< Home

ip vpn-instance

Function

The ip vpn-instance command creates a VPN instance and displays the VPN instance view.

The undo ip vpn-instance command deletes a specified VPN instance.

By default, no VPN instance is configured.

Format

ip vpn-instance vpn-instance-name

undo ip vpn-instance vpn-instance-name

Parameters

Parameter Description Value
vpn-instance-name Specifies the name of a VPN instance.

The value is a string of 1 to 31 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When private network data needs to travel across a public network, you need to configure a VPN instance on the PE of the public network. The public network mentioned here is an MPLS backbone network.

A multi-VPN-instance CE (MCE) device can connect to multiple VPNs. The MCE solution isolates services of different VPNs while reducing cost of network devices. Before configuring an MCE device, configure a VPN instance on the MCE device.

VPN instances are required for all L3VPN configurations.

Precautions

After the ip vpn-instance command is run, a virtual routing table is created on the PE or MCE and consumes resources on the PE or MCE.

After the undo ip vpn-instance command is used to delete a VPN instance, all configurations of this VPN instance are deleted.

A VPN instance with a BFD session bound can be deleted using the undo ip vpn-instance command only after the bound BFD session is deleted.

Follow-up Procedure

After creating a VPN instance, perform the following configurations in the VPN instance view:

  • Enable the IPv4 or IPv6 address family for the VPN instance. A VPN instance supports both the IPv4 and IPv6 address families. You need to run the ipv4-family (VPN instance view) or ipv6-family (VPN instance view) command to enable the IPv4 or IPv6 address family based on the type of the protocol stack used to advertise VPN routes in the VPN instance.
  • Configure an RD for the IPv4 address family of the VPN instance. You are allowed to perform VPN configurations in the address family view only after using the route-distinguisher command to configure an RD for the address family.
  • Configure a VPN target for the VPN instance using the vpn-target command. The VPN target controls route learning between VPN instances.
  • Bind the VPN instance to the PE or MCE interface connected to the VPN using the ip binding vpn-instance command. After an interface is bound to a VPN instance, the interface becomes a part of the VPN. Packets entering the interface will be forwarded based on the VRF table of the VPN.

Example

# Create a VPN instance named vrf1.

<HUAWEI> system-view
[HUAWEI] ip vpn-instance vrf1
[HUAWEI-vpn-instance-vrf1]
Parent Topic: BGP/MPLS IP VPN Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >