配置CE非对称接入PE的PW Redundancy示例

S12700 V200R010C00 配置指南-VPN

本文档针对VPN特性，从配置过程和配置举例两方面对特性进行介绍。

评分并提供意见反馈 :

华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言，希望能帮助您更容易理解此文档的内容。请注意：即使是最好的机器翻译，其准确度也不及专业翻译人员的水平。华为对于翻译的准确性不承担任何责任，并建议您参考英文文档（已提供链接）。

配置CE非对称接入PE的PW Redundancy示例

组网需求

如图5-29所示，CE1和CE2属于同一个企业用户，CE1单归接入骨干网设备PE1，CE2通过Eth-Trunk双归接入骨干网设备PE2和PE3。为了满足CE1与CE2之间互通并保证可靠性的要求，PE1与PE2、PE3之间通过PW Redundancy模式提供PW保护。为了提高骨干网链路故障的快速检测，实现PW的快速切换，需要部署BFD检测骨干网链路故障。

请确保该场景下互联接口的STP处于未使能状态。同时将互连接口退出VLAN1，避免形成环路。因为在使能STP的环形网络中，如果用交换机的VLANIF接口构建三层网络，会导致某个端口被阻塞，从而导致三层业务不能正常运行。

缺省情况下，设备上全局使能链路类型自协商功能，若L2VPN使用Vlanif接口作为AC接口，则与该功能相冲突，需要先在系统视图下执行lnp disable命令去使能链路类型自协商功能。
该场景中，CE设备上需要配置相同的VLAN，否则无法互通。

图5-29 配置CE非对称接入PE的PW Redundancy组网图

配置思路

采用如下的思路配置CE非对称接入PE的PW Redundancy：

为实现PE间数据的公网传输，需要在骨干网上配置IGP路由协议实现互通。
PWE3实现依靠MPLS基本功能，故需要在骨干网上的设备配置MPLS基本功能和LDP。
为了满足CE1与CE2之间互通并保证可靠性的要求，需要配置PW Redundancy功能，具体包括配置业务PW和管理PW。
为了提高骨干网链路故障的快速检测，实现PW的快速切换，需要配置BFD检测骨干网链路故障，具体包括配置BFD检测管理PW和配置业务PW绑定管理PW。
配置E-Trunk，协商PW主备关系。为了加快AC侧链路故障检测，还需要配置BFD和E-Trunk绑定。

操作步骤

配置各接口的IP地址

在各设备上配置各接口所属的VLAN以及相关接口IP地址。

# 配置CE1。PE1、PE2、PE3和CE2的配置与CE1类似，不再赘述。

<HUAWEI> system-view
[HUAWEI] sysname CE1
[CE1] vlan 10
[CE1-vlan10] quit
[CE1] interface vlanif 10
[CE1-Vlanif10] ip address 192.168.1.1 255.255.255.0
[CE1-Vlanif10] quit
[CE1] interface gigabitethernet 1/0/0
[CE1-GigabitEthernet1/0/0] port link-type trunk
[CE1-GigabitEthernet1/0/0] port trunk allow-pass vlan 10
[CE1-GigabitEthernet1/0/0] quit

配置IGP，本例中使用OSPF

在PE设备上配置OSPF。

# 配置PE1。PE2和PE3的配置与PE1类似，不再赘述。

[PE1] interface loopback 1
[PE1-LoopBack1] ip address 1.1.1.9 255.255.255.255
[PE1-LoopBack1] quit
[PE1] ospf 1
[PE1-ospf-1] area 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 172.2.1.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit

配置完成后，在PE1、PE2和PE3上执行display ip routing-table命令可以看到已学到彼此的路由。

配置MPLS基本能力和LDP
在PE设备上配置MPLS基本能力和LDP。

# 配置PE1。PE2和PE3的配置与PE1类似，不再赘述。
```
[PE1] mpls lsr-id 1.1.1.9
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1] interface vlanif 100
[PE1-Vlanif100] mpls
[PE1-Vlanif100] mpls ldp
[PE1-Vlanif100] quit
[PE1] interface vlanif 200
[PE1-Vlanif200] mpls
[PE1-Vlanif200] mpls ldp
[PE1-Vlanif200] quit
```
配置完成后，在PE1、PE2和PE3上执行display mpls ldp session命令可以看到PE设备之间的对等体的Status项为“Operational”，即对等体关系已建立。

