评分并提供意见反馈 :
华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言,希望能帮助您更容易理解此文档的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 华为对于翻译的准确性不承担任何责任,并建议您参考英文文档(已提供链接)。
配置OptionC方式跨域VPN示例(方案二)
PE和ASBR之间没有建立MP-IBGP关系时,也可以通过LDP为BGP分标签,实现跨域的VPN OptionC方案。
组网需求
如图7-44所示,CE1和CE2属于同一个VPN。CE1通过AS100的PE1接入,CE2通过AS200的PE2接入。
在PE和ASBR之间不用配置IBGP邻居关系,当ASBR从对端的ASBR学到对端AS域内的带标签BGP公网路由后,通过在ASBR上将BGP路由引入IGP协议之中,LDP就能够为这些路由分配标签,触发建立跨域的LDP LSP。这样就能实现OptionC方式跨域的BGP/MPLS IP VPN。
配置思路
本例配置主要思路是:
将域内PE的路由发布给对端PE:先在本端ASBR上通过BGP将域内PE的路由发布给对端ASBR,在远端ASBR上将BGP路由引入到IGP,则远端PE就依靠IGP学到了本端域内PE的路由。
在ASBR上配置路由策略:对从本AS的PE接收的Loopback路由,在向对端ASBR发布时,分配MPLS标签。
ASBR与对端ASBR之间能够交换带标签的IPv4路由。
在ASBR上配置为带标签的公网BGP路由建立LDP LSP。
在不同AS间的PE间建立MP-EBGP对等体关系;不同AS间的PE通常不是直连的,为了在它们之间建立EBGP连接,需要配置PE之间允许的最大跳数。
操作步骤
- 在AS100和AS200的MPLS骨干网上分别配置IGP协议,实现各自骨干网内部PE和ASBR的互通
本例中IGP协议采用OSPF,具体配置步骤略。
需要将作为LSR ID的LoopBack接口的32位地址通过OSPF发布出去。
配置完成后,同一AS的ASBR与PE之间应能建立OSPF邻居关系,执行display ospf peer命令可以看到邻居状态为Full。
以PE1为例:
<PE1> display ospf peer
OSPF Process 1 with Router ID 1.1.1.9 Neighbors Area 0.0.0.0 interface 172.16.1.2(GE1/0/0)'s neighbors Router ID: 2.2.2.9 Address: 172.16.1.1 State: Full Mode:Nbr is Master Priority: 1 DR: 2.2.2.9 BDR: 1.1.1.9 MTU: 0 Dead timer due in 28 sec Retrans timer interval: 5 Neighbor is up for 00:01:04 Authentication Sequence: [ 0 ]同一AS的ASBR和PE能学习到对方的Loopback1的IP地址,并能够互相ping通。
- 在ASBR间建立EBGP对等体
# 配置ASBR1。
[~ASBR1] bgp 100 [*ASBR1-bgp] peer 192.168.1.2 as-number 200 [*ASBR1-bgp] quit [*ASBR1] commit
# 配置ASBR2。
[~ASBR2] bgp 200 [*ASBR2-bgp] peer 192.168.1.1 as-number 100 [*ASBR2-bgp] quit [*ASBR2] commit
配置完成后,在ASBR上执行display bgp peer命令可以看到邻居状态为“Established”。
以ASBR1为例:
[~ASBR1] display bgp peerBGP local router ID : 172.16.1.1 Local AS number : 100 Total number of peers : 1 Peers in established state : 1 Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv 192.168.1.2 4 200 129 134 0 01:39:21 Established 1
- 将域内PE的路由发送给对端PE
# 配置ASBR1:将PE1的Loopback地址发布给ASBR2。
[~ASBR1] bgp 100 [*ASBR1-bgp] network 1.1.1.9 32 [*ASBR1-bgp] quit [*ASBR1] commit
# 配置ASBR2:将PE2的Loopback地址发布给ASBR1。
[~ASBR2] bgp 200 [*ASBR2-bgp] network 4.4.4.9 32 [*ASBR2-bgp] quit [*ASBR2] commit
# 配置ASBR1:将BGP路由引入到OSPF,通过OSPF将PE2的路由发布给PE1。
[~ASBR1] ospf 1 [*ASBR1-ospf-1] import-route bgp [*ASBR1-ospf-1] quit [*ASBR1] commit
# 配置ASBR2:将BGP路由引入到OSPF,通过OSPF将PE1的路由发布给PE2。
[~ASBR2] ospf 1 [*ASBR2-ospf-1] import-route bgp [*ASBR2-ospf-1] quit [*ASBR1] commit
配置完成后,在PE上执行display ip routing-table命令查看路由表,以PE1为例:
[~PE1] display ip routing-table Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 10 Routes : 10 Destination/Mask Proto Pre Cost Flags NextHop Interface 1.1.1.9/32 Direct 0 0 D 127.0.0.1 InLoopBack0 2.2.2.9/32 OSPF 10 1 D 172.16.1.1 GigabitEthernet1/0/0 4.4.4.9/32 O_ASE 150 1 D 172.16.1.1 GigabitEthernet1/0/0 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0 127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0 172.16.1.0/24 Direct 0 0 D 172.16.1.2 GigabitEthernet1/0/0 172.16.1.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0 172.16.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0 255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
- 在AS100和AS200的MPLS骨干网上分别配置MPLS基本能力和MPLS LDP,建立LDP LSP
# 配置PE1的MPLS基本能力,并在与ASBR1相连的接口上使能LDP。
[~PE1] mpls lsr-id 1.1.1.9 [*PE1] mpls [*PE1-mpls] quit [*PE1] mpls ldp [*PE1-mpls-ldp] quit [*PE1] interface gigabitethernet 1/0/0 [*PE1-GigabitEthernet1/0/0] mpls [*PE1-GigabitEthernet1/0/0] mpls ldp [*PE1-GigabitEthernet1/0/0] quit [*PE1] commit
# 配置ASBR1的MPLS基本能力,并在与PE1相连的接口上使能LDP。
[~ASBR1] mpls lsr-id 2.2.2.9 [*ASBR1] mpls [*ASBR1-mpls] quit [*ASBR1] mpls ldp [*ASBR1-mpls-ldp] quit [*ASBR1] interface gigabitethernet 1/0/0 [*ASBR1-GigabitEthernet1/0/0] mpls [*ASBR1-GigabitEthernet1/0/0] mpls ldp [*ASBR1-GigabitEthernet1/0/0] quit [*ASBR1] commit
# 配置ASBR2的MPLS基本能力,并在与PE2相连的接口上使能LDP。
[~ASBR2] mpls lsr-id 3.3.3.9 [*ASBR2] mpls [*ASBR2-mpls] quit [*ASBR2] mpls ldp [*ASBR2-mpls-ldp] quit [*ASBR2] interface gigabitethernet 1/0/0 [*ASBR2-GigabitEthernet1/0/0] mpls [*ASBR2-GigabitEthernet1/0/0] mpls ldp [*ASBR2-GigabitEthernet1/0/0] quit [*ASBR2] commit
# 配置PE2的MPLS基本能力,并在与ASBR2相连的接口上使能LDP。
[~PE2] mpls lsr-id 4.4.4.9 [*PE2] mpls [*PE2-mpls] quit [*PE2] mpls ldp [*PE2-mpls-ldp] quit [*PE2] interface gigabitethernet 1/0/0 [*PE2-GigabitEthernet1/0/0] mpls [*PE2-GigabitEthernet1/0/0] mpls ldp [*PE2-GigabitEthernet1/0/0] quit [*PE2] commit
上述配置完成后,PE1与ASBR1、ASBR2与PE2之间应能建立LDP会话,执行display mpls ldp session命令可以看到显示结果中Status项为“Operational”。执行display mpls ldp lsp命令,可以看到LDP LSP的建立情况。
以PE1的显示为例:
[~PE1] display mpls ldp session LDP Session(s) in Public Network Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM) An asterisk (*) before a session means the session is being deleted. ------------------------------------------------------------------------------ PeerID Status LAM SsnRole SsnAge KASent/Rcv ------------------------------------------------------------------------------ 2.2.2.9:0 Operational DU Passive 0000:00:01 5/5 ------------------------------------------------------------------------------ TOTAL: 1 session(s) Found.
[~PE1] display mpls ldp lsp LDP LSP Information ------------------------------------------------------------------------------- DestAddress/Mask In/OutLabel UpstreamPeer NextHop OutInterface ------------------------------------------------------------------------------- 1.1.1.9/32 3/NULL 2.2.2.9 127.0.0.1 InLoop0 *1.1.1.9/32 Liberal 2.2.2.9/32 NULL/3 - 172.16.1.1 GE1/0/0 2.2.2.9/32 1024/3 2.2.2.9 172.16.1.1 GE1/0/0 ------------------------------------------------------------------------------- TOTAL: 3 Normal LSP(s) Found. TOTAL: 1 Liberal LSP(s) Found. TOTAL: 0 Frr LSP(s) Found. An asterisk (*) before an LSP means the LSP is not established An asterisk (*) before a Label means the USCB or DSCB is stale An asterisk (*) before an UpstreamPeer means the session is stale An asterisk (*) before a DS means the session is stale An asterisk (*) before a NextHop means the LSP is FRR LSP
- 在ASBR上配置标签IPv4路由交换能力
# 配置ASBR1:在与ASBR2相连的接口GE2/0/0上使能MPLS。
[~ASBR1] interface gigabitethernet 2/0/0 [*ASBR1-GigabitEthernet2/0/0] ip address 192.168.1.1 24 [*ASBR1-GigabitEthernet2/0/0] mpls [*ASBR1-GigabitEthernet2/0/0] quit
# 配置ASBR1:创建路由策略。
[*ASBR1] route-policy policy1 permit node 1 [*ASBR1-route-policy] apply mpls-label [*ASBR1-route-policy] quit
# 配置ASBR1:对向ASBR2发布的路由应用路由策略,并使能与ASBR2交换标签IPv4路由的能力。
[*ASBR1] bgp 100 [*ASBR1-bgp] peer 192.168.1.2 route-policy policy1 export [*ASBR1-bgp] peer 192.168.1.2 label-route-capability [*ASBR1-bgp] quit [*ASBR1] commit
ASBR2上的配置分别与ASBR1类似,请参见配置文件,此处不再详述。
- 在ASBR上配置为带标签的公网BGP路由建立LDP LSP
# 配置ASBR1。
[~ASBR1] mpls [*ASBR1-mpls] lsp-trigger bgp-label-route [*ASBR1-mpls] quit [*ASBR1] commit
# 配置ASBR2。
[~ASBR2] mpls [*ASBR2-mpls] lsp-trigger bgp-label-route [*ASBR2-mpls] quit [*ASBR2] commit
- 在PE上配置VPN实例,并接入CE
# 配置PE1。
[~PE1] ip vpn-instance vpn1 [*PE1-vpn-instance-vpn1] route-distinguisher 100:1 [*PE1-vpn-instance-vpn1] vpn-target 1:1 export-extcommunity [*PE1-vpn-instance-vpn1] vpn-target 1:1 import-extcommunity [*PE1-vpn-instance-vpn1] quit
[*PE1] interface gigabitethernet 2/0/0 [*PE1-GigabitEthernet2/0/0] ip binding vpn-instance vpn1 [*PE1-GigabitEthernet2/0/0] ip address 10.1.1.2 24 [*PE1-GigabitEthernet2/0/0] quit [*PE1] commit
# 配置PE2。
[~PE2] ip vpn-instance vpn1 [*PE2-vpn-instance-vpn1] route-distinguisher 200:1 [*PE2-vpn-instance-vpn1] vpn-target 1:1 export-extcommunity [*PE2-vpn-instance-vpn1] vpn-target 1:1 import-extcommunity [*PE2-vpn-instance-vpn1] quit
[*PE2] interface gigabitethernet 2/0/0 [*PE2-GigabitEthernet2/0/0] ip binding vpn-instance vpn1 [*PE2-GigabitEthernet2/0/0] ip address 10.2.1.2 24 [*PE2-GigabitEthernet2/0/0] quit [*PE2] commit
配置完成后,在PE设备上执行display ip vpn-instance verbose命令可以看到VPN实例的配置情况。各PE能ping通自己接入的CE。
以PE1为例:
[~PE1] display ip vpn-instance verbose Total VPN-Instances configured : 1 Total IPv4 VPN-Instances configured : 1 Total IPv6 VPN-Instances configured : 0 VPN-Instance Name and ID : vpn1, 1 Interfaces : GigabitEthernet2/0/0 Address family ipv4 Create date : 2012/05/14 07:31:56 Up time : 0 days, 08 hours, 26 minutes and 31 seconds Vrf Status : UP Route Distinguisher : 100:1 Export VPN Targets : 1:1 Import VPN Targets : 1:1 Label Policy : label per route The diffserv-mode Information is : uniform The ttl-mode Information is : pipe
[~PE1] ping -vpn-instance vpn1 10.1.1.1 PING 10.1.1.1: 56 data bytes, press CTRL_C to break Reply from 10.1.1.1: bytes=56 Sequence=1 ttl=255 time=50 ms Reply from 10.1.1.1: bytes=56 Sequence=2 ttl=255 time=50 ms Reply from 10.1.1.1: bytes=56 Sequence=3 ttl=255 time=40 ms Reply from 10.1.1.1: bytes=56 Sequence=4 ttl=255 time=30 ms Reply from 10.1.1.1: bytes=56 Sequence=5 ttl=255 time=10 ms --- 10.1.1.1 ping statistics --- 5 packet(s) transmitted 4 packet(s) received 20.00% packet loss round-trip min/avg/max = 10/32/50 ms - 在PE1与PE2之间建立MP-EBGP对等体关系
# 配置PE1。
[~PE1] bgp 100 [*PE1-bgp] peer 4.4.4.9 as-number 200 [*PE1-bgp] peer 4.4.4.9 connect-interface LoopBack 1 [*PE1-bgp] peer 4.4.4.9 ebgp-max-hop 10 [*PE1-bgp] ipv4-family vpnv4 [*PE1-bgp-af-vpnv4] peer 4.4.4.9 enable [*PE1-bgp-af-vpnv4] quit [*PE1-bgp] quit [*PE1] commit
# 配置PE2。
[~PE2] bgp 200 [*PE2-bgp] peer 1.1.1.9 as-number 100 [*PE2-bgp] peer 1.1.1.9 connect-interface LoopBack 1 [*PE2-bgp] peer 1.1.1.9 ebgp-max-hop 10 [*PE2-bgp] ipv4-family vpnv4 [*PE2-bgp-af-vpnv4] peer 1.1.1.9 enable [*PE2-bgp-af-vpnv4] quit [*PE2-bgp] quit [*PE2] commit
- 在PE与CE之间建立EBGP对等体关系,引入VPN路由
# 配置CE1。
[~CE1] bgp 65001 [*CE1-bgp] peer 10.1.1.2 as-number 100 [*CE1-bgp] import-route direct [*CE1-bgp] quit [*CE1] commit
# 配置CE2。
[~CE2] bgp 65002 [*CE2-bgp] peer 10.2.1.2 as-number 200 [*CE2-bgp] import-route direct [*CE2-bgp] quit [*CE2] commit
# 配置PE1。
[~PE1] bgp 100 [*PE1-bgp] ipv4-family vpn-instance vpn1 [*PE1-bgp-vpn1] peer 10.1.1.1 as-number 65001 [*PE1-bgp-vpn1] import-route direct [*PE1-bgp-vpn1] quit [*PE1-bgp] quit [*PE1] commit
# 配置PE2。
[~PE2] bgp 200 [*PE2-bgp] ipv4-family vpn-instance vpn1 [*PE2-bgp-vpn1] peer 10.2.1.1 as-number 65002 [*PE2-bgp-vpn1] import-route direct [*PE2-bgp-vpn1] quit [*PE2-bgp] quit [*PE2] commit
配置完成后,在PE设备上执行display bgp vpnv4 vpn-instance peer命令,可以看到PE与CE之间的BGP对等体关系已建立,并达到Established状态。
以PE1与CE1的对等体关系为例:
[~PE1] display bgp vpnv4 vpn-instance vpn1 peer BGP local router ID : 1.1.1.9 Local AS number : 100 Total number of peers : 1 Peers in established state : 1 Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv 10.1.1.1 4 65001 3 3 0 00:00:52 Established 1 - 检查配置结果
上述配置完成后,CE之间能学习到对方的接口路由,CE1和CE2能够相互ping通。
以CE1的显示为例:
