华为运营商级路由器配置示例 | 配置OptionB方式跨域BGP VPLS示例
2023-09-14 09:09:07 时间
组网需求
如图1,PE1和PE2属于同一个VPLS,分别通过AS100内的PE1和AS200内的PE2接入骨干网。
由于ASBR间链路数量较少,因此本示例采用OptionB方式跨域BGP VPLS,PE的接口被当作AC接口与VSI实例绑定,实现CE1与CE2的互通。
配置思路
-
在跨域ASBR之间建立EBGP,使能L2VPN-AD地址族,并触发建立Localifnet隧道。
-
PE与域内的ASBR建立MP-IBGP对等体关系。
-
在PE1和PE2上配置普通BGP VPLS,并与AC接口绑定。
操作步骤
1.配置各设备接口的IP地址
# 配置CE1。
<HUAWEI> system-view
[~HUAWEI] sysname CE1
[*HUAWEI] commit
[~CE1] interface gigabitethernet 1/0/0
[*CE1-GigabitEthernet1/0/0] undo shutdown
[*CE1-GigabitEthernet1/0/0] quit
[*CE1] interface gigabitethernet 1/0/0.1
[*CE1-GigabitEthernet1/0/0.1] ip address 10.1.1.1 24
[*CE1-GigabitEthernet1/0/0.1] quit
[*CE1] commit# 配置PE1。
<HUAWEI> system-view
[~HUAWEI] sysname PE1
[*HUAWEI] commit
[~PE1] interface loopback1
[*PE1-Loopback1] ip address 1.1.1.1 32
[*PE1-Loopback1] quit
[*PE1] interface gigabitethernet 1/0/0
[*PE1-GigabitEthernet1/0/0] undo shutdown
[*PE1-GigabitEthernet1/0/0] quit
[*PE1] interface gigabitethernet 1/0/0.1
[*PE1-GigabitEthernet1/0/0.1] quit
[*PE1] interface gigabitethernet 2/0/0
[*PE1-GigabitEthernet2/0/0] undo shutdown
[*PE1-GigabitEthernet2/0/0] ip address 10.10.1.1 24
[*PE1-GigabitEthernet2/0/0] quit
[*PE1] commit# 配置ASBR1。
<HUAWEI> system-view
[~HUAWEI] sysname ASBR1
[*HUAWEI] commit
[~ASBR1] interface loopback1
[*ASBR1-Loopback1] ip address 2.2.2.2 32
[*ASBR1-Loopback1] quit
[*ASBR1] interface gigabitethernet 1/0/0
[*ASBR1-GigabitEthernet1/0/0] undo shutdown
[*ASBR1-GigabitEthernet1/0/0] ip address 10.10.2.2 24
[*ASBR1-GigabitEthernet1/0/0] quit
[*ASBR1] interface gigabitethernet 2/0/0
[*ASBR1-GigabitEthernet2/0/0] undo shutdown
[*ASBR1-GigabitEthernet2/0/0] ip address 10.10.1.2 24
[*ASBR1-GigabitEthernet2/0/0] quit
[*ASBR1] interface gigabitethernet 2/0/0.1
[*ASBR1-GigabitEthernet2/0/0.1] quit
[*ASBR1] commit# 配置ASBR2。
<HUAWEI> system-view
[~HUAWEI] sysname ASBR2
[*HUAWEI] commit
[~ASBR2] interface loopback1
[*ASBR2-Loopback1] ip address 3.3.3.3 32
[*ASBR2-Loopback1] quit
[*ASBR2] interface gigabitethernet 2/0/0
[*ASBR2-GigabitEthernet2/0/0] undo shutdown
[*PE2-GigabitEthernet2/0/0] ip address 10.10.3.3 24
[*ASBR2-GigabitEthernet2/0/0] quit
[*ASBR2] interface gigabitethernet 2/0/0.1
[*ASBR2-GigabitEthernet2/0/0.1] quit
[*ASBR2] interface gigabitethernet 1/0/0
[*ASBR2-GigabitEthernet1/0/0] undo shutdown
[*ASBR2-GigabitEthernet1/0/0] ip address 10.10.2.3 24
