SupportDocumentationSwitchesData Center SwitchCloudEngine 12800&16800Configuration & CommissioningConfiguration Guide

CloudEngine 12800 V200R019C10 Configuration Guide - MPLS

This document describes the configurations of MPLS, including MPLS Basic, MPLS LDP, MPLS QoS, MPLS TE, and SR-MPLS TE.

Configuration Examples for SR-MPLS BE

Configuration Examples for SR-MPLS BE

This section provides SR-MPLS BE configuration examples, including the networking requirements, configuration roadmap, configuration procedure, and configuration files.

This section only provides configuration examples for individual features. For details about multi-feature configuration examples, feature-specific configuration examples, interoperation examples, protocol or hardware replacement examples, and industry application examples, see the Typical Configuration Examples.

Example for Configuring an SR-MPLS BE Tunnel

Networking Requirements

In Figure 5-37, devices run IS-IS. Segment routing is used and enables each device to advertise the SR capability and supported SRGB. In addition, the advertising end advertises a prefix SID offset within the SRGB range. The receive end computes an effective label value to generate a forwarding entry.

Figure 5-37 SR-MPLS BE tunnel networking

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure an IP address for each interface, and configure IS-IS on each node to ensure there are reachable routes between them.

  2. Configure MPLS and segment routing on the backbone network and establish SR LSPs.

Procedure

  1. Configure IP addresses for interfaces.

    # Configure PE1.

    <HUAWEI> system-view
[~HUAWEI] sysname PE1
[*HUAWEI] commit
[~PE1] interface loopback 1
[*PE1-LoopBack1] ip address 1.1.1.9 32
[*PE1-LoopBack1] quit
[*PE1] interface 10ge 1/0/1
[*PE1-10GE1/0/1] undo portswitch
[*PE1-10GE1/0/1] ip address 172.1.1.1 24
[*PE1-10GE1/0/1] quit
[*PE1] commit

    # Configure P1.

    <HUAWEI> system-view
[~HUAWEI] sysname P1
[*HUAWEI] commit
[~P1] interface loopback 1
[*P1-LoopBack1] ip address 2.2.2.9 32
[*P1-LoopBack1] quit
[*P1] interface 10ge 1/0/1
[*P1-10GE1/0/1] undo portswitch
[*P1-10GE1/0/1] ip address 172.1.1.2 24
[*P1-10GE1/0/1] quit
[*P1] interface 10ge 1/0/2
[*P1-10GE1/0/2] undo portswitch
[*P1-10GE1/0/2] ip address 172.2.1.1 24
[*P1-10GE1/0/2] quit
[*P1] commit

    # Configure PE2.

    <HUAWEI> system-view
[~HUAWEI] sysname PE2
[*HUAWEI] commit
[~PE2] interface loopback 1
[*PE2-LoopBack1] ip address 3.3.3.9 32
[*PE2-LoopBack1] quit
[*PE2] interface 10ge 1/0/1
[*PE2-10GE1/0/1] undo portswitch
[*PE2-10GE1/0/1] ip address 172.2.1.2 24
[*PE2-10GE1/0/1] quit
[*PE2] commit

  2. Configure an IGP protocol on the MPLS backbone network to implement connectivity between the PEs and P1. IS-IS is used as an IGP protocol in this example.

    # Configure PE1.

    [~PE1] isis 1
[*PE1-isis-1] is-level level-1
[*PE1-isis-1] network-entity 10.0000.0000.0001.00
[*PE1-isis-1] quit
[*PE1] commit
[~PE1] interface loopback 1
[~PE1-LoopBack1] isis enable 1
[*PE1-LoopBack1] quit
[*PE1] interface 10ge 1/0/1
[*PE1-10GE1/0/1] isis enable 1
[*PE1-10GE1/0/1] quit
[*PE1] commit

    # Configure P1.

    [~P1] isis 1
[*P1-isis-1] is-level level-1
[*P1-isis-1] network-entity 10.0000.0000.0002.00
[*P1-isis-1] quit
[*P1] commit
[~P1] interface loopback 1
[~P1-LoopBack1] isis enable 1
[*P1-LoopBack1] quit
[*P1] interface 10ge 1/0/1
[*P1-10GE1/0/1] isis enable 1
[*P1-10GE1/0/1] quit
[*P1] interface 10ge 1/0/2
[*P1-10GE1/0/2] isis enable 1
[*P1-10GE1/0/2] quit
[*P1] commit

    # Configure PE2.

    [~PE2] isis 1
[*PE2-isis-1] is-level level-1
[*PE2-isis-1] network-entity 10.0000.0000.0003.00
[*PE2-isis-1] quit
[*PE2] commit
[~PE2] interface loopback 1
[~PE2-LoopBack1] isis enable 1
[*PE2-LoopBack1] quit
[*PE2] interface 10ge 1/0/1
[*PE2-10GE1/0/1] isis enable 1
[*PE2-10GE1/0/1] quit
[*PE2] commit

  3. Configure the basic MPLS functions on the backbone network.

    # Configure PE1.

    [~PE1] mpls lsr-id 1.1.1.9
[*PE1] mpls
[*PE1-mpls] commit
[~PE1-mpls] quit

    # Configure P1.

    [~P1] mpls lsr-id 2.2.2.9
[*P1] mpls
[*P1-mpls] commit
[~P1-mpls] quit

    # Configure PE2.

    [~PE2] mpls lsr-id 3.3.3.9
[*PE2] mpls
[*PE2-mpls] commit
[~PE2-mpls] quit

  4. Configure segment routing on the backbone network.

    # Configure PE1.

    [~PE1] segment-routing
[*PE1-segment-routing] tunnel-prefer segment-routing
[*PE1-segment-routing] quit
[*PE1] commit
[~PE1] isis 1
[~PE1-isis-1] cost-style wide
[*PE1-isis-1] segment-routing mpls
[*PE1-isis-1] segment-routing global-block 160000 161000
[*PE1-isis-1] quit

    The SRGB value range varies according to a live network and the range the set as required. Here is an example only.

    [*PE1] interface loopback 1
[*PE1-LoopBack1] isis prefix-sid index 10
[*PE1-LoopBack1] quit
[*PE1] commit

    # Configure P1.

    [~P1] segment-routing
[*P1-segment-routing] tunnel-prefer segment-routing
[*P1-segment-routing] quit
[*P1] commit
[~P1] isis 1
[~P1-isis-1] cost-style wide
[*P1-isis-1] segment-routing mpls
[*P1-isis-1] segment-routing global-block 161001 162000
[*P1-isis-1] quit

    The SRGB value range varies according to a live network and the range the set as required. Here is an example only.

    [*P1] interface loopback 1
[*P1-LoopBack1] isis prefix-sid index 20
[*P1-LoopBack1] quit
[*P1] commit

    # Configure PE2.

    [~PE2] segment-routing
[*PE2-segment-routing] tunnel-prefer segment-routing
[*PE2-segment-routing] quit
[*PE2] commit
[~PE2] isis 1
[~PE2-isis-1] cost-style wide
[*PE2-isis-1] segment-routing mpls
[*PE2-isis-1] segment-routing global-block 162001 163000
[*PE2-isis-1] quit

    The SRGB value range varies according to a live network and the range the set as required. Here is an example only.

    [*PE2] interface loopback 1
[*PE2-LoopBack1] isis prefix-sid index 30
[*PE2-LoopBack1] quit
[*PE2] commit

    After completing the configuration, run the display segment-routing prefix mpls forwarding command on PEs, and you can view that prefix label is in the Active state. In the following example, the command output on PE1 is used.

    [~PE1] display segment-routing prefix mpls forwarding
                                                                                                    Segment Routing Prefix MPLS Forwarding Information           
             --------------------------------------------------------------     
             Role : I-Ingress, T-Transit, E-Egress, I&T-Ingress And Transit     
                                                                                 Prefix             Label      OutLabel   Interface         NextHop          Role  MPLSMtu   Mtu       State
--------------------------------------------------------------------------------------------------------------
1.1.1.9/32         160010     NULL       Loop1             127.0.0.1        E     ---       1500      Active
2.2.2.9/32         160020     3          10GE1/0/1         172.1.1.2        I&T   ---       1500      Active
3.3.3.9/32         160030     161031     10GE1/0/1         172.1.1.2        I&T   ---       1500      Active
                                                                                 Total information(s): 3

Configuration Files

  • PE1 configuration file

    #
sysname PE1
#
mpls lsr-id 1.1.1.9
#               
mpls            
#               
segment-routing 
 tunnel-prefer segment-routing
#               
isis 1          
 is-level level-1
 cost-style wide
 network-entity 10.0000.0000.0001.00
 segment-routing mpls
 segment-routing global-block 160000 161000
#               
interface 10GE1/0/1
 undo portswitch  
 ip address 172.1.1.1 255.255.255.0
 isis enable 1  
#                              
interface LoopBack1
 ip address 1.1.1.9 255.255.255.255
 isis enable 1  
 isis prefix-sid index 10
#
return

  • P1 configuration file

    #
sysname P1
#
mpls lsr-id 2.2.2.9
#               
mpls            
#               
segment-routing 
 tunnel-prefer segment-routing
#               
isis 1          
 is-level level-1
 cost-style wide
 network-entity 10.0000.0000.0002.00
 segment-routing mpls
 segment-routing global-block 161001 162000
#               
interface 10GE1/0/1
 undo portswitch  
 ip address 172.1.1.2 255.255.255.0
 isis enable 1  
#               
interface 10GE1/0/2
 undo portswitch  
 ip address 172.2.1.1 255.255.255.0
 isis enable 1  
#               
interface LoopBack1
 ip address 2.2.2.9 255.255.255.255
 isis enable 1  
 isis prefix-sid index 20
#
return

  • PE2 configuration file

    #
sysname PE2
#
mpls lsr-id 3.3.3.9
#               
mpls            
#               
segment-routing 
 tunnel-prefer segment-routing
#               
isis 1          
 is-level level-1
 cost-style wide
 network-entity 10.0000.0000.0003.00
 segment-routing mpls
 segment-routing global-block 162001 163000
#               
interface 10GE1/0/1
 undo portswitch
 ip address 172.2.1.2 255.255.255.0
 isis enable 1
#               
interface LoopBack1
 ip address 3.3.3.9 255.255.255.255
 isis enable 1
 isis prefix-sid index 30
#
return

Example for Configuring L3VPN Services Iterated to an SR-MPLS BE Tunnel

Networking Requirements

In Figure 5-38, CE1 and CE2 belong to vpna. L3VPN services are iterated to an SR-MPLS BE tunnel to allow users within the same VPN to securely access each other.

