H3C交換機MPLS配置
1、簡介:
MPLS L2是基于MPLS的二層技術,将使用者的二層資料封裝成可以在IP或MPLS網絡中傳送的分組,通過IP路徑或MPLS隧道轉發,接收端解封裝分組後恢複原來的二層資料,進而實作使用者二層資料跨越MPLS或IP網絡在不同站點間透明地傳送。
2、基本概念:
CE(Customer Edge,使用者網絡邊緣)裝置是直接與服務提供商網絡相連的使用者網絡側裝置。
PE(Provider Edge,服務提供商網絡邊緣)裝置是與CE相連的服務提供商網絡側裝置。PE主要負責VPN業務的接入,完成封包從使用者網絡到公網隧道、從公網隧道到使用者網絡的映射與轉發。
AC(Attachment Circuit,接入電路)是連接配接CE和PE的實體電路或虛拟電路,例如ATM的VPI/VCI、Ethernet接口、VLAN、實體接口上的PPP連接配接。
PW(Pseudowire,僞線)是兩個PE之間的虛拟雙向連接配接。MPLS PW由一對方向相反的單向LSP構成。
3、網絡拓撲:
實作CE1與CE2互通
4、配置:
4.1、将MPLS網絡中裝置配置ip和ospf協定:
[PE1]interface LoopBack 0
[PE1-LoopBack0]ip address 1.1.1.9 32
[PE1-LoopBack0]quit
[PE1]interface GigabitEthernet 0/2
[PE1-GigabitEthernet0/2]ip address 220.178.251.1 24
[PE1-GigabitEthernet0/2]quit
[PE1]ospf 1 router-id 1.1.1.9
[PE1-ospf-1]area 0
[PE1-ospf-1-area-0.0.0.0]network 1.1.1.9 0.0.0.0
[PE1-ospf-1-area-0.0.0.0]network 220.178.251.1 0.0.0.0
[PE1-ospf-1-area-0.0.0.0]quit
[PE1-ospf-1]quit
[P]interface LoopBack 0
[P-LoopBack0]ip address 2.2.2.9 32
[P-LoopBack0]quit
[P]interface GigabitEthernet 0/1
[P-GigabitEthernet0/1]ip address 220.178.251.2 24
[P-GigabitEthernet0/1]interface GigabitEthernet 0/2
[P-GigabitEthernet0/2]ip address 110.64.89.1 24
[P-GigabitEthernet0/2]quit
[P]ospf 1 router-id 2.2.2.9
[P-ospf-1]area 0
[P-ospf-1-area-0.0.0.0]network 2.2.2.9 0.0.0.0
[P-ospf-1-area-0.0.0.0]network 220.178.251.2 0.0.0.0
[P-ospf-1-area-0.0.0.0]network 110.64.89.1 0.0.0.0
[P-ospf-1-area-0.0.0.0]quit
[P-ospf-1]quit
[PE2]interface LoopBack 0
[PE2-LoopBack0]ip address 3.3.3.9 32
[PE2-LoopBack0]quit
[PE2]interface GigabitEthernet 0/2
[PE2-GigabitEthernet0/2]ip address 110.64.89.2 24
[PE2-GigabitEthernet0/2]quit
[PE2]ospf 1 router-id 3.3.3.9
[PE2-ospf-1]area 0
[PE2-ospf-1-area-0.0.0.0]network 3.3.3.9 0.0.0.0
[PE2-ospf-1-area-0.0.0.0]network 110.64.89.2 0.0.0.0
[PE2-ospf-1-area-0.0.0.0]quit
[PE2-ospf-1]quit
4.2、将MPLS網絡中裝置啟動l2vpn、mpls和mpls ldp協定:
[PE1]l2vpn enable
[PE1]mpls lsr-id 1.1.1.9
[PE1]mpls ldp
[PE1-ldp]quit
[PE1]interface GigabitEthernet 0/2
[PE1-GigabitEthernet0/2]mpls enable
[PE1-GigabitEthernet0/2]mpls ldp enable
[PE1-GigabitEthernet0/2]quit
[P]l2vpn enable
[P]mpls lsr-id 2.2.2.9
[P]mpls ldp
[P-ldp]quit
[P]interface range GigabitEthernet 0/1 to GigabitEthernet 0/2
[P-if-range]mpls enable
[P-if-range]mpls ldp enable
[P-if-range]quit
[PE2]l2vpn enable
[PE2]mpls lsr-id 3.3.3.9
[PE2]mpls ldp
[PE2-ldp]quit
[PE2]interface GigabitEthernet 0/2
[PE2-GigabitEthernet0/2]mpls enable
[PE2-GigabitEthernet0/2]mpls ldp enable
[PE2-GigabitEthernet0/2]quit
[PE1]display mpls ldp lsp
Status Flags: * - stale, L - liberal, B - backup
FECs: 3 Ingress: 2 Transit: 2 Egress: 1
FEC In/Out Label Nexthop OutInterface
1.1.1.9/32 3/-
-/1151(L)
2.2.2.9/32 -/3 220.178.251.2 GE0/2
1151/3 220.178.251.2 GE0/2
3.3.3.9/32 -/1150 220.178.251.2 GE0/2
1150/1150 220.178.251.2 GE0/2
測試PE1與PE2是否可達:
[PE1]ping mpls -a 1.1.1.9 ipv4 3.3.3.9 32
MPLS ping FEC 3.3.3.9/32 with 100 bytes of data:
100 bytes from 110.64.89.2: Sequence=1 time=1 ms
100 bytes from 110.64.89.2: Sequence=2 time=2 ms
100 bytes from 110.64.89.2: Sequence=3 time=1 ms
100 bytes from 110.64.89.2: Sequence=4 time=1 ms
100 bytes from 110.64.89.2: Sequence=5 time=2 ms
--------------------------------------------------------------------------------
5、配置靜态PW:
5.1、PE1與PE2建立交叉連接配接組l2vpn,在該交叉連接配接組内建立名稱為vpnac的交叉連接配接,将接口GigabitEthernet0/1與此交叉連接配接關聯,并在交叉連接配接内建立靜态PW,以便将AC和PW關聯。
[PE1]xconnect-group l2vpn
[PE1-xcg-l2vpn]connection vpnac
[PE1-xcg-l2vpn-vpnac]ac interface GigabitEthernet 0/1 #ac與接口關聯
[PE1-xcg-l2vpn-vpnac]peer 3.3.3.9 pw-id 100 in-label 100 out-label 200 #出标簽200,入标簽100
[PE1-xcg-l2vpn-vpnac-3.3.3.9-100]quit
[PE1-xcg-l2vpn-vpnac]quit
[PE1-xcg-l2vpn]quit
[PE2]xconnect-group l2vpn
[PE2-xcg-l2vpn]connection vpnca
[PE2-xcg-l2vpn-vpnca]ac interface GigabitEthernet 0/1 #ac與接口關聯
[PE2-xcg-l2vpn-vpnca]peer 1.1.1.9 pw-id 100 in-label 200 out-label 100 #出标簽100,入标簽200
[PE2-xcg-l2vpn-vpnca-1.1.1.9-100]quit
[PE2-xcg-l2vpn-vpnca]quit
[PE2-xcg-l2vpn]quit
[PE1]display l2vpn pw #檢視靜态PW資訊
Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: l2vpn
Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State
3.3.3.9 100 100/200 Static M 0 Up
[PE2]display l2vpn pw #檢視靜态PW資訊
Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: l2vpn
Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State
1.1.1.9 100 200/100 Static M 0 Up
完成以上步驟CE1與CE2配置好IP位址可互通。
6、配置LDP PW:
6.1、修改5.1配置的靜态PW,配置LDP PW:
[PE1]xconnect-group l2vpn
[PE1-xcg-l2vpn]connection vpnac
[PE1-xcg-l2vpn-vpnac]undo peer 3.3.3.9 pw-id 100 #删除之前的靜态PW
[PE1-xcg-l2vpn-vpnac]peer 3.3.3.9 pw-id 100
[PE1-xcg-l2vpn-vpnac]dis this
#
connection vpnac
ac interface GigabitEthernet0/1
peer 3.3.3.9 pw-id 100
#
return
[PE1-xcg-l2vpn-vpnac-3.3.3.9-100]quit
[PE1-xcg-l2vpn-vpnac]quit
[PE1-xcg-l2vpn]quit
[PE2]xconnect-group l2vpn
[PE2-xcg-l2vpn]connection vpnca
[PE2-xcg-l2vpn-vpnca]undo peer 1.1.1.9 pw-id 100 #删除之前的靜态PW
[PE2-xcg-l2vpn-vpnca]peer 1.1.1.9 pw-id 100
[PE2-xcg-l2vpn-vpnca]dis this
#
connection vpnca
ac interface GigabitEthernet0/1
peer 1.1.1.9 pw-id 100
#
return
[PE2-xcg-l2vpn-vpnca-1.1.1.9-100]quit
[PE2-xcg-l2vpn-vpnca]quit
[PE2-xcg-l2vpn]quit
[PE1]display l2vpn pw #檢視PW資訊
Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: l2vpn
Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State
3.3.3.9 100 917631/917631 LDP M 0 Up
[PE2]display l2vpn pw #檢視PW資訊
Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: l2vpn
Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State
1.1.1.9 100 917631/917631 LDP M 0 Up
完成以上步驟CE1與CE2配置好IP位址可互通。
![MPLS技術基礎[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)