华为 huawei 交换机配置 Dot1q 终结子接口接入 L3VPN 示例

it技术分享just_free2024-06-18 14:02

组网需求
7-13 , CE1 、 CE3 属于 VPN-A , CE2 、 CE4 属于 VPN-B ; VPN-A 使用的 VPN-target
属性为 111:1 , VPN-B 使用的 VPN-target 属性为 222:2 。不同 VPN 用户之间不能互相访
问。
7-13 配置 Dot1q 终结子接口接入 L3VPN 组网图



配置思路
采用如下的思路配置 Dot1q 子接口接入 L3VPN :

  1. 骨干网中,与 CE 相连的 PE 上需配置 VPN 实例,并把与 CE 相连的接口和相应的 VPN
    实例绑定;绑定之后配置与 CE 相连的接口的 IP 地址。
  2. PE 与 PE 之间配置 OSPF 实现 PE 之间的互通。
  3. 配置 MPLS 基本能力和 MPLS LDP ,建立 MPLS LSP 。
  4. 配置 MP-IBGP 交换 VPN 路由信息。
  5. CE 与 PE 之间配置 EBGP 交换 VPN 路由信息。
  6. 在 PE 连接 CE 的接口上配置 Dot1q 子接口接入 L3VPN 。
    说明
    VCMP 的角色是 Client 时,不能配置 VLAN 终结子接口。
    操作步骤
    步骤 1 在 MPLS 骨干网上配置 IGP 协议,实现骨干网 PE 和 P 的互通

配置 PE1 。

<HUAWEI> system-view
[HUAWEI] sysname PE1
[PE1] router id 1.1.1.1
[PE1] interface loopback 1
[PE1-LoopBack1] ip address 1.1.1.1 32
[PE1-LoopBack1] quit
[PE1] vlan batch 30
[PE1] interface gigabitethernet 0/0/3
[PE1-GigabitEthernet0/0/3] port link-type hybrid
[PE1-GigabitEthernet0/0/3] port hybrid pvid vlan 30
[PE1-GigabitEthernet0/0/3] port hybrid untagged vlan 30
[PE1-GigabitEthernet0/0/3] quit
[PE1] interface vlanif 30
[PE1-Vlanif30] ip address 7.7.7.7 24
[PE1-Vlanif30] quit
[PE1] ospf
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 7.7.7.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit

配置 P 。

<HUAWEI> system-view
[HUAWEI] sysname P
[P] router id 2.2.2.2
[P] interface loopback 1
[P-LoopBack1] ip address 2.2.2.2 32
[P-LoopBack1] quit
[P] vlan batch 30 60
[P] interface gigabitethernet 0/0/1
[P-GigabitEthernet0/0/1] port link-type hybrid
[P-GigabitEthernet0/0/1] port hybrid pvid vlan 30
[P-GigabitEthernet0/0/1] port hybrid untagged vlan 30
[P-GigabitEthernet0/0/1] quit
[P] interface gigabitethernet 0/0/2
[P-GigabitEthernet0/0/2] port link-type hybrid
[P-GigabitEthernet0/0/2] port hybrid pvid vlan 60
[P-GigabitEthernet0/0/2] port hybrid untagged vlan 60
[P-GigabitEthernet0/0/2] quit
[P] interface vlanif 30
[P-Vlanif30] ip address 7.7.7.8 24
[P-Vlanif30] quit
[P] interface vlanif 60
[P-Vlanif60] ip address 6.6.6.6 24
[P-Vlanif60] quit
[P] ospf
[P-ospf-1] area 0
[P-ospf-1-area-0.0.0.0] network 7.7.7.0 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 6.6.6.0 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[P-ospf-1-area-0.0.0.0] quit
[P-ospf-1] quit

