Page 1 Quidway S9300 Terabit Routing Switch V100R001C02 Configuration Guide - VPN Issue Date 2009-08-20 Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.
Page 2 Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. For any assistance, please contact our local office or company headquarters. Huawei Technologies Co., Ltd. Address: Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China Website: http://www.huawei.com...
Page 3: Table Of Contents
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN Contents Contents About This Document........................1 1 VPN Tunnel Management......................1-1 1.1 Introduction to VPN Tunnels..........................1-2 1.2 VPN Tunnel Features Supported by the S9300....................1-3 1.3 Configuring the Tunnel Interface........................1-5 1.3.1 Establishing the Configuration Task......................1-5 1.3.2 Creating a Tunnel Interface........................1-6...
Page 4 Quidway S9300 Terabit Routing Switch Contents Configuration Guide - VPN 1.8.2 Debugging the VPN Tunnel.........................1-25 1.9 Configuration Examples..........................1-25 1.9.1 Example for Configuring Tunnel Policies for the L3VPN..............1-25 1.9.2 Example for Binding a Tunnel to the Martini L2VPN.................1-39 2 GRE Configuration........................2-1 2.1 Introduction to the GRE Protocol........................2-2...
Page 5 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN Contents 3.4 Configuring Basic BGP/MPLS IP VPN......................3-9 3.4.1 Establishing the Configuration Task....................3-10 3.4.2 Configuring a VPN Instance........................3-11 3.4.3 Binding an Interface to the VPN Instance....................3-11 3.4.4 Configuring Routing Exchange Between PEs..................3-12 3.4.5 Configuring Routing Exchange Between PE and CE................3-13...
Page 6 Quidway S9300 Terabit Routing Switch Contents Configuration Guide - VPN 3.11.1 Establishing the Configuration Task....................3-43 3.11.2 Configuring the Client PE to Establish MP-IBGP Connection with the RR........3-44 3.11.3 Configuring the RR to Establish MP-IBGP Connections with All Client PEs........3-45 3.11.4 Configuring Route Reflection for BGPVPNv4 Routes..............3-46 3.11.5 Checking the Configuration.......................3-47...
Page 7 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN Contents 4.5 Configuring a Martini VLL...........................4-13 4.5.1 Establishing the Configuration Task....................4-13 4.5.2 Enabling MPLS L2VPN........................4-14 4.5.3 Creating a Martini VLL Connection....................4-15 4.5.4 Checking the Configuration.........................4-16 4.6 Configuring a Kompella VLL........................4-17 4.6.1 Establishing the Configuration Task....................4-17 4.6.2 Enabling MPLS L2VPN........................4-18...
Page 8 Quidway S9300 Terabit Routing Switch Contents Configuration Guide - VPN 5.1 Introduction to PWE3............................5-3 5.2 PWE3 Features Supported by the S9300......................5-4 5.3 Configuring the Attributes of a PW Template....................5-11 5.3.1 Establishing the Configuration Task....................5-12 5.3.2 Creating a PW Template........................5-12 5.3.3 Configuring the Attributes for a PW Template..................5-13...
Page 9 6.3.2 Enabling BGP Peers to Exchange VPLS Information................6-8 6.3.3 Creating a VSI and Configuring the BGP Signaling................6-9 6.3.4 (Optional) Configuring Huawei Devices to Communicate with Non-Huawei Devices......6-11 6.3.5 Binding a VSI to an Interface of a CE....................6-12 6.3.6 (Optional) Configuring the Features of Kompella VPLS..............6-12 6.3.7 Checking the Configuration.........................6-13...
Page 10 Quidway S9300 Terabit Routing Switch Contents Configuration Guide - VPN 6.10 Maintaining VPLS............................6-34 6.10.1 Collecting the Statistics of the Traffic on a VPLS PW..............6-34 6.10.2 Checking the Traffic on a VPLS PW....................6-35 6.10.3 Resetting Traffic Statistics.........................6-35 6.10.4 Debugging VPLS..........................6-36 6.10.5 Enabling or Disabling a VSI......................6-36 6.10.6 Clearing MAC Address Entries......................6-37...
Page 11 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN Figures Figures Figure 1-1 Networking diagram of the VPN tunnel binding................1-4 Figure 1-2 Networking diagram for configuring the tunnel policy for the L3VPN...........1-26 Figure 1-3 Networking diagram for configuring the L2VPN tunnel binding............1-39 Figure 2-1 Multiprotocol local network communication over single-protocol backbone network......2-2...
Page 12 Quidway S9300 Terabit Routing Switch Figures Configuration Guide - VPN Figure 4-11 Networking diagram for configuring the inter-AS Kompella VLL Option A........4-77 Figure 4-12 Networking diagram for configuring Martini VLL FRR (asymmetrically connected CEs)..4-87 Figure 4-13 Networking diagram for configuring Kompella VLL FRR (asymmetrically connected CEs)..4-104 Figure 5-1 PWE3 framework..........................5-3...
Page 13: About This Document
S9300 is controlled by the license. By default, the MPLS function is disabled on the S9300. To use the MPLS function of the S9300,buy the license from the Huawei local office. The G24SA and G24CA boards do not support the MPLS VPN function.
Page 14: General Conventions
Quidway S9300 Terabit Routing Switch About This Document Configuration Guide - VPN Chapter Description 1 VPN Tunnel Describes the configurations of tunnel interfaces and tunnel Management policies. 2 GRE Configuration Describes the principles, applications, and configurations of the GRE protocol.
Page 15: Command Conventions
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN About This Document Convention Description Times New Roman Normal paragraphs are in Times New Roman. Boldface Names of files, directories, folders, and users are in boldface. For example, log in as user root.
Page 16: Keyboard Operations
Quidway S9300 Terabit Routing Switch About This Document Configuration Guide - VPN Keyboard Operations The keyboard operations that may be found in this document are defined as follows. Format Description Press the key. For example, press Enter and press Tab.
Page 17 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN About This Document The following information is added: 1.6 Binding the Primary Tunnel for L3VPN 1.7 Binding the Primary Tunnel for L2VPN 1.9.2 Example for Binding a Tunnel to the Martini L2VPN The following information is modified: All configuration examples: mode of adding interface to a VLAN.
Page 19: Vpn Tunnel Management
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management VPN Tunnel Management About This Chapter This chapter describes the configuration procedures of tunnel interfaces and tunnel policies. 1.1 Introduction to VPN Tunnels This section provides an overview of tunnel management, and describes the different types of tunnel policies and their implementation procedure.
Page 20: Introduction To Vpn Tunnels
Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN 1.1 Introduction to VPN Tunnels This section provides an overview of tunnel management, and describes the different types of tunnel policies and their implementation procedure. Dedicated transmission channels, namely, tunnels, can be set up on the backbone networks of virtual private networks (VPNs).
Page 21: Vpn Tunnel Features Supported By The S9300
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management If no tunnel policy is configured, the default tunnel policy is used. By default, an LSP is used and load balancing is not performed among tunnels. That is, only one LSP can be selected.
Page 22: Figure 1-1 Networking Diagram Of The Vpn Tunnel Binding
Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN Tunnel Binding Mode With tunnel binding, a specified TE tunnel can be used for certain VPN services. Tunnel binding can be applied in the following scenarios: VPN primary tunnel binding: The primary tunnel can transmit the service data of only a specified VPN.
Page 23: Configuring The Tunnel Interface
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management 1.3 Configuring the Tunnel Interface This section describes how to configure the tunnel interfaces. These tunnel interfaces are applied to the GRE tunnels and MPLS TE tunnels.
Page 24: Creating A Tunnel Interface
Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN 1.3.2 Creating a Tunnel Interface Context Do as follows on the S9300s at both ends of a tunnel. Procedure Step 1 Run: system-view The system view is displayed.
Page 25: Checking The Configuration
<Quidway> display interface Tunnel 1/0/0 Tunnel1/0/0 current state : UP Line protocol current state : UP Description : HUAWEI, Quidway Series, Tunnel1/0/0 Interface The Maximum Transmit Unit is 1500 bytes Internet Address is 40.1.1.1/24 Encapsulation is TUNNEL, loopback not set Tunnel source 20.1.1.1 (GigabitEthernet1/0/0), destination 30.1.1.2...
Page 26: Configuring The Tunnel Policy Applied To L3Vpn (Select-Sequence)
Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN 300 seconds input rate 31776024 bytes/sec, 31776152 packets/sec 300 seconds output rate 31776024 bytes/sec, 31776152 packets/sec 185 packets input, 19714 bytes 0 input error 184 packets output,...
Page 27: Configuring The Tunnel Policy
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management Pre-configuration Tasks Before configuring a tunnel policy, complete the following tasks: Connecting interfaces and setting the physical parameters of each interface to make the physical layer in Up state Setting the parameters of the link layer protocol and the IP address of the interface to enable the link layer protocol.
Page 28: Applying The Tunnel Policy On L3Vpn
Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN If no tunnel policy is configured for an L3VPN, an LSP is used as the tunnel of the VPN and only one tunnel is used. The number of tunnels carrying out load balancing is subject to licenses.
Page 29: Configuring The Tunnel Policy Applied To L2Vpn (Select-Sequence)
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management --------------------------------------------------------------------- policy1 Run the display ip vpn-instance verbose command, and you can view the tunnel policy applied to VPN instances. For example, in the following information, you can see that VPN instance vpna uses tunnel policy policy1.
Page 30: Establishing The Configuration Task
Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN 1.5.4 Checking the Configuration 1.5.1 Establishing the Configuration Task Applicable Environment By default, the S9300 selects LSPs for a VPN and load balancing is not performed. If load balancing or other types of tunnels are required, you need to configure a tunnel policy and bind the tunnel policy to a tunnel.
Page 31: Applying The Tunnel Policy On Vll
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management The system view is displayed. Step 2 Run: tunnel-policy policy-name A tunnel policy is created and the tunnel policy view is displayed. A tunnel policy corresponds to only one tunnel selection mode. If multiple tunnel selection modes are required, you need to create multiple tunnel policies.
Page 32 Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN Run: mpls static-l2vc destination dest-router-id transmit-vpn-label transmit- label-value receive-vpn-label receive-label-value tunnel-policy policy- name A tunnel policy is applied to an SVC L2VPN VC. VLL in Martini mode Do as follows on the PEs configured with VCs.
Page 33: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management The AC interface view is displayed. Apply the tunnel policy to the PW. To apply the tunnel policy to the dynamic PW, run the mpls l2vc { pw-template –...
Page 34: Binding The Primary Tunnel For L3Vpn
Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN Remote VCCV : Disable Local Frag : Disable Remote Frag : Disable Local Ctrl Word : Disable Remote Ctrl Word : Disable Tunnel Policy : policy1 Traffic Behavior : --...
Page 35: Enabling The Vpn Binding Feature For The Tunnel
Configuring the static routes or an IGP protocol to ensure that the nodes are routable Configuring basic MPLS functions and enabling MPLS TE Configuring the MPLS TE tunnel between PEs (For details, refer to the Quidway S9300 Terabit Routing Switch Configuration Guide - MPLS)
Page 36: Binding The Tunnel Policy To A Vpn
Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN The configuration takes effect. ----End 1.6.3 Binding the Tunnel Policy to a VPN Context Do as follows on the PEs on the two ends of the tunnel.
Page 37: Checking The Configuration
<Quidway> display interface tunnel 1/0/0 Tunnel1/0/0 current state : UP Line protocol current state : UP Description : HUAWEI, Quidway Series, Tunnel1/0/0 Interface, Route Port The Maximum Transmit Unit is 1500 bytes Internet Address is unnumbered, using address of LoopBack1(1.1.1.9/32) Encapsulation is TUNNEL, loopback not set Tunnel destination 2.2.2.9...
Page 38: Binding The Primary Tunnel For L2Vpn
Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN 5 minutes output rate 2952 bits/sec, 2 packets/sec 22894187 packets output, 2958834536 bytes 0 packets output dropped Run the display ip vpn-instance verbose command, and you can view the tunnel policy applied to VPN instances.
Page 39: Enabling The Vpn Binding Feature For The Tunnel
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management Use an MPLS TE tunnel to transmit user data, which optimizes the use of network resources and avoids network congestion caused by unbalanced load. Ensure that L2VPN services are independent of other services and are not affected by other services.
Page 40: Binding The Tunnel Policy To A Vpn
Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN The MPLS TE tunnel interface view is displayed. Step 3 Run: mpls te reserved-for-binding The VPN binding feature is enabled on the tunnel. A tunnel can be used by VPNs only after the VPN binding feature is enabled. The tunnel policy configured with the tunnel select-seq command cannot be applied to the tunnel enabled with the VPN binding.
Page 41: Applying A Tunnel Policy To A Martini Mpls L2Vpn
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management 1.7.4 Applying a Tunnel Policy to a Martini MPLS L2VPN Context When a PE transmits packets to the same destination over different L2VPNs, different tunnel policies are applied and the L2VPNs are bound to different TE tunnels.
Page 42: Maintaining The Vpn Tunnel
<Quidway> display interface Tunnel 1/0/0 Tunnel1/0/0 current state : UP Line protocol current state : UP Description : HUAWEI, Quidway Series, Tunnel1/0/0 Interface, Route Port The Maximum Transmit Unit is 1500 bytes Internet Address is unnumbered, using address of LoopBack1(1.1.1.9/32) Encapsulation is TUNNEL, loopback not set Tunnel destination 2.2.2.9...
Page 43: Debugging The Vpn Tunnel
Information Center Configuration in the Quidway S9300 Terabit Routing Switch Configuration Guide - Device Management. For the description of the debugging commands, refer to the Quidway S9300 Terabit Routing Switch Debugging Reference. Procedure Run the debugging tunnel all [ interface interface-number ] command in the user view to enable the debugging of tunnels.
Page 44: Figure 1-2 Networking Diagram For Configuring The Tunnel Policy For The L3Vpn
Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN and PE2. The bandwidth of one tunnel is 5 Mbit/s and the bandwidth of the other tunnel is 10 Mbit/s. The CEs in VPNA require 10-Mibt/s constant bandwidth for communication; therefore, the tunnel with 10-Mbit/s bandwidth is used by VPNA exclusively to ensure the bandwidth.
Page 45 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management Enable the routing protocol to ensure communication between the PEs. Configure the basic MPLS capability on the S9300s on the backbone network and set up an LSP and two MPLS TE tunnels between the PEs.
Page 46 Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN [PE2-ospf-1-area-0.0.0.0] quit [PE2-ospf-1] quit # By running the display ip routing-table command on the PEs, you can see that the PEs can learn the routes of each other's Loopback1 interface.
Page 47 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management ------------------------------------------------------------------ 1.1.1.1/32 3/NULL 127.0.0.1 Vlanif10/InLoop0 2.2.2.2/32 NULL/3 172.1.1.2 -------/Vlanif10 ------------------------------------------------------------------ TOTAL: 2 Normal LSP(s) Found. TOTAL: 0 Liberal LSP(s) Found. A '*' before an LSP means the LSP is not established A '*' before a Label means the USCB or DSCB is stale Step 3 Set up an MPLS TE tunnel between the PEs.
Page 48 [PE1] display interface tunnel 1/0/2 Tunnel1/0/2 current state : UP Line protocol current state : UP Description : HUAWEI, Quidway Series, Tunnel1/0/2 Interface, Route Port The Maximum Transmit Unit is 1500 bytes Internet Address is unnumbered, using address of LoopBack1(1.1.1.1/32) Encapsulation is TUNNEL, loopback not set Tunnel destination 2.2.2.2...
Page 49 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management 0x1003c cr lsp 2.2.2.2 0x1003d cr lsp 2.2.2.2 0x1001b 2.2.2.2 0x1001c Step 4 Configure VPN instances on each PE and connect the CEs to the PEs. # Configure PE1.
Page 50 Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN [PE1] ip vpn-instance VPNA [PE1-vpn-instance-VPNA] tnl-policy policy1 [PE1-vpn-instance-VPNA] quit # Configure PE2. [PE2] tunnel-policy policy1 [PE2-tunnel-policy-policy1] tunnel binding destination 1.1.1.1 te tunnel1/0/2 [PE2-tunnel-policy-policy1] quit [PE2] ip vpn-instance VPNA...
Page 51 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management [PE1-bgp-af-VPNB] quit [PE1-bgp] quit Configure CE1 [CE1] bgp 65410 [CE1-bgp] peer 10.1.1.2 as-number 100 [CE1-bgp] import-route direct [CE1-bgp] quit Configure CE2 [CE2] bgp 65410 [CE2-bgp] peer 10.2.1.2 as-number 100...
Page 52 Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN # Run the display ip routing-table vpn-instance verbose command on the PEs, and you can see the tunnels used by the VPN routes. # Take the display on PE1 as an example: [PE1] display ip routing-table vpn-instance VPNA 10.3.1.0 verbose...
Page 53 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management mpls te mpls te max-link-bandwidth 20000 mpls te max-reservable-bandwidth 15000 mpls rsvp-te mpls ldp interface Vlanif30 ip binding vpn-instance VPNA ip address 10.1.1.2 255.255.255.252 interface Vlanif20 ip binding vpn-instance VPNB ip address 10.2.1.2 255.255.255.252...
Page 54 Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN mpls-te enable tunnel-policy policy1 tunnel binding destination 2.2.2.2 te Tunnel1/0/2 tunnel-policy policy2 tunnel select-seq cr-lsp lsp load-balance-number 1 return Configuration file of PE2 sysname PE2 vlan batch 10 30 50...
Page 55 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management ip address unnumbered interface loopback1 tunnel-protocol mpls te destination 1.1.1.1 mpls te tunnel-id 11 mpls te bandwidth bc0 5000 mpls te commit interface Tunnel1/0/2 ip address unnumbered interface loopback1 tunnel-protocol mpls te destination 1.1.1.1...
Page 56 Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN return Configuration file of CE2 sysname CE2 vlan batch 20 interface vlanif 20 ip address 10.2.1.1 255.255.255.252 interface GigabitEthernet1/0/2 port hybrid pvid vlan 20 port hybrid untagged vlan 20 bgp 65410 peer 10.2.1.2 as-number 100...
Page 57: Example For Binding A Tunnel To The Martini L2Vpn
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management return 1.9.2 Example for Binding a Tunnel to the Martini L2VPN Networking Requirements As shown in Figure 1-3, Site 1, Site 2, and Site 3 belong to VPNA. The networking requirements...
Page 58 Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN Loopback1 2.2.2.9/32 GigabitEthernet1/0/1 VLANIF 3 GigabitEthernet1/0/3 VLANIF 6 100.3.1.2/24 Loopback1 3.3.3.9/32 GigabitEthernet1/0/1 VLANIF 7 100.1.1.1/24 GigabitEthernet1/0/2 VLANIF 5 100.2.1.1/24 GigabitEthernet1/0/3 VLANIF 6 100.3.1.1/24 GigabitEthernet1/0/2 VLANIF 1 10.1.1.1/24...
Page 59 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management [PE1-GigabitEthernet1/0/1] port hybrid pvid vlan 7 [PE1-GigabitEthernet1/0/1] port hybrid tagged vlan 7 [PE1-GigabitEthernet1/0/1] quit [PE1] interface vlanif 7 [PE1-Vlanif7] ip address 100.1.1.2 24 [PE1-Vlanif7] quit [PE1]isis 1 [PE1-isis-1] network-entity 10.0000.0000.0000.0001.00...
Page 60 Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN [PE1] display ip routing-table Route Flags: R - relied, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 11 Routes : 11 Destination/Mask Proto Cost...
Page 61 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management [P] interface vlanif 6 [P-Vlanif6] mpls [P-Vlanif6] mpls te [P-Vlanif6] mpls rsvp-te [P-Vlanif6] quit # Run the display mpls ldp session command on the PEs, and you can see that LDP peers are set up between PE1 and PE2 and between PE1 and PE3.
Page 62 Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN Step 5 Configure the explicit path of MPLS TE. # You can manually specify a path for MPLS TE, that is, configure an explicit path for MPLS TE.
Page 63 [PE1-Tunnel1/0/0] display this interface Tunnel1/0/0 current state : UP Line protocol current state : UP Description : HUAWEI, Quidway Series, Tunnel1/0/0 Interface, Route Port The Maximum Transmit Unit is 1500 Internet Address is unnumbered, using address of LoopBack1(1.1.1.9/32) Encapsulation is TUNNEL, loopback not set Tunnel destination 2.2.2.9...
Page 64 Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN [PE2-tunnel-policy-policy1] quit [PE2] interface vlanif 2 [PE2-Vlanif2] mpls l2vc 1.1.1.9 100 tunnel-policy policy1 [PE2-Vlanif2] quit # Configure PE3. [PE3] mpls l2vpn [PE3-l2vpn] mpls l2vpn default martini [PE3-l2vpn] quit...
Page 65 [PE1] display interface Tunnel 1/0/0 Tunnel1/0/0 current state : UP Line protocol current state : UP Description : HUAWEI, Quidway Series, Tunnel1/0/0 Interface, Route Port The Maximum Transmit Unit is 1500 Internet Address is unnumbered, using address of LoopBack1(1.1.1.9/32) Encapsulation is TUNNEL, loopback not set Tunnel destination 2.2.2.9...
Page 66 Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN Configuration Files Configuration file of PE1 sysname PE1 vlan batch 1 4 7 mpls lsr-id 1.1.1.9 mpls mpls te mpls rsvp-te mpls te cspf mpls l2vpn mpls l2vpn default martini explicit-path pe1tope2 next hop 100.1.1.1...
Page 67 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management ip address 1.1.1.9 255.255.255.255 isis enable 1 interface Tunnel1/0/0 ip address unnumbered interface LoopBack1 tunnel-protocol mpls te destination 2.2.2.9 mpls te tunnel-id 100 mpls te bandwidth bc0 10000...
Page 68 Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN mpls te mpls te max-link-bandwidth 100000 mpls te max-reservable-bandwidth 80000 mpls rsvp-te interface GigabitEthernet1/0/1 port hybrid pvid vlan 7 port hybrid tagged vlan 7 interface GigabitEthernet1/0/2 port hybrid pvid vlan 5...
Page 69 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 1 VPN Tunnel Management ip address 2.2.2.9 255.255.255.255 isis enable 1 interface Tunnel1/0/0 ip address unnumbered interface LoopBack1 tunnel-protocol mpls te destination 1.1.1.9 mpls te tunnel-id 100 mpls te bandwidth bc0 10000...
Page 70 Quidway S9300 Terabit Routing Switch 1 VPN Tunnel Management Configuration Guide - VPN destination 1.1.1.9 mpls te tunnel-id 100 mpls te bandwidth bc0 20000 mpls te reserved-for-binding mpls te commit tunnel-policy policy1 tunnel binding destination 1.1.1.9 te tunnel1/0/0 return Configuration file of CE1...
Page 71: Gre Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration GRE Configuration About This Chapter This chapter describes the basic knowledge, configuration procedures, and configuration examples for the Generic Routing Encapsulation (GRE) protocol. 2.1 Introduction to the GRE Protocol This section describes the concept and principle of the GRE protocol.
Page 72: Introduction To The Gre Protocol
Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN 2.1 Introduction to the GRE Protocol This section describes the concept and principle of the GRE protocol. GRE is an encapsulation mode in which packets of some network protocols such as IPX are encapsulated and thus can be transmitted on networks supporting other protocols such as IP.
Page 73: Configuring A Gre Tunnel
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration Operating Range of a Hop-Limited Protocol (IPX) on the Network Figure 2-2 Enlarging the operating range on the network IP network IP network IP network Tunnel Figure 2-2, if the hop count between the two terminals is more than 225, the two terminals cannot communicate with each other.
Page 74: Establishing The Configuration Task
Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN 2.3.4 Checking the Configuration 2.3.1 Establishing the Configuration Task Applicable Environment To configure GRE features, you must create a tunnel interface first. This is because most GRE functions are configured on the tunnel interface. If the tunnel interface is deleted, all configurations on the interface are deleted subsequently.
Page 75: Configuring Routes
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration The tunnel encapsulation type is set to GRE. The encapsulation types at the two ends of the tunnel must be the same. Step 4 Run: source { ip-address | interface-type interface-number } The source address or source interface of the tunnel is configured.
Page 76: Checking The Configuration
GRE, rather than the destination address of the tunnel. The next hop is the address of the local tunnel interface. Step 3 For configuration of dynamic routes, refer to the Quidway S9300 Terabit Routing Switch Configuration Guide - IP Routing.
Page 77: Configuring A Gre Tunnel Between Ce And Pe
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration Run the display ip routing-table command, and you can see that the routing table contains the route passing through the tunnel interface. The following is an example: <Quidway> display ip routing-table...
Page 78: Configuring The Gre Tunnel Interface On Ce
Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN Data Number of the GRE tunnel interface specified on the CE Source address or source interface and destination address of the GRE tunnel interface specified on the CE...
Page 79: Configuring The Gre Tunnel Interface On Pe
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration Run the ip address unnumbered interface interface-type interface-number command to configure IP unnumbered for the tunnel interface. ----End 2.4.3 Configuring the GRE Tunnel Interface on PE Context Do as follows on the S9300:...
Page 80: Binding The Tunnel With Vpn To Which Ce Belongs On Pe
Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN 2.4.4 Binding the Tunnel with VPN to Which CE belongs on PE Context Do as follows on the S9300. Procedure Step 1 Run: system-view The system view is displayed.
Page 81: Configuring The Keepalive Function
<Quidway> display interface Tunnel 1/0/0 Tunnel1/0/0 current state : UP Line protocol current state : UP Description : HUAWEI, Quidway Series, Tunnel1/0/0 Interface Route Port,The Maximum Transmit Unit is 1500 Internet Address is 40.1.1.1/24 Encapsulation is TUNNEL, loopback not set Tunnel source 20.1.1.1 (loopback1), destination 30.1.1.2...
Page 82: Enabling The Keep-Alive Function
Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN Data Preparation To configure the Keepalive function, you need the following data. No. Data Interval for sending Keepalive messages Retry times of the unreachable timer 2.5.2 Enabling the Keep-alive Function Context Do as follows on the S9300 that requires the Keepalive function.
Page 83: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration 2.5.3 Checking the Configuration Prerequisite The Keepalive function is enabled on the GRE tunnel. Context CAUTION Debugging affects the performance of the system. Therefore, after the debugging, run the undo debugging all command to disable it immediately.
Page 84: Resetting The Statistics Of A Tunnel Interface
For details on how to enable the debugging, refer to Information Center Configuration in the Quidway S9300 Terabit Routing Switch Configuration Guide - Device Management. For more information about the debugging commands, refer to the Quidway S9300 Terabit Routing Switch Debugging Reference. 2-14 Huawei Proprietary and Confidential Issue 03 (2009-08-20) Copyright ©...
Page 85: Configuration Examples
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration Procedure Step 1 Run the debugging tunnel keepalive command in the user view to enable the keepalive debugging for the GRE tunnel. ----End 2.7 Configuration Examples This section provides several configuration examples of GRE.
Page 86 Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN GigabitEthernet2/0/0 VLANIF 30 10.1.1.2/24 S9300-B GigabitEthernet1/0/0 VLANIF 10 20.1.1.2/24 GigabitEthernet2/0/0 VLANIF 20 30.1.1.1/24 S9300-C GigabitEthernet1/0/0 VLANIF 20 30.1.1.2/24 GigabitEthernet2/0/0 VLANIF 40 10.2.1.2/24 Configuration Roadmap The configuration roadmap is as follows: Run the dynamic routing protocol on the S9300s to implement interconnection.
Page 87 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration [S9300-A-Vlanif10] quit [S9300-A] interface vlanif 30 [S9300-A-Vlanif30] ip address 10.1.1.2 24 [S9300-A-Vlanif30] quit The configurations of S9300-B and S9300-C are similar to the configuration of S9300-A, and are not mentioned here.
Page 88 Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN [S9300-A] ping -a 40.1.1.1 40.1.1.2 PING 40.1.1.2: 56 data bytes, press CTRL_C to break Reply from 40.1.1.2: bytes=56 Sequence=1 ttl=255 time=24 ms Reply from 40.1.1.2: bytes=56 Sequence=2 ttl=255 time=33 ms Reply from 40.1.1.2: bytes=56 Sequence=3 ttl=255 time=48 ms...
Page 89 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration port hybrid untagged vlan 10 interface GigabitEthernet2/0/0 port hybrid pvid vlan 30 port hybrid untagged vlan 30 interface Tunnel1/0/1 ip address 40.1.1.1 255.255.255.0 source 20.1.1.1 destination 30.1.1.2 ospf 1 area 0.0.0.0...
Page 90: Example For Configuring The Dynamic Routing Protocol On The Gre Tunnel
Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN ospf 1 area 0.0.0.0 network 30.1.1.0 0.0.0.255 ip route-static 10.1.1.0 255.255.255.0 Tunnel1/0/1 return 2.7.2 Example for Configuring the Dynamic Routing Protocol on the GRE Tunnel Networking Requirements As shown in Figure 2-6, S9300-A, S9300-B, and S9300-C are on the VPN backbone network.
Page 91 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration Configuration Roadmap The configuration roadmap is as follows: Run IGP on the S9300s on the backbone network (OSPF process 1 is used here). Create GRE tunnels between the S9300s connected with PCs so that data between any two PCs is transmitted through GRE tunnels.
Page 92 Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN [S9300-A] ospf 2 [S9300-A-ospf-2] area 0 [S9300-A-ospf-2-area-0.0.0.0] network 40.1.1.0 0.0.0.255 [S9300-A-ospf-2-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [S9300-A-ospf-2-area-0.0.0.0] quit [S9300-A-ospf-2] quit # Configure S9300-C. [S9300-C] ospf 2 [S9300-C-ospf-2] area 0 [S9300-C-ospf-2-area-0.0.0.0] network 40.1.1.0 0.0.0.255 [S9300-C-ospf-2-area-0.0.0.0] network 10.2.1.0 0.0.0.255...
Page 93 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration port hybrid untagged vlan 10 interface Tunnel1/0/1 ip address 40.1.1.1 255.255.255.0 source 20.1.1.1 destination 30.1.1.2 ospf 1 area 0.0.0.0 network 20.1.1.0 0.0.0.255 ospf 2 area 0.0.0.0 network 40.1.1.0 0.0.0.255 network 10.1.1.0 0.0.0.255...
Page 94: Example For Configuring The Ce To Access A Vpn Through A Gre Tunnel Of The Public Network
Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN ospf 1 area 0.0.0.0 network 30.1.1.0 0.0.0.255 ospf 2 area 0.0.0.0 network 40.1.1.0 0.0.0.255 network 10.2.1.0 0.0.0.255 return 2.7.3 Example for Configuring the CE to Access a VPN Through a...
Page 95 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration S9300-A GigabitEthernet1/0/0 VLANIF 20 30.1.1.2/24 GigabitEthernet2/0/0 VLANIF 30 50.1.1.1/24 Loopback1 1.1.1.9/32 GigabitEthernet1/0/0 VLANIF 30 50.1.1.2/24 GigabitEthernet2/0/0 VLANIF 40 110.1.1.1/24 Tunnel1/0/0 2.2.2.2/24 Loopback1 3.3.3.9/32 GigabitEthernet1/0/0 VLANIF 40 110.1.1.2/24 GigabitEthernet2/0/0 VLANIF 50 11.1.1.2/24...
Page 96 Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN Configure OSPF10 on PE1 and PE2, and then configure MPLS and LDP. The detailed configurations are not mentioned here. Step 2 Configure a routing protocol between CE1, S9300-A, and PE1.
Page 97 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration [PE1] isis 50 vpn-instance vpn1 [PE1-isis-50] network-entity 50.0000.0000.0002.00 [PE1-isis-50] quit [PE1] interface tunnel1/0/0 [PE1-Tunnel1/0/0] isis enable 50 [PE1-Tunnel1/0/0] quit Step 7 Configure the IS-IS route between CE2 and PE2.
Page 98 Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN [PE1] isis 50 [PE1-isis-50] import-route bgp # Configure PE2. [PE2] isis 50 [PE2-isis-50] import-route bgp Step 10 Verify the configuration. # After the configuration, CE1 and CE2 can successfully ping each other.
Page 99 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration interface Tunnel2/0/0 ip address 2.2.2.1 255.255.255.0 tunnel-protocol gre source 30.1.1.1 destination 50.1.1.2 isis enable 50 ospf 20 area 0.0.0.0 network 30.1.1.0 0.0.0.255 return Configuration file of S9300-A sysname S9300-A...
Page 100 Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN interface GigabitEthernet1/0/0 port hybrid pvid vlan 30 port hybrid ubtagged vlan 30 interface GigabitEthernet2/0/0 port hybrid pvid vlan 40 port hybrid ubtagged vlan 40 interface LoopBack1 ip address 1.1.1.9 255.255.255.255...
Page 101 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration mpls ldp interface Vlanif50 ip binding vpn-instance vpn1 ip address 11.1.1.2 255.255.255.0 isis enable 50 interface GigabitEthernet1/0/0 port hybrid pvid vlan 40 port hybrid ubtagged vlan 40 interface GigabitEthernet2/0/0...
Page 102: Example For Configuring The Keepalive Function For Gre
Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN 2.7.4 Example for Configuring the Keepalive Function for GRE Networking Requirements As shown in Figure 2-8, S9300 A and S9300 B are configured with the GRE protocol. The two ends of the GRE tunnel need be configured with the Keepalive function.
Page 103 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 2 GRE Configuration <S9300-A> system-view [S9300-A] interface tunnel 1/0/0 [S9300-A-Tunnel1/0/0] ip address 40.1.1.1 255.255.255.0 [S9300-A-Tunnel1/0/0] tunnel-protocol gre [S9300-A-Tunnel1/0/0] source 20.1.1.1 [S9300-A-Tunnel1/0/0] destination 30.1.1.2 [S9300-A-Tunnel1/0/0] keepalive period 20 retry-times 3 [S9300-A-Tunnel1/0/0] quit Step 3 Configure a tunnel on S9300-B and enable the Keepalive function.
Page 104 Quidway S9300 Terabit Routing Switch 2 GRE Configuration Configuration Guide - VPN ip address 40.1.1.1 255.255.255.0 source 20.1.1.1 destination 30.1.1.2 keepalive period 20 return Configuration file of S9300-B sysname S9300-B vlan batch 20 interface Vlanif20 ip address 30.1.1.2 255.255.255.0 interface GigabitEthernet1/0/0...
Page 105: Bgp/Mpls Ip Vpn Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration BGP/MPLS IP VPN Configuration About This Chapter This chapter describes the principle, application, and configuration of the BGP/MPLS IP VPN. 3.1 Introduction to BGP/MPLS IP VPN This section describes the principle and concepts of BGP/MPLS IP VPN.
Page 106 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN This section describes how to configure BGP route reflection on the VPN backbone layer to reflect VPNv4 routes. 3.12 Configuring Route Reflection to Optimize the VPN Access Layer This section describes how to configure the BGP route reflection on the PE that connect to multiple CEs to reflect the routes of VPN instances.
Page 107: Introduction To Bgp/Mpls Ip Vpn
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration 3.1 Introduction to BGP/MPLS IP VPN This section describes the principle and concepts of BGP/MPLS IP VPN. BGP/MPLS IP VPN is a PE-based L3VPN technology which is a solution of the Provider Provisioned VPN (PPVPN).
Page 108: Figure 3-2 Networking Of Sham Link
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Networking The S9300 supports the VPN route exchange between PEs through MP-BGP. To ensure that a PE and a CE can exchange routes, you can configure the static route, RIP multi-instance, OSPF multi-instance, IS-IS multi-instance, or EBGP.
Page 109: Configuring A Vpn Instance
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration The backbone network is an MPLS network, in which the devices at the backbone layer are fully connected and data is backed up on multiple layers. The devices at the backbone layer are connected through high-speed interfaces.
Page 110: Creating A Vpn Instance
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Configuring routing policies if import or export routing policies need to be applied to the VPN instance Configuring tunnel policies if load balancing is required, or the selection sequence of...
Page 111: Configuring The Attributes Of A Vpn Instance
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration A VPN instance takes effect only after it is configured with an RD. The RDs of different VPN instances on a PE should be different. Before configuring an RD, you can configure only the description.
Page 112: Optional) Applying A Tunnel Policy To A Vpn Instance
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN The export routing policy of the VPN instance is configured. ----End 3.3.4 (Optional) Applying a Tunnel Policy to a VPN Instance Context By default, a VPN instance uses an MPLS LSP as the tunnel and no load balancing is carried out.
Page 113: Configuring Basic Bgp/Mpls Ip Vpn
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration In general, each route is assigned a label (one label per route). When a large number of routes exist, the Incoming Label Map (ILM) needs to maintain a great deal of in-segment entries. This affects the capacity of the device.
Page 114: Establishing The Configuration Task
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN 3.4.1 Establishing the Configuration Task 3.4.2 Configuring a VPN Instance 3.4.3 Binding an Interface to the VPN Instance 3.4.4 Configuring Routing Exchange Between PEs 3.4.5 Configuring Routing Exchange Between PE and CE 3.4.6 Checking the Configuration...
Page 115: Configuring A Vpn Instance
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Data VPN instance data: VPN instance name and RD (Optional) Description of the VPN instance VPN target attributes (Optional) Routing policy that controls transmitting and receiving of VPN routing...
Page 116: Configuring Routing Exchange Between Pes
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Step 3 Run: ip binding vpn-instance vpn-instance-name The interface is bound to the VPN instance. NOTE The ip binding vpn-instance command deletes Layer 3 features such as the IP address and routing protocols configured on the interface.
Page 117: Configuring Routing Exchange Between Pe And Ce
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration The peers are enabled to exchange VPNv4 routing information. ----End 3.4.5 Configuring Routing Exchange Between PE and CE Context Choose one of the following methods to configure a routing policy as required:...
Page 118 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Run: – network ip-address mask The directly connected routes destined for the local CE are advertised. NOTE A PE automatically learns the directly connected routes destined for the local CE. The routes learned by the PE are prior to the routes advertised by the CE through EBGP.
Page 119 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration (Optional) Run: peer { ipv4-address | group-name } ebgp-max-hop [ number ] The maximum number of hops on an EBGP connection is set. Generally, the EBGP peers must be directly connected through physical links. If there are no physical links, run the peer ebgp-max-hop command, by which the EBGP peers are allowed to set up TCP sessions to each other through multiple hops.
Page 120 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN NOTE Compared with a common BGP view, the BGP VPN instance view does not support the following commands: BGP confederation: confederation BGP Graceful Restart: graceful-restart Router ID of a BGP router: router-id...
Page 121 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration The BGP view is displayed. Run: ipv4-family vpn-instance vpn-instance-name The BGP VPN instance view is displayed. Run: import-route static [ med value ] [ route-policy policy-name ] The static route is imported to the routing table of the BGP VPN instance.
Page 122 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN The RIP routes are imported to the routing table of the BGP VPN instance. After the import-route rip command is run in the BGP VPN instance view, the PE imports the VPN routes learned from the connected CE to BGP, and then advertises the routes, which are the VPN IPv4 routes, to the remote PE.
Page 123 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration If the BGP process is not started on the local S9300, the default tag value is 0. – If the BGP process is started on the local S9300, the first two bytes in the tag are –...
Page 124 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN NOTE If the VPN instance is removed, the related OSPF processes are removed. Configuring IS-IS between PE and CE The configuration is performed on the PE. Configure common IS-IS on the CE. The configuration procedure is not described here.
Page 125: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration IS-IS is run on the interface. Run: quit Return to the system view. 10. Run: bgp as-number The BGP view is displayed. 11. Run: ipv4-family vpn-instance vpn-instance-name The BGP VPN instance view is displayed.
Page 126: Establishing The Configuration Task
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN 3.5.4 Associating an Interface with the VPN Instance 3.5.5 Configuring Routing Exchange Between Hub-PE and Spoke-PE 3.5.6 Configuring Routing Exchange Between CE and PE 3.5.7 Checking the Configuration 3.5.1 Establishing the Configuration Task...
Page 127 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration A Spoke-PE needs to be configured with one VPN instance; a Hub-PE needs to be configured with two VPN instances, namely, VPN-in and VPN-out. VPN-in receives and maintains all the VPNv4 routes advertised by Spoke-PEs.
Page 128: Configuring The Route Attributes Of A Vpn Instance
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN To prevent excessive routes from being imported to the PE, set the maximum number of routes supported by a VPN instance. ----End 3.5.3 Configuring the Route Attributes of a VPN Instance...
Page 129: Associating An Interface With The Vpn Instance
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration The export routing policy of the VPN instance is configured. Configuring Spoke-PE Run: system-view The system view is displayed. Run: ip vpn-instance vpn-instance-name The VPN instance view of the VPN-in is displayed.
Page 130: Configuring Routing Exchange Between Hub-Pe And Spoke-Pe
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN The system view is displayed. Step 2 Run: interface interface-type interface-number The view of the interface to be associated is displayed. Step 3 Run: ip binding vpn-instance vpn-instance-name The interface is associated with the VPN instance.
Page 131: Configuring Routing Exchange Between Ce And Pe
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration The BGP VPNv4 address family view is displayed. Step 6 Run: peer peer-address enable The peers are enabled to exchange VPNv4 routing information. ----End 3.5.6 Configuring Routing Exchange Between CE and PE...
Page 132: Configuring Inter-As Vpn Option A
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Procedure Run the display ip routing-table vpn-instance vpn-instance-name command on the Hub- PE to view the routing information about VPN-in and VPN-out. Run the display ip routing-table command on the Hub-CE and Spoke-CEs to view the routing information.
Page 133: Configuring Inter-As Vpn Option A
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Data Preparation To configure inter-AS IP VPN Option A, you need the following data: Data To configure the VPN instance on the PE and the ASBR PE, you need the following...
Page 134: Checking The Configuration
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN 3.6.3 Checking the Configuration Prerequisite The configurations of the Inter-AS VPN Option A function are complete. Procedure Run the display bgp vpnv4 all peer command to check information about the BGP peers on the PE or the ASBR PE.
Page 135: Specifying The U-Pe
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Data Preparation To configure an HoVPN, you need the following data. Data Relation between the U-PE and the S-PE Name of the VPN instance sending default routes to U-PE 3.7.2 Specifying the U-PE...
Page 136: Advertising Default Routes Of A Vpn Instance
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN 3.7.3 Advertising Default Routes of a VPN Instance Context Do as follows on the S-PE. Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: bgp as-number The BGP view is displayed.
Page 137: Configuring The Ospf Sham Link
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Example Run the display ip routing-table command on the CE connected with the U-PE. You can find that there is a default route whose next hop is U-PE, but the route to the network segment where the peer CE resides does not exist.
Page 138: Configuring End Addresses Of A Sham Link
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Data Metric used in the sham link and other link parameters 3.8.2 Configuring End Addresses of a Sham Link Context Do as follows on the two PEs.
Page 139: Creating A Sham Link
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration The system view is displayed. Step 2 Run: bgp as-number The BGP view is displayed. Step 3 Run: ipv4-family vpn-instance vpn-instance-name The BGP VPN instance view is displayed.
Page 140: Checking The Configuration
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN The sham link is configured. By default: The interface cost of the sham link, namely, cost, is 1. dead-interval is 40 seconds. The interval for sending Hello packets, namely, hello-interval, is 10 seconds.
Page 141: Configuring The Multi-Vpn-Instance Ce
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Run the display ospf routing on the CE, and you can find that the routes from the CE to the peer CE are learned and considered as the intra-area routes.
Page 142: Configuring The Ospf Multi-Instance On The Pe
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Data OSPF process ID and router ID used by each service Routes advertised by each OSPF process 3.9.2 Configuring the OSPF Multi-Instance on the PE Context Do as follows on the PE connected to the multi-VPN-instance CE.
Page 143: Configuring The Ospf Multi-Instance On The Multi-Vpn-Instance Ce
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Step 9 Run: ipv4-family vpn-instance vpn-instance-name The BGP VPN instance view is displayed. Step 10 Run: import-route ospf process-id The OSPF multi-instance routes are imported. ----End 3.9.3 Configuring the OSPF Multi-Instance on the Multi-VPN-...
Page 144: Checking The Configuration
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: ospf process-id [ router-id router-id ] vpn-instance vpn-instance-name The OSPF view is displayed.
Page 145: Configuring A Routing Policy
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Pre-configuration Tasks Before configuring VPN FRR, complete the following tasks: Configuring the routing policy on the switches to implement internetworking Generating two unequal-cost routes by configuring different costs or metrics...
Page 146 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: ip vpn-instance vpn-instance-name The VPN instance view is displayed. Step 3 Run: vpn frr route-policy route-policy-name VPN FRR is enabled.
Page 147: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Tag: 0 Priority: 0 Label: 15362 QoSInfo: 0x0 RelayNextHop: 0.0.0.0 Interface: Vlanif10 TunnelID: 0x10002 BkNextHop: 3.3.3.3 BkInterface: BkLabel: 15363 SecTunnelID: 0x0 BkPETunnelID: 0x10001 BkPESecTunnelID: 0x0 3.11 Configuring Route Reflection to Optimize the VPN...
Page 148: Configuring The Client Pe To Establish Mp-Ibgp Connection With The Rr
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Data Local ASN and peer ASN Types and numbers of the interfaces used to set up the TCP connection IP address of the peer 3.11.2 Configuring the Client PE to Establish MP-IBGP Connection...
Page 149: Configuring The Rr To Establish Mp-Ibgp Connections With All Client Pes
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration 3.11.3 Configuring the RR to Establish MP-IBGP Connections with All Client PEs Context Choose one of the following schemes to configure the RR to establish MP-IBGP connections with the client PEs.
Page 150: Configuring Route Reflection For Bgpvpnv4 Routes
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN The system view is displayed. Run: bgp as-number The BGP view is displayed. Run: peer peer-ipv4-address as-number as-number The client PE is configured as the BGP peer of the RR.
Page 151: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration If the RR establishes the MP-IBGP connection with each PE rather than peer group, run the peer peer-ipv4-address reflect-client command multiple times to enable route reflection.
Page 152: Establishing The Configuration Task
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN 3.12.1 Establishing the Configuration Task 3.12.2 Configuring Client CE to Establish IBGP Connections with the RR 3.12.3 Configuring the RR to Establish MP-IBGP Connections with All Client CEs 3.12.4 Configuring Route Reflection for the Routes of the BGP VPN Instance...
Page 153: Configuring The Rr To Establish Mp-Ibgp Connections With All Client Ces
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration The system view is displayed. Step 2 Run: bgp as-number The BGP view is displayed. Step 3 Run: peer peer-ipv4-address as-number as-number The RR is configured as the BGP peer of the client CE.
Page 154: Configuring Route Reflection For The Routes Of The Bgp Vpn Instance
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Run: peer group-name connect-interface interface-type interface-number The interface for establishing the TCP connection is configured. The IP address of the interface must be the same as the MPLS LSR ID. It is recommended that you specify a loopback interface to establish the TCP connection.
Page 155: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: bgp as-number The BGP view is displayed. Step 3 Run: ipv4-family vpn-instance vpn-instance-name The BGP VPN instance view is displayed.
Page 156: Maintaining The Bgp/Mpls Ip Vpn
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Procedure Run the display bgp [ vpnv4 vpn-instance vpn-instance-name ] peer [ ipv4-address | group-name ] verbose command on the RR to view information about the peers of the BGP VPN instance on the RR.
Page 157: Displaying Bgp/Mpls Ip Vpn Information
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration 3.13.1 Displaying BGP/MPLS IP VPN Information Context In routine maintenance, you can run the following commands in any view to display the operating status of BGP/MPLS IP VPNs.
Page 158: Clearing Bgp Statistics Of Vpn Instance
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Example After the VPN configuration, run the ping command with the -vpn-instance vpn-instance- name parameter on PE. You can check whether the PE and the CEs that belong to the same VPN can communicate with each other.
Page 159: Debugging The Bgp/Mpls Ip Vpn
When a BGP/MPLS IP VPN fault occurs, run the following debugging commands in the user view to locate the fault. For the description of the debugging commands, refer to the Quidway S9300 Terabit Routing Switch Debugging Reference. Procedure...
Page 160: Configuration Examples
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Run the debugging bgp update vpn-instance vpn-instance-name peer ip-address [ acl acl-number | ip-prefix ip-prefix-name ] [ receive | send ] [ verbose ] command in the user view to enable the BGP Update packets debugging of VPN instances.
Page 161: Figure 3-3 Networking Diagram For Configuring Bgp/Mpls Ip Vpn
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Figure 3-3 Networking diagram for configuring BGP/MPLS IP VPN AS: 65410 AS: 65430 VPN-A VPN-A GE1/0/0 GE1/0/0 Loopback1 2.2.2.9/32 GE1/0/0 GE1/0/0 GE1/0/0 GE2/0/0 Loopback1 Loopback1 1.1.1.9/32 3.3.3.9/32...
Page 162 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Configure VPN instances on the PEs connected to CEs on the backbone network and bind related VPNs to the interfaces connected to the CEs. Configure OSPF on the PEs to implement interconnection between PEs.
Page 163 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [P-GigabitEthernet1/0/0] port hybrid pvid vlan 30 [P-GigabitEthernet1/0/0] port hybrid untagged vlan 30 [P-GigabitEthernet1/0/0] quit [P] interface GigabitEthernet 2/0/0 [P-GigabitEthernet2/0/0] port hybrid pvid vlan 60 [P-GigabitEthernet2/0/0] port hybrid untagged vlan 60...
Page 164 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN 172.1.1.1/32 Direct 0 127.0.0.1 InLoopBack0 172.1.1.2/32 Direct 0 172.1.1.2 Vlanif30 172.1.1.255/32 Direct 0 127.0.0.1 InLoopBack0 172.2.1.0/24 OSPF 172.1.1.2 Vlanif30 255.255.255.255/32 Direct 0 127.0.0.1 InLoopBack0 [PE1] display ospf peer OSPF Process 1 with Router ID 1.1.1.9...
Page 165 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [PE1] display mpls ldp session LDP Session(s) in Public Network ------------------------------------------------------------------------------ Peer-ID Status SsnRole SsnAge KA-Sent/Rcv ------------------------------------------------------------------------------ 2.2.2.9:0 Operational DU Active 000:00:01 ------------------------------------------------------------------------------ TOTAL: 1 session(s) Found.
Page 166 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN # Configure IP addresses of the interfaces on the CEs according to Figure 3-3. The configuration procedure is not given here. After the configuration, run the display ip vpn-instance verbose command on the PEs, and you can see the configuration of the VPN instances.
Page 167 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [PE1] bgp 100 [PE1-bgp] ipv4-family vpn-instance vpna [PE1-bgp-vpna] peer 10.1.1.1 as-number 65410 [PE1-bgp-vpna] import-route direct [PE1-bgp-vpna] quit [PE1-bgp] ipv4-family vpn-instance vpnb [PE1-bgp-vpnb] peer 10.2.1.1 as-number 65420...
Page 168 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN BGP local router ID : 1.1.1.9 Local AS number : 100 Total number of peers : 3 Peers in established state : 3 Peer MsgRcvd MsgSent...
Page 169 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration --- 10.4.1.1 ping statistics --- 5 packet(s) transmitted 0 packet(s) received 100.00% packet loss ----End Configuration Files Configuration file of PE1 sysname PE1 vlan batch 10 20 30...
Page 170 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN ipv4-family vpn-instance vpna peer 10.1.1.1 as-number 65410 import-route direct ipv4-family vpn-instance vpnb peer 10.2.1.1 as-number 65420 import-route direct ospf 1 area 0.0.0.0 network 172.1.1.0 0.0.0.255 network 1.1.1.9 0.0.0.0...
Page 171 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration vpn-target 222:2 export-extcommunity vpn-target 222:2 import-extcommunity mpls lsr-id 3.3.3.9 mpls mpls ldp interface Vlanif40 ip binding vpn-instance vpna ip address 10.3.1.2 255.255.255.0 interface Vlanif50 ip binding vpn-instance vpnb ip address 10.4.1.2 255.255.255.0...
Page 172 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN interface Vlanif10 ip address 10.1.1.1 255.255.255.0 interface GigabitEthernet1/0/0 port hybrid pvid vlan 10 port hybrid untagged vlan 10 bgp 65410 peer 10.1.1.2 as-number 100 ipv4-family unicast...
Page 173: Example For Configuring Overlapping Addresses In Two Bgp/Mpls Ip Vpns
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration ip address 10.4.1.1 255.255.255.0 interface GigabitEthernet1/0/0 port hybrid pvid vlan 50 port hybrid untagged vlan 50 bgp 65440 peer 10.4.1.2 as-number 100 ipv4-family unicast undo synchronization import-route direct peer 10.4.1.2 enable...
Page 174 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN GigabitEthernet3/0/2 VLANIF 101 34.1.1./24 GigabitEthernet1/0/1 VLANIF 10 12.1.1.2/24 GigabitEthernet2/0/1 VLANIF 20 23.1.1.1/24 GigabitEthernet3/0/1 VLANIF 100 14.1.1.2/24 GigabitEthernet3/0/1 VLANIF 100 34.1.1.2/24 GigabitEthernet3/0/1 VLANIF 101 14.1.1.2/24 GigabitEthernet3/0/1 VLANIF 101 34.1.1.2/24...
Page 175 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration # Configure P. [P] ospf [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0 [P-ospf-1-area-0.0.0.0] network 12.1.1.0 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 23.1.1.0 0.0.0.255 [P-ospf-1-area-0.0.0.0] quit [P-ospf-1] quit # Configure PE2.
Page 176 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN [P] interface vlanif 10 [P-Vlanif10] mpls [P-Vlanif10] mpls ldp [P-Vlanif10] quit [P] interface vlanif 20 [P-Vlanif20] mpls [P-Vlanif20] mpls ldp [P-Vlanif20] quit # Configure PE2. [PE2] mpls lsr-id 3.3.3.9...
Page 177 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [PE1-vpn-instance-vpnb] vpn-target 200:200 import-extcommunity [PE1-vpn-instance-vpnb] quit [PE1] interface vlanif 100 [PE1-Vlanif100] ip binding vpn-instance vpna [PE1-Vlanif100] ip address 14.1.1.1 255.255.255.0 [PE1-Vlanif100] quit [PE1] interface vlanif 101 [PE1-Vlanif101] ip binding vpn-instance vpnb [PE1-Vlanif101] ip address 14.1.1.1 255.255.255.0...
Page 178 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Reply from 14.1.1.2: bytes=56 Sequence=2 ttl=255 time=3 ms Reply from 14.1.1.2: bytes=56 Sequence=3 ttl=255 time=3 ms Reply from 14.1.1.2: bytes=56 Sequence=4 ttl=255 time=3 ms Reply from 14.1.1.2: bytes=56 Sequence=5 ttl=255 time=16 ms --- 14.1.1.2 ping statistics ---...
Page 179 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Take the display on PE1 as an example. [PE1] display ip routing-table vpn-instance vpna Route Flags: R - relay, D - download to fib ------------------------------------------------------------------------------ Routing Tables: vpna...
Page 180 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Output : 0 packets, 0 bytes Unicast: NUnicast: Discard: Error Jumbo ----End Configuration Files Configuration file of PE1 sysname PE1 vlan batch 10 100 101 ip vpn-instance vpna...
Page 181 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration ipv4-family vpn-instance vpna import-route direct ospf 1 area 0.0.0.0 network 172.1.1.0 0.0.0.255 network 1.1.1.9 0.0.0.0 return Configuration file of P sysname P vlan batch 10 20 mpls lsr-id 2.2.2.9...
Page 182 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN interface Vlanif100 ip binding vpn-instance vpna ip address 34.1.1.1 255.255.255.0 interface Vlanif101 ip binding vpn-instance vpnb ip address 34.1.1.1 255.255.255.0 interface Vlanif20 ip address 23.1.1.2 255.255.255.0...
Page 183: Example For Configuring Bgp Asn Substitution
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Configuration file of CE2 sysname CE2 vlan batch 100 interface Vlanif100 ip address 34.1.1.2 255.255.255.0 interface GigabitEthernet3/0/1 port hybrid pvid vlan 100 port hybrid untagged vlan 100 ip route-static 0.0.0.0 0.0.0.0 vlanif 100 34.1.1.2...
Page 184: Figure 3-5 Networking Diagram For Configuring Bgp Asn Substitution
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Figure 3-5 Networking diagram for configuring BGP ASN substitution Loopback1 Loopback1 Loopback1 2.2.2.9/32 3.3.3.9/32 1.1.1.9/32 GE1/0/0 GE2/0/0 GE2/0/0 GE2/0/0 GE1/0/0 GE1/0/0 Backbone GE1/0/0 GE1/0/0 AS 100...
Page 185 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Configure BGP ASN substitution on PEs. Data Preparation To complete the configuration, you need the following data: MPLS LSR-IDs of PE and P VPN instances on PE1 and PE2...
Page 186 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN 10.2.1.2/32 Direct 0 127.0.0.1 InLoopBack0 100.1.1.0/24 1.1.1.9 Vlanif30 200.1.1.0/24 10.2.1.1 Vlanif40 Enable debugging of the BGP Update packets on PE2. The debugging information shows that PE2 advertises the route to 100.1.1.0/24 and the AS path information is "100 600".
Page 187 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Routing Tables: Public Destinations : 10 Routes : 10 Destination/Mask Proto Cost Flags NextHop Interface 10.1.1.0/24 10.2.1.2 Vlanif40 10.2.1.0/24 Direct 0 10.2.1.1 Vlanif40 10.2.1.1/32 Direct 0 127.0.0.1...
Page 188 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN vlan batch 10 20 ip vpn-instance vpn1 route-distinguisher 100:1 vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity mpls lsr-id 1.1.1.9 mpls mpls ldp interface Vlanif10 ip binding vpn-instance vpn1 ip address 10.1.1.2 255.255.255.0...
Page 189 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration mpls mpls ldp interface VLanif 30 ip address ip address 30.1.1.1 255.255.255.0 mpls mpls ldp interface GigabitEthernet1/0/0 port hybrid pvid vlan 20 port hybrid untagged vlan 20...
Page 190: Example For Configuring Hub&Spoke
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN ipv4-family vpnv4 policy vpn-target peer 1.1.1.9 enable ipv4-family vpn-instance vpn1 peer 10.2.1.1 as-number 600 peer 10.2.1.1 substitute-as import-route direct ospf 1 area 0.0.0.0 network 3.3.3.9 0.0.0.0 network 30.1.1.0 0.0.0.255...
Page 191: Figure 3-6 Networking Diagram For Configuring Hub&Spoke
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Figure 3-6 Networking diagram for configuring Hub&Spoke AS: 65430 Hub-CE GE1/0/0 GE2/0/0 GE3/0/0 GE3/0/1 Hub-PE GE2/0/0 GE1/0/0 Loopback1 Loopback1 Loopback1 1.1.1.9/32 3.3.3.9/32 2.2.2.9/32 GE2/0/0 GE2/0/0 GE1/0/0...
Page 192 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Configuration Roadmap The configuration roadmap is as follows: Set up MP-IBGP peer relation between the Hub-PE and the Spoke-PE. Do not set up MP- IBGP peer relation between Spoke-PEs.
Page 193 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [Hub-PE-Vlanif20] mpls ldp [Hub-PE-Vlanif20] quit After the configuration, LDP peer relation can be set up between the Hub-PE and the Spoke- PEs. Run the display mpls ldp session command on each S9300, and you can see that the session status is Operational.
Page 194 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN After the configuration, run the display ip vpn-instance verbose command on the PEs, and you can see the configuration of the VPN instances. Each PE can ping the connected CEs by using the ping -vpn-instancevpn-name ip-address command.
Page 195 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [Hub-PE-bgp-vpn_out] quit [Hub-PE-bgp] quit After the configuration, run the display bgp vpnv4 all peer command on a PE, and you can find that the BGP peer relation between the PE and CE is in Established state.
Page 196 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN traceroute to 120.1.1.1(120.1.1.1) 30 hops max,40 bytes packet 1 100.1.1.2 24 ms 19 ms 11 ms 2 110.2.1.2 87 ms 60 ms 58 ms 3 110.2.1.1 59 ms...
Page 197 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration label advertise non-null mpls ldp interface Vlanif10 ip address 10.1.1.1 255.255.255.0 mpls mpls ldp interface Vlanif50 ip binding vpn-instance vpna ip address 100.1.1.2 255.255.255.0 interface GigabitEthernet1/0/0...
Page 198 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN interface Vlanif60 ip binding vpn-instance vpna ip address 120.1.1.2 255.255.255.0 interface GigabitEthernet1/0/0 port hybrid pvid vlan 60 port hybrid untagged vlan 60 interface GigabitEthernet2/0/0 port hybrid pvid vlan 20...
Page 199 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration interface Vlanif40 ip address 110.2.1.1 255.255.255.0 interface GigabitEthernet1/0/0 port hybrid pvid vlan 30 port hybrid untagged vlan 30 interface GigabitEthernet2/0/0 port hybrid pvid vlan 40 port hybrid untagged vlan 40 bgp 65430 peer 110.1.1.2 as-number 100...
Page 200: Example For Configuring Inter-As Vpn Option A
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN interface GigabitEthernet3/0/0 port hybrid pvid vlan 30 port hybrid untagged vlan 30 interface GigabitEthernet3/0/1 port hybrid pvid vlan 40 port hybrid untagged vlan 40 interface LoopBack1 ip address 2.2.2.9 255.255.255.255...
Page 201: Figure 3-7 Networking Diagram For Configuring Inter-As Vpn Option A
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Figure 3-7 Networking diagram for configuring inter-AS VPN Option A BGP/MPLS Backbone BGP/MPLS Backbone Loopback1 Loopback1 AS 200 AS 100 2.2.2.9/32 3.3.3.9/32 VLAN 12 GE1/0/0 GE2/0/0...
Page 202 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN The OSPF protocol is used in this example and the configuration procedure is not mentioned here. NOTE The 32-bit loopback interface address used as the LSR ID must be advertised by OSPF.
Page 203 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [PE2] mpls ldp [PE2-mpls-ldp] quit [PE2] interface vlanif 22 [PE2-Vlanif22] mpls [PE2-Vlanif22] mpls ldp [PE2-Vlanif22] quit After the configuration, the LDP peer relation can be set up between the PE and ASBR in the same AS.
Page 204 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN [ASBR-PE1] bgp 100 [ASBR-PE1-bgp] peer 1.1.1.9 as-number 100 [ASBR-PE1-bgp] peer 1.1.1.9 connect-interface loopback 1 [ASBR-PE1-bgp] ipv4-family vpnv4 [ASBR-PE1-bgp-af-vpnv4] peer 1.1.1.9 enable [ASBR-PE1-bgp-af-vpnv4] quit [ASBR-PE1-bgp] quit NOTE The configurations on CE2, PE2, and ASBR-PE2 are similar to the configurations on CE1, PE1 and ASBR- PE1 and are not mentioned here.
Page 205 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [ASBR-PE1-bgp-vpn1] peer 192.1.1.2 as-number 200 [ASBR-PE1-bgp-vpn1] import-route direct [ASBR-PE1-bgp-vpn1] quit [ASBR-PE1-bgp] quit # On ASBR-PE2, set up an EBGP peer relation between ASBR-PE2 and ASBR-PE1. [ASBR-PE2] bgp 200 [ASBR-PE2-bgp] ipv4-family vpn-instance vpn1 [ASBR-PE2-bgp-vpn1] peer 192.1.1.1 as-number 100...
Page 206 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Run the display bgp vpnv4 all routing-table command on an ASBR-PE, and you can see the VPNv4 routes on the ASBR-PE. [ASBR-PE1] display bgp vpnv4 all routing-table BGP Local router ID is 2.2.2.9...
Page 207 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration mpls ldp interface Vlanif 10 ip binding vpn-instance vpn1 ip address 10.1.1.2 255.255.255.0 interface Vlanif11 ip address 172.1.1.2 255.255.255.0 mpls mpls ldp interface GigabitEthernet2/0/0 port link-type trunk...
Page 208 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN port trunk allow-pass vlan 12 interface LoopBack1 ip address 2.2.2.9 255.255.255.255 bgp 100 peer 1.1.1.9 as-number 100 peer 1.1.1.9 connect-interface LoopBack1 ipv4-family unicast undo synchronization import-route direct peer 1.1.1.9 enable...
Page 209 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration ipv4-family unicast undo synchronization peer 4.4.4.9 enable ipv4-family vpnv4 policy vpn-target peer 4.4.4.9 enable ipv4-family vpn-instance vpn1 peer 192.1.1.1 as-number 100 import-route direct ospf 1 area 0.0.0.0 network 3.3.3.9 0.0.0.0...
Page 210: Example For Configuring The Hovpn
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN import-route direct ospf 1 area 0.0.0.0 network 4.4.4.9 0.0.0.0 network 162.1.1.0 0.0.0.255 return Configuration file of CE2 sysname CE2 vlan batch 10 interface Vlanif10 ip address 10.2.1.1 255.255.255.0...
Page 211: Figure 3-8 Networking Diagram For Configuring The Hovpn
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Figure 3-8 Networking diagram for configuring the HoVPN Loopback1 Loopback1 2.2.2.9./32 3.3.3.9./32 GE2/0/0 Loopback1 GE1/0/0 GE2/0/0 1.1.1.9./32 GE1/0/0 GE2/0/0 GE1/0/0 AS: 100 GE1/0/0 GE1/0/0 VPN-A VPN-A...
Page 212 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Data Preparation To complete the configuration, you need the following data: IDs of the VLANs that the interfaces of PE and CE belong to, as shown in...
Page 213 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [CE1] bgp 65410 [CE1-bgp] peer 10.1.1.2 as-number 100 [CE1-bgp] import-route direct [CE1-bgp] quit # Configure PE. <PE> system-view [PE] ip vpn-instance vpna [PE-vpn-instance-vpna] route-distinguisher 100:2 [PE-vpn-instance-vpna] vpn-target 1:1...
Page 214 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN [SPE-bgp-af-vpnv4] peer 3.3.3.9 enable [SPE-bgp-af-vpnv4] quit [SPE-bgp] quit # Configure the PE. <PE> system-view [PE] bgp 100 [PE-bgp] peer 2.2.2.9 as-number 100 [PE-bgp] peer 2.2.2.9 connect-interface loopback 1 [PE-bgp] ipv4-family vpnv4 [PE-bgp-af-vpnv4] peer 2.2.2.9 enable...
Page 215 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 7 Routes : 7 Destination/Mask Proto Cost Flags NextHop Interface 10.1.1.0/24 10.2.1.2 Vlanif40 10.2.1.0/24 Direct 0 10.2.1.1 Vlanif40 10.2.1.1/32 Direct 0 127.0.0.1...
Page 216 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN ip vpn-instance vpna route-distinguisher 100:1 vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity mpls lsr-id 1.1.1.9 mpls label advertise non-null mpls ldp interface Vlanif 10 ip address 172.1.1.1 255.255.255.0...
Page 217 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration mpls ldp interface Vlanif10 ip address 172.1.1.2 255.255.255.0 mpls mpls ldp interface Vlanif20 ip address 172.2.1.1 255.255.255.0 mpls mpls ldp interface GigabitEthernet1/0/0 port hybrid pvid vlan 10...
Page 218 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN mpls mpls ldp interface Vlanif40 ip binding vpn-instance vpna ip address 10.2.1.2 255.255.255.0 interface GigabitEthernet1/0/0 port hybrid pvid vlan 40 port hybrid untagged vlan 40 interface GigabitEthernet2/0/0...
Page 219: Example For Configuring The Ospf Sham Link
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration 3.14.7 Example for Configuring the OSPF Sham Link Networking Requirements As shown in Figure 3-9, CE1 and CE2 belong to the same OSPF area of vpn1 and are connected to PE1 and PE2 respectively.
Page 220 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Configuration Roadmap The configuration roadmap is as follows: Set up an MP-IBGP adjacency between the PEs and enable OSPF between the PE and CEs. Create VPN instances on the PEs and bind the instances to the interfaces connected to the CEs.
Page 221 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [S9300-A] interface GigabitEthernet 1/0/0 [S9300-A-GigabitEthernet1/0/0] port hybrid pvid vlan 20 [S9300-A-GigabitEthernet1/0/0] port hybrid untagged vlan 20 [S9300-A-GigabitEthernet1/0/0] quit [S9300-A] interface GigabitEthernet 2/0/0 [S9300-A-GigabitEthernet2/0/0] port hybrid pvid vlan 30...
Page 222 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN [PE1-Vlanif10] ip address 10.1.1.1 24 [PE1-Vlanif10] mpls [PE1-Vlanif10] mpls ldp [PE1-Vlanif10] quit [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] quit...
Page 223 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [PE2-GigabitEthernet2/0/0] quit [PE2] interface loopback 1 [PE2-LoopBack1] ip address 3.3.3.9 32 [PE2-LoopBack1] quit [PE2] mpls lsr-id 3.3.3.9 [PE2] mpls [PE2-mpls] lsp-trigger all [PE2-mpls] quit [PE2] mpls ldp...
Page 224 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN [PE2-ospf-100] import-route bgp [PE2-ospf-100] domain-id 10 [PE2-ospf-100] area 0 [PE2-ospf-100-area-0.0.0.0] network 120.1.1.0 0.0.0.255 [PE2-ospf-100-area-0.0.0.0] quit [PE2-ospf-100] quit [PE2] bgp 100 [PE2-bgp] ipv4-family vpn-instance vpn1 [PE2-bgp-vpn1] import-route direct...
Page 225 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [PE2-ospf-100-area-0.0.0.0] sham-link 6.6.6.6 5.5.5.5 cost 1 [PE2-ospf-100-area-0.0.0.0] quit [PE2-ospf-100] quit Step 5 Verify the configuration. After the configuration, run the display ip routing-table vpn-instance command on the PEs.
Page 226 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN traceroute to 30.1.1.2(30.1.1.2) 30 hops max,40 bytes packet 1 20.1.1.2 80 ms 60 ms 60 ms 2 30.1.1.2 100 ms 90 ms 130 ms Run the display ospf sham-link command on the PEs, and you can see the information about the sham link.
Page 227 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration mpls lsr-id 1.1.1.9 mpls lsp-trigger all mpls ldp interface Vlanif 10 ip address 10.1.1.1 255.255.255.0 mpls mpls ldp interface Vlanif 50 ip binding vpn-instance vpn1 ip address 100.1.1.2 255.255.255.0...
Page 228 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN mpls ldp interface Vlanif 10 ip address 10.1.1.2 255.255.255.0 mpls mpls ldp interface Vlanif 40 ip address 40.1.1.1 255.255.255.0 mpls mpls ldp interface GigabitEthernet1/0/0 port hybrid pvid vlan 10...
Page 229 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration ip binding vpn-instance vpn1 ip address 6.6.6.6 255.255.255.255 bgp 100 peer 1.1.1.9 as-number 100 peer 1.1.1.9 connect-interface LoopBack1 ipv4-family unicast undo synchronization peer 1.1.1.9 enable ipv4-family vpnv4 policy vpn-target peer 1.1.1.9 enable...
Page 230: Example For Configuring The Multi-Vpn-Instance Ce
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN interface vlanif 60 ip address 120.1.1.1 255.255.255.0 interface GigabitEthernet1/0/0 port hybrid pvid vlan 60 port hybrid untagged vlan 60 interface GigabitEthernet2/0/0 port hybrid pvid vlan 30...
Page 231: Figure 3-10 Networking Diagram For Configuring Multi-Vpn-Instance Ce
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Figure 3-10 Networking diagram for configuring multi-VPN-instance CE vpna vpna GE1/0/0 GE1/0/0 Loopback1 2.2.2.9./32 GE1/0/0 GE3/0/0 vpna GE2/0/0 GE1/0/0 GE3/0/0 Loopback1 1.1.1.9./32 GE1/0/0 vpnb GE3/0/0 GE2/0/0...
Page 232 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Set up an EBGP adjacency between PE and the connected CE to import the VPN routes to the VPN routing table of PE. Configure OSPF multi-instance between MCE and PE2 to exchange VPN routing information.
Page 233 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration NOTE The PE devices are directly connected In this example, you need to run label advertise command to enables the egress node to assign labels normally to the penultimate hop.
Page 234 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN [PE2] ip vpn-instance vpnb [PE2-vpn-instance-vpnb] route-distinguisher 200:2 [PE2-vpn-instance-vpnb] vpn-target 222:2 both [PE2-vpn-instance-vpnb] quit [PE2] interface vlanif 50 [PE2-Vlanif50] ip binding vpn-instance vpna [PE2-Vlanif50] ip address 192.1.1.1 24...
