评分并提供意见反馈 :
华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言,希望能帮助您更容易理解此文档的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 华为对于翻译的准确性不承担任何责任,并建议您参考英文文档(已提供链接)。
配置L3VPN over LDP over TE场景下的CBTS示例
介绍配置L3VPN over LDP over TE场景下的CBTS的配置过程。
组网需求
如图3-29所示,CE1和CE2属于同一L3VPN,分别通过PE1和PE2接入公网。CE1和CE2之间存在多种业务流量,当普通业务流量过大时,重要业务流量的转发将受到影响。为保证重要业务的转发质量,可以配置CBTS功能。配置了CBTS功能后,不同业务等级的流量会有指定的隧道承载,这样可有效保证高业务等级的重要业务的转发质量。
假定本组网中,指定承载重要业务的隧道分别为Tunnel 1,其他业务等级的报文均由Tunnel 2承载。
配置思路
采用如下的思路完成L3VPN over LDP over TE场景下的CBTS配置:
配置各节点的接口IP地址及作为LSR ID的Loopback地址,并配置IGP协议发布路由。
在支持TE的区域使能OSPF TE,创建MPLS TE隧道,并配置隧道允许通过的服务等级的报文。
在非TE域使能MPLS LDP,并在TE边界上配置LDP远端对等体。
配置TE的转发邻接特性。
在L3VPN接入的节点配置复杂流分类,在LDP over TE的链路上配置简单流分类
数据准备
为完成此配置例,需准备如下的数据:
OSPF进程号,所在的区域
LSP的建立触发策略
P1和P2的远端对等体名称和IP地址
隧道沿途的链路的带宽属性
节点P1和P2上隧道接口的接口编号、IP地址、目的地址、隧道ID、隧道信令协议(为缺省的RSVP-TE)、隧道带宽、TE度量值、链路开销值
复杂流分类名称和流策略名称
操作步骤
- 配置各接口的IP地址
按照图3-29配置各接口的IP地址,包括各Loopback接口的IP地址,具体配置过程略。
- 使用OSPF协议通告各接口所连网段和LSR ID主机路由(略)
- 配置PE和CE间的EBGP以及PE间的MP-IBGP
具体配置详见配置文件。
- 配置MPLS基本功能,PE1与P1之间,P2与PE2之间使能LDP,P1与P3、P2之间使能RSVP
# 配置PE1。
[~PE1] mpls lsr-id 1.1.1.1[*PE1] mpls[*PE1-mpls] lsp-trigger all[*PE1-mpls] quit[*PE1] mpls ldp[*PE1-mpls-ldp] quit[*PE1] interface gigabitethernet 0/1/0
[*PE1-GigabitEthernet0/1/0] mpls
[*PE1-GigabitEthernet0/1/0] mpls ldp
[*PE1-GigabitEthernet0/1/0] commit
[~PE1-GigabitEthernet0/1/0] quit
# 配置P1。
[~P1] mpls lsr-id 2.2.2.2[*P1] mpls[*P1-mpls] mpls te[*P1-mpls] lsp-trigger all[*P1-mpls] mpls rsvp-te[*P1-mpls] mpls te cspf[*P1-mpls] quit[*P1] mpls ldp[*P1-mpls-ldp] quit[*P1] interface gigabitethernet 0/1/0
[*P1-GigabitEthernet0/1/0] mpls
[*P1-GigabitEthernet0/1/0] mpls ldp
[*P1-GigabitEthernet0/1/0] quit
[*P1] interface gigabitethernet 0/2/0
[*P1-GigabitEthernet0/2/0] mpls
[*P1-GigabitEthernet0/2/0] mpls te
[*P1-GigabitEthernet0/2/0] mpls rsvp-te
[*P1-GigabitEthernet0/2/0] commit
[~P1-GigabitEthernet0/2/0] quit
# 配置P3。
[~P3] mpls lsr-id 3.3.3.3[*P3] mpls[*P3-mpls] mpls te[*P3-mpls] mpls rsvp-te[*P3-mpls] quit[*P3] interface gigabitethernet 0/1/0
[*P3-GigabitEthernet0/1/0] mpls
[*P3-GigabitEthernet0/1/0] mpls te
[*P3-GigabitEthernet0/1/0] mpls rsvp-te
[*P3-GigabitEthernet0/1/0] quit
[*P3] interface gigabitethernet 0/2/0
[*P3-GigabitEthernet0/2/0] mpls
[*P3-GigabitEthernet0/2/0] mpls te
[*P3-GigabitEthernet0/2/0] mpls rsvp-te
[*P3-GigabitEthernet0/2/0] commit
[~P3-GigabitEthernet0/2/0] quit
# 配置P2。
[~P2] mpls lsr-id 4.4.4.4[*P2] mpls[*P2-mpls] mpls te[*P2-mpls] lsp-trigger all[*P2-mpls] mpls rsvp-te[*P2-mpls] mpls te cspf[*P2-mpls] quit[*P2] mpls ldp[*P2-mpls-ldp] quit[*P2] interface gigabitethernet 0/1/0
[*P2-GigabitEthernet0/1/0] mpls
[*P2-GigabitEthernet0/1/0] mpls te
[*P2-GigabitEthernet0/1/0] mpls rsvp-te
[*P2-GigabitEthernet0/1/0] quit
[*P2] interface gigabitethernet 0/2/0
[*P2-GigabitEthernet0/2/0] mpls
[*P2-GigabitEthernet0/2/0] mpls ldp
[*P2-GigabitEthernet0/2/0] commit
[~P2-GigabitEthernet0/2/0] quit
# 配置PE2。
[~PE2] mpls lsr-id 5.5.5.5[*PE2] mpls[*PE2-mpls] lsp-trigger all[*PE2-mpls] quit[*PE2] mpls ldp[*PE2-mpls-ldp] quit[*PE2] interface gigabitethernet 0/1/0
[*PE2-GigabitEthernet0/1/0] mpls
[*PE2-GigabitEthernet0/1/0] mpls ldp
[*PE2-GigabitEthernet0/1/0] commit
[~PE2-GigabitEthernet0/1/0] quit
完成上述配置后,PE1与P1,P2与PE2之间的本地LDP会话已经建立成功。
# 在节点PE1、P1、P2、PE2上执行display mpls ldp session命令,可以看到LDP会话的建立情况。
[~PE1] display mpls ldp sessionLDP Session(s) in Public Network Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM) A '*' before a session means the session is being deleted. -------------------------------------------------------------------------- PeerID Status LAM SsnRole SsnAge KASent/Rcv -------------------------------------------------------------------------- 2.2.2.2:0 Operational DU Passive 0000:00:05 23/23 -------------------------------------------------------------------------- TOTAL: 1 Session(s) Found.
# 执行display mpls ldp peer命令,可以看到LDP对等体情况。
[~PE1] display mpls ldp peerLDP Peer Information in Public network A '*' before a peer means the peer is being deleted. ------------------------------------------------------------------------- PeerID TransportAddress DiscoverySource ------------------------------------------------------------------------- 2.2.2.2:0 2.2.2.2 GigabitEthernet0/1/0 ------------------------------------------------------------------------- TOTAL: 1 Peer(s) Found.# 执行display mpls lsp可以看到LDP LSP的信息,RSVP尚未建立LSP。以节点PE1的显示为例:
[~PE1] display mpls lsp----------------------------------------------------------------------
LSP Information: LDP LSP
----------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
1.1.1.1/32 3/NULL GE0/1/0/-2.2.2.2/32 NULL/3 -/GE0/1/02.2.2.2/32 1024/3 -/GE0/1/010.1.1.0/24 3/NUL GE0/1/0/-10.2.1.0/24 NULL/3 -/GE0/1/010.2.1.0/24 1025/3 -/GE0/1/0 - 配置P1与P2之间的LDP远端会话
# 配置P1。
[~P1] mpls ldp remote-peer lsrd[*P1-mpls-ldp-remote-lsrd] remote-ip 4.4.4.4[*P1-mpls-ldp-remote-lsrd] commit[~P1-mpls-ldp-remote-lsrd] quit# 配置P2。
[~P2] mpls ldp remote-peer lsrb[*P2-mpls-ldp-remote-lsrb] remote-ip 2.2.2.2[*P2-mpls-ldp-remote-lsrb] commit[~P2-mpls-ldp-remote-lsrb] quit# 完成上述配置后,在P1与P2间建立起远端会话,在P1或P2上执行display mpls ldp remote-peer将显示远端会话实体信息,以P1的显示为例:
[~P1] display mpls ldp remote-peer lsrdLDP Remote Entity Information ------------------------------------------------------------------------------ Remote Peer Name: P2 Remote Peer IP : 4.4.4.4 LDP ID : 2.2.2.2:0 Transport Address : 2.2.2.2 Entity Status : Active Configured Keepalive Hold Timer : 45 Sec Configured Keepalive Send Timer : ---- Configured Hello Hold Timer : 45 Sec Negotiated Hello Hold Timer : 45 Sec Configured Hello Send Timer : ---- Configured Delay Timer : ---- Hello Packet sent/received : 425/382 ------------------------------------------------------------------------------ TOTAL: 1 Remote-Peer(s) Found.
- 在TE隧道沿途链路的出接口上配置带宽属性
# 配置P1。
[~P1] interface gigabitethernet 0/2/0
[~P1-GigabitEthernet0/2/0] mpls te bandwidth max-reservable-bandwidth 20000
[*P1-GigabitEthernet0/2/0] mpls te bandwidth bc0 20000
[*P1-GigabitEthernet0/2/0] commit
[~P1-GigabitEthernet0/2/0] quit
# 配置P3。
[~P3] interface gigabitethernet 0/1/0
[~P3-GigabitEthernet0/1/0] mpls te bandwidth max-reservable-bandwidth 20000
[*P3-GigabitEthernet0/1/0] mpls te bandwidth bc0 20000
[*P3-GigabitEthernet0/1/0] quit
[*P3] interface gigabitethernet 0/2/0
[*P3-GigabitEthernet0/2/0] mpls te bandwidth max-reservable-bandwidth 20000
[*P3-GigabitEthernet0/2/0] mpls te bandwidth bc0 20000
[*P3-GigabitEthernet0/2/0] commit
[~P3-GigabitEthernet0/2/0] quit
# 配置P2。
[~P2] interface gigabitethernet 0/1/0
[~P2-GigabitEthernet0/1/0] mpls te bandwidth max-reservable-bandwidth 20000
[*P2-GigabitEthernet0/1/0] mpls te bandwidth bc0 20000
[*P2-GigabitEthernet0/1/0] commit
[~P2-GigabitEthernet0/1/0] quit
- 在PE1和PE2上配置L3VPN接入,并在PE1入接口上配置复杂流分类
# PE1上的配置
[~PE1] ip vpn-instance VPNA[*PE1-vpn-instance-VPNA] ipv4-family[*PE1-vpn-instance-VPNA-af-ipv4] route-distinguisher 100:1[*PE1-vpn-instance-VPNA-af-ipv4] vpn-target 111:1 both[*PE1] interface gigabitethernet 0/2/0
[*PE1-GigabitEthernet0/2/0] ip binding vpn-instance VPNA
[*PE1] acl 2001[*PE1-acl4-basic-2001] rule 10 permit source 40.0.0.0 0.255.255.255[*PE1-acl4-basic-2001] quit[*PE1] acl 2002[*PE1-acl4-basic-2002] rule 20 permit source 50.0.0.0 0.255.255.255[*PE1-acl4-basic-2002] quit[*PE1] traffic classifier service1[*PE1-classifier-service1] if-match acl 2001[*PE1-classifier-service1] commit[~PE1-classifier-service1] quit[~PE1] traffic behavior behavior1[*PE1-behavior-behavior1] service-class af1 color green[*PE1-behavior-behavior1] commit[~PE1-behavior-behavior1] quit[~PE1] traffic classifier service2[*PE1-classifier-service2] if-match acl 2002[*PE1-classifier-service2] commit[~PE1-classifier-service2] quit[~PE1] traffic behavior behavior2[*PE1-behavior-behavior2] service-class af2 color green[*PE1-behavior-behavior2] commit[~PE1-behavior-behavior2] quit[~PE1] traffic policy test[*PE1-trafficpolicy-test] classifier service1 behavior behavior1[*PE1-trafficpolicy-test] classifier service2 behavior behavior2[*PE1-trafficpolicy-test] commit[~PE1-trafficpolicy-test] quit[~PE1] interface gigabitethernet 0/2/0
[~PE1-GigabitEthernet0/2/0] traffic-policy test inbound
[~PE1-GigabitEthernet0/2/0] commit
[~PE1-GigabitEthernet0/2/0] quit
# PE2上的配置
[~PE2] ip vpn-instance VPNB[*PE2-vpn-instance-VPNB] ipv4-family[*PE2-vpn-instance-VPNB-af-ipv4] route-distinguisher 200:1[*PE2-vpn-instance-VPNB-af-ipv4] vpn-target 111:1 both[*PE2] interface gigabitethernet 0/2/0
[*PE2-GigabitEthernet0/2/0] ip binding vpn-instance VPNB
[*PE2-GigabitEthernet0/2/0] commit
[~PE2-GigabitEthernet0/2/0] quit
- 在PE1和P1的互连接口上分别配置简单流分类
# PE1的配置
[~PE1] interface gigabitethernet 0/1/0
[~PE1-GigabitEthernet0/1/0] trust upstream default
[*PE1-GigabitEthernet0/1/0] commit
[~PE1-GigabitEthernet0/1/0] quit
# P1的配置
[~P1] interface gigabitethernet 0/1/0
[~P1-GigabitEthernet0/1/0] trust upstream default
[*PE1-GigabitEthernet0/1/0] commit
[~PE1-GigabitEthernet0/1/0] quit
- 配置P1到P2的TE Tunnel,并为各Tunnel配置可以通过的报文的服务等级。
执行mpls te service-class { service-class & <1-8> | default }命令实现指定各Tunnel可以通过的报文的服务等级。
# 配置节点P1。在Tunnel接口上使能IGP Shortcut,并调整转发邻接的metric值,使到P2或PE2的流量经过Tunnel。
[~P1] interface tunnel1[*P1-Tunnel1] ip address unnumbered interface LoopBack1[*P1-Tunnel1] tunnel-protocol mpls te[*P1-Tunnel1] destination 4.4.4.4[*P1-Tunnel1] mpls te tunnel-id 100[*P1-Tunnel1] mpls te bandwidth ct0 10000[*P1-Tunnel1] mpls te igp shortcut[*P1-Tunnel1] mpls te igp metric absolute 1[*P1-Tunnel1] mpls te service-class af1 af2[*P1-Tunnel1] quit[*P1] interface tunnel12[*P1-Tunnel2] ip address unnumbered interface LoopBack1[*P1-Tunnel2] tunnel-protocol mpls te[*P1-Tunnel2] destination 4.4.4.4[*P1-Tunnel2] mpls te tunnel-id 200[*P1-Tunnel2] mpls te bandwidth ct0 10000[*P1-Tunnel2] mpls te igp shortcut[*P1-Tunnel2] mpls te igp metric absolute 1[*P1-Tunnel2] mpls te service-class default[*P1-Tunnel2] quit[*P1] ospf 1[*P1-ospf-1] area 0[*P1-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0[*P1-ospf-1-area-0.0.0.0] quit[*P1-ospf-1] enable traffic-adjustment advertise[*P1-ospf-1] commit - 配置P2到P1的Tunnel
# 配置节点P2。在Tunnel接口上使能转发邻接,并调整转发邻接的metric值,使到PE1或P1的流量经过Tunnel。
[~P2] interface tunnel1[*P2-Tunnel1] ip address unnumbered interface LoopBack1[*P2-Tunnel1] tunnel-protocol mpls te[*P2-Tunnel1] destination 2.2.2.2[*P2-Tunnel1] mpls te tunnel-id 101[*P2-Tunnel1] mpls te bandwidth ct0 10000[*P2-Tunnel1] mpls te igp shortcut[*P2-Tunnel1] mpls te igp metric absolute 1[*P2-Tunnel1] quit[*P2] ospf 1[*P2-ospf-1] area 0[*P2-ospf-1-area-0.0.0.0] network 4.4.4.4 0.0.0.0[*P2-ospf-1-area-0.0.0.0] quit[*P2-ospf-1] enable traffic-adjustment advertise[*P2-Tunnel1] commit
配置文件
PE1的配置文件
#
sysname PE1
#
ip vpn-instance VPNA
ipv4-family
route-distinguisher 100:1
apply-label per-instance
vpn-target 111:1 export-extcommunity
vpn-target 111:1 import-extcommunity
#
mpls lsr-id 1.1.1.1
#
mpls
lsp-trigger all
#
mpls ldp
#
acl number 2001
rule 10 permit source 40.0.0.0 0.255.255.255
#
acl number 2002
rule 20 permit source 50.0.0.0 0.255.255.255
#
traffic classifier service1
if-match acl 2001
#
traffic classifier service2
if-match acl 2002
#
traffic behavior behavior1
service-class af1 color green
#
traffic behavior behavior2
service-class af2 color green
#
traffic policy test
share-mode
classifier service1 behavior behavior1
classifier service2 behavior behavior2
#
interface GigabitEthernet0/1/0undo shutdown
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
trust upstream default
#
interface GigabitEthernet0/2/0undo shutdown
ip binding vpn-instance VPNA
ip address 10.10.1.1 255.255.255.0
traffic-policy test inbound
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
bgp 100
peer 5.5.5.5 as-number 100
peer 5.5.5.5 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 5.5.5.5 enable
#
ipv4-family vpnv4
policy vpn-target
peer 5.5.5.5 enable
#
ipv4-family vpn-instance VPNA
peer 10.10.1.2 as-number 65410
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return
P1的配置文件
#
sysname P1
#
mpls lsr-id 2.2.2.2
#
mpls
mpls te
mpls rsvp-te
mpls te cspf
lsp-trigger all
#
mpls ldp
# ipv4-family
#
mpls ldp remote-peer lsrd
remote-ip 4.4.4.4
#
interface GigabitEthernet0/1/0undo shutdown
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
trust upstream default
#
interface GigabitEthernet0/2/0undo shutdown
ip address 10.2.1.1 255.255.255.0
mpls
mpls te
mpls te bandwidth max-reservable-bandwidth 20000
mpls te bandwidth bc0 20000
mpls rsvp-te
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
interface Tunnel1
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 4.4.4.4
mpls te tunnel-id 100
mpls te bandwidth ct0 10000
mpls te igp shortcut
mpls te igp metric absolute 1
mpls te service-class af1 af2
#
interface Tunnel2
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 4.4.4.4
mpls te tunnel-id 200
mpls te bandwidth ct0 10000
mpls te igp shortcut
mpls te igp metric absolute 1
mpls te service-class default
#
ospf 1
opaque-capability enable
enable traffic-adjustment advertise
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
mpls-te enable
#
return
P3的配置文件
#
sysname P3
#
mpls lsr-id 3.3.3.3
#
mpls
mpls te
mpls rsvp-te
#
interface GigabitEthernet0/1/0undo shutdown
ip address 10.2.1.2 255.255.255.0
mpls
mpls te
mpls te bandwidth max-reservable-bandwidth 20000
mpls te bandwidth bc0 20000
mpls rsvp-te
#
interface GigabitEthernet0/2/0undo shutdown
ip address 10.3.1.1 255.255.255.0
mpls
mpls te
mpls te bandwidth max-reservable-bandwidth 20000
mpls te bandwidth bc0 20000
mpls rsvp-te
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
#
ospf 1
opaque-capability enable
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.2.1.0 0.0.0.255
network 10.3.1.0 0.0.0.255
mpls-te enable
#
return
P2的配置文件
#
sysname P2
#
mpls lsr-id 4.4.4.4
#
mpls
mpls te
mpls rsvp-te
mpls te cspf
lsp-trigger all
#
mpls ldp
# ipv4-family
#
mpls ldp remote-peer lsrb
remote-ip 2.2.2.2
#
interface GigabitEthernet0/1/0undo shutdown
ip address 10.3.1.2 255.255.255.0
mpls
mpls te
mpls te bandwidth max-reservable-bandwidth 20000
mpls te bandwidth bc0 20000
mpls rsvp-te
#
interface GigabitEthernet0/2/0undo shutdown
ip address 10.4.1.2 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 4.4.4.4 255.255.255.255
#
interface Tunnel1
ip address unnumbered interface LoopBack1
tunnel-protocol mpls te
destination 2.2.2.2
mpls te tunnel-id 101
mpls te bandwidth ct0 10000
mpls te igp shortcut
mpls te igp metric absolute 1
#
ospf 1
opaque-capability enable
enable traffic-adjustment advertise
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 10.3.1.0 0.0.0.255
network 10.4.1.0 0.0.0.255
mpls-te enable
#
return
PE2的配置文件
#
sysname PE2
#
ip vpn-instance VPNB
ipv4-family
route-distinguisher 200:1
apply-label per-instance
vpn-target 111:1 export-extcommunity
vpn-target 111:1 import-extcommunity
#
mpls lsr-id 5.5.5.5
#
mpls
lsp-trigger all
#
mpls ldp
#
interface GigabitEthernet0/1/0undo shutdown
ip address 10.4.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/2/0undo shutdown
ip binding vpn-instance VPNB
ip address 10.11.1.1 255.255.255.0
#
interface LoopBack1
ip address 5.5.5.5 255.255.255.255
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
#
ipv4-family vpnv4
policy vpn-target
peer 1.1.1.1 enable
#
ipv4-family vpn-instance VPNB
peer 10.11.1.2 as-number 65420
#
ospf 1
area 0.0.0.0
network 5.5.5.5 0.0.0.0
network 10.4.1.0 0.0.0.255
#
return
