Configuration Examples for SR-MPLS BE
This section provides SR-MPLS BE configuration examples, including the networking requirements, configuration roadmap, configuration procedure, and configuration files.
This section only provides configuration examples for individual features. For details about multi-feature configuration examples, feature-specific configuration examples, interoperation examples, protocol or hardware replacement examples, and industry application examples, see the Typical Configuration Examples.
Example for Configuring an SR-MPLS BE Tunnel
Networking Requirements
In Figure 5-37, devices run IS-IS. Segment routing is used and enables each device to advertise the SR capability and supported SRGB. In addition, the advertising end advertises a prefix SID offset within the SRGB range. The receive end computes an effective label value to generate a forwarding entry.
Configuration Roadmap
The configuration roadmap is as follows:
Configure an IP address for each interface, and configure IS-IS on each node to ensure there are reachable routes between them.
Configure MPLS and segment routing on the backbone network and establish SR LSPs.
Procedure
- Configure IP addresses for interfaces.
# Configure PE1.
<HUAWEI> system-view [~HUAWEI] sysname PE1 [*HUAWEI] commit [~PE1] interface loopback 1 [*PE1-LoopBack1] ip address 1.1.1.9 32 [*PE1-LoopBack1] quit [*PE1] interface 10ge 1/0/1 [*PE1-10GE1/0/1] undo portswitch [*PE1-10GE1/0/1] ip address 172.1.1.1 24 [*PE1-10GE1/0/1] quit [*PE1] commit
# Configure P1.
<HUAWEI> system-view [~HUAWEI] sysname P1 [*HUAWEI] commit [~P1] interface loopback 1 [*P1-LoopBack1] ip address 2.2.2.9 32 [*P1-LoopBack1] quit [*P1] interface 10ge 1/0/1 [*P1-10GE1/0/1] undo portswitch [*P1-10GE1/0/1] ip address 172.1.1.2 24 [*P1-10GE1/0/1] quit [*P1] interface 10ge 1/0/2 [*P1-10GE1/0/2] undo portswitch [*P1-10GE1/0/2] ip address 172.2.1.1 24 [*P1-10GE1/0/2] quit [*P1] commit
# Configure PE2.
<HUAWEI> system-view [~HUAWEI] sysname PE2 [*HUAWEI] commit [~PE2] interface loopback 1 [*PE2-LoopBack1] ip address 3.3.3.9 32 [*PE2-LoopBack1] quit [*PE2] interface 10ge 1/0/1 [*PE2-10GE1/0/1] undo portswitch [*PE2-10GE1/0/1] ip address 172.2.1.2 24 [*PE2-10GE1/0/1] quit [*PE2] commit
- Configure an IGP protocol on the MPLS backbone network to implement connectivity between the PEs and P1. IS-IS is used as an IGP protocol in this example.
# Configure PE1.
[~PE1] isis 1 [*PE1-isis-1] is-level level-1 [*PE1-isis-1] network-entity 10.0000.0000.0001.00 [*PE1-isis-1] quit [*PE1] commit [~PE1] interface loopback 1 [~PE1-LoopBack1] isis enable 1 [*PE1-LoopBack1] quit [*PE1] interface 10ge 1/0/1 [*PE1-10GE1/0/1] isis enable 1 [*PE1-10GE1/0/1] quit [*PE1] commit
# Configure P1.
[~P1] isis 1 [*P1-isis-1] is-level level-1 [*P1-isis-1] network-entity 10.0000.0000.0002.00 [*P1-isis-1] quit [*P1] commit [~P1] interface loopback 1 [~P1-LoopBack1] isis enable 1 [*P1-LoopBack1] quit [*P1] interface 10ge 1/0/1 [*P1-10GE1/0/1] isis enable 1 [*P1-10GE1/0/1] quit [*P1] interface 10ge 1/0/2 [*P1-10GE1/0/2] isis enable 1 [*P1-10GE1/0/2] quit [*P1] commit
# Configure PE2.
[~PE2] isis 1 [*PE2-isis-1] is-level level-1 [*PE2-isis-1] network-entity 10.0000.0000.0003.00 [*PE2-isis-1] quit [*PE2] commit [~PE2] interface loopback 1 [~PE2-LoopBack1] isis enable 1 [*PE2-LoopBack1] quit [*PE2] interface 10ge 1/0/1 [*PE2-10GE1/0/1] isis enable 1 [*PE2-10GE1/0/1] quit [*PE2] commit
- Configure the basic MPLS functions on the backbone network.
# Configure PE1.
[~PE1] mpls lsr-id 1.1.1.9 [*PE1] mpls [*PE1-mpls] commit [~PE1-mpls] quit
# Configure P1.
[~P1] mpls lsr-id 2.2.2.9 [*P1] mpls [*P1-mpls] commit [~P1-mpls] quit
# Configure PE2.
[~PE2] mpls lsr-id 3.3.3.9 [*PE2] mpls [*PE2-mpls] commit [~PE2-mpls] quit
- Configure segment routing on the backbone network.
