所选语种没有对应资源,请选择:
企业业务网站
选择区域/语言
Huawei Global - English
技术支持 文档中心
S12700 V200R013C00 配置指南-以太网交换

本文档针对设备的以太网业务,主要包括MAC配置、链路聚合配置、VLAN配置、VLAN聚合配置、MUX VLAN配置、VLAN终结配置、Voice VLAN配置、VLAN mapping配置、QinQ配置、GVRP配置、VCMP配置、STP/RSTP/MSTP配置、VBST配置、SEP配置、RRPP配置、ERPS配置、Loopback Detection配置和二层协议透明传输配置。

华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言,希望能帮助您更容易理解此文档的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 华为对于翻译的准确性不承担任何责任,并建议您参考英文文档(已提供链接)。
配置QinQ终结子接口接入L3VPN示例

配置QinQ终结子接口接入L3VPN示例

组网需求

图8-14,CE1、CE3属于VPN-A,CE2、CE4属于VPN-B;VPN-A使用的VPN-target属性为111:1,VPN-B使用的VPN-target属性为222:2。不同VPN用户之间不能互相访问。

Switch与CE侧接口配置灵活QinQ,对CE发送过来的报文打上运营商指定允许通过的外层VLAN Tag。

Switch连接多个CE时,对不同CE发送过来的不同的VLAN Tag报文打上相同的外层VLAN Tag,还可以达到节省公网VLAN数量的目的。

图8-14  配置QinQ终结子接口接入L3VPN组网图

Switch

接口

对应的三层接口

IP地址

PE1

GigabitEthernet1/0/0

GigabitEthernet1/0/0.1

10.1.1.2/24

-

GigabitEthernet2/0/0

GigabitEthernet2/0/0.1

10.2.1.2/24

-

GigabitEthernet3/0/0

VLANIF30

7.7.7.7/24

PE2

GigabitEthernet1/0/0

GigabitEthernet1/0/0.1

10.3.1.2/24

-

GigabitEthernet2/0/0

GigabitEthernet2/0/0.1

10.4.1.2/24

-

GigabitEthernet3/0/0

VLANIF60

6.6.6.7/24

P

GigabitEthernet1/0/0

VLANIF30

7.7.7.8/24

-

GigabitEthernet2/0/0

VLANIF60

6.6.6.6/24

CE1

GigabitEthernet1/0/0

VLANIF10

10.1.1.1/24

CE2

GigabitEthernet1/0/0

VLANIF20

10.2.1.1/24

CE3

GigabitEthernet1/0/0

VLANIF10

10.3.1.1/24

CE4

GigabitEthernet1/0/0

VLANIF20

10.4.1.1/24

配置思路

采用如下的思路配置QinQ子接口接入L3VPN:

  1. 骨干网中,与CE相连的PE上需配置VPN实例,并把与CE相连的接口和相应的VPN实例绑定;绑定之后配置与CE相连的接口的IP地址。

  2. PE与PE之间配置OSPF实现PE之间的互通。

  3. 配置MPLS基本能力和MPLS LDP,建立MPLS LSP。

  4. 配置MP-IBGP交换VPN路由信息。

  5. CE与PE之间配置EBGP交换VPN路由信息。

  6. 在PE连接Switch的接口上配置QinQ子接口接入L3VPN。

  7. Switch连接CE的接口上配置灵活QinQ。

VCMP的角色是Client时,不能配置VLAN终结子接口。

操作步骤

  1. Switch的接口上配置灵活QinQ和允许通过的VLAN

    # 配置Switch1。

    <HUAWEI> system-view
[HUAWEI] sysname Switch1
[Switch1] vlan 100
[Switch1-vlan100] quit
[Switch1] interface GigabitEthernet 2/0/0
[Switch1-GigabitEthernet2/0/0] port link-type hybrid
[Switch1-GigabitEthernet2/0/0] port hybrid tagged vlan 100
[Switch1-GigabitEthernet2/0/0] quit
[Switch1] interface GigabitEthernet 1/0/0
[Switch1-GigabitEthernet1/0/0] port link-type hybrid
[Switch1-GigabitEthernet1/0/0] port hybrid untagged vlan 100
[Switch1-GigabitEthernet1/0/0] port vlan-stacking vlan 10 stack-vlan 100
[Switch1-GigabitEthernet1/0/0] quit

    # 配置Switch2。

    <HUAWEI> system-view
[HUAWEI] sysname Switch2
[Switch2] vlan 200
[Switch2-vlan200] quit
[Switch2] interface GigabitEthernet 2/0/0
[Switch2-GigabitEthernet2/0/0] port link-type hybrid
[Switch2-GigabitEthernet2/0/0] port hybrid tagged vlan 200
[Switch2-GigabitEthernet2/0/0] quit
[Switch2] interface GigabitEthernet 1/0/0
[Switch2-GigabitEthernet1/0/0] port link-type hybrid
[Switch2-GigabitEthernet1/0/0] port hybrid untagged vlan 200
[Switch2-GigabitEthernet1/0/0] port vlan-stacking vlan 20 stack-vlan 200
[Switch2-GigabitEthernet1/0/0] quit

    # 配置Switch3。

    <HUAWEI> system-view
[HUAWEI] sysname Switch3
[Switch3] vlan 100
[Switch3-vlan100] quit
[Switch3] interface GigabitEthernet 2/0/0
[Switch3-GigabitEthernet2/0/0] port link-type hybrid
[Switch3-GigabitEthernet2/0/0] port hybrid tagged vlan 100
[Switch3-GigabitEthernet2/0/0] quit
[Switch3] interface GigabitEthernet 1/0/0
[Switch3-GigabitEthernet1/0/0] port link-type hybrid
[Switch3-GigabitEthernet1/0/0] port hybrid untagged vlan 100
[Switch3-GigabitEthernet1/0/0] port vlan-stacking vlan 10 stack-vlan 100
[Switch3-GigabitEthernet1/0/0] quit

    # 配置Switch4。

    <HUAWEI> system-view
[HUAWEI] sysname Switch4
[Switch4] vlan 200
[Switch4-vlan200] quit
[Switch4] interface GigabitEthernet 2/0/0
[Switch4-GigabitEthernet2/0/0] port link-type hybrid
[Switch4-GigabitEthernet2/0/0] port hybrid tagged vlan 200
[Switch4-GigabitEthernet2/0/0] quit
[Switch4] interface GigabitEthernet 1/0/0
[Switch4-GigabitEthernet1/0/0] port link-type hybrid
[Switch4-GigabitEthernet1/0/0] port hybrid untagged vlan 200
[Switch4-GigabitEthernet1/0/0] port vlan-stacking vlan 20 stack-vlan 200
[Switch4-GigabitEthernet1/0/0] quit

  2. 在MPLS骨干网上配置IGP协议,实现骨干网PE和P的互通

    # 配置PE1。

    <HUAWEI> system-view
[HUAWEI] sysname PE1
[PE1] router id 1.1.1.1
[PE1] interface loopback 1
[PE1-LoopBack1] ip address 1.1.1.1 32
[PE1-LoopBack1] quit
[PE1] vlan batch 30
[PE1] interface gigabitethernet 3/0/0
[PE1-GigabitEthernet3/0/0] port link-type hybrid
[PE1-GigabitEthernet3/0/0] port hybrid pvid vlan 30
[PE1-GigabitEthernet3/0/0] port hybrid untagged vlan 30 
[PE1-GigabitEthernet3/0/0] quit
[PE1] interface vlanif 30
[PE1-Vlanif30] ip address 7.7.7.7 24
[PE1-Vlanif30] quit
[PE1] ospf
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 7.7.7.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit

    # 配置P。

    <HUAWEI> system-view
[HUAWEI] sysname P
[P] router id 2.2.2.2
[P] interface loopback 1
[P-LoopBack1] ip address 2.2.2.2 32
[P-LoopBack1] quit
[P] vlan batch 30 60
[P] interface gigabitethernet 1/0/0 
[P-GigabitEthernet1/0/0] port link-type hybrid
[P-GigabitEthernet1/0/0] port hybrid pvid vlan 30
[P-GigabitEthernet1/0/0] port hybrid untagged vlan 30
[P-GigabitEthernet1/0/0] quit
[P] interface gigabitethernet 2/0/0 
[P-GigabitEthernet2/0/0] port link-type hybrid
[P-GigabitEthernet2/0/0] port hybrid pvid vlan 60
[P-GigabitEthernet2/0/0] port hybrid untagged vlan 60
[P-GigabitEthernet2/0/0] quit
[P] interface vlanif 30
[P-Vlanif30] ip address 7.7.7.8 24
[P-Vlanif30] quit
[P] interface vlanif 60
[P-Vlanif60] ip address 6.6.6.6 24
[P-Vlanif60] quit
[P] ospf
[P-ospf-1] area 0
[P-ospf-1-area-0.0.0.0] network 7.7.7.0 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 6.6.6.0 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[P-ospf-1-area-0.0.0.0] quit
[P-ospf-1] quit

    # 配置PE2。

    <HUAWEI> system-view
[HUAWEI] sysname PE2
[PE2] router id 3.3.3.3
[PE2] interface loopback 1
[PE2-LoopBack1] ip address 3.3.3.3 32
[PE2-LoopBack1] quit
[PE2] vlan batch 60
[PE2] interface gigabitethernet 3/0/0 
[PE2-GigabitEthernet3/0/0] port link-type hybrid
[PE2-GigabitEthernet3/0/0] port hybrid pvid vlan 60
[PE2-GigabitEthernet3/0/0] port hybrid untagged vlan 60
[PE2-GigabitEthernet3/0/0] quit
[PE2] interface vlanif 60
[PE2-Vlanif60] ip address 6.6.6.7 24
[PE2-Vlanif60] quit
[PE2] ospf
[PE2-ospf-1] area 0
[PE2-ospf-1-area-0.0.0.0] network 6.6.6.0 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] quit

    配置完成后,PE1和P、P和PE2之间应能建立OSPF邻居关系,执行display ospf peer命令可以看到邻居状态为Full。执行display ip routing-table命令可以看到PE之间学习到对方的Loopback1路由。

    以PE1的显示为例:

    [PE1] display ip routing-table
Route Flags: R - relay, D - download to fib, T - to vpn-instance
------------------------------------------------------------------------------
Routing Tables: Public
          Destinations : 8        Routes : 8

  Destination/Mask    Proto  Pre  Cost     Flags NextHop         Interface

         1.1.1.1/32   Direct 0    0           D  127.0.0.1       LoopBack1
         2.2.2.2/32   OSPF   10   1           D  7.7.7.8         Vlanif30
         3.3.3.3/32   OSPF   10   2           D  7.7.7.8         Vlanif30
         6.6.6.0/24   OSPF   10   2           D  7.7.7.8         Vlanif30
         7.7.7.0/24   Direct 0    0           D  7.7.7.7         Vlanif30
         7.7.7.7/32   Direct 0    0           D  127.0.0.1       Vlanif30
        127.0.0.0/8   Direct 0    0           D  127.0.0.1       InLoopBack0
       127.0.0.1/32   Direct 0    0           D  127.0.0.1       InLoopBack0

    [PE1] display ospf peer

          OSPF Process 1 with Router ID 1.1.1.1
                  Neighbors

 Area 0.0.0.0 interface 7.7.7.7(Vlanif30)'s neighbors
 Router ID: 2.2.2.2          Address: 7.7.7.8
   State: Full  Mode:Nbr is  Master  Priority: 1
   DR: 7.7.7.8  BDR: 7.7.7.7  MTU: 0
   Dead timer due in 37  sec
   Retrans timer interval: 5
   Neighbor is up for 00:00:20
   Authentication Sequence: [ 0 ]

  3. 在MPLS骨干网上配置MPLS基本能力和MPLS LDP,建立LDP LSP

    # 配置PE1。

    [PE1] mpls lsr-id 1.1.1.1
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1] interface vlanif 30
[PE1-Vlanif30] mpls
[PE1-Vlanif30] mpls ldp
[PE1-Vlanif30] quit

    # 配置P。

    [P] mpls lsr-id 2.2.2.2
[P] mpls
[P-mpls] quit
[P] mpls ldp
[P-mpls-ldp] quit
[P] interface vlanif 30
[P-Vlanif30] mpls
[P-Vlanif30] mpls ldp
[P-Vlanif30] quit
[P] interface vlanif 60
[P-Vlanif60] mpls
[P-Vlanif60] mpls ldp
[P-Vlanif60] quit

    # 配置PE2。

    [PE2] mpls lsr-id 3.3.3.3
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp
[PE2-mpls-ldp] quit
[PE2] interface vlanif 60
[PE2-Vlanif60] mpls
[PE2-Vlanif60] mpls ldp
[PE2-Vlanif60] quit

    上述配置完成后,PE1与P、P与PE2之间应能建立LDP会话,执行display mpls ldp session命令可以看到显示结果中Status项为“Operational”。执行display mpls ldp lsp命令,可以看到LDP LSP的建立情况。

    以PE1的显示为例:

    [PE1] display mpls ldp session
 LDP Session(s) in Public Network
 Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
 A '*' before a session means the session is being deleted.
 ------------------------------------------------------------------------------
 PeerID            Status      LAM  SsnRole  SsnAge      KASent/Rcv
 ------------------------------------------------------------------------------
 2.2.2.2:0          Operational DU Passive  0000:15:29   3717/3717
 ------------------------------------------------------------------------------
 TOTAL: 1 session(s) Found.

