一、说明
- 基于BGP EVPN实现VxLAN基本原理可参考上一篇“3 基于BGP EVPN实现VxLAN理论基础”;
- VxLAN引入BGP EVPN作为控制层面后,泛洪与学习由原来的数据驱动式变为了协议驱动式;
- 基于BGP EVPN实现VxLAN中BUM(广播、未知单播和组播)流量的转发可以利用Multicast或基于BGP的Ingress Replication实现;
- 本实验采用Multicast实现BUM流量的转发;
- 本实验采用对称式IRB实现VxLAN间的互通;
- 本实验不做抓包演示,具体BGP EVPN处理过程请参考下一篇。
二、基于BGP EVPN实现VxLAN实验
2.1 实验环境
| 工具 | 版本 | 备注 |
|---|---|---|
| EVE-NG | 2.0.3-105 | 模拟器 |
| Cisco Nexus 9000v | 7.0.3.I7.8 | 支持VxLAN的交换机,拓扑中的Spine节点和Leaf节点 |
2.2 实验拓扑
image.png
- Spine-1、Spine-2、Leaf-1、Leaf-2和Leaf-3运行OSPF协议;
- Spine-1、Spine-2、Leaf-1、Leaf-2和Leaf-3运行PIM Sparse Mode,并启用Anycast RP,其中Spine-1和Spine-2作为PIM RP;
- Spine-1、Spine-2、Leaf-1、Leaf-2和Leaf-3运行iBGP,其中Spine-1和Spine-2作为Route Reflector(路由反射器),采用模板以简化配置;
- 实现PC之间能互相Ping通。
2.3 实验配置
2.3.1 配置Underlay三层网络
- 配置接口IP,设备的互联接口、Loopback接口都通告进OSPF Area 0。
Spine-1配置:
feature ospf
router ospf spine-1
router-id 1.1.1.1
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.1/30
ip ospf network point-to-point
ip router ospf spine-1 area 0.0.0.0
no shutdown
interface Ethernet1/2
no switchport
mtu 9216
ip address 10.1.1.5/30
ip ospf network point-to-point
ip router ospf spine-1 area 0.0.0.0
no shutdown
interface Ethernet1/3
no switchport
mtu 9216
ip address 10.1.1.9/30
ip ospf network point-to-point
ip router ospf spine-1 area 0.0.0.0
no shutdown
interface loopback0
ip address 1.1.1.1/32
ip router ospf spine-1 area 0.0.0.0
interface loopback1
ip address 8.8.8.8/32
ip router ospf spine-1 area 0.0.0.0
Spine-2配置:
feature ospf
router ospf spine-2
router-id 2.2.2.2
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.13/30
ip ospf network point-to-point
ip router ospf spine-2 area 0.0.0.0
no shutdown
interface Ethernet1/2
no switchport
mtu 9216
ip address 10.1.1.17/30
ip ospf network point-to-point
ip router ospf spine-2 area 0.0.0.0
no shutdown
interface Ethernet1/3
no switchport
mtu 9216
ip address 10.1.1.21/30
ip ospf network point-to-point
ip router ospf spine-2 area 0.0.0.0
no shutdown
interface loopback0
ip address 2.2.2.2/32
ip router ospf spine-2 area 0.0.0.0
interface loopback1
ip address 8.8.8.8/32
ip router ospf spine-2 area 0.0.0.0
Leaf-1配置:
feature ospf
router ospf leaf-1
router-id 3.3.3.3
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.2/30
ip ospf network point-to-point
ip router ospf leaf-1 area 0.0.0.0
no shutdown
interface Ethernet1/2
no switchport
mtu 9216
ip address 10.1.1.14/30
ip ospf network point-to-point
ip router ospf leaf-1 area 0.0.0.0
no shutdown
interface loopback0
ip address 3.3.3.3/32
ip router ospf leaf-1 area 0.0.0.0
Leaf-2配置:
feature ospf
router ospf leaf-2
router-id 4.4.4.4
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.6/30
ip ospf network point-to-point
ip router ospf leaf-2 area 0.0.0.0
no shutdown
interface Ethernet1/2
no switchport
mtu 9216
ip address 10.1.1.18/30
ip ospf network point-to-point
ip router ospf leaf-2 area 0.0.0.0
no shutdown
interface loopback0
ip address 4.4.4.4/32
ip router ospf leaf-2 area 0.0.0.0
Leaf-3配置:
feature ospf
router ospf leaf-3
router-id 5.5.5.5
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.10/30
ip ospf network point-to-point
ip router ospf leaf-3 area 0.0.0.0
no shutdown
interface Ethernet1/2
no switchport
mtu 9216
ip address 10.1.1.22/30
ip ospf network point-to-point
ip router ospf leaf-3 area 0.0.0.0
no shutdown
interface loopback0
ip address 5.5.5.5/32
ip router ospf leaf-3 area 0.0.0.0
配置验证:
查看Spine-1 OSPF路由表:
Spine-1# show ip route ospf
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
2.2.2.2/32, ubest/mbest: 3/0
*via 10.1.1.2, Eth1/1, [110/81], 3d03h, ospf-spine-1, intra
*via 10.1.1.6, Eth1/2, [110/81], 3d03h, ospf-spine-1, intra
*via 10.1.1.10, Eth1/3, [110/81], 3d03h, ospf-spine-1, intra
3.3.3.3/32, ubest/mbest: 1/0
*via 10.1.1.2, Eth1/1, [110/41], 3d22h, ospf-spine-1, intra
4.4.4.4/32, ubest/mbest: 1/0
*via 10.1.1.6, Eth1/2, [110/41], 3d22h, ospf-spine-1, intra
5.5.5.5/32, ubest/mbest: 1/0
*via 10.1.1.10, Eth1/3, [110/41], 3d03h, ospf-spine-1, intra
10.1.1.12/30, ubest/mbest: 1/0
*via 10.1.1.2, Eth1/1, [110/80], 3d22h, ospf-spine-1, intra
10.1.1.16/30, ubest/mbest: 1/0
*via 10.1.1.6, Eth1/2, [110/80], 3d22h, ospf-spine-1, intra
10.1.1.20/30, ubest/mbest: 1/0
*via 10.1.1.10, Eth1/3, [110/80], 3d03h, ospf-spine-1, intra
查看Spine-2 OSPF路由表:
Spine-2# show ip ro os
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
1.1.1.1/32, ubest/mbest: 3/0
*via 10.1.1.14, Eth1/1, [110/81], 3d03h, ospf-spine-2, intra
*via 10.1.1.18, Eth1/2, [110/81], 3d03h, ospf-spine-2, intra
*via 10.1.1.22, Eth1/3, [110/81], 3d03h, ospf-spine-2, intra
3.3.3.3/32, ubest/mbest: 1/0
*via 10.1.1.14, Eth1/1, [110/41], 3d22h, ospf-spine-2, intra
4.4.4.4/32, ubest/mbest: 1/0
*via 10.1.1.18, Eth1/2, [110/41], 3d22h, ospf-spine-2, intra
5.5.5.5/32, ubest/mbest: 1/0
*via 10.1.1.22, Eth1/3, [110/41], 3d03h, ospf-spine-2, intra
10.1.1.0/30, ubest/mbest: 1/0
*via 10.1.1.14, Eth1/1, [110/80], 3d22h, ospf-spine-2, intra
10.1.1.4/30, ubest/mbest: 1/0
*via 10.1.1.18, Eth1/2, [110/80], 3d22h, ospf-spine-2, intra
10.1.1.8/30, ubest/mbest: 1/0
*via 10.1.1.22, Eth1/3, [110/80], 3d03h, ospf-spine-2, intra
查看Leaf-1 OSPF路由表:
Leaf-1# show ip ro os
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
1.1.1.1/32, ubest/mbest: 1/0
*via 10.1.1.1, Eth1/1, [110/41], 3d22h, ospf-leaf-1, intra
2.2.2.2/32, ubest/mbest: 1/0
*via 10.1.1.13, Eth1/2, [110/41], 3d22h, ospf-leaf-1, intra
4.4.4.4/32, ubest/mbest: 2/0
*via 10.1.1.1, Eth1/1, [110/81], 3d22h, ospf-leaf-1, intra
*via 10.1.1.13, Eth1/2, [110/81], 3d22h, ospf-leaf-1, intra
5.5.5.5/32, ubest/mbest: 2/0
*via 10.1.1.1, Eth1/1, [110/81], 3d03h, ospf-leaf-1, intra
*via 10.1.1.13, Eth1/2, [110/81], 3d03h, ospf-leaf-1, intra
8.8.8.8/32, ubest/mbest: 2/0
*via 10.1.1.1, Eth1/1, [110/41], 3d22h, ospf-leaf-1, intra
*via 10.1.1.13, Eth1/2, [110/41], 3d22h, ospf-leaf-1, intra
10.1.1.4/30, ubest/mbest: 1/0
*via 10.1.1.1, Eth1/1, [110/80], 3d22h, ospf-leaf-1, intra
10.1.1.8/30, ubest/mbest: 1/0
*via 10.1.1.1, Eth1/1, [110/80], 3d22h, ospf-leaf-1, intra
10.1.1.16/30, ubest/mbest: 1/0
*via 10.1.1.13, Eth1/2, [110/80], 3d22h, ospf-leaf-1, intra
10.1.1.20/30, ubest/mbest: 1/0
*via 10.1.1.13, Eth1/2, [110/80], 3d22h, ospf-leaf-1, intra
查看Leaf-2 OSPF路由表:
Leaf-2# show ip ro os
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
1.1.1.1/32, ubest/mbest: 1/0
*via 10.1.1.5, Eth1/1, [110/41], 3d22h, ospf-leaf-2, intra
2.2.2.2/32, ubest/mbest: 1/0
*via 10.1.1.17, Eth1/2, [110/41], 3d22h, ospf-leaf-2, intra
3.3.3.3/32, ubest/mbest: 2/0
*via 10.1.1.5, Eth1/1, [110/81], 3d22h, ospf-leaf-2, intra
*via 10.1.1.17, Eth1/2, [110/81], 3d22h, ospf-leaf-2, intra
5.5.5.5/32, ubest/mbest: 2/0
*via 10.1.1.5, Eth1/1, [110/81], 3d03h, ospf-leaf-2, intra
*via 10.1.1.17, Eth1/2, [110/81], 3d03h, ospf-leaf-2, intra
8.8.8.8/32, ubest/mbest: 2/0
*via 10.1.1.5, Eth1/1, [110/41], 3d22h, ospf-leaf-2, intra
*via 10.1.1.17, Eth1/2, [110/41], 3d22h, ospf-leaf-2, intra
10.1.1.0/30, ubest/mbest: 1/0
*via 10.1.1.5, Eth1/1, [110/80], 3d22h, ospf-leaf-2, intra
10.1.1.8/30, ubest/mbest: 1/0
*via 10.1.1.5, Eth1/1, [110/80], 3d22h, ospf-leaf-2, intra
10.1.1.12/30, ubest/mbest: 1/0
*via 10.1.1.17, Eth1/2, [110/80], 3d22h, ospf-leaf-2, intra
10.1.1.20/30, ubest/mbest: 1/0
*via 10.1.1.17, Eth1/2, [110/80], 3d22h, ospf-leaf-2, intra
查看Leaf-3 OSPF路由表:
Leaf-3# sh ip ro os
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
1.1.1.1/32, ubest/mbest: 1/0
*via 10.1.1.9, Eth1/1, [110/41], 3d03h, ospf-leaf-3, intra
2.2.2.2/32, ubest/mbest: 1/0
*via 10.1.1.21, Eth1/2, [110/41], 3d03h, ospf-leaf-3, intra
3.3.3.3/32, ubest/mbest: 2/0
*via 10.1.1.9, Eth1/1, [110/81], 3d03h, ospf-leaf-3, intra
*via 10.1.1.21, Eth1/2, [110/81], 3d03h, ospf-leaf-3, intra
4.4.4.4/32, ubest/mbest: 2/0
*via 10.1.1.9, Eth1/1, [110/81], 3d03h, ospf-leaf-3, intra
*via 10.1.1.21, Eth1/2, [110/81], 3d03h, ospf-leaf-3, intra
8.8.8.8/32, ubest/mbest: 2/0
*via 10.1.1.9, Eth1/1, [110/41], 3d03h, ospf-leaf-3, intra
*via 10.1.1.21, Eth1/2, [110/41], 3d03h, ospf-leaf-3, intra
10.1.1.0/30, ubest/mbest: 1/0
*via 10.1.1.9, Eth1/1, [110/80], 3d03h, ospf-leaf-3, intra
10.1.1.4/30, ubest/mbest: 1/0
*via 10.1.1.9, Eth1/1, [110/80], 3d03h, ospf-leaf-3, intra
10.1.1.12/30, ubest/mbest: 1/0
*via 10.1.1.21, Eth1/2, [110/80], 3d03h, ospf-leaf-3, intra
10.1.1.16/30, ubest/mbest: 1/0
*via 10.1.1.21, Eth1/2, [110/80], 3d03h, ospf-leaf-3, intra
2.3.2 配置Underlay Multicast网络
- 设备的互联接口、Loopback接口都启用Multicast;
- 启用Anycast RP以实现RP的负载分担和故障冗余,其中Spine-1和Spine-2作为PIM RP。
Spine-1配置:
feature pim
ip pim rp-address 8.8.8.8 group-list 239.0.0.0/24
ip pim anycast-rp 8.8.8.8 1.1.1.1
ip pim anycast-rp 8.8.8.8 2.2.2.2
interface loopback0
ip pim sparse-mode
interface loopback1
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
interface Ethernet1/2
ip pim sparse-mode
interface Ethernet1/3
ip pim sparse-mode
Spine-2配置:
feature pim
ip pim rp-address 8.8.8.8 group-list 239.0.0.0/24
ip pim anycast-rp 8.8.8.8 1.1.1.1
ip pim anycast-rp 8.8.8.8 2.2.2.2
interface loopback0
ip pim sparse-mode
interface loopback1
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
interface Ethernet1/2
ip pim sparse-mode
interface Ethernet1/3
ip pim sparse-mode
Leaf-1配置:
feature pim
ip pim rp-address 8.8.8.8 group-list 239.0.0.0/24
ip pim anycast-rp 8.8.8.8 1.1.1.1
ip pim anycast-rp 8.8.8.8 2.2.2.2
interface loopback0
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
interface Ethernet1/2
ip pim sparse-mode
Leaf-2配置:
feature pim
ip pim rp-address 8.8.8.8 group-list 239.0.0.0/24
ip pim anycast-rp 8.8.8.8 1.1.1.1
ip pim anycast-rp 8.8.8.8 2.2.2.2
interface loopback0
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
interface Ethernet1/2
ip pim sparse-mode
Leaf-3配置:
feature pim
ip pim rp-address 8.8.8.8 group-list 239.0.0.0/24
ip pim anycast-rp 8.8.8.8 1.1.1.1
ip pim anycast-rp 8.8.8.8 2.2.2.2
interface loopback0
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
interface Ethernet1/2
ip pim sparse-mode
配置验证:
- 首先应使用命令"show ip pim neighbor"检查组播邻居;
- 当有BUM报文触发组播流量后交换机上才会有完整组播路由表,以下组播路由表仅为参考。
查看Spine-1组播路由表:
Spine-1# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 3d22h, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(*, 239.0.0.1/32), uptime: 3d21h, pim ip
Incoming interface: loopback1, RPF nbr: 8.8.8.8
Outgoing interface list: (count: 3)
Ethernet1/3, uptime: 3d03h, pim
Ethernet1/2, uptime: 3d21h, pim
Ethernet1/1, uptime: 3d21h, pim
(3.3.3.3/32, 239.0.0.1/32), uptime: 3d21h, pim mrib ip
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.2, internal
Outgoing interface list: (count: 3)
Ethernet1/3, uptime: 3d03h, pim
Ethernet1/1, uptime: 3d21h, pim, (RPF)
Ethernet1/2, uptime: 3d21h, pim
(4.4.4.4/32, 239.0.0.1/32), uptime: 3d21h, pim mrib ip
Incoming interface: Ethernet1/2, RPF nbr: 10.1.1.6, internal
Outgoing interface list: (count: 3)
Ethernet1/3, uptime: 3d03h, pim
Ethernet1/2, uptime: 3d21h, pim, (RPF)
Ethernet1/1, uptime: 3d21h, pim
(5.5.5.5/32, 239.0.0.1/32), uptime: 3d03h, pim mrib ip
Incoming interface: Ethernet1/3, RPF nbr: 10.1.1.10, internal
Outgoing interface list: (count: 1)
Ethernet1/3, uptime: 00:23:47, pim, (RPF)
查看Spine-2组播路由表:
Spine-2# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 3d22h, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(3.3.3.3/32, 239.0.0.1/32), uptime: 3d21h, pim ip
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.14, internal
Outgoing interface list: (count: 0)
(4.4.4.4/32, 239.0.0.1/32), uptime: 3d21h, pim ip
Incoming interface: Ethernet1/2, RPF nbr: 10.1.1.18, internal
Outgoing interface list: (count: 0)
(5.5.5.5/32, 239.0.0.1/32), uptime: 3d03h, pim mrib ip
Incoming interface: Ethernet1/3, RPF nbr: 10.1.1.22, internal
Outgoing interface list: (count: 2)
Ethernet1/1, uptime: 00:01:01, pim
Ethernet1/2, uptime: 00:01:01, pim
查看Leaf-1组播路由表:
Leaf-1# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 3d22h, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(*, 239.0.0.1/32), uptime: 3d21h, nve ip pim
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.1
Outgoing interface list: (count: 1)
nve1, uptime: 3d21h, nve
(3.3.3.3/32, 239.0.0.1/32), uptime: 3d21h, nve mrib ip pim
Incoming interface: loopback0, RPF nbr: 3.3.3.3
Outgoing interface list: (count: 1)
Ethernet1/1, uptime: 3d21h, pim
(5.5.5.5/32, 239.0.0.1/32), uptime: 00:01:45, ip mrib pim
Incoming interface: Ethernet1/2, RPF nbr: 10.1.1.13
Outgoing interface list: (count: 1)
nve1, uptime: 00:01:45, mrib
查看Leaf-2组播路由表:
Leaf-2# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 3d22h, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(*, 239.0.0.1/32), uptime: 3d21h, nve ip pim
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.5
Outgoing interface list: (count: 1)
nve1, uptime: 3d21h, nve
(4.4.4.4/32, 239.0.0.1/32), uptime: 3d21h, nve mrib ip pim
Incoming interface: loopback0, RPF nbr: 4.4.4.4
Outgoing interface list: (count: 1)
Ethernet1/1, uptime: 3d21h, pim
(5.5.5.5/32, 239.0.0.1/32), uptime: 00:02:00, ip mrib pim
Incoming interface: Ethernet1/2, RPF nbr: 10.1.1.17
Outgoing interface list: (count: 1)
nve1, uptime: 00:02:00, mrib
查看Leaf-3组播路由表:
Leaf-3# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 3d03h, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(*, 239.0.0.1/32), uptime: 3d03h, nve ip pim
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.9
Outgoing interface list: (count: 1)
nve1, uptime: 3d03h, nve
(4.4.4.4/32, 239.0.0.1/32), uptime: 00:00:15, ip mrib pim
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.9
Outgoing interface list: (count: 1)
nve1, uptime: 00:00:15, mrib
(5.5.5.5/32, 239.0.0.1/32), uptime: 3d03h, nve mrib ip pim
Incoming interface: loopback0, RPF nbr: 5.5.5.5
Outgoing interface list: (count: 1)
Ethernet1/2, uptime: 00:03:21, pim
2.3.3 配置VxLAN
2.3.3.1 配置BGP
- 采用模板配置;
- 为减少对等体关系和配置,使Spine1和Spine2作为BGP RR。
Spine-1配置:
nv overlay evpn
feature nv overlay
feature bgp
router bgp 65234
router-id 1.1.1.1
log-neighbor-changes
template peer leaf
remote-as 65234
update-source loopback0
address-family l2vpn evpn
send-community extended
route-reflector-client
neighbor 3.3.3.3
inherit peer leaf
neighbor 4.4.4.4
inherit peer leaf
neighbor 5.5.5.5
inherit peer leaf
Spine-2配置:
nv overlay evpn
feature nv overlay
feature bgp
router bgp 65234
router-id 2.2.2.2
log-neighbor-changes
template peer leaf
remote-as 65234
update-source loopback0
address-family l2vpn evpn
send-community extended
route-reflector-client
neighbor 3.3.3.3
inherit peer leaf
neighbor 4.4.4.4
inherit peer leaf
neighbor 5.5.5.5
inherit peer leaf
Leaf-1配置:
nv overlay evpn
feature nv overlay
feature bgp
router bgp 65234
router-id 3.3.3.3
log-neighbor-changes
template peer spine
remote-as 65234
update-source loopback0
address-family l2vpn evpn
send-community extended
neighbor 1.1.1.1
inherit peer spine
neighbor 2.2.2.2
inherit peer spine
Leaf-2配置:
nv overlay evpn
feature nv overlay
feature bgp
router bgp 65234
router-id 4.4.4.4
log-neighbor-changes
template peer spine
remote-as 65234
update-source loopback0
address-family l2vpn evpn
send-community extended
neighbor 1.1.1.1
inherit peer spine
neighbor 2.2.2.2
inherit peer spine
Leaf-3配置:
nv overlay evpn
feature nv overlay
feature bgp
router bgp 65234
router-id 5.5.5.5
log-neighbor-changes
template peer spine
remote-as 65234
update-source loopback0
address-family l2vpn evpn
send-community extended
neighbor 1.1.1.1
inherit peer spine
neighbor 2.2.2.2
inherit peer spine
验证配置:
查看Spine-1的EVPN邻居:
Spine-1# show bgp l2vpn evpn summary
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 1.1.1.1, local AS number 65234
BGP table version is 39, L2VPN EVPN config peers 3, capable peers 3
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
3.3.3.3 4 65234 5672 5680 39 0 0 3d22h 0
4.4.4.4 4 65234 5678 5681 39 0 0 3d22h 0
5.5.5.5 4 65234 5641 5652 39 0 0 3d03h 0
查看Spine-2的EVPN邻居:
Spine-2# show bgp l2vpn evpn summary
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 2.2.2.2, local AS number 65234
BGP table version is 39, L2VPN EVPN config peers 3, capable peers 3
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
3.3.3.3 4 65234 5672 5680 39 0 0 3d22h 0
4.4.4.4 4 65234 5678 5680 39 0 0 3d22h 0
5.5.5.5 4 65234 5642 5651 39 0 0 3d03h 0
查看Leaf-1的EVPN邻居:
Leaf-1# show bgp l2vpn evpn summary
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 3.3.3.3, local AS number 65234
BGP table version is 76, L2VPN EVPN config peers 2, capable peers 2
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 65234 5684 5669 76 0 0 3d22h 0
2.2.2.2 4 65234 5685 5669 76 0 0 3d22h 0
查看Leaf-2的EVPN邻居:
Leaf-2# show bgp l2vpn evpn summary
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 4.4.4.4, local AS number 65234
BGP table version is 61, L2VPN EVPN config peers 2, capable peers 2
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 65234 5682 5672 61 0 0 3d22h 0
2.2.2.2 4 65234 5682 5672 61 0 0 3d22h 0
查看Leaf-3的EVPN邻居:
Leaf-3# show bgp l2vpn evpn summary
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 5.5.5.5, local AS number 65234
BGP table version is 55, L2VPN EVPN config peers 2, capable peers 2
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 65234 4566 4558 55 0 0 3d03h 0
2.2.2.2 4 65234 4566 4558 55 0 0 3d03h 0
2.3.3.2 配置VNI和EVPN参数
Leaf-1配置:
feature vn-segment-vlan-based
vlan 10
vn-segment 10010
evpn
vni 10010 l2
rd auto
route-target import auto
route-target export auto
Leaf-2配置:
feature vn-segment-vlan-based
vlan 10
vn-segment 10010
evpn
vni 10010 l2
rd auto
route-target import auto
route-target export auto
Leaf-3配置:
feature vn-segment-vlan-based
vlan 10
vn-segment 10010
evpn
vni 10010 l2
rd auto
route-target import auto
route-target export auto
2.3.3.3 配置NVE接口
Leaf-1配置:
interface nve1
no shutdown
host-reachability protocol bgp
source-interface loopback0
member vni 10010
mcast-group 239.0.0.1
Leaf-2配置:
interface nve1
no shutdown
host-reachability protocol bgp
source-interface loopback0
member vni 10010
mcast-group 239.0.0.1
Leaf-3配置:
interface nve1
no shutdown
host-reachability protocol bgp
source-interface loopback0
member vni 10010
mcast-group 239.0.0.1
2.3.4 配置交换机二层口
Leaf-1配置:
interface Ethernet1/3
switchport access vlan 10
spanning-tree port type edge
Leaf-2配置:
interface Ethernet1/3
switchport access vlan 10
spanning-tree port type edge
interface Ethernet1/4
switchport access vlan 10
spanning-tree port type edge
Leaf-3配置:
interface Ethernet1/3
switchport access vlan 10
spanning-tree port type edge
interface Ethernet1/4
switchport access vlan 10
spanning-tree port type edge
2.4 实验验证
2.4.1 检查PC的IP地址
PC1配置:
PC1> show ip
NAME : PC1[1]
IP/MASK : 172.16.1.1/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:06
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU : 1500
PC2配置:
PC2> show ip
NAME : PC2[1]
IP/MASK : 172.16.1.2/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:07
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU : 1500
PC3配置:
PC3> show ip
NAME : PC3[1]
IP/MASK : 172.16.1.3/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:08
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU : 1500
PC4配置:
PC4> show ip
NAME : PC4[1]
IP/MASK : 172.16.1.4/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:09
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU : 1500
PC5配置:
PC5> show ip
NAME : PC5[1]
IP/MASK : 172.16.1.5/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:0a
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU : 1500
2.4.2 检查NVE邻居
Leaf-1 NVE邻居:
Leaf-1# show nve peers
Interface Peer-IP State LearnType Uptime Router-Mac
--------- --------------- ----- --------- -------- -----------------
nve1 4.4.4.4 Up CP 00:04:59 n/a
nve1 5.5.5.5 Up CP 00:05:00 n/a
Leaf-2 NVE邻居:
Leaf-2# show nve peers
Interface Peer-IP State LearnType Uptime Router-Mac
--------- --------------- ----- --------- -------- -----------------
nve1 3.3.3.3 Up CP 00:04:42 n/a
nve1 5.5.5.5 Up CP 00:05:08 n/a
Leaf-3 NVE邻居:
Leaf-3# show nve peers
Interface Peer-IP State LearnType Uptime Router-Mac
--------- --------------- ----- --------- -------- -----------------
nve1 3.3.3.3 Up CP 00:04:45 n/a
nve1 4.4.4.4 Up CP 00:05:09 n/a
2.4.3 检查EVPN路由更新
Spine-1 EVPN路由更新:
Spine-1# show bgp l2vpn evpn
BGP routing table information for VRF default, address family L2VPN EVPN
BGP table version is 54, Local Router ID is 1.1.1.1
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-i
njected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 3.3.3.3:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 0 i
Route Distinguisher: 4.4.4.4:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
Route Distinguisher: 5.5.5.5:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
Spine-2 EVPN路由更新:
Spine-2# show bgp l2vpn evpn
BGP routing table information for VRF default, address family L2VPN EVPN
BGP table version is 54, Local Router ID is 2.2.2.2
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-i
njected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 3.3.3.3:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 0 i
Route Distinguisher: 4.4.4.4:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
Route Distinguisher: 5.5.5.5:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
Leaf-1 EVPN路由更新:
Leaf-1# show bgp l2vpn evpn
BGP routing table information for VRF default, address family L2VPN EVPN
BGP table version is 120, Local Router ID is 3.3.3.3
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-i
njected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 3.3.3.3:32777 (L2VNI 10010)
*>l[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 32768 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
Route Distinguisher: 4.4.4.4:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
* i 4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
* i 4.4.4.4 100 0 i
Route Distinguisher: 5.5.5.5:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
* i 5.5.5.5 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
* i 5.5.5.5 100 0 i
Leaf-2 EVPN路由更新:
Leaf-2# show bgp l2vpn evpn
BGP routing table information for VRF default, address family L2VPN EVPN
BGP table version is 102, Local Router ID is 4.4.4.4
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-i
njected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 3.3.3.3:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 0 i
* i 3.3.3.3 100 0 i
Route Distinguisher: 4.4.4.4:32777 (L2VNI 10010)
*>i[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 0 i
*>l[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 32768 i
*>l[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 32768 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
Route Distinguisher: 5.5.5.5:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
* i 5.5.5.5 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
* i 5.5.5.5 100 0 i
Leaf-3 EVPN路由更新:
Leaf-3# show bgp l2vpn evpn
BGP routing table information for VRF default, address family L2VPN EVPN
BGP table version is 92, Local Router ID is 5.5.5.5
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-injected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 3.3.3.3:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 0 i
* i 3.3.3.3 100 0 i
Route Distinguisher: 4.4.4.4:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
* i 4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
* i 4.4.4.4 100 0 i
Route Distinguisher: 5.5.5.5:32777 (L2VNI 10010)
*>i[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
*>l[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 32768 i
*>l[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 32768 i
2.4.4 检查VxLAN MAC地址表
Leaf-1 MAC地址表:
Leaf-1# show l2route evpn mac all
Flags -(Rmac):Router MAC (Stt):Static (L):Local (R):Remote (V):vPC link
(Dup):Duplicate (Spl):Split (Rcv):Recv (AD):Auto-Delete (D):Del Pending
(S):Stale (C):Clear, (Ps):Peer Sync (O):Re-Originated (Nho):NH-Override
(Pf):Permanently-Frozen
Topology Mac Address Prod Flags Seq No Next-Hops
----------- -------------- ------ ------------- ---------- ----------------
10 0050.7966.6806 Local L, 0 Eth1/3
10 0050.7966.6807 BGP Rcv 0 4.4.4.4
10 0050.7966.6808 BGP Rcv 0 4.4.4.4
10 0050.7966.6809 BGP Rcv 0 5.5.5.5
10 0050.7966.680a BGP Rcv 0 5.5.5.5
Leaf-2 MAC地址表:
Leaf-2# show l2route evpn mac all
Flags -(Rmac):Router MAC (Stt):Static (L):Local (R):Remote (V):vPC link
(Dup):Duplicate (Spl):Split (Rcv):Recv (AD):Auto-Delete (D):Del Pending
(S):Stale (C):Clear, (Ps):Peer Sync (O):Re-Originated (Nho):NH-Override
(Pf):Permanently-Frozen
Topology Mac Address Prod Flags Seq No Next-Hops
----------- -------------- ------ ------------- ---------- ----------------
10 0050.7966.6806 BGP Rcv 0 3.3.3.3
10 0050.7966.6807 Local L, 0 Eth1/3
10 0050.7966.6808 Local L, 0 Eth1/4
10 0050.7966.6809 BGP Rcv 0 5.5.5.5
10 0050.7966.680a BGP Rcv 0 5.5.5.5
Leaf-3 MAC地址表:
Leaf-3# show l2route evpn mac all
Flags -(Rmac):Router MAC (Stt):Static (L):Local (R):Remote (V):vPC link
(Dup):Duplicate (Spl):Split (Rcv):Recv (AD):Auto-Delete (D):Del Pending
(S):Stale (C):Clear, (Ps):Peer Sync (O):Re-Originated (Nho):NH-Override
(Pf):Permanently-Frozen
Topology Mac Address Prod Flags Seq No Next-Hops
----------- -------------- ------ ------------- ---------- ----------------
10 0050.7966.6806 BGP Rcv 0 3.3.3.3
10 0050.7966.6807 BGP Rcv 0 4.4.4.4
10 0050.7966.6808 BGP Rcv 0 4.4.4.4
10 0050.7966.6809 Local L, 0 Eth1/3
10 0050.7966.680a Local L, 0 Eth1/4
2.4.5 连通性测试
PC1 ping PC2:
PC1> ping 172.16.1.2
84 bytes from 172.16.1.2 icmp_seq=1 ttl=64 time=48.618 ms
84 bytes from 172.16.1.2 icmp_seq=2 ttl=64 time=55.736 ms
84 bytes from 172.16.1.2 icmp_seq=3 ttl=64 time=91.299 ms
84 bytes from 172.16.1.2 icmp_seq=4 ttl=64 time=52.918 ms
84 bytes from 172.16.1.2 icmp_seq=5 ttl=64 time=48.679 ms
PC1 ping PC5:
PC1> ping 172.16.1.5
84 bytes from 172.16.1.5 icmp_seq=1 ttl=64 time=48.966 ms
84 bytes from 172.16.1.5 icmp_seq=2 ttl=64 time=53.595 ms
84 bytes from 172.16.1.5 icmp_seq=3 ttl=64 time=67.209 ms
84 bytes from 172.16.1.5 icmp_seq=4 ttl=64 time=46.989 ms
84 bytes from 172.16.1.5 icmp_seq=5 ttl=64 time=46.732 ms
PC3 ping PC4:
PC3> ping 172.16.1.4
84 bytes from 172.16.1.4 icmp_seq=1 ttl=64 time=103.051 ms
84 bytes from 172.16.1.4 icmp_seq=2 ttl=64 time=51.846 ms
84 bytes from 172.16.1.4 icmp_seq=3 ttl=64 time=54.164 ms
84 bytes from 172.16.1.4 icmp_seq=4 ttl=64 time=54.259 ms
84 bytes from 172.16.1.4 icmp_seq=5 ttl=64 time=63.683 ms
三、配置分布式网关
- 目标:实现同一租户下的不同VxLAN互通;
- 参考VxLAN最佳实践,本实验采用对称式IRB。
3.1 配置TCAM
- 需配置"hardware access-list tcam region arp-ether size double-wide"命令以保障正常的L3泛洪学习和ARP抑制,在使用此命令之前,必须先释放现有TCAM区域的部分占用空间;
- 通过"show hardware access-list tcam region"命令查看当前TCAM的分配情况;
- 举例:通过"hardware access-list tcam region racl 512"命令释放部分"racl"占用的TCAM空间;
- 举例:通过"hardware access-list tcam region arp-ether 256 double-wide"命令为"arp-ether"分配TCAM空间;
- 以上4条在Nexus 9000v下需特别注意,配置完毕后保存并重启设备生效。
3.2 修改PC1、PC2和PC4的IP地址并配置网关,为PC3和PC5配置网关
修改PC1的IP地址和网关:
PC1> ip 172.16.2.1/24 172.16.2.254
Checking for duplicate address...
PC1 : 172.16.2.1 255.255.255.0 gateway 172.16.2.254
修改PC2的IP地址和网关:
PC2> ip 172.16.2.2/24 172.16.2.254
Checking for duplicate address...
PC1 : 172.16.2.2 255.255.255.0 gateway 172.16.2.254
修改PC4的IP地址和网关:
PC4> ip 172.16.2.4/24 172.16.2.254
Checking for duplicate address...
PC1 : 172.16.2.4 255.255.255.0 gateway 172.16.2.254
配置PC3的网关:
PC3> ip 172.16.1.3/24 172.16.1.254
Checking for duplicate address...
PC1 : 172.16.1.3 255.255.255.0 gateway 172.16.1.254
配置PC5的网关:
PC5> ip 172.16.1.5/24 172.16.1.254
Checking for duplicate address...
PC1 : 172.16.1.5 255.255.255.0 gateway 172.16.1.254
3.3 修改Leaf交换机二层配置
- Leaf交换机新建VLAN 20,关联VNI 10020;
- 将PC1、PC2和PC4划分到VLAN 20。
Leaf-1新建VLAN并关联VNI,端口划分VLAN:
vlan 20
vn-segment 10020
interface Ethernet1/3
switchport access vlan 20
spanning-tree port type edge
Leaf-2新建VLAN并关联VNI,端口划分VLAN:
vlan 20
vn-segment 10020
interface Ethernet1/3
switchport access vlan 20
spanning-tree port type edge
Leaf-3新建VLAN并关联VNI,端口划分VLAN:
vlan 20
vn-segment 10020
interface Ethernet1/3
switchport access vlan 20
spanning-tree port type edge
3.4 配置EVPN
Leaf-1配置EVPN:
evpn
vni 10020 l2
rd auto
route-target import auto
route-target export auto
Leaf-2配置EVPN:
evpn
vni 10020 l2
rd auto
route-target import auto
route-target export auto
Leaf-3配置EVPN:
evpn
vni 10020 l2
rd auto
route-target import auto
route-target export auto
3.5 配置NVE接口
Leaf-1配置NVE接口:
interface nve1
member vni 10020
mcast-group 239.0.0.2
member vni 13960 associate-vrf
Leaf-2配置NVE接口:
interface nve1
member vni 10020
mcast-group 239.0.0.2
member vni 13960 associate-vrf
Leaf-3配置NVE接口:
interface nve1
member vni 10020
mcast-group 239.0.0.2
member vni 13960 associate-vrf
3.6 配置L3 VNI和VRF
- 本实验采用对称式IRB,所以需配置L3 VNI。
Leaf-1配置L3 VNI和VRF:
vlan 3960
name Tenant-A
vn-segment 13960
vrf context Tenant-A
vni 13960
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
Leaf-2配置L3 VNI和VRF:
vlan 3960
name Tenant-A
vn-segment 13960
vrf context Tenant-A
vni 13960
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
Leaf-3配置L3 VNI和VRF:
vlan 3960
name Tenant-A
vn-segment 13960
vrf context Tenant-A
vni 13960
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
3.7 配置BGP
Leaf-1配置BGP:
router bgp 65234
vrf Tenant-A
address-family ipv4 unicast
advertise l2vpn evpn
Leaf-2配置BGP:
router bgp 65234
vrf Tenant-A
address-family ipv4 unicast
advertise l2vpn evpn
Leaf-3配置BGP:
router bgp 65234
vrf Tenant-A
address-family ipv4 unicast
advertise l2vpn evpn
3.8 配置分布式任播网关
Leaf-1配置分布式任播网关:
feature fabric forwarding
feature interface-vlan
fabric forwarding anycast-gateway-mac 1234.1234.1234
interface Vlan10
no shutdown
vrf member Tenant-A
ip address 172.16.1.254/24
fabric forwarding mode anycast-gateway
interface Vlan20
no shutdown
vrf member Tenant-A
ip address 172.16.2.254/24
fabric forwarding mode anycast-gateway
interface Vlan3960
no shutdown
vrf member Tenant-A
ip forward
Leaf-2配置分布式任播网关:
feature fabric forwarding
feature interface-vlan
fabric forwarding anycast-gateway-mac 1234.1234.1234
interface Vlan10
no shutdown
vrf member Tenant-A
ip address 172.16.1.254/24
fabric forwarding mode anycast-gateway
interface Vlan20
no shutdown
vrf member Tenant-A
ip address 172.16.2.254/24
fabric forwarding mode anycast-gateway
interface Vlan3960
no shutdown
vrf member Tenant-A
ip forward
Leaf-3配置分布式任播网关:
feature fabric forwarding
feature interface-vlan
fabric forwarding anycast-gateway-mac 1234.1234.1234
interface Vlan10
no shutdown
vrf member Tenant-A
ip address 172.16.1.254/24
fabric forwarding mode anycast-gateway
interface Vlan20
no shutdown
vrf member Tenant-A
ip address 172.16.2.254/24
fabric forwarding mode anycast-gateway
interface Vlan3960
no shutdown
vrf member Tenant-A
ip forward
3.9 连通性测试:
PC1 ping PC2、PC4:
PC1> ping 172.16.2.2
84 bytes from 172.16.2.2 icmp_seq=1 ttl=64 time=66.320 ms
84 bytes from 172.16.2.2 icmp_seq=2 ttl=64 time=49.473 ms
84 bytes from 172.16.2.2 icmp_seq=3 ttl=64 time=55.172 ms
84 bytes from 172.16.2.2 icmp_seq=4 ttl=64 time=53.971 ms
84 bytes from 172.16.2.2 icmp_seq=5 ttl=64 time=52.276 ms
PC1> ping 172.16.2.4
84 bytes from 172.16.2.4 icmp_seq=1 ttl=64 time=70.551 ms
84 bytes from 172.16.2.4 icmp_seq=2 ttl=64 time=52.330 ms
84 bytes from 172.16.2.4 icmp_seq=3 ttl=64 time=49.531 ms
84 bytes from 172.16.2.4 icmp_seq=4 ttl=64 time=55.817 ms
84 bytes from 172.16.2.4 icmp_seq=5 ttl=64 time=52.250 ms
PC1 ping PC3、PC5:
PC1> ping 172.16.1.3
84 bytes from 172.16.1.3 icmp_seq=1 ttl=62 time=68.208 ms
84 bytes from 172.16.1.3 icmp_seq=2 ttl=62 time=64.920 ms
84 bytes from 172.16.1.3 icmp_seq=3 ttl=62 time=62.098 ms
84 bytes from 172.16.1.3 icmp_seq=4 ttl=62 time=62.976 ms
84 bytes from 172.16.1.3 icmp_seq=5 ttl=62 time=60.253 ms
PC1> ping 172.16.1.5
84 bytes from 172.16.1.5 icmp_seq=1 ttl=62 time=66.806 ms
84 bytes from 172.16.1.5 icmp_seq=2 ttl=62 time=88.333 ms
84 bytes from 172.16.1.5 icmp_seq=3 ttl=62 time=35.784 ms
84 bytes from 172.16.1.5 icmp_seq=4 ttl=62 time=71.802 ms
84 bytes from 172.16.1.5 icmp_seq=5 ttl=62 time=66.987 ms
PC4 ping PC5:
PC4> ping 172.16.1.5
84 bytes from 172.16.1.5 icmp_seq=1 ttl=63 time=25.716 ms
84 bytes from 172.16.1.5 icmp_seq=2 ttl=63 time=61.432 ms
84 bytes from 172.16.1.5 icmp_seq=3 ttl=63 time=25.860 ms
84 bytes from 172.16.1.5 icmp_seq=4 ttl=63 time=29.939 ms
84 bytes from 172.16.1.5 icmp_seq=5 ttl=63 time=31.076 ms
以上基于BGP EVPN实现Cisco VxLAN实验 & 分布式任播网关配置完毕,BGP EVPN控制层面具体操作将在下篇分解。
网友评论