CISCO-N9K Evpn配置

拓扑
image.png
  • 关键配置
  1. 管理口
  2. loopback0 # router-id
  3. loopback1 # evpn id
  4. ospf
  5. bgp
  6. vlan 范围

evpn需要使能

排查过程

  1. 看show ip ospf neighbor # 一般都是配置不对
  2. loopback1口不up,需要shutdown再no shutdown
模板
feature nxapi
nv overlay evpn
feature ospf
feature bgp
feature pim
feature vn-segment-vlan-based
feature lldp
feature bfd
feature nv overlay

spanning-tree mode mst

fabric forwarding anycast-gateway-mac 0002.0002.0002
ip pim rp-address 1.1.2.1 group-list 239.0.0.0/8
ip pim ssm range 232.0.0.0/8
vlan 1-3967

hardware access-list tcam region vpc-convergence 0
hardware access-list tcam region arp-ether 256

evpn
interface nve1
  no shutdown
  host-reachability protocol bgp
  source-interface loopback1
  
interface Ethernet1/1
  no switchport
  mtu 9216
  medium p2p
  no ip redirects
  ip address 1.0.0.2/24
  ip ospf network point-to-point
  ip router ospf 1 area 0.0.0.0
  ip pim sparse-mode
  no shutdown

interface loopback0
  ip address 1.1.1.2/32
  ip router ospf 1 area 0.0.0.0
  ip pim sparse-mode

interface loopback1
  ip address 1.1.2.2/32
  ip router ospf 1 area 0.0.0.0
  ip pim sparse-mode

router ospf UNDERLAY
  router-id 10.25.49.2
router bgp 100
  router-id 10.25.49.2
  address-family ipv4 unicast
  address-family l2vpn evpn
  neighbor 1.1.1.1
    remote-as 100
    update-source loopback0
    address-family ipv4 unicast
    address-family l2vpn evpn
      send-community
      send-community extended
running-config

leaf1:

leaf-1# show running-config 

!Command: show running-config
!Time: Thu Mar 17 13:06:48 2022

version 7.0(3)I7(4)
hostname leaf-1
vdc leaf-1 id 1
  limit-resource vlan minimum 16 maximum 4094
  limit-resource vrf minimum 2 maximum 4096
  limit-resource port-channel minimum 0 maximum 511
  limit-resource u4route-mem minimum 248 maximum 248
  limit-resource u6route-mem minimum 96 maximum 96
  limit-resource m4route-mem minimum 58 maximum 58
  limit-resource m6route-mem minimum 8 maximum 8

feature nxapi
cfs eth distribute
nv overlay evpn
feature ospf
feature bgp
feature pim
feature interface-vlan
feature vn-segment-vlan-based
feature vpc
feature lldp
feature bfd
feature nv overlay

no password strength-check
username admin password 5 $5$KBCKIK$MrMbncc5uhFsJGog0EHoSe9agVklPHhTidIYw8Lzhw7 
 role network-admin
ip domain-lookup
spanning-tree mode mst
copp profile strict
snmp-server user admin auth md5 0xeb3de898daa62934d4ab552ea1fb3600 priv 0xeb3de8
98daa62934d4ab552ea1fb3600 localizedkey engineID 128:0:0:9:3:80:1:0:1:0:0
rmon event 1 description FATAL(1) owner PMON@FATAL
rmon event 2 description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 description ERROR(3) owner PMON@ERROR
rmon event 4 description WARNING(4) owner PMON@WARNING
rmon event 5 description INFORMATION(5) owner PMON@INFO
fabric forwarding anycast-gateway-mac 2020.0000.00aa
ip pim rp-address 20.20.20.20 group-list 224.1.1.0/24
ip pim ssm range 239.1.2.0/24
vlan 1-3967

route-map ANY permit 10
vrf context management
hardware access-list tcam region vpc-convergence 0


interface Vlan1
  no shutdown
  no ip redirects
  no ipv6 redirects

interface nve1
  no shutdown
  host-reachability protocol bgp
  source-interface loopback1

interface Ethernet1/1
  no switchport
  mac-address 0001.0000.0101
  ip address 2.2.2.1/24
  ip ospf network point-to-point
  ip router ospf underlay area 0.0.0.0
  no shutdown

interface Ethernet1/2
  switchport mode trunk
interface mgmt0
  vrf member management
  ip address 10.25.15.201/16

interface loopback0
  ip address 1.1.1.2/32
  ip router ospf underlay area 0.0.0.0

interface loopback1
  ip address 22.22.22.22/32
  ip router ospf underlay area 0.0.0.0
  ip pim sparse-mode
terminal log-all
line console
line vty
boot nxos bootflash:/nxos.7.0.3.I7.4.bin 
router ospf underlay
  router-id 1.1.1.2
router bgp 64894
  router-id 1.1.1.2
  address-family ipv4 unicast
  address-family l2vpn evpn
    retain route-target all
  neighbor 1.1.1.1
    remote-as 64894
    update-source loopback0
    address-family ipv4 unicast
    address-family l2vpn evpn
      send-community
      send-community extended
evpn

leaf2

leaf2# show running-config 

!Command: show running-config
!Time: Thu Mar 17 13:08:33 2022

version 7.0(3)I7(4)
hostname leaf2
vdc leaf2 id 1
  limit-resource vlan minimum 16 maximum 4094
  limit-resource vrf minimum 2 maximum 4096
  limit-resource port-channel minimum 0 maximum 511
  limit-resource u4route-mem minimum 248 maximum 248
  limit-resource u6route-mem minimum 96 maximum 96
  limit-resource m4route-mem minimum 58 maximum 58
  limit-resource m6route-mem minimum 8 maximum 8

feature nxapi
cfs eth distribute
nv overlay evpn
feature ospf
feature bgp
feature pim
feature interface-vlan
feature vn-segment-vlan-based
feature vpc
feature lldp
feature bfd
feature nv overlay

no password strength-check
username admin password 5 $5$KBCKIK$MrMbncc5uhFsJGog0EHoSe9agVklPHhTidIYw8Lzhw7 
 role network-admin
ip domain-lookup
spanning-tree mode mst
copp profile strict
snmp-server user admin auth md5 0xeb3de898daa62934d4ab552ea1fb3600 priv 0xeb3de8
98daa62934d4ab552ea1fb3600 localizedkey engineID 128:0:0:9:3:80:1:0:1:0:0
rmon event 1 description FATAL(1) owner PMON@FATAL
rmon event 2 description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 description ERROR(3) owner PMON@ERROR
rmon event 4 description WARNING(4) owner PMON@WARNING
rmon event 5 description INFORMATION(5) owner PMON@INFO

fabric forwarding anycast-gateway-mac 2020.0000.00aa
ip pim rp-address 20.20.20.20 group-list 224.1.1.0/24
ip pim ssm range 239.1.2.0/24
vlan 1-3967

route-map ANY permit 10
vrf context management
hardware access-list tcam region vpc-convergence 0
hardware access-list tcam region arp-ether 256


interface Vlan1
  no shutdown
  no ip redirects
  no ipv6 redirects

interface nve1
  no shutdown
  host-reachability protocol bgp
  source-interface loopback1

interface Ethernet1/1

interface Ethernet1/2
  no switchport
  mac-address 0001.0000.0302
  ip address 3.3.3.1/24
  ip ospf network point-to-point
  ip router ospf underlay area 0.0.0.0
  ip pim sparse-mode
  no shutdown
interface mgmt0
  vrf member management
  ip address 10.25.15.202/16

interface loopback0
  ip address 1.1.1.3/32
  ip router ospf underlay area 0.0.0.0
  ip pim sparse-mode

interface loopback1
  ip address 23.23.23.23/32
  ip router ospf underlay area 0.0.0.0
  ip pim sparse-mode
line console
line vty
boot nxos bootflash:/nxos.7.0.3.I7.4.bin 
router ospf underlay
  router-id 1.1.1.3
router bgp 64894
  router-id 1.1.1.3
  address-family ipv4 unicast
  address-family l2vpn evpn
    retain route-target all
  neighbor 1.1.1.1
    remote-as 64894
    update-source loopback0
    address-family ipv4 unicast
    address-family l2vpn evpn
      send-community
      send-community extended
evpn

spine

pine1# show running-config 

!Command: show running-config
!Time: Thu Mar 17 13:09:56 2022

version 7.0(3)I7(4)
hostname spine1
vdc spine1 id 1
  limit-resource vlan minimum 16 maximum 4094
  limit-resource vrf minimum 2 maximum 4096
  limit-resource port-channel minimum 0 maximum 511
  limit-resource u4route-mem minimum 248 maximum 248
  limit-resource u6route-mem minimum 96 maximum 96
  limit-resource m4route-mem minimum 58 maximum 58
  limit-resource m6route-mem minimum 8 maximum 8

feature nxapi
cfs eth distribute
nv overlay evpn
feature ospf
feature bgp
feature pim
feature interface-vlan
feature vn-segment-vlan-based
feature vpc
feature lldp
feature bfd
feature nv overlay

no password strength-check
username admin password 5 $5$KBCKIK$MrMbncc5uhFsJGog0EHoSe9agVklPHhTidIYw8Lzhw7 
 role network-admin
ip domain-lookup
spanning-tree mode mst
copp profile strict
snmp-server user admin auth md5 0xeb3de898daa62934d4ab552ea1fb3600 priv 0xeb3de8
98daa62934d4ab552ea1fb3600 localizedkey engineID 128:0:0:9:3:80:1:0:1:0:0
rmon event 1 description FATAL(1) owner PMON@FATAL
rmon event 2 description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 description ERROR(3) owner PMON@ERROR
rmon event 4 description WARNING(4) owner PMON@WARNING
rmon event 5 description INFORMATION(5) owner PMON@INFO
ip pim ssm range 232.0.0.0/8
vlan 1-3967

route-map ANY permit 10
vrf context management
hardware access-list tcam region vpc-convergence 0
hardware access-list tcam region arp-ether 256


interface Vlan1
  no shutdown
  no ip redirects
  no ipv6 redirects

interface nve1
  no shutdown
  host-reachability protocol bgp
  source-interface loopback1

interface Ethernet1/1
  no switchport
  mac-address 0001.0000.0201
  ip address 2.2.2.2/24
  ip ospf network point-to-point
  ip router ospf underlay area 0.0.0.0
  ip pim sparse-mode
  no shutdown

interface Ethernet1/2
  no switchport
  mac-address 0001.0000.0202
  ip address 3.3.3.3/24
  ip ospf network point-to-point
  ip router ospf underlay area 0.0.0.0
  no shutdown
interface mgmt0
  vrf member management
  ip address 10.25.15.200/16

interface loopback0
  ip address 1.1.1.1/32
  ip router ospf underlay area 0.0.0.0
  ip pim sparse-mode
line console
line vty
boot nxos bootflash:/nxos.7.0.3.I7.4.bin 
router ospf underlay
  router-id 20.20.20.20
router bgp 64894
  router-id 1.1.1.1
  address-family ipv4 unicast
  address-family l2vpn evpn
    retain route-target all
  neighbor 1.1.1.2
    remote-as 64894
    update-source loopback0
    address-family ipv4 unicast
    address-family l2vpn evpn
      send-community
      send-community extended
      route-reflector-client
  neighbor 1.1.1.3
    remote-as 64894
    update-source loopback0
    address-family ipv4 unicast
    address-family l2vpn evpn
      send-community
      send-community extended
evpn
©著作权归作者所有,转载或内容合作请联系作者
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。

推荐阅读更多精彩内容