CML で IOL 使って VXLAN EVPN を設定する
Cisco CML 上で動作する IOL (IOL L2) を使って VXLAN EVPN を設定した際のコンフィグをメモしておきます。 IOL は軽量で起動が早い為、気軽に検証することが出来ます。
検証環境¶
| 対象 | バージョン |
|---|---|
| IOLL2-XE | 17.15.1 |
構成¶
コンフィグ¶
Pe1
vtp mode transparent
!
l2vpn evpn
replication-type ingress
!
l2vpn evpn instance 101 vlan-based
encapsulation vxlan
!
vlan configuration 101
member evpn-instance 101 vni 10101
!
vlan 101
!
interface Loopback0
ip address 10.254.2.2 255.255.255.255
ip ospf 65000 area 0.0.0.0
!
interface Loopback101
ip address 10.101.2.2 255.255.255.255
ip ospf 65000 area 0.0.0.0
!
interface Ethernet0/1
switchport
switchport access vlan 101
switchport mode access
no shutdown
!
interface Ethernet0/2
no switchport
ip address 10.0.23.2 255.255.255.0
ip ospf network point-to-point
ip ospf 65000 area 0.0.0.0
no shutdown
!
interface nve101
no ip address
source-interface Loopback101
host-reachability protocol bgp
member vni 10101 ingress-replication
!
router ospf 65000
router-id 10.254.2.2
!
router bgp 65000
bgp log-neighbor-changes
neighbor 10.254.3.3 remote-as 65000
neighbor 10.254.3.3 update-source Loopback0
!
address-family ipv4
neighbor 10.254.3.3 activate
exit-address-family
!
address-family l2vpn evpn
neighbor 10.254.3.3 activate
neighbor 10.254.3.3 send-community both
exit-address-family
!
end
P1
interface Loopback0
ip address 10.254.3.3 255.255.255.255
ip ospf 65000 area 0.0.0.0
!
interface Ethernet0/1
no switchport
ip address 10.0.23.3 255.255.255.0
ip ospf network point-to-point
ip ospf 65000 area 0.0.0.0
no shutdown
!
interface Ethernet0/2
no switchport
ip address 10.0.34.3 255.255.255.0
ip ospf network point-to-point
ip ospf 65000 area 0.0.0.0
no shutdown
!
router ospf 65000
router-id 10.254.3.3
!
router bgp 65000
bgp router-id 10.254.3.3
bgp log-neighbor-changes
neighbor 10.254.2.2 remote-as 65000
neighbor 10.254.2.2 update-source Loopback0
neighbor 10.254.4.4 remote-as 65000
neighbor 10.254.4.4 update-source Loopback0
!
address-family ipv4
neighbor 10.254.2.2 activate
neighbor 10.254.4.4 activate
exit-address-family
!
address-family l2vpn evpn
neighbor 10.254.2.2 activate
neighbor 10.254.2.2 send-community both
neighbor 10.254.2.2 route-reflector-client
neighbor 10.254.4.4 activate
neighbor 10.254.4.4 send-community both
neighbor 10.254.4.4 route-reflector-client
exit-address-family
!
end
Pe2
vtp mode transparent
!
l2vpn evpn
replication-type ingress
!
l2vpn evpn instance 101 vlan-based
encapsulation vxlan
!
vlan configuration 101
member evpn-instance 101 vni 10101
!
vlan 101
!
interface Loopback0
ip address 10.254.4.4 255.255.255.255
ip ospf 65000 area 0.0.0.0
!
interface Loopback101
ip address 10.101.4.4 255.255.255.255
ip ospf 65000 area 0.0.0.0
!
interface Ethernet0/1
no switchport
ip address 10.0.34.4 255.255.255.0
ip ospf network point-to-point
ip ospf 65000 area 0.0.0.0
no shutdown
!
interface Ethernet0/2
switchport
switchport access vlan 101
switchport mode access
no shutdown
!
interface nve101
no ip address
source-interface Loopback101
host-reachability protocol bgp
member vni 10101 ingress-replication
!
router ospf 65000
router-id 10.254.4.4
!
router bgp 65000
bgp log-neighbor-changes
neighbor 10.254.3.3 remote-as 65000
neighbor 10.254.3.3 update-source Loopback0
!
address-family ipv4
neighbor 10.254.3.3 activate
exit-address-family
!
address-family l2vpn evpn
neighbor 10.254.3.3 activate
neighbor 10.254.3.3 send-community both
exit-address-family
!
end
状態確認¶
host1 → host5 への Ping¶
root@host1:~# ping 192.168.101.5 -c 5
PING 192.168.101.5 (192.168.101.5) 56(84) bytes of data.
