华为sr-mpls te手动隧道模型配置案例

yenggd2024-04-21 10:08

NE1(pe1)

ip vpn-instance vpn

ipv4-family

route-distinguisher 100:100

tnl-policy p1 //把vpn实例引入到定义的p1策略中的te隧道

vpn-target 1:1 export-extcommunity

vpn-target 1:1 import-extcommunity

mpls lsr-id 1.1.1.1

mpls

mpls te //开mpls te功能

explicit-path te1 //定义显示标签路径,一条线各sid+SRGB过去对端,这里如何定义,ce的数据包就怎么走。

next sid label 16200 type prefix //先到中间的net2(P)设备

next sid label 16400 type prefix //再到对端net4(pe2)设备

segment-routing //全局开户段路由功能

interface Ethernet1/0/0

undo shutdown

ip binding vpn-instance vpn //绑定对端ce实例

ip address 192.168.0.1 255.255.255.0

undo dcn

undo dcn mode vlan

interface Ethernet1/0/1

undo shutdown

ip address 10.0.12.1 255.255.255.0

undo dcn

undo dcn mode vlan

interface Ethernet1/0/2

undo shutdown

ip address 10.0.13.1 255.255.255.0

undo dcn mode vlan

interface LoopBack0

ip address 1.1.1.1 255.255.255.255

ospf prefix-sid index 100 //自己本设备的node sid标签

interface Tunnel1                  //和对端pe2建立隧道

ip address unnumbered interface LoopBack0   //借用自己的loop地址

tunnel-protocol mpls te             //指定隧道协议

destination 4.4.4.4               //对端pe地址

mpls te signal-protocol segment-routing     //选择sr协议

mpls te tunnel-id 1              //本地有效

mpls te path explicit-path te1          //手工指定前面指定的显示路径,用于配合下面的隧道负载分担。

(如果有控制器这里就这样配:mpls te pce delegate 托管给pce server)

interface NULL0

bgp 100

peer 2.2.2.2 as-number 100

peer 2.2.2.2 connect-interface LoopBack0

ipv4-family unicast

undo synchronization

peer 2.2.2.2 enable

ipv4-family vpnv4   //全网建立vpnv4的bgp邻居

policy vpn-target

peer 2.2.2.2 enable

ipv4-family vpn-instance vpn

peer 192.168.0.2 as-number 65001

ospf 1

opaque-capability enable   //开ospf10类lsa功能

segment-routing mpls    //开段路由标签分发功能

segment-routing global-block 16000 23999   //定义SRGB范围

area 0.0.0.0

network 0.0.0.0 255.255.255.255

mpls-te enable     //开启TE功能

undo dcn

tunnel-policy p1   //定义策略,假设有2条路实现负载分担

tunnel select-seq sr-te load-balance-number 2

NE2(P)

mpls lsr-id 2.2.2.2

mpls

mpls te

segment-routing

interface Ethernet1/0/1

undo shutdown

ip address 10.0.12.2 255.255.255.0

undo dcn

undo dcn mode vlan

interface Ethernet1/0/2

undo shutdown

ip address 10.0.24.2 255.255.255.0

undo dcn mode vlan

interface Ethernet1/0/3

undo shutdown

undo dcn mode vlan

interface LoopBack0

ip address 2.2.2.2 255.255.255.255

ospf prefix-sid index 200

interface NULL0

bgp 100

peer 1.1.1.1 as-number 100

peer 1.1.1.1 connect-interface LoopBack0

peer 4.4.4.4 as-number 100

peer 4.4.4.4 connect-interface LoopBack0

ipv4-family unicast

undo synchronization

peer 1.1.1.1 enable

peer 4.4.4.4 enable

ipv4-family vpnv4

undo policy vpn-target

peer 1.1.1.1 enable

peer 1.1.1.1 reflect-client

peer 4.4.4.4 enable

peer 4.4.4.4 reflect-client

ospf 1

opaque-capability enable

segment-routing mpls

segment-routing global-block 16000 23999

area 0.0.0.0

network 0.0.0.0 255.255.255.255

mpls-te enable

undo dcn

NE4(PE2)

