H3CMSR系列路由器MPLSL3VPN跨域方案ABC功能配置.docx
《H3CMSR系列路由器MPLSL3VPN跨域方案ABC功能配置.docx》由会员分享,可在线阅读,更多相关《H3CMSR系列路由器MPLSL3VPN跨域方案ABC功能配置.docx(28页珍藏版)》请在冰豆网上搜索。
H3CMSR系列路由器MPLSL3VPN跨域方案ABC功能配置
MSR系列路由器MPLSL3VPN跨域方案A功能的配置
关键词:
MSR;MPLS;L3VPN;跨域;OptionA
一、组网需求:
peA和asbrA在AS1,peB和asbrB在AS2;peA和peB都下挂着vpna和vpnb的站点,peA下挂vpna和vpnb站点1,peB下挂vpna和vpnb站点2。
设备清单:
MSR系列路由器4台
二、组网图:
三、配置步骤:
peA配置:
#
routerid3.3.3.3
#
ipvpn-instancevpna
route-distinguisher3:
1
vpn-target1:
1export-extcommunity
vpn-target1:
1import-extcommunity
#
ipvpn-instancevpnb
route-distinguisher3:
2
vpn-target2:
2export-extcommunity
vpn-target2:
2import-extcommunity
#
mplslsr-id3.3.3.3
#
mpls
#
mplsldp
#
interfaceEthernet0/0
portlink-moderoute
ipaddress1.3.0.3255.255.255.0
mpls
mplsldp
#
interfaceEthernet0/1
portlink-moderoute
ipbindingvpn-instancevpna
ipaddress192.168.1.1255.255.255.0
#
interfaceEthernet1/0
portlink-moderoute
ipbindingvpn-instancevpnb
ipaddress172.32.1.1255.255.255.0
#
interfaceLoopBack0
ipaddress3.3.3.3255.255.255.255
#
bgp1
undosynchronization
peer1.1.1.1as-number1
peer1.1.1.1connect-interfaceLoopBack0
#
ipv4-familyvpnv4
peer1.1.1.1enable
#
ipv4-familyvpn-instancevpna
import-routedirect
#
ipv4-familyvpn-instancevpnb
import-routedirect
#
ospf1
area0.0.0.0
network3.3.3.30.0.0.0
network1.3.0.00.0.0.255
#
asbrA配置:
routerid1.1.1.1
#
ipvpn-instancevpna
route-distinguisher1:
1
vpn-target1:
1export-extcommunity
vpn-target1:
1import-extcommunity
#
ipvpn-instancevpnb
route-distinguisher1:
2
vpn-target2:
2export-extcommunity
vpn-target2:
2import-extcommunity
#
mplslsr-id1.1.1.1
#
mpls
#
mplsldp
#
interfaceEthernet0/0.1//asbr间用子接口区分不同vpn流量
vlan-typedot1qvid1
ipbindingvpn-instancevpna
ipaddress1.2.1.1255.255.255.0
#
interfaceEthernet0/0.2//asbr间用子接口区分不同vpn流量
vlan-typedot1qvid2
ipbindingvpn-instancevpnb
ipaddress1.2.2.1255.255.255.0
#
interfaceEthernet0/1
portlink-moderoute
ipaddress1.3.0.1255.255.255.0
mpls
mplsldp
#
interfaceLoopBack0
ipaddress1.1.1.1255.255.255.255
#
bgp1
undosynchronization
peer3.3.3.3as-number1//asbr和pe间是标准L3VPN配置
peer3.3.3.3connect-interfaceLoopBack0
#
ipv4-familyvpnv4
peer3.3.3.3enable
#
ipv4-familyvpn-instancevpna//asbr间使用PE-CE模式传vpna路由
peer1.2.1.2as-number2
#
ipv4-familyvpn-instancevpnb//asbr间使用PE-CE模式传vpna路由
peer1.2.2.2as-number2
#
ospf1
area0.0.0.0
network1.1.1.10.0.0.0
network1.3.0.00.0.0.255
#
asbrB配置:
#
routerid2.2.2.2
#
ipvpn-instancevpna
route-distinguisher2:
1
vpn-target1:
1export-extcommunity
vpn-target1:
1import-extcommunity
#
ipvpn-instancevpnb
route-distinguisher2:
2
vpn-target2:
2export-extcommunity
vpn-target2:
2import-extcommunity
#
mplslsr-id2.2.2.2
#
mpls
#
mplsldp
#
interfaceEthernet0/0.1//asbr间用子接口区分不同vpn流量
vlan-typedot1qvid1
ipbindingvpn-instancevpna
ipaddress1.2.1.2255.255.255.0
#
interfaceEthernet0/0.2//asbr间用子接口区分不同vpn流量
vlan-typedot1qvid2
ipbindingvpn-instancevpnb
ipaddress1.2.2.2255.255.255.0
#
interfaceEthernet0/1
portlink-moderoute
ipaddress2.4.0.2255.255.255.0
mpls
mplsldp
#
interfaceLoopBack0
ipaddress2.2.2.2255.255.255.255
#
bgp2
undosynchronization
peer4.4.4.4as-number2//asbr和pe间是标准L3VPN配置
peer4.4.4.4connect-interfaceLoopBack0
#
ipv4-familyvpnv4
peer4.4.4.4enable
#
ipv4-familyvpn-instancevpna//asbr间使用PE-CE模式传vpna路由
peer1.2.1.1as-number1
#
ipv4-familyvpn-instancevpnb//asbr间使用PE-CE模式传vpnb路由
peer1.2.2.1as-number1
#
ospf1
area0.0.0.0
network2.2.2.20.0.0.0
network2.4.0.00.0.0.255
#
peB配置:
routerid4.4.4.4
#
ipvpn-instancevpna
route-distinguisher4:
1
vpn-target1:
1export-extcommunity
vpn-target1:
1import-extcommunity
#
ipvpn-instancevpnb
route-distinguisher4:
2
vpn-target2:
2export-extcommunity
vpn-target2:
2import-extcommunity
#
mplslsr-id4.4.4.4
#
mpls
#
mplsldp
#
interfaceEthernet0/0
portlink-moderoute
ipaddress2.4.0.4255.255.255.0
mpls
mplsldp
#
interfaceEthernet0/1
portlink-moderoute
ipbindingvpn-instancevpna
ipaddress192.168.2.1255.255.255.0
#
interfaceEthernet1/0
portlink-moderoute
ipbindingvpn-instancevpnb
ipaddress172.32.2.1255.255.255.0
#
interfaceLoopBack0
ipaddress4.4.4.4255.255.255.255
#
bgp2
undosynchronization
peer2.2.2.2as-number2
peer2.2.2.2connect-interfaceLoopBack0
#
ipv4-familyvpnv4
peer2.2.2.2enable
#
ipv4-familyvpn-instancevpna
import-routedirect
#
ipv4-familyvpn-instancevpnb
import-routedirect
#
ospf1
area0.0.0.0
network4.4.4.40.0.0.0
network2.4.0.00.0.0.255
#
四、配置关键点:
1.asbr间需要用不同链路隔离不同vpn流量,可以使用不同物理链路或逻辑链路如子接口或E1/T1通道;
2.asbr间互相把对方认为CE,所以要配置在bgp的vpn实例视图下配置。
MSR系列路由器MPLSL3VPN跨域方案B功能的配置
关键词:
MSR;MPLS;L3VPN;跨域;OptionB
一、组网需求:
peA和asbrA在AS1,peB和asbrB在AS2;peA和peB都下挂着vpna和vpnb的站点,peA下挂vpna和vpnb站点1,peB下挂vpna和vpnb站点2。
设备清单:
MSR系列路由器4台
二、组网图:
三、配置步骤:
适用设备和版本:
MSR系列、Version5.20,Beta1105后所有版本。
peA配置:
#
routerid3.3.3.3
#
ipvpn-instancevpna
route-distinguisher3:
1
vpn-target1:
1export-extcommunity
vpn-target1:
1import-extcommunity
#
ipvpn-instancevpnb
route-distinguisher3:
2
vpn-target2:
2export-extcommunity
vpn-target2:
2import-extcommunity
#
mplslsr-id3.3.3.3
#
mpls
#
mplsldp
#
interfaceEthernet0/0
portlink-moderoute
ipaddress1.3.0.3255.255.255.0
mpls
mplsldp
#
interfaceEthernet0/1
portlink-moderoute
ipbindingvpn-instancevpna
ipaddress192.168.1.1255.255.255.0
#
interfaceEthernet1/0
portlink-moderoute
ipbindingvpn-instancevpnb
ipaddress172.32.1.1255.255.255.0
#
interfaceLoopBack0
ipaddress3.3.3.3255.255.255.255
#
bgp1
undosynchronization
peer1.1.1.1as-number1
peer1.1.1.1connect-interfaceLoopBack0
#
ipv4-familyvpnv4
peer1.1.1.1enable
#
ipv4-familyvpn-instancevpna
import-routedirect
#
ipv4-familyvpn-instancevpnb
import-routedirect
#
ospf1
area0.0.0.0
network3.3.3.30.0.0.0
network1.3.0.00.0.0.255
#
asbrA配置:
routerid1.1.1.1
#
mplslsr-id1.1.1.1
#
mpls
#
mplsldp
#
interfaceEthernet0/0
portlink-moderoute
ipaddress1.2.0.1255.255.255.0
mpls//使能MPLS流量转发能力
#
interfaceEthernet0/1
portlink-moderoute
ipaddress1.3.0.1255.255.255.0
mpls
mplsldp
#
interfaceLoopBack0
ipaddress1.1.1.1255.255.255.255
#
bgp1
undosynchronization
peer1.2.0.2as-number2//建立EBGP连接
peer3.3.3.3as-number1
peer3.3.3.3connect-interfaceLoopBack0
#
ipv4-familyvpnv4
undopolicyvpn-target//取消vpn-target策略
peer3.3.3.3enable
peer1.2.0.2enable//向EBGP邻居发vpn所有vpn路由
#
ospf1
area0.0.0.0
network1.1.1.10.0.0.0
network1.3.0.00.0.0.255
#
asbrB配置:
#
routerid2.2.2.2
#
mplslsr-id2.2.2.2
#
mpls
#
mplsldp
#
interfaceEthernet0/0
portlink-moderoute
ipaddress1.2.0.2255.255.255.0
mpls//使能MPLS流量转发能力
#
interfaceEthernet0/1
portlink-moderoute
ipaddress2.4.0.2255.255.255.0
mpls
mplsldp
#
interfaceLoopBack0
ipaddress2.2.2.2255.255.255.255
#
bgp2
undosynchronization
peer1.2.0.1as-number1//建立EBGP连接
peer4.4.4.4as-number2
peer4.4.4.4connect-interfaceLoopBack0
#
ipv4-familyvpnv4
undopolicyvpn-target//取消vpn-target策略
peer4.4.4.4enable
peer1.2.0.1enable//向EBGP邻居发vpn所有vpn路由
#
ospf1
area0.0.0.0
network2.2.2.20.0.0.0
network2.4.0.00.0.0.255
#
peB配置:
routerid4.4.4.4
#
ipvpn-instancevpna
route-distinguisher4:
1
vpn-target1:
1export-extcommunity
vpn-target1:
1import-extcommunity
#
ipvpn-instancevpnb
route-distinguisher4:
2
vpn-target2:
2export-extcommunity
vpn-target2:
2import-extcommunity
#
mplslsr-id4.4.4.4
#
mpls
#
mplsldp
#
interfaceEthernet0/0
portlink-moderoute
ipaddress2.4.0.4255.255.255.0
mpls
mplsldp
#
interfaceEthernet0/1
portlink-moderoute
ipbindingvpn-instancevpna
ipaddress192.168.2.1255.255.255.0
#
interfaceEthernet1/0
portlink-moderoute
ipbindingvpn-instancevpnb
ipaddress172.32.2.1255.255.255.0
#
interfaceLoopBack0
ipaddress4.4.4.4255.255.255.255
#
bgp2
undosynchronization
peer2.2.2.2as-number2
peer2.2.2.2connect-interfaceLoopBack0
#
ipv4-familyvpnv4
peer2.2.2.2enable
#
ipv4-familyvpn-instancevpna
import-routedirect
#
ipv4-familyvpn-instancevpnb
import-routedirect
#
ospf1
area0.0.0.0
network4.4.4.40.0.0.0
network2.4.0.00.0.0.255
#
四、配置关键点:
1.asbr间的直连链路必须要使能MPLS转发能力;
2.asbr间要建立MP-EBGP连接,配置类似于普通L3VPN的MP-IBGP连接;
3.asbr可以不用配置vpn实例,需要在bgp的vpnv4视图下取消vpn-target策略。
MSR系列路由器MPLSL3VPN跨域方案C功能的配置
关键词:
MSR;MPLS;L3VPN;跨域;OptionC
一、组网需求:
peA和asbrA在AS1,peB和asbrB在AS2;peA和peB都下挂着vpna和vpnb的站点,peA下挂vpna和vpnb站点1,peB下挂vpna和vpnb站点2。
设备清单:
MSR系列路由器4台
二、组网图:
三、配置步骤:
适用设备和版本:
MSR系列、Version5.20,Beta1105后所有版本。
peA配置:
#
routerid3.3.3.3
#
ipvpn-instancevpna
route-distinguisher3:
1
vpn-target1:
1export-extcommunity
vpn-target1:
1import-extcommunity
#
ipvpn-instancevpnb
route-distinguisher3:
2
vpn-target2:
2export-extcommunity
vpn-target2:
2import-extcommunity
#
mplslsr-id3.3.3.3
#
mpls
#
mplsldp
#
interfaceEthernet0/0
portlink-moderoute
ipaddress1.3.0.3255.255.255.0
mpls
mplsldp
#
interfaceEthernet0/1
portlink-moderoute
ipbindingvpn-instancevpna
ipaddress192.168.1.1255.255.255.0
#
interfaceEthernet1/0
portlink-moderoute
ipbindingvpn-instancevpnb
ipaddress172.32.1.1255.255.255.0
#
interfaceLoopBack0
ipaddress3.3.3.3255.255.255.255
#
bgp1
undosynchronization
peer4.4.4.4as-number2//与peB建立EBGP连接
peer1.1.1.1as-number1
peer4.4.4.4ebgp-max-hop64//支持多跳EBGP连接
peer4.4.4.4connect-interfaceLoopBack0//使用环回口连接
peer1.1.1.1label-route-capability//使能标签路由能力
peer1.1.1.1connect-interfaceLoopBack0
#
ipv4-familyvpnv4
peer4.4.4.4enable//与peB交换vpn路由
#
ipv4-familyvpn-instancevpna
import-routedirect
#
ipv4-familyvpn-instancevpnb
import-routedirect
#
ospf1
area0.0.0.0
network3.3.3.
升级会员 