beautypg.com

Configuring nested vpn, Configuration prerequisites – H3C Technologies H3C S10500 Series Switches User Manual

Page 270

background image

259

To do…

Use the command…

Remarks

Configure the device to match IPv4
routes with labels

if-match mpls-label

Required

Configure the device to assign
labels to IPv4 routes

apply mpls-label

Required
By default, an IPv4 route does not
carry any label.

NOTE:

For information about routing policy configuration, see

Layer 3—IP Routing Configuration Guide.

Configuring nested VPN

For a network with many VPNs, if you want to implement layered management of VPNs and to conceal

the deployment of internal VPNs, nested VPN is a good solution. By using nested VPN, you can

implement layered management of internal VPNs easily with a low cost and simple management

operation.

Configuration prerequisites

Configure the basic MPLS L3VPN capability. For configuration information, see “

Configuring basic MPLS

L3VPN

.”

Configuring nested VPN

Follow these steps to configure nested VPN:

To do…

Use the command…

Remarks

Enter system view

system-view

Enter BGP view

bgp as-number

Enter BGP VPN instance view

ipv4-family vpn-instance
vpn-instance-name

Configure a CE peer or peer group

peer { group-name |
peer-address
} as-number number Required

Return to BGP view

quit

Enter BGP-VPNv4 subaddress
family view

ipv4-family vpnv4

Enable nested VPN

nesting-vpn

Required
Disabled by default.

Activate a nested VPN peer or peer
group, and enable the BGP-VPNv4

route exchange capability

peer { group-name |
peer-address
} vpn-instance

vpn-instance-name enable

Required
By default, only IPv4 routes and no
BGP-VPNv4 routes can be

exchanged between nested VPN

peers/peer groups.