目次

Juniperで、IP Fabric(VXLAN/EVPN)の設定手順イメージ2(2台1ペア)


関連ページ



vQFX10000 で VXLAN+EVPN (L2 over L3 編) (original : 2017/01/02)などを整理して理解しようとします。


作成中



IP Fabric(VXLAN/EVPN)設定イメージ

Juniper IP Fabric(VXLAN/EVPN)設定イメージ


Underlayの設定

各スイッチで、接続する物理インターフェースにIPを付ける

設定

# spine11
set interfaces xe-0/0/0 unit 0 family inet address 192.0.2.1/30
set interfaces xe-0/0/1 unit 0 family inet address 192.0.2.3/30
set interfaces xe-0/0/2 unit 0 family inet address 192.0.2.5/30
set interfaces xe-0/0/3 unit 0 family inet address 192.0.2.7/30

# spine12
set interfaces xe-0/0/0 unit 0 family inet address 192.0.2.128/30
set interfaces xe-0/0/1 unit 0 family inet address 192.0.2.130/30
set interfaces xe-0/0/2 unit 0 family inet address 192.0.2.132/30
set interfaces xe-0/0/3 unit 0 family inet address 192.0.2.134/30

# leaf11
set interfaces xe-0/0/0 unit 0 family inet address 192.0.2.2/30
set interfaces xe-0/0/1 unit 0 family inet address 192.0.2.129/30
# leaf12
set interfaces xe-0/0/2 unit 0 family inet address 192.0.2.4/30
set interfaces xe-0/0/3 unit 0 family inet address 192.0.2.131/30

# leaf21
set interfaces xe-0/0/0 unit 0 family inet address 192.0.2.6/30
set interfaces xe-0/0/1 unit 0 family inet address 192.0.2.133/30
# leaf22
set interfaces xe-0/0/2 unit 0 family inet address 192.0.2.8/30
set interfaces xe-0/0/3 unit 0 family inet address 192.0.2.135/30

スイッチ間で疎通確認

ping  x.x.x.x


各スイッチごとに、Loopback用のIPを付ける

#spine11
set interfaces lo0 unit 0 family inet address 172.31.0.1/32
#spine12
set interfaces lo0 unit 0 family inet address 172.31.0.2/32

#leaf11
set interfaces lo0 unit 0 family inet address 172.31.1.1/32
#leaf12
set interfaces lo0 unit 0 family inet address 172.31.1.2/32

#leaf21
set interfaces lo0 unit 0 family inet address 172.31.2.1/32
#leaf22
set interfaces lo0 unit 0 family inet address 172.31.2.2/32


各スイッチグループごとに、ASを持ち、接続用IPで、eBGPで接続(アンダーレイのeBGP)

Loopback用のIPを伝播する

IBGPInternal BGP
同じASにあるBGPルータとの間で確立するBGPピアのこと
直接接続していないBGPルータ間でもBGPネイバーを確立することができる。
EBGPExternal BGP
異なるASにあるBGPルータとの間で確立するBGPピアのこと
BGPパケットのTTLが「1」であるため、ネイバーを確立するためには、ルータ間で直接接続している必要がある
Underlay BGP設定

全台共通

# eBGP を動かす
set protocols bgp group BGP_UNDERLAY type external
set protocols bgp group BGP_UNDERLAY mtu-discovery 

# ポリシーで、広告対象は自身の lo0 のみとします。
set policy-options policy-statement POLICY_EXPORT_LO0 from family inet
set policy-options policy-statement POLICY_EXPORT_LO0 from protocol direct
set policy-options policy-statement POLICY_EXPORT_LO0 from route-filter 0.0.0.0/0 prefix-length-range /32-/32
set policy-options policy-statement POLICY_EXPORT_LO0 then accept

set protocols bgp group BGP_UNDERLAY export POLICY_EXPORT_LO0 



スイッチごとの設定

#spine11
set routing-options router-id 172.31.0.1
set routing-options autonomous-system 65000

set protocols bgp group BGP_UNDERLAY neighbor 192.0.2.1 description spine11
set protocols bgp group BGP_UNDERLAY neighbor 192.0.2.1 peer-as 65001
set protocols bgp group BGP_UNDERLAY neighbor 192.0.2.3 description spine12
set protocols bgp group BGP_UNDERLAY neighbor 192.0.2.3 peer-as 65001
set protocols bgp group BGP_UNDERLAY neighbor 192.0.2.5 description spine21
set protocols bgp group BGP_UNDERLAY neighbor 192.0.2.5 peer-as 65002
set protocols bgp group BGP_UNDERLAY neighbor 192.0.2.7 description spine22
set protocols bgp group BGP_UNDERLAY neighbor 192.0.2.7 peer-as 65002

#spine12

#leaf11

#leaf12

#leaf21

#leaf22


Overlayの設定

各スイッチのLoopBack用IPを利用して、全てのスイッチで、一つのASを持ったiBGPを作る(MP-BGP)

全台共通の設定

set protocols bgp group BGP_OVERLAY type internal
set protocols bgp group BGP_OVERLAY family evpn signaling
set protocols bgp group BGP_OVERLAY local-as 64512 



各スイッチごとの設定

#spine11
set protocols bgp group BGP_OVERLAY local-address 172.31.0.1

set protocols bgp group BGP_OVERLAY cluster 172.31.0.0

set protocols bgp group BGP_OVERLAY neighbor 172.16.1.1 description spine11
set protocols bgp group BGP_OVERLAY neighbor 172.16.1.2 description spine12
set protocols bgp group BGP_OVERLAY neighbor 172.16.2.1 description spine21
set protocols bgp group BGP_OVERLAY neighbor 172.16.2.2 description spine22 


#spine12
set protocols bgp group BGP_OVERLAY local-address 172.31.0.2

set protocols bgp group BGP_OVERLAY cluster 172.31.0.0

set protocols bgp group BGP_OVERLAY neighbor 172.16.1.1 description spine11
set protocols bgp group BGP_OVERLAY neighbor 172.16.1.2 description spine12
set protocols bgp group BGP_OVERLAY neighbor 172.16.2.1 description spine21
set protocols bgp group BGP_OVERLAY neighbor 172.16.2.2 description spine22 



#leaf11
set protocols bgp group BGP_OVERLAY local-address 172.16.1.1

set protocols bgp group BGP_OVERLAY neighbor 172.31.0.1 description spine11
set protocols bgp group BGP_OVERLAY neighbor 172.31.0.2 description spine12

#leaf12
set protocols bgp group BGP_OVERLAY local-address 172.16.1.2

set protocols bgp group BGP_OVERLAY neighbor 172.31.0.1 description spine11
set protocols bgp group BGP_OVERLAY neighbor 172.31.0.2 description spine12



#leaf21
set protocols bgp group BGP_OVERLAY local-address 172.16.2.1

set protocols bgp group BGP_OVERLAY neighbor 172.31.0.1 description spine11
set protocols bgp group BGP_OVERLAY neighbor 172.31.0.2 description spine12

#leaf22
set protocols bgp group BGP_OVERLAY local-address 172.16.2.2

set protocols bgp group BGP_OVERLAY neighbor 172.31.0.1 description spine11
set protocols bgp group BGP_OVERLAY neighbor 172.31.0.2 description spine12


Overlay EVPN+VXLAN設定

EVPN+VXLANイメージ

すべてのLeafで同じ設定

VLAN 100 = VXLAN VNI 10100
VLAN 300 = VXLAN VNI 10300

RD(Route Distinguisher)は機器ごとに設定する

Leaf11
  set switch-options route-distinguisher 64512:11

Leaf12
  set switch-options route-distinguisher 64512:12

Leaf21
  set switch-options route-distinguisher 64512:21

Leaf22
  set switch-options route-distinguisher 64512:22
設定
set vlans VLAN0100 vlan-id 100
set vlans VLAN0100 vxlan vni 10100
set vlans VLAN0100 vxlan ingress-node-replication

set vlans VLAN0200 vlan-id 200
set vlans VLAN0200 vxlan vni 10200
set vlans VLAN0200 vxlan ingress-node-replication

set vlans VLAN0300 vlan-id 300
set vlans VLAN0300 vxlan vni 10300
set vlans VLAN0300 vxlan ingress-node-replication

set protocols evpn encapsulation vxlan
set protocols evpn extended-vni-list all
set protocols evpn multicast-mode ingress-replication
set protocols evpn vni-options vni 10100 vrf-target export target:1:10100
set protocols evpn vni-options vni 10200 vrf-target export target:1:10200
set protocols evpn vni-options vni 10300 vrf-target export target:1:10300

set policy-options community COM_10100 members target:1:10100
set policy-options community COM_10200 members target:1:10200
set policy-options community COM_10300 members target:1:10300
set policy-options community COM_LEAF_ESI members target:9999:9999

set policy-options policy-statement POLICY_VRF_IMPORT term T_10100 from community COM_10100
set policy-options policy-statement POLICY_VRF_IMPORT term T_10100 then accept
set policy-options policy-statement POLICY_VRF_IMPORT term T_10200 from community COM_10200
set policy-options policy-statement POLICY_VRF_IMPORT term T_10200 then accept
set policy-options policy-statement POLICY_VRF_IMPORT term T_10300 from community COM_10300
set policy-options policy-statement POLICY_VRF_IMPORT term T_10300 then accept
set policy-options policy-statement POLICY_VRF_IMPORT term T_99900 from community COM_LEAF_ESI
set policy-options policy-statement POLICY_VRF_IMPORT term T_99900 then accept
set policy-options policy-statement POLICY_VRF_IMPORT term T_99999 then reject

set switch-options vtep-source-interface lo0.0
set switch-options route-distinguisher 64512:11 ★leafごとに異なる
set switch-options vrf-import POLICY_VRF_IMPORT
set switch-options vrf-target target:9999:9999
set switch-options vrf-target auto


AE(Aggreation Ethernet)設定

ESI (Ethernet Segment Identifier)

Link Agregateionしたいペア単位で、同じESIにします。

leaf11 ae0
  set interfaces ae0 esi 00:01:01:01:01:01:01:01:10:00 
leaf12 ae0
  set interfaces ae0 esi 00:01:01:01:01:01:01:01:10:00 

leaf11 ae1
  set interfaces ae0 esi 00:01:01:01:01:01:01:01:11:00 
leaf12 ae1
  set interfaces ae0 esi 00:01:01:01:01:01:01:01:11:00 


leaf21 ae0
  set interfaces ae0 esi 00:01:01:01:01:01:01:01:20:00 
leaf22 ae0
  set interfaces ae0 esi 00:01:01:01:01:01:01:01:20:00 

leaf21 ae1
  set interfaces ae0 esi 00:01:01:01:01:01:01:01:21:00 
leaf22 ae1
  set interfaces ae0 esi 00:01:01:01:01:01:01:01:21:00 


関連ページ








Top#スイッチに戻る