示例:使用任播网关配置 EVPN-VXLAN 边缘路由桥接交换矩阵
以太网 VPN (EVPN) 是一种基于 BGP 的控制平面技术,可将主机(物理服务器和虚拟机)置于网络中的任意位置,并保持与相同逻辑第 2 层 (L2) 叠加网络的连接。虚拟可扩展 LAN (VXLAN) 是为 L2 叠加网络创建数据平面的隧道协议。
通常部署 EVPN-VXLAN 的物理底层网络是两层 IP 交换矩阵,其中包括主干和叶节点设备,如 图 1 所示。两层脊叶式交换矩阵称为 3 级 Clos。
此示例详细介绍了如何使用 3 级 Clos 交换矩阵部署边缘路由桥接 (ERB) 架构。在此设计中,主干设备(如 QFX10000 交换机)仅在叶设备之间提供 IP 连接。在此容量下,我们将主干设备称为精简主干,因为它们不需要 VXLAN 功能。叶设备(如QFX5100交换机)提供与附加的工作负载的连接。在 ERB 情况下,叶设备在叠加网络中提供 L2 和第 3 层 (L3) VXLAN 功能。L2 网关在同一 VLAN 内提供桥接。L3 网关使用集成路由和桥接 (IRB) 接口处理 VLAN(VLAN 间)之间的流量。
在此示例中,IRB 接口配置了任播 IP 地址。有关使用虚拟网关地址 (VGA) IP 地址的 ERB 示例,请参阅 示例:使用虚拟网关配置 EVPN-VXLAN 边缘路由桥接交换矩阵
注意:
我们也称 ERB 架构为“折叠”交换矩阵。与 CRB 设计相比,L2 和 L3 VXLAN 网关功能折叠成交换矩阵的单层(分叶)。
有关 EVPN-VXLAN 技术和受支持架构的背景信息,请参阅 EVPN 入门。
有关如何配置 EVPN-VXLAN 集中路由桥接 (CRB) 叠加的示例,请参阅 示例:配置 EVPN-VXLAN 集中路由桥接结构。
图 1:3 级(叶脊式)边缘路由桥接架构
此示例介绍如何配置 EVPN-VXLAN ERB 叠加。因此,您只能在叶设备上配置路由实例和 IRB 接口。
要求
此示例使用以下硬件和软件组件:
-
两个设备可用作中转主干设备。
-
运行 Junos OS 15.1X53-D60 或更高版本软件的四台设备,这些设备充当叶设备并提供 L2 和 L3 网关功能。
- 使用运行 Junos OS 21.3R1 版的 QFX10002 交换机进行更新和重新验证
- 有关受支持平台的列表,请参阅 硬件摘要 。
概述和拓扑
图 2 中所示的 ERB 叠加网络包括 2 个中转主干设备和 4 个叶设备,它们可同时用作 L2 和 L3 网关。四台服务器连接到叶设备。服务器 A 通过链路聚合组 (LAG) 接口连接到叶 1 和叶 2。在两个叶设备上,都会为接口分配相同的以太网分段标识符 (ESI),并设置为多宿主全活动模式。
图 2:数据中心
内的 ERB 叠加
内的 ERB 叠加
在此拓扑中,服务器 A 和服务器 C 位于 VLAN 101 中,服务器 B 位于 VLAN 102 中,服务器 D 位于 VLAN 103 中。要在 VLAN 之间进行通信,您必须为所有叶设备上的每个 VLAN 配置 IRB 接口。
与 CRB 相比,ERB 的配置之间最显着的区别是 L3 网关的配置和位置。因此,此示例重点介绍叶设备上的 EVPN-VXLAN 配置,特别是 L3 网关配置。
对于 ERB 叠加,您可以使用以下方法之一配置 EVPN 实例 (EVI) 中的 IRB 接口:
-
Method 1—此方法需要为每个 IRB 接口提供唯一的 IP 地址,但对每个 IRB 接口使用相同的 MAC。使用此方法,将为叶设备和服务器上的每个 IRB 地址安装一个 MAC 条目。对于特定叶设备(例如 Leaf1)上的每个 IRB 接口,请指定以下内容:
-
每个 IRB 接口的唯一 IP 地址。
-
每个 IRB 接口使用 相同的 MAC 地址。
例如:
表 1:每个 IRB 接口具有相同 MAC 的唯一 IP 地址 IRB.101
IP 地址:10.1.101.254/24
MAC 地址:00:00:5e:00:53:01
IRB.102
IP 地址:10.1.102.254/24
MAC 地址:00:00:5e:00:53:01
IRB.103
IP 地址:10.1.103.254/24
MAC 地址:00:00:5e:00:53:01
-
-
Method 2—此方法需要为每个 IRB 接口提供唯一的 IP 地址和 MAC。使用此方法,将为叶设备上的每个 IRB 地址安装一个 MAC 条目,但服务器上仅安装一个 MAC。对于 Leaf1 上的每个 IRB 接口,请指定以下内容:
-
每个 IRB 接口的唯一 IP 地址。
-
每个 IRB 接口都使用 一个唯一的 MAC 地址。
例如:
表 2:每个 IRB 接口的唯一 IP 地址和 MAC IRB.101
IP 地址:10.1.101.254/24
MAC 地址:00:00:5e:00:53:01
IRB.102
IP 地址:10.1.102.254/24
MAC 地址:00:00:5e:00:53:02
IRB.103
IP 地址:10.1.103.254/24
MAC 地址:00:00:5e:00:53:03
-
-
Method 3—此方法需要为每个 IRB 接口提供唯一的 IP 地址和 VGA。使用此方法,将为叶设备和服务器上的每个 IRB 地址和 VGA 安装一个 MAC 条目。对于 Leaf1 上的每个 IRB 接口,请指定以下内容:
-
每个 IRB 接口的唯一 IP 地址。
-
每个 IRB 接口 的唯一 VGA 地址。
例如:
表 3:每个 IRB 接口的唯一 IP 地址和虚拟网关地址 IRB.101
IP 地址:10.1.101.1/24
显卡地址:10.1.101.254
IRB.102
IP 地址:10.1.102.1/24
显卡地址:10.1.102.254
IRB.103
IP 地址:10.1.103.1/24
显卡地址:10.1.103.254
-
对于方法 1 和方法 2,所有叶设备都应用相同的 IRB 接口配置。对于方法 3,所有叶设备都会应用一个唯一的 IRB 接口地址和相同的 VGA。在此示例中,方法 1 用于配置 IRB 接口。
此示例(使用方法 1)为每个叶设备上的每个 IRB 接口配置相同的 MAC 地址。无论主机位于何处或哪台叶设备接收流量,每台主机在发送 VLAN 间流量时都使用相同的 MAC 地址。例如,在 图 2 所示的拓扑中,VLAN 101 中的多宿主服务器 A 向 VLAN 102 中的服务器 B 发送数据包。如果 Leaf1 关闭,即使未配置冗余默认网关 MAC 地址,Leaf2 也会继续转发 VLAN 间流量。
注意:
此示例中的 IRB 接口配置不包括虚拟网关地址 (VGA) 和相应的 V-MAC 地址(用于建立上面提到的冗余默认网关功能)。通过为每个叶设备上的每个 IRB 接口配置相同的 MAC 地址,主机可使用配置了通用 MAC 地址的本地叶设备作为默认 L3 网关。
因此,您无需播发冗余默认网关,也无需在整个 EVPN 控制平面中动态同步冗余默认网关的 MAC 地址。因此,在配置每个叶设备时,必须通过在配置中包含 default-gateway do-not-advertise 层次结构级别的配置语句 [edit protocols evpn] 来禁用冗余默认网关的播发。
此外,尽管此示例中使用的 IRB 接口配置不包括 VGA,但您可以根据需要配置 VGA,以使 EVPN-VXLAN 在 ERB 叠加中正常工作。如果为每个 IRB 接口配置 VGA,请为每个叶设备上的每个 VGA 指定相同的 IP 地址,而不是为每个叶设备上的每个 MAC 地址配置相同的 MAC 地址,如本示例所示。
在处理广播、未知单播和组播 (BUM) 流量的复制时,请注意叶 1 上的配置:
-
set protocols evpn multicast-mode ingress-replication包括命令。此命令会导致 Leaf1(一种硬件 VTEP)处理复制和发送 BUM 流量,而不是依赖支持组播的底层。
Leaf1 的配置
CLI 快速配置
要快速配置此示例,请复制以下命令并将其粘贴到文本文件中。删除所有换行符,并更改任何必要的详细信息,以便与您的网络配置匹配。然后将命令复制并粘贴到层 [edit] 级的 CLI 中。
枝叶 1
