Documentos de Académico
Documentos de Profesional
Documentos de Cultura
1.1 Overview
In this lab exercise, you will:
Configure Layer 3 connectivity on all chassis and Access Switches
Understand the basic operation of Layer 3 and Comware
-1-
Figure 1-1
Figure 1-2
-2-
Chassis #2
58x0 #1
58x0 #2
PC 1
PC 2
IMC Server
POD#2
Chassis #1
Chassis #2
58x0 #1
58x0 #2
PC 1
PC 2
IMC Server
POD#3
Chassis #1
Chassis #2
58x0 #1
58x0 #2
PC 1
PC 2
IMC Server
Interface
IP Address
Loopback 0
Vlan 99
Vlan 31
Vlan 10
Vlan 11
Loopback 0
Vlan 99
Vlan 12
Vlan 10
Vlan 11
Vlan 10
Vlan 10
Plugged into VLAN x
Plugged into VLAN x
Plugged into VLAN 10
1.1.1.1/32
10.10.1.1/24
10.10.31.1/24
10.1.10.1/24
10.1.11.1/24
1.1.1.2/32
10.10.1.2/24
10.10.12.2/24
10.1.10.2/24
10.1.11.2/24
10.1.10.10/24
10.1.10.11/24
10.1.x.100/24 Gateway 10.1.x.254
10.1.x.101/24 Gateway 10.1.x.254
10.1.10.200
Loopback 0
Vlan 99
Vlan 12
Vlan 10
Vlan 11
Loopback 0
Vlan 99
Vlan 23
Vlan 10
Vlan 11
Vlan 10
Vlan 10
Plugged into VLAN x
Plugged into VLAN x
Plugged into VLAN 10
2.2.2.1/32
10.10.2.1/24
10.10.12.1/24
10.2.10.1/24
10.2.11.1/24
2.2.2.2/32
10.10.2.2/24
10.10.23.2/24
10.2.10.2/24
10.2.11.2/24
10.2.10.10/24
10.2.10.11/24
10.2.x.100/24 Gateway 10.2.x.254
10.2.x.101/24 Gateway 10.2.x.254
10.2.10.200
Loopback 0
Vlan 99
Vlan 23
Vlan 10
Vlan 11
Loopback 0
Vlan 99
Vlan 31
Vlan 10
Vlan 11
Vlan 10
Vlan 10
Plugged into VLAN x
Plugged into VLAN x
Plugged into VLAN 10
3.3.3.1/32
10.10.3.1/24
10.10.23.1/24
10.3.10.1/24
10.3.11.1/24
3.3.3.2/32
10.10.3.2/24
10.10.31.2/24
10.3.10.2/24
10.3.11.2/24
10.3.10.10/24
10.3.10.11/24
10.3.x.100/24 Gateway 10.3.x.254
10.3.x.101/24 Gateway 10.3.x.254
10.3.10.200
-3-
1.4 Equipment
Version
No.
Description
S750xE
5.20 E6605P01
S9500E
5.20 R1230
S12508E
5.20 R1230
3
module
Requirement is ability to
S5800/S5820x
5.20 R11109P01
2
build IRF 2 stack
Client
Note that the cards and versions may not be exactly the same as your lab environment. When that is the case,
please adjust the parameters to fit your lab.
Use the lab hand outs to note down the appropriate port numbers and additional information that you might need to
fulfill the labs.
-4-
1.6 Procedures
Mission1Configure basic IP configuration on the Chassis Switches
Step1Login to the Chassis switch through the serial port
Step2Ensure that all switches are running the same software version
[PODxx]display version
Step3Ensure that all switches have no active configurations
<H3C>system
[PODxx]reset saved-configuration
[PODxx]quit
<PODxx>reboot
<H3C>system
[H3C]sysname PODxxC1
(xx = POD: 00, 01, 02, 03 and C1 becomes C2 for Chassis #2)
Step4Configure telnet for this switch.
[PODxxC1]local-user admin
[PODxxC1]password simple admin
[PODxxC1]authorization-attribute level 3
[PODxxC1]service-type terminal telnet
[PODxxC1]quit
[PODxxC1]user-interface vty 0 4
[PODxxC1]authentication-mode scheme
[PODxxC1]quit
[PODxxC1]telnet server enable
Step5Save the configuration and set as the startup config on all swiches:
[PODxxC1]quit
<PODxxC1>save l3.cfg
<PODxxC1>startup saved-configuration l3.cfg
-5-
[PODxxC1-ospf-1]opaque-capability enable
[PODxxC1-ospf-1]graceful-restart ietf
[PODxxC1-ospf-1]quit
Step4Save the configuration and set as the startup config on all switches
[PODxxC1]quit
<PODxxC1>save l3.cfg
<PODxxC1>startup saved-configuration l3.cfg
Step5Configure VLAN Interfaces for Chassis #2
Configure Chassis #2 to Chassis #1 Connection VLAN 99 and IP Address
<PODxxC2>system
[PODxxC2]vlan 99
[PODxxC2]port Ten-GigabitEthernet2/0/1
[PODxxC2-vlan99]quit
[PODxxC2]interface vlan-interface 99
[PODxxC2-Vlan-interface99]ip address 10.10.x.2 24
(where x is the POD number)
[PODxxC2-Vlan-interface99]quit
Configure Pod-to-Pod VLAN
[PODxxC2]vlan yy
[PODxxC2]port GigabitEthernet3/0/1
[PODxxC2-vlanyy]quit
[PODxxC2]interface vlan-interface yy
[PODxxC2-Vlan-interfaceyy]ip address 10.10.yy.2 24
[PODxxC2-Vlan-interfaceyy]quit
(Where yy is the Pod-to-Pod VLAN from the table/diagram above)
[PODxxC2-ospf-1-area-0.0.0.0]quit
[PODxxC2-ospf-1]opaque-capability enable
[PODxxC2-ospf-1]graceful-restart ietf
[PODxxC2-ospf-1-area-0.0.0.0]quit
[PODxxC2-ospf-1]quit
Step6Save the configuration and set as the startup config on all switches
[PODxxC2]quit
<PODxxC2>save l3.cfg
<PODxxC2>startup saved-configuration l3.cfg
Before continuing with the lab, ensure that you have a fully operational OSPF environment. Verify the adjacencies
and routing tables and verify whether you are able to ping all the loopback addresses.
[PODxxC1]display ospf peer verbose
[PODxxC1]disp ip routing-table
-8-
Connect switches as shown in the diagran and verify connectivity from each access switch port GigabitEthernet
1/0/1 to the VLAN 10 IP Address of each Chassis Switch.
- 10 -
Mission4Configure VRRP
Step1Configure VRRP between Chassis switches
On Chassis #1
[PODxxC1]interface vlan-interface 10
[PODxxC1-Vlan-interface10]vrrp vrid 1 virtual-ip 10.x.10.254
[PODxxC1-Vlan-interface10]vrrp vrid 1 priority 110
[PODxxC1-Vlan-interface10]quit
[PODxxC1]interface vlan-interface 11
[PODxxC1-Vlan-interface11]vrrp vrid 2 virtual-ip 10.x.11.254
[PODxxC1-Vlan-interface11]quit
On Chassis #2
[PODxxC2]interface vlan-interface 10
[PODxxC2-Vlan-interface10]vrrp vrid 1 virtual-ip 10.x.10.254
[PODxxC2-Vlan-interface10]quit
[PODxxC2]interface vlan-interface 11
[PODxxC2-Vlan-interface11]vrrp vrid 2 virtual-ip 10.x.11.254
[PODxxC2-Vlan-interface12]vrrp vrid 2 priority 110
[PODxxC2-Vlan-interface11]quit
Verify that you can ping the Virtual address created in the last step.
Step2Save the configuration and set as the startup config on all switches
[PODxxC1]quit
<PODxxC1>save l3.cfg
<PODxxC1>startup saved-configuration l3.cfg
- 11 -
Mission5Types of VLANs
Step1Use MAC-Based VLANs:
On your associated Access switch, associate the MAC address of Client 1 (xxxx-xxxx-xxxx) with VLAN 10 and
Client 2 (yyyy-yyyy-yyyy) with VLAN 11.
Step2Use ipconfig /all on your Windows Clients to determine your MAC address.
Step3Enable MAC-based VLANs on GigabitEthernet 1/0/2
[PODxxA1]mac-vlan mac-address xxxx-xxxx-xxxx vlan 10
[PODxxA1]mac-vlan mac-address yyyy-yyyy-yyyy vlan 11
[PODxxA1]interface GigabitEthernet 1/0/2
[PODxxA1-GigabitEthernet1/0/2]port link-type hybrid
[PODxxA1-GigabitEthernet1/0/2]port hybrid vlan 10 11 untagged
[PODxxA1-GigabitEthernet1/0/2]mac-vlan enable
[PODxxA1-GigabitEthernet1/0/2]quit
You should see that the client with the appropriate MAC Addresses are automatically assigned to the assigned
VLAN.
Step4Use IP Subnet-Based VLANs:
On your associated Access switch, associate subnets for VLAN 10 and 11
Enable IP Subnet based VLANs on GigabitEthernet 1/0/3
[PODxxA1]vlan 10
[PODxxA1]ip-subnet-vlan ip 10.x.10.0 255.255.255.0
[PODxxA1]quit
[PODxxA1]vlan 11
[PODxxA1]ip-subnet-vlan ip 10.x.11.0 255.255.255.0
[PODxxA1]quit
[PODxxA1]interface GigabitEthernet 1/0/3
[PODxxA1-GigabitEthernet1/0/3]port link-type hybrid
[PODxxA1-GigabitEthernet1/0/3]port hybrid vlan 10 11 untagged
[PODxxA1-GigabitEthernet1/0/3]port hybrid ip-subnet-vlan vlan 10
[PODxxA1-GigabitEthernet1/0/3]port hybrid ip-subnet-vlan vlan 11
[PODxxA1-GigabitEthernet1/0/3]quit
Configure your clients to be on one or the other VLAN subnets. You should see that the client(s) with the
appropriate IP subnet configured are automatically assigned to the assigned VLAN when plugged into that port.
- 12 -
- 13 -
Lab2: IRF
LAB2: IRF ............................................................................................................................................. - 1 -
1.1 OVERVIEW .................................................................................................................................................................................... - 1 -
1.2 NETWORKING DIAGRAM ............................................................................................................................................................... - 2 -
1.3 IP ADDRESSING SCHEME............................................................................................................................................................... - 4 -
1.4 EQUIPMENT .................................................................................................................................................................................. - 5 -
1.5 LAB PURPOSE ................................................................................................................................................................................ - 6 -
1.6 PROCEDURES ................................................................................................................................................................................ - 6 -
Mission1 Configure IRF on the S5800/S5820x ....................................................................................................................... - 6 -
Mission2 Configure IRF on the S12500/S9500E/S7500E....................................................................................................... - 8 -
Mission3 Verify IRF Operation .............................................................................................................................................. - 13 -
1.1 Overview
In this lab exercise, you will:
-1-
Figure 1-1
-2-
Figure 1-2
-3-
Interface
IP Address
Loopback 0
Vlan 10
Vlan 10
Plugged into VLAN x
Plugged into VLAN x
Plugged into VLAN 10
1.1.1.1/32
10.1.10.254/24
10.1.10.10/24
10.1.x.100/24 Gateway 10.1.x.254
10.1.x.101/24 Gateway 10.1.x.254
10.1.10.200
Loopback 0
Vlan 10
Vlan 10
Plugged into VLAN x
Plugged into VLAN x
Plugged into VLAN 10
2.2.2.1/32
10.2.10.254/24
10.2.10.10/24
10.2.x.100/24 Gateway 10.2.x.254
10.2.x.101/24 Gateway 10.2.x.254
10.2.10.200
Loopback 0
Vlan 10
Vlan 10
Plugged into VLAN x
Plugged into VLAN x
Plugged into VLAN 10
3.3.3.1/32
10.3.10.254/24
10.3.10.10/24
10.3.x.100/24 Gateway 10.3.x.254
10.3.x.101/24 Gateway 10.3.x.254
10.3.10.200
PODA
7500 Pair
7500 Pair
5800 Pair
PC 1
PC 2
IMC Server
PODB
7500 Pair
7500
5800 Pair
PC 1
PC 2
IMC Server
PODC
7500 Pair
7500 Pair
5800 Pair
PC 1
PC 2
IMC Server
-4-
1.4 Equipment
Version
No.
Description
S750xE
5.20 E6605P01
S9500E
5.20 R1230
S12508E
5.20 R1230
3
module
Requirement is ability to
S5800/S5820x
5.20 R11109P01
2
build IRF 2 stack
Client
Note that the cards and versions may not be exactly the same as your lab environment. When that is the case,
please adjust the parameters to fit your lab.
Use the lab hand outs to note down the appropriate port numbers and additional information that you might need to
fulfill the labs.
-5-
1.6 Procedures
Mission1Configure IRF on the S5800/S5820x
Step1Login to the switch through the console port
Step2Ensure that both switches are running the same software version
[PODxyz]display version
Step3Reset the configuration of the switches.
<PODxyz>reset saved-configuration
<PODxyz>reboot
Step4Assign a unit number to each S5800. The unit number is based on the z designation of your switch1 or 2.
For unit 2:
[H3C]irf member 1 renumber 2 (x is current unit number)
Step5Save the configuration and reboot the switches
[H3C]quit
<H3C>save irf.cfg
<H3C>startup saved-configuration irf.cfg
<H3C>reboot
Step6Setting priority on Master S5800.
For unit 1:
[H3C]irf member 1 priority 32
Step7Shutdown the 10 Gbps port that will form the IRF (T1/0/25)
For Unit 1:
[H3C]int TenGigabitEthernet 1/0/25
[H3C-Ten-GigabitEthernet1/0/25]shutdown
[H3C]int TenGigabitEthernet 1/0/26
[H3C-Ten-GigabitEthernet1/0/25]shutdown
For Unit 2:
[H3C]int TenGigabitEthernet 2/0/25
[H3C-Ten-GigabitEthernet2/0/25]shutdown
[H3C]int TenGigabitEthernet 2/0/26
[H3C-Ten-GigabitEthernet2/0/25]shutdown
Step8Assign the 10 Gbps port to an IRF port group
On Unit 1:
[H3C]irf-port 1/1
[H3C-irf-port]port group interface TenGigabitEthernet 1/0/25
-6-
irf
irf configuration
irf topology
devices
Step4Set the 2 Chassis to operate in IRF mode. The chassis will be rebooted automatically.
]chassis convert mode irf
-8-
For Unit 2:
[H3C]int Ten-GigabitEthernet 2/2/0/1
[H3C-Ten-GigabitEthernet2/2/0/1] shutdown
[H3C]int Ten-GigabitEthernet 2/2/0/2
[H3C-Ten-GigabitEthernet1/2/0/1]shutdown
[H3C-Ten-GigabitEthernet1/2/0/1]undo shutdown
[H3C]int Ten-GigabitEthernet 1/2/0/1
[H3C-Ten-GigabitEthernet1/2/0/1]undo shutdown
For Unit 2:
[H3C]int Ten-GigabitEthernet 2/2/0/1
[H3C-Ten-GigabitEthernet2/2/0/1]undo shutdown
[H3C]int Ten-GigabitEthernet 2/2/0/2
[H3C-Ten-GigabitEthernet1/2/0/1]undo shutdown
Step10
[H3C]quit
<H3C>save
Step11Cable the IRF ports of the two switches. You get a message on both chassis.
On chassis 1 (Master) a message mentions the IRF Merge but does not require a reboot
On the Chassis 2 (Slave) it should now request to reboot.
Step12Reboot the Slave switch
<H3C>reboot
Step13The IRF stack should now be formed. Verify IRF operation
[H3C]display irf
[H3C]display irf configuration
[H3C]display irf topology
Also try the followings:
[H3C]display device
[H3C]display version
Step14Rename the IRF Core-PODx, where x is your pod letter (A, B, C)
[H3C]sysname Core-PODx
Step15On the master, create Loopback 0 and assign IP address
[H3C]interface loopback 0
[Core-PODx-Vlan-interface1]ip address xx.xx.xx.1 32
(x = POD: PodA will use 1, PodB will use 2, and PodC will use 3)
- 10 -
Step16On the master, create VLAN 10 and assign IP addresses to the VLANs
[Core-PODx]vlan 10
[Core-PODx]quit
[Core-PODx]interface vlan 10
[Core-PODx-Vlan-interface1]ip address 10.xx.10.254 255.255.255.0
(x = POD: 1 for PodA, 2 for PodB, 3 for PodC)
Step17On the master, create a dynamic aggregation interface
[Core-PODx]interface bridge-aggregation 1
[Core-PODx-int-br-1]link-aggregation mode dynamic
Step18On the master, configure trunk ports and assign ports to the aggregation interfaces for the interfaces
connected between the 5800s and the 7500s.
[Core-PODx]interface gigabitethernet 1/3/0/11
[Core-PODx-int]port link-aggregation group 1
[Core-PODx]interface gigabitethernet 1/3/0/12
[Core-PODx-int]port link-aggregation group 1
[Core-PODx]interface gigabitethernet 2/3/0/11
[Core-PODx-int]port link-aggregation group 1
[Core-PODx]interface gigabitethernet 2/3/0/12
[Core-PODx-int]port link-aggregation group 1
Step19On the master, set the brige aggregation as a VLAN trunk and enable MAD LACP.
[Core-PODx]interface bridge-aggregation 1
[Core-PODx-int-br-1]port link-type trunk
[Core-PODx-int-br-1]port trunk permit vlan all
[Core-PODx-int-br-1]mad enable
Step20On the master, set BFD MAD. First define a dedicated VLAN and assign 2 Gigabit interfaces to it
[H3C] vlan 3
[H3C-vlan3] port gigabitethernet 1/3/0/24
[H3C-vlan3] port gigabitethernet 2/3/0/24
[H3C-vlan3] quit
Step21Create VLAN-interface 3 and configure the MAD IP address for the interface.
[H3C] interface vlan-interface 3
[H3C-Vlan-interface3] mad bfd enable
[H3C-Vlan-interface3] mad ip add 10.x.3.1 24 member 1
[H3C-Vlan-interface3] mad ip add 10.x.3.2 24 member 2
[H3C-Vlan-interface3] quit
- 11 -
Step22C onfigure the access ports VLAN membership on both Core switches (you can connect your PC to this
port).
[Core-PODx]interface gigabitethernet 1/0/1
[Core-PODx]port access vlan 10
[Core-PODx]interface gigabitethernet 2/0/1
[Core-PODx]port access vlan 10
- 12 -
- 13 -
Lab3: RRPP
LAB3: RRPP ......................................................................................................................................... - 1 -
1.1 OVERVIEW .................................................................................................................................................................................... - 1 -
1.2 NETWORKING DIAGRAM ............................................................................................................................................................... - 2 -
1.3 IP ADDRESSING SCHEME............................................................................................................................................................... - 2 -
1.4 EQUIPMENT .................................................................................................................................................................................. - 4 -
1.5 LAB PURPOSE ................................................................................................................................................................................ - 5 -
1.6 PROCEDURES ................................................................................................................................................................................ - 5 -
Mission1 Configure RRPP between all IRF chassis. ............................................................................................................... - 5 -
1.1 Overview
In this lab exercise, you will:
Configure RRPP
-1-
PODX_C2
Master
Transit
Ten 2/0/1
P
S
.1
Ten 2/0/2
VLANS_IP Subnets
VLAN 10 10.x.10.0/24
Ten 1/0/25 P
.2
P Ten 2/0/2
RRPP
Domain 1
Ring 1
S
S
Ten 1/0/25
.4
.3
PODX_A1
Ten 1/0/26
Transit
PODX_A2
Transit
Figure 1-1
-2-
Device
Interface
IP Address
Chassis 1
Vlan 10
10.X.10.1/24
Chassis 2
Vlan 10
10.X.10.2/24
Access 1
Vlan 10
10.X.10.3/24
Access 2
Vlan 10
10.X.10.4/24
PC 1
10.X.10.101/24
PC 2
10.X.10.102/24
POD#X
-3-
1.4 Equipment
Version
No.
Description
S750xE
5.20 E6605P03
S5800/S5820x
5.20 R11109P01
Requirement is ability to
build IRF 2 stack
Client
Note that the cards and versions may not be exactly the same as your lab environment. When that is the case,
please adjust the parameters to fit your lab.
Use the lab hand outs to note down the appropriate port numbers and additional information that you might need to
fulfill the labs.
-4-
1.6 Procedures
Mission1Configure RRPP between chassis.
Step1Disconnect cables from previous lab
Step2login to the Chassis switch through the serial port or by Telnet
Step3Remove IRF and all configuration on the Chassis
<H3C>undo chassis convert mode
<H3C>reset saved-config
<H3C>reboot
Step7Disable STP on ALL the ports that will form the RRPP ring on ALL Switches
[PODxx]interface ten-gigabit-ethernet 2/0/X
[PODxx-Ten-GigabitEthernet1/3/0/3]link-delay 0 or 2
-5-
Step10Connect the cables to the ports that will form the RRPP ring
Verify RRPP status on all switches
[PODxx]display rrpp brief
[PODxx]display rrpp verbose domain 1 ring 1
Verify connectivity through PING or fping utility on your PC (Copy fping.exe into C:/Windows folder)
C:\> fping 10.X.10.Y c t 50 w 50
Use the PCs that are connected throughout the Ring using the IP address space information at the beginning of this
document.
If connectivity is successful, remove one of the ring connections and verify whether there is loss of information.
Verify RRPP status on all switches after you disconnect a link
[PODxx]display rrpp brief
[PODxx]display rrpp verbose domain 1 ring 1
-7-
Lab 4: MCE
LAB 4: MCE ............................................................................................................................................. - 1 -
1.1 OVERVIEW ........................................................................................................................................ - 1 -
1.2 NETWORKING DIAGRAM ................................................................................................................... - 2 -
1.3 EQUIPMENT ....................................................................................................................................... - 4 -
1.4 LAB PURPOSE .................................................................................................................................... - 5 -
1.5 PROCEDURES..................................................................................................................................... - 5 -
Mission1 Configure IRF 2 on the S5500-EI (already focused in lab 1) ........................................ - 5 -
Mission2 Configure VPN instances 1 and 2 on MCE for customers............................................. - 6 -
1.1 Overview
In this lab exercise, you will:
-1-
Figure 1-1
-2-
IP Address Design
Device
Interface
IP Address
S7500E
Vlan interface 10
192.168.10.1/24
Vlan interface 20
192.168.20.1/24
S5500EI IRF
Vlan interface 10
192.168.10.10/24
PC1
VLAN 10
192.168.10.100/24
PC2
VLAN 10
192.168.10.101/24
S7500E
Vlan interface 10
192.168.10.2/24
Vlan interface 20
192.168.20.2/24
S5500EI IRF
Vlan interface 20
192.168.20.10/24
PC3
VLAN 20
192.168.20.100/24
PC4
VLAN 20
192.168.20.101/24
-3-
1.3 Equipment
Version
S750xE
S7500E Fabric
5.20.E6603P01
No.
Description
Switch Fabric
LSQ1GP24TXSD0, 16 x
x, 8 x Combo, 2 x 10 G
SD module
provides access
connectivity
Or any other Comware 5
based switch.
S5500-28C-EI
CMW520-R2202 or later
4
Requirement is ability to
build IRF 2 stack
H3C S5500-SI
Loc.Conn.CX4 Cable
on S5500-EI
Connection Module
PC
on S5500-EI
Windows XP SP2
PC
-4-
1.5 Procedures
Mission1Configure IRF 2 on the S5500-EI (already done in lab 1)
Step1Configure 2 x IRF for the access connectivity
Step2Create VLANs and assign IP addresses to the VLANs
Stack 1:
[Access-PODxx]vlan 10
[Access-PODxx]interface vlan 10
[Access-PODxx -Vlan-interface10]ip address 192.168.10.10 24
Stack 2:
[Access-PODxx]vlan 20
[Access-PODxx]interface vlan 20
[Access-PODxx -Vlan-interface10]ip address 192.168.20.10 24
Stack 2:
[Access-PODxx]vlan 20
[Access-PODxx]interface gigabitethernet 1/0/10
[Access-PODxx]interface gigabitethernet 2/0/1 (port number is example)
MCE 2
[PODxx]interface Bridge-Aggregation 1
[PODxx]port link-type trunk
[PODxx]port trunk permit vlan 20
Step3Assign the VLANs to the ports between the MCEs and to the access switches
MCE1 [PODxx]interface gigabit-ethernet 1/0/1 (port number is example)
[PODxx]port link-aggregation group 1
[PODxx]interface gigabit-ethernet 1/0/2 (port number is example)
[PODxx]port link-aggregation group 1
-6-
MCE2
[PODxx]ip vpn-instance 10
[PODxx]route-distinguisher 10:1
[PODxx]ip vpn-instance 20
[PODxx]route-distinguisher 20:1
Step6: Configure VLAN-interfaces 10 and 20 and bind them to VPN 10 and VPN 20
respectively
MCE1 [PODxx]interface vlan 10
[PODxx]ip binding vpn-instance
[PODxx]ip address 192.168.10.1
[PODxx]interface vlan 20
[PODxx]ip binding vpn-instance
[PODxx]ip address 192.168.20.1
10
255.255.255.0
20
255.255.255.0
10
255.255.255.0
20
255.255.255.0
-7-
10
export-extcommunity
20:1 import-extcommunity
20
export-extcommunity
10:1 import-extcommunity
-8-
-9-
1.1 Overview
In this lab exercise, you will:
Understand the basic operation of MPLS, MPLS L3 VPNs, L2VPNs, and VPLS.
Step1Reset the Saved configuration of your Core Switch #1 and Core Switch #2 and reboot:
[PODxx]reset saved-configuration
[PODxx]reboot
Step2Reset the Saved configuration of your Access Switch #1 and Access Switch #2 and reboot:
[PODxx]reset saved-configuration
[PODxx]reboot
-1-
Pod A
G1/0/1
Access1
Pod B
G3/0/1
Core2
Core2
7506E
7506E
Access1
S5800
T2/0/1
T2/0/1
T2/0/1
T2/0/1
G1/0/1
G1/0/1
Core1
T2/0/2
T2/0/3
Core1
7506E
7506E
S5800
G1/0/1
G3/0/2
G3/0/2
S5800
Access2
G3/0/1
T2/0/2
T2/0/3
T2/0/3
T2/0/2
Core1
T2/0/1
Core2
T2/0/1
7506E
7506E
G3/0/1
G3/0/2
G1/0/1
G1/0/1
Access1
Access2
S5800
S5800
Pod C
Diagram # 1.
-2-
Access2
S5800
Pod A
P-1
PE-1
CE-1A
CE-1B
Pod B
P-2
PE-2
CE-2A
CE-2B
Pod C
P-3
PE-3
CE-3A
CE-3B
-3-
Step5Create six VLANs and assign interfaces to VLANs as shown in diagram #2. All of these ports should be
configured as access ports.
Pod A
VLAN 11
VLAN 101
VLAN 102
VLAN 161
VLAN 162
VLAN 163
G1/0/1
CE
Access-1
G3/0/1
VLAN 101
G3/0/2
Pod A
VLAN 102
G1/0/1
Pod B
VLAN 22
VLAN 201
VLAN 202
VLAN 161
VLAN 162
VLAN 163
G3/0/1
PE
PE
Core-2
Core-2
T2/0/1
CE
T2/0/1
VLAN 22
VLAN 11
T2/0/1
T2/0/1
VLAN 161
P
Core-1
T2/0/3
Pod B
CE
VLAN 162
Access-2
P
Core-1
VLAN 33
T2/0/1
PE
Core-2
Pod C
G3/0/2
G1/0/1
T2/0/2
T2/0/3
T2/0/1
CE
Access-1
Core-1
T2/0/3
VLAN 163
G1/0/1
VLAN 201
VLAN 202
T2/0/2
T2/0/2
Access-2
Pod C
VLAN 33
VLAN 301
VLAN 302
VLAN 161
VLAN 162
VLAN 163
G3/0/1
G3/0/2
VLAN 301
VLAN 302
G1/0/1
G1/0/1
CE
CE
Access-1
Access-2
Diagram # 2.
-4-
Loopback 0
Loopback 0
16.0.0.1
16.0.0.2
16.0.0.0 /8
CE-1A
PE1
16.1.1.2
PE2
OSPF
Area 0
/30
16.2.2.2
int VLAN 11
16.1.1.1
int VLAN 22
P1
int VLAN 102
Loopback 0
16.0.0.11
16.2.2.1
/30
16.0.3.2 /30
CE-2A
/30
int VLAN 11
Pod A
Pod B
int VLAN 22
P2
/30
16.0.2.1 /30
CE-1B
CE-2B
Loopback 0
16.0.0.22
16.0.2.2 /30
16.0.3.1 /30
P3
16.3.3.1
Loopback 0
/30
int VLAN 33
16.3.3.2
16.0.0.33
/30
int VLAN 33
PE3
Loopback 0
16.0.0.3
Pod C
int VLAN 301
CE-3B
CE-3A
Diagram # 3.
Step6On your Provider router (Core Switch #1) create three vlan interfaces and assign IP addresses to these
vlan interfaces as shown in diagram #3.
Step7On your Provider-Edge router (Core Switch #2) create three vlan interfaces and assign IP addresses to
these vlan interfaces as shown in diagram #3.
Step8On your Customer-Edge routers (Access Switch #1 and Access Switch #2) create one vlan interface on
each of these routers as shown in diagram # 3. IP addresses will be assigned to these interfaces later.
-5-
Mission5MPLS Configuration
Configure MPLS on your Provider network.
Step1Configure MPLS on your Provider router and your Provider Edge router. Use the Label Distribution
Protocol, LDP, to share and learn MPLS labels from your directly connected neighbors. Choose your Loopback
0 interface as your LDP router-ID.
Step2Confirm that an LDP peer is established between your Provider router and your Provider-Edge router
Step3Confirm that an LDP peer is established between your Provider router and the other two Provider routers.
Step4Review your Label Information Base to ensure your Provider-Edge router has learned labels from your
Provider router.
Step5Ping from your Provider-Edge router to the Loopback 0 interface of another Provider-Edge router. This
ping should be successful. What label does your PE router push onto this ping? __________.
Step6When this ping is processed by your P router, your P router will replace this label with which label?
____________
Step7When this ping is processed by the next P router, what action will be taken by the next P router?
____________
Step8Ping from your Provider-Edge router to the Loopback 0 interface of the remaining (third) PE router. This
ping should be successful. Indentify the set of MPLS labels that are used for this Label Switching Path:
____________.
Loopback 0
Loopback 0
16.0.0.1
16.0.0.2
AS 100
PE1
PE2
LDP
LDP
LDP
P1
OSPF
Area 0
P2
LDP
LDP
P3
MPLS
LDP
Loopback 0
16.0.0.3
PE3
-6-
Mission6Customer Connectivity
Pod A Customer Connectivity:
Step1Your Access-Switches will serve as Customer Edge routers.
Step2Assign IP addresses to the vlan interface that connects your PE router to your CE router CE-2A.
Step3Assign IP addresses to the vlan interface that connects your PE router to your CE router CE-2B.
CE-1A
201.1.1.2 /30
201.1.1.1 /30
CE-1B
202.1.1.2 /30
202.1.1.1 /30
Step4 Ensure that you can ping from your PE router to the CE-1A and CE-1B and vice versa.
201.1.1.0 /24
201.1.1.33 /27
0.0.0.0
CE-1A
201.1.1.2 /30
PE1
201.1.1.1 /30
201.1.1.65 /27
P1
202.1.1.2 /30
0.0.0.0
202.1.1.1 /30
202.1.1.33 /27
CE-1B
202.1.1.65 /27
202.1.1.0 /24
Diagram # 4 Pod A
Step5Create two Loopback interfaces on each Customer Edge router to serve as internal Customer networks.
If you prefer, use physical interfaces. Assign IP addresses to the two internal Customer networks as follows:
CE-1A
201.1.1.33 /27
201.1.1.65 /27
-7-
CE-1B
202.1.1.33 /27
202.1.1.65 /27
Step6Can you ping these two new Loopback interfaces from your PE router? _______ Why not?
__________
Step7On your PE router, create a static route to the entire /24 IP address block of Customer A and a static route
to the /24 IP address block of Customer B.
Step8Ping from your PE router to both Loopback interfaces of both CE routers. These pings should be
successful.
Step9.Confirm that your CE routers can ping the directly connected interface of the PE router. Can your CE
routers ping the Loopback 0 interface of the PE router? __________ Why not? __________
Step10Configure a default route on both CE routers. Confirm that your CE routers can ping the Loopback 0
interface of the PE router. Confirm that your CE-A router can ping both Loopback interfaces of CE-B router (and
vice versa). These pings should be successful.
CE-2A
201.2.2.2 /30
201.2.2.1 /30
CE-2B
202.2.2.2 /30
202.2.2.1 /30
Step14 Ensure that you can ping from your PE router to the CE-A and CE-B and vice versa.
201.2.2.0 /24
201.2.2.33 /27
0.0.0.0
CE-2A
201.2.2.2 /30
PE2
201.2.2.1 /30
201.2.2.65 /27
P2
202.2.2.2 /30
0.0.0.0
202.2.2.1 /30
202.2.2.33 /27
CE-2B
202.2.2.65 /27
202.2.2.0 /24
Diagram # 4 Pod B
Step15Create two Loopback interfaces on each Customer Edge router to serve as internal Customer networks.
If you prefer, use physical interfaces. Assign IP addresses to the two internal Customer networks as follows:
CE-2A
CE-2B
-8-
201.2.2.33 /27
201.2.2.65 /27
202.2.2.33 /27
202.2.2.65 /27
Step16Can you ping these two new Loopback interfaces from your PE router? _______ Why not?
__________
Step17On your PE router, create a static route to the entire /24 IP address block of Customer A and a static
route to the /24 IP address block of Customer B.
Step18Ping from your PE router to both Loopback interfaces of both CE routers. These pings should be
successful.
Step19.Confirm that your CE routers can ping the directly connected interface of the PE router. Can your CE
routers ping the Loopback 0 interface of the PE router? __________ Why not? __________
Step20Configure a default route on both CE routers. Confirm that your CE routers can ping the Loopback 0
interface of the PE router. Confirm that your CE-A router can ping both Loopback interfaces of CE-B router (and
vice versa). These pings should be successful.
CE-3A
201.3.3.2 /30
201.3.3.1 /30
CE-3B
202.3.3.2 /30
202.3.3.1 /30
Step4 Ensure that you can ping from your PE router to the CE-A and CE-B and vice versa.
201.3.3.0 /24
201.3.3.33 /27
0.0.0.0
CE-3A
201.3.3.2 /30
PE3
201.3.3.1 /30
201.3.3.65 /27
P3
202.3.3.2 /30
0.0.0.0
202.3.3.1 /30
202.3.3.33 /27
CE-3B
202.3.3.65 /27
202.3.3.0 /24
Diagram # 4 Pod C
-9-
Step5Create two Loopback interfaces on each Customer Edge router to serve as internal Customer networks.
If you prefer, use physical interfaces. Assign IP addresses to the two internal Customer networks as follows:
CE-3A
201.3.3.33 /27
201.3.3.65 /27
CE-3B
202.3.3.33 /27
202.3.3.65 /27
Step6Can you ping these two new Loopback interfaces from your PE router? _______ Why not?
__________
Step7On your PE router, create a static route to the entire /24 IP address block of Customer A and a static
router to the /24 IP address block of Customer B.
Step8Ping from your PE router to both Loopback interfaces of both CE routers. These pings should be
successful.
Step9.Confirm that your CE routers can ping the directly connected interface of the PE router. Can your CE
routers ping the Loopback 0 interface of the PE router? __________ Why not? __________
Step10Configure a default route on both CE routers. Confirm that your CE routers can ping the Loopback 0
interface of the PE router. Confirm that your CE-A router can ping both Loopback interfaces of CE-B router (and
vice versa). These pings should be successful.
- 10 -
- 11 -
201.2.2.0 /24
201.1.1.0 /24
iBGP
CE-2A
CE-1A
PE1
AS 100
P1
P2
OSPF
Area 0
CE-1B
202.1.1.0 /24
PE2
iBGP
CE-2B
iBGP
P3
202.2.2.0 /24
PE3
202.3.3.0 /24
201.3.3.0 /24
CE-3B
CE-3A
Diagram # 5. BGP Design Method # 1 - iBGP Full-Mesh (also known as iBGP Full-Mess)
201.1.1.0 /24
CE-2A
CE-1A
AS 100
PE1
PE2
iBGP
P1
P2
CE-2B
CE-1B
iBGP
202.1.1.0 /24
Route Reflectors
P3
202.2.2.0 /24
PE3
202.3.3.0 /24
201.3.3.0 /24
CE-3B
CE-3A
Diagram # 6.
- 12 -
201.2.2.0 /24
201.1.1.0 /24
iBGP
CE-2A
CE-1A
PE1
AS 100
P1
PE2
P2
OSPF
Area 0
CE-1B
CE-2B
MPLS
202.1.1.0 /24
iBGP
iBGP
P3
202.2.2.0 /24
PE3
202.3.3.0 /24
201.3.3.0 /24
CE-3B
CE-3A
Diagram # 7.
BGP Design Method # 3 - iBGP Full-Mesh of iBGP on the PE routers only using MPLS.
- 13 -
Mission11Create MPLS Layer-3 VPNs Create VPN Instances and assign interfaces:
A logical full-mesh of site-to-site connectivity has now been configured for all locations of Customer-A and Customer-B.
However, there is no separation between the Customer-A traffic and the Customer-B traffic. To prove this, ping from your
CE-A router to at least one CE-B router. This ping shows that traffic can flow from Customer-A to Customer-B. This
traffic flow from one Customer to another is not desired. Each Customer requires private connectivity between their three
sites only. To achieve this objective, you will configure two MPLS Layer 3 VPNs. More specifically, you will create the
Red VPN for Customer A and the Green VPN for Customer B.
- 14 -
Route Target
201.1.1.0 /24
201.2.2.0 /24
201.3.3.0 /24
201.3.3.0 /24
CE-3A
Red
PE
201.1.1.0 /24
201.2.2.0 /24
202.1.1.0 /24
202.2.2.0 /24
201.3.3.0 /24
202.3.3.0 /24
LDP
P
Green
202.1.1.0 /24
202.2.2.0 /24
202.3.3.0 /24
CE-3B
202.3.3.0 /24
MP-iBGP
VPN Instance
Green
Step1Before beginning this Mission, remove the static route to your Customer site prefix. This will will remove
theCustomer networks from the global instance of BGP and disconnect the customer sites. Connectivity will be
restored using MPLS Layer-3 VPNs.
=== Customer A ===
Step2Create a VPN instance for each Customer:
Customer
Customer A
Customer B
Route Target
Red
Route Distinguisher
100:201
100:201
100:202
100:202
Green
.
Step3Display the VPN instance to confirm both the Route Target and the Router Distinguisher are properly set.
Step4Display the routing table for the Red VPN instance. This routing table should exist, but no routes will be
found in the table.
Step5Assign the vlan interface that connects to Customer-A to the Red VPN instance.
Step6Confirm that IP address 201.x.0.2 /30 is assigned to this interface. Some vendors remove the IP
address from an interface when the interface is assigned to a VPN instance.
Step7Again, review the Red VPN routing table. You should find one directly connected route in the Red
routing table.
Step8Connectivity between your Red Customer and your PE router has now been established. Test this
connectivity by pinging the PE router from your Red CE router. This ping should be successful.
Step9Test connectivity in the other direction by pinging from your PE router to the directly connected interface
of the Customer CE router. This ping should work. Be careful, you must ping from the Red VPN instance!
- 15 -
Customer A
Customer B
Route Target
Red
Route Distinguisher
100:201
100:201
100:202
100:202
Green
Step11Display the VPN instance to confirm both the Route Target and the Router Distinguisher are properly
set.
Step12. Display the routing table for the Green VPN instance. This routing table should exist, but no routes
will be found in the table.
Step13Assign the vlan interface that connects to Customer-B to the Green VPN instance.
Step14Confirm that IP address 202.x.0.2 /30 is assigned to this interface. Some vendors remove the IP
address from an interface when the interface is assigned to a VPN instance.
Step15Again, review the Green VPN routing table. You should find one directly connected route in the Green
routing table.
Step16Connectivity between your Green Customer and your PE router has now been established. Test this
connectivity by pinging the PE router from your Green CE router. This ping should be successful.
Step17Test connectivity in the other direction by pinging from your PE router to the directly connected interface
of the Customer CE router. This ping should work. Be careful, you must ping from the Green VPN instance!
- 16 -
Loopback 0
Loopback 0
16.0.0.1
16.0.0.2
201.2.2.0 /24
MP-iBGP
CE-2A
CE-1A
PE1
AS 100
P1
PE2
P2
OSPF
Area 0
CE-1B
CE-2B
MPLS
202.1.1.0 /24
MP-iBGP
P3
MP-iBGP
Loopback 0
16.0.0.3
PE3
202.3.3.0 /24
201.3.3.0 /24
CE-3B
CE-3A
- 17 -
202.2.2.0 /24
201.2.2.0 /24
CE-1A
CE-2A
CE-3A
- 18 -
201.3.3.0 /24
Step7Review your configuration of BGP. Notice that two BGP address families have been automatically
created.
Step8Create an address family within the BGP process for vpnv4 prefixes. Enable the sharing of vpnv4 prefixes
with both your iBGP peers, (the other PE routers).
Step9Share your Green VPN static route with the other PE routers as a vpnv4 route. To do this, import your
static route into the Green address family of BGP.
Step10Telnet to another PE router, and display its Green VPN routing table. Ensure your customer prefix is in
the routing table.
Step11Test Customer site-to-site connectivity by pinging from your CE-B router to an internal interface of both
the other CE-B routers.
Step12When your lab partner has completed this Mission, test the separation of the Red and Green Customer
networks by attempting to ping from your Green Customer site into any Red customer site. This ping should not
work since no route to the other customer network exists in the PE Green VPN instance.
CE-2B
CE-1B
202.2.2.0 /24
202.1.1.0 /24
202.3.3.0 /24
CE-3B
CE-2B
201.1.1.0 /24
202.2.2.0 /24
201.2.2.0 /24
CE-1A
CE-2A
CE-1B
CE-3B
202.1.1.0 /24
202.3.3.0 /24
CE-3A
- 19 -
201.3.3.0 /24
- 20 -
Mission14Configuration Examples:
sysname PE-1
telnet server enable
#
#
user-interface vty 0 4
authentication-mode none
user privilege level 3
#
ip ttl-expires enable
ip unreachables enable
#
lldp enable
#
#### VLAN ####
vlan 11
decription to-P1
#
vlan 101
decription to-CE1A
#
vlan 102
decription to-CE1B
interface LoopBack0
ip address 16.0.0.1 255.255.255.255
#
interface Vlan-interface11
Decription to P1
- 21 -
ip vpn-instance green
route-distinguisher 100:202
vpn-target 100:202 export-extcommunity
vpn-target 100:202 import-extcommunity
#
ip vpn-instance red
route-distinguisher 100:201
vpn-target 100:201 export-extcommunity
vpn-target 100:201 import-extcommunity
#
P1 CONFIG
#
sysname P1
#
telnet server enable
#
ip ttl-expires enable
ip unreachables enable
#
lldp enable
#
mpls lsr-id 16.0.0.11
#
vlan 11 to 13
#
mpls
lsp-trigger all
#
mpls ldp
#
interface LoopBack0
- 23 -
- 24 -
Mission15Configure VPLS
No IP Address
No IP Address
int VLAN 1
int VLAN 1
Access1
S5800
AS 100
PE1
P1
S5800
P2
int VLAN 1
Access1
PE2
int VLAN 1
MPLS
Access2
P3
Access2
S5800
S5800
PE3
int VLAN 301
No IP Address
int VLAN 302
int VLAN 1
int VLAN 1
Access2
Access1
S5800
S5800
No IP Address
No IP Address
int VLAN 1
int VLAN 1
int VLAN 101
CE-4A
PE1
PE2
MPLS
P1
CE-6A
P2
int VLAN 1
int VLAN 1
CE-5B
P3
CE-6B
PE3
int VLAN 301
No IP Address
int VLAN 302
int VLAN 1
int VLAN 1
CE-4B
CE-5A
- 25 -
Remote
LDP
172.16.44.1 /24
int VLAN 1
172.16.66.2 /24
int VLAN 1
CE-4A
VC-ID 66
PE1
PE2
MPLS
int VLAN 1
VC-ID 44
172.16.66.1 /24
CE-6B
CE-6A
int VLAN 1
VC-ID 55
Remote
LDP
Remote
LDP
172.16.55.2 /24
CE-5B
PE3
int VLAN 301
172.16.55.3 /24
172.16.44.3 /24
int VLAN 1
int VLAN 1
CE-4B
CE-5A
int VLAN 1
int VLAN 1
172.16.66.1 /24
172.16.66.2 /24
CE-6A
CE-6B
int VLAN 1
int VLAN 1
CE-5A
172.16.55.2 /24
172.16.55.3 /24
CE-5B
int VLAN 1
int VLAN 1
CE-4A
172.16.44.3 /24
172.16.44.1 /24
CE-4B
- 26 -
(Pod
(Pod
(Pod
(Pod
1
2
3
4
Loopback
Loopback
Loopback
Loopback
IP)
IP)
IP)
IP)
Verify whether the VPLS connections are active. The examples below apply to POD 1, POD 2 and POD 3.
Loopback IP addresses (Peer Addresses) might be different.
On Chassis Switch #1:
[PODxx]display vpls connection
- 27 -
Total 4 connection(s),
connection(s): 4 up, 0 block, 0 down, 4 ldp, 0 bgp
VSI Name: VPLS_200
Signaling: ldp
VsiID
VsiType
PeerAddr
200
vlan
2.2.2.2
1025
1025
up
200
vlan
3.3.3.3
1024
1024
up
200
vlan
4.4.4.4
1026
1026
up
Signaling: ldp
VsiID
VsiType
PeerAddr
201
vlan
2.2.2.2
1027
1027
up
201
vlan
3.3.3.3
1026
1028
up
201
vlan
4.4.4.4
1029
1029
up
End to end layer 2 connectivity between PCs on VLAN 200 and PCs on VLAN 201 should be possible but not
between VLANs
This concludes the VPLS Lab
- 28 -
LAB 6: VPLS
LAB 6: VPLS ............................................................................................................................................ - 1 -
1.1 OVERVIEW ........................................................................................................................................ - 1 -
1.2 NETWORKING DIAGRAM ................................................................................................................... - 2 -
1.3 EQUIPMENT ....................................................................................................................................... - 4 -
1.4 LAB PURPOSE .................................................................................................................................... - 4 -
1.5 PROCEDURES..................................................................................................................................... - 5 -
Mission1 Configure basic IP configuration on the Customer Equipment devices ........................ - 5 -
Mission2 Configure OSPF on the S7500E .................................................................................... - 7 -
Mission3 Configure VPLS and VPLS bindings ........................................................................... - 11 -
Mission4 Configure BFD on the PE links ................................................................................... - 18 -
Mission5 Configure QoS ............................................................................................................. - 19 -
1.1 Overview
In this lab exercise, you will:
Configure VPLS on a S7500E and S5500-EI/S58x0.
Configure QinQ to distinguish edge connectivity.
Understand the basic operation of MPLS, VPLS, OSPF and BGP.
-1-
Figure 1-1
IP Address Design
-2-
Device
Interface
IP Address
S7500E (PE 1)
172.1.1.x/24
172.1.3.x/24
10.1.1.2/24
10.2.1.2/24
172.1.1.x/24
172.1.2.x/24
172.1.2.x/24
172.1.3.x/24
10.3.1.2/24
10.4.1.2/24
S5500-EI (CE 1)
Vlan interface 1
10.1.1.x/24
S5500-EI (CE 2)
Vlan interface 1
10.1.1.x/24
S5500-EI (CE 3)
Vlan interface 1
10.1.1.x/24
PC1
CE 1 VLAN 2000
192.168.0.100/24
PC2
CE 2 VLAN 2000
192.168.0.101/24
PC3
CE 3 VLAN 2000
192.168.0.102/24
S7500E (PE 2)
S7500E (PE 3)
-3-
1.3 Equipment
Version
S750xE
S7500E Fabric
5.20.E6603P01
No.
Description
LSQ1TGX2SD0, 2 x 10
G EB module
capable module
LSQ1GP24TXSD0, 16 x
x, 8 x Combo, 2 x 10 G
SD module
provides access
connectivity
Or any other Comware 5
based switch.
S5500-28C-EI
CMW520-R2202 or later
3
Requirement is ability to
build IRF 2 stack
PC
Windows XP SP2
PC
-4-
1.5 Procedures
Mission1Configure basic IP configuration on the Customer Equipment devices
Step1login to the CE switch through the serial port
Step2Ensure that all switches have no active configurations
[Access-PODxx]reset saved-configuration
[Access-PODxx]quit
<Access-PODxx>reboot
<H3C>system
[H3C]sysname Access-PODxx (where xx is the POD number: 01, 02, 03, etc)
Configure CE3:
[Access-PODxx]interface vlan-interface 1
[Access-PODxx-Vlan-interface1]ip address 10.1.1.x 24
[Access-PODxx-Vlan-interface1]quit
Step5Save the configuration on all switches
[Access-PODxx]quit
<Access-PODxx>save vpls.cfg
<Access-PODxx>startup saved-configuration vpls.cfg
-5-
-6-
[PODxx-ospf-1]graceful-restart ietf
[PODxx-ospf-1]quit
-8-
[PODxx]ospf
[PODxx-ospf-1]import-route direct
[PODxx-ospf-1]area 0
[PODxx-ospf-1-area-0.0.0.0]network 172.1.2.0 0.0.0.255
[PODxx-ospf-1-area-0.0.0.0]network 172.1.3.0 0.0.0.255
[PODxx-ospf-1-area-0.0.0.0]network x.x.x.9 0.0.0.0
[PODxx-ospf-1-area-0.0.0.0]quit
[PODxx-ospf-1]opaque-capability enable
[PODxx-ospf-1]graceful-restart ietf
[PODxx-ospf-1]quit
- 10 -
Before continuing with the lab, ensure that you have a fully operational OSPF
environment. Verify the adjacencies and routing tables and verify whether you are
able to ping all the loopback interfaces.
[PODxx]display ospf peer verbose
[PODxx]display ip routing-table
[PODxx-vsi-VPLS_2000-ldp]quit
[PODxx-vsi-VPLS_2000]quit
[PODxx-vsi-VPLS_2000-ldp]quit
[PODxx-vsi-VPLS_2000]quit
- 14 -
Verify whether the VPLS connections are active. The examples below apply to POD 1,
POD 2 and POD 3. Loopback IP addresses (Peer Addresses) might be different.
On PE 1:
[PODxx]display vpls connection
Total 4 connection(s),
connection(s): 4 up, 0 block, 0 down, 4 ldp, 0 bgp
VSI Name: VPLS_2000
Signaling: ldp
VsiID
VsiType
PeerAddr
2000
vlan
2.2.2.9
1025
1025
up
2000
vlan
3.3.3.9
1024
1026
up
On PE 2:
[PODxx]display vpls connection
Total 4 connection(s),
connection(s): 4 up, 0 block, 0 down, 4 ldp, 0 bgp
VSI Name: VPLS_2000
Signaling: ldp
VsiID
VsiType
PeerAddr
2000
vlan
1.1.1.9
1025
1025
up
2000
vlan
3.3.3.9
1024
1026
up
On PE 3:
[PODxx]display vpls connection
Total 4 connection(s),
connection(s): 4 up, 0 block, 0 down, 4 ldp, 0 bgp
VSI Name: VPLS_2000
Signaling: ldp
VsiID
VsiType
PeerAddr
2000
vlan
1.1.1.9
1025
1025
up
2000
vlan
2.2.2.9
1024
1026
up
- 15 -
Because the VPLS terminates using the S-VID 2000, on the edge switches the uplink
port has to be a tagged member of VLAN 2000 and the access ports have to be a
member of this VLAN as well to allow passing of traffic.
In order to have a fully transparent link between the VPLS end points, QinQ has to be
configured and a physical loopback has to be created to allow termination of the outer
VLAN which is the S-VID.
Step7Configuring the physical loopback and the Customer Edge interface on PE1
[PODxx]interface GigabitEthernet 1/0/4
[PODxx-GigabitEthernet1/0/4]description Loopback from VPLS
[PODxx-GigabitEthernet1/0/4]port link-type hybrid
[PODxx-GigabitEthernet1/0/4]port hybrid vlan 2000 tagged
[PODxx-GigabitEthernet1/0/4]undo port hybrid vlan 1
[PODxx-GigabitEthernet1/0/4]quit
[PODxx]interface GigabitEthernet 1/0/3
[PODxx-GigabitEthernet1/0/3]description Connection to CE
[PODxx-GigabitEthernet1/0/3]port link-type hybrid
[PODxx-GigabitEthernet1/0/3]port hybrid vlan 2000 untagged
[PODxx-GigabitEthernet1/0/3]undo port hybrid vlan 1
[PODxx-GigabitEthernet1/0/3]qinq enable (this will remove the S-VID)
[PODxx-GigabitEthernet1/0/3]quit
- 16 -
Step8Configuring the physical loopback and the Customer Edge interface on PE2
[PODxx]interface GigabitEthernet 1/0/4
[PODxx-GigabitEthernet1/0/4]description Loopback from VPLS
[PODxx-GigabitEthernet1/0/4]port link-type hybrid
[PODxx-GigabitEthernet1/0/4]port hybrid vlan 2000 tagged
[PODxx-GigabitEthernet1/0/4]undo port hybrid vlan 1
[PODxx-GigabitEthernet1/0/4]quit
[PODxx]interface GigabitEthernet 1/0/3
[PODxx-GigabitEthernet1/0/3]description Connection to CE
[PODxx-GigabitEthernet1/0/3]port link-type hybrid
[PODxx-GigabitEthernet1/0/3]port hybrid vlan 2000 untagged
[PODxx-GigabitEthernet1/0/3]undo port hybrid vlan 1
[PODxx-GigabitEthernet1/0/3]qinq enable (this will remove the S-VID)
[PODxx-GigabitEthernet1/0/3]quit
Step9Configuring the physical loopback and the Customer Edge interface on PE3
[PODxx]interface GigabitEthernet 1/0/4
[PODxx-GigabitEthernet1/0/4]description Loopback from VPLS
[PODxx-GigabitEthernet1/0/4]port link-type hybrid
[PODxx-GigabitEthernet1/0/4]port hybrid vlan 2000 tagged
[PODxx-GigabitEthernet1/0/4]undo port hybrid vlan 1
[PODxx-GigabitEthernet1/0/4]quit
[PODxx]interface GigabitEthernet 1/0/3
[PODxx-GigabitEthernet1/0/3]description Connection to CE
[PODxx-GigabitEthernet1/0/3]port link-type hybrid
[PODxx-GigabitEthernet1/0/3]port hybrid vlan 2000 untagged
[PODxx-GigabitEthernet1/0/3]undo port hybrid vlan 1
[PODxx-GigabitEthernet1/0/3]qinq enable (this will remove the S-VID)
[PODxx-GigabitEthernet1/0/3]quit
some access ports of the CE switch as access port for the configured VLANs and
verify whether communication across the VPLS is possible.
- 18 -
Mission5Configure QoS
Traffic coming from CE 1, matching priority 6 will be dropped on ingress.
Step1 Configure QoS on switch PE 1, PE 2 and PE 3:
[PODxx]traffic classifier deny
[PODxx-classifier-deny]if-match service-dot1p 1
[PODxx-classifier-deny]quit
[PODxx]traffic behavior deny
[PODxx-behavior-deny]filter deny
[PODxx-behavior-deny]quit
[PODxx]qos policy deny
[PODxx-qospolicy-deny]classifier deny behavior deny
[PODxx-qospolicy-deny]quit
[PODxx]interface GigabitEthernet 1/0/5 (link to CE 1)
[PODxx-GigabitEthernet1/0/5]qos apply policy deny inbound
Configuration for high-priority traffic to provide weighted priority (Traffic from the
higher priorities will be given preference in queues), the weight is 1:2:3:4:5:6:7:8
[PODxx]interface GigabitEthernet 1/0/1
[PODxx-GigabitEthernet1/0/1]qos wrr
[PODxx-GigabitEthernet1/0/1]quit
[PODxx]interface Ten-GigabitEthernet1/0/2
[PODxx-GigabitEthernet1/0/2]qos wrr
[PODxx-GigabitEthernet1/0/1]quit
[PODxx]display qos wrr interface GigabitEthernet 1/0/1
Interface: GigabitEthernet1/0/1
Output queue: Weighted round robin queue
Queue ID
Group
Weight
------------------------------------0
1
1
1
1
2
2
1
3
3
1
4
4
1
5
5
1
6
- 19 -
6
7
1
1
7
8
- 20 -
Configuration for high-priority traffic shaping peak, the highest peak is 512Mbps
Priority 7.
The other levels will be translated / mapped into the MPLS Labels and used for traffic
management and shaping over the core network, dot1p to mapping exp for the
default configuration.
[PODxx]interface GigabitEthernet 1/0/1
[PODxx-GigabitEthernet1/0/1]qos gts queue 7 cir 512000
[PODxx-GigabitEthernet1/0/1]quit
[PODxx]interface GigabitEthernet 1/0/2
[PODxx-GigabitEthernet1/0/2]qos gts queue 7 cir 512000
[PODxx-GigabitEthernet1/0/2]quit
- 21 -