配置CCC VC和LDP VC互保护示例（双归2PE场景）

NetEngine 8000 X V800R012C00SPC300 配置指南 - VPN 04

评分并提供意见反馈 :

华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言，希望能帮助您更容易理解此文档的内容。请注意：即使是最好的机器翻译，其准确度也不及专业翻译人员的水平。华为对于翻译的准确性不承担任何责任，并建议您参考英文文档（已提供链接）。

部署CCC VC和LDP VC，在PE设备上使用主从模式，指定主备，可以实现CCC VC和LDP VC互保护。

组网需求

如图9-18所示，CE1通过PE1访问CE2，当CE2和PE1侧AC主链路故障，CE1无法通过认证。解决方法是在PE2与PE1部署PW对CE2侧AC主链路形成保护关系。正常情况下，CE1通过PE1访问CE2进行认证，当CE2和PE1侧AC故障后，CE1切换到通过PE1和PE2间的PW访问CE2进行认证，保证通过CE1接入的用户业务正常。

图9-18 配置CCC VC和LDP VC互保护组网图

本例中interface1、interface2分别代表GE1/0/0、GE1/0/1。

配置思路

采用如下的思路配置CCC VC和LDP VC互保护功能：

骨干网上配置路由协议实现互通。
在PE上配置MPLS基本能力。
在PE1上创建从CE1到CE2的连接及其保护PW。

数据准备

为完成本例配置，需准备如下的数据:

对等体的IP地址和vlan信息。
对等体的MPLS的基本能力。
对等体的CCC VC和LDP VC的业务。

操作步骤

配置CE

# 配置CE1。

<HUAWEI> system-view

[~HUAWEI] sysname CE1

[*CE1] interface Eth-Trunk 10

[*CE1-Eth-Trunk10] mode lacp-static

[*CE1-Eth-Trunk10] quit

[*CE1] interface Eth-Trunk10.100

[*CE1-Eth-Trunk10.100] undo shutdown

[*CE1-Eth-Trunk10.100] vlan-type dot1q 100

[*CE1-Eth-Trunk10.100] ip address 10.1.1.1 255.255.255.0

[*CE1-Eth-Trunk10.100] quit

[*CE1] interface gigabitethernet1/0/1

[*CE1-Gigabitethernet1/0/1] undo shutdown

[*CE1-GigabitEthernet1/0/1] eth-trunk 10

[*CE1-GigabitEthernet1/0/1] quit

[*CE1] interface gigabitethernet1/0/0

[*CE1-GigabitEthernet1/0/0] undo shutdown

[*CE1-GigabitEthernet1/0/0] eth-trunk 10

[*CE1-GigabitEthernet1/0/0] quit

[*CE1] commit

# 配置CE2。

<HUAWEI> system-view

[~HUAWEI] sysname CE2

[*CE2] interface Eth-Trunk 20

[*CE2-Eth-Trunk20] mode lacp-static

[*CE2-Eth-Trunk20] quit

[*CE2] interface Eth-Trunk20.100

[*CE2-Eth-Trunk20.100] undo shutdown

[*CE2-Eth-Trunk20.100] vlan-type dot1q 100

[*CE2-Eth-Trunk20.100] ip address 10.1.1.2 255.255.255.0

[*CE2-Eth-Trunk20.100] quit

[*CE2] interface gigabitethernet1/0/1

[*CE2-GigabitEthernet1/0/1] undo shutdown

[*CE2-GigabitEthernet1/0/1] eth-trunk 20

[*CE2-GigabitEthernet1/0/1] quit

[*CE2] interface gigabitethernet1/0/0

[*CE2-GigabitEthernet1/0/0] undo shutdown

[*CE2-GigabitEthernet1/0/0] eth-trunk 20

[*CE2-GigabitEthernet1/0/0] quit

[*CE2] commit

配置骨干网设备各接口的IP地址

# 配置PE1。

<HUAWEI> system-view

[~HUAWEI] sysname PE1

[*PE1] interface loopback 1

[*PE1-LoopBack1] ip address 1.1.1.1 32

[*PE1-LoopBack1] quit

[*PE1] interface gigabitethernet 1/0/1

[*PE1-GigabitEthernet1/0/1] ip address 192.168.1.1 24

[*PE1-GigabitEthernet1/0/1] undo shutdown

[*PE1-GigabitEthernet1/0/1] quit

[*PE1] commit

# 配置PE2。

<HUAWEI> system-view

[~HUAWEI] sysname PE2

[*PE2] interface loopback 1

[*PE2-LoopBack1] ip address 2.2.2.2 32

[*PE2-LoopBack1] quit

[*PE2] interface gigabitethernet 1/0/1

[*PE2-GigabitEthernet1/0/1] ip address 192.168.1.2 24

[*PE2-GigabitEthernet1/0/1] undo shutdown

[*PE2-GigabitEthernet1/0/1] quit

[*PE2] commit

使能MPLS，建立LSP隧道。

# 配置PE1。

[~PE1] mpls lsr-id 1.1.1.1

[*PE1] mpls

[*PE1-mpls] quit

[*PE1] mpls ldp

[*PE1-mpls-ldp] quit

[*PE1] interface gigabitethernet 1/0/1

[*PE1-GigabitEthernet1/0/1] mpls

[*PE1-GigabitEthernet1/0/1] mpls ldp

[*PE1-GigabitEthernet1/0/1] quit

[*PE1] commit

# 配置PE2。

[~PE2] mpls lsr-id 2.2.2.2

[*PE2] mpls

[*PE2-mpls] quit

[*PE2] mpls ldp

[*PE2-mpls-ldp] quit

[*PE2] interface gigabitethernet 1/0/1

[*PE2-GigabitEthernet1/0/1] mpls

[*PE2-GigabitEthernet1/0/1] mpls ldp

[*PE2-GigabitEthernet1/0/1] quit

[*PE2] commit

配置IGP，本示例使用OSPF

# 配置PE1。

[~PE1] ospf 1

[*PE1-ospf-1] area 0.0.0.0

[*PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0

[*PE1-ospf-1-area-0.0.0.0] network 192.168.1.1 0.0.0.255

[*PE1-ospf-1-area-0.0.0.0] quit

[*PE1-ospf-1] quit

[*PE1] commit

# 配置PE2。

[~PE2] ospf 1

[*PE2-ospf-1] area 0.0.0.0

[*PE2-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0

[*PE2-ospf-1-area-0.0.0.0] network 192.168.1.2 0.0.0.255

[*PE2-ospf-1-area-0.0.0.0] quit

[*PE2-ospf-1] quit

[*PE2] commit

在PE上使能MPLS L2VPN

# 配置PE1。

[~PE1] mpls l2vpn

[*PE1-l2vpn] quit

[*PE1] commit

# 配置PE2。

[~PE2] mpls l2vpn

[*PE2-l2vpn] quit

[*PE2] commit

配置E-Trunk，协商PW主备关系

配置E-Trunk

# 配置PE1。

[~PE1] lacp e-trunk system-id 00e0-fc00-0000

[*PE1] lacp e-trunk priority 100

[*PE1] e-trunk 10

[*PE1-e-trunk-10] priority 10

[*PE1-e-trunk-10] peer-address 2.2.2.2 source-address 1.1.1.1

[*PE1-e-trunk-10] quit

