实验目标:
1、pc1在bd 10,pc2在bd 20,地址如图
2、希望通过分布式vxlan网关+evpn自动隧道,实现pc1和pc2的连通性
实验规划:
1、pc1和pc2属于ip vpn实例zhynet,L3 vni为123
2、bd 10的vni为100
3、bd 20的vni为200
4、所有vpn实例的rd/irt/ert为100:1
基础配置
PC1:IP:192.168.10.123 掩码:255.255.255.0 网关:192.168.10.1
PC2:IP:192.168.20.123 掩码:255.255.255.0 网关:192.168.20.1
LSW1:vlan 10
int g0/0/1
port link-type access
port de vlan 10
int g0/0/2
port link-type trunk
port trunk allow-pass vlan 10
LSW2:vlan 20
int g0/0/1
port link-type access
port de vlan 10
int g0/0/2
port link-type trunk
port trunk allow-pass vlan 20
CE1:sy immediately
bridge-domain 10
int g1/0/0
undo shutdown
port link-type trunk
int g1/0/0
int g1/0/0.10 mo l2
encapsulation dot1q vid 10
bridge-domain 10
vxlan vni 100
int Vbdif 10
ip add 192.168.10.1 24
用PC1ping网关192.168.10.1(测试)
CE2:sy immediately
bridge-domain 20
vxlan vni 200
int g1/0/0
undo shutdown
port link-type trunk
int g1/0/0.10 mo l2
encapsulation dot1q vid 20
bridge-domain 20
int Vbdif 20
ip add 192.168.20.1 24
用PC2去ping192.168.20.1
配置IP地址
在CE1中:int g1/0/1
undo shutdown
undo portswitch
ip add 10.10.11.1 24
int loop 0
ip add 1.1.1.1 32
在路由器上AR1:int g0/0/0
ip add 10.10.11.2 24
ping 10.10.11.1
int g0/0/1
ip add 10.10.22.2 24
int loop 0
ip add 3.3.3.3 32
在CE2:
int g1/0/1
undo shutdown
undo portswitch
ip add 10.10.22.1 24
ping 10.10.22.2
int loop 0
ip add 2.2.2.2 32
CE1:ospf
ar 0
net 10.0.0.0 0.255.255.255
net 1.1.1.1 0.0.0.0
dis ospf peer b
dis ip routing-table 2.2.2.2
ping -a 1.1.1.1 2.2.2.2
bgp 100
peer 2.2.2.2 as-number 100(建立对等体)
peer 2.2.2.2 connect-interface LoopBack 0(建立邻居)
AR1:
ospf
ar 0
net 10.0.0.0 0.255.255.255
net 3.3.3.3 0.0.0.0
CE2:
ospf
ar 0
net 10.0.0.0 0.255.255.255
net 2.2.2.2 0.0.0.0
bgp 100
peer 1.1.1.1 as-number 100(建立对等体)
peer 1.1.1.1 connect-interface LoopBack 0(建立邻居)
dis bgp peer
CE1:evpn-overlay enable(打开evpn的功能)
bgp 100
l2vpn-family evpn
peer 2.2.2.2 enable
CE 2:
evpn-overlay enable(打开evpn的功能)
bgp 100
l2vpn-family evpn
peer 1.1.1.1 enable
dis bgp evpn peer(查看evpn的对等体)
路由引入
CE1:int Nve 1
source 1.1.1.1
vni 100 head-end peer-list protocol bgp
dis vxlan tunnel(此时是空的)
CE2:int Nve 1
source 2.2.2.2
vni 200 head-end peer-list protocol bgp
创建RT
CE1:ip vpn-instance zhynet(创建vpn实例,实现多租户隔离的作用)
route-distinguisher 100:1
vpn-target 100:1 both evpn
int Vbdif 10
dis this
ip binding vpn-instance zhynet
ip add 192.168.10.1 255.255.255.0(IP地址需要重新配)
dis this
ip vpn-instance zhynet
vxlan vni 123
bridge-domain 10
evpn
route-distinguisher 100:1
vpn-target 100:1 both evpn
CE2:ip vpn-instance zhynet
route-distinguisher 100:1
vpn-target 100:1 both evpn
vxlan vni 123
int Vbdif 20
dis this
ip binding vpn-instance zhynet
ip add 192.168.20.1 255.255.255.0(IP地址需要重新配)
bridge-domain 20
evpn
route-distinguisher 100:1
vpn-target 100:1 both evpn
CE1:dis vxlan tunnel(查看隧道是否建立)
dis bgp evpn al routing-table(查看路由是否学习到)
bgp 100
l2vpn-fanily evpn
peer 2.2.2.2 advertise irb(开启irb通告)
int Vbdif 10
arp collect host enable
CE2:
bgp 100
l2vpn-fanily evpn
peer 1.1.1.1 advertise irb(开启irb通告)
int Vbdif 20
arp collect host enable
最后测试
PC1:ping 192.168.20.123
在CE1:g1/0/1抓包
参考文献