Datacom
/
datacom
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8296dd3cba'
${ noResults }
datacom/Datacom-MD/mpls-vpn实验手册.md

5.2 KiB
Raw Blame History Escape

image-20220315174135837

  • CE1、CE3属于vpna。
  • CE2、CE4属于vpnb。
  • vpna使用的VPN-target属性为111:1vpnb为222:2。
  • 不同VPN用户之间不能互相访问。

PE1

#
 sysname PE1
#
ip vpn-instance vpna  //创建VPN实例vpna
 ipv4-family
  route-distinguisher 100:1
  vpn-target 111:1 export-extcommunity
  vpn-target 111:1 import-extcommunity
#
ip vpn-instance vpnb  //创建VPN实例vpnb
 ipv4-family
  route-distinguisher 100:2
  vpn-target 222:2 export-extcommunity
  vpn-target 222:2 import-extcommunity
#
mpls lsr-id 1.1.1.9  //配置MPLS
mpls
#
mpls ldp  //建立LDP
#
interface Ethernet1/0/0  //绑定VPN实例
 ip binding vpn-instance vpna
 ip address 10.1.1.2 255.255.255.0
#
interface Ethernet2/0/0
 ip binding vpn-instance vpnb  //绑定VPN实例
 ip address 10.2.1.2 255.255.255.0
#
interface Ethernet2/0/1  //接口使能MPLS
 ip address 172.1.1.1 255.255.255.0
 mpls
 mpls ldp
#
interface LoopBack1
 ip address 1.1.1.9 255.255.255.255
#
bgp 100  //配置MP-IBGP对等体
 peer 3.3.3.9 as-number 100
 peer 3.3.3.9 connect-interface LoopBack1
 #
 ipv4-family unicast
  undo synchronization
  peer 3.3.3.9 enable
 #
 ipv4-family vpnv4  //使能对等体交换VPNv4路由信息的能力
  policy vpn-target
  peer 3.3.3.9 enable
 #
 ipv4-family vpn-instance vpna  //配置PE与CE之间建立EBGP对等体关系引入VPN路由
  peer 10.1.1.1 as-number 65410
  import-route direct
 #
 ipv4-family vpn-instance vpnb  //配置PE与CE之间建立EBGP对等体关系引入VPN路由
  peer 10.2.1.1 as-number 65420
  import-route direct
#
ospf 1  //配置公网路由
 area 0.0.0.0
  network 172.1.1.0 0.0.0.255
  network 1.1.1.9 0.0.0.0
#
return

P:

#
 sysname P
#
mpls lsr-id 2.2.2.9  //配置MPLS
mpls
#
mpls ldp
#
interface Ethernet1/0/0
 ip address 172.1.1.2 255.255.255.0
 mpls
 mpls ldp
#
interface Ethernet2/0/0
 ip address 172.2.1.1 255.255.255.0
 mpls
 mpls ldp
#
interface LoopBack1
 ip address 2.2.2.9 255.255.255.255
#
ospf 1  //配置公网路由
 area 0.0.0.0
  network 172.1.1.0 0.0.0.255
  network 172.2.1.0 0.0.0.255
  network 2.2.2.9 0.0.0.0
#
return

PE2

#
 sysname PE2
#
ip vpn-instance vpna  //创建VPN实例vpna
 ipv4-family
  route-distinguisher 200:1
  vpn-target 111:1 export-extcommunity
  vpn-target 111:1 import-extcommunity
#
ip vpn-instance vpnb  //创建VPN实例vpnb
 ipv4-family
  route-distinguisher 200:2
  vpn-target 222:2 export-extcommunity
  vpn-target 222:2 import-extcommunity
#
mpls lsr-id 3.3.3.9  //配置MPLS LSR
mpls
#
mpls ldp
#
interface Ethernet1/0/0 //绑定VPN实例
 ip binding vpn-instance vpna
 ip address 10.3.1.2 255.255.255.0
#
interface Ethernet2/0/0  //绑定VPN实例
 ip binding vpn-instance vpnb
 ip address 10.4.1.2 255.255.255.0
#
interface Ethernet2/0/1  //接口使能MPLS
 ip address 172.2.1.2 255.255.255.0
 mpls
 mpls ldp
#
interface LoopBack1
 ip address 3.3.3.9 255.255.255.255
#
bgp 100  //配置MP-IBGP对等体
 peer 1.1.1.9 as-number 100
 peer 1.1.1.9 connect-interface LoopBack1
 #
 ipv4-family unicast
  undo synchronization
  peer 1.1.1.9 enable
 #
 ipv4-family vpnv4  //使能对等体交换VPNv4路由信息的能力
  policy vpn-target
  peer 1.1.1.9 enable
 #
 ipv4-family vpn-instance vpna  //配置PE与CE之间建立EBGP对等体关系引入VPN路由
  peer 10.3.1.1 as-number 65430
  import-route direct
 #
 ipv4-family vpn-instance vpnb  //配置PE与CE之间建立EBGP对等体关系引入VPN路由
  peer 10.4.1.1 as-number 65440
  import-route direct
#
ospf 1  //配置公网路由
 area 0.0.0.0
  network 172.2.1.0 0.0.0.255
  network 3.3.3.9 0.0.0.0
#
return

CE1

#
 sysname CE1
#
interface Ethernet1/0/0
 ip address 10.1.1.1 255.255.255.0
#
bgp 65410  //在PE与CE之间建立EBGP对等体关系
 peer 10.1.1.2 as-number 100
 #
 ipv4-family unicast
  undo synchronization
  import-route direct  //引入直连路由
  peer 10.1.1.2 enable
#
return

CE2

#
 sysname CE2
#
interface Ethernet1/0/0
 ip address 10.2.1.1 255.255.255.0
#
bgp 65420  //在PE与CE之间建立EBGP对等体关系
 peer 10.2.1.2 as-number 100
 #
 ipv4-family unicast
  undo synchronization
  import-route direct  //引入直连路由
  peer 10.2.1.2 enable
#
return

CE3

#
 sysname CE3
#
interface Ethernet1/0/0
 ip address 10.3.1.1 255.255.255.0
#
bgp 65430  //在PE与CE之间建立EBGP对等体关系
 peer 10.3.1.2 as-number 100
 #
 ipv4-family unicast
  undo synchronization
  import-route direct  //引入直连路由
  peer 10.3.1.2 enable
#
return

CE4

#
 sysname CE4
#
interface Ethernet1/0/0
 ip address 10.4.1.1 255.255.255.0
#
bgp 65440  //在PE与CE之间建立EBGP对等体关系
 peer 10.4.1.2 as-number 100
 #
 ipv4-family unicast
  undo synchronization
  import-route direct  //引入直连路由
  peer 10.4.1.2 enable
#
return

PE之间必须使用32位掩码的Loopback接口地址来建立MP-IBGP对等体关系以便能够迭代到隧道