
需求分析
1、在PE上开启mpls te功能
2、PE1和PE2上配置 显式路径及TE隧道
3、PE1和PE2写p1及P2之间建立mp-bgp,p1和p2为RR
4、配置隧道策略,把vpn流量迭代进te隧道
5、手动配adj sid,因为不是be,路径要手动指定路径,如果是自动获取每次设备重启adj sid都会变
6、p1和p2上不开mpls te,pe1和pe2上开mpls te
CE1
sysname pe1
router id 3.3.3.3
ip vpn-instance vpna
ipv4-family
route-distinguisher 100:100
tnl-policy p1
vpn-target 100:100 export-extcommunity
vpn-target 100:100 import-extcommunity
mpls lsr-id 3.3.3.3
mpls
mpls te
explicit-path pe1-pe2
next sid label 20011 type prefix
next sid label 330002 type adjacency
segment-routing
isis 1
is-level level-2
cost-style wide
network-entity 49.0001.0000.0000.0003.00
is-name pe1
segment-routing mpls
segment-routing global-block 20000 30000
interface Ethernet1/0/0
undo shutdown
ip address 100.0.0.2 255.255.255.252
isis enable 1
undo dcn
undo dcn mode vlan
interface Ethernet1/0/1
undo shutdown
ip address 100.0.0.14 255.255.255.252
isis enable 1
undo dcn
undo dcn mode vlan
interface Ethernet1/0/2
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.0.1 255.255.255.0
undo dcn mode vlan
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
isis enable 1
isis prefix-sid index 33
interface Tunnel100
description 4.4.4.4
ip address unnumbered interface LoopBack0
tunnel-protocol mpls te
destination 4.4.4.4
mpls te signal-protocol segment-routing
mpls te tunnel-id 100
mpls te path explicit-path pe1-pe2
interface NULL0
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 2.2.2.2 enable
ipv4-family vpnv4
policy vpn-target
peer 1.1.1.1 enable
peer 2.2.2.2 enable
ipv4-family vpn-instance vpna
peer 192.168.0.2 as-number 65001
undo dcn
tunnel-policy p1
tunnel select-seq sr-te load-balance-number 1
CE2
sysname pe2
router id 4.4.4.4
ip vpn-instance vpna
ipv4-family
route-distinguisher 100:200
tnl-policy p1
vpn-target 100:100 export-extcommunity
vpn-target 100:100 import-extcommunity
mpls lsr-id 4.4.4.4
mpls
mpls te
explicit-path pe2-pe1
next sid label 20022 type prefix
next sid label 330003 type adjacency
next sid label 20011 type prefix
next sid label 330001 type adjacency
segment-routing
isis 1
is-level level-2
cost-style wide
network-entity 49.0001.0000.0000.0004.00
is-name pe2
segment-routing mpls
segment-routing global-block 20000 30000
interface Ethernet1/0/0
undo shutdown
ip address 100.0.0.6 255.255.255.252
isis enable 1
undo dcn
undo dcn mode vlan
interface Ethernet1/0/1
undo shutdown
ip address 100.0.0.18 255.255.255.252
isis enable 1
undo dcn
undo dcn mode vlan
interface Ethernet1/0/2
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.1.1 255.255.255.0
undo dcn mode vlan
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
isis enable 1
isis prefix-sid index 44
interface Tunnel100
ip address unnumbered interface LoopBack0
tunnel-protocol mpls te
destination 3.3.3.3
mpls te signal-protocol segment-routing
mpls te tunnel-id 100
mpls te path explicit-path pe2-pe1
interface NULL0
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 2.2.2.2 enable
ipv4-family vpnv4
policy vpn-target
peer 1.1.1.1 enable
peer 2.2.2.2 enable
ipv4-family vpn-instance vpna
peer 192.168.1.2 as-number 65002
undo dcn
tunnel-policy p1
tunnel select-seq sr-te load-balance-number 1
P1
sysname p1
set neid 18a8b
vsm on-board-mode enable
snmp-agent trap type base-trap
icmp rate-limit disable
router id 1.1.1.1
mpls lsr-id 1.1.1.1
mpls
aaa
authentication-scheme default0
authentication-scheme default1
authentication-scheme default
authentication-mode local radius
authorization-scheme default
accounting-scheme default0
accounting-scheme default1
domain default0
domain default1
domain default_admin
license
segment-routing
ipv4 adjacency local-ip-addr 100.0.0.1 remote-ip-addr 100.0.0.2 sid 330001
ipv4 adjacency local-ip-addr 100.0.0.5 remote-ip-addr 100.0.0.6 sid 330002
ipv4 adjacency local-ip-addr 100.0.0.9 remote-ip-addr 100.0.0.10 sid 330003
isis 1
is-level level-2
cost-style wide
network-entity 49.0001.0000.0000.0001.00
is-name p1
segment-routing mpls
segment-routing global-block 20000 30000
segment-routing auto-adj-sid disable
interface Ethernet1/0/0
undo shutdown
ip address 100.0.0.1 255.255.255.252
isis enable 1
undo dcn
undo dcn mode vlan
interface Ethernet1/0/1
undo shutdown
ip address 100.0.0.5 255.255.255.252
isis enable 1
undo dcn
undo dcn mode vlan
interface Ethernet1/0/2
undo shutdown
ip address 100.0.0.9 255.255.255.252
isis enable 1
undo dcn mode vlan
interface Ethernet1/0/3
undo shutdown
undo dcn mode vlan
interface Ethernet1/0/4
undo shutdown
undo dcn mode vlan
interface Ethernet1/0/5
undo shutdown
undo dcn mode vlan
interface Ethernet1/0/6
undo shutdown
undo dcn mode vlan
interface Ethernet1/0/7
undo shutdown
undo dcn mode vlan
interface Ethernet1/0/8
undo shutdown
undo dcn mode vlan
interface Ethernet1/0/9
undo shutdown
undo dcn mode vlan
interface GigabitEthernet0/0/0
undo shutdown
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
isis enable 1
isis prefix-sid index 11
interface NULL0
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack0
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 3.3.3.3 enable
peer 4.4.4.4 enable
ipv4-family vpnv4
undo policy vpn-target
peer 2.2.2.2 enable
peer 3.3.3.3 enable
peer 3.3.3.3 reflect-client
peer 4.4.4.4 enable
peer 4.4.4.4 reflect-client
undo dcn
P2
sysname p2
set neid 18a8c
vsm on-board-mode enable
snmp-agent trap type base-trap
icmp rate-limit disable
router id 2.2.2.2
mpls lsr-id 2.2.2.2
mpls
mpls te
license
segment-routing
ipv4 adjacency local-ip-addr 100.0.0.13 remote-ip-addr 100.0.0.14 sid 330001
ipv4 adjacency local-ip-addr 100.0.0.17 remote-ip-addr 100.0.0.18 sid 330002
ipv4 adjacency local-ip-addr 100.0.0.10 remote-ip-addr 100.0.0.9 sid 330003
isis 1
is-level level-2
cost-style wide
network-entity 49.0001.0000.0000.0002.00
is-name p2
segment-routing mpls
segment-routing global-block 20000 30000
interface Ethernet1/0/0
undo shutdown
ip address 100.0.0.13 255.255.255.252
isis enable 1
undo dcn
undo dcn mode vlan
interface Ethernet1/0/1
undo shutdown
ip address 100.0.0.17 255.255.255.252
isis enable 1
undo dcn
undo dcn mode vlan
interface Ethernet1/0/2
undo shutdown
ip address 100.0.0.10 255.255.255.252
isis enable 1
undo dcn mode vlan
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
isis enable 1
isis prefix-sid index 22
interface NULL0
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack0
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 3.3.3.3 enable
peer 4.4.4.4 enable
ipv4-family vpnv4
undo policy vpn-target
peer 1.1.1.1 enable
peer 3.3.3.3 enable
peer 3.3.3.3 reflect-client
peer 4.4.4.4 enable
peer 4.4.4.4 reflect-client
undo dcn
CE1
router id 10.0.0.1
interface GigabitEthernet0/0/0
ip address 192.168.0.2 255.255.255.0
interface LoopBack0
ip address 10.0.0.1 255.255.255.255
bgp 65001
peer 192.168.0.1 as-number 100
ipv4-family unicast
undo synchronization
network 10.0.0.1 255.255.255.255
peer 192.168.0.1 enable
CE2
router id 20.0.0.1
interface GigabitEthernet0/0/0
ip address 192.168.1.2 255.255.255.0
interface LoopBack0
ip address 20.0.0.1 255.255.255.255
bgp 65002
peer 192.168.1.1 as-number 100
ipv4-family unicast
undo synchronization
network 20.0.0.1 255.255.255.255
peer 192.168.1.1 enable
isis邻居查看

sid查看
手动指定显式路径的 ajd sid
P1
segment-routing
ipv4 adjacency local-ip-addr 100.0.0.1 remote-ip-addr 100.0.0.2 sid 330001
ipv4 adjacency local-ip-addr 100.0.0.5 remote-ip-addr 100.0.0.6 sid 330002
ipv4 adjacency local-ip-addr 100.0.0.9 remote-ip-addr 100.0.0.10 sid 330003
P2
segment-routing
ipv4 adjacency local-ip-addr 100.0.0.13 remote-ip-addr 100.0.0.14 sid 330001
ipv4 adjacency local-ip-addr 100.0.0.17 remote-ip-addr 100.0.0.18 sid 330002
ipv4 adjacency local-ip-addr 100.0.0.10 remote-ip-addr 100.0.0.9 sid 330003
查看adj sid(IGP自动生成的adj sid每次设备重启都会变)
关掉isis自动发布的adj sid
p1-isis-1\]segment-routing auto-adj-sid disable 再次查看就只有手动的了,设备重启就不会变了  配置显示路径(如果有控制器就能自动生成) pe1去程 explicit-path pe1-pe2 next sid label 20011 type prefix //p1设备的sid,由那个isis里面设置的范围20000-30000加上loopback口的prefix组合而来 next sid label 330002 type adjacency //p1设备连接pe2接口的adj sid 回程 pe2 explicit-path pe2-pe1 next sid label 20022 type prefix //p2设备的sid next sid label 330003 type adjacency //p2设备连接p1接口的adj sid next sid label 20011 type prefix //p1设备的sid,这条不配好像也可以 ,但为了理解还是配了吧 next sid label 330001 type adjacency //p1设备连接pe1接口的adj sid 配置隧道(借用loopback口地址,关联显式路径) pe1 interface Tunnel100 destination 4.4.4.4 ip address unnumbered interface LoopBack0 tunnel-protocol mpls te mpls te signal-protocol segment-routing mpls te tunnel-id 100 mpls te path explicit-path pe1-pe2 pe2 interface Tunnel100 ip address unnumbered interface LoopBack0 tunnel-protocol mpls te destination 3.3.3.3 mpls te signal-protocol segment-routing mpls te tunnel-id 100 mpls te path explicit-path pe2-pe1 路径查看   隧道查看  检查隧道连通性   配置隧道选择策略 //有的设备不支持sr-te,要用cr-lsp pe1和pe2上配 tunnel-policy p1 tunnel select-seq sr-te load-balance-number 1 ip vpn-instance vpna ipv4-family tnl-policy p1 //调用策略 查看路由有没有进隧道   ce1和ce2连通性测试  内部标签还是mp-bgp分发的 