[*ASBR2-GigabitEthernet1/0/0] quit
[*ASBR2] commit# 配置PE2。
<HUAWEI> system-view
[~HUAWEI] sysname PE2
[*HUAWEI] commit
[~PE2] interface loopback1
[*PE2-Loopback1] ip address 4.4.4.4 32
[*PE2-Loopback1] quit
[*PE2] interface gigabitethernet 2/0/0
[*PE2-GigabitEthernet2/0/0] undo shutdown
[*PE2-GigabitEthernet2/0/0] ip address 10.10.3.4 24
[*PE2-GigabitEthernet2/0/0] quit
[*PE2] interface gigabitethernet 1/0/0
[*PE2-GigabitEthernet1/0/0] undo shutdown
[*PE2-GigabitEthernet1/0/0] quit
[*PE2] interface gigabitethernet 1/0/0.1
[*PE2-GigabitEthernet1/0/0.1] quit
[*PE2] commit# 配置CE2。
<HUAWEI> system-view
[~HUAWEI] sysname CE2
[~HUAWEI] commit
[~CE2] interface gigabitethernet 1/0/0
[*CE2-GigabitEthernet1/0/0] undo shutdown
[*CE2-GigabitEthernet1/0/0] quit
[*CE2] interface gigabitethernet 1/0/0.1
[*CE2-GigabitEthernet1/0/0.1] ip address 10.1.1.2 24
[*CE2-GigabitEthernet1/0/0.1] quit
[*CE2] commit2.配置骨干网的IGP协议
# 配置PE1。
[~PE1] ospf 1
[*PE1-ospf-1] area 0.0.0.0
[*PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[*PE1-ospf-1-area-0.0.0.0] network 10.10.1.0 0.0.0.255
[*PE1-ospf-1-area-0.0.0.0] quit
[*PE1-ospf-1] quit
[*PE1] commit# 配置ASBR1。
[~ASBR1] ospf 1
[*ASBR1-ospf-1] area 0.0.0.0
[*ASBR1-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[*ASBR1-ospf-1-area-0.0.0.0] network 10.10.1.0 0.0.0.255
[*ASBR1-ospf-1-area-0.0.0.0] network 10.10.2.0 0.0.0.255
[*ASBR1-ospf-1-area-0.0.0.0] quit
[*ASBR1-ospf-1] quit
[*ASBR1] commit# 配置ASBR2。
[~ASBR2] ospf 1
[*ASBR2-ospf-1] area 0.0.0.0
[*ASBR2-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0
[*ASBR2-ospf-1-area-0.0.0.0] network 10.10.2.0 0.0.0.255
[*ASBR2-ospf-1-area-0.0.0.0] network 10.10.3.0 0.0.0.255
[*ASBR2-ospf-1-area-0.0.0.0] quit
[*ASBR2-ospf-1] quit
[*ASBR2] commit# 配置PE2。
[~PE2] ospf 1
[*PE2-ospf-1] area 0.0.0.0
[*PE2-ospf-1-area-0.0.0.0] network 4.4.4.4 0.0.0.0
[*PE2-ospf-1-area-0.0.0.0] network 10.10.3.0 0.0.0.255
[*PE2-ospf-1-area-0.0.0.0] quit
[*PE2-ospf-1] quit
[*PE2] commit3.使能MPLS,建立LSP隧道
# 配置PE1。
[~PE1] mpls lsr-id 1.1.1.1
[*PE1] mpls
[*PE1-mpls] quit
[*PE1] mpls ldp
[*PE1-mpls-ldp] quit
[*PE1] commit# 配置ASBR1。
[~ASBR1] mpls lsr-id 2.2.2.2
[*ASBR1] mpls
[*ASBR1-mpls] quit
[*ASBR1] mpls ldp
[*ASBR1-mpls-ldp] quit
[*ASBR1] interface gigabitethernet 2/0/0
[*ASBR1-GigabitEthernet2/0/0] mpls
[*ASBR1-GigabitEthernet2/0/0] mpls ldp
