No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - VPN

AR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R010

This document describes VPN features on the device and provides configuration procedures and configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring a VLL Connection in SVC Mode

Example for Configuring a VLL Connection in SVC Mode

Networking Requirements

The MPLS network of an ISP provides the L2VPN service for sites of two users. Each user has two sites at fixed locations, which connect to the MPLS network through CE1 and CE2. The users hope that hosts in different sites can communicate at Layer 2.

Figure 10-20  SVC VLL

Configuration Roadmap

The users expect direct Layer 2 communication between their sites. VLL can be configured to satisfy this requirement. The two PEs have fixed users, so signaling information can be manually configured (SVC mode).

The configuration roadmap is as follows:

  1. Configure an IGP on the MPLS backbone network to implement IP interworking.

  2. Configure basic MPLS functions and LDP on the MPLS backbone network and set up an LDP LSP tunnel. The LDP LSP tunnel is used as a dedicated tunnel to transmit data of private networks on the public network.

  3. On the PEs, enable MPLS L2VPN, create a static VC connection, and manually configure VC labels. Enabling MPLS L2VPN is the prerequisite for VLL configuration, and creating a static VC connection is the most important step in configuring VLL of the SVC mode.

Procedure

  1. Configure IP addresses to each interface according to Figure 10-20.

    # Configure CE1. The configuration on PE1, P, PE2, and CE2 is similar to the configuration on CE1 and is not mentioned here.

    <Huawei> system-view
    [Huawei] sysname CE1
    [CE1] interface gigabitethernet 1/0/0
    [CE1-GigabitEthernet1/0/0] ip address 100.1.1.1 255.255.255.0
    [CE1-GigabitEthernet1/0/0] quit

  2. Configure IGP on the MPLS backbone network. (In this example, OSPF is used.)

    When configuring OSPF, advertise the 32-bit addresses of loopback interfaces on PEs and P. The loopback interface addresses are the LSR IDs.

    # Configure PE1. The configuration on P and PE2 is similar to the configuration on PE1 and is not mentioned here.

    [PE1] ospf 1
    [PE1-ospf-1] area 0
    [PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
    [PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0
    [PE1-ospf-1-area-0.0.0.0] quit
    [PE1-ospf-1] quit
    

  3. Configure basic MPLS functions and LDP on the MPLS backbone network. That is, set up LDP LSPs.

    # Configure PE1.

    [PE1] mpls lsr-id 1.1.1.9
    [PE1] mpls
    [PE1-mpls] quit
    [PE1] mpls ldp
    [PE1-mpls-ldp] quit
    [PE1] interface gigabitethernet 2/0/0
    [PE1-GigabitEthernet2/0/0] mpls
    [PE1-GigabitEthernet2/0/0] mpls ldp
    [PE1-GigabitEthernet2/0/0] quit

    # Configure the P.

    [P] mpls lsr-id 2.2.2.9
    [P] mpls
    [P-mpls] quit
    [P] mpls ldp
    [P-mpls-ldp] quit
    [P] interface gigabitethernet 1/0/0
    [P-GigabitEthernet1/0/0] mpls
    [P-GigabitEthernet1/0/0] mpls ldp
    [P-GigabitEthernet1/0/0] quit
    [P] interface gigabitethernet 2/0/0
    [P-GigabitEthernet2/0/0] mpls
    [P-GigabitEthernet2/0/0] mpls ldp
    [P-GigabitEthernet2/0/0] quit

    # Configure PE2.

    [PE2] mpls lsr-id 3.3.3.9
    [PE2] mpls
    [PE2-mpls] quit
    [PE2] mpls ldp
    [PE2-mpls-ldp] quit
    [PE2] interface gigabitethernet 1/0/0
    [PE2-GigabitEthernet1/0/0] mpls
    [PE2-GigabitEthernet1/0/0] mpls ldp
    [PE2-GigabitEthernet1/0/0] quit

    After completing the configuration, LDP sessions are set up between PE1 and P, and between PE2 and P. Run the display mpls ldp session command. The command output shows that the status of the LDP session is Operational.

    Take the display on PE1 for example:

    [PE1] display mpls ldp session
    
     LDP Session(s) in Public Network
     Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
     A '*' before a session means the session is being deleted.
     ------------------------------------------------------------------------------
     PeerID             Status      LAM  SsnRole  SsnAge      KASent/Rcv
     ------------------------------------------------------------------------------
     2.2.2.9:0        Operational DU   Passive  0000:00:05  22/22
     ------------------------------------------------------------------------------
     TOTAL: 1 session(s) Found.
    

  4. Enable MPLS L2VPN and create static VCs on PEs.

    # Configure PE1: Create a static VC on GE1/0/0, which is connected to CE1.

    [PE1] mpls l2vpn
    [PE1-l2vpn] quit
    [PE1] interface gigabitethernet 1/0/0
    [PE1-GigabitEthernet1/0/0] mpls static-l2vc destination 3.3.3.9 transmit-vpn-label 100 receive-vpn-label 200
    [PE1-GigabitEthernet1/0/0] quit

    # Configure PE2: Create a static VC on GE2/0/0, which is connected to CE2.

    [PE2] mpls l2vpn
    [PE2-l2vpn] quit
    [PE2] interface gigabitethernet 2/0/0
    [PE2-GigabitEthernet2/0/0] mpls static-l2vc destination 1.1.1.9 transmit-vpn-label 200 receive-vpn-label 100
    [PE2-GigabitEthernet2/0/0] quit

  5. Verify the configuration.

    # View the L2VPN connection information of the SVC on the PE. The command output shows that a static L2VC connection is established.

    # Take PE1 for example.

    [PE1] display mpls static-l2vc interface gigabitethernet 1/0/0
     *Client Interface     : GigabitEthernet1/0/0 is up                             
      AC Status            : up                                                     
      VC State             : up                                                     
      VC ID                : 0                                                      
      VC Type              : Ethernet                                               
      Destination          : 3.3.3.9                                                
      Transmit VC Label    : 100                                                    
      Receive VC Label     : 200                                                    
      Label Status         : 0                                                      
      Token Status         : 0                                                      
      Control Word         : Disable                                                
      VCCV Capabilty       : alert ttl lsp-ping bfd                                 
      active state         : active                                                 
      Link State           : up                                                     
      Tunnel Policy        : --                                                     
      PW Template Name     : --                                                     
      Main or Secondary    : Main                                                   
      load balance type    : flow                                                   
      Access-port          : false                                                  
      VC tunnel/token info : 1 tunnels/tokens                                       
      NO.0  TNL Type       : lsp   , TNL ID : 0x3                                   
      Backup TNL Type      : lsp   , TNL ID : 0x0                                   
      Create time          : 0 days, 0 hours, 4 minutes, 31 seconds                 
      UP time              : 0 days, 0 hours, 2 minutes, 14 seconds                 
      Last change time     : 0 days, 0 hours, 2 minutes, 14 seconds                 
      VC last up time      : 2012/08/16 19:05:13                                    
      VC total up time     : 0 days, 0 hours, 2 minutes, 14 seconds                 
      CKey                 : 4                                                      
      NKey                 : 3
      Diffserv Mode        : uniform                                                
      Service Class        : --                                                     
      Color                : --                                                     
      DomainId             : --                                                     
      Domain Name          : --                                                     
      BFD for PW           : unavailable                                     

    # Run the display l2vpn ccc-interface vc-type static-vc up command, you can view information about an interface on which the VC Type is displayed as static-vc and State is Up.. Take the display on PE1 for example.

    [PE1] display l2vpn ccc-interface vc-type static-vc up
    Total ccc-interface of SVC VC: 1
    up (1), down (0)
    Interface                     Encap Type               State     VC Type
    GigabitEthernet1/0/0          ethernet                 up        static-vc
    

    # CE1 and CE2 can ping each other.

    [CE1] ping 100.1.1.2
      PING 100.1.1.2: 56  data bytes, press CTRL_C to break
        Reply from 100.1.1.2: bytes=56 Sequence=1 ttl=255 time=46 ms
        Reply from 100.1.1.2: bytes=56 Sequence=2 ttl=255 time=91 ms
        Reply from 100.1.1.2: bytes=56 Sequence=3 ttl=255 time=74 ms
        Reply from 100.1.1.2: bytes=56 Sequence=4 ttl=255 time=88 ms
        Reply from 100.1.1.2: bytes=56 Sequence=5 ttl=255 time=82 ms
      --- 100.1.1.2 ping statistics ---
        5 packet(s) transmitted
        5 packet(s) received
        0.00% packet loss
        round-trip min/avg/max = 46/76/91 ms

Configuration Files

  • Configuration file of CE1

    #
     sysname CE1
    #
    interface GigabitEthernet1/0/0
     ip address 100.1.1.1 255.255.255.0
    #
    return
  • Configuration file of PE1

    #
     sysname PE1
    #
     mpls lsr-id 1.1.1.9
     mpls
    #
     mpls l2vpn
    #
    mpls ldp
    #
    interface GigabitEthernet1/0/0
     mpls static-l2vc destination 3.3.3.9 transmit-vpn-label 100 receive-vpn-label 200
    #
    interface GigabitEthernet2/0/0
     ip address 10.1.1.1 255.255.255.0
     mpls
     mpls ldp
    #
    interface LoopBack1
     ip address 1.1.1.9 255.255.255.255
    #
    ospf 1
     area 0.0.0.0
      network 1.1.1.9 0.0.0.0
      network 10.1.1.0 0.0.0.255
    #
    return
  • Configuration file of P

    #
     sysname P
    #
     mpls lsr-id 2.2.2.9
     mpls
    #
    mpls ldp
    #
    interface GigabitEthernet2/0/0
     ip address 10.1.1.2 255.255.255.0
     mpls
     mpls ldp
    #
    interface GigabitEthernet1/0/0
     ip address 10.2.2.2 255.255.255.0
     mpls
     mpls ldp
    #
    interface LoopBack1
     ip address 2.2.2.9 255.255.255.255
    #
    ospf 1
     area 0.0.0.0
      network 2.2.2.9 0.0.0.0
      network 10.1.1.0 0.0.0.255
      network 10.2.2.0 0.0.0.255
    #
    return
  • Configuration file of PE2

    #
     sysname PE2
    #
     mpls lsr-id 3.3.3.9
     mpls
    #
     mpls l2vpn
    #
    mpls ldp
    #
    interface GigabitEthernet1/0/0
     ip address 10.2.2.1 255.255.255.0
     mpls
     mpls ldp
    #
    interface GigabitEthernet2/0/0
     mpls static-l2vc destination 1.1.1.9 transmit-vpn-label 200 receive-vpn-label 100
    #
    interface LoopBack1
     ip address 3.3.3.9 255.255.255.255
    #
    ospf 1
     area 0.0.0.0
      network 3.3.3.9 0.0.0.0
      network 10.2.2.0 0.0.0.255
    #
    return
  • Configuration file of CE2

    #
     sysname CE2
    #
    interface GigabitEthernet1/0/0
     ip address 100.1.1.2 255.255.255.0
    #
    return
Translation
Download
Updated: 2019-08-07

Document ID: EDOC1100033725

Views: 143373

Downloads: 361

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next