BGP EVPN配置集中式网关部署VXLAN
配置思路
采用如下思路配置不同网段用户通过VXLAN三层网关通信:
分别在leaf1、leaf2和spain上配置路由协议,保证网络三层互通。
分别在leaf1和leaf2上配置业务接入点实现区分业务流量。
开启EVPN作VXLAN控制平面功能。配置BGP EVPN对等体关系。
配置EVPN实例。
配置头端复制功能。
在spain上配置VXLAN三层网关
配置SW1和SW2交换机以及模拟vm的路由器
参数设置
为完成此配置例,需准备如下的数据:
VM所属的VLAN ID分别是VLAN 10、VLAN 20。
网络中设备互连的接口IP地址。
网络中使用的OSPF作为底层路由。
广播域BD ID分别是BD 10和BD 20。
VXLAN网络标识VNI ID分别是VNI 5010和VNI 5020。
EVPN实例的RD值为10:1和20:1,RT值为10:10和20:20。
拓扑图
配置方法
1、配置路由协议打通底层网络
leaf1配置
[~HUAWEI]sysname leaf1
[*HUAWEI]int loop 0
[*HUAWEI-LoopBack0]ip add 1.1.1.1 32
[*HUAWEI-LoopBack0]q
[*HUAWEI]int g1/0/0
[*HUAWEI-GE1/0/0]undo portsw
[*HUAWEI-GE1/0/0]undo shut
[*HUAWEI-GE1/0/0]ip add 10.1.12.2 24
[*HUAWEI-GE1/0/0]comm
[~leaf1-GE1/0/0]q
[~leaf1]ospf 1 router-id 1.1.1.1
[*leaf1-ospf-1]a 0
[*leaf1-ospf-1-area-0.0.0.0]net 1.1.1.1 0.0.0.0
[*leaf1-ospf-1-area-0.0.0.0]net 10.1.12.0 0.0.0.255
[*leaf1-ospf-1-area-0.0.0.0]comm
spain配置
[~HUAWEI]sysname spain
[*HUAWEI]int loop 0
[*HUAWEI-LoopBack0]ip add 3.3.3.3 32
[*HUAWEI]int g1/0/0
[*HUAWEI-GE1/0/0]undo ports
[*HUAWEI-GE1/0/0]undo shut
[*HUAWEI-GE1/0/0]ip add 10.1.12.1 24
[*HUAWEI-GE1/0/0]q
[*HUAWEI]int g1/0/1
[*HUAWEI-GE1/0/1]undo portsw
[*HUAWEI-GE1/0/1]undo shut
[*HUAWEI-GE1/0/1]ip add 10.1.13.1 24
[*HUAWEI-GE1/0/1]comm
[~spain]ospf 1 router-id 3.3.3.3
[*spain-ospf-1]a 0
[*spain-ospf-1-area-0.0.0.0]net 3.3.3.3 0.0.0.0
[*spain-ospf-1-area-0.0.0.0]net 10.1.12.0 0.0.0.255
[*spain-ospf-1-area-0.0.0.0]net 10.1.13.0 0.0.0.255
[*spain-ospf-1-area-0.0.0.0]comm
leaf配置
[~HUAWEI]sysname leaf2
[*HUAWEI]int loop 0
[*HUAWEI-LoopBack0]ip add 2.2.2.2 32
[*HUAWEI-LoopBack0]q
[*HUAWEI]int g1/0/0
[*HUAWEI-GE1/0/0]undo portsw
[*HUAWEI-GE1/0/0]undo shut
[*HUAWEI-GE1/0/0]ip add 10.1.13.2 24
[*HUAWEI-GE1/0/0]comm
[~leaf2]ospf 1 router-id 2.2.2.2
[*leaf2-ospf-1]a 0
[*leaf2-ospf-1-area-0.0.0.0]net 2.2.2.2 0.0.0.0
[*leaf2-ospf-1-area-0.0.0.0]net 10.1.13.0 0.0.0.255
[*leaf2-ospf-1-area-0.0.0.0]comm
2、分别在leaf1、leaf2上配置业务接入点
leaf1配置
[~leaf1]bridge-domain 10
[*leaf1-bd10]vxlan vni 5010
[*leaf1]int g1/0/1
[*leaf1-GE1/0/1]undo shut
[*leaf1-GE1/0/1]q
[*leaf1]int g1/0/1.1 mode l2
[*leaf1-GE1/0/1.1]encapsulation dot1q vid 10
[*leaf1-GE1/0/1.1]bridge-domain 10
[*leaf1-GE1/0/1.1]comm
leaf2配置
[~leaf2]bridge-domain 20
[*leaf2-bd20]vxlan vni 5020
[*leaf2]int g1/0/1
[*leaf2-GE1/0/1]undo shut
[*leaf2-GE1/0/1]q
[*leaf2]int g1/0/1.1 mode l2
[*leaf2-GE1/0/1.1]encapsulation dot1q vid 20
[*leaf2-GE1/0/1.1]bridge-domain 20
[*leaf2-GE1/0/1.1]comm
3、开启EVPN作VXLAN控制平面功能。配置BGP EVPN对等体关系。
leaf1配置
[~leaf1]evpn-overlay enable
[*leaf1]bgp 100
[*leaf1-bgp]peer 3.3.3.3 as-number 100
[*leaf1-bgp]peer 3.3.3.3 connect-interface LoopBack 0
[~leaf1-bgp]peer 2.2.2.2 as-number 100
[*leaf1-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[*leaf1-bgp]l2vpn-family evpn
[*leaf1-bgp-af-evpn]peer 3.3.3.3 enable
Warning: This operation will reset the peer session. Continue? [Y/N]:y
[*leaf1-bgp-af-evpn]peer 2.2.2.2 enable
Warning: This operation will reset the peer session. Continue? [Y/N]:y
[*leaf1-bgp-af-evpn]comm
spain配置
[*spain]evpn-overlay enable
[~spain]bgp 100
[*spain-bgp]peer 1.1.1.1 as-number 100
[*spain-bgp]peer 1.1.1.1 connect-interface LoopBack 0
[*spain-bgp]peer 2.2.2.2 as-number 100
[*spain-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[*spain-bgp]l2vpn-family evpn
[*spain-bgp-af-evpn]peer 1.1.1.1 enable
Warning: This operation will reset the peer session. Continue? [Y/N]:y
[*spain-bgp-af-evpn]peer 2.2.2.2 enable
Warning: This operation will reset the peer session. Continue? [Y/N]:y
[*spain-bgp-af-evpn]comm
leaf2配置
[~leaf2]evpn-overlay enable
[*leaf2]bgp 100
[*leaf2-bgp]peer 1.1.1.1 as-number 100
[*leaf2-bgp]peer 1.1.1.1 connect-interface LoopBack 0
[*leaf2-bgp]peer 3.3.3.3 as-number 100
[*leaf2-bgp]peer 3.3.3.3 connect-interface LoopBack 0
[*leaf2-bgp]l2vpn-family evpn
[*leaf2-bgp-af-evpn]peer 3.3.3.3 enable
Warning: This operation will reset the peer session. Continue? [Y/N]:y
[*leaf2-bgp-af-evpn]peer 1.1.1.1 enable
Warning: This operation will reset the peer session. Continue? [Y/N]:y
[*leaf2-bgp-af-evpn]comm
4、配置EVPN实例
leaf1配置
[~leaf1]bridge-domain 10
[~leaf1-bd10]evpn
[*leaf1-bd10-evpn]route-distinguisher 10:1
[*leaf1-bd10-evpn]vpn-target 10:10 both
[*leaf1-bd10-evpn]comm
spain配置
[~spain]bridge-domain 10
[*spain-bd10]vxlan vni 5010
[*spain-bd10]evpn
[*spain-bd10-evpn]route-distinguisher 10:1
[*spain-bd10-evpn]vpn-target 10:10 both
[*spain]bridge-domain 20
[*spain-bd20]vxlan vni 5020
[*spain-bd20]evpn
[*spain-bd20-evpn]route-distinguisher 20:1
[*spain-bd20-evpn]vpn-target 20:20 both
[*spain-bd20-evpn]comm
leaf2配置
[~leaf2]bridge-domain 20
[~leaf2-bd20]evpn
[*leaf2-bd20-evpn]route-distinguisher 20:1
[*leaf2-bd20-evpn]vpn-target 20:20 both
[*leaf2-bd20-evpn]comm
5、配置头端复制功能
leaf1配置
[~leaf1]interface Nve 1
[*leaf1-Nve1]source 1.1.1.1
[*leaf1-Nve1]vni 5010 head-end peer-list protocol bgp
[*leaf1-Nve1]comm
spain配置
[~spain]int nve1
[*spain-Nve1]source 3.3.3.3
[*spain-Nve1]vni 5010 head-end peer-list protocol bgp
[*spain-Nve1]vni 5020 head-end peer-list protocol bgp
[*spain-Nve1]comm
leaf2配置
[~leaf2]int nve 1
[*leaf2-Nve1]source 2.2.2.2
[*leaf2-Nve1]vni 5020 head-end peer-list protocol bgp
[*leaf2-Nve1]comm
6、在spain上配置三层网关
[~spain]int vbdif 10
[*spain-Vbdif10]ip add 192.168.10.254 24
[*spain]int Vbdif 20
[*spain-Vbdif20]ip add 192.168.20.254 24
[*spain]comm
7、交换机和路由器配置
[Huawei]vlan 10
[Huawei]int eth0/0/1
[Huawei-Ethernet0/0/1]port link-ty tr
[Huawei-Ethernet0/0/1]port tr al v 10
[Huawei]int eth0/0/2
[Huawei-Ethernet0/0/2]port lin
[Huawei-Ethernet0/0/2]port link-ty ac
[Huawei-Ethernet0/0/2]port de v 10
另外一台配置相似,把vlan10改成vlan20就可以了
路由器配置
[Huawei]int g0/0/0
[Huawei-GigabitEthernet0/0/0]ip add 192.168.10.1 24
[Huawei]ip route-static 0.0.0.0 0.0.0.0 192.168.10.254
另外一台路由器配置类似
8、测试
在spain上
[~spain]dis bgp evpn all routing-table
[~spain]dis vxlan tunnel
Number of vxlan tunnel : 2
Tunnel ID Source Destination State Type Uptime
--------------------------------------------------------------------------------
---
4026531841 3.3.3.3 1.1.1.1 up dynamic 00:13:26
4026531842 3.3.3.3 2.2.2.2 up dynamic 00:12:38
[~spain]dis vxlan vni
Number of vxlan vni : 2
VNI BD-ID State
---------------------------------------
5010 10 up
5020 20 up
