No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - VPN

AR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R010

This document describes VPN features on the device and provides configuration procedures and configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Route Reflection to Optimize the VPN Backbone Layer

Configuring Route Reflection to Optimize the VPN Backbone Layer

Using an RR can reduce the number of MP IBGP connections between PEs. This not only reduces the burden of PEs, but also facilitates network maintenance and management.

Pre-configuration Tasks

Before configuring route reflection to optimize the VPN backbone layer, complete the following tasks:

  • Configuring the routing protocol for the MPLS backbone network to implement IP interworking between devices on the backbone network

  • Establishing tunnels (LSPs, GRE, or MPLS TE tunnels) between the RR and all client PE devices

Configuration Procedure

All the following configuration tasks are mandatory. An RR can be any device such as P, PE, and ASBR.

Configuring the Client PEs to Establish MP IBGP Connections with the RR

Context

Perform the following steps on all Client PEs.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run bgp { as-number-plain | as-number-dot }

    The BGP view is displayed.

  3. Run peer ipv4-address as-number as-number

    The RR is specified as the BGP peer.

  4. Run peer ipv4-address connect-interface interface-type interface-number

    The interface is specified as an interface to establish the TCP connection.

  5. Run ipv4-family vpnv4

    The BGP VPNv4 address family view is displayed.

  6. Run peer ipv4-address enable

    The capability of exchanging VPNv4 routes between the PE and RR is enabled.

Configuring the RR to Establish MP IBGP Connections with the Client PEs

Context

Choose one of the following schemes to configure the RR.

Procedure

  • Configuring the RR to establish MP IBGP connections with the peer group

    Add all the client PEs to the peer group and establish MP-IBGP connections with the peer group.

    1. Run system-view

      The system view is displayed.

    2. Run bgp { as-number-plain | as-number-dot }

      The BGP view is displayed.

    3. Run group group-name [ internal ]

      An IBGP peer group is created.

    4. Run peer group-name connect-interface interface-type interface-number

      The interface is specified as an interface to establish the TCP connection.

    5. Run ipv4-family vpnv4

      The BGP VPNv4 address family view is displayed.

    6. Run peer group-name enable

      The capability of exchanging IPv4 VPN routes between the RR and the peer group is enabled.

      By default, only the peer in the BGP IPv4 unicast address family view is automatically enabled.

    7. Run peer ip-address group group-name

      The peer is added to the peer group.

  • Configuring the RR to establish an MP IBGP connection with each client PE

    Repeat the following steps on the RR to establish an MP IBGP connection with each client PE.

    1. Run system-view

      The system view is displayed.

    2. Run bgp { as-number-plain | as-number-dot }

      The BGP view is displayed.

    3. Run peer ipv4-address as-number as-number

      The client PE is specified as the BGP peer.

    4. Run peer ipv4-address connect-interface interface-type interface-number

      The interface is specified as an interface to establish the TCP connection.

    5. Run ipv4-family vpnv4

      The BGP VPNv4 address family view is displayed.

    6. Run peer ipv4-address enable

      The capability of exchanging VPNv4 routes between the RR and the client PE is enabled.

Configuring Route Reflection for BGP IPv4 VPN Routes

Context

Perform the following steps on the RR.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run bgp { as-number-plain | as-number-dot }

    The BGP view is displayed.

  3. Run ipv4-family vpnv4

    The BGP VPNv4 address family view is displayed.

  4. Enable route reflection for BGP VPNv4 routes on the RR.

    • Run the peer group-name reflect-client command to enable route reflection if the RR establishes the MP IBGP connection with the peer group consisting of client PEs.

    • Run the peer ipv4-address reflect-client command repeatedly to enable route reflection if the RR establishes the MP IBGP connection with each PE rather than peer group.

  5. Run undo policy vpn-target

    The filtering of VPNv4 routes based on the VPN target is disabled.

  6. (Optional) Run rr-filter { extcomm-filter-number | extcomm-filter-name }

    The reflection policy is configured for the RR. Only the IBGP route of which route-target extended community attribute meets the matching rules can be reflected. This allows load balancing among RRs.

    In the command, the extended community filter specified by extcomm-filter-number or extcomm-filter-name must have been configured using the ip extcommunity-filter command.

  7. (Optional)Run undo reflect between-clients

    Route reflection is disabled between clients.

    If the clients of an RR have established full-mesh connections with each other, the undo reflect between-clients command can be used to disable route reflection between clients in order to reduce the link cost.By default, route reflection is enabled between the clients of an RR.

    This command can only be configured on the RR.

  8. (Optional) Run reflector cluster-id cluster-id

    The RR cluster ID is set.

    If a cluster has multiple RRs, you can use this command to set the same cluster ID for these RRs to prevent routing loops.By default, the cluster ID is the router ID.

Verifying the Configuration of Route Reflection to Optimize the VPN Backbone Layer

Prerequisites

The configurations of the reflection to optimize the VPN backbone layer function are complete.

Procedure

  • Run the display bgp vpnv4 all peer [ [ ipv4-address ] verbose ] command to check information about the BGP VPNv4 peer on the RR or the Client PEs. You can find that the status of the MP IBGP connections between the RR and all Client PEs is "Established".
  • Run the display bgp vpnv4 all routing-table peer ipv4-address { advertised-routes | received-routes } command or display bgp vpnv4 all routing-table statistics command to check information about the routes received from the peer or the routes advertised to the peer on the RR or the Client PEs. You can find that the RR and each Client PE can receive and send VPNv4 routing information between each other.
  • Run the display bgp vpnv4 all group [ group-name ] command to check information about the VPNv4 peer group on the RR. You can view information about the group members and find that the status of the BGP connections between the RR and the group members is "Established".
Translation
Download
Updated: 2019-08-07

Document ID: EDOC1100033725

Views: 151895

Downloads: 367

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next