    [PE1] display mpls ldp lsp

LDP LSP Information
 -------------------------------------------------------------------------------
 Flag after Out IF: (I) - LSP Is Only Iterated by RLFA
 -------------------------------------------------------------------------------
 DestAddress/Mask   In/OutLabel   UpstreamPeer     NextHop     OutInterface   
 -------------------------------------------------------------------------------
 1.1.1.1/32         3/NULL        2.2.2.2          127.0.0.1   InLoop0    
*1.1.1.1/32         Liberal/1024                    DS/2.2.2.2
 2.2.2.2/32         NULL/3        -                7.7.7.8   Vlanif30       
 2.2.2.2/32         1024/3        2.2.2.2          7.7.7.8   Vlanif30       
 3.3.3.3/32         NULL/1025     -                7.7.7.8   Vlanif30       
 3.3.3.3/32         1025/1025     2.2.2.2          7.7.7.8   Vlanif30      
 -------------------------------------------------------------------------------
 TOTAL: 5 Normal LSP(s) Found.
 TOTAL: 1 Liberal LSP(s) Found.
 TOTAL: 0 Frr LSP(s) Found.
 A '*' before an LSP means the LSP is not established
 A '*' before a Label means the USCB or DSCB is stale
 A '*' before a UpstreamPeer means the session is stale
 A '*' before a DS means the session is stale
 A '*' before a NextHop means the LSP is FRR LSP

  4. 在PE设备上配置VPN实例,将CE接入PE

    # 配置PE1。

    [PE1] ip vpn-instance vpna
[PE1-vpn-instance-vpna] route-distinguisher 100:1
[PE1-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both
[PE1-vpn-instance-vpna-af-ipv4] quit
[PE1-vpn-instance-vpna] quit
[PE1] ip vpn-instance vpnb
[PE1-vpn-instance-vpnb] route-distinguisher 100:2
[PE1-vpn-instance-vpnb-af-ipv4] vpn-target 222:2 both
[PE1-vpn-instance-vpnb-af-ipv4] quit
[PE1-vpn-instance-vpnb] quit
[PE1] vcmp role silent
[PE1] interface GigabitEthernet 1/0/0
[PE1-GigabitEthernet1/0/0] port link-type hybrid
[PE1-GigabitEthernet1/0/0] quit
[PE1] interface GigabitEthernet 1/0/0.1
[PE1-GigabitEthernet1/0/0.1] qinq termination pe-vid 100 ce-vid 10
[PE1-GigabitEthernet1/0/0.1] ip binding vpn-instance vpna
[PE1-GigabitEthernet1/0/0.1] ip address 10.1.1.2 24
[PE1-GigabitEthernet1/0/0.1] arp broadcast enable
[PE1-GigabitEthernet1/0/0.1] quit
[PE1] interface GigabitEthernet 2/0/0
[PE1-GigabitEthernet2/0/0] port link-type hybrid
[PE1-GigabitEthernet2/0/0] quit
[PE1] interface GigabitEthernet 2/0/0.1
[PE1-GigabitEthernet2/0/0.1] qinq termination pe-vid 200 ce-vid 20
[PE1-GigabitEthernet2/0/0.1] ip binding vpn-instance vpnb
[PE1-GigabitEthernet2/0/0.1] ip address 10.2.1.2 24
[PE1-GigabitEthernet2/0/0.1] arp broadcast enable
[PE1-GigabitEthernet2/0/0.1] quit

    # 配置PE2。

    [PE2] ip vpn-instance vpna
[PE2-vpn-instance-vpna] route-distinguisher 200:1
[PE2-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both
[PE2-vpn-instance-vpna-af-ipv4] quit
[PE2-vpn-instance-vpna] quit
[PE2] ip vpn-instance vpnb
[PE2-vpn-instance-vpnb] route-distinguisher 200:2
[PE2-vpn-instance-vpnb-af-ipv4] vpn-target 222:2 both
[PE2-vpn-instance-vpnb-af-ipv4] quit
[PE2-vpn-instance-vpnb] quit
[PE2] vcmp role silent
[PE2] interface GigabitEthernet 1/0/0
[PE2-GigabitEthernet1/0/0] port link-type hybrid
[PE2-GigabitEthernet1/0/0] quit
[PE2] interface GigabitEthernet 1/0/0.1
[PE2-GigabitEthernet1/0/0.1] qinq termination pe-vid 100 ce-vid 10
[PE2-GigabitEthernet1/0/0.1] ip binding vpn-instance vpna
[PE2-GigabitEthernet1/0/0.1] ip address 10.3.1.2 24
[PE2-GigabitEthernet1/0/0.1] arp broadcast enable
[PE2-GigabitEthernet1/0/0.1] quit
[PE2] interface GigabitEthernet 2/0/0
[PE2-GigabitEthernet2/0/0] port link-type hybrid
[PE2-GigabitEthernet2/0/0] quit
[PE2] interface GigabitEthernet 2/0/0.1
[PE2-GigabitEthernet2/0/0.1] qinq termination pe-vid 200 ce-vid 20
[PE2-GigabitEthernet2/0/0.1] ip binding vpn-instance vpnb
[PE2-GigabitEthernet2/0/0.1] ip address 10.4.1.2 24
[PE2-GigabitEthernet2/0/0.1] arp broadcast enable
[PE2-GigabitEthernet2/0/0.1] quit

