No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C00 Configuration Guide - Virtual Access 01

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Virtual Access in VPLS Scenarios

Example for Configuring Virtual Access in VPLS Scenarios

This section provides an example for deploying the virtual access solution on a MAN and configuring VPLS to carry Layer 2 services.

Networking Requirements

The virtual access solution is typically used for MAN virtualization, as shown in Figure 3-28. To ensure service reliability, configure Masters 1 and 2 as the primary and secondary masters, respectively. CE1 on the access side is connected to the virtual access system over VLANs. To implement E2E service bearing, configure Bridge Domains (BDs) for the VPLS on the primary and secondary masters to access the PE on the core side.
Figure 3-28  Configuring virtual access in VPLS scenarios
Table 3-4  Interfaces and their IP addresses

Device

Interface

IP Address

CE1

GigabitEthernet1/0/1.10

10.1.1.1/24

Master1

Loopback1

1.1.1.1/32

GigabitEthernet1/0/1

10.2.1.1/24

Master2

Loopback1

2.2.2.2/32

GigabitEthernet1/0/1

10.3.1.1/24

PE

Loopback1

3.3.3.3/32

GigabitEthernet1/0/1

10.2.1.2/24

GigabitEthernet1/0/2

10.3.1.2/24

CE2

GigabitEthernet1/0/1.10

10.1.1.2/24

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure an IGP so that the masters interwork with the PE.

  2. Configure MPLS LDP on the masters and PE to provide public network tunnels for VPWS.

  3. Establish a virtual access system and use the default local authentication mode.

  4. Configure primary and secondary masters.

  5. Configure a VSI in BD mode on the primary and secondary masters, and enable MAC dual-feed.

  6. Configure a BD on the primary and secondary masters and bind the BD to the VSI.

  7. Configure a VSI on the PE.

Data Preparation

To complete the configuration, you need the following data:

  • IP addresses of directly connected interfaces and loopback interface addresses on each node (for details, see Table 3-4)

  • Management IP address of Master 1: 1.1.1.9; management IP address of Master 2: 2.2.2.9; management IP address of the AP: 3.3.3.9

  • Internal communication interfaces to the AP on Masters 1 and 2: GigabitEthernet 1/1/0/2

  • AP ID: 1025; AP ESN: 391092269755950; AP's external communication interface: GigabitEthernet 1/0/1

  • User name required for a master to log in to the AP: root1234; password: Root@123; SFTP directory: cfcard:/; name of a user created for the AP on a master: root1234; password: Root@123

  • Master 1's management priority for the AP: 10; Master 2's management priority for the AP: 20

  • ID of the VSI used by Master1/Master2 to communicate with the PE: 10

  • ID of the BD bound to the VSI: 10

Procedure

  1. Assign an IP address to each interface on each node, and configure loopback interface addresses.

    For configuration details, see Configuration Files in this section.

  2. Configure OSPF so that the masters interwork with the PE.

    For configuration details, see Configuration Files in this section.

  3. Configure MPLS LDP on the masters and PE.

    For configuration details, see Configuration Files in this section.

  4. Configure basic master functions.

    # Configure Master 1.

    <Master1> system-view
    [~Master1] virtual-access
    [*Master1-virtual-access] role master
    [*Master1-virtual-access] admin 1.1.1.9
    [*Master1-virtual-access] isis authentication-mode hmac-sha256 key-id 1 cipher Huawei-123
    [*Master1-virtual-access] commit
    [~Master1-virtual-access] quit
    [~Master1] interface GigabitEthernet1/1/0/2
    [~Master1-GigabitEthernet1/1/0/2] virtual-access enable
    [*Master1-GigabitEthernet1/1/0/2] commit
    [~Master1-GigabitEthernet1/1/0/2] quit