set chassis aggregated-devices ethernet device-count 1 set interfaces xe-0/0/0 unit 0 family inet address 10.1.11.2/30 set interfaces xe-0/0/1 unit 0 family inet address 10.1.21.2/30 set interfaces xe-0/0/2 ether-options 802.3ad ae0 set interfaces ae0 esi 00:01:01:01:01:01:01:01:01:01 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 aggregated-ether-options lacp system-id 00:01:01:01:01:01 set interfaces ae0 unit 0 family ethernet-switching interface-mode trunk set interfaces ae0 unit 0 family ethernet-switching vlan members v101 set interfaces irb unit 101 family inet address 10.1.101.254/24 set interfaces irb unit 101 mac 00:00:5e:00:53:01 set interfaces irb unit 102 family inet address 10.1.102.254/24 set interfaces irb unit 102 mac 00:00:5e:00:53:01 set interfaces irb unit 103 family inet address 10.1.103.254/24 set interfaces irb unit 103 mac 00:00:5e:00:53:01 set interfaces lo0 unit 0 family inet address 10.1.255.11/32 set policy-options policy-statement load-balancing-policy then load-balance per-packet set policy-options policy-statement send-direct term 1 from protocol direct set policy-options policy-statement send-direct term 1 from route-filter 10.1.255.11/32 exact set policy-options policy-statement send-direct term 1 then accept set routing-instances vrf101 instance-type vrf set routing-instances vrf101 interface irb.101 set routing-instances vrf101 interface irb.102 set routing-instances vrf101 interface irb.103 set routing-instances vrf101 route-distinguisher 10.1.255.11:101 set routing-instances vrf101 vrf-target target:1001:1 set routing-options router-id 10.1.255.11 set routing-options autonomous-system 65011 set routing-options forwarding-table export load-balancing-policy set protocols bgp group underlay type external set protocols bgp group underlay export send-direct set protocols bgp group underlay multipath multiple-as set protocols bgp group underlay neighbor 10.1.11.1 peer-as 65001 set protocols bgp group underlay neighbor 10.1.21.1 peer-as 65002 set protocols bgp group overlay type external set protocols bgp group overlay multihop set protocols bgp group overlay local-address 10.1.255.11 set protocols bgp group overlay family evpn signaling set protocols bgp group overlay multipath multiple-as set protocols bgp group overlay neighbor 10.1.255.1 peer-as 65001 set protocols bgp group overlay neighbor 10.1.255.2 peer-as 65002 set protocols evpn encapsulation vxlan set protocols evpn default-gateway do-not-advertise set protocols evpn multicast-mode ingress-replication set protocols evpn vni-options vni 101 vrf-target target:101:1 set protocols evpn vni-options vni 102 vrf-target target:102:1 set protocols evpn vni-options vni 103 vrf-target target:103:1 set protocols evpn extended-vni-list all set switch-options vtep-source-interface lo0.0 set switch-options route-distinguisher 10.1.255.11:1 set switch-options vrf-target target:1:1 set switch-options vrf-target auto set vlans v101 vlan-id 101 set vlans v101 l3-interface irb.101 set vlans v101 vxlan vni 101 set vlans v102 vlan-id 102 set vlans v102 l3-interface irb.102 set vlans v102 vxlan vni 102 set vlans v103 vlan-id 103 set vlans v103 l3-interface irb.103 set vlans v103 vxlan vni 103
在叶 1 上配置 EVPN-VXLAN
分步过程
-
配置底层配置。在此示例中,我们将 EBGP 用作底层路由协议。
[edit] user@leaf1# set interfaces xe-0/0/0 unit 0 family inet address 10.1.11.2/30 user@leaf1# set interfaces xe-0/0/1 unit 0 family inet address 10.1.21.2/30 user@leaf1# set interfaces lo0 unit 0 family inet address 10.1.255.11/32 user@leaf1# set policy-options policy-statement load-balancing-policy then load-balance per-packet user@leaf1# set policy-options policy-statement send-direct term 1 from protocol direct user@leaf1# set policy-options policy-statement send-direct term 1 from route-filter 10.1.255.11/32 exact user@leaf1# set policy-options policy-statement send-direct term 1 then accept user@leaf1# set routing-options router-id 10.1.255.11 user@leaf1# set routing-options autonomous-system 65011 user@leaf1# set routing-options forwarding-table export load-balancing-policy user@leaf1# set protocols bgp group underlay type external user@leaf1# set protocols bgp group underlay export send-direct user@leaf1# set protocols bgp group underlay multipath multiple-as user@leaf1# set protocols bgp group underlay neighbor 10.1.11.1 peer-as 65001 user@leaf1# set protocols bgp group underlay neighbor 10.1.21.1 peer-as 65002
-
通过配置聚合以太网接口,为接口指定 ESI,然后设置模式,使与两个叶设备的连接都处于活动状态,将服务器 A 配置为叶 1 和叶 2 的多宿主。我们将在后面的步骤中展示应用的 VLAN 配置。
注意:在叶 2 上配置 AE 接口时,必须为叶 1 上的相同接口指定与 ESI 相同的 ESI (00:01:01:01:01:01:01:01:01)。
[edit] user@leaf1# set chassis aggregated-devices ethernet device-count 1 user@leaf1# set interfaces xe-0/0/2 ether-options 802.3ad ae0 user@leaf1# set interfaces ae0 esi 00:01:01:01:01:01:01:01:01:01 user@leaf1# set interfaces ae0 esi all-active user@leaf1# set interfaces ae0 aggregated-ether-options lacp active user@leaf1# set interfaces ae0 aggregated-ether-options lacp system-id 00:01:01:01:01:01 user@leaf1# set interfaces ae0 unit 0 family ethernet-switching interface-mode trunk user@leaf1# set interfaces ae0 unit 0 family ethernet-switching vlan members v101
-
配置 IRB 接口,每个接口具有唯一的 IP 地址和相同的 MAC 地址。
注意:每个叶设备都应具有相同的 IRB 接口配置。
[edit] user@leaf1# set interfaces irb unit 101 family inet address 10.1.101.254/24 user@leaf1# set interfaces irb unit 101 mac 00:00:5e:00:53:01 user@leaf1# set interfaces irb unit 102 family inet address 10.1.102.254/24 user@leaf1# set interfaces irb unit 102 mac 00:00:5e:00:53:01 user@leaf1# set interfaces irb unit 103 family inet address 10.1.103.254/24 user@leaf1# set interfaces irb unit 103 mac 00:00:5e:00:53:01
-
设置基于 EBGP 的叠加配置。请确保包含配置选项,
multihop因为我们使用环路对等互连。[edit] user@leaf1# set protocols bgp group overlay type external user@leaf1# set protocols bgp group overlay multihop user@leaf1# set protocols bgp group overlay local-address 10.1.255.11 user@leaf1# set protocols bgp group overlay family evpn signaling user@leaf1# set protocols bgp group overlay multipath multiple-as user@leaf1# set protocols bgp group overlay neighbor 10.1.255.1 peer-as 65001 user@leaf1# set protocols bgp group overlay neighbor 10.1.255.2 peer-as 65002
注意:某些 IP 交换矩阵使用基于 IBGP 的 EVPN-VXLAN 叠加。有关使用 IBGP 进行叠加的 IP 交换矩阵的示例,请参阅 示例:配置 EVPN-VXLAN 集中路由的桥接交换矩阵。请注意,为叠加选择 EBGP 或 IBGP 不会影响交换矩阵架构。CRB 和 ERB 设计均支持任一类型的叠加。
-
设置 EVPN-VXLAN 域,这需要确定域中包含哪些 VNI,指定作为硬件 VTEP 的 Leaf1 处理 BUM 流量的复制和发送,在整个 EVPN 控制平面上禁用冗余默认网关的播发,并为每个 VNI 指定路由目标。
[edit] user@leaf1# set protocols evpn encapsulation vxlan user@leaf1# set protocols evpn default-gateway do-not-advertise user@leaf1# set protocols evpn multicast-mode ingress-replication user@leaf1# set protocols evpn vni-options vni 101 vrf-target target:101:1 user@leaf1# set protocols evpn vni-options vni 102 vrf-target target:102:1 user@leaf1# set protocols evpn vni-options vni 103 vrf-target target:103:1 user@leaf1# set protocols evpn extended-vni-list all
-
设置 EVPN 路由实例。
[edit] user@leaf1# set routing-instances vrf101 instance-type vrf user@leaf1# set routing-instances vrf101 interface irb.101 user@leaf1# set routing-instances vrf101 interface irb.102 user@leaf1# set routing-instances vrf101 interface irb.103 user@leaf1# set routing-instances vrf101 route-distinguisher 10.1.255.11:101 user@leaf1# set routing-instances vrf101 vrf-target target:1001:1
-
配置交换机选项,以使用环路接口 lo0.0 作为 VTEP 的源接口,设置路由识别符,并设置 VRF 目标。
[edit] user@leaf1# set switch-options vtep-source-interface lo0.0 user@leaf1# set switch-options route-distinguisher 10.1.255.11:1 user@leaf1# set switch-options vrf-target target:1:1 user@leaf1# set switch-options vrf-target auto
-
配置与 IRB 接口和 VXLAN VNI 关联的 VLAN。
[edit] user@leaf1# set vlans v101 vlan-id 101 user@leaf1# set vlans v101 l3-interface irb.101 user@leaf1# set vlans v101 vxlan vni 101 user@leaf1# set vlans v102 vlan-id 102 user@leaf1# set vlans v102 l3-interface irb.102 user@leaf1# set vlans v102 vxlan vni 102 user@leaf1# set vlans v103 vlan-id 103 user@leaf1# set vlans v103 l3-interface irb.103 user@leaf1# set vlans v103 vxlan vni 103
验证
本节介绍了此示例的以下验证:
验证 BGP
目的
验证主干设备是否已建立 BGP 会话连接。
行动
显示 BGP 摘要:
user@leaf1> show bgp summary
Threading mode: BGP I/O
Default eBGP mode: advertise - accept, receive - accept
Groups: 2 Peers: 4 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
bgp.evpn.0
76 38 0 0 0 0
inet.0
8 8 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
10.1.11.1 65001 3826 3867 0 0 1d 5:14:55 Establ
inet.0: 4/4/4/0
10.1.21.1 65002 3829 3871 0 0 1d 5:14:55 Establ
inet.0: 4/4/4/0
10.1.255.1 65001 4321 4228 0 0 1d 5:14:52 Establ
bgp.evpn.0: 14/38/38/0
default-switch.evpn.0: 13/37/37/0
__default_evpn__.evpn.0: 1/1/1/0
10.1.255.2 65002 4385 4169 0 0 1d 5:14:53 Establ
bgp.evpn.0: 24/38/38/0
default-switch.evpn.0: 24/37/37/0
__default_evpn__.evpn.0: 0/1/1/0
意义
底层和叠加 BGP 会话都是使用主干设备建立的。
验证 ESI
目的
验证 ESI 的状态。
行动
显示 ESI 的状态:
user@leaf1> show evpn instance esi 00:01:01:01:01:01:01:01:01:01 extensive
Instance: default-switch
Route Distinguisher: 10.1.255.11:1
Encapsulation type: VXLAN
Duplicate MAC detection threshold: 5
Duplicate MAC detection window: 180
MAC database status Local Remote
MAC advertisements: 4 4
MAC+IP advertisements: 4 4
Default gateway MAC advertisements: 3 0
Number of local interfaces: 2 (2 up)
Interface name ESI Mode Status AC-Role
.local..5 00:00:00:00:00:00:00:00:00:00 single-homed Up Root
ae0.0 00:01:01:01:01:01:01:01:01:01 all-active Up Root
Number of IRB interfaces: 3 (3 up)
Interface name VLAN VNI Status L3 context
irb.101 101 Up vrf101
irb.102 102 Up vrf101
irb.103 103 Up vrf101
Number of protect interfaces: 0
Number of bridge domains: 3
VLAN Domain-ID Intfs/up IRB-intf Mode MAC-sync IM-label MAC-label v4-SG-sync IM-core-NH v6-SG-sync IM-core-NH Trans-ID
101 101 1 1 irb.101 Extended Enabled 101 Disabled Disabled 101
102 102 0 0 irb.102 Extended Enabled 102 Disabled Disabled 102
103 103 0 0 irb.103 Extended Enabled 103 Disabled Disabled 103
Number of neighbors: 3
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
10.1.255.12 2 2 2 3 0
10.1.255.13 1 1 0 3 0
10.1.255.14 1 1 0 3 0
Number of ethernet segments: 4
ESI: 00:01:01:01:01:01:01:01:01:01
Status: Resolved by IFL ae0.0
Local interface: ae0.0, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote-PE MAC-label Aliasing-label Mode
10.1.255.12 101 0 all-active
DF Election Algorithm: MOD based
Designated forwarder: 10.1.255.12
Backup forwarder: 10.1.255.11
Last designated forwarder update: May 12 10:33:14
Router-ID: 10.1.255.11
Source VTEP interface IP: 10.1.255.11
SMET Forwarding: Disabled
意义
ESI 已启动,Leaf2 是远程提供商边缘 (PE) 设备和指定的转发器。
验证 EVPN 数据库
目的
验证 EVPN 数据库中的 MAC 地址。
行动
验证 EVPN 数据库中 VLAN 101 的 MAC 地址。
user@leaf1> show evpn database l2-domain-id 101
Instance: default-switch
VLAN DomainId MAC address Active source Timestamp IP address
101 00:00:5e:00:53:01 irb.101 May 12 16:40:47 10.1.101.254
101 2c:6b:f5:1b:6e:c1 00:01:01:01:01:01:01:01:01:01 May 12 17:26:30 10.1.101.101
101 56:04:15:00:af:fa 10.1.255.13 May 12 16:40:46 10.1.101.103
意义
服务器 A 的 MAC 和 IP 地址随 ESI 的活动源一起显示,服务器 C 的 MAC 和 IP 地址随 Leaf3 的活动源一起显示。
验证连接性
目的
验证 ping 在服务器之间是否有效。
行动
从服务器 A 到其他服务器的 Ping。
user@serverA> ping 10.1.102.101 count 2 PING 10.1.102.101 (10.1.102.101): 56 data bytes 64 bytes from 10.1.102.101: icmp_seq=0 ttl=63 time=117.425 ms 64 bytes from 10.1.102.101: icmp_seq=1 ttl=63 time=109.663 ms --- 10.1.102.101 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 109.663/113.544/117.425/3.881 ms user@serverA> ping 10.1.101.103 count 2 PING 10.1.101.103 (10.1.101.103): 56 data bytes 64 bytes from 10.1.101.103: icmp_seq=0 ttl=64 time=311.050 ms 64 bytes from 10.1.101.103: icmp_seq=1 ttl=64 time=201.300 ms --- 10.1.101.103 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 201.300/256.175/311.050/54.875 ms user@serverA> ping 10.1.103.101 count 2 PING 10.1.103.101 (10.1.103.101): 56 data bytes 64 bytes from 10.1.103.101: icmp_seq=0 ttl=63 time=311.321 ms 64 bytes from 10.1.103.101: icmp_seq=1 ttl=63 time=367.343 ms --- 10.1.103.101 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 311.321/339.332/367.343/28.011 ms
意义
端到端连接正常工作。
所有设备的快速配置
CLI 快速配置
要快速配置此示例,请复制以下命令并将其粘贴到文本文件中。删除所有换行符,并更改任何必要的详细信息,以便与您的网络配置匹配。然后将命令复制并粘贴到层 [edit] 级的 CLI 中。
枝叶 2
set chassis aggregated-devices ethernet device-count 1 set interfaces xe-0/0/0 unit 0 family inet address 10.1.12.2/30 set interfaces xe-0/0/1 unit 0 family inet address 10.1.22.2/30 set interfaces xe-0/0/2 ether-options 802.3ad ae0 set interfaces xe-0/0/3 unit 0 family ethernet-switching interface-mode trunk set interfaces xe-0/0/3 unit 0 family ethernet-switching vlan members v102 set interfaces ae0 esi 00:01:01:01:01:01:01:01:01:01 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 aggregated-ether-options lacp system-id 00:01:01:01:01:01 set interfaces ae0 unit 0 family ethernet-switching interface-mode trunk set interfaces ae0 unit 0 family ethernet-switching vlan members v101 set interfaces irb unit 101 family inet address 10.1.101.254/24 set interfaces irb unit 101 mac 00:00:5e:00:53:01 set interfaces irb unit 102 family inet address 10.1.102.254/24 set interfaces irb unit 102 mac 00:00:5e:00:53:01 set interfaces irb unit 103 family inet address 10.1.103.254/24 set interfaces irb unit 103 mac 00:00:5e:00:53:01 set interfaces lo0 unit 0 family inet address 10.1.255.12/32 set policy-options policy-statement load-balancing-policy then load-balance per-packet set policy-options policy-statement send-direct term 1 from protocol direct set policy-options policy-statement send-direct term 1 from route-filter 10.1.255.12/32 exact set policy-options policy-statement send-direct term 1 then accept set routing-instances vrf101 instance-type vrf set routing-instances vrf101 interface irb.101 set routing-instances vrf101 interface irb.102 set routing-instances vrf101 interface irb.103 set routing-instances vrf101 route-distinguisher 10.1.255.12:101 set routing-instances vrf101 vrf-target target:1001:1 set routing-options router-id 10.1.255.12 set routing-options autonomous-system 65012 set routing-options forwarding-table export load-balancing-policy set protocols bgp group underlay type external set protocols bgp group underlay export send-direct set protocols bgp group underlay multipath multiple-as set protocols bgp group underlay neighbor 10.1.12.1 peer-as 65001 set protocols bgp group underlay neighbor 10.1.22.1 peer-as 65002 set protocols bgp group overlay type external set protocols bgp group overlay multihop set protocols bgp group overlay local-address 10.1.255.12 set protocols bgp group overlay family evpn signaling set protocols bgp group overlay multipath multiple-as set protocols bgp group overlay neighbor 10.1.255.1 peer-as 65001 set protocols bgp group overlay neighbor 10.1.255.2 peer-as 65002 set protocols evpn encapsulation vxlan set protocols evpn default-gateway do-not-advertise set protocols evpn multicast-mode ingress-replication set protocols evpn vni-options vni 101 vrf-target target:101:1 set protocols evpn vni-options vni 102 vrf-target target:102:1 set protocols evpn vni-options vni 103 vrf-target target:103:1 set protocols evpn extended-vni-list all set switch-options vtep-source-interface lo0.0 set switch-options route-distinguisher 10.1.255.12:1 set switch-options vrf-target target:1:1 set switch-options vrf-target auto set vlans v101 vlan-id 101 set vlans v101 l3-interface irb.101 set vlans v101 vxlan vni 101 set vlans v102 vlan-id 102 set vlans v102 l3-interface irb.102 set vlans v102 vxlan vni 102 set vlans v103 vlan-id 103 set vlans v103 l3-interface irb.103 set vlans v103 vxlan vni 103
枝叶 3
set interfaces xe-0/0/0 unit 0 family inet address 10.1.13.2/30 set interfaces xe-0/0/1 unit 0 family inet address 10.1.23.2/30 set interfaces xe-0/0/2 unit 0 family ethernet-switching interface-mode trunk set interfaces xe-0/0/2 unit 0 family ethernet-switching vlan members v101 set interfaces irb unit 101 family inet address 10.1.101.254/24 set interfaces irb unit 101 mac 00:00:5e:00:53:01 set interfaces irb unit 102 family inet address 10.1.102.254/24 set interfaces irb unit 102 mac 00:00:5e:00:53:01 set interfaces irb unit 103 family inet address 10.1.103.254/24 set interfaces irb unit 103 mac 00:00:5e:00:53:01 set interfaces lo0 unit 0 family inet address 10.1.255.13/32 set policy-options policy-statement load-balancing-policy then load-balance per-packet set policy-options policy-statement send-direct term 1 from protocol direct set policy-options policy-statement send-direct term 1 from route-filter 10.1.255.13/32 exact set policy-options policy-statement send-direct term 1 then accept set routing-instances vrf101 instance-type vrf set routing-instances vrf101 interface irb.101 set routing-instances vrf101 interface irb.102 set routing-instances vrf101 interface irb.103 set routing-instances vrf101 route-distinguisher 10.1.255.13:101 set routing-instances vrf101 vrf-target target:1001:1 set routing-options router-id 10.1.255.13 set routing-options autonomous-system 65013 set routing-options forwarding-table export load-balancing-policy set protocols bgp group underlay type external set protocols bgp group underlay export send-direct set protocols bgp group underlay multipath multiple-as set protocols bgp group underlay neighbor 10.1.13.1 peer-as 65001 set protocols bgp group underlay neighbor 10.1.23.1 peer-as 65002 set protocols bgp group overlay type external set protocols bgp group overlay multihop set protocols bgp group overlay local-address 10.1.255.13 set protocols bgp group overlay family evpn signaling set protocols bgp group overlay multipath multiple-as set protocols bgp group overlay neighbor 10.1.255.1 peer-as 65001 set protocols bgp group overlay neighbor 10.1.255.2 peer-as 65002 set protocols evpn encapsulation vxlan set protocols evpn default-gateway do-not-advertise set protocols evpn multicast-mode ingress-replication set protocols evpn vni-options vni 101 vrf-target target:101:1 set protocols evpn vni-options vni 102 vrf-target target:102:1 set protocols evpn vni-options vni 103 vrf-target target:103:1 set protocols evpn extended-vni-list all set switch-options vtep-source-interface lo0.0 set switch-options route-distinguisher 10.1.255.13:1 set switch-options vrf-target target:1:1 set switch-options vrf-target auto set vlans v101 vlan-id 101 set vlans v101 l3-interface irb.101 set vlans v101 vxlan vni 101 set vlans v102 vlan-id 102 set vlans v102 l3-interface irb.102 set vlans v102 vxlan vni 102 set vlans v103 vlan-id 103 set vlans v103 l3-interface irb.103 set vlans v103 vxlan vni 103
枝叶 4
set interfaces xe-0/0/0 unit 0 family inet address 10.1.14.2/30 set interfaces xe-0/0/1 unit 0 family inet address 10.1.24.2/30 set interfaces xe-0/0/2 unit 0 family ethernet-switching interface-mode trunk set interfaces xe-0/0/2 unit 0 family ethernet-switching vlan members v103 set interfaces irb unit 101 family inet address 10.1.101.254/24 set interfaces irb unit 101 mac 00:00:5e:00:53:01 set interfaces irb unit 102 family inet address 10.1.102.254/24 set interfaces irb unit 102 mac 00:00:5e:00:53:01 set interfaces irb unit 103 family inet address 10.1.103.254/24 set interfaces irb unit 103 mac 00:00:5e:00:53:01 set interfaces lo0 unit 0 family inet address 10.1.255.14/32 set policy-options policy-statement load-balancing-policy then load-balance per-packet set policy-options policy-statement send-direct term 1 from protocol direct set policy-options policy-statement send-direct term 1 from route-filter 10.1.255.14/32 exact set policy-options policy-statement send-direct term 1 then accept set routing-instances vrf103 instance-type vrf set routing-instances vrf103 interface irb.101 set routing-instances vrf103 interface irb.102 set routing-instances vrf103 interface irb.103 set routing-instances vrf103 route-distinguisher 10.1.255.14:101 set routing-instances vrf103 vrf-target target:1001:1 set routing-options router-id 10.1.255.14 set routing-options autonomous-system 65014 set routing-options forwarding-table export load-balancing-policy set protocols bgp group underlay type external set protocols bgp group underlay export send-direct set protocols bgp group underlay multipath multiple-as set protocols bgp group underlay neighbor 10.1.14.1 peer-as 65001 set protocols bgp group underlay neighbor 10.1.24.1 peer-as 65002 set protocols bgp group overlay type external set protocols bgp group overlay multihop set protocols bgp group overlay local-address 10.1.255.14 set protocols bgp group overlay family evpn signaling set protocols bgp group overlay multipath multiple-as set protocols bgp group overlay neighbor 10.1.255.1 peer-as 65001 set protocols bgp group overlay neighbor 10.1.255.2 peer-as 65002 set protocols evpn encapsulation vxlan set protocols evpn default-gateway do-not-advertise set protocols evpn multicast-mode ingress-replication set protocols evpn vni-options vni 101 vrf-target target:101:1 set protocols evpn vni-options vni 102 vrf-target target:102:1 set protocols evpn vni-options vni 103 vrf-target target:103:1 set protocols evpn extended-vni-list all set switch-options vtep-source-interface lo0.0 set switch-options route-distinguisher 10.1.255.14:1 set switch-options vrf-target target:1:1 set switch-options vrf-target auto set vlans v101 vlan-id 101 set vlans v101 l3-interface irb.101 set vlans v101 vxlan vni 101 set vlans v102 vlan-id 102 set vlans v102 l3-interface irb.102 set vlans v102 vxlan vni 102 set vlans v103 vlan-id 103 set vlans v103 l3-interface irb.103 set vlans v103 vxlan vni 103
主干 1
set interfaces xe-0/0/0 unit 0 family inet address 10.1.11.1/30 set interfaces xe-0/0/1 unit 0 family inet address 10.1.12.1/30 set interfaces xe-0/0/2 unit 0 family inet address 10.1.13.1/30 set interfaces xe-0/0/3 unit 0 family inet address 10.1.14.1/30 set interfaces lo0 unit 0 family inet address 10.1.255.1/32 set policy-options policy-statement load-balancing-policy then load-balance per-packet set policy-options policy-statement send-direct term 1 from protocol direct set policy-options policy-statement send-direct term 1 from route-filter 10.1.255.1/32 exact set policy-options policy-statement send-direct term 1 then accept set routing-options router-id 10.1.255.1 set routing-options autonomous-system 65001 set routing-options forwarding-table export load-balancing-policy set protocols bgp group underlay type external set protocols bgp group underlay export send-direct set protocols bgp group underlay multipath multiple-as set protocols bgp group underlay neighbor 10.1.11.2 peer-as 65011 set protocols bgp group underlay neighbor 10.1.12.2 peer-as 65012 set protocols bgp group underlay neighbor 10.1.13.2 peer-as 65013 set protocols bgp group underlay neighbor 10.1.14.2 peer-as 65014 set protocols bgp group overlay type external set protocols bgp group overlay multihop no-nexthop-change set protocols bgp group overlay local-address 10.1.255.1 set protocols bgp group overlay family evpn signaling set protocols bgp group overlay multipath multiple-as set protocols bgp group overlay neighbor 10.1.255.11 peer-as 65011 set protocols bgp group overlay neighbor 10.1.255.12 peer-as 65012 set protocols bgp group overlay neighbor 10.1.255.13 peer-as 65013 set protocols bgp group overlay neighbor 10.1.255.14 peer-as 65014 set protocols bgp group overlay neighbor 10.1.255.2 peer-as 65002
主干 2
set interfaces xe-0/0/0 unit 0 family inet address 10.1.21.1/30 set interfaces xe-0/0/1 unit 0 family inet address 10.1.22.1/30 set interfaces xe-0/0/2 unit 0 family inet address 10.1.23.1/30 set interfaces xe-0/0/3 unit 0 family inet address 10.1.24.1/30 set interfaces lo0 unit 0 family inet address 10.1.255.2/32 set policy-options policy-statement load-balancing-policy then load-balance per-packet set policy-options policy-statement send-direct term 1 from protocol direct set policy-options policy-statement send-direct term 1 from route-filter 10.1.255.2/32 exact set policy-options policy-statement send-direct term 1 then accept set routing-options router-id 10.1.255.2 set routing-options autonomous-system 65002 set routing-options forwarding-table export load-balancing-policy set protocols bgp group underlay type external set protocols bgp group underlay export send-direct set protocols bgp group underlay multipath multiple-as set protocols bgp group underlay neighbor 10.1.21.2 peer-as 65011 set protocols bgp group underlay neighbor 10.1.22.2 peer-as 65012 set protocols bgp group underlay neighbor 10.1.23.2 peer-as 65013 set protocols bgp group underlay neighbor 10.1.24.2 peer-as 65014 set protocols bgp group overlay type external set protocols bgp group overlay multihop no-nexthop-change set protocols bgp group overlay local-address 10.1.255.2 set protocols bgp group overlay family evpn signaling set protocols bgp group overlay multipath multiple-as set protocols bgp group overlay neighbor 10.1.255.11 peer-as 65011 set protocols bgp group overlay neighbor 10.1.255.12 peer-as 65012 set protocols bgp group overlay neighbor 10.1.255.13 peer-as 65013 set protocols bgp group overlay neighbor 10.1.255.14 peer-as 65014 set protocols bgp group overlay neighbor 10.1.255.1 peer-as 65001