组网需求
企业在不同的数据中心中都拥有自己的VM,服务器1上的VM1属于VLAN 30,服务器2上的VM1属于VLAN 20,服务器1和服务器2位于相同网段。现需要配置通过VXLAN实现相同网段用户通信。
- 通过配置VXLAN实现相同网段用户通信组网图
配置思路
采用如下思路配置通过VXLAN实现相同网段用户通信:
- 分别配置路由协议,保证网络三层互通。
- 分别配置业务接入点实现区分业务流量。
- 使用EVPN作VXLAN控制平面功能。
- 配置BGP EVPN对等体关系。
- 配置EVPN实例。
- 配置头端复制功能。
数据准备
为完成此配置例,需准备如下的数据:
- VM所属的VLAN ID分别是VLAN 20和VLAN 30。
- 网络中设备互连的接口IP地址。
- 网络中使用的IGP(Internal Gateway Protocol)路由类型是OSPF(Open Shortest Path First)。
- 广播域BD 20,30
- VXLAN网络标识VNI 5020。
- EVPN实例的RD值为1111:1111,RT值为1111:1111。RD值为2222:2222,RT值为2222:2222。
- 操作步骤
- Spine1配置
sysname spine1
#
evpn-overlay enable
#
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.1.13.1 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface GE1/0/1
undo portswitch
undo shutdown
ip address 10.1.14.1 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface GE1/0/2
undo portswitch
undo shutdown
ip address 10.1.15.1 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface GE1/0/3
undo portswitch
undo shutdown
ip address 10.1.16.1 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface GE1/0/4
undo portswitch
undo shutdown
ip address 10.1.12.1 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
ospf enable 1 area 0.0.0.0
#
interface Nve1
#
interface NULL0
#
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack0
peer 5.5.5.5 as-number 100
peer 5.5.5.5 connect-interface LoopBack0
peer 6.6.6.6 as-number 100
peer 6.6.6.6 connect-interface LoopBack0
#
ipv4-family unicast
undo peer 2.2.2.2 enable
undo peer 3.3.3.3 enable
undo peer 4.4.4.4 enable
undo peer 5.5.5.5 enable
undo peer 6.6.6.6 enable
#
l2vpn-family evpn
undo policy vpn-target
peer 2.2.2.2 enable
peer 2.2.2.2 advertise irb
peer 2.2.2.2 reflect-client
peer 3.3.3.3 enable
peer 3.3.3.3 advertise irb
peer 3.3.3.3 reflect-client
peer 4.4.4.4 enable
peer 4.4.4.4 advertise irb
peer 4.4.4.4 reflect-client
peer 5.5.5.5 enable
peer 5.5.5.5 advertise irb
peer 5.5.5.5 reflect-client
peer 6.6.6.6 enable
peer 6.6.6.6 advertise irb
peer 6.6.6.6 reflect-client
#
ospf 1
area 0.0.0.0
Commit
- Span2配置
sysname spain2
#
device board 17 board-type CE-MPUB
device board 1 board-type CE-LPUE
#
evpn-overlay enable
#
#
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.1.23.2 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface GE1/0/1
undo portswitch
undo shutdown
ip address 10.1.24.2 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface GE1/0/2
undo portswitch
undo shutdown
ip address 10.1.25.2 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface GE1/0/3
undo portswitch
undo shutdown
ip address 10.1.26.2 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface GE1/0/4
undo portswitch
undo shutdown
ip address 10.1.12.2 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
ospf enable 1 area 0.0.0.0
#
interface NULL0
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack0
peer 5.5.5.5 as-number 100
peer 5.5.5.5 connect-interface LoopBack0
peer 6.6.6.6 as-number 100
peer 6.6.6.6 connect-interface LoopBack0
#
ipv4-family unicast
undo peer 1.1.1.1 enable
undo peer 3.3.3.3 enable
undo peer 4.4.4.4 enable
undo peer 5.5.5.5 enable
undo peer 6.6.6.6 enable
#
l2vpn-family evpn
undo policy vpn-target
peer 1.1.1.1 enable
peer 1.1.1.1 advertise irb
peer 1.1.1.1 reflect-client
peer 3.3.3.3 enable
peer 3.3.3.3 advertise irb
peer 3.3.3.3 reflect-client
peer 4.4.4.4 enable
peer 4.4.4.4 advertise irb
peer 4.4.4.4 reflect-client
peer 5.5.5.5 enable
peer 5.5.5.5 advertise irb
peer 5.5.5.5 reflect-client
peer 6.6.6.6 enable
peer 6.6.6.6 advertise irb
peer 6.6.6.6 reflect-client
#
ospf 1
area 0.0.0.0
- Leaf1配置
sysname leaf1
#
evpn-overlay enable
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 1111:1111
vpn-target 1111:1111 export-extcommunity evpn
vpn-target 1111:1111 import-extcommunity evpn
vxlan vni 5010
#
bridge-domain 10
vxlan vni 10
evpn
route-distinguisher 10:10
vpn-target 1111:1111 export-extcommunity
vpn-target 10:10 import-extcommunity
arp broadcast-suppress mismatch-discard enable
#
#
interface Vbdif10
ip address 10.1.1.1 255.255.255.0
mac-address 00e0-1010-0001
vxlan anycast-gateway enable
arp collect host enable
#
#
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.1.13.3 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface GE1/0/1
undo portswitch
undo shutdown
ip address 10.1.23.3 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface GE1/0/3.10 mode l2
encapsulation dot1q vid 10
bridge-domain 10
#
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
ospf enable 1 area 0.0.0.0
#
interface Nve1
source 3.3.3.3
vni 10 head-end peer-list protocol bgp
#
interface NULL0
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
#
ipv4-family unicast
undo peer 1.1.1.1 enable
