Experimental topology:
Ensure that the L0 interfaces of CE1 and CE2 can access each other.
Configuration ideas:
1. Configure a VPN instance on PE1, configure different VPN-Target attributes for the VPN instance, and realize the isolation of different VPNs.
ip vpn-instance CE1
ipv4-family
route-distinguisher 101:1
vpn-target 100:1 export-extcommunity
vpn-target 100:1 200:1 import-extcommunity //For local mutual visits, you need to add one more connection that accepts the tag sent by the other party Incoming attributes
ip vpn-instance CE2
ipv4-family
route-distinguisher 102:1
vpn-target 200:1 export-extcommunity
vpn-target 200:1 100:1 import-extcommunity
2. Configure the binding of the interface connected to the CE to the VPN instance on PE1 to access VPN users.
interface GigabitEthernet0/0/0
ip binding vpn-instance CE1
ip address 10.1.10.254 255.255.255.0
interface GigabitEthernet0/0/1
ip binding vpn-instance CE2
ip address 10.1.20.254 255.255.255.0
3. Enable the BGP-VPNv4 address family on PE1, configure the direct route to the local CE to be imported into the VPN routing table, and configure the route to access another CE device on the CE to achieve local mutual access.
CE1: (same as CE2)
interface GigabitEthernet0/0/0
ip address 10.1.10.1 255.255.255.0
interface LoopBack0
ip address 1.1.1.1 255.255.255.0
ospf 1
area 0.0.0.0
network 0.0.0.0 255.255.255.255
PE-BGP:
bgp 100
ipv4-family vpn-instance CE1
import-route ospf 1
ipv4-family vpn-instance CE2
import-route ospf 2
PE-OSPF:
ospf 1 vpn-instance CE1
import-route bgp
area 0.0.0.0
network 10.1.10.254 0.0.0.0
ospf 2 vpn-instance CE2
import-route bgp
area 0.0.0.0
network 10.1.20.254 0.0.0.0
4. After the configuration is completed, check whether the OSPF neighbor relationship is established successfully on the PE:
then check whether the routing entry of the other party has been learned on the CE: (learned)
On CE1: On
CE2:
Ping detection between the loopback ports of the two CEs:
Routing information exchange process during local intercommunication:
The routing information of the site is redistributed into the corresponding VPN instance of BGP, and automatically redistributed into BGP VPNv4.
Then in BGP VPNv4, the network routing crossover (so the corresponding access attributes need to be modified), the entry enters another BGP instance, and then redistributed to another site, so that each other's routing entries can be learned from each other.
Flow direction during local intercommunication:
Take CE1pingCE2 as an example:
CE1 check the corresponding routing table: send the message to PE1
PE1 because it is received from the instance CE1, so you need to check the routing table of the CE1 instance:
[PE]dis ip routing-table vpn-instance CE1
This entry is received from BGP and sent to CE2 according to the outgoing interface and next hop to complete one-way communication, similar to the backhaul.