[*PE1] interface eth-trunk 10

[*PE1-Eth-Trunk10] mode lacp-static

[*PE1-Eth-Trunk10] e-trunk 10

[*PE1-Eth-Trunk10] quit

[*PE1] e-trunk 20

[*PE1-e-trunk-20] priority 20

[*PE1-e-trunk-20] peer-address 2.2.2.2 source-address 1.1.1.1

[*PE1-e-trunk-20] quit

[*PE1] interface eth-trunk 20

[*PE1-Eth-Trunk20] mode lacp-static

[*PE1-Eth-Trunk20] e-trunk 20

[*PE1-Eth-Trunk20] quit

[*PE1] interface gigabitethernet 1/0/0

[*PE1-GigabitEthernet1/0/0] undo shutdown

[*PE1-GigabitEthernet1/0/0] eth-trunk 10

[*PE1-GigabitEthernet1/0/0] quit

[*PE1] interface gigabitethernet 1/0/2

[*PE1-GigabitEthernet1/0/2] undo shutdown

[*PE1-GigabitEthernet1/0/2] eth-trunk 20

[*PE1-GigabitEthernet1/0/2] quit

[*PE1] commit

# 配置PE2。

[~PE2] lacp e-trunk system-id 00e0-fc00-0000

[*PE2] lacp e-trunk priority 100

[*PE2] e-trunk 10

[*PE2-e-trunk-10] priority 10

[*PE2-e-trunk-10] peer-address 1.1.1.1 source-address 2.2.2.2

[*PE2-e-trunk-10] quit

[*PE2] interface eth-trunk 10

[*PE2-Eth-Trunk10] mode lacp-static

[*PE2-Eth-Trunk10] e-trunk 10

[*PE2-Eth-Trunk10] quit

[*PE2] e-trunk 20

[*PE2-e-trunk-20] priority 20

[*PE2-e-trunk-20] peer-address 1.1.1.1 source-address 2.2.2.2

[*PE2-e-trunk-20] quit

[*PE2] interface eth-trunk 20

[*PE2-Eth-Trunk20] mode lacp-static

[*PE2-Eth-Trunk20] e-trunk 20

[*PE2-Eth-Trunk20] quit

[*PE2] interface gigabitethernet 1/0/0

[*PE2-GigabitEthernet1/0/0] undo shutdown

[*PE2-GigabitEthernet1/0/0] eth-trunk 10

[*PE2-GigabitEthernet1/0/0] quit

[*PE2] interface gigabitethernet 1/0/2

[*PE2-GigabitEthernet1/0/2] undo shutdown

[*PE2-GigabitEthernet1/0/2] eth-trunk 20

[*PE2-GigabitEthernet1/0/2] quit

[*PE2] commit

配置BFD和E-Trunk绑定

# 配置PE1。

[~PE1] bfd

[*PE1-bfd] quit

[*PE1] bfd hello bind peer-ip 2.2.2.2 source-ip 1.1.1.1

[*PE1-bfd-session-hello] discriminator local 100

[*PE1-bfd-session-hello] discriminator remote 101

[*PE1-bfd-session-hello] quit

[*PE1] bfd hi bind peer-ip 2.2.2.2 source-ip 1.1.1.1

[*PE1-bfd-session-hi] discriminator local 200

[*PE1-bfd-session-hi] discriminator remote 201

[*PE1-bfd-session-hi] quit

[*PE1] e-trunk 10

[*PE1-e-trunk-10] e-trunk track bfd-session session-name hello

[*PE1-e-trunk-10] quit

[*PE1] e-trunk 20

[*PE1-e-trunk-20] e-trunk track bfd-session session-name hi

[*PE1-e-trunk-20] quit

[*PE1] commit

# 配置PE2。

[~PE2] bfd

[*PE1-bfd] quit

[*PE1] bfd hello bind peer-ip 1.1.1.1 source-ip 2.2.2.2

[*PE2-bfd-session-hello] discriminator local 101

[*PE2-bfd-session-hello] discriminator remote 100

[*PE2-bfd-session-hello] quit

[*PE2] bfd hi bind peer-ip 1.1.1.1 source-ip 2.2.2.2

[*PE2-bfd-session-hi] discriminator local 201

[*PE2-bfd-session-hi] discriminator remote 200

[*PE2-bfd-session-hi] quit

[*PE2] e-trunk 10

[*PE2-e-trunk-10] e-trunk track bfd-session session-name hello

[*PE2-e-trunk-10] quit

[*PE2] e-trunk 20

[*PE2-e-trunk-20] e-trunk track bfd-session session-name hi

[*PE2-e-trunk-20] quit

[*PE2] commit

在PE上创建CCC VC和LDP VC业务

# 配置PE1。

[~PE1] interface Eth-Trunk10.100

[*PE1-Eth-Trunk10.100] vlan-type dot1q 100

[*PE1-Eth-Trunk10.100] quit

[*PE1] interface Eth-Trunk20.100

[*PE1-Eth-Trunk20.100] vlan-type dot1q 100

[*PE1-Eth-Trunk20.100] mpls ccc out-interface Eth-Trunk10.100

[*PE1-Eth-Trunk20.100] mpls l2vc 2.2.2.2 200 secondary

[*PE1-Eth-Trunk20.100] mpls l2vpn redundancy independent

[*PE1-Eth-Trunk20.100] quit

[*PE1] interface Eth-Trunk10.100

[*PE1-Eth-Trunk10.100] mpls ccc out-interface Eth-Trunk20.100

[*PE1-Eth-Trunk10.100] mpls l2vc 2.2.2.2 100 secondary

[*PE1-Eth-Trunk10.100] mpls l2vpn redundancy independent

[*PE1-Eth-Trunk10.100] quit

[*PE1] commit

# 配置PE2。

[~PE2] interface Eth-Trunk10.100

[*PE2-Eth-Trunk10.100] vlan-type dot1q 100

[*PE2-Eth-Trunk10.100] quit

[*PE2] interface Eth-Trunk20.100

[*PE2-Eth-Trunk20.100] vlan-type dot1q 100

[*PE2-Eth-Trunk20.100] mpls ccc out-interface Eth-Trunk10.100

[*PE2-Eth-Trunk20.100] mpls l2vc 1.1.1.1 100 secondary

[*PE2-Eth-Trunk20.100] mpls l2vpn redundancy independent

[*PE2-Eth-Trunk20.100] quit

[*PE2] interface Eth-Trunk10.100

[*PE2-Eth-Trunk10.100] mpls ccc out-interface Eth-Trunk20.100

[*PE2-Eth-Trunk10.100] mpls l2vc 1.1.1.1 200 secondary

[*PE2-Eth-Trunk10.100] mpls l2vpn redundancy independent

[*PE2-Eth-Trunk10.100] quit

[*PE2] commit

验证配置结果。

配置完成后，在PE1上查看VPWS状态信息，可以看到建立了CCC VC和LDP VC，状态为UP。CCC VC的角色为主，LDP VC的角色为secondary。

[PE1]display mpls l2vpn vpws

Pri : Primary            Sec : Secondary            Byp : Bypass
PWb : PW-bypass          ACb : AC-bypass

Access Circuit                     Virtual Circuit               States Active   Role
Eth-Trunk10.100                    Eth-Trunk20.100               Up     Active   Pri
                                   2.2.2.2:2                     Up     Inactive Sec
Eth-Trunk20.100                    Eth-Trunk10.100               Up     Active   Pri
                                   1.1.1.1                       Up     Inactive Sec

配置文件

CE1的配置文件

#
sysname CE1
#interface Eth-Trunk10                                                           
  mode lacp-static                                                               
#                                                                               
interface Eth-Trunk10.100                                                       
 vlan-type dot1q 100                                                            
 ip address 10.1.1.1 255.255.255.0                                             
#                                                                               
interface GigabitEthernet1/0/0                                                         
 undo shutdown                                                                  
 eth-trunk 10  
#                                                                 
interface GigabitEthernet1/0/1                                                        
 undo shutdown                                                                  
 eth-trunk 10                                                                              
#                                                                 
#return

CE2的配置文件

#
sysname CE2
#
interface Eth-Trunk20                                                           
 mode lacp-static                                                               
#                                                                               
interface Eth-Trunk20.100                                                       
 vlan-type dot1q 100                                                            
 ip address 10.1.1.2 255.255.255.0                                             
#                                                                               
interface GigabitEthernet1/0/0                                                         
 undo shutdown                                                                  
 eth-trunk 20  
#                                                                 
interface GigabitEthernet1/0/1                                                        
 undo shutdown                                                                  
 eth-trunk 20
#
return

