评分并提供意见反馈 :
华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言,希望能帮助您更容易理解此文档的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 华为对于翻译的准确性不承担任何责任,并建议您参考英文文档(已提供链接)。
配置Martini方式VLL FRR示例-CE非对称接入
组网需求
如图4-33,运营商MPLS网络为用户提供L2VPN服务,其中PE1、PE2和PE3作为用户接入设备,接入的用户数量较多且后续可能会新增站点,现要求一种适当的VPN方案,为用户提供安全的VPN服务,在接入新用户时配置简单,且保证用户的CE1与CE2有更高的通信稳定性。
请确保该场景下互联接口的STP处于未使能状态。同时将互连接口退出VLAN1,避免形成环路。因为在使能STP的环形网络中,如果用交换机的VLANIF接口构建三层网络,会导致某个端口被阻塞,从而导致三层业务不能正常运行。
缺省情况下,设备上全局使能链路类型自协商功能,若L2VPN使用Vlanif接口作为AC接口,则与该功能相冲突,需要先在系统视图下执行lnp disable命令去使能链路类型自协商功能。
使用lnp disable命令之后,设备重启前对业务没有影响,设备重启后只有命令port default vlan指定的VLAN二层转发可通,其他VLAN二层转发不通。缺省情况下,接口的配置是port default vlan 1,即只有VLAN 1二层转发可通。
配置思路
考虑到用户需要保证CE1与CE2有更高的通信稳定性,可使用VLL FRR来满足这一需要。考虑到后续可能会新增站点,若新增站点并非很多,可选择配置Martini方式VLL FRR。
采用如下的思路配置Martini方式VLL FRR(CE非对称接入)的基本功能:
在骨干网配置OSPF。
在PE1和PE3之间建立MPLS TE隧道;在PE1和PE2之间建立LSP。该PW为主用PW,使用MPLS TE作为隧道。
在PE1和PE2之间建立MPLS LDP会话;在PE1和PE3之间建立远程MPLS LDP会话。该PW为备份PW,使用MPLS LSP作为隧道。
在PE上使用PW模板配置PW。因主用PW使用MPLS TE隧道,配置主用PW时需使用隧道策略。
在PE1和PE2之间,及PE1和PE3之间建立BFD for PW会话,实现BFD故障的检测。
在PE2、PE3上使能物理层故障通告功能,这样当BFD检查到主PW发生故障时,CE双归属侧AC会被down掉,实现L2VPN的流量快速切换到备PW上。检测到当主PW故障恢复时,L2VPN的流量能回切到主PW上。
操作步骤
- 按图1配置各接口所属VLAN和VLANIF接口的IP地址
以CE1为例。
# 配置CE1。PE1、PE2、PE3、P和CE2的配置与CE1类似,不再赘述。
<HUAWEI> system-view [HUAWEI] sysname CE1 [CE1] vlan batch 10 20 [CE1] interface vlanif 10 [CE1-Vlanif10] ip address 10.1.1.1 255.255.255.252 [CE1-Vlanif10] ip address 10.1.2.1 255.255.255.252 sub [CE1-Vlanif10] quit [CE1] interface vlanif 20 [CE1-Vlanif20] ip address 10.1.3.1 255.255.255.0 [CE1-Vlanif20] quit [CE1] interface gigabitethernet 1/0/0 [CE1-GigabitEthernet1/0/0] port link-type trunk [CE1-GigabitEthernet1/0/0] port trunk pvid vlan 10 [CE1-GigabitEthernet1/0/0] port trunk allow-pass vlan 10 [CE1-GigabitEthernet1/0/0] quit [CE1] interface gigabitethernet 1/0/1 [CE1-GigabitEthernet1/0/1] port link-type trunk [CE1-GigabitEthernet1/0/1] port trunk allow-pass vlan 20 [CE1-GigabitEthernet1/0/1] quit
- 在MPLS骨干网上配置IGP协议,实现骨干网PE和P的互通
# 配置PE1。
[PE1] interface loopback 1 [PE1-LoopBack1] ip address 1.1.1.1 32 [PE1-LoopBack1] quit [PE1] ospf 1 [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 100.13.1.0 0.0.0.3 [PE1-ospf-1-area-0.0.0.0] network 100.12.1.0 0.0.0.3 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit
# 配置P。
[P] interface loopback 1 [P-LoopBack1] ip address 4.4.4.4 32 [P-LoopBack1] quit [P] ospf 1 [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] network 100.13.1.0 0.0.0.3 [P-ospf-1-area-0.0.0.0] network 100.34.1.0 0.0.0.3 [P-ospf-1-area-0.0.0.0] network 4.4.4.4 0.0.0.0 [P-ospf-1-area-0.0.0.0] quit [P-ospf-1] quit
# 配置PE3。
[PE3] interface loopback 1 [PE3-LoopBack1] ip address 3.3.3.3 32 [PE3-LoopBack1] quit [PE3] ospf 1 [PE3-ospf-1] area 0 [PE3-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0 [PE3-ospf-1-area-0.0.0.0] network 100.34.1.0 0.0.0.3 [PE3-ospf-1-area-0.0.0.0] quit [PE3-ospf-1] quit
# 配置PE2。
[PE2] interface loopback 1 [PE2-LoopBack1] ip address 2.2.2.2 32 [PE2-LoopBack1] quit [PE2] ospf 1 [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] network 100.12.1.0 0.0.0.3 [PE2-ospf-1-area-0.0.0.0] quit [PE2-ospf-1] quit
配置完成后,在PE上执行display ip routing-table命令,可以看到PE1与PE2之间、PE1与PE3之间互相学到到对方Loopback1接口的路由。
- 在MPLS骨干网上配置MPLS基本能力
在系统上使能MPLS,指定LSR-ID为Loopback1接口的IP地址。在骨干网接口上使能MPLS。
# 配置PE1。PE2、PE3和P的配置与PE1类似,不再赘述。
[PE1] mpls lsr-id 1.1.1.1 [PE1] mpls [PE1-mpls] quit [PE1] interface vlanif 20 [PE1-Vlanif20] mpls [PE1-Vlanif20] quit [PE1] interface vlanif 30 [PE1-Vlanif30] mpls [PE1-Vlanif30] quit
