Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 06-MPLS L2VPN configuration | 347.73 KB |
Contents
Local connection establishment
Configuring an Ethernet service instance on an interface
Binding an AC to a cross-connect
Enabling SNMP notifications for L2VPN PW
Verifying and maintaining MPLS L2VPN
Verifying MPLS L2VPN configuration and running status
Verifying cross-connect group configuration and running status
Verifying AC configuration and running status
Verifying PW configuration and running status
MPLS L2VPN configuration examples
Example: Configuring local MPLS L2VPN connections
Example: Configuring a static PW
Example: Configuring an LDP PW
Configuring MPLS L2VPN
MPLS L2VPN provides point-to-point and point-to-multipoint connections. This chapter describes only the MPLS L2VPN technologies that provide point-to-point connections. For information about the MPLS L2VPN technologies that provide point-to-multipoint connections, see "Configuring VPLS."
About MPLS L2VPN
MPLS L2VPN is an implementation of Pseudo Wire Emulation Edge-to-Edge (PWE3). It offers Layer 2 VPN services over an MPLS or IP backbone. MPLS L2VPN can transparently transmit Layer 2 data for different data link layer protocols such as Ethernet.
Basic concepts of MPLS L2VPN
CE
A customer edge (CE) is a customer device directly connected to the service provider network.
PE
A provider edge (PE) is a service provider device connected to one or more CEs. It provides VPN access by mapping and forwarding packets between user networks and public tunnels.
AC
An attachment circuit (AC) is a link between a CE and a PE, such as an Ethernet interface or VLAN.
PW
A Pseudowire (PW) is a virtual bidirectional connection between two PEs. An MPLS PW comprises a pair of LSPs in opposite directions.
Public tunnel
A public tunnel is a connection that carries one or more PWs across the MPLS or IP backbone. It can be an LSP tunnel or a GRE tunnel.
Cross-connect
A cross-connect connects two physical or virtual circuits such as ACs and PWs. It switches packets between the two physical or virtual circuits. Cross-connects include AC to AC cross-connect, AC to PW cross-connect, and PW to PW cross-connect.
Site ID
A site ID uniquely identifies a site in a VPN. Sites in different VPNs can have the same site ID.
RD
A route distinguisher (RD) is added before a site ID to distinguish the sites that have the same site ID but reside in different VPNs. An RD and a site ID uniquely identify a VPN site.
Label block
A label block is a set of labels. It includes the following parameters:
· Label base—The LB specifies the initial label value of the label block. A PE automatically selects an LB value that cannot be manually modified.
· Label range—The LR specifies the number of labels that the label block contains. The LB and LR determine the labels contained in the label block. For example, if the LB is 1000 and the LR is 5, the label block contains labels 1000 through 1004.
· Label-block offset—The LO specifies the offset of a label block. If the existing label block becomes insufficient as the VPN sites increase, you can add a new label block to enlarge the label range. A PE uses an LO to identify the position of the new label block. The LO value of a label block is the sum of the LRs of all previously assigned label blocks. For example, if the LR and LO of the first label block are 10 and 0, the LO of the second label block is 10. If the LR of the second label block is 20, the LO of the third label block is 30.
A label block with LB, LO, and LR as 1000, 10, and 5, respectively, is represented as 1000/10/5.
For example, a VPN has 10 sites, and a PE assigns the first label block LB1/0/10 to the VPN. When another 15 sites are added, the PE keeps the first label block and assigns the second label block LB2/10/15 to extend the network. LB1 and LB2 are the initial label values that are randomly selected by the PE.
Route target
PEs use the BGP route target attribute (also called VPN target attribute) to manage BGP L2VPN information advertisement. PEs support the following types of route target attributes:
· Export target attribute—When a PE sends L2VPN information to the peer PE in a BGP update message, it sets the route target attribute in the update message to an export target. L2VPN information includes the site ID, RD, and label block.
· Import target attribute—When a PE receives an update message from the peer PE, it checks the route target attribute in the update message. If the route target value matches an import target, the PE accepts the L2VPN information in the update message.
Route target attributes determine from which PEs a PE can receive L2VPN information.
MPLS L2VPN network models
MPLS L2VPN uses the local connection model.
As shown in Figure 1, the local connection model connects two CEs to the same PE so the CEs can communicate through the PE.
Figure 1 Local connection model
Local connection establishment
To set up a local MPLS L2VPN connection between two CEs:
1. Set up ACs:
Configure the link layer protocol to set up an AC between the PE and each CE.
2. Bind the two ACs:
Bind the PE's interfaces connected to the two CEs so the PE can forward packets between CEs.
MPLS L2VPN tasks at a glance
2. Configuring an AC
To create a local connection, you must configure two ACs.
Configuring an Ethernet service instance on an interface
3. Configuring a cross-connect
4. Binding an AC to a cross-connect
Perform this task to bind the two ACs to the same cross-connect.
Prerequisites for MPLS L2VPN
To establish an MPLS L2VPN, you must perform the following tasks:
1. Configure an IGP to achieve IP connectivity within the backbone.
2. Configure basic MPLS, LDP, or GRE to set up public tunnels across the backbone.
Enabling L2VPN
Prerequisites
Before you enable L2VPN, perform the following tasks:
· Configure an LSR ID for the PE with the mpls lsr-id command.
· Enable MPLS with the mpls enable command on the core-facing interface of the PE.
For more information about the mpls lsr-id and mpls enable commands, see MPLS Command Reference.
Procedure
1. Enter system view.
system-view
2. Enable L2VPN.
l2vpn enable
By default, L2VPN is disabled.
Configuring an AC
Configuring an Ethernet service instance on an interface
About this task
When the PE is connected to a CE through a Layer 2 Ethernet interface or Layer 2 aggregate interface, you can configure an Ethernet service instance on the interface to match packets for the AC.
Restrictions and guidelines
You cannot repeat the encapsulation command to modify the packet match criterion of an Ethernet service instance. To change the packet match criterion, first execute the undo encapsulation command to remove the original match criterion.
If the packet match criterion of an Ethernet service instance is removed, the binding between the Ethernet service instance and the cross-connect is removed automatically.