    # Configure Master 2.

    <Master2> system-view
    [~Master2] virtual-access
    [*Master2-virtual-access] role master
    [*Master2-virtual-access] admin 2.2.2.9
    [*Master2-virtual-access] isis authentication-mode hmac-sha256 key-id 1 cipher Huawei-123
    [*Master2-virtual-access] commit
    [~Master2-virtual-access] quit
    [~Master2] interface GigabitEthernet1/1/0/2
    [~Master2-GigabitEthernet1/1/0/2] virtual-access enable
    [*Master2-GigabitEthernet1/1/0/2] commit
    [~Master2-GigabitEthernet1/1/0/2] quit

  5. Configure basic AP functions on each master.

    # Configure Master 1.

    [~Master1] ap-id 1025
    [*Master1-ap1025] esn 21023519306TEC900327
    [*Master1-ap1025] remote-interface GigabitEthernet1/0/1
    [*Master1-ap1025] commit
    [~Master1-ap1025] admin 3.3.3.9
    [~Master1-ap1025] quit

    The configuration of Master 2 is similar to the configuration of Master 1. For configuration details, see Configuration Files in this section.

  6. Configure an authentication scheme for virtual access.

    # Configure Master 1.

    [~Master1] ap-id 1025
    [~Master1-ap1025] login-user root1234 login-password Root@123
    [*Master1-ap1025] login-user root1234 sftp-directory cfcard:/
    [*Master1-ap1025] authentication-mode local
    [*Master1-ap1025] ap-user
    [*Master1-ap1025-ap-user] local-user root1234 password cipher Root@123
    [*Master1-ap1025-ap-user] commit
    [~Master1-ap1025-ap-user] quit
    [~Master1-ap1025] quit

    The configuration of Master 2 is similar to the configuration of Master 1. For configuration details, see Configuration Files in this section.

  7. Configure primary and secondary masters.

    # Configure Master 1.

    [~Master1] ap-id 1025
    [~Master1-ap1025] management priority 10
    [*Master1-ap1025] commit
    [~Master1-ap1025] quit

    # Configure Master 2.

    [~Master2] ap-id 1025
    [~Master2-ap1025] management priority 20
    [*Master2-ap1025] commit
    [~Master2-ap1025] quit

  8. Configure CE1's access to the virtual access system.

    # Configure CE1.

    <CE1> system-view
    [~CE1] interface GigabitEthernet1/0/1.10
    [*CE1-GigabitEthernet1/0/1.10] vlan-type dot1q 10
    [*CE1-GigabitEthernet1/0/1.10] ip address 10.1.1.1 24
    [*CE1-GigabitEthernet1/0/1.10] commit
    [~CE1-GigabitEthernet1/0/1.10] quit

  9. Configure CE2's access to the PE.

    # Configure CE2.

    <CE2> system-view
    [~CE2] interface GigabitEthernet1/0/1.10
    [*CE2-GigabitEthernet1/0/1.10] vlan-type dot1q 10
    [*CE2-GigabitEthernet1/0/1.10] ip address 10.1.1.2 24
    [*CE2-GigabitEthernet1/0/1.10] commit
    [~CE2-GigabitEthernet1/0/1.10] quit

  10. Configure a VSI in BD mode on the masters, and enable MAC dual-feed.

    # Configure Master 1.

    [~Master1] mpls l2vpn
    [*Master1-l2vpn] commit
    [~Master1-l2vpn] quit
    [~Master1] vsi vpls_10 bd-mode
    [*Master1-vsi-vpls_10] pwsignal ldp
    [*Master1-vsi-vpls_10-ldp] vsi-id 10
    [*Master1-vsi-vpls_10-ldp] peer 3.3.3.3
    [*Master1-vsi-vpls_10-ldp] peer 2.2.2.2
    [*Master1-vsi-vpls_10-ldp] quit
    [*Master1-vsi-vpls_10] mac-withdraw enable
    [*Master1-vsi-vpls_10] interface-status-change down mac-withdraw enable
    [*Master1-vsi-vpls_10] mac-withdraw bd-status down disable
    [*Master1-vsi-vpls_10] remote-interface traffic-replication enable
    [*Master1-vsi-vpls_10] commit
    [~Master1-vsi-vpls_10] quit