PE1的配置文件

#
sysname PE1
#
 lacp e-trunk system-id 00e0-fc00-0000
 lacp e-trunk priority 100
#
 e-trunk 10
#
 e-trunk 20
#
bfd
#
mpls lsr-id 1.1.1.1
#
mpls
#
mpls ldp
#
mpls l2vpn
#
interface Eth-Trunk10                                                           
  mode lacp-static   
  e-trunk 10                                                            
# 
interface Eth-Trunk10.100
 vlan-type dot1q 100                                                            
 mpls ccc out-interface Eth-Trunk20.100
 mpls l2vc 2.2.2.2 100 secondary                                                
 mpls l2vpn redundancy independent                                                   
#
interface Eth-Trunk20                                                           
  mode lacp-static     
  e-trunk 20                                                            
#                                                                                
interface Eth-Trunk20.100
 vlan-type dot1q 100                                                            
 mpls ccc out-interface Eth-Trunk10.100
 mpls l2vc 2.2.2.2 200 secondary                                                
 mpls l2vpn redundancy independent                                                   
#                                                                            
interface GigabitEthernet1/0/2
 undo shutdown
 eth-trunk 20                                                            
#
interface GigabitEthernet1/0/0
 undo shutdown
 eth-trunk 10
#
interface GigabitEthernet1/0/1
 undo shutdown
 ip address 192.168.1.1 255.255.255.0
 mpls
 mpls ldp
#
interface LoopBack1
 ip address 1.1.1.1 255.255.255.255
#
ospf 1                                                                                                            
 area 0.0.0.0                                                                   
  network 1.1.1.1 0.0.0.0                                                       
  network 192.168.1.1 0.0.0.255
#
bfd hello bind peer-ip 2.2.2.2 source-ip 1.1.1.1
 discriminator local 100
 discriminator remote 101
#
e-trunk 10
 priority 10
 peer-address 2.2.2.2 source-address 1.1.1.1
 e-trunk track bfd-session session-name hello
#
e-trunk 20
 priority 20
 peer-address 2.2.2.2 source-address 1.1.1.1
 e-trunk track bfd-session session-name hello
#
return

PE2的配置文件

#
sysname PE2
#
 lacp e-trunk system-id 00e0-fc00-0000
 lacp e-trunk priority 100
#
 e-trunk 10
#
 e-trunk 20
#
bfd
#
mpls lsr-id 2.2.2.2
#
mpls
#
mpls ldp
#
mpls l2vpn
#
interface Eth-Trunk10                                                           
  mode lacp-static  
  e-trunk 10                                                             
#
interface Eth-Trunk10.100
 vlan-type dot1q 100                                                            
 mpls ccc out-interface Eth-Trunk20.100
 mpls l2vc 1.1.1.1 200 secondary                                                
 mpls l2vpn redundancy independent                                                   
#
interface Eth-Trunk20                                                           
  mode lacp-static 
  e-trunk 20                                                              
#                                                                                
interface Eth-Trunk20.100
 vlan-type dot1q 100                                                            
 mpls ccc out-interface Eth-Trunk10.100
 mpls l2vc 1.1.1.1 100 secondary                                                
 mpls l2vpn redundancy independent                                                   
#
interface GigabitEthernet1/0/0
 undo shutdown
 eth-trunk 10  
#
interface GigabitEthernet1/0/2
 undo shutdown
 eth-trunk 20                                                            
#
interface GigabitEthernet1/0/1
 undo shutdown
 ip address 192.168.1.2 255.255.255.0
 mpls
 mpls ldp
#
interface LoopBack1
 ip address 2.2.2.2 255.255.255.255
#
ospf 1                                                                                                            
 area 0.0.0.0                                                                   
  network 2.2.2.2 0.0.0.0                                                       
  network 192.168.1.2 0.0.0.255
#
bfd hello bind peer-ip 1.1.1.1 source-ip 2.2.2.2
 discriminator local 101
 discriminator remote 100
#
e-trunk 10
 priority 10
 peer-address 1.1.1.1 source-address 2.2.2.2
 e-trunk track bfd-session session-name hello
#
e-trunk 20
 priority 20
 peer-address 1.1.1.1 source-address 2.2.2.2
 e-trunk track bfd-session session-name hello
#
return

翻译

English

下载文档

更新时间：2020-06-20

文档编号：EDOC1100143312

浏览量：60458

下载量：128

平均得分:

本文档适用于这些产品

组网需求

配置思路

数据准备

操作步骤

配置文件

相关版本

相关文档