L3vpn configuration task list, Configuring vpn instances, Creating a vpn instance – H3C Technologies H3C SecPath F1000-E User Manual
Page 71
8
It is required that each OSPF domain has a configurable domain ID. It is recommended to configure for
all OSPF instances in the network related to each VPN instance the same domain ID, or adopt the default
ID. Thus, the system can know that all VPN routes with the same domain ID are from the same VPN
instance.
3.
Routing loop detection
If OSPF runs between CEs and PEs and a VPN site is connected to multiple PEs, when a PE advertises the
BGP VPN routes learnt from MPLS/BGP to the VPN site through LSAs, the LSAs may be received by
another PE, resulting in a routing loop.
To avoid routing loops, when creating Type 3 LSAs, the PE always sets the flag bit DN for BGP VPN routes
learnt from MPLS/BGP, regardless of whether the PE and the CEs are connected through the OSPF
backbone. When performing route calculation, the OSPF process of the PE ignores the Type 3 LSAs
whose DN bit is set.
If the PE needs to advertise to a CE the routes from other OSPF domains, it must indicate that it is the ASBR,
and advertise the routes using Type 5 LSAs.
L3VPN Configuration Task List
Complete the following tasks to configure L3VPN:
Task Remarks
Required
Required
Configuring VPN Instances
VPN instances are used to isolate VPN routes from public network routes. Configuring VPN instances is
required in all L3VPN networking schemes.
In addition, routes of a VPN instance are isolated from those of another. This feature allows VPN
instances to be used also in networking schemes other than L3VPNs.
This section includes the following configurations:
•
•
Associating a VPN Instance with an Interface
•
Configuring Route Related Attributes of a VPN Instance
Creating a VPN Instance
A VPN instance is associated with a site, rather than a VPN. It is a collection of the VPN membership and
routing rules of its associated site.
A VPN instance takes effect only after you configure an RD for it. Before configuring an RD for a VPN
instance, you can configure no parameters for the instance other than a description.
A VPN instance description is a piece of descriptive information about the VPN instance. You can use it
to keep information such as the relationship of the VPN instance with a VPN.
Follow these steps to create and configure a VPN instance: