1、eNSP实验BGPMPLSVPNBGP MPLS VPN 配置实验1网络拓扑2配置文件2.1PE1的相关配置2.1.1在MPLS骨干网上配置IGP-OSPF协议,实现骨干网PE和P的互通# Sysna PE1ospf 1 area 0.0.0.0 network 10.0.0.0 0.0.0.3 network 1.1.1.1 0.0.0.0 (igp-ospf)#interface LoopBack0ip address 1.1.1.1 255.255.255.255 ospf enable 1 area 0.0.0.0 端口使能ospf)interface Ethernet0/0/0lsp
2、-trigger 命令用来配置LSP 的触发策略。undo lsp-trigger 命令用来恢复缺省情况。缺省情况下,只有32 位掩码的主机路由能够触发LDP 建立LSP。需要注意的是: IP 地址前缀列表只对静态路由和IGP 路由有效。 LSP 的建立需要LSR 上有精确匹配的路由项,如果使用32 位掩码的Loopback 接口,则必须有精确匹配的主机路由才能触发LSP 的建立。 如果指定vpn-instance vpn-instance-name 参数,则配置指定VPN 的LSP 触发策略; 如果未指定vpn-instance vpn-instance-name 参数,则配置公网路由的LS
3、P 触发策略。 有关 IP 前缀列表的介绍请参见“三层技术-IP 路由配置指导”中的“路由策略”。【举例】# 配置所有路由项都能够触发LDP 建立LSP。 system-viewSysname mplsSysname-mpls lsp-trigger allip address 10.0.0.1 255.255.255.252 ospf enable 1 area 0.0.0.0 ( 端口使能ospf)#2.1.2在PE1上配置与PE2、P的IBGP#bgp 65115router-id 1.1.1.1peer 3.3.3.3 as-number 65115 peer 3.3.3.3 conn
4、ect-interface LoopBack0 (配置bgp)peer 2.2.2.2 as-number 65115 peer 2.2.2.2 connect-interface LoopBack0ipv4-family unicastundo synchronizationnetwork 1.1.1.1 255.255.255.255 network 10.0.0.0 255.255.255.252 mpls lsr-id 命令用来配置本节点的LSR ID,缺省情况下,未配置LSR ID。配置 LSR ID 是配置其它MPLS 命令的前提。推荐使用LSR 某个Loopback 接口的地址做
5、为LSR ID。peer 2.2.2.2 enablepeer 3.3.3.3 enable (宣告网络)#2.1.3MPLS骨干网上配置MPLS基本能力和MPLS LDP,建立LDP LSP#mpls lsr-id 1.1.1.1 mplslsp-trigger all mpls ldp (使能mpls)#interface Ethernet0/0/0mplsmpls ldp (端口使能mpls)#2.1.4在PE设备上配置VPN实例,将CE接入PEip vpn-instance VPN1 创建并进入VPN实例视图ipv4-familyroute-distinguisher 100:1 为v
6、pn-instance创建RDvpn-target 111:1 export-extcommunity 为vpn-instance创建vpn-target扩展团体vpn-target 111:1 import-extcommunity (配置VPN1)#ip vpn-instance VPN2ipv4-familyroute-distinguisher 200:1vpn-target 222:1 export-extcommunityvpn-target 222:1 import-extcommunity (配置VPN2)#interface Ethernet0/0/1ip binding v
7、pn-instance VPN1 将接口与vpn-instance关联ip address 10.0.0.13 255.255.255.252 (端口绑定VPN)interface GigabitEthernet0/0/0ip binding vpn-instance VPN2ip address 10.0.0.9 255.255.255.252 (端口绑定VPN)#2.1.5在PE与CE之间建立EBGP对等体,引入VPN路由#bgp 65115ipv4-family vpnv4 进入MBGP的VPNv4地址族视图policy vpn-targetpeer 2.2.2.2 enable 激活M
8、BGP对等体peer 3.3.3.3 enable (建立邻居关系 ) # ipv4-family vpn-instance VPN1 进入BGP的VPN地址族视图import-route directimport-route static (配置 vpn路由)ipv4-family vpn-instance VPN2 import-route directimport-route static (配置 vpn路由)#ip route-static vpn-instance VPN1 0.0.0.0 0.0.0.0 10.0.0.14 ip route-static vpn-instance
9、VPN2 0.0.0.0 0.0.0.0 10.0.0.10 ( 配置vpn静态路由:PE和CE间通过静态路由的配置)#2.2P的相关配置2.2.1在MPLS骨干网上配置IGP协议,实现骨干网PE和P的互通#sysna Pospf 1 area 0.0.0.0 network 10.0.0.0 0.0.0.3 network 10.0.0.4 0.0.0.3 network 2.2.2.2 0.0.0.0 (igp-ospf)#interface LoopBack0ip address 2.2.2.2 255.255.255.255 ospf enable 1 area 0.0.0.0 ( 端
10、口使能ospf)interface Ethernet0/0/0ip address 10.0.0.2 255.255.255.252 ospf enable 1 area 0.0.0.0 ( 端口使能ospf)interface Ethernet0/0/1ip address 10.0.0.5 255.255.255.252 ospf enable 1 area 0.0.0.0 ( 端口使能ospf)#2.2.2P上配置与PE1、PE2的IBGP#bgp 65115router-id 2.2.2.2peer 1.1.1.1 as-number 65115 peer 1.1.1.1 connec
11、t-interface Ethernet0/0/0peer 3.3.3.3 as-number 65115 peer 3.3.3.3 connect-interface Ethernet0/0/1 (配置bgp)#ipv4-family unicastundo synchronizationnetwork 2.2.2.2 255.255.255.255 network 10.0.0.0 255.255.255.252 network 10.0.0.4 255.255.255.252 peer 1.1.1.1 enablepeer 3.3.3.3 enable (宣告网络)#2.2.3MPLS骨
12、干网上配置MPLS基本能力和MPLS LDP,建立LDP LSP#mpls lsr-id 2.2.2.2mplslsp-trigger all mpls ldp (使能mpls)#interface Ethernet0/0/0mplsmpls ldp (端口使能mpls)#interface Ethernet0/0/1mplsmpls ldp (端口使能mpls)#2.2.4建立P与PE1、PE2的邻居关系#bgp 65115ipv4-family vpnv4policy vpn-targetpeer 1.1.1.1 enablepeer 3.3.3.3 enable (建立邻居关系 )#2.
13、3PE2相关配置和PE1类似2.3.1在MPLS骨干网上配置IGP协议,实现骨干网PE和P的互通#Sysna PE2ospf 1 area 0.0.0.0 network 10.0.0.4 0.0.0.3 network 3.3.3.3 0.0.0.0 (igp-ospf)#interface LoopBack0ip address 3.3.3.3 255.255.255.255 ospf enable 1 area 0.0.0.0 端口使能ospf)interface Ethernet0/0/0ip address 10.0.0.6 255.255.255.252 ospf enable 1
14、 area 0.0.0.0 ( 端口使能ospf)#2.3.2在PE2上配置与P、PE1的IBGP#bgp 65115router-id 3.3.3.3peer 1.1.1.1 as-number 65115 peer 1.1.1.1 connect-interface LoopBack0 (配置bgp)ipv4-family unicastundo synchronizationnetwork 3.3.3.3 255.255.255.255 network 10.0.0.4 255.255.255.252 peer 2.2.2.2 enablepeer 1.1.1.1 enable (宣告网
15、络)#2.3.3MPLS骨干网上配置MPLS基本能力和MPLS LDP,建立LDP LSP#mpls lsr-id 3.3.3.3mplslsp-trigger all mpls ldp (使能mpls)#interface Ethernet0/0/0mplsmpls ldp (端口使能mpls)#2.3.4在PE设备上配置VPN实例,将CE接入PE#ip vpn-instance VPN1ipv4-familyroute-distinguisher 100:1vpn-target 111:1 export-extcommunityvpn-target 111:1 import-extcomm
16、unity # (配置VPN1)ip vpn-instance VPN2ipv4-familyroute-distinguisher 200:1vpn-target 222:1 export-extcommunityvpn-target 222:1 import-extcommunity (配置VPN2)#interface Ethernet0/0/1ip binding vpn-instance VPN1ip address 10.0.0.17 255.255.255.252 (端口绑定VPN)interface GigabitEthernet0/0/0ip binding vpn-inst
17、ance VPN2ip address 10.0.0.21 255.255.255.252 (端口绑定VPN)#2.3.5PE与CE之间建立EBGP对等体,引入VPN路由bgp 65115ipv4-family vpnv4policy vpn-targetpeer 2.2.2.2 enablepeer 1.1.1.1 enable (建立邻居关系 ) #ipv4-family vpn-instance VPN1 import-route directimport-route static (配置 vpn路由)ipv4-family vpn-instance VPN2 import-route
18、directimport-route static (配置 vpn路由)#ip route-static vpn-instance VPN1 0.0.0.0 0.0.0.0 10.0.0.18ip route-static vpn-instance VPN2 0.0.0.0 0.0.0.0 10.0.0.22 # ( 配置vpn静态路由)2.4CE1的相关配置#Sysn CE1interface Ethernet0/0/0ip address 10.0.0.10 255.255.255.252 ip route-static 0.0.0.0 0.0.0.0 10.0.0.9 (配置静态路由)#
19、save 2.5CE2的相关配置#Sysn CE2interface Ethernet0/0/0ip address 10.0.0.14 255.255.255.252 ip route-static 0.0.0.0 0.0.0.0 10.0.0.13#2.6CE3的相关配置#Sysn CE3interface Ethernet 0/0/0ip address 10.0.0.18 255.255.255.252 ip route-static 0.0.0.0 0.0.0.0 10.0.0.17#2.7CE4的相关配置#SysSysn CE4interface Ethernet 0/0/0ip
20、address 10.0.0.22 255.255.255.252 ip route-static 0.0.0.0 0.0.0.0 10.0.0.21#3实验结果:3.1PE1 vpn 路由表PE1disp ip rout PE1disp ip routing-table Route Flags: R - relay, D - download to fib-Routing Tables: Public Destinations : 8 Routes : 8 Destination/Mask Proto Pre Cost Flags NextHop Interface 1.1.1.1/32 D
