No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
S300, S500, S2700, S3700, S5700, S6700, S7700, and S9700 Series Switches Typical Configuration Examples(V100 and V200)

This document provides campus networks typical configuration examples and feature typical configuration examples. "Campus Networks Typical Configuration Examples" provides typical campus network networking modes and a variety of deployment examples."Feature Typical Configuration Examples" provides typical configuration examples of a single feature on a switch. You can configure required features after deploying a campus network.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ISP Network Deployment for Integrated Access in Large Enterprises

ISP Network Deployment for Integrated Access in Large Enterprises

Application Scenario and Service Requirements

Application Scenario

This example is applicable to the integrated Internet Service Provider (ISP) network access of large enterprises that require high bandwidth and high reliability.

Service Requirements

Large enterprises are usually connected to the backbone area of an ISP network. ISPs can provide the following access services for large enterprise customers:

  • Private line access for content service providers
  • Internet access for data centers of large enterprises
  • Internet access for users on enterprise campus networks

This scenario has the following characteristics:

  • A large number of routes
  • Flexible routing policies
  • High access bandwidth

In most cases, enterprises have the following service requirements on the ISP backbone network:

  • Access requirements

    Provide wired access for IPv4/IPv6 dual-stack services.

    Provide high-bandwidth access and multi-gigabit access, such as 10 Gbit/s and 1 Gbit/s, for different types of users.

  • Route control requirements

    Meet flexible route forwarding requirements.

    Control route advertisement and import based on routing policies.

    Control traffic routes through explicit paths of traffic engineering (TE) tunnels.

  • Reliability requirements

    Ensure bandwidth using multiple egress links.

    Ensure high reliability and service continuity for important services such as enterprise private line services.

    Provide backup functions for key network nodes to ensure reliable transmission of data services.

    Shorten the service interruption time as much as possible to ensure user experience upon an intermittent link disconnection or a device fault.

  • Security requirements

    Prevent access from unauthorized devices, as well as malicious attacks.

    Meet security compliance requirements.

    Control user access to ensure network security.

Solution Design

Networking Diagram

Figure 2-110 shows the networking diagram for integrated access of large enterprises in a project.

Figure 2-110 Networking diagram for integrated access of large enterprises

Network Design Analysis

  • Access requirements

    S12700E-8 switches equipped with X2H and X1E cards function as PE devices, and are connected to upstream P devices at the core layer and downstream Layer 3 switches (SW1 and SW2).

    The PE devices can provide two networking modes for enterprises:

    • For small-scale enterprises (such as enterprise 2 in Figure 2-110), the PE devices function as user gateways. S5735-L switches function as Layer 2 aggregation devices and are dual-homed to S12700E-8 switches through the Virtual Router Redundancy Protocol (VRRP).
    • For large-scale enterprises (such as enterprise 1 in Figure 2-110), the aggregation switches S5735-L function as user gateways and establish External Border Gateway Protocol (EBGP) peer relationships with PE devices. S12700E-8 switches learn the routes of downstream devices through EBGP and advertise routes of upstream devices to downstream devices.
  • Route control requirements

    The PE devices, P devices, and Router communicate with each other through the Open Shortest Path First (OSPF) protocol. RR1 and RR2 are route reflectors (RRs) and work in active/standby mode. The PE devices establish Internal Border Gateway Protocol (IBGP) peer relationships with the active and standby RRs to receive and forward routes.

    Multiprotocol Label Switching Traffic Engineering (MPLS TE) tunnels are established between the PE devices, P devices, and Router, and explicit paths are also deployed to implement traffic control.

  • Reliability requirements
    • MPLS TE tunnels are established between the PE devices, P devices, and Router in the core area. MPLS TE tunnels work in active/standby mode and each tunnel is configured with active and standby paths.
    • S12700E-8 switches are dual-homed to the two P devices working in active/standby mode to ensure device-level reliability.
    • Eth-Trunks in Link Aggregation Control Protocol (LACP) mode are configured on interconnected interfaces of devices to ensure link-level reliability.
    • OSPF graceful restart (GR) and BGP GR are enabled to avoid traffic interruption and route flapping caused by an active/standby switchover.
  • Security requirements
    • HMAC-SHA256 authentication is enabled on OSPFv2-enabled interfaces, and Internet Protocol Security (IPSec) is enabled in the OSPFv3 process.
    • Password authentication is configured for MPLS Resource Reservation Protocol (RSVP) TE tunnels.
    • IBGP peer relationships are established through loopback interfaces and password authentication is enabled.

Device Requirements and Versions

Table 2-156 lists the products and their software versions used in this example.

Table 2-156 Products and their software versions

Product

Software Version

S12700E-8

V200R019C10SPC500 + latest patch

S5735-L

V200R019C10SPC500 + latest patch

In this example, S12700E series switches are used as P devices, RRs, and Router.

Deployment Roadmap and Data Plan

Deployment Roadmap

The configuration roadmap is as follows:

  1. Configure interfaces, add them to corresponding VLANs, and assign IPv4 and IPv6 addresses to interfaces.
  2. Configure OSPF between PE devices, P devices, Router, and RRs. Configure BGP, and configure PE devices, P devices, and Router to establish IBGP peer relationships with RRs.
  3. Enable HMAC-SHA256 authentication on OSPF-enabled interfaces, and configure BGP peers to perform MD5 authentication when establishing TCP connections.
  4. Enable MPLS and MPLS RSVP on PE devices, P devices, and Router, and establish TE tunnels between PE devices and Router.

Data Plan

The following tables describe the data plans for VLANs, interfaces, IP addresses, routes, and services.

Table 2-157 VLAN plan

Device

Data

Description

SW1

VLAN 300

VLAN to which the interface connected to enterprise 1 belongs

SW2

VLAN 100

VLAN to which the interfaces connected to PE devices belong

VLAN 200

VLAN to which the interface connected to enterprise 2 belongs
Table 2-158 Interface and IP address plan

Device

Interface Number

VLAN to Which the Interface Belongs

IP Address

Description

PE1

Eth-Trunk 0

-

1.1.1.2/30

2001:0:0:4D9::2/64

Interface connected to P1

Eth-Trunk 1

-

1.1.1.10/30

2001:0:0:4DB::2/64

Interface connected to P2

Eth-Trunk 2

-

2.2.2.205/30

Interface connected to SW1

Eth-Trunk 3

-

3.3.3.114/29

virtual-ip: 3.3.3.113

Interface connected to SW2

Loopback 0

-

4.4.4.143/32

2001::149/128

-

PE2

Eth-Trunk 0

-

1.1.1.6/30

2001:0:0:4DA::2/64

Interface connected to P1

Eth-Trunk 1

-

1.1.1.14/30

2001:0:0:4DC::2/64

Interface connected to P2

Eth-Trunk 2

-

2.2.2.253/30

Interface connected to SW1

Eth-Trunk 3

-

3.3.3.115/29

virtual-ip: 3.3.3.113

Interface connected to SW2

Loopback 0

-

4.4.4.144/32

2001::14A/128

-

P1

Eth-Trunk 0

-

1.1.1.1/30

2001:0:0:4D9::1/64

Interface connected to PE1

Eth-Trunk 1

-

1.1.1.5/30

2001:0:0:4DA::1/64

Interface connected to PE2

Eth-Trunk 2

-

1.1.2.9/30

2001:0:0:4D8::1/64

Interface connected to P2

Eth-Trunk 3

-

1.1.2.233/30

2001:0:0:4D7::1/64

Interface connected to RR1

Eth-Trunk 4

-

1.1.2.189/30

2001:0:0:4E2::1/64

Interface connected to RR2

Eth-Trunk 5

-

1.1.2.225/30

2001:0:0:4D5::1/64

Interface connected to Router

Loopback 0

-

4.4.4.1/32

2001::21/128

-

P2

Eth-Trunk 0

-

1.1.1.9/30

2001:0:0:4DB::1/64

Interface connected to PE1

Eth-Trunk 1

-

1.1.1.13/30

2001:0:0:4DC::1/64

Interface connected to PE2

Eth-Trunk 2

-

1.1.2.10/30

2001:0:0:4D8::2/64

Interface connected to P1

Eth-Trunk 3

-

1.1.2.237/30

2001:0:0:4D6::1/64

Interface connected to RR1

Eth-Trunk 4

-

1.1.2.193/30

2001:0:0:4E1::1/64

Interface connected to RR2

Eth-Trunk 5

-

1.1.2.229/30

2001:0:0:4D4::1/64

Interface connected to Router

Loopback 0

-

4.4.4.2/32

2001::22/128

-

Router

Eth-Trunk 0

-

1.1.2.226/30

2001:0:0:4D5::2/64

Interface connected to P1

Eth-Trunk 1

-

1.1.2.230/30

2001:0:0:4D4::2/64

Interface connected to P2

Loopback 0

-

4.4.4.39/32

2001::31/128

-

RR1

Eth-Trunk 0

-

1.1.2.234/30

2001:0:0:4D7::2/64

Interface connected to P1

Eth-Trunk 1

-

1.1.2.238/30

2001:0:0:4D6::2/64

Interface connected to P2

Loopback 0

-

4.4.4.27/32

2001::15/128

-

RR2

Eth-Trunk 0

-

1.1.2.190/30

2001:0:0:4E2::2/64

Interface connected to P1

Eth-Trunk 1

-

1.1.2.194/30

2001:0:0:4E1::2/64

Interface connected to P2

Loopback 0

-

4.4.4.28/32

2001::16/128

-

SW1

Eth-Trunk 0

-

2.2.2.206/30

Interface connected to PE1

Eth-Trunk 1

-

2.2.2.254/30

Interface connected to PE2

Eth-Trunk 2

300

VLANIF 300: 5.5.5.1/24

Interface connected to enterprise 1

SW2

Eth-Trunk 0

100

VLANIF 100: 3.3.3.116/29

Interface connected to PE1

Eth-Trunk 1

Interface connected to PE2

Eth-Trunk 2

200

VLANIF 200: 6.6.6.1/24

Interface connected to enterprise 2

Deployment Procedure

Configuring PE1

  1. Configure VLANs and IP addresses for interfaces.

    # Create Eth-Trunk 0 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE1/0/0 and XGE2/0/0 to Eth-Trunk 0.

    <PE1> system-view
[PE1] ipv6 
[PE1] interface Eth-Trunk 0 
[PE1-Eth-Trunk0] undo portswitch
[PE1-Eth-Trunk0] description To_P1 
[PE1-Eth-Trunk0] ip address 1.1.1.2 255.255.255.252
[PE1-Eth-Trunk0] ipv6 enable 
[PE1-Eth-Trunk0] ipv6 address 2001:0:0:4D9::2/64
[PE1-Eth-Trunk0] mode lacp 
[PE1-Eth-Trunk0] quit
[PE1] interface XGigabitEthernet 1/0/0
[PE1-XGigabitEthernet1/0/0] eth-trunk 0
[PE1-XGigabitEthernet1/0/0] quit
[PE1] interface XGigabitEthernet 2/0/0
[PE1-XGigabitEthernet2/0/0] eth-trunk 0
[PE1-XGigabitEthernet2/0/0] quit

    # Create Eth-Trunk 1 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE1/0/1 and XGE2/0/1 to Eth-Trunk 1.

    [PE1] interface Eth-Trunk 1
[PE1-Eth-Trunk1] undo portswitch 
[PE1-Eth-Trunk1] description To_P2 
[PE1-Eth-Trunk1] ip address 1.1.1.10 255.255.255.252
[PE1-Eth-Trunk1] ipv6 enable 
[PE1-Eth-Trunk1] ipv6 address 2001:0:0:4DB::2/64
[PE1-Eth-Trunk1] mode lacp 
[PE1-Eth-Trunk1] quit
[PE1] interface XGigabitEthernet 1/0/1
[PE1-XGigabitEthernet1/0/1] eth-trunk 1
[PE1-XGigabitEthernet1/0/1] quit
[PE1] interface XGigabitEthernet 2/0/1
[PE1-XGigabitEthernet2/0/1] eth-trunk 1
[PE1-XGigabitEthernet2/0/1] quit

    # Create Eth-Trunk 2 and configure its IPv4 address. Enable LACP, and add XGE3/0/0 and XGE4/0/0 to Eth-Trunk 2.

    [PE1] interface Eth-Trunk 2
[PE1-Eth-Trunk2] undo portswitch 
[PE1-Eth-Trunk2] description To_SW1 
[PE1-Eth-Trunk2] ip address 2.2.2.205 255.255.255.252
[PE1-Eth-Trunk2] mode lacp 
[PE1-Eth-Trunk2] quit
[PE1] interface XGigabitEthernet 3/0/0
[PE1-XGigabitEthernet3/0/0] eth-trunk 2
[PE1-XGigabitEthernet3/0/0] quit
[PE1] interface XGigabitEthernet 4/0/0
[PE1-XGigabitEthernet4/0/0] eth-trunk 2
[PE1-XGigabitEthernet4/0/0] quit

    # Create Eth-Trunk 3 and configure its IPv4 address. Enable LACP, and add XGE3/0/1 and XGE4/0/1 to Eth-Trunk 3. 

    [PE1] interface Eth-Trunk 3
[PE1-Eth-Trunk3] undo portswitch 
[PE1-Eth-Trunk3] description To_SW2 
[PE1-Eth-Trunk3] ip address 3.3.3.114 255.255.255.248
[PE1-Eth-Trunk3] mode lacp 
[PE1-Eth-Trunk3] quit
[PE1] interface XGigabitEthernet 3/0/1
[PE1-XGigabitEthernet3/0/1] eth-trunk 3
[PE1-XGigabitEthernet3/0/1] quit
[PE1] interface XGigabitEthernet 4/0/1
[PE1-XGigabitEthernet4/0/1] eth-trunk 3
[PE1-XGigabitEthernet4/0/1] quit

    # Create loopback 0 and configure an IPv4 address and an IPv6 address for it.

    [PE1] interface LoopBack 0 
[PE1-LoopBack0] ip address 4.4.4.143 255.255.255.255 
[PE1-LoopBack0] ipv6 enable
[PE1-LoopBack0] ipv6 address 2001::149/128
[PE1-LoopBack0] quit

  2. Configure OSPFv2 and OSPFv3.

    # Create OSPFv2 process 1, specify the router ID, create area 0, enable GR, and configure password authentication.

    [PE1] ospf 1 router-id 4.4.4.143  
[PE1-ospf-1] silent-interface all
[PE1-ospf-1] undo silent-interface Eth-Trunk0
[PE1-ospf-1] undo silent-interface Eth-Trunk1
[PE1-ospf-1] preference 80
[PE1-ospf-1] opaque-capability enable
[PE1-ospf-1] graceful-restart
[PE1-ospf-1] bandwidth-reference 1000000
[PE1-ospf-1] enable traffic-adjustment 
[PE1-ospf-1] area 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] authentication-mode hmac-sha256 1 cipher YsHsjx_202206
[PE1-ospf-1-area-0.0.0.0] mpls-te enable
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit

    # Configure an IPSec proposal and a security association (SA).

    [PE1] ipsec proposal ah
[PE1-ipsec-proposal-ah] encapsulation-mode transport
[PE1-ipsec-proposal-ah] transform ah
[PE1-ipsec-proposal-ah] ah authentication-algorithm sha2-256
[PE1-ipsec-proposal-ah] quit
[PE1] ipsec sa ospfv3-sa
[PE1-ipsec-sa-ospfv3-sa] proposal ah
[PE1-ipsec-sa-ospfv3-sa] sa spi inbound ah 256
[PE1-ipsec-sa-ospfv3-sa] sa authentication-hex inbound ah cipher 112233445566778899aabbccddeeff00
[PE1-ipsec-sa-ospfv3-sa] sa spi outbound ah 256
[PE1-ipsec-sa-ospfv3-sa] sa authentication-hex outbound ah cipher aabbccddeeff001100aabbccddeeff00
[PE1-ipsec-sa-ospfv3-sa] quit

    # Create OSPFv3 process 1, specify the router ID, and enable GR.

    [PE1] ospfv3 1 
[PE1-ospfv3-1] router-id 4.4.4.143
[PE1-ospfv3-1] bandwidth-reference 1000000
[PE1-ospfv3-1] graceful-restart
[PE1-ospfv3-1] quit

    # Enable OSPFv2 and OSPFv3 on loopback 0.

    [PE1] interface LoopBack 0 
[PE1-LoopBack0] ospf enable 1 area 0.0.0.0 
[PE1-LoopBack0] ospfv3 1 area 0.0.0.0  
[PE1-LoopBack0] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 0 and set the network type to P2P.

    [PE1] interface Eth-Trunk 0 
[PE1-Eth-Trunk0] ospf enable 1 area 0.0.0.0 
[PE1-Eth-Trunk0] ospf network-type p2p 
[PE1-Eth-Trunk0] ospfv3 1 area 0.0.0.0
[PE1-Eth-Trunk0] ospfv3 network-type p2p
[PE1-Eth-Trunk0] ospfv3 ipsec sa ospfv3-sa
[PE1-Eth-Trunk0] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 1 and set the network type to P2P.

