No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - VPN
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring BGP VPLS

Example for Configuring BGP VPLS

BGP VPLS applies to scenarios where PEs can use BGP as the VPLS signaling.

Networking Requirements

On the network shown in Figure 9-21, CE1 and CE2 connect to PE1 and PE2, respectively.

A BGP VPLS network needs to be deployed between PE1 and PE2 for CE1 and CE2 to communicate.

Figure 9-21 Configuring BGP VPLS
NOTE:
  • In this example, Interface 1, Subinterface 1.1, Interface 2, and Subinterface 2.1 stand for GE 0/1/0, GE 0/1/0.1, GE 0/2/0, and GE 0/2/0.1, respectively.



Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure an IGP and basic MPLS functions on the backbone network.

  2. Establish an LSP between PEs.

  3. Enable MPLS L2VPN on PEs.

  4. Configure PEs to exchange VPLS information as BGP peers.

  5. Create a VSI on each PE and specify the BGP signaling, RD, VPN target, and site ID.

  6. Bind AC interfaces to VSIs.

Data Preparation

To complete the configuration, you need the following data:

  • Peer IP addresses

  • VSI names on PE1 and PE2

  • BGP AS numbers on PE1 and PE2

  • VPLS signaling protocol

  • RDs, VPN targets, and site IDs of VSIs

  • Names and VLAN IDs of the AC interfaces to be bound to VSIs

Procedure

  1. Assign an IP address to each device interface on the backbone network.

    # Configure PE1.

    <HUAWEI> system-view
    [~HUAWEI] sysname PE1
    [*HUAWEI] commit
    [~PE1] interface loopback1
    [*PE1-Loopback1] ip address 1.1.1.9 32
    [*PE1-Loopback1] quit
    [*PE1] interface gigabitethernet 0/1/0.1
    [*PE1-GigabitEthernet0/1/0.1] undo shutdown
    [*PE1-GigabitEthernet0/1/0.1] quit
    [*PE1] interface gigabitethernet 0/2/0
    [*PE1-GigabitEthernet0/2/0] ip address 192.168.1.1 24
    [*PE1-GigabitEthernet0/2/0] quit
    [*PE1] commit

    # Configure the P.

    <HUAWEI> system-view
    [~HUAWEI] sysname P
    [*HUAWEI] commit
    [~P] interface loopback1
    [*P-Loopback1] ip address 2.2.2.9 32
    [*P-Loopback1] quit
    [*P] interface gigabitethernet 0/1/0
    [*P-GigabitEthernet0/1/0] ip address 192.168.1.2 24
    [*P-GigabitEthernet0/1/0] quit
    [*P] interface gigabitethernet 0/2/0
    [*P-GigabitEthernet0/2/0] ip address 192.168.10.1 24
    [*P-GigabitEthernet0/2/0] quit
    [*P] commit

    # Configure PE2.

    <HUAWEI> system-view
    [~HUAWEI] sysname PE2
    [*HUAWEI] commit
    [~PE2] interface loopback1
    [*PE2-Loopback1] ip address 3.3.3.9 32
    [*PE2-Loopback1] quit
    [*PE2] interface gigabitethernet 0/1/0
    [*PE2-GigabitEthernet0/1/0] 192.168.10.2 24
    [*PE2-GigabitEthernet0/1/0] quit
    [*PE2] interface gigabitethernet 0/2/0.1
    [*PE2-GigabitEthernet0/2/0.1] undo shutdown
    [*PE2-GigabitEthernet0/2/0.1] quit
    [*PE2] commit

  2. Configure an IGP. In this example, OSPF is used.

    # Configure PE1.

    [~PE1] ospf 1
    [*PE1-ospf-1] area 0.0.0.0
    [*PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0
    [*PE1-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
    [*PE1-ospf-1-area-0.0.0.0] quit
    [*PE1-ospf-1] quit
    [*PE1] commit

    # Configure the P.

    [~P] ospf 1
    [*P-ospf-1] area 0.0.0.0
    [*P-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0
    [*P-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
    [*P-ospf-1-area-0.0.0.0] network 192.168.10.0 0.0.0.255
    [*P-ospf-1-area-0.0.0.0] quit
    [*P-ospf-1] quit
    [*P] commit

    # Configure PE2.

    [~PE2] ospf 1
    [*PE2-ospf-1] area 0.0.0.0
    [*PE2-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0
    [*PE2-ospf-1-area-0.0.0.0] network 192.168.10.0 0.0.0.255
    [*PE2-ospf-1-area-0.0.0.0] quit
    [*PE2-ospf-1] quit
    [*PE2] commit

  3. Configure basic MPLS functions and establish an LSP between PEs.

    # Configure PE1.

    [~PE1] mpls lsr-id 1.1.1.9
    [*PE1] mpls
    [*PE1-mpls] quit
    [*PE1] mpls ldp
    [*PE1-mpls-ldp] quit
    [*PE1] interface gigabitethernet 0/2/0
    [*PE1-GigabitEthernet0/2/0] mpls
    [*PE1-GigabitEthernet0/2/0] mpls ldp
    [*PE1-GigabitEthernet0/2/0] quit
    [*PE1] commit

    # Configure the P.

    [~P] mpls lsr-id 2.2.2.9
    [*P] mpls
    [*P-mpls] quit
    [*P] mpls ldp
    [*P-mpls-ldp] quit
    [*P] interface gigabitethernet 0/1/0
    [*P-GigabitEthernet0/1/0] mpls
    [*P-GigabitEthernet0/1/0] mpls ldp
    [*P-GigabitEthernet0/1/0] quit
    [*P] interface gigabitethernet 0/2/0
    [*P-GigabitEthernet0/2/0] mpls
    [*P-GigabitEthernet0/2/0] mpls ldp
    [*P-GigabitEthernet0/2/0] quit
    [*P] commit

    # Configure PE2.

    [~PE2] mpls lsr-id 3.3.3.9
    [*PE2] mpls
    [*PE2-mpls] quit
    [*PE2] mpls ldp
    [*PE2-mpls-ldp] quit
    [*PE2] interface gigabitethernet 0/2/0
    [*PE2-GigabitEthernet0/1/0] mpls
    [*PE2-GigabitEthernet0/1/0] mpls ldp
    [*PE2-GigabitEthernet0/1/0] quit
    [*PE2] commit

  4. Configure PEs to exchange VPLS information as BGP peers.

    # Configure PE1.

    [~PE1] bgp 100
    [*PE1-bgp] peer 3.3.3.9 as-number 100
    [*PE1-bgp] peer 3.3.3.9 connect-interface loopback1
    [*PE1-bgp] l2vpn-ad-family
    [*PE1-bgp-af-l2vpn-ad] peer 3.3.3.9 enable
    [*PE1-bgp-af-l2vpn-ad] peer 3.3.3.9 signaling vpls
    [*PE1-bgp-af-l2vpn-ad] quit
    [*PE1-bgp] quit
    [*PE1] commit

    # Configure PE2.

    [~PE2] bgp 100
    [*PE2-bgp] peer 1.1.1.9 as-number 100
    [*PE2-bgp] peer 1.1.1.9 connect-interface loopback1
    [*PE2-bgp] l2vpn-ad-family
    [*PE2-bgp-af-l2vpn-ad] peer 1.1.1.9 enable
    [*PE2-bgp-af-l2vpn-ad] peer 1.1.1.9 signaling vpls
    [*PE2-bgp-af-l2vpn-ad] quit
    [*PE2-bgp] quit
    [*PE2] commit

  5. Enable MPLS L2VPN on PEs.

    # Configure PE1.

    [~PE1] mpls l2vpn
    [*PE1-l2vpn] quit
    [*PE1] commit

    # Configure PE2.

    [~PE2] mpls l2vpn
    [*PE2-l2vpn] quit
    [*PE2] commit

  6. Configure a VSI on each PE.

    NOTE:

    The site IDs on both ends of a VPLS PW must be different.

    # Configure PE1.

    [~PE1] vsi bgp1
    [*PE1-vsi-bgp1] pwsignal bgp
    [*PE1-vsi-bgp1-bgp] route-distinguisher 192.168.1.1:1
    [*PE1-vsi-bgp1-bgp] vpn-target 100:1 import-extcommunity
    [*PE1-vsi-bgp1-bgp] vpn-target 100:1 export-extcommunity
    [*PE1-vsi-bgp1-bgp] site 1 range 5 default-offset 0
    [*PE1-vsi-bgp1-bgp] quit
    [*PE1-vsi-bgp1] quit
    [*PE1] commit

    # Configure PE2.

    [~PE2] vsi bgp1
    [*PE2-vsi-bgp1] pwsignal bgp
    [*PE2-vsi-bgp1-bgp] route-distinguisher 192.168.10.2:1
    [*PE2-vsi-bgp1-bgp] vpn-target 100:1 import-extcommunity
    [*PE2-vsi-bgp1-bgp] vpn-target 100:1 export-extcommunity
    [*PE2-vsi-bgp1-bgp] site 2 range 5 default-offset 0
    [*PE2-vsi-bgp1-bgp] quit
    [*PE2-vsi-bgp1] quit
    [*PE2] commit

  7. On each PE, create a sub-interface, configure the sub-interface to permit packets from VLAN 10, and bind the sub-interface to the local VSI.

    # Configure PE1.

    [~PE1] interface gigabitethernet0/1/0.1
    [*PE1-GigabitEthernet0/1/0.1] shutdown
    [*PE1-GigabitEthernet0/1/0.1] vlan-type dot1q 10
    [*PE1-GigabitEthernet0/1/0.1] l2 binding vsi bgp1
    [*PE1-GigabitEthernet0/1/0.1] undo shutdown
    [*PE1-GigabitEthernet0/1/0.1] quit
    [*PE1] commit

    # Configure PE2.

    [~PE2] interface gigabitethernet0/2/0.1
    [*PE2-GigabitEthernet0/2/0.1] shutdown
    [*PE2-GigabitEthernet0/2/0.1] vlan-type dot1q 10
    [*PE2-GigabitEthernet0/2/0.1] l2 binding vsi bgp1
    [*PE2-GigabitEthernet0/2/0.1] undo shutdown
    [*PE2-GigabitEthernet0/2/0.1] quit
    [*PE2] commit

  8. Configure CEs.

    # Configure CE1.

    <HUAWEI> system-view
    [~HUAWEI] sysname CE1
    [*HUAWEI] commit
    [~CE1] interface gigabitethernet0/1/0.1
    [*CE1-GigabitEthernet0/1/0.1] shutdown
    [*CE1-GigabitEthernet0/1/0.1] vlan-type dot1q 10
    [*CE1-GigabitEthernet0/1/0.1] ip address 10.1.1.1 255.255.255.0
    [*CE1-GigabitEthernet0/1/0.1] undo shutdown
    [*CE1-GigabitEthernet0/1/0.1] quit
    [*CE1] commit

    # Configure CE2.

    <HUAWEI> system-view
    [~HUAWEI] sysname CE2
    [*HUAWEI] commit
    [~CE2] interface gigabitethernet0/1/0.1
    [*CE2-GigabitEthernet0/1/0.1] shutdown
    [*CE2-GigabitEthernet0/1/0.1] vlan-type dot1q 10
    [*CE2-GigabitEthernet0/1/0.1] ip address 10.1.1.2 255.255.255.0
    [*CE2-GigabitEthernet0/1/0.1] undo shutdown
    [*CE2-GigabitEthernet0/1/0.1] quit
    [*CE2] commit

  9. Verify the configuration.

    After completing the configurations, run the display vsi name bgp1 verbose command on PE1. The command output shows that VSI bgp1 has established a PW with PE2, and VSI State is up.

    [~PE1] display vsi name bgp1 verbose
     ***VSI Name               : bgp1
        Administrator VSI      : no
        Isolate Spoken         : disable
        VSI Index              : 0
        PW Signaling           : bgp
        Member Discovery Style : auto
        PW MAC Learn Style     : unqualify
        Encapsulation Type     : vlan
        MTU                    : 1500
        Diffserv Mode          : uniform
        Service Class          : --
        Color                  : --
        DomainId               : 255
        Domain Name            :
        Ignore AcState         : disable
        Create Time            : 0 days, 0 hours, 6 minutes, 52 seconds
        VSI State              : up
        Resource Status        : Valid
    
        BGP RD                 : 192.168.1.1:1
        SiteID/Range/Offset    : 1/5/0
        Import vpn target      : 100:1
        Export vpn target      : 100:1
        Remote Label Block     : 25600/5/0
        Local Label Block      : 0/25600/5/0
    
        Interface Name         : GigabitEthernet0/1/0.1
        State                  : up
        Access Port            : false
        Last Up Time           : 2013/01/17 10:29:49
        Total Up Time          : 0 days, 0 hours, 18 minutes, 20 seconds
    
       **PW Information:
    
       *Peer Ip Address        : 3.3.3.9
        PW State               : up
        Local VC Label         : 25602
        Remote VC Label        : 25601
        PW Type                : label
        Tunnel ID              : 0x800006
        Broadcast Tunnel ID    : 0x800006
        Broad BackupTunnel ID  : 0x0
        Ckey                   : 0x2
        Nkey                   : 0x1
        Main PW Token          : 0x800006
        Slave PW Token         : 0x0
        Tnl Type               : LSP
        OutInterface           : GigabitEthernet0/2/0
        Backup OutInterface    :
        Stp Enable             : 0
        Mac Flapping           : 0   
        PW Last Up Time        : 2013/01/17 10:31:05
        PW Total Up Time       : 0 days, 0 hours, 17 minutes, 4 seconds

    CE1 and CE2 can ping each other. The following example uses the command output on CE2.

    [~CE1] ping 10.1.1.2
      PING 10.1.1.2: 56  data bytes, press CTRL_C to break
        Reply from 10.1.1.2: bytes=56 Sequence=1 ttl=255 time=90 ms
        Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=77 ms
        Reply from 10.1.1.2: bytes=56 Sequence=3 ttl=255 time=34 ms
        Reply from 10.1.1.2: bytes=56 Sequence=4 ttl=255 time=46 ms
        Reply from 10.1.1.2: bytes=56 Sequence=5 ttl=255 time=94 ms
      --- 10.1.1.2 ping statistics ---
        5 packet(s) transmitted
        5 packet(s) received
        0.00% packet loss
        round-trip min/avg/max = 34/68/94 ms 

Configuration Files

  • CE1 configuration file

    #
    sysname CE1
    #
    interface GigabitEthernet0/1/0.1
     undo shutdown
     vlan-type dot1q 10
     ip address 10.1.1.1 255.255.255.0
    #
    return
  • CE2 configuration file

    #
    sysname CE2
    #
    interface GigabitEthernet0/1/0.1
     undo shutdown
     vlan-type dot1q 10
     ip address 10.1.1.2 255.255.255.0
    #
    return
  • PE1 configuration file

    #
    sysname PE1
    #
    mpls lsr-id 1.1.1.9
    mpls
    #
    mpls l2vpn
    #
    vsi bgp1
     pwsignal bgp
      route-distinguisher 192.168.1.1:1
      vpn-target 100:1 import-extcommunity
      vpn-target 100:1 export-extcommunity
      site 1 range 5 default-offset 0
    #
    mpls ldp
    #
    interface GigabitEthernet0/1/0.1
     undo shutdown
     vlan-type dot1q 10
     l2 binding vsi bgp1
    #
    interface GigabitEthernet0/2/0
     undo shutdown
     ip address 192.168.1.1 255.255.255.0
     mpls
     mpls ldp
    #
    interface LoopBack1
     ip address 1.1.1.9 255.255.255.255
    #
    bgp 100
     peer 3.3.3.9 as-number 100
     peer 3.3.3.9 connect-interface LoopBack1
     l2vpn-ad-family
      policy vpn-target
      peer 3.3.3.9 enable
      peer 3.3.3.9 signaling vpls
    #
    ospf 1
     area 0.0.0.0
      network 1.1.1.9 0.0.0.0
      network 192.168.0.0 0.0.0.255
    #
    return
  • P configuration file

    #
    sysname P
    #
    mpls lsr-id 2.2.2.9
    mpls
    #
    mpls ldp
    #
    interface GigabitEthernet0/1/0
     undo shutdown
     ip address 192.168.1.2 255.255.255.0
     mpls
     mpls ldp
    #
    interface GigabitEthernet0/2/0
     undo shutdown
     ip address 192.168.10.1 255.255.255.0
     mpls
     mpls ldp
    #
    interface LoopBack1
     ip address 2.2.2.9 255.255.255.255
    #
    ospf 1
     area 0.0.0.0
      network 192.168.1.0 0.0.0.255
      network 192.168.10.0 0.0.0.255
      network 2.2.2.9 0.0.0.0
    #
    return
  • PE2 configuration file

    #
    sysname PE2
    #
    mpls lsr-id 3.3.3.9
    mpls
    #
    mpls l2vpn
    #
    vsi bgp1
     pwsignal bgp
      route-distinguisher 192.168.10.2:1
      vpn-target 100:1 import-extcommunity
      vpn-target 100:1 export-extcommunity
      site 2 range 5 default-offset 0
    #
    mpls ldp
    #
    interface GigabitEthernet0/1/0
     undo shutdown
     ip address 192.168.10.2 255.255.255.0
     mpls
     mpls ldp
    #
    interface GigabitEthernet0/2/0.1
     undo shutdown
     vlan-type dot1q 10
     l2 binding vsi bgp1
    #
    interface LoopBack1
     ip address 3.3.3.9 255.255.255.255
    #
    bgp 100
     peer 1.1.1.9 as-number 100
     peer 1.1.1.9 connect-interface LoopBack1
     l2vpn-ad-family
      policy vpn-target
      peer 1.1.1.9 enable
      peer 1.1.1.9 signaling vpls
    #
    ospf 1
     area 0.0.0.0
      network 3.3.3.9 0.0.0.0
      network 192.168.10.0 0.0.0.255
    #
    return
Translation
Download
Updated: 2019-01-14

Document ID: EDOC1100058925

Views: 27968

Downloads: 53

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next