评分并提供意见反馈 :
华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言,希望能帮助您更容易理解此文档的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 华为对于翻译的准确性不承担任何责任,并建议您参考英文文档(已提供链接)。
配置L2TPv3 PW隧道承载业务示例(二层子接口)
L2TPv3 PW隧道支持接入多种类型的业务,针对不同的业务,进行不同的处理。
组网需求
如图6-2所示,PE1和PE2、PE3之间分别建立L2TPv3隧道,PE1到PE2的业务接入方式为终结S-tag+C-tag方式接入,通过EVC二层子接口接入的报文进行转发。PE1到PE3的业务接入方式为整端口方式接入,通过EVC二层子接口接入的报文进行转发。CE设备接入VLAN业务。![]()
L2TPv3隧道支持以下业务接入方式:终结C-tag方式、整端口接入、终结S-tag方式、终结S-tag+C-tag方式,不同的接入方式除了业务封装配置不同,L2TPv3隧道配置一致。这里以终结S-tag+C-tag方式和整端口方式为例,描述配置示例。
设备 |
端口 |
IP地址 |
|---|---|---|
CE1 |
GE1/0/1 |
- |
CE2 |
GE1/0/1 |
- |
CE3 |
GE1/0/1 |
- |
PE1 |
GE1/0/1.4 |
- |
GE4/0/1.4 |
- |
|
Loopback2 |
2001:db08::1:1 |
|
Loopback3 |
2001:db08::1:2 |
|
GE3/0/1 |
2001:db08::2:2 |
|
GE2/0/1 |
2001:db08::2:1 |
|
PE2 |
Loopback4 |
2001:db08::4:1 |
GE2/0/1 |
2001:db08::3:1 |
|
GE1/0/1.4 |
- |
|
PE3 |
Loopback5 |
2001:db08::4:2 |
GE2/0/1 |
2001:db08::3:2 |
|
GE1/0/1.4 |
- |
配置思路
采用如下思路配置L2TPv3:
在PE设备上配置ISIS路由。
在CE设备上配置VLAN业务。
分别使能PE1、PE2、PE3的L2TPv3功能。
分别建立PE1到PE2、PE1到PE3的L2TPv3隧道,分别配置L2TPv3隧道的源和目的地址、密钥、绑定业务实例。
分别配置PE1、PE2、PE3上的业务接入L2TPv3隧道。
数据准备
为完成此配置例,需准备如下的数据:
- PE设备的ISIS进程ID。
- CE设备接入的VLAN业务ID。
L2TPv3 PW的源端口、源和目的地址,PE间直连口地址。
L2TPv3的密钥。
L2TPv3接入的业务类型。
L2TPv3 PW绑定业务实例ID。
操作步骤
- 配置PE设备启动ISIS路由。# 配置PE1
<HUAWEI> system-view[~HUAWEI] sysname PE1
[*HUAWEI] commit
[*PE1] isis 1[*PE1-isis-1] cost-style wide[*PE1-isis-1] network-entity 10.0000.0000.0002.00[*PE1-isis-1] ipv6 enable topology compatible[*PE1-isis-1] quit[*PE1] interface loopback2[*PE1-loopback2] ipv6 enable[*PE1-loopback2] isis ipv6 enable 1[*PE1-loopback2] ipv6 address 2001:DB08::1:1 128[*PE1-loopback2] quit[*PE1] interface gigabitethernet2/0/1
[*PE1-Gigabitethernet2/0/1] ipv6 enable
[*PE1-Gigabitethernet2/0/1] isis ipv6 enable 1
[*PE1-Gigabitethernet2/0/1] ipv6 address 2001:db08::2:1 64
[*PE1-Gigabitethernet2/0/1] quit
[*PE1] interface loopback3[*PE1-loopback3] ipv6 enable[*PE1-loopback3] isis ipv6 enable 1[*PE1-loopback3] ipv6 address 2001:DB08::1:2 128[*PE1-loopback3] quit[*PE1] interface gigabitethernet3/0/1
[*PE1-Gigabitethernet3/0/1] ipv6 enable
[*PE1-Gigabitethernet3/0/1] isis ipv6 enable 1
[*PE1-Gigabitethernet3/0/1] ipv6 address 2001:db08::2:2 64
[*PE1-Gigabitethernet3/0/1] commit
[*PE1-Gigabitethernet3/0/1] quit
# 配置PE2<HUAWEI> system-view[~HUAWEI] sysname PE2
[*HUAWEI] commit
[*PE2] isis 1[*PE2-isis-1] cost-style wide[*PE2-isis-1] network-entity 10.0000.0000.0003.00[*PE2-isis-1] ipv6 enable topology compatible[*PE2-isis-1] quit[*PE2] interface loopback4[*PE2-loopback4] ipv6 enable[*PE2-loopback4] isis ipv6 enable 1[*PE2-loopback4] ipv6 address 2001:DB08::4:1 128[*PE2-loopback4] quit[*PE2] interface gigabitethernet2/0/1
