1、实验目的

2、实验环境

2.1 实验拓扑

2.2 数据准备

2.3 设备型号

3、实验内容

4、配置步骤

4.1 基础配置

4.2 配置业务接入点

4.3 配置BGP EVPN Peer

4.4 配置VPN实例和EVPN实例

4.5 使能头端复制功能

4.6 配置VXLAN三层网关

4.7 配置BGP对邻居发布IRB路由

4.8 配置BGP对邻居发布IP前缀路由

4.9 其他配置

5、结果验证

5.1 检查EVPN Peer是否正常建立

5.2 查看EVPN路由

5.2.1 Leaf1初始bgp evpn路由信息

5.2.2 Type3路由

5.2.3 Type5路由

5.2.4 Type 2路由

1、实验目的

了解分布式网关以及BGP EVPN工作机制。

2、实验环境

2.1 实验拓扑

2.2 数据准备

（1）服务器配置数据

服务器配置数据
	ip add/mask	gateway	Vlan
Serv1	172.16.1.10/24	172.16.1.1	10
Serv2	10.10.10.10/24	10.10.10.1	20
Serv3	172.16.1.20/24	172.16.1.1	30
Serv4	10.10.10.20/24	10.10.10.1	40

(2）ASW1配置数据

ASW1配置数据
划分vlan10/20，和Leaf1 Trunk连接

（3）ASW2配置数据

ASW2配置数据
划分vlan30/40，和Leaf2 Trunk连接

（4）Leaf1/Leaf2/Spine1/BL1配置数据

Leaf1/Leaf2/Spine1/BL1配置数据
	Lo0 （用于配置OSPF/BGP Router ID）	Lo10 （用于配置VTEP地址）	VID/BD/VNI对应关系
			VID	BD	VNI
Spine1	1.1.1.1
Leaf1	2.2.2.2	20.20.20.20	10	100	8000
			20	200
Leaf2	3.3.3.3	30.30.30.30	30	300	8000
BL1	4.4.4.4	40.40.40.40

本实验场景，Spine1不做vxlan封装，只是三层转发，不需要VTEP地址。BL1没有业务接入点，不需配置二层vxlan/bridge domain。

Spine1和Leaf1/Leaf2/BL1互联端口地址：192.168.x.x/24

（5）EVPN相关配置数据

EVPN相关配置数据
		L2VPN(EVPN)			L3VPN
	BD	L2VNI	RD	RT	L3VNI	RD	RT
Leaf1	100	8000	20:1	100:10 200:10(ert)	100	200:1	evpn: 200:10
	200	9000	20:2	100:20 200:10(ert)
Leaf2	300	8000	30:1	100:10 200:10(ert)	100	300:1	evpn: 200:10
BL1					100	400:1	evpn: 200:10

BL1没有L2VPN配置，BL1只是通过L3VNI和Leaf1/Leaf2进行通信。

2.3 设备型号

设备型号
名称	功能	ENSP型号	ENSP版本
Spine1	Spine节点	CE12800	V200R005C10
Leaf1/Leaf2	Server Leaf节点	CE12800	V200R005C10
BL1	Border Leaf节点	CE12800	V200R005C10
ASW1/ASW2	接入交换机	S3700	V200R001C00
Serv1~4	服务器	PC
R1	模拟核心路由器/交换机	AR1220	V200R003C00

ENSP软件版本：V100R003C00SPC100

3、实验内容

1、按照实验环境进行组网。

2、基础配置：配置OSPF，相互能学习到Loopback地址。

3、完成BGP EVPN配置和分布式网关相关配置。

4、服务器Serv1能Ping通Serv3。

5、Serv2能Ping通Serv3

6、Serv1/Serv2/Serv3能Ping通R1地址182.1.1.2。

7、检查VXLAN/EVPN/路由状态。

4、配置步骤

4.1 基础配置

（1）配置Serv1/Serv2/Serv3/Serv4 IP地址/网关。

（2）配置ASW1、ASW2，端口划分vlan，配置和Leaf1/Leaf2的Trunk连接。

ASW1配置，ASW2类似:
-------------------
#
vlan batch 10 20
#
#
interface Ethernet0/0/1port link-type trunkport trunk allow-pass vlan 10 20
#
interface Ethernet0/0/2port link-type accessport default vlan 10
#
interface Ethernet0/0/3port link-type accessport default vlan 20
#

（3）配置Spine1/Leaf1/Leaf2/BL1的loopback地址，互联地址，配置OSPF，使得Loopback地址可达。

Leaf1 OSPF 配置：
#
ospf 1 router-id 2.2.2.2area 0.0.0.0network 2.2.2.2 0.0.0.0network 20.20.20.20 0.0.0.0network 192.168.12.2 0.0.0.0
#

4.2 配置业务接入点

分别在Leaf1/Leaf2配置业务接入点。

Leaf1配置：
---------
#
bridge-domain 100
#
bridge-domain 200
#
#
interface GE1/0/1.1 mode l2encapsulation dot1q vid 10bridge-domain 100
#
interface GE1/0/1.2 mode l2encapsulation dot1q vid 20bridge-domain 200
#

4.3 配置BGP EVPN Peer

(1) Spine1(RR)配置：
--------------
#
evpn-overlay enable
#
bgp 100router-id 1.1.1.1peer 2.2.2.2 as-number 100peer 2.2.2.2 connect-interface LoopBack0peer 3.3.3.3 as-number 100peer 3.3.3.3 connect-interface LoopBack0peer 4.4.4.4 as-number 100peer 4.4.4.4 connect-interface LoopBack0#ipv4-family unicastpeer 2.2.2.2 enablepeer 3.3.3.3 enablepeer 4.4.4.4 enable#l2vpn-family evpnundo policy vpn-targetpeer 2.2.2.2 enablepeer 2.2.2.2 reflect-clientpeer 3.3.3.3 enablepeer 3.3.3.3 reflect-clientpeer 4.4.4.4 enablepeer 4.4.4.4 reflect-client
#(2) Leaf1 BGP EVPN配置：（Leaf2/BL1类似）
-------------------------------------
#
evpn-overlay enable
#
bgp 100router-id 2.2.2.2peer 1.1.1.1 as-number 100peer 1.1.1.1 connect-interface LoopBack0#ipv4-family unicastpeer 1.1.1.1 enable#l2vpn-family evpnpolicy vpn-targetpeer 1.1.1.1 enable
#

undo policy vpn-target

缺省情况下，PE对收到的VPNv4路由进行VPN-target过滤。通过过滤的路由会被加入到路由表中，没有通过过滤的路由将被丢弃。因此，如果PE没有配置VPN实例，或者VPN实例没有配置VPN-Target，则PE丢弃所有收到的VPNv4路由。

Spine1(RR)不配置VPN实例，但是RR需要保存所有VPNv4路由信息，以通告给对端PE。这种情况下，RR应接收所有的VPNv4路由信息，不对它们进行VPN-Target过滤。

4.4 配置VPN实例和EVPN实例

Leaf1配置，Leaf2/BL1类似，其中BL1没有配置bridge-domain，所以没有evpn实例：
#
ip vpn-instance vpn1ipv4-familyroute-distinguisher 200:1vpn-target 200:10 export-extcommunityvpn-target 200:10 export-extcommunity evpnvpn-target 200:10 import-extcommunityvpn-target 200:10 import-extcommunity evpnvxlan vni 100
#
#
bridge-domain 100vxlan vni 8000evpnroute-distinguisher 20:1vpn-target 100:10 export-extcommunityvpn-target 200:10 export-extcommunityvpn-target 100:10 import-extcommunity
#

L3VPN（ip vpn-instance)下配置vpn-target 200:10 export-extcommunity evpn，主要对该L3VPN产生的ip prefix，在生成BGP Update——Type5类EVPN路由时，通过MPBGP EVPN传输时，携带RT：200:10，用于远端L3VPN过滤接收该前缀路由。

L2VPN（evpn)下配置vpn-target 200:10 export-extcommunity，主要对evpn产生的Type2类EVPN路由，即mac/ip信息，提取其中的ip信息（32位主机路由），通过MPBGP EVPN传输时，携带RT：200:10，用于远端L3VPN过滤接收该主机路由。

4.5 使能头端复制功能

(1)Leaf1配置，Leaf2类似：
--------------------
#
interface Nve1source 20.20.20.20vni 8000 head-end peer-list protocol bgp
#(2)BL1配置：
-----------
只需要配置NVE端口，指定源地址即可，无需配置头端复制（没有BUM traffic）。
#
interface Nve1source 40.40.40.40
#

配置vni 8000 head-end peer-list protocol bgp后，会生成BGP Update——Type3类EVPN路由（inclusive multicast route)，告诉其他VTEP，自己是对应VNI（即L2VNI）的成员，远端VTEP收到后，会把该VTEP接入到自己对应VNI的头端复制列表中（用于BUM流量的发送）。

通过dis vxlan peer查看vni对应的头端复制列表。

4.6 配置VXLAN三层网关

Leaf1配置，Leaf2类似：
---------------------
#
interface Vbdif100ip binding vpn-instance vpn1ip address 172.16.1.1 255.255.255.0mac-address 0001-0001-0001vxlan anycast-gateway enablearp collect host enable
#

1）vxlan anycast-gateway enable

当用户希望网关作为分布式网关，并且需要网关只学习用户侧主机发送的ARP、ND或DHCP报文时，可以执行该命令。使能分布式网关功能之后：
网关只处理收到的用户侧主机发送的ARP、ND或DHCP报文，并生成主机路由。

网关删除已经学到的网络侧的ARP、ND或DHCP报文，同时删除相应的主机路由。

2）arp collect host enable

使三层网关能够获取主机信息表。

在配置分布式网关部署方式的VXLAN（BGP EVPN方式）场景中，当VXLAN网关之间发布的路由类型为IRB时，需配置arp collect host enable命令，用来发布主机路由。

3）arp广播抑制

在终端租户初次互通过程中，终端租户会发送ARP广播请求报文，而ARP请求报文会在二层网络内广播。为了抑制ARP广播请求报文给网络带来的广播风暴，可在VXLAN二层网关设备上使能ARP广播抑制功能。但是，ARP广播抑制功能的实现依赖于三层网关上的主机信息表（包括主机IP地址、MAC地址、VTEP地址和VNI ID，主机信息表通过arp collect host enable获取）。

在bridge-domain下配置arp broadcast-suppress，使能ARP广播抑制功能。

4）arp proxy/arp 代答

arp l2-proxy enable ----BD下配置二层代答功能，可以配合arp collect host一起使用。

4.7 配置BGP对邻居发布IRB路由

spine1配置，Leaf1/Leaf2/BL1类似：
-------------------------------
#l2vpn-family evpnpeer 2.2.2.2 advertise irbpeer 3.3.3.3 advertise irbpeer 4.4.4.4 advertise irb
#

4.8 配置BGP对邻居发布IP前缀路由

Leaf1配置，Leaf2/BL1类似：
#ipv4-family vpn-instance vpn1import-route directadvertise l2vpn evpn#

advertise l2vpn evpn

让vpn-instance的三层路由通过bgp evpn传递

4.9 其他配置

（1）Leaf1配置vbdif200，用于测试：
#
interface Vbdif200ip binding vpn-instance vpn1ip address 10.10.10.1 255.255.255.0
#
（2）配置R1和BL1互联和路由：
R1配置：
#
interface GigabitEthernet0/0/0ip address 182.1.1.2 255.255.255.0
#
#
ip route-static 10.10.10.0 255.255.255.0 182.1.1.1
ip route-static 172.16.1.0 255.255.255.0 182.1.1.1
ip route-static 192.168.0.0 255.255.0.0 182.1.1.1
#

5、结果验证

5.1 检查EVPN Peer是否正常建立

[spine1]dis bgp evpn peerBGP local router ID        : 1.1.1.1Local AS number            : 100Total number of peers      : 3Peers in established state : 3Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State  PrefRcv2.2.2.2         4         100        7       18     0 00:00:47 Established        63.3.3.3         4         100        7       12     0 00:00:18 Established        44.4.4.4         4         100        6       28     0 00:01:15 Established        2

5.2 查看EVPN路由

5.2.1 Leaf1初始bgp evpn路由信息

在Leaf1上Shutdown 和Spine1的BGP连接：

#
bgp 100peer 1.1.1.1 ignore
#[Leaf1]dis bgp evpn peer BGP local router ID        : 2.2.2.2Local AS number            : 100Total number of peers      : 1Peers in established state : 0Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State  PrefRcv1.1.1.1         4         100        0        0     0 00:01:23 Idle(Admin)        0

此时查看Leaf1的EVPN路由，都是自己产生的：

[Leaf1]dis bgp evpn all routing-table Local AS number : 100BGP Local router ID is 2.2.2.2Status codes: * - valid, > - best, d - damped, x - best external, a - add path,h - history,  i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteEVPN address family:Number of Mac Routes: 1Route Distinguisher: 20:1Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr)  NextHop*>    0:48:0001-0001-0001:0:0.0.0.0                          0.0.0.0EVPN-Instance 100:Number of Mac Routes: 1Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr)  NextHop*>    0:48:0001-0001-0001:0:0.0.0.0                          0.0.0.0EVPN address family:Number of Inclusive Multicast Routes: 1Route Distinguisher: 20:1Network(EthTagId/IpAddrLen/OriginalIp)                 NextHop*>    0:32:20.20.20.20                                       0.0.0.0EVPN-Instance 100:Number of Inclusive Multicast Routes: 1Network(EthTagId/IpAddrLen/OriginalIp)                 NextHop*>    0:32:20.20.20.20                                       0.0.0.0EVPN address family:Number of Ip Prefix Routes: 4Route Distinguisher: 200:1Network(EthTagId/IpPrefix/IpPrefixLen)                 NextHop*>    0:172.16.1.0:24                                        0.0.0.0*>    0:10.10.10.0:24                                        0.0.0.0*>    0:172.16.1.1:32                                        0.0.0.0*>    0:10.10.10.1:32                                        0.0.0.0EVPN-Instance __RD_1_200_1__:Number of Ip Prefix Routes: 4Network(EthTagId/IpPrefix/IpPrefixLen)                 NextHop*>    0:172.16.1.0:24                                        0.0.0.0*>    0:10.10.10.0:24                                        0.0.0.0*>    0:172.16.1.1:32                                        0.0.0.0*>    0:10.10.10.1:32                                        0.0.0.0
[Leaf1]

4条type 5路由，由import direct产生；

1条type3路由，由int nve下配置的vni 8000产生；

1条type2路由（mac路由），由arp collect host enable产生？？

4条type5路由，由L3VPN注入进来的:

[Leaf1]dis bgp vpnv4 vpn-instance vpn1 routing-table BGP Local router ID is 2.2.2.2Status codes: * - valid, > - best, d - damped, x - best external, a - add path,h - history,  i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteRPKI validation codes: V - valid, I - invalid, N - not-foundVPN-Instance vpn1, Router ID 2.2.2.2:Total Number of Routes: 4Network            NextHop                       MED        LocPrf    PrefVal Path/Ogn*>     10.10.10.0/24      0.0.0.0                        0                     0       ?*>     10.10.10.1/32      0.0.0.0                        0                     0       ?*>     172.16.1.0/24      0.0.0.0                        0                     0       ?*>     172.16.1.1/32      0.0.0.0                        0                     0       ?

具体查看一条前缀路由（比如：0:172.16.1.0:24）的注入方式，可以看到此路由是“Imported route.":

[Leaf1]dis bgp evpn all routing-table prefix-route  0:172.16.1.0:24 BGP local router ID : 2.2.2.2Local AS number : 100Total routes of Route Distinguisher(200:1): 1BGP routing table entry information of 0:172.16.1.0:24:Imported route.Label information (Received/Applied): NULL/100From: 0.0.0.0 (0.0.0.0) Route Duration: 0d00h13m08sDirect Out-interface: Vbdif100 Original nexthop: 20.20.20.20Effective nexthop: 172.16.1.1Qos information : 0x0Ext-Community: RT <200 : 10>, Tunnel Type <VxLan>, Router's MAC <707b-e8da-5876>AS-path Nil, origin incomplete, MED 0, pref-val 0, valid, local, best, select, pre 255Route Type: 5 (Ip Prefix Route)Ethernet Tag ID: 0, IP Prefix/Len: 172.16.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0Not advertised to any peer yetEVPN-Instance __RD_1_200_1__:Number of Ip Prefix Routes: 1BGP routing table entry information of 0:172.16.1.0:24:Route Distinguisher: 200:1Imported route.Label information (Received/Applied): NULL/100From: 0.0.0.0 (0.0.0.0) Route Duration: 0d00h13m12sDirect Out-interface: Vbdif100 Original nexthop: 20.20.20.20Effective nexthop: 172.16.1.1Qos information : 0x0Ext-Community: Tunnel Type <VxLan>, Router's MAC <707b-e8da-5876>AS-path Nil, origin incomplete, MED 0, pref-val 0, valid, local, best, select, pre 0Route Type: 5 (Ip Prefix Route)Ethernet Tag ID: 0, IP Prefix/Len: 172.16.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0Not advertised to any peer yet[Leaf1]

输入undo peer 1.1.1.1 ignore重建连接。

在Leaf1上，Leaf1连接Spine1的端口抓包，查看BGP update信息。

5.2.2 Type3路由

Leaf1发给Spine1的bgp update type3抓包信息：

No.     Time           Source                Destination           Protocol Length VXLAN Network Identifier (VNI) Info26 39.954000      2.2.2.2               1.1.1.1               BGP      510                                   UPDATE Message, UPDATE Message, UPDATE MessageFrame 26: 510 bytes on wire (4080 bits), 510 bytes captured (4080 bits) on interface -, id 0
Ethernet II, Src: 38:7d:c8:04:01:00 (38:7d:c8:04:01:00), Dst: 38:7d:c8:02:01:01 (38:7d:c8:02:01:01)
Internet Protocol Version 4, Src: 2.2.2.2, Dst: 1.1.1.1
Transmission Control Protocol, Src Port: 52652, Dst Port: 179, Seq: 94, Ack: 71, Len: 456
Border Gateway Protocol - UPDATE MessageMarker: ffffffffffffffffffffffffffffffffLength: 108Type: UPDATE Message (2)Withdrawn Routes Length: 0Total Path Attribute Length: 85Path attributesPath Attribute - ORIGIN: INCOMPLETEFlags: 0x40, Transitive, Well-known, CompleteType Code: ORIGIN (1)Length: 1Origin: INCOMPLETE (2)Path Attribute - AS_PATH: emptyFlags: 0x40, Transitive, Well-known, CompleteType Code: AS_PATH (2)Length: 0Path Attribute - LOCAL_PREF: 100Flags: 0x40, Transitive, Well-known, CompleteType Code: LOCAL_PREF (5)Length: 4Local preference: 100Path Attribute - EXTENDED_COMMUNITIESFlags: 0xc0, Optional, Transitive, CompleteType Code: EXTENDED_COMMUNITIES (16)Length: 24Carried extended communities: (3 communities)Route Target: 100:10 [Transitive 2-Octet AS-Specific]Route Target: 200:10 [Transitive 2-Octet AS-Specific]Encapsulation: VXLAN Encapsulation [Transitive Opaque]Path Attribute - PMSI_TUNNEL_ATTRIBUTEFlags: 0xc0, Optional, Transitive, CompleteType Code: PMSI_TUNNEL_ATTRIBUTE (22)Length: 9Flags: 0Tunnel Type: Ingress Replication (6)VNI: 8000Tunnel ID: tunnel end point -> 20.20.20.20Tunnel type ingress replication IP end point: 20.20.20.20Path Attribute - MP_REACH_NLRIFlags: 0x90, Optional, Extended-Length, Non-transitive, CompleteType Code: MP_REACH_NLRI (14)Length: 28Address family identifier (AFI): Layer-2 VPN (25)Subsequent address family identifier (SAFI): EVPN (70)Next hop: 14141414IPv4 Address: 20.20.20.20[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]Number of Subnetwork points of attachment (SNPA): 0Network Layer Reachability Information (NLRI)EVPN NLRI: Inclusive Multicast RouteRoute Type: Inclusive Multicast Route (3)Length: 17Route Distinguisher: 0000001400000001 (20:1)Ethernet Tag ID: 0IP Address Length: 32IPv4 address: 20.20.20.20

Spine1发给Leaf1的bgp update type3抓包信息：

No.     Time           Source                Destination           Protocol Length VXLAN Network Identifier (VNI) Info28 39.954000      1.1.1.1               2.2.2.2               BGP      650                                   UPDATE Message, UPDATE Message, UPDATE Message, UPDATE MessageFrame 28: 650 bytes on wire (5200 bits), 650 bytes captured (5200 bits) on interface -, id 0
Ethernet II, Src: 38:7d:c8:02:01:01 (38:7d:c8:02:01:01), Dst: 38:7d:c8:04:01:00 (38:7d:c8:04:01:00)
Internet Protocol Version 4, Src: 1.1.1.1, Dst: 2.2.2.2
Transmission Control Protocol, Src Port: 179, Dst Port: 52652, Seq: 94, Ack: 94, Len: 596
Border Gateway Protocol - UPDATE MessageMarker: ffffffffffffffffffffffffffffffffLength: 122Type: UPDATE Message (2)Withdrawn Routes Length: 0Total Path Attribute Length: 99Path attributesPath Attribute - ORIGIN: INCOMPLETEFlags: 0x40, Transitive, Well-known, CompleteType Code: ORIGIN (1)Length: 1Origin: INCOMPLETE (2)Path Attribute - AS_PATH: emptyFlags: 0x40, Transitive, Well-known, CompleteType Code: AS_PATH (2)Length: 0Path Attribute - LOCAL_PREF: 100Flags: 0x40, Transitive, Well-known, CompleteType Code: LOCAL_PREF (5)Length: 4Local preference: 100Path Attribute - ORIGINATOR_ID: 3.3.3.3 Flags: 0x80, Optional, Non-transitive, CompleteType Code: ORIGINATOR_ID (9)Length: 4Originator identifier: 3.3.3.3Path Attribute - CLUSTER_LIST: 1.1.1.1Flags: 0x80, Optional, Non-transitive, CompleteType Code: CLUSTER_LIST (10)Length: 4Cluster List: 1.1.1.1Path Attribute - EXTENDED_COMMUNITIESFlags: 0xc0, Optional, Transitive, CompleteType Code: EXTENDED_COMMUNITIES (16)Length: 24Carried extended communities: (3 communities)Route Target: 100:10 [Transitive 2-Octet AS-Specific]Route Target: 200:10 [Transitive 2-Octet AS-Specific]Encapsulation: VXLAN Encapsulation [Transitive Opaque]Path Attribute - PMSI_TUNNEL_ATTRIBUTEFlags: 0xc0, Optional, Transitive, CompleteType Code: PMSI_TUNNEL_ATTRIBUTE (22)Length: 9Flags: 0Tunnel Type: Ingress Replication (6)VNI: 8000Tunnel ID: tunnel end point -> 30.30.30.30Path Attribute - MP_REACH_NLRIFlags: 0x90, Optional, Extended-Length, Non-transitive, CompleteType Code: MP_REACH_NLRI (14)Length: 28Address family identifier (AFI): Layer-2 VPN (25)Subsequent address family identifier (SAFI): EVPN (70)Next hop: 1e1e1e1eIPv4 Address: 30.30.30.30[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]Number of Subnetwork points of attachment (SNPA): 0Network Layer Reachability Information (NLRI)EVPN NLRI: Inclusive Multicast RouteRoute Type: Inclusive Multicast Route (3)Length: 17Route Distinguisher: 0000001e00000001 (30:1)Ethernet Tag ID: 0IP Address Length: 32IPv4 address: 30.30.30.30

这个type3路由就是Leaf2产生的，vni 8000触发产生。

在Leaf1查看bgp evpn type3路由信息：

[Leaf1-bgp]dis bgp evpn all routing-table inclusive-route Local AS number : 100BGP Local router ID is 2.2.2.2Status codes: * - valid, > - best, d - damped, x - best external, a - add path,h - history,  i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteEVPN address family:Number of Inclusive Multicast Routes: 2Route Distinguisher: 20:1Network(EthTagId/IpAddrLen/OriginalIp)                 NextHop*>    0:32:20.20.20.20                                       0.0.0.0Route Distinguisher: 30:1Network(EthTagId/IpAddrLen/OriginalIp)                 NextHop*>i   0:32:30.30.30.30                                       30.30.30.30EVPN-Instance 100:Number of Inclusive Multicast Routes: 2Network(EthTagId/IpAddrLen/OriginalIp)                 NextHop*>    0:32:20.20.20.20                                       0.0.0.0*>i   0:32:30.30.30.30                                       30.30.30.30
[Leaf1-bgp]

一共两条type3路由，0:32:20.20.20.20由Leaf1（本地）生成，0:32:30.30.30.30由Leaf2生成。

查看具体的type3路由：0:32:20.20.20.20

[Leaf1-bgp]dis bgp evpn all routing-table inclusive-route 0:32:20.20.20.20BGP local router ID : 2.2.2.2Local AS number : 100Total routes of Route Distinguisher(20:1): 1BGP routing table entry information of 0:32:20.20.20.20:Imported route.From: 0.0.0.0 (0.0.0.0) Route Duration: 0d04h11m59sDirect Out-interface:  Original nexthop: 20.20.20.20Qos information : 0x0Ext-Community: RT <100 : 10>, RT <200 : 10>, Tunnel Type <VxLan>AS-path Nil, origin incomplete, pref-val 0, valid, local, best, select, pre 255PMSI: Flags 0, Ingress Replication, Label 0:0:0(8000), Tunnel Identifier:20.20.20.20Route Type: 3 (Inclusive Multicast Route)Ethernet Tag ID: 0, Originator IP:20.20.20.20/32Advertised to such 1 peers:1.1.1.1EVPN-Instance 100:Number of Inclusive Multicast Routes: 1BGP routing table entry information of 0:32:20.20.20.20:Route Distinguisher: 20:1Imported route.From: 0.0.0.0 (0.0.0.0) Route Duration: 0d04h44m19sDirect Out-interface:  Original nexthop: 20.20.20.20Qos information : 0x0Ext-Community: Tunnel Type <VxLan>AS-path Nil, origin incomplete, pref-val 0, valid, local, best, select, pre 0PMSI: Flags 0, Ingress Replication, Label 0:0:0(8000), Tunnel Identifier:20.20.20.20Route Type: 3 (Inclusive Multicast Route)Ethernet Tag ID: 0, Originator IP:20.20.20.20/32Not advertised to any peer yet[Leaf1-bgp]

查看具体的type3路由：0:32:30.30.30.30

[Leaf1-bgp]dis bgp evpn all routing-table inclusive-route 0:32:30.30.30.30BGP local router ID : 2.2.2.2Local AS number : 100Total routes of Route Distinguisher(30:1): 1BGP routing table entry information of 0:32:30.30.30.30:Label information (Received/Applied): 8000/NULLFrom: 1.1.1.1 (1.1.1.1) Route Duration: 0d03h02m20sRelay IP Nexthop: 192.168.12.1Relay Tunnel Out-Interface: VXLANOriginal nexthop: 30.30.30.30Qos information : 0x0Ext-Community: RT <100 : 10>, RT <200 : 10>, Tunnel Type <VxLan>AS-path Nil, origin incomplete, localpref 100, pref-val 0, valid, internal, best, select, pre 255, IGP cost 2Originator: 3.3.3.3PMSI: Flags 0, Ingress Replication, Label 0:0:0(8000), Tunnel Identifier:30.30.30.30Cluster list: 1.1.1.1Route Type: 3 (Inclusive Multicast Route)Ethernet Tag ID: 0, Originator IP:30.30.30.30/32Not advertised to any peer yetEVPN-Instance 100:Number of Inclusive Multicast Routes: 1BGP routing table entry information of 0:32:30.30.30.30:Route Distinguisher: 30:1Remote-Cross routeLabel information (Received/Applied): 8000/NULLFrom: 1.1.1.1 (1.1.1.1) Route Duration: 0d03h02m20sRelay Tunnel Out-Interface: VXLANOriginal nexthop: 30.30.30.30Qos information : 0x0Ext-Community: RT <100 : 10>, RT <200 : 10>, Tunnel Type <VxLan>AS-path Nil, origin incomplete, localpref 100, pref-val 0, valid, internal, best, select, pre 255Originator: 3.3.3.3PMSI: Flags 0, Ingress Replication, Label 0:0:0(8000), Tunnel Identifier:30.30.30.30Cluster list: 1.1.1.1Route Type: 3 (Inclusive Multicast Route)Ethernet Tag ID: 0, Originator IP:30.30.30.30/32Not advertised to any peer yet[Leaf1-bgp]

PMSI

Type 3 route must also carry a Provider Multicast Service Interface (PMSI) Tunnel attribute as specified in RFC 6514.

查看Leaf1vxlan peer建立：

[Leaf1]dis vxlan peer
Number of peers : 1
Vni ID    Source                  Destination            Type      Out Vni ID
-------------------------------------------------------------------------------
8000      20.20.20.20             30.30.30.30            dynamic   8000
[Leaf1]

type是动态的，通过bgp evpn协议建立的。

这就是头端复制列表。

Leaf1和BL1、Leaf2都建立了vxlan tunnel:

[Leaf1]dis vxlan tunnel
Number of vxlan tunnel : 2
Tunnel ID   Source                Destination           State  Type     Uptime
-----------------------------------------------------------------------------------
4026531856  20.20.20.20           30.30.30.30           up     dynamic  04:09:06
4026531857  20.20.20.20           40.40.40.40           up     dynamic  04:09:06
[Leaf1]

注意由于BL1没有配置L2VNI，所以Leaf1和BL1之间没有BUM流量的头端复制列表（就是没有vxlan peer)。

可以理解tunnel主要用于单播流量迭代到tunnel上（进行vxlan封装）。

5.2.3 Type5路由

Leaf1发给Spine1的bgp update type5的抓包信息：

Border Gateway Protocol - UPDATE MessageMarker: ffffffffffffffffffffffffffffffffLength: 228Type: UPDATE Message (2)Withdrawn Routes Length: 0Total Path Attribute Length: 205Path attributesPath Attribute - ORIGIN: INCOMPLETEFlags: 0x40, Transitive, Well-known, CompleteType Code: ORIGIN (1)Length: 1Origin: INCOMPLETE (2)Path Attribute - AS_PATH: emptyFlags: 0x40, Transitive, Well-known, CompleteType Code: AS_PATH (2)Length: 0Path Attribute - MULTI_EXIT_DISC: 0Flags: 0x80, Optional, Non-transitive, CompleteType Code: MULTI_EXIT_DISC (4)Length: 4Multiple exit discriminator: 0Path Attribute - LOCAL_PREF: 100Flags: 0x40, Transitive, Well-known, CompleteType Code: LOCAL_PREF (5)Length: 4Local preference: 100Path Attribute - EXTENDED_COMMUNITIESFlags: 0xc0, Optional, Transitive, CompleteType Code: EXTENDED_COMMUNITIES (16)Length: 24Carried extended communities: (3 communities)Route Target: 200:10 [Transitive 2-Octet AS-Specific]Encapsulation: VXLAN Encapsulation [Transitive Opaque]EVPN Router MAC: Router MAC: 70:7b:e8:da:58:76 [Transitive EVPN]Path Attribute - MP_REACH_NLRIFlags: 0x90, Optional, Extended-Length, Non-transitive, CompleteType Code: MP_REACH_NLRI (14)Length: 153Address family identifier (AFI): Layer-2 VPN (25)Subsequent address family identifier (SAFI): EVPN (70)Next hop: 14141414Number of Subnetwork points of attachment (SNPA): 0Network Layer Reachability Information (NLRI)EVPN NLRI: IP Prefix routeRoute Type: IP Prefix route (5)Length: 34Route Distinguisher: 000000c800000001 (200:1)ESI: 00:00:00:00:00:00:00:00:00:00Ethernet Tag ID: 0IP prefix length: 24IPv4 address: 172.16.1.0IPv4 Gateway address: 0.0.0.0VNI: 100EVPN NLRI: IP Prefix routeRoute Type: IP Prefix route (5)Length: 34Route Distinguisher: 000000c800000001 (200:1)ESI: 00:00:00:00:00:00:00:00:00:00Ethernet Tag ID: 0IP prefix length: 24IPv4 address: 10.10.10.0IPv4 Gateway address: 0.0.0.0VNI: 100EVPN NLRI: IP Prefix routeRoute Type: IP Prefix route (5)Length: 34Route Distinguisher: 000000c800000001 (200:1)ESI: 00:00:00:00:00:00:00:00:00:00Ethernet Tag ID: 0IP prefix length: 32IPv4 address: 172.16.1.1IPv4 Gateway address: 0.0.0.0VNI: 100EVPN NLRI: IP Prefix routeRoute Type: IP Prefix route (5)Length: 34Route Distinguisher: 000000c800000001 (200:1)ESI: 00:00:00:00:00:00:00:00:00:00Ethernet Tag ID: 0IP prefix length: 32IPv4 address: 10.10.10.1IPv4 Gateway address: 0.0.0.0VNI: 100

type5只携带L3VPN的export RT值：200:1

type5只携带L3VNI：100

type5路由中的router mac是NVE端口的mac地址：

[Leaf1]dis int nve1
Nve1 current state : UP (ifindex: 22)
Line protocol current state : UP
Description:
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 707b-e8da-5876

Spine1向Leaf1发送的type5路由：

一部分是Leaf2产生的type5路由，另外一部分是BL1产生的type5路由。

Leaf1收到的，Leaf2产生的type5路由：

Border Gateway Protocol - UPDATE MessageMarker: ffffffffffffffffffffffffffffffffLength: 170Type: UPDATE Message (2)Withdrawn Routes Length: 0Total Path Attribute Length: 147Path attributesPath Attribute - ORIGIN: INCOMPLETEFlags: 0x40, Transitive, Well-known, CompleteType Code: ORIGIN (1)Length: 1Origin: INCOMPLETE (2)Path Attribute - AS_PATH: emptyFlags: 0x40, Transitive, Well-known, CompleteType Code: AS_PATH (2)Length: 0Path Attribute - MULTI_EXIT_DISC: 0Flags: 0x80, Optional, Non-transitive, CompleteType Code: MULTI_EXIT_DISC (4)Length: 4Multiple exit discriminator: 0Path Attribute - LOCAL_PREF: 100Flags: 0x40, Transitive, Well-known, CompleteType Code: LOCAL_PREF (5)Length: 4Local preference: 100Path Attribute - ORIGINATOR_ID: 3.3.3.3 Flags: 0x80, Optional, Non-transitive, CompleteType Code: ORIGINATOR_ID (9)Length: 4Originator identifier: 3.3.3.3Path Attribute - CLUSTER_LIST: 1.1.1.1Flags: 0x80, Optional, Non-transitive, CompleteType Code: CLUSTER_LIST (10)Length: 4Cluster List: 1.1.1.1Path Attribute - EXTENDED_COMMUNITIESFlags: 0xc0, Optional, Transitive, CompleteType Code: EXTENDED_COMMUNITIES (16)Length: 24Carried extended communities: (3 communities)Route Target: 200:10 [Transitive 2-Octet AS-Specific]Encapsulation: VXLAN Encapsulation [Transitive Opaque]EVPN Router MAC: Router MAC: 70:7b:e8:2d:5c:d3 [Transitive EVPN]Path Attribute - MP_REACH_NLRIFlags: 0x90, Optional, Extended-Length, Non-transitive, CompleteType Code: MP_REACH_NLRI (14)Length: 81Address family identifier (AFI): Layer-2 VPN (25)Subsequent address family identifier (SAFI): EVPN (70)Next hop: 1e1e1e1eIPv4 Address: 30.30.30.30[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]Number of Subnetwork points of attachment (SNPA): 0Network Layer Reachability Information (NLRI)EVPN NLRI: IP Prefix routeRoute Type: IP Prefix route (5)Length: 34Route Distinguisher: 0000012c00000001 (300:1)ESI: 00:00:00:00:00:00:00:00:00:00Ethernet Tag ID: 0IP prefix length: 24IPv4 address: 172.16.1.0IPv4 Gateway address: 0.0.0.0VNI: 100EVPN NLRI: IP Prefix routeRoute Type: IP Prefix route (5)Length: 34Route Distinguisher: 0000012c00000001 (300:1)ESI: 00:00:00:00:00:00:00:00:00:00Ethernet Tag ID: 0IP prefix length: 32IPv4 address: 172.16.1.1IPv4 Gateway address: 0.0.0.0VNI: 100

leaf1和leaf2，针对172.16.1.0，组成分布式网关，彼此发送相同的172.16.1.0/24和172.16.1.1的路由。

Leaf1收到的，BL1产生的type5路由：

Border Gateway Protocol - UPDATE MessageMarker: ffffffffffffffffffffffffffffffffLength: 170Type: UPDATE Message (2)Withdrawn Routes Length: 0Total Path Attribute Length: 147Path attributesPath Attribute - ORIGIN: INCOMPLETEFlags: 0x40, Transitive, Well-known, CompleteType Code: ORIGIN (1)Length: 1Origin: INCOMPLETE (2)Path Attribute - AS_PATH: emptyFlags: 0x40, Transitive, Well-known, CompleteType Code: AS_PATH (2)Length: 0Path Attribute - MULTI_EXIT_DISC: 0Flags: 0x80, Optional, Non-transitive, CompleteType Code: MULTI_EXIT_DISC (4)Length: 4Multiple exit discriminator: 0Path Attribute - LOCAL_PREF: 100Flags: 0x40, Transitive, Well-known, CompleteType Code: LOCAL_PREF (5)Length: 4Local preference: 100Path Attribute - ORIGINATOR_ID: 4.4.4.4 Flags: 0x80, Optional, Non-transitive, CompleteType Code: ORIGINATOR_ID (9)Length: 4Originator identifier: 4.4.4.4Path Attribute - CLUSTER_LIST: 1.1.1.1Flags: 0x80, Optional, Non-transitive, CompleteType Code: CLUSTER_LIST (10)Length: 4Cluster List: 1.1.1.1Path Attribute - EXTENDED_COMMUNITIESFlags: 0xc0, Optional, Transitive, CompleteType Code: EXTENDED_COMMUNITIES (16)Length: 24Carried extended communities: (3 communities)Route Target: 200:10 [Transitive 2-Octet AS-Specific]Encapsulation: VXLAN Encapsulation [Transitive Opaque]EVPN Router MAC: Router MAC: 70:7b:e8:7a:4e:20 [Transitive EVPN]Path Attribute - MP_REACH_NLRIFlags: 0x90, Optional, Extended-Length, Non-transitive, CompleteType Code: MP_REACH_NLRI (14)Length: 81Address family identifier (AFI): Layer-2 VPN (25)Subsequent address family identifier (SAFI): EVPN (70)Next hop: 28282828IPv4 Address: 40.40.40.40[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]Number of Subnetwork points of attachment (SNPA): 0Network Layer Reachability Information (NLRI)EVPN NLRI: IP Prefix routeRoute Type: IP Prefix route (5)Length: 34Route Distinguisher: 0000019000000001 (400:1)ESI: 00:00:00:00:00:00:00:00:00:00Ethernet Tag ID: 0IP prefix length: 24IPv4 address: 182.1.1.0IPv4 Gateway address: 0.0.0.0VNI: 100EVPN NLRI: IP Prefix routeRoute Type: IP Prefix route (5)Length: 34Route Distinguisher: 0000019000000001 (400:1)ESI: 00:00:00:00:00:00:00:00:00:00Ethernet Tag ID: 0IP prefix length: 32IPv4 address: 182.1.1.1IPv4 Gateway address: 0.0.0.0VNI: 100

查看bgp evpn type5的路由表：

[Leaf1]dis bgp evpn all routing-table prefix-route Local AS number : 100BGP Local router ID is 2.2.2.2Status codes: * - valid, > - best, d - damped, x - best external, a - add path,h - history,  i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteEVPN address family:Number of Ip Prefix Routes: 8Route Distinguisher: 200:1Network(EthTagId/IpPrefix/IpPrefixLen)                 NextHop*>    0:172.16.1.0:24                                        0.0.0.0*>    0:10.10.10.0:24                                        0.0.0.0*>    0:172.16.1.1:32                                        0.0.0.0*>    0:10.10.10.1:32                                        0.0.0.0Route Distinguisher: 300:1Network(EthTagId/IpPrefix/IpPrefixLen)                 NextHop*>i   0:172.16.1.0:24                                        30.30.30.30*>i   0:172.16.1.1:32                                        30.30.30.30Route Distinguisher: 400:1Network(EthTagId/IpPrefix/IpPrefixLen)                 NextHop*>i   0:182.1.1.0:24                                         40.40.40.40*>i   0:182.1.1.1:32                                         40.40.40.40EVPN-Instance __RD_1_200_1__:Number of Ip Prefix Routes: 8Network(EthTagId/IpPrefix/IpPrefixLen)                 NextHop*>i   0:182.1.1.0:24                                         40.40.40.40*>    0:172.16.1.0:24                                        0.0.0.0* i                                                          30.30.30.30*>    0:10.10.10.0:24                                        0.0.0.0*>i   0:182.1.1.1:32                                         40.40.40.40*>    0:172.16.1.1:32                                        0.0.0.0* i                                                          30.30.30.30*>    0:10.10.10.1:32                                        0.0.0.0
[Leaf1]

查看具体的bgp evpn type5路由信息：

查看bgp evpn路由明细，0:172.16.1.0:24

[Leaf1]dis bgp evpn all routing-table prefix-route 0:172.16.1.0:24BGP local router ID : 2.2.2.2Local AS number : 100Total routes of Route Distinguisher(200:1): 1BGP routing table entry information of 0:172.16.1.0:24:Imported route.Label information (Received/Applied): NULL/100From: 0.0.0.0 (0.0.0.0) Route Duration: 0d04h48m19sDirect Out-interface: Vbdif100 Original nexthop: 20.20.20.20Effective nexthop: 172.16.1.1Qos information : 0x0Ext-Community: RT <200 : 10>, Tunnel Type <VxLan>, Router's MAC <707b-e8da-5876>AS-path Nil, origin incomplete, MED 0, pref-val 0, valid, local, best, select, pre 255Route Type: 5 (Ip Prefix Route)Ethernet Tag ID: 0, IP Prefix/Len: 172.16.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0Advertised to such 1 peers:1.1.1.1Total routes of Route Distinguisher(300:1): 1BGP routing table entry information of 0:172.16.1.0:24:Label information (Received/Applied): 100/NULLFrom: 1.1.1.1 (1.1.1.1) Route Duration: 0d03h37m53sRelay IP Nexthop: 192.168.12.1Relay Tunnel Out-Interface: VXLANOriginal nexthop: 30.30.30.30Qos information : 0x0Ext-Community: RT <200 : 10>, Tunnel Type <VxLan>, Router's MAC <707b-e82d-5cd3>AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, best, select, pre 255, IGP cost 2Originator: 3.3.3.3Cluster list: 1.1.1.1Route Type: 5 (Ip Prefix Route)Ethernet Tag ID: 0, IP Prefix/Len: 172.16.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0Not advertised to any peer yetEVPN-Instance __RD_1_200_1__:Number of Ip Prefix Routes: 2BGP routing table entry information of 0:172.16.1.0:24:Route Distinguisher: 200:1Imported route.Label information (Received/Applied): NULL/100From: 0.0.0.0 (0.0.0.0) Route Duration: 0d04h48m24sDirect Out-interface: Vbdif100 Original nexthop: 20.20.20.20Effective nexthop: 172.16.1.1Qos information : 0x0Ext-Community: Tunnel Type <VxLan>, Router's MAC <707b-e8da-5876>AS-path Nil, origin incomplete, MED 0, pref-val 0, valid, local, best, select, pre 0Route Type: 5 (Ip Prefix Route)Ethernet Tag ID: 0, IP Prefix/Len: 172.16.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0Not advertised to any peer yetBGP routing table entry information of 0:172.16.1.0:24:Route Distinguisher: 300:1Remote-Cross routeLabel information (Received/Applied): 100/NULLFrom: 1.1.1.1 (1.1.1.1) Route Duration: 0d03h37m54sRelay Tunnel Out-Interface: VXLANOriginal nexthop: 30.30.30.30Qos information : 0x0Ext-Community: RT <200 : 10>, Tunnel Type <VxLan>, Router's MAC <707b-e82d-5cd3>AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, pre 255, not preferred for route typeOriginator: 3.3.3.3Cluster list: 1.1.1.1Route Type: 5 (Ip Prefix Route)Ethernet Tag ID: 0, IP Prefix/Len: 172.16.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0Not advertised to any peer yet[Leaf1]

leaf1和leaf2都产生了172.16.1.0这条路由，在进入L3VPN 路由表时进行比较，172.16.1.0是直连路由，所以优先。

查看bgp evpn路由明细，0:182.1.1.0:24

[Leaf1]dis bgp evpn all routing-table prefix-route 0:182.1.1.0:24 BGP local router ID : 2.2.2.2Local AS number : 100Total routes of Route Distinguisher(400:1): 1BGP routing table entry information of 0:182.1.1.0:24:Label information (Received/Applied): 100/NULLFrom: 1.1.1.1 (1.1.1.1) Route Duration: 0d03h44m33sRelay IP Nexthop: 192.168.12.1Relay Tunnel Out-Interface: VXLANOriginal nexthop: 40.40.40.40Qos information : 0x0Ext-Community: RT <200 : 10>, Tunnel Type <VxLan>, Router's MAC <707b-e87a-4e20>AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, best, select, pre 255, IGP cost 2Originator: 4.4.4.4Cluster list: 1.1.1.1Route Type: 5 (Ip Prefix Route)Ethernet Tag ID: 0, IP Prefix/Len: 182.1.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0Not advertised to any peer yetEVPN-Instance __RD_1_200_1__:Number of Ip Prefix Routes: 1BGP routing table entry information of 0:182.1.1.0:24:Route Distinguisher: 400:1Remote-Cross routeLabel information (Received/Applied): 100/NULLFrom: 1.1.1.1 (1.1.1.1) Route Duration: 0d03h44m33sRelay Tunnel Out-Interface: VXLANOriginal nexthop: 40.40.40.40Qos information : 0x0Ext-Community: RT <200 : 10>, Tunnel Type <VxLan>, Router's MAC <707b-e87a-4e20>AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, best, select, pre 255Originator: 4.4.4.4Cluster list: 1.1.1.1Route Type: 5 (Ip Prefix Route)Ethernet Tag ID: 0, IP Prefix/Len: 182.1.1.0/24, ESI: 0000.0000.0000.0000.0000, GW IP Address: 0.0.0.0Not advertised to any peer yet[Leaf1]

最后，查看leaf1的vpn1的路由表：

[Leaf1]dis ip routing-table vpn-instance vpn1
Proto: Protocol        Pre: Preference
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : vpn1Destinations : 9        Routes : 9         Destination/Mask    Proto   Pre  Cost        Flags NextHop         Interface10.10.10.0/24  Direct  0    0             D   10.10.10.1      Vbdif20010.10.10.1/32  Direct  0    0             D   127.0.0.1       Vbdif20010.10.10.255/32  Direct  0    0             D   127.0.0.1       Vbdif200172.16.1.0/24  Direct  0    0             D   172.16.1.1      Vbdif100172.16.1.1/32  Direct  0    0             D   127.0.0.1       Vbdif100172.16.1.255/32  Direct  0    0             D   127.0.0.1       Vbdif100182.1.1.0/24  IBGP    255  0             RD  40.40.40.40     VXLAN182.1.1.1/32  IBGP    255  0             RD  40.40.40.40     VXLAN
255.255.255.255/32  Direct  0    0             D   127.0.0.1       InLoopBack0
[Leaf1]

去往BL1的182.1.1.0/24和182.1.1.1/32的路由已经出现在路由表，下一跳为vtep地址40.40.40.40,vxlan封装。

查看具体路由信息：

[Leaf1]dis ip routing-table vpn-instance vpn1 182.1.1.0 verbose
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : vpn1
Summary Count : 1Destination: 182.1.1.0/24        Protocol: IBGP               Process ID: 0              Preference: 255                      Cost: 0              NextHop: 40.40.40.40         Neighbour: 1.1.1.1State: Active Adv Relied         Age: 03h48m22s           Tag: 0                    Priority: low            Label: NULL                  QoSInfo: 0x0           IndirectID: 0x10000A2            Instance:                                 RelayNextHop: 0.0.0.0             Interface: VXLANTunnelID: 0x0000000027f0000011 Flags: RD
[Leaf1]

5.2.4 Type 2路由

在服务器之间还没有发送数据流的情况下，观察type2路由情况。

type2路由分三种：mac route, arp route, irb route。

leaf1发给spine1的mac路由抓包：

Border Gateway Protocol - UPDATE MessageMarker: ffffffffffffffffffffffffffffffffLength: 120Type: UPDATE Message (2)Withdrawn Routes Length: 0Total Path Attribute Length: 97Path attributesPath Attribute - ORIGIN: INCOMPLETEFlags: 0x40, Transitive, Well-known, CompleteType Code: ORIGIN (1)Length: 1Origin: INCOMPLETE (2)Path Attribute - AS_PATH: emptyFlags: 0x40, Transitive, Well-known, CompleteType Code: AS_PATH (2)Length: 0Path Attribute - LOCAL_PREF: 100Flags: 0x40, Transitive, Well-known, CompleteType Code: LOCAL_PREF (5)Length: 4Local preference: 100Path Attribute - EXTENDED_COMMUNITIESFlags: 0xc0, Optional, Transitive, CompleteType Code: EXTENDED_COMMUNITIES (16)Length: 32Carried extended communities: (4 communities)Route Target: 100:10 [Transitive 2-Octet AS-Specific]Route Target: 200:10 [Transitive 2-Octet AS-Specific]Encapsulation: VXLAN Encapsulation [Transitive Opaque]MAC Mobility: Sticky MAC [Transitive EVPN]Path Attribute - MP_REACH_NLRIFlags: 0x90, Optional, Extended-Length, Non-transitive, CompleteType Code: MP_REACH_NLRI (14)Length: 44Address family identifier (AFI): Layer-2 VPN (25)Subsequent address family identifier (SAFI): EVPN (70)Next hop: 14141414IPv4 Address: 20.20.20.20[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]Number of Subnetwork points of attachment (SNPA): 0Network Layer Reachability Information (NLRI)EVPN NLRI: MAC Advertisement RouteRoute Type: MAC Advertisement Route (2)Length: 33Route Distinguisher: 0000001400000001 (20:1)ESI: 00:00:00:00:00:00:00:00:00:00Ethernet Tag ID: 0MAC Address Length: 48MAC Address: EquipTra_01:00:01 (00:01:00:01:00:01)IP Address Length: 0IP Address: NOT INCLUDED[Expert Info (Note/Protocol): IP Address: NOT INCLUDED]VNI: 8000

这是一条mac route，发送的mac地址为启用了分布式网关的int vbdif 100端口的mac地址：

[Leaf1]dis int vbdif 100
Vbdif100 current state : UP (ifindex: 16)
Line protocol current state : UP
Last line protocol up time : 2022-03-13 07:00:54
Description:
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 172.16.1.1/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 0001-0001-0001
Current system time: 2022-03-13 14:57:36Last 300 seconds input rate 0 bits/sec, 0 packets/secLast 300 seconds output rate 0 bits/sec, 0 packets/secInput: 0 packets, 0 bytesOutput:0 packets, 0 bytesLast 300 seconds input utility rate:  --Last 300 seconds output utility rate: --[Leaf1]dis curr int vbdif 100
#
interface Vbdif100ip binding vpn-instance vpn1ip address 172.16.1.1 255.255.255.0mac-address 0001-0001-0001vxlan anycast-gateway enablearp collect host enable
#

spine1发送给leaf1的mac route抓包：

Border Gateway Protocol - UPDATE MessageMarker: ffffffffffffffffffffffffffffffffLength: 134Type: UPDATE Message (2)Withdrawn Routes Length: 0Total Path Attribute Length: 111Path attributesPath Attribute - ORIGIN: INCOMPLETEFlags: 0x40, Transitive, Well-known, CompleteType Code: ORIGIN (1)Length: 1Origin: INCOMPLETE (2)Path Attribute - AS_PATH: emptyFlags: 0x40, Transitive, Well-known, CompleteType Code: AS_PATH (2)Length: 0Path Attribute - LOCAL_PREF: 100Flags: 0x40, Transitive, Well-known, CompleteType Code: LOCAL_PREF (5)Length: 4Local preference: 100Path Attribute - ORIGINATOR_ID: 3.3.3.3 Flags: 0x80, Optional, Non-transitive, CompleteType Code: ORIGINATOR_ID (9)Length: 4Originator identifier: 3.3.3.3Path Attribute - CLUSTER_LIST: 1.1.1.1Flags: 0x80, Optional, Non-transitive, CompleteType Code: CLUSTER_LIST (10)Length: 4Cluster List: 1.1.1.1Path Attribute - EXTENDED_COMMUNITIESFlags: 0xc0, Optional, Transitive, CompleteType Code: EXTENDED_COMMUNITIES (16)Length: 32Carried extended communities: (4 communities)Route Target: 100:10 [Transitive 2-Octet AS-Specific]Route Target: 200:10 [Transitive 2-Octet AS-Specific]Encapsulation: VXLAN Encapsulation [Transitive Opaque]MAC Mobility: Sticky MAC [Transitive EVPN]Path Attribute - MP_REACH_NLRIFlags: 0x90, Optional, Extended-Length, Non-transitive, CompleteType Code: MP_REACH_NLRI (14)Length: 44Address family identifier (AFI): Layer-2 VPN (25)Subsequent address family identifier (SAFI): EVPN (70)Next hop: 1e1e1e1eIPv4 Address: 30.30.30.30[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]Number of Subnetwork points of attachment (SNPA): 0Network Layer Reachability Information (NLRI)EVPN NLRI: MAC Advertisement RouteRoute Type: MAC Advertisement Route (2)Length: 33Route Distinguisher: 0000001e00000001 (30:1)ESI: 00:00:00:00:00:00:00:00:00:00Ethernet Tag ID: 0MAC Address Length: 48MAC Address: EquipTra_01:00:01 (00:01:00:01:00:01)IP Address Length: 0IP Address: NOT INCLUDED[Expert Info (Note/Protocol): IP Address: NOT INCLUDED]VNI: 8000

在leaf1上查看bgp evpn 路由：

[Leaf1]dis bgp evpn all routing-table mac-route Local AS number : 100BGP Local router ID is 2.2.2.2Status codes: * - valid, > - best, d - damped, x - best external, a - add path,h - history,  i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteEVPN address family:Number of Mac Routes: 2Route Distinguisher: 20:1Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr)  NextHop*>    0:48:0001-0001-0001:0:0.0.0.0                          0.0.0.0Route Distinguisher: 30:1Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr)  NextHop*>i   0:48:0001-0001-0001:0:0.0.0.0                          30.30.30.30EVPN-Instance 100:Number of Mac Routes: 2Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr)  NextHop*>    0:48:0001-0001-0001:0:0.0.0.0                          0.0.0.0* i                                                          30.30.30.30

leaf1和leaf2都由0001:0001:0001的mac route，本地优先。

可以具体查看0001:0001:0001的mac route明细进行比较：

[Leaf1]dis bgp evpn all routing-table mac-route 0:48:0001-0001-0001:0:0.0.0.0BGP local router ID : 2.2.2.2Local AS number : 100Total routes of Route Distinguisher(20:1): 1BGP routing table entry information of 0:48:0001-0001-0001:0:0.0.0.0:Imported route.Label information (Received/Applied): NULL/8000From: 0.0.0.0 (0.0.0.0) Route Duration: 0d07h30m52sDirect Out-interface: Vbdif100 Original nexthop: 20.20.20.20Qos information : 0x0Ext-Community: RT <100 : 10>, RT <200 : 10>, Tunnel Type <VxLan>, Mac Mobility <flag:1 seq:0 res:0>AS-path Nil, origin incomplete, pref-val 0, valid, local, best, select, pre 255Route Type: 2 (MAC Advertisement Route)Ethernet Tag ID: 0, MAC Address/Len: 0001-0001-0001/48, IP Address/Len: 0.0.0.0/0, ESI:0000.0000.0000.0000.0000Advertised to such 1 peers:1.1.1.1Total routes of Route Distinguisher(30:1): 1BGP routing table entry information of 0:48:0001-0001-0001:0:0.0.0.0:Label information (Received/Applied): 8000/NULLFrom: 1.1.1.1 (1.1.1.1) Route Duration: 0d06h20m26sRelay IP Nexthop: 192.168.12.1Relay Tunnel Out-Interface: VXLANOriginal nexthop: 30.30.30.30Qos information : 0x0Ext-Community: RT <100 : 10>, RT <200 : 10>, Tunnel Type <VxLan>, Mac Mobility <flag:1 seq:0 res:0>AS-path Nil, origin incomplete, localpref 100, pref-val 0, valid, internal, best, select, pre 255, IGP cost 2Originator: 3.3.3.3Cluster list: 1.1.1.1Route Type: 2 (MAC Advertisement Route)Ethernet Tag ID: 0, MAC Address/Len: 0001-0001-0001/48, IP Address/Len: 0.0.0.0/0, ESI:0000.0000.0000.0000.0000Not advertised to any peer yetEVPN-Instance 100:Number of Mac Routes: 2BGP routing table entry information of 0:48:0001-0001-0001:0:0.0.0.0:Route Distinguisher: 20:1Imported route.Label information (Received/Applied): NULL/8000From: 0.0.0.0 (0.0.0.0) Route Duration: 0d08h03m12sDirect Out-interface: Vbdif100 Original nexthop: 20.20.20.20Qos information : 0x0Ext-Community: Tunnel Type <VxLan>, Mac Mobility <flag:1 seq:0 res:0>AS-path Nil, origin incomplete, pref-val 0, valid, local, best, select, pre 255Route Type: 2 (MAC Advertisement Route)Ethernet Tag ID: 0, MAC Address/Len: 0001-0001-0001/48, IP Address/Len: 0.0.0.0/0, ESI:0000.0000.0000.0000.0000Not advertised to any peer yetBGP routing table entry information of 0:48:0001-0001-0001:0:0.0.0.0:Route Distinguisher: 30:1Remote-Cross routeLabel information (Received/Applied): 8000/NULLFrom: 1.1.1.1 (1.1.1.1) Route Duration: 0d06h20m27sRelay Tunnel Out-Interface: VXLANOriginal nexthop: 30.30.30.30Qos information : 0x0Ext-Community: RT <100 : 10>, RT <200 : 10>, Tunnel Type <VxLan>, Mac Mobility <flag:1 seq:0 res:0>AS-path Nil, origin incomplete, localpref 100, pref-val 0, valid, internal, pre 255, not preferred for route typeOriginator: 3.3.3.3Cluster list: 1.1.1.1Route Type: 2 (MAC Advertisement Route)Ethernet Tag ID: 0, MAC Address/Len: 0001-0001-0001/48, IP Address/Len: 0.0.0.0/0, ESI:0000.0000.0000.0000.0000Not advertised to any peer yet[Leaf1]

这条mac route产生的原因是？通过上面的display信息，本机产生的mac route是由“imported route"产生的。

bridge-domain没有mac信息：

[Leaf1]dis mac-address bridge-domain 100
Flags: * - Backup
BD   : bridge-domain   Age : dynamic MAC learned time in seconds
-------------------------------------------------------------------------------
MAC Address    VLAN/VSI/BD   Learned-From        Type                Age
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Total items: 0
[Leaf1]

(Part2继续结果验证，会做一些ping包，观察evpn/l3vpn路由变化情况）

ENSPLAB笔记：配置VXLAN（分布式网关，BGP EVPN方式）（Part1)相关推荐

实验 - BGP EVPN配置VXLAN分布式网关
采用如下思路配置VXLAN分布式网关: 1. 配置接口和IGP 4. 分别在Device2. Device3和Device4上配置业务接入点实现区分业务流量. 5. 使能EVPN作VXLAN控制平面. ...
vxlan 分布式网关（evpn 带RR场景）
拓扑: 规划: leaf和RR设备均有loopback0地址,按设备编号区分,如server-leaf1 loopback0 地址为1.1.1.1/32,server-leaf2 loopback0 ...
VXLAN中EVPN技术详解（二）——EVPN与VXLAN分布式网关
今天继续给大家介绍VXLAN技术,本文主要内容是EVPN技术的主要应用--VXLAN分布式网关.本文从VXLAN分布式网关实现的角度,对EVPN的实现进行了详细的讲解. 阅读本文,您需要有一定的VXL ...
MP-BGP EVPN方式部署Vxlan分布式网关
在BGP EVPN方式部署分布式网关的场景中,控制平面的流程包括VXLAN隧道建立.MAC地址动态学习:转发平面的流程包括同子网已知单播报文转发.同子网BUM报文转发.跨子网报文转发.该方式实现的功能 ...
思科新版EI CCIE 企业网软定义中的VxLAN分布式网关两种部署方式
思科新版EI CCIE 企业网软定义中的VxLAN分布式网关两种部署方式VXLAN集中式网关部署的不足:第一,同一二层网关下跨子网的数据中心三层流量都需要经过集中三层网关转发.第二,由于采用了集中三层 ...
ENSPLAB笔记：配置VXLAN（分布式网关，BGP EVPN方式）（Part2)
(继续上一篇的5.结果验证) 5.3.同网段,不同Leaf服务器Ping测试执行操作:172.16.1.10 Ping 172.16.1.20,并在Leaf1连Spine1端口抓包. 在Serv1上 ...
动态建立Vxlan隧道实现跨子网互访实验配置（分布式网关单租户多子网场景）
目录基础配置配置E-V-P-N 在CE1.CE3开启E-V-P-N功能建立CE1.CE3的E-V-P-N对等体配置二层广播域,并在其下配置二层VNI 配置Vxlan业务接入点配置VTEP接口 ...
动态建立Vxlan隧道实现租户访问外网实验配置（分布式网关单租户多子网场景）
目录基础配置配置E V P N动态建立Vxlan隧道在CE1.CE2.CE3开启EVPN功能建立CE1.CE2.CE3的EVPN对等体(路由反射器方式) 配置二层广播域,并在其下配置二层VNI ...
vxlan 分布式网关数据包转发过程_Vxlan基础
一.为什么需要Vxlan 普通的VLAN数量只有4096个,无法满足大规模云计算IDC的需求,而IDC为何需求那么多VLAN呢,因为目前大部分IDC内部结构主要分为两种L2,L3.L2结构里面,所有的 ...

ENSPLAB笔记：配置VXLAN（分布式网关，BGP EVPN方式）（Part1)

1、实验目的

2、实验环境

2.1 实验拓扑

2.2 数据准备

2.3 设备型号

3、实验内容

4、配置步骤

4.1 基础配置

4.2 配置业务接入点

4.3 配置BGP EVPN Peer

4.4 配置VPN实例和EVPN实例

4.5 使能头端复制功能

4.6 配置VXLAN三层网关

4.7 配置BGP对邻居发布IRB路由

4.8 配置BGP对邻居发布IP前缀路由

4.9 其他配置

5、结果验证

5.1 检查EVPN Peer是否正常建立

5.2 查看EVPN路由

5.2.1 Leaf1初始bgp evpn路由信息

5.2.2 Type3路由

5.2.3 Type5路由

5.2.4 Type 2路由

ENSPLAB笔记：配置VXLAN（分布式网关，BGP EVPN方式）（Part1)相关推荐

最新文章

热门文章