VXLAN BGP EVPN 基础配置-使用EVE-NG
<h1>实验拓扑</h1><p><img src="data/attachment/forum/202504/26/101147odbqxej6qb2uqsqa.png" alt="image.png" title="image.png" /></p>
<h1>EVE-NG拓扑导出文件</h1>
<p><a href="forum.php?mod=attachment&aid=2650" title="attachment"><img src="/source/plugin/zhanmishu_markdown/template/editor/images/upload.svg" alt="upload" /> 附件:VXLAN BGP EVPN.zip</a></p>
<p>视频合集链接如下</p>
<p>https://space.bilibili.com/423219115/lists/3328767</p>
<p>以下是视频4-1到4-9开始的实验具体配置</p>
<p>(视频出处为:https://www.udemy.com/course/vxlan-bgp-evpn-by-arash-deljoo/)</p>
<p>Spine 1:1 Spine1 --- 10.1.11.0/24 -----leaf1</p>
<p>Spine 2:2 Spine1---10.1.12.0/24 --- Leaf2</p>
<p>Leaf1:11 Spine2---10.2.11.0/24 --- Leaf1</p>
<p>Leaf2:12 Spine2---10.2.12.0/24----Leaf2</p>
<p>LP0: X.X.X.X/32 SPINE1:1.1.1/32</p>
<p>=========================</p>
<h1><em><strong>1 underlay configuration step 1-- ip addressing</strong></em></h1>
<hr />
<p><strong>spine1</strong></p>
<p>conf t</p>
<p>hostname spine1</p>
<p>interface eth1/1</p>
<p>no switchport</p>
<p>ip add 10.1.11.1/24</p>
<p>no shutdown</p>
<p>interface eth1/2</p>
<p>no switchport</p>
<p>ip add 10.1.12.1/24</p>
<p>no shutdown</p>
<p>interface loopback 0</p>
<p>ip add 1.1.1.1/32</p>
<hr />
<p><strong>spine2</strong></p>
<p>hostname spine2</p>
<p>interface eth1/1</p>
<p>no switchport</p>
<p>ip address 10.2.11.2/24</p>
<p>no shutdown</p>
<p>interface eth1/2</p>
<p>no switchport</p>
<p>ip address 10.2.12.2/24</p>
<p>no shutdown</p>
<p>interface loopback 0</p>
<p>ip address 2.2.2.2/32</p>
<hr />
<p><strong>leaf1</strong></p>
<p>hostname leaf1</p>
<p>interface eth1/1</p>
<p>no switchport</p>
<p>ip add 10.1.11.11/24</p>
<p>no shutdown</p>
<p>interface eth1/2</p>
<p>no switchport</p>
<p>ip add 10.2.11.11/24</p>
<p>no shutdown</p>
<p>interface loopback 0</p>
<p>ip add 11.11.11.11/32</p>
<hr />
<p><strong>leaf2</strong></p>
<p>hostname leaf2</p>
<p>interface eth1/1</p>
<p>no switchport</p>
<p>ip add 10.1.12.12/24</p>
<p>no shutdown</p>
<p>interface eth1/2</p>
<p>no switchport</p>
<p>ip add 10.2.12.12/24</p>
<p>no shutdown</p>
<p>interface loopback 0</p>
<p>ip add 12.12.12.12/32</p>
<p>===========================</p>
<h1><strong>2 underlay configuration step 2: mtu</strong></h1>
<p>int eth1/1 - 2</p>
<p>mtu 9216</p>
<p>show int e1/1</p>
<p>show run int e1/2</p>
<p>=======================</p>
<h1><strong>3 Underlay Configuration Step 3 - Routing Protocol- OSPF</strong></h1>
<p>spine1</p>
<p>feature ospf</p>
<p>router ospf underlay</p>
<p>router-id 1.1.1.1</p>
<p>interface eth1/1</p>
<p>ip router ospf underlay area 0.0.0.0</p>
<p>ip ospf network point-to-point</p>
<p>interface eth1/2</p>
<p>ip router ospf underlay area 0.0.0.0</p>
<p>ip ospf network point-to-point</p>
<p>interface loop0</p>
<p>ip router ospf underlay area 0.0.0.0</p>
<p>spine2</p>
<p>feature ospf</p>
<p>router ospf underlay</p>
<p>router-id 2.2.2.2</p>
<p>int eth 1/1 - 2</p>
<p>ip router ospf underlay area 0.0.0.0</p>
<p>ip ospf network point-to-point</p>
<p>interface loop0</p>
<p>ip router ospf underlay area 0.0.0.0</p>
<p>leaf1</p>
<p>feature ospf</p>
<p>router ospf underlay</p>
<p>router-id 11.11.11.11</p>
<p>int eth 1/1 - 2</p>
<p>ip router ospf underlay area 0.0.0.0</p>
<p>ip ospf network point-to-point</p>
<p>interface loop0</p>
<p>ip router ospf underlay area 0.0.0.0</p>
<p>leaf2</p>
<p>feature ospf</p>
<p>router ospf underlay</p>
<p>router-id 12.12.12.12</p>
<p>int eth 1/1 - 2</p>
<p>ip router ospf underlay area 0.0.0.0</p>
<p>ip ospf network point-to-point</p>
<p>interface loop0</p>
<p>ip router ospf underlay area 0.0.0.0</p>
<p>show ip ospf interface brief</p>
<p>show ip route ospf-underlay</p>
<p>spine1:</p>
<p>ping 11.11.11.11 source 1.1.1.1</p>
<p>ping 12.12.12.12 source 1.1.1.1</p>
<p>=======================</p>
<h1><strong>4 Underlay Configuration Step4 - Multi Destination Traffic</strong></h1>
<p>unicast mode / multicast mode</p>
<p>multicast mode (pim anycast)</p>
<p>spine1:</p>
<p>feature pim</p>
<p>interface loopback 1</p>
<p>ip addr 100.100.100.100/32</p>
<p>ip route ospf underlay area 0.0.0.0</p>
<p>ip pim sparse-mode</p>
<p>int loo0</p>
<p>ip pim sparse-mode</p>
<p>int eth1/1-2</p>
<p>ip pim spares-mode</p>
<p>show ip pim interface brief</p>
<p>spine1# show ip pim inter brief</p>
<p>spine2:</p>
<p>feature pim</p>
<p>interface loo 1</p>
<p>ip add 100.100.100.100/32</p>
<p>ip router ospf underlay area 0.0.0.0</p>
<p>ip pim sparse-mode</p>
<p>int loo0</p>
<p>ip pim sparse-mode</p>
<p>show ip pim int br</p>
<p>leaf1</p>
<p>leaf2</p>
<p>feature pim</p>
<p>int loo0</p>
<p>ip pim sparse-mode</p>
<p>int eth1/1-2</p>
<p>ip pim sparse-mode</p>
<p>show ip pim int br</p>
<p>in all NEXUS</p>
<p>show ip pim neighbor</p>
<p>=======</p>
<p>spine1 , spine2,leaf1 , leaf2:</p>
<p>ip pim rp-addr 100.100.100.100</p>
<p>spine1 , spine2</p>
<p>ip pim anycast-rp 100.100.100.100 1.1.1.1</p>
<p>ip pim anycast-rp 100.100.100.100 2.2.2.2</p>
<p>show ip pim rp</p>
<h1>5 Underlay Configuration Step 5 - BGP IPv4 Address Family</h1>
<p>spine1:</p>
<p>feature bgp</p>
<p>router bgp 65000</p>
<p>router-id 1.1.1.1</p>
<p>address-family ipv4 unicast</p>
<p>exit</p>
<p>template peer leaf</p>
<p>remote-as 65000</p>
<p>update-source loopback 0</p>
<p>address-family ipv4 unicast</p>
<p>send-community extended</p>
<p>route-reflector-client</p>
<p>exit</p>
<p>neighbor 11.11.11.11</p>
<p>inherit peer leaf</p>
<p>neighbor 12.12.12.12</p>
<p>inherit peer leaf</p>
<p>spine2:</p>
<p>feature bgp</p>
<p>router bgp 65000</p>
<p>router-id 2.2.2.2</p>
<p>address-family ipv4 unicast</p>
<p>exit</p>
<p>template peer leaf</p>
<p>remote-as 65000</p>
<p>update-source loopback 0</p>
<p>address-family ipv4 unicast</p>
<p>send-community extended</p>
<p>route-reflector-client</p>
<p>exit</p>
<p>neighbor 11.11.11.11</p>
<p>inherit peer leaf</p>
<p>neighbor 12.12.12.12</p>
<p>inherit peer leaf</p>
<p>leaf1:</p>
<p>feature bgp</p>
<p>router bgp 65000</p>
<p>router-id 11.11.11.11</p>
<p>address-fa ipv4 uni</p>
<p>exit</p>
<p>neighbor 1.1.1.1</p>
<p>remote-as 65000</p>
<p>update-source loo0</p>
<p>address-fami ipv4 un</p>
<p>send-community extended</p>
<p>neighbor 2.2.2.2</p>
<p>remote-as 65000</p>
<p>update-source loo0</p>
<p>address-family ipv4 uni</p>
<p>send-community extended</p>
<p>leaf2:</p>
<p>feature bgp</p>
<p>router bgp 65000</p>
<p>router-id 12.12.12.12</p>
<p>address-fa ipv4 uni</p>
<p>exit</p>
<p>neighbor 1.1.1.1</p>
<p>remote-as 65000</p>
<p>update-source loo0</p>
<p>address-fami ipv4 un</p>
<p>send-community extended</p>
<p>neighbor 2.2.2.2</p>
<p>remote-as 65000</p>
<p>update-source loo0</p>
<p>address-family ipv4 uni</p>
<p>send-community extended</p>
<p>check:</p>
<p>spine 1:</p>
<p>show bgp ipv4 uni summary</p>
<p>neibhbor should includes 11.11.11.11 and 12.12.12.12</p>
<p>same as spine2:</p>
<h1>6 Overlay Configuration Step 1 - L2 Multitenancy</h1>
<p>enable these features on all Nexuses.</p>
<p>feature nv overlay</p>
<p>feature vn-segment-vlan-based</p>
<p>nv overlay evpn</p>
<p>show vlan brief</p>
<p>leaf1:</p>
<p>vlan2</p>
<p>name T1-v2</p>
<p>vn-segment 1002</p>
<p>exit</p>
<p>vlan3</p>
<p>name T1-v3</p>
<p>vn-segment 1003</p>
<p>int eth 1/3</p>
<p>switchport</p>
<p>switchport mode access</p>
<p>switchport access vlan 2</p>
<p>no shutdown</p>
<p>int eth 1/4</p>
<p>switchport</p>
<p>switchport mode access</p>
<p>switchport access vlan 3</p>
<p>no shutdown</p>
<p>show vlan brief</p>
<p>leaf2:</p>
<p>vlan2</p>
<p>name T1-v2</p>
<p>vn-segment 1002</p>
<p>exit</p>
<p>vlan3</p>
<p>name T1-v3</p>
<p>vn-segment 1003</p>
<p>int eth 1/3</p>
<p>switchport</p>
<p>switchport mode access</p>
<p>switchport access vlan 2</p>
<p>no shutdown</p>
<p>int eth 1/4</p>
<p>switchport</p>
<p>switchport mode access</p>
<p>switchport access vlan 3</p>
<p>no shutdown</p>
<p>show vlan brief</p>
<h1>7 Overlay Configuration Step 2 - L3 Multitenancy</h1>
<p>virtual routing & Forarding (vrf)</p>
<p>vlan 1000 <--->L3VNI:1000</p>
<p>vlan 2 --->192.168.2.1/24<br />
vlan 3 --->192.168.3.1/24</p>
<p>leaf1:</p>
<p>vlan 1000</p>
<p>name T1-L3VNI</p>
<p>vn-segment 1000</p>
<p>exit</p>
<p>show vrf</p>
<p>vrf context T1</p>
<p>vni 1000</p>
<p>rd auto</p>
<p>address-family ipv4 unicast</p>
<p>route-target both auto</p>
<p>route-target both auto evpn</p>
<p>show vrf detail</p>
<p>feature interface-vlan</p>
<p>interface vlan 2</p>
<p>vrf member T1</p>
<p>ip add 192.168.2.1/24</p>
<p>no sh</p>
<p>fabric forwarding mode anycast-gateway</p>
<p>show run int vlan 2</p>
<p>fabric forwarding anycast-gateway-mac 0000.1111.2222</p>
<p>int vlan 2</p>
<p>fabric forwarding mode anycast-gateway</p>
<p>show run int vlan 2</p>
<p>需要确定配置中包含 'fabric forwarding mode anycast-gateway'</p>
<p>int vlan 3</p>
<p>vrf member T1</p>
<p>ip add 192.168.3.1/24</p>
<p>no shu</p>
<p>fabric forwarding mode anycast-gateway</p>
<p>exit</p>
<p>int vlan 1000</p>
<p>vrf member T1</p>
<p>end</p>
<p>show ip int brief</p>
<p>show vlan br</p>
<p>show run | include vrf</p>
<p>leaf2:</p>
<p>vlan 1000</p>
<p>name T1-L3VNI</p>
<p>vn-segment 1000</p>
<p>exit</p>
<p>show vrf</p>
<p>vrf context T1</p>
<p>vni 1000</p>
<p>rd auto</p>
<p>address-family ipv4 unicast</p>
<p>route-target both auto</p>
<p>route-target both auto evpn</p>
<p>show vrf detail</p>
<p>feature interface-vlan</p>
<p>interface vlan 2</p>
<p>vrf member T1</p>
<p>ip add 192.168.2.1/24</p>
<p>no sh</p>
<p>fabric forwarding mode anycast-gateway</p>
<p>show run int vlan 2</p>
<p>fabric forwarding anycast-gateway-mac 0000.1111.2222</p>
<p>int vlan 2</p>
<p>fabric forwarding mode anycast-gateway</p>
<p>show run int vlan 2</p>
<p>需要确定配置中包含 'fabric forwarding mode anycast-gateway'</p>
<p>int vlan 3</p>
<p>vrf member T1</p>
<p>ip add 192.168.3.1/24</p>
<p>no shu</p>
<p>fabric forwarding mode anycast-gateway</p>
<p>exit</p>
<p>int vlan 1000</p>
<p>vrf member T1</p>
<p>end</p>
<p>show ip int brief</p>
<p>show vlan br</p>
<p>show run | include vrf</p>
<p>show ip route vrf T1</p>
<p>192.168.2.0/24</p>
<p>192.168.2.1/32</p>
<p>192.168.3.0/24</p>
<p>192.168.3.1/32</p>
<h1>8 Overlay Configuration Step 3 - VXLAN Tunnel</h1>
<p>VLAN2->VNI1002->MG:239.0.0.2</p>
<p>VLAN3->VNI1003->MG:239.0.0.3</p>
<p>vtep1->172.16.0.11/32</p>
<p>vtep2->172.16.0.12/32</p>
<p>leaf1:</p>
<p>int loo1</p>
<p>ip add 172.16.0.11/32</p>
<p>ip router ospf UNDERLAY area 0.0.0.0</p>
<p>ip pim sparse-mode</p>
<p>exit</p>
<p>int nve 1</p>
<p>source-interface loo 1</p>
<p>host-reachability protocol bgp</p>
<p>no shutdown</p>
<p>member vni 1002</p>
<p>mcast-group 239.0.0.2</p>
<p>exit</p>
<p>member vni 1003</p>
<p>mcast-group 239.0.0.3</p>
<p>exit</p>
<p>member vni 1000 associate-vrf</p>
<p>end</p>
<p>show nve vni</p>
<p>leaf1:</p>
<p>int loo1</p>
<p>ip add 172.16.0.12/32</p>
<p>ip router ospf UNDERLAY area 0.0.0.0</p>
<p>ip pim sparse-mode</p>
<p>exit</p>
<p>ping 172.16.0.11 source 172.16.0.12</p>
<p>int nve 1</p>
<p>source-interface loo 1</p>
<p>host-reachability protocol bgp</p>
<p>no shutdown</p>
<p>member vni 1002</p>
<p>mcast-group 239.0.0.2</p>
<p>exit</p>
<p>member vni 1003</p>
<p>mcast-group 239.0.0.3</p>
<p>exit</p>
<p>member vni 1000 associate-vrf</p>
<p>end</p>
<p>show nve vni</p>
<h1><strong>9 Overlay Configuration Step 4 - BGP EVPN Address Family</strong></h1>
<p>spine1 & spine2:</p>
<p>router bgp 65000</p>
<p>address-family l2vpn evpn</p>
<p>retain route-target all</p>
<p>exit</p>
<p>show run | sec bgp</p>
<p>template peer leaf</p>
<p>address-family l2vpn evpn</p>
<p>send-community</p>
<p>send-community extended</p>
<p>route-reflector-client</p>
<p>end</p>
<p>leaf1:</p>
<p>router bgp 65000</p>
<p>address-family l2vpn evpn</p>
<p>exit</p>
<p>neighbor 1.1.1.1</p>
<p>show run | sec bgp</p>
<p>address-family l2vpn evpn</p>
<p>send-community</p>
<p>send-community extended</p>
<p>neighbor 2.2.2.2</p>
<p>address-family l2vpn evpn</p>
<p>send-community</p>
<p>send-community extended</p>
<p>show bgp l2vpn evpn summary</p>
<p>neighbor</p>
<p>1.1.1.1</p>
<p>2.2.2.2</p>
<p>leaf1:</p>
<p>router bgp 65000</p>
<p>address-family l2vpn evpn</p>
<p>exit</p>
<p>neighbor 1.1.1.1</p>
<p>show run | sec bgp</p>
<p>address-family l2vpn evpn</p>
<p>send-community</p>
<p>send-community extended</p>
<p>neghbori 2.2.2.2</p>
<p>address-family l2vpn evpn</p>
<p>send-community</p>
<p>send-community extended</p>
<p>show bgp l2vpn evpn summary</p>
<p>neighbor</p>
<p>1.1.1.1</p>
<p>2.2.2.2</p>
<p>spine1&2:</p>
<p>show bgp l2vpn evpn summary</p>
<p>neighbor</p>
<p>11.11.11.11</p>
<p>12.12.12.12</p>
<p>leaf1:</p>
<p>evpn</p>
<p>vni 1002 l2</p>
<p>rd auto</p>
<p>route-target both auto</p>
<p>exit</p>
<p>vni 1003 l2</p>
<p>rd auto</p>
<p>route-target both auto</p>
<p>end</p>
<p>show run | include evpn</p>
<p>spine1:</p>
<p>show bgp l2vpn evpn</p>
<p><img src="data/attachment/forum/" alt="" /></p>
<p>vpc1:</p>
<p>ip 192.168.2.10 24 192.168.2.1</p>
<p>vpc2:</p>
<p>ip 192.168.3.10 24 192.168.3.1</p>
<p>vpc3:</p>
<p>ip 192.168.2.20 24 192.168.2.1</p>
<p>vpc4:</p>
<p>ip 192.168.3.20 24 192.168.3.1</p>
<p>show ip all</p>
<p>#check mac</p>
<p>vpc1ping vpc3</p>
<p>vpc2ping vpc4</p>
<p>show ip arp</p>
<p>leaf1:</p>
<p>int vlan 1000</p>
<p>ip forward</p>
<p>end</p>
<p>vpc1 ping vpc4</p>
<p>ping 192.168.3.20</p>
<p>show arp</p>
<p>#the mac is belong to 192.168.2.1, not 192.168.3.20</p>
<p>trace 192.168.3.20</p>
<p>1 192.168.2.1</p>
<p>2 192.168.2.1</p>
<p>3 192.168.3.20</p>
<p>vpc2 ping vpc3</p>
<p>ping 192.168.2.20</p>
<p>leaf1:</p>
<p>show l2route evpn mac-ip all</p>
<p><img src="data/attachment/forum/" alt="" /></p>
<p>谢谢楼主分享!!!</p>
页:
[1]