    # 按图8-14配置CE1的接口IP地址。CE2、CE3和CE4的配置与CE1类似,不再赘述。

    <HUAWEI> system-view
[HUAWEI] sysname CE1
[CE1] vlan batch 10
[CE1] interface gigabitethernet 1/0/0
[CE1-GigabitEthernet1/0/0] port link-type hybrid
[CE1-GigabitEthernet1/0/0] port hybrid pvid vlan 10
[CE1-GigabitEthernet1/0/0] port hybrid tagged vlan 10
[CE1-GigabitEthernet1/0/0] quit
[CE1] interface vlanif 10
[CE1-Vlanif10] ip address 10.1.1.1 24
[CE1-Vlanif10] quit

    配置完成后,在PE设备上执行display ip vpn-instance verbose命令可以看到VPN实例的配置情况。各PE能ping通自己接入的CE。

    当PE上有多个绑定了同一个VPN的接口,则使用ping -vpn-instance命令Ping对端PE接入的CE时,要指定源IP地址,即要指定ping -vpn-instance vpn-instance-name -a source-ip-address dest-ip-address命令中的参数-a source-ip-address,否则可能Ping不通。

    以PE1为例:

    [PE1] display ip vpn-instance verbose
 Total VPN-Instances configured : 2
 Total IPv4 VPN-Instances configured : 2
 Total IPv6 VPN-Instances configured : 0

 VPN-Instance Name and ID : vpna, 1
  Interfaces : Gigabitethernet1/0/0.1
 Address family ipv4
  Create date : 2013-08-28 21:01:00+00:00
  Up time : 0 days, 22 hours, 24 minutes and 53 seconds
  Route Distinguisher : 100:1
  Export VPN Targets :  111:1
  Import VPN Targets :  111:1
  Label Policy : label per instance
  Per-Instance Label : 4098
  Log Interval : 5

 VPN-Instance Name and ID : vpnb, 2
  Interfaces : Gigabitethernet2/0/0.1
 Address family ipv4
  Create date : 2013-08-28 21:01:00+00:00
  Up time : 0 days, 22 hours, 24 minutes and 53 seconds
  Route Distinguisher : 100:2
  Export VPN Targets :  222:2
  Import VPN Targets :  222:2
  Label Policy : label per instance
  Per-Instance Label : 4099
  Log Interval : 5

    [PE1] ping -vpn-instance vpna 10.1.1.1
  PING 10.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 10.1.1.1: bytes=56 Sequence=1 ttl=255 time=5 ms
    Reply from 10.1.1.1: bytes=56 Sequence=2 ttl=255 time=3 ms
    Reply from 10.1.1.1: bytes=56 Sequence=3 ttl=255 time=3 ms
    Reply from 10.1.1.1: bytes=56 Sequence=4 ttl=255 time=3 ms
    Reply from 10.1.1.1: bytes=56 Sequence=5 ttl=255 time=16 ms

  --- 10.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 3/6/16 ms

  5. 在PE与CE之间建立EBGP对等体关系,引入VPN路由

    # 配置CE1。CE2、CE3和CE4的配置与CE1类似,不再赘述。

    [CE1] bgp 65410
[CE1-bgp] peer 10.1.1.2 as-number 100
[CE1-bgp] import-route direct

    # 配置PE1。PE2的配置与PE1类似,不再赘述。

    [PE1] bgp 100
[PE1-bgp] ipv4-family vpn-instance vpna
[PE1-bgp-vpna] peer 10.1.1.1 as-number 65410
[PE1-bgp-vpna] import-route direct
[PE1-bgp-vpna] quit
[PE1-bgp] ipv4-family vpn-instance vpnb
[PE1-bgp-vpnb] peer 10.2.1.1 as-number 65420
[PE1-bgp-vpnb] import-route direct
[PE1-bgp-vpnb] quit
[PE1-bgp] quit

    配置完成后,在PE设备上执行display bgp vpnv4 vpn-instance peer命令,可以看到PE与CE之间的BGP对等体关系已建立,并达到Established状态。

    以PE1与CE1的对等体关系为例:

    [PE1] display bgp vpnv4 vpn-instance vpna peer

 BGP local router ID : 1.1.1.1
 Local AS number : 100

 VPN-Instance vpna, Router ID 1.1.1.1:
 Total number of peers : 1                 Peers in established state : 1

  Peer            V    AS  MsgRcvd  MsgSent  OutQ  Up/Down       State      PrefRcv

  10.1.1.1        4 65410       11        9     0 00:07:25      Established       1

  6. 在PE之间建立MP-IBGP对等体关系

    # 配置PE1。

    [PE1] bgp 100
[PE1-bgp] peer 3.3.3.3 as-number 100
[PE1-bgp] peer 3.3.3.3 connect-interface loopback 1
[PE1-bgp] ipv4-family vpnv4
[PE1-bgp-af-vpnv4] peer 3.3.3.3 enable
[PE1-bgp-af-vpnv4] quit
[PE1-bgp] quit

    # 配置PE2。

    [PE2] bgp 100
[PE2-bgp] peer 1.1.1.1 as-number 100
[PE2-bgp] peer 1.1.1.1 connect-interface loopback 1
[PE2-bgp] ipv4-family vpnv4
[PE2-bgp-af-vpnv4] peer 1.1.1.1 enable
[PE2-bgp-af-vpnv4] quit
[PE2-bgp] quit

    配置完成后,在PE设备上执行display bgp peerdisplay bgp vpnv4 all peer命令,可以看到PE之间的BGP对等体关系已建立,并达到Established状态。

    [PE1] display bgp peer

 BGP local router ID : 1.1.1.1
 Local AS number : 100
 Total number of peers : 1                 Peers in established state : 1

  Peer            V    AS  MsgRcvd  MsgSent  OutQ  Up/Down       State              PrefRcv

  3.3.3.3         4   100       12        6     0 00:02:21        Established       0
    [PE1] display bgp vpnv4 all peer

BGP local router ID : 1.1.1.1
 Local AS number : 100
 Total number of peers : 3                 Peers in established state : 3

  Peer            V    AS  MsgRcvd  MsgSent    OutQ  Up/Down    State        PrefRcv

  3.3.3.3         4   100   12      18         0     00:09:38   Established   0
  Peer of IPv4-family for vpn instance :

 VPN-Instance vpna, Router ID 1.1.1.1: 
  10.1.1.1        4   65410  25     25         0     00:17:57   Established   1
 VPN-Instance vpnb, Router ID 1.1.1.1: 
  10.2.1.1        4   65420  21     22         0     00:17:10   Established   1

  7. 检查配置结果

    在PE设备上执行display ip routing-table vpn-instance命令,可以看到去往对端CE的路由。

    以PE1的显示为例:

    [PE1] display ip routing-table vpn-instance vpna
Route Flags: R - relay, D - download to fib, T - to vpn-instance
------------------------------------------------------------------------------
Routing Tables: vpna
         Destinations : 3        Routes : 3

Destination/Mask    Proto  Pre  Cost     Flags NextHop         Interface

     10.1.1.0/24    Direct 0    0        D     10.1.1.2        Gigabitethernet1/0/0.1
     10.1.1.2/32    Direct 0    0        D     127.0.0.1       Gigabitethernet1/0/0.1
     10.3.1.0/24    IBGP   255  0        RD    3.3.3.3         Vlanif30
    [PE1] display ip routing-table vpn-instance vpnb
Route Flags: R - relay, D - download to fib, T - to vpn-instance
------------------------------------------------------------------------------
Routing Tables: vpnb
         Destinations : 3        Routes : 3

Destination/Mask    Proto  Pre  Cost     Flags NextHop         Interface

     10.2.1.0/24    Direct 0    0        D     10.2.1.2        Gigabitethernet2/0/0.1
     10.2.1.2/32    Direct 0    0        D     127.0.0.1       Gigabitethernet2/0/0.1
     10.4.1.0/24    IBGP   255  0        RD    3.3.3.3         Vlanif30

    同一VPN的CE能够相互Ping通,不同VPN的CE不能相互Ping通。

    例如:CE1能够Ping通CE3(10.3.1.1),但不能Ping通CE4(10.4.1.1)。

    [CE1] ping 10.3.1.1
  PING 10.3.1.1: 56  data bytes, press CTRL_C to break
    Reply from 10.3.1.1: bytes=56 Sequence=1 ttl=253 time=72 ms
    Reply from 10.3.1.1: bytes=56 Sequence=2 ttl=253 time=34 ms
    Reply from 10.3.1.1: bytes=56 Sequence=3 ttl=253 time=50 ms
    Reply from 10.3.1.1: bytes=56 Sequence=4 ttl=253 time=50 ms
    Reply from 10.3.1.1: bytes=56 Sequence=5 ttl=253 time=34 ms
  --- 10.3.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 34/48/72 ms  
    [CE1] ping 10.4.1.1
  PING 10.4.1.1: 56  data bytes, press CTRL_C to break
    Request time out
    Request time out
    Request time out
    Request time out
    Request time out
  --- 10.4.1.1 ping statistics ---
    5 packet(s) transmitted
    0 packet(s) received
    100.00% packet loss

