华为 BGP MPLS VPN 实验(二)跨域

于 2023-08-22 11:28:39 发布
阅读量1.9k 收藏 28
点赞数 1
分类专栏: 网络 学习笔记 文章标签: 华为 网络
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/u012791712/article/details/132041703
版权

文章目录

一、Option A 实验

实验说明:
优点:原理简单,ASBR之间不需要运行MPLS,不需要为跨域进行特殊配置。适用于vpn实例较少、跨越AS不多的简单场景。
缺点:①扩展性差,每增加一个vpn实例,在中间的ASBR上就需要增加一条链路(可以是虚拟的),并创建相应实例。如果跨越多个自制系统,所有ASBR互联的地方都需要配置。【链路受限,子接口】
②ASBR需要为每个vpn创建相应的vpn实例,且需要管理所有vpn实例的路由。这使得ASBR上的vpnv4私网路由数量过于庞大,如果vpn实例很多则对ASBR性能有很强的要求。

1、R2与R4、R5与R7之间建立MP-BGP路由;
2、2个AS域的标签传递均在ASBR上面终结;
3、R4与R5之间为普通bgp vpn实例路由传递,不携带标签;
4、R1与R8两台路由器运行OSPF路由协议,在PE设备上与BGP双向引入;
5、两台ASBR之间运行BGP vpn实例路由。

注:
1、实验中只有一对CE,如果有多对CE设备,则在ASBR外联口使用子接口的形式
2、在bgp的vpn实例里面与对端asbr建立bgp邻居
3、如:

[ASBR1]interface g0/0/1.1
[ASBR1-GigabitEthernet0/0/1.1]ip binding vpn-instance vpn1
[ASBR1-GigabitEthernet0/0/1.1]vlan-type dot1q vid 10
[ASBR1-GigabitEthernet0/0/1.1]ip address 100.4.4.1 24
[ASBR1]interface g0/0/1.2
[ASBR1-GigabitEthernet0/0/1.2]ip binding vpn-instance vpn2
[ASBR1-GigabitEthernet0/0/1.2]vlan-type dot1q vid 20
[ASBR1-GigabitEthernet0/0/1.2]ip address 100.5.5.1 24

1.1 实验拓扑图

在这里插入图片描述

1.2 各设备IP地址基本配置及BGP设备环回口IGP互通示例

R1:
<R1>dis ip int bri
GigabitEthernet0/0/0    12.1.1.1/24    up     up        
LoopBack0      		    1.1.1.1/32     up     up(s)     
LoopBack10            	192.1.1.1/32   up     up(s)  //业务口
[R1]ospf 1 rou	
[R1]ospf 1 router-id 1.1.1.1
[R1-ospf-1]a 0
[R1-ospf-1-area-0.0.0.0]netw 12.1.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]netw 1.1.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]netw 192.1.1.1 0.0.0.0

R2:
<R2>dis ip int bri
GigabitEthernet0/0/0    12.1.1.2/24    up     up        
GigabitEthernet0/0/1    23.1.1.2/24    up     up            
LoopBack0               2.2.2.2/32     up     up(s)     
[R2]ospf 1 rou 2.2.2.2
[R2-ospf-1-area-0.0.0.0]netw 23.1.1.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]netw 2.2.2.2 0.0.0.0

R3:
[R3]dis ip int bri
GigabitEthernet0/0/0    23.1.1.3/24    up     up        
GigabitEthernet0/0/1    34.1.1.3/24    up     up        
LoopBack0               3.3.3.3/32     up     up(s) 
[R3]dis cu con ospf
	ospf 1 router-id 3.3.3.3 
	 area 0.0.0.0 
	  network 3.3.3.3 0.0.0.0 
	  network 23.1.1.3 0.0.0.0 
	  network 34.1.1.3 0.0.0.0 
[R3]dis ospf peer bri
	 OSPF Process 1 with Router ID 3.3.3.3
		  Peer Statistic Information
 ----------------------------------------------------------------------------
 Area Id          Interface                        Neighbor id      State    
 0.0.0.0          GigabitEthernet0/0/0             2.2.2.2          Full        
 0.0.0.0          GigabitEthernet0/0/1             4.4.4.4          Full        
 ----------------------------------------------------------------------------

R8:
<R8>dis ip int bri
GigabitEthernet0/0/0    78.1.1.8/24    up     up             
LoopBack0               8.8.8.8/32     up     up(s)     
LoopBack10              192.8.8.8/32   up     up(s) //业务口
[R8]ospf 1 rou 8.8.8.8
[R8-ospf-1]a 0
[R8-ospf-1-area-0.0.0.0]netw 78.1.1.8 0.0.0.0
[R8-ospf-1-area-0.0.0.0]netw 8.8.8.8 0.0.0.0
[R8-ospf-1-area-0.0.0.0]netw 192.8.8.8 0.0.0.0

1.3 vpn实例配置

R2:
[R2]ip vpn-instance vpn1	//创建vpn1实例
[R2-vpn-instance-vpn1]route-distinguisher 10:10
[R2-vpn-instance-vpn1-af-ipv4]vpn-target 10:10 both 
[R2]int g0/0/0	//进入连接CE的口绑定vpn1实例
[R2-GigabitEthernet0/0/0]ip binding vpn-instance vpn1
Info: All IPv6 related configurations on this interface are removed!	//接口IP被移除,
[R2-GigabitEthernet0/0/0]ip add 12.1.1.2 24	//添加上接口IP地址

R4:
[R4]ip vpn-instance vpn2
[R4-vpn-instance-vpn2]route-distinguisher 20:20
[R4-vpn-instance-vpn2-af-ipv4]vpn-target 10:10 both 
[R4]int g0/0/1
[R4-GigabitEthernet0/0/1]ip bind vpn vpn2
Info: All IPv6 related configurations on this interface are removed!
[R4-GigabitEthernet0/0/1]ip add 45.1.1.4 24

R5:
[R5]ip vpn-instance vpn3
[R5-vpn-instance-vpn3]route-distinguisher 30:30
[R5-vpn-instance-vpn3-af-ipv4]vpn-target 20:20 both 
[R5]int g0/0/0
[R5-GigabitEthernet0/0/0]ip bind vpn vpn3
Info: All IPv6 related configurations on this interface are removed!
[R5-GigabitEthernet0/0/0]ip add 45.1.1.5 24

R7:
[R7]ip vpn-instance vpn4
[R7-vpn-instance-vpn4]route-distinguisher 40:40
[R7-vpn-instance-vpn4-af-ipv4]vpn-target 20:20 both 
[R7]int g0/0/1
[R7-GigabitEthernet0/0/1]ip bind vpn vpn4
Info: All IPv6 related configurations on this interface are removed!
[R7-GigabitEthernet0/0/1]ip add 78.1.1.7 24

1.4 左侧部分MP-BGP配置

R2:
[R2]mpls lsr-id 2.2.2.2
[R2]mpls
[R2]mpls ldp 
[R2-mpls-ldp]int g0/0/1
[R2-GigabitEthernet0/0/1]mpls 
[R2-GigabitEthernet0/0/1]mpls ldp
[R2]bgp 100
[R2-bgp]router-id 2.2.2.2
[R2-bgp]peer 4.4.4.4 as 100
[R2-bgp]peer 4.4.4.4 connect-interface LoopBack 0
[R2-bgp]ipv4-family vpnv4
[R2-bgp-af-vpnv4]peer 4.4.4.4 enable

R3:
[R3]mpls lsr-id 3.3.3.3
[R3]mpls
[R3]mpls ldp
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]mpls
[R3-GigabitEthernet0/0/0]mpls ldp
[R3]int g0/0/1
[R3-GigabitEthernet0/0/1]mpls
[R3-GigabitEthernet0/0/1]mpls ldp

R4:
[R4]mpls ls 4.4.4.4
[R4]mpls
[R4]mpls ldp
[R4-mpls-ldp]int g0/0/0
[R4-GigabitEthernet0/0/0]mpls
[R4-GigabitEthernet0/0/0]mpl ld
[R4]bgp 100
[R4-bgp]router-id 4.4.4.4
[R4-bgp]peer 2.2.2.2 as 100
[R4-bgp]pee 2.2.2.2 con l 0
[R4-bgp]ipv4-family vpnv4
[R4-bgp-af-vpnv4]peer 2.2.2.2 enable

1.5 查看部分邻居表

[R2]dis bgp vpnv4 all peer 
 BGP local router ID : 2.2.2.2
 Local AS number : 100
 Total number of peers : 1		  Peers in established state : 1
  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv
  4.4.4.4         4         100        5        7     0 00:03:33 Established       0

[R3]dis mpls ldp peer  
 LDP Peer Information in Public network
 A '*' before a peer means the peer is being deleted.
 ------------------------------------------------------------------------------
 PeerID                 TransportAddress   DiscoverySource
 ------------------------------------------------------------------------------
 2.2.2.2:0              2.2.2.2            GigabitEthernet0/0/0
 4.4.4.4:0              4.4.4.4            GigabitEthernet0/0/1
 ------------------------------------------------------------------------------
 TOTAL: 2 Peer(s) Found.

[R4]dis bgp vpnv4 all peer 
 BGP local router ID : 4.4.4.4
 Local AS number : 100
 Total number of peers : 1		  Peers in established state : 1
  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv
  2.2.2.2         4         100        6        6     0 00:04:21 Established       0

1.6 在R2上对OSPF与BGP双向引入

#配置与R1对接的OSPF进程
[R2-ospf-10]dis this	//ospf里面引入bgp
ospf 10 router-id 2.2.2.2 vpn-instance vpn1
 import-route bgp
 area 0.0.0.0 
  network 12.1.1.2 0.0.0.0 
[R2]bgp 100	//bgp里面引入ospf
[R2-bgp]ipv4-family vpn-instance vpn1
[R2-bgp-vpn1]import-route ospf 10

1.7 查看R2 R7上面学习到的CE的路由

[R2]dis ip routing-table vpn-instance vpn1
    192.1.1.1/32  OSPF    10   1           D   12.1.1.1        GigabitEthernet0/0/0

[R7]dis ip routing-table vpn-instance vpn4
	192.8.8.8/32  OSPF    10   1           D   78.1.1.8        GigabitEthernet0/0/1

1.8 ASBR之间的路由协议配置

R4:
[R4]bgp 100
[R4-bgp]ipv4-family vpn-instance vpn2
[R4-bgp-vpn2]peer 45.1.1.5 as 200

R5:
[R5]bgp 200
[R5-bgp]ipv4-family vpn-instance vpn3
[R5-bgp-vpn4]peer 45.1.1.4 as 100

1.9 全部配置文件

【R1配置文件】:
<R1>dis cu
interface GigabitEthernet0/0/0
 ip address 12.1.1.1 255.255.255.0 
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255 
interface LoopBack10
 ip address 192.1.1.1 255.255.255.255 
#
ospf 1 router-id 1.1.1.1 
 area 0.0.0.0 
  network 12.1.1.1 0.0.0.0 
  network 192.1.1.1 0.0.0.0 
return

【R2配置文件】:
<R2>dis cu
ip vpn-instance vpn1
 ipv4-family
  route-distinguisher 10:10
  vpn-target 10:10 export-extcommunity
  vpn-target 10:10 import-extcommunity
mpls lsr-id 2.2.2.2
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip binding vpn-instance vpn1
 ip address 12.1.1.2 255.255.255.0 
interface GigabitEthernet0/0/1
 ip address 23.1.1.2 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 2.2.2.2 255.255.255.255 
bgp 100
 router-id 2.2.2.2
 peer 4.4.4.4 as-number 100 
 peer 4.4.4.4 connect-interface LoopBack0
 
 ipv4-family vpnv4
  policy vpn-target
  peer 4.4.4.4 enable

 ipv4-family vpn-instance vpn1 
  import-route ospf 10
#
ospf 1 router-id 2.2.2.2 
 area 0.0.0.0 
  network 2.2.2.2 0.0.0.0 
  network 23.1.1.2 0.0.0.0 
#
ospf 10 router-id 2.2.2.2 vpn-instance vpn1
 import-route bgp
 area 0.0.0.0 
  network 12.1.1.2 0.0.0.0 
return

【R3配置文件】:
<R3>dis cu
mpls lsr-id 3.3.3.3
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 23.1.1.3 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 ip address 34.1.1.3 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 3.3.3.3 255.255.255.255 
ospf 1 router-id 3.3.3.3 
 area 0.0.0.0 
  network 3.3.3.3 0.0.0.0 
  network 23.1.1.3 0.0.0.0 
  network 34.1.1.3 0.0.0.0 
return