Page 235 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration BGP local router ID : 1.1.1.9 Local AS number : 100 Total number of peers : 1 Peers in established state : 1 Peer MsgRcvd MsgSent...
Page 236 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN [CE3] vlan 60 [CE3] interface gigabitEthernet1/0/0 [CE3-GigabitEthernet1/0/0] port hybrid pvid vlan 60 [CE3-GigabitEthernet1/0/0] port hybrid untagged vlan 60 [CE3-GigabitEthernet1/0/0] quit [CE3]interface vlanif 60 [CE3-Vlanif60]ip address 10.3.1.1 24...
Page 237 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration ------------------------------------------------------------------------------ Routing Tables: vpna Destinations : 5 Routes : 5 Destination/Mask Proto Cost Flags NextHop Interface 10.1.1.0/24 Direct 0 10.1.1.2 vlanif10 10.1.1.1/32 Direct 0 10.1.1.1 vlanif10 10.1.1.2/32...
Page 238 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN undo synchronization import-route direct peer 10.1.1.2 enable return Configuration file of CE2 sysname CE2 vlan batch 20 interface vlanif20 ip address 10.2.1.1 255.255.255.0 interface GigabitEthernet1/0/0 port hybrid pvid vlan 20...
Page 239 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration port hybrid untagged vlan 20 interface GigabitEthernet3/0/0 port hybrid pvid vlan 30 port hybrid untagged vlan 30 interface LoopBack1 ip address 1.1.1.9 255.255.255.255 bgp 100 peer 2.2.2.9 as-number 100 peer 2.2.2.9 connect-interface LoopBack1...
Page 240 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN ip address 192.2.1.1 255.255.255.0 interface LoopBack1 ip address 2.2.2.9 255.255.255.255 interface GigabitEthernet1/0/0 port hybrid pvid vlan 30 port hybrid untagged vlan 30 interface GigabitEthernet2/0/0 port hybrid pvid vlan 50...
Page 241 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration ip address 192.2.1.2 255.255.255.0 interface vlanif50 ip binding vpn-instance vpna ip address 192.1.1.2 255.255.255.0 interface vlanif60 ip binding vpn-instance vpna ip address 10.3.1.2 255.255.255.0 interface vlanif70 ip binding vpn-instance vpnb ip address 10.4.1.2 255.255.255.0...
Page 242: Example For Configuring Vpn Frr
Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN network 10.0.0.0 import-route direct return Configuration file of CE4 sysname CE4 vlan batch 70 interface vlanif70 ip address 10.4.1.1 255.255.255.0 interface GigabitEthernet1/0/0 port hybrid pvid vlan 70...
Page 243 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration GigabitEthernet2/0/0 VLANIF 20 10.1.1.2/30 Loopback1 2.2.2.2/32 GigabitEthernet1/0/0 VLANIF 30 100.2.1.2/30 GigabitEthernet2/0/0 VLANIF 40 10.2.1.2/30 Loopback1 3.3.3.3/32 GigabitEthernet1/0/0 VLANIF 20 10.1.1.1/30 GigabitEthernet2/0/0 VLANIF 40 10.2.1.1/30 GigabitEthernet1/0/0 VLANIF 50 10.3.1.1/24...
Page 244 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN <PE1> system-view [PE1] mpls lsr-id 1.1.1.1 [PE1] mpls [PE1-mpls] label advertise non-null [PE1-mpls] quit [PE1] mpls ldp [PE1-mpls-ldp] quit [PE1] interface vlanif 10 [PE1-Vlanif10] mpls [PE1-Vlanif10] mpls ldp...
Page 245 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [PE2] ip vpn-instance vpn1 [PE2-vpn-instance-vpn1] route-distinguisher 100:2 [PE2-vpn-instance-vpn1] vpn-target 111:1 [PE2-vpn-instance-vpn1] quit [PE2] interface vlanif 20 [PE2-Vlanif20] ip binding vpn-instance vpn1 [PE2-Vlanif20] ip address 10.1.1.2 30 [PE2-Vlanif20] quit # Configure PE3.
Page 246 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN Peer of vpn instance : vpn instance vpn1 : 10.1.1.1 4 65410 0 00:37:41 Established Step 7 Set up an MP-IBGP adjacency between the PEs. # Configure PE1.
Page 247 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Destination: 10.3.1.0/24 Protocol: BGP Process ID: 0 Preference: 255 Cost: 0 NextHop: 3.3.3.3 Neighbour: 3.3.3.3 State: Inactive Adv GotQ Age: 00h17m56s Tag: 0 Priority: 0 Label: 15362 QoSInfo: 0x0 RelayNextHop: 0.0.0.0...
Page 248 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN route-distinguisher 100:1 vpn frr route-policy vpn_frr_rp vpn-target 111:1 export-extcommunity vpn-target 111:1 import-extcommunity mpls lsr-id 1.1.1.1 mpls label advertise non-null mpls ldp interface Vlanif10 ip address 100.1.1.1 255.255.255.252...
Page 249 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration ip vpn-instance vpn1 route-distinguisher 100:2 vpn-target 111:1 export-extcommunity vpn-target 111:1 import-extcommunity mpls lsr-id 2.2.2.2 mpls label advertise non-null mpls ldp interface vlanif 10 ip address 100.1.1.2 255.255.255.252...
Page 250 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN mpls ldp interface Vlanif 30 ip address 100.2.1.2 255.255.255.252 mpls mpls ldp interface Vlanif 40 ip binding vpn-instance vpn1 ip address 10.2.1.2 255.255.255.252 interface GigabitEthernet1/0/0 port hybrid pvid vlan 30...
Page 251: Example For Configuring Double Rrs To Optimize Vpn Backbone Layer
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration port hybrid untagged vlan 50 bgp 65410 peer 10.1.1.2 as-number 100 peer 10.2.1.2 as-number 100 ipv4-family unicast undo synchronization network 10.3.1.0 255.255.255.0 import-route direct peer 10.1.1.2 enable peer 10.2.1.2 enable...
Page 252 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN GigabitEthernet3/0/0 VLANIF 50 100.2.4.2/24 Loopback1 4.4.4.9/32 GigabitEthernet1/0/0 VLANIF 10 100.1.2.2/24 GigabitEthernet2/0/0 VLANIF 20 100.2.3.1/24 GigabitEthernet3/0/0 VLANIF 50 100.2.4.1/24 Loopback1 2.2.2.9/32 GigabitEthernet1/0/0 VLANIF 20 100.2.3.2/24 GigabitEthernet2/0/0 VLANIF 30 100.3.4.1/24...
Page 253 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration Convergence priorities of the routes in the VPN instances Name of the RD and name of the routing policy Procedure Configure the VLAN on each interface. The configuration procedure is not given here.
Page 254 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN ---------------------------------------------------------------------- Peer-ID Status SsnRole SsnAge KA-Sent/Rcv ---------------------------------------------------------------------- 2.2.2.9:0 Operational DU Passive 000:00:01 3.3.3.9:0 Operational DU Passive 000:00:00 ---------------------------------------------------------------------- TOTAL: 2 session(s) Found. LAM : Label Advertisement Mode...
Page 255 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration [P2-bgp] ipv4-family vpnv4 [P2-bgp-af-vpnv4] peer P2 enable [P2-bgp-af-vpnv4] peer 1.1.1.9 group P2 [P2-bgp-af-vpnv4] peer 2.2.2.9 group P2 [P2-bgp-af-vpnv4] peer 4.4.4.9 group P2 [P2-bgp-af-vpnv4] quit [P2-bgp] quit # Configure PE2.
Page 256 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN After running the shutdown command in the view of VLANIF 40 on PE1 and the view of VLANIF 50 on PE2, you can see that CE1 can ping CE2. This indicates that the RRs are successfully configured.
Page 257 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration ipv4-family vpn-instance vpna peer 10.1.1.1 as-number 65410 import-route direct ospf 1 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 100.1.2.0 0.0.0.255 network 100.1.3.0 0.0.0.255 return Configuration file of P1...
Page 258 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN undo policy vpn-target peer P1 enable peer P1 reflect-client peer 1.1.1.9 enable peer 1.1.1.9 group P1 peer 3.3.3.9 enable peer 3.3.3.9 group P1 peer 4.4.4.9 enable peer 4.4.4.9 group P1...
Page 259 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration undo peer 4.4.4.9 enable undo peer 1.1.1.9 enable undo peer 2.2.2.9 enable peer P2 enable ipv4-family vpnv4 reflector cluster-id 100 undo policy vpn-target peer P2 enable peer P2 reflect-client peer 1.1.1.9 enable...
Page 260 Quidway S9300 Terabit Routing Switch 3 BGP/MPLS IP VPN Configuration Configuration Guide - VPN ip address 4.4.4.9 255.255.255.255 bgp 100 peer 2.2.2.9 as-number 100 peer 2.2.2.9 connect-interface LoopBack1 peer 3.3.3.9 as-number 100 peer 3.3.3.9 connect-interface LoopBack1 ipv4-family unicast undo synchronization peer 2.2.2.9 enable...
Page 261 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 3 BGP/MPLS IP VPN Configuration undo synchronization peer 10.2.1.2 enable return Issue 03 (2009-08-20) Huawei Proprietary and Confidential 3-157 Copyright © Huawei Technologies Co., Ltd.
Page 263: Vll Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration VLL Configuration About This Chapter This chapter describes the principle, configuration procedure, and configuration examples of the VLL. 4.1 Introduction to VLL This section describes the principles of VLL.
Page 264 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN After the VLL FRR is configured, L2VPN traffic is rapidly switched to the backup path when a fault occurs on the master path. After the fault on the master path is rectified, the L2VPN traffic is switched back to the master path according to the revertive switchover policy.
Page 265: Introduction To Vll
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration 4.1 Introduction to VLL This section describes the principles of VLL. Traditional VPNs are based on Asynchronous Transfer Mode (ATM) or Frame Relay (FR) where different VPNs can share the network structure of carriers. The disadvantages of traditional VPNs are as follows: Traditional VPNs are dependent on media such as ATM or FR.
Page 266: Vll Features Supported By The S9300
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Figure 4-1 VLL model Tunnel MPLS Network AC: refers to the attachment circuit. An AC is an independent link or circuit that connects CE and PE. The AC interface may be a physical interface or a logical interface. The AC attributes include the encapsulation type, MTU and interface parameters of specified link type.
Page 267 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Unlike common VLL, the CCC adopts one label to transfer user data; therefore, it uses the LSP exclusively. The CCC LSPs can only be used to transfer the data of this CCC link, and cannot be used in other VLL links, BGP/MPLS VPN, or used to transfer common IP packets.
Page 268 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Kompella VLL Kompella VLL uses BGP as the signaling protocol to transmit Layer 2 information and VC labels. It implements the L2VPN function in point-to-point (CE to CE) mode on an MPLS network.
Page 269: Configuring A Ccc Vll
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Asymmetrically connected CEs: One CE is connected to a PE through an AC and the other CE is dual-homed to PEs through two ACs, as shown in Figure 4-3.
Page 270: Enabling Mpls L2Vpn
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Configuring the basic MPLS capability on the MPLS backbone network (PEs and P) Data Preparation To configure the CCC L2VPN, you need the following data. Data Name of a CCC connection...
Page 271: Creating A Remote Ccc Connection
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration The system view of the PE is displayed. Step 2 Run: ccc ccc-connection-name interface interface-type interface-number out-interface interface-type interface-number A local CCC connection is created. ----End Postrequisite The local CCC connection is bidirectional; therefore, only one connection is needed.
Page 272: Checking The Configuration
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN MPLS L2VPN need not be enabled on the Ps. When you configure the Ps, specify the IP address of the next hop if the outgoing interface is not a P2P interface (such as an Ethernet interface).
Page 273: Establishing The Configuration Task
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration 4.4.1 Establishing the Configuration Task 4.4.2 Enabling MPLS L2VPN 4.4.3 Creating an SVC VLL Connection 4.4.4 Checking the Configuration 4.4.1 Establishing the Configuration Task Applicable Environment The procedure for configuring the out-label (public network tunnel) of the SVC VLL is the same as the procedure for configuring the out-label of the Martini VLL.
Page 274: Creating An Svc Vll Connection
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Procedure Step 1 Run: system-view The system view of the PE is displayed. Step 2 Run: mpls l2vpn The MPLS L2VPN is enabled. ----End 4.4.3 Creating an SVC VLL Connection Context Do as follows on the PEs on the two ends of the VC.
Page 275: Configuring A Martini Vll
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Run the display l2vpn ccc-interface vc-type static-vc [ down | up ] command to view information about the Up/Down interfaces on the SVC connection. ----End Example Run the display mpls static-l2vc command, and you can see that the VC status is Up. The following is an example: <Quidway>...
Page 276: Enabling Mpls L2Vpn
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN In Martini mode, multiple VC connections can be set up over one LSP between two PEs. Information about the VC labels and LSP is stored on PEs only. The P does not store any L2VPN information;...
Page 277: Creating A Martini Vll Connection
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration 4.5.3 Creating a Martini VLL Connection Context Do as follows on the PEs on the two ends of the VC. Procedure Step 1 Run: system-view The system view is displayed.
Page 278 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN 4.5.4 Checking the Configuration Prerequisite The configurations of the Martini VLL are complete. Procedure Run the display mpls l2vc [ vc-id | interfaceinterface-type interface-number ] command on the PE to view information about the Martini VLL on the local PE.
Page 279: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration 4.6 Configuring a Kompella VLL This section describes how to configure the Kompella VLL, that is, how to implement VLL on the MPLS network in end-to-end (CE-to-CE) mode. The Kompella VLL uses BGP to transmit L2VPN information and VC labels.
Page 280: Enabling Mpls L2Vpn
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Data ASNs of the local PE and the peer PE Name, RD, and VPN target of the L2VPN connection CE name, CE ID, and CE range CE offset 4.6.2 Enabling MPLS L2VPN...
Page 281: Configuring A Vpn
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Step 4 (Optional) Run: peer peer-address connect-interface loopback interface-number An interface is specified to create the TCP connection. This step is required if you use a loopback interface to set up the BGP session. The loopback interface address with a 32-bit mask is recommended to establish the MP-IBGP peer relations between the PEs.
Page 282: Creating A Ce Connection
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Set the MTU of the L2VPN on the PE to be the same as the MTU on the other equipment. Do not check the MTU. Step 5 (Optional) Run: ignore-mtu-match The MTU value is not checked.
Page 283: Optional) Configuring Bgp L2Vpn Features
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration A CE ID is used to uniquely identify a CE in a VPN. It is recommended that the CE IDs are numbered in series starting from 1. The CE range indicates the maximum number of CEs that a local CE can connect. According to the prediction of the VPN expansion, you can configure a CE range larger than what is required.
Page 284 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Establishing MP-IBGP connections with the peer group Add all client PEs to a peer group and set up an MP-IBGP connection with the peer group. Run: system-view The system view is displayed.
Page 285: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration peer { group-name | peer-address } reflect-client The RR and its client are configured. Run: undo policy vpn-target The received VPN targets of the L2VPN label blocks are not filtered.
Page 286: Configuring Inter-As Martini Vll
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN primary or not ---------------------------------------------------------------------------- 3.3.3.9 100:1 Vlanif11 primary Run the display mpls l2vpn [ l2vpn-name [ local-ce | remote-ce ] ] command, and you can see that the RD and the VPN target are correct. The following is an example: <Quidway>...
Page 287: Configuring Inter-As Option A
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Data Preparation To configure the inter-AS Martini L2VPN, you need the following data. Data Mode of the inter-AS VPN ASN of each AS 4.7.2 Configuring Inter-AS Option A...
Page 288: Configuring The Inter-As Kompella Vll
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN VC ID : 100 VC Type : VLAN Destination : 192.3.3.3 Local Group ID Remote Group ID : 0 Local VC Label : 1025 Remote VC Label : 1024...
Page 289: Configuring Inter-As Option A
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Configuring static routes or IGP on the PE or P on the MPLS backbone network of ASs to implement the IP connectivity of the devices in the same AS...
Page 290: Configuring Vll Frr
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Example Run the display bgp l2vpn command, and you can see that the next-hop address is the peer address of the VC and the value of RD is correct. The following is an example: <Quidway>...
Page 291: Establishing The Configuration Task
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration 4.9.1 Establishing the Configuration Task Applicable Environment VLL FRR supported by the S9300 is mainly used in the following networking modes: Asymmetrically connected CEs The CE on one end of the VC accesses the PE of higher reliability through a single reliable link.
Page 292: Optional) Configuring The Revertive Switchover Policy
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Data Preparation To configure VLL FRR, you need the following data. Data Delay for revertively switching traffic when faults are cleared and the delay for advertising fault recovery (by default, the delay for revertively switching traffic is 30 seconds and the delay for advertising fault recovery is 10 seconds.)
Page 293: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration If the Ethernet OAM function is configured on the interface that connects the PE to a CE, and the revertive switchover policy is configured, then the value of resume-time cannot be 0.
Page 294 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN create time : 0 days, 0 hours, 12 minutes, 47 seconds up time : 0 days, 0 hours, 2 minutes, 11 seconds last change time : 0 days, 0 hours, 2 minutes, 11 seconds...
Page 295 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration peer id: 3.3.3.3 route-distinguisher: 100:2 local vc label: 25602 remote vc label: 25601 tunnel policy: primary or secondary: primary forwardEntry exist or not: true forward entry active or not:true...
Page 296: Maintaining The Vll
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN 4.10 Maintaining the VLL This section describes how to clear the operating status of VLL, reset BGP connections of the VLL, and debug the L2VPN. 4.10.1 Resetting BGP Connections of VLL 4.10.2 Clearing the Statistics of VLL...
Page 297: Monitoring The Operating Status Of Vll
For details about enabling debugging, refer to the chapter Information Center Configuration in the Quidway S9300 Terabit Routing Switch Configuration Guide - Device Management. For the description of the debugging commands, refer to the Quidway S9300 Terabit Routing Switch Debugging Reference. Issue 03 (2009-08-20) Huawei Proprietary and Confidential 4-35 Copyright ©...
Page 298: Configuration Examples
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Procedure Run the debugging mpls l2vpn { all | advertisement | download | error | event | oam- mapping | reroute | timer | connections [ interface interface-type interface-number ] } command in the user view to enable the debugging of the VLL.
Page 299: Figure 4-4 Networking Diagram For Configuring Local Ccc Connection
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Figure 4-4 Networking diagram for configuring local CCC connection CE 2 GE1/0/0 CCC local connection CE 1 GE 2/0/0 GE 1/0/0 GE 1/0/0 Loopback1 1.1.1.9/32 S9300 Interface VLANIF interface...
Page 300 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN <Quidway> system-view [Quidway] sysname CE2 [CE2] vlan 20 [CE2-vlan20] quit [CE2] interface GigabitEthernet1/0/0 [CE2-GigabitEthernet1/0/0]port link-type trunk [CE2-GigabitEthernet1/0/0]port trunk allow-pass vlan 20 [CE2]quit [CE2] interface vlanif 20 [CE2-Vlanif20] ip address 100.1.1.2 24...
Page 301 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Run the display ip routing-table command on the CE, and you can see that CE1 and CE2 can learn the interface routes of each other. CE1 and CE2 can ping each other.
Page 302: Example For Configuring A Remote Ccc Connection
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN interface GigabitEthernet/0/0 port hybrid pvid vlan 20 port hybrid tagged vlan 20 ccc ce1-ce2 interface Vlanif10 out-interface Vlanif20 interface LoopBack1 ip address 1.1.1.9 255.255.255.255 return Configuration file of CE2...
Page 303: Figure 4-5 Networking Diagram For Configuring Remote Ccc Connection
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Figure 4-5 Networking diagram for configuring remote CCC connection CE 1 to CE 2 O-Label I-Label O-Label I-Label I-Label O-Label I-Label O-Label CE 2 to CE 1 Loopback1...
Page 304 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Data Preparation To complete the configuration, you need the following data: Out-label and in-label of the remote CCC connection Pay attention to the mapping between the in-labels and out-labels on the PE and P. For the settings...
Page 305 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration [PE2] interface vlanif 30 [PE2-Vlanif40] ip address 10.2.2.1 24 [PE2-Vlanif40] quit Step 4 Configure the basic MPLS capabilities on the MPLS backbone network. # Configure PE1. [PE1] mpls lsr-id 1.1.1.9...
Page 306 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN After the configuration, display information about the CCC connection on the PEs. You can find that a remote CCC connection is set up on each of PE1 and PE2 and the status of the connection is Up.
Page 307 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration 0.00% packet loss round-trip min/avg/max = 52/67/92 ms ----End Configuration Files Configuration file of CE1 sysname CE1 vlan batch 10 interface Vlanif10 ip address 100.1.1.1 255.255.255.0 interface GigabitEthernet1/0/0...
Page 308 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN interface Vlanif30 ip address 10.2.2.2 255.255.255.0 mpls interface GigabitEthernet1/0/0 port hybrid pvid vlan 30 port hybrid tagged vlan 30 interface GigabitEthernet2/0/0 port hybrid pvid vlan 20 port hybrid tagged vlan 20 interface LoopBack1 ip address 2.2.2.9 255.255.255.255...
Page 309: Example For Configuring An Svc Vll
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration 4.11.3 Example for Configuring an SVC VLL Networking Requirements The CE is connected to the PE through a GE interface. An SVC VLL is set up between CE1 and CE2. The SVC connection is created on PEs and the VC label is specified.
Page 310 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Data Preparation To complete the configuration, you need the following data: Labels of the static L2VC connection The out-label of PE1 is the same as the in-label of PE2; whereas the in-label of PE1 is the same as the out-label of PE2.
Page 311 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration [PE2-Vlanif30] mpls [PE2-Vlanif30] mpls ldp [PE2-Vlanif30] quit After the configuration, LDP sessions are set up between PE1, P, and PE2. Run the display mpls ldp session command, and you can see that the status of the LDP session is Operational.
Page 312 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN <PE1> display mpls static-l2vc interface Vlanif 10 *Client Interface : Vlanif10 is up AC Status : up VC State : up VC ID VC Type : VLAN Destination : 3.3.3.9...
Page 313 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Configuration Files Configuration file of CE1 sysname CE1 vlan batch 10 interface Vlanif10 ip address 100.1.1.1 255.255.255.0 interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 return...
Page 314 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN ip address 10.1.1.2 255.255.255.0 mpls mpls ldp interface Vlanif30 ip address 10.2.2.2 255.255.255.0 mpls mpls ldp interface GigabitEthernet1/0/0 port hybrid pvid vlan 30 port hybrid tagged vlan 30...
Page 315: Example For Configuring A Martini Vll
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration sysname CE2 vlan batch 40 interface Vlanif40 ip address 100.1.1.2 255.255.255.0 interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 40 return 4.11.4 Example for Configuring a Martini VLL...
Page 316 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN GigabitEthernet1/0/0 VLANIF 40 100.1.1.2/24 Configuration Roadmap The configuration roadmap is as follows: Configure the routing protocol on backbone devices (PE and P) and enable MPLS. Use the default tunnel policy to create an LSP and configure the LSP as the tunnel for data transmission.
Page 317 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration [P] mpls lsr-id 2.2.2.9 [P] mpls [P-mpls] quit [P] mpls ldp [P-mpls-ldp] quit [P] interface vlanif 20 [P-Vlanif20] mpls [P-Vlanif20] mpls ldp [P-Vlanif20] quit [P] interface vlanif 30...
Page 318 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN # Configure PE2: Create a VC on VLANIF 40, which is connected to CE2. [PE2] mpls l2vpn [PE2-l2vpn] mpls l2vpn default martini [PE2-l2vpn] quit [PE2] interface vlanif 40 [PE2-Vlanif40] mpls l2vc 1.1.1.9 101...
Page 319 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Configuration Files Configuration file of CE1 sysname CE1 vlan batch 10 interface Vlanif10 ip address 100.1.1.1 255.255.255.0 interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 return...
Page 320 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN mpls ldp interface Vlanif 20 ip address 10.1.1.2 255.255.255.0 mpls mpls ldp interface Vlanif 30 ip address 10.2.2.2 255.255.255.0 mpls mpls ldp interface GigabitEthernet1/0/0 port hybrid pvid vlan 30...
Page 321: Example For Configuring A Local Kompella Vll
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration network 10.2.2.0 0.0.0.255 return Configuration file of CE2 sysname CE2 vlan batch 40 interface Vlanif 40 ip address 100.1.1.2 255.255.255.0 interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 40 return 4.11.5 Example for Configuring a Local Kompella VLL...
Page 322 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Enable MPLS on the PEs. Enable the MPLS L2VPN. Configure VLL instances and CE connections. Data Preparation To complete the configuration, you need the following data: Names of VPN instances and RDs Names and IDs of the CEs (The CE IDs are globally unique.) CE range, namely, the label...
Page 323 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration primary or not ---------------------------------------------------------------------------- Vlanif20 primary CE name: ce2, id: 2, Rid type status peer-id route-distinguisher interface primary or not ---------------------------------------------------------------------------- Vlanif10 primary CE1 and CE2 can ping each other.
Page 324: Example For Configuring A Remote Kompella Connection
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN interface GigabitEthernet2/0/0 port hybrid pvid vlan 20 port hybrif tagged vlan 20 ccc CE1-CE2 interface Vlanif 10 in-label 100 out-label 200 nexthop 10.1.1.2 interface LoopBack1 ip address 1.1.1.9 255.255.255.255...
Page 325 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration GigabitEthernet2/0/0 VLANIF 40 Loopback1 3.3.3.9/32 GigabitEthernet1/0/0 VLANIF 20 168.1.1.2/24 GigabitEthernet2/0/0 VLANIF 30 169.1.1.1/24 Loopback1 2.2.2.9/32 GigabitEthernet1/0/0 VLANIF 10 30.1.1.1/24 GigabitEthernet1/0/0 VLANIF 40 30.1.1.2/24 Configuration Roadmap The configuration roadmap is as follows: Configure routing protocols on the PEs and P on the backbone network to implement internetworking, and enable basic MPLS functions and LDP.
Page 326 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 9 Routes : 9 Destination/Mask Proto Cost Flags NextHop Interface 1.1.1.9/32 Direct 0 127.0.0.1 InLoopBack0 2.2.2.9/32 OSPF 168.1.1.2 Vlanif20 3.3.3.9/32 OSPF 168.1.1.2 Vlanif20 127.0.0.0/8...
Page 327 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration <PE1> display mpls lsp ---------------------------------------------------------------------- LSP Information: LDP LSP ---------------------------------------------------------------------- In/Out Label In/Out IF Vrf Name 2.2.2.9/32 NULL/3 -/Vlanif20 1.1.1.9/32 3/NULL 3.3.3.9/32 NULL/1024 -/Vlanif20 Step 4 Configure the basic BGP L2VPN capability.
Page 328 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN [PE2-mpls-l2vpn-ce-vpn1-ce2] quit [PE2-mpls-l2vpn-vpn1] quit Step 6 Verify the configuration. After the configuration, run the display mpls l2vpn connection command on PEs, and you can see that an L2VPN connection is in Up state.
Page 329 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration mpls l2vpn mpls ldp interface Vlanif10 interface Vlanif20 ip address 168.1.1.1 255.255.255.0 mpls mpls ldp interface GigabitEthernet1/0/0 port hybrid pvid vlan 10 port hybrid tagged vlan 10 interface GigabitEthernet2/0/0...
Page 330 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN interface GigabitEthernet1/0/0 port hybrid pvid vlan 20 port hybrid tagged vlan 20 interface GigabitEthernet2/0/0 port hybrid pvid vlan 30 port hybrid tagged vlan 30 interface LoopBack1 ip address 2.2.2.9 255.255.255.255 ospf 1 area 0.0.0.0...
Page 331: Example For Configuring The Inter-As Martini Vll Option A
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration ospf 1 area 0.0.0.0 network 3.3.3.9 0.0.0.0 network 169.1.1.0 0.0.0.255 return Configuration file of CE2 sysname CE2 vlan batch 40 interface Vlanif40 ip address 30.1.1.2 255.255.255.0 interface GigabitEthernet1/0/0...
Page 332 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Loopback0 1.1.1.9/32 GigabitEthernet1/0/0 VLANIF 40 30.1.1.2/24 GigabitEthernet2/0/0 VLANIF 50 Loopback0 4.4.4.9/32 ASBR-PE1 GigabitEthernet1/0/0 VLANIF 20 10.1.1.2/24 GigabitEthernet2/0/0 VLANIF 30 Loopback0 2.2.2.9/32 ASBR-PE2 GigabitEthernet1/0/0 VLANIF 30 GigabitEthernet2/0/0 VLANIF 40 30.1.1.1/24...
Page 333 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration In this example, IS-IS is used as IGP and the configuration procedure is not mentioned. After the configuration, the ASBR and PE in the same AS can establish an IS-IS adjacency. Run the display isis peer command, and you can see that the IS-IS adjacency is in Up state, and the PEs can learn each other's loopback address.
Page 334 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN [ASBR-PE1] mpls l2vpn [ASBR-PE1-l2vpn] mpls l2vpn default martini [ASBR-PE1-l2vpn] quit [ASBR-PE1] interface vlanif 30 [ASBR-PE1-Vlanif30] mpls l2vc 1.1.1.9 100 [ASBR-PE1-Vlanif30] quit # Configure ASBR-PE2. [ASBR-PE2] mpls l2vpn [ASBR-PE2-l2vpn] mpls l2vpn default martini...
Page 335 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration tunnel policy : -- traffic behavior : -- PW template name : -- primary or secondary : primary VC tunnel/token info : 1 tunnels/tokens NO.0 TNL type : lsp...
Page 336 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN sysname CE1 vlan batch 10 interface Vlanif10 ip address 100.1.1.1 255.255.255.0 interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 return Configuration file of PE1 sysname PE1 vlan batch 10 20 mpls lsr-id 1.1.1.9...
Page 337 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration interface Vlanif20 ip address 10.1.1.2 255.255.255.0 isis enable 1 mpls mpls ldp interface Vlanif30 mpls l2vc 1.1.1.9 100 interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 20...
Page 338: Example For Configuring The Inter-As Kompella Vll Option A
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN mpls lsr-id 4.4.4.9 mpls mpls l2vpn mpls l2vpn default martini mpls ldp isis 1 network-entity 10.0000.0000.0004.00 interface Vlanif40 ip address 30.1.1.2 255.255.255.0 isis enable 1 mpls mpls ldp interface Vlanif50 mpls l2vc 3.3.3.9 100...
Page 339: Figure 4-11 Networking Diagram For Configuring The Inter-As Kompella Vll Option A
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Figure 4-11 Networking diagram for configuring the inter-AS Kompella VLL Option A BGP/MPLS Backbone BGP/MPLS Backbone AS 100 AS 200 Loopback1 Loopback1 Loopback1 Loopback1 4.4.4.4/32 2.2.2.2/32 3.3.3.3/32 1.1.1.1/32...
Page 340 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Establish an IBGP adjacency between the PE and the ASBR-PE in an AS. Set up a Kompella VLL connection between the PE and the ASBR-PE in an AS.
Page 341 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration --- 2.2.2.2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 60/78/90 ms Step 3 Enable MPLS and establish the LSP. Enable MPLS and establish LDP LSP on the ASBR-PE and the PEs in the same AS.
Page 342 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN BGP local router ID : 1.1.1.1 Local AS number : 100 Total number of peers : 1 Peers in established state : 1 Peer MsgRcvd MsgSent OutQ Up/Down...
Page 343 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration [ASBR-PE1-mpls-l2vpn-vpn1] ce ce2 id 2 range 10 default-offset 0 [ASBR-PE1-mpls-l2vpn-ce-vpn1-ce1] connection ce-offset 1 interface vlanif 30 [ASBR-PE1-mpls-l2vpn-ce-vpn1-ce1] quit [ASBR-PE1-mpls-l2vpn-vpn1] quit # Configure ASBR-PE2. [ASBR-PE2] mpls l2vpn [ASBR-PE2-l2vpn] quit...
Page 344 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN AC OAM state: BFD for PW session index: BFD for PW state: invalid BFD for LSP state: true Local C bit is not set, Remote C bit is not set...
Page 345 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Configuration Files Configuration file of CE1 sysname CE1 vlan batch 10 interface Vlanif10 ip address 10.1.1.1 255.255.255.0 interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 return...
Page 346 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN ospf 1 area 0.0.0.0 network 1.1.1.1 0.0.0.0 network 20.1.1.0 0.0.0.3 return Configuration file of ASBR-PE1 sysname ASBR-PE1 vlan batch 20 30 mpls lsr-id 2.2.2.2 mpls mpls l2vpn mpls ldp interface Vlanif20 ip address 20.1.1.2 255.255.255.252...
Page 347 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration mpls lsr-id 3.3.3.3 mpls mpls l2vpn mpls ldp interface Vlanif30 interface Vlanif40 ip address 40.1.1.1 255.255.255.252 mpls mpls ldp interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 30...
Page 348: Example For Configuring Martini Vll Frr (Asymmetrically Connected Ces)
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 40 interface GigabitEthernet2/0/0 port link-type trunk port trunk allow-pass vlan 50 interface LoopBack1 ip address 4.4.4.4 255.255.255.255 bgp 200 peer 3.3.3.3 as-number 200...
Page 349: Figure 4-12 Networking Diagram For Configuring Martini Vll Frr (Asymmetrically Connected Ces)
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration A PW is set up between PE1 and PE2. This PW is the backup PW, and uses the MPLS LSP tunnel. If the master link (CE2 → PE3 → PE1) becomes faulty, the L2VPN traffic can be rapidly switched to the backup link (CE2 →...
Page 350 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN GigabitEthernet2/0/2 VLANIF 30 100.34.1.1/30 Loopback1 4.4.4.4/32 GigabitEthernet1/0/0 VLANIF 10 10.1.1.1/30 GigabitEthernet1/0/0 VLANIF 10 10.1.2.1/30 GigabitEthernet1/0/1 VLANIF 70 10.1.3.1/24 GigabitEthernet1/0/0 VLANIF 60 10.1.1.2/30 GigabitEthernet1/0/1 VLANIF 50 10.1.2.2/30 Configuration Roadmap The configuration roadmap is as follows: Configure OSPF on the backbone network.
Page 351 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration [CE1] interface vlanif 70 [CE1-Vlanif70] ip address 10.1.3.1 24 [CE1-Vlanif70] quit # Configure CE2. <Quidway> system-view [Quidway] sysname CE2 [CE2] interface vlanif 60 [CE2-Vlanif60] ip address 10.1.1.2 30...
Page 352 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN [PE2-Vlanif40] ip address 100.12.1.2 30 [PE2-Vlanif40] quit [PE2] ospf 1 [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] network 100.12.1.0 0.0.0.3 After the configuration, run the display ip routing-table command on the PEs, and you can see that PE1 and PE2, and PE1 and PE3 have learned the routes on the Loopback1 interface of each other.
Page 353 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration # Configure PE3. [PE3] mpls lsr-id 3.3.3.3 [PE3] mpls [PE3-mpls] quit [PE3] interface vlanif 30 [PE3-Vlanif30] mpls [PE3-Vlanif30] quit Step 5 Set up an MPLS TE tunnel between PE1 and PE3, and an LSP between PE1 and PE2.
Page 354 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN [PE3-Vlanif30] mpls te max-link-bandwidth 50 [PE3-Vlanif30] mpls te max-reservable-bandwidth 30 [PE3-Vlanif30] quit [PE3] interface tunnel2/0/0 [PE3-Tunnel2/0/0] ip address unnumbered interface LoopBack1 [PE3-Tunnel2/0/0] tunnel-protocol mpls te [PE3-Tunnel2/0/0] destination 1.1.1.1...
Page 355 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Take the display on PE1 for example. <PE1> display mpls ldp session LDP Session(s) in Public Network ------------------------------------------------------------------------------ Peer-ID Status SsnRole SsnAge KA-Sent/Rcv ------------------------------------------------------------------------------ 2.2.2.2:0 Operational DU Passive...
Page 356 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN [PE3] mpls l2vpn [PE3-l2vpn] mpls l2vpn default martini [PE3-l2vpn] quit [PE3] pw-template 3to1 [PE3-pw-template-3to1] peer-address 1.1.1.1 [PE3-pw-template-3to1] control-word [PE3-pw-template-3to1] vccv cc cw cv lsp-ping bfd [PE3-pw-template-3to1] quit [PE3] interface vlanif 60...
Page 357 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration manual fault : not set active state : inactive forwarding entry : existent link state : up local VC MTU : 1500 remote VC MTU : 1500 local VCCV...
Page 358 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Reply from 10.1.3.1: bytes=56 Sequence=1 ttl=255 time=180 ms Reply from 10.1.3.1: bytes=56 Sequence=2 ttl=255 time=150 ms Reply from 10.1.3.1: bytes=56 Sequence=3 ttl=255 time=150 ms Reply from 10.1.3.1: bytes=56 Sequence=4 ttl=255 time=190 ms Reply from 10.1.3.1: bytes=56 Sequence=5 ttl=255 time=160 ms...
Page 359 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration forwarding entry : existent link state : up local VC MTU : 1500 remote VC MTU : 1500 local VCCV : cw lsp-ping bfd remote VCCV : cw lsp-ping bfd...
Page 360 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN *client interface : Vlanif10 is up session state : up AC state : up VC state : up VC ID : 200 VC type : VLAN destination : 2.2.2.2...
Page 361 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration <CE2> display ip routing-table Route Flags: R - relied, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 8 Routes : 9 Destination/Mask Proto Cost Flags NextHop Interface 10.1.1.0/30...
Page 362 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.3 network 10.1.2.0 0.0.0.3 return Configuration file of PE1 sysname PE1 vlan batch 10 20 40 mpls lsr-id 1.1.1.1 mpls mpls te...
Page 363 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration interface Tunnel2/0/0 ip address unnumbered interface LoopBack1 tunnel-protocol mpls te destination 3.3.3.3 mpls te tunnel-id 103 mpls te bandwidth bc0 20 mpls te commit ospf 1 opaque-capability enable area 0.0.0.0...
Page 364 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Configuration file of PE3 sysname PE3 vlan batch 30 60 mpls lsr-id 3.3.3.3 mpls mpls te mpls rsvp-te mpls te cspf mpls l2vpn mpls l2vpn default martini pw-template 3to1 peer-address 1.1.1.1...
Page 365: Example For Configuring Kompella Vll Frr (Asymmetrically Connected Ces)
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration sysname PE2 vlan batch 40 50 mpls lsr-id 2.2.2.2 mpls mpls l2vpn mpls l2vpn default martini pw-template 2to1 peer-address 1.1.1.1 control-word vccv cc cw cv lsp-ping bfd mpls ldp interface Vlanif40 ip address 100.12.1.2 255.255.255.252...
Page 366: Figure 4-13 Networking Diagram For Configuring Kompella Vll Frr (Asymmetrically Connected Ces)
Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN Figure 4-13 Networking diagram for configuring Kompella VLL FRR (asymmetrically connected CEs) Loopback1 Loopback1 Loopback1 3.3.3.3/32 1.1.1.1/32 4.4.4.4/32 MPLS TE Loopback1 GE1/0/0 GE1/0/0 2.2.2.2/32 GE1/0/0 GE1/0/0 GE1/0/0 GE1/0/1...
Page 367 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration GigabitEthernet1/0/1 VLANIF 50 10.1.2.2/30 Configuration Roadmap The configuration roadmap is as follows: Configure OSPF on the backbone network. Set up an MPLS TE tunnel between PE1 and PE3, and an LSP between PE1 and PE2.
Page 368 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN <Quidway> system-view [Quidway] sysname PE1 [PE1] interface loopback1 [PE1-LoopBack1] ip address 1.1.1.1 32 [PE1-LoopBack1] quit [PE1] interface vlanif 20 [PE1-Vlanif20] ip address 100.13.1.1 30 [PE1-Vlanif20] quit [PE1] interface vlanif 40 [PE1-Vlanif40] ip address 100.12.1.1 30...
Page 369 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration Take the display on PE1 for example. <PE1> display ip routing-table Route Flags: R - relied, D - download to fib ------------------------------------------------------------------------------ Routing Tables: Public Destinations : 13...
Page 370 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN [PE3-Vlanif30] mpls [PE3-Vlanif30] quit Step 5 Set up an MPLS TE tunnel between PE1 and PE3, and an LSP between PE1 and PE2. # Configure the MPLS TE tunnel.
Page 371 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration [PE3-Tunnel2/0/0] mpls te tunnel-id 31 [PE3-Tunnel2/0/0] mpls te bandwidth bc0 20 [PE3-Tunnel2/0/0] mpls te commit [PE3-Tunnel2/0/0] quit [PE3] ospf 1 [PE3-ospf-1] opaque-capability enable [PE3-ospf-1] area 0 [PE3-ospf-1-area-0.0.0.0] mpls-te enable # Use MPLS LDP to establish LSPs.
Page 372 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN After the configuration, run the display bgp l2vpn peer command on the PEs. You can see that BGP L2VPN peers are in Established state. Take the display on PE1 for example.
Page 373 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration [PE2-mpls-l2vpn-vpn1] ce ce3 id 3 [PE2-mpls-l2vpn-ce-vpn1-ce3] connection ce-offset 1 Vlanif 50 After the configuration, view information about L2VPN connections on the PEs. Run the display mpls l2vpn connection interface command on the PEs. You can see that the master and backup PWs are established and the PW status is Up.
Page 374 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN [CE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.3 [CE1-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255 # Configure CE2. [CE2] ospf 1 [CE2-ospf-1] area 0 [CE2-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.3 [CE2-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.3 Run the display ip routing-table command on CE2. You can see that on CE2, the outgoing interface of the routes to 10.1.3.0/24 is VLANIF 60.
Page 375 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration AC OAM state: BFD for PW session index: BFD for PW state: invalid BFD for LSP state: true Local C bit is set, Remote C bit is set...
Page 376 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN remote vc state: local ce-id: local ce name: remote ce-id: intf(state,encap): Vlanif10(up,vlan) peer id: 2.2.2.2 route-distinguisher: 100:3 local vc label: 25603 remote vc label: 25601 tunnel policy: default...
Page 377 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration AC OAM state: BFD for PW session index: BFD for PW state: invalid BFD for LSP state: true Local C bit is set, Remote C bit is set...
Page 378 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN interface Vlanif70 ip address 10.1.3.1 255.255.255.0 interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 interface GigabitEthernet1/0/1 port link-type trunk port trunk allow-pass vlan 70 ospf 1 area 0.0.0.0...
Page 379 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration mpls te max-reservable-bandwidth 30 mpls rsvp-te interface Vlanif40 ip address 100.12.1.1 255.255.255.252 mpls mpls ldp interface GigabitEthernet1/0/0 port hybrid pvid vlan 10 port hybrid tagged vlan 10 interface GigabitEthernet2/0/1...
Page 380 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN sysname P vlan batch 20 30 mpls lsr-id 4.4.4.4 mpls mpls te mpls rsvp-te interface Vlanif 20 ip address 100.13.1.2 255.255.255.252 mpls mpls te mpls te max-link-bandwidth 50...
Page 381 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 4 VLL Configuration interface GigabitEthernet1/0/0 port hybrid pvid vlan 60 port hybrid tagged vlan 60 interface GigabitEthernet2/0/1 port hybrid pvid vlan 30 port hybrid tagged vlan 30 mpls l2vpn vpn1 encapsulation vlan control-word...
Page 382 Quidway S9300 Terabit Routing Switch 4 VLL Configuration Configuration Guide - VPN interface Vlanif50 ip address 10.1.1.1 255.255.255.252 interface GigabitEthernet1/0/0 port hybrid pvid vlan 50 port hybrid tagged vlan 50 interface GigabitEthernet2/0/1 port hybrid pvid vlan 40 port hybrid tagged vlan 40...
Page 383: Pwe3 Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration PWE3 Configuration About This Chapter This chapter describes the principle, configuration procedures, and configuration examples of PWE3. 5.1 Introduction to PWE3 This section describes the principle of PWE3.
Page 384 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN 5.10 Maintaining PWE3 This section describes how to detect the connectivity of a PW, collect path information about a PW, and debug PWE3. 5.11 Configuration Examples This section provides several configuration examples of PWE3.
Page 385: Introduction To Pwe3
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration 5.1 Introduction to PWE3 This section describes the principle of PWE3. Pseudo-Wire Emulation Edge to Edge (PWE3) bears Layer 2 services. It emulates the essential attributes of a service such as Asynchronous Transfer Mode (ATM), Frame Relay (FR), Ethernet, a low speed Time Division Multiplexing (TDM) circuit, or SONET/SDH over a Packet Switched Network (PSN).
Page 386: Pwe3 Features Supported By The S9300
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN 5.2 PWE3 Features Supported by the S9300 This section describes the PWE3 features supported by the S9300. You need to be familiar with the following terms defined in the RFC before you read this section: Ultimate PE (U-PE): a PE to which an AC is bound.
Page 387: Figure 5-2 Process Of Setting Up And Maintaining Single-Hop Pwe3
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Figure 5-2 Process of setting up and maintaining single-hop PWE3 Loopback1 Loopback1 1.1.1.1/32 2.2.2.2/32 mpls l2vc 2.2.2.2 101 mpls l2vc 1.1.1.1 101 parameter match,VC up parameter match,VC up...
Page 388: Figure 5-4 Networking Of Sh-Pwe3
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN When PE1 does not forward packets sent from PE2 for a certain reason, for example, PE2 is no longer specified as the peer, PE1 sends a Withdraw message to PE2. After receiving the Withdraw message, PE2 tears down the PW tunnel and returns a Release message to PE1.
Page 389: Figure 5-6 Asymmetrically Connected Ces
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Dynamic-and-static switch: One of the PWs is set up with signaling, and the other one – is set up manually. The preceding types of PW switching support the Control Word (CW) and Virtual Circuit Connectivity Verification (VCCV).
Page 390: Figure 5-7 Networking Of Inter-As Pwe3-Option A
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN In Option A, the ASBRs of the two ASs are directly connected. The ASBRs are the PEs of their respective ASs. The two ASBRs consider the peer ASBRs as their CEs.
Page 391: Figure 5-8 Networking Of Pwe3 Sh Tracert
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Figure 5-8 Networking of PWE3 SH Tracert VPN2 VPN1 VPN1 VPN2 LSP1 LSP2 On PE1, you can start PWE3 tracert of VPN 1 by running the related command. This...
Page 392: Figure 5-9 Networking Of Pwe3 Mh Tracert
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN Figure 5-9 Networking of PWE3 MH Tracert UPE2 UPE1 SPE2 SPE1 The PWE3 tracert started on UPE1 can obtain correct response only from P1 and SPE1. SPE2 and UPE2 find that the "Remote PE Address" and "VC ID" are not consistent.
Page 393: Configuring The Attributes Of A Pw Template
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration analyze whether the PW can be used to forward packets. PWE3 ping may fail even though the MPLS ping is successful. PWE3 Tracert The principle of PWE3 tracert is similar to the principles of MPLS tracert and IP tracert.
Page 394: Establishing The Configuration Task
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN 5.3.1 Establishing the Configuration Task Applicable Environment You can set the attributes for a PW through commands or a PW template. The attributes include the peer, CW, and tunnel policy. Using a PW template can simplify the configurations of PWs with similar attributes.
Page 395: Configuring The Attributes For A Pw Template
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Step 4 Run: pw-template pw-template-name A PW template is created. ----End 5.3.3 Configuring the Attributes for a PW Template Context Do as follows on the PEs at both ends of a PW.
Page 396: Checking The Configuration
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN NOTE When modifying the attributes of a PW template, you need to run the reset pw pw-template command to make the configuration effective. This, however, may cause the disconnection and re-connection of PWs.
Page 397: Establishing The Configuration Task
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration 5.4.1 Establishing the Configuration Task Applicable Environment A static PW does not use signaling protocols to transmit L2VPN packets. The packets are transmitted over the tunnel between PEs.
Page 398: Creating A Static Pw
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN MPLS L2VPN is enabled. ----End 5.4.3 Creating a Static PW Context Do as follows on the PEs. Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: interface interface-type interface-number The AC interface view is displayed.
Page 399: Configuring A Dynamic Pw
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration VC ID : 100 VC Type : VLAN Destination : 3.3.3.9 Transmit VC Label : 100 Receive VC Label : 100 Control Word : Disable VCCV Capabilty : Disable...
Page 400: Enabling Mpls L2Vpn
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN Data IP address of the destination of L2VC and VC ID Name of the tunnel policy 5.5.2 Enabling MPLS L2VPN Context Before configuring an MPLS L2VC, you must enable MPLS L2VPN.
Page 401: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration NOTE The secondary keyword is required only when a backup PW is configured. The backup PW can be configured only after the master PW is configured. For the detailed configuration, see...
Page 402: Configuring Pw Switching
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN NO.0 TNL type : lsp , TNL ID : 0x12002 create time : 0 days, 0 hours, 2 minutes, 23 seconds up time : 0 days, 0 hours, 0 minutes, 13 seconds...
Page 403: Configuring Pw Switching
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Enabling the MPLS L2VPN on the PEs Configuring a Static PW on U-PEs if the PW switching is between two static PWs Configuring a Dynamic PW on U-PEs if the PW switching is between two dynamic PWs Data Preparation To configure PW switching, you need the following data.
Page 404 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN Configuring dynamic PW switching Do as follows on the S-PEs: Run: system-view The system view of the S-PE is displayed. Run: mpls switch-l2vc ip-address vc-id between ip-address vc-id encapsulation { ethernet| vlan } The dynamic PW switching is configured.
Page 405: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration 5.6.3 Checking the Configuration Prerequisite The configurations of the PW switching are complete. Procedure Run the display mpls switch-l2vc [ ip-address vc-id encapsulation encapsulation-type | state { down | up } ] command on the S-PE to view information about PW switching.
Page 406: Establishing The Configuration Task
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN 5.7.1 Establishing the Configuration Task Applicable Environment In the PW FRR network where CEs are asymmetrically connected, you need to configure backup PWs. Figure 5-10 Asymmetrically connected CEs...
Page 407: Configuring A Backup Pw
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Data (Optional) tunnel policy used by the backup PW Destination address and VC ID of the backup PW 5.7.2 Configuring a Backup PW Context NOTE The types of the master and backup PWs must be consistent. That is, the encapsulation types of the master and backup PWs must be consistent.
Page 408 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN The master and backup PWs are in Up state. The VC status of the master PW is Active, and the VC status of the backup PW is Inactive.
Page 409: Configuring The Pw Frr
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration primary or secondary : secondary VC tunnel/token info : 1 tunnels/tokens NO.0 TNL type : lsp , TNL ID : 0x10004 create time : 0 days, 0 hours, 56 minutes, 39 seconds...
Page 410: Optional) Configuring The Revertive Switchover Policy
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN NOTE S9300 does not support the dual-homed CE. Pre-configuration Tasks Before configuring PW FRR, complete the following tasks: Configuring a PW on each of the master path and backup path for the networking where CEs are asymmetrically connected to PEs (The types of PWs on the master path and backup path must be the same.)
Page 411: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Step 2 Run: interface interface-type interface-number The AC interface view is displayed. Step 3 Run: mpls l2vpn reroute { { delay delay-time | immediately } [ resume resume-time ] | never } The revertive switchover policy is configured.
Page 412 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN Example Run the display mpls l2vc [ vc-id | interface interface-type interface-number ] command, and you can see that the status of the master and backup PWs is Up, the VC status of the master PW is Active, and VC status of the backup PW is Inactive.
Page 413: Configuring Inter-As Pwe3
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration VC tunnel/token info : 1 tunnels/tokens NO.0 TNL type : lsp , TNL ID : 0x10004 create time : 0 days, 0 hours, 12 minutes, 47 seconds up time...
Page 414: Configuring Inter-As Pwe3-Option A
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN Pre-configuration Tasks Before configuring inter-AS PWE3, complete the following tasks: Configuring an IGP protocol for MPLS backbone networks in each AS to ensure IP connectivity within an AS...
Page 415: Maintaining Pwe3
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Example Run the display mpls l2vc [ vc-id | interface interface-type interface-number ] command, and you can see that the VC status is Up. The following is an example: <Quidway>...
Page 416: Verifying The Connectivity Of A Pw
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN 5.10.1 Verifying the Connectivity of a PW Context To verify the connectivity of a PW, first configure basic PWE3 functions through the PW template, and then run the following commands on U-PEs.
Page 417: Locating A Fault Of A Pw
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration That is, two VCCV ping operations cannot be performed on the same device simultaneously. The MTU of a VC is not checked. The VCCV ping operation is not supported by the RSVP PW.
Page 418: Debugging Pwe3
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN connectivity of a PW in MPLS router alert mode, you need to run the vccv cc alert cv lsp- ping command on PW templates on both ends of the PW.
Page 419: Configuration Examples
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration For details about enabling debugging, refer to the chapter Information Center Configuration in the Quidway S9300Terabit Routing Switch Configuration Guide - Device Management. For the description of the debugging commands, refer to the Quidway S9300Terabit Routing Switch Debugging Reference.
Page 420: Figure 5-11 Networking Diagram For Configuring A Dynamic Sh-Pw (Using Lsp)
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN Figure 5-11 Networking diagram for configuring a dynamic SH-PW (using LSP) MPLS Backbone Loopback0 Loopback0 Loopback0 192.2.2.2/32 192.4.4.4/32 192.3.3.3/32 GE2/0/0 GE2/0/0 GE1/0/0 GE2/0/0 GE1/0/0 GE1/0/0 GE1/0/0 GE1/0/0 S9300...
Page 421 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Identical L2VC IDs of PEs on the two ends of a PW MPLS LSR ID of each PE and P Peer address of PE Procedure Step 1 Configure the IDs of the VLANs to which the interfaces of CE, PE, and P belong according to Figure 5-11.
Page 422 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN After the configuration, run the related command, and you can see that LDP sessions are set up between PEs, and between each pair of PE and P, and the session status is Operational.
Page 423 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration tunnel policy : -- traffic behavior : -- PW template name : -- primary or secondary : primary VC tunnel/token info : 1 tunnels/tokens NO.0 TNL type : lsp...
Page 424 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN mpls ldp interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 interface GigabitEthernet2/0/0 port link-type trunk port trunk allow-pass vlan 20 interface LoopBack0 ip address 192.2.2.2 255.255.255.255 ospf 1 area 0.0.0.0...
Page 425: Example For Configuring A Static Mh-Pw
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration mpls ldp mpls ldp remote-peer 192.2.2.2 remote-ip 192.2.2.2 interface Vlanif30 mpls l2vc 192.2.2.2 100 interface Vlanif40 ip address 10.2.2.2 255.255.255.0 mpls mpls ldp interface GigabitEthernet1/0/0 port link-type trunk...
Page 426: Figure 5-12 Networking Diagram For Configuring A Static Mh-Pw
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN Figure 5-12 Networking diagram for configuring a static MH-PW Loopback0 Loopback0 Loopback0 2.2.2.9/32 3.3.3.9/32 4.4.4.9/32 GE1/0/0 GE1/0/0 GE2/0/0 GE2/0/0 GE2/0/0 GE1/0/0 S-PE Loopback0 Loopback0 1.1.1.9/32 5.5.5.9/32 GE2/0/0 GE1/0/0...
Page 427 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Configuration Roadmap The configuration roadmap is as follows: Run a routing protocol on the devices of the backbone network to implement connectivity. Configure the basic MPLS functions on the backbone network and set up an LSP.
Page 428 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN [U-PE1-l2vpn] quit [U-PE1] interface vlanif 10 [U-PE1-Vlanif10] mpls static-l2vc pw-template pwt 100 transmit-vpn-label 100 receive-vpn-label 100 [U-PE1-Vlanif10] quit # Configure S-PE. [S-PE] mpls l2vpn [S-PE-l2vpn] quit [S-PE] mpls switch-l2vc 5.5.5.9 100 trans 200 recv 200 between 1.1.1.9 100 trans 100 recv 100 encapsulation vlan # Configure U-PE2.
Page 429 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Switch-l2vc tunnel info 1 tunnels for peer 5.5.5.9 NO.0 TNL Type : lsp , TNL ID : 0x20026 1 tunnels for peer 1.1.1.9 NO.0 TNL Type : lsp...
Page 430 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN mpls mpls ldp interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 interface GigabitEthernet2/0/0 port link-type trunk port trunk allow-pass vlan 20 interface LoopBack0 ip address 1.1.1.9 255.255.255.255 ospf 1 area 0.0.0.0...
Page 431 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration mpls l2vpn mpls switch-l2vc 5.5.5.9 100 trans 200 recv 200 between 1.1.1.9 100 trans 100 recv 100 encapsulation vlan mpls ldp interfave Vlanif30 ip address 20.1.1.2 255.255.255.0 mpls...
Page 432 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN network 4.4.4.9 0.0.0.0 network 30.1.1.0 0.0.0.255 network 40.1.1.0 0.0.0.255 return Configuration file of U-PE2 sysname U-PE2 vlan batvh 50 60 mpls lsr-id 5.5.5.9 mpls mpls l2vpn pw-template pwt peer-address 3.3.3.9...
Page 433: Example For Configuring A Dynamic Mh-Pw
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration 5.11.3 Example for Configuring a Dynamic MH-PW Networking Requirements As shown in Figure 5-13, U-PE1 and U-PE2 are connected through the MPLS backbone network. Use the LSP and set S-PE as the switching node to set up a dynamic MH-PW between U-PE1 and U-PE2.
Page 434 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN GigabitEthernet2/0/0 VLANIF 40 30.1.1.1/24 Loopback0 3.3.3.9/32 GigabitEthernet1/0/0 VLANIF 10 100.1.1.1/24 GigabitEthernet1/0/0 VLANIF 60 100.1.1.2/24 Configuration Roadmap The configuration roadmap is as follows: Run an IGP protocol on the devices of the backbone network to implement connectivity.
Page 435 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration After the configuration, run the display ip routing-table command on U-PE, P, or S-PE, and you can see that the devices can learn each other's routes. Take the display on S-PE for example.
Page 436 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN [P1-mpls-ldp] quit [P1] interface vlanif 20 [P1-Vlanif20] mpls [P1-Vlanif20] mpls ldp [P1-Vlanif20] quit [P1] interface vlanif 30 [P1-Vlanif30] mpls [P1-Vlanif30] mpls ldp [P1-Vlanif30] quit # Configure S-PE. [S-PE] mpls lsr-id 3.3.3.9...
Page 437 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration LDP Session(s) in Public Network ------------------------------------------------------------------------------ Peer-ID Status SsnRole SsnAge KA-Sent/Rcv ------------------------------------------------------------------------------ 1.1.1.9:0 Operational DU Active 000:00:14 57/57 2.2.2.9:0 Operational DU Active 000:00:14 56/56 4.4.4.9:0 Operational DU Passive...
Page 438 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN Configure the dynamic PW on the U-PE. Enable dynamic PW switching on the S-PE. # Configure U-PE1. [U-PE1] mpls l2vpn [U-PE1-l2vpn] quit [U-PE1] interface vlanif 10 [U-PE1-Vlanif10] mpls l2vc pw-template pwt 100 [U-PE1-Vlanif10] quit # Configure S-PE.
Page 439 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration *Switch-l2vc type : LDP<---->LDP Peer IP Address : 5.5.5.9, 1.1.1.9 VC ID : 200, 100 VC Type : vlan VC State : up VC StatusCode |PSN |OAM | FW |...
Page 440 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN Ingress 10.1.1.2/[1025 ] 10.1.1.2 130 ms Transit 20.1.1.2/[3 ] Request time out 30.1.1.2 80 ms Transit 40.1.1.2/[3 ] 40.1.1.2 100 ms Egress <U-PE1> tracert vc vlan 100 control-word remote 200...
Page 441 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Run the display lspv statistics command on U-PE, and you can view the statistics of PWE3 tracert. Take the display on U-PE2 for example. <U-PE2> display lspv statistics...
Page 442 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN local VCCV : cw lsp-ping remote VCCV : cw lsp-ping local control word : enable remote control word : enable tunnel policy name : -- traffic behavior name...
Page 443 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration 40.1.1.2 150 ms Egress <U-PE1> tracert vc vlan 100 control-word remote 200 Replier Time Type Downstream Ingress 10.1.1.2/[1025 ] 20.1.1.2 60 ms Transit 40.1.1.2 110 ms Egress If the S-PE is disabled from responding to an MPLS Echo Request packet, the configuration on...
Page 444 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN Ingress 40.1.1.1/[1026 ] 40.1.1.1 120 ms Transit 30.1.1.1/[3 ] Request time out 20.1.1.1 60 ms Transit 10.1.1.1/[3 ] 10.1.1.1 160 ms Egress [U-PE2] tracert vc vlan 200 control-word remote 100...
Page 445 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration vlan batch 10 interface Vlanif10 ip address 100.1.1.1 255.255.255.0 interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 return Configuration file of U-PE1 sysname U-PE1 vlan batch 10 20 mpls lsr-id 1.1.1.9...
Page 446 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN interface Vlanif20 ip address 10.1.1.2 255.255.255.0 mpls mpls ldp interface Vlanif30 ip address 20.1.1.1 255.255.255.0 mpls mpls ldp interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 20...
Page 447 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration ospf 1 area 0.0.0.0 network 3.3.3.9 0.0.0.0 network 20.1.1.0 0.0.0.255 network 30.1.1.0 0.0.0.255 return Configuration file of P2 sysname P2 vlan batch 40 50 mpls lsr-id 4.4.4.9 mpls...
Page 448: Example For Configuring A Mixed Mh-Pw
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN interface Vlanif50 ip address 40.1.1.2 255.255.255.0 mpls mpls ldp interface Vlanif60 mpls l2vc pw-template pwt 200 interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 50 interface GigabitEthernet2/0/0...
Page 449: Figure 5-14 Networking Diagram For Configuring A Mixed Mh-Pw
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Figure 5-14 Networking diagram for configuring a mixed MH-PW Loopback0 Loopback0 Loopback0 2.2.2.9/32 3.3.3.9/32 4.4.4.9/32 S-PE GE1/0/0 GE1/0/0 GE2/0/0 GE2/0/0 GE1/0/0 GE2/0/0 Loopback0 Loopback0 5.5.5.9/32 1.1.1.9/32 GE2/0/0 GE1/0/0...
Page 450 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN Configuration Roadmap The configuration roadmap is as follows: Run an IGP protocol on the devices of the backbone network to implement connectivity. Configure the basic MPLS functions on the backbone network and set up an LSP.
Page 451 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Enable MPLS L2VPN on U-PE1, U-PE2, and S-PE. Create a dynamic VC connection U-PE1 and a static VC connection on U-PE2. Configure a mixed switching PW on the S-PE.
Page 452 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN tunnel policy : -- traffic behavior : -- PW template name : -- primary or secondary : primary VC tunnel/token info : 1 tunnels/tokens NO.0 TNL type : lsp...
Page 453 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Configuration file of U-PE1 sysname U-PE1 vlan batch 10 20 mpls lsr-id 1.1.1.9 mpls mpls l2vpn mpls ldp mpls ldp remote-peer 3.3.3.9 remote-ip 3.3.3.9 interface Vlanif10 mpls l2vc 3.3.3.9 100 interface Vlanif20 ip address 10.1.1.1 255.255.255.0...
Page 454 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN port trunk allow-pass vlan 30 interface LoopBack0 ip address 2.2.2.9 255.255.255.255 ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 20.1.1.0 0.0.0.255 network 2.2.2.9 0.0.0.0 return Configuration file of S-PE...
Page 455 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration mpls lsr-id 4.4.4.9 mpls mpls ldp interface Vlanif 40 ip address 30.1.1.2 255.255.255.0 mpls mpls ldp interface Vlanif 50 ip address 40.1.1.1 255.255.255.0 mpls mpls ldp interface GigabitEthernet1/0/0...
Page 456: Example For Configuring Pw Frr
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN interface LoopBack0 ip address 5.5.5.9 255.255.255.255 ospf 1 area 0.0.0.0 network 5.5.5.9 0.0.0.0 network 40.1.1.0 0.0.0.255 return Configuration file of CE2 sysname CE2 vlan batch 60 interface Vlanif 60 ip address 100.1.1.2 255.255.255.0...
Page 457: Figure 5-15 Networking Diagram For Configuring Pw Frr - Ces Are Asymmetrically Connected To Pes Through Ethernet Links
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Figure 5-15 Networking diagram for configuring PW FRR - CEs are asymmetrically connected to PEs through Ethernet links Loopback1 Loopback1 1.1.1.1/32 3.3.3.3/32 Loopback1 4.4.4.4/32 MPLS TE Loopback1 2.2.2.2/32...
Page 458 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN GigabitEthernet1/0/2 VLANIF 80 Configuration Roadmap The configuration roadmap is as follows: Configure an IGP protocol on the backbone network. Set up MPLS TE tunnels between PE1 and PE3, and LSPs between PE1 and PE2.
Page 459 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration [P] interface loopback 1 [P-LoopBack1] ip address 4.4.4.4 32 [P-LoopBack1] quit [P] interface vlanif 20 [P-Vlanif20] ip address 100.13.1.2 30 [P-Vlanif20] quit [P] interface vlanif 30 [P-Vlanif30] ip address 100.34.1.1 30...
Page 460 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN 100.13.1.1/32 Direct 0 127.0.0.1 InLoopBack0 100.13.1.2/32 Direct 0 100.13.1.2 Vlanif20 100.34.1.0/30 OSPF 100.13.1.2 Vlanif20 127.0.0.0/8 Direct 0 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 127.0.0.1 InLoopBack0 Step 3 Configure the basic MPLS capabilities on the MPLS backbone network.
Page 461 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration [PE1-mpls-ldp] quit [PE1] interface vlanif 40 [PE1-Vlanif40] mpls ldp [PE1-Vlanif40] quit [PE1] interface tunnel2/0/0 [PE1-Tunnel2/0/0] ip address unnumbered interface loopback1 [PE1-Tunnel2/0/0] tunnel-protocol mpls te [PE1-Tunnel2/0/0] destination 3.3.3.3 [PE1-Tunnel2/0/0] mpls te tunnel-id 13...
Page 462 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN [PE3-ospf-1-area-0.0.0.0] quit [PE3-ospf-1] quit # Configure PE2. [PE2] mpls ldp [PE2-mpls-ldp] quit [PE2] interface Vlanif 40 [PE2-Vlanif40] mpls ldp [PE2-Vlanif40] quit After the configuration, run the display tunnel-info all command on PEs. You can see that an MPLS TE tunnel is set up between PE1 and PE3, and an MPLS LSP is set up between PE1 and PE2.
Page 463 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration [PE1] tunnel-policy p1 [PE1-tunnel-policy-p1] tunnel select-seq cr-lsp load-balance-number 1 [PE1-tunnel-policy-p1] quit # Configure PE3. [PE3] tunnel-policy p1 [PE3-tunnel-policy-p1] tunnel select-seq cr-lsp load-balance-number 1 [PE3-tunnel-policy-p1] quit Step 7 Configure PWs on PEs by using PW templates.
Page 464 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN PeerIP : 2.2.2.2 Tnl Policy Name : -- CtrlWord : Enable VCCV Capability : cw lsp-ping bfd Behavior Name : -- Total PW : 1, Static PW : 0, LDP PW : 1, Rsvp PW : 0...
Page 465 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration remote AC OAM state : up remote PSN state : up remote forwarding state: forwarding BFD for PW : unavailable manual fault : not set active state : inactive...
Page 466 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN VC state : up VC ID : 100 VC type : VLAN destination : 3.3.3.3 local group ID remote group ID local VC label : 21504 remote VC label...
Page 467 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration time of last reroute : 0 days, 0 hours, 43 minutes, 2 seconds delay timer ID : -- rest time :-- resume timer ID : -- rest time :-- Verify the switchover of PWs on PE1.
Page 468 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN link state : up local VC MTU : 1500 remote VC MTU : 1500 local VCCV : cw lsp-ping bfd remote VCCV : cw lsp-ping bfd local control word...
Page 469 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration destination : 3.3.3.3 local group ID remote group ID local VC label : 21504 remote VC label : 21504 local AC OAM State : up local PSN State...
Page 470 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN Client1 can ping 10.1.1.2 on Client2. [Client1] ping 10.1.1.2 PING 10.1.1.2: 56 data bytes, press CTRL_C to break Reply from 10.1.1.2: bytes=56 Sequence=1 ttl=254 time=210 ms Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=254 time=190 ms Reply from 10.1.1.2: bytes=56 Sequence=3 ttl=254 time=160 ms...
Page 471 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration return Configuration file of PE1 sysname PE1 vlan batch 10 20 40 mpls lsr-id 1.1.1.1 mpls mpls te mpls rsvp-te mpls te cspf mpls l2vpn pw-template 1to2 peer-address 2.2.2.2...
Page 472 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN mpls te commit ospf 1 opaque-capability enable area 0.0.0.0 network 1.1.1.1 0.0.0.0 network 100.13.1.0 0.0.0.3 network 100.12.1.0 0.0.0.3 mpls-te enable tunnel-policy tunnel select-seq cr-lsp load-balance-number 1 return Configuration file of P...
Page 473 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration mpls mpls te mpls rsvp-te mpls te cspf mpls l2vpn pw-template 3to1 peer-address 1.1.1.1 control-word vccv cc cw cv lsp-ping bfd mpls ldp mpls ldp remote-peer 1.1.1.1 remote-ip 1.1.1.1 interface Vlanif30 ip address 100.34.1.2 255.255.255.252...
Page 474: Example For Configuring Inter-As Pwe3-Option A
Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN pw-template 2to1 peer-address 1.1.1.1 control-word vccv cc cw cv lsp-ping bfd mpls ldp interface Vlanif40 ip address 100.12.1.2 255.255.255.252 mpls mpls ldp interface Vlanif50 mpls l2vc pw-template 2to1 200...
Page 475 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration GigabitEthernet1/0/0 VLANIF 10 GigabitEthernet2/0/0 VLANIF 20 10.1.1.1/24 Loopback0 1.1.1.9/32 GigabitEthernet1/0/0 VLANIF 40 30.1.1.2/24 GigabitEthernet2/0/0 VLANIF 50 Loopback0 4.4.4.9/32 ASBR-PE1 GigabitEthernet1/0/0 VLANIF 20 10.1.1.2/24 GigabitEthernet2/0/0 VLANIF 30 Loopback0 2.2.2.9/32...
Page 476 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN NOTE The S9300 only allows the CE to access the PE through a trunk. Step 2 Configure an IGP protocol on the MPLS backbone network. PEs and ASBR-PEs on the MPLS backbone network can communicate with each other by using IGP.
Page 477 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Step 4 Configure the MPLS L2VC connection. Configure the L2VC connection on the U-PE and ASBR-PE and connect the U-PE to the CE. # Configure PE1. [PE1] mpls l2vpn...
Page 478 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN remote PSN state : up remote forwarding state: forwarding BFD for PW : unavailable manual fault : not set active state : active forwarding entry : exist link state...
Page 479 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 190/244/430 ms ----End Configuration Files Configuration file of CE1 sysname CE1 vlan batch 10 interface Vlanif10 ip address 100.1.1.1 255.255.255.0...
Page 480 Quidway S9300 Terabit Routing Switch 5 PWE3 Configuration Configuration Guide - VPN mpls l2vpn mpls ldp isis 1 network-entity 10.0000.0000.0002.00 interface Vlanif20 ip address 10.1.1.2 255.255.255.0 isis enable 1 mpls mpls ldp interface Vlanif30 mpls l2vc 1.1.1.9 100 interface GigabitEthernet1/0/0...
Page 481 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 5 PWE3 Configuration Configuration file of PE2 sysname PE2 vlan batch 40 50 mpls lsr-id 4.4.4.9 mpls mpls l2vpn mpls ldp isis 1 network-entity 10.0000.0000.0004.00 interface Vlanif40 ip address 30.1.1.2 255.255.255.0...
Page 483: Vpls Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration VPLS Configuration About This Chapter This chapter describes the basic principle, configuration procedures, and configuration examples for VPLS. 6.1 Introduction to VPLS This section describes the principle of PWE3.
Page 484: Introduction To Vpls
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN 6.1 Introduction to VPLS This section describes the principle of PWE3. With the development of Ethernet technologies, Ethernet has become a leading networking technology for Local Area Networks (LANs). Moreover, Ethernet is increasingly used for Metropolitan Area Networks (MANs) and Wide Area Networks (WANs) as an access technology.
Page 485: Vpls Features Supported By The S9300
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration A Pseudo Wire (PW) is a virtual connection used to transmit frames between two PEs. PEs establish and maintain PWs through signaling. PEs at both ends of a PW maintain the PW status.
Page 486: Mac Address Learning
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN Control Plane and Data Plane The control plane of a VPLS PE provides the following functions: Member discovery: indicates the process of finding all the PEs in the same VPLS. This can be implemented through manual configurations or the automatic discovery function of protocols.
Page 487: Access Mode
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration If a PE receives broadcast traffic from a peer PE, the PE forwards it only to the directly-connected interfaces of the same VPLS rather than other PEs. For a packet with the destination MAC address as a non-broadcast address, if a PE cannot identify this type of the MAC address, the PE broadcasts this packet.
Page 488: Figure 6-3 Hvpls Model
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN Figure 6-3 HVPLS model basic VPLS full mesh In a basic HVPLS model, PEs can be classified into the following types: An Underlayer PE (UPE) refers to a user convergence device that is directly connected to a CE.
Page 489: Configuring Kompella Vpls
6.3.2 Enabling BGP Peers to Exchange VPLS Information 6.3.3 Creating a VSI and Configuring the BGP Signaling 6.3.4 (Optional) Configuring Huawei Devices to Communicate with Non-Huawei Devices 6.3.5 Binding a VSI to an Interface of a CE 6.3.6 (Optional) Configuring the Features of Kompella VPLS 6.3.7 Checking the Configuration...
Page 490: Establishing The Configuration Task
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN 6.3.1 Establishing the Configuration Task Applicable Environment When PEs use BGP as the VPLS signaling, you can configure Kompella VPLS. Automatic discovery of VPLS PEs is implemented by configuring VPN targets.
Page 491: Creating A Vsi And Configuring The Bgp Signaling
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Step 3 Run: peer peer-address as-number as-number A BGP peer is configured. Step 4 (Optional) Run peer peer-address connect-interface interface-type interface-number An interface is specified for creating a TCP connection.
Page 492 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN pwsignal bgp BGP is configured as the PW signaling protocol and the VSI BGP view is displayed. Step 4 Run: route-distinguisher route-distinguisher The Router Distinguisher (RD) is configured for the VSI.
Page 493: Optional) Configuring Huawei Devices To Communicate With Non-Huawei Devices
The devices of certain manufacturers do not support the MTU matching check in a VSI. When the S9300 communicates with a non-Huawei device in Kompella mode, you need to run the ignore-mtu-match command on the S9300 to ignore the MTU matching check. This ensures that the VC is Up.
Page 494: Binding A Vsi To An Interface Of A Ce
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN 6.3.5 Binding a VSI to an Interface of a CE Context The S9300 supports binding a VSI to a VLANIF interface. That is, a PE is connected to a CE through a VLANIF interface.
Page 495: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration The BGP-VPLS sub-address family view is displayed. Step 4 Run: peer { group-name | peer-address } reflect-client A Route Reflector (RR) and its client are configured. Step 5 Run: undo policy vpn-target The VPN-target-based filtering is disabled for received VPLS label blocks.
Page 496: Configuring Martini Vpls
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN BGP RD : 168.1.1.1:1 SiteID/Range/Offset : 1/5/0 Import vpn target : 100:1, Export vpn target : 100:1, Remote Label Block : 25600/5/0, Local Label Block : 25600/5/0, Interface Name...
Page 497: Establishing The Configuration Task
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration 6.4.1 Establishing the Configuration Task Applicable Environment If PE devices support the usage of LDP as the VPLS signaling, you can configure the Martini VPLS service. To fully connect the PEs in a VPLS network through PWs, you need to set up LDP sessions among all the PEs.
Page 498: Binding A Vsi To An Interface Of A Ce
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN A vsi which uses the static member discovery mechanism is created. Step 3 Run: pwsignal ldp LDP is configured as the PW signaling protocol and the VSI LDP view is displayed.
Page 499: Checking The Configuration
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration The VLANIF interface view is displayed. Step 3 Run: l2 binding vsi vsi-name A VSI is bound to the interface. ----End 6.4.4 Checking the Configuration Prerequisite The Martini VPLS configurations are completed.
Page 500: Configuring Ldp Hvpls
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN Interface Name : Vlanif10 State : up Run the display vsi remote ldp [ route-id ip-address ] [ pw-id pw-id ] command, and you can view information about remote VSIs using LDP as signaling. For example: <Quidway>...
Page 501: Configuring Spes
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration NOTE Kompella VPLS uses BGP as the signaling. Configuring a route reflector can solve the problem of excessive connections caused by VPLS full connections. Therefore, the S9300 supports only Martini HVPLS.
Page 502: Configuring Upes
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN The VSI peer relationship is configured between a SPE and a UPE. ----End 6.5.3 Configuring UPEs Context The configuration of a UPE is similar to that of a PE on the VPLS fully-connected network. The difference is that a UPE sets up connections only with SPEs to which the UPE is connected.
Page 503: Configuring Static Vlls To Access A Vpls Network
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Session : up Tunnel ID : 0x2002002, *Peer Router ID : 1.1.1.9 VC Label : 23553 Peer Type : dynamic Session : up Tunnel ID : 0x1002000, Interface Name...
Page 504: Configuring A Static Lsp Between A Upe And An Spe
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN Enabling MPLS L2VPN on the UPEs and SPEs Configuring a tunnel policy Data Preparation To configure static VLLs to access a VPLS network, you need the following data.
Page 505: Configuring A Upe To Access An Spe Through A Static Vll
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Postrequisite NOTE A static LSP is unidirectional. Thus, two static LSPs in opposite directions must be established between the UPE and the SPE. If a P device resides between the UPE and the SPE, run the static-lsp transit command on the P device to configure a transit node for the static LSP.
Page 506: Checking The Configuration
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN The system view is displayed. Step 2 Run: vsi vsi-name static A vsi which uses the static member discovery mechanism is created. Step 3 Run: pwsignal ldp LDP is configured as the PW signaling protocol and the VSI LDP view is displayed.
Page 507 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Example Run the display mpls static-l2vc command, and you can find that VC Status is Up. For example: <Quidway> display mpls static-l2vc interface vlanif 20 *Client Interface : Vlanif20 is up...
Page 508: Configuring Inter-As Martini Vpls
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN PW State : up Local VC Label : 100 Remote VC Label : 100 PW Type : MEHVPLS Tunnel ID : 0x2002004, Run the display vsi remote ldp [ route-id ip-address ] [ pw-id pw-id ] command, and you can view information about remote VSIs using LDP as signaling.
Page 509: Configuring Inter-As Martini Vpls Option A
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Data Mode of the inter-AS VPN Number of each AS 6.7.2 Configuring Inter-AS Martini VPLS Option A Context The configuration of inter-AS Martini VPLS Option A is as follows:...
Page 510: Configuring Inter-As Komeplla Vpls
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN VC Label : 17408 Session : up Tunnel ID : 0x20001, Interface Name : Vlanif10 State : up *Peer Ip Address : 3.3.3.9 PW State : up Local VC Label...
Page 511: Configuring Inter-As Kompella Vpls Option A
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Configuring an IGP for the MPLS backbone network in each AS to implement IP connectivity within an AS Configuring basic MPLS functions on the MPLS backbone network of each AS...
Page 512: Checking The Configuration
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN 6.8.3 Checking the Configuration Prerequisite The inter-AS Kompella VPLS configurations are complete. Procedure Run the display bgp vpls { group [ group-name ] | peer [ ip-address ] } command to check the BGP VPLS peer (group) relationship on a PE or an ASBR-PE.
Page 513: Setting Related Vpls Parameters
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration VSI Name: v1 Signaling: bgp SiteID PeerAddr InLabel OutLabel VCState 200:1 4.4.4.4 25602 25601 6.9 Setting Related VPLS Parameters This section describes how to set related VPLS parameters.
Page 514: Configuring Mac Address Learning
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN Procedure Step 1 Run: system-view The system view is displayed. Step 2 Run: vsi vsi-name [ auto | static ] A VSI is created and the VSI view is displayed.
Page 515: Configuring The Delay For Processing Vpls Events
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Static MAC address entries are configured. Step 4 Run: mac-address blackhole mac-address vsi vsi-name [ pe-vid pe-vid [ ce-vid ce-vid ] MAC address blackhole entries are configured. Step 5 Run: vsi vsi-name The VSI view is displayed.
Page 516: Maintaining Vpls
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN The MPLS L2VPN view is displayed. Step 3 Run: vpls pw-down-delay pw-down-delay-time The number of times that the system delays processing the VPLS PW Down event is configured.
Page 517: Checking The Traffic On A Vpls Pw
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration mpls l2vpn traffic-statistics capability enable The mpls l2vpn traffic-statistics capability is enabled. Step 3 Run: vsi vsi-name static The VSI view is displayed. Step 4 Collect traffic statistics on a PW.
Page 518: Debugging Vpls
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN Procedure Run the reset traffic-statistics vsi all command to reset all the traffic statistics on a specified VPLS PW. Run the reset traffic-statistics vsi name vsi-name [ peer peer-address [ negotiation-vc- id vc-id ] ] command to reset the statistics of the public network traffic on a specified LDP VPLS PW in a specified VSI.
Page 519: Clearing Mac Address Entries
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Procedure Run the undo shutdown command to enable a VSI. Run the shutdown command to disable a VSI. ----End Example Regarding the requirements of service management such as service commissioning and service suspension, you can temporarily shut down a VSI, and then add, delete or adjust the VSI function.
Page 520: Example For Configuring Martini Vpls
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN 6.11.1 Example for Configuring Martini VPLS Networking Requirements As shown in Figure 6-5, VPLS needs to be enabled on PE1 and PE2; CE1 is connected to PE1 and CE2 is connected to PE2; CE1 and CE2 belong to the same VPLS network; PWs are established with LDP as the VPLS signaling, and VPLS is configured to implement the interworking between CE1 and CE2.
Page 521 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Establish tunnels between PEs to transmit user data. Enable MPLS L2VPN on PEs. Create VSIs on PEs, use the signaling protocol as LDP, and bind VSIs to related AC interfaces.
Page 522 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN After the configuration, run the display mpls ldp session on PE1 or PE2. You can find that the status of the peer relationship between PE1 and PE2 is Operational, which indicates that the peer relationship is established.
Page 523 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration ***VSI Name : a2 Administrator VSI : no Isolate Spoken : disable VSI Index PW Signaling : ldp Member Discovery Style : static PW MAC Learn Style : unqualify...
Page 524 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN Configuration file of CE2 sysname CE2 vlan batch 40 interface Vlanif40 ip address 10.1.1.2 255.255.255.0 interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 40 return Configuration file of PE1...
Page 525 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration mpls mpls ldp interface Vlanif20 ip address 168.1.1.2 255.255.255.0 mpls mpls ldp interface Vlanif30 ip address 169.1.1.1 255.255.255.0 mpls mpls ldp interface GigabitEthernet1/0/0 port hybrid pvid vlan 20...
Page 526: Example For Configuring Kompella Vpls
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN interface LoopBack1 ip address 3.3.3.9 255.255.255.255 ospf 1 area 0.0.0.0 network 3.3.3.9 0.0.0.0 network 169.1.1.0 0.0.0.255 return 6.11.2 Example for Configuring Kompella VPLS Networking Requirements As shown in Figure 6-6, PE1 and PE2 are PEs to be enabled with the VPLS function;...
Page 527 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Configuration Roadmap The configuration roadmap is as follows: Configure a routing protocol on the backbone network to implement the interworking between devices and enable basic MPLS functions. Set up LSP tunnels between PEs.
Page 528 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN Step 4 Enable BGP peers to exchange VPLS information. # Configure PE1. [PE1] bgp 100 [PE1-bgp] peer 3.3.3.9 as-number 100 [PE1-bgp] peer 3.3.3.9 connect-interface loopback1 [PE1-bgp] vpls-family [PE1-bgp-af-vpls] peer 3.3.3.9 enable [PE1-bgp-af-vpls] quit # Configure PE2.
Page 529 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration # Configure CE1. <Quidway> sysname CE1 [CE1] interface vlanif10 [CE1-Vlanif10] ip address 10.1.1.1 255.255.255.0 # Configure CE2. <Quidway> sysname CE2 [CE2] interface vlanif 40 [CE2-Vlanif40] ip address 10.1.1.2 255.255.255.0 Step 9 Verify the configuration.
Page 530 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN 0.00% packet loss round-trip min/avg/max = 34/68/94 ms ----End Configuration Files Configuration file of CE1 sysname CE1 vlan batch 10 interface Vlanif10 ip address 10.1.1.1 255.255.255.0 interface GigabitEthernet1/0/0...
Page 531 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration interface GigabitEthernet2/0/0 port hybrid pvid vlan 20 port hybrid tagged vlan 20 interface LoopBack1 ip address 1.1.1.9 255.255.255.255 bgp 100 peer 3.3.3.9 as-number 100 peer 3.3.3.9 connect-interface LoopBack1...
Page 532: Example For Configuring Ldp Hvpls
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN mpls mpls l2vpn vsi bgp1 auto pwsignal bgp route-distinguisher 169.1.1.2:1 vpn-target 100:1 import-extcommunity vpn-target 100:1 export-extcommunity site 2 range 5 default-offset 0 mpls ldp interface Vlanif30 ip address 169.1.1.2 255.255.255.0...
Page 533: Figure 6-7 Networking Diagram For Configuring Ldp Hvpls
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Figure 6-7 Networking diagram for configuring LDP HVPLS Basic VPLS full mesh Loopback1 Loopback1 3.3.3.9/32 2.2.2.9/32 GE1/0/0 GE1/0/0 GE2/0/0 Loopback1 GE2/0/0 1.1.1.9/32 GE3/0/0 GE1/0/0 GE2/0/0 GE1/0/0 GE1/0/0 Site3...
Page 534 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN Create a VSI on a UPE, and specify the SPE as the peer of the VSI. Configure CE1 and CE2 to access UPEs, and configure CE3 to access PEs.
Page 535 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration <PE> system-view [PE] mpls l2vpn [PE] vsi v123 static [PE-vsi-v123] pwsignal ldp [PE-vsi-v123-ldp] vsi-id 123 [PE-vsi-v123-ldp] peer 2.2.2.9 Step 5 Bind VSIs to interfaces on the SPE and UPE.
Page 536 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN VC Label : 23552 Peer Type : dynamic Session : up Tunnel ID : 0x20022, *Peer Router ID : 1.1.1.9 VC Label : 23553 Peer Type : dynamic...
Page 537 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration port hybrid tagged vlan 20 interface GigabitEthernet3/0/0 port hybrid pvid vlan 30 port hybrid tagged vlan 30 interface LoopBack1 ip address 1.1.1.9 255.255.255.255 ospf 1 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 100.1.1.0 0.0.0.255...
Page 538 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN mpls lsr-id 3.3.3.9 mpls mpls l2vpn vsi v123 static pwsignal ldp vsi-id 123 peer 2.2.2.9 mpls ldp interface Vlanif40 ip address 100.2.1.2 255.255.255.0 mpls mpls ldp interface Vlanif50...
Page 539: Example For Configuring Static Vlls To Access A Vpls Network
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration sysname CE3 vlan batch 50 interface Vlanif50 ip address 10.1.1.3 255.255.255.0 interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 50 return 6.11.4 Example for Configuring Static VLLs to Access a VPLS...
Page 540 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN Loopback1 1.1.1.9/32 GigabitEthernet 1/0/0 VLANIF 30 100.1.1.2/24 GigabitEthernet 2/0/0 VLANIF 40 100.1.2.1/24 Loopback1 2.2.2.9/32 SPE2 GigabitEthernet 1/0/0 VLANIF 40 100.1.2.2/24 GigabitEthernet 2/0/0 VLANIF 50 100.1.4.1/24 Loopback1 3.3.3.9/32 UPE2...
Page 541 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration # Configure SPE1. <SPE1> system-view [SPE1] ospf [SPE1-ospf-1] area 0 [SPE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0 [SPE1-ospf-1-area-0.0.0.0] network 100.1.1.0 0.0.0.255 [SPE1-ospf-1-area-0.0.0.0] network 100.1.3.0 0.0.0.255 [SPE1-ospf-1-area-0.0.0.0] quit [SPE1-ospf-1] quit # Configure P.
Page 542 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN [P] quit [P] mpls ldp [P-mpls-ldp] quit [P] interface vlanif 30 [P-Vlanif30] mpls [P-Vlanif30] mpls ldp [P-Vlanif30] quit [P] interface vlanif 40 [P-Vlanif40] mpls [P-Vlanif40] mpls ldp [P-Vlanif40] quit # Configure SPE2.
Page 543 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration After the configuration, run the display mpls ldp session command on SPE1 and SPE2. You can find that the status of the peer relationship between SPE1 and SPE2 is Operational.
Page 544 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN [UPE2-l2vpn] quit [UPE2] interface vlanif 60 [UPE2-Vlanif60] mpls static-l2vc destination 3.3.3.9 transmit-vpn-label 100 receive-vpn-label 100 [UPE2-Vlanif60] quit Enable MPLS L2VPN on SPEs and bind VSIs. # Configure SPE1.
Page 545 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Service Class : -- Color : -- DomainId Domain Name VSI State : up VSI ID : 100 *Peer Router ID : 3.3.3.9 VC Label : 23552 Peer Type...
Page 546 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 return Configuration file of CE2 sysname CE2 interface Vlanif60 ip address 10.1.1.2 255.255.255.0 interface GigabitEthernet1/0/0 port link-type trunk...
Page 547 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration vsi v100 static pwsignal ldp vsi-id 100 peer 3.3.3.9 peer 4.4.4.9 static-upe tran 100 recv 100 mpls ldp mpls ldp remote-peer 3.3.3.9 remote-ip 3.3.3.9 interface Vlanif20 ip address 100.1.3.1 255.255.255.0...
Page 548 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN port hybrid pvid vlan 40 port hybrid tagged vlan 40 interface LoopBack1 ip address 2.2.2.9 255.255.255.255 ospf 1 area 0.0.0.0 network 2.2.2.9 0.0.0.0 network 100.1.1.0 0.0.0.255 network 100.1.2.0 0.0.0.255...
Page 549: Example For Configuring Inter-As Martini Vpls Option A
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration sysname UPE2 vlan batch 50 60 mpls lsr-id 5.5.5.9 mpls mpls l2vpn interface Vlanif50 ip address 100.1.4.2 255.255.255.0 mpls interface Vlanif60 mpls static-l2vc destination 3.3.3.9 transmit-vpn-label 100 receive-vpn-label...
Page 550: Figure 6-9 Networking Diagram For Configuring Inter-As Martini Vpls Option A
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN Figure 6-9 Networking diagram for configuring inter-AS Martini VPLS Option A VPLS Backbone VPLS Backbone AS 100 AS 200 Loopback1 Loopback1 Loopback1 Loopback1 4.4.4.4/32 3.3.3.3/32 1.1.1.1/32 2.2.2.2/32 GE2/0/0...
Page 551 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Configure basic MPLS functions on devices in the backbone network and establish dynamic LSPs between PEs and ASBR-PEs in the same AS. Establish remote LDP sessions if PEs and ASBR-PEs are indirectly connected.
Page 552 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN 0.00% packet loss round-trip min/avg/max = 60/98/180 ms Step 3 Enable MPLS and configure dynamic LSPs. Configure basic MPLS functions on the MPLS backbone network. Establish dynamic LDP LSPs between PEs and ASBR-PEs in the same AS.
Page 553 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration # Configure ASBR-PE2. [ASBR-PE2] vsi a1 static [ASBR-PE2-vsi-a1] pwsignal ldp [ASBR-PE2-vsi-a1-ldp] vsi-id 3 [ASBR-PE2-vsi-a1-ldp] peer 4.4.4.4 [ASBR-PE2-vsi-a1-ldp] quit [ASBR-PE2-vsi-a1] quit [ASBR-PE2] interface vlanif 30 [ASBR-PE2-Vlanif30] l2 binding vsi a1 [ASBR-PE2-Vlanif30] quit # Configure PE2.
Page 554 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN Interface Name : Vlanif10 State : up **PW Information: *Peer Ip Address : 2.2.2.2 PW State : up Local VC Label : 23552 Remote VC Label : 23552...
Page 555 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration network-entity 10.0000.0000.0001.00 interface Vlanif10 l2 binding vsi a1 interface Vlanif20 ip address 100.1.1.1 255.255.255.0 isis enable 1 mpls mpls ldp interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10...
Page 556 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN sysname ASBR-PE2 vlan batch 30 40 mpls lsr-id 3.3.3.3 mpls mpls l2vpn vsi a1 static pwsignal ldp vsi-id 3 peer 4.4.4.4 mpls ldp isis 1 network-entity 10.0000.0000.0003.00 interface Vlanif30...
Page 557: Example For Configuring Inter-As Kompella Vpls Option A
Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration interface Vlanif50 l2 binding vsi a1 interface GigabitEthernet1/0/0 port link-type trunk port default vlan 40 interface GigabitEthernet2/0/0 port link-type trunk port default vlan 50 interface LoopBack1 ip address 4.4.4.4 255.255.255.255...
Page 558: Figure 6-10 Networking Diagram For Configuring Inter-As Kompella Vpls Option A
Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN Figure 6-10 Networking diagram for configuring inter-AS Kompella VPLS Option A VPLS Backbone VPLS Backbone AS 100 AS 200 Loopback1 Loopback1 Loopback1 Loopback1 4.4.4.4/32 3.3.3.3/32 1.1.1.1/32 2.2.2.2/32 GE2/0/0...
Page 559 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Configure VSIs on PE1, ASBR-PE1, ASBR-PE2, and PE2 and bind the VSIs to related AC interfaces. Data Preparation To complete the configuration, you need the following data: IS-IS data...
Page 560 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN ASBR-PEs and PEs in the same AS can ping Loopback1 of each other successfully. Take ASBR- PE1 as an example. <ASBR-PE1> ping 1.1.1.1 PING 1.1.1.1: 56 data bytes, press CTRL_C to break Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=255 time=47 ms...
Page 561 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration Local AS number : 100 Total number of peers : 1 Peers in established state : 1 Peer MsgRcvd MsgSent OutQ Up/Down State PrefRcv 2.2.2.2 0 00:09:04 Established Step 5 Enable MPLS L2VPN on PEs and ASBR-PEs.
Page 562 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN [PE2] vsi v1 auto [PE2-vsi-v1] pwsignal bgp [PE2-vsi-v1-bgp] route-distinguisher 200:2 [PE2-vsi-v1-bgp] vpn-target 1:1 import-extcommunity [PE2-vsi-v1-bgp] vpn-target 1:1 export-extcommunity [PE2-vsi-v1-bgp] site 2 range 5 default-offset 0 [PE2-vsi-v1-bgp] quit [PE2-vsi-v1] quit...
Page 563 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration <ASBR-PE1> display bgp vpls all BGP Local Router ID : 2.2.2.2, Local AS Number : 100 Status codes : * - active, > - best BGP.VPLS : 2 Label Blocks...
Page 564 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 10 interface GigabitEthernet2/0/0 port link-type trunk port trunk allow-pass vlan 10 interface LoopBack1 ip address 1.1.1.1 255.255.255.255 isis enable 1 bgp 100 peer 2.2.2.2 as-number 100...
Page 565 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration bgp 100 peer 1.1.1.1 as-number 100 peer 1.1.1.1 connect-interface LoopBack1 ipv4-family unicast undo synchronization peer 1.1.1.1 enable vpls-family policy vpn-target peer 1.1.1.1 enable return Configuration file of ASBR-PE2...
Page 566 Quidway S9300 Terabit Routing Switch 6 VPLS Configuration Configuration Guide - VPN return Configuration file of PE2 sysname PE2 vlan batch 40 50 mpls lsr-id 4.4.4.4 mpls mpls l2vpn vsi v1 auto pwsignal bgp route-distinguisher 200:2 vpn-target 1:1 import-extcommunity vpn-target 1:1 export-extcommunity...
Page 567 Quidway S9300 Terabit Routing Switch Configuration Guide - VPN 6 VPLS Configuration interface GigabitEthernet1/0/0 port link-type trunk port trunk allow-pass vlan 50 return Issue 03 (2009-08-20) Huawei Proprietary and Confidential 6-85 Copyright © Huawei Technologies Co., Ltd.

