.6 enable
ASBR1
[ASBR1]bgp 65001
[ASBR1-bgp-default]router-id 3.3.3.3
[ASBR1-bgp-default]peer 1.1.1.1 as-number 65001
[ASBR1-bgp-default]peer 1.1.1.1 connect-interface LoopBack 0
[ASBR1-bgp-default]peer 202.1.45.2 as-number 65002
[ASBR1-bgp-default]address-family ipv4
[ASBR1-bgp-default-ipv4]network 1.1.1.1 32
[ASBR1-bgp-default-ipv4]peer 1.1.1.1 enable
[ASBR1-bgp-default-ipv4]peer 202.1.45.2 enable
[ASBR1-bgp-default-ipv4]peer 1.1.1.1 next-hop-local
ASBR2
[ASBR2]bgp 65002
[ASBR2-bgp-default]router-id 4.4.4.4
[ASBR2-bgp-default]peer 202.1.45.1 as-number 65001
[ASBR2-bgp-default]peer 6.6.6.6 as-number 65002
[ASBR2-bgp-default]peer 6.6.6.6 connect-interface LoopBack 0
[ASBR2-bgp-default]address-family ipv4
[ASBR2-bgp-default-ipv4]network 6.6.6.6 32
[ASBR2-bgp-default-ipv4]peer 202.1.45.1 enable
[ASBR2-bgp-default-ipv4]peer 6.6.6.6 enable
[ASBR2-bgp-default-ipv4]peer 6.6.6.6 next-hop-local
PE2
[PE2]bgp 65002
[PE2-bgp-default]router-id 6.6.6.6
[PE2-bgp-default]peer 1.1.1.1 as-number 65001
[PE2-bgp-default]peer 1.1.1.1 connect-interface LoopBack 0
[PE2-bgp-default]peer 1.1.1.1 ebgp-max-hop 5
[PE2-bgp-default]peer 4.4.4.4 as-number 65002
[PE2-bgp-default]peer 4.4.4.4 connect-interface LoopBack 0
[PE2-bgp-default]address-family vpnv4
[PE2-bgp-default-vpnv4]peer 1.1.1.1 enable
[PE2-bgp-default-vpnv4]qu
[PE2-bgp-default]address-family ipv4
[PE2-bgp-default-ipv4]peer 4.4.4.4 enable
互相使能标签能力,mpbgp之间不用
PE1
[PE1]bgp 65001
[PE1-bgp-default]address-family ipv4
[PE1-bgp-default-ipv4]peer 3.3.3.3 label-route-capability
ASBR1
[ASBR1]bgp 65001
[ASBR1-bgp-default]address-family ipv4
[ASBR1-bgp-default-ipv4]peer 1.1.1.1 label-route-capability
[ASBR1-bgp-default-ipv4]peer 202.1.45.2 label-route-capability
ASBR2
[ASBR2]bgp 65002
[ASBR2-bgp-default]address-family ipv4
[ASBR2-bgp-default-ipv4]peer 202.1.45.1 label-route-capability
[ASBR2-bgp-default-ipv4]peer 6.6.6.6 label-route-capability
PE2
[PE2]bgp 65002
[PE2-bgp-default]address-family ipv4
[PE2-bgp-default-ipv4]peer 4.4.4.4 label-route-capability
ASBR上做路由策略,向内向外都要使能标签能力
ASBR1
[ASBR1]route-policy bgp-mpls-L permit node 10
Routing policy node created.
[ASBR1-route-policy-bgp-mpls-L-10]if-match mpls-label
[ASBR1-route-policy-bgp-mpls-L-10]apply mpls-label
[ASBR1-route-policy-bgp-mpls-L-10]qu
[ASBR1]route-policy bgp-mpls-R permit node 10
Routing policy node created.
[ASBR1-route-policy-bgp-mpls-R-10]apply mpls-label
[ASBR1-route-policy-bgp-mpls-R-10]qu
[ASBR1]bgp 65001
[ASBR1-bgp-default]address-family ipv4
[ASBR1-bgp-default-ipv4]peer 1.1.1.1 route-policy bgp-mpls-L export
[ASBR1-bgp-default-ipv4]peer 202.1.45.2 route-policy bgp-mpls-R export
ASBR2
[ASBR2]route-policy bgp-mpls-L permit node 10
Routing policy node created.
[ASBR2-route-policy-bgp-mpls-L-10]if-match mpls-label
[ASBR2-route-policy-bgp-mpls-L-10]apply mpls-label
[ASBR2-route-policy-bgp-mpls-L-10]qu
[ASBR2]route-policy bgp-mpls-R permit node 10
Routing policy node created.
[ASBR2-route-policy-bgp-mpls-R-10]apply mpls-label
[ASBR2-route-policy-bgp-mpls-R-10]qu
[ASBR2]bgp 65002
[ASBR2-bgp-default]address-family ipv4
[ASBR2-bgp-default-ipv4]peer 202.1.45.1 route-policy bgp-mpls-R export
[ASBR2-bgp-default-ipv4]peer 6.6.6.6 route-policy bgp-mpls-L export
划分VPN 实例并在接口绑定
PE1
[PE1]ip vpn-instance vpn1
[PE1-vpn-instance-vpn1]route-distinguisher 100:1
[PE1-vpn-instance-vpn1]vpn-target 100:1
[PE1]in g0/2
[PE1-GigabitEthernet0/2]ip binding vpn-instance vpn1
Some configurations on the interface are removed.
[PE1-GigabitEthernet0/2]ip address 10.1.13.2 30
PE2
[PE2]ip vpn-instance vpn1
[PE2-vpn-instance-vpn1]route-distinguisher 100:1
[PE2-vpn-instance-vpn1]vpn-target 100:1
[PE2-vpn-instance-vpn1]qu
[PE2]in g0/2
[PE2-GigabitEthernet0/2]ip binding vpn-instance vpn1
Some configurations on the interface are removed.
[PE2-GigabitEthernet0/2]ip address 10.1.67.1 255.255.255.252
PE和CE之间运行路由协议
PE1
[PE1]bgp 65001
[PE1-bgp-default]ip vpn-instance vpn1
[PE1-bgp-default-vpn1]peer 10.1.13.1 as-number 100
[PE1-bgp-default-vpn1]address-family ipv4
[PE1-bgp-default-ipv4-vpn1]peer 10.1.13.1 enable
CE1
[CE1]bgp 100
[CE1-bgp-default]peer 10.1.13.2 as-number 65001
[CE1-bgp-default]address-family ipv4
[CE1-bgp-default-ipv4]network 172.16.255.1 32
[CE1-bgp-default-ipv4]peer 10.1.13.2 enable
PE2
[PE2]ospf 2 vpn-instance v
[PE2]ospf 2 vpn-instance vpn1
[PE2-ospf-2]area 0
[PE2-ospf-2-area-0.0.0.0]network 10.1.67.1 0.0.0.0
CE2
[CE2]ospf 2
[CE2-ospf-2]area 0
[CE2-ospf-2-area-0.0.0.0]network 10.1.67.2 0.0.0.0
[CE2-ospf-2-area-0.0.0.0]network 172.16.255.8 0.0.0.0
路由互引
PE2
[PE2]ospf 2
[PE2-ospf-2]import-route bgp 65002
[PE2-ospf-2]qu
[PE2]bgp 65002
[PE2-bgp-default]ip vpn-instance vpn1
[PE2-bgp-default-vpn1]address-family ipv4
[PE2-bgp-default-ipv4-vpn1]import-route ospf 2
测试
以上是关于华为的MPLS/VPM/BGP和思科的配置一样吗的主要内容,如果未能解决你的问题,请参考以下文章
玩转华为ENSP模拟器系列 | 配置BGP/MPLS IP VdPdNd