No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - VPN
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring the Access of PW Redundancy in Independent Mode to L3VPN (IP RAN Scenario)

Example for Configuring the Access of PW Redundancy in Independent Mode to L3VPN (IP RAN Scenario)

The mixed VPN solution is a component of the IPTime MBB solutions, which are developed by Huawei for constructing an IP MBH network.

Networking Requirements

In the mixed VPN solution, the RAN provides excellent FMC capability and adopts a simple and flexible networking scheme. The hierarchical network between CSGs and RSGs carries large-scale services.

CSGs are connected to form an access network. ASGs and RSGs are connected to form an aggregation network. All these devices can be flexibly deployed to meet 2G, 3G, and LTE service bearer requirements. The Figure 10-15 shows the mixed VPN solution.

Figure 10-15 Networking diagram for configuring the access of PW redundancy in independent mode to L3VPN (IP RAN scenario)

The integrated L2VPN access to L3VPN solution allows Ethernet NodeBs to communicate with Radio Network Controllers (RNCs). It terminates the L2VPN and connects the L3VPN on an ASG by creating a Virtual Ethernet group (VE-Group). PW redundancy in independent mode is configured to protect PWs on the CSG. VRRP is configured between the ASGs to determine the role of master or backup. VRRP is also configured between the RSGs to determine the role of master or backup. VPN FRR is configured to protect links on the L3VPN, providing reliable connections for services.

NOTE:
This example uses Virtual-Ethernet interface to configure L2VPN accessing L3VPN. As a VE interface is bound to only one board, when the board is faulty, services are interrupted. To improve service reliability, create two global virtual interfaces: Global-VE1 and Global-VE2. Global-VE1 is configured as an L2VE interface to terminate L2VPN services, and the Global-VE2 is configured as an L3VE interface to access an L3VPN network. Other configurations remain unchanged

HVPLS or PWE3 can be used to construct the L2VPN. This example uses PWE3. Figure 10-16 shows a simplified single-ring network. The current versions are used for networking. The configurations on the CSG and ASG are mainly described.

Figure 10-16 Simplified networking diagram for configuring the access of PW redundancy in independent mode to L3VPN (IP RAN scenario)
NOTE:
  • In this example, interface 1 and interface 2 are GE0/1/0and GE0/1/3, respectively.



Table 10-2 The relationship of the interface with IP Address

Device

Interface

Peer Device

IP Address

CSG

GE0/1/1

ASG1

172.16.1.1/24

GE0/1/2

ASG2

172.16.4.1/24

GE0/1/3

NodeB

-

ASG1

GE0/1/0

ASG2

172.16.2.2/24

GE0/1/1

CSG

172.16.1.2/24

GE0/1/3

RSG1

172.16.3.1/24

GE0/1/4

RSG2

172.16.8.1BU ZH/24

ASG2

GE0/1/0

ASG1

172.16.2.1/24

GE0/1/2

CSG

172.16.4.2/24

GE0/1/3

RSG2

172.16.6.1/24

GE0/1/4

RSG1

172.16.7.1/24

RSG1

GE0/1/0

RSG2

-

GE0/1/1

ASG1

172.16.3.2/24

GE0/1/2

ASG2

172.16.7.2/24

GE0/1/3

RNC

-

RSG2

GE0/1/0

RSG1

-

GE0/1/1

ASG2

172.16.6.2/24

GE0/1/2

ASG1

172.16.8.2/24

GE0/1/3

RNC

-

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure IP addresses and routes.

  2. Configure MPLS and public network tunnels.

    • Configure TE tunnels between the CSG and each ASG and provide protection for the tunnels.
    • Configure LSPs between ASGs and RSGs.
  3. Configure PW redundancy in independent mode:

    • Configure MPLS LDP remote sessions between the CSG and ASGs.
    • Configure service PWs.
    • Configure an mPW and associate the bypass PW with the mPW.
    • Configure BFD to monitor the mPW.
    • Configure VRRP to determine the primary PW.
  4. Configure an L3VPN.

    • Configure VPN instances on ASG1 and RSGs.
    • Configure a VE-Group on ASGs and bind the VPN instance to the L3VE sub-interfaces.
    • Establish MP-IBGP peer relationships between ASGs and RSGs.
    • Import direct VPN routes to ASGs and RSGs.
    • Configure VPN FRR.
  5. Configure VRRP.

    • Configure service VRRP and mVRRP on ASGs to determine a gateway for Ethernet NodeBs.
    • Configure service VRRP on RSGs to determine their roles in the VRRP backup group.

Data Preparation

To complete the configuration, you need the following data:

  • Interface number, interface IP address, and OSPF process ID

  • LSR ID

  • L2VC's destination address, VC ID, and VC type

  • BFD session name, local discriminator, and remote discriminator

  • VE-Group number

  • VRRP backup group number and priority

Procedure

  1. Assign an IP address to and configure a routing protocol on each interface.
    1. Assign an IP address to each interface.
    2. Configure a routing protocol on the CSG, ASG1, ASG2, RSG1, and RSG2 to make them routable. In this example, OSPF is used.

      NOTE:
      An access ring is used in this example. If multiple access rings are available, each access ring belongs to a different area. If IS-IS is used, each access ring belongs to a different IS-IS process, and a different NET is deployed for each access ring. If a small network is planned, Level-2 areas can be deployed on the entire network.

    After the configuration is complete, run the display ip routing-table command on the CSG, ASGs, and RSGs. You can view the routes learned from each other. Note that when configuring OSPF, you need to advertise 32-bit loopback interface addresses (LSR IDs) of the CSG, ASGs, and RSGs.

    The detailed configuration is not mentioned here. For details, please check Configuration Files.

  2. Configure basic MPLS functions and public network tunnels.

    • Configure explicit paths between the CSG and ASG1 and between the CSG and ASG2.
    • Configure LSPs between ASGs and between ASGs and RSGs.
    • To improve reliability, enable the Resource Reserved Protocol Graceful Restart (RSVP GR), LDP GR, and OSPF GR.

    The detailed configuration is not mentioned here. For details, please check Configuration Files.

  3. Configure PW redundancy.
    1. Configure MPLS LDP remote sessions between the CSG and ASGs.

      NOTE:
      In this configuration example, TE tunnels are configured between the CSG and ASGs, and MPLS LDP is not required. PWE3, however, uses extended LDP signaling to distribute VPN labels. Therefore, MPLS LDP remote sessions have to be configured between the CSG and ASGs. An LDP LSP is configured to directly connect ASGs, and no LDP remote session needs to be configured between ASGs.

      # Configure the CSG.

      [~CSG] mpls ldp
      [*CSG-mpls-ldp] quit
      [*CSG] mpls ldp remote-peer 2.2.2.2
      [*CSG-mpls-ldp-remote-2.2.2.2] remote-ip 2.2.2.2
      [*CSG-mpls-ldp-remote-2.2.2.2] quit
      [*CSG] mpls ldp remote-peer 3.3.3.3
      [*CSG-mpls-ldp-remote-3.3.3.3] remote-ip 3.3.3.3
      [*CSG-mpls-ldp-remote-3.3.3.3] quit
      [*CSG] commit

      # Configure ASG1.

      [~ASG1] mpls ldp
      [*ASG1-mpls-ldp] quit
      [*ASG1] mpls ldp remote-peer 1.1.1.1
      [*ASG1-mpls-ldp-remote-1.1.1.1] remote-ip 1.1.1.1
      [*ASG1-mpls-ldp-remote-1.1.1.1] quit
      [*ASG1] commit

      # Configure ASG2.

      [~ASG2] mpls ldp
      [*ASG2-mpls-ldp] quit
      [*ASG2] mpls ldp remote-peer 1.1.1.1
      [*ASG2-mpls-ldp-remote-1.1.1.1] remote-ip 1.1.1.1
      [*ASG2-mpls-ldp-remote-1.1.1.1] quit
      [*ASG2] commit

      # Verify the configuration. Run the display mpls ldp session all command on the CSG and ASGs to check whether the LDP session status is Operational. If the LDP session status is Operational, the LDP session is established. Use the CSG as an example.

      [~CSG] display mpls ldp session all
       LDP Session(s) in Public Network
       Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
       An asterisk (*) before a session means the session is being deleted.
       ------------------------------------------------------------------------------
       PeerID             Status      LAM  SsnRole  SsnAge      KASent/Rcv
       ------------------------------------------------------------------------------
       2.2.2.2:0          Operational DU   Passive  0000:00:47  190/190
       3.3.3.3:0          Operational DU   Passive  0000:00:47  190/190
       ------------------------------------------------------------------------------
       TOTAL: 2 session(s) Found.    

    2. Configure service PWs.

      # Configure the CSG.

      [~CSG] mpls l2vpn
      [*CSG-l2vpn] quit
      [*CSG] interface gigabitethernet 0/1/3
      [*CSG-GigabitEthernet0/1/3] undo shutdown
      [*CSG-GigabitEthernet0/1/3] quit
      [*CSG] interface gigabitethernet 0/1/3.10
      [*CSG-GigabitEthernet0/1/3.10] vlan-type dot1q 10
      [*CSG-GigabitEthernet0/1/3.10] mpls l2vc 2.2.2.2 100 tunnel-policy policy1 control-word
      [*CSG-GigabitEthernet0/1/3.10] mpls l2vc 3.3.3.3 200 secondary tunnel-policy policy1 control-word
      [*CSG-GigabitEthernet0/1/3.10] mpls l2vpn redundancy independent
      [*CSG-GigabitEthernet0/1/3.10] mpls l2vpn stream-dual-receiving
      [*CSG-GigabitEthernet0/1/3.10] quit
      [*CSG] commit

      # Configure ASG1.

      [~ASG1] mpls l2vpn
      [*ASG1-l2vpn] quit
      [*ASG1] interface virtual-ethernet 0/1/0
      [*ASG1-Virtual-Ethernet0/1/0] ve-group 1 l2-terminate
      [*ASG1-Virtual-Ethernet0/1/0] quit
      [*ASG1] interface virtual-ethernet 0/1/0.1
      [*ASG1-Virtual-Ethernet0/1/0.1] vlan-type dot1q 10
      [*ASG1-Virtual-Ethernet0/1/0.1] mpls l2vc 1.1.1.1 100 tunnel-policy policy1 ignore-standby-state
      [*ASG1-Virtual-Ethernet0/1/0.1] quit
      [*ASG1] commit

      # Configure ASG2.

      [*ASG2] mpls l2vpn
      [*ASG2-l2vpn] quit
      [*ASG2] interface virtual-ethernet 0/1/0
      [*ASG2-Virtual-Ethernet0/1/0] ve-group 1 l2-terminate
      [*ASG1-Virtual-Ethernet0/1/0] quit
      [*ASG2] interface virtual-ethernet 0/1/0.1
      [*ASG2-Virtual-Ethernet0/1/0.1] vlan-type dot1q 10
      [*ASG2-Virtual-Ethernet0/1/0.1] mpls l2vc 1.1.1.1 200 tunnel-policy policy1 ignore-standby-state
      [*ASG2-Virtual-Ethernet0/1/0.1] quit
      [*ASG2] commit

    3. Configure BFD to monitor the mPW.

      # Configure ASG1.

      [~ASG1] bfd
      [*ASG1-bfd] quit
      [*ASG1] bfd pw1 bind pw interface virtual-ethernet0/1/0.1
      [*ASG1-bfd-lsp-session-ASG1] discriminator local 2
      [*ASG1-bfd-lsp-session-ASG1] discriminator remote 2
      [*ASG1-bfd-lsp-session-ASG1] commit
      [*ASG1-bfd-lsp-session-ASG1] quit
      [*ASG1] commit

      # Configure ASG2.

      [~ASG2] bfd
      [*ASG2-bfd] quit
      [*ASG2] bfd pw2 bind pw interface virtual-ethernet0/1/0.1
      [*ASG2-bfd-lsp-session-ASG2] discriminator local 2
      [*ASG2-bfd-lsp-session-ASG2] discriminator remote 2
      [*ASG2-bfd-lsp-session-ASG2] commit
      [*ASG2-bfd-lsp-session-ASG2] quit
      [*ASG2] commit

      # Verify the configuration. Run the display bfd session all command on ASGs. You can view that BFD sessions are in the Up state. Use ASG1 as an example.

      [~ASG1] display bfd session all
      (w): State in WTR 
      (*): State is invalid
      --------------------------------------------------------------------------------
      Local Remote PeerIpAddr      State     Type        InterfaceName
      --------------------------------------------------------------------------------
      2     2      --.--.--.--     Up        S_PW(M)     Virtual-Ethernet0/1/0.1
      --------------------------------------------------------------------------------
           Total UP/DOWN Session Number : 1/0     

    4. Configure VRRP to determine the primary PW.

      NOTE:
      If PW redundancy in independent mode is used, VRRP has to be configured on ASGs to determine which ASG is the master in the VRRP backup group. After PWs are associated with mVRRP, the primary PW is determined.

      # Configure ASG1.

      [~ASG1] interface gigabitethernet  0/1/0
      [*ASG1-GigabitEthernet0/1/0] vrrp vrid 20 virtual-ip 172.16.2.3
      [*ASG1-GigabitEthernet0/1/0] admin-vrrp vrid 20 ignore-if-down
      [*ASG1-GigabitEthernet0/1/0] vrrp vrid 20 priority 150
      [*ASG1-GigabitEthernet0/1/0] quit
      [*ASG1] interface virtual-ethernet 0/1/0.1
      [*ASG1-Virtual-Ethernet0/1/0.1] mpls l2vc track admin-vrrp interface gigabitethernet  0/1/0 vrid 20 pw-redundancy
      [*ASG1-Virtual-Ethernet0/1/0.1] quit
      [*ASG1] commit

      # Configure ASG2.

      [~ASG2] interface gigabitethernet 0/1/0
      [*ASG2-GigabitEthernet0/1/0] vrrp vrid 20 virtual-ip 172.16.2.3
      [*ASG2-GigabitEthernet0/1/0] admin-vrrp vrid 20 ignore-if-down
      [*ASG2-GigabitEthernet0/1/0] quit
      [*ASG2] interface virtual-ethernet 0/1/0.1
      [*ASG2-Virtual-Ethernet0/1/0.1] mpls l2vc track admin-vrrp interface gigabitethernet 0/1/0 vrid 20 pw-redundancy
      [*ASG2-Virtual-Ethernet0/1/0.1] quit
      [*ASG2] commit

      # Verify the configuration. Run the display vrrp command on ASGs. You can view the role of each ASG in the VRRP backup group. Use ASG1 as an example. The default VRRP priority value is 100, and ASG1 whose VRRP priority value is set to 150 functions as the master in the VRRP backup group.

      [~ASG1] display vrrp
        GigabitEthernet0/1/0 | Virtual Router 1
          State : Master
          Virtual IP : 172.16.2.3
          Master IP : 172.16.2.2
          PriorityRun : 150
          PriorityConfig : 150
          MasterPriority : 150
          Preempt : YES   Delay Time : 0
          TimerRun : 1
          TimerConfig : 1
          Auth Type : NONE
          Virtual Mac :  0000-5e00-0101
          Check TTL : YES
          Config type : admin-vrrp
          Create time : 2010-09-05 15:25:47
          Last change time : 2010-09-05 15:25:51

  4. Configure an L3VPN.
    1. Configure a VPN instance on ASG1 and RSG1, and then bind the VPN instance to interfaces.

      # The configuration on ASG1 is as follows, the same as the configuration on ASG2.

      [~ASG1] ip vpn-instance vpna
      [*ASG1-vpn-instance-vpna] ipv4-family
      [*ASG1-vpn-instance-vpna-af-ipv4] route-distinguisher 1:1
      [*ASG1-vpn-instance-vpna-af-ipv4] vpn-target 1:1
      [*ASG1-vpn-instance-vpna-af-ipv4] quit
      [*ASG1-vpn-instance-vpna] quit
      [*ASG1] interface virtual-ethernet 0/1/1
      [*ASG1-Virtual-Ethernet0/1/1] ve-group 10 l3-access
      [*ASG1-Virtual-Ethernet0/1/1] quit
      [*ASG1] interface virtual-ethernet 0/1/1.1
      [*ASG1-Virtual-Ethernet0/1/1.1] vlan-type dot1q 10
      [*ASG1-Virtual-Ethernet0/1/1.1] ip binding vpn-instance vpna
      [*ASG1-Virtual-Ethernet0/1/1.1] ip address 120.0.0.2 24
      [*ASG1-Virtual-Ethernet0/1/1.1] direct-route track pw-state degrade-cost 30
      [*ASG1-Virtual-Ethernet0/1/1.1] quit
      [*ASG1] commit

      # The configuration on RSG1 is as follows, the same as the configuration on RSG2.

      [*RSG1] ip vpn-instance vpna
      [*RSG1-vpn-instance-vpna] ipv4-family
      [*RSG1-vpn-instance-vpna-af-ipv4] route-distinguisher 1:1
      [*RSG1-vpn-instance-vpna-af-ipv4] vpn-target 1:1
      [*RSG1-vpn-instance-vpna-af-ipv4] quit
      [*RSG1-vpn-instance-vpna] quit
      [*RSG1] interface gigabitethernet 0/1/3
      [*RSG1-GigabitEthernet0/1/3] portswitch
      [*RSG1-GigabitEthernet0/1/3] port link-type trunk
      [*RSG1-GigabitEthernet0/1/3] port trunk allow-pass vlan 10
      [*RSG1-GigabitEthernet0/1/3] quit
      [*RSG1] interface gigabitethernet 0/1/0
      [*RSG1-GigabitEthernet0/1/0] portswitch
      [*RSG1-GigabitEthernet0/1/0] port link-type trunk
      [*RSG1-GigabitEthernet0/1/0] port trunk allow-pass vlan 10
      [*RSG1-GigabitEthernet0/1/0] quit
      [*RSG1] vlan 10
      [*RSG1-vlan10] quit
      [*RSG1] interface vlanif 10
      [*RSG1-Vlanif10] ip binding vpn-instance vpna
      [*RSG1-Vlanif10] ip address 120.0.1.1 24
      [*RSG1-Vlanif10] quit
      [*RSG1] commit

    2. Establish MP-IBGP peer relationships between ASGs and RSGs.

      # The configuration on ASG2 is as follows, the same as the configuration on ASG1.

      [~ASG2] bgp 100
      [*ASG2-bgp] graceful-restart
      [*ASG2-bgp] peer 2.2.2.2 as-number 100
      [*ASG2-bgp] peer 2.2.2.2 connect-interface loopback 0
      [*ASG2-bgp] peer 4.4.4.4 as-number 100
      [*ASG2-bgp] peer 4.4.4.4 connect-interface loopback 0
      [*ASG2-bgp] peer 4.4.4.4 tracking delay 30
      [*ASG2-bgp] peer 5.5.5.5 as-number 100
      [*ASG2-bgp] peer 5.5.5.5 connect-interface loopback 0
      [*ASG2-bgp] peer 5.5.5.5 tracking delay 30
      [*ASG2-bgp] ipv4-family vpnv4
      [*ASG2-bgp-af-vpnv4] peer 2.2.2.2 enable
      [*ASG2-bgp-af-vpnv4] peer 4.4.4.4 enable
      [*ASG2-bgp-af-vpnv4] peer 5.5.5.5 enable
      [*ASG2-bgp-af-vpnv4] quit
      [*ASG2] commit

      # The configuration on RSG1 is as follows, the same as the configuration on RSG2.

      [~RSG1] bgp 100
      [*RSG1-bgp] graceful-restart
      [*RSG1-bgp] peer 2.2.2.2 as-number 100
      [*RSG1-bgp] peer 2.2.2.2 connect-interface loopback 0
      [*RSG1-bgp] peer 2.2.2.2 tracking delay 30
      [*RSG1-bgp] peer 3.3.3.3 as-number 100
      [*RSG1-bgp] peer 3.3.3.3 connect-interface loopback 0
      [*RSG1-bgp] peer 3.3.3.3 tracking delay 30
      [*RSG1-bgp] peer 5.5.5.5 as-number 100
      [*RSG1-bgp] peer 5.5.5.5 connect-interface loopback 0
      [*RSG1-bgp] ipv4-family vpnv4
      [*RSG1-bgp-af-vpnv4] peer 2.2.2.2 enable
      [*RSG1-bgp-af-vpnv4] peer 3.3.3.3 enable
      [*RSG1-bgp-af-vpnv4] peer 5.5.5.5 enable
      [*RSG1-bgp-af-vpnv4] quit
      [*RSG1] commit

    3. Import direct VPN routes to ASGs and RSGs.

      # The configuration on ASG2 is as follows, the same as the configuration on ASG1.

      [~ASG1-bgp] ipv4-family vpn-instance vpna
      [*ASG1-bgp-vpna] import-route direct
      [*ASG1-bgp-vpna] quit
      [*ASG1-bgp] quit
      [*ASG1] commit

      # The configuration on RSG1 is as follows, the same as the configuration on RSG2.

      [*RSG1-bgp] ipv4-family vpn-instance vpna
      [*RSG1-bgp-vpna] import-route direct
      [*RSG1-bgp-vpna] quit
      [*RSG1-bgp] quit
      [*RSG1] commit

    4. Configure VPN FRR.

      # The configuration of RSG1 is as follows, the same as the configuration on ASGs and RSG2.

      [~RSG1] ip vpn-instance vpna
      [*RSG1-vpn-instance-vpna] ipv4-family
      [*RSG1-vpn-instance-vpna-af-ipv4] vpn frr
      [*RSG1-vpn-instance-vpna-af-ipv4] quit
      [*RSG1-vpn-instance-vpna] quit
      [*RSG1] commit

  5. Configure VRRP on ASG1 and ASG2 to determine a gateway for Ethernet NodeBs.

    For configuration details, see the chapter "VRRP Configuration" in the NE Configuration - Reliability and configuration file.

  6. Configure VRRP to determine the active/standby status of the RSGs.

    For configuration details, see the chapter "VRRP Configuration" in the NE Configuration - Reliability and configuration file.

Configuration Files

  • Configuration file of the CSG

    #
     sysname CSG
    #
     mpls lsr-id 1.1.1.1
     mpls
      mpls te
      mpls rsvp-te
      mpls rsvp-te hello
      mpls te cspf
    #
     mpls l2vpn
    #
     explicit-path to_asg1
      next hop 172.16.1.2
      next hop 2.2.2.2
    #
     explicit-path to_asg2
      next hop 172.16.4.2
      next hop 3.3.3.3
    #
    mpls ldp
     graceful-restart
    #
     mpls ldp remote-peer 2.2.2.2
     remote-ip 2.2.2.2
    #
     mpls ldp remote-peer 3.3.3.3
     remote-ip 3.3.3.3
    #
    interface GigabitEthernet0/1/1
     undo shutdown
     ip address 172.16.1.1 255.255.255.0
     mpls
     mpls te
     mpls rsvp-te
     mpls rsvp-te hello
    #
    interface GigabitEthernet0/1/2
     undo shutdown
     ip address 172.16.4.1 255.255.255.0
     mpls
     mpls te
     mpls rsvp-te
     mpls rsvp-te hello
    #
    interface GigabitEthernet0/1/3
     undo shutdown
    #
    interface GigabitEthernet0/1/3.10
     vlan-type dot1q 10
     mpls l2vc 2.2.2.2 100 tunnel-policy policy1 control-word
     mpls l2vc 3.3.3.3 200 tunnel-policy policy1 secondary control-word
     mpls l2vpn redundancy independent
     mpls l2vpn stream-dual-receiving
    #
    interface LoopBack0
     ip address 1.1.1.1 255.255.255.255
    #
    interface Tunnel11
     ip address unnumbered interface LoopBack0
     tunnel-protocol mpls te
     destination 2.2.2.2
     mpls te tunnel-id 100
     mpls te record-route
     mpls te signal-protocol rsvp-te
     mpls te path explicit-path to_asg1
     mpls te backup hot-standby wtr 15
     mpls te reserved-for-binding
    #
    interface Tunnel12
     ip address unnumbered interface LoopBack0
     tunnel-protocol mpls te
     destination 3.3.3.3
     mpls te tunnel-id 200
     mpls te record-route
     mpls te signal-protocol rsvp-te
     mpls te path explicit-path to_asg2
     mpls te backup hot-standby wtr 15
     mpls te reserved-for-binding
    #
    ospf 100
     opaque-capability enable
     graceful-restart
     area 0.0.0.0
      network 1.1.1.1 0.0.0.0
      network 172.16.1.0 0.0.0.255
      network 172.16.4.0 0.0.0.255
      mpls-te enable
    #
    tunnel-policy policy1
     tunnel binding destination 2.2.2.2 te Tunnel11
     tunnel binding destination 3.3.3.3 te Tunnel12
    #
    bfd master bind pw interface GigabitEthernet0/1/3.10 remote-peer 2.2.2.2 pw-ttl auto-calculate
     discriminator local 2
     discriminator remote 2
     commit
    #
    return 
  • Configuration file of ASG1

    #
     sysname ASG1
    #
    ip vpn-instance vpna
     ipv4-family
      route-distinguisher 1:1
      vpn frr
      vpn-target 1:1 export-extcommunity
      vpn-target 1:1 import-extcommunity
    #
     bfd
    #
     mpls lsr-id 2.2.2.2
     mpls
      mpls te
      mpls rsvp-te
      mpls rsvp-te hello
      mpls te cspf
    #
     mpls l2vpn
    #
     explicit-path to_csg
      next hop 172.16.1.1
      next hop 1.1.1.1
    #
    mpls ldp
     graceful-restart
    #
     mpls ldp remote-peer 1.1.1.1
     remote-ip 1.1.1.1
    #
    interface GigabitEthernet0/1/0
     undo shutdown
     ip address 172.16.2.2 255.255.255.0
     vrrp vrid 20 virtual-ip 172.16.2.3
     admin-vrrp vrid 20 ignore-if-down
     vrrp vrid 20 priority 150
     mpls
     mpls ldp
    #
    interface GigabitEthernet0/1/1
     undo shutdown
     ip address 172.16.1.2 255.255.255.0
     mpls
     mpls te
     mpls rsvp-te
     mpls rsvp-te hello
    #
    interface GigabitEthernet0/1/3
     undo shutdown
     ip address 172.16.3.1 255.255.255.0
     mpls
     mpls ldp
    #
    interface GigabitEthernet0/1/4
     undo shutdown
     ip address 172.16.8.1 255.255.255.0
     mpls
     mpls ldp
    #
    interface Virtual-Ethernet0/1/0
     ve-group 1 l2-terminate
    #
    interface Virtual-Ethernet0/1/0.1
     mpls l2vc 1.1.1.1 100 tunnel-policy policy1
     mpls l2vc track admin-vrrp interface GigabitEthernet0/1/0 vrid 20 pw-redundancy
     mpls l2vc 3.3.3.3 300 bypass
     mpls l2vc bypass track admin-vc interface LoopBack1
    #
    interface Virtual-Ethernet0/1/1
     ve-group 1 l3-access
    #
    interface Virtual-Ethernet0/1/1.1
     vlan-type dot1q 10
     ip binding vpn-instance vpna
     ip address 120.0.0.2 255.255.255.0
     vrrp vrid 10 virtual-ip 120.0.0.3
     vrrp vrid 10 track admin-vrrp interface GigabitEthernet0/1/0 vrid 20 
    #
    interface LoopBack0
     ip address 2.2.2.2 255.255.255.255
    #
    interface LoopBack1
     mpls l2vc 3.3.3.3 400 control-word admin
    #
    interface Tunnel11
     ip address unnumbered interface LoopBack0
     tunnel-protocol mpls te
     destination 1.1.1.1
     mpls te tunnel-id 100
     mpls te record-route
     mpls te signal-protocol rsvp-te
     mpls te path explicit-path to_csg
     mpls te backup hot-standby wtr 15
     mpls te reserved-for-binding
    #
    bgp 100
     graceful-restart
     peer 3.3.3.3 as-number 100
     peer 3.3.3.3 connect-interface LoopBack0
     peer 4.4.4.4 as-number 100
     peer 4.4.4.4 connect-interface LoopBack0
     peer 5.5.5.5 as-number 100
     peer 5.5.5.5 connect-interface LoopBack0
     #
     ipv4-family unicast
      undo synchronization
      peer 3.3.3.3 enable
      peer 4.4.4.4 enable
      peer 5.5.5.5 enable
     #
     ipv4-family vpnv4
      policy vpn-target
      peer 3.3.3.3 enable
      peer 4.4.4.4 enable
      peer 5.5.5.5 enable
     #
     ipv4-family vpn-instance vpna
      import-route direct
    #
    ospf 100
     opaque-capability enable
     graceful-restart
     area 0.0.0.0
      network 2.2.2.2 0.0.0.0
      network 172.16.1.0 0.0.0.255
      network 172.16.3.0 0.0.0.255
      network 172.16.2.0 0.0.0.255
      network 172.16.8.0 0.0.0.255
      mpls-te enable
    #
    tunnel-policy policy1
     tunnel binding destination 1.1.1.1 te Tunnel11
    #
    bfd bypass bind pw interface LoopBack1
     discriminator local 2
     discriminator remote 2
     commit
    #
    return 
  • Configuration file of ASG2

    #
     sysname ASG2
    #
    ip vpn-instance vpna
     ipv4-family
      route-distinguisher 1:1
      vpn frr
      vpn-target 1:1 export-extcommunity
      vpn-target 1:1 import-extcommunity
    #
     bfd
    #
     mpls lsr-id 3.3.3.3
     mpls
      mpls te
      mpls rsvp-te
      mpls rsvp-te hello
      mpls te cspf
    #
     mpls l2vpn
    #
     explicit-path to_csg
      next hop 172.16.4.1
      next hop 1.1.1.1
    #
    mpls ldp
     graceful-restart
    #
     mpls ldp remote-peer 1.1.1.1
     remote-ip 1.1.1.1
    #
    interface GigabitEthernet0/1/0
     undo shutdown
     ip address 172.16.2.1 255.255.255.0
     vrrp vrid 20 virtual-ip 172.16.2.3
     admin-vrrp vrid 20 ignore-if-down
     mpls
     mpls ldp
    #
    interface GigabitEthernet0/1/1
     undo shutdown
    #
    interface GigabitEthernet0/1/2
     undo shutdown
     ip address 172.16.4.2 255.255.255.0
     mpls
     mpls te
     mpls rsvp-te
    #
    interface GigabitEthernet0/1/3
     undo shutdown
     ip address 172.16.6.1 255.255.255.0
     mpls
     mpls ldp
    #
    interface GigabitEthernet0/1/4
     undo shutdown
     ip address 172.16.7.1 255.255.255.0
     mpls
     mpls ldp
    #
    interface Virtual-Ethernet0/1/0
     ve-group 1 l2-terminate
    #
    interface Virtual-Ethernet0/1/0.1
     mpls l2vc 1.1.1.1 200 tunnel-policy policy1
     mpls l2vc track admin-vrrp interface GigabitEthernet0/1/0 vrid 20 pw-redundancy
     mpls l2vc 2.2.2.2 300 bypass
     mpls l2vc bypass track admin-vc interface LoopBack1
    #
    interface Virtual-Ethernet0/1/1
     ve-group 1 l3-access
    #
    interface Virtual-Ethernet0/1/1.1
     vlan-type dot1q 10
     ip binding vpn-instance vpna
     ip address 120.0.0.4 255.255.255.0
     vrrp vrid 10 virtual-ip 120.0.0.3
     vrrp vrid 10 track admin-vrrp interface GigabitEthernet0/1/0 vrid 20 
    #
    interface LoopBack0
     ip address 3.3.3.3 255.255.255.255
    #
    interface LoopBack1
     mpls l2vc 2.2.2.2 400 control-word admin
    #
    interface Tunnel12
     ip address unnumbered interface LoopBack0
     tunnel-protocol mpls te
     destination 1.1.1.1
     mpls te tunnel-id 200
     mpls te record-route
     mpls te signal-protocol rsvp-te
     mpls te path explicit-path to_csg
     mpls te backup hot-standby wtr 15
     mpls te reserved-for-binding
    #
    bgp 100
     graceful-restart
     peer 2.2.2.2 as-number 100
     peer 2.2.2.2 connect-interface LoopBack0
     peer 4.4.4.4 as-number 100
     peer 4.4.4.4 connect-interface LoopBack0
     peer 5.5.5.5 as-number 100
     peer 5.5.5.5 connect-interface LoopBack0
     #
     ipv4-family unicast
      undo synchronization
      peer 2.2.2.2 enable
      peer 4.4.4.4 enable
      peer 5.5.5.5 enable
     #
     ipv4-family vpnv4
      policy vpn-target
      peer 2.2.2.2 enable
      peer 4.4.4.4 enable
      peer 5.5.5.5 enable
     #
     ipv4-family vpn-instance vpna
      import-route direct
    #
    ospf 100
     opaque-capability enable
     graceful-restart
     area 0.0.0.0
      network 3.3.3.3 0.0.0.0
      network 172.16.2.0 0.0.0.255
      network 172.16.7.0 0.0.0.255
      network 172.16.4.0 0.0.0.255
      network 172.16.6.0 0.0.0.255
      mpls-te enable
    #
    tunnel-policy policy1
     tunnel binding destination 1.1.1.1 te Tunnel12
    #
    tunnel-policy policy1
     tunnel binding destination 1.1.1.1 te Tunnel12
    #
    bfd bypass bind pw interface LoopBack1
     discriminator local 2
     discriminator remote 2
     commit
    #
    return  
  • Configuration file of RSG1

    #
     sysname RSG1
    #
     vlan batch 10
    #
    ip vpn-instance vpna
     ipv4-family
      route-distinguisher 1:1
      vpn frr
      vpn-target 1:1 export-extcommunity
      vpn-target 1:1 import-extcommunity
    #
     mpls lsr-id 4.4.4.4
    #
     mpls l2vpn
    #
    mpls ldp
     graceful-restart
    #
    interface Vlanif10
     ip binding vpn-instance vpna
     ip address 120.0.1.1 255.255.255.0
     vrrp vrid 1 virtual-ip 120.0.1.3
     vrrp vrid 1 priority 150
    #
    interface GigabitEthernet0/1/0
     portswitch
     undo shutdown
     port link-type trunk
     port trunk allow-pass vlan 10
    #
    interface GigabitEthernet0/1/1
     undo shutdown
     ip address 172.16.3.2 255.255.255.0
     mpls
     mpls ldp
    #
    interface GigabitEthernet0/1/2
     undo shutdown
     ip address 172.16.7.2 255.255.255.0
     mpls
     mpls ldp
    #
    interface GigabitEthernet0/1/3
     portswitch
     undo shutdown
     port link-type trunk
     port trunk allow-pass vlan 10
    #
    interface LoopBack0
     ip address 4.4.4.4 255.255.255.255
    #
    bgp 100
     graceful-restart
     peer 2.2.2.2 as-number 100
     peer 2.2.2.2 connect-interface LoopBack0
     peer 3.3.3.3 as-number 100
     peer 3.3.3.3 connect-interface LoopBack0
     peer 5.5.5.5 as-number 100
     peer 5.5.5.5 connect-interface LoopBack0
     #
     ipv4-family unicast
      undo synchronization
      peer 2.2.2.2 enable
      peer 3.3.3.3 enable
      peer 5.5.5.5 enable
     #
     ipv4-family vpnv4
      policy vpn-target
      peer 2.2.2.2 enable
      peer 3.3.3.3 enable
      peer 5.5.5.5 enable
     #
     ipv4-family vpn-instance vpna
      import-route direct
    #
    ospf 100
     opaque-capability enable
     graceful-restart
     area 0.0.0.0
      network 4.4.4.4 0.0.0.0
      network 172.16.3.0 0.0.0.255
      network 172.16.7.0 0.0.0.255
      mpls-te enable
    #
    return 
  • Configuration file of RSG2

    #
     sysname RSG2
    #
     vlan batch 10
    #
    ip vpn-instance vpna
     ipv4-family
      route-distinguisher 11
      vpn frr
      vpn-target 11 export-extcommunity
      vpn-target 11 import-extcommunity
    #
     mpls lsr-id 5.5.5.5
    #
     mpls l2vpn
    #
    mpls ldp
     graceful-restart
    #
    interface Vlanif10
     ip binding vpn-instance vpna
     ip address 120.0.1.2 255.255.255.0
     vrrp vrid 1 virtual-ip 120.0.1.3
    #
    interface GigabitEthernet0/1/0
     portswitch
     undo shutdown
     port link-type trunk
     port trunk allow-pass vlan 10
    #
    interface GigabitEthernet0/1/1
     undo shutdown
     ip address 172.16.6.2 255.255.255.0
     mpls
     mpls ldp
    #
    interface GigabitEthernet0/1/2
     undo shutdown
     ip address 172.16.8.2 255.255.255.0
     mpls
     mpls ldp
    #
    interface GigabitEthernet0/1/3
     portswitch
     undo shutdown
     port link-type trunk
     port trunk allow-pass vlan 10
    #
    interface LoopBack0
     ip address 5.5.5.5 255.255.255.255
    #
    bgp 100
     graceful-restart
     peer 2.2.2.2 as-number 100
     peer 2.2.2.2 connect-interface LoopBack0
     peer 3.3.3.3 as-number 100
     peer 3.3.3.3 connect-interface LoopBack0
     peer 4.4.4.4 as-number 100
     peer 4.4.4.4 connect-interface LoopBack0
     #
     ipv4-family unicast
      undo synchronization
      peer 2.2.2.2 enable
      peer 3.3.3.3 enable
      peer 4.4.4.4 enable
     #
     ipv4-family vpnv4
      policy vpn-target
      peer 2.2.2.2 enable
      peer 3.3.3.3 enable
      peer 4.4.4.4 enable
     #
     ipv4-family vpn-instance vpna
      import-route direct
    #
    ospf 100
     opaque-capability enable
     graceful-restart
     area 0.0.0.0
      network 5.5.5.5 0.0.0.0
      network 172.16.8.0 0.0.0.255
      network 172.16.6.0 0.0.0.255
      mpls-te enable
    #
    return  
Translation
Download
Updated: 2019-01-14

Document ID: EDOC1100058925

Views: 36769

Downloads: 61

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next