评分并提供意见反馈 :
华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言,希望能帮助您更容易理解此文档的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 华为对于翻译的准确性不承担任何责任,并建议您参考英文文档(已提供链接)。
配置CE使用公网GRE隧道接入VPN示例
以典型组网为背景,介绍如何配置CE使用公网GRE隧道接入VPN。PE上没有与CE直连的接口,无法将VPN实例与物理接口进行绑定。通过在CE与PE之间建立一条GRE隧道穿越公网,在PE上将VPN与GRE隧道绑定,实现CE通过GRE隧道接入到VPN中。
组网需求
如图3-5所示:
路由器PE1和PE2位于MPLS骨干网。
CE1和PE1之间为公共网络,通过设备Device1互连。
CE2与PE2直连。
CE1与CE2属于同一个VPN,要求它们之间能互通。
图3-5 配置CE使用公网GRE隧道接入VPN组网图
![]()
设备名称 |
接口 |
IP地址 |
CE1 |
GE1/0/0 |
10.21.1.2/24 |
CE1 |
GE2/0/0 |
10.3.1.1/24 |
CE1 |
Tunnel2 |
2.2.2.1/24 |
CE1 |
Loopback1 |
5.5.5.9/32 |
Device1 |
GE1/0/0 |
10.3.1.2/24 |
Device1 |
GE2/0/0 |
10.5.1.1/24 |
PE1 |
Loopback1 |
1.1.1.9/32 |
PE1 |
GE1/0/0 |
10.5.1.2/24 |
PE1 |
GE2/0/0 |
10.11.1.1/24 |
PE1 |
Tunnel1 |
2.2.2.2/24 |
PE2 |
Loopback1 |
3.3.3.9/32 |
PE2 |
GE1/0/0 |
10.11.1.2/24 |
PE2 |
GE2/0/0 |
10.1.1.2/24 |
CE2 |
GE1/0/0 |
10.1.1.1/24 |
CE2 |
GE2/0/0 |
10.41.1.2/24 |
配置注意事项
本示例以分布式GRE为例。
分布式GRE与集中式GRE的配置差异在于:分布式GRE使用一维Tunnel接口,集中式GRE使用三维Tunnel接口。
对于集中式GRE,必须先配置target-board slot-number [ backup slave-slot-number ]命令,才能执行binding tunnel gre命令在接口上绑定GRE协议。这样当源地址为此接口的隧道收到报文时,才能送到相应的隧道业务板进行处理。
对于使用三维Tunnel接口的GRE(集中式GRE)情况下,创建Tunnel接口时,Tunnel接口的槽位号必须与作为源端接口所绑定的隧道业务板的槽位号保持一致。若配置成不一致,将导致GRE隧道无法成功建立。
配置思路
PE1上没有与CE1直连的接口,无法将VPN实例与物理接口进行绑定。因此,在CE1与PE1之间建立一条GRE隧道,在PE1上将VPN1与GRE隧道绑定,实现CE1通过GRE隧道接入到VPN中。
配置CE使用公网GRE隧道接入VPN的思路如下:
在骨干网设备PE1和PE2上运行OSPF10路由协议实现互通,并且使能MPLS。
在公网设备CE1、Device1和PE1上运行OSPF20路由协议实现互通。
在CE1和PE1之间建立GRE隧道。
在PE1和PE2上建立VPN实例,并在PE1上将VPN实例与GRE隧道接口进行绑定,在PE2上将VPN实例与连接CE2的物理接口绑定。
在CE1和CE2上配置到达各自连接PE的路由,这里使用IS-IS。
在PE之间配置MP-BGP,完成CE1和CE2之间的互通。
操作步骤
- 配置各接口IP地址
# 配置CE1。
<HUAWEI> system-view [~HUAWEI] sysname CE1 [*HUAWEI] commit [~CE1] vlan batch 10 20 [*CE1] interface gigabitethernet 1/0/0 [*CE1-GigabitEthernet1/0/0] undo shudown [*CE1-GigabitEthernet1/0/0] portswitch [*CE1-GigabitEthernet1/0/0] port link-type hybrid [*CE1-GigabitEthernet1/0/0] port default vlan 10 [*CE1-GigabitEthernet1/0/0] quit [*CE1] interface gigabitethernet 2/0/0 [*CE1-GigabitEthernet2/0/0] undo shudown [*CE1-GigabitEthernet2/0/0] portswitch [*CE1-GigabitEthernet2/0/0] port link-type hybrid [*CE1-GigabitEthernet2/0/0] port default vlan 20 [*CE1-GigabitEthernet2/0/0] quit [*CE1] interface vlanif 10 [*CE1-Vlanif10] ip address 10.21.1.2 24 [*CE1-Vlanif10] quit [*CE1] interface vlanif 20 [*CE1-Vlanif20] ip address 10.3.1.1 24 [*CE1-Vlanif20] quit [*CE1] interface loopback1 [*CE1-LoopBack1] ip address 5.5.5.9 32 [*CE1-LoopBack1] quit [*CE1] commit
