- 产品与解决方案
- 行业解决方案
- 服务
- 支持
- 合作伙伴
- 关于我们
81-EVPN组播典型配置举例
本章节下载: 81-EVPN组播典型配置举例 (275.77 KB)
如图1所示,EVPN分布式网关组网中,Leaf 1和Leaf 2为EVPN分布式网关;RR为路由反射器,在Leaf 1和Leaf 2之间反射路由。Leaf 1连接组播接收者,Leaf 2连接组播源。组播源和组播接收者均属于VXLAN 10。组播流量需要跨越EVPN网络从组播源发送给属于同一VXLAN网络的组播接收者,即需要在EVPN网络中实现二层组播流量转发。
具体需求为:
· 对于Overlay网络,Leaf 1和Leaf 2均在AS 65000中与RR建立BGP EVPN邻居,由RR在Leaf 1和Leaf 2之间反射BGP EVPN路由。
· 对于Underlay网络,Leaf 1、RR和Leaf 2运行OSPF,实现路由互通。
图1 EVPN二层组播配置组网图
为了实现组播流量跨越EVPN网络进行二层转发,需要在Leaf设备上开启IGMP Snooping功能,侦听组播接收者发送的IGMP成员关系报告报文,并通过EVPN SMET路由(Selective Multicast Ethernet Tag Route,选择性组播以太网标签路由)在Leaf间通告组播加入请求,以便在Leaf上建立二层组播转发表项。
表1 适用产品及版本
|
产品 |
软件版本 |
|
S6812系列 S6813系列 |
Release 6615Pxx系列、Release 6628Pxx系列 |
|
S6550XE-HI系列 |
不支持 |
|
S6525XE-HI系列 |
不支持 |
|
S5850系列 |
不支持 |
|
S5570S-EI系列 |
不支持 |
|
S5560X-EI系列 |
Release 65xx系列、Release 6615Pxx系列、Release 6628Pxx系列 |
|
S5560X-HI系列 |
Release 65xx系列、Release 6615Pxx系列、Release 6628Pxx系列 |
|
S5500V2-EI系列 |
Release 65xx系列、Release 6615Pxx系列、Release 6628Pxx系列 |
|
MS4520V2-30F |
Release 65xx系列、Release 6615Pxx系列、Release 6628Pxx系列 |
|
MS4520V2-30C MS4520V2-54C |
Release 65xx系列、Release 6615Pxx系列、Release 6628Pxx系列 |
|
MS4520V2-28S MS4520V2-24TP |
不支持 |
|
S6520X-HI系列 S6520X-EI系列 |
Release 65xx系列、Release 6615Pxx系列、Release 6628Pxx系列 |
|
S6520X-SI系列 S6520-SI系列 |
Release 65xx系列、Release 6615Pxx系列、Release 6628Pxx系列 |
|
S5000-EI系列 |
Release 65xx系列、Release 6615Pxx系列、Release 6628Pxx系列 |
|
MS4600系列 |
Release 65xx系列、Release 6615Pxx系列、Release 6628Pxx系列 |
|
ES5500系列 |
Release 65xx系列、Release 6615Pxx系列、Release 6628Pxx系列 |
|
S5560S-EI系列 S5560S-SI系列 |
不支持 |
|
S5500V3-24P-SI S5500V3-48P-SI |
不支持 |
|
S5500V3-SI系列(除S5500V3-24P-SI、S5500V3-48P-SI) |
不支持 |
|
S5170-EI系列 |
不支持 |
|
S5130S-HI系列 S5130S-EI[-R]系列 S5130S-SI系列 S5130S-LI系列 |
不支持 |
|
S5120V2-SI系列 S5120V2-LI系列 |
不支持 |
|
S5120V3-EI系列 |
不支持 |
|
S5120V3-36F-SI S5120V3-28P-HPWR-SI S5120V3-54P-PWR-SI |
不支持 |
|
S5120V3-SI系列(除S5120V3-36F-SI、S5120V3-28P-HPWR-SI、S5120V3-54P-PWR-SI) |
不支持 |
|
S5120V3-LI系列 |
不支持 |
|
S3600V3-EI系列 |
不支持 |
|
S3600V3-SI系列 |
不支持 |
|
S3100V3-EI系列 S3100V3-SI系列 |
不支持 |
|
S5110V2系列 |
不支持 |
|
S5110V2-SI系列 |
不支持 |
|
S5000V3-EI系列 S5000V5-EI系列 |
不支持 |
|
S5000E-X系列 S5000X-EI系列 |
不支持 |
|
E128C E152C E500C系列 E500D系列 |
不支持 |
|
MS4320V2系列 MS4320V3系列 MS4300V2系列 MS4320系列 MS4200系列 |
不支持 |
|
WS5850-WiNet系列 |
不支持 |
|
WS5820-WiNet系列 WS5810-WiNet系列 |
不支持 |
|
WAS6000系列 |
不支持 |
|
IE4300-12P-AC & IE4300-12P-PWR IE4300-M系列 IE4320系列 |
不支持 |
|
IE4520系列 |
Release 66xx系列 |