Huawei Quidway S9300 Configuration Manual

About this Document

1 VPN Tunnel Management

Figure 1-1 Networking Diagram of the VPN Tunnel Binding

Figure 1-2 Networking Diagram for Configuring the Tunnel Policy for the L3VPN

Figure 1-3 Networking Diagram for Configuring the L2VPN Tunnel Binding

2 GRE Configuration

Figure 2-1 Multiprotocol Local Network Communication over Single-Protocol Backbone Network

Figure 2-3 Connecting Discontinuous Subnets through a Tunnel

Figure 2-2 Enlarging the Operating Range on the Network

3 BGP/MPLS IP VPN Configuration

Figure 3-1 BGP/MPLS IP VPN Model

Figure 3-2 Networking of Sham Link

4 VLL Configuration

Figure 4-2 VLL Label Processing

Figure 4-1 VLL Model

Figure 4-13 Networking Diagram for Configuring Kompella VLL FRR (Asymmetrically Connected Ces)

5 PWE3 Configuration

Figure 5-1 PWE3 Framework

Figure 5-2 Process of Setting up and Maintaining Single-Hop PWE3

Figure 5-16 Networking Diagram for Configuring Inter-AS PWE3-Option a

Quick Links

Related Manuals for Huawei Quidway S9300

Summary of Contents for Huawei Quidway S9300