ip vpn-instance vpn

ipv4-family

route-distinguisher 100:200

tnl-policy p1

vpn-target 1:1 export-extcommunity

vpn-target 1:1 import-extcommunity

mpls lsr-id 4.4.4.4

mpls

mpls te

explicit-path te1

next sid label 16200 type prefix

next sid label 16100 type prefix

segment-routing

interface Ethernet1/0/0

undo shutdown

ip binding vpn-instance vpn

ip address 192.168.1.1 255.255.255.0

undo dcn

undo dcn mode vlan

interface Ethernet1/0/1

undo shutdown

undo dcn

undo dcn mode vlan

interface Ethernet1/0/2

undo shutdown

ip address 10.0.24.4 255.255.255.0

undo dcn mode vlan

interface Ethernet1/0/3

undo shutdown

ip address 10.0.34.4 255.255.255.0

undo dcn mode vlan

interface LoopBack0

ip address 4.4.4.4 255.255.255.255

ospf prefix-sid index 400

interface Tunnel1

ip address unnumbered interface LoopBack0

tunnel-protocol mpls te

destination 1.1.1.1

mpls te signal-protocol segment-routing

mpls te tunnel-id 1

mpls te path explicit-path te1

interface NULL0

bgp 100

peer 2.2.2.2 as-number 100

peer 2.2.2.2 connect-interface LoopBack0

ipv4-family unicast

undo synchronization

peer 2.2.2.2 enable

ipv4-family vpnv4

policy vpn-target

peer 2.2.2.2 enable

ipv4-family vpn-instance vpn

peer 192.168.1.2 as-number 65002

ospf 1

opaque-capability enable

segment-routing mpls

segment-routing global-block 16000 23999

area 0.0.0.0

network 0.0.0.0 255.255.255.255

mpls-te enable

undo dcn

tunnel-policy p1

tunnel select-seq sr-te load-balance-number 2

查看:

tracert lsp segment-routing te Tunnel 1

查看标签计算分配情况

display tunnel-info all

查看所有的隧道

display ip routing-table vpn-instance vpn 22.1.1.1 verbose

查看到对端22.1.1.1走的是哪个隧道

查看用了策略后走的是te隧道,默认会走下面的be隧道

相关推荐
DianSan_ERP12 天前
电商API接口全链路监控:构建坚不可摧的线上运维防线
大数据·运维·网络·人工智能·git·servlet
呉師傅12 天前
火狐浏览器报错配置文件缺失如何解决#操作技巧#
运维·网络·windows·电脑
王码码203512 天前
Flutter for OpenHarmony:socket_io_client 实时通信的事实标准(Node.js 后端的最佳拍档) 深度解析与鸿蒙适配指南
android·flutter·ui·华为·node.js·harmonyos
2501_9462055212 天前
晶圆机器人双臂怎么选型?适配2-12寸晶圆的末端效应器有哪些?
服务器·网络·机器人
linux kernel12 天前
第七部分:高级IO
服务器·网络
数字护盾(和中)12 天前
BAS+ATT&CK:企业主动防御的黄金组合
服务器·网络·数据库
~远在太平洋~12 天前
Debian系统如何删除多余的kernel
linux·网络·debian
Swift社区12 天前
如何利用 ArkUI 框架优化鸿蒙应用的渲染性能
华为·harmonyos
特立独行的猫a12 天前
uni-app x跨平台开发实战:开发鸿蒙HarmonyOS影视票房榜组件完整实现过程
华为·uni-app·harmonyos·轮播图·uniapp-x
unfeeling_12 天前
Keepalived实验
linux·服务器·网络
热门推荐
01GitHub 镜像站点02OpenClaw 使用和管理 MCP 完全指南03OpenClaw 连接飞书完整指南:插件安装、配置与踩坑记录04本地部署 OpenClaw + DeepSeek-R1 完全指南05Window 10部署openclaw报错node.exe : npm error code 12806OpenClaw 接入 QQ Bot 完整实践指南07npm-error code 128问题解决方法08OpenClaw + 飞书(Feishu)环境搭建指南09OpenClaw 飞书机器人不回复消息?3 小时踩坑总结10OpenClaw-VSCode:在 VS Code 里玩转 OpenClaw,远程管理+SSH 双剑合璧