华为MPLS VPN 跨域OptionC2

于 2025-01-18 17:44:41 发布
阅读量346 收藏 1
点赞数 5
文章标签: 华为
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/qq_53677634/article/details/145230101
版权

lsp-trigger bgp-label-route -----标签交换路径(LSP)触发器,当一个数据包到达LSR时,查找路由表以确定下一个LSR的地址,并把数据包转发到该地址,同时将数据包中的标签替换为下一个LSR所需的标签。

注意事项:

1、vpn实例的RD要不同;

2、跨域-optionC(方式二)实现方式中,保证不同AS域内PE和PE的vpn实例的vpn-target相同。

操作要求:

1、配置mpls vpn-跨域-optionC2

2、实现7.7.7.7与8.8.8.8的相互连通。

实验拓扑

一、配置IP地址

[Huawei]sysname AR1
[AR1]int lo 0
[AR1-LoopBack0]ip add 1.1.1.1 32
[AR1-LoopBack0]int g0/0/0
[AR1-GigabitEthernet0/0/0]ip add 10.0.12.1 24

[Huawei]sysname AR2
[AR2]int lo 0
[AR2-LoopBack0]
[AR2-LoopBack0]ip add 2.2.2.2 32
[AR2-LoopBack0]
[AR2-LoopBack0]int g0/0/0
[AR2-GigabitEthernet0/0/0]
[AR2-GigabitEthernet0/0/0]ip add 10.0.12.2 24
[AR2-GigabitEthernet0/0/0]
[AR2-GigabitEthernet0/0/0]int g0/0/1
[AR2-GigabitEthernet0/0/1]
[AR2-GigabitEthernet0/0/1]ip add 10.0.23.2 24
[AR2-GigabitEthernet0/0/1]

[Huawei]sysname AR3
[AR3]int lo 0
[AR3-LoopBack0]
[AR3-LoopBack0]ip add 3.3.3.3 32
[AR3-LoopBack0]
[AR3-LoopBack0]int g0/0/0
[AR3-GigabitEthernet0/0/0]
[AR3-GigabitEthernet0/0/0]ip add 10.0.23.3 24
[AR3-GigabitEthernet0/0/0]
[AR3-GigabitEthernet0/0/0]int g0/0/1
[AR3-GigabitEthernet0/0/1]
[AR3-GigabitEthernet0/0/1]ip add 10.0.34.3 24

[Huawei]sysname AR4
[AR4]int lo 0
[AR4-LoopBack0]
[AR4-LoopBack0]ip add 4.4.4.4 32
[AR4-LoopBack0]
[AR4-LoopBack0]int g0/0/0
[AR4-GigabitEthernet0/0/0]
[AR4-GigabitEthernet0/0/0]ip add 10.0.34.4 24
[AR4-GigabitEthernet0/0/0]
[AR4-GigabitEthernet0/0/0]int g0/0/1
[AR4-GigabitEthernet0/0/1]
[AR4-GigabitEthernet0/0/1]ip add 10.0.45.4 24

[Huawei]sysname AR5
[AR5]int lo 0
[AR5-LoopBack0]
[AR5-LoopBack0]ip add 5.5.5.5 32
[AR5-LoopBack0]
[AR5-LoopBack0]int g0/0/0
[AR5-GigabitEthernet0/0/0]
[AR5-GigabitEthernet0/0/0]ip add 10.0.56.5 24
[AR5-GigabitEthernet0/0/0]
[AR5-GigabitEthernet0/0/0]int g0/0/1
[AR5-GigabitEthernet0/0/1]
[AR5-GigabitEthernet0/0/1]ip add 10.0.45.5 24

[Huawei]sysname AR6
[AR6]int lo 0
[AR6-LoopBack0]
[AR6-LoopBack0]ip add 6.6.6.6 32
[AR6-LoopBack0]
[AR6-LoopBack0]int g0/0/0
[AR6-GigabitEthernet0/0/0]
[AR6-GigabitEthernet0/0/0]ip add 10.0.56.6 24

[Huawei]sysname LSW7
[LSW7]vlan 17
[LSW7-vlan17]q
[LSW7]int lo 0
[LSW7-LoopBack0]ip add 7.7.7.7 32
[LSW7-LoopBack0]int vlanif 17
[LSW7-Vlanif17]ip add 10.0.17.7 24
[LSW7-Vlanif17]int g0/0/1
[LSW7-GigabitEthernet0/0/1]po li ac
[LSW7-GigabitEthernet0/0/1]po de vl 17

