收藏
下载资源

最新H3C MSR系列路由器MPLS L3VPN跨域方案【A B C功能配置】.doc

上传人:1595****071 文档编号:33806413 上传时间:2022-08-12 格式:DOC 页数:29 大小:718.50KB
返回 下载 相关 举报
最新H3C MSR系列路由器MPLS L3VPN跨域方案【A B C功能配置】.doc_第1页
第1页 / 共29页
最新H3C MSR系列路由器MPLS L3VPN跨域方案【A B C功能配置】.doc_第2页
第2页 / 共29页
点击查看更多>>
资源描述

《最新H3C MSR系列路由器MPLS L3VPN跨域方案【A B C功能配置】.doc》由会员分享,可在线阅读,更多相关《最新H3C MSR系列路由器MPLS L3VPN跨域方案【A B C功能配置】.doc(29页珍藏版)》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。

1、精品资料H3C MSR系列路由器MPLS L3VPN跨域方案【A B C功能配置】.MSR系列路由器MPLS L3VPN跨域方案A功能的配置关键词:MSR;MPLS;L3VPN;跨域;OptionA一、组网需求:peA和asbrA在AS1,peB和asbrB在AS2;peA和peB都下挂着vpna和vpnb的站点,peA下挂vpna和vpnb站点1,peB下挂vpna和vpnb站点2。设备清单:MSR系列4台二、组网图:三、步骤:peA:#router id 3.3.3.3#ip vpn-instance vpnaroute-distinguisher 3:1vpn-target 1:1 ex

2、port-extcommunityvpn-target 1:1 import-extcommunity#ip vpn-instance vpnbroute-distinguisher 3:2vpn-target 2:2 export-extcommunityvpn-target 2:2 import-extcommunity#mpls lsr-id 3.3.3.3#mpls#mpls ldp#interface Ethernet0/0port link-mode routeip address 1.3.0.3 255.255.255.0mplsmpls ldp#interface Ethern

3、et0/1port link-mode routeip binding vpn-instance vpnaip address 192.168.1.1 255.255.255.0#interface Ethernet1/0port link-mode routeip binding vpn-instance vpnbip address 172.32.1.1 255.255.255.0#interface LoopBack0ip address 3.3.3.3 255.255.255.255#bgp 1undo synchronizationpeer 1.1.1.1 as-number 1pe

4、er 1.1.1.1 connect-interface LoopBack0#ipv4-family vpnv4peer 1.1.1.1 enable#ipv4-family vpn-instance vpnaimport-route direct#ipv4-family vpn-instance vpnbimport-route direct#ospf 1area 0.0.0.0network 3.3.3.3 0.0.0.0network 1.3.0.0 0.0.0.255#asbrA:router id 1.1.1.1#ip vpn-instance vpnaroute-distingui

5、sher 1:1vpn-target 1:1 export-extcommunityvpn-target 1:1 import-extcommunity#ip vpn-instance vpnbroute-distinguisher 1:2vpn-target 2:2 export-extcommunityvpn-target 2:2 import-extcommunity#mpls lsr-id 1.1.1.1#mpls#mpls ldp#interface Ethernet0/0.1 /asbr间用子接口区分不同vpn流量vlan-type dot1q vid 1ip binding vp

6、n-instance vpnaip address 1.2.1.1 255.255.255.0#interface Ethernet0/0.2 /asbr间用子接口区分不同vpn流量vlan-type dot1q vid 2ip binding vpn-instance vpnbip address 1.2.2.1 255.255.255.0#interface Ethernet0/1port link-mode routeip address 1.3.0.1 255.255.255.0mplsmpls ldp#interface LoopBack0ip address 1.1.1.1 255

7、.255.255.255#bgp 1undo synchronizationpeer 3.3.3.3 as-number 1 /asbr和pe间是标准L3VPNpeer 3.3.3.3 connect-interface LoopBack0#ipv4-family vpnv4peer 3.3.3.3 enable#ipv4-family vpn-instance vpna /asbr间使用PE-CE模式传vpna路由peer 1.2.1.2 as-number 2#ipv4-family vpn-instance vpnb /asbr间使用PE-CE模式传vpna路由peer 1.2.2.2

8、as-number 2#ospf 1area 0.0.0.0network 1.1.1.1 0.0.0.0network 1.3.0.0 0.0.0.255#asbrB:#router id 2.2.2.2#ip vpn-instance vpnaroute-distinguisher 2:1vpn-target 1:1 export-extcommunityvpn-target 1:1 import-extcommunity#ip vpn-instance vpnbroute-distinguisher 2:2vpn-target 2:2 export-extcommunityvpn-tar

9、get 2:2 import-extcommunity#mpls lsr-id 2.2.2.2#mpls#mpls ldp#interface Ethernet0/0.1 /asbr间用子接口区分不同vpn流量vlan-type dot1q vid 1ip binding vpn-instance vpnaip address 1.2.1.2 255.255.255.0#interface Ethernet0/0.2 /asbr间用子接口区分不同vpn流量vlan-type dot1q vid 2ip binding vpn-instance vpnbip address 1.2.2.2 25

10、5.255.255.0#interface Ethernet0/1port link-mode routeip address 2.4.0.2 255.255.255.0mplsmpls ldp#interface LoopBack0ip address 2.2.2.2 255.255.255.255#bgp 2undo synchronizationpeer 4.4.4.4 as-number 2 /asbr和pe间是标准L3VPNpeer 4.4.4.4 connect-interface LoopBack0#ipv4-family vpnv4peer 4.4.4.4 enable#ipv

11、4-family vpn-instance vpna /asbr间使用PE-CE模式传vpna路由peer 1.2.1.1 as-number 1#ipv4-family vpn-instance vpnb /asbr间使用PE-CE模式传vpnb路由peer 1.2.2.1 as-number 1#ospf 1area 0.0.0.0network 2.2.2.2 0.0.0.0network 2.4.0.0 0.0.0.255#peB:router id 4.4.4.4#ip vpn-instance vpnaroute-distinguisher 4:1vpn-target 1:1 ex

12、port-extcommunityvpn-target 1:1 import-extcommunity#ip vpn-instance vpnbroute-distinguisher 4:2vpn-target 2:2 export-extcommunityvpn-target 2:2 import-extcommunity#mpls lsr-id 4.4.4.4#mpls#mpls ldp#interface Ethernet0/0port link-mode routeip address 2.4.0.4 255.255.255.0mplsmpls ldp#interface Ethern

13、et0/1port link-mode routeip binding vpn-instance vpnaip address 192.168.2.1 255.255.255.0#interface Ethernet1/0port link-mode routeip binding vpn-instance vpnbip address 172.32.2.1 255.255.255.0#interface LoopBack0ip address 4.4.4.4 255.255.255.255#bgp 2undo synchronizationpeer 2.2.2.2 as-number 2pe

14、er 2.2.2.2 connect-interface LoopBack0#ipv4-family vpnv4peer 2.2.2.2 enable#ipv4-family vpn-instance vpnaimport-route direct#ipv4-family vpn-instance vpnbimport-route direct#ospf 1area 0.0.0.0network 4.4.4.4 0.0.0.0network 2.4.0.0 0.0.0.255#四、关键点:1. asbr间需要用不同链路隔离不同vpn流量,可以使用不同物理链路或逻辑链路如子接口或E1/T1通道;

15、2. asbr间互相把对方认为CE,所以要在bgp的vpn实例视图下。MSR系列路由器MPLS L3VPN跨域方案B功能的配置关键词:MSR;MPLS;L3VPN;跨域;OptionB一、组网需求:peA和asbrA在AS1,peB和asbrB在AS2;peA和peB都下挂着vpna和vpnb的站点,peA下挂vpna和vpnb站点1,peB下挂vpna和vpnb站点2。设备清单:MSR系列4台二、组网图:三、步骤:适用设备和版本:MSR系列、Version 5.20, Beta 1105后所有版本。peA:#router id 3.3.3.3#ip vpn-instance vpnarout

16、e-distinguisher 3:1vpn-target 1:1 export-extcommunityvpn-target 1:1 import-extcommunity#ip vpn-instance vpnbroute-distinguisher 3:2vpn-target 2:2 export-extcommunityvpn-target 2:2 import-extcommunity#mpls lsr-id 3.3.3.3#mpls#mpls ldp#interface Ethernet0/0port link-mode routeip address 1.3.0.3 255.25

17、5.255.0mplsmpls ldp#interface Ethernet0/1port link-mode routeip binding vpn-instance vpnaip address 192.168.1.1 255.255.255.0#interface Ethernet1/0port link-mode routeip binding vpn-instance vpnbip address 172.32.1.1 255.255.255.0#interface LoopBack0ip address 3.3.3.3 255.255.255.255#bgp 1undo synch

18、ronizationpeer 1.1.1.1 as-number 1peer 1.1.1.1 connect-interface LoopBack0#ipv4-family vpnv4peer 1.1.1.1 enable#ipv4-family vpn-instance vpnaimport-route direct#ipv4-family vpn-instance vpnbimport-route direct#ospf 1area 0.0.0.0network 3.3.3.3 0.0.0.0network 1.3.0.0 0.0.0.255#asbrA:router id 1.1.1.1

19、#mpls lsr-id 1.1.1.1#mpls#mpls ldp#interface Ethernet0/0port link-mode routeip address 1.2.0.1 255.255.255.0mpls /使能MPLS流量转发能力#interface Ethernet0/1port link-mode routeip address 1.3.0.1 255.255.255.0mplsmpls ldp#interface LoopBack0ip address 1.1.1.1 255.255.255.255#bgp 1undo synchronizationpeer 1.2

20、.0.2 as-number 2 /建立EBGP连接peer 3.3.3.3 as-number 1peer 3.3.3.3 connect-interface LoopBack0#ipv4-family vpnv4undo policy vpn-target /取消vpn-target策略peer 3.3.3.3 enablepeer 1.2.0.2 enable /向EBGP邻居发vpn所有vpn路由#ospf 1area 0.0.0.0network 1.1.1.1 0.0.0.0network 1.3.0.0 0.0.0.255#asbrB:#router id 2.2.2.2#mpl

21、s lsr-id 2.2.2.2#mpls#mpls ldp#interface Ethernet0/0port link-mode routeip address 1.2.0.2 255.255.255.0mpls /使能MPLS流量转发能力#interface Ethernet0/1port link-mode routeip address 2.4.0.2 255.255.255.0mplsmpls ldp#interface LoopBack0ip address 2.2.2.2 255.255.255.255#bgp 2undo synchronizationpeer 1.2.0.1

22、 as-number 1 /建立EBGP连接peer 4.4.4.4 as-number 2peer 4.4.4.4 connect-interface LoopBack0#ipv4-family vpnv4undo policy vpn-target /取消vpn-target策略peer 4.4.4.4 enablepeer 1.2.0.1 enable /向EBGP邻居发vpn所有vpn路由#ospf 1area 0.0.0.0network 2.2.2.2 0.0.0.0network 2.4.0.0 0.0.0.255#peB:router id 4.4.4.4#ip vpn-ins

23、tance vpnaroute-distinguisher 4:1vpn-target 1:1 export-extcommunityvpn-target 1:1 import-extcommunity#ip vpn-instance vpnbroute-distinguisher 4:2vpn-target 2:2 export-extcommunityvpn-target 2:2 import-extcommunity#mpls lsr-id 4.4.4.4#mpls#mpls ldp#interface Ethernet0/0port link-mode routeip address

24、2.4.0.4 255.255.255.0mplsmpls ldp#interface Ethernet0/1port link-mode routeip binding vpn-instance vpnaip address 192.168.2.1 255.255.255.0#interface Ethernet1/0port link-mode routeip binding vpn-instance vpnbip address 172.32.2.1 255.255.255.0#interface LoopBack0ip address 4.4.4.4 255.255.255.255#b

25、gp 2undo synchronizationpeer 2.2.2.2 as-number 2peer 2.2.2.2 connect-interface LoopBack0#ipv4-family vpnv4peer 2.2.2.2 enable#ipv4-family vpn-instance vpnaimport-route direct#ipv4-family vpn-instance vpnbimport-route direct#ospf 1area 0.0.0.0network 4.4.4.4 0.0.0.0network 2.4.0.0 0.0.0.255#四、关键点:1.

26、asbr间的直连链路必须要使能MPLS转发能力;2. asbr间要建立MP-EBGP连接,类似于普通L3VPN的MP-IBGP连接;3. asbr可以不用vpn实例,需要在bgp的vpnv4视图下取消vpn-target策略。MSR系列路由器MPLS L3VPN跨域方案C功能的配置关键词:MSR;MPLS;L3VPN;跨域;OptionC一、组网需求:peA和asbrA在AS1,peB和asbrB在AS2;peA和peB都下挂着vpna和vpnb的站点,peA下挂vpna和vpnb站点1,peB下挂vpna和vpnb站点2。设备清单:MSR系列4台二、组网图:三、步骤:适用设备和版本:MSR系

27、列、Version 5.20, Beta 1105后所有版本。peA:#router id 3.3.3.3#ip vpn-instance vpnaroute-distinguisher 3:1vpn-target 1:1 export-extcommunityvpn-target 1:1 import-extcommunity#ip vpn-instance vpnbroute-distinguisher 3:2vpn-target 2:2 export-extcommunityvpn-target 2:2 import-extcommunity#mpls lsr-id 3.3.3.3#mp

28、ls#mpls ldp#interface Ethernet0/0port link-mode routeip address 1.3.0.3 255.255.255.0mplsmpls ldp#interface Ethernet0/1port link-mode routeip binding vpn-instance vpnaip address 192.168.1.1 255.255.255.0#interface Ethernet1/0port link-mode routeip binding vpn-instance vpnbip address 172.32.1.1 255.2

29、55.255.0#interface LoopBack0ip address 3.3.3.3 255.255.255.255#bgp 1undo synchronizationpeer 4.4.4.4 as-number 2 /与peB建立EBGP连接peer 1.1.1.1 as-number 1peer 4.4.4.4 ebgp-max-hop 64 /支持多跳EBGP连接peer 4.4.4.4 connect-interface LoopBack0 /使用环回口连接peer 1.1.1.1 label-route-capability /使能标签路由能力peer 1.1.1.1 con

30、nect-interface LoopBack0#ipv4-family vpnv4peer 4.4.4.4 enable /与peB交换vpn路由#ipv4-family vpn-instance vpnaimport-route direct#ipv4-family vpn-instance vpnbimport-route direct#ospf 1area 0.0.0.0network 3.3.3.3 0.0.0.0network 1.3.0.0 0.0.0.255#asbrA:router id 1.1.1.1#mpls lsr-id 1.1.1.1#mpls#mpls ldp#ac

31、l number 2000 /定义ACL用于路由策略rule 0 permit source 3.3.3.3 0rule 5 deny#interface Ethernet0/0port link-mode routeip address 1.2.0.1 255.255.255.0mpls /使能MPLS流量转发能力#interface Ethernet0/1port link-mode routeip address 1.3.0.1 255.255.255.0mplsmpls ldp#interface LoopBack0ip address 1.1.1.1 255.255.255.255#

32、bgp 1network 3.3.3.3 255.255.255.255 /引入peA路由undo synchronizationpeer 1.2.0.2 as-number 2peer 3.3.3.3 as-number 1peer 1.2.0.2 route-policy asbrB export /应用路由策略peer 1.2.0.2 label-route-capability /使能标签路由能力peer 3.3.3.3 route-policy peA export /应用路由策略peer 3.3.3.3 label-route-capability /使能标签路由能力peer 3.