配置 PE2 。

<HUAWEI> system-view
[HUAWEI] sysname PE2
[PE2] router id 3.3.3.3
[PE2] interface loopback 1
[PE2-LoopBack1] ip address 3.3.3.3 32
[PE2-LoopBack1] quit
[PE2] vlan batch 60
[PE2] interface gigabitethernet 0/0/3
[PE2-GigabitEthernet0/0/3] port link-type hybrid
[PE2-GigabitEthernet0/0/3] port hybrid pvid vlan 60
[PE2-GigabitEthernet0/0/3] port hybrid untagged vlan 60
[PE2-GigabitEthernet0/0/3] quit
[PE2] interface vlanif 60
[PE2-Vlanif60] ip address 6.6.6.7 24
[PE2-Vlanif60] quit
[PE2] ospf
[PE2-ospf-1] area 0
[PE2-ospf-1-area-0.0.0.0] network 6.6.6.0 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] quit
配置完成后, PE1 和 P 、 P 和 PE2 之间应能建立 OSPF 邻居关系,执行 display ospf peer
命令可以看到邻居状态为 Full 。执行 display ip routing-table 命令可以看到 PE 之间学
习到对方的 Loopback1 路由。
以 PE1 的显示为例:
[PE1] display ip routing-table
Route Flags: R - relay, D - download to fibȀ T - to vpn-instance

Routing Tables: Public
Destinations : 8 Routes : 8
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack1
2.2.2.2/32 OSPF 10 1 D 7.7.7.8 Vlanif30
3.3.3.3/32 OSPF 10 2 D 7.7.7.8 Vlanif30
6.6.6.0/24 OSPF 10 2 D 7.7.7.8 Vlanif30
7.7.7.0/24 Direct 0 0 D 7.7.7.7 Vlanif30
7.7.7.7/32 Direct 0 0 D 127.0.0.1 Vlanif30
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[PE1] display ospf peer
OSPF Process 1 with Router ID 1.1.1.1
Neighbors
Area 0.0.0.0 interface 7.7.7.7(Vlanif30)'s neighbors
Router ID: 2.2.2.2 Address: 7.7.7.8
State: Full Mode:Nbr is Master Priority: 1
DR: 7.7.7.8 BDR: 7.7.7.7 MTU: 0
Dead timer due in 37 sec
Retrans timer interval: 5
Neighbor is up for 00:00:20
Authentication Sequence: [ 0 ]
步骤 2 在 MPLS 骨干网上配置 MPLS 基本能力和 MPLS LDP ,建立 LDP LSP

配置 PE1 。

[PE1] mpls lsr-id 1.1.1.1
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1] interface vlanif 30
[PE1-Vlanif30] mpls
[PE1-Vlanif30] mpls ldp
[PE1-Vlanif30] quit

配置 P 。

[P] mpls lsr-id 2.2.2.2
[P] mpls
[P-mpls] quit
[P] mpls ldp
[P-mpls-ldp] quit
[P] interface vlanif 30
[P-Vlanif30] mpls
[P-Vlanif30] mpls ldp
[P-Vlanif30] quit
[P] interface vlanif 60
[P-Vlanif60] mpls
[P-Vlanif60] mpls ldp
[P-Vlanif60] quit

配置 PE2 。

PeerID Status LAM SsnRole SsnAge KASent/Rcv

2.2.2.2:0 Operational DU Passive 0000:15:29 3717/3717

TOTAL: 1 session(s) Found.
[PE1] display mpls ldp lsp
LDP LSP Information

Flag after Out IF: (I) - LSP Is Only Iterated by RLFA

DestAddress/Mask In/OutLabel UpstreamPeer NextHop OutInterface

1.1.1.1/32 3/NULL 2.2.2.2 127.0.0.1 InLoop0
*1.1.1.1/32 Liberal/1024 DS/2.2.2.2
2.2.2.2/32 NULL/3 - 7.7.7.8 Vlanif30
2.2.2.2/32 1024/3 2.2.2.2 7.7.7.8 Vlanif30
3.3.3.3/32 NULL/1025 - 7.7.7.8 Vlanif30
3.3.3.3/32 1025/1025 2.2.2.2 7.7.7.8 Vlanif30

TOTAL: 5 Normal LSP(s) Found.
TOTAL: 1 Liberal LSP(s) Found.
TOTAL: 0 Frr LSP(s) Found.
A '*' before an LSP means the LSP is not established
A '*' before a Label means the USCB or DSCB is stale
A '*' before a UpstreamPeer means the session is stale
A '*' before a DS means the session is stale
A '*' before a NextHop means the LSP is FRR LSP
步骤 3 在 PE 设备上配置 VPN 实例,将 CE 接入 PE