- 在PE1和PE3之间建立MPLS TE隧道,并在PE1和PE2之间建立LSP
# 配置PE1。
[PE1] mpls [PE1-mpls] mpls te [PE1-mpls] mpls rsvp-te [PE1-mpls] mpls te cspf [PE1-mpls] quit [PE1] interface vlanif 20 [PE1-Vlanif20] mpls te [PE1-Vlanif20] mpls rsvp-te [PE1-Vlanif20] quit [PE1] interface tunnel 2 [PE1-Tunnel2] ip address unnumbered interface loopback1 [PE1-Tunnel2] tunnel-protocol mpls te [PE1-Tunnel2] destination 3.3.3.3 [PE1-Tunnel2] mpls te tunnel-id 13 [PE1-Tunnel2] mpls te commit [PE1-Tunnel2] quit [PE1] ospf 1 [PE1-ospf-1] opaque-capability enable [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] mpls-te enable [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit
# 配置P。
[P] mpls [P-mpls] mpls te [P-mpls] mpls rsvp-te [P-mpls] quit [P] interface vlanif 20 [P-Vlanif20] mpls te [P-Vlanif20] mpls rsvp-te [P-Vlanif20] quit [P] interface vlanif 60 [P-Vlanif60] mpls te [P-Vlanif60] mpls rsvp-te [P-Vlanif60] quit [P] ospf 1 [P-ospf-1] opaque-capability enable [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] mpls-te enable [P-ospf-1-area-0.0.0.0] quit [P-ospf-1] quit
# 配置PE3。
[PE3] mpls [PE3-mpls] mpls te [PE3-mpls] mpls rsvp-te [PE3-mpls] mpls te cspf [PE3-mpls] quit [PE3] interface vlanif 60 [PE3-Vlanif60] mpls te [PE3-Vlanif60] mpls rsvp-te [PE3-Vlanif60] quit [PE3] interface tunnel 2 [PE3-Tunnel2] ip address unnumbered interface LoopBack1 [PE3-Tunnel2] tunnel-protocol mpls te [PE3-Tunnel2] destination 1.1.1.1 [PE3-Tunnel2] mpls te tunnel-id 31 [PE3-Tunnel2] mpls te commit [PE3-Tunnel2] quit [PE3] ospf 1 [PE3-ospf-1] opaque-capability enable [PE3-ospf-1] area 0 [PE3-ospf-1-area-0.0.0.0] mpls-te enable [PE3-ospf-1-area-0.0.0.0] quit [PE3-ospf-1] quit
# 配置PE1。
[PE1] mpls ldp [PE1-mpls-ldp] quit [PE1] interface vlanif 30 [PE1-Vlanif30] mpls ldp [PE1-Vlanif30] quit
# 配置PE2。
[PE2] mpls ldp [PE2-mpls-ldp] quit [PE2] interface vlanif 30 [PE2-Vlanif30] mpls ldp [PE2-Vlanif30] quit
上述配置完成后,在PE上执行display tunnel-info all命令,PE1与PE3之间存在MPLS TE隧道、PE1与PE2之间存在MPLS LSP隧道。
以PE1的显示为例。
[PE1] display tunnel-info all * -> Allocated VC Token Tunnel ID Type Destination Token ---------------------------------------------------------------------- 0x15 cr lsp 3.3.3.3 21 0x16 lsp 2.2.2.2 22 0x17 lsp 2.2.2.2 23 0x18 lsp 3.3.3.3 24
- 在PE之间建立远端LDP会话
# 在配置远端LDP会话,指定的IP地址通常为LDP远端对等体的Loopback接口地址。
本例的PE1与PE2直连,无需手工配置它们之间的远端LDP会话。
# 配置PE1。
[PE1] mpls ldp remote-peer 3.3.3.3 [PE1-mpls-ldp-remote-3.3.3.3] remote-ip 3.3.3.3 [PE1-mpls-ldp-remote-3.3.3.3] quit
# 配置PE3。
[PE3] mpls ldp [PE3-mpls-ldp] quit [PE3] mpls ldp remote-peer 1.1.1.1 [PE3-mpls-ldp-remote-1.1.1.1] remote-ip 1.1.1.1 [PE3-mpls-ldp-remote-1.1.1.1] quit
配置完成后,在PE上执行display mpls ldp session命令可以看到远端LDP对等体关系的Status为“Operational”,即远端对等体关系已建立。
以PE1的显示为例:
[PE1] display mpls ldp session LDP Session(s) in Public Network Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM) A '*' before a session means the session is being deleted. ------------------------------------------------------------------------------ PeerID Status LAM SsnRole SsnAge KASent/Rcv ------------------------------------------------------------------------------ 2.2.2.2:0 Operational DU Passive 000:00:03 16/16 3.3.3.3:0 Operational DU Passive 000:00:00 1/1 ------------------------------------------------------------------------------ TOTAL: 2 session(s) Found.
- 在PE上配置隧道策略
