全网最详MPLS VPN(Option A跨域)实验详解(华为ENSP)
创作时间:
作者:
@小白创作中心
全网最详MPLS VPN(Option A跨域)实验详解(华为ENSP)
引用
CSDN
1.
https://m.blog.csdn.net/myrouya/article/details/144739651
一、实验拓扑
本实验使用华为ENSP设备,主要涉及MPLS VPN(Option A跨域)的配置。实验拓扑图展示了各设备的连接关系。
二、实验要求
- 在AS 200内部,使用OSPF 10建立邻居关系,并使用BGP协议建立公网连接。IBGP邻居使用环回接口地址,格式为X.X.X.X/32;EBGP邻居使用物理接口建立。
- 使用MPLS VPN实现两端私网的互通,仅传递以192开头的业务网段。
三、实验思路
- 蓝色部分表示OSPF 11区域
- 红色部分表示OSPF 10和BGP 100/200区域
- 黄色部分表示两个MPLS VPN实例(由于涉及两个AS,需要使用两个VPN实例)
四、实验步骤
AR1配置
interface Mp-group0/0/0
ip address 10.0.0.1 255.255.255.0
nat outbound 2000
interface Serial3/0/0
link-protocol ppp
ppp mp Mp-group 0/0/0
interface Serial3/0/1
link-protocol ppp
ppp mp Mp-group 0/0/0
ospf 1 router-id 1.1.1.1
default-route-advertise
area 0.0.0.0
network 172.16.0.18 0.0.0.0
network 172.16.0.22 0.0.0.0
network 172.16.0.26 0.0.0.0
ospf 11
area 0.0.0.0
network 0.0.0.0 255.255.255.255
network 10.0.0.1 0.0.0.0
AR2配置
ospf 10
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.0.1.2 0.0.0.0
network 100.100.100.100 0.0.0.0
ospf 11 router-id 2.2.2.2 vpn-instance a
import-route bgp
area 0.0.0.0
network 10.0.0.2 0.0.0.0
bgp 100
peer 11.11.11.11 as-number 100
peer 11.11.11.11 connect-interface LoopBack1
ipv4-family unicast
undo synchronization
peer 11.11.11.11 enable
ipv4-family vpnv4
policy vpn-target
peer 11.11.11.11 enable
ipv4-family vpn-instance a
import-route ospf 11
ip vpn-instance a
ipv4-family
route-distinguisher 100:1
vpn-target 100:1 export-extcommunity
vpn-target 100:1 import-extcommunity
interface Mp-group0/0/0
ip binding vpn-instance a
ip address 10.0.0.2 255.255.255.0
interface Serial3/0/0
link-protocol ppp
ppp mp Mp-group 0/0/0
interface Serial3/0/1
link-protocol ppp
ppp mp Mp-group 0/0/0
mpls lsr-id 2.2.2.2
mpls
mpls ldp
interface GigabitEthernet0/0/0
ip address 10.0.1.2 255.255.255.0
mpls
mpls ldp
AR11配置
ip vpn-instance a
ipv4-family
route-distinguisher 100:1
vpn-target 100:1 export-extcommunity
vpn-target 100:1 import-extcommunity
mpls lsr-id 11.11.11.11
mpls
mpls ldp
interface GigabitEthernet0/0/0
ip address 10.0.1.11 255.255.255.0
mpls
mpls ldp
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack1
peer 10.0.3.12 as-number 200
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 2.2.2.2 next-hop-local
peer 10.0.3.12 enable
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable
ipv4-family vpn-instance a
peer 10.0.3.12 as-number 200
ospf 10
area 0.0.0.0
network 10.0.1.11 0.0.0.0
network 11.11.11.11 0.0.0.0
interface GigabitEthernet0/0/1
ip binding vpn-instance a
ip address 10.0.3.11 255.255.255.0
AR12配置
ip vpn-instance a
ipv4-family
route-distinguisher 200:1
vpn-target 200:1 export-extcommunity
vpn-target 200:1 import-extcommunity
mpls lsr-id 12.12.12.12
