示例:将 EVPN-VXLAN与 WAN 互连 使用网关模型运行基于 EVPN MPLS网络
此示例演示如何通过运行 EVPN-MPLS 的 WAN 互连 EVPN-VXLAN 数据中心网络,以利用 EVPN 作为数据中心互连 (DCI) 解决方案的好处。
要求
此示例具有以下硬件和软件组件:
四瞻博网络 MX 系列路由器,配置为数据中心网关和 WAN 边缘路由器。
四瞻博网络 MX 系列路由器,配置为架顶式 (ToR) 路由器。
六个客户边缘 (客户边缘) 设备。
连接到每个主机设备的 6 客户边缘个主机设备,这些设备能够配置多个 VLAN。
EVPN-MPLS WAN 网络的一个提供商 (P) MPLS路由器。
Junos OS 17.2 或更高版本。
概述
您可使用逻辑隧道 (lt-) 接口通过运行基于 MPLS 的 EVPN 的 WAN 将运行以太网 VPN (EVPN) 的不同数据中心网络与虚拟可扩展 LAN (VXLAN) 封装互连。
图 1 说明了运行 EVPN 的数据中心网络与VXLAN基于 EVPN 的 WAN 中封装MPLS的互连。出于此示例的目的,充当数据中心网关和作为 WAN 边缘路由器的 MX 系列路由器名为 MX11、MX12、MX21 和 MX22。充当架顶式 (ToR) 路由器的 MX 系列路由器名为 ToR11、ToR12、ToR21 和 ToR22。连接到数据中心网络 1 (DC1) 的客户边缘 (客户边缘) 设备名为 CE1、CE2 和 CE3。连接到数据中心网络 2 (DC2) 的客户边缘 (客户边缘) 设备名为 CE4、CE5 和 CE6。连接到每个虚拟设备的主机客户边缘应能够配置多个主机 VLAN。WAN 提供商路由器名为 P 。
客户边缘设备是 ToR 设备逻辑系统的一部分。
对于充当数据中心网关和 WAN 边缘路由器的 MX 系列路由器,配置以下信息:
IRB 接口、虚拟网关地址和环路逻辑接口。
网关与 toR 路由器BGP多协议外部路由 (MP-EBGP) 层连接,EVPN 作为信号协议。
路由策略,以允许将特定路由放入虚拟交换机表中。
每个虚拟网络的路由实例(第 3 层 VRF),包括唯一路由区分器以及 vrf 目标值。
每个虚拟网络的虚拟交换机实例(第 2 层 MAC-VRF)、VTEP 源接口(始终为 lo0.0)、路由识别码和 vrf 导入策略。
每个虚拟交换机的 EVPN 协议、封装方法、VNI 列表和 BUM 流量转发方法。
每个虚拟交换机内的桥接域,用于将 VNID 映射到 VLAN ID、一个 IRB(第 3 层)接口以及 BUM 转发方法。
对于充当架顶式 (ToR) 路由器的 MX 系列路由器,配置以下信息:
面向具有 VLAN、VLAN ID 和环路逻辑接口的接口的主机。
支持链路聚合控制协议 (LACP) 的链路聚合组 (LAG)、以太网分段 ID (ESI) 和全活动模式。
使用 EVPN 作为BGP协议的 ToR 和网关路由器之间的多协议外部协议 (MP-EBGP) 叠加。
EVPN,VXLAN VNI 的封装方法、扩展 vni 列表、组播模式和路由目标。
Vrf-imp 策略、vtep-source-interface、路由区分器以及 vrf 导入和目标信息。
VLAN,将 VLAN ID 映射到全球重要 VNIS。
您可以将虚拟网关地址设置为终端主机(虚拟机或服务器)的默认 IPv4 或 IPv6 网关地址。
配置
- CLI快速配置
- 配置 ToR11
- 配置 ToR12
- 配置数据中心网关和 WAN 边缘 1 路由器 (MX11)
- 配置数据中心网关和 WAN 边缘 2 路由器 (MX12)
- 配置数据中心网关和 WAN 边缘 3 路由器 (MX21)
- 配置数据中心网关和 WAN 边缘 4 路由器 (MX22)
- 配置 ToR21
- 配置 ToR22
CLI快速配置
要 [edit]
快速配置此示例,请复制以下命令,将其粘贴到文本文件中,删除所有换行符,更改详细信息,以匹配网络配置,然后将命令复制并粘贴到 层次结构级别的 CLI 中。
ToR11
set system host-name ToR11 set logical-systems CE-2 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host-2" set logical-systems CE-2 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk set logical-systems CE-2 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-2 interfaces ge-1/1/6 unit 0 description "CONNECTED TO ToR11" set logical-systems CE-2 interfaces ge-1/1/6 unit 0 family bridge interface-mode trunk set logical-systems CE-2 interfaces ge-1/1/6 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-2 bridge-domains BD-1 domain-type bridge set logical-systems CE-2 bridge-domains BD-1 vlan-id 1 set logical-systems CE-2 bridge-domains BD-2 domain-type bridge set logical-systems CE-2 bridge-domains BD-2 vlan-id 2 set logical-systems CE-2 bridge-domains BD-3 domain-type bridge set logical-systems CE-2 bridge-domains BD-3 vlan-id 3 set logical-systems CE-2 bridge-domains BD-4 domain-type bridge set logical-systems CE-2 bridge-domains BD-4 vlan-id 4 set logical-systems CE-2 bridge-domains BD-5 domain-type bridge set logical-systems CE-2 bridge-domains BD-5 vlan-id 5 set chassis aggregated-devices ethernet device-count 1 set interfaces traceoptions file R0-DCD.log set interfaces traceoptions file size 10m set interfaces traceoptions flag all set interfaces ge-1/0/5 unit 0 description "CONNECTED TO MX–12" set interfaces ge-1/0/5 unit 0 family inet address 192.168.4.1/24 set interfaces ge-1/0/6 unit 0 description "CONNECTED TO CE-2" set interfaces ge-1/0/6 unit 0 family bridge interface-mode trunk set interfaces ge-1/0/6 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-1/1/0 description "CONNECTED TO CE-1" set interfaces ge-1/1/0 gigether-options 802.3ad ae0 set interfaces ge-1/1/1 unit 0 description "CONNECTED TO MX–11" set interfaces ge-1/1/1 unit 0 family inet address 192.168.3.1/24 set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR12" set interfaces ge-1/1/3 unit 0 family inet address 192.168.2.1/24 set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 aggregated-ether-options lacp periodic fast set interfaces ae0 aggregated-ether-options lacp system-id 11:11:11:11:11:11 set interfaces ae0 unit 0 family bridge interface-mode trunk set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 set interfaces lo0 unit 81 family inet address 192.0.2.11/32 set routing-options router-id 192.0.2.11 set routing-options autonomous-system 100 set routing-options forwarding-table export evpn-pplb set protocols bgp local-as 100 set protocols bgp group MX11 type external set protocols bgp group MX11 local-address 192.168.3.1 set protocols bgp group MX11 export LO set protocols bgp group MX11 export TEST set protocols bgp group MX11 peer-as 400 set protocols bgp group MX11 neighbor 192.168.3.2 family inet unicast set protocols bgp group MX12 type external set protocols bgp group MX12 local-address 192.168.4.1 set protocols bgp group MX12 export LO set protocols bgp group MX12 export TEST set protocols bgp group MX12 peer-as 500 set protocols bgp group MX12 neighbor 192.168.4.2 family inet unicast set protocols bgp group ToR12 type external set protocols bgp group ToR12 local-address 192.168.2.1 set protocols bgp group ToR12 export LO set protocols bgp group ToR12 export TEST set protocols bgp group ToR12 peer-as 200 set protocols bgp group ToR12 local-as 100 set protocols bgp group ToR12 neighbor 192.168.2.2 family inet unicast set protocols bgp group MX11-EVPN type external set protocols bgp group MX11-EVPN multihop ttl 2 set protocols bgp group MX11-EVPN multihop no-nexthop-change set protocols bgp group MX11-EVPN local-address 192.0.2.11 set protocols bgp group MX11-EVPN export TEST set protocols bgp group MX11-EVPN peer-as 400 set protocols bgp group MX11-EVPN local-as 100 set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling set protocols bgp group MX12-EVPN type external set protocols bgp group MX12-EVPN multihop ttl 2 set protocols bgp group MX12-EVPN multihop no-nexthop-change set protocols bgp group MX12-EVPN local-address 192.0.2.11 set protocols bgp group MX12-EVPN export TEST set protocols bgp group MX12-EVPN peer-as 500 set protocols bgp group MX12-EVPN local-as 100 set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling set protocols bgp group ToR12-EVPN type external set protocols bgp group ToR12-EVPN multihop ttl 2 set protocols bgp group ToR12-EVPN multihop no-nexthop-change set protocols bgp group ToR12-EVPN local-address 192.0.2.11 set protocols bgp group ToR12-EVPN export TEST set protocols bgp group ToR12-EVPN peer-as 200 set protocols bgp group ToR12-EVPN local-as 100 set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling set protocols l2-learning traceoptions file TOR11-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 192.0.2.11/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.81 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface ge-1/0/6.0 set routing-instances EVPN-VXLAN-1 interface ae0.0 set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.11:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR11-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
ToR12
set system host-name ToR12 set logical-systems CE-1 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 1" set logical-systems CE-1 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk set logical-systems CE-1 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-1 interfaces ae1 unit 0 description "CONNECTED TO ToR12" set logical-systems CE-1 interfaces ae1 unit 0 family bridge interface-mode trunk set logical-systems CE-1 interfaces ae1 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-1 bridge-domains BD-1 domain-type bridge set logical-systems CE-1 bridge-domains BD-1 vlan-id 1 set logical-systems CE-1 bridge-domains BD-2 domain-type bridge set logical-systems CE-1 bridge-domains BD-2 vlan-id 2 set logical-systems CE-1 bridge-domains BD-3 domain-type bridge set logical-systems CE-1 bridge-domains BD-3 vlan-id 3 set logical-systems CE-1 bridge-domains BD-4 domain-type bridge set logical-systems CE-1 bridge-domains BD-4 vlan-id 4 set logical-systems CE-1 bridge-domains BD-5 domain-type bridge set logical-systems CE-1 bridge-domains BD-5 vlan-id 5 set logical-systems CE-3 interfaces ge-1/1/7 unit 0 description "CONNECTED TO ToR12" set logical-systems CE-3 interfaces ge-1/1/7 unit 0 family bridge interface-mode trunk set logical-systems CE-3 interfaces ge-1/1/7 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-3 interfaces ge-1/1/9 unit 0 description "CONNECTED TO Host 3" set logical-systems CE-3 interfaces ge-1/1/9 unit 0 family bridge interface-mode trunk set logical-systems CE-3 interfaces ge-1/1/9 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-3 bridge-domains BD-1 domain-type bridge set logical-systems CE-3 bridge-domains BD-1 vlan-id 1 set logical-systems CE-3 bridge-domains BD-2 domain-type bridge set logical-systems CE-3 bridge-domains BD-2 vlan-id 2 set logical-systems CE-3 bridge-domains BD-3 domain-type bridge set logical-systems CE-3 bridge-domains BD-3 vlan-id 3 set logical-systems CE-3 bridge-domains BD-4 domain-type bridge set logical-systems CE-3 bridge-domains BD-4 vlan-id 4 set logical-systems CE-3 bridge-domains BD-5 domain-type bridge set logical-systems CE-3 bridge-domains BD-5 vlan-id 5 set chassis aggregated-devices ethernet device-count 2 set interfaces traceoptions file R1-DCD.log set interfaces traceoptions file size 10m set interfaces traceoptions flag all set interfaces ge-1/0/0 unit 0 description "CONNECTED TO MX–11" set interfaces ge-1/0/0 unit 0 family inet address 192.168.6.1/24 set interfaces ge-1/0/4 unit 0 description "CONNECTED TO MX12" set interfaces ge-1/0/4 unit 0 family inet address 192.168.5.1/24 set interfaces ge-1/0/6 description "CONNECTED TO CE-1" set interfaces ge-1/0/6 gigether-options 802.3ad ae0 set interfaces ge-1/0/7 unit 0 description "CONNECTED TO CE-3" set interfaces ge-1/0/7 unit 0 family bridge interface-mode trunk set interfaces ge-1/0/7 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-1/1/0 description "CONNECTED TO ToR11" set interfaces ge-1/1/0 gigether-options 802.3ad ae1 set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR11" set interfaces ge-1/1/3 unit 0 family inet address 192.168.2.2/24 set interfaces ge-1/1/6 description "CONNECTED TO ToR12" set interfaces ge-1/1/6 gigether-options 802.3ad ae1 set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp system-id 11:11:11:11:11:11 set interfaces ae0 unit 0 family bridge interface-mode trunk set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces lo0 unit 82 family inet address 192.0.2.12/32 set routing-options router-id 192.0.2.12 set routing-options autonomous-system 200 set routing-options forwarding-table export evpn-pplb set protocols bgp local-as 200 set protocols bgp group MX11 type external set protocols bgp group MX11 local-address 192.168.6.1 set protocols bgp group MX11 export LO set protocols bgp group MX11 export TEST set protocols bgp group MX11 peer-as 400 set protocols bgp group MX11 local-as 200 set protocols bgp group MX11 neighbor 192.168.6.2 family inet unicast set protocols bgp group MX12 type external set protocols bgp group MX12 local-address 192.168.5.1 set protocols bgp group MX12 export LO set protocols bgp group MX12 export TEST set protocols bgp group MX12 peer-as 500 set protocols bgp group MX12 local-as 200 set protocols bgp group MX12 neighbor 192.168.5.2 family inet unicast set protocols bgp group ToR11 type external set protocols bgp group ToR11 local-address 192.168.2.2 set protocols bgp group ToR11 export LO set protocols bgp group ToR11 export TEST set protocols bgp group ToR11 peer-as 100 set protocols bgp group ToR11 local-as 200 set protocols bgp group ToR11 neighbor 192.168.2.1 family inet unicast set protocols bgp group MX11-EVPN type external set protocols bgp group MX11-EVPN multihop ttl 2 set protocols bgp group MX11-EVPN multihop no-nexthop-change set protocols bgp group MX11-EVPN local-address 192.0.2.12 set protocols bgp group MX11-EVPN export TEST set protocols bgp group MX11-EVPN peer-as 400 set protocols bgp group MX11-EVPN local-as 200 set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling set protocols bgp group MX12-EVPN type external set protocols bgp group MX12-EVPN multihop ttl 2 set protocols bgp group MX12-EVPN multihop no-nexthop-change set protocols bgp group MX12-EVPN local-address 192.0.2.12 set protocols bgp group MX12-EVPN export TEST set protocols bgp group MX12-EVPN peer-as 500 set protocols bgp group MX12-EVPN local-as 200 set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling set protocols bgp group ToR11-EVPN type external set protocols bgp group ToR11-EVPN multihop ttl 2 set protocols bgp group ToR11-EVPN multihop no-nexthop-change set protocols bgp group ToR11-EVPN local-address 192.0.2.12 set protocols bgp group ToR11-EVPN export TEST set protocols bgp group ToR11-EVPN peer-as 100 set protocols bgp group ToR11-EVPN local-as 200 set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling set protocols bgp group ToR12-EVPN export TEST set protocols l2-learning traceoptions file TOR12-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 192.0.2.12/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.82 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface ge-1/0/7.0 set routing-instances EVPN-VXLAN-1 interface ae0.0 set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.12:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR12-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
数据中心网关和 WAN 边缘 1 路由器 (MX11)
set system host-name MX11 set interfaces ge-5/1/0 unit 0 description "CONNECTED TO MX21" set interfaces ge-5/1/0 unit 0 family inet address 192.168.7.1/24 set interfaces lt-5/1/0 esi 00:22:22:22:22:22:22:22:22:22 set interfaces lt-5/1/0 esi all-active set interfaces lt-5/1/0 unit 0 peer-unit 1 set interfaces lt-5/1/0 unit 0 family bridge interface-mode trunk set interfaces lt-5/1/0 unit 0 family bridge vlan-id-list 1-5 set interfaces lt-5/1/0 unit 1 peer-unit 0 set interfaces lt-5/1/0 unit 1 family bridge interface-mode trunk set interfaces lt-5/1/0 unit 1 family bridge vlan-id-list 1-5 set interfaces ge-5/1/1 unit 0 description "CONNECTED TO ToR11" set interfaces ge-5/1/1 unit 0 family inet address 192.168.3.2/24 set interfaces ge-5/1/8 unit 0 description "CONNECTED TO ToR12" set interfaces ge-5/1/8 unit 0 family inet address 192.168.6.2/24 set interfaces ge-5/1/9 unit 0 description "CONNECTED TO P" set interfaces ge-5/1/9 unit 0 family inet address 203.0.1.1/24 set interfaces ge-5/1/9 unit 0 family mpls set interfaces irb unit 1 proxy-macip-advertisement set interfaces irb unit 1 virtual-gateway-esi 00:11:aa:aa:aa:aa:aa:aa:aa:aa set interfaces irb unit 1 virtual-gateway-esi all-active set interfaces irb unit 1 family inet address 10.11.1.12/24 virtual-gateway-address 10.11.1.10 set interfaces irb unit 2 proxy-macip-advertisement set interfaces irb unit 2 virtual-gateway-esi 00:11:bb:bb:bb:bb:bb:bb:bb:bb set interfaces irb unit 2 virtual-gateway-esi all-active set interfaces irb unit 2 family inet address 10.12.1.12/24 virtual-gateway-address 10.12.1.10 set interfaces irb unit 3 proxy-macip-advertisement set interfaces irb unit 3 virtual-gateway-esi 00:11:cc:cc:cc:cc:cc:cc:cc:cc set interfaces irb unit 3 virtual-gateway-esi all-active set interfaces irb unit 3 family inet address 10.13.1.12/24 virtual-gateway-address 10.13.1.10 set interfaces irb unit 4 proxy-macip-advertisement set interfaces irb unit 4 virtual-gateway-esi 00:11:dd:dd:dd:dd:dd:dd:dd:dd set interfaces irb unit 4 virtual-gateway-esi all-active set interfaces irb unit 4 family inet address 10.14.1.12/24 virtual-gateway-address 10.14.1.10 set interfaces irb unit 5 proxy-macip-advertisement set interfaces irb unit 5 virtual-gateway-esi 00:11:ee:ee:ee:ee:ee:ee:ee:ee set interfaces irb unit 5 virtual-gateway-esi all-active set interfaces irb unit 5 family inet address 10.15.1.12/24 virtual-gateway-address 10.15.1.10 set interfaces lo0 unit 84 family inet address 192.0.2.21/32 set interfaces lo0 unit 84 family mpls set routing-options router-id 192.0.2.21 set routing-options autonomous-system 300 set routing-options forwarding-table export evpn-pplb set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls label-switched-path MX11-TO-MX12 to 192.0.2.22 set protocols mpls label-switched-path MX11-TO-P to 203.0.113.1 set protocols mpls label-switched-path MX11-TO-MX21 to 198.51.100.21 set protocols mpls label-switched-path MX11-TO-MX22 to 198.51.100.22 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp local-address 192.0.2.21 set protocols bgp local-as 300 set protocols bgp group INT type internal set protocols bgp group INT local-address 192.0.2.21 set protocols bgp group INT family evpn signaling set protocols bgp group INT export TEST set protocols bgp group INT neighbor 203.0.113.1 set protocols bgp group ToR11 type external set protocols bgp group ToR11 local-address 192.168.3.2 set protocols bgp group ToR11 import TEST set protocols bgp group ToR11 export TEST set protocols bgp group ToR11 export LO set protocols bgp group ToR11 peer-as 100 set protocols bgp group ToR11 local-as 400 set protocols bgp group ToR11 neighbor 192.168.3.1 family inet unicast set protocols bgp group ToR12 type external set protocols bgp group ToR12 local-address 192.168.6.2 set protocols bgp group ToR12 export TEST set protocols bgp group ToR12 export LO set protocols bgp group ToR12 peer-as 200 set protocols bgp group ToR12 local-as 400 set protocols bgp group ToR12 neighbor 192.168.6.1 family inet unicast set protocols bgp group MX12 type external set protocols bgp group MX12 local-address 192.168.7.1 set protocols bgp group MX12 export TEST set protocols bgp group MX12 export LO set protocols bgp group MX12 peer-as 500 set protocols bgp group MX12 local-as 400 set protocols bgp group MX12 neighbor 192.168.7.2 family inet unicast set protocols bgp group ToR11-EVPN type external set protocols bgp group ToR11-EVPN multihop ttl 2 set protocols bgp group ToR11-EVPN multihop no-nexthop-change set protocols bgp group ToR11-EVPN local-address 192.0.2.21 set protocols bgp group ToR11-EVPN export TEST set protocols bgp group ToR11-EVPN peer-as 100 set protocols bgp group ToR11-EVPN local-as 400 set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling set protocols bgp group ToR12-EVPN type external set protocols bgp group ToR12-EVPN multihop ttl 2 set protocols bgp group ToR12-EVPN multihop no-nexthop-change set protocols bgp group ToR12-EVPN local-address 192.0.2.21 set protocols bgp group ToR12-EVPN export TEST set protocols bgp group ToR12-EVPN peer-as 200 set protocols bgp group ToR12-EVPN local-as 400 set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling set protocols bgp group MX12-EVPN type external set protocols bgp group MX12-EVPN multihop ttl 2 set protocols bgp group MX12-EVPN multihop no-nexthop-change set protocols bgp group MX12-EVPN local-address 192.0.2.21 set protocols bgp group MX12-EVPN export TEST set protocols bgp group MX12-EVPN peer-as 500 set protocols bgp group MX12-EVPN local-as 400 set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling set protocols bgp group MX11-EVPN export TEST set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface ge-5/1/9.0 set protocols ospf area 0.0.0.0 interface lo0.84 passive set protocols l2-learning traceoptions file MX11-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 192.0.2.21/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement LO from protocol direct set policy-options policy-statement LO from route-filter 192.0.2.21/32 exact set policy-options policy-statement LO then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-MPLS-1 instance-type virtual-switch set routing-instances EVPN-MPLS-1 interface lt-5/1/0.0 set routing-instances EVPN-MPLS-1 route-distinguisher 192.0.2.21:100 set routing-instances EVPN-MPLS-1 vrf-target target:1:2 set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX11-EVPN-MPLS-1.log set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.84 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface lt-5/1/0.1 set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.21:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX11-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances VRF instance-type vrf set routing-instances VRF interface irb.1 set routing-instances VRF interface irb.2 set routing-instances VRF interface irb.3 set routing-instances VRF interface irb.4 set routing-instances VRF interface irb.5 set routing-instances VRF route-distinguisher 1:1 set routing-instances VRF vrf-target target:10:10
数据中心网关和 WAN 边缘 2 路由器 (MX12)
set system host-name MX12 set logical-systems P interfaces ge-1/0/0 unit 0 description "CONNECTED TO MX21" set logical-systems P interfaces ge-1/0/0 unit 0 family inet address 203.0.4.2/24 set logical-systems P interfaces ge-1/0/0 unit 0 family mpls set logical-systems P interfaces ge-1/0/2 unit 0 description "CONNECTED TO MX22" set logical-systems P interfaces ge-1/0/2 unit 0 family inet address 203.0.3.2/24 set logical-systems P interfaces ge-1/0/2 unit 0 family mpls set logical-systems P interfaces ge-1/1/1 unit 0 description "CONNECTED TO MX11" set logical-systems P interfaces ge-1/1/1 unit 0 family inet address 203.0.1.2/24 set logical-systems P interfaces ge-1/1/1 unit 0 family mpls set logical-systems P interfaces ge-1/1/6 unit 0 description "CONNECTED TO MX12" set logical-systems P interfaces ge-1/1/6 unit 0 family inet address 203.0.2.2/24 set logical-systems P interfaces ge-1/1/6 unit 0 family mpls set logical-systems P interfaces lo0 unit 86 family inet address 203.0.113.1/32 set logical-systems P interfaces lo0 unit 86 family mpls set logical-systems P protocols rsvp interface all set logical-systems P protocols mpls label-switched-path P-TO-MX11 from 203.0.113.1 set logical-systems P protocols mpls label-switched-path P-TO-MX11 to 192.0.2.21 set logical-systems P protocols mpls label-switched-path P-TO-MX12 to 192.0.2.22 set logical-systems P protocols mpls label-switched-path P-TO-MX21 to 198.51.100.21 set logical-systems P protocols mpls label-switched-path P-TO-MX22 to 198.51.100.22 set logical-systems P protocols mpls interface all set logical-systems P protocols bgp local-address 203.0.113.1 set logical-systems P protocols bgp local-as 300 set logical-systems P protocols bgp group INT type internal set logical-systems P protocols bgp group INT import BLOCK-VXLAN-ROUTES-FROM-CORE set logical-systems P protocols bgp group INT family evpn signaling set logical-systems P protocols bgp group INT cluster 203.0.113.1 set logical-systems P protocols bgp group INT neighbor 192.0.2.21 set logical-systems P protocols bgp group INT neighbor 192.0.2.22 set logical-systems P protocols bgp group INT neighbor 198.51.100.21 set logical-systems P protocols bgp group INT neighbor 198.51.100.22 set logical-systems P protocols ospf traffic-engineering set logical-systems P protocols ospf area 0.0.0.0 interface all set logical-systems P protocols ospf area 0.0.0.0 interface lo0.86 set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 from protocol bgp set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 from community RT-CORE set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 then accept set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 from protocol bgp set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 from community RT-DC1 set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 then reject set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 from protocol bgp set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 from community RT-DC2 set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 then reject set logical-systems P policy-options community RT-CORE members target:1:2 set logical-systems P policy-options community RT-DC1 members target:1:1 set logical-systems P policy-options community RT-DC2 members target:1:3 set logical-systems P routing-options router-id 203.0.113.1 set logical-systems P routing-options autonomous-system 300 set chassis fpc 1 pic 0 tunnel-services set chassis network-services enhanced-ip set interfaces traceoptions file R3-DCD.log set interfaces traceoptions file size 10m set interfaces traceoptions flag all set interfaces lt-1/0/0 esi 00:22:22:22:22:22:22:22:22:22 set interfaces lt-1/0/0 esi all-active set interfaces lt-1/0/0 unit 0 peer-unit 1 set interfaces lt-1/0/0 unit 0 family bridge interface-mode trunk set interfaces lt-1/0/0 unit 0 family bridge vlan-id-list 1-5 set interfaces lt-1/0/0 unit 1 peer-unit 0 set interfaces lt-1/0/0 unit 1 family bridge interface-mode trunk set interfaces lt-1/0/0 unit 1 family bridge vlan-id-list 1-5 set interfaces ge-1/0/4 unit 0 description "CONNECTED TO ToR12" set interfaces ge-1/0/4 unit 0 family inet address 192.168.5.2/24 set interfaces ge-1/0/5 unit 0 description "CONNECTED TO TOR11" set interfaces ge-1/0/5 unit 0 family inet address 192.168.4.2/24 set interfaces ge-1/0/6 unit 0 description "CONNECTED TO P" set interfaces ge-1/0/6 unit 0 family inet address 203.0.2.1/24 set interfaces ge-1/0/6 unit 0 family mpls set interfaces ge-1/1/0 unit 0 description "CONNECTED TO MX11" set interfaces ge-1/1/0 unit 0 family inet address 192.168.7.2/24 set interfaces irb unit 1 proxy-macip-advertisement set interfaces irb unit 1 virtual-gateway-esi 00:11:aa:aa:aa:aa:aa:aa:aa:aa set interfaces irb unit 1 virtual-gateway-esi all-active set interfaces irb unit 1 family inet address 10.11.1.13/24 virtual-gateway-address 10.11.1.10 set interfaces irb unit 2 proxy-macip-advertisement set interfaces irb unit 2 virtual-gateway-esi 00:11:bb:bb:bb:bb:bb:bb:bb:bb set interfaces irb unit 2 virtual-gateway-esi all-active set interfaces irb unit 2 family inet address 10.12.1.13/24 virtual-gateway-address 10.12.1.10 set interfaces irb unit 3 proxy-macip-advertisement set interfaces irb unit 3 virtual-gateway-esi 00:11:cc:cc:cc:cc:cc:cc:cc:cc set interfaces irb unit 3 virtual-gateway-esi all-active set interfaces irb unit 3 family inet address 10.13.1.13/24 virtual-gateway-address 10.13.1.10 set interfaces irb unit 4 proxy-macip-advertisement set interfaces irb unit 4 virtual-gateway-esi 00:11:dd:dd:dd:dd:dd:dd:dd:dd set interfaces irb unit 4 virtual-gateway-esi all-active set interfaces irb unit 4 family inet address 10.14.1.13/24 virtual-gateway-address 10.14.1.10 set interfaces irb unit 5 proxy-macip-advertisement set interfaces irb unit 5 virtual-gateway-esi 00:11:ee:ee:ee:ee:ee:ee:ee:ee set interfaces irb unit 5 virtual-gateway-esi all-active set interfaces irb unit 5 family inet address 10.15.1.13/24 virtual-gateway-address 10.15.1.10 set interfaces lo0 unit 85 family inet address 192.0.2.22/32 set interfaces lo0 unit 85 family mpls set routing-options router-id 192.0.2.22 set routing-options autonomous-system 300 set routing-options forwarding-table export evpn-pplb set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls label-switched-path MX12-TO-MX11 to 192.0.2.21 set protocols mpls label-switched-path MX12-TO-P to 203.0.113.1 set protocols mpls label-switched-path MX12-TO-MX21 to 198.51.100.21 set protocols mpls label-switched-path MX12-TO-MX22 to 198.51.100.22 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp local-address 192.0.2.22 set protocols bgp local-as 300 set protocols bgp group INT type internal set protocols bgp group INT family evpn signaling set protocols bgp group INT export TEST set protocols bgp group INT neighbor 203.0.113.1 set protocols bgp group ToR11 type external set protocols bgp group ToR11 local-address 192.168.4.2 set protocols bgp group ToR11 export TEST set protocols bgp group ToR11 export LO set protocols bgp group ToR11 peer-as 100 set protocols bgp group ToR11 local-as 500 set protocols bgp group ToR11 neighbor 192.168.4.1 family inet unicast set protocols bgp group ToR12 type external set protocols bgp group ToR12 local-address 192.168.5.2 set protocols bgp group ToR12 export TEST set protocols bgp group ToR12 export LO set protocols bgp group ToR12 peer-as 200 set protocols bgp group ToR12 local-as 500 set protocols bgp group ToR12 neighbor 192.168.5.1 family inet unicast set protocols bgp group MX11 type external set protocols bgp group MX11 local-address 192.168.7.2 set protocols bgp group MX11 export TEST set protocols bgp group MX11 export LO set protocols bgp group MX11 peer-as 400 set protocols bgp group MX11 local-as 500 set protocols bgp group MX11 neighbor 192.168.7.1 family inet unicast set protocols bgp group ToR11-EVPN type external set protocols bgp group ToR11-EVPN multihop ttl 2 set protocols bgp group ToR11-EVPN multihop no-nexthop-change set protocols bgp group ToR11-EVPN local-address 192.0.2.22 set protocols bgp group ToR11-EVPN export TEST set protocols bgp group ToR11-EVPN peer-as 100 set protocols bgp group ToR11-EVPN local-as 500 set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling set protocols bgp group ToR12-EVPN type external set protocols bgp group ToR12-EVPN multihop ttl 2 set protocols bgp group ToR12-EVPN multihop no-nexthop-change set protocols bgp group ToR12-EVPN local-address 192.0.2.22 set protocols bgp group ToR12-EVPN export TEST set protocols bgp group ToR12-EVPN peer-as 200 set protocols bgp group ToR12-EVPN local-as 500 set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling set protocols bgp group MX11-EVPN type external set protocols bgp group MX11-EVPN multihop ttl 2 set protocols bgp group MX11-EVPN multihop no-nexthop-change set protocols bgp group MX11-EVPN local-address 192.0.2.22 set protocols bgp group MX11-EVPN export TEST set protocols bgp group MX11-EVPN peer-as 400 set protocols bgp group MX11-EVPN local-as 500 set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling set protocols bgp group MX12-EVPN export TEST set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface ge-1/0/6.0 set protocols ospf area 0.0.0.0 interface lo0.85 passive set protocols l2-learning traceoptions file MX12-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 192.0.2.22/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement LO from protocol direct set policy-options policy-statement LO from route-filter 192.0.2.22/32 exact set policy-options policy-statement LO then accept set policy-options policy-statement TEST from protocol bgp set policy-options policy-statement TEST from protocol evpn set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-MPLS-1 instance-type virtual-switch set routing-instances EVPN-MPLS-1 interface lt-1/0/0.0 set routing-instances EVPN-MPLS-1 route-distinguisher 192.0.2.22:100 set routing-instances EVPN-MPLS-1 vrf-target target:1:2 set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX12-EVPN-MPLS-1.log set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.85 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface lt-1/0/0.1 set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.22:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX12-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-4 set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 5 set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances VRF instance-type vrf set routing-instances VRF interface irb.1 set routing-instances VRF interface irb.2 set routing-instances VRF interface irb.3 set routing-instances VRF interface irb.4 set routing-instances VRF interface irb.5 set routing-instances VRF route-distinguisher 1:1 set routing-instances VRF vrf-target target:10:10
数据中心网关和 WAN 边缘 3 路由器 (MX21)
set system host-name MX21 set interfaces ge-3/0/0 unit 0 description "CONNECTED TO MX21" set interfaces ge-3/0/0 unit 0 family inet address 192.168.13.1/24 set interfaces ge-3/1/0 unit 0 description "CONNECTED TO ToR22" set interfaces ge-3/1/0 unit 0 family inet address 192.168.8.1/24 set interfaces ge-5/0/0 unit 0 description "CONNECTED TO P" set interfaces ge-5/0/0 unit 0 family inet address 203.0.4.1/24 set interfaces ge-5/0/0 unit 0 family mpls set interfaces lt-5/0/0 esi 00:33:33:33:33:33:33:33:33:33 set interfaces lt-5/0/0 esi all-active set interfaces lt-5/0/0 unit 0 peer-unit 1 set interfaces lt-5/0/0 unit 0 family bridge interface-mode trunk set interfaces lt-5/0/0 unit 0 family bridge vlan-id-list 1-5 set interfaces lt-5/0/0 unit 1 peer-unit 0 set interfaces lt-5/0/0 unit 1 family bridge interface-mode trunk set interfaces lt-5/0/0 unit 1 family bridge vlan-id-list 1-5 set interfaces ge-5/0/1 unit 0 description "CONNECTED TO ToR21" set interfaces ge-5/0/1 unit 0 family inet address 192.168.9.1/24 set interfaces irb unit 1 proxy-macip-advertisement set interfaces irb unit 1 virtual-gateway-esi 00:22:aa:aa:aa:aa:aa:aa:aa:aa set interfaces irb unit 1 virtual-gateway-esi all-active set interfaces irb unit 1 family inet address 10.11.1.14/24 virtual-gateway-address 10.11.1.11 set interfaces irb unit 2 proxy-macip-advertisement set interfaces irb unit 2 virtual-gateway-esi 00:22:bb:bb:bb:bb:bb:bb:bb:bb set interfaces irb unit 2 virtual-gateway-esi all-active set interfaces irb unit 2 family inet address 10.12.1.14/24 virtual-gateway-address 10.12.1.11 set interfaces irb unit 3 proxy-macip-advertisement set interfaces irb unit 3 virtual-gateway-esi 00:22:cc:cc:cc:cc:cc:cc:cc:cc set interfaces irb unit 3 virtual-gateway-esi all-active set interfaces irb unit 3 family inet address 10.13.1.14/24 virtual-gateway-address 10.13.1.11 set interfaces irb unit 4 proxy-macip-advertisement set interfaces irb unit 4 virtual-gateway-esi 00:22:dd:dd:dd:dd:dd:dd:dd:dd set interfaces irb unit 4 virtual-gateway-esi all-active set interfaces irb unit 4 family inet address 10.14.1.14/24 virtual-gateway-address 10.14.1.11 set interfaces irb unit 5 proxy-macip-advertisement set interfaces irb unit 5 virtual-gateway-esi 00:22:ee:ee:ee:ee:ee:ee:ee:ee set interfaces irb unit 5 virtual-gateway-esi all-active set interfaces irb unit 5 family inet address 10.15.1.14/24 virtual-gateway-address 10.15.1.11 set interfaces lo0 unit 87 family inet address 198.51.100.21/32 set interfaces lo0 unit 87 family mpls set routing-options router-id 198.51.100.21 set routing-options autonomous-system 300 set routing-options forwarding-table export evpn-pplb set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls label-switched-path MX21-TO-MX11 to 192.0.2.21 set protocols mpls label-switched-path MX21-TO-MX12 to 192.0.2.22 set protocols mpls label-switched-path MX21-TO-P to 203.0.113.1 set protocols mpls label-switched-path MX21-TO-MX22 to 198.51.100.22 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp local-address 198.51.100.21 set protocols bgp export TEST set protocols bgp local-as 300 set protocols bgp group INT type internal set protocols bgp group INT local-address 198.51.100.21 set protocols bgp group INT family evpn signaling set protocols bgp group INT export TEST1 set protocols bgp group INT neighbor 203.0.113.1 set protocols bgp group ToR21 type external set protocols bgp group ToR21 local-address 192.168.9.1 set protocols bgp group ToR21 export TEST set protocols bgp group ToR21 export LO set protocols bgp group ToR21 peer-as 600 set protocols bgp group ToR21 local-as 800 set protocols bgp group ToR21 neighbor 192.168.9.2 family inet unicast set protocols bgp group ToR22 type external set protocols bgp group ToR22 local-address 192.168.8.1 set protocols bgp group ToR22 export TEST set protocols bgp group ToR22 export LO set protocols bgp group ToR22 peer-as 700 set protocols bgp group ToR22 local-as 800 set protocols bgp group ToR22 neighbor 192.168.8.2 family inet unicast set protocols bgp group MX22 type external set protocols bgp group MX22 local-address 192.168.13.1 set protocols bgp group MX22 export TEST set protocols bgp group MX22 export LO set protocols bgp group MX22 peer-as 900 set protocols bgp group MX22 local-as 800 set protocols bgp group MX22 neighbor 10.115.15.2 family inet unicast set protocols bgp group ToR21-EVPN type external set protocols bgp group ToR21-EVPN multihop ttl 2 set protocols bgp group ToR21-EVPN multihop no-nexthop-change set protocols bgp group ToR21-EVPN local-address 198.51.100.21 set protocols bgp group ToR21-EVPN peer-as 600 set protocols bgp group ToR21-EVPN local-as 800 set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling set protocols bgp group ToR22-EVPN type external set protocols bgp group ToR22-EVPN multihop ttl 2 set protocols bgp group ToR22-EVPN multihop no-nexthop-change set protocols bgp group ToR22-EVPN local-address 198.51.100.21 set protocols bgp group ToR22-EVPN peer-as 700 set protocols bgp group ToR22-EVPN local-as 800 set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling set protocols bgp group MX22-EVPN type external set protocols bgp group MX22-EVPN multihop ttl 2 set protocols bgp group MX22-EVPN multihop no-nexthop-change set protocols bgp group MX22-EVPN local-address 198.51.100.21 set protocols bgp group MX22-EVPN peer-as 900 set protocols bgp group MX22-EVPN local-as 800 set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface ge-5/0/0.0 set protocols ospf area 0.0.0.0 interface lo0.87 passive set protocols l2-learning traceoptions file MX21-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO from protocol direct set policy-options policy-statement LO from route-filter 198.51.100.21/32 exact set policy-options policy-statement LO then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement TEST1 term 1 from protocol bgp set policy-options policy-statement TEST1 term 1 from external set policy-options policy-statement TEST1 term 1 then reject set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-MPLS-1 instance-type virtual-switch set routing-instances EVPN-MPLS-1 interface lt-5/0/0.0 set routing-instances EVPN-MPLS-1 route-distinguisher 198.51.100.21:100 set routing-instances EVPN-MPLS-1 vrf-target target:1:2 set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX21-EVPN-MPLS-1.log set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.87 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface lt-5/0/0.1 set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.21:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX21-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances VRF instance-type vrf set routing-instances VRF interface irb.1 set routing-instances VRF interface irb.2 set routing-instances VRF interface irb.3 set routing-instances VRF interface irb.4 set routing-instances VRF interface irb.5 set routing-instances VRF route-distinguisher 1:1 set routing-instances VRF vrf-target target:10:10
数据中心网关和 WAN 边缘 4 路由器 (MX22)
set system host-name MX22 set interfaces xe-0/0/0 unit 0 description "CONNECTED TO ToR22" set interfaces xe-0/0/0 unit 0 family inet address 192.168.11.1/24 set interfaces xe-0/0/1 unit 0 description "CONNECTED TO ToR21" set interfaces xe-0/0/1 unit 0 family inet address 192.168.10.1/24 set interfaces ge-1/0/0 unit 0 description "CONNECTED TO MX21" set interfaces ge-1/0/0 unit 0 family inet address 10.115.15.2/24 set interfaces lt-1/0/0 esi 00:33:33:33:33:33:33:33:33:33 set interfaces lt-1/0/0 esi all-active set interfaces lt-1/0/0 unit 0 peer-unit 1 set interfaces lt-1/0/0 unit 0 family bridge interface-mode trunk set interfaces lt-1/0/0 unit 0 family bridge vlan-id-list 1-5 set interfaces lt-1/0/0 unit 1 peer-unit 0 set interfaces lt-1/0/0 unit 1 family bridge interface-mode trunk set interfaces lt-1/0/0 unit 1 family bridge vlan-id-list 1-5 set interfaces ge-1/0/2 unit 0 description "CONNECTED TO P" set interfaces ge-1/0/2 unit 0 family inet address 203.0.3.1/24 set interfaces ge-1/0/2 unit 0 family mpls set interfaces irb unit 1 proxy-macip-advertisement set interfaces irb unit 1 virtual-gateway-esi 00:22:aa:aa:aa:aa:aa:aa:aa:aa set interfaces irb unit 1 virtual-gateway-esi all-active set interfaces irb unit 1 family inet address 10.11.1.15/24 virtual-gateway-address 10.11.1.11 set interfaces irb unit 2 proxy-macip-advertisement set interfaces irb unit 2 virtual-gateway-esi 00:22:bb:bb:bb:bb:bb:bb:bb:bb set interfaces irb unit 2 virtual-gateway-esi all-active set interfaces irb unit 2 family inet address 10.12.1.15/24 virtual-gateway-address 10.12.1.11 set interfaces irb unit 3 proxy-macip-advertisement set interfaces irb unit 3 virtual-gateway-esi 00:22:cc:cc:cc:cc:cc:cc:cc:cc set interfaces irb unit 3 virtual-gateway-esi all-active set interfaces irb unit 3 family inet address 10.13.1.15/24 virtual-gateway-address 10.13.1.11 set interfaces irb unit 4 proxy-macip-advertisement set interfaces irb unit 4 virtual-gateway-esi 00:22:dd:dd:dd:dd:dd:dd:dd:dd set interfaces irb unit 4 virtual-gateway-esi all-active set interfaces irb unit 4 family inet address 10.14.1.15/24 virtual-gateway-address 10.14.1.11 set interfaces irb unit 5 proxy-macip-advertisement set interfaces irb unit 5 virtual-gateway-esi 00:22:ee:ee:ee:ee:ee:ee:ee:ee set interfaces irb unit 5 virtual-gateway-esi all-active set interfaces irb unit 5 family inet address 10.15.1.15/24 virtual-gateway-address 10.15.1.11 set interfaces lo0 unit 88 family inet address 198.51.100.22/32 set routing-options router-id 198.51.100.22 set routing-options autonomous-system 300 set routing-options forwarding-table export evpn-pplb set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls label-switched-path MX22-TO-MX11 to 192.0.2.21 set protocols mpls label-switched-path MX22-TO-MX12 to 192.0.2.22 set protocols mpls label-switched-path MX22-TO-P to 203.0.113.1 set protocols mpls label-switched-path MX22-TO-MX21 to 198.51.100.21 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp local-address 198.51.100.22 set protocols bgp export TEST set protocols bgp local-as 300 set protocols bgp group INT type internal set protocols bgp group INT family evpn signaling set protocols bgp group INT export TEST1 set protocols bgp group INT neighbor 203.0.113.1 set protocols bgp group ToR21 type external set protocols bgp group ToR21 local-address 192.168.10.1 set protocols bgp group ToR21 export TEST set protocols bgp group ToR21 export LO set protocols bgp group ToR21 peer-as 600 set protocols bgp group ToR21 local-as 900 set protocols bgp group ToR21 neighbor 10.102.2.1 family inet unicast set protocols bgp group ToR22 type external set protocols bgp group ToR22 local-address 192.168.11.1 set protocols bgp group ToR22 export TEST set protocols bgp group ToR22 export LO set protocols bgp group ToR22 peer-as 700 set protocols bgp group ToR22 local-as 900 set protocols bgp group ToR22 neighbor 192.168.11.2 family inet unicast set protocols bgp group MX21 type external set protocols bgp group MX21 local-address 10.115.15.2 set protocols bgp group MX21 export TEST set protocols bgp group MX21 export LO set protocols bgp group MX21 peer-as 800 set protocols bgp group MX21 local-as 900 set protocols bgp group MX21 neighbor 192.168.13.1 family inet unicast set protocols bgp group ToR21-EVPN type external set protocols bgp group ToR21-EVPN multihop ttl 2 set protocols bgp group ToR21-EVPN multihop no-nexthop-change set protocols bgp group ToR21-EVPN local-address 198.51.100.22 set protocols bgp group ToR21-EVPN peer-as 600 set protocols bgp group ToR21-EVPN local-as 900 set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling set protocols bgp group ToR22-EVPN type external set protocols bgp group ToR22-EVPN multihop ttl 2 set protocols bgp group ToR22-EVPN multihop no-nexthop-change set protocols bgp group ToR22-EVPN local-address 198.51.100.22 set protocols bgp group ToR22-EVPN peer-as 700 set protocols bgp group ToR22-EVPN local-as 900 set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling set protocols bgp group MX21-EVPN type external set protocols bgp group MX21-EVPN multihop ttl 2 set protocols bgp group MX21-EVPN multihop no-nexthop-change set protocols bgp group MX21-EVPN local-address 198.51.100.22 set protocols bgp group MX21-EVPN peer-as 800 set protocols bgp group MX21-EVPN local-as 900 set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface ge-1/0/2.0 set protocols ospf area 0.0.0.0 interface lo0.88 passive set protocols l2-learning traceoptions file MX22-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO from protocol direct set policy-options policy-statement LO from route-filter 198.51.100.22/32 exact set policy-options policy-statement LO then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement TEST1 term 1 from protocol bgp set policy-options policy-statement TEST1 term 1 from external set policy-options policy-statement TEST1 term 1 then reject set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-MPLS-1 instance-type virtual-switch set routing-instances EVPN-MPLS-1 interface lt-1/0/0.0 set routing-instances EVPN-MPLS-1 route-distinguisher 198.51.100.22:100 set routing-instances EVPN-MPLS-1 vrf-target target:1:2 set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX22-EVPN-MPLS-1.log set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.88 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface lt-1/0/0.1 set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.22:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX22-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances VRF instance-type vrf set routing-instances VRF interface irb.1 set routing-instances VRF interface irb.2 set routing-instances VRF interface irb.3 set routing-instances VRF interface irb.4 set routing-instances VRF interface irb.5 set routing-instances VRF route-distinguisher 1:1 set routing-instances VRF vrf-target target:10:10
ToR–21
set system host-name ToR21 set logical-systems CE-4 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 4" set logical-systems CE-4 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk set logical-systems CE-4 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-4 interfaces ge-1/1/6 unit 0 description "CONNECTED TO ToR21" set logical-systems CE-4 interfaces ge-1/1/6 unit 0 family bridge interface-mode trunk set logical-systems CE-4 interfaces ge-1/1/6 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-4 bridge-domains BD-1 domain-type bridge set logical-systems CE-4 bridge-domains BD-1 vlan-id 1 set logical-systems CE-4 bridge-domains BD-2 domain-type bridge set logical-systems CE-4 bridge-domains BD-2 vlan-id 2 set logical-systems CE-4 bridge-domains BD-3 domain-type bridge set logical-systems CE-4 bridge-domains BD-3 vlan-id 3 set logical-systems CE-4 bridge-domains BD-4 domain-type bridge set logical-systems CE-4 bridge-domains BD-4 vlan-id 4 set logical-systems CE-4 bridge-domains BD-5 domain-type bridge set logical-systems CE-4 bridge-domains BD-5 vlan-id 5 set chassis aggregated-devices ethernet device-count 1 set interfaces traceoptions file R6-DCD.log set interfaces traceoptions file size 10m set interfaces traceoptions flag all set interfaces xe-0/0/0 unit 0 description "CONNECTED TO MX22" set interfaces xe-0/0/0 unit 0 family inet address 192.168.10.2/24 set interfaces ge-1/0/0 description "CONNECTED TO CE-5" set interfaces ge-1/0/0 gigether-options 802.3ad ae0 set interfaces ge-1/0/1 unit 0 description "CONNECTED TO MX21" set interfaces ge-1/0/1 unit 0 family inet address 192.168.101.1/24 set interfaces ge-1/0/6 unit 0 description "CONNECTED TO CE-4" set interfaces ge-1/0/6 unit 0 family bridge interface-mode trunk set interfaces ge-1/0/6 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR22" set interfaces ge-1/1/3 unit 0 family inet address 192.168.12.1/24 set interfaces ae0 esi 00:44:44:44:44:44:44:44:44:44 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 aggregated-ether-options lacp periodic fast set interfaces ae0 aggregated-ether-options lacp system-id 22:22:22:22:22:22 set interfaces ae0 unit 0 family bridge interface-mode trunk set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 set interfaces lo0 unit 90 family inet address 198.51.100.11/32 set routing-options router-id 198.51.100.11 set routing-options autonomous-system 600 set routing-options forwarding-table export evpn-pplb set protocols bgp export TEST set protocols bgp local-as 600 set protocols bgp group MX21 type external set protocols bgp group MX21 local-address 192.168.9.2 set protocols bgp group MX21 export LO set protocols bgp group MX21 export TEST set protocols bgp group MX21 peer-as 800 set protocols bgp group MX21 local-as 600 set protocols bgp group MX21 neighbor 192.168.9.1 family inet unicast set protocols bgp group MX22 type external set protocols bgp group MX22 local-address 10.102.2.1 set protocols bgp group MX22 export LO set protocols bgp group MX22 export TEST set protocols bgp group MX22 peer-as 900 set protocols bgp group MX22 local-as 600 set protocols bgp group MX22 neighbor 192.168.10.1 family inet unicast set protocols bgp group ToR22 type external set protocols bgp group ToR22 local-address 10.105.5.1 set protocols bgp group ToR22 export LO set protocols bgp group ToR22 export TEST set protocols bgp group ToR22 peer-as 700 set protocols bgp group ToR22 local-as 600 set protocols bgp group ToR22 neighbor 192.168.12.2 family inet unicast set protocols bgp group MX21-EVPN type external set protocols bgp group MX21-EVPN multihop ttl 2 set protocols bgp group MX21-EVPN multihop no-nexthop-change set protocols bgp group MX21-EVPN local-address 198.51.100.11 set protocols bgp group MX21-EVPN peer-as 800 set protocols bgp group MX21-EVPN local-as 600 set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling set protocols bgp group MX22-EVPN type external set protocols bgp group MX22-EVPN multihop ttl 2 set protocols bgp group MX22-EVPN multihop no-nexthop-change set protocols bgp group MX22-EVPN local-address 198.51.100.11 set protocols bgp group MX22-EVPN peer-as 900 set protocols bgp group MX22-EVPN local-as 600 set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling set protocols bgp group ToR22-EVPN type external set protocols bgp group ToR22-EVPN multihop ttl 2 set protocols bgp group ToR22-EVPN multihop no-nexthop-change set protocols bgp group ToR22-EVPN local-address 198.51.100.11 set protocols bgp group ToR22-EVPN peer-as 700 set protocols bgp group ToR22-EVPN local-as 600 set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling set protocols l2-learning traceoptions file TOR21-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 198.51.100.11/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.90 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface ge-1/0/6.0 set routing-instances EVPN-VXLAN-1 interface ae0.0 set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.11:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR21-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
ToR–22
set system host-name ToR22 set logical-systems CE-5 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 5" set logical-systems CE-5 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk set logical-systems CE-5 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-5 interfaces ae1 unit 0 description "CONNECTED TO ToR21" set logical-systems CE-5 interfaces ae1 unit 0 family bridge interface-mode trunk set logical-systems CE-5 interfaces ae1 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-5 bridge-domains BD-1 domain-type bridge set logical-systems CE-5 bridge-domains BD-1 vlan-id 1 set logical-systems CE-5 bridge-domains BD-2 domain-type bridge set logical-systems CE-5 bridge-domains BD-2 vlan-id 2 set logical-systems CE-5 bridge-domains BD-3 domain-type bridge set logical-systems CE-5 bridge-domains BD-3 vlan-id 3 set logical-systems CE-5 bridge-domains BD-4 domain-type bridge set logical-systems CE-5 bridge-domains BD-4 vlan-id 4 set logical-systems CE-5 bridge-domains BD-5 domain-type bridge set logical-systems CE-5 bridge-domains BD-5 vlan-id 5 set logical-systems CE-6 interfaces ge-1/1/6 unit 0 description "CONNECTED TO ToR22" set logical-systems CE-6 interfaces ge-1/1/6 unit 0 family bridge interface-mode trunk set logical-systems CE-6 interfaces ge-1/1/6 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-6 interfaces ge-1/1/9 unit 0 description "CONNECTED TO Host 6" set logical-systems CE-6 interfaces ge-1/1/9 unit 0 family bridge interface-mode trunk set logical-systems CE-6 interfaces ge-1/1/9 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-6 bridge-domains BD-1 domain-type bridge set logical-systems CE-6 bridge-domains BD-1 vlan-id 1 set logical-systems CE-6 bridge-domains BD-2 domain-type bridge set logical-systems CE-6 bridge-domains BD-2 vlan-id 2 set logical-systems CE-6 bridge-domains BD-3 domain-type bridge set logical-systems CE-6 bridge-domains BD-3 vlan-id 3 set logical-systems CE-6 bridge-domains BD-4 domain-type bridge set logical-systems CE-6 bridge-domains BD-4 vlan-id 4 set logical-systems CE-6 bridge-domains BD-5 domain-type bridge set logical-systems CE-6 bridge-domains BD-5 vlan-id 5 set chassis aggregated-devices ethernet device-count 2 set interfaces traceoptions file R7-DCD.log set interfaces traceoptions file size 10m set interfaces traceoptions flag all set interfaces xe-0/0/0 unit 0 description "CONNECTED TO MX22" set interfaces xe-0/0/0 unit 0 family inet address 192.168.11.2/24 set interfaces ge-1/0/0 description "CONNECTED TO ToR21" set interfaces ge-1/0/0 gigether-options 802.3ad ae1 set interfaces ge-1/0/6 unit 0 description "CONNECTED TO CE-6" set interfaces ge-1/0/6 unit 0 family bridge interface-mode trunk set interfaces ge-1/0/6 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-1/0/7 description "CONNECTED TO ToR22" set interfaces ge-1/0/7 gigether-options 802.3ad ae1 set interfaces ge-1/1/0 unit 0 description "CONNECTED TO MX21" set interfaces ge-1/1/0 unit 0 family inet address 192.168.8.2/24 set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR21" set interfaces ge-1/1/3 unit 0 family inet address 192.168.12.2/24 set interfaces ge-1/1/7 description "CONNECTED TO CE-5" set interfaces ge-1/1/7 gigether-options 802.3ad ae0 set interfaces ae0 esi 00:44:44:44:44:44:44:44:44:44 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 aggregated-ether-options lacp periodic fast set interfaces ae0 aggregated-ether-options lacp system-id 22:22:22:22:22:22 set interfaces ae0 unit 0 family bridge interface-mode trunk set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces ae1 aggregated-ether-options lacp system-id 22:22:22:22:22:22 set interfaces lo0 unit 92 family inet address 198.51.100.12/32 set routing-options router-id 198.51.100.12 set routing-options autonomous-system 700 set routing-options forwarding-table export evpn-pplb set protocols bgp export TEST set protocols bgp local-as 700 set protocols bgp group MX21 type external set protocols bgp group MX21 local-address 192.168.8.2 set protocols bgp group MX21 export LO set protocols bgp group MX21 export TEST set protocols bgp group MX21 peer-as 800 set protocols bgp group MX21 local-as 700 set protocols bgp group MX21 neighbor 192.168.8.1 family inet unicast set protocols bgp group MX22 type external set protocols bgp group MX22 local-address 192.168.11.2 set protocols bgp group MX22 export LO set protocols bgp group MX22 export TEST set protocols bgp group MX22 peer-as 900 set protocols bgp group MX22 local-as 700 set protocols bgp group MX22 neighbor 192.168.11.1 family inet unicast set protocols bgp group ToR21 type external set protocols bgp group ToR21 local-address 192.168.12.2 set protocols bgp group ToR21 export LO set protocols bgp group ToR21 export TEST set protocols bgp group ToR21 peer-as 600 set protocols bgp group ToR21 local-as 700 set protocols bgp group ToR21 neighbor 10.105.5.1 family inet unicast set protocols bgp group MX21-EVPN type external set protocols bgp group MX21-EVPN multihop ttl 2 set protocols bgp group MX21-EVPN multihop no-nexthop-change set protocols bgp group MX21-EVPN local-address 198.51.100.12 set protocols bgp group MX21-EVPN peer-as 800 set protocols bgp group MX21-EVPN local-as 700 set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling set protocols bgp group MX22-EVPN type external set protocols bgp group MX22-EVPN multihop ttl 2 set protocols bgp group MX22-EVPN multihop no-nexthop-change set protocols bgp group MX22-EVPN local-address 198.51.100.12 set protocols bgp group MX22-EVPN peer-as 900 set protocols bgp group MX22-EVPN local-as 700 set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling set protocols bgp group ToR21-EVPN type external set protocols bgp group ToR21-EVPN multihop ttl 2 set protocols bgp group ToR21-EVPN multihop no-nexthop-change set protocols bgp group ToR21-EVPN local-address 198.51.100.12 set protocols bgp group ToR21-EVPN peer-as 600 set protocols bgp group ToR21-EVPN local-as 700 set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling set protocols l2-learning traceoptions file TOR22-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 198.51.100.12/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.92 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface ge-1/0/6.0 set routing-instances EVPN-VXLAN-1 interface ae0.0 set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.12:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR22-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
配置 ToR11
逐步过程
以下示例要求您在配置层次结构中导航各个级别。有关导航指南CLI,请参阅 CLI 用户指南 中的 在配置模式下CLI 编辑器 。
将 MX 路由器配置为 ToR11:
设置系统主机名。
[edit] user@ToR11# set system host-name ToR11
配置 CE2 设备的接口和桥接域,以启用第 2 层连接。
[edit] user@ce2# set logical-systems CE-2 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 2" user@ce2# set logical-systems CE-2 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk user@ce2# set logical-systems CE-2 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 user@ce2# set logical-systems CE-2 interfaces ge-1/1/6 unit 0 description "CONNECTED TO ToR11" user@ce2# set logical-systems CE-2 interfaces ge-1/1/6 unit 0 family bridge interface-mode trunk user@ce2# set logical-systems CE-2 interfaces ge-1/1/6 unit 0 family bridge vlan-id-list 1-5 user@ce2# set logical-systems CE-2 bridge-domains BD-1 domain-type bridge user@ce2# set logical-systems CE-2 bridge-domains BD-1 vlan-id 1 user@ce2# set logical-systems CE-2 bridge-domains BD-2 domain-type bridge user@ce2# set logical-systems CE-2 bridge-domains BD-2 vlan-id 2 user@ce2# set logical-systems CE-2 bridge-domains BD-3 domain-type bridge user@ce2# set logical-systems CE-2 bridge-domains BD-3 vlan-id 3 user@ce2# set logical-systems CE-2 bridge-domains BD-4 domain-type bridge user@ce2# set logical-systems CE-2 bridge-domains BD-4 vlan-id 4 user@ce2# set logical-systems CE-2 bridge-domains BD-5 domain-type bridge user@ce2# set logical-systems CE-2 bridge-domains BD-5 vlan-id 5
为接口配置追踪选项以启用追踪日志。
[edit] user@ce2# set interfaces traceoptions file R0-DCD.log user@ce2# set interfaces traceoptions file size 10m user@ce2# set interfaces traceoptions flag all
设置聚合以太网接口的数量。
[edit] user@ToR11# set chassis aggregated-devices ethernet device-count 1
配置 ToR11 设备的接口,以连接到 MX12、客户边缘-2、客户边缘-1、ToR12 和 MX11 设备,以启用底层连接。
[edit] user@ToR11# set interfaces ge-1/0/5 unit 0 description "CONNECTED TO MX12" user@ToR11# set interfaces ge-1/0/5 unit 0 family inet address 192.168.4.1/24 user@ToR11# set interfaces ge-1/0/6 unit 0 description "CONNECTED TO CE-2" user@ToR11# set interfaces ge-1/0/6 unit 0 family bridge interface-mode trunk user@ToR11# set interfaces ge-1/0/6 unit 0 family bridge vlan-id-list 1-5 user@ToR11# set interfaces ge-1/1/0 description "CONNECTED TO CE-1" user@ToR11# set interfaces ge-1/1/0 gigether-options 802.3ad ae0 user@ToR11# set interfaces ge-1/1/1 unit 0 description "CONNECTED TO MX11" user@ToR11# set interfaces ge-1/1/1 unit 0 family inet address 192.168.3.1/24 user@ToR11# set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR12" user@ToR11# set interfaces ge-1/1/3 unit 0 family inet address 192.168.2.1/24
针对第 1 层终端主机设备配置支持链路聚合控制协议 (LACP) 的链路聚合组 (LAG) 客户边缘。ESI 值在整个 EVPN 域中具有全球唯一性。全活动配置支持 ToR11 和 ToR12 将信息流转发至客户边缘设备,从而主动客户边缘所有链路。
[edit] user@ToR11# set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 user@ToR11# set interfaces ae0 esi all-active user@ToR11# set interfaces ae0 aggregated-ether-options lacp active user@ToR11# set interfaces ae0 aggregated-ether-options lacp periodic fast user@ToR11# set interfaces ae0 aggregated-ether-options lacp system-id 11:11:11:11:11:11 user@ToR11# set interfaces ae0 unit 0 family bridge interface-mode trunk user@ToR11# set interfaces ae0 unit 0 family bridge vlan-id-list 1-5
配置环路接口地址和路由选项。
[edit] user@ToR11# set interfaces lo0 unit 81 family inet address 192.0.2.11/32 user@ToR11# set routing-options router-id 192.0.2.11 user@ToR11# set routing-options autonomous-system 100
在 ToR11 上配置负载平衡。
[edit] user@ToR11# set routing-options forwarding-table export evpn-pplb
在 ToR(ToR11 和 ToR12)和网关路由器(MX11 和 MX12)之间配置多协议外部路由 (MP-EBGP) BGP层连接。
[edit] user@ToR11# set protocols bgp local-as 100 user@ToR11# set protocols bgp group MX11 type external user@ToR11# set protocols bgp group MX11 local-address 192.168.3.1 user@ToR11# set protocols bgp group MX11 export LO user@ToR11# set protocols bgp group MX11 export TEST user@ToR11# set protocols bgp group MX11 peer-as 400 user@ToR11# set protocols bgp group MX11 neighbor 192.168.3.2 family inet unicast user@ToR11# set protocols bgp group MX12 type external user@ToR11# set protocols bgp group MX12 local-address 192.168.4.1 user@ToR11# set protocols bgp group MX12 export LO user@ToR11# set protocols bgp group MX12 export TEST user@ToR11# set protocols bgp group MX12 peer-as 500 user@ToR11# set protocols bgp group MX12 neighbor 192.168.4.2 family inet unicast user@ToR11# set protocols bgp group ToR12 type external user@ToR11# set protocols bgp group ToR12 local-address 192.168.2.1 user@ToR11# set protocols bgp group ToR12 export LO user@ToR11# set protocols bgp group ToR12 export TEST user@ToR11# set protocols bgp group ToR12 peer-as 200 user@ToR11# set protocols bgp group ToR12 local-as 100 user@ToR11# set protocols bgp group ToR12 neighbor 192.168.2.2 family inet unicast
在 ToR(ToR11 和 ToR12)和网关路由器(MX11 和 MX12)之间配置多协议外部 BGP (MP-EBGP) 叠加,将 EVPN 设置为信号协议。
逐步过程
配置 MP-EBGP 叠加,以使用 EVPN 信令在 ToR11 和 MX11 之间连接。
[edit] user@ToR11# set protocols bgp group MX11-EVPN type external user@ToR11# set protocols bgp group MX11-EVPN multihop ttl 2 user@ToR11# set protocols bgp group MX11-EVPN multihop no-nexthop-change user@ToR11# set protocols bgp group MX11-EVPN local-address 192.0.2.11 user@ToR11# set protocols bgp group MX11-EVPN export TEST user@ToR11# set protocols bgp group MX11-EVPN peer-as 400 user@ToR11# set protocols bgp group MX11-EVPN local-as 100 user@ToR11# set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling
配置 MP-EBGP 叠加,以使用 EVPN 信令在 ToR11 和 MX12 之间连接。
[edit] user@ToR11# set protocols bgp group MX12-EVPN type external user@ToR11# set protocols bgp group MX12-EVPN multihop ttl 2 user@ToR11# set protocols bgp group MX12-EVPN multihop no-nexthop-change user@ToR11# set protocols bgp group MX12-EVPN local-address 192.0.2.11 user@ToR11# set protocols bgp group MX12-EVPN export TEST user@ToR11# set protocols bgp group MX12-EVPN peer-as 500 user@ToR11# set protocols bgp group MX12-EVPN local-as 100 user@ToR11# set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling
配置 MP-EBGP 叠加,以使用 EVPN 信令在 ToR11 和 ToR12 之间连接。
[edit] user@ToR11# set protocols bgp group ToR12-EVPN type external user@ToR11# set protocols bgp group ToR12-EVPN multihop ttl 2 user@ToR11# set protocols bgp group ToR12-EVPN multihop no-nexthop-change user@ToR11# set protocols bgp group ToR12-EVPN local-address 192.0.2.11 user@ToR11# set protocols bgp group ToR12-EVPN export TEST user@ToR11# set protocols bgp group ToR12-EVPN peer-as 200 user@ToR11# set protocols bgp group ToR12-EVPN local-as 100 user@ToR11# set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling
配置跟踪操作以跟踪所有 2 层地址学习和转发属性。
[edit] user@ToR11# set protocols l2-learning traceoptions file TOR11-L2ALD.log user@ToR11# set protocols l2-learning traceoptions file size 10m user@ToR11# set protocols l2-learning traceoptions level all user@ToR11# set protocols l2-learning traceoptions flag all
配置路由策略以接受直接环路地址路由,将其重定向至BGP。
[edit] user@ToR11# set policy-options policy-statement LO term 1 from protocol direct user@ToR11# set policy-options policy-statement LO term 1 from route-filter 192.0.2.11/32 exact user@ToR11# set policy-options policy-statement LO term 1 then accept
配置社区策略选项。
[edit] user@ToR11# set policy-options community NO-EXPORT members no-advertise user@ToR11# set policy-options community NO-EXPORT members no-export user@ToR11# set policy-options community NO-EXPORT members no-export-subconfed
应用负载平衡。
[edit] user@ToR11# set policy-options policy-statement TEST then community add NO-EXPORT user@ToR11# set policy-options policy-statement evpn-pplb from protocol evpn user@ToR11# set policy-options policy-statement evpn-pplb then load-balance per-packet
为每个虚拟网络配置 EVPN 路由实例。定义VTEP接口、路由识别器(用于识别和播发 EVPN 路由)和 vrf-target(使用定义的路由目标导出和标记该本地 VRF 的所有路由)。配置 EVPN 协议、封装方法、VNI 列表和 BUM 信息流转发方法。最后,为每个将 VNID 映射到 VLAN 识别的虚拟路由器配置桥接域,并识别 BUM 转发方法。
[edit] user@ToR11# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.81 user@ToR11# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@ToR11# set routing-instances EVPN-VXLAN-1 interface ge-1/0/6.0 user@ToR11# set routing-instances EVPN-VXLAN-1 interface ae0.0 user@ToR11# set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.11:1 user@ToR11# set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 user@ToR11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR11-EVPN-VXLAN-1.log user@ToR11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@ToR11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@ToR11# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@ToR11# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
配置 ToR12
逐步过程
以下示例要求您在配置层次结构中导航各个级别。有关导航指南CLI,请参阅 CLI 用户指南 中的 在配置模式下CLI 编辑器 。
配置 MX 路由器 ToR12:
设置系统主机名。
[edit] user@ToR12# set system host-name ToR12
配置 客户边缘-1 设备上接口和桥接域,以启用第 2 层连接。
[edit] user@ce1# set logical-systems CE-1 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 1" user@ce1# set logical-systems CE-1 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk user@ce1# set logical-systems CE-1 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 user@ce1# set logical-systems CE-1 interfaces ae1 unit 0 description "CONNECTED TO ToR12" user@ce1# set logical-systems CE-1 interfaces ae1 unit 0 family bridge interface-mode trunk user@ce1# set logical-systems CE-1 interfaces ae1 unit 0 family bridge vlan-id-list 1-5 user@ce1# set logical-systems CE-1 bridge-domains BD-1 domain-type bridge user@ce1# set logical-systems CE-1 bridge-domains BD-1 vlan-id 1 user@ce1# set logical-systems CE-1 bridge-domains BD-2 domain-type bridge user@ce1# set logical-systems CE-1 bridge-domains BD-2 vlan-id 2 user@ce1# set logical-systems CE-1 bridge-domains BD-3 domain-type bridge user@ce1# set logical-systems CE-1 bridge-domains BD-3 vlan-id 3 user@ce1# set logical-systems CE-1 bridge-domains BD-4 domain-type bridge user@ce1# set logical-systems CE-1 bridge-domains BD-4 vlan-id 4 user@ce1# set logical-systems CE-1 bridge-domains BD-5 domain-type bridge user@ce1# set logical-systems CE-1 bridge-domains BD-5 vlan-id 5
配置 客户边缘-3 设备上接口和桥接域,以启用第 2 层连接。
[edit] user@ce3# set logical-systems CE-3 interfaces ge-1/1/7 unit 0 description "CONNECTED TO ToR12" user@ce3# set logical-systems CE-3 interfaces ge-1/1/7 unit 0 family bridge interface-mode trunk user@ce3# set logical-systems CE-3 interfaces ge-1/1/7 unit 0 family bridge vlan-id-list 1-5 user@ce3# set logical-systems CE-3 interfaces ge-1/1/9 unit 0 description "CONNECTED TO Host 3" user@ce3# set logical-systems CE-3 interfaces ge-1/1/9 unit 0 family bridge interface-mode trunk user@ce3# set logical-systems CE-3 interfaces ge-1/1/9 unit 0 family bridge vlan-id-list 1-5 user@ce3# set logical-systems CE-3 bridge-domains BD-1 domain-type bridge user@ce3# set logical-systems CE-3 bridge-domains BD-1 vlan-id 1 user@ce3# set logical-systems CE-3 bridge-domains BD-2 domain-type bridge user@ce3# set logical-systems CE-3 bridge-domains BD-2 vlan-id 2 user@ce3# set logical-systems CE-3 bridge-domains BD-3 domain-type bridge user@ce3# set logical-systems CE-3 bridge-domains BD-3 vlan-id 3 user@ce3# set logical-systems CE-3 bridge-domains BD-4 domain-type bridge user@ce3# set logical-systems CE-3 bridge-domains BD-4 vlan-id 4 user@ce3# set logical-systems CE-3 bridge-domains BD-5 domain-type bridge user@ce3# set logical-systems CE-3 bridge-domains BD-5 vlan-id 5
为接口配置追踪选项以启用追踪日志。
[edit] user@ce3# set interfaces traceoptions file R1-DCD.log user@ce3# set interfaces traceoptions file size 10m user@ce3# set interfaces traceoptions flag all
设置聚合以太网接口的数量。
[edit] user@ToR12# set chassis aggregated-devices ethernet device-count 2
配置 ToR12 设备的接口,以连接到 MX12、客户边缘-2、客户边缘-3、ToR11 和 MX11 设备,以启用底层连接。
[edit] user@ToR12# set interfaces ge-1/0/0 unit 0 description "CONNECTED TO MX11" user@ToR12# set interfaces ge-1/0/0 unit 0 family inet address 192.168.6.1/24 user@ToR12# set interfaces ge-1/0/4 unit 0 description "CONNECTED TO MX12" user@ToR12# set interfaces ge-1/0/4 unit 0 family inet address 192.168.5.1/24 user@ToR12# set interfaces ge-1/0/6 description "CONNECTED TO CE-1" user@ToR12# set interfaces ge-1/0/6 gigether-options 802.3ad ae0 user@ToR12# set interfaces ge-1/0/7 unit 0 description "CONNECTED TO CE-3" user@ToR12# set interfaces ge-1/0/7 unit 0 family bridge interface-mode trunk user@ToR12# set interfaces ge-1/0/7 unit 0 family bridge vlan-id-list 1-5 user@ToR12# set interfaces ge-1/1/0 description "CONNECTED TO ToR11" user@ToR12# set interfaces ge-1/1/0 gigether-options 802.3ad ae1 user@ToR12# set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR11" user@ToR12# set interfaces ge-1/1/3 unit 0 family inet address 192.168.2.2/24 user@ToR12# set interfaces ge-1/1/6 description "CONNECTED TO ToR12" user@ToR12# set interfaces ge-1/1/6 gigether-options 802.3ad ae1
针对第 1 层终端主机设备配置支持链路聚合控制协议 (LACP) 的链路聚合组 (LAG) 客户边缘。ESI 值在整个 EVPN 域中具有全球唯一性。全活动配置支持 ToR11 和 ToR12 将信息流转发至客户边缘设备,从而主动客户边缘所有链路。
[edit] user@ToR12# set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 user@ToR12# set interfaces ae0 esi all-active user@ToR12# set interfaces ae0 aggregated-ether-options lacp system-id 11:11:11:11:11:11 user@ToR12# set interfaces ae0 unit 0 family bridge interface-mode trunk user@ToR12# set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 user@ToR12# set interfaces ae1 aggregated-ether-options lacp active user@ToR12# set interfaces ae1 aggregated-ether-options lacp periodic fast
配置环路接口地址和路由选项。
[edit] user@ToR12# set interfaces lo0 unit 82 family inet address 192.0.2.12/32 user@ToR12# set routing-options router-id 192.0.2.12 user@ToR12# set routing-options autonomous-system 200
在 ToR12 上配置负载平衡。
[edit] user@ToR12# set routing-options forwarding-table export evpn-pplb
在 ToR(ToR12 和 ToR11)和网关路由器(MX11 和 MX12)之间配置多协议外部路由 (MP-EBGP) BGP层连接。
[edit] user@ToR12# set protocols bgp local-as 200 user@ToR12# set protocols bgp group MX11 type external user@ToR12# set protocols bgp group MX11 local-address 192.168.6.1 user@ToR12# set protocols bgp group MX11 export LO user@ToR12# set protocols bgp group MX11 export TEST user@ToR12# set protocols bgp group MX11 peer-as 400 user@ToR12# set protocols bgp group MX11 local-as 200 user@ToR12# set protocols bgp group MX11 neighbor 192.168.6.2 family inet unicast user@ToR12# set protocols bgp group MX12 type external user@ToR12# set protocols bgp group MX12 local-address 192.168.5.1 user@ToR12# set protocols bgp group MX12 export LO user@ToR12# set protocols bgp group MX12 export TEST user@ToR12# set protocols bgp group MX12 peer-as 500 user@ToR12# set protocols bgp group MX12 local-as 200 user@ToR12# set protocols bgp group MX12 neighbor 192.168.5.2 family inet unicast user@ToR12# set protocols bgp group ToR11 type external user@ToR12# set protocols bgp group ToR11 local-address 192.168.2.2 user@ToR12# set protocols bgp group ToR11 export LO user@ToR12# set protocols bgp group ToR11 export TEST user@ToR12# set protocols bgp group ToR11 peer-as 100 user@ToR12# set protocols bgp group ToR11 local-as 200 user@ToR12# set protocols bgp group ToR11 neighbor 192.168.2.1 family inet unicast
在 ToR(ToR12 和 ToR11)和网关路由器(MX11 和 MX12)之间配置多协议外部 BGP (MP-EBGP) 叠加,将 EVPN 设置为信号协议。
逐步过程
配置 MP-EBGP 叠加,以使用 EVPN 信令在 ToR12 和 MX11 之间连接。
[edit] user@ToR12# set protocols bgp group MX11-EVPN type external user@ToR12# set protocols bgp group MX11-EVPN multihop ttl 2 user@ToR12# set protocols bgp group MX11-EVPN multihop no-nexthop-change user@ToR12# set protocols bgp group MX11-EVPN local-address 192.0.2.12 user@ToR12# set protocols bgp group MX11-EVPN export TEST user@ToR12# set protocols bgp group MX11-EVPN peer-as 400 user@ToR12# set protocols bgp group MX11-EVPN local-as 200 user@ToR12# set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling
配置 MP-EBGP 叠加,以使用 EVPN 信令在 ToR12 和 MX12 之间连接。
[edit] user@ToR12# set protocols bgp group MX12-EVPN type external user@ToR12# set protocols bgp group MX12-EVPN multihop ttl 2 user@ToR12# set protocols bgp group MX12-EVPN multihop no-nexthop-change user@ToR12# set protocols bgp group MX12-EVPN local-address 192.0.2.12 user@ToR12# set protocols bgp group MX12-EVPN export TEST user@ToR12# set protocols bgp group MX12-EVPN peer-as 500 user@ToR12# set protocols bgp group MX12-EVPN local-as 200 user@ToR12# set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling
配置 MP-EBGP 叠加,以使用 EVPN 信令在 ToR12 和 ToR11 之间连接。
[edit] user@ToR12# set protocols bgp group ToR11-EVPN type external user@ToR12# set protocols bgp group ToR11-EVPN multihop ttl 2 user@ToR12# set protocols bgp group ToR11-EVPN multihop no-nexthop-change user@ToR12# set protocols bgp group ToR11-EVPN local-address 192.0.2.12 user@ToR12# set protocols bgp group ToR11-EVPN export TEST user@ToR12# set protocols bgp group ToR11-EVPN peer-as 100 user@ToR12# set protocols bgp group ToR11-EVPN local-as 200 user@ToR12# set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling user@ToR12# set protocols bgp group ToR12-EVPN export TEST
配置跟踪操作以跟踪所有 2 层地址学习和转发属性。
[edit] user@ToR12# set protocols l2-learning traceoptions file TOR12-L2ALD.log user@ToR12# set protocols l2-learning traceoptions file size 10m user@ToR12# set protocols l2-learning traceoptions level all user@ToR12# set protocols l2-learning traceoptions flag all
配置路由策略以接受直接环路地址路由,将其重定向至BGP。
[edit] user@ToR12# set policy-options policy-statement LO term 1 from protocol direct user@ToR12# set policy-options policy-statement LO term 1 from route-filter 192.0.2.12/32 exact user@ToR12# set policy-options policy-statement LO term 1 then accept
配置社区策略选项。
[edit] user@ToR12# set policy-options community NO-EXPORT members no-advertise user@ToR12# set policy-options community NO-EXPORT members no-export user@ToR12# set policy-options community NO-EXPORT members no-export-subconfed
应用负载平衡。
[edit] user@ToR12# set policy-options policy-statement TEST then community add NO-EXPORT user@ToR12# set policy-options policy-statement evpn-pplb from protocol evpn user@ToR12# set policy-options policy-statement evpn-pplb then load-balance per-packet
为每个虚拟网络配置 EVPN 路由实例。定义VTEP接口、路由识别器(用于识别和播发 EVPN 路由)和 vrf-target(使用定义的路由目标导出和标记该本地 VRF 的所有路由)。配置 EVPN 协议、封装方法、VNI 列表和 BUM 信息流转发方法。最后,为每个将 VNID 映射到 VLAN 识别的虚拟路由器配置桥接域,并识别 BUM 转发方法。
[edit] user@ToR12# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.82 user@ToR12# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@ToR12# set routing-instances EVPN-VXLAN-1 interface ge-1/0/7.0 user@ToR12# set routing-instances EVPN-VXLAN-1 interface ae0.0 user@ToR12# set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.12:1 user@ToR12# set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR12-EVPN-VXLAN-1.log user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
配置数据中心网关和 WAN 边缘 1 路由器 (MX11)
逐步过程
以下示例要求您在配置层次结构中导航各个级别。有关导航指南CLI,请参阅 CLI 用户指南 中的 在配置模式下CLI 编辑器 。
将 MX 系列路由器配置为数据中心网关和 WAN 边缘路由器,将其命名为 MX11:
设置系统主机名。
[edit] user@MX11# set system host-name MX11
配置 MX11 路由器 (DC GW/WAN Edge1) 上的接口,以启用与作为 DC1 网络的 EVPN-VXLAN 部分的 MX12、ToR11、ToR12 和 P 设备的下层连接。
[edit] user@MX11# set interfaces ge-5/1/0 unit 0 description "CONNECTED TO MX12" user@MX11# set interfaces ge-5/1/0 unit 0 family inet address 192.168.7.1/24 user@MX11# set interfaces ge-5/1/1 unit 0 description "CONNECTED TO ToR11" user@MX11# set interfaces ge-5/1/1 unit 0 family inet address 192.168.3.2/24 user@MX11# set interfaces ge-5/1/8 unit 0 description "CONNECTED TO ToR12" user@MX11# set interfaces ge-5/1/8 unit 0 family inet address 192.168.6.2/24 user@MX11# set interfaces ge-5/1/9 unit 0 description "CONNECTED TO P" user@MX11# set interfaces ge-5/1/9 unit 0 family inet address 203.0.1.1/24 user@MX11# set interfaces ge-5/1/9 unit 0 family mpls
在 BGP网关路由器(MX11 和 MX12)和 ToR(ToR11 和 ToR12)之间配置多协议外部路由 (MP-EBGP) 底层连接。
[edit] user@MX11# set protocols bgp group ToR11 type external user@MX11# set protocols bgp group ToR11 local-address 192.168.3.2 user@MX11# set protocols bgp group ToR11 import TEST user@MX11# set protocols bgp group ToR11 export TEST user@MX11# set protocols bgp group ToR11 export LO user@MX11# set protocols bgp group ToR11 peer-as 100 user@MX11# set protocols bgp group ToR11 local-as 400 user@MX11# set protocols bgp group ToR11 neighbor 192.168.3.1 family inet unicast user@MX11# set protocols bgp group ToR12 type external user@MX11# set protocols bgp group ToR12 local-address 192.168.6.2 user@MX11# set protocols bgp group ToR12 export TEST user@MX11# set protocols bgp group ToR12 export LO user@MX11# set protocols bgp group ToR12 peer-as 200 user@MX11# set protocols bgp group ToR12 local-as 400 user@MX11# set protocols bgp group ToR12 neighbor 192.168.6.1 family inet unicast user@MX11# set protocols bgp group MX12 type external user@MX11# set protocols bgp group MX12 local-address 192.168.7.1 user@MX11# set protocols bgp group MX12 export TEST user@MX11# set protocols bgp group MX12 export LO user@MX11# set protocols bgp group MX12 peer-as 500 user@MX11# set protocols bgp group MX12 local-as 400 user@MX11# set protocols bgp group MX12 neighbor 192.168.7.2 family inet unicast
在网关路由器(MX11 和 MX12)和 ToR(ToR11 和 ToR12)之间配置多协议外部 BGP (MP-EBGP) 叠加连接,将 EVPN 设置为信号协议。
[edit] user@MX11# set protocols bgp group ToR11-EVPN type external user@MX11# set protocols bgp group ToR11-EVPN multihop ttl 2 user@MX11# set protocols bgp group ToR11-EVPN multihop no-nexthop-change user@MX11# set protocols bgp group ToR11-EVPN local-address 192.0.2.21 user@MX11# set protocols bgp group ToR11-EVPN export TEST user@MX11# set protocols bgp group ToR11-EVPN peer-as 100 user@MX11# set protocols bgp group ToR11-EVPN local-as 400 user@MX11# set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling user@MX11# set protocols bgp group ToR12-EVPN type external user@MX11# set protocols bgp group ToR12-EVPN multihop ttl 2 user@MX11# set protocols bgp group ToR12-EVPN multihop no-nexthop-change user@MX11# set protocols bgp group ToR12-EVPN local-address 192.0.2.21 user@MX11# set protocols bgp group ToR12-EVPN export TEST user@MX11# set protocols bgp group ToR12-EVPN peer-as 200 user@MX11# set protocols bgp group ToR12-EVPN local-as 400 user@MX11# set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling user@MX11# set protocols bgp group MX12-EVPN type external user@MX11# set protocols bgp group MX12-EVPN multihop ttl 2 user@MX11# set protocols bgp group MX12-EVPN multihop no-nexthop-change user@MX11# set protocols bgp group MX12-EVPN local-address 192.0.2.21 user@MX11# set protocols bgp group MX12-EVPN export TEST user@MX11# set protocols bgp group MX12-EVPN peer-as 500 user@MX11# set protocols bgp group MX12-EVPN local-as 400 user@MX11# set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling
配置集成路由和桥接 (IRB) 接口,通告拓扑中主机的 MAC 和 IP 路由(MAC+IP 类型 2 类路由)。IRB 配置是主机上的 VRB 的网关。
逐步过程
以下是主机(VLAN-1 的主机部分)上的 VLAN-1 的 IRB 网关配置:
[edit] user@MX11# set interfaces irb unit 1 proxy-macip-advertisement user@MX11# set interfaces irb unit 1 virtual-gateway-esi 00:11:aa:aa:aa:aa:aa:aa:aa:aa user@MX11# set interfaces irb unit 1 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 1 family inet address 10.11.1.12/24 virtual-gateway-address 10.11.1.10
以下是主机(VLAN-2 的主机部分)上的 VLAN-2 的 IRB 网关配置:
[edit] user@MX11# set interfaces irb unit 2 proxy-macip-advertisement user@MX11# set interfaces irb unit 2 virtual-gateway-esi 00:11:bb:bb:bb:bb:bb:bb:bb:bb user@MX11# set interfaces irb unit 2 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 2 family inet address 10.12.1.12/24 virtual-gateway-address 10.12.1.10
以下是主机(VLAN-3 的主机部分)上的 VLAN-3 的 IRB 网关配置:
[edit] user@MX11# set interfaces irb unit 3 proxy-macip-advertisement user@MX11# set interfaces irb unit 3 virtual-gateway-esi 00:11:cc:cc:cc:cc:cc:cc:cc:cc user@MX11# set interfaces irb unit 3 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 3 family inet address 10.13.1.12/24 virtual-gateway-address 10.13.1.10
以下是主机(VLAN-4 的主机部分)上的 VLAN-4 的 IRB 网关配置:
[edit] user@MX11# set interfaces irb unit 4 proxy-macip-advertisement user@MX11# set interfaces irb unit 4 virtual-gateway-esi 00:11:dd:dd:dd:dd:dd:dd:dd:dd user@MX11# set interfaces irb unit 4 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 4 family inet address 10.14.1.12/24 virtual-gateway-address 10.14.1.10
以下是主机(VLAN-5 的主机部分)上的 VLAN-5 的 IRB 网关配置:
[edit] user@MX11# set interfaces irb unit 5 proxy-macip-advertisement user@MX11# set interfaces irb unit 5 virtual-gateway-esi 00:11:ee:ee:ee:ee:ee:ee:ee:ee user@MX11# set interfaces irb unit 5 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 5 family inet address 10.15.1.12/24 virtual-gateway-address 10.15.1.10
配置跟踪操作以跟踪所有 2 层地址学习和转发属性。
[edit] user@MX11# set protocols l2-learning traceoptions file MX11-L2ALD.log user@MX11# set protocols l2-learning traceoptions file size 10m user@MX11# set protocols l2-learning traceoptions level all user@MX11# set protocols l2-learning traceoptions flag all
配置路由策略以接受直接环路地址路由,将其重定向至BGP。
[edit] user@MX11# set policy-options policy-statement LO term 1 from protocol direct user@MX11# set policy-options policy-statement LO term 1 from route-filter 192.0.2.21/32 exact user@MX11# set policy-options policy-statement LO term 1 then accept user@MX11# set policy-options policy-statement LO from protocol direct user@MX11# set policy-options policy-statement LO from route-filter 192.0.2.21/32 exact user@MX11# set policy-options policy-statement LO then accept
配置社区策略选项。
[edit] user@MX11# set policy-options community NO-EXPORT members no-advertise user@MX11# set policy-options community NO-EXPORT members no-export user@MX11# set policy-options community NO-EXPORT members no-export-subconfed
应用负载平衡。
[edit] user@MX11# set policy-options policy-statement TEST then community add NO-EXPORT user@MX11# set policy-options policy-statement evpn-pplb from protocol evpn user@MX11# set policy-options policy-statement evpn-pplb then load-balance per-packet
在逻辑隧道接口上配置 ESI 值。在 DC1 网络的其他所有网关/WAN 边缘路由器上使用相同的 ESI 值。
[edit] user@MX11# set interfaces lt-5/1/0 esi 00:22:22:22:22:22:22:22:22:22
通过包含 all-active 语句,在逻辑隧道接口上配置主动-主动多主机。
[edit] user@MX11# set interfaces lt-5/1/0 esi all-active
在 MX11 网关路由器上配置一对逻辑隧道 (lt-) 接口,以将数据中心网络的 EVPN-VXLAN 实例与 WAN 基于 MPLS 的 EVPN 实例互连。一个逻辑隧道 (lt-) 接口配置为 EVPN-VXLAN 的访问接口,另一个逻辑隧道 (lt-) 接口配置为基于 MPLS EVPN 的访问接口。
[edit] user@MX11# set interfaces lt-5/1/0 unit 0 peer-unit 1 user@MX11# set interfaces lt-5/1/0 unit 0 family bridge interface-mode trunk user@MX11# set interfaces lt-5/1/0 unit 0 family bridge vlan-id-list 1-5 user@MX11# set interfaces lt-5/1/0 unit 1 peer-unit 0 user@MX11# set interfaces lt-5/1/0 unit 1 family bridge interface-mode trunk user@MX11# set interfaces lt-5/1/0 unit 1 family bridge vlan-id-list 1-5
配置环路接口地址和路由选项。
[edit] user@MX11# set interfaces lo0 unit 84 family inet address 192.0.2.21/32 user@MX11# set interfaces lo0 unit 84 family mpls user@MX11# set routing-options router-id 192.0.2.21 user@MX11# set routing-options autonomous-system 300
在 MX11 上配置负载平衡。
[edit] user@MX11# set routing-options forwarding-table export evpn-pplb
在核心接口MPLS RSVP、BGP、OSPF协议。创建MPLS LSP 并指定其他网关和 WAN 边缘路由器(MX12、P、MX21、MX22)的地址。
[edit] user@MX11# set protocols rsvp interface all user@MX11# set protocols rsvp interface fxp0.0 disable user@MX11# set protocols mpls label-switched-path MX11-TO-MX12 to 192.0.2.22 user@MX11# set protocols mpls label-switched-path MX11-TO-P to 203.0.113.1 user@MX11# set protocols mpls label-switched-path MX11-TO-MX21 to 198.51.100.21 user@MX11# set protocols mpls label-switched-path MX11-TO-MX22 to 198.51.100.22 user@MX11# set protocols mpls interface all user@MX11# set protocols mpls interface fxp0.0 disable user@MX11# set protocols bgp local-address 192.0.2.21 user@MX11# set protocols bgp local-as 300 user@MX11# set protocols bgp group INT type internal user@MX11# set protocols bgp group INT local-address 192.0.2.21 user@MX11# set protocols bgp group INT family evpn signaling user@MX11# set protocols bgp group INT export TEST user@MX11# set protocols bgp group INT neighbor 203.0.113.1 user@MX11# set protocols ospf traffic-engineering user@MX11# set protocols ospf area 0.0.0.0 interface ge-5/1/9.0 user@MX11# set protocols ospf area 0.0.0.0 interface lo0.84 passive
为每个虚拟网络在 MX11 MPLS上配置基于 EVPN 的路由实例。定义路由识别器(用于识别和播发 EVPN-MPLS 路由)和 vrf 目标(使用定义的路由目标导出和标记该本地 VRF 的所有路由)。为映射 VLAN ID 的每个虚拟路由器配置桥接域。
[edit] user@MX11# set routing-instances EVPN-MPLS-1 instance-type virtual-switch user@MX11# set routing-instances EVPN-MPLS-1 interface lt-5/1/0.0 user@MX11# set routing-instances EVPN-MPLS-1 route-distinguisher 192.0.2.21:100 user@MX11# set routing-instances EVPN-MPLS-1 vrf-target target:1:2 user@MX11# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX11-EVPN-MPLS-1.log user@MX11# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m user@MX11# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all user@MX11# set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 user@MX11# set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5
为每个虚拟网络在 MX11 路由器上VXLAN EVPN-VXLAN路由实例。定义VTEP接口、路由识别器(用于识别和播发 EVPN 路由)和 vrf-target(使用定义的路由目标导出和标记该本地 VRF 的所有路由)。配置 EVPN 协议、封装方法、VNI 列表和 BUM 信息流转发方法。最后,为每个将 VNID 映射到 VLAN 识别的虚拟路由器配置桥接域,并识别 BUM 转发方法。
[edit] user@MX11# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.84 user@MX11# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@MX11# set routing-instances EVPN-VXLAN-1 interface lt-5/1/0.1 user@MX11# set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.21:1 user@MX11# set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX11-EVPN-VXLAN-1.log user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 user@MX11# set routing-instances VRF instance-type vrf user@MX11# set routing-instances VRF interface irb.1 user@MX11# set routing-instances VRF interface irb.2 user@MX11# set routing-instances VRF interface irb.3 user@MX11# set routing-instances VRF interface irb.4 user@MX11# set routing-instances VRF interface irb.5 user@MX11# set routing-instances VRF route-distinguisher 1:1 user@MX11# set routing-instances VRF vrf-target target:10:10
配置数据中心网关和 WAN 边缘 2 路由器 (MX12)
逐步过程
以下示例要求您在配置层次结构中导航各个级别。有关导航指南CLI,请参阅 CLI 用户指南 中的 在配置模式下CLI 编辑器 。
将 MX 系列路由器配置为数据中心网关和 WAN 边缘路由器,并命名为 MX12:
设置系统主机名。
[edit] user@MX12# set system host-name MX12
将 P 设备配置为 MX12 数据中心网关和 WAN 边缘路由器的逻辑系统。
逐步过程
将 P 设备配置为在增强型 ip 模式下运行,因为只有 MPC 和 MIC 接口的路由器才支持 EVPN 主动-主动功能。提交此配置时,需要重新启动系统。
[edit chassis] user@P# set network-services enhanced-ip
配置 P 设备的接口。
[edit] user@P# set interfaces ge-1/0/4 unit 0 description "CONNECTED TO ToR12" user@P# set interfaces ge-1/0/4 unit 0 family inet address 192.168.5.2/24 user@P# set interfaces ge-1/0/5 unit 0 description "CONNECTED TO TOR11" user@P# set interfaces ge-1/0/5 unit 0 family inet address 192.168.4.2/24 user@P# set interfaces ge-1/0/6 unit 0 description "CONNECTED TO P" user@P# set interfaces ge-1/0/6 unit 0 family inet address 203.0.2.1/24 user@P# set interfaces ge-1/0/6 unit 0 family mpls user@P# set interfaces ge-1/1/0 unit 0 description "CONNECTED TO MX11" user@P# set interfaces ge-1/1/0 unit 0 family inet address 192.168.7.2/24
在 P 设备MPLS BGP上启用 RSVP、BGP、路由和OSPF协议。创建MPLS LSP 并指定其他网关和 WAN 边缘路由器(MX11、MX12、MX21、MX22)的地址。
[edit] user@P# set logical-systems P protocols rsvp interface all user@P# set logical-systems P protocols mpls label-switched-path P-TO-MX11 from 203.0.113.1 user@P# set logical-systems P protocols mpls label-switched-path P-TO-MX11 to 192.0.2.21 user@P# set logical-systems P protocols mpls label-switched-path P-TO-MX12 to 192.0.2.22 user@P# set logical-systems P protocols mpls label-switched-path P-TO-MX21 to 198.51.100.21 user@P# set logical-systems P protocols mpls label-switched-path P-TO-MX22 to 198.51.100.22 user@P# set logical-systems P protocols mpls interface all user@P# set logical-systems P protocols bgp local-address 203.0.113.1 user@P# set logical-systems P protocols bgp local-as 300 user@P# set logical-systems P protocols bgp group INT type internal user@P# set logical-systems P protocols bgp group INT import BLOCK-VXLAN-ROUTES-FROM-CORE user@P# set logical-systems P protocols bgp group INT family evpn signaling user@P# set logical-systems P protocols bgp group INT cluster 203.0.113.1 user@P# set logical-systems P protocols bgp group INT neighbor 192.0.2.21 user@P# set logical-systems P protocols bgp group INT neighbor 192.0.2.22 user@P# set logical-systems P protocols bgp group INT neighbor 198.51.100.21 user@P# set logical-systems P protocols bgp group INT neighbor 198.51.100.22 user@P# set logical-systems P protocols ospf traffic-engineering user@P# set logical-systems P protocols ospf area 0.0.0.0 interface all user@P# set logical-systems P protocols ospf area 0.0.0.0 interface lo0.86
配置环路接口地址和路由选项。
[edit] user@P# set logical-systems P interfaces lo0 unit 86 family inet address 203.0.113.1/32 user@P# set logical-systems P interfaces lo0 unit 86 family mpls user@P# set logical-systems P routing-options router-id 203.0.113.1 user@P# set logical-systems P routing-options autonomous-system 300
配置路由策略以接受直接环路地址路由,将其重定向至BGP。
[edit] user@P# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 from protocol bgp user@P# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 from community RT-CORE user@P# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 then accept user@P# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 from protocol bgp user@P# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 from community RT-DC1 user@P# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 then reject user@P# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 from protocol bgp user@P# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 from community RT-DC2 user@P# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 then reject
配置社区策略选项。
[edit] user@P# set logical-systems P policy-options community RT-CORE members target:1:2 user@P# set logical-systems P policy-options community RT-DC1 members target:1:1 user@P# set logical-systems P policy-options community RT-DC2 members target:1:3
为接口配置追踪选项以启用追踪日志。
[edit] user@P# set interfaces traceoptions file R3-DCD.log user@P# set interfaces traceoptions file size 10m user@P# set interfaces traceoptions flag all
配置 MX12 路由器(DC GW/WAN 边缘 2)上的接口,以启用与作为 DC1 网络的 EVPN-VXLAN 部分的 MX11、ToR12、ToR11 和 P 设备的下层连接。
[edit] user@MX12# set interfaces ge-1/0/4 unit 0 description "CONNECTED TO ToR12" user@MX12# set interfaces ge-1/0/4 unit 0 family inet address 192.168.5.2/24 user@MX12# set interfaces ge-1/0/5 unit 0 description "CONNECTED TO TOR11" user@MX12# set interfaces ge-1/0/5 unit 0 family inet address 192.168.4.2/24 user@MX12# set interfaces ge-1/0/6 unit 0 description "CONNECTED TO P" user@MX12# set interfaces ge-1/0/6 unit 0 family inet address 203.0.2.1/24 user@MX12# set interfaces ge-1/0/6 unit 0 family mpls user@MX12# set interfaces ge-1/1/0 unit 0 description "CONNECTED TO MX11" user@MX12# set interfaces ge-1/1/0 unit 0 family inet address 192.168.7.2/24
在 BGP网关路由器(MX11 和 MX12)和 ToR(ToR11 和 ToR12)之间配置多协议外部路由 (MP-EBGP) 底层连接。
[edit] user@MX12# set protocols bgp group ToR11 type external user@MX12# set protocols bgp group ToR11 local-address 192.168.4.2 user@MX12# set protocols bgp group ToR11 export TEST user@MX12# set protocols bgp group ToR11 export LO user@MX12# set protocols bgp group ToR11 peer-as 100 user@MX12# set protocols bgp group ToR11 local-as 500 user@MX12# set protocols bgp group ToR11 neighbor 192.168.4.1 family inet unicast user@MX12# set protocols bgp group ToR12 type external user@MX12# set protocols bgp group ToR12 local-address 192.168.5.2 user@MX12# set protocols bgp group ToR12 export TEST user@MX12# set protocols bgp group ToR12 export LO user@MX12# set protocols bgp group ToR12 peer-as 200 user@MX12# set protocols bgp group ToR12 local-as 500 user@MX12# set protocols bgp group ToR12 neighbor 192.168.5.1 family inet unicast user@MX12# set protocols bgp group MX11 type external user@MX12# set protocols bgp group MX11 local-address 192.168.7.2 user@MX12# set protocols bgp group MX11 export TEST user@MX12# set protocols bgp group MX11 export LO user@MX12# set protocols bgp group MX11 peer-as 400 user@MX12# set protocols bgp group MX11 local-as 500 user@MX12# set protocols bgp group MX11 neighbor 192.168.7.1 family inet unicast
