2024年10月

路由器配置如下:
sysname D-XX-XX-XXX-R1(本站设备命名)

ip vpn-instance vpn-nrt
route-distinguisher 655XX:2
vpn-target 655XX:200 import-extcommunity
vpn-target 655XX:200 export-extcommunity

ip vpn-instance vpn-rt
route-distinguisher 655XX:1
vpn-target 655XX:100 import-extcommunity
vpn-target 655XX:100 export-extcommunity

router id 33.2.X.X(本地环回地址)

ospf 1 router-id 33.2.x.x(本地环回地址)
area 0.0.0.X
network 33.2.x.x 0.0.0.0(本地环回地址)
network 33.3.X.X 0.0.0.0(本地互联地址)

mpls lsr-id 33.2.x.x(本地环回地址)

traffic classifier nrt operator and
if-match any

traffic classifier rt operator and
if-match any

traffic classifier vpn-nrt3 operator and
if-match mpls-exp 3

traffic classifier vpn-rt4 operator and
if-match mpls-exp 4

traffic behavior nrt
remark ip-precedence 3

traffic behavior rt
remark ip-precedence 4

traffic behavior vpn-nrt3
queue af bandwidth pct 30

traffic behavior vpn-rt4
queue af bandwidth pct 60

qos policy e1
classifier vpn-rt4 behavior vpn-rt4
classifier vpn-nrt3 behavior vpn-nrt3

qos policy nrt
classifier nrt behavior nrt

qos policy rt
classifier rt behavior rt

mpls ldp

interface Serial1/0
description XXX1-XXB1-2M
ip address 33.3.X.X 255.255.255.252(本地互联地址)
ospf cost 500
mpls enable
mpls ldp enable
qos apply policy e1 outbound

interface LoopBack0
ip address 33.2.x.x 255.255.255.255(本地环回地址)

interface GigabitEthernet0/0.10
description vpn_rt
ip binding vpn-instance vpn-rt
ip address 33.x.x.126 255.255.255.128(本站业务地址)
qos apply policy rt inbound
vlan-type dot1q vid 10

interface GigabitEthernet7/0.20
description vpn_nrt
ip binding vpn-instance vpn-nrt
ip address 33.x.x.254 255.255.255.128(本站业务地址)
qos apply policy nrt inbound
vlan-type dot1q vid 20

bgp 655XX
router-id 33.2.x.x(本地环回地址)
peer 33.2.x.x as-number 655XX(上联邻居ID)
peer 33.2.x.x connect-interface LoopBack0(上联邻居ID)
#
address-family ipv4 unicast
peer 33.2.x.x enable (上联邻居ID)
#
address-family vpnv4
peer 33.2.x.x enable (上联邻居ID)
#
ip vpn-instance vpn-nrt
#
address-family ipv4 unicast
import-route direct
#
ip vpn-instance vpn-rt
#
address-family ipv4 unicast
import-route direct

snmp-agent
snmp-agent local-engineid 800063A203002389422001
snmp-agent community read XXX
snmp-agent community write XXX-p
snmp-agent sys-info version v2c v3
snmp-agent target-host trap address udp-domain 33.254.XX.1 params securityname XXX-p v2c
snmp-agent target-host trap address udp-domain 33.254.XX.1 params securityname XXX

ntp-service source LoopBack0
ntp-service unicast-server 33.2.x.x (上联邻居ID)

实时交换机

sysname D-XX-XX-XXB-S1

interface Vlan-interface10
ip address 33.XX.0.125 255.255.255.128

interface Ethernet0/3
port access vlan 10

interface Ethernet0/4
port access vlan 10

interface Ethernet0/24
port link-type trunk
port trunk permit vlan all (与路由器互联端口)

ip route-static 0.0.0.0 0.0.0.0 33.XX.0.126 preference 60

非实时交换机

sysname D-XX-XX-XXB-S2

interface Vlan-interface20
ip address 33.XX.0.253 255.255.255.128

interface Ethernet0/3
port access vlan 20

interface Ethernet0/4
port access vlan 20

interface Ethernet0/24
port link-type trunk
port trunk permit vlan all (与路由器互联端口)

ip route-static 0.0.0.0 0.0.0.0 33.XX.0.254 preference 60