配置文件

  • PE1的配置文件

    #
sysname PE1
#
router id 1.1.1.1
#
vcmp role silent                                                                
#
vlan batch 30
#
ip vpn-instance vpna
 ipv4-family 
  route-distinguisher 100:1
  vpn-target 111:1 export-extcommunity
  vpn-target 111:1 import-extcommunity
#
ip vpn-instance vpnb
 ipv4-family 
  route-distinguisher 100:2
  vpn-target 222:2 export-extcommunity
  vpn-target 222:2 import-extcommunity
#
mpls lsr-id 1.1.1.1
mpls
#
mpls ldp
#
interface Vlanif30
 ip address 7.7.7.7 255.255.255.0
 mpls
 mpls ldp
#
interface GigabitEthernet1/0/0
 port link-type hybrid
# 
interface GigabitEthernet1/0/0.1
 qinq termination pe-vid 100 ce-vid 10
 ip binding vpn-instance vpna
 ip address 10.1.1.2 255.255.255.0
 arp broadcast enable
#
interface GigabitEthernet2/0/0
 port link-type hybrid
#
interface GigabitEthernet2/0/0.1
 qinq termination pe-vid 200 ce-vid 20
 ip binding vpn-instance vpnb
 ip address 10.2.1.2 255.255.255.0
 arp broadcast enable
#
interface GigabitEthernet3/0/0
 port link-type hybrid
 port hybrid pvid vlan 30
 port hybrid untagged vlan 30
#
interface LoopBack1
 ip address 1.1.1.1 255.255.255.255
# 
bgp 100
 peer 3.3.3.3 as-number 100
 peer 3.3.3.3 connect-interface LoopBack1
 #
 ipv4-family unicast
  undo synchronization
  peer 3.3.3.3 enable
 #
 ipv4-family vpnv4
  policy vpn-target
  peer 3.3.3.3 enable
 #
 ipv4-family vpn-instance vpna
  peer 10.1.1.1 as-number 65410
  import-route direct
 #
 ipv4-family vpn-instance vpnb
  peer 10.2.1.1 as-number 65420
  import-route direct
# 
ospf 1
 area 0.0.0.0
  network 1.1.1.1 0.0.0.0
  network 7.7.7.0 0.0.0.255
#
return

  • P的配置文件

    #
sysname P
#
router id 2.2.2.2
#
vlan batch 30 60
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
# 
interface Vlanif30
 ip address 7.7.7.8 255.255.255.0
 mpls
 mpls ldp
#
interface Vlanif60
 ip address 6.6.6.6 255.255.255.0
 mpls
 mpls ldp
#
interface GigabitEthernet1/0/0
 port link-type hybrid
 port hybrid pvid vlan 30
 port hybrid untagged vlan 30
# 
interface GigabitEthernet2/0/0
 port link-type hybrid
 port hybrid pvid vlan 60
 port hybrid untagged vlan 60
# 
interface LoopBack1
 ip address 2.2.2.2 255.255.255.255
#
ospf 1
 area 0.0.0.0
  network 2.2.2.2 0.0.0.0
  network 7.7.7.0 0.0.0.255
  network 6.6.6.0 0.0.0.255
#
return

  • PE2的配置文件

    #
sysname PE2
#
router id 3.3.3.3
#
vcmp role silent                                                                
#
vlan batch 60
#
ip vpn-instance vpna
 ipv4-family 
  route-distinguisher 200:1
  vpn-target 111:1 export-extcommunity
  vpn-target 111:1 import-extcommunity
#
ip vpn-instance vpnb
 ipv4-family 
  route-distinguisher 200:2
  vpn-target 222:2 export-extcommunity
  vpn-target 222:2 import-extcommunity
#
mpls lsr-id 3.3.3.3
mpls
#
mpls ldp
#
interface Vlanif60
 ip address 6.6.6.7 255.255.255.0
 mpls
 mpls ldp
#
interface GigabitEthernet1/0/0
 port link-type hybrid
# 
interface GigabitEthernet1/0/0.1
 qinq termination pe-vid 100 ce-vid 10
 ip binding vpn-instance vpna
 ip address 10.3.1.2 255.255.255.0
 arp broadcast enable
#
interface GigabitEthernet2/0/0
 port link-type hybrid
# 
interface GigabitEthernet2/0/0.1
 qinq termination pe-vid 200 ce-vid 20
 ip binding vpn-instance vpnb
 ip address 10.4.1.2 255.255.255.0
 arp broadcast enable
#
interface GigabitEthernet3/0/0
 port link-type hybrid
 port hybrid pvid vlan 60
 port hybrid untagged vlan 60
# 
interface LoopBack1
 ip address 3.3.3.3 255.255.255.255
#
bgp 100
 peer 1.1.1.1 as-number 100
 peer 1.1.1.1 connect-interface LoopBack1
 #
 ipv4-family unicast
  undo synchronization
  peer 1.1.1.1 enable
 #
 ipv4-family vpnv4
  policy vpn-target
  peer 1.1.1.1 enable 
 #
 ipv4-family vpn-instance vpna
  peer 10.3.1.1 as-number 65430
  import-route direct
 #
 ipv4-family vpn-instance vpnb
  peer 10.4.1.1 as-number 65440
  import-route direct
#
ospf 1
 area 0.0.0.0
  network 3.3.3.3 0.0.0.0
  network 6.6.6.0 0.0.0.255
# 
return

