华为交换机-配置双层VLAN Mapping子接口接入VPLS示例
组网需求
如图1,PE1和PE2启动VPLS功能。CE1通过Switch1连接PE1,CE2通过Switch2连接PE2。CE1和CE2属于一个VPLS。采用LDP作为VPLS信令建立PW,配置VPLS,实现CE1与CE2的互通。
Switch的CE侧接口配置灵活QinQ,对CE发送过来的报文打上运营商指定允许通过的外层VLAN Tag。
当运营商Switch1与Switch2允许通过的VLAN不同时,需要使用双层VLAN Mapping子接口接入VPLS方式使CE1与CE2互通。
当Switch连接多个CE时,对不同CE发送过来的不同的VLAN Tag报文打上相同的外层VLAN Tag,还可以达到节省公网VLAN数量的目的。
VCMP的角色是Client时,不能配置VLAN终结子接口。
| Switch | 接口 | 对应的三层接口 | IP地址 |
|---|---|---|---|
| PE1 | GigabitEthernet1/0/0 | GigabitEthernet1/0/0.1 | - |
| - | GigabitEthernet2/0/0 | VLANIF20 | 4.4.4.4/24 |
| - | Loopback1 | - | 1.1.1.1/32 |
| PE2 | GigabitEthernet1/0/0 | VLANIF30 | 5.5.5.5/24 |
| - | GigabitEthernet2/0/0 | GigabitEthernet2/0/0.1 | - |
| - | Loopback1 | - | 3.3.3.3/32 |
| P | GigabitEthernet1/0/0 | VLANIF20 | 4.4.4.5/24 |
| - | GigabitEthernet2/0/0 | VLANIF30 | 5.5.5.4/24 |
| - | Loopback1 | - | 2.2.2.2/32 |
| CE1 | GigabitEthernet1/0/0 | VLANIF10 | 10.1.1.1/24 |
| CE2 | GigabitEthernet1/0/0 | VLANIF10 | 10.1.1.2/24 |
配置思路
采用如下的思路配置:
- 在骨干网上配置路由协议实现互通。
- 在Switch连接CE的接口上配置灵活QinQ。
- 在PE之间建立远端LDP会话。
- PE间建立传输业务数据所使用的隧道。
- PE上使能MPLS L2VPN。
- 在PE上创建VSI,指定信令为LDP。
- 在PE1连接Switch1的接口上配置双层VLAN Mapping子接口接入VPLS。
- 在PE2连接Switch2的接口上配置QinQ子接口接入VPLS。
操作步骤
- 按图1配置各接口所属的VLAN
- 避免将PE上AC侧和PW侧的物理接口加入相同的VLAN中,否则可能引起环路。
- 要求CE发送给Switch的报文带有一层VLAN Tag。
# 配置CE1。
<HUAWEI> system-view [HUAWEI] sysname CE1 [CE1] vlan batch 10 [CE1] interface gigabitethernet 1/0/0 [CE1-GigabitEthernet1/0/0] port link-type trunk [CE1-GigabitEthernet1/0/0] port trunk allow-pass vlan 10 [CE1-GigabitEthernet1/0/0] quit [CE1] interface vlanif 10 [CE1-Vlanif10] ip address 10.1.1.1 24 [CE1-Vlanif10] quit
# 配置CE2。
<HUAWEI> system-view [HUAWEI] sysname CE2 [CE2] vlan batch 10 [CE2] interface gigabitethernet 1/0/0 [CE2-GigabitEthernet1/0/0] port link-type trunk [CE2-GigabitEthernet1/0/0] port trunk allow-pass vlan 10 [CE2-GigabitEthernet1/0/0] quit [CE2] interface vlanif 10 [CE2-Vlanif10] ip address 10.1.1.2 24 [CE2-Vlanif10] quit
# 配置PE1。
<HUAWEI> system-view [HUAWEI] sysname PE1 [PE1] vlan batch 20 [PE1] interface gigabitethernet 2/0/0 [PE1-GigabitEthernet2/0/0] port link-type hybrid [PE1-GigabitEthernet2/0/0] port hybrid pvid vlan 20 [PE1-GigabitEthernet2/0/0] port hybrid tagged vlan 20 [PE1-GigabitEthernet2/0/0] quit [PE1] interface vlanif 20 [PE1-Vlanif20] ip address 4.4.4.4 24 [PE1-Vlanif20] quit
# 配置P。
<HUAWEI> system-view [HUAWEI] sysname P [P] vlan batch 20 30 [P] interface gigabitethernet 1/0/0 [P-GigabitEthernet1/0/0] port link-type hybrid [P-GigabitEthernet1/0/0] port hybrid pvid vlan 20 [P-GigabitEthernet1/0/0] port hybrid tagged vlan 20 [P-GigabitEthernet1/0/0] quit [P] interface gigabitethernet 2/0/0 [P-GigabitEthernet2/0/0] port link-type hybrid [P-GigabitEthernet2/0/0] port hybrid pvid vlan 30 [P-GigabitEthernet2/0/0] port hybrid tagged vlan 30 [P-GigabitEthernet2/0/0] quit [P] interface vlanif 20 [P-Vlanif20] ip address 4.4.4.5 24 [P-Vlanif20] quit [P] interface vlanif 30 [P-Vlanif30] ip address 5.5.5.4 24 [P-Vlanif30] quit
# 配置PE2。
<HUAWEI> system-view [HUAWEI] sysname PE2 [PE2] vlan batch 30 [PE2] interface gigabitethernet 1/0/0 [PE2-GigabitEthernet1/0/0] port link-type hybrid [PE2-GigabitEthernet1/0/0] port hybrid pvid vlan 30 [PE2-GigabitEthernet1/0/0] port hybrid tagged vlan 30 [PE2-GigabitEthernet1/0/0] quit [PE2] interface vlanif 30 [PE2-Vlanif30] ip address 5.5.5.5 24 [PE2-Vlanif30] quit
- 在Switch的接口上配置灵活QinQ和允许通过的VLAN# 配置Switch1。
<HUAWEI> system-view [HUAWEI] sysname Switch1 [Switch1] vlan 100 [Switch1-vlan100] quit [Switch1] interface gigabitethernet2/0/0 [Switch1-GigabitEthernet2/0/0] port link-type hybrid [Switch1-GigabitEthernet2/0/0] port hybrid tagged vlan 100 [Switch1-GigabitEthernet2/0/0] quit [Switch1] interface gigabitethernet1/0/0 [Switch1-GigabitEthernet1/0/0] port link-type hybrid [Switch1-GigabitEthernet1/0/0] port hybrid untagged vlan 100 [Switch1-GigabitEthernet1/0/0] port vlan-stacking vlan 10 stack-vlan 100 [Switch1-GigabitEthernet1/0/0] quit
# 配置Switch2。
<HUAWEI> system-view [HUAWEI] sysname Switch2 [Switch2] vlan 200 [Switch2-vlan200] quit [Switch2] interface gigabitethernet2/0/0 [Switch2-GigabitEthernet2/0/0] port link-type hybrid [Switch2-GigabitEthernet2/0/0] port hybrid tagged vlan 200 [Switch2-GigabitEthernet2/0/0] quit [Switch2] interface gigabitethernet1/0/0 [Switch2-GigabitEthernet1/0/0] port link-type hybrid [Switch2-GigabitEthernet1/0/0] port hybrid untagged vlan 200 [Switch2-GigabitEthernet1/0/0] port vlan-stacking vlan 10 stack-vlan 200 [Switch2-GigabitEthernet1/0/0] quit
- 配置IGP,本例中使用OSPF。配置OSPF时,注意需要发布PE1、P和PE2的32位Loopback接口地址(LSR-ID)。
# 配置PE1。
[PE1] router id 1.1.1.1 [PE1] interface loopback 1 [PE1-LoopBack1] ip address 1.1.1.1 32 [PE1-LoopBack1] quit [PE1] ospf 1 [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 4.4.4.4 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit
# 配置P。
[P] router id 2.2.2.2 [P] interface loopback 1 [P-LoopBack1] ip address 2.2.2.2 32 [P-LoopBack1] quit [P] ospf 1 [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0 [P-ospf-1-area-0.0.0.0] network 4.4.4.5 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 5.5.5.4 0.0.0.255 [P-ospf-1-area-0.0.0.0] quit [P-ospf-1] quit
# 配置PE2。
[PE2] router id 3.3.3.3 [PE2] interface loopback 1 [PE2-LoopBack1] ip address 3.3.3.3 32 [PE2-LoopBack1] quit [PE2] ospf 1 [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] network 5.5.5.5 0.0.0.255 [PE2-ospf-1-area-0.0.0.0] quit [PE2-ospf-1] quit
配置完成后,在PE1、P和PE2上执行display ip routing-table命令可以看到已学到彼此的路由。以PE1的显示为例:
[PE1] display ip routing-table Route Flags: R - relay, D - download to fib, T - to vpn-instance ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 8 Routes : 8 Destination/Mask Proto Pre Cost Flags NextHop Interface 1.1.1.1/32 Direct 0 0 D 127.0.0.1 LoopBack1 2.2.2.2/32 OSPF 10 1 D 4.4.4.5 Vlanif20 3.3.3.3/32 OSPF 10 2 D 4.4.4.5 Vlanif20 4.4.4.0/24 Direct 0 0 D 4.4.4.4 Vlanif20 4.4.4.4/32 Direct 0 0 D 127.0.0.1 Vlanif20 5.5.5.0/24 OSPF 10 2 D 4.4.4.5 Vlanif20 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0 - 配置MPLS基本能力和LDP# 配置PE1。
[PE1] mpls lsr-id 1.1.1.1 [PE1] mpls [PE1-mpls] quit [PE1] mpls ldp [PE1-mpls-ldp] quit [PE1] interface vlanif 20 [PE1-Vlanif20] mpls [PE1-Vlanif20] mpls ldp [PE1-Vlanif20] quit
# 配置P。
[P] mpls lsr-id 2.2.2.2 [P] mpls [P-mpls] quit [P] mpls ldp [P-mpls-ldp] quit [P] interface vlanif 20 [P-Vlanif20] mpls [P-Vlanif20] mpls ldp [P-Vlanif20] quit [P] interface vlanif 30 [P-Vlanif30] mpls [P-Vlanif30] mpls ldp [P-Vlanif30] quit
# 配置PE2。
[PE2] mpls lsr-id 3.3.3.3 [PE2] mpls [PE2-mpls] quit [PE2] mpls ldp [PE2-mpls-ldp] quit [PE2] interface vlanif 30 [PE2-Vlanif30] mpls [PE2-Vlanif30] mpls ldp [PE2-Vlanif30] quit
配置完成后,在PE1、P和PE2上执行display mpls ldp session命令可以看到PE1和P之间或PE2和P之间的对等体的Status项为“Operational”,即对等体关系已建立。执行display mpls lsp命令可以看到LSP的建立情况。以PE1的显示为例:
[PE1] display mpls ldp session LDP Session(s) in Public Network Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM) A '*' before a session means the session is being deleted. ------------------------------------------------------------------------------ PeerID Status LAM SsnRole SsnAge KASent/Rcv ------------------------------------------------------------------------------ 2.2.2.2:0 Operational DU Passive 0000:15:29 3717/3717 ------------------------------------------------------------------------------ TOTAL: 1 session(s) Found.
- 在PE之间建立远端LDP会话# 配置PE1。
[PE1] mpls ldp remote-peer 3.3.3.3 [PE1-mpls-ldp-remote-3.3.3.3] remote-ip 3.3.3.3 [PE1-mpls-ldp-remote-3.3.3.3] quit
# 配置PE2。
[PE2] mpls ldp remote-peer 1.1.1.1 [PE2-mpls-ldp-remote-1.1.1.1] remote-ip 1.1.1.1 [PE2-mpls-ldp-remote-1.1.1.1] quit
配置完成后,在PE1或PE2上执行display mpls ldp session命令可以看到PE1和PE2之间的对等体的Status项为“Operational”,即远端对等体关系已建立。以PE1的显示为例:
[PE1] display mpls ldp session LDP Session(s) in Public Network Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM) A '*' before a session means the session is being deleted. ------------------------------------------------------------------------------ PeerID Status LAM SsnRole SsnAge KASent/Rcv ------------------------------------------------------------------------------ 2.2.2.2:0 Operational DU Passive 0000:15:29 3717/3717 3.3.3.3:0 Operational DU Passive 0000:00:00 2/2 ------------------------------------------------------------------------------ TOTAL: 2 session(s) Found.
- 在PE上使能MPLS L2VPN# 配置PE1。
[PE1] mpls l2vpn [PE1-l2vpn] quit
# 配置PE2。
[PE2] mpls l2vpn [PE2-l2vpn] quit
- 在PE上配置VSI# 配置PE1。
[PE1] vsi a2 static [PE1-vsi-a2] pwsignal ldp [PE1-vsi-a2-ldp] vsi-id 2 [PE1-vsi-a2-ldp] peer 3.3.3.3 [PE1-vsi-a2-ldp] quit [PE1-vsi-a2] quit
# 配置PE2。
[PE2] vsi a2 static [PE2-vsi-a2] pwsignal ldp [PE2-vsi-a2-ldp] vsi-id 2 [PE2-vsi-a2-ldp] peer 1.1.1.1 [PE2-vsi-a2-ldp] quit [PE2-vsi-a2] quit
- 在PE上配置VSI与接口的绑定# 配置PE1。
[PE1] vcmp role silent [PE1] interface gigabitethernet1/0/0 [PE1-GigabitEthernet1/0/0] port link-type hybrid [PE1-GigabitEthernet1/0/0] quit [PE1] interface gigabitethernet1/0/0.1 [PE1-GigabitEthernet1/0/0.1] qinq mapping pe-vid 100 ce-vid 10 map-vlan vid 200 [PE1-GigabitEthernet1/0/0.1] l2 binding vsi a2 [PE1-GigabitEthernet1/0/0.1] quit
# 配置PE2。
[PE2] vcmp role silent [PE2] interface gigabitethernet2/0/0 [PE2-GigabitEthernet2/0/0] port link-type hybrid [PE2-GigabitEthernet2/0/0] quit [PE2] interface gigabitethernet2/0/0.1 [PE2-GigabitEthernet2/0/0.1] qinq termination pe-vid 200 ce-vid 10 [PE2-GigabitEthernet2/0/0.1] l2 binding vsi a2 [PE2-GigabitEthernet2/0/0.1] quit
- 验证配置结果完成上述配置后,在PE1上执行display vsi name a2 verbose命令,可以看到名字为a2的VSI建立了一条PW到PE2,VSI状态为UP。
[PE1] display vsi name a2 verbose ***VSI Name : a2 Administrator VSI : no Isolate Spoken : disable VSI Index : 0 PW Signaling : ldp Member Discovery Style : static PW MAC Learn Style : unqualify Encapsulation Type : vlan MTU : 1500 Diffserv Mode : uniform Mpls Exp : -- DomainId : 255 Domain Name : Ignore AcState : disable P2P VSI : disable Create Time : 0 days, 0 hours, 5 minutes, 1 seconds VSI State : up VSI ID : 2 *Peer Router ID : 3.3.3.3 Negotiation-vc-id : 2 primary or secondary : primary ignore-standby-state : no VC Label : 23552 Peer Type : dynamic Session : up Tunnel ID : 0x22 Broadcast Tunnel ID : 0x22 Broad BackupTunnel ID : 0x0 CKey : 2 NKey : 1 Stp Enable : 0 PwIndex : 0 Control Word : disable Interface Name : gigabitethernet1/0/0.1 State : up Access Port : false Last Up Time : 2010/12/30 11:31:18 Total Up Time : 0 days, 0 hours, 1 minutes, 35 seconds **PW Information: *Peer Ip Address : 3.3.3.3 PW State : up Local VC Label : 23552 Remote VC Label : 23552 Remote Control Word : disable PW Type : label Local VCCV : alert lsp-ping bfd Remote VCCV : alert lsp-ping bfd Tunnel ID : 0x22 Broadcast Tunnel ID : 0x22 Broad BackupTunnel ID : 0x0 Ckey : 0x2 Nkey : 0x1 Main PW Token : 0x22 Slave PW Token : 0x0 Tnl Type : LSP OutInterface : Vlanif20 Backup OutInterface : Stp Enable : 0 PW Last Up Time : 2010/12/30 11:32:03 PW Total Up Time : 0 days, 0 hours, 0 minutes, 50 seconds在CE1(10.1.1.1)上能够ping通CE2(10.1.1.2)。
<CE1> ping 10.1.1.2 PING 10.1.1.2: 56 data bytes, press CTRL_C to break Reply from 10.1.1.2: bytes=56 Sequence=1 ttl=255 time=90 ms Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=77 ms Reply from 10.1.1.2: bytes=56 Sequence=3 ttl=255 time=34 ms Reply from 10.1.1.2: bytes=56 Sequence=4 ttl=255 time=46 ms Reply from 10.1.1.2: bytes=56 Sequence=5 ttl=255 time=94 ms --- 10.1.1.2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 34/68/94 ms
配置文件
- CE1的配置文件
# sysname CE1 # vlan batch 10 # interface Vlanif10 ip address 10.1.1.1 255.255.255.0 # interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 # return
- CE2的配置文件
# sysname CE2 # vlan batch 10 # interface Vlanif10 ip address 10.1.1.2 255.255.255.0 # interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 # return
- Switch1的配置文件
# sysname Switch1 # vlan batch 100 # interface GigabitEthernet1/0/0 port link-type hybrid port hybrid untagged vlan 100 port vlan-stacking vlan 10 stack-vlan 100 # interface GigabitEthernet2/0/0 port link-type hybrid port hybrid tagged vlan 100 # return
- Switch2的配置文件
# sysname Switch2 # vlan batch 200 # interface GigabitEthernet1/0/0 port link-type hybrid port hybrid untagged vlan 200 port vlan-stacking vlan 10 stack-vlan 200 # interface GigabitEthernet2/0/0 port link-type hybrid port hybrid tagged vlan 200 # return
- PE1的配置文件
# sysname PE1 # router id 1.1.1.1 # vcmp role silent # vlan batch 20 # mpls lsr-id 1.1.1.1 mpls # mpls l2vpn # vsi a2 static pwsignal ldp vsi-id 2 peer 3.3.3.3 # mpls ldp # mpls ldp remote-peer 3.3.3.3 remote-ip 3.3.3.3 # interface Vlanif20 ip address 4.4.4.4 255.255.255.0 mpls mpls ldp # interface GigabitEthernet1/0/0 port link-type hybrid # interface GigabitEthernet1/0/0.1 qinq mapping pe-vid 100 ce-vid 10 map-vlan vid 200 l2 binding vsi a2 # interface GigabitEthernet2/0/0 port link-type hybrid port hybrid pvid vlan 20 port hybrid tagged vlan 20 # interface LoopBack1 ip address 1.1.1.1 255.255.255.255 # ospf 1 area 0.0.0.0 network 1.1.1.1 0.0.0.0 network 4.4.4.0 0.0.0.255 # return
- P的配置文件
# sysname P # router id 2.2.2.2 # vlan batch 20 30 # mpls lsr-id 2.2.2.2 mpls # mpls ldp # interface Vlanif20 ip address 4.4.4.5 255.255.255.0 mpls mpls ldp # interface Vlanif30 ip address 5.5.5.4 255.255.255.0 mpls mpls ldp # interface GigabitEthernet1/0/0 port link-type hybrid port hybrid pvid vlan 20 port hybrid tagged vlan 20 # interface GigabitEthernet2/0/0 port link-type hybrid port hybrid pvid vlan 30 port hybrid tagged vlan 30 # interface LoopBack1 ip address 2.2.2.2 255.255.255.255 # ospf 1 area 0.0.0.0 network 2.2.2.2 0.0.0.0 network 4.4.4.0 0.0.0.255 network 5.5.5.0 0.0.0.255 # return
- PE2的配置文件
# sysname PE2 # router id 3.3.3.3 # vcmp role silent # vlan batch 30 # mpls lsr-id 3.3.3.3 mpls # mpls l2vpn # vsi a2 static pwsignal ldp vsi-id 2 peer 1.1.1.1 # mpls ldp # mpls ldp remote-peer 1.1.1.1 remote-ip 1.1.1.1 # interface Vlanif30 ip address 5.5.5.5 255.255.255.0 mpls mpls ldp # interface GigabitEthernet1/0/0 port link-type hybrid port hybrid pvid vlan 30 port hybrid tagged vlan 30 # interface GigabitEthernet2/0/0 port link-type hybrid # interface GigabitEthernet2/0/0.1 qinq termination pe-vid 200 ce-vid 10 l2 binding vsi a2 # interface LoopBack1 ip address 3.3.3.3 255.255.255.255 # ospf 1 area 0.0.0.0 network 3.3.3.3 0.0.0.0 network 5.5.5.0 0.0.0.255 # return
阅读剩余
版权声明:
作者:SE_YT
链接:https://www.cnesa.cn/3029.html
文章版权归作者所有,未经允许请勿转载。
THE END
