两边的RD和RT设计的核心思想是:
考虑怎么样把对端发过来的的evpn export二层RT,必须和接收端的三层RT import及本端的evpn import二层匹同时配上。
RT随便配置要全网唯一
三层vni值两边要一样
ce1
sysname edag1
evpn-overlay enable //开启支持evpn功能
ip vpn-instance edge //三层vpn实例,可以被多个vn绑定
ipv4-family
route-distinguisher 8888:12 //三层RD和RT配置
vpn-target 1020:12 export-extcommunity evpn
vpn-target 1020:12 import-extcommunity evpn
vxlan vni 9999 //三层vni和对端保持一致
bridge-domain 10 //evpn 二层实例
vxlan vni 10 //关联vni
evpn //evpn 二层RD和RT配置
route-distinguisher 10:1
vpn-target 10:10 export-extcommunity
vpn-target 1020:12 export-extcommunity
vpn-target 10:10 import-extcommunity
arp broadcast-suppress enable //arp广播抑制功能开启
bridge-domain 20
vxlan vni 20
evpn
route-distinguisher 20:1
vpn-target 20:20 export-extcommunity
vpn-target 1020:12 export-extcommunity
vpn-target 20:20 import-extcommunity
arp broadcast-suppress enable
interface Vbdif10
ip binding vpn-instance edge //绑定三层vpn实例
ip address 192.168.0.1 255.255.255.0
mac-address 707b-e8be-0010 //随便配置,只要保证是单播mac并且两边一样
arp collect host enable //开启二类evpn路由生成功能
interface Vbdif20
ip binding vpn-instance edge
ip address 192.168.20.1 255.255.255.0
mac-address 707b-e8be-0020
arp collect host enable
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.0.12.1 255.255.255.0
ospf enable 1 area 0.0.0.0
interface GE1/0/1.10 mode l2
encapsulation dot1q vid 10
bridge-domain 10
interface GE1/0/1.20 mode l2
encapsulation dot1q vid 20
bridge-domain 20
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
ospf enable 1 area 0.0.0.0
interface LoopBack1 //模拟非vxlan网络接入vxlan
ip binding vpn-instance edge //绑定相同的三层vpn实例
ip address 123.0.0.1 255.255.255.0
interface Nve1
source 1.1.1.1
vni 10 head-end peer-list protocol bgp //头端复制列表用bgp生成
vni 20 head-end peer-list protocol bgp
bgp 100
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
ipv4-family unicast
peer 3.3.3.3 enable
ipv4-family vpn-instance edge
network 123.0.0.0 255.255.255.0 //发布非vxlan路由
advertise l2vpn evpn //开启vpn实例向evpn实例发布IP路由功能
l2vpn-family evpn
policy vpn-target
peer 3.3.3.3 enable
peer 3.3.3.3 advertise irb //开启IRB路由传递功能
ospf 1
area 0.0.0.0
ce2
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.0.12.2 255.255.255.0
ospf enable 1 area 0.0.0.0
interface GE1/0/1
undo portswitch
undo shutdown
ip address 10.0.23.2 255.255.255.0
ospf enable 1 area 0.0.0.0
ospf 1
area 0.0.0.0
ce3
sysname edag2
evpn-overlay enable
ip vpn-instance edge
ipv4-family
route-distinguisher 7777:12
vpn-target 1020:12 export-extcommunity evpn
vpn-target 1020:12 import-extcommunity evpn
vxlan vni 9999
bridge-domain 10
vxlan vni 10
evpn
route-distinguisher 10:2
vpn-target 10:10 export-extcommunity
vpn-target 1020:12 export-extcommunity
vpn-target 10:10 import-extcommunity
arp broadcast-suppress enable
bridge-domain 20
vxlan vni 20
evpn
route-distinguisher 20:2
vpn-target 20:20 export-extcommunity
vpn-target 1020:12 export-extcommunity
vpn-target 20:20 import-extcommunity
arp broadcast-suppress enable
interface Vbdif10
ip binding vpn-instance edge
ip address 192.168.0.1 255.255.255.0
mac-address 707b-e8be-0010
arp collect host enable
interface Vbdif20
ip binding vpn-instance edge
ip address 192.168.20.1 255.255.255.0
mac-address 707b-e8be-0020
arp collect host enable
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.0.23.3 255.255.255.0
ospf enable 1 area 0.0.0.0
interface GE1/0/1.10 mode l2
encapsulation dot1q vid 10
bridge-domain 10
interface GE1/0/1.20 mode l2
encapsulation dot1q vid 20
bridge-domain 20
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
ospf enable 1 area 0.0.0.0
interface Nve1
source 3.3.3.3
vni 10 head-end peer-list protocol bgp
vni 20 head-end peer-list protocol bgp
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
ipv4-family unicast
peer 1.1.1.1 enable
ipv4-family vpn-instance edge
advertise l2vpn evpn
l2vpn-family evpn
policy vpn-target
peer 1.1.1.1 enable
peer 1.1.1.1 advertise irb
ospf 1
area 0.0.0.0
lsw1
vlan batch 10 20
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/2
port link-type access
port default vlan 10
interface GigabitEthernet0/0/3
port link-type access
port default vlan 20
lsw2
vlan batch 10 20
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20
interface GigabitEthernet0/0/2
port link-type access
port default vlan 10
interface GigabitEthernet0/0/3
port link-type access
port default vlan 20
查看
[edag1]dddis bgp evpn all routing-table
[edag1]dis bgp evpn all routing-table inclusive-route 0:32:3.3.3.3 看三类路由
[edag1] dis vxlan tunnel
[edag1]dis vxlan peer
[edag1]dis mac-address
[edag1]dis arp vpn-instance edge
[edag1]dis mac-address bridge-domain 10
[edag1]dis bgp evpn vpn-instance 10 routing-table mac-route 看二类路由
[edag1]dis bgp evpn vpn-instance 10 routing-table mac-route 0:48:5489-9832-7a68:32:192.168.0.10 看明细路由
[edag1]dis ip routing-table vpn-instance edge 查看vpn实例路由表
[edag1]dis bgp vpnv4 vpn-instance edge routing-table 192.168.20.20 看vpn实例的vpnv4路由
[edag1]dis arp broadcast-suppress user bridge-domain 10 arp广播抑制查看
[edag2]dis ip routing-table vpn-instance edge 查看对端vxlan以外的5类路由学到的网络
[edag2]dis bgp evpn all routing-table prefix-route 查看5类路由
[edag2]dis bgp evpn all routing-table prefix-route 0:123.0.0.0:24 查看5类路由明细