close
keyboard_arrow_left
数据中心 EVPN-VXLAN 交换矩阵架构指南
Table of Contents Expand all
- play_arrow 数据中心交换矩阵蓝图架构 - 概述
- play_arrow 数据中心交换矩阵参考设计 - 经过测试的实施
- 数据中心交换矩阵参考设计概述和经过验证的拓扑
- IP 交换矩阵底层网络设计和实施
- 为叠加层配置 IBGP
- IPv6 交换矩阵底层和叠加网络 使用 EBGP 进行设计和实施
- EVPN-VXLAN 数据中心中的 BGP 未编号 IPv6 底层网络
- 桥接叠加层设计和实施
- 集中路由的桥接叠加层设计和实施
- 以太网连接的终端系统多宿主设计和实施
- 边缘路由桥接叠加设计和实施
- 路由叠加设计和实施
- IP 连接终端系统的多宿主设计和实施
- 五阶段 IP 交换矩阵设计和实现
- 折叠主干交换矩阵设计和实施
- EVPN 2 类和 5 类路由共存实施
- 使用 Type 5 路由的数据中心互连设计和实施
- 使用 IPVPN 设计和实施数据中心互连
- 为第 2 层数据中心互连配置 VXLAN 拼接
- 采用 DCI 拼接的 EVPN 2 类对称路由
- 通过互连的 EVPN-MPLS WAN 网关配置 EVPN-VXLAN 数据中心拼接
- 使用 Q-in-Q 的静态 VXLAN 隧道
- 通过 VXLAN 隧道配置 L2PT
- 服务链设计和实施
- 组播 IGMP 侦听和 PIM 设计与实施
- 组播优化设计和实施
- 优化的子网间组播 (OISM) 和辅助复制 (AR),适用于边缘路由桥接叠加
- 增强的优化子网间组播 (OISM) 实施
- 配置 VMTO
- DHCP 中继设计和实现
- 验证边缘路由桥接叠加的代理 ARP 和 ARP 抑制
- 在以太网连接的终端系统上配置第 2 层端口安全功能
Loading...
list Table of Contents
机器翻译对您有帮助吗?
starstarstarstarstar
Go to English page
免责声明:
我们将使用第三方机器翻译软件翻译本页面。瞻博网络虽已做出相当大的努力提供高质量译文,但无法保证其准确性。如果对译文信息的准确性有任何疑问,请参阅英文版本. 可下载的 PDF 仅提供英文版.
折叠式主干交换矩阵设计和实施
在折叠式主干交换矩阵中,核心 EVPN-VXLAN 叠加功能仅折叠到主干层上。没有叶层;主干设备可以直接连接到接入层中可能不支持 EVPN-VXLAN 的现有架顶式 (ToR) 交换机。
TOR 交换机可以多宿主到多个主干设备,以实现接入层弹性,主干设备使用 EVPN 多宿主(也称为 ESI-LAG)管理接入层,管理方式与其他 EVPN-VXLAN 参考架构中的叶设备相同。(有关详细信息,请参阅以太网 连接的终端系统设计和实现的多宿主 。)
主干设备还会承担数据中心外部连接的任何边界设备角色。
折叠式主干架构用例中的一些常见元素包括:
主干设备背对 背连接的折叠式主干交换矩阵:
在此模型中,主干设备通过点对点链路连接。主干设备在底层建立 BGP 对等互连,并使用其环路地址覆盖这些链路。参见 图 1。
或者,折叠的主干核心设备可以与超级主干层中的路由反射器集群集成,稍后将对此进行解释(我们的参考架构)。
与数据中心互连 (DCI) 连接的数据中心位置:
主干设备可以执行边界网关功能,在数据中心之间建立 EVPN 对等互连,包括第 2 层延伸和第 3 层连接,如图 1 所示。
接入层中的独立交换机或虚拟机箱:
ToR 层可以包含独立交换机或与折叠主干设备多宿主的虚拟机箱。借助虚拟机箱,您可以在 ESI-LAG 中的主干设备和不同虚拟机箱成员交换机之间建立冗余链路,以提高弹性。参见 图 2。
图 1 显示了折叠式主干数据中心的逻辑视图,该数据中心具有边界连接、数据中心之间的 DCI 以及 ToR 层中的虚拟机箱与主干设备多宿主。
图 1:具有多宿主虚拟机箱 TOR 设备和数据中心互连 
的折叠式主干数据中心
的折叠式主干数据中心
图 2 显示了 ToR 层中的虚拟机箱多宿主到背靠背折叠主干层,其中主干设备链接到不同的虚拟机箱成员交换机以提高 ESI-LAG 弹性。
图 2:折叠式主干设计,ToR 层 
中具有背靠背主干设备和多宿主虚拟机箱
中具有背靠背主干设备和多宿主虚拟机箱
请参阅 使用 EVPN 多宿主的折叠式主干,这是一个网络配置示例,描述了背靠背主干设备的常见折叠主干用例。在该示例中,ToR 设备是与折叠的主干设备多宿主的虚拟机箱。该示例包括如何使用 SRX 机箱群集配置其他安全服务以保护租户间流量,同时数据中心间流量也作为 DCI 解决方案通过 SRX 群集进行路由。
另一个折叠式主干交换矩阵模型通过 IP 传输层路由反射器集群将主干设备互连,该集群与折叠的主干核心底层和叠加网络集成在一起。我们的参考体系结构使用此模型,将在以下各节中介绍。
折叠式主干参考架构概述
我们的参考架构展示了一个包含两个交付点间 (POD) 模块的折叠式主干数据中心交换矩阵的用例。POD 中的 POD 和折叠的主干设备通过配置为路由反射器集群的超级主干 IP 传输层互连。参见 图 3。此架构类似于五阶段 IP 交换矩阵设计(请参见 五阶段 IP 交换矩阵设计和实施),但只有超级主干、主干和接入层。您可以配置折叠的主干交换矩阵,以类似的方式将路由反射器群集设备集成到 IP 交换矩阵底层和 EVPN 叠加网络中。
图 3:与路由反射器群集 
集成的折叠主干交换矩阵
集成的折叠主干交换矩阵
图 3 显示了折叠式主干参考设计的示例,其中包括以下元素:
POD 1:ToR 3 多宿主到主干 1 和主干 2
POD 2:ToR 1 和 ToR 2 多宿主到主干 3 和主干 4
路由反射器集群:RR 1 和 RR 2 互连主干设备 1 到 4
这四个主干设备构成了折叠的主干 EVPN 交换矩阵核心,在两个 POD 中的主干设备之间具有第 2 层 拉伸和第 3 层 路由。每个 Pod 中的主干设备都对同一 Pod 中的多宿主 ToR 交换机使用 ESI-LAGs。
配置与路由反射器层集成的折叠式主干 IP 交换矩阵底层
本节介绍如何在主干和路由反射器设备上配置互连链路和 IP 交换矩阵底层。
图 4 显示了通过聚合以太网接口链路连接的折叠主干和路由反射器设备。
图 4:与路由反射器集群集成的折叠式主干参考架构底层 
要配置底层:
- 在结构中配置连接路由反射器和主干设备的接口之前,必须在每台设备上设置设备上可能需要的聚合以太网接口数量。设备会为您配置的每个聚合以太网接口分配唯一的 MAC 地址。
配置 RR 1、RR 2、主干 1、主干 2、主 干 3 和主干 4 上的聚合以太网接口数量:
content_copy zoom_out_mapset chassis aggregated-devices ethernet device-count 20
- 在形成折叠主干交换矩阵的路由反射器和主干设备上配置聚合以太网接口,如图 4 所示。
为实现冗余,此参考设计在路由反射器和主干设备之间的每个聚合以太网链路中使用两个物理接口。路由反射器设备通过 使用
ae4聚合以太网接口ae1链接到四个主干设备。每个主干设备使用聚合以太网接口ae1(到 RR 1)和ae2(到 RR 2)。此外,我们还在物理接口上配置更高的 MTU (9192) 以考虑 VXLAN 封装。
RR 1:
content_copy zoom_out_mapset interfaces et-0/0/46 ether-options 802.3ad ae1 set interfaces et-0/0/62 ether-options 802.3ad ae1 set interfaces et-0/0/9 ether-options 802.3ad ae2 set interfaces et-0/0/10 ether-options 802.3ad ae2 set interfaces et-0/0/49 ether-options 802.3ad ae3 set interfaces et-0/0/58 ether-options 802.3ad ae3 set interfaces xe-0/0/34:2 ether-options 802.3ad ae4 set interfaces xe-0/0/34:3 ether-options 802.3ad ae4 set interfaces ae1 mtu 9192 set interfaces ae1 aggregated-ether-options minimum-links 1 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces ae1 unit 0 family inet address 172.16.1.0/31 set interfaces ae2 mtu 9192 set interfaces ae2 aggregated-ether-options minimum-links 1 set interfaces ae2 aggregated-ether-options lacp active set interfaces ae2 aggregated-ether-options lacp periodic fast set interfaces ae2 unit 0 family inet address 172.16.2.0/31 set interfaces ae3 mtu 9192 set interfaces ae3 aggregated-ether-options minimum-links 1 set interfaces ae3 aggregated-ether-options lacp active set interfaces ae3 aggregated-ether-options lacp periodic fast set interfaces ae3 unit 0 family inet address 172.16.3.0/31 set interfaces ae4 mtu 9192 set interfaces ae4 aggregated-ether-options minimum-links 1 set interfaces ae4 aggregated-ether-options lacp active set interfaces ae4 aggregated-ether-options lacp periodic fast set interfaces ae4 unit 0 family inet address 172.16.4.0/31
RR 2:
content_copy zoom_out_mapset interfaces et-0/0/18 ether-options 802.3ad ae1 set interfaces et-0/0/35 ether-options 802.3ad ae1 set interfaces et-0/0/13 ether-options 802.3ad ae2 set interfaces et-0/0/14 ether-options 802.3ad ae2 set interfaces et-0/0/22 ether-options 802.3ad ae3 set interfaces et-0/0/23 ether-options 802.3ad ae3 set interfaces et-0/0/19 ether-options 802.3ad ae4 set interfaces et-0/0/20 ether-options 802.3ad ae4 set interfaces ae1 mtu 9192 set interfaces ae1 aggregated-ether-options minimum-links 1 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces ae1 unit 0 family inet address 172.16.5.0/31 set interfaces ae2 mtu 9192 set interfaces ae2 aggregated-ether-options minimum-links 1 set interfaces ae2 aggregated-ether-options lacp active set interfaces ae2 aggregated-ether-options lacp periodic fast set interfaces ae2 unit 0 family inet address 172.16.6.0/31 set interfaces ae3 mtu 9192 set interfaces ae3 aggregated-ether-options minimum-links 1 set interfaces ae3 aggregated-ether-options lacp active set interfaces ae3 aggregated-ether-options lacp periodic fast set interfaces ae3 unit 0 family inet address 172.16.7.0/31 set interfaces ae4 mtu 9192 set interfaces ae4 aggregated-ether-options minimum-links 1 set interfaces ae4 aggregated-ether-options lacp active set interfaces ae4 aggregated-ether-options lacp periodic fast set interfaces ae4 unit 0 family inet address 172.16.8.0/31
主干 1:
content_copy zoom_out_mapset interfaces et-0/0/1 ether-options 802.3ad ae1 set interfaces et-0/0/2 ether-options 802.3ad ae1 set interfaces et-0/0/14 ether-options 802.3ad ae2 set interfaces et-0/0/27 ether-options 802.3ad ae2 set interfaces ae1 mtu 9192 set interfaces ae1 aggregated-ether-options minimum-links 1 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces ae1 unit 0 family inet address 172.16.1.1/31 set interfaces ae2 mtu 9192 set interfaces ae2 aggregated-ether-options minimum-links 1 set interfaces ae2 aggregated-ether-options lacp active set interfaces ae2 aggregated-ether-options lacp periodic fast set interfaces ae2 unit 0 family inet address 172.16.5.1/31
主干 2:
content_copy zoom_out_mapset interfaces et-0/0/1 ether-options 802.3ad ae1 set interfaces et-0/0/2 ether-options 802.3ad ae1 set interfaces et-0/0/14 ether-options 802.3ad ae2 set interfaces et-0/0/15 ether-options 802.3ad ae2 set interfaces ae1 mtu 9192 set interfaces ae1 aggregated-ether-options minimum-links 1 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces ae1 unit 0 family inet address 172.16.2.1/31 set interfaces ae2 mtu 9192 set interfaces ae2 aggregated-ether-options minimum-links 1 set interfaces ae2 aggregated-ether-options lacp active set interfaces ae2 aggregated-ether-options lacp periodic fast set interfaces ae2 unit 0 family inet address 172.16.6.1/31
主干 3:
content_copy zoom_out_mapset interfaces et-0/0/0 ether-options 802.3ad ae1 set interfaces et-0/0/1 ether-options 802.3ad ae1 set interfaces et-0/0/7 ether-options 802.3ad ae2 set interfaces et-0/0/8 ether-options 802.3ad ae2 set interfaces ae1 mtu 9192 set interfaces ae1 aggregated-ether-options minimum-links 1 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces ae1 unit 0 family inet address 172.16.3.1/31 set interfaces ae2 mtu 9192 set interfaces ae2 aggregated-ether-options minimum-links 1 set interfaces ae2 aggregated-ether-options lacp active set interfaces ae2 aggregated-ether-options lacp periodic fast set interfaces ae2 unit 0 family inet address 172.16.7.1/31
主干 4:
content_copy zoom_out_mapset interfaces xe-0/0/3:2 ether-options 802.3ad ae1 set interfaces xe-0/0/3:3 ether-options 802.3ad ae1 set interfaces et-0/0/19 ether-options 802.3ad ae2 set interfaces et-0/0/20 ether-options 802.3ad ae2 set interfaces ae1 mtu 9192 set interfaces ae1 aggregated-ether-options minimum-links 1 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces ae1 unit 0 family inet address 172.16.4.1/31 set interfaces ae2 mtu 9192 set interfaces ae2 aggregated-ether-options minimum-links 1 set interfaces ae2 aggregated-ether-options lacp active set interfaces ae2 aggregated-ether-options lacp periodic fast set interfaces ae2 unit 0 family inet address 172.16.8.1/31
- 配置环路接口的 IP 地址以及每个路由反射器和主干设备的路由器 ID,如图 4 所示。 content_copy zoom_out_map
set interfaces lo0 unit 0 family inet address addr/32 set routing-options router-id addr
- 在路由反射器和主干设备上,配置 EBGP IP 交换矩阵底层。底层配置与 IP 交换矩阵底层网络设计和实施中的其他主干和分叶参考架构设计类似。但是,在此参考设计的底层中,折叠的主干交换矩阵与路由反射器设备集成在一起,以实现 POD 内部和之间的主干设备之间的 IP 传输功能。
底层配置包括以下内容:
定义一个导出路由策略 (
underlay-clos-export),用于向 EBGP 对等设备播发环路接口的 IP 地址。此导出路由策略用于使 IP 交换矩阵中的所有设备(所有路由反射器和主干设备)均可访问每个设备的环路接口的 IP 地址。在每个设备上定义一个本地 AS 编号。
在路由反射器设备上:通过聚合以太网链路 IP 地址和本地 AS 编号,将四个主干设备标识为 EBGP 邻居。
在主干设备上:通过聚合以太网链路 IP 地址和本地 AS 编号,将两个路由反射器设备标识为 EBGP 邻居。
启用 BGP 对等状态转换日志记录。
RR 1:
content_copy zoom_out_mapset protocols bgp group underlay-bgp type external set policy-options policy-statement underlay-clos-export term loopback from interface lo0.0 set policy-options policy-statement underlay-clos-export term loopback then accept set protocols bgp group underlay-bgp export underlay-clos-export set protocols bgp group underlay-bgp local-as 4200000021 set protocols bgp group underlay-bgp multipath multiple-as set protocols bgp group underlay-bgp neighbor 172.16.1.1 peer-as 4200000011 set protocols bgp group underlay-bgp neighbor 172.16.2.1 peer-as 4200000012 set protocols bgp group underlay-bgp neighbor 172.16.3.1 peer-as 4200000013 set protocols bgp group underlay-bgp neighbor 172.16.4.1 peer-as 4200000014 set protocols bgp log-updown
RR 2:
content_copy zoom_out_mapset protocols bgp group underlay-bgp type external set policy-options policy-statement underlay-clos-export term loopback from interface lo0.0 set policy-options policy-statement underlay-clos-export term loopback then accept set protocols bgp group underlay-bgp export underlay-clos-export set protocols bgp group underlay-bgp local-as 4200000022 set protocols bgp group underlay-bgp multipath multiple-as set protocols bgp group underlay-bgp neighbor 172.16.5.1 peer-as 4200000011 set protocols bgp group underlay-bgp neighbor 172.16.6.1 peer-as 4200000012 set protocols bgp group underlay-bgp neighbor 172.16.7.1 peer-as 4200000013 set protocols bgp group underlay-bgp neighbor 172.16.8.1 peer-as 4200000014 set protocols bgp log-updown
主干 1:
content_copy zoom_out_mapset protocols bgp group underlay-bgp type external set policy-options policy-statement underlay-clos-export term loopback from interface lo0.0 set policy-options policy-statement underlay-clos-export term loopback then accept set protocols bgp group underlay-bgp export underlay-clos-export set protocols bgp group underlay-bgp local-as 4200000011 set protocols bgp group underlay-bgp multipath multiple-as set protocols bgp group underlay-bgp neighbor 172.16.1.0 peer-as 4200000021 set protocols bgp group underlay-bgp neighbor 172.16.5.0 peer-as 4200000022 set protocols bgp log-updown
主干 2:
content_copy zoom_out_mapset protocols bgp group underlay-bgp type external set policy-options policy-statement underlay-clos-export term loopback from interface lo0.0 set policy-options policy-statement underlay-clos-export term loopback then accept set protocols bgp group underlay-bgp export underlay-clos-export set protocols bgp group underlay-bgp local-as 4200000012 set protocols bgp group underlay-bgp multipath multiple-as set protocols bgp group underlay-bgp neighbor 172.16.2.0 peer-as 4200000021 set protocols bgp group underlay-bgp neighbor 172.16.6.0 peer-as 4200000022 set protocols bgp log-updown
主干 3:
content_copy zoom_out_mapset protocols bgp group underlay-bgp type external set policy-options policy-statement underlay-clos-export term loopback from interface lo0.0 set policy-options policy-statement underlay-clos-export term loopback then accept set protocols bgp group underlay-bgp export underlay-clos-export set protocols bgp group underlay-bgp local-as 4200000013 set protocols bgp group underlay-bgp multipath multiple-as set protocols bgp group underlay-bgp neighbor 172.16.3.0 peer-as 4200000021 set protocols bgp group underlay-bgp neighbor 172.16.7.0 peer-as 4200000022 set protocols bgp log-updown
主干 4:
content_copy zoom_out_mapset protocols bgp group underlay-bgp type external set policy-options policy-statement underlay-clos-export term loopback from interface lo0.0 set policy-options policy-statement underlay-clos-export term loopback then accept set protocols bgp group underlay-bgp export underlay-clos-export set protocols bgp group underlay-bgp local-as 4200000014 set protocols bgp group underlay-bgp multipath multiple-as set protocols bgp group underlay-bgp neighbor 172.16.4.0 peer-as 4200000021 set protocols bgp group underlay-bgp neighbor 172.16.8.0 peer-as 4200000022 set protocols bgp log-updown
配置与路由反射器层集成的折叠式主干 EVPN-VXLAN 叠加网络
在此设计中,叠加层类似于其他 EVPN-VXLAN 数据中心主干和叶参考架构,但不包含叶层。只有主干设备(与路由反射器群集集成)在交换矩阵中执行 VLAN 内和 VLAN 间路由。我们在主干设备上配置具有多协议 BGP (MP-IBGP) 的 IBGP,并在主干设备上使用单个自治系统 (AS) 编号,以便通过路由反射器集群设备在它们之间建立信令路径,如下所示:
路由反射器群集设备与两个 Pod 中的主干设备对等,以实现 IP 传输。
主干设备与路由反射器设备对等。
请参阅图 5,其中说明了我们在 EVPN 叠加网络中配置的主干和路由反射器群集设备以及 BGP 邻居 IP 地址。
图 5:与路由反射器集群集成的折叠主干参考架构叠加 
除了设备的本地地址(环路地址)外,两台路由反射器设备上的叠加配置相同。路由反射器设备与所有主干设备对等。
除了设备的本地地址(环路地址)外,每台主干设备上的叠加配置都是相同的。所有主干设备都与路由反射器群集设备对等。
我们仅在折叠的主干结构中的主干设备上配置具有 VXLAN 封装和虚拟隧道端点 (VTEP) 接口的 EVPN。
要配置叠加网络:
- 为所有主干和路由反射器设备上的 IBGP 叠加配置 AS 编号: content_copy zoom_out_map
set routing-options autonomous-system 4210000001
- 在 路由反射器设备上配置具有 EVPN 信令的 IBGP,以便与折叠的主干设备对等,这些设备通过其设备环路地址标识为 IBGP 邻居,如图 5 所示。
在此步骤中,您还将:
将 RR 1 和 RR 2 定义为路由反射器集群(集群 ID 为 192.168.2.1)。
启用路径最大传输单元 (MTU) 发现,以动态确定源和目标之间网络路径上的 MTU 大小,这有助于避免 IP 分段。
设置双向转发检测 (BFD) 以检测 IBGP 邻居故障。
设置该
vpn-apply-export选项可确保在设备将 VPN 路由表中的路由播发至其他路由反射器或主干设备之前,应用 BGP 配置中的 VRF 和 BGP 组或邻居导出策略(按该顺序)。(有关详细信息,请参阅 分发 VPN 路由 。
RR 1:
content_copy zoom_out_mapset protocols bgp group overlay-with-rr type internal set protocols bgp group overlay-with-rr local-address 192.168.2.1 set protocols bgp group overlay-with-rr family evpn signaling set protocols bgp group overlay-with-rr cluster 192.168.2.1 set protocols bgp group overlay-with-rr multipath set protocols bgp group overlay-with-rr mtu-discovery set protocols bgp group overlay-with-rr neighbor 192.168.1.1 set protocols bgp group overlay-with-rr neighbor 192.168.1.2 set protocols bgp group overlay-with-rr neighbor 192.168.1.3 set protocols bgp group overlay-with-rr neighbor 192.168.1.4 set protocols bgp group overlay-with-rr bfd-liveness-detection minimum-interval 1000 set protocols bgp group overlay-with-rr bfd-liveness-detection multiplier 3 set protocols bgp group overlay-with-rr bfd-liveness-detection session-mode automatic set protocols bgp group overlay-with-rr vpn-apply-export
RR 2:
content_copy zoom_out_mapset protocols bgp group overlay-with-rr type internal set protocols bgp group overlay-with-rr local-address 192.168.2.2 set protocols bgp group overlay-with-rr family evpn signaling set protocols bgp group overlay-with-rr cluster 192.168.2.1 set protocols bgp group overlay-with-rr multipath set protocols bgp group overlay-with-rr mtu-discovery set protocols bgp group overlay-with-rr neighbor 192.168.1.1 set protocols bgp group overlay-with-rr neighbor 192.168.1.2 set protocols bgp group overlay-with-rr neighbor 192.168.1.3 set protocols bgp group overlay-with-rr neighbor 192.168.1.4 set protocols bgp group overlay-with-rr bfd-liveness-detection minimum-interval 1000 set protocols bgp group overlay-with-rr bfd-liveness-detection multiplier 3 set protocols bgp group overlay-with-rr bfd-liveness-detection session-mode automatic set protocols bgp group overlay-with-rr vpn-apply-export
- 在折叠的主干设备上配置 IBGP 和 EVPN,以便与路由反射器设备对等,路由反射器设备通过其设备环路地址标识为 IBGP 邻居,如图 5 所示。所有主干设备上的配置都相同,只是您将主干设备的环路 IP 地址替换为该
local-address device-loopback-addr值。在此步骤中,您还将:
启用路径最大传输单元 (MTU) 发现,以动态确定源和目标之间网络路径上的 MTU 大小,这有助于避免 IP 分段。
设置 BFD 以检测 IBGP 邻居故障。
设置该
vpn-apply-export选项可确保在设备将 VPN 路由表中的路由播发至其他路由反射器或主干设备之前,应用 BGP 配置中的 VRF 和 BGP 组或邻居导出策略(按该顺序)。(有关详细信息,请参阅 分发 VPN 路由 。
所有主干设备:
content_copy zoom_out_mapset protocols bgp group overlay-with-rr type internal set protocols bgp group overlay-with-rr local-address device-loopback-addr set protocols bgp group overlay-with-rr family evpn signaling set protocols bgp group overlay-with-rr multipath set protocols bgp group overlay-with-rr mtu-discovery set protocols bgp group overlay-with-rr neighbor 192.168.2.1 set protocols bgp group overlay-with-rr neighbor 192.168.2.2 set protocols bgp group overlay-with-rr bfd-liveness-detection minimum-interval 1000 set protocols bgp group overlay-with-rr bfd-liveness-detection multiplier 3 set protocols bgp group overlay-with-rr bfd-liveness-detection session-mode automatic set protocols bgp group overlay-with-rr vpn-apply-export
- 确保在所有接口上都启用了 LLDP,路由反射器集群和主干设备上的管理接口 (
em0) 除外。所有路由反射器和主干设备:
content_copy zoom_out_mapset protocols lldp interface all set protocols lldp interface em0 disable
- 在主干设备上的叠加网络中使用 VXLAN 封装配置 EVPN。折叠的主干结构中的所有主干设备上的配置都是相同的。
在此步骤中:
为转发表中的 ECMP 指定并应用每个数据包负载平衡的策略。
在 [编辑协议 evpn] 层次结构级别配置以下 EVPN 选项,同时设置 VXLAN 封装:
default-gateway no-gateway-community:将虚拟网关和 IRB MAC 地址播发到 EVPN 对等设备,以便仅以太网边缘设备可以获知这些 MAC 地址。如果主干结构使用以下功能,则可以在折叠的主干交换矩阵中进行配置no-gateway-community:任播 IP 作为具有通用任播 MAC 地址的网关,或
具有基于 VRRP 的 MAC 地址的虚拟网关地址 (00:00:5e:00:01:XX)(请参阅在 ToR 交换机的主干设备上配置 EVPN 多宿主和虚拟网络中的步骤 5)。
extended-vni-list all选项:允许所有已配置的 VXLAN 网络标识符 (VNI) 成为此 EVPN-VXLAN BGP 域的一部分。我们将在后面的部分中配置 VLAN 和 VLAN 到 VNI 的映射。remote-ip-host-routes:启用虚拟机流量优化 (VMTO)。(有关详细信息,请参阅 EVPN 的入口虚拟机流量优化 。)
所有主干设备:
content_copy zoom_out_mapset policy-options policy-statement per-packet-load-balance term 1 then load-balance per-packet set routing-options forwarding-table export per-packet-load-balance set protocols evpn encapsulation vxlan set protocols evpn default-gateway no-gateway-community set protocols evpn extended-vni-list all set protocols evpn remote-ip-host-routes
- 在主干设备上配置 VTEP、路由目标以及虚拟路由和转发 (VRF) 交换机选项。
所有主干设备上的配置都是相同的,只是在每台设备上,您将设备的环路 IP 地址
route-distinguisher替换为该值。此值为每个设备生成的路由定义唯一的路由识别符。EVPN 实例中的 VTEP 源接口还应与 IBGP 本地对等地址匹配,后者同样是设备环路 IP 地址。
主干 1:
content_copy zoom_out_mapset switch-options vtep-source-interface lo0.0 set switch-options route-distinguisher 192.168.1.1:3333 set switch-options vrf-target target:10458:0 set switch-options vrf-target auto
主干 2:
content_copy zoom_out_mapset switch-options vtep-source-interface lo0.0 set switch-options route-distinguisher 192.168.1.2:3333 set switch-options vrf-target target:10458:0 set switch-options vrf-target auto
主干 3:
content_copy zoom_out_mapset switch-options vtep-source-interface lo0.0 set switch-options route-distinguisher 192.168.1.3:3333 set switch-options vrf-target target:10458:0 set switch-options vrf-target auto
主干 4:
content_copy zoom_out_mapset switch-options vtep-source-interface lo0.0 set switch-options route-distinguisher 192.168.1.4:3333 set switch-options vrf-target target:10458:0 set switch-options vrf-target auto
- (仅在 PTX10000 系列路由器上必需)在设备上全局启用隧道终止(换句话说,在所有接口上): content_copy zoom_out_map
set forwarding-options tunnel-termination
在主干设备上为 ToR 交换机配置 EVPN 多宿主和虚拟网络
此折叠式主干参考设计实现了 EVPN 多宿主,如以太网 连接的终端系统设计和实现中的多宿主中所述,但叶层功能折叠到主干层中除外,您需要在主干设备上配置 ESI-LAG。您还可以在主干设备上配置 VLAN 以及第 2 层和第 3 层 路由功能,其方式与在边缘路由桥接 (ERB) 叠加设计中的叶设备上配置的方式类似。核心折叠主干配置通过在两个 POD 中的所有主干设备上设置相同的 VLAN(以及 VLAN 到 VNI 的映射)来实现第 2 层 延伸。EVPN 类型 2 路由支持在 POD 内部和之间的端点之间进行通信。
图 6 显示了通过聚合以太网接口链路连接到 Pod 中多宿主 ToR 交换机的每个 POD 中的折叠主干设备。
图 6:具有多宿主 ToR 交换机 
的折叠式主干交换矩阵
的折叠式主干交换矩阵
为简洁起见,本节说明了每个主干与每个 ToR 设备之间的一个聚合以太网链路,并在从主干设备到 Pod 中 ToR 设备的每个聚合以太网链路上配置了一个接口。
本节仅介绍 Pod 2 中主干和 ToR 设备的配置详细信息。您可以将具有适用设备参数和接口的类似配置应用于 POD 1 中的主干和 ToR 设备。
ToR 设备在其聚合以太网链路中包含两个接口,其中一个接口连接到 POD 中的每个主干设备,这些主干设备构成用于多宿主的 ESI-LAG。
配置包括以下步骤:
配置接口。
为 EVPN 多宿主设置 ESI-LAG。
配置第 2 层和第 3 层 网关功能,包括定义 VLAN、用于 VLAN 间路由的关联 IRB 接口以及相应的 VLAN 到 VNI 映射。
- 配置主干(主干 3 和主干 4)与 POD 2 中的多宿主 ToR 交换机(ToR 1 和 ToR 2)的接口和聚合以太网链路。
主干 3:
content_copy zoom_out_mapset interfaces xe-0/0/22:0 hold-time up 450000 set interfaces xe-0/0/22:0 hold-time down 450000 set interfaces xe-0/0/22:0 ether-options 802.3ad ae3 set interfaces xe-0/0/23:0 hold-time up 450000 set interfaces xe-0/0/23:0 hold-time down 450000 set interfaces xe-0/0/23:0 ether-options 802.3ad ae10
主干 4:
content_copy zoom_out_mapset interfaces xe-0/0/4:2 hold-time up 450000 set interfaces xe-0/0/4:2 hold-time down 450000 set interfaces xe-0/0/4:2 ether-options 802.3ad ae3 set interfaces xe-0/0/6:1 hold-time up 450000 set interfaces xe-0/0/6:1 hold-time down 450000 set interfaces xe-0/0/6:1 ether-options 802.3ad ae10
- 在 POD 2 中的多宿主 ToR 交换机的主干设备上配置 ESI-LAG 以实现 EVPN 多宿主。此设计在主干设备上与 ToR 交换机使用相同的聚合以太网接口,因此您可以在两台设备上使用相同的配置。
在此参考设计中,连接到
ae3ToR 1 并ae10连接到 ToR 2。主干 3 和主干 4:
content_copy zoom_out_mapset interfaces ae3 esi 00:00:00:ff:00:02:00:01:00:03 set interfaces ae3 esi all-active set interfaces ae3 aggregated-ether-options lacp active set interfaces ae3 aggregated-ether-options lacp periodic fast set interfaces ae3 aggregated-ether-options lacp system-id 00:00:00:99:99:01 set interfaces ae3 aggregated-ether-options lacp hold-time up 300 set interfaces ae10 esi 00:00:00:ff:00:01:00:01:00:0a set interfaces ae10 esi all-active set interfaces ae10 aggregated-ether-options lacp active set interfaces ae10 aggregated-ether-options lacp periodic fast set interfaces ae10 aggregated-ether-options lacp system-id 00:00:00:99:99:01 set interfaces ae10 aggregated-ether-options lacp hold-time up 300
- 在 POD 2
ae3ae10的主干设备上配置 VLAN,并作为 VLAN 成员。主干 3 和主干 4:
content_copy zoom_out_mapset interfaces ae3 native-vlan-id 4094 set interfaces ae3 unit 0 family ethernet-switching interface-mode trunk set interfaces ae3 unit 0 family ethernet-switching vlan members VLAN-1 set interfaces ae3 unit 0 family ethernet-switching vlan members VLAN-2 set interfaces ae3 unit 0 family ethernet-switching vlan members VLAN-3 set interfaces ae3 unit 0 family ethernet-switching vlan members VLAN-4 set interfaces ae10 native-vlan-id 4094 set interfaces ae10 unit 0 family ethernet-switching interface-mode trunk set interfaces ae10 unit 0 family ethernet-switching vlan members VLAN-1 set interfaces ae10 unit 0 family ethernet-switching vlan members VLAN-2 set interfaces ae10 unit 0 family ethernet-switching vlan members VLAN-3 set interfaces ae10 unit 0 family ethernet-switching vlan members VLAN-4
- 将 VLAN 映射到 VXLAN 隧道的 VNI,并为每个隧道关联一个 IRB 接口。
主干 3 和主干 4:
content_copy zoom_out_mapset vlans VLAN-1 vlan-id 1 set vlans VLAN-1 l3-interface irb.1 set vlans VLAN-1 vxlan vni 100001 set vlans VLAN-2 vlan-id 2 set vlans VLAN-2 l3-interface irb.2 set vlans VLAN-2 vxlan vni 100002 set vlans VLAN-3 vlan-id 3 set vlans VLAN-3 l3-interface irb.3 set vlans VLAN-3 vxlan vni 100003 set vlans VLAN-4 vlan-id 4 set vlans VLAN-4 l3-interface irb.4 set vlans VLAN-4 vxlan vni 100004
- 使用 IRB IP 地址和虚拟网关 IP 地址的 IPv4 和 IPv6 双堆栈地址,为 POD 2 中主干设备上的 VLAN (VNI) 配置 IRB 接口。
主干 3:
content_copy zoom_out_mapset interfaces irb unit 1 virtual-gateway-accept-data set interfaces irb unit 1 family inet address 10.0.1.243/24 preferred set interfaces irb unit 1 family inet address 10.0.1.243/24 virtual-gateway-address 10.0.1.254 set interfaces irb unit 1 family inet6 nd6-stale-time 3600 set interfaces irb unit 1 family inet6 address 2001:db8::10:0:1:243/112 preferred set interfaces irb unit 1 family inet6 address 2001:db8::10:0:1:243/112 virtual-gateway-address 2001:db8::10:0:1:254 set interfaces irb unit 1 virtual-gateway-v4-mac 00:00:5e:00:00:04 set interfaces irb unit 1 virtual-gateway-v6-mac 00:00:5e:00:00:04 set interfaces irb unit 2 virtual-gateway-accept-data set interfaces irb unit 2 family inet address 10.0.2.243/24 preferred set interfaces irb unit 2 family inet address 10.0.2.243/24 virtual-gateway-address 10.0.2.254 set interfaces irb unit 2 family inet6 nd6-stale-time 3600 set interfaces irb unit 2 family inet6 address 2001:db8::10:0:2:243/112 preferred set interfaces irb unit 2 family inet6 address 2001:db8::10:0:2:243/112 virtual-gateway-address 2001:db8::10:0:2:254 set interfaces irb unit 2 virtual-gateway-v4-mac 00:00:5e:00:00:04 set interfaces irb unit 2 virtual-gateway-v6-mac 00:00:5e:00:00:04 set interfaces irb unit 3 virtual-gateway-accept-data set interfaces irb unit 3 family inet address 10.0.3.243/24 preferred set interfaces irb unit 3 family inet address 10.0.3.243/24 virtual-gateway-address 10.0.3.254 set interfaces irb unit 3 family inet6 nd6-stale-time 3600 set interfaces irb unit 3 family inet6 address 2001:db8::10:0:3:243/112 preferred set interfaces irb unit 3 family inet6 address 2001:db8::10:0:3:243/112 virtual-gateway-address 2001:db8::10:0:3:254 set interfaces irb unit 3 virtual-gateway-v4-mac 00:00:5e:00:00:04 set interfaces irb unit 3 virtual-gateway-v6-mac 00:00:5e:00:00:04 set interfaces irb unit 4 virtual-gateway-accept-data set interfaces irb unit 4 family inet address 10.0.4.243/24 preferred set interfaces irb unit 4 family inet address 10.0.4.243/24 virtual-gateway-address 10.0.4.254 set interfaces irb unit 4 family inet6 nd6-stale-time 3600 set interfaces irb unit 4 family inet6 address 2001:db8::10:0:4:243/112 preferred set interfaces irb unit 4 family inet6 address 2001:db8::10:0:4:243/112 virtual-gateway-address 2001:db8::10:0:4:254 set interfaces irb unit 4 virtual-gateway-v4-mac 00:00:5e:00:00:04 set interfaces irb unit 4 virtual-gateway-v6-mac 00:00:5e:00:00:04
主干 4:
content_copy zoom_out_mapset interfaces irb unit 1 virtual-gateway-accept-data set interfaces irb unit 1 family inet address 10.0.1.244/24 preferred set interfaces irb unit 1 family inet address 10.0.1.244/24 virtual-gateway-address 10.0.1.254 set interfaces irb unit 1 family inet6 nd6-stale-time 3600 set interfaces irb unit 1 family inet6 address 2001:db8::10:0:1:244/112 preferred set interfaces irb unit 1 family inet6 address 2001:db8::10:0:1:244/112 virtual-gateway-address 2001:db8::10:0:1:254 set interfaces irb unit 1 virtual-gateway-v4-mac 00:00:5e:00:00:04 set interfaces irb unit 1 virtual-gateway-v6-mac 00:00:5e:00:00:04 set interfaces irb unit 2 virtual-gateway-accept-data set interfaces irb unit 2 family inet address 10.0.2.244/24 preferred set interfaces irb unit 2 family inet address 10.0.2.244/24 virtual-gateway-address 10.0.2.254 set interfaces irb unit 2 family inet6 nd6-stale-time 3600 set interfaces irb unit 2 family inet6 address 2001:db8::10:0:2:244/112 preferred set interfaces irb unit 2 family inet6 address 2001:db8::10:0:2:244/112 virtual-gateway-address 2001:db8::10:0:2:254 set interfaces irb unit 2 virtual-gateway-v4-mac 00:00:5e:00:00:04 set interfaces irb unit 2 virtual-gateway-v6-mac 00:00:5e:00:00:04 set interfaces irb unit 3 virtual-gateway-accept-data set interfaces irb unit 3 family inet address 10.0.3.244/24 preferred set interfaces irb unit 3 family inet address 10.0.3.244/24 virtual-gateway-address 10.0.3.254 set interfaces irb unit 3 family inet6 nd6-stale-time 3600 set interfaces irb unit 3 family inet6 address 2001:db8::10:0:3:244/112 preferred set interfaces irb unit 3 family inet6 address 2001:db8::10:0:3:244/112 virtual-gateway-address 2001:db8::10:0:3:254 set interfaces irb unit 3 virtual-gateway-v4-mac 00:00:5e:00:00:04 set interfaces irb unit 3 virtual-gateway-v6-mac 00:00:5e:00:00:04 set interfaces irb unit 4 virtual-gateway-accept-data set interfaces irb unit 4 family inet address 10.0.4.244/24 preferred set interfaces irb unit 4 family inet address 10.0.4.244/24 virtual-gateway-address 10.0.4.254 set interfaces irb unit 4 family inet6 nd6-stale-time 3600 set interfaces irb unit 4 family inet6 address 2001:db8::10:0:4:244/112 preferred set interfaces irb unit 4 family inet6 address 2001:db8::10:0:4:244/112 virtual-gateway-address 2001:db8::10:0:4:254 set interfaces irb unit 4 virtual-gateway-v4-mac 00:00:5e:00:00:04 set interfaces irb unit 4 virtual-gateway-v6-mac 00:00:5e:00:00:04
- 为配置的 VLAN (VNI) 在 POD 2 中的每个主干设备上的每个主干设备上的 EVPN 类型 2 路由定义 VRF 路由实例和相应的 IRB 接口。
主干 3:
content_copy zoom_out_mapset interfaces lo0 unit 1 family inet set routing-instances VRF-T2-1 instance-type vrf set routing-instances VRF-T2-1 interface lo0.1 set routing-instances VRF-T2-1 interface irb.1 set routing-instances VRF-T2-1 interface irb.2 set routing-instances VRF-T2-1 interface irb.3 set routing-instances VRF-T2-1 interface irb.4 set routing-instances VRF-T2-1 route-distinguisher 192.168.1.3:1 set routing-instances VRF-T2-1 vrf-target target:100:1
主干 4:
content_copy zoom_out_mapset interfaces lo0 unit 1 family inet set routing-instances VRF-T2-1 instance-type vrf set routing-instances VRF-T2-1 interface lo0.1 set routing-instances VRF-T2-1 interface irb.1 set routing-instances VRF-T2-1 interface irb.2 set routing-instances VRF-T2-1 interface irb.3 set routing-instances VRF-T2-1 interface irb.4 set routing-instances VRF-T2-1 route-distinguisher 192.168.1.4:1 set routing-instances VRF-T2-1 vrf-target target:100:1
- 将多宿主 ToR 交换机(ToR 1 和 ToR 2)上的接口和聚合以太网链路配置为 POD 2 中的主干设备(主干 3 和主干 4)。在此步骤中,您将:
设置交换机上您可能需要的聚合以太网接口数量(此处设置 20 个作为示例)。
在每台 ToR 交换机上配置到 POD 2 中主干设备的聚合以太网链路
ae1。在接口上配置 LLDP。
职责范围 1:
content_copy zoom_out_mapset chassis aggregated-devices ethernet device-count 20 set interfaces xe-0/0/26 ether-options 802.3ad ae1 set interfaces xe-0/0/27 ether-options 802.3ad ae1 set interfaces ae1 aggregated-ether-options minimum-links 1 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set protocols lldp interface all set protocols lldp interface em0 disable
职责范围 2:
content_copy zoom_out_mapset chassis aggregated-devices ethernet device-count 20 set interfaces xe-0/0/1 ether-options 802.3ad ae1 set interfaces xe-0/0/27 ether-options 802.3ad ae1 set interfaces ae1 aggregated-ether-options minimum-links 1 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set protocols lldp interface all set protocols lldp interface em0 disable
- 在 Pod 2 中 ToR 交换机上配置 VLAN。这些 VLAN 与您在步骤 3 中在 POD 2 的主干设备上配置的 VLAN 匹配。
职责范围 1 和职责范围 2:
content_copy zoom_out_mapset vlans VLAN-1 vlan-id 1 set vlans VLAN-2 vlan-id 2 set vlans VLAN-3 vlan-id 3 set vlans VLAN-4 vlan-id 4 set interfaces ae1 native-vlan-id 4094 set interfaces ae1 unit 0 family ethernet-switching interface-mode trunk set interfaces ae1 unit 0 family ethernet-switching vlan members VLAN-1 set interfaces ae1 unit 0 family ethernet-switching vlan members VLAN-2 set interfaces ae1 unit 0 family ethernet-switching vlan members VLAN-3 set interfaces ae1 unit 0 family ethernet-switching vlan members VLAN-4
验证折叠的主干交换矩阵与路由反射器群集和 ToR 设备的连接
本部分介绍可用于验证折叠的主干设备与路由反射器群集之间以及折叠的主干设备和 ToR 设备之间的连接的 CLI 命令。
为简洁起见,本部分包括仅使用 POD 2 中的主干 3 和主干 4 验证主干 设备上的连接。您可以在 Pod 1 中的主干设备(主干 1 和主干 2)上使用相同的命令。
- 验证路由反射器设备上的聚合以太网链路与四个折叠的主干设备的连接。在每个路由反射器设备上,
aeX连接到主干 X)。RR 1:
content_copy zoom_out_mapuser@rr-1> show lacp interfaces Aggregated interface: ae1 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity et-0/0/46 Actor No No Yes Yes Yes Yes Fast Active et-0/0/46 Partner No No Yes Yes Yes Yes Fast Active et-0/0/62 Actor No No Yes Yes Yes Yes Fast Active et-0/0/62 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State et-0/0/46 Current Fast periodic Collecting distributing et-0/0/62 Current Fast periodic Collecting distributing Aggregated interface: ae2 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity et-0/0/9 Actor No No Yes Yes Yes Yes Fast Active et-0/0/9 Partner No No Yes Yes Yes Yes Fast Active et-0/0/10 Actor No No Yes Yes Yes Yes Fast Active et-0/0/10 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State et-0/0/9 Current Fast periodic Collecting distributing et-0/0/10 Current Fast periodic Collecting distributing Aggregated interface: ae3 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity et-0/0/49 Actor No No Yes Yes Yes Yes Fast Active et-0/0/49 Partner No No Yes Yes Yes Yes Fast Active et-0/0/58 Actor No No Yes Yes Yes Yes Fast Active et-0/0/58 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State et-0/0/49 Current Fast periodic Collecting distributing et-0/0/58 Current Fast periodic Collecting distributing Aggregated interface: ae4 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity xe-0/0/34:2 Actor No No Yes Yes Yes Yes Fast Active xe-0/0/34:2 Partner No No Yes Yes Yes Yes Fast Active xe-0/0/34:3 Actor No No Yes Yes Yes Yes Fast Active xe-0/0/34:3 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State xe-0/0/34:2 Current Fast periodic Collecting distributing xe-0/0/34:3 Current Fast periodic Collecting distributingRR 2:
content_copy zoom_out_mapuser@rr-2> show lacp interfaces Aggregated interface: ae1 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity et-0/0/18 Actor No No Yes Yes Yes Yes Fast Active et-0/0/18 Partner No No Yes Yes Yes Yes Fast Active et-0/0/35 Actor No No Yes Yes Yes Yes Fast Active et-0/0/35 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State et-0/0/18 Current Fast periodic Collecting distributing et-0/0/35 Current Fast periodic Collecting distributing Aggregated interface: ae2 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity et-0/0/13 Actor No No Yes Yes Yes Yes Fast Active et-0/0/13 Partner No No Yes Yes Yes Yes Fast Active et-0/0/14 Actor No No Yes Yes Yes Yes Fast Active et-0/0/14 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State et-0/0/13 Current Fast periodic Collecting distributing et-0/0/14 Current Fast periodic Collecting distributing Aggregated interface: ae3 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity et-0/0/22 Actor No No Yes Yes Yes Yes Fast Active et-0/0/22 Partner No No Yes Yes Yes Yes Fast Active et-0/0/23 Actor No No Yes Yes Yes Yes Fast Active et-0/0/23 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State et-0/0/22 Current Fast periodic Collecting distributing et-0/0/23 Current Fast periodic Collecting distributing Aggregated interface: ae4 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity et-0/0/19 Actor No No Yes Yes Yes Yes Fast Active et-0/0/19 Partner No No Yes Yes Yes Yes Fast Active et-0/0/20 Actor No No Yes Yes Yes Yes Fast Active et-0/0/20 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State et-0/0/19 Current Fast periodic Collecting distributing et-0/0/20 Current Fast periodic Collecting distributing - 验证 POD 2(主干 3 和主干 4)中主干 设备上的聚合以太网链路与路由反射器设备的连接。在
ae1主干 3 和主干 4 上分别链接并ae2连接到路由反射器设备 RR 1 和 RR 2。主干 3:
content_copy zoom_out_mapuser@spine-3> show lacp interfaces ae1 Aggregated interface: ae1 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity et-0/0/0 Actor No No Yes Yes Yes Yes Fast Active et-0/0/0 Partner No No Yes Yes Yes Yes Fast Active et-0/0/1 Actor No No Yes Yes Yes Yes Fast Active et-0/0/1 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State et-0/0/0 Current Fast periodic Collecting distributing et-0/0/1 Current Fast periodic Collecting distributing user@spine-3> show lacp interfaces ae2 Aggregated interface: ae2 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity et-0/0/7 Actor No No Yes Yes Yes Yes Fast Active et-0/0/7 Partner No No Yes Yes Yes Yes Fast Active et-0/0/8 Actor No No Yes Yes Yes Yes Fast Active et-0/0/8 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State et-0/0/7 Current Fast periodic Collecting distributing et-0/0/8 Current Fast periodic Collecting distributing主干 4:
content_copy zoom_out_mapuser@spine-4> show lacp interfaces ae1 Aggregated interface: ae1 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity xe-0/0/3:2 Actor No No Yes Yes Yes Yes Fast Active xe-0/0/3:2 Partner No No Yes Yes Yes Yes Fast Active xe-0/0/3:3 Actor No No Yes Yes Yes Yes Fast Active xe-0/0/3:3 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State xe-0/0/3:2 Current Fast periodic Collecting distributing xe-0/0/3:3 Current Fast periodic Collecting distributing user@spine-4> show lacp interfaces ae2 Aggregated interface: ae2 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity et-0/0/19 Actor No No Yes Yes Yes Yes Fast Active et-0/0/19 Partner No No Yes Yes Yes Yes Fast Active et-0/0/20 Actor No No Yes Yes Yes Yes Fast Active et-0/0/20 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State et-0/0/19 Current Fast periodic Collecting distributing et-0/0/20 Current Fast periodic Collecting distributing - 验证 POD 2(主干 3 和主干 4)中主干 设备上的聚合以太网链路与多宿主 ToR 交换机的连接。在主干 3 和主干 4 上分别
ae3链接并ae10连接到 ToR 1 和 ToR 2,因此此命令行过滤输出以查找以 开头ae3的链路状态。输出将被截断以仅显示相关链接的状态。主干 3:
content_copy zoom_out_mapuser@spine-3> show lacp interfaces | find ae3 Aggregated interface: ae3 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity xe-0/0/22:0 Actor No No Yes Yes Yes Yes Fast Active xe-0/0/22:0 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State xe-0/0/22:0 Current Fast periodic Collecting distributing LACP hold-timer: Up, Enabled, Interval: 300 sec Status Re-Start Cnt TTE(sec) Hold Start xe-0/0/22:0 Not-Running NA NA NA ... Aggregated interface: ae10 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity xe-0/0/23:0 Actor No No Yes Yes Yes Yes Fast Active xe-0/0/23:0 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State xe-0/0/23:0 Current Fast periodic Collecting distributing LACP hold-timer: Up, Enabled, Interval: 300 sec Status Re-Start Cnt TTE(sec) Hold Start xe-0/0/23:0 Not-Running NA NA NA ...主干 4:
content_copy zoom_out_mapuser@spine-3> show lacp interfaces | find ae3 Aggregated interface: ae3 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity xe-0/0/4:2 Actor No No Yes Yes Yes Yes Fast Active xe-0/0/4:2 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State xe-0/0/4:2 Current Fast periodic Collecting distributing LACP hold-timer: Up, Enabled, Interval: 300 sec Status Re-Start Cnt TTE(sec) Hold Start xe-0/0/4:2 Not-Running NA NA NA ... Aggregated interface: ae10 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity xe-0/0/6:1 Actor No No Yes Yes Yes Yes Fast Active xe-0/0/6:1 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State xe-0/0/6:1 Current Fast periodic Collecting distributing LACP hold-timer: Up, Enabled, Interval: 300 sec Status Re-Start Cnt TTE(sec) Hold Start xe-0/0/6:1 Not-Running NA NA NA ... - 验证 POD 2 中的主干设备(主干 3 和主干 4)是否将路由反射器设备和 POD 2 中的 ToR 交换机检测为 LLDP 邻居。对于主干到 ToR 链路,这将验证是否已建立到多宿主 ToR 交换机的 ESI 成员链路。
此示例命令输出经过过滤和截断,仅显示相关的聚合以太网链路。注释行显示结果输出中显示的值的列。再次参见图 4,其中显示 POD 2 中的两台主干交换机都使用
ae1和 链接到路由反射器设备、ae3链接到 ToR1 和ae2ae10链接到 ToR 2。主干 3:
content_copy zoom_out_mapuser@spine-3> show lldp neighbors | grep ae #Local Interface Parent Interface Chassis Id Port info System Name et-0/0/0 ae1 54:4b:8c:cd:e4:38 et-0/0/58 rr-1 et-0/0/1 ae1 54:4b:8c:cd:e4:38 et-0/0/49 rr-1 et-0/0/7 ae2 c0:bf:a7:ca:53:c0 et-0/0/22 rr-2 et-0/0/8 ae2 c0:bf:a7:ca:53:c0 et-0/0/23 rr-2 et-0/0/22:0 ae3 10:0e:7e:b0:a1:40 xe-0/0/26 tor-1 ... xe-0/0/23:0 ae10 20:d8:0b:14:72:00 xe-0/0/1 tor-2 ...
主干 4:
content_copy zoom_out_mapuser@spine-3> show lldp neighbors | grep ae #Local Interface Parent Interface Chassis Id Port info System Name xe-0/0/3:2 ae1 54:4b:8c:cd:e4:38 xe-0/0/34:2 rr-1 xe-0/0/3:3 ae1 54:4b:8c:cd:e4:38 xe-0/0/34:3 rr-1 et-0/0/19 ae2 c0:bf:a7:ca:53:c0 et-0/0/19 rr-2 et-0/0/20 ae2 c0:bf:a7:ca:53:c0 et-0/0/20 rr-2 xe-0/0/4:2 ae3 10:0e:7e:b0:a1:40 xe-0/0/27 tor-1 ... xe-0/0/6:1 ae10 20:d8:0b:14:72:00 xe-0/0/27 tor-2 ...
验证折叠的主干交换矩阵 BGP 底层网络和 EVPN-VXLAN 叠加网络配置
本部分显示可用于验证底层和叠加层是否适用于与路由反射器 cluste 集成的折叠主干设备的 CLI 命令。再次参阅图 4 和 图 5 ,了解配置的底层和叠加参数。
为简洁起见,本部分包括仅使用 POD 2 中的主干 3 和主干 4 验证主干 设备上的连接。您可以在 Pod 1 中的主干设备(主干 1 和主干 2)上使用相同的命令。
- 在路由反射器设备上验证 EBGP 和 IBGP 对等是否已建立,以及包含四个主干设备的流量路径是否处于活动状态。此示例命令输出经过筛选,仅显示显示已建立对等互连的相关状态行。注释行显示结果输出中显示的值的列。
RR 1:
content_copy zoom_out_mapuser@rr-1> show bgp summary | match Estab # Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Damped... # underlay BGP peerings 172.16.1.1 4200000011 3758 3767 0 0 1d 4:38:36 Establ 172.16.2.1 4200000012 129 131 0 5 56:59 Establ 172.16.3.1 4200000013 3802 3773 0 0 1d 4:41:03 Establ 172.16.4.1 4200000014 3791 3762 0 0 1d 4:36:06 Establ ... # overlay BGP peerings 192.168.1.1 4210000001 980683 4088207 0 0 1d 4:38:32 Establ 192.168.1.2 4210000001 27145 154826 0 5 56:58 Establ 192.168.1.3 4210000001 2696563 2953756 0 0 1d 4:41:02 Establ 192.168.1.4 4210000001 2640667 3000173 0 0 1d 4:36:04 Establ ...
RR 2:
content_copy zoom_out_mapuser@rr-2> show bgp summary | match Estab # Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Damped... # underlay BGP peerings 172.16.5.1 4200000011 3748 3763 0 0 1d 4:37:57 Establ 172.16.6.1 4200000012 131 131 0 5 56:16 Establ 172.16.7.1 4200000013 3796 3765 0 0 1d 4:39:01 Establ 172.16.8.1 4200000014 3788 3756 0 0 1d 4:35:27 Establ ... # overlay BGP peerings 192.168.1.1 4210000001 980619 4085507 0 0 1d 4:37:55 Establ 192.168.1.2 4210000001 27074 154082 0 5 56:14 Establ 192.168.1.3 4210000001 2695621 2952494 0 0 1d 4:38:59 Establ 192.168.1.4 4210000001 2640070 2998889 0 0 1d 4:35:25 Establ ...
- 在 POD 2 中的主干设备上验证底层 EBGP 和叠加 IBGP 对等互连是否已建立。此示例命令输出经过筛选,仅显示显示已建立对等互连的相关状态行。注释行显示结果输出中显示的值的列。
主干 3:
content_copy zoom_out_mapuser@spine-3> show bgp summary | match Estab # Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Damped... 172.16.3.0 4200000021 3761 3788 0 1 1d 4:35:08 Establ 172.16.7.0 4200000022 3755 3783 0 1 1d 4:33:44 Establ ... 192.168.2.1 4210000001 2942193 2685492 0 1 1d 4:35:06 Establ 192.168.2.2 4210000001 2941362 2685039 0 1 1d 4:33:43 Establ
主干 4:
content_copy zoom_out_mapuser@spine-4> show bgp summary | match Estab # Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Damped... 172.16.4.0 4200000021 3746 3773 0 0 1d 4:28:12 Establ 172.16.8.0 4200000022 3742 3771 0 0 1d 4:28:12 Establ ... 192.168.2.1 4210000001 2986192 2627487 0 0 1d 4:28:10 Establ 192.168.2.2 4210000001 2985323 2627487 0 0 1d 4:28:10 Establ
- 验证远程 VTEP 接口的端点目标 IP 地址,即此折叠主干拓扑的 POD 1 和 POD 2 中其他三个主干设备的环路地址。我们在此处包含 POD 2 中主干 3 的示例输出;其他主干设备上的结果也类似。
主干 3:
content_copy zoom_out_mapuser@spine-3> show interfaces vtep | match Remote VXLAN Endpoint Type: Remote, VXLAN Endpoint Address: 192.168.1.4, L2 Routing Instance: default-switch, L3 Routing Instance: default VXLAN Endpoint Type: Remote, VXLAN Endpoint Address: 192.168.1.1, L2 Routing Instance: default-switch, L3 Routing Instance: default VXLAN Endpoint Type: Remote, VXLAN Endpoint Address: 192.168.1.2, L2 Routing Instance: default-switch, L3 Routing Instance: default - 验证主干设备上朝向 ToR 交换机的 ESI-LAG。我们在此处包含 POD 2 中主干 3 的示例输出;其他主干设备上的结果也类似。
主干 3:
content_copy zoom_out_mapuser@spine-3> show evpn instance extensive Instance: __default_evpn__ Route Distinguisher: 192.168.1.3:0 Number of bridge domains: 0 Number of neighbors: 1 Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer 192.168.1.4 0 0 0 0 2 Instance: default-switch Route Distinguisher: 192.168.1.3:3333 Encapsulation type: VXLAN Duplicate MAC detection threshold: 5 Duplicate MAC detection window: 180 MAC database status Local Remote MAC advertisements: 5 9 MAC+IP advertisements: 21 21 Default gateway MAC advertisements: 8 0 Number of local interfaces: 3 (3 up) Interface name ESI Mode Status AC-Role .local..5 00:00:00:00:00:00:00:00:00:00 single-homed Up Root ae10.0 00:00:00:ff:00:01:00:01:00:0a all-active Up Root ae3.0 00:00:00:ff:00:02:00:01:00:03 all-active Up Root Number of IRB interfaces: 4 (4 up) Interface name VLAN VNI Status L3 context irb.1 100001 Up VRF-T2-1 irb.2 100002 Up VRF-T2-1 irb.3 100003 Up VRF-T2-1 irb.4 100004 Up VRF-T2-1 Number of protect interfaces: 0 Number of bridge domains: 4 VLAN Domain-ID Intfs/up IRB-intf Mode MAC-sync IM-label v4-SG-sync IM-core-NH v6-SG-sync IM-core-NH Trans-ID 1 100001 2 2 irb.1 Extended Enabled 100001 Disabled Disabled 100001 2 100002 2 2 irb.2 Extended Enabled 100002 Disabled Disabled 100002 3 100003 2 2 irb.3 Extended Enabled 100003 Disabled Disabled 100003 4 100004 2 2 irb.4 Extended Enabled 100004 Disabled Disabled 100004 Number of neighbors: 1 Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer 192.168.1.4 9 21 8 4 0 Number of ethernet segments: 6 ESI: 00:00:00:ff:00:01:00:01:00:0a Status: Resolved by IFL ae10.0 Local interface: ae10.0, Status: Up/Forwarding Number of remote PEs connected: 1 Remote-PE MAC-label Aliasing-label Mode 192.168.1.4 0 0 all-active DF Election Algorithm: MOD based Designated forwarder: 192.168.1.4 Backup forwarder: 192.168.1.3 Last designated forwarder update: Apr 09 13:13:20 ESI: 00:00:00:ff:00:02:00:01:00:03 Status: Resolved by IFL ae3.0 Local interface: ae3.0, Status: Up/Forwarding Number of remote PEs connected: 1 Remote-PE MAC-label Aliasing-label Mode 192.168.1.4 100001 0 all-active DF Election Algorithm: MOD based Designated forwarder: 192.168.1.4 Backup forwarder: 192.168.1.3 Last designated forwarder update: Apr 09 13:13:20 ESI: 05:fa:ef:80:81:00:01:86:a1:00 Local interface: irb.1, Status: Up/Forwarding Number of remote PEs connected: 1 Remote-PE MAC-label Aliasing-label Mode 192.168.1.4 100001 0 all-active ESI: 05:fa:ef:80:81:00:01:86:a2:00 Local interface: irb.2, Status: Up/Forwarding Number of remote PEs connected: 1 Remote-PE MAC-label Aliasing-label Mode 192.168.1.4 100002 0 all-active ESI: 05:fa:ef:80:81:00:01:86:a3:00 Local interface: irb.3, Status: Up/Forwarding Number of remote PEs connected: 1 Remote-PE MAC-label Aliasing-label Mode 192.168.1.4 100003 0 all-active ESI: 05:fa:ef:80:81:00:01:86:a4:00 Local interface: irb.4, Status: Up/Forwarding Number of remote PEs connected: 1 Remote-PE MAC-label Aliasing-label Mode 192.168.1.4 100004 0 all-active Router-ID: 192.168.1.3 SMET Forwarding: Disabled