mpls
mpls ldp
interface GigabitEthernet0/0/1
ip address 10.0.4.12 255.255.255.0
mpls
mpls ldp
bgp 200
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack1
peer 10.0.3.11 as-number 100
ipv4-family unicast
undo synchronization
peer 3.3.3.3 enable
peer 3.3.3.3 next-hop-local
peer 10.0.3.11 enable
ipv4-family vpnv4
policy vpn-target
peer 3.3.3.3 enable
ipv4-family vpn-instance a
peer 10.0.3.11 as-number 100
ospf 10
area 0.0.0.0
network 10.0.4.12 0.0.0.0
network 12.12.12.12 0.0.0.0
interface GigabitEthernet0/0/0
ip binding vpn-instance a
ip address 10.0.3.12 255.255.255.0
AR3配置
ospf 10
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.0.4.3 0.0.0.0
ospf 11 router-id 3.3.3.3 vpn-instance a
import-route bgp
area 0.0.0.0
network 10.0.2.3 0.0.0.0
bgp 200
peer 12.12.12.12 as-number 200
peer 12.12.12.12 connect-interface LoopBack0
ipv4-family unicast
undo synchronization
peer 12.12.12.12 enable
ipv4-family vpnv4
policy vpn-target
peer 12.12.12.12 enable
ipv4-family vpn-instance a
import-route ospf 11
ip vpn-instance a
ipv4-family
route-distinguisher 200:1
vpn-target 200:1 export-extcommunity
vpn-target 200:1 import-extcommunity
interface GigabitEthernet0/0/1
ip binding vpn-instance a
ip address 10.0.2.3 255.255.255.0
mpls lsr-id 3.3.3.3
mpls
mpls ldp
interface GigabitEthernet0/0/0
ip address 10.0.4.3 255.255.255.0
mpls
mpls ldp
AR4配置
ospf 11
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 10.0.2.4 0.0.0.0
五、实验结果验证
查看AR2设备的VPN路由表:
[a2]dis ip routing-table vpn-instance a
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: a
Destinations : 7 Routes : 7
Destination/Mask Proto Pre Cost Flags NextHop Interface
4.4.4.4/32 IBGP 255 0 RD 11.11.11.11 GigabitEthernet
0/0/0
10.0.0.0/24 Direct 0 0 D 10.0.0.2 Mp-group0/0/0
10.0.0.1/32 Direct 0 0 D 10.0.0.1 Mp-group0/0/0
10.0.0.2/32 Direct 0 0 D 127.0.0.1 Mp-group0/0/0
10.0.0.255/32 Direct 0 0 D 127.0.0.1 Mp-group0/0/0
10.0.2.0/24 IBGP 255 0 RD 11.11.11.11 GigabitEthernet
0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[a2]
验证PC1到AR4上行接口的连通性:
PC1 ping AR4的上行接口
结果显示连通性正常,说明MPLS VPN配置成功。
热门推荐
天净沙·秋思:马致远笔下的游子悲歌
白朴《天净沙·秋》:从萧瑟到生机的意境之美
白朴《天净沙·秋》的绝美秋景
阑尾炎术后康复食谱全攻略
波比的游戏时间第三章:6步教你成功逃脱密室
禅意庭院设计的风水秘诀
卵磷脂和DHA:老年人记忆力提升的双重守护
夏季失眠困扰?天麻牛肉煲土豆汤助你安然入睡
褪黑素助眠食物大揭秘!
企业委托书写作指南:5大要素确保规范,3要点防范风险
家居环境整洁,真的能治愈心情?
密支那战役:中国驻印军的英勇壮举与战略转折
合肥地铁支付宝同行票上线,一部手机支持三人乘车
外卖平台信息泄露频发,如何守护用户隐私?
抓住尾巴!漓江最美冬景不容错过
告别排队购票,深圳地铁乘车码覆盖六成乘客
从《我的野蛮女友》到《北极星》,全智贤的演艺生涯
北京地铁新政策:早7点前5折,月票最低2.5折
红霉素眼膏:皮肤感染的救星?答案令人惊讶
“之乎者也”:从古代虚词到现代网络梗的跨界之旅
创新运用“之乎者也”,《甄嬛传》打造独特“嬛嬛体”
《天净沙·秋思》:一首跨越时空的孤独之歌
《天净沙·秋思》:一首28字的思乡绝唱
马致远《天净沙·秋思》:二十八字勾勒出的游子悲歌
委托书撰写指南:六大要素确保法律效力,附权威模板
高考改革下,中学生如何减压?班主任的十种心理学方法
三文鱼助眠,真的靠谱吗?
睡前吃根香蕉,一夜好梦到天明
深圳风水大师黄天雄详解2025年家居风水布局
现代城市规划里的风水智慧