一缺前、說(shuō)明
- 與上一篇"1 實(shí)驗(yàn)1:基于靜態(tài)Ingress Replication實(shí)現(xiàn)Cisco VxLAN & 集中式網(wǎng)關(guān)"相同押框,基于Multicast實(shí)現(xiàn)VxLAN也是流量驅(qū)動(dòng)式的MAC地址泛洪學(xué)習(xí)和VTEP鄰居建立,沒(méi)有控制層面;
- 與基于Static Ingress Replication實(shí)現(xiàn)VxLAN不同,基于Multicast實(shí)現(xiàn)VxLAN無(wú)需手動(dòng)為每個(gè)VNI配置peer;
- 當(dāng)有流量觸發(fā)即數(shù)據(jù)驅(qū)動(dòng)時(shí)垮庐,VTEP之間的隧道才會(huì)自動(dòng)建立;
- 與利用Static Ingress Replication實(shí)現(xiàn)BUM(廣播坞琴、未知單播哨查、組播)流量轉(zhuǎn)發(fā)不同,基于Multicast實(shí)現(xiàn)BUM流量的轉(zhuǎn)發(fā)可有效節(jié)省VTEP上行鏈路的帶寬(具體參考組播網(wǎng)絡(luò)特性)剧辐。
二寒亥、基于Multicast實(shí)現(xiàn)的VxLAN實(shí)驗(yàn)
2.1 實(shí)驗(yàn)環(huán)境
| 工具 | 版本 | 備注 |
|---|---|---|
| EVE-NG | 2.0.3-105 | 模擬器 |
| Cisco Nexus 9000v | 7.0.3.I7.8 | 支持VxLAN的交換機(jī),拓?fù)渲械腘9K1荧关、N9K-2溉奕、N9K-3和N9K-4 |
| Wireshark | 3.2.2 | 抓包軟件 |
2.2 實(shí)驗(yàn)拓?fù)?/h2>
![]()
image.png
- N9K1、N9K-2忍啤、N9K-3和N9K-4運(yùn)行OSPF協(xié)議加勤;
- N9K1、N9K-2同波、N9K-3和N9K-4運(yùn)行PIM Sparse Mode鳄梅,其中PIM RP為1.1.1.1;
- 實(shí)現(xiàn)PC1未檩、PC2和PC3能互通戴尸。
2.3 實(shí)驗(yàn)配置
2.3.1 配置Underlay三層網(wǎng)絡(luò)
- 設(shè)備的互聯(lián)接口、Loopback接口都通告進(jìn)OSPF Area 0冤狡。
image.png
N9K-1配置:
feature ospf
router ospf n9k-1
router-id 1.1.1.1
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.1/30
ip ospf network point-to-point
ip router ospf n9k-1 area 0.0.0.0
no shutdown
interface Ethernet1/2
no switchport
mtu 9216
ip address 10.1.1.5/30
ip ospf network point-to-point
ip router ospf n9k-1 area 0.0.0.0
no shutdown
interface Ethernet1/3
no switchport
mtu 9216
ip address 10.1.1.9/30
ip ospf network point-to-point
ip router ospf n9k-1 area 0.0.0.0
no shutdown
interface loopback0
ip address 1.1.1.1/32
ip router ospf n9k-1 area 0.0.0.0
N9K-2配置:
vlan 10
feature ospf
router ospf n9k-2
router-id 2.2.2.2
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.2/30
ip ospf network point-to-point
ip router ospf n9k-2 area 0.0.0.0
no shutdown
interface loopback0
ip address 2.2.2.2/32
ip router ospf n9k-2 area 0.0.0.0
interface Ethernet1/2
switchport access vlan 10
spanning-tree port type edge
N9K-3配置:
vlan 10
feature ospf
router ospf n9k-3
router-id 3.3.3.3
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.6/30
ip ospf network point-to-point
ip router ospf n9k-3 area 0.0.0.0
no shutdown
interface loopback0
ip address 3.3.3.3/32
ip router ospf n9k-3 area 0.0.0.0
interface Ethernet1/2
switchport access vlan 10
spanning-tree port type edge
N9K-4配置:
vlan 10
feature ospf
router ospf n9k-4
router-id 4.4.4.4
interface Ethernet1/1
no switchport
mtu 9216
ip address 10.1.1.10/30
ip ospf network point-to-point
ip router ospf n9k-4 area 0.0.0.0
no shutdown
interface loopback0
ip address 4.4.4.4/32
ip router ospf n9k-4 area 0.0.0.0
interface Ethernet1/2
switchport access vlan 10
spanning-tree port type edge
配置驗(yàn)證:
查看N9K-1 OSPF路由表:
N9K-1# show ip route ospf
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
2.2.2.2/32, ubest/mbest: 1/0
*via 10.1.1.2, Eth1/1, [110/41], 2d10h, ospf-n9k-1, intra
3.3.3.3/32, ubest/mbest: 1/0
*via 10.1.1.6, Eth1/2, [110/41], 2d10h, ospf-n9k-1, intra
4.4.4.4/32, ubest/mbest: 1/0
*via 10.1.1.10, Eth1/3, [110/41], 2d10h, ospf-n9k-1, intra
查看N9K-2 OSPF路由表:
N9K-2# show ip route ospf
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
1.1.1.1/32, ubest/mbest: 1/0
*via 10.1.1.1, Eth1/1, [110/41], 2d10h, ospf-n9k-2, intra
3.3.3.3/32, ubest/mbest: 1/0
*via 10.1.1.1, Eth1/1, [110/81], 2d10h, ospf-n9k-2, intra
4.4.4.4/32, ubest/mbest: 1/0
*via 10.1.1.1, Eth1/1, [110/81], 2d10h, ospf-n9k-2, intra
10.1.1.4/30, ubest/mbest: 1/0
*via 10.1.1.1, Eth1/1, [110/80], 2d10h, ospf-n9k-2, intra
10.1.1.8/30, ubest/mbest: 1/0
*via 10.1.1.1, Eth1/1, [110/80], 2d10h, ospf-n9k-2, intra
查看N9K-3 OSPF路由表:
N9K-3# show ip route ospf
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
1.1.1.1/32, ubest/mbest: 1/0
*via 10.1.1.5, Eth1/1, [110/41], 2d10h, ospf-n9k-3, intra
2.2.2.2/32, ubest/mbest: 1/0
*via 10.1.1.5, Eth1/1, [110/81], 2d10h, ospf-n9k-3, intra
4.4.4.4/32, ubest/mbest: 1/0
*via 10.1.1.5, Eth1/1, [110/81], 2d10h, ospf-n9k-3, intra
10.1.1.0/30, ubest/mbest: 1/0
*via 10.1.1.5, Eth1/1, [110/80], 2d10h, ospf-n9k-3, intra
10.1.1.8/30, ubest/mbest: 1/0
*via 10.1.1.5, Eth1/1, [110/80], 2d10h, ospf-n9k-3, intra
查看N9K-4 OSPF路由表:
N9K-4# show ip route ospf
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
1.1.1.1/32, ubest/mbest: 1/0
*via 10.1.1.9, Eth1/1, [110/41], 2d10h, ospf-n9k-4, intra
2.2.2.2/32, ubest/mbest: 1/0
*via 10.1.1.9, Eth1/1, [110/81], 2d10h, ospf-n9k-4, intra
3.3.3.3/32, ubest/mbest: 1/0
*via 10.1.1.9, Eth1/1, [110/81], 2d10h, ospf-n9k-4, intra
10.1.1.0/30, ubest/mbest: 1/0
*via 10.1.1.9, Eth1/1, [110/80], 2d10h, ospf-n9k-4, intra
10.1.1.4/30, ubest/mbest: 1/0
*via 10.1.1.9, Eth1/1, [110/80], 2d10h, ospf-n9k-4, intra
2.3.2 配置Underlay Multicast網(wǎng)絡(luò)
- 設(shè)備的互聯(lián)接口校赤、Loopback接口都啟用Multicast。
N9K-1配置:
feature pim
ip pim rp-address 1.1.1.1 group-list 239.0.0.0/24
interface loopback0
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
interface Ethernet1/2
ip pim sparse-mode
interface Ethernet1/3
ip pim sparse-mode
N9K-2配置:
feature pim
ip pim rp-address 1.1.1.1 group-list 239.0.0.0/24
interface loopback0
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
N9K-3配置:
feature pim
ip pim rp-address 1.1.1.1 group-list 239.0.0.0/24
interface loopback0
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
N9K-4配置:
feature pim
ip pim rp-address 1.1.1.1 group-list 239.0.0.0/24
interface loopback0
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
配置驗(yàn)證:
- 首先應(yīng)使用命令"show ip pim neighbor"檢查組播鄰居筒溃;
- 當(dāng)有BUM報(bào)文觸發(fā)組播流量后才會(huì)有完整組播路由表,以下組播路由表為參考沾乘。
查看N9K-1 Multicast路由表:
N9K-1# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 06:25:14, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(*, 239.0.0.1/32), uptime: 06:11:39, pim ip
Incoming interface: loopback0, RPF nbr: 1.1.1.1
Outgoing interface list: (count: 3)
Ethernet1/1, uptime: 00:00:49, pim
Ethernet1/2, uptime: 00:00:55, pim
Ethernet1/3, uptime: 00:01:02, pim
(2.2.2.2/32, 239.0.0.1/32), uptime: 06:11:18, pim mrib ip
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.2, internal
Outgoing interface list: (count: 3)
Ethernet1/1, uptime: 00:00:49, pim, (RPF)
Ethernet1/2, uptime: 00:00:55, pim
Ethernet1/3, uptime: 00:01:02, pim
(3.3.3.3/32, 239.0.0.1/32), uptime: 06:11:06, pim mrib ip
Incoming interface: Ethernet1/2, RPF nbr: 10.1.1.6, internal
Outgoing interface list: (count: 3)
Ethernet1/1, uptime: 00:00:49, pim
Ethernet1/2, uptime: 00:00:55, pim, (RPF)
Ethernet1/3, uptime: 00:01:02, pim
(4.4.4.4/32, 239.0.0.1/32), uptime: 06:10:58, pim mrib ip
Incoming interface: Ethernet1/3, RPF nbr: 10.1.1.10, internal
Outgoing interface list: (count: 3)
Ethernet1/3, uptime: 00:00:39, pim, (RPF)
Ethernet1/1, uptime: 00:00:49, pim
Ethernet1/2, uptime: 00:00:55, pim
查看N9K-2 Multicast路由表:
N9K-2# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 06:26:48, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(*, 239.0.0.1/32), uptime: 06:13:07, ip pim nve
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.1
Outgoing interface list: (count: 1)
nve1, uptime: 00:02:16, nve
(2.2.2.2/32, 239.0.0.1/32), uptime: 06:13:07, mrib ip pim nve
Incoming interface: loopback0, RPF nbr: 2.2.2.2
Outgoing interface list: (count: 1)
Ethernet1/1, uptime: 00:02:29, pim
查看N9K-3 Multicast路由表:
N9K-3# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 06:26:50, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(*, 239.0.0.1/32), uptime: 06:13:15, ip pim nve
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.5
Outgoing interface list: (count: 1)
nve1, uptime: 00:02:36, nve
(3.3.3.3/32, 239.0.0.1/32), uptime: 06:13:15, mrib ip pim nve
Incoming interface: loopback0, RPF nbr: 3.3.3.3
Outgoing interface list: (count: 1)
Ethernet1/1, uptime: 00:02:43, pim
查看N9K-4 Multicast路由表:
N9K-4# show ip mroute
IP Multicast Routing Table for VRF "default"
(*, 232.0.0.0/8), uptime: 06:27:20, pim ip
Incoming interface: Null, RPF nbr: 0.0.0.0
Outgoing interface list: (count: 0)
(*, 239.0.0.1/32), uptime: 06:13:47, ip pim nve
Incoming interface: Ethernet1/1, RPF nbr: 10.1.1.9
Outgoing interface list: (count: 1)
nve1, uptime: 00:03:21, nve
(4.4.4.4/32, 239.0.0.1/32), uptime: 06:13:47, mrib ip pim nve
Incoming interface: loopback0, RPF nbr: 4.4.4.4
Outgoing interface list: (count: 1)
Ethernet1/1, uptime: 00:03:14, pim
2.3.3 配置Overlay網(wǎng)絡(luò)
- 同一VNI都加入到相同組播組怜奖,本實(shí)驗(yàn)中組播組為239.0.0.1。
N9K-2配置:
vlan 10
vn-segment 10010
interface nve1
no shutdown
source-interface loopback0
member vni 10010
mcast-group 239.0.0.1
N9K-3配置:
vlan 10
vn-segment 10010
interface nve1
no shutdown
source-interface loopback0
member vni 10010
mcast-group 239.0.0.1
N9K-4配置:
vlan 10
vn-segment 10010
interface nve1
no shutdown
source-interface loopback0
member vni 10010
mcast-group 239.0.0.1
配置驗(yàn)證:
查看N9K-2 NVE的VNI和Peers狀態(tài):
N9K-2# show nve vni
Codes: CP - Control Plane DP - Data Plane
UC - Unconfigured SA - Suppress ARP
SU - Suppress Unknown Unicast
Xconn - Crossconnect
MS-IR - Multisite Ingress Replication
Interface VNI Multicast-group State Mode Type [BD/VRF] Flags
--------- -------- ----------------- ----- ---- ------------------ -----
nve1 10010 239.0.0.1 Up DP L2 [10]
N9K-2# show nve peers
N9K-2#
查看N9K-3 NVE的VNI和Peers狀態(tài):
N9K-3# show nve vni
Codes: CP - Control Plane DP - Data Plane
UC - Unconfigured SA - Suppress ARP
SU - Suppress Unknown Unicast
Xconn - Crossconnect
MS-IR - Multisite Ingress Replication
Interface VNI Multicast-group State Mode Type [BD/VRF] Flags
--------- -------- ----------------- ----- ---- ------------------ -----
nve1 10010 239.0.0.1 Up DP L2 [10]
N9K-3# show nve peers
N9K-3#
查看N9K-4 NVE的VNI和Peers狀態(tài):
N9K-4# show nve vni
Codes: CP - Control Plane DP - Data Plane
UC - Unconfigured SA - Suppress ARP
SU - Suppress Unknown Unicast
Xconn - Crossconnect
MS-IR - Multisite Ingress Replication
Interface VNI Multicast-group State Mode Type [BD/VRF] Flags
--------- -------- ----------------- ----- ---- ------------------ -----
nve1 10010 239.0.0.1 Up DP L2 [10]
N9K-4# show nve peers
N9K-4#
從以上結(jié)果可看出翅阵,目前VTEP之間并沒(méi)有VxLAN隧道建立歪玲。
2.4 實(shí)驗(yàn)驗(yàn)證
2.4.1 PC IP配置
PC1配置:
VPCS> show ip all
NAME IP/MASK GATEWAY MAC DNS
VPCS1 172.16.1.1/24 0.0.0.0 00:50:79:66:68:05
PC2配置:
VPCS> show ip all
NAME IP/MASK GATEWAY MAC DNS
VPCS1 172.16.1.2/24 0.0.0.0 00:50:79:66:68:06
PC3配置:
VPCS> show ip all
NAME IP/MASK GATEWAY MAC DNS
VPCS1 172.16.1.3/24 0.0.0.0 00:50:79:66:68:07
2.4.2 觸發(fā)流量
PC1觸發(fā)流量:
VPCS> ping 172.16.1.2
host (172.16.1.2) not reachable
VPCS> ping 172.16.1.2
84 bytes from 172.16.1.2 icmp_seq=1 ttl=64 time=44.744 ms
84 bytes from 172.16.1.2 icmp_seq=2 ttl=64 time=49.071 ms
84 bytes from 172.16.1.2 icmp_seq=3 ttl=64 time=34.025 ms
84 bytes from 172.16.1.2 icmp_seq=4 ttl=64 time=43.254 ms
84 bytes from 172.16.1.2 icmp_seq=5 ttl=64 time=32.700 ms
VPCS> ping 172.16.1.3
84 bytes from 172.16.1.3 icmp_seq=1 ttl=64 time=45.851 ms
84 bytes from 172.16.1.3 icmp_seq=2 ttl=64 time=47.016 ms
84 bytes from 172.16.1.3 icmp_seq=3 ttl=64 time=44.488 ms
84 bytes from 172.16.1.3 icmp_seq=4 ttl=64 time=43.073 ms
84 bytes from 172.16.1.3 icmp_seq=5 ttl=64 time=65.783 ms
PC2觸發(fā)流量:
VPCS> ping 172.16.1.3
host (172.16.1.3) not reachable
VPCS> ping 172.16.1.3
84 bytes from 172.16.1.3 icmp_seq=1 ttl=64 time=34.228 ms
84 bytes from 172.16.1.3 icmp_seq=2 ttl=64 time=27.838 ms
84 bytes from 172.16.1.3 icmp_seq=3 ttl=64 time=62.914 ms
84 bytes from 172.16.1.3 icmp_seq=4 ttl=64 time=47.581 ms
84 bytes from 172.16.1.3 icmp_seq=5 ttl=64 time=25.724 ms
2.4.3 檢查VxLAN隧道
N9K-2 VxLAN隧道:
N9K-2# show nve peers
Interface Peer-IP State LearnType Uptime Router-Mac
--------- --------------- ----- --------- -------- -----------------
nve1 3.3.3.3 Up DP 00:02:30 n/a
nve1 4.4.4.4 Up DP 00:02:20 n/a
N9K-3 VxLAN隧道:
N9K-3# show nve peers
Interface Peer-IP State LearnType Uptime Router-Mac
--------- --------------- ----- --------- -------- -----------------
nve1 2.2.2.2 Up DP 00:02:42 n/a
nve1 4.4.4.4 Up DP 00:02:14 n/a
N9K-4 VxLAN隧道:
N9K-4# show nve peers
Interface Peer-IP State LearnType Uptime Router-Mac
--------- --------------- ----- --------- -------- -----------------
nve1 2.2.2.2 Up DP 00:02:55 n/a
nve1 3.3.3.3 Up DP 00:02:28 n/a
從以上結(jié)果可看出迁央,經(jīng)過(guò)流量觸發(fā)后,VTEP間的VxLAN隧道才會(huì)自動(dòng)建立滥崩。
2.4.4 檢查VxLAN MAC地址表
N9K-2 MAC地址表:
N9K-2# show system internal l2fwder mac
Legend:
* - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC
age - seconds since last seen,+ - primary entry using vPC Peer-Link,
(T) - True, (F) - False, C - ControlPlane MAC
VLAN MAC Address Type age Secure NTFY Ports
---------+-----------------+--------+---------+------+----+------------------
* 10 0050.7966.6805 dynamic 00:00:58 F F Eth1/2
* 10 0050.7966.6806 dynamic 00:00:58 F F (0x47000001) nve-peer1
3.3.3.3
* 10 0050.7966.6807 dynamic 00:00:56 F F (0x47000002) nve-peer2
4.4.4.4
N9K-3 MAC地址表:
N9K-3# show system internal l2fwder mac
Legend:
* - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC
age - seconds since last seen,+ - primary entry using vPC Peer-Link,
(T) - True, (F) - False, C - ControlPlane MAC
VLAN MAC Address Type age Secure NTFY Ports
---------+-----------------+--------+---------+------+----+------------------
* 10 0050.7966.6805 dynamic 00:01:25 F F (0x47000001) nve-peer1
2.2.2.2
* 10 0050.7966.6806 dynamic 00:01:25 F F Eth1/2
* 10 0050.7966.6807 dynamic 00:01:16 F F (0x47000002) nve-peer2
4.4.4.4
N9K-4 MAC地址表:
N9K-4# show system internal l2fwder mac
Legend:
* - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC
age - seconds since last seen,+ - primary entry using vPC Peer-Link,
(T) - True, (F) - False, C - ControlPlane MAC
VLAN MAC Address Type age Secure NTFY Ports
---------+-----------------+--------+---------+------+----+------------------
* 10 0050.7966.6805 dynamic 00:01:28 F F (0x47000001) nve-peer1
2.2.2.2
* 10 0050.7966.6806 dynamic 00:01:19 F F (0x47000002) nve-peer2
3.3.3.3
* 10 0050.7966.6807 dynamic 00:01:27 F F Eth1/2
有關(guān)MAC地址詳細(xì)學(xué)習(xí)流程可參考"實(shí)驗(yàn)1:基于靜態(tài)Ingress Replication實(shí)現(xiàn)Cisco VxLAN "岖圈。
2.5 報(bào)文分析
2.5.1 BUM報(bào)文分析
- 對(duì)N9K-2的E1/1口抓包;
- 清空PC1和PC2的ARP表钙皮,從PC1 ping PC2蜂科。
清空PC1的ARP表:
VPCS> arp
00:50:79:66:68:06 172.16.1.2 expires in 118 seconds
VPCS> clear arp
VPCS> arp
arp table is empty
VPCS>
清空PC2的ARP表:
VPCS> arp
00:50:79:66:68:05 172.16.1.1 expires in 93 seconds
VPCS> clear arp
VPCS> arp
arp table is empty
VPCS>
BUM報(bào)文抓包:
以ARP請(qǐng)求報(bào)文為例
image.png
組播轉(zhuǎn)發(fā)說(shuō)明:
- 在N9K-1即PIM RP上,對(duì)于來(lái)自2.2.2.2并去往239.0.0.1的數(shù)據(jù)包短条,N9K-1會(huì)將該數(shù)據(jù)包轉(zhuǎn)發(fā)至E1/2和E1/3接口导匣;
- 同理,從任何源去往239.0.0.1數(shù)據(jù)包茸时,數(shù)據(jù)包都會(huì)被轉(zhuǎn)發(fā)到所有其它加入組播組239.0.0.1的VTEP贡定;
- 與基于Static Ingress Replication實(shí)現(xiàn)VxLAN不同,基于Multicast實(shí)現(xiàn)VxLAN中的BUM流量由Underlay的組播網(wǎng)絡(luò)傳輸可都;
-
最佳實(shí)踐:使用Anycast RP以實(shí)現(xiàn)RP的負(fù)載均衡和冗余(本實(shí)驗(yàn)未使用Anycast RP)缓待,下圖為Cisco Nexus交換機(jī)Anycast RP配置示例:
image.png
2.5.2 單播報(bào)文分析
- 對(duì)N9K-2的E1/1口抓包;
單播報(bào)文抓包:
以ARP回復(fù)報(bào)文為例
image.png
三渠牲、集中式網(wǎng)關(guān)
- 目標(biāo):N9K-2作為集中式網(wǎng)關(guān)旋炒,更改PC3的IP為172.16.2.1,實(shí)現(xiàn)PC3能與PC1嘱兼、PC2互訪国葬;
- 不再演示外部路由設(shè)備作為網(wǎng)關(guān),外部路由設(shè)備作為網(wǎng)關(guān)可參考實(shí)驗(yàn)1芹壕;
- 不再演示抓包汇四。
變更N9K-2的配置:
feature interface-vlan
vlan 20
vn-segment 10020
interface Vlan10
no shutdown
ip address 172.16.1.254/24
interface Vlan20
no shutdown
ip address 172.16.2.254/24
interface nve1
member vni 10020
mcast-group 239.0.0.2
變更N9K-4的配置:
vlan 20
vn-segment 10020
interface nve1
no member vni 10010
member vni 10020
mcast-group 239.0.0.2
interface Ethernet1/2
switchport access vlan 20
變更PC1的配置-配上網(wǎng)關(guān):
VPCS> ip 172.16.1.1 255.255.255.0 172.16.1.254
Checking for duplicate address...
PC1 : 172.16.1.1 255.255.255.0 gateway 172.16.1.254
變更PC2的配置-配上網(wǎng)關(guān):
VPCS> ip 172.16.1.2 255.255.255.0 172.16.1.254
Checking for duplicate address...
PC1 : 172.16.1.2 255.255.255.0 gateway 172.16.1.254
變更PC3的配置-修改IP:
VPCS> ip 172.16.2.1 255.255.255.0 172.16.2.254
Checking for duplicate address...
PC1 : 172.16.2.1 255.255.255.0 gateway 172.16.2.254
測(cè)試:
從PC3 ping PC1
VPCS> ping 172.16.1.1
84 bytes from 172.16.1.1 icmp_seq=1 ttl=63 time=44.051 ms
84 bytes from 172.16.1.1 icmp_seq=2 ttl=63 time=52.670 ms
84 bytes from 172.16.1.1 icmp_seq=3 ttl=63 time=94.949 ms
84 bytes from 172.16.1.1 icmp_seq=4 ttl=63 time=48.976 ms
84 bytes from 172.16.1.1 icmp_seq=5 ttl=63 time=50.364 ms
從PC3 ping PC2
VPCS> ping 172.16.1.2
84 bytes from 172.16.1.2 icmp_seq=1 ttl=63 time=66.403 ms
84 bytes from 172.16.1.2 icmp_seq=2 ttl=63 time=68.189 ms
84 bytes from 172.16.1.2 icmp_seq=3 ttl=63 time=67.867 ms
84 bytes from 172.16.1.2 icmp_seq=4 ttl=63 time=86.699 ms
84 bytes from 172.16.1.2 icmp_seq=5 ttl=63 time=75.751 ms
從PC2 ping PC1
VPCS> ping 172.16.1.1
84 bytes from 172.16.1.1 icmp_seq=1 ttl=64 time=41.983 ms
84 bytes from 172.16.1.1 icmp_seq=2 ttl=64 time=46.274 ms
84 bytes from 172.16.1.1 icmp_seq=3 ttl=64 time=40.682 ms
84 bytes from 172.16.1.1 icmp_seq=4 ttl=64 time=51.736 ms
84 bytes from 172.16.1.1 icmp_seq=5 ttl=64 time=44.748 ms
如果集中式網(wǎng)關(guān)配置完畢并檢查無(wú)誤后,如果不通踢涌,可嘗試保存并重啟N9K通孽!
四、總結(jié)
基于Static Ingress Replications實(shí)現(xiàn)VxLAN優(yōu)勢(shì):
- VTEP的受控部署睁壁;
- 簡(jiǎn)化故障排除流程背苦。
基于Static Ingress Replications實(shí)現(xiàn)VxLAN劣勢(shì):
- 配置和維護(hù)負(fù)擔(dān)增加;
- 必須在每個(gè)VTEP上手工配置每個(gè)peer潘明,容易出現(xiàn)配置錯(cuò)誤行剂。
基于Multicast實(shí)現(xiàn)VxLAN優(yōu)勢(shì):
- 減少配置和維護(hù)負(fù)擔(dān);
- 具有靈活的可擴(kuò)展性钳降;
- 有效減少VTEP上行鏈路帶寬占用厚宰,因?yàn)閂TEP僅需將BUM流量的一份副本發(fā)給RP,RP再轉(zhuǎn)發(fā)給其它VTEP;
- 配置簡(jiǎn)單铲觉,流量觸發(fā)后自動(dòng)建立VxLAN隧道澈蝙。
基于Multicast實(shí)現(xiàn)VxLAN劣勢(shì):
- 每個(gè)VNI使用一個(gè)組播組;
- 使用組播協(xié)議會(huì)增加排錯(cuò)復(fù)雜性撵幽。
