No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - VPN
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Carrier's Carrier

Configuring Carrier's Carrier

In the networking of carrier's carrier, the Level 2 carrier provides BGP/MPLS IPv6 VPN services for its users.

Applicable Environment

If the BGP/MPLS IPv6 VPN users are also service providers, who provide BGP/MPLS IPv6 VPN services for their customers, you can use the carrier's carrier configuration.

In this situation:

  • The Level 1 carrier network is the IPv4 network.

  • The Level 2 carrier network is the IPv4 network.

  • The users of the Level 2 carrier network are the IPv6 network.

Pre-configuration Tasks

Before configuring the carrier's carrier, complete the following tasks:

  • Configuring IGP for the Level 1 carrier's MPLS backbone network to implement the IP connectivity of the backbone network

  • Configuring the MPLS basic capacity and the LDP for the Level 1 carrier's MPLS backbone network and establish the LSP

  • Establishing the MP-IBGP connection between the Level 1 carrier PEs

  • Configuring the IGP for the Level 2 carrier's IP network or MPLS network to the IP connectivity

  • Configuring the MPLS basic capacity and LDP for the Level 2 carrier network and establish the LSP if the Level 2 carrier provides the BGP/MPLS IPv6 VPN services

Data Preparation

Perform one or more of the following configurations as required.

Configuring Level 1 Carrier CE to Access Level 1 Carrier PE (Intra-AS)

If the Level 1 carrier and the Level 2 carrier are in the same AS, the Level 1 carrier takes the Level 2 carrier as its VPN user. The configuration of carrier's carrier is similar to the configuration of CE accessing PE in the basic BGP/MPLS IP VPN.

Procedure

  • Creating a VPN instance on Level 1 Carrier PE
    1. Run system-view

      The system view is displayed.

    2. Run ip vpn-instance vpn-instance-name

      A VPN instance is created and the VPN instance view is displayed.

    3. Run ipv4-family

      The IPv4 address family is enabled for the VPN instance and the VPN instance IPv4 address family view is displayed.

    4. Run route-distinguisher route-distinguisher-name

      The RD of the VPN instance IPv4 address family is configured.

    5. Run vpn-target vpn-target &<1-8> [ both | export-extcommunity | import-extcommunity ]

      The VPN-Target is configured for the VPN instance IPv4 address family.

    6. Run quit

      Return to the system view.

    7. Run interface interface-type interface-number

      The view of the interface connected to Level 1 carrier CE is displayed.

    8. Run ip binding vpn-instance vpn-instance-name

      The interface is bound with the VPN instance.

    9. Run ip address ip-address { mask | mask-length }

      The IP address is configured for the interface.

    10. Run commit

      The configuration is committed.

  • Configuring LDP and IGP on Level 1 Carrier PE
    1. Run system-view

      The system view is displayed.

    2. Run mpls ldp vpn-instance vpn-instance-name

      LDP is enabled for the created VPN instance.

    3. Run quit

      Return to the system view.

    4. Run interface interface-type interface-number

      The view of interface connected to Level 1 carrier CE is displayed.

    5. Run mpls

      MPLS is enabled on the interface.

    6. Run mpls ldp

      LDP is enabled on the interface.

    7. Run commit

      The configuration is committed.

    8. Configure the IGP protocol between the Level 1 carrier PE and the Level 1 carrier CE.

      The RIP multi-instance, the OSPF multi-instance or the IS-IS multi-instance can be used on PE as the IGP protocol between the PE and the Level 1 carrier CE. In the IGP multi-instance view, BGP routes are imported; in the BGP-VPN instance view, IGP routes are imported. The detailed configuration is not mentioned here.

  • Configuring LDP and IGP on the Level 1 Carrier CE
    1. Run system-view

      The system view is displayed.

    2. Run interface interface-type interface-number

      The view of interface connected to the Level 1 carrier PE is displayed.

    3. Run ip address ip-address { mask | mask-length }

      An IP address for the interface is configured.

    4. Run mpls

      MPLS is enabled on the interface.

    5. Run mpls ldp

      LDP is enabled on the interface.

    6. (Optional) Run mpls ldp transport-address interface

      The IP address of the current interface is used to establish an LDP session.

      The transport address is used to establish a TCP connection between the local node and its peer. The peer must have a reachable route to this transport address. The default transport address is the loopback interface address (an LSR ID). When the address of the loopback interface is a public network address, configure different transport addresses for LSRs so that LSRs can set up connections with private network addresses.

