一傲诵、說明
- 基于BGP EVPN實現(xiàn)VxLAN基本原理可參考上一篇“3 基于BGP EVPN實現(xiàn)VxLAN理論基礎(chǔ)”;
- VxLAN引入BGP EVPN作為控制層面后副硅,泛洪與學(xué)習(xí)由原來的數(shù)據(jù)驅(qū)動式變?yōu)榱藚f(xié)議驅(qū)動式;
- 基于BGP EVPN實現(xiàn)VxLAN中BUM(廣播、未知單播和組播)流量的轉(zhuǎn)發(fā)可以利用Multicast或基于BGP的Ingress Replication實現(xiàn)抱冷;
- 本實驗采用Multicast實現(xiàn)BUM流量的轉(zhuǎn)發(fā);
- 本實驗采用對稱式IRB實現(xiàn)VxLAN間的互通梢褐;
- 本實驗不做抓包演示旺遮,具體BGP EVPN處理過程請參考下一篇。
二盈咳、基于BGP EVPN實現(xiàn)VxLAN實驗
2.1 實驗環(huán)境
| 工具 | 版本 | 備注 |
|---|---|---|
| EVE-NG | 2.0.3-105 | 模擬器 |
| Cisco Nexus 9000v | 7.0.3.I7.8 | 支持VxLAN的交換機耿眉,拓?fù)渲械腟pine節(jié)點和Leaf節(jié)點 |
2.2 實驗拓?fù)?/h2>
![]()
image.png
- Spine-1、Spine-2鱼响、Leaf-1鸣剪、Leaf-2和Leaf-3運行OSPF協(xié)議;
- Spine-1丈积、Spine-2筐骇、Leaf-1、Leaf-2和Leaf-3運行PIM Sparse Mode江滨,并啟用Anycast RP铛纬,其中Spine-1和Spine-2作為PIM RP;
- Spine-1唬滑、Spine-2告唆、Leaf-1棺弊、Leaf-2和Leaf-3運行iBGP,其中Spine-1和Spine-2作為Route Reflector(路由反射器)擒悬,采用模板以簡化配置模她;
- 實現(xiàn)PC之間能互相Ping通。
2.3 實驗配置
2.3.1 配置Underlay三層網(wǎng)絡(luò)
- 配置接口IP茄螃,設(shè)備的互聯(lián)接口缝驳、Loopback接口都通告進(jìn)OSPF Area 0。
image.png
Spine-1配置:
feature ospf
router ospf spine-1
router-id 1.1.1.1
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.1/30
ip ospf network point-to-point
ip router ospf spine-1 area 0.0.0.0
no shutdown
interface Ethernet1/2
no switchport
mtu 9216
ip address 10.1.1.5/30
ip ospf network point-to-point
ip router ospf spine-1 area 0.0.0.0
no shutdown
interface Ethernet1/3
no switchport
mtu 9216
ip address 10.1.1.9/30
ip ospf network point-to-point
ip router ospf spine-1 area 0.0.0.0
no shutdown
interface loopback0
ip address 1.1.1.1/32
ip router ospf spine-1 area 0.0.0.0
interface loopback1
ip address 8.8.8.8/32
ip router ospf spine-1 area 0.0.0.0
Spine-2配置:
feature ospf
router ospf spine-2
router-id 2.2.2.2
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.13/30
ip ospf network point-to-point
ip router ospf spine-2 area 0.0.0.0
no shutdown
interface Ethernet1/2
no switchport
mtu 9216
ip address 10.1.1.17/30
ip ospf network point-to-point
ip router ospf spine-2 area 0.0.0.0
no shutdown
interface Ethernet1/3
no switchport
mtu 9216
ip address 10.1.1.21/30
ip ospf network point-to-point
ip router ospf spine-2 area 0.0.0.0
no shutdown
interface loopback0
ip address 2.2.2.2/32
ip router ospf spine-2 area 0.0.0.0
interface loopback1
ip address 8.8.8.8/32
ip router ospf spine-2 area 0.0.0.0
Leaf-1配置:
feature ospf
router ospf leaf-1
router-id 3.3.3.3
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.2/30
ip ospf network point-to-point
ip router ospf leaf-1 area 0.0.0.0
no shutdown
interface Ethernet1/2
no switchport
mtu 9216
ip address 10.1.1.14/30
ip ospf network point-to-point
ip router ospf leaf-1 area 0.0.0.0
no shutdown
interface loopback0
ip address 3.3.3.3/32
ip router ospf leaf-1 area 0.0.0.0
Leaf-2配置:
feature ospf
router ospf leaf-2
router-id 4.4.4.4
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.6/30
ip ospf network point-to-point
ip router ospf leaf-2 area 0.0.0.0
no shutdown
interface Ethernet1/2
no switchport
mtu 9216
ip address 10.1.1.18/30
ip ospf network point-to-point
ip router ospf leaf-2 area 0.0.0.0
no shutdown
interface loopback0
ip address 4.4.4.4/32
ip router ospf leaf-2 area 0.0.0.0
Leaf-3配置:
feature ospf
router ospf leaf-3
router-id 5.5.5.5
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.10/30
ip ospf network point-to-point
ip router ospf leaf-3 area 0.0.0.0
no shutdown
interface Ethernet1/2
no switchport
mtu 9216
ip address 10.1.1.22/30
ip ospf network point-to-point
ip router ospf leaf-3 area 0.0.0.0
no shutdown
interface loopback0
ip address 5.5.5.5/32
ip router ospf leaf-3 area 0.0.0.0
配置驗證:
查看Spine-1 OSPF路由表:
Spine-1# show ip route ospf
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
2.2.2.2/32, ubest/mbest: 3/0
*via 10.1.1.2, Eth1/1, [110/81], 3d03h, ospf-spine-1, intra
*via 10.1.1.6, Eth1/2, [110/81], 3d03h, ospf-spine-1, intra
*via 10.1.1.10, Eth1/3, [110/81], 3d03h, ospf-spine-1, intra
3.3.3.3/32, ubest/mbest: 1/0
*via 10.1.1.2, Eth1/1, [110/41], 3d22h, ospf-spine-1, intra
4.4.4.4/32, ubest/mbest: 1/0
*via 10.1.1.6, Eth1/2, [110/41], 3d22h, ospf-spine-1, intra
