MPLS L2VPN是一种基于 MPLS 技术实现的二层虚拟专用网络,能够在提供透明的二层连接的同时,利用 MPLS 的标签交换机制来优化网络性能和可靠性。L2VPN 技术允许服务提供商(SP)在其网络中实现不同地点的二层网络互联,通常用于在广域网(WAN)中连接远程分支、数据中心、办公楼等网络。它提供了一种可靠、灵活的方式来扩展和管理数据链路层的虚拟网络。
配置思路
1.使用ISIS打通公网之间的路由;
2.vsr1,2,3,4之间配置mpls,互联接口使能ldp;
3.vsr-2与vsr-3之间配置BGP与l2vpn,使用回环口建立邻居关系,并在BGP中发布l2vpn信息
4.分支一与分支二之间配置OSPF路由,通过L2VPN实现互联互通;
实验拓扑
详细配置:
VSR1配置:
sysname LR1
#
isis 1
is-level level-2
network-entity 10.0000.0000.0001.00
#
mpls lsr-id 1.1.1.9
#
mpls ldp
#
interface LoopBack0
ip address 1.1.1.9 255.255.255.255
isis enable 1
#
interface GigabitEthernet0/0/0
ip address 10.2.1.1 255.255.255.0
isis enable 1
isis circuit-type p2p
mpls enable
mpls ldp enable
#
interface GigabitEthernet0/0/1
ip address 10.1.1.1 255.255.255.0
isis enable 1
isis circuit-type p2p
mpls enable
mpls ldp enable
#
VSR2:
sysname LR2
#
isis 1
is-level level-2
network-entity 10.0000.0000.0002.00
#
ospf 1 router-id 1.1.1.1
area 0.0.0.0
#
mpls lsr-id 1.1.1.1
#
vlan 1
#
mpls ldp
#
l2vpn enable
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
isis enable 1
#
interface GigabitEthernet0/0/1
port link-mode route
combo enable copper
ip address 10.2.1.5 255.255.255.0
isis enable 1
isis circuit-type p2p
mpls enable
mpls ldp enable
#
interface GigabitEthernet0/0/2
port link-mode route
combo enable copper
ip address 10.4.1.1 255.255.255.0
isis enable 1
isis circuit-type p2p
mpls enable
mpls ldp enable
#
bgp 65001
router-id 1.1.1.1
peer 3.3.3.9 as-number 65001
peer 3.3.3.9 connect-interface LoopBack0
#
address-family ipv4 unicast
#
address-family l2vpn
peer 3.3.3.9 enable
#
xconnect-group l2vpn
auto-discovery bgp
route-distinguisher 3:3
vpn-target 3:3 export-extcommunity
vpn-target 3:3 import-extcommunity
site 2 range 10 default-offset 0
connection remote-site-id 3
ac interface GigabitEthernet0/0/0
VSR3:
sysname LR3
#
isis 1
is-level level-2
network-entity 10.0000.0000.0003.00
#
ospf 1 router-id 3.3.3.9
area 0.0.0.0
#
mpls lsr-id 3.3.3.9
#
mpls ldp
#
l2vpn enable
#
interface LoopBack0
ip address 3.3.3.9 255.255.255.255
isis enable 1
#
interface GigabitEthernet0/0/1
port link-mode route
combo enable copper
ip address 10.1.1.10 255.255.255.0
isis enable 1
isis circuit-type p2p
mpls enable
mpls ldp enable
#
interface GigabitEthernet0/0/2
port link-mode route
combo enable copper
ip address 10.3.1.2 255.255.255.0
isis enable 1
isis circuit-type p2p
mpls enable
mpls ldp enable
#
bgp 65001
router-id 3.3.3.9
peer 1.1.1.1 as-number 65001
peer 1.1.1.1 connect-interface LoopBack0
#
address-family ipv4 unicast
import-route isis 1
#
address-family l2vpn
peer 1.1.1.1 enable
#
xconnect-group l2vpn
auto-discovery bgp
route-distinguisher 3:3
vpn-target 3:3 export-extcommunity
vpn-target 3:3 import-extcommunity
site 3 range 10 default-offset 0
connection remote-site-id 2
ac interface GigabitEthernet0/0/0
#
VSR4:
sysname LR4
#
isis 1
is-level level-2
network-entity 10.0000.0000.0004.00
#
mpls lsr-id 4.4.4.9
#
mpls ldp
#
interface LoopBack0
ip address 4.4.4.9 255.255.255.255
isis enable 1
#
interface GigabitEthernet0/0/0
port link-mode route
combo enable copper
ip address 10.4.1.5 255.255.255.0
isis enable 1
isis circuit-type p2p
mpls enable
mpls ldp enable
#
interface GigabitEthernet0/0/1
port link-mode route
combo enable copper
ip address 10.3.1.5 255.255.255.0
isis enable 1
isis circuit-type p2p
mpls enable
mpls ldp enable
VSR5:
sysname LR5
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
ospf 1 area 0.0.0.0
#
interface GigabitEthernet0/0/0
ip address 192.168.2.1 255.255.255.0
ospf 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
port link-mode route
combo enable copper
ip address 192.168.1.2 255.255.255.0
ospf network-type p2p
ospf 1 area 0.0.0.0
#
interface GigabitEthernet0/0/2
port link-mode route
combo enable copper
ip address 192.168.10.1 255.255.255.0
ospf network-type p2p
ospf 1 area 0.0.0.0
VSR6:
sysname LR6
#
ospf 1 router-id 172.2.1.18
area 0.0.0.0
#
interface GigabitEthernet0/0/0
port link-mode route
combo enable copper
ip address 192.168.2.2 255.255.255.0
ospf 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
port link-mode route
combo enable copper
ip address 172.2.1.18 255.255.255.0
ospf network-type p2p
ospf 1 area 0.0.0.0
VSR7:
sysname LR7
#
ospf 1 router-id 172.2.1.2
area 0.0.0.0
#
interface GigabitEthernet0/0/0
port link-mode route
combo enable copper
ip address 172.2.1.2 255.255.255.0
ospf network-type p2p
ospf 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
port link-mode route
combo enable copper
ip address 172.10.1.1 255.255.255.0
ospf network-type p2p
ospf 1 area 0.0.0.0
VSR8:
sysname LR8
#
ospf 1 router-id 172.10.1.2
area 0.0.0.0
#
interface GigabitEthernet0/0/0
port link-mode route
combo enable copper
ip address 172.10.1.2 255.255.255.0
ospf network-type p2p
ospf 1 area 0.0.0.0
VSR9:
sysname LR9
#
ospf 1 router-id 3.3.3.3
area 0.0.0.0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
ospf 1 area 0.0.0.0
#
interface GigabitEthernet0/0/0
port link-mode route
combo enable copper
#
interface GigabitEthernet0/0/1
ip address 192.168.1.11 255.255.255.0
ospf network-type p2p
ospf 1 area 0.0.0.0
VSR10:
ospf 1 router-id 4.4.4.4
area 0.0.0.0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
ospf 1 area 0.0.0.0
#
interface GigabitEthernet0/0/2
port link-mode route
combo enable copper
ip address 192.168.10.10 255.255.255.0
ospf network-type p2p
ospf 1 area 0.0.0.0
测试效果
检查l2vpn链路
VSR2:
VSR3:
测试分支之间的连通性:
查看路由表:
VSR8:
▽往期推荐△
原文始发于微信公众号(青菜浪人):
版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。
文章由极客之音整理,本文链接:https://www.bmabk.com/index.php/post/308152.html