    7. Run quit

      Return to the system view.

    8. Run commit

      The configuration is committed.

    9. Configure IGP between the Level 1 carrier CE and the Level 1 carrier PE.

      RIP, OSPF or IS-IS can be used on the CE as an IGP protocol between the CE and the Level 1 carrier PE. The detailed configuration is not mentioned here.

Configuring Level 1 Carrier CE to Access Level 1 Carrier PE (Inter-AS)

If the Level 1 carrier and the Level 2 carrier are in different ASs, the Level 1 carrier takes the Level 2 carrier as its VPN user, and the configuration of carrier's carrier is similar to the configuration of CE accessing PE in the basic BGP/MPLS IP VPN.

Procedure

  • Creating a VPN instance on the Level 1 Carrier PE
    1. Run system-view

      The system view is displayed.

    2. Run ip vpn-instance vpn-instance-name

      A VPN instance is created and the VPN instance view is displayed.

    3. Run ipv4-family

      The IPv4 address family is enabled for the VPN instance and the VPN instance IPv4 address family view is displayed.

    4. Run route-distinguisher route-distinguisher-name

      The RD of the VPN instance IPv4 address family is configured.

    5. Run vpn-target vpn-target &<1-8> [ both | export-extcommunity | import-extcommunity ]

      The VPN-Targets are configured for the VPN instance IPv4 address family.

    6. Run quit

      Return to the system view.

    7. Run interface interface-type interface-number

      The view of interface connected to the Level 1 carrier CE is displayed.

    8. Run ip binding vpn-instance vpn-instance-name

      The interface is bound with a VPN instance.

    9. Run ip address ip-address { mask | mask-length }

      An IP address is configured for the interface.

    10. Run mpls

      MPLS is enabled on the interface.

    11. Run commit

      The configuration is committed.

  • Configuring Labeled BGP on the Level 1 Carrier PE
    1. Run system-view

      The system view is displayed.

    2. Run route-policy route-policy-name permit node seq-number

      A routing policy is created for the Level 1 carrier CE.

    3. Run apply mpls-label

      Labels are allocated to IPv4 routes.

    4. Run quit

      Return to the system view.

    5. Run bgp as-number1

      The BGP view is displayed.

    6. Run ipv4-family vpn-instance vpn-instance-name

      The BGP VPN-instance IPv4 address family view is displayed.

    7. Run peer ipv4-address as-number as-number2

      The Level 1 carrier CE is specified as the EBGP peer.

    8. Run peer ipv4-address label-route-capability

      The function of exchanging labeled IPv4 routes is enabled.

    9. Run peer ipv4-address route-policy route-policy-name export

      Labels are assigned to routes advertised to the Level 1 carrier CE.

    10. Run import-route direct

      Direct routes are imported.

    11. Run commit

      The configuration is committed.

  • Configuring Labeled BGP on the Level 1 Carrier CE between it and the Level 1 Carrier PE
    1. Run system-view

      The system view is displayed.

    2. Run interface interface-type interface-number

      The view of the interface connected to the Level 1 carrier PE is displayed.

    3. Run ip address ip-address { mask | mask-length }

      An IP address is configured for the interface.

    4. Run mpls

      MPLS is enabled on the interface.

    5. Run quit

      Return to the system view.

    6. Run route-policy route-policy-name1 permit node seq-number

      The routing policy is created for the Level 1 carrier PE.

    7. Run apply mpls-label

      Labels are assigned for IPv4 routes.

    8. Run quit

      Return to the system view.

    9. Run bgp as-number2

      The BGP view is displayed.

    10. Run peer ipv4-address as-number as-number1

      The Level 1 carrier PE is specified as the EBGP peer.

    11. Run peer ipv4-address label-route-capability

      The function of exchanging labeled IPv4 routes is enabled.

    12. Run peer ipv4-address route-policy route-policy-name1 export

      Labels are assigned to the routes advertised to the Level 1 carrier PE.

    13. Run commit

      The configuration is committed.

  • Configuring Labeled BGP on the Level 1 Carrier CE Between the Level 2 Carrier PE
    1. Run system-view

      The system view is displayed.

    2. Run route-policy route-policy-name2 permit node seq-number

      A routing policy is created for the Level 2 carrier PE.

    3. Run if-match mpls-label

      The labeled IPv4 route is matched.

    4. Run apply mpls-label

      Labels are assigned to IPv4 routes.

    5. Run quit

      Return to the system view.

    6. Run bgp as-number2

      The BGP view is displayed.

    7. Run peer ipv4-address as-number as-number2

      The Level 2 carrier PE is configured as the IBGP peer.

    8. Run peer ipv4-address connect-interface loopback interface-number

      The interface used to set up the TCP connection is specified.

    9. Run peer ipv4-address label-route-capability

      The function of exchange labeled IPv4 routes is enabled.

    10. Run peer ipv4-address route-policy route-policy-name2 export

      Labels are assigned to the labeled IPv4 routes advertised to the Level 2 carrier PE.

    11. Run import-route protocol process-id

      Import internal routes of the Level 2 carrier network.

    12. Run commit

      The configuration is committed.

  • Configuring Labeled BGP on the Level 2 Carrier PE
    1. Run system-view

      The system view is displayed.

    2. Run bgp as-number2

      The BGP view is displayed.

    3. Run peer ipv4-address as-number as-number2

      The Level 1 carrier CE is specified as the IBGP peer.

    4. Run peer ipv4-address connect-interface loopback interface-number

      The interface used to set up the TCP connection is specified.

    5. Run peer ipv4-address label-route-capability

      The function of exchanging labeled IPv4 routes is enabled.

    6. Run commit

      The configuration is committed.

Configuring Level 2 Carrier's Customer to Access Level 2 Carrier PE

The Level 2 carrier provides IPv6 VPN services for its users, and the configuration of the Level 2 carrier is similar to the configuration of CE accessing PE in the basic BGP/MPLS IPv6 VPN.

Procedure

Configuring External Route Exchanges Between Level 2 Carrier PEs

This section describes how to configure the MP-BGP peer relationship between PEs to exchange VPNv6 routes.

Procedure

  • Perform the following steps on the Level 2 carrier PE.
    1. Run system-view

      The system view is displayed.

    2. Run bgp { as-number-plain | as-number-dot }

      The BGP view is displayed.

    3. Run peer ipv4-address as-number { as-number-plain | as-number-dot }

      The remote PE is specified as the BGP peer.

    4. Run peer ipv4-address connect-interface loopback interface-number

      The interface to set up the TCP connections is specified.

    5. Run peer ipv4-address ebgp-max-hop [ hop-count ]

      The number of maximum hops of the EBGP connection is configured.

      If the MP-EBGP peer relationship exists between the Level 2 carrier PEs, you need to configure Step 5.

    6. Run ipv6-family vpnv6

      The BGP IPv6 VPN address family is displayed.

    7. Run peer ipv4-address enable

      The function of exchanging VPN-IPv6 routes with the peer is enabled.

    8. Run commit

      The configuration is committed.

Verifying the Configuration of Carrier's Carrier

After carrier's carrier is configured, you can view information about public network routes and VPN routes on PEs and CEs of the Level 2 carrier and Level 1 carrier.

Prerequisites

The Carrier's Carrier function has been configured.

Procedure

  • Run the display ip routing-table command to check the public routing tables on the CEs and PEs of the Level 1 carrier and PEs of the Level 2 carrier..
  • Run the display ipv6 routing-table [ [ filter-option ] [ verbose ] | statistics ] command to check the routing tables on the CEs of the Level 2 carrier.
  • Run the display ip routing-table vpn-instance [ vpn-instance-name ] command to check the private routing tables on the PEs of the Level 1 carrier.
  • Run the display ipv6 routing-table vpn-instance [ vpn-instance-name ] command to check the private routing tables on the PEs of the Level 2 carrier.

Example

Run the display ip routing-table command on the PEs and CEs of the Level 1 carrier and the Level 2 carrier. You can view the following:

  • The public routing table of the Level 1 carrier PE contains only the routes of the Level 1 carrier network.

  • The public routing table of the Level 1 carrier CE and that of the Level 2 carrier PE contain the internal routes of the Level 2 carrier network.

Running the display ipv6 routing-table command on the CE of the Level 2 carrier network, you can view the routes to the related remote CEs exist between the CEs of the Level 2 carrier.

Running the display ip routing-table vpn-instance command on the PEs of the Level 1 carrier network, you can view the VPN routing table contains the internal routes of the Level 2 carrier network.

Running display ipv6 routing-table vpn-instance [ vpn-instance-name ] command on the PEs of the Level 2 carrier network, you can find the IPv6 VPN routing table contains the routes of the remote IPv6 VPN users, that is, the external routes of the Level 2 carrier.

Translation
Download
Updated: 2019-01-14

Document ID: EDOC1100058925

Views: 27648

Downloads: 53

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next