[*ASBR1-GigabitEthernet2/0/0] quit
[*ASBR1] commit# 配置ASBR2。
[~ASBR2] mpls lsr-id 3.3.3.3
[*ASBR2] mpls
[*ASBR2-mpls] quit
[*ASBR2] mpls ldp
[*ASBR2-mpls-ldp] quit
[*ASBR2] interface gigabitethernet 2/0/0
[*ASBR2-GigabitEthernet2/0/0] mpls
[*ASBR2-GigabitEthernet2/0/0] mpls ldp
[*ASBR2-GigabitEthernet2/0/0] quit
[*ASBR2] interface gigabitethernet 1/0/0
[*ASBR2-GigabitEthernet1/0/0] mpls
[*ASBR2-GigabitEthernet1/0/0] quit
[*ASBR2] commit# 配置PE2。
[~PE2] mpls lsr-id 4.4.4.4
[*PE2] mpls
[*PE2-mpls] quit
[*PE2] mpls ldp
[*PE2-mpls-ldp] quit
[*PE2] interface gigabitethernet 2/0/0
[*PE2-GigabitEthernet2/0/0] mpls
[*PE2-GigabitEthernet2/0/0] mpls ldp
[*PE2-GigabitEthernet2/0/0] quit
[*PE2] commit4.配置BGP方式VPLS
# 配置PE1。
[~PE1] mpls l2vpn
[*PE1-l2vpn] quit
[*PE1-tunnel-policy-p1] tunnel-policy p1
[*PE1-tunnel-policy-p1] tunnel select-seq bgp ldp load-balance-number 1
[*PE1-tunnel-policy-p1] tunnel-selector s1 permit node 10
[*PE1-tunnel-selector] apply tunnel-policy p1
[*PE1-tunnel-selector] quit
[*PE1] vsi v1
[*PE1-vsi-v1] pwsignal bgp
[*PE1-vsi-v1-bgp] route-distinguisher 10.10.1.1:1
[*PE1-vsi-v1-bgp] vpn-target 100:1 import-extcommunity
[*PE1-vsi-v1-bgp] vpn-target 100:1 export-extcommunity
[*PE1-vsi-v1-bgp] site 1 range 10 default-offset 0
[*PE1-vsi-v1-bgp] quit
[*PE1-vsi-v1] quit
[*PE1] interface gigabitethernet1/0/0.1
[*PE1-GigabitEthernet1/0/0.1] shutdown
[*PE1-GigabitEthernet1/0/0.1] vlan-type dot1q 10
[*PE1-GigabitEthernet1/0/0.1] l2 binding vsi v1
[*PE1-GigabitEthernet1/0/0.1] undo shutdown
[*PE1-GigabitEthernet1/0/0.1] quit
[*PE1] commit# 配置ASBR1。
[~ASBR1] mpls l2vpn
[*ASBR1-l2vpn] quit
[*ASBR1-tunnel-policy-p1] tunnel-policy p1
[*ASBR1-tunnel-policy-p1] tunnel select-seq ldp bgp load-balance-number 1
[*ASBR1-tunnel-policy-p1] tunnel-selector s1 permit node 10
[*ASBR1-tunnel-selector] apply tunnel-policy p1
[*ASBR1-tunnel-selector] quit
[*ASBR1] commit# 配置ASBR2。
[~ASBR2] mpls l2vpn
[*ASBR2-l2vpn] quit
[*ASBR2-tunnel-policy-p1] tunnel-policy p1
[*ASBR2-tunnel-policy-p1] tunnel select-seq ldp bgp load-balance-number 1
[*ASBR2-tunnel-policy-p1] tunnel-selector s1 permit node 10
[*ASBR2-tunnel-selector] apply tunnel-policy p1
[*ASBR2-tunnel-selector] quit
[*ASBR2] commit# 配置PE2。
[~PE2] mpls l2vpn
[*PE2-l2vpn] quit
[*PE2-tunnel-policy-p1] tunnel-policy p1
[*PE2-tunnel-policy-p1] tunnel select-seq bgp ldp load-balance-number 1
[*PE2-tunnel-policy-p1] tunnel-selector s1 permit node 10
[*PE2-tunnel-selector] apply tunnel-policy p1
[*PE2-tunnel-selector] quit
[*PE2] vsi v1
[*PE2-vsi-v1] pwsignal bgp
[*PE2-vsi-v1-bgp] route-distinguisher 10.10.3.4:1
[*PE2-vsi-v1-bgp] vpn-target 100:1 import-extcommunity
[*PE2-vsi-v1-bgp] vpn-target 100:1 export-extcommunity
[*PE2-vsi-v1-bgp] site 2 range 10 default-offset 0
[*PE2-vsi-v1-bgp] quit
[*PE2-vsi-v1] quit
[*PE2] interface gigabitethernet1/0/0.1
[*PE2-GigabitEthernet1/0/0.1] shutdown
[*PE2-GigabitEthernet1/0/0.1] vlan-type dot1q 10
[*PE2-GigabitEthernet1/0/0.1] l2 binding vsi v1
[*PE2-GigabitEthernet1/0/0.1] undo shutdown
[*PE2-GigabitEthernet1/0/0.1] quit
[*PE2] commit5.配置域内的MP-IBGP连接
# 配置PE1。
[~PE1] bgp 100
[*PE1-bgp] peer 2.2.2.2 as-number 100
[*PE1-bgp] peer 2.2.2.2 connect-interface loopback 1
[*PE1-bgp] l2vpn-ad-family
[*PE1-bgp-af-l2vpn-ad] policy vpn-target
[*PE1-bgp-af-l2vpn-ad] tunnel-selector s1
[*PE1-bgp-af-l2vpn-ad] signaling vpls
[*PE1-bgp-af-l2vpn-ad] peer 2.2.2.2 enable
Warning: This operation will reset the peer session. Continue? [Y/N]:y
[*PE1-bgp-af-l2vpn-ad] quit
[*PE1-bgp] quit
[*PE1] commit# 配置ASBR1。
[~ASBR1] bgp 100
[*ASBR1-bgp] peer 1.1.1.1 as-number 100
[*ASBR1-bgp] peer 1.1.1.1 connect-interface loopback 1
[*ASBR1-bgp] peer 10.10.2.3 as-number 200
[*ASBR1-bgp] peer 10.10.2.3 connect-interface gigabitethernet 1/0/0
[*ASBR1-bgp] l2vpn-ad-family
[*ASBR1-bgp-af-l2vpn-ad] undo policy vpn-target
[*ASBR1-bgp-af-l2vpn-ad] tunnel-selector s1
[*ASBR1-bgp-af-l2vpn-ad] signaling vpls
[*ASBR1-bgp-af-l2vpn-ad] peer 1.1.1.1 enable
Warning: This operation will reset the peer session. Continue? [Y/N]:y
[*ASBR1-bgp-af-l2vpn-ad] peer 10.10.2.3 enable
Warning: This operation will reset the peer session. Continue? [Y/N]:y
[*ASBR1-bgp-af-l2vpn-ad] quit
[*ASBR1-bgp] quit
[*ASBR1] commit# 配置ASBR2。
[~ASBR2] bgp 200
[*ASBR2-bgp] peer 4.4.4.4 as-number 200
[*ASBR2-bgp] peer 4.4.4.4 connect-interface loopback 1
[*ASBR2-bgp] peer 10.10.2.2 as-number 100
[*ASBR2-bgp] peer 10.10.2.2 connect-interface gigabitethernet 1/0/0
[*ASBR2-bgp] l2vpn-ad-family
[*ASBR2-bgp-af-l2vpn-ad] undo policy vpn-target
[*ASBR2-bgp-af-l2vpn-ad] tunnel-selector s1
[*ASBR2-bgp-af-l2vpn-ad] signaling vpls
[*ASBR2-bgp-af-l2vpn-ad] peer 4.4.4.4 enable
Warning: This operation will reset the peer session. Continue? [Y/N]:y
[*ASBR2-bgp-af-l2vpn-ad] peer 10.10.2.2 enable
Warning: This operation will reset the peer session. Continue? [Y/N]:y
[*ASBR2-bgp-af-l2vpn-ad] quit
[*ASBR2-bgp] quit
[*ASBR2] commit# 配置PE2。
[~PE2] bgp 200
[*PE2-bgp] peer 3.3.3.3 as-number 200
[*PE2-bgp] peer 3.3.3.3 connect-interface loopback 1
[*PE2-bgp] l2vpn-ad-family
[*PE2-bgp-af-l2vpn-ad] policy vpn-target
[*PE2-bgp-af-l2vpn-ad] tunnel-selector s1
[*PE2-bgp-af-l2vpn-ad] signaling vpls
[*PE2-bgp-af-l2vpn-ad] peer 3.3.3.3 enable
[*PE2-bgp-af-l2vpn-ad] quit
[*PE2-bgp] quit
[*PE2] commit完成此步骤后,在PE或ASBR上执行display bgp l2vpn-ad peer命令,可看到MP-IBGP对等体连接状态为“Established”。
以PE1的显示为例:
[~PE1] display bgp l2vpn-ad peer
BGP local router ID : 3.3.3.3
Local AS number : 200
Total number of peers : 2 Peers in established state : 2
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
4.4.4.4 4 200 8 8 0 00:02:32 Established 1
10.10.2.2 4 100 189 187 0 02:39:53 Established 1 6.配置CE允许VLAN 10的报文通过
# 配置CE1。
[~CE1] interface gigabitethernet1/0/0.1
[*CE1-GigabitEthernet1/0/0.1] vlan-type dot1q 10
[*CE1-GigabitEthernet1/0/0.1] quit
[*CE1] commit# 配置CE2。
[~CE2] interface gigabitethernet1/0/0.1
[*CE2-GigabitEthernet1/0/0.1] vlan-type dot1q 10
[*CE2-GigabitEthernet1/0/0.1] quit
[*CE2] commit7.检验配置结果
在PE上执行display vpls connection bgp verbose命令查看VSI信息,可发现VSI状态为Up。
以PE1的显示为例:
[~PE1] display vpls connection bgp verbose
VSI Name: v1 Signaling: bgp
**Remote Site ID : 2
VC State : up
RD : 10.10.3.4:1
Encapsulation : bgp vpls
MTU : 1500
Peer Ip Address : 2.2.2.2
PW Type : label
Local VC Label : 368642
Remote VC Label : 368649
Tunnel Policy : --
Tunnel ID : 0x0000000001004c4b42
Remote Label Block : 368648/8/0
Export vpn target : 100:1 CE1与CE2可以相互ping通。
[~CE1] ping 10.1.1.2
PING 10.10.1.2: 56 data bytes, press CTRL_C to break
Reply from 10.10.1.2: bytes=56 Sequence=1 ttl=255 time=149 ms
Reply from 10.10.1.2: bytes=56 Sequence=2 ttl=255 time=4 ms
Reply from 10.10.1.2: bytes=56 Sequence=3 ttl=255 time=4 ms
Reply from 10.10.1.2: bytes=56 Sequence=4 ttl=255 time=4 ms
Reply from 10.10.1.2: bytes=56 Sequence=5 ttl=255 time=4 ms
--- 10.10.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 4/33/149 ms 在PE或ASBR上执行命令display vsi name v1 verbose,可以查看指定VSI的VPLS实例信息。以PE1的显示为例:
[~PE1] display vsi name v1 verbose
***VSI Name : v1
Work Mode : normal
Administrator VSI : no
Isolate Spoken : disable
VSI Index : 1
PW Signaling : bgp
Member Discovery Style : --
Bridge-domain Mode : disable
PW MAC Learn Style : unqualify
Encapsulation Type : vlan
MTU : 1500
Diffserv Mode : uniform
Service Class : --
Color : --
DomainId : 255
Domain Name :
Ignore AcState : disable
P2P VSI : disable
Multicast Fast Switch : disable
Create Time : 0 days, 9 hours, 8 minutes, 35 seconds
VSI State : up
Resource Status : --
BGP RD : 10.10.1.1:1
SiteID/Range/Offset : 1/10/0
Import vpn target : 100:1
Export vpn target : 100:1
Remote Label Block : 368648/8/0
Local Label Block : 0/368640/8/0
Interface Name : GigabitEthernet2/0/0.1
State : up
Ac Block State : unblocked
Access Port : false
Last Up Time : 2019/08/26 03:56:35
Total Up Time : 0 days, 8 hours, 51 minutes, 8 seconds
Interface Name : GigabitEthernet1/0/0.1
State : up
Ac Block State : unblocked
Access Port : false
Last Up Time : 2019/08/26 12:07:53
Total Up Time : 0 days, 0 hours, 39 minutes, 50 seconds
**PW Information:
*Peer Ip Address : 2.2.2.2
PW State : up
Local VC Label : 368642
Remote VC Label : 368649
Remote Control Word : disable
Negotiated Control Word: disable
PW Type : label
Tunnel ID : 0x0000000001004c4b42
Broadcast Tunnel ID : --
Broad BackupTunnel ID : --
Ckey : 1
Nkey : 16777327
Main PW Token : 0x0
Slave PW Token : 0x0
Tnl Type : ldp
OutInterface : --
Backup OutInterface : --
Stp Enable : 0
Mac Flapping : 0
Monitor Group Name : --
PW Last Up Time : 2019/08/26 06:06:19
PW Total Up Time : 0 days, 6 hours, 41 minutes, 25 seconds
相关文章
- Shark-0.9.0安装配置运行实践
- Kotlin【简介】Android开发 配置 扩展
- Linux iptables NAT配置
- PhalGo-Viper获取配置
- [译]SQL Server分析服务的权限配置
- MAC系统下Sublime Text3 配置Python3详细教程
- 华为防火墙L2TP各个配置作用以及流的走向分析
- 华为LACP的相关配置命令
- 玩转华为ENSP模拟器系列 | 配置普通NTP对等体模式示例
- 玩转华为ENSP模拟器系列 | 配置动态BFD检测LDP LSP示例
- 玩转华为ENSP模拟器系列 | 配置LDP远端会话的定时器
- 玩转华为数据中心交换机系列 | 配置动态路由接入M-LAG
- 华为运营商级路由器配置示例 | 配置OptionC方式跨域BGP AD VPLS示例
- 华为运营商级路由器配置示例 | 配置OptionA方式跨域BGP AD VPLS示例
- 华为运营商级路由器配置示例 | 配置VPLS Multi-homing示例
- 华为运营商级路由器配置示例 | 合集
- 华为运营商级路由器配置示例 | SRv6 SFC承载IPv4业务功能(SFF到SF使用二层转发)
- 华为运营商级路由器配置示例 | 跨域L3VdPdNdv4 over SRv6 TE Policy
- 华为运营商级路由器配置示例 | EVdPdNd L3VdPdNdv4 over SRv6 TE Policy(静态配置)
- 华为运营商级路由器配置示例 | 静态BFD for IPv4静态路由
- 100集华为HCIE安全培训视频教材整理 | 防火墙初始化配置
- Linux7配置teaming网卡绑定
- 华为交换机及防火墙设备配置自动保存配置
- 华为防火墙配置笔记
- 华为MPLS单域实验配置
- 华为云之HECS云服务器配置docker环境
- 华为交换机ACL配置