目录
1、实验目的
了解分布式网关以及BGP EVPN工作机制。
2、实验环境
2.1 实验拓扑
2.2 数据准备
(1)服务器配置数据
| ip add/mask | gateway | Vlan | |
|---|---|---|---|
| Serv1 | 172.16.1.10/24 | 172.16.1.1 | 10 |
| Serv2 | 10.10.10.10/24 | 10.10.10.1 | 20 |
| Serv3 | 172.16.1.20/24 | 172.16.1.1 | 30 |
| Serv4 | 10.10.10.20/24 | 10.10.10.1 | 40 |
(2)ASW1配置数据
| 划分vlan10/20,和Leaf1 Trunk连接 |
(3)ASW2配置数据
| 划分vlan30/40,和Leaf2 Trunk连接 |
(4)Leaf1/Leaf2/Spine1/BL1配置数据
| Lo0 (用于配置OSPF/BGP Router ID) | Lo10 (用于配置VTEP地址) | VID/BD/VNI对应关系 | |||
| VID | BD | VNI | |||
| Spine1 | 1.1.1.1 | ||||
| Leaf1 | 2.2.2.2 | 20.20.20.20 | 10 | 100 | 8000 |
| 20 | 200 | ||||
| Leaf2 | 3.3.3.3 | 30.30.30.30 | 30 | 300 | 8000 |
| BL1 | 4.4.4.4 | 40.40.40.40 | |||
本实验场景,Spine1不做vxlan封装,只是三层转发,不需要VTEP地址。BL1没有业务接入点,不需配置二层vxlan/bridge domain。
Spine1和Leaf1/Leaf2/BL1互联端口地址:192.168.x.x/24
(5)EVPN相关配置数据
| L2VPN(EVPN) | L3VPN | ||||||
| BD | L2VNI | RD | RT | L3VNI | RD | RT | |
| Leaf1 | 100 | 8000 | 20:1 | 100:10 200:10(ert) | 100 | 200:1 | evpn: 200:10 |
| 200 | 9000 | 20:2 | 100:20 200:10(ert) | ||||
| Leaf2 | 300 | 8000 | 30:1 | 100:10 200:10(ert) | 100 | 300:1 | evpn: 200:10 |
| BL1 | 100 | 400:1 | evpn: 200:10 | ||||
BL1没有L2VPN配置,BL1只是通过L3VNI和Leaf1/Leaf2进行通信。
2.3 设备型号
| 名称 | 功能 | ENSP型号 | ENSP版本 |
| Spine1 | Spine节点 | CE12800 | V200R005C10 |
| Leaf1/Leaf2 | Server Leaf节点 | CE12800 | V200R005C10 |
| BL1 | Border Leaf节点 | CE12800 | V200R005C10 |
| ASW1/ASW2 | 接入交换机 | S3700 | V200R001C00 |
| Serv1~4 | 服务器 | PC | |
| R1 | 模拟核心路由器/交换机 | AR1220 | V200R003C00 |
ENSP软件版本:V100R003C00SPC100
3、实验内容
1、按照实验环境进行组网。
2、基础配置:配置OSPF,相互能学习到Loopback地址。
3、完成BGP EVPN配置和分布式网关相关配置。
4、服务器Serv1能Ping通Serv3。
5、Serv2能Ping通Serv3
6、Serv1/Serv2/Serv3能Ping通R1地址182.1.1.2。
7、检查VXLAN/EVPN/路由状态。
4、配置步骤
4.1 基础配置
(1)配置Serv1/Serv2/Serv3/Serv4 IP地址/网关。
(2)配置ASW1、ASW2,端口划分vlan,配置和Leaf1/Leaf2的Trunk连接。
ASW1配置,ASW2类似:
-------------------
#
vlan batch 10 20
#
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20
#
interface Ethernet0/0/2
port link-type access
port default vlan 10
#
interface Ethernet0/0/3
port link-type access
port default vlan 20
#
(3)配置Spine1/Leaf1/Leaf2/BL1的loopback地址,互联地址,配置OSPF,使得Loopback地址可达。
Leaf1 OSPF 配置:
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 20.20.20.20 0.0.0.0
network 192.168.12.2 0.0.0.0
#
4.2 配置业务接入点
分别在Leaf1/Leaf2配置业务接入点。
Leaf1配置:
---------
#
bridge-domain 100
#
bridge-domain 200
#
#
interface GE1/0/1.1 mode l2
encapsulation dot1q vid 10
bridge-domain 100
#
interface GE1/0/1.2 mode l2
encapsulation dot1q vid 20
bridge-domain 200
#4.3 配置BGP EVPN Peer
(1) Spine1(RR)配置:
--------------
#
evpn-overlay enable
#
bgp 100
router-id 1.1.1.1
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack0
#
ipv4-family unicast
peer 2.2.2.2 enable
peer 3.3.3.3 enable
peer 4.4.4.4 enable
#
l2vpn-family evpn
undo policy vpn-target
peer 2.2.2.2 enable
peer 2.2.2.2 reflect-client
peer 3.3.3.3 enable
peer 3.3.3.3 reflect-client
peer 4.4.4.4 enable
peer 4.4.4.4 reflect-client
#
(2) Leaf1 BGP EVPN配置:(Leaf2/BL1类似)
-------------------------------------
#
evpn-overlay enable
#
bgp 100
router-id 2.2.2.2
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
#
ipv4-family unicast
peer 1.1.1.1 enable
#
l2vpn-family evpn
policy vpn-target
peer 1.1.1.1 enable
#
undo policy vpn-target
缺省情况下,PE对收到的VPNv4路由进行VPN-target过滤。通过过滤的路由会被加入到路由表中,没有通过过滤的路由将被丢弃。因此,如果PE没有配置VPN实例,或者VPN实例没有配置VPN-Target,则PE丢弃所有收到的VPNv4路由。
Spine1(RR)不配置VPN实例,但是RR需要保存所有VPNv4路由信息,以通告给对端PE。这种情况下,RR应接收所有的VPNv4路由信息,不对它们进行VPN-Target过滤。
4.4 配置VPN实例和EVPN实例
Leaf1配置,Leaf2/BL1类似,其中BL1没有配置bridge-domain,所以没有evpn实例:
#
ip vpn-instance vpn1
ipv4-family
route-distinguisher 200:1
vpn-target 200:10 export-extcommunity
vpn-target 200:10 export-extcommunity evpn
vpn-target 200:10 import-extcommunity
vpn-target 200:10 import-extcommunity evpn
vxlan vni 100
#
#
bridge-domain 100
vxlan vni 8000
evpn
route-distinguisher 20:1
vpn-target 100:10 export-extcommunity
vpn-target 200:10 export-extcommunity
vpn-target 100:10 import-extcommunity
#L3VPN(ip vpn-instance)下配置vpn-target 200:10 export-extcommunity evpn,主要对该L3VPN产生的ip prefix,在生成BGP Update——Type5类EVPN路由时,通过MPBGP EVPN传输时,携带RT:200:10,用于远端L3VPN过滤接收该前缀路由。
L2VPN(evpn)下配置vpn-target 200:10 export-extcommunity,主要对evpn产生的Type2类EVPN路由,即mac/ip信息,提取其中的ip信息(32位主机路由),通过MPBGP EVPN传输时,携带RT:200:10,用于远端L3VPN过滤接收该主机路由。
4.5 使能头端复制功能
(1)Leaf1配置,Leaf2类似:
--------------------
#
interface Nve1
source 20.20.20.20
vni 8000 head-end peer-list protocol bgp
#
(2)BL1配置:
-----------
只需要配置NVE端口,指定源地址即可,无需配置头端复制(没有BUM traffic)。
#
interface Nve1
source 40.40.40.40