33、3.3.3 connect-interface LoopBack0#ospf 1area 0.0.0.0network 1.1.1.1 0.0.0.0network 1.3.0.0 0.0.0.255#route-policy asbrB permit node 0 /对asbrB的路由策略if-match acl 2000 /匹配条件apply mpls-label /分标签操作route-policy peA permit node 0 /对peA的路由策略if-match mpls-label /匹配条件apply mpls-label /分标签#asbrB:#router id 2.2

34、.2.2#mpls lsr-id 2.2.2.2#mpls#mpls ldp#acl number 2000 /定义ACL用于路由策略rule 0 permit source 4.4.4.4 0rule 5 deny#interface Ethernet0/0port link-mode routeip address 1.2.0.2 255.255.255.0mpls /使能MPLS流量转发能力#interface Ethernet0/1port link-mode routeip address 2.4.0.2 255.255.255.0mplsmpls ldp#interface Loo

35、pBack0ip address 2.2.2.2 255.255.255.255#bgp 2network 4.4.4.4 255.255.255.255 /引入peB路由undo synchronizationpeer 1.2.0.1 as-number 1peer 4.4.4.4 as-number 2peer 1.2.0.1 route-policy asbrA export /应用路由策略peer 1.2.0.1 label-route-capability /使能标签路由能力peer 4.4.4.4 route-policy peB export /应用路由策略peer 4.4.4.

36、4 label-route-capability /使能标签路由能力peer 4.4.4.4 connect-interface LoopBack0#ospf 1area 0.0.0.0network 2.2.2.2 0.0.0.0network 2.4.0.0 0.0.0.255#route-policy asbrA permit node 0 /对asbrA的路由策略if-match acl 2000 /匹配条件apply mpls-label /分标签操作route-policy peB permit node 0 /对peB的路由策略if-match mpls-label /匹配条件a

37、pply mpls-label /分标签#peB:router id 4.4.4.4#ip vpn-instance vpnaroute-distinguisher 4:1vpn-target 1:1 export-extcommunityvpn-target 1:1 import-extcommunity#ip vpn-instance vpnbroute-distinguisher 4:2vpn-target 2:2 export-extcommunityvpn-target 2:2 import-extcommunity#mpls lsr-id 4.4.4.4#mpls#mpls ldp

38、#interface Ethernet0/0port link-mode routeip address 2.4.0.4 255.255.255.0mplsmpls ldp#interface Ethernet0/1port link-mode routeip binding vpn-instance vpnaip address 192.168.2.1 255.255.255.0#interface Ethernet1/0port link-mode routeip binding vpn-instance vpnbip address 172.32.2.1 255.255.255.0#in

39、terface LoopBack0ip address 4.4.4.4 255.255.255.255#bgp 2undo synchronizationpeer 3.3.3.3 as-number 1 /与peA建立EBGP连接peer 2.2.2.2 as-number 2peer 3.3.3.3 ebgp-max-hop 64 /支持多跳EBGP连接peer 3.3.3.3 connect-interface LoopBack0 /使用环回口连接peer 2.2.2.2 label-route-capability /使能标签路由能力peer 2.2.2.2 connect-interf

40、ace LoopBack0#ipv4-family vpnv4peer 3.3.3.3 enable /与peA交换vpn路由#ipv4-family vpn-instance vpnaimport-route direct#ipv4-family vpn-instance vpnbimport-route direct#ospf 1area 0.0.0.0network 4.4.4.4 0.0.0.0network 2.4.0.0 0.0.0.255#四、关键点:1. asbr上要匹配pe环回接口地址的ACL、对asbr和pe的路由策略;2. asbr间不传递vpn路由,但是在bgp中要引入pe环回接口路由;3. asbr上要仔细路由策略;4. asbr间和asbr-pe间都要使能bgp路由标签能力;5. pe间建立多跳EBGP连接必须要注意多跳选项;6. pe间的多跳EBGP连接必须使用环回接口建立连接。

展开阅读全文
相关资源
相关搜索

当前位置:首页 > 教育专区 > 小学资料

本站为文档C TO C交易模式,本站只提供存储空间、用户上传的文档直接被用户下载,本站只是中间服务平台,本站所有文档下载所得的收益归上传人(含作者)所有。本站仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。若文档所含内容侵犯了您的版权或隐私,请立即通知淘文阁网,我们立即给予删除!客服QQ:136780468 微信:18945177775 电话:18904686070

工信部备案号:黑ICP备15003705号© 2020-2023 www.taowenge.com 淘文阁