[*PE2-Gigabitethernet2/0/1] ipv6 enable
[*PE2-Gigabitethernet2/0/1] isis ipv6 enable 1
[*PE2-Gigabitethernet2/0/1] ipv6 address 2001:db08::3:1 64
[*PE2-Gigabitethernet2/0/1] commit
[*PE2-Gigabitethernet2/0/1] quit
# 配置PE3<HUAWEI> system-view[~HUAWEI] sysname PE3
[*HUAWEI] commit
[*PE3] isis 1[*PE3-isis-1] cost-style wide[*PE3-isis-1] network-entity 10.0000.0000.0004.00[*PE3-isis-1] ipv6 enable topology compatible[*PE3-isis-1] quit[*PE3] interface loopback5[*PE3-loopback5] ipv6 enable[*PE3-loopback5] isis ipv6 enable 1[*PE3-loopback5] ipv6 address 2001:DB08::4:2 128[*PE2-loopback5] quit[*PE3] interface gigabitethernet2/0/1
[*PE3-Gigabitethernet2/0/1] isis ipv6 enable 1
[*PE3-Gigabitethernet2/0/1] ipv6 enable
[*PE3-Gigabitethernet2/0/1] ipv6 address 2001:db08::3:2 64
[*PE3-Gigabitethernet2/0/1] commit
[*PE3-Gigabitethernet2/0/1] quit
- 在CE1上配置VLAN业务
<HUAWEI> system-view[~HUAWEI] sysname CE1
[*HUAWEI] commit
[~CE1] interface gigabitethernet 1/0/1
[~CE1-GigabitEthernet1/0/1] portswitch
[*CE1-GigabitEthernet1/0/1] undo shutdown
[*CE1-GigabitEthernet1/0/1] port link-type trunk
[*CE1-GigabitEthernet1/0/1] port trunk allow-pass vlan 2
[*CE1-GigabitEthernet1/0/1] quit
[*CE1] commit - 使能PE设备的L2TPv3功能
# 使能PE1的L2TPv3功能
[~PE1] l2tpv3 enable[*PE1] commit# 使能PE2的L2TPv3功能
[~PE2] l2tpv3 enable[*PE2] commit# 使能PE3的L2TPv3功能
[~PE3] l2tpv3 enable[*PE3] commit - 配置PE1和PE2以终结S-tag+C-tag方式接入L2TPv3隧道
配置PE1
[~PE1] interface gigabitethernet1/0/1.4 mode l2
[*PE1-Gigabitethernet1/0/1.4] encapsulation qinq vid 2 ce-vid 2
[*PE1-Gigabitethernet1/0/1.4] rewrite pop double
[*PE1-Gigabitethernet1/0/1.4] commit
如果配置PE1以整端口方式接入L2TPv3隧道,请执行以下步骤:
[*PE1] interface gigabitethernet1/0/1.4 mode l2
[*PE1-Gigabitethernet1/0/1.4] encapsulation default
[*PE1-Gigabitethernet1/0/1.4] commit
如果配置PE1以终结C-tag方式接入L2TPv3隧道,请执行以下步骤:
[*PE1] interface gigabitethernet1/0/1.4 mode l2
[*PE1-Gigabitethernet1/0/1.4] encapsulation dot1q vid 2
[*PE1-Gigabitethernet1/0/1.4] rewrite pop single
[*PE1-Gigabitethernet1/0/1.4] commit
如果配置PE1以终结S-tag方式接入L2TPv3隧道,请执行以下步骤:
[*PE1] interface gigabitethernet1/0/1
[*PE1-Gigabitethernet1/0/1] qinq protocol 88a8
[*PE1-Gigabitethernet1/0/1] interface gigabitethernet1/0/1.4 mode l2
[*PE1-Gigabitethernet1/0/1.4] encapsulation dot1q vid 2
[*PE1-Gigabitethernet1/0/1.4] rewrite pop single
[*PE1-Gigabitethernet1/0/1.4] commit
# 配置PE2
[*PE2] interface gigabitethernet1/0/1.4 mode l2
[*PE2-Gigabitethernet1/0/1.4] encapsulation qinq vid 2 ce-vid 2
