Example for Deploying NetStream on the BGP/MPLS IP VPN Network
This section provides an example for configuring NetStream on a BGP/MPLS IP VPN network to monitor VPN service traffic.
Networking Requirements
With the development of L3VPN services, users and carriers increasingly demand higher quality of service (QoS). Carriers and users reach service level agreements (SLAs) on voice over IP and video over IP services. Deploying NetStream on the BGP/MPLS IP VPN network allows users to analyze the LSP traffic between PEs and adjust the network to better meet service requirements.
- Packets with specified application labels are sampled on PE2 and sent to the NetStream Collector (NSC) and NetStream Data Analyzer (NDA).
- Statistics collection of incoming and outgoing packets with specified application labels is enabled on the P. Packets with specified application labels sent by the CE are sampled and sent to the NSC and NDA.
- Traffic statistics are analyzed on the NSC and NDA to obtain users' traffic volume between PEs.
Configuration Roadmap
The configuration roadmap is as follows:
Assign an IP address to each interface.
Configure the BGP/MPLS IP VPN.
Enable NetStream to sample packets with specified labels on PE2.
Enable NetStream to collect statistics about incoming and outgoing packets with specified labels.
Data Preparation
To complete the configuration, you need the following data:
Output format for NetStream flows and the sampling interval
Destination IP address, destination port number, and source IP address of NetStream flows to be output
Number of the slot in which the NetStream service processing board resides (In this example, the NetStream service processing board is in slot 1.)
Procedure
- Assign an IP address to each interface.
Assign an IP address and a mask to each interface (including loopback interfaces) according to Figure 3-20. For configuration details, see Configuration Files in this section.
- Configure the BGP/MPLS IP VPN.
For configuration details, see the chapter "BGP/MPLS IP VPN Configuration" in HUAWEI NetEngine40E NE40E Configuration Guide - VPN.
- Enable NetStream to sample packets with specified application
labels on PE2.
# Configure the interface board on PE2 to process NetStream services in distributed mode.
[*PE2] slot 1 [*PE2-slot-1] ip netstream sampler to slot self [*PE2-slot-1] return
# Configure PE2 to send information about L3VPN application labels to the NMS.[*PE2] ip netstream export template option application-label
# Specify the destination address, destination port number, and source address for NetStream flows output in V9 format.
[*PE2] ip netstream export version 9 [*PE2] ip netstream export host 192.168.2.2 9000 [*PE2] ip netstream export source 192.168.2.1
- Enable NetStream to collect statistics about incoming and
outgoing packets with specified application labels on the P.
# Configure the interface board on the P to process NetStream services in distributed mode.
<P> system-view [*P] slot 1 [*P-slot-1] ip netstream sampler to slot self [*P-slot-1] quit
NOTE:
This example uses the configuration of distributed NetStream service processing on a board. To configure an interface board to process NetStream services in centralized mode, run the ip netstream sampler to slot slot-id command.# Collect statistics about incoming and outgoing packets on GigabitEthernet 2/0/0 of the P.[*P] interface GigabitEthernet 2/0/0 [*P-GigabitEthernet2/0/0] ip netstream inbound [*P-GigabitEthernet2/0/0] ip netstream outbound [*P-GigabitEthernet2/0/0] quit
# Configure NetStream to sample both inner IP packets and labels of MPLS packets.[*P] ip netstream mpls-aware label-and-ip
# Specify the destination address, destination port number, and source address for NetStream flows output in V9 format.
[*P] ip netstream export version 9 [*P] ip netstream export host 192.168.2.2 9001 [*P] ip netstream export source 172.17.1.1
# Enable NetStream sampling and configure the fixed packet sampling mode.
[*P] ip netstream sampler fix-packets 10000 inbound [*P] ip netstream sampler fix-packets 10000 outbound [*P] quit
- Verify the configuration.
# Run the display ip netstream cache origin slot 2 command in the user view. If the configuration succeeds, you can view IP- and MPLS-related information about VPN packets cached in the NetStream flow buffer.
<HUAWEI> display ip netstream cache origin slot 1 DstIf SrcIf DstP Msk Pro Tos SrcP Msk Flags Packets Bytes NextHop Direction DstIP DstAs SrcIP SrcAs BGP: BGP NextHop TopLabelType Label1 Exp1 Bottom1 Label2 Exp2 Bottom2 Label3 Exp3 Bottom3 TopLabelIpAddress VlanId VniId -------------------------------------------------------------------------- Unknown GigabitEthernet1/0/0 0 0 253 0 0 0 0 3 384 0.0.0.0 in 192.172.133.151 0 192.172.131.151 0 0.0.0.0 UNKNOWN 0 0 0 0 0 0 0 0 0 0.0.0.0 0 0 Unknown GigabitEthernet1/0/1 0 0 253 0 0 0 0 1 128 0.0.0.0 in 192.173.81.232 0 192.173.79.232 0 0.0.0.0 UNKNOWN 0 0 0 0 0 0 0 0 0 0.0.0.0 0 0
Configuration Files
PE1 configuration file
# sysname PE1 # ip vpn-instance vpna route-distinguisher 100:1 vpn-target 100:1 export-extcommunity vpn-target 100:1 import-extcommunity # mpls lsr-id 1.1.1.9 # mpls # interface GigabitEthernet1/0/0 ip binding vpn-instance vpna ip address 10.2.1.2 255.255.255.0 # interface GigabitEthernet3/0/0 ip address 172.16.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack1 ip address 1.1.1.9 255.255.255.255 # bgp 100 peer 3.3.3.9 as-number 100 peer 3.3.3.9 connect-interface LoopBack1 # ipv4-family unicast peer 3.3.3.9 enable # ipv4-family vpnv4 policy vpn-target peer 3.3.3.9 enable # ipv4-family vpn-instance vpna import-route direct peer 10.1.1.1 as-number 65440 # ospf 1 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 172.16.1.0 0.0.0.255 # return
P configuration file
slot 1 ip netstream sampler to slot 2 # sysname P # ip netstream mpls-aware label-and-ip ip netstream export version 9 ip netstream sampler fix-packets 10000 inbound ip netstream sampler fix-packets 10000 outbound ip netstream export source 172.18.1.1 ip netstream export host 172.18.1.2 9001 # mpls lsr-id 2.2.2.9 # mpls lsp-trigger all # mpls ldp # interface GigabitEthernet1/0/0 ip address 172.16.1.2 255.255.255.0 mpls mpls ldp # interface GigabitEthernet2/0/0 ip address 172.17.1.1 255.255.255.0 ip netstream inbound ip netstream outbound mpls mpls ldp # interface GigabitEthernet3/0/0 ip address 172.18.1.1 255.255.255.0 # interface LoopBack1 ip address 2.2.2.9 255.255.255.255 # ospf 1 area 0.0.0.0 network 172.16.1.0 0.0.0.255 network 172.17.1.0 0.0.0.255 network 2.2.2.9 0.0.0.0 # return
PE2 configuration file
# slot 1 ip netstream sampler to slot self # sysname PE2 # ip netstream export version 9 ip netstream export source 192.168.2.1 ip netstream export host 192.168.2.2 9000 ip netstream export template option application-label # ip vpn-instance vpna route-distinguisher 200:1 vpn-target 100:1 export-extcommunity vpn-target 100:1 import-extcommunity # mpls lsr-id 3.3.3.9 # mpls lsp-trigger all # mpls ldp # interface GigabitEthernet1/0/0 ip binding vpn-instance vpna ip address 10.3.1.2 255.255.255.0 # interface GigabitEthernet3/0/0 ip address 172.17.1.2 255.255.255.0 mpls mpls ldp # interface LoopBack1 ip address 3.3.3.9 255.255.255.255 # bgp 100 peer 1.1.1.9 as-number 100 peer 1.1.1.9 connect-interface LoopBack1 # ipv4-family unicast peer 1.1.1.9 enable # ipv4-family vpnv4 policy vpn-target peer 1.1.1.9 enable # ipv4-family vpn-instance vpna import-route direct peer 10.4.1.1 as-number 65440 # ospf 1 area 0.0.0.0 network 172.17.1.0 0.0.0.255 network 3.3.3.9 0.0.0.0 # return
CE2 configuration file
# sysname CE2 # interface GigabitEthernet1/0/0 ip address 10.2.1.1 255.255.255.0 # bgp 65420 peer 10.2.1.2 as-number 100 # ipv4-family unicast import-route direct peer 10.2.1.2 enable # return
CE4 configuration file
# sysname CE4 # interface GigabitEthernet1/0/0 ip address 10.4.1.1 255.255.255.0 # bgp 65440 peer 10.4.1.2 as-number 100 # ipv4-family unicast import-route direct peer 10.4.1.2 enable # return