首页 > 学术百科

路由器-跨域VPN-OptionA典型配置

【需求】

采用OptionA方式实现跨域的BGP/MPLS VPN业务的互通。

【组网图】

【配置脚本】

小柳树和小枣树教学设计

PE-1配置脚本

sysname PE1

router id 202.100.1.2

mpls lsr-id 202.100.1.2

radius scheme system

mpls

mpls ldp

ip vpn-instance vpna

route-distinguisher 100:1

vpn-target 100:1 export-extcommunity

vpn-target 100:1 import-extcommunity

ip vpn-instance vpnb

route-distinguisher 101:1

vpn-target 101:1 export-extcommunity

vpn-target 101:1 import-extcommunity

domain system

interface Serial2/0/0

link-protocol ppp

ip address 172.100.1.2 255.255.255.0

mpls

mpls ldp enable

interface NULL0

interface LoopBack0

ip address 202.100.1.2 255.255.255.255

interface LoopBack10

ip binding vpn-instance vpna

ip address 168.100.2.1 255.255.255.0

interface LoopBack11

ip binding vpn-instance vpnb

ip address 169.100.2.1 255.255.255.0

bgp 100

undo synchronization

group in internal

peer in connect-interface LoopBack0

peer 202.100.1.1 group in

ipv4-family vpn-instance vpna

import-route direct

undo synchronization

ipv4-family vpn-instance vpnb

import-route direct

undo synchronization

ipv4-family vpnv4

peer in enable

peer 202.100.1.1 group in

ospf 1

area 0.0.0.0

network 172.100.1.0 0.0.0.255

network 202.100.1.2 0.0.0.0

return

ASBR-1配置脚本

sysname ASBR-1

router id 202.100.1.1

mpls lsr-id 202.100.1.1

radius scheme system

mpls

mpls ldp

ip vpn-instance vpna

route-distinguisher 100:1

vpn-target 100:1 export-extcommunity

vpn-target 100:1 import-extcommunity

ip vpn-instance vpnb

route-distinguisher 101:1

vpn-target 101:1 export-extcommunity

vpn-target 101:1 import-extcommunity

domain system

interface Ethernet1/0/0

interface Ethernet1/0/0.10 /ASBR之间建立子接口，绑定到vpna/

ip binding vpn-instance vpna

ip address 192.1.1.1 255.255.255.0

vlan-type dot1q vid 10

interface Ethernet1/0/0.20 /ASBR之间建立子接口，绑定到vpna/

EVPip binding vpn-instance vpnb

ip address 193.1.1.1 255.255.255.0

vlan-type dot1q vid 20

interface Serial2/0/0

link-protocol ppp

ip address 172.100.1.1 255.255.255.0

mpls

mpls ldp enable

interface NULL0

interface LoopBack0

ip address 202.100.1.1 255.255.255.255

interface LoopBack10

ip binding vpn-instance vpna

ip address 168.100.1.1 255.255.255.0

interface LoopBack11

ip binding vpn-instance vpnb

ip address 169.100.1.1 255.255.255.0

bgp 100

undo synchronization

group in internal

peer in connect-interface LoopBack0

peer 202.100.1.2 group in

ipv4-family vpn-instance vpna

import-route direct

undo synchronization

group ex external

peer 192.1.1.2 group ex as-number 200 /ASBR-1和ASBR-2之间建立EBGP/

ipv4-family vpn-instance vpnb

import-route direct

undo synchronization

group ex external

peer 193.1.1.2 group ex as-number 200 /ASBR-1和ASBR-2之间建立EBGP/

ipv4-family vpnv4

peer in enable

peer 202.100.1.2 group in

ospf 1

area 0.0.0.0

network 172.100.1.0 0.0.0.255

network 202.100.1.1 0.0.0.0

return

PE-2配置脚本

sysname PE2

router id 202.200.1.2

罗伯斯庇尔简介

mpls lsr-id 202.200.1.2

radius scheme system

mpls

mpls ldp

ip vpn-instance vpna

route-distinguisher 200:1

vpn-target 200:1 export-extcommunity

vpn-target 200:1 import-extcommunity

ip vpn-instance vpnb

route-distinguisher 201:1

vpn-target 201:1 export-extcommunity

vpn-target 201:1 import-extcommunity

domain system

interface Serial2/0/0

link-protocol ppp

ip address 172.200.1.2 255.255.255.0

mpls

mpls ldp enable

interface NULL0

interface LoopBack0

ip address 202.200.1.2 255.255.255.255

interface LoopBack10

ip binding vpn-instance vpna

ip address 168.200.2.1 255.255.255.0

interface LoopBack11

ip binding vpn-instance vpnb

ip address 169.200.2.1 255.255.255.0

bgp 200

undo synchronization

group in internal

peer in connect-interface LoopBack0

peer 202.200.1.1 group in

ipv4-family vpn-instance vpnb

import-route direct

undo synchronization

ipv4-family vpn-instance vpna

import-route direct

undo synchronization

ipv4-family vpnv4

peer in enable

peer 202.200.1.1 group in

ospf 1

area 0.0.0.0

network 172.200.1.0 0.0.0.255

network 202.200.1.2 0.0.0.0

return

ASBR-2配置脚本

sysname ASBR-2

router id 202.200.1.1

mpls lsr-id 202.200.1.1

radius scheme system

mpls

mpls ldp

ip vpn-instance vpna

route-distinguisher 200:1

vpn-target 200:1 export-extcommunity

vpn-target 200:1 import-extcommunity

ip vpn-instance vpnb

route-distinguisher 201:1

vpn-target 201:1 export-extcommunity

vpn-target 201:1 import-extcommunity

domain system

interface Ethernet1/0/0

interface Ethernet1/0/0.10 /ASBR之间建立子接口，绑定到vpna/

ip binding vpn-instance vpna

ip address 192.1.1.2 255.255.255.0

vlan-type dot1q vid 10

pascal语言程序设计

interface Ethernet1/0/0.20 /ASBR之间建立子接口，绑定到vpnb/

ip binding vpn-instance vpnb

ip address 193.1.1.2 255.255.255.0

vlan-type dot1q vid 20

interface Serial2/0/0

link-protocol ppp

ip address 172.200.1.1 255.255.255.0

mpls

mpls ldp enable

interface NULL0

interface LoopBack0

ip address 202.200.1.1 255.255.255.255

interface LoopBack10

ip binding vpn-instance vpna

ip address 168.200.1.1 255.255.255.0

interface LoopBack11

ip binding vpn-instance vpnb

ip address 169.200.1.1 255.255.255.0

bgp 200

undo synchronization

group in internal

peer in connect-interface LoopBack0

peer 202.200.1.2 group in

ipv4-family vpn-instance vpna

import-route direct

undo synchronization

group ex external

peer 192.1.1.1 group ex as-number 100 /ASBR-1和ASBR-2之间建立EBGP/

ipv4-family vpn-instance vpnb

import-route direct

undo synchronization

group ex external

peer 193.1.1.1 group ex as-number 100 /ASBR-1和ASBR-2之间建立EBGP/

ipv4-family vpnv4

peer in enable

peer 202.200.1.2 group in

ospf 1

area 0.0.0.0

network 172.200.1.0 0.0.0.255

network 202.200.1.1 0.0.0.0

return

【提示】

1、跨域OptionA又叫爱美说VRF to VRF(背靠背方式)方式

2、对于AS内部的实现和配置和普通MPLS/VPN没有区别

3、ASBR对等体间通过划分子接口方式，每个子接口分别绑定一个VRF，保证域间传播路由的私有性。

如果无法划分子接口，必需为每个vpn提供独立的物理线路

4、每个ASBR路由器都把对方ASBR路由器当做CE路由器看待

5石油储运、域间转发为IP转发

本文发布于:2024-09-22 03:34:04，感谢您对本站的认可！

本文链接：https://www.17tex.com/xueshu/472556.html

上一篇：BGP MPLS VPN的实现技术分析

下一篇：Cisco MIBGP MPLS VPN配置指导

标签：接口路由器配置域间绑定

留言与评论（共有 0 条评论）