Procedure
1. Enter system view.
system-view
2. Enter interface view.
¡ Enter Layer 2 Ethernet interface view.
interface interface-type interface-number
¡ Enter Layer 2 aggregate interface view.
interface bridge-aggregation interface-number
3. Create an Ethernet service instance and enter Ethernet service instance view.
service-instance instance-id
4. Configure a packet match criterion for the Ethernet service instance.
¡ Match packets with the specified outer VLAN IDs.
encapsulation s-vid vlan-id
¡ Match packets that do not have a VLAN tag.
encapsulation untagged
By default, no packet match criterion is configured.
Configuring a cross-connect
1. Enter system view.
system-view
2. Create a cross-connect group and enter cross-connect group view.
xconnect-group group-name
3. (Optional.) Configure a description for the cross-connect group.
description text
By default, no description is configured for a cross-connect group.
4. (Optional.) Enable the cross-connect group.
undo shutdown
By default, the cross-connect group is enabled.
5. Create a cross-connect and enter cross-connect view.
connection connection-name
Configuring a PW
Restrictions and guidelines
For a successful PW creation, make sure the following conditions are met when you configure a PW:
· For a static PW and LDP PW, the manually specified remote PE's LSR ID is the main IP address of the PE device interface.
· For a BGP PW, the remote PE peer address is the main IP address of the PE device interface.
Configuring a static PW
1. Enter system view.
system-view
2. Enter cross-connect group view.
xconnect-group group-name
3. Enter cross-connect view.
connection connection-name
4. Configure a static PW, and enter cross-connect PW view.
peer ip-address pw-id pw-id in-label label-value out-label label-value [ pw-class class-name | tunnel-policy tunnel-policy-name ] *
Configuring an LDP PW
About this task
After an LDP PW is created, the PE automatically sends a targeted hello to create an LDP session to the peer PE. Then, the PE exchanges the PW ID FEC and PW label mapping with the peer.
Prerequisites
Before you configure an LDP PW, enable global and interface MPLS LDP on the PE. For information about MPLS LDP configuration, see "Configuring LDP."
Procedure
1. Enter system view.
system-view
2. Enter cross-connect group view.
xconnect-group group-name
3. Enter cross-connect view.
connection connection-name
4. Configure an LDP PW, and enter cross-connect PW view.
peer ip-address pw-id pw-id [ ignore-standby-state ]
Configuring a BGP PW
Configuring BGP to advertise MPLS L2VPN label block information
1. Enter system view.
system-view
2. Enable BGP instance and enter BGP instance view.
bgp as-number [ instance instance-name ]
By default, BGP is disabled.
3. Configure the remote PE as a BGP peer.
peer { group-name | ip-address [ mask-length ] } as-number as-number
For more information about this command, see Layer 3—IP Routing Command Reference.
4. Create the BGP L2VPN address family and enter BGP L2VPN address family view.
address-family l2vpn
5. Enable BGP to exchange BGP L2VPN information with the specified peer or peer group.
peer { group-name | ip-address [ mask-length ] } enable
By default, BGP cannot exchange BGP L2VPN information with any peer or peer group.
For more information about this command, see Layer 3—IP Routing Command Reference.
6. Enable BGP to exchange label block information with the specified peer or peer group.
peer { group-name | ip-address [ mask-length ] } signaling [ non-standard ]
By default, BGP can exchange label block information with a BGP L2VPN peer or peer group by using RFC 4761 MP_REACH_NLRI.
7. Configure the BGP L2VPN address family.
For more information, see "Configuring BGP L2VPN address family."
8. Reset BGP L2VPN sessions.
For more information, see "Resetting BGP sessions."
Creating a BGP PW
1. Enter system view.
system-view
2. Enter cross-connect group view.
xconnect-group group-name
3. Configure the cross-connect group to automatically discover neighbors and create PWs through BGP and enter auto-discovery cross-connect group view.
auto-discovery bgp
By default, a cross-connect group does not automatically discover neighbors or create PWs through BGP.
4. Configure an RD for the cross-connect group.
route-distinguisher route-distinguisher
By default, no RD is configured for the cross-connect group.
5. Configure route targets for the cross-connect group.
vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]
By default, no route targets are configured for the cross-connect group.
6. Create a local site and enter site view.
site site-id [ range range-value ] [ default-offset default-offset ]
7. Create a cross-connect and enter auto-discovery cross-connect view.
connection remote-site-id remote-site-id
After you execute this command, a PW to the specified remote site is created and is bound to the cross-connect.
Configuring BGP L2VPN address family
1. Enter system view.
system-view
2. Enter BGP instance view.
bgp as-number [ instance instance-name ]
3. Enter BGP L2VPN address family view.
address-family l2vpn
4. Permit the local AS number to appear in routes from the specified peer or peer group and specify the appearance times.
peer { group-name | ip-address [ mask-length ] } allow-as-loop [ number ]
By default, the local AS number is not allowed in routes from a peer or peer group.
For more information about this command, see Layer 3—IP Routing Command Reference.
5. Enable route target-based filtering of incoming BGP L2VPN information.
policy vpn-target
By default, route target-based filtering of incoming BGP L2VPN information is enabled.
6. Configure BGP route reflection:
a. Configure the router as a route reflector and specify a peer or peer group as its client.
peer { group-name | ip-address [ mask-length ] } reflect-client
By default, no route reflector or client is configured.
b. Enable L2VPN information reflection between clients.
reflect between-clients
By default, L2VPN information reflection between clients is enabled.
c. Configure the cluster ID of the route reflector.
reflector cluster-id { cluster-id | ip-address }
By default, a route reflector uses its own router ID as the cluster ID.
d. Configure a filtering policy for reflected L2VPN information.
rr-filter { ext-comm-list-name | ext-comm-list-number }
By default, the route reflector does not filter reflected L2VPN information.
For more information about the commands, see Layer 3—IP Routing Command Reference.
7. (Optional.) Configure the device to not change the next hop of routes advertised to a peer or peer group.
peer { group-name | ipv4-address [ mask-length ] } next-hop-invariable
By default, the device uses its address as the next hop for routes advertised to EBGP peers or peer groups and it does not change the next hop of routes advertised to an IBGP peer or peer group.
8. (Optional.) Configure optimal route selection delay.