|
S5135S-EI |
不支持 |
在VSI内使能了IGMP Snooping之后,IGMP Snooping只在属于该VSI的端口上生效。
在EVPN VXLAN组网中,由于VSI内IGMP Snooping查询器发送查询报文不携带VLAN Tag,所以不建议在携带VLAN Tag的Ethernet接入模式下配置IGMP Snooping查询器。
分布式EVPN网关上VSI虚接口存在如下配置要求:
· VSI虚接口的MAC地址不能配置为设备的保留MAC。
· 同一分布式网关上承载L3VNI的VSI虚接口的MAC地址必须配置一致。在分布式EVPN网关设备上,如果通过mac-address命令修改了某一关联L3VNI的VSI虚接口的MAC地址,则必须通过该命令将所有与L3VNI关联的VSI虚接口的MAC地址修改为相同的值,否则可能会导致报文转发失败。
· 当网关连接IPv6站点网络时,需要为同一分布式网关上承载L3VNI的VSI虚接口配置相同的IPv6链路本地地址。采用自动方式生成链路本地地址时,由于MAC地址相同,则生成的链路本地地址相同;若采用手工方式配置,则必须保证配置的链路本地地址相同。
· 不同分布式网关上作为同一个VXLAN网络网关接口的VSI虚接口需要配置相同的IP/IPv6地址和MAC地址。
分布式EVPN网关上配置的L3VNI不能与mapping vni命令配置的映射远端VXLAN ID相同。
在分布式EVPN网关设备上,如果开启了ARP/ND泛洪抑制功能,并在VSI虚接口上开启了本地代理ARP/ND功能,则只有本地代理ARP/ND功能生效。建议不要在分布式EVPN网关设备上同时开启这两个功能。
<Sysname> system-view
[Sysname] switch-mode 1
Reboot device to make the configuration take effect.
[Sysname] quit
<Sysname> reboot
Start to check configuration with next startup configuration file, please wait..
.......DONE!
Current configuration may be lost after the reboot, save current configuration?
[Y/N]:y
This command will reboot the device. Continue? [Y/N]:y
# 配置Loopback接口和GigabitEthernet1/0/3接口的IP地址。
<Sysname> system-view
[Sysname] sysname Leaf1
[Leaf1] interface loopback 0
[Leaf1-LoopBack0] ip address 172.16.0.1 255.255.255.255
[Leaf1-LoopBack0] quit
[Leaf1] interface gigabitethernet 1/0/3
[Leaf1-GigabitEthernet1/0/3] port link-mode route
[Leaf1-GigabitEthernet1/0/3] ip address 12.1.1.1 24
[Leaf1-GigabitEthernet1/0/3] quit
# 配置OSPF,使得Underlay网络路由可达。
[Leaf1] router id 172.16.0.1
[Leaf1] ospf
[Leaf1-ospf-1] area 0
[Leaf1-ospf-1-area-0.0.0.0] network 172.16.0.1 0.0.0.0
[Leaf1-ospf-1-area-0.0.0.0] network 12.1.1.1 0.0.0.255
[Leaf1-ospf-1-area-0.0.0.0] quit
[Leaf1-ospf-1] quit
# 创建VPN实例vpn1,并配置VPN实例的RD和RT。
[Leaf1] ip vpn-instance vpn1
[Leaf1-vpn-instance-vpn1] route-distinguisher 1:1
[Leaf1-vpn-instance-vpn1] address-family ipv4
[Leaf1-vpn-ipv4-vpn1] vpn-target 2:2 import-extcommunity
[Leaf1-vpn-ipv4-vpn1] vpn-target 2:2 export-extcommunity
[Leaf1-vpn-ipv4-vpn1] quit
[Leaf1-vpn-instance-vpn1] address-family evpn
[Leaf1-vpn-evpn-vpn1] vpn-target 1:1 import-extcommunity
[Leaf1-vpn-evpn-vpn1] vpn-target 1:1 export-extcommunity
[Leaf1-vpn-evpn-vpn1] quit
[Leaf1-vpn-instance-vpn1] quit
# 开启L2VPN服务。
[Leaf1] l2vpn enable
# 配置VSI网关接口。
[Leaf1] interface vsi-interface 1
[Leaf1-Vsi-interface1] ip binding vpn-instance vpn1
[Leaf1-Vsi-interface1] ip address 10.255.255.254 255.0.0.0
