MGMT: L11 192.168.101.11/24 L12 192.168.101.12/24 BLF11 192.168.101.13/24 SP11 192.168.101.14/24 SP12 192.168.101.15/24 CE11 192.168.101.1/24 CE12 192.168.101.111/24 ======================================= L11 loopback1 172.16.0.11/32 L12 loopback1 172.16.0.12/32 L11 ce49 10.10.1.2/30 - SP1 ce7 10.10.1.1/30 L12 ce49 10.10.1.6/30 - SP1 ce8 10.10.1.5/30 L11 ce50 10.10.1.42/30 - SP2 ce7 10.10.1.41/30 L12 ce50 10.10.1.46/30 - SP2 ce8 10.10.1.45/30 CE11 vlan600 172.16.11.1/24 ======================================= ====================================================== Задание 1. Загрузка начальных конфигураций ====================================================== L11 copy tftp tftp://192.168.101.100/L11_VXLAN startup-config vrf management reload L12 copy tftp tftp://192.168.101.100/L12_VXLAN startup-config vrf management reload ====================================== Задание 2. Настройка eBGP Underlay/Overlay для EVPN-VXLAN фабрики с применением eBGP-over-eBGP ============================== L11 bgp extended-asn-cap ! nvo vxlan enable ! nvo vxlan irb ! evpn vxlan multihoming enable ! ip vrf L3VRF1 rd 172.16.0.11:1111 route-target both 1111:1111 l3vni 2005001 ! interface lo ip address 172.16.0.11/32 secondary ! router bgp 4200000011 bgp router-id 172.16.0.11 neighbor RS peer-group neighbor RS remote-as 4200000000 neighbor RS ebgp-multihop neighbor RS update-source lo neighbor RS advertisement-interval 0 neighbor 172.16.0.71 peer-group RS neighbor 172.16.0.72 peer-group RS ! bgp unnumbered-mode neighbor ce50 remote-as external neighbor ce49 remote-as external neighbor ce50 advertisement-interval 0 neighbor ce49 advertisement-interval 0 exit-unnumbered-mode ! address-family ipv4 unicast network 172.16.0.11/32 max-paths ebgp 2 ! bgp v4-unnumbered-mode neighbor ce50 activate neighbor ce49 activate exit-v4-unnumbered-mode ! exit-address-family ! address-family l2vpn evpn neighbor RS activate ! bgp l2vpn-unnumbered-mode exit-l2vpn-unnumbered-mode ! exit-address-family ! address-family ipv4 vrf L3VRF1 redistribute connected exit-address-family L12 bgp extended-asn-cap ! nvo vxlan enable ! nvo vxlan irb ! evpn vxlan multihoming enable ! ip vrf L3VRF1 rd 172.16.0.12:1111 route-target both 1111:1111 l3vni 2005001 ! interface lo ip address 172.16.0.12/32 secondary ! router bgp 4200000012 bgp router-id 172.16.0.12 neighbor RS peer-group neighbor RS remote-as 4200000000 neighbor RS ebgp-multihop neighbor RS update-source lo neighbor RS advertisement-interval 0 neighbor 172.16.0.71 peer-group RS neighbor 172.16.0.72 peer-group RS ! bgp unnumbered-mode neighbor ce50 remote-as external neighbor ce49 remote-as external neighbor ce50 advertisement-interval 0 neighbor ce49 advertisement-interval 0 exit-unnumbered-mode ! address-family ipv4 unicast network 172.16.0.12/32 max-paths ebgp 2 ! bgp v4-unnumbered-mode neighbor ce50 activate neighbor ce49 activate exit-v4-unnumbered-mode ! exit-address-family ! address-family l2vpn evpn neighbor RS activate ! bgp l2vpn-unnumbered-mode exit-l2vpn-unnumbered-mode ! exit-address-family ====================================== Задание 3. Настройка функционала EVPN/VXLAN на Leaf-коммутаторах ====================================== L11 mac vrf mhevpn1 evpn-vlan-service vlan-based rd 172.16.0.11:111 route-target both 111:111 ! evpn irb-forwarding anycast-gateway-mac 0000.2222.4444 ! nvo vxlan vtep-ip-global 172.16.0.11 ! interface po1 switchport evpn multi-homed system-mac 0000.0000.1111 ! interface xe1 channel-group 1 mode active ! interface irb1 ip vrf forwarding L3VRF1 evpn irb-if-forwarding anycast-gateway-mac ip address 172.16.11.254/24 anycast ! nvo vxlan id 141 ingress-replication inner-vid-disabled vxlan host-reachability-protocol evpn-bgp mhevpn1 evpn irb1 evpn irb-advertise-host-route vni-name mhevpn1 ! nvo vxlan access-if port-vlan po1 600 map vni-name mhevpn1 ! exit L12 mac vrf mhevpnx evpn-vlan-service vlan-based rd 172.16.0.12:111 route-target both 111:111 ! evpn irb-forwarding anycast-gateway-mac 0000.2222.4444 ! nvo vxlan vtep-ip-global 172.16.0.12 ! interface po1 switchport evpn multi-homed system-mac 0000.0000.1111 ! interface xe1 channel-group 1 mode active ! interface irb1 ip vrf forwarding L3VRF1 evpn irb-if-forwarding anycast-gateway-mac ip address 172.16.11.254/24 anycast ! nvo vxlan id 141 ingress-replication inner-vid-disabled vxlan host-reachability-protocol evpn-bgp mhevpn1 evpn irb1 evpn irb-advertise-host-route vni-name mhevpn1 ! nvo vxlan access-if port-vlan po1 600 map vni-name mhevpn1 ! exit ====================================== Задание 4. Проверка работы фабрики EVPN/VXLAN с eBGP-over-eBGP ====================================== L11 / L12: show bgp l2vpn evpn mac-ip show bgp l2vpn evpn prefix-route show ip route vrf L3VRF1 CE11 ping 172.16.11.254 пинг соседей ping 172.16.21.1 ping 172.16.31.1 ping 172.16.41.1 ping 172.16.51.1