- 注意、小心和警告
- 更改历史记录
- 系统
- CLI 基本信息
- CONFIGURATION 模式
- 检查设备状态
- 命令帮助
- 候选配置
- 复制正在运行的配置
- 还原启动配置
- 重新加载系统映像
- 筛选 show 命令
- 常见 OS10 命令
- boot
- commit
- configure
- copy
- delete
- dir
- discard
- do
- end
- exit
- hostname
- license
- lock
- management route
- move
- no
- ping
- ping6
- reload
- show boot
- show candidate-configuration
- show environment
- show inventory
- show ip management-route
- show ipv6 management-route
- show license status
- show running-configuration
- show startup-configuration
- show system
- show version
- start
- 系统
- system-cli disable
- system-user linuxadmin disable
- system identifier
- terminal
- traceroute
- unlock
- username password role
- write
- 高级 CLI 任务
- 零接触部署
- OS10 调配
- SmartFabric 服务
- SmartFabric Director
- 系统管理
- 系统横标
- 用户会话管理
- Telnet 服务器
- 简单网络管理协议
- 系统时钟
- 网络时间协议
- 动态主机配置协议
- 数据包格式和选项
- DHCP 服务器
- 自动地址分配
- 主机名称解析
- 手动绑定条目
- DHCP 中继代理
- 查看 DHCP 信息
- 系统域名和列表
- DHCP 侦听
- DHCP 命令
- DHCP 侦听命令
- arp inspection
- arp inspection-trust
- arp inspection violation logging
- clear ip arp inspection statistics
- clear ip dhcp snooping binding
- ip dhcp snooping(全局)
- ip dhcp snooping(接口)
- ip dhcp snooping binding
- ip dhcp snooping trust
- ip dhcp snooping verify mac-address
- show ip arp inspection database
- show ip arp inspection statistics
- show ip arp inspection logging
- show ip dhcp snooping binding
- DNS 命令
- IPv4 DHCP 限制
- 接口
- 以太网接口
- 统一端口组
- Z9264F-ON port-group profiles
- S5200F-ON 交换机上的端口组
- L2 模式配置
- L3 模式配置
- 光纤通道接口
- 管理接口
- VLAN 接口
- 用户配置的默认 VLAN
- VLAN 扩展配置文件
- 环回接口
- 端口通道接口
- 配置接口范围
- 交换机端口配置文件
- 在接口上配置协商模式
- 配置分解模式
- 分解自动配置
- 重置默认配置
- 转发纠错
- 节能以太网
- 查看接口配置
- 数字光学监控
- 接口命令
- channel-group
- default interface
- default vlan-id
- description (Interface)
- duplex
- enable dom
- enable dom traps
- feature auto-breakout
- fec
- interface breakout
- interface ethernet
- interface loopback
- interface mgmt
- interface null
- interface port-channel
- interface range
- interface vlan
- link-bundle-utilization
- mode
- mode l3
- mtu
- negotiation
- port mode Eth
- port-group
- profile
- scale-profile vlan
- show discovered-expanders
- show interface
- show interface transceiver “Tunable wavelength”
- show inventory media
- show link-bundle-utilization
- show port-channel summary
- show port-group
- show switch-port-profile
- show system
- show unit-provision
- show vlan
- shutdown
- speed(光纤通道)
- speed(管理)
- switch-port-profile
- switchport access vlan
- switchport mode
- switchport trunk allowed vlan
- unit-provision
- wavelength
- PowerEdge MX 以太网 I/O 模块
- 光纤通道
- 第 2 层
- 802.1X
- 远端故障检测
- 链路聚合控制协议
- 链路层发现协议
- 可选的 TLV
- 基本 TLV
- 组织特定的 TLV
- 介质端点查找
- 网络连接设备
- LLDP-MED 功能 TLV
- 网络策略 TLV
- 定义网络策略
- 数据包计时器值
- 禁用和启用 LLDP
- 在管理端口上禁用和启用 LLDP
- 通告 TLV
- 网络策略通告
- 快速启动重复计数
- 查看 LLDP 配置
- 相邻代理通告
- 生存时间
- VLT 域中的通告管理地址 TLV
- LLDP 命令
- clear lldp counters
- clear lldp table
- lldp enable
- lldp holdtime-multiplier
- lldp med fast-start-repeat-count
- lldp med
- lldp med network-policy
- lldp med network-policy (Interface)
- lldp med tlv-select
- lldp port-description-tlv advertise
- lldp receive
- lldp reinit
- lldp timer
- lldp tlv-select basic-tlv
- lldp management-addr-tlv virtual-ip
- lldp tlv-select dot1tlv
- lldp tlv-select dot3tlv
- lldp transmit
- lldp vlan-name-tlv allowed vlan
- show lldp interface
- show lldp errors
- show lldp med
- show lldp neighbors
- show lldp timers
- show lldp tlv-select interface
- show lldp traffic
- show nework-policy profile
- 介质访问控制
- 生成树协议
- EdgePort
- 生成树扩展
- 从 BPDU 防护违规中恢复
- MAC 刷新优化
- 调试配置
- 为快速状态转移设置生成树链接类型
- 常见的 STP 命令
- clear spanning-tree counters
- debug spanning-tree
- errdisable detect cause bpduguard
- errdisable recovery cause bpduguard
- errdisable recovery interval
- clear spanning-tree detected-protocol
- spanning-tree bpdufilter
- spanning-tree bpduguard
- spanning-tree disable
- spanning-tree guard
- spanning-tree link-type
- spanning-tree mac-flush-timer
- spanning-tree mode
- spanning-tree port
- show errdisable
- show spanning-tree interface
- Rapid per-VLAN spanning-tree plus
- 负载均衡和根选择
- 启用 RPVST+
- 选择根桥
- 根分配
- 全局参数
- RPVST+ 命令
- show spanning-tree vlan
- spanning-tree vlan cost
- spanning-tree vlan disable
- spanning-tree vlan forward-time
- spanning-tree vlan force-version
- spanning-tree vlan hello-time
- spanning-tree vlan mac-flush-threshold
- spanning-tree vlan max-age
- spanning-tree vlan priority
- spanning-tree vlan priority(接口)
- spanning-tree vlan root
- 快速生成树协议
- 多个生成树
- 配置 MSTP
- 创建实例
- 根选择
- 非 Dell EMC 硬件
- 区域名称或版本
- 修改参数
- 接口参数
- MST 命令
- instance
- name
- revision
- spanning-tree mst
- spanning-tree msti
- spanning-tree mst configuration
- spanning-tree mst disable
- spanning-tree mst force-version
- spanning-tree mst forward-time
- spanning-tree mst hello-time
- spanning-tree mst mac-flush-threshold
- spanning-tree mst max-age
- spanning-tree mst max-hops
- show spanning-tree mst
- show spanning-tree msti
- 虚拟 LAN
- 端口监控
- 第 3 层
- 虚拟路由和转发
- 双向转发检测
- 边界网关协议
- 会话和对等
- 路由反射器
- 多协议 BGP
- 属性
- 选择条件
- 权重和本地首选项
- 复合鉴别器
- 来源
- AS 路径和下一跳
- 最佳路径选择
- 更多路径支持
- 通告成本
- 4 字节 AS 编号
- AS 编号迁移
- 正常重新启动
- 配置边界网关协议
- 启用 BGP
- 禁用 ASN 值的通知
- 配置双堆栈
- 配置管理距离
- 对等模板
- 邻居故障切换
- 配置密码
- 快速外部故障切换
- 被动对等
- 本地 AS
- AS 编号限制
- 重新分发路由
- 其他路径
- MED 属性
- 本地首选项属性
- 权重属性
- 启用多路径
- 路由映射筛选器
- 路由反射器群集
- 聚合路由
- 联盟
- 路由抑制
- 计时器
- 邻居软重新配置
- 重新分发 iBGP 路由到 OSPF
- 调试 BGP
- BGP 命令
- activate
- add-path
- address-family
- advertisement-interval
- advertisement-start
- aggregate-address
- allowas-in
- always-compare-med
- as-notation
- bestpath as-path
- bestpath med
- bestpath router-id
- clear ip bgp
- clear ip bgp *
- clear ip bgp dampening
- clear ip bgp flap-statistics
- connection-retry-timer
- confederation
- client-to-client
- cluster-id
- bgp dampening
- debug ip bgp
- description
- default-metric
- default-originate
- distance bgp
- distribute-list
- bgp 默认本地-首选项
- ebgp-multihop
- enforce-first-as
- fall-over
- fast-external-fallover
- graceful-restart
- inherit template
- listen
- local-as
- log-neighbor-changes
- maximum-paths
- maximum-prefix
- neighbor
- next-hop-self
- non-deterministic-med
- outbound-optimization
- password
- redistribute
- remote-as
- remove-private-as
- route-map
- route-reflector-client
- router bgp
- router-id
- send-community
- sender-side-loop-detection
- show ip bgp
- show ip bgp dampened-paths
- show ip bgp flap-statistics
- show ip bgp ipv4 unicast
- show ip bgp ipv6 unicast
- show ip bgp neighbors
- show ip bgp peer-group
- show ip bgp summary
- show ip route
- show ipv6 route
- 软重新配置入站
- template
- timers
- vrf
- weight
- 同等成本多路径
- IPv4 路由
- IPv6 路由