#
配置vni 8000 head-end peer-list protocol bgp后,会生成BGP Update——Type3类EVPN路由(inclusive multicast route),告诉其他VTEP,自己是对应VNI(即L2VNI)的成员,远端VTEP收到后,会把该VTEP接入到自己对应VNI的头端复制列表中(用于BUM流量的发送)。
通过dis vxlan peer查看vni对应的头端复制列表。
4.6 配置VXLAN三层网关
Leaf1配置,Leaf2类似:
---------------------
#
interface Vbdif100
ip binding vpn-instance vpn1
ip address 172.16.1.1 255.255.255.0
mac-address 0001-0001-0001
vxlan anycast-gateway enable
arp collect host enable
#1)vxlan anycast-gateway enable
当用户希望网关作为分布式网关,并且需要网关只学习用户侧主机发送的ARP、ND或DHCP报文时,可以执行该命令。使能分布式网关功能之后:
网关只处理收到的用户侧主机发送的ARP、ND或DHCP报文,并生成主机路由。
网关删除已经学到的网络侧的ARP、ND或DHCP报文,同时删除相应的主机路由。
2)arp collect host enable
使三层网关能够获取主机信息表。
在配置分布式网关部署方式的VXLAN(BGP EVPN方式)场景中,当VXLAN网关之间发布的路由类型为IRB时,需配置arp collect host enable命令,用来发布主机路由。
3)arp广播抑制
在终端租户初次互通过程中,终端租户会发送ARP广播请求报文,而ARP请求报文会在二层网络内广播。为了抑制ARP广播请求报文给网络带来的广播风暴,可在VXLAN二层网关设备上使能ARP广播抑制功能。但是,ARP广播抑制功能的实现依赖于三层网关上的主机信息表(包括主机IP地址、MAC地址、VTEP地址和VNI ID,主机信息表通过arp collect host enable获取)。
在bridge-domain下配置arp broadcast-suppress,使能ARP广播抑制功能。
4)arp proxy/arp 代答
arp l2-proxy enable ----BD下配置二层代答功能,可以配合arp collect host一起使用。
4.7 配置BGP对邻居发布IRB路由
spine1配置,Leaf1/Leaf2/BL1类似:
-------------------------------
#
l2vpn-family evpn
peer 2.2.2.2 advertise irb
peer 3.3.3.3 advertise irb
peer 4.4.4.4 advertise irb
#4.8 配置BGP对邻居发布IP前缀路由
Leaf1配置,Leaf2/BL1类似:
#
ipv4-family vpn-instance vpn1
import-route direct
advertise l2vpn evpn
#
advertise l2vpn evpn
让vpn-instance的三层路由通过bgp evpn传递
4.9 其他配置
(1)Leaf1配置vbdif200,用于测试:
#
interface Vbdif200
ip binding vpn-instance vpn1
ip address 10.10.10.1 255.255.255.0
#
(2)配置R1和BL1互联和路由:
R1配置:
#
interface GigabitEthernet0/0/0
ip address 182.1.1.2 255.255.255.0
#
#
ip route-static 10.10.10.0 255.255.255.0 182.1.1.1
ip route-static 172.16.1.0 255.255.255.0 182.1.1.1
ip route-static 192.168.0.0 255.255.0.0 182.1.1.1
#
5、结果验证
5.1 检查EVPN Peer是否正常建立
[spine1]dis bgp evpn peer
BGP local router ID : 1.1.1.1
Local AS number : 100
Total number of peers : 3
Peers in established state : 3
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
2.2.2.2 4 100 7 18 0 00:00:47 Established 6
3.3.3.3 4 100 7 12 0 00:00:18 Established 4
4.4.4.4 4 100 6 28 0 00:01:15 Established 25.2 查看EVPN路由
5.2.1 Leaf1初始bgp evpn路由信息
在Leaf1上Shutdown 和Spine1的BGP连接:
#
bgp 100
peer 1.1.1.1 ignore
#
[Leaf1]dis bgp evpn peer
BGP local router ID : 2.2.2.2
Local AS number : 100
Total number of peers : 1
Peers in established state : 0
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
1.1.1.1 4 100 0 0 0 00:01:23 Idle(Admin) 0此时查看Leaf1的EVPN路由,都是自己产生的:
[Leaf1]dis bgp evpn all routing-table
Local AS number : 100
BGP Local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
EVPN address family:
Number of Mac Routes: 1
Route Distinguisher: 20:1
Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr) NextHop
*> 0:48:0001-0001-0001:0:0.0.0.0 0.0.0.0
EVPN-Instance 100:
Number of Mac Routes: 1
Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr) NextHop
*> 0:48:0001-0001-0001:0:0.0.0.0 0.0.0.0
EVPN address family:
Number of Inclusive Multicast Routes: 1
Route Distinguisher: 20:1
Network(EthTagId/IpAddrLen/OriginalIp) NextHop
*> 0:32:20.20.20.20 0.0.0.0
EVPN-Instance 100:
Number of Inclusive Multicast Routes: 1
Network(EthTagId/IpAddrLen/OriginalIp) NextHop
*> 0:32:20.20.20.20 0.0.0.0
EVPN address family:
Number of Ip Prefix Routes: 4
Route Distinguisher: 200:1
Network(EthTagId/IpPrefix/IpPrefixLen) NextHop
*> 0:172.16.1.0:24 0.0.0.0
*> 0:10.10.10.0:24 0.0.0.0
*> 0:172.16.1.1:32 0.0.0.0
*> 0:10.10.10.1:32 0.0.0.0
EVPN-Instance __RD_1_200_1__:
Number of Ip Prefix Routes: 4
Network(EthTagId/IpPrefix/IpPrefixLen) NextHop
*> 0:172.16.1.0:24 0.0.0.0
*> 0:10.10.10.0:24 0.0.0.0
*> 0:172.16.1.1:32 0.0.0.0
*> 0:10.10.10.1:32 0.0.0.0
[Leaf1]4条type 5路由,由import direct产生;
1条type3路由,由int nve下配置的vni 8000产生;
1条type2路由(mac路由),由arp collect host enable产生??
4条type5路由,由L3VPN注入进来的:
[Leaf1]dis bgp vpnv4 vpn-instance vpn1 routing-table
BGP Local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V - valid, I - invalid, N - not-found
VPN-Instance vpn1, Router ID 2.2.2.2:
Total Number of Routes: 4
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 10.10.10.0/24 0.0.0.0 0 0 ?
*> 10.10.10.1/32 0.0.0.0 0 0 ?
*> 172.16.1.0/24 0.0.0.0 0 0 ?
*> 172.16.1.1/32 0.0.0.0 0 0 ?具体查看一条前缀路由(比如:0:172.16.1.0:24)的注入方式,可以看到此路由是“Imported route.":
[Leaf1]dis bgp evpn all routing-table prefix-route 0:172.16.1.0:24
BGP local router ID : 2.2.2.2
Local AS number : 100
Total routes of Route Distinguisher(200:1): 1
BGP routing table entry information of 0:172.16.1.0:24:
Imported route.
Label information (Received/Applied): NULL/100
From: 0.0.0.0 (0.0.0.0)
Route Duration: 0d00h13m08s
Direct Out-interface: Vbdif100
Original nexthop: 20.20.20.20
Effective nexthop: 172.16.1.1
Qos information : 0x0
Ext-Community: RT <200 : 10>, Tunnel Type <VxLan>, Router's MAC <707b-e8da-5876>
AS-path Nil, origin incomplete, MED 0, pref-val 0, valid, local, best, select, pre 255
Route Type: 5 (Ip Prefix Route)
Ethernet Tag ID: 0, IP Prefix/Len: 172.16.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0
Not advertised to any peer yet
EVPN-Instance __RD_1_200_1__:
Number of Ip Prefix Routes: 1
BGP routing table entry information of 0:172.16.1.0:24:
Route Distinguisher: 200:1
Imported route.
Label information (Received/Applied): NULL/100
From: 0.0.0.0 (0.0.0.0)
Route Duration: 0d00h13m12s
Direct Out-interface: Vbdif100
Original nexthop: 20.20.20.20
Effective nexthop: 172.16.1.1
Qos information : 0x0
Ext-Community: Tunnel Type <VxLan>, Router's MAC <707b-e8da-5876>
AS-path Nil, origin incomplete, MED 0, pref-val 0, valid, local, best, select, pre 0
Route Type: 5 (Ip Prefix Route)
Ethernet Tag ID: 0, IP Prefix/Len: 172.16.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0
Not advertised to any peer yet
[Leaf1]输入undo peer 1.1.1.1 ignore重建连接。
在Leaf1上,Leaf1连接Spine1的端口抓包,查看BGP update信息。
5.2.2 Type3路由
Leaf1发给Spine1的bgp update type3抓包信息:
No. Time Source Destination Protocol Length VXLAN Network Identifier (VNI) Info
26 39.954000 2.2.2.2 1.1.1.1 BGP 510 UPDATE Message, UPDATE Message, UPDATE Message
Frame 26: 510 bytes on wire (4080 bits), 510 bytes captured (4080 bits) on interface -, id 0
Ethernet II, Src: 38:7d:c8:04:01:00 (38:7d:c8:04:01:00), Dst: 38:7d:c8:02:01:01 (38:7d:c8:02:01:01)
Internet Protocol Version 4, Src: 2.2.2.2, Dst: 1.1.1.1
Transmission Control Protocol, Src Port: 52652, Dst Port: 179, Seq: 94, Ack: 71, Len: 456
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 108
Type: UPDATE Message (2)
Withdrawn Routes Length: 0
Total Path Attribute Length: 85
Path attributes
Path Attribute - ORIGIN: INCOMPLETE
Flags: 0x40, Transitive, Well-known, Complete
Type Code: ORIGIN (1)
Length: 1
Origin: INCOMPLETE (2)
Path Attribute - AS_PATH: empty
Flags: 0x40, Transitive, Well-known, Complete
Type Code: AS_PATH (2)
Length: 0
Path Attribute - LOCAL_PREF: 100
Flags: 0x40, Transitive, Well-known, Complete
Type Code: LOCAL_PREF (5)
Length: 4
Local preference: 100
Path Attribute - EXTENDED_COMMUNITIES
Flags: 0xc0, Optional, Transitive, Complete
Type Code: EXTENDED_COMMUNITIES (16)
Length: 24
Carried extended communities: (3 communities)
Route Target: 100:10 [Transitive 2-Octet AS-Specific]
Route Target: 200:10 [Transitive 2-Octet AS-Specific]
Encapsulation: VXLAN Encapsulation [Transitive Opaque]
Path Attribute - PMSI_TUNNEL_ATTRIBUTE
Flags: 0xc0, Optional, Transitive, Complete
Type Code: PMSI_TUNNEL_ATTRIBUTE (22)
Length: 9
Flags: 0
Tunnel Type: Ingress Replication (6)
VNI: 8000
Tunnel ID: tunnel end point -> 20.20.20.20
Tunnel type ingress replication IP end point: 20.20.20.20
Path Attribute - MP_REACH_NLRI
Flags: 0x90, Optional, Extended-Length, Non-transitive, Complete
Type Code: MP_REACH_NLRI (14)
Length: 28
Address family identifier (AFI): Layer-2 VPN (25)
Subsequent address family identifier (SAFI): EVPN (70)
Next hop: 14141414
IPv4 Address: 20.20.20.20
[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]
Number of Subnetwork points of attachment (SNPA): 0
Network Layer Reachability Information (NLRI)
EVPN NLRI: Inclusive Multicast Route
Route Type: Inclusive Multicast Route (3)
Length: 17
Route Distinguisher: 0000001400000001 (20:1)
Ethernet Tag ID: 0
IP Address Length: 32
IPv4 address: 20.20.20.20Spine1发给Leaf1的bgp update type3抓包信息:
No. Time Source Destination Protocol Length VXLAN Network Identifier (VNI) Info
28 39.954000 1.1.1.1 2.2.2.2 BGP 650 UPDATE Message, UPDATE Message, UPDATE Message, UPDATE Message
Frame 28: 650 bytes on wire (5200 bits), 650 bytes captured (5200 bits) on interface -, id 0
Ethernet II, Src: 38:7d:c8:02:01:01 (38:7d:c8:02:01:01), Dst: 38:7d:c8:04:01:00 (38:7d:c8:04:01:00)
Internet Protocol Version 4, Src: 1.1.1.1, Dst: 2.2.2.2
Transmission Control Protocol, Src Port: 179, Dst Port: 52652, Seq: 94, Ack: 94, Len: 596
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 122
Type: UPDATE Message (2)
Withdrawn Routes Length: 0
Total Path Attribute Length: 99
Path attributes
Path Attribute - ORIGIN: INCOMPLETE
Flags: 0x40, Transitive, Well-known, Complete
Type Code: ORIGIN (1)
Length: 1
Origin: INCOMPLETE (2)
Path Attribute - AS_PATH: empty
Flags: 0x40, Transitive, Well-known, Complete
Type Code: AS_PATH (2)
Length: 0
Path Attribute - LOCAL_PREF: 100
Flags: 0x40, Transitive, Well-known, Complete
Type Code: LOCAL_PREF (5)
Length: 4
Local preference: 100
Path Attribute - ORIGINATOR_ID: 3.3.3.3
Flags: 0x80, Optional, Non-transitive, Complete
Type Code: ORIGINATOR_ID (9)
Length: 4
Originator identifier: 3.3.3.3
Path Attribute - CLUSTER_LIST: 1.1.1.1
Flags: 0x80, Optional, Non-transitive, Complete
Type Code: CLUSTER_LIST (10)
Length: 4
Cluster List: 1.1.1.1
Path Attribute - EXTENDED_COMMUNITIES
Flags: 0xc0, Optional, Transitive, Complete
Type Code: EXTENDED_COMMUNITIES (16)
Length: 24
Carried extended communities: (3 communities)
Route Target: 100:10 [Transitive 2-Octet AS-Specific]
Route Target: 200:10 [Transitive 2-Octet AS-Specific]
Encapsulation: VXLAN Encapsulation [Transitive Opaque]
Path Attribute - PMSI_TUNNEL_ATTRIBUTE
Flags: 0xc0, Optional, Transitive, Complete
Type Code: PMSI_TUNNEL_ATTRIBUTE (22)
Length: 9
Flags: 0
Tunnel Type: Ingress Replication (6)
VNI: 8000
Tunnel ID: tunnel end point -> 30.30.30.30
Path Attribute - MP_REACH_NLRI
Flags: 0x90, Optional, Extended-Length, Non-transitive, Complete
Type Code: MP_REACH_NLRI (14)
Length: 28
Address family identifier (AFI): Layer-2 VPN (25)
Subsequent address family identifier (SAFI): EVPN (70)
Next hop: 1e1e1e1e
IPv4 Address: 30.30.30.30
[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]
Number of Subnetwork points of attachment (SNPA): 0
Network Layer Reachability Information (NLRI)
EVPN NLRI: Inclusive Multicast Route
Route Type: Inclusive Multicast Route (3)
Length: 17
Route Distinguisher: 0000001e00000001 (30:1)
Ethernet Tag ID: 0
IP Address Length: 32
IPv4 address: 30.30.30.30这个type3路由就是Leaf2产生的,vni 8000触发产生。
在Leaf1查看bgp evpn type3路由信息:
[Leaf1-bgp]dis bgp evpn all routing-table inclusive-route
Local AS number : 100
BGP Local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
EVPN address family:
Number of Inclusive Multicast Routes: 2
Route Distinguisher: 20:1
Network(EthTagId/IpAddrLen/OriginalIp) NextHop
*> 0:32:20.20.20.20 0.0.0.0
Route Distinguisher: 30:1
Network(EthTagId/IpAddrLen/OriginalIp) NextHop
*>i 0:32:30.30.30.30 30.30.30.30
EVPN-Instance 100:
Number of Inclusive Multicast Routes: 2
Network(EthTagId/IpAddrLen/OriginalIp) NextHop
*> 0:32:20.20.20.20 0.0.0.0
*>i 0:32:30.30.30.30 30.30.30.30
[Leaf1-bgp] 一共两条type3路由,0:32:20.20.20.20由Leaf1(本地)生成,0:32:30.30.30.30由Leaf2生成。
查看具体的type3路由:0:32:20.20.20.20
[Leaf1-bgp]dis bgp evpn all routing-table inclusive-route 0:32:20.20.20.20
BGP local router ID : 2.2.2.2
Local AS number : 100
Total routes of Route Distinguisher(20:1): 1
BGP routing table entry information of 0:32:20.20.20.20:
Imported route.
From: 0.0.0.0 (0.0.0.0)
Route Duration: 0d04h11m59s
Direct Out-interface:
Original nexthop: 20.20.20.20
Qos information : 0x0
Ext-Community: RT <100 : 10>, RT <200 : 10>, Tunnel Type <VxLan>
AS-path Nil, origin incomplete, pref-val 0, valid, local, best, select, pre 255
PMSI: Flags 0, Ingress Replication, Label 0:0:0(8000), Tunnel Identifier:20.20.20.20
Route Type: 3 (Inclusive Multicast Route)
Ethernet Tag ID: 0, Originator IP:20.20.20.20/32
Advertised to such 1 peers:
1.1.1.1
EVPN-Instance 100:
Number of Inclusive Multicast Routes: 1
BGP routing table entry information of 0:32:20.20.20.20:
Route Distinguisher: 20:1
Imported route.
From: 0.0.0.0 (0.0.0.0)
Route Duration: 0d04h44m19s
Direct Out-interface:
Original nexthop: 20.20.20.20
Qos information : 0x0
Ext-Community: Tunnel Type <VxLan>
AS-path Nil, origin incomplete, pref-val 0, valid, local, best, select, pre 0
PMSI: Flags 0, Ingress Replication, Label 0:0:0(8000), Tunnel Identifier:20.20.20.20
Route Type: 3 (Inclusive Multicast Route)
Ethernet Tag ID: 0, Originator IP:20.20.20.20/32
Not advertised to any peer yet
[Leaf1-bgp]查看具体的type3路由:0:32:30.30.30.30
[Leaf1-bgp]dis bgp evpn all routing-table inclusive-route 0:32:30.30.30.30
BGP local router ID : 2.2.2.2
Local AS number : 100
Total routes of Route Distinguisher(30:1): 1
BGP routing table entry information of 0:32:30.30.30.30:
Label information (Received/Applied): 8000/NULL
From: 1.1.1.1 (1.1.1.1)
Route Duration: 0d03h02m20s
Relay IP Nexthop: 192.168.12.1
Relay Tunnel Out-Interface: VXLAN
Original nexthop: 30.30.30.30
Qos information : 0x0
Ext-Community: RT <100 : 10>, RT <200 : 10>, Tunnel Type <VxLan>
AS-path Nil, origin incomplete, localpref 100, pref-val 0, valid, internal, best, select, pre 255, IGP cost 2
Originator: 3.3.3.3
PMSI: Flags 0, Ingress Replication, Label 0:0:0(8000), Tunnel Identifier:30.30.30.30
Cluster list: 1.1.1.1
Route Type: 3 (Inclusive Multicast Route)
Ethernet Tag ID: 0, Originator IP:30.30.30.30/32
Not advertised to any peer yet
EVPN-Instance 100:
Number of Inclusive Multicast Routes: 1
BGP routing table entry information of 0:32:30.30.30.30:
Route Distinguisher: 30:1
Remote-Cross route
Label information (Received/Applied): 8000/NULL
From: 1.1.1.1 (1.1.1.1)
Route Duration: 0d03h02m20s
Relay Tunnel Out-Interface: VXLAN
Original nexthop: 30.30.30.30
Qos information : 0x0
Ext-Community: RT <100 : 10>, RT <200 : 10>, Tunnel Type <VxLan>
AS-path Nil, origin incomplete, localpref 100, pref-val 0, valid, internal, best, select, pre 255
Originator: 3.3.3.3
PMSI: Flags 0, Ingress Replication, Label 0:0:0(8000), Tunnel Identifier:30.30.30.30
Cluster list: 1.1.1.1
Route Type: 3 (Inclusive Multicast Route)
Ethernet Tag ID: 0, Originator IP:30.30.30.30/32
Not advertised to any peer yet
[Leaf1-bgp]PMSI
Type 3 route must also carry a Provider Multicast Service Interface (PMSI) Tunnel attribute as specified in RFC 6514.
查看Leaf1vxlan peer建立:
[Leaf1]dis vxlan peer
Number of peers : 1
Vni ID Source Destination Type Out Vni ID
-------------------------------------------------------------------------------
8000 20.20.20.20 30.30.30.30 dynamic 8000
[Leaf1]type是动态的,通过bgp evpn协议建立的。
这就是头端复制列表。
Leaf1和BL1、Leaf2都建立了vxlan tunnel:
[Leaf1]dis vxlan tunnel
Number of vxlan tunnel : 2
Tunnel ID Source Destination State Type Uptime
-----------------------------------------------------------------------------------
4026531856 20.20.20.20 30.30.30.30 up dynamic 04:09:06
4026531857 20.20.20.20 40.40.40.40 up dynamic 04:09:06
[Leaf1]注意由于BL1没有配置L2VNI,所以Leaf1和BL1之间没有BUM流量的头端复制列表(就是没有vxlan peer)。
可以理解tunnel主要用于单播流量迭代到tunnel上(进行vxlan封装)。
5.2.3 Type5路由
Leaf1发给Spine1的bgp update type5的抓包信息:
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 228
Type: UPDATE Message (2)
Withdrawn Routes Length: 0
Total Path Attribute Length: 205
Path attributes
Path Attribute - ORIGIN: INCOMPLETE
Flags: 0x40, Transitive, Well-known, Complete
Type Code: ORIGIN (1)
Length: 1
Origin: INCOMPLETE (2)
Path Attribute - AS_PATH: empty
Flags: 0x40, Transitive, Well-known, Complete
Type Code: AS_PATH (2)
Length: 0
Path Attribute - MULTI_EXIT_DISC: 0
Flags: 0x80, Optional, Non-transitive, Complete
Type Code: MULTI_EXIT_DISC (4)
Length: 4
Multiple exit discriminator: 0
Path Attribute - LOCAL_PREF: 100
Flags: 0x40, Transitive, Well-known, Complete
Type Code: LOCAL_PREF (5)
Length: 4
Local preference: 100
Path Attribute - EXTENDED_COMMUNITIES
Flags: 0xc0, Optional, Transitive, Complete
Type Code: EXTENDED_COMMUNITIES (16)
Length: 24
Carried extended communities: (3 communities)
Route Target: 200:10 [Transitive 2-Octet AS-Specific]
Encapsulation: VXLAN Encapsulation [Transitive Opaque]
EVPN Router MAC: Router MAC: 70:7b:e8:da:58:76 [Transitive EVPN]
Path Attribute - MP_REACH_NLRI
Flags: 0x90, Optional, Extended-Length, Non-transitive, Complete
Type Code: MP_REACH_NLRI (14)
Length: 153
Address family identifier (AFI): Layer-2 VPN (25)
Subsequent address family identifier (SAFI): EVPN (70)
Next hop: 14141414
Number of Subnetwork points of attachment (SNPA): 0
Network Layer Reachability Information (NLRI)
EVPN NLRI: IP Prefix route
Route Type: IP Prefix route (5)
Length: 34
Route Distinguisher: 000000c800000001 (200:1)
ESI: 00:00:00:00:00:00:00:00:00:00
Ethernet Tag ID: 0
IP prefix length: 24
IPv4 address: 172.16.1.0
IPv4 Gateway address: 0.0.0.0
VNI: 100
EVPN NLRI: IP Prefix route
Route Type: IP Prefix route (5)
Length: 34
Route Distinguisher: 000000c800000001 (200:1)
ESI: 00:00:00:00:00:00:00:00:00:00
Ethernet Tag ID: 0
IP prefix length: 24
IPv4 address: 10.10.10.0
IPv4 Gateway address: 0.0.0.0
VNI: 100
EVPN NLRI: IP Prefix route
Route Type: IP Prefix route (5)
Length: 34
Route Distinguisher: 000000c800000001 (200:1)
ESI: 00:00:00:00:00:00:00:00:00:00
Ethernet Tag ID: 0
IP prefix length: 32
IPv4 address: 172.16.1.1
IPv4 Gateway address: 0.0.0.0
VNI: 100
EVPN NLRI: IP Prefix route
Route Type: IP Prefix route (5)
Length: 34
Route Distinguisher: 000000c800000001 (200:1)
ESI: 00:00:00:00:00:00:00:00:00:00
Ethernet Tag ID: 0
IP prefix length: 32
IPv4 address: 10.10.10.1
IPv4 Gateway address: 0.0.0.0
VNI: 100type5只携带L3VPN的export RT值:200:1
type5只携带L3VNI:100
type5路由中的router mac是NVE端口的mac地址:
[Leaf1]dis int nve1
Nve1 current state : UP (ifindex: 22)
Line protocol current state : UP
Description:
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 707b-e8da-5876Spine1向Leaf1发送的type5路由:
一部分是Leaf2产生的type5路由,另外一部分是BL1产生的type5路由。
Leaf1收到的,Leaf2产生的type5路由:
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 170
Type: UPDATE Message (2)
Withdrawn Routes Length: 0
Total Path Attribute Length: 147
Path attributes
Path Attribute - ORIGIN: INCOMPLETE
Flags: 0x40, Transitive, Well-known, Complete
Type Code: ORIGIN (1)
Length: 1
Origin: INCOMPLETE (2)
Path Attribute - AS_PATH: empty
Flags: 0x40, Transitive, Well-known, Complete
Type Code: AS_PATH (2)
Length: 0
Path Attribute - MULTI_EXIT_DISC: 0
Flags: 0x80, Optional, Non-transitive, Complete
Type Code: MULTI_EXIT_DISC (4)
Length: 4
Multiple exit discriminator: 0
Path Attribute - LOCAL_PREF: 100
Flags: 0x40, Transitive, Well-known, Complete
Type Code: LOCAL_PREF (5)
Length: 4
Local preference: 100
Path Attribute - ORIGINATOR_ID: 3.3.3.3
Flags: 0x80, Optional, Non-transitive, Complete
Type Code: ORIGINATOR_ID (9)
Length: 4
Originator identifier: 3.3.3.3
Path Attribute - CLUSTER_LIST: 1.1.1.1
Flags: 0x80, Optional, Non-transitive, Complete
Type Code: CLUSTER_LIST (10)
Length: 4
Cluster List: 1.1.1.1
Path Attribute - EXTENDED_COMMUNITIES
Flags: 0xc0, Optional, Transitive, Complete
Type Code: EXTENDED_COMMUNITIES (16)
Length: 24
Carried extended communities: (3 communities)
Route Target: 200:10 [Transitive 2-Octet AS-Specific]
Encapsulation: VXLAN Encapsulation [Transitive Opaque]
EVPN Router MAC: Router MAC: 70:7b:e8:2d:5c:d3 [Transitive EVPN]
Path Attribute - MP_REACH_NLRI
Flags: 0x90, Optional, Extended-Length, Non-transitive, Complete
Type Code: MP_REACH_NLRI (14)
Length: 81
Address family identifier (AFI): Layer-2 VPN (25)
Subsequent address family identifier (SAFI): EVPN (70)
Next hop: 1e1e1e1e
IPv4 Address: 30.30.30.30
[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]
Number of Subnetwork points of attachment (SNPA): 0
Network Layer Reachability Information (NLRI)
EVPN NLRI: IP Prefix route
Route Type: IP Prefix route (5)
Length: 34
Route Distinguisher: 0000012c00000001 (300:1)
ESI: 00:00:00:00:00:00:00:00:00:00
Ethernet Tag ID: 0
IP prefix length: 24
IPv4 address: 172.16.1.0
IPv4 Gateway address: 0.0.0.0
VNI: 100
EVPN NLRI: IP Prefix route
Route Type: IP Prefix route (5)
Length: 34
Route Distinguisher: 0000012c00000001 (300:1)
ESI: 00:00:00:00:00:00:00:00:00:00
Ethernet Tag ID: 0
IP prefix length: 32
IPv4 address: 172.16.1.1
IPv4 Gateway address: 0.0.0.0
VNI: 100leaf1和leaf2,针对172.16.1.0,组成分布式网关,彼此发送相同的172.16.1.0/24和172.16.1.1的路由。
Leaf1收到的,BL1产生的type5路由:
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 170
Type: UPDATE Message (2)
Withdrawn Routes Length: 0
Total Path Attribute Length: 147
Path attributes
Path Attribute - ORIGIN: INCOMPLETE
Flags: 0x40, Transitive, Well-known, Complete
Type Code: ORIGIN (1)
Length: 1
Origin: INCOMPLETE (2)
Path Attribute - AS_PATH: empty
Flags: 0x40, Transitive, Well-known, Complete
Type Code: AS_PATH (2)
Length: 0
Path Attribute - MULTI_EXIT_DISC: 0
Flags: 0x80, Optional, Non-transitive, Complete
Type Code: MULTI_EXIT_DISC (4)
Length: 4
Multiple exit discriminator: 0
Path Attribute - LOCAL_PREF: 100
Flags: 0x40, Transitive, Well-known, Complete
Type Code: LOCAL_PREF (5)
Length: 4
Local preference: 100
Path Attribute - ORIGINATOR_ID: 4.4.4.4
Flags: 0x80, Optional, Non-transitive, Complete
Type Code: ORIGINATOR_ID (9)
Length: 4
Originator identifier: 4.4.4.4
Path Attribute - CLUSTER_LIST: 1.1.1.1
Flags: 0x80, Optional, Non-transitive, Complete
Type Code: CLUSTER_LIST (10)
Length: 4
Cluster List: 1.1.1.1
Path Attribute - EXTENDED_COMMUNITIES
Flags: 0xc0, Optional, Transitive, Complete
Type Code: EXTENDED_COMMUNITIES (16)
Length: 24
Carried extended communities: (3 communities)
Route Target: 200:10 [Transitive 2-Octet AS-Specific]
Encapsulation: VXLAN Encapsulation [Transitive Opaque]
EVPN Router MAC: Router MAC: 70:7b:e8:7a:4e:20 [Transitive EVPN]
Path Attribute - MP_REACH_NLRI
Flags: 0x90, Optional, Extended-Length, Non-transitive, Complete
Type Code: MP_REACH_NLRI (14)
Length: 81
Address family identifier (AFI): Layer-2 VPN (25)
Subsequent address family identifier (SAFI): EVPN (70)
Next hop: 28282828
IPv4 Address: 40.40.40.40
[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]
Number of Subnetwork points of attachment (SNPA): 0
Network Layer Reachability Information (NLRI)
EVPN NLRI: IP Prefix route
Route Type: IP Prefix route (5)
Length: 34
Route Distinguisher: 0000019000000001 (400:1)
ESI: 00:00:00:00:00:00:00:00:00:00
Ethernet Tag ID: 0
IP prefix length: 24
IPv4 address: 182.1.1.0
IPv4 Gateway address: 0.0.0.0
VNI: 100
EVPN NLRI: IP Prefix route
Route Type: IP Prefix route (5)
Length: 34
Route Distinguisher: 0000019000000001 (400:1)
ESI: 00:00:00:00:00:00:00:00:00:00
Ethernet Tag ID: 0
IP prefix length: 32
IPv4 address: 182.1.1.1
IPv4 Gateway address: 0.0.0.0
VNI: 100查看bgp evpn type5的路由表:
[Leaf1]dis bgp evpn all routing-table prefix-route
Local AS number : 100
BGP Local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
EVPN address family:
Number of Ip Prefix Routes: 8
Route Distinguisher: 200:1
Network(EthTagId/IpPrefix/IpPrefixLen) NextHop
*> 0:172.16.1.0:24 0.0.0.0
*> 0:10.10.10.0:24 0.0.0.0
*> 0:172.16.1.1:32 0.0.0.0
*> 0:10.10.10.1:32 0.0.0.0
Route Distinguisher: 300:1
Network(EthTagId/IpPrefix/IpPrefixLen) NextHop
*>i 0:172.16.1.0:24 30.30.30.30
*>i 0:172.16.1.1:32 30.30.30.30
Route Distinguisher: 400:1
Network(EthTagId/IpPrefix/IpPrefixLen) NextHop
*>i 0:182.1.1.0:24 40.40.40.40
*>i 0:182.1.1.1:32 40.40.40.40
EVPN-Instance __RD_1_200_1__:
Number of Ip Prefix Routes: 8
Network(EthTagId/IpPrefix/IpPrefixLen) NextHop
*>i 0:182.1.1.0:24 40.40.40.40
*> 0:172.16.1.0:24 0.0.0.0
* i 30.30.30.30
*> 0:10.10.10.0:24 0.0.0.0
*>i 0:182.1.1.1:32 40.40.40.40
*> 0:172.16.1.1:32 0.0.0.0
* i 30.30.30.30
*> 0:10.10.10.1:32 0.0.0.0
[Leaf1]查看具体的bgp evpn type5路由信息:
查看bgp evpn路由明细,0:172.16.1.0:24
[Leaf1]dis bgp evpn all routing-table prefix-route 0:172.16.1.0:24
BGP local router ID : 2.2.2.2
Local AS number : 100
Total routes of Route Distinguisher(200:1): 1
BGP routing table entry information of 0:172.16.1.0:24:
Imported route.
Label information (Received/Applied): NULL/100
From: 0.0.0.0 (0.0.0.0)
Route Duration: 0d04h48m19s
Direct Out-interface: Vbdif100
Original nexthop: 20.20.20.20
Effective nexthop: 172.16.1.1
Qos information : 0x0
Ext-Community: RT <200 : 10>, Tunnel Type <VxLan>, Router's MAC <707b-e8da-5876>
AS-path Nil, origin incomplete, MED 0, pref-val 0, valid, local, best, select, pre 255
Route Type: 5 (Ip Prefix Route)
Ethernet Tag ID: 0, IP Prefix/Len: 172.16.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0
Advertised to such 1 peers:
1.1.1.1
Total routes of Route Distinguisher(300:1): 1
BGP routing table entry information of 0:172.16.1.0:24:
Label information (Received/Applied): 100/NULL
From: 1.1.1.1 (1.1.1.1)
Route Duration: 0d03h37m53s
Relay IP Nexthop: 192.168.12.1
Relay Tunnel Out-Interface: VXLAN
Original nexthop: 30.30.30.30
Qos information : 0x0
Ext-Community: RT <200 : 10>, Tunnel Type <VxLan>, Router's MAC <707b-e82d-5cd3>
AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, best, select, pre 255, IGP cost 2
Originator: 3.3.3.3
Cluster list: 1.1.1.1
Route Type: 5 (Ip Prefix Route)
Ethernet Tag ID: 0, IP Prefix/Len: 172.16.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0
Not advertised to any peer yet
EVPN-Instance __RD_1_200_1__:
Number of Ip Prefix Routes: 2
BGP routing table entry information of 0:172.16.1.0:24:
Route Distinguisher: 200:1
Imported route.
Label information (Received/Applied): NULL/100
From: 0.0.0.0 (0.0.0.0)
Route Duration: 0d04h48m24s
Direct Out-interface: Vbdif100
Original nexthop: 20.20.20.20
Effective nexthop: 172.16.1.1
Qos information : 0x0
Ext-Community: Tunnel Type <VxLan>, Router's MAC <707b-e8da-5876>
AS-path Nil, origin incomplete, MED 0, pref-val 0, valid, local, best, select, pre 0
Route Type: 5 (Ip Prefix Route)
Ethernet Tag ID: 0, IP Prefix/Len: 172.16.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0
Not advertised to any peer yet
BGP routing table entry information of 0:172.16.1.0:24:
Route Distinguisher: 300:1
Remote-Cross route
Label information (Received/Applied): 100/NULL
From: 1.1.1.1 (1.1.1.1)
Route Duration: 0d03h37m54s
Relay Tunnel Out-Interface: VXLAN
Original nexthop: 30.30.30.30
Qos information : 0x0
Ext-Community: RT <200 : 10>, Tunnel Type <VxLan>, Router's MAC <707b-e82d-5cd3>
AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, pre 255, not preferred for route type
Originator: 3.3.3.3
Cluster list: 1.1.1.1
Route Type: 5 (Ip Prefix Route)
Ethernet Tag ID: 0, IP Prefix/Len: 172.16.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0
Not advertised to any peer yet
[Leaf1]leaf1和leaf2都产生了172.16.1.0这条路由,在进入L3VPN 路由表时进行比较,172.16.1.0是直连路由,所以优先。
查看bgp evpn路由明细,0:182.1.1.0:24
[Leaf1]dis bgp evpn all routing-table prefix-route 0:182.1.1.0:24
BGP local router ID : 2.2.2.2
Local AS number : 100
Total routes of Route Distinguisher(400:1): 1
BGP routing table entry information of 0:182.1.1.0:24:
Label information (Received/Applied): 100/NULL
From: 1.1.1.1 (1.1.1.1)
Route Duration: 0d03h44m33s
Relay IP Nexthop: 192.168.12.1
Relay Tunnel Out-Interface: VXLAN
Original nexthop: 40.40.40.40
Qos information : 0x0
Ext-Community: RT <200 : 10>, Tunnel Type <VxLan>, Router's MAC <707b-e87a-4e20>
AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, best, select, pre 255, IGP cost 2
Originator: 4.4.4.4
Cluster list: 1.1.1.1
Route Type: 5 (Ip Prefix Route)
Ethernet Tag ID: 0, IP Prefix/Len: 182.1.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0
Not advertised to any peer yet
EVPN-Instance __RD_1_200_1__:
Number of Ip Prefix Routes: 1
BGP routing table entry information of 0:182.1.1.0:24:
Route Distinguisher: 400:1
Remote-Cross route
Label information (Received/Applied): 100/NULL
From: 1.1.1.1 (1.1.1.1)
Route Duration: 0d03h44m33s
Relay Tunnel Out-Interface: VXLAN
Original nexthop: 40.40.40.40
Qos information : 0x0
Ext-Community: RT <200 : 10>, Tunnel Type <VxLan>, Router's MAC <707b-e87a-4e20>
AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, best, select, pre 255
Originator: 4.4.4.4
Cluster list: 1.1.1.1
Route Type: 5 (Ip Prefix Route)
Ethernet Tag ID: 0, IP Prefix/Len: 182.1.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0
Not advertised to any peer yet
[Leaf1]最后,查看leaf1的vpn1的路由表:
[Leaf1]dis ip routing-table vpn-instance vpn1
Proto: Protocol Pre: Preference
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : vpn1
Destinations : 9 Routes : 9
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.10.10.0/24 Direct 0 0 D 10.10.10.1 Vbdif200
10.10.10.1/32 Direct 0 0 D 127.0.0.1 Vbdif200
10.10.10.255/32 Direct 0 0 D 127.0.0.1 Vbdif200
172.16.1.0/24 Direct 0 0 D 172.16.1.1 Vbdif100
172.16.1.1/32 Direct 0 0 D 127.0.0.1 Vbdif100
172.16.1.255/32 Direct 0 0 D 127.0.0.1 Vbdif100
182.1.1.0/24 IBGP 255 0 RD 40.40.40.40 VXLAN
182.1.1.1/32 IBGP 255 0 RD 40.40.40.40 VXLAN
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[Leaf1]去往BL1的182.1.1.0/24和182.1.1.1/32的路由已经出现在路由表,下一跳为vtep地址40.40.40.40,vxlan封装。
查看具体路由信息:
[Leaf1]dis ip routing-table vpn-instance vpn1 182.1.1.0 verbose
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : vpn1
Summary Count : 1
Destination: 182.1.1.0/24
Protocol: IBGP Process ID: 0
Preference: 255 Cost: 0
NextHop: 40.40.40.40 Neighbour: 1.1.1.1
State: Active Adv Relied Age: 03h48m22s
Tag: 0 Priority: low
Label: NULL QoSInfo: 0x0
IndirectID: 0x10000A2 Instance:
RelayNextHop: 0.0.0.0 Interface: VXLAN
TunnelID: 0x0000000027f0000011 Flags: RD
[Leaf1]5.2.4 Type 2路由
在服务器之间还没有发送数据流的情况下,观察type2路由情况。
type2路由分三种:mac route, arp route, irb route。
leaf1发给spine1的mac路由抓包:
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 120
Type: UPDATE Message (2)
Withdrawn Routes Length: 0
Total Path Attribute Length: 97
Path attributes
Path Attribute - ORIGIN: INCOMPLETE
Flags: 0x40, Transitive, Well-known, Complete
Type Code: ORIGIN (1)
Length: 1
Origin: INCOMPLETE (2)
Path Attribute - AS_PATH: empty
Flags: 0x40, Transitive, Well-known, Complete
Type Code: AS_PATH (2)
Length: 0
Path Attribute - LOCAL_PREF: 100
Flags: 0x40, Transitive, Well-known, Complete
Type Code: LOCAL_PREF (5)
Length: 4
Local preference: 100
Path Attribute - EXTENDED_COMMUNITIES
Flags: 0xc0, Optional, Transitive, Complete
Type Code: EXTENDED_COMMUNITIES (16)
Length: 32
Carried extended communities: (4 communities)
Route Target: 100:10 [Transitive 2-Octet AS-Specific]
Route Target: 200:10 [Transitive 2-Octet AS-Specific]
Encapsulation: VXLAN Encapsulation [Transitive Opaque]
MAC Mobility: Sticky MAC [Transitive EVPN]
Path Attribute - MP_REACH_NLRI
Flags: 0x90, Optional, Extended-Length, Non-transitive, Complete
Type Code: MP_REACH_NLRI (14)
Length: 44
Address family identifier (AFI): Layer-2 VPN (25)
Subsequent address family identifier (SAFI): EVPN (70)
Next hop: 14141414
IPv4 Address: 20.20.20.20
[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]
Number of Subnetwork points of attachment (SNPA): 0
Network Layer Reachability Information (NLRI)
EVPN NLRI: MAC Advertisement Route
Route Type: MAC Advertisement Route (2)
Length: 33
Route Distinguisher: 0000001400000001 (20:1)
ESI: 00:00:00:00:00:00:00:00:00:00
Ethernet Tag ID: 0
MAC Address Length: 48
MAC Address: EquipTra_01:00:01 (00:01:00:01:00:01)
IP Address Length: 0
IP Address: NOT INCLUDED
[Expert Info (Note/Protocol): IP Address: NOT INCLUDED]
VNI: 8000这是一条mac route,发送的mac地址为启用了分布式网关的int vbdif 100端口的mac地址:
[Leaf1]dis int vbdif 100
Vbdif100 current state : UP (ifindex: 16)
Line protocol current state : UP
Last line protocol up time : 2022-03-13 07:00:54
Description:
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 172.16.1.1/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 0001-0001-0001
Current system time: 2022-03-13 14:57:36
Last 300 seconds input rate 0 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes
Output:0 packets, 0 bytes
Last 300 seconds input utility rate: --
Last 300 seconds output utility rate: --
