华为交换机-配置VLAN Stacking子接口接入VLL示例
组网需求
如图1,CE1、CE2分别通过VLAN方式接入PE1和PE2。
PE1和PE2之间建立Martini方式的VLL。
Switch1分别与CE1、PE1相连。
Switch2分别与CE2、PE2相连。
Switch1对CE1上送报文的VLAN Tag不进行改变,转发到PE1。
Switch2的CE2侧接口配置灵活QinQ,对CE发送过来的报文打上运营商指定允许通过的外层VLAN Tag。
Switch1上送到PE1的报文带有单层VLAN Tag,而Switch2上送到PE2的报文带有双层VLAN Tag,所以需要在PE1上配置VLAN Stacking子接口接入VLL方式使CE1与CE2互通。
当Switch连接多个CE时,对不同CE发送过来的不同的VLAN Tag报文打上相同的外层VLAN Tag,还可以达到节省公网VLAN数量的目的。
VCMP的角色是Client时,不能配置VLAN终结子接口。
| Switch | 接口 | 对应的三层接口 | IP地址 |
|---|---|---|---|
| PE1 | GigabitEthernet1/0/0 | GigabitEthernet1/0/0.1 | - |
| - | GigabitEthernet2/0/0 | VLANIF20 | 10.1.1.1/24 |
| - | Loopback1 | - | 1.1.1.1/32 |
| PE2 | GigabitEthernet1/0/0 | VLANIF30 | 10.2.2.1/24 |
| - | GigabitEthernet2/0/0 | GigabitEthernet2/0/0.1 | - |
| - | Loopback1 | - | 3.3.3.3/32 |
| P | GigabitEthernet1/0/0 | VLANIF30 | 10.2.2.2/24 |
| - | GigabitEthernet2/0/0 | VLANIF20 | 10.1.1.2/24 |
| - | Loopback1 | - | 2.2.2.2/32 |
| CE1 | GigabitEthernet1/0/0 | VLANIF10 | 10.10.10.1/24 |
| CE2 | GigabitEthernet1/0/0 | VLANIF10 | 10.10.10.2/24 |
配置思路
采用如下的思路配置:
- 在骨干网相关设备(PE、P)上配置路由协议实现互通,并使能MPLS。
- 本例使用缺省隧道策略,建立LSP作为传输业务数据的隧道。
- PE上使能MPLS L2VPN,并创建VC连接。
- 在PE1连接Switch1的接口上配置VLAN Stacking子接口接入VLL。
- 在PE2连接Switch2的接口上配置QinQ子接口接入VLL。
- 在Switch1连接CE1的接口上配置允许VLAN通过。
- 在Switch2连接CE2的接口上配置灵活QinQ。
操作步骤
- 按图1配置CE、PE和P的各接口所属VLAN和VLANIF接口的IP地址# 配置CE1,要求CE1发送给PE1的报文带有一层VLAN Tag。
<HUAWEI> system-view [HUAWEI] sysname CE1 [CE1] vlan batch 10 [CE1] interface gigabitethernet 1/0/0 [CE1-GigabitEthernet1/0/0] port link-type trunk [CE1-GigabitEthernet1/0/0] port trunk allow-pass vlan 10 [CE1-GigabitEthernet1/0/0] quit [CE1] interface vlanif 10 [CE1-Vlanif10] ip address 10.10.10.1 24 [CE1-Vlanif10] quit
# 配置CE2,要求CE2发送给PE2的报文带有一层VLAN Tag。
<HUAWEI> system-view [HUAWEI] sysname CE2 [CE2] vlan batch 10 [CE2] interface gigabitethernet 1/0/0 [CE2-GigabitEthernet1/0/0] port link-type trunk [CE2-GigabitEthernet1/0/0] port trunk allow-pass vlan 10 [CE2-GigabitEthernet1/0/0] quit [CE2] interface vlanif 10 [CE2-Vlanif10] ip address 10.10.10.2 24 [CE2-Vlanif10] quit
# 配置PE1。
<HUAWEI> system-view [HUAWEI] sysname PE1 [PE1] vlan batch 20 [PE1] interface gigabitethernet 2/0/0 [PE1-GigabitEthernet2/0/0] port link-type hybrid [PE1-GigabitEthernet2/0/0] port hybrid pvid vlan 20 [PE1-GigabitEthernet2/0/0] port hybrid tagged vlan 20 [PE1-GigabitEthernet2/0/0] quit [PE1] interface vlanif 20 [PE1-Vlanif20] ip address 10.1.1.1 24 [PE1-Vlanif20] quit
