1、实验拓扑图

HUB&SPOKE(IGP+IGP)_ci

2、实验目的

通过IGP,实现分公司1、分公司2通过总公司,进行路由交换

3、实验配置

spoke pe1

<pe1>display current-configuration  

[V200R003C00]

#

sysname pe1

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent  

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

ip vpn-instance VPNA

ipv4-family

 route-distinguisher 1:1

 vpn-target 1:4 export-extcommunity

 vpn-target 4:1 import-extcommunity

#

mpls lsr-id 1.1.1.1

mpls

#

mpls ldp

#

#

aaa  

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default  

domain default_admin  

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip binding vpn-instance VPNA

ip address 40.1.1.1 255.255.255.0  

#

interface GigabitEthernet0/0/1

ip address 10.1.1.1 255.255.255.0  

mpls

mpls ldp

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

interface LoopBack0

ip address 1.1.1.1 255.255.255.255  

#

bgp 65001

router-id 1.1.1.1

peer 4.4.4.4 as-number 65001  

peer 4.4.4.4 connect-interface LoopBack0

#

ipv4-family unicast

 undo synchronization

 peer 4.4.4.4 enable

#  

ipv4-family vpnv4

 policy vpn-target

 peer 4.4.4.4 enable

#

ipv4-family vpn-instance VPNA  

 import-route ospf 100

#

ospf 100 vpn-instance VPNA

import-route bgp type 1

area 0.0.0.0  

 network 40.1.1.0 0.0.0.255  

#

ospf 200 router-id 1.1.1.1  

area 0.0.0.0  

 network 1.1.1.1 0.0.0.0  

 network 10.1.1.0 0.0.0.255  

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

<pe1>

spoke pe2

<pe2>display current-configuration  

[V200R003C00]

#

sysname pe2

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent  

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

ip vpn-instance VPNB

ipv4-family

 route-distinguisher 2:4

 vpn-target 2:4 export-extcommunity

 vpn-target 4:2 import-extcommunity

#

mpls lsr-id 2.2.2.2

mpls

#

mpls ldp

#

#

aaa  

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default  

domain default_admin  

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip binding vpn-instance VPNB

ip address 50.1.1.1 255.255.255.0  

#

interface GigabitEthernet0/0/1

ip address 20.1.1.1 255.255.255.0  

mpls

mpls ldp

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

interface LoopBack0

ip address 2.2.2.2 255.255.255.255  

#

bgp 65001

router-id 2.2.2.2

peer 4.4.4.4 as-number 65001  

peer 4.4.4.4 connect-interface LoopBack0

#

ipv4-family unicast

 undo synchronization

 peer 4.4.4.4 enable

#  

ipv4-family vpnv4

 policy vpn-target

 peer 4.4.4.4 enable

#

ipv4-family vpn-instance VPNB  

 import-route ospf 100

#

ospf 100 vpn-instance VPNB

import-route bgp type 1

area 0.0.0.0  

 network 50.1.1.0 0.0.0.255  

#

ospf 200 router-id 2.2.2.2  

area 0.0.0.0  

 network 2.2.2.2 0.0.0.0  

 network 20.1.1.0 0.0.0.255  

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

<pe2>

hub-pe:

<pe>display current-configuration  

[V200R003C00]

#

sysname pe

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent  

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

ip vpn-instance VPNIN

ipv4-family

 route-distinguisher 4:6

 vpn-target 1:4 2:4 import-extcommunity

ipv6-family

 route-distinguisher 4:6

#

ip vpn-instance VPNOUT

ipv4-family

 route-distinguisher 4:7

 vpn-target 4:1 4:2 export-extcommunity

#

mpls lsr-id 4.4.4.4

mpls

#

mpls ldp

#

#

aaa  

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default  

domain default_admin  

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip binding vpn-instance VPNIN

ip address 60.1.1.1 255.255.255.0  

#

interface GigabitEthernet0/0/1

ip binding vpn-instance VPNOUT

ip address 70.1.1.1 255.255.255.0  

#

interface GigabitEthernet0/0/2

ip address 30.1.1.2 255.255.255.0  

mpls

mpls ldp

#

interface NULL0

#

interface LoopBack0

ip address 4.4.4.4 255.255.255.255  

#

bgp 65001

router-id 4.4.4.4

peer 1.1.1.1 as-number 65001  

peer 1.1.1.1 connect-interface LoopBack0

peer 2.2.2.2 as-number 65001  

peer 2.2.2.2 connect-interface LoopBack0

#

ipv4-family unicast

 undo synchronization

 peer 1.1.1.1 enable

 peer 1.1.1.1 reflect-client

 peer 2.2.2.2 enable

 peer 2.2.2.2 reflect-client

#

ipv6-family unicast

 undo synchronization

#  

ipv4-family vpnv4

 policy vpn-target

 peer 1.1.1.1 enable

 peer 2.2.2.2 enable

#

ipv4-family vpn-instance VPNIN  

 import-route ospf 100

#

ipv4-family vpn-instance VPNOUT  

 import-route ospf 1000

#

ospf 100 vpn-instance VPNIN

import-route bgp type 1

area 0.0.0.0  

 network 60.1.1.0 0.0.0.255  

#

ospf 200 router-id 4.4.4.4  

area 0.0.0.0  

 network 4.4.4.4 0.0.0.0  

 network 30.1.1.0 0.0.0.255  

#

ospf 1000 vpn-instance VPNOUT

import-route bgp type 1

area 0.0.0.0  

 network 70.1.1.0 0.0.0.255  

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

<pe>

hub-ce

<ce>display current-configuration  

[V200R003C00]

#

sysname ce

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent  

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

aaa  

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default  

domain default_admin  

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 60.1.1.2 255.255.255.0  

#

interface GigabitEthernet0/0/1

ip address 70.1.1.2 255.255.255.0  

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

ospf 100 router-id 7.7.7.7  

import-route ospf 1000 type 1

area 0.0.0.0  

 network 60.1.1.0 0.0.0.255  

#

ospf 1000 router-id 8.8.8.8  

import-route ospf 100 type 1

area 0.0.0.0  

 network 70.1.1.0 0.0.0.255  

#

user-interface con 0

authentication-mode password

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

<ce>

4、实验结果

HUB&SPOKE(IGP+IGP)_ci_02