5.5.5.5/32, ubest/mbest: 1/0
*via 10.1.1.10, Eth1/3, [110/41], 3d03h, ospf-spine-1, intra
10.1.1.12/30, ubest/mbest: 1/0
*via 10.1.1.2, Eth1/1, [110/80], 3d22h, ospf-spine-1, intra
10.1.1.16/30, ubest/mbest: 1/0
*via 10.1.1.6, Eth1/2, [110/80], 3d22h, ospf-spine-1, intra
10.1.1.20/30, ubest/mbest: 1/0
*via 10.1.1.10, Eth1/3, [110/80], 3d03h, ospf-spine-1, intra
查看Spine-2 OSPF路由表:
Spine-2# show ip ro os
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
1.1.1.1/32, ubest/mbest: 3/0
*via 10.1.1.14, Eth1/1, [110/81], 3d03h, ospf-spine-2, intra
*via 10.1.1.18, Eth1/2, [110/81], 3d03h, ospf-spine-2, intra
*via 10.1.1.22, Eth1/3, [110/81], 3d03h, ospf-spine-2, intra
3.3.3.3/32, ubest/mbest: 1/0
*via 10.1.1.14, Eth1/1, [110/41], 3d22h, ospf-spine-2, intra
4.4.4.4/32, ubest/mbest: 1/0
*via 10.1.1.18, Eth1/2, [110/41], 3d22h, ospf-spine-2, intra
5.5.5.5/32, ubest/mbest: 1/0
*via 10.1.1.22, Eth1/3, [110/41], 3d03h, ospf-spine-2, intra
10.1.1.0/30, ubest/mbest: 1/0
*via 10.1.1.14, Eth1/1, [110/80], 3d22h, ospf-spine-2, intra
10.1.1.4/30, ubest/mbest: 1/0
*via 10.1.1.18, Eth1/2, [110/80], 3d22h, ospf-spine-2, intra
10.1.1.8/30, ubest/mbest: 1/0
*via 10.1.1.22, Eth1/3, [110/80], 3d03h, ospf-spine-2, intra
查看Leaf-1 OSPF路由表:
Leaf-1# show ip ro os
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
1.1.1.1/32, ubest/mbest: 1/0
*via 10.1.1.1, Eth1/1, [110/41], 3d22h, ospf-leaf-1, intra
2.2.2.2/32, ubest/mbest: 1/0
*via 10.1.1.13, Eth1/2, [110/41], 3d22h, ospf-leaf-1, intra
4.4.4.4/32, ubest/mbest: 2/0
*via 10.1.1.1, Eth1/1, [110/81], 3d22h, ospf-leaf-1, intra
*via 10.1.1.13, Eth1/2, [110/81], 3d22h, ospf-leaf-1, intra
5.5.5.5/32, ubest/mbest: 2/0
*via 10.1.1.1, Eth1/1, [110/81], 3d03h, ospf-leaf-1, intra
*via 10.1.1.13, Eth1/2, [110/81], 3d03h, ospf-leaf-1, intra
8.8.8.8/32, ubest/mbest: 2/0
*via 10.1.1.1, Eth1/1, [110/41], 3d22h, ospf-leaf-1, intra
*via 10.1.1.13, Eth1/2, [110/41], 3d22h, ospf-leaf-1, intra
10.1.1.4/30, ubest/mbest: 1/0
*via 10.1.1.1, Eth1/1, [110/80], 3d22h, ospf-leaf-1, intra
10.1.1.8/30, ubest/mbest: 1/0
*via 10.1.1.1, Eth1/1, [110/80], 3d22h, ospf-leaf-1, intra
10.1.1.16/30, ubest/mbest: 1/0
*via 10.1.1.13, Eth1/2, [110/80], 3d22h, ospf-leaf-1, intra
10.1.1.20/30, ubest/mbest: 1/0
*via 10.1.1.13, Eth1/2, [110/80], 3d22h, ospf-leaf-1, intra
查看Leaf-2 OSPF路由表:
Leaf-2# show ip ro os
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
1.1.1.1/32, ubest/mbest: 1/0
*via 10.1.1.5, Eth1/1, [110/41], 3d22h, ospf-leaf-2, intra
2.2.2.2/32, ubest/mbest: 1/0
*via 10.1.1.17, Eth1/2, [110/41], 3d22h, ospf-leaf-2, intra
3.3.3.3/32, ubest/mbest: 2/0
*via 10.1.1.5, Eth1/1, [110/81], 3d22h, ospf-leaf-2, intra
*via 10.1.1.17, Eth1/2, [110/81], 3d22h, ospf-leaf-2, intra
5.5.5.5/32, ubest/mbest: 2/0
*via 10.1.1.5, Eth1/1, [110/81], 3d03h, ospf-leaf-2, intra
*via 10.1.1.17, Eth1/2, [110/81], 3d03h, ospf-leaf-2, intra
8.8.8.8/32, ubest/mbest: 2/0
*via 10.1.1.5, Eth1/1, [110/41], 3d22h, ospf-leaf-2, intra
*via 10.1.1.17, Eth1/2, [110/41], 3d22h, ospf-leaf-2, intra
10.1.1.0/30, ubest/mbest: 1/0
*via 10.1.1.5, Eth1/1, [110/80], 3d22h, ospf-leaf-2, intra
10.1.1.8/30, ubest/mbest: 1/0
*via 10.1.1.5, Eth1/1, [110/80], 3d22h, ospf-leaf-2, intra
10.1.1.12/30, ubest/mbest: 1/0
*via 10.1.1.17, Eth1/2, [110/80], 3d22h, ospf-leaf-2, intra
10.1.1.20/30, ubest/mbest: 1/0
*via 10.1.1.17, Eth1/2, [110/80], 3d22h, ospf-leaf-2, intra
查看Leaf-3 OSPF路由表:
Leaf-3# sh ip ro os
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
1.1.1.1/32, ubest/mbest: 1/0
*via 10.1.1.9, Eth1/1, [110/41], 3d03h, ospf-leaf-3, intra
2.2.2.2/32, ubest/mbest: 1/0
*via 10.1.1.21, Eth1/2, [110/41], 3d03h, ospf-leaf-3, intra
3.3.3.3/32, ubest/mbest: 2/0
*via 10.1.1.9, Eth1/1, [110/81], 3d03h, ospf-leaf-3, intra
*via 10.1.1.21, Eth1/2, [110/81], 3d03h, ospf-leaf-3, intra
4.4.4.4/32, ubest/mbest: 2/0
*via 10.1.1.9, Eth1/1, [110/81], 3d03h, ospf-leaf-3, intra
*via 10.1.1.21, Eth1/2, [110/81], 3d03h, ospf-leaf-3, intra
8.8.8.8/32, ubest/mbest: 2/0
*via 10.1.1.9, Eth1/1, [110/41], 3d03h, ospf-leaf-3, intra
*via 10.1.1.21, Eth1/2, [110/41], 3d03h, ospf-leaf-3, intra
10.1.1.0/30, ubest/mbest: 1/0
*via 10.1.1.9, Eth1/1, [110/80], 3d03h, ospf-leaf-3, intra
10.1.1.4/30, ubest/mbest: 1/0
*via 10.1.1.9, Eth1/1, [110/80], 3d03h, ospf-leaf-3, intra
10.1.1.12/30, ubest/mbest: 1/0
*via 10.1.1.21, Eth1/2, [110/80], 3d03h, ospf-leaf-3, intra
10.1.1.16/30, ubest/mbest: 1/0
*via 10.1.1.21, Eth1/2, [110/80], 3d03h, ospf-leaf-3, intra
2.3.2 配置Underlay Multicast網(wǎng)絡(luò)
- 設(shè)備的互聯(lián)接口归苍、Loopback接口都啟用Multicast用狱;
- 啟用Anycast RP以實現(xiàn)RP的負(fù)載分擔(dān)和故障冗余,其中Spine-1和Spine-2作為PIM RP拼弃。
Spine-1配置:
feature pim
ip pim rp-address 8.8.8.8 group-list 239.0.0.0/24
ip pim anycast-rp 8.8.8.8 1.1.1.1
ip pim anycast-rp 8.8.8.8 2.2.2.2
interface loopback0
ip pim sparse-mode
interface loopback1
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
interface Ethernet1/2
ip pim sparse-mode
interface Ethernet1/3
ip pim sparse-mode
Spine-2配置:
feature pim
ip pim rp-address 8.8.8.8 group-list 239.0.0.0/24
ip pim anycast-rp 8.8.8.8 1.1.1.1
ip pim anycast-rp 8.8.8.8 2.2.2.2
interface loopback0
ip pim sparse-mode
interface loopback1
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
interface Ethernet1/2
ip pim sparse-mode
interface Ethernet1/3
ip pim sparse-mode
Leaf-1配置:
feature pim
ip pim rp-address 8.8.8.8 group-list 239.0.0.0/24
ip pim anycast-rp 8.8.8.8 1.1.1.1
ip pim anycast-rp 8.8.8.8 2.2.2.2
interface loopback0
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
interface Ethernet1/2
ip pim sparse-mode
Leaf-2配置:
feature pim
ip pim rp-address 8.8.8.8 group-list 239.0.0.0/24
ip pim anycast-rp 8.8.8.8 1.1.1.1
ip pim anycast-rp 8.8.8.8 2.2.2.2
interface loopback0
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
interface Ethernet1/2
ip pim sparse-mode
Leaf-3配置:
feature pim
ip pim rp-address 8.8.8.8 group-list 239.0.0.0/24
ip pim anycast-rp 8.8.8.8 1.1.1.1
ip pim anycast-rp 8.8.8.8 2.2.2.2
interface loopback0
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
interface Ethernet1/2
ip pim sparse-mode
配置驗證:
- 首先應(yīng)使用命令"show ip pim neighbor"檢查組播鄰居夏伊;
- 當(dāng)有BUM報文觸發(fā)組播流量后交換機上才會有完整組播路由表,以下組播路由表僅為參考吻氧。
查看Spine-1組播路由表:
Spine-1# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 3d22h, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(*, 239.0.0.1/32), uptime: 3d21h, pim ip
Incoming interface: loopback1, RPF nbr: 8.8.8.8
Outgoing interface list: (count: 3)
Ethernet1/3, uptime: 3d03h, pim
Ethernet1/2, uptime: 3d21h, pim
Ethernet1/1, uptime: 3d21h, pim
(3.3.3.3/32, 239.0.0.1/32), uptime: 3d21h, pim mrib ip
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.2, internal
Outgoing interface list: (count: 3)
Ethernet1/3, uptime: 3d03h, pim
Ethernet1/1, uptime: 3d21h, pim, (RPF)
Ethernet1/2, uptime: 3d21h, pim
(4.4.4.4/32, 239.0.0.1/32), uptime: 3d21h, pim mrib ip
Incoming interface: Ethernet1/2, RPF nbr: 10.1.1.6, internal
Outgoing interface list: (count: 3)
Ethernet1/3, uptime: 3d03h, pim
Ethernet1/2, uptime: 3d21h, pim, (RPF)
Ethernet1/1, uptime: 3d21h, pim
(5.5.5.5/32, 239.0.0.1/32), uptime: 3d03h, pim mrib ip
Incoming interface: Ethernet1/3, RPF nbr: 10.1.1.10, internal
Outgoing interface list: (count: 1)
Ethernet1/3, uptime: 00:23:47, pim, (RPF)
查看Spine-2組播路由表:
Spine-2# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 3d22h, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(3.3.3.3/32, 239.0.0.1/32), uptime: 3d21h, pim ip
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.14, internal
Outgoing interface list: (count: 0)
(4.4.4.4/32, 239.0.0.1/32), uptime: 3d21h, pim ip
Incoming interface: Ethernet1/2, RPF nbr: 10.1.1.18, internal
Outgoing interface list: (count: 0)
(5.5.5.5/32, 239.0.0.1/32), uptime: 3d03h, pim mrib ip
Incoming interface: Ethernet1/3, RPF nbr: 10.1.1.22, internal
Outgoing interface list: (count: 2)
Ethernet1/1, uptime: 00:01:01, pim
Ethernet1/2, uptime: 00:01:01, pim
查看Leaf-1組播路由表:
Leaf-1# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 3d22h, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(*, 239.0.0.1/32), uptime: 3d21h, nve ip pim
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.1
Outgoing interface list: (count: 1)
nve1, uptime: 3d21h, nve
(3.3.3.3/32, 239.0.0.1/32), uptime: 3d21h, nve mrib ip pim
Incoming interface: loopback0, RPF nbr: 3.3.3.3
Outgoing interface list: (count: 1)
Ethernet1/1, uptime: 3d21h, pim
(5.5.5.5/32, 239.0.0.1/32), uptime: 00:01:45, ip mrib pim
Incoming interface: Ethernet1/2, RPF nbr: 10.1.1.13
Outgoing interface list: (count: 1)
nve1, uptime: 00:01:45, mrib
查看Leaf-2組播路由表:
Leaf-2# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 3d22h, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(*, 239.0.0.1/32), uptime: 3d21h, nve ip pim
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.5
Outgoing interface list: (count: 1)
nve1, uptime: 3d21h, nve
(4.4.4.4/32, 239.0.0.1/32), uptime: 3d21h, nve mrib ip pim
Incoming interface: loopback0, RPF nbr: 4.4.4.4
Outgoing interface list: (count: 1)
Ethernet1/1, uptime: 3d21h, pim
(5.5.5.5/32, 239.0.0.1/32), uptime: 00:02:00, ip mrib pim
Incoming interface: Ethernet1/2, RPF nbr: 10.1.1.17
Outgoing interface list: (count: 1)
nve1, uptime: 00:02:00, mrib
查看Leaf-3組播路由表:
Leaf-3# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 3d03h, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(*, 239.0.0.1/32), uptime: 3d03h, nve ip pim
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.9
Outgoing interface list: (count: 1)
nve1, uptime: 3d03h, nve
(4.4.4.4/32, 239.0.0.1/32), uptime: 00:00:15, ip mrib pim
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.9
Outgoing interface list: (count: 1)
nve1, uptime: 00:00:15, mrib
(5.5.5.5/32, 239.0.0.1/32), uptime: 3d03h, nve mrib ip pim
Incoming interface: loopback0, RPF nbr: 5.5.5.5
Outgoing interface list: (count: 1)
Ethernet1/2, uptime: 00:03:21, pim
2.3.3 配置VxLAN
2.3.3.1 配置BGP
- 采用模板配置溺忧;
- 為減少對等體關(guān)系和配置,使Spine1和Spine2作為BGP RR盯孙。
Spine-1配置:
nv overlay evpn
feature nv overlay
feature bgp
router bgp 65234
router-id 1.1.1.1
log-neighbor-changes
template peer leaf
remote-as 65234
update-source loopback0
address-family l2vpn evpn
send-community extended
route-reflector-client
neighbor 3.3.3.3
inherit peer leaf
neighbor 4.4.4.4
inherit peer leaf
neighbor 5.5.5.5
inherit peer leaf
Spine-2配置:
nv overlay evpn
feature nv overlay
feature bgp
router bgp 65234
router-id 2.2.2.2
log-neighbor-changes
template peer leaf
remote-as 65234
update-source loopback0
address-family l2vpn evpn
send-community extended
route-reflector-client
neighbor 3.3.3.3
inherit peer leaf
neighbor 4.4.4.4
inherit peer leaf
neighbor 5.5.5.5
inherit peer leaf
Leaf-1配置:
nv overlay evpn
feature nv overlay
feature bgp
router bgp 65234
router-id 3.3.3.3
log-neighbor-changes
template peer spine
remote-as 65234
update-source loopback0
address-family l2vpn evpn
send-community extended
neighbor 1.1.1.1
inherit peer spine
neighbor 2.2.2.2
inherit peer spine
Leaf-2配置:
nv overlay evpn
feature nv overlay
feature bgp
router bgp 65234
router-id 4.4.4.4
log-neighbor-changes
template peer spine
remote-as 65234
update-source loopback0
address-family l2vpn evpn
send-community extended
neighbor 1.1.1.1
inherit peer spine
neighbor 2.2.2.2
inherit peer spine
Leaf-3配置:
nv overlay evpn
feature nv overlay
feature bgp
router bgp 65234
router-id 5.5.5.5
log-neighbor-changes
template peer spine
remote-as 65234
update-source loopback0
address-family l2vpn evpn
send-community extended
neighbor 1.1.1.1
inherit peer spine
neighbor 2.2.2.2
inherit peer spine
驗證配置:
查看Spine-1的EVPN鄰居:
Spine-1# show bgp l2vpn evpn summary
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 1.1.1.1, local AS number 65234
BGP table version is 39, L2VPN EVPN config peers 3, capable peers 3
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
3.3.3.3 4 65234 5672 5680 39 0 0 3d22h 0
4.4.4.4 4 65234 5678 5681 39 0 0 3d22h 0
5.5.5.5 4 65234 5641 5652 39 0 0 3d03h 0
查看Spine-2的EVPN鄰居:
Spine-2# show bgp l2vpn evpn summary
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 2.2.2.2, local AS number 65234
BGP table version is 39, L2VPN EVPN config peers 3, capable peers 3
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
3.3.3.3 4 65234 5672 5680 39 0 0 3d22h 0
4.4.4.4 4 65234 5678 5680 39 0 0 3d22h 0
5.5.5.5 4 65234 5642 5651 39 0 0 3d03h 0
查看Leaf-1的EVPN鄰居:
Leaf-1# show bgp l2vpn evpn summary
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 3.3.3.3, local AS number 65234
BGP table version is 76, L2VPN EVPN config peers 2, capable peers 2
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 65234 5684 5669 76 0 0 3d22h 0
2.2.2.2 4 65234 5685 5669 76 0 0 3d22h 0
查看Leaf-2的EVPN鄰居:
Leaf-2# show bgp l2vpn evpn summary
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 4.4.4.4, local AS number 65234
BGP table version is 61, L2VPN EVPN config peers 2, capable peers 2
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 65234 5682 5672 61 0 0 3d22h 0
2.2.2.2 4 65234 5682 5672 61 0 0 3d22h 0
查看Leaf-3的EVPN鄰居:
Leaf-3# show bgp l2vpn evpn summary
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 5.5.5.5, local AS number 65234
BGP table version is 55, L2VPN EVPN config peers 2, capable peers 2
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 65234 4566 4558 55 0 0 3d03h 0
2.2.2.2 4 65234 4566 4558 55 0 0 3d03h 0
2.3.3.2 配置VNI和EVPN參數(shù)
Leaf-1配置:
feature vn-segment-vlan-based
vlan 10
vn-segment 10010
evpn
vni 10010 l2
rd auto
route-target import auto
route-target export auto
Leaf-2配置:
feature vn-segment-vlan-based
vlan 10
vn-segment 10010
evpn
vni 10010 l2
rd auto
route-target import auto
route-target export auto
Leaf-3配置:
feature vn-segment-vlan-based
vlan 10
vn-segment 10010
evpn
vni 10010 l2
rd auto
route-target import auto
route-target export auto
2.3.3.3 配置NVE接口
Leaf-1配置:
interface nve1
no shutdown
host-reachability protocol bgp
source-interface loopback0
member vni 10010
mcast-group 239.0.0.1
Leaf-2配置:
interface nve1
no shutdown
host-reachability protocol bgp
source-interface loopback0
member vni 10010
mcast-group 239.0.0.1
Leaf-3配置:
interface nve1
no shutdown
host-reachability protocol bgp
source-interface loopback0
member vni 10010
mcast-group 239.0.0.1
2.3.4 配置交換機二層口
Leaf-1配置:
interface Ethernet1/3
switchport access vlan 10
spanning-tree port type edge
Leaf-2配置:
interface Ethernet1/3
switchport access vlan 10
spanning-tree port type edge
interface Ethernet1/4
switchport access vlan 10
spanning-tree port type edge
Leaf-3配置:
interface Ethernet1/3
switchport access vlan 10
spanning-tree port type edge
interface Ethernet1/4
switchport access vlan 10
spanning-tree port type edge
2.4 實驗驗證
2.4.1 檢查PC的IP地址
PC1配置:
PC1> show ip
NAME : PC1[1]
IP/MASK : 172.16.1.1/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:06
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU : 1500
PC2配置:
PC2> show ip
NAME : PC2[1]
IP/MASK : 172.16.1.2/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:07
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU : 1500
PC3配置:
PC3> show ip
NAME : PC3[1]
IP/MASK : 172.16.1.3/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:08
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU : 1500
PC4配置:
PC4> show ip
NAME : PC4[1]
IP/MASK : 172.16.1.4/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:09
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU : 1500
PC5配置:
PC5> show ip
NAME : PC5[1]
IP/MASK : 172.16.1.5/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:0a
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU : 1500
2.4.2 檢查NVE鄰居
Leaf-1 NVE鄰居:
Leaf-1# show nve peers
Interface Peer-IP State LearnType Uptime Router-Mac
--------- --------------- ----- --------- -------- -----------------
nve1 4.4.4.4 Up CP 00:04:59 n/a
nve1 5.5.5.5 Up CP 00:05:00 n/a
Leaf-2 NVE鄰居:
Leaf-2# show nve peers
Interface Peer-IP State LearnType Uptime Router-Mac
--------- --------------- ----- --------- -------- -----------------
nve1 3.3.3.3 Up CP 00:04:42 n/a
nve1 5.5.5.5 Up CP 00:05:08 n/a
Leaf-3 NVE鄰居:
Leaf-3# show nve peers
Interface Peer-IP State LearnType Uptime Router-Mac
--------- --------------- ----- --------- -------- -----------------
nve1 3.3.3.3 Up CP 00:04:45 n/a
nve1 4.4.4.4 Up CP 00:05:09 n/a
2.4.3 檢查EVPN路由更新
Spine-1 EVPN路由更新:
Spine-1# show bgp l2vpn evpn
BGP routing table information for VRF default, address family L2VPN EVPN
BGP table version is 54, Local Router ID is 1.1.1.1
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-i
njected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 3.3.3.3:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 0 i
Route Distinguisher: 4.4.4.4:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
Route Distinguisher: 5.5.5.5:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
Spine-2 EVPN路由更新:
Spine-2# show bgp l2vpn evpn
BGP routing table information for VRF default, address family L2VPN EVPN
BGP table version is 54, Local Router ID is 2.2.2.2
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-i
njected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 3.3.3.3:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 0 i
Route Distinguisher: 4.4.4.4:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
Route Distinguisher: 5.5.5.5:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
Leaf-1 EVPN路由更新:
Leaf-1# show bgp l2vpn evpn
BGP routing table information for VRF default, address family L2VPN EVPN
BGP table version is 120, Local Router ID is 3.3.3.3
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-i
njected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 3.3.3.3:32777 (L2VNI 10010)
*>l[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 32768 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
Route Distinguisher: 4.4.4.4:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
* i 4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
* i 4.4.4.4 100 0 i
Route Distinguisher: 5.5.5.5:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
* i 5.5.5.5 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
* i 5.5.5.5 100 0 i
Leaf-2 EVPN路由更新:
Leaf-2# show bgp l2vpn evpn
BGP routing table information for VRF default, address family L2VPN EVPN
BGP table version is 102, Local Router ID is 4.4.4.4
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-i
njected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 3.3.3.3:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 0 i
* i 3.3.3.3 100 0 i
Route Distinguisher: 4.4.4.4:32777 (L2VNI 10010)
*>i[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 0 i
*>l[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 32768 i
*>l[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 32768 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
Route Distinguisher: 5.5.5.5:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
* i 5.5.5.5 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 0 i
* i 5.5.5.5 100 0 i
Leaf-3 EVPN路由更新:
Leaf-3# show bgp l2vpn evpn
BGP routing table information for VRF default, address family L2VPN EVPN
BGP table version is 92, Local Router ID is 5.5.5.5
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-injected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 3.3.3.3:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 0 i
* i 3.3.3.3 100 0 i
Route Distinguisher: 4.4.4.4:32777
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
* i 4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
* i 4.4.4.4 100 0 i
Route Distinguisher: 5.5.5.5:32777 (L2VNI 10010)
*>i[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
3.3.3.3 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
4.4.4.4 100 0 i
*>l[2]:[0]:[0]:[48]:[0050.7966.6809]:[0]:[0.0.0.0]/216
5.5.5.5 100 32768 i
*>l[2]:[0]:[0]:[48]:[0050.7966.680a]:[0]:[0.0.0.0]/216
5.5.5.5 100 32768 i
2.4.4 檢查VxLAN MAC地址表
Leaf-1 MAC地址表:
Leaf-1# show l2route evpn mac all
Flags -(Rmac):Router MAC (Stt):Static (L):Local (R):Remote (V):vPC link
(Dup):Duplicate (Spl):Split (Rcv):Recv (AD):Auto-Delete (D):Del Pending
(S):Stale (C):Clear, (Ps):Peer Sync (O):Re-Originated (Nho):NH-Override
(Pf):Permanently-Frozen
Topology Mac Address Prod Flags Seq No Next-Hops
----------- -------------- ------ ------------- ---------- ----------------
10 0050.7966.6806 Local L, 0 Eth1/3
10 0050.7966.6807 BGP Rcv 0 4.4.4.4
10 0050.7966.6808 BGP Rcv 0 4.4.4.4
10 0050.7966.6809 BGP Rcv 0 5.5.5.5
10 0050.7966.680a BGP Rcv 0 5.5.5.5
Leaf-2 MAC地址表:
Leaf-2# show l2route evpn mac all
Flags -(Rmac):Router MAC (Stt):Static (L):Local (R):Remote (V):vPC link
(Dup):Duplicate (Spl):Split (Rcv):Recv (AD):Auto-Delete (D):Del Pending
(S):Stale (C):Clear, (Ps):Peer Sync (O):Re-Originated (Nho):NH-Override
(Pf):Permanently-Frozen
Topology Mac Address Prod Flags Seq No Next-Hops
----------- -------------- ------ ------------- ---------- ----------------
10 0050.7966.6806 BGP Rcv 0 3.3.3.3
10 0050.7966.6807 Local L, 0 Eth1/3
10 0050.7966.6808 Local L, 0 Eth1/4
10 0050.7966.6809 BGP Rcv 0 5.5.5.5
10 0050.7966.680a BGP Rcv 0 5.5.5.5
Leaf-3 MAC地址表:
Leaf-3# show l2route evpn mac all
Flags -(Rmac):Router MAC (Stt):Static (L):Local (R):Remote (V):vPC link
(Dup):Duplicate (Spl):Split (Rcv):Recv (AD):Auto-Delete (D):Del Pending
(S):Stale (C):Clear, (Ps):Peer Sync (O):Re-Originated (Nho):NH-Override
(Pf):Permanently-Frozen
Topology Mac Address Prod Flags Seq No Next-Hops
----------- -------------- ------ ------------- ---------- ----------------
10 0050.7966.6806 BGP Rcv 0 3.3.3.3
10 0050.7966.6807 BGP Rcv 0 4.4.4.4
10 0050.7966.6808 BGP Rcv 0 4.4.4.4
10 0050.7966.6809 Local L, 0 Eth1/3
10 0050.7966.680a Local L, 0 Eth1/4
2.4.5 連通性測試
PC1 ping PC2:
PC1> ping 172.16.1.2
84 bytes from 172.16.1.2 icmp_seq=1 ttl=64 time=48.618 ms
84 bytes from 172.16.1.2 icmp_seq=2 ttl=64 time=55.736 ms
84 bytes from 172.16.1.2 icmp_seq=3 ttl=64 time=91.299 ms
84 bytes from 172.16.1.2 icmp_seq=4 ttl=64 time=52.918 ms
84 bytes from 172.16.1.2 icmp_seq=5 ttl=64 time=48.679 ms
PC1 ping PC5:
PC1> ping 172.16.1.5
84 bytes from 172.16.1.5 icmp_seq=1 ttl=64 time=48.966 ms
84 bytes from 172.16.1.5 icmp_seq=2 ttl=64 time=53.595 ms
84 bytes from 172.16.1.5 icmp_seq=3 ttl=64 time=67.209 ms
84 bytes from 172.16.1.5 icmp_seq=4 ttl=64 time=46.989 ms
84 bytes from 172.16.1.5 icmp_seq=5 ttl=64 time=46.732 ms
PC3 ping PC4:
PC3> ping 172.16.1.4
84 bytes from 172.16.1.4 icmp_seq=1 ttl=64 time=103.051 ms
84 bytes from 172.16.1.4 icmp_seq=2 ttl=64 time=51.846 ms
84 bytes from 172.16.1.4 icmp_seq=3 ttl=64 time=54.164 ms
84 bytes from 172.16.1.4 icmp_seq=4 ttl=64 time=54.259 ms
84 bytes from 172.16.1.4 icmp_seq=5 ttl=64 time=63.683 ms
三鲁森、配置分布式網(wǎng)關(guān)
- 目標(biāo):實現(xiàn)同一租戶下的不同VxLAN互通;
- 參考VxLAN最佳實踐振惰,本實驗采用對稱式IRB歌溉。
3.1 配置TCAM
- 需配置"hardware access-list tcam region arp-ether size double-wide"命令以保障正常的L3泛洪學(xué)習(xí)和ARP抑制,在使用此命令之前骑晶,必須先釋放現(xiàn)有TCAM區(qū)域的部分占用空間痛垛;
- 通過"show hardware access-list tcam region"命令查看當(dāng)前TCAM的分配情況;
- 舉例:通過"hardware access-list tcam region racl 512"命令釋放部分"racl"占用的TCAM空間桶蛔;
- 舉例:通過"hardware access-list tcam region arp-ether 256 double-wide"命令為"arp-ether"分配TCAM空間匙头;
- 以上4條在Nexus 9000v下需特別注意,配置完畢后保存并重啟設(shè)備生效仔雷。
3.2 修改PC1蹂析、PC2和PC4的IP地址并配置網(wǎng)關(guān),為PC3和PC5配置網(wǎng)關(guān)
修改PC1的IP地址和網(wǎng)關(guān):
PC1> ip 172.16.2.1/24 172.16.2.254
Checking for duplicate address...
PC1 : 172.16.2.1 255.255.255.0 gateway 172.16.2.254
修改PC2的IP地址和網(wǎng)關(guān):
PC2> ip 172.16.2.2/24 172.16.2.254
Checking for duplicate address...
PC1 : 172.16.2.2 255.255.255.0 gateway 172.16.2.254
修改PC4的IP地址和網(wǎng)關(guān):
PC4> ip 172.16.2.4/24 172.16.2.254
Checking for duplicate address...
PC1 : 172.16.2.4 255.255.255.0 gateway 172.16.2.254
配置PC3的網(wǎng)關(guān):
PC3> ip 172.16.1.3/24 172.16.1.254
Checking for duplicate address...
PC1 : 172.16.1.3 255.255.255.0 gateway 172.16.1.254
配置PC5的網(wǎng)關(guān):
PC5> ip 172.16.1.5/24 172.16.1.254
Checking for duplicate address...
PC1 : 172.16.1.5 255.255.255.0 gateway 172.16.1.254
3.3 修改Leaf交換機二層配置
- Leaf交換機新建VLAN 20碟婆,關(guān)聯(lián)VNI 10020电抚;
- 將PC1、PC2和PC4劃分到VLAN 20脑融。
Leaf-1新建VLAN并關(guān)聯(lián)VNI喻频,端口劃分VLAN:
vlan 20
vn-segment 10020
interface Ethernet1/3
switchport access vlan 20
spanning-tree port type edge
Leaf-2新建VLAN并關(guān)聯(lián)VNI缩宜,端口劃分VLAN:
vlan 20
vn-segment 10020
interface Ethernet1/3
switchport access vlan 20
spanning-tree port type edge
Leaf-3新建VLAN并關(guān)聯(lián)VNI肘迎,端口劃分VLAN:
vlan 20
vn-segment 10020
interface Ethernet1/3
switchport access vlan 20
spanning-tree port type edge
3.4 配置EVPN
Leaf-1配置EVPN:
evpn
vni 10020 l2
rd auto
route-target import auto
route-target export auto
Leaf-2配置EVPN:
evpn
vni 10020 l2
rd auto
route-target import auto
route-target export auto
Leaf-3配置EVPN:
evpn
vni 10020 l2
rd auto
route-target import auto
route-target export auto
3.5 配置NVE接口
Leaf-1配置NVE接口:
interface nve1
member vni 10020
mcast-group 239.0.0.2
member vni 13960 associate-vrf
Leaf-2配置NVE接口:
interface nve1
member vni 10020
mcast-group 239.0.0.2
member vni 13960 associate-vrf
Leaf-3配置NVE接口:
interface nve1
member vni 10020
mcast-group 239.0.0.2
member vni 13960 associate-vrf
3.6 配置L3 VNI和VRF
- 本實驗采用對稱式IRB甥温,所以需配置L3 VNI。
Leaf-1配置L3 VNI和VRF:
vlan 3960
name Tenant-A
vn-segment 13960
vrf context Tenant-A
vni 13960
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
Leaf-2配置L3 VNI和VRF:
vlan 3960
name Tenant-A
vn-segment 13960
vrf context Tenant-A
vni 13960
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
Leaf-3配置L3 VNI和VRF:
vlan 3960
name Tenant-A
vn-segment 13960
vrf context Tenant-A
vni 13960
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
3.7 配置BGP
Leaf-1配置BGP:
router bgp 65234
vrf Tenant-A
address-family ipv4 unicast
advertise l2vpn evpn
Leaf-2配置BGP:
router bgp 65234
vrf Tenant-A
address-family ipv4 unicast
advertise l2vpn evpn
Leaf-3配置BGP:
router bgp 65234
vrf Tenant-A
address-family ipv4 unicast
advertise l2vpn evpn
3.8 配置分布式任播網(wǎng)關(guān)
Leaf-1配置分布式任播網(wǎng)關(guān):
feature fabric forwarding
feature interface-vlan
fabric forwarding anycast-gateway-mac 1234.1234.1234
interface Vlan10
no shutdown
vrf member Tenant-A
ip address 172.16.1.254/24
fabric forwarding mode anycast-gateway
interface Vlan20
no shutdown
vrf member Tenant-A
ip address 172.16.2.254/24
fabric forwarding mode anycast-gateway
interface Vlan3960
no shutdown
vrf member Tenant-A
ip forward
Leaf-2配置分布式任播網(wǎng)關(guān):
feature fabric forwarding
feature interface-vlan
fabric forwarding anycast-gateway-mac 1234.1234.1234
interface Vlan10
no shutdown
vrf member Tenant-A
ip address 172.16.1.254/24
fabric forwarding mode anycast-gateway
interface Vlan20
no shutdown
vrf member Tenant-A
ip address 172.16.2.254/24
fabric forwarding mode anycast-gateway
interface Vlan3960
no shutdown
vrf member Tenant-A
ip forward
Leaf-3配置分布式任播網(wǎng)關(guān):
feature fabric forwarding
feature interface-vlan
fabric forwarding anycast-gateway-mac 1234.1234.1234
interface Vlan10
no shutdown
vrf member Tenant-A
ip address 172.16.1.254/24
fabric forwarding mode anycast-gateway
interface Vlan20
no shutdown
vrf member Tenant-A
ip address 172.16.2.254/24
fabric forwarding mode anycast-gateway
interface Vlan3960
no shutdown
vrf member Tenant-A
ip forward
3.9 連通性測試:
PC1 ping PC2妓布、PC4:
PC1> ping 172.16.2.2
84 bytes from 172.16.2.2 icmp_seq=1 ttl=64 time=66.320 ms
84 bytes from 172.16.2.2 icmp_seq=2 ttl=64 time=49.473 ms
84 bytes from 172.16.2.2 icmp_seq=3 ttl=64 time=55.172 ms
84 bytes from 172.16.2.2 icmp_seq=4 ttl=64 time=53.971 ms
84 bytes from 172.16.2.2 icmp_seq=5 ttl=64 time=52.276 ms
PC1> ping 172.16.2.4
84 bytes from 172.16.2.4 icmp_seq=1 ttl=64 time=70.551 ms
84 bytes from 172.16.2.4 icmp_seq=2 ttl=64 time=52.330 ms
84 bytes from 172.16.2.4 icmp_seq=3 ttl=64 time=49.531 ms
84 bytes from 172.16.2.4 icmp_seq=4 ttl=64 time=55.817 ms
84 bytes from 172.16.2.4 icmp_seq=5 ttl=64 time=52.250 ms
PC1 ping PC3姻蚓、PC5:
PC1> ping 172.16.1.3
84 bytes from 172.16.1.3 icmp_seq=1 ttl=62 time=68.208 ms
84 bytes from 172.16.1.3 icmp_seq=2 ttl=62 time=64.920 ms
84 bytes from 172.16.1.3 icmp_seq=3 ttl=62 time=62.098 ms
84 bytes from 172.16.1.3 icmp_seq=4 ttl=62 time=62.976 ms
84 bytes from 172.16.1.3 icmp_seq=5 ttl=62 time=60.253 ms
PC1> ping 172.16.1.5
84 bytes from 172.16.1.5 icmp_seq=1 ttl=62 time=66.806 ms
84 bytes from 172.16.1.5 icmp_seq=2 ttl=62 time=88.333 ms
84 bytes from 172.16.1.5 icmp_seq=3 ttl=62 time=35.784 ms
84 bytes from 172.16.1.5 icmp_seq=4 ttl=62 time=71.802 ms
84 bytes from 172.16.1.5 icmp_seq=5 ttl=62 time=66.987 ms
PC4 ping PC5:
PC4> ping 172.16.1.5
84 bytes from 172.16.1.5 icmp_seq=1 ttl=63 time=25.716 ms
84 bytes from 172.16.1.5 icmp_seq=2 ttl=63 time=61.432 ms
84 bytes from 172.16.1.5 icmp_seq=3 ttl=63 time=25.860 ms
84 bytes from 172.16.1.5 icmp_seq=4 ttl=63 time=29.939 ms
84 bytes from 172.16.1.5 icmp_seq=5 ttl=63 time=31.076 ms
以上基于BGP EVPN實現(xiàn)Cisco VxLAN實驗 & 分布式任播網(wǎng)關(guān)配置完畢,BGP EVPN控制層面具體操作將在下篇分解。
