PE部分
| 配置 | 备注 |
| te ipv6-router-id 2404::111 | 配置全局TE特性 IPv6 Router ID,全局唯一,建议填loopback0的ipv6地址 |
| te attribute enable | 使能TE特性 |
| # | |
| tunnel-policy TP_SRV6-TE | 配置隧道策略模板,使用srv6-te-policy,最大负载数1 |
| tunnel select-seq ipv6 srv6-te-policy load-balance-number 1 | |
| # | |
| segment-routing ipv6 | 使能IPv6转发平面的Segment Routing功能,并且进入SRv6视图 |
| encapsulation source-address 2404::111 | SRV6封装的源地址为loopback0 |
| srv6-te-policy backup hot-standby enable | 开启SHB功能 |
| locator zz ipv6-prefix 2001::2:1:100:: 80 static 16 | |
| opcode ::3010 end | 配置节点的静态SID |
| opcode ::3021 end-op | 配置用于ping和trace功能end-op类型的静态SID |
| opcode ::10 end-x interface eth-trunk10 nexthop XXXX:XXXX:1112:B000:XXXX::79 | 配置接口的静态SID |
| opcode ::20 end-dt4 vpn-instance BK-VRF evpn | 配置VPNV4静态SID |
| opcode ::65 end-dt6 vpn-instance BK-VRF evpn | 配置VPNV6静态SID |
| srv6-te-policy locator zz | 指定SRv6-TE POLICY关联locator |
| srv6-te-policy traffic-statistics enable | 开启SRV6的流量统计功能 |
| srv6-te-policy path verification enable | 开启头节点保护功能,当ISIS协议告知到S-list转发路径故障,会触发头节点保护切换到SHB路径 |
| srv6-te-policy bgp-ls enable | 使能SRv6 TE Policy上报BGP-LS开关,BGP-LS模块可以通过BGP LS邻居关系将path信息发送给控制器 |
| path-mtu 2000 | 配置SRV6的path MTU,和接口MTU需要保持一致 |
| # | |
| isis 100 | 启动ISIS进程,进程号100 |
| is-level level-2 | 设置路由器级别韦level2 |
| cost-style wide | 接受和发送路由的cost值类型为wide(兼容TE部署,推荐配 置) |
| network-entity 04.4500.1834.5312.0111.00 | network-entity的规划原则:AS+Loopback的原则,格式如下:xx.xxxx.xxxx.xxxx.xxxx.00 如AS号为65500,loopback地址是192.168.1.1: AS号用0做填充:065500 192.168.1.1用0做地址填充:192.168.001.001 network-entity : 06.5500.1921.6800.1001.00 |
| bfd all-interfaces enable | 配置ISIS 进程的IPV4 bfd特性 |
| bfd all-interfaces min-tx-interval 300 min-rx-interval 300 frr-binding | |
| is-name ZZ | 设置ISIS主机名 |
| traffic-eng level-2 | 开启ISIS的IPV4 流量工程能力,IS-IS使能IPv6 TE能力,用于SRv6 Policy场景 |
| set-overload on-startup | IS-IS进程在启动或重启时进入Overload状态,通告其他设备不要把自己作为流量转发节点 |
| # | |
| ipv6 enable topology ipv6 | IPV4/IPv6拓扑进行独立的路由计算 |
| ipv6 advertise link attributes | 使能IS-IS进程在LSP中发布IPv6链路属性相关TLV |
| ipv6 bfd all-interfaces enable | 配置ISIS 进程的IPV6 bfd特性 |
| ipv6 bfd all-interfaces min-tx-interval 300 min-rx-interval 300 | |
| ipv6 traffic-eng level-2 | 开启ISIS的IPV6 流量工程能力 |
| segment-routing ipv6 locator zz | 使能IS-IS 的SRv6能力 |
| # | |
| interface LoopBack0 | |
| ipv6 enable | |
| ip address X.X.X.X 255.255.255.255 | |
| ipv6 address x:y:1112:z::111/128 | |
| isis enable 100 | |
| isis ipv6 enable 100 | |
| # | |
| interface eth-trunk10 | 同机房横穿链路DCPE1-DCPE2 |
| undo shutdown | |
| ipv6 enable | |
| ip address X.X.X.X 255.255.255.252 | |
| ipv6 address x:y:1112:B000:0002::71/127 | |
| ipv6 mtu 2000 spread | 接口MTU 200 |
| y | |
| isis enable 100 | |
| isis ipv6 enable 100 | |
| isis circuit-type p2p | ISIS网络类型P2P |
| isis ipv6 cost 10 | ISISIPV4拓扑接口开销值10 |
| isis cost 10 | ISISIPV6拓扑接口开销值10 |
| isis peer hold-max-cost timer 1000 | 设备重启复位后,通告接口开销值最大,保持1000S |
| te bandwidth max-reservable-bandwidth dynamic 85 | 接口最大预留带宽85% |
| te bandwidth dynamic bc0 100 | 设置接口上BC动态带宽占最大预留带宽的百分比,当接口流量达到最大预留带宽85%触发NCE动态调优 |
| trust upstream default | 信任报文的dscp标记 |
| # | |
| ip vpn-instance LAN-VRF | 创建并进入VPN,VPN实例名称LAN-VRF |
| ipv4-family | 使能V4地址簇 |
| route-distinguisher 100:1 | RD |
| vpn frr | 开启VPN FRR |
| apply-label per-instance | 每个VPN共用一个标签 |
| vpn-target 100:100 export-extcommunity evpn | 发送RT |
| vpn-target 100:100 import-extcommunity evpn | 接受RT |
| tnl-policy TP_SRV6-TE evpn | 调用隧道策略模板 |
| default-color 100 evpn | color值为100,用于迭代SRV6-policy隧道 |
| ipv6-family | 使能V6地址簇 |
| route-distinguisher 100:1 | RD |
| vpn frr | 开启VPN FRR |
| apply-label per-instance | 每个VPN共用一个标签 |
| vpn-target 100:100 export-extcommunity evpn | 发送RT |
| vpn-target 100:100 import-extcommunity evpn | 接受RT |
| tnl-policy TP_SRV6-TE evpn | 调用隧道策略模板 |
| default-color 100 evpn | color值为100,用于迭代SRV6-policy隧道 |
| # | |
| bgp 64600 | 创建并计入BGP AS号64600 |
| router-id x.x.x.x | 设备的router-id |
| group RR internal | 创建一个IBGP对等体组 |
| graceful-restart | 开启NE路由器的平滑重启功能,保证当主控板复位的时候流量转发不中断 |
| graceful-restart peer-reset | |
| peer x:y::121 group RR | RR加入对等体组RR |
| peer RR connect-interface LoopBack0 | 和对等体组建立邻居使用loopback 0 |
| # | |
| undo ipv6-family unicast | 关闭普通的IPV6地址簇 |
| link-state-family unicast | 创建并进入BGP的LS单播地址簇并进入配置试图 |
| peer RR enable | 激活对等体组的BGP-LS邻居 |
| peer x:y:1112:B000::121 group RR | |
| # | |
| l2vpn-family evpn | 创建BGP-evpn地址簇并进入配置试图 |
| policy vpn-target | 对接收到的VPN路由使能VPN-Target过滤功能 |
| route-select delay 300 | 当设备路径故障恢复后回切时,延迟300s |
| peer RR enable | 激活对等体组的BGP-evpn邻居 |
| peer x:y::121 group RR | |
| peer RR advertise-community | 向邻居通告BGP团体属性 |
| peer RR advertise encap-type srv6 | 向邻居发布的EVPN路由所携带的SRV6封装属性 |
| # | |
| ipv6-family sr-policy | 创建ipv6 的BGP-sr-policy地址簇并进入配置试图 |
| peer 2404::121 enable | 激活sr-policy地址簇邻居 |
| undo bestroute nexthop-resolved ip | |
| peer 2404::121 advertise-ext-community | 向邻居通告扩展团体属性 |
| # | |
| ipv4-family vpn-instance LAN-VRF | 创建VPNV4的地址簇并进入配置试图 |
| advertise l2vpn evpn | 使能VPN实例向EVPN实例发布IP路由功能 |
| segment-routing ipv6 locator XX evpn | 使能公网路由携带SID属性 |
| segment-routing ipv6 traffic-engineer best-effort evpn | 使能EVPN L3VPN业务迭代SRv6 TE Policy隧道的功能,指定当SRv6 TE Policy隧道故障时业务可以使用SRv6 BE隧道作为逃生路径。 |
| peer 18.23.6.18 as-number 64623 | EBGP对等体 |
| # | |
| ipv6-family vpn-instance LAN-VRF | 创建VPNV6的地址簇并进入配置试图 |
| advertise l2vpn evpn | 使能VPN实例向EVPN实例发布IP路由功能 |
| segment-routing ipv6 locator XX evpn | 使能公网路由携带SID属性 |
| segment-routing ipv6 traffic-engineer best-effort evpn | 使能EVPN L3VPN业务迭代SRv6 TE Policy隧道的功能,指定当SRv6 TE Policy隧道故障时业务可以使用SRv6 BE隧道作为逃生路径。 |
| peer 2201::2:1:100:::19 as-number 64623 | EBGP对等体 |
P部分:
| 配置 | 备注 |
| te ipv6-router-id 1204::101 | 配置全局TE特性 IPv6 Router ID,全局唯一,建议填loopback0的ipv6地址 |
| te attribute enable | 使能TE特性 |
| # | |
| segment-routing ipv6 | 使能IPv6转发平面的Segment Routing功能,并且进入SRv6视图 |
| locator P ipv6-prefix 1234:3110:1232:1000:0001:0001:: 80 static 16 | 配置SRv6 Locator以及locator名称 |
| opcode ::3000 end | 配置节点的静态SID |
| opcode ::3001 end-op | 配置用于ping和trace功能end-op类型的静态SID |
| opcode ::e10 end-x interface eth-trunk10 nexthop 1234:3110:1232:1000:0001:::29 | 配置接口的静态SID |
| srv6-te-policy locator P | 指定SRv6-TE POLICY关联locator |
| path-mtu 2000 | 配置SRV6的path MTU,和接口MTU需要保持一致 |
| # | |
| isis 100 | 启动ISIS进程,进程号100 |
| is-level level-2 | 设置路由器级别韦level2 |
| cost-style wide | 接受和发送路由的cost值类型为wide |
| network-entity 01.2300.1234.1114.0101.00 | network-entity的规划原则:AS+Loopback的原则,格式如下:xx.xxxx.xxxx.xxxx.xxxx.00 如AS号为65500,loopback地址是192.168.1.1: AS号用0做填充:065500 192.168.1.1用0做地址填充:192.168.001.001 network-entity : 06.5500.1921.6800.1001.00 |
| bfd all-interfaces enable | 配置ISIS 进程的IPV4 bfd特性 |
| bfd all-interfaces min-tx-interval 300 min-rx-interval 300 frr-binding | |
| is-name ZJDCP1 | 设置ISIS主机名 |
| traffic-eng level-2 | 开启ISIS的IPV4 流量工程能力 |
| set-overload on-startup 360 route-delay-distribute 240 send-sa-bit 120 allow external | IS-IS进程在启动或重启时进入Overload状态,通告其他设备不要把自己作为流量转发节点 |
| # | |
| ipv6 enable topology ipv6 | IPV4/IPv6拓扑进行独立的路由计算 |
| ipv6 advertise link attributes | 使能IS-IS进程在LSP中发布IPv6链路属性相关TLV |
| ipv6 bfd all-interfaces enable | 配置ISIS 进程的IPV6 bfd特性 |
| ipv6 bfd all-interfaces min-tx-interval 300 min-rx-interval 300 frr-binding | |
| ipv6 traffic-eng level-2 | 开启ISIS的IPV6 流量工程能力 |
| segment-routing ipv6 locator P | 使能IS-IS 的SRv6能力 |
| # | |
| interface LoopBack0 | |
| ipv6 enable | |
| ip address x.x.x.x 255.255.255.255 | |
| ipv6 address 1204:3120:1022:B120::101/128 | |
| isis enable 100 | |
| isis ipv6 enable 100 | |
| # | |
| interface GigabitEthernet3/0/5 | 到RR节点 |
| undo shutdown | |
| ipv6 enable | |
| ipv6 mtu 2000 spread | 接口MTU 200 |
| isis enable 100 | |
| isis ipv6 enable 100 | |
| isis circuit-type p2p | ISIS网络类型P2P |
| isis ipv6 cost 10000 | ISISIPV4拓扑接口开销值10000 |
| isis cost 10000 | ISISIPV6拓扑接口开销值10000 |
| isis peer hold-max-cost timer 1000 | 设备重启复位后,通告接口开销值最大,保持1000S |
| # | |
| interface eth-trunk10 | 同机房横穿链路DCP1-DCP2 |
| description to_ZJWAN-DCP-X8A-TX2-2_eth-trunk10 | |
| undo shutdown | |
| ipv6 enable | |
| ip address 182.253.66.137 255.255.255.252 | |
| ipv6 address 2404:3840:1112:B000:0002::21/124 | |
| ipv6 mtu 2000 spread | |
| y | |
| isis enable 100 | |
| isis ipv6 enable 100 | |
| isis circuit-type p2p | |
| isis ipv6 cost 10 | |
| isis cost 10 | |
| isis peer hold-max-cost timer 1000 | 设备重启复位后,通告接口开销值最大,保持1000S |
| te bandwidth max-reservable-bandwidth dynamic 85 | 接口最大预留带宽85% |
| te bandwidth dynamic bc0 100 | 设置接口上BC动态带宽占最大预留带宽的百分比,当接口流量达到最大预留带宽85%触发NCE动态调优 |
| trust upstream default | 信任报文的dscp标记 |
| # |
RR部分:
| 配置 | 备注 |
| # | |
| isis 100 | 启动ISIS进程,进程号100 |
| is-level level-2 | 设置路由器级别韦level2 |
| cost-style wide | 接受和发送路由的cost值类型为wide |
| network-entity 03.420.1322.3221.0221.00 | network-entity的规划原则:AS+Loopback的原则,格式如下:xx.xxxx.xxxx.xxxx.xxxx.00 如AS号为65500,loopback地址是192.168.1.1: AS号用0做填充:065500 192.168.1.1用0做地址填充:192.168.001.001 network-entity : 06.5500.1921.6800.1001.00 |
| bfd all-interfaces enable | 配置ISIS 进程的IPV4 bfd特性 |
| bfd all-interfaces min-tx-interval 300 min-rx-interval 300 frr-binding | |
| is-name RR | 设置ISIS主机名 |
| traffic-eng level-2 | 开启ISIS的IPV4 流量工程能力 |
| set-overload on-startup | IS-IS进程在启动或重启时进入Overload状态,通告其他设备不要把自己作为流量转发节点 |
| # | |
| ipv6 enable topology ipv6 | IPV4/IPv6拓扑进行独立的路由计算 |
| ipv6 bgp-ls enable level-2 | 使能ISIS IPv6拓扑发布能力 |
| ipv6 advertise link attributes | 使能IS-IS进程在LSP中发布IPv6链路属性相关TLV |
| ipv6 bfd all-interfaces enable | 配置ISIS 进程的IPV6 bfd特性 |
| ipv6 bfd all-interfaces min-tx-interval 300 min-rx-interval 300 frr-binding | |
| # | |
| interface LoopBack0 | |
| ipv6 enable | |
| ip address x.x.x.x 255.255.255.255 | |
| ipv6 address 1304:120:3432:1200::111/128 | |
| isis enable 100 | |
| isis ipv6 enable 100 | |
| # | |
| interface GigabitEthernet0/5/0 | |
| undo shutdown | |
| ipv6 enable | |
| ipv6 mtu 2000 spread | |
| isis enable 100 | |
| isis ipv6 enable 100 | |
| isis circuit-type p2p | ISIS网络类型P2P |
| isis ipv6 cost 10000 | ISISIPV4拓扑接口开销值10000 |
| isis cost 10000 | ISISIPV6拓扑接口开销值10000 |
| isis peer hold-max-cost timer 1000 | 设备重启复位后,通告接口开销值最大,保持1000S |
| # | |
| y | |
| isis enable 100 | |
| isis ipv6 enable 100 | |
| isis circuit-type p2p | ISIS网络类型P2P |
| isis ipv6 cost 10000 | ISISIPV4拓扑接口开销值10000 |
| isis cost 10000 | ISISIPV6拓扑接口开销值10000 |
| isis peer hold-max-cost timer 1000 | 设备重启复位后,通告接口开销值最大,保持1000S |
| # | |
| bgp 64600 | 创建并计入BGP AS号64600 |
| router-id 182.253.240.121 | 设备的router-id |
| group DCPE internal | 创建一个IBGP对等体组 |
| graceful-restart | 开启NE路由器的平滑重启功能,保证当主控板复位的时候流量转发不中断 |
| graceful-restart peer-reset | |
| peer 2404:3840:1112:B000::111 group DCPE | 进入BGP对等体组DCPE |
| peer DCPE connect-interface LoopBack0 | 使用loopback0 建立邻居 |
| peer 2404:3840:1112:B000:000E::12 as-number 64600 | NCE控制器 |
| peer 2404:3840:1112:B000:000E::12 connect-interface LoopBack0 | |
| # | |
| undo ipv6-family unicast | 关闭普通的IPV6地址簇 |
| link-state-family unicast | 创建并进入BGP的LS单播地址簇并进入配置试图 |
| domain identifier 182.253.240.121 | 配置BGP-LS的区域标识符, (单域内所有RR的domain identifier配置为相同值) |
| peer DCPE enable | 激活对等体组的BGP-LS邻居 |
| peer 2404:3840:1112:B000::111 group DCPE | |
| peer 2404:3840:1132:B000::112 group DCPE | |
| peer 2404:3840:1112:B000:000E::12 enable | NCE控制器 |
| peer 2404:3840:1112:B000:000E::12 reflect-client | |
| # | |
| l2vpn-family evpn | |
| reflector cluster-id 100 | 反射器的集群ID |
| undo policy vpn-target | 对接收到的VPN路由不使能VPN-Target过滤功能 |
| peer DCPE enable | 激活对等体组的evpn邻居 |
| peer 1224:4631:2312:B120::111 group DCPE | |
| peer DCPE reflect-client | 配置路由器的客户端 |
| peer DCPE advertise-community | 向邻居通告BGP团体属性 |
| peer DCPE advertise encap-type srv6 | 向邻居发布的EVPN路由所携带的SRV6封装属性 |
| # | |
| ipv6-family sr-policy | 创建ipv6 的BGP-sr-policy地址簇并进入配置试图 |
| reflector cluster-id 100 | 反射器的集群ID |
| undo bestroute nexthop-resolved ip | 在下一跳迭代到IP地址时路由不参与选路 |
| undo router-id filter | 去使能Router ID过滤功能 |
| peer 1304:3840:1112:B000::111 enable | 激活对等体组的sr-policy邻居 |
| peer 1304:3840:1112:B000::111 advertise-ext-community | 向邻居通告扩展团体属性 |
| peer 1224:3840:1112:B000:000E::12 enable | NCE控制器 |
| peer 1224:3840:1112:B000:000E::12 reflect-client | |
| peer 1224:3840:1112:B000:000E::12 graceful-restart static-timer 86400 | |
| # |