No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Typical Configuration Examples

CloudEngine 12800, 12800E, 8800, 7800, 6800, and 5800 Series Switches

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Static Routes to Implement Route-based Connectivity Between Public and Private Networks

Example for Configuring Static Routes to Implement Route-based Connectivity Between Public and Private Networks

Applicable Products and Versions

This example applies to the CE12800/CE6800/CE5800 V100R001C00 or later, the CE7800 V100R003C00 or later, the CE8800 V100R006C00 or later, CE12800E V200R002C50 or later.

Networking Requirements

On a network shown in Figure 2-57, PE1 is a device on an IP network, Server is directly connected to PE1, PE2 connects to vpna through SwitchA, and vpna connects to PE1 through PE2. The customer requires that the public and private networks can communicate based on routes, and SwitchA can access Server. In the test, a switch is used to replace Server on this network.

Figure 2-57 Configuring static routes to implement route-based connectivity between public and private networks

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure VLANs and interfaces on PE1 and SwitchA.

  2. Configure a VPN instance on PE2 and bind the VPN instance to SwitchA.

  3. Configure static routes on Server, PE1, and SwitchA to implement public network connectivity.

  4. Configure static routes on PE2 to implement connectivity between public and private networks.

Procedure

  1. Configure VLANs and interfaces on PE1 and SwitchA.

    # Configure PE1.

    <HUAWEI> system-view
    [~HUAWEI] sysname PE1
    [*HUAWEI] commit
    [~PE1] vlan batch 20 100
    [*PE1] interface 10ge 1/0/1
    [*PE1-10GE1/0/1] port link-type trunk
    [*PE1-10GE1/0/1] port trunk allow-pass vlan 20
    [*PE1-10GE1/0/1] undo port trunk allow-pass vlan 1
    [*PE1-10GE1/0/1] quit
    [*PE1] interface 10ge 1/0/2
    [*PE1-10GE1/0/2] port link-type trunk
    [*PE1-10GE1/0/2] port trunk allow-pass vlan 100
    [*PE1-10GE1/0/2] undo port trunk allow-pass vlan 1
    [*PE1-10GE1/0/2] quit
    [*PE1] interface vlanif 20
    [*PE1-Vlanif20] ip address 2.1.1.1 24
    [*PE1-Vlanif20] quit
    [*PE1] interface vlanif 100
    [*PE1-Vlanif100] ip address 1.1.1.1 24
    [*PE1-Vlanif100] quit
    [*PE1] commit

    # Configure SwitchA.

    <HUAWEI> system-view
    [~HUAWEI] sysname SwitchA
    [*HUAWEI] commit
    [~SwitchA] vlan batch 10
    [*SwitchA] interface 10ge 1/0/1
    [*SwitchA-10GE1/0/1] port link-type trunk
    [*SwitchA-10GE1/0/1] port trunk allow-pass vlan 10
    [*SwitchA-10GE1/0/1] undo port trunk allow-pass vlan 1
    [*SwitchA-10GE1/0/1] quit
    [*SwitchA] interface vlanif 10
    [*SwitchA-Vlanif10] ip address 10.1.1.1 24
    [*SwitchA-Vlanif10] quit
    [*SwitchA] commit

