本ドキュメントでは、Catalyst においての、EVPN VXLAN L2 Overlay (ヘッドエンドレプリケーション)設定 - Spine-Leaf構成の設定について解説します。
本ドキュメントの検証にあたり、Cisco Modeling Labs ( CML )および cat9000v-17.11 を使用しています。
※ CML、cat9000v-17.11 の取得および使用方法については、本ドキュメントでは扱いません
Spine-Leaf Configurations
Topology
Spine-1 Full Config
hostname Spine-1
!
ip routing
!
system mtu 8978
!
interface Loopback0
ip address 172.16.255.1 255.255.255.255
ip ospf 1 area 0
!
interface GigabitEthernet1/0/1
no switchport
ip address 172.16.13.1 255.255.255.0
ip ospf network point-to-point
ip ospf 1 area 0
!
interface GigabitEthernet1/0/2
no switchport
ip address 172.16.14.1 255.255.255.0
ip ospf network point-to-point
ip ospf 1 area 0
!
router ospf 1
router-id 172.16.255.1
!
router bgp 65001
no bgp log-neighbor-changes
neighbor 172.16.255.2 remote-as 65001
neighbor 172.16.255.2 update-source Loopback0
neighbor 172.16.255.3 remote-as 65001
neighbor 172.16.255.3 update-source Loopback0
neighbor 172.16.255.4 remote-as 65001
neighbor 172.16.255.4 update-source Loopback0
!
address-family ipv4
neighbor 172.16.255.2 activate
neighbor 172.16.255.3 activate
neighbor 172.16.255.4 activate
exit-address-family
!
address-family l2vpn evpn
neighbor 172.16.255.2 activate
neighbor 172.16.255.2 send-community both
neighbor 172.16.255.3 activate
neighbor 172.16.255.3 send-community both
neighbor 172.16.255.3 route-reflector-client
neighbor 172.16.255.4 activate
neighbor 172.16.255.4 send-community both
neighbor 172.16.255.4 route-reflector-client
exit-address-family
!
!
end
Spine-2 Full Config
hostname Spine-2
!
ip routing
!
system mtu 8978
!
interface Loopback0
ip address 172.16.255.2 255.255.255.255
ip ospf 1 area 0
!
interface GigabitEthernet1/0/1
no switchport
ip address 172.16.23.2 255.255.255.0
ip ospf network point-to-point
ip ospf 1 area 0
!
interface GigabitEthernet1/0/2
no switchport
ip address 172.16.24.2 255.255.255.0
ip ospf network point-to-point
ip ospf 1 area 0
!
router ospf 1
router-id 172.16.255.2
!
router bgp 65001
bgp router-id 172.16.255.2
no bgp log-neighbor-changes
neighbor 172.16.255.1 remote-as 65001
neighbor 172.16.255.1 update-source Loopback0
neighbor 172.16.255.3 remote-as 65001
neighbor 172.16.255.3 update-source Loopback0
neighbor 172.16.255.4 remote-as 65001
neighbor 172.16.255.4 update-source Loopback0
!
address-family l2vpn evpn
neighbor 172.16.255.1 activate
neighbor 172.16.255.1 send-community both
neighbor 172.16.255.3 activate
neighbor 172.16.255.3 send-community both
neighbor 172.16.255.3 route-reflector-client
neighbor 172.16.255.4 activate
neighbor 172.16.255.4 send-community both
neighbor 172.16.255.4 route-reflector-client
exit-address-family
!
end
Leaf-1 Full Config
hostname Leaf-1
!
ip routing
!
l2vpn evpn
replication-type static
router-id Loopback1
!
l2vpn evpn instance 10 vlan-based
encapsulation vxlan
replication-type ingress
!
system mtu 8978
!
vlan configuration 10
member evpn-instance 10 vni 10010
!
interface Loopback0
ip address 172.16.255.3 255.255.255.255
ip ospf 1 area 0
!
interface Loopback1
ip address 172.16.254.3 255.255.255.255
ip ospf 1 area 0
!
interface GigabitEthernet1/0/1
no switchport
ip address 172.16.13.3 255.255.255.0
ip ospf network point-to-point
ip ospf 1 area 0
!
interface GigabitEthernet1/0/2
no switchport
ip address 172.16.23.3 255.255.255.0
ip ospf network point-to-point
ip ospf 1 area 0
!
interface GigabitEthernet1/0/3
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface nve1
no ip address
source-interface Loopback1
host-reachability protocol bgp
member vni 10010 ingress-replication
!
router ospf 1
router-id 172.16.255.3
!
router bgp 65001
no bgp log-neighbor-changes
neighbor 172.16.255.1 remote-as 65001
neighbor 172.16.255.1 update-source Loopback0
neighbor 172.16.255.2 remote-as 65001
neighbor 172.16.255.2 update-source Loopback0
!
address-family ipv4
neighbor 172.16.255.1 activate
neighbor 172.16.255.2 activate
exit-address-family
!
address-family l2vpn evpn
neighbor 172.16.255.1 activate
neighbor 172.16.255.1 send-community both
neighbor 172.16.255.2 activate
neighbor 172.16.255.2 send-community both
exit-address-family
!
end
Leaf-2 Full Config
hostname Leaf-2
!
ip routing
!
l2vpn evpn
replication-type static
router-id Loopback1
!
l2vpn evpn instance 10 vlan-based
encapsulation vxlan
replication-type ingress
!
system mtu 8978
!
vlan configuration 10
member evpn-instance 10 vni 10010
!
interface Loopback0
ip address 172.16.255.4 255.255.255.255
ip ospf 1 area 0
!
interface Loopback1
ip address 172.16.254.4 255.255.255.255
ip ospf 1 area 0
!
interface GigabitEthernet1/0/1
no switchport
ip address 172.16.14.4 255.255.255.0
ip ospf network point-to-point
ip ospf 1 area 0
!
interface GigabitEthernet1/0/2
no switchport
ip address 172.16.24.4 255.255.255.0
ip ospf network point-to-point
ip ospf 1 area 0
!
interface GigabitEthernet1/0/3
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface nve1
no ip address
source-interface Loopback1
host-reachability protocol bgp
member vni 10010 ingress-replication
!
router ospf 1
router-id 172.16.255.4
!
router bgp 65001
no bgp log-neighbor-changes
neighbor 172.16.255.1 remote-as 65001
neighbor 172.16.255.1 update-source Loopback0
neighbor 172.16.255.2 remote-as 65001
neighbor 172.16.255.2 update-source Loopback0
!
address-family ipv4
neighbor 172.16.255.1 activate
neighbor 172.16.255.2 activate
exit-address-family
!
address-family l2vpn evpn
neighbor 172.16.255.1 activate
neighbor 172.16.255.1 send-community both
neighbor 172.16.255.2 activate
neighbor 172.16.255.2 send-community both
exit-address-family
!
end
確認コマンド
- show nve peers
- show bgp l2vpn evpn summary
- show bgp l2vpn evpn
- show l2vpn evpn mac evi 10
Host-1 -> Host-2へのトラフィック送信時
show nve peers
ピアリーフスイッチの NVE インターフェイスの状態の情報を表示
- state UPを確認
Leaf-1#sh nve peers
'M' - MAC entry download flag 'A' - Adjacency download flag
'4' - IPv4 flag '6' - IPv6 flag
Interface VNI Type Peer-IP RMAC/Num_RTs eVNI state flags UP time
nve1 10010 L2CP 172.16.254.4 5 10010 UP N/A 00:23:25
show bgp l2vpn evpn summary
レイヤ 2 VPN EVPN アドレスファミリの BGP 情報を表示
- BGP Neighbor がUPしていることを確認
Leaf-1#sh bgp l2vpn evpn summary
(snip)
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.16.255.1 4 65001 39 35 16 0 0 00:25:00 5
172.16.255.2 4 65001 31 24 16 0 0 00:15:30 5
show bgp l2vpn evpn
BGP table にRoute Distinguisher: 172.16.255.2:10が登録されていることを確認
Leaf-1#sh bgp l2vpn evpn
(snip)
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 172.16.254.3:10
*> [2][172.16.254.3:10][0][48][000011111111][0][*]/20
0.0.0.0 32768 ?
*> [2][172.16.254.3:10][0][48][000011111111][32][192.168.10.11]/24
0.0.0.0 32768 ?
*>i [2][172.16.254.3:10][0][48][000022222222][0][*]/20
172.16.254.4 0 100 0 ?
*>i [2][172.16.254.3:10][0][48][000022222222][32][192.168.10.22]/24
172.16.254.4 0 100 0 ?
*> [2][172.16.254.3:10][0][48][525400038C4A][0][*]/20
0.0.0.0 32768 ?
*> [2][172.16.254.3:10][0][48][525400038C4A][128][FE80::5054:FF:FE03:8C4A]/36
0.0.0.0 32768 ?
Network Next Hop Metric LocPrf Weight Path
*>i [2][172.16.254.3:10][0][48][52540013ACF6][0][*]/20
172.16.254.4 0 100 0 ?
*>i [2][172.16.254.3:10][0][48][52540013ACF6][128][FE80::5054:FF:FE13:ACF6]/36
172.16.254.4 0 100 0 ?
Route Distinguisher: 172.16.254.4:10
* i [2][172.16.254.4:10][0][48][000022222222][0][*]/20
172.16.254.4 0 100 0 ?
*>i 172.16.254.4 0 100 0 ?
* i [2][172.16.254.4:10][0][48][000022222222][32][192.168.10.22]/24
172.16.254.4 0 100 0 ?
*>i 172.16.254.4 0 100 0 ?
* i [2][172.16.254.4:10][0][48][52540013ACF6][0][*]/20
172.16.254.4 0 100 0 ?
*>i 172.16.254.4 0 100 0 ?
* i [2][172.16.254.4:10][0][48][52540013ACF6][128][FE80::5054:FF:FE13:ACF6]/36
172.16.254.4 0 100 0 ?
*>i 172.16.254.4 0 100 0 ?
Route Distinguisher: 172.16.254.3:10
*> [3][172.16.254.3:10][0][32][172.16.254.3]/17
0.0.0.0 32768 ?
*>i [3][172.16.254.3:10][0][32][172.16.254.4]/17
172.16.254.4 0 100 0 ?
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 172.16.254.4:10
* i [3][172.16.254.4:10][0][32][172.16.254.4]/17
172.16.254.4 0 100 0 ?
*>i 172.16.254.4 0 100 0 ?
show l2vpn evpn mac
Leaf-1#sh l2vpn evpn mac
MAC Address EVI VLAN ESI Ether Tag Next Hop(s)
-------------- ----- ----- ------------------------ ---------- ---------------
0000.1111.1111 10 10 0000.0000.0000.0000.0000 0 Gi1/0/3:10
0000.2222.2222 10 10 0000.0000.0000.0000.0000 0 172.16.254.4
5254.0003.8c4a 10 10 0000.0000.0000.0000.0000 0 Gi1/0/3:10
5254.0013.acf6 10 10 0000.0000.0000.0000.0000 0 172.16.254.4
show arp
Host-1#ping 192.168.10.22
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.22, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 460/495/551 ms
Host-1#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.10.11 - 0000.1111.1111 ARPA GigabitEthernet1
Internet 192.168.10.22 23 0000.2222.2222 ARPA GigabitEthernet1
関連記事
検索バーにキーワード、フレーズ、または質問を入力し、お探しのものを見つけましょう
シスコ コミュニティをいち早く使いこなしていただけるよう役立つリンクをまとめました。みなさんのジャーニーがより良いものとなるようお手伝いします