[Leaf1-Vsi-interface1] mac-address 0000-0001-0001
[Leaf1-Vsi-interface1] distributed-gateway local
[Leaf1-Vsi-interface1] quit
# 关闭远端MAC地址和远端ARP自动学习功能。
[Leaf1] vxlan tunnel mac-learning disable
[Leaf1] vxlan tunnel arp-learning disable
# 配置VSI与VXLAN 10关联,并指定VSI网关接口为VSI虚接口1。
[Leaf1] vsi vsi1
[Leaf1-vsi-vsi1] gateway vsi-interface 1
[Leaf1-vsi-vsi1] statistics enable
[Leaf1-vsi-vsi1] arp suppression enable
[Leaf1-vsi-vsi1] vxlan 10
[Leaf1-vsi-vsi1-vxlan-10] quit
# 配置VXLAN封装方式EVPN实例的RD和RT。
[Leaf1-vsi-vsi1] evpn encapsulation vxlan
[Leaf1-vsi-vsi1-evpn-vxlan] route-distinguisher auto
[Leaf1-vsi-vsi1-evpn-vxlan] vpn-target auto export-extcommunity
[Leaf1-vsi-vsi1-evpn-vxlan] vpn-target auto import-extcommunity
[Leaf1-vsi-vsi1-evpn-vxlan] quit
[Leaf1-vsi-vsi1] quit
# 配置关联L3VNI的VSI虚接口。
[Leaf1] interface vsi-interface 2
[Leaf1-Vsi-interface2] ip binding vpn-instance vpn1
[Leaf1-Vsi-interface2] l3-vni 10000
[Leaf1-Vsi-interface2] quit
# 配置Leaf 1与RR建立BGP EVPN邻居。
[Leaf1] bgp 65000
[Leaf1-bgp-default] peer 172.16.10.1 as-number 65000
[Leaf1-bgp-default] peer 172.16.10.1 connect-interface loopback 0
[Leaf1-bgp-default] peer 172.16.10.1 password simple overlay
[Leaf1-bgp-default] address-family l2vpn evpn
[Leaf1-bgp-default-evpn] peer 172.16.10.1 enable
[Leaf1-bgp-default-evpn] quit
[Leaf1-bgp-default] quit
# 在接口GigabitEthernet1/0/1上创建以太网服务实例,并配置以太网服务实例与VSI实例vsi1关联。
[Leaf1] interface gigabitethernet 1/0/1
[Leaf1-GigabitEthernet1/0/1] port link-mode bridge
[Leaf1-GigabitEthernet1/0/1] port link-type trunk
[Leaf1-GigabitEthernet1/0/1] undo port trunk permit vlan 1
[Leaf1-GigabitEthernet1/0/1] port trunk permit vlan 1000
[Leaf1-GigabitEthernet1/0/1] service-instance 1
[Leaf1-GigabitEthernet1/0/1-srv1] encapsulation s-vid 1000
[Leaf1-GigabitEthernet1/0/1-srv1] statistics enable
[Leaf1-GigabitEthernet1/0/1-srv1] xconnect vsi vsi1
[Leaf1-GigabitEthernet1/0/1-srv1] quit
[Leaf1-GigabitEthernet1/0/1] quit
# 在接口GigabitEthernet1/0/2上创建以太网服务实例,并配置以太网服务实例与VSI实例vsi1关联。
[Leaf1] interface gigabitethernet 1/0/2
[Leaf1-GigabitEthernet1/0/2] port link-mode bridge
[Leaf1-GigabitEthernet1/0/2] port link-type trunk
[Leaf1-GigabitEthernet1/0/2] undo port trunk permit vlan 1
[Leaf1-GigabitEthernet1/0/2] port trunk permit vlan 1001
[Leaf1-GigabitEthernet1/0/2] service-instance 1
[Leaf1-GigabitEthernet1/0/2-srv1] encapsulation s-vid 1001
[Leaf1-GigabitEthernet1/0/2-srv1] statistics enable
[Leaf1-GigabitEthernet1/0/2-srv1] xconnect vsi vsi1
[Leaf1-GigabitEthernet1/0/2-srv1] quit
[Leaf1-GigabitEthernet1/0/2] quit
# 全局开启IGMP Snooping。
[Leaf1] igmp-snooping
[Leaf1-igmp-snooping] global-enable
[Leaf1-igmp-snooping] quit
# 开启VSI实例的IGMP Snooping,并配置IGMP Snooping功能。
[Leaf1] vsi vsi1
[Leaf1-vsi-vsi1] igmp-snooping enable
[Leaf1-vsi-vsi1] igmp-snooping drop-unknown
[Leaf1-vsi-vsi1] igmp-snooping proxy enable
# 配置Leaf设备作为IGMP查询器。(也可以配置网络中的其他设备作为IGMP查询器)
[Leaf1-vsi-vsi1] igmp-snooping querier
[Leaf1-vsi-vsi1] quit
<Sysname> system-view
[Sysname] switch-mode 1
Reboot device to make the configuration take effect.
[Sysname] quit
<Sysname> reboot
Start to check configuration with next startup configuration file, please wait..
.......DONE!
Current configuration may be lost after the reboot, save current configuration?
[Y/N]:y
This command will reboot the device. Continue? [Y/N]:y
# 配置Loopback接口和GigabitEthernet1/0/3接口的IP地址。
<Sysname> system-view
[Sysname] sysname Leaf2
[Leaf2] interface loopback 0
[Leaf2-LoopBack0] ip address 172.16.0.2 255.255.255.255
[Leaf2-LoopBack0] quit
[Leaf2] interface gigabitethernet 1/0/3
[Leaf2-GigabitEthernet1/0/3] port link-mode route
[Leaf2-GigabitEthernet1/0/3] ip address 13.1.1.2 24
[Leaf2-GigabitEthernet1/0/3] quit
# 配置OSPF,使得Underlay网络路由可达。
[Leaf2] router id 172.16.0.2
[Leaf2] ospf
[Leaf2-ospf-1] area 0
[Leaf2-ospf-1-area-0.0.0.0] network 172.16.0.2 0.0.0.0
[Leaf2-ospf-1-area-0.0.0.0] network 13.1.1.2 0.0.0.255
[Leaf2-ospf-1-area-0.0.0.0] quit
[Leaf2-ospf-1] quit
# 创建VPN实例vpn1,并配置VPN实例的RD和RT。
[Leaf2] ip vpn-instance vpn1
[Leaf2-vpn-instance-vpn1] route-distinguisher 1:1
[Leaf2-vpn-instance-vpn1] address-family ipv4
[Leaf2-vpn-ipv4-vpn1] vpn-target 2:2 import-extcommunity
[Leaf2-vpn-ipv4-vpn1] vpn-target 2:2 export-extcommunity
[Leaf2-vpn-ipv4-vpn1] quit
[Leaf2-vpn-instance-vpn1] address-family evpn
[Leaf2-vpn-evpn-vpn1] vpn-target 1:1 import-extcommunity
[Leaf2-vpn-evpn-vpn1] vpn-target 1:1 export-extcommunity
[Leaf2-vpn-evpn-vpn1] quit
[Leaf2-vpn-instance-vpn1] quit
# 开启L2VPN服务。
[Leaf2] l2vpn enable
# 配置VSI网关接口。
[Leaf2] interface vsi-interface 1
[Leaf2-Vsi-interface1] ip binding vpn-instance vpn1
[Leaf2-Vsi-interface1] ip address 10.255.255.254 255.0.0.0
[Leaf2-Vsi-interface1] mac-address 0000-0001-0001
[Leaf2-Vsi-interface1] distributed-gateway local
[Leaf2-Vsi-interface1] quit
# 关闭远端MAC地址和远端ARP自动学习功能。
[Leaf2] vxlan tunnel mac-learning disable
[Leaf2] vxlan tunnel arp-learning disable