# 配置P。
<HUAWEI> system-view [HUAWEI] sysname P [P] vlan batch 20 30 [P] interface gigabitethernet 1/0/0 [P-GigabitEthernet1/0/0] port link-type hybrid [P-GigabitEthernet1/0/0] port hybrid pvid vlan 30 [P-GigabitEthernet1/0/0] port hybrid tagged vlan 30 [P-GigabitEthernet1/0/0] quit [P] interface gigabitethernet 2/0/0 [P-GigabitEthernet2/0/0] port link-type hybrid [P-GigabitEthernet2/0/0] port hybrid pvid vlan 20 [P-GigabitEthernet2/0/0] port hybrid tagged vlan 20 [P-GigabitEthernet2/0/0] quit [P] interface vlanif 20 [P-Vlanif20] ip address 10.1.1.2 24 [P-Vlanif20] quit [P] interface vlanif 30 [P-Vlanif30] ip address 10.2.2.2 24 [P-Vlanif30] quit
# 配置PE2。
<HUAWEI> system-view [HUAWEI] sysname PE2 [PE2] vlan batch 30 [PE2] interface gigabitethernet 1/0/0 [PE2-GigabitEthernet1/0/0] port link-type hybrid [PE2-GigabitEthernet1/0/0] port hybrid pvid vlan 30 [PE2-GigabitEthernet1/0/0] port hybrid tagged vlan 30 [PE2-GigabitEthernet1/0/0] quit [PE2] interface vlanif 30 [PE2-Vlanif30] ip address 10.2.2.1 24 [PE2-Vlanif30] quit
- 在Switch的接口上配置灵活QinQ和允许通过的VLAN# 配置Switch1。
<HUAWEI> system-view [HUAWEI] sysname Switch1 [Switch1] vlan 10 [Switch1-vlan10] quit [Switch1] interface gigabitethernet2/0/0 [Switch1-GigabitEthernet2/0/0] port link-type hybrid [Switch1-GigabitEthernet2/0/0] port hybrid tagged vlan 10 [Switch1-GigabitEthernet2/0/0] quit [Switch1] interface gigabitethernet1/0/0 [Switch1-GigabitEthernet1/0/0] port link-type hybrid [Switch1-GigabitEthernet1/0/0] port hybrid tagged vlan 10 [Switch1-GigabitEthernet1/0/0] quit
# 配置Switch2。
<HUAWEI> system-view [HUAWEI] sysname Switch2 [Switch2] vlan 100 [Switch2-vlan100] quit [Switch2] interface gigabitethernet2/0/0 [Switch2-GigabitEthernet2/0/0] port link-type hybrid [Switch2-GigabitEthernet2/0/0] port hybrid tagged vlan 100 [Switch2-GigabitEthernet2/0/0] quit [Switch2] interface gigabitethernet1/0/0 [Switch2-GigabitEthernet1/0/0] port link-type hybrid [Switch2-GigabitEthernet1/0/0] port hybrid untagged vlan 100 [Switch2-GigabitEthernet1/0/0] port vlan-stacking vlan 10 stack-vlan 100 [Switch2-GigabitEthernet1/0/0] quit
- 在MPLS骨干网上配置IGP,本示例中使用OSPF配置OSPF时,注意需要发布PE1、P和PE2作为LSR ID的32位Loopback接口地址。
# 配置PE1。
[PE1] router id 1.1.1.1 [PE1] interface loopback 1 [PE1-LoopBack1] ip address 1.1.1.1 32 [PE1-LoopBack1] quit [PE1] ospf 1 [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit
# 配置P。
[P] router id 2.2.2.2 [P] interface loopback 1 [P-LoopBack1] ip address 2.2.2.2 32 [P-LoopBack1] quit [P] ospf 1 [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0 [P-ospf-1-area-0.0.0.0] network 10.1.1.2 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 10.2.2.2 0.0.0.255 [P-ospf-1-area-0.0.0.0] quit [P-ospf-1] quit
# 配置PE2。
[PE2] router id 3.3.3.3 [PE2] interface loopback 1 [PE2-LoopBack1] ip address 3.3.3.3 32 [PE2-LoopBack1] quit [PE2] ospf 1 [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] network 10.2.2.1 0.0.0.255 [PE2-ospf-1-area-0.0.0.0] quit [PE2-ospf-1] quit
