3com 8807 사용자 가이드
604
C
HAPTER
50: C
ARD
I
NTERMIXING
FOR
MPLS S
UPPORT
Configuring MPLS VPN
Configure BGP/MPLS VPN (L3VPN) or L2VPN. Refer to “BGP/MPLS VPN
Configuration” and the "VPN Operation" section in 3Com Switch 8800 Family
Series Routing Switches Operation Manual. for detailed configuration information.
Configuration” and the "VPN Operation" section in 3Com Switch 8800 Family
Series Routing Switches Operation Manual. for detailed configuration information.
Configuring flow
template and ACL rules
The packets to be redirected are identified through the flow template and ACL
configurations.
configurations.
For L2VPN
For L3VPN
Table 560 Configure the flow template and ACL of L2VPN
Operation
Command
Description
Enter system view
system-view
-
Enter corresponding
ACL view
ACL view
acl { number acl-number | name
acl-name link ] } [ match-order {
config | auto } ]
acl-name link ] } [ match-order {
config | auto } ]
Required
Configure rules of
ACL
ACL
rule [ rule-id ] permit ingress vlan-id
Required.
L2VPN can use either the
default flow template or a
custom flow template. It is
recommended to redirect the
packets in the specified VLAN
through matching them with
a Layer 2 rule so that the
specified VLAN packets can
pass.
default flow template or a
custom flow template. It is
recommended to redirect the
packets in the specified VLAN
through matching them with
a Layer 2 rule so that the
specified VLAN packets can
pass.
Table 561 Configure flow template and ACL rules of L3VPN
Operation
Command
Description
Enter system view
system-view
-
Set self-defined flow template
flow-template
user-defined slot slotid
dmac wildcard sip wildcard
vlanid
user-defined slot slotid
dmac wildcard sip wildcard
vlanid
Require.
When a custom flow template
is specified, at least two items
IP and DMAC are required.
You can use the IP + VLAN +
DMAC method to define the
flow template so that
different kinds of packets are
processed in different ways.
is specified, at least two items
IP and DMAC are required.
You can use the IP + VLAN +
DMAC method to define the
flow template so that
different kinds of packets are
processed in different ways.
Enter corresponding ACL view
acl { number acl-number |
name acl-name [ advanced |
basic ] } [ match-order {
config | auto } ]
name acl-name [ advanced |
basic ] } [ match-order {
config | auto } ]
Required
Configure IP ACL
rule [ rule-id ] permit source
{ source-addr wildcard | any }
{ source-addr wildcard | any }
Required.
You can use the parameter
permit any or specify an IP
address.
permit any or specify an IP
address.
Configure Layer 2 ACL
rule [ rule-id ] permit ingress
vlan-id egress dest-mac-addr
dest-mac-wildcard
vlan-id egress dest-mac-addr
dest-mac-wildcard
Required.
Use a Layer 2 rule to configure
VLAN+DMAC. DMAC refers
to the virtual MAC of the
switch. You can get it through
the display interface vlan
vlanid command.
VLAN+DMAC. DMAC refers
to the virtual MAC of the
switch. You can get it through
the display interface vlan
vlanid command.