分布式VXLAN-EVPN实现同子网和跨子网访问

m0_56310100

已于 2023-11-30 10:23:13 修改

阅读量452

点赞数 7

文章标签：分布式网络华为

于 2023-04-08 18:38:47 首次发布

本文链接：https://blog.csdn.net/m0_56310100/article/details/130031071

版权

该配置示例详细介绍了如何通过OSPF建立CE设备间环回口路由，使用BGPEVPN进行路由交换，并配置VXLANVNI和BD域，以实现PC设备在相同子网和不同子网间的通信。CE2作为路由反射器，促进不同CE之间的路由信息传播。

摘要由CSDN通过智能技术生成

VXLAN-EVPN实现同子网和不同子网互相访问

拓扑信息如下
在这里插入图片描述

实验目的：pc1和pc3实现同子网通信 pc1和pc2 pc4实现跨子网通信

配置步骤1：CE1 、CE2、CE3之间使用ospf使其环回口路由可达

CE1环回口0：1.1.1.1/32 CE2环回口0：2.2.2.2/32 CE3环回口0：3.3.3.3/32
三台CE配置类似

CE1：
#
ospf 1
 area 0.0.0.0
#
#
interface GE1/0/1
 undo portswitch
 undo shutdown
 ip address 10.1.12.1 255.255.255.0
 ospf enable 1 area 0.0.0.0
#
#
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255
 ospf enable 1 area 0.0.0.0
#

验证：
<CE1>ping -a 1.1.1.1 2.2.2.2 //带源ping
  PING 2.2.2.2: 56  data bytes, press CTRL_C to break
    Reply from 2.2.2.2: bytes=56 Sequence=1 ttl=255 time=5 ms
    Reply from 2.2.2.2: bytes=56 Sequence=2 ttl=255 time=6 ms
    Reply from 2.2.2.2: bytes=56 Sequence=3 ttl=255 time=8 ms

  --- 2.2.2.2 ping statistics ---
    3 packet(s) transmitted
    3 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 5/6/8 ms
 
<CE1>ping -a 1.1.1.1 3.3.3.3
  PING 3.3.3.3: 56  data bytes, press CTRL_C to break
    Reply from 3.3.3.3: bytes=56 Sequence=1 ttl=254 time=10 ms
    Reply from 3.3.3.3: bytes=56 Sequence=2 ttl=254 time=10 ms
    Reply from 3.3.3.3: bytes=56 Sequence=3 ttl=254 time=9 ms
    Reply from 3.3.3.3: bytes=56 Sequence=4 ttl=254 time=6 ms
    Reply from 3.3.3.3: bytes=56 Sequence=5 ttl=254 time=7 ms

  --- 3.3.3.3 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 6/8/10 ms
 
<CE1>

步骤2：BGP、EVPN

CE2作为BGP EVPN的路由反射器
CE1和CE3配置类似

CE1：
#
evpn-overlay enable  //全局使能evpn能力
#
bgp 100
 peer 2.2.2.2 as-number 100
 peer 2.2.2.2 connect-interface LoopBack0
 #
 ipv4-family unicast
  peer 2.2.2.2 enable
 #
 l2vpn-family evpn
  policy vpn-target
  peer 2.2.2.2 enable //激活邻居
  peer 2.2.2.2 advertise irb //通告irb类型路由
#
CE2：
#
bgp 100
 peer 1.1.1.1 as-number 100
 peer 1.1.1.1 connect-interface LoopBack0
 peer 3.3.3.3 as-number 100
 peer 3.3.3.3 connect-interface LoopBack0
 #
 ipv4-family unicast
  peer 1.1.1.1 enable
  peer 3.3.3.3 enable
 #
 l2vpn-family evpn
  undo policy vpn-target
  peer 1.1.1.1 enable
  peer 1.1.1.1 advertise irb //通告irb类型路由
  peer 1.1.1.1 reflect-client //指定邻居为路由反射器的客户端
  peer 3.3.3.3 enable
  peer 3.3.3.3 advertise irb
  peer 3.3.3.3 reflect-client
#

步骤3：vpn实例、BD域下的evpn实例

CE1和CE3配置类似

#
ip vpn-instance A
 ipv4-family
  route-distinguisher 1:1
  vpn-target 10:10 export-extcommunity evpn //配置EVPN类型的RT收取EVPN路由用在跨子网通信
  vpn-target 10:10 import-extcommunity evpn
 vxlan vni 100 //三层VNi 在跨子网通信时使用
#
#
bridge-domain 10
 vxlan vni 10
 evpn
  route-distinguisher 1:10
  vpn-target 1:10 export-extcommunity //同子网访问时，收发EVPN路由
  vpn-target 10:10 export-extcommunity // 此RT用来发给对端VPN实例的
  vpn-target 1:10 import-extcommunity
#
bridge-domain 20
 vxlan vni 20
 evpn
  route-distinguisher 1:20
  vpn-target 1:20 export-extcommunity
  vpn-target 10:10 export-extcommunity
  vpn-target 1:20 import-extcommunity
#

步骤4：网关配置和业务接入点配置

CE1和CE2类似

#
interface Vbdif10  //作为VLAN10的网关
 ip binding vpn-instance A
 ip address 10.1.1.254 255.255.255.0
 arp distribute-gateway enable // 使能ARP分布式网关的能力
 arp collect host enable  // 开启主机ARP收集能力
#
interface Vbdif20 //作为VLAN20的网关
 ip binding vpn-instance A
 ip address 20.1.1.254 255.255.255.0
 arp distribute-gateway enable
 arp collect host enable
#
#
interface GE1/0/2.10 mode l2
 encapsulation dot1q vid 10  // 接收VLAN10，入方向剥离vlan tag 10，出方向添加VLAN tag 10
 bridge-domain 10 //绑定bd域
#
interface GE1/0/2.20 mode l2
 encapsulation dot1q vid 20
 bridge-domain 20
#

验证：

PC1：
PC>ping 10.1.1.2

Ping 10.1.1.2: 32 data bytes, Press Ctrl_C to break
From 10.1.1.2: bytes=32 seq=1 ttl=255 time=16 ms
From 10.1.1.2: bytes=32 seq=2 ttl=255 time=16 ms

--- 10.1.1.2 ping statistics ---
  2 packet(s) transmitted
  2 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 16/16/16 ms

PC>ping 20.1.1.2

Ping 20.1.1.2: 32 data bytes, Press Ctrl_C to break
From 20.1.1.2: bytes=32 seq=1 ttl=126 time=62 ms
From 20.1.1.2: bytes=32 seq=2 ttl=126 time=94 ms

--- 20.1.1.2 ping statistics ---
  2 packet(s) transmitted
  2 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 62/78/94 ms
  PC>ping 20.1.1.1

Ping 20.1.1.1: 32 data bytes, Press Ctrl_C to break
From 20.1.1.1: bytes=32 seq=1 ttl=127 time=79 ms
From 20.1.1.1: bytes=32 seq=2 ttl=127 time=93 ms

--- 20.1.1.1 ping statistics ---
  2 packet(s) transmitted
  2 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 79/86/93 ms

PC>

CE镜像链接: https://pan.baidu.com/s/1uALPkeWnvRUIjIrh1aTzbw?pwd=jnh2 提取码: jnh2