【R4配置文件】:终结R2的vpn实例,RT值与R2一样
<R4>dis cu
ip vpn-instance vpn2
 ipv4-family
  route-distinguisher 20:20
  vpn-target 10:10 export-extcommunity
  vpn-target 10:10 import-extcommunity
mpls lsr-id 4.4.4.4
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 34.1.1.4 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 ip binding vpn-instance vpn2
 ip address 45.1.1.4 255.255.255.0 
interface LoopBack0
 ip address 4.4.4.4 255.255.255.255 
bgp 100
 router-id 4.4.4.4
 peer 2.2.2.2 as-number 100 
 peer 2.2.2.2 connect-interface LoopBack0

 ipv4-family vpnv4
  peer 2.2.2.2 enable
 
 ipv4-family vpn-instance vpn2 
  peer 45.1.1.5 as-number 200 
#
ospf 1 router-id 4.4.4.4 
 area 0.0.0.0 
  network 4.4.4.4 0.0.0.0 
  network 34.1.1.4 0.0.0.0 
return

【R5配置文件】:RT值与R7一样
<R5> dis cu
ip vpn-instance vpn3
 ipv4-family
  route-distinguisher 30:30
  vpn-target 20:20 export-extcommunity
  vpn-target 20:20 import-extcommunity
mpls lsr-id 5.5.5.5
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip binding vpn-instance vpn3
 ip address 45.1.1.5 255.255.255.0 
interface GigabitEthernet0/0/1
 ip address 56.1.1.5 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 5.5.5.5 255.255.255.255 
#
bgp 200
 router-id 5.5.5.5
 peer 7.7.7.7 as-number 200 
 peer 7.7.7.7 connect-interface LoopBack0
 
 ipv4-family vpnv4
  peer 7.7.7.7 enable
 
 ipv4-family vpn-instance vpn3 
  peer 45.1.1.4 as-number 100 
#
ospf 1 router-id 5.5.5.5 
 area 0.0.0.0 
  network 5.5.5.5 0.0.0.0 
  network 56.1.1.5 0.0.0.0 
return

【R6配置文件】:
<R6>dis cu
mpls lsr-id 6.6.6.6
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 56.1.1.6 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 ip address 67.1.1.6 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 6.6.6.6 255.255.255.255 
#
ospf 1 router-id 6.6.6.6 
 area 0.0.0.0 
  network 6.6.6.6 0.0.0.0 
  network 56.1.1.6 0.0.0.0 
  network 67.1.1.6 0.0.0.0 
return

【R7配置文件】:
<R7>dis cu
ip vpn-instance vpn4
 ipv4-family
  route-distinguisher 40:40
  vpn-target 20:20 export-extcommunity
  vpn-target 20:20 import-extcommunity
mpls lsr-id 7.7.7.7
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 67.1.1.7 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 ip binding vpn-instance vpn4
 ip address 78.1.1.7 255.255.255.0 
interface LoopBack0
 ip address 7.7.7.7 255.255.255.255 
bgp 200
 router-id 7.7.7.7
 peer 5.5.5.5 as-number 200 
 peer 5.5.5.5 connect-interface LoopBack0
 
 ipv4-family vpnv4
  policy vpn-target
  peer 5.5.5.5 enable
 
 ipv4-family vpn-instance vpn4 
  import-route ospf 10
#
ospf 1 
 area 0.0.0.0 
  network 7.7.7.7 0.0.0.0 
  network 67.1.1.7 0.0.0.0 
#
ospf 10 router-id 7.7.7.7 vpn-instance vpn4
 import-route bgp
 area 0.0.0.0 
  network 78.1.1.7 0.0.0.0 
return

【R8配置文件】:
<R8>dis cu
interface GigabitEthernet0/0/0
 ip address 78.1.1.8 255.255.255.0 
interface LoopBack0
 ip address 8.8.8.8 255.255.255.255 
interface LoopBack10
 ip address 192.8.8.8 255.255.255.255 
#
ospf 1 router-id 8.8.8.8 
 area 0.0.0.0 
  network 8.8.8.8 0.0.0.0 
  network 78.1.1.8 0.0.0.0 
  network 192.8.8.8 0.0.0.0 
return

二、Option B 实验

实验说明
优点:不受ASBR之间互联链路的限制,相比OptionA扩展性好些。
缺点:域间VPN实例的路由信息是通过ASBR保存和扩散,即ASBR需要承载处理所有域间私网路由。这使得ASBR负担较重,容易成为故障点。(解决方案:ASBR只负责vpn路由的保存和扩散,不再负责公网IP报文转发)

1、R2与R4、R4与R5、R5与R7之间建立MP-BGP路由;
2、2个AS域的标签直接传递;
3、R4与R5之间为MP-BGP路由;
4、R1与R8两台路由器运行OSPF路由协议,在PE设备上与BGP双向引入;
5、两台ASBR之间运行BGP vpnv4,并配置undo vpn-target参数。

2.1 实验拓扑

在这里插入图片描述

2.2 关键配置

1、ASBR外联口只使能 mpls
interface GigabitEthernet0/0/1
 ip address 45.1.1.4 255.255.255.0 
 mpls
2、在 ASBR之间建立 MP-EBGP 邻居,同时配置 ASBR 不对接收的 VPNv4 路由进行 RT 过滤匹配
bgp 100
 peer 45.1.1.5 as-number 200 
 # 
 ipv4-family vpnv4
  undo policy vpn-target
  peer 45.1.1.5 enable

2.3 实验效果

<R1>ping 192.8.8.8
  PING 192.8.8.8: 56  data bytes, press CTRL_C to break
    Reply from 192.8.8.8: bytes=56 Sequence=1 ttl=249 time=100 ms
    Reply from 192.8.8.8: bytes=56 Sequence=2 ttl=249 time=60 ms
    Reply from 192.8.8.8: bytes=56 Sequence=3 ttl=249 time=60 ms
    Reply from 192.8.8.8: bytes=56 Sequence=4 ttl=249 time=60 ms
    Reply from 192.8.8.8: bytes=56 Sequence=5 ttl=249 time=60 ms

  --- 192.8.8.8 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 60/68/100 ms

2.4 配置文件

【R1配置文件】
sysname R1
interface GigabitEthernet0/0/0
 ip address 12.1.1.1 255.255.255.0 
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255 
interface LoopBack10
 ip address 192.1.1.1 255.255.255.255 
#
ospf 1 router-id 1.1.1.1 
 area 0.0.0.0 
  network 1.1.1.1 0.0.0.0 
  network 12.1.1.1 0.0.0.0 
  network 192.1.1.1 0.0.0.0 
#

