评分并提供意见反馈 :
华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言,希望能帮助您更容易理解此文档的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 华为对于翻译的准确性不承担任何责任,并建议您参考英文文档(已提供链接)。
配置动态单段PW的E-PW APS保护示例
在E-PW APS场景中,PW为动态单段,并通过MPLS OAM检测PW状态。
组网需求
如图9-38所示,公网的三台PE设备在同一IGP域内,并部署了双动态双向关联LSP隧道。要求CE1和CE2通过公网的三台PE互通,并保证可靠性。
考虑到动态隧道的方案,可以部署动态PW的E-PW APS保证业务的可靠性。由于三台PE在同一IGP域内,因此部署单段PW即可满足要求。
配置思路
采用如下的思路配置动态单段PW的E-PW APS保护:
配置各接口的IP地址和路由协议
配置MPLS和公网隧道
在本示例中,PE1和PE2之间、PE1和PE3之间、PE2和PE3之间均使用动态双向关联LSP隧道,具体包括:
配置MPLS基本能力,并使能MPLS TE、RSVP-TE和CSPF
配置OSPF TE
配置动态双向关联LSP
配置PW保护组,本示例配置动态PW,具体包括:
PE1和PE2之间配置主PW
PE1和PE3之间配置备PW
PE2和PE3之间配置bypass PW
配置E-PW APS保护,具体包括:
PE1上配置PW APS实例
PE2、PE3配置E-PW APS实例
配置PW绑定到PW APS实例
配置MPLS OAM检测PW状态
配置AC侧CE设备通过VLAN接入L2VPN
数据准备
为完成此配置例,需准备如下的数据:
PE接口编号、接口IP地址和OSPF进程号
PE的LSR ID、Tunnel接口的编号和IP地址、反向RSVP-LSP的遂道ID、反向RSVP-LSP的Ingress节点的LSR ID
L2VC的目的地址、VC ID、VC Type和动态PW的收发标签值
PE1设备上的APS实例编号、E-PW APS的Master/Slave角色和本端/远端APS编号。其中PE2的E-PW APS的角色为Slave,PE3的E-PW APS的角色为Master
操作步骤
- 配置各接口的IP地址和路由协议
配置各接口的IP地址和掩码,具体配置过程略。
本举例使用OSPF路由协议,保证PE1、PE2和PE3在网络层互通。具体配置过程略。
- 配置MPLS和公网隧道
本示例中,PE1、PE2和PE3之间采用动态双向关联LSP隧道。
- 配置动态PW保护组
- 配置E-PW APS保护
- 配置MPLS OAM检测PW状态
# 配置PE1。
[~PE1] mpls[*PE1-mpls] mpls oam[*PE1-mpls] quit[*PE1] mpls-oam[*PE1-mpls-oam] mpls oam l2vc peer-ip 2.2.2.2 vc-id 1 vc-type vlan type cv[*PE1-mpls-oam] mpls oam l2vc peer-ip 3.3.3.3 vc-id 2 vc-type vlan type cv[*PE1-mpls-oam] mpls oam l2vc enable receive peer-ip 2.2.2.2 vc-id 1 vc-type vlan[*PE1-mpls-oam] mpls oam l2vc enable send peer-ip 2.2.2.2 vc-id 1 vc-type vlan[*PE1-mpls-oam] mpls oam l2vc enable receive peer-ip 3.3.3.3 vc-id 2 vc-type vlan[*PE1-mpls-oam] mpls oam l2vc enable send peer-ip 3.3.3.3 vc-id 2 vc-type vlan[*PE1-mpls-oam] quit[*PE1] commit# 配置PE2。
[~PE2] mpls[*PE2-mpls] mpls oam[*PE2-mpls] quit[*PE2] mpls-oam[*PE2-mpls-oam] mpls oam l2vc peer-ip 1.1.1.1 vc-id 3 vc-type vlan type cv[*PE2-mpls-oam] mpls oam l2vc peer-ip 3.3.3.3 vc-id 6 vc-type vlan type cv[*PE2-mpls-oam] mpls oam l2vc enable receive peer-ip 1.1.1.1 vc-id 3 vc-type vlan[*PE2-mpls-oam] mpls oam l2vc enable send peer-ip 1.1.1.1 vc-id 3 vc-type vlan[*PE2-mpls-oam] mpls oam l2vc enable receive peer-ip 3.3.3.3 vc-id 6 vc-type vlan[*PE2-mpls-oam] mpls oam l2vc enable send peer-ip 3.3.3.3 vc-id 6 vc-type vlan[*PE2-mpls-oam] quit[*PE2] commit# 配置PE3。
[~PE3] mpls[*PE3-mpls] mpls oam[*PE3-mpls] quit[*PE3] mpls-oam[*PE3-mpls-oam] mpls oam l2vc peer-ip 1.1.1.1 vc-id 4 vc-type vlan type cv[*PE3-mpls-oam] mpls oam l2vc peer-ip 2.2.2.2 vc-id 5 vc-type vlan type cv[*PE3-mpls-oam] mpls oam l2vc enable receive peer-ip 1.1.1.1 vc-id 4 vc-type vlan[*PE3-mpls-oam] mpls oam l2vc enable send peer-ip 1.1.1.1 vc-id 4 vc-type vlan[*PE3-mpls-oam] mpls oam l2vc enable receive peer-ip 2.2.2.2 vc-id 5 vc-type vlan[*PE3-mpls-oam] mpls oam l2vc enable send peer-ip 2.2.2.2 vc-id 5 vc-type vlan[*PE3-mpls-oam] quit[*PE3] commit查看PE1上MPLS OAM配置信息。
[~PE1] display mpls oam l2vc all-------------------------------------------------------------------------------- Total Oam Num: 2 Total Start Oam Num: 2 Total Defect Oam Num: 0 -------------------------------------------------------------------------------- No. Peer IP VC Type VC ID Status -------------------------------------------------------------------------------- 1 2.2.2.2 vlan 1 Start/Non-defect 2 3.3.3.3 vlan 2 Start/Non-defect
- 配置AC侧双归保护
- 检查配置结果
CE1 ping CE2的VLANIF接口地址
# 配置CE2。
[~CE2]interface Vlanif 10
[*CE2-Vlanif101/0/0] ip address 10.1.1.2 24
[*CE2-Vlanif101/0/0] quit
[*CE2] commit# 执行Ping操作。
[~CE1] ping 10.1.1.2PING 10.1.1.2: 56 data bytes, press CTRL_C to break Reply from 10.1.1.2: bytes=56 Sequence=1 ttl=255 time=40 ms Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=30 ms Reply from 10.1.1.2: bytes=56 Sequence=3 ttl=255 time=40 ms Reply from 10.1.1.2: bytes=56 Sequence=4 ttl=255 time=1 ms Reply from 10.1.1.2: bytes=56 Sequence=5 ttl=255 time=1 ms --- 10.1.1.2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 1/22/40 ms
配置文件
CE1的配置文件
# sysname CE1 # interface GigabitEthernet1/0/0 undo shutdown # interface GigabitEthernet1/0/0.1 vlan-type dot1q 10 ip address 10.1.1.1 255.255.255.0 # return
PE1的配置文件
# sysname PE1 # mpls lsr-id 1.1.1.1 mpls mpls te label advertise non-null mpls rsvp-te mpls oam mpls te cspf # mpls l2vpn # pw-aps 1 # explicit-path 1to2 next hop 10.1.2.2 next hop 2.2.2.2 # explicit-path 1to3 next hop 10.1.3.2 next hop 3.3.3.3 # mpls ldp # mpls ldp remote-peer 2.2.2.2 remote-ip 2.2.2.2 # mpls ldp remote-peer 3.3.3.3 remote-ip 3.3.3.3 # interface GigabitEthernet1/0/0 undo shutdown # interface GigabitEthernet1/0/0.1 vlan-type dot1q 10 mpls l2vc 2.2.2.2 1 tunnel-policy policy1 control-word mpls l2vc 3.3.3.3 2 tunnel-policy policy1 control-word secondary mpls l2vpn pw-aps 1 admin # interface GigabitEthernet1/0/1 undo shutdown ip address 10.1.2.1 255.255.255.0 mpls mpls te mpls te rsvp-te # interface GigabitEthernet1/0/2 undo shutdown ip address 10.1.3.1 255.255.255.0 mpls mpls te mpls te rsvp-te # interface LoopBack0 ip address 1.1.1.1 255.255.255.255 # interface Tunnel10 ip address unnumbered interface LoopBack0 tunnel-protocol mpls te destination 2.2.2.2 mpls te tunnel-id 100 mpls te reverse-lsp protocol rsvp-te ingress-lsr-id 2.2.2.2 tunnel-id 100 mpls te path explicit-path 1to2 mpls te reserved-for-binding # interface Tunnel11 ip address unnumbered interface LoopBack0 tunnel-protocol mpls te destination 3.3.3.3 mpls te tunnel-id 200 mpls te reverse-lsp protocol rsvp-te ingress-lsr-id 3.3.3.3 tunnel-id 200 mpls te path explicit-path 1to3 mpls te reserved-for-binding # ospf 1 area 0.0.0.0 network 10.1.2.0 0.0.0.255 network 1.1.1.1 0.0.0.0 network 10.1.3.0 0.0.0.255 # tunnel-policy policy1 tunnel binding destination 2.2.2.2 te Tunnel10 tunnel binding destination 3.3.3.3 te Tunnel11 # mpls-oam mpls oam l2vc peer-ip 2.2.2.2 vc-id 1 vc-type vlan type cv mpls oam l2vc peer-ip 3.3.3.3 vc-id 2 vc-type vlan type cv mpls oam l2vc enable receive peer-ip 2.2.2.2 vc-id 1 vc-type vlan mpls oam l2vc enable send peer-ip 2.2.2.2 vc-id 1 vc-type vlan mpls oam l2vc enable receive peer-ip 3.3.3.3 vc-id 2 vc-type vlan mpls oam l2vc enable send peer-ip 3.3.3.3 vc-id 2 vc-type vlan # return
PE2的配置文件
# sysname PE2 # lacp e-trunk system-id 00e0-fc00-0000 lacp e-trunk priority 100 # mpls lsr-id 2.2.2.2 mpls mpls te label advertise non-null mpls rsvp-te mpls oam mpls te cspf # mpls l2vpn # pw-aps 2 role slave remote-aps 3 # explicit-path 2to1 next hop 10.1.2.1 next hop 1.1.1.1 # explicit-path 2to3 next hop 10.1.4.2 next hop 3.3.3.3 # mpls ldp # mpls ldp remote-peer 1.1.1.1 remote-ip 1.1.1.1 # mpls ldp remote-peer 3.3.3.3 remote-ip 3.3.3.3 # e-trunk 10 priority 10 peer-address 3.3.3.3 source-address 2.2.2.2 # interface Eth-Trunk10 mode lacp-static e-trunk 10 # interface Eth-Trunk10.1 vlan-type dot1q 10 mpls l2vc 1.1.1.1 1 tunnel-policy policy1 control-word mpls l2vc 3.3.3.3 3 tunnel-policy policy1 control-word bypass mpls l2vpn pw-aps 2 admin # interface GigabitEthernet1/0/0 undo shutdown ip address 10.1.2.2 255.255.255.0 mpls mpls te mpls te rsvp-te # interface GigabitEthernet1/0/1 undo shutdown ip address 10.1.4.1 255.255.255.0 mpls mpls te mpls te rsvp-te # interface GigabitEthernet1/0/2 undo shutdown eth-trunk 10 # interface LoopBack0 ip address 2.2.2.2 255.255.255.255 # interface Tunnel10 ip address unnumbered interface LoopBack0 tunnel-protocol mpls te destination 1.1.1.1 mpls te tunnel-id 100 mpls te reverse-lsp protocol rsvp-te ingress-lsr-id 1.1.1.1 tunnel-id 100 mpls te path explicit-path 2to1 mpls te reserved-for-binding # interface Tunnel12 ip address unnumbered interface LoopBack0 tunnel-protocol mpls te destination 3.3.3.3 mpls te tunnel-id 300 mpls te reverse-lsp protocol rsvp-te ingress-lsr-id 3.3.3.3 tunnel-id 300 mpls te reserved-for-binding # ospf 1 area 0.0.0.0 network 2.2.2.2 0.0.0.0 network 10.1.4.0 0.0.0.255 network 10.1.2.0 0.0.0.255 # tunnel-policy policy1 tunnel binding destination 1.1.1.1 te Tunnel10 tunnel binding destination 3.3.3.3 te Tunnel12 # mpls-oam mpls oam l2vc peer-ip 1.1.1.1 vc-id 1 vc-type vlan type cv mpls oam l2vc peer-ip 3.3.3.3 vc-id 3 vc-type vlan type cv mpls oam l2vc enable receive peer-ip 1.1.1.1 vc-id 1 vc-type vlan mpls oam l2vc enable send peer-ip 1.1.1.1 vc-id 1 vc-type vlan mpls oam l2vc enable receive peer-ip 3.3.3.3 vc-id 3 vc-type vlan mpls oam l2vc enable send peer-ip 3.3.3.3 vc-id 3 vc-type vlan # return
PE3的配置文件
# sysname PE3 # lacp e-trunk system-id 00e0-fc00-0000 lacp e-trunk priority 100 # mpls lsr-id 3.3.3.3 mpls mpls te label advertise non-null mpls rsvp-te mpls oam mpls te cspf # mpls l2vpn # pw-aps 3 role master remote-aps 2 # explicit-path 3to1 next hop 10.1.3.1 next hop 1.1.1.1 # explicit-path 3to2 next hop 10.1.4.1 next hop 2.2.2.2 # mpls ldp # mpls ldp remote-peer 1.1.1.1 remote-ip 1.1.1.1 # mpls ldp remote-peer 2.2.2.2 remote-ip 2.2.2.2 # e-trunk 10 priority 20 peer-address 2.2.2.2 source-address 3.3.3.3 # interface Eth-Trunk10 mode lacp-static e-trunk 10 # interface Eth-Trunk10.1 vlan-type dot1q 10 mpls l2vc 1.1.1.1 2 tunnel-policy policy1 control-word mpls l2vc 2.2.2.2 3 tunnel-policy policy1 control-word bypass mpls l2vpn pw-aps 3 admin # interface GigabitEthernet1/0/0 undo shutdown ip address 10.1.3.2 255.255.255.0 mpls mpls te mpls te rsvp-te # interface GigabitEthernet1/0/1 undo shutdown ip address 10.1.4.2 255.255.255.0 mpls mpls te mpls te rsvp-te # interface GigabitEthernet1/0/2 undo shutdown eth-trunk 10 # interface LoopBack0 ip address 3.3.3.3 255.255.255.255 # interface Tunnel11 ip address unnumbered interface LoopBack0 tunnel-protocol mpls te destination 1.1.1.1 mpls te tunnel-id 200 mpls te reverse-lsp protocol rsvp-te ingress-lsr-id 1.1.1.1 tunnel-id 200 mpls te path explicit-path 3to1 mpls te reserved-for-binding # interface Tunnel12 ip address unnumbered interface LoopBack0 tunnel-protocol mpls te destination 2.2.2.2 mpls te tunnel-id 300 mpls te reverse-lsp protocol rsvp-te ingress-lsr-id 2.2.2.2 tunnel-id 300 mpls te path explicit-path 3to2 mpls te reserved-for-binding # ospf 1 area 0.0.0.0 network 3.3.3.3 0.0.0.0 network 10.1.3.0 0.0.0.255 network 10.1.4.0 0.0.0.255 # static-cr-lsp egress 1to2 incoming-interface GigabitEthernet1/0/1 in-label 20 # tunnel-policy policy1 tunnel binding destination 1.1.1.1 te Tunnel11 tunnel binding destination 2.2.2.2 te Tunnel12 # mpls-oam mpls oam l2vc peer-ip 1.1.1.1 vc-id 2 vc-type vlan type cv mpls oam l2vc peer-ip 2.2.2.2 vc-id 3 vc-type vlan type cv mpls oam l2vc enable receive peer-ip 2.2.2.2 vc-id 3 vc-type vlan mpls oam l2vc enable send peer-ip 2.2.2.2 vc-id 3 vc-type vlan mpls oam l2vc enable receive peer-ip 1.1.1.1 vc-id 2 vc-type vlan mpls oam l2vc enable send peer-ip 1.1.1.1 vc-id 2 vc-type vlan # return
CE2的配置文件
# sysname CE2 # interface Vlanif101/0/0 ip address 10.1.1.2 255.255.255.0 # interface Eth-Trunk10 portswitch port trunk allow-pass vlan 10 mode lacp-static trunkport gigabitethernet 1/0/0 to 1/0/1 # interface GigabitEthernet1/0/0 undo shutdown eth-trunk 10 # interface GigabitEthernet1/0/1 undo shutdown eth-trunk 10 # return
