华三VSR镜像做BGP-EVPN实验
华三VSR镜像做BGP-EVPN实验1.H3C-VSR镜像使用Vmware创建新虚拟机,开机配置挂载VSR的ISO镜像。选择第一个初始化安装,yes重启(近第一次初始化安装时使用)重启完成之后就可以使用了。搭建如下拓扑每个互联网段都使用了一个独立的vmware虚拟网络。Vmnet1用于ssh登录和抓取端口镜像过来的流量。2.BGP-EVPN同子网实验2.1 路由配置:sysname CE1-Lea
·
华三VSR镜像做BGP-EVPN实验
1.H3C-VSR镜像使用
- Vmware创建新虚拟机,开机配置挂载VSR的ISO镜像。
- 选择第一个初始化安装,yes重启(近第一次初始化安装时使用)
- 重启完成之后就可以使用了。
- 搭建如下拓扑每个互联网段都使用了一个独立的vmware虚拟网络。Vmnet1用于ssh登录和抓取端口镜像过来的流量。
2.BGP-EVPN同子网实验
2.1 路由配置:
sysname CE1-Leaf1
#
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 12.1.1.0 0.0.0.255
#
password-recovery enable
#
vlan 1
#
l2vpn enable
#
interface NULL0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface GigabitEthernet1/0
ip address 172.16.1.11 255.255.255.0
#
interface GigabitEthernet2/0
#
interface GigabitEthernet3/0
ip address 12.1.1.1 255.255.255.0
#
sysname CE2-spine1
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 12.1.1.0 0.0.0.255
network 13.1.1.0 0.0.0.255
#
password-recovery enable
#
vlan 1
#
interface NULL0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
interface GigabitEthernet1/0
ip address 172.16.1.12 255.255.255.0
#
interface GigabitEthernet2/0
ip address 12.1.1.2 255.255.255.0
#
interface GigabitEthernet3/0
ip address 13.1.1.2 255.255.255.0
sysname CE3-Leaf2
#
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 13.1.1.0 0.0.0.255
#
password-recovery enable
#
vlan 1
#
irf-port
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
interface GigabitEthernet1/0
ip address 172.16.1.13 255.255.255.0
#
interface GigabitEthernet2/0
#
interface GigabitEthernet3/0
ip address 13.1.1.3 255.255.255.0
2.2 Leaf1 evpn配置
(1)开启二层vpn功能
l2vpn enable
(2)配置L3VPN实例和L3VPN实例中的evpn RT值
ip vpn-instance vpna
route-distinguisher 1:2
#
address-family ipv4
vpn-target 1000:1 import-extcommunity #这里的RT用于后面spine通告缺省路由时使用。
vpn-target 1000:1 export-extcommunity
#
address-family evpn
vpn-target 300:1 import-extcommunity
vpn-target 300:1 export-extcommunity
(3)配置二层vsi实例
vsi vpna
gateway vsi-interface 1
vxlan 10
evpn encapsulation vxlan
route-distinguisher 1:1
vpn-target 10:1 export-extcommunity
vpn-target 10:1 import-extcommunity
(4)将连接vm接口关联到二层vsi实例
interface GigabitEthernet2/0
xconnect vsi vpna
(5)配置evpn分布式网关和vpn实例关联
interface Vsi-interface1
ip binding vpn-instance vpna
ip address 192.168.1.254 255.255.255.0
distributed-gateway local
mac-address 0000-005e-0010
local-proxy-arp enable
#
interface Vsi-interface3
ip binding vpn-instance vpna
l3-vni 1000
(6)配置BGP-evpn邻居
bgp 100
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
#
address-family ipv4 unicast
peer 3.3.3.3 enable
#
address-family l2vpn evpn
peer 3.3.3.3 enable
Spine节点只需要配置路由即可
2.3 Leaf2 evpn配置
(1)开启二层vpn功能
l2vpn enable
(2)配置L3VPN实例和L3VPN实例中的evpn RT值
ip vpn-instance vpna
route-distinguisher 1:2
#
address-family ipv4
vpn-target 1000:1 import-extcommunity
vpn-target 1000:1 export-extcommunity
#
address-family evpn
vpn-target 300:1 import-extcommunity
vpn-target 300:1 export-extcommunity
(3)配置二层vsi实例
vsi vpna
gateway vsi-interface 1
vxlan 10
evpn encapsulation vxlan
route-distinguisher 1:1
vpn-target 10:1 export-extcommunity
vpn-target 10:1 import-extcommunity
(4)将连接vm接口关联到二层vsi实例
interface GigabitEthernet2/0
xconnect vsi vpna
(5)配置evpn分布式网关和vpn实例关联
interface Vsi-interface1
ip binding vpn-instance vpna
ip address 192.168.1.254 255.255.255.0
distributed-gateway local
mac-address 0000-005e-0010
local-proxy-arp enable
#
interface Vsi-interface3
ip binding vpn-instance vpna
l3-vni 1000
(6)配置BGP-evpn邻居
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
#
address-family ipv4 unicast
peer 1.1.1.1 enable
#
address-family l2vpn evpn
peer 1.1.1.1 enable
查看bgp邻居
查看自动生成的tunnel vxlan隧道
查看S1上的BGP EVPN路由信息 [3]类路由,[5]类路由
3.BGP-EVPN 跨子网实验
3.1Leaf1配置
sysname CE1-Leaf1
#
ip vpn-instance vpna
route-distinguisher 1:2
#
address-family ipv4
vpn-target 1000:1 import-extcommunity
vpn-target 1000:1 export-extcommunity
#
address-family evpn
vpn-target 300:1 import-extcommunity
vpn-target 300:1 export-extcommunity
#
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 12.1.1.0 0.0.0.255
#
password-recovery enable
#
vlan 1
#
irf-port
#
l2vpn enable
#
vsi vpna
gateway vsi-interface 1
vxlan 10
evpn encapsulation vxlan
route-distinguisher 1:1
vpn-target 10:1 export-extcommunity
vpn-target 10:1 import-extcommunity
#
vsi vpnb
gateway vsi-interface 2
vxlan 20
evpn encapsulation vxlan
route-distinguisher 1:20
vpn-target 20:1 export-extcommunity
vpn-target 20:1 import-extcommunity
#
interface NULL0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface GigabitEthernet1/0
ip address 172.16.1.11 255.255.255.0
#
interface GigabitEthernet2/0
xconnect vsi vpna
#
interface GigabitEthernet3/0
ip address 12.1.1.1 255.255.255.0
#
interface Vsi-interface1
ip binding vpn-instance vpna
ip address 192.168.1.254 255.255.255.0
distributed-gateway local
mac-address 0000-005e-0010
local-proxy-arp enable
#
interface Vsi-interface2
ip binding vpn-instance vpna
ip address 192.168.2.254 255.255.255.0
distributed-gateway local
mac-address 0000-005e-0020
local-proxy-arp enable
#
interface Vsi-interface3
ip binding vpn-instance vpna
l3-vni 1000
#
bgp 100
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
#
address-family ipv4 unicast
peer 3.3.3.3 enable
#
address-family l2vpn evpn
peer 3.3.3.3 enable
Spine节点仅需配置路由即可
3.2Leaf2配置
sysname CE3-Leaf2
#
ip vpn-instance vpna
route-distinguisher 1:2
#
address-family ipv4
vpn-target 1000:1 import-extcommunity
vpn-target 1000:1 export-extcommunity
#
address-family evpn
vpn-target 300:1 import-extcommunity
vpn-target 300:1 export-extcommunity
#
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 13.1.1.0 0.0.0.255
#
password-recovery enable
#
vlan 1
#
irf-port
#
l2vpn enable
#
vsi vpna
gateway vsi-interface 1
vxlan 10
evpn encapsulation vxlan
route-distinguisher 1:2
vpn-target 10:1 export-extcommunity
vpn-target 10:1 import-extcommunity
#
vsi vpnb
gateway vsi-interface 2
vxlan 20
evpn encapsulation vxlan
route-distinguisher 1:20
vpn-target 20:1 export-extcommunity
vpn-target 20:1 import-extcommunity
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
interface GigabitEthernet1/0
ip address 172.16.1.13 255.255.255.0
#
interface GigabitEthernet2/0
xconnect vsi vpnb
#
interface GigabitEthernet3/0
ip address 13.1.1.3 255.255.255.0
#
interface Vsi-interface1
ip binding vpn-instance vpna
ip address 192.168.1.254 255.255.255.0
distributed-gateway local
mac-address 0000-005e-0010
local-proxy-arp enable
#
interface Vsi-interface2
ip binding vpn-instance vpna
ip address 192.168.2.254 255.255.255.0
distributed-gateway local
mac-address 0000-005e-0020
local-proxy-arp enable
#
interface Vsi-interface3
ip binding vpn-instance vpna
l3-vni 1000
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
#
address-family ipv4 unicast
peer 1.1.1.1 enable
#
address-family l2vpn evpn
peer 1.1.1.1 enable
#
4.BGP-EVPN访问广域网
4.1Leaf1配置
sysname CE1-Leaf1
#
ip vpn-instance vpna
route-distinguisher 1:2
#
address-family ipv4
vpn-target 1000:1 import-extcommunity
vpn-target 1000:1 export-extcommunity
#
address-family evpn
vpn-target 300:1 import-extcommunity
vpn-target 300:1 export-extcommunity
#
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 12.1.1.0 0.0.0.255
#
password-recovery enable
#
vlan 1
#
irf-port
#
l2vpn enable
#
vsi vpna
gateway vsi-interface 1
vxlan 10
evpn encapsulation vxlan
route-distinguisher 1:1
vpn-target 10:1 export-extcommunity
vpn-target 10:1 import-extcommunity
#
vsi vpnb
gateway vsi-interface 2
vxlan 20
evpn encapsulation vxlan
route-distinguisher 1:20
vpn-target 20:1 export-extcommunity
vpn-target 20:1 import-extcommunity
#
interface NULL0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface GigabitEthernet1/0
ip address 172.16.1.11 255.255.255.0
#
interface GigabitEthernet2/0
xconnect vsi vpna
#
interface GigabitEthernet3/0
ip address 12.1.1.1 255.255.255.0
#
interface Vsi-interface1
ip binding vpn-instance vpna
ip address 192.168.1.254 255.255.255.0
distributed-gateway local
mac-address 0000-005e-0010
local-proxy-arp enable
#
interface Vsi-interface2
ip binding vpn-instance vpna
ip address 192.168.2.254 255.255.255.0
distributed-gateway local
mac-address 0000-005e-0020
local-proxy-arp enable
#
interface Vsi-interface3
ip binding vpn-instance vpna
l3-vni 1000
#
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
#
address-family ipv4 unicast
peer 2.2.2.2 enable
#
address-family l2vpn evpn
peer 2.2.2.2 enable
4.2Spine节点配置
sysname CE2-spine1
#
ip vpn-instance public
route-distinguisher 1:1
#
address-family ipv4
vpn-target 1000:1 import-extcommunity
vpn-target 1000:1 export-extcommunity
#
address-family evpn
vpn-target 300:1 import-extcommunity
vpn-target 300:1 export-extcommunity
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 12.1.1.0 0.0.0.255
network 13.1.1.0 0.0.0.255
#
mirroring-group 1 local
#
password-recovery enable
#
vlan 1
#
irf-port
#
l2vpn enable
#
interface NULL0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
interface GigabitEthernet1/0
ip address 172.16.1.12 255.255.255.0
mirroring-group 1 monitor-port
#
interface GigabitEthernet2/0
ip address 12.1.1.2 255.255.255.0
mirroring-group 1 mirroring-port both
#
interface GigabitEthernet3/0
ip address 13.1.1.2 255.255.255.0
#
interface GigabitEthernet4/0
ip binding vpn-instance public
ip address 24.1.1.2 255.255.255.0
#
interface Vsi-interface3
ip binding vpn-instance public
l3-vni 1000
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
#
address-family ipv4 unicast
import-route static
peer 1.1.1.1 enable
peer 3.3.3.3 enable
#
address-family l2vpn evpn
undo policy vpn-target
peer 1.1.1.1 enable
peer 1.1.1.1 reflect-client
peer 3.3.3.3 enable
peer 3.3.3.3 reflect-client
#
ip vpn-instance public
#
address-family ipv4 unicast
default-route imported
import-route static
4.3Leaf2配置
sysname CE3-Leaf2
#
ip vpn-instance vpna
route-distinguisher 1:2
#
address-family ipv4
vpn-target 1000:1 import-extcommunity
vpn-target 1000:1 export-extcommunity
#
address-family evpn
vpn-target 300:1 import-extcommunity
vpn-target 300:1 export-extcommunity
#
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 13.1.1.0 0.0.0.255
#
password-recovery enable
#
vlan 1
#
irf-port
#
l2vpn enable
#
vsi vpna
gateway vsi-interface 1
vxlan 10
evpn encapsulation vxlan
route-distinguisher 1:2
vpn-target 10:1 export-extcommunity
vpn-target 10:1 import-extcommunity
#
vsi vpnb
gateway vsi-interface 2
vxlan 20
evpn encapsulation vxlan
route-distinguisher 1:20
vpn-target 20:1 export-extcommunity
vpn-target 20:1 import-extcommunity
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
interface GigabitEthernet1/0
ip address 172.16.1.13 255.255.255.0
#
interface GigabitEthernet2/0
xconnect vsi vpnb
#
interface GigabitEthernet3/0
ip address 13.1.1.3 255.255.255.0
#
interface Vsi-interface1
ip binding vpn-instance vpna
ip address 192.168.1.254 255.255.255.0
distributed-gateway local
mac-address 0000-005e-0010
local-proxy-arp enable
#
interface Vsi-interface2
ip binding vpn-instance vpna
ip address 192.168.2.254 255.255.255.0
distributed-gateway local
mac-address 0000-005e-0020
local-proxy-arp enable
#
interface Vsi-interface3
ip binding vpn-instance vpna
l3-vni 1000
#
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
#
address-family ipv4 unicast
peer 2.2.2.2 enable
#
address-family l2vpn evpn
peer 2.2.2.2 enable
#
4.4Bdr配置
参考 微信公众号:ping通就跑
华为开发者空间,是为全球开发者打造的专属开发空间,汇聚了华为优质开发资源及工具,致力于让每一位开发者拥有一台云主机,基于华为根生态开发、创新。
更多推荐
5
0- 0
已为社区贡献1条内容
所有评论(0)