配置思路:
①基础配置
(1)IPv6地址配置
(2)配置ISIS(开启ipv6功能)
(3)CE与PE之间创建VPN实例,建立vpn实例EBGP
(4)PE之间创建VPNv4邻居关系
(5)启用SRv6,locater从ISIS中通告出去
②设置路径列表,SRv6设置源,定义color绑定SID
(SID需要在本地范围内)(列表也需要写回程)
③设置color路由图,应用在BGPipv4进程中
(回程也需要)
④接着在vpn实例的邻居内进行TE引流,在vpnv4的邻居中通告sid
配置:
①基础配置
(1)IPv6地址配置
[NE6]int ethe 3/0/0
[NE6-Ethernet3/0/0]ipv en
[NE6-Ethernet3/0/0]ipv add 26::6 64
[NE6]int ethe 3/0/2
[NE6-Ethernet3/0/2]ipv en
[NE6-Ethernet3/0/2]ipv add 67::6 64
[NE6]int ethe 3/0/1
[NE6-Ethernet3/0/1]ipv en
[NE6-Ethernet3/0/1]ipv add 68::6 64
[NE6]int lo1
[NE6-LoopBack1]ipv en
[NE6-LoopBack1] ipv add 6000::1 128
(2)配置ISIS(开启ipv6功能)
[NE2]isis
[NE2-isis-1]is-level level-2
[NE2-isis-1]cost-style wide
[NE2-isis-1]network-entity 49.0001.0000.0000.0002.00
[NE2-isis-1]ipv6 enable topology ipv6-----ipv6的ISIS
[NE2-isis-1]int ethe3/0/1
[NE2-Ethernet3/0/1]isis ipv6 enable
[NE2]int ethe3/0/2
[NE2-Ethernet3/0/2]isis ipv6 enable
[NE2]int lo1
[NE2-LoopBack1]isis ipv6 enable
(3)CE与PE之间创建VPN实例,建立vpn实例EBGP
[NE1]bgp 1
[NE1-bgp]peer 1.1.12.2 as-number 100
[NE1-bgp]network 1.1.1.1 32
[NE2]ip vpn-instance A
[NE2-vpn-instance-A]route-distinguisher 1:1
[NE2-vpn-instance-A-af-ipv4]vpn-targe 1:1
[NE2-vpn-instance-A-af-ipv4]int ethe3/0/0
[NE2-Ethernet3/0/0]ip binding vpn-instance A
[NE2-Ethernet3/0/0]ip add 1.1.12.2 24
[NE2]bgp 100
[NE2-bgp]ipv4-family vpn-instance A
[NE2-bgp-A]peer 1.1.12.1 as-number 1
[NE2-bgp-A]network 1.1.12.0 24
(右边的PE与CE同理)
(4)PE之间创建VPNv4邻居关系
[NE2]bgp 100
[NE2-bgp]peer 3000::1 as-number 100
[NE2-bgp]peer 3000::1 connect-interface lo1
[NE2-bgp]ipv4-family vpnv4
[NE2-bgp-af-vpnv4]peer 3000::1 enable
(5)启用SRv6,locater从ISIS中通告出去
[NE2]segment-routing ipv6
[NE2-segment-routing-ipv6]locator NE2 ipv6-prefix 2222:2:: 64 static 32
[NE2]isis
[NE2-isis-1]segment-routing ipv6 locator NE2(ISP中的每台设备都需要配置)
[NE2-bgp]router-id 2.2.2.2------------------记得配置RID(否则无法正常学习到邻居)--关键
Warning: Changing the parameter in this command resets the peer session. Continue? [Y/N]:y
②设置路径列表,SRv6设置源,定义color绑定SID
(SID需要在本地范围内)(列表也需要写回程)
[NE2]segment-routing ipv6
[NE2-segment-routing-ipv6]encapsulation source-address 2000::1----设置源
[NE2-segment-routing-ipv6]locator NE2 ipv6-prefix 2222:2:: 64 static 32
[NE2-segment-routing-ipv6-locator]opcode ::100 end psp-------KEY
[NE2-segment-routing-ipv6]srv6-te-policy locator NE2
[NE2-segment-routing-ipv6]segment-list list2583
[NE2-segment-routing-ipv6-segment-list-list2583]index 10 sid ipv6 5555:5::100
[NE2-segment-routing-ipv6-segment-list-list2583]index 20 sid ipv6 8888:8::100
[NE2-segment-routing-ipv6-segment-list-list2583]index 30 sid ipv6 3333:3::100
[NE2-segment-routing-ipv6]srv6-te policy p2583 endpoint 3000::1 color 30
[NE2-segment-routing-ipv6-policy-p2583]binding-sid 2222:2::1
[NE2-segment-routing-ipv6-policy-p2583]candidate-path preference 100
[NE2-segment-routing-ipv6-policy-p2583-path]segment-list list2583
[NE3-segment-routing-ipv6]dis this
#
segment-routing ipv6
encapsulation source-address 3000::1
locator NE3 ipv6-prefix 3333:3:: 64 static 32
opcode ::100 end psp
srv6-te-policy locator NE3
segment-list list3852
index 10 sid ipv6 8888:8::100
index 20 sid ipv6 5555:5::100
index 30 sid ipv6 2222:2::100
srv6-te policy p3852 endpoint 2000::1 color 20
binding-sid 3333:3::1
candidate-path preference 100
segment-list list3852
其他设备也需要填写这个命令(end是更换下一个头部)否则无法去掉头部
[NE5-segment-routing-ipv6] locator NE5 ipv6-prefix 5555:5:: 64 static 32
[NE5-segment-routing-ipv6-locator]opcode ::100 end psp-------遇到100则弹掉改写下一跳信息
③设置color路由图,应用在BGPipv4进程中
(回程也需要)
[NE2]ip ip-prefix net permit 4.4.4.4 32
[NE2]route-policy color permit node 10
[NE2-route-policy]if-match ip-prefix net
[NE2-route-policy]apply extcommunity color 00:30
[NE2]route-policy color permit node 20
[NE2-route-policy]quit
[NE2]bgp 100
[NE2-bgp]ipv4-family vpnv4
[NE2-bgp-af-vpnv4]peer 3000:1 route-policy color import
④接着在vpn实例的邻居内进行TE引流,在vpnv4的邻居中通告sid
[NE2]bgp 100
[NE2-bgp]ipv4-family vpn-instance A
[NE2-bgp-A]segment-routing ipv6 traffic-engineer best-effort
[NE2-bgp-A]segment-routing ipv6 locator NE2
[NE2-bgp]ipv4-family vpnv4
[NE2-bgp-af-vpnv4]peer 3000::1 prefix-sid-------激活pre前缀
[NE3-bgp]dis this
#
bgp 100
private-4-byte-as enable
peer 2000::1 as-number 100
peer 2000::1 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
#
ipv4-family vpnv4
policy vpn-target
peer 2000::1 enable
peer 2000::1 route-policy color import
peer 2000::1 prefix-sid
#
ipv4-family vpn-instance A
segment-routing ipv6 locator NE3
segment-routing ipv6 traffic-engineer best-effort
peer 1.1.34.4 as-number 4
由于以上有隧道所以需要做流量引流
[NE2]tunnel-policy p1
[NE2-tunnel-policy-p1]tunnel select-seq ipv6 srv6-te-policy load-balance-number 1
[NE2]ip vpn-instance A
[NE2-vpn-instance-A]tnl-policy p1
<NE2>display bgp vpnv4 all routing-table 4.4.4.4
<NE2>display srv6-te policy
<NE2>display segment-routing ipv6 local-sid end-dt4 forwarding
这个5D是NE3会学到的,因为是NE1的路由信息转为5D的
标签:L3VPNv4,HCIE,over,bgp,NE2,routing,ipv6,policy,segment From: https://blog.csdn.net/2403_83112422/article/details/140253951