    [PE1] interface Eth-Trunk 1 
[PE1-Eth-Trunk1] ospf enable 1 area 0.0.0.0 
[PE1-Eth-Trunk1] ospf network-type p2p 
[PE1-Eth-Trunk1] ospfv3 1 area 0.0.0.0
[PE1-Eth-Trunk1] ospfv3 network-type p2p
[PE1-Eth-Trunk1] ospfv3 ipsec sa ospfv3-sa
[PE1-Eth-Trunk1] quit

    # Enable OSPFv2 on Eth-Trunk 2 and set the network type to P2P.

    [PE1] interface Eth-Trunk 2 
[PE1-Eth-Trunk2] ospf enable 1 area 0.0.0.0 
[PE1-Eth-Trunk2] ospf network-type p2p 
[PE1-Eth-Trunk2] quit

    # Enable OSPFv2 on Eth-Trunk 3.

    [PE1] interface Eth-Trunk 3 
[PE1-Eth-Trunk3] ospf enable 1 area 0.0.0.0 
[PE1-Eth-Trunk3] quit

  3. Configure MPLS and RSVP-TE globally and enable them on all Layer 3 interfaces of PE1.

    # Configure MPLS RSVP-TE and enable MPLS globally. 

    [PE1] mpls lsr-id 4.4.4.143
[PE1] mpls
[PE1-mpls] mpls te
[PE1-mpls] mpls rsvp-te
[PE1-mpls] mpls rsvp-te hello
[PE1-mpls] mpls rsvp-te srefresh
[PE1-mpls] quit

    # Establish RSVP peer relationships and enable MD5 authentication.

    [PE1] mpls rsvp-te peer 1.1.1.1 
[PE1-mpls-rsvp-te-peer-1.1.1.1] mpls rsvp-te authentication cipher YsHsjx_202206
[PE1-mpls-rsvp-te-peer-1.1.1.1] quit
[PE1] mpls rsvp-te peer 1.1.1.9 
[PE1-mpls-rsvp-te-peer-1.1.1.9] mpls rsvp-te authentication cipher YsHsjx_202206
[PE1-mpls-rsvp-te-peer-1.1.1.9] quit

    # Enable MPLS and RSVP-TE on Layer 3 interfaces of P1 connected to P devices.

    [PE1] interface Eth-Trunk 0 
[PE1-Eth-Trunk0] mpls
[PE1-Eth-Trunk0] mpls te
[PE1-Eth-Trunk0] mpls rsvp-te
[PE1-Eth-Trunk0] mpls rsvp-te hello
[PE1-Eth-Trunk0] quit
[PE1] interface Eth-Trunk 1 
[PE1-Eth-Trunk1] mpls
[PE1-Eth-Trunk1] mpls te
[PE1-Eth-Trunk1] mpls rsvp-te
[PE1-Eth-Trunk1] mpls rsvp-te hello
[PE1-Eth-Trunk1] quit

  4. Configure TE tunnels and their explicit paths.

    # Configure explicit paths for TE tunnels. 

    [PE1] explicit-path TO-P1-1
[PE1-explicit-path-TO-P1-1] next hop 1.1.1.1
[PE1-explicit-path-TO-P1-1] quit
[PE1] explicit-path TO-P1-2
[PE1-explicit-path-TO-P1-2] next hop 1.1.1.9
[PE1-explicit-path-TO-P1-2] next hop 1.1.2.9
[PE1-explicit-path-TO-P1-2] quit
[PE1] explicit-path TO-P2-1
[PE1-explicit-path-TO-P2-1] next hop 1.1.1.9
[PE1-explicit-path-TO-P2-1] quit
[PE1] explicit-path TO-P2-2
[PE1-explicit-path-TO-P2-2] next hop 1.1.1.1
[PE1-explicit-path-TO-P2-2] next hop 1.1.2.10
[PE1-explicit-path-TO-P2-2] quit
[PE1] explicit-path TO-PE2-1
[PE1-explicit-path-TO-PE2-1] next hop 1.1.1.1
[PE1-explicit-path-TO-PE2-1] next hop 1.1.1.6
[PE1-explicit-path-TO-PE2-1] quit
[PE1] explicit-path TO-PE2-2
[PE1-explicit-path-TO-PE2-2] next hop 1.1.1.9
[PE1-explicit-path-TO-PE2-2] next hop 1.1.1.14
[PE1-explicit-path-TO-PE2-2] quit
[PE1] explicit-path TO-ROUTER-1
[PE1-explicit-path-TO-ROUTER-1] next hop 1.1.1.1
[PE1-explicit-path-TO-ROUTER-1] next hop 1.1.2.226
[PE1-explicit-path-TO-ROUTER-1] quit
[PE1] explicit-path TO-ROUTER-2
[PE1-explicit-path-TO-ROUTER-2] next hop 1.1.1.9
[PE1-explicit-path-TO-ROUTER-2] next hop 1.1.2.230
[PE1-explicit-path-TO-ROUTER-2] quit

    # Configure TE tunnels.

    [PE1] interface Tunnel1
[PE1-Tunnel1] ip address unnumbered interface LoopBack0
[PE1-Tunnel1] tunnel-protocol mpls te
[PE1-Tunnel1] destination 4.4.4.1
[PE1-Tunnel1] mpls te tunnel-id 1
[PE1-Tunnel1] mpls te signalled tunnel-name pe1->P1-1
[PE1-Tunnel1] mpls te record-route label
[PE1-Tunnel1] mpls te path explicit-path TO-P1-1
[PE1-Tunnel1] mpls te path explicit-path TO-P1-2 secondary
[PE1-Tunnel1] mpls te backup hot-standby 
[PE1-Tunnel1] mpls te igp shortcut ospf
[PE1-Tunnel1] mpls te igp metric absolute 10
[PE1-Tunnel1] mpls te reserved-for-binding
[PE1-Tunnel1] ospf enable 1 area 0.0.0.0
[PE1-Tunnel1] mpls
[PE1-Tunnel1] mpls te commit
[PE1-Tunnel1] quit
[PE1] interface Tunnel2
[PE1-Tunnel2] ip address unnumbered interface LoopBack0
[PE1-Tunnel2] tunnel-protocol mpls te
[PE1-Tunnel2] destination 4.4.4.2
[PE1-Tunnel2] mpls te tunnel-id 2
[PE1-Tunnel2] mpls te signalled tunnel-name pe1->P2-1
[PE1-Tunnel2] mpls te record-route label
[PE1-Tunnel2] mpls te path explicit-path TO-P2-1
[PE1-Tunnel2] mpls te path explicit-path TO-P2-2 secondary
[PE1-Tunnel2] mpls te backup hot-standby 
[PE1-Tunnel2] mpls te igp shortcut ospf
[PE1-Tunnel2] mpls te igp metric absolute 10
[PE1-Tunnel2] mpls te reserved-for-binding
[PE1-Tunnel2] ospf enable 1 area 0.0.0.0
[PE1-Tunnel2] mpls
[PE1-Tunnel2] mpls te commit
[PE1-Tunnel2] quit
[PE1] interface Tunnel3
[PE1-Tunnel3] ip address unnumbered interface LoopBack0
[PE1-Tunnel3] tunnel-protocol mpls te
[PE1-Tunnel3] destination 4.4.4.39
[PE1-Tunnel3] mpls te tunnel-id 19
[PE1-Tunnel3] mpls te signalled tunnel-name pe1->router-1
[PE1-Tunnel3] mpls te record-route label
[PE1-Tunnel3] mpls te path explicit-path TO-ROUTER-1
[PE1-Tunnel3] mpls te path explicit-path TO-ROUTER-2 secondary
[PE1-Tunnel3] mpls te backup hot-standby 
[PE1-Tunnel3] mpls te igp shortcut ospf
[PE1-Tunnel3] mpls te igp metric absolute 10
[PE1-Tunnel3] mpls te reserved-for-binding
[PE1-Tunnel3] ospf enable 1 area 0.0.0.0
[PE1-Tunnel3] mpls
[PE1-Tunnel3] mpls te commit
[PE1-Tunnel3] quit
[PE1] interface Tunnel4
[PE1-Tunnel4] ip address unnumbered interface LoopBack0
[PE1-Tunnel4] tunnel-protocol mpls te
[PE1-Tunnel4] destination 4.4.4.39
[PE1-Tunnel4] mpls te tunnel-id 20
[PE1-Tunnel4] mpls te signalled tunnel-name pe1->router-2
[PE1-Tunnel4] mpls te record-route label
[PE1-Tunnel4] mpls te path explicit-path TO-ROUTER-2
[PE1-Tunnel4] mpls te path explicit-path TO-ROUTER-1 secondary
[PE1-Tunnel4] mpls te backup hot-standby 
[PE1-Tunnel4] mpls te igp shortcut ospf
[PE1-Tunnel4] mpls te igp metric absolute 10
[PE1-Tunnel4] mpls te reserved-for-binding
[PE1-Tunnel4] ospf enable 1 area 0.0.0.0
[PE1-Tunnel4] mpls
[PE1-Tunnel4] mpls te commit
[PE1-Tunnel4] quit
[PE1] interface Tunnel5
[PE1-Tunnel5] ip address unnumbered interface LoopBack0
[PE1-Tunnel5] tunnel-protocol mpls te
[PE1-Tunnel5] destination 4.4.4.144
[PE1-Tunnel5] mpls te tunnel-id 69
[PE1-Tunnel5] mpls te signalled tunnel-name pe1->pe2-1
[PE1-Tunnel5] mpls te record-route label
[PE1-Tunnel5] mpls te path explicit-path TO-PE2-1
[PE1-Tunnel5] mpls te path explicit-path TO-PE2-2 secondary
[PE1-Tunnel5] mpls te backup hot-standby 
[PE1-Tunnel5] mpls te igp shortcut ospf
[PE1-Tunnel5] mpls te igp metric absolute 10
[PE1-Tunnel5] mpls te reserved-for-binding
[PE1-Tunnel5] ospf enable 1 area 0.0.0.0
[PE1-Tunnel5] mpls
[PE1-Tunnel5] mpls te commit
[PE1-Tunnel5] quit
[PE1] interface Tunnel6
[PE1-Tunnel6] ip address unnumbered interface LoopBack0
[PE1-Tunnel6] tunnel-protocol mpls te
[PE1-Tunnel6] destination 4.4.4.144
[PE1-Tunnel6] mpls te tunnel-id 70
[PE1-Tunnel6] mpls te signalled tunnel-name pe1->pe2-2
[PE1-Tunnel6] mpls te record-route label
[PE1-Tunnel6] mpls te path explicit-path TO-PE2-2
[PE1-Tunnel6] mpls te path explicit-path TO-PE2-1 secondary
[PE1-Tunnel6] mpls te backup hot-standby 
[PE1-Tunnel6] mpls te igp shortcut ospf
[PE1-Tunnel6] mpls te igp metric absolute 10
[PE1-Tunnel6] mpls te reserved-for-binding
[PE1-Tunnel6] ospf enable 1 area 0.0.0.0
[PE1-Tunnel6] mpls
[PE1-Tunnel6] mpls te commit
[PE1-Tunnel6] quit

  5. Configure BGP and BGP4+, and configure PE1 to establish IBGP peer relationships with RR1 and RR2 and establish an EBGP peer relationship with SW1.

    # Start the BGP process and configure BGP peers.

    [PE1] bgp 2519
[PE1-bgp] router-id 4.4.4.143
[PE1-bgp] graceful-restart
[PE1-bgp] group IPv6-PRIVATEAS_CUSTOMER external
[PE1-bgp] group PRIVATEAS_CUSTOMER external
[PE1-bgp] peer 2.2.2.206 as-number 64901
[PE1-bgp] peer 2.2.2.206 group PRIVATEAS_CUSTOMER
[PE1-bgp] peer 2.2.2.206 password cipher YsHsjx_202206
[PE1-bgp] group iBGP internal
[PE1-bgp] peer iBGP connect-interface LoopBack0
[PE1-bgp] peer 4.4.4.27 as-number 2519
[PE1-bgp] peer 4.4.4.27 group iBGP
[PE1-bgp] peer 4.4.4.27 password cipher YsHsjx_202206
[PE1-bgp] peer 4.4.4.28 as-number 2519
[PE1-bgp] peer 4.4.4.28 group iBGP
[PE1-bgp] peer 4.4.4.28 password cipher YsHsjx_202206
[PE1-bgp] peer 2001::15 as-number 2519
[PE1-bgp] peer 2001::15 group iBGP
[PE1-bgp] peer 2001::15 password cipher YsHsjx_202206
[PE1-bgp] peer 2001::16 as-number 2519
[PE1-bgp] peer 2001::16 group iBGP
[PE1-bgp] peer 2001::16 password cipher YsHsjx_202206
[PE1-bgp] ipv4-family unicast
[PE1-bgp-af-ipv4] undo synchronization
[PE1-bgp-af-ipv4] preference 170 170 130
[PE1-bgp-af-ipv4] peer PRIVATEAS_CUSTOMER advertise-community
[PE1-bgp-af-ipv4] peer iBGP next-hop-local
[PE1-bgp-af-ipv4] peer iBGP advertise-community
[PE1-bgp-af-ipv4] quit

    # Configure BGP4+ peers.

    [PE1-bgp] ipv6-family unicast
[PE1-bgp-af-ipv6] undo synchronization
[PE1-bgp-af-ipv6] preference 170 170 130
[PE1-bgp-af-ipv6] peer IPv6-PRIVATEAS_CUSTOMER enable
[PE1-bgp-af-ipv6] peer IPv6-PRIVATEAS_CUSTOMER advertise-community
[PE1-bgp-af-ipv6] peer iBGP enable
[PE1-bgp-af-ipv6] peer iBGP next-hop-local
[PE1-bgp-af-ipv6] peer iBGP advertise-community
[PE1-bgp-af-ipv6] peer 2001::15 enable
[PE1-bgp-af-ipv6] peer 2001::15 group iBGP
[PE1-bgp-af-ipv6] peer 2001::16 enable
[PE1-bgp-af-ipv6] peer 2001::16 group iBGP
[PE1-bgp-af-ipv6] quit
[PE1-bgp] quit

    # Configure BGP routing policies to advertise only the default routes to enterprises. Configure a routing policy to import static routes to the BGP routing table. 

    [PE1] ip ip-prefix DEFAULT-ROUTE index 5 permit 0.0.0.0 0
[PE1] route-policy PRIVATEAS_CUSTOMER-DEFAULT-OUT permit node 100
[PE1-route-policy] if-match ip-prefix DEFAULT-ROUTE
[PE1-route-policy] apply community no-export
[PE1-route-policy] quit
[PE1] route-policy PRIVATEAS_CUSTOMER-DEFAULT-OUT deny node 200
[PE1-route-policy] quit
[PE1] route-policy DENY-ANY_ROUTE-OUT deny node 100
[PE1-route-policy] quit
[PE1] route-policy STATIC-to-BGP permit node 200
[PE1-route-policy] if-match tag 2519
[PE1-route-policy] apply local-preference 10000
[PE1-route-policy] apply origin igp
[PE1-route-policy] apply community 2519:1
[PE1-route-policy] quit

    # Apply the BGP routing policies.

    [PE1] bgp 2519
[PE1-bgp] ipv4-family unicast
[PE1-bgp-af-ipv4] import-route static route-policy STATIC-to-BGP
[PE1-bgp-af-ipv4] peer 2.2.2.206 route-policy DENY-ANY_ROUTE-OUT export
[PE1-bgp-af-ipv4] peer 2.2.2.206 default-route-advertise route-policy PRIVATEAS_CUSTOMER-DEFAULT-OUT conditional-route-match-any 0.0.0.0 0.0.0.0
[PE1-bgp-af-ipv4] quit
[PE1-bgp] ipv6-family unicast
[PE1-bgp-af-ipv6] import-route static route-policy STATIC-to-BGP
[PE1-bgp-af-ipv6] quit 
[PE1-bgp] quit

  6. Configure VRRP and static routes for access of SW2.

    # Configure VRRP on the interface of PE1 connected to SW2.

    [PE1] interface Eth-Trunk3
[PE1-Eth-Trunk3] vrrp vrid 1 virtual-ip 3.3.3.113
[PE1-Eth-Trunk3] vrrp vrid 1 priority 150
[PE1-Eth-Trunk3] vrrp vrid 1 preempt-mode timer delay 120
[PE1-Eth-Trunk3] vrrp vrid 1 track interface Eth-Trunk0 reduced 30
[PE1-Eth-Trunk3] vrrp vrid 1 track interface Eth-Trunk1 reduced 30
[PE1-Eth-Trunk3] vrrp vrid 1 authentication-mode md5 ***
[PE1-Eth-Trunk3] ospf cost 10000
[PE1-Eth-Trunk3] ospf enable 1 area 0.0.0.0
[PE1-Eth-Trunk3] quit

    # Configure static routes for communication with SW2.

    [PE1] ip route-static 6.6.6.0 255.255.255.0 Eth-Trunk 3 3.3.3.116 tag 2519

Configuring PE2

  1. Configure interfaces connected to devices.

    # Create Eth-Trunk 0 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE1/0/0 and XGE2/0/0 to Eth-Trunk 0.

    <PE2> system-view
[PE2] ipv6 
[PE2] interface Eth-Trunk 0 
[PE2-Eth-Trunk0] undo portswitch
[PE2-Eth-Trunk0] description To_P1 
[PE2-Eth-Trunk0] ip address 1.1.1.6 255.255.255.252
[PE2-Eth-Trunk0] ipv6 enable 
[PE2-Eth-Trunk0] ipv6 address 2001:0:0:4DA::2/64
[PE2-Eth-Trunk0] mode lacp 
[PE2-Eth-Trunk0] quit
[PE2] interface XGigabitEthernet 1/0/0
[PE2-XGigabitEthernet1/0/0] eth-trunk 0
[PE2-XGigabitEthernet1/0/0] quit
[PE2] interface XGigabitEthernet 2/0/0
[PE2-XGigabitEthernet2/0/0] eth-trunk 0
[PE2-XGigabitEthernet2/0/0] quit

    # Create Eth-Trunk 1 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE1/0/1 and XGE2/0/1 to Eth-Trunk 1.

    [PE2] interface Eth-Trunk 1
[PE2-Eth-Trunk1] undo portswitch 
[PE2-Eth-Trunk1] description To_P2 
[PE2-Eth-Trunk1] ip address 1.1.1.14 255.255.255.252
[PE2-Eth-Trunk1] ipv6 enable 
[PE2-Eth-Trunk1] ipv6 address 2001:0:0:4DC::2/64
[PE2-Eth-Trunk1] mode lacp 
[PE2-Eth-Trunk1] quit
[PE2] interface XGigabitEthernet 1/0/1
[PE2-XGigabitEthernet1/0/1] eth-trunk 1
[PE2-XGigabitEthernet1/0/1] quit
[PE2] interface XGigabitEthernet 2/0/1
[PE2-XGigabitEthernet2/0/1] eth-trunk 1
[PE2-XGigabitEthernet2/0/1] quit

    # Create Eth-Trunk 2 and configure its IPv4 address. Enable LACP, and add XGE3/0/0 and XGE4/0/0 to Eth-Trunk 2. 

    [PE2] interface Eth-Trunk 2
[PE2-Eth-Trunk2] undo portswitch 
[PE2-Eth-Trunk2] description To_SW1 
[PE2-Eth-Trunk2] ip address 2.2.2.253 255.255.255.252
[PE2-Eth-Trunk2] mode lacp 
[PE2-Eth-Trunk2] quit
[PE2] interface XGigabitEthernet 3/0/0
[PE2-XGigabitEthernet3/0/0] eth-trunk 2
[PE2-XGigabitEthernet3/0/0] quit
[PE2] interface XGigabitEthernet 4/0/0
[PE2-XGigabitEthernet4/0/0] eth-trunk 2
[PE2-XGigabitEthernet4/0/0] quit

    # Create Eth-Trunk 3 and configure its IPv4 address. Enable LACP, and add XGE3/0/1 and XGE4/0/1 to Eth-Trunk 3. 

    [PE2] interface Eth-Trunk 3
[PE2-Eth-Trunk3] undo portswitch 
[PE2-Eth-Trunk3] description To_SW2 
[PE2-Eth-Trunk3] ip address 3.3.3.115 255.255.255.248
[PE2-Eth-Trunk3] mode lacp 
[PE2-Eth-Trunk3] quit
[PE2] interface XGigabitEthernet 3/0/1
[PE2-XGigabitEthernet3/0/1] eth-trunk 3
[PE2-XGigabitEthernet3/0/1] quit
[PE2] interface XGigabitEthernet 4/0/1
[PE2-XGigabitEthernet4/0/1] eth-trunk 3
[PE2-XGigabitEthernet4/0/1] quit

    # Create loopback 0 and configure an IPv4 address and an IPv6 address for it.

    [PE2] interface LoopBack 0 
[PE2-LoopBack0] ip address 4.4.4.144 255.255.255.255 
[PE2-LoopBack0] ipv6 enable
[PE2-LoopBack0] ipv6 address 2001::14A/128
[PE2-LoopBack0] quit

  2. Configure OSPFv2 and OSPFv3.

    # Create OSPFv2 process 1, specify the router ID, create area 0, enable GR, and configure password authentication. 

    [PE2] ospf 1 router-id 4.4.4.144 
[PE2-ospf-1] silent-interface all
[PE2-ospf-1] undo silent-interface Eth-Trunk0
[PE2-ospf-1] undo silent-interface Eth-Trunk1
[PE2-ospf-1] preference 80
[PE2-ospf-1] opaque-capability enable
[PE2-ospf-1] graceful-restart
[PE2-ospf-1] bandwidth-reference 1000000
[PE2-ospf-1] enable traffic-adjustment 
[PE2-ospf-1] area 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] authentication-mode hmac-sha256 1 cipher YsHsjx_202206
[PE2-ospf-1-area-0.0.0.0] mpls-te enable
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] quit

    # Configure an IPSec proposal and an SA.

    [PE2] ipsec proposal ah
[PE2-ipsec-proposal-ah] encapsulation-mode transport
[PE2-ipsec-proposal-ah] transform ah
[PE2-ipsec-proposal-ah] ah authentication-algorithm sha2-256
[PE2-ipsec-proposal-ah] quit
[PE2] ipsec sa ospfv3-sa
[PE2-ipsec-sa-ospfv3-sa] proposal ah
[PE2-ipsec-sa-ospfv3-sa] sa spi inbound ah 256
[PE2-ipsec-sa-ospfv3-sa] sa authentication-hex inbound ah cipher 112233445566778899aabbccddeeff00
[PE2-ipsec-sa-ospfv3-sa] sa spi outbound ah 256
[PE2-ipsec-sa-ospfv3-sa] sa authentication-hex outbound ah cipher aabbccddeeff001100aabbccddeeff00
[PE2-ipsec-sa-ospfv3-sa] quit

    # Create OSPFv3 process 1, specify the router ID, and enable GR.

    [PE2] ospfv3 1 
[PE2-ospfv3-1] router-id 4.4.4.144
[PE2-ospfv3-1] bandwidth-reference 1000000
[PE2-ospfv3-1] graceful-restart
[PE2-ospfv3-1] quit

    # Enable OSPFv2 and OSPFv3 on loopback 0.

    [PE2] interface LoopBack 0 
[PE2-LoopBack0] ospf enable 1 area 0.0.0.0 
[PE2-LoopBack0] ospfv3 1 area 0.0.0.0  
[PE2-LoopBack0] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 0 and set the network type to P2P.