配置PW Redundancy

包括配置业务PW和管理PW。

配置业务PW

# 配置PE1的主备PW。

[PE1] mpls l2vpn
[PE1-l2vpn] quit
[PE1] interface gigabitethernet 1/0/0
[PE1-GigabitEthernet1/0/0] port link-type trunk
[PE1-GigabitEthernet1/0/0] quit
[PE1] interface gigabitethernet 1/0/0.1
[PE1-GigabitEthernet1/0/0.1] dot1q termination vid 10
[PE1-GigabitEthernet1/0/0.1] mpls l2vc 2.2.2.9 100
[PE1-GigabitEthernet1/0/0.1] mpls l2vc 3.3.3.9 200 secondary
[PE1-GigabitEthernet1/0/0.1] mpls l2vpn redundancy independent
[PE1-GigabitEthernet1/0/0.1] quit

# 配置PE2的主PW和Bypass PW。

[PE2] mpls l2vpn
[PE2-l2vpn] quit
[PE2] interface eth-trunk 10
[PE2-Eth-Trunk10] port link-type trunk
[PE2-Eth-Trunk10] quit
[PE2] interface eth-trunk 10.1
[PE2-Eth-Trunk10.1] dot1q termination vid 10
[PE2-Eth-Trunk10.1] mpls l2vc 1.1.1.9 100
[PE2-Eth-Trunk10.1] mpls l2vc 3.3.3.9 300 bypass
[PE2-Eth-Trunk10.1] quit

# 配置PE3的主PW和Bypass PW。

[PE3] mpls l2vpn
[PE3-l2vpn] quit
[PE3] interface eth-trunk 10
[PE3-Eth-Trunk10] port link-type trunk
[PE3-Eth-Trunk10] quit
[PE3] interface eth-trunk 10.1
[PE3-Eth-Trunk10.1] dot1q termination vid 10
[PE3-Eth-Trunk10.1] mpls l2vc 1.1.1.9 200
[PE3-Eth-Trunk10.1] mpls l2vc 2.2.2.9 300 bypass
[PE3-Eth-Trunk10.1] quit

配置管理PW

# 配置PE1。

[PE1] interface loopback 2
[PE1-LoopBack2] mpls l2vc 2.2.2.9 400 control-word admin
[PE1-LoopBack2] quit
[PE1] interface loopback 3
[PE1-LoopBack3] mpls l2vc 3.3.3.9 500 control-word admin
[PE1-LoopBack3] quit

# 配置PE2。

[PE2] interface loopback 2
[PE2-LoopBack2] mpls l2vc 1.1.1.9 400 control-word admin
[PE2-LoopBack2] quit

# 配置PE3。

[PE3] interface loopback 2
[PE3-LoopBack2] mpls l2vc 1.1.1.9 500 control-word admin
[PE3-LoopBack2] quit

配置BFD检测骨干网链路故障

配置BFD检测管理PW

# 配置PE1。

[PE1] bfd
[PE1-bfd] quit
[PE1] bfd pe1tope2 bind pw interface loopback 2
[PE1-bfd-lsp-session-pe1tope2] wtr 1
[PE1-bfd-lsp-session-pe1tope2] discriminator local 1000
[PE1-bfd-lsp-session-pe1tope2] discriminator remote 1001
[PE1-bfd-lsp-session-pe1tope2] commit
[PE1-bfd-lsp-session-pe1tope2] quit
[PE1] bfd pe1tope3 bind pw interface loopback 3
[PE1-bfd-lsp-session-pe1tope3] wtr 1
[PE1-bfd-lsp-session-pe1tope3] discriminator local 2000
[PE1-bfd-lsp-session-pe1tope3] discriminator remote 2001
[PE1-bfd-lsp-session-pe1tope3] commit
[PE1-bfd-lsp-session-pe1tope3] quit

# 配置PE2。

[PE2] bfd
[PE2-bfd] quit
[PE2] bfd pe2tope1 bind pw interface loopback 2
[PE2-bfd-lsp-session-pe2tope1] wtr 1
[PE2-bfd-lsp-session-pe2tope1] discriminator local 1001
[PE2-bfd-lsp-session-pe2tope1] discriminator remote 1000
[PE2-bfd-lsp-session-pe2tope1] commit
[PE2-bfd-lsp-session-pe2tope1] quit

# 配置PE3。

[PE3] bfd
[PE3-bfd] quit
[PE3] bfd pe3tope1 bind pw interface loopback 2
[PE3-bfd-lsp-session-pe3tope1] wtr 1
[PE3-bfd-lsp-session-pe3tope1] discriminator local 2001
[PE3-bfd-lsp-session-pe3tope1] discriminator remote 2000
[PE3-bfd-lsp-session-pe3tope1] commit
[PE3-bfd-lsp-session-pe3tope1] quit

完成配置后，在PE上执行命令display bfd session all，可以看到BFD会话的状态为Up。

配置业务PW与管理PW的绑定

# 配置PE1。

[PE1] interface gigabitethernet 1/0/0.1
[PE1-GigabitEthernet1/0/0.1] mpls l2vc track admin-vc interface loopback 2
[PE1-GigabitEthernet1/0/0.1] mpls l2vc secondary track admin-vc interface loopback 3
[PE1-GigabitEthernet1/0/0.1] quit

# 配置PE2。

[PE2] interface eth-trunk 10.1
[PE2-Eth-Trunk10.1] mpls l2vc track admin-vc interface loopback 2
[PE2-Eth-Trunk10.1] quit

# 配置PE3。

[PE3] interface eth-trunk 10.1
[PE3-Eth-Trunk10.1] mpls l2vc track admin-vc interface loopback 2
[PE3-Eth-Trunk10.1] quit

协商PW的主备关系

配置Eth-Trunk

# 配置PE2。

[PE2] interface eth-trunk 10
[PE2-Eth-Trunk10] mode lacp
[PE2-Eth-Trunk10] trunkport gigabitethernet 3/0/0
[PE2-Eth-Trunk10] quit

# 配置PE3。

[PE3] interface eth-trunk 10
[PE3-Eth-Trunk10] mode lacp
[PE3-Eth-Trunk10] trunkport gigabitethernet 3/0/0
[PE3-Eth-Trunk10] quit

# 配置CE2。

[CE2] interface eth-trunk 10
[CE2-Eth-Trunk10] mode lacp
[CE2-Eth-Trunk10] port link-type trunk
[CE2-Eth-Trunk10] port trunk allow-pass vlan 10
[CE2-Eth-Trunk10] trunkport gigabitethernet 1/0/0
[CE2-Eth-Trunk10] trunkport gigabitethernet 2/0/0
[CE2-Eth-Trunk10] quit

配置E-Trunk

# 配置PE2。

[PE2] lacp e-trunk system-id 00e0-fc00-1010
[PE2] lacp e-trunk priority 100
[PE2] e-trunk 1
[PE2-e-trunk-1] priority 10
[PE2-e-trunk-1] peer-address 3.3.3.9 source-address 2.2.2.9
[PE2-e-trunk-1] quit
[PE2] interface eth-trunk 10
[PE2-Eth-Trunk10] e-trunk 1
[PE2-Eth-Trunk10] quit

# 配置PE3。

[PE3] lacp e-trunk system-id 00e0-fc00-1010
[PE3] lacp e-trunk priority 100
[PE3] e-trunk 1
[PE3-e-trunk-1] priority 20
[PE3-e-trunk-1] peer-address 2.2.2.9 source-address 3.3.3.9
[PE3-e-trunk-1] quit
[PE3] interface eth-trunk 10
[PE3-Eth-Trunk10] e-trunk 1
[PE3-Eth-Trunk10] quit

配置BFD和E-Trunk绑定

# 配置PE2。

[PE2] bfd hello bind peer-ip 3.3.3.9 source-ip 2.2.2.9
[PE2-bfd-session-hello] discriminator local 100
[PE2-bfd-session-hello] discriminator remote 101
[PE2-bfd-session-hello] commit
[PE2-bfd-session-hello] quit
[PE2] e-trunk 1
[PE2-e-trunk-1] e-trunk track bfd-session session-name hello
[PE2-e-trunk-1] quit

# 配置PE3。

[PE3] bfd hello bind peer-ip 2.2.2.9 source-ip 3.3.3.9
[PE3-bfd-session-hello] discriminator local 101
[PE3-bfd-session-hello] discriminator remote 100
[PE3-bfd-session-hello] commit
[PE3-bfd-session-hello] quit
[PE3] e-trunk 1
[PE3-e-trunk-1] e-trunk track bfd-session session-name hello
[PE3-e-trunk-1] quit