【R2配置文件】
sysname R2
ip vpn-instance vpn1	//CE的vpn实例
 ipv4-family
  route-distinguisher 10:10
  vpn-target 10:10 export-extcommunity
  vpn-target 10:10 import-extcommunity
#
mpls lsr-id 2.2.2.2
mpls
mpls ldp
#
interface GigabitEthernet0/0/0	//接CE口
 ip binding vpn-instance vpn1
 ip address 12.1.1.2 255.255.255.0 
#
interface GigabitEthernet0/0/1	//接P口
 ip address 23.1.1.2 255.255.255.0 
 mpls
 mpls ldp
#
interface LoopBack0
 ip address 2.2.2.2 255.255.255.255 
#
bgp 100
 router-id 2.2.2.2
 peer 4.4.4.4 as-number 100 
 peer 4.4.4.4 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  undo peer 4.4.4.4 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 4.4.4.4 enable
 #
 ipv4-family vpn-instance vpn1 	//把OSPF引入到BGP
  import-route ospf 10
#
ospf 1 router-id 2.2.2.2 
 area 0.0.0.0 
  network 2.2.2.2 0.0.0.0 
  network 23.1.1.2 0.0.0.0 
#
ospf 10 router-id 2.2.2.2 vpn-instance vpn1	//把BGP引入到OSPF
 import-route bgp
 area 0.0.0.0 
  network 12.1.1.2 0.0.0.0 
#

【R3配置文件】
sysname R3
mpls lsr-id 3.3.3.3
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 23.1.1.3 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 ip address 34.1.1.3 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 3.3.3.3 255.255.255.255 
#
ospf 1 router-id 3.3.3.3 
 area 0.0.0.0 
  network 3.3.3.3 0.0.0.0 
  network 23.1.1.3 0.0.0.0 
  network 34.1.1.3 0.0.0.0 
#

【R4配置文件】
sysname R4
mpls lsr-id 4.4.4.4
mpls
mpls ldp
interface GigabitEthernet0/0/0	//接P口
 ip address 34.1.1.4 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1	//到对端ASBR口,使能mpls
 ip address 45.1.1.4 255.255.255.0 
 mpls
interface LoopBack0
 ip address 4.4.4.4 255.255.255.255 
#
bgp 100
 router-id 4.4.4.4
 peer 2.2.2.2 as-number 100 
 peer 2.2.2.2 connect-interface LoopBack0
 peer 45.1.1.5 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  undo peer 2.2.2.2 enable
  undo peer 45.1.1.5 enable
 # 
 ipv4-family vpnv4
  undo policy vpn-target
  peer 2.2.2.2 enable
  peer 45.1.1.5 enable
#
ospf 1 router-id 4.4.4.4 
 area 0.0.0.0 
  network 4.4.4.4 0.0.0.0 
  network 34.1.1.4 0.0.0.0 
#

【R5配置文件】
sysname R5
mpls lsr-id 5.5.5.5
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 45.1.1.5 255.255.255.0 
 mpls
interface GigabitEthernet0/0/1
 ip address 56.1.1.5 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 5.5.5.5 255.255.255.255 
#
bgp 200
 peer 7.7.7.7 as-number 200 
 peer 7.7.7.7 connect-interface LoopBack0
 peer 45.1.1.4 as-number 100 
 #
 ipv4-family unicast
  undo synchronization
  undo peer 7.7.7.7 enable
  undo peer 45.1.1.4 enable
 # 
 ipv4-family vpnv4
  undo policy vpn-target
  peer 7.7.7.7 enable
  peer 45.1.1.4 enable
#
ospf 1 router-id 5.5.5.5 
 area 0.0.0.0 
  network 5.5.5.5 0.0.0.0 
  network 56.1.1.5 0.0.0.0 
#

【R6配置文件】
sysname R6
mpls lsr-id 6.6.6.6
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 56.1.1.6 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 ip address 67.1.1.6 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 6.6.6.6 255.255.255.255 
#
ospf 1 router-id 6.6.6.6 
 area 0.0.0.0 
  network 6.6.6.6 0.0.0.0 
  network 56.1.1.6 0.0.0.0 
  network 67.1.1.6 0.0.0.0 
#

【R7配置文件】
sysname R7
ip vpn-instance vpn2
 ipv4-family
  route-distinguisher 20:20
  vpn-target 10:10 export-extcommunity
  vpn-target 10:10 import-extcommunity
#
mpls lsr-id 7.7.7.7
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 67.1.1.7 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 description iths
 ip binding vpn-instance vpn2
 ip address 78.1.1.7 255.255.255.0 
interface LoopBack0
 ip address 7.7.7.7 255.255.255.255 
#
bgp 200
 peer 5.5.5.5 as-number 200 
 peer 5.5.5.5 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  undo peer 5.5.5.5 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 5.5.5.5 enable
 #
 ipv4-family vpn-instance vpn2 
  import-route ospf 10
#
ospf 1 router-id 7.7.7.7 
 area 0.0.0.0 
  network 7.7.7.7 0.0.0.0 
  network 67.1.1.7 0.0.0.0 
#
ospf 10 router-id 7.7.7.7 vpn-instance vpn2
 import-route bgp
 area 0.0.0.0 
  network 78.1.1.7 0.0.0.0 
#

【R8配置文件】
sysname R8
interface GigabitEthernet0/0/0
 ip address 78.1.1.8 255.255.255.0 
interface LoopBack0
 ip address 8.8.8.8 255.255.255.255 
interface LoopBack10
 ip address 192.8.8.8 255.255.255.255 
#
ospf 1 router-id 8.8.8.8 
 area 0.0.0.0 
  network 8.8.8.8 0.0.0.0 
  network 78.1.1.8 0.0.0.0 
  network 192.8.8.8 0.0.0.0 
#

三、Option C1 实验

实验描述:

  1. AS 100 和 AS 200 内部的公共网络中各自运行 OSPF 使 AS 内各设备的 Loopback 口连通。
  2. AS 100 和 AS 200 内部的公共网络各自运行 LDP 来建立 MPLS 路径,各路由器使用 Loopback0 口作为 LSR-id
  3. 在 PE 上创建 VPN 实例,并配置 RD 和 RT
  4. 各自 VPN 内部使用独立 OSPF 实例在 CE 和 PE 之间传递私网路由
  5. 在各 AS 内部的 PE 和 ASBR 间建立 IPv4 IBGP 邻居,ASBR 间建立 IPv4 EBGP 邻居。在 ASBR 上宣告各 AS 内 PE 的 Loopback 口路由,用于传递至对端 PE,稍后双方 PE 间建立 MP-EBGP 邻居
  6. 在 PE1 和 PE2 间建立 MP-EBGP 邻居
  7. 在所有 IPv4 BGP 邻居间开启接收带标签 IPv4 路由的能力
  8. 在 ASBR 上配置路由策略,为 IPv4 路由打上 MPLS 标签,并对 BGP 邻居应用
  9. 在 PE 上配置 BGP 和各 OSPF 实例的路由互相引入,来把私网路由传递到对端站点
  10. 效果测试:在各设备上查询路由表,可以正确学习到路由,在 CE 上使用 Loopback0 口为源地址 Ping 同 VPN 对端私网业务地址,可以 Ping 通

3.1 实验拓扑

在这里插入图片描述

3.2 ASBR之间的配置

ASBR1 R4的配置,对端ASBR2类似】
bgp 100
 router-id 4.4.4.4
 peer 2.2.2.2 as-number 100 
 peer 2.2.2.2 connect-interface LoopBack0
 peer 45.1.1.5 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  network 2.2.2.2 255.255.255.255 	//宣告AR2的rid,与AR7建立MP-BGP
  peer 2.2.2.2 enable
  peer 2.2.2.2 route-policy ASNei export	//匹配标签策略
  peer 2.2.2.2 label-route-capability	//带标签路由
  peer 45.1.1.5 enable
  peer 45.1.1.5 route-policy ASWai export
  peer 45.1.1.5 label-route-capability
 #

3.3 全部配置文件

【AR1的配置文件】
sysname R1
interface GigabitEthernet0/0/0
 ip address 12.1.1.1 255.255.255.0 
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255 
interface LoopBack10
 ip address 192.1.1.1 255.255.255.255 
#
ospf 1 router-id 1.1.1.1 
 area 0.0.0.0 
  network 1.1.1.1 0.0.0.0 
  network 12.1.1.1 0.0.0.0 
  network 192.1.1.1 0.0.0.0 
#

【AR2的配置文件】
sysname R2
ip vpn-instance vpn1
 ipv4-family
  route-distinguisher 10:10
  vpn-target 10:10 export-extcommunity
  vpn-target 10:10 import-extcommunity
mpls lsr-id 2.2.2.2
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip binding vpn-instance vpn1
 ip address 12.1.1.2 255.255.255.0 
interface GigabitEthernet0/0/1
 ip address 23.1.1.2 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 2.2.2.2 255.255.255.255 
#
bgp 100
 router-id 2.2.2.2
 peer 4.4.4.4 as-number 100 	
 peer 4.4.4.4 connect-interface LoopBack0
 peer 7.7.7.7 as-number 200 
 peer 7.7.7.7 ebgp-max-hop 10 	//跨bgp跳数,大于实际传递跳数
 peer 7.7.7.7 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 4.4.4.4 enable
  peer 4.4.4.4 label-route-capability		//使能带标签路由
  undo peer 7.7.7.7 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 7.7.7.7 enable	//与对端PE
 #
 ipv4-family vpn-instance vpn1 
  import-route ospf 10
#
ospf 1 router-id 2.2.2.2 
 area 0.0.0.0 
  network 2.2.2.2 0.0.0.0 
  network 23.1.1.2 0.0.0.0 
#
ospf 10 router-id 2.2.2.2 vpn-instance vpn1
 import-route bgp
 area 0.0.0.0 
  network 12.1.1.2 0.0.0.0 
#

【AR3的配置文件】
sysname R3
mpls lsr-id 3.3.3.3
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 23.1.1.3 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 ip address 34.1.1.3 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 3.3.3.3 255.255.255.255 
#
ospf 1 router-id 3.3.3.3 
 area 0.0.0.0 
  network 3.3.3.3 0.0.0.0 
  network 23.1.1.3 0.0.0.0 
  network 34.1.1.3 0.0.0.0 
#

【AR4的配置文件】
sysname R4
mpls lsr-id 4.4.4.4
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 34.1.1.4 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 ip address 45.1.1.4 255.255.255.0 
 mpls
interface LoopBack0
 ip address 4.4.4.4 255.255.255.255 
#
bgp 100
 router-id 4.4.4.4
 peer 2.2.2.2 as-number 100 
 peer 2.2.2.2 connect-interface LoopBack0
 peer 45.1.1.5 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  network 2.2.2.2 255.255.255.255 	//宣告PE1的RID,用于与PE2建立MP-BGP
  peer 2.2.2.2 enable
  peer 2.2.2.2 route-policy ASNei export	//配置策略,打标签
  peer 2.2.2.2 label-route-capability	//使能标签路由
  peer 45.1.1.5 enable
  peer 45.1.1.5 route-policy ASWai export	//配置策略,打标签
  peer 45.1.1.5 label-route-capability	//使能标签路由
 # 
 ipv4-family vpnv4
  policy vpn-target
#
ospf 1 router-id 4.4.4.4 
 area 0.0.0.0 
  network 4.4.4.4 0.0.0.0 
  network 34.1.1.4 0.0.0.0 
#
route-policy ASNei permit node 10 
 if-match mpls-label 
 apply mpls-label
#
route-policy ASWai permit node 10 
 apply mpls-label
#

【AR5的配置文件】
sysname R5
mpls lsr-id 5.5.5.5
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 45.1.1.5 255.255.255.0 
 mpls
interface GigabitEthernet0/0/1
 ip address 56.1.1.5 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 5.5.5.5 255.255.255.255 
#
bgp 200
 peer 7.7.7.7 as-number 200 
 peer 7.7.7.7 connect-interface LoopBack0
 peer 45.1.1.4 as-number 100 
 #
 ipv4-family unicast
  undo synchronization
  network 7.7.7.7 255.255.255.255 	//宣告PE2的RID,用于与PE1建立MP-BGP
  peer 7.7.7.7 enable
  peer 7.7.7.7 route-policy ASNei export	//配置策略,打标签
  peer 7.7.7.7 label-route-capability	//使能标签路由
  peer 45.1.1.4 enable
  peer 45.1.1.4 route-policy ASWai export
  peer 45.1.1.4 label-route-capability
 # 
 ipv4-family vpnv4
  policy vpn-target
#
ospf 1 router-id 5.5.5.5 
 area 0.0.0.0 
  network 5.5.5.5 0.0.0.0 
  network 56.1.1.5 0.0.0.0 
#
route-policy ASNei permit node 10 
 if-match mpls-label 
 apply mpls-label
#
route-policy ASWai permit node 10 
 apply mpls-label
#

【AR6的配置文件】
sysname R6
mpls lsr-id 6.6.6.6
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 56.1.1.6 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 ip address 67.1.1.6 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 6.6.6.6 255.255.255.255 
#
ospf 1 router-id 6.6.6.6 
 area 0.0.0.0 
  network 6.6.6.6 0.0.0.0 
  network 56.1.1.6 0.0.0.0 
  network 67.1.1.6 0.0.0.0 
#

【AR7的配置文件】
sysname R7
ip vpn-instance vpn2
 ipv4-family
  route-distinguisher 20:20
  vpn-target 10:10 export-extcommunity
  vpn-target 10:10 import-extcommunity
mpls lsr-id 7.7.7.7
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 67.1.1.7 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 ip binding vpn-instance vpn2
 ip address 78.1.1.7 255.255.255.0 
interface LoopBack0
 ip address 7.7.7.7 255.255.255.255 
#
bgp 200
 peer 2.2.2.2 as-number 100 	//与PE1建立MP-BGP
 peer 2.2.2.2 ebgp-max-hop 10 	//大于实际跳数
 peer 2.2.2.2 connect-interface LoopBack0
 peer 5.5.5.5 as-number 200 
 peer 5.5.5.5 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  undo peer 2.2.2.2 enable
  peer 5.5.5.5 enable
  peer 5.5.5.5 label-route-capability
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 2.2.2.2 enable
 #
 ipv4-family vpn-instance vpn2 
  import-route ospf 10
#
ospf 1 router-id 7.7.7.7 
 area 0.0.0.0 
  network 7.7.7.7 0.0.0.0 
  network 67.1.1.7 0.0.0.0 
#
ospf 10 router-id 7.7.7.7 vpn-instance vpn2
 import-route bgp
 area 0.0.0.0 
  network 78.1.1.7 0.0.0.0 
#

【AR8的配置文件】
sysname R8
interface GigabitEthernet0/0/0
 ip address 78.1.1.8 255.255.255.0 
interface LoopBack0
 ip address 8.8.8.8 255.255.255.255 
interface LoopBack10
 ip address 192.8.8.8 255.255.255.255 
#
ospf 1 
 area 0.0.0.0 
  network 8.8.8.8 0.0.0.0 
  network 78.1.1.8 0.0.0.0 
  network 192.8.8.8 0.0.0.0 
#

四、Option C2 实验

  1. 配置各接口IP地址
  2. 在AS100和AS200的MPLS骨干网上分别配置OSPF协议,实现各自骨干网ASBR-PE和PE之间的互通
  3. 将域内PE的路由发送给对端PE,在asbr里面宣告pe的lsr-id,把bgp路由引入到ospf 1 里面
  4. 在AS100和AS200的MPLS骨干网上分别配置MPLS基本能力和MPLS LDP,建立LDP LSP
  5. 在ASBR上配置标签IPv4路由交换能力
  6. 在ASBR上配置为带标签的公网BGP路由建立LDP LSP
  7. 在PE上配置VPN实例,并接入CE
  8. 在PE1与PE2之间建立MP-EBGP对等体关系
  9. 在PE与CE之间建立路由关系,引入VPN路由

4.1 实验拓扑

在这里插入图片描述

4.2 ASBR之间的配置

【PE1的关键配置,PE2类似】
bgp 100
 peer 7.7.7.7 as-number 200 
 peer 7.7.7.7 ebgp-max-hop 10 
 peer 7.7.7.7 connect-interface LoopBack0
 #
 ipv4-family unicast	//不需要bgp邻居
  undo synchronization
  undo peer 7.7.7.7 enable
 # 
 ipv4-family vpnv4	//建立mp-bgp邻居
  policy vpn-target
  peer 7.7.7.7 enable
 #
 ipv4-family vpn-instance vpn1 	//引入CE的实例路由
  import-route ospf 10
#

【ASBR1的关键配置,ASBR2类似】
mpls lsr-id 4.4.4.4
mpls
 lsp-trigger bgp-label-route
#
mpls ldp
#
bgp 100
 peer 45.1.1.5 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  network 2.2.2.2 255.255.255.255 
  peer 45.1.1.5 enable
  peer 45.1.1.5 route-policy ASWai export
  peer 45.1.1.5 label-route-capability
#
ospf 1 router-id 4.4.4.4 
 import-route bgp	//把对端学来的PE2的BGP路由引入到OSPF
 area 0.0.0.0 
  network 4.4.4.4 0.0.0.0 
  network 34.1.1.4 0.0.0.0 
#
route-policy ASWai permit node 10 
 apply mpls-label
#

4.3 全部配置文件

【R1的配置文件】
sysname R1
interface GigabitEthernet0/0/0
 ip address 12.1.1.1 255.255.255.0 
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255 
interface LoopBack10
 ip address 192.1.1.1 255.255.255.255 
#
ospf 1 router-id 1.1.1.1 
 area 0.0.0.0 
  network 1.1.1.1 0.0.0.0 
  network 12.1.1.1 0.0.0.0 
  network 192.1.1.1 0.0.0.0 
#

【R2的配置文件】
sysname R2
ip vpn-instance vpn1
 ipv4-family
  route-distinguisher 10:10
  vpn-target 10:10 export-extcommunity
  vpn-target 10:10 import-extcommunity
#
mpls lsr-id 2.2.2.2
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip binding vpn-instance vpn1
 ip address 12.1.1.2 255.255.255.0 
interface GigabitEthernet0/0/1
 ip address 23.1.1.2 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 2.2.2.2 255.255.255.255 
#
bgp 100
 peer 7.7.7.7 as-number 200 
 peer 7.7.7.7 ebgp-max-hop 10 
 peer 7.7.7.7 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  undo peer 7.7.7.7 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 7.7.7.7 enable
 #
 ipv4-family vpn-instance vpn1 
  import-route ospf 10
#
ospf 1 router-id 2.2.2.2 
 area 0.0.0.0 
  network 2.2.2.2 0.0.0.0 
  network 23.1.1.2 0.0.0.0 
#
ospf 10 router-id 2.2.2.2 vpn-instance vpn1
 import-route bgp
 area 0.0.0.0 
  network 12.1.1.2 0.0.0.0 
#

