0. 拓扑图

拓扑图

1. IP 编址

[R1]
#
interface GigabitEthernet0/0/0
 ip address 100.0.12.1 255.255.255.0
#
interface GigabitEthernet0/0/1
 ip address 100.0.14.1 255.255.255.0
#
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255

[R2]
#
interface GigabitEthernet0/0/0
 ip address 100.0.12.2 255.255.255.0
#
interface GigabitEthernet0/0/1
 ip address 100.0.23.2 255.255.255.0
#
interface LoopBack0
 ip address 2.2.2.2 255.255.255.255

[R3]
#
interface GigabitEthernet0/0/0
 ip address 10.0.35.3 255.255.255.0
#
interface GigabitEthernet0/0/1
 ip address 10.0.23.3 255.255.255.0
#
interface LoopBack0
 ip address 3.3.3.3 255.255.255.255

[R4]
#
interface GigabitEthernet0/0/1
 ip address 100.0.14.4 255.255.255.0
#
interface GigabitEthernet0/0/2
 ip address 10.0.10.254 255.255.255.0

[R5]
#
interface GigabitEthernet0/0/0
 ip address 100.0.35.5 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
 ip address 10.0.20.254 255.255.255.0

2. 配置分部DHCP

[R4] //全局地址池
#
dhcp enable
#
ip pool A
 gateway-list 10.0.10.254
 network 10.0.10.0 mask 255.255.255.0
 excluded-ip-address 10.0.10.253
 lease day 1 hour 12 minute 0
 dns-list 10.0.10.253

interface GigabitEthernet0/0/2
 dhcp select global

[R5] //接口地址池
#
dhcp enable
#
interface GigabitEthernet0/0/2
 dhcp select interface
 dhcp server excluded-ip-address 10.0.20.253
 dhcp server lease day 1 hour 12 minute 0
 dhcp server dns-list 10.0.20.253

3. 运营商网络OSPF

[R1]
#
router id 1.1.1.1
#
ospf 1 router-id 1.1.1.1
 area 0.0.0.0
  network 100.0.12.0 0.0.0.255
  network 1.1.1.1 0.0.0.0

[R2]
#
router id 2.2.2.2
#
ospf 1 router-id 2.2.2.2
 area 0.0.0.0
  network 100.0.12.0 0.0.0.255
  network 100.0.23.0 0.0.0.255
  network 2.2.2.2 0.0.0.0

[R3]
#
router id 3.3.3.3
#
ospf 1 router-id 3.3.3.3
 area 0.0.0.0
  network 100.0.23.0 0.0.0.255
  network 3.3.3.3 0.0.0.0

4. 配置运营商网络边缘设备的 VPN实例

[R1]
#
ip vpn-instance VPN1
 ipv4-family
  route-distinguisher 222:222
  vpn-target 12:3 export-extcommunity
  vpn-target 12:3 import-extcommunity
#
interface GigabitEthernet0/0/1
 ip binding vpn-instance VPN1
 ip address 100.0.14.1 255.255.255.0

[R3]
#
ip vpn-instance VPN1
 ipv4-family
  route-distinguisher 111:222
  vpn-target 12:3 export-extcommunity
  vpn-target 12:3 import-extcommunity
#
interface GigabitEthernet0/0/0
 ip binding vpn-instance VPN1
 ip address 100.0.35.3 255.255.255.0

5. 配置客户网络边缘设备与运营商网络边缘设备使用 BGP 协议传递路由

[R4]
#
bgp 100
 peer 100.0.14.1 as-number 123
  network 10.0.10.0 255.255.255.0

[R1]
#
bgp 123
 #
 ipv4-family vpn-instance VPN1
  peer 100.0.14.4 as-number 100

[R5]
#
bgp 200
 peer 100.0.35.3 as-number 123
  network 10.0.20.0 255.255.255.0

[R3]
#
bgp 123
 #
 ipv4-family vpn-instance VPN1
  peer 100.0.35.5 as-number 200

6. 配置运营商网络边缘设备使用 MP-BGP 协议传递客户的私网路由

[R1]
bgp 123
 peer 3.3.3.3 as-number 123 
 peer 3.3.3.3 connect-interface LoopBack0
 # 
 ipv4-family vpnv4 unicast 
  peer 3.3.3.3 enable

[R3]
bgp 123
 peer 1.1.1.1 as-number 123 
 peer 1.1.1.1 connect-interface LoopBack0
 # 
 ipv4-family vpnv4 unicast 
  peer 1.1.1.1 enable

7. 配置(所有)运营商网络设备使用 MPLS LDP 协议转发客户的私网数据

[R1]
#
mpls lsr-id 1.1.1.1
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/0
 mpls
 mpls ldp

[R2]
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/0
 mpls
 mpls ldp
interface GigabitEthernet0/0/1
 mpls
 mpls ldp

[R3]
#
mpls lsr-id 3.3.3.3
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/1
 mpls
 mpls ldp

8. 检查

<R3>dis ip routing-table vpn-instance v1