# Configure PE1.
[~PE1] segment-routing [*PE1-segment-routing] tunnel-prefer segment-routing [*PE1-segment-routing] quit [*PE1] commit [~PE1] isis 1 [~PE1-isis-1] cost-style wide [*PE1-isis-1] segment-routing mpls [*PE1-isis-1] segment-routing global-block 160000 161000 [*PE1-isis-1] quit
The SRGB value range varies according to a live network and the range the set as required. Here is an example only.
[*PE1] interface loopback 1 [*PE1-LoopBack1] isis prefix-sid index 10 [*PE1-LoopBack1] quit [*PE1] commit
# Configure P1.
[~P1] segment-routing [*P1-segment-routing] tunnel-prefer segment-routing [*P1-segment-routing] quit [*P1] commit [~P1] isis 1 [~P1-isis-1] cost-style wide [*P1-isis-1] segment-routing mpls [*P1-isis-1] segment-routing global-block 161001 162000 [*P1-isis-1] quit
The SRGB value range varies according to a live network and the range the set as required. Here is an example only.
[*P1] interface loopback 1 [*P1-LoopBack1] isis prefix-sid index 20 [*P1-LoopBack1] quit [*P1] commit
# Configure PE2.
[~PE2] segment-routing [*PE2-segment-routing] tunnel-prefer segment-routing [*PE2-segment-routing] quit [*PE2] commit [~PE2] isis 1 [~PE2-isis-1] cost-style wide [*PE2-isis-1] segment-routing mpls [*PE2-isis-1] segment-routing global-block 162001 163000 [*PE2-isis-1] quit
The SRGB value range varies according to a live network and the range the set as required. Here is an example only.
[*PE2] interface loopback 1 [*PE2-LoopBack1] isis prefix-sid index 30 [*PE2-LoopBack1] quit [*PE2] commit
After completing the configuration, run the display segment-routing prefix mpls forwarding command on PEs, and you can view that prefix label is in the Active state. In the following example, the command output on PE1 is used.
[~PE1] display segment-routing prefix mpls forwarding Segment Routing Prefix MPLS Forwarding Information -------------------------------------------------------------- Role : I-Ingress, T-Transit, E-Egress, I&T-Ingress And Transit Prefix Label OutLabel Interface NextHop Role MPLSMtu Mtu State -------------------------------------------------------------------------------------------------------------- 1.1.1.9/32 160010 NULL Loop1 127.0.0.1 E --- 1500 Active 2.2.2.9/32 160020 3 10GE1/0/1 172.1.1.2 I&T --- 1500 Active 3.3.3.9/32 160030 161031 10GE1/0/1 172.1.1.2 I&T --- 1500 Active Total information(s): 3
Configuration Files
PE1 configuration file
# sysname PE1 # mpls lsr-id 1.1.1.9 # mpls # segment-routing tunnel-prefer segment-routing # isis 1 is-level level-1 cost-style wide network-entity 10.0000.0000.0001.00 segment-routing mpls segment-routing global-block 160000 161000 # interface 10GE1/0/1 undo portswitch ip address 172.1.1.1 255.255.255.0 isis enable 1 # interface LoopBack1 ip address 1.1.1.9 255.255.255.255 isis enable 1 isis prefix-sid index 10 # return
P1 configuration file
# sysname P1 # mpls lsr-id 2.2.2.9 # mpls # segment-routing tunnel-prefer segment-routing # isis 1 is-level level-1 cost-style wide network-entity 10.0000.0000.0002.00 segment-routing mpls segment-routing global-block 161001 162000 # interface 10GE1/0/1 undo portswitch ip address 172.1.1.2 255.255.255.0 isis enable 1 # interface 10GE1/0/2 undo portswitch ip address 172.2.1.1 255.255.255.0 isis enable 1 # interface LoopBack1 ip address 2.2.2.9 255.255.255.255 isis enable 1 isis prefix-sid index 20 # return
PE2 configuration file
# sysname PE2 # mpls lsr-id 3.3.3.9 # mpls # segment-routing tunnel-prefer segment-routing # isis 1 is-level level-1 cost-style wide network-entity 10.0000.0000.0003.00 segment-routing mpls segment-routing global-block 162001 163000 # interface 10GE1/0/1 undo portswitch ip address 172.2.1.2 255.255.255.0 isis enable 1 # interface LoopBack1 ip address 3.3.3.9 255.255.255.255 isis enable 1 isis prefix-sid index 30 # return
Example for Configuring L3VPN Services Iterated to an SR-MPLS BE Tunnel
Networking Requirements
In Figure 5-38, CE1 and CE2 belong to vpna. L3VPN services are iterated to an SR-MPLS BE tunnel to allow users within the same VPN to securely access each other.