# 配置PE1。
[PE1] tunnel-policy p1 [PE1-tunnel-policy-p1] tunnel select-seq cr-lsp load-balance-number 1 [PE1-tunnel-policy-p1] quit
# 配置PE3。
[PE3] tunnel-policy p1 [PE3-tunnel-policy-p1] tunnel select-seq cr-lsp load-balance-number 1 [PE3-tunnel-policy-p1] quit
- 在PE上使用PW模板配置PW
# 在PE1上配置主备PW。在PE2和PE3上创建PW(PE2和PE3上都只有一条PW,不区分主备)。
# 配置PE1。
[PE1] mpls l2vpn [PE1-l2vpn] quit [PE1] pw-template 1to2 [PE1-pw-template-1to2] peer-address 2.2.2.2 [PE1-pw-template-1to2] control-word [PE1-pw-template-1to2] quit [PE1] pw-template 1to3 [PE1-pw-template-1to3] peer-address 3.3.3.3 [PE1-pw-template-1to3] control-word [PE1-pw-template-1to3] quit [PE1] interface gigabitethernet 1/0/0 [PE1-GigabitEthernet1/0/0] undo portswitch [PE1-GigabitEthernet1/0/0] mpls l2vc pw-template 1to3 100 tunnel-policy p1 [PE1-GigabitEthernet1/0/0] mpls l2vc pw-template 1to2 200 secondary [PE1-GigabitEthernet1/0/0] quit
# 配置PE2。
[PE2] mpls l2vpn [PE2-l2vpn] quit [PE2] pw-template 2to1 [PE2-pw-template-2to1] peer-address 1.1.1.1 [PE2-pw-template-2to1] control-word [PE2-pw-template-2to1] quit [PE2] interface gigabitethernet 1/0/0 [PE2-GigabitEthernet1/0/0] undo portswitch [PE2-GigabitEthernet1/0/0] mpls l2vc pw-template 2to1 200 [PE2-GigabitEthernet1/0/0] quit
# 配置PE3。
[PE3] mpls l2vpn [PE3-l2vpn] quit [PE3] pw-template 3to1 [PE3-pw-template-3to1] peer-address 1.1.1.1 [PE3-pw-template-3to1] control-word [PE3-pw-template-3to1] quit [PE3] interface gigabitethernet 1/0/0 [PE3-GigabitEthernet1/0/0] undo portswitch [PE3-GigabitEthernet1/0/0] mpls l2vc pw-template 3to1 100 tunnel-policy p1 [PE3-GigabitEthernet1/0/0] quit
配置完成后,在PE上查看L2VPN连接信息,执行display mpls l2vc命令可以看到主备PW建立成功,其状态都为UP。且主用PW为“Active”,备用PW为“InActive”。
以PE1的显示为例:
[PE1] display mpls l2vc interface gigabitethernet 1/0/0 *client interface : GigabitEthernet1/0/0 is up Administrator PW : no session state : up AC status : up VC state : up Label state : 0 Token state : 0 VC ID : 100 VC type : Ethernet destination : 3.3.3.3 local group ID : 0 remote group ID : 0 local VC label : 4097 remote VC label : 4096 local AC OAM State : up local PSN OAM State : up local forwarding state : forwarding local status code : 0x0 remote AC OAM state : up remote PSN OAM state : up remote forwarding state: forwarding remote status code : 0x0 ignore standby state : no BFD for PW : unavailable VCCV State : up manual fault : not set active state : active forwarding entry : exist link state : up local VC MTU : 1500 remote VC MTU : 1500 local VCCV : cw alert ttl lsp-ping bfd remote VCCV : cw alert ttl lsp-ping bfd local control word : enable remote control word : enable tunnel policy name : p1 PW template name : 1to3 primary or secondary : primary load balance type : flow Access-port : false Switchover Flag : false VC tunnel/token info : 1 tunnels/tokens NO.0 TNL type : cr lsp, TNL ID : 0x15 Backup TNL type : lsp , TNL ID : 0x0 create time : 0 days, 0 hours, 1 minutes, 4 seconds up time : 0 days, 0 hours, 0 minutes, 57 seconds last change time : 0 days, 0 hours, 0 minutes, 57 seconds VC last up time : 2014/12/23 18:49:30 VC total up time : 0 days, 0 hours, 0 minutes, 57 seconds CKey : 2 NKey : 1 PW redundancy mode : frr AdminPw interface : -- AdminPw link state : -- Diffserv Mode : uniform Service Class : be Color : -- DomainId : -- Domain Name : -- *client interface : GigabitEthernet1/0/0 is up Administrator PW : no session state : up AC status : up VC state : up Label state : 0 Token state : 0 VC ID : 200 VC type : Ethernet destination : 