问小白 wenxiaobai
资讯
历史
科技
环境与自然
成长
游戏
财经
文学与艺术
美食
健康
家居
文化
情感
汽车
三农
军事
旅行
运动
教育
生活
星座命理

本地跨VPN实例互访配置

创作时间:
作者:
@小白创作中心

本地跨VPN实例互访配置

引用
CSDN
1.
https://blog.csdn.net/weixin_43113691/article/details/137188845

本文介绍了一种在华为交换机上实现本地跨VPN实例互访的配置方法。通过在交换机上配置VLAN、VPN实例和静态路由,可以实现不同VPN实例之间的通信。

组网

配置思路

SW1 G0/0/1口与SW3 G0/0/1口互联,使用vlan10作为互联vlan;G0/0/2口连接PC1,IP地址配置为192.168.10.1/24。

SW2 G0/0/1口与SW3 G0/0/1口互联,使用vlan20作为互联vlan;G0/0/2口连接PC2,IP地址配置为192.168.20.1/24。

SW3 G0/0/1口与SW1 G0/0/1口互联,加入vlan10,并加入VPN实例vpna;G0/0/2口与SW2 G0/0/1口互联,加入vlan20,并加入VPN实例vpnb。使用静态路由使PC1与PC2能够跨VPN实例互通。

配置步骤

SW1配置

配置vlan

<Huawei>system-view
[SW1]sysname SW1
[SW1]vlan batch 10 30
[SW1]interface GigabitEthernet 0/0/1
[SW1-GigabitEthernet0/0/1]port link-type access
[SW1-GigabitEthernet0/0/1]port default vlan 10
[SW1-GigabitEthernet0/0/1]quit
[SW1]interface GigabitEthernet 0/0/2
[SW1-GigabitEthernet0/0/2]port link-type access
[SW1-GigabitEthernet0/0/2]port default vlan 30
[SW1-GigabitEthernet0/0/1]quit

配置接口IP地址

[SW1]interface Vlanif 10
[SW1-Vlanif10]ip address 10.1.1.2 30
[SW1-Vlanif10]quit
[SW1]interface Vlanif 30
[SW1-Vlanif30]ip address 192.168.10.254 24

配置静态路由

[SW1]ip route-static 20.1.1.0 255.255.255.252 10.1.1.1
[SW1]ip route-static 192.168.20.0 255.255.255.0 20.1.1.1

SW2配置

配置vlan和接口IP地址

<Huawei>system-view
[SW2]sysname SW2
[SW2]vlan batch 20 30
[SW2]interface GigabitEthernet 0/0/1
[SW2-GigabitEthernet0/0/1]port link-type access
[SW2-GigabitEthernet0/0/1]port default vlan 20
[SW1-GigabitEthernet0/0/1]quit
[SW2]interface GigabitEthernet 0/0/2
[SW2-GigabitEthernet0/0/2]port link-type access
[SW2-GigabitEthernet0/0/2]port default vlan 30
[SW2-GigabitEthernet0/0/1]quit

配置接口IP地址

[SW2]interface Vlanif 20
[SW2-Vlanif20]ip address 20.1.1.2 30
[SW2-Vlanif20]quit
[SW2]interface Vlanif 30
[SW2-Vlanif30]ip address 192.168.20.254 24

配置静态路由

[SW1]ip route-static 10.1.1.0 255.255.255.252 20.1.1.1
[SW1]ip route-static 192.168.10.0 255.255.255.0 10.1.1.1

SW3配置

配置vlan

<Huawei>system-view
[SW3]sysname SW3
[SW3]vlan batch 10 20
[SW3]interface GigabitEthernet 0/0/1
[SW3-GigabitEthernet0/0/1]port link-type access
[SW3-GigabitEthernet0/0/1]port default vlan 10
[SW3-GigabitEthernet0/0/1]quit
[SW3]interface GigabitEthernet 0/0/2
[SW3-GigabitEthernet0/0/2]port link-type access
[SW3-GigabitEthernet0/0/2]port default vlan 20
[SW3-GigabitEthernet0/0/2]quit

