No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S2700, S3700, S5700, S6700, S7700, and S9700 Series Switches Typical Configuration Examples

This document provides examples for configuring features in typical usage scenarios.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring BGP/MPLS IP VPN

Example for Configuring BGP/MPLS IP VPN

BGP/MPLS IP VPN Overview

BGP/MPLS IP VPN is an MPLS-based L3VPN that can be flexibly deployed and easily extended, and is suitable for deployment on a large scale. To add a new site, the network administrator only needs to modify the configuration of the edge nodes serving the new site.

BGP/MPLS IP VPN is suitable for communication between the headquarters and branches in different locations. As communication data needs to traverse the backbone network of the carrier, BGP is used to advertise VPN routes over the backbone network and MPLS is used to forward VPN packets on the backbone network. As different departments of an enterprise need to be isolated, BGP/MPLS IP VPN can isolate route, address space, and access between different VPNs.

Configuration Notes

  • The SA series cards do not support the BGP/MPLS IP VPN function. The X1E series cards of V200R006C00 and later versions support the BGP/MPLS IP VPN function.
  • Applicable products and versions lists applicable products and versions.
NOTE:
For details about software mappings, visit Hardware Query Tool and search for the desired product model.

Networking Requirements

As shown in Figure 10-1:
  • CE1 connects to the headquarters R&D area of a company, and CE3 connects to the branch R&D area. CE1 and CE3 belong to vpna.
  • CE2 connects to the headquarters non-R&D area, and CE4 connects to the branch non-R&D area. CE2 and CE4 belong to vpnb.

BGP/MPLS IP VPN needs to be deployed for the company to ensure secure communication between the headquarters and branch while isolating data between the R&D area and non-R&D area.

Figure 10-1  Networking diagram for configuring BGP/MPLS IP VPN

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure OSPF between the P and PEs to ensure IP connectivity on the backbone network.
  2. Configure basic MPLS capabilities and MPLS LDP on the P and PEs to establish MPLS LSP tunnels for VPN data transmission on the backbone network.
  3. Configure MP-IBGP on PE1 and PE2 to enable them to exchange VPN routing information.
  4. Configure VPN instances vpna and vpnb on PE1 and PE2. Set the VPN target of vpna to 111:1 and the VPN target of vpnb to 222:2. This configuration allows users in the same VPN to communicate with each other and isolates users on different VPNs. Bind the PE interfaces connected to CEs to the corresponding VPN instances to provide access for VPN users.
  5. Configure EBGP on the CEs and PEs to exchange VPN routing information.

Procedure

  1. Configure an IGP on the MPLS backbone network so that PEs and P can communicate with each other.

    # Configure PE1.

    <HUAWEI> system-view
    [HUAWEI] sysname PE1
    [PE1] interface loopback 1
    [PE1-LoopBack1] ip address 1.1.1.9 32
    [PE1-LoopBack1] quit
    [PE1] vlan batch 10 20 30
    [PE1] interface gigabitethernet 1/0/0
    [PE1-GigabitEthernet1/0/0] port link-type trunk
    [PE1-GigabitEthernet1/0/0] port trunk allow-pass vlan 10 
    [PE1-GigabitEthernet1/0/0] quit
    [PE1] interface gigabitethernet 2/0/0
    [PE1-GigabitEthernet2/0/0] port link-type trunk
    [PE1-GigabitEthernet2/0/0] port trunk allow-pass vlan 20 
    [PE1-GigabitEthernet2/0/0] quit
    [PE1] interface gigabitethernet 3/0/0
    [PE1-GigabitEthernet3/0/0] port link-type trunk
    [PE1-GigabitEthernet3/0/0] port trunk allow-pass vlan 30 
    [PE1-GigabitEthernet3/0/0] quit
    [PE1] interface vlanif 30
    [PE1-Vlanif30] ip address 172.1.1.1 24
    [PE1-Vlanif30] quit
    [PE1] ospf 1 router-id 1.1.1.9
    [PE1-ospf-1] area 0
    [PE1-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255
    [PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0
    [PE1-ospf-1-area-0.0.0.0] quit
    [PE1-ospf-1] quit