# 配置Device1。
<HUAWEI> system-view [~HUAWEI] sysname Device1 [*HUAWEI] commit [~Device1] vlan batch 10 20 [*Device1] interface gigabitethernet 1/0/0 [*Device1-GigabitEthernet1/0/0] undo shudown [*Device1-GigabitEthernet1/0/0] portswitch [*Device1-GigabitEthernet1/0/0] port link-type hybrid [*Device1-GigabitEthernet1/0/0] port default vlan 20 [*Device1-GigabitEthernet1/0/0] quit [*Device1] interface gigabitethernet 2/0/0 [*Device1-GigabitEthernet2/0/0] undo shudown [*Device1-GigabitEthernet2/0/0] portswitch [*Device1-GigabitEthernet2/0/0] port link-type hybrid [*Device1-GigabitEthernet2/0/0] port default vlan 10 [*Device1-GigabitEthernet2/0/0] quit [*Device1] interface vlanif 10 [*Device1-Vlanif10] ip address 10.5.1.1 24 [*Device1-Vlanif10] quit [*Device1] interface vlanif 20 [*Device1-Vlanif20] ip address 10.3.1.2 24 [*Device1-Vlanif20] quit [*Device1] commit
# 配置PE1。
<HUAWEI> system-view [~HUAWEI] sysname PE1 [*HUAWEI] commit [~PE1] vlan batch 10 20 [*PE1] interface gigabitethernet 1/0/0 [*PE1-GigabitEthernet1/0/0] undo shudown [*PE1-GigabitEthernet1/0/0] portswitch [*PE1-GigabitEthernet1/0/0] port link-type hybrid [*PE1-GigabitEthernet1/0/0] port default vlan 10 [*PE1-GigabitEthernet1/0/0] quit [*PE1] interface gigabitethernet 2/0/0 [*PE1-GigabitEthernet2/0/0] undo shudown [*PE1-GigabitEthernet2/0/0] portswitch [*PE1-GigabitEthernet2/0/0] port link-type hybrid [*PE1-GigabitEthernet2/0/0] port default vlan 20 [*PE1-GigabitEthernet2/0/0] quit [*PE1] interface vlanif 10 [*PE1-Vlanif10] ip address 10.5.1.2 24 [*PE1-Vlanif10] quit [*PE1] interface vlanif 20 [*PE1-Vlanif20] ip address 10.11.1.1 24 [*PE1-Vlanif20] quit [*PE1] interface loopback 1 [*PE1-LoopBack1] ip address 1.1.1.9 32 [*PE1-LoopBack1] quit [*PE1] commit
# 配置PE2,需要绑定VPN实例的接口,先不要配置IP地址,绑定时会将接口下所有配置删除。
<HUAWEI> system-view [~HUAWEI] sysname PE2 [*HUAWEI] commit [~PE2] vlan batch 10 20 [*PE2] interface gigabitethernet 1/0/0 [*PE2-GigabitEthernet1/0/0] undo shudown [*PE2-GigabitEthernet1/0/0] portswitch [*PE2-GigabitEthernet1/0/0] port link-type hybrid [*PE2-GigabitEthernet1/0/0] port default vlan 20 [*PE2-GigabitEthernet1/0/0] quit [*PE2] interface gigabitethernet 2/0/0 [*PE2-GigabitEthernet2/0/0] undo shudown [*PE2-GigabitEthernet2/0/0] portswitch [*PE2-GigabitEthernet2/0/0] port link-type hybrid [*PE2-GigabitEthernet2/0/0] port default vlan 10 [*PE2-GigabitEthernet2/0/0] quit [*PE2] interface vlanif 20 [*PE2-Vlanif10] ip address 10.11.1.2 24 [*PE2-Vlanif10] quit [*PE2] interface loopback 1 [*PE2-LoopBack1] ip address 3.3.3.9 32 [*PE2-LoopBack1] quit [*PE2] commit