2.2.2.2 local group ID : 0 remote group ID : 0 local VC label : 4098 remote VC label : 4097 local AC OAM State : up local PSN OAM State : up local forwarding state : forwarding local status code : 0x0 remote AC OAM state : up remote PSN OAM state : up remote forwarding state: forwarding remote status code : 0x0 ignore standby state : no BFD for PW : unavailable VCCV State : up manual fault : not set active state : inactive forwarding entry : exist link state : up local VC MTU : 1500 remote VC MTU : 1500 local VCCV : cw alert ttl lsp-ping bfd remote VCCV : cw alert ttl lsp-ping bfd local control word : enable remote control word : enable tunnel policy name : -- PW template name : 1to2 primary or secondary : secondary load balance type : flow Access-port : false VC tunnel/token info : 1 tunnels/tokens NO.0 TNL type : lsp , TNL ID : 0x16 Backup TNL type : lsp , TNL ID : 0x0 create time : 0 days, 0 hours, 1 minutes, 4 seconds up time : 0 days, 0 hours, 0 minutes, 59 seconds last change time : 0 days, 0 hours, 0 minutes, 59 seconds VC last up time : 2014/12/23 18:49:28 VC total up time : 0 days, 0 hours, 0 minutes, 59 seconds CKey : 4 NKey : 3 PW redundancy mode : frr AdminPw interface : -- AdminPw link state : -- Diffserv Mode : uniform Service Class : be Color : -- DomainId : -- Domain Name : -- reroute policy : delay 30 s, resume 10 s reason of last reroute : LDP notification message was forwarded time of last reroute : 0 days, 0 hours, 0 minutes, 27 seconds delay timer ID : -- residual time :-- resume timer ID : -- residual time :--
- 配置CE设备的私网互通
在CE2上配置两条缺省路由,优先通过Vlanif50转发数据。
# 配置CE2。
[CE2] ip route-static 0.0.0.0 0.0.0.0 vlanif50 10.1.1.1 [CE2] ip route-static 0.0.0.0 0.0.0.0 vlanif40 10.1.2.1 preference 100
- 在PE之间配置BFD检测PW功能并在PE2、PE3上使能物理层故障通告功能。
本例采用动态BFD检测PW。
# 配置PE1。
[PE1] bfd [PE1-bfd] quit [PE1] bfd for pw enable [PE1] interface gigabitethernet 1/0/0 [PE1-GigabitEthernet1/0/0] mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100 [PE1-GigabitEthernet1/0/0] mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100 secondary [PE1-GigabitEthernet1/0/0] quit
# 配置PE2。
[PE2] bfd [PE2-bfd] quit [PE2] bfd for pw enable [PE2] interface gigabitethernet 1/0/0 [PE2-GigabitEthernet1/0/0] mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100 [PE2-GigabitEthernet1/0/0] mpls l2vpn trigger if-down [PE2-GigabitEthernet1/0/0] quit
# 配置PE3。
[PE3] bfd [PE3-bfd] quit [PE3] bfd for pw enable [PE3] interface gigabitethernet 1/0/0 [PE3-GigabitEthernet1/0/0] mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100 [PE3-GigabitEthernet1/0/0] mpls l2vpn trigger if-down [PE3-GigabitEthernet1/0/0] quit
配置完成后,PE1与PE2之间,PE1与PE3之间建立BFD会话。执行display bfd session all命令,可以看到State为Up。
以PE1的显示为例。
[PE1] display bfd session all -------------------------------------------------------------------------------- Local Remote PeerIpAddr State Type InterfaceName -------------------------------------------------------------------------------- 8192 8192 --.--.--.-- Up D_PW(M) GigabitEthernet1/0/0 8193 8192 --.--.--.-- Up D_PW(S) GigabitEthernet1/0/0 -------------------------------------------------------------------------------- Total UP/DOWN Session Number : 2/0
执行display bfd configuration all命令,可以看到BFD的配置信息,并且Commit状态为True。