配置 PE1 。

[PE1] ip vpn-instance vpna
[PE1-vpn-instance-vpna] route-distinguisher 100:1
[PE1-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both
[PE1-vpn-instance-vpna-af-ipv4] quit
[PE1-vpn-instance-vpna] quit
[PE1] ip vpn-instance vpnb
[PE1-vpn-instance-vpnb] route-distinguisher 100:2
[PE1-vpn-instance-vpnb-af-ipv4] vpn-target 222:2 both
[PE1-vpn-instance-vpnb-af-ipv4] quit
[PE1-vpn-instance-vpnb] quit
[PE1] vcmp role silent
[PE1] interface gigabitethernet 0/0/1
[PE1-GigabitEthernet0/0/1] port link-type hybrid
[PE1-GigabitEthernet0/0/1] quit
[PE1] interface gigabitethernet 0/0/1.1
[PE1-GigabitEthernet0/0/1.1] dot1q termination vid 10
[PE1-GigabitEthernet0/0/1.1] ip binding vpn-instance vpna
[PE1-GigabitEthernet0/0/1.1] ip address 10.1.1.2 24
[PE1-GigabitEthernet0/0/1.1] arp broadcast enable
[PE1-GigabitEthernet0/0/1.1] quit
[PE1] interface gigabitethernet 0/0/2
[PE1-GigabitEthernet0/0/2] port link-type hybrid
[PE1-GigabitEthernet0/0/2] quit
[PE1] interface gigabitethernet 0/0/2.1
[PE1-GigabitEthernet0/0/2.1] dot1q termination vid 20
[PE1-GigabitEthernet0/0/2.1] ip binding vpn-instance vpnb
[PE1-GigabitEthernet0/0/2.1] ip address 10.2.1.2 24
[PE1-GigabitEthernet0/0/2.1] arp broadcast enable
[PE1-GigabitEthernet0/0/2.1] quit

配置 PE2 。

[PE2] ip vpn-instance vpna
[PE2-vpn-instance-vpna] route-distinguisher 200:1
[PE2-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both
[PE2-vpn-instance-vpna-af-ipv4] quit
[PE2-vpn-instance-vpna] quit
[PE2] ip vpn-instance vpnb
[PE2-vpn-instance-vpnb] route-distinguisher 200:2
[PE2-vpn-instance-vpnb-af-ipv4] vpn-target 222:2 both
[PE2-vpn-instance-vpnb-af-ipv4] quit
[PE2-vpn-instance-vpnb] quit
[PE2] vcmp role silent
[PE2] interface gigabitethernet 0/0/1
[PE2-GigabitEthernet0/0/1] port link-type hybrid
[PE2-GigabitEthernet0/0/1] quit
[PE2] interface gigabitethernet 0/0/1.1
[PE2-GigabitEthernet0/0/1.1] dot1q termination vid 10
[PE2-GigabitEthernet0/0/1.1] ip binding vpn-instance vpna
[PE2-GigabitEthernet0/0/1.1] ip address 10.3.1.2 24
[PE2-GigabitEthernet0/0/1.1] arp broadcast enable
[PE2-GigabitEthernet0/0/1.1] quit
[PE2] interface gigabitethernet 0/0/2
[PE2-GigabitEthernet0/0/2] port link-type hybrid
[PE2-GigabitEthernet0/0/2] quit
[PE2] interface gigabitethernet 0/0/2.1
[PE2-GigabitEthernet0/0/2.1] dot1q termination vid 20
[PE2-GigabitEthernet0/0/2.1] ip binding vpn-instance vpnb
[PE2-GigabitEthernet0/0/2.1] ip address 10.4.1.2 24
[PE2-GigabitEthernet0/0/2.1] arp broadcast enable
[PE2-GigabitEthernet0/0/2.1] quit