在网关路由器(MX11 和 MX12)和 ToR(ToR11 和 ToR12)之间配置多协议外部 BGP (MP-EBGP) 叠加连接,将 EVPN 设置为信号协议。
[edit] user@MX12# set protocols bgp group ToR11-EVPN type external user@MX12# set protocols bgp group ToR11-EVPN multihop ttl 2 user@MX12# set protocols bgp group ToR11-EVPN multihop no-nexthop-change user@MX12# set protocols bgp group ToR11-EVPN local-address 192.0.2.22 user@MX12# set protocols bgp group ToR11-EVPN export TEST user@MX12# set protocols bgp group ToR11-EVPN peer-as 100 user@MX12# set protocols bgp group ToR11-EVPN local-as 500 user@MX12# set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling user@MX12# set protocols bgp group ToR12-EVPN type external user@MX12# set protocols bgp group ToR12-EVPN multihop ttl 2 user@MX12# set protocols bgp group ToR12-EVPN multihop no-nexthop-change user@MX12# set protocols bgp group ToR12-EVPN local-address 192.0.2.22 user@MX12# set protocols bgp group ToR12-EVPN export TEST user@MX12# set protocols bgp group ToR12-EVPN peer-as 200 user@MX12# set protocols bgp group ToR12-EVPN local-as 500 user@MX12# set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling user@MX12# set protocols bgp group MX11-EVPN type external user@MX12# set protocols bgp group MX11-EVPN multihop ttl 2 user@MX12# set protocols bgp group MX11-EVPN multihop no-nexthop-change user@MX12# set protocols bgp group MX11-EVPN local-address 192.0.2.22 user@MX12# set protocols bgp group MX11-EVPN export TEST user@MX12# set protocols bgp group MX11-EVPN peer-as 400 user@MX12# set protocols bgp group MX11-EVPN local-as 500 user@MX12# set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling user@MX12# set protocols bgp group MX12-EVPN export TEST
配置集成路由和桥接 (IRB) 接口,通告拓扑中主机的 MAC 和 IP 路由(MAC+IP 类型 2 类路由)。IRB 配置是主机上的 VRB 的网关。
逐步过程
以下是主机(VLAN-1 的主机部分)上的 VLAN-1 的 IRB 网关配置:
[edit] user@MX12# set interfaces irb unit 1 proxy-macip-advertisement user@MX12# set interfaces irb unit 1 virtual-gateway-esi 00:11:aa:aa:aa:aa:aa:aa:aa:aa user@MX12# set interfaces irb unit 1 virtual-gateway-esi all-active user@MX12# set interfaces irb unit 1 family inet address 10.11.1.13/24 virtual-gateway-address 10.11.1.10
以下是主机(VLAN-2 的主机部分)上的 VLAN-2 的 IRB 网关配置:
[edit] user@MX12# set interfaces irb unit 2 proxy-macip-advertisement user@MX12# set interfaces irb unit 2 virtual-gateway-esi 00:11:bb:bb:bb:bb:bb:bb:bb:bb user@MX12# set interfaces irb unit 2 virtual-gateway-esi all-active user@MX12# set interfaces irb unit 2 family inet address 10.12.1.13/24 virtual-gateway-address 10.12.1.10
以下是主机(VLAN-3 的主机部分)上的 VLAN-3 的 IRB 网关配置:
[edit] user@MX12# set interfaces irb unit 3 proxy-macip-advertisement user@MX12# set interfaces irb unit 3 virtual-gateway-esi 00:11:cc:cc:cc:cc:cc:cc:cc:cc user@MX12# set interfaces irb unit 3 virtual-gateway-esi all-active user@MX12# set interfaces irb unit 3 family inet address 10.13.1.13/24 virtual-gateway-address 10.13.1.10
以下是主机(VLAN-4 的主机部分)上的 VLAN-4 的 IRB 网关配置:
[edit] user@MX12# set interfaces irb unit 4 proxy-macip-advertisement user@MX12# set interfaces irb unit 4 virtual-gateway-esi 00:11:dd:dd:dd:dd:dd:dd:dd:dd user@MX12# set interfaces irb unit 4 virtual-gateway-esi all-active user@MX12# set interfaces irb unit 4 family inet address 10.14.1.13/24 virtual-gateway-address 10.14.1.10
以下是主机(VLAN-5 的主机部分)上的 VLAN-5 的 IRB 网关配置:
[edit] user@MX12# set interfaces irb unit 5 proxy-macip-advertisement user@MX12# set interfaces irb unit 5 virtual-gateway-esi 00:11:ee:ee:ee:ee:ee:ee:ee:ee user@MX12# set interfaces irb unit 5 virtual-gateway-esi all-active user@MX12# set interfaces irb unit 5 family inet address 10.15.1.13/24 virtual-gateway-address 10.15.1.10
配置跟踪操作以跟踪所有 2 层地址学习和转发属性。
[edit] user@MX12# set protocols l2-learning traceoptions file MX12-L2ALD.log user@MX12# set protocols l2-learning traceoptions file size 10m user@MX12# set protocols l2-learning traceoptions level all user@MX12# set protocols l2-learning traceoptions flag all
配置路由策略以接受直接环路地址路由,将其重定向至BGP。
[edit] user@MX12# set policy-options policy-statement LO from protocol direct user@MX12# set policy-options policy-statement LO from route-filter 192.0.2.22/32 exact user@MX12# set policy-options policy-statement LO then accept user@MX12# set policy-options policy-statement LO term 1 from protocol direct user@MX12# set policy-options policy-statement LO term 1 from route-filter 192.0.2.22/32 exact user@MX12# set policy-options policy-statement LO term 1 then accept user@MX12# set policy-options policy-statement TEST from protocol bgp user@MX12# set policy-options policy-statement TEST from protocol evpn
配置社区策略选项。
[edit] user@MX12# set policy-options community NO-EXPORT members no-advertise user@MX12# set policy-options community NO-EXPORT members no-export user@MX12# set policy-options community NO-EXPORT members no-export-subconfed
应用负载平衡。
[edit] user@MX12# set policy-options policy-statement TEST then community add NO-EXPORT user@MX12# set policy-options policy-statement evpn-pplb from protocol evpn user@MX12# set policy-options policy-statement evpn-pplb then load-balance per-packet
在逻辑隧道接口上配置 ESI 值。在 DC1 网络的其他所有网关/WAN 边缘路由器上使用相同的 ESI 值。
[edit] user@MX12# set interfaces lt-1/0/0 esi 00:22:22:22:22:22:22:22:22:22
通过包含 all-active 语句,在逻辑隧道接口上配置主动-主动多主机。
[edit] user@MX12# set interfaces lt-1/0/0 esi all-active
在 MX12 网关路由器上配置一对逻辑隧道 (lt-) 接口,以将数据中心网络的 EVPN-VXLAN 实例与 WAN 基于 MPLS 的 EVPN 实例互连。一个逻辑隧道 (lt-) 接口配置为 EVPN-VXLAN 的访问接口,另一个逻辑隧道 (lt-) 接口配置为基于 MPLS EVPN 的访问接口。
[edit] user@MX12# set interfaces lt-1/0/0 unit 0 peer-unit 1 user@MX12# set interfaces lt-1/0/0 unit 0 family bridge interface-mode trunk user@MX12# set interfaces lt-1/0/0 unit 0 family bridge vlan-id-list 1-5 user@MX12# set interfaces lt-1/0/0 unit 1 peer-unit 0 user@MX12# set interfaces lt-1/0/0 unit 1 family bridge interface-mode trunk user@MX12# set interfaces lt-1/0/0 unit 1 family bridge vlan-id-list 1-5
配置环路接口地址和路由选项。
[edit] user@MX12# set interfaces lo0 unit 85 family inet address 192.0.2.22/32 user@MX12# set interfaces lo0 unit 85 family mpls user@MX12# set routing-options router-id 192.0.2.22 user@MX12# set routing-options autonomous-system 300
在 MX12 上配置负载平衡。
[edit] user@MX12# set routing-options forwarding-table export evpn-pplb
在核心接口MPLS RSVP、BGP、OSPF协议。创建MPLS LSP 并指定其他网关和 WAN 边缘路由器(MX11、MX21、P、MX22)的地址。
[edit] user@MX12# set protocols rsvp interface all user@MX12# set protocols rsvp interface fxp0.0 disable user@MX12# set protocols mpls label-switched-path MX12-TO-MX11 to 192.0.2.21 user@MX12# set protocols mpls label-switched-path MX12-TO-P to 203.0.113.1 user@MX12# set protocols mpls label-switched-path MX12-TO-MX21 to 198.51.100.21 user@MX12# set protocols mpls label-switched-path MX12-TO-MX22 to 198.51.100.22 user@MX12# set protocols mpls interface all user@MX12# set protocols mpls interface fxp0.0 disable user@MX12# set protocols bgp local-address 192.0.2.22 user@MX12# set protocols bgp local-as 300 user@MX12# set protocols bgp group INT type internal user@MX12# set protocols bgp group INT family evpn signaling user@MX12# set protocols bgp group INT export TEST user@MX12# set protocols bgp group INT neighbor 203.0.113.1 user@MX12# set protocols ospf traffic-engineering user@MX12# set protocols ospf area 0.0.0.0 interface ge-1/0/6.0 user@MX12# set protocols ospf area 0.0.0.0 interface lo0.85 passive
为每个虚拟网络在 MX12 MPLS上配置基于 EVPN 的路由实例。定义路由识别器(用于识别和播发 EVPN-MPLS 路由)和 vrf 目标(使用定义的路由目标导出和标记该本地 VRF 的所有路由)。为映射 VLAN ID 的每个虚拟路由器配置桥接域。
[edit] user@MX12# set routing-instances EVPN-MPLS-1 instance-type virtual-switch user@MX12# set routing-instances EVPN-MPLS-1 interface lt-1/0/0.0 user@MX12# set routing-instances EVPN-MPLS-1 route-distinguisher 192.0.2.22:100 user@MX12# set routing-instances EVPN-MPLS-1 vrf-target target:1:2 user@MX12# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX12-EVPN-MPLS-1.log user@MX12# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m user@MX12# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all user@MX12# set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 user@MX12# set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5
为每个虚拟网络在 MX12 VXLAN上配置 EVPN-VXLAN 路由实例。定义VTEP接口、路由识别器(用于识别和播发 EVPN 路由)和 vrf-target(使用定义的路由目标导出和标记该本地 VRF 的所有路由)。配置 EVPN 协议、封装方法、VNI 列表和 BUM 信息流转发方法。最后,为每个将 VNID 映射到 VLAN 识别的虚拟路由器配置桥接域,并识别 BUM 转发方法。
[edit] user@MX12# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.85 user@MX12# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@MX12# set routing-instances EVPN-VXLAN-1 interface lt-1/0/0.1 user@MX12# set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.22:1 user@MX12# set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 user@MX12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX12-EVPN-VXLAN-1.log user@MX12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@MX12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@MX12# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@MX12# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-4 user@MX12# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 5 user@MX12# set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 user@MX12# set routing-instances VRF instance-type vrf user@MX12# set routing-instances VRF interface irb.1 user@MX12# set routing-instances VRF interface irb.2 user@MX12# set routing-instances VRF interface irb.3 user@MX12# set routing-instances VRF interface irb.4 user@MX12# set routing-instances VRF interface irb.5 user@MX12# set routing-instances VRF route-distinguisher 1:1 user@MX12# set routing-instances VRF vrf-target target:10:10
配置数据中心网关和 WAN 边缘 3 路由器 (MX21)
逐步过程
以下示例要求您在配置层次结构中导航各个级别。有关导航指南CLI,请参阅 CLI 用户指南 中的 在配置模式下CLI 编辑器 。
将 MX 系列路由器配置为数据中心网关和 WAN 边缘路由器,将其命名为 MX21:
设置系统主机名。
[edit] user@MX21# set system host-name MX21
配置 MX21 路由器(DC GW/WAN 边缘 3)上的接口,以启用与作为 DC2 网络的 EVPN-VXLAN 一部分的 MX22、ToR22、ToR21 和 P 设备的下层连接。
[edit] user@MX21# set interfaces ge-3/0/0 unit 0 description "CONNECTED TO MX22" user@MX21# set interfaces ge-3/0/0 unit 0 family inet address 192.168.13.1/24 user@MX21# set interfaces ge-3/1/0 unit 0 description "CONNECTED TO ToR22" user@MX21# set interfaces ge-3/1/0 unit 0 family inet address 192.168.8.1/24 user@MX21# set interfaces ge-5/0/0 unit 0 description "CONNECTED TO P" user@MX21# set interfaces ge-5/0/0 unit 0 family inet address 203.0.4.1/24 user@MX21# set interfaces ge-5/0/0 unit 0 family mpls user@MX21# set interfaces ge-5/0/1 unit 0 description "CONNECTED TO ToR21" user@MX21# set interfaces ge-5/0/1 unit 0 family inet address 192.168.9.1/24
在网关路由器(MX21 和 MX22)和 ToR(ToR21 和 ToR22)之间配置多协议外部 BGP (MP-EBGP) 底层连接。
[edit] user@MX21# set protocols bgp group ToR21 type external user@MX21# set protocols bgp group ToR21 local-address 192.168.9.1 user@MX21# set protocols bgp group ToR21 export TEST user@MX21# set protocols bgp group ToR21 export LO user@MX21# set protocols bgp group ToR21 peer-as 600 user@MX21# set protocols bgp group ToR21 local-as 800 user@MX21# set protocols bgp group ToR21 neighbor 192.168.9.2 family inet unicast user@MX21# set protocols bgp group ToR22 type external user@MX21# set protocols bgp group ToR22 local-address 192.168.8.1 user@MX21# set protocols bgp group ToR22 export TEST user@MX21# set protocols bgp group ToR22 export LO user@MX21# set protocols bgp group ToR22 peer-as 700 user@MX21# set protocols bgp group ToR22 local-as 800 user@MX21# set protocols bgp group ToR22 neighbor 192.168.8.2 family inet unicast user@MX21# set protocols bgp group MX22 type external user@MX21# set protocols bgp group MX22 local-address 192.168.13.1 user@MX21# set protocols bgp group MX22 export TEST user@MX21# set protocols bgp group MX22 export LO user@MX21# set protocols bgp group MX22 peer-as 900 user@MX21# set protocols bgp group MX22 local-as 800 user@MX21# set protocols bgp group MX22 neighbor 10.115.15.2 family inet unicast
在网关路由器(MX21 和 MX22)和 ToR(ToR21 和 ToR22)之间配置多协议外部 BGP (MP-EBGP) 叠加连接,将 EVPN 设置为信号协议。
[edit] user@MX21# set protocols bgp group ToR21-EVPN type external user@MX21# set protocols bgp group ToR21-EVPN multihop ttl 2 user@MX21# set protocols bgp group ToR21-EVPN multihop no-nexthop-change user@MX21# set protocols bgp group ToR21-EVPN local-address 198.51.100.21 user@MX21# set protocols bgp group ToR21-EVPN peer-as 600 user@MX21# set protocols bgp group ToR21-EVPN local-as 800 user@MX21# set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling user@MX21# set protocols bgp group ToR22-EVPN type external user@MX21# set protocols bgp group ToR22-EVPN multihop ttl 2 user@MX21# set protocols bgp group ToR22-EVPN multihop no-nexthop-change user@MX21# set protocols bgp group ToR22-EVPN local-address 198.51.100.21 user@MX21# set protocols bgp group ToR22-EVPN peer-as 700 user@MX21# set protocols bgp group ToR22-EVPN local-as 800 user@MX21# set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling user@MX21# set protocols bgp group MX22-EVPN type external user@MX21# set protocols bgp group MX22-EVPN multihop ttl 2 user@MX21# set protocols bgp group MX22-EVPN multihop no-nexthop-change user@MX21# set protocols bgp group MX22-EVPN local-address 198.51.100.21 user@MX21# set protocols bgp group MX22-EVPN peer-as 900 user@MX21# set protocols bgp group MX22-EVPN local-as 800 user@MX21# set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling
配置集成路由和桥接 (IRB) 接口,通告拓扑中主机的 MAC 和 IP 路由(MAC+IP 类型 2 类路由)。IRB 配置是主机上的 VRB 的网关。
逐步过程
以下是主机(VLAN-1 的主机部分)上的 VLAN-1 的 IRB 网关配置:
[edit] user@MX21# set interfaces irb unit 1 proxy-macip-advertisement user@MX21# set interfaces irb unit 1 virtual-gateway-esi 00:22:aa:aa:aa:aa:aa:aa:aa:aa user@MX21# set interfaces irb unit 1 virtual-gateway-esi all-active user@MX21# set interfaces irb unit 1 family inet address 10.11.1.14/24 virtual-gateway-address 10.11.1.11
以下是主机(VLAN-2 的主机部分)上的 VLAN-2 的 IRB 网关配置:
[edit] user@MX21# set interfaces irb unit 2 proxy-macip-advertisement user@MX21# set interfaces irb unit 2 virtual-gateway-esi 00:22:bb:bb:bb:bb:bb:bb:bb:bb user@MX21# set interfaces irb unit 2 virtual-gateway-esi all-active user@MX21# set interfaces irb unit 2 family inet address 10.12.1.14/24 virtual-gateway-address 10.12.1.11
以下是主机(VLAN-3 的主机部分)上的 VLAN-3 的 IRB 网关配置:
[edit] user@MX21# set interfaces irb unit 3 proxy-macip-advertisement user@MX21# set interfaces irb unit 3 virtual-gateway-esi 00:22:cc:cc:cc:cc:cc:cc:cc:cc user@MX21# set interfaces irb unit 3 virtual-gateway-esi all-active user@MX21# set interfaces irb unit 3 family inet address 10.13.1.14/24 virtual-gateway-address 10.13.1.11
以下是主机(VLAN-4 的主机部分)上的 VLAN-4 的 IRB 网关配置:
[edit] user@MX21# set interfaces irb unit 4 proxy-macip-advertisement user@MX21# set interfaces irb unit 4 virtual-gateway-esi 00:22:dd:dd:dd:dd:dd:dd:dd:dd user@MX21# set interfaces irb unit 4 virtual-gateway-esi all-active user@MX21# set interfaces irb unit 4 family inet address 10.14.1.14/24 virtual-gateway-address 10.14.1.11
以下是主机(VLAN-5 的主机部分)上的 VLAN-5 的 IRB 网关配置:
[edit] user@MX21# set interfaces irb unit 5 proxy-macip-advertisement user@MX21# set interfaces irb unit 5 virtual-gateway-esi 00:22:ee:ee:ee:ee:ee:ee:ee:ee user@MX21# set interfaces irb unit 5 virtual-gateway-esi all-active user@MX21# set interfaces irb unit 5 family inet address 10.15.1.14/24 virtual-gateway-address 10.15.1.11
配置跟踪操作以跟踪所有 2 层地址学习和转发属性。
[edit] user@MX21# set protocols l2-learning traceoptions file MX21-L2ALD.log user@MX21# set protocols l2-learning traceoptions file size 10m user@MX21# set protocols l2-learning traceoptions level all user@MX21# set protocols l2-learning traceoptions flag all
配置路由策略以接受直接环路地址路由,将其重定向至BGP。
[edit] user@MX21# set policy-options policy-statement LO from protocol direct user@MX21# set policy-options policy-statement LO from route-filter 198.51.100.21/32 exact user@MX21# set policy-options policy-statement LO then accept user@MX21# set policy-options policy-statement TEST1 term 1 from protocol bgp user@MX21# set policy-options policy-statement TEST1 term 1 from external user@MX21# set policy-options policy-statement TEST1 term 1 then reject
配置社区策略选项。
[edit] user@MX21# set policy-options community NO-EXPORT members no-advertise user@MX21# set policy-options community NO-EXPORT members no-export user@MX21# set policy-options community NO-EXPORT members no-export-subconfed
应用负载平衡。
[edit] user@MX21# set policy-options policy-statement TEST then community add NO-EXPORT user@MX21# set policy-options policy-statement evpn-pplb from protocol evpn user@MX21# set policy-options policy-statement evpn-pplb then load-balance per-packet
在逻辑隧道接口上配置 ESI 值。在 DC2 网络的其他所有网关/WAN 边缘路由器上使用相同的 ESI 值。
[edit] user@MX21# set interfaces lt-5/0/0 esi 00:33:33:33:33:33:33:33:33:33
通过包含 all-active 语句,在逻辑隧道接口上配置主动-主动多主机。
[edit] user@MX21# set interfaces lt-5/0/0 esi all-active
在 MX21 网关路由器上配置一对逻辑隧道 (lt-) 接口,以将数据中心网络的 EVPN-VXLAN 实例与 WAN 基于 MPLS 的 EVPN 实例互连。一个逻辑隧道 (lt-) 接口配置为 EVPN-VXLAN 的访问接口,另一个逻辑隧道 (lt-) 接口配置为基于 MPLS EVPN 的访问接口。
[edit] user@MX21# set interfaces lt-5/0/0 unit 0 peer-unit 1 user@MX21# set interfaces lt-5/0/0 unit 0 family bridge interface-mode trunk user@MX21# set interfaces lt-5/0/0 unit 0 family bridge vlan-id-list 1-5 user@MX21# set interfaces lt-5/0/0 unit 1 peer-unit 0 user@MX21# set interfaces lt-5/0/0 unit 1 family bridge interface-mode trunk user@MX21# set interfaces lt-5/0/0 unit 1 family bridge vlan-id-list 1-5
配置环路接口地址和路由选项。
[edit] user@MX21# set interfaces lo0 unit 87 family inet address 198.51.100.21/32 user@MX21# set interfaces lo0 unit 87 family mpls user@MX21# set routing-options router-id 198.51.100.21 user@MX21# set routing-options autonomous-system 300
在 MX21 上配置负载平衡。
[edit] user@MX21# set routing-options forwarding-table export evpn-pplb
在核心接口MPLS RSVP、BGP、OSPF协议。创建MPLS LSP 并指定其他网关和 WAN 边缘路由器(MX11、MX12、P、MX22)的地址。
[edit] user@MX21# set protocols rsvp interface all user@MX21# set protocols rsvp interface fxp0.0 disable user@MX21# set protocols mpls label-switched-path MX21-TO-MX11 to 192.0.2.21 user@MX21# set protocols mpls label-switched-path MX21-TO-MX12 to 192.0.2.22 user@MX21# set protocols mpls label-switched-path MX21-TO-P to 203.0.113.1 user@MX21# set protocols mpls label-switched-path MX21-TO-MX22 to 198.51.100.22 user@MX21# set protocols mpls interface all user@MX21# set protocols mpls interface fxp0.0 disable user@MX21# set protocols bgp local-address 198.51.100.21 user@MX21# set protocols bgp export TEST user@MX21# set protocols bgp local-as 300 user@MX21# set protocols bgp group INT type internal user@MX21# set protocols bgp group INT local-address 198.51.100.21 user@MX21# set protocols bgp group INT family evpn signaling user@MX21# set protocols bgp group INT export TEST1 user@MX21# set protocols bgp group INT neighbor 203.0.113.1 user@MX21# set protocols ospf traffic-engineering user@MX21# set protocols ospf area 0.0.0.0 interface ge-5/0/0.0 user@MX21# set protocols ospf area 0.0.0.0 interface lo0.87 passive
为每个虚拟网络在 MX21 MPLS上配置基于 EVPN 的路由实例。定义路由识别器(用于识别和播发 EVPN-MPLS 路由)和 vrf 目标(使用定义的路由目标导出和标记该本地 VRF 的所有路由)。为映射 VLAN ID 的每个虚拟路由器配置桥接域。
[edit] user@MX21# set routing-instances EVPN-MPLS-1 instance-type virtual-switch user@MX21# set routing-instances EVPN-MPLS-1 interface lt-5/0/0.0 user@MX21# set routing-instances EVPN-MPLS-1 route-distinguisher 198.51.100.21:100 user@MX21# set routing-instances EVPN-MPLS-1 vrf-target target:1:2 user@MX21# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX21-EVPN-MPLS-1.log user@MX21# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m user@MX21# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all user@MX21# set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 user@MX21# set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5
为每个虚拟网络在 MX21 路由器上VXLAN EVPN-VXLAN路由实例。定义VTEP接口、路由识别器(用于识别和播发 EVPN 路由)和 vrf-target(使用定义的路由目标导出和标记该本地 VRF 的所有路由)。配置 EVPN 协议、封装方法、VNI 列表和 BUM 信息流转发方法。最后,为每个将 VNID 映射到 VLAN 识别的虚拟路由器配置桥接域,并识别 BUM 转发方法。
[edit] user@MX21# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.87 user@MX21# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@MX21# set routing-instances EVPN-VXLAN-1 interface lt-5/0/0.1 user@MX21# set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.21:1 user@MX21# set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 user@MX21# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX21-EVPN-VXLAN-1.log user@MX21# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@MX21# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@MX21# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@MX21# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@MX21# set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 user@MX21# set routing-instances VRF instance-type vrf user@MX21# set routing-instances VRF interface irb.1 user@MX21# set routing-instances VRF interface irb.2 user@MX21# set routing-instances VRF interface irb.3 user@MX21# set routing-instances VRF interface irb.4 user@MX21# set routing-instances VRF interface irb.5 user@MX21# set routing-instances VRF route-distinguisher 1:1 user@MX21# set routing-instances VRF vrf-target target:10:10
配置数据中心网关和 WAN 边缘 4 路由器 (MX22)
逐步过程
以下示例要求您在配置层次结构中导航各个级别。有关导航指南CLI,请参阅 CLI 用户指南 中的 在配置模式下CLI 编辑器 。
将 MX 系列路由器配置为数据中心网关和 WAN 边缘路由器,将其命名为 MX22:
设置系统主机名。
[edit] user@MX22# set system host-name MX22
配置 MX22 路由器(DC GW/WAN 边缘 4)上的接口,以启用与作为 DC2 网络的 EVPN-VXLAN 一部分的 MX22、ToR21、MX21 和 P 设备的下层连接。
[edit] user@MX22# set interfaces xe-0/0/0 unit 0 description "CONNECTED TO ToR22" user@MX22# set interfaces xe-0/0/0 unit 0 family inet address 192.168.11.1/24 user@MX22# set interfaces xe-0/0/1 unit 0 description "CONNECTED TO ToR21" user@MX22# set interfaces xe-0/0/1 unit 0 family inet address 192.168.10.1/24 user@MX22# set interfaces ge-1/0/0 unit 0 description "CONNECTED TO MX21" user@MX22# set interfaces ge-1/0/0 unit 0 family inet address 10.115.15.2/24 user@MX22# set interfaces ge-1/0/2 unit 0 description "CONNECTED TO P" user@MX22# set interfaces ge-1/0/2 unit 0 family inet address 203.0.3.1/24 user@MX22# set interfaces ge-1/0/2 unit 0 family mpls
在网关路由器(MX21 和 MX22)和 ToR(ToR21 和 ToR22)之间配置多协议外部 BGP (MP-EBGP) 底层连接。
[edit] user@MX22# set protocols bgp group ToR21 type external user@MX22# set protocols bgp group ToR21 local-address 192.168.10.1 user@MX22# set protocols bgp group ToR21 export TEST user@MX22# set protocols bgp group ToR21 export LO user@MX22# set protocols bgp group ToR21 peer-as 600 user@MX22# set protocols bgp group ToR21 local-as 900 user@MX22# set protocols bgp group ToR21 neighbor 10.102.2.1 family inet unicast user@MX22# set protocols bgp group ToR22 type external user@MX22# set protocols bgp group ToR22 local-address 192.168.11.1 user@MX22# set protocols bgp group ToR22 export TEST user@MX22# set protocols bgp group ToR22 export LO user@MX22# set protocols bgp group ToR22 peer-as 700 user@MX22# set protocols bgp group ToR22 local-as 900 user@MX22# set protocols bgp group ToR22 neighbor 192.168.11.2 family inet unicast user@MX22# set protocols bgp group MX21 type external user@MX22# set protocols bgp group MX21 local-address 10.115.15.2 user@MX22# set protocols bgp group MX21 export TEST user@MX22# set protocols bgp group MX21 export LO user@MX22# set protocols bgp group MX21 peer-as 800 user@MX22# set protocols bgp group MX21 local-as 900 user@MX22# set protocols bgp group MX21 neighbor 192.168.13.1 family inet unicast
在网关路由器(MX21 和 MX22)和 ToR(ToR21 和 ToR22)之间配置多协议外部 BGP (MP-EBGP) 叠加连接,将 EVPN 设置为信号协议。
[edit] user@MX22# set protocols bgp group ToR21-EVPN type external user@MX22# set protocols bgp group ToR21-EVPN multihop ttl 2 user@MX22# set protocols bgp group ToR21-EVPN multihop no-nexthop-change user@MX22# set protocols bgp group ToR21-EVPN local-address 198.51.100.22 user@MX22# set protocols bgp group ToR21-EVPN peer-as 600 user@MX22# set protocols bgp group ToR21-EVPN local-as 900 user@MX22# set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling user@MX22# set protocols bgp group ToR22-EVPN type external user@MX22# set protocols bgp group ToR22-EVPN multihop ttl 2 user@MX22# set protocols bgp group ToR22-EVPN multihop no-nexthop-change user@MX22# set protocols bgp group ToR22-EVPN local-address 198.51.100.22 user@MX22# set protocols bgp group ToR22-EVPN peer-as 700 user@MX22# set protocols bgp group ToR22-EVPN local-as 900 user@MX22# set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling user@MX22# set protocols bgp group MX21-EVPN type external user@MX22# set protocols bgp group MX21-EVPN multihop ttl 2 user@MX22# set protocols bgp group MX21-EVPN multihop no-nexthop-change user@MX22# set protocols bgp group MX21-EVPN local-address 198.51.100.22 user@MX22# set protocols bgp group MX21-EVPN peer-as 800 user@MX22# set protocols bgp group MX21-EVPN local-as 900 user@MX22# set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling
配置集成路由和桥接 (IRB) 接口,通告拓扑中主机的 MAC 和 IP 路由(MAC+IP 类型 2 类路由)。IRB 配置是主机上的 VRB 的网关。
逐步过程
以下是主机(VLAN-1 的主机部分)上的 VLAN-1 的 IRB 网关配置:
[edit] user@MX22# set interfaces irb unit 1 proxy-macip-advertisement user@MX22# set interfaces irb unit 1 virtual-gateway-esi 00:22:aa:aa:aa:aa:aa:aa:aa:aa user@MX22# set interfaces irb unit 1 virtual-gateway-esi all-active user@MX22# set interfaces irb unit 1 family inet address 10.11.1.15/24 virtual-gateway-address 10.11.1.11
以下是主机(VLAN-2 的主机部分)上的 VLAN-2 的 IRB 网关配置:
[edit] user@MX22# set interfaces irb unit 2 proxy-macip-advertisement user@MX22# set interfaces irb unit 2 virtual-gateway-esi 00:22:bb:bb:bb:bb:bb:bb:bb:bb user@MX22# set interfaces irb unit 2 virtual-gateway-esi all-active user@MX22# set interfaces irb unit 2 family inet address 10.12.1.15/24 virtual-gateway-address 10.12.1.11
以下是主机(VLAN-3 的主机部分)上的 VLAN-3 的 IRB 网关配置:
[edit] user@MX22# set interfaces irb unit 3 proxy-macip-advertisement user@MX22# set interfaces irb unit 3 virtual-gateway-esi 00:22:cc:cc:cc:cc:cc:cc:cc:cc user@MX22# set interfaces irb unit 3 virtual-gateway-esi all-active user@MX22# set interfaces irb unit 3 family inet address 10.13.1.15/24 virtual-gateway-address 10.13.1.11
以下是主机(VLAN-4 的主机部分)上的 VLAN-4 的 IRB 网关配置:
[edit] user@MX22# set interfaces irb unit 4 proxy-macip-advertisement user@MX22# set interfaces irb unit 4 virtual-gateway-esi 00:22:dd:dd:dd:dd:dd:dd:dd:dd user@MX22# set interfaces irb unit 4 virtual-gateway-esi all-active user@MX22# set interfaces irb unit 4 family inet address 10.14.1.15/24 virtual-gateway-address 10.14.1.11
以下是主机(VLAN-5 的主机部分)上的 VLAN-5 的 IRB 网关配置:
[edit] user@MX22# set interfaces irb unit 5 proxy-macip-advertisement user@MX22# set interfaces irb unit 5 virtual-gateway-esi 00:22:ee:ee:ee:ee:ee:ee:ee:ee user@MX22# set interfaces irb unit 5 virtual-gateway-esi all-active user@MX22# set interfaces irb unit 5 family inet address 10.15.1.15/24 virtual-gateway-address 10.15.1.11
配置跟踪操作以跟踪所有 2 层地址学习和转发属性。
[edit] user@MX22# set protocols l2-learning traceoptions file MX22-L2ALD.log user@MX22# set protocols l2-learning traceoptions file size 10m user@MX22# set protocols l2-learning traceoptions level all user@MX22# set protocols l2-learning traceoptions flag all
配置路由策略以接受直接环路地址路由,将其重定向至BGP。
[edit] user@MX22# set policy-options policy-statement LO from protocol direct user@MX22# set policy-options policy-statement LO from route-filter 198.51.100.22/32 exact user@MX22# set policy-options policy-statement LO then accept user@MX22# set policy-options policy-statement TEST1 term 1 from protocol bgp user@MX22# set policy-options policy-statement TEST1 term 1 from external user@MX22# set policy-options policy-statement TEST1 term 1 then reject
配置社区策略选项。
[edit] user@MX22# set policy-options community NO-EXPORT members no-advertise user@MX22# set policy-options community NO-EXPORT members no-export user@MX22# set policy-options community NO-EXPORT members no-export-subconfed
应用负载平衡。
[edit] user@MX22# set policy-options policy-statement TEST then community add NO-EXPORT user@MX22# set policy-options policy-statement evpn-pplb from protocol evpn user@MX22# set policy-options policy-statement evpn-pplb then load-balance per-packet
在逻辑隧道接口上配置 ESI 值。在 DC2 网络的其他所有网关/WAN 边缘路由器上使用相同的 ESI 值。
[edit] user@MX22# set interfaces lt-1/0/0 esi 00:33:33:33:33:33:33:33:33:33
通过包含 all-active 语句,在逻辑隧道接口上配置主动-主动多主机。
[edit] user@MX22# set interfaces lt-1/0/0 esi all-active
在 MX22 网关路由器上配置一对逻辑隧道 (lt-) 接口,以将数据中心网络的 EVPN-VXLAN 实例与基于 MPLS 的 WAN EVPN 实例互连。一个逻辑隧道 (lt-) 接口配置为 EVPN-VXLAN 的访问接口,另一个逻辑隧道 (lt-) 接口配置为基于 MPLS EVPN 的访问接口。
[edit] user@MX22# set interfaces lt-1/0/0 unit 0 peer-unit 1 user@MX22# set interfaces lt-1/0/0 unit 0 family bridge interface-mode trunk user@MX22# set interfaces lt-1/0/0 unit 0 family bridge vlan-id-list 1-5 user@MX22# set interfaces lt-1/0/0 unit 1 peer-unit 0 user@MX22# set interfaces lt-1/0/0 unit 1 family bridge interface-mode trunk user@MX22# set interfaces lt-1/0/0 unit 1 family bridge vlan-id-list 1-5
配置环路接口地址和路由选项。
[edit] user@MX22# set interfaces lo0 unit 88 family inet address 198.51.100.22/32 user@MX22# set routing-options router-id 198.51.100.22 user@MX22# set routing-options autonomous-system 300
在 MX22 上配置负载平衡。
[edit] user@MX22# set routing-options forwarding-table export evpn-pplb
在核心接口MPLS RSVP、BGP、OSPF协议。创建MPLS LSP 并指定其他网关和 WAN 边缘路由器(MX11、MX12、P、MX21)的地址。
[edit] user@MX22# set protocols rsvp interface all user@MX22# set protocols rsvp interface fxp0.0 disable user@MX22# set protocols mpls label-switched-path MX22-TO-MX11 to 192.0.2.21 user@MX22# set protocols mpls label-switched-path MX22-TO-MX12 to 192.0.2.22 user@MX22# set protocols mpls label-switched-path MX22-TO-P to 203.0.113.1 user@MX22# set protocols mpls label-switched-path MX22-TO-MX21 to 198.51.100.21 user@MX22# set protocols mpls interface all user@MX22# set protocols mpls interface fxp0.0 disable user@MX22# set protocols bgp local-address 198.51.100.22 user@MX22# set protocols bgp export TEST user@MX22# set protocols bgp local-as 300 user@MX22# set protocols bgp group INT type internal user@MX22# set protocols bgp group INT family evpn signaling user@MX22# set protocols bgp group INT export TEST1 user@MX22# set protocols bgp group INT neighbor 203.0.113.1 user@MX22# set protocols ospf traffic-engineering user@MX22# set protocols ospf area 0.0.0.0 interface ge-1/0/2.0 user@MX22# set protocols ospf area 0.0.0.0 interface lo0.88 passive
为每个虚拟网络在 MX22 MPLS上配置基于 EVPN 的路由实例。定义路由识别器(用于识别和播发 EVPN-MPLS 路由)和 vrf 目标(使用定义的路由目标导出和标记该本地 VRF 的所有路由)。为映射 VLAN ID 的每个虚拟路由器配置桥接域。
[edit] user@MX22# set routing-instances EVPN-MPLS-1 instance-type virtual-switch user@MX22# set routing-instances EVPN-MPLS-1 interface lt-1/0/0.0 user@MX22# set routing-instances EVPN-MPLS-1 route-distinguisher 198.51.100.22:100 user@MX22# set routing-instances EVPN-MPLS-1 vrf-target target:1:2 user@MX22# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX22-EVPN-MPLS-1.log user@MX22# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m user@MX22# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all user@MX22# set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 user@MX22# set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5
为每个虚拟网络VXLAN MX22 路由器上配置 EVPN-VXLAN路由实例。定义VTEP接口、路由识别器(用于识别和播发 EVPN 路由)和 vrf-target(使用定义的路由目标导出和标记该本地 VRF 的所有路由)。配置 EVPN 协议、封装方法、VNI 列表和 BUM 信息流转发方法。最后,为每个将 VNID 映射到 VLAN 识别的虚拟路由器配置桥接域,并识别 BUM 转发方法。
[edit] user@MX22# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.88 user@MX22# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@MX22# set routing-instances EVPN-VXLAN-1 interface lt-1/0/0.1 user@MX22# set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.22:1 user@MX22# set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 user@MX22# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX22-EVPN-VXLAN-1.log user@MX22# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@MX22# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@MX22# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@MX22# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@MX22# set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 user@MX22# set routing-instances VRF instance-type vrf user@MX22# set routing-instances VRF interface irb.1 user@MX22# set routing-instances VRF interface irb.2 user@MX22# set routing-instances VRF interface irb.3 user@MX22# set routing-instances VRF interface irb.4 user@MX22# set routing-instances VRF interface irb.5 user@MX22# set routing-instances VRF route-distinguisher 1:1 user@MX22# set routing-instances VRF vrf-target target:10:10
配置 ToR21
逐步过程
以下示例要求您在配置层次结构中导航各个级别。有关导航指南CLI,请参阅 CLI 用户指南 中的 在配置模式下CLI 编辑器 。
将 MX 路由器配置为 ToR21:
设置系统主机名。
[edit] user@ToR21# set system host-name ToR21
配置 CE4 设备的接口和桥接域,以启用第 2 层连接。
[edit] user@ce4# set logical-systems CE-4 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 4" user@ce4# set logical-systems CE-4 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk user@ce4# set logical-systems CE-4 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 user@ce4# set logical-systems CE-4 interfaces ge-1/1/6 unit 0 description "CONNECTED TO ToR21" user@ce4# set logical-systems CE-4 interfaces ge-1/1/6 unit 0 family bridge interface-mode trunk user@ce4# set logical-systems CE-4 interfaces ge-1/1/6 unit 0 family bridge vlan-id-list 1-5 user@ce4# set logical-systems CE-4 bridge-domains BD-1 domain-type bridge user@ce4# set logical-systems CE-4 bridge-domains BD-1 vlan-id 1 user@ce4# set logical-systems CE-4 bridge-domains BD-2 domain-type bridge user@ce4# set logical-systems CE-4 bridge-domains BD-2 vlan-id 2 user@ce4# set logical-systems CE-4 bridge-domains BD-3 domain-type bridge user@ce4# set logical-systems CE-4 bridge-domains BD-3 vlan-id 3 user@ce4# set logical-systems CE-4 bridge-domains BD-4 domain-type bridge user@ce4# set logical-systems CE-4 bridge-domains BD-4 vlan-id 4 user@ce4# set logical-systems CE-4 bridge-domains BD-5 domain-type bridge user@ce4# set logical-systems CE-4 bridge-domains BD-5 vlan-id 5
为接口配置追踪选项以启用追踪日志。
[edit] user@ce4# set interfaces traceoptions file R6-DCD.log user@ce4# set interfaces traceoptions file size 10m user@ce4# set interfaces traceoptions flag all
设置聚合以太网接口的数量。
[edit] user@ToR21# set chassis aggregated-devices ethernet device-count 1
配置 ToR21 设备的接口,以连接到 MX22、客户边缘-5、客户边缘-4、ToR22 和 MX21 设备,以启用底层连接。
[edit] user@ToR21# set interfaces xe-0/0/0 unit 0 description "CONNECTED TO MX22" user@ToR21# set interfaces xe-0/0/0 unit 0 family inet address 192.168.10.2/24 user@ToR21# set interfaces ge-1/0/0 description "CONNECTED TO CE-5" user@ToR21# set interfaces ge-1/0/0 gigether-options 802.3ad ae0 user@ToR21# set interfaces ge-1/0/1 unit 0 description "CONNECTED TO MX21" user@ToR21# set interfaces ge-1/0/1 unit 0 family inet address 192.168.101.1/24 user@ToR21# set interfaces ge-1/0/6 unit 0 description "CONNECTED TO CE-4" user@ToR21# set interfaces ge-1/0/6 unit 0 family bridge interface-mode trunk user@ToR21# set interfaces ge-1/0/6 unit 0 family bridge vlan-id-list 1-5 user@ToR21# set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR22" user@ToR21# set interfaces ge-1/1/3 unit 0 family inet address 192.168.12.1/24
针对 客户边缘-5 终端主机设备配置支持链路聚合控制协议 (LACP) 的链路聚合组 (LAG) 接口。ESI 值在整个 EVPN 域中具有全球唯一性。全活动配置使 ToR21 和 ToR22 能够将信息流转发至客户边缘设备,从而主动客户边缘所有链路。
[edit] user@ToR21# set interfaces ae0 esi 00:44:44:44:44:44:44:44:44:44 user@ToR21# set interfaces ae0 esi all-active user@ToR21# set interfaces ae0 aggregated-ether-options lacp active user@ToR21# set interfaces ae0 aggregated-ether-options lacp periodic fast user@ToR21# set interfaces ae0 aggregated-ether-options lacp system-id 22:22:22:22:22:22 user@ToR21# set interfaces ae0 unit 0 family bridge interface-mode trunk user@ToR21# set interfaces ae0 unit 0 family bridge vlan-id-list 1-5
配置环路接口地址和路由选项。
[edit] user@ToR21# set interfaces lo0 unit 90 family inet address 198.51.100.11/32 user@ToR21# set routing-options router-id 198.51.100.11 user@ToR21# set routing-options autonomous-system 600
在 ToR21 上配置负载平衡。
[edit] user@ToR21# set routing-options forwarding-table export evpn-pplb
在 ToR(ToR21 和 ToR22)和网关路由器(MX21 和 MX22)之间配置多协议外部 BGP (MP-EBGP) 底层连接。
[edit] user@ToR21# set protocols bgp export TEST user@ToR21# set protocols bgp local-as 600 user@ToR21# set protocols bgp group MX21 type external user@ToR21# set protocols bgp group MX21 local-address 192.168.9.2 user@ToR21# set protocols bgp group MX21 export LO user@ToR21# set protocols bgp group MX21 export TEST user@ToR21# set protocols bgp group MX21 peer-as 800 user@ToR21# set protocols bgp group MX21 local-as 600 user@ToR21# set protocols bgp group MX21 neighbor 192.168.9.1 family inet unicast user@ToR21# set protocols bgp group MX22 type external user@ToR21# set protocols bgp group MX22 local-address 10.102.2.1 user@ToR21# set protocols bgp group MX22 export LO user@ToR21# set protocols bgp group MX22 export TEST user@ToR21# set protocols bgp group MX22 peer-as 900 user@ToR21# set protocols bgp group MX22 local-as 600 user@ToR21# set protocols bgp group MX22 neighbor 192.168.10.1 family inet unicast user@ToR21# set protocols bgp group ToR22 type external user@ToR21# set protocols bgp group ToR22 local-address 10.105.5.1 user@ToR21# set protocols bgp group ToR22 export LO user@ToR21# set protocols bgp group ToR22 export TEST user@ToR21# set protocols bgp group ToR22 peer-as 700 user@ToR21# set protocols bgp group ToR22 local-as 600 user@ToR21# set protocols bgp group ToR22 neighbor 192.168.12.2 family inet unicast
在 ToR(ToR21 和 ToR22)和网关路由器(MX21 和 MX22)之间配置多协议外部 BGP (MP-EBGP) 叠加,将 EVPN 设置为信号协议。
逐步过程
配置 MP-EBGP 叠加,以使用 EVPN 信令在 ToR21 和 MX21 之间连接。
[edit] user@ToR21# set protocols bgp group MX21-EVPN type external user@ToR21# set protocols bgp group MX21-EVPN multihop ttl 2 user@ToR21# set protocols bgp group MX21-EVPN multihop no-nexthop-change user@ToR21# set protocols bgp group MX21-EVPN local-address 198.51.100.11 user@ToR21# set protocols bgp group MX21-EVPN peer-as 800 user@ToR21# set protocols bgp group MX21-EVPN local-as 600 user@ToR21# set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling
配置 MP-EBGP 叠加,以使用 EVPN 信令在 ToR21 和 MX22 之间连接。
[edit] user@ToR21# set protocols bgp group MX22-EVPN type external user@ToR21# set protocols bgp group MX22-EVPN multihop ttl 2 user@ToR21# set protocols bgp group MX22-EVPN multihop no-nexthop-change user@ToR21# set protocols bgp group MX22-EVPN local-address 198.51.100.11 user@ToR21# set protocols bgp group MX22-EVPN peer-as 900 user@ToR21# set protocols bgp group MX22-EVPN local-as 600 user@ToR21# set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling
配置 MP-EBGP 叠加,以使用 EVPN 信令在 ToR21 和 ToR22 之间连接。
[edit] user@ToR21# set protocols bgp group ToR22-EVPN type external user@ToR21# set protocols bgp group ToR22-EVPN multihop ttl 2 user@ToR21# set protocols bgp group ToR22-EVPN multihop no-nexthop-change user@ToR21# set protocols bgp group ToR22-EVPN local-address 198.51.100.11 user@ToR21# set protocols bgp group ToR22-EVPN peer-as 700 user@ToR21# set protocols bgp group ToR22-EVPN local-as 600 user@ToR21# set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling
配置跟踪操作以跟踪所有 2 层地址学习和转发属性。
[edit] user@ToR21# set protocols l2-learning traceoptions file TOR21-L2ALD.log user@ToR21# set protocols l2-learning traceoptions file size 10m user@ToR21# set protocols l2-learning traceoptions level all user@ToR21# set protocols l2-learning traceoptions flag all
配置路由策略以接受直接环路地址路由,将其重定向至BGP。
[edit] user@ToR21# set policy-options policy-statement LO term 1 from protocol direct user@ToR21# set policy-options policy-statement LO term 1 from route-filter 198.51.100.11/32 exact user@ToR21# set policy-options policy-statement LO term 1 then accept
配置社区策略选项。
[edit] user@ToR21# set policy-options community NO-EXPORT members no-advertise user@ToR21# set policy-options community NO-EXPORT members no-export user@ToR21# set policy-options community NO-EXPORT members no-export-subconfed
应用负载平衡。
[edit] user@ToR21# set policy-options policy-statement TEST then community add NO-EXPORT user@ToR21# set policy-options policy-statement evpn-pplb from protocol evpn user@ToR21# set policy-options policy-statement evpn-pplb then load-balance per-packet
为每个虚拟网络配置 EVPN 路由实例。定义VTEP接口、路由识别器(用于识别和播发 EVPN 路由)和 vrf-target(使用定义的路由目标导出和标记该本地 VRF 的所有路由)。配置 EVPN 协议、封装方法、VNI 列表和 BUM 信息流转发方法。最后,为每个将 VNID 映射到 VLAN 识别的虚拟路由器配置桥接域,并识别 BUM 转发方法。
[edit] user@ToR21# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.90 user@ToR21# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@ToR21# set routing-instances EVPN-VXLAN-1 interface ge-1/0/6.0 user@ToR21# set routing-instances EVPN-VXLAN-1 interface ae0.0 user@ToR21# set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.11:1 user@ToR21# set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 user@ToR21# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR21-EVPN-VXLAN-1.log user@ToR21# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@ToR21# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@ToR21# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@ToR21# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
配置 ToR22
逐步过程
以下示例要求您在配置层次结构中导航各个级别。有关导航指南CLI,请参阅 CLI 用户指南 中的 在配置模式下CLI 编辑器 。
配置 MX 路由器 ToR22:
设置系统主机名。
[edit] user@ToR22# set system host-name ToR22
配置 客户边缘-5 设备上接口和桥接域,以启用第 2 层连接。
[edit] user@ce5# set logical-systems CE-5 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 5" user@ce5# set logical-systems CE-5 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk user@ce5# set logical-systems CE-5 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 user@ce5# set logical-systems CE-5 interfaces ae1 unit 0 description "CONNECTED TO ToR21" user@ce5# set logical-systems CE-5 interfaces ae1 unit 0 family bridge interface-mode trunk user@ce5# set logical-systems CE-5 interfaces ae1 unit 0 family bridge vlan-id-list 1-5 user@ce5# set logical-systems CE-5 bridge-domains BD-1 domain-type bridge user@ce5# set logical-systems CE-5 bridge-domains BD-1 vlan-id 1 user@ce5# set logical-systems CE-5 bridge-domains BD-2 domain-type bridge user@ce5# set logical-systems CE-5 bridge-domains BD-2 vlan-id 2 user@ce5# set logical-systems CE-5 bridge-domains BD-3 domain-type bridge user@ce5# set logical-systems CE-5 bridge-domains BD-3 vlan-id 3 user@ce5# set logical-systems CE-5 bridge-domains BD-4 domain-type bridge user@ce5# set logical-systems CE-5 bridge-domains BD-4 vlan-id 4 user@ce5# set logical-systems CE-5 bridge-domains BD-5 domain-type bridge user@ce5# set logical-systems CE-5 bridge-domains BD-5 vlan-id 5
配置 客户边缘-3 设备上接口和桥接域,以启用第 2 层连接。
[edit] user@ce3# set logical-systems CE-3 interfaces ge-1/1/7 unit 0 description "CONNECTED TO ToR12" user@ce3# set logical-systems CE-3 interfaces ge-1/1/7 unit 0 family bridge interface-mode trunk user@ce3# set logical-systems CE-3 interfaces ge-1/1/7 unit 0 family bridge vlan-id-list 1-5 user@ce3# set logical-systems CE-3 interfaces ge-1/1/9 unit 0 description "CONNECTED TO Host 3" user@ce3# set logical-systems CE-3 interfaces ge-1/1/9 unit 0 family bridge interface-mode trunk user@ce3# set logical-systems CE-3 interfaces ge-1/1/9 unit 0 family bridge vlan-id-list 1-5 user@ce3# set logical-systems CE-3 bridge-domains BD-1 domain-type bridge user@ce3# set logical-systems CE-3 bridge-domains BD-1 vlan-id 1 user@ce3# set logical-systems CE-3 bridge-domains BD-2 domain-type bridge user@ce3# set logical-systems CE-3 bridge-domains BD-2 vlan-id 2 user@ce3# set logical-systems CE-3 bridge-domains BD-3 domain-type bridge user@ce3# set logical-systems CE-3 bridge-domains BD-3 vlan-id 3 user@ce3# set logical-systems CE-3 bridge-domains BD-4 domain-type bridge user@ce3# set logical-systems CE-3 bridge-domains BD-4 vlan-id 4 user@ce3# set logical-systems CE-3 bridge-domains BD-5 domain-type bridge user@ce3# set logical-systems CE-3 bridge-domains BD-5 vlan-id 5
为接口配置追踪选项以启用追踪日志。
[edit] user@ce3# set interfaces traceoptions file R1-DCD.log user@ce3# set interfaces traceoptions file size 10m user@ce3# set interfaces traceoptions flag all
设置聚合以太网接口的数量。
[edit] user@ToR12# set chassis aggregated-devices ethernet device-count 2
配置 ToR12 设备的接口,以连接到 MX12、客户边缘-2、客户边缘-3、ToR11 和 MX11 设备,以启用底层连接。
[edit] user@ToR12# set interfaces ge-1/0/0 unit 0 description "CONNECTED TO MX11" user@ToR12# set interfaces ge-1/0/0 unit 0 family inet address 192.168.6.1/24 user@ToR12# set interfaces ge-1/0/4 unit 0 description "CONNECTED TO MX12" user@ToR12# set interfaces ge-1/0/4 unit 0 family inet address 192.168.5.1/24 user@ToR12# set interfaces ge-1/0/6 description "CONNECTED TO CE-1" user@ToR12# set interfaces ge-1/0/6 gigether-options 802.3ad ae0 user@ToR12# set interfaces ge-1/0/7 unit 0 description "CONNECTED TO CE-3" user@ToR12# set interfaces ge-1/0/7 unit 0 family bridge interface-mode trunk user@ToR12# set interfaces ge-1/0/7 unit 0 family bridge vlan-id-list 1-5 user@ToR12# set interfaces ge-1/1/0 description "CONNECTED TO ToR11" user@ToR12# set interfaces ge-1/1/0 gigether-options 802.3ad ae1 user@ToR12# set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR11" user@ToR12# set interfaces ge-1/1/3 unit 0 family inet address 192.168.2.2/24 user@ToR12# set interfaces ge-1/1/6 description "CONNECTED TO ToR12" user@ToR12# set interfaces ge-1/1/6 gigether-options 802.3ad ae1
针对第 1 层终端主机设备配置支持链路聚合控制协议 (LACP) 的链路聚合组 (LAG) 客户边缘。ESI 值在整个 EVPN 域中具有全球唯一性。全活动配置支持 ToR11 和 ToR12 将信息流转发至客户边缘设备,从而主动客户边缘所有链路。
[edit] user@ToR12# set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 user@ToR12# set interfaces ae0 esi all-active user@ToR12# set interfaces ae0 aggregated-ether-options lacp system-id 11:11:11:11:11:11 user@ToR12# set interfaces ae0 unit 0 family bridge interface-mode trunk user@ToR12# set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 user@ToR12# set interfaces ae1 aggregated-ether-options lacp active user@ToR12# set interfaces ae1 aggregated-ether-options lacp periodic fast
配置环路接口地址和路由选项。
[edit] user@ToR12# set interfaces lo0 unit 82 family inet address 192.0.2.12/32 user@ToR12# set routing-options router-id 192.0.2.12 user@ToR12# set routing-options autonomous-system 200
在 ToR12 上配置负载平衡。
[edit] user@ToR12# set routing-options forwarding-table export evpn-pplb
在 ToR(ToR12 和 ToR11)和网关路由器(MX11 和 MX12)之间配置多协议外部路由 (MP-EBGP) BGP层连接。
[edit] user@ToR12# set protocols bgp local-as 200 user@ToR12# set protocols bgp group MX11 type external user@ToR12# set protocols bgp group MX11 local-address 192.168.6.1 user@ToR12# set protocols bgp group MX11 export LO user@ToR12# set protocols bgp group MX11 export TEST user@ToR12# set protocols bgp group MX11 peer-as 400 user@ToR12# set protocols bgp group MX11 local-as 200 user@ToR12# set protocols bgp group MX11 neighbor 192.168.6.2 family inet unicast user@ToR12# set protocols bgp group MX12 type external user@ToR12# set protocols bgp group MX12 local-address 192.168.5.1 user@ToR12# set protocols bgp group MX12 export LO user@ToR12# set protocols bgp group MX12 export TEST user@ToR12# set protocols bgp group MX12 peer-as 500 user@ToR12# set protocols bgp group MX12 local-as 200 user@ToR12# set protocols bgp group MX12 neighbor 192.168.5.2 family inet unicast user@ToR12# set protocols bgp group ToR11 type external user@ToR12# set protocols bgp group ToR11 local-address 192.168.2.2 user@ToR12# set protocols bgp group ToR11 export LO user@ToR12# set protocols bgp group ToR11 export TEST user@ToR12# set protocols bgp group ToR11 peer-as 100 user@ToR12# set protocols bgp group ToR11 local-as 200 user@ToR12# set protocols bgp group ToR11 neighbor 192.168.2.1 family inet unicast
在 ToR(ToR12 和 ToR11)和网关路由器(MX11 和 MX12)之间配置多协议外部 BGP (MP-EBGP) 叠加,将 EVPN 设置为信号协议。
逐步过程
配置 MP-EBGP 叠加,以使用 EVPN 信令在 ToR12 和 MX11 之间连接。
[edit] user@ToR12# set protocols bgp group MX11-EVPN type external user@ToR12# set protocols bgp group MX11-EVPN multihop ttl 2 user@ToR12# set protocols bgp group MX11-EVPN multihop no-nexthop-change user@ToR12# set protocols bgp group MX11-EVPN local-address 192.0.2.12 user@ToR12# set protocols bgp group MX11-EVPN export TEST user@ToR12# set protocols bgp group MX11-EVPN peer-as 400 user@ToR12# set protocols bgp group MX11-EVPN local-as 200 user@ToR12# set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling
配置 MP-EBGP 叠加,以使用 EVPN 信令在 ToR12 和 MX12 之间连接。
[edit] user@ToR12# set protocols bgp group MX12-EVPN type external user@ToR12# set protocols bgp group MX12-EVPN multihop ttl 2 user@ToR12# set protocols bgp group MX12-EVPN multihop no-nexthop-change user@ToR12# set protocols bgp group MX12-EVPN local-address 192.0.2.12 user@ToR12# set protocols bgp group MX12-EVPN export TEST user@ToR12# set protocols bgp group MX12-EVPN peer-as 500 user@ToR12# set protocols bgp group MX12-EVPN local-as 200 user@ToR12# set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling
配置 MP-EBGP 叠加,以使用 EVPN 信令在 ToR12 和 ToR11 之间连接。
[edit] user@ToR12# set protocols bgp group ToR11-EVPN type external user@ToR12# set protocols bgp group ToR11-EVPN multihop ttl 2 user@ToR12# set protocols bgp group ToR11-EVPN multihop no-nexthop-change user@ToR12# set protocols bgp group ToR11-EVPN local-address 192.0.2.12 user@ToR12# set protocols bgp group ToR11-EVPN export TEST user@ToR12# set protocols bgp group ToR11-EVPN peer-as 100 user@ToR12# set protocols bgp group ToR11-EVPN local-as 200 user@ToR12# set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling user@ToR12# set protocols bgp group ToR12-EVPN export TEST
配置跟踪操作以跟踪所有 2 层地址学习和转发属性。
[edit] user@ToR12# set protocols l2-learning traceoptions file TOR12-L2ALD.log user@ToR12# set protocols l2-learning traceoptions file size 10m user@ToR12# set protocols l2-learning traceoptions level all user@ToR12# set protocols l2-learning traceoptions flag all
配置路由策略以接受直接环路地址路由,将其重定向至BGP。
[edit] user@ToR12# set policy-options policy-statement LO term 1 from protocol direct user@ToR12# set policy-options policy-statement LO term 1 from route-filter 192.0.2.12/32 exact user@ToR12# set policy-options policy-statement LO term 1 then accept
配置社区策略选项。
[edit] user@ToR12# set policy-options community NO-EXPORT members no-advertise user@ToR12# set policy-options community NO-EXPORT members no-export user@ToR12# set policy-options community NO-EXPORT members no-export-subconfed
应用负载平衡。
[edit] user@ToR12# set policy-options policy-statement TEST then community add NO-EXPORT user@ToR12# set policy-options policy-statement evpn-pplb from protocol evpn user@ToR12# set policy-options policy-statement evpn-pplb then load-balance per-packet
为每个虚拟网络配置 EVPN 路由实例。定义VTEP接口、路由识别器(用于识别和播发 EVPN 路由)和 vrf-target(使用定义的路由目标导出和标记该本地 VRF 的所有路由)。配置 EVPN 协议、封装方法、VNI 列表和 BUM 信息流转发方法。最后,为每个将 VNID 映射到 VLAN 识别的虚拟路由器配置桥接域,并识别 BUM 转发方法。
[edit] user@ToR12# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.82 user@ToR12# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@ToR12# set routing-instances EVPN-VXLAN-1 interface ge-1/0/7.0 user@ToR12# set routing-instances EVPN-VXLAN-1 interface ae0.0 user@ToR12# set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.12:1 user@ToR12# set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR12-EVPN-VXLAN-1.log user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
验证
配置下层和 EVPN 叠加后,建议您验证配置是否按预期运行。
- 验证 ToR11 配置
- 验证 ToR12 配置
- 验证数据中心网关和 WAN 边缘 1 路由器 (MX11) 配置
- 验证数据中心网关和 WAN 边缘 2 路由器 (MX12) 配置
- 验证数据中心网关和 WAN 边缘 3 路由器 (MX21) 配置
- 验证数据中心网关和 WAN 边缘 4 路由器 (MX22) 配置
- 验证 ToR21 配置
- 验证 ToR22 配置
验证 ToR11 配置
目的
验证 ToR11 是否正确配置。
行动
验证 CE2 设备上逻辑系统接口和桥接域的配置是否正确,以启用第 2 层连接。
user@ce2> show configuration logical-systems CE-2 { interfaces { ge-1/0/9 { unit 0 { description "CONNECTED TO Host 2"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ge-1/1/6 { unit 0 { description "CONNECTED TO ToR11"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; } BD-2 { domain-type bridge; vlan-id 2; } BD-3 { domain-type bridge; vlan-id 3; } BD-4 { domain-type bridge; vlan-id 4; } BD-5 { domain-type bridge; vlan-id 5; } } }
验证 ToR11 上的接口和追踪选项配置是否正确,以启用与其他 ToR、网关和 WAN 边缘设备的层连接。
user@ToR11>show configuration interfaces traceoptions { file R0-DCD.log size 10m; flag all; } ge-1/0/5 { unit 0 { description "CONNECTED TO MX12"; family inet { address 192.168.4.1/24; } } } ge-1/0/6 { unit 0 { description "CONNECTED TO CE-2"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ge-1/1/0 { description "CONNECTED TO CE-1"; gigether-options { 802.3ad ae0; } } ge-1/1/1 { unit 0 { description "CONNECTED TO MX11"; family inet { address 192.168.3.1/24; } } } ge-1/1/3 { unit 0 { description "CONNECTED TO ToR12"; family inet { address 192.168.2.1/24; } } } ae0 { esi { 00:11:11:11:11:11:11:11:11:11; all-active; } aggregated-ether-options { lacp { active; periodic fast; system-id 11:11:11:11:11:11; } } unit 0 { family bridge { interface-mode trunk; vlan-id-list 1-5; } } } lo0 { unit 81 { family inet { address 192.0.2.11/32; } } }
验证路由和负载平衡选项配置是否正确。
user@ToR11> show configuration routing-options router-id 192.0.2.11; autonomous-system 100; forwarding-table { export evpn-pplb; }
验证多协议外部协议 (MP-EBGP) BGP和叠加协议以及 2 层地址学习和转发属性配置正确。
user@ToR11> show configuration protocols bgp { local-as 100; group MX11 { type external; local-address 192.168.3.1; export [ LO TEST ]; peer-as 400; neighbor 192.168.3.2 { family inet { unicast; } } } group MX12 { type external; local-address 192.168.4.1; export [ LO TEST ]; peer-as 500; neighbor 192.168.4.2 { family inet { unicast; } } } group ToR12 { type external; local-address 192.168.2.1; export [ LO TEST ]; peer-as 200; local-as 100; neighbor 192.168.2.2 { family inet { unicast; } } } group MX11-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.11; export TEST; peer-as 400; local-as 100; neighbor 192.0.2.21 { family evpn { signaling; } } } group MX12-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.11; export TEST; peer-as 500; local-as 100; neighbor 192.0.2.22 { family evpn { signaling; } } } group ToR12-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.11; export TEST; peer-as 200; local-as 100; neighbor 192.0.2.12 { family evpn { signaling; } } } } l2-learning { traceoptions { file TOR11-L2ALD.log size 10m; level all; flag all; } }
验证路由策略和社区策略选项及负载平衡配置是否正确,以接受直接环路地址路由,将其重定向至BGP。
user@ToR11> show configuration policy-options policy-statement LO { term 1 { from { protocol direct; route-filter 192.0.2.11/32 exact; } then accept; } } policy-statement TEST { then { community add NO-EXPORT; } } policy-statement evpn-pplb { from protocol evpn; then { load-balance per-packet; } } community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
验证每个虚拟网络的 EVPN-VXLAN路由实例配置是否正确。
user@ToR11> show configuration routing-instances EVPN-VXLAN-1 { vtep-source-interface lo0.81; instance-type virtual-switch; interface ge-1/0/6.0; interface ae0.0; route-distinguisher 192.0.2.11:1; vrf-target target:1:1; protocols { evpn { traceoptions { file TOR11-EVPN-VXLAN-1.log size 10m; flag all; } encapsulation vxlan; extended-vni-list 1-5; } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; vxlan { vni 1; } } BD-2 { domain-type bridge; vlan-id 2; vxlan { vni 2; } } BD-3 { domain-type bridge; vlan-id 3; vxlan { vni 3; } } BD-4 { domain-type bridge; vlan-id 4; vxlan { vni 4; } } BD-5 { domain-type bridge; vlan-id 5; vxlan { vni 5; } } } }
验证 ToR12 配置
目的
验证 ToR12 是否正确配置。
行动
验证 CE1 和 CE3 设备上逻辑系统接口和桥接域的配置是否正确,以启用第 2 层连接。
user@ce1> show configuration logical-systems CE-1 { interfaces { ge-1/0/9 { unit 0 { description "CONNECTED TO Host 1"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ae1 { unit 0 { description "CONNECTED TO ToR12"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; } BD-2 { domain-type bridge; vlan-id 2; } BD-3 { domain-type bridge; vlan-id 3; } BD-4 { domain-type bridge; vlan-id 4; } BD-5 { domain-type bridge; vlan-id 5; } } } user@ce3> show configuration logical-systems CE-3 { interfaces { ge-1/1/7 { unit 0 { description "CONNECTED TO ToR12"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ge-1/1/9 { unit 0 { description "CONNECTED TO Host 3"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; } BD-2 { domain-type bridge; vlan-id 2; } BD-3 { domain-type bridge; vlan-id 3; } BD-4 { domain-type bridge; vlan-id 4; } BD-5 { domain-type bridge; vlan-id 5; } } }
验证 ToR12 上的接口和追踪选项配置是否正确,以启用与其他 ToR、网关和 WAN 边缘设备的层连接。
user@ToR12>show configuration interfaces traceoptions { file R1-DCD.log size 10m; flag all; } ge-1/0/0 { unit 0 { description "CONNECTED TO MX11"; family inet { address 192.168.6.1/24; } } } ge-1/0/4 { unit 0 { description "CONNECTED TO MX12"; family inet { address 192.168.5.1/24; } } } ge-1/0/6 { description "CONNECTED TO CE-1"; gigether-options { 802.3ad ae0; } } ge-1/0/7 { unit 0 { description "CONNECTED TO CE-3"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ge-1/1/0 { description "CONNECTED TO ToR11"; gigether-options { 802.3ad ae1; } } ge-1/1/3 { unit 0 { description "CONNECTED TO ToR11"; family inet { address 192.168.2.2/24; } } } ge-1/1/6 { description "CONNECTED TO ToR12"; gigether-options { 802.3ad ae1; } } ae0 { esi { 00:11:11:11:11:11:11:11:11:11; all-active; } aggregated-ether-options { lacp { system-id 11:11:11:11:11:11; } } unit 0 { family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ae1 { aggregated-ether-options { lacp { active; periodic fast; } } } lo0 { unit 82 { family inet { address 192.0.2.12/32; } } }
验证路由和负载平衡选项配置是否正确。
user@ToR12> show configuration routing-options router-id 192.0.2.12; autonomous-system 200; forwarding-table { export evpn-pplb; }
验证多协议外部协议 (MP-EBGP) BGP和叠加协议以及 2 层地址学习和转发属性配置正确。
user@ToR12> show configuration protocols bgp { local-as 200; group MX11 { type external; local-address 192.168.6.1; export [ LO TEST ]; peer-as 400; local-as 200; neighbor 192.168.6.2 { family inet { unicast; } } } group MX12 { type external; local-address 192.168.5.1; export [ LO TEST ]; peer-as 500; local-as 200; neighbor 192.168.5.2 { family inet { unicast; } } } group ToR11 { type external; local-address 192.168.2.2; export [ LO TEST ]; peer-as 100; local-as 200; neighbor 192.168.2.1 { family inet { unicast; } } } group MX11-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.12; export TEST; peer-as 400; local-as 200; neighbor 192.0.2.21 { family evpn { signaling; } } } group MX12-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.12; export TEST; peer-as 500; local-as 200; neighbor 192.0.2.22 { family evpn { signaling; } } } group ToR11-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.12; export TEST; peer-as 100; local-as 200; neighbor 192.0.2.11 { family evpn { signaling; } } } group ToR12-EVPN { export TEST; } } l2-learning { traceoptions { file TOR12-L2ALD.log size 10m; level all; flag all; } }
验证路由策略和社区策略选项及负载平衡配置是否正确,以接受直接环路地址路由,将其重定向至BGP。
user@ToR12> show configuration policy-options policy-statement LO { term 1 { from { protocol direct; route-filter 192.0.2.12/32 exact; } then accept; } } policy-statement TEST { then { community add NO-EXPORT; } } policy-statement evpn-pplb { from protocol evpn; then { load-balance per-packet; } } community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
验证每个虚拟网络的 EVPN-VXLAN路由实例配置是否正确。
user@ToR12> show configuration routing-instances EVPN-VXLAN-1 { vtep-source-interface lo0.82; instance-type virtual-switch; interface ge-1/0/7.0; interface ae0.0; route-distinguisher 192.0.2.12:1; vrf-target target:1:1; protocols { evpn { traceoptions { file TOR12-EVPN-VXLAN-1.log size 10m; flag all; } encapsulation vxlan; extended-vni-list 1-5; } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; vxlan { vni 1; } } BD-2 { domain-type bridge; vlan-id 2; vxlan { vni 2; } } BD-3 { domain-type bridge; vlan-id 3; vxlan { vni 3; } } BD-4 { domain-type bridge; vlan-id 4; vxlan { vni 4; } } BD-5 { domain-type bridge; vlan-id 5; vxlan { vni 5; } } } }
验证数据中心网关和 WAN 边缘 1 路由器 (MX11) 配置
目的
验证 MX11 是否正确配置。
行动
验证 MX11 路由器(DC GW/WAN Edge1)上的接口是否配置为以下组件:
与 MX12、ToR11、ToR12 和 P 设备(即 DC1 网络的 EVPN-VXLAN 部分)的底层连接。
user@MX11> show configuration interfaces traceoptions { file R2-DCD.log size 10m; flag all; } ge-5/1/0 { unit 0 { description "CONNECTED TO MX-21"; family inet { address 192.168.7.1/24; } } } ge-5/1/1 { unit 0 { description "CONNECTED TO TOR-11"; family inet { address 192.168.3.2/24; } } } ge-5/1/8 { unit 0 { description "CONNECTED TO TOR-12"; family inet { address 192.168.6.2/24; } } } ge-5/1/9 { unit 0 { description "CONNECTED TO P"; family inet { address 203.0.1.1/24; } family mpls; } }
集成路由和桥接 (IRB) 接口,用于通告拓扑中主机的 MAC 和 IP 路由(MAC+IP 类型 2 路由)。IRB 配置是主机上的 VRB 的网关。
user@MX11> show configuration interfaces irb { unit 1 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:aa:aa:aa:aa:aa:aa:aa:aa; all-active; } family inet { address 10.11.1.12/24 { virtual-gateway-address 10.11.1.10; } } } unit 2 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:bb:bb:bb:bb:bb:bb:bb:bb; all-active; } family inet { address 10.12.1.12/24 { virtual-gateway-address 10.12.1.10; } } } unit 3 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:cc:cc:cc:cc:cc:cc:cc:cc; all-active; } family inet { address 10.13.1.12/24 { virtual-gateway-address 10.13.1.10; } } } unit 4 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:dd:dd:dd:dd:dd:dd:dd:dd; all-active; } family inet { address 10.14.1.12/24 { virtual-gateway-address 10.14.1.10; } } } unit 5 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:ee:ee:ee:ee:ee:ee:ee:ee; all-active; } family inet { address 10.15.1.12/24 { virtual-gateway-address 10.15.1.10; } } } }
逻辑隧道接口上的 ESI 值和主动-主动多主机。在 DC1 网络的其他所有网关/WAN 边缘路由器上使用相同的 ESI 值。
user@MX11> show configuration interfaces lt-5/1/0 { esi { 00:22:22:22:22:22:22:22:22:22; all-active; } }
MX11 网关路由器上的一对逻辑隧道 (lt-) 接口,用于将数据中心网络的 EVPN-VXLAN 实例与 WAN 基于 MPLS 的 EVPN 实例互连。一个逻辑隧道 (lt-) 接口配置为 EVPN-VXLAN 的访问接口,另一个逻辑隧道 (lt-) 接口配置为基于 MPLS EVPN 的访问接口。
user@MX11> show configuration interfaces lt-5/1/0 { unit 0 { peer-unit 1; family bridge { interface-mode trunk; vlan-id-list 1-5; } } unit 1 { peer-unit 0; family bridge { interface-mode trunk; vlan-id-list 1-5; } } }
环路接口地址。
user@MX11> show configuration interfaces lo0 { unit 84 { family inet { address 192.0.2.21/32; } family mpls; } }
验证路由选项和负载平衡配置是否正确。
user@MX11> show configuration routing-options router-id 192.0.2.21; autonomous-system 300; forwarding-table { export evpn-pplb; }
验证多协议外部协议 (MP-EBGP) BGP层和叠加协议以及 RSVP、MPLS、BGP 和 OSPF 协议是否配置正确。
user@MX11> show configuration protocols rsvp { interface all; interface fxp0.0 { disable; } } mpls { label-switched-path MX11-TO-MX12 { to 192.0.2.22; } label-switched-path MX11-TO-P { to 203.0.113.1; } label-switched-path MX11-TO-MX21 { to 198.51.100.21; } label-switched-path MX11-TO-MX22 { to 198.51.100.22; } interface all; interface fxp0.0 { disable; } } bgp { local-address 192.0.2.21; local-as 300; group INT { type internal; local-address 192.0.2.21; family evpn { signaling; } export TEST; neighbor 203.0.113.1; } group TOR-11 { type external; local-address 192.168.3.2; import TEST; export [ TEST LO ]; peer-as 100; local-as 400; neighbor 192.168.3.1 { family inet { unicast; } } } group TOR-12 { type external; local-address 192.168.6.2; export [ TEST LO ]; peer-as 200; local-as 400; neighbor 192.168.6.1 { family inet { unicast; } } } group MX-12 { type external; local-address 192.168.7.1; export [ TEST LO ]; peer-as 500; local-as 400; neighbor 192.168.7.2 { family inet { unicast; } } } group TOR-11-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.21; export TEST; peer-as 100; local-as 400; neighbor 192.0.2.11 { family evpn { signaling; } } } group TOR-12-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.21; export TEST; peer-as 200; local-as 400; neighbor 192.0.2.12 { family evpn { signaling; } } } group MX-12-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.21; export TEST; peer-as 500; local-as 400; neighbor 192.0.2.22 { family evpn { signaling; } } } group MX-11-EVPN { export TEST; } } ospf { traffic-engineering; area 0.0.0.0 { interface ge-5/1/9.0; interface lo0.84 { passive; } } } l2-learning { traceoptions { file MX11-L2ALD.log size 10m; level all; flag all; } }
验证路由策略和社区策略选项及负载平衡配置是否正确,以接受直接环路地址路由,将其重定向至BGP。
user@MX11> show configuration policy-options policy-statement LO { term 1 { from { protocol direct; route-filter 192.0.2.21/32 exact; } then accept; } from { protocol direct; route-filter 192.0.2.21/32 exact; } then accept; } policy-statement TEST { then { community add NO-EXPORT; } } policy-statement evpn-pplb { from protocol evpn; then { load-balance per-packet; } } community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
验证基于 EVPN 的路由MPLS EVPN-VXLAN路由实例的配置是否正确。
user@MX11> show configuration routing-instances EVPN-MPLS-1 { instance-type virtual-switch; interface lt-5/1/0.0; route-distinguisher 192.0.2.21:100; vrf-target target:1:2; protocols { evpn { traceoptions { file MX11-EVPN-MPLS-1.log size 10m; flag all; } extended-vlan-list 1-5; default-gateway no-gateway-community; } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; } BD-2 { domain-type bridge; vlan-id 2; } BD-3 { domain-type bridge; vlan-id 3; } BD-4 { domain-type bridge; vlan-id 4; } BD-5 { domain-type bridge; vlan-id 5; } } } EVPN-VXLAN-1 { vtep-source-interface lo0.84; instance-type virtual-switch; interface lt-5/1/0.1; route-distinguisher 192.0.2.21:1; vrf-target target:1:1; protocols { evpn { traceoptions { file MX11-EVPN-VXLAN-1.log size 10m; flag all; } encapsulation vxlan; extended-vni-list 1-5; default-gateway no-gateway-community; } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; routing-interface irb.1; vxlan { vni 1; } } BD-2 { domain-type bridge; vlan-id 2; routing-interface irb.2; vxlan { vni 2; } } BD-3 { domain-type bridge; vlan-id 3; routing-interface irb.3; vxlan { vni 3; } } BD-4 { domain-type bridge; vlan-id 4; routing-interface irb.4; vxlan { vni 4; } } BD-5 { domain-type bridge; vlan-id 5; routing-interface irb.5; vxlan { vni 5; } } } } VRF { instance-type vrf; interface irb.1; interface irb.2; interface irb.3; interface irb.4; interface irb.5; route-distinguisher 1:1; vrf-target target:10:10; }
验证数据中心网关和 WAN 边缘 2 路由器 (MX12) 配置
目的
验证 MX12 是否正确配置。
行动
验证 MX11 路由器(DC GW/WAN Edge1)上的接口是否配置为以下组件:
与 MX12、ToR11、ToR12 和 P 设备(即 DC1 网络的 EVPN-VXLAN 部分)的底层连接。
user@MX11> show configuration interfaces traceoptions { file R2-DCD.log size 10m; flag all; } ge-5/1/0 { unit 0 { description "CONNECTED TO MX-21"; family inet { address 192.168.7.1/24; } } } ge-5/1/1 { unit 0 { description "CONNECTED TO TOR-11"; family inet { address 192.168.3.2/24; } } } ge-5/1/8 { unit 0 { description "CONNECTED TO TOR-12"; family inet { address 192.168.6.2/24; } } } ge-5/1/9 { unit 0 { description "CONNECTED TO P"; family inet { address 203.0.1.1/24; } family mpls; } }
集成路由和桥接 (IRB) 接口,用于通告拓扑中主机的 MAC 和 IP 路由(MAC+IP 类型 2 路由)。IRB 配置是主机上的 VRB 的网关。
user@MX11> show configuration interfaces irb { unit 1 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:aa:aa:aa:aa:aa:aa:aa:aa; all-active; } family inet { address 10.11.1.12/24 { virtual-gateway-address 10.11.1.10; } } } unit 2 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:bb:bb:bb:bb:bb:bb:bb:bb; all-active; } family inet { address 10.12.1.12/24 { virtual-gateway-address 10.12.1.10; } } } unit 3 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:cc:cc:cc:cc:cc:cc:cc:cc; all-active; } family inet { address 10.13.1.12/24 { virtual-gateway-address 10.13.1.10; } } } unit 4 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:dd:dd:dd:dd:dd:dd:dd:dd; all-active; } family inet { address 10.14.1.12/24 { virtual-gateway-address 10.14.1.10; } } } unit 5 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:ee:ee:ee:ee:ee:ee:ee:ee; all-active; } family inet { address 10.15.1.12/24 { virtual-gateway-address 10.15.1.10; } } } }
逻辑隧道接口上的 ESI 值和主动-主动多主机。在 DC1 网络的其他所有网关/WAN 边缘路由器上使用相同的 ESI 值。
user@MX11> show configuration interfaces lt-5/1/0 { esi { 00:22:22:22:22:22:22:22:22:22; all-active; } }
MX11 网关路由器上的一对逻辑隧道 (lt-) 接口,用于将数据中心网络的 EVPN-VXLAN 实例与 WAN 基于 MPLS 的 EVPN 实例互连。一个逻辑隧道 (lt-) 接口配置为 EVPN-VXLAN 的访问接口,另一个逻辑隧道 (lt-) 接口配置为基于 MPLS EVPN 的访问接口。
user@MX11> show configuration interfaces lt-5/1/0 { unit 0 { peer-unit 1; family bridge { interface-mode trunk; vlan-id-list 1-5; } } unit 1 { peer-unit 0; family bridge { interface-mode trunk; vlan-id-list 1-5; } } }
环路接口地址。
user@MX11> show configuration interfaces lo0 { unit 84 { family inet { address 192.0.2.21/32; } family mpls; } }
验证路由选项和负载平衡配置是否正确。
user@MX11> show configuration routing-options router-id 192.0.2.21; autonomous-system 300; forwarding-table { export evpn-pplb; }
验证多协议外部协议 (MP-EBGP) BGP层和叠加协议以及 RSVP、MPLS、BGP 和 OSPF 协议是否配置正确。
user@MX11> show configuration protocols rsvp { interface all; interface fxp0.0 { disable; } } mpls { label-switched-path MX11-TO-MX12 { to 192.0.2.22; } label-switched-path MX11-TO-P { to 203.0.113.1; } label-switched-path MX11-TO-MX21 { to 198.51.100.21; } label-switched-path MX11-TO-MX22 { to 198.51.100.22; } interface all; interface fxp0.0 { disable; } } bgp { local-address 192.0.2.21; local-as 300; group INT { type internal; local-address 192.0.2.21; family evpn { signaling; } export TEST; neighbor 203.0.113.1; } group TOR-11 { type external; local-address 192.168.3.2; import TEST; export [ TEST LO ]; peer-as 100; local-as 400; neighbor 192.168.3.1 { family inet { unicast; } } } group TOR-12 { type external; local-address 192.168.6.2; export [ TEST LO ]; peer-as 200; local-as 400; neighbor 192.168.6.1 { family inet { unicast; } } } group MX-12 { type external; local-address 192.168.7.1; export [ TEST LO ]; peer-as 500; local-as 400; neighbor 192.168.7.2 { family inet { unicast; } } } group TOR-11-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.21; export TEST; peer-as 100; local-as 400; neighbor 192.0.2.11 { family evpn { signaling; } } } group TOR-12-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.21; export TEST; peer-as 200; local-as 400; neighbor 192.0.2.12 { family evpn { signaling; } } } group MX-12-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.21; export TEST; peer-as 500; local-as 400; neighbor 192.0.2.22 { family evpn { signaling; } } } group MX-11-EVPN { export TEST; } } ospf { traffic-engineering; area 0.0.0.0 { interface ge-5/1/9.0; interface lo0.84 { passive; } } } l2-learning { traceoptions { file MX11-L2ALD.log size 10m; level all; flag all; } }
验证路由策略和社区策略选项及负载平衡配置是否正确,以接受直接环路地址路由,将其重定向至BGP。
user@MX11> show configuration policy-options policy-statement LO { term 1 { from { protocol direct; route-filter 192.0.2.21/32 exact; } then accept; } from { protocol direct; route-filter 192.0.2.21/32 exact; } then accept; } policy-statement TEST { then { community add NO-EXPORT; } } policy-statement evpn-pplb { from protocol evpn; then { load-balance per-packet; } } community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
验证基于 EVPN 的路由MPLS EVPN-VXLAN路由实例的配置是否正确。
user@MX11> show configuration routing-instances EVPN-MPLS-1 { instance-type virtual-switch; interface lt-5/1/0.0; route-distinguisher 192.0.2.21:100; vrf-target target:1:2; protocols { evpn { traceoptions { file MX11-EVPN-MPLS-1.log size 10m; flag all; } extended-vlan-list 1-5; default-gateway no-gateway-community; } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; } BD-2 { domain-type bridge; vlan-id 2; } BD-3 { domain-type bridge; vlan-id 3; } BD-4 { domain-type bridge; vlan-id 4; } BD-5 { domain-type bridge; vlan-id 5; } } } EVPN-VXLAN-1 { vtep-source-interface lo0.84; instance-type virtual-switch; interface lt-5/1/0.1; route-distinguisher 192.0.2.21:1; vrf-target target:1:1; protocols { evpn { traceoptions { file MX11-EVPN-VXLAN-1.log size 10m; flag all; } encapsulation vxlan; extended-vni-list 1-5; default-gateway no-gateway-community; } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; routing-interface irb.1; vxlan { vni 1; } } BD-2 { domain-type bridge; vlan-id 2; routing-interface irb.2; vxlan { vni 2; } } BD-3 { domain-type bridge; vlan-id 3; routing-interface irb.3; vxlan { vni 3; } } BD-4 { domain-type bridge; vlan-id 4; routing-interface irb.4; vxlan { vni 4; } } BD-5 { domain-type bridge; vlan-id 5; routing-interface irb.5; vxlan { vni 5; } } } } VRF { instance-type vrf; interface irb.1; interface irb.2; interface irb.3; interface irb.4; interface irb.5; route-distinguisher 1:1; vrf-target target:10:10; }
验证数据中心网关和 WAN 边缘 3 路由器 (MX21) 配置
目的
验证 MX21 是否正确配置。
行动
验证 MX11 路由器(DC GW/WAN Edge1)上的接口是否配置为以下组件:
与 MX12、ToR11、ToR12 和 P 设备(即 DC1 网络的 EVPN-VXLAN 部分)的底层连接。
user@MX11> show configuration interfaces traceoptions { file R2-DCD.log size 10m; flag all; } ge-5/1/0 { unit 0 { description "CONNECTED TO MX-21"; family inet { address 192.168.7.1/24; } } } ge-5/1/1 { unit 0 { description "CONNECTED TO TOR-11"; family inet { address 192.168.3.2/24; } } } ge-5/1/8 { unit 0 { description "CONNECTED TO TOR-12"; family inet { address 192.168.6.2/24; } } } ge-5/1/9 { unit 0 { description "CONNECTED TO P"; family inet { address 203.0.1.1/24; } family mpls; } }
集成路由和桥接 (IRB) 接口,用于通告拓扑中主机的 MAC 和 IP 路由(MAC+IP 类型 2 路由)。IRB 配置是主机上的 VRB 的网关。
user@MX11> show configuration interfaces irb { unit 1 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:aa:aa:aa:aa:aa:aa:aa:aa; all-active; } family inet { address 10.11.1.12/24 { virtual-gateway-address 10.11.1.10; } } } unit 2 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:bb:bb:bb:bb:bb:bb:bb:bb; all-active; } family inet { address 10.12.1.12/24 { virtual-gateway-address 10.12.1.10; } } } unit 3 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:cc:cc:cc:cc:cc:cc:cc:cc; all-active; } family inet { address 10.13.1.12/24 { virtual-gateway-address 10.13.1.10; } } } unit 4 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:dd:dd:dd:dd:dd:dd:dd:dd; all-active; } family inet { address 10.14.1.12/24 { virtual-gateway-address 10.14.1.10; } } } unit 5 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:ee:ee:ee:ee:ee:ee:ee:ee; all-active; } family inet { address 10.15.1.12/24 { virtual-gateway-address 10.15.1.10; } } } }
逻辑隧道接口上的 ESI 值和主动-主动多主机。在 DC1 网络的其他所有网关/WAN 边缘路由器上使用相同的 ESI 值。
user@MX11> show configuration interfaces lt-5/1/0 { esi { 00:22:22:22:22:22:22:22:22:22; all-active; } }
MX11 网关路由器上的一对逻辑隧道 (lt-) 接口,用于将数据中心网络的 EVPN-VXLAN 实例与 WAN 基于 MPLS 的 EVPN 实例互连。一个逻辑隧道 (lt-) 接口配置为 EVPN-VXLAN 的访问接口,另一个逻辑隧道 (lt-) 接口配置为基于 MPLS EVPN 的访问接口。
user@MX11> show configuration interfaces lt-5/1/0 { unit 0 { peer-unit 1; family bridge { interface-mode trunk; vlan-id-list 1-5; } } unit 1 { peer-unit 0; family bridge { interface-mode trunk; vlan-id-list 1-5; } } }
环路接口地址。
user@MX11> show configuration interfaces lo0 { unit 84 { family inet { address 192.0.2.21/32; } family mpls; } }
验证路由选项和负载平衡配置是否正确。
user@MX11> show configuration routing-options router-id 192.0.2.21; autonomous-system 300; forwarding-table { export evpn-pplb; }
验证多协议外部协议 (MP-EBGP) BGP层和叠加协议以及 RSVP、MPLS、BGP 和 OSPF 协议是否配置正确。
user@MX11> show configuration protocols rsvp { interface all; interface fxp0.0 { disable; } } mpls { label-switched-path MX11-TO-MX12 { to 192.0.2.22; } label-switched-path MX11-TO-P { to 203.0.113.1; } label-switched-path MX11-TO-MX21 { to 198.51.100.21; } label-switched-path MX11-TO-MX22 { to 198.51.100.22; } interface all; interface fxp0.0 { disable; } } bgp { local-address 192.0.2.21; local-as 300; group INT { type internal; local-address 192.0.2.21; family evpn { signaling; } export TEST; neighbor 203.0.113.1; } group TOR-11 { type external; local-address 192.168.3.2; import TEST; export [ TEST LO ]; peer-as 100; local-as 400; neighbor 192.168.3.1 { family inet { unicast; } } } group TOR-12 { type external; local-address 192.168.6.2; export [ TEST LO ]; peer-as 200; local-as 400; neighbor 192.168.6.1 { family inet { unicast; } } } group MX-12 { type external; local-address 192.168.7.1; export [ TEST LO ]; peer-as 500; local-as 400; neighbor 192.168.7.2 { family inet { unicast; } } } group TOR-11-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.21; export TEST; peer-as 100; local-as 400; neighbor 192.0.2.11 { family evpn { signaling; } } } group TOR-12-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.21; export TEST; peer-as 200; local-as 400; neighbor 192.0.2.12 { family evpn { signaling; } } } group MX-12-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.21; export TEST; peer-as 500; local-as 400; neighbor 192.0.2.22 { family evpn { signaling; } } } group MX-11-EVPN { export TEST; } } ospf { traffic-engineering; area 0.0.0.0 { interface ge-5/1/9.0; interface lo0.84 { passive; } } } l2-learning { traceoptions { file MX11-L2ALD.log size 10m; level all; flag all; } }
验证路由策略和社区策略选项及负载平衡配置是否正确,以接受直接环路地址路由,将其重定向至BGP。
user@MX11> show configuration policy-options policy-statement LO { term 1 { from { protocol direct; route-filter 192.0.2.21/32 exact; } then accept; } from { protocol direct; route-filter 192.0.2.21/32 exact; } then accept; } policy-statement TEST { then { community add NO-EXPORT; } } policy-statement evpn-pplb { from protocol evpn; then { load-balance per-packet; } } community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
验证基于 EVPN 的路由MPLS EVPN-VXLAN路由实例的配置是否正确。
user@MX11> show configuration routing-instances EVPN-MPLS-1 { instance-type virtual-switch; interface lt-5/1/0.0; route-distinguisher 192.0.2.21:100; vrf-target target:1:2; protocols { evpn { traceoptions { file MX11-EVPN-MPLS-1.log size 10m; flag all; } extended-vlan-list 1-5; default-gateway no-gateway-community; } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; } BD-2 { domain-type bridge; vlan-id 2; } BD-3 { domain-type bridge; vlan-id 3; } BD-4 { domain-type bridge; vlan-id 4; } BD-5 { domain-type bridge; vlan-id 5; } } } EVPN-VXLAN-1 { vtep-source-interface lo0.84; instance-type virtual-switch; interface lt-5/1/0.1; route-distinguisher 192.0.2.21:1; vrf-target target:1:1; protocols { evpn { traceoptions { file MX11-EVPN-VXLAN-1.log size 10m; flag all; } encapsulation vxlan; extended-vni-list 1-5; default-gateway no-gateway-community; } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; routing-interface irb.1; vxlan { vni 1; } } BD-2 { domain-type bridge; vlan-id 2; routing-interface irb.2; vxlan { vni 2; } } BD-3 { domain-type bridge; vlan-id 3; routing-interface irb.3; vxlan { vni 3; } } BD-4 { domain-type bridge; vlan-id 4; routing-interface irb.4; vxlan { vni 4; } } BD-5 { domain-type bridge; vlan-id 5; routing-interface irb.5; vxlan { vni 5; } } } } VRF { instance-type vrf; interface irb.1; interface irb.2; interface irb.3; interface irb.4; interface irb.5; route-distinguisher 1:1; vrf-target target:10:10; }
验证数据中心网关和 WAN 边缘 4 路由器 (MX22) 配置
目的
验证 MX22 是否正确配置。
行动
验证 MX11 路由器(DC GW/WAN Edge1)上的接口是否配置为以下组件:
与 MX12、ToR11、ToR12 和 P 设备(即 DC1 网络的 EVPN-VXLAN 部分)的底层连接。
user@MX11> show configuration interfaces traceoptions { file R2-DCD.log size 10m; flag all; } ge-5/1/0 { unit 0 { description "CONNECTED TO MX-21"; family inet { address 192.168.7.1/24; } } } ge-5/1/1 { unit 0 { description "CONNECTED TO TOR-11"; family inet { address 192.168.3.2/24; } } } ge-5/1/8 { unit 0 { description "CONNECTED TO TOR-12"; family inet { address 192.168.6.2/24; } } } ge-5/1/9 { unit 0 { description "CONNECTED TO P"; family inet { address 203.0.1.1/24; } family mpls; } }
集成路由和桥接 (IRB) 接口,用于通告拓扑中主机的 MAC 和 IP 路由(MAC+IP 类型 2 路由)。IRB 配置是主机上的 VRB 的网关。
user@MX11> show configuration interfaces irb { unit 1 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:aa:aa:aa:aa:aa:aa:aa:aa; all-active; } family inet { address 10.11.1.12/24 { virtual-gateway-address 10.11.1.10; } } } unit 2 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:bb:bb:bb:bb:bb:bb:bb:bb; all-active; } family inet { address 10.12.1.12/24 { virtual-gateway-address 10.12.1.10; } } } unit 3 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:cc:cc:cc:cc:cc:cc:cc:cc; all-active; } family inet { address 10.13.1.12/24 { virtual-gateway-address 10.13.1.10; } } } unit 4 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:dd:dd:dd:dd:dd:dd:dd:dd; all-active; } family inet { address 10.14.1.12/24 { virtual-gateway-address 10.14.1.10; } } } unit 5 { proxy-macip-advertisement; virtual-gateway-esi { 00:11:ee:ee:ee:ee:ee:ee:ee:ee; all-active; } family inet { address 10.15.1.12/24 { virtual-gateway-address 10.15.1.10; } } } }
逻辑隧道接口上的 ESI 值和主动-主动多主机。在 DC1 网络的其他所有网关/WAN 边缘路由器上使用相同的 ESI 值。
user@MX11> show configuration interfaces lt-5/1/0 { esi { 00:22:22:22:22:22:22:22:22:22; all-active; } }
MX11 网关路由器上的一对逻辑隧道 (lt-) 接口,用于将数据中心网络的 EVPN-VXLAN 实例与 WAN 基于 MPLS 的 EVPN 实例互连。一个逻辑隧道 (lt-) 接口配置为 EVPN-VXLAN 的访问接口,另一个逻辑隧道 (lt-) 接口配置为基于 MPLS EVPN 的访问接口。
user@MX11> show configuration interfaces lt-5/1/0 { unit 0 { peer-unit 1; family bridge { interface-mode trunk; vlan-id-list 1-5; } } unit 1 { peer-unit 0; family bridge { interface-mode trunk; vlan-id-list 1-5; } } }
环路接口地址。
user@MX11> show configuration interfaces lo0 { unit 84 { family inet { address 192.0.2.21/32; } family mpls; } }
验证路由选项和负载平衡配置是否正确。
user@MX11> show configuration routing-options router-id 192.0.2.21; autonomous-system 300; forwarding-table { export evpn-pplb; }
验证多协议外部协议 (MP-EBGP) BGP层和叠加协议以及 RSVP、MPLS、BGP 和 OSPF 协议是否配置正确。
user@MX11> show configuration protocols rsvp { interface all; interface fxp0.0 { disable; } } mpls { label-switched-path MX11-TO-MX12 { to 192.0.2.22; } label-switched-path MX11-TO-P { to 203.0.113.1; } label-switched-path MX11-TO-MX21 { to 198.51.100.21; } label-switched-path MX11-TO-MX22 { to 198.51.100.22; } interface all; interface fxp0.0 { disable; } } bgp { local-address 192.0.2.21; local-as 300; group INT { type internal; local-address 192.0.2.21; family evpn { signaling; } export TEST; neighbor 203.0.113.1; } group TOR-11 { type external; local-address 192.168.3.2; import TEST; export [ TEST LO ]; peer-as 100; local-as 400; neighbor 192.168.3.1 { family inet { unicast; } } } group TOR-12 { type external; local-address 192.168.6.2; export [ TEST LO ]; peer-as 200; local-as 400; neighbor 192.168.6.1 { family inet { unicast; } } } group MX-12 { type external; local-address 192.168.7.1; export [ TEST LO ]; peer-as 500; local-as 400; neighbor 192.168.7.2 { family inet { unicast; } } } group TOR-11-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.21; export TEST; peer-as 100; local-as 400; neighbor 192.0.2.11 { family evpn { signaling; } } } group TOR-12-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.21; export TEST; peer-as 200; local-as 400; neighbor 192.0.2.12 { family evpn { signaling; } } } group MX-12-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 192.0.2.21; export TEST; peer-as 500; local-as 400; neighbor 192.0.2.22 { family evpn { signaling; } } } group MX-11-EVPN { export TEST; } } ospf { traffic-engineering; area 0.0.0.0 { interface ge-5/1/9.0; interface lo0.84 { passive; } } } l2-learning { traceoptions { file MX11-L2ALD.log size 10m; level all; flag all; } }
验证路由策略和社区策略选项及负载平衡配置是否正确,以接受直接环路地址路由,将其重定向至BGP。
user@MX11> show configuration policy-options policy-statement LO { term 1 { from { protocol direct; route-filter 192.0.2.21/32 exact; } then accept; } from { protocol direct; route-filter 192.0.2.21/32 exact; } then accept; } policy-statement TEST { then { community add NO-EXPORT; } } policy-statement evpn-pplb { from protocol evpn; then { load-balance per-packet; } } community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
验证基于 EVPN 的路由MPLS EVPN-VXLAN路由实例的配置是否正确。
user@MX11> show configuration routing-instances EVPN-MPLS-1 { instance-type virtual-switch; interface lt-5/1/0.0; route-distinguisher 192.0.2.21:100; vrf-target target:1:2; protocols { evpn { traceoptions { file MX11-EVPN-MPLS-1.log size 10m; flag all; } extended-vlan-list 1-5; default-gateway no-gateway-community; } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; } BD-2 { domain-type bridge; vlan-id 2; } BD-3 { domain-type bridge; vlan-id 3; } BD-4 { domain-type bridge; vlan-id 4; } BD-5 { domain-type bridge; vlan-id 5; } } } EVPN-VXLAN-1 { vtep-source-interface lo0.84; instance-type virtual-switch; interface lt-5/1/0.1; route-distinguisher 192.0.2.21:1; vrf-target target:1:1; protocols { evpn { traceoptions { file MX11-EVPN-VXLAN-1.log size 10m; flag all; } encapsulation vxlan; extended-vni-list 1-5; default-gateway no-gateway-community; } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; routing-interface irb.1; vxlan { vni 1; } } BD-2 { domain-type bridge; vlan-id 2; routing-interface irb.2; vxlan { vni 2; } } BD-3 { domain-type bridge; vlan-id 3; routing-interface irb.3; vxlan { vni 3; } } BD-4 { domain-type bridge; vlan-id 4; routing-interface irb.4; vxlan { vni 4; } } BD-5 { domain-type bridge; vlan-id 5; routing-interface irb.5; vxlan { vni 5; } } } } VRF { instance-type vrf; interface irb.1; interface irb.2; interface irb.3; interface irb.4; interface irb.5; route-distinguisher 1:1; vrf-target target:10:10; }
验证 ToR21 配置
目的
验证 ToR21 是否正确配置。
行动
验证 CE4 设备上逻辑系统接口和桥接域的配置是否正确,以启用第 2 层连接并处理VXLAN流量。
user@ce4> show configuration logical-systems CE-4 { interfaces { ge-1/0/9 { unit 0 { description "CONNECTED TO Host 4"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ge-1/1/6 { unit 0 { description "CONNECTED TO ToR21"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; } BD-2 { domain-type bridge; vlan-id 2; } BD-3 { domain-type bridge; vlan-id 3; } BD-4 { domain-type bridge; vlan-id 4; } BD-5 { domain-type bridge; vlan-id 5; } } }
验证 ToR21 上的接口和追踪选项配置是否正确,以启用与其他 ToR、网关和 WAN 边缘设备的层连接。
user@ToR21>show configuration interfaces traceoptions { file R6-DCD.log size 10m; flag all; } xe-0/0/0 { unit 0 { description "CONNECTED TO MX22"; family inet { address 192.168.10.2/24; } } } ge-1/0/0 { description "CONNECTED TO CE-5"; gigether-options { 802.3ad ae0; } } ge-1/0/1 { unit 0 { description "CONNECTED TO MX21"; family inet { address 192.168.101.1/24; } } } ge-1/0/6 { unit 0 { description "CONNECTED TO CE-4"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ge-1/1/3 { unit 0 { description "CONNECTED TO ToR22"; family inet { address 192.168.12.1/24; } } } ae0 { esi { 00:44:44:44:44:44:44:44:44:44; all-active; } aggregated-ether-options { lacp { active; periodic fast; system-id 22:22:22:22:22:22; } } unit 0 { family bridge { interface-mode trunk; vlan-id-list 1-5; } } } lo0 { unit 90 { family inet { address 198.51.100.11/32; } } }
验证路由和负载平衡选项配置是否正确。
user@ToR21> show configuration routing-options router-id 198.51.100.11; autonomous-system 600; forwarding-table { export evpn-pplb; }
验证多协议外部协议 (MP-EBGP) BGP和叠加协议以及 2 层地址学习和转发属性配置正确。
user@ToR21> show configuration protocols bgp { export TEST; local-as 600; group MX21 { type external; local-address 192.168.9.2; export [ LO TEST ]; peer-as 800; local-as 600; neighbor 192.168.9.1 { family inet { unicast; } } } group MX22 { type external; local-address 10.102.2.1; export [ LO TEST ]; peer-as 900; local-as 600; neighbor 192.168.10.1 { family inet { unicast; } } } group ToR22 { type external; local-address 10.105.5.1; export [ LO TEST ]; peer-as 700; local-as 600; neighbor 192.168.12.2 { family inet { unicast; } } } group MX21-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 198.51.100.11; peer-as 800; local-as 600; neighbor 198.51.100.21 { family evpn { signaling; } } } group MX22-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 198.51.100.11; peer-as 900; local-as 600; neighbor 198.51.100.22 { family evpn { signaling; } } } group ToR22-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 198.51.100.11; peer-as 700; local-as 600; neighbor 198.51.100.12 { family evpn { signaling; } } } } l2-learning { traceoptions { file TOR21-L2ALD.log size 10m; level all; flag all; } }
验证路由策略和社区策略选项及负载平衡配置是否正确,以接受直接环路地址路由,将其重定向至BGP。
user@ToR21> show configuration policy-options policy-statement LO { term 1 { from { protocol direct; route-filter 198.51.100.11/32 exact; } then accept; } } policy-statement TEST { then { community add NO-EXPORT; } } policy-statement evpn-pplb { from protocol evpn; then { load-balance per-packet; } } community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
验证每个虚拟网络的 EVPN-VXLAN路由实例配置是否正确。
user@ToR21> show configuration routing-instances EVPN-VXLAN-1 { vtep-source-interface lo0.90; instance-type virtual-switch; interface ge-1/0/6.0; interface ae0.0; route-distinguisher 198.51.100.11:1; vrf-target target:1:3; protocols { evpn { traceoptions { file TOR21-EVPN-VXLAN-1.log size 10m; flag all; } encapsulation vxlan; extended-vni-list 1-5; } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; vxlan { vni 1; } } BD-2 { domain-type bridge; vlan-id 2; vxlan { vni 2; } } BD-3 { domain-type bridge; vlan-id 3; vxlan { vni 3; } } BD-4 { domain-type bridge; vlan-id 4; vxlan { vni 4; } } BD-5 { domain-type bridge; vlan-id 5; vxlan { vni 5; } } } }
验证 ToR22 配置
目的
验证 ToR22 是否正确配置。
行动
验证 CE5 和 CE6 设备上逻辑系统接口和桥接域的配置是否正确,以启用第 2 层连接并处理VXLAN流量。
user@ce5> show configuration logical-systems CE-5 { interfaces { ge-1/0/9 { unit 0 { description "CONNECTED TO Host 5"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ae1 { unit 0 { description "CONNECTED TO ToR21"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; } BD-2 { domain-type bridge; vlan-id 2; } BD-3 { domain-type bridge; vlan-id 3; } BD-4 { domain-type bridge; vlan-id 4; } BD-5 { domain-type bridge; vlan-id 5; } } } user@ce6> show configuration logical-systems CE-6 { interfaces { ge-1/1/6 { unit 0 { description "CONNECTED TO ToR22"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ge-1/1/9 { unit 0 { description "CONNECTED TO Host 6"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; } BD-2 { domain-type bridge; vlan-id 2; } BD-3 { domain-type bridge; vlan-id 3; } BD-4 { domain-type bridge; vlan-id 4; } BD-5 { domain-type bridge; vlan-id 5; } } }
验证 ToR22 上的接口和追踪选项配置是否正确,以启用与其他 ToR、网关和 WAN 边缘设备的层连接。
user@ToR22>show configuration interfaces traceoptions { file R7-DCD.log size 10m; flag all; } xe-0/0/0 { unit 0 { description "CONNECTED TO MX22"; family inet { address 192.168.11.2/24; } } } ge-1/0/0 { description "CONNECTED TO ToR21"; gigether-options { 802.3ad ae1; } } ge-1/0/6 { unit 0 { description "CONNECTED TO CE-6"; family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ge-1/0/7 { description "CONNECTED TO ToR22"; gigether-options { 802.3ad ae1; } } ge-1/1/0 { unit 0 { description "CONNECTED TO MX21"; family inet { address 192.168.8.2/24; } } } ge-1/1/3 { unit 0 { description "CONNECTED TO ToR21"; family inet { address 192.168.12.2/24; } } } ge-1/1/7 { description "CONNECTED TO CE-5"; gigether-options { 802.3ad ae0; } } ae0 { esi { 00:44:44:44:44:44:44:44:44:44; all-active; } aggregated-ether-options { lacp { active; periodic fast; system-id 22:22:22:22:22:22; } } unit 0 { family bridge { interface-mode trunk; vlan-id-list 1-5; } } } ae1 { aggregated-ether-options { lacp { active; periodic fast; system-id 22:22:22:22:22:22; } } } lo0 { unit 92 { family inet { address 198.51.100.12/32; } } }
验证路由和负载平衡选项配置是否正确。
user@ToR22> show configuration routing-options router-id 198.51.100.12; autonomous-system 700; forwarding-table { export evpn-pplb; }
验证多协议外部协议 (MP-EBGP) BGP和叠加协议以及 2 层地址学习和转发属性配置正确。
user@ToR22> show configuration protocols bgp { export TEST; local-as 700; group MX21 { type external; local-address 192.168.8.2; export [ LO TEST ]; peer-as 800; local-as 700; neighbor 192.168.8.1 { family inet { unicast; } } } group MX22 { type external; local-address 192.168.11.2; export [ LO TEST ]; peer-as 900; local-as 700; neighbor 192.168.11.1 { family inet { unicast; } } } group ToR21 { type external; local-address 192.168.12.2; export [ LO TEST ]; peer-as 600; local-as 700; neighbor 10.105.5.1 { family inet { unicast; } } } group MX21-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 198.51.100.12; peer-as 800; local-as 700; neighbor 198.51.100.21 { family evpn { signaling; } } } group MX22-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 198.51.100.12; peer-as 900; local-as 700; neighbor 198.51.100.22 { family evpn { signaling; } } } group ToR21-EVPN { type external; multihop { ttl 2; no-nexthop-change; } local-address 198.51.100.12; peer-as 600; local-as 700; neighbor 198.51.100.11 { family evpn { signaling; } } } } l2-learning { traceoptions { file TOR22-L2ALD.log size 10m; level all; flag all; } }
验证路由策略和社区策略选项及负载平衡配置是否正确,以接受直接环路地址路由,将其重定向至BGP。
user@ToR22> show configuration policy-options policy-statement LO { term 1 { from { protocol direct; route-filter 198.51.100.12/32 exact; } then accept; } } policy-statement TEST { then { community add NO-EXPORT; } } policy-statement evpn-pplb { from protocol evpn; then { load-balance per-packet; } } community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
验证每个虚拟网络的 EVPN-VXLAN路由实例配置是否正确。
user@ToR22> show configuration routing-instances EVPN-VXLAN-1 { vtep-source-interface lo0.92; instance-type virtual-switch; interface ge-1/0/6.0; interface ae0.0; route-distinguisher 198.51.100.12:1; vrf-target target:1:3; protocols { evpn { traceoptions { file TOR22-EVPN-VXLAN-1.log size 10m; flag all; } encapsulation vxlan; extended-vni-list 1-5; } } bridge-domains { BD-1 { domain-type bridge; vlan-id 1; vxlan { vni 1; } } BD-2 { domain-type bridge; vlan-id 2; vxlan { vni 2; } } BD-3 { domain-type bridge; vlan-id 3; vxlan { vni 3; } } BD-4 { domain-type bridge; vlan-id 4; vxlan { vni 4; } } BD-5 { domain-type bridge; vlan-id 5; vxlan { vni 5; } } } }