华为sr-mpls te手动隧道模型配置案例

yenggd2024-04-21 10:08

NE1(pe1)

ip vpn-instance vpn

ipv4-family

route-distinguisher 100:100

tnl-policy p1 //把vpn实例引入到定义的p1策略中的te隧道

vpn-target 1:1 export-extcommunity

vpn-target 1:1 import-extcommunity

mpls lsr-id 1.1.1.1

mpls

mpls te //开mpls te功能

explicit-path te1 //定义显示标签路径,一条线各sid+SRGB过去对端,这里如何定义,ce的数据包就怎么走。

next sid label 16200 type prefix //先到中间的net2(P)设备

next sid label 16400 type prefix //再到对端net4(pe2)设备

segment-routing //全局开户段路由功能

interface Ethernet1/0/0

undo shutdown

ip binding vpn-instance vpn //绑定对端ce实例

ip address 192.168.0.1 255.255.255.0

undo dcn

undo dcn mode vlan

interface Ethernet1/0/1

undo shutdown

ip address 10.0.12.1 255.255.255.0

undo dcn

undo dcn mode vlan

interface Ethernet1/0/2

undo shutdown

ip address 10.0.13.1 255.255.255.0

undo dcn mode vlan

interface LoopBack0

ip address 1.1.1.1 255.255.255.255

ospf prefix-sid index 100 //自己本设备的node sid标签

interface Tunnel1                  //和对端pe2建立隧道

ip address unnumbered interface LoopBack0   //借用自己的loop地址

tunnel-protocol mpls te             //指定隧道协议

destination 4.4.4.4               //对端pe地址

mpls te signal-protocol segment-routing     //选择sr协议

mpls te tunnel-id 1              //本地有效

mpls te path explicit-path te1          //手工指定前面指定的显示路径,用于配合下面的隧道负载分担。

(如果有控制器这里就这样配:mpls te pce delegate 托管给pce server)

interface NULL0

bgp 100

peer 2.2.2.2 as-number 100

peer 2.2.2.2 connect-interface LoopBack0

ipv4-family unicast

undo synchronization

peer 2.2.2.2 enable

ipv4-family vpnv4   //全网建立vpnv4的bgp邻居

policy vpn-target

peer 2.2.2.2 enable

ipv4-family vpn-instance vpn

peer 192.168.0.2 as-number 65001

ospf 1

opaque-capability enable   //开ospf10类lsa功能

segment-routing mpls    //开段路由标签分发功能

segment-routing global-block 16000 23999   //定义SRGB范围

area 0.0.0.0

network 0.0.0.0 255.255.255.255

mpls-te enable     //开启TE功能

undo dcn

tunnel-policy p1   //定义策略,假设有2条路实现负载分担

tunnel select-seq sr-te load-balance-number 2

NE2(P)

mpls lsr-id 2.2.2.2

mpls

mpls te

segment-routing

interface Ethernet1/0/1

undo shutdown

ip address 10.0.12.2 255.255.255.0

undo dcn

undo dcn mode vlan

interface Ethernet1/0/2

undo shutdown

ip address 10.0.24.2 255.255.255.0

undo dcn mode vlan

interface Ethernet1/0/3

undo shutdown

undo dcn mode vlan

interface LoopBack0

ip address 2.2.2.2 255.255.255.255

ospf prefix-sid index 200

interface NULL0

bgp 100

peer 1.1.1.1 as-number 100

peer 1.1.1.1 connect-interface LoopBack0

peer 4.4.4.4 as-number 100

peer 4.4.4.4 connect-interface LoopBack0

ipv4-family unicast

undo synchronization

peer 1.1.1.1 enable

peer 4.4.4.4 enable

ipv4-family vpnv4

undo policy vpn-target

peer 1.1.1.1 enable

peer 1.1.1.1 reflect-client

peer 4.4.4.4 enable

peer 4.4.4.4 reflect-client

ospf 1

opaque-capability enable

segment-routing mpls

segment-routing global-block 16000 23999

area 0.0.0.0

network 0.0.0.0 255.255.255.255

mpls-te enable

undo dcn

NE4(PE2)