64 bytes from 192.168.101.5: icmp_seq=1 ttl=64 time=3.47 ms
64 bytes from 192.168.101.5: icmp_seq=2 ttl=64 time=3.16 ms
64 bytes from 192.168.101.5: icmp_seq=3 ttl=64 time=3.14 ms
64 bytes from 192.168.101.5: icmp_seq=4 ttl=64 time=3.59 ms
64 bytes from 192.168.101.5: icmp_seq=5 ttl=64 time=3.70 ms
--- 192.168.101.5 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4006ms
rtt min/avg/max/mdev = 3.140/3.412/3.704/0.225 ms
host5 → host1 への Ping¶
host5# ping 192.168.101.1 -c 5
PING 192.168.101.1 (192.168.101.1) 56(84) bytes of data.
64 bytes from 192.168.101.1: icmp_seq=1 ttl=64 time=4.00 ms
64 bytes from 192.168.101.1: icmp_seq=2 ttl=64 time=3.13 ms
64 bytes from 192.168.101.1: icmp_seq=3 ttl=64 time=3.63 ms
64 bytes from 192.168.101.1: icmp_seq=4 ttl=64 time=3.15 ms
64 bytes from 192.168.101.1: icmp_seq=5 ttl=64 time=3.47 ms
--- 192.168.101.1 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4006ms
rtt min/avg/max/mdev = 3.126/3.474/3.997/0.323 ms
show l2route evpn mac¶
PE1¶
PE1# show l2route evpn mac
EVI ETag Prod Mac Address Next Hop(s) Seq Number
----- ---------- ----- -------------- ---------------------------------------------------- ----------
101 0 BGP 5254.0014.9ba1 V:10101 10.101.4.4 0
101 0 L2VPN 5254.0086.3ef0 Et0/1:101 0
P¶
P# show l2route evpn mac
EVI ETag Prod Mac Address Next Hop(s) Seq Number
----- ---------- ----- -------------- ---------------------------------------------------- ----------
PE2¶
PE2# show l2route evpn mac
EVI ETag Prod Mac Address Next Hop(s) Seq Number
----- ---------- ----- -------------- ---------------------------------------------------- ----------
101 0 L2VPN 5254.0014.9ba1 Et0/2:101 0
101 0 BGP 5254.0086.3ef0 V:10101 10.101.2.2 0
show l2route evpn peers¶
PE1¶
PE1# show l2route evpn peers
Topo Name EVI ETAG Peer-IP Encap Num Routes Up Time
--------- ----- ---------- --------------------------------------- ----- ---------- ----------
BD-101 101 0 10.101.4.4 VxLAN 4 00:26:03
P¶
P# show l2route evpn peers
Topo Name EVI ETAG Peer-IP Encap Num Routes Up Time
--------- ----- ---------- --------------------------------------- ----- ---------- ----------
PE2¶
PE22# show l2route evpn peers
Topo Name EVI ETAG Peer-IP Encap Num Routes Up Time
--------- ----- ---------- --------------------------------------- ----- ---------- ----------
BD-101 101 0 10.101.2.2 VxLAN 4 00:27:31
show bgp l2vpn evpn¶
PE1¶
PE1# show bgp l2vpn evpn
BGP table version is 13, local router ID is 10.254.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path, L long-lived-stale,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 10.254.2.2:101
*>i [2][10.254.2.2:101][0][48][525400149BA1][0][*]/20
10.101.4.4 0 100 0 ?
*>i [2][10.254.2.2:101][0][48][525400149BA1][32][192.168.101.5]/24
10.101.4.4 0 100 0 ?
*>i [2][10.254.2.2:101][0][48][525400149BA1][128][FE80::5054:FF:FE14:9BA1]/36
10.101.4.4 0 100 0 ?
*> [2][10.254.2.2:101][0][48][525400863EF0][0][*]/20
0.0.0.0 32768 ?
*> [2][10.254.2.2:101][0][48][525400863EF0][32][192.168.101.1]/24
0.0.0.0 32768 ?
*> [2][10.254.2.2:101][0][48][525400863EF0][128][FE80::5054:FF:FE86:3EF0]/36
0.0.0.0 32768 ?
Route Distinguisher: 10.254.4.4:101
*>i [2][10.254.4.4:101][0][48][525400149BA1][0][*]/20
10.101.4.4 0 100 0 ?
*>i [2][10.254.4.4:101][0][48][525400149BA1][32][192.168.101.5]/24
10.101.4.4 0 100 0 ?
*>i [2][10.254.4.4:101][0][48][525400149BA1][128][FE80::5054:FF:FE14:9BA1]/36
10.101.4.4 0 100 0 ?
Route Distinguisher: 10.254.2.2:101
*> [3][10.254.2.2:101][0][32][10.254.2.2]/17
0.0.0.0 32768 ?
*>i [3][10.254.2.2:101][0][32][10.254.4.4]/17
10.101.4.4 0 100 0 ?
Route Distinguisher: 10.254.4.4:101
*>i [3][10.254.4.4:101][0][32][10.254.4.4]/17
10.101.4.4 0 100 0 ?
P¶
P# show bgp l2vpn evpn
BGP table version is 9, local router ID is 10.254.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path, L long-lived-stale,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 10.254.2.2:101
*>i [2][10.254.2.2:101][0][48][525400863EF0][0][*]/20
10.101.2.2 0 100 0 ?
*>i [2][10.254.2.2:101][0][48][525400863EF0][32][192.168.101.1]/24
10.101.2.2 0 100 0 ?
*>i [2][10.254.2.2:101][0][48][525400863EF0][128][FE80::5054:FF:FE86:3EF0]/36
10.101.2.2 0 100 0 ?
Route Distinguisher: 10.254.4.4:101
*>i [2][10.254.4.4:101][0][48][525400149BA1][0][*]/20
10.101.4.4 0 100 0 ?
*>i [2][10.254.4.4:101][0][48][525400149BA1][32][192.168.101.5]/24
10.101.4.4 0 100 0 ?
*>i [2][10.254.4.4:101][0][48][525400149BA1][128][FE80::5054:FF:FE14:9BA1]/36
10.101.4.4 0 100 0 ?
Route Distinguisher: 10.254.2.2:101
*>i [3][10.254.2.2:101][0][32][10.254.2.2]/17
10.101.2.2 0 100 0 ?
Route Distinguisher: 10.254.4.4:101
*>i [3][10.254.4.4:101][0][32][10.254.4.4]/17
PE2¶
PE2# show bgp l2vpn evpn
BGP table version is 13, local router ID is 10.254.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path, L long-lived-stale,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 10.254.2.2:101
*>i [2][10.254.2.2:101][0][48][525400863EF0][0][*]/20
10.101.2.2 0 100 0 ?
*>i [2][10.254.2.2:101][0][48][525400863EF0][32][192.168.101.1]/24
10.101.2.2 0 100 0 ?
*>i [2][10.254.2.2:101][0][48][525400863EF0][128][FE80::5054:FF:FE86:3EF0]/36
10.101.2.2 0 100 0 ?
Route Distinguisher: 10.254.4.4:101
*> [2][10.254.4.4:101][0][48][525400149BA1][0][*]/20
0.0.0.0 32768 ?
*> [2][10.254.4.4:101][0][48][525400149BA1][32][192.168.101.5]/24
0.0.0.0 32768 ?
*> [2][10.254.4.4:101][0][48][525400149BA1][128][FE80::5054:FF:FE14:9BA1]/36
0.0.0.0 32768 ?
*>i [2][10.254.4.4:101][0][48][525400863EF0][0][*]/20
10.101.2.2 0 100 0 ?
*>i [2][10.254.4.4:101][0][48][525400863EF0][32][192.168.101.1]/24
10.101.2.2 0 100 0 ?
*>i [2][10.254.4.4:101][0][48][525400863EF0][128][FE80::5054:FF:FE86:3EF0]/36
10.101.2.2 0 100 0 ?
Route Distinguisher: 10.254.2.2:101
*>i [3][10.254.2.2:101][0][32][10.254.2.2]/17
10.101.2.2 0 100 0 ?
Route Distinguisher: 10.254.4.4:101
*>i [3][10.254.4.4:101][0][32][10.254.2.2]/17
10.101.2.2 0 100 0 ?
*> [3][10.254.4.4:101][0][32][10.254.4.4]/17
0.0.0.0 32768 ?