vxlan-bgp-evnp分布式网关配置案例

yenggd2025-10-09 6:05

需求分析

1、ospf实现underlay互通

2、路由控制使用evpn

3、配arp广播抑制功能,这个功能是把广播变成单播,而不是把广播干掉

4、访问外部非vxlan网络

5、两边三层vbdif中配置相同的单播mac地址实现分布式网关下就近转发不用绕行,提高网络可靠性

6、vbdif接口中绑定,把ip vpn实例中把bd和ip vpn关联起来,一个ip vpn实例可以 绑定多个bd

7、ensp有bug需要在pc上手动添加arp -s表项

8、boreder只做ip转发就行了

9、接收端看发来的export rt与自己的import rt 二层evpn值和三层ip vpn-instanace值都不相同时,才会丢掉该路由

border

router id 1.1.1.1

interface GE1/0/0

undo portswitch

undo shutdown

ip address 10.0.11.1 255.255.255.0

interface GE1/0/1

undo portswitch

undo shutdown

ip address 10.0.12.1 255.255.255.0

interface LoopBack0

ip address 1.1.1.1 255.255.255.255

ospf 1

area 0.0.0.0

network 1.1.1.1 0.0.0.0

network 10.0.11.1 0.0.0.0

network 10.0.12.1 0.0.0.0

edge1

evpn-overlay enable

router id 2.2.2.2

ip vpn-instance edge1_1020

ipv4-family

route-distinguisher 100:12

vpn-target 1020:12 export-extcommunity evpn

vpn-target 1020:12 import-extcommunity evpn

vxlan vni 1020

bridge-domain 10

vxlan vni 10

evpn

route-distinguisher 100:10

vpn-target 1020:10 export-extcommunity

vpn-target 1020:12 export-extcommunity

vpn-target 1020:10 import-extcommunity

arp broadcast-suppress enable //arp广播抑制

bridge-domain 20

vxlan vni 20

evpn

route-distinguisher 100:20

vpn-target 1020:20 export-extcommunity

vpn-target 1020:12 export-extcommunity

vpn-target 1020:20 import-extcommunity

arp broadcast-suppress enable

interface Vbdif10

ip binding vpn-instance edge1_1020

ip address 192.168.10.254 255.255.255.0 //配置网关

mac-address 707b-e8be-0010 //和edge2配置相同

arp collect host enable //开启evpn二类路由学习arp功能

interface Vbdif20

ip binding vpn-instance edge1_1020

ip address 192.168.20.254 255.255.255.0

mac-address 707b-e8be-0020

arp collect host enable

interface MEth0/0/0

undo shutdown

interface GE1/0/0

undo portswitch

undo shutdown

ip address 10.0.11.2 255.255.255.0

interface GE1/0/1

undo shutdown

interface GE1/0/1.10 mode l2

encapsulation dot1q vid 10

bridge-domain 10

interface GE1/0/1.20 mode l2

encapsulation dot1q vid 20

bridge-domain 20

interface GE1/0/2

undo portswitch

undo shutdown

ip binding vpn-instance edge1_1020

ip address 10.0.13.1 255.255.255.0

interface LoopBack0

ip address 2.2.2.2 255.255.255.255

interface Nve1

source 2.2.2.2

vni 10 head-end peer-list protocol bgp

vni 20 head-end peer-list protocol bgp

interface NULL0

bgp 100

peer 3.3.3.3 as-number 100

peer 3.3.3.3 connect-interface LoopBack0

ipv4-family unicast

peer 3.3.3.3 enable

ipv4-family vpn-instance edge1_1020

network 10.0.13.0 255.255.255.0 //发布外部路由

advertise l2vpn evpn

l2vpn-family evpn

policy vpn-target

peer 3.3.3.3 enable

peer 3.3.3.3 advertise irb

ospf 1

area 0.0.0.0

network 2.2.2.2 0.0.0.0

network 10.0.11.2 0.0.0.0

edge2

evpn-overlay enable

router id 3.3.3.3

ip vpn-instance edge2_1020

ipv4-family

route-distinguisher 200:12

vpn-target 1020:12 export-extcommunity evpn

vpn-target 1020:12 import-extcommunity evpn

vxlan vni 1020

bridge-domain 10

vxlan vni 10

evpn

route-distinguisher 200:10

vpn-target 1020:10 export-extcommunity

vpn-target 1020:12 export-extcommunity

vpn-target 1020:10 import-extcommunity

arp broadcast-suppress enable

bridge-domain 20

vxlan vni 20

evpn

route-distinguisher 200:20

vpn-target 1020:20 export-extcommunity

vpn-target 1020:12 export-extcommunity

vpn-target 1020:20 import-extcommunity

arp broadcast-suppress enable

interface Vbdif10

ip binding vpn-instance edge2_1020

ip address 192.168.10.254 255.255.255.0

mac-address 707b-e8be-0010

arp collect host enable

interface Vbdif20

ip binding vpn-instance edge2_1020

ip address 192.168.20.254 255.255.255.0

mac-address 707b-e8be-0020

arp collect host enable

interface MEth0/0/0

undo shutdown

interface GE1/0/0

undo portswitch

undo shutdown

ip address 10.0.12.2 255.255.255.0

interface GE1/0/1

undo shutdown

interface GE1/0/1.10 mode l2

encapsulation dot1q vid 10

bridge-domain 10

interface GE1/0/1.20 mode l2

encapsulation dot1q vid 20

bridge-domain 20

interface LoopBack0

ip address 3.3.3.3 255.255.255.255

interface Nve1

source 3.3.3.3

vni 10 head-end peer-list protocol bgp

vni 20 head-end peer-list protocol bgp

interface NULL0

bgp 100

peer 2.2.2.2 as-number 100

peer 2.2.2.2 connect-interface LoopBack0

ipv4-family unicast

peer 2.2.2.2 enable

ipv4-family vpn-instance edge2_1020

advertise l2vpn evpn

l2vpn-family evpn

policy vpn-target

peer 2.2.2.2 enable

peer 2.2.2.2 advertise irb

ospf 1

area 0.0.0.0

network 3.3.3.3 0.0.0.0

network 10.0.12.2 0.0.0.0

switch1

vlan batch 10 20

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password simple admin

local-user admin service-type http

interface Vlanif1

interface MEth0/0/1

interface GigabitEthernet0/0/1

port link-type trunk

port trunk allow-pass vlan 10 20

interface GigabitEthernet0/0/2

port link-type access

port default vlan 10

interface GigabitEthernet0/0/3

port link-type access

port default vlan 20

switch2

vlan batch 10 20

interface GigabitEthernet0/0/1

port link-type trunk

port trunk allow-pass vlan 10 20

interface GigabitEthernet0/0/2

port link-type access

port default vlan 10

interface GigabitEthernet0/0/3

port link-type access

port default vlan 20

ar3

interface GigabitEthernet0/0/0

ip address 10.0.13.3 255.255.255.0

ip route-static 0.0.0.0 0.0.0.0 10.0.13.1

evpn邻居查看

ping网关测试

路由查看

邻居查看

pc1通pc3


pc1通pc4跨广播域

刚才手动配的mac


实例路由查看

arp广播抑制后ping 192.168.20.2捉包查看

查看学到的外部路由

pc4可以 通外部网络ar3

相关推荐
googleccsdn11 分钟前
ENSP Pro Lab笔记:配置STP/RSTP/MSTP(4)
网络·笔记·网络协议
eeeasen43 分钟前
FnOS(0.9.32版本) --usb无线网卡(RTL8xxxu)调试
网络
回家路上绕了弯1 小时前
接口响应时间优化指南:从秒级到毫秒级的全链路方案
分布式·后端
RestCloud1 小时前
OceanBase 分布式数据库的 ETL 实践:从抽取到实时分析
数据库·分布式·postgresql·oceanbase·etl·数据处理·数据同步
专家大圣1 小时前
5分钟启动标准化安卓环境:Docker-Android让模拟器配置不再踩坑
android·网络·docker·容器·内网穿透
国科安芯2 小时前
基于ASM1042通信接口芯片的两轮车充电机性能优化研究
服务器·网络·人工智能·单片机·嵌入式硬件·性能优化
普普通通的南瓜2 小时前
金融交易防护:国密 SSL 证书在网银与移动支付中的核心作用
网络·网络协议·安全·arcgis·gitlab·ssl·源代码管理
广然3 小时前
跨厂商(华为 & H3C)防火墙 IPSec 隧道部署
服务器·网络·华为
西***63473 小时前
从信号零损耗到智能协同:高清混合矩阵全链路技术拆解,分布式可视化系统十大趋势重塑行业
分布式·线性代数·矩阵
wwlsm_zql3 小时前
华为科大讯飞携手,低成本AI革新教育农业应用
人工智能·华为
热门推荐
01GitHub 镜像站点02UV安装并设置国内源03BongoCat - 跨平台键盘猫动画工具04Linux下V2Ray安装配置指南05GitLab 零基础入门指南:从安装到项目管理全流程06NVIDIA显卡驱动、CUDA、cuDNN 和 TensorRT 版本匹配指南07Labelme从安装到标注:零基础完整指南08安娜的档案(Anna’s Archive) 镜像网站/国内最新可访问入口(持续更新)09在VSCode配置Java开发环境的保姆级教程(适配各类AI编程IDE)10jdk21下载、安装(Windows、Linux、macOS)