No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Examples for NE and ME60 Routers in Typical Enterprise Scenarios 2.0

This document provides NE series routers typical configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
GRE

GRE

Example for Configuring a Static Route for GRE

This section provides an example for configuring a static GRE route. In this networking scheme, traffic between users is transmitted through a GRE tunnel; a static route is configured between the device and its connected client.

Applicable Products and Versions

This configuration example applies to NE20E-S series products running V800R010C00 or later.

Networking Requirements

In Figure 1-59, Device A, Device B, and Device C belong to the VPN backbone network, and OSPF runs between them.

It is required that a static route be established between Device A and Device C. To meet such a requirement, configure a GRE tunnel between Device A and Device C and specify the tunnel interface as the outbound interface of a static route so that PC1 and PC2 can communicate with each other.

PC1 takes Device A as its default gateway, and PC2 takes Device C as its default gateway.

Figure 1-59  Networking diagram of configuring a static route for GRE
NOTE:

Interfaces 1 through 3 in this example are GE 0/1/0, GE 0/2/0, and Tunnel 1, respectively.



Precautions

A distributed GRE tunnel is used as an example.

The distributed GRE tunnel and integrated GRE tunnel differ in that the former uses a one-dimensional interface (named only by the interface number) as the tunnel interface whereas the latter uses a three-dimensional interface (named by the slot ID, subcard ID, and interface number) as the tunnel interface.

For an integrated GRE tunnel, the target-board slot-number [ backup slave-slot-number ] command must be run before the tunnel interface is bound to GRE using the binding tunnel gre command. After the configuration is complete, the GRE tunnel sends packets received from the source tunnel interface to the corresponding GRE service boards for processing.

For an integrated GRE tunnel, the tunnel interface must be a three-dimensional interface (named by the slot ID, subcard ID, and interface number). The slot ID of the tunnel interface must be consistent with the ID of the slot in which the source interface-bound tunnel service board resides. If the slot IDs are different, the GRE tunnel cannot be established.

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure a dynamic routing protocol on the routers.

  2. Create a tunnel interface on Device A and Device C.

  3. Specify the source address of the tunnel interface as the IP address of the interface that sends the packet.

  4. Specify the destination address of the tunnel interface as the IP address of the interface that receives the packet.

  5. Assign network addresses to the tunnel interfaces to enable the tunnel to support the dynamic routing protocol.

  6. Configure the static route between Device A and its connected PC, and the static route between Device C and its connected PC to make the traffic between PC1 and PC2 transmitted through the GRE tunnel.

  7. Configure the egress of the static route as the local tunnel interface.

Data Preparation

To complete the configuration, you need the following data:

  • Data for running OSPF

  • Source address and destination address of the GRE tunnel, and IP addresses of tunnel interfaces

Procedure

  1. Configure the IP address for each interface.

    Assign an IP address to each interface as shown in Figure 1-59. The specific configuration is not mentioned here.

  2. Configure IGP for the VPN backbone network.

    # Configure DeviceA.

    [~DeviceA] ospf 1
    [*DeviceA-ospf-1] area 0
    [*DeviceA-ospf-1-area-0.0.0.0] network 172.20.1.0 0.0.0.255
    [*DeviceA-ospf-1-area-0.0.0.0] quit
    [*DeviceA-ospf-1] quit
    [*DeviceA] commit

    # Configure DeviceB.

    [~DeviceB] ospf 1
    [*DeviceB-ospf-1] area 0
    [*DeviceB-ospf-1-area-0.0.0.0] network 172.20.1.0 0.0.0.255
    [*DeviceB-ospf-1-area-0.0.0.0] network 172.21.1.0 0.0.0.255
    [*DeviceB-ospf-1-area-0.0.0.0] quit
    [*DeviceB-ospf-1] quit
    [*DeviceB] commit

    # Configure DeviceC.

    [~DeviceC] ospf 1
    [*DeviceC-ospf-1] area 0
    [*DeviceC-ospf-1-area-0.0.0.0] network 172.21.1.0 0.0.0.255
    [*DeviceC-ospf-1-area-0.0.0.0] quit
    [*DeviceC-ospf-1] quit
    [*DeviceC] commit

    After the configuration, run the display ip routing-table command on Device A and Device C. The command output shows that they both learn the OSPF route to the network segment of the remote interface.

