PWE3配置管理--纯动态PW多跳配置
某运营商MPLS网络要为用户提供L2VPN服务,S-PE设备性能较强 U-PE1和U-PE2作为用户接入设备,但它们之间无法直接建立LDP远端会话,接入用户数量较多且经常变化。现希望采用一种适当的VPN方案,能为用户提供安全可靠的VPN服务,需要在接入新用户时配置简单,且维护简洁、方便。拓扑图如上所示;
配置方案:
1、配置各节点接口(包括LOOP接口、但不包括AC接口),在骨干网络节点上配置ospf协议实现三层互通。
2、在个节点上配置MPLS,建立LDP LSP隧道,并配置远端的LDP 会话、MPLS LDP远端对等体;
3、在U-PE上创建PW模板、控制字段、LSP Ping功能。
4、在U-PE分别创建到S-PE的动态PWE3 PW 连接,并在S-PE上创建纯动态的交换PW。
配置代码:
#
sysname U-PE1
#
mpls lsr-id 1.1.1.1
mpls
#
mpls l2vpn
#
pw-template pwt
peer-address 3.3.3.3
control-word
#
mpls ldp
#
#
mpls ldp remote-peer 3.3.3.3 //创建与S-PE之间的远端LDP会话
remote-ip 3.3.3.3 //指定远端LDP对等体为S-PE
#
interface GigabitEthernet0/0/1
mpls l2vc pw-template pwt 100
#
interface GigabitEthernet0/0/2
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
#
sysname P1
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/1
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/2
ip address 15.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255
network 15.1.1.0 0.0.0.255
#
sysname S-PE
#
mpls lsr-id 3.3.3.3
mpls
#
mpls l2vpn
#
mpls switch-l2vc 5.5.5.5 200 between 1.1.1.1 100 encapsulation ethernet
# //创建纯动态交换PW
mpls ldp
#
#
mpls ldp remote-peer 1.1.1.1
remote-ip 1.1.1.1
#
mpls ldp remote-peer 5.5.5.5
remote-ip 5.5.5.5
#
interface GigabitEthernet0/0/1
ip address 15.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/2
ip address 20.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 15.1.1.0 0.0.0.255
network 20.1.1.0 0.0.0.255
#
sysname P2
#
mpls lsr-id 4.4.4.4
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/1
ip address 20.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/2
ip address 25.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 20.1.1.0 0.0.0.255
network 25.1.1.0 0.0.0.255
#
sysname U-PE2
#
mpls lsr-id 5.5.5.5
mpls
#
mpls l2vpn
#
pw-template pwt //创建PW模板
peer-address 3.3.3.3
control-word
#
mpls ldp
#
#
mpls ldp remote-peer 3.3.3.3
remote-ip 3.3.3.3
#
interface GigabitEthernet0/0/1
ip address 25.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/2
mpls l2vc pw-template pwt 200
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
#
ospf 1
area 0.0.0.0
network 5.5.5.5 0.0.0.0
network 25.1.1.0 0.0.0.255
#
sysname CE1
#
interface GigabitEthernet0/0/1
ip address 110.1.1.2 255.255.255.0
#
sysname CE2
#
interface GigabitEthernet0/0/1
ip address 110.1.1.2 255.255.255.0
配置验证
1、
*client interface : GigabitEthernet0/0/1 is up
Administrator PW : no
session state : up
AC status : up
VC state : up
Label state : 0
Token state : 0
VC ID : 100
VC type : Ethernet
destination : 3.3.3.3
local group ID : 0 remote group ID : 0
local VC label : 1024 remote VC label : 1026
local AC OAM State : up
local PSN OAM State : up
local forwarding state : forwarding
local status code : 0x0
remote AC OAM state : up
remote PSN OAM state : up
remote forwarding state: forwarding
remote status code : 0x0
ignore standby state : no
BFD for PW : unavailable
VCCV State : up
……………………………………
可以看到加粗字体部分 VC state 为UP 说明 L2VPN 已连接成功。
2、
Total Switch VC : 1, 1 up, 0 down
*Switch-l2vc type : LDP<---->LDP
Peer IP Address : 5.5.5.5, 1.1.1.1
VC ID : 200, 100
VC Type : Ethernet
VC State : up
VC StatusCode |PSN |OAM | FW | |PSN |OAM | FW |
-Local VC :| UP | UP | UP | | UP | UP | UP |
-Remote VC:| UP | UP | UP | | UP | UP | UP |
Session State : up, up
Local/Remote Label : 1027/1028, 1026/1024
InLabel Status : 0 , 0
Local/Remote MTU : 1500/1500, 1500/1500
Local/Remote Control Word : Enable/Enable, Enable/Enable
Local/Remote VCCV Capability : cw alert ttl lsp-ping bfd /cw alert ttl lsp-ping
bfd , cw alert ttl lsp-ping bfd /cw alert ttl lsp-ping bfd
Switch-l2vc tunnel info :
1 tunnels for peer 5.5.5.5
NO.0 TNL Type : lsp , TNL ID : 0xb
1 tunnels for peer 1.1.1.1
NO.0 TNL Type : lsp , TNL ID : 0x1
CKey : 4, 2
NKey : 3, 1
Tunnel policy : --, --
Control-Word transparent : NO
Create time : 0 days, 6 hours, 34 minutes, 20 seconds
UP time : 0 days, 0 hours, 47 minutes, 29 seconds
Last change time : 0 days, 0 hours, 47 minutes, 29 seconds
VC last up time : 2023/07/21 16:38:45
VC total up time : 0 days, 12 hours, 5 minutes, 7 seconds
查看创建的交换PW状态 正常
3、
Reply from 5.5.5.5: bytes=100 Sequence=1 time=140 ms
Reply from 5.5.5.5: bytes=100 Sequence=2 time=90 ms
Reply from 5.5.5.5: bytes=100 Sequence=3 time=110 ms
Reply from 5.5.5.5: bytes=100 Sequence=4 time=110 ms
Reply from 5.5.5.5: bytes=100 Sequence=5 time=120 ms
--- FEC: FEC 128 PSEUDOWIRE (NEW). Type = ethernet, ID = 100 ping statistics -
--
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 90/114/140 ms
执行ping vc 命令后可看PW连接性的正常。此时CE1与CE2之间也可以相互Ping 通了。
本文来自互联网用户投稿,文章观点仅代表作者本人,不代表本站立场,不承担相关法律责任。如若转载,请注明出处。 如若内容造成侵权/违法违规/事实不符,请点击【内容举报】进行投诉反馈!