7-13 配置 CE1 的接口 IP 地址。 CE2 、 CE3 和 CE4 的配置与 CE1 类似,不再赘述。

<HUAWEI> system-view
[HUAWEI] sysname CE1
[CE1] vlan batch 10
[CE1] interface gigabitethernet 0/0/1
[CE1-GigabitEthernet0/0/1] port link-type hybrid
[CE1-GigabitEthernet0/0/1] port hybrid pvid vlan 10
[CE1-GigabitEthernet0/0/1] port hybrid tagged vlan 10
[CE1-GigabitEthernet0/0/1] quit
[CE1] interface vlanif 10
[CE1-Vlanif10] ip address 10.1.1.1 24
[CE1-Vlanif10] quit
配置完成后,在 PE 设备上执行 display ip vpn-instance verbose 命令可以看到 VPN 实
例的配置情况。各 PE 能 Ping 通自己接入的 CE 。
说明
当 PE 上有多个绑定了同一个 VPN 的接口,则使用 ping -vpn-instance 命令 Ping 对端 PE 接入的 CE
时,要指定源 IP 地址,即要指定 ping -vpn-instance vpn-instance-name -a source-ip-address
dest-ip-address 命令中的参数 -a source-ip-address ,否则可能 Ping 不通。
以 PE1 为例:
[PE1] display ip vpn-instance verbose
Total VPN-Instances configured : 2
Total IPv4 VPN-Instances configured : 2
Total IPv6 VPN-Instances configured : 0
VPN-Instance Name and ID : vpna, 1
Interfaces : Gigabitethernet0/0/1.1
Address family ipv4
Create date : 2013-08-28 21:01:00+00:00
Up time : 0 days, 22 hours, 24 minutes and 53 seconds
Route Distinguisher : 100:1
Export VPN Targets : 111:1
Import VPN Targets : 111:1
Label Policy : label per instance
Per-Instance Label : 4098
Log Interval : 5
VPN-Instance Name and ID : vpnb, 2
Interfaces : Gigabitethernet0/0/2.1
Address family ipv4
Create date : 2013-08-28 21:01:00+00:00
Up time : 0 days, 22 hours, 24 minutes and 53 seconds
Route Distinguisher : 100:2
Export VPN Targets : 222:2
Import VPN Targets : 222:2
Label Policy : label per instance
Per-Instance Label : 4099
Log Interval : 5
[PE1] ping -vpn-instance vpna 10.1.1.1
PING 10.1.1.1: 56 data bytes, press CTRL_C to break
Reply from 10.1.1.1: bytes=56 Sequence=1 ttl=255 time=5 ms
Reply from 10.1.1.1: bytes=56 Sequence=2 ttl=255 time=3 ms
Reply from 10.1.1.1: bytes=56 Sequence=3 ttl=255 time=3 ms
Reply from 10.1.1.1: bytes=56 Sequence=4 ttl=255 time=3 ms
Reply from 10.1.1.1: bytes=56 Sequence=5 ttl=255 time=16 ms
--- 10.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 3/6/16 ms
步骤 4 在 PE 与 CE 之间建立 EBGP 对等体关系,引入 VPN 路由

配置 CE1 。 CE2 、 CE3 和 CE4 的配置与 CE1 类似,不再赘述。

[CE1] bgp 65410
[CE1-bgp] peer 10.1.1.2 as-number 100
[CE1-bgp] import-route direct

配置 PE1 。 PE2 的配置与 PE1 类似,不再赘述。

[PE1] bgp 100
[PE1-bgp] ipv4-family vpn-instance vpna
[PE1-bgp-vpna] peer 10.1.1.1 as-number 65410
[PE1-bgp-vpna] import-route direct
[PE1-bgp-vpna] quit
[PE1-bgp] ipv4-family vpn-instance vpnb
[PE1-bgp-vpnb] peer 10.2.1.1 as-number 65420
[PE1-bgp-vpnb] import-route direct
[PE1-bgp-vpnb] quit
[PE1-bgp] quit
配置完成后,在 PE 设备上执行 display bgp vpnv4 vpn-instance peer 命令,可以看到
PE 与 CE 之间的 BGP 对等体关系已建立,并达到 Established 状态。
以 PE1 与 CE1 的对等体关系为例:
[PE1] display bgp vpnv4 vpn-instance vpna peer
BGP local router ID : 1.1.1.1
Local AS number : 100
VPN-Instance vpna, Router ID 1.1.1.1:
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
10.1.1.1 4 65410 11 9 0 00:07:25 Established 1
步骤 5 在 PE 之间建立 MP-IBGP 对等体关系

