华为运营商级路由器配置示例 | 配置OptionA方式跨域BGP AD VPLS示例
2023-09-14 09:09:07 时间
组网需求
如图1,CE1和CE2属于同一个VPLS,分别通过AS100内的PE1和AS200内的PE2接入骨干网。
由于VPLS数量较少,因此本示例采用OptionA方式跨域BGP AD VPLS,ASBR间的接口被当作AC接口与VSI实例绑定,实现CE1与CE2的互通。
图1 配置OptionA方式跨域BGP AD VPLS组网图
配置思路
-
在骨干网上运行IGP协议实现ASBR与PE之间的互通,并且PE之间要建立隧道。
-
PE与域内的ASBR建立MP-IBGP对等体关系。
-
在PE1、ASBR1、ASBR2和PE2上配置VSI实例,并与AC接口绑定。
操作步骤
1.配置各设备接口的IP地址
# 配置CE1。
<HUAWEI> system-view
[~HUAWEI] sysname CE1
[*HUAWEI] commit
[*CE1] interface gigabitethernet 1/0/0.1
[*CE1-GigabitEthernet1/0/0.1] ip address 10.1.1.1 24
[*CE1-GigabitEthernet1/0/0.1] quit
[*CE1] commit# 配置PE1。
<HUAWEI> system-view
[~HUAWEI] sysname PE1
[*HUAWEI] commit
[~PE1] interface loopback1
[*PE1-Loopback1] ip address 1.1.1.1 32
[*PE1-Loopback1] quit
[*PE1] interface gigabitethernet 2/0/0
[*PE1-GigabitEthernet2/0/0] ip address 10.10.1.1 24
[*PE1-GigabitEthernet2/0/0] quit
[*PE1] commit# 配置ASBR1。
<HUAWEI> system-view
[~HUAWEI] sysname ASBR1
[*HUAWEI] commit
[~ASBR1] interface loopback1
[*ASBR1-Loopback1] ip address 2.2.2.2 32
[*ASBR1-Loopback1] quit
[*ASBR1] interface gigabitethernet 1/0/0
[*ASBR1-GigabitEthernet1/0/0] ip address 10.10.1.2 24
[*ASBR1-GigabitEthernet1/0/0] quit
[*ASBR1] commit# 配置ASBR2。
<HUAWEI> system-view
[~HUAWEI] sysname ASBR2
[*HUAWEI] commit
[~ASBR2] interface loopback1
[*ASBR2-Loopback1] ip address 3.3.3.3 32
[*ASBR2-Loopback1] quit
[*ASBR2] interface gigabitethernet 2/0/0
[*ASBR2-GigabitEthernet2/0/0] ip address 10.20.1.1 24
[*ASBR2-GigabitEthernet2/0/0] quit
[*ASBR2] commit# 配置PE2。
<HUAWEI> system-view
[~HUAWEI] sysname PE2
[*HUAWEI] commit
[~PE2] interface loopback1
[*PE2-Loopback1] ip address 4.4.4.4 32
[*PE2-Loopback1] quit
[*PE2] interface gigabitethernet 1/0/0
[*PE2-GigabitEthernet1/0/0] ip address 10.20.1.2 24
[*PE2-GigabitEthernet1/0/0] quit
[*PE2] commit# 配置CE2。
<HUAWEI> system-view
[~HUAWEI] sysname CE2
[~HUAWEI] commit
[*CE2] interface gigabitethernet 1/0/0.1
[*CE2-GigabitEthernet1/0/0.1] ip address 10.1.1.2 24
[*CE2-GigabitEthernet1/0/0.1] quit
[*CE2] commit2.配置骨干网的IGP协议
# 配置PE1。
[~PE1] ospf 1
[*PE1-ospf-1] area 0.0.0.0
[*PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[*PE1-ospf-1-area-0.0.0.0] network 10.10.1.0 0.0.0.255
[*PE1-ospf-1-area-0.0.0.0] quit
[*PE1-ospf-1] quit
[*PE1] commit# 配置ASBR1。
[~ASBR1] ospf 1
[*ASBR1-ospf-1] area 0.0.0.0
[*ASBR1-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[*ASBR1-ospf-1-area-0.0.0.0] network 10.10.1.0 0.0.0.255
[*ASBR1-ospf-1-area-0.0.0.0] quit
[*ASBR1-ospf-1] quit
[*ASBR1] commit# 配置ASBR2。
[~ASBR2] ospf 1
[*ASBR2-ospf-1] area 0.0.0.0
[*ASBR2-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0
[*ASBR2-ospf-1-area-0.0.0.0] network 10.20.1.0 0.0.0.255
[*ASBR2-ospf-1-area-0.0.0.0] quit
[*ASBR2-ospf-1] quit
[*ASBR2] commit# 配置PE2。
[~PE2] ospf 1
[*PE2-ospf-1] area 0.0.0.0
[*PE2-ospf-1-area-0.0.0.0] network 4.4.4.4 0.0.0.0
[*PE2-ospf-1-area-0.0.0.0] network 10.20.1.0 0.0.0.255
[*PE2-ospf-1-area-0.0.0.0] quit
[*PE2-ospf-1] quit
[*PE2] commit3.使能MPLS,建立LSP隧道
# 配置PE1。
[~PE1] mpls lsr-id 1.1.1.1
[*PE1] mpls
[*PE1-mpls] quit
[*PE1] mpls ldp
[*PE1-mpls-ldp] quit
[*PE1] interface gigabitethernet 2/0/0
[*PE1-GigabitEthernet2/0/0] mpls
[*PE1-GigabitEthernet2/0/0] mpls ldp
[*PE1-GigabitEthernet2/0/0] quit
[*PE1] commit# 配置ASBR1。
[~ASBR1] mpls lsr-id 2.2.2.2
[*ASBR1] mpls
[*ASBR1-mpls] quit
[*ASBR1] mpls ldp
[*ASBR1-mpls-ldp] quit
[*ASBR1] interface gigabitethernet 1/0/0
[*ASBR1-GigabitEthernet1/0/0] mpls
[*ASBR1-GigabitEthernet1/0/0] mpls ldp
[*ASBR1-GigabitEthernet1/0/0] quit
[*ASBR1] commit# 配置ASBR2。
[~ASBR2] mpls lsr-id 3.3.3.3
[*ASBR2] mpls
[*ASBR2-mpls] quit
[*ASBR2] mpls ldp
[*ASBR2-mpls-ldp] quit
[*ASBR2] interface gigabitethernet 2/0/0
[*ASBR2-GigabitEthernet2/0/0] mpls
[*ASBR2-GigabitEthernet2/0/0] mpls ldp
[*ASBR2-GigabitEthernet2/0/0] quit
[*ASBR2] commit# 配置PE2。
[~PE2] mpls lsr-id 4.4.4.4
[*PE2] mpls
[*PE2-mpls] quit
[*PE2] mpls ldp
[*PE2-mpls-ldp] quit
[*PE2] interface gigabitethernet 1/0/0
[*PE2-GigabitEthernet1/0/0] mpls
[*PE2-GigabitEthernet1/0/0] mpls ldp
[*PE2-GigabitEthernet1/0/0] quit
[*PE2] commit4.配置域内的MP-IBGP连接
# 配置PE1。
[~PE1] bgp 100
[*PE1-bgp] peer 2.2.2.2 as-number 100
[*PE1-bgp] peer 2.2.2.2 connect-interface loopback 1
[*PE1-bgp] l2vpn-ad-family
[*PE1-bgp-af-l2vpn-ad] peer 2.2.2.2 enable
[*PE1-bgp-af-l2vpn-ad] quit
[*PE1-bgp] quit
[*PE1] commit# 配置ASBR1。
[~ASBR1] bgp 100
[*ASBR1-bgp] peer 1.1.1.1 as-number 100
[*ASBR1-bgp] peer 1.1.1.1 connect-interface loopback 1
[*ASBR1-bgp] l2vpn-ad-family
[*ASBR1-bgp-af-l2vpn-ad] peer 1.1.1.1 enable
[*ASBR1-bgp-af-l2vpn-ad] quit
[*ASBR1-bgp] quit
[*ASBR1] commit# 配置ASBR2。
[~ASBR2] bgp 200
[*ASBR2-bgp] peer 4.4.4.4 as-number 200
[*ASBR2-bgp] peer 4.4.4.4 connect-interface loopback 1
[*ASBR2-bgp] l2vpn-ad-family
[*ASBR2-bgp-af-l2vpn-ad] peer 4.4.4.4 enable
