MSR系列路由器
MPLS L3VPN HubSpoke配置
关键词:MSR;MPLS;BGP;L3VPN;HubSpoke
一、组网需求:
SPOKEA和SPOKEB是vpna的2个分布站点接入PE,总部站点用CE表示,CE的接入PE是Hub,要求SPOKEA和SPOKEB之间的VPN流量都需要从总部站点转发。
设备清单:MSR系列路由器4台
二、组网图:
三、配置步骤:
SpokeA配置
#
router id
#
ip vpn-instance
vpna
route-distinguisher 2:1
vpn-target 2:1 export-extcommunity //配置vpna的出团体属性
vpn-target 1:1 import-extcommunity //配置vpna的入团体属性
#
mpls lsr-id
#
mpls
ttl propagate vpn //使能vpn的ttl复制,用于tracert
#
mpls ldp
#
interface Ethernet0/0
port link-mode route
ip address
mpls
mpls ldp
#
interface
Ethernet0/1
port link-mode route
ip binding
vpn-instance vpna //绑定vpn实例vpna
ip address 172.32.0.1
255.255.255.0
#
interface
LoopBack0
ip address
#
bgp 1
undo synchronization
peer
peer
#
ipv4-family vpnv4
peer
#
ipv4-family vpn-instance
vpna
import-route direct
#
ospf 1
are
network
network
#
SpokeB配置
#
router id
#
ip vpn-instance
vpna
route-distinguisher 3:1
vpn-target 3:1 export-extcommunity //配置vpna的出团体属性
vpn-target 1:1 import-extcommunity //配置vpna的入团体属性
#
mpls lsr-id
#
mpls
ttl propagate vpn //使能vpn的ttl复制,用于tracert
#
mpls ldp
#
interface
Ethernet0/0
port link-mode route
ip address
mpls
mpls ldp
#
interface
Ethernet0/1
port link-mode route
ip binding
vpn-instance vpna //绑定vpn实例vpna
ip address 172.32.1.1
255.255.255.0
#
interface LoopBack0
ip address
#
bgp 1
undo synchronization
peer
peer
#
ipv4-family vpnv4
peer
#
ipv4-family vpn-instance
vpna
network 172.32.1.0 255.255.255.0
#
ospf 1 //OSPF保证全网互通
are
network
network
#
Hub配置
#
router id
#
ip vpn-instance
vpnin
route-distinguisher 1:2
vpn-target 2:1 3:1 import-extcommunity //入团体属性
#
ip vpn-instance
vpnout
route-distinguisher 1:1
vpn-target 1:1 export-extcommunity //出团体属性
#
mpls lsr-id
#
mpls
ttl propagate vpn //使能vpn的ttl复制,用于tracert
#
mpls ldp
#
interface
Ethernet0/0
port link-mode route
ip address
mpls
mpls ldp
#
interface
Ethernet0/1
port link-mode route
ip binding
vpn-instance vpnout //绑定vpn实例vpnout
ip address 192.168.1.1
255.255.255.0
#
interface
Ethernet1/0
port link-mode route
ip binding
vpn-instance vpnin //绑定vpn实例vpnin
ip address 192.168.0.1 255.255.255.0
#
interface LoopBack0
ip address
#
bgp 1
undo synchronization
group 1 internal
peer 1 connect-interface LoopBack0
peer
peer
#
ipv4-family vpnv4
peer 1 enable
peer
peer
peer
peer
#
ipv4-family vpn-instance
vpnin //vpnin的路由和peer配置
peer 192.168.0.2
as-number 2 //与CEA建立EBGP连接
#
ipv4-family vpn-instance
vpnout //vpnout的路由和peer配置
peer 192.168.1.2
as-number 2 //与CEA建立EBGP连接
network 192.168.1.0
peer 192.168.1.2
allow-as-loop //必配,使能接受路由环路
#
ospf 1
are
network
network
#
CE配置
#
interface Ethernet0/1
port link-mode route
ip address 192.168.1.2
255.255.255.0
#
interface
Ethernet1/0
port link-mode route
ip address 192.168.0.2 255.255.255.0
#
bgp 2
network 192.168.0.0
undo synchronization
peer 192.168.1.1 as-number 1
peer 192.168.0.1 as-number 1
group 1 external
peer 192.168.1.1 group 1
peer 192.168.0.1 group 1
#
四、配置关键点:
1. 掌握VPN路由的流向;
2. 注意Spoke上vpn-target的配置;
3. Hub上配置2个vpn实例及其vpn-target配置;
4. Hub的BGP配置,需要与CE建立2条EBGP连接,都配置在vpn实例视图下;
5. Hub上vpnout实例要配置接受环路路由。
五、实验分析