MPLS(多协议标签交换)实验——华为设备
实验要求:中间ISP区域为公⽹,周围有四个私⽹,要求A公司可以ping通A公司,B公司可以ping通B公司,但是AB之间不互通,要求要涉及到MPLS技术来完成实验;
思路:
先配置ISP公⽹区域,要求将公⽹区域全⽹可达,这⾥利⽤OSPF协议;
然后整个公⽹的开启MPLS——MPLS LDP,然后在公⽹的所有接⼝上调⽤;
之后就是在与CE直连的PE上创建VR空间,然后将于CE直连的接⼝绑定到对应的VR空间⾥;
VR空间创建之后,就可以给CE路由器进⾏IP配置了,配置完IP之后,所有的CE都启⽤OSPF协议(也可以⽤静态,但是为了⽅便,就全部⽤动态协议);
CE启⽤OPSF协议后,要求CE与PE之间互通,在PE上再起⼀个⼯作在VR空间的OSPF协议进程,只宣告与CE直连的接⼝;这时进⾏PE之间的MP-BGP邻居关系的建⽴,⽤来传递MPLS-VPN的路由;
最后在PE上进⾏双向重发布,将BGP和对应的OSPF进程互相进⾏重发布;
操作完成后,实验要求就达到了。
命令配置:
R1:
<R1>dis current-configuration
[V200R003C00]
#
sysname R1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 192.168.2.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
ip address 192.168.1.1 255.255.255.0
#
ospf 1
area 0.0.0.0
network 192.168.0.0 0.0.255.255
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<R1>
R2:
<R2>dis current-configuration
[V200R003C00]
#
sysname R2
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
ip vpn-instance a
ipv4-family
route-distinguisher 1:1
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
ip vpn-instance b
ipv4-family
route-distinguisher 2:2
vpn-target 2:2 export-extcommunity
vpn-target 2:2 import-extcommunity
#
mpls lsr-id 2.2.2.2
mpls
lsp-trigger all
#
mpls ldp
#
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip binding vpn-instance a
ip address 192.168.2.2 255.255.255.0
#
interface GigabitEthernet0/0/1
interface GigabitEthernet0/0/1
ip address 23.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/2
ip binding vpn-instance b
ip address 192.168.2.2 255.255.255.0
#
interface NULL0
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.0
#
bgp 1
router-id 2.2.2.2
peer 4.4.4.4 as-number 1
peer 4.4.4.4 connect-interface LoopBack1 #
ipv4-family unicast
undo synchronization
peer 4.4.4.4 enable
peer 4.4.4.4 next-hop-local
#
ipv4-family vpnv4
policy vpn-target
cipher命令peer 4.4.4.4 enable
#
ipv4-family vpn-instance a
import-route ospf 2
#
ipv4-family vpn-instance b
import-route ospf 3
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 23.1.1.1 0.0.0.0
area 0.0.0.1
#
ospf 2 vpn-instance a
import-route bgp
area 0.0.0.0
network 192.168.2.2 0.0.0.0
#
ospf 3 vpn-instance b
import-route bgp
area 0.0.0.0
network 192.168.0.0 0.0.255.255
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论