[Huawei]sysname LSW8
[LSW8]vlan 68
[LSW8-vlan68]q
[LSW8]int lo 0
[LSW8-LoopBack0]ip add 8.8.8.8 32
[LSW8-LoopBack0]int vlanif 68
[LSW8-Vlanif68]ip add 10.0.68.8 24
[LSW8-Vlanif68]int g0/0/1
[LSW8-GigabitEthernet0/0/1]po li ac
[LSW8-GigabitEthernet0/0/1]po de vl 68

二、配置OSPF

[AR1]ospf 100 router-id 1.1.1.1
[AR1-ospf-100]area 0
[AR1-ospf-100-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[AR1-ospf-100-area-0.0.0.0]network 10.0.12.0 0.0.0.255

[AR2]ospf 100 router-id 2.2.2.2
[AR2-ospf-100]area 0
[AR2-ospf-100-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[AR2-ospf-100-area-0.0.0.0]network 10.0.12.0 0.0.0.255
[AR2-ospf-100-area-0.0.0.0]network 10.0.23.0 0.0.0.255

[AR3]ospf 100 router-id 3.3.3.3
[AR3-ospf-100]area 0
[AR3-ospf-100-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[AR3-ospf-100-area-0.0.0.0]network 10.0.23.0 0.0.0.255

[AR4]ospf 200 router-id 4.4.4.4
[AR4-ospf-200]area 0
[AR4-ospf-200-area-0.0.0.0]network 4.4.4.4 0.0.0.0
[AR4-ospf-200-area-0.0.0.0]network 10.0.45.0 0.0.0.255

[AR5]ospf 200 router-id 5.5.5.5
[AR5-ospf-200]area 0
[AR5-ospf-200-area-0.0.0.0]network 5.5.5.5 0.0.0.0
[AR5-ospf-200-area-0.0.0.0]network 10.0.45.0 0.0.0.255
[AR5-ospf-200-area-0.0.0.0]network 10.0.56.0 0.0.0.255

[AR6]ospf 200 router-id 6.6.6.6
[AR6-ospf-200]area 0
[AR6-ospf-200-area-0.0.0.0]network 6.6.6.6 0.0.0.0
[AR6-ospf-200-area-0.0.0.0]network 10.0.56.0 0.0.0.255

三、启用MPLS

[AR1]mpls lsr-id 1.1.1.1
[AR1]mpls 	
[AR1-mpls]mpls ldp
[AR1-mpls-ldp]int g0/0/0
[AR1-GigabitEthernet0/0/0]mpls 
[AR1-GigabitEthernet0/0/0]mpls ldp

[AR2]mpls lsr-id 2.2.2.2
[AR2]mpls
[AR2-mpls]mpls ldp
[AR2-mpls-ldp]int g0/0/0
[AR2-GigabitEthernet0/0/0]mpls
[AR2-GigabitEthernet0/0/0]mpls ldp
[AR2-GigabitEthernet0/0/0]int g0/0/1
[AR2-GigabitEthernet0/0/1]mpls
[AR2-GigabitEthernet0/0/1]mpls ldp

[AR3]mpls lsr-id 3.3.3.3
[AR3]mpls
[AR3-mpls]lsp-trigger bgp-label-route
[AR3-mpls]mpls ldp
[AR3-mpls-ldp]int g0/0/0
[AR3-GigabitEthernet0/0/0]mpls
[AR3-GigabitEthernet0/0/0]mpls ldp
[AR3-GigabitEthernet0/0/0]int g0/0/1
[AR3-GigabitEthernet0/0/1]mpls

[AR4]mpls lsr-id 4.4.4.4
[AR4]mpls
[AR4-mpls]lsp-trigger bgp-label-route
[AR4-mpls]mpls ldp
[AR4-mpls-ldp]int g0/0/0
[AR4-GigabitEthernet0/0/0]mpls
[AR4-GigabitEthernet0/0/0]int g0/0/1
[AR4-GigabitEthernet0/0/1]mpls
[AR4-GigabitEthernet0/0/1]mpls ldp