[*ASBR2-bgp-af-l2vpn-ad] quit
[*ASBR2-bgp] quit
[*ASBR2] commit# 配置PE2。
[~PE2] bgp 200
[*PE2-bgp] peer 3.3.3.3 as-number 200
[*PE2-bgp] peer 3.3.3.3 connect-interface loopback 1
[*PE2-bgp] l2vpn-ad-family
[*PE2-bgp-af-l2vpn-ad] peer 3.3.3.3 enable
[*PE2-bgp-af-l2vpn-ad] quit
[*PE2-bgp] quit
[*PE2] commit完成此步骤后,在PE或ASBR上执行display bgp l2vpn-ad peer命令,可看到MP-IBGP对等体连接状态为“Established”。以PE1的显示为例:
[~PE1] display bgp l2vpn-ad peer
BGP local router ID : 10.10.1.1
Local AS number : 100
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
2.2.2.2 4 100 97 97 0 01:18:54 Established 15.配置BGP AD方式VPLS
# 配置PE1。
[~PE1] mpls l2vpn
[*PE1] quit
[*PE1] vsi vplsad1
[*PE1-vsi-vplsad1] bgp-ad
[*PE1-vsi-vplsad1-bgpad] vpls-id 100:1
[*PE1-vsi-vplsad1-bgpad] vpn-target 200:1 import-extcommunity
[*PE1-vsi-vplsad1-bgpad] vpn-target 200:1 export-extcommunity
[*PE1-vsi-vplsad1-bgpad] quit
[*PE1-vsi-vplsad1] quit
[*PE1] interface gigabitethernet1/0/0.1
[*PE1-GigabitEthernet1/0/0.1] vlan-type dot1q 10
[*PE1-GigabitEthernet1/0/0.1] l2 binding vsi vplsad1
[*PE1-GigabitEthernet1/0/0.1] quit
[*PE1] commit# 配置ASBR1。
[~ASBR1] mpls l2vpn
[*ASBR1] quit
[*ASBR1] vsi vplsad1
[*ASBR1-vsi-vplsad1] bgp-ad
[*ASBR1-vsi-vplsad1-bgpad] vpls-id 100:1
[*ASBR1-vsi-vplsad1-bgpad] vpn-target 200:1 import-extcommunity
[*ASBR1-vsi-vplsad1-bgpad] vpn-target 200:1 export-extcommunity
[*ASBR1-vsi-vplsad1-bgpad] quit
[*ASBR1-vsi-vplsad1] quit
[*ASBR1] interface gigabitethernet2/0/0.1
[*ASBR1-GigabitEthernet2/0/0.1] vlan-type dot1q 10
[*ASBR1-GigabitEthernet2/0/0.1] l2 binding vsi vplsad1
[*ASBR1-GigabitEthernet2/0/0.1] quit
[*ASBR1] commit# 配置ASBR2。
[~ASBR2] mpls l2vpn
[*ASBR2] quit
[*ASBR2] vsi vplsad1
[*ASBR2-vsi-vplsad1] bgp-ad
[*ASBR2-vsi-vplsad1-bgpad] vpls-id 100:1
[*ASBR2-vsi-vplsad1-bgpad] vpn-target 200:1 import-extcommunity
[*ASBR2-vsi-vplsad1-bgpad] vpn-target 200:1 export-extcommunity
[*ASBR2-vsi-vplsad1-bgpad] quit
[*ASBR2-vsi-vplsad1] quit
[*ASBR2] interface gigabitethernet1/0/0.1
[*ASBR2-GigabitEthernet1/0/0.1] vlan-type dot1q 10
[*ASBR2-GigabitEthernet1/0/0.1] l2 binding vsi vplsad1
[*ASBR2-GigabitEthernet1/0/0.1] quit
[*ASBR2] commit# 配置PE2。
[*PE2] mpls l2vpn
[*PE2] quit
[*PE2] vsi vplsad1
[*PE2-vsi-vplsad1] bgp-ad
[*PE2-vsi-vplsad1-bgpad] vpls-id 100:1
[*PE2-vsi-vplsad1-bgpad] vpn-target 200:1 import-extcommunity
[*PE2-vsi-vplsad1-bgpad] vpn-target 200:1 export-extcommunity