配置 PE1 。

[PE1] bgp 100
[PE1-bgp] peer 3.3.3.3 as-number 100
[PE1-bgp] peer 3.3.3.3 connect-interface loopback 1
[PE1-bgp] ipv4-family vpnv4
[PE1-bgp-af-vpnv4] peer 3.3.3.3 enable
[PE1-bgp-af-vpnv4] quit
[PE1-bgp] quit

配置 PE2 。

[PE2] bgp 100
[PE2-bgp] peer 1.1.1.1 as-number 100
[PE2-bgp] peer 1.1.1.1 connect-interface loopback 1
[PE2-bgp] ipv4-family vpnv4
[PE2-bgp-af-vpnv4] peer 1.1.1.1 enable
[PE2-bgp-af-vpnv4] quit
[PE2-bgp] quit
配置完成后,在 PE 设备上执行 display bgp peerdisplay bgp vpnv4 all peer 命令,
可以看到 PE 之间的 BGP 对等体关系已建立,并达到 Established 状态。
[PE1] display bgp peer
BGP local router ID : 1.1.1.1
Local AS number : 100
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
3.3.3.3 4 100 12 6 0 00:02:21 Established 0
[PE1] display bgp vpnv4 all peer
BGP local router ID : 1.1.1.1
Local AS number : 100
Total number of peers : 3 Peers in established state : 3
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
3.3.3.3 4 100 12 18 0 00:09:38 Established 0
Peer of IPv4-family for vpn instance :
VPN-Instance vpna, Router ID 1.1.1.1:
10.1.1.1 4 65410 25 25 0 00:17:57 Established 1
VPN-Instance vpnb, Router ID 1.1.1.1:
10.2.1.1 4 65420 21 22 0 00:17:10 Established 1
步骤 6 检查配置结果
在 PE 设备上执行 display ip routing-table vpn-instance 命令,可以看到去往对端 CE
的路由。
以 PE1 的显示为例:
[PE1] display ip routing-table vpn-instance vpna
Route Flags: R - relay, D - download to fibȀ T - to vpn-instance

Routing Tables: vpna
Destinations : 3 Routes : 3
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.1.1.0/24 Direct 0 0 D 10.1.1.2 Gigabitethernet0/0/1.1
10.1.1.2/32 Direct 0 0 D 127.0.0.1 Gigabitethernet0/0/1.1
10.3.1.0/24 IBGP 255 0 RD 3.3.3.3 Vlanif30
[PE1] display ip routing-table vpn-instance vpnb
Route Flags: R - relay, D - download to fibȀ T - to vpn-instance

Routing Tables: vpnb
Destinations : 3 Routes : 3
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.2.1.0/24 Direct 0 0 D 10.2.1.2 Gigabitethernet0/0/2.1
10.2.1.2/32 Direct 0 0 D 127.0.0.1 Gigabitethernet0/0/2.1
10.4.1.0/24 IBGP 255 0 RD 3.3.3.3 Vlanif30
同一 VPN 的 CE 能够相互 Ping 通,不同 VPN 的 CE 不能相互 Ping 通。
例如: CE1 能够 Ping 通 CE3 ( 10.3.1.1 ),但不能 Ping 通 CE4 ( 10.4.1.1 )。
[CE1] ping 10.3.1.1
PING 10.3.1.1: 56 data bytes, press CTRL_C to break
Reply from 10.3.1.1: bytes=56 Sequence=1 ttl=253 time=72 ms
Reply from 10.3.1.1: bytes=56 Sequence=2 ttl=253 time=34 ms
Reply from 10.3.1.1: bytes=56 Sequence=3 ttl=253 time=50 ms
Reply from 10.3.1.1: bytes=56 Sequence=4 ttl=253 time=50 ms
Reply from 10.3.1.1: bytes=56 Sequence=5 ttl=253 time=34 ms
--- 10.3.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 34/48/72 ms
[CE1] ping 10.4.1.1
PING 10.4.1.1: 56 data bytes, press CTRL_C to break
Request time out
Request time out
Request time out
Request time out
Request time out
--- 10.4.1.1 ping statistics ---
5 packet(s) transmitted
0 packet(s) received
100.00% packet loss
---- 结束
配置文件
PE1 的配置文件

