H3C S5820V2H Configuration Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Switch
  5. S5820V2H
  6. Configuration manual
H3C S5820V2H Configuration Manual

H3C S5820V2H Configuration Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
H3C S5830V2 & S5820V2 Switch Series
MCE Configuration Guide
Hangzhou H3C Technologies Co., Ltd.
http://www.h3c.com
Software version: Release 22xx
Document version: 6W100-20131105

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the S5820V2H and is the answer not in the manual?

Questions and answers

Related Manuals for H3C S5820V2H

Summary of Contents for H3C S5820V2H

  • Page 1 H3C S5830V2 & S5820V2 Switch Series MCE Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 22xx Document version: 6W100-20131105...
  • Page 2 SecPro, SecPoint, SecEngine, SecPath, Comware, Secware, Storware, NQA, VVG, V G, V G, PSPT, XGbus, N-Bus, TiGem, InnoVision and HUASAN are trademarks of Hangzhou H3C Technologies Co., Ltd. All other trademarks that may be mentioned in this manual are the property of their respective owners Notice The information in this document is subject to change without notice.
  • Page 3 The H3C S5830V2 & S5820V2 documentation set includes 14 configuration guides, which describe the software features for the H3C S5830V2 & S5820V2 Switch Series and guide you through the software configuration procedures. These configuration guides also provide configuration examples to help you apply software features to different network scenarios.

  • Page 4: Command Conventions

    Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional. Braces enclose a set of required syntax choices separated by vertical bars, from which { x | y | ...

  • Page 5: Documentation Set

    Command references commands. Obtaining documentation You can access the most up-to-date H3C product documentation on the World Wide Web at http://www.h3c.com. Click the links on the top navigation bar to obtain different categories of product documentation: [Technical Support & Documents > Technical Documents] –...

  • Page 6: Technical Support

    Technical support service@h3c.com http://www.h3c.com Documentation feedback You can e-mail your comments about product documentation to info@h3c.com. We appreciate your comments.

  • Page 7: Table Of Contents

    Contents Configuring MCE ························································································································································· 1   MCE overview ··································································································································································· 1   MPLS L3VPN overview ············································································································································· 1   MPLS L3VPN concepts ············································································································································· 2   MCE ··········································································································································································· 3   How MCE works ······················································································································································ 4   Configuring VPN instances on an MCE device ············································································································· 4  ...

  • Page 8: Configuring Mce

    Configuring MCE This chapter covers Multi-VPN-Instance CE (MCE) configuration only. For information about routing protocols, see Layer 3—IP Services Configuration Guide. MCE overview MPLS L3VPN overview MPLS L3VPN is a PE-based L3VPN technology. It uses BGP to advertise VPN routes and uses MPLS to forward VPN packets over the service provider backbone.

  • Page 9: Mpls L3Vpn Concepts

    After a CE establishes an adjacency with a directly connected PE, it advertises its VPN routes to the PE and learns remote VPN routes from the PE. A CE and a PE can use BGP, an IGP, or static routing to exchange routing information.

  • Page 10: Mce

    Figure 2 VPN-IPv4 address structure The MCE device does not support advertising VPN routes through MP-BGP. However, to run BGP VPN instances on the MCE device, you must configure a unique RD for each VPN instance to distinguish between the VPN instances. An RD can be in one of the following formats distinguished by a 2-byte Type field: When the value of the Type field is 0, the Administrator subfield occupies two bytes, the Assigned •...

  • Page 11: How Mce Works

    For better services and higher security, a private network is usually divided into multiple VPNs to isolate services. To meet these requirements, you can configure a CE for each VPN, which increases device expenses and maintenance costs. Or, you can configure multiple VPNs to use the same CE and the same routing table, which sacrifices data security.
  • Page 12 Creating a VPN instance You can configure a description for a VPN instance to record its related information, such as its relationship with a certain VPN. To create and configure a VPN instance: Step Command Remarks Enter system view. system-view Create a VPN instance and By default, no VPN instance is ip vpn-instance vpn-instance-name...

  • Page 13: Configuring Routing On An Mce Device

    Step Command Remarks Enter system view. system-view Enter VPN instance view. ip vpn-instance vpn-instance-name (Optional) Enter IPv4 VPN ipv4-family view. vpn-target vpn-target&<1-8> Configure route targets for the By default, no route target is [ both | export-extcommunity | VPN instance. configured for the VPN instance.

  • Page 14: Configuring Routing Between An Mce And A Vpn Site

    Configure the link layer and network layer protocols on related interfaces to ensure IP connectivity. • Configuring routing between an MCE and a VPN site Configuring static routing between an MCE and a VPN site An MCE can reach a VPN site through a static route. Static routing on a traditional CE is globally effective and thus does not support address overlapping among VPNs.
  • Page 15 For more information about RIP, see Layer 3—IP Routing Configuration Guide. Configuring OSPF between an MCE and a VPN site An OSPF process can belong to a single VPN instance. If you create an OSPF process without binding it to a VPN instance, the process belongs to the public network. Binding OSPF processes to VPN instances can isolate routes of different VPNs.
  • Page 16 VPN routes. loops. To avoid such routing loops, you can configure route tags for VPN instances on an MCE. H3C recommends configuring the same route tag for the same VPN on the MCEs. import-route protocol [ process-id...
  • Page 17 Step Command Remarks import-route { isis [ process-id ] | By default, IS-IS does not ospf [ process-id ] | rip redistribute routes of any other [ process-id ] | bgp [ allow-ibgp ] | routing protocol. (Optional.) Redistribute direct | static } [ cost cost | remote site routes advertised If you do not specify the route level cost-type { external | internal } |...

  • Page 18: Configuring Routing Between An Mce And A Pe

    Step Command Remarks filter-policy { acl-number | (Optional.) Configure a prefix-list ip-prefix-name } export By default, BGP does not filter filtering policy to filter [ direct | isis process-id | ospf advertised routes. advertised routes. process-id | rip process-id | static ] (Optional.) Configure a filter-policy { acl-number |...
  • Page 19 Configuring static routing between an MCE and a PE Step Command Remarks Enter system view. system-view ip route-static vpn-instance s-vpn-instance-name dest-address { mask | mask-length } { next-hop-address [ public ] [ track track-entry-number ] | interface-type Configure a static route interface-number [ next-hop-address ] | vpn-instance By default, no static for a VPN instance.
  • Page 20 VPN routes. loops. To avoid such routing loops, you can configure route tags for VPN instances on an MCE. H3C recommends configuring the same route tag for the same VPN on the MCEs. import-route protocol [ process-id...
  • Page 21 Configuring IS-IS between an MCE and a PE Step Command Remarks Enter system view. system-view Create an IS-IS process isis [ process-id ] vpn-instance for a VPN instance and vpn-instance-name enter IS-IS view. Configure a network network-entity net By default, no NET is configured. entity title.

  • Page 22: Displaying Information About Mce

    Step Command Remarks (Optional.) Configure a filter-policy { acl-number | By default, BGP does not filter the filtering policy to filter the prefix-list ip-prefix-name } import received routes. received routes. For more information about BGP, see Layer 3—IP Routing Configuration Guide. Displaying information about MCE Execute display commands in any view.
  • Page 23 Figure 4 Network diagram VPN 2 Site 1 CE 1 PE 2 PE 1 XGE1/0/1 Vlan-int30: 30.1.1.2/24 Vlan-int40: 40.1.1.2/24 PE 3 CE 2 XGE1/0/3 VPN 1 VPN 1 Vlan-int30: 30.1.1.1/24 XGE1/0/1 192.168.0.0/24 Site 2 Vlan-int40: 40.1.1.1/24 Vlan-int10 XGE1/0/2 VR 1 10.214.10.3/24 Vlan-int20 10.214.20.3/24...
  • Page 24 [MCE-Vlan-interface10] ip binding vpn-instance vpn1 [MCE-Vlan-interface10] ip address 10.214.10.3 24 # Configure VLAN 20, add port Ten-GigabitEthernet 1/0/2 to VLAN 20, bind VLAN-interface 20 with VPN instance vpn2, and specify an IP address for VLAN-interface 20. [MCE-Vlan-interface10] quit [MCE] vlan 20 [MCE-vlan20] port Ten-GigabitEthernet 1/0/2 [MCE-vlan20] quit [MCE] interface vlan-interface 20...
  • Page 25 127.0.0.0/32 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 192.168.0.0/24 Static 60 10.214.10.2 Vlan10 224.0.0.0/4 Direct 0 0.0.0.0 NULL0 224.0.0.0/24 Direct 0 0.0.0.0 NULL0 255.255.255.255/32 Direct 0 127.0.0.1 InLoop0 The output shows that the MCE has a static route for VPN instance vpn1. # Run OSPF in VPN 2.
  • Page 26 The output shows that the MCE has learned the private routes of VPN 2. The MCE maintains the routes of VPN 1 and those of VPN 2 in two different routing tables. In this way, routes from different VPNs are separated. Configure routing between MCE and PE 1: # The MCE uses port Ten-GigabitEthernet 1/0/3 to connect to PE's port Ten-GigabitEthernet 1/0/1.
  • Page 27 [PE1-Vlan-interface40] quit # Configure the IP address of the interface Loopback 0 as 101.101.10.1 for the MCE and as 100.100.10.1 for PE 1. Specify the loopback interface address as the router ID for the MCE and PE 1. (Details not shown.) # Enable OSPF process 10 on the MCE, bind the process to VPN instance vpn1, disable OSPF routing loop detection, and set the domain ID to 10.

  • Page 28: Using Bgp To Advertise Vpn Routes To The Pe

    [PE1] display ip routing-table vpn-instance vpn2 Destinations : 13 Routes : 13 Destination/Mask Proto Cost NextHop Interface 0.0.0.0/32 Direct 0 127.0.0.1 InLoop0 40.1.1.0/24 Direct 0 40.1.1.2 Vlan40 40.1.1.0/32 Direct 0 40.1.1.2 Vlan40 40.1.1.2/32 Direct 0 127.0.0.1 InLoop0 40.1.1.255/32 Direct 0 40.1.1.2 Vlan40 127.0.0.0/8...
  • Page 29 Figure 5 Network diagram VPN 2 Site 1 CE 1 PE 2 PE 1 XGE1/0/1 Vlan-int30: 30.1.1.2/24 Vlan-int40: 40.1.1.2/24 PE 3 CE 2 XGE1/0/3 VPN 1 VPN 1 Vlan-int30: 30.1.1.1/24 XGE1/0/1 192.168.0.0/24 Site 2 Vlan-int40: 40.1.1.1/24 Vlan-int10 XGE1/0/2 VR 1 10.214.10.3/24 Vlan-int20 10.214.20.3/24...
  • Page 30 10.214.10.0/32 Direct 0 10.214.10.3 Vlan10 10.214.10.3/32 Direct 0 127.0.0.1 InLoop0 10.214.10.255/32 Direct 0 10.214.10.3 Vlan10 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.0/32 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 192.168.0.0/24 OSPF 10.214.10.2 Vlan10 224.0.0.0/4 Direct 0 0.0.0.0 NULL0...
  • Page 31 [PE1] bgp 200 [PE1-bgp] ip vpn-instance vpn1 [PE1-bgp-vpn1] peer 30.1.1.1 as-number 100 [PE1-bgp-vpn1] ipv4-family [PE1-bgp-ipv4-vpn1] peer 30.1.1.1 enable [PE1-bgp-ipv4-vpn1] quit [PE1-bgp-vpn1] quit [PE1-bgp] quit # On PE 1, display the routing information of VPN instance vpn1. [PE1] display ip routing-table vpn-instance vpn1 Destinations : 13 Routes : 13 Destination/Mask...
  • Page 32 Now, the MCE has redistributed the OSPF routes of the two VPN instances into the EBGP routing tables of PE 1.