¡ Set the optimal route selection delay timer for an address family.
route-select delay delay-value
¡ Enable optimal route selection delay based on DOWN-to-UP peer state changes and set a delay timer.
route-select suppress on-peer-up milliseconds
By default, optimal route selection is not delayed.
For more information about this command, see BGP commands in Layer 3—IP Routing Command Reference.
9. (Optional.) Set the delay time for responding to recursive next hop changes.
nexthop recursive-lookup [ non-critical-event ] delay [ delay-value ]
By default, BGP responds to recursive next hop changes immediately.
For more information about this command, see BGP commands in Layer 3—IP Routing Command Reference.
Resetting BGP sessions of L2VPN address family
To reset BGP sessions of the L2VPN address family, execute one of the following command in user view:
· Perform manual soft-reset for BGP sessions of the L2VPN address family.
refresh bgp [ instance instance-name ] { ip-address [ mask-length ] | all | external | group group-name | internal } { export | import } l2vpn
· Reset BGP sessions of the L2VPN address family.
reset bgp [ instance instance-name ] { as-number | ip-address [ mask-length ] | all | external | group group-name | internal } l2vpn
For more information about the commands, see Layer 3—IP Routing Command Reference.
Binding an AC to a cross-connect
About this task
On a Layer 2 Ethernet or Layer 2 aggregate interface, you can create an Ethernet service instance and bind it to a cross-connect. The Ethernet service instance matches packets received on that interface. The matching packets are then forwarded to the bound PW or another AC. An Ethernet service instance can match all packets, tagged packets, or untagged packets.
Restrictions and guidelines
This task is mutually exclusive with Ethernet link aggregation. If a Layer 3 or Layer 2 Ethernet interface has been added to a link aggregation group, you cannot bind the Layer 3 interface or an Ethernet service instance on the Layer 2 interface to a cross-connect, and vice versa.
Binding an Ethernet service instance to a non-BGP cross-connect
1. Enter system view.
system-view
2. Enter cross-connect group view.
xconnect-group group-name
3. Enter cross-connect view.
connection connection-name
4. Bind the Ethernet service instance on the interface to the cross-connect.
ac interface interface-type interface-number service-instance instance-id [ access-mode vlan ]
By default, no Ethernet service instance is bound to the cross-connect.
Binding an Ethernet service instance to a BGP cross-connect
1. Enter system view.
system-view
2. Enter cross-connect group view.
xconnect-group group-name
3. Enter auto-discovery cross-connect group view.
auto-discovery bgp
4. Enter site view.
site site-id [ range range-value ] [ default-offset default-offset-value ]
5. Enter auto-discovery cross-connect view.
connection remote-site-id remote-site-id
6. Bind the Ethernet service instance on the interface to the BGP cross-connect.
ac interface interface-type interface-number service-instance instance-id [ access-mode vlan ]
By default, no Ethernet service instance is bound to the BGP cross-connect.
Enabling SNMP notifications for L2VPN PW
About this task
This feature enables L2VPN to generate SNMP notifications when the number of MAC addresses learned by an AC/PW/VSI reaches the limit, PW deletions, or PW status changes occur. For L2VPN event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.
Procedure
1. Enter system view.
system-view
2. Enable SNMP notifications for L2VPN PW.
snmp-agent trap enable l2vpn [ maclimit-ac | maclimit-pw | maclimit-vsi | pw-delete | pw-up-down ] *
By default, SNMP notifications for L2VPN PW are disabled.
Enabling L2VPN logging
About this task
This feature enables L2VPN to generate logs for running state changes. The generated logs are sent to the information center. The information center processes the logs according to user-defined output rules (whether to output logs and where to output).
For more information about the information center, see information center configuration in System Management Configuration Guide.
Procedure
1. Enter system view.
system-view
2. Enable L2VPN logging.
l2vpn log enable
By default, L2VPN logging is enabled.
Verifying and maintaining MPLS L2VPN
Verifying MPLS L2VPN configuration and running status
Perform display tasks in any view.
· Display BGP L2VPN peer group information.
display bgp [ instance instance-name ] group l2vpn [ group-name group-name ]
For more information about this command, see basic BGP commands in Layer 3—IP Routing Command Reference.
· Display L2VPN label block information discovered by BGP.
display bgp [ instance instance-name ] l2vpn signaling [ peer ip-address { advertised | received } [ statistics ] | route-distinguisher route-distinguisher [ site-id site-id [ label-offset label-offset [ advertise-info ] ] ] | statistics ]
· Display BGP L2VPN peer information.
display bgp [ instance instance-name ] peer l2vpn [ ip-address mask-length | group-name group-name log-info | ip-address { log-info | verbose } | verbose ]
For more information about this command, see basic BGP commands in Layer 3—IP Routing Command Reference.
· Display BGP L2VPN update group information.
display bgp [ instance instance-name ] update-group l2vpn [ ip-address ]
For more information about this command, see basic BGP commands in Layer 3—IP Routing Command Reference.
· Display L2VPN label block information.
display l2vpn bgp [ peer ip-address | local ] [ xconnect-group group-name ] [ verbose ]
Resetting BGP L2VPN sessions
For more information about the commands, see basic BGP commands in Layer 3—IP Routing Command Reference.
Perform refresh or reset tasks in user view.
· Perform manual soft-reset for BGP sessions of the L2VPN address family.
refresh bgp [ instance instance-name ] { ip-address [ mask-length ] | all | external | group group-name | internal } { export | import } l2vpn
· Reset BGP sessions of the L2VPN address family.
reset bgp [ instance instance-name ] { as-number | ip-address [ mask-length ] | all | external | group group-name | internal } l2vpn
Verifying cross-connect group configuration and running status
To display cross-connect group information, execute the following commands in any view:
display l2vpn xconnect-group [ name group-name | vpws ] [ count | verbose ]
display l2vpn xconnect-group name group-name connection connection-name [ verbose ]
Verifying AC configuration and running status
Perform display tasks in any view.
· Display AC forwarding information.
display l2vpn forwarding ac [ xconnect-group group-name ] [ slot slot-number ] [ verbose ]
· Display L2VPN information for Layer 3 interfaces bound to cross-connects.
display l2vpn interface [ xconnect-group group-name | interface-type interface-number ] [ verbose ]
· Display Ethernet service instance information.
display l2vpn service-instance [ interface interface-type interface-number [ service-instance instance-id ] ] [ verbose ]
Verifying PW configuration and running status
Perform display tasks in any view.
· Display PW forwarding information.
display l2vpn forwarding pw [ xconnect-group group-name ] [ slot slot-number ] [ verbose ]
· Display LDP PW label information.
display l2vpn ldp [ peer ip-address [ pw-id pw-id ] | xconnect-group group-name ] [ verbose ]
· Display L2VPN PW information.
display l2vpn pw [ xconnect-group group-name ] [ protocol { bgp | ldp | static } ] [ verbose ]
· Display L2VPN PW state machine information.
display l2vpn pw state-machine [ xconnect-group group-name ]
MPLS L2VPN configuration examples
Example: Configuring local MPLS L2VPN connections
Network configuration
Configure local MPLS L2VPN connections between the PE and CEs to allow communication between CE 1 and CE 2, and between CE 1 and CE 3, without consuming VLAN resources on the PE.
Figure 2 Network diagram
Procedure
1. Configure CE 1:
# Configure GigabitEthernet 1/0/1 as a trunk port and permit VLAN 10 and VLAN 20.
<CE1> system-view
[CE1] interface gigabitethernet 1/0/1
[CE1-GigabitEthernet1/0/1] port link-type trunk
[CE1-GigabitEthernet1/0/1] port trunk permit vlan 10 20
[CE1-GigabitEthernet1/0/1] quit
# Create VLAN 10 and configure an IP address for VLAN-interface 10.
[CE1] vlan 10
[CE1-vlan10] quit
[CE1] interface vlan-interface 10
[CE1-Vlan-interface10] ip address 10.1.1.1 24
[CE1-Vlan-interface10] quit
# Create VLAN 20 and configure an IP address for VLAN-interface 20.
[CE1] vlan 20
[CE1-vlan20] quit
[CE1] interface vlan-interface 20
[CE1-Vlan-interface20] ip address 10.2.1.1 24
[CE1-Vlan-interface20] quit
2. On CE 2, create VLAN 10 and configure an IP address for VLAN-interface 10.
<CE2> system-view
[CE2] vlan 10
[CE2-vlan10] port gigabitethernet 1/0/1
[CE2-vlan10] quit
[CE2] interface vlan-interface 10
[CE2-Vlan-interface10] ip address 10.1.1.2 24
3. On CE 3, create VLAN 20 and configure an IP address for VLAN-interface 20.
<CE3> system-view
[CE3] vlan 20
[CE3-vlan20] port gigabitethernet 1/0/1
[CE3-vlan20] quit
[CE3] interface vlan-interface 20
[CE3-Vlan-interface20] ip address 10.2.1.2 24
4. Configure the PE:
# Enable L2VPN.
<PE> system-view
[PE] l2vpn enable
# Create Ethernet service instance 10 on GigabitEthernet 1/0/1 to match packets from VLAN 10.
[PE] interface gigabitethernet 1/0/1
[PE-GigabitEthernet1/0/1] service-instance 10
[PE-GigabitEthernet1/0/1-srv10] encapsulation s-vid 10
[PE-GigabitEthernet1/0/1-srv10] quit
# Create Ethernet service instance 20 on GigabitEthernet 1/0/1 to match packets from VLAN 20.
[PE-GigabitEthernet1/0/1] service-instance 20
[PE-GigabitEthernet1/0/1-srv20] encapsulation s-vid 20
[PE-GigabitEthernet1/0/1-srv20] quit
[PE-GigabitEthernet1/0/1] quit
# Create a cross-connect group named vpn1, and create a cross-connect named vlan10 in the group.
[PE] xconnect-group vpn1
[PE-xcg-vpn1] connection vlan10
# Bind Ethernet service instance 10 on GigabitEthernet 1/0/1 to the cross-connect.
[PE-xcg-vpn1-vlan10] ac interface gigabitethernet 1/0/1 service-instance 10
[PE-xcg-vpn1-vlan10-GigabitEthernet1/0/1-srv10] quit
# Bind GigabitEthernet 1/0/2 to the cross-connect.
[PE-xcg-vpn1-vlan10] ac interface gigabitethernet 1/0/2
[PE-xcg-vpn1-vlan10-GigabitEthernet1/0/2] quit
[PE-xcg-vpn1-vlan10] quit
# Create a cross-connect named vlan20 in cross-connect group vpn1.
[PE-xcg-vpn1] connection vlan20
# Bind Ethernet service instance 20 on GigabitEthernet 1/0/1 to the cross-connect.
[PE-xcg-vpn1-vlan20] ac interface gigabitethernet 1/0/1 service-instance 20
[PE-xcg-vpn1-vlan10-GigabitEthernet1/0/1-srv20] quit
# Bind GigabitEthernet 1/0/3 to the cross-connect.
[PE-xcg-vpn1-vlan20] ac interface gigabitethernet 1/0/3
[PE-xcg-vpn1-vlan10-GigabitEthernet1/0/3] quit
[PE-xcg-vpn1-vlan20] quit
[PE-xcg-vpn1] quit
Verifying the configuration
# Verify that four AC forwarding entries exist on the PE.
[PE] display l2vpn forwarding ac
Total number of cross-connections: 2
Total number of ACs: 4
AC Xconnect-group Name Link ID State
GE1/0/1 srv10 vpn1 0x0 Up
GE1/0/1 srv20 vpn1 0x0 Up
GE1/0/2 vpn1 0x1 Up
GE1/0/3 vpn1 0x1 Up
# Verify that CE 1 and CE 2 can ping each other, and that CE 1 and CE 3 can ping each other. (Details not shown.)
Example: Configuring a static PW
Network configuration
Create a static PW between PE 1 and PE 2 over the backbone to allow communication between CE 1 and CE 2 within VLAN 10.
Create Ethernet service instance 10 on GigabitEthernet 1/0/1 to match packets with an outer VLAN ID of 10 on each PE.