- 启用或禁用 IPv6
- IPv6 地址
- 无状态自动配置
- 邻居查找
- 重复地址查找
- 静态 IPv6 路由
- IPv6 目标无法访问
- IPv6 逐跳选项
- 查看 IPv6 信息
- IPv6 命令
- clear ipv6 neighbors
- clear ipv6 route
- ipv6 address
- ipv6 address autoconfig
- ipv6 address dhcp
- ipv6 enable
- ipv6 address eui-64
- ipv6 address link-local
- ipv6 hop-by-hop
- ipv6 nd dad
- ipv6 nd hop-limit
- ipv6 nd managed-config-flag
- ipv6 nd max-ra-interval
- ipv6 nd mtu
- ipv6 nd other-config-flag
- ipv6 nd prefix
- ipv6 nd ra-lifetime
- ipv6 nd reachable-time
- ipv6 nd retrans-timer
- ipv6 nd send-ra
- ipv6 route
- ipv6 unreachables
- show ipv6 neighbors
- show ipv6 route
- show ipv6 interface brief
- 首先打开最短路径
- 自治系统区域
- 区域、网络和邻居
- 路由器类型
- 指定和备份指定的路由器
- 链路状态通告
- 路由器优先级
- 最短路径优先限制
- OSPFv2
- 启用 OSPFv2
- 在非默认 VRF 实例中启用 OSPFv2
- 分配路由器标识符
- 存根区域
- 被动接口
- 快速聚合
- 接口参数
- 重新分发路由
- 默认路由
- 摘要地址
- 正常重新启动
- OSPFv2 身份验证
- OSPFv2 故障处理
- 调试 OSPF
- OSPFv2 命令
- area default-cost
- area nssa
- area range
- area stub
- auto-cost reference-bandwidth
- clear ip ospf process
- clear ip ospf statistics
- debug ip ospfv2
- default-information originate
- default-metric
- fast-converge
- graceful-restart
- ip ospf area
- ip ospf authentication-key
- ip ospf cost
- ip ospf dead-interval
- ip ospf hello-interval
- ip ospf message-digest-key
- ip ospf mtu-ignore
- ip ospf network
- ip ospf passive
- ip ospf priority
- ip ospf retransmit-interval
- ip ospf transmit-delay
- log-adjacency-changes
- max-metric router-lsa
- maximum-paths
- redistribute
- router-id
- router ospf
- show ip ospf
- show ip ospf asbr
- show ip ospf database
- show ip ospf database asbr-summary
- show ip ospf database external
- show ip ospf database network
- show ip ospf database nssa external
- show ip ospf database opaque-area
- show ip ospf database opaque-as
- show ip ospf database opaque-link
- show ip ospf database router
- show ip ospf database summary
- show ip ospf interface
- show ip ospf routes
- show ip ospf statistics
- show ip ospf topology
- summary-address
- timers lsa arrival
- timers spf
- timers throttle lsa all
- OSPFv3
- 启用 OSPFv3
- 在非默认 VRF 实例中启用 OSPFv3
- 分配路由器 ID
- 配置存根区域
- 启用被动接口
- 接口 OSPFv3 参数
- 默认路由
- OSPFv3 IPsec 身份验证和加密
- OSPFv3 故障处理
- OSPFv3 命令
- area authentication
- area encryption
- area stub
- auto-cost reference-bandwidth
- clear ipv6 ospf process
- clear ipv6 ospf statistics
- debug ip ospfv3
- default-information originate
- ipv6 ospf area
- ipv6 ospf authentication
- ipv6 ospf cost
- ipv6 ospf dead-interval
- ipv6 ospf encryption
- ipv6 ospf hello-interval
- ipv6 ospf network
- ipv6 ospf passive
- ipv6 ospf priority
- log-adjacency-changes
- maximum-paths
- redistribute
- router-id
- router ospfv3
- show ipv6 ospf
- show ipv6 ospf database
- show ipv6 ospf interface
- show ipv6 ospf neighbor
- show ipv6 ospf statistics
- timers spf (OSPFv3)
- 对象跟踪管理器
- 基于策略的路由
- 虚拟路由器冗余协议
- 多播
- 重要事项
- 配置多播路由
- 未知的多播泛洪控制
- 多播命令
- 互联网组管理协议
- 标准合规性
- 重要事项
- 支持的 IGMP 版本
- 查询间隔
- 最后成员查询间隔
- 最长响应时间
- IGMP 即时离开
- 选择 IGMP 版本
- 查看已启用 IGMP 的接口和组
- IGMP 侦听
- IGMP 命令
- clear ip igmp groups
- ip igmp immediate-leave
- ip igmp last-member-query-interval
- ip igmp query-interval
- ip igmp query-max-resp-time
- ip igmp snooping enable
- ip igmp snooping
- ip igmp snooping fast-leave
- ip igmp snooping last-member-query-interval
- ip igmp snooping mrouter
- ip igmp snooping querier
- ip igmp snooping query-interval
- ip igmp snooping query-max-resp-time
- ip igmp version
- show ip igmp groups
- show ip igmp interface
- show ip igmp snooping groups
- show ip igmp snooping interface
- show ip igmp snooping mrouter
- 多播侦听器发现协议
- MLD 侦听
- MLD 侦听命令
- ipv6 mld snooping
- ipv6 mld snooping enable
- ipv6 mld snooping fast-leave
- ipv6 mld snooping last-member-query-interval
- ipv6 mld snooping mrouter
- ipv6 mld snooping querier
- ipv6 mld snooping query-interval
- ipv6 mld query-max-resp-time
- ipv6 mld version
- show ipv6 mld snooping groups
- show ipv6 mld snooping groups detail
- show ipv6 mld snooping interface
- show ipv6 mld snooping mrouter
- 协议独立多播
- PIM 术语
- 标准合规性
- PIM-SM
- PIM-SSM
- 为 S、G 条目配置到期计时器
- Configure static rendezvous point
- 使用 BSR 机制配置动态 RP
- 配置指定的路由器优先级
- PIM 命令
- clear ip pim tib
- ip multicast-routing
- ip pim bsr-candidate
- ip pim bsr-candidate-timers
- ip pim bsr-timeout
- ip pim dr-priority
- ip pim query-interval
- ip pim rp-address
- ip pim rp-candidate
- ip pim rp-candidate-timers
- ip pim sparse-mode
- ip pim sparse-mode sg-expiry-timer
- ip pim ssm-range
- show ip pim bsr-router
- show ip pim interface
- show ip pim mcache
- show ip pim neighbor
- show ip pim rp
- show ip pim ssm-range
- show ip pim summary
- show ip pim tib
- show ip rpf
- PIM-SM 示例配置
- PIM-SSM 示例配置
- 多播 VRF 配置示例
- VLT 多播路由
- VXLAN
- VXLAN 概念
- VXLAN 即 NVO 解决方案
- 配置 VXLAN
- L3 VXLAN 路由扩展
- VTEP 上的 DHCP 中继
- 查看 VXLAN 配置
- VXLAN MAC 地址
- VXLAN 命令
- hardware overlay-routing-profile
- interface virtual-network
- ip virtual-router address
- ip virtual-router mac-address
- member-interface
- nve
- remote-vtep
- show hardware overlay-routing-profile mode
- show interface virtual-network
- show nve remote-vtep
- show nve remote-vtep counters
- show nve vxlan-vni
- show virtual-network
- show virtual-network counters
- show virtual-network interface counters
- show virtual-network interface
- show virtual-network vlan
- show vlan (virtual network)
- source-interface loopback
- virtual-network
- virtual-network untagged-vlan
- vxlan-vni
- VXLAN MAC 命令
- clear mac address-table dynamic nve remote-vtep
- clear mac address-table dynamic virtual-network
- show mac address-table count extended
- show mac address-table count nve
- show mac address-table count virtual-network
- show mac address-table extended
- show mac address-table nve
- show mac address-table virtual-network
- 示例:VXLAN 和静态 VTEP
- BGP EVPN for VXLAN
- 控制器调配的 VXLAN
- UFT 模式
- 安全性
- AAA 身份验证
- 用户重新身份验证
- 密码强度
- 简单密码检查
- 隐匿密码
- 基于角色的访问控制
- 分配用户角色
- 引导加载程序保护
- Linux 管理员用户配置
- AAA 身份验证
- RADIUS 身份验证
- RADIUS over TLS 身份验证
- TACACS+ 身份验证
- 未知用户角色
- SSH 服务器
- 虚拟终端行 ACL
- 限制 SNMP 访问
- 启用 AAA 核算
- 启用用户锁定
- 限制并发登录会话
- 启用登录统计信息
- 权限级别
- 审核日志
- 安全命令
- aaa accounting
- aaa authentication login
- aaa re-authenticate enable
- boot protect disable username
- boot protect enable username password
- clear logging audit
- crypto ssh-key generate
- disable
- enable
- enable password priv-lvl
- ip access-class
- ip radius source-interface
- ip tacacs source-interface
- ipv6 access-class
- ip ssh server challenge-response-authentication
- ip ssh server cipher
- ip ssh server enable
- ip ssh server hostbased-authentication
- ip ssh server kex
- ip ssh server mac