[AR5]mpls lsr-id 5.5.5.5
[AR5]mpls
[AR5-mpls]mpls ldp
[AR5-mpls-ldp]int g0/0/0
[AR5-GigabitEthernet0/0/0]mpls
[AR5-GigabitEthernet0/0/0]mpls ldp
[AR5-GigabitEthernet0/0/0]int g0/0/1
[AR5-GigabitEthernet0/0/1]mpls
[AR5-GigabitEthernet0/0/1]mpls ldp

[AR6]mpls lsr-id 6.6.6.6
[AR6]mpls
[AR6-mpls]mpls ldp
[AR6-mpls-ldp]int g0/0/0
[AR6-GigabitEthernet0/0/0]mpls
[AR6-GigabitEthernet0/0/0]mpls ldp

四、配置VPN实例

[AR1]ip vpn-instance vpna
[AR1-vpn-instance-vpna]route-distinguisher 123:1	
[AR1-vpn-instance-vpna-af-ipv4]vpn-target 1:1 both 
[AR1-vpn-instance-vpna-af-ipv4]int g0/0/1
[AR1-GigabitEthernet0/0/1]ip binding vpn-instance vpna
[AR1-GigabitEthernet0/0/1]ip add 10.0.17.1 24

[AR6]ip vpn-instance vpnb
[AR6-vpn-instance-vpnb]route-distinguisher 456:6
[AR6-vpn-instance-vpnb-af-ipv4]vpn-target 1:1 both
[AR6-vpn-instance-vpnb-af-ipv4]int g0/0/1
[AR6-GigabitEthernet0/0/1]ip binding vpn-instance vpnb
[AR6-GigabitEthernet0/0/1]ip add 10.0.68.6 24

五、配置BGP

[AR1]bgp 123
[AR1-bgp]peer 6.6.6.6 as 456
[AR1-bgp]peer 6.6.6.6 con lo 0
[AR1-bgp]peer 6.6.6.6 ebgp-max-hop 15
[AR1-bgp]ipv4-family vpnv4	
[AR1-bgp-af-vpnv4]peer 6.6.6.6 enable 
[AR1-bgp-af-vpnv4]q
[AR1-bgp]ipv4-family vpn-instance vpna
[AR1-bgp-vpna]peer 10.0.17.7 as 65001

[AR6]bgp 456
[AR6-bgp]peer 1.1.1.1 as 123
[AR6-bgp]peer 1.1.1.1 con lo 0
[AR6-bgp]peer 1.1.1.1 ebgp-max-hop 15
[AR6-bgp]ipv4-family vpnv4
[AR6-bgp-af-vpnv4]peer 1.1.1.1 enable	
[AR6-bgp-af-vpnv4]q
[AR6-bgp]ipv4-family vpn-instance vpnb
[AR6-bgp-vpnb]peer 10.0.68.8 as 65002


#路由策略,用于添加mpls标签(向ASBR-PE2)
[AR3]route-policy ASBR-PE2 permit node 1	
[AR3-route-policy]apply mpls-label 
[AR3-route-policy]q
[AR3]bgp 123
[AR3-bgp]peer 10.0.34.4 as 456
[AR3-bgp]network 1.1.1.1 32
[AR3-bgp]peer 10.0.34.4 route-policy ASBR-PE2  export 
[AR3-bgp]peer 10.0.34.4 label-route-capability 
[AR3-bgp]q

[AR3]ospf 100 
[AR3-ospf-100]import-route bgp 


#路由策略,用于添加mpls标签(向ASBR-PE1)
[AR4]route-policy ASBR-PE1 permit node 1
[AR4-route-policy]apply mpls-label 
[AR4-route-policy]q
[AR4]bgp 456
[AR4-bgp]peer 10.0.34.3 as 123
[AR4-bgp]network 6.6.6.6 32
[AR4-bgp]peer 10.0.34.3 route-policy ASBR-PE1  export 
[AR4-bgp]peer 10.0.34.3 label-route-capability 
[AR4-bgp]q

[AR4]ospf 200
[AR4-ospf-200]import-route bgp

六、​CE发布路由

[LSW7]bgp 65001
[LSW7-bgp]peer 10.0.17.1 as 123
[LSW7-bgp]network 7.7.7.7 32

[LSW8]bgp 65002
[LSW8-bgp]peer 10.0.68.6 as 456
[LSW8-bgp]network 8.8.8.8 32

七、验证

LSW7查看bgp路由表

LSW8查看bgp路由表

AR1查看BGP VPNv4对等体

AR6查看BGP VPNv4对等体

测试LSW7与LSW8连通性

季十七
关注
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值