1. 配置IP地址
[PE1-GigabitEthernet0/0/0]ip add 10.1.1.1 24
[PE1-LoopBack0]ip add 1.1.1.1 32
[P-GigabitEthernet0/0/0]ip add 10.1.1.2 24
[P-GigabitEthernet0/0/1]ip add 10.1.2.2 24
[P-LoopBack0]ip add 2.2.2.2 32
[PE2-GigabitEthernet0/0/0]ip add 10.1.2.3 24
[PE2-LoopBack0]ip add 3.3.3.3 32
2. 配置OSPF协议发布各节点接口所连网段和LSR ID的主机路由
[PE1]ospf 1
[PE1-ospf-1]area 0
[PE1-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[P]ospf 1
[P-ospf-1]area 0
[P-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[P-ospf-1-area-0.0.0.0]network 10.1.2.0 0.0.0.255
[P-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[PE2]ospf 1
[PE2-ospf-1]area 0
[PE2-ospf-1-area-0.0.0.0]network 10.1.2.0 0.0.0.255
[PE2-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
3. 配置LDP本地会话
[PE1]mpls lsr-id 1.1.1.1
[PE1]mpls
[PE1]mpls ldp
[PE1-GigabitEthernet0/0/0]mpls
[PE1-GigabitEthernet0/0/0]mpls ldp
[P]mpls lsr-id 2.2.2.2
[P]mpls
[P]mpls ldp
[P-GigabitEthernet0/0/0]mpls
[P-GigabitEthernet0/0/0]mpls ldp
[P-GigabitEthernet0/0/1]mpls
[P-GigabitEthernet0/0/1]mpls ldp
[PE2]mpls lsr-id 3.3.3.3
[PE2]mpls
[PE2]mpls ldp
[PE2-GigabitEthernet0/0/0]mpls
[PE2-GigabitEthernet0/0/0]mpls ldp
4. 配置PE_1与P之间TCP应用程序的Keychain
[PE1]keychain k1 mode periodic weekly
[PE1-keychain]tcp-kind 180
[PE1-keychain]tcp-algorithm-id md5 8
[PE1-keychain]receive-tolerance 15
[PE1-keychain]key-id 1
[PE1-keychain-keyid-1]algorithm md5
[PE1-keychain-keyid-1]key-string cipher abc@123
[PE1-keychain-keyid-1]send-time day mon to thu
[PE1-keychain-keyid-1]receive-time day mon to thu
[PE1-keychain]key-id 2
[PE1-keychain-keyid-2]algorithm md5
[PE1-keychain-keyid-2]key-string cipher abc@123
[PE1-keychain-keyid-2]send-time day fri to sun
[PE1-keychain-keyid-2]receive-time day fri to sun
[P]keychain k1 mode periodic weekly
[P-keychain]tcp-kind 180
[P-keychain]tcp-algorithm-id md5 8
[P-keychain]receive-tolerance 15
[P-keychain]key-id 1
[P-keychain-keyid-1]algorithm md5
[P-keychain-keyid-1]key-string cipher abc@123
[P-keychain-keyid-1]send-time day mon to thu
[P-keychain-keyid-1]receive-time day mon to thu
[P-keychain]key-id 2
[P-keychain-keyid-2]algorithm md5
[P-keychain-keyid-2]key-string cipher abc@123
[P-keychain-keyid-2]send-time day fri to sun
[P-keychain-keyid-2]receive-time day fri to sun
5. 配置PE_1与P的LDP Keychain认证
[PE1]mpls ldp
[PE1-mpls-ldp]authentication key-chain peer 2.2.2.2 name k1
[P]mpls ldp
[P-mpls-ldp]authentication key-chain peer 1.1.1.1 name k1
6. 配置PE_2与P之间TCP应用程序的Keychain
[PE2]keychain k1 mode periodic weekly
[PE2-keychain]tcp-kind 180
[PE2-keychain]tcp-algorithm-id md5 8
[PE2-keychain]receive-tolerance 15
[PE2-keychain]key-id 1
[PE2-keychain-keyid-1]algorithm md5
[PE2-keychain-keyid-1]key-string cipher abc@123
[PE2-keychain-keyid-1]send-time day mon to thu
[PE2-keychain-keyid-1]receive-time day mon to thu
[PE2-keychain]key-id 2
[PE2-keychain-keyid-2]algorithm md5
[PE2-keychain-keyid-2]key-string cipher abc@123
[PE2-keychain-keyid-2]send-time day fri to sun
[PE2-keychain-keyid-2]receive-time day fri to sun
[P]keychain k2 mode periodic weekly
[P-keychain]tcp-kind 180
[P-keychain]tcp-algorithm-id md5 8
[P-keychain]receive-tolerance 15
[P-keychain]key-id 1
[P-keychain-keyid-1]algorithm md5
[P-keychain-keyid-1]key-string cipher abc@123
[P-keychain-keyid-1]send-time day mon to thu
[P-keychain-keyid-1]receive-time day mon to thu
[P-keychain]key-id 2
[P-keychain-keyid-2]algorithm md5
[P-keychain-keyid-2]key-string cipher abc@123
[P-keychain-keyid-2]se
[P-keychain-keyid-2]send-time day fri to sun
[P-keychain-keyid-2]receive-time day fri to sun
7. 配置PE_2与P的LDP Keychain认证
[PE2]mpls ldp
[PE2-mpls-ldp]authentication key-chain peer 2.2.2.2 name k1
[P]mpls ldp
[P-mpls-ldp]authentication key-chain peer 3.3.3.3 name k2
8. 检查配置