检查配置结果

# 在网络稳定后，在PE上执行命令display mpls l2vc，可以看到建立了L2VC，且状态为Up。以PE1为例。

[PE1]display mpls l2vc
 Total LDP VC : 4     4 up       0 down

 *client interface       : GigabitEthernet1/0/0.1 is up
  Administrator PW       : no
  session state          : up
  AC status              : up
  VC state               : up
  Label state            : 0
  Token state            : 0
  VC ID                  : 100
  VC type                : VLAN
  destination            : 2.2.2.9
  local VC label         : 4098         remote VC label      : 4097
  control word           : disable
  remote control word    : disable
  forwarding entry       : exist
  local group ID         : 0
  remote group ID        : 0
  local AC OAM State     : up
  local PSN OAM State    : up
  local forwarding state : forwarding
  local status code      : 0x0
  remote AC OAM state    : up
  remote PSN OAM state   : up
  remote forwarding state: forwarding
  remote status code     : 0x0
  ignore standby state   : no
  BFD for PW             : unavailable
  VCCV State             : up
  manual fault           : not set
  active state           : active
  link state             : up
  local VC MTU           : 1500         remote VC MTU        : 1500
  local VCCV             : alert ttl lsp-ping bfd
  remote VCCV            : alert ttl lsp-ping bfd
  tunnel policy name     : --
  PW template name       : --
  primary or secondary   : primary
  load balance type      : flow
  Access-port            : false
  Switchover Flag        : false
  VC tunnel/token info   : 1 tunnels/tokens
    NO.0  TNL type       : lsp   , TNL ID : 0xc
    Backup TNL type      : lsp   , TNL ID : 0x0
  create time            : 0 days, 0 hours, 26 minutes, 20 seconds
  up time                : 0 days, 0 hours, 11 minutes, 28 seconds
  last change time       : 0 days, 0 hours, 11 minutes, 28 seconds
  VC last up time        : 2014/04/20 11:48:35
  VC total up time       : 0 days, 0 hours, 11 minutes, 28 seconds
  CKey                   : 2
  NKey                   : 1
  PW redundancy mode     : independent
  AdminPw interface      : LoopBack2
  AdminPw link state     : up
  Diffserv Mode          : uniform
  Service Class          : be
  Color                  : --
  DomainId               : --
  Domain Name            : --

 *client interface       : GigabitEthernet1/0/0.1 is up
  Administrator PW       : no
  session state          : up
  AC status              : up
  VC state               : up
  Label state            : 0
  Token state            : 0
  VC ID                  : 200
  VC type                : VLAN
  destination            : 3.3.3.9
  local VC label         : 4099         remote VC label      : 4099
  control word           : disable
  remote control word    : disable
  forwarding entry       : exist
  local group ID         : 0
  remote group ID        : 0
  local AC OAM State     : up
  local PSN OAM State    : up
  local forwarding state : forwarding
  local status code      : 0x0
  remote AC OAM state    : up
  remote PSN OAM state   : up
  remote forwarding state: forwarding
  remote status code     : 0x20
  ignore standby state   : no
  BFD for PW             : unavailable
  VCCV State             : up
  manual fault           : not set
  active state           : inactive
  link state             : down
  local VC MTU           : 1500         remote VC MTU        : 1500
  local VCCV             : alert ttl lsp-ping bfd
  remote VCCV            : alert ttl lsp-ping bfd
  tunnel policy name     : --
  PW template name       : --
  primary or secondary   : secondary
  load balance type      : flow
  Access-port            : false
  VC tunnel/token info   : 1 tunnels/tokens
    NO.0  TNL type       : lsp   , TNL ID : 0x4
    Backup TNL type      : lsp   , TNL ID : 0x0
  create time            : 0 days, 0 hours, 26 minutes, 26 seconds
  up time                : 0 days, 0 hours, 11 minutes, 38 seconds
  last change time       : 0 days, 0 hours, 11 minutes, 38 seconds
  VC last up time        : 2014/04/20 11:48:35
  VC total up time       : 0 days, 0 hours, 11 minutes, 38 seconds
  CKey                   : 4
  NKey                   : 3
  PW redundancy mode     : independent
  AdminPw interface      : LoopBack3
  AdminPw link state     : up
  Diffserv Mode          : uniform
  Service Class          : be
  Color                  : --
  DomainId               : --
  Domain Name            : --

 *client interface       : LoopBack2 is up
  Administrator PW       : yes
  session state          : up
  AC status              : up
  VC state               : up
  Label state            : 0
  Token state            : 0
  VC ID                  : 400
  VC type                : IP-interworking
  destination            : 2.2.2.9
  local VC label         : 4101         remote VC label      : 4101
  control word           : enable
  remote control word    : enable
  forwarding entry       : exist
  local group ID         : 0
  remote group ID        : 0
  local AC OAM State     : up
  local PSN OAM State    : up
  local forwarding state : forwarding
  local status code      : 0x0
  remote AC OAM state    : up
  remote PSN OAM state   : up
  remote forwarding state: forwarding
  remote status code     : 0x0
  ignore standby state   : no
  BFD for PW             : unavailable
  VCCV State             : up
  manual fault           : not set
  active state           : active
  link state             : up
  local VC MTU           : 1500         remote VC MTU        : 1500
  local VCCV             : cw alert ttl lsp-ping bfd
  remote VCCV            : cw alert ttl lsp-ping bfd
  tunnel policy name     : --
  PW template name       : --
  primary or secondary   : primary
  load balance type      : flow
  Access-port            : false
  Switchover Flag        : false
  VC tunnel/token info   : 1 tunnels/tokens
    NO.0  TNL type       : lsp   , TNL ID : 0xc
    Backup TNL type      : lsp   , TNL ID : 0x0
  create time            : 0 days, 0 hours, 11 minutes, 7 seconds
  up time                : 0 days, 0 hours, 10 minutes, 51 seconds
  last change time       : 0 days, 0 hours, 10 minutes, 51 seconds
  VC last up time        : 2014/04/20 11:49:24
  VC total up time       : 0 days, 0 hours, 10 minutes, 51 seconds
  CKey                   : 5
  NKey                   : 1
  PW redundancy mode     : frr
  Diffserv Mode          : uniform
  Service Class          : be
  Color                  : --
  DomainId               : --
  Domain Name            : --

 *client interface       : LoopBack3 is up
  Administrator PW       : yes
  session state          : up
  AC status              : up
  VC state               : up
  Label state            : 0
  Token state            : 0
  VC ID                  : 500
  VC type                : IP-interworking
  destination            : 3.3.3.9
  local VC label         : 4102         remote VC label      : 4101
  control word           : enable
  remote control word    : enable
  forwarding entry       : exist
  local group ID         : 0
  remote group ID        : 0
  local AC OAM State     : up
  local PSN OAM State    : up
  local forwarding state : forwarding
  local status code      : 0x0
  remote AC OAM state    : up
  remote PSN OAM state   : up
  remote forwarding state: forwarding
  remote status code     : 0x0
  ignore standby state   : no
  BFD for PW             : unavailable
  VCCV State             : up
  manual fault           : not set
  active state           : active
  link state             : up
  local VC MTU           : 1500         remote VC MTU        : 1500
  local VCCV             : cw alert ttl lsp-ping bfd
  remote VCCV            : cw alert ttl lsp-ping bfd
  tunnel policy name     : --
  PW template name       : --
  primary or secondary   : primary
  load balance type      : flow
  Access-port            : false
  Switchover Flag        : false
  VC tunnel/token info   : 1 tunnels/tokens
    NO.0  TNL type       : lsp   , TNL ID : 0x4
    Backup TNL type      : lsp   , TNL ID : 0x0
  create time            : 0 days, 0 hours, 11 minutes, 3 seconds
  up time                : 0 days, 0 hours, 10 minutes, 45 seconds
  last change time       : 0 days, 0 hours, 10 minutes, 45 seconds
  VC last up time        : 2014/04/20 11:49:33
  VC total up time       : 0 days, 0 hours, 10 minutes, 45 seconds
  CKey                   : 6
  NKey                   : 3
  PW redundancy mode     : frr
  Diffserv Mode          : uniform
  Service Class          : be
  Color                  : --
  DomainId               : --
  Domain Name            : --