    # Take Device A as an example.

    [~DeviceA] display ip routing-table
    Route Flags: R - relay, D - download
    to fib, T - to vpn-instance, B - black hole route
    ------------------------------------------------------------------------------
    Routing Table : _public_
             Destinations : 11       Routes : 11
    
    Destination/Mask    Proto   Pre  Cost        Flags NextHop         Interface
    
           10.1.1.0/24  Direct  0    0             D  10.1.1.2        GigabitEthernet0/2/0
           10.1.1.2/32  Direct  0    0             D  127.0.0.1       GigabitEthernet0/2/0
         10.1.1.255/32  Direct  0    0             D  127.0.0.1       GigabitEthernet0/2/0
         172.20.1.0/24  Direct  0    0             D  172.20.1.1      GigabitEthernet0/1/0
         172.20.1.1/32  Direct  0    0             D  127.0.0.1       GigabitEthernet0/1/0
       172.20.1.255/32  Direct  0    0             D  127.0.0.1       GigabitEthernet0/1/0
         172.21.1.0/24  OSPF    10   2             D  172.20.1.2      GigabitEthernet0/1/0
          127.0.0.0/8   Direct  0    0             D  127.0.0.1       InLoopBack0
          127.0.0.1/32  Direct  0    0             D  127.0.0.1       InLoopBack0
    127.255.255.255/32  Direct  0    0             D  127.0.0.1       InLoopBack0
    255.255.255.255/32  Direct  0    0             D  127.0.0.1       InLoopBack0

  3. Configure the tunnel interface.

    # Configure DeviceA.

    [~DeviceA] interface GigabitEthernet 0/1/0
    [~DeviceA-GigabitEthernet0/1/0] binding tunnel gre
    [*DeviceA-GigabitEthernet0/1/0] commit
    [~DeviceA-GigabitEthernet0/1/0] quit
    [~DeviceA] interface tunnel 1
    [*DeviceA-Tunnel1] tunnel-protocol gre
    [*DeviceA-Tunnel1] ip address 172.22.1.1 255.255.255.0
    [*DeviceA-Tunnel1] source 172.20.1.1
    [*DeviceA-Tunnel1] destination 172.21.1.2
    [*DeviceA-Tunnel1] quit
    [*DeviceA] commit

    # Configure DeviceC.

    [~DeviceC] interface GigabitEthernet 0/1/0
    [~DeviceC-GigabitEthernet0/1/0] binding tunnel gre
    [*DeviceC-GigabitEthernet0/1/0] commit
    [~DeviceC-GigabitEthernet0/1/0] quit
    [~DeviceC] interface tunnel 1
    [*DeviceC-Tunnel1] tunnel-protocol gre
    [*DeviceC-Tunnel1] ip address 172.22.1.2 255.255.255.0
    [*DeviceC-Tunnel1] source 172.21.1.2
    [*DeviceC-Tunnel1] destination 172.20.1.1
    [*DeviceC-Tunnel1] quit
    [*DeviceC] commit

    After the configuration, the status of tunnel interfaces goes Up, and the tunnel interfaces can ping each other.

    # Take Device A as an example:

    [~DeviceA] ping -a 172.22.1.1 172.22.1.2
      PING 172.22.1.2: 56  data bytes, press CTRL_C to break
        Reply from 172.22.1.2: bytes=56 Sequence=1 ttl=255 time=24 ms
        Reply from 172.22.1.2: bytes=56 Sequence=2 ttl=255 time=33 ms
        Reply from 172.22.1.2: bytes=56 Sequence=3 ttl=255 time=48 ms
        Reply from 172.22.1.2: bytes=56 Sequence=4 ttl=255 time=33 ms
        Reply from 172.22.1.2: bytes=56 Sequence=5 ttl=255 time=36 ms
      --- 172.22.1.2 ping statistics ---
        5 packet(s) transmitted
        5 packet(s) received
        0.00% packet loss
        round-trip min/avg/max = 24/34/48 ms

  4. Configure a static route.

    # Configure DeviceA.

    [~DeviceA] ip route-static 10.2.1.0 255.255.255.0 tunnel1
    [*DeviceA] commit

    # Configure DeviceC.

    [~DeviceC] ip route-static 10.1.1.0 255.255.255.0 tunnel1
    [*DeviceC] commit

  5. Verify the configuration.

    After the configuration, run the display ip routing-table command on Device A and Device C. The command output shows the static route to the network segment of the remote user end through the tunnel interface.