Figure 5-38 L3VPN iterated to an SR-MPLS BE tunnel

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure an IP address for each interface, and configure IS-IS on each node to ensure there are reachable routes between them.

  2. Configure MPLS and segment routing on the backbone network and establish SR LSPs.

  3. Enable Multi-protocol Extensions for Interior Border Gateway Protocol (MP-IBGP) on PEs to exchange VPN routing information.

  4. Configure VPN instances on the PEs and bind each interface that connects a PE to a CE to a VPN instance.

  5. Configure External Border Gateway Protocol (EBGP) on the CEs and PEs to exchange VPN routing information.

Procedure

  1. Configure IP addresses for interfaces.

    # Configure PE1.

    <HUAWEI> system-view
[~HUAWEI] sysname PE1
[*HUAWEI] commit
[~PE1] interface loopback 1
[*PE1-LoopBack1] ip address 1.1.1.9 32
[*PE1-LoopBack1] quit
[*PE1] interface 10ge 1/0/1
[*PE1-10GE1/0/1] undo portswitch
[*PE1-10GE1/0/1] ip address 172.1.1.1 24
[*PE1-10GE1/0/1] quit
[*PE1] commit

    # Configure P1.

    <HUAWEI> system-view
[~HUAWEI] sysname P1
[*HUAWEI] commit
[~P1] interface loopback 1
[*P1-LoopBack1] ip address 2.2.2.9 32
[*P1-LoopBack1] quit
[*P1] interface 10ge 1/0/1
[*P1-10GE1/0/1] undo portswitch
[*P1-10GE1/0/1] ip address 172.1.1.2 24
[*P1-10GE1/0/1] quit
[*P1] interface 10ge 1/0/2
[*P1-10GE1/0/2] undo portswitch
[*P1-10GE1/0/2] ip address 172.2.1.1 24
[*P1-10GE1/0/2] quit
[*P1] commit

    # Configure PE2.

    <HUAWEI> system-view
[~HUAWEI] sysname PE2
[*HUAWEI] commit
[~PE2] interface loopback 1
[*PE2-LoopBack1] ip address 3.3.3.9 32
[*PE2-LoopBack1] quit
[*PE2] interface 10ge 1/0/1
[*PE2-10GE1/0/1] undo portswitch
[*PE2-10GE1/0/1] ip address 172.2.1.2 24
[*PE2-10GE1/0/1] quit
[*PE2] commit

  2. Configure an IGP protocol on the MPLS backbone network to implement connectivity between the PEs and P1. IS-IS is used as an IGP protocol in this example.

    # Configure PE1.

    [~PE1] isis 1
[*PE1-isis-1] is-level level-1
[*PE1-isis-1] network-entity 10.0000.0000.0001.00
[*PE1-isis-1] quit
[*PE1] commit
[~PE1] interface loopback 1
[~PE1-LoopBack1] isis enable 1
[*PE1-LoopBack1] quit
[*PE1] interface 10ge 1/0/1
[*PE1-10GE1/0/1] isis enable 1
[*PE1-10GE1/0/1] quit
[*PE1] commit

    # Configure P1.

    [~P1] isis 1
[*P1-isis-1] is-level level-1
[*P1-isis-1] network-entity 10.0000.0000.0002.00
[*P1-isis-1] quit
[*P1] commit
[~P1] interface loopback 1
[~P1-LoopBack1] isis enable 1
[*P1-LoopBack1] quit
[*P1] interface 10ge 1/0/1
[*P1-10GE1/0/1] isis enable 1
[*P1-10GE1/0/1] quit
[*P1] interface 10ge 1/0/2
[*P1-10GE1/0/2] isis enable 1
[*P1-10GE1/0/2] quit
[*P1] commit

    # Configure PE2.

    [~PE2] isis 1
[*PE2-isis-1] is-level level-1
[*PE2-isis-1] network-entity 10.0000.0000.0003.00
[*PE2-isis-1] quit
[*PE2] commit
[~PE2] interface loopback 1
[~PE2-LoopBack1] isis enable 1
[*PE2-LoopBack1] quit
[*PE2] interface 10ge 1/0/1
[*PE2-10GE1/0/1] isis enable 1
[*PE2-10GE1/0/1] quit
[*PE2] commit

  3. Configure the basic MPLS functions on the backbone network.

    # Configure PE1.

    [~PE1] mpls lsr-id 1.1.1.9
[*PE1] mpls
[*PE1-mpls] commit
[~PE1-mpls] quit

    # Configure P1.

    [~P1] mpls lsr-id 2.2.2.9
[*P1] mpls
[*P1-mpls] commit
[~P1-mpls] quit

    # Configure PE2.

    [~PE2] mpls lsr-id 3.3.3.9
[*PE2] mpls
[*PE2-mpls] commit
[~PE2-mpls] quit

  4. Configure segment routing on the backbone network.

    # Configure PE1.

    [~PE1] segment-routing
[*PE1-segment-routing] tunnel-prefer segment-routing
[*PE1-segment-routing] quit
[*PE1] commit
[~PE1] isis 1
[~PE1-isis-1] cost-style wide
[*PE1-isis-1] segment-routing mpls
[*PE1-isis-1] segment-routing global-block 160000 161000
[*PE1-isis-1] quit

    The SRGB value range varies according to a live network and the range the set as required. Here is an example only.

    [*PE1] interface loopback 1
[*PE1-LoopBack1] isis prefix-sid index 10
[*PE1-LoopBack1] quit
[*PE1] commit

    # Configure P1.

    [~P1] segment-routing
[*P1-segment-routing] tunnel-prefer segment-routing
[*P1-segment-routing] quit
[*P1] commit
[~P1] isis 1
[~P1-isis-1] cost-style wide
[*P1-isis-1] segment-routing mpls
[*P1-isis-1] segment-routing global-block 161001 162000
[*P1-isis-1] quit

    The SRGB value range varies according to a live network and the range the set as required. Here is an example only.

    [*P1] interface loopback 1
[*P1-LoopBack1] isis prefix-sid index 20
[*P1-LoopBack1] quit
[*P1] commit

    # Configure PE2.

    [~PE2] segment-routing
[*PE2-segment-routing] tunnel-prefer segment-routing
[*PE2-segment-routing] quit
[*PE2] commit
[~PE2] isis 1
[~PE2-isis-1] cost-style wide
[*PE2-isis-1] segment-routing mpls
[*PE2-isis-1] segment-routing global-block 162001 163000
[*PE2-isis-1] quit

    The SRGB value range varies according to a live network and the range the set as required. Here is an example only.

    [*PE2] interface loopback 1
[*PE2-LoopBack1] isis prefix-sid index 30
[*PE2-LoopBack1] quit
[*PE2] commit

    After completing the configuration, run the display segment-routing prefix mpls forwarding command on PEs, and you can view that prefix label is in the Active state. In the following example, the command output on PE1 is used.

    [~PE1] display segment-routing prefix mpls forwarding
                                                                                                  Segment Routing Prefix MPLS Forwarding Information           
             --------------------------------------------------------------     
             Role : I-Ingress, T-Transit, E-Egress, I&T-Ingress And Transit     
                                                                                 Prefix             Label      OutLabel   Interface         NextHop          Role  MPLSMtu   Mtu       State
--------------------------------------------------------------------------------------------------------------
1.1.1.9/32         160010     NULL       Loop1             127.0.0.1        E     ---       1500      Active
2.2.2.9/32         160020     3          10GE1/0/1         172.1.1.2        I&T   ---       1500      Active
3.3.3.9/32         160030     161031     10GE1/0/1         172.1.1.2        I&T   ---       1500      Active
                                                                                 Total information(s): 3

  5. Set up an MP-IBGP peer relationship between PEs.

    # Configure PE1.

    [~PE1] bgp 100
[*PE1-bgp] peer 3.3.3.9 as-number 100
[*PE1-bgp] peer 3.3.3.9 connect-interface loopback 1
[*PE1-bgp] ipv4-family vpnv4
[*PE1-bgp-af-vpnv4] peer 3.3.3.9 enable
[*PE1-bgp-af-vpnv4] commit
[~PE1-bgp-af-vpnv4] quit
[~PE1-bgp] quit

    # Configure PE2.

    [~PE2] bgp 100
[*PE2-bgp] peer 1.1.1.9 as-number 100
[*PE2-bgp] peer 1.1.1.9 connect-interface loopback 1
[*PE2-bgp] ipv4-family vpnv4
[*PE2-bgp-af-vpnv4] peer 1.1.1.9 enable
[*PE2-bgp-af-vpnv4] commit
[~PE2-bgp-af-vpnv4] quit
[~PE2-bgp] quit

    After completing the configuration, run the display bgp peer or display bgp vpnv4 all peer command on PEs, and you can view that a BGP peer relationship is set up between PEs and the BGP peer relationship is in the Established state. In the following example, the command output on PE1 is used.

    [~PE1] display bgp peer
 Status codes: * - Dynamic
 BGP local router ID        : 1.1.1.9
 Local AS number            : 100
 Total number of peers      : 1          
 Peers in established state : 1
 Total number of dynamic peers : 0
  Peer            V    AS  MsgRcvd  MsgSent     OutQ  Up/Down    State        PrefRcv
  3.3.3.9         4   100        2        6     0     00:00:12   Established   0
    [~PE1] display bgp vpnv4 all peer
 Status codes: * - Dynamic
 BGP local router ID        : 1.1.1.9
 Local AS number            : 100
 Total number of peers      : 1                
 Peers in established state : 1
 Total number of dynamic peers : 0
  Peer            V    AS  MsgRcvd  MsgSent    OutQ  Up/Down    State        PrefRcv
  3.3.3.9         4   100   12      18         0     00:09:38   Established   0

  6. Configure VPN instances in the IPv4 address family on each PE and connect each PE to a CE.

    # Configure PE1.

    [~PE1] ip vpn-instance vpna
[*PE1-vpn-instance-vpna] ipv4-family
[*PE1-vpn-instance-vpna-af-ipv4] route-distinguisher 100:1
[*PE1-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both
[*PE1-vpn-instance-vpna-af-ipv4] quit
[*PE1-vpn-instance-vpna] quit
[*PE1] interface 10ge 1/0/2
[*PE1-10GE1/0/2] undo portswitch
[*PE1-10GE1/0/2] ip binding vpn-instance vpna
[*PE1-10GE1/0/2] ip address 10.1.1.2 24
[*PE1-10GE1/0/2] quit
[*PE1] commit