Configuration Roadmap
The configuration roadmap is as follows:
Configure an IP address for each interface, and configure IS-IS on each node to ensure there are reachable routes between them.
Configure MPLS and segment routing on the backbone network and establish SR LSPs.
Enable Multi-protocol Extensions for Interior Border Gateway Protocol (MP-IBGP) on PEs to exchange VPN routing information.
Configure VPN instances on the PEs and bind each interface that connects a PE to a CE to a VPN instance.
Configure External Border Gateway Protocol (EBGP) on the CEs and PEs to exchange VPN routing information.
Procedure
- Configure IP addresses for interfaces.
# Configure PE1.
<HUAWEI> system-view [~HUAWEI] sysname PE1 [*HUAWEI] commit [~PE1] interface loopback 1 [*PE1-LoopBack1] ip address 1.1.1.9 32 [*PE1-LoopBack1] quit [*PE1] interface 10ge 1/0/1 [*PE1-10GE1/0/1] undo portswitch [*PE1-10GE1/0/1] ip address 172.1.1.1 24 [*PE1-10GE1/0/1] quit [*PE1] commit
# Configure P1.
<HUAWEI> system-view [~HUAWEI] sysname P1 [*HUAWEI] commit [~P1] interface loopback 1 [*P1-LoopBack1] ip address 2.2.2.9 32 [*P1-LoopBack1] quit [*P1] interface 10ge 1/0/1 [*P1-10GE1/0/1] undo portswitch [*P1-10GE1/0/1] ip address 172.1.1.2 24 [*P1-10GE1/0/1] quit [*P1] interface 10ge 1/0/2 [*P1-10GE1/0/2] undo portswitch [*P1-10GE1/0/2] ip address 172.2.1.1 24 [*P1-10GE1/0/2] quit [*P1] commit
# Configure PE2.
<HUAWEI> system-view [~HUAWEI] sysname PE2 [*HUAWEI] commit [~PE2] interface loopback 1 [*PE2-LoopBack1] ip address 3.3.3.9 32 [*PE2-LoopBack1] quit [*PE2] interface 10ge 1/0/1 [*PE2-10GE1/0/1] undo portswitch [*PE2-10GE1/0/1] ip address 172.2.1.2 24 [*PE2-10GE1/0/1] quit [*PE2] commit
- Configure an IGP protocol on the MPLS backbone network to implement connectivity between the PEs and P1. IS-IS is used as an IGP protocol in this example.
# Configure PE1.
[~PE1] isis 1 [*PE1-isis-1] is-level level-1 [*PE1-isis-1] network-entity 10.0000.0000.0001.00 [*PE1-isis-1] quit [*PE1] commit [~PE1] interface loopback 1 [~PE1-LoopBack1] isis enable 1 [*PE1-LoopBack1] quit [*PE1] interface 10ge 1/0/1 [*PE1-10GE1/0/1] isis enable 1 [*PE1-10GE1/0/1] quit [*PE1] commit
# Configure P1.
[~P1] isis 1 [*P1-isis-1] is-level level-1 [*P1-isis-1] network-entity 10.0000.0000.0002.00 [*P1-isis-1] quit [*P1] commit [~P1] interface loopback 1 [~P1-LoopBack1] isis enable 1 [*P1-LoopBack1] quit [*P1] interface 10ge 1/0/1 [*P1-10GE1/0/1] isis enable 1 [*P1-10GE1/0/1] quit [*P1] interface 10ge 1/0/2 [*P1-10GE1/0/2] isis enable 1 [*P1-10GE1/0/2] quit [*P1] commit
# Configure PE2.
[~PE2] isis 1 [*PE2-isis-1] is-level level-1 [*PE2-isis-1] network-entity 10.0000.0000.0003.00 [*PE2-isis-1] quit [*PE2] commit [~PE2] interface loopback 1 [~PE2-LoopBack1] isis enable 1 [*PE2-LoopBack1] quit [*PE2] interface 10ge 1/0/1 [*PE2-10GE1/0/1] isis enable 1 [*PE2-10GE1/0/1] quit [*PE2] commit
- Configure the basic MPLS functions on the backbone network.
# Configure PE1.
[~PE1] mpls lsr-id 1.1.1.9 [*PE1] mpls [*PE1-mpls] commit [~PE1-mpls] quit
# Configure P1.
[~P1] mpls lsr-id 2.2.2.9 [*P1] mpls [*P1-mpls] commit [~P1-mpls] quit
# Configure PE2.
[~PE2] mpls lsr-id 3.3.3.9 [*PE2] mpls [*PE2-mpls] commit [~PE2-mpls] quit
- Configure segment routing on the backbone network.