  • Page 33: Configuring Ipv6 Mce

    Configuring IPv6 MCE This chapter describes how to configure the IPv6 MCE function. Overview In MPLS L3VPN networks, MCE uses static routes or dynamic routing protocols to advertise IPv4 routes between internal networks and PEs and forwards IPv4 packets. In IPv6 MPLS L3VPN networks, IPv6 MCE uses IPv6 static routes and dynamic routing protocols to advertise IPv6 routes between internal networks and PEs and forwards IPv6 packets.

  • Page 34: Configuring Route Attributes For A Vpn Instance

    Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Associate the current interface ip binding vpn-instance By default, no VPN instance is with a VPN instance. vpn-instance-name associated with an interface. NOTE: The ip binding vpn-instance command deletes the IPv6 address of the current interface. You must reconfigure an IPv6 address for the interface after configuring the command.

  • Page 35: Configuring Routing On An Ipv6 Mce Device

    Step Command Remarks By default, routes to be advertised are not filtered. (Optional.) Apply an export Make sure the routing policy export route-policy route-policy routing policy. already exists. Otherwise, the device does not filter routes to be advertised. NOTE: • Route related attributes configured in VPN instance view are applicable to both IPv4 VPNs and IPv6 VPNs.
  • Page 36 Step Command Remarks By default, no IPv6 ipv6 route-static vpn-instance static route is s-vpn-instance-name ipv6-address prefix-length configured. { interface-type interface-number Perform this Configure an IPv6 static route [ next-hop-address ] | nexthop-address [ public ] configuration on the for an IPv6 VPN instance. | vpn-instance d-vpn-instance-name IPv6 MCE.
  • Page 37 By configuring OSPFv3 process-to-IPv6 VPN instance bindings on an IPv6 MCE, you allow routes of different IPv6 VPNs to be exchanged between the IPv6 MCE and the sites through different OSPFv3 processes, ensuring the separation and security of IPv6 VPN routes. For more information about OSPFv3, see Layer 3—IP Routing Configuration Guide.
  • Page 38 Step Command Remarks By default, no routes from any other routing protocol are ipv6 import-route protocol redistributed to IPv6 IS-IS. (Optional.) Redistribute [ process-id ] [ allow-ibgp ] [ cost remote site routes advertised cost | [ level-1 | level-1-2 | If you do not specify the route level by the PE.

  • Page 39: Configuring Routing Between An Ipv6 Mce And A Pe

    NOTE: After you configure an IPv6 BGP VPN instance, the IPv6 BGP route exchange for the IPv6 VPN instance is the same as the normal IPv6 BGP VPN route exchange. For more information about IPv6 Layer 3—IP Routing Configuration Guide BGP, see Configure the VPN site: Step...
  • Page 40 Step Command Remarks If you do not specify a (Optional.) Configure ipv6 route-static default-preference default preference the default precedence default-preference-value value, the default for IPv6 static routes. preference value is 60. Configuring RIPng between an IPv6 MCE and a PE Step Command Remarks...
  • Page 41 For more information about OSPFv3, see Layer 3—IP Routing Configuration Guide. Configuring IPv6 IS-IS between an IPv6 MCE and a PE Step Command Remarks Enter system view. system-view Create an IS-IS process for an IPv6 VPN isis [ process-id ] vpn-instance instance and enter IS-IS vpn-instance-name view.

