of 25
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.

HPE 5820X & 5800 Switch Series

Category:

Research

Publish on:

Views: 84 | Pages: 25

Extension: PDF | Download: 0

Share
Description
HPE 5820X & 5800 Switch Series MPLS Configuration Guide Part number: R Software version: Release 1810 Document version: 6W Copyright 2016 Hewlett Packard Enterprise Development LP
Transcript
HPE 5820X & 5800 Switch Series MPLS Configuration Guide Part number: R Software version: Release 1810 Document version: 6W Copyright 2016 Hewlett Packard Enterprise Development LP The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Confidential computer software. Valid license from Hewlett Packard Enterprise required for possession, use, or copying. Consistent with FAR and , Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor s standard commercial license. Links to third-party websites take you outside the Hewlett Packard Enterprise website. Hewlett Packard Enterprise has no control over and is not responsible for information outside the Hewlett Packard Enterprise website. Acknowledgments Intel, Itanium, Pentium, Intel Inside, and the Intel Inside logo are trademarks of Intel Corporation in the United States and other countries. Microsoft and Windows are trademarks of the Microsoft group of companies. Adobe and Acrobat are trademarks of Adobe Systems Incorporated. Java and Oracle are registered trademarks of Oracle and/or its affiliates. UNIX is a registered trademark of The Open Group. Contents Configuring MCE 1 Overview 1 MPLS L3VPN 1 MPLS L3VPN concepts 2 Multi-VPN-instance CE 4 Using MCE in tunneling applications 5 Configuring routing on an MCE 6 Route exchange between an MCE and a VPN site 6 Route exchange between an MCE and a PE 7 Configuring VPN instances 8 Creating a VPN instance 8 Associating a VPN instance with an interface 8 Configuring route attributes of a VPN instance 9 Configuring routing on an MCE 10 Configuring routing between an MCE and a VPN site 10 Configuring routing between an MCE and a PE 15 Resetting BGP connections 18 Displaying and maintaining MCE 19 Configuration examples 20 Using OSPF to advertise VPN routes to the PE 20 Using BGP to advertise VPN routes to the PE 25 Using tunnels to advertise VPN routes 28 Configuring IPv6 MCE 35 Overview 35 Configuring VPN instances 35 Creating a VPN instance 35 Associating a VPN instance with an interface 35 Configuring route related attributes for a VPN instance 36 Configuring routing on an IPv6 MCE 37 Configuring routing between IPv6 MCE and VPN site 37 Configuring routing between IPv6 MCE and PE 41 Resetting IPv6 BGP connections 44 Displaying and maintaining IPv6 MCE 44 IPv6 MCE configuration example 45 Configuring basic MPLS 51 Hardware compatibility 51 MPLS overview 51 Basic concepts 51 MPLS network structure 53 LSP establishment and label distribution 53 MPLS forwarding 55 LDP 57 Protocols 59 MPLS configuration task list 59 Enabling the MPLS function 60 Configuring a static LSP 60 Establishing dynamic LSPs through LDP 61 Configuring MPLS LDP capability 61 Configuring local LDP session parameters 62 Configuring remote LDP session parameters 63 Configuring PHP 63 Configuring the policy for triggering LSP establishment 64 Configuring the label distribution control mode 65 Configuring LDP loop detection 65 Configuring LDP MD5 authentication 66 i Configuring LDP label filtering 66 Configuring DSCP for outgoing LDP packets 68 Maintaining LDP sessions 68 Configuring BFD for MPLS LDP 68 Resetting LDP sessions 69 Managing and optimizing MPLS forwarding 69 Configuring a TTL processing mode for an LSR 69 Sending back ICMP TTL exceeded messages for MPLS TTL expired packets 70 Configuring LDP GR 71 Configuring LDP NSR 73 Configuring MPLS statistics collection 73 Inspecting LSPs 74 Configuring MPLS LSP ping 74 Configuring MPLS LSP tracert 74 Configuring BFD for LSPs 75 Configuring periodic LSP tracert 76 Enabling MPLS trap 76 Displaying and maintaining MPLS 77 Displaying MPLS operation 77 Displaying MPLS LDP operation 78 Clearing MPLS statistics 79 MPLS configuration examples 79 Configuring static LSPs 79 Configuring LDP to establish LSPs dynamically 82 Configuring BFD for LSPs 86 Configuring MPLS TE 88 Hardware compatibility 88 MPLS TE overview 88 Basic concepts 89 MPLS TE implementation 89 CR-LSP 90 RSVP-TE 91 Traffic forwarding 94 Bidirectional MPLS TE tunnel 96 CR-LSP backup 96 FRR 96 PS for an MPLS TE tunnel 97 Protocols and standards 99 MPLS TE configuration task list 99 Configuring basic MPLS TE 99 Creating an MPLS TE tunnel over a static CR-LSP 100 Configuring an MPLS TE tunnel with a dynamic signaling protocol 101 Configuration prerequisites 102 Configuration procedure 102 Configuring RSVP-TE advanced features 105 Configuring RSVP reservation style 105 Configuring RSVP state timers 106 Configuring the RSVP refresh mechanism 106 Configuring the RSVP hello extension 107 Configuring RSVP-TE resource reservation confirmation 107 Configuring RSVP authentication 108 Configuring DSCP for outgoing RSVP packets 108 Configuring RSVP-TE GR 108 Tuning CR-LSP setup 109 Configuring route pinning 109 Configuring administrative group and affinity attribute 109 Configuring CR-LSP reoptimization 110 Tuning MPLS TE tunnel setup 110 Configuring loop detection 110 Configuring route and label recording 111 Configuring tunnel setup retry 111 ii Assigning priorities to a tunnel 111 Configuring traffic forwarding 112 Forwarding traffic along MPLS TE tunnels using static routes 112 Forwarding traffic along MPLS TE tunnels through automatic route advertisement 112 Configuring traffic forwarding tuning parameters 114 Configuring the failed link timer 114 Specifying the link metric type for tunnel path calculation 114 Configuring the traffic flow type of a tunnel 115 Creating a bidirectional MPLS TE tunnel 115 Configuring CR-LSP backup 116 Configuring FRR 117 Enabling FRR on the ingress node of a protected LSP 117 Configuring a bypass tunnel on its PLR 118 Configuring node protection 118 Configuring the FRR polling timer 119 Inspecting an MPLS TE tunnel 119 Configuring MPLS LSP ping 119 Configuring MPLS LSP tracert 120 Configuring BFD for an MPLS TE tunnel 120 Configuring periodic LSP tracert for an MPLS TE tunnel 121 Configuring DM 122 Configuring protection switching 123 Displaying and maintaining MPLS TE 123 Configuring MPLS TE examples 125 MPLS TE using static CR-LSP configuration example 125 MPLS TE using RSVP-TE configuration example 130 RSVP-TE GR configuration example 136 MPLS RSVP-TE and BFD cooperation configuration example 138 Bidirectional MPLS TE tunnel configuration example 140 CR-LSP backup configuration example 147 FRR configuration example 150 MPLS TE in MPLS L3VPN configuration example 159 Troubleshooting MPLS TE 166 No TE LSA generated 166 Configuring VPLS 168 Hardware compatibility 168 VPLS overview 168 Basic VPLS concepts 168 PW establishment 169 MAC address learning and flooding 170 VPLS loop avoidance 171 VPLS packet encapsulation 171 H-VPLS implementation 172 Hub-spoke VPLS implementation 174 VPLS configuration task list 174 Enabling L2VPN and MPLS L2VPN 175 Configuring static VPLS 175 Configuring a static VPLS instance 175 Configuring LDP VPLS 176 Configuring an LDP VPLS instance 177 Configuring BGP VPLS 178 Configuring the BGP extension 178 Configuring a BGP VPLS instance 178 Resetting VPLS BGP connections 179 Binding a service instance to a VPLS instance 179 Configuring traffic policing for VPLS 180 Configuring traffic policing for a PW 180 Configuring traffic policing for an AC 180 Enabling VPLS statistics 181 Enabling traffic statistics for a PW 181 Enabling traffic statistics for an AC 181 iii Configuring MAC address learning 182 Configuring VPLS instance attributes 182 Inspecting PWs 183 Displaying and maintaining VPLS 183 VPLS configuration examples 184 Binding service instances to VPLS instances 185 Configuring hub-spoke VPLS 189 Configuring PW redundancy for H-VPLS access 192 Configuring BFD for the primary link in an H-VPLS network 197 Troubleshooting VPLS 201 Configuring MPLS L2VPN 203 Hardware compatibility 203 MPLS L2VPN overview 203 Basic concepts of MPLS L2VPN 203 MPLS L2VPN network models 204 Remote connection operation 204 Implementation of MPLS L2VPN 206 VC encapsulations types 211 MPLS L2VPN configuration task list 211 Configuring basic MPLS L2VPN 212 Configuring a PE-CE interface 212 Configuring Ethernet encapsulation 212 Configuring VLAN encapsulation 212 Configuring a remote CCC connection 213 Configuring SVC MPLS L2VPN 213 Configuring a static VC on a Layer 3 interface (approach 1) 214 Configuring a static VC on a Layer 3 interface (approach 2) 214 Configuring a static VC for a service instance 214 Configuring Martini MPLS L2VPN 216 Configuring the remote peer 216 Creating a Martini VC on a Layer 3 interface 217 Creating a Martini VC for a service instance 217 Inspecting VCs 218 Configuring Kompella MPLS L2VPN 219 Configuring BGP L2VPN capability 219 Creating and configuring an MPLS L2VPN 219 Creating a CE connection 220 Configuring traffic policing for an AC 221 Enabling traffic statistics for an AC 222 Displaying and maintaining MPLS L2VPN 223 MPLS L2VPN configuration examples 224 Example for configuring a remote CCC connection 224 Example for configuring SVC MPLS L2VPN 227 Example for configuring Martini MPLS L2VPN 231 Example for configuring Kompella MPLS L2VPN 234 Example for configuring a VC for a service instance 237 Troubleshooting MPLS L2VPN 241 Configuring MPLS L3VPN 242 Hardware compatibility 242 MPLS L3VPN overview 242 MPLS L3VPN concepts 243 MPLS L3VPN packet forwarding 245 MPLS L3VPN networking schemes 246 MPLS L3VPN routing information advertisement 249 Inter-AS VPN 250 Carrier's carrier 253 Nested VPN 255 HoVPN 256 OSPF VPN extension 258 BGP AS number substitution and SoO 261 iv MPLS L3VPN configuration task list 261 Configuring basic MPLS L3VPN 262 Configuring VPN instances 262 Configuring routing between PE and CE 266 Configuring routing between PEs 271 Configuring routing features for BGP VPNv4 subaddress family 272 Configuring inter-as VPN 275 Configuring inter-as option A 275 Configuring inter-as option B 275 Configuring inter-as option C 276 Configuring nested VPN 278 Configuration restrictions and guidelines 278 Configuration procedure 278 Configuring HoVPN 279 Configuring an OSPF sham link 280 Configuring a loopback interface 280 Redistributing the loopback interface route and OSPF routes into BGP 280 Creating a sham link 281 Configuring BGP AS number substitution and SoO 281 Resetting BGP connections 282 Displaying and maintaining MPLS L3VPN 283 MPLS L3VPN configuration examples 285 Configuring MPLS L3VPNs using EBGP between PE and CE 285 Configuring MPLS L3VPNs using IBGP between PE and CE 292 Configuring a hub-spoke network 300 Configuring inter-as option A 308 Configuring inter-as option B 312 Configuring inter-as option C 317 Configuring carrier's carrier 323 Configuring nested VPN 330 Configuring HoVPN 339 Configuring OSPF sham links 346 Configuring BGP AS number substitution 351 Configuring BGP AS number substitution and SoO 354 Configuring IPv6 MPLS L3VPN 358 Hardware compatibility 358 Overview 358 IPv6 MPLS L3VPN packet forwarding 359 IPv6 MPLS L3VPN routing information advertisement 359 IPv6 MPLS L3VPN network schemes and functions 360 IPv6 MPLS L3VPN configuration task list 360 Configuring basic IPv6 MPLS L3VPN 360 Configuring VPN instances 361 Configuring route related attributes for a VPN instance 361 Configuring routing between PE and CE 364 Configuring routing between PEs 367 Configuring routing features for the BGP-VPNv6 subaddress family 368 Configuring inter-as IPv6 VPN 369 Configuring inter-as IPv6 VPN option A 370 Configuring inter-as IPv6 VPN option C 370 Resetting IPv6 BGP connections 371 Displaying and maintaining IPv6 MPLS L3VPN 371 IPv6 MPLS L3VPN configuration examples 372 Configuring IPv6 MPLS L3VPNs 372 Configuring inter-as IPv6 VPN option A 380 Configuring inter-as IPv6 VPN option C 384 Configuring carrier's carrier 391 Document conventions and icons 399 Conventions 399 Network topology icons 400 v Support and other resources 401 Accessing Hewlett Packard Enterprise Support 401 Accessing updates 401 Websites 402 Customer self repair 402 Remote support 402 Documentation feedback 402 Index 403 vi Configuring MCE This chapter covers only MCE-related configuration. For information about routing protocols, see Layer 3 IP Services Configuration Guide. The term router in this chapter refers to both routers and Layer 3 switches. The term interface in this chapter collectively refers to Layer 3 interfaces, including VLAN interfaces, Layer 3 Ethernet interfaces, and Layer 3 aggregate interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2 LAN Switching Configuration Guide). Overview This section describes the basic MPLS L3VPN information that is important to understand the Multi-VPN-Instance CE (MCE) feature, and the MCE specific information. MPLS L3VPN MPLS L3VPN is a type of PE-based L3VPN technology for service provider VPN solutions. It uses BGP to advertise VPN routes, and it uses MPLS to forward VPN packets on service-provider backbones. MPLS L3VPN provides flexible networking modes, excellent scalability, and convenient support for MPLS QoS and MPLS TE. The MPLS L3VPN model consists of the following types of devices: CE A CE resides on a customer network and has one or more interfaces directly connected to service provider networks. A CE can be a router, a switch, or a host. It can neither sense the existence of any VPN nor does it need to support MPLS. PE A PE resides on a service provider network and connects one or more CEs to the network. On an MPLS network, all VPN processing occurs on the PEs. P A P device is a core device on a service provider network. It is not directly connected with any CE. It has only basic MPLS forwarding capability. 1 Figure 1 Network diagram for MPLS L3VPN model CEs and PEs mark the boundary between the service providers and the customers. After a CE establishes adjacency with a directly connected PE, it advertises its VPN routes to the PE and learns remote VPN routes from the PE. A CE and a PE use BGP/IGP to exchange routing information. You can also configure static routes between them. After a PE learns the VPN routing information for a CE, it uses BGP to exchange VPN routing information with other PEs. A PE maintains routing information about VPNs that are directly connected, rather than for all VPN routing information on the provider network. A P router maintains only routes to PEs and does not deal with VPN routing information. When VPN traffic travels over the MPLS backbone, the ingress PE functions as the ingress LSR, the egress PE functions as the egress LSR, and P routers function as the transit LSRs. MPLS L3VPN concepts Site This section describes concepts for MPLS L3VPN. Sites are often mentioned in the VPN. A site has the following features: A site is a group of IP systems with IP connectivity that does not rely on any service-provider network to implement. The classification of a site depends on the topology relationship of the devices, rather than the geographical positions, although the devices at a site are, in most cases, adjacent to each other geographically. The devices at a site can belong to multiple VPNs. A site is connected to a provider network through one or more CEs. A site can contain many CEs, but a CE can belong to only one site. Sites connected to the same provider network can be classified into different sets by policies. Only the sites in the same set can access each other through the provider network. This kind of a set is called a VPN. Address space overlapping Each VPN independently manages the addresses it uses. The assembly of such addresses for a VPN is called an address space. 2 VPN instance The address spaces of VPNs may overlap. For example, if both VPN 1 and VPN 2 use the addresses on network segment /24, the address space overlaps. In MPLS VPN, routes of different VPNs are identified by VPN instance. A PE creates and maintains a separate VPN instance for each VPN at a directly connected site. Each VPN instance contains the VPN membership and routing rules of the corresponding site. If a user at a site belongs to multiple VPNs at the same time, the VPN instance of the site contains information about all the VPNs. For the independence and security of VPN data, each VPN instance on a PE maintains a routing table and an LFIB. VPN instance information contains the following items: the LFIB, the IP routing table, the interfaces bound to the VPN instance, and the administration information for the VPN instance. The administration information for the VPN instance includes the RD, route filtering policy, and member interface list. VPN-IPv4 address Traditional BGP cannot process overlapping VPN routes. For example, if both VPN 1 and VPN 2 use the subnet /24 and each advertises a route to the subnet, BGP selects only one of them, resulting in the loss of the other route. PEs use MP-BGP to advertise VPN routes and use VPN-IPv4 address family to solve the problem with traditional BGP. A VPN-IPv4 address has 12 bytes. The first eight bytes represent the RD, followed by a four-byte IPv4 address prefix. Figure 2 VPN-IPv4 address structure When a PE receives an ordinary IPv4 route from a CE, it must advertise the VPN route to the peer PE. The uniqueness of a VPN route is implemented by adding an RD to the route. A service provider can independently assign RDs if the assigned RDs are unique. A PE can advertise different routes to VPNs even if the VPNs are from different service providers and are using the same IPv4 address space. Configure a distinct RD for each VPN instance on a PE, so that routes to the same CE use the same RD. The VPN-IPv4 address with RD 0 is a globally unique IPv4 address. By prefixing a distinct RD to a specific IPv4 address prefix, you get a globally unique VPN IPv4 address prefix. An RD can be an AS number plus an arbitrary number or an IP address plus an arbitrary number. An RD can be in one of the following formats distinguished by the Type field: If the value of the Type field is 0, the Administrator subfield occupies two bytes, the Assigned number subfield occupies four bytes, and the RD format is 16-bit AS number:32-bit user-defined number. For example, 100:1. If the value of the Type field is 1, the Administrator subfield occupies four bytes, the Assigned number subfield occupies two bytes, and the RD format is 32-bit IPv4 address:16-bit user-defined number. For example, :1. If the value of the Type field is 2, the Administrator subfield occupies four bytes, the Assigned number subfield occupies two bytes, and the RD format is 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is For example, 65536:1. 3 To guarantee the global uniqueness of an RD, do not set the Administrator subfield to any private AS number or private IP address. Route target attributes MPLS L3VPN uses the BGP extended community attributes called route target attributes to control the advertisement of VPN routing information. A VPN instance on a PE supports the following types of route target attributes: Export target attribute A local PE sets this type of route target attribute for VPN-IPv4 routes learned from directly connected sites before advertising them to other PEs. Import target attribute A PE checks the export target attribute of VPN-IPv4 routes advertised by other PEs. If the export target attribute matches the import target attribute of the VPN instance, the PE adds the routes to the VPN routing table. In other words, route target attributes define which sites can receive VPN-IPv4 routes and from which sites a PE can receive routes. Similar to RDs, rou
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks