Ruijie Community

Title: How to configure IPv4 MPLS L3 VPN (Intranet) on Ruijie switch? [Print this page]

---

Author: zhangqiao@ruiji    Time: 2024-6-11 14:56
Title: How to configure IPv4 MPLS L3 VPN (Intranet) on Ruijie switch?
Requirements
1. Users of different SITs within a VPNA can communicate with each other.
2. VPNB users of different SITE can communicate witheach other.
3. Users between VPNA and VPNB VPNs cannot communicatewith each other.
Topology
Configuration
(1) Configure the interface Internet Protocol Address and OSPF routing protocol on each node of the MPLS backbone network torealize the intercommunication between the nodes of the backbone network.
#Configuration of device PE1.

PE1 > enable
PE1 #configure terminal
PE1 (config) #interface loopback 0
PE1 (config-if-Loopback 0) #ip address 172.168.0.1255.255.255.255
PE1 (config-if-Loopback 0) #exit
PE1 (config) #interface gigabitethernet 0/2
PE1 (config-if-GigabitEthernet 0/2) #no switchport
PE1 (config-if-GigabitEthernet 0/2) #ip address172.168.10.1 255.255.255.0
PE1 (config-if-GigabitEthernet 0/2) #exit
PE1 (config) #router ospf 10
PE1 (config-router) #network 172.168.0.1 0.0.0 area0
PE1 (config-router) #network 172.168.10.0 0.0.0.255 area 0
PE1 (config-router) #exit

#Configuration of device P1.

P1 > enable
P1 #configure terminal
P1 (config) #interface loopback 0
P1 (config-if-Loopback 0) #ip address 172.168.0.4255.255.255.255
P1 (config-if-Loopback 0) #exit
P1 (config) #interface gigabitethernet 0/1
P1 (config-if-GigabitEthernet 0/1) #no switchport
P1 (config-if-GigabitEthernet 0/1) #ip address172.168.10.2 255.255.255.0
P1 (config-if-GigabitEthernet 0/1) #exit
P1 (config) #interface gigabitethernet 0/2
P1 (config-if-GigabitEthernet 0/2) #no switchport
P1 (config-if-GigabitEthernet 0/2) #ip address172.168.20.1 255.255.255.0
P1 (config-if-GigabitEthernet 0/2) #exit
P1 (config) #router ospf 10
P1 (config-router) #network 172.168.0.4 0.0.0 area0
P1 (config-router) #network 172.168.10.0 0.0.0 area0
P1 (config-router) #network 172.168.20.0 0.0.0 area0
P1 (config-router) #exit

#Configuration of device P2.

P2 > enabled
P2 #configure terminal
P2 (config) #interface loopback 0
P2 (config-if-Loopback 0) #ip address 172.168.0.5255.255.255.255
P2 (config-if-Loopback 0) #exit
P2 (config) #interface gigabitethernet 0/1
P2 (config-if-GigabitEthernet 0/1) #no switchport
P2 (config-if-GigabitEthernet 0/1) #ip address172.168.20.2 255.255.255.0
P2 (config-if-GigabitEthernet 0/1) #exit
P2 (config) #interface gigabitethernet 0/2
P2 (config-if-GigabitEthernet 0/2) #no switchport
P2 (config-if-GigabitEthernet 0/2) #ip address 172.168.30.1255.255.255.0
P2 (config-if-GigabitEthernet 0/2) #exit
P2 (config) #interface gigabitethernet 0/3
P2 (config-if-GigabitEthernet 0/3) #no switchport
P2 (config-if-GigabitEthernet 0/3) #ip address172.168.40.1 255.255.255.0
P2 (config-if-GigabitEthernet 0/3) #exit
P2 (config) #router ospf 10
P2 (config-router) #network 172.168.0.5 0.0.0.0area 0
P2 (config-router) #network 172.168.20.0 0.0.0 area0
P2 (config-router) #network 172.168.30.0 0.0.0 area0
P2 (config-router) #network 172.168.40.0 0.0.0 area0
P2 (config-router) #exit

#Configuration of device PE2.

PE2 > enabled
PE2 #configure terminal
PE2 (config) #interface loopback 0
PE2 (config-if-Loopback 0) #ip address 172.168.0.3255.255.255.255
PE2 (config-if-Loopback 0) #exit
PE2 (config) #interface gigabitethernet 0/2
PE2 (config-if-GigabitEthernet 0/2) #no switchport
PE2 (config-if-GigabitEthernet 0/2) #ip address172.168.40.2 255.255.255.0
PE2 (config-if-GigabitEthernet 0/2) #exit
PE2 (config) #router ospf 10
PE2 (config-router) #network 172.168.0.3 0.0.0.0area 0
PE2 (config-router) #network 172.168.40.0 0.0.0.255area 0
PE2 (config-router) #exit

#Configuration of device PE3.