- ip ssh server password-authentication
- ip ssh server port
- ip ssh server pubkey-authentication
- ip ssh server vrf
- line vty
- logging audit enable
- login concurrent-session limit
- login-statistics enable
- mac address-table static
- password-attributes
- password-attributes max-retry lockout-period
- privilege
- radius-server host
- radius-server host tls
- radius-server retransmit
- radius-server timeout
- radius-server vrf
- service obscure-password
- service simple-password
- show boot protect
- show crypto ssh-key
- show ip ssh
- show mac address-table count
- show logging audit
- show login-statistics
- show privilege
- show running-configuration privilege
- show users
- system-user linuxadmin disable
- system-user linuxadmin password
- tacacs-server host
- tacacs-server timeout
- tacacs-server vrf
- username password role
- username sshkey
- username sshkey filename
- userrole inherit
- X.509v3 证书
- X.509v3 概念
- 公钥基础设施
- 管理 CA 证书
- 证书吊销
- 请求并安装主机证书
- 自签名证书
- 安全配置文件
- 群集安全
- X.509v3 命令
- certificate
- cluster security-profile
- crypto ca-cert delete
- crypto ca-cert install
- crypto cdp add
- crypto cdp delete
- crypto cert delete
- crypto cert generate
- crypto cert install
- crypto crl delete
- crypto crl install
- crypto fips enable
- crypto security-profile
- peer-name-check
- revocation-check
- show crypto ca-certs
- show crypto cdp
- show crypto cert
- show crypto crl
- 示例:使用 X.509v3 证书配置 RADIUS over TLS
- OpenFlow
- 访问控制列表
- IP ACL
- MAC ACL
- 控制平面 ACL
- IP 片段处理
- L3 ACL 规则
- 为筛选器分配序列号
- 删除 ACL 规则
- L2 和 L3 ACL
- 分配和应用 ACL 筛选器
- 入口 ACL 筛选器
- 出口 ACL 筛选器
- VTY ACL
- SNMP ACL
- 清除访问列表计数器
- IP 前缀列表
- 路由映射
- 匹配路由
- 设置条件
- Continue 子句
- 基于 ACL 流的监控
- 启用基于流的监控
- 查看 ACL 表利用率报告
- ACL 日志记录
- ACL 命令
- clear ip access-list counters
- clear ipv6 access-list counters
- clear mac access-list counters
- deny
- deny (IPv6)
- deny (MAC)
- deny icmp
- deny icmp (IPv6)
- deny ip
- deny ipv6
- deny tcp
- deny tcp (IPv6)
- deny udp
- deny udp (IPv6)
- description
- ip access-group
- ip access-list
- ip as-path access-list
- ip community-list standard deny
- ip community–list standard permit
- ip extcommunity-list standard deny
- ip extcommunity-list standard permit
- ip prefix-list description
- ip prefix-list deny
- ip prefix-list permit
- ip prefix-list seq deny
- ip prefix-list seq permit
- ipv6 access-group
- ipv6 access-list
- ipv6 prefix-list deny
- ipv6 prefix-list description
- ipv6 prefix-list permit
- ipv6 prefix-list seq deny
- ipv6 prefix-list seq permit
- mac access-group
- mac access-list
- permit
- permit (IPv6)
- permit (MAC)
- permit icmp
- permit icmp (IPv6)
- permit ip
- permit ipv6
- permit tcp
- permit tcp (IPv6)
- permit udp
- permit udp (IPv6)
- remark
- seq deny
- seq deny (IPv6)
- seq deny (MAC)
- seq deny icmp
- seq deny icmp (IPv6)
- seq deny ip
- seq deny ipv6
- seq deny tcp
- seq deny tcp (IPv6)
- seq deny udp
- seq deny udp (IPv6)
- seq permit
- seq permit (IPv6)
- seq permit (MAC)
- seq permit icmp
- seq permit icmp (IPv6)
- seq permit ip
- seq permit ipv6
- seq permit tcp
- seq permit tcp (IPv6)
- seq permit udp
- seq permit udp (IPv6)
- show access-group
- show access-lists
- show acl-table-usage detail
- show ip as-path-access-list
- show ip community-list
- show ip extcommunity-list
- show ip prefix-list
- 显示日志记录访问列表
- 路由映射命令
- continue
- match as-path
- match community
- match extcommunity
- match interface
- match ip address
- match ip next-hop
- match ipv6 address
- match ipv6 next-hop
- match metric
- match origin
- match route-type
- match tag
- route-map
- set comm-list add
- set comm-list delete
- set community
- set extcomm-list add
- set extcomm-list delete
- set extcommunity
- set local-preference
- set metric
- set metric-type
- set next-hop
- set origin
- set tag
- set weight
- show route-map
- 服务质量
- 配置服务质量
- 入口流量类别
- 出口流量类别
- 监察流量
- 标记流量
- 颜色流量
- 修改数据包字段
- 整形流量
- 带宽分配
- 严格优先级队列
- 速率调整
- 缓冲区管理
- 拥塞规避
- 风暴控制
- RoCE 实现更快的访问和无损连接
- 端口到端口管道和 MMU 映射
- QoS 命令
- bandwidth
- buffer-statistics-tracking
- class
- class-map
- clear qos statistics
- clear qos statistics type
- control-plane
- control-plane-buffer-size
- flowcontrol
- hardware deep-buffer-mode
- match
- match cos
- match dscp
- match precedence
- 匹配队列
- match vlan
- mtu
- pause
- pfc-cos
- pfc-max-buffer-size
- pfc-shared-buffer-size
- pfc-shared-headroom-buffer-size
- police
- policy-map
- priority
- priority-flow-control mode
- qos-group dot1p
- qos-group dscp
- qos-map traffic-class
- qos-rate-adjust
- queue-limit
- queue bandwidth
- queue qos-group
- queue qos-group (Z9332F-ON)
- random-detect (interface)
- random-detect (queue)
- random-detect color
- random-detect ecn
- random-detect ecn
- random-detect pool
- random-detect weight
- service-policy
- set cos
- set dscp
- set qos-group
- shape
- show class-map
- show control-plane buffers
- show control-plane buffer-stats
- show control-plane info
- show control-plane statistics
- show hardware deep-buffer-mode
- show interface priority-flow-control
- show qos interface
- show policy-map
- show qos control-plane
- show qos egress buffers interface
- show qos egress buffer-statistics-tracking
- show qos egress buffer-stats interface
- show qos headroom-pool buffer-statistics-tracking
- show qos ingress buffers interface
- show qos ingress buffer-statistics-tracking
- show qos ingress buffer-stats interface
- show qos maps
- show qos maps (Z9332F-ON)
- show qos port-map details
- show qos-rate-adjust
- show qos service-pool buffer-statistics-tracking
- show qos system
- show qos system buffers
- show qos wred-profile
- show queuing statistics
- system qos
- trust dot1p-map
- trust dscp-map
- trust-map
- wred
- 虚拟链路中继
- 术语
- VLT 域
- VLT 互连
- 正常 LACP 和 VLT
- 配置 VLT
- 配置 VRRP 主动-主动模式
- 通过 eVLT 在数据中心之间迁移虚拟机
- 查看 VLT 信息
- VLT 命令
- backup destination
- delay-restore
- discovery-interface
- peer-routing
- peer-routing-timeout
- primary-priority
- show running-configuration vlt
- show spanning-tree virtual-interface
- show vlt
- show vlt backup-link
- show vlt mac-inconsistency
- show vlt mismatch
- show vlt role
- show vlt vlt-port-detail
- vlt-domain
- vlt-port-channel
- vlt-mac
- vrrp mode active-active
- 上行链路故障检测
- 聚合数据中心服务
- sFlow
- 遥测
- RESTCONF API
- OS10 故障处理
- 诊断工具
- 恢复 Linux 密码
- 恢复 OS10 用户名密码
- 还原出厂默认设置
- SupportAssist
- 支持套装
- 系统监控
- 登录 OS10 设备
- 常见问题
- 支持资源
Dell EMC SmartFabric OS10 User Guide Release 10.5.0
示例:VXLAN 和 BGP EVPN
以下带有 BGP EVPN 的 VXLAN 示例使用 Clos 分支-主干拓扑和 VXLAN 隧道端点 (VTEP)。单个交换机配置显示如何设置端到端 VXLAN。eBGP 用于交换 IP 承载网络中的 IP 路由和 VXLAN 覆盖网络中的 EVPN 路由。所有主干节点均位于自治系统 — AS 101。所有分支节点都位于另一个自治系统 — AS 100。
