手把手教你玩转MPLS-VPN组网二---（实操篇）

版权声明：本文为博主原创文章，未经博主允许不得转载。 https://blog.csdn.net/firehadoop/article/details/86214450

上一篇mpls-vpn的文章介绍了组网背景及组网方案，本章重点讲解配置步骤与具体配置数据。

配置拓扑图

一、PE1配置数据

#
ip vpn-instance A
 ipv4-family
  route-distinguisher 64538:100
  vpn-target 64538:1 export-extcommunity
  vpn-target 64539:2 import-extcommunity
#
ip vpn-instance B
 ipv4-family
  route-distinguisher 64536:100
  vpn-target 64536:1 export-extcommunity
  vpn-target 64537:2 import-extcommunity
#
mpls lsr-id 1.1.1.1
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/0
 ip binding vpn-instance A
 ip address 172.16.0.1 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip binding vpn-instance B
 ip address 192.168.0.1 255.255.255.252 
#
interface GigabitEthernet0/0/2
 ip address 10.0.23.1 255.255.255.0 
 mpls
 mpls ldp
#
interface NULL0
#
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255 
#
bgp 2345
 router-id 1.1.1.1
 undo default ipv4-unicast
 peer 4.4.4.4 as-number 2345 
 peer 4.4.4.4 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  undo peer 4.4.4.4 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 4.4.4.4 enable
 #
 ipv4-family vpn-instance A 
  router-id 172.16.0.1
  peer 172.16.0.2 as-number 64538 
 #
 ipv4-family vpn-instance B 
  router-id 192.168.0.1
  import-route ospf 100
#
ospf 1 router-id 1.1.1.1 
 area 0.0.0.0 
  network 1.1.1.1 0.0.0.0 
  network 10.0.23.0 0.0.0.255 
#
ospf 100 vpn-instance B
 import-route bgp
 area 0.0.0.0 
  network 192.168.0.0 0.0.0.3 
#

二、PE2配置数据

interface GigabitEthernet0/0/0
 ip binding vpn-instance A
 ip address 172.16.0.5 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip binding vpn-instance B
 ip address 192.168.0.5 255.255.255.252 
#
interface GigabitEthernet0/0/2
 ip address 10.0.44.2 255.255.255.0 
 mpls
 mpls ldp
#
interface NULL0
#
interface LoopBack0
 ip address 4.4.4.4 255.255.255.255 
#
bgp 2345
 router-id 4.4.4.4
 undo default ipv4-unicast
 peer 1.1.1.1 as-number 2345 
 peer 1.1.1.1 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  undo peer 1.1.1.1 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 1.1.1.1 enable
 #
 ipv4-family vpn-instance A 
  router-id 172.16.0.5
  import-route ospf 100
 #
 ipv4-family vpn-instance B 
  router-id 192.168.0.5
  peer 192.168.0.6 as-number 64537 
#
ospf 1 router-id 4.4.4.4 
 area 0.0.0.0 
  network 4.4.4.4 0.0.0.0 
  network 10.0.44.0 0.0.0.255 
#
ospf 100 vpn-instance A
 import-route bgp
 area 0.0.0.0 
  network 172.16.0.4 0.0.0.3 
#

三、CE1、CE2配置数据

1、CE1配置

#
interface GigabitEthernet0/0/0
 ip address 172.16.0.2 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 172.16.1.1 255.255.255.0 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 5.5.5.5 255.255.255.255 
#
bgp 64538
 router-id 172.16.0.2
 peer 172.16.0.1 as-number 2345 
 #
 ipv4-family unicast
  undo synchronization
  network 172.16.1.0 255.255.255.0 
  peer 172.16.0.1 enable
#
2、CE2配置

#
interface GigabitEthernet0/0/0
 ip address 172.16.0.6 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 172.16.2.1 255.255.255.0 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 6.6.6.6 255.255.255.255 
#
ospf 1 router-id 172.16.0.6 
 area 0.0.0.0 
  network 172.16.0.4 0.0.0.3 
  network 172.16.2.0 0.0.0.255 
#
四、CE3、CE4配置数据

1、CE3配置

#
interface GigabitEthernet0/0/0
 ip address 192.168.0.2 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 192.168.1.1 255.255.255.0 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 7.7.7.7 255.255.255.255 
#
ospf 1 router-id 7.7.7.7 
 area 0.0.0.0 
  network 192.168.0.0 0.0.0.3 
  network 192.168.1.0 0.0.0.255 
#

2、CE4配置

#
interface GigabitEthernet0/0/0
 ip address 192.168.0.6 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 192.168.2.1 255.255.255.0 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 8.8.8.8 255.255.255.255 
#
bgp 64537
 router-id 192.168.0.6
 peer 192.168.0.5 as-number 2345 
 #
 ipv4-family unicast
  undo synchronization
  network 192.168.2.0 
  peer 192.168.0.5 enable
#

五、P1配置数据

#
interface GigabitEthernet0/0/0
 ip address 10.0.33.1 255.255.255.0 
 mpls
 mpls ldp
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
 ip address 10.0.23.2 255.255.255.0 
 mpls
 mpls ldp
#
interface NULL0
#
interface LoopBack0
 ip address 2.2.2.2 255.255.255.255 
#
ospf 1 router-id 2.2.2.2 
 area 0.0.0.0 
  network 2.2.2.2 0.0.0.0 
  network 10.0.23.0 0.0.0.255 
  network 10.0.33.0 0.0.0.255 
#

六、P2配置数据

#
interface GigabitEthernet0/0/0
 ip address 10.0.33.2 255.255.255.0 
 mpls
 mpls ldp
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
 ip address 10.0.44.1 255.255.255.0 
 mpls
 mpls ldp
#
interface NULL0
#
interface LoopBack0
 ip address 3.3.3.3 255.255.255.255 
#
ospf 1 router-id 3.3.3.3 
 area 0.0.0.0 
  network 3.3.3.3 0.0.0.0 
  network 10.0.33.0 0.0.0.255 
  network 10.0.44.0 0.0.0.255 
#

七、测试验证阶段

1、验证客户A网络的连通性

a、在CE1下新增一个虚拟PC1，定义IP为172.16.1.2

b、在CE2下新增一个虚拟PC2，定义IP为172.16.2.2

c、mpls-vpn配置完成后，在CE1、CE2上分别可以学习到对方的IP地址，并且PC1与PC2可以相互通信；

下图在CE1上执行disp ip routing-table 可以学习到CE2上的客户网络172.16.2.0/24

下图在CE2上执行disp ip routing-table 可以学习到CE1上的客户网络172.16.1.0/24

2、验证客户B网络的连通性

a、在CE3下新增一个虚拟ftp客户端，定义IP为192.168.1.2

b、在CE4下新增一个虚拟ftp服务器端，定义IP为192.168.2.2，并启动ftp服务端口21分配用户名密码及文件访问目录；

c、mpls-vpn配置完成后，在CE3、CE4上分别可以学习到对方的IP地址，并且ftp客户端可以正常访问ftp服务器端；

下图在CE3上执行disp ip routing-table 可以学习到CE4上的客户网络192.168.2.0/24

 下图在CE4上执行disp ip routing-table 可以学习到CE3上的客户网络192.168.1.0/24