    # Configure P.

    <HUAWEI> system-view
    [HUAWEI] sysname P
    [P] interface loopback 1
    [P-LoopBack1] ip address 2.2.2.9 32
    [P-LoopBack1] quit
    [P] vlan batch 30 60
    [P] interface gigabitethernet 1/0/0 
    [P-GigabitEthernet1/0/0] port link-type trunk
    [P-GigabitEthernet1/0/0] port trunk allow-pass vlan 30
    [P-GigabitEthernet1/0/0] quit
    [P] interface gigabitethernet 2/0/0 
    [P-GigabitEthernet2/0/0] port link-type trunk
    [P-GigabitEthernet2/0/0] port trunk allow-pass vlan 60
    [P-GigabitEthernet2/0/0] quit
    [P] interface vlanif 30
    [P-Vlanif30] ip address 172.1.1.2 24
    [P-Vlanif30] quit
    [P] interface vlanif 60
    [P-Vlanif60] ip address 172.2.1.1 24
    [P-Vlanif60] quit
    [P] ospf 1 router-id 2.2.2.9
    [P-ospf-1] area 0
    [P-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255
    [P-ospf-1-area-0.0.0.0] network 172.2.1.0 0.0.0.255
    [P-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0
    [P-ospf-1-area-0.0.0.0] quit
    [P-ospf-1] quit

    # Configure PE2.

    <HUAWEI> system-view
    [HUAWEI] sysname PE2
    [PE2] interface loopback 1
    [PE2-LoopBack1] ip address 3.3.3.9 32
    [PE2-LoopBack1] quit
    [PE2] vlan batch 40 50 60
    [PE2] interface gigabitethernet 1/0/0
    [PE2-GigabitEthernet1/0/0] port link-type trunk
    [PE2-GigabitEthernet1/0/0] port trunk allow-pass vlan 40
    [PE2-GigabitEthernet1/0/0] quit
    [PE2] interface gigabitethernet 2/0/0 
    [PE2-GigabitEthernet2/0/0] port link-type trunk
    [PE2-GigabitEthernet2/0/0] port trunk allow-pass vlan 50
    [PE2-GigabitEthernet2/0/0] quit
    [PE2] interface gigabitethernet 3/0/0 
    [PE2-GigabitEthernet3/0/0] port link-type trunk
    [PE2-GigabitEthernet3/0/0] port trunk allow-pass vlan 60
    [PE2-GigabitEthernet3/0/0] quit
    [PE2] interface vlanif 60
    [PE2-Vlanif60] ip address 172.2.1.2 24
    [PE2-Vlanif60] quit
    [PE2] ospf 1 router-id 3.3.3.9
    [PE2-ospf-1] area 0
    [PE2-ospf-1-area-0.0.0.0] network 172.2.1.0 0.0.0.255
    [PE2-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0
    [PE2-ospf-1-area-0.0.0.0] quit
    [PE2-ospf-1] quit

    After the configuration is complete, OSPF neighbor relationships are established between PE1 and P, and between PE2 and P. Run the display ospf peer command. The command output shows that the neighbor status is Full. Run the display ip routing-table command. The command output shows that PEs have learned the routes to Loopback1 of each other.

    The information displayed on PE1 is used as an example.

    [PE1] display ip routing-table
    Route Flags: R - relay, D - download to fib, T - to vpn-instance
    ------------------------------------------------------------------------------
    Routing Tables: Public
             Destinations : 8       Routes : 8
    
      Destination/Mask    Proto  Pre  Cost     Flags NextHop         Interface
    
             1.1.1.9/32   Direct 0    0           D  127.0.0.1       LoopBack1
             2.2.2.9/32   OSPF   10   1           D  172.1.1.2       Vlanif30
             3.3.3.9/32   OSPF   10   2           D  172.1.1.2       Vlanif30
            127.0.0.0/8   Direct 0    0           D  127.0.0.1       InLoopBack0
           127.0.0.1/32   Direct 0    0           D  127.0.0.1       InLoopBack0
           172.1.1.0/24   Direct 0    0           D  172.1.1.1       Vlanif30
           172.1.1.1/32   Direct 0    0           D  127.0.0.1       Vlanif30
           172.2.1.0/24   OSPF   10   2           D  172.1.1.2       Vlanif30
    