- 在 VTEP 1 和 2 上:使用交换机限定的 VLAN 将访问端口分配给虚拟网络。EVPN 使用自动 EVI 模式进行配置。
- 在 VTEP 3 和 4 上:使用端口限定的 VLAN 将访问端口分配给虚拟网络。使用手动配置模式来配置 EVPN 实例。使用自动模式配置 RD 和 RT。
所有 VTEP 执行非对称 IRB 路由,其中:
- IRB 路由仅在入口 VTEP 上执行。
- 出口 VTEP 执行 IRB 桥接。
VTEP 1 分支交换机
1. 使用与 VLT 对等方相同的 IP 地址为承载 VXLAN 配置环回接口
OS10(config)# interface loopback0 OS10(conf-if-lo-0)# no shutdown OS10(conf-if-lo-0)# ip address 192.168.1.1/32 OS10(conf-if-lo-0)# exit
2. 将环回接口配置为 VXLAN 源隧道接口
OS10(config)# nve OS10(config-nve)# source-interface loopback0 OS10(config-nve)# exit
3. 配置 VXLAN 虚拟网络
OS10(config)# virtual-network 10000 OS10(config-vn-10000)# vxlan-vni 10000 OS10(config-vn-vxlan-vni)# exit OS10(config-vn-10000)# exit OS10(config)# virtual-network 20000 OS10(config-vn-20000)# vxlan-vni 20000 OS10(config-vn-vxlan-vni)# exit OS10(config-vn-20000)# exit
4. 将 VLAN 成员接口分配给虚拟网络
使用交换机限定的 VLAN 到 VNI 映射:
OS10(config)# interface vlan100 OS10(config-if-vl-100)# virtual-network 10000 OS10(config-if-vl-100)# no shutdown OS10(config-if-vl-100)# exit OS10(config)# interface vlan200 OS10(config-if-vl-200)# virtual-network 20000 OS10(config-if-vl-200)# no shutdown OS10(config-if-vl-200)# exit
5. 针对交换机限定的 VLAN 至 VNI 映射将访问端口配置为 VLAN 成员
OS10(config)# interface port-channel10 OS10(conf-if-po-10)# no shutdown OS10(conf-if-po-10)# switchport mode trunk OS10(conf-if-po-10)# switchport trunk allowed vlan 100 OS10(conf-if-po-10)# no switchport access vlan OS10(conf-if-po-10)# exit OS10(config)# interface ethernet1/1/5 OS10(conf-if-eth1/1/5)# no shutdown OS10(conf-if-eth1/1/5)# channel-group 10 mode active OS10(conf-if-eth1/1/5)# no switchport OS10(conf-if-eth1/1/5)# exit OS10(config)# interface port-channel20 OS10(conf-if-po-20)# no shutdown OS10(conf-if-po-20)# switchport mode trunk OS10(conf-if-po-20)# switchport access vlan 200 OS10(conf-if-po-20)# exit OS10(config)# interface ethernet1/1/6 OS10(conf-if-eth1/1/6)# no shutdown OS10(conf-if-eth1/1/6)# channel-group 20 mode active OS10(conf-if-eth1/1/6)# no switchport OS10(conf-if-eth1/1/6)# exit
6. 配置面向上游网络的端口
OS10(config)# interface ethernet1/1/1 OS10(conf-if-eth1/1/1)# no shutdown OS10(conf-if-eth1/1/1)# no switchport OS10(conf-if-eth1/1/1)# mtu 1650 OS10(conf-if-eth1/1/1)# ip address 172.16.1.0/31 OS10(conf-if-eth1/1/1)# exit OS10(config)# interface ethernet1/1/2 OS10(conf-if-eth1/1/2)# no shutdown OS10(conf-if-eth1/1/2)# no switchport OS10(conf-if-eth1/1/1)# mtu 1650 OS10(conf-if-eth1/1/2)# ip address 172.16.2.0/31 OS10(conf-if-eth1/1/2)# exit
7. 配置 eBGP
OS10(config)# router bgp 100 OS10(config-router-bgp-100)# router-id 172.16.0.1 OS10(config-router-bgp-100)# address-family ipv4 unicast OS10(config-router-bgp-af)# redistribute connected OS10(config-router-bgp-af)# exit
8. 针对 IPv4 点对点对等配置 eBGP
OS10(config-router-bgp-100)# neighbor 172.16.1.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# neighbor 172.16.2.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# exit
9. 为 BGP EVPN 对等配置与 VLT 对等方 IP 地址不同的环回接口
OS10(config)# interface loopback1 OS10(conf-if-lo-1)# no shutdown OS10(conf-if-lo-1)# ip address 172.16.0.1/32 OS10(conf-if-lo-1)# exit
10. 配置 BGP EVPN 对等
OS10(config)# router bgp 100 OS10(config-router-bgp-100)# neighbor 172.201.0.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# ebgp-multihop 4 OS10(config-router-neighbor)# send-community extended OS10(config-router-neighbor)# update-source loopback1 OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# no activate OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# address-family l2vpn evpn OS10(config-router-bgp-neighbor-af)# activate OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# neighbor 172.202.0.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# ebgp-multihop 4 OS10(config-router-neighbor)# send-community extended OS10(config-router-neighbor)# update-source loopback1 OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# no activate OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# address-family l2vpn evpn OS10(config-router-bgp-neighbor-af)# activate OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# exit
11. 配置 EVPN
使用自动 EVI 模式配置 EVPN 实例、RD 和 RT:
OS10(config)# evpn OS10(config-evpn)# auto-evi OS10(config-evpn)# exit
12. 配置 VLT
配置专用 L3 承载路径,以在发生网络故障时访问 VLT 对等节点
OS10(config)# interface vlan4000 OS10(config-if-vl-4000)# no shutdown OS10(config-if-vl-4000)# ip address 172.16.250.0/31 OS10(config-if-vl-4000)# exit
配置 VLT 端口通道
OS10(config)# interface port-channel10 OS10(conf-if-po-10)# vlt-port-channel 10 OS10(conf-if-po-10)# exit OS10(config)# interface port-channel20 OS10(conf-if-po-20)# vlt-port-channel 20 OS10(conf-if-po-20)# exit
配置 VLTi 成员链路
OOS10(config)# interface ethernet1/1/3 OS10(conf-if-eth1/1/3)# no shutdown OS10(conf-if-eth1/1/3)# no switchport OS10(conf-if-eth1/1/3)# exit OS10(config)# interface ethernet1/1/4 OS10(conf-if-eth1/1/4)# no shutdown OS10(conf-if-eth1/1/4)# no switchport OS10(conf-if-eth1/1/4)# exit
配置 VLT 域
OS10(config)# vlt-domain 1 OS10(conf-vlt-1)# backup destination 10.16.150.1 OS10(conf-vlt-1)# discovery-interface ethernet1/1/3,1/1/4 OS10(conf-vlt-1)# vlt-mac aa:bb:cc:dd:ee:ff OS10(conf-vlt-1)# exit
使用上行链路 VLT 端口和下行链路网络端口配置 UFD
OS10(config)# uplink-state-group 1 OS10(conf-uplink-state-group-1)# enable OS10(conf-uplink-state-group-1)# downstream ethernet1/1/1-1/1/2 OS10(conf-uplink-state-group-1)# upstream port-channel10 OS10(conf-uplink-state-group-1)# upstream port-channel20 OS10(conf-uplink-state-group-1)# exit
在 VLT 对等方之间配置 iBGP IPv4 对等
OS10(config)# router bgp 100 OS10(config-router-bgp-100)# neighbor 172.16.250.1 OS10(config-router-neighbor)# remote-as 100 OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# exit
13. 在覆盖网络中配置 IP 切换
创建租户 VRF
OS10(config)# ip vrf tenant1 OS10(conf-vrf)# exit
配置任意广播网关 MAC 地址
OS10(config)# ip virtual-router mac-address 00:01:01:01:01:01
在虚拟网络上配置路由
OS10(config)# interface virtual-network 10000 OS10(conf-if-vn-10000)# ip vrf forwarding tenant1 OS10(conf-if-vn-10000)# ip address 10.1.0.231/16 OS10(conf-if-vn-10000)# ip virtual-router address 10.1.0.100 OS10(conf-if-vn-10000)# no shutdown OS10(conf-if-vn-10000)# exit OS10(config)# interface virtual-network 20000 OS10(conf-if-vn-20000)# ip vrf forwarding tenant1 OS10(conf-if-vn-20000)# ip address 10.2.0.231/16 OS10(conf-if-vn-20000)# ip virtual-router address 10.2.0.100 OS10(conf-if-vn-20000)# no shutdown OS10(conf-if-vn-20000)# exit
VTEP 2 分支交换机
1. 使用与 VLT 对等方相同的 IP 地址为承载 VXLAN 配置环回接口
OS10(config)# interface loopback0 OS10(conf-if-lo-0)# no shutdown OS10(conf-if-lo-0)# ip address 192.168.1.1/32 OS10(conf-if-lo-0)# exit
2. 将环回接口配置为 VXLAN 源隧道接口