# 配置完成后,PE1、P、PE2之间应能建立OSPF邻居关系,执行display ospf peer命令可以看到邻居状态为Full。执行display ip routing-table命令可以看到PE之间学习到对方的Loopback1接口路由。以PE1的显示为例:
[PE1] display ospf peer OSPF Process 1 with Router ID 1.1.1.1 Neighbors Area 0.0.0.0 interface 10.1.1.1(Vlanif20)'s neighbors Router ID: 2.2.2.2 Address: 10.1.1.2 State: Full Mode:Nbr is Master Priority: 1 DR: 10.1.1.2 BDR: 10.1.1.1 MTU: 0 Dead timer due in 34 sec Retrans timer interval: 5 Neighbor is up for 00:01:16 Authentication Sequence: [ 0 ][PE1] display ip routing-table Route Flags: R - relay, D - download to fib, T - to vpn-instance ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 8 Routes : 8 Destination/Mask Proto Pre Cost Flags NextHop Interface 1.1.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack1 2.2.2.2/32 OSPF 10 1 D 10.1.1.2 Vlanif20 3.3.3.3/32 OSPF 10 2 D 10.1.1.2 Vlanif20 10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif20 10.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif20 10.2.2.0/24 OSPF 10 2 D 10.1.1.2 Vlanif20 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0 - 在MPLS骨干网上配置MPLS基本能力和LDP# 配置PE1。
[PE1] mpls lsr-id 1.1.1.1 [PE1] mpls [PE1-mpls] quit [PE1] mpls ldp [PE1-mpls-ldp] quit [PE1] interface vlanif 20 [PE1-Vlanif20] mpls [PE1-Vlanif20] mpls ldp [PE1-Vlanif20] quit
# 配置P。
[P] mpls lsr-id 2.2.2.2 [P] mpls [P-mpls] quit [P] mpls ldp [P-mpls-ldp] quit [P] interface vlanif 20 [P-Vlanif20] mpls [P-Vlanif20] mpls ldp [P-Vlanif20] quit [P] interface vlanif 30 [P-Vlanif30] mpls [P-Vlanif30] mpls ldp [P-Vlanif30] quit
# 配置PE2。
[PE2] mpls lsr-id 3.3.3.3 [PE2] mpls [PE2-mpls] quit [PE2] mpls ldp [PE2-mpls-ldp] quit [PE2] interface vlanif 30 [PE2-Vlanif30] mpls [PE2-Vlanif30] mpls ldp [PE2-Vlanif30] quit
- 在PE之间建立远端LDP会话# 配置PE1。
[PE1] mpls ldp remote-peer 3.3.3.3 [PE1-mpls-ldp-remote-3.3.3.3] remote-ip 3.3.3.3 [PE1-mpls-ldp-remote-3.3.3.3] quit
# 配置PE2。
[PE2] mpls ldp remote-peer 1.1.1.1 [PE2-mpls-ldp-remote-1.1.1.1] remote-ip 1.1.1.1 [PE2-mpls-ldp-remote-1.1.1.1] quit
上述配置完成后,在PE1上执行display mpls ldp session命令查看LDP会话的建立情况,可以看到增加了与PE2的远端LDP会话。
以PE1的显示为例:
[PE1] display mpls ldp session LDP Session(s) in Public Network Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM) A '*' before a session means the session is being deleted. ------------------------------------------------------------------------------ PeerID Status LAM SsnRole SsnAge KASent/Rcv ------------------------------------------------------------------------------ 2.2.2.2:0 Operational DU Passive 0000:15:29 3717/3717 3.3.3.3:0 Operational DU Passive 0000:00:00 2/2 ------------------------------------------------------------------------------ TOTAL: 2 session(s) Found.
