示例:通过运行基于 EVPN 的 MPLS 的 WAN 互连 EVPN-VXLAN 数据中心网络
此示例说明如何通过运行 EVPN-MPLS 的 WAN 互连 EVPN-VXLAN 数据中心网络,以利用 EVPN 作为数据中心互连 (DCI) 解决方案的优势。
要求
此示例使用以下硬件和软件组件:
四台瞻博网络 MX 系列路由器,将配置为数据中心网关和 WAN 边缘路由器。
四台瞻博网络 MX 系列路由器,要配置为架顶式 (ToR) 路由器。
六台客户边缘 (CE) 设备。
连接到每个能够配置多个 VLAN 的 CE 设备的 6 台主机设备。
一个提供商 (P) 路由器,是 EVPN-MPLS WAN 网络的一部分。
Junos OS 17.2 或更高版本。
概述
您可以通过使用逻辑隧道 (LT-) 接口运行基于 MPLS 的 EVPN 的 WAN 来互连运行以太网 VPN (EVPN) 和虚拟可扩展 LAN (VXLAN) 封装的不同数据中心网络。
图 1 说明了通过运行基于 MPLS 的 EVPN 的 WAN 来运行具有 VXLAN 封装的 EVPN 的数据中心网络的互连。在本示例中,作为数据中心网关和 WAN 边缘路由器的 MX 系列路由器分别命名为 MX11、MX12、MX21 和 MX22。作为架顶式 (ToR) 路由器的 MX 系列路由器分别命名为 ToR11、ToR12、ToR21 和 ToR22。连接到数据中心网络 1 (DC1) 的客户边缘 (CE) 设备分别命名为 CE1、CE2 和 CE3。连接到数据中心网络 2 (DC2) 的客户边缘 (CE) 设备命名为 CE4、CE5 和 CE6。连接到每台 CE 设备的主机设备应能够配置多个主机 VLAN。WAN 提供商路由器名为 P。
注意:
CE 设备是 ToR 设备逻辑系统的一部分。
图 1:通过运行 EVPN-MPLS 的 WAN 实现的 EVPN-VXLAN 数据中心互连
对于充当数据中心网关和 WAN 边缘路由器的 MX 系列路由器,请配置以下信息:
IRB 接口、虚拟网关地址和环路逻辑接口。
网关和 ToR 路由器之间的外部 BGP (EBGP) 底层连接,EVPN 作为信令协议。
路由策略,允许特定路由进入虚拟交换机表。
每个虚拟网络的虚拟交换机实例(第 2 层 MAC-VRF)、VTEP 源接口(始终为 lo0.0)、路由识别符和 vrf 导入 策略。
每个虚拟交换机的 EVPN 协议、封装方法、VNI 列表和 BUM 流量转发方法。
每个虚拟交换机内的桥接域,用于将 VNID 映射到 VLAN ID、IRB(第 3 层)接口和 BUM 转发方法。
对于充当架顶式 (ToR) 路由器的 MX 系列路由器,请配置以下信息:
具有 VLAN、VLAN ID 和环路逻辑接口的面向主机的接口。
启用链路聚合控制协议 (LACP)、链路聚合组 (LAG)、以太网分段 ID (ESI) 和
all-active模式。使用 EVPN 作为信令协议的 ToR 和网关路由器之间的多协议外部 BGP (MP-EBGP) 叠加。
以 VXLAN 为封装方法、 扩展 vni 列表、组播模式以及每个 VNI 的路由目标的 EVPN。
Vrf 导入策略、vtep-source-interface
route-distinguisher以及 vrf 导入和目标信息。VLAN,其 VLAN ID 映射到具有全局意义的 VNI。
注意:
您可以将虚拟网关地址设置为终端主机(虚拟机或服务器)的默认 IPv4 或 IPv6 网关地址。
配置
配置 ToR11
分步过程
下面的示例要求您在各个配置层级中进行导航。有关 CLI 导航的信息,请参阅 CLI 用户指南中的在配置模式下使用 CLI 编辑器。
将 MX 路由器配置为 ToR11:
注意:对 ToR12、ToR21 和 ToR22 执行类似的步骤。接口名称、IP 地址和连接请参考
图 1。
设置系统主机名。
[edit] user@ToR11# set system host-name ToR11
设置聚合以太网接口的数量。
[edit] user@ToR11# set chassis aggregated-devices ethernet device-count 1
将 ToR11 设备上的接口配置为连接到 MX12、CE-2、CE-1、ToR12 和 MX11 设备以启用底层连接。
[edit] user@ToR11# set interfaces ge-0/0/0 unit 0 description "CONNECTED TO CE-2" user@ToR11# set interfaces ge-0/0/0 unit 0 family bridge interface-mode trunk user@ToR11# set interfaces ge-0/0/0 unit 0 family bridge vlan-id-list 1-5 user@ToR11# set interfaces ge-0/0/2 description "CONNECTED TO CE-1" user@ToR11# set interfaces ge-0/0/2 gigether-options 802.3ad ae0 user@ToR11# set interfaces ge-0/0/3 unit 0 description "CONNECTED TO ToR12" user@ToR11# set interfaces ge-0/0/3 unit 0 family inet address 192.168.2.1/24 user@ToR11# set interfaces ge-0/0/4 unit 0 description "CONNECTED TO MX–11" user@ToR11# set interfaces ge-0/0/4 unit 0 family inet address 192.168.3.1/24 user@ToR11# set interfaces ge-0/0/5 unit 0 description "CONNECTED TO MX–12" user@ToR11# set interfaces ge-0/0/5 unit 0 family inet address 192.168.4.1/24
配置指向 CE-1 终端主机设备的链路聚合控制协议 (LACP) 接口。ESI 值在整个 EVPN 域中是全局唯一的。该
all-active配置使 ToR11 和 ToR12 能够将流量转发到 CE 设备或从 CE 设备转发流量,从而积极使用所有 CE 链路。[edit] user@ToR11# set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 user@ToR11# set interfaces ae0 esi all-active user@ToR11# set interfaces ae0 aggregated-ether-options lacp active user@ToR11# set interfaces ae0 aggregated-ether-options lacp periodic fast user@ToR11# set interfaces ae0 aggregated-ether-options lacp system-id 11:11:11:11:11:11 user@ToR11# set interfaces ae0 unit 0 family bridge interface-mode trunk user@ToR11# set interfaces ae0 unit 0 family bridge vlan-id-list 1-5
配置环路接口地址和路由选项。
[edit] user@ToR11# set interfaces lo0 unit 0 family inet address 192.0.2.11/32 user@ToR11# set routing-options router-id 192.0.2.11 user@ToR11# set routing-options autonomous-system 65100
将负载平衡策略应用于转发表。
[edit] user@ToR11# set routing-options forwarding-table export evpn-pplb
配置路由策略以接受直接环路地址路由。
[edit] user@ToR11# set policy-options policy-statement LO term 1 from protocol direct user@ToR11# set policy-options policy-statement LO term 1 from route-filter 192.0.2.11/32 exact user@ToR11# set policy-options policy-statement LO term 1 then accept
配置 NO-EXPORT 社区。
[edit] user@ToR11# set policy-options community NO-EXPORT members no-advertise user@ToR11# set policy-options community NO-EXPORT members no-export user@ToR11# set policy-options community NO-EXPORT members no-export-subconfed
配置负载平衡和 TEST 策略。
[edit] user@ToR11# set policy-options policy-statement TEST then community add NO-EXPORT user@ToR11# set policy-options policy-statement evpn-pplb from protocol evpn user@ToR11# set policy-options policy-statement evpn-pplb then load-balance per-packet
为每个虚拟网络配置 EVPN 路由实例。定义 VTEP 源接口、路由识别符(用于识别和通告 EVPN 路由)以及
vrf-target(使用定义的路由目标导出并标记该本地 VRF 的所有路由)。配置 EVPN 协议、封装方式、VNI 列表和 BUM 流量转发方式。最后,为每个虚拟路由器配置一个将 VNID 映射到 VLAN ID 的桥接域,并确定 BUM 转发方法。[edit] user@ToR11# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@ToR11# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@ToR11# set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community user@ToR11# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@ToR11# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.0 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 user@ToR11# set routing-instances EVPN-VXLAN-1 interface ge-0/0/0.0 user@ToR11# set routing-instances EVPN-VXLAN-1 interface ae0.0 user@ToR11# set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.21:1 user@ToR11# set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 user@ToR11# set routing-instances VRF instance-type vrf user@ToR11# set routing-instances VRF interface irb.1 user@ToR11# set routing-instances VRF interface irb.2 user@ToR11# set routing-instances VRF interface irb.3 user@ToR11# set routing-instances VRF interface irb.4 user@ToR11# set routing-instances VRF interface irb.5 user@ToR11# set routing-instances VRF route-distinguisher 1:1 user@ToR11# set routing-instances VRF vrf-target target:10:10
配置数据中心网关和 WAN 边缘 1 路由器 (MX11)
分步过程
下面的示例要求您在各个配置层级中进行导航。有关 CLI 导航的信息,请参阅 CLI 用户指南中的在配置模式下使用 CLI 编辑器。
将 MX 系列路由器配置为数据中心网关和 WAN 边缘路由器,并将其命名为 MX11:
注意:对 MX12、MX21 和 MX22 执行类似的步骤。接口名称、IP 地址和连接请参考
图 1。
设置系统主机名。
[edit] user@MX11# set system host-name MX11
配置 MX11 路由器(DC GW/WAN Edge1)上的接口,以启用与 MX12、ToR11、ToR12 和 P 设备(即 DC1 网络的 EVPN-VXLAN 部分)的底层连接。
[edit] user@MX11# set interfaces ge-0/0/0 unit 0 description "CONNECTED TO ToR11" user@MX11# set interfaces ge-0/0/0 unit 0 family inet address 192.168.3.2/24 user@MX11# set interfaces ge-0/0/1 unit 0 description "CONNECTED TO ToR12" user@MX11# set interfaces ge-0/0/1 unit 0 family inet address 192.168.6.2/24 user@MX11# set interfaces ge-0/0/2 unit 0 description "CONNECTED TO MX12" user@MX11# set interfaces ge-0/0/2 unit 0 family inet address 192.168.7.1/24 user@MX11# set interfaces ge-0/0/3 unit 0 description "CONNECTED TO P" user@MX11# set interfaces ge-0/0/3 unit 0 family inet address 203.0.113.41/24 user@MX11# set interfaces ge-0/0/3 unit 0 family mpls
在网关路由器(MX11 和 MX12)与 ToR(ToR11 和 ToR12)之间配置外部 BGP (EBGP) 底层连接。
[edit] user@MX11# set protocols bgp group MX12 type external user@MX11# set protocols bgp group MX12 local-address 192.168.7.1 user@MX11# set protocols bgp group MX12 export TEST user@MX11# set protocols bgp group MX12 export LO user@MX11# set protocols bgp group MX12 peer-as 65500 user@MX11# set protocols bgp group MX12 local-as 65400 user@MX11# set protocols bgp group MX12 neighbor 192.168.7.2 family inet unicast user@MX11# set protocols bgp group ToR11 type external user@MX11# set protocols bgp group ToR11 local-address 192.168.3.2 user@MX11# set protocols bgp group ToR11 import TEST user@MX11# set protocols bgp group ToR11 export TEST user@MX11# set protocols bgp group ToR11 export LO user@MX11# set protocols bgp group ToR11 peer-as 65100 user@MX11# set protocols bgp group ToR11 local-as 65400 user@MX11# set protocols bgp group ToR11 neighbor 192.168.3.1 family inet unicast user@MX11# set protocols bgp group ToR12 type external user@MX11# set protocols bgp group ToR12 local-address 192.168.6.2 user@MX11# set protocols bgp group ToR12 export TEST user@MX11# set protocols bgp group ToR12 export LO user@MX11# set protocols bgp group ToR12 peer-as 65200 user@MX11# set protocols bgp group ToR12 local-as 65400 user@MX11# set protocols bgp group ToR12 neighbor 192.168.6.1 family inet unicast
在网关路由器(MX11 和 MX12)与 ToR(ToR11 和 ToR12)之间配置多协议外部 BGP (MP-EBGP) 叠加连接,并将 EVPN 设置为信令协议。
[edit] user@MX11# set protocols bgp group MX12-EVPN type external user@MX11# set protocols bgp group MX12-EVPN multihop ttl 2 user@MX11# set protocols bgp group MX12-EVPN multihop no-nexthop-change user@MX11# set protocols bgp group MX12-EVPN local-address 192.0.2.21 user@MX11# set protocols bgp group MX12-EVPN export TEST user@MX11# set protocols bgp group MX12-EVPN peer-as 65500 user@MX11# set protocols bgp group MX12-EVPN local-as 65400 user@MX11# set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling user@MX11# set protocols bgp group ToR11-EVPN type external user@MX11# set protocols bgp group ToR11-EVPN multihop ttl 2 user@MX11# set protocols bgp group ToR11-EVPN multihop no-nexthop-change user@MX11# set protocols bgp group ToR11-EVPN local-address 192.0.2.21 user@MX11# set protocols bgp group ToR11-EVPN export TEST user@MX11# set protocols bgp group ToR11-EVPN peer-as 65100 user@MX11# set protocols bgp group ToR11-EVPN local-as 65400 user@MX11# set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling user@MX11# set protocols bgp group ToR12-EVPN type external user@MX11# set protocols bgp group ToR12-EVPN multihop ttl 2 user@MX11# set protocols bgp group ToR12-EVPN multihop no-nexthop-change user@MX11# set protocols bgp group ToR12-EVPN local-address 192.0.2.21 user@MX11# set protocols bgp group ToR12-EVPN export TEST user@MX11# set protocols bgp group ToR12-EVPN peer-as 65200 user@MX11# set protocols bgp group ToR12-EVPN local-as 65400 user@MX11# set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling
配置集成路由和桥接 (IRB) 接口,为拓扑中的主机通告 MAC 和 IP 路由(MAC+IP 2 类路由)。IRB 配置是主机上 VLAN 的网关。
分步过程
以下是 MX11(VLAN-1 的主机部分)上 VLAN-1 的 IRB 网关配置:
[edit] user@MX11# set interfaces irb unit 1 proxy-macip-advertisement user@MX11# set interfaces irb unit 1 virtual-gateway-esi 00:11:aa:aa:aa:aa:aa:aa:aa:aa user@MX11# set interfaces irb unit 1 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 1 family inet address 10.11.1.12/24 virtual-gateway-address 10.11.1.10
以下是 MX11(VLAN-2 的主机部分)上 VLAN-2 的 IRB 网关配置:
[edit] user@MX11# set interfaces irb unit 2 proxy-macip-advertisement user@MX11# set interfaces irb unit 2 virtual-gateway-esi 00:11:bb:bb:bb:bb:bb:bb:bb:bb user@MX11# set interfaces irb unit 2 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 2 family inet address 10.12.1.12/24 virtual-gateway-address 10.12.1.10
以下是 MX11(即 VLAN-3 的主机部分)上 VLAN-3 的 IRB 网关配置:
[edit] user@MX11# set interfaces irb unit 3 proxy-macip-advertisement user@MX11# set interfaces irb unit 3 virtual-gateway-esi 00:11:cc:cc:cc:cc:cc:cc:cc:cc user@MX11# set interfaces irb unit 3 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 3 family inet address 10.13.1.12/24 virtual-gateway-address 10.13.1.10
以下是 MX11(VLAN-4 的主机部分)上 VLAN-4 的 IRB 网关配置:
[edit] user@MX11# set interfaces irb unit 4 proxy-macip-advertisement user@MX11# set interfaces irb unit 4 virtual-gateway-esi 00:11:dd:dd:dd:dd:dd:dd:dd:dd user@MX11# set interfaces irb unit 4 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 4 family inet address 10.14.1.12/24 virtual-gateway-address 10.14.1.10
以下是 MX11(VLAN-5 的主机部分)上 VLAN-5 的 IRB 网关配置:
[edit] user@MX11# set interfaces irb unit 5 proxy-macip-advertisement user@MX11# set interfaces irb unit 5 virtual-gateway-esi 00:11:ee:ee:ee:ee:ee:ee:ee:ee user@MX11# set interfaces irb unit 5 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 5 family inet address 10.15.1.12/24 virtual-gateway-address 10.15.1.10
配置路由策略以接受直接环路地址路由。
[edit] user@MX11# set policy-options policy-statement LO from protocol direct user@MX11# set policy-options policy-statement LO from route-filter 192.0.2.21/32 exact user@MX11# set policy-options policy-statement LO then accept
配置 NO-EXPORT 社区。
[edit] user@MX11# set policy-options community NO-EXPORT members no-advertise user@MX11# set policy-options community NO-EXPORT members no-export user@MX11# set policy-options community NO-EXPORT members no-export-subconfed
配置负载平衡和 TEST 策略。
[edit] user@MX11# set policy-options policy-statement TEST then community add NO-EXPORT user@MX11# set policy-options policy-statement evpn-pplb from protocol evpn user@MX11# set policy-options policy-statement evpn-pplb then load-balance per-packet
在逻辑隧道接口上配置 ESI 值。在 DC1 网络中的所有其他网关/WAN 边缘路由器上使用相同的 ESI 值。
[edit] user@MX11# set interfaces lt-5/1/0 esi 00:22:22:22:22:22:22:22:22:22
通过包含
all-active语句,在逻辑隧道接口上配置 A/A 多宿主。[edit] user@MX11# set interfaces lt-5/1/0 esi all-active
在 MX11 网关路由器上配置一对逻辑隧道 (LT-) 接口,以将数据中心网络的 EVPN-VXLAN 实例与基于 MPLS 的 WAN EVPN 实例互连。一个逻辑隧道 (lt-) 接口配置为 EVPN-VXLAN 的接入接口,另一个逻辑隧道 (lt-) 接口配置为基于 MPLS 的 EVPN 的接入接口。
[edit] user@MX11# set interfaces lt-5/1/0 unit 0 description TO-EVPN-VXLAN user@MX11# set interfaces lt-5/1/0 unit 0 encapsulation ethernet-bridge user@MX11# set interfaces lt-5/1/0 unit 0 peer-unit 1 user@MX11# set interfaces lt-5/1/0 unit 0 family bridge interface-mode trunk user@MX11# set interfaces lt-5/1/0 unit 0 family bridge vlan-id-list 1-5 user@MX11# set interfaces lt-5/1/0 unit 1 description TO-EVPN-MPLS user@MX11# set interfaces lt-5/1/0 unit 1 encapsulation ethernet-bridge user@MX11# set interfaces lt-5/1/0 unit 1 peer-unit 0 user@MX11# set interfaces lt-5/1/0 unit 1 family bridge interface-mode trunk user@MX11# set interfaces lt-5/1/0 unit 1 family bridge vlan-id-list 1-5
配置环路接口地址和路由选项。
[edit] user@MX11# set interfaces lo0 unit 0 family inet address 192.0.2.21/32 user@MX11# set interfaces lo0 unit 0 family mpls user@MX11# set routing-options router-id 192.0.2.21 user@MX11# set routing-options autonomous-system 65300
将负载平衡策略应用于转发表。
[edit] user@MX11# set routing-options forwarding-table export evpn-pplb
在核心接口上启用 MPLS、BGP 和 OSPF 协议。创建 MPLS LSP 并指定其他网关和 WAN 边缘路由器(MX12、P、MX21、MX22)的地址。
[edit] user@MX11# set protocols mpls label-switched-path MX11-TO-MX12 to 192.0.2.22 user@MX11# set protocols mpls label-switched-path MX11-TO-P to 203.0.113.1 user@MX11# set protocols mpls label-switched-path MX11-TO-MX21 to 198.51.100.21 user@MX11# set protocols mpls label-switched-path MX11-TO-MX22 to 198.51.100.22 user@MX11# set protocols mpls interface all user@MX11# set protocols mpls interface fxp0.0 disable user@MX11# set protocols bgp local-address 192.0.2.21 user@MX11# set protocols bgp local-as 65300 user@MX11# set protocols bgp group INT type internal user@MX11# set protocols bgp group INT local-address 192.0.2.21 user@MX11# set protocols bgp group INT family evpn signaling user@MX11# set protocols bgp group INT export TEST user@MX11# set protocols bgp group INT neighbor 203.0.113.1 user@MX11# set protocols ospf traffic-engineering user@MX11# set protocols ospf area 0.0.0.0 interface ge-0/0/3.0 user@MX11# set protocols ospf area 0.0.0.0 interface lo0.0 passive
在 MX11 路由器上为每个虚拟网络配置基于 EVPN 的 MPLS 路由实例。定义路由识别符(用于识别和播发 EVPN-MPLS 路由)以及
vrf-target(使用定义的路由目标导出并标记该本地 VRF 的所有路由)。为每个映射 VLAN ID 的虚拟路由器配置一个桥接域。[edit] user@MX11# set routing-instances EVPN-MPLS-1 instance-type virtual-switch user@MX11# set routing-instances EVPN-MPLS-1 interface lt-5/1/0.0 user@MX11# set routing-instances EVPN-MPLS-1 route-distinguisher 192.0.2.21:100 user@MX11# set routing-instances EVPN-MPLS-1 vrf-target target:1:2 user@MX11# set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 user@MX11# set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5
在 MX11 路由器上为每个虚拟网络配置 EVPN-VXLAN 路由实例。定义 VTEP 源接口、路由识别符(用于识别和通告 EVPN 路由)以及
vrf-target(使用定义的路由目标导出并标记该本地 VRF 的所有路由)。配置 EVPN 协议、封装方式、VNI 列表和 BUM 流量转发方式。最后,为每个虚拟路由器配置一个将 VNID 映射到 VLAN ID 的桥接域,并确定 BUM 转发方法。[edit] user@MX11# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.0 user@MX11# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@MX11# set routing-instances EVPN-VXLAN-1 interface lt-5/1/0.1 user@MX11# set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.21:1 user@MX11# set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX11-EVPN-VXLAN-1.log user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 user@MX11# set routing-instances VRF instance-type vrf user@MX11# set routing-instances VRF interface irb.1 user@MX11# set routing-instances VRF interface irb.2 user@MX11# set routing-instances VRF interface irb.3 user@MX11# set routing-instances VRF interface
配置 WAN 路由器 (P)
分步过程
下面的示例要求您在各个配置层级中进行导航。有关 CLI 导航的信息,请参阅 CLI 用户指南中的在配置模式下使用 CLI 编辑器。
将 MX 系列路由器配置为 WAN 边缘路由器,并将其命名为 P:
设置系统主机名。
[edit] user@P# set system host-name P
配置 P 路由器 (WAN) 上的接口,以通过运行基于 MPLS 的 EVPN 的 WAN 将运行以太网 VPN (EVPN) 与虚拟可扩展 LAN (VXLAN) 封装的不同数据中心网络互连。
[edit] user@P# set interfaces ge-0/0/3 unit 0 description "CONNECTED TO MX11" user@P# set interfaces ge-0/0/3 unit 0 family inet address 203.0.113.42/24 user@P# set interfaces ge-0/0/3 unit 0 family mpls user@P# set interfaces ge-0/0/5 unit 0 description "CONNECTED TO MX12" user@P# set interfaces ge-0/0/5 unit 0 family inet address 203.0.113.12/24 user@P# set interfaces ge-0/0/5 unit 0 family mpls user@P# set interfaces ge-0/0/6 unit 0 description "CONNECTED TO MX21" user@P# set interfaces ge-0/0/6 unit 0 family inet address 203.0.113.32/24 user@P# set interfaces ge-0/0/6 unit 0 family mpls user@P# set interfaces ge-0/0/7 unit 0 description "CONNECTED TO MX22" user@P# set interfaces ge-0/0/7 unit 0 family inet address 203.0.113.52/24 user@P# set interfaces ge-0/0/7 unit 0 family mpls
配置社区。
[edit] user@P# set policy-options community RT-CORE members target:1:2 user@P# set policy-options community RT-DC1 members target:1:1 user@P# set policy-options community RT-DC2 members target:1:3
配置策略。
[edit] user@P# set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 from protocol bgp user@P# set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 from community RT-CORE user@P# set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 then accept user@P# set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 from protocol bgp user@P# set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 from community RT-DC1 user@P# set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 then reject user@P# set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 from protocol bgp user@P# set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 from community RT-DC2 user@P# set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 then reject
配置环路接口地址和路由选项。
[edit] user@P# interfaces lo0 unit 86 family inet address 203.0.113.1/32 user@P# interfaces lo0 unit 86 family mpls user@P# routing-options router-id 203.0.113.1 user@P# routing-options autonomous-system 65300
在核心接口上启用 MPLS、BGP 和 OSPF 协议。在 P 和其他网关和 WAN 边缘路由器(MX11、MX12、P、MX22)之间创建 MPLS LSP。
[edit] user@P# set protocols mpls label-switched-path P-TO-MX11 from 203.0.113.1 user@P# set protocols mpls label-switched-path P-TO-MX11 to 192.0.2.21 user@P# set protocols mpls label-switched-path P-TO-MX12 to 192.0.2.22 user@P# set protocols mpls label-switched-path P-TO-MX21 to 198.51.100.21 user@P# set protocols mpls label-switched-path P-TO-MX22 to 198.51.100.22 user@P# set protocols mpls interface all user@P# set protocols bgp group INT type internal user@P# set protocols bgp group INT import BLOCK-VXLAN-ROUTES-FROM-CORE user@P# set protocols bgp group INT family evpn signaling user@P# set protocols bgp group INT cluster 203.0.113.1 user@P# set protocols bgp group INT neighbor 192.0.2.21 user@P# set protocols bgp group INT neighbor 192.0.2.22 user@P# set protocols bgp group INT neighbor 198.51.100.21 user@P# set protocols bgp group INT neighbor 198.51.100.22 user@P# set protocols bgp local-address 203.0.113.1 user@P# set protocols bgp local-as 65300 user@P# set protocols ospf traffic-engineering user@P# set protocols ospf area 0.0.0.0 interface all user@P# set protocols ospf area 0.0.0.0 interface lo0.86
配置 CE1
分步过程
下面的示例要求您在各个配置层级中进行导航。有关 CLI 导航的信息,请参阅 CLI 用户指南中的在配置模式下使用 CLI 编辑器。
配置 MX 路由器 CE1:
注意:对 CE2、CE3、CE4、CE5 和 CE6 执行类似步骤。接口名称、IP 地址和连接请参考
图 1。
设置系统主机名。
[edit] user@CE1# set system host-name CE1
配置 CE1 设备上的接口以连接到主机和 TOR12。启用主机和 TOR12 之间的转发流量。
[edit] user@CE1# set interfaces ge-0/0/8 unit 0 description "CONNECTED TO Host 1" user@CE1# set interfaces ge-0/0/8 unit 0 family bridge interface-mode trunk user@CE1# set interfaces ge-0/0/8 unit 0 family bridge vlan-id-list 1-5 user@CE1# set interfaces ae1 unit 0 description "CONNECTED TO ToR12" user@CE1# set interfaces ae1 unit 0 family bridge interface-mode trunk user@CE1# set interfaces ae1 unit 0 family bridge vlan-id-list 1-5
定义桥接域并将其与 VLAN ID 相关联。
[edit] user@CE1# set bridge-domains BD-1 domain-type bridge user@CE1# set bridge-domains BD-1 vlan-id 1 user@CE1# set bridge-domains BD-2 domain-type bridge user@CE1# set bridge-domains BD-2 vlan-id 2 user@CE1# set bridge-domains BD-3 domain-type bridge user@CE1# set bridge-domains BD-3 vlan-id 3 user@CE1# set bridge-domains BD-4 domain-type bridge user@CE1# set bridge-domains BD-4 vlan-id 4 user@CE1# set bridge-domains BD-5 domain-type bridge user@CE1# set bridge-domains BD-5 vlan-id 5
验证
配置底层和 EVPN 叠加网络后,建议您验证配置是否按预期工作。
使用逻辑隧道接口验证 EVPN-VXLAN 和 EVPN-MPLS EVI 拼接
目的
确认 EVPN-VXLAN 和 EVPN-MPLS EVPN 实例 (EVI) 已配置为使用逻辑隧道接口进行拼接。
行动
在任何网关设备上,发出 show routing-instances evpn-vxlan-instance 和 命令 show routing-instances evpn-mpls-instance 以查看分配给相应 EVI 的逻辑隧道接口。发出 show interfaces lt-interface 命令,验证 EVI 是否已使用分配的 LT 接口进行拼接。
注意:为简洁起见,输出被截断
user@MX11> show routing-instances EVPN-VXLAN-1 … interface lt-5/1/0.1; route-distinguisher 192.0.2.21:1; vrf-target target:1:1;
user@MX11> show routing-instances EVPN-MPLS-1 … interface lt-5/1/0.0; route-distinguisher 192.0.2.21:100; vrf-target target:1:2;
user@MX11> show interfaces lt-5/1/0
esi {
00:22:22:22:22:22:22:22:22:22;
all-active;
}
unit 0 {
description TO-EVPN-VXLAN;
encapsulation ethernet-bridge;
peer-unit 1;
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
unit 1 {
description TO-EVPN-MPLS;
encapsulation ethernet-bridge;
peer-unit 0;
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
意义
EVPN-VXLAN-1 和 EVPN-MPLS-1 EVI 使用 lt-5/1/0 接口拼接。
验证桥接域中的泛洪
目的
验证任何网关设备的 EVPN-MPLS 和 EVPN-VXLAN 实例的桥接域泛洪信息。
行动
在任何网关设备 (MX11) 上,发出 show bridge flood extensive instance instance-name 命令。
注意:为简洁起见,输出被截断
user@MX11> show bridge flood extensive instance EVPN-MPLS-1
Name: EVPN-MPLS-1
CEs: 1
VEs: 15
Bridging domain: BD-1
EVPN extended: Yes
Flood route prefix: 0x3001a/51
Flood route type: FLOOD_GRP_COMP_NH
Flood route owner: __ves__
Flood group name: __ves__
Flood group index: 0
Nexthop type: comp
Nexthop index: 779
Flooding to:
Name Type NhType Index
__all_ces__ Group comp 759
Composition: split-horizon
Flooding to:
Name Type NhType Index
lt-5/1/0.0 MH-CE ucst 736
ESI: 00:22:22:22:22:22:22:22:22:22
Flood route prefix: 0x30010/51
Flood route type: FLOOD_GRP_COMP_NH
Flood route owner: __all_ces__
Flood group name: __all_ces__
Flood group index: 1
Nexthop type: comp
Nexthop index: 812
Flooding to:
Name Type NhType Index
__all_ces__ Group comp 759
Composition: split-horizon
Flooding to:
Name Type NhType Index
lt-5/1/0.0 MH-CE ucst 736
ESI: 00:22:22:22:22:22:22:22:22:22
Flooding to:
Name Type NhType Index
__ves__ Group comp 763
Composition: flood-to-all
Component flood-nh(s) (for flooding to EVPN core):
Index Peer NH-Type
891 192.0.2.22 comp (IM/SH)
892 198.51.100.21 comp (IM/SH)
746 198.51.100.22 comp (IM/SH)
user@MX11> show bridge flood extensive instance EVPN-VXLAN-1Name: EVPN-VXLAN-1
Name: EVPN-VXLAN-1
CEs: 1
VEs: 3
Bridging domain: BD-1
Flood route prefix: 0x3000f/51
Flood route type: FLOOD_GRP_COMP_NH
Flood route owner: __ves__
Flood group name: __ves__
Flood group index: 0
Nexthop type: comp
Nexthop index: 845
Flooding to:
Name Type NhType Index
__all_ces__ Group comp 797
Composition: split-horizon
Flooding to:
Name Type NhType Index
lt-5/1/0.0 CE ucst 751
Flood route prefix: 0x30015/51
Flood route type: FLOOD_GRP_COMP_NH
Flood route owner: __all_ces__
Flood group name: __all_ces__
Flood group index: 1
Nexthop type: comp
Nexthop index: 842
Flooding to:
Name Type NhType Index
__all_ces__ Group comp 797
Composition: split-horizon
Flooding to:
Name Type NhType Index
lt-5/1/0.0 CE ucst 751
Flooding to:
Name Type NhType Index
__ves__ Group comp 700
Composition: flood-to-all
Flooding to:
Name Type NhType Index RVTEP-IP
vtep.32769 CORE_FACING venh 687 192.0.2.11
vtep.32770 CORE_FACING venh 729 192.0.2.12
vtep.32771 CORE_FACING venh 748 192.0.2.22
意义
输出显示 EVPN-MPLS-1 积极参与关联桥接域的 BUM 流量泛洪。它使用复合下一跃点组将流量泛洪到 MPLS 核心中的其他网关设备,即 MX12 (192.0.2.22)、MX21 (198.51.100.21) 和 MX22 (198.51.100.22)。同时,EVPN-MPLS 实例 EVPN-MPLS-1 配置了桥接域,以便将 EVPN 扩展到使用活动端点连接到相邻的网关设备。
验证 MAC 学习
目的
验证网关设备之间的 MAC 学习。
行动
在任何叶设备 (TOR11) 上,发出 show evpn database instance routing-instance-name l2-domain-id 1 命令以验证学习的 MAC 地址。
user@TOR11> show evpn database instance EVPN-VXLAN-1 l2-domain-id 1
Instance: EVPN-VXLAN-1
VLAN DomainId MAC address Active source Timestamp IP address
1 00:00:5e:00:01:01 00:11:aa:aa:aa:aa:aa:aa:aa:aa Jul 30 01:02:11 10.11.1.10
1 2c:6b:f5:c2:ff:f0 DRP vtep.32769 Jul 30 01:02:11 192.0.2.21
意义
从远程 VTEP(192.0.2.21,即 MX11)中学习主机 MAC/IP 绑定,从而显示主机积极参与 EVPN 交换矩阵。
验证 MAC 地址转发表
目的
验证桥接环境中的 MAC 学习和泛洪行为。
行动
在任何网关设备上,发出 show bridge mac-table mac-address instance evpn-instance.
user@MX11> show bridge mac-table 2c:6b:f5:c2:ff:f0 instance EVPN-VXLAN-1
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC, P -Pinned MAC)
Routing instance : EVPN-VXLAN-1
Bridging domain : BD-1, VLAN : 1
MAC MAC GBP Logical Active
address flags TAG interface source
2c:6b:f5:c2:ff:f0 DR lt-5/1/0.1 192.0.2.22
user@MX11> show bridge mac-table 2c:6b:f5:c2:ff:f0 instance EVPN-MPLS-1
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC, P -Pinned MAC)
Routing instance : EVPN-MPLS-1
Bridging domain : BD-1, VLAN : 1
MAC MAC GBP Logical NH RTR
address flags TAG interface Index ID
2c:6b:f5:c2:ff:f0 DC 1048581 1048581
意义
对于 EVPN-VXLAN-1 实例,MAC 地址 2c:6b:f5:c2:ff:f0 将被动态学习(D 标志),并与 EVPN 实例 EVPN-VXLAN-1 中的桥接域 BD-1 (VLAN 1) 相关联。它是从远程源 IP 192.0.2.22 (MX12) 的 lt-5/1/0.1 逻辑隧道接口中获知的,表明此 MAC 属于连接到 EVPN 交换矩阵中远程设备的主机。
对于 EVPN-MPLS-1 实例,MAC 地址 2c:6b:f5:c2:ff:f0 存在于 EVPN 实例 EVPN-MPLS-1 下的桥接域 BD-1 (VLAN 1) 中。它标有标志 D(动态学习) 和 C(控制 MAC),表明它是通过 EVPN 控制平面而非数据平面侦听学习的。MAC 与下一跃点索引 1048581相关联,后者映射到远程路由器,确认此 MAC 属于可通过 EVPN/MPLS 从远程站点访问的主机。
附录 1:在所有设备上设置命令
在所有设备上设置命令输出。
要快速配置此示例,请复制以下命令,将其粘贴到文本文件中,删除所有换行符,更改详细信息,以便与网络配置匹配,然后将命令复制并粘贴到层 [edit] 级的 CLI 中。
ToR11
set system host-name ToR11 set chassis aggregated-devices ethernet device-count 1 set interfaces ge-0/0/0 unit 0 description "CONNECTED TO CE-2" set interfaces ge-0/0/0 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/0 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-0/0/2 description "CONNECTED TO CE-1" set interfaces ge-0/0/2 gigether-options 802.3ad ae0 set interfaces ge-0/0/3 unit 0 description "CONNECTED TO ToR12" set interfaces ge-0/0/3 unit 0 family inet address 192.168.2.1/24 set interfaces ge-0/0/4 unit 0 description "CONNECTED TO MX–11" set interfaces ge-0/0/4 unit 0 family inet address 192.168.3.1/24 set interfaces ge-0/0/5 unit 0 description "CONNECTED TO MX–12" set interfaces ge-0/0/5 unit 0 family inet address 192.168.4.1/24 set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 aggregated-ether-options lacp periodic fast set interfaces ae0 aggregated-ether-options lacp system-id 11:11:11:11:11:11 set interfaces ae0 unit 0 family bridge interface-mode trunk set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 set interfaces lo0 unit 0 family inet address 192.0.2.11/32 set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 192.0.2.11/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.0 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances EVPN-VXLAN-1 interface ge-0/0/0.0 set routing-instances EVPN-VXLAN-1 interface ae0.0 set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.21:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 set routing-instances VRF instance-type vrf set routing-instances VRF interface irb.1 set routing-instances VRF interface irb.2 set routing-instances VRF interface irb.3 set routing-instances VRF interface irb.4 set routing-instances VRF interface irb.5 set routing-instances VRF route-distinguisher 1:1 set routing-instances VRF vrf-target target:10:10 set routing-options router-id 192.0.2.11 set routing-options autonomous-system 65100 set routing-options forwarding-table export evpn-pplb
ToR12
set system host-name ToR12 set chassis aggregated-devices ethernet device-count 2 set interfaces ge-0/0/0 description "CONNECTED TO ToR11" set interfaces ge-0/0/0 gigether-options 802.3ad ae1 set interfaces ge-0/0/1 unit 0 description "CONNECTED TO ToR11" set interfaces ge-0/0/1 unit 0 family inet address 192.168.2.2/24 set interfaces ge-0/0/2 description "CONNECTED TO CE-1" set interfaces ge-0/0/2 gigether-options 802.3ad ae0 set interfaces ge-0/0/3 description "CONNECTED TO ToR12" set interfaces ge-0/0/3 gigether-options 802.3ad ae1 set interfaces ge-0/0/4 unit 0 description "CONNECTED TO CE-3" set interfaces ge-0/0/4 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/4 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-0/0/6 unit 0 description "CONNECTED TO MX11" set interfaces ge-0/0/6 unit 0 family inet address 192.168.6.1/24 set interfaces ge-0/0/7 unit 0 description "CONNECTED TO MX12" set interfaces ge-0/0/7 unit 0 family inet address 192.168.5.1/24 set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp system-id 11:11:11:11:11:11 set interfaces ae0 unit 0 family bridge interface-mode trunk set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces lo0 unit 0 family inet address 192.0.2.12/32 set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 192.0.2.12/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.0 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances EVPN-VXLAN-1 interface ge-0/0/4.0 set routing-instances EVPN-VXLAN-1 interface ae0.0 set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.12:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 set routing-options router-id 192.0.2.12 set routing-options autonomous-system 65200 set routing-options forwarding-table export evpn-pplb set protocols bgp group MX11 type external set protocols bgp group MX11 local-address 192.168.6.1 set protocols bgp group MX11 export LO set protocols bgp group MX11 export TEST set protocols bgp group MX11 peer-as 65400 set protocols bgp group MX11 local-as 65200 set protocols bgp group MX11 neighbor 192.168.6.2 family inet unicast set protocols bgp group MX12 type external set protocols bgp group MX12 local-address 192.168.5.1 set protocols bgp group MX12 export LO set protocols bgp group MX12 export TEST set protocols bgp group MX12 peer-as 65500 set protocols bgp group MX12 local-as 65200 set protocols bgp group MX12 neighbor 192.168.5.2 family inet unicast set protocols bgp group ToR11 type external set protocols bgp group ToR11 local-address 192.168.2.2 set protocols bgp group ToR11 export LO set protocols bgp group ToR11 export TEST set protocols bgp group ToR11 peer-as 65100 set protocols bgp group ToR11 local-as 65200 set protocols bgp group ToR11 neighbor 192.168.2.1 family inet unicast set protocols bgp group MX11-EVPN type external set protocols bgp group MX11-EVPN multihop ttl 2 set protocols bgp group MX11-EVPN multihop no-nexthop-change set protocols bgp group MX11-EVPN local-address 192.0.2.12 set protocols bgp group MX11-EVPN export TEST set protocols bgp group MX11-EVPN peer-as 65400 set protocols bgp group MX11-EVPN local-as 65200 set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling set protocols bgp group MX12-EVPN type external set protocols bgp group MX12-EVPN multihop ttl 2 set protocols bgp group MX12-EVPN multihop no-nexthop-change set protocols bgp group MX12-EVPN local-address 192.0.2.12 set protocols bgp group MX12-EVPN export TEST set protocols bgp group MX12-EVPN peer-as 65500 set protocols bgp group MX12-EVPN local-as 65200 set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling set protocols bgp group ToR11-EVPN type external set protocols bgp group ToR11-EVPN multihop ttl 2 set protocols bgp group ToR11-EVPN multihop no-nexthop-change set protocols bgp group ToR11-EVPN local-address 192.0.2.12 set protocols bgp group ToR11-EVPN export TEST set protocols bgp group ToR11-EVPN peer-as 65100 set protocols bgp group ToR11-EVPN local-as 65200 set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling set protocols bgp group ToR12-EVPN export TEST set protocols bgp local-as 65200
数据中心网关和 WAN 边缘 1 路由器 (MX11)
set system host-name MX11 set interfaces ge-0/0/0 unit 0 description "CONNECTED TO ToR11" set interfaces ge-0/0/0 unit 0 family inet address 192.168.3.2/24 set interfaces ge-0/0/1 unit 0 description "CONNECTED TO ToR12" set interfaces ge-0/0/1 unit 0 family inet address 192.168.6.2/24 set interfaces ge-0/0/2 unit 0 description "CONNECTED TO MX12" set interfaces ge-0/0/2 unit 0 family inet address 192.168.7.1/24 set interfaces ge-0/0/3 unit 0 description "CONNECTED TO P" set interfaces ge-0/0/3 unit 0 family inet address 203.0.113.41/24 set interfaces ge-0/0/3 unit 0 family mpls set interfaces lt-5/1/0 esi 00:22:22:22:22:22:22:22:22:22 set interfaces lt-5/1/0 esi 00:22:22:22:22:22:22:22:22:22 set interfaces lt-5/1/0 esi all-active set interfaces lt-5/1/0 unit 0 description TO-EVPN-VXLAN set interfaces lt-5/1/0 unit 0 encapsulation ethernet-bridge set interfaces lt-5/1/0 unit 0 peer-unit 1 set interfaces lt-5/1/0 unit 0 family bridge interface-mode trunk set interfaces lt-5/1/0 unit 0 family bridge vlan-id-list 1-5 set interfaces lt-5/1/0 unit 1 description TO-EVPN-MPLS set interfaces lt-5/1/0 unit 1 encapsulation ethernet-bridge set interfaces lt-5/1/0 unit 1 peer-unit 0 set interfaces lt-5/1/0 unit 1 family bridge interface-mode trunk set interfaces lt-5/1/0 unit 1 family bridge vlan-id-list 1-5set interfaces irb unit 1 proxy-macip-advertisement set interfaces irb unit 1 virtual-gateway-esi 00:11:aa:aa:aa:aa:aa:aa:aa:aa set interfaces irb unit 1 virtual-gateway-esi all-active set interfaces irb unit 1 family inet address 10.11.1.12/24 virtual-gateway-address 10.11.1.10 set interfaces irb unit 2 proxy-macip-advertisement set interfaces irb unit 2 virtual-gateway-esi 00:11:bb:bb:bb:bb:bb:bb:bb:bb set interfaces irb unit 2 virtual-gateway-esi all-active set interfaces irb unit 2 family inet address 10.12.1.12/24 virtual-gateway-address 10.12.1.10 set interfaces irb unit 3 proxy-macip-advertisement set interfaces irb unit 3 virtual-gateway-esi 00:11:cc:cc:cc:cc:cc:cc:cc:cc set interfaces irb unit 3 virtual-gateway-esi all-active set interfaces irb unit 3 family inet address 10.13.1.12/24 virtual-gateway-address 10.13.1.10 set interfaces irb unit 4 proxy-macip-advertisement set interfaces irb unit 4 virtual-gateway-esi 00:11:dd:dd:dd:dd:dd:dd:dd:dd set interfaces irb unit 4 virtual-gateway-esi all-active set interfaces irb unit 4 family inet address 10.14.1.12/24 virtual-gateway-address 10.14.1.10 set interfaces irb unit 5 proxy-macip-advertisement set interfaces irb unit 5 virtual-gateway-esi 00:11:ee:ee:ee:ee:ee:ee:ee:ee set interfaces irb unit 5 virtual-gateway-esi all-active set interfaces irb unit 5 family inet address 10.15.1.12/24 virtual-gateway-address 10.15.1.10 set interfaces lo0 unit 0 family inet address 192.0.2.21/32 set interfaces lo0 unit 0 family mpls set policy-options policy-statement LO from protocol direct set policy-options policy-statement LO from route-filter 192.0.2.21/32 exact set policy-options policy-statement LO then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-MPLS-1 instance-type virtual-switch set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-MPLS-1 interface lt-5/1/0.0 set routing-instances EVPN-MPLS-1 route-distinguisher 192.0.2.21:100 set routing-instances EVPN-MPLS-1 vrf-target target:1:2 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.0 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances EVPN-VXLAN-1 interface lt-5/1/0.1 set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.21:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 set routing-instances VRF instance-type vrf set routing-instances VRF interface irb.1 set routing-instances VRF interface irb.2 set routing-instances VRF interface irb.3 set routing-instances VRF interface set protocols bgp group INT type internal set protocols bgp group INT local-address 192.0.2.21 set protocols bgp group INT family evpn signaling set protocols bgp group INT export TEST set protocols bgp group INT neighbor 203.0.113.1 set protocols bgp group MX12 type external set protocols bgp group MX12 local-address 192.168.7.1 set protocols bgp group MX12 export TEST set protocols bgp group MX12 export LO set protocols bgp group MX12 peer-as 65500 set protocols bgp group MX12 local-as 65400 set protocols bgp group MX12 neighbor 192.168.7.2 family inet unicast set protocols bgp group ToR11 type external set protocols bgp group ToR11 local-address 192.168.3.2 set protocols bgp group ToR11 import TEST set protocols bgp group ToR11 export TEST set protocols bgp group ToR11 export LO set protocols bgp group ToR11 peer-as 65100 set protocols bgp group ToR11 local-as 65400 set protocols bgp group ToR11 neighbor 192.168.3.1 family inet unicast set protocols bgp group ToR12 type external set protocols bgp group ToR12 local-address 192.168.6.2 set protocols bgp group ToR12 export TEST set protocols bgp group ToR12 export LO set protocols bgp group ToR12 peer-as 65200 set protocols bgp group ToR12 local-as 65400 set protocols bgp group ToR12 neighbor 192.168.6.1 family inet unicast set protocols bgp group MX12-EVPN type external set protocols bgp group MX12-EVPN multihop ttl 2 set protocols bgp group MX12-EVPN multihop no-nexthop-change set protocols bgp group MX12-EVPN local-address 192.0.2.21 set protocols bgp group MX12-EVPN export TEST set protocols bgp group MX12-EVPN peer-as 65500 set protocols bgp group MX12-EVPN local-as 65400 set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling set protocols bgp group ToR11-EVPN type external set protocols bgp group ToR11-EVPN multihop ttl 2 set protocols bgp group ToR11-EVPN multihop no-nexthop-change set protocols bgp group ToR11-EVPN local-address 192.0.2.21 set protocols bgp group ToR11-EVPN export TEST set protocols bgp group ToR11-EVPN peer-as 65100 set protocols bgp group ToR11-EVPN local-as 65400 set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling set protocols bgp group ToR12-EVPN type external set protocols bgp group ToR12-EVPN multihop ttl 2 set protocols bgp group ToR12-EVPN multihop no-nexthop-change set protocols bgp group ToR12-EVPN local-address 192.0.2.21 set protocols bgp group ToR12-EVPN export TEST set protocols bgp group ToR12-EVPN peer-as 65200 set protocols bgp group ToR12-EVPN local-as 65400 set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling set protocols bgp local-address 192.0.2.21 set protocols bgp local-as 65300 set protocols mpls label-switched-path MX11-TO-MX12 to 192.0.2.22 set protocols mpls label-switched-path MX11-TO-P to 203.0.113.1 set protocols mpls label-switched-path MX11-TO-MX21 to 198.51.100.21 set protocols mpls label-switched-path MX11-TO-MX22 to 198.51.100.22 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface ge-0/0/3.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable
数据中心网关和 WAN 边缘 2 路由器 (MX12)
set system host-name MX12 set chassis fpc 1 pic 0 tunnel-services set interfaces ge-0/0/0 unit 0 description "CONNECTED TO ToR11" set interfaces ge-0/0/0 unit 0 family inet address 192.168.4.2/24 set interfaces ge-0/0/1 unit 0 description "CONNECTED TO ToR12" set interfaces ge-0/0/1 unit 0 family inet address 192.168.5.2/24 set interfaces ge-0/0/2 unit 0 description "CONNECTED TO MX11" set interfaces ge-0/0/2 unit 0 family inet address 192.168.7.2/24 set interfaces ge-0/0/4 unit 0 description "CONNECTED TO P" set interfaces ge-0/0/4 unit 0 family inet address 203.0.113.11/24 set interfaces ge-0/0/4 unit 0 family mpls set interfaces lt-1/0/0 esi 00:22:22:22:22:22:22:22:22:22 set interfaces lt-1/0/0 esi all-active set interfaces lt-1/0/0 unit 0 description TO-EVPN-VXLAN set interfaces lt-1/0/0 unit 0 encapsulation ethernet-bridge set interfaces lt-1/0/0 unit 0 peer-unit 1 set interfaces lt-1/0/0 unit 0 family bridge interface-mode trunk set interfaces lt-1/0/0 unit 0 family bridge vlan-id-list 1-5 set interfaces lt-1/0/0 unit 1 description TO-EVPN-MPLS set interfaces lt-1/0/0 unit 1 encapsulation ethernet-bridge set interfaces lt-1/0/0 unit 1 peer-unit 0 set interfaces lt-1/0/0 unit 1 family bridge interface-mode trunk set interfaces lt-1/0/0 unit 1 family bridge vlan-id-list 1-5 set interfaces irb unit 1 proxy-macip-advertisement set interfaces irb unit 1 virtual-gateway-esi 00:11:aa:aa:aa:aa:aa:aa:aa:aa set interfaces irb unit 1 virtual-gateway-esi all-active set interfaces irb unit 1 family inet address 10.11.1.13/24 virtual-gateway-address 10.11.1.10 set interfaces irb unit 2 proxy-macip-advertisement set interfaces irb unit 2 virtual-gateway-esi 00:11:bb:bb:bb:bb:bb:bb:bb:bb set interfaces irb unit 2 virtual-gateway-esi all-active set interfaces irb unit 2 family inet address 10.12.1.13/24 virtual-gateway-address 10.12.1.10 set interfaces irb unit 3 proxy-macip-advertisement set interfaces irb unit 3 virtual-gateway-esi 00:11:cc:cc:cc:cc:cc:cc:cc:cc set interfaces irb unit 3 virtual-gateway-esi all-active set interfaces irb unit 3 family inet address 10.13.1.13/24 virtual-gateway-address 10.13.1.10 set interfaces irb unit 4 proxy-macip-advertisement set interfaces irb unit 4 virtual-gateway-esi 00:11:dd:dd:dd:dd:dd:dd:dd:dd set interfaces irb unit 4 virtual-gateway-esi all-active set interfaces irb unit 4 family inet address 10.14.1.13/24 virtual-gateway-address 10.14.1.10 set interfaces irb unit 5 proxy-macip-advertisement set interfaces irb unit 5 virtual-gateway-esi 00:11:ee:ee:ee:ee:ee:ee:ee:ee set interfaces irb unit 5 virtual-gateway-esi all-active set interfaces irb unit 5 family inet address 10.15.1.13/24 virtual-gateway-address 10.15.1.10 set interfaces lo0 unit 0 family inet address 192.0.2.22/32 set interfaces lo0 unit 0 family mpls set policy-options policy-statement LO from protocol direct set policy-options policy-statement LO from route-filter 192.0.2.22/32 exact set policy-options policy-statement LO then accept set policy-options policy-statement TEST from protocol bgp set policy-options policy-statement TEST set routing-instances EVPN-MPLS-1 instance-type virtual-switch set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-MPLS-1 interface lt-1/0/0.0 set routing-instances EVPN-MPLS-1 route-distinguisher 192.0.2.22:100 set routing-instances EVPN-MPLS-1 vrf-target target:1:2 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.0 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances EVPN-VXLAN-1 interface lt-1/0/0.1 set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.22:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 set routing-instances VRF instance-type vrf set routing-instances VRF interface irb.1 set routing-instances VRF interface irb.2 set routing-instances VRF interface irb.3 set routing-instances VRF interface irb.4 set routing-instances VRF interface irb.5 set routing-instances VRF route-distinguisher 1:1 set routing-instances VRF vrf-target target:10:10 set routing-options router-id 192.0.2.22 set routing-options autonomous-system 65300 set routing-options forwarding-table export evpn-pplb set protocols bgp group INT type internal set protocols bgp group INT family evpn signaling set protocols bgp group INT export TEST set protocols bgp group INT neighbor 203.0.113.1 set protocols bgp group MX11 type external set protocols bgp group MX11 local-address 192.168.7.2 set protocols bgp group MX11 export TEST set protocols bgp group MX11 export LO set protocols bgp group MX11 peer-as 65400 set protocols bgp group MX11 local-as 65500 set protocols bgp group MX11 neighbor 192.168.7.1 family inet unicast set protocols bgp group ToR11 type external set protocols bgp group ToR11 local-address 192.168.4.2 set protocols bgp group ToR11 export TEST set protocols bgp group ToR11 export LO set protocols bgp group ToR11 peer-as 65100 set protocols bgp group ToR11 local-as 65500 set protocols bgp group ToR11 neighbor 192.168.4.1 family inet unicast set protocols bgp group ToR12 type external set protocols bgp group ToR12 local-address 192.168.5.2 set protocols bgp group ToR12 export TEST set protocols bgp group ToR12 export LO set protocols bgp group ToR12 peer-as 65200 set protocols bgp group ToR12 local-as 65500 set protocols bgp group ToR12 neighbor 192.168.5.1 family inet unicast set protocols bgp group MX11-EVPN type external set protocols bgp group MX11-EVPN multihop ttl 2 set protocols bgp group MX11-EVPN multihop no-nexthop-change set protocols bgp group MX11-EVPN local-address 192.0.2.22 set protocols bgp group MX11-EVPN export TEST set protocols bgp group MX11-EVPN peer-as 65400 set protocols bgp group MX11-EVPN local-as 65500 set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling set protocols bgp group ToR11-EVPN type external set protocols bgp group ToR11-EVPN multihop ttl 2 set protocols bgp group ToR11-EVPN multihop no-nexthop-change set protocols bgp group ToR11-EVPN local-address 192.0.2.22 set protocols bgp group ToR11-EVPN export TEST set protocols bgp group ToR11-EVPN peer-as 65100 set protocols bgp group ToR11-EVPN local-as 65500 set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling set protocols bgp group ToR12-EVPN type external set protocols bgp group ToR12-EVPN multihop ttl 2 set protocols bgp group ToR12-EVPN multihop no-nexthop-change set protocols bgp group ToR12-EVPN local-address 192.0.2.22 set protocols bgp group ToR12-EVPN export TEST set protocols bgp group ToR12-EVPN peer-as 65200 set protocols bgp group ToR12-EVPN local-as 65500 set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling set protocols bgp local-address 192.0.2.22 set protocols bgp local-as 65300 set protocols mpls label-switched-path MX12-TO-MX11 to 192.0.2.21 set protocols mpls label-switched-path MX12-TO-P to 203.0.113.1 set protocols mpls label-switched-path MX12-TO-MX21 to 198.51.100.21 set protocols mpls label-switched-path MX12-TO-MX22 to 198.51.100.22 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface ge-0
数据中心网关和 WAN 边缘 3 路由器 (MX21)
set system host-name MX21 set interfaces ge-0/0/0 unit 0 description "CONNECTED TO P" set interfaces ge-0/0/0 unit 0 family inet address 203.0.113.31/24 set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/1 unit 0 description "CONNECTED TO MX22" set interfaces ge-0/0/1 unit 0 family inet address 192.168.13.1/24 set interfaces ge-0/0/2 unit 0 description "CONNECTED TO ToR21" set interfaces ge-0/0/2 unit 0 family inet address 192.168.9.1/24 set interfaces ge-0/0/3 unit 0 description "CONNECTED TO ToR22" set interfaces ge-0/0/3 unit 0 family inet address 192.168.8.1/24 set interfaces lt-5/0/0 esi 00:33:33:33:33:33:33:33:33:33 set interfaces lt-5/0/0 esi all-active set interfaces lt-5/0/0 unit 0 description TO-EVPN-VXLAN set interfaces lt-5/0/0 unit 0 encapsulation ethernet-bridge set interfaces lt-5/0/0 unit 0 peer-unit 1 set interfaces lt-5/0/0 unit 0 family bridge interface-mode trunk set interfaces lt-5/0/0 unit 0 family bridge vlan-id-list 1-5 set interfaces lt-5/0/0 unit 1 description TO-EVPN-MPLS set interfaces lt-5/0/0 unit 1 encapsulation ethernet-bridge set interfaces lt-5/0/0 unit 1 peer-unit 0 set interfaces lt-5/0/0 unit 1 family bridge interface-mode trunk set interfaces lt-5/0/0 unit 1 family bridge vlan-id-list 1-5 set interfaces irb unit 1 proxy-macip-advertisement set interfaces irb unit 1 virtual-gateway-esi 00:22:aa:aa:aa:aa:aa:aa:aa:aa set interfaces irb unit 1 virtual-gateway-esi all-active set interfaces irb unit 1 family inet address 10.11.1.14/24 virtual-gateway-address 10.11.1.11 set interfaces irb unit 2 proxy-macip-advertisement set interfaces irb unit 2 virtual-gateway-esi 00:22:bb:bb:bb:bb:bb:bb:bb:bb set interfaces irb unit 2 virtual-gateway-esi all-active set interfaces irb unit 2 family inet address 10.12.1.14/24 virtual-gateway-address 10.12.1.11 set interfaces irb unit 3 proxy-macip-advertisement set interfaces irb unit 3 virtual-gateway-esi 00:22:cc:cc:cc:cc:cc:cc:cc:cc set interfaces irb unit 3 virtual-gateway-esi all-active set interfaces irb unit 3 family inet address 10.13.1.14/24 virtual-gateway-address 10.13.1.11 set interfaces irb unit 4 proxy-macip-advertisement set interfaces irb unit 4 virtual-gateway-esi 00:22:dd:dd:dd:dd:dd:dd:dd:dd set interfaces irb unit 4 virtual-gateway-esi all-active set interfaces irb unit 4 family inet address 10.14.1.14/24 virtual-gateway-address 10.14.1.11 set interfaces irb unit 5 proxy-macip-advertisement set interfaces irb unit 5 virtual-gateway-esi 00:22:ee:ee:ee:ee:ee:ee:ee:ee set interfaces irb unit 5 virtual-gateway-esi all-active set interfaces irb unit 5 family inet address 10.15.1.14/24 virtual-gateway-address 10.15.1.11 set interfaces lo0 unit 0 family inet address 198.51.100.21/32 set interfaces lo0 unit 0 family mpls set policy-options policy-statement LO from protocol direct set policy-options policy-statement LO from route-filter 198.51.100.21/32 exact set policy-options policy-statement LO then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-MPLS-1 instance-type virtual-switch set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-MPLS-1 interface lt-5/0/0.0 set routing-instances EVPN-MPLS-1 route-distinguisher 198.51.100.21:100 set routing-instances EVPN-MPLS-1 vrf-target target:1:2 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.0 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances EVPN-VXLAN-1 interface lt-5/0/0.1 set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.21:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 set routing-instances VRF instance-type vrf set routing-instances VRF interface irb.1 set routing-instances VRF interface irb.2 set routing-instances VRF interface irb.3 set routing-instances VRF interface irb.4 set routing-instances VRF interface irb.5 set routing-instances VRF route-distinguisher 1:1 set routing-instances VRF vrf-target target:10:10 set routing-options router-id 198.51.100.21 set routing-options autonomous-system 65300 set routing-options forwarding-table export evpn-pplb set protocols bgp group INT type internal set protocols bgp group INT local-address 198.51.100.21 set protocols bgp group INT family evpn signaling set protocols bgp group INT export TEST set protocols bgp group INT neighbor 203.0.113.1 set protocols bgp group MX22 type external set protocols bgp group MX22 local-address 192.168.13.1 set protocols bgp group MX22 export TEST set protocols bgp group MX22 export LO set protocols bgp group MX22 peer-as 64900 set protocols bgp group MX22 local-as 64800 set protocols bgp group MX22 neighbor 192.168.13.2 family inet unicast set protocols bgp group ToR21 type external set protocols bgp group ToR21 local-address 192.168.9.1 set protocols bgp group ToR21 export TEST set protocols bgp group ToR21 export LO set protocols bgp group ToR21 peer-as 64600 set protocols bgp group ToR21 local-as 64800 set protocols bgp group ToR21 neighbor 192.168.9.2 family inet unicast set protocols bgp group ToR22 type external set protocols bgp group ToR22 local-address 192.168.8.1 set protocols bgp group ToR22 export TEST set protocols bgp group ToR22 export LO set protocols bgp group ToR22 peer-as 64700 set protocols bgp group ToR22 local-as 64800 set protocols bgp group ToR22 neighbor 192.168.8.2 family inet unicast set protocols bgp group MX22-EVPN type external set protocols bgp group MX22-EVPN multihop ttl 2 set protocols bgp group MX22-EVPN multihop no-nexthop-change set protocols bgp group MX22-EVPN local-address 198.51.100.21 set protocols bgp group MX22-EVPN peer-as 64900 set protocols bgp group MX22-EVPN local-as 64800 set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling set protocols bgp group ToR21-EVPN type external set protocols bgp group ToR21-EVPN multihop ttl 2 set protocols bgp group ToR21-EVPN multihop no-nexthop-change set protocols bgp group ToR21-EVPN local-address 198.51.100.21 set protocols bgp group ToR21-EVPN peer-as 64600 set protocols bgp group ToR21-EVPN local-as 64800 set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling set protocols bgp group ToR22-EVPN type external set protocols bgp group ToR22-EVPN multihop ttl 2 set protocols bgp group ToR22-EVPN multihop no-nexthop-change set protocols bgp group ToR22-EVPN local-address 198.51.100.21 set protocols bgp group ToR22-EVPN peer-as 64700 set protocols bgp group ToR22-EVPN local-as 64800 set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling set protocols bgp local-address 198.51.100.21 set protocols bgp export TEST set protocols bgp local-as 65300 set protocols mpls label-switched-path MX21-TO-MX11 to 192.0.2.21 set protocols mpls label-switched-path MX21-TO-MX12 to 192.0.2.22 set protocols mpls label-switched-path MX21-TO-P to 203.0.113.1 set protocols mpls label-switched-path MX21-TO-MX22 to 198.51.100.22 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface lo0.0 passive set protocols ospf area 0.0.0
数据中心网关和 WAN 边缘 4 路由器 (MX22)
set system host-name MX22 set interfaces ge-0/0/0 unit 0 description "CONNECTED TO P" set interfaces ge-0/0/0 unit 0 family inet address 203.0.113.51/24 set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-0/0/1 unit 0 description "CONNECTED TO MX21" set interfaces ge-0/0/1 unit 0 family inet address 192.168.13.2/24 set interfaces ge-0/0/2 unit 0 description "CONNECTED TO ToR21" set interfaces ge-0/0/2 unit 0 family inet address 192.168.10.1/24 set interfaces ge-0/0/3 unit 0 description "CONNECTED TO ToR22" set interfaces ge-0/0/3 unit 0 family inet address 192.168.11.1/24 set interfaces lt-1/0/0 esi 00:33:33:33:33:33:33:33:33:33 set interfaces lt-1/0/0 esi all-active set interfaces lt-1/0/0 unit 0 description TO-EVPN-VXLAN set interfaces lt-1/0/0 unit 0 encapsulation ethernet-bridge set interfaces lt-1/0/0 unit 0 peer-unit 1 set interfaces lt-1/0/0 unit 0 family bridge interface-mode trunk set interfaces lt-1/0/0 unit 0 family bridge vlan-id-list 1-5 set interfaces lt-1/0/0 unit 1 description TO-EVPN-MPLS set interfaces lt-1/0/0 unit 1 encapsulation ethernet-bridge set interfaces lt-1/0/0 unit 1 peer-unit 0 set interfaces lt-1/0/0 unit 1 family bridge interface-mode trunk set interfaces lt-1/0/0 unit 1 family bridge vlan-id-list 1-5 set interfaces irb unit 1 proxy-macip-advertisement set interfaces irb unit 1 virtual-gateway-esi 00:22:aa:aa:aa:aa:aa:aa:aa:aa set interfaces irb unit 1 virtual-gateway-esi all-active set interfaces irb unit 1 family inet address 10.11.1.15/24 virtual-gateway-address 10.11.1.11 set interfaces irb unit 2 proxy-macip-advertisement set interfaces irb unit 2 virtual-gateway-esi 00:22:bb:bb:bb:bb:bb:bb:bb:bb set interfaces irb unit 2 virtual-gateway-esi all-active set interfaces irb unit 2 family inet address 10.12.1.15/24 virtual-gateway-address 10.12.1.11 set interfaces irb unit 3 proxy-macip-advertisement set interfaces irb unit 3 virtual-gateway-esi 00:22:cc:cc:cc:cc:cc:cc:cc:cc set interfaces irb unit 3 virtual-gateway-esi all-active set interfaces irb unit 3 family inet address 10.13.1.15/24 virtual-gateway-address 10.13.1.11 set interfaces irb unit 4 proxy-macip-advertisement set interfaces irb unit 4 virtual-gateway-esi 00:22:dd:dd:dd:dd:dd:dd:dd:dd set interfaces irb unit 4 virtual-gateway-esi all-active set interfaces irb unit 4 family inet address 10.14.1.15/24 virtual-gateway-address 10.14.1.11 set interfaces irb unit 5 proxy-macip-advertisement set interfaces irb unit 5 virtual-gateway-esi 00:22:ee:ee:ee:ee:ee:ee:ee:ee set interfaces irb unit 5 virtual-gateway-esi all-active set interfaces irb unit 5 family inet address 10.15.1.15/24 virtual-gateway-address 10.15.1.11 set interfaces lo0 unit 0 family inet address 198.51.100.22/32 set interfaces lo0 unit 0 family mpls set policy-options policy-statement LO from protocol direct set policy-options policy-statement LO from route-filter 198.51.100.22/32 exact set policy-options policy-statement LO then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-MPLS-1 instance-type virtual-switch set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-MPLS-1 interface lt-1/0/0.0 set routing-instances EVPN-MPLS-1 route-distinguisher 198.51.100.22:100 set routing-instances EVPN-MPLS-1 vrf-target target:1:2 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.0 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances EVPN-VXLAN-1 interface lt-1/0/0.1 set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.22:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 set routing-instances VRF instance-type vrf set routing-instances VRF interface irb.1 set routing-instances VRF interface irb.2 set routing-instances VRF interface irb.3 set routing-instances VRF interface irb.4 set routing-instances VRF interface irb.5 set routing-instances VRF route-distinguisher 1:1 set routing-instances VRF vrf-target target:10:10 set routing-options router-id 198.51.100.22 set routing-options autonomous-system 65300 set routing-options forwarding-table export evpn-pplb set protocols bgp group INT type internal set protocols bgp group INT family evpn signaling set protocols bgp group INT export TEST set protocols bgp group INT neighbor 203.0.113.1 set protocols bgp group MX21 type external set protocols bgp group MX21 local-address 192.168.13.2 set protocols bgp group MX21 export TEST set protocols bgp group MX21 export LO set protocols bgp group MX21 peer-as 64800 set protocols bgp group MX21 local-as 64900 set protocols bgp group MX21 neighbor 192.168.13.1 family inet unicast set protocols bgp group ToR21 type external set protocols bgp group ToR21 local-address 192.168.10.1 set protocols bgp group ToR21 export TEST set protocols bgp group ToR21 export LO set protocols bgp group ToR21 peer-as 64600 set protocols bgp group ToR21 local-as 64900 set protocols bgp group ToR21 neighbor 192.168.10.2 family inet unicast set protocols bgp group ToR22 type external set protocols bgp group ToR22 local-address 192.168.11.1 set protocols bgp group ToR22 export TEST set protocols bgp group ToR22 export LO set protocols bgp group ToR22 peer-as 64700 set protocols bgp group ToR22 local-as 64900 set protocols bgp group ToR22 neighbor 192.168.11.2 family inet unicast set protocols bgp group MX21-EVPN type external set protocols bgp group MX21-EVPN multihop ttl 2 set protocols bgp group MX21-EVPN multihop no-nexthop-change set protocols bgp group MX21-EVPN local-address 198.51.100.22 set protocols bgp group MX21-EVPN peer-as 64800 set protocols bgp group MX21-EVPN local-as 64900 set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling set protocols bgp group ToR21-EVPN type external set protocols bgp group ToR21-EVPN multihop ttl 2 set protocols bgp group ToR21-EVPN multihop no-nexthop-change set protocols bgp group ToR21-EVPN local-address 198.51.100.22 set protocols bgp group ToR21-EVPN peer-as 64600 set protocols bgp group ToR21-EVPN local-as 64900 set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling set protocols bgp group ToR22-EVPN type external set protocols bgp group ToR22-EVPN multihop ttl 2 set protocols bgp group ToR22-EVPN multihop no-nexthop-change set protocols bgp group ToR22-EVPN local-address 198.51.100.22 set protocols bgp group ToR22-EVPN peer-as 64700 set protocols bgp group ToR22-EVPN local-as 64900 set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling set protocols bgp local-address 198.51.100.22 set protocols bgp export TEST set protocols bgp local-as 65300 set protocols mpls label-switched-path MX22-TO-MX11 to 192.0.2.21 set protocols mpls label-switched-path MX22-TO-MX12 to 192.0.2.22 set protocols mpls label-switched-path MX22-TO-P to 203.0.113.1 set protocols mpls label-switched-path MX22-TO-MX21 to 198.51.100.21 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface lo0.0 passive set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable
ToR21
set system host-name ToR21 set chassis aggregated-devices ethernet device-count 1 set interfaces ge-0/0/0 unit 0 description "CONNECTED TO MX21" set interfaces ge-0/0/0 unit 0 family inet address 192.168.9.2/24 set interfaces ge-0/0/1 unit 0 description "CONNECTED TO MX22" set interfaces ge-0/0/1 unit 0 family inet address 192.168.10.2/24 set interfaces ge-0/0/2 unit 0 description "CONNECTED TO ToR22" set interfaces ge-0/0/2 unit 0 family inet address 192.168.12.1/24 set interfaces ge-0/0/3 description "CONNECTED TO CE-5" set interfaces ge-0/0/3 gigether-options 802.3ad ae0 set interfaces ge-0/0/4 unit 0 description "CONNECTED TO CE-4" set interfaces ge-0/0/4 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/4 unit 0 family bridge vlan-id-list 1-5 set interfaces ae0 esi 00:44:44:44:44:44:44:44:44:44 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 aggregated-ether-options lacp periodic fast set interfaces ae0 aggregated-ether-options lacp system-id 22:22:22:22:22:22 set interfaces ae0 unit 0 family bridge interface-mode trunk set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 set interfaces lo0 unit 0 family inet address 198.51.100.11/32 set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 198.51.100.11/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.0 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances EVPN-VXLAN-1 interface ge-0/0/4.0 set routing-instances EVPN-VXLAN-1 interface ae0.0 set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.11:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 set routing-options router-id 198.51.100.11 set routing-options autonomous-system 64600 set routing-options forwarding-table export evpn-pplb set protocols bgp group MX21 type external set protocols bgp group MX21 local-address 192.168.9.2 set protocols bgp group MX21 export LO set protocols bgp group MX21 export TEST set protocols bgp group MX21 peer-as 64800 set protocols bgp group MX21 local-as 64600 set protocols bgp group MX21 neighbor 192.168.9.1 family inet unicast set protocols bgp group MX22 type external set protocols bgp group MX22 local-address 192.168.10.2 set protocols bgp group MX22 export LO set protocols bgp group MX22 export TEST set protocols bgp group MX22 peer-as 64900 set protocols bgp group MX22 local-as 64600 set protocols bgp group MX22 neighbor 192.168.10.1 family inet unicast set protocols bgp group ToR22 type external set protocols bgp group ToR22 local-address 192.168.12.1 set protocols bgp group ToR22 export LO set protocols bgp group ToR22 export TEST set protocols bgp group ToR22 peer-as 64700 set protocols bgp group ToR22 local-as 64600 set protocols bgp group ToR22 neighbor 192.168.12.2 family inet unicast set protocols bgp group MX21-EVPN type external set protocols bgp group MX21-EVPN multihop ttl 2 set protocols bgp group MX21-EVPN multihop no-nexthop-change set protocols bgp group MX21-EVPN local-address 198.51.100.11 set protocols bgp group MX21-EVPN peer-as 64800 set protocols bgp group MX21-EVPN local-as 64600 set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling set protocols bgp group MX22-EVPN type external set protocols bgp group MX22-EVPN multihop ttl 2 set protocols bgp group MX22-EVPN multihop no-nexthop-change set protocols bgp group MX22-EVPN local-address 198.51.100.11 set protocols bgp group MX22-EVPN peer-as 64900 set protocols bgp group MX22-EVPN local-as 64600 set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling set protocols bgp group ToR22-EVPN type external set protocols bgp group ToR22-EVPN multihop ttl 2 set protocols bgp group ToR22-EVPN multihop no-nexthop-change set protocols bgp group ToR22-EVPN local-address 198.51.100.11 set protocols bgp group ToR22-EVPN peer-as 64700 set protocols bgp group ToR22-EVPN local-as 64600 set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling set protocols bgp export TEST set protocols bgp local-as 64600
ToR22
set system host-name ToR22 set chassis aggregated-devices ethernet device-count 2 set interfaces ge-0/0/0 unit 0 description "CONNECTED TO MX21" set interfaces ge-0/0/0 unit 0 family inet address 192.168.8.2/24 set interfaces ge-0/0/1 unit 0 description "CONNECTED TO MX22" set interfaces ge-0/0/1 unit 0 family inet address 192.168.11.2/24 set interfaces ge-0/0/2 unit 0 description "CONNECTED TO ToR21" set interfaces ge-0/0/2 unit 0 family inet address 192.168.12.2/24 set interfaces ge-0/0/3 description "CONNECTED TO ToR21" set interfaces ge-0/0/3 gigether-options 802.3ad ae1 set interfaces ge-0/0/4 description "CONNECTED TO CE-5" set interfaces ge-0/0/4 gigether-options 802.3ad ae0 set interfaces ge-0/0/5 description "CONNECTED TO ToR22" set interfaces ge-0/0/5 gigether-options 802.3ad ae1 set interfaces ge-0/0/6 unit 0 description "CONNECTED TO CE-6" set interfaces ge-0/0/6 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/6 unit 0 family bridge vlan-id-list 1-5 set interfaces ae0 esi 00:44:44:44:44:44:44:44:44:44 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 aggregated-ether-options lacp periodic fast set interfaces ae0 aggregated-ether-options lacp system-id 22:22:22:22:22:22 set interfaces ae0 unit 0 family bridge interface-mode trunk set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces ae1 aggregated-ether-options lacp system-id 22:22:22:22:22:22 set interfaces lo0 unit 0 family inet address 198.51.100.12/32 set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 198.51.100.12/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.0 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances EVPN-VXLAN-1 interface ge-0/0/6.0 set routing-instances EVPN-VXLAN-1 interface ae0.0 set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.12:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 set routing-options router-id 198.51.100.12 set routing-options autonomous-system 64700 set routing-options forwarding-table export evpn-pplb set protocols bgp group MX21 type external set protocols bgp group MX21 local-address 192.168.8.2 set protocols bgp group MX21 export LO set protocols bgp group MX21 export TEST set protocols bgp group MX21 peer-as 64800 set protocols bgp group MX21 local-as 64700 set protocols bgp group MX21 neighbor 192.168.8.1 family inet unicast set protocols bgp group MX22 type external set protocols bgp group MX22 local-address 192.168.11.2 set protocols bgp group MX22 export LO set protocols bgp group MX22 export TEST set protocols bgp group MX22 peer-as 64900 set protocols bgp group MX22 local-as 64700 set protocols bgp group MX22 neighbor 192.168.11.1 family inet unicast set protocols bgp group ToR21 type external set protocols bgp group ToR21 local-address 192.168.12.2 set protocols bgp group ToR21 export LO set protocols bgp group ToR21 export TEST set protocols bgp group ToR21 peer-as 64600 set protocols bgp group ToR21 local-as 64700 set protocols bgp group ToR21 neighbor 192.168.12.1 family inet unicast set protocols bgp group MX21-EVPN type external set protocols bgp group MX21-EVPN multihop ttl 2 set protocols bgp group MX21-EVPN multihop no-nexthop-change set protocols bgp group MX21-EVPN local-address 198.51.100.12 set protocols bgp group MX21-EVPN peer-as 64800 set protocols bgp group MX21-EVPN local-as 64700 set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling set protocols bgp group MX22-EVPN type external set protocols bgp group MX22-EVPN multihop ttl 2 set protocols bgp group MX22-EVPN multihop no-nexthop-change set protocols bgp group MX22-EVPN local-address 198.51.100.12 set protocols bgp group MX22-EVPN peer-as 64900 set protocols bgp group MX22-EVPN local-as 64700 set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling set protocols bgp group ToR21-EVPN type external set protocols bgp group ToR21-EVPN multihop ttl 2 set protocols bgp group ToR21-EVPN multihop no-nexthop-change set protocols bgp group ToR21-EVPN local-address 198.51.100.12 set protocols bgp group ToR21-EVPN peer-as 64600 set protocols bgp group ToR21-EVPN local-as 64700 set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling set protocols bgp export TEST set protocols bgp local-as 64700
P
set interfaces ge-0/0/3 unit 0 description "CONNECTED TO MX11" set interfaces ge-0/0/3 unit 0 family inet address 203.0.113.42/24 set interfaces ge-0/0/3 unit 0 family mpls set interfaces ge-0/0/5 unit 0 description "CONNECTED TO MX12" set interfaces ge-0/0/5 unit 0 family inet address 203.0.113.12/24 set interfaces ge-0/0/5 unit 0 family mpls set interfaces ge-0/0/6 unit 0 description "CONNECTED TO MX21" set interfaces ge-0/0/6 unit 0 family inet address 203.0.113.32/24 set interfaces ge-0/0/6 unit 0 family mpls set interfaces ge-0/0/7 unit 0 description "CONNECTED TO MX22" set interfaces ge-0/0/7 unit 0 family inet address 203.0.113.52/24 set interfaces ge-0/0/7 unit 0 family mpls set interfaces lo0 unit 86 family inet address 203.0.113.1/32 set interfaces lo0 unit 86 family mpls set protocols bgp group INT type internal set protocols bgp group INT import BLOCK-VXLAN-ROUTES-FROM-CORE set protocols bgp group INT family evpn signaling set protocols bgp group INT cluster 203.0.113.1 set protocols bgp group INT neighbor 192.0.2.21 set protocols bgp group INT neighbor 192.0.2.22 set protocols bgp group INT neighbor 198.51.100.21 set protocols bgp group INT neighbor 198.51.100.22 set protocols bgp local-address 203.0.113.1 set protocols bgp local-as 65300 set protocols mpls label-switched-path P-TO-MX11 from 203.0.113.1 set protocols mpls label-switched-path P-TO-MX11 to 192.0.2.21 set protocols mpls label-switched-path P-TO-MX12 to 192.0.2.22 set protocols mpls label-switched-path P-TO-MX21 to 198.51.100.21 set protocols mpls label-switched-path P-TO-MX22 to 198.51.100.22 set protocols mpls interface all set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface all set protocols ospf area 0.0.0.0 interface lo0.86 set protocols rsvp interface all set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 from protocol bgp set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 from community RT-CORE set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 then accept set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 from protocol bgp set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 from community RT-DC1 set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 then reject set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 from protocol bgp set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 from community RT-DC2 set policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 then reject set policy-options community RT-CORE members target:1:2 set policy-options community RT-DC1 members target:1:1 set policy-options community RT-DC2 members target:1:3 set routing-options router-id 203.0.113.1 set routing-options autonomous-system 65300
CE1
set system host-name CE1 set interfaces ge-0/0/8 unit 0 description "CONNECTED TO Host 1" set interfaces ge-0/0/8 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/8 unit 0 family bridge vlan-id-list 1-5 set interfaces ae1 unit 0 description "CONNECTED TO ToR12" set interfaces ae1 unit 0 family bridge interface-mode trunk set interfaces ae1 unit 0 family bridge vlan-id-list 1-5 set bridge-domains BD-1 domain-type bridge set bridge-domains BD-1 vlan-id 1 set bridge-domains BD-2 domain-type bridge set bridge-domains BD-2 vlan-id 2 set bridge-domains BD-3 domain-type bridge set bridge-domains BD-3 vlan-id 3 set bridge-domains BD-4 domain-type bridge set bridge-domains BD-4 vlan-id 4 set bridge-domains BD-5 domain-type bridge set bridge-domains BD-5 vlan-id 5
CE2 认证
set system host-name CE2 set interfaces ge-0/0/1 unit 0 description "CONNECTED TO ToR11" set interfaces ge-0/0/1 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/1 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-0/0/6 unit 0 description "CONNECTED TO Host-2" set interfaces ge-0/0/6 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/6 unit 0 family bridge vlan-id-list 1-5 set bridge-domains BD-1 domain-type bridge set bridge-domains BD-1 vlan-id 1 set bridge-domains BD-2 domain-type bridge set bridge-domains BD-2 vlan-id 2 set bridge-domains BD-3 domain-type bridge set bridge-domains BD-3 vlan-id 3 set bridge-domains BD-4 domain-type bridge set bridge-domains BD-4 vlan-id 4 set bridge-domains BD-5 domain-type bridge set bridge-domains BD-5 vlan-id 5
CE3 认证
set system host-name CE3 set interfaces ge-0/0/5 unit 0 description "CONNECTED TO ToR12" set interfaces ge-0/0/5 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/5 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-0/0/9 unit 0 description "CONNECTED TO Host 3" set interfaces ge-0/0/9 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/9 unit 0 family bridge vlan-id-list 1-5 set bridge-domains BD-1 domain-type bridge set bridge-domains BD-1 vlan-id 1 set bridge-domains BD-2 domain-type bridge set bridge-domains BD-2 vlan-id 2 set bridge-domains BD-3 domain-type bridge set bridge-domains BD-3 vlan-id 3 set bridge-domains BD-4 domain-type bridge set bridge-domains BD-4 vlan-id 4 set bridge-domains BD-5 domain-type bridge set bridge-domains BD-5 vlan-id 5
CE4
set system host-name CE4 set interfaces ge-0/0/5 unit 0 description "CONNECTED TO ToR21" set interfaces ge-0/0/5 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/5 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-0/0/6 unit 0 description "CONNECTED TO Host 4" set interfaces ge-0/0/6 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/6 unit 0 family bridge vlan-id-list 1-5 set bridge-domains BD-1 domain-type bridge set bridge-domains BD-1 vlan-id 1 set bridge-domains BD-2 domain-type bridge set bridge-domains BD-2 vlan-id 2 set bridge-domains BD-3 domain-type bridge set bridge-domains BD-3 vlan-id 3 set bridge-domains BD-4 domain-type bridge set bridge-domains BD-4 vlan-id 4 set bridge-domains BD-5 domain-type bridge set bridge-domains BD-5 vlan-id 5
CE5 认证
set system host-name CE5 set interfaces ge-0/0/8 unit 0 description "CONNECTED TO Host 5" set interfaces ge-0/0/8 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/8 unit 0 family bridge vlan-id-list 1-5 set interfaces ae1 unit 0 description "CONNECTED TO ToR21" set interfaces ae1 unit 0 family bridge interface-mode trunk set interfaces ae1 unit 0 family bridge vlan-id-list 1-5 set bridge-domains BD-1 domain-type bridge set bridge-domains BD-1 vlan-id 1 set bridge-domains BD-2 domain-type bridge set bridge-domains BD-2 vlan-id 2 set bridge-domains BD-3 domain-type bridge set bridge-domains BD-3 vlan-id 3 set bridge-domains BD-4 domain-type bridge set bridge-domains BD-4 vlan-id 4 set bridge-domains BD-5 domain-type bridge set bridge-domains BD-5 vlan-id 5
CE6
set system host-name CE6 set interfaces ge-0/0/7 unit 0 description "CONNECTED TO ToR22" set interfaces ge-0/0/7 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/7 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-0/0/9 unit 0 description "CONNECTED TO Host 6" set interfaces ge-0/0/9 unit 0 family bridge interface-mode trunk set interfaces ge-0/0/9 unit 0 family bridge vlan-id-list 1-5 set bridge-domains BD-1 domain-type bridge set bridge-domains BD-1 vlan-id 1 set bridge-domains BD-2 domain-type bridge set bridge-domains BD-2 vlan-id 2 set bridge-domains BD-3 domain-type bridge set bridge-domains BD-3 vlan-id 3 set bridge-domains BD-4 domain-type bridge set bridge-domains BD-4 vlan-id 4 set bridge-domains BD-5 domain-type bridge set bridge-domains BD-5 vlan-id 5
附录 2:显示 DUT 上的配置输出
在 DUT 上显示命令输出(MX11 和 ToR11)
在配置模式下,输入 show configuration 命令以确认您的配置。如果输出未显示预期的配置,请重复此示例中的说明以更正配置。
MX11
user@MX11#show configurationinterfaces {
ge-0/0/0 {
unit 0 {
description "CONNECTED TO ToR11";
family inet {
address 192.168.3.2/24;
}
}
}
ge-0/0/1 {
unit 0 {
description "CONNECTED TO ToR12";
family inet {
address 192.168.6.2/24;
}
}
}
ge-0/0/2 {
unit 0 {
description "CONNECTED TO MX12";
family inet {
address 192.168.7.1/24;
}
}
}
ge-0/0/3 {
unit 0 {
description "CONNECTED TO P";
family inet {
address 203.0.113.41/24;
}
family mpls;
}
}
lt-5/1/0 {
esi {
00:22:22:22:22:22:22:22:22:22;
all-active;
}
unit 0 {
description TO-EVPN-VXLAN;
encapsulation ethernet-bridge;
peer-unit 1;
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
unit 1 {
description TO-EVPN-MPLS;
encapsulation ethernet-bridge;
peer-unit 0;
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
irb {
unit 1 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:aa:aa:aa:aa:aa:aa:aa:aa;
all-active;
}
family inet {
address 10.11.1.12/24 {
virtual-gateway-address 10.11.1.10;
}
}
}
unit 2 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:bb:bb:bb:bb:bb:bb:bb:bb;
all-active;
}
family inet {
address 10.12.1.12/24 {
virtual-gateway-address 10.12.1.10;
}
}
}
unit 3 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:cc:cc:cc:cc:cc:cc:cc:cc;
all-active;
}
family inet {
address 10.13.1.12/24 {
virtual-gateway-address 10.13.1.10;
}
}
}
unit 4 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:dd:dd:dd:dd:dd:dd:dd:dd;
all-active;
}
family inet {
address 10.14.1.12/24 {
virtual-gateway-address 10.14.1.10;
}
}
}
unit 5 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:ee:ee:ee:ee:ee:ee:ee:ee;
all-active;
}
family inet {
address 10.15.1.12/24 {
virtual-gateway-address 10.15.1.10;
}
}
}
}
lo0 {
unit 0 {
family inet {
address 192.0.2.21/32;
}
family mpls;
}
}
}
policy-options {
policy-statement LO {
from {
protocol direct;
route-filter 192.0.2.21/32 exact;
}
then accept;
}
policy-statement TEST {
then {
community add NO-EXPORT;
}
}
policy-statement evpn-pplb {
from protocol evpn;
then {
load-balance per-packet;
}
}
community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
}
routing-instances {
EVPN-MPLS-1 {
instance-type virtual-switch;
protocols {
evpn {
default-gateway no-gateway-community;
extended-vlan-list 1-5;
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
}
BD-2 {
domain-type bridge;
vlan-id 2;
}
BD-3 {
domain-type bridge;
vlan-id 3;
}
BD-4 {
domain-type bridge;
vlan-id 4;
}
BD-5 {
domain-type bridge;
vlan-id 5;
}
}
interface lt-5/1/0.0;
route-distinguisher 192.0.2.21:100;
vrf-target target:1:2;
}
EVPN-VXLAN-1 {
instance-type virtual-switch;
protocols {
evpn {
encapsulation vxlan;
default-gateway no-gateway-community;
extended-vni-list 1-5;
}
}
vtep-source-interface lo0.0;
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
routing-interface irb.1;
vxlan {
vni 1;
}
}
BD-2 {
domain-type bridge;
vlan-id 2;
routing-interface irb.2;
vxlan {
vni 2;
}
}
BD-3 {
domain-type bridge;
vlan-id 3;
routing-interface irb.3;
vxlan {
vni 3;
}
}
BD-4 {
domain-type bridge;
vlan-id 4;
routing-interface irb.4;
vxlan {
vni 4;
}
}
BD-5 {
domain-type bridge;
vlan-id 5;
routing-interface irb.5;
vxlan {
vni 5;
}
}
}
interface lt-5/1/0.1;
route-distinguisher 192.0.2.21:1;
vrf-target target:1:1;
}
VRF {
instance-type vrf;
interface irb.1;
interface irb.2;
interface irb.3;
interface irb.4;
interface irb.5;
route-distinguisher 1:1;
vrf-target target:10:10;
}
}
routing-options {
router-id 192.0.2.21;
autonomous-system 65300;
forwarding-table {
export evpn-pplb;
}
}
protocols {
bgp {
group INT {
type internal;
local-address 192.0.2.21;
family evpn {
signaling;
}
export TEST;
neighbor 203.0.113.1;
}
group MX12 {
type external;
local-address 192.168.7.1;
export [ TEST LO ];
peer-as 65500;
local-as 65400;
neighbor 192.168.7.2 {
family inet {
unicast;
}
}
}
group ToR11 {
type external;
local-address 192.168.3.2;
import TEST;
export [ TEST LO ];
peer-as 65100;
local-as 65400;
neighbor 192.168.3.1 {
family inet {
unicast;
}
}
}
group ToR12 {
type external;
local-address 192.168.6.2;
export [ TEST LO ];
peer-as 65200;
local-as 65400;
neighbor 192.168.6.1 {
family inet {
unicast;
}
}
}
group MX12-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.21;
export TEST;
peer-as 65500;
local-as 65400;
neighbor 192.0.2.22 {
family evpn {
signaling;
}
}
}
group ToR11-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.21;
export TEST;
peer-as 65100;
local-as 65400;
neighbor 192.0.2.11 {
family evpn {
signaling;
}
}
}
group ToR12-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.21;
export TEST;
peer-as 65200;
local-as 65400;
neighbor 192.0.2.12 {
family evpn {
signaling;
}
}
}
local-address 192.0.2.21;
local-as 65300;
}
mpls {
label-switched-path MX11-TO-MX12 {
to 192.0.2.22;
}
label-switched-path MX11-TO-P {
to 203.0.113.1;
}
label-switched-path MX11-TO-MX21 {
to 198.51.100.21;
no-cspf;
}
label-switched-path MX11-TO-MX22 {
to 198.51.100.22;
no-cspf;
}
interface all;
interface fxp0.0 {
disable;
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface ge-0/0/3.0;
interface lo0.0 {
passive;
}
}
}
rsvp {
interface all;
interface fxp0.0 {
disable;
}
}
}
ToR11
user@ToR11#show configuration
interfaces {
ge-0/0/0 {
unit 0 {
description "CONNECTED TO CE-2";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
ge-0/0/2 {
description "CONNECTED TO CE-1";
gigether-options {
802.3ad ae0;
}
}
ge-0/0/3 {
unit 0 {
description "CONNECTED TO ToR12";
family inet {
address 192.168.2.1/24;
}
}
}
ge-0/0/4 {
unit 0 {
description "CONNECTED TO MX–11";
family inet {
address 192.168.3.1/24;
}
}
}
ge-0/0/5 {
unit 0 {
description "CONNECTED TO MX–12";
family inet {
address 192.168.4.1/24;
}
}
}
ae0 {
esi {
00:11:11:11:11:11:11:11:11:11;
all-active;
}
aggregated-ether-options {
lacp {
active;
periodic fast;
system-id 11:11:11:11:11:11;
}
}
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
lo0 {
unit 0 {
family inet {
address 192.0.2.11/32;
}
}
}
}
policy-options {
policy-statement LO {
term 1 {
from {
protocol direct;
route-filter 192.0.2.11/32 exact;
}
then accept;
}
}
policy-statement TEST {
then {
community add NO-EXPORT;
}
}
policy-statement evpn-pplb {
from protocol evpn;
then {
load-balance per-packet;
}
}
community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
}
routing-instances {
EVPN-VXLAN-1 {
instance-type virtual-switch;
protocols {
evpn {
encapsulation vxlan;
default-gateway no-gateway-community;
extended-vni-list 1-5;
}
}
vtep-source-interface lo0.0;
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
routing-interface irb.1;
vxlan {
vni 1;
}
}
BD-2 {
domain-type bridge;
vlan-id 2;
routing-interface irb.2;
vxlan {
vni 2;
}
}
BD-3 {
domain-type bridge;
vlan-id 3;
routing-interface irb.3;
vxlan {
vni 3;
}
}
BD-4 {
domain-type bridge;
vlan-id 4;
routing-interface irb.4;
vxlan {
vni 4;
}
}
BD-5 {
domain-type bridge;
vlan-id 5;
routing-interface irb.5;
vxlan {
vni 5;
}
}
}
interface ge-0/0/0.0;
interface ae0.0;
route-distinguisher 192.0.2.21:1;
vrf-target target:1:1;
}
VRF {
instance-type vrf;
interface irb.1; ## 'irb.1' is not defined
interface irb.2; ## 'irb.2' is not defined
interface irb.3; ## 'irb.3' is not defined
interface irb.4; ## 'irb.4' is not defined
interface irb.5; ## 'irb.5' is not defined
route-distinguisher 1:1;
vrf-target target:10:10;
}
}
routing-options {
router-id 192.0.2.11;
autonomous-system 65100;
forwarding-table {
export evpn-pplb;
}
}
protocols {
bgp {
group MX11 {
type external;
local-address 192.168.3.1;
export [ LO TEST ];
peer-as 65400;
neighbor 192.168.3.2 {
family inet {
unicast;
}
}
}
group MX12 {
type external;
local-address 192.168.4.1;
export [ LO TEST ];
peer-as 65500;
neighbor 192.168.4.2 {
family inet {
unicast;
}
}
}
group ToR12 {
type external;
local-address 192.168.2.1;
export [ LO TEST ];
peer-as 65200;
local-as 65100;
neighbor 192.168.2.2 {
family inet {
unicast;
}
}
}
group MX11-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.11;
export TEST;
peer-as 65400;
local-as 65100;
neighbor 192.0.2.21 {
family evpn {
signaling;
}
}
}
group MX12-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.11;
export TEST;
peer-as 65500;
local-as 65100;
neighbor 192.0.2.22 {
family evpn {
signaling;
}
}
}
group ToR12-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.11;
export TEST;
peer-as 65200;
local-as 65100;
neighbor 192.0.2.12 {
family evpn {
signaling;
}
}
}
local-as 65100;
}
}