No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - VPN
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring IPv6 Route Import Between Instances

Configuring IPv6 Route Import Between Instances

IPv6 route import between VPN and public network instances enables IPv6 VPN users to communicate with IPv6 public network users, whereas IPv6 route import between VPN instances enables IPv6 users in different VPNs to communicate.

Usage Scenario

In BGP/MPLS IPv6 VPN networking, IPv6 VPN users cannot communicate with IPv6 public network users and IPv6 users of two VPNs can communicate only if the two VPNs have matching VPN targets. To enable IPv6 VPN users to communicate with IPv6 public network users and IPv6 users of two VPNs with unmatching VPN targets to communicate, configure IPv6 route import between instances.

IPv6 route import between instances is further classified into the following types:
  • IPv6 route import between VPN and public network instances

  • IPv6 route import between VPN instances

IPv6 routes are first imported to the VPN or public network instance's corresponding routing tables. For example, VPN OSPFv3 routes are first imported to the public network instance's OSPFv3 routing table. If the imported routes are preferred in the corresponding routing table, they will be further imported to the VPN or public network instance's IPv6 routing table to guide traffic forwarding. In addition, these routes can be advertised to other devices on the network.

Currently, the following types of IPv6 routes can be imported between instances:
  • Direct routes

  • Static routes

  • OSPFv3 routes

  • IS-IS routes

  • BGP4+ routes

  • Vlink direct routes

    NOTE:

    Traffic forwarding relies on direct routes (Vlink direct routes) generated based on user entries. When QinQ or Dot1q VLAN tag termination sub-interfaces are used for route import between VPN and public network, Vlink direct routes cannot be imported. As a result, traffic forwarding is interrupted. To solve this problem, route import between VPN and public network newly supports import of Vlink direct routes.

Pre-configuration Tasks

Before configuring IPv6 route import between instances, configure BGP/MPLS IPv6 VPN.

Configuration Procedures

Perform one or more of the following configurations as required.

Configuring IPv6 Route Import Between VPN and Public Network Instances

IPv6 route import between VPN and public network instances enables IPv6 VPN users to communicate with IPv6 public network users.

Context

Perform the following steps for target VPN and public network instances.
NOTE:

If you do not want a VPN instance to change the next hops of imported routes when advertising these routes to its IBGP peers, run the import-rib route next-hop-invariable command for the VPN instance.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Configure the device to import different types of IPv6 VPN routes to the public network instance's corresponding routing tables.

    • Run ipv6 import-rib vpn-instance vpn-instance-name protocol { direct | vlink-direct-route | { static } [ valid-route ] } [ route-policy route-policy-name | route-filter route-filter-name ]

      The device is enabled to import IPv6 VPN direct routes, Vlink direct routes, static routes to the public network instance's corresponding routing table.

    • Configure the device to import VPN BGP4+ routes to the public network instance's BGP4+ routing table.
      1. Run bgp as-number

        The BGP view is displayed.

      2. Run ipv6-family unicast

        The BGP-IPv6 unicast address family view is displayed.

      3. Run import-rib vpn-instance vpn-instance-name [ include-label-route ] [ valid-route ] [ route-policy route-policy-name ]

        The device is enabled to import VPN BGP4+ routes to the public network instance's BGP4+ routing table.

      4. Run quit

        Return to the BGP view.

      5. Run quit

        Return to the system view.

  3. Configure the device to import different types of IPv6 public network routes to a VPN instance's corresponding routing tables.

    • Configure the device to import IPv6 public network direct routes, static routes, or IGP routes to a VPN instance's corresponding routing table.
      1. Run ip vpn-instance vpn-instance-name

        The VPN instance view is displayed.

      2. Run ipv6-family

        The VPN instance IPv6 address family view is displayed.

      3. Run import-rib public protocol { direct | vlink-direct-route | { static } [ valid-route ] } [ route-policy route-policy-name | route-filter route-filter-name ]

        The device is enabled to import IPv6 public network direct routes, Vlink direct routes, static routes to the VPN instance's corresponding routing table.

    • Configure the device to import public network BGP4+ routes to a VPN instance's BGP4+ routing table.
      1. Run bgp as-number

        The BGP view is displayed.

      2. Run ipv6-family vpn-instance vpn-instance-name

        The BGP-VPN instance IPv6 address family view is displayed.

      3. Run import-rib public [ include-label-route ] [ valid-route ] [ route-policy route-policy-name ]

        The device is enabled to import public network BGP4+ routes to the VPN instance's BGP4+ routing table.

  4. Run commit

    The configuration is committed.

Configuring IPv6 Route Import Between VPN Instances

IPv6 route import between VPN instances enables users in different VPNs to communicate.

Context

Perform the following steps for target VPN instances.
NOTE:

If you do not want a VPN instance to change the next hops of imported routes when advertising these routes to its IBGP peers, run the import-rib route next-hop-invariable command for the VPN instance.

Procedure

  • Configure a device to import IPv6 direct routes, static routes, or IGP routes from one VPN instance to another VPN instance.
    1. Run system-view

      The system view is displayed.

    2. Run ip vpn-instance vpn-instance-name

      The VPN instance view is displayed.

    3. Run ipv6-family

      The VPN instance IPv6 address family view is displayed.

    4. Run import-rib vpn-instance vpn-instance-name protocol { direct | vlink-direct-route | { static } [ valid-route ] } [ route-policy route-policy-name | route-filter route-filter-name ]

      The device is enabled to import IPv6 direct routes, Vlink direct routes, static routes from the specified VPN instance to the current VPN instance's corresponding routing table.

    5. Run commit

      The configuration is committed.

  • Configure a device to import IPv6 direct routes, static routes, or IGP routes from one VPN instance to another VPN instance.
    1. Run system-view

      The system view is displayed.

    2. Run bgp as-number

      The BGP view is displayed.

    3. Run ipv6-family vpn-instance vpn-instance-name

      The BGP-VPN instance IPv6 address family view is displayed.

    4. Run import-rib { public | vpn-instance vpn-instance-name } [ include-label-route ] [ valid-route ] [ route-policy route-policy-name ]

      The device is enabled to import BGP4+ routes from the specified VPN instance to the current VPN instance's BGP4+ routing table.

    5. Run commit

      The configuration is committed.

Verifying the Configuration of IPv6 Route Import Between Instances

After configuring IPv6 route import between instances, you can check IPv6 route import results.

Prerequisites

IPv6 route import between instances has been configured.

Procedure

  • Run the display ipv6 routing-table vpn-instance vpn-instance-name command to check IPv6 routes imported to a specific VPN instance.
  • Run the display ipv6 routing-table command to check IPv6 public network routes.
  • Run the display bgp vpnv6 { all | vpn-instance vpn-instance-name } routing-table ipv6-address [ prefix-length ] command to check IPv6 VPN BGP routes.
  • Run the display bgp ipv6 routing-table ipv6-address [ prefix-length ] command to check IPv6 public network BGP routes.

Example

# Run the display ipv6 routing-table vpn-instance command on a device. The command output shows IPv6 routes imported to a specific VPN instance.

<HUAWEI> display ipv6 routing-table vpn-instance vpna
Routing Table : vpna
         Destinations : 7        Routes : 7

Destination  : ::                                      PrefixLength : 0
NextHop      : ::                                      Preference   : 60
Cost         : 0                                       Protocol     : Static
RelayNextHop : ::                                      TunnelID     : 0x0
Interface    : NULL0                                   Flags        : D

Destination  : 50:30:1::                               PrefixLength : 64
NextHop      : 50:30:1::1                              Preference   : 0
Cost         : 0                                       Protocol     : Direct
RelayNextHop : ::                                      TunnelID     : 0x0
Interface    : Eth-Trunk1.1                            Flags        : D

Destination  : 50:30:1::1                              PrefixLength : 128
NextHop      : ::1                                     Preference   : 0
Cost         : 0                                       Protocol     : Direct
RelayNextHop : ::                                      TunnelID     : 0x0
Interface    : Eth-Trunk1.1                            Flags        : D

Destination  : 200::                                   PrefixLength : 10
NextHop      : ::FFFF:11.11.11.11                      Preference   : 255
Cost         : 0                                       Protocol     : BGP
RelayNextHop : ::                                      TunnelID     : 0x0000000001004c4f41
Interface    : LDP LSP                                 Flags        : RD

Destination  : 200::                                   PrefixLength : 11
NextHop      : ::FFFF:11.11.11.11                      Preference   : 255
Cost         : 0                                       Protocol     : BGP
RelayNextHop : ::                                      TunnelID     : 0x0000000001004c4f41
Interface    : LDP LSP                                 Flags        : RD

Destination  : 200::                                   PrefixLength : 15
NextHop      : ::FFFF:11.11.11.11                      Preference   : 255
Cost         : 0                                       Protocol     : BGP
RelayNextHop : ::                                      TunnelID     : 0x0000000001004c4f41
Interface    : LDP LSP                                 Flags        : RD

Destination  : FE80::                                  PrefixLength : 10
NextHop      : ::                                      Preference   : 0
Cost         : 0                                       Protocol     : Direct
RelayNextHop : ::                                      TunnelID     : 0x0
Interface    : NULL0                                   Flags        : D

# Run the display ipv6 routing-table command on a device. The command output shows IPv6 routes imported to the public network instance.