undo peer 2.2.2.2 enable
#
l2vpn-family evpn
policy vpn-target
peer 1.1.1.1 enable
peer 1.1.1.1 advertise irb
peer 2.2.2.2 enable
peer 2.2.2.2 advertise irb
#
ospf 1
area 0.0.0.0
#
- Leaf2 配置
#
sysname leaf2
#
evpn-overlay enable
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 1111:1111
vpn-target 1111:1111 export-extcommunity evpn
vpn-target 1111:1111 import-extcommunity
vpn-target 1111:1111 import-extcommunity evpn
vxlan vni 5010
#
ip vpn-instance vpnb
ipv4-family
route-distinguisher 2222:2222
vpn-target 2222:2222 export-extcommunity evpn
vpn-target 2222:2222 import-extcommunity evpn
vxlan vni 5020
#
bridge-domain 20
vxlan vni 20
evpn
route-distinguisher 20:20
vpn-target 20:20 export-extcommunity
vpn-target 1111:1111 export-extcommunity
vpn-target 20:20 import-extcommunity
arp broadcast-suppress mismatch-discard enable
#
bridge-domain 30
vxlan vni 30
evpn
route-distinguisher 30:30
vpn-target 30:30 export-extcommunity
vpn-target 1111:1111 export-extcommunity
vpn-target 30:30 import-extcommunity
arp broadcast-suppress mismatch-discard enable
#
#
interface Vbdif20
ip binding vpn-instance vpna
ip address 20.1.1.1 255.255.255.0
mac-address 00e0-2020-0001
vxlan anycast-gateway enable
arp collect host enable
#
interface Vbdif30
ip binding vpn-instance vpnb
ip address 30.1.1.1 255.255.255.0
mac-address 00e0-3030-0001
vxlan anycast-gateway enable
arp collect host enable
#
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.1.14.4 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface GE1/0/1
undo portswitch
undo shutdown
ip address 10.1.24.4 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
#
interface GE1/0/2.20 mode l2
encapsulation dot1q vid 20
bridge-domain 20
#
interface GE1/0/2.30 mode l2
encapsulation dot1q vid 30
bridge-domain 30
#
i#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
ospf enable 1 area 0.0.0.0
#
interface Nve1
source 4.4.4.4
vni 20 head-end peer-list protocol bgp
vni 30 head-end peer-list protocol bgp
#
interface NULL0
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
#
ipv4-family unicast
undo peer 1.1.1.1 enable
undo peer 2.2.2.2 enable
#
l2vpn-family evpn
policy vpn-target
peer 1.1.1.1 enable
peer 1.1.1.1 advertise irb
peer 2.2.2.2 enable
peer 2.2.2.2 advertise irb
#
ospf 1
area 0.0.0.0
#
- Leaf3配置
sysname leaf3
#
device board 17 board-type CE-MPUB
device board 1 board-type CE-LPUE
#
vlan batch 30
#
evpn-overlay enable
#
ip vpn-instance vpna
ipv4-family
route-distinguisher 1111:1111
vpn-target 1111:1111 export-extcommunity evpn
vpn-target 1111:1111 import-extcommunity evpn
vxlan vni 5010
#
ip vpn-instance vpnb
ipv4-family
route-distinguisher 2222:2222
vpn-target 2222:2222 export-extcommunity evpn
vpn-target 2222:2222 import-extcommunity evpn
vxlan vni 5020
#
bridge-domain 20
vxlan vni 20
evpn
route-distinguisher 20:20
vpn-target 20:20 export-extcommunity
vpn-target 1111:1111 export-extcommunity
vpn-target 20:20 import-extcommunity
arp broadcast-suppress mismatch-discard enable
#
bridge-domain 30
vxlan vni 30
evpn
route-distinguisher 30:30
vpn-target 30:30 export-extcommunity
vpn-target 1111:1111 export-extcommunity
vpn-target 30:30 import-extcommunity
arp broadcast-suppress mismatch-discard enable
#
#
interface Vbdif20
ip binding vpn-instance vpna
ip address 20.1.1.1 255.255.255.0
mac-address 00e0-2020-0001
vxlan anycast-gateway enable
arp collect host enable
#
interface Vbdif30
ip binding vpn-instance vpnb
ip address 30.1.1.1 255.255.255.0
mac-address 00e0-3030-0001
vxlan anycast-gateway enable
arp collect host enable
#
#
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.1.15.5 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface GE1/0/1
undo portswitch
undo shutdown
ip address 10.1.25.5 255.255.255.0
ospf network-type p2p
ospf enable 1 area 0.0.0.0
#
interface GE1/0/2
undo shutdown
#
interface GE1/0/2.20 mode l2
encapsulation dot1q vid 20
bridge-domain 20
#
#
interface GE1/0/2.30 mode l2
encapsulation dot1q vid 30
bridge-domain 30
#
ii#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
ospf enable 1 area 0.0.0.0
#
interface Nve1
source 5.5.5.5
vni 20 head-end peer-list protocol bgp
vni 30 head-end peer-list protocol bgp
#
interface NULL0
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
#
ipv4-family unicast
undo peer 1.1.1.1 enable
undo peer 2.2.2.2 enable
#
l2vpn-family evpn
policy vpn-target
peer 1.1.1.1 enable
peer 1.1.1.1 advertise irb
peer 2.2.2.2 enable
peer 2.2.2.2 advertise irb
#
ospf 1
area 0.0.0.0
- Sw1,sw2,sw3配置
sysname sw1
#
vlan batch 10 20
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 10
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 10
#
- 查看 在Spine设备查看EVPN邻居关系
- 查看每个leaf上的vxlan隧道