    # Configure Master 2.

    [~Master2] mpls l2vpn
    [*Master2-l2vpn] commit
    [~Master2-l2vpn] quit
    [~Master2] vsi vpls_10 bd-mode
    [*Master2-vsi-vpls_10] pwsignal ldp
    [*Master2-vsi-vpls_10-ldp] vsi-id 10
    [*Master2-vsi-vpls_10-ldp] peer 3.3.3.3
    [*Master2-vsi-vpls_10-ldp] peer 1.1.1.1
    [*Master2-vsi-vpls_10-ldp] quit
    [*Master2-vsi-vpls_10] mac-withdraw enable
    [*Master2-vsi-vpls_10] interface-status-change down mac-withdraw enable
    [*Master2-vsi-vpls_10] mac-withdraw bd-status down disable
    [*Master2-vsi-vpls_10] remote-interface traffic-replication enable
    [*Master2-vsi-vpls_10] commit
    [~Master2-vsi-vpls_10] quit

  11. Configure a BD on the Masters and bind the BD to the VSI.

    # Configure Master 1.

    [~Master1] bridge-domain 10
    [*Master1-bd10] l2 binding vsi vpls_10 pw-tag 10
    [*Master1-bd10] quit
    [*Master1] interface GigabitEthernet1025/1/0/1.10
    [*Master1-GigabitEthernet1025/1/0/1.10] encapsulation dot1q vid 10
    [*Master1-GigabitEthernet1025/1/0/1.10] rewrite pop single
    [*Master1-GigabitEthernet1025/1/0/1.10] bridge-domain 10
    [*Master1-GigabitEthernet1025/1/0/1.10] commit
    [~Master1-GigabitEthernet1025/1/0/1.10] quit

    # Configure Master 2.

    [~Master2] bridge-domain 10
    [*Master2-bd10] l2 binding vsi vpls_10 pw-tag 10
    [*Master2-bd10] quit
    [*Master2] interface GigabitEthernet1025/1/0/1.10
    [*Master2-GigabitEthernet1025/1/0/1.10] encapsulation dot1q vid 10
    [*Master2-GigabitEthernet1025/1/0/1.10] rewrite pop single
    [*Master2-GigabitEthernet1025/1/0/1.10] bridge-domain 10
    [*Master2-GigabitEthernet1025/1/0/1.10] commit
    [~Master2-GigabitEthernet1025/1/0/1.10] quit

  12. Configure a VSI on the PE.

    # Configure the PE.

    [~PE] mpls l2vpn
    [*PE-l2vpn] commit
    [~PE-l2vpn] quit
    [~PE] vsi vpls_10
    [*PE-vsi-vpls_10] pwsignal ldp
    [*PE-vsi-vpls_10-ldp] vsi-id 10
    [*PE-vsi-vpls_10-ldp] peer 1.1.1.1
    [*PE-vsi-vpls_10-ldp] peer 2.2.2.2
    [*PE-vsi-vpls_10-ldp] quit
    [*PE] interface GigabitEthernet1/0/3.10
    [*PE-GigabitEthernet1/0/3.10] vlan-type dot1q 10
    [*PE-GigabitEthernet1/0/3.10] l2 binding vsi vpls_10
    [*PE-GigabitEthernet1/0/3.10] commit
    [~PE-GigabitEthernet1/0/3.10] quit

  13. Verify the configuration.

    Run the display virtual-access ap command on a master to view basic information about the AP. The following example uses the command output on Master 1.

    [~Master1] display virtual-access ap
                                     AP Information
    Total 1 record(s):
    --------------------------------------------------------------------------------
     AP Esn               : 21023519306TEC900327
     AP ID                : 1025               Admin IP           : 3.3.3.9
     Primary Master       : 1.1.1.9            Secondary Master   : 2.2.2.9
     State                : Online                
     Online Time          : 2016-09-22 15:07:57
    --------------------------------------------------------------------------------

    Run the display virtual-access va-pw command on Master 1 to view vaPW information. block state is unblocked, indicating that Master 1 is the primary master.

    [~Master1] display virtual-access va-pw
     Total PW : 1     1 up       0 down
    
     *client interface       : GigabitEthernet1025/1/0/1 is up
      local AC servicestate  : up
      block state            : unblocked
      PW state               : up
      local VC label         : 32828
      remote VC label        : 17
      control word           : enable
      MTU value              : 1500
      VC tunnel info         : 1 tunnels
        NO.0  TNL type       : va-tunnel   ,  TNL ID : 0x000000003100000001
      VC tunnel linkstatus   : available
      create time            : 0 days, 22 hours, 9 minutes, 27 seconds
      up time                : 0 days, 21 hours, 13 minutes, 48 seconds
      last change time       : 0 days, 21 hours, 13 minutes, 48 seconds
      last up time           : 2015/11/29 21:18:59
      total up time          : 0 days, 21 hours, 13 minutes, 48 seconds
      reroute policy         : delay 30 s
      time of last reroute   : -- days, -- hours, -- minutes, -- seconds
      delay residual time    : 0 s
    

    Run the display virtual-access va-pw command on Master 2 to view vaPW information. block state is blocked, indicating that Master 2 is the secondary master.

    [~Master2] display virtual-access va-pw
     Total PW : 1     1 up       0 down
    
     *client interface       : GigabitEthernet1025/1/0/1 is down
      local AC servicestate  : up
      block state            : blocked
      PW state               : up
      local VC label         : 32828
      remote VC label        : 505
      control word           : enable
      MTU value              : 1500
      VC tunnel info         : 1 tunnels
        NO.0  TNL type       : va-tunnel   ,  TNL ID : 0x000000003100000001
      VC tunnel linkstatus   : available
      create time            : 0 days, 22 hours, 7 minutes, 1 seconds
      up time                : 0 days, 21 hours, 17 minutes, 40 seconds
      last change time       : 0 days, 21 hours, 17 minutes, 40 seconds
      last up time           : 2015/11/29 21:19:00
      total up time          : 0 days, 21 hours, 17 minutes, 40 seconds
      reroute policy         : delay 30 s
      time of last reroute   : -- days, -- hours, -- minutes, -- seconds
      delay residual time    : 0 s
    

    Run the display vsi name vpls_10 command on Master1. The VSI information is displayed.

    [~Master1] display vsi name vpls_10
    2016-09-22 15:04:39.363 +08:00
    --------------------------------------------------------------------------
    Vsi                            Mem     PW      Mac      Encap     Mtu   Vsi
    Name                           Disc   Type  Learn     Type      Value State
    --------------------------------------------------------------------------
    vpls_10                         --     ldp   qualify   vlan   1500   up   
    [~Master1] display vsi name vpls_10 verbose
    2016-09-22 15:08:30.100 +08:00
    ***VSI Name               : vpls_10
        Work Mode              : bd-mode
        Administrator VSI      : no
        Isolate Spoken         : disable
        VSI Index              :  281
        PW Signaling           : ldp
        Member Discovery Style : --
        Bridge-domain Mode     : enable
        PW MAC Learn Style     : qualify
        Encapsulation Type     : vlan
        MTU                    : 1500
        Diffserv Mode          : uniform
        Service Class          : --
        Color                  : --
        DomainId               : 255
        Domain Name            :
        Ignore AcState         :disable
        P2P VSI                : disable
        VSI MAC-WITHDRAW       : mac-withdraw Enable
        Multicast Fast Switch  : disable
        Create Time            : 0 days, 10 hours, 5 minutes, 16 seconds
        VSI State              : up
        Resource Status        : --
    
