The tnl-policy command associates a tunnel policy with the current VPN instance IPv4 address family.
The undo tnl-policy command dissociates the current VPN instance IPv4 address family from a tunnel policy.
The tnl-policy command associates a tunnel policy with a VPN instance IPv6 address family.
The undo tnl-policy command cancels the configured association.
By default, no tunnel policy is associated with a VPN instance IPv4 address family. A tunnel is selected for a VPN in the sequence of conventional LSPs and Local_IfNet tunnels, and load balancing is not performed. A VPN instance IPv6 address family selects a tunnel in the order of conventional LSPs, CR-LSPs, and Local_IfNet, and does not perform load balancing.
| Parameter | Description | Value |
|---|---|---|
| policy-name |
Specifies the name of a tunnel policy to be associated with the VPN instance IPv4 address family or the VPN instance IPv6 address family. |
The value is a string of 1 to 39 case-sensitive characters. |
| evpn |
Indicates that EVPN routes that can be imported into the VPN instance IPv4 address family or the VPN instance IPv6 address family can be associated with a tunnel policy. When EVPN-MPLS is used to carry Layer 3 services, to associate EVPN route exchanged between BGP EVPN peers with a tunnel policy and recurse the routes to the tunnel defined in the tunnel policy, run the tnl-policy <policy-name> evpn command, ensuring tunnel forwarding. |
- |
Usage Scenario
By default, a tunnel is selected for a VPN in the sequence of conventional LSPs and Local_IfNet tunnels to forward data on the backbone network and cannot implement multi-path load balancing at the same time. To ensure transmission quality by using a TE tunnel to transmit VPN services or improve transmission efficiency by load balancing VPN services among tunnels, run the tunnel-policy command to configure a tunnel policy and run the tnl-policy command in the IPv4 or IPv6 address family view to apply the tunnel policy.
By default, a VPN instance selects a tunnel in the order of conventional LSPs, CR-LSPs, and Local_IfNet to forward data on the backbone network and cannot implement multi-path load balancing at the same time. To ensure transmission quality by using a TE tunnel to transmit VPN services or improve transmission efficiency by load balancing VPN services among tunnels, run the tunnel-policy command to configure a tunnel policy and run the tnl-policy command in the IPv6 address family view to reference the tunnel policy.Prerequisites
An RD has been configured for the VPN instance enabled with the IPv4 or IPv6 address family using the route-distinguisher command.
If the associated tunnel policy does not exist, run the tunnel-policy command to create the tunnel policy first.Configuration Impact
If the tunnel policy associated with a VPN instance enabled with the IPv4 address family cannot match an existing tunnel on the network, the VPN instance will have routes recurse to tunnels based on the default tunnel policy. If the recursion fails, services will be interrupted.
If the tunnel policy associated with a VPN instance enabled with the IPv6 address family cannot match an existing tunnel on the network, the VPN instance enabled with the IPv6 address family will have routes recurse to tunnels based on the default tunnel policy. If the recursion fails, services will be interrupted.Follow-up Procedure
If the associated tunnel policy does not exist, run the tunnel-policy command to create the tunnel policy.
Precautions
If the address family of a VPN instance changes or the associated tunnel policy is deleted, VPN services will be interrupted for a short time even if tunnels matching the tunnel policy are available on the network. Exercise caution when running the tnl-policy command.
<HUAWEI> system-view [~HUAWEI] tunnel-policy po2 [*HUAWEI-tunnel-policy-po2] tunnel select-seq cr-lsp load-balance-number 2 [*HUAWEI-tunnel-policy-po2] quit [*HUAWEI] ip vpn-instance vpn2 [*HUAWEI-vpn-instance-vpn2] ipv4-family [*HUAWEI-vpn-instance-vpn2-af-ipv4] route-distinguisher 100:1 [*HUAWEI-vpn-instance-vpn2-af-ipv4] tnl-policy po2 evpn
<HUAWEI> system-view [~HUAWEI] tunnel-policy po1 [*HUAWEI-tunnel-policy-po1] tunnel select-seq lsp load-balance-number 2 [*HUAWEI-tunnel-policy-po1] quit [*HUAWEI] ip vpn-instance vpn2 [*HUAWEI-vpn-instance-vpn2] ipv4-family [*HUAWEI-vpn-instance-vpn2-af-ipv4] route-distinguisher 100:1 [*HUAWEI-vpn-instance-vpn2-af-ipv4] tnl-policy po1 evpn