华为mpls vpn方案A配制案例

news/2024/7/5 9:01:42

在这里插入图片描述

每台路由的loopback 0口和设备名对应,如ar1:1.1.1.1
AR3和AR6上面不起bgp,只跑ospf和mpls

最终实现1.1.1.1通8.8.8.8

方案A的特点是asbr之间交互的是普通的ip报文 ,互相双方都认为自己对端是ce设备。
如果有多个vpn业务的话,asbr之间要用子接口了,要么多个物理接口,所以方案A只适用于少的vpn业务方案

配置命令:
R1和R8省略,它们是常规的bgp配置

R2:
router id 2.2.2.2

wlan ac-global carrier id other ac id 0

set cpu-usage threshold 80 restore 75

ip vpn-instance vpn
ipv4-family
route-distinguisher 100:1
vpn-target 100:1 export-extcommunity
vpn-target 100:1 import-extcommunity

mpls lsr-id 2.2.2.2
mpls

mpls ldp

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % K8m.Nt84DZ}e#<0`8bmE3Uw}% %
local-user admin service-type http

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip binding vpn-instance vpn
ip address 10.0.12.2 255.255.255.0

interface GigabitEthernet0/0/1
ip address 10.0.23.2 255.255.255.0
mpls
mpls ldp

interface GigabitEthernet0/0/2

interface NULL0

interface LoopBack0
ip address 2.2.2.2 255.255.255.255
ospf enable 1 area 0.0.0.0

bgp 100
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack0

ipv4-family unicast
undo synchronization
peer 4.4.4.4 enable

ipv4-family vpnv4
policy vpn-target
peer 4.4.4.4 enable

ipv4-family vpn-instance vpn
network 2.2.2.2 255.255.255.255
peer 10.0.12.1 as-number 65001

ospf 1
area 0.0.0.0
network 10.0.23.2 0.0.0.0

user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20

R3:
router id 3.3.3.3

wlan ac-global carrier id other ac id 0

set cpu-usage threshold 80 restore 75

mpls lsr-id 3.3.3.3
mpls

mpls ldp

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % K8m.Nt84DZ}e#<0`8bmE3Uw}% %
local-user admin service-type http

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip address 10.0.23.3 255.255.255.0
mpls
mpls ldp

interface GigabitEthernet0/0/1
ip address 10.0.34.3 255.255.255.0
mpls
mpls ldp

interface GigabitEthernet0/0/2

interface NULL0

interface LoopBack0
ip address 3.3.3.3 255.255.255.255
ospf enable 1 area 0.0.0.0

ospf 1
area 0.0.0.0
network 10.0.23.3 0.0.0.0
network 10.0.34.3 0.0.0.0

R4
router id 4.4.4.4

wlan ac-global carrier id other ac id 0

set cpu-usage threshold 80 restore 75

ip vpn-instance vpn
ipv4-family
route-distinguisher 100:1
vpn-target 100:1 export-extcommunity
vpn-target 100:1 import-extcommunity

mpls lsr-id 4.4.4.4
mpls

mpls ldp

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % K8m.Nt84DZ}e#<0`8bmE3Uw}% %
local-user admin service-type http

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip address 10.0.34.4 255.255.255.0
mpls
mpls ldp

interface GigabitEthernet0/0/1
ip binding vpn-instance vpn
ip address 10.0.45.4 255.255.255.0

interface GigabitEthernet0/0/2

interface NULL0

interface LoopBack0
ip address 4.4.4.4 255.255.255.255
ospf enable 1 area 0.0.0.0

bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0

ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable

ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable

ipv4-family vpn-instance vpn
peer 10.0.45.5 as-number 200

ospf 1
area 0.0.0.0
network 10.0.34.4 0.0.0.0

R5
router id 5.5.5.5

wlan ac-global carrier id other ac id 0

set cpu-usage threshold 80 restore 75

ip vpn-instance vpn
ipv4-family
route-distinguisher 100:1
vpn-target 100:1 export-extcommunity
vpn-target 100:1 import-extcommunity

mpls lsr-id 5.5.5.5
mpls

mpls ldp

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % K8m.Nt84DZ}e#<0`8bmE3Uw}% %
local-user admin service-type http

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip binding vpn-instance vpn
ip address 10.0.45.5 255.255.255.0

interface GigabitEthernet0/0/1
ip address 10.0.56.5 255.255.255.0
mpls
mpls ldp

interface GigabitEthernet0/0/2

interface NULL0

interface LoopBack0
ip address 5.5.5.5 255.255.255.255
ospf enable 1 area 0.0.0.0

bgp 200
peer 7.7.7.7 as-number 200
peer 7.7.7.7 connect-interface LoopBack0

ipv4-family unicast
undo synchronization
peer 7.7.7.7 enable

ipv4-family vpnv4
policy vpn-target
peer 7.7.7.7 enable

ipv4-family vpn-instance vpn
peer 10.0.45.4 as-number 100

ospf 1
area 0.0.0.0
network 10.0.56.5 0.0.0.0

R6

router id 6.6.6.6

wlan ac-global carrier id other ac id 0

set cpu-usage threshold 80 restore 75

mpls lsr-id 6.6.6.6
mpls

mpls ldp

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % K8m.Nt84DZ}e#<0`8bmE3Uw}% %
local-user admin service-type http

