1、实验拓扑图
2、实验目的
通过IGP,实现分公司1、分公司2通过总公司,进行路由交换
3、实验配置
spoke pe1
<pe1>display current-configuration
[V200R003C00]
#
sysname pe1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
ip vpn-instance VPNA
ipv4-family
route-distinguisher 1:1
vpn-target 1:4 export-extcommunity
vpn-target 4:1 import-extcommunity
#
mpls lsr-id 1.1.1.1
mpls
#
mpls ldp
#
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip binding vpn-instance VPNA
ip address 40.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
bgp 65001
router-id 1.1.1.1
peer 4.4.4.4 as-number 65001
peer 4.4.4.4 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 4.4.4.4 enable
#
ipv4-family vpnv4
policy vpn-target
peer 4.4.4.4 enable
#
ipv4-family vpn-instance VPNA
import-route ospf 100
#
ospf 100 vpn-instance VPNA
import-route bgp type 1
area 0.0.0.0
network 40.1.1.0 0.0.0.255
#
ospf 200 router-id 1.1.1.1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<pe1>
spoke pe2
<pe2>display current-configuration
[V200R003C00]
#
sysname pe2
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
ip vpn-instance VPNB
ipv4-family
route-distinguisher 2:4
vpn-target 2:4 export-extcommunity
vpn-target 4:2 import-extcommunity
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
#
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip binding vpn-instance VPNB
ip address 50.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 20.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
bgp 65001
router-id 2.2.2.2
peer 4.4.4.4 as-number 65001
peer 4.4.4.4 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 4.4.4.4 enable
#
ipv4-family vpnv4
policy vpn-target
peer 4.4.4.4 enable
#
ipv4-family vpn-instance VPNB
import-route ospf 100
#
ospf 100 vpn-instance VPNB
import-route bgp type 1
area 0.0.0.0
network 50.1.1.0 0.0.0.255
#
ospf 200 router-id 2.2.2.2
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 20.1.1.0 0.0.0.255
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<pe2>
hub-pe:
<pe>display current-configuration
[V200R003C00]
#
sysname pe
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
ip vpn-instance VPNIN
ipv4-family
route-distinguisher 4:6
vpn-target 1:4 2:4 import-extcommunity
ipv6-family
route-distinguisher 4:6
#
ip vpn-instance VPNOUT
ipv4-family
route-distinguisher 4:7
vpn-target 4:1 4:2 export-extcommunity
#
mpls lsr-id 4.4.4.4
mpls
#
mpls ldp
#
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip binding vpn-instance VPNIN
ip address 60.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip binding vpn-instance VPNOUT
ip address 70.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 30.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface NULL0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
bgp 65001
router-id 4.4.4.4
peer 1.1.1.1 as-number 65001
peer 1.1.1.1 connect-interface LoopBack0
peer 2.2.2.2 as-number 65001
peer 2.2.2.2 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 1.1.1.1 reflect-client
peer 2.2.2.2 enable
peer 2.2.2.2 reflect-client
#
ipv6-family unicast
undo synchronization
#
ipv4-family vpnv4
policy vpn-target
peer 1.1.1.1 enable
peer 2.2.2.2 enable
#
ipv4-family vpn-instance VPNIN
import-route ospf 100
#
ipv4-family vpn-instance VPNOUT
import-route ospf 1000
#
ospf 100 vpn-instance VPNIN
import-route bgp type 1
area 0.0.0.0
network 60.1.1.0 0.0.0.255
#
ospf 200 router-id 4.4.4.4
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 30.1.1.0 0.0.0.255
#
ospf 1000 vpn-instance VPNOUT
import-route bgp type 1
area 0.0.0.0
network 70.1.1.0 0.0.0.255
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<pe>
hub-ce
<ce>display current-configuration
[V200R003C00]
#
sysname ce
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 60.1.1.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 70.1.1.2 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
ospf 100 router-id 7.7.7.7
import-route ospf 1000 type 1
area 0.0.0.0
network 60.1.1.0 0.0.0.255
#
ospf 1000 router-id 8.8.8.8
import-route ospf 100 type 1
area 0.0.0.0
network 70.1.1.0 0.0.0.255
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<ce>