    [PE2] interface Eth-Trunk 0 
[PE2-Eth-Trunk0] ospf enable 1 area 0.0.0.0 
[PE2-Eth-Trunk0] ospf network-type p2p 
[PE2-Eth-Trunk0] ospfv3 1 area 0.0.0.0
[PE2-Eth-Trunk0] ospfv3 network-type p2p
[PE2-Eth-Trunk0] ospfv3 ipsec sa ospfv3-sa
[PE2-Eth-Trunk0] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 1 and set the network type to P2P. 

    [PE2] interface Eth-Trunk 1 
[PE2-Eth-Trunk1] ospf enable 1 area 0.0.0.0 
[PE2-Eth-Trunk1] ospf network-type p2p 
[PE2-Eth-Trunk1] ospfv3 1 area 0.0.0.0
[PE2-Eth-Trunk1] ospfv3 network-type p2p
[PE2-Eth-Trunk1] ospfv3 ipsec sa ospfv3-sa
[PE2-Eth-Trunk1] quit

    # Enable OSPFv2 on Eth-Trunk 2 and set the network type to P2P. 

    [PE2] interface Eth-Trunk 2 
[PE2-Eth-Trunk2] ospf enable 1 area 0.0.0.0 
[PE2-Eth-Trunk2] ospf network-type p2p 
[PE2-Eth-Trunk2] quit

    # Enable OSPFv2 on Eth-Trunk 3.

    [PE2] interface Eth-Trunk 3 
[PE2-Eth-Trunk3] ospf enable 1 area 0.0.0.0 
[PE2-Eth-Trunk3] quit

  3. Configure MPLS and RSVP-TE globally and enable them on all Layer 3 interfaces of PE2.

    # Configure MPLS RSVP-TE and enable MPLS globally. 

    [PE2] mpls lsr-id 4.4.4.144
[PE2] mpls
[PE2-mpls] mpls te
[PE2-mpls] mpls rsvp-te
[PE2-mpls] mpls rsvp-te hello
[PE2-mpls] mpls rsvp-te srefresh
[PE2-mpls] quit

    # Establish RSVP peer relationships and enable MD5 authentication.

    [PE2] mpls rsvp-te peer 1.1.1.5 
[PE2-mpls-rsvp-te-peer-1.1.1.5] mpls rsvp-te authentication cipher YsHsjx_202206
[PE2-mpls-rsvp-te-peer-1.1.1.5] quit
[PE2] mpls rsvp-te peer 1.1.1.13 
[PE2-mpls-rsvp-te-peer-1.1.1.13] mpls rsvp-te authentication cipher YsHsjx_202206
[PE2-mpls-rsvp-te-peer-1.1.1.13] quit

    # Enable MPLS and RSVP-TE on Layer 3 interfaces of PE2 connected to P devices.

    [PE2] interface Eth-Trunk 0 
[PE2-Eth-Trunk0] mpls
[PE2-Eth-Trunk0] mpls te
[PE2-Eth-Trunk0] mpls rsvp-te
[PE2-Eth-Trunk0] mpls rsvp-te hello
[PE2-Eth-Trunk0] quit
[PE2] interface Eth-Trunk 1 
[PE2-Eth-Trunk1] mpls
[PE2-Eth-Trunk1] mpls te
[PE2-Eth-Trunk1] mpls rsvp-te
[PE2-Eth-Trunk1] mpls rsvp-te hello
[PE2-Eth-Trunk1] quit

  4. Configure TE tunnels and their explicit paths.

    # Configure explicit paths for TE tunnels. 

    [PE2] explicit-path TO-P1-1
[PE2-explicit-path-TO-P1-1] next hop 1.1.1.5
[PE2-explicit-path-TO-P1-1] quit
[PE2] explicit-path TO-P1-2
[PE2-explicit-path-TO-P1-2] next hop 1.1.1.13
[PE2-explicit-path-TO-P1-2] next hop 1.1.2.9
[PE2-explicit-path-TO-P1-2] quit
[PE2] explicit-path TO-P2-1
[PE2-explicit-path-TO-P2-1] next hop 1.1.1.13
[PE2-explicit-path-TO-P2-1] quit
[PE2] explicit-path TO-P2-2
[PE2-explicit-path-TO-P2-2] next hop 1.1.1.5
[PE2-explicit-path-TO-P2-2] next hop 1.1.2.10
[PE2-explicit-path-TO-P2-2] quit
[PE2] explicit-path TO-PE1-1
[PE2-explicit-path-TO-PE1-1] next hop 1.1.1.5
[PE2-explicit-path-TO-PE1-1] next hop 1.1.1.2
[PE2-explicit-path-TO-PE1-1] quit
[PE2] explicit-path TO-PE1-2
[PE2-explicit-path-TO-PE1-2] next hop 1.1.1.13
[PE2-explicit-path-TO-PE1-2] next hop 1.1.1.10
[PE2-explicit-path-TO-PE1-2] quit
[PE2] explicit-path TO-ROUTER-1
[PE2-explicit-path-TO-ROUTER-1] next hop 1.1.1.5
[PE2-explicit-path-TO-ROUTER-1] next hop 1.1.2.226
[PE2-explicit-path-TO-ROUTER-1] quit
[PE2] explicit-path TO-ROUTER-2
[PE2-explicit-path-TO-ROUTER-2] next hop 1.1.1.13
[PE2-explicit-path-TO-ROUTER-2] next hop 1.1.2.230
[PE2-explicit-path-TO-ROUTER-2] quit

    # Configure TE tunnels.

    [PE2] interface Tunnel1
[PE2-Tunnel1] ip address unnumbered interface LoopBack0
[PE2-Tunnel1] tunnel-protocol mpls te
[PE2-Tunnel1] destination 4.4.4.1
[PE2-Tunnel1] mpls te tunnel-id 1
[PE2-Tunnel1] mpls te signalled tunnel-name pe2->P1-1
[PE2-Tunnel1] mpls te record-route label
[PE2-Tunnel1] mpls te path explicit-path TO-P1-1
[PE2-Tunnel1] mpls te path explicit-path TO-P1-2 secondary
[PE2-Tunnel1] mpls te backup hot-standby 
[PE2-Tunnel1] mpls te igp shortcut ospf
[PE2-Tunnel1] mpls te igp metric absolute 10
[PE2-Tunnel1] mpls te reserved-for-binding
[PE2-Tunnel1] ospf enable 1 area 0.0.0.0
[PE2-Tunnel1] mpls
[PE2-Tunnel1] mpls te commit
[PE2-Tunnel1] quit
[PE2] interface Tunnel2
[PE2-Tunnel2] ip address unnumbered interface LoopBack0
[PE2-Tunnel2] tunnel-protocol mpls te
[PE2-Tunnel2] destination 4.4.4.2
[PE2-Tunnel2] mpls te tunnel-id 2
[PE2-Tunnel2] mpls te signalled tunnel-name pe2->P2-1
[PE2-Tunnel2] mpls te record-route label
[PE2-Tunnel2] mpls te path explicit-path TO-P2-1
[PE2-Tunnel2] mpls te path explicit-path TO-P2-2 secondary
[PE2-Tunnel2] mpls te backup hot-standby 
[PE2-Tunnel2] mpls te igp shortcut ospf
[PE2-Tunnel2] mpls te igp metric absolute 10
[PE2-Tunnel2] mpls te reserved-for-binding
[PE2-Tunnel2] ospf enable 1 area 0.0.0.0
[PE2-Tunnel2] mpls
[PE2-Tunnel2] mpls te commit
[PE2-Tunnel2] quit
[PE2] interface Tunnel3
[PE2-Tunnel3] ip address unnumbered interface LoopBack0
[PE2-Tunnel3] tunnel-protocol mpls te
[PE2-Tunnel3] destination 4.4.4.39
[PE2-Tunnel3] mpls te tunnel-id 3
[PE2-Tunnel3] mpls te signalled tunnel-name pe2->router-1
[PE2-Tunnel3] mpls te record-route label
[PE2-Tunnel3] mpls te path explicit-path TO-ROUTER-1
[PE2-Tunnel3] mpls te path explicit-path TO-ROUTER-2 secondary
[PE2-Tunnel3] mpls te backup hot-standby 
[PE2-Tunnel3] mpls te igp shortcut ospf
[PE2-Tunnel3] mpls te igp metric absolute 10
[PE2-Tunnel3] mpls te reserved-for-binding
[PE2-Tunnel3] ospf enable 1 area 0.0.0.0
[PE2-Tunnel3] mpls
[PE2-Tunnel3] mpls te commit
[PE2-Tunnel3] quit
[PE2] interface Tunnel4
[PE2-Tunnel4] ip address unnumbered interface LoopBack0
[PE2-Tunnel4] tunnel-protocol mpls te
[PE2-Tunnel4] destination 4.4.4.39
[PE2-Tunnel4] mpls te tunnel-id 4
[PE2-Tunnel4] mpls te signalled tunnel-name pe2->router-2
[PE2-Tunnel4] mpls te record-route label
[PE2-Tunnel4] mpls te path explicit-path TO-ROUTER-2
[PE2-Tunnel4] mpls te path explicit-path TO-ROUTER-1 secondary
[PE2-Tunnel4] mpls te backup hot-standby 
[PE2-Tunnel4] mpls te igp shortcut ospf
[PE2-Tunnel4] mpls te igp metric absolute 10
[PE2-Tunnel4] mpls te reserved-for-binding
[PE2-Tunnel4] ospf enable 1 area 0.0.0.0
[PE2-Tunnel4] mpls
[PE2-Tunnel4] mpls te commit
[PE2-Tunnel4] quit
[PE2] interface Tunnel5
[PE2-Tunnel5] ip address unnumbered interface LoopBack0
[PE2-Tunnel5] tunnel-protocol mpls te
[PE2-Tunnel5] destination 4.4.4.143
[PE2-Tunnel5] mpls te tunnel-id 5
[PE2-Tunnel5] mpls te signalled tunnel-name pe2->pe1-1
[PE2-Tunnel5] mpls te record-route label
[PE2-Tunnel5] mpls te path explicit-path TO-PE1-1
[PE2-Tunnel5] mpls te path explicit-path TO-PE1-2 secondary
[PE2-Tunnel5] mpls te backup hot-standby 
[PE2-Tunnel5] mpls te igp shortcut ospf
[PE2-Tunnel5] mpls te igp metric absolute 10
[PE2-Tunnel5] mpls te reserved-for-binding
[PE2-Tunnel5] ospf enable 1 area 0.0.0.0
[PE2-Tunnel5] mpls
[PE2-Tunnel5] mpls te commit
[PE2-Tunnel5] quit
[PE2] interface Tunnel6
[PE2-Tunnel6] ip address unnumbered interface LoopBack0
[PE2-Tunnel6] tunnel-protocol mpls te
[PE2-Tunnel6] destination 4.4.4.143
[PE2-Tunnel6] mpls te tunnel-id 6
[PE2-Tunnel6] mpls te signalled tunnel-name pe2->pe1-2
[PE2-Tunnel6] mpls te record-route label
[PE2-Tunnel6] mpls te path explicit-path TO-PE1-2
[PE2-Tunnel6] mpls te path explicit-path TO-PE1-1 secondary
[PE2-Tunnel6] mpls te backup hot-standby 
[PE2-Tunnel6] mpls te igp shortcut ospf
[PE2-Tunnel6] mpls te igp metric absolute 10
[PE2-Tunnel6] mpls te reserved-for-binding
[PE2-Tunnel6] ospf enable 1 area 0.0.0.0
[PE2-Tunnel6] mpls
[PE2-Tunnel6] mpls te commit
[PE2-Tunnel6] quit

  5. Configure BGP and BGP4+, and configure PE2 to establish IBGP peer relationships with RR1 and RR2 and establish an EBGP peer relationship with SW1.

    # Start the BGP process and configure BGP peers.

    [PE2] bgp 2519
[PE2-bgp] router-id 4.4.4.144
[PE2-bgp] graceful-restart
[PE2-bgp] group IPv6-PRIVATEAS_CUSTOMER external
[PE2-bgp] group PRIVATEAS_CUSTOMER external
[PE2-bgp] peer 2.2.2.254 as-number 64901
[PE2-bgp] peer 2.2.2.254 group PRIVATEAS_CUSTOMER
[PE2-bgp] peer 2.2.2.254 password cipher ***
[PE2-bgp] group iBGP internal
[PE2-bgp] peer iBGP connect-interface LoopBack0
[PE2-bgp] peer 4.4.4.27 as-number 2519
[PE2-bgp] peer 4.4.4.27 group iBGP
[PE2-bgp] peer 4.4.4.27 password cipher YsHsjx_202206
[PE2-bgp] peer 4.4.4.28 as-number 2519
[PE2-bgp] peer 4.4.4.28 group iBGP
[PE2-bgp] peer 4.4.4.28 password cipher YsHsjx_202206
[PE2-bgp] peer 2001::15 as-number 2519
[PE2-bgp] peer 2001::15 group iBGP
[PE2-bgp] peer 2001::15 password cipher YsHsjx_202206
[PE2-bgp] peer 2001::16 as-number 2519
[PE2-bgp] peer 2001::16 group iBGP
[PE2-bgp] peer 2001::16 password cipher YsHsjx_202206
[PE2-bgp] ipv4-family unicast
[PE2-bgp-af-ipv4] undo synchronization
[PE2-bgp-af-ipv4] preference 170 170 130
[PE2-bgp-af-ipv4] peer PRIVATEAS_CUSTOMER advertise-community
[PE2-bgp-af-ipv4] peer iBGP next-hop-local
[PE2-bgp-af-ipv4] peer iBGP advertise-community
[PE2-bgp-af-ipv4] quit

    # Configure BGP4+ peers.

    [PE2-bgp] ipv6-family unicast
[PE2-bgp-af-ipv6] undo synchronization
[PE2-bgp-af-ipv6] preference 170 170 130
[PE2-bgp-af-ipv6] peer IPv6-PRIVATEAS_CUSTOMER enable
[PE2-bgp-af-ipv6] peer IPv6-PRIVATEAS_CUSTOMER advertise-community
[PE2-bgp-af-ipv6] peer iBGP enable
[PE2-bgp-af-ipv6] peer iBGP next-hop-local
[PE2-bgp-af-ipv6] peer iBGP advertise-community
[PE2-bgp-af-ipv6] peer 2001::15 enable
[PE2-bgp-af-ipv6] peer 2001::15 group iBGP
[PE2-bgp-af-ipv6] peer 2001::16 enable
[PE2-bgp-af-ipv6] peer 2001::16 group iBGP
[PE2-bgp-af-ipv6] quit
[PE2-bgp] quit

    # Configure BGP routing policies.

    [PE2] ip ip-prefix DEFAULT-ROUTE index 5 permit 0.0.0.0 0
[PE2] route-policy PRIVATEAS_CUSTOMER-DEFAULT-OUT permit node 100
[PE2-route-policy] if-match ip-prefix DEFAULT-ROUTE
[PE2-route-policy] apply community no-export
[PE2-route-policy] quit
[PE2] route-policy PRIVATEAS_CUSTOMER-DEFAULT-OUT deny node 200
[PE2-route-policy] quit
[PE2] route-policy DENY-ANY_ROUTE-OUT deny node 100
[PE2-route-policy] quit
[PE2] route-policy STATIC-to-BGP permit node 200
[PE2-route-policy] if-match tag 2519
[PE2-route-policy] apply local-preference 9000
[PE2-route-policy] apply origin igp
[PE2-route-policy] apply community 2519:1
[PE2-route-policy] quit

    # Configure BGP routing policies to advertise only the default routes to enterprises. Configure a routing policy to import static routes to the BGP routing table. 

    [PE2] bgp 2519
[PE2-bgp] ipv4-family unicast
[PE2-bgp-af-ipv4] import-route static route-policy STATIC-to-BGP
[PE2-bgp-af-ipv4] peer 2.2.2.254 route-policy DENY-ANY_ROUTE-OUT export
[PE2-bgp-af-ipv4] peer 2.2.2.254 default-route-advertise route-policy PRIVATEAS_CUSTOMER-DEFAULT-OUT conditional-route-match-any 0.0.0.0 0.0.0.0
[PE2-bgp-af-ipv4] quit
[PE2-bgp] ipv6-family unicast
[PE2-bgp-af-ipv6] import-route static route-policy STATIC-to-BGP
[PE2-bgp-af-ipv6] quit 
[PE2-bgp] quit

  6. Configure VRRP and static routes for access of SW2.

    # Configure VRRP on the interface of PE1 connected to SW2.

    [PE2] interface Eth-Trunk3
[PE2-Eth-Trunk3] vrrp vrid 1 virtual-ip 3.3.3.113
[PE2-Eth-Trunk3] vrrp vrid 1 track interface Eth-Trunk0 reduced 30
[PE2-Eth-Trunk3] vrrp vrid 1 track interface Eth-Trunk1 reduced 30
[PE2-Eth-Trunk3] vrrp vrid 1 authentication-mode md5 YsHsjx_202206
[PE2-Eth-Trunk3] ospf cost 20000
[PE2-Eth-Trunk3] ospf enable 1 area 0.0.0.0
[PE2-Eth-Trunk3] quit

    # Configure static routes for communication with SW2.

    [PE2] ip route-static 6.6.6.0 255.255.255.0 Eth-Trunk 3 3.3.3.116 tag 2519

Configuring P Devices

The following uses P1 as an example. The configuration of P2 is similar to that of P1.