[*PE2-Gigabitethernet1/0/1.4] rewrite pop double
[*PE2-Gigabitethernet1/0/1.4] commit
如果配置PE2以整端口方式接入L2TPv3隧道,请执行以下步骤:
[*PE2] interface gigabitethernet1/0/1.4 mode l2
[*PE2-Gigabitethernet1/0/1.4] encapsulation default
[*PE2-Gigabitethernet1/0/1.4] commit
如果配置PE2以终结C-tag方式接入L2TPv3隧道,请执行以下步骤:
[*PE2] interface gigabitethernet1/0/1.4 mode l2
[*PE2-Gigabitethernet1/0/1.4] encapsulation dot1q vid 2
[*PE2-Gigabitethernet1/0/1.4] rewrite pop single
[*PE2-Gigabitethernet1/0/1.4] commit
如果配置PE2以终结S-tag方式接入L2TPv3隧道,请执行以下步骤:
[*PE2] interface gigabitethernet1/0/1
[*PE2-Gigabitethernet1/0/1] qinq protocol 88a8
[*PE2-Gigabitethernet1/0/1] interface gigabitethernet1/0/1.4 mode l2
[*PE2-Gigabitethernet1/0/1.4] encapsulation dot1q vid 2
[*PE2-Gigabitethernet1/0/1.4] rewrite pop single
[*PE2-Gigabitethernet1/0/1.4] commit
- 配置PE1到PE2的L2TPv3隧道
[~PE1] l2tpv3 pw huawei[*PE1-l2tpv3-pw-huawei] source interface loopback 2 ipv6 2001:db08::1:1[*PE1-l2tpv3-pw-huawei] destination 2001:db08::4:1[*PE1-l2tpv3-pw-huawei] l2tpv3 local cookie key cipher Huawei-1[*PE1-l2tpv3-pw-huawei] l2tpv3 remote cookie key cipher Huawei-1[*PE1-l2tpv3-pw-huawei] quit[*PE1] interface gigabitethernet2/0/1
[*PE1-Gigabitethernet2/0/1] ipv6 enable
[*PE1-Gigabitethernet2/0/1] commit
[*PE1-Gigabitethernet2/0/1] quit
[*PE1] interface gigabitethernet1/0/1.4 mode l2
[*PE1-Gigabitethernet1/0/1.4] l2tpv3 instance a123
[*PE1-Gigabitethernet1/0/1.4-l2tpv3-instance-a123] l2tpv3 static binding pw huawei
[*PE1-Gigabitethernet1/0/1.4-l2tpv3-instance-a123] commit
[~PE1-Gigabitethernet1/0/1.4-l2tpv3-instance-a123] quit
[~PE1-Gigabitethernet1/0/1.4] quit
- 配置PE2侧的L2TPv3隧道
[~PE2] l2tpv3 pw huawei[*PE2-l2tpv3-pw-huawei] source interface loopback 4 ipv6 2001:db08::4:1[*PE2-l2tpv3-pw-huawei] destination 2001:db08::1:1[*PE2-l2tpv3-pw-huawei] l2tpv3 local cookie key cipher Huawei-1[*PE2-l2tpv3-pw-huawei] l2tpv3 remote cookie key cipher Huawei-1[*PE2-l2tpv3-pw-huawei] quit[*PE2] interface gigabitethernet2/0/1
[*PE2-Gigabitethernet2/0/1] ipv6 enable
[*PE2-Gigabitethernet2/0/1] commit
[*PE2-Gigabitethernet2/0/1] quit
[*PE2] interface gigabitethernet1/0/1.4 mode l2
[*PE2-Gigabitethernet1/0/1.4] l2tpv3 instance a234
[*PE2-Gigabitethernet1/0/1.4-l2tpv3-instance-a234] l2tpv3 static binding pw huawei
[*PE2-Gigabitethernet1/0/1.4-l2tpv3-instance-a234] commit
[~PE2-Gigabitethernet1/0/1.4-l2tpv3-instance-a234] quit
[~PE2-Gigabitethernet1/0/1.4] quit
- 配置CE2
[~CE2] interface gigabitethernet 1/0/1
[~CE2-GigabitEthernet1/0/1] portswitch
[*CE2-GigabitEthernet1/0/1] undo shutdown