# 配置CE2。
<HUAWEI> system-view [~HUAWEI] sysname CE2 [*HUAWEI] commit [~CE2] vlan batch 10 20 [*CE2] interface gigabitethernet 1/0/0 [*CE2-GigabitEthernet1/0/0] undo shudown [*CE2-GigabitEthernet1/0/0] portswitch [*CE2-GigabitEthernet1/0/0] port link-type hybrid [*CE2-GigabitEthernet1/0/0] port default vlan 10 [*CE2-GigabitEthernet1/0/0] quit [*CE2] interface gigabitethernet 2/0/0 [*CE2-GigabitEthernet2/0/0] undo shudown [*CE2-GigabitEthernet2/0/0] portswitch [*CE2-GigabitEthernet2/0/0] port link-type hybrid [*CE2-GigabitEthernet2/0/0] port default vlan 20 [*CE2-GigabitEthernet2/0/0] quit [*CE2] interface vlanif 10 [*CE2-Vlanif10] ip address 10.1.1.1 24 [*CE2-Vlanif10] quit [*CE2] interface vlanif 20 [*CE2-Vlanif20] ip address 10.41.1.2 24 [*CE2-Vlanif20] quit [*CE2] commit
- 配置骨干网PE的路由协议实现互通,并且使能MPLS
# 配置PE1,使能MPLS LDP,并使用进程为10的OSPF路由,使PE间路由可达,自动建立LSP。
[~PE1] mpls lsr-id 1.1.1.9 [*PE1] mpls [*PE1-mpls] lsp-trigger all [*PE1-mpls] quit [*PE1] mpls ldp [*PE1-mpls-ldp] quit [*PE1] ospf 10 [*PE1-ospf-10] area 0 [*PE1-ospf-10-area-0.0.0.0] network 1.1.1.9 0.0.0.0 [*PE1-ospf-10-area-0.0.0.0] network 10.11.1.0 0.0.0.255 [*PE1-ospf-10-area-0.0.0.0] quit [*PE1-ospf-10] quit [*PE1] interface vlanif 20 [*PE1-Vlanif20] mpls [*PE1-Vlanif20] mpls ldp [*PE1-Vlanif20] quit [*PE1] commit
# 配置PE2,使能MPLS LDP,并使用进程为10的OSPF路由,使PE间路由可达,自动建立LSP。
[~PE2] mpls lsr-id 3.3.3.9 [*PE2] mpls [*PE2-mpls] lsp-trigger all [*PE2-mpls] quit [*PE2] mpls ldp [*PE2-mpls-ldp] quit [*PE2] ospf 10 [*PE2-ospf-10] area 0 [*PE2-ospf-10-area-0.0.0.0] network 3.3.3.9 0.0.0.0 [*PE2-ospf-10-area-0.0.0.0] network 10.11.1.0 0.0.0.255 [*PE2-ospf-10-area-0.0.0.0] quit [*PE2-ospf-10] quit [*PE2] interface vlanif 10 [*PE2-Vlanif10] mpls [*PE2-Vlanif10] mpls ldp [*PE2-Vlanif10] quit [*PE2] commit
- 配置公网CE1、Device1和PE1之间的路由协议
# 配置CE1。
[~CE1] ospf 20 [*CE1-ospf-20] area 0 [*CE1-ospf-20-area-0.0.0.0] network 10.3.1.0 0.0.0.255 [*CE1-ospf-20-area-0.0.0.0] network 5.5.5.9 0.0.0.0 [*CE1-ospf-20-area-0.0.0.0] quit [*CE1-ospf-20] quit [*CE1] commit
# 配置Device1。
[~Device1] ospf 20 [*Device1-ospf-20] area 0 [*Device1-ospf-20-area-0.0.0.0] network 10.3.1.0 0.0.0.255 [*Device1-ospf-20-area-0.0.0.0] network 10.5.1.0 0.0.0.255 [*Device1-ospf-20-area-0.0.0.0] quit [*Device1-ospf-20] quit [*Device1] commit
# 配置PE1。
[~PE1] ospf 20 [*PE1-ospf-20] area 0 [*PE1-ospf-20-area-0.0.0.0] network 10.5.1.0 0.0.0.255 [*PE1-ospf-20-area-0.0.0.0] network 1.1.1.9 0.0.0.0 [*PE1-ospf-20-area-0.0.0.0] quit [*PE1-ospf-20] quit [*PE1] commit
- 配置CE1和PE1之间的GRE隧道
# 在CE1上配置。
[~CE1] interface loopback1[*CE1-LoopBack1] binding tunnel gre[*CE1-LoopBack1] commit[~CE1-LoopBack1] quit[~CE1] interface tunnel2[*CE1-Tunnel2] ip address 2.2.2.1 255.255.255.0[*CE1-Tunnel2] tunnel-protocol gre[*CE1-Tunnel2] source 5.5.5.9[*CE1-Tunnel2] destination 1.1.1.9[*CE1-Tunnel2] quit[*CE1] commit# 在PE1上配置。
