vxlan + 多个vrf

2020-04-24 15:49:32 蜻蜓队长

一开始只有一个vrf

[root@evpn2 ~]# vtysh 

Hello, this is FRRouting (version 7.3-MyOwnFRRVersion).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

evpn2.novalocal# show running config
% Unknown command: show running config
evpn2.novalocal# show running-config
Building configuration...

Current configuration:
!
frr version 7.3-MyOwnFRRVersion
frr defaults traditional
hostname evpn2.novalocal
log file /var/log/frr/bgpd.log
!
vrf evpn-vrf
 vni 100
 exit-vrf
!
router bgp 9999
 bgp router-id 10.10.18.212
 bgp bestpath as-path multipath-relax
 neighbor fabric peer-group
 neighbor fabric remote-as external
 neighbor 10.10.18.209 peer-group fabric
 neighbor 10.10.18.209 update-source 10.10.18.212
 !
 address-family l2vpn evpn
  neighbor fabric activate
  advertise-all-vni
 exit-address-family
!
router bgp 9999 vrf evpn-vrf
 !
 address-family ipv4 unicast
  network 0.0.0.0/0
  network 9.9.9.0/24
 exit-address-family
 !
 address-family l2vpn evpn
  advertise ipv4 unicast
 exit-address-family
!
line vty
!
end

现在再加一个

#添加vni 1000，作为l3vni
sudo ip link add br1000 type bridge
sudo ip link add vxlan1000 type vxlan id 1000 local 10.10.18.212  dstport 4789 nolearning
sudo ip link set br1000 up
sudo ip link set vxlan1000 up
sudo ip link set vxlan1000 master br1000  
sudo ip link set dev br1000 address 00:00:01:02:03:06 //不和以前的冲突
ip link add evpn-vrf2 type vrf table 1000
ip link set evpn-vrf2 up
ip link set br1000 master evpn-vrf2

evpn2.novalocal# show running-config
Building configuration...

Current configuration:
!
frr version 7.3-MyOwnFRRVersion
frr defaults traditional
hostname evpn2.novalocal
log file /var/log/frr/bgpd.log
!
vrf evpn-vrf
vni 100
exit-vrf
!
vrf evpn-vrf2
vni 1000
exit-vrf
!
router bgp 9999
bgp router-id 10.10.18.212
bgp bestpath as-path multipath-relax
neighbor fabric peer-group
neighbor fabric remote-as external
neighbor 10.10.18.209 peer-group fabric
neighbor 10.10.18.209 update-source 10.10.18.212
!
address-family l2vpn evpn
neighbor fabric activate
advertise-all-vni
exit-address-family
!
router bgp 9999 vrf evpn-vrf
!
address-family ipv4 unicast
network 0.0.0.0/0
network 9.9.9.0/24
exit-address-family
!
address-family l2vpn evpn
advertise ipv4 unicast
exit-address-family
!
router bgp 9999 vrf evpn-vrf2
!
address-family ipv4 unicast
network 0.0.0.0/0
exit-address-family
!
line vty
!
end

[root@evpn2 ~]# ip route show vrf evpn-vrf2

什么都没有
ip link add vrf2-in type veth peer name vrf2-out
ip link set vrf2-in up
ip link set vrf2-out up
ip link set vrf2-in master evpn-vrf2
ip addr add 5.5.5.251/24 dev vrf2-in
ip addr add 5.5.5.252/24 dev vrf2-out

ip route add default via 5.5.5.252 dev vrf2-in table 1000

[root@evpn2 ~]# ip route show vrf evpn-vrf2
default via 5.5.5.252 dev vrf2-in 
5.5.5.0/24 dev vrf2-in proto kernel scope link src 5.5.5.251 
[root@evpn2 ~]#

在另一个vtep2上查看

evpn1# show evpn vni
VNI        Type VxLAN IF              # MACs   # ARPs   # Remote VTEPs  Tenant VRF                           
20         L2   vxlan20               1        4        0               evpn-vrf                             
10         L2   vxlan10               1        4        1               evpn-vrf                             
100        L3   vxlan100              1        1        n/a             evpn-vrf                             
evpn1# show bgp evpn route
BGP table version is 10, local router ID is 10.10.18.209
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
EVPN type-2 prefix: [2]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP]
EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP]
EVPN type-4 prefix: [4]:[ESI]:[IPlen]:[OrigIP]
EVPN type-5 prefix: [5]:[EthTag]:[IPlen]:[IP]

   Network          Next Hop            Metric LocPrf Weight Path
                    Extended Community
Route Distinguisher: 9.9.9.254:3
*> [5]:[0]:[0]:[0.0.0.0]
                    10.10.18.212             0             0 9999 i
                    RT:9999:100 ET:8 Rmac:00:00:01:02:03:05
*> [5]:[0]:[24]:[9.9.9.0]
                    10.10.18.212             0             0 9999 i
                    RT:9999:100 ET:8 Rmac:00:00:01:02:03:05
Route Distinguisher: 10.10.18.209:2
*> [3]:[0]:[32]:[10.10.18.209]
                    10.10.18.209                       32768 i
                    ET:8 RT:8888:10
Route Distinguisher: 10.10.18.209:4
*> [3]:[0]:[32]:[10.10.18.209]
                    10.10.18.209                       32768 i
                    ET:8 RT:8888:20
Route Distinguisher: 10.10.18.212:2
*> [3]:[0]:[32]:[10.10.18.212]
                    10.10.18.212                           0 9999 i
                    RT:9999:10 ET:8

Displayed 5 prefixes (5 paths)
evpn1# show ip route vrf evpn-vrf
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric,
       > - selected route, * - FIB route, q - queued route, r - rejected route


VRF evpn-vrf:
B>* 0.0.0.0/0 [20/0] via 10.10.18.212, br100 onlink, 04w4d20h
C>* 2.2.2.0/24 is directly connected, br10, 05w2d01h
C>* 3.3.3.0/24 is directly connected, br20, 05w1d00h
B>* 9.9.9.0/24 [20/0] via 10.10.18.212, br100 onlink, 05w0d05h
evpn1# exit
没看1000 vni

配置vtep

evpn1# show running-config
Building configuration...

Current configuration:
!
frr version 7.3-MyOwnFRRVersion
frr defaults traditional
hostname evpn2.novalocal
log file /var/log/frr/bgpd.log
hostname evpn1
!
vrf evpn-vrf
 vni 100
 exit-vrf
!
router bgp 8888
 bgp router-id 10.10.18.209
 bgp bestpath as-path multipath-relax
 neighbor fabric peer-group
 neighbor fabric remote-as external
 neighbor 10.10.18.212 peer-group fabric
 neighbor 10.10.18.212 update-source 10.10.18.209
 !
 address-family l2vpn evpn
  neighbor fabric activate
  advertise-all-vni
 exit-address-family
!
router bgp 8888 vrf evpn-vrf
 !
 address-family l2vpn evpn
  advertise ipv4 unicast
 exit-address-family
!
line vty
!
end
evpn1# conf t
evpn1(config)# router bgp 8888
evpn1(config-router)# router bgp 8888 vrf evpn-vrf2
evpn1(config-router)# exit
evpn1(config)# vrf evpn-vrf2
evpn1(config-vrf)# vni 1000
evpn1(config-vrf)# exit
evpn1(config)# wr m
% Unknown command: wr m
evpn1(config)# exit
evpn1# wr
Note: this version of vtysh never writes vtysh.conf
Building Configuration...
Configuration saved to /etc/frr/zebra.conf
Configuration saved to /etc/frr/ospfd.conf
Configuration saved to /etc/frr/bgpd.conf
Configuration saved to /etc/frr/pimd.conf
Configuration saved to /etc/frr/fabricd.conf
Configuration saved to /etc/frr/staticd.conf
evpn1# exit

evpn1# show running-config
Building configuration...

Current configuration:
!
frr version 7.3-MyOwnFRRVersion
frr defaults traditional
hostname evpn2.novalocal
log file /var/log/frr/bgpd.log
hostname evpn1
!
vrf evpn-vrf
vni 100
exit-vrf
!
vrf evpn-vrf2
vni 1000
exit-vrf
!
router bgp 8888
bgp router-id 10.10.18.209
bgp bestpath as-path multipath-relax
neighbor fabric peer-group
neighbor fabric remote-as external
neighbor 10.10.18.212 peer-group fabric
neighbor 10.10.18.212 update-source 10.10.18.209
!
address-family l2vpn evpn
neighbor fabric activate
advertise-all-vni
exit-address-family
!
router bgp 8888 vrf evpn-vrf
!
address-family l2vpn evpn
advertise ipv4 unicast
exit-address-family
!
router bgp 8888 vrf evpn-vrf2
!
line vty
!
end
evpn1#

以上内容来自于网络,如有侵权联系即删除

上一篇: Leetcode练习(Python)：数组类：第189题：给定一个数组，将数组中的元素向右移动 k 个位置，其中 k 是非负数。

下一篇: Win7电脑系统崩溃怎么解决？

帮助中心

vxlan + 多个vrf

相关文章