锐捷MPLS 网络配置实例 ---尚文网络奎哥

上周粉丝留言需要的锐捷MPLS VPN相关配置，今天它来了。
之前我们分析过IE必考知识点MPLS VPN的一些理论知识，那么今天我们来了解下MPLS VPN的配置
实验拓扑如下：

R1作为CE1,R2、R4为PE1和PE2, R3为P设备，R5为CE设备

CE设备没有特殊配置，只需要和PE起任意路由协议并传递需要互访的网段即可，此处使用协议为BGP协议

CE1>
interface GigabitEthernet 0/0
 no switchport
 ip address 12.1.1.1 255.255.255.0
interface Loopback 0
 ip address 1.1.1.1 255.255.255.255
!         
router bgp 100
neighbor 12.1.1.2 remote-as 200
  network 1.1.1.1 mask 255.255.255.255
CE1#  

PE设备需要使用VRF对接CE从而区分冲突路由，与对端PE设备启用MPIBGP协议，传递VPNv4路由

> PE1> ip vrf aaa    //配置VRF，名称随意，只是本地有效  rd 1:1      //RD值，保证其唯一性 
> route-target export 100:1    //RT，需要本地导出值等于对端PE导入值  route-target
> import 200:1 mpls ip  //全局启用MPLS mpls router ldp  //全局启用MPLS LDP协议 
> ldp router-id interface Loopback 0  
> //配置LDP协议router-id为loopback接口地址，要求双方ID可以通信，因为LDP协议需要使用TCP建立会话 !
> interface GigabitEthernet 0/0  no switchport  ip vrf forwarding aaa  
> //将接口加入到虚拟VRF下，注意会清空接口下之前配置，地址需要重新配置  ip address 12.1.1.2
> 255.255.255.0 ! interface GigabitEthernet 0/1  no switchport  ip address 23.1.1.2 255.255.255.0  ip ospf 1 area 0  mpls ip  
> //接口下开启LDP协议  label-switching  //接口下开启转发MPLS信息 ! interface Loopback 0 
> ip address 2.2.2.2 255.255.255.255  ip ospf 1 area 0 router bgp 200 no
> bgp default ipv4-unicast 
> //关闭IPv4单播地址族自动激活，默认情况下会自动激活IPv4单播地址族传递IPv4路由，但是现在不需要，只需要传递VPNv4路由
> neighbor 4.4.4.4 remote-as 200  neighbor 4.4.4.4 update-source
> Loopback 0 address-family vpnv4 unicast   //进入VPNv4地址族   neighbor
> 4.4.4.4 activate     //VPNv4地址族下手动激活邻居   !  address-family ipv4 vrf aaa    //进入IPv4 VRF地址族   neighbor 12.1.1.1 remote-as 100  
> //配置与CE的邻居关系   router ospf 1

!

P设备作为骨干设备只需要启用MPLS LDP协议，进行数据转发即可

P#
!
mpls ip
mpls router ldp
 ldp router-id interface Loopback 0
!
interface GigabitEthernet 0/0
 no switchport
 ip address 23.1.1.3 255.255.255.0
 ip ospf 1 area 0
 mpls ip
 label-switching
!
interface GigabitEthernet 0/1
 no switchport
 ip address 34.1.1.3 255.255.255.0
 ip ospf 1 area 0
 mpls ip
 label-switching

interface Loopback 0
 ip address 3.3.3.3 255.255.255.255
 ip ospf 1 area 0

router ospf 1

P#  

PE2设备和PE1设备配置相同

PE2>
Mpls ip
mpls router ldp
 ldp router-id interface Loopback 0

ip vrf bbb
 rd 1:2
 route-target export 200:1
 route-target import 100:1
!
interface GigabitEthernet 0/0
 no switchport
 ip address 34.1.1.4 255.255.255.0
 ip ospf 1 area 0
 mpls ip
 label-switching
!
interface GigabitEthernet 0/1
 no switchport
 ip vrf forwarding bbb
 ip address 45.1.1.4 255.255.255.0

interface Loopback 0
 ip address 4.4.4.4 255.255.255.255
 ip ospf 1 area 0

router bgp 200
 no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 200
 neighbor 2.2.2.2 update-source Loopback 0
address-family vpnv4 unicast
  neighbor 2.2.2.2 activate
 
 address-family ipv4 vrf bbb
  neighbor 45.1.1.5 remote-as 300
!
router ospf 1
!
PE2#  

CE2设备和CE1配置相同

CE2#show run
interface GigabitEthernet 0/0
 no switchport
 ip address 45.1.1.5 255.255.255.0
interface Loopback 0
 ip address 5.5.5.5 255.255.255.255
         
router bgp 300
neighbor 45.1.1.4 remote-as 200
  network 5.5.5.5 mask 255.255.255.255
CE2#   

相关查看命令：

show bgp vpnv4 unicast all //查看vpnv4地址族下所有VPNv4路由
show bgp all summary //查看所有BGP邻居，注意区分开始的地址族，是vpnv4还是VRF还是IPv4 unicast
show ip route vrf aaa //查看对应vrf的路由表
show mpls ldp neig //查看mpls ldp下的邻居
show mpls forwarding  //查看mpls转发表

有什么想了解的技术，或者不懂的地方大家可以留言，后期会有更多资料发布。
-----尚文网络奎哥原创！