本地跨VPN实例互访配置
组网
配置思路
SW1 G0/0/1口与SW3 G0/0/1口互联,使用vlan10作为互联vlan;G0/0/2口连接PC1,IP地址配置为192.168.10.1/24。
SW2 G0/0/1口与SW3 G0/0/1口互联,使用vlan20作为互联vlan;G0/0/2口连接PC2,IP地址配置为192.168.20.1/24。
SW3 G0/0/1口与SW1 G0/0/1口互联,加入vlan10,并加入VPN实例vpna;G0/0/2口与SW2 G0/0/1口互联,加入vlan20,并加入VPN实例vpnb。使用静态路由使PC1与PC2能够跨VPN实例互通。
配置步骤
SW1配置
配置vlan
<Huawei>system-view
[Huawei]sysname SW1
[SW1]vlan batch 10 30
[SW1]interface GigabitEthernet 0/0/1
[SW1-GigabitEthernet0/0/1]port link-type access
[SW1-GigabitEthernet0/0/1]port default vlan 10
[SW1-GigabitEthernet0/0/1]quit
[SW1]interface GigabitEthernet 0/0/2
[SW1-GigabitEthernet0/0/2]port link-type access
[SW1-GigabitEthernet0/0/2]port default vlan 30
[SW1-GigabitEthernet0/0/1]quit配置接口IP地址
[SW1]interface Vlanif 10
[SW1-Vlanif10]ip address 10.1.1.2 30
[SW1-Vlanif10]quit
[SW1]interface Vlanif 30
[SW1-Vlanif30]ip address 192.168.10.254 24配置静态路由
[SW1]ip route-static 20.1.1.0 255.255.255.252 10.1.1.1
[SW1]ip route-static 192.168.20.0 255.255.255.0 20.1.1.1SW2配置
配置vlan和接口IP地址
<Huawei>system-view
[Huawei]sysname SW2
[SW2]vlan batch 20 30
[SW2]interface GigabitEthernet 0/0/1
[SW2-GigabitEthernet0/0/1]port link-type access
[SW2-GigabitEthernet0/0/1]port default vlan 20
[SW1-GigabitEthernet0/0/1]quit
[SW2]interface GigabitEthernet 0/0/2
[SW2-GigabitEthernet0/0/2]port link-type access
[SW2-GigabitEthernet0/0/2]port default vlan 30
[SW2-GigabitEthernet0/0/1]quit配置接口IP地址
[SW2]interface Vlanif 20
[SW2-Vlanif20]ip address 20.1.1.2 30
[SW2-Vlanif20]quit
[SW2]interface Vlanif 30
[SW2-Vlanif30]ip address 192.168.20.254 24配置静态路由
[SW1]ip route-static 10.1.1.0 255.255.255.252 20.1.1.1
[SW1]ip route-static 192.168.10.0 255.255.255.0 10.1.1.1SW3配置
配置vlan
<Huawei>system-view
[Huawei]sysname SW3
[SW3]vlan batch 10 20
[SW3]interface GigabitEthernet 0/0/1
[SW3-GigabitEthernet0/0/1]port link-type access
[SW3-GigabitEthernet0/0/1]port default vlan 10
[SW3-GigabitEthernet0/0/1]quit
[SW3]interface GigabitEthernet 0/0/2
[SW3-GigabitEthernet0/0/2]port link-type access
[SW3-GigabitEthernet0/0/2]port default vlan 20
[SW3-GigabitEthernet0/0/2]quit配置VPN实例
[SW3]ip vpn-instance vpna
[SW3-vpn-instance-vpna]ipv4-family
[SW3-vpn-instance-vpna-af-ipv4]route-distinguisher 100:1
[SW3-vpn-instance-vpna-af-ipv4]vpn-target 111:1 both
[SW3-vpn-instance-vpna-af-ipv4]quit
[SW3-vpn-instance-vpna]quit
[SW3]ip vpn-instance vpnb
[SW3-vpn-instance-vpnb]ipv4-family
[SW3-vpn-instance-vpnb-af-ipv4]route-distinguisher 200:1
[SW3-vpn-instance-vpnb-af-ipv4]vpn-target 111:1 both
[SW3-vpn-instance-vpnb-af-ipv4]quit
[SW3-vpn-instance-vpnb]quit接口绑定VPN实例并配置IP地址
[SW3]interface Vlanif 10
[SW3-Vlanif10]ip binding vpn-instance vpna
[SW3-Vlanif10]ip address 10.1.1.1 30
[SW3-Vlanif10]quit
[SW3]interface Vlanif 20
[SW3-Vlanif20]ip binding vpn-instance vpnb
[SW3-Vlanif20]ip address 20.1.1.1 30
[SW3-Vlanif20]quit 配置静态路由
[SW3]ip route-static vpn-instance vpna 20.1.1.0 255.255.255.252 vpn-instance vpnb 20.1.1.2
[SW3]ip route-static vpn-instance vpna 192.168.20.0 255.255.255.0 vpn-instance vpnb 20.1.1.2
[SW3]ip route-static vpn-instance vpnb 10.1.1.0 255.255.255.252 vpn-instance vpna 10.1.1.2
[SW3]ip route-static vpn-instance vpnb 192.168.10.0 255.255.255.0 vpn-instance vpna 10.1.1.2
[SW3]ip route-static vpn-instance vpna 192.168.10.0 255.255.255.0 10.1.1.2
[SW3]ip route-static vpn-instance vpnb 192.168.20.0 255.255.255.0 20.1.1.2PC机配置
PC1
PC2
配置验证
查看SW1路由表
[SW1]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 8 Routes : 8
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.1.1.0/30 Direct 0 0 D 10.1.1.2 Vlanif10
10.1.1.2/32 Direct 0 0 D 127.0.0.1 Vlanif10
20.1.1.0/30 Static 60 0 RD 10.1.1.1 Vlanif10
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
192.168.10.0/24 Direct 0 0 D 192.168.10.254 Vlanif30
192.168.10.254/32 Direct 0 0 D 127.0.0.1 Vlanif30
192.168.20.0/24 Static 60 0 RD 10.1.1.1 Vlanif10查看SW2路由表
[SW2]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 8 Routes : 8
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.1.1.0/30 Static 60 0 RD 20.1.1.1 Vlanif20
20.1.1.0/30 Direct 0 0 D 20.1.1.2 Vlanif20
20.1.1.2/32 Direct 0 0 D 127.0.0.1 Vlanif20
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
192.168.10.0/24 Static 60 0 RD 20.1.1.1 Vlanif20
192.168.20.0/24 Direct 0 0 D 192.168.20.254 Vlanif30
192.168.20.254/32 Direct 0 0 D 127.0.0.1 Vlanif30查看SW3路由表
[SW3]display ip routing-table vpn-instance vpna
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: vpna
Destinations : 5 Routes : 5
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.1.1.0/30 Direct 0 0 D 10.1.1.1 Vlanif10
10.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif10
20.1.1.0/30 Static 60 0 RD 20.1.1.2 Vlanif20
192.168.10.0/24 Static 60 0 RD 10.1.1.2 Vlanif10
192.168.20.0/24 Static 60 0 RD 20.1.1.2 Vlanif20
[SW3]display ip routing-table vpn-instance vpnb
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: vpnb
Destinations : 5 Routes : 5
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.1.1.0/30 Static 60 0 RD 10.1.1.2 Vlanif10
20.1.1.0/30 Direct 0 0 D 20.1.1.1 Vlanif20
20.1.1.1/32 Direct 0 0 D 127.0.0.1 Vlanif20
192.168.10.0/24 Static 60 0 RD 10.1.1.2 Vlanif10
192.168.20.0/24 Static 60 0 RD 20.1.1.2 Vlanif20PC1 ping PC2
PC2 ping PC1
© 版权声明
文章:本地跨VPN实例互访配置
作者:Guangran
链接:https://www.rsecc.cn/997.html
声明:如无特别说明本文即为原创文章仅代表个人观点,版权归《广然笔记》所有,未经授权、请勿转载。
文章:本地跨VPN实例互访配置
作者:Guangran
链接:https://www.rsecc.cn/997.html
声明:如无特别说明本文即为原创文章仅代表个人观点,版权归《广然笔记》所有,未经授权、请勿转载。
THE END
