You are on page 1of 9

ODL010026

HoVPN Configuration Guide


ISSUE1.0

ODL010026 HoVPN Configuration Guide ISSUE1.0

Contents

Contents
Chapter 1 HoVPN Configuration Guide....................................................................................
1.1 Description........................................................................................................................
1.2 Networking and Service Description..............................................................................
1.3 Command Line List.......................................................................................................
1.4 Configuration Flow.......................................................................................................
1.5 Configuration Procedure................................................................................................
1.6 Configure Reference.......................................................................................................

Confidential Information of Huawei. No Spreading without Permission

ODL010026 HoVPN Configuration Guide ISSUE1.0

Chapter 1 HoVPN Configuration Guide

HoVPN Configuration Guide


1.1 Description
Hierarchical architectures are mostly used in the current network schemes. For
example, the WAN architecture model contains three layers, namely, core layer,
convergence layer and access layer. The core layer requires the devices with the
highest performance among the three layers, while its network scale is the least.
However, BGP/MPLS VPN is a plane model which requires the same performance
on all the PEs. If some PEs are limited in extending performance, all the network
will be influenced.
To solve this problem, BGP/MPLS VPN needs to adopt the hierarchical model
instead of the plane model. In MPLS L3VPN network, functions of PE are
distributed to multiple devices. Acting as different roles in a hierarchical
architecture, the devices fulfill functions of a centralized PE together.

1.2 Networking and Service Description

Figure 1.1

Networking diagram for HoVPN

Confidential Information of Huawei. No Spreading without Permission

ODL010026 HoVPN Configuration Guide ISSUE1.0

Chapter 1 HoVPN Configuration Guide

RTE belongs to backbone area, working as SPE.

RTB works as UPE, connecting with users. The requirement for UPE is
lower than SPE.

RTA and RTB belong to the same VPN.

The version of RTA,RTB,RTC,RTD,RTE are VRP 3.30, RELEASE


0008 .

1.3 Command Line List


Operation
Advertise the default

Version
VRP3.3

Command
peer { peer-address | group-name }

routes of a specified

default-route-advertise [ vpn-instance

VPN instance to UPE.

vpn-instancename]
VRP5.1

peer { peer-address | group-name }


default-route-advertise vpn-instance
vpn-instancename

Specify a BGP peer or


peer group as the UPE.

VRP3.3

peer peer-address upe

VRP5.1

peer { peer-address | group-name } upe

Confidential Information of Huawei. No Spreading without Permission

ODL010026 HoVPN Configuration Guide ISSUE1.0

Chapter 1 HoVPN Configuration Guide

1.4 Configuration Flow


Basic configuration

Enable IGP on PEs

Establish IBGP neighborhood between PEs

Enable MPLS on PEs

Create vpn-instance

Configure the connection between PE-CE

Configure the connection between SPE-PE

Configure the connection between SPE-UPE

1.5 Configuration Procedure


(1)
Basic configuration
Configure each interfaces ip address according to he figure. Use the
command ip address x.x.x.x.
On RTA configure: Loopback 0,E0/0,E0/1;
On RTB configure: Loopback 0, E0/0,E1/0;
On RTC configure: Loopback 0, E0/0,E1/1;
On RTD configure: Loopback0, E0/0,E0/1;
On RTE configure: Loopback 0, E1/0,E1/1;

Confidential Information of Huawei. No Spreading without Permission

ODL010026 HoVPN Configuration Guide ISSUE1.0

Chapter 1 HoVPN Configuration Guide

1)
Enable OSPF on RTB, RTC, RTE
On RTB and RTC, enable OSPF, use the commands ospf 1 network
xx.xx.xx.xx xx.xx.xx.xx. Enable OSPF on RTB, RTC, RTE, and declare
networks. Use the command ospf 1, area x.x.x.x, network x.x.x.x
x.x.x.x.
On RTB declare 2.2.2.2 /32, 192.2.3.0 /32
On RTC declare 3.3.3.3 /32, 192.2.4.0 /32
On RTE declare 5.5.5.5 /32, 192.2.3.0 /32, 192.2.4.0 /32
2)
Enable BGP on RTA and RTD
Enable BGP on RTA and RTD, and import direct network segment. Use the
command bgp xxx, group xxx external, peer x.x.x.x group xxx asnumber xxx, import-route direct
3)
Enable BGP on RTB,RTC and RTE
Enable BGP on RTB,RTC and RTE. Use loopback address to set up the
IBGP connection between RTB and RTE. RTC and RTE also use loopback
address to set up IBGP connection. RTB and RTC have no BGP connection.
Use the command bgp 100, group 100 internal, peer x.x.x.x group 100,
peer x.x.x.x connect-interface LoopBack0
4)
Enable MPLS on RTB, RTC and RTE
Enable MPLS and LDP on system and interface view of RTB, RTC and RTE.
The interface of E0/0 of RTB and RTC be used binding vpn instance, so do
not need to enable MPLS.
5)
Create vpn instance on RTB, RTC and RTE
Create vpn instance huawei on RTB and RTC, and configure its RD and
RT, then bound the vpn instance to interface E0/0, configure the interfaces
ip address. On RTE, also create vpn instance huawei, but not bind the
interface.
Use the command ip vpn-instance huawei, route-distinguisher 100:1,
vpn-target 100:1 both, ip binding vpn-instance huawei, ip address x.x.x.x
x.x.x.x.
6)
Configure IBGP connection between PE-CE
4

Confidential Information of Huawei. No Spreading without Permission

ODL010026 HoVPN Configuration Guide ISSUE1.0

Chapter 1 HoVPN Configuration Guide

Use the command ipv4-family vpn-instance huawei to enter vpn-instance


view under bgp view. Configure the connection with CE and import directed
network segments.
Use the the command ipv4-family vpn-instance huawei, group xxxx
external, peer x.x.x.x group as-number xxx, import-route direct.
eg [RTB]bgp 100
[RTB-bgp]ipv4-family vpn-instance huawei
[RTB-bgp-af-vpn-instance]group 64520 external
[RTB-bgp-af-vpn-instance]peer 10.1.1.1 group 64520 as-number
64520
[RTB-bgp-af-vpn-instance]import-route direct

7)
Configure the MP-BGP connection between SPE-PE
Use the command ipv4-family vpnv4 to enter VPNV4 view under bgp view.
Create the MP-BGP connection between SPE-PE, use the command peer
100 enable, peer x.x.x.x group 100.
eg [RTC]bgp 100
[RTC-bgp]ipv4-family vpnv4
[RTC-bgp-af-vpn]peer 100 enable
[RTC-bgp-af-vpn]peer 5.5.5.5 group 100
8)
Configure the MP-BGP connection between SPE-UPE
On RTB, configure the MP-BGP connection between SPE-UPE under vpn
instance view, use the command ipv4-family vpnv4, peer 100 enable,
peer x.x.x.x group 100.
On RTE, configure the MP-BGP connection between SPE-UPE under vpn
instance view, and declare RTB as UPE, use the command ipv4-family
vpnv4, peer 100 enable, peer x.x.x.x group 100, peer x.x.x.x upe, peer
x.x.x.x default-route-advertise vpn-instance huawei
eg [RTB]bgp 100
[RTB-bgp]ipv4-family vpnv4
[RTB-bgp-af-vpn]peer 100 enable
[RTB-bgp-af-vpn]peer 5.5.5.5 group 100
[RTE]bgp 100
[RTE-bgp]ipv4-family vpnv4
[RTE-bgp-af-vpn]peer 100 enable
[RTE-bgp-af-vpn]peer 2.2.2.2 group 100
[RTE-bgp-af-vpn] peer 2.2.2.2 upe
[RTE-bgp-af-vpn] peer 2.2.2.2 default-route-advertise vpn-instance
huawei
Confidential Information of Huawei. No Spreading without Permission

ODL010026 HoVPN Configuration Guide ISSUE1.0

Chapter 1 HoVPN Configuration Guide

1.6 Configure Reference


The detail configuration on Attachment 3: Example of HoVPN

Confidential Information of Huawei. No Spreading without Permission