Figure 3 Network diagram
Table 1 Interface and IP address assignment
|
Device |
Interface |
IP address |
Device |
Interface |
IP address |
|
CE 1 |
Vlan-int10 |
100.1.1.1/24 |
P |
Loop0 |
192.4.4.4/32 |
|
PE 1 |
Loop0 |
192.2.2.2/32 |
|
Vlan-int30 |
10.2.2.2/24 |
|
|
Vlan-int20 |
10.1.1.1/24 |
|
Vlan-int20 |
10.1.1.2/24 |
|
CE 2 |
Vlan-int10 |
100.1.1.2/24 |
PE 2 |
Loop0 |
192.3.3.3/32 |
|
|
|
|
|
Vlan-int30 |
10.2.2.1/24 |
Prerequsites
Configure VLANs and add ports to VLANs on each switch.
Procedure
1. Configure CE 1.
<CE1> system-view
[CE1] interface vlan-interface 10
[CE1-Vlan-interface10] ip address 100.1.1.1 24
[CE1-Vlan-interface10] quit
2. Configure PE 1:
# Configure an LSR ID.
<PE1> system-view
[PE1] interface loopback 0
[PE1-LoopBack0] ip address 192.2.2.2 32
[PE1-LoopBack0] quit
[PE1] mpls lsr-id 192.2.2.2
# Enable L2VPN.
[PE1] l2vpn enable
# Enable global LDP.
[PE1] mpls ldp
[PE1-ldp] quit
# Configure VLAN-interface 20 (the interface connected to the P device), and enable LDP on the interface.
[PE1] interface vlan-interface 20
[PE1-Vlan-interface20] ip address 10.1.1.1 24
[PE1-Vlan-interface20] mpls enable
[PE1-Vlan-interface20] mpls ldp enable
[PE1-Vlan-interface20] quit
# Configure OSPF for LDP to create LSPs.
[PE1] ospf
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit
# Create VLAN 10 and assign GigabitEthernet 1/0/1 to the VLAN.
[PE1] vlan 10
[PE1-vlan10] port gigabitethernet 1/0/1
[PE1-vlan10] quit
# Create Ethernet service instance 10 on GigabitEthernet 1/0/1 to match packets with an outer VLAN ID of 10.
[PE1] interface gigabitethernet 1/0/1
[PE1-GigabitEthernet1/0/1] service-instance 10
[PE1-GigabitEthernet1/0/1-srv10] encapsulation s-vid 10
[PE1-GigabitEthernet1/0/1-srv10] quit
[PE1-GigabitEthernet1/0/1] quit
# Create a cross-connect group named vpna, create a cross-connect named svc in the group, and bind Ethernet service instance 10 on GigabitEthernet 1/0/1 to the cross-connect.
[PE1] xconnect-group vpna
[PE1-xcg-vpna] connection svc
[PE1-xcg-vpna-svc] ac interface gigabitethernet 1/0/1 service-instance 10
[PE1-xcg-vpna-svc-GigabitEthernet1/0/1-srv10] quit
# Create a static PW for the cross-connect to bind the AC to the PW.
[PE1-xcg-vpna-svc] peer 192.3.3.3 pw-id 3 in-label 100 out-label 200
[PE1-xcg-vpna-svc-192.3.3.3-3] quit
[PE1-xcg-vpna-svc] quit
[PE1-xcg-vpna] quit
3. Configure the P device:
# Configure an LSR ID.
<P> system-view
[P] interface loopback 0
[P-LoopBack0] ip address 192.4.4.4 32
[P-LoopBack0] quit
[P] mpls lsr-id 192.4.4.4
# Enable global LDP.
[P] mpls ldp
[P-ldp] quit
# Configure VLAN-interface 20 (the interface connected to PE 1), and enable LDP on the interface.
[P] interface vlan-interface 20
[P-Vlan-interface20] ip address 10.1.1.2 24
[P-Vlan-interface20] mpls enable
[P-Vlan-interface20] mpls ldp enable
[P-Vlan-interface20] quit
# Configure VLAN-interface 30 (the interface connected to PE 2), and enable LDP on the interface.
[P] interface vlan-interface 30
[P-Vlan-interface30] ip address 10.2.2.2 24
[P-Vlan-interface30] mpls enable
[P-Vlan-interface30] mpls ldp enable
[P-Vlan-interface30] quit
# Configure OSPF for LDP to create LSPs.
[P] ospf
[P-ospf-1] area 0
[P-ospf-1-area-0.0.0.0] network 10.1.1.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 10.2.2.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 192.4.4.4 0.0.0.0
[P-ospf-1-area-0.0.0.0] quit
[P-ospf-1] quit
4. Configure PE 2:
# Configure an LSR ID.
<PE2> system-view
[PE2] interface loopback 0
[PE2-LoopBack0] ip address 192.3.3.3 32
[PE2-LoopBack0] quit
[PE2] mpls lsr-id 192.3.3.3
# Enable L2VPN.
[PE2] l2vpn enable
# Enable global LDP.
[PE2] mpls ldp
[PE2-ldp] quit
# Configure VLAN-interface 30 (the interface connected to the P device), and enable LDP on the interface.
[PE2] interface vlan-interface 30
[PE2-Vlan-interface30] ip address 10.2.2.1 24
[PE2-Vlan-interface30] mpls enable
[PE2-Vlan-interface30] mpls ldp enable
[PE2-Vlan-interface30] quit
# Configure OSPF for LDP to create LSPs.
[PE2] ospf
[PE2-ospf-1] area 0
[PE2-ospf-1-area-0.0.0.0] network 10.2.2.1 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] quit
# Create VLAN 10 and assign GigabitEthernet 1/0/1 to the VLAN.
[PE2] vlan 10
[PE2-vlan10] port gigabitethernet 1/0/1
[PE2-vlan10] quit
# Create Ethernet service instance 10 on GigabitEthernet 1/0/1 to match packets with an outer VLAN ID of 10.
[PE2] interface gigabitethernet 1/0/1
[PE2-GigabitEthernet1/0/1] service-instance 10
[PE2-GigabitEthernet1/0/1-srv10]encapsulation s-vid 10
[PE2-GigabitEthernet1/0/1-srv10] quit
[PE2-GigabitEthernet1/0/1] quit
# Create a cross-connect group named vpna, create a cross-connect named svc in the group, and bind Ethernet service instance 10 on GigabitEthernet 1/0/1 to the cross-connect.
[PE2] xconnect-group vpna
[PE2-xcg-vpna] connection svc
[PE2-xcg-vpna-svc] ac interface gigabitethernet 1/0/1 service-instance 10
[PE2-xcg-vpna-svc-GigabitEthernet1/0/1-srv10] quit
# Create a static PW for the cross-connect to bind the AC to the PW.
[PE2-xcg-vpna-svc] peer 192.2.2.2 pw-id 3 in-label 200 out-label 100
[PE2-xcg-vpna-svc-192.2.2.2-3] quit
[PE2-xcg-vpna-svc] quit
[PE2-xcg-vpna] quit
5. Configure CE 2.
<CE2> system-view
[CE2] interface vlan-interface 10
[CE2-Vlan-interface10] ip address 100.1.1.2 24
[CE2-Vlan-interface10] quit
Verifying the configuration
# Verify that a static PW has been established on PE 1.
[PE1] display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY – ac-bypass
PBY – pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: vpna
Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State
192.3.3.3 3 100/200 Static M 10000000 Up
# Verify that a static PW has been established on PE 2.
[PE2] display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY – ac-bypass
PBY – pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: vpna
Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State
192.2.2.2 3 200/100 Static M 10000000 Up
# Verify that CE 1 and CE 2 can ping each other. (Details not shown.)
Example: Configuring an LDP PW
Network configuration
Create an LDP PW between PE 1 and PE 2, and use flexible mode to match packets from each AC to allow communication between CE 1 and CE 2 within VLAN 10 without consuming VLAN resources on PEs.
Figure 4 Network diagram
Table 2 Interface and IP address assignment
|
Device |
Interface |
IP address |
Device |
Interface |
IP address |
|
CE 1 |
Vlan-int10 |
100.1.1.1/24 |
P |
Loop0 |
192.4.4.4/32 |
|
PE 1 |
Loop0 |
192.2.2.2/32 |
|
Vlan-int23 |
23.1.1.2/24 |
|
|
Vlan-int23 |
23.1.1.1/24 |
|
Vlan-int26 |
26.2.2.2/24 |
|
CE 2 |
Vlan-int10 |
100.1.1.2/24 |
PE 2 |
Loop0 |
192.3.3.3/32 |
|
|
|
|
|
Vlan-int26 |
26.2.2.1/24 |
Prerequsites
Configure VLANs and add ports to VLANs on each switch.
Procedure
1. Configure CE 1.
<CE1> system-view
[CE1] interface vlan-interface 10
[CE1-Vlan-interface10] ip address 100.1.1.1 24
[CE1-Vlan-interface10] quit
2. Configure PE 1:
# Configure an LSR ID.
<PE1> system-view
[PE1] interface loopback 0
[PE1-LoopBack0] ip address 192.2.2.2 32
[PE1-LoopBack0] quit
[PE1] mpls lsr-id 192.2.2.2
# Enable L2VPN.
[PE1] l2vpn enable
# Enable global LDP.
[PE1] mpls ldp
[PE1-ldp] quit
# Configure VLAN-interface 23 (the interface connected to the P device), and enable LDP on the interface.
[PE1] interface vlan-interface 23
[PE1-Vlan-interface23] ip address 23.1.1.1 24
[PE1-Vlan-interface23] mpls enable
[PE1-Vlan-interface23] mpls ldp enable
[PE1-Vlan-interface23] quit
# Configure OSPF for LDP to create LSPs.
[PE1] ospf
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 23.1.1.1 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit
# Create Ethernet service instance 1000 on GigabitEthernet 1/0/1 (the interface connected to CE 1).
[PE1] interface gigabitethernet 1/0/1
[PE1-GigabitEthernet1/0/1] service-instance 1000
[PE1-GigabitEthernet1/0/1-srv1000] encapsulation s-vid 10
[PE1-GigabitEthernet1/0/1-srv1000] quit
[PE1-GigabitEthernet1/0/1] quit
# Create a cross-connect group named vpn1, create a cross-connect named ldp in the group, and bind Ethernet service instance 1000 on GigabitEthernet 1/0/1 to the cross-connect.
[PE1] xconnect-group vpn1
[PE1-xcg-vpn1] connection ldp
[PE1-xcg-vpn1-ldp] ac interface gigabitethernet 1/0/1 service-instance 1000
[PE1-xcg-vpn1-ldp-GigabitEthernet1/0/1-srv1000] quit
# Create an LDP PW for the cross-connect to bind the AC to the PW.
[PE1-xcg-vpn1-ldp] peer 192.3.3.3 pw-id 1000
[PE1-xcg-vpn1-ldp-192.3.3.3-1000] quit
[PE1-xcg-vpn1-ldp] quit
[PE1-xcg-vpn1] quit
3. Configure the P device:
# Configure an LSR ID.
<P> system-view
[P] interface loopback 0
[P-LoopBack0] ip address 192.4.4.4 32
[P-LoopBack0] quit
[P] mpls lsr-id 192.4.4.4
# Enable global LDP.
[P] mpls ldp
[P-ldp] quit
# Configure VLAN-interface 23 (the interface connected to PE 1), and enable LDP on the interface.
[P] interface vlan-interface 23
[P-Vlan-interface23] ip address 23.1.1.2 24
[P-Vlan-interface23] mpls enable
[P-Vlan-interface23] mpls ldp enable
[P-Vlan-interface23] quit
# Configure VLAN-interface 26 (the interface connected to PE 2), and enable LDP on the interface.
[P] interface vlan-interface 26
[P-Vlan-interface26] ip address 26.2.2.2 24
[P-Vlan-interface26] mpls enable
[P-Vlan-interface26] mpls ldp enable
[P-Vlan-interface26] quit
# Configure OSPF for LDP to create LSPs.
[P] ospf
[P-ospf-1] area 0
[P-ospf-1-area-0.0.0.0] network 23.1.1.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 26.2.2.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 192.4.4.4 0.0.0.0