[*PE2-vsi-vplsad1-bgpad] quit
[*PE2-vsi-vplsad1] quit
[~PE2] interface gigabitethernet2/0/0.1
[*PE2-GigabitEthernet2/0/0.1] vlan-type dot1q 10
[*PE2-GigabitEthernet2/0/0.1] l2 binding vsi vplsad1
[*PE2-GigabitEthernet2/0/0.1] quit
[*PE2] commit6.配置CE允许VLAN 10的报文通过
# 配置CE1。
[~CE1] interface gigabitethernet1/0/0.1
[*CE1-GigabitEthernet1/0/0.1] vlan-type dot1q 10
[*CE1-GigabitEthernet1/0/0.1] quit
[*CE1] commit# 配置CE2。
[~CE2] interface gigabitethernet1/0/0.1
[*CE2-GigabitEthernet1/0/0.1] vlan-type dot1q 10
[*CE2-GigabitEthernet1/0/0.1] quit
[*CE2] commit完成此步骤后,在PE或ASBR上执行display vsi命令,可看到VSI的状态为“up”。以PE1的显示为例:
[~PE1] display vsi
Total VSI number is 1, 1 is up, 0 is down, 0 is LDP mode, 0 is BGP mode, 1 is BGPAD mode, 0 is mixed mode, 0 is unspecified mode
--------------------------------------------------------------------------
Vsi Mem PW Mac Encap Mtu Vsi
Name Disc Type Learn Type Value State
--------------------------------------------------------------------------
bgpad1 -- bgpad unqualify vlan 1500 up7.检验配置结果
完成上述配置后,CE1与CE2可以相互ping通。以CE1的显示为例:
[~CE1] ping 10.1.1.2
PING 10.1.1.2: 56 data bytes, press CTRL_C to break
Reply from 10.1.1.2: bytes=56 Sequence=1 ttl=255 time=8 ms
Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=3 ms
Reply from 10.1.1.2: bytes=56 Sequence=3 ttl=255 time=3 ms
Reply from 10.1.1.2: bytes=56 Sequence=4 ttl=255 time=3 ms
Reply from 10.1.1.2: bytes=56 Sequence=5 ttl=255 time=4 ms
--- 10.1.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 3/4/8 ms
相关文章
- CDH中配置HDFS HA
- Java+MyEclipse+Tomcat (二)配置Servlet及简单实现表单提交
- 华为云服务器实战 之 Gitlab安装与配置使用
- 关于 Nginx 配置的一些疑惑, Nginx 根据cookie 进行rewrite
- OSPF虚链路配置.示例1
- IntellIJ IDEA 配置 Git,顺带解决Git Push rejected问题
- fedora23深度配置gnome系统环境, 如设置ibus的面板字体大小 以及gedit 自动探测文件字符编码fileencodings
- 玩转华为ENSP模拟器系列 | 配置基于VLAN的VLAN Mapping示例(2 to 2)
- 玩转华为ENSP模拟器系列 | 配置MSTP功能示例
- 玩转华为ENSP模拟器系列 | 配置LDP传输地址
- 玩转华为ENSP模拟器系列 | 配置DCN功能的示例
- 玩转华为ENSP模拟器系列 | 配置设备使用SNMPv3本地用户与网管通信
- 玩转华为ENSP模拟器系列 | 配置BGP/MPLS IP VdPdNd
- 华为运营商级路由器配置示例 | 配置OptionB方式跨域BGP VPLS示例(ASBR兼做PE)
- 华为运营商级路由器配置示例 | 配置OptionB方式跨域BGP VPLS示例
- 华为运营商级路由器配置示例 | 单段动态VPWS PW over SRv6 TE Policy(静态配置)
- 华为运营商级路由器配置示例 | EVdPdNd VPLS over SRv6 BE
- 华为运营商级路由器配置示例 | 非标签公网BGP路由迭代SR-MPLS BE隧道
- ssl https双向验证的配置与证书库的生成
- Linux之使用expect备份华为交换机配置
- 华为防火墙网管配置实例
- 华为MPLS-Hub&Sub组网实验配置
- 华为MPLS跨域A、B方案实验配置
- 华为路由器 VRRP主备配置