# Configure PE1.
[~PE1] segment-routing [*PE1-segment-routing] tunnel-prefer segment-routing [*PE1-segment-routing] quit [*PE1] commit [~PE1] isis 1 [~PE1-isis-1] cost-style wide [*PE1-isis-1] segment-routing mpls [*PE1-isis-1] segment-routing global-block 160000 161000 [*PE1-isis-1] quit
The SRGB value range varies according to a live network and the range the set as required. Here is an example only.
[*PE1] interface loopback 1 [*PE1-LoopBack1] isis prefix-sid index 10 [*PE1-LoopBack1] quit [*PE1] commit
# Configure P1.
[~P1] segment-routing [*P1-segment-routing] tunnel-prefer segment-routing [*P1-segment-routing] quit [*P1] commit [~P1] isis 1 [~P1-isis-1] cost-style wide [*P1-isis-1] segment-routing mpls [*P1-isis-1] segment-routing global-block 161001 162000 [*P1-isis-1] quit
The SRGB value range varies according to a live network and the range the set as required. Here is an example only.
[*P1] interface loopback 1 [*P1-LoopBack1] isis prefix-sid index 20 [*P1-LoopBack1] quit [*P1] commit
# Configure PE2.
[~PE2] segment-routing [*PE2-segment-routing] tunnel-prefer segment-routing [*PE2-segment-routing] quit [*PE2] commit [~PE2] isis 1 [~PE2-isis-1] cost-style wide [*PE2-isis-1] segment-routing mpls [*PE2-isis-1] segment-routing global-block 162001 163000 [*PE2-isis-1] quit
The SRGB value range varies according to a live network and the range the set as required. Here is an example only.
[*PE2] interface loopback 1 [*PE2-LoopBack1] isis prefix-sid index 30 [*PE2-LoopBack1] quit [*PE2] commit
After completing the configuration, run the display segment-routing prefix mpls forwarding command on PEs, and you can view that prefix label is in the Active state. In the following example, the command output on PE1 is used.
[~PE1] display segment-routing prefix mpls forwarding Segment Routing Prefix MPLS Forwarding Information -------------------------------------------------------------- Role : I-Ingress, T-Transit, E-Egress, I&T-Ingress And Transit Prefix Label OutLabel Interface NextHop Role MPLSMtu Mtu State -------------------------------------------------------------------------------------------------------------- 1.1.1.9/32 160010 NULL Loop1 127.0.0.1 E --- 1500 Active 2.2.2.9/32 160020 3 10GE1/0/1 172.1.1.2 I&T --- 1500 Active 3.3.3.9/32 160030 161031 10GE1/0/1 172.1.1.2 I&T --- 1500 Active Total information(s): 3 - Set up an MP-IBGP peer relationship between PEs.
# Configure PE1.
[~PE1] bgp 100 [*PE1-bgp] peer 3.3.3.9 as-number 100 [*PE1-bgp] peer 3.3.3.9 connect-interface loopback 1 [*PE1-bgp] ipv4-family vpnv4 [*PE1-bgp-af-vpnv4] peer 3.3.3.9 enable [*PE1-bgp-af-vpnv4] commit [~PE1-bgp-af-vpnv4] quit [~PE1-bgp] quit
# Configure PE2.
[~PE2] bgp 100 [*PE2-bgp] peer 1.1.1.9 as-number 100 [*PE2-bgp] peer 1.1.1.9 connect-interface loopback 1 [*PE2-bgp] ipv4-family vpnv4 [*PE2-bgp-af-vpnv4] peer 1.1.1.9 enable [*PE2-bgp-af-vpnv4] commit [~PE2-bgp-af-vpnv4] quit [~PE2-bgp] quit
After completing the configuration, run the display bgp peer or display bgp vpnv4 all peer command on PEs, and you can view that a BGP peer relationship is set up between PEs and the BGP peer relationship is in the Established state. In the following example, the command output on PE1 is used.
[~PE1] display bgp peer Status codes: * - Dynamic BGP local router ID : 1.1.1.9 Local AS number : 100 Total number of peers : 1 Peers in established state : 1 Total number of dynamic peers : 0 Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv 3.3.3.9 4 100 2 6 0 00:00:12 Established 0[~PE1] display bgp vpnv4 all peer Status codes: * - Dynamic BGP local router ID : 1.1.1.9 Local AS number : 100 Total number of peers : 1 Peers in established state : 1 Total number of dynamic peers : 0 Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv 3.3.3.9 4 100 12 18 0 00:09:38 Established 0 - Configure VPN instances in the IPv4 address family on each PE and connect each PE to a CE.
# Configure PE1.
[~PE1] ip vpn-instance vpna [*PE1-vpn-instance-vpna] ipv4-family [*PE1-vpn-instance-vpna-af-ipv4] route-distinguisher 100:1 [*PE1-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both [*PE1-vpn-instance-vpna-af-ipv4] quit [*PE1-vpn-instance-vpna] quit [*PE1] interface 10ge 1/0/2 [*PE1-10GE1/0/2] undo portswitch [*PE1-10GE1/0/2] ip binding vpn-instance vpna [*PE1-10GE1/0/2] ip address 10.1.1.2 24 [*PE1-10GE1/0/2] quit [*PE1] commit
# Configure PE2.
[~PE2] ip vpn-instance vpna [*PE2-vpn-instance-vpna] ipv4-family [*PE2-vpn-instance-vpna-af-ipv4] route-distinguisher 200:1 [*PE2-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both [*PE2-vpn-instance-vpna-af-ipv4] quit [*PE2-vpn-instance-vpna] quit [*PE2] interface 10ge 1/0/2 [*PE2-10GE1/0/2] undo portswitch [*PE2-10GE1/0/2] ip binding vpn-instance vpna [*PE2-10GE1/0/2] ip address 10.2.1.2 24 [*PE2-10GE1/0/2] quit [*PE2] commit
# Assign an IP address to each interface on CEs as shown in Figure 5-38. The detailed configuration procedure is not provided here. For details, see Configuration Files.
After the configuration, run the display ip vpn-instance verbose command on PEs to view the configurations of VPN instances. Each PE can successfully ping its connected CE.
- Set up EBGP peer relationships between PEs and CEs.
# Configure CE1. The configuration of CE2 is similar to the configuration of CE1, and are not provided here. For details, see Configuration Files.
[~CE1] bgp 65410 [*CE1-bgp] peer 10.1.1.2 as-number 100 [*CE1-bgp] network 11.1.1.1 32 [*CE1-bgp] quit [*CE1] commit
# Configure PE1. The configuration of PE2 is similar to the configuration of PE1, and are not provided here. For details, see Configuration Files.
[~PE1] bgp 100 [*PE1-bgp] ipv4-family vpn-instance vpna [*PE1-bgp-vpna] peer 10.1.1.1 as-number 65410 [*PE1-bgp-vpna] quit [*PE1-bgp] quit [*PE1] commit
After the configuration, run the display bgp vpnv4 vpn-instance peer command on PEs, and you can view that BGP peer relationships between PEs and CEs have been established and are in the Established state.
In the following example, the peer relationship between PE1 and CE1 is used.
[~PE1] display bgp vpnv4 vpn-instance vpna peer Status codes: * - Dynamic BGP local router ID : 1.1.1.9 Local AS number : 100 VPN-Instance vpna, Router ID 1.1.1.9: Total number of peers : 1 Peers in established state : 1 Total number of dynamic peers : 0 Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv 10.1.1.1 4 65410 11 9 0 00:06:37 Established 1 - Verify the configuration.
Run the display ip routing-table vpn-instance command on each PE to view the routes to CEs' loopback interfaces.
In the following example, the command output on PE1 is used.
[~PE1] display ip routing-table vpn-instance vpna Proto: Protocol Pre: Preference Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route ------------------------------------------------------------------------------ Routing Table: vpna Destinations : 6 Routes : 6 Destination/Mask Proto Pre Cost Flags NextHop Interface 10.1.1.0/24 Direct 0 0 D 10.1.1.2 10GE1/0/2 10.1.1.2/32 Direct 0 0 D 127.0.0.1 10GE1/0/2 10.1.1.255/32 Direct 0 0 D 127.0.0.1 10GE1/0/2 11.1.1.1/32 EBGP 255 0 RD 10.1.1.1 10GE1/0/2 22.2.2.2/32 IBGP 255 0 RD 3.3.3.9 10GE1/0/1 255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Configuration Files
PE1 configuration file
# sysname PE1 # ip vpn-instance vpna ipv4-family route-distinguisher 100:1 vpn-target 111:1 export-extcommunity vpn-target 111:1 import-extcommunity # mpls lsr-id 1.1.1.9 # mpls # segment-routing tunnel-prefer segment-routing # isis 1 is-level level-1 cost-style wide network-entity 10.0000.0000.0001.00 segment-routing mpls segment-routing global-block 160000 161000 # interface 10GE1/0/1 undo portswitch ip address 172.1.1.1 255.255.255.0 isis enable 1 # interface 10GE1/0/2 undo portswitch ip binding vpn-instance vpna ip address 10.1.1.2 255.255.255.0 # interface LoopBack1 ip address 1.1.1.9 255.255.255.255 isis enable 1 isis prefix-sid index 10 # bgp 100 peer 3.3.3.9 as-number 100 peer 3.3.3.9 connect-interface LoopBack1 # ipv4-family unicast peer 3.3.3.9 enable # ipv4-family vpnv4 policy vpn-target peer 3.3.3.9 enable # ipv4-family vpn-instance vpna peer 10.1.1.1 as-number 65410 # return
P1 configuration file
# sysname P1 # mpls lsr-id 2.2.2.9 # mpls # segment-routing tunnel-prefer segment-routing # isis 1 is-level level-1 cost-style wide network-entity 10.0000.0000.0002.00 segment-routing mpls segment-routing global-block 161001 162000 # interface 10GE1/0/1 undo portswitch ip address 172.1.1.2 255.255.255.0 isis enable 1 # interface 10GE1/0/2 undo portswitch ip address 172.2.1.1 255.255.255.0 isis enable 1 # interface LoopBack1 ip address 2.2.2.9 255.255.255.255 isis enable 1 isis prefix-sid index 20 # return
PE2 configuration file
# sysname PE2 # ip vpn-instance vpna ipv4-family route-distinguisher 200:1 vpn-target 111:1 export-extcommunity vpn-target 111:1 import-extcommunity # mpls lsr-id 3.3.3.9 # mpls # segment-routing tunnel-prefer segment-routing # isis 1 is-level level-1 cost-style wide network-entity 10.0000.0000.0003.00 segment-routing mpls segment-routing global-block 162001 163000 # interface 10GE1/0/1 undo portswitch ip address 172.2.1.2 255.255.255.0 isis enable 1 # interface 10GE1/0/2 undo portswitch ip binding vpn-instance vpna ip address 10.2.1.2 255.255.255.0 # interface LoopBack1 ip address 3.3.3.9 255.255.255.255 isis enable 1 isis prefix-sid index 30 # bgp 100 peer 1.1.1.9 as-number 100 peer 1.1.1.9 connect-interface LoopBack1 # ipv4-family unicast peer 1.1.1.9 enable # ipv4-family vpnv4 policy vpn-target peer 1.1.1.9 enable # ipv4-family vpn-instance vpna peer 10.2.1.1 as-number 65420 # return
CE1 configuration file
# sysname CE1 # interface 10GE1/0/1 undo portswitch ip address 10.1.1.1 255.255.255.0 # interface LoopBack1 ip address 11.1.1.1 255.255.255.255 # bgp 65410 peer 10.1.1.2 as-number 100 # ipv4-family unicast network 11.1.1.1 255.255.255.255 peer 10.1.1.2 enable # return
CE2 configuration file
# sysname CE2 # interface 10GE1/0/1 undo portswitch ip address 10.2.1.1 255.255.255.0 # interface LoopBack1 ip address 22.2.2.2 255.255.255.255 # bgp 65420 peer 10.2.1.2 as-number 100 # ipv4-family unicast network 22.2.2.2 255.255.255.255 peer 10.2.1.2 enable # return
Example for Configuring Non-Labeled Public BGP Routes to Be Iterated to an SR-MPLS BE tunnel
Networking Requirements
If an Internet user uses a backbone network that performs IP forwarding to access the Internet, core backbone network devices on the forwarding path need to learn a large number of Internet routes. This imposes a heavy load on core backbone network devices and affects the performance of these devices. To solve this problem, you can enable access devices to iterate non-labeled public BGP routes or non-labeled static routes to an SR tunnel so that users can access the Internet through the SR tunnel. The iteration to the SR tunnel prevents the problems induced by insufficient performance, heavy burdens, and service transmission on the core devices on the backbone network.
In Figure 5-39, non-labeled public BGP routes are configured and iterated to an SR-MPLS BE tunnel.
Configuration Roadmap
The configuration roadmap is as follows:
Configure an IP address for each interface, and configure IS-IS on each node to ensure there are reachable routes between them.
Configure MPLS and segment routing on the backbone network and establish SR LSPs.
Enable IBGP on PEs to exchange VPN routing information.
Enable PEs to iterate non-labeled public BGP routes to the SR-MPLS BE tunnel.
Procedure
- Configure IP addresses for interfaces.
# Configure PE1.
<HUAWEI> system-view [~HUAWEI] sysname PE1 [*HUAWEI] commit [~PE1] interface loopback 1 [*PE1-LoopBack1] ip address 1.1.1.9 32 [*PE1-LoopBack1] quit [*PE1] interface 10ge 1/0/1 [*PE1-10GE1/0/1] undo portswitch [*PE1-10GE1/0/1] ip address 172.1.1.1 24 [*PE1-10GE1/0/1] quit [*PE1] commit
# Configure P1.
<HUAWEI> system-view [~HUAWEI] sysname P1 [*HUAWEI] commit [~P1] interface loopback 1 [*P1-LoopBack1] ip address 2.2.2.9 32 [*P1-LoopBack1] quit [*P1] interface 10ge 1/0/1 [*P1-10GE1/0/1] undo portswitch [*P1-10GE1/0/1] ip address 172.1.1.2 24 [*P1-10GE1/0/1] quit [*P1] interface 10ge 1/0/2 [*P1-10GE1/0/2] undo portswitch [*P1-10GE1/0/2] ip address 172.2.1.2 24 [*P1-10GE1/0/2] quit [*P1] commit
# Configure PE2.
<HUAWEI> system-view [~HUAWEI] sysname PE2 [*HUAWEI] commit [~PE2] interface loopback 1 [*PE2-LoopBack1] ip address 3.3.3.9 32 [*PE2-LoopBack1] quit [*PE2] interface 10ge 1/0/1 [*PE2-10GE1/0/1] undo portswitch [*PE2-10GE1/0/1] ip address 172.2.1.1 24 [*PE2-10GE1/0/1] quit [*PE2] commit
- Configure an IGP protocol on the backbone network to implement connectivity between the PEs. IS-IS is used as an IGP protocol in this example.
# Configure PE1.
[~PE1] isis 1 [*PE1-isis-1] is-level level-1 [*PE1-isis-1] network-entity 10.0000.0000.0001.00 [*PE1-isis-1] quit [*PE1] commit [~PE1] interface loopback 1 [~PE1-LoopBack1] isis enable 1 [*PE1-LoopBack1] quit [*PE1] interface 10ge 1/0/1 [*PE1-10GE1/0/1] isis enable 1 [*PE1-10GE1/0/1] quit [*PE1] commit
# Configure P1.
[~P1] isis 1 [*P1-isis-1] is-level level-1 [*P1-isis-1] network-entity 10.0000.0000.0002.00 [*P1-isis-1] quit [*P1] commit [~P1] interface loopback 1 [~P1-LoopBack1] isis enable 1 [*P1-LoopBack1] quit [*P1] interface 10ge 1/0/1 [*P1-10GE1/0/1] isis enable 1 [*P1-10GE1/0/1] quit [*P1] interface 10ge 1/0/2 [*P1-10GE1/0/2] isis enable 1 [*P1-10GE1/0/2] quit [*P1] commit
# Configure PE2.
[~PE2] isis 1 [*PE2-isis-1] is-level level-1 [*PE2-isis-1] network-entity 10.0000.0000.0003.00 [*PE2-isis-1] quit [*PE2] commit [~PE2] interface loopback 1 [~PE2-LoopBack1] isis enable 1 [*PE2-LoopBack1] quit [*PE2] interface 10ge 1/0/1 [*PE2-10GE1/0/1] isis enable 1 [*PE2-10GE1/0/1] quit [*PE2] commit
- Configure the basic MPLS functions on the backbone network.
# Configure PE1.
[~PE1] mpls lsr-id 1.1.1.9 [*PE1] mpls [*PE1-mpls] commit [~PE1-mpls] quit
# Configure P1.
[~P1] mpls lsr-id 2.2.2.9 [*P1] mpls [*P1-mpls] commit [~P1-mpls] quit
# Configure PE2.
[~PE2] mpls lsr-id 3.3.3.9 [*PE2] mpls [*PE2-mpls] commit [~PE2-mpls] quit
- Configure segment routing on the backbone network.
# Configure PE1.
[~PE1] segment-routing [*PE1-segment-routing] tunnel-prefer segment-routing [*PE1-segment-routing] quit [*PE1] commit [~PE1] isis 1 [~PE1-isis-1] cost-style wide [*PE1-isis-1] segment-routing mpls [*PE1-isis-1] segment-routing global-block 160000 161000 [*PE1-isis-1] quit
The SRGB value range varies according to a live network and the range the set as required. Here is an example only.
[*PE1] interface loopback 1 [*PE1-LoopBack1] isis prefix-sid index 10 [*PE1-LoopBack1] quit [*PE1] commit
# Configure P1.
[~P1] segment-routing [*P1-segment-routing] tunnel-prefer segment-routing [*P1-segment-routing] quit [*P1] commit [~P1] isis 1 [~P1-isis-1] cost-style wide [*P1-isis-1] segment-routing mpls [*P1-isis-1] segment-routing global-block 161001 162000 [*P1-isis-1] quit
The SRGB value range varies according to a live network and the range the set as required. Here is an example only.
[*P1] interface loopback 1 [*P1-LoopBack1] isis prefix-sid index 20 [*P1-LoopBack1] quit [*P1] commit
# Configure PE2.
[~PE2] segment-routing [*PE2-segment-routing] tunnel-prefer segment-routing [*PE2-segment-routing] quit [*PE2] commit [~PE2] isis 1 [~PE2-isis-1] cost-style wide [*PE2-isis-1] segment-routing mpls [*PE2-isis-1] segment-routing global-block 162001 163000 [*PE2-isis-1] quit
The SRGB value range varies according to a live network and the range the set as required. Here is an example only.
[*PE2] interface loopback 1 [*PE2-LoopBack1] isis prefix-sid index 30 [*PE2-LoopBack1] quit [*PE2] commit
After completing the configuration, run the display segment-routing prefix mpls forwarding command on PEs, and you can view that prefix label is in the Active state. In the following example, the command output on PE1 is used.