  • Page 42: Displaying Information About Ipv6 Mce

    Step Command Remarks import-route protocol [ process-id [ med By default, no route Redistribute VPN routes. med-value | route-policy redistribution is configured. route-policy-name ] * ] filter-policy { acl6-number | prefix-list (Optional.) Configure a ip-prefix-name } export [ direct | isisv6 By default, BGP does not filter filtering policy to filter the process-id | ospfv3 process-id | ripng...
  • Page 43 Figure 6 Network diagram Configuration procedure Assume that the system name of the IPv6 MCE device is MCE, the system names of the edge devices of VPN 1 and VPN 2 are VR1 and VR2, and the system name of PE 1 is PE1. Configure the VPN instances on the MCE and PE 1: # On the MCE, configure VPN instances vpn1 and vpn2, and specify an RD and route targets for each VPN instance.
  • Page 44 # Bind VLAN-interface 10 with VPN instance vpn1, and configure an IPv6 address for the VLAN interface. [MCE] interface vlan-interface 10 [MCE-Vlan-interface10] ip binding vpn-instance vpn1 [MCE-Vlan-interface10] ipv6 address 2001:1::1 64 [MCE-Vlan-interface10] quit # Configure VLAN 20, add port Ten-GigabitEthernet 1/0/2 to VLAN 20, bind VLAN-interface 20 with VPN instance vpn2, and assign an IPv6 address to VLAN-interface 20.
  • Page 45 # On VR 2, assign IPv6 address 2002:1::2/64 to the interface connected to the MCE and 2012::2/64 to the interface connected to VPN 2. (Details not shown.) # Configure RIPng, and advertise subnets 2012::/64 and 2002:1::/64. <VR2> system-view [VR2] ripng 20 [VR2-ripng-20] quit [VR2] interface vlan-interface 20 [VR2-Vlan-interface20] ripng 20 enable...
  • Page 46 Destination: 2002:1::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 2012::/64 Protocol : RIPng NextHop : FE80::20F:E2FF:FE3E:9CA2 Preference: 100 Interface : Vlan20 Cost Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost The output shows that the MCE has learned the private route of VPN 2.

  • Page 47: Verifying The Configuration

    [PE1] interface vlan-interface 30 [PE1-Vlan-interface30] ip binding vpn-instance vpn1 [PE1-Vlan-interface30] ipv6 address 30::2 64 [PE1-Vlan-interface30] quit # On PE 1, create VLAN 40 and VLAN-interface 40, bind VLAN-interface 40 with VPN instance vpn2 and configure an IPv6 address for the VLAN-interface 40. [PE1] vlan 40 [PE1-vlan40] quit [PE1] interface vlan-interface 40...
  • Page 48 Destination: 30::2/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 2012:1::/64 Protocol : OSPFv3 NextHop : FE80::202:FF:FE02:2 Preference: 150 Interface : Vlan30 Cost Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost The output shows that PE 1 has learned the private route of VPN 1 through OSPFv3.

  • Page 49: Index

    Index IPv6 static routing between IPv6 MCE and VPN site, address IS-IS between MCE and PE, address space overlapping (MPLS L3VPN), IS-IS between MCE and VPN site, associating MCE, VPN instance with interface (IPv6 MCE), MCE and PE static routing, VPN instance with interface (MCE), OSPF between MCE and PE, attribute...
  • Page 50 associating VPN with interface (IPv6 MCE), configuring VPN instance, associating VPN with interface (MCE), configuring VPN instance route related attribute, configuring VPN instance (IPv6 MCE), creating VPN instance, configuring VPN instance (MCE), displaying, configuring VPN route related attribute (IPv6 IPv6 MCE (IPv6 MPLS L3VPN), MCE), IS-IS configuring VPN route related attribute...
  • Page 51 overview, configuring RIPng between IPv6 MCE and VPN site, route target attribute (BGP extended attribute), configuring static routing between MCE and PE, site, configuring static routing between MCE and VPN VPN instance, site, VPN-IPv4 address, configuring VPN instance (IPv6 MCE), MPLS L3VPN device type configuring VPN instance (MCE), configuring VPN instance route related attribute...
  • Page 52 configuring IPv6 IS-IS between IPv6 MCE and configuring EBGP between IPv6 MCE and PE, configuring EBGP between IPv6 MCE and VPN configuring IPv6 IS-IS between IPv6 MCE and site, VPN site, configuring EBGP between MCE and PE, configuring IPv6 static routing between IPv6 configuring EBGP between MCE and VPN site, MCE and PE, configuring IPv6 IS-IS between IPv6 MCE and...
  • Page 53 configuring IPv6 static routing between IPv6 configuring RIPng between IPv6 MCE and VPN MCE and PE, site, configuring IPv6 static routing between IPv6 configuring static routing between MCE and PE, MCE and VPN site, configuring static routing between MCE and VPN configuring static routing between MCE and site, creating instance (IPv6 MCE),...

This manual is also suitable for:

S5830v2

Table of Contents