由于CE1与CE2、CE2与CE3、CE3与CE4之间会建立Vxlan隧道,所以在传递路由时注意:CE1传递给CE2的路由,CE2会修改路由下一跳地址然后发送给CE3,CE3修改路由下一跳之后发给CE4(反之也一样)
刚好与端到端方式配置有类似(端到端方式是CE1与CE4直接建立Vxlan隧道,要求中途传递路由时不能修改下一跳,分段式是分段建立Vxlan隧道,中途要求修改下一跳地址)这大概就是配置上的差距了
目录
基本配置
配置LSW1、LSW2的Vlan
LSW1
vlan 10
interface GigabitEthernet0/0/1
port link-type access
port default vlan 10
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10
LSW2
vlan 20
interface GigabitEthernet0/0/1
port link-type access
port default vlan 20
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20
配置CE设备的IP地址并使得建立隧道的VTEP地址可达
CE1与CE2的VTEP地址通过OSPF来实现可达
CE2与CE3的VTEP地址通过静态来实现可达
CE3与CE4的VTEP地址通过OSPF来实现可达
CE1
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.0.12.1 255.255.255.0
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.0.12.0 0.0.0.255
CE2
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.0.12.2 255.255.255.0
interface GE1/0/1
undo portswitch
undo shutdown
ip address 10.0.25.2 255.255.255.0
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
ospf 1
default-route-advertise always
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.0.12.0 0.0.0.255
ip route-static 0.0.0.0 0.0.0.0 10.0.25.5
CE3
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.0.34.3 255.255.255.0
interface GE1/0/1
undo portswitch
undo shutdown
ip address 10.0.35.3 255.255.255.0
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
ospf 1
default-route-advertise always
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.0.34.0 0.0.0.255
ip route-static 0.0.0.0 0.0.0.0 10.0.35.5
CE4
interface GE1/0/1
undo portswitch
undo shutdown
ip address 10.0.34.4 255.255.255.0
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
ospf 1
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 10.0.34.0 0.0.0.255
AR1
int g0/0/1
ip add 10.0.25.5 24
int g0/0/0
ip add 10.0.35.5 24
ip route-static 2.2.2.2 32 10.0.25.2
ip route-static 3.3.3.3 32 10.0.35.3
配置EVPN对等体
开启EVPN功能
CE1与CE2、CE2与CE3、CE3与CE4
evpn-overlay enable
建立EVPN对等体
CE1(与CE2建立iBGP)
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
ipv4-family unicast
peer 2.2.2.2 enable
l2vpn-family evpn
policy vpn-target
peer 2.2.2.2 enable
peer 2.2.2.2 advertise irb
CE2(与CE3建立eBGP,CE1建立iBGP)
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack0
peer 3.3.3.3 ebgp-max-hop 10
ipv4-family unicast
peer 1.1.1.1 enable
peer 3.3.3.3 enable
l2vpn-family evpn
policy vpn-target
peer 1.1.1.1 enable
peer 1.1.1.1 advertise irb
peer 3.3.3.3 enable
peer 3.3.3.3 advertise irb
CE3 (与CE2建立eBGP,CE4建立iBGP)
bgp 200
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
peer 2.2.2.2 as-number 100
peer 2.2.2.2 ebgp-max-hop 10
peer 2.2.2.2 connect-interface LoopBack0
ipv4-family unicast
peer 4.4.4.4 enable
peer 2.2.2.2enable
l2vpn-family evpn
policy vpn-target
peer 4.4.4.4 enable
peer 4.4.4.4 advertise irb
peer 2.2.2.2 enable
peer 2.2.2.2 advertise irb
CE4(与CE3建立iBGP)
bgp 200
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack0
ipv4-family unicast
peer 3.3.3.3 enable
l2vpn-family evpn
policy vpn-target
peer 3.3.3.3 enable
peer 3.3.3.3 advertise irb
配置路由重标记
为了实现以上效果,需要使用到路由重标记功能(在CE2、CE3上配置)
CE2
bgp 100
l2vpn-family evpn
peer 1.1.1.1 import reoriginate
使能从1.1.1.1对等体收到的路由打上重生路由标记功能
peer 1.1.1.1 advertise route-reoriginated evpn mac-ip
配置EVPN地址簇的路由重生成功能,并向1.1.1.1对等体重新发布生成的路由
(mac-ip指的是重新封装irb或者arp路由)
peer 3.3.3.3 import reoriginate
peer 3.3.3.3 advertise route-reoriginated evpn mac-ip
CE3
bgp 200
l2vpn-family evpn
peer 2.2.2.2 import reoriginate
peer 2.2.2.2 advertise route-reoriginated evpn mac-ip
peer 4.4.4.4 import reoriginate
peer 4.4.4.4 advertise route-reoriginated evpn mac-ip
配置L3VPN实例与三层VNI
配置L3VPN实例用来传递EVPN路由(由于配置了重标记,所以Vpn实例中的三层VNI可以不一致)
CE1
ip vpn-instance A
ipv4-family
route-distinguisher 1:100
vpn-target 1:100 export-extcommunity evpn
vpn-target 1:100 import-extcommunity evpn
vxlan vni 1
CE2
ip vpn-instance A
ipv4-family
route-distinguisher 1:100
vpn-target 1:100 export-extcommunity evpn
vpn-target 1:200 export-extcommunity evpn 向CE3发路由使用,可以使得CE3接收
vpn-target 1:100 import-extcommunity evpn
vxlan vni 2
CE3
ip vpn-instance A
ipv4-family
route-distinguisher 1:200
vpn-target 1:100 export-extcommunity evpn 向CE2发路由使用,可以使得CE2接收
vpn-target 1:200 export-extcommunity evpn
vpn-target 1:200 import-extcommunity evpn
vxlan vni 3
CE4
ip vpn-instance A
ipv4-family
route-distinguisher 1:200
vpn-target 1:200 export-extcommunity evpn
vpn-target 1:200 import-extcommunity evpn
vxlan vni 4
配置建立Vxlan隧道
配置BD域与二层VNI
蓝色CE1配置、绿色CE4配置
bridge-domain 10
vxlan vni 10
evpn
route-distinguisher 1:10
vpn-target 1:10 export-extcommunity
vpn-target 1:100 export-extcommunity 发送路由给CE2时可以使得CE2接收此路由
vpn-target 1:10 import-extcommunity
bridge-domain 20
vxlan vni 20
evpn
route-distinguisher 1:20
vpn-target 1:20 export-extcommunity
vpn-target 1:200 export-extcommunity 发送路由给CE3时可以使得CE3接收此路由
vpn-target 1:20 import-extcommunity
配置VTEP接口
CE1
interface Nve1
source 1.1.1.1
CE2
interface Nve1
source 2.2.2.2
CE3
interface Nve1
source 3.3.3.3
CE4
interface Nve1
source 4.4.4.4
配置Vbdif接口
蓝色CE1配置、绿色CE4配置
interface Vbdif10
ip binding vpn-instance A
ip address 192.168.1.254 255.255.255.0
vxlan anycast-gateway enable
arp collect host enable
interface Vbdif20
ip binding vpn-instance A
ip address 192.168.2.254 255.255.255.0
vxlan anycast-gateway enable
arp collect host enable
配置Vxlan业务接入
蓝色CE1配置、绿色CE4配置
interface GE1/0/1.10 mode l2
encapsulation dot1q vid 10
bridge-domain 10
interface GE1/0/0.10 mode l2
encapsulation dot1q vid 20
bridge-domain 20
扫一扫
1106
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