配置VPN实例

[SW3]ip vpn-instance vpna
[SW3-vpn-instance-vpna]ipv4-family
[SW3-vpn-instance-vpna-af-ipv4]route-distinguisher 100:1
[SW3-vpn-instance-vpna-af-ipv4]vpn-target 111:1 both
[SW3-vpn-instance-vpna-af-ipv4]quit
[SW3-vpn-instance-vpna]quit
[SW3]ip vpn-instance vpnb
[SW3-vpn-instance-vpnb]ipv4-family
[SW3-vpn-instance-vpnb-af-ipv4]route-distinguisher 200:1
[SW3-vpn-instance-vpnb-af-ipv4]vpn-target 111:1 both
[SW3-vpn-instance-vpnb-af-ipv4]quit
[SW3-vpn-instance-vpnb]quit

接口绑定VPN实例并配置IP地址

[SW3]interface Vlanif 10
[SW3-Vlanif10]ip binding vpn-instance vpna
[SW3-Vlanif10]ip address 10.1.1.1 30
[SW3-Vlanif10]quit
[SW3]interface Vlanif 20
[SW3-Vlanif20]ip binding vpn-instance vpnb
[SW3-Vlanif20]ip address 20.1.1.1 30
[SW3-Vlanif20]quit

配置静态路由

[SW3]ip route-static vpn-instance vpna 20.1.1.0 255.255.255.252 vpn-instance vpnb 20.1.1.2
[SW3]ip route-static vpn-instance vpna 192.168.20.0 255.255.255.0 vpn-instance vpnb 20.1.1.2
[SW3]ip route-static vpn-instance vpnb 10.1.1.0 255.255.255.252 vpn-instance vpna 10.1.1.2
[SW3]ip route-static vpn-instance vpnb 192.168.10.0 255.255.255.0 vpn-instance vpna 10.1.1.2
[SW3]ip route-static vpn-instance vpna 192.168.10.0 255.255.255.0 10.1.1.2
[SW3]ip route-static vpn-instance vpnb 192.168.20.0 255.255.255.0 20.1.1.2

PC机配置

PC1

PC2

配置验证

查看SW1路由表

[SW1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 8        Routes : 8
Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface
       10.1.1.0/30  Direct  0    0           D   10.1.1.2        Vlanif10
       10.1.1.2/32  Direct  0    0           D   127.0.0.1       Vlanif10
       20.1.1.0/30  Static  60   0          RD   10.1.1.1        Vlanif10
      127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
   192.168.10.0/24  Direct  0    0           D   192.168.10.254  Vlanif30
 192.168.10.254/32  Direct  0    0           D   127.0.0.1       Vlanif30
   192.168.20.0/24  Static  60   0          RD   10.1.1.1        Vlanif10

查看SW2路由表

[SW2]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
         Destinations : 8        Routes : 8
Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface
       10.1.1.0/30  Static  60   0          RD   20.1.1.1        Vlanif20
       20.1.1.0/30  Direct  0    0           D   20.1.1.2        Vlanif20
       20.1.1.2/32  Direct  0    0           D   127.0.0.1       Vlanif20
      127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0
      127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
   192.168.10.0/24  Static  60   0          RD   20.1.1.1        Vlanif20
   192.168.20.0/24  Direct  0    0           D   192.168.20.254  Vlanif30
 192.168.20.254/32  Direct  0    0           D   127.0.0.1       Vlanif30

查看SW3路由表

[SW3]display ip routing-table vpn-instance vpna
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: vpna
         Destinations : 5        Routes : 5
Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface
       10.1.1.0/30  Direct  0    0           D   10.1.1.1        Vlanif10
       10.1.1.1/32  Direct  0    0           D   127.0.0.1       Vlanif10
       20.1.1.0/30  Static  60   0          RD   20.1.1.2        Vlanif20
   192.168.10.0/24  Static  60   0          RD   10.1.1.2        Vlanif10
   192.168.20.0/24  Static  60   0          RD   20.1.1.2        Vlanif20
[SW3]display ip routing-table vpn-instance vpnb
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: vpnb
         Destinations : 5        Routes : 5
Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface
       10.1.1.0/30  Static  60   0          RD   10.1.1.2        Vlanif10
       20.1.1.0/30  Direct  0    0           D   20.1.1.1        Vlanif20
       20.1.1.1/32  Direct  0    0           D   127.0.0.1       Vlanif20
   192.168.10.0/24  Static  60   0          RD   10.1.1.2        Vlanif10
   192.168.20.0/24  Static  60   0          RD   20.1.1.2        Vlanif20

PC1 ping PC2

PC2 ping PC1

热门推荐
© 2023 北京元石科技有限公司 ◎ 京公网安备 11010802042949号