ip vpn-instance vpn

ipv4-family

route-distinguisher 100:200

tnl-policy p1

vpn-target 1:1 export-extcommunity

vpn-target 1:1 import-extcommunity

mpls lsr-id 4.4.4.4

mpls

mpls te

explicit-path te1

next sid label 16200 type prefix

next sid label 16100 type prefix

segment-routing

interface Ethernet1/0/0

undo shutdown

ip binding vpn-instance vpn

ip address 192.168.1.1 255.255.255.0

undo dcn

undo dcn mode vlan

interface Ethernet1/0/1

undo shutdown

undo dcn

undo dcn mode vlan

interface Ethernet1/0/2

undo shutdown

ip address 10.0.24.4 255.255.255.0

undo dcn mode vlan

interface Ethernet1/0/3

undo shutdown

ip address 10.0.34.4 255.255.255.0

undo dcn mode vlan

interface LoopBack0

ip address 4.4.4.4 255.255.255.255

ospf prefix-sid index 400

interface Tunnel1

ip address unnumbered interface LoopBack0

tunnel-protocol mpls te

destination 1.1.1.1

mpls te signal-protocol segment-routing

mpls te tunnel-id 1

mpls te path explicit-path te1

interface NULL0

bgp 100

peer 2.2.2.2 as-number 100

peer 2.2.2.2 connect-interface LoopBack0

ipv4-family unicast

undo synchronization

peer 2.2.2.2 enable

ipv4-family vpnv4

policy vpn-target

peer 2.2.2.2 enable

ipv4-family vpn-instance vpn

peer 192.168.1.2 as-number 65002

ospf 1

opaque-capability enable

segment-routing mpls

segment-routing global-block 16000 23999

area 0.0.0.0

network 0.0.0.0 255.255.255.255

mpls-te enable

undo dcn

tunnel-policy p1

tunnel select-seq sr-te load-balance-number 2

查看:

tracert lsp segment-routing te Tunnel 1

查看标签计算分配情况

display tunnel-info all

查看所有的隧道

display ip routing-table vpn-instance vpn 22.1.1.1 verbose

查看到对端22.1.1.1走的是哪个隧道

查看用了策略后走的是te隧道,默认会走下面的be隧道

相关推荐
青铜发条1 小时前
【python】python进阶——网络编程
运维·服务器·网络
AD钙奶-lalala1 小时前
HTTP response code 200 206 416详解
网络·网络协议·http
智慧源点2 小时前
阿里云高可用生产环境网络架构实战:VPC规划与多可用区部署
网络·阿里云·架构
爱笑的眼睛112 小时前
HarmonyOS 应用开发深度解析:ArkTS 声明式 UI 与状态管理最佳实践
华为·harmonyos
云望无线图传模块2 小时前
12公里无人机图传模组:从模糊到超高清的飞跃,抗干扰能力全面升级
网络·物联网·无人机
UNbuff_02 小时前
Linux ip 命令使用指南
linux·网络·tcp/ip
斯普信专业组2 小时前
多输入(input)多输出(output)验证
运维·服务器·网络·fluent-bit
自我陶醉@3 小时前
计算机网络---网络体系结构
网络·计算机网络·考研·智能路由器·408
康弘雲3 小时前
路由器无线桥接二级验证网络(初始密码和网页登录个人账号和密码)
网络·智能路由器
蒋星熠3 小时前
WebSocket网络编程深度实践:从协议原理到生产级应用
网络·数据库·redis·python·websocket·网络协议·微服务
热门推荐
01conda中设置镜像地址(附所有可换的地址)02UV安装并设置国内源03解决 WSL Ubuntu 中 /etc/resolv.conf 自动重置问题04UV 工具安装与国内镜像源配置指南05A股预测还能更准?开源大模型Kronos带你跑通预测+回测全流程06突破百度网盘的下载限速,两种方法教会你【超详细】07教你如何认证 Gemini 教育优惠的二次验证,薅个 1年的 Gemini Pro 会员08保姆级教程:手把手教你用Dify实现完美多轮对话(附Chatflow和提示词)09KGG转MP3工具|非KGM文件|解密音频10Nano Banana免费方案来了!Docker 一键部署 + 魔搭即开即用,小白也能玩转 AI 图像编辑