- 在PE上使能MPLS L2VPN,并创建VC连接# 配置PE1:在接入Switch1的接口gigabitethernet1/0/0.1上创建VC。
[PE1] mpls l2vpn [PE1-l2vpn] quit [PE1] vcmp role silent [PE1] interface gigabitethernet1/0/0 [PE1-GigabitEthernet1/0/0] port link-type hybrid [PE1-GigabitEthernet1/0/0] quit [PE1] interface gigabitethernet1/0/0.1 [PE1-GigabitEthernet1/0/0.1] qinq stacking vid 10 pe-vid 100 [PE1-GigabitEthernet1/0/0.1] mpls l2vc 3.3.3.3 101 [PE1-GigabitEthernet1/0/0.1] quit
# 配置PE2:在接入Switch2的接口gigabitethernet2/0/0.1上创建VC。
[PE2] mpls l2vpn [PE2-l2vpn] quit [PE2] vcmp role silent [PE2] interface gigabitethernet2/0/0 [PE2-GigabitEthernet2/0/0] port link-type hybrid [PE2-GigabitEthernet2/0/0] quit [PE2] interface gigabitethernet2/0/0.1 [PE2-GigabitEthernet2/0/0.1] qinq termination pe-vid 100 ce-vid 10 [PE2-GigabitEthernet2/0/0.1] mpls l2vc 1.1.1.1 101 [PE2-GigabitEthernet2/0/0.1] quit
- 验证配置结果在PE上查看L2VPN连接信息,可以看到建立了一条L2 VC,状态为UP。
以PE1的显示为例:
[PE1] display mpls l2vc interface gigabitethernet1/0/0.1 *client interface : GigabitEthernet1/0/0.1 is up Administrator PW : no session state : up AC status : up Ignore AC state : disable VC state : up Label state : 0 Token state : 0 VC ID : 101 VC type : VLAN destination : 3.3.3.3 local group ID : 0 remote group ID : 0 local VC label : 23552 remote VC label : 23552 local AC OAM State : up local PSN OAM State : up local forwarding state : forwarding local status code : 0x0 remote AC OAM state : up remote PSN OAM state : up remote forwarding state: forwarding remote status code : 0x0 ignore standby state : no BFD for PW : unavailable VCCV State : up manual fault : not set active state : active forwarding entry : exist link state : up local VC MTU : 1500 remote VC MTU : 1500 local VCCV : alert ttl lsp-ping bfd remote VCCV : alert ttl lsp-ping bfd local control word : disable remote control word : disable tunnel policy name : -- PW template name : -- primary or secondary : primary load balance type : flow Access-port : false Switchover Flag : false VC tunnel/token info : 1 tunnels/tokens NO.0 TNL type : lsp , TNL ID : 0x10031 Backup TNL type : lsp , TNL ID : 0x0 create time : 1 days, 22 hours, 15 minutes, 9 seconds up time : 0 days, 22 hours, 54 minutes, 57 seconds last change time : 0 days, 22 hours, 54 minutes, 57 seconds VC last up time : 2010/10/09 19:26:37 VC total up time : 1 days, 20 hours, 42 minutes, 30 seconds CKey : 8 NKey : 3 PW redundancy mode : -- AdminPw interface : -- AdminPw link state : -- Diffserv Mode : uniform Service Class : -- Color : -- DomainId : -- Domain Name : --
CE1和CE2能够相互Ping通。
以CE1的显示为例:
[CE1] ping 10.10.10.2 PING 10.10.10.2: 56 data bytes, press CTRL_C to break Reply from 10.10.10.2: bytes=56 Sequence=1 ttl=255 time=31 ms Reply from 10.10.10.2: bytes=56 Sequence=2 ttl=255 time=10 ms Reply from 10.10.10.2: bytes=56 Sequence=3 ttl=255 time=5 ms Reply from 10.10.10.2: bytes=56 Sequence=4 ttl=255 time=2 ms Reply from 10.10.10.2: bytes=56 Sequence=5 ttl=255 time=28 ms --- 10.10.10.2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 2/15/31 ms
