MGMT:
L11		192.168.101.11/24
L12		192.168.101.12/24
BLF11	192.168.101.13/24
SP11	192.168.101.14/24
SP12	192.168.101.15/24
CE11	192.168.101.1/24
CE12	192.168.101.111/24

=======================================
L11 loopback1 172.16.0.11/32
L12 loopback1 172.16.0.12/32
SP11 lo 172.16.0.111/32
SP12 lo 172.16.0.112/32
BLF11 lo 172.16.0.101/32
=======================================
L11 IRB1 172.16.11.254/32
L12 IRB1 172.16.11.254/32

L11 IRB11 172.16.111.254/32
L12 IRB12 172.16.111.254/32

BLF11 IRB11 10.10.111.2/24
BLF11 vlan1.111 10.10.100.1/30
BLF11 vlan1.112 10.10.100.2/30

=======================================
Определение IP-адреса BGP-пира на стыке между BLFx1 и маршрутизатором PE1
Коммутатор IP-адрес BGP-пира
BLF11 10.10.100.2/30
BLF11 10.10.100.6/30

=====================================
CE11 vlan600 172.16.11.1/24
CE12 vlan700 172.16.111.1/24

============================================= Задание 1. Загрузка начальных конфигураций =============================================

CE11
copy mgmt-if tftp://192.168.101.100/ce11 startup-config
reload

CE12
copy mgmt-if tftp://192.168.101.100/ce12 startup-config
reload

BLF11
copy tftp tftp://192.168.101.100/BLF11 startup-config vrf management
reload

SP11
copy tftp tftp://192.168.101.100/SP11 startup-config vrf management
reload

SP12
copy tftp tftp://192.168.101.100/SP12 startup-config vrf management
reload

============================================== Задание 2. Настройка EVPN-VXLAN фабрики с eBGP-over-eBGP =====================================

1. На коммутаторах Lx1, Lx2 отключите интерфейсы ce49 и ce50 (команда shutdown).

L11 / L12
int ce49
shut
int ce50
shut

2. На коммутаторах Lx1, Lx2 установите скорость работы портов xe3 и xe4 равной 10 Гбит/с:

L11 / L12
conf t
port-group 1 speed 10g
port-group 2 speed 10g
commit

show port-group details

show run | in port-group

3. Внесите изменения в настройку протокола BGP коммутаторов Lx1, Lx2:

L11

interface po2
switchport
evpn multi-homed system-mac 0000.1111.1111
!
interface xe2
channel-group 2 mode active
!
mac vrf mhevpn12
evpn-vlan-service vlan-based
rd 172.16.0.11:112
route-target both 112:112
!
ip vrf L3VRF2
rd 172.16.0.11:1121
route-target both 1121:1121
l3vni 2005002
!
nvo vxlan id 1141 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp mhevpn12

evpn irb12
evpn irb-advertise-host-route
vni-name mhevpn12
!
interface irb12
ip vrf forwarding L3VRF2
evpn irb-if-forwarding anycast-gateway-mac
ip address 172.16.111.254/24 anycast
!
nvo vxlan access-if port-vlan po2 700
map vni-name mhevpn12
!
router bgp 4200000011
neighbor RS peer-group
neighbor RS remote-as 4200000100
neighbor RS ebgp-multihop
neighbor RS update-source lo
neighbor RS advertisement-interval 0
neighbor 172.16.0.111 peer-group RS
neighbor 172.16.0.112 peer-group RS
!
bgp unnumbered-mode
neighbor xe3 remote-as external
neighbor xe4 remote-as external
neighbor xe3 advertisement-interval 0
neighbor xe4 advertisement-interval 0
exit-unnumbered-mode
!
address-family ipv4 unicast
network 172.16.0.11/32
max-paths ebgp 2
!
bgp v4-unnumbered-mode
neighbor xe3 activate
neighbor xe4 activate
exit-v4-unnumbered-mode
!
exit-address-family
!
address-family l2vpn evpn
neighbor RS activate
!
bgp l2vpn-unnumbered-mode
exit-l2vpn-unnumbered-mode
!
exit-address-family
!
address-family ipv4 vrf L3VRF1
redistribute connected
exit-address-family
!
address-family ipv4 vrf L3VRF2
redistribute connected
exit-address-family
!
exit