  1. Configure interfaces connected to devices.

    # Create Eth-Trunk 0 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE1/0/0 and XGE2/0/0 to Eth-Trunk 0. 

    <P1> system-view
[P1] ipv6 
[P1] interface Eth-Trunk 0 
[P1-Eth-Trunk0] undo portswitch
[P1-Eth-Trunk0] description To_PE1 
[P1-Eth-Trunk0] ip address 1.1.1.1 255.255.255.252
[P1-Eth-Trunk0] ipv6 enable 
[P1-Eth-Trunk0] ipv6 address 2001:0:0:4D9::1/64
[P1-Eth-Trunk0] mode lacp 
[P1-Eth-Trunk0] quit
[P1] interface XGigabitEthernet 1/0/0
[P1-XGigabitEthernet1/0/0] eth-trunk 0
[P1-XGigabitEthernet1/0/0] quit
[P1] interface XGigabitEthernet 2/0/0
[P1-XGigabitEthernet2/0/0] eth-trunk 0
[P1-XGigabitEthernet2/0/0] quit

    # Create Eth-Trunk 1 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE1/0/1 and XGE2/0/1 to Eth-Trunk 1. 

    [P1] interface Eth-Trunk 1
[P1-Eth-Trunk1] undo portswitch 
[P1-Eth-Trunk1] description To_PE2 
[P1-Eth-Trunk1] ip address 1.1.1.5 255.255.255.252
[P1-Eth-Trunk1] ipv6 enable 
[P1-Eth-Trunk1] ipv6 address 2001:0:0:4DA::1/64
[P1-Eth-Trunk1] mode lacp 
[P1-Eth-Trunk1] quit
[P1] interface XGigabitEthernet 1/0/1
[P1-XGigabitEthernet1/0/1] eth-trunk 1
[P1-XGigabitEthernet1/0/1] quit
[P1] interface XGigabitEthernet 2/0/1
[P1-XGigabitEthernet2/0/1] eth-trunk 1
[P1-XGigabitEthernet2/0/1] quit

    # Create Eth-Trunk 2 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE3/0/0 and XGE4/0/0 to Eth-Trunk 2.

    [P1] interface Eth-Trunk 2
[P1-Eth-Trunk2] undo portswitch 
[P1-Eth-Trunk2] description To_P2 
[P1-Eth-Trunk2] ip address 1.1.2.9 255.255.255.252
[P1-Eth-Trunk2] ipv6 enable 
[P1-Eth-Trunk2] ipv6 address 2001:0:0:4D8::1/64
[P1-Eth-Trunk2] mode lacp 
[P1-Eth-Trunk2] quit
[P1] interface XGigabitEthernet 3/0/0
[P1-XGigabitEthernet3/0/0] eth-trunk 2
[P1-XGigabitEthernet3/0/0] quit
[P1] interface XGigabitEthernet 4/0/0
[P1-XGigabitEthernet4/0/0] eth-trunk 2
[P1-XGigabitEthernet4/0/0] quit

    # Create Eth-Trunk 3 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE3/0/1 and XGE4/0/1 to Eth-Trunk 3. 

    [P1] interface Eth-Trunk 3
[P1-Eth-Trunk3] undo portswitch 
[P1-Eth-Trunk3] description To_RR1 
[P1-Eth-Trunk3] ip address 1.1.2.233 255.255.255.252
[P1-Eth-Trunk3] ipv6 enable 
[P1-Eth-Trunk3] ipv6 address 2001:0:0:4D7::1/64
[P1-Eth-Trunk3] mode lacp 
[P1-Eth-Trunk3] quit
[P1] interface XGigabitEthernet 3/0/1
[P1-XGigabitEthernet3/0/1] eth-trunk 3
[P1-XGigabitEthernet3/0/1] quit
[P1] interface XGigabitEthernet 4/0/1
[P1-XGigabitEthernet4/0/1] eth-trunk 3
[P1-XGigabitEthernet4/0/1] quit

    # Create Eth-Trunk 4 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE3/0/2 and XGE4/0/2 to Eth-Trunk 4. 

    [P1] interface Eth-Trunk 4
[P1-Eth-Trunk4] undo portswitch 
[P1-Eth-Trunk4] description To_RR2 
[P1-Eth-Trunk4] ip address 1.1.2.189 255.255.255.252
[P1-Eth-Trunk4] ipv6 enable 
[P1-Eth-Trunk4] ipv6 address 2001:0:0:4E2::1/64
[P1-Eth-Trunk4] mode lacp 
[P1-Eth-Trunk4] quit
[P1] interface XGigabitEthernet 3/0/2
[P1-XGigabitEthernet3/0/2] eth-trunk 4
[P1-XGigabitEthernet3/0/2] quit
[P1] interface XGigabitEthernet 4/0/2
[P1-XGigabitEthernet4/0/2] eth-trunk 4
[P1-XGigabitEthernet4/0/2] quit

    # Create Eth-Trunk 5 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE3/0/3 and XGE4/0/3 to Eth-Trunk 5.

    [P1] interface Eth-Trunk 5
[P1-Eth-Trunk5] undo portswitch 
[P1-Eth-Trunk5] description To_Router 
[P1-Eth-Trunk5] ip address 1.1.2.225 255.255.255.252
[P1-Eth-Trunk5] ipv6 enable 
[P1-Eth-Trunk5] ipv6 address 2001:0:0:4D5::1/64
[P1-Eth-Trunk5] mode lacp 
[P1-Eth-Trunk5] quit
[P1] interface XGigabitEthernet 3/0/3
[P1-XGigabitEthernet3/0/3] eth-trunk 5
[P1-XGigabitEthernet3/0/3] quit
[P1] interface XGigabitEthernet 4/0/3
[P1-XGigabitEthernet4/0/3] eth-trunk 5
[P1-XGigabitEthernet4/0/3] quit

    # Create loopback 0 and configure an IPv4 address and an IPv6 address for it.

    [P1] interface LoopBack 0 
[P1-LoopBack0] ip address 4.4.4.1 255.255.255.255 
[P1-LoopBack0] ipv6 enable
[P1-LoopBack0] ipv6 address 2001::21/128
[P1-LoopBack0] quit

  2. Configure OSPFv2 and OSPFv3.

    # Create OSPFv2 process 1, specify the router ID, create area 0, enable GR, and configure password authentication.

    [P1] ospf 1 router-id 4.4.4.1  
[P1-ospf-1] silent-interface all
[P1-ospf-1] undo silent-interface Eth-Trunk0
[P1-ospf-1] undo silent-interface Eth-Trunk1
[P1-ospf-1] undo silent-interface Eth-Trunk2
[P1-ospf-1] undo silent-interface Eth-Trunk3
[P1-ospf-1] undo silent-interface Eth-Trunk4
[P1-ospf-1] undo silent-interface Eth-Trunk5
[P1-ospf-1] preference 80
[P1-ospf-1] opaque-capability enable
[P1-ospf-1] graceful-restart
[P1-ospf-1] bandwidth-reference 1000000
[P1-ospf-1] enable traffic-adjustment 
[P1-ospf-1] area 0.0.0.0
[P1-ospf-1-area-0.0.0.0] authentication-mode hmac-sha256 1 cipher YsHsjx_202206
[P1-ospf-1-area-0.0.0.0] mpls-te enable
[P1-ospf-1-area-0.0.0.0] quit
[P1-ospf-1] quit

    # Configure an IPSec proposal and an SA.

    [P1] ipsec proposal ah
[P1-ipsec-proposal-ah] encapsulation-mode transport
[P1-ipsec-proposal-ah] transform ah
[P1-ipsec-proposal-ah] ah authentication-algorithm sha2-256
[P1-ipsec-proposal-ah] quit
[P1] ipsec sa ospfv3-sa
[P1-ipsec-sa-ospfv3-sa] proposal ah
[P1-ipsec-sa-ospfv3-sa] sa spi inbound ah 256
[P1-ipsec-sa-ospfv3-sa] sa authentication-hex inbound ah cipher 112233445566778899aabbccddeeff00
[P1-ipsec-sa-ospfv3-sa] sa spi outbound ah 256
[P1-ipsec-sa-ospfv3-sa] sa authentication-hex outbound ah cipher aabbccddeeff001100aabbccddeeff00
[P1-ipsec-sa-ospfv3-sa] quit

    # Create OSPFv3 process 1, specify the router ID, and enable GR.

    [P1] ospfv3 1 
[P1-ospfv3-1] router-id 4.4.4.1
[P1-ospfv3-1] bandwidth-reference 1000000
[P1-ospfv3-1] graceful-restart
[P1-ospfv3-1] quit

    # Enable OSPFv2 and OSPFv3 on loopback 0.

    [P1] interface LoopBack 0 
[P1-LoopBack0] ospf enable 1 area 0.0.0.0 
[P1-LoopBack0] ospfv3 1 area 0.0.0.0  
[P1-LoopBack0] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 0 and set the network type to P2P.

    [P1] interface Eth-Trunk 0 
[P1-Eth-Trunk0] ospf enable 1 area 0.0.0.0 
[P1-Eth-Trunk0] ospf network-type p2p 
[P1-Eth-Trunk0] ospfv3 1 area 0.0.0.0
[P1-Eth-Trunk0] ospfv3 network-type p2p
[P1-Eth-Trunk0] ospfv3 ipsec sa ospfv3-sa
[P1-Eth-Trunk0] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 1 and set the network type to P2P.

    [P1] interface Eth-Trunk 1 
[P1-Eth-Trunk1] ospf enable 1 area 0.0.0.0 
[P1-Eth-Trunk1] ospf network-type p2p 
[P1-Eth-Trunk1] ospfv3 1 area 0.0.0.0
[P1-Eth-Trunk1] ospfv3 network-type p2p
[P1-Eth-Trunk1] ospfv3 ipsec sa ospfv3-sa
[P1-Eth-Trunk1] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 2 and set the network type to P2P. 

    [P1] interface Eth-Trunk 2 
[P1-Eth-Trunk2] ospf enable 1 area 0.0.0.0 
[P1-Eth-Trunk2] ospf network-type p2p 
[P1-Eth-Trunk2] ospfv3 1 area 0.0.0.0
[P1-Eth-Trunk2] ospfv3 network-type p2p
[P1-Eth-Trunk2] ospfv3 ipsec sa ospfv3-sa
[P1-Eth-Trunk2] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 3 and set the network type to P2P.

    [P1] interface Eth-Trunk 3 
[P1-Eth-Trunk3] ospf enable 1 area 0.0.0.0 
[P1-Eth-Trunk3] ospf network-type p2p 
[P1-Eth-Trunk3] ospfv3 1 area 0.0.0.0
[P1-Eth-Trunk3] ospfv3 network-type p2p
[P1-Eth-Trunk3] ospfv3 ipsec sa ospfv3-sa
[P1-Eth-Trunk3] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 4, set the network type to P2P, and set the OSPF cost value.

    [P1] interface Eth-Trunk 4 
[P1-Eth-Trunk4] ospf enable 1 area 0.0.0.0 
[P1-Eth-Trunk4] ospf network-type p2p 
[P1-Eth-Trunk4] ospfv3 1 area 0.0.0.0
[P1-Eth-Trunk4] ospfv3 network-type p2p
[P1-Eth-Trunk4] ospfv3 ipsec sa ospfv3-sa
[P1-Eth-Trunk4] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 5, set the network type to P2P, and set the OSPF cost value.

    [P1] interface Eth-Trunk 5 
[P1-Eth-Trunk5] ospf enable 1 area 0.0.0.0 
[P1-Eth-Trunk5] ospf network-type p2p 
[P1-Eth-Trunk5] ospfv3 1 area 0.0.0.0
[P1-Eth-Trunk5] ospfv3 network-type p2p
[P1-Eth-Trunk5] ospfv3 ipsec sa ospfv3-sa
[P1-Eth-Trunk5] quit

  3. Configure MPLS and RSVP-TE globally and enable them on all Layer 3 interfaces of P1.

    # Configure MPLS RSVP-TE and enable MPLS globally. 

    [P1] mpls lsr-id 4.4.4.1
[P1] mpls
[P1-mpls] mpls te
[P1-mpls] mpls rsvp-te
[P1-mpls] mpls rsvp-te hello
[P1-mpls] mpls rsvp-te srefresh
[P1-mpls] quit

    # Establish RSVP peer relationships and enable MD5 authentication.

    [P1] mpls rsvp-te peer 1.1.1.2 
[P1-mpls-rsvp-te-peer-1.1.1.2] mpls rsvp-te authentication cipher YsHsjx_202206
[P1-mpls-rsvp-te-peer-1.1.1.2] quit
[P1] mpls rsvp-te peer 1.1.1.6 
[P1-mpls-rsvp-te-peer-1.1.1.6] mpls rsvp-te authentication cipher YsHsjx_202206
[P1-mpls-rsvp-te-peer-1.1.1.6] quit
[P1] mpls rsvp-te peer 1.1.2.10 
[P1-mpls-rsvp-te-peer-1.1.2.10] mpls rsvp-te authentication cipher YsHsjx_202206
[P1-mpls-rsvp-te-peer-1.1.2.10] quit
[P1] mpls rsvp-te peer 1.1.2.226 
[P1-mpls-rsvp-te-peer-1.1.2.226] mpls rsvp-te authentication cipher YsHsjx_202206
[P1-mpls-rsvp-te-peer-1.1.2.226] quit

    # Enable MPLS and RSVP-TE on the Layer 3 interface of P1 connected to P2.

    [P1] interface Eth-Trunk 0 
[P1-Eth-Trunk0] mpls
[P1-Eth-Trunk0] mpls te
[P1-Eth-Trunk0] mpls rsvp-te
[P1-Eth-Trunk0] mpls rsvp-te hello
[P1-Eth-Trunk0] quit
[P1] interface Eth-Trunk 1 
[P1-Eth-Trunk1] mpls
[P1-Eth-Trunk1] mpls te
[P1-Eth-Trunk1] mpls rsvp-te
[P1-Eth-Trunk1] mpls rsvp-te hello
[P1-Eth-Trunk1] quit
[P1] interface Eth-Trunk 2 
[P1-Eth-Trunk2] mpls
[P1-Eth-Trunk2] mpls te
[P1-Eth-Trunk2] mpls rsvp-te
[P1-Eth-Trunk2] mpls rsvp-te hello
[P1-Eth-Trunk2] quit
[P1] interface Eth-Trunk 5 
[P1-Eth-Trunk5] mpls
[P1-Eth-Trunk5] mpls te
[P1-Eth-Trunk5] mpls rsvp-te
[P1-Eth-Trunk5] mpls rsvp-te hello
[P1-Eth-Trunk5] quit

  4. Configure TE tunnels and their explicit paths.

    # Configure explicit paths for TE tunnels. 

    [P1] explicit-path TO-PE1-1
[P1-explicit-path-TO-PE1-1] next hop 1.1.1.2
[P1-explicit-path-TO-PE1-1] quit
[P1] explicit-path TO-PE1-2
[P1-explicit-path-TO-PE1-2] next hop 1.1.2.10
[P1-explicit-path-TO-PE1-2] next hop 1.1.1.10
[P1-explicit-path-TO-PE1-2] quit
[P1] explicit-path TO-PE2-1
[P1-explicit-path-TO-PE2-1] next hop 1.1.1.6
[P1-explicit-path-TO-PE2-1] quit
[P1] explicit-path TO-PE2-2
[P1-explicit-path-TO-PE2-2] next hop 1.1.2.10
[P1-explicit-path-TO-PE2-2] next hop 1.1.1.14
[P1-explicit-path-TO-PE2-2] quit

    # Configure TE tunnels.

    [P1] interface Tunnel1
[P1-Tunnel1] ip address unnumbered interface LoopBack0
[P1-Tunnel1] tunnel-protocol mpls te
[P1-Tunnel1] destination 4.4.4.143
[P1-Tunnel1] mpls te tunnel-id 1
[P1-Tunnel1] mpls te signalled tunnel-name P1->pe1-1
[P1-Tunnel1] mpls te record-route label
[P1-Tunnel1] mpls te path explicit-path TO-PE1-1
[P1-Tunnel1] mpls te path explicit-path TO-PE1-2 secondary
[P1-Tunnel1] mpls te backup hot-standby 
[P1-Tunnel1] mpls te igp shortcut ospf
[P1-Tunnel1] mpls te igp metric absolute 10
[P1-Tunnel1] mpls te reserved-for-binding
[P1-Tunnel1] ospf enable 1 area 0.0.0.0
[P1-Tunnel1] mpls
[P1-Tunnel1] mpls te commit
[P1-Tunnel1] quit
[P1] interface Tunnel2
[P1-Tunnel2] ip address unnumbered interface LoopBack0
[P1-Tunnel2] tunnel-protocol mpls te
[P1-Tunnel2] destination 4.4.4.144
[P1-Tunnel2] mpls te tunnel-id 2
[P1-Tunnel2] mpls te signalled tunnel-name P1->pe2-1
[P1-Tunnel2] mpls te record-route label
[P1-Tunnel2] mpls te path explicit-path TO-PE2-1
[P1-Tunnel2] mpls te path explicit-path TO-PE2-2 secondary
[P1-Tunnel2] mpls te backup hot-standby 
[P1-Tunnel2] mpls te igp shortcut ospf
[P1-Tunnel2] mpls te igp metric absolute 10
[P1-Tunnel2] mpls te reserved-for-binding
[P1-Tunnel2] ospf enable 1 area 0.0.0.0
[P1-Tunnel2] mpls
[P1-Tunnel2] mpls te commit
[P1-Tunnel2] quit

  5. Configure BGP and BGP4+, and configure P1 to establish IBGP peer relationships with RR1 and RR2.

    # Start the BGP process and configure BGP peers.

    [P1] bgp 2519
[P1-bgp] router-id 4.4.4.1
[P1-bgp] graceful-restart
[P1-bgp] group iBGP internal
[P1-bgp] peer iBGP connect-interface LoopBack0
[P1-bgp] peer 4.4.4.27 as-number 2519
[P1-bgp] peer 4.4.4.27 group iBGP
[P1-bgp] peer 4.4.4.27 password cipher YsHsjx_202206
[P1-bgp] peer 4.4.4.28 as-number 2519
[P1-bgp] peer 4.4.4.28 group iBGP
[P1-bgp] peer 4.4.4.28 password cipher YsHsjx_202206
[P1-bgp] peer 2001::15 as-number 2519
[P1-bgp] peer 2001::15 group iBGP
[P1-bgp] peer 2001::15 password cipher YsHsjx_202206
[P1-bgp] peer 2001::16 as-number 2519
[P1-bgp] peer 2001::16 group iBGP
[P1-bgp] peer 2001::16 password cipher YsHsjx_202206
[P1-bgp] ipv4-family unicast
[P1-bgp-af-ipv4] undo synchronization
[P1-bgp-af-ipv4] preference 170 170 130
[P1-bgp-af-ipv4] peer iBGP next-hop-local
[P1-bgp-af-ipv4] peer iBGP advertise-community
[P1-bgp-af-ipv4] quit

    # Configure BGP4+ peers.

    [P1-bgp] ipv6-family unicast
[P1-bgp-af-ipv6] undo synchronization
[P1-bgp-af-ipv6] preference 170 170 130
[P1-bgp-af-ipv6] peer iBGP enable
[P1-bgp-af-ipv6] peer iBGP next-hop-local
[P1-bgp-af-ipv6] peer iBGP advertise-community
[P1-bgp-af-ipv6] peer 2001::15 enable
[P1-bgp-af-ipv6] peer 2001::15 group iBGP
[P1-bgp-af-ipv6] peer 2001::16 enable
[P1-bgp-af-ipv6] peer 2001::16 group iBGP
[P1-bgp-af-ipv6] quit
[P1-bgp] quit

Configuring RRs

The following uses RR1 as an example. The configuration of RR2 is similar to that of RR1.