[~CE1] display ip routing-table Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route ------------------------------------------------------------------------------ Routing Tables: _public_ Destinations : 8 Routes : 8 Destination/Mask Proto Pre Cost Flags NextHop Interface 10.1.1.0/24 Direct 0 0 D 10.1.1.1 GigabitEthernet1/0/0 10.1.1.1/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0 10.1.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0 10.2.1.0/24 EBGP 255 0 D 10.1.1.2 GigabitEthernet1/0/0 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0 127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0 255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0 [~CE1] ping 10.2.1.1 PING 10.2.1.1: 56 data bytes, press CTRL_C to break Reply from 10.2.1.1: bytes=56 Sequence=1 ttl=252 time=102 ms Reply from 10.2.1.1: bytes=56 Sequence=2 ttl=252 time=89 ms Reply from 10.2.1.1: bytes=56 Sequence=3 ttl=252 time=106 ms Reply from 10.2.1.1: bytes=56 Sequence=4 ttl=252 time=104 ms Reply from 10.2.1.1: bytes=56 Sequence=5 ttl=252 time=56 ms --- 10.2.1.1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 56/91/106 ms
配置完成后,在ASBR1上执行display ip routing-table dest-ip-address verbose命令,可以看到ASBR1到PE2的路由为带标签的公网BGP路由:Routing Table为“Public”,协议类型为“EBGP”,标签值不为零。
以ASBR1的显示为例:
[~ASBR1] display ip routing-table 4.4.4.9 verbose Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route ------------------------------------------------------------------------------ Routing Table : _public_ Summary Count : 1 Destination : 4.4.4.9/32 Protocol : EBGP Process ID : 0 Preference : 255 Cost : 1 NextHop : 192.168.1.2 Neighbour : 192.168.1.2 State : Active Adv Age : 00h12m53s Tag : 0 Priority : 0 Label : 15360 QoSInfo : 0x0
IndirectID : 0x0
RelayNextHop : 0.0.0.0 Interface : GigabitEthernet2/0/0 TunnelID : 0x6002006 Flags : D并且在ASBR1和PE2上分别执行display mpls lsp protocol ldp include dest-ip-address verbose命令,可以看到ASBR1和PE2之间建立了一条LDP LSP,并且在PE上可以看到到达对端PE的LDP Ingress LSP。
[~ASBR1] display mpls lsp protocol ldp include 4.4.4.9 32 verbose ---------------------------------------------------------------------- LSP Information: LDP LSP ---------------------------------------------------------------------- No : 1 VrfIndex : Fec : 4.4.4.9/32 Nexthop : 192.168.1.2 In-Label : 1024 Out-Label : NULL In-Interface : ---------- Out-Interface : ---------- LspIndex : 5000003 Type : Primary OutSegmentIndex : 0 LsrType : Egress Outgoing TunnelID : 0x40000 Label Operation : SWAPPUSH Mpls-Mtu : ------ LspAge : 16 sec Bfd-State : ------
配置文件
CE1的配置文件
# sysname CE1 # interface GigabitEthernet1/0/0 undo shutdown ip address 10.1.1.1 255.255.255.0 # bgp 65001 peer 10.1.1.2 as-number 100 # ipv4-family unicast undo synchronization import-route direct peer 10.1.1.2 enable # returnPE1的配置文件
# sysname PE1 # ip vpn-instance vpn1 ipv4-family route-distinguisher 100:1 apply-label per-instance vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity # mpls lsr-id 1.1.1.9 # mpls # mpls ldp # interface GigabitEthernet1/0/0 undo shutdown ip address 172.16.1.2 255.255.255.0 mpls mpls ldp # interface GigabitEthernet2/0/0 undo shutdown ip binding vpn-instance vpn1 ip address 10.1.1.2 255.255.255.0 # interface LoopBack1 ip address 1.1.1.9 255.255.255.255 # bgp 100 peer 4.4.4.9 as-number 200 peer 4.4.4.9 ebgp-max-hop 10 peer 4.4.4.9 connect-interface LoopBack1 # ipv4-family unicast undo synchronization peer 4.4.4.9 enable # ipv4-family vpnv4 policy vpn-target peer 4.4.4.9 enable # ipv4-family vpn-instance vpn1 import-route direct peer 10.1.1.1 as-number 65001 # ospf 1 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 172.16.1.0 0.0.0.255 # return
ASBR1的配置文件
# sysname ASBR1 # mpls lsr-id 2.2.2.9 # mpls lsp-trigger bgp-label-route # mpls ldp # interface GigabitEthernet1/0/0 undo shutdown ip address 172.16.1.1 255.255.255.0 mpls mpls ldp # interface GigabitEthernet2/0/0 undo shutdown ip address 192.168.1.1 255.255.255.0 mpls # interface LoopBack1 ip address 2.2.2.9 255.255.255.255 # bgp 100 peer 192.168.1.2 as-number 200 # ipv4-family unicast undo synchronization network 1.1.1.9 255.255.255.255 peer 192.168.1.2 enable peer 192.168.1.2 route-policy policy1 export peer 192.168.1.2 label-route-capability # ospf 1 import-route bgp area 0.0.0.0 network 2.2.2.9 0.0.0.0 network 172.16.1.0 0.0.0.255 # route-policy policy1 permit node 1 apply mpls-label # return
ASBR2的配置文件
# sysname ASBR2 # mpls lsr-id 3.3.3.9 # mpls lsp-trigger bgp-label-route # mpls ldp # interface GigabitEthernet1/0/0 undo shutdown ip address 10.162.1.1 255.255.255.0 mpls mpls ldp # interface GigabitEthernet2/0/0 undo shutdown ip address 192.168.1.2 255.255.255.0 mpls # interface LoopBack1 ip address 3.3.3.9 255.255.255.255 # bgp 200 peer 192.168.1.1 as-number 100 # ipv4-family unicast undo synchronization network 4.4.4.9 255.255.255.255 peer 192.168.1.1 enable peer 192.168.1.1 route-policy policy1 export peer 192.168.1.1 label-route-capability # ospf 1 import-route bgp area 0.0.0.0 network 3.3.3.9 0.0.0.0 network 10.162.1.0 0.0.0.255 # route-policy policy1 permit node 1 apply mpls-label # return
PE2的配置文件
# sysname PE2 # ip vpn-instance vpn1 ipv4-family route-distinguisher 200:1 apply-label per-instance vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity # mpls lsr-id 4.4.4.9 # mpls # mpls ldp # interface GigabitEthernet1/0/0 undo shutdown ip address 10.162.1.2 255.255.255.0 mpls mpls ldp # interface GigabitEthernet2/0/0 undo shutdown ip binding vpn-instance vpn1 ip address 10.2.1.2 255.255.255.0 # interface LoopBack1 ip address 4.4.4.9 255.255.255.255 # bgp 200 peer 1.1.1.9 as-number 100 peer 1.1.1.9 ebgp-max-hop 10 peer 1.1.1.9 connect-interface LoopBack1 # ipv4-family unicast undo synchronization peer 1.1.1.9 enable # ipv4-family vpnv4 policy vpn-target peer 1.1.1.9 enable # ipv4-family vpn-instance vpn1 import-route direct peer 10.2.1.1 as-number 65002 # ospf 1 area 0.0.0.0 network 4.4.4.9 0.0.0.0 network 10.162.1.0 0.0.0.255 # return
CE2的配置文件
# sysname CE2 # interface GigabitEthernet1/0/0 undo shutdown ip address 10.2.1.1 255.255.255.0 # bgp 65002 peer 10.2.1.2 as-number 200 # ipv4-family unicast undo synchronization import-route direct peer 10.2.1.2 enable # return