  • CE1的配置文件

    #
sysname CE1
#
vlan batch 10
#
interface Vlanif10
 ip address 10.1.1.1 255.255.255.0
#
interface GigabitEthernet1/0/0
 port link-type hybrid
 port hybrid pvid vlan 10
 port hybrid tagged vlan 10
#
bgp 65410
 peer 10.1.1.2 as-number 100
 #
 ipv4-family unicast
  undo synchronization
  import-route direct
  peer 10.1.1.2 enable
#
return

  • CE2的配置文件

    #
sysname CE2
#
vlan batch 20
#
interface Vlanif20
 ip address 10.2.1.1 255.255.255.0
#
interface GigabitEthernet1/0/0
 port link-type hybrid
 port hybrid pvid vlan 20
 port hybrid tagged vlan 20
bgp 65420
 peer 10.2.1.2 as-number 100
 #
 ipv4-family unicast
  undo synchronization
  import-route direct
  peer 10.2.1.2 enable
#
return

  • CE3的配置文件

    #
sysname CE3
#
vlan batch 10
#
interface Vlanif10
 ip address 10.3.1.1 255.255.255.0
#
interface GigabitEthernet1/0/0
 port link-type hybrid
 port hybrid pvid vlan 10
 port hybrid tagged vlan 10
#
bgp 65430
 peer 10.3.1.2 as-number 100
 #
 ipv4-family unicast
  undo synchronization
  import-route direct
  peer 10.3.1.2 enable
#
return

  • CE4的配置文件

    #
sysname CE4
#
vlan batch 20
#
interface Vlanif20
 ip address 10.4.1.1 255.255.255.0
#
interface GigabitEthernet1/0/0
 port link-type hybrid
 port hybrid pvid vlan 20
 port hybrid tagged vlan 20
#
bgp 65440
 peer 10.4.1.2 as-number 100
 #
 ipv4-family unicast
  undo synchronization
  import-route direct
  peer 10.4.1.2 enable
#
return

  • Switch1的配置文件

    #
sysname Switch1
#
vlan batch 100
#
interface GigabitEthernet1/0/0
 port link-type hybrid
 port hybrid untagged vlan 100
 port vlan-stacking vlan 10 stack-vlan 100
#
interface GigabitEthernet2/0/0
 port link-type hybrid
 port hybrid tagged vlan 100
#
return

  • Switch2的配置文件

    #
sysname Switch2
#
vlan batch 200
#
interface GigabitEthernet1/0/0
 port link-type hybrid
 port hybrid untagged vlan 200
 port vlan-stacking vlan 20 stack-vlan 200
#
interface GigabitEthernet2/0/0
 port link-type hybrid
 port hybrid tagged vlan 200
#
return

  • Switch3的配置文件

    #
sysname Switch3
#
vlan batch 100
#
interface GigabitEthernet1/0/0
 port link-type hybrid
 port hybrid untagged vlan 100
 port vlan-stacking vlan 10 stack-vlan 100
#
interface GigabitEthernet2/0/0
 port link-type hybrid
 port hybrid tagged vlan 100
#
return

  • Switch4的配置文件

    #
sysname Switch4
#
vlan batch 200
#
interface GigabitEthernet1/0/0
 port link-type hybrid
 port hybrid untagged vlan 200
 port vlan-stacking vlan 20 stack-vlan 200
#
interface GigabitEthernet2/0/0
 port link-type hybrid
 port hybrid tagged vlan 200
#
return
翻译
English
下载文档
更新时间:2021-09-06

文档编号:EDOC1100065723

浏览量:150799

下载量:797

平均得分:
本文档适用于这些产品

相关版本

相关文档

数字签名

数字签名验证工具
分享
上一页 下一页

版权所有 © 华为技术有限公司 1998-2022。 保留一切权利。粤A2-20044005号

您正离开华为站点,前往: