Configuring nested vpn, Configuration prerequisites – H3C Technologies H3C S10500 Series Switches User Manual
Page 270
259
To do…
Use the command…
Remarks
Configure the device to match IPv4
routes with labels
if-match mpls-label
Required
Configure the device to assign
labels to IPv4 routes
apply mpls-label
Required
By default, an IPv4 route does not
carry any label.
NOTE:
For information about routing policy configuration, see
Layer 3—IP Routing Configuration Guide.
Configuring nested VPN
For a network with many VPNs, if you want to implement layered management of VPNs and to conceal
the deployment of internal VPNs, nested VPN is a good solution. By using nested VPN, you can
implement layered management of internal VPNs easily with a low cost and simple management
operation.
Configuration prerequisites
Configure the basic MPLS L3VPN capability. For configuration information, see “
Configuring nested VPN
Follow these steps to configure nested VPN:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter BGP view
bgp as-number —
Enter BGP VPN instance view
ipv4-family vpn-instance
vpn-instance-name
—
Configure a CE peer or peer group
peer { group-name |
peer-address } as-number number Required
Return to BGP view
quit
—
Enter BGP-VPNv4 subaddress
family view
ipv4-family vpnv4
—
Enable nested VPN
nesting-vpn
Required
Disabled by default.
Activate a nested VPN peer or peer
group, and enable the BGP-VPNv4
route exchange capability
peer { group-name |
peer-address } vpn-instance
vpn-instance-name enable
Required
By default, only IPv4 routes and no
BGP-VPNv4 routes can be
exchanged between nested VPN
peers/peer groups.