21、irect 0 0 D 127.0.0.1 LoopBack0 2.2.2.2/32 OSPF 10 1 D 10.0.0.2 Ethernet0/0/0 3.3.3.3/32 OSPF 10 2 D 10.0.0.2 Ethernet0/0/0 10.0.0.0/30 Direct 0 0 D 10.0.0.1 Ethernet0/0/0 10.0.0.1/32 Direct 0 0 D 127.0.0.1 Ethernet0/0/0 10.0.0.4/30 OSPF 10 2 D 10.0.0.2 Ethernet0/0/0 127.0.0.0/8 Direct 0 0 D 127.0.0
22、.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0PE1disp ip routing-table vp PE1disp ip routing-table vpn-instance ? STRING VPN instance namePE1disp ip routing-table vpn-instance VPN1Route Flags: R - relay, D - download to fib-Routing Tables: VPN1 Destinations : 4 Routes : 4 Destination
23、/Mask Proto Pre Cost Flags NextHop Interface 0.0.0.0/0 Static 60 0 RD 10.0.0.14 Ethernet0/0/1 10.0.0.12/30 Direct 0 0 D 10.0.0.13 Ethernet0/0/1 10.0.0.13/32 Direct 0 0 D 127.0.0.1 Ethernet0/0/1 10.0.0.16/30 IBGP 255 0 RD 3.3.3.3 Ethernet0/0/0PE1 PE1disp ip routing-table vpn-instance VPN2Route Flags:
24、 R - relay, D - download to fib-Routing Tables: VPN2 Destinations : 4 Routes : 4 Destination/Mask Proto Pre Cost Flags NextHop Interface 0.0.0.0/0 Static 60 0 RD 10.0.0.10 GigabitEthernet0/0/0 10.0.0.8/30 Direct 0 0 D 10.0.0.9 GigabitEthernet0/0/0 10.0.0.9/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/
25、0/0 10.0.0.20/30 IBGP 255 0 RD 3.3.3.3 Ethernet0/0/0PE13.2P路由表disp ip routingRoute Flags: R - relay, D - download to fib-Routing Tables: Public Destinations : 9 Routes : 9 Destination/Mask Proto Pre Cost Flags NextHop Interface 1.1.1.1/32 OSPF 10 1 D 10.0.0.1 Ethernet0/0/0 2.2.2.2/32 Direct 0 0 D 12
26、7.0.0.1 LoopBack0 3.3.3.3/32 OSPF 10 1 D 10.0.0.6 Ethernet0/0/1 10.0.0.0/30 Direct 0 0 D 10.0.0.2 Ethernet0/0/0 10.0.0.2/32 Direct 0 0 D 127.0.0.1 Ethernet0/0/0 10.0.0.4/30 Direct 0 0 D 10.0.0.5 Ethernet0/0/1 10.0.0.5/32 Direct 0 0 D 127.0.0.1 Ethernet0/0/1 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopB
27、ack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0PE2 Vpn 路由表dis ip routRoute Flags: R - relay, D - download to fib-Routing Tables: Public Destinations : 8 Routes : 8 Destination/Mask Proto Pre Cost Flags NextHop Interface 1.1.1.1/32 OSPF 10 2 D 10.0.0.5 Ethernet0/0/0 2.2.2.2/32 OSPF 10 1 D 10.0.0
28、.5 Ethernet0/0/0 3.3.3.3/32 Direct 0 0 D 127.0.0.1 LoopBack0 10.0.0.0/30 OSPF 10 2 D 10.0.0.5 Ethernet0/0/0 10.0.0.4/30 Direct 0 0 D 10.0.0.6 Ethernet0/0/0 10.0.0.6/32 Direct 0 0 D 127.0.0.1 Ethernet0/0/0 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0d
29、is ip rou dis ip routing-table vpn-instance VPN1Route Flags: R - relay, D - download to fib-Routing Tables: VPN1 Destinations : 3 Routes : 3 Destination/Mask Proto Pre Cost Flags NextHop Interface 10.0.0.12/30 IBGP 255 0 RD 1.1.1.1 Ethernet0/0/0 10.0.0.16/30 Direct 0 0 D 10.0.0.17 Ethernet0/0/1 10.0.0.17/32 Direct 0 0 D 127.0.0.1 Ethernet0/0/1dis ip
copyright@ 2008-2022 冰豆网网站版权所有
经营许可证编号:鄂ICP备2022015515号-1