    # Configure PE2.

    [~PE2] ip vpn-instance vpna
[*PE2-vpn-instance-vpna] ipv4-family
[*PE2-vpn-instance-vpna-af-ipv4] route-distinguisher 200:1
[*PE2-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both
[*PE2-vpn-instance-vpna-af-ipv4] quit
[*PE2-vpn-instance-vpna] quit
[*PE2] interface 10ge 1/0/2
[*PE2-10GE1/0/2] undo portswitch
[*PE2-10GE1/0/2] ip binding vpn-instance vpna
[*PE2-10GE1/0/2] ip address 10.2.1.2 24
[*PE2-10GE1/0/2] quit
[*PE2] commit

    # Assign an IP address to each interface on CEs as shown in Figure 5-38. The detailed configuration procedure is not provided here. For details, see Configuration Files.

    After the configuration, run the display ip vpn-instance verbose command on PEs to view the configurations of VPN instances. Each PE can successfully ping its connected CE.

  7. Set up EBGP peer relationships between PEs and CEs.

    # Configure CE1. The configuration of CE2 is similar to the configuration of CE1, and are not provided here. For details, see Configuration Files.

    [~CE1] bgp 65410
[*CE1-bgp] peer 10.1.1.2 as-number 100
[*CE1-bgp] network 11.1.1.1 32
[*CE1-bgp] quit
[*CE1] commit

    # Configure PE1. The configuration of PE2 is similar to the configuration of PE1, and are not provided here. For details, see Configuration Files.

    [~PE1] bgp 100
[*PE1-bgp] ipv4-family vpn-instance vpna
[*PE1-bgp-vpna] peer 10.1.1.1 as-number 65410
[*PE1-bgp-vpna] quit
[*PE1-bgp] quit
[*PE1] commit

    After the configuration, run the display bgp vpnv4 vpn-instance peer command on PEs, and you can view that BGP peer relationships between PEs and CEs have been established and are in the Established state.

    In the following example, the peer relationship between PE1 and CE1 is used.

    [~PE1] display bgp vpnv4 vpn-instance vpna peer
 Status codes: * - Dynamic
 BGP local router ID : 1.1.1.9
 Local AS number : 100

 VPN-Instance vpna, Router ID 1.1.1.9:
 Total number of peers      : 1           
 Peers in established state : 1
 Total number of dynamic peers : 0

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State  PrefRcv
  10.1.1.1        4       65410       11        9     0 00:06:37 Established        1

  8. Verify the configuration.

    Run the display ip routing-table vpn-instance command on each PE to view the routes to CEs' loopback interfaces.

    In the following example, the command output on PE1 is used.

    [~PE1] display ip routing-table vpn-instance vpna
Proto: Protocol        Pre: Preference
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table: vpna
         Destinations : 6        Routes : 6

Destination/Mask    Proto  Pre  Cost     Flags NextHop         Interface

     10.1.1.0/24    Direct 0    0        D     10.1.1.2        10GE1/0/2
     10.1.1.2/32    Direct 0    0        D     127.0.0.1       10GE1/0/2
   10.1.1.255/32    Direct 0    0        D     127.0.0.1       10GE1/0/2
     11.1.1.1/32    EBGP   255  0        RD    10.1.1.1        10GE1/0/2
     22.2.2.2/32    IBGP   255  0        RD    3.3.3.9         10GE1/0/1
255.255.255.255/32  Direct 0    0        D     127.0.0.1       InLoopBack0

Configuration Files

  • PE1 configuration file

    #
sysname PE1
#
ip vpn-instance vpna
 ipv4-family
  route-distinguisher 100:1
  vpn-target 111:1 export-extcommunity
  vpn-target 111:1 import-extcommunity
#
mpls lsr-id 1.1.1.9
#               
mpls            
#               
segment-routing 
 tunnel-prefer segment-routing
#               
isis 1          
 is-level level-1
 cost-style wide
 network-entity 10.0000.0000.0001.00
 segment-routing mpls
 segment-routing global-block 160000 161000
#               
interface 10GE1/0/1
 undo portswitch  
 ip address 172.1.1.1 255.255.255.0
 isis enable 1  
#               
interface 10GE1/0/2
 undo portswitch  
 ip binding vpn-instance vpna
 ip address 10.1.1.2 255.255.255.0
#                              
interface LoopBack1
 ip address 1.1.1.9 255.255.255.255
 isis enable 1  
 isis prefix-sid index 10
#               
bgp 100         
 peer 3.3.3.9 as-number 100
 peer 3.3.3.9 connect-interface LoopBack1
 #              
 ipv4-family unicast
  peer 3.3.3.9 enable
 #              
 ipv4-family vpnv4
  policy vpn-target
  peer 3.3.3.9 enable
 #              
 ipv4-family vpn-instance vpna
  peer 10.1.1.1 as-number 65410
#
return