sysname PE1

router id 1.1.1.1

vlan batch 30

ip vpn-instance vpna
ipv4-family
route-distinguisher 100:1
vpn-target 111:1 export-extcommunity
vpn-target 111:1 import-extcommunity

ip vpn-instance vpnb
ipv4-family
route-distinguisher 100:2
vpn-target 222:2 export-extcommunity
vpn-target 222:2 import-extcommunity

mpls lsr-id 1.1.1.1
mpls

mpls ldp

interface Vlanif30
ip address 7.7.7.7 255.255.255.0
mpls
mpls ldp

interface GigabitEthernet0/0/1
port link-type hybrid

interface GigabitEthernet0/0/1.1
dot1q termination vid 10
ip binding vpn-instance vpna
ip address 10.1.1.2 255.255.255.0
arp broadcast enable

interface GigabitEthernet0/0/2
port link-type hybrid

interface GigabitEthernet0/0/2.1
dot1q termination vid 20
ip binding vpn-instance vpnb
ip address 10.2.1.2 255.255.255.0
arp broadcast enable

interface GigabitEthernet0/0/3
port link-type hybrid
port hybrid pvid vlan 30
port hybrid untagged vlan 30

interface LoopBack1
ip address 1.1.1.1 255.255.255.255

bgp 100
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack1

ipv4-family unicast
undo synchronization
peer 3.3.3.3 enable

ipv4-family vpnv4
policy vpn-target
peer 3.3.3.3 enable

ipv4-family vpn-instance vpna
import-route direct
peer 10.1.1.1 as-number 65410

ipv4-family vpn-instance vpnb
import-route direct
peer 10.2.1.1 as-number 65420

ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 7.7.7.0 0.0.0.255

return
● P 的配置文件

sysname P

router id 2.2.2.2

vlan batch 30 60

mpls lsr-id 2.2.2.2
mpls

mpls ldp

interface Vlanif30
ip address 7.7.7.8 255.255.255.0
mpls
mpls ldp

interface Vlanif60
ip address 6.6.6.6 255.255.255.0
mpls
mpls ldp

interface GigabitEthernet0/0/1
port link-type hybrid
port hybrid pvid vlan 30
port hybrid untagged vlan 30

interface GigabitEthernet0/0/2
port link-type hybrid
port hybrid pvid vlan 60
port hybrid untagged vlan 60

interface LoopBack1
ip address 2.2.2.2 255.255.255.255

ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 6.6.6.0 0.0.0.255
network 7.7.7.0 0.0.0.255

return
● PE2 的配置文件

sysname PE2

router id 3.3.3.3

vlan batch 60

ip vpn-instance vpna
ipv4-family
route-distinguisher 200:1
vpn-target 111:1 export-extcommunity
vpn-target 111:1 import-extcommunity

ip vpn-instance vpnb
ipv4-family
route-distinguisher 200:2
vpn-target 222:2 export-extcommunity
vpn-target 222:2 import-extcommunity

mpls lsr-id 3.3.3.3
mpls

mpls ldp

interface Vlanif60
ip address 6.6.6.7 255.255.255.0
mpls
mpls ldp

interface GigabitEthernet0/0/1
port link-type hybrid

interface GigabitEthernet0/0/1.1
dot1q termination vid 10
ip binding vpn-instance vpna
ip address 10.3.1.2 255.255.255.0
arp broadcast enable

interface GigabitEthernet0/0/2
port link-type hybrid

interface GigabitEthernet0/0/2.1
dot1q termination vid 20
ip binding vpn-instance vpnb
ip address 10.4.1.2 255.255.255.0
arp broadcast enable

interface GigabitEthernet0/0/3
port link-type hybrid
port hybrid pvid vlan 60
port hybrid untagged vlan 60