  1. Configure interfaces connected to devices.

    # Create Eth-Trunk 0 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE1/0/0 and XGE2/0/0 to Eth-Trunk 0. 

    <RR1> system-view
[RR1] ipv6 
[RR1] interface Eth-Trunk 0 
[RR1-Eth-Trunk0] undo portswitch
[RR1-Eth-Trunk0] description To_P1 
[RR1-Eth-Trunk0] ip address 1.1.2.234 255.255.255.252
[RR1-Eth-Trunk0] ipv6 enable 
[RR1-Eth-Trunk0] ipv6 address 2001:0:0:4D7::2/64
[RR1-Eth-Trunk0] mode lacp 
[RR1-Eth-Trunk0] quit
[RR1] interface XGigabitEthernet 1/0/0
[RR1-XGigabitEthernet1/0/0] eth-trunk 0
[RR1-XGigabitEthernet1/0/0] quit
[RR1] interface XGigabitEthernet 2/0/0
[RR1-XGigabitEthernet2/0/0] eth-trunk 0
[RR1-XGigabitEthernet2/0/0] quit

    # Create Eth-Trunk 1 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE1/0/1 and XGE2/0/1 to Eth-Trunk 1. 

    [RR1] interface Eth-Trunk 1
[RR1-Eth-Trunk1] undo portswitch 
[RR1-Eth-Trunk1] description To_P2 
[RR1-Eth-Trunk1] ip address 1.1.2.238 255.255.255.252
[RR1-Eth-Trunk1] ipv6 enable 
[RR1-Eth-Trunk1] ipv6 address 2001:0:0:4D6::2/64
[RR1-Eth-Trunk1] mode lacp 
[RR1-Eth-Trunk1] quit
[RR1] interface XGigabitEthernet 1/0/1
[RR1-XGigabitEthernet1/0/1] eth-trunk 1
[RR1-XGigabitEthernet1/0/1] quit
[RR1] interface XGigabitEthernet 2/0/1
[RR1-XGigabitEthernet2/0/1] eth-trunk 1
[RR1-XGigabitEthernet2/0/1] quit

    # Create loopback 0 and configure an IPv4 address and an IPv6 address for it.

    [RR1] interface LoopBack 0 
[RR1-LoopBack0] ip address 4.4.4.27 255.255.255.255 
[RR1-LoopBack0] ipv6 enable
[RR1-LoopBack0] ipv6 address 2001::15/128
[RR1-LoopBack0] quit

  2. Configure OSPFv2 and OSPFv3.

    # Create OSPFv2 process 1, specify the router ID, create area 0, enable GR, and configure password authentication. 

    [RR1] ospf 1 router-id 4.4.4.27  
[RR1-ospf-1] silent-interface all
[RR1-ospf-1] undo silent-interface Eth-Trunk0
[RR1-ospf-1] undo silent-interface Eth-Trunk1
[RR1-ospf-1] preference 80
[RR1-ospf-1] opaque-capability enable
[RR1-ospf-1] graceful-restart
[RR1-ospf-1] bandwidth-reference 1000000
[RR1-ospf-1] enable traffic-adjustment 
[RR1-ospf-1] area 0.0.0.0
[RR1-ospf-1-area-0.0.0.0] authentication-mode hmac-sha256 1 cipher YsHsjx_202206
[RR1-ospf-1-area-0.0.0.0] mpls-te enable
[RR1-ospf-1-area-0.0.0.0] quit
[RR1-ospf-1] quit

    # Configure an IPSec proposal and an SA. 

    [RR1] ipsec proposal ah
[RR1-ipsec-proposal-ah] encapsulation-mode transport
[RR1-ipsec-proposal-ah] transform ah
[RR1-ipsec-proposal-ah] ah authentication-algorithm sha2-256
[RR1-ipsec-proposal-ah] quit
[RR1] ipsec sa ospfv3-sa
[RR1-ipsec-sa-ospfv3-sa] proposal ah
[RR1-ipsec-sa-ospfv3-sa] sa spi inbound ah 256
[RR1-ipsec-sa-ospfv3-sa] sa authentication-hex inbound ah cipher 112233445566778899aabbccddeeff00
[RR1-ipsec-sa-ospfv3-sa] sa spi outbound ah 256
[RR1-ipsec-sa-ospfv3-sa] sa authentication-hex outbound ah cipher aabbccddeeff001100aabbccddeeff00
[RR1-ipsec-sa-ospfv3-sa] quit

    # Create OSPFv3 process 1, specify the router ID, and enable GR.

    [RR1] ospfv3 1 
[RR1-ospfv3-1] router-id 4.4.4.27
[RR1-ospfv3-1] bandwidth-reference 1000000
[RR1-ospfv3-1] graceful-restart
[RR1-ospfv3-1] quit

    # Enable OSPFv2 and OSPFv3 on loopback 0.

    [RR1] interface LoopBack 0 
[RR1-LoopBack0] ospf enable 1 area 0.0.0.0 
[RR1-LoopBack0] ospfv3 1 area 0.0.0.0  
[RR1-LoopBack0] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 0, set the network type to P2P, and set the OSPF cost value.

    [RR1] interface Eth-Trunk 0 
[RR1-Eth-Trunk0] ospf enable 1 area 0.0.0.0 
[RR1-Eth-Trunk0] ospf network-type p2p 
[RR1-Eth-Trunk0] ospf cost 10000 
[RR1-Eth-Trunk0] ospfv3 1 area 0.0.0.0
[RR1-Eth-Trunk0] ospfv3 network-type p2p
[RR1-Eth-Trunk0] ospfv3 cost 10000
[RR1-Eth-Trunk0] ospfv3 ipsec sa ospfv3-sa
[RR1-Eth-Trunk0] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 1, set the network type to P2P, and set the OSPF cost value.

    [RR1] interface Eth-Trunk 1 
[RR1-Eth-Trunk1] ospf enable 1 area 0.0.0.0 
[RR1-Eth-Trunk1] ospf network-type p2p 
[RR1-Eth-Trunk1] ospf cost 1000 
[RR1-Eth-Trunk1] ospfv3 1 area 0.0.0.0
[RR1-Eth-Trunk1] ospfv3 network-type p2p
[RR1-Eth-Trunk1] ospfv3 cost 1000
[RR1-Eth-Trunk1] ospfv3 ipsec sa ospfv3-sa
[RR1-Eth-Trunk1] quit

  3. Configure BGP and BGP4+, and configure RR1 to establish IBGP peer relationships with other network elements (NEs).

    # Start the BGP process and configure BGP peers.

    [RR1] bgp 2519
[RR1-bgp] router-id 4.4.4.27
[RR1-bgp] graceful-restart
[RR1-bgp] group iBGP internal
[RR1-bgp] peer iBGP connect-interface LoopBack0
[RR1-bgp] peer 4.4.4.1 as-number 2519
[RR1-bgp] peer 4.4.4.1 group iBGP
[RR1-bgp] peer 4.4.4.1 password cipher YsHsjx_202206
[RR1-bgp] peer 4.4.4.2 as-number 2519
[RR1-bgp] peer 4.4.4.2 group iBGP
[RR1-bgp] peer 4.4.4.2 password cipher YsHsjx_202206
[RR1-bgp] peer 4.4.4.39 as-number 2519
[RR1-bgp] peer 4.4.4.39 group iBGP
[RR1-bgp] peer 4.4.4.39 password cipher YsHsjx_202206
[RR1-bgp] peer 4.4.4.143 as-number 2519
[RR1-bgp] peer 4.4.4.143 group iBGP
[RR1-bgp] peer 4.4.4.143 password cipher YsHsjx_202206
[RR1-bgp] peer 4.4.4.144 as-number 2519
[RR1-bgp] peer 4.4.4.144 group iBGP
[RR1-bgp] peer 4.4.4.144 password cipher YsHsjx_202206
[RR1-bgp] peer 2001::149 as-number 2519
[RR1-bgp] peer 2001::149 group iBGP
[RR1-bgp] peer 2001::149 password cipher YsHsjx_202206
[RR1-bgp] peer 2001::14A as-number 2519
[RR1-bgp] peer 2001::14A group iBGP
[RR1-bgp] peer 2001::14A password cipher YsHsjx_202206
[RR1-bgp] peer 2001::21 as-number 2519
[RR1-bgp] peer 2001::21 group iBGP
[RR1-bgp] peer 2001::21 password cipher YsHsjx_202206
[RR1-bgp] peer 2001::22 as-number 2519
[RR1-bgp] peer 2001::22 group iBGP
[RR1-bgp] peer 2001::22 password cipher YsHsjx_202206
[RR1-bgp] peer 2001::31 as-number 2519
[RR1-bgp] peer 2001::31 group iBGP
[RR1-bgp] peer 2001::31 password cipher YsHsjx_202206
[RR1-bgp] ipv4-family unicast
[RR1-bgp-af-ipv4] undo synchronization
[RR1-bgp-af-ipv4] reflector cluster-id 2519
[RR1-bgp-af-ipv4] peer iBGP advertise-community
[RR1-bgp-af-ipv4] peer 4.4.4.1 reflect-client
[RR1-bgp-af-ipv4] peer 4.4.4.2 reflect-client
[RR1-bgp-af-ipv4] peer 4.4.4.39 reflect-client
[RR1-bgp-af-ipv4] peer 4.4.4.143 reflect-client
[RR1-bgp-af-ipv4] peer 4.4.4.144 reflect-client
[RR1-bgp-af-ipv4] quit

    # Configure BGP4+ peers.

    [RR1-bgp] ipv6-family unicast
[RR1-bgp-af-ipv6] undo synchronization
[RR1-bgp-af-ipv6] preference 170 170 130
[RR1-bgp-af-ipv6] reflector cluster-id 2519
[RR1-bgp-af-ipv6] peer iBGP enable
[RR1-bgp-af-ipv6] peer iBGP next-hop-local
[RR1-bgp-af-ipv6] peer iBGP advertise-community
[RR1-bgp-af-ipv6] peer 2001::149 enable
[RR1-bgp-af-ipv6] peer 2001::149 group iBGP
[RR1-bgp-af-ipv6] peer 2001::149 reflect-client
[RR1-bgp-af-ipv6] peer 2001:0::150 enable
[RR1-bgp-af-ipv6] peer 2001:0::150 group iBGP
[RR1-bgp-af-ipv6] peer 2001:0::150 reflect-client
[RR1-bgp-af-ipv6] peer 2001::21 enable
[RR1-bgp-af-ipv6] peer 2001::21 group iBGP
[RR1-bgp-af-ipv6] peer 2001::21 reflect-client
[RR1-bgp-af-ipv6] peer 2001::22 enable
[RR1-bgp-af-ipv6] peer 2001::22 group iBGP
[RR1-bgp-af-ipv6] peer 2001::22 reflect-client
[RR1-bgp-af-ipv6] peer 2001::31 enable
[RR1-bgp-af-ipv6] peer 2001::31 group iBGP
[RR1-bgp-af-ipv6] peer 2001::31 reflect-client
[RR1-bgp-af-ipv6] quit
[RR1-bgp] quit

Configuring Router

  1. Configure interfaces connected to devices.

    # Create Eth-Trunk 0 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE1/0/0 and XGE2/0/0 to Eth-Trunk 0.

    <Router> system-view
[Router] ipv6 
[Router] interface Eth-Trunk 0 
[Router-Eth-Trunk0] undo portswitch
[Router-Eth-Trunk0] description To_P1 
[Router-Eth-Trunk0] ip address 1.1.2.226 255.255.255.252
[Router-Eth-Trunk0] ipv6 enable 
[Router-Eth-Trunk0] ipv6 address 2001:0:0:4D5::2/64
[Router-Eth-Trunk0] mode lacp 
[Router-Eth-Trunk0] quit
[Router] interface XGigabitEthernet 1/0/0
[Router-XGigabitEthernet1/0/0] Eth-Trunk 0
[Router-XGigabitEthernet1/0/0] quit
[Router] interface XGigabitEthernet 2/0/0
[Router-XGigabitEthernet2/0/0] eth-trunk 0
[Router-XGigabitEthernet2/0/0] quit

    # Create Eth-Trunk 1 and configure its IPv4 and IPv6 addresses. Enable LACP, and add XGE1/0/1 and XGE2/0/1 to Eth-Trunk 1. 

    [Router] interface Eth-Trunk 1
[Router-Eth-Trunk1] undo portswitch 
[Router-Eth-Trunk1] description To_P2 
[Router-Eth-Trunk1] ip address 1.1.2.230 255.255.255.252
[Router-Eth-Trunk1] ipv6 enable 
[Router-Eth-Trunk1] ipv6 address 2001:0:0:4D4::2/64
[Router-Eth-Trunk1] mode lacp 
[Router-Eth-Trunk1] quit
[Router] interface XGigabitEthernet 1/0/1
[Router-XGigabitEthernet1/0/1] eth-trunk 1
[Router-XGigabitEthernet1/0/1] quit
[Router] interface XGigabitEthernet 2/0/1
[Router-XGigabitEthernet2/0/1] eth-trunk 1
[Router-XGigabitEthernet2/0/1] quit

    # Create loopback 0 and configure an IPv4 address and an IPv6 address for it.

    [Router] interface LoopBack 0 
[Router-LoopBack0] ip address 4.4.4.39 255.255.255.255 
[Router-LoopBack0] ipv6 enable
[Router-LoopBack0] ipv6 address 2001::31/128
[Router-LoopBack0] quit

  2. Configure OSPFv2 and OSPFv3.

    # Create OSPFv2 process 1, specify the router ID, create area 0, enable GR, and configure password authentication. 

    [Router] ospf 1 router-id 4.4.4.39  
[Router-ospf-1] silent-interface all
[Router-ospf-1] undo silent-interface Eth-Trunk0
[Router-ospf-1] undo silent-interface Eth-Trunk1
[Router-ospf-1] default-route-advertise always
[Router-ospf-1] preference 80
[Router-ospf-1] opaque-capability enable
[Router-ospf-1] graceful-restart
[Router-ospf-1] bandwidth-reference 1000000
[Router-ospf-1] enable traffic-adjustment 
[Router-ospf-1] area 0.0.0.0
[Router-ospf-1-area-0.0.0.0] authentication-mode hmac-sha256 1 cipher YsHsjx_202206
[Router-ospf-1-area-0.0.0.0] mpls-te enable
[Router-ospf-1-area-0.0.0.0] quit
[Router-ospf-1] quit

    # Configure an IPSec proposal and an SA.

    [Router] ipsec proposal ah
[Router-ipsec-proposal-ah] encapsulation-mode transport
[Router-ipsec-proposal-ah] transform ah
[Router-ipsec-proposal-ah] ah authentication-algorithm sha2-256
[Router-ipsec-proposal-ah] quit
[Router] ipsec sa ospfv3-sa
[Router-ipsec-sa-ospfv3-sa] proposal ah
[Router-ipsec-sa-ospfv3-sa] sa spi inbound ah 256
[Router-ipsec-sa-ospfv3-sa] sa authentication-hex inbound ah cipher 112233445566778899aabbccddeeff00
[Router-ipsec-sa-ospfv3-sa] sa spi outbound ah 256
[Router-ipsec-sa-ospfv3-sa] sa authentication-hex outbound ah cipher aabbccddeeff001100aabbccddeeff00
[Router-ipsec-sa-ospfv3-sa] quit

    # Create OSPFv3 process 1, specify the router ID, and enable GR.

    [Router] ospfv3 1 
[Router-ospfv3-1] router-id 4.4.4.39
[Router-ospfv3-1] bandwidth-reference 1000000
[Router-ospfv3-1] graceful-restart
[Router-ospfv3-1] default-route-advertise always
[Router-ospfv3-1] quit

    # Enable OSPFv2 and OSPFv3 on loopback 0.

    [Router] interface LoopBack 0 
[Router-LoopBack0] ospf enable 1 area 0.0.0.0 
[Router-LoopBack0] ospfv3 1 area 0.0.0.0  
[Router-LoopBack0] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 0 and set the network type to P2P. 

    [Router] interface Eth-Trunk 0 
[Router-Eth-Trunk0] ospf enable 1 area 0.0.0.0 
[Router-Eth-Trunk0] ospf network-type p2p 
[Router-Eth-Trunk0] ospfv3 1 area 0.0.0.0
[Router-Eth-Trunk0] ospfv3 network-type p2p
[Router-Eth-Trunk0] ospfv3 ipsec sa ospfv3-sa
[Router-Eth-Trunk0] quit

    # Enable OSPFv2 and OSPFv3 on Eth-Trunk 1 and set the network type to P2P. 

    [Router] interface Eth-Trunk 1 
[Router-Eth-Trunk1] ospf enable 1 area 0.0.0.0 
[Router-Eth-Trunk1] ospf network-type p2p 
[Router-Eth-Trunk1] ospfv3 1 area 0.0.0.0
[Router-Eth-Trunk1] ospfv3 network-type p2p
[Router-Eth-Trunk1] ospfv3 ipsec sa ospfv3-sa
[Router-Eth-Trunk1] quit

  3. Configure MPLS and RSVP-TE globally and enable them on all Layer 3 interfaces of Router

    # Configure MPLS RSVP-TE and enable MPLS globally. 

    [Router] mpls lsr-id 4.4.4.39
[Router] mpls
[Router-mpls] mpls te
[Router-mpls] mpls rsvp-te
[Router-mpls] mpls rsvp-te hello
[Router-mpls] mpls rsvp-te srefresh
[Router-mpls] quit

    # Establish RSVP peer relationships and enable MD5 authentication.

    [Router] mpls rsvp-te peer 1.1.2.225 
[Router-mpls-rsvp-te-peer-1.1.2.225] mpls rsvp-te authentication cipher YsHsjx_202206
[Router-mpls-rsvp-te-peer-1.1.2.225] quit
[Router] mpls rsvp-te peer 1.1.2.229 
[Router-mpls-rsvp-te-peer-1.1.2.229] mpls rsvp-te authentication cipher YsHsjx_202206
[Router-mpls-rsvp-te-peer-1.1.2.229] quit

    # Enable MPLS and RSVP-TE on Layer 3 interfaces of Router connected to P devices.

    [Router] interface Eth-Trunk 0 
[Router-Eth-Trunk0] mpls
[Router-Eth-Trunk0] mpls te
[Router-Eth-Trunk0] mpls rsvp-te
[Router-Eth-Trunk0] mpls rsvp-te hello
[Router-Eth-Trunk0] quit
[Router] interface Eth-Trunk 1 
[Router-Eth-Trunk1] mpls
[Router-Eth-Trunk1] mpls te
[Router-Eth-Trunk1] mpls rsvp-te
[Router-Eth-Trunk1] mpls rsvp-te hello
[Router-Eth-Trunk1] quit

  4. Configure TE tunnels and their explicit paths.

    # Configure explicit paths for TE tunnels. 

    [Router] explicit-path TO-PE1-1
[Router-explicit-path-TO-PE1-1] next hop 1.1.2.225
[Router-explicit-path-TO-PE1-1] next hop 1.1.1.2
[Router-explicit-path-TO-PE1-1] quit
[Router] explicit-path TO-PE1-2
[Router-explicit-path-TO-PE1-2] next hop 1.1.2.229
[Router-explicit-path-TO-PE1-2] next hop 1.1.1.10
[Router-explicit-path-TO-PE1-2] quit
[Router] explicit-path TO-PE2-1
[Router-explicit-path-TO-PE2-1] next hop 1.1.2.225
[Router-explicit-path-TO-PE2-1] next hop 1.1.1.6
[Router-explicit-path-TO-PE2-1] quit
[Router] explicit-path TO-PE2-2
[Router-explicit-path-TO-PE2-2] next hop 1.1.2.229
[Router-explicit-path-TO-PE2-2] next hop 1.1.1.14
[Router-explicit-path-TO-PE2-2] quit

    # Configure TE tunnels.

    [Router] interface Tunnel1
[Router-Tunnel1] ip address unnumbered interface LoopBack0
[Router-Tunnel1] tunnel-protocol mpls te
[Router-Tunnel1] destination 4.4.4.143
[Router-Tunnel1] mpls te tunnel-id 1
[Router-Tunnel1] mpls te signalled tunnel-name router->pe1-1
[Router-Tunnel1] mpls te record-route label
[Router-Tunnel1] mpls te path explicit-path TO-PE1-1
[Router-Tunnel1] mpls te path explicit-path TO-PE1-2 secondary
[Router-Tunnel1] mpls te backup hot-standby 
[Router-Tunnel1] mpls te igp shortcut ospf
[Router-Tunnel1] mpls te igp metric absolute 10
[Router-Tunnel1] mpls te reserved-for-binding
[Router-Tunnel1] ospf enable 1 area 0.0.0.0
[Router-Tunnel1] mpls
[Router-Tunnel1] mpls te commit
[Router-Tunnel1] quit
[Router] interface Tunnel2
[Router-Tunnel2] ip address unnumbered interface LoopBack0
[Router-Tunnel2] tunnel-protocol mpls te
[Router-Tunnel2] destination 4.4.4.144
[Router-Tunnel2] mpls te tunnel-id 2
[Router-Tunnel2] mpls te signalled tunnel-name router->pe2-1
[Router-Tunnel2] mpls te record-route label
[Router-Tunnel2] mpls te path explicit-path TO-PE2-1
[Router-Tunnel2] mpls te path explicit-path TO-PE2-2 secondary
[Router-Tunnel2] mpls te backup hot-standby 
[Router-Tunnel2] mpls te igp shortcut ospf
[Router-Tunnel2] mpls te igp metric absolute 10
[Router-Tunnel2] mpls te reserved-for-binding
[Router-Tunnel2] ospf enable 1 area 0.0.0.0
[Router-Tunnel2] mpls
[Router-Tunnel2] mpls te commit
[Router-Tunnel2] quit