<HUAWEI> display ipv6 routing-table
Routing Table : Public
         Destinations : 8        Routes : 8

 Destination  : ::1                             PrefixLength : 128
 NextHop      : ::1                             Preference   : 0
 Cost         : 0                               Protocol     : Direct
 RelayNextHop : ::                              TunnelID     : 0x0
 Interface    : InLoopBack0                     Flags        : D

 Destination  : 1998::                          PrefixLength : 64
 NextHop      : 1998::1                         Preference   : 0
 Cost         : 0                               Protocol     : Direct
 RelayNextHop : ::                              TunnelID     : 0x0
 Interface    : LoopBack1                       Flags        : D

 Destination  : 1998::1                         PrefixLength : 128
 NextHop      : ::1                             Preference   : 0
 Cost         : 0                               Protocol     : Direct
 RelayNextHop : ::                              TunnelID     : 0x0
 Interface    : LoopBack1                       Flags        : D

 Destination  : 1999::                          PrefixLength : 64
 NextHop      : 2001::2                         Preference   : 255
 Cost         : 0                               Protocol     : EBGP
 RelayNextHop : ::                              TunnelID     : 0x0
 Interface    : GigabitEthernet0/1/1            Flags        : D

 Destination  : 2001::                          PrefixLength : 64
 NextHop      : 2001::1                         Preference   : 0
 Cost         : 0                               Protocol     : Direct
 RelayNextHop : ::                              TunnelID     : 0x0
 Interface    : GigabitEthernet0/1/1            Flags        : D

 Destination  : 2001::1                         PrefixLength : 128
 NextHop      : ::1                             Preference   : 0
 Cost         : 0                               Protocol     : Direct
 RelayNextHop : ::                              TunnelID     : 0x0
 Interface    : GigabitEthernet0/1/1            Flags        : D

 Destination  : 2004::                          PrefixLength : 64
 NextHop      : 2001::2                         Preference   : 255
 Cost         : 0                               Protocol     : EBGP
 RelayNextHop : ::                              TunnelID     : 0x0
 Interface    : GigabitEthernet0/1/1            Flags        : D

 Destination  : FE80::                          PrefixLength : 10
 NextHop      : ::                              Preference   : 0
 Cost         : 0                               Protocol     : Direct
 RelayNextHop : ::                              TunnelID     : 0x0
 Interface    : NULL0                           Flags        : D

# Run the display bgp vpnv6 { all | vpn-instance vpn-instance-name } routing-table ipv6-address [ prefix-length ] command on a device. The command output shows IPv6 routes imported to a specific or all VPN instances' BGP routing tables. Primary Routing Table indicates whether these routes are imported from the public network instance or a VPN instance.

<HUAWEI> display bgp vpnv6 vpn-instance vrf1 routing-table 196:1:1::
 BGP local router ID : 223.2.1.16
 Local AS number : 600
 Paths:   1 available, 1 best, 1 select, 0 best external a - add path,
 BGP routing table entry information of 196:1:1::/48:
 Imported route.
 From: :: (0.0.0.0)
 Route Duration: 00h12m10s
 Direct Out-interface: NULL0
 Original nexthop: ::
 Primary Routing Table: public
 AS-path Nil, origin incomplete, MED 0, pref-val 0, valid, local, best, select,
pre 60
 Not advertised to any peer yet

# Run the display bgp ipv6 routing-table ipv6-address [ prefix-length ] command on a device. The command output shows IPv6 routes imported to the public network instance's BGP routing table. Primary Routing Table indicates the VPN instance from which these IPv6 routes are imported.

<HUAWEI> display bgp routing-table 12.1.1.1
 
 BGP local router ID : 3.3.3.3
 Local AS number : 100
 Paths:   2 available, 1 best, 1 select , 0 best-external, 0 add-path
 BGP routing table entry information of 111::111/128:
 From: 30::2 (4.4.4.4)
 Route Duration: 00h25m46s
 Relay IP Nexthop: 30::2
 Relay IP Out-Interface: GigabitEthernet0/1/3
 Original nexthop: 50::2
 Primary Routing Table: vrf1
 AS-path 300, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, best, select, pre 255
 Not advertised to any peers yet
Translation
Download
Updated: 2019-01-14

Document ID: EDOC1100058925

Views: 31702

Downloads: 57

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next