    [PE1] display ospf peer
    
              OSPF Process 1 with Router ID 1.1.1.9
                      Neighbors
    
     Area 0.0.0.0 interface 172.1.1.1(Vlanif30)'s neighbors
     Router ID: 2.2.2.9         Address: 172.1.1.2
       State: Full  Mode:Nbr is  Master  Priority: 1
       DR: 172.1.1.2  BDR: 172.1.1.1  MTU: 0 
       Dead timer due in 37  sec
       Retrans timer interval: 5 
       Neighbor is up for 00:16:21
       Authentication Sequence: [ 0 ]

  2. Configure basic MPLS capabilities and MPLS LDP on the MPLS backbone network to establish LDP LSPs.

    # Configure PE1.

    [PE1] mpls lsr-id 1.1.1.9
    [PE1] mpls
    [PE1-mpls] quit
    [PE1] mpls ldp
    [PE1-mpls-ldp] quit
    [PE1] interface vlanif 30
    [PE1-Vlanif30] mpls
    [PE1-Vlanif30] mpls ldp
    [PE1-Vlanif30] quit

    # Configure P.

    [P] mpls lsr-id 2.2.2.9
    [P] mpls
    [P-mpls] quit
    [P] mpls ldp
    [P-mpls-ldp] quit
    [P] interface vlanif 30
    [P-Vlanif30] mpls
    [P-Vlanif30] mpls ldp
    [P-Vlanif30] quit
    [P] interface vlanif 60
    [P-Vlanif60] mpls
    [P-Vlanif60] mpls ldp
    [P-Vlanif60] quit

    # Configure PE2.

    [PE2] mpls lsr-id 3.3.3.9
    [PE2] mpls
    [PE2-mpls] quit
    [PE2] mpls ldp
    [PE2-mpls-ldp] quit
    [PE2] interface vlanif 60
    [PE2-Vlanif60] mpls
    [PE2-Vlanif60] mpls ldp
    [PE2-Vlanif60] quit

    After the configuration is complete, LDP sessions are established between PE1 and the P and between the P and PE2. Run the display mpls ldp session command. The command output shows that the Status field is Operational. Run the display mpls ldp lsp command. Information about the established LDP LSPs is displayed.

    The information displayed on PE1 is used as an example.

    [PE1] display mpls ldp session
    
     LDP Session(s) in Public Network
     Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
     A '*' before a session means the session is being deleted. 
     ------------------------------------------------------------------------------
     PeerID            Status      LAM  SsnRole  SsnAge       KASent/Rcv
     ------------------------------------------------------------------------------
     2.2.2.9:0          Operational DU   Passive  0000:00:01  6/6
     ------------------------------------------------------------------------------
     TOTAL: 1 session(s) Found.
    
    
    [PE1] display mpls ldp lsp
    
    LDP LSP Information
     -------------------------------------------------------------------------------
     Flag after Out IF: (I) - LSP Is Only Iterated by RLFA
     -------------------------------------------------------------------------------
     DestAddress/Mask   In/OutLabel   UpstreamPeer     NextHop     OutInterface   
     -------------------------------------------------------------------------------
     1.1.1.9/32         3/NULL        2.2.2.9          127.0.0.1   InLoop0    
    *1.1.1.9/32         Liberal/1024                   DS/2.2.2.9
     2.2.2.9/32         NULL/3        -                172.1.1.2   Vlanif30       
     2.2.2.9/32         1024/3        2.2.2.9          172.1.1.2   Vlanif30       
     3.3.3.9/32         NULL/1025     -                172.1.1.2   Vlanif30       
     3.3.3.9/32         1025/1025     2.2.2.9          172.1.1.2   Vlanif30      
     -------------------------------------------------------------------------------
     TOTAL: 5 Normal LSP(s) Found.
     TOTAL: 1 Liberal LSP(s) Found.
     TOTAL: 0 Frr LSP(s) Found.
     A '*' before an LSP means the LSP is not established 
     A '*' before a Label means the USCB or DSCB is stale 
     A '*' before a UpstreamPeer means the session is stale 
     A '*' before a DS means the session is stale 
     A '*' before a NextHop means the LSP is FRR LSP
    
    

  3. Configure VPN instances on PEs and bind the interfaces connected to CEs to the VPN instances.

    # Configure PE1.

    [PE1] ip vpn-instance vpna
    [PE1-vpn-instance-vpna] route-distinguisher 100:1
    [PE1-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both
    [PE1-vpn-instance-vpna-af-ipv4] quit
    [PE1-vpn-instance-vpna] quit
    [PE1] ip vpn-instance vpnb
    [PE1-vpn-instance-vpnb] route-distinguisher 100:2
    [PE1-vpn-instance-vpnb-af-ipv4] vpn-target 222:2 both
    [PE1-vpn-instance-vpnb-af-ipv4] quit
    [PE1-vpn-instance-vpnb] quit
    [PE1] interface vlanif 10
    [PE1-Vlanif10] ip binding vpn-instance vpna
    [PE1-Vlanif10] ip address 10.1.1.2 24
    [PE1-Vlanif10] quit
    [PE1] interface vlanif 20
    [PE1-Vlanif20] ip binding vpn-instance vpnb
    [PE1-Vlanif20] ip address 10.2.1.2 24
    [PE1-Vlanif20] quit

    # Configure PE2.

    [PE2] ip vpn-instance vpna
    [PE2-vpn-instance-vpna] route-distinguisher 200:1
    [PE2-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both
    [PE2-vpn-instance-vpna-af-ipv4] quit
    [PE2-vpn-instance-vpna] quit
    [PE2] ip vpn-instance vpnb
    [PE2-vpn-instance-vpnb] route-distinguisher 200:2
    [PE2-vpn-instance-vpnb-af-ipv4] vpn-target 222:2 both
    [PE2-vpn-instance-vpnb-af-ipv4] quit
    [PE2-vpn-instance-vpnb] quit
    [PE2] interface vlanif 40
    [PE2-Vlanif40] ip binding vpn-instance vpna
    [PE2-Vlanif40] ip address 10.3.1.2 24
    [PE2-Vlanif40] quit
    [PE2] interface vlanif 50
    [PE2-Vlanif50] ip binding vpn-instance vpnb
    [PE2-Vlanif50] ip address 10.4.1.2 24
    [PE2-Vlanif50] quit

    # Assign IP addresses to the interfaces on the CE1 connecting to the headquarters R&D area according to Figure 10-1. The configurations on CE2, CE3, and CE4 are similar to the configuration on CE1 and are not mentioned here.

    <HUAWEI> system-view
    [HUAWEI] sysname CE1
    [CE1] vlan batch 10
    [CE1] interface gigabitethernet 1/0/0
    [CE1-GigabitEthernet1/0/0] port link-type trunk
    [CE1-GigabitEthernet1/0/0] port trunk allow-pass vlan 10 
    [CE1-GigabitEthernet1/0/0] quit
    [CE1] interface vlanif 10
    [CE1-Vlanif10] ip address 10.1.1.1 24
    [CE1-Vlanif10] quit
    

    After the configuration is complete, run the display ip vpn-instance verbose command on the PEs to check the configuration of VPN instances. Each PE can ping its connected CE.

    NOTE:

    If a PE has multiple interfaces bound to the same VPN instance, specify a source IP address by setting -a source-ip-address in the ping -vpn-instance vpn-instance-name -a source-ip-address dest-ip-address command to ping a remote CE. If the source IP address is not specified, the ping fails.

    PE1 is used as an example.

    [PE1] display ip vpn-instance verbose
     Total VPN-Instances configured : 2
     Total IPv4 VPN-Instances configured : 2
     Total IPv6 VPN-Instances configured : 0
    
     VPN-Instance Name and ID : vpna, 1
      Interfaces : Vlanif10
     Address family ipv4
      Create date : 2014-11-03 02:39:34+00:00
      Up time : 0 days, 22 hours, 24 minutes and 53 seconds
      Route Distinguisher : 100:1
      Export VPN Targets :  111:1
      Import VPN Targets :  111:1
      Label Policy : label per instance
      Per-Instance Label : 4098
      Log Interval : 5
    
     VPN-Instance Name and ID : vpnb, 2
      Interfaces : Vlanif20
     Address family ipv4
      Create date : 2014-11-03 02:39:34+00:00
      Up time : 0 days, 22 hours, 24 minutes and 53 seconds
      Route Distinguisher : 100:2
      Export VPN Targets :  222:2
      Import VPN Targets :  222:2
      Label Policy : label per instance
      Per-Instance Label : 4098
      Log Interval : 5
      
    
    [PE1] ping -vpn-instance vpna 10.1.1.1
      PING 10.1.1.1: 56  data bytes, press CTRL_C to break
        Reply from 10.1.1.1: bytes=56 Sequence=1 ttl=255 time=5 ms
        Reply from 10.1.1.1: bytes=56 Sequence=2 ttl=255 time=3 ms
        Reply from 10.1.1.1: bytes=56 Sequence=3 ttl=255 time=3 ms
        Reply from 10.1.1.1: bytes=56 Sequence=4 ttl=255 time=3 ms
        Reply from 10.1.1.1: bytes=56 Sequence=5 ttl=255 time=16 ms
    
      --- 10.1.1.1 ping statistics ---
        5 packet(s) transmitted
        5 packet(s) received
        0.00% packet loss
        round-trip min/avg/max = 3/6/16 ms

  4. Establish EBGP peer relationships between PEs and CEs and import VPN routes into BGP.

    # Configure CE1 connecting to the headquarters R&D area. The configurations on CE2, CE3, and CE4 are similar to the configuration on CE1 and are not mentioned here.

    [CE1] bgp 65410
    [CE1-bgp] peer 10.1.1.2 as-number 100
    [CE1-bgp] import-route direct
    [CE1-bgp] quit

    # Configure PE1. The configuration on PE2 is similar to the configuration on PE1 and is not mentioned here.

    [PE1] bgp 100
    [PE1-bgp] ipv4-family vpn-instance vpna
    [PE1-bgp-vpna] peer 10.1.1.1 as-number 65410
    [PE1-bgp-vpna] import-route direct
    [PE1-bgp-vpna] quit
    [PE1-bgp] ipv4-family vpn-instance vpnb
    [PE1-bgp-vpnb] peer 10.2.1.1 as-number 65420
    [PE1-bgp-vpnb] import-route direct
    [PE1-bgp-vpnb] quit
    [PE1-bgp] quit

    After the configuration is complete, run the display bgp vpnv4 vpn-instance peer command on the PEs. The command output shows that BGP peer relationships have been established between the PEs and CEs.

    The peer relationship between PE1 and CE1 is used as an example.

    [PE1] display bgp vpnv4 vpn-instance vpna peer
    
     BGP local router ID : 1.1.1.9
     Local AS number : 100
     VPN-Instance vpna, Router ID 1.1.1.9:
     Total number of peers : 1                 Peers in established state : 1
    
      Peer            V    AS  MsgRcvd  MsgSent  OutQ  Up/Down       State      PrefRcv
    
      10.1.1.1        4 65410       11        9     0 00:07:25      Established       1
    

  5. Establish MP-IBGP peer relationships between PEs.

    # Configure PE1.

    [PE1] bgp 100
    [PE1-bgp] peer 3.3.3.9 as-number 100
    [PE1-bgp] peer 3.3.3.9 connect-interface loopback 1
    [PE1-bgp] ipv4-family vpnv4
    [PE1-bgp-af-vpnv4] peer 3.3.3.9 enable
    [PE1-bgp-af-vpnv4] quit
    [PE1-bgp] quit

    # Configure PE2.

    [PE2] bgp 100
    [PE2-bgp] peer 1.1.1.9 as-number 100
    [PE2-bgp] peer 1.1.1.9 connect-interface loopback 1
    [PE2-bgp] ipv4-family vpnv4
    [PE2-bgp-af-vpnv4] peer 1.1.1.9 enable
    [PE2-bgp-af-vpnv4] quit
    [PE2-bgp] quit

    After the configuration is complete, run the display bgp peer or display bgp vpnv4 all peer command on the PEs. The command output shows that BGP peer relationships have been established between the PEs.

    [PE1] display bgp peer
    
     BGP local router ID : 1.1.1.9
     Local AS number : 100
     Total number of peers : 1                 Peers in established state : 1
    
      Peer            V    AS  MsgRcvd  MsgSent  OutQ  Up/Down       State              PrefRcv
    
      3.3.3.9         4   100       12        6     0 00:02:21        Established       0
    [PE1] display bgp vpnv4 all peer
    
    BGP local router ID : 1.1.1.9
     Local AS number : 100
     Total number of peers : 3                 Peers in established state : 3
    
      Peer            V    AS  MsgRcvd  MsgSent    OutQ  Up/Down    State        PrefRcv
    
      3.3.3.9         4   100   12      18         0     00:09:38   Established   0
      Peer of IPv4-family for vpn instance :
    
     VPN-Instance vpna, Router ID 1.1.1.9: 
      10.1.1.1        4   65410  25     25         0     00:17:57   Established   1
     VPN-Instance vpnb, Router ID 1.1.1.9: 
      10.2.1.1        4   65420  21     22         0     00:17:10   Established   1

  6. Verify the configuration.

    Run the display ip routing-table vpn-instance command on the PEs to view the routes to the remote CEs.

    The information displayed on PE1 is used as an example.

    [PE1] display ip routing-table vpn-instance vpna
    Route Flags: R - relay, D - download to fib, T - to vpn-instance
    ------------------------------------------------------------------------------
    Routing Tables: vpna
             Destinations : 3        Routes : 3
    
    Destination/Mask    Proto  Pre  Cost     Flags NextHop         Interface
         10.1.1.0/24    Direct 0    0        D     10.1.1.2        Vlanif10
         10.1.1.2/32    Direct 0    0        D     127.0.0.1       Vlanif10
        10.3.1.0/24     IBGP   255  0        RD    3.3.3.9         Vlanif30
    
    [PE1] display ip routing-table vpn-instance vpnb
    Route Flags: R - relay, D - download to fib, T - to vpn-instance
    ------------------------------------------------------------------------------
    Routing Tables: vpnb
             Destinations : 3        Routes : 3
    
    Destination/Mask    Proto  Pre  Cost     Flags NextHop         Interface
         10.2.1.0/24    Direct 0    0        D     10.2.1.2        Vlanif20
         10.2.1.2/32    Direct 0    0        D     127.0.0.1       Vlanif20
        10.4.1.0/24    IBGP    255  0        RD    3.3.3.9         Vlanif30
    

    CEs in the same VPN can ping each other, whereas CEs in different VPNs cannot.

    For example, CE1 connecting to the headquarters R&D area can ping CE3 connecting to the branch R&D area at 10.3.1.1 but cannot ping CE4 connecting to the branch non-R&D area at 10.4.1.1.

    [CE1] ping 10.3.1.1
      PING 10.3.1.1: 56  data bytes, press CTRL_C to break
        Reply from 10.3.1.1: bytes=56 Sequence=1 ttl=253 time=72 ms
        Reply from 10.3.1.1: bytes=56 Sequence=2 ttl=253 time=34 ms
        Reply from 10.3.1.1: bytes=56 Sequence=3 ttl=253 time=50 ms
        Reply from 10.3.1.1: bytes=56 Sequence=4 ttl=253 time=50 ms
        Reply from 10.3.1.1: bytes=56 Sequence=5 ttl=253 time=34 ms
      --- 10.3.1.1 ping statistics ---
        5 packet(s) transmitted
        5 packet(s) received
        0.00% packet loss
        round-trip min/avg/max = 34/48/72 ms  
    

Configuration Files

  • Configuration file of PE1

    #
    sysname PE1
    #
    vlan batch 10 20 30
    #
    ip vpn-instance vpna
     ipv4-family
      route-distinguisher 100:1
      vpn-target 111:1 export-extcommunity
      vpn-target 111:1 import-extcommunity
    #
    ip vpn-instance vpnb
     ipv4-family
      route-distinguisher 100:2
      vpn-target 222:2 export-extcommunity
      vpn-target 222:2 import-extcommunity
    #
    mpls lsr-id 1.1.1.9
    mpls
    #
    mpls ldp
    #
    interface Vlanif10
     ip binding vpn-instance vpna
     ip address 10.1.1.2 255.255.255.0
    # 
    interface Vlanif20
     ip binding vpn-instance vpnb
     ip address 10.2.1.2 255.255.255.0
    #
    interface Vlanif30
     ip address 172.1.1.1 255.255.255.0
     mpls
     mpls ldp
    #
    interface GigabitEthernet1/0/0
     port link-type trunk
     port trunk allow-pass vlan 10
    # 
    interface GigabitEthernet2/0/0
     port link-type trunk
     port trunk allow-pass vlan 20
    #
    interface GigabitEthernet3/0/0
     port link-type trunk
     port trunk allow-pass vlan 30
    #
    interface LoopBack1
     ip address 1.1.1.9 255.255.255.255
    # 
    bgp 100
     peer 3.3.3.9 as-number 100
     peer 3.3.3.9 connect-interface LoopBack1
     #
     ipv4-family unicast
      undo synchronization
      peer 3.3.3.9 enable
     #
     ipv4-family vpnv4
      policy vpn-target
      peer 3.3.3.9 enable
     #
     ipv4-family vpn-instance vpna
      import-route direct
      peer 10.1.1.1 as-number 65410
     #
     ipv4-family vpn-instance vpnb
      import-route direct
      peer 10.2.1.1 as-number 65420
    #
    ospf 1 router-id 1.1.1.9
     area 0.0.0.0
      network 1.1.1.9 0.0.0.0
      network 172.1.1.0 0.0.0.255
    #
    return
  • Configuration file of P

    #
    sysname P
    #
    vlan batch 30 60
    #
    mpls lsr-id 2.2.2.9
    mpls
    #
    mpls ldp
    # 
    interface Vlanif30
     ip address 172.1.1.2 255.255.255.0
     mpls
     mpls ldp
    #
    interface Vlanif60
     ip address 172.2.1.1 255.255.255.0
     mpls
     mpls ldp
    #
    interface GigabitEthernet1/0/0
     port link-type trunk
     port trunk allow-pass vlan 30
    # 
    interface GigabitEthernet2/0/0
     port link-type trunk
     port trunk allow-pass vlan 60
    # 
    interface LoopBack1
     ip address 2.2.2.9 255.255.255.255
    #
    ospf 1 router-id 2.2.2.9
     area 0.0.0.0
      network 2.2.2.9 0.0.0.0
      network 172.1.1.0 0.0.0.255
      network 172.2.1.0 0.0.0.255
    #
    return
  • Configuration file of PE2

    #
    sysname PE2
    #
    vlan batch 40 50 60
    #
    ip vpn-instance vpna
     ipv4-family
      route-distinguisher 200:1
      vpn-target 111:1 export-extcommunity
      vpn-target 111:1 import-extcommunity
    #
    ip vpn-instance vpnb
     ipv4-family
      route-distinguisher 200:2
      vpn-target 222:2 export-extcommunity
      vpn-target 222:2 import-extcommunity
    #
    mpls lsr-id 3.3.3.9
    mpls
    #
    mpls ldp
    #
    interface Vlanif40
     ip binding vpn-instance vpna
     ip address 10.3.1.2 255.255.255.0
    #
    interface Vlanif50
     ip binding vpn-instance vpnb
     ip address 10.4.1.2 255.255.255.0
    #
    interface Vlanif60
     ip address 172.2.1.2 255.255.255.0
     mpls
     mpls ldp
    #
    interface GigabitEthernet1/0/0
     port link-type trunk
     port trunk allow-pass vlan 40
    # 
    interface GigabitEthernet2/0/0
     port link-type trunk
     port trunk allow-pass vlan 50
    # 
    interface GigabitEthernet3/0/0
     port link-type trunk
     port trunk allow-pass vlan 60
    # 
    interface LoopBack1
     ip address 3.3.3.9 255.255.255.255
    #
    bgp 100
     peer 1.1.1.9 as-number 100
     peer 1.1.1.9 connect-interface LoopBack1
     #
     ipv4-family unicast
      undo synchronization
      peer 1.1.1.9 enable
     #
     ipv4-family vpnv4
      policy vpn-target
      peer 1.1.1.9 enable 
     #
     ipv4-family vpn-instance vpna
      import-route direct
      peer 10.3.1.1 as-number 65430
     #
     ipv4-family vpn-instance vpnb
      import-route direct
      peer 10.4.1.1 as-number 65440
    #
    ospf 1 router-id 3.3.3.9
     area 0.0.0.0
      network 3.3.3.9 0.0.0.0
      network 172.2.1.0 0.0.0.255
    # 
    return
  • Configuration file of CE1 connecting to the headquarters R&D area

    #
    sysname CE1
    #
    vlan batch 10
    #
    interface Vlanif10
     ip address 10.1.1.1 255.255.255.0
    #
    interface GigabitEthernet1/0/0
     port link-type trunk
     port trunk allow-pass vlan 10
    #
    bgp 65410
     peer 10.1.1.2 as-number 100
     #
     ipv4-family unicast
      undo synchronization
      import-route direct
      peer 10.1.1.2 enable
    #
    return
  • Configuration file of CE2 connecting to the headquarters non-R&D area

    #
    sysname CE2
    #
    vlan batch 20
    #
    interface Vlanif20
     ip address 10.2.1.1 255.255.255.0
    #
    interface GigabitEthernet1/0/0
     port link-type trunk
     port trunk allow-pass vlan 20
    #
    bgp 65420
     peer 10.2.1.2 as-number 100
     #
     ipv4-family unicast
      undo synchronization
      import-route direct
      peer 10.2.1.2 enable
    #
    return
  • Configuration file of CE3 connecting to the branch R&D area

    #
    sysname CE3
    #
    vlan batch 40
    #
    interface Vlanif40
     ip address 10.3.1.1 255.255.255.0
    #
    interface GigabitEthernet1/0/0
     port link-type trunk
     port trunk allow-pass vlan 40
    #
    bgp 65430
     peer 10.3.1.2 as-number 100
     #
     ipv4-family unicast
      undo synchronization
      import-route direct
      peer 10.3.1.2 enable
    #
    return
  • Configuration file of CE4 connecting to the branch non-R&D area

    #
    sysname CE4
    #
    vlan batch 50
    #
    interface Vlanif50
     ip address 10.4.1.1 255.255.255.0
    #
    interface GigabitEthernet1/0/0
     port link-type trunk
     port trunk allow-pass vlan 50
    #
    bgp 65440
     peer 10.4.1.2 as-number 100
     #
     ipv4-family unicast
      undo synchronization
      import-route direct
      peer 10.4.1.2 enable
    #
    return

Applicable products and versions

Table 10-1  Applicable products and versions

Product

Product Model

Software Version

S5700

S5700HI

V200R002C00, V200R003C00, V200R005(C00SPC500&C01&C02)

S5710EI

V200R002C00, V200R003C00, V200R005(C00&C02)

S5710HI

V200R003C00, V200R005(C00&C02&C03)

S5720EI

V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00, V200R013C00

S5720HI

V200R007C10, V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00, V200R013C00

S5730HI

V200R012C00, V200R013C00

S6700

S6700EI

V200R005(C00&C01)

S6720EI

V200R008C00, V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00, V200R013C00

S6720S-EI

V200R009C00, V200R010C00, V200R011C00, V200R011C10, V200R012C00, V200R013C00

S6720HI

V200R012C00, V200R013C00

S7700

S7703, S7706, S7712

V200R001(C00&C01), V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00, V200R011C10, V200R012C00, V200R013C00

S7703 PoE

V200R013C00

S7706 PoE

V200R013C00

S9700

S9703, S9706, S9712

V200R001(C00&C01), V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007(C00&C10), V200R008C00, V200R009C00, V200R010C00, V200R011C10, V200R012C00, V200R013C00

Download
Updated: 2019-04-20

Document ID: EDOC1000069520

Views: 662959

Downloads: 29849

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next