# 执行Ping操作。

[CE1] ping 192.168.1.2
  PING 192.168.1.2: 56  data bytes, press CTRL_C to break
    Reply from 192.168.1.2: bytes=56 Sequence=1 ttl=255 time=30 ms
    Reply from 192.168.1.2: bytes=56 Sequence=2 ttl=255 time=5 ms
    Reply from 192.168.1.2: bytes=56 Sequence=3 ttl=255 time=22 ms
    Reply from 192.168.1.2: bytes=56 Sequence=4 ttl=255 time=4 ms
    Reply from 192.168.1.2: bytes=56 Sequence=5 ttl=255 time=21 ms

  --- 192.168.1.2 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 4/16/30 ms

# 模拟故障和故障恢复。

故障可以分为如下三种情况：

PE2和PE1之间的骨干网链路故障

# 关闭PE2的GE1/0/0接口，模拟主用PW故障。

本步骤仅为验证配置效果所用，实际配置中请不要这样操作。
```
[PE2] interface gigabitethernet 1/0/0
[PE2-GigabitEthernet1/0/0] shutdown
[PE2-GigabitEthernet1/0/0] quit
```
此时由于主用PW故障，在PE1上执行命令display mpls l2vc，可以看到PE1与PE2之间的管理PW和业务PW的VC状态为down，PE1与PE3之间的管理PW和业务PW的VC状态为up。

# 重新打开PE2的GE1/0/0接口，模拟主用PW所在链路故障恢复。
```
[PE2] interface gigabitethernet 1/0/0
[PE2-GigabitEthernet1/0/0] undo shutdown
[PE2-GigabitEthernet1/0/0] quit
```
此时主用PW所在链路虽然故障恢复，但是主用PW需要一定时间协商建立，此时流量仍然走备份PW。待主用PW协商建立成功后，在PE1上执行命令display mpls l2vc，可以看到PE1与PE2之间的管理PW和业务PW的VC状态变为up。
PE2节点故障（略）
PE2和CE2之间的AC链路故障（略）

配置文件

CE1的配置文件

#
sysname CE1
#
vlan batch 10
#
interface Vlanif10
 ip address 192.168.1.1 255.255.255.0
#
interface GigabitEthernet1/0/0
 port link-type trunk
 port trunk allow-pass vlan 10
#
return

PE1的配置文件

#
sysname PE1
#
vlan batch 100 200
#
bfd
#
mpls lsr-id 1.1.1.9
mpls
#
mpls l2vpn
#
mpls ldp
#
interface Vlanif100
 ip address 172.1.1.1 255.255.255.0
 mpls
 mpls ldp
#
interface Vlanif200
 ip address 172.2.1.1 255.255.255.0
 mpls
 mpls ldp
#
interface GigabitEthernet1/0/0
 port link-type trunk
#
interface GigabitEthernet1/0/0.1
 dot1q termination vid 10
 mpls l2vc 2.2.2.9 100
 mpls l2vc track admin-vc interface LoopBack2
 mpls l2vc 3.3.3.9 200 secondary
 mpls l2vc secondary track admin-vc interface LoopBack3
 mpls l2vpn redundancy independent
#
interface GigabitEthernet2/0/0
 port link-type trunk
 port trunk allow-pass vlan 100
#
interface GigabitEthernet3/0/0
 port link-type trunk
 port trunk allow-pass vlan 200
#
interface LoopBack1
 ip address 1.1.1.9 255.255.255.255
#
interface LoopBack2
 mpls l2vc 2.2.2.9 400 control-word admin
#
interface LoopBack3
 mpls l2vc 3.3.3.9 500 control-word admin
#
ospf 1
 area 0.0.0.0
  network 1.1.1.9 0.0.0.0
  network 172.1.1.0 0.0.0.255
  network 172.2.1.0 0.0.0.255
#
bfd pe1tope2 bind pw interface LoopBack2
 discriminator local 1000
 discriminator remote 1001
 wtr 1
 commit
#
bfd pe1tope3 bind pw interface LoopBack3
 discriminator local 2000
 discriminator remote 2001
 wtr 1
 commit
#
return