[Leaf1]dis curr int vbdif 100
#
interface Vbdif100
ip binding vpn-instance vpn1
ip address 172.16.1.1 255.255.255.0
mac-address 0001-0001-0001
vxlan anycast-gateway enable
arp collect host enable
#spine1发送给leaf1的mac route抓包:
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 134
Type: UPDATE Message (2)
Withdrawn Routes Length: 0
Total Path Attribute Length: 111
Path attributes
Path Attribute - ORIGIN: INCOMPLETE
Flags: 0x40, Transitive, Well-known, Complete
Type Code: ORIGIN (1)
Length: 1
Origin: INCOMPLETE (2)
Path Attribute - AS_PATH: empty
Flags: 0x40, Transitive, Well-known, Complete
Type Code: AS_PATH (2)
Length: 0
Path Attribute - LOCAL_PREF: 100
Flags: 0x40, Transitive, Well-known, Complete
Type Code: LOCAL_PREF (5)
Length: 4
Local preference: 100
Path Attribute - ORIGINATOR_ID: 3.3.3.3
Flags: 0x80, Optional, Non-transitive, Complete
Type Code: ORIGINATOR_ID (9)
Length: 4
Originator identifier: 3.3.3.3
Path Attribute - CLUSTER_LIST: 1.1.1.1
Flags: 0x80, Optional, Non-transitive, Complete
Type Code: CLUSTER_LIST (10)
Length: 4
Cluster List: 1.1.1.1
Path Attribute - EXTENDED_COMMUNITIES
Flags: 0xc0, Optional, Transitive, Complete
Type Code: EXTENDED_COMMUNITIES (16)
Length: 32
Carried extended communities: (4 communities)
Route Target: 100:10 [Transitive 2-Octet AS-Specific]
Route Target: 200:10 [Transitive 2-Octet AS-Specific]
Encapsulation: VXLAN Encapsulation [Transitive Opaque]
MAC Mobility: Sticky MAC [Transitive EVPN]
Path Attribute - MP_REACH_NLRI
Flags: 0x90, Optional, Extended-Length, Non-transitive, Complete
Type Code: MP_REACH_NLRI (14)
Length: 44
Address family identifier (AFI): Layer-2 VPN (25)
Subsequent address family identifier (SAFI): EVPN (70)
Next hop: 1e1e1e1e
IPv4 Address: 30.30.30.30
[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]
Number of Subnetwork points of attachment (SNPA): 0
Network Layer Reachability Information (NLRI)
EVPN NLRI: MAC Advertisement Route
Route Type: MAC Advertisement Route (2)
Length: 33
Route Distinguisher: 0000001e00000001 (30:1)
ESI: 00:00:00:00:00:00:00:00:00:00
Ethernet Tag ID: 0
MAC Address Length: 48
MAC Address: EquipTra_01:00:01 (00:01:00:01:00:01)
IP Address Length: 0
IP Address: NOT INCLUDED
[Expert Info (Note/Protocol): IP Address: NOT INCLUDED]
VNI: 8000在leaf1上查看bgp evpn 路由:
[Leaf1]dis bgp evpn all routing-table mac-route
Local AS number : 100
BGP Local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
EVPN address family:
Number of Mac Routes: 2
Route Distinguisher: 20:1
Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr) NextHop
*> 0:48:0001-0001-0001:0:0.0.0.0 0.0.0.0
Route Distinguisher: 30:1
Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr) NextHop
*>i 0:48:0001-0001-0001:0:0.0.0.0 30.30.30.30
EVPN-Instance 100:
Number of Mac Routes: 2
Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr) NextHop
*> 0:48:0001-0001-0001:0:0.0.0.0 0.0.0.0
* i 30.30.30.30leaf1和leaf2都由0001:0001:0001的mac route,本地优先。
可以具体查看0001:0001:0001的mac route明细进行比较:
[Leaf1]dis bgp evpn all routing-table mac-route 0:48:0001-0001-0001:0:0.0.0.0
BGP local router ID : 2.2.2.2
Local AS number : 100
Total routes of Route Distinguisher(20:1): 1
BGP routing table entry information of 0:48:0001-0001-0001:0:0.0.0.0:
Imported route.
Label information (Received/Applied): NULL/8000
From: 0.0.0.0 (0.0.0.0)
Route Duration: 0d07h30m52s
Direct Out-interface: Vbdif100
Original nexthop: 20.20.20.20
Qos information : 0x0
Ext-Community: RT <100 : 10>, RT <200 : 10>, Tunnel Type <VxLan>, Mac Mobility <flag:1 seq:0 res:0>
AS-path Nil, origin incomplete, pref-val 0, valid, local, best, select, pre 255
Route Type: 2 (MAC Advertisement Route)
Ethernet Tag ID: 0, MAC Address/Len: 0001-0001-0001/48, IP Address/Len: 0.0.0.0/0, ESI:0000.0000.0000.0000.0000
Advertised to such 1 peers:
1.1.1.1
Total routes of Route Distinguisher(30:1): 1
BGP routing table entry information of 0:48:0001-0001-0001:0:0.0.0.0:
Label information (Received/Applied): 8000/NULL
From: 1.1.1.1 (1.1.1.1)
Route Duration: 0d06h20m26s
Relay IP Nexthop: 192.168.12.1
Relay Tunnel Out-Interface: VXLAN
Original nexthop: 30.30.30.30
Qos information : 0x0
Ext-Community: RT <100 : 10>, RT <200 : 10>, Tunnel Type <VxLan>, Mac Mobility <flag:1 seq:0 res:0>
AS-path Nil, origin incomplete, localpref 100, pref-val 0, valid, internal, best, select, pre 255, IGP cost 2
Originator: 3.3.3.3
Cluster list: 1.1.1.1
Route Type: 2 (MAC Advertisement Route)
Ethernet Tag ID: 0, MAC Address/Len: 0001-0001-0001/48, IP Address/Len: 0.0.0.0/0, ESI:0000.0000.0000.0000.0000
Not advertised to any peer yet
EVPN-Instance 100:
Number of Mac Routes: 2
BGP routing table entry information of 0:48:0001-0001-0001:0:0.0.0.0:
Route Distinguisher: 20:1
Imported route.
Label information (Received/Applied): NULL/8000
From: 0.0.0.0 (0.0.0.0)
Route Duration: 0d08h03m12s
Direct Out-interface: Vbdif100
Original nexthop: 20.20.20.20
Qos information : 0x0
Ext-Community: Tunnel Type <VxLan>, Mac Mobility <flag:1 seq:0 res:0>
AS-path Nil, origin incomplete, pref-val 0, valid, local, best, select, pre 255
Route Type: 2 (MAC Advertisement Route)
Ethernet Tag ID: 0, MAC Address/Len: 0001-0001-0001/48, IP Address/Len: 0.0.0.0/0, ESI:0000.0000.0000.0000.0000
Not advertised to any peer yet
BGP routing table entry information of 0:48:0001-0001-0001:0:0.0.0.0:
Route Distinguisher: 30:1
Remote-Cross route
Label information (Received/Applied): 8000/NULL
From: 1.1.1.1 (1.1.1.1)
Route Duration: 0d06h20m27s
Relay Tunnel Out-Interface: VXLAN
Original nexthop: 30.30.30.30
Qos information : 0x0
Ext-Community: RT <100 : 10>, RT <200 : 10>, Tunnel Type <VxLan>, Mac Mobility <flag:1 seq:0 res:0>
AS-path Nil, origin incomplete, localpref 100, pref-val 0, valid, internal, pre 255, not preferred for route type
Originator: 3.3.3.3
Cluster list: 1.1.1.1
Route Type: 2 (MAC Advertisement Route)
Ethernet Tag ID: 0, MAC Address/Len: 0001-0001-0001/48, IP Address/Len: 0.0.0.0/0, ESI:0000.0000.0000.0000.0000
Not advertised to any peer yet
[Leaf1] 这条mac route产生的原因是?通过上面的display信息,本机产生的mac route是由“imported route"产生的。
bridge-domain没有mac信息:
[Leaf1]dis mac-address bridge-domain 100
Flags: * - Backup
BD : bridge-domain Age : dynamic MAC learned time in seconds
-------------------------------------------------------------------------------
MAC Address VLAN/VSI/BD Learned-From Type Age
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Total items: 0
[Leaf1](Part2继续结果验证,会做一些ping包,观察evpn/l3vpn路由变化情况)
扫一扫
1105
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