[*CE2-GigabitEthernet1/0/1] port link-type trunk
[*CE2-GigabitEthernet1/0/1] port trunk allow-pass vlan 2
[*CE2-GigabitEthernet1/0/1] quit
[*CE2] commit - 配置PE1和PE3上的业务以整端口方式接入L2TPv3隧道
# 配置PE1
[*PE1] interface gigabitethernet4/0/1.4 mode l2
[*PE1-Gigabitethernet4/0/1.4] encapsulation default
[*PE1-Gigabitethernet4/0/1.4] commit
如果配置PE1以终结S-tag+C-tag方式接入L2TPv3隧道,请执行以下步骤:
[*PE1] interface gigabitethernet4/0/1.4 mode l2
[*PE1-Gigabitethernet4/0/1.4] encapsulation qinq vid 2 ce-vid 2
[*PE1-Gigabitethernet4/0/1.4] rewrite pop double
[*PE1-Gigabitethernet4/0/1.4] commit
如果配置PE1以终结C-tag方式接入L2TPv3隧道,请执行以下步骤:
[*PE1] interface gigabitethernet4/0/1.4 mode l2
[*PE1-Gigabitethernet4/0/1.4] encapsulation dot1q vid 2
[*PE1-Gigabitethernet4/0/1.4] rewrite pop single
[*PE1-Gigabitethernet4/0/1.4] commit
如果配置PE1以终结S-tag方式接入L2TPv3隧道,请执行以下步骤:
[*PE1] interface gigabitethernet4/0/1
[*PE1-Gigabitethernet4/0/1] qinq protocol 88a8
[*PE1-Gigabitethernet4/0/1] quit
[*PE1] interface gigabitethernet4/0/1.4 mode l2
[*PE1-Gigabitethernet4/0/1.4] encapsulation dot1q vid 2
[*PE1-Gigabitethernet4/0/1.4] rewrite pop single
[*PE1-Gigabitethernet4/0/1.4] commit
# 配置PE3
[*PE3] interface gigabitethernet1/0/1.4 mode l2
[*PE3-Gigabitethernet1/0/1.4] encapsulation default
[*PE3-Gigabitethernet1/0/1.4] commit
如果配置PE3以终结S-tag+C-tag接入L2TPv3隧道,请执行以下步骤:
[*PE3] interface gigabitethernet1/0/1.4 mode l2
[*PE3-Gigabitethernet1/0/1.4] encapsulation qinq vid 2 ce-vid 2
[*PE3-Gigabitethernet1/0/1.4] rewrite pop double
[*PE3-Gigabitethernet1/0/1.4] commit
如果配置PE3以终结C-tag方式接入L2TPv3隧道,请执行以下步骤:
[*PE3] interface gigabitethernet1/0/1.4 mode l2
[*PE3-Gigabitethernet1/0/1.4] encapsulation dot1q vid 2
[*PE3-Gigabitethernet1/0/1.4] rewrite pop single
[*PE3-Gigabitethernet1/0/1.4] commit
如果配置PE3以终结S-tag方式接入L2TPv3隧道,请执行以下步骤:
[*PE3] interface gigabitethernet1/0/1
[*PE3-Gigabitethernet1/0/1] qinq protocol 88a8
[*PE3-Gigabitethernet1/0/1] interface gigabitethernet1/0/1.4 mode l2
[*PE3-Gigabitethernet1/0/1.4] encapsulation dot1q vid 2
[*PE3-Gigabitethernet1/0/1.4] rewrite pop single
[*PE3-Gigabitethernet1/0/1.4] commit
- 配置PE1到PE3的L2TPv3隧道
[~PE1] l2tpv3 pw huawei1[*PE1-l2tpv3-pw-huawei1] source interface loopback 3 ipv6 2001:db08::1:2[*PE1-l2tpv3-pw-huawei1] destination 2001:db08::4:2[*PE1-l2tpv3-pw-huawei1] l2tpv3 local cookie key cipher Huawei-1[*PE1-l2tpv3-pw-huawei1] l2tpv3 remote cookie key cipher Huawei-1[*PE1-l2tpv3-pw-huawei1] quit[*PE1] interface gigabitethernet3/0/1
[*PE1-Gigabitethernet3/0/1] ipv6 enable
[*PE1-Gigabitethernet3/0/1] commit
[*PE1-Gigabitethernet3/0/1] quit
[*PE1] interface gigabitethernet4/0/1.4 mode l2
[*PE1-Gigabitethernet4/0/1.4] l2tpv3 instance a345
[*PE1-Gigabitethernet4/0/1.4-l2tpv3-instance-a345] l2tpv3 static binding pw huawei1
[*PE1-Gigabitethernet4/0/1.4-l2tpv3-instance-a345] commit
[~PE1-Gigabitethernet4/0/1.4-l2tpv3-instance-a345] quit
[~PE1-Gigabitethernet4/0/1.4] quit
- 配置PE3侧的L2TPv3隧道
[~PE3] l2tpv3 pw huawei1[*PE3-l2tpv3-pw-huawei1] source interface loopback 5 ipv6 2001:db08::4:2[*PE3-l2tpv3-pw-huawei1] destination 2001:db08::1:2[*PE3-l2tpv3-pw-huawei1] l2tpv3 local cookie key cipher Huawei-1[*PE3-l2tpv3-pw-huawei1] l2tpv3 remote cookie key cipher Huawei-1[*PE3-l2tpv3-pw-huawei1] quit[*PE3] interface gigabitethernet2/0/1
[*PE3-Gigabitethernet2/0/1] ipv6 enable
[*PE3-Gigabitethernet2/0/1] commit
[*PE3-Gigabitethernet2/0/1] quit
[*PE3] interface gigabitethernet1/0/1.4 mode l2
[*PE3-Gigabitethernet1/0/1.4] l2tpv3 instance a456
[*PE3-Gigabitethernet1/0/1.4-l2tpv3-instance-a456] l2tpv3 static binding pw huawei1
[*PE3-Gigabitethernet1/0/1.4-l2tpv3-instance-a456] commit
[~PE3-Gigabitethernet1/0/1.4-l2tpv3-instance-a456] quit
[~PE3-Gigabitethernet1/0/1.4] quit
- 配置CE3
[~CE3] interface gigabitethernet 1/0/1
[~CE3-GigabitEthernet1/0/1] portswitch
[*CE3-GigabitEthernet1/0/1] undo shutdown
[*CE3-GigabitEthernet1/0/1] port link-type trunk
[*CE3-GigabitEthernet1/0/1] port trunk allow-pass vlan 2
[*CE3-GigabitEthernet1/0/1] quit
[*CE3] commit - 检查配置结果
配置完成后,display l2tpv3 pw命令可以看到Tunnel状态为up:
[~PE1] display l2tpv3 pw huawei Tunnel Name : huawei Client interface : GigabitEthernet1/0/1.4 Tunnel State : up Source Interface : LoopBack2 Source Address : 2001:db8::1:1 Destination Address : 2001:db8::4:1 Local Session ID : 4294967295 Remote Session ID : 4294967295
[~PE1] display l2tpv3 pw huawei1 Tunnel Name : huawei1 Client interface : GigabitEthernet1/0/1.4 Tunnel State : up Source Interface : LoopBack3 Source Address : 2001:db8::1:2 Destination Address : 2001:db8::4:2 Local Session ID : 4294967295 Remote Session ID : 4294967295
配置文件
CE1的配置文件
# sysname CE1 # vlan 2 # interface GigabitEthernet1/0/1 portswitch undo shutdown port link-type trunk port trunk allow-pass vlan 2 # returnPE1的配置文件
# sysname PE1 # isis 1 cost-style wide network-entity 10.0000.0000.0002.00 # ipv6 enable topology compatible # interface LoopBack2 ipv6 enable ipv6 address 2001:DB08::1:1 128 isis ipv6 enable 1 # interface LoopBack3 ipv6 enable ipv6 address 2001:DB08::1:2 128 isis ipv6 enable 1 # interface GigabitEthernet2/0/1 ipv6 enable ipv6 address 2001:DB08::2:1 64 isis ipv6 enable 1 # interface GigabitEthernet3/0/1 ipv6 enable ipv6 address 2001:DB08::2:2 64 isis ipv6 enable 1 # l2tpv3 enable l2tpv3 pw huawei source interface LoopBack 2 ipv6 2001:db08::1:1 destination 2001:DB08::4:1 128 l2tpv3 local cookie key cipher %#%#1"*U8`%XqIko*T4Kj"}/8.j!Ge-"~KlLv=<!p(!