        VSI ID                 : 10
       *Peer Router ID         : 2.2.2.2
        Negotiation-vc-id      : 10
        primary or secondary   : primary
        ignore-standby-state   : no
        VC Label               : 52691
        Peer Type              : dynamic
        Session                : up
        Tunnel ID              : 0x0000000001004c4b48 
        Broadcast Tunnel ID    : --
        Broad BackupTunnel ID  : -- 
        CKey                   : 18300
        NKey                   : 419431072
        Stp Enable             : 0
        PwIndex                : 18211
        Control Word           : disable
       *Peer Router ID         : 3.3.3.3
        Negotiation-vc-id      : 10
        primary or secondary   : primary
        ignore-standby-state   : no
        VC Label               : 54694
        Peer Type              : dynamic
        Session                : up
        Tunnel ID              : 0x0000000001004c4b49 
        Broadcast Tunnel ID    : --
        Broad BackupTunnel ID  : -- 
        CKey                   : 18301
        NKey                   : 419431074
        Stp Enable             : 0
        PwIndex                : 18212
        Control Word           : disable
     
        Access Bridge-domain   : Bridge-domain 10, PW tag 10 
        State                  : up 
        Last Up Time           : 2016/09/22 05:47:35
        Total Up Time          : 0 days, 9 hours, 20 minutes, 55 seconds
    

Configuration Files

  • CE1 configuration file

    #
    sysname CE1
    #
    interface GigabitEthernet1/0/1
     undo shutdown  
    #               
    interface GigabitEthernet1/0/1.10
     vlan-type dot1q 10
     ip address 10.1.1.1 24
    #
    return  
  • AP configuration file

    #
    sysname AP
    #
    undo user-security-policy enable
    #
    ip dcn vpn-instance __dcn_vpn__
     ipv4-family 
    #
    bfd
    #
    virtual-access
     role ap
     admin 3.3.3.9
     isis authentication-mode hmac-sha256 key-id 1 cipher %#%#;Z4)W1+&+F\Rax>Jr<"TM'(+Sv.2W)s&QLC:JB*H%#%#
     master admin-ip primary 1.1.1.9 secondary 2.2.2.9
    #
    aaa
     local-user root1234 password irreversible-cipher $1a$]X.f&Hixy4$nVid9o&3bKN4;n#oqO$+T/)9H\$KfD3@KI#8<z9$s
     local-user root password irreversible-cipher &153adZgGs\@~&8ut'scw~!DC!KLDx;HCBSGDw(e/VR:X;Hi&X99^
     local-user root service-type ssh
     local-user root level 15
     local-user root expire 2016-01-01
    #               
    isis 65534      
     description auto-generated for virtual-cluster-access
     is-level level-2
     cost-style wide
     virtual-access enable
     network-entity 00.38ba.50aa.f701.00
    #               
    interface GigabitEthernet1/0/1
     undo shutdown  
    #
    interface GigabitEthernet1/0/2
     undo shutdown  
     isis enable 65534
     isis circuit-type p2p
     dcn            
     virtual-access enable 
    #
    interface GigabitEthernet1/0/3
     undo shutdown  
     isis enable 65534
     isis circuit-type p2p
     dcn            
     virtual-access enable 
    #
    interface LoopBack2147483646
     description virtual-access loopback interface
     ip binding vpn-instance __dcn_vpn__
     ip address 3.3.3.9 255.255.255.255
    #               
    interface LoopBack2147483647
     description DCN loopback interface
     ip binding vpn-instance __dcn_vpn__
     ip address 128.254.255.253 255.255.0.0
    #               
    interface NULL0 
    #               
    ospf 65534 vpn-instance __dcn_vpn__
     description DCN ospf create by default
     opaque-capability enable
     hostname       
     vpn-instance-capability simple
     area 0.0.0.0   
      network 0.0.0.0 255.255.255.255
    #               
    !The DCN function implements the capability of plug-and-play for this device.
    !A NE IP address based on the unique NE ID is automatically generated in VPN
    !of DCN. It is recommended that the NE IP address be changed to the planned 
    !one by running the ne-ip X.X.X.X <mask> command after the device being online.
    dcn             
     bandwidth ethernet 1024 
     bandwidth pos 1024 
     bandwidth serial 192 
    #
    stelnet server enable
    ssh user root   
    ssh user root authentication-type password
    ssh user root service-type stelnet
    ssh user root1234
    ssh user root1234 authentication-type password
    ssh user root1234 service-type all
    ssh user root1234 sftp-directory cfcard:/
    #               
    user-interface vty 0 4
     authentication-mode aaa
     protocol inbound ssh
    #
    return 
  • Master 1 configuration file

    #
    sysname Master1
    #
    rsa peer-public-key 128.254.255.253 encoding-type der
     public-key-code begin
     3082010A
      02820101
        00BD7CED D35139C7 9E91A927 2A33F790 F472055E C799D616 68497A56 4F13FC0E
        A83C791A 9E2006AD 7421E9A9 9C16C6B9 03384B96 8A99AFF6 A03F92E1 197D5118
        6D6FC8BD 187D67D2 D965B6E7 8CC9CEF8 0BAC38F9 76D6D07E EA840564 FEAE1C88
        DFC31D63 C6E09347 F7EC9698 2C85F367 D5488872 2CC28757 B5E27924 A1C9C8D8
        A57D9047 ADB911AB 88B20E92 CED1DDF3 135E9E3D 0D873FD6 23B9612A ABD1270B
        315D97AD D85BB8C6 A8855247 C158CF32 CCB1038D 5C5EDB4E 72AFD15B 0E6C0779
        E2C4E436 14123607 77BE1227 86B71BC0 C62F402E A744940E 611DEB07 D4C96736
        9C5605AE DCE96A5C 2717D4ED AF7FDA27 B597B364 C8E67EF9 D3CB5A34 754AE928
        A3
      0203
        010001
     public-key-code end
     peer-public-key end
    #
    ip dcn vpn-instance __dcn_vpn__
     ipv4-family    
    #               
    bfd             
    #               
    mpls lsr-id 1.1.1.1
    #               
    mpls            
    #               
    mpls l2vpn
    #
    mpls ldp        
     #              
     ipv4-family    
    #               
    virtual-access  
     role master    
     admin 1.1.1.9  
     isis authentication-mode hmac-sha256 key-id 1 cipher %#%#;Z4)W1+&+F\Rax>JvX~7958dF@U%YGfREMUAQA{:%#%#
    
    #               
    ap-id 1025      
     esn 21023519306TEC900327
     admin 3.3.3.9  
     management priority 10
     remote-interface GigabitEthernet1/0/1
     login-user root1234 login-password %^%#=Xy6Tq+*$:!J$~OYk^J7YK0LD[_HXH01\08'n%E2%^%#
     login-user root1234 sftp-directory cfcard:/
     authentication-mode local
     #
     ap-user
      local-user root1234 password cipher %^%#J:!g;T=Gi;\UnI;xi-+>[n@"WXUvITnHJ8.z$P`O%^%#
    #               
    isis 65534      
     description auto-generated for virtual-cluster-access
     is-level level-2
     cost-style wide
     virtual-access enable
     network-entity 00.38ba.2b87.fe03.00
    #    
    vsi vpls_10 bd-mode
     interface-status-change down mac-withdraw enable                               
     mac-withdraw bd-status down disable
     mac-withdraw enable
     pwsignal ldp
      vsi-id 10
      peer 2.2.2.2 
      peer 3.3.3.3 
    remote-interface traffic-replication enable
    #    
    bridge-domain 10
    l2 binding vsi vpls_10 pw-tag 10
    #               
    interface GigabitEthernet1/1/0/1
     undo shutdown  
     ip address 10.2.1.1 255.255.255.0
     mpls           
     mpls ldp       
    #
    interface GigabitEthernet1/1/0/2
     undo shutdown
     isis enable 65534
     isis circuit-type p2p
     dcn
     virtual-access enable
    #
    interface GigabitEthernet1025/1/0/1
     undo shutdown
    #
    interface GigabitEthernet1025/1/0/1.10 mode l2
     encapsulation dot1q vid 10
     rewrite pop single
     bridge-domain 10
    #
    interface LoopBack1
     ip address 1.1.1.1 255.255.255.255
    #
    interface LoopBack2147483646
     description virtual-access loopback interface
     ip binding vpn-instance __dcn_vpn__
     ip address 1.1.1.9 255.255.255.255
    #               
    interface LoopBack2147483647
     description DCN loopback interface
     ip binding vpn-instance __dcn_vpn__
     ip address 128.254.255.251 255.255.0.0
    #               
    ospf 1 router-id 1.1.1.1
     area 0.0.0.0   
      network 1.1.1.1 0.0.0.0
      network 10.2.1.0 0.0.0.255
    #               
    ospf 65534 vpn-instance __dcn_vpn__
     description DCN ospf create by default
     opaque-capability enable
     hostname       
     vpn-instance-capability simple
     area 0.0.0.0   
      network 0.0.0.0 255.255.255.255
    #               
    !The DCN function implements the capability of plug-and-play for this device.
    !A NE IP address based on the unique NE ID is automatically generated in VPN
    !of DCN. It is recommended that the NE IP address be changed to the planned 
    !one by running the ne-ip X.X.X.X <mask> command after the device being online.
    dcn             
     bandwidth ethernet 1024 
     bandwidth pos 1024 
     bandwidth serial 192 
    #               
    snmp-agent trap type base-trap
    #               
    ssh client first-time enable
    ssh client 128.254.255.253 assign rsa-key 128.254.255.253
    #
    return 
    
  • Master 2 configuration file

    #
    sysname Master2
    #
    rsa peer-public-key 128.254.255.253 encoding-type der
     public-key-code begin
     3082010A
      02820101
        009D0859 236378F5 11BE0338 BD1C27BA 1B6DCFDA 78283532 C3CE5DFF 2BA19DF6
        D456D3FC 093DE062 7B66386A DCCE8660 3F8D44ED 414DB8B0 C4911497 B1D688D9
        C960C1DB B31BB8D9 2D80B47E 93D7C101 54371722 49120A6F FC5E3504 48AA3CB7
        BE9F094F C29074BA 2304010E 1287FF4D 1B59E4B4 EF1005A4 5E43A8EB A534F46C
        06DA7EE2 A8C4BBF5 4DE3EAC8 F6880579 9C4D1B75 5F0D8401 9A64BE6E 2446C448
        C9BF67F0 6801C928 234B1851 1AD496C0 E3AF2401 E6C3910B BB55A0C1 ED52E2BB
        AD96615D 2437C255 4823276E 841EEF25 352B3A69 65B085CA A0676C01 9F08ED3A
        53C404B5 5353A044 802199FC FCE1AF9D CBDA44B3 7543257E BF349FBD FCE7BB78
        91
      0203
        010001
     public-key-code end
     peer-public-key end
    #
    ip dcn vpn-instance __dcn_vpn__
     ipv4-family    
    #               
    bfd             
    #               
    mpls lsr-id 2.2.2.2
    #               
    mpls      
    #      
    mpls l2vpn
    #               
    mpls ldp        
     #              
     ipv4-family    
    #               
    virtual-access  
     role master    
     admin 2.2.2.9  
     isis authentication-mode hmac-sha256 key-id 1 cipher %#%#e^1}%%w;/C[M)OQc7"j+,2)}JvX~7958dF@UY4)W%#%#
    #               
    ap-id 1025      
     esn 21023519306TEC900327
     admin 3.3.3.9  
     management priority 20
     remote-interface GigabitEthernet1/0/1
     login-user root1234 login-password %^%#_LAB9"kqpQ)U%rBWT!bSVN+p/Kt/l/"hXpFm(]FW%^%#
     login-user root1234 sftp-directory cfcard:/
     authentication-mode local
     #
     ap-user
      local-user root1234 password cipher %^%#=GDy1dDG4Ko0nY8Xp%hA1JNA,$bbW$z<3U(W2iEF%^%#
    #               
    isis 65534      
     description auto-generated for virtual-cluster-access
     is-level level-2
     cost-style wide
     virtual-access enable
     network-entity 00.38ba.264b.4b04.00
    #               
    vsi vpls_10 bd-mode
     mac-withdraw enable
     interface-status-change down mac-withdraw enable                               
     mac-withdraw bd-status down disable
     pwsignal ldp
      vsi-id 10
      peer 1.1.1.1 
      peer 3.3.3.3 
    remote-interface traffic-replication enable
    #
    bridge-domain 10
    l2 binding vsi vpls_10 pw-tag 10
    #
    interface GigabitEthernet1/1/0/1
     undo shutdown  
     ip address 10.3.1.1 255.255.255.0
     mpls           
     mpls ldp       
    #
    interface GigabitEthernet1/1/0/2
     undo shutdown
     isis enable 65534
     isis circuit-type p2p
     dcn
     virtual-access enable
    #
    interface GigabitEthernet1025/1/0/1
     undo shutdown
    #
    interface GigabitEthernet1025/1/0/1.10 mode l2
     encapsulation dot1q vid 10
     rewrite pop single
     bridge-domain 10
    #
    interface LoopBack1
     ip address 2.2.2.2 255.255.255.255
    #
    interface LoopBack2147483646
     description virtual-access loopback interface
     ip binding vpn-instance __dcn_vpn__
     ip address 2.2.2.9 255.255.255.255
    #               
    interface LoopBack2147483647
     description DCN loopback interface
     ip binding vpn-instance __dcn_vpn__
     ip address 128.254.255.250 255.255.0.0
    #               
    ospf 1 router-id 2.2.2.2
     area 0.0.0.0   
      network 2.2.2.2 0.0.0.0
      network 10.3.1.0 0.0.0.255
    #               
    ospf 65534 vpn-instance __dcn_vpn__
     description DCN ospf create by default
     opaque-capability enable
     hostname       
     vpn-instance-capability simple
     area 0.0.0.0   
      network 0.0.0.0 255.255.255.255
    #               
    !The DCN function implements the capability of plug-and-play for this device.
    !A NE IP address based on the unique NE ID is automatically generated in VPN
    !of DCN. It is recommended that the NE IP address be changed to the planned 
    !one by running the ne-ip X.X.X.X <mask> command after the device being online.
    dcn             
     bandwidth ethernet 1024 
     bandwidth pos 1024 
     bandwidth serial 192 
    #               
    snmp-agent trap type base-trap
    #               
    ssh client first-time enable
    ssh client 128.254.255.253 assign rsa-key 128.254.255.253
    #
    return 
    