  2. Configure a VPN instance on PE2 and bind the VPN instance to SwitchA.

    <HUAWEI> system-view
    [~HUAWEI] sysname PE2
    [*HUAWEI] commit
    [~PE2] vlan batch 10 100
    [*PE2] interface 10ge 1/0/1
    [*PE2-10GE1/0/1] port link-type trunk
    [*PE2-10GE1/0/1] port trunk allow-pass vlan 10
    [*PE2-10GE1/0/1] undo port trunk allow-pass vlan 1
    [*PE2-10GE1/0/1] quit
    [*PE2] interface 10ge 1/0/2
    [*PE2-10GE1/0/2] port link-type trunk
    [*PE2-10GE1/0/2] port trunk allow-pass vlan 100
    [*PE2-10GE1/0/2] undo port trunk allow-pass vlan 1
    [*PE2-10GE1/0/2] quit
    [*PE2] ip vpn-instance vpna
    [*PE2-vpn-instance-vpna] ipv4-family
    [*PE2-vpn-instance-vpna-af-ipv4] route-distinguisher 100:1
    [*PE2-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both
    [*PE2-vpn-instance-vpna-af-ipv4] quit
    [*PE2-vpn-instance-vpna] quit
    [*PE2] interface vlanif 10
    [*PE2-Vlanif10] ip binding vpn-instance vpna
    [*PE2-Vlanif10] ip address 10.1.1.2 24
    [*PE2-Vlanif10] quit
    [*PE2] interface vlanif 100
    [*PE2-Vlanif100] ip address 1.1.1.2 24
    [*PE2-Vlanif100] quit
    [*PE2] commit

  3. Configure static routes on Server, PE1, and SwitchA.

    # Configure Server.

    The configuration of VLANs and interfaces on Server is omitted in this example.

    [~Server] ip route-static 10.1.1.0 255.255.255.0 2.1.1.1   //Configure a static route from Server to SwitchA.
    [*Server] commit

    # Configure PE1.

    [~PE1] ip route-static 10.1.1.0 24 1.1.1.2   //Configure a static route from PE1 to SwitchA.
    [*PE1] commit

    # Configure SwitchA.

    [~SwitchA] ip route-static 2.1.1.0 24 10.1.1.2   //Configure a static route from SwitchA to Server.
    [*SwitchA] commit

  4. Configure static routes on PE2 to implement connectivity between public and private networks.

    # Configure PE2.

    [~PE2] ip route-static 10.1.1.0 24 vpn-instance vpna 10.1.1.1   //Configure a static route from PE2 to SwitchA. Traffic flows out from the public network to the private network.
    [*PE2] ip route-static vpn-instance vpna 2.1.1.0 24 1.1.1.1 public   //Configure a static route from PE2 to Server. Traffic flows out from the private network to the public network.
    [*PE2] commit

Verifying the Configuration

# Check routing information about vpna on PE2. The command output shows that the static route destined for the public network segment is imported to routing information about vpna.

[~PE2] display ip routing-table vpn-instance vpna
Proto: Protocol        Pre: Preference                                                                                              
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route                                              
------------------------------------------------------------------------------                                                      
Routing Table : vpna                                                                                                                
         Destinations : 5        Routes : 5                                                                                         
                                                                                                                                     Destination/Mask    Proto   Pre  Cost        Flags NextHop         Interface                                                        
                                                                                                                                            10.1.1.0/24  Direct  0    0             D   10.1.1.2        Vlanif10                                                         
       10.1.1.2/32  Direct  0    0             D   127.0.0.1       Vlanif10                                                         
     10.1.1.255/32  Direct  0    0             D   127.0.0.1       Vlanif10                                                         
        2.1.1.0/24  Static  60   0             RD  1.1.1.1         Vlanif100                                                        
255.255.255.255/32  Direct  0    0             D   127.0.0.1       InLoopBack0                                                      

# Check the IP routing table on PE2. The command output shows that the static route destined for the private network segment is imported to the public IP routing table.

