1. 配置IP地址
[UPE-LoopBack0]ip add 1.1.1.1 32
[UPE-GigabitEthernet0/0/0]ip add 20.1.1.1 24
[UPE-GigabitEthernet0/0/1]ip add 10.1.1.1 24
[SPE-LoopBack0]ip add 2.2.2.2 32
[SPE-GigabitEthernet0/0/0]ip add 20.1.1.2 24
[SPE-GigabitEthernet0/0/1]ip add 30.1.1.2 24
[PE]int LoopBack 0
[PE-LoopBack0]ip add 3.3.3.3 32
[PE-GigabitEthernet0/0/0]ip add 30.1.1.3 24
[PE-GigabitEthernet0/0/1]ip add 10.2.1.3 24
[CE1-GigabitEthernet0/0/0]ip add 10.1.1.4 24
[CE2-GigabitEthernet0/0/0]ip add 10.2.1.5 24
2. 在骨干网设备上配置OSPF,实现骨干网的IP连通性
[UPE]ospf 1
[UPE-ospf-1]area 0
[UPE-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[UPE-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.255
[SPE]ospf 1
[SPE-ospf-1]area 0
[SPE-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[SPE-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.255
[SPE-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.255
[PE]ospf 1
[PE-ospf-1]area 0
[PE-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[PE-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.255
3. 在骨干网上配置MPLS基本能力和MPLS LDP,建立LDP LSP
[UPE]mpls lsr-id 1.1.1.1
[UPE]mpls
[UPE]mpls ldp
[UPE-GigabitEthernet0/0/0]mpls
[UPE-GigabitEthernet0/0/0]mpls ldp
[SPE]mpls lsr-id 2.2.2.2
[SPE]mpls
[SPE]mpls ldp
[SPE-GigabitEthernet0/0/0]mpls
[SPE-GigabitEthernet0/0/0]mpls ldp
[SPE-GigabitEthernet0/0/1]mpls
[SPE-GigabitEthernet0/0/1]mpls ldp
[PE]mpls lsr-id 3.3.3.3
[PE]mpls
[PE]mpls ldp
[PE-GigabitEthernet0/0/0]mpls
[PE-GigabitEthernet0/0/0]mpls ldp
4. 配置UPE与SPE、PE与SPE的MP-IBGP对等体关系
[UPE]bgp 100
[UPE-bgp]peer 2.2.2.2 as-number 100
[UPE-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[UPE-bgp]ipv4-family vpnv4
[UPE-bgp-af-vpnv4]peer 2.2.2.2 enable
[SPE]bgp 100
[SPE-bgp]peer 1.1.1.1 as-number 100
[SPE-bgp]peer 1.1.1.1 connect-interface LoopBack 0
[SPE-bgp]peer 3.3.3.3 as-number 100
[SPE-bgp]peer 3.3.3.3 connect-interface LoopBack 0
[SPE-bgp]ipv4-family vpnv4
[SPE-bgp-af-vpnv4]peer 1.1.1.1 enable
[SPE-bgp-af-vpnv4]peer 3.3.3.3 enable
[PE]bgp 100
[PE-bgp]peer 2.2.2.2 as-number 100
[PE-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[PE-bgp]ipv4-family vpnv4
[PE-bgp-af-vpnv4]peer 2.2.2.2 enable
5. UPE和PE上创建VPN实例,并与CE间配置EBGP
[UPE]ip vpn-instance vpna
[UPE-vpn-instance-vpna]ipv4-family
[UPE-vpn-instance-vpna-af-ipv4]route-distinguisher 100:1
[UPE-vpn-instance-vpna-af-ipv4]vpn-target 1:1
[UPE-GigabitEthernet0/0/1]ip binding vpn-instance vpna
[UPE-GigabitEthernet0/0/1]ip add 10.1.1.1 24
[UPE]bgp 100
[UPE-bgp]ipv4-family vpn-instance vpna
[UPE-bgp-vpna]peer 10.1.1.4 as-number 65410
[UPE-bgp-vpna]import-route direct
[CE1]bgp 65410
[CE1-bgp]peer 10.1.1.1 as-number 100
[CE1-bgp]import-route direct
[PE]ip vpn-instance vpna
[PE-vpn-instance-vpna]ipv
[PE-vpn-instance-vpna]ipv4-family
[PE-vpn-instance-vpna-af-ipv4]route-distinguisher 100:2
[PE-vpn-instance-vpna-af-ipv4]vpn-target 1:1
[PE-GigabitEthernet0/0/1]ip binding vpn-instance vpna
[PE-GigabitEthernet0/0/1]ip add 10.2.1.3 24
[PE]bgp 100
[PE-bgp]ipv4-family vpn-instance vpna
[PE-bgp-vpna]peer 10.2.1.5 as-number 65420
[PE-bgp-vpna]import-route direct
[CE2]bgp 65420
[CE2-bgp]peer 10.2.1.3 as-number 100
[CE2-bgp]import-route direct
6. SPE上配置VPN实例,指定UPE,并向UPE发布VPN实例的缺省路由
[SPE]ip vpn-instance vpna
[SPE-vpn-instance-vpna]route-distinguisher 200:1
[SPE-vpn-instance-vpna-af-ipv4]vpn-target 1:1
[SPE]bgp 100
[SPE-bgp]ipv4-family vpnv4
[SPE-bgp-af-vpnv4]peer 1.1.1.1 upe //指定自己的UPE
[SPE-bgp-af-vpnv4]peer 1.1.1.1 default-originate vpn-instance vpna //向UPE发布VPN实例的缺省路由
7. 检查配置
CE1上没有到CE2接口网段的路由,但有一条下一跳为UPE的缺省路由;CE2上有到CE1接口网段的BGP路由,CE1和CE2可以相互Ping通
看
到有一条VPN实例vpna的缺省路由,下一跳为SPE