  • P1 configuration file

    #
sysname P1
#
mpls lsr-id 2.2.2.9
#               
mpls            
#               
segment-routing 
 tunnel-prefer segment-routing
#               
isis 1          
 is-level level-1
 cost-style wide
 network-entity 10.0000.0000.0002.00
 segment-routing mpls
 segment-routing global-block 161001 162000
#               
interface 10GE1/0/1
 undo portswitch  
 ip address 172.1.1.2 255.255.255.0
 isis enable 1  
#               
interface 10GE1/0/2
 undo portswitch  
 ip address 172.2.1.1 255.255.255.0
 isis enable 1  
#               
interface LoopBack1
 ip address 2.2.2.9 255.255.255.255
 isis enable 1  
 isis prefix-sid index 20
#
return

  • PE2 configuration file

    #
sysname PE2
#
ip vpn-instance vpna
 ipv4-family
  route-distinguisher 200:1
  vpn-target 111:1 export-extcommunity
  vpn-target 111:1 import-extcommunity
#
mpls lsr-id 3.3.3.9
#               
mpls            
#               
segment-routing 
 tunnel-prefer segment-routing
#               
isis 1          
 is-level level-1
 cost-style wide
 network-entity 10.0000.0000.0003.00
 segment-routing mpls
 segment-routing global-block 162001 163000
#
interface 10GE1/0/1
 undo portswitch
 ip address 172.2.1.2 255.255.255.0
 isis enable 1  
#
interface 10GE1/0/2
 undo portswitch
 ip binding vpn-instance vpna
 ip address 10.2.1.2 255.255.255.0
#
interface LoopBack1
 ip address 3.3.3.9 255.255.255.255
 isis enable 1  
 isis prefix-sid index 30
#               
bgp 100         
 peer 1.1.1.9 as-number 100
 peer 1.1.1.9 connect-interface LoopBack1
 #              
 ipv4-family unicast
   peer 1.1.1.9 enable
 #              
 ipv4-family vpnv4
  policy vpn-target
  peer 1.1.1.9 enable
 #              
 ipv4-family vpn-instance vpna
  peer 10.2.1.1 as-number 65420
#
return

  • CE1 configuration file

    #
 sysname CE1
#
interface 10GE1/0/1
 undo portswitch
 ip address 10.1.1.1 255.255.255.0
#
interface LoopBack1
 ip address 11.1.1.1 255.255.255.255
#
bgp 65410
 peer 10.1.1.2 as-number 100
 #
 ipv4-family unicast
  network 11.1.1.1 255.255.255.255
  peer 10.1.1.2 enable
#
return

  • CE2 configuration file

    #
 sysname CE2
#
interface 10GE1/0/1
 undo portswitch
 ip address 10.2.1.1 255.255.255.0
#
interface LoopBack1
 ip address 22.2.2.2 255.255.255.255
#
bgp 65420
 peer 10.2.1.2 as-number 100
 #
 ipv4-family unicast
  network 22.2.2.2 255.255.255.255
  peer 10.2.1.2 enable
#
return

Example for Configuring Non-Labeled Public BGP Routes to Be Iterated to an SR-MPLS BE tunnel

Networking Requirements

If an Internet user uses a backbone network that performs IP forwarding to access the Internet, core backbone network devices on the forwarding path need to learn a large number of Internet routes. This imposes a heavy load on core backbone network devices and affects the performance of these devices. To solve this problem, you can enable access devices to iterate non-labeled public BGP routes or non-labeled static routes to an SR tunnel so that users can access the Internet through the SR tunnel. The iteration to the SR tunnel prevents the problems induced by insufficient performance, heavy burdens, and service transmission on the core devices on the backbone network.

In Figure 5-39, non-labeled public BGP routes are configured and iterated to an SR-MPLS BE tunnel.

Figure 5-39 Non-labeled public BGP route iteration to an SR-MPLS BE tunnel

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure an IP address for each interface, and configure IS-IS on each node to ensure there are reachable routes between them.

  2. Configure MPLS and segment routing on the backbone network and establish SR LSPs.

  3. Enable IBGP on PEs to exchange VPN routing information.

  4. Enable PEs to iterate non-labeled public BGP routes to the SR-MPLS BE tunnel.

Procedure

  1. Configure IP addresses for interfaces.

    # Configure PE1.

    <HUAWEI> system-view
[~HUAWEI] sysname PE1
[*HUAWEI] commit
[~PE1] interface loopback 1
[*PE1-LoopBack1] ip address 1.1.1.9 32
[*PE1-LoopBack1] quit
[*PE1] interface 10ge 1/0/1
[*PE1-10GE1/0/1] undo portswitch
[*PE1-10GE1/0/1] ip address 172.1.1.1 24
[*PE1-10GE1/0/1] quit
[*PE1] commit

    # Configure P1.

    <HUAWEI> system-view
[~HUAWEI] sysname P1
[*HUAWEI] commit
[~P1] interface loopback 1
[*P1-LoopBack1] ip address 2.2.2.9 32
[*P1-LoopBack1] quit
[*P1] interface 10ge 1/0/1
[*P1-10GE1/0/1] undo portswitch
[*P1-10GE1/0/1] ip address 172.1.1.2 24
[*P1-10GE1/0/1] quit
[*P1] interface 10ge 1/0/2
[*P1-10GE1/0/2] undo portswitch
[*P1-10GE1/0/2] ip address 172.2.1.2 24
[*P1-10GE1/0/2] quit
[*P1] commit

    # Configure PE2.

    <HUAWEI> system-view
[~HUAWEI] sysname PE2
[*HUAWEI] commit
[~PE2] interface loopback 1
[*PE2-LoopBack1] ip address 3.3.3.9 32
[*PE2-LoopBack1] quit
[*PE2] interface 10ge 1/0/1
[*PE2-10GE1/0/1] undo portswitch
[*PE2-10GE1/0/1] ip address 172.2.1.1 24
[*PE2-10GE1/0/1] quit
[*PE2] commit

  2. Configure an IGP protocol on the backbone network to implement connectivity between the PEs. IS-IS is used as an IGP protocol in this example.

    # Configure PE1.

    [~PE1] isis 1
[*PE1-isis-1] is-level level-1
[*PE1-isis-1] network-entity 10.0000.0000.0001.00
[*PE1-isis-1] quit
[*PE1] commit
[~PE1] interface loopback 1
[~PE1-LoopBack1] isis enable 1
[*PE1-LoopBack1] quit
[*PE1] interface 10ge 1/0/1
[*PE1-10GE1/0/1] isis enable 1
[*PE1-10GE1/0/1] quit
[*PE1] commit

    # Configure P1.

    [~P1] isis 1
[*P1-isis-1] is-level level-1
[*P1-isis-1] network-entity 10.0000.0000.0002.00
[*P1-isis-1] quit
[*P1] commit
[~P1] interface loopback 1
[~P1-LoopBack1] isis enable 1
[*P1-LoopBack1] quit
[*P1] interface 10ge 1/0/1
[*P1-10GE1/0/1] isis enable 1
[*P1-10GE1/0/1] quit
[*P1] interface 10ge 1/0/2
[*P1-10GE1/0/2] isis enable 1
[*P1-10GE1/0/2] quit
[*P1] commit

    # Configure PE2.

    [~PE2] isis 1
[*PE2-isis-1] is-level level-1
[*PE2-isis-1] network-entity 10.0000.0000.0003.00
[*PE2-isis-1] quit
[*PE2] commit
[~PE2] interface loopback 1
[~PE2-LoopBack1] isis enable 1
[*PE2-LoopBack1] quit
[*PE2] interface 10ge 1/0/1
[*PE2-10GE1/0/1] isis enable 1
[*PE2-10GE1/0/1] quit
[*PE2] commit

  3. Configure the basic MPLS functions on the backbone network.

    # Configure PE1.

    [~PE1] mpls lsr-id 1.1.1.9
[*PE1] mpls
[*PE1-mpls] commit
[~PE1-mpls] quit

    # Configure P1.

    [~P1] mpls lsr-id 2.2.2.9
[*P1] mpls
[*P1-mpls] commit
[~P1-mpls] quit

    # Configure PE2.

    [~PE2] mpls lsr-id 3.3.3.9
[*PE2] mpls
[*PE2-mpls] commit
[~PE2-mpls] quit

  4. Configure segment routing on the backbone network.

    # Configure PE1.

    [~PE1] segment-routing
[*PE1-segment-routing] tunnel-prefer segment-routing
[*PE1-segment-routing] quit
[*PE1] commit
[~PE1] isis 1
[~PE1-isis-1] cost-style wide
[*PE1-isis-1] segment-routing mpls
[*PE1-isis-1] segment-routing global-block 160000 161000
[*PE1-isis-1] quit

    The SRGB value range varies according to a live network and the range the set as required. Here is an example only.

    [*PE1] interface loopback 1
[*PE1-LoopBack1] isis prefix-sid index 10
[*PE1-LoopBack1] quit
[*PE1] commit

    # Configure P1.

    [~P1] segment-routing
[*P1-segment-routing] tunnel-prefer segment-routing
[*P1-segment-routing] quit
[*P1] commit
[~P1] isis 1
[~P1-isis-1] cost-style wide
[*P1-isis-1] segment-routing mpls
[*P1-isis-1] segment-routing global-block 161001 162000
[*P1-isis-1] quit

    The SRGB value range varies according to a live network and the range the set as required. Here is an example only.

    [*P1] interface loopback 1
[*P1-LoopBack1] isis prefix-sid index 20
[*P1-LoopBack1] quit
[*P1] commit

    # Configure PE2.

    [~PE2] segment-routing
[*PE2-segment-routing] tunnel-prefer segment-routing
[*PE2-segment-routing] quit
[*PE2] commit
[~PE2] isis 1
[~PE2-isis-1] cost-style wide
[*PE2-isis-1] segment-routing mpls
[*PE2-isis-1] segment-routing global-block 162001 163000
[*PE2-isis-1] quit

    The SRGB value range varies according to a live network and the range the set as required. Here is an example only.

    [*PE2] interface loopback 1
[*PE2-LoopBack1] isis prefix-sid index 30
[*PE2-LoopBack1] quit
[*PE2] commit

    After completing the configuration, run the display segment-routing prefix mpls forwarding command on PEs, and you can view that prefix label is in the Active state. In the following example, the command output on PE1 is used.