[~PE2] display ip routing-table
Proto: Protocol        Pre: Preference                                                                                              
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route                                              
------------------------------------------------------------------------------                                                      
Routing Table : _public_                                                                                                            
         Destinations : 8       Routes : 8                                                                                          
                                                                                                                                     Destination/Mask    Proto   Pre  Cost        Flags NextHop         Interface                                                        
                                                                                                                                            10.1.1.0/24  Static  60   0             RD  10.1.1.1        Vlanif10                                                         
      127.0.0.0/8   Direct  0    0             D   127.0.0.1       InLoopBack0                                                      
      127.0.0.1/32  Direct  0    0             D   127.0.0.1       InLoopBack0                                                      
127.255.255.255/32  Direct  0    0             D   127.0.0.1       InLoopBack0                                                      
        1.1.1.0/24  Direct  0    0             D   1.1.1.2         Vlanif100                                                        
        1.1.1.2/32  Direct  0    0             D   127.0.0.1       Vlanif100                                                        
      1.1.1.255/32  Direct  0    0             D   127.0.0.1       Vlanif100                                                        
255.255.255.255/32  Direct  0    0             D   127.0.0.1       InLoopBack0                                                      

# Run the ping command to verify network connectivity from SwitchA to Server.

[~SwitchA] ping 2.1.1.2
  PING 2.1.1.2: 56  data bytes, press CTRL_C to break                                                                             
    Reply from 2.1.1.2: bytes=56 Sequence=1 ttl=252 time=3 ms                                                                     
    Reply from 2.1.1.2: bytes=56 Sequence=2 ttl=252 time=4 ms                                                                     
    Reply from 2.1.1.2: bytes=56 Sequence=3 ttl=252 time=3 ms                                                                     
    Reply from 2.1.1.2: bytes=56 Sequence=4 ttl=252 time=3 ms                                                                     
    Reply from 2.1.1.2: bytes=56 Sequence=5 ttl=252 time=3 ms                                                                     
                                                                                                                                       --- 2.1.1.2 ping statistics ---                                                                                                 
    5 packet(s) transmitted                                                                                                         
    5 packet(s) received                                                                                                            
    0.00% packet loss                                                                                                               
    round-trip min/avg/max = 3/3/4 ms                                                                                               

Configuration Files

  • PE1 configuration file

    #
    sysname PE1
    #
    vlan batch 20 100
    #
    interface Vlanif20
     ip address 2.1.1.1 24
    #
    interface Vlanif100
     ip address 1.1.1.1 24
    #
    interface 10GE1/0/1
     port link-type trunk
     undo port trunk allow-pass vlan 1
     port trunk allow-pass vlan 20
    #
    interface 10GE1/0/2
     port link-type trunk
     undo port trunk allow-pass vlan 1
     port trunk allow-pass vlan 100
    #
    ip route-static 10.1.1.0 255.255.255.0 1.1.1.2
    #
    returrn
  • PE2 configuration file

    #
    sysname PE2
    #
    vlan batch 10 100
    #
    ip vpn-instance vpna
     ipv4-family
      route-distinguisher 100:1
      vpn-target 111:1 export-extcommunity
      vpn-target 111:1 import-extcommunity
    #
    interface Vlanif10
     ip binding vpn-instance vpna
     ip address 10.1.1.2 24
    #
    interface Vlanif100
     ip address 1.1.1.2 24
    #
    interface 10GE1/0/1
     port link-type trunk
     undo port trunk allow-pass vlan 1
     port trunk allow-pass vlan 10
    #
    interface 10GE1/0/2
     port link-type trunk
     undo port trunk allow-pass vlan 1
     port trunk allow-pass vlan 100
    #
    ip route-static 10.1.1.0 255.255.255.0 vpn-instance vpna 10.1.1.1
    ip route-static vpn-instance vpna 2.1.1.0 255.255.255.0 1.1.1.1 public
    #
    returrn
  • SwitchA configuration file

    #
    sysname SwitchA
    #
    vlan batch 10
    #
    interface Vlanif10
     ip address 10.1.1.1 24
    #
    interface 10GE1/0/1
     port link-type trunk
     undo port trunk allow-pass vlan 1
     port trunk allow-pass vlan 10
    #
    ip route-static 2.1.1.0 255.255.255.0 10.1.1.2
    #
    returrn
Download
Updated: 2019-10-14

Document ID: EDOC1000039339

Views: 148905

Downloads: 7850

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next