juniper mpls config
1. 配置Multiprotocol BGP此步骤是启用路由器的PE-PE之间的MBGP功能,为MPLS VPN的部署作准备,主要配置思路是先启用BGP的session,然后启用BGP session的inet-vpn的功能;
配置BGP协议user@host#set routing-options autonomous-number number
#配置本机的AS号码
Example:
user@host#set routing-options autonomous-number 100
user@host#set protocols bgp group group-name neighbor ip-address peer-as xxx
#配置BGP在整机上启用,并指定相应的neighbor地址和对端AS号码
Example:
user@host# set protocols bgp group test neighbor 1.1.1.2 peer 100
user@host#set protocols bgp group group-name local-address ip-address
#配置BGP在整机上启用,并指定相应的建立BGP session时使用的源IP地址
Example:
user@host# set protocols bgp group test local-address 1.1.1.1
user@host#set protocols bgp group group-name type
#配置BGP在整机上启用,并指定相应的建立BGP session是EBGP还是IBGP
Example:
user@host# set protocols bgp group test type internal
配置MBGP协议的属性user@host#set protocols bgp group group-name family [inet|inet-vpn|inet6|inet6-vpn|l2vpn]
#配置本group下的BGP session的属性
Example:
user@host#set protocols bgp group test family inet-vpn[启用L3 MPLS VPN路由支持]
user@host#set protocols bgp group test family inet [启用IP路由支持]
注意:对JUNIPER路由器来说,默认是只有inet这个属性被启用,而当启用了inet-vpn的属性以后,那么inet这个family属性会自动被禁用,所以,在启用了inet-vpn属性以后,如果仍需要支持普通IP路由的功能,则必须明确的配置inet属性
2. 配置MPLS VPN功能此步骤是启用路由器的MPLS VPN功能,主要配置思路就是创建routing-instance并将逻辑接口加入到相应的routing-instance里面去,并配置routing-instance里的其他参数;
主要步骤如下所示:
进入VPN routing-instances的配置界面user@host#edit routing-instances instance-name
#进入routing-instances配置界面
Example:
user@host#edit routing-instances instance-name
[edit routing-instances test]
user@host#
进入配置routing-instance相关参数[edit routing-instances test]
user@host#set instance-type [forwarding|vrf|l2vpn|vpls|virtual-router]
#进入routing-instances配置界面并配置vrf
Example:
[edit routing-instances test]
user@host#set instance-type vrf
[edit routing-instances test]
user@host#set interface interface-number.logical-number
#将逻辑接口加入到routing-instances里
Example:
[edit routing-instances test]
user@host#set interface fe-0/0/2.20
user@host#set interface fe-0/0/1.0
[edit routing-instances test]
user@host#set route-distinguisher xxxx
#配置RD,确认RD在整个routing-instance里是唯一的
Example:
[edit routing-instances test]
user@host#set route-distinguisher 100:100
[edit routing-instances test]
user@host#set vrf-target target:xxxx:yyyy
#配置RT,确认RT在整个routing-instance里是唯一的,并且同一个routing-instance里的多个PE上RT要相同
Example:
[edit routing-instances test]
user@host#set vrf-target target:100:100
[edit routing-instances test]
user@host#set routing-options static route x.x.x.x/z next-hop x.x.x.x
user@host#set routing-options static route a.a.a.a/30 next-hop x.x.x.x
#配置PE-CE之间的静态路由,这里要注意,在PE-CE之间为以太网连接的情况下,一定要加一个特定的静态路由,目的地址为PE-CE之间的互联的IP子网,下一跳地址为对端CE的接口IP地址
Example:
[edit routing-instances test]
user@host#set routing-options static route 40.40.40/24 next-hop 192.168.0.1
user@host#set routing-options static route 192.168.0/30 next-hop 192.168.0.1
[edit routing-instances test]
user@host#set protocols ospf area XX interface interface-name.logical-number
user@host#set protocols ospf export bgp-ospf
[edit]
set policy-options policy-statement bgp-ospf term 1 from protocol bgp
set policy-options policy-statement bgp-ospf term 1 then accept
#配置PE-CE之间的OSPF路由,这里要注意,一定要加一个特定的POLICY,目的是为了将从对端PE学到的VPN路由注入PE-CE之间运行的OSPF协议,使得两端的CE互相能学到对方的路由
Example:
[edit routing-instances test]
user@host#set protocols ospf area 0 interface fe-0/0/3.0
user@host#set protocols ospf export bgp-ospf
[edit]
set policy-options policy-statement bgp-ospf term 1 from protocol bgp
set policy-options policy-statement bgp-ospf term 1 then accept
jnpr@host# show routing-instances
test {
instance-type vrf;
interface fe-0/0/2.20;
interface fe-0/0/1.0;
route-distinguisher 100:100;
vrf-target target:100:100;
routing-options {
static {
route 40.40.40.0/24 next-hop 192.168.0.1;
route 192.168.0.0/30 next-hop 192.168.0.1;
}
}
protocols {
ospf {
export bgp-ospf;
area 0.0.0.0 {
interface fe-0/0/3.0;
}
}
}
}
[edit]
jnpr@host# show policy-options policy-statement bgp-ospf
term 1 {
from protocol bgp;
then accept;
}
2001-2007 Comsenz Inc.
