EVPN 集中式L3网关------跨子网报文转发
spine配置
接口配置
sudo ip link add vbdif10 type bridge
sudo ip link add vbdif20 type bridge
sudo ip link set vbdif10 up
sudo ip link set vbdif20 up
sudo ip link add vxlan20 type vxlan id 20 local 192.168.59.130 dstport 4789 nolearning
sudo ip link add vxlan10 type vxlan id 10 local 192.168.59.130 dstport 4789 nolearning
sudo ip link set vxlan10 up
sudo ip link set vxlan20 up
sudo ip link set vxlan20 master vbdif20
sudo ip link set vxlan10 master vbdif10
sudo ip address add 2.2.2.254/24 dev vbdif10
sudo ip address add 2.2.3.254/24 dev vbdif20
#开启转发
ubuntu@ubuntu:~$ sudo -i
[sudo] password for ubuntu:
root@ubuntu:~#
root@ubuntu:~#
root@ubuntu:~# echo 1 > /proc/sys/net/ipv4/ip_forward
root@ubuntu:~# exitbgp evpn配置
router bgp 7677
bgp router-id 192.168.59.130
bgp bestpath as-path multipath-relax
neighbor fabric peer-group
neighbor fabric remote-as external
neighbor 192.168.59.128 peer-group fabric
neighbor 192.168.59.129 peer-group fabric
!
address-family l2vpn evpn
neighbor fabric activate
advertise-all-vni
advertise-default-gw
exit-address-family
!address-family l2vpn evpn:本bgp路由支持地址协议l2vpn evpn。
neighbor fabric activate:表示该地址协议激活,配置该命令后,该设备将会接收和宣告evpn路由。
advertise-all-vni:表示将本地所有的vni宣告给邻居。
advertise-default-gw:表示本地的vni需要做三层网关,该命令必须在advertise-all-vni开启并且本地创建了vxlan隧道后才能配置,否则会出现如下错误提示:
This command is only supported under the EVPN VRFleaf1和host1配置
接口配置
sudo ip netns add host1
sudo ip link add veth1 type veth peer name eth0 netns host1
sudo ip netns exec host1 ip link set lo up
sudo ip netns exec host1 ip link set eth0 up
sudo ip netns exec host1 ip addr add 2.2.2.2/24 dev eth0
sudo ip netns exec host1 ip route add default via 2.2.2.254 dev eth0
sudo ip link add br10 type bridge
sudo ip link add vxlan10 type vxlan id 10 local 192.168.59.128 dstport 4789 nolearning
sudo ip link set br10 up
sudo ip link set vxlan10 up
sudo ip link set veth1 up
sudo ip link set veth1 master br10
sudo ip link set vxlan10 master br10 bgp evpn配置
router bgp 7675
bgp router-id 192.168.59.128
bgp bestpath as-path multipath-relax
neighbor fabric peer-group
neighbor fabric remote-as external
neighbor 192.168.59.130 peer-group fabric
!
address-family l2vpn evpn
neighbor fabric activate
advertise-all-vni
exit-address-family
!leaf2和host2配置
接口配置
sudo ip netns add host2
sudo ip link add veth1 type veth peer name eth0 netns host2
sudo ip netns exec host2 ip link set lo up
sudo ip netns exec host2 ip link set eth0 up
sudo ip netns exec host2 ip addr add 2.2.3.2/24 dev eth0
sudo ip netns exec host2 ip route add default via 2.2.3.254 dev eth0
sudo ip link add br20 type bridge
sudo ip link add vxlan20 type vxlan id 20 local 192.168.59.129 dstport 4789 nolearning
sudo ip link set br20 up
sudo ip link set vxlan20 up
sudo ip link set veth1 up
sudo ip link set veth1 master br20
sudo ip link set vxlan20 master br20 bgp evpn配置
router bgp 7676
bgp router-id 192.168.59.129
bgp bestpath as-path multipath-relax
neighbor fabric peer-group
neighbor fabric remote-as external
neighbor 192.168.59.130 peer-group fabric
!
address-family l2vpn evpn
neighbor fabric activate
advertise-all-vni
exit-address-family
!查看bgp信息
spine
- 查看邻居信息
ubuntu# show bgp neighbors
BGP neighbor is 192.168.59.128, remote AS 7675, local AS 7677, external link
Hostname: bgpd
Member of peer-group fabric for session parameters
BGP version 4, remote router ID 192.168.59.128, local router ID 192.168.59.130
BGP state = Established, up for 00:15:28
Last read 00:00:28, Last write 00:00:28
Hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
4 Byte AS: advertised and received
AddPath:
IPv4 Unicast: RX advertised IPv4 Unicast and received
L2VPN EVPN: RX advertised L2VPN EVPN and received
Route refresh: advertised and received(old & new)
Address Family IPv4 Unicast: advertised and received
Address Family L2VPN EVPN: advertised and received
Hostname Capability: advertised (name: bgpd,domain name: n/a) received (name: bgpd,domain name: n/a)
Graceful Restart Capabilty: advertised and received
Remote Restart timer is 120 seconds
Address families by peer:
none
Graceful restart information:
End-of-RIB send: IPv4 Unicast, L2VPN EVPN
End-of-RIB received: IPv4 Unicast, L2VPN EVPN
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 2 2
Notifications: 0 2
Updates: 14 14
Keepalives: 17 17
Route Refresh: 0 0
Capability: 0 0
Total: 33 35
Minimum time between advertisement runs is 0 seconds
For address family: IPv4 Unicast
fabric peer-group member
Update group 9, subgroup 10
Packet Queue length 0
Community attribute sent to this neighbor(all)
0 accepted prefixes
For address family: L2VPN EVPN
fabric peer-group member
Update group 10, subgroup 11
Packet Queue length 0
NEXT_HOP is propagated unchanged to this neighbor
Community attribute sent to this neighbor(all)
advertise-all-vni
2 accepted prefixes
Connections established 2; dropped 1
Last reset 00:15:30, due to NOTIFICATION received (Cease/Other Configuration Change)
Local host: 192.168.59.130, Local port: 42668
Foreign host: 192.168.59.128, Foreign port: 179
Nexthop: 192.168.59.130
Nexthop global: fe80::30a7:5600:4add:b313
Nexthop local: fe80::30a7:5600:4add:b313
BGP connection: shared network
BGP Connect Retry Timer in Seconds: 120
Read thread: on Write thread: on
BGP neighbor is 192.168.59.129, remote AS 7676, local AS 7677, external link
Hostname: bgpd
Member of peer-group fabric for session parameters
BGP version 4, remote router ID 192.168.59.129, local router ID 192.168.59.130
BGP state = Established, up for 00:11:21
Last read 00:00:21, Last write 00:00:21
Hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
4 Byte AS: advertised and received
AddPath:
IPv4 Unicast: RX advertised IPv4 Unicast and received
L2VPN EVPN: RX advertised L2VPN EVPN and received
Route refresh: advertised and received(old & new)
Address Family IPv4 Unicast: advertised and received
Address Family L2VPN EVPN: advertised and received
Hostname Capability: advertised (name: bgpd,domain name: n/a) received (name: bgpd,domain name: n/a)
Graceful Restart Capabilty: advertised and received
Remote Restart timer is 120 seconds
Address families by peer:
none
Graceful restart information:
End-of-RIB send: IPv4 Unicast, L2VPN EVPN
End-of-RIB received: IPv4 Unicast, L2VPN EVPN
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 2 2
Notifications: 0 2
Updates: 14 14
Keepalives: 13 13
Route Refresh: 0 0
Capability: 0 0
Total: 29 31
Minimum time between advertisement runs is 0 seconds
For address family: IPv4 Unicast
fabric peer-group member
Update group 9, subgroup 10
Packet Queue length 0
Community attribute sent to this neighbor(all)
0 accepted prefixes
For address family: L2VPN EVPN
fabric peer-group member
Update group 10, subgroup 11
Packet Queue length 0
NEXT_HOP is propagated unchanged to this neighbor
Community attribute sent to this neighbor(all)
advertise-all-vni
3 accepted prefixes
Connections established 2; dropped 1
Last reset 00:11:23, due to NOTIFICATION received (Cease/Other Configuration Change)
Local host: 192.168.59.130, Local port: 48016
Foreign host: 192.168.59.129, Foreign port: 179
Nexthop: 192.168.59.130
Nexthop global: fe80::30a7:5600:4add:b313
Nexthop local: fe80::30a7:5600:4add:b313
BGP connection: shared network
BGP Connect Retry Timer in Seconds: 120
Read thread: on Write thread: on
ubuntu# - 查看转发表信息
ubuntu# show bgp l2vpn evpn
BGP table version is 2, local router ID is 192.168.59.130
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: ip 192.168.59.128:4
*> [2]:[0]:[48]:[3a:58:62:d5:eb:53]
192.168.59.128 0 7675 i
*> [3]:[0]:[32]:[192.168.59.128]
192.168.59.128 0 7675 i
Route Distinguisher: ip 192.168.59.129:4
*> [2]:[0]:[48]:[9a:d2:01:d9:8b:0b]:[128]:[fe80::e8dc:91ff:fe85:fe05]
192.168.59.129 0 7676 i
*> [2]:[0]:[48]:[de:f6:18:47:27:a6]
192.168.59.129 0 7676 i
*> [3]:[0]:[32]:[192.168.59.129]
192.168.59.129 0 7676 i
Route Distinguisher: ip 192.168.59.130:4
*> [2]:[0]:[48]:[7e:3a:03:b3:84:d0]:[128]:[fe80::7c3a:3ff:feb3:84d0]
192.168.59.130 32768 i
*> [2]:[0]:[48]:[c2:2e:49:dc:a8:17]:[32]:[2.2.3.254]
192.168.59.130 32768 i
*> [3]:[0]:[32]:[192.168.59.130]
192.168.59.130 32768 i
Route Distinguisher: ip 192.168.59.130:5
*> [2]:[0]:[48]:[62:06:e0:e7:b7:a4]:[128]:[fe80::6006:e0ff:fee7:b7a4]
192.168.59.130 32768 i
*> [2]:[0]:[48]:[76:b9:aa:37:13:6a]:[32]:[2.2.2.254]
192.168.59.130 32768 i
*> [3]:[0]:[32]:[192.168.59.130]
192.168.59.130 32768 i
Displayed 11 out of 11 total prefixes
ubuntu# 
ubuntu
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。