    Take Device A as an example:

    [~DeviceA] display ip routing-table
    Route Flags: R - relay, D - download
    to fib, T - to vpn-instance, B - black hole route
    ------------------------------------------------------------------------------
    Routing Table : _public_
             Destinations : 15       Routes : 15
    
    Destination/Mask    Proto   Pre  Cost        Flags NextHop         Interface
    
           10.1.1.0/24  Direct  0    0             D  10.1.1.2        GigabitEthernet0/2/0
           10.1.1.2/32  Direct  0    0             D  127.0.0.1       GigabitEthernet0/2/0
         10.1.1.255/32  Direct  0    0             D  127.0.0.1       GigabitEthernet0/2/0
        10.2.1.0/24  Static  60   0           D  172.22.1.1     Tunnel1
         172.20.1.0/24  Direct  0    0             D  172.20.1.1      GigabitEthernet0/1/0
         172.20.1.1/32  Direct  0    0             D  127.0.0.1       GigabitEthernet0/1/0
       172.20.1.255/32  Direct  0    0             D  127.0.0.1       GigabitEthernet0/1/0
         172.21.1.0/24  OSPF    10   2             D  172.20.1.2      GigabitEthernet0/1/0
         172.22.1.0/24  Direct  0    0             D  172.22.1.1      Tunnel1
         172.22.1.1/32  Direct  0    0             D  127.0.0.1       Tunnel1
       172.22.1.255/32  Direct  0    0             D  127.0.0.1       Tunnel1
          127.0.0.0/8   Direct  0    0             D  127.0.0.1       InLoopBack0
          127.0.0.1/32  Direct  0    0             D  127.0.0.1       InLoopBack0
    127.255.255.255/32  Direct  0    0             D  127.0.0.1       InLoopBack0
    255.255.255.255/32  Direct  0    0             D  127.0.0.1       InLoopBack0

Configuration Files
  • Device A configuration file

    #
    sysname DeviceA
    #
    interface GigabitEthernet 0/1/0
     undo shutdown
     ip address 172.20.1.1 255.255.255.0
     binding tunnel gre
    #
    interface GigabitEthernet 0/2/0
     undo shutdown
     ip address 10.1.1.2 255.255.255.0
    #
    interface Tunnel1
     ip address 172.22.1.1 255.255.255.0
     tunnel-protocol gre
     source 172.20.1.1
     destination 172.21.1.2
    #
    ospf 1
     area 0.0.0.0
      network 172.20.1.0 0.0.0.255
    #
    ip route-static 10.2.1.0 255.255.255.0 Tunnel1
    #
    return
  • Device B configuration file

    #
    sysname DeviceB
    #
    interface GigabitEthernet 0/1/0
     undo shutdown
     ip address 172.20.1.2 255.255.255.0
    #
    interface GigabitEthernet 0/2/0
     undo shutdown
     ip address 172.21.1.1 255.255.255.0
    #
    ospf 1
     area 0.0.0.0
      network 172.20.1.0 0.0.0.255
      network 172.21.1.0 0.0.0.255
    #
    return
  • Device C configuration file

    #
    sysname DeviceC
    #
    interface GigabitEthernet 0/1/0
     undo shutdown
     ip address 172.21.1.2 255.255.255.0
     binding tunnel gre
    #
    interface GigabitEthernet 0/2/0
     undo shutdown
     ip address 10.2.1.2 255.255.255.0
    #
    interface Tunnel1
     ip address 172.22.1.2 255.255.255.0
     tunnel-protocol gre
     source 172.21.1.2
     destination 172.20.1.1
    #
    ospf 1
     area 0.0.0.0
     network 172.21.1.0 0.0.0.255
    #
    ip route-static 10.1.1.0 255.255.255.0 Tunnel1
    #
    return

Example for Configuring a Dynamic Routing Protocol for GRE

This section provides an example for configuring a dynamic route for GRE. In this networking scheme, traffic between users is transmitted through a GRE tunnel; a dynamic route is configured between the device and its connected user.

Applicable Products and Versions

This configuration example applies to NE20E-S series products running V800R010C00 or later.

Networking Requirements

In Figure 1-60, Device A, Device B, and Device C belong to the VPN backbone network, and OSPF runs between them.

GRE is enabled between Device A and Device C for the interworking between PC1 and PC2.

OSPF is enabled on the tunnel interface. OSPF process 1 is used for the VPN backbone network, and OSPF process 2 is used for user access.

PC1 takes Device A as its default gateway, and PC2 takes Device C as its default gateway.

Figure 1-60  Networking diagram of configuring a dynamic routing protocol for GRE
NOTE:

Interfaces 1, 2, and 3 in this example are GE 0/1/0, GE 0/2/0, and Tunnel 1, respectively



Precautions

A distributed GRE tunnel is used as an example.

The distributed GRE tunnel and integrated GRE tunnel differ in that the former uses a one-dimensional interface (named only by the interface number) as the tunnel interface whereas the latter uses a three-dimensional interface (named by the slot ID, subcard ID, and interface number) as the tunnel interface.

For an integrated GRE tunnel, the target-board slot-number [ backup slave-slot-number ] command must be run before the tunnel interface is bound to GRE using the binding tunnel gre command. After the configuration is complete, the GRE tunnel sends packets received from the source tunnel interface to the corresponding GRE service boards for processing.

For an integrated GRE tunnel, the tunnel interface must be a three-dimensional interface (named by the slot ID, subcard ID, and interface number). The slot ID of the tunnel interface must be consistent with the ID of the slot in which the source interface-bound tunnel service board resides. If the slot IDs are different, the GRE tunnel cannot be established.

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure IGP on each router in the backbone network to realize the interworking between these devices. Here OSPF process 1 is used.

  2. Create the GRE tunnel between routers that are connected to PCs.Then routers can communicate through the GRE tunnel.

  3. Configure the dynamic routing protocol on the network segments through which PCs access the backbone network. Here OSPF process 2 is used.

Data Preparation

To complete the configuration, you need the following data:

  • Source address and destination address of the GRE tunnel

  • IP addresses of the interfaces on both ends of the GRE tunnel

Procedure

  1. Configure IP addresses for interfaces.

    For configuration details, see Configuration Files in this section.

  2. Configure IGP for the VPN backbone network.

    The specific configuration procedures are the same as those in Example for Configuring a Static Route for GRE and are not mentioned here.

  3. Configuring the tunnel interfaces

    The specific configuration procedures are the same as those in Example for Configuring a Static Route for GRE and are not mentioned here.

  4. Configure OSPF on the tunnel interfaces.

    # Configure Device A.

    [~DeviceA] ospf 2
    [*DeviceA-ospf-2] area 0
    [*DeviceA-ospf-2-area-0.0.0.0] network 172.18.1.0 0.0.0.255
    [*DeviceA-ospf-2-area-0.0.0.0] network 10.1.1.0 0.0.0.255
    [*DeviceA-ospf-2-area-0.0.0.0] quit
    [*DeviceA-ospf-2] quit
    [*DeviceA] commit

    # Configure Device C.

    [~DeviceC] ospf 2
    [*DeviceC-ospf-2] area 0
    [*DeviceC-ospf-2-area-0.0.0.0] network 172.18.1.0 0.0.0.255
    [*DeviceC-ospf-2-area-0.0.0.0] network 10.2.1.0 0.0.0.255
    [*DeviceC-ospf-2-area-0.0.0.0] quit
    [*DeviceC-ospf-2] quit
    [*DeviceC] commit

  5. Verify the configuration.

    After the configuration, run the display ip routing-table command on Device A and Device C. The command output shows the OSPF route to the network segment of the remote user end through the tunnel interface. Moreover, the next hop to the destination physical address (172.17.1.0/24) of the tunnel is not the tunnel interface.

