Zte ZXR10 5900E series Configuration Manual
  1. Manuals
  2. Brands
  3. Zte Manuals
  4. Switch
  5. ZXR10 5900E Series
  6. Configuration manual

Zte ZXR10 5900E series Configuration Manual

Easy-maintenance mpls routing switch
Hide thumbs Also See for ZXR10 5900E series:
Table of Contents

Advertisement

Quick Links

See also: Configuration Manual , Instruction Manual
ZXR10 5900E Series
Easy-Maintenance MPLS Routing Switch
Configuration Guide (VPN)
Version: 3.00.11
ZTE CORPORATION
No. 55, Hi-tech Road South, ShenZhen, P.R.China
Postcode: 518057
Tel: +86-755-26771900
Fax: +86-755-26770801
URL: http://support.zte.com.cn
E-mail: support@zte.com.cn

Advertisement

Table of Contents
loading

Related Manuals for Zte ZXR10 5900E series

Summary of Contents for Zte ZXR10 5900E series

  • Page 1 ZXR10 5900E Series Easy-Maintenance MPLS Routing Switch Configuration Guide (VPN) Version: 3.00.11 ZTE CORPORATION No. 55, Hi-tech Road South, ShenZhen, P.R.China Postcode: 518057 Tel: +86-755-26771900 Fax: +86-755-26770801 URL: http://support.zte.com.cn E-mail: support@zte.com.cn...
  • Page 2 ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by contractual confidentiality obligations. All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE CORPORATION or of their respective owners.

  • Page 3: Table Of Contents

    2.2.4 VPLS Configuration Example ..............2-17 2.3 VPWS Basic Function Configuration ..............2-20 2.3.1 VPWS Overview ..................2-20 2.3.2 Configuring a VPWS................2-21 2.3.3 Maintaining VPWS Instances ..............2-23 2.3.4 VPWS Configuration Example..............2-28 Figures......................I SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 4 Tables ......................III Glossary ......................V SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

  • Page 5: About This Manual

    About This Manual Purpose This manual is the ZXR10 5900E Series (V3.00.11) Easy-Maintenance MPLS Routing Switch Configuration Guide (VPN), which is applicable to the ZXR10 5900E (V3.00.11) series switches. Intended Audience This manual is intended for: Network planning engineer Debugging engineer...
  • Page 6 This page intentionally left blank. SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

  • Page 7: Chapter 1 Mpls L3Vpn Configuration

    Since label switching is used in network, the IP addresses used by users in their Local Area Networks (LAN) can be repeated. In this way, IP resource utilization rate is improved. 3. Improve network speed SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 8 ZXR10 5900E Series Configuration Guide (VPN) Since label switching is used, the time for address search in each hop process is shortened. In this way, the time of data transmission time is reduced in network, and the network speed is improved.
  • Page 9 ID). Router IP address is a public address. If the type domain is 2, the administrator domain contain four bytes Autonomous à System ID. AN field: The number assigned by a network operator SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 10 ZXR10 5900E Series Configuration Guide (VPN) If the type field is 0, AN field covers four bytes. à If the type field is 1, AN field covers two bytes. à If the type field is 2, AN field covers two bytes.

  • Page 11: Configuring Mpls L3Vpn

    {ipv4|ipv6} This activates IPv4 or IPv6 ZXR10(config-vrf-vrf-name)# address family. route-target [ This creates route-target ZXR10(config-vrf-vrf-name-af-ipv4)# import | export | both]<extended-community> extension community attribute route-target [ relating to VRF. ZXR10(config-vrf-vrf-name-af-ipv6)# import | export | both]<extended-community> SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 12 ZXR10 5900E Series Configuration Guide (VPN) Step Command Function interface < interface-name> This enters interface ZXR10(config)# configuration mode. ip vrf forwarding < This associates interface to ZXR10(config-if-interface-name)# vrf-name> VRF. Delete the existent IP address of the interface before using this command.

  • Page 13: Figure 1-1 Running Static Route Protocol Between Ce And Pe

    CE1(config)#interface vlan1 CE1(config-if-vlan1)#ip address 10.1.0.1 255.255.255.252 CE1(config-if-vlan1)#exit CE1(config)#interface vlan2 CE1(config-if-vlan2)#ip address 10.1.1.254 255.255.255.0 CE1(config-if-vlan2)#exit CE1(config)#ip route 10.2.0.0 255.255.0.0 10.1.0.2 PE1 configuration, PE1(config)#ip route vrf vpn_a 10.1.0.0 255.255.0.0 10.1.0.1 PE1(config)#router bgp 100 PE1(config-bgp)#address-family ipv4 vrf vpn_a SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 14 ZXR10 5900E Series Configuration Guide (VPN) PE1(config-bgp-af-ipv4-vrf)#redistribute static PE1(config-bgp-af-ipv4-vrf)#exit Configuring RIP Protocol Between CE and PE To run RIP between CE and PE, perform the following steps on ZXR10 5900E. Step Command Function router rip This enters RIP configuration mode.

  • Page 15: Figure 1-2 Running Rip Between Ce And Pe

    CE1(config-rip)#exit PE1 configuration, PE1(config)#router rip PE1(config-rip)#version 2 PE1(config-rip)#address-family ipv4 vrf vpn_a PE1(config-rip-af)#no auto-summary PE1(config-rip-af)#version 2 PE1(config-rip-af)#network 10.1.0.0 0.0.0.3 PE1(config-rip-af)#redistribute bgp-int PE1(config-rip-af)#exit PE1(config-rip)#exit PE1(config)#router bgp 100 PE1(config-bgp)#address-family ipv4 vrf vpn_a PE1(config-bgp-af-ipv4-vrf)#redistribute rip PE1(config-bgp-af-ipv4-vrf)#redistribute connected PE1(config-bgp-af-ipv4-vrf)#exit SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

  • Page 16: Figure 1-3 Enabling The Ospf Protocol On Ce And Pe Devices

    ZXR10 5900E Series Configuration Guide (VPN) Configuring OSPF between CE and PE To run OSPF between CE and PE, perform the following steps on ZXR10 5900E. Step Command Function router ospf < process-id>[ vrf < vrf-name>] This enters OSPF VRF ZXR10(config)# configuration mode.

  • Page 17: Configuring Ebgp Between Ce And Pe

    5,100-byte ICMP echos to 10.1.1.1,timeout is 2 seconds. !!!!! Success rate is 100 percent(5/5),round-trip min/avg/max= 0/0/10 ms. Configuring EBGP between CE and PE To configure EBGP between a CE and a PE, perform the following steps on ZXR10 5900E. 1-11 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

  • Page 18: Figure 1-4 Running Ebgp Between Ce And Pe

    ZXR10 5900E Series Configuration Guide (VPN) Step Command Function router bgp < as-number> This enters into BGP route ZXR10(config)# configuration mode. address-family ipv4 vrf < vrf-name> This enters into the ZXR10(config-bgp)# corresponding VRF address family configuration mode. neighbor < ip-address>...

  • Page 19: Figure 1-5 Mpbgp Protocol Configuration

    ZXR10(config-bgp)# family configuration mode. neighbor <ip-address> This activates vpnv4 ability of ZXR10(config-bgp-af-vpnv4)# neighbor. activate Configuration Example As shown in Figure 1-5, run MPBGP between PE1 and PE2. Figure 1-5 MPBGP Protocol Configuration 1-13 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 20 ZXR10 5900E Series Configuration Guide (VPN) Caution! Before perform the following configurations, make sure that PE1 and PE2 can be ping each other by using their loopback addresses. PE1 configuration, PE1(config)#router bgp 100 PE1(config-bgp)#neighbor 1.1.1.3 remote-as 100 PE1(config-bgp)#neighbor 1.1.1.3 activate PE1(config-bgp)#neighbor 1.1.1.3 update-source loopback1...

  • Page 21: Figure 1-6 Rr Configuration Example Topology

    1-6. P acts as router reflector (RR), the loopback1 address of PE1 is 61.139.36.34/32, the loopback2 address of PE2 is 61.139.36.35/32, and the loopback1 address of P is 61.139.36.31/32. Figure 1-6 RR Configuration Example Topology Configuration Requirements 1-15 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 22 ZXR10 5900E Series Configuration Guide (VPN) Make sure that PE1 and PE2 can learn loopback addresses between each other. à PE1 and PE2 establish LDP neighborhood with RR respectively. RR establishes MP-IBGP neighborhood with PE1 and PE2 respectively. PE1 à...

  • Page 23: Maintaining Mpls Vpn

    Routes of vpn: status codes: *valid, >best, s-stale Dest NextHop Intag Outtag RtPrf Protocol *>10.10.0.0/16 30.1.2.1 164963 163863 bgp-int 1.1.3 Maintaining MPLS VPN To maintain MPLS VPN, use the following commands on ZXR10 5900E. 1-17 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

  • Page 24: Mpls Vpn Configuration Examples

    ZXR10 5900E Series Configuration Guide (VPN) Command Function ping [ vrf < vrf-name>]< ip-address> This inspects network connectivity. ZXR10# show ip vrf [[[ brief | detail ][< vrf-name>]]| summary] This shows VRF information. ZXR10# show ip protocol routing vrf <vrf-name>[network This shows VRF routing table.
  • Page 25 CE1(config)#interface loopback1 CE1(config-if-loopback1)#ip address 100.1.1.1 255.255.255.0 CE1(config-if-loopback1)#exit CE1(config)#interface vlan1 CE1(config-if-vlan1)#ip address 10.1.1.2 255.255.255.0 CE1(config-if-vlan1)#exit CE1(config)#router bgp 200 CE1(config-bgp)#network 100.1.1.0 255.255.255.0 CE1(config-bgp)#neighbor 10.1.1.1 remote-as 100 PE1 configuration, PE1(config)#ip vrf test1 PE1(config-vrf-test1)#rd 100:1 PE1(config-vrf-test1)#address-family ipv4 1-19 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 26 ZXR10 5900E Series Configuration Guide (VPN) PE1(config-vrf-test1-af-ipv4)#route-target import 100:1 PE1(config-vrf-test1-af-ipv4)#route-target export 100:1 PE1(config-vrf-test1-af-ipv4)#exit PE1(config-vrf-test1)#exit PE1(config)#interface loopback1 PE1(config-if-loopback1)#ip address 10.10.1.1 255.255.255.255 PE1(config-if-loopback1)#exit PE1(config)#interface vlan2 PE1(config-if-vlan2)#ip address 10.10.12.1 255.255.255.0 PE1(config-if- vlan2)exit PE1(config)#mpls ldp instance 1 PE1(config-ldp-1)#route-id loopback1 PE1(config-ldp-1)#interface vlan2 PE1(config-ldp-1-if-vlan2)#exit PE1(config-ldp-1)#exit PE1(config)#mpls interface vlan1...
  • Page 27 PE2(config)#mpls interface vlan3 PE2(config)#interface vlan4 PE2(config-if-vlan4)#ip vrf forwarding test1 PE2(config-if-vlan4)#ip address 10.10.10.1 255.255.255.0 PE2(config-if-vlan4)#exit PE2(config)#router ospf 1 PE2(config-ospf-1)#network 10.10.0.0 0.0.255.255 area 0.0.0.0 PE2(config-ospf-1)#exit PE2(config)#router ospf 2 vrf test1 PE2(config-ospf-2)#network 10.10.10.1 0.0.0.0 area 0.0.0.0 1-21 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 28 ZXR10 5900E Series Configuration Guide (VPN) PE2(config-ospf-2)#redistribute bgp-int PE2(config-ospf-2)#exit PE2(config)#router bgp 100 PE2(config-bgp)#neighbor 10.10.1.1 remote-as 100 PE2(config-bgp)#neighbor 10.10.1.1 update-source loopback1 PE2(config-bgp)#address-family ipv4 vrf test1 PE2(config-bgp-af-ipv4-vrf)#redistribute ospf-int2 PE2(config-bgp-af-ipv4-vrf)#redistribute connected PE2(config-bgp-af-ipv4-vrf)#exit PE2(config-bgp)#address-family vpnv4 PE2(config-bgp-af-vpnv4)#neighbor 10.10.1.1 activate PE2(config-bgp-af-vpnv4)#exit PE2(config-bgp)#exit PE2(config)#mpls ldp instance 1...

  • Page 29: Figure 1-8 Mpls Vpn Ospf Sham-Link Configuration Example Topology

    Interface Name Address gei-0/1/1/1 (vlan1) 10.1.1.2/24 gei-0/1/1/9 (vlan5) 20.1.1.2/24 gei-0/1/1/2 (vlan1) 10.1.1.1/24 gei-0/1/1/3 (vlan2) 10.10.12.1/24 gei-0/1/1/4 (vlan2) 10.10.12.2/24 gei-0/1/1/5 (vlan3) 10.10.23.2/24 gei-0/1/1/6 (vlan3) 10.10.23.3/24 gei-0/1/1/7 (vlan4) 10.10.10.1/24 gei-0/1/1/8 (vlan4) 10.10.10.2/24 gei-0/1/1/10 (vlan5) 20.1.1.1/24 1-23 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

  • Page 30: Configuration Commands

    ZXR10 5900E Series Configuration Guide (VPN) Configuration Thought 1. Configure the IP addresses of loopback and physical interfaces on CE1. Configure OSPF route. 2. Advertise the loopback interface IP address and the direct-connected network segment in OSPF. 3. Set up SHAM-LINK.
  • Page 31 PE1(config-ldp-1)#exit P configuration, P(config)#interface vlan2 P(config-if-vlan2)#ip address 10.10.12.2 255.255.255.0 P(config-if-vlan2)#exit P(config)#mpls ldp instance 1 P(config-ldp-1)#interface vlan2 P(config-ldp-1-if-vlan2)#exit P(config-ldp-1)#exit P(config)#interface vlan3 P(config-if-vlan3)#ip address 10.10.23.2 255.255.255.0 P(config-if-vlan3)#exit P(config)#mpls ldp instance 1 P(config-ldp-1)#interface vlan3 P(config-ldp-1-if-vlan3)#exit P(config-ldp-1)#exit 1-25 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 32 ZXR10 5900E Series Configuration Guide (VPN) P(config)#mpls interface vlan2 P(config)#mpls interface vlan3 P(config)#interface loopback1 P(config-if-loopback1)#ip address 10.10.2.2 255.255.255.255 P(config-if-loopback1)#exit P(config)#router ospf 1 P(config-ospf-1)#network 10.0.0.0 0.255.255.255 area 0.0.0.0 P(config-ospf-1)#exit P(config)#mpls ldp instance 1 P(config-ldp-1)#router-id loopback1 PE2 configuration (Here, PE2 connects to CE2 by Ethernet sub-interface),...

  • Page 33: Configuration Description

    Site 1 connects to AS100, and site 2 connects to AS200. Both site 1 and site 2 provide MPLS VPN. To set up MPLS VPN connection between site 1 and site 2, back-to-back (VRF—VRF) is used. This is the simplest mode to realize VPN between ASs. 1-27 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

  • Page 34: Figure 1-9 Mpls Vpn Cross-Domain Configuration Example

    ZXR10 5900E Series Configuration Guide (VPN) Figure 1-9 MPLS VPN Cross-Domain Configuration Example Configuration Thought 1. All of PE1, PE2 and PE3, PE4 have VPN1. The RD is 1:1, and the RT is 1:1. 2. Establish LDP, IGP and MPIGP neighborhoods between PE1 and PE2. Establish LDP, IGP and MP-IBGP neighborhoods between PE3 and PE4.
  • Page 35 Enable LDP between PE3 and PE4 to establish LSP. Configuration Verification Use show bgp vpnv4 unicast vrf vpn1 summary on PE1 to view the EBGP neighborhood establishing with 100.1.1.2. PE1#show bgp vpnv4 unicast vrf vpn1 summary 1-29 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 36 ZXR10 5900E Series Configuration Guide (VPN) Neighbor MsgRcvd MsgSend Up/Down State/PfxRcd 100.1.1.2 65000 00:10:00 Use show bgp vpnv4 unicast neighbor 1.2.3.4 on PE2 to view the configuration, PE2#show bgp vpnv4 unicast neighbor 1.2.3.4 BGP neighbor is 1.2.3.4, remote AS 100, external link BGP version 4, remote router ID 1.2.3.4...
  • Page 37 For address family: IPv6 Multicast no activate Weight is 0 All received nlri 0, unnlri 0, 0 accepted prefixes, 0 deleting prefixes All sent nlri 0, unnlri 0, 0 advertised prefixes Maximum limit 4294967295 1-31 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 38 ZXR10 5900E Series Configuration Guide (VPN) Threshold for warning message 75% For address family: VPNv6 Unicast no activate Weight is 0 All received nlri 0, unnlri 0, 0 accepted prefixes, 0 deleting prefixes All sent nlri 0, unnlri 0, 0 advertised prefixes...
  • Page 39 0 IPv4 route-target end_of_ribs, 0 notifications For address family: IPv4 Unicast Weight is 0 All received nlri 0, unnlri 0, 0 accepted prefixes, 0 deleting prefixes All sent nlri 0, unnlri 0, 0 advertised prefixes Maximum limit 4294967295 1-33 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 40 ZXR10 5900E Series Configuration Guide (VPN) Threshold for warning message 75% For address family: IPv4 Multicast no activate Weight is 0 All received nlri 0, unnlri 0, 0 accepted prefixes, 0 deleting prefixes All sent nlri 0, unnlri 0, 0 advertised prefixes...

  • Page 41: Mpls Vpn Route Aggregation Configuration

    By means of the aggregation-address command in BGP vrf address family mode, BGP protocol can aggregate the learnt VPN routes to a route for advertising. In this way, the route entries in VPN routing table can be reduced observably. 1-35 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

  • Page 42: Configuring Mpls Vpn Route Aggregation

    ZXR10 5900E Series Configuration Guide (VPN) 1.2.2 Configuring MPLS VPN Route Aggregation To configure MPLS VPN route aggregation, perform the following steps on ZXR10 5900E. Step Command Function router bgp < as-number> This enters BGP route ZXR10(config)# configuration mode. address-family ipv4 vrf < vpn-name>...

  • Page 43: Mpls Vpn Route Aggregation Configuration Example

    150.2.0.0/16 to PE1 respectively. PE1 aggregates two routes to 150.0.0.0/8, and then advertises it to PE2. After that, PE2 only learns the aggregated route 150.0.0.0/8. Figure 1-10 MPLS VPN Route Aggregation Configuration Example Topology Device Interface Name Address gei-0/1/1/1 (vlan1) 20.0.0.2/24 1-37 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 44 ZXR10 5900E Series Configuration Guide (VPN) Device Interface Name Address gei-0/1/1/2 (vlan1) 20.0.0.1/24 gei-0/1/1/4 (vlan2) 30.0.0.1/24 gei-0/1/1/5 (vlan3) 10.0.0.1/24 gei-0/1/1/6 (vlan3) 10.0.0.2/24 gei-0/1/1/3 (vlan2) 30.0.0.2/24 Configuration Thought 1. Establish MP-BGP neighborhood between PE1 and PE2. The loopback address of PE1 is 1.1.1.1/32, and that of PE2 is 1.1.1.2/32.
  • Page 45 PE1(config-bgp-af-ipv4-vrf)#exit PE1(config-bgp)#address-family vpnv4 PE1(config-bgp-af-vpnv4)#neighbor 1.1.1.2 activate PE1(config-bgp-af-vpnv4)#exit PE2 configuration, PE2(config)#ip vrf test1 PE2(config-vrf-test1)#rd 100:1 PE2(config-vrf-test1)#address-family ipv4 PE2(config-vrf-test1-af-ipv4)#route-target import 100:1 PE2(config-vrf-test1-af-ipv4)#route-target export 100:1 PE2(config-vrf-test1-af-ipv4)#exit PE2(config-vrf-test1)#exit PE2(config)#interface loopback1 PE2(config-if-loopback1)#ip address 1.1.1.2 255.255.255.255 PE2(config-if-loopback1)#exit PE2(config)#interface vlan3 1-39 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 46 ZXR10 5900E Series Configuration Guide (VPN) PE2(config-if-vlan3)#ip address 10.0.0.2 255.255.255.0 PE2(config-if-vlan3)#exit PE2(config)#mpls ldp instance 1 PE2(config-ldp-1)#interface vlan3 PE2(config-ldp-1-if-vlan3)#exit PE2(config-ldp-1)#exit PE2(config)#mpls interface vlan3 PE2(config)#router ospf 1 PE2(config-ospfv-1)#router-id 1.1.1.2 PE2(config-ospf-1)#network 1.1.1.2 0.0.0.0 area 0.0.0.0 PE2(config-ospf-1)#network 10.0.0.0 0.0.0.255 area 0.0.0.0 PE2(config-ospf-1)#exit PE2(config)#mpls ldp instance 1...

  • Page 47: Vpn Route Restriction And Alarm

    When the total number of VRF routes exceeds the threshold warning-only value, give an alarm but not restrict the routes. 1.3.3 Maintaining VPN Route Restriction and Alarm To maintain VPN route restriction and alarm, use the following command on ZXR10 5900E. 1-41 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 48 ZXR10 5900E Series Configuration Guide (VPN) Command Function This shows VRF configuration is show ip vrf detail ZXR10# detail. When the detailed information of the VRF is displayed, the information related to route restriction and alarm is displayed. The following is a sample output of the show ip vrf detail...

  • Page 49: Vpn Route Alarm Configuration Example

    1-11, a L3VPN network is constructed. VRF named zte is configured on PE1, and its both of its RT and RD is 1:1. The interface int 1 is bound to VRF zte. The IP address of int 1 is 10.1.1.1/24, and that of port 1 is 10.1.1.2/24. CE1 accesses to PE1 through EBGP.
  • Page 50 Use show bgp vpnv4 unicast vrf zte summary on PE1 to view whether the neighborhood between PE1 and CE1 is established. 2. Configure the maximum value of VRF zte routes is 100 on PE1, and the route alarm threshold value is 60%.
  • Page 51 5. CE1 continues to advertise 30 route entries to PE1. There are 100 EBGP route entries (It exceeds 100 of alarm threshold value). Use show ip protocol routing vrf-summary zte on PE1 to view the 100 VRF EBGP route entries. PE1(config)#show ip protocol routing vrf-summary zte...
  • Page 52 PE1(config-vrf-zte-af-ipv4)#exit View the number of current routes, route restriction value, and alarm threshold value of vrf zte on PE1. The total number of routes is 50, there is no alarm appears because the route threshold value is not exceeded. PE1(config)#show ip vrf detail zte VRF zte (VRF Id = 9);...
  • Page 53 Interface: vlan1 Advertise another 60 routes from CE1. The number of routes exceeds the threshold value. PE1 displays the corresponding alarm. VRF zte of PE1 does not restrict extra routes. An alarm 200310 ID 162 level 3 cleared at 09:54:59 06-06-2014 sent by ZXR10 MP-0/T1/0 %L3VPN% Routes limit is reached.
  • Page 54 ZXR10 5900E Series Configuration Guide (VPN) ipv6 VRF label allocation mode: per-prefix per-vrf inlabel: 212999 Interface: vlan1 1-48 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

  • Page 55: Mpls L2Vpn Basic Function Configuration

    To connect all the user LANs and provide L2 switch service, it emulates operator network to a LAN switch or bridge. The difference between VPLS and VPWS is that VPWS provides point to point service only while VPLS provides point to multi-points SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

  • Page 56: Figure 2-1 Vpws Working Principle

    ZXR10 5900E Series Configuration Guide (VPN) services. That is, CE device on VPWS selects a virtual wire to send data to a user site, while CE device on VPLS sends all data to its PE device connecting only. MPLS L2VPN Principle VPWS: VPWS is to establish a special line and provide Layer 2 transparent transmission service on the basis of MPLS network.

  • Page 57: Configuring Mpls L2Vpn Services

    L2VPN instance and member information can be configured only when the L2VPN service is enabled. Configuring an MSPW The Multi-Segment Pseudo-Wire (MSPW) is an emulational end-to-end pseudo wire established between two PEs. To configure an MSPW on the ZXR10 5900E, perform the following steps: SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 58 ZXR10 5900E Series Configuration Guide (VPN) Step Command Function mspw <instance-name>[for {ethernet Creates an MSPW instance. ZXR10(config)# {tagged|raw}|fr {port|dlci|dlci-old}|tdm {aal1|aal2|satop {e1|e3|t1|t3}|cesopsn {basic|cas}|sonet-sdh {cesom|ceop}}|atm {port|vpc|vcc|vpc-group|vcc-group|sdu|pdu}|ip|hdlc|ppp}] pseudo-wire <pw-name> Binds the MSPW instance to ZXR10(config-mspw)# the PW interface. Describes the MSPW instance. description<description>...

  • Page 59: Maintaining Mpls L2Vpn Instances

    Default-VC ID Default VC ID of the VPLS instance Number of PWs Number of ACs description Description of the VPN The following is sample output from the show l2vpn summary command: ZXR10(config)#show l2vpn summary SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 60 ZXR10 5900E Series Configuration Guide (VPN) The summary information about configured L2VPN: vpn type configure/maximum VPLS 1/4095 VPWS 1/4095 MSPW 1/8192 For a description of the parameters in the execution result, refer to the following table: Parameter Description vpn type...

  • Page 61: Vpls Basic Function Configuration

    It is also called emulation circuit. TAG is added by service provider to distinguish users. It is called Service Delimiting (SDT), also called PTAG. VPLS working principle is shown in Figure 2-3. SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

  • Page 62: Figure 2-3 Vpls Working Principle

    ZXR10 5900E Series Configuration Guide (VPN) Figure 2-3 VPLS Working Principle VPLS working flow is described below. VPLS establishes full connection of PW among the VPLS instances of PE1, PE2 and PE3. All the VPLS instances belonging to a VPLS domain use the same VCID.

  • Page 63: Configuring A Vpls

    Enables the mac-withdraw function. mac-withdraw ZXR10(config-vpls)# access- Configures the Ethernet parameters for the ZXR10(config-vpls-zte-ac-vlan2)# params ethernet Configures the PW. pw pw1 ZXR10(config)# vpls zte ZXR10(config)# pseudo-wire pw1 ZXR10(config-vpls-zte)# neighbor ZXR10(config-vpls-zte-pw-pw1)# <ipv4-address>[ vcid <1-4294967295>] SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 64 ZXR10 5900E Series Configuration Guide (VPN) Step Command Function Configures the application tunnel policy for ZXR10(config-vpls-zte-pw-pw1- the PW. tunnel-policy neighbour-1.1.1.1)# <policy-name> Configures the signaling type for the PW. pseudo-wire pw1 ZXR10(config-vpls-zte)# neighbour ZXR10(config-vpls-zte-pw-pw1)# 1.1.1.1 vcid 100 ZXR10(config-vpls-zte-pw-pw1- signal {dynamic|static neighbour-1.1.1.1)# local-label <16-1048575>...

  • Page 65: Maintaining Vpls Instances

    <instance-name>]|[peer <ipv4-address>]}[detail] the instance name. Displays the brief information about the PW. show pwe3 signal ZXR10# show pwe3 signal fec128 {detail [local-label Displays the detailed information of the PW. ZXR10# <16-1048575>| peer <peerip>] 2-11 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 66 ZXR10 5900E Series Configuration Guide (VPN) Command Function Displays the signaling status statistics show pwe3 signal statistics ZXR10# information of each type of PW. The following is sample output from the show l2vpn brief command: VPLS count:1 VPWS count:1 MSPW count:1...
  • Page 67 --------------------------------------------------------------------------- Neighbourhood AGI/VC-ID Service AIIs/Descriptions Labels Status -------------------------------------------------------------------------- 100.100.1.2 00000064 ethernet 100.100.1.2 1684275458 81922 Ready $pw1 00000064 VPLS:1 100.100.1.1 1684275457 81923 LMNSA. 100.100.1.2 ethernet vpls_zte2222222222***22222 81921 Ready pw55901 ^^^^^^^ VPLS:2 vpls_zte1111111111***11111 81922 LMNSA. 2-13 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 68 ZXR10 5900E Series Configuration Guide (VPN) 100.100.1.2 ethernet fei-0/1/0/4 81920 Ready ^^^^^^^^ VPWS:1 fei-0/1/0/3 81920 LMNSA. ZXR10(config)# For a description of the parameters in the execution result, refer to the following table: show Command Output Description Neighbourhood Peer address AGI/VC-ID...
  • Page 69 The following is sample output from the show pwe3 signal statistics command: ZXR10(config)#show pwe3 signal statistics The statistics of dynamic PWs or PW-segments: Headers : APP - application instance of PW, C-bit - the PWs using control word, ether - the ethernet raw PWs, 2-15 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 70 ZXR10 5900E Series Configuration Guide (VPN) vlan - the ethernet tagged PWs, others - the non-ethernet PWs, used - signal procedures succeeded and VC-LSPs or transit-LSPs formed Codes : ?application instance not configured ----+-----+-----------------+----------------------+---------------- type|count|all dynamic PWs |used dynamic PWs |unused dynamic PWs...

  • Page 71: Vpls Configuration Example

    PE1(config-swvlan-if-gei-0/1/1/2)#switchport access vlan 100 PE1(config-swvlan-if-gei-0/1/1/2)#exit PE1(config-swvlan)#exit PE1(config)#interface vlan100 PE1(config-if-vlan100)#ip address 100.0.0.1 255.255.255.0 PE1(config-if-vlan100)#exit PE1(config)#router ospf 1 PE1(config-ospf-1)#network 206.206.206.206 0.0.0.0 area 0 PE1(config-ospf-1)#network 100.0.0.0 0.0.0.255 area 0 PE1(config-ospf-1)#exit PE1(config)#interface gei-0/1/1/1.1 PE1(config-if-gei-0/1/1/1.1)#exit PE1(config)#vlan-configuration PE1(config-vlan)#interface gei-0/1/1/1.1 PE1(config-vlan-if-gei-0/1/1/1.1)#encapsulation-dot1q range 10 2-17 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 72 ZXR10 5900E Series Configuration Guide (VPN) PE1(config-vlan-if-gei-0/1/1/1.1)#exit PE1(config-vlan)#exit PE1(config)# PE1(config)#mpls ldp instance 1 PE1(config-ldp-1)#interface vlan100 PE1(config-ldp-1-if-vlan100)#$ PE1(config-ldp-1)#router-id loopback1 PE1(config-ldp-1)#$ PE1(config)#mpls l2vpn enable PE1(config)#pw pw1 PE1(config)#vpls 128 PE1(config-vpls-128)#access-point gei-0/1/1/1.1 PE1(config-vpls-128-ac-gei-0/1/1/1.1)#access-params ethernet PE1(config-vpls-128-ac-gei-0/1/1/1.1-eth)#$ PE1(config-vpls-128-ac-gei-0/1/1/1.1)#$ PE1(config-vpls-128)#pseudo-wire pw1 PE1(config-vpls-128-pw-pw1)#neighbour 207.207.207.207 vcid 1 PE1(config-vpls-128-pw-pw1-neighbour)#$ PE1(config-vpls-128-pw-pw1)#$...
  • Page 73 S UP 81920 81920 L:test 1.1.1.2 128 Ethernet S UP 81921 81921 L:test PE1(config)#show l2vpn summary The summary information about configured L2VPN: vpn type configure/maximum VPLS 1/4095 VPWS 0/4095 MSPW 0/8192 VLSS 0/8000 2-19 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

  • Page 74: Vpws Basic Function Configuration

    ZXR10 5900E Series Configuration Guide (VPN) PE2: PE2(config)#show l2vpn forwardinfo Headers: PWType - Pseudo Wire type and Pseudo Wire connection mode Llabel - Local label, Rlabel - Remote label VPNowner - Owner type and instance name Codes : H - HUB mode, S - SPOKE mode, L - VPLS, W - VPWS, M - MSPW...

  • Page 75: Configuring A Vpws

    PW. Configures the redundancy protect-type ZXR10(config-vpws-zte-pw-pw1-rm)# {1+1|1:1}{bidirectional|unidirectional}[receiving protection mode for the PW. {selective|both}] protect-strategy {aps|mc-aps {master|backup}} Configures the standby PW and exit ZXR10(config-vpws-zte-pw-pw1-rm)# protection relationship. exit ZXR10(config-vpws-zte-pw-pw1)# backup-pw <pw-name> protect ZXR10(config-vpws-zte)# <pw-name> 2-21 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 76 ZXR10 5900E Series Configuration Guide (VPN) Step Command Function Configures the standby PW. neighbour ZXR10(config-vpws-zte-protect-pw2)# <ipv4-address>[ vcid <1-4294967295>] Enables the use of the control ZXR10(config-vpws-zte-pw-pw1-neighbour-1.1.1.2)# word for the PW. ontrol-word preferred Enables the VCCV function for ZXR10(config-vpws-zte-pw-pw1-neighbour-1.1.1.2)# ccv bfd capability {basic|status} encapsulation {raw|ip} the PW.

  • Page 77: Maintaining Vpws Instances

    PW interface type is dynamic dynamic PW interface type is static static <16-1048575> Range of the PW label 2.3.3 Maintaining VPWS Instances To maintain VPWS instances on the ZXR10 5900E, run the following command: 2-23 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 78 ZXR10 5900E Series Configuration Guide (VPN) Command Function Displays the list of LSVPN show l2vpn brief ZXR10# instances and the number of AC and PW interfaces bound to L2VPN instances. Displays the number of L2VPN show l2vpn summary ZXR10# instances.
  • Page 79 Labels - local label (in label) and remote label (out label) Codes : L - Local configured; M - Mapping received; N - Negotiated; S - mapping Sent; A - AC ready (VPWS) or service Attached (VPLS/MSPW); C - Control word used; 2-25 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 80 ZXR10 5900E Series Configuration Guide (VPN) - PW signal procedures succeeded and both VC-LSPs formed; Down - PW not UP; Vague - session state is not UP; Ready - session state is UP; - session state is not UP and PW's remote label is staling;...
  • Page 81 Whether the signalling negotiation is successful Sent Whether local end sends a mapping message to the peer end AC ready Whether the binding interface is in up status (for VPWS) application Application information 2-27 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

  • Page 82: Vpws Configuration Example

    ZXR10 5900E Series Configuration Guide (VPN) show Command Output Description service-type Application type instance-id VPN instance ID LDP session LDP session state attachment-circuit Name of the binding interface (VPWS binding interface) local-description Description of the local interface (interface name) remote-description...
  • Page 83 ZXR10(config-if-vlan1)#ip address 10.1.1.2 255.255.255.0 ZXR10(config-if-vlan1)#no shutdown ZXR10(config-if-vlan1)#exit ZXR10(config)#interface loopback1 ZXR10(config-if-loopback1)#ip address 1.1.1.2 255.255.255.255 ZXR10(config-if-loopback1)#exit ZXR10(config)#ip route 1.1.1.1 255.255.255.255 10.1.1.1 ZXR10(config)#mpls ldp instance 1 ZXR10(config-ldp-1)#router-id loopback1 ZXR10(config-ldp-1)#interface vlan1 ZXR10(config-ldp-1-if-vlan1)#exit ZXR10(config-ldp-1)#exit ZXR10(config)#pw pw1 ZXR10(config)#interface vlan2 2-29 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 84 ZXR10 5900E Series Configuration Guide (VPN) ZXR10(config-if-vlan2)#exit ZXR10(config)#mpls l2vpn enable ZXR10(config)#vpws test ZXR10(config-vpws-test)#mtu 100 ZXR10(config-vpws-test)#access-point vlan2 ZXR10(config-vpws-test-ac-vlan2)#access-params ethernet ZXR10(config-vpws-test-ac-vlan2-eth)#exit ZXR10(config-vpws-test-ac-vlan2)#exit ZXR10(config)#pseudo-wire pw1 ZXR10(config-vpws-test-pw-pw1)#neighbour 1.1.1.1 vcid 100 ZXR10(config-vpws-test-pw-pw1-neighbour-1.1.1.1)#exit ZXR10(config-vpws-test-pw-pw1)#exit ZXR10(config-vpws-test)#exit ZXR10(config)# Configuration Verification Run the show l2vpn forwardinfo command to verify that the VPWS PW is configured successfully on the switch.

  • Page 85: Figures

    Figure 2-2 VPLS Working Principle ................2-3 Figure 2-3 VPLS Working Principle ................2-8 Figure 2-4 Network Structure of L2VPN VPLS Configuration ........2-17 Figure 2-5 Network Structure of an L2VPN VPWS Ethernet PW Configuration ..................2-28 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 86 Figures This page intentionally left blank. SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 87 Tables Table 1-1 MPLS VPN Basic Configuration Address Table ........1-18 Table 1-2 MPLS VPN OSPF SHAM-LINK Address Table ........1-23 SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 88 Tables This page intentionally left blank. SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 89 - Internet Engineering Task Force ILMI - Interim Local Management Interface - Internet Protocol IS-IS - Intermediate System-to-Intermediate System - Internet Service Provider - Local Area Network - Local Management Interface - Label Switched Path SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...
  • Page 90 ZXR10 5900E Series Configuration Guide (VPN) - Link State Packet - Metropolitan Area Network MC-ELAM - Multi-Chassis Ethernet Link Aggregation Manager MPLS - Multiprotocol Label Switching - Network Address Translation OSPF - Open Shortest Path First - Provider Edge - Pseudo Wire...
  • Page 91 Glossary - Virtual Private Network VPWS - Virtual Private Wire Service - Virtual Route Forwarding - Wide Area Network SJ-20150114102049-016|2015-03-10 (R1.0) ZTE Proprietary and Confidential...

Table of Contents