263 lines
5.2 KiB
Markdown
263 lines
5.2 KiB
Markdown
|
||
|
||
- CE1、CE3属于vpna。
|
||
- CE2、CE4属于vpnb。
|
||
- vpna使用的VPN-target属性为111:1,vpnb为222:2。
|
||
- 不同VPN用户之间不能互相访问。
|
||
|
||
PE1:
|
||
|
||
```
|
||
#
|
||
sysname PE1
|
||
#
|
||
ip vpn-instance vpna //创建VPN实例vpna
|
||
ipv4-family
|
||
route-distinguisher 100:1
|
||
vpn-target 111:1 export-extcommunity
|
||
vpn-target 111:1 import-extcommunity
|
||
#
|
||
ip vpn-instance vpnb //创建VPN实例vpnb
|
||
ipv4-family
|
||
route-distinguisher 100:2
|
||
vpn-target 222:2 export-extcommunity
|
||
vpn-target 222:2 import-extcommunity
|
||
#
|
||
mpls lsr-id 1.1.1.9 //配置MPLS
|
||
mpls
|
||
#
|
||
mpls ldp //建立LDP
|
||
#
|
||
interface Ethernet1/0/0 //绑定VPN实例
|
||
ip binding vpn-instance vpna
|
||
ip address 10.1.1.2 255.255.255.0
|
||
#
|
||
interface Ethernet2/0/0
|
||
ip binding vpn-instance vpnb //绑定VPN实例
|
||
ip address 10.2.1.2 255.255.255.0
|
||
#
|
||
interface Ethernet2/0/1 //接口使能MPLS
|
||
ip address 172.1.1.1 255.255.255.0
|
||
mpls
|
||
mpls ldp
|
||
#
|
||
interface LoopBack1
|
||
ip address 1.1.1.9 255.255.255.255
|
||
#
|
||
bgp 100 //配置MP-IBGP对等体
|
||
peer 3.3.3.9 as-number 100
|
||
peer 3.3.3.9 connect-interface LoopBack1
|
||
#
|
||
ipv4-family unicast
|
||
undo synchronization
|
||
peer 3.3.3.9 enable
|
||
#
|
||
ipv4-family vpnv4 //使能对等体交换VPNv4路由信息的能力
|
||
policy vpn-target
|
||
peer 3.3.3.9 enable
|
||
#
|
||
ipv4-family vpn-instance vpna //配置PE与CE之间建立EBGP对等体关系,引入VPN路由
|
||
peer 10.1.1.1 as-number 65410
|
||
import-route direct
|
||
#
|
||
ipv4-family vpn-instance vpnb //配置PE与CE之间建立EBGP对等体关系,引入VPN路由
|
||
peer 10.2.1.1 as-number 65420
|
||
import-route direct
|
||
#
|
||
ospf 1 //配置公网路由
|
||
area 0.0.0.0
|
||
network 172.1.1.0 0.0.0.255
|
||
network 1.1.1.9 0.0.0.0
|
||
#
|
||
return
|
||
```
|
||
|
||
P:
|
||
|
||
```
|
||
#
|
||
sysname P
|
||
#
|
||
mpls lsr-id 2.2.2.9 //配置MPLS
|
||
mpls
|
||
#
|
||
mpls ldp
|
||
#
|
||
interface Ethernet1/0/0
|
||
ip address 172.1.1.2 255.255.255.0
|
||
mpls
|
||
mpls ldp
|
||
#
|
||
interface Ethernet2/0/0
|
||
ip address 172.2.1.1 255.255.255.0
|
||
mpls
|
||
mpls ldp
|
||
#
|
||
interface LoopBack1
|
||
ip address 2.2.2.9 255.255.255.255
|
||
#
|
||
ospf 1 //配置公网路由
|
||
area 0.0.0.0
|
||
network 172.1.1.0 0.0.0.255
|
||
network 172.2.1.0 0.0.0.255
|
||
network 2.2.2.9 0.0.0.0
|
||
#
|
||
return
|
||
```
|
||
|
||
PE2:
|
||
|
||
```
|
||
#
|
||
sysname PE2
|
||
#
|
||
ip vpn-instance vpna //创建VPN实例vpna
|
||
ipv4-family
|
||
route-distinguisher 200:1
|
||
vpn-target 111:1 export-extcommunity
|
||
vpn-target 111:1 import-extcommunity
|
||
#
|
||
ip vpn-instance vpnb //创建VPN实例vpnb
|
||
ipv4-family
|
||
route-distinguisher 200:2
|
||
vpn-target 222:2 export-extcommunity
|
||
