配置思路

采用如下思路配置不同網(wǎng)段用戶通過VXLAN三層網(wǎng)關(guān)通信：

1. 分別在leaf1、leaf2和spain上配置路由協(xié)議，保證網(wǎng)絡(luò)三層互通。

2. 分別在leaf1和leaf2上配置業(yè)務(wù)接入點實現(xiàn)區(qū)分業(yè)務(wù)流量。

3. 開啟EVPN作VXLAN控制平面功能。配置BGP EVPN對等體關(guān)系。

4. 配置EVPN實例。

5. 配置頭端復(fù)制功能。

6. 在spain上配置VXLAN三層網(wǎng)關(guān)

7. 配置SW1和SW2交換機以及模擬vm的路由器

參數(shù)設(shè)置

為完成此配置例，需準(zhǔn)備如下的數(shù)據(jù)：

• VM所屬的VLAN ID分別是VLAN 10、VLAN 20。

• 網(wǎng)絡(luò)中設(shè)備互連的接口IP地址。

• 網(wǎng)絡(luò)中使用的OSPF作為底層路由。

• 廣播域BD ID分別是BD 10和BD 20。

• VXLAN網(wǎng)絡(luò)標(biāo)識VNI ID分別是VNI 5010和VNI 5020。

• EVPN實例的RD值為10:1和20:1，RT值為10:10和20:20。

拓撲圖

配置方法

1、配置路由協(xié)議打通底層網(wǎng)絡(luò)

leaf1配置

[~HUAWEI]sysname leaf1

[*HUAWEI]int loop 0

[*HUAWEI-LoopBack0]ip add 1.1.1.1 32

[*HUAWEI-LoopBack0]q

[*HUAWEI]int g1/0/0

[*HUAWEI-GE1/0/0]undo portsw

[*HUAWEI-GE1/0/0]undo shut

[*HUAWEI-GE1/0/0]ip add 10.1.12.2 24

[*HUAWEI-GE1/0/0]comm

[~leaf1-GE1/0/0]q

[~leaf1]ospf 1 router-id 1.1.1.1

[*leaf1-ospf-1]a 0

[*leaf1-ospf-1-area-0.0.0.0]net 1.1.1.1 0.0.0.0

[*leaf1-ospf-1-area-0.0.0.0]net 10.1.12.0 0.0.0.255

[*leaf1-ospf-1-area-0.0.0.0]comm

spain配置

[~HUAWEI]sysname spain

[*HUAWEI]int loop 0

[*HUAWEI-LoopBack0]ip add 3.3.3.3 32

[*HUAWEI]int g1/0/0

[*HUAWEI-GE1/0/0]undo ports

[*HUAWEI-GE1/0/0]undo shut

[*HUAWEI-GE1/0/0]ip add 10.1.12.1 24

[*HUAWEI-GE1/0/0]q

[*HUAWEI]int g1/0/1

[*HUAWEI-GE1/0/1]undo portsw

[*HUAWEI-GE1/0/1]undo shut

[*HUAWEI-GE1/0/1]ip add 10.1.13.1 24

[*HUAWEI-GE1/0/1]comm

[~spain]ospf 1 router-id 3.3.3.3

[*spain-ospf-1]a 0

[*spain-ospf-1-area-0.0.0.0]net 3.3.3.3 0.0.0.0

[*spain-ospf-1-area-0.0.0.0]net 10.1.12.0 0.0.0.255

[*spain-ospf-1-area-0.0.0.0]net 10.1.13.0 0.0.0.255

[*spain-ospf-1-area-0.0.0.0]comm

leaf配置

[~HUAWEI]sysname leaf2

[*HUAWEI]int loop 0

[*HUAWEI-LoopBack0]ip add 2.2.2.2 32

[*HUAWEI-LoopBack0]q

[*HUAWEI]int g1/0/0

[*HUAWEI-GE1/0/0]undo portsw

[*HUAWEI-GE1/0/0]undo shut

[*HUAWEI-GE1/0/0]ip add 10.1.13.2 24

[*HUAWEI-GE1/0/0]comm

[~leaf2]ospf 1 router-id 2.2.2.2

[*leaf2-ospf-1]a 0

[*leaf2-ospf-1-area-0.0.0.0]net 2.2.2.2 0.0.0.0

[*leaf2-ospf-1-area-0.0.0.0]net 10.1.13.0 0.0.0.255

[*leaf2-ospf-1-area-0.0.0.0]comm

2、分別在leaf1、leaf2上配置業(yè)務(wù)接入點

leaf1配置

[~leaf1]bridge-domain 10

[*leaf1-bd10]vxlan vni 5010

[*leaf1]int g1/0/1

[*leaf1-GE1/0/1]undo shut

[*leaf1-GE1/0/1]q

[*leaf1]int g1/0/1.1 mode l2

[*leaf1-GE1/0/1.1]encapsulation dot1q vid 10

[*leaf1-GE1/0/1.1]bridge-domain 10

[*leaf1-GE1/0/1.1]comm

leaf2配置

[~leaf2]bridge-domain 20

[*leaf2-bd20]vxlan vni 5020

[*leaf2]int g1/0/1

[*leaf2-GE1/0/1]undo shut

[*leaf2-GE1/0/1]q

[*leaf2]int g1/0/1.1 mode l2

[*leaf2-GE1/0/1.1]encapsulation dot1q vid 20

[*leaf2-GE1/0/1.1]bridge-domain 20

[*leaf2-GE1/0/1.1]comm

3、開啟EVPN作VXLAN控制平面功能。配置BGP EVPN對等體關(guān)系。

leaf1配置

[~leaf1]evpn-overlay enable

[*leaf1]bgp 100

[*leaf1-bgp]peer 3.3.3.3 as-number 100

[*leaf1-bgp]peer 3.3.3.3 connect-interface LoopBack 0

[~leaf1-bgp]peer 2.2.2.2 as-number 100

[*leaf1-bgp]peer 2.2.2.2 connect-interface LoopBack 0

[*leaf1-bgp]l2vpn-family evpn

[*leaf1-bgp-af-evpn]peer 3.3.3.3 enable

Warning: This operation will reset the peer session. Continue? [Y/N]:y

[*leaf1-bgp-af-evpn]peer 2.2.2.2 enable

Warning: This operation will reset the peer session. Continue? [Y/N]:y

[*leaf1-bgp-af-evpn]comm

spain配置

[*spain]evpn-overlay enable

[~spain]bgp 100

[*spain-bgp]peer 1.1.1.1 as-number 100

[*spain-bgp]peer 1.1.1.1 connect-interface LoopBack 0

[*spain-bgp]peer 2.2.2.2 as-number 100

[*spain-bgp]peer 2.2.2.2 connect-interface LoopBack 0

[*spain-bgp]l2vpn-family evpn

[*spain-bgp-af-evpn]peer 1.1.1.1 enable

Warning: This operation will reset the peer session. Continue? [Y/N]:y

[*spain-bgp-af-evpn]peer 2.2.2.2 enable

Warning: This operation will reset the peer session. Continue? [Y/N]:y

[*spain-bgp-af-evpn]comm

leaf2配置

[~leaf2]evpn-overlay enable

[*leaf2]bgp 100

[*leaf2-bgp]peer 1.1.1.1 as-number 100

[*leaf2-bgp]peer 1.1.1.1 connect-interface LoopBack 0

[*leaf2-bgp]peer 3.3.3.3 as-number 100

[*leaf2-bgp]peer 3.3.3.3 connect-interface LoopBack 0

[*leaf2-bgp]l2vpn-family evpn

[*leaf2-bgp-af-evpn]peer 3.3.3.3 enable

Warning: This operation will reset the peer session. Continue? [Y/N]:y

[*leaf2-bgp-af-evpn]peer 1.1.1.1 enable

Warning: This operation will reset the peer session. Continue? [Y/N]:y

[*leaf2-bgp-af-evpn]comm

4、配置EVPN實例

leaf1配置

[~leaf1]bridge-domain 10

[~leaf1-bd10]evpn

[*leaf1-bd10-evpn]route-distinguisher 10:1

[*leaf1-bd10-evpn]vpn-target 10:10 both

[*leaf1-bd10-evpn]comm

spain配置

[~spain]bridge-domain 10

[*spain-bd10]vxlan vni 5010

[*spain-bd10]evpn

[*spain-bd10-evpn]route-distinguisher 10:1

[*spain-bd10-evpn]vpn-target 10:10 both

[*spain]bridge-domain 20

[*spain-bd20]vxlan vni 5020

[*spain-bd20]evpn

[*spain-bd20-evpn]route-distinguisher 20:1

[*spain-bd20-evpn]vpn-target 20:20 both

[*spain-bd20-evpn]comm

leaf2配置

[~leaf2]bridge-domain 20

[~leaf2-bd20]evpn

[*leaf2-bd20-evpn]route-distinguisher 20:1

[*leaf2-bd20-evpn]vpn-target 20:20 both

[*leaf2-bd20-evpn]comm

5、配置頭端復(fù)制功能

leaf1配置

[~leaf1]interface Nve 1

[*leaf1-Nve1]source 1.1.1.1

[*leaf1-Nve1]vni 5010 head-end peer-list protocol bgp

[*leaf1-Nve1]comm

spain配置

[~spain]int nve1

[*spain-Nve1]source 3.3.3.3

[*spain-Nve1]vni 5010 head-end peer-list protocol bgp

[*spain-Nve1]vni 5020 head-end peer-list protocol bgp

[*spain-Nve1]comm

leaf2配置

[~leaf2]int nve 1

[*leaf2-Nve1]source 2.2.2.2

[*leaf2-Nve1]vni 5020 head-end peer-list protocol bgp

[*leaf2-Nve1]comm

6、在spain上配置三層網(wǎng)關(guān)

[~spain]int vbdif 10

[*spain-Vbdif10]ip add 192.168.10.254 24

[*spain]int Vbdif 20

[*spain-Vbdif20]ip add 192.168.20.254 24

[*spain]comm

7、交換機和路由器配置

[Huawei]vlan 10

[Huawei]int eth0/0/1

[Huawei-Ethernet0/0/1]port link-ty tr

[Huawei-Ethernet0/0/1]port tr al v 10

[Huawei]int eth0/0/2

[Huawei-Ethernet0/0/2]port lin

[Huawei-Ethernet0/0/2]port link-ty ac

[Huawei-Ethernet0/0/2]port de v 10

另外一臺配置相似，把vlan10改成vlan20就可以了

路由器配置

[Huawei]int g0/0/0

[Huawei-GigabitEthernet0/0/0]ip add 192.168.10.1 24

[Huawei]ip route-static 0.0.0.0 0.0.0.0 192.168.10.254

另外一臺路由器配置類似

8、測試

在spain上

[~spain]dis bgp evpn all routing-table

[~spain]dis vxlan tunnel

Number of vxlan tunnel : 2

Tunnel ID Source Destination State Type Uptime

--------------------------------------------------------------------------------

---

4026531841 3.3.3.3 1.1.1.1 up dynamic 00:13:26

4026531842 3.3.3.3 2.2.2.2 up dynamic 00:12:38

[~spain]dis vxlan vni

Number of vxlan vni : 2

VNI BD-ID State

---------------------------------------

5010 10 up

5020 20 up