Table of contents
Configuring the Interconnection Command Between PE and CE Devices (Interconnection Through OSPF)
You can use any method to run cross-domain MPLS (A, B, C1, and C2 are all available), but the configuration of passing Vpnv4 routes will not be introduced here; only the configuration of the connection between PE and CE and the backdoor link will be introduced here Configuration
Configuring the Interconnection Command Between PE and CE Devices (Interconnection Through OSPF)
Connecting PE2 to CE1
PE2
create instance
ip vpn-instance CE1
ipv4-family
route-distinguisher 12:1 configuration RD value
vpn-target 200:1 export-extcommunity configuration into RT value
vpn-target 100:1 import-extcommunity configures the RT value
Interface binding instance
int g0/0/1
ip bind vpn-instance CE1
ip add 100.0.12.2 24
OSPF binding instance
ospf 1 vpn-instance CE1
area 0
net 100.0.12.2 0.0.0.0
Redistribute CE routes into BGP
bgp 100
ipv4-family vpn-instance CE1
import-route ospf 1
Re-advertise BGP routes to CE
ospf 1
import-route bgp
CE1
int g0/0/0
ip add 100.0.12.1 24
int g0/0/1
ip add 172.16.1.254 24
ospf 1
area 0
net 100.0.12.1 0.0.0.0
net 172.16.1.0 0.0.0.255
Connecting PE7 and CE8
PE7
create instance
ip vpn-instance CE8
ipv4-family
route-distinguisher 78:1
vpn-target 100:1 export-extcommunity
vpn-target 200:1 import-extcommunity
Interface binding instance
int g0/0/1
ip bind vpn-instance CE8
ip add 100.0.78.7 24
OSPF binding instance
ospf 1 vpn-instance CE8
area 0
net 100.0.78.7 0.0.0.0
Redistribute CE routes into BGP
bgp 200
ipv4-family vpn-instance CE8
import-route ospf 1
Re-advertise BGP routes to CE
ospf 1
import-route bgp
CE8
int g0/0/0
ip add 100.0.78.8 24
int g0/0/1
ip add 192.168.1.254 24
ospf 1
area 0
net 100.0.78.8 0.0.0.0
net 192.168.1.0 0.0.0.255
Configure the backdoor link
Advertise the backdoor link into OSPF on the CE device
CE1
ospf 1
area 0.0.0.0
network 100.0.18.1 0.0.0.0
CE2
ospf 1
area 0.0.0.0
network 100.0.18.8 0.0.0.0
At this time, the neighbors of the opposite CE will directly learn from this backdoor link, and all traffic will go through the backdoor link (the route type learned from the CE1/CE2 backdoor link is type 1/2 LSA, which is better than that learned from PE1/PE2. Type 3/5 LSAs)
At this time, you need to configure sham-link on PE to solve this problem (the route learned from PE will not be converted into Type 3/Type 5 LSA because of the Domain ID)
Configure the Sham-Link address on the PE and pass it to the peer through the VPNv4 route
PE1
interface LoopBack1 configures the IP address for establishing the backdoor link and binds the instance
ip binding vpn-instance CE1
ip address 22.22.22.22 255.255.255.255
ospf 1 vpn-instance CE1 establishes a backdoor link
area 0.0.0.0
sham-link 22.22.22.22 77.77.77.77
bgp 100 passes the backdoor link address of the local end to the peer end
ipv4-family vpn-instance CE1
import-route direct
PE2
interface LoopBack1
ip binding vpn-instance CE8
ip address 77.77.77.77 255.255.255.255
ospf 1 vpn-instance CE1
area 0.0.0.0
sham-link 77.77.77.77 22.22.22.22
bgp 200
ipv4-family vpn-instance CE8
import-route direct
Increase the overhead of the backdoor link on the CE
CE1
interface GigabitEthernet0/0/2
ospf cost 10
CE2
interface GigabitEthernet0/0/2
ospf cost 10