Datacom
/
datacom
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8296dd3cba'
${ noResults }
datacom/Datacom-MD/mpls-vpn实验手册.md

263 lines
5.2 KiB
Raw Normal View History Unescape

上传文件至 'Datacom-MD'
2 years ago
![image-20220315174135837](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20220315174135837.png)
- CE1、CE3属于vpna。
- CE2、CE4属于vpnb。
- vpna使用的VPN-target属性为111:1vpnb为222:2。
- 不同VPN用户之间不能互相访问。
PE1
```
#
sysname PE1
#
ip vpn-instance vpna //创建VPN实例vpna
ipv4-family
route-distinguisher 100:1
vpn-target 111:1 export-extcommunity
vpn-target 111:1 import-extcommunity
#
ip vpn-instance vpnb //创建VPN实例vpnb
ipv4-family
route-distinguisher 100:2
vpn-target 222:2 export-extcommunity
vpn-target 222:2 import-extcommunity
#
mpls lsr-id 1.1.1.9 //配置MPLS
mpls
#
mpls ldp //建立LDP
#
interface Ethernet1/0/0 //绑定VPN实例
ip binding vpn-instance vpna
ip address 10.1.1.2 255.255.255.0
#
interface Ethernet2/0/0
ip binding vpn-instance vpnb //绑定VPN实例
ip address 10.2.1.2 255.255.255.0
#
interface Ethernet2/0/1 //接口使能MPLS
ip address 172.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 1.1.1.9 255.255.255.255
#
bgp 100 //配置MP-IBGP对等体
peer 3.3.3.9 as-number 100
peer 3.3.3.9 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 3.3.3.9 enable
#
ipv4-family vpnv4 //使能对等体交换VPNv4路由信息的能力
policy vpn-target
peer 3.3.3.9 enable
#
ipv4-family vpn-instance vpna //配置PE与CE之间建立EBGP对等体关系引入VPN路由
peer 10.1.1.1 as-number 65410
import-route direct
#
ipv4-family vpn-instance vpnb //配置PE与CE之间建立EBGP对等体关系引入VPN路由
peer 10.2.1.1 as-number 65420
import-route direct
#
ospf 1 //配置公网路由
area 0.0.0.0
network 172.1.1.0 0.0.0.255
network 1.1.1.9 0.0.0.0
#
return
```
P:
```
#
sysname P
#
mpls lsr-id 2.2.2.9 //配置MPLS
mpls
#
mpls ldp
#
interface Ethernet1/0/0
ip address 172.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Ethernet2/0/0
ip address 172.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 2.2.2.9 255.255.255.255
#
ospf 1 //配置公网路由
area 0.0.0.0
network 172.1.1.0 0.0.0.255
network 172.2.1.0 0.0.0.255
network 2.2.2.9 0.0.0.0
#
return
```
PE2
```
#
sysname PE2
#
ip vpn-instance vpna //创建VPN实例vpna
ipv4-family
route-distinguisher 200:1
vpn-target 111:1 export-extcommunity
vpn-target 111:1 import-extcommunity
#
ip vpn-instance vpnb //创建VPN实例vpnb
ipv4-family
route-distinguisher 200:2
vpn-target 222:2 export-extcommunity
vpn-target 222:2 import-extcommunity
#
mpls lsr-id 3.3.3.9 //配置MPLS LSR
mpls
#
mpls ldp
#
interface Ethernet1/0/0 //绑定VPN实例
ip binding vpn-instance vpna
ip address 10.3.1.2 255.255.255.0
#
interface Ethernet2/0/0 //绑定VPN实例
ip binding vpn-instance vpnb
ip address 10.4.1.2 255.255.255.0
#
interface Ethernet2/0/1 //接口使能MPLS
ip address 172.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 3.3.3.9 255.255.255.255
#
bgp 100 //配置MP-IBGP对等体
peer 1.1.1.9 as-number 100
peer 1.1.1.9 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 1.1.1.9 enable
#
ipv4-family vpnv4 //使能对等体交换VPNv4路由信息的能力
policy vpn-target
peer 1.1.1.9 enable
#
ipv4-family vpn-instance vpna //配置PE与CE之间建立EBGP对等体关系引入VPN路由
peer 10.3.1.1 as-number 65430
import-route direct
#
ipv4-family vpn-instance vpnb //配置PE与CE之间建立EBGP对等体关系引入VPN路由
peer 10.4.1.1 as-number 65440
import-route direct
#
ospf 1 //配置公网路由
area 0.0.0.0
network 172.2.1.0 0.0.0.255
network 3.3.3.9 0.0.0.0
#
return
```
CE1
```
#
sysname CE1
#
interface Ethernet1/0/0
ip address 10.1.1.1 255.255.255.0
#
bgp 65410 //在PE与CE之间建立EBGP对等体关系
peer 10.1.1.2 as-number 100
#
ipv4-family unicast
undo synchronization
import-route direct //引入直连路由
peer 10.1.1.2 enable
#
return
```
CE2
```
#
sysname CE2
#
interface Ethernet1/0/0
ip address 10.2.1.1 255.255.255.0
#
bgp 65420 //在PE与CE之间建立EBGP对等体关系
peer 10.2.1.2 as-number 100
#
ipv4-family unicast
undo synchronization
import-route direct //引入直连路由
peer 10.2.1.2 enable
#
return
```
CE3
```
#
sysname CE3
#
interface Ethernet1/0/0
ip address 10.3.1.1 255.255.255.0
#
bgp 65430 //在PE与CE之间建立EBGP对等体关系
peer 10.3.1.2 as-number 100
#
ipv4-family unicast
undo synchronization
import-route direct //引入直连路由
peer 10.3.1.2 enable
#
return
```
CE4
```
#
sysname CE4
#
interface Ethernet1/0/0
ip address 10.4.1.1 255.255.255.0
#
bgp 65440 //在PE与CE之间建立EBGP对等体关系
peer 10.4.1.2 as-number 100
#
ipv4-family unicast
undo synchronization
import-route direct //引入直连路由
peer 10.4.1.2 enable
#
return
```
PE之间必须使用32位掩码的Loopback接口地址来建立MP-IBGP对等体关系以便能够迭代到隧道