vpn-target 222:2 import-extcommunity
|
||
#
|
||
mpls lsr-id 3.3.3.9 //配置MPLS LSR
|
||
mpls
|
||
#
|
||
mpls ldp
|
||
#
|
||
interface Ethernet1/0/0 //绑定VPN实例
|
||
ip binding vpn-instance vpna
|
||
ip address 10.3.1.2 255.255.255.0
|
||
#
|
||
interface Ethernet2/0/0 //绑定VPN实例
|
||
ip binding vpn-instance vpnb
|
||
ip address 10.4.1.2 255.255.255.0
|
||
#
|
||
interface Ethernet2/0/1 //接口使能MPLS
|
||
ip address 172.2.1.2 255.255.255.0
|
||
mpls
|
||
mpls ldp
|
||
#
|
||
interface LoopBack1
|
||
ip address 3.3.3.9 255.255.255.255
|
||
#
|
||
bgp 100 //配置MP-IBGP对等体
|
||
peer 1.1.1.9 as-number 100
|
||
peer 1.1.1.9 connect-interface LoopBack1
|
||
#
|
||
ipv4-family unicast
|
||
undo synchronization
|
||
peer 1.1.1.9 enable
|
||
#
|
||
ipv4-family vpnv4 //使能对等体交换VPNv4路由信息的能力
|
||
policy vpn-target
|
||
peer 1.1.1.9 enable
|
||
#
|
||
ipv4-family vpn-instance vpna //配置PE与CE之间建立EBGP对等体关系,引入VPN路由
|
||
peer 10.3.1.1 as-number 65430
|
||
import-route direct
|
||
#
|
||
ipv4-family vpn-instance vpnb //配置PE与CE之间建立EBGP对等体关系,引入VPN路由
|
||
peer 10.4.1.1 as-number 65440
|
||
import-route direct
|
||
#
|
||
ospf 1 //配置公网路由
|
||
area 0.0.0.0
|
||
network 172.2.1.0 0.0.0.255
|
||
network 3.3.3.9 0.0.0.0
|
||
#
|
||
return
|
||
```
|
||
|
||
CE1:
|
||
|
||
```
|
||
#
|
||
sysname CE1
|
||
#
|
||
interface Ethernet1/0/0
|
||
ip address 10.1.1.1 255.255.255.0
|
||
#
|
||
bgp 65410 //在PE与CE之间建立EBGP对等体关系
|
||
peer 10.1.1.2 as-number 100
|
||
#
|
||
ipv4-family unicast
|
||
undo synchronization
|
||
import-route direct //引入直连路由
|
||
peer 10.1.1.2 enable
|
||
#
|
||
return
|
||
```
|
||
|
||
CE2:
|
||
|
||
```
|
||
#
|
||
sysname CE2
|
||
#
|
||
interface Ethernet1/0/0
|
||
ip address 10.2.1.1 255.255.255.0
|
||
#
|
||
bgp 65420 //在PE与CE之间建立EBGP对等体关系
|
||
peer 10.2.1.2 as-number 100
|
||
#
|
||
ipv4-family unicast
|
||
undo synchronization
|
||
import-route direct //引入直连路由
|
||
peer 10.2.1.2 enable
|
||
#
|
||
return
|
||
```
|
||
|
||
CE3:
|
||
|
||
```
|
||
#
|
||
sysname CE3
|
||
#
|
||
interface Ethernet1/0/0
|
||
ip address 10.3.1.1 255.255.255.0
|
||
#
|
||
bgp 65430 //在PE与CE之间建立EBGP对等体关系
|
||
peer 10.3.1.2 as-number 100
|
||
#
|
||
ipv4-family unicast
|
||
undo synchronization
|
||
import-route direct //引入直连路由
|
||
peer 10.3.1.2 enable
|
||
#
|
||
return
|
||
```
|
||
|
||
CE4:
|
||
|
||
```
|
||
#
|
||
sysname CE4
|
||
#
|
||
interface Ethernet1/0/0
|
||
ip address 10.4.1.1 255.255.255.0
|
||
#
|
||
bgp 65440 //在PE与CE之间建立EBGP对等体关系
|
||
peer 10.4.1.2 as-number 100
|
||
#
|
||
ipv4-family unicast
|
||
undo synchronization
|
||
import-route direct //引入直连路由
|
||
peer 10.4.1.2 enable
|
||
#
|
||
return
|
||
```
|
||
|
||
PE之间必须使用32位掩码的Loopback接口地址来建立MP-IBGP对等体关系,以便能够迭代到隧道
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|