-%#%# l2tpv3 remote cookie key cipher %#%#ZM`lUZ0(E$diG3OR%[U&Z_3!GBp>24#caX%uAn^D%#%# # l2tpv3 pw huawei1 source interface LoopBack 3 ipv6 2001:db08::1:2 destination 2001:DB08::4:2 128 l2tpv3 local cookie key cipher %#%#uOIwFI,!_<-$&.)+{Lq#zoI.OAoao+c$I3=huT>:%#%# l2tpv3 remote cookie key cipher %#%#>nJTCLh0U*#U%jF@i'0LqO}*JZYL]Mq=M($'&}KL%#%# # interface Gigabitethernet1/0/1.4 mode l2 encapsulation qinq vid 2 ce-vid 2 rewrite pop double l2tpv3 instance a123 l2tpv3 static binding pw huawei # interface Gigabitethernet4/0/1.4 mode l2 encapsulation default l2tpv3 instance a345 l2tpv3 static binding pw huawei1 #
PE2的配置文件
# sysname PE2 # isis 1 cost-style wide network-entity 10.0000.0000.0003.00 # ipv6 enable topology compatible # interface LoopBack4 ipv6 enable ipv6 address 2001:DB08::4:1 128 isis ipv6 enable 1 # interface GigabitEthernet2/0/1 ipv6 enable ipv6 address 2001:DB08::3:1 64 isis ipv6 enable 1 # l2tpv3 enable l2tpv3 pw huawei source interface LoopBack 4 ipv6 2001:db08::4:1 destination 2001:DB08::1:1 l2tpv3 local cookie key cipher %#%#M;2^%B|jX,Ss!DM\]dc:Y45_!URg>4M2/058ub+=%#%# l2tpv3 remote cookie key cipher %#%#8u.iEnZN^1Xj`ZS@S|@55%.3LN3=r)I_o{W~R8V"%#%# # interface GigabitEthernet1/0/1.4 mode l2 encapsulation qinq vid 2 ce-vid 2 rewrite pop double l2tpv3 instance a234 l2tpv3 static binding pw huawei #
CE2的配置文件
# sysname CE2 # interface GigabitEthernet1/0/1 portswitch undo shutdown port link-type trunk port trunk allow-pass vlan 2 # returnPE3的配置文件
# sysname PE3 # isis 1 cost-style wide network-entity 10.0000.0000.0004.00 # ipv6 enable topology compatible # interface LoopBack5 ipv6 enable ipv6 address 2001:DB08::4:2 128 isis ipv6 enable 1 # interface GigabitEthernet2/0/1 ipv6 enable ipv6 address 2001:DB08::3:2 64 isis ipv6 enable 1 # l2tpv3 enable l2tpv3 pw huawei1 source interface LoopBack 5 ipv6 2001:DB08::4:2 destination 2001:DB08::1:2 l2tpv3 local cookie key cipher %#%#8Hj5Wwpi80&\BuS<)1g1vscEDe\9gX-CVR$rGsYS%#%# l2tpv3 remote cookie key cipher %#%#6v3(+'}M%Cn]3'>g\>v$1,h`LfZ'AV,JoI.-%I,Q%#%# # interface Gigabitethernet1/0/1.4 mode l2 encapsulation qinq default l2tpv3 instance a456 l2tpv3 static binding pw huawei1 #
CE3的配置文件
# sysname CE3 # interface GigabitEthernet1/0/1 portswitch undo shutdown port link-type trunk port trunk allow-pass vlan 2 # return