interface LoopBack1
ip address 3.3.3.3 255.255.255.255

bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack1

ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable

ipv4-family vpnv4
policy vpn-target
peer 1.1.1.1 enable

ipv4-family vpn-instance vpna
import-route direct
peer 10.3.1.1 as-number 65430

ipv4-family vpn-instance vpnb
import-route direct
peer 10.4.1.1 as-number 65440

ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 6.6.6.0 0.0.0.255

return
CE1 的配置文件

sysname CE1

vlan batch 10

interface Vlanif10
ip address 10.1.1.1 255.255.255.0

interface GigabitEthernet0/0/1
port link-type hybrid
port hybrid pvid vlan 10
port hybrid tagged vlan 10

bgp 65410
peer 10.1.1.2 as-number 100

ipv4-family unicast
undo synchronization
import-route direct
peer 10.1.1.2 enable

return
● CE2 的配置文件

sysname CE2

vlan batch 20

interface Vlanif20
ip address 10.2.1.1 255.255.255.0

interface GigabitEthernet0/0/1
port link-type hybrid
port hybrid pvid vlan 20
port hybrid tagged vlan 20

bgp 65420
peer 10.2.1.2 as-number 100

ipv4-family unicast
undo synchronization
import-route direct
peer 10.2.1.2 enable

return
● CE3 的配置文件

sysname CE3

vlan batch 10

interface Vlanif10
ip address 10.3.1.1 255.255.255.0

interface GigabitEthernet0/0/1
port link-type hybrid
port hybrid pvid vlan 10
port hybrid tagged vlan 10

bgp 65430
peer 10.3.1.2 as-number 100

ipv4-family unicast
undo synchronization
import-route direct
peer 10.3.1.2 enable

return
● CE4 的配置文件

sysname CE4

vlan batch 20

interface Vlanif20
ip address 10.4.1.1 255.255.255.0

interface GigabitEthernet0/0/1
port link-type hybrid
port hybrid pvid vlan 20
port hybrid tagged vlan 20

bgp 65440
peer 10.4.1.2 as-number 100

ipv4-family unicast
undo synchronization
import-route direct
peer 10.4.1.2 enable

return

相关推荐
心易行者5 分钟前
自动化革新者:PlugLink在“智创设计”中的实战应用
运维·自动化
xiandong209 分钟前
240701_昇思学习打卡-Day13-Vision Transformer图像分类
网络·图像处理·人工智能·深度学习·学习·分类·transformer
阿猿收手吧!14 分钟前
【Linux】TCP协议【下二】{流量控制/滑动窗口/延迟应答/捎带应答/拥塞控制}
linux·网络·网络协议·tcp/ip
我要成为C++领域大神39 分钟前
【高性能服务器】select模型
linux·服务器·c语言·开发语言·网络·tcp·io多路复用
炫酷的伊莉娜1 小时前
【计算机网络】物理层(作业)
网络·计算机网络·物理层
bitcsljl1 小时前
Linux系统中卸载GitLab
linux·运维·gitlab
Heart_to_Yang2 小时前
华为OceanStor磁盘阵列存储恢复出厂设置命令 LUN不处于在线状态,不能执行此操作解决方案
网络·经验分享
Ops菜鸟(Xu JieHao)2 小时前
Linux开源监控工具netdata
运维·服务器·监控·云监控·netdata·监控神器
千殃sama2 小时前
Linux高并发服务器开发(十一)UDP通信和本地socket通信
linux·服务器·网络·笔记·学习·udp
OpenAnolis小助手2 小时前
正式邀测! OS Copilot——一款基于大模型构建的 Linux 智能操作系统助手
运维·操作系统·龙蜥社区·智能操作系统助手·os copilot
热门推荐
01Coze扣子平台完整体验和实践(附国内和国际版对比)02组基轨迹建模 GBTM的介绍与实现(Stata 或 R)03【经验分享】Ubuntu22.04安装微信(linux官方版)042024亚太赛(中文赛)数学建模竞赛选题建议+初步分析05yolov8实战第五天——yolov8+ffmpg实时视频流检测并进行实时推流——(推流,保姆教学)06【立创EDA-PCB设计基础】6.布线铺铜实战及细节详解07【漏洞复现】Geoserver远程代码执行漏洞(CVE-2024-36401)082025张宇考研数学,百度网盘视频课+36讲PDF讲义+真题09浏览器插件——ModHeader 的分享和学习10基于coc.nvim打造开箱即用的个人PDE