【R3的配置文件】
sysname R3
mpls lsr-id 3.3.3.3
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 23.1.1.3 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 ip address 34.1.1.3 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 3.3.3.3 255.255.255.255 
#
ospf 1 router-id 3.3.3.3 
 area 0.0.0.0 
  network 3.3.3.3 0.0.0.0 
  network 23.1.1.3 0.0.0.0 
  network 34.1.1.3 0.0.0.0 
#

【R4的配置文件】
sysname R4
mpls lsr-id 4.4.4.4
mpls
 lsp-trigger bgp-label-route	//mpls开启bgp标签
mpls ldp
interface GigabitEthernet0/0/0
 ip address 34.1.1.4 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 ip address 45.1.1.4 255.255.255.0 
 mpls
interface LoopBack0
 ip address 4.4.4.4 255.255.255.255 
#
bgp 100
 peer 45.1.1.5 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  network 2.2.2.2 255.255.255.255 
  peer 45.1.1.5 enable
  peer 45.1.1.5 route-policy ASWai export
  peer 45.1.1.5 label-route-capability
#
ospf 1 router-id 4.4.4.4 
 import-route bgp
 area 0.0.0.0 
  network 4.4.4.4 0.0.0.0 
  network 34.1.1.4 0.0.0.0 
#
route-policy ASWai permit node 10 
 apply mpls-label
#

【R5的配置文件】
sysname R5
mpls lsr-id 5.5.5.5
mpls
 lsp-trigger bgp-label-route	//mpls开启bgp标签
mpls ldp
interface GigabitEthernet0/0/0
 ip address 45.1.1.5 255.255.255.0 
 mpls
interface GigabitEthernet0/0/1
 ip address 56.1.1.5 255.255.255.0 
 mpls
 mpls ldp
interface LoopBack0
 ip address 5.5.5.5 255.255.255.255 
#
bgp 200
 peer 45.1.1.4 as-number 100 
 #
 ipv4-family unicast
  undo synchronization
  network 7.7.7.7 255.255.255.255 
  peer 45.1.1.4 enable
  peer 45.1.1.4 route-policy ASWai export
  peer 45.1.1.4 label-route-capability
#
ospf 1 router-id 5.5.5.5 
 import-route bgp
 area 0.0.0.0 
  network 5.5.5.5 0.0.0.0 
  network 56.1.1.5 0.0.0.0 
#
route-policy ASWai permit node 10 
 apply mpls-label
#

【R6的配置文件】
sysname R6
mpls lsr-id 6.6.6.6
mpls
#
mpls ldp
interface GigabitEthernet0/0/0
 ip address 56.1.1.6 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 ip address 67.1.1.6 255.255.255.0 
 mpls
 mpls ldp
interface GigabitEthernet0/0/2
interface LoopBack0
 ip address 6.6.6.6 255.255.255.255 
#
ospf 1 router-id 6.6.6.6 
 area 0.0.0.0 
  network 6.6.6.6 0.0.0.0 
  network 56.1.1.6 0.0.0.0 
  network 67.1.1.6 0.0.0.0 
#

【R7的配置文件】
sysname R7
ip vpn-instance vpn2
 ipv4-family
  route-distinguisher 20:20
  vpn-target 10:10 export-extcommunity
  vpn-target 10:10 import-extcommunity
#
mpls lsr-id 7.7.7.7
mpls
mpls ldp
interface GigabitEthernet0/0/0
 ip address 67.1.1.7 255.255.255.0 
 mpls
 mpls ldp
#
interface GigabitEthernet0/0/1
 ip binding vpn-instance vpn2
 ip address 78.1.1.7 255.255.255.0 
interface LoopBack0
 ip address 7.7.7.7 255.255.255.255 
#
bgp 200
 peer 2.2.2.2 as-number 100 
 peer 2.2.2.2 ebgp-max-hop 10 
 peer 2.2.2.2 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  undo peer 2.2.2.2 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 2.2.2.2 enable
 #
 ipv4-family vpn-instance vpn2 
  import-route ospf 10
#
ospf 1 router-id 7.7.7.7 
 area 0.0.0.0 
  network 7.7.7.7 0.0.0.0 
  network 67.1.1.7 0.0.0.0 
#
ospf 10 router-id 7.7.7.7 vpn-instance vpn2
 import-route bgp
 area 0.0.0.0 
  network 78.1.1.7 0.0.0.0 
#