    Take Device A as an example:

    [~DeviceA] display ip routing-table
    Route Flags: R - relay, D - download
    to fib, T - to vpn-instance, B - black hole route
    ------------------------------------------------------------------------------
    Routing Table : _public_
             Destinations : 15       Routes : 15
    
    Destination/Mask    Proto   Pre  Cost        Flags NextHop         Interface
    
            1.1.1.1/32  Direct  0    0             D  127.0.0.1       InLoopBack0
            2.2.2.2/24  OSPF    10   2             D  172.16.1.2      Vlanif10
           10.1.1.0/24  Direct  0    0             D  10.1.1.2        Vlanif20
           10.1.1.2/32  Direct  0    0             D  127.0.0.1       Vlanif20
         10.1.1.255/32  Direct  0    0             D  127.0.0.1       Vlanif20
           10.2.1.0/24  OSPF    10  2              D  172.18.1.2      Tunnel1
         172.16.1.0/24  Direct  0    0             D  172.16.1.1      Vlanif10
         172.16.1.1/32  Direct  0    0             D  127.0.0.1       Vlanif10
       172.16.1.255/32  Direct  0    0             D  127.0.0.1       Vlanif10
         172.17.1.0/24  OSPF    10  2              D  172.16.1.2      Vlanif10
         172.18.1.0/24  Direct  0    0             D  172.18.1.1      Tunnel1
         172.18.1.1/32  Direct  0    0             D  127.0.0.1       Tunnel1
       172.18.1.255/32  Direct  0    0             D  127.0.0.1       Tunnel1
          127.0.0.0/8   Direct  0    0             D  127.0.0.1       InLoopBack0
          127.0.0.1/32  Direct  0    0             D  127.0.0.1       InLoopBack0
    127.255.255.255/32  Direct  0    0             D  127.0.0.1       InLoopBack0
    255.255.255.255/32  Direct  0    0             D  127.0.0.1       InLoopBack0

Configuration Files
  • Configuration file of Device A

    #
    sysname DeviceA
    #
    vlan batch 10 20
    #
    interface Vlanif10
     ip address 172.16.1.1 255.255.255.0
    #
    interface Vlanif20
     ip address 10.1.1.2 255.255.255.0
    #
    interface GigabitEthernet0/1/0
     portswitch
     undo shutdown
     port default vlan 10
    #
    interface GigabitEthernet0/2/0
     portswitch
     undo shutdown
     port default vlan 20
    #
    interface LoopBack1
     ip address 1.1.1.1 255.255.255.255
     binding tunnel gre
    #
    interface Tunnel1
     ip address 172.18.1.1 255.255.255.0
     tunnel-protocol gre
     source 1.1.1.1
     destination 2.2.2.2
    #
    ospf 1
     area 0.0.0.0
      network 1.1.1.1 0.0.0.0
      network 172.16.1.0 0.0.0.255
    #
    ospf 2
     area 0.0.0.0
      network 10.1.1.0 0.0.0.255
      network 172.18.1.0 0.0.0.255
    #
    return
  • Configuration file of Device B

    #
    sysname DeviceB
    #
    vlan batch 10 20
    #
    interface Vlanif10
     ip address 172.16.1.2 255.255.255.0
    #
    interface Vlanif20
     ip address 172.17.1.1 255.255.255.0
    #
    interface GigabitEthernet0/1/0
     portswitch
     undo shutdown
     port default vlan 10
    #
    interface GigabitEthernet0/2/0
     portswitch
     undo shutdown
     port default vlan 20
    #
    ospf 1
     area 0.0.0.0
      network 172.16.1.0 0.0.0.255
      network 172.17.1.0 0.0.0.255
    #
    return
  • Configuration file of Device C

    #
    sysname DeviceC
    #
    vlan batch 10 20
    #
    interface Vlanif10
     ip address 10.2.1.2 255.255.255.0
    #
    interface Vlanif20
     ip address 172.17.1.2 255.255.255.0
    #
    interface GigabitEthernet0/1/0
     portswitch
     undo shutdown
     port default vlan 20
    #
    interface GigabitEthernet0/2/0
     portswitch
     undo shutdown
     port default vlan 10
    #
    interface LoopBack1
     ip address 2.2.2.2 255.255.255.255
     binding tunnel gre
    #
    interface Tunnel1
     ip address 172.18.1.2 255.255.255.0
     tunnel-protocol gre
     source 2.2.2.2
     destination 1.1.1.1
    #
    ospf 1
     area 0.0.0.0
      network 2.2.2.2 0.0.0.0
      network 172.17.1.0 0.0.0.255
    #
    ospf 2
     area 0.0.0.0
      network 10.2.1.0 0.0.0.255
      network 172.18.1.0 0.0.0.255
    #
    return
Updated: 2019-05-16

Document ID: EDOC1000120969

Views: 24541

Downloads: 846

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next