  5. Configure BGP and BGP4+, and configure Router to establish IBGP peer relationships with RR1 and RR2.

    # Start the BGP process and configure BGP peers.

    [Router] bgp 2519
[Router-bgp] router-id 4.4.4.39
[Router-bgp] graceful-restart
[Router-bgp] group iBGP internal
[Router-bgp] peer iBGP connect-interface LoopBack0
[Router-bgp] peer 4.4.4.27 as-number 2519
[Router-bgp] peer 4.4.4.27 group iBGP
[Router-bgp] peer 4.4.4.27 password cipher YsHsjx_202206
[Router-bgp] peer 4.4.4.28 as-number 2519
[Router-bgp] peer 4.4.4.28 group iBGP
[Router-bgp] peer 4.4.4.28 password cipher YsHsjx_202206
[Router-bgp] peer 2001::15 as-number 2519
[Router-bgp] peer 2001::15 group iBGP
[Router-bgp] peer 2001::15 password cipher YsHsjx_202206
[Router-bgp] peer 2001::16 as-number 2519
[Router-bgp] peer 2001::16 group iBGP
[Router-bgp] peer 2001::16 password cipher YsHsjx_202206
[Router-bgp] ipv4-family unicast
[Router-bgp-af-ipv4] undo synchronization
[Router-bgp-af-ipv4] preference 170 170 130
[Router-bgp-af-ipv4] peer iBGP next-hop-local
[Router-bgp-af-ipv4] peer iBGP advertise-community
[Router-bgp-af-ipv4] quit

    # Configure BGP4+ peers.

    [Router-bgp] ipv6-family unicast
[Router-bgp-af-ipv6] undo synchronization
[Router-bgp-af-ipv6] preference 170 170 130
[Router-bgp-af-ipv6] peer iBGP enable
[Router-bgp-af-ipv6] peer iBGP next-hop-local
[Router-bgp-af-ipv6] peer iBGP advertise-community
[Router-bgp-af-ipv6] peer 2001::15 enable
[Router-bgp-af-ipv6] peer 2001::15 group iBGP
[Router-bgp-af-ipv6] peer 2001::16 enable
[Router-bgp-af-ipv6] peer 2001::16 group iBGP
[Router-bgp-af-ipv6] quit
[Router-bgp] quit

Configuring SW1

  1. Configure interfaces connected to devices.

    # Create Eth-Trunk 0 and configure its IPv4 address. Enable LACP, and add XGE0/0/1 and XGE0/0/2 to Eth-Trunk 0. 

    <SW1> system-view
[SW1] interface Eth-Trunk 0 
[SW1-Eth-Trunk0] undo portswitch
[SW1-Eth-Trunk0] description To_PE1 
[SW1-Eth-Trunk0] ip address 2.2.2.206 255.255.255.252
[SW1-Eth-Trunk0] mode lacp 
[SW1-Eth-Trunk0] quit
[SW1] interface XGigabitEthernet 0/0/1
[SW1-XGigabitEthernet0/0/1] eth-trunk 0
[SW1-XGigabitEthernet0/0/1] quit
[SW1] interface XGigabitEthernet 0/0/2
[SW1-XGigabitEthernet0/0/2] eth-trunk 0
[SW1-XGigabitEthernet0/0/2] quit

    # Create Eth-Trunk 1 and configure its IPv4 address. Enable LACP, and add XGE0/0/3 and XGE0/0/4 to Eth-Trunk 1. 

    [SW1] interface Eth-Trunk 1
[SW1-Eth-Trunk1] undo portswitch 
[SW1-Eth-Trunk1] description To_PE2 
[SW1-Eth-Trunk1] ip address 2.2.2.254 255.255.255.252
[SW1-Eth-Trunk1] mode lacp 
[SW1-Eth-Trunk1] quit
[SW1] interface XGigabitEthernet 0/0/3
[SW1-XGigabitEthernet0/0/3] eth-trunk 1
[SW1-XGigabitEthernet0/0/3] quit
[SW1] interface XGigabitEthernet 0/0/4
[SW1-XGigabitEthernet0/0/4] eth-trunk 1
[SW1-XGigabitEthernet0/0/4] quit

    # Create VLANIF 300 and configure an IP address for it.

    [SW1] vlan batch 300
[SW1] interface Vlanif300
[SW1-Vlanif300] ip address 5.5.5.1 255.255.255.0
[SW1-Vlanif300] quit

    # Create Eth-Trunk 2, enable LACP, and add XGE0/0/5 and XGE0/0/6 to Eth-Trunk 2.

    [SW1] interface Eth-Trunk 2
[SW1-Eth-Trunk2] port link-type trunk 
[SW1-Eth-Trunk2] undo port trunk allow-pass vlan 1 
[SW1-Eth-Trunk2] port trunk allow-pass vlan 300
[SW1-Eth-Trunk2] mode lacp 
[SW1-Eth-Trunk2] quit
[SW1] interface XGigabitEthernet 0/0/5
[SW1-XGigabitEthernet0/0/5] eth-trunk 2
[SW1-XGigabitEthernet0/0/5] quit
[SW1] interface XGigabitEthernet 0/0/6
[SW1-XGigabitEthernet0/0/6] eth-trunk 2
[SW1-XGigabitEthernet0/0/6] quit

  2. Configure BGP and configure SW1 to establish EBGP peer relationships with PE devices.

    # Start the BGP process and configure BGP peers.

    [SW1] bgp 64901
[SW1-bgp] graceful-restart
[SW1-bgp] group eBGP1 external
[SW1-bgp] peer eBGP1 connect-interface Eth-Trunk0
[SW1-bgp] peer 2.2.2.205 as-number 2519
[SW1-bgp] peer 2.2.2.205 group eBGP1
[SW1-bgp] peer 2.2.2.205 password cipher YsHsjx_202206
[SW1-bgp] group eBGP2 external
[SW1-bgp] peer eBGP2 connect-interface Eth-Trunk1
[SW1-bgp] peer 2.2.2.253 as-number 2519
[SW1-bgp] peer 2.2.2.253 group eBGP2
[SW1-bgp] peer 2.2.2.253 password cipher YsHsjx_202206
[SW1-bgp-af-ipv4] ipv4-family unicast
[SW1-bgp-af-ipv4] undo synchronization
[SW1-bgp-af-ipv4] network 5.5.5.0 255.255.255.0
[SW1-bgp-af-ipv4] quit
[SW1-bgp] quit

Configuring SW2

  1. Configure interfaces connected to devices.

    # Create VLANIF 100 and VLANIF 200, and configure IP addresses for them.

    <SW2> system-view
[SW2] vlan batch 100 200
[SW2] interface Vlanif100
[SW2-Vlanif100] ip address 3.3.3.116 255.255.255.248
[SW2-Vlanif100] quit
[SW2] interface Vlanif200
[SW2-Vlanif200] ip address 6.6.6.1 255.255.255.0
[SW2-Vlanif200] quit

    # Create Eth-Trunk 0, enable LACP, and add XGE0/0/1 and XGE0/0/2 to Eth-Trunk 0.

    [SW2] interface Eth-Trunk 0
[SW2-Eth-Trunk0] port link-type trunk 
[SW2-Eth-Trunk0] undo port trunk allow-pass vlan 1 
[SW2-Eth-Trunk0] port trunk allow-pass vlan 100
[SW2-Eth-Trunk0] stp disable
[SW2-Eth-Trunk0] mode lacp 
[SW2-Eth-Trunk0] quit
[SW2] interface XGigabitEthernet 0/0/1
[SW2-XGigabitEthernet0/0/1] eth-trunk 0
[SW2-XGigabitEthernet0/0/1] quit
[SW2] interface XGigabitEthernet 0/0/2
[SW2-XGigabitEthernet0/0/2] eth-trunk 0
[SW2-XGigabitEthernet0/0/2] quit

    # Create Eth-Trunk 1, enable LACP, and add XGE0/0/3 and XGE0/0/4 to Eth-Trunk 1.

    [SW2] interface Eth-Trunk 1
[SW2-Eth-Trunk1] port link-type trunk 
[SW2-Eth-Trunk1] undo port trunk allow-pass vlan 1 
[SW2-Eth-Trunk1] port trunk allow-pass vlan 100
[SW2-Eth-Trunk1] stp disable
[SW2-Eth-Trunk1] mode lacp 
[SW2-Eth-Trunk1] quit
[SW2] interface XGigabitEthernet 0/0/3
[SW2-XGigabitEthernet0/0/3] eth-trunk 1
[SW2-XGigabitEthernet0/0/3] quit
[SW2] interface XGigabitEthernet 0/0/4
[SW2-XGigabitEthernet0/0/4] eth-trunk 1
[SW2-XGigabitEthernet0/0/4] quit

    # Create Eth-Trunk 2, enable LACP, and add XGE0/0/5 and XGE0/0/6 to Eth-Trunk 2.

    [SW2] interface Eth-Trunk 2
[SW2-Eth-Trunk2] port link-type trunk 
[SW2-Eth-Trunk2] undo port trunk allow-pass vlan 1 
[SW2-Eth-Trunk2] port trunk allow-pass vlan 200
[SW2-Eth-Trunk2] stp disable
[SW2-Eth-Trunk2] mode lacp 
[SW2-Eth-Trunk2] quit
[SW2] interface XGigabitEthernet 0/0/5
[SW2-XGigabitEthernet0/0/5] eth-trunk 2
[SW2-XGigabitEthernet0/0/5] quit
[SW2] interface XGigabitEthernet 0/0/6
[SW2-XGigabitEthernet0/0/6] eth-trunk 2
[SW2-XGigabitEthernet0/0/6] quit

    # Configure static routes.

    [SW2] ip route-static 0.0.0.0 0.0.0.0 Vlanif100 3.3.3.113

Verifying the Deployment

  1. Connect testers to enterprise 1 and enterprise 2 respectively to simulate Device A and Device B.
  2. Device A can successfully ping Device B, P devices, and Router.
  3. Device B can successfully ping Device A, P devices, and Router.

Configuration Files

SW1

SW2

 
#
sysname SW1
#
vlan batch 300
#
interface Vlanif300
 ip address 5.5.5.1 255.255.255.0
#
interface Eth-Trunk0
 undo portswitch
 description To_PE1
 ip address 2.2.2.206 255.255.255.252
 mode lacp
#
interface Eth-Trunk1
 undo portswitch
 description To_PE2
 ip address 2.2.2.254 255.255.255.252
 mode lacp
#
interface Eth-Trunk2
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 300
 mode lacp
#
interface XGigabitEthernet0/0/1
 eth-trunk 0
#
interface XGigabitEthernet0/0/2
 eth-trunk 0
#
interface XGigabitEthernet0/0/3
 eth-trunk 1
#
interface XGigabitEthernet0/0/4
 eth-trunk 1
#
interface XGigabitEthernet0/0/5
 eth-trunk 2
#
interface XGigabitEthernet1/0/6
 eth-trunk 2
#
bgp 64901
 graceful-restart
 group eBGP1 external
 peer eBGP1 connect-interface Eth-Trunk1
 peer 2.2.2.205 as-number 2519
 peer 2.2.2.205 group eBGP1
 peer 2.2.2.205 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 group eBGP2 external
 peer eBGP2 connect-interface Eth-Trunk0
 peer 2.2.2.253 as-number 2519
 peer 2.2.2.253 group eBGP2
 peer 2.2.2.253 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 #
 ipv4-family unicast
  undo synchronization
  network 5.5.5.0 255.255.255.0
  peer eBGP1 enable
  peer 2.2.2.205 enable
  peer 2.2.2.205 group eBGP1
  peer eBGP2 enable
  peer 2.2.2.253 enable
  peer 2.2.2.253 group eBGP2
#
return
 
#
sysname SW2
#
vlan batch 100 200
#
interface Vlanif100
 ip address 3.3.3.116 255.255.255.248
#
interface Vlanif200
 ip address 6.6.6.1 255.255.255.0
#
interface Eth-Trunk0
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 100
 stp disable
 mode lacp
#
interface Eth-Trunk1
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 100
 stp disable
 mode lacp
#
interface Eth-Trunk2
 port link-type trunk
 undo port trunk allow-pass vlan 1
 port trunk allow-pass vlan 200
 stp disable
 mode lacp
#
interface XGigabitEthernet0/0/1
 eth-trunk 0
#
interface XGigabitEthernet0/0/2
 eth-trunk 0
#
interface XGigabitEthernet0/0/3
 eth-trunk 1
#
interface XGigabitEthernet0/0/4
 eth-trunk 1
#
interface XGigabitEthernet0/0/5
 eth-trunk 2
#
interface XGigabitEthernet1/0/6
 eth-trunk 2
#
ip route-static 0.0.0.0 0.0.0.0 Vlanif100 3.3.3.113
#
return

PE1

PE2

 
#
sysname PE1
#
ipv6
#
mpls lsr-id 4.4.4.143
mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mpls rsvp-te srefresh
#
explicit-path TO-P1-1
 next hop 1.1.1.1
#
explicit-path TO-P1-2
 next hop 1.1.1.9
 next hop 1.1.2.9
#
explicit-path TO-P2-1
 next hop 1.1.1.9
#
explicit-path TO-P2-2
 next hop 1.1.1.1
 next hop 1.1.2.10
#
explicit-path TO-PE2-1
 next hop 1.1.1.1
 next hop 1.1.1.6
#
explicit-path TO-PE2-2
 next hop 1.1.1.9
 next hop 1.1.1.14
#
explicit-path TO-ROUTER-1
 next hop 1.1.1.1
 next hop 1.1.2.226
#
explicit-path TO-ROUTER-2
 next hop 1.1.1.9
 next hop 1.1.2.230
#
mpls rsvp-te peer 1.1.1.1
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
mpls rsvp-te peer 1.1.1.9
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
ipsec proposal ah
 encapsulation-mode transport
 transform ah
 ah authentication-algorithm sha2-256
#
ipsec sa ospfv3-sa
 proposal ah
 sa spi inbound ah 256
 sa authentication-hex inbound ah cipher %^%#Hs`fE9Kd_92D<#M^CGDSwqjQFrgB~@q,\&NzzsD,xF>0UP%>5+H&q6Vj8ilG%^%#
 sa spi outbound ah 256
 sa authentication-hex outbound ah cipher %^%#"sFYHYf[9Mz|GW;ko4d<`%DjK-OBR$^<Dt!Hx#FYZ:oDR:\BEGkIsK$LtsnQ%^%#
#
ospfv3 1
 router-id 4.4.4.143
 bandwidth-reference 1000000
 graceful-restart
#
interface Eth-Trunk0
 undo portswitch
 description To_P1
 ipv6 enable
 ip address 1.1.1.2 255.255.255.252
 ipv6 address 2001:0:0:4D9::2/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 more lacp
#
interface Eth-Trunk1
 undo portswitch
 description To_P2
 ipv6 enable
 ip address 1.1.1.10 255.255.255.252
 ipv6 address 2001:0:0:4DB::2/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 more lacp
#
interface Eth-Trunk2
 undo portswitch
 description To_SW1
 ip address 2.2.2.205 255.255.255.252
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mode lacp
#
interface Eth-Trunk3
 undo portswitch
 description To_SW2
 ip address 3.3.3.114 255.255.255.248
 vrrp vrid 1 virtual-ip 3.3.3.113
 vrrp vrid 1 priority 150
 vrrp vrid 1 preempt-mode timer delay 120
 vrrp vrid 1 track interface Eth-Trunk0 reduced 30
 vrrp vrid 1 track interface Eth-Trunk1 reduced 30
 vrrp vrid 1 authentication-mode md5 %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 ospf cost 10000
 ospf enable 1 area 0.0.0.0
 mode lacp
#
interface XGigabitEthernet1/0/0
 eth-trunk 0
#
interface XGigabitEthernet1/0/1
 eth-trunk 1
#
interface XGigabitEthernet2/0/0
 eth-trunk 0
#
interface XGigabitEthernet2/0/1
 eth-trunk 1
#
interface XGigabitEthernet3/0/0
 eth-trunk 2
#
interface XGigabitEthernet3/0/1
 eth-trunk 3
#
interface XGigabitEthernet4/0/0
 eth-trunk 2
#
interface XGigabitEthernet4/0/1
 eth-trunk 3
#
interface LoopBack0
 ipv6 enable
 ip address 4.4.4.143 255.255.255.255
 ipv6 address 2001::149/128
 ospfv3 1 area 0.0.0.0
 ospf enable 1 area 0.0.0.0
#
interface Tunnel1
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.1
 mpls te tunnel-id 1
 mpls te signalled tunnel-name pe1->P1-1
 mpls te record-route label
 mpls te path explicit-path TO-P1-1
 mpls te path explicit-path TO-P1-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
interface Tunnel2
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.2
 mpls te tunnel-id 2
 mpls te signalled tunnel-name pe1->P2-1
 mpls te record-route label
 mpls te path explicit-path TO-P2-1
 mpls te path explicit-path TO-P2-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
interface Tunnel3
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.39
 mpls te tunnel-id 19
 mpls te signalled tunnel-name pe1->router-1
 mpls te record-route label
 mpls te path explicit-path TO-ROUTER-1
 mpls te path explicit-path TO-ROUTER-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
interface Tunnel4
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.39
 mpls te tunnel-id 20
 mpls te signalled tunnel-name pe1->router-2
 mpls te record-route label
 mpls te path explicit-path TO-ROUTER-2
 mpls te path explicit-path TO-ROUTER-1 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
interface Tunnel5
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.144
 mpls te tunnel-id 69
 mpls te signalled tunnel-name pe1->pe2-1
 mpls te record-route label
 mpls te path explicit-path TO-PE2-1
 mpls te path explicit-path TO-PE2-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
interface Tunnel6
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.144
 mpls te tunnel-id 70
 mpls te signalled tunnel-name pe1->pe2-2
 mpls te record-route label
 mpls te path explicit-path TO-PE2-2
 mpls te path explicit-path TO-PE2-1 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
bgp 2519
 router-id 4.4.4.143
 graceful-restart
 group IPv6-PRIVATEAS_CUSTOMER external
 group PRIVATEAS_CUSTOMER external
 peer 2.2.2.206 as-number 64901
 peer 2.2.2.206 group PRIVATEAS_CUSTOMER
 peer 2.2.2.206 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 group iBGP internal
 peer iBGP connect-interface LoopBack0
 peer 4.4.4.27 as-number 2519
 peer 4.4.4.27 group iBGP
 peer 4.4.4.27 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 4.4.4.28 as-number 2519
 peer 4.4.4.28 group iBGP
 peer 4.4.4.28 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 2001::15 as-number 2519
 peer 2001::15 group iBGP
 peer 2001::15 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 2001::16 as-number 2519
 peer 2001::16 group iBGP
 peer 2001::16 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 #
 ipv4-family unicast
  undo synchronization
  preference 170 170 130
  import-route static route-policy STATIC-to-BGP
  peer IPv6-PRIVATEAS_CUSTOMER enable
  peer PRIVATEAS_CUSTOMER enable
  peer PRIVATEAS_CUSTOMER advertise-community
  peer 2.2.2.206 enable
  peer 2.2.2.206 group PRIVATEAS_CUSTOMER
  peer 2.2.2.206 route-policy DENY-ANY_ROUTE-OUT export
  peer 2.2.2.206 default-route-advertise route-policy PRIVATEAS_CUSTOMER-DEFAULT-OUT conditional-route-match-any 0.0.0.0 0.0.0.0
  peer iBGP enable
  peer iBGP next-hop-local
  peer iBGP advertise-community
  peer 4.4.4.27 enable
  peer 4.4.4.27 group iBGP
  peer 4.4.4.28 enable
  peer 4.4.4.28 group iBGP
 #
 ipv6-family unicast
  undo synchronization
  preference 170 170 130
  import-route static route-policy STATIC-to-BGP
  peer IPv6-PRIVATEAS_CUSTOMER enable
  peer IPv6-PRIVATEAS_CUSTOMER advertise-community
  peer iBGP enable
  peer iBGP next-hop-local
  peer iBGP advertise-community
  peer 2001::15 enable
  peer 2001::15 group iBGP
  peer 2001::16 enable
  peer 2001::16 group iBGP
#
ospf 1 router-id 4.4.4.143
 silent-interface all
 undo silent-interface Eth-Trunk0
 undo silent-interface Eth-Trunk1
 preference 80
 opaque-capability enable
 graceful-restart
 bandwidth-reference 1000000
 enable traffic-adjustment
 area 0.0.0.0
  authentication-mode hmac-sha256 1 cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
  mpls-te enable
#
route-policy PRIVATEAS_CUSTOMER-DEFAULT-OUT permit node 100
 if-match ip-prefix DEFAULT-ROUTE
 apply community no-export
#
route-policy PRIVATEAS_CUSTOMER-DEFAULT-OUT deny node 200
#
route-policy DENY-ANY_ROUTE-OUT deny node 100
#
route-policy STATIC-to-BGP permit node 200
 if-match tag 2519
 apply local-preference 10000
 apply origin igp
 apply community 2519:1
#
ip ip-prefix DEFAULT-ROUTE index 5 permit 0.0.0.0 0
#
ip route-static 6.6.6.0 255.255.255.0 Eth-Trunk3 3.3.3.116 tag 2519
#
return
 