[P-ospf-1-area-0.0.0.0] quit
[P-ospf-1] quit
4. Configure PE 2:
# Configure an LSR ID.
<PE2> system-view
[PE2] interface loopback 0
[PE2-LoopBack0] ip address 192.3.3.3 32
[PE2-LoopBack0] quit
[PE2] mpls lsr-id 192.3.3.3
# Enable L2VPN.
[PE2] l2vpn enable
# Enable global LDP.
[PE2] mpls ldp
[PE2-ldp] quit
# Configure VLAN-interface 26 (the interface connected to the P device), and enable LDP on the interface.
[PE2] interface vlan-interface 26
[PE2-Vlan-interface26] ip address 26.2.2.1 24
[PE2-Vlan-interface26] mpls enable
[PE2-Vlan-interface26] mpls ldp enable
[PE2-Vlan-interface26] quit
# Configure OSPF for LDP to create LSPs.
[PE2] ospf
[PE2-ospf-1] area 0
[PE2-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] network 26.2.2.0 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] quit
# Create Ethernet service instance 1000 on GigabitEthernet 1/0/1 (the interface connected to CE 2).
[PE2] interface gigabitethernet 1/0/1
[PE2-GigabitEthernet1/0/1] service-instance 1000
[PE2-GigabitEthernet1/0/1-srv1000] encapsulation s-vid 10
[PE2-GigabitEthernet1/0/1-srv1000] quit
[PE2-GigabitEthernet1/0/1] quit
# Create a cross-connect group named vpn1, create a cross-connect named ldp in the group, and bind Ethernet service instance 1000 on GigabitEthernet 1/0/1 to the cross-connect.
[PE2] xconnect-group vpn1
[PE2-xcg-vpn1] connection ldp
[PE2-xcg-vpn1-ldp] ac interface gigabitethernet 1/0/1 service-instance 1000
[PE2-xcg-vpn1-ldp-GigabitEthernet1/0/1-srv1000] quit
# Create an LDP PW for the cross-connect to bind the AC to the PW.
[PE2-xcg-vpn1-ldp] peer 192.2.2.2 pw-id 1000
[PE2-xcg-vpn1-ldp-192.2.2.2-1000] quit
[PE2-xcg-vpn1-ldp] quit
[PE2-xcg-vpn1] quit
5. Configure CE 2.
<CE2> system-view
[CE2] interface vlan-interface 10
[CE2-Vlan-interface10] ip address 100.1.1.2 24
[CE2-Vlan-interface10] quit
Verifying the configuration
# Verify that an LDP PW has been established on PE 1.
[PE1] display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY – ac-bypass
PBY – pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: vpn1
Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State
192.3.3.3 1000 1151/1279 LDP M 10000001 Up
# Verify that an LDP PW has been established on PE 2.
[PE2] display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY – ac-bypass
PBY – pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: vpn1
Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State
192.2.2.2 1000 1279/1151 LDP M 10000001 Up
# Verify that CE 1 and CE 2 can ping each other. (Details not shown.)
Example: Configuring a BGP PW
Network configuration
Create a BGP PW between PE 1 and PE 2 to allow communication between CE 1 and CE 2 within VLAN 10.
Create Ethernet service instance 10 on GigabitEthernet 1/0/1 to match packets with an outer VLAN ID of 10 on each PE.
Figure 5 Network diagram
Table 3 Interface and IP address assignment
|
Device |
Interface |
IP address |
Device |
Interface |
IP address |
|
CE 1 |
Vlan-int10 |
100.1.1.1/24 |
P |
Loop0 |
192.4.4.4/32 |
|
PE 1 |
Loop0 |
192.2.2.2/32 |
|
Vlan-int20 |
10.1.1.2/24 |
|
|
Vlan-int20 |
10.1.1.1/24 |
|
Vlan-int30 |
10.2.2.2/24 |
|
CE 2 |
Vlan-int10 |
100.1.1.2/24 |
PE 2 |
Loop0 |
192.3.3.3/32 |
|
|
|
|
|
Vlan-int30 |
10.2.2.1/24 |
Prerequsites
Configure VLANs and add ports to VLANs on each switch.
Procedure
1. Configure CE 1.
<CE1> system-view
[CE1] interface vlan-interface 10
[CE1-Vlan-interface10] ip address 100.1.1.1 24
[CE1-Vlan-interface10] quit
2. Configure PE 1:
# Configure an LSR ID.
<PE1> system-view
[PE1] interface loopback 0
[PE1-LoopBack0] ip address 192.2.2.2 32
[PE1-LoopBack0] quit
[PE1] mpls lsr-id 192.2.2.2
# Enable L2VPN.
[PE1] l2vpn enable
# Enable LDP globally.
[PE1] mpls ldp
[PE1-ldp] quit
# Configure VLAN-interface 20 (the interface connected to the P device), and enable LDP on the interface.
[PE1] interface vlan-interface 20
[PE1-Vlan-interface20] ip address 10.1.1.1 24
[PE1-Vlan-interface20] mpls enable
[PE1-Vlan-interface20] mpls ldp enable
[PE1-Vlan-interface20] quit
# Enable OSPF for LSP establishment.
[PE1] ospf
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.255
[PE1-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0
[PE1-ospf-1-area-0.0.0.0] quit
[PE1-ospf-1] quit
# Create an IBGP connection to PE 2, and enable BGP to advertise L2VPN information to PE 2.
[PE1] bgp 100
[PE1-bgp-default] peer 192.3.3.3 as-number 100
[PE1-bgp-default] peer 192.3.3.3 connect-interface loopback 0
[PE1-bgp-default] address-family l2vpn
[PE1-bgp-default-l2vpn] peer 192.3.3.3 enable
[PE1-bgp-default-l2vpn] quit
[PE1-bgp-default] quit
# Create VLAN 10 and assign GigabitEthernet 1/0/1 to the VLAN.
[PE1] vlan 10
[PE1-vlan10] port gigabitethernet 1/0/1
[PE1-vlan10] quit
# Create Ethernet service instance 10 on GigabitEthernet 1/0/1 to match packets with an outer VLAN ID of 10.
[PE1] interface gigabitethernet 1/0/1
[PE1-GigabitEthernet1/0/1] service-instance 10
[PE1-GigabitEthernet1/0/1-srv10]encapsulation s-vid 10
[PE1-GigabitEthernet1/0/1-srv10] quit
[PE1-GigabitEthernet1/0/1] quit
# Create a cross-connect group named vpnb, create a local site named site 1, and create a BGP PW from site 1 to remote site site 2.
[PE1] xconnect-group vpnb
[PE1-xcg-vpnb] auto-discovery bgp
[PE1-xcg-vpnb-auto] route-distinguisher 2:2
[PE1-xcg-vpnb-auto] vpn-target 2:2 export-extcommunity
[PE1-xcg-vpnb-auto] vpn-target 2:2 import-extcommunity
[PE1-xcg-vpnb-auto] site 1 range 10 default-offset 0
[PE1-xcg-vpnb-auto-1] connection remote-site-id 2
# Bind Ethernet service instance 10 on GigabitEthernet 1/0/1 to the PW.
[PE1-xcg-vpnb-auto-1-2] ac interface gigabitethernet 1/0/1 service-instance 10
[PE1-xcg-vpnb-auto-1-2] return
3. Configure the P device:
# Configure an LSR ID.
<P> system-view
[P] interface loopback 0
[P-LoopBack0] ip address 192.4.4.4 32
[P-LoopBack0] quit
[P] mpls lsr-id 192.4.4.4
# Enable LDP globally.
[P] mpls ldp
[P-ldp] quit
# Configure VLAN-interface 20 (the interface connected to PE 1), and enable LDP on the interface.
[P] interface vlan-interface 20
[P-Vlan-interface20] ip address 10.1.1.2 24
[P-Vlan-interface20] mpls enable
[P-Vlan-interface20] mpls ldp enable
[P-Vlan-interface20] quit
# Configure VLAN-interface 30 (the interface connected to PE 2), and enable LDP on the interface.
[P] interface vlan-interface 30
[P-Vlan-interface30] ip address 10.2.2.2 24
[P-Vlan-interface30] mpls enable
[P-Vlan-interface30] mpls ldp enable
[P-Vlan-interface30] quit
# Enable OSPF for LSP establishment.
[P] ospf
[P-ospf-1] area 0
[P-ospf-1-area-0.0.0.0] network 10.1.1.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 10.2.2.2 0.0.0.255
[P-ospf-1-area-0.0.0.0] network 192.4.4.4 0.0.0.0
[P-ospf-1-area-0.0.0.0] quit
[P-ospf-1] quit
4. Configure PE 2:
# Configure an LSR ID.
<PE2> system-view
[PE2] interface loopback 0
[PE2-LoopBack0] ip address 192.3.3.3 32
[PE2-LoopBack0] quit
[PE2] mpls lsr-id 192.3.3.3
# Enable L2VPN.
[PE2] l2vpn enable
# Enable LDP globally.
[PE2] mpls ldp
[PE2-ldp] quit
# Configure VLAN-interface 30 (the interface connected to the P device), and enable LDP on the interface.
[PE2] interface vlan-interface 30
[PE2-Vlan-interface30] ip address 10.2.2.1 24
[PE2-Vlan-interface30] mpls enable
[PE2-Vlan-interface30] mpls ldp enable
[PE2-Vlan-interface30] quit
# Enable OSPF for LSP establishment.
[PE2] ospf
[PE2-ospf-1] area 0
[PE2-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0
[PE2-ospf-1-area-0.0.0.0] network 10.2.2.0 0.0.0.255
[PE2-ospf-1-area-0.0.0.0] quit
[PE2-ospf-1] quit
# Create an IBGP connection to PE 1, and enable BGP to advertise L2VPN information to PE 1.
[PE2] bgp 100
[PE2-bgp-default] peer 192.2.2.2 as-number 100
[PE2-bgp-default] peer 192.2.2.2 connect-interface loopback 0
[PE2-bgp-default] address-family l2vpn
[PE2-bgp-default-l2vpn] peer 192.2.2.2 enable
[PE2-bgp-default-l2vpn] quit
[PE2-bgp-default] quit
# Create VLAN 10 and assign GigabitEthernet 1/0/1 to the VLAN.
[PE2] vlan 10
[PE2-vlan10] port gigabitethernet 1/0/1
[PE2-vlan10] quit
# Create Ethernet service instance 10 on GigabitEthernet 1/0/1 to match packets with an outer VLAN ID of 10.
[PE2] interface gigabitethernet1/0/1
[PE2-GigabitEthernet1/0/1] service-instance 10
[PE2-GigabitEthernet1/0/1-srv10]encapsulation s-vid 10
[PE2-GigabitEthernet1/0/1-srv10] quit
[PE2-GigabitEthernet1/0/1] quit
# Create a cross-connect group named vpnb, create a local site named site 2, and create a BGP PW from site 2 to remote site site 1.
[PE2] xconnect-group vpnb
[PE2-xcg-vpnb] auto-discovery bgp
[PE2-xcg-vpnb-auto] route-distinguisher 2:2
[PE2-xcg-vpnb-auto] vpn-target 2:2 export-extcommunity
[PE2-xcg-vpnb-auto] vpn-target 2:2 import-extcommunity
[PE2-xcg-vpnb-auto] site 2 range 10 default-offset 0
[PE2-xcg-vpnb-auto-2] connection remote-site-id 1
# Bind Ethernet service instance 10 on GigabitEthernet 1/0/1 to the PW.
[PE2-xcg-vpnb-auto-2-1] ac interface gigabitethernet 1/0/1 service-instance 10
[PE2-xcg-vpnb-auto-2-1] return
5. Configure CE 2.
<CE2> system-view
[CE2] interface vlan-interface 10
[CE2-Vlan-interface10] ip address 100.1.1.2 24
[CE2-Vlan-interface10] quit
Verifying the configuration
# Verify that a BGP PW has been established on PE 1.
<PE1> display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY – ac-bypass
PBY – pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: vpnb
Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State
192.3.3.3 2 1036/1025 BGP M 10000000 Up
# Verify that a BGP PW has been established on PE 2.
<PE2> display l2vpn pw
Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link
N - no split horizon, A - administration, ABY – ac-bypass
PBY – pw-bypass
Total number of PWs: 1
1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: vpnb
Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State
192.2.2.2 1 1025/1036 BGP M 10000001 Up
# Verify that CE 1 and CE 2 can ping each other. (Details not shown.)