[~PE1] display segment-routing prefix mpls forwarding Segment Routing Prefix MPLS Forwarding Information -------------------------------------------------------------- Role : I-Ingress, T-Transit, E-Egress, I&T-Ingress And Transit Prefix Label OutLabel Interface NextHop Role MPLSMtu Mtu State -------------------------------------------------------------------------------------------------------------- 1.1.1.9/32 160010 NULL Loop1 127.0.0.1 E --- 1500 Active 2.2.2.9/32 160020 3 10GE1/0/1 172.1.1.2 I&T --- 1500 Active 3.3.3.9/32 160030 161031 10GE1/0/1 172.1.1.2 I&T --- 1500 Active Total information(s): 3 - Establish an IBGP peer relationship between PEs.
# Configure PE1.
[~PE1] bgp 100 [*PE1-bgp] peer 3.3.3.9 as-number 100 [*PE1-bgp] peer 3.3.3.9 connect-interface loopback 1 [*PE1-bgp] commit [~PE1-bgp] quit
# Configure PE2.
[~PE2] bgp 100 [*PE2-bgp] peer 1.1.1.9 as-number 100 [*PE2-bgp] peer 1.1.1.9 connect-interface loopback 1 [*PE2-bgp] commit [~PE2-bgp] quit
After completing the configuration, run the display bgp peer command on PEs, and you can view that BGP peer relationships between PEs have been established and are in the Established state. In the following example, the command output on PE1 is used.
[~PE1] display bgp peer Status codes: * - Dynamic BGP local router ID : 1.1.1.9 Local AS number : 100 Total number of peers : 1 Peers in established state : 1 Total number of dynamic peers : 0 Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv 3.3.3.9 4 100 2 6 0 00:00:12 Established 0 - Enable PEs to iterate non-labeled public BGP routes to the SR-MPLS BE tunnel.
# Configure PE1.
[~PE1] tunnel-policy p1 [*PE1-tunnel-policy-p1] tunnel select-seq sr-lsp load-balance-number 1 [*PE1-tunnel-policy-p1] quit [*PE1] route recursive-lookup tunnel tunnel-policy p1 [*PE1] commit
# Configure PE2.
[~PE2] tunnel-policy p1 [*PE2-tunnel-policy-p1] tunnel select-seq sr-lsp load-balance-number 1 [*PE2-tunnel-policy-p1] quit [*PE2] route recursive-lookup tunnel tunnel-policy p1 [*PE2] commit
Configuration Files
PE1 configuration file
# sysname PE1 # mpls lsr-id 1.1.1.9 # mpls # segment-routing tunnel-prefer segment-routing # isis 1 is-level level-1 cost-style wide network-entity 10.0000.0000.0001.00 segment-routing mpls segment-routing global-block 160000 161000 # interface 10GE1/0/1 undo portswitch ip address 172.1.1.1 255.255.255.0 isis enable 1 # interface LoopBack1 ip address 1.1.1.9 255.255.255.255 isis enable 1 isis prefix-sid index 10 # bgp 100 peer 3.3.3.9 as-number 100 peer 3.3.3.9 connect-interface LoopBack1 # ipv4-family unicast peer 3.3.3.9 enable # route recursive-lookup tunnel tunnel-policy p1 # tunnel-policy p1 tunnel select-seq sr-lsp load-balance-number 1 # return
P1 configuration file
# sysname P1 # mpls lsr-id 2.2.2.9 # mpls # segment-routing tunnel-prefer segment-routing # isis 1 is-level level-1 cost-style wide network-entity 10.0000.0000.0002.00 segment-routing mpls segment-routing global-block 161001 162000 # interface 10GE1/0/1 undo portswitch ip address 172.1.1.2 255.255.255.0 isis enable 1 # interface 10GE1/0/2 undo portswitch ip address 172.2.1.2 255.255.255.0 isis enable 1 # interface LoopBack1 ip address 2.2.2.9 255.255.255.255 isis enable 1 isis prefix-sid index 20 # return
PE2 configuration file
# sysname PE2 # mpls lsr-id 3.3.3.9 # mpls # segment-routing tunnel-prefer segment-routing # isis 1 is-level level-1 cost-style wide network-entity 10.0000.0000.0003.00 segment-routing mpls segment-routing global-block 162001 163000 # interface 10GE1/0/1 undo portswitch ip address 172.2.1.1 255.255.255.0 isis enable 1 # interface LoopBack1 ip address 3.3.3.9 255.255.255.255 isis enable 1 isis prefix-sid index 30 # bgp 100 peer 1.1.1.9 as-number 100 peer 1.1.1.9 connect-interface LoopBack1 # ipv4-family unicast peer 1.1.1.9 enable # route recursive-lookup tunnel tunnel-policy p1 # tunnel-policy p1 tunnel select-seq sr-lsp load-balance-number 1 # return