组网需求
如 图 7-9 , CE1 、 CE2 分别通过 VLAN 方式接入 PE1 和 PE2 。
CE1 和 CE2 之间建立 Martini 方式的 VLL ,使 CE1 和 CE2 的用户网络可以互通。
图 7-9 配置 Dot1q 终结子接口接入 VLL 组网图
配置思路
采用如下的思路配置 Dot1q 子接口接入 VLL :
1. 在骨干网相关设备( PE 、 P )上配置路由协议实现互通,并使能 MPLS 。
2. 本例使用缺省隧道策略,建立 LSP 作为传输业务数据的隧道。
3. PE 上使能 MPLS L2VPN ,并创建 VC 连接。
4. 在 PE 连接 CE 的接口上配置 Dot1q 子接口接入 VLL 。
说明
VCMP 的角色是 Client 时,不能配置 VLAN 终结子接口。
操作步骤
步骤 1 按 图 7-9 配置 CE 、 PE 和 P 的各接口所属 VLAN 和 VLANIF 接口的 IP 地址
# 配置 CE1 ,要求 CE1 发送给 PE1 的报文带有一层 VLAN Tag 。
<HUAWEI> system-view
[HUAWEI] sysname CE1
[CE1] vlan batch 10
[CE1] interface gigabitethernet 0/0/1
[CE1-GigabitEthernet0/0/1] port link-type trunk
[CE1-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[CE1-GigabitEthernet0/0/1] quit
[CE1] interface vlanif 10
[CE1-Vlanif10] ip address 10.10.10.1 24
[CE1-Vlanif10] quit
# 配置 CE2 ,要求 CE2 发送给 PE2 的报文带有一层 VLAN Tag 。
<HUAWEI> system-view
[HUAWEI] sysname CE2
[CE2] vlan batch 10
[CE2] interface gigabitethernet 0/0/1
[CE2-GigabitEthernet0/0/1] port link-type trunk
[CE2-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[CE2-GigabitEthernet0/0/1] quit
[CE2] interface vlanif 10
[CE2-Vlanif10] ip address 10.10.10.2 24
[CE2-Vlanif10] quit
# 配置 PE1 。
<HUAWEI> system-view
[HUAWEI] sysname PE1
[PE1] vlan batch 20
[PE1] interface gigabitethernet 0/0/2
[PE1-GigabitEthernet0/0/2] port link-type hybrid
[PE1-GigabitEthernet0/0/2] port hybrid pvid vlan 20
[PE1-GigabitEthernet0/0/2] port hybrid tagged vlan 20
[PE1-GigabitEthernet0/0/2] quit
[PE1] interface vlanif 20
[PE1-Vlanif20] ip address 10.1.1.1 24
[PE1-Vlanif20] quit
# 配置 P 。
<HUAWEI> system-view
[HUAWEI] sysname P
[P] vlan batch 20 30
[P] interface gigabitethernet 0/0/1
[P-GigabitEthernet0/0/1] port link-type hybrid
[P-GigabitEthernet0/0/1] port hybrid pvid vlan 30
[P-GigabitEthernet0/0/1] port hybrid tagged vlan 30
[P-GigabitEthernet0/0/1] quit
[P] interface gigabitethernet 0/0/2
[P-GigabitEthernet0/0/2] port link-type hybrid
[P-GigabitEthernet0/0/2] port hybrid pvid vlan 20
[P-GigabitEthernet0/0/2] port hybrid tagged vlan 20
[P-GigabitEthernet0/0/2] quit
[P] interface vlanif 20
[P-Vlanif20] ip address 10.1.1.2 24
[P-Vlanif20] quit
[P] interface vlanif 30
[P-Vlanif30] ip address 10.2.2.2 24
[P-Vlanif30] quit
# 配置 PE2 。
<HUAWEI> system-view
[HUAWEI] sysname PE2
[PE2] vlan batch 30
[PE2] interface gigabitethernet 0/0/1
[PE2-GigabitEthernet0/0/1] port link-type hybrid
[PE2-GigabitEthernet0/0/1] port hybrid pvid vlan 30
[PE2-GigabitEthernet0/0/1] port hybrid tagged vlan 30
[PE2-GigabitEthernet0/0/1] quit
[PE2] interface vlanif 30
[PE2-Vlanif30] ip address 10.2.2.1 24
[PE2-Vlanif30] quit
步骤 2 在 MPLS 骨干网上配置 IGP ,本示例中使用 OSPF
配置 OSPF 时,注意需要发布 PE1 、 P 和 PE2 作为 LSR ID 的 32 位 Loopback 接口地址。
# 配置 PE1 。
[PE1] router id 1.1.1.1
[PE1] interface loopback 1
[PE1-LoopBack1] ip address 1.1.1.1 32
[PE1-LoopBack1] quit
[PE1] ospf 1
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit
# 配置 P 。
[P] router id 2.2.2.2
[P] interface loopback 1
[P-LoopBack1] ip address 2.2.2.2 32
[P-LoopBack1] quit
[P] ospf 1
[P-ospf-1] area 0
[P-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[P-ospf-1-area-0.0.0.0] network 10.1.1.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 10.2.2.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] quit
[P-ospf-1] quit
# 配置 PE2 。
[PE2] router id 3.3.3.3
[PE2] interface loopback 1
[PE2-LoopBack1] ip address 3.3.3.3 32
[PE2-LoopBack1] quit
[PE2] ospf 1
[PE2-ospf-1] area 0
[PE2-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] network 10.2.2.1 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] quit
# 配置完成后, PE1 、 P 、 PE2 之间应能建立 OSPF 邻居关系,执行 display ospf peer 命
令可以看到邻居状态为 Full 。执行 display ip routing-table 命令可以看到 PE 之间学习
到对方的 Loopback1 接口路由。以 PE1 的显示为例:
[PE1] display ospf peer
OSPF Process 1 with Router ID 1.1.1.1
Neighbors
Area 0.0.0.0 interface 10.1.1.1(Vlanif20)'s neighbors
Router ID: 2.2.2.2 Address: 10.1.1.2
State: Full Mode:Nbr is Master Priority: 1
DR: 10.1.1.2 BDR: 10.1.1.1 MTU: 0
Dead timer due in 34 sec
Retrans timer interval: 5
Neighbor is up for 00:01:16
Authentication Sequence: [ 0 ]
[PE1] display ip routing-table
Route Flags: R - relay, D - download to fibȀ T - to vpn-instance
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 8 Routes : 8
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack1
2.2.2.2/32 OSPF 10 1 D 10.1.1.2 Vlanif20
3.3.3.3/32 OSPF 10 2 D 10.1.1.2 Vlanif20
10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif20
10.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif20
10.2.2.0/24 OSPF 10 2 D 10.1.1.2 Vlanif20
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
步骤 3 在 MPLS 骨干网上配置 MPLS 基本能力和 LDP
# 配置 PE1 。
[PE1] mpls lsr-id 1.1.1.1
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1] interface vlanif 20
[PE1-Vlanif20] mpls
[PE1-Vlanif20] mpls ldp
[PE1-Vlanif20] quit
# 配置 P 。
[P] mpls lsr-id 2.2.2.2
[P] mpls
[P-mpls] quit
[P] mpls ldp
[P-mpls-ldp] quit
[P] interface vlanif 20
[P-Vlanif20] mpls
[P-Vlanif20] mpls ldp
[P-Vlanif20] quit
[P] interface vlanif 30
[P-Vlanif30] mpls
[P-Vlanif30] mpls ldp
[P-Vlanif30] quit
# 配置 PE2 。
[PE2] mpls lsr-id 3.3.3.3
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp
[PE2-mpls-ldp] quit
[PE2] interface vlanif 30
[PE2-Vlanif30] mpls
[PE2-Vlanif30] mpls ldp
[PE2-Vlanif30] quit
步骤 4 在 PE 之间建立远端 LDP 会话
# 配置 PE1 。
[PE1] mpls ldp remote-peer 3.3.3.3
[PE1-mpls-ldp-remote-3.3.3.3] remote-ip 3.3.3.3
[PE1-mpls-ldp-remote-3.3.3.3] quit
# 配置 PE2 。
[PE2] mpls ldp remote-peer 1.1.1.1
[PE2-mpls-ldp-remote-1.1.1.1] remote-ip 1.1.1.1
[PE2-mpls-ldp-remote-1.1.1.1] quit
上述配置完成后,在 PE1 上执行 display mpls ldp session 命令查看 LDP 会话的建立情
况,可以看到增加了与 PE2 的远端 LDP 会话。
以 PE1 的显示为例:
[PE1] display mpls ldp session
LDP Session(s) in Public Network
Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
A '*' before a session means the session is being deleted.
------------------------------------------------------------------------------
PeerID Status LAM SsnRole SsnAge KASent/Rcv
------------------------------------------------------------------------------
2.2.2.2:0 Operational DU Passive 0000:15:29 3717/3717
3.3.3.3:0 Operational DU Passive 0000:00:00 2/2
------------------------------------------------------------------------------
TOTAL: 2 session(s) Found.