配置文件
- CE1的配置文件
# sysname CE1 # vlan batch 10 # interface Vlanif10 ip address 10.10.10.1 255.255.255.0 # interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 # return
- Switch1的配置文件
# sysname Switch1 # vlan batch 10 # interface GigabitEthernet1/0/0 port link-type hybrid port hybrid tagged vlan 10 # interface GigabitEthernet2/0/0 port link-type hybrid port hybrid tagged vlan 10 # return
- PE1的配置文件
# sysname PE1 # router id 1.1.1.1 # vcmp role silent # vlan batch 20 # mpls lsr-id 1.1.1.1 mpls # mpls l2vpn # mpls ldp # mpls ldp remote-peer 3.3.3.3 remote-ip 3.3.3.3 # interface Vlanif20 ip address 10.1.1.1 255.255.255.0 mpls mpls ldp # interface GigabitEthernet1/0/0 port link-type hybrid # interface GigabitEthernet1/0/0.1 qinq stacking vid 10 pe-vid 100 mpls l2vc 3.3.3.3 101 # interface GigabitEthernet2/0/0 port link-type hybrid port hybrid pvid vlan 20 port hybrid tagged vlan 20 # interface LoopBack1 ip address 1.1.1.1 255.255.255.255 # ospf 1 area 0.0.0.0 network 1.1.1.1 0.0.0.0 network 10.1.1.0 0.0.0.255 # return
- P的配置文件
# sysname P # router id 2.2.2.2 # vlan batch 20 30 # mpls lsr-id 2.2.2.2 mpls # mpls ldp # interface Vlanif20 ip address 10.1.1.2 255.255.255.0 mpls mpls ldp # interface Vlanif30 ip address 10.2.2.2 255.255.255.0 mpls mpls ldp # interface GigabitEthernet1/0/0 port link-type hybrid port hybrid pvid vlan 30 port hybrid tagged vlan 30 # interface GigabitEthernet2/0/0 port link-type hybrid port hybrid pvid vlan 20 port hybrid tagged vlan 20 # interface LoopBack1 ip address 2.2.2.2 255.255.255.255 # ospf 1 area 0.0.0.0 network 2.2.2.2 0.0.0.0 network 10.1.1.0 0.0.0.255 network 10.2.2.0 0.0.0.255 # return
- PE2的配置文件
# sysname PE2 # router id 3.3.3.3 # vcmp role silent # vlan batch 30 # mpls lsr-id 3.3.3.3 mpls # mpls l2vpn # mpls ldp # mpls ldp remote-peer 1.1.1.1 remote-ip 1.1.1.1 # interface Vlanif30 ip address 10.2.2.1 255.255.255.0 mpls mpls ldp # interface GigabitEthernet1/0/0 port link-type hybrid port hybrid pvid vlan 30 port hybrid tagged vlan 30 # interface GigabitEthernet2/0/0.1 qinq termination pe-vid 100 ce-vid 10 mpls l2vc 1.1.1.1 101 # interface LoopBack1 ip address 3.3.3.3 255.255.255.255 # ospf 1 area 0.0.0.0 network 3.3.3.3 0.0.0.0 network 10.2.2.0 0.0.0.255 # return
- Switch2的配置文件
# sysname Switch2 # vlan batch 100 # interface GigabitEthernet1/0/0 port link-type hybrid port hybrid untagged vlan 100 port vlan-stacking vlan 10 stack-vlan 100 # interface GigabitEthernet2/0/0 port link-type hybrid port hybrid tagged vlan 100 # return
- CE2的配置文件
# sysname CE2 # vlan batch 10 # interface Vlanif10 ip address 10.10.10.2 255.255.255.0 # interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 # return
阅读剩余
版权声明:
作者:SE_YT
链接:https://www.cnesa.cn/3027.html
文章版权归作者所有,未经允许请勿转载。
THE END