    [~PE1] display segment-routing prefix mpls forwarding
                   Segment Routing Prefix MPLS Forwarding Information           

             --------------------------------------------------------------     
             Role : I-Ingress, T-Transit, E-Egress, I&T-Ingress And Transit     
Prefix             Label      OutLabel   Interface         NextHop          Role  MPLSMtu   Mtu       State

--------------------------------------------------------------------------------------------------------------
1.1.1.9/32         160010     NULL       Loop1             127.0.0.1        E     ---       1500      Active
2.2.2.9/32         160020     3          10GE1/0/1         172.1.1.2        I&T   ---       1500      Active
3.3.3.9/32         160030     161031     10GE1/0/1         172.1.1.2        I&T   ---       1500      Active
Total information(s): 3

  5. Establish an IBGP peer relationship between PEs.

    # Configure PE1.

    [~PE1] bgp 100
[*PE1-bgp] peer 3.3.3.9 as-number 100
[*PE1-bgp] peer 3.3.3.9 connect-interface loopback 1
[*PE1-bgp] commit
[~PE1-bgp] quit

    # Configure PE2.

    [~PE2] bgp 100
[*PE2-bgp] peer 1.1.1.9 as-number 100
[*PE2-bgp] peer 1.1.1.9 connect-interface loopback 1
[*PE2-bgp] commit
[~PE2-bgp] quit

    After completing the configuration, run the display bgp peer command on PEs, and you can view that BGP peer relationships between PEs have been established and are in the Established state. In the following example, the command output on PE1 is used.

    [~PE1] display bgp peer
 Status codes: * - Dynamic
 BGP local router ID : 1.1.1.9
 Local AS number : 100
 Total number of peers : 1         
 Peers in established state : 1
 Total number of dynamic peers : 0
  Peer            V    AS  MsgRcvd  MsgSent     OutQ  Up/Down    State        PrefRcv
  3.3.3.9         4   100        2        6     0     00:00:12   Established   0

  6. Enable PEs to iterate non-labeled public BGP routes to the SR-MPLS BE tunnel.

    # Configure PE1.

    [~PE1] tunnel-policy p1
[*PE1-tunnel-policy-p1] tunnel select-seq sr-lsp load-balance-number 1
[*PE1-tunnel-policy-p1] quit
[*PE1] route recursive-lookup tunnel tunnel-policy p1
[*PE1] commit

    # Configure PE2.

    [~PE2] tunnel-policy p1
[*PE2-tunnel-policy-p1] tunnel select-seq sr-lsp load-balance-number 1
[*PE2-tunnel-policy-p1] quit
[*PE2] route recursive-lookup tunnel tunnel-policy p1
[*PE2] commit

Configuration Files

  • PE1 configuration file

    #
sysname PE1
#
mpls lsr-id 1.1.1.9
#               
mpls            
#               
segment-routing 
 tunnel-prefer segment-routing
#               
isis 1          
 is-level level-1
 cost-style wide
 network-entity 10.0000.0000.0001.00
 segment-routing mpls
 segment-routing global-block 160000 161000
#               
interface 10GE1/0/1
 undo portswitch
 ip address 172.1.1.1 255.255.255.0
 isis enable 1  
#               
interface LoopBack1
 ip address 1.1.1.9 255.255.255.255
 isis enable 1  
 isis prefix-sid index 10
#               
bgp 100         
 peer 3.3.3.9 as-number 100
 peer 3.3.3.9 connect-interface LoopBack1
 #              
 ipv4-family unicast
  peer 3.3.3.9 enable
#
route recursive-lookup tunnel tunnel-policy p1
#
tunnel-policy p1
 tunnel select-seq sr-lsp load-balance-number 1
#
return

  • P1 configuration file

    #
sysname P1
#
mpls lsr-id 2.2.2.9
#               
mpls            
#               
segment-routing 
 tunnel-prefer segment-routing
#               
isis 1          
 is-level level-1
 cost-style wide
 network-entity 10.0000.0000.0002.00
 segment-routing mpls
 segment-routing global-block 161001 162000
#               
interface 10GE1/0/1
 undo portswitch
 ip address 172.1.1.2 255.255.255.0
 isis enable 1  
#               
interface 10GE1/0/2
 undo portswitch
 ip address 172.2.1.2 255.255.255.0
 isis enable 1  
#               
interface LoopBack1
 ip address 2.2.2.9 255.255.255.255
 isis enable 1  
 isis prefix-sid index 20
#
return

  • PE2 configuration file

    #
sysname PE2
#
mpls lsr-id 3.3.3.9
#               
mpls            
#               
segment-routing 
 tunnel-prefer segment-routing
#               
isis 1          
 is-level level-1
 cost-style wide
 network-entity 10.0000.0000.0003.00
 segment-routing mpls
 segment-routing global-block 162001 163000
#               
interface 10GE1/0/1
 undo portswitch
 ip address 172.2.1.1 255.255.255.0
 isis enable 1  
#               
interface LoopBack1
 ip address 3.3.3.9 255.255.255.255
 isis enable 1  
 isis prefix-sid index 30
#               
bgp 100         
 peer 1.1.1.9 as-number 100
 peer 1.1.1.9 connect-interface LoopBack1
 #              
 ipv4-family unicast
  peer 1.1.1.9 enable
#
route recursive-lookup tunnel tunnel-policy p1
#
tunnel-policy p1
 tunnel select-seq sr-lsp load-balance-number 1
#
return