#
sysname PE2
#
ipv6
#
mpls lsr-id 4.4.4.144
mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mpls rsvp-te srefresh
#
explicit-path TO-P1-1
 next hop 1.1.1.5
#
explicit-path TO-P1-2
 next hop 1.1.1.13
 next hop 1.1.2.9
#
explicit-path TO-P2-1
 next hop 1.1.1.13
#
explicit-path TO-P2-2
 next hop 1.1.1.5
 next hop 1.1.2.10
#
explicit-path TO-PE1-1
 next hop 1.1.1.5
 next hop 1.1.1.2
#
explicit-path TO-PE1-2
 next hop 1.1.1.13
 next hop 1.1.1.10
#
explicit-path TO-ROUTER-1
 next hop 1.1.1.5
 next hop 1.1.2.226
#
explicit-path TO-ROUTER-2
 next hop 1.1.1.13
 next hop 1.1.2.230
#
mpls rsvp-te peer 1.1.1.5
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
mpls rsvp-te peer 1.1.1.13
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
ipsec proposal ah
 encapsulation-mode transport
 transform ah
 ah authentication-algorithm sha2-256
#
ipsec sa ospfv3-sa
 proposal ah
 sa spi inbound ah 256
 sa authentication-hex inbound ah cipher %^%#Hs`fE9Kd_92D<#M^CGDSwqjQFrgB~@q,\&NzzsD,xF>0UP%>5+H&q6Vj8ilG%^%#
 sa spi outbound ah 256
 sa authentication-hex outbound ah cipher %^%#"sFYHYf[9Mz|GW;ko4d<`%DjK-OBR$^<Dt!Hx#FYZ:oDR:\BEGkIsK$LtsnQ%^%#
#
ospfv3 1
 router-id 4.4.4.144
 bandwidth-reference 1000000
 graceful-restart
#
interface Eth-Trunk0
 undo portswitch
 description To_P1
 ipv6 enable
 ip address 1.1.1.6 255.255.255.252
 ipv6 address 2001:0:0:4DA::2/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 more lacp
#
interface Eth-Trunk1
 undo portswitch
 description To_P2
 ipv6 enable
 ip address 1.1.1.14 255.255.255.252
 ipv6 address 2001:0:0:4DC::2/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 more lacp
#
interface Eth-Trunk2
 undo portswitch
 description To_SW1
 ip address 2.2.2.253 255.255.255.252
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mode lacp
#
interface Eth-Trunk3
 undo portswitch
 description To_SW2
 ip address 3.3.3.115 255.255.255.248
 vrrp vrid 1 virtual-ip 3.3.3.113
 vrrp vrid 1 track interface Eth-Trunk0 reduced 30
 vrrp vrid 1 track interface Eth-Trunk1 reduced 30
 vrrp vrid 1 authentication-mode md5 %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 ospf cost 20000
 ospf enable 1 area 0.0.0.0
 mode lacp
#
interface XGigabitEthernet1/0/0
 eth-trunk 0
#
interface XGigabitEthernet1/0/1
 eth-trunk 1
#
interface XGigabitEthernet2/0/0
 eth-trunk 0
#
interface XGigabitEthernet2/0/1
 eth-trunk 1
#
interface XGigabitEthernet3/0/0
 eth-trunk 2
#
interface XGigabitEthernet3/0/1
 eth-trunk 3
#
interface XGigabitEthernet4/0/0
 eth-trunk 2
#
interface XGigabitEthernet4/0/1
 eth-trunk 3
#
interface LoopBack0
 ipv6 enable
 ip address 4.4.4.144 255.255.255.255
 ipv6 address 2001::14A/128
 ospfv3 1 area 0.0.0.0
 ospf enable 1 area 0.0.0.0
#
interface Tunnel1
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.1
 mpls te tunnel-id 1
 mpls te signalled tunnel-name pe2->P1-1
 mpls te record-route label
 mpls te path explicit-path TO-P1-1
 mpls te path explicit-path TO-P1-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
interface Tunnel2
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.2
 mpls te tunnel-id 2
 mpls te signalled tunnel-name pe2->P2-1
 mpls te record-route label
 mpls te path explicit-path TO-P2-1
 mpls te path explicit-path TO-P2-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
interface Tunnel3
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.39
 mpls te tunnel-id 3
 mpls te signalled tunnel-name pe2->router-1
 mpls te record-route label
 mpls te path explicit-path TO-ROUTER-1
 mpls te path explicit-path TO-ROUTER-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
interface Tunnel4
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.39
 mpls te tunnel-id 4
 mpls te signalled tunnel-name pe2->router-2
 mpls te record-route label
 mpls te path explicit-path TO-ROUTER-2
 mpls te path explicit-path TO-ROUTER-1 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
interface Tunnel5
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.143
 mpls te tunnel-id 5
 mpls te signalled tunnel-name pe2->pe1-1
 mpls te record-route label
 mpls te path explicit-path TO-PE1-1
 mpls te path explicit-path TO-PE1-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
interface Tunnel6
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.143
 mpls te tunnel-id 6
 mpls te signalled tunnel-name pe2->pe1-2
 mpls te record-route label
 mpls te path explicit-path TO-PE1-2
 mpls te path explicit-path TO-PE1-1 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
bgp 2519
 router-id 4.4.4.144
 graceful-restart
 group IPv6-PRIVATEAS_CUSTOMER external
 group PRIVATEAS_CUSTOMER external
 peer 2.2.2.254 as-number 64901
 peer 2.2.2.254 group PRIVATEAS_CUSTOMER
 peer 2.2.2.254 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 group iBGP internal
 peer iBGP connect-interface LoopBack0
 peer 4.4.4.27 as-number 2519
 peer 4.4.4.27 group iBGP
 peer 4.4.4.27 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 4.4.4.28 as-number 2519
 peer 4.4.4.28 group iBGP
 peer 4.4.4.28 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 2001::15 as-number 2519
 peer 2001::15 group iBGP
 peer 2001::15 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 2001::16 as-number 2519
 peer 2001::16 group iBGP
 peer 2001::16 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 #
 ipv4-family unicast
  undo synchronization
  preference 170 170 130
  import-route static route-policy STATIC-to-BGP
  peer IPv6-PRIVATEAS_CUSTOMER enable
  peer PRIVATEAS_CUSTOMER enable
  peer PRIVATEAS_CUSTOMER advertise-community
  peer 2.2.2.254 enable
  peer 2.2.2.254 group PRIVATEAS_CUSTOMER
  peer 2.2.2.254 route-policy DENY-ANY_ROUTE-OUT export
  peer 2.2.2.254 default-route-advertise route-policy PRIVATEAS_CUSTOMER-DEFAULT-OUT conditional-route-match-any 0.0.0.0 0.0.0.0
  peer iBGP enable
  peer iBGP next-hop-local
  peer iBGP advertise-community
  peer 4.4.4.27 enable
  peer 4.4.4.27 group iBGP
  peer 4.4.4.28 enable
  peer 4.4.4.28 group iBGP
 #
 ipv6-family unicast
  undo synchronization
  preference 170 170 130
  import-route static route-policy STATIC-to-BGP
  peer IPv6-PRIVATEAS_CUSTOMER enable
  peer IPv6-PRIVATEAS_CUSTOMER advertise-community
  peer iBGP enable
  peer iBGP next-hop-local
  peer iBGP advertise-community
  peer 2001::15 enable
  peer 2001::15 group iBGP
  peer 2001::16 enable
  peer 2001::16 group iBGP
#
ospf 1 router-id 4.4.4.144
 silent-interface all
 undo silent-interface Eth-Trunk0
 undo silent-interface Eth-Trunk1
 preference 80
 opaque-capability enable
 graceful-restart
 bandwidth-reference 1000000
 enable traffic-adjustment
 area 0.0.0.0
  authentication-mode hmac-sha256 1 cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
  mpls-te enable
#
route-policy PRIVATEAS_CUSTOMER-DEFAULT-OUT permit node 100
 if-match ip-prefix DEFAULT-ROUTE
 apply community no-export
#
route-policy PRIVATEAS_CUSTOMER-DEFAULT-OUT deny node 200
#
route-policy DENY-ANY_ROUTE-OUT deny node 100
#
route-policy STATIC-to-BGP permit node 200
 if-match tag 2519
 apply local-preference 9000
 apply origin igp
 apply community 2519:1
#
ip ip-prefix DEFAULT-ROUTE index 5 permit 0.0.0.0 0
#
ip route-static 6.6.6.0 255.255.255.0 Eth-Trunk3 3.3.3.116 tag 2519
#
return

P1

P2

 
#
sysname P1
#
ipv6
#
mpls lsr-id 4.4.4.1
mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mpls rsvp-te srefresh
#
explicit-path TO-PE1-1
 next hop 1.1.1.2
#
explicit-path TO-PE1-2
 next hop 1.1.2.10
 next hop 1.1.1.10
#
explicit-path TO-PE2-1
 next hop 1.1.1.6
#
explicit-path TO-PE2-2
 next hop 1.1.2.10
 next hop 1.1.1.14
#
mpls rsvp-te peer 1.1.1.2
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
mpls rsvp-te peer 1.1.1.6
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
mpls rsvp-te peer 1.1.2.10
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
mpls rsvp-te peer 1.1.2.226
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
ipsec proposal ah
 encapsulation-mode transport
 transform ah
 ah authentication-algorithm sha2-256
#
ipsec sa ospfv3-sa
 proposal ah
 sa spi inbound ah 256
 sa authentication-hex inbound ah cipher %^%#Hs`fE9Kd_92D<#M^CGDSwqjQFrgB~@q,\&NzzsD,xF>0UP%>5+H&q6Vj8ilG%^%#
 sa spi outbound ah 256
 sa authentication-hex outbound ah cipher %^%#"sFYHYf[9Mz|GW;ko4d<`%DjK- OBR$^<Dt!Hx#FYZ:oDR:\BEGkIsK$LtsnQ%^%#
#
ospfv3 1
 router-id 4.4.4.1
 bandwidth-reference 1000000
 graceful-restart
#
interface Eth-Trunk0
 undo portswitch
 description To_PE1
 ipv6 enable
 ip address 1.1.1.1 255.255.255.252
 ipv6 address 2001:0:0:4D9::1/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mode lacp
#
interface Eth-Trunk1
 undo portswitch
 description To_PE2
 ipv6 enable
 ip address 1.1.1.5 255.255.255.252
 ipv6 address 2001:0:0:4DA::1/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mode lacp
#
interface Eth-Trunk2
 undo portswitch
 description To_P2
 ipv6 enable
 ip address 1.1.2.9 255.255.255.252
 ipv6 address 2001:0:0:4D8::1/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mode lacp
#
interface Eth-Trunk3
 undo portswitch
 description To_RR1
 ipv6 enable
 ip address 1.1.2.233 255.255.255.252
 ipv6 address 2001:0:0:4D7::1/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mode lacp
#
interface Eth-Trunk4
 undo portswitch
 description To_RR2
 ipv6 enable
 ip address 1.1.2.189 255.255.255.252
 ipv6 address 2001:0:0:4E2::1/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mode lacp
#
interface Eth-Trunk5
 undo portswitch
 description To_Router
 ipv6 enable
 ip address 1.1.2.225 255.255.255.252
 ipv6 address 2001:0:0:4D5::1/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mode lacp
#
interface XGigabitEthernet1/0/0
 eth-trunk 0
#
interface XGigabitEthernet1/0/1
 eth-trunk 1
#
interface XGigabitEthernet2/0/0
 eth-trunk 0
#
interface XGigabitEthernet2/0/1
 eth-trunk 1
#
interface XGigabitEthernet3/0/0
 eth-trunk 2
#
interface XGigabitEthernet3/0/1
 eth-trunk 3
#
interface XGigabitEthernet3/0/2
 eth-trunk 4
#
interface XGigabitEthernet3/0/3
 eth-trunk 5
#
interface XGigabitEthernet4/0/0
 eth-trunk 2
#
interface XGigabitEthernet4/0/1
 eth-trunk 3
#
interface XGigabitEthernet4/0/2
 eth-trunk 4
#
interface XGigabitEthernet4/0/3
 eth-trunk 5
#
interface LoopBack0
 ipv6 enable
 ip address 4.4.4.1 255.255.255.255
 ipv6 address 2001::21/128
 ospfv3 1 area 0.0.0.0
 ospf enable 1 area 0.0.0.0
#
interface Tunnel1
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.143
 mpls te tunnel-id 1
 mpls te signalled tunnel-name P1->pe1-1
 mpls te record-route label
 mpls te path explicit-path TO-PE1-1
 mpls te path explicit-path TO-PE1-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
interface Tunnel2
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.144
 mpls te tunnel-id 2
 mpls te signalled tunnel-name P1->pe2-1
 mpls te record-route label
 mpls te path explicit-path TO-PE2-1
 mpls te path explicit-path TO-PE2-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
bgp 2519
 router-id 4.4.4.1
 graceful-restart
 group iBGP internal
 peer iBGP connect-interface LoopBack0
 peer 4.4.4.27 as-number 2519
 peer 4.4.4.27 group iBGP
 peer 4.4.4.27 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 4.4.4.28 as-number 2519
 peer 4.4.4.28 group iBGP
 peer 4.4.4.28 password cipher %^%#r- cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 2001::15 as-number 2519
 peer 2001::15 group iBGP
 peer 2001::15 password cipher %^%#r- cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 2001::16 as-number 2519
 peer 2001::16 group iBGP
 peer 2001::16 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 #
 ipv4-family unicast
  undo synchronization
  preference 170 170 130
  peer iBGP enable
  peer iBGP next-hop-local
  peer iBGP advertise-community
  peer 4.4.4.27 enable
  peer 4.4.4.27 group iBGP
  peer 4.4.4.28 enable
  peer 4.4.4.28 group iBGP
 #
 ipv6-family unicast
  undo synchronization
  preference 170 170 130
  peer iBGP enable
  peer iBGP next-hop-local
  peer iBGP advertise-community
  peer 2001::15 enable
  peer 2001::15 group iBGP
  peer 2001::16 enable
  peer 2001::16 group iBGP
#
ospf 1 router-id 4.4.4.1
 silent-interface all
 undo silent-interface Eth-Trunk0
 undo silent-interface Eth-Trunk1
 undo silent-interface Eth-Trunk2
 undo silent-interface Eth-Trunk3
 undo silent-interface Eth-Trunk4
 undo silent-interface Eth-Trunk5
 preference 80
 opaque-capability enable
 graceful-restart
 bandwidth-reference 1000000
 enable traffic-adjustment
 area 0.0.0.0
  authentication-mode hmac-sha256 1 cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
  mpls-te enable
#
return
 
#
sysname P2
#
ipv6
#
mpls lsr-id 4.4.4.2
mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mpls rsvp-te srefresh
#
explicit-path TO-PE1-1
 next hop 1.1.1.10
#
explicit-path TO-PE1-2
 next hop 1.1.2.9
 next hop 1.1.1.2
#
explicit-path TO-PE2-1
 next hop 1.1.1.14
#
explicit-path TO-PE2-2
 next hop 1.1.2.9
 next hop 1.1.1.6
#
mpls rsvp-te peer 1.1.1.10
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
mpls rsvp-te peer 1.1.1.14
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
mpls rsvp-te peer 1.1.2.9
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
mpls rsvp-te peer 1.1.2.230
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
ipsec proposal ah
 encapsulation-mode transport
 transform ah
 ah authentication-algorithm sha2-256
#
ipsec sa ospfv3-sa
 proposal ah
 sa spi inbound ah 256
 sa authentication-hex inbound ah cipher %^%#Hs`fE9Kd_92D<#M^CGDSwqjQFrgB~@q,\&NzzsD,xF>0UP%>5+H&q6Vj8ilG%^%#
 sa spi outbound ah 256
 sa authentication-hex outbound ah cipher %^%#"sFYHYf[9Mz|GW;ko4d<`%DjK-OBR$^<Dt!Hx#FYZ:oDR:\BEGkIsK$LtsnQ%^%#
#
ospfv3 1
 router-id 4.4.4.2
 bandwidth-reference 1000000
 graceful-restart
#
interface Eth-Trunk0
 undo portswitch
 description To_PE1
 ipv6 enable
 ip address 1.1.1.9 255.255.255.252
 ipv6 address 2001:0:0:4DB::1/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mode lacp
#
interface Eth-Trunk1
 undo portswitch
 description To_PE2
 ipv6 enable
 ip address 1.1.1.13 255.255.255.252
 ipv6 address 2001:0:0:4DC::1/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mode lacp
#
interface Eth-Trunk2
 undo portswitch
 description To_P2
 ipv6 enable
 ip address 1.1.2.10 255.255.255.252
 ipv6 address 2001:0:0:4D8::2/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mode lacp
#
interface Eth-Trunk3
 undo portswitch
 description To_RR1
 ipv6 enable
 ip address 1.1.2.237 255.255.255.252
 ipv6 address 2001:0:0:4D6::1/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mode lacp
#
interface Eth-Trunk4
 undo portswitch
 description To_RR2
 ipv6 enable
 ip address 1.1.2.193 255.255.255.252
 ipv6 address 2001:0:0:4E1::1/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mode lacp
#
interface Eth-Trunk5
 undo portswitch
 description To_Router
 ipv6 enable
 ip address 1.1.2.229 255.255.255.252
 ipv6 address 2001:0:0:4D4::1/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mode lacp
#
interface XGigabitEthernet1/0/0
 eth-trunk 0
#
interface XGigabitEthernet1/0/1
 eth-trunk 1
#
interface XGigabitEthernet2/0/0
 eth-trunk 0
#
interface XGigabitEthernet2/0/1
 eth-trunk 1
#
interface XGigabitEthernet3/0/0
 eth-trunk 2
#
interface XGigabitEthernet3/0/1
 eth-trunk 3
#
interface XGigabitEthernet3/0/2
 eth-trunk 4
#
interface XGigabitEthernet3/0/3
 eth-trunk 5
#
interface XGigabitEthernet4/0/0
 eth-trunk 2
#
interface XGigabitEthernet4/0/1
 eth-trunk 3
#
interface XGigabitEthernet4/0/2
 eth-trunk 4
#
interface XGigabitEthernet4/0/3
 eth-trunk 5
#
interface LoopBack0
 ipv6 enable
 ip address 4.4.4.2 255.255.255.255
 ipv6 address 2001::22/128
 ospfv3 1 area 0.0.0.0
 ospf enable 1 area 0.0.0.0
#
interface Tunnel1
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.143
 mpls te tunnel-id 1
 mpls te signalled tunnel-name P2->pe1-1
 mpls te record-route label
 mpls te path explicit-path TO-PE1-1
 mpls te path explicit-path TO-PE1-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
interface Tunnel2
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.144
 mpls te tunnel-id 2
 mpls te signalled tunnel-name P2->pe2-1
 mpls te record-route label
 mpls te path explicit-path TO-PE2-1
 mpls te path explicit-path TO-PE2-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
bgp 2519
 router-id 4.4.4.2
 graceful-restart
 group iBGP internal
 peer iBGP connect-interface LoopBack0
 peer 4.4.4.27 as-number 2519
 peer 4.4.4.27 group iBGP
 peer 4.4.4.27 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 4.4.4.28 as-number 2519
 peer 4.4.4.28 group iBGP
 peer 4.4.4.28 password cipher %^%#r- cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 2001::15 as-number 2519
 peer 2001::15 group iBGP
 peer 2001::15 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 2001::16 as-number 2519
 peer 2001::16 group iBGP
 peer 2001::16 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 #
 ipv4-family unicast
  undo synchronization
  preference 170 170 130
  peer iBGP enable
  peer iBGP next-hop-local
  peer iBGP advertise-community
  peer 4.4.4.27 enable
  peer 4.4.4.27 group iBGP
  peer 4.4.4.28 enable
  peer 4.4.4.28 group iBGP
 #
 ipv6-family unicast
  undo synchronization
  preference 170 170 130
  peer iBGP enable
  peer iBGP next-hop-local
  peer iBGP advertise-community
  peer 2001::15 enable
  peer 2001::15 group iBGP
  peer 2001::16 enable
  peer 2001::16 group iBGP
#
ospf 1 router-id 4.4.4.2
 silent-interface all
 undo silent-interface Eth-Trunk0
 undo silent-interface Eth-Trunk1
 undo silent-interface Eth-Trunk2
 undo silent-interface Eth-Trunk3
 undo silent-interface Eth-Trunk4
 undo silent-interface Eth-Trunk5
 preference 80
 opaque-capability enable
 graceful-restart
 bandwidth-reference 1000000
 enable traffic-adjustment
 area 0.0.0.0
  authentication-mode hmac-sha256 1 cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
  mpls-te enable
#
return

RR1

RR2

 
#
sysname RR1
#
ipv6
#
ipsec proposal ah
 encapsulation-mode transport
 transform ah
 ah authentication-algorithm sha2-256
#
ipsec sa ospfv3-sa
 proposal ah
 sa spi inbound ah 256
 sa authentication-hex inbound ah cipher %^%#Hs`fE9Kd_92D<#M^CGDSwqjQFrgB~@q,\&NzzsD,xF>0UP%>5+H&q6Vj8ilG%^%#
 sa spi outbound ah 256
 sa authentication-hex outbound ah cipher %^%#"sFYHYf[9Mz|GW;ko4d<`%DjK-OBR$^<Dt!Hx#FYZ:oDR:\BEGkIsK$LtsnQ%^%#
#
ospfv3 1
 router-id 4.4.4.27
 bandwidth-reference 1000000
 graceful-restart
#
interface Eth-Trunk0
 undo portswitch
 description To_P1
 ipv6 enable
 ip address 1.1.2.234 255.255.255.252
 ipv6 address 2001:0:0:4D7::2/64
 ospfv3 1 area 0.0.0.0
 ospfv3 cost 10000
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf cost 10000
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mode lacp
#
interface Eth-Trunk1
 undo portswitch
 description To_P2
 ipv6 enable
 ip address 1.1.2.238 255.255.255.252
 ipv6 address 2001:0:0:4D6::2/64
 ospfv3 1 area 0.0.0.0
 ospfv3 cost 1000
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf cost 1000
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mode lacp
#
interface XGigabitEthernet1/0/0
 eth-trunk 0
#
interface XGigabitEthernet1/0/1
 eth-trunk 1
#
interface XGigabitEthernet2/0/0
 eth-trunk 0
#
interface XGigabitEthernet2/0/1
 eth-trunk 1
#
interface LoopBack0
 ipv6 enable
 ip address 4.4.4.27 255.255.255.255
 ipv6 address 2001::15/128
 ospfv3 1 area 0.0.0.0
 ospf enable 1 area 0.0.0.0
#
bgp 2519
 router-id 4.4.4.27
 graceful-restart
 group iBGP internal
 peer iBGP connect-interface LoopBack0
 peer 4.4.4.1 as-number 2519
 peer 4.4.4.1 group iBGP
 peer 4.4.4.1 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 4.4.4.2 as-number 2519
 peer 4.4.4.2 group iBGP
 peer 4.4.4.2 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 4.4.4.39 as-number 2519
 peer 4.4.4.39 group iBGP
 peer 4.4.4.39 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 4.4.4.143 as-number 2519
 peer 4.4.4.143 group iBGP
 peer 4.4.4.143 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 4.4.4.144 as-number 2519
 peer 4.4.4.144 group iBGP
 peer 4.4.4.144 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 2001::21 as-number 2519
 peer 2001::21 group iBGP
 peer 2001::21 password cipher %^%#Df[B&=%EiAdjp',]J'aTYKvRU]aRoBMw)c#ueRO@%^%#
 peer 2001::22 as-number 2519
 peer 2001::22 group iBGP
 peer 2001::22 password cipher %^%#%L73Zh@&+U}9+\%GU<M07v}SO%{f!6WO<j)(rUmI%^%#
 peer 2001::31 as-number 2519
 peer 2001::31 group iBGP
 peer 2001::31 password cipher %^%#]/q`QBny7KG<(T%tM)TLc2V8%cmLN2*o1cUuyt]U%^%#
 peer 2001::149 as-number 2519
 peer 2001::149 group iBGP
 peer 2001::149 password cipher %^%#$_KwO"PsP)Cv2\~rmZ%;":hb$ZTRE@4rnYAtEusX%^%#
 peer 2001::14A as-number 2519
 peer 2001::14A group iBGP
 peer 2001::14A password cipher %^%#N0~G8KObA6aSzL;d,n&YVsT0$!\G{6suKiATq=)G%^%#
 #
 ipv4-family unicast
  undo synchronization
  reflector cluster-id 2519
  peer iBGP enable
  peer iBGP advertise-community
  peer 4.4.4.1 enable
  peer 4.4.4.1 group iBGP
  peer 4.4.4.1 reflect-client
  peer 4.4.4.2 enable
  peer 4.4.4.2 group iBGP
  peer 4.4.4.2 reflect-client
  peer 4.4.4.39 enable
  peer 4.4.4.39 group iBGP
  peer 4.4.4.39 reflect-client
  peer 4.4.4.143 enable
  peer 4.4.4.143 group iBGP
  peer 4.4.4.143 reflect-client
  peer 4.4.4.144 enable
  peer 4.4.4.144 group iBGP
  peer 4.4.4.144 reflect-client
 #
 ipv6-family unicast
  undo synchronization
  reflector cluster-id 2519
  preference 170 170 130
  peer iBGP enable
  peer iBGP next-hop-local
  peer iBGP advertise-community
  peer 2001::21 enable                    
  peer 2001::21 group iBGP
  peer 2001::21 reflect-client
  peer 2001::22 enable
  peer 2001::22 group iBGP
  peer 2001::22 reflect-client
  peer 2001::31 enable
  peer 2001::31 group iBGP
  peer 2001::31 reflect-client
  peer 2001::149 enable
  peer 2001::149 group iBGP
  peer 2001::149 reflect-client
  peer 2001::14A enable
  peer 2001::14A group iBGP
  peer 2001::14A reflect-client
#
ospf 1 router-id 4.4.4.27
 silent-interface all
 undo silent-interface Eth-Trunk0
 undo silent-interface Eth-Trunk1
 preference 80
 opaque-capability enable
 graceful-restart
 bandwidth-reference 1000000
 enable traffic-adjustment
 area 0.0.0.0
  authentication-mode hmac-sha256 1 cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
  mpls-te enable
#
return
 
#
sysname RR2
#
ipv6
#
ipsec proposal ah
 encapsulation-mode transport
 transform ah
 ah authentication-algorithm sha2-256
#
ipsec sa ospfv3-sa
 proposal ah
 sa spi inbound ah 256
 sa authentication-hex inbound ah cipher %^%#Hs`fE9Kd_92D<#M^CGDSwqjQFrgB~@q,\&NzzsD,xF>0UP%>5+H&q6Vj8ilG%^%#
 sa spi outbound ah 256
 sa authentication-hex outbound ah cipher %^%#"sFYHYf[9Mz|GW;ko4d<`%DjK-OBR$^<Dt!Hx#FYZ:oDR:\BEGkIsK$LtsnQ%^%#
#
ospfv3 1
 router-id 4.4.4.28
 bandwidth-reference 1000000
 graceful-restart
#
interface Eth-Trunk0
 undo portswitch
 description To_P1
 ipv6 enable
 ip address 1.1.2.190 255.255.255.252
 ipv6 address 2001:0:0:4E2::2/64
 ospfv3 1 area 0.0.0.0
 ospfv3 cost 10000
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf cost 10000
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mode lacp
#
interface Eth-Trunk1
 undo portswitch
 description To_P2
 ipv6 enable
 ip address 1.1.2.194 255.255.255.252
 ipv6 address 2001:0:0:4E1::2/64
 ospfv3 1 area 0.0.0.0
 ospfv3 cost 1000
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf cost 1000
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mode lacp
#
interface XGigabitEthernet1/0/0
 eth-trunk 0
#
interface XGigabitEthernet1/0/1
 eth-trunk 1
#
interface XGigabitEthernet2/0/0
 eth-trunk 0
#
interface XGigabitEthernet2/0/1
 eth-trunk 1
#
interface LoopBack0
 ipv6 enable
 ip address 4.4.4.28 255.255.255.255
 ipv6 address 2001::16/128
 ospfv3 1 area 0.0.0.0
 ospf enable 1 area 0.0.0.0
#
bgp 2519
 router-id 4.4.4.28
 graceful-restart
 group iBGP internal
 peer iBGP connect-interface LoopBack0
 peer 4.4.4.1 as-number 2519
 peer 4.4.4.1 group iBGP
 peer 4.4.4.1 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 4.4.4.2 as-number 2519
 peer 4.4.4.2 group iBGP
 peer 4.4.4.2 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 4.4.4.39 as-number 2519
 peer 4.4.4.39 group iBGP
 peer 4.4.4.39 password cipher %^%#r- cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 4.4.4.143 as-number 2519
 peer 4.4.4.143 group iBGP
 peer 4.4.4.143 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 4.4.4.144 as-number 2519
 peer 4.4.4.144 group iBGP
 peer 4.4.4.144 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 2001::21 as-number 2519
 peer 2001::21 group iBGP
 peer 2001::21 password cipher  %^%#Df[B&=%EiAdjp',]J'aTYKvRU]aRoBMw)c#ueRO@%^%#
 peer 2001::22 as-number 2519
 peer 2001::22 group iBGP
 peer 2001::22 password cipher %^%#%L73Zh@&+U}9+\%GU<M07v}SO%{f!6WO<j)(rUmI%^%#
 peer 2001::31 as-number 2519
 peer 2001::31 group iBGP
 peer 2001::31 password cipher %^%#]/q`QBny7KG<(T%tM)TLc2V8%cmLN2*o1cUuyt]U%^%#
 peer 2001::149 as-number 2519
 peer 2001::149 group iBGP
 peer 2001::149 password cipher %^%#$_KwO"PsP)Cv2\~rmZ%;":hb$ZTRE@4rnYAtEusX%^%#
 peer 2001::14A as-number 2519
 peer 2001::14A group iBGP
 peer 2001::14A password cipher %^%#N0~G8KObA6aSzL;d,n&YVsT0$!\G{6suKiATq=)G%^%#
 #
 ipv4-family unicast
  undo synchronization
  reflector cluster-id 2519
  peer iBGP enable
  peer iBGP advertise-community
  peer 4.4.4.1 enable
  peer 4.4.4.1 group iBGP
  peer 4.4.4.1 reflect-client
  peer 4.4.4.2 enable
  peer 4.4.4.2 group iBGP
  peer 4.4.4.2 reflect-client
  peer 4.4.4.39 enable
  peer 4.4.4.39 group iBGP
  peer 4.4.4.39 reflect-client
  peer 4.4.4.143 enable
  peer 4.4.4.143 group iBGP
  peer 4.4.4.143 reflect-client
  peer 4.4.4.144 enable
  peer 4.4.4.144 group iBGP
  peer 4.4.4.144 reflect-client
 #
 ipv6-family unicast
  undo synchronization
  reflector cluster-id 2519
  preference 170 170 130
  peer iBGP enable
  peer iBGP next-hop-local
  peer iBGP advertise-community
  peer 2001::21 enable                    
  peer 2001::21 group iBGP
  peer 2001::21 reflect-client
  peer 2001::22 enable
  peer 2001::22 group iBGP
  peer 2001::22 reflect-client
  peer 2001::31 enable
  peer 2001::31 group iBGP
  peer 2001::31 reflect-client
  peer 2001::149 enable
  peer 2001::149 group iBGP
  peer 2001::149 reflect-client
  peer 2001::14A enable
  peer 2001::14A group iBGP
  peer 2001::14A reflect-client
#
ospf 1 router-id 4.4.4.28
 silent-interface all
 undo silent-interface Eth-Trunk0
 undo silent-interface Eth-Trunk1
 preference 80
 opaque-capability enable
 graceful-restart
 bandwidth-reference 1000000
 enable traffic-adjustment
 area 0.0.0.0
  authentication-mode hmac-sha256 1 cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
  mpls-te enable
#
return

Router

 
#
sysname Router
#
ipv6
#
mpls lsr-id 4.4.4.39
mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mpls rsvp-te srefresh
#
explicit-path TO-PE1-1
 next hop 1.1.2.225
 next hop 1.1.1.2
#
explicit-path TO-PE1-2
 next hop 1.1.2.229
 next hop 1.1.1.10
#
explicit-path TO-PE2-1
 next hop 1.1.2.225
 next hop 1.1.1.6
#
explicit-path TO-PE2-2
 next hop 1.1.2.229
 next hop 1.1.1.14
#
mpls rsvp-te peer 1.1.2.225
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
mpls rsvp-te peer 1.1.2.229
 mpls rsvp-te authentication cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
#
ipsec proposal ah
 encapsulation-mode transport
 transform ah
 ah authentication-algorithm sha2-256
#
ipsec sa ospfv3-sa
 proposal ah
 sa spi inbound ah 256
 sa authentication-hex inbound ah cipher %^%#Hs`fE9Kd_92D<#M^CGDSwqjQFrgB~@q,\&NzzsD,xF>0UP%>5+H&q6Vj8ilG%^%#
 sa spi outbound ah 256
 sa authentication-hex outbound ah cipher %^%#"sFYHYf[9Mz|GW;ko4d<`%DjK-OBR$^<Dt!Hx#FYZ:oDR:\BEGkIsK$LtsnQ%^%#
#
ospfv3 1
 router-id 4.4.4.1
 bandwidth-reference 1000000
 graceful-restart
 default-route-advertise always
#
interface Eth-Trunk0
 undo portswitch
 description To_P1
 ipv6 enable
 ip address 1.1.2.226 255.255.255.252
 ipv6 address 2001:0:0:4D5::2/64
 ospfv3 1 area 0.0.0.0
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf cost 10000
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mode lacp
#
interface Eth-Trunk1
 undo portswitch
 description To_P2
 ipv6 enable
 ip address 1.1.2.230 255.255.255.252
 ipv6 address 2001:0:0:4D4::2/64
 ospfv3 1 area 0.0.0.0
 ospfv3 cost 1000
 ospfv3 network-type p2p
 ospfv3 ipsec sa ospfv3-sa
 ospf network-type p2p
 ospf enable 1 area 0.0.0.0
 mpls
 mpls te
 mpls rsvp-te
 mpls rsvp-te hello
 mode lacp
#
interface XGigabitEthernet1/0/0
 eth-trunk 0
#
interface XGigabitEthernet1/0/1
 eth-trunk 1
#
interface XGigabitEthernet2/0/0
 eth-trunk 0
#
interface XGigabitEthernet2/0/1
 eth-trunk 1
#
interface LoopBack0
 ipv6 enable
 ip address 4.4.4.39 255.255.255.255
 ipv6 address 2001::31/128
 ospfv3 1 area 0.0.0.0
 ospf enable 1 area 0.0.0.0
#
interface Tunnel1
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.143
 mpls te tunnel-id 1
 mpls te signalled tunnel-name router->pe1-1
 mpls te record-route label
 mpls te path explicit-path TO-PE1-1
 mpls te path explicit-path TO-PE1-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
interface Tunnel2
 ip address unnumbered interface LoopBack0
 tunnel-protocol mpls te
 destination 4.4.4.144
 mpls te tunnel-id 2
 mpls te signalled tunnel-name router->pe2-1
 mpls te record-route label
 mpls te path explicit-path TO-PE2-1
 mpls te path explicit-path TO-PE2-2 secondary
 mpls te backup hot-standby
 mpls te igp shortcut ospf
 mpls te igp metric absolute 10
 mpls te reserved-for-binding
 mpls te commit
 ospf enable 1 area 0.0.0.0
 mpls
#
bgp 2519
 router-id 4.4.4.39
 graceful-restart
 group iBGP internal
 peer iBGP connect-interface LoopBack0
 peer 4.4.4.27 as-number 2519
 peer 4.4.4.27 group iBGP
 peer 4.4.4.27 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 4.4.4.28 as-number 2519
 peer 4.4.4.28 group iBGP
 peer 4.4.4.28 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 2001::15 as-number 2519
 peer 2001::15 group iBGP
 peer 2001::15 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 peer 2001::16 as-number 2519
 peer 2001::16 group iBGP
 peer 2001::16 password cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
 #
 ipv4-family unicast
  undo synchronization
  preference 170 170 130
  peer iBGP enable
  peer iBGP next-hop-local
  peer iBGP advertise-community
  peer 4.4.4.27 enable
  peer 4.4.4.27 group iBGP
  peer 4.4.4.28 enable
  peer 4.4.4.28 group iBGP
 #
 ipv6-family unicast
  undo synchronization
  preference 170 170 130
  peer iBGP enable
  peer iBGP next-hop-local
  peer iBGP advertise-community
  peer 2001::15 enable
  peer 2001::15 group iBGP
  peer 2001::16 enable
  peer 2001::16 group iBGP
#
ospf 1 router-id 4.4.4.39
 default-route-advertise always
 silent-interface all
 undo silent-interface Eth-Trunk0
 undo silent-interface Eth-Trunk1
 preference 80
 opaque-capability enable
 graceful-restart
 bandwidth-reference 1000000
 enable traffic-adjustment advertise
 area 0.0.0.0
  authentication-mode hmac-sha256 1 cipher %^%#r-cY&8yb<(u#B}3bmEoRd6qkX.GNMPEiY2D^bV*A%^%#
  mpls-te enable
#
return
Translation
Español 日本語 Русский 简体中文
Download
Updated: 2023-07-29

Document ID: EDOC1000069520

Views: 1874716

Downloads: 41290

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :