BGP EVPN方式VXLAN实验

组网需求

企业在不同的数据中心中都拥有自己的VM，服务器1上的VM1属于VLAN 30，服务器2上的VM1属于VLAN 20，服务器1和服务器2位于相同网段。现需要配置通过VXLAN实现相同网段用户通信。

• 通过配置VXLAN实现相同网段用户通信组网图

 

配置思路

采用如下思路配置通过VXLAN实现相同网段用户通信：

1. 分别配置路由协议，保证网络三层互通。
2. 分别配置业务接入点实现区分业务流量。
3. 使用EVPN作VXLAN控制平面功能。
4. 配置BGP EVPN对等体关系。
5. 配置EVPN实例。
6. 配置头端复制功能。

数据准备

为完成此配置例，需准备如下的数据：

• VM所属的VLAN ID分别是VLAN 20和VLAN 30。
• 网络中设备互连的接口IP地址。
• 网络中使用的IGP（Internal Gateway Protocol）路由类型是OSPF（Open Shortest Path First）。
• 广播域BD 20，30
• VXLAN网络标识VNI 5020。
• EVPN实例的RD值为1111：1111，RT值为1111：1111。RD值为2222：2222，RT值为2222：2222。

 

• 操作步骤
• Spine1配置

sysname spine1

 

#

evpn-overlay enable

#

interface GE1/0/0

undo portswitch

undo shutdown

ip address 10.1.13.1 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface GE1/0/1

undo portswitch

undo shutdown

ip address 10.1.14.1 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface GE1/0/2

undo portswitch

undo shutdown

ip address 10.1.15.1 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface GE1/0/3

undo portswitch

undo shutdown

ip address 10.1.16.1 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface GE1/0/4

undo portswitch

undo shutdown

ip address 10.1.12.1 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface LoopBack0

ip address 1.1.1.1 255.255.255.255

ospf enable 1 area 0.0.0.0

#

interface Nve1

#

interface NULL0

#

bgp 100

peer 2.2.2.2 as-number 100

peer 2.2.2.2 connect-interface LoopBack0

peer 3.3.3.3 as-number 100

peer 3.3.3.3 connect-interface LoopBack0

peer 4.4.4.4 as-number 100

peer 4.4.4.4 connect-interface LoopBack0

peer 5.5.5.5 as-number 100

peer 5.5.5.5 connect-interface LoopBack0

peer 6.6.6.6 as-number 100

peer 6.6.6.6 connect-interface LoopBack0

#

ipv4-family unicast

undo peer 2.2.2.2 enable

undo peer 3.3.3.3 enable

undo peer 4.4.4.4 enable

undo peer 5.5.5.5 enable

undo peer 6.6.6.6 enable

#

l2vpn-family evpn

undo policy vpn-target

peer 2.2.2.2 enable

peer 2.2.2.2 advertise irb

peer 2.2.2.2 reflect-client

peer 3.3.3.3 enable

peer 3.3.3.3 advertise irb

peer 3.3.3.3 reflect-client

peer 4.4.4.4 enable

peer 4.4.4.4 advertise irb

peer 4.4.4.4 reflect-client

peer 5.5.5.5 enable

peer 5.5.5.5 advertise irb

peer 5.5.5.5 reflect-client

peer 6.6.6.6 enable

peer 6.6.6.6 advertise irb

peer 6.6.6.6 reflect-client

#

ospf 1

area 0.0.0.0

Commit

• Span2配置

sysname spain2

#

device board 17 board-type CE-MPUB

device board 1 board-type CE-LPUE

#

evpn-overlay enable

#

#

interface GE1/0/0

undo portswitch

undo shutdown

ip address 10.1.23.2 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface GE1/0/1

undo portswitch

undo shutdown

ip address 10.1.24.2 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface GE1/0/2

undo portswitch

undo shutdown

ip address 10.1.25.2 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface GE1/0/3

undo portswitch

undo shutdown

ip address 10.1.26.2 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface GE1/0/4

undo portswitch

undo shutdown

ip address 10.1.12.2 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface LoopBack0

ip address 2.2.2.2 255.255.255.255

ospf enable 1 area 0.0.0.0

#

interface NULL0

#

bgp 100

peer 1.1.1.1 as-number 100

peer 1.1.1.1 connect-interface LoopBack0

peer 3.3.3.3 as-number 100

peer 3.3.3.3 connect-interface LoopBack0

peer 4.4.4.4 as-number 100

peer 4.4.4.4 connect-interface LoopBack0

peer 5.5.5.5 as-number 100

peer 5.5.5.5 connect-interface LoopBack0

peer 6.6.6.6 as-number 100

peer 6.6.6.6 connect-interface LoopBack0

#

ipv4-family unicast

undo peer 1.1.1.1 enable

undo peer 3.3.3.3 enable

undo peer 4.4.4.4 enable

undo peer 5.5.5.5 enable

undo peer 6.6.6.6 enable

#

l2vpn-family evpn

undo policy vpn-target

peer 1.1.1.1 enable

peer 1.1.1.1 advertise irb

peer 1.1.1.1 reflect-client

peer 3.3.3.3 enable

peer 3.3.3.3 advertise irb

peer 3.3.3.3 reflect-client

peer 4.4.4.4 enable

peer 4.4.4.4 advertise irb

peer 4.4.4.4 reflect-client

peer 5.5.5.5 enable

peer 5.5.5.5 advertise irb

peer 5.5.5.5 reflect-client

peer 6.6.6.6 enable

peer 6.6.6.6 advertise irb

peer 6.6.6.6 reflect-client

#

ospf 1

area 0.0.0.0

• Leaf1配置

sysname leaf1

#

evpn-overlay enable

#

ip vpn-instance vpna

ipv4-family

route-distinguisher 1111:1111

vpn-target 1111:1111 export-extcommunity evpn

vpn-target 1111:1111 import-extcommunity evpn

vxlan vni 5010

#

bridge-domain 10

vxlan vni 10

evpn

route-distinguisher 10:10

vpn-target 1111:1111 export-extcommunity

vpn-target 10:10 import-extcommunity

arp broadcast-suppress mismatch-discard enable

#

#

interface Vbdif10

ip address 10.1.1.1 255.255.255.0

mac-address 00e0-1010-0001

vxlan anycast-gateway enable

arp collect host enable

#

#

interface GE1/0/0

undo portswitch

undo shutdown

ip address 10.1.13.3 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface GE1/0/1

undo portswitch

undo shutdown

ip address 10.1.23.3 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface GE1/0/3.10 mode l2

encapsulation dot1q vid 10

bridge-domain 10

#

#

interface LoopBack0

ip address 3.3.3.3 255.255.255.255

ospf enable 1 area 0.0.0.0

#

interface Nve1

source 3.3.3.3

vni 10 head-end peer-list protocol bgp

#

interface NULL0

#

bgp 100

peer 1.1.1.1 as-number 100

peer 1.1.1.1 connect-interface LoopBack0

peer 2.2.2.2 as-number 100

peer 2.2.2.2 connect-interface LoopBack0

#

ipv4-family unicast

undo peer 1.1.1.1 enable

undo peer 2.2.2.2 enable

#

l2vpn-family evpn

policy vpn-target

peer 1.1.1.1 enable

peer 1.1.1.1 advertise irb

peer 2.2.2.2 enable

peer 2.2.2.2 advertise irb

#

ospf 1

area 0.0.0.0

#

• Leaf2 配置

#

sysname leaf2

#

evpn-overlay enable

#

ip vpn-instance vpna

ipv4-family

route-distinguisher 1111:1111

vpn-target 1111:1111 export-extcommunity evpn

vpn-target 1111:1111 import-extcommunity

vpn-target 1111:1111 import-extcommunity evpn

vxlan vni 5010

#

ip vpn-instance vpnb

ipv4-family

route-distinguisher 2222:2222

vpn-target 2222:2222 export-extcommunity evpn

vpn-target 2222:2222 import-extcommunity evpn

vxlan vni 5020

#

bridge-domain 20

vxlan vni 20

evpn

route-distinguisher 20:20

vpn-target 20:20 export-extcommunity

vpn-target 1111:1111 export-extcommunity

vpn-target 20:20 import-extcommunity

arp broadcast-suppress mismatch-discard enable

#

bridge-domain 30

vxlan vni 30

evpn

route-distinguisher 30:30

vpn-target 30:30 export-extcommunity

vpn-target 1111:1111 export-extcommunity

vpn-target 30:30 import-extcommunity

arp broadcast-suppress mismatch-discard enable

#

#

interface Vbdif20

ip binding vpn-instance vpna

ip address 20.1.1.1 255.255.255.0

mac-address 00e0-2020-0001

vxlan anycast-gateway enable

arp collect host enable

#

interface Vbdif30

ip binding vpn-instance vpnb

ip address 30.1.1.1 255.255.255.0

mac-address 00e0-3030-0001

vxlan anycast-gateway enable

arp collect host enable

#

interface GE1/0/0

undo portswitch

undo shutdown

ip address 10.1.14.4 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface GE1/0/1

undo portswitch

undo shutdown

ip address 10.1.24.4 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

#

interface GE1/0/2.20 mode l2

encapsulation dot1q vid 20

bridge-domain 20

#

interface GE1/0/2.30 mode l2

encapsulation dot1q vid 30

bridge-domain 30

#

i#

interface LoopBack0

ip address 4.4.4.4 255.255.255.255

ospf enable 1 area 0.0.0.0

#

interface Nve1

source 4.4.4.4

vni 20 head-end peer-list protocol bgp

vni 30 head-end peer-list protocol bgp

#

interface NULL0

#

bgp 100

peer 1.1.1.1 as-number 100

peer 1.1.1.1 connect-interface LoopBack0

peer 2.2.2.2 as-number 100

peer 2.2.2.2 connect-interface LoopBack0

#

ipv4-family unicast

undo peer 1.1.1.1 enable

undo peer 2.2.2.2 enable

#

l2vpn-family evpn

policy vpn-target

peer 1.1.1.1 enable

peer 1.1.1.1 advertise irb

peer 2.2.2.2 enable

peer 2.2.2.2 advertise irb

#

ospf 1

area 0.0.0.0

#

• Leaf3配置

sysname leaf3

#

device board 17 board-type CE-MPUB

device board 1 board-type CE-LPUE

#

vlan batch 30

#

evpn-overlay enable

#

ip vpn-instance vpna

ipv4-family

route-distinguisher 1111:1111

vpn-target 1111:1111 export-extcommunity evpn

vpn-target 1111:1111 import-extcommunity evpn

vxlan vni 5010

#

ip vpn-instance vpnb

ipv4-family

route-distinguisher 2222:2222

vpn-target 2222:2222 export-extcommunity evpn

vpn-target 2222:2222 import-extcommunity evpn

vxlan vni 5020

#

bridge-domain 20

vxlan vni 20

evpn

route-distinguisher 20:20

vpn-target 20:20 export-extcommunity

vpn-target 1111:1111 export-extcommunity

vpn-target 20:20 import-extcommunity

arp broadcast-suppress mismatch-discard enable

#

bridge-domain 30

vxlan vni 30

evpn

route-distinguisher 30:30

vpn-target 30:30 export-extcommunity

vpn-target 1111:1111 export-extcommunity

vpn-target 30:30 import-extcommunity

arp broadcast-suppress mismatch-discard enable

#

#

interface Vbdif20

ip binding vpn-instance vpna

ip address 20.1.1.1 255.255.255.0

mac-address 00e0-2020-0001

vxlan anycast-gateway enable

arp collect host enable

#

interface Vbdif30

ip binding vpn-instance vpnb

ip address 30.1.1.1 255.255.255.0

mac-address 00e0-3030-0001

vxlan anycast-gateway enable

arp collect host enable

#

#

interface GE1/0/0

undo portswitch

undo shutdown

ip address 10.1.15.5 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface GE1/0/1

undo portswitch

undo shutdown

ip address 10.1.25.5 255.255.255.0

ospf network-type p2p

ospf enable 1 area 0.0.0.0

#

interface GE1/0/2

undo shutdown

#

interface GE1/0/2.20 mode l2

encapsulation dot1q vid 20

bridge-domain 20

#

#

interface GE1/0/2.30 mode l2

encapsulation dot1q vid 30

bridge-domain 30

#

ii#

interface LoopBack0

ip address 5.5.5.5 255.255.255.255

ospf enable 1 area 0.0.0.0

#

interface Nve1

source 5.5.5.5

vni 20 head-end peer-list protocol bgp

vni 30 head-end peer-list protocol bgp

#

interface NULL0

#

bgp 100

peer 1.1.1.1 as-number 100

peer 1.1.1.1 connect-interface LoopBack0

peer 2.2.2.2 as-number 100

peer 2.2.2.2 connect-interface LoopBack0

#

ipv4-family unicast

undo peer 1.1.1.1 enable

undo peer 2.2.2.2 enable

#

l2vpn-family evpn

policy vpn-target

peer 1.1.1.1 enable

peer 1.1.1.1 advertise irb

peer 2.2.2.2 enable

peer 2.2.2.2 advertise irb

#

ospf 1

area 0.0.0.0

• Sw1,sw2,sw3配置

sysname sw1

#

vlan batch 10 20

#

interface GigabitEthernet0/0/1

port link-type trunk

port trunk allow-pass vlan 2 to 4094

#

interface GigabitEthernet0/0/2

port link-type access

port default vlan 10

#

interface GigabitEthernet0/0/3

port link-type access

port default vlan 10

#

• 查看 在Spine设备查看EVPN邻居关系

 

 

• 查看每个leaf上的vxlan隧道