...
Примечание |
---|
При настройки MTU на туннеле необходимо учитывать следующее:
|
Настройки CE1 и CE2:
...
Блок кода | ||
---|---|---|
| ||
ESR1(config)# hostname ESR1 ESR1(config)# ESR1(config)# system cpu load-balance mpls passenger ip ESR1(config)# system cpu load-balance mpls passenger ipoe-pw-without-cw ESR1(config)# security zone trusted ESR1(config-zone)# exit ESR1(config)# security zone untrusted ESR1(config-zone)# exit ESR1(config)# ESR1(config)# router ospf 1 ESR1(config-ospf)# area 0.0.0.0 ESR1(config-ospf-area)# enable ESR1(config-ospf-area)# exit ESR1(config-ospf)# enable ESR1(config-ospf)# exit ESR1(config)# ESR1(config)# interface gigabitethernet 1/0/1 ESR1(config-if-gi)# security-zone untrusted ESR1(config-if-gi)# ip address 192.0.2.1/30 ESR1(config-if-gi)# exit ESR1(config)# interface gigabitethernet 1/0/2 ESR1(config-if-gi)# description "From CE1" ESR1(config-if-gi)# mode switchport ESR1(config-if-gi)# exit ESR1(config)# interface loopback 1 ESR1(config-loopback)# ip address 10.100.0.1/32 ESR1(config-loopback)# ip ospf instance 1 ESR1(config-loopback)# ip ospf ESR1(config-loopback)# exit ESR1(config)# tunnel gre 1 ESR1(config-gre)# key 60 ESR1(config-gre)# ttl 64 ESR1(config-gre)# mtu 14721458 ESR1(config-gre)# ip firewall disable ESR1(config-gre)# local address 192.0.2.1 ESR1(config-gre)# remote address 192.0.2.2 ESR1(config-gre)# ip address 10.0.0.1/30 ESR1(config-gre)# ip ospf instance 1 ESR1(config-gre)# ip ospf network point-to-point ESR1(config-gre)# ip ospf ESR1(config-gre)# enable ESR1(config-gre)# exit ESR1(config)# ESR1(config)# mpls ESR1(config-mpls)# ldp ESR1(config-ldp)# router-id 10.100.0.1 ESR1(config-ldp)# address-family ipv4 ESR1(config-ldp-af-ipv4)# interface gre 1 ESR1(config-ldp-af-ipv4-if)# exit ESR1(config-ldp-af-ipv4)# exit ESR1(config-ldp)# enable ESR1(config-ldp)# exit ESR1(config-mpls)# l2vpn ESR1(config-l2vpn)# pw-class VPWS ESR1(config-l2vpn-pw-class)# exit ESR1(config-l2vpn)# p2p EoMPLS ESR1(config-l2vpn-p2p)# interface gigabitethernet 1/0/2 ESR1(config-l2vpn-p2p)# pw 100 10.100.0.2 ESR1(config-l2vpn-pw)# pw-class VPWS ESR1(config-l2vpn-pw)# enable ESR1(config-l2vpn-pw)# exit ESR1(config-l2vpn-p2p)# enable ESR1(config-l2vpn-p2p)# exit ESR1(config-l2vpn)# exit ESR1(config-mpls)# forwarding interface gre 1 ESR1(config-mpls)# exit ESR1(config)# security zone-pair untrusted self ESR1(config-zone-pair)# rule 1 ESR1(config-zone-pair-rule)# action permit ESR1(config-zone-pair-rule)# match protocol gre ESR1(config-zone-pair-rule)# enable ESR1(config-zone-pair-rule)# exit ESR1(config-zone-pair)# exit ESR1(config)# do com ESR1(config)# do conf |
...
Блок кода | ||
---|---|---|
| ||
ESR2(config)# hostname ESR2 ESR2(config)# ESR2(config)# system cpu load-balance mpls passenger ip ESR2(config)# system cpu load-balance mpls passenger ipoe-pw-without-cw ESR2(config)# security zone trusted ESR2(config-zone)# exit ESR2(config)# security zone untrusted ESR2(config-zone)# exit ESR2(config)# ESR2(config)# router ospf 1 ESR2(config-ospf)# area 0.0.0.0 ESR2(config-ospf-area)# enable ESR2(config-ospf-area)# exit ESR2(config-ospf)# enable ESR2(config-ospf)# exit ESR2(config)# ESR2(config)# interface gigabitethernet 1/0/1 ESR2(config-if-gi)# security-zone untrusted ESR2(config-if-gi)# ip address 192.0.2.2/30 ESR2(config-if-gi)# exit ESR2(config)# interface gigabitethernet 1/0/2 ESR2(config-if-gi)# description "From CE2" ESR2(config-if-gi)# mode switchport ESR2(config-if-gi)# exit ESR2(config)# interface loopback 1 ESR2(config-loopback)# ip address 10.100.0.2/32 ESR2(config-loopback)# ip ospf instance 1 ESR2(config-loopback)# ip ospf ESR2(config-loopback)# exit ESR2(config)# tunnel gre 1 ESR2(config-gre)# key 60 ESR2(config-gre)# ttl 64 ESR2(config-gre)# mtu 14721458 ESR2(config-gre)# ip firewall disable ESR2(config-gre)# local address 192.0.2.2 ESR2(config-gre)# remote address 192.0.2.1 ESR2(config-gre)# ip address 10.0.0.2/30 ESR2(config-gre)# ip ospf instance 1 ESR2(config-gre)# ip ospf network point-to-point ESR2(config-gre)# ip ospf ESR2(config-gre)# enable ESR2(config-gre)# exit ESR2(config)# ESR2(config)# mpls ESR2(config-mpls)# ldp ESR2(config-ldp)# router-id 10.100.0.2 ESR2(config-ldp)# address-family ipv4 ESR2(config-ldp-af-ipv4)# interface gre 1 ESR2(config-ldp-af-ipv4-if)# exit ESR2(config-ldp-af-ipv4)# exit ESR2(config-ldp)# enable ESR2(config-ldp)# exit ESR2(config-mpls)# l2vpn ESR2(config-l2vpn)# pw-class VPWS ESR2(config-l2vpn-pw-class)# exit ESR2(config-l2vpn)# p2p EoMPLS ESR2(config-l2vpn-p2p)# interface gigabitethernet 1/0/2 ESR2(config-l2vpn-p2p)# pw 100 10.100.0.1 ESR2(config-l2vpn-pw)# pw-class VPWS ESR2(config-l2vpn-pw)# enable ESR2(config-l2vpn-pw)# exit ESR2(config-l2vpn-p2p)# enable ESR2(config-l2vpn-p2p)# exit ESR2(config-l2vpn)# exit ESR2(config-mpls)# forwarding interface gre 1 ESR2(config-mpls)# exit ESR2(config)# security zone-pair untrusted self ESR2(config-zone-pair)# rule 1 ESR2(config-zone-pair-rule)# action deny ESR2(config-zone-pair-rule)# match protocol gre ESR2(config-zone-pair-rule)# enable ESR2(config-zone-pair-rule)# exit ESR2(config-zone-pair)# exit ESR2(config)# do com ESR2(config)# do conf |
...
Блок кода |
---|
* Конфигурация туннеля* ESR2# sh tunnels configuration gre 1 State: Enabled Description: -- Mode: ip Bridge group: -- VRF: -- Local address: 192.0.2.2 Remote address: 192.0.2.1 Calculates checksums for outgoing GRE packets: No Requires that all input GRE packets were checksum: No key: 60 TTL: 64 DSCP: Inherit MTU: 14721458 Path MTU discovery: Enabled Don't fragment bit suppression: Disabled Security zone: -- Multipoint mode: Disabled Keepalive: State: Disabled Timeout: 10 Retries: 6 Destination address: -- *Статус cервиса и выделенные метки* sh mpls l2vpn p2p P2P: EoMPLS gigabitethernet 1/0/2: MTU: 1500 Status: Up PW ID 100, Neighbor 10.100.0.1: MTU: 1500 Status TLV: Enable Last change: 00:14:27 Status: Up ESR2# sh mpls forwarding-table Local Outgoing Prefix Outgoing Next Hop label label or tunnel ID Interface -------- -------- ------------------------------------------- ---------------- --------------------------------------- 17 imp-null 10.100.0.1/32 gre 1 10.0.0.1 16 16 PW ID 100 -- 10.100.0.1 *Доступность*CE1# ping 10.100.0.2 detailed PING 10.100.0.2 (10.100.0.2) 56 bytes of data. 64 bytes from 10.100.0.2: icmp_seq=1 ttl=0 time=1.38 ms 64 bytes from 10.100.0.2: icmp_seq=2 ttl=0 time=1.22 ms 64 bytes from 10.100.0.2: icmp_seq=3 ttl=0 time=1.33 ms 64 bytes from 10.100.0.2: icmp_seq=4 ttl=0 time=1.26 ms 64 bytes from 10.100.0.2: icmp_seq=5 ttl=0 time=1.17 ms |