------------------------------------------------------------

L12:

interface po2
switchport
evpn multi-homed system-mac 0000.1111.1111
!
interface xe2
channel-group 2 mode active
!
mac vrf mhevpn12
evpn-vlan-service vlan-based
rd 172.16.0.12:112
route-target both 112:112
!
ip vrf L3VRF2
rd 172.16.0.21:1121
route-target both 1121:1121
l3vni 2005002
!
nvo vxlan id 1141 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp mhevpn12
evpn irb12
evpn irb-advertise-host-route
vni-name mhevpn12
!
interface irb12
ip vrf forwarding L3VRF2
evpn irb-if-forwarding anycast-gateway-mac
ip address 172.16.111.254/24 anycast
!
nvo vxlan access-if port-vlan po2 700
map vni-name mhevpn12
!
router bgp 4200000012
neighbor RS peer-group
neighbor RS remote-as 4200000100
neighbor RS ebgp-multihop
neighbor RS update-source lo
neighbor RS advertisement-interval 0
neighbor 172.16.0.111 peer-group RS
neighbor 172.16.0.112 peer-group RS
!
bgp unnumbered-mode
neighbor xe3 remote-as external
neighbor xe4 remote-as external
neighbor xe3 advertisement-interval 0
neighbor xe4 advertisement-interval 0
exit-unnumbered-mode
!
address-family ipv4 unicast
network 172.16.0.12/32
max-paths ebgp 2
!
bgp v4-unnumbered-mode
neighbor xe3 activate
neighbor xe4 activate
exit-v4-unnumbered-mode
!
exit-address-family
!
address-family l2vpn evpn
neighbor RS activate
!
bgp l2vpn-unnumbered-mode
exit-l2vpn-unnumbered-mode
!
exit-address-family
!
address-family ipv4 vrf L3VRF1
redistribute connected
exit-address-family
!
address-family ipv4 vrf L3VRF2
redistribute connected
exit-address-family
!
exit

========================================= 4. Выполните настройку коммутаторов CEx1 и CEx2 согласно приведённым шаблонам. ==================================

CE11

vlan database
vlan 600
vlan 600 name BLUE
!
spanning-tree enable
!
interface eth-0-27
switchport mode trunk
switchport trunk allowed vlan add 600
channel-group 40 mode active
!
interface eth-0-28
switchport mode trunk
switchport trunk allowed vlan add 600
channel-group 40 mode active
!
interface agg40
switchport mode trunk
switchport trunk allowed vlan add 600
mlag 40
!
interface vlan600
ip address 172.16.11.1/24
!
ip route 0.0.0.0/0 172.16.11.254

------------------------------------------------

CE12

vlan database
vlan 700 name GREEN
!
interface eth-0-27
switchport mode trunk
switchport trunk allowed vlan add 700
channel-group 40 mode active
!
interface eth-0-28
switchport mode trunk
switchport trunk allowed vlan add 700
channel-group 40 mode active
!
interface agg40
switchport mode trunk
switchport trunk allowed vlan add 700
mlag 40
!
interface vlan700
ip address 172.16.111.1/24
!
ip route 0.0.0.0/0 172.16.111.254

================= 5. Выполните настройку коммутаторов BLFx1, SPx1, SPx2 согласно шаблонам конфигурации, приведённым ниже. =======================

BLF11

bgp extended-asn-cap
!
nvo vxlan enable
!
nvo vxlan irb

evpn vxlan multihoming enable
!
mac vrf mhevpn1
evpn-vlan-service vlan-based
rd 172.16.0.101:111
route-target both 111:111
!
mac vrf mhevpn2
evpn-vlan-service vlan-based
rd 172.16.0.101:112
route-target both 112:112
!
ip vrf L3VRF1
rd 172.16.0.101:1111
route-target both 1111:1111
l3vni 2005001
!
ip vrf L3VRF2
rd 172.16.0.101:1121
route-target both 1121:1121
l3vni 2005002
!
nvo vxlan vtep-ip-global 172.16.0.101
!
nvo vxlan id 141 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp mhevpn1
!
nvo vxlan id 1141 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp mhevpn2

interface lo
ip address 172.16.0.101/32 secondary
!
router bgp 4200000013
bgp router-id 172.16.0.101
neighbor RS peer-group
neighbor RS remote-as 4200000100
neighbor RS update-source lo
neighbor RS advertisement-interval 0
neighbor 172.16.0.111 peer-group RS
neighbor 172.16.0.112 peer-group RS
!
bgp unnumbered-mode
neighbor xe1 remote-as external
neighbor xe2 remote-as external
neighbor xe1 advertisement-interval 0
neighbor xe2 advertisement-interval 0
exit-unnumbered-mode
!
address-family ipv4 unicast
network 172.16.0.101/32
max-paths ebgp 2
!
bgp v4-unnumbered-mode
neighbor xe1 activate
neighbor xe2 activate
exit-v4-unnumbered-mode
!
exit-address-family
!
address-family l2vpn evpn
neighbor RS activate

bgp l2vpn-unnumbered-mode
exit-l2vpn-unnumbered-mode
!
exit-address-family
!
address-family ipv4 vrf L3VRF1
redistribute connected
exit-address-family
!
address-family ipv4 vrf L3VRF1
redistribute connected
exit-address-family
!
exit

---------------------------------------------
SP11

interface xe1
description Link to BLF11 port xe1
lldp-agent
set lldp enable txrx
set lldp chassis-id-tlv mac-address
set lldp port-id-tlv if-name
dcbx enable
exit
!
interface xe3
description Link to L11 port xe3
lldp-agent
set lldp enable txrx
set lldp chassis-id-tlv mac-address
set lldp port-id-tlv if-name
dcbx enable
exit
!
interface xe4
description Link to L12 port xe4
lldp-agent
set lldp enable txrx
set lldp chassis-id-tlv mac-address
set lldp port-id-tlv if-name
dcbx enable
exit
!
bgp extended-asn-cap
!
interface lo
ip address 127.0.0.1/8
ipv6 address ::1/128
ip address 172.16.0.111/32 secondary
!
router bgp 4200000100
bgp router-id 172.16.0.111
no bgp inbound-route-filter
neighbor 172.16.0.101 remote-as 4200000013
neighbor 172.16.0.11 remote-as 4200000011
neighbor 172.16.0.12 remote-as 4200000012
neighbor 172.16.0.101 ebgp-multihop
neighbor 172.16.0.101 update-source lo
neighbor 172.16.0.101 advertisement-interval 0
neighbor 172.16.0.11 ebgp-multihop
neighbor 172.16.0.11 update-source lo
neighbor 172.16.0.11 advertisement-interval 0
neighbor 172.16.0.12 ebgp-multihop
neighbor 172.16.0.12 update-source lo
neighbor 172.16.0.12 advertisement-interval 0
!
bgp unnumbered-mode
neighbor xe1 remote-as external
neighbor xe3 remote-as external
neighbor xe4 remote-as external
neighbor xe1 advertisement-interval 0
neighbor xe3 advertisement-interval 0
neighbor xe4 advertisement-interval 0
exit-unnumbered-mode
!
address-family ipv4 unicast
network 172.16.0.111/32
!
bgp v4-unnumbered-mode
neighbor xe1 activate
neighbor xe3 activate
neighbor xe4 activate
exit-v4-unnumbered-mode
!
exit-address-family
!
address-family l2vpn evpn
neighbor 172.16.0.101 activate
neighbor 172.16.0.11 activate
neighbor 172.16.0.12 activate
!
bgp l2vpn-unnumbered-mode
exit-l2vpn-unnumbered-mode

exit-address-family
!
exit

---------------------------------
SP12

interface xe1
description Link to BLF11 port xe2
lldp-agent
set lldp enable txrx
set lldp chassis-id-tlv mac-address
set lldp port-id-tlv if-name
dcbx enable
exit
!
interface xe3
description Link to L12 port xe3
lldp-agent
set lldp enable txrx
set lldp chassis-id-tlv mac-address
set lldp port-id-tlv if-name
dcbx enable
exit
!
interface xe4
description Link to L11 port xe4
lldp-agent
set lldp enable txrx
set lldp chassis-id-tlv mac-address
set lldp port-id-tlv if-name
dcbx enable
exit
!
bgp extended-asn-cap
!
interface lo
ip address 127.0.0.1/8
ipv6 address ::1/128
ip address 172.16.0.112/32 secondary
!
router bgp 4200000100
bgp router-id 172.16.0.112
no bgp inbound-route-filter
neighbor 172.16.0.101 remote-as 4200000013
neighbor 172.16.0.11 remote-as 4200000011
neighbor 172.16.0.12 remote-as 4200000012
neighbor 172.16.0.11 ebgp-multihop
neighbor 172.16.0.11 update-source lo
neighbor 172.16.0.11 advertisement-interval 0
neighbor 172.16.0.101 ebgp-multihop
neighbor 172.16.0.101 update-source lo
neighbor 172.16.0.101 advertisement-interval 0
neighbor 172.16.0.12 ebgp-multihop
neighbor 172.16.0.12 update-source lo
neighbor 172.16.0.12 advertisement-interval 0
!
bgp unnumbered-mode
neighbor xe1 remote-as external
neighbor xe3 remote-as external
neighbor xe4 remote-as external
neighbor xe1 advertisement-interval 0
neighbor xe3 advertisement-interval 0
neighbor xe4 advertisement-interval 0
exit-unnumbered-mode
!
address-family ipv4 unicast
network 172.16.0.112/32
!
bgp v4-unnumbered-mode
neighbor xe1 activate
neighbor xe3 activate
neighbor xe4 activate
exit-v4-unnumbered-mode
!
exit-address-family
!
address-family l2vpn evpn
neighbor 172.16.0.101 activate
neighbor 172.16.0.11 activate
neighbor 172.16.0.12 activate
!
bgp l2vpn-unnumbered-mode
exit-l2vpn-unnumbered-mode
!
exit-address-family
!
exit

======================================= Задание 3. Настройка топологии Hub and Spoke в фабрике EVPN-VXLAN =================================================

1. Настройте коммутатор BLFx1 для обмена bgp-маршрутами c маршрутизатором PE1.
<значение> – IP-адрес, приведенный в разделе «Необходимые ресурсы» данной лабораторной
работы.

BLF11

port-group 1 speed 10g
port-group 3 speed 10g
bridge 1 protocol rstp vlan-bridge
!
vlan database
vlan 111-112 bridge 1 state enable
!
interface vlan1.111
ip vrf forwarding L3VRF1
ip address 10.10.100.1/30
!
interface vlan1.112
ip vrf forwarding L3VRF2
ip address 10.10.100.2/30
!
interface xe11
switchport
bridge-group 1
switchport mode trunk
switchport trunk allowed vlan add 1x1-1x2
lldp-agent
set lldp enable txrx
set lldp port-id-tlv if-name
dcbx enable
exit
!
router bgp 4200000013
!
address-family ipv4 vrf L3VRF1
redistribute connected
neighbor 10.10.100.2 remote-as 65100
neighbor 10.10.100.2 local-as 65101
neighbor 10.10.100.2 activate
exit-address-family
!
!
address-family ipv4 vrf L3VRF2
redistribute connected
neighbor 10.10.100.6 remote-as 65100
neighbor 10.10.100.6 local-as 65101
neighbor 10.10.100.6 activate
exit-address-family

============================= Задание 4. Проверка работоспособности L3 Out (подключение к внешним сетям) ==================================

1. На коммутаторах Lx1 и Lx2 выполните команды проверки работоспособности фабрики.
Команды проверки:

show bgp l2vpn evpn mac-ip
show bgp l2vpn evpn prefix-route
show ip route vrf L3VRF1

2. На коммутаторе BLFx1 выполните команды проверки работоспособности фабрики.
Команды проверки:
show bgp l2vpn evpn mac-ip
show bgp l2vpn evpn prefix-route
show ip route vrf L3VRF1
	
3. Выполните на коммутаторе CEx1:
ping 172.16.11.254 – проверка достижимости шлюза по умолчанию
ping 172.16.<номер POD другого слушателя>1.1 – проверка L3-связности с внешними
сетями
ping 8.8.8.8 – проверка L3-связности с Интернет