Example for Configuring Inter-AS Martini VPLS in OptionA Mode
Networking Requirements
As shown in Figure 1, on an enterprise network, Site1 connects to PE1 through CE1 and then connects to the VPLS domain of AS 100. Site2 connects to PE2 through CE2 and then connects to the VPLS domain of AS 200 The network environments of the branch sites are stable. AS 100 and AS 200 communicate with each other through ASBR_PE1 and ASBR_PE2. IS-IS is used as the IGP on the MPLS backbone network in an AS. Users at Site1 and Site2 need to communicate at Layer 2 and user information needs to be reserved when Layer 2 packets are transmitted over the backbone network.
Configuration Roadmap
The configuration roadmap is as follows:
Configure transparent transmission of Layer 2 packets over the backbone network using VPLS to enable users at Site1 and Site2 to communicate at Layer 2 and reserve user information when Layer 2 packets are transmitted over the backbone network.
Use Martini VPLS to implement Layer 2 communication between CEs when the network environments of the branch sites are stable.
Configure the IGP routing protocol on the backbone network to implement communication between devices within an AS on the public network.
Configure basic MPLS functions and LDP on PEs on the backbone network to support VPLS.
Establish tunnels for transmitting data between PEs within an AS to prevent data from being known by the public network. Establish dynamic LSPs between ASBR_PEs and PEs in the same AS. If PEs and ASBR_PEs are not directly connected, establish remote LDP sessions.
Enable MPLS L2VPN on PEs to implement VPLS.
Create a VSI on PEs, specify LDP as the signaling protocol, and bind the VSI to the AC interface in the same AS to implement Martini VPLS.
To implement VPLS inter-AS OptionA, configure the peer ASBR as the CE on the ASBR PE, and bind VSIs to peer interfaces.
Procedure
- Configure VLANs that interfaces belong to.
Configure the VLAN that each interface belongs to and assign IP addresses to interfaces on Switch.
# Configure CE1. The configuration on PE1, PE2, ASBR_PE1, ASBR_PE2, and CE2 is similar to the CE1, and is not mentioned here.
<HUAWEI> system-view [HUAWEI] sysname CE1 [CE1] vlan 10 [CE1-vlan10] quit [CE1] interface vlanif 10 [CE1-Vlanif10] ip address 10.1.1.1 255.255.255.0 [CE1-Vlanif10] quit [CE1] interface gigabitethernet 0/0/1 [CE1-GigabitEthernet0/0/1] port link-type trunk [CE1-GigabitEthernet0/0/1] port trunk allow-pass vlan 10 [CE1-GigabitEthernet0/0/1] quit
Do not add AC-side physical interfaces and PW-side physical interfaces of a PE to the same VLAN; otherwise, a loop may occur.
- Configure the IGP on the MPLS backbone network.
Configure the IGP on the MPLS backbone network to achieve connectivity between the PEs and ASBR PEs. Note that IS-IS must be enabled on Loopback1.
Configure IS-IS between on PE1 and ASBR_PE1, and between PE2, and ASBR_PE2.
# Configure PE1. The configuration on ASBR_PE1, ASBR_PE2, and PE2 is similar to the PE1, and is not mentioned here.
[PE1] isis 1 [PE1-isis-1] network-entity 10.0000.0000.0001.00 [PE1-isis-1] quit [PE1] interface loopback 1 [PE1-LoopBack1] ip address 1.1.1.1 255.255.255.255 [PE1-LoopBack1] isis enable 1 [PE1-LoopBack1] quit [PE1] interface vlanif 20 [PE1-Vlanif20] isis enable 1 [PE1-Vlanif20] quit
After the configuration is complete, the ASBR and PE in the same AS can establish an IS-IS neighbor. Run the display isis peer command, and you can see that the IS-IS neighbor is in Up state.
The information displayed on PE1 is used as an example.
[PE1] display isis peer Peer information for ISIS(1) System Id Interface Circuit Id State HoldTime Type PRI ------------------------------------------------------------------------------- 0000.0000.0002 Vlanif20 0000.0000.0001.01 Up 27s L1(L1L2) 64 0000.0000.0002 Vlanif20 0000.0000.0001.01 Up 27s L2(L1L2) 64 Total Peer(s): 2ASBR_PEs and PEs in the same AS can Ping each other.
The information displayed on PE1 is used as an example.
[PE1] ping 2.2.2.2 PING 2.2.2.2: 56 data bytes, press CTRL_C to break Reply from 2.2.2.2: bytes=56 Sequence=1 ttl=255 time=180 ms Reply from 2.2.2.2: bytes=56 Sequence=2 ttl=255 time=90 ms Reply from 2.2.2.2: bytes=56 Sequence=3 ttl=255 time=60 ms Reply from 2.2.2.2: bytes=56 Sequence=4 ttl=255 time=60 ms Reply from 2.2.2.2: bytes=56 Sequence=5 ttl=255 time=100 ms --- 2.2.2.2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 60/98/180 ms - Configure basic MPLS functions and LDP.