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip address 10.0.56.6 255.255.255.0
mpls
mpls ldp

interface GigabitEthernet0/0/1
ip address 10.0.67.6 255.255.255.0
mpls
mpls ldp

interface GigabitEthernet0/0/2

interface NULL0

interface LoopBack0
ip address 6.6.6.6 255.255.255.255
ospf enable 1 area 0.0.0.0

ospf 1
area 0.0.0.0
network 10.0.56.6 0.0.0.0
network 10.0.67.6 0.0.0.0

R7
router id 7.7.7.7

wlan ac-global carrier id other ac id 0

set cpu-usage threshold 80 restore 75

ip vpn-instance vpn
ipv4-family
route-distinguisher 100:1
vpn-target 100:1 export-extcommunity
vpn-target 100:1 import-extcommunity

mpls lsr-id 7.7.7.7
mpls

mpls ldp

aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % K8m.Nt84DZ}e#<0`8bmE3Uw}% %
local-user admin service-type http

firewall zone Local
priority 15

interface GigabitEthernet0/0/0
ip address 10.0.67.7 255.255.255.0
mpls
mpls ldp

interface GigabitEthernet0/0/1
ip binding vpn-instance vpn
ip address 10.0.78.7 255.255.255.0

interface GigabitEthernet0/0/2

interface NULL0

interface LoopBack0
ip address 7.7.7.7 255.255.255.255
ospf enable 1 area 0.0.0.0

bgp 200
peer 5.5.5.5 as-number 200
peer 5.5.5.5 connect-interface LoopBack0

ipv4-family unicast
undo synchronization
peer 5.5.5.5 enable

ipv4-family vpnv4
policy vpn-target
peer 5.5.5.5 enable

ipv4-family vpn-instance vpn
peer 10.0.78.8 as-number 65002

ospf 1
area 0.0.0.0
network 10.0.67.7 0.0.0.0


http://lihuaxi.xjx100.cn/news/2046369.html

相关文章

通过Colab部署Google最新发布的Gemma模型

通过Colab部署Google最新发布的Gemma模型

Gemma的简单介绍 Gemma 是一系列轻量级、最先进的开放式模型&#xff0c;采用与创建 Gemini 模型相同的研究和技术而构建。 Gemma 由 Google DeepMind 和 Google 的其他团队开发&#xff0c;其灵感来自 Gemini&#xff0c;其名称反映了拉丁语 gemma&#xff0c;意思是“宝石”…
阅读更多...
broom系列包: 整理模型输出结果

broom系列包: 整理模型输出结果

broom包 说明 tidy、augment和glance函数的输出总是一个小tibble。 输出从来没有行名。这确保了您可以将它与其他整洁的输出组合在一起&#xff0c;而不用担心丢失信息(因为R中的行名不能包含重复)。 有些列名保持一致&#xff0c;这样它们就可以跨不同的模型进行组合。 tidy(…
阅读更多...
css3盒子

css3盒子

盒子模型 一.看透网页布局本质二.认识盒子三.盒子的边框&#xff08;border&#xff09;1.概念2.简写及分开写法3.合并问题&#xff08;会相加&#xff09;4.边框会影响盒子实际大小 四.盒子的内边距&#xff08;padding&#xff09;1.概念2.简写3.内边距会影响盒子实际大小4.特…
阅读更多...
uni-app 实现拍照后给照片加水印功能

uni-app 实现拍照后给照片加水印功能

遇到个需求需要实现&#xff0c;研究了一下后写了个demo 本质上就是把拍完照后的照片放到canvas里&#xff0c;然后加上水印样式然后再重新生成一张图片 代码如下&#xff0c;看注释即可~使用的话记得还是得优化下代码 <template><view class"content"&g…
阅读更多...
打造高效团队!小型设计公司领导必备技能大揭秘

打造高效团队!小型设计公司领导必备技能大揭秘

小型设计公司需要有效的领导来确保客户满意&#xff0c;成功交付项目并保持团队合作。小型设计公司如何领导团队&#xff1f;一般可以通过建立明确的目标和沟通渠道、培养具有开放心态的文化、建立一个协作的团队、提供培训和发展机会、时刻保持灵活来实现。在本文中我们将探讨…
阅读更多...
day08_面向对象-继承-课后练习 - 参考答案

day08_面向对象-继承-课后练习 - 参考答案

文章目录 day08_课后练习代码阅读分析题第1题第2题第3题第4题第05题 代码编程题## 第1题第2题第3题第4题 day08_课后练习 代码阅读分析题 第1题 考核知识点&#xff1a;权限修饰符 如下代码是否可以编译通过&#xff0c;如果能&#xff0c;结果是什么&#xff0c;如果不能&…
阅读更多...
R语言入门笔记2.5

R语言入门笔记2.5

数据预处理 R语言处理的数据多以数据框的形式出现。 预备操作 数据查看 > dim(x) [1] 16 3 #数据框有16行3列 > names(x) #查看数据框的变量名 [1] "X" "Z" "Y" > head(x,3) #查看前3行&#xff0c;若为-3则是查看后三行之…
阅读更多...
刘雯井柏然植物园漫步,情侣裙超养眼,甜蜜穿搭亮了。

刘雯井柏然植物园漫步,情侣裙超养眼,甜蜜穿搭亮了。

♥ 为方便您进行讨论和分享&#xff0c;同时也为能带给您不一样的参与感。请您在阅读本文之前&#xff0c;点击一下“关注”&#xff0c;非常感谢您的支持&#xff01; 文 |猴哥聊娱乐 编 辑|徐 婷 校 对|侯欢庭 刘雯井柏然漫步永州植物园&#xff0c;情侣裙惊艳亮相&#x…
阅读更多...
最新文章

Copyright @ 2022~2023