[PE1] display bfd configuration all -------------------------------------------------------------------------------- CFG Name CFG Type LocalDiscr MIndex SessNum Commit AdminDown -------------------------------------------------------------------------------- dyn_8192 Dynamic 8192 256 1 True False dyn_8193 Dynamic 8193 257 1 True False -------------------------------------------------------------------------------- Total Commit/Uncommit CFG Number : 2/0 - 检查配置结果
# 如果配置成功,在PE1上执行命令display mpls l2vc interface,主用PW状态为“Active”,备份PW状态为“InActive”,主备PW的BFD for PW状态为“available”。
[PE1] display mpls l2vc interface gigabitethernet 1/0/0 *client interface : GigabitEthernet1/0/0 is up Administrator PW : no session state : up AC status : up VC state : up Label state : 0 Token state : 0 VC ID : 100 VC type : Ethernet destination : 3.3.3.3 local group ID : 0 remote group ID : 0 local VC label : 21504 remote VC label : 21504 local AC OAM State : up local PSN OAM State : up local forwarding state : forwarding local status code : 0x0 remote AC OAM state : up remote PSN OAM state : up remote forwarding state: forwarding remote status code : 0x0 ignore standby state : no Dynamic BFD for PW : enable Detect Multipier : 3 Min Transit Interval : 100 Max Receive Interval : 100 Dynamic BFD Session : built BFD for PW : available BFD sessionIndex : 256 BFD state : up VCCV State : up manual fault : not set active state : active forwarding entry : exist link state : up local VC MTU : 1500 remote VC MTU : 1500 local VCCV : cw alert ttl lsp-ping bfd remote VCCV : cw alert ttl lsp-ping bfd local control word : enable remote control word : enable tunnel policy name : p1 PW template name : 1to3 primary or secondary : primary load balance type : flow Access-port : false Switchover Flag : false VC tunnel/token info : 1 tunnels/tokens NO.0 TNL type : cr lsp, TNL ID : 0x42002000 Backup TNL type : lsp , TNL ID : 0x0 create time : 0 days, 1 hours, 5 minutes, 19 seconds up time : 0 days, 0 hours, 43 minutes, 33 seconds last change time : 0 days, 0 hours, 43 minutes, 33 seconds VC last up time : 2008-07-24 12:31:31 VC total up time : 0 days, 2 hours, 12 minutes, 51 seconds CKey : 16 NKey : 15 PW redundancy mode : frr AdminPw interface : -- AdminPw link state : -- Diffserv Mode : uniform Service Class : be Color : -- DomainId : -- Domain Name : -- *client interface : GigabitEthernet1/0/0 is up Administrator PW : no session state : up AC status : up VC state : up Label state : 0 Token state : 0 VC ID : 200 VC type : Ethernet destination : 2.2.2.2 local group ID : 0 remote group ID : 0 local VC label : 21505 remote VC label : 21505 local AC OAM State : up local PSN OAM State : up local forwarding state : forwarding local status code : 0x0 remote AC OAM state : up remote PSN OAM state : up remote forwarding state: forwarding remote status code : 0x0 ignore standby state : no Dynamic BFD for PW : enable Detect Multipier : 3 Min Transit Interval : 100 Max Receive Interval : 100 Dynamic BFD Session : built BFD for PW : available BFD sessionIndex : 257 BFD state : up VCCV State : up manual fault : not set active state : inactive forwarding entry : exist link state : up local VC MTU : 1500 remote VC MTU : 1500 local VCCV : cw alert ttl lsp-ping bfd remote VCCV : cw alert ttl lsp-ping bfd local control word : enable remote control word : enable tunnel policy name : -- PW template name : 1to2 primary or secondary : secondary load balance type : flow Access-port : false VC tunnel/token info : 1 tunnels/tokens NO.0 TNL type : lsp , TNL ID : 0x2002001 Backup TNL type : lsp , TNL ID : 0x0 create time : 0 days, 1 hours, 4 minutes, 31 seconds up time : 0 days, 0 hours, 43 minutes, 44 seconds last change time : 0 days, 0 hours, 43 minutes, 44 seconds VC last up time : 2008-07-24 12:31:31 VC total up time : 0 days, 2 hours, 12 minutes, 51 seconds CKey : 17 NKey : 18 PW redundancy mode : frr AdminPw interface : -- AdminPw link state : -- Diffserv Mode : uniform Service Class : be Color : -- DomainId : -- Domain Name : -- reroute policy : delay 30 s, resume 10 s reason of last reroute : LDP notification message was forwarded time of last reroute : 0 days, 0 hours, 43 minutes, 2 seconds delay timer ID : -- residual time :-- resume timer ID : -- residual time :--
# 在CE2上执行display ip routing-table命令,可以看到CE2的缺省路由出接口为Vlanif50。即,流量从主路径上传输。以CE2的显示为例:
[CE2] display ip routing-table 0.0.0.0 Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Table : Public Summary Count : 1 Destination/Mask Proto Pre Cost Flags NextHop Interface 0.0.0.0/0 Static 60 0 D 10.1.1.1 Vlanif50CE2可以Ping通CE1上的地址10.1.3.1。
# 在PE3的GigabitEthernet2/0/1上手工设置故障。
[PE3] interface gigabitethernet 2/0/1 [PE3-GigabitEthernet2/0/1] shutdown [PE3-GigabitEthernet2/0/1] quit
# 在PE1上执行命令display bfd session all,主用PW的BFD会话为Down。
[PE1] display bfd session all -------------------------------------------------------------------------------- Local Remote PeerIpAddr State Type InterfaceName -------------------------------------------------------------------------------- 8193 8192 --.--.--.-- Up D_PW(S) GigabitEthernet1/0/0 -------------------------------------------------------------------------------- Total UP/DOWN Session Number : 1/0
# 在PE1上执行命令display mpls l2vc interface,主用PW变为“InActive”,备份PW变为“Active”。
[PE1] display mpls l2vc interface gigabitethernet 1/0/0 *client interface : GigabitEthernet1/0/0 is up Administrator PW : no session state : down AC status : up VC state : down Label state : 0 Token state : 0 VC ID : 100 VC type : Ethernet destination : 3.3.3.3 local group ID : 0 remote group ID : 0 local VC label : 21504 remote VC label : 0 local AC OAM State : up local PSN OAM State : up local forwarding state : not forwarding local status code : 0x1 Dynamic BFD for PW : enable Detect Multipier : 3 Min Transit Interval : 100 Max Receive Interval : 100 Dynamic BFD Session : not built BFD for PW : unavailable VCCV State : up manual fault : not set active state : inactive forwarding entry : not exist link state : down local VC MTU : 1500 remote VC MTU : 0 local VCCV : cw alert ttl lsp-ping bfd remote VCCV : none local control word : enable remote control word : none tunnel policy name : p1 PW template name : 1to3 primary or secondary : primary load balance type : flow Access-port : false Switchover Flag : false VC tunnel/token info : 0 tunnels/tokens Backup TNL type : lsp , TNL ID : 0x0 create time : 0 days, 1 hours, 5 minutes, 19 seconds up time : 0 days, 0 hours, 43 minutes, 33 seconds last change time : 0 days, 0 hours, 43 minutes, 33 seconds VC last up time : 2008-07-24 12:31:31 VC total up time : 0 days, 2 hours, 12 minutes, 51 seconds CKey : 16 NKey : 15 PW redundancy mode : frr AdminPw interface : -- AdminPw link state : -- Diffserv Mode : uniform Service Class : be Color : -- DomainId : -- Domain Name : -- *client interface : GigabitEthernet1/0/0 is up Administrator PW : no session state : up AC status : up VC state : up Label state : 0 Token state : 0 VC ID : 200 VC type : Ethernet destination : 2.2.2.2 local group ID : 0 remote group ID : 0 local VC label : 21505 remote VC label : 21505 local AC OAM State : up local PSN OAM State : up local forwarding state : forwarding local status code : 0x0 remote AC OAM state : up remote PSN OAM state : up remote forwarding state: forwarding remote status code : 0x0 ignore standby state : no Dynamic BFD for PW : enable Detect Multipier : 3 Min Transit Interval : 100 Max Receive Interval : 100 Dynamic BFD Session : built BFD for PW : available BFD sessionIndex : 257 BFD state : up VCCV State : up manual fault : not set active state : active forwarding entry : exist link state : up local VC MTU : 1500 remote VC MTU : 1500 local VCCV : cw alert ttl lsp-ping bfd remote VCCV : cw alert ttl lsp-ping bfd local control word : enable remote control word : enable tunnel policy name : -- PW template name : 1to2 primary or secondary : secondary load balance type : flow Access-port : false VC tunnel/token info : 1 tunnels/tokens NO.0 TNL type : lsp , TNL ID : 0x2002001 Backup TNL type : lsp , TNL ID : 0x0 create time : 0 days, 1 hours, 4 minutes, 31 seconds up time : 0 days, 0 hours, 43 minutes, 44 seconds last change time : 0 days, 0 hours, 43 minutes, 44 seconds VC last up time : 2008-07-24 12:31:31 VC total up time : 0 days, 2 hours, 12 minutes, 51 seconds CKey : 17 NKey : 18 PW redundancy mode : frr AdminPw interface : -- AdminPw link state : -- Diffserv Mode : uniform Service Class : be Color : -- DomainId : -- Domain Name : -- reroute policy : delay 30 s, resume 10 s reason of last reroute : LDP notification message was forwarded time of last reroute : 0 days, 0 hours, 43 minutes, 2 seconds delay timer ID : -- residual time :-- resume timer ID : -- residual time :--
# 查看CE2上的路由表,缺省路由出接口变为Vlanif40。即,L2VPN的流量被切换到备份路径上。
[CE2] display ip routing-table 0.0.0.0 Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Table : Public Summary Count : 1 Destination/Mask Proto Pre Cost Flags NextHop Interface 0.0.0.0/0 Static 100 0 D 10.1.2.1 Vlanif40# 在PE3的GigabitEthernet2/0/1上取消手工设置的故障。
[PE3] interface gigabitethernet 2/0/1 [PE3-GigabitEthernet2/0/1] undo shutdown [PE3-GigabitEthernet2/0/1] quit
# 在网络稳定后,再次查看CE2上的路由表,缺省路由出接口变为Vlanif50。即,L2VPN的流量被切换回主用路径上。
[CE2] display ip routing-table 0.0.0.0 Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Table : Public Summary Count : 1 Destination/Mask Proto Pre Cost Flags NextHop Interface 0.0.0.0/0 Static 60 0 D 10.1.1.1 Vlanif50
配置文件
CE1的配置文件
# sysname CE1 # vlan batch 10 20 # interface Vlanif10 ip address 10.1.1.1 255.255.255.252 ip address 10.1.2.1 255.255.255.252 sub # interface Vlanif20 ip address 10.1.3.1 255.255.255.0 # interface GigabitEthernet1/0/0 port link-type trunk port trunk pvid vlan 10 port trunk allow-pass vlan 10 # interface GigabitEthernet1/0/1 port link-type trunk port trunk allow-pass vlan 20 # return
CE2的配置文件
# sysname CE2 # vlan batch 40 50 # interface Vlanif40 ip address 10.1.2.2 255.255.255.252 # interface Vlanif50 ip address 10.1.1.2 255.255.255.252 # interface GigabitEthernet1/0/0 port link-type trunk port trunk pvid vlan 50 port trunk allow-pass vlan 50 # interface GigabitEthernet1/0/1 port link-type trunk port trunk pvid vlan 40 port trunk allow-pass vlan 40 # ip route-static 0.0.0.0 0.0.0.0 Vlanif50 10.1.1.1 ip route-static 0.0.0.0 0.0.0.0 Vlanif40 10.1.2.1 preference 100 # return
PE1的配置文件
# sysname PE1 # vlan batch 20 30 # bfd for pw enable # bfd # mpls lsr-id 1.1.1.1 mpls mpls te mpls rsvp-te mpls te cspf # mpls l2vpn # pw-template 1to2 peer-address 2.2.2.2 control-word # pw-template 1to3 peer-address 3.3.3.3 control-word # mpls ldp # mpls ldp remote-peer 3.3.3.3 remote-ip 3.3.3.3 # interface Vlanif20 ip address 100.13.1.1 255.255.255.252 mpls mpls te mpls rsvp-te # interface Vlanif30 ip address 100.12.1.1 255.255.255.252 mpls mpls ldp # interface GigabitEthernet1/0/0 undo portswitch mpls l2vc pw-template 1to3 100 tunnel-policy p1 mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100 mpls l2vc pw-template 1to2 200 secondary mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100 secondary # interface GigabitEthernet2/0/1 port link-type trunk port trunk allow-pass vlan 20 # interface GigabitEthernet2/0/2 port link-type trunk port trunk allow-pass vlan 30 # interface LoopBack1 ip address 1.1.1.1 255.255.255.255 # interface Tunnel2 ip address unnumbered interface LoopBack1 tunnel-protocol mpls te destination 3.3.3.3 mpls te tunnel-id 13 mpls te commit # ospf 1 opaque-capability enable area 0.0.0.0 network 1.1.1.1 0.0.0.0 network 100.12.1.0 0.0.0.3 network 100.13.1.0 0.0.0.3 mpls-te enable # tunnel-policy p1 tunnel select-seq cr-lsp load-balance-number 1 # return
P的配置文件
# sysname P # vlan batch 20 60 # mpls lsr-id 4.4.4.4 mpls mpls te mpls rsvp-te # interface Vlanif20 ip address 100.13.1.2 255.255.255.252 mpls mpls te mpls rsvp-te # interface Vlanif60 ip address 100.34.1.1 255.255.255.252 mpls mpls te mpls rsvp-te # interface GigabitEthernet2/0/1 port link-type trunk port trunk allow-pass vlan 20 # interface GigabitEthernet2/0/2 port link-type trunk port trunk allow-pass vlan 60 # interface LoopBack1 ip address 4.4.4.4 255.255.255.255 # ospf 1 opaque-capability enable area 0.0.0.0 network 4.4.4.4 0.0.0.0 network 100.13.1.0 0.0.0.3 network 100.34.1.0 0.0.0.3 mpls-te enable # return
PE3的配置文件
# sysname PE3 # vlan batch 60 # bfd for pw enable # bfd # mpls lsr-id 3.3.3.3 mpls mpls te mpls rsvp-te mpls te cspf # mpls l2vpn # pw-template 3to1 peer-address 1.1.1.1 control-word # mpls ldp # mpls ldp remote-peer 1.1.1.1 remote-ip 1.1.1.1 # interface Vlanif60 ip address 100.34.1.2 255.255.255.252 mpls mpls te mpls rsvp-te # interface GigabitEthernet1/0/0 undo portswitch mpls l2vc pw-template 3to1 100 tunnel-policy p1 mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100 mpls l2vpn trigger if-down # interface GigabitEthernet2/0/1 port link-type trunk port trunk allow-pass vlan 60 # interface LoopBack1 ip address 3.3.3.3 255.255.255.255 # interface Tunnel2 ip address unnumbered interface LoopBack1 tunnel-protocol mpls te destination 1.1.1.1 mpls te tunnel-id 31 mpls te commit # ospf 1 opaque-capability enable area 0.0.0.0 network 3.3.3.3 0.0.0.0 network 100.34.1.0 0.0.0.3 mpls-te enable # tunnel-policy p1 tunnel select-seq cr-lsp load-balance-number 1 # return
PE2的配置文件
# sysname PE2 # vlan batch 30 # bfd for pw enable # bfd # mpls lsr-id 2.2.2.2 mpls # mpls l2vpn # pw-template 2to1 peer-address 1.1.1.1 control-word # mpls ldp # interface Vlanif30 ip address 100.12.1.2 255.255.255.252 mpls mpls ldp # interface GigabitEthernet1/0/0 undo portswitch mpls l2vc pw-template 2to1 200 mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100 mpls l2vpn trigger if-down # interface GigabitEthernet2/0/2 port link-type trunk port trunk allow-pass vlan 30 # interface LoopBack1 ip address 2.2.2.2 255.255.255.255 # ospf 1 area 0.0.0.0 network 2.2.2.2 0.0.0.0 network 100.12.1.0 0.0.0.3 # return