Enable basic MPLS functions on the MPLS backbone network. Establish a dynamic LDP LSP between the PE and ASBR PE in the same AS.
Configure basic MPLS functions and LDP on PE1, ASBR_PE1, PE2, and ASBR_PE2.
# Configure PE1. The configuration on ASBR_PE1, ASBR_PE2, and PE2 is similar to the PE1, and is not mentioned here.
[PE1] mpls lsr-id 1.1.1.1 [PE1] mpls [PE1-mpls] quit [PE1] mpls ldp [PE1-mpls-ldp] quit [PE1] interface vlanif 20 [PE1-Vlanif20] mpls [PE1-Vlanif20] mpls ldp [PE1-Vlanif20] quit
Run the display mpls ldp session command to view the LDP LSP status.
ASBR_PE1 is used as an example.
[ASBR_PE1] display mpls ldp session LDP Session(s) in Public Network Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM) A '*' before a session means the session is being deleted. ------------------------------------------------------------------------------ PeerID Status LAM SsnRole SsnAge KASent/Rcv ------------------------------------------------------------------------------ 1.1.1.1:0 Operational DU Active 0000:00:08 34/34 ------------------------------------------------------------------------------ TOTAL: 1 session(s) Found.
- Enable MPLS L2VPN on PEs.
# Configure PE1.
[PE1] mpls l2vpn [PE1-l2vpn] quit
# Configure PE2.
[PE2] mpls l2vpn [PE2-l2vpn] quit
# Configure ASBR_PE1.
[ASBR_PE1] mpls l2vpn [ASBR_PE1-l2vpn] quit
# Configure ASBR_PE2.
[ASBR_PE2] mpls l2vpn [ASBR_PE2-l2vpn] quit
- Configure LDP VPLS and bind VSIs to interfaces.
Configure VSIs on PEs and ASBR PEs respectively and bind the VSIs to the related interfaces.
# Configure PE1.
[PE1] vsi a1 static [PE1-vsi-a1] pwsignal ldp [PE1-vsi-a1-ldp] vsi-id 2 [PE1-vsi-a1-ldp] peer 2.2.2.2 [PE1-vsi-a1-ldp] quit [PE1-vsi-a1] quit [PE1] interface vlanif 10 [PE1-Vlanif10] l2 binding vsi a1 [PE1-Vlanif10] quit
# Configure ASBR_PE1.
[ASBR_PE1] vsi a1 static [ASBR_PE1-vsi-a1] pwsignal ldp [ASBR_PE1-vsi-a1-ldp] vsi-id 2 [ASBR_PE1-vsi-a1-ldp] peer 1.1.1.1 [ASBR_PE1-vsi-a1-ldp] quit [ASBR_PE1-vsi-a1] quit [ASBR_PE1] interface vlanif 30 [ASBR_PE1-Vlanif30] l2 binding vsi a1 [ASBR_PE1-Vlanif30] quit
# Configure ASBR_PE2.
[ASBR_PE2] vsi a1 static [ASBR_PE2-vsi-a1] pwsignal ldp [ASBR_PE2-vsi-a1-ldp] vsi-id 3 [ASBR_PE2-vsi-a1-ldp] peer 4.4.4.4 [ASBR_PE2-vsi-a1-ldp] quit [ASBR_PE2-vsi-a1] quit [ASBR_PE2] interface vlanif 30 [ASBR_PE2-Vlanif30] l2 binding vsi a1 [ASBR_PE2-Vlanif30] quit
# Configure PE2.
[PE2] vsi a1 static [PE2-vsi-a1] pwsignal ldp [PE2-vsi-a1-ldp] vsi-id 3 [PE2-vsi-a1-ldp] peer 3.3.3.3 [PE2-vsi-a1-ldp] quit [PE2-vsi-a1] quit [PE2] interface vlanif 50 [PE2-Vlanif50] l2 binding vsi a1 [PE2-Vlanif50] quit
- Verify the configuration.
After the preceding configurations are complete, run the display vsi name verbose command on PE1, and you can see that the VSI named a1 has established a PW to PE2, and the status of the VSI is Up.