PE3 > enable

PE3 #configure terminal

PE3 (config) #interface loopback 0

PE3 (config-if-Loopback 0) #ip address 172.168.0.2255.255.255.255

PE3 (config-if-Loopback 0) #exit

PE3 (config) #interface gigabitethernet 0/2

PE3 (config-if-GigabitEthernet 0/2) #no switchport

PE3 (config-if-GigabitEthernet 0/2) #ip address172.168.30.2 255.255.255.0

PE3 (config-if-GigabitEthernet 0/2) #exit

PE3 (config) #router ospf 10

PE3 (config-router) #network 172.168.0.2 0.0.0.0area 0

PE3 (config-router) #network 172.168.30.0 0.0.0.255area 0

PE3 (config-router) #exit

(2) Configure the MPLS forwarding capability andLDP protocol on each node of the MPLS backbone network to estaxlish an LDP LSP.
#Configuration of device PE1

PE1 (config) #mpls ip
PE1 (config) #mpls router ldp
PE1 (config-mpls-router) #ldp router-id interfaceloopback 0 force
PE1 (config-mpls-router) #exit
PE1 (config) #interface gigabitethernet 0/2
PE1 (config-if-GigabitEthernet 0/2)#label-switching
PE1 (config-if-GigabitEthernet 0/2) #mpls ip
PE1 (config-if-GigabitEthernet 0/2) #exit

#Configuration of device P1.

P1 (config) #mpls ip
P1 (config) #mpls router ldp
P1 (config-mpls-router) #ldp router-id interfaceloopback 0 force
P1 (config-mpls-router) #exit
P1 (config) #interface gigabitethernet 0/1
P1 (config-if-GigabitEthernet 0/1) #label-switching
P1 (config-if-GigabitEthernet 0/1) #mpls ip
P1 (config-if-GigabitEthernet 0/1) #exit
P1 (config) #interface gigabitethernet 0/2
P1 (config-if-GigabitEthernet 0/2) #label-switching
P1 (config-if-GigabitEthernet 0/2) #mpls ip
P1 (config-if-GigabitEthernet 0/2) #exit

#Configuration of device P2.

P2(config)# mpls ip

P2(config)# mpls router ldp

P2(config-mpls-router)# ldp router-id interfaceloopback 0 force

P2(config-mpls-router)# exit

P2(config)# interface gigabitethernet 0/1

P2(config-if-GigabitEthernet 0/1)# label-switching

P2(config-if-GigabitEthernet 0/1)# mpls ip

P2(config-if-GigabitEthernet 0/1)# exit

P2(config)# interface gigabitethernet 0/2

P2(config-if-GigabitEthernet 0/2)# label-switching

P2(config-if-GigabitEthernet 0/2)# mpls ip

P2(config-if-GigabitEthernet 0/2)# exit

P2(config)# interface gigabitethernet 0/3

P2(config-if-GigabitEthernet 0/3)# label-switching

P2(config-if-GigabitEthernet 0/3)# mpls ip

P2(config-if-GigabitEthernet 0/3)# exit

#Configuration of device PE2

PE2(config)# mpls ip
PE2(config)# mpls router ldp
PE2(config-mpls-router)# ldp router-id interfaceloopback 0 force
PE2(config-mpls-router)# exit
PE2(config)# interface gigabitethernet 0/2
PE2(config-if-GigabitEthernet 0/2)# label-switching
PE2(config-if-GigabitEthernet 0/2)# mpls ip
PE2(config-if-GigabitEthernet 0/2)# exit

#Configuration of device PE3

PE3(config)# mpls ip

PE3(config)# mpls router ldp

PE3(config-mpls-router)# ldp router-id interfaceloopback 0 force

PE3(config-mpls-router)# exit

PE3(config)# interface gigabitethernet 0/2

PE3(config-if-GigabitEthernet 0/2)# label-switching

PE3(config-if-GigabitEthernet 0/2)# mpls ip

PE3(config-if-GigabitEthernet 0/2)# exit

(3) Configure VPN routing instances on each PE,define RD values and RTS values, and associate VRF with corresponding interfaces
#Configuration of device PE1.

PE1 (config) #ip vrf VPNA

PE1 (config-vrf) #rd 1:100

PE1 (config-vrf) #route-target both 1:100

PE1 (config-vrf) #exit

PE1 (config) #interface gigabitethernet 0/1

PE1 (config-if-GigabitEthernet 0/1) #no switchport

PE1 (config-if-GigabitEthernet 0/1) #ip vrfforwarding VPNA

PE1 (config-if-GigabitEthernet 0/1) #ip address192.168.10.1 255.255.255.0

PE1 (config-if-GigabitEthernet 0/1) #exit

#Configuration of device PE2.

PE2 (config) #ip vrf VPNA
PE2 (config-vrf) #rd 1:100
PE2 (config-vrf) #route-target both 1:100
PE2 (config-vrf) #exit
PE2 (config) #ip vrf VPNB
PE2 (config-vrf) #rd 1:200
PE2 (config-vrf) #route-target both 1:200
PE2 (config-vrf) #exit
PE2 (config) #interface gigabitethernet 0/1
PE2 (config-if-GigabitEthernet 0/1) #no switchport
PE2 (config-if-GigabitEthernet 0/1) #ip vrfforwarding VPNA
PE2 (config-if-GigabitEthernet 0/1) #ip address192.168.40.1 255.255.255.0
PE2 (config-if-GigabitEthernet 0/1) #exit
PE2 (config) #interface gigabitethernet 0/3
PE2 (config-if-GigabitEthernet 0/3) #no switchport
PE2 (config-if-GigabitEthernet 0/3) #ip vrfforwarding VPNB
PE2 (config-if-GigabitEthernet 0/3) #ip address192.168.30.1 255.255.255.0
PE2 (config-if-GigabitEthernet 0/3) #exit

#Configuration of device PE3.

PE3 (config) #ip vrf VPNA
PE3 (config-vrf) #rd 1:100
PE3 (config-vrf) #route-target both 1:100
PE3 (config-vrf) #exit
PE3 (config) #ip vrf VPNB
PE3 (config-vrf) #rd 1:200
PE3 (config-vrf) #route-target both 1:200
PE3 (config-vrf) #exit
PE3 (config) #interface gigabitethernet 0/1
PE3 (config-if-GigabitEthernet 0/1) #no switchport
PE3 (config-if-GigabitEthernet 0/1) #ip vrfforwarding VPNB
PE3 (config-if-GigabitEthernet 0/1) #ip address192.168.10.1 255.255.255.0
PE3 (config-if-GigabitEthernet 0/1) #exit
PE3 (config) #interface gigabitethernet 0/3
PE3 (config-if-GigabitEthernet 0/3) #no switchport
PE3 (config-if-GigabitEthernet 0/3) #ip vrfforwarding VPNA
PE3 (config-if-GigabitEthernet 0/3) #ip address192.168.20.1 255.255.255.0
PE3 (config-if-GigabitEthernet 0/3) #exit

(4) Configure MP-IBGP neighbors between the PEs totransmit VPN routing information.

#Configuration of device PE1.

PE1 (config) #router bgp 1

PE1 (config-router) #neighbor 172.168.0.2 remote-as1

PE1 (config-router) #neighbor 172.168.0.2update-source loopback 0

PE1 (config-router) #neighbor 172.168.0.3 remote-as1

PE1 (config-router) #neighbor 172.168.0.3update-source loopback 0

PE1 (config-router) #addresses-family vpnv4

PE1 (config-router-af) #neighbor 172.168.0.2activate

PE1 (config-router-af) #neighbor 172.168.0.3activate

PE1 (config-router-af) #exit-addresses-family

PE1 (config-router) #exit

#Configuration of device PE2.

PE2 (config) #router bgp 1
PE2 (config-router) #neighbor 172.168.0.1 remote-as1
PE2 (config-router) #neighbor 172.168.0.1update-source loopback 0
PE2 (config-router) #neighbor 172.168.0.2 remote-as1
PE2 (config-router) #neighbor 172.168.0.2update-source loopback 0
PE2 (config-router) #addresses-family vpnv4
PE2 (config-router-af) #neighbor 172.168.0.1activate
PE2 (config-router-af) #neighbor 172.168.0.2activate
PE2 (config-router-af) #exit-addresses-family
PE2 (config-router) #exit

#Configuration of device PE3.

PE3 (config) #router bgp 1
PE3 (config-router) #neighbor 172.168.0.1 remote-as1
PE3 (config-router) #neighbor 172.168.0.1update-source loopback 0
PE3 (config-router) #neighbor 172.168.0.3 remote-as1
PE3 (config-router) #neighbor 172.168.0.3update-source loopback 0
PE3 (config-router) #addresses-family vpnv4
PE3 (config-router-af) #neighbor 172.168.0.1activate
PE3 (config-router-af) #neighbor 172.168.0.3activate
PE3 (config-router-af) #exit-addresses-family
PE3 (config-router) #exit

(5) configure EBGP between each PE and VPN-SITE to transmit VPN routing information.

#Configuration of device PE1.

PE1 (config) #router bgp 1
PE1 (config-router) #addresses-family ipv4 vrf VPNA
PE1 (config-router-af) #neighbor 192.168.10.2remote-as 65001
PE1 (config-router-af) #neighbor 192.168.10.2activate
PE1 (config-router-af) #exit-addresses-family
PE1 (config-router) #end

#Configuration of device PE2.

PE2 (config) #router bgp 1
PE2 (config-router) #addresses-family ipv4 vrf VPNA
PE2 (config-router-af) #neighbor 192.168.40.2remote-as 65003
PE2 (config-router-af) #neighbor 192.168.40.2activate
PE2 (config-router-af) #exit-addresses-family
PE2 (config-router) #addresses-family ipv4 vrf VPNB
PE2 (config-router-af) #neighbor 192.168.30.2remote-as 65005
PE2 (config-router-af) #neighbor 192.168.30.2activate
PE2 (config-router-af) #exit-addresses-family
PE2 (config-router) #end

#Device VPNA-SITEA configuration.

VPNA-SITEA > enable
VPNA-SITEA #configure terminal
VPNA-SITEA (config) #interface gigabitethernet 0/1
VPNA-SITEA (config-if-GigabitEthernet 0/1) #noswitchport
VPNA-SITEA (config-if-GigabitEthernet 0/1) ipaddress 192.168.10.2 255.255.255.0
VPNA-SITEA (config-if-GigabitEthernet 0/1) exit
VPNA-SITEA (config) #router bgp 65001
VPNA-SITEA (config-router) #neighbor 192.168.10.1remote-as 1
VPNA-SITEA (config-router) #neighbor 192.168.10.1activated
VPNA-SITEA (config-router) #end

#Device VPNA-SITEB configuration.

VPNA-SITEB > enable
VPNA-SITEB #configure terminal
VPNA-SITEB (config) #interface gigabitethernet 0/1
VPNA-SITEB (config-if-GigabitEthernet 0/1) #noswitchport
VPNA-SITEB (config-if-GigabitEthernet 0/1) ipaddress 192.168.20.2 255.255.255.0
VPNA-SITEB (config-if-GigabitEthernet 0/1) exit
VPNA-SITEB (config) #router bgp 65002
VPNA-SITEB (config-router) #neighbor 192.168.20.1remote-as 1
VPNA-SITEB (config-router) #neighbor 192.168.20.1activate
VPNA-SITEB (config-router) #end

#Device VPNA-SITEC configuration.

VPNA-SITEC > enable
VPNA-SITEC #configure terminal
VPNA-SITEC (config) #interface gigabitethernet 0/1
VPNA-SITEC (config-if-GigabitEthernet 0/1) #noswitchport
VPNA-SITEC (config-if-GigabitEthernet 0/1) ipaddress 192.168.40.2 255.255.255.0
VPNA-SITEC (config-if-GigabitEthernet 0/1) exit
VPNA-SITEC (config) #router bgp 65003
VPNA-SITEC (config-router) #neighbor 192.168.40.1remote-as 1
VPNA-SITEC (config-router) #neighbor 192.168.40.1activate
VPNA-SITEC (config-router) #end

#Device VPNB-SITEB configuration.

VPNB-SITEB > enable
VPNB-SITEB #configure terminal
VPNB-SITEB (config) #interface gigabitethernet 0/1
VPNB-SITEB (config-if-GigabitEthernet 0/1) #noswitchport
VPNB-SITEB (config-if-GigabitEthernet 0/1) #ipaddress 192.168.10.3 255.255.255.0
VPNB-SITEB (config-if-GigabitEthernet 0/1) #exit
VPNB-SITEB (config) #router bgp 65004
VPNB-SITEB (config-router) #neighbor 192.168.10.1remote-as 1
VPNB-SITEB (config-router) #neighbor 192.168.10.1activate
VPNB-SITEB (config-router) #end

#Device VPNB-SITEC configuration.

VPNB-SITEC > enable
VPNB-SITEC #configure terminal
VPNB-SITEC (config) #interface gigabitethernet 0/1
VPNB-SITEC (config-if-GigabitEthernet 0/1) #noswitchport
VPNB-SITEC (config-if-GigabitEthernet 0/1) ipaddress 192.168.30.2 255.255.255.0
VPNB-SITEC (config-if-GigabitEthernet 0/1) exit
VPNB-SITEC (config) #router bgp 65005
VPNB-SITEC (config-router) #neighbor 192.168.30.1remote-as 1
VPNB-SITEC (config-router) #neighbor 192.168.30.1activate
VPNB-SITEC (config-router) #end

---

Welcome to Ruijie Community (https://community.ruijienetworks.com/)

Powered by Discuz! X3.2