PE2的配置文件

#
sysname PE2
#
vlan batch 100 300
#
lacp e-trunk system-id 00e0-fc00-1010
lacp e-trunk priority 100
#
bfd
#
mpls lsr-id 2.2.2.9
mpls
#
mpls l2vpn
#
mpls ldp
#
interface Vlanif100
 ip address 172.1.1.2 255.255.255.0
 mpls
 mpls ldp
#
interface Vlanif300
 ip address 172.3.1.1 255.255.255.0
 mpls
 mpls ldp
#
e-trunk 1
 priority 10
 peer-address 3.3.3.9 source-address 2.2.2.9
 e-trunk track bfd-session session-name hello
#
interface Eth-Trunk10
 port link-type trunk
 mode lacp
 e-trunk 1
#
interface Eth-Trunk10.1
 dot1q termination vid 10
 mpls l2vc 1.1.1.9 100
 mpls l2vc track admin-vc interface LoopBack2
 mpls l2vc 3.3.3.9 300 bypass
#
interface GigabitEthernet1/0/0
 port link-type trunk
 port trunk allow-pass vlan 100
#
interface GigabitEthernet2/0/0
 port link-type trunk
 port trunk allow-pass vlan 300
#
interface GigabitEthernet3/0/0
 eth-trunk 10
#
interface LoopBack1
 ip address 2.2.2.9 255.255.255.255
#
interface LoopBack2
 mpls l2vc 1.1.1.9 400 control-word admin
#
bfd hello bind peer-ip 3.3.3.9 source-ip 2.2.2.9
 discriminator local 100
 discriminator remote 101
 commit
#
ospf 1
 area 0.0.0.0
  network 2.2.2.9 0.0.0.0
  network 172.1.1.0 0.0.0.255
  network 172.3.1.0 0.0.0.255
#
bfd pe2tope1 bind pw interface LoopBack2
 discriminator local 1001
 discriminator remote 1000
 wtr 1
 commit
#
return

PE3的配置文件

#
sysname PE3
#
vlan batch 200 300
#
lacp e-trunk system-id 00e0-fc00-1010
lacp e-trunk priority 100
#
bfd
#
mpls lsr-id 3.3.3.9
mpls
#
mpls l2vpn
#
mpls ldp
#
interface Vlanif200
 ip address 172.2.1.2 255.255.255.0
 mpls
 mpls ldp
#
interface Vlanif300
 ip address 172.3.1.2 255.255.255.0
 mpls
 mpls ldp
#
e-trunk 1
 priority 20
 peer-address 2.2.2.9 source-address 3.3.3.9
 e-trunk track bfd-session session-name hello
#
interface Eth-Trunk10
 port link-type trunk
 mode lacp
 e-trunk 1
#
interface Eth-Trunk10.1
 dot1q termination vid 10
 mpls l2vc 1.1.1.9 200
 mpls l2vc track admin-vc interface LoopBack2
 mpls l2vc 2.2.2.9 300 bypass
#
interface GigabitEthernet1/0/0
 port link-type trunk
 port trunk allow-pass vlan 200
#
interface GigabitEthernet2/0/0
 port link-type trunk
 port trunk allow-pass vlan 300
#
interface GigabitEthernet3/0/0
 eth-trunk 10
#
interface LoopBack1
 ip address 3.3.3.9 255.255.255.255
#
interface LoopBack2
 mpls l2vc 1.1.1.9 500 control-word admin
#
bfd hello bind peer-ip 2.2.2.9 source-ip 3.3.3.9
 discriminator local 101
 discriminator remote 100
 commit
#
ospf 1
 area 0.0.0.0
  network 3.3.3.9 0.0.0.0
  network 172.2.1.0 0.0.0.255
  network 172.3.1.0 0.0.0.255
#
bfd pe3tope1 bind pw interface LoopBack2
 discriminator local 2001
 discriminator remote 2000
 wtr 1
 commit
#
return

CE2的配置文件

#
sysname CE2
#
vlan batch 10
#
interface Vlanif10
 ip address 192.168.1.2 255.255.255.0
#
interface Eth-Trunk10
 port link-type trunk
 port trunk allow-pass vlan 10
 mode lacp
#
interface GigabitEthernet1/0/0
 eth-trunk 10
#
interface GigabitEthernet2/0/0
 eth-trunk 10
#
return

翻译

English

下载文档

更新时间：2021-09-28

文档编号：EDOC1000141378

浏览量：88623

下载量：555

平均得分:

本文档适用于这些产品

数字签名

数字签名验证工具

本文档针对VPN特性，从配置过程和配置举例两方面对特性进行介绍。

组网需求

配置思路

操作步骤

配置文件

相关版本

相关文档

数字签名