[PE1] display vsi name a1 verbose ***VSI Name : a1 Administrator VSI : no Isolate Spoken : disable VSI Index : 0 PW Signaling : ldp Member Discovery Style : static PW MAC Learn Style : unqualify Encapsulation Type : vlan MTU : 1500 Diffserv Mode : uniform Mpls Exp : -- DomainId : 255 Domain Name : Ignore AcState : disable P2P VSI : disable Create Time : 0 days, 3 hours, 30 minutes, 31 seconds VSI State : up VSI ID : 2 *Peer Router ID : 2.2.2.2 Negotiation-vc-id : 2 primary or secondary : primary ignore-standby-state : no VC Label : 23552 Peer Type : dynamic Session : up Tunnel ID : 0x20020 Broadcast Tunnel ID : 0x20020 Broad BackupTunnel ID : 0x0 CKey : 6 NKey : 5 Stp Enable : 0 PwIndex : 0 Control Word : disable Interface Name : Vlanif10 State : up Access Port : false Last Up Time : 2009-08-15 15:41:59 Total Up Time : 0 days, 0 hours, 1 minutes, 2 seconds **PW Information: *Peer Ip Address : 2.2.2.2 PW State : up Local VC Label : 23552 Remote VC Label : 23552 Remote Control Word : disable PW Type : label Local VCCV : alert lsp-ping bfd Remote VCCV : alert lsp-ping bfd Tunnel ID : 0x20020 Broadcast Tunnel ID : 0x20020 Broad BackupTunnel ID : 0x0 Ckey : 0x6 Nkey : 0x5 Main PW Token : 0x20020 Slave PW Token : 0x0 Tnl Type : LSP OutInterface : Vlanif20 Backup OutInterface : Stp Enable : 0 PW Last Up Time : 2009-08-15 15:41:59 PW Total Up Time : 0 days, 0 hours, 1 minutes, 3 secondsCE1 and CE2 can ping each other successfully.
The information displayed on CE1 is used as an example.
[CE1] ping 10.1.1.2 PING 10.1.1.2: 56 data bytes, press CTRL_C to break Reply from 10.1.1.2: bytes=56 Sequence=1 ttl=255 time=172 ms Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=156 ms Reply from 10.1.1.2: bytes=56 Sequence=3 ttl=255 time=156 ms Reply from 10.1.1.2: bytes=56 Sequence=4 ttl=255 time=156 ms Reply from 10.1.1.2: bytes=56 Sequence=5 ttl=255 time=156 ms --- 10.1.1.2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 156/159/172 ms
Configuration Files
CE1 configuration file
# sysname CE1 # vlan batch 10 # interface Vlanif10 ip address 10.1.1.1 255.255.255.0 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 # return
PE1 configuration file
# sysname PE1 # vlan batch 10 20 # mpls lsr-id 1.1.1.1 mpls # mpls l2vpn # vsi a1 static pwsignal ldp vsi-id 2 peer 2.2.2.2 # mpls ldp # isis 1 network-entity 10.0000.0000.0001.00 # interface Vlanif10 l2 binding vsi a1 # interface Vlanif20 ip address 100.1.1.1 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 20 # interface LoopBack1 ip address 1.1.1.1 255.255.255.255 isis enable 1 # return
ASBR_PE1 configuration file
# sysname ASBR_PE1 # vlan batch 20 30 # mpls lsr-id 2.2.2.2 mpls # mpls l2vpn # vsi a1 static pwsignal ldp vsi-id 2 peer 1.1.1.1 # mpls ldp # isis 1 network-entity 10.0000.0000.0002.00 # interface Vlanif20 ip address 100.1.1.2 255.255.255.0 isis enable 1 mpls mpls ldp # interface Vlanif30 l2 binding vsi a1 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 20 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 30 # interface LoopBack1 ip address 2.2.2.2 255.255.255.255 isis enable 1 # return
ASBR_PE2 configuration file
# sysname ASBR_PE2 # vlan batch 30 40 # mpls lsr-id 3.3.3.3 mpls # mpls l2vpn # vsi a1 static pwsignal ldp vsi-id 3 peer 4.4.4.4 # mpls ldp # isis 1 network-entity 10.0000.0000.0003.00 # interface Vlanif30 l2 binding vsi a1 # interface Vlanif40 ip address 100.3.1.1 255.255.255.0 isis enable 1 mpls mpls ldp # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 30 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 40 # interface LoopBack1 ip address 3.3.3.3 255.255.255.255 isis enable 1 # return
PE2 configuration file
# sysname PE2 # vlan batch 40 50 # mpls lsr-id 4.4.4.4 mpls # mpls l2vpn # vsi a1 static pwsignal ldp vsi-id 3 peer 3.3.3.3 # mpls ldp # isis 1 network-entity 10.0000.0000.0004.00 # interface Vlanif40 ip address 100.3.1.2 255.255.255.0 isis enable 1 mpls mpls ldp # interface Vlanif50 l2 binding vsi a1 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 40 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 50 # interface LoopBack1 ip address 4.4.4.4 255.255.255.255 isis enable 1 # return
CE2 configuration file
# sysname CE2 # vlan batch 50 # interface Vlanif50 ip address 10.1.1.2 255.255.255.0 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 50 # return