No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN

S1720, S2700, S5700, and S6720 V200R010C00

This document describes the VPN configuration procedures and provides configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring an HoVPN

Configuring an HoVPN

Context

In addition to basic BGP/MPLS IP VPN configuration, you need to specify UPE devices on the SPE device and advertise default routes of VPN instances to the UPE devices.

When VPN services need to be transmitted over TE tunnels or when multiple tunnels need to perform load balancing to fully use network resources, you also need to configure tunnel policies. For details, see Configuring Tunnel Policies.

NOTE:

According to RFC, the VPN instance status obtained from a management information base (MIB) or schema is Up only if at least one interface bound to the VPN instance is Up. On an HoVPN, VPN instances on SPEs are not bound to interfaces. As a result, the VPN instance status obtained from a MIB or schema is always Down. To solve this problem, run the transit-vpn command in the VPN instance view or VPN instance IPv4 address family view of an SPE. Then, the VPN instance status obtained from a MIB or schema is always Up, no matter whether the VPN instance is bound to interfaces.

Perform the following steps on the SPE device. (The configuration is not required on UPE and NPE devices.)

Procedure

  1. Specify a UPE device.
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      bgp { as-number-plain | as-number-dot }

      The BGP view is displayed.

    3. Run:

      peer { ipv4-address | group-name } as-number as-number

      A UPE device is specified as the BGP peer of the SPE.

    4. Run:

      ipv4-family vpnv4 [ unicast ]

      The BGP-VPNv4 family is displayed.

    5. Run:

      peer { ipv4-address | group-name } enable

      The capability of exchanging BGP VPNv4 routing information with the peer is enabled.

    6. Run:

      peer { ipv4-address | group-name } upe

      The peer is specified as the UPE of the SPE.

  2. Advertise default routes of a VPN instance.
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      bgp { as-number-plain | as-number-dot }

      The BGP view is displayed.

    3. Run:

      ipv4-family vpnv4

      The BGP-VPNv4 family view is displayed.

    4. Run:

      peer { ipv4-address | group-name } default-originate vpn-instance vpn-instance-name

      The default routes of a specified VPN instance are advertised to the UPE device.

      After running the command, the SPE advertises a default route to the UPE with its local address as the next hop, regardless of whether there is a default route in the local routing table.

Translation
Download
Updated: 2019-08-21

Document ID: EDOC1000141944

Views: 110098

Downloads: 588

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next