CÔNG TY CỔ PHẦN DỊCH VỤ CÔNG NGHỆ DATECH
Số 23E4 KĐT Cầu Diễn, Tổ 7, Phú Diễn, Bắc Từ Liêm, Hà Nội
Danh mục sản phẩm
Router 
Firewall 
Switch 
Wifi - Access Point 
Máy chủ ( Server ) 
Thiết bị lưu trữ NAS 
Networking Accessories 
Video Conference 
Vật tư mạng 
Tổng đài & điện thoại 
Bộ lưu điện UPS 
13/12/2021
13/12/2021
Danh sách nội dung [Ẩn]
Cấu hình EVPN-VPWS trên Juniper MX sử dụng RSVP-TE với phân lớp dịch vụ Gold và Bronze
Trong ví dụ này, chúng tôi sử dụng một mô hình mạng cơ bản để cấu hình EVPN-VPWS qua hai đường hầm RSVP-TE phân loại theo lớp dịch vụ giữa PE1 và PE2. Chúng tôi định nghĩa hai lớp dịch vụ (transport class) và gán các đường hầm khác nhau cho từng lớp. Các thiết bị được cấu hình với các tính năng sau:
Hình 1 mô tả một mô hình mạng cơ bản với 2 thiết bị PE và 1 route reflector, đóng vai trò chuyển tiếp route giữa các thiết bị PE. Một cặp thiết bị CE được kết nối lần lượt với PE1 và PE2.
Cấu hình nhanh bằng CLI
Để cấu hình nhanh ví dụ này, hãy sao chép các lệnh sau, dán vào một tệp văn bản, loại bỏ các ngắt dòng, chỉnh sửa các thông tin cần thiết để phù hợp với cấu hình mạng của bạn, sau đó sao chép và dán các lệnh vào CLI tại cấp cấu hình [edit]. Cấu hình dành cho các thiết bị PE1, PE2, và RR (Route Reflector) như sau:
PE1
set chassis network-services enhanced-ip set interfaces ge-0/0/0 description pe1-rr set interfaces ge-0/0/0 unit 0 family inet address 10.1.1.1/24 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 encapsulation flexible-ethernet-services set interfaces ge-0/0/2 unit 4 description pe1-ce1 set interfaces ge-0/0/2 unit 4 encapsulation vlan-ccc set interfaces ge-0/0/2 unit 4 vlan-id 300 set interfaces ge-0/0/2 unit 5 description pe1-ce3 set interfaces ge-0/0/2 unit 5 encapsulation vlan-ccc set interfaces ge-0/0/2 unit 5 vlan-id 301 set interfaces lo0 unit 0 family inet address 10.0.255.1/32 set interfaces lo0 unit 0 family iso address 49.0000.0010.0255.0001.00 set interfaces lo0 unit 0 family mpls set policy-options policy-statement vrf-export-evpnvpws term a then community add rt-evpnvpws set policy-options policy-statement vrf-export-evpnvpws term a then community add map2gold set policy-options policy-statement vrf-export-evpnvpws term a then accept set policy-options policy-statement vrf-export-evpnvpws term b then reject set policy-options policy-statement vrf-export-evpnvpws-2 term a then community add rt-evpnvpws-2 set policy-options policy-statement vrf-export-evpnvpws-2 term a then community add map2bronze set policy-options policy-statement vrf-export-evpnvpws-2 term a then accept set policy-options policy-statement vrf-export-evpnvpws-2 term b then reject set policy-options policy-statement vrf-import-evpnvpws term a from protocol bgp set policy-options policy-statement vrf-import-evpnvpws term a from community rt-evpnvpws set policy-options policy-statement vrf-import-evpnvpws term a then accept set policy-options policy-statement vrf-import-evpnvpws term b then reject set policy-options policy-statement vrf-import-evpnvpws-2 term a from protocol bgp set policy-options policy-statement vrf-import-evpnvpws-2 term a from community rt-evpnvpws-2 set policy-options policy-statement vrf-import-evpnvpws-2 term a then accept set policy-options policy-statement vrf-import-evpnvpws-2 term b then reject set policy-options community map2bronze members color:0:200 set policy-options community map2gold members color:0:100 set policy-options community rt-evpnvpws members target:200:1 set policy-options community rt-evpnvpws-2 members target:300:1 set routing-instances evpn-vpws instance-type evpn-vpws set routing-instances evpn-vpws protocols evpn interface ge-0/0/2.4 vpws-service-id local 102 set routing-instances evpn-vpws protocols evpn interface ge-0/0/2.4 vpws-service-id remote 201 set routing-instances evpn-vpws interface ge-0/0/2.4 set routing-instances evpn-vpws route-distinguisher 65000:1 set routing-instances evpn-vpws vrf-import vrf-import-evpnvpws set routing-instances evpn-vpws vrf-export vrf-export-evpnvpws set routing-instances evpn-vpws-2 instance-type evpn-vpws set routing-instances evpn-vpws-2 protocols evpn interface ge-0/0/2.5 vpws-service-id local 103 set routing-instances evpn-vpws-2 protocols evpn interface ge-0/0/2.5 vpws-service-id remote 301 set routing-instances evpn-vpws-2 interface ge-0/0/2.5 set routing-instances evpn-vpws-2 route-distinguisher 65000:2 set routing-instances evpn-vpws-2 vrf-import vrf-import-evpnvpws-2 set routing-instances evpn-vpws-2 vrf-export vrf-export-evpnvpws-2 set routing-options route-distinguisher-id 10.0.255.1 set routing-options resolution preserve-nexthop-hierarchy set routing-options router-id 10.0.255.1 set routing-options autonomous-system 65000 set routing-options transport-class auto-create set routing-options transport-class name gold color 100 set routing-options transport-class name bronze color 200 set protocols bgp group BGP_PEERs type internal set protocols bgp group BGP_PEERs local-address 10.0.255.1 set protocols bgp group BGP_PEERs family inet transport set protocols bgp group BGP_PEERs family evpn signaling set protocols bgp group BGP_PEERs neighbor 10.0.255.3 set protocols isis interface all set protocols isis interface fxp0.0 disable set protocols mpls label-switched-path pe1-rr to 10.0.255.3 set protocols mpls label-switched-path pe1-pe2 to 10.0.255.2 set protocols mpls label-switched-path pe1-pe2-gold to 10.0.255.2 set protocols mpls label-switched-path pe1-pe2-gold transport-class gold set protocols mpls label-switched-path pe1-pe2-bronze to 10.0.255.2 set protocols mpls label-switched-path pe1-pe2-bronze transport-class bronze set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable |
PE2
set chassis network-services enhanced-ip set interfaces ge-0/0/0 description pe2-rr set interfaces ge-0/0/0 unit 0 family inet address 10.2.1.1/24 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/4 description pe2-ce2 set interfaces ge-0/0/4 vlan-tagging set interfaces ge-0/0/4 encapsulation flexible-ethernet-services set interfaces ge-0/0/4 unit 4 encapsulation vlan-ccc set interfaces ge-0/0/4 unit 4 vlan-id 300 set interfaces lo0 unit 0 family inet address 10.0.255.2/32 set interfaces lo0 unit 0 family iso address 49.0000.0010.0255.0002.00 set interfaces lo0 unit 0 family mpls set policy-options policy-statement vrf-export-evpnvpws term a then community add rt-evpnvpws set policy-options policy-statement vrf-export-evpnvpws term a then community add map2bronze set policy-options policy-statement vrf-export-evpnvpws term a then accept set policy-options policy-statement vrf-export-evpnvpws term b then reject set policy-options policy-statement vrf-import-evpnvpws term a from protocol bgp set policy-options policy-statement vrf-import-evpnvpws term a from community rt-evpnvpws set policy-options policy-statement vrf-import-evpnvpws term a then accept set policy-options policy-statement vrf-import-evpnvpws term b then reject set policy-options community map2bronze members color:0:200 set policy-options community map2gold members color:0:100 set policy-options community rt-evpnvpws members target:200:1 set routing-instances evpn-vpws instance-type evpn-vpws set routing-instances evpn-vpws protocols evpn interface ge-0/0/4.4 vpws-service-id local 201 set routing-instances evpn-vpws protocols evpn interface ge-0/0/4.4 vpws-service-id remote 102 set routing-instances evpn-vpws interface ge-0/0/4.4 set routing-instances evpn-vpws route-distinguisher 65000:1 set routing-instances evpn-vpws vrf-import vrf-import-evpnvpws set routing-instances evpn-vpws vrf-export vrf-export-evpnvpws set routing-options route-distinguisher-id 10.0.255.2 set routing-options resolution preserve-nexthop-hierarchy set routing-options router-id 10.0.255.2 set routing-options autonomous-system 65000 set routing-options transport-class auto-create set routing-options transport-class name gold color 100 set routing-options transport-class name bronze color 200 set protocols bgp group BGP_PEERs type internal set protocols bgp group BGP_PEERs local-address 10.0.255.2 set protocols bgp group BGP_PEERs family inet transport set protocols bgp group BGP_PEERs family evpn signaling set protocols bgp group BGP_PEERs neighbor 10.0.255.3 set protocols isis interface all set protocols isis interface fxp0.0 disable set protocols mpls label-switched-path pe2-pe1-gold to 10.0.255.1 set protocols mpls label-switched-path pe2-pe1-gold transport-class gold set protocols mpls label-switched-path pe2-pe1 to 10.0.255.1 set protocols mpls label-switched-path pe2-pe1-bronze to 10.0.255.1 set protocols mpls label-switched-path pe2-pe1-bronze transport-class bronze set protocols mpls label-switched-path pe2-rr to 10.0.255.3 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable |
RR
set chassis network-services enhanced-ip set interfaces ge-0/0/0 description rr-pe1 set interfaces ge-0/0/0 unit 0 family inet address 10.1.1.2/24 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/2 description rr-pe2 set interfaces ge-0/0/2 unit 0 family inet address 10.2.1.2/24 set interfaces ge-0/0/2 unit 0 family iso set interfaces ge-0/0/2 unit 0 family mpls set interfaces lo0 apply-groups-except global set interfaces lo0 unit 0 family inet address 10.0.255.3/32 set interfaces lo0 unit 0 family iso address 49.0000.0010.0255.0003.00 set interfaces lo0 unit 0 family mpls set policy-options policy-statement pplb then load-balance per-packet set routing-options route-distinguisher-id 10.0.255.3 set routing-options router-id 10.0.255.3 set routing-options autonomous-system 65000 set routing-options transport-class auto-create set protocols bgp group BGP_PEERs type internal set protocols bgp group BGP_PEERs local-address 10.0.255.3 set protocols bgp group BGP_PEERs family inet transport set protocols bgp group BGP_PEERs family evpn signaling set protocols bgp group BGP_PEERs cluster 10.0.255.3 set protocols bgp group BGP_PEERs neighbor 10.0.255.1 set protocols bgp group BGP_PEERs neighbor 10.0.255.2 set protocols isis interface all set protocols isis interface fxp0.0 disable set protocols mpls label-switched-path rr-pe1 to 10.0.255.1 set protocols mpls label-switched-path rr-pe2 to 10.0.255.2 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable |
Quy trình từng bước
Để thiết lập các đường hầm phân loại theo lớp dịch vụ (transport class tunnels) trên thiết bị PE:
[edit] set chassis network-services enhanced-ip |
[edit] set interfaces ge-0/0/0 description pe1-rr set interfaces ge-0/0/0 unit 0 family inet address 10.1.1.1/24 set interfaces ge-0/0/0 unit 0 family iso set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/2 vlan-tagging set interfaces ge-0/0/2 encapsulation flexible-ethernet-services set interfaces ge-0/0/2 unit 4 description pe1-ce1 set interfaces ge-0/0/2 unit 4 encapsulation vlan-ccc set interfaces ge-0/0/2 unit 4 vlan-id 300 set interfaces ge-0/0/2 unit 5 description pe1-ce3 set interfaces ge-0/0/2 unit 5 encapsulation vlan-ccc set interfaces ge-0/0/2 unit 5 vlan-id 301 set interfaces lo0 unit 0 family inet address 10.0.255.1/32 set interfaces lo0 unit 0 family iso address 49.0000.0010.0255.0001.00 set interfaces lo0 unit 0 family mpls |
[edit] set routing-options transport-class auto-create set routing-options transport-class name gold color 100 set routing-options transport-class name bronze color 200 |
[edit] set protocols bgp group BGP_PEERs type internal set protocols bgp group BGP_PEERs local-address 10.0.255.1 set protocols bgp group BGP_PEERs family inet transport set protocols bgp group BGP_PEERs family evpn signaling set protocols bgp group BGP_PEERs neighbor 10.0.255.3 set protocols isis interface all set protocols isis interface fxp0.0 disable set protocols mpls label-switched-path pe1-rr to 10.0.255.3 set protocols mpls label-switched-path pe1-pe2 to 10.0.255.2 set protocols mpls label-switched-path pe1-pe2-gold to 10.0.255.2 set protocols mpls label-switched-path pe1-pe2-gold transport-class gold set protocols mpls label-switched-path pe1-pe2-bronze to 10.0.255.2 set protocols mpls label-switched-path pe1-pe2-bronze transport-class bronze set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set routing-options route-distinguisher-id 10.0.255.1 set routing-options resolution preserve-nexthop-hierarchy set routing-options router-id 10.0.255.1 set routing-options autonomous-system 65000 |
vrf-export để quảng bá (advertise) đường hầm tới PE ở xa.[edit] set policy-options policy-statement vrf-export-evpnvpws term a then community add rt-evpnvpws set policy-options policy-statement vrf-export-evpnvpws term a then community add map2gold set policy-options policy-statement vrf-export-evpnvpws term a then accept set policy-options policy-statement vrf-export-evpnvpws term b then reject set policy-options policy-statement vrf-export-evpnvpws-2 term a then community add rt-evpnvpws-2 set policy-options policy-statement vrf-export-evpnvpws-2 term a then community add map2bronze set policy-options policy-statement vrf-export-evpnvpws-2 term a then accept set policy-options policy-statement vrf-export-evpnvpws-2 term b then reject set policy-options policy-statement vrf-import-evpnvpws term a from protocol bgp set policy-options policy-statement vrf-import-evpnvpws term a from community rt-evpnvpws set policy-options policy-statement vrf-import-evpnvpws term a then accept set policy-options policy-statement vrf-import-evpnvpws term b then reject set policy-options policy-statement vrf-import-evpnvpws-2 term a from protocol bgp set policy-options policy-statement vrf-import-evpnvpws-2 term a from community rt-evpnvpws-2 set policy-options policy-statement vrf-import-evpnvpws-2 term a then accept set policy-options policy-statement vrf-import-evpnvpws-2 term b then reject set policy-options community map2bronze members color:0:200 set policy-options community map2gold members color:0:100 set policy-options community rt-evpnvpws members target:200:1 set policy-options community rt-evpnvpws-2 members target:300:1 |
[edit] set routing-instances evpn-vpws instance-type evpn-vpws set routing-instances evpn-vpws protocols evpn interface ge-0/0/2.4 vpws-service-id local 102 set routing-instances evpn-vpws protocols evpn interface ge-0/0/2.4 vpws-service-id remote 201 set routing-instances evpn-vpws interface ge-0/0/2.4 set routing-instances evpn-vpws route-distinguisher 65000:1 set routing-instances evpn-vpws vrf-import vrf-import-evpnvpws set routing-instances evpn-vpws vrf-export vrf-export-evpnvpws set routing-instances evpn-vpws-2 instance-type evpn-vpws set routing-instances evpn-vpws-2 protocols evpn interface ge-0/0/2.5 vpws-service-id local 103 set routing-instances evpn-vpws-2 protocols evpn interface ge-0/0/2.5 vpws-service-id remote 301 set routing-instances evpn-vpws-2 interface ge-0/0/2.5 set routing-instances evpn-vpws-2 route-distinguisher 65000:2 set routing-instances evpn-vpws-2 vrf-import vrf-import-evpnvpws-2 set routing-instances evpn-vpws-2 vrf-export vrf-export-evpnvpws-2 |
Xác nhận rằng cấu hình đang hoạt động đúng cách.
Mục đích
Xác minh rằng thiết bị PE định tuyến các gói tin qua đường hầm RSVP LSP tương ứng với lớp dịch vụ (transport class).
Thao tác
Từ chế độ vận hành (operational mode) trên CE1, thực hiện lệnh ping đến CE2.
user@CE1> ping 172.16.0.2 count 10 rapid PING 172.16.0.2 (172.16.0.2): 56 data bytes !!!!!!!!!! --- 172.16.0.2 ping statistics --- 10 packets transmitted, 10 packets received, 0% packet loss round-trip min/avg/max/stddev = 3.795/4.276/5.075/0.269 ms |
Từ chế độ vận hành (operational mode) trên CE3, thực hiện lệnh ping đến CE4.
user@CE3> ping 172.16.1.2 count 20 rapid PING 172.16.1.2 (172.16.1.2): 56 data bytes !!!!!!!!!!!!!!!!!!!! --- 172.16.1.2 ping statistics --- 20 packets transmitted, 20 packets received, 0% packet loss round-trip min/avg/max/stddev = 3.631/4.380/7.976/0.608 ms |
Từ chế độ vận hành trên PE1, chạy lệnh show mpls lsp statistics để hiển thị thông tin về LSP.
user@PE1> show mpls lsp statistics Ingress LSP: 4 sessions To From State Packets Bytes LSPname 10.0.255.2 10.0.255.1 Up 0 0 pe1-pe2 10.0.255.2 10.0.255.1 Up 20 2040 pe1-pe2-bronze 10.0.255.2 10.0.255.1 Up 10 1020 pe1-pe2-gold 10.0.255.3 10.0.255.1 Up 0 0 pe1-rr |
Ý nghĩa
Kết quả hiển thị cho thấy lệnh ping đã thành công. Kết quả từ lệnh show mpls lsp statistics cho thấy các gói tin đã được định tuyến qua các đường hầm bronze và gold.
Mục đích
Xác minh rằng EVPN sử dụng đường hầm truyền tải đã được cấu hình.
Hành động
Từ chế độ vận hành trên PE1, chạy lệnh show route table mpls.0 protocol evpn để xác định tuyến đường LSP.
user@PE1> show route table mpls.0 protocol evpn mpls.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 94 *[EVPN/7] 6d 01:07:24 > via ge-0/0/2.4, Pop 105 *[EVPN/7] 06:20:50 > via ge-0/0/2.5, Pop 106 *[EVPN/7] 06:17:47, remote-pe 10.0.255.2, routing-instance evpn-vpws-2, route-type Egress, vlan-id 301 > to 10.1.1.2 via ge-0/0/0.0, label-switched-path pe1-pe2-bronze 107 *[EVPN/7] 06:08:41, remote-pe 10.0.255.2, routing-instance evpn-vpws, route-type Egress, vlan-id 201 > to 10.1.1.2 via ge-0/0/0.0, label-switched-path pe1-pe2-gold ge-0/0/2.5 *[EVPN/7] 06:17:47, route-type Egress > to 10.1.1.2 via ge-0/0/0.0, label-switched-path pe1-pe2-bronze ge-0/0/2.4 *[EVPN/7] 06:08:41, route-type Egress > to 10.1.1.2 via ge-0/0/0.0, label-switched-path pe1-pe2-gold |
Từ chế độ vận hành trên PE1, chạy lệnh show route table mpls.0 protocol evpn label [số nhãn] extensive với số nhãn tuyến đường để hiển thị thông tin về lớp truyền tải.
user@PE1> show route table mpls.0 protocol evpn label 107 extensive mpls.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden) 107 (1 entry, 1 announced) TSI: KRT in-kernel 107 /52 -> {composite(554)} *EVPN Preference: 7 Next hop type: Indirect, Next hop index: 0 Transport class: gold Address: 0x7b406d4 Next-hop reference count: 5, key opaque handle: 0x0, non-key opaque handle: 0x0 Next hop type: Router, Next hop index: 549 Next hop: 10.1.1.2 via ge-0/0/0.0, selected Label-switched-path pe1-pe2-gold
regress@PE1> show route table mpls.0 protocol evpn label 106 extensive mpls.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden) 106 (1 entry, 1 announced) TSI: KRT in-kernel 106 /52 -> {composite(553)} *EVPN Preference: 7 Next hop type: Indirect, Next hop index: 0 Transport class: bronze Address: 0x7b40584 Next-hop reference count: 5, key opaque handle: 0x0, non-key opaque handle: 0x0 Next hop type: Router, Next hop index: 551 Next hop: 10.1.1.2 via ge-0/0/0.0, selected Label-switched-path pe1-pe2-bronze |
Ý nghĩa
Kết quả từ PE1 và PE2 cho thấy chúng ta đang định tuyến lưu lượng từ phiên bản định tuyến EVPN VPWS qua các đường hầm gold và bronze.
Chúc các bạn thực hiện thành công. Hi vọng bài viết này sẽ giúp ích cho các bạn trong công việc. Nếu bạn có vấn đề gì thắc mắc đừng ngần ngại liên hệ với chúng tôi theo thông tin dưới đây để được hỗ trợ thêm.
Hẹn gặp lại các bạn trong các bài viết tiếp theo!
CÔNG TY CỔ PHẦN DỊCH VỤ CÔNG NGHỆ DATECH
• Địa chỉ: Số 23E4 KĐT Cầu Diễn, Tổ 7, Phú Diễn, Bắc Từ Liêm, Hà Nội
• Điện thoại: 02432012368
• Hotline: 098 115 6699
• Email: info@datech.vn
• Website: https://datech.vn