[~PE1] interface loopback1[*PE1-LoopBack1] binding tunnel gre[*PE1-LoopBack1] commit[~PE1-LoopBack1] quit[~PE1] interface tunnel1[*PE1-Tunnel1] tunnel-protocol gre[*PE1-Tunnel1] source 1.1.1.9[*PE1-Tunnel1] destination 5.5.5.9[*PE1-Tunnel1] quit[*PE1] commit# 上述配置完成后,CE1与PE1之间的GRE隧道已建立。
- 在PE1创建VPN实例vpn1并与GRE隧道绑定
[~PE1]ip vpn-instance vpn1[*PE1-vpn-instance-vpn1] route-distinguisher 100:1[*PE1-vpn-instance-vpn1] vpn-target 111:1 export-extcommunity[*PE1-vpn-instance-vpn1] vpn-target 111:1 import-extcommunity[*PE1-vpn-instance-vpn1] quit[*PE1] interface tunnel1[*PE1-Tunnel1] ip binding vpn-instance vpn1[*PE1-Tunnel1] ip address 2.2.2.2 255.255.255.0[*PE1-Tunnel1] quit[*PE1] commit - 在PE2创建VPN实例vpn1并与VLANIF接口绑定
[~PE2]ip vpn-instance vpn1[*PE2-vpn-instance-vpn1] route-distinguisher 200:1[*PE2-vpn-instance-vpn1] vpn-target 111:1 export-extcommunity[*PE2-vpn-instance-vpn1] vpn-target 111:1 import-extcommunity[*PE2-vpn-instance-vpn1] quit[*PE2] interface vlanif 10[*PE2-Vlanif10] ip binding vpn-instance vpn1[*PE2-Vlanif10] ip address 10.1.1.2 255.255.255.0[*PE2-Vlanif10] undo shutdown[*PE2-Vlanif10] quit[*PE2] commit - 配置CE1与PE1之间的IS-IS路由
# 配置CE1。
[~CE1] isis 50[*CE1-isis-50] network-entity 50.0000.0000.0001.00[*CE1-isis-50] quit[*CE1] interface vlanif 10[*CE1-Vlanif10] isis enable 50[*CE1-Vlanif10] quit[*CE1] interface tunnel2[*CE1-Tunnel2] isis enable 50[*CE1-Tunnel2] quit[*CE1] commit# 配置PE1。
[~PE1] isis 50 vpn-instance vpn1[*PE1-isis-50] network-entity 50.0000.0000.0002.00[*PE1-isis-50] quit[*PE1] interface tunnel1[*PE1-Tunnel1] isis enable 50[*PE1-Tunnel1] quit[*PE1] commit - 配置CE2与PE2之间的IS-IS路由
# 配置CE2。
[~CE2] isis 50[*CE2-isis-50] network-entity 50.0000.0000.0004.00[*CE2-isis-50] quit[*CE2] interface vlanif 10[*CE2-Vlanif10] isis enable 50[*CE2-Vlanif10] quit[*CE2] interface vlanif 20[*CE2-Vlanif20] isis enable 50[*CE2-Vlanif20] quit[*CE2] commit# 配置PE2。
[~PE2] isis 50 vpn-instance vpn1[*PE2-isis-50] network-entity 50.0000.0000.0003.00[*PE2-isis-50] quit[*PE2] interface vlanif 20[*PE2-Vlanif20] isis enable 50[*PE2-Vlanif20] quit[*PE2] commit - 在PE之间建立MP-IBGP对等体
# 配置PE1,指定PE2为IBGP对等体,使用loopback接口建立IBGP连接,启动对等体交换VPN-IPv4路由信息。
[~PE1] bgp 100[*PE1-bgp] peer 3.3.3.9 as-number 100[*PE1-bgp] peer 3.3.3.9 connect-interface loopback 1[*PE1-bgp] ipv4-family vpnv4[*PE1-bgp-af-vpnv4] peer 3.3.3.9 enable[*PE1-bgp-af-vpnv4] quit[*PE1-bgp] commit# 进入BGP的vpn1实例,引入直连路由和IS-IS路由。
[~PE1-bgp] ipv4-family vpn-instance vpn1[*PE1-bgp-vpn1] import-route isis 50[*PE1-bgp-vpn1] commit[*PE1-bgp-vpn1] quit[*PE1-bgp] quit# 配置PE2,指定PE1为IBGP对等体,使用loopback接口建立IBGP连接,启动对等体交换VPN-IPv4路由信息。
[~PE2] bgp 100[*PE2-bgp] peer 1.1.1.9 as-number 100[*PE2-bgp] peer 1.1.1.9 connect-interface loopback 1[*PE2-bgp] ipv4-family vpnv4[*PE2-bgp-af-vpnv4] peer 1.1.1.9 enable[*PE2-bgp-af-vpnv4] quit[*PE2-bgp] commit# 进入BGP的vpn1实例,引入直连路由和IS-IS路由。
[~PE2-bgp] ipv4-family vpn-instance vpn1[*PE2-bgp-vpn1] import-route isis 50[*PE2-bgp-vpn1] commit[*PE2-bgp-vpn1] quit[*PE2-bgp] quit - 在IS-IS中引入BGP路由
# 配置PE1。
[~PE1] isis 50[~PE1-isis-50] import-route bgp[*PE1-isis-50] commit# 配置PE2。
[~PE2] isis 50[~PE2-isis-50] import-route bgp[*PE2-isis-50] commit - 检查配置结果
# 以上配置完成后,CE1和CE2之间可以相互ping通。
<CE1> ping 10.41.1.2
PING 10.41.1.2: 56 data bytes, press CTRL_C to break
Reply from 10.41.1.2: bytes=56 Sequence=1 ttl=253 time=190 ms
Reply from 10.41.1.2: bytes=56 Sequence=2 ttl=253 time=110 ms
Reply from 10.41.1.2: bytes=56 Sequence=3 ttl=253 time=110 ms
Reply from 10.41.1.2: bytes=56 Sequence=4 ttl=253 time=110 ms
Reply from 10.41.1.2: bytes=56 Sequence=5 ttl=253 time=100 ms
--- 10.41.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 100/124/190 ms
<CE2> ping 10.21.1.2
PING 10.21.1.2: 56 data bytes, press CTRL_C to break
Reply from 10.21.1.2: bytes=56 Sequence=1 ttl=253 time=120 ms
Reply from 10.21.1.2: bytes=56 Sequence=2 ttl=253 time=110 ms
Reply from 10.21.1.2: bytes=56 Sequence=3 ttl=253 time=120 ms
Reply from 10.21.1.2: bytes=56 Sequence=4 ttl=253 time=90 ms
Reply from 10.21.1.2: bytes=56 Sequence=5 ttl=253 time=60 ms
--- 10.21.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 60/100/120 ms
配置文件
CE1的配置文件
# sysname CE1 # vlan batch 10 20 # isis 50 network-entity 50.0000.0000.0001.00 # interface Vlanif10 ip address 10.21.1.2 255.255.255.0 isis enable 50 # interface Vlanif20 ip address 10.3.1.1 255.255.255.0 # interface GigabitEthernet1/0/0 portswitch undo shutdown port default vlan 10 # interface GigabitEthernet2/0/0 portswitch undo shutdown port default vlan 20 # interface LoopBack1 ip address 5.5.5.9 255.255.255.255 binding tunnel gre # interface Tunnel2 ip address 2.2.2.1 255.255.255.0 tunnel-protocol gre source 5.5.5.9 destination 1.1.1.9 isis enable 50 # ospf 20 area 0.0.0.0 network 5.5.5.9 0.0.0.0 network 10.3.1.0 0.0.0.255 # return
Device1的配置文件
# sysname Device1 # vlan batch 10 20 # interface Vlanif10 ip address 10.5.1.1 255.255.255.0 # interface Vlanif20 ip address 10.3.1.2 255.255.255.0 # interface GigabitEthernet1/0/0 portswitch undo shutdown port default vlan 20 # interface GigabitEthernet2/0/0 portswitch undo shutdown port default vlan 10 # ospf 20 area 0.0.0.0 network 10.3.1.0 0.0.0.255 network 10.5.1.0 0.0.0.255 # return
PE1的配置文件
# sysname PE1 # vlan batch 10 20 # ip vpn-instance vpn1 ipv4-family route-distinguisher 100:1 apply-label per-instance vpn-target 111:1 export-extcommunity vpn-target 111:1 import-extcommunity # mpls lsr-id 1.1.1.9 # mpls lsp-trigger all # mpls ldp # isis 50 vpn-instance vpn1 network-entity 50.0000.0000.0002.00 import-route bgp # interface Vlanif10 ip address 10.5.1.2 255.255.255.0 # interface Vlanif20 ip address 10.11.1.1 255.255.255.0 mpls mpls ldp # interface GigabitEthernet1/0/0 portswitch undo shutdown port default vlan 10 # interface GigabitEthernet2/0/0 portswitch undo shutdown port default vlan 20 # interface LoopBack1 ip address 1.1.1.9 255.255.255.255 binding tunnel gre # interface Tunnel1 ip binding vpn-instance vpn1 ip address 2.2.2.2 255.255.255.0 tunnel-protocol gre source 1.1.1.9 destination 5.5.5.9 isis enable 50 # bgp 100 peer 3.3.3.9 as-number 100 peer 3.3.3.9 connect-interface LoopBack1 # ipv4-family unicast undo synchronization peer 3.3.3.9 enable # ipv4-family vpnv4 policy vpn-target peer 3.3.3.9 enable # ipv4-family vpn-instance vpn1 import-route isis 50 # ospf 10 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 10.11.1.0 0.0.0.255 # ospf 20 area 0.0.0.0 network 10.5.1.0 0.0.0.255 # return
PE2的配置文件
# sysname PE2 # vlan batch 10 20 # ip vpn-instance vpn1 ipv4-family route-distinguisher 200:1 apply-label per-instance vpn-target 111:1 export-extcommunity vpn-target 111:1 import-extcommunity # mpls lsr-id 3.3.3.9 # mpls lsp-trigger all # mpls ldp # isis 50 vpn-instance vpn1 network-entity 50.0000.0000.0003.00 import-route bgp # interface Vlanif10 ip binding vpn-instance vpn1 ip address 10.1.1.2 255.255.255.0 isis enable 50 # interface Vlanif20 ip address 10.11.1.2 255.255.255.0 mpls mpls ldp # interface GigabitEthernet1/0/0 portswitch undo shutdown port default vlan 20 # interface GigabitEthernet2/0/0 portswitch undo shutdown port default vlan 10 # interface LoopBack1 ip address 3.3.3.9 255.255.255.255 # bgp 100 peer 1.1.1.9 as-number 100 peer 1.1.1.9 connect-interface LoopBack1 # ipv4-family unicast undo synchronization peer 1.1.1.9 enable # ipv4-family vpnv4 policy vpn-target peer 1.1.1.9 enable # ipv4-family vpn-instance vpn1 import-route isis 50 # ospf 10 area 0.0.0.0 network 3.3.3.9 0.0.0.0 network 10.11.1.0 0.0.0.255 # return
CE2的配置文件
# sysname CE2 # vlan batch 10 20 # isis 50 network-entity 50.0000.0000.0004.00 # interface Vlanif10 ip address 10.1.1.1 255.255.255.0 isis enable 50 # interface Vlanif20 ip address 10.41.1.2 255.255.255.0 isis enable 50 # interface GigabitEthernet1/0/0 portswitch undo shutdown port default vlan 10 # interface GigabitEthernet2/0/0 portswitch undo shutdown port default vlan 20 # return