【R8的配置文件】
sysname R8
interface GigabitEthernet0/0/0
 ip address 78.1.1.8 255.255.255.0 
interface LoopBack0
 ip address 8.8.8.8 255.255.255.255 
interface LoopBack10
 ip address 192.8.8.8 255.255.255.255 
#
ospf 1 
 area 0.0.0.0 
  network 8.8.8.8 0.0.0.0 
  network 78.1.1.8 0.0.0.0 
  network 192.8.8.8 0.0.0.0 
#
What. . .
关注
  • 1
    点赞
  • 28
    收藏
    觉得还不错? 一键收藏
  • 1
    评论
专栏目录
华为 HCIP 实验 - ‘ MPLS -VPN ’ _ MPLS LDP 配置
君逍遥o
07-12 986
你是公司的网络管理员。公司的网络采用了IP网络,为解决IP网络转发性能低下问题,决定使用MPLS技术来提高路由器的转发速度。而静态LSP由管理员手工配置,LDP是专为标签发布而制定的标签分发协议,为了配置灵活采用LDP来建立MPLS LSP。
BGP/MPLS IP VPN跨域解决方案
最新发布
数通Dinner的博客
05-14 2604
可以看出在跨域OptionA方案中,VPNv4路由在传递时通常带有两层标签栈——跨域OptionB方案非RR场景也是只有两层标签栈,并且ASBR之间传递的是VPNv4路由,配置相比OptionA也要简化一些,只是ASBR负担仍较重,控制平面与转发平面都集中在ASBR上,因此当网络规模较大时,ASBR的性能瓶颈仍然是个问题,在ASBR的流量负担上,相比OptionA几乎没有区别。
华为路由器BGP路由配置实例
06-18
华为路由器BGP路由配置实例
VPN-OptionC 方案一跨域VPN配置
Qconfig100的博客
07-05 766
如图所示,某公司总部和分公司跨域不同的运营商,需实现跨域BGP/MPLS IP VPN 业务的互通,CE1连接总部,通过AS 100的PE1接入。在各个AS内 PE与ASBR-PE间建立MP-IBGP对等体 CE与PE相连配置VPN实例并与CE相连接口绑定,PE与CE间建立EBGP对等体。在各个AS内MPLS骨干网络上配置各接口IP及IGP协议、MPLSMPLS LDP实现PE和ASBR-PE互通,建立LDP LSP。//使ASBR-PE与对端ASBR-PE交换带标签的IPV4路由。
全网最细华为路由器mpls 虚拟专用网络intranet 组网配置
2301_76769137的博客
03-18 1685
全网最细华为MPLS VPN组网配置
四、MPLS VPN跨域解决方案
liyao1569的博客
08-21 1956
本文主要讲解了跨域MPLS VPN常用的三种解决方案,以及顺带研究了一下VRF和LDP标签的一些细节处理
BGP MPLS配置OptionC方式跨域VNP示例(方案).zip
03-13
Option C是BGP/MPLS IP VPN标准中定义的一种跨域解决方案,其核心思想是在AS(Autonomous System,自治系统)间使用EBGP(External BGP)来交换路由信息,并通过MP-BGP(Multiprotocol BGP)在每个AS内部传递标签...
华为MPLS跨域实验.zip
07-19
华为跨域C1方案带RR实验配置 华为MPLS跨域C2方案实验配置 华为MPLS跨域C1方案实验配置 华为MPLS跨域A、B方案实验配置
华为BGP MPLS 6个路由器实例
10-13
华为BPG MPLS OSPF 配置,6个路由器配置,
MPLS BGP反射器实例拓扑ENSP可用
01-19
**MPLS (多协议标签交换) 和 BGP (边界网关协议)** 是现代网络架构中的核心组件,用于实现高效的数据传输和路由控制。在这个场景中,我们关注的是使用BGP反射器在MPLS环境中的应用。BGP反射器是一种优化BGP路由传播...
华为MPLS单域实验配置.zip
01-15
PE与CE之间4种路由协议(BGP、OSPF、静态) 实现站点之间的互访,以及不互访
华为mpls vpn跨域C-1方案配置案例
IT技术
07-02 1068
华为mpls vpn跨域C-1方案配置案例
跨域BGP/MPLS IP VPN实验(OptionA方式)
m0_73365347的博客
11-03 6501
BGP/MPLS VPN有时也简称为MPLS L3 VPN,它是MPLS最为广泛的应用之一。BGP/MPLS VPN主要部署在运营商网络中。
MPLS BGP 跨域(OptionA/B/C(一/))
热门推荐
weixin_51045259的博客
03-05 1万+
跨域MPLS BGP VPN跨域背景 一般的MPLS VPN体系结构都是在一个自治系统内运行,任何VPN的路由信息都是只能在一个自治系统内按需扩散,没有提供自治系统内的VPN信息向其他自治系统扩散的功能。 如上图,基于MPLSVPN可以将私有网络的不同Site连接起来,形成一个统一的网络,基于 MPLSVPN还支持对不同VPN间的互通控制。CE(Customer Edge)是用户边缘设备;PE(Provider Edge)是服务商边缘路由器,位于骨干网络;P(Provider),是服务提供商网络中的骨
ENSP实验MPLS VPN
qq_28563707的博客
08-15 2637
"ENSP"是华为企业级网络设备模拟器(Enterprise Network Simulation Platform)的缩写。它是华为公司提供的一款网络仿真软件,旨在帮助网络管理员和工程师在虚拟环境中规划、配置和测试企业级网络设备和拓扑。网络拓扑模拟:ENSP允许用户在虚拟环境中构建复杂的企业级网络拓扑。用户可以添加和连接不同类型的虚拟设备,例如华为路由器、交换机、防火墙等,并设置它们之间的链路和端口属性。设备模拟:ENSP提供华为企业级网络设备的模拟器,可以模拟华为的不同系列路由器和交换机。
MPLS BGP 跨域方案(A/B/C(一)())
qq_43710889的博客
03-13 4536
MPLS BGP VPN跨域
BGP MPLS VPN(OPTION C)实验笔记
glisten0317的博客
06-07 1365
配置BGP MPLS VPN OPTION A,使得总部与分公司私网互通,分公司与总部之间可互访,但分公司之间不能互访。
华为路由器MPLS VPN综合实验
m0_60861848的博客
11-05 1万+
那么,首先要将公网做通和配置MPLS和配置BGP,即配置IP地址 ——> 配置OSPF路由 ——> 配置BGP(建立R2/R4对等体关系)——> 配置MPLS ,然后在R2、R4上配置VRF,为VRF接口配置IP地址,再分别为客户A和客户B的私网部分配置IP地址、使用静态或动态方式传递路由,最后在R2、R4上的各自VRF空间中通过双向重发布或BGP路由发布(BGP需配置为MP-BGP)。3. 客户A私网配置IP地址并使用静态方式传递路由。3. 客户B私网配置IP地址并使用动态方式传递路由。
华为交换机MPLS配置命令
06-02
以下是华为交换机配置MPLS的基本命令: 1. 开启 MPLS 功能: ``` [MPLS] mpls ``` 2. 配置 LSR ID: ``` [MPLS] quit [~Switch] mpls lsr-id <LSR ID> ``` 3. 配置 MPLS 接口: ``` [~Switch] interface <interface-type><interface-number> [~Switch-<interface-type><interface-number>] mpls enable ``` 4. 配置 LDP: ``` [~Switch] mpls ldp [~Switch-ldp] quit ``` 5. 配置 LDP 接口: ``` [~Switch] interface <interface-type><interface-number> [~Switch-<interface-type><interface-number>] mpls ldp ``` 6. 配置 MPLS 静态标签: ``` [~Switch] mpls [~Switch-mpls] quit [~Switch] interface <interface-type><interface-number> [~Switch-<interface-type><interface-number>] mpls [~Switch-<interface-type><interface-number>-Mpls] quit [~Switch] mpls [~Switch-mpls] static-label local <label-value> in <interface-type><interface-number> ``` 注意,以上命令仅供参考,具体的配置命令请根据实际情况进行选择和修改。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值