基于 EIGRP/I-BGP 的 VXLAN

网络工程 思科 cisco-nexus 虚拟局域网
2021-07-15 14:19:46

出于实验目的,我有两个 NX-9000,它们通过 EIGRP 相互连接。尝试将一个作为 Spine 交换机,另一个作为 Leaf 交换机。目前不需要冗余/HA

您能否批评这种配置,因为为什么没有同行出现?提前致谢

脊柱

Spine# show run

!Command: show running-config
!Time: Thu Nov  9 19:15:00 2017

version 7.0(3)I5(2)
power redundancy-mode combined force

hostname Spine
vdc Spine id 1
  limit-resource vlan minimum 16 maximum 4094
  limit-resource vrf minimum 2 maximum 4096
  limit-resource port-channel minimum 0 maximum 511
  limit-resource u4route-mem minimum 248 maximum 248
  limit-resource u6route-mem minimum 96 maximum 96
  limit-resource m4route-mem minimum 58 maximum 58
  limit-resource m6route-mem minimum 8 maximum 8

feature bash-shell
nv overlay evpn
feature ospf
feature bgp
feature pim
feature eigrp
feature interface-vlan
feature vn-segment-vlan-based
feature nv overlay
feature telemetry

username admin password 5 31$23LGhgRp$tT540F2l04NrG5hPZBQFNW/4wC8HSJVCzrAJX1uiKn6  role network-admin
ip domain-lookup
ip name-server 8.8.8.8
copp profile strict
snmp-server user admin network-admin auth md5 0xc62028034fec86b2b09020359b79db22 priv 0xc62028034fec86b2b09020359b79db22 lo
calizedkey
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO
ntp server ntp.qa.lab.com use-vrf management
ntp source-interface  mgmt0

vlan 1,10,20,30,40,100,200,870-872,880-882,890-893
ip pim rp-address 100.1.1.1 group-list 225.0.0.0/8
ip pim rp-address 192.168.0.7 group-list 224.0.0.0/4
ip pim rp-address 192.168.0.8 group-list 224.0.0.0/4
ip pim rp-address 192.168.0.111 group-list 224.0.0.0/4
ip pim bsr rp-candidate loopback1 group-list 225.0.0.0/8
ip pim ssm range 232.0.0.0/8
ip pim anycast-rp 100.1.1.1 10.1.1.1
ip pim anycast-rp 100.1.1.1 20.1.1.1
ip pim sg-expiry-timer infinity

vrf context management
  ip name-server 8.8.8.8
  ip route 0.0.0.0/0 10.7.0.1
vrf context managment
  ip name-server 8.8.8.8

interface Vlan1
  no shutdown

interface Vlan10
  no shutdown
  ip address 10.0.1.13/24

interface Vlan20
  no shutdown
  ip address 10.0.2.13/24

interface Vlan30
  no shutdown
  ip address 10.0.3.13/24

interface Vlan40
  no shutdown
  ip address 10.0.4.13/24

interface Vlan100
  no shutdown
  ip address 10.0.100.13/24

interface Vlan200
  no shutdown
  ip address 10.0.200.13/24

interface Vlan882
  no shutdown
  ip address 192.168.201.13/30
  ip router eigrp 2018
  ip pim sparse-mode

interface Vlan890
  no shutdown
  ip address 192.168.201.2/30
  ip router eigrp 2018
  ip pim sparse-mode

interface Ethernet1/1
  switchport access vlan 890

interface Ethernet1/2
  switchport access vlan 200

interface Ethernet1/3
  switchport access vlan 200

interface Ethernet1/4
  switchport access vlan 200

interface Ethernet1/5
  switchport access vlan 200

interface Ethernet1/6
  switchport access vlan 200

interface Ethernet1/7
  switchport access vlan 100

interface Ethernet1/43
  switchport access vlan 200

interface Ethernet1/44
  switchport access vlan 200

interface Ethernet1/45
  switchport mode trunk

interface Ethernet1/46
  switchport mode trunk

interface Ethernet1/47
  switchport mode trunk

interface Ethernet1/48
  switchport mode trunk
  switchport trunk native vlan 10

interface Ethernet1/49
  switchport mode trunk

interface Ethernet1/50
  switchport access vlan 200

interface Ethernet1/51
  switchport access vlan 200

interface Ethernet1/52
  switchport access vlan 200

interface Ethernet1/53
  switchport access vlan 200

interface Ethernet1/54
  switchport access vlan 200

interface mgmt0
  vrf member management
  ip address 10.7.0.13/24

interface loopback0
  ip address 192.168.0.7/32
  ip router eigrp 2018
  ip pim sparse-mode

interface loopback1
  ip address 192.168.0.17/32
  ip router eigrp 2018
  ip pim sparse-mode

interface loopback2
  ip address 192.168.0.111/32
  ip router eigrp 2018
  ip pim sparse-mode
line console
line vty
  session-limit 16
boot nxos bootflash:/nxos.7.0.3.I5.2.bin 
router eigrp 2018
router bgp 65000
  router-id 192.168.0.107
  address-family ipv4 unicast
  address-family l2vpn evpn
    retain route-target all
  template peer LEAF-PEER
    remote-as 65000
    update-source loopback0
    address-family ipv4 unicast
      send-community
      send-community extended
      route-reflector-client
    address-family l2vpn evpn
      send-community
      send-community extended
      route-reflector-client
  neighbor 192.168.0.8
    inherit peer LEAF-PEER
  neighbor 192.168.0.108
    inherit peer LEAF-PEER
  neighbor 192.168.201.14
    inherit peer LEAF-PEER


Spine#

叶子

Leaf# show run

!Command: show running-config
!Time: Thu Nov  9 19:15:33 2017

version 7.0(3)I5(2)
power redundancy-mode combined force

hostname Leaf
vdc Leaf id 1
  limit-resource vlan minimum 16 maximum 4094
  limit-resource vrf minimum 2 maximum 4096
  limit-resource port-channel minimum 0 maximum 511
  limit-resource u4route-mem minimum 248 maximum 248
  limit-resource u6route-mem minimum 96 maximum 96
  limit-resource m4route-mem minimum 58 maximum 58
  limit-resource m6route-mem minimum 8 maximum 8

feature telnet
feature nxapi
feature bash-shell
feature scp-server
nv overlay evpn
feature ospf
feature bgp
feature pim
feature eigrp
feature interface-vlan
feature vn-segment-vlan-based
feature lldp
feature nv overlay
feature telemetry

username admin password 5 31$jEYE28hU$VhSgCZulJyyt/DAGWEQ2OXUL.VVTm5WF.xqnkxAsc02  role network-admin
ip domain-lookup
ip name-server 8.8.8.8
copp profile strict
snmp-server user admin network-admin auth md5 0x455bca72819925c42bb26ea92859c53d priv 0x455bca72819925c42bb26ea92859c53d lo
calizedkey
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO
ntp server ntp.qa.lab.com use-vrf management
ntp source-interface  mgmt0

vlan 1-400,602,861-862,870-872,880-883,999
fabric forwarding anycast-gateway-mac 0000.2222.3333
ip pim rp-address 100.1.1.1 group-list 225.0.0.0/8
ip pim rp-address 192.168.0.7 group-list 224.0.0.0/4
ip pim rp-address 192.168.0.8 group-list 224.0.0.0/4
ip pim bsr rp-candidate loopback1 group-list 225.0.0.0/8
ip pim ssm range 232.0.0.0/8
ip pim anycast-rp 100.1.1.1 10.1.1.1
ip pim anycast-rp 100.1.1.1 20.1.1.1
ip pim sg-expiry-timer infinity
vlan 140
  name L2-VNI-140-Tenant1
  vn-segment 50140
vlan 141
  name L2-VNI-141-Tenant1
  vn-segment 50141
vlan 999
  vn-segment 50999

spanning-tree vlan 1,140-141,999 priority 4096
vrf context Tenant-1
  vni 50999
  rd auto
  address-family ipv4 unicast
    route-target both auto
    route-target both auto evpn
vrf context management
  ip name-server 8.8.8.8
  ip route 0.0.0.0/0 10.7.0.1
vrf context managment
  ip name-server 8.8.8.8


interface Vlan1

interface Vlan10
  no shutdown
  ip address 10.0.1.11/24

interface Vlan20
  no shutdown
  ip address 10.0.2.11/24

interface Vlan30
  no shutdown
  ip address 10.0.3.11/24

interface Vlan40
  no shutdown
  ip address 10.0.4.11/24

interface Vlan100
  no shutdown
  ip address 10.0.100.11/24

interface Vlan140
  no shutdown
  vrf member Tenant-1
  no ip redirects
  ip address 172.21.140.1/24
  fabric forwarding mode anycast-gateway

interface Vlan141
  no shutdown
  vrf member Tenant-1
  no ip redirects
  ip address 172.21.141.1/24
  fabric forwarding mode anycast-gateway

interface Vlan200
  no shutdown
  ip address 10.0.200.11/24

interface Vlan861
  no shutdown
  ip address 192.168.203.1/24
  ip router eigrp 2018

interface Vlan862
  no shutdown
  ip address 192.168.200.33/30
  ip router eigrp 2018

interface Vlan872

interface Vlan882
  no shutdown
  ip address 192.168.201.14/30
  ip router eigrp 2018

interface Vlan883
  no shutdown
  ip address 192.168.200.17/30
  ip router eigrp 2018

interface Vlan999
  no shutdown
  vrf member Tenant-1
  ip forward

interface nve1
  no shutdown
  source-interface loopback1
  host-reachability protocol bgp
  member vni 50140
    mcast-group 239.0.0.140
  member vni 50141
    mcast-group 239.0.0.141
  member vni 50999 associate-vrf

interface Ethernet1/1
  switchport access vlan 200

interface Ethernet1/2
  switchport access vlan 200

interface Ethernet1/3
  switchport access vlan 200

interface Ethernet1/45
  switchport access vlan 200

interface Ethernet1/46
  switchport access vlan 200

interface Ethernet1/47
  switchport mode trunk

interface Ethernet1/48
  switchport mode trunk

interface Ethernet1/49
  switchport mode trunk

interface Ethernet1/50

interface Ethernet1/51

interface Ethernet1/52

interface Ethernet1/53

interface Ethernet1/54

interface mgmt0
  vrf member management
  ip address 10.7.0.11/24

interface loopback0
  ip address 192.168.0.8/32
  ip router eigrp 2018
  ip pim sparse-mode

interface loopback1
  ip address 192.168.0.18/32
  ip router eigrp 2018
  ip pim sparse-mode

interface loopback2
  ip address 192.168.0.222/32
  ip router eigrp 2018
  ip pim sparse-mode
line console
line vty
  session-limit 16
boot nxos bootflash:/nxos.7.0.3.I5.2.bin 
router eigrp 2018
router bgp 65000
  router-id 192.168.0.108
  address-family ipv4 unicast
  address-family l2vpn evpn
    retain route-target all
  template peer LEAF-PEER
    remote-as 65000
    update-source loopback0
    address-family ipv4 unicast
      send-community
      send-community extended
      route-reflector-client
  neighbor 192.168.0.6
    remote-as 65000
    address-family l2vpn evpn
      send-community
      send-community extended
  neighbor 192.168.0.7
    inherit peer LEAF-PEER
    remote-as 65000
    address-family l2vpn evpn
      send-community
      send-community extended
  neighbor 192.168.0.13
    inherit peer LEAF-PEER
  neighbor 192.168.0.107
    inherit peer LEAF-PEER
  neighbor 192.168.201.13
evpn
  vni 50140 l2
    rd auto
    route-target import auto
    route-target export auto
  vni 50141 l2
    rd auto
    route-target import auto
    route-target export auto


Leaf#

日志/状态

Spine# show ip bgp summ
BGP summary information for VRF default, address family IPv4 Unicast
BGP router identifier 192.168.0.107, local AS number 65000
BGP table version is 35, IPv4 Unicast config peers 3, capable peers 1
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
192.168.0.8     4 65000     166     171       35    0    0 00:00:15 0  


Leaf# sho ip bgp summ
BGP summary information for VRF default, address family IPv4 Unicast
BGP router identifier 192.168.0.108, local AS number 65000
BGP table version is 34, IPv4 Unicast config peers 3, capable peers 1
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
192.168.0.7     4 65000     165     166       34    0    0 00:00:33 0       



Leaf# sho nve peer
Leaf# 

Leaf# show vxlan inter
Interface       Vlan    VPL Ifindex     LTL             HW VP
=========       ====    ===========     ===             =====
Eth1/49         140     0x5308c7d0      0x1801          2050
Eth1/49         141     0x5308d7d0      0x1802          2051
Eth1/49         999     0x533e77d0      0x1803          2052

No port-channels configured (0x0)
Leaf# show nve vni
Codes: CP - Control Plane        DP - Data Plane          
       UC - Unconfigured         SA - Suppress ARP

Interface VNI      Multicast-group   State Mode Type [BD/VRF]      Flags
--------- -------- ----------------- ----- ---- ------------------ -----
nve1      50140    239.0.0.140       Up    CP   L2 [140]                
nve1      50141    239.0.0.141       Up    CP   L2 [141]                
nve1      50999    n/a               Up    CP   L3 [Tenant-1]           

Leaf#

更新

Leaf# do sho ip bgp summ
BGP summary information for VRF default, address family IPv4 Unicast
BGP router identifier 192.168.0.107, local AS number 65000
BGP table version is 106, IPv4 Unicast config peers 3, capable peers 1
6 network entries and 10 paths using 1808 bytes of memory
BGP attribute entries [2/312], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
192.168.0.8     4 65000     512     525      106    0    0 00:00:11 6

网络

router bgp 65000
  router-id 192.168.0.107
  address-family ipv4 unicast
    network 192.168.0.7/32
    network 192.168.0.17/32
    network 192.168.201.0/30
    network 192.168.201.12/30

BGP

Spine# show ip bgp
BGP routing table information for VRF default, address family IPv4 Unicast
BGP table version is 183, local router ID is 192.168.0.107
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-injected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup

   Network            Next Hop            Metric     LocPrf     Weight Path
* i192.168.0.7/32     192.168.0.8                       100          0 i
*>l                   0.0.0.0                           100      32768 i
*>i192.168.0.8/32     192.168.0.8                       100          0 i
* i192.168.0.17/32    192.168.0.8                       100          0 i
*>l                   0.0.0.0                           100      32768 i
*>i192.168.0.18/32    192.168.0.8                       100          0 i
* i192.168.201.0/30   192.168.0.8                       100          0 i
*>l                   0.0.0.0                           100      32768 i
* i192.168.201.12/30  192.168.0.8                       100          0 i
*>l                   0.0.0.0                           100      32768 i

Spine#

显示ip路由

Leaf# show ip route
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

10.0.1.0/24, ubest/mbest: 1/0, attached
    *via 10.0.1.11, Vlan10, [0/0], 1w2d, direct
10.0.1.11/32, ubest/mbest: 1/0, attached
    *via 10.0.1.11, Vlan10, [0/0], 1w2d, local
10.0.2.0/24, ubest/mbest: 1/0, attached
    *via 10.0.2.11, Vlan20, [0/0], 1w2d, direct
10.0.2.11/32, ubest/mbest: 1/0, attached
    *via 10.0.2.11, Vlan20, [0/0], 1w2d, local
10.0.3.0/24, ubest/mbest: 1/0, attached
    *via 10.0.3.11, Vlan30, [0/0], 1w2d, direct
10.0.3.11/32, ubest/mbest: 1/0, attached
    *via 10.0.3.11, Vlan30, [0/0], 1w2d, local
10.0.4.0/24, ubest/mbest: 1/0, attached
    *via 10.0.4.11, Vlan40, [0/0], 1w2d, direct
10.0.4.11/32, ubest/mbest: 1/0, attached
    *via 10.0.4.11, Vlan40, [0/0], 1w2d, local
10.0.100.0/24, ubest/mbest: 1/0, attached
    *via 10.0.100.11, Vlan100, [0/0], 1w2d, direct
10.0.100.11/32, ubest/mbest: 1/0, attached
    *via 10.0.100.11, Vlan100, [0/0], 1w2d, local
10.0.200.0/24, ubest/mbest: 1/0, attached
    *via 10.0.200.11, Vlan200, [0/0], 1w2d, direct
10.0.200.11/32, ubest/mbest: 1/0, attached
    *via 10.0.200.11, Vlan200, [0/0], 1w2d, local
10.2.200.12/30, ubest/mbest: 2/0
    *via 192.168.200.18, Vlan883, [90/4352], 03:19:40, eigrp-2018, internal
    *via 192.168.200.34, Vlan862, [90/4352], 03:19:39, eigrp-2018, internal
10.2.200.16/30, ubest/mbest: 2/0
    *via 192.168.200.18, Vlan883, [90/4608], 03:19:40, eigrp-2018, internal
    *via 192.168.200.34, Vlan862, [90/4608], 03:19:39, eigrp-2018, internal
30.1.1.1/32, ubest/mbest: 2/0
    *via 192.168.200.18, Vlan883, [90/132352], 03:19:40, eigrp-2018, internal
    *via 192.168.200.34, Vlan862, [90/132352], 03:19:39, eigrp-2018, internal
40.1.1.1/32, ubest/mbest: 2/0
    *via 192.168.200.18, Vlan883, [90/132608], 03:19:40, eigrp-2018, internal
    *via 192.168.200.34, Vlan862, [90/132608], 03:19:39, eigrp-2018, internal
192.168.0.7/32, ubest/mbest: 1/0
    *via 192.168.201.13, Vlan882, [90/130816], 03:19:39, eigrp-2018, internal
192.168.0.8/32, ubest/mbest: 2/0, attached
    *via 192.168.0.8, Lo0, [0/0], 03:19:53, local
    *via 192.168.0.8, Lo0, [0/0], 03:19:53, direct
192.168.0.17/32, ubest/mbest: 1/0
    *via 192.168.201.13, Vlan882, [90/130816], 03:19:39, eigrp-2018, internal
192.168.0.18/32, ubest/mbest: 2/0, attached
    *via 192.168.0.18, Lo1, [0/0], 03:19:43, local
    *via 192.168.0.18, Lo1, [0/0], 03:19:43, direct
192.168.0.111/32, ubest/mbest: 1/0
    *via 192.168.201.13, Vlan882, [90/130816], 03:03:53, eigrp-2018, internal
192.168.0.222/32, ubest/mbest: 2/0, attached
    *via 192.168.0.222, Lo2, [0/0], 03:03:23, local
    *via 192.168.0.222, Lo2, [0/0], 03:03:23, direct
Leaf#
1个回答

好的 - 这里有一些值得注意的事情,没有特别的顺序:

  1. “sho ip bgp sum”不会向您显示 EVPN 路由的编号。事实上,address-family ipv4如果您愿意,您可以完全省略这些节。您的设置实际上预计会看到一个已建立/正在工作的会话,但没有消息。如果你看到一些路由出现,那么创建一个网络语句,从全局网络(即底层)推送一些路由。
  2. 正确的等效项show ip bgp sum实际上是sh bgp l2vpn evpn summary- 如果一切正常,它将显示从各个对等方收到的 EVPN 路由。此命令树的其他变体还将向您显示有关 EVPN 的信息:例如,sh bgp l2vpn evpn将向您显示原始 EVPN 路由(包括 L2/L3 信息、VNI 等)。
  3. 收到(和使用)的路由将不会显示在 下sh ip route,而是显示在show ip route vrf [vrfname|all].
  4. 最佳实践是在叶子上的 vrf 内实际推送子网路由。因此,例如,在VRF的在BGP部分节下(最好使用某种标签的鉴别):添加redistribute connected route-map <foo><foo>路由映射,只会匹配将被添加到在SVI接口的IP地址一些标记值。这里的重点是您想让叶子启动子网的 /24(例如)。如果不这样做,那么您将只能看到 HMM 在叶子上创建的单个主机路由。这对于将流量发送到尚未看到/宣布的主机的情况尤其痛苦,因为它们将被发送无法访问的消息。
  5. 千万不能使用SVI的携带叶和脊椎之间VXLAN流量。它可以——也可能——在特定的硬件上工作,但它是一个非常好得多的设计,只需将传输接口设置为路由 ( no switchport) 并让事情以这种方式工作。换句话说,主干上不应该有 SVI(用于叶子连接),并且叶子上的任何 SVI 都应该只面向主机。
  6. “路由反射器客户端”语句出现在脊椎上(......我假设你想运行你的 RR,否则我们应该在叶子上看到更多的对等点)。
  7. 它尚未破坏任何内容,而是在叶子和脊椎之间的传输接口上设置巨型帧。如果您想为终端客户运行巨型程序,我的建议是坚持使用 9000 来处理此类 SVI,同时将 9216 用于交换机间链接。
  8. 您在下方看到任何东西的事实show nve peer表明,事情实际上比您意识到的要好。除非 BGP 正在运行,否则这些通常不会形成。
  9. 对于 EVPN 配置,思科实际上并未正式支持 EIGRP。它工作正常,并且不应该的原因为零,但尚未明确验证(IS-IS 和 OSPF 已验证)。
  10. 路由器 ID 有错别字吗?示例叶子分别为叶子和脊椎调用了 BGP 路由器 ID 107 和 108,但这些 IP 不会在您的配置中显示为环回(不过,17 和 18 会出现)。此外,请在您的全局 EIGRP 进程中指定一个路由器 ID。
其它你可能感兴趣的问题
上一篇外部接口替代方案上的 NAT 下一篇TIA/EIA-568 是否允许总跳线长度超过 10m?