No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - VPN
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring a Tunnel Policy for the Backbone Network of a BGP/MPLS IPv6 VPN

Configuring a Tunnel Policy for the Backbone Network of a BGP/MPLS IPv6 VPN

A tunnel policy applied to an IPv6 VPN can specify which tunnels are selected for the VPN and enable load balancing among tunnels.

Usage Scenario

By default, the system selects a tunnel in the order of LSPs, MPLS TE tunnels, and Local_IfNet, and does not perform load balancing. To configure load balancing or change the selection sequence of tunnels, configure a tunnel policy and apply it to the IPv6 VPN.

At present, the NE supports the following types of tunnel policies:

  • Tunnel type prioritizing policy: Using this policy, you can specify the sequence in which tunnels are selected or the number of tunnels participating in load balancing.

  • Tunnel binding: Using this policy, you can bind a TE tunnel to a specified destination IP address so that the VPN traffic to that destination address can only be transmitted over the TE tunnel.

For details about tunnel policy configurations, see VPN Tunnel Management Configuration.

Pre-configuration Tasks

Before configuring a tunnel policy for the backbone network of a BGP/MPLS IPv6 VPN, complete the following tasks:

  • Configure a basic BGP/MPLS IPv6 VPN.

  • Set up a tunnel of the type specified in the tunnel policy.

Configuration Procedures

Figure 6-9 Flowchart for configuring a tunnel policy for the backbone network of a BGP/MPLS IPv6 VPN

Configuring a Tunnel Policy

A tunnel policy can determine the sequence in which tunnels are selected or bind a TE tunnel to a specified destination IP address.

Context

In the tunnel policy view, the tunnel type prioritizing policy and tunnel binding policy are mutually exclusive. Choose either of the following configurations as needed.

Procedure

  • Configure a tunnel type prioritizing policy.
    1. Run system-view

      The system view is displayed.

    2. Run tunnel-policy policy-name

      A tunnel policy is created, and the tunnel policy view is displayed.

    3. Run tunnel select-seq { cr-lsp | gre | { lsp | { ldp | bgp | sr-lsp } } } * load-balance-number load-balance-number [ unmix ]

      The sequence in which each type of tunnel is selected and the number of tunnels participating in load balancing are configured.

      After this command is run, the system selects tunnels based on the specified sequence. If tunnels that have higher priorities are unreachable, the system will continue to select tunnels that have lower priorities based on the sequence. For example, if the tunnel select-seq cr-lsp lsp load-balance-number 3 command is run, the system can select MPLS TE tunnels (as preferred ones) or LSPs for VPN service transmission and use a maximum of three tunnels for load balancing. If the number of available MPLS TE tunnels is smaller than 3, LSPs will be qualified to join the MPLS TE tunnels in load balancing.

      LSPs include LDP LSPs, SR-LSPs, and BGP LSPs. If lsp is specified, the default priority sequence in descending order is LDP LSP > BGP LSP > SR-LSP. If sr-lsp, ldp or bgp is specified, the priority sequence for LSPs can be specified.

      CR-LSPs include RSVP-TE tunnels and SR-TE tunnels. If cr-lsp is specified in the tunnel select-seq command, the tunnel that goes Up earlier has a higher priority.

      If unmix is configured, only one type of tunnel can be selected. For example, in a scenario where the tunnel select-seq cr-lsp lsp load-balance-number 3 unmix command is configured for the tunnel policy:
      • If three or more CR-LSPs are available on the network, the system randomly selects three of them for service transmission.

      • If less than three CR-LSPs are available on the network, the system selects only the available CR-LSPs for service transmission.

    4. Run commit

      The configuration is committed.

  • Configure a tunnel binding policy.
    1. Run system-view

      The system view is displayed.

    2. Run tunnel-policy policy-name

      A tunnel policy is created, and the tunnel policy view is displayed.

    3. Run tunnel binding destination dest-ip-address te { tunnel interface-number } &<1-6> [ down-switch ]

      A tunnel policy is configured to bind a TE tunnel to the specified destination address.

    4. Run commit

      The configuration is committed.

Applying a Tunnel Policy to an IPv6 VPN

This section describes how to apply a tunnel policy to an IPv6 VPN to change the tunnel used to carry VPN services or the tunnel selection sequence for VPN services.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ip vpn-instance vpn-instance-name

    The VPN instance view is displayed.

  3. Run ipv6-family

    The VPN instance IPv6 address family view is displayed.

    A VPN instance supports both the IPv4 address family and IPv6 address family. VPN configurations can be performed only if an IPv4 or IPv6 address family (which is determined by the forwarding route type) has been enabled for the VPN instance.

  4. Run tnl-policy policy-name

    A tunnel policy is applied to the VPN instance IPv6 address family.

  5. Run commit

    The configuration is committed.

Verifying the Configuration of a Tunnel Policy for the Backbone Network of a BGP/MPLS IPv6 VPN

After configuring a tunnel policy for the backbone network of a BGP/MPLS IPv6 VPN, check the name of the tunnel policy applied to the VPN and the configurations of the tunnel policy.

Prerequisites

A tunnel policy has been configured for the backbone network of the BGP/MPLS IPv6 VPN.

Procedure

  • Run the display tunnel-policy policy-name command to check the configurations of a specified tunnel policy.
  • Run the display ip vpn-instance verbose [ vpn-instance-name ] command to check the tunnel policy used by a VPN instance.

Example

Run the display tunnel-policy command. If the configurations of a tunnel policy are displayed, the configuration succeeds.

<HUAWEI> display tunnel-policy policy1
Tunnel Policy Name                      Select-Seq                   Load balance No  Unmix
--------------------------------------------------------------------------------------------
policy1                                 LSP CR-LSP                                 3 Disable

Run the display ip vpn-instance verbose commandThe command output shows the tunnel policy used by a VPN instance. In the following command output, the tunnel policy used by the IPv6 address family of a VPN instance named vpna is policy1.

<HUAWEI> display ip vpn-instance verbose
 Total VPN-Instances configured : 1
 Total IPv4 VPN-Instances configured : 0
 Total IPv6 VPN-Instances configured : 1
 VPN-Instance Name and ID : vpn1, 1
  Interfaces : GigabitEthernet0/1/0
 Address family ipv6
  Create date : 2006/09/27 15:25:29
  Up time : 0 days, 00 hours, 02 minutes and 11 seconds
  Vrf Status : UP
  Route Distinguisher : 100:1
  Export VPN Targets :  2:2
  Import VPN Targets :  1:1
  Label policy : label per route
Tunnel Policy : policy1
Translation
Download
Updated: 2019-01-14

Document ID: EDOC1100058925

Views: 27314

Downloads: 51

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next