步骤 5 在 PE 上使能 MPLS L2VPN ,并创建 VC 连接
# 配置 PE1 :在接入 CE1 的接口 gigabitethernet0/0/1.1 上创建 VC 。
[PE1] mpls l2vpn
[PE1-l2vpn] quit
[PE1] vcmp role silent
[PE1] interface gigabitethernet0/0/1
[PE1-GigabitEthernet0/0/1] port link-type hybrid
[PE1-GigabitEthernet0/0/1] quit
[PE1] interface gigabitethernet0/0/1.1
[PE1-GigabitEthernet0/0/1.1] dot1q termination vid 10
[PE1-GigabitEthernet0/0/1.1] mpls l2vc 3.3.3.3 101
[PE1-GigabitEthernet0/0/1.1] quit
# 配置 PE2 :在接入 CE2 的接口 gigabitethernet0/0/2.1 上创建 VC 。
[PE2] mpls l2vpn
[PE2-l2vpn] quit
[PE2] vcmp role silent
[PE2] interface gigabitethernet0/0/2
[PE2-GigabitEthernet0/0/2] port link-type hybrid
[PE2-GigabitEthernet0/0/2] quit
[PE2] interface gigabitethernet0/0/2.1
[PE2-GigabitEthernet0/0/2.1] dot1q termination vid 10
[PE2-GigabitEthernet0/0/2.1] mpls l2vc 1.1.1.1 101
[PE2-GigabitEthernet0/0/2.1] quit
步骤 6 验证配置结果
在 PE 上查看 L2VPN 连接信息,可以看到建立了一条 L2 VC ,状态为 UP 。
以 PE1 的显示为例:
[PE1] display mpls l2vc interface gigabitethernet0/0/1.1
*client interface : GigabitEthernet0/0/1.1 is up
Administrator PW : no
session state : up
AC status : up
Ignore AC state : disable
VC state : up
Label state : 0
Token state : 0
VC ID : 101
VC type : VLAN
destination : 3.3.3.3
local group ID : 0 remote group ID : 0
local VC label : 23552 remote VC label : 23552
local AC OAM State : up
local PSN OAM State : up
local forwarding state : forwarding
local status code : 0x0
remote AC OAM state : up
remote PSN OAM state : up
remote forwarding state: forwarding
remote status code : 0x0
ignore standby state : no
BFD for PW : unavailable
VCCV State : up
manual fault : not set
active state : active
forwarding entry : exist
link state : up
local VC MTU : 1500 remote VC MTU : 1500
local VCCV : alert ttl lsp-ping bfd
remote VCCV : alert ttl lsp-ping bfd
local control word : disable remote control word : disable
tunnel policy name : --
PW template name : --
primary or secondary : primary
load balance type : flÑw
Access-port : false
Switchover Flag : false
VC tunnel/token info : 1 tunnels/tokens
NO.0 TNL type : lsp , TNL ID : 0x10031
Backup TNL type : lsp , TNL ID : 0x0
create time : 1 days, 22 hours, 15 minutes, 9 seconds
up time : 0 days, 22 hours, 54 minutes, 57 seconds
last change time : 0 days, 22 hours, 54 minutes, 57 seconds
VC last up time : 2010/10/09 19:26:37
VC total up time : 1 days, 20 hours, 42 minutes, 30 seconds
CKey : 8
NKey : 3
PW redundancy mode : --
AdminPw interface : --
AdminPw link state : --
²čäàv Mode : uniform
Service Class : --
Color : --
DomainId : --
Domain Name : --
CE1 和 CE2 能够相互 Ping 通。
以 CE1 的显示为例:
[CE1] ping 10.10.10.2
PING 10.10.10.2: 56 data bytes, press CTRL_C to break
Reply from 10.10.10.2: bytes=56 Sequence=1 ttl=255 time=31 ms
Reply from 10.10.10.2: bytes=56 Sequence=2 ttl=255 time=10 ms
Reply from 10.10.10.2: bytes=56 Sequence=3 ttl=255 time=5 ms
Reply from 10.10.10.2: bytes=56 Sequence=4 ttl=255 time=2 ms
Reply from 10.10.10.2: bytes=56 Sequence=5 ttl=255 time=28 ms
--- 10.10.10.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 2/15/31 ms
---- 结束
配置文件
● CE1 的配置文件
#
sysname CE1
#
vlan batch 10
#
interface Vlanif10
ip address 10.10.10.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
return
● PE1 的配置文件
#
sysname PE1
#
router id 1.1.1.1
#
vlan batch 20
#
mpls lsr-id 1.1.1.1
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 3.3.3.3
remote-ip 3.3.3.3
#
interface Vlanif20
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#interface GigabitEthernet0/0/1
port link-type hybrid
#
interface GigabitEthernet0/0/1.1
dot1q termination vid 10
mpls l2vc 3.3.3.3 101
#
interface GigabitEthernet0/0/2
port link-type hybrid
port hybrid pvid vlan 20
port hybrid tagged vlan 20
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return
● P 的配置文件
#
sysname P
#
router id 2.2.2.2
#
vlan batch 20 30
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
#
interface Vlanif20
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif30
ip address 10.2.2.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type hybrid
port hybrid pvid vlan 30
port hybrid tagged vlan 30
#
interface GigabitEthernet0/0/2
port link-type hybrid
port hybrid pvid vlan 20
port hybrid tagged vlan 20
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.2.0 0.0.0.255
#
return
● PE2 的配置文件
#
sysname PE2
#
router id 3.3.3.3
#
vlan batch 30
#
mpls lsr-id 3.3.3.3
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 1.1.1.1
remote-ip 1.1.1.1
#
interface Vlanif30
ip address 10.2.2.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type hybrid
port hybrid pvid vlan 30
port hybrid tagged vlan 30
#
interface GigabitEthernet0/0/2
port link-type hybrid
#
interface GigabitEthernet0/0/2.1
dot1q termination vid 10
mpls l2vc 1.1.1.1 101
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.2.2.0 0.0.0.255
#
return
● CE2 的配置文件
#
sysname CE2
#
vlan batch 10
#
interface Vlanif10
ip address 10.10.10.2 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
return