  • PE configuration file
    #
    sysname PE
    #
    mpls lsr-id 3.3.3.3
    #
    mpls
    #
    mpls l2vpn
    #
    mpls ldp
     #
     ipv4-family
    # 
    vsi vpls_10 
     pwsignal ldp
      vsi-id 10
      peer 1.1.1.1 
      peer 2.2.2.2 
    #
    interface GigabitEthernet1/0/1
     undo shutdown  
     ip address 10.2.1.2 255.255.255.0
     mpls           
     mpls ldp
    #
    interface GigabitEthernet1/0/2
     undo shutdown  
     ip address 10.3.1.2 255.255.255.0
     mpls           
     mpls ldp 
    #
    interface GigabitEthernet1/0/3
     undo shutdown  
    #               
    interface GigabitEthernet1/0/3.10
     vlan-type dot1q 10 
     l2 binding vsi vpls_10 
    #
    interface LoopBack1
     ip address 3.3.3.3 255.255.255.255
    #               
    ospf 1          
     area 0.0.0.0   
      network 3.3.3.3 0.0.0.0
      network 10.2.1.0 0.0.0.255
      network 10.3.1.0 0.0.0.255
    #
    return 
  • CE2 configuration file

    #
    sysname CE2
    #
    interface GigabitEthernet1/0/1
     undo shutdown  
    #               
    interface GigabitEthernet1/0/1.10
     vlan-type dot1q 10 
     ip address 10.1.1.2 24
    #
    return
Download
Updated: 2018-07-12

Document ID: EDOC1100028541

Views: 7833

Downloads: 92

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next