很喜欢用GRE做隧道,这样容易理解MPLS,当然LSP的隧道很EASY就KO了,主要是用/32的主机路由来建立LSP隧道的,注意隧道的起止为位置,LSP的话,就是2端LOOPBACK的起止,在用LOOPBACK建立BGP关系的时候需要注意指定源地址,否则关系起不来,这在EBGP和IBGP里都一样。隧道的起止要与BGP的邻居关系一致这样才能让BGP去利用你的GRE隧道,GRE隧道里切记一定要敲MPLS否则你数据不会被解封装,还有就是GRE隧道里不要配置IP,否则协议不稳定。MCE是多实例主机这个没什么好讲的,用来隔离业务的,多角色主机是接在MCE上的,然后由PE去帮助多角色主机,而不是在MCE上做,因此MCE的实例中必须加一条默认路由或是汇总路由,否则有可能不能通,提示找不到目标网络,主要是中间跨越了MCE,否则不会出现该问题。
详细配置如下:
<PE1> <PE1>DIS CUR # sysname PE1 # cpu-usage cycle 1min # mpls lsr-id 11.11.11.11 # radius scheme system # mpls # ip ***-instance A route-distinguisher 1:1 ***-target 1:1 export-extcommunity ***-target 1:1 import-extcommunity # ip ***-instance B route-distinguisher 1:2 ***-target 1:2 export-extcommunity ***-target 1:2 import-extcommunity # domain system # local-user admin password cipher .]@USE=B,53Q=^Q`MAF4<1!! service-type telnet terminal level 3 service-type ftp # interface Aux0 async mode flow # interface Ethernet0/0 ip address dhcp-alloc # interface Ethernet0/1 ip address dhcp-alloc # interface Serial0/0 clock DTECLK1 link-protocol ppp ip address 1.1.1.1 255.255.255.252 # interface Tunnel1 source 11.11.11.11 destination 22.22.22.22 mpls # interface NULL0 # interface LoopBack1 ip address 11.11.11.11 255.255.255.255 # interface LoopBack2 ip binding ***-instance A ip address 111.111.111.111 255.255.255.0 # interface LoopBack3 ip binding ***-instance B ip address 222.222.222.221 255.255.255.0 # bgp 1 undo synchronization group m-ibgp internal peer 22.22.22.22 group m-ibgp peer 22.22.22.22 connect-interface LoopBack1 # ipv4-family ***-instance A import-route direct undo synchronization # ipv4-family ***-instance B import-route direct undo synchronization # ipv4-family ***v4 peer m-ibgp enable peer 22.22.22.22 group m-ibgp # ospf 1 area 0.0.0.0 network 1.1.1.1 0.0.0.0 network 11.11.11.11 0.0.0.0 # FTP server enable # user-interface con 0 user-interface aux 0 user-interface vty 0 4 authentication-mode scheme # return
-----------------------------------------------------------
[PE2]dis cur # sysname PE2 # cpu-usage cycle 1min # mpls lsr-id 22.22.22.22 # radius scheme system # mpls # ip ***-instance A route-distinguisher 1:1 ***-target 1:1 export-extcommunity ***-target 1:1 import-extcommunity # ip ***-instance B route-distinguisher 1:2 ***-target 1:2 export-extcommunity ***-target 1:2 import-extcommunity # domain system # local-user admin password cipher .]@USE=B,53Q=^Q`MAF4<1!! service-type telnet terminal level 3 service-type ftp # acl number 2000 rule 1 permit ***-instance A source 192.168.10.0 0.0.0.255 # interface Aux0 async mode flow # interface Ethernet0/0 ip address dhcp-alloc # interface Ethernet0/0.1 ip binding ***-instance A ip address 1.1.1.5 255.255.255.252 ip policy route-policy DJS vlan-type dot1q vid 1 # interface Ethernet0/0.2 ip binding ***-instance B ip address 1.1.1.5 255.255.255.252 vlan-type dot1q vid 2 # interface Ethernet0/1 ip address dhcp-alloc # interface Serial0/0 link-protocol ppp ip address 1.1.1.2 255.255.255.252 # interface Tunnel1 source 22.22.22.22 destination 11.11.11.11 mpls # interface NULL0 # interface LoopBack1 ip address 22.22.22.22 255.255.255.255 # bgp 1 undo synchronization group m-ibgp internal peer 11.11.11.11 group m-ibgp peer 11.11.11.11 connect-interface LoopBack1 # ipv4-family ***-instance A import-route direct import-route ospf 2 undo synchronization # ipv4-family ***-instance B import-route direct import-route ospf 3 import-route static undo synchronization # ipv4-family ***v4 peer m-ibgp enable peer 11.11.11.11 group m-ibgp # ospf 1 area 0.0.0.0 network 1.1.1.0 0.0.0.3 network 22.22.22.22 0.0.0.0 # ospf 2 ***-instance A import-route bgp area 0.0.0.0 network 1.1.1.5 0.0.0.0 # ospf 3 ***-instance B import-route bgp area 0.0.0.0 network 1.1.1.5 0.0.0.0 # route-policy DJS permit node 10 if-match acl 2000 apply access-*** ***-instance B A # FTP server enable # ip route-static ***-instance B 192.168.10.0 255.255.255.0 ***-instance A 1.1.1.6 preference 60 # user-interface con 0 user-interface aux 0 user-interface vty 0 4 authentication-mode scheme # return
-----------------------------------------------------
[MCE]dis cur # sysname MCE # cpu-usage cycle 1min # radius scheme system # ip ***-instance A route-distinguisher 1:1 # ip ***-instance B route-distinguisher 1:2 # domain system # local-user admin password cipher .]@USE=B,53Q=^Q`MAF4<1!! service-type telnet terminal level 3 service-type ftp # interface Aux0 async mode flow # interface GigabitEthernet0/0/0 ip address dhcp-alloc # interface GigabitEthernet0/0/0.1 ip binding ***-instance A ip address 1.1.1.6 255.255.255.252 vlan-type dot1q vid 1 # interface GigabitEthernet0/0/0.2 ip binding ***-instance B ip address 1.1.1.6 255.255.255.252 vlan-type dot1q vid 2 # interface GigabitEthernet0/0/1 ip binding ***-instance A ip address 192.168.10.1 255.255.255.0 # interface GigabitEthernet0/0/2 ip address dhcp-alloc # interface NULL0 # interface LoopBack1 ip address 33.33.33.33 255.255.255.255 # interface LoopBack2 ip binding ***-instance A ip address 123.123.123.123 255.255.255.0 # interface LoopBack3 ip binding ***-instance B ip address 124.124.124.124 255.255.255.0 # ospf 2 ***-instance A ***-instance-capability simple area 0.0.0.0 network 1.1.1.6 0.0.0.0 network 123.123.123.0 0.0.0.255 network 192.168.10.0 0.0.0.255 # ospf 3 ***-instance B ***-instance-capability simple area 0.0.0.0 network 1.1.1.6 0.0.0.0 network 124.124.124.0 0.0.0.255 # FTP server enable # ip route-static ***-instance A 0.0.0.0 0.0.0.0 1.1.1.5 preference 60 # user-interface con 0 user-interface aux 0 user-interface vty 0 4 authentication-mode scheme # return [MCE]
--------------------------------------------------------------------
关于配置解释,就不解释了大家自己去看手册吧
