yu789000 发表于 2018-9-6 10:01:45

【干货|易消愁说网络】华为RS实验漫载——MPLS VPN-4 VPN实例

https://5b0988e595225.cdn.sohucs.com/images/20180906/feda3996110441acab818e9de303d886.jpeg3.R4和R6构成VPN-1,R5和R7构成VPN-2,不同VPN用户之间不能互相访问。VPN-1使用的RD为100:100,VPN-Target属性为100:1;VPN-2使用的RD为100:200,VPN-Target属性为100:2。R1配置:ip vpn-instance vpn1 //创建vpn实例名称为vpn1route-distinguisher 100:100 //RD值为100:100vpn-target 100:1 both //RT入和出值都为100:1ip vpn-instance vpn2route-distinguisher 100:200vpn-target 100:2 bothR3配置:ip vpn-instance vpn1route-distinguisher 100:100vpn-target 100:1 bothip vpn-instance vpn2route-distinguisher 100:200vpn-target 100:2 both检查现象:配置完成后在R1和R3上执行display ip vpn-instance verbose命令可以看到VPN实例的配置情况。https://5b0988e595225.cdn.sohucs.com/images/20180906/c929c233856642bea7d1fa2c59b3f974.jpeg4.完成CE与PE之间的配置,PE连接CE的接口需要绑定VPN实例,注意接口绑定VPN实例后IP地址会失效,需要在绑定实例后再配置IP地址。CE和PE之间运行OSPF协议,将路由传给PE,CE对VPN实例是不感知的。接口地址如下表:
设备接口地址
R1GigabitEthernet 0/0/110.1.14.1/24
R1GigabitEthernet 0/0/210.1.15.1/24
R3GigabitEthernet 0/0/110.1.36.3/24
R3GigabitEthernet 0/0/210.1.37.3/24
R4GigabitEthernet 0/0/010.1.14.4/24
R4LoopBack 04.4.4.4/32
R4LoopBack 110.10.10.10/32
R5GigabitEthernet 0/0/010.1.15.5/24
R5LoopBack 05.5.5.5/32
R5LoopBack 110.10.10.10/32
R6GigabitEthernet 0/0/010.1.36.6/24
R6LoopBack 06.6.6.6/32
R7GigabitEthernet 0/0/010.1.37.7/24
R7LoopBack 07.7.7.7/32
R1配置:interface GigabitEthernet 0/0/1ip binding vpn-instance vpn1 //接口绑定VPN实例ip address 10.1.14.1 24interface GigabitEthernet 0/0/2ip binding vpn-instance vpn2ip address 10.1.15.1 24ospf 1 router-id 1.1.1.1 vpn-instance vpn1 //协议进程关联VPN实例area 0 //进入OSPF区域0network 10.1.14.1 0.0.0.0 //区域0下宣告地址ospf 2 router-id 1.1.1.1 vpn-instance vpn2area 0network 10.1.15.1 0.0.0.0R3配置:interface GigabitEthernet 0/0/1ip binding vpn-instance vpn1ip address 10.1.36.3 24interface GigabitEthernet 0/0/2ip binding vpn-instance vpn2ip address 10.1.37.3 24ospf 1 router-id 3.3.3.3 vpn-instance vpn1area 0network 10.1.36.3 0.0.0.0ospf 2 router-id 3.3.3.3 vpn-instance vpn2area 0network 10.1.37.3 0.0.0.0R4配置:system-viewsysname R4interface GigabitEthernet 0/0/0ip address 10.1.14.4 24interface LoopBack 0ip address 4.4.4.4 32interface LoopBack 1ip address 10.10.10.10 32ospf 1 router-id 4.4.4.4area 0network 10.1.14.4 0.0.0.0network 4.4.4.4 0.0.0.0network 10.10.10.10 0.0.0.0R5配置:system-viewsysname R5interface GigabitEthernet 0/0/0ip address 10.1.15.5 24interface LoopBack 0ip address 5.5.5.5 32interface LoopBack 1ip address 10.10.10.10 32ospf 1 router-id 5.5.5.5area 0network 10.1.15.5 0.0.0.0network 5.5.5.5 0.0.0.0network 10.10.10.10 0.0.0.0R6配置:system-viewsysname R6interface GigabitEthernet 0/0/0ip address 10.1.36.6 24interface LoopBack 0ip address 6.6.6.6 32ospf 1 router-id 6.6.6.6area 0network 10.1.36.6 0.0.0.0network 6.6.6.6 0.0.0.0R7配置:system-viewsysname R7interface GigabitEthernet 0/0/0ip address 10.1.37.7 24interface LoopBack 0ip address 7.7.7.7 32ospf 1 router-id 7.7.7.7area 0network 10.1.37.7 0.0.0.0network 7.7.7.7 0.0.0.0检查现象:配置完成后在R1和R3上查看是否学习到VPN实例路由,执行display ip routing-table vpn-instance xxx命令查看VPN实例路由。R1和R3通过ospf协议学习到实例路由,根据协议绑定的VPN实例决定放入那个VRF中。https://5b0988e595225.cdn.sohucs.com/images/20180906/c1df3ed134694ad69c97d83babf62bae.jpeghttps://5b0988e595225.cdn.sohucs.com/images/20180906/e618eda8cac3483daa5c8a00d0aeccd8.jpeghttps://5b0988e595225.cdn.sohucs.com/images/20180906/2a66dacb1e3a4425a85c64c979458464.jpeghttps://5b0988e595225.cdn.sohucs.com/images/20180906/e4a7f21b268c4981a3eaac30f8bc11c3.jpeg下一节,我们将对MP-BGP邻居及VPN路由引入做配置讲解。更多华为数通实验操作敬请关注:誉天教育 QQ:3200569443

wsky 发表于 2018-10-19 13:58:52

没搞明白,在学习学习

Rockyw 发表于 2018-10-19 14:00:47

感谢楼主分享!

光腚大弟 发表于 2022-12-15 14:09:25

好好好

oyjtbfs 发表于 2022-12-20 09:32:35

感谢分享
页: [1]
查看完整版本: 【干货|易消愁说网络】华为RS实验漫载——MPLS VPN-4 VPN实例