# 配置VSI与VXLAN 10关联,并指定VSI网关接口为VSI虚接口1。
[Leaf2] vsi vsi1
[Leaf2-vsi-vsi1] gateway vsi-interface 1
[Leaf2-vsi-vsi1] statistics enable
[Leaf2-vsi-vsi1] arp suppression enable
[Leaf2-vsi-vsi1] vxlan 10
[Leaf2-vsi-vsi1-vxlan-10] quit
# 配置VXLAN封装方式EVPN实例的RD和RT。
[Leaf2-vsi-vsi1] evpn encapsulation vxlan
[Leaf2-vsi-vsi1-evpn-vxlan] route-distinguisher auto
[Leaf2-vsi-vsi1-evpn-vxlan] vpn-target auto export-extcommunity
[Leaf2-vsi-vsi1-evpn-vxlan] vpn-target auto import-extcommunity
[Leaf2-vsi-vsi1-evpn-vxlan] quit
[Leaf2-vsi-vsi1] quit
# 配置关联L3VNI的VSI虚接口。
[Leaf2] interface vsi-interface 10000
[Leaf2-Vsi-interface10000] ip binding vpn-instance vpn1
[Leaf2-Vsi-interface10000] l3-vni 10000
[Leaf2-Vsi-interface10000] quit
# 配置Leaf 1与RR建立BGP EVPN邻居。
[Leaf2] bgp 65000
[Leaf2-bgp-default] peer 172.16.10.1 as-number 65000
[Leaf2-bgp-default] peer 172.16.10.1 connect-interface loopback 0
[Leaf2-bgp-default] peer 172.16.10.1 password simple overlay
[Leaf2-bgp-default] address-family l2vpn evpn
[Leaf2-bgp-default-evpn] peer 172.16.10.1 enable
[Leaf2-bgp-default-evpn] quit
[Leaf2-bgp-default] quit
# 在GigabitEthernet1/0/1上创建以太网服务实例,并配置以太网服务实例与VSI实例vsi1关联。
[Leaf2] interface gigabitethernet 1/0/1
[Leaf2-GigabitEthernet1/0/1] port link-mode bridge
[Leaf2-GigabitEthernet1/0/1] port link-type trunk
[Leaf2-GigabitEthernet1/0/1] undo port trunk permit vlan 1
[Leaf2-GigabitEthernet1/0/1] port trunk permit vlan 1002
[Leaf2-GigabitEthernet1/0/1] storm-constrain control shutdown
[Leaf2-GigabitEthernet1/0/1] service-instance 1
[Leaf2-GigabitEthernet1/0/1-srv1] encapsulation s-vid 1002
[Leaf2-GigabitEthernet1/0/1-srv1] statistics enable
[Leaf2-GigabitEthernet1/0/1-srv1] xconnect vsi vsi1
[Leaf2-GigabitEthernet1/0/1-srv1] quit
[Leaf2-GigabitEthernet1/0/1] quit
# 全局开启IGMP Snooping。
[Leaf1] igmp-snooping
[Leaf1-igmp-snooping] global-enable
[Leaf1-igmp-snooping] quit
# 开启VSI实例的IGMP Snooping,并配置IGMP Snooping功能。
[Leaf2] vsi vsi1
[Leaf2-vsi-vsi1] igmp-snooping enable
[Leaf2-vsi-vsi1] igmp-snooping drop-unknown
[Leaf2-vsi-vsi1] igmp-snooping proxy enable
# 配置Leaf设备作为IGMP查询器。(也可以配置网络中的其他设备作为IGMP查询器)
[Leaf2-vsi-vsi1] igmp-snooping querier
[Leaf2-vsi-vsi1] quit
<Sysname> system-view
[Sysname] switch-mode 1
Reboot device to make the configuration take effect.
[Sysname] quit
<Sysname> reboot
Start to check configuration with next startup configuration file, please wait..
.......DONE!
Current configuration may be lost after the reboot, save current configuration?
[Y/N]:y
This command will reboot the device. Continue? [Y/N]:y
# 配置Loopback接口、GigabitEthernet1/0/1接口和GigabitEthernet1/0/2接口的IP地址。
<Sysname> system-view
[Sysname] sysname RR
[RR] interface loopback 0
[RR-LoopBack0] ip address 172.16.10.1 255.255.255.255
[RR-LoopBack0] quit
[RR] interface gigabitethernet 1/0/1
[RR-GigabitEthernet1/0/1] port link-mode route
[RR-GigabitEthernet1/0/1] ip address 12.1.1.3 24
[RR-GigabitEthernet1/0/1] quit
[RR] interface gigabitethernet 1/0/2
[RR-GigabitEthernet1/0/2] port link-mode route
[RR-GigabitEthernet1/0/2] ip address 13.1.1.3 24
[RR-GigabitEthernet1/0/2] quit
# 配置OSPF,使得Underlay网络路由可达。
[RR] router id 172.16.10.1
[RR] ospf
[RR-ospf-1] area 0
[RR-ospf-1-area-0.0.0.0] network 172.16.10.1 0.0.0.0
[RR-ospf-1-area-0.0.0.0] network 12.1.1.3 0.0.0.255
[RR-ospf-1-area-0.0.0.0] network 13.1.1.3 0.0.0.255
[RR-ospf-1-area-0.0.0.0] quit
[RR-ospf-1] quit
# 将Leaf 1和Leaf 2加入IBGP对等体组leaf。
[RR] bgp 65000
[RR-bgp-default] group leaf internal
[RR-bgp-default] peer leaf connect-interface loopback 0
[RR-bgp-default] peer leaf password simple overlay
[RR-bgp-default] peer 172.16.0.1 group leaf
[RR-bgp-default] peer 172.16.0.2 group leaf
# 配置本地设备作为路由反射器,与IBGP对等体组leaf建立BGP EVPN邻居,并关闭EVPN路由的VPN-Target过滤功能,以便路由反射器接收所有EVPN路由。
[RR-bgp-default] address-family l2vpn evpn
[RR-bgp-default-evpn] undo policy vpn-target
[RR-bgp-default-evpn] peer leaf enable
[RR-bgp-default-evpn] peer leaf reflect-client
[RR-bgp-default-evpn] quit
# 以Leaf 1为例,查看公网IP路由表,可以看到Leaf和RR通过OSPF学习到了彼此的路由,Underlay网络路由可达。
[Leaf1] display ip routing-table
Destinations : 16 Routes : 16
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
12.1.1.0/24 Direct 0 0 12.1.1.1 GE1/0/3
12.1.1.0/32 Direct 0 0 12.1.1.1 GE1/0/3
12.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0
12.1.1.255/32 Direct 0 0 12.1.1.1 GE1/0/3
13.1.1.0/24 O_INTRA 10 2 12.1.1.3 GE1/0/3
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.1/32 Direct 0 0 127.0.0.1 InLoop0
172.16.0.2/32 O_INTRA 10 2 12.1.1.3 GE1/0/3
172.16.10.1/32 O_INTRA 10 1 12.1.1.3 GE1/0/3
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
# 以Leaf 1为例,查看BGP EVPN对等体信息,可以看到Leaf与RR建立了BGP EVPN对等体。
[Leaf1] display bgp peer l2vpn evpn
BGP local router ID: 172.16.0.1
Local AS number: 65000
Total number of peers: 1 Peers in established state: 1
* - Dynamically created peer
^ - Peer created through link-local address
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
172.16.10.1 65000 24 27 0 4 00:14:59 Established
# 以Leaf 1为例,查看VSI的详细信息,可以看到与VSI关联的VXLAN隧道和AC。
[Leaf1] display l2vpn vsi verbose
VSI Name: Auto_L3VNI10000_2
VSI Index : 1
VSI State : Down
MTU : 1500
Bandwidth : -
Broadcast Restrain : -
Multicast Restrain : -
Unknown Unicast Restrain: -
MAC Learning : Enabled
MAC Table Limit : -
MAC Learning rate : -
Drop Unknown : -
Flooding : Enabled
Statistics : Disabled
Gateway Interface : VSI-interface 2
VXLAN ID : 10000
VSI Name: vsi1
VSI Index : 0
VSI State : Up
MTU : 1500
Bandwidth : -
Broadcast Restrain : -
Multicast Restrain : -
Unknown Unicast Restrain: -
MAC Learning : Enabled
MAC Table Limit : -
MAC Learning rate : -
Drop Unknown : -
Flooding : Enabled
Statistics : Enabled
Input Statistics :
Octets :0
Packets :0
Errors :0
Discards :0
Output Statistics :
Octets :0
Packets :0
Errors :0
Discards :0
Gateway Interface : VSI-interface 1
VXLAN ID : 10
Tunnels:
Tunnel Name Link ID State Type Flood proxy
Tunnel0 0x5000000 UP Auto Disabled
ACs:
AC Link ID State Type
GE1/0/1 srv1 0 Up Manual
GE1/0/2 srv1 1 Up Manual
# 以Leaf 1为例,查看IGMP Snooping的状态信息,可以看到VSI内IGMP Snooping处于开启状态。
[Leaf1] display igmp-snooping vsi vsi1
IGMP snooping information: VSI vsi1
IGMP snooping: Enabled
Drop-unknown: Enabled
Version: 2
Host-aging-time: 260s
Router-aging-time: 260s
Max-response-time: 10s
Last-member-query-interval: 1s
Querier: Enabled (IP:10.255.255.254, Expires: 00:01:39)
Querier-election: Disabled
Query-interval: 125s
General-query source IP: 10.255.255.254
Special-query source IP: 10.255.255.254
Report source IP: 10.255.255.254
Leave source IP: 10.255.255.254
Proxy: Enabled
IPP: -(Link ID: 0xffff)
# 在Leaf 1上查看动态IGMP Snooping组播组的信息,可以看到VSI实例vsi1内,接口GigabitEthernet1/0/1上Link ID为0的AC是组播组(0.0.0.0, 225.0.0.1)的成员端口,即Leaf 1接收到任意组播源发往225.0.0.1的组播流量后,会将该流量通过AC转发给组播接收者。
[Leaf1] display igmp-snooping group
Total 1 entries.
VSI vsi1: Total 1 entries.
(0.0.0.0, 225.0.0.1)
Host ports (1 in total):
GE1/0/1 (Link ID 0) (00:03:42)
# 在Leaf 1上查看EVPN的SMET路由信息,可以看到本地生成了SMET路由,该路由会发送给远端Leaf。
[Leaf1] display evpn route smet
VSI name: vsi1
Source address :
Group address : 225.0.0.1
Local version : v2
ACs :
AC Link ID Flags
GE1/0/1 srv1 0 Local
# 在Leaf 2上查看EVPN的SMET路由信息,可以看到Leaf 2接收到了Leaf 1发送SMET路由。
[Leaf2] display evpn route smet
VSI name: vsi1
Source address :
Group address : 225.0.0.1
Local version : -
Peers :
Nexthop Tunnel name Link ID Remote version
172.16.0.1 Tunnel0 0x5000000 v2
# 在Leaf 2上查看IGMP Snooping通过EVPN学习到的组播组信息,可以看到Leaf 2通过SMET路由生成了IGMP Snooping表项,该表项表示:VSI实例vsi1内,VXLAN隧道Tunnel0为组播组(0.0.0.0, 225.0.0.1)的成员端口,即Leaf 2接收到任意组播源发往225.0.0.1的组播流量后,会将该流量通过VXLAN隧道转发给远端Leaf。
[Leaf2] display igmp-snooping evpn-group
Total 1 entries.
VSI vsi1: Total 1 entries.
(0.0.0.0, 225.0.0.1)
Host ports (1 in total):
Tun0 (VXLAN ID 10)
· Leaf 1
#
sysname Leaf1
#
ip vpn-instance vpn1
route-distinguisher 1:1
#
address-family ipv4
vpn-target 2:2 import-extcommunity
vpn-target 2:2 export-extcommunity
#
address-family evpn
vpn-target 1:1 import-extcommunity
vpn-target 1:1 export-extcommunity
#
vxlan tunnel mac-learning disable
#
router id 172.16.0.1
#
ospf 1
area 0.0.0.0
network 12.1.1.0 0.0.0.255
network 172.16.0.1 0.0.0.0
#
igmp-snooping
global-enable
#
l2vpn enable
vxlan tunnel arp-learning disable
#
vsi vsi1
gateway vsi-interface 1
statistics enable
arp suppression enable
vxlan 10
evpn encapsulation vxlan
route-distinguisher auto
vpn-target auto export-extcommunity
vpn-target auto import-extcommunity
igmp-snooping enable
igmp-snooping drop-unknown
igmp-snooping querier
igmp-snooping proxy enable
#
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 1000
#
service-instance 1
encapsulation s-vid 1000
statistics enable
xconnect vsi vsi1
#
interface GigabitEthernet1/0/2
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 1001
#
service-instance 1
encapsulation s-vid 1001
statistics enable
xconnect vsi vsi1
#
interface LoopBack0
ip address 172.16.0.1 255.255.255.255
#
interface GigabitEthernet1/0/3
port link-mode route
combo enable copper
ip address 12.1.1.1 255.255.255.0
#
interface Vsi-interface1
ip binding vpn-instance vpn1
ip address 10.255.255.254 255.0.0.0
mac-address 0000-0001-0001
distributed-gateway local
#
interface Vsi-interface2
ip binding vpn-instance vpn1
l3-vni 10000
#
bgp 65000
peer 172.16.10.1 as-number 65000
peer 172.16.10.1 connect-interface LoopBack0
peer 172.16.10.1 password cipher $c$3$cLxsbhBfj0xOTCgIQD1N6k3oJBamRAhZ5d8=
#
address-family l2vpn evpn
peer 172.16.10.1 enable
#
return
· Leaf 2
#
sysname Leaf2
#
ip vpn-instance vpn1
route-distinguisher 1:1
#
address-family ipv4
vpn-target 2:2 import-extcommunity
vpn-target 2:2 export-extcommunity
#
address-family evpn
vpn-target 1:1 import-extcommunity
vpn-target 1:1 export-extcommunity
#
vxlan tunnel mac-learning disable
#
router id 172.16.0.2
#
ospf 1
area 0.0.0.0
network 13.1.1.0 0.0.0.255
network 172.16.0.2 0.0.0.0
#
igmp-snooping
global-enable
#
l2vpn enable
vxlan tunnel arp-learning disable
#
vsi vsi1
gateway vsi-interface 1
statistics enable
arp suppression enable
vxlan 10
evpn encapsulation vxlan
route-distinguisher auto
vpn-target auto export-extcommunity
vpn-target auto import-extcommunity
igmp-snooping enable
igmp-snooping drop-unknown
igmp-snooping querier
igmp-snooping proxy enable
#
interface LoopBack0
ip address 172.16.0.2 255.255.255.255
#
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 1002
storm-constrain control shutdown
#
service-instance 1
encapsulation s-vid 1002
statistics enable
xconnect vsi vsi1
#
interface GigabitEthernet1/0/3
port link-mode route
ip address 13.1.1.1 255.255.255.0
#
interface Vsi-interface1
ip binding vpn-instance vpn1
ip address 10.255.255.254 255.0.0.0
mac-address 0000-0001-0001
#
interface Vsi-interface2
ip binding vpn-instance vpn1
l3-vni 10000
#
bgp 65000
peer 172.16.10.1 as-number 65000
peer 172.16.10.1 connect-interface LoopBack0
peer 172.16.10.1 password cipher $c$3$saE3frSy9IuWBPp1FJT7L952YRagb0D9Ioo=
#
address-family l2vpn evpn
peer 172.16.10.1 enable
#
return
· RR
#
sysname RR
#
router id 172.16.10.1
#
ospf 1
area 0.0.0.0
network 12.1.1.0 0.0.0.255
network 13.1.1.0 0.0.0.255
network 172.16.10.1 0.0.0.0
#
interface LoopBack0
ip address 172.16.10.1 255.255.255.255
#
interface GigabitEthernet1/0/1
port link-mode route
ip address 12.1.1.3 255.255.255.0
#
interface GigabitEthernet1/0/2
port link-mode route
ip address 13.1.1.3 255.255.255.0
#
bgp 65000
group leaf internal
peer leaf connect-interface LoopBack0
peer leaf password cipher $c$3$91PuaavWEYHlqhaILQV5i5G828J3vG+g67I=
peer 172.16.0.1 group leaf
peer 172.16.0.2 group leaf
#
address-family l2vpn evpn
undo policy vpn-target
peer leaf enable
peer leaf reflect-client
#
return
不同款型规格的资料略有差异, 详细信息请向具体销售和400咨询。H3C保留在没有任何通知或提示的情况下对资料内容进行修改的权利!
支持