OS10(config)# nve OS10(config-nve)# source-interface loopback0 OS10(config-nve)# exit
3. 配置 VXLAN 虚拟网络
OS10(config)# virtual-network 10000 OS10(config-vn-10000)# vxlan-vni 10000 OS10(config-vn-vxlan-vni)# exit OS10(config-vn)# exit OS10(config)# virtual-network 20000 OS10(config-vn-20000)# vxlan-vni 20000 OS10(config-vn-vxlan-vni)# exit OS10(config-vn-20000)# exit
4. 将 VLAN 成员接口分配给虚拟网络
使用交换机限定的 VLAN 到 VNI 映射:
OS10(config)# interface vlan100 OS10(config-if-vl-100)# virtual-network 10000 OS10(config-if-vl-100)# no shutdown OS10(config-if-vl-100)# exit OS10(config)# interface vlan200 OS10(config-if-vl-200)# virtual-network 20000 OS10(config-if-vl-200)# no shutdown OS10(config-if-vl-200)# exit
5. 针对交换机限定的 VLAN 至 VNI 映射将访问端口配置为 VLAN 成员
OS10(config)# interface port-channel10 OS10(conf-if-po-10)# no shutdown OS10(conf-if-po-10)# switchport mode trunk OS10(conf-if-po-10)# switchport trunk allowed vlan 100 OS10(conf-if-po-10)# no switchport access vlan OS10(conf-if-po-10)# exit OS10(config)# interface ethernet1/1/5 OS10(conf-if-eth1/1/5)# no shutdown OS10(conf-if-eth1/1/5)# channel-group 10 mode active OS10(conf-if-eth1/1/5)# no switchport OS10(conf-if-eth1/1/5)# exit OS10(config)# interface port-channel20 OS10(conf-if-po-20)# no shutdown OS10(conf-if-po-20)# switchport mode trunk OS10(conf-if-po-20)# switchport access vlan 200 OS10(conf-if-po-20)# exit OS10(config)# interface ethernet1/1/6 OS10(conf-if-eth1/1/6)# no shutdown OS10(conf-if-eth1/1/6)# channel-group 20 mode active OS10(conf-if-eth1/1/6)# no switchport OS10(conf-if-eth1/1/6)# exit
6. 配置面向上游网络的端口
OS10(config)# interface ethernet1/1/1 OS10(conf-if-eth1/1/1)# no shutdown OS10(conf-if-eth1/1/1)# no switchport OS10(conf-if-eth1/1/1)# mtu 1650 OS10(conf-if-eth1/1/1)# ip address 172.17.1.0/31 OS10(conf-if-eth1/1/1)# exit OS10(config)# interface ethernet1/1/2 OS10(conf-if-eth1/1/2)# no shutdown OS10(conf-if-eth1/1/2)# no switchport OS10(conf-if-eth1/1/1)# mtu 1650 OS10(conf-if-eth1/1/2)# ip address 172.17.2.0/31 OS10(conf-if-eth1/1/2)# exit
7. 配置 eBGP
OS10(config)# router bgp 100 OS10(config-router-bgp-100)# router-id 172.17.0.1 OS10(config-router-bgp-100)# address-family ipv4 unicast OS10(configure-router-bgp-af)# redistribute connected OS10(configure-router-bgp-af)# exit
8. 针对 IPv4 点对点对等配置 eBGP
OS10(config-router-bgp-100)# neighbor 172.17.1.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# neighbor 172.17.2.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# exit
9. 为 BGP EVPN 对等配置环回接口与 VLT 对等 IP 地址不同
OS10(config)# interface loopback1 OS10(conf-if-lo-1)# no shutdown OS10(conf-if-lo-1)# ip address 172.17.0.1/32 OS10(conf-if-lo-1)# exit
10. 配置 BGP EVPN 对等
OS10(config)# router bgp 100 OS10(config-router-bgp-100)# neighbor 172.201.0.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# ebgp-multihop 4 OS10(config-router-neighbor)# send-community extended OS10(config-router-neighbor)# update-source loopback1 OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# no activate OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# address-family l2vpn evpn OS10(config-router-bgp-neighbor-af)# activate OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# neighbor 172.202.0.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# ebgp-multihop 4 OS10(config-router-neighbor)# send-community extended OS10(config-router-neighbor)# update-source loopback1 OS10(config-router-neighbor)# no shutdown OS10(config-router-bgp-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# no activate OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# address-family l2vpn evpn OS10(config-router-bgp-neighbor-af)# activate OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# exit
11. 配置 EVPN
使用自动 EVI 模式配置 EVPN 实例、RD 和 RT:
OS10(config)# evpn OS10(config-evpn)# auto-evi OS10(config-evpn)# exit
12. 配置 VLT
配置专用 L3 承载路径,以在发生网络故障时访问 VLT 对等方
OS10(config)# interface vlan4000 OS10(config-if-vl-4000)# no shutdown OS10(config-if-vl-4000)# ip address 172.16.250.1/31 OS10(config-if-vl-4000)# exit
配置 VLT 端口通道
OS10(config)# interface port-channel10 OS10(conf-if-po-10)# vlt-port-channel 10 OS10(conf-if-po-10)# exit OS10(config)# interface port-channel20 OS10(conf-if-po-20)# vlt-port-channel 20 OS10(conf-if-po-20)# exit
配置 VLTi 成员链路
OOS10(config)# interface ethernet1/1/3 OS10(conf-if-eth1/1/3)# no shutdown OS10(conf-if-eth1/1/3)# no switchport OS10(conf-if-eth1/1/3)# exit OS10(config)# interface ethernet1/1/4 OS10(conf-if-eth1/1/4)# no shutdown OS10(conf-if-eth1/1/4)# no switchport OS10(conf-if-eth1/1/4)# exit
配置 VLT 域
OS10(config)# vlt-domain 1 OS10(conf-vlt-1)# backup destination 10.16.150.2 OS10(conf-vlt-1)# discovery-interface ethernet1/1/3,1/1/4 OS10(conf-vlt-1)# vlt-mac aa:bb:cc:dd:ee:ff OS10(conf-vlt-1)# exit
使用上行链路 VLT 端口和下行链路网络端口配置 UFD
OS10(config)# uplink-state-group 1 OS10(conf-uplink-state-group-1)# enable OS10(conf-uplink-state-group-1)# downstream ethernet1/1/1-1/1/2 OS10(conf-uplink-state-group-1)# upstream port-channel10 OS10(conf-uplink-state-group-1)# upstream port-channel20 OS10(conf-uplink-state-group-1)# exit
在 VLT 对等方之间配置 iBGP IPv4 对等
OS10(config)# router bgp 100 OS10(config-router-bgp-100)# neighbor 172.16.250.0 OS10(config-router-neighbor)# remote-as 100 OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# exit
13. 在覆盖网络中配置 IP 切换
创建租户 VRF
OS10(config)# ip vrf tenant1 OS10(conf-vrf)# exit
配置任意广播网关 MAC 地址
OS10(config)# ip virtual-router mac-address 00:01:01:01:01:01
在虚拟网络上配置路由
OS10(config)# interface virtual-network 10000 OS10(conf-if-vn-10000)# ip vrf forwarding tenant1 OS10(conf-if-vn-10000)# ip address 10.1.0.232/16 OS10(conf-if-vn-10000)# ip virtual-router address 10.1.0.100 OS10(conf-if-vn-10000)# no shutdown OS10(conf-if-vn-10000)# exit OS10(config)# interface virtual-network 20000 OS10(conf-if-vn-20000)# ip vrf forwarding tenant1 OS10(conf-if-vn-20000)# ip address 10.2.0.232/16 OS10(conf-if-vn-20000)# ip virtual-router address 10.2.0.100 OS10(conf-if-vn-20000)# no shutdown OS10(conf-if-vn-20000)# exit
VTEP 3 分支交换机
1. 使用与 VLT 对等方相同的 IP 地址为承载 VXLAN 配置环回接口
OS10(config)# interface loopback0 OS10(conf-if-lo-0)# no shutdown OS10(conf-if-lo-0)# ip address 192.168.2.1/32 OS10(conf-if-lo-0)# exit
2. 将环回接口配置为 VXLAN 源隧道接口
OS10(config)# nve OS10(config-nve)# source-interface loopback0 OS10(config-nve)# exit
3. 配置 VXLAN 虚拟网络
OS10(config)# virtual-network 10000 OS10(config-vn-10000)# vxlan-vni 10000 OS10(config-vn-vxlan-vni)# exit OS10(config-vn-10000)# exit OS10(config)# virtual-network 20000 OS10(config-vn-20000)# vxlan-vni 20000 OS10(config-vn-vxlan-vni)# exit OS10(config-vn-20000)# exit
4. 为未标记成员身份配置未使用的 VLAN ID
OS10(config)# virtual-network untagged-vlan 1000
5. 针对端口限定的 VLAN 至 VNI 映射将访问端口配置为 VLAN 成员
OS10(config)# interface port-channel10 OS10(conf-if-po-10)# no shutdown OS10(conf-if-po-10)# switchport mode trunk OS10(conf-if-po-10)# no switchport access vlan OS10(conf-if-po-10)# exit OS10(config)# interface ethernet1/1/5 OS10(conf-if-eth1/1/5)# no shutdown OS10(conf-if-eth1/1/5)# channel-group 10 mode active OS10(conf-if-eth1/1/5)# no switchport OS10(conf-if-eth1/1/5)# exit OS10(config)# interface port-channel20 OS10(conf-if-po-20)# no shutdown OS10(conf-if-po-20)# switchport mode trunk OS10(conf-if-po-20)# no switchport access vlan OS10(conf-if-po-20)# exit OS10(config)# interface ethernet1/1/6 OS10(conf-if-eth1/1/6)# no shutdown OS10(conf-if-eth1/1/6)# channel-group 20 mode active OS10(conf-if-eth1/1/6)# no switchport OS10(conf-if-eth1/1/6)# exit
6. 将访问端口添加到虚拟网络
OS10(config)# virtual-network 10000 OS10(config-vn-10000)# member-interface port-channel 10 vlan-tag 100 OS10(config-vn-10000)# exit OS10(config)# virtual-network 20000 OS10(config-vn-20000)# member-interface port-channel 20 untagged OS10(config-vn-20000)# exit
7. 配置面向上游网络的端口
OS10(config)# interface ethernet1/1/1 OS10(conf-if-eth1/1/1)# no shutdown OS10(conf-if-eth1/1/1)# no switchport OS10(conf-if-eth1/1/1)# mtu 1650 OS10(conf-if-eth1/1/1)# ip address 172.18.1.0/31 OS10(conf-if-eth1/1/1)# exit OS10(config)# interface ethernet1/1/2 OS10(conf-if-eth1/1/2)# no shutdown OS10(conf-if-eth1/1/2)# no switchport OS10(conf-if-eth1/1/1)# mtu 1650 OS10(conf-if-eth1/1/2)# ip address 172.18.2.0/31 OS10(conf-if-eth1/1/2)# exit
8. 配置 eBGP
OS10(config)# router bgp 100 OS10(config-router-bgp-100)# router-id 172.18.0.1 OS10(config-router-bgp-100)# address-family ipv4 unicast OS10(configure-router-bgp-af)# redistribute connected OS10(configure-router-bgp-af)# exit
9. 针对 IPv4 点对点对等配置 eBGP
OS10(config-router-bgp-100)# neighbor 172.18.1.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# neighbor 172.18.2.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# exit
10. 为 BGP EVPN 对等配置环回接口与 VLT 对等主机 IP 地址不同
OS10(config)# interface loopback1 OS10(conf-if-lo-1)# no shutdown OS10(conf-if-lo-1)# ip address 172.18.0.1/32 OS10(conf-if-lo-1)# exit
11. 配置 BGP EVPN 对等
OS10(config)# router bgp 100 OS10(config-router-bgp-100)# neighbor 172.201.0.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# ebgp-multihop 4 OS10(config-router-neighbor)# send-community extended OS10(config-router-neighbor)# update-source loopback1 OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# no activate OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# address-family l2vpn evpn OS10(config-router-bgp-neighbor-af)# activate OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# neighbor 172.202.0.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# ebgp-multihop 4 OS10(config-router-neighbor)# send-community extended OS10(config-router-neighbor)# update-source loopback1 OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# no activate OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# address-family l2vpn evpn OS10(config-router-bgp-neighbor-af)# activate OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# exit
12. 配置 EVPN
在手动配置模式下配置 EVPN 实例,在自动模式下配置 RD 和 RT 配置:
OS10(config)# evpn OS10(config-evpn)# evi 10000 OS10(config-evpn-evi-10000)# vni 10000 OS10(config-evpn-evi-10000)# rd auto OS10(config-evpn-evi-10000)# route-target auto OS10(config-evpn-evi-10000)# exit OS10(config-evpn)# evi 20000 OS10(config-evpn-evi-20000)# vni 20000 OS10(config-evpn-evi-20000)# rd auto OS10(config-evpn-evi-20000)# route-target auto OS10(config-evpn-evi-20000)# exit OS10(config-evpn)# exit
13. 配置 VLT
为虚拟网络配置 VLTi VLAN
OS10(config)# virtual-network 10000 OS10(config-vn-10000)# vlti-vlan 100 OS10(config-vn-10000)# exit OS10(config)# virtual-network 20000 OS10(config-vn-20000)# vlti-vlan 200 OS10(config-vn-20000)# exit
配置专用 L3 承载路径,以在发生网络故障时访问 VLT 对等方
OS10(config)# interface vlan4000 OS10(config-if-vl-4000)# no shutdown OS10(config-if-vl-4000)# ip address 172.16.250.10/31 OS10(config-if-vl-4000)# exit
配置 VLT 端口通道
OS10(config)# interface port-channel10 OS10(conf-if-po-10)# vlt-port-channel 10 OS10(conf-if-po-10)# exit OS10(config)# interface port-channel20 OS10(conf-if-po-20)# vlt-port-channel 20 OS10(conf-if-po-20)# exit
配置 VLTi 成员链路
OOS10(config)# interface ethernet1/1/3 OS10(conf-if-eth1/1/3)# no shutdown OS10(conf-if-eth1/1/3)# no switchport OS10(conf-if-eth1/1/3)# exit OS10(config)# interface ethernet1/1/4 OS10(conf-if-eth1/1/4)# no shutdown OS10(conf-if-eth1/1/4)# no switchport OS10(conf-if-eth1/1/4)# exit
配置 VLT 域
OS10(config)# vlt-domain 1 OS10(conf-vlt-1)# backup destination 10.16.150.3 OS10(conf-vlt-1)# discovery-interface ethernet1/1/3,1/1/4 OS10(conf-vlt-1)# vlt-mac aa:bb:cc:dd:ff:ee OS10(conf-vlt-1)# exit
使用上行链路 VLT 端口和下行链路网络端口配置 UFD
OS10(config)# uplink-state-group 1 OS10(conf-uplink-state-group-1)# enable OS10(conf-uplink-state-group-1)# downstream ethernet1/1/1-1/1/2 OS10(conf-uplink-state-group-1)# upstream port-channel10 OS10(conf-uplink-state-group-1)# upstream port-channel20 OS10(conf-uplink-state-group-1)# exit
在 VLT 对等方之间配置 iBGP IPv4 对等
OS10(config)# router bgp 100 OS10(config-router-bgp-100)# neighbor 172.16.250.11 OS10(config-router-neighbor)# remote-as 100 OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# exit
14. 在覆盖网络中配置 IP 路由
创建租户 VRF
OS10(config)# ip vrf tenant1 OS10(conf-vrf)# exit
配置任意广播网关 MAC 地址
OS10(config)# ip virtual-router mac-address 00:01:01:01:01:01
在虚拟网络上配置路由
OS10(config)# interface virtual-network 10000 OS10(conf-if-vn-10000)# ip vrf forwarding tenant1 OS10(conf-if-vn-10000)# ip address 10.1.0.233/16 OS10(conf-if-vn-10000)# ip virtual-router address 10.1.0.100 OS10(conf-if-vn-10000)# no shutdown OS10(conf-if-vn-10000)# exit OS10(config)# interface virtual-network 20000 OS10(conf-if-vn-20000)# ip vrf forwarding tenant1 OS10(conf-if-vn-20000)# ip address 10.2.0.233/16 OS10(conf-if-vn-20000)# ip virtual-router address 10.2.0.100 OS10(conf-if-vn-20000)# no shutdown OS10(conf-if-vn-20000)# exit
VTEP 4 分支交换机
1. 使用与 VLT 对等方相同的 IP 地址为承载 VXLAN 配置环回接口
OS10(config)# interface loopback0 OS10(conf-if-lo-0)# no shutdown OS10(conf-if-lo-0)# ip address 192.168.2.1/32 OS10(conf-if-lo-0)# exit
2. 将环回接口配置为 VXLAN 源隧道接口
OS10(config)# nve OS10(config-nve)# source-interface loopback0 OS10(config-nve)# exit
3. 配置 VXLAN 虚拟网络
OS10(config)# virtual-network 10000 OS10(config-vn-10000)# vxlan-vni 10000 OS10(config-vn-vxlan-vni)# exit OS10(config-vn-10000)# exit OS10(config)# virtual-network 20000 OS10(config-vn-20000)# vxlan-vni 20000 OS10(config-vn-vxlan-vni)# exit OS10(config-vn-20000)# exit
4. 为未标记成员身份配置未使用的 VLAN ID
OS10(config)# virtual-network untagged-vlan 1000
5. 针对端口限定的 VLAN 至 VNI 映射将访问端口配置为 VLAN 成员
OS10(config)# interface port-channel10 OS10(conf-if-po-10)# no shutdown OS10(conf-if-po-10)# switchport mode trunk OS10(conf-if-po-10)# no switchport access vlan OS10(conf-if-po-10)# exit OS10(config)# interface ethernet1/1/5 OS10(conf-if-eth1/1/5)# no shutdown OS10(conf-if-eth1/1/5)# channel-group 10 mode active OS10(conf-if-eth1/1/5)# no switchport OS10(conf-if-eth1/1/5)# exit OS10(config)# interface port-channel20 OS10(conf-if-po-20)# no shutdown OS10(conf-if-po-20)# switchport mode trunk OS10(conf-if-po-20)# no switchport access vlan OS10(conf-if-po-20)# exit OS10(config)# interface ethernet1/1/6 OS10(conf-if-eth1/1/6)# no shutdown OS10(conf-if-eth1/1/6)# channel-group 20 mode active OS10(conf-if-eth1/1/6)# no switchport OS10(conf-if-eth1/1/6)# exit
6. 将访问端口添加到虚拟网络
OS10(config)# virtual-network 10000 OS10(config-vn-10000)# member-interface port-channel 10 vlan-tag 100 OS10(config-vn)# exit OS10(config)# virtual-network 20000 OS10(config-vn-20000)# member-interface port-channel 20 untagged OS10(config-vn)# exit
7. 配置面向上游网络的端口
OS10(config)# interface ethernet1/1/1 OS10(conf-if-eth1/1/1)# no shutdown OS10(conf-if-eth1/1/1)# no switchport OS10(conf-if-eth1/1/1)# mtu 1650 OS10(conf-if-eth1/1/1)# ip address 172.19.1.0/31 OS10(conf-if-eth1/1/1)# exit OS10(config)# interface ethernet1/1/2 OS10(conf-if-eth1/1/2)# no shutdown OS10(conf-if-eth1/1/2)# no switchport OS10(conf-if-eth1/1/2)# mtu 1650 OS10(conf-if-eth1/1/2)# ip address 172.19.2.0/31 OS10(conf-if-eth1/1/2)# exit
8. 配置 eBGP
OS10(config)# router bgp 100 OS10(config-router-bgp-100)# router-id 172.19.0.1 OS10(config-router-bgp-100)# address-family ipv4 unicast OS10(configure-router-bgp-af)# redistribute connected OS10(configure-router-bgp-af)# exit
9. 针对 IPv4 点对点对等配置 eBGP
OS10(config-router-bgp-100)# neighbor 172.19.1.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# neighbor 172.19.2.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# exit
10. 为 BGP EVPN 对等配置与 VLT 对等方 IP 地址不同的环回接口
OS10(config)# interface loopback1 OS10(conf-if-lo-1)# no shutdown OS10(conf-if-lo-1)# ip address 172.19.0.1/32 OS10(conf-if-lo-1)# exit
11. 配置 BGP EVPN 对等
OS10(config)# router bgp 100 OS10(config-router-bgp-100)# neighbor 172.201.0.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# ebgp-multihop 4 OS10(config-router-neighbor)# send-community extended OS10(config-router-neighbor)# update-source loopback1 OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# no activate OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# address-family l2vpn evpn OS10(config-router-bgp-neighbor-af)# activate OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# neighbor 172.202.0.1 OS10(config-router-neighbor)# remote-as 101 OS10(config-router-neighbor)# ebgp-multihop 4 OS10(config-router-neighbor)# send-community extended OS10(config-router-neighbor)# update-source loopback1 OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# address-family ipv4 unicast OS10(config-router-bgp-neighbor-af)# no activate OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# address-family l2vpn evpn OS10(config-router-bgp-neighbor-af)# activate OS10(config-router-bgp-neighbor-af)# allowas-in 1 OS10(config-router-bgp-neighbor-af)# exit OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# exit
12. 配置 EVPN
在手动配置模式下配置 EVPN 实例,在自动模式下配置 RD 和 RT 配置:
OS10(config)# evpn OS10(config-evpn)# evi 10000 OS10(config-evpn-evi-10000)# vni 10000 OS10(config-evpn-evi-10000)# rd auto OS10(config-evpn-evi-10000)# route-target auto OS10(config-evpn-evi-10000)# exit OS10(config-evpn)# evi 20000 OS10(config-evpn-evi-20000)# vni 20000 OS10(config-evpn-evi-20000)# rd auto OS10(config-evpn-evi-20000)# route-target auto OS10(config-evpn-evi-20000)# exit OS10(config-evpn)# exit
13. 配置 VLT
为虚拟网络配置 VLTi VLAN
OS10(config)# virtual-network 10000 OS10(config-vn-10000)# vlti-vlan 100 OS10(config-vn-10000)# exit OS10(config)# virtual-network 20000 OS10(conf-vn-20000)# vlti-vlan 200 OS10(conf-vn-20000)# exit
配置专用 L3 承载路径,以在发生网络故障时访问 VLT 对等方
OS10(config)# interface vlan4000 OS10(config-if-vl-4000)# no shutdown OS10(config-if-vl-4000)# ip address 172.16.250.11/31 OS10(config-if-vl-4000)# exit
配置 VLT 端口通道
OS10(config)# interface port-channel10 OS10(conf-if-po-10)# vlt-port-channel 10 OS10(conf-if-po-10)# exit OS10(config)# interface port-channel20 OS10(conf-if-po-20)# vlt-port-channel 20 OS10(conf-if-po-20)# exit
配置 VLTi 成员链路
OOS10(config)# interface ethernet1/1/3 OS10(conf-if-eth1/1/3)# no shutdown OS10(conf-if-eth1/1/3)# no switchport OS10(conf-if-eth1/1/3)# exit OS10(config)# interface ethernet1/1/4 OS10(conf-if-eth1/1/4)# no shutdown OS10(conf-if-eth1/1/4)# no switchport OS10(conf-if-eth1/1/4)# exit
配置 VLT 域
OS10(config)# vlt-domain 1 OS10(conf-vlt-1)# backup destination 10.16.150.4 OS10(conf-vlt-1)# discovery-interface ethernet1/1/3,1/1/4 OS10(conf-vlt-1)# vlt-mac aa:bb:cc:dd:ff:ee OS10(conf-vlt-1)# exit
使用上行链路 VLT 端口和下行链路网络端口配置 UFD
OS10(config)# uplink-state-group 1 OS10(conf-uplink-state-group-1)# enable OS10(conf-uplink-state-group-1)# downstream ethernet1/1/1-1/1/2 OS10(conf-uplink-state-group-1)# upstream port-channel10 OS10(conf-uplink-state-group-1)# upstream port-channel20 OS10(conf-uplink-state-group-1)# exit
在 VLT 对等方之间配置 iBGP IPv4 对等
OS10(config)# router bgp 100 OS10(config-router-bgp-100)# neighbor 172.16.250.10 OS10(config-router-neighbor)# remote-as 100 OS10(config-router-neighbor)# no shutdown OS10(config-router-neighbor)# exit OS10(config-router-bgp-100)# exit
14. 在覆盖网络中配置 IP 路由
创建租户 VRF
OS10(config)# ip vrf tenant1 OS10(conf-vrf)# exit
配置任意广播网关 MAC 地址
OS10(config)# ip virtual-router mac-address 00:01:01:01:01:01
在虚拟网络上配置路由
OS10(config)# interface virtual-network 10000 OS10(conf-if-vn-10000)# ip vrf forwarding tenant1 OS10(conf-if-vn-10000)# ip address 10.1.0.234/16 OS10(conf-if-vn-10000)# ip virtual-router address 10.1.0.100 OS10(conf-if-vn-10000)# no shutdown OS10(conf-if-vn-10000)# exit OS10(config)# interface virtual-network 20000 OS10(conf-if-vn-20000)# ip vrf forwarding tenant1 OS10(conf-if-vn-20000)# ip address 10.2.0.234/16 OS10(conf-if-vn-20000)# ip virtual-router address 10.2.0.100 OS10(conf-if-vn-20000)# no shutdown OS10(conf-if-vn-20000)# exit
主干交换机 1
1. 在承载链路上配置指向分支交换机的下游端口
OS10(config)# interface ethernet1/1/1 OS10(conf-if-eth1/1/1)# no shutdown OS10(conf-if-eth1/1/1)# no switchport OS10(conf-if-eth1/1/1)# ip address 172.16.1.1/31 OS10(conf-if-eth1/1/1)# exit OS10(config)# interface ethernet1/1/2 OS10(conf-if-eth1/1/2)# no shutdown OS10(conf-if-eth1/1/2)# no switchport OS10(conf-if-eth1/1/2)# ip address 172.17.1.1/31 OS10(conf-if-eth1/1/2)# exit OS10(config)# interface ethernet1/1/3 OS10(conf-if-eth1/1/3)# no shutdown OS10(conf-if-eth1/1/3)# no switchport OS10(conf-if-eth1/1/3)# ip address 172.18.1.1/31 OS10(conf-if-eth1/1/3)# exit OS10(config)# interface ethernet1/1/4 OS10(conf-if-eth1/1/4)# no shutdown OS10(conf-if-eth1/1/4)# no switchport OS10(conf-if-eth1/1/4)# ip address 172.19.1.1/31 OS10(conf-if-eth1/1/4)# exit
2. 配置 eBGP
OS10(config)# router bgp 101 OS10(config-router-bgp-101)# router-id 172.201.0.1 OS10(config-router-bgp-101)# address-family ipv4 unicast OS10(configure-router-bgpv4-af)# redistribute connected OS10(configure-router-bgpv4-af)# exit
3. 在 P2P 链路上配置 eBGP IPv4 对等节点会话
OS10(conf-router-bgp-101)# neighbor 172.16.1.0 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# exit OS10(conf-router-bgp-101)# neighbor 172.17.1.0 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# exit OS10(conf-router-bgp-101)# neighbor 172.18.1.0 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# exit OS10(conf-router-bgp-101)# neighbor 172.19.1.0 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# exit OS10(conf-router-bgp-101)# exit
4. 为 BGP EVPN 对等节点配置环回接口
OS10(config)# interface loopback1 OS10(conf-if-lo-1)# no shutdown OS10(conf-if-lo-1)# ip address 172.201.0.1/32 OS10(conf-if-lo-1)# exit
5. 配置 BGP EVPN 对等节点会话
OS10(config)# router bgp 101 OS10(conf-router-bgp-101)# neighbor 172.16.0.1 OS10(conf-router-neighbor)# ebgp-multihop 4 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# send-community extended OS10(conf-router-neighbor)# update-source loopback1 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# address-family l2vpn evpn OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-bgp-101)# neighbor 172.17.0.1 OS10(conf-router-neighbor)# ebgp-multihop 4 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# send-community extended OS10(conf-router-neighbor)# update-source loopback1 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# address-family l2vpn evpn OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-bgp-101)# neighbor 172.18.0.1 OS10(conf-router-neighbor)# ebgp-multihop 4 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# send-community extended OS10(conf-router-neighbor)# update-source loopback1 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# address-family l2vpn evpn OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-bgp-101)# neighbor 172.19.0.1 OS10(conf-router-neighbor)# ebgp-multihop 4 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# send-community extended OS10(conf-router-neighbor)# update-source loopback1 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# address-family l2vpn evpn OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# activate OS10(conf-router-neighbor-af)# exit
主干交换机 2
1. 在承载链路上配置指向分支交换机的下游端口
OS10(config)# interface ethernet1/1/1 OS10(conf-if-eth1/1/1)# no shutdown OS10(conf-if-eth1/1/1)# no switchport OS10(conf-if-eth1/1/1)# ip address 172.16.2.1/31 OS10(conf-if-eth1/1/1)# exit OS10(config)# interface ethernet1/1/2 OS10(conf-if-eth1/1/2)# no shutdown OS10(conf-if-eth1/1/2)# no switchport OS10(conf-if-eth1/1/2)# ip address 172.17.2.1/31 OS10(conf-if-eth1/1/2)# exit OS10(config)# interface ethernet1/1/3 OS10(conf-if-eth1/1/3)# no shutdown OS10(conf-if-eth1/1/3)# no switchport OS10(conf-if-eth1/1/3)# ip address 172.18.2.1/31 OS10(conf-if-eth1/1/3)# exit OS10(config)# interface ethernet1/1/4 OS10(conf-if-eth1/1/4)# no shutdown OS10(conf-if-eth1/1/4)# no switchport OS10(conf-if-eth1/1/4)# ip address 172.19.2.1/31 OS10(conf-if-eth1/1/4)# exit
2. 配置 eBGP
OS10(config)# router bgp 101 OS10(config-router-bgp-101)# router-id 172.202.0.1 OS10(config-router-bgp-101)# address-family ipv4 unicast OS10(configure-router-bgpv4-af)# redistribute connected OS10(configure-router-bgpv4-af)# exit
3. 在 P2P 链路上配置 eBGP IPv4 对等节点会话
OS10(conf-router-bgp-101)# neighbor 172.16.2.0 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# exit OS10(conf-router-bgp-101)# neighbor 172.17.2.0 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# exit OS10(conf-router-bgp-101)# neighbor 172.18.2.0 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# exit OS10(conf-router-bgp-101)# neighbor 172.19.2.0 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# exit OS10(conf-router-bgp-101)# exit
4. 为 BGP EVPN 对等节点配置环回接口
OS10(config)# interface loopback1 OS10(conf-if-lo-1)# no shutdown OS10(conf-if-lo-1)# ip address 172.202.0.1/32 OS10(conf-if-lo-1)# exit
5. 配置 BGP EVPN 对等节点会话
OS10(config)# router bgp 101 OS10(conf-router-bgp-101)# neighbor 172.16.0.1 OS10(conf-router-neighbor)# ebgp-multihop 4 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# send-community extended OS10(conf-router-neighbor)# update-source loopback1 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# address-family l2vpn evpn OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-bgp-101)# neighbor 172.17.0.1 OS10(conf-router-neighbor)# ebgp-multihop 4 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# send-community extended OS10(conf-router-neighbor)# update-source loopback1 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# address-family l2vpn evpn OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-bgp-101)# neighbor 172.18.0.1 OS10(conf-router-neighbor)# ebgp-multihop 4 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# send-community extended OS10(conf-router-neighbor)# update-source loopback1 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# address-family l2vpn evpn OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-bgp-101)# neighbor 172.19.0.1 OS10(conf-router-neighbor)# ebgp-multihop 4 OS10(conf-router-neighbor)# remote-as 100 OS10(conf-router-neighbor)# send-community extended OS10(conf-router-neighbor)# update-source loopback1 OS10(conf-router-neighbor)# no shutdown OS10(conf-router-neighbor)# address-family ipv4 unicast OS10(conf-router-neighbor-af)# no activate OS10(conf-router-neighbor-af)# exit OS10(conf-router-neighbor)# address-family l2vpn evpn OS10(conf-router-neighbor-af)# no sender-side-loop-detection OS10(conf-router-neighbor-af)# activate OS10(conf-router-neighbor-af)# exit
使用 BGP EVPN 配置验证 VXLAN
1. 验证虚拟网络配置
LEAF1# show virtual-network
Codes: DP - MAC-learn Dataplane, CP - MAC-learn Controlplane, UUD - Unknown-Unicast-Drop
Virtual Network: 10000
Members:
VLAN 100: port-channel10, port-channel1000
VxLAN Virtual Network Identifier: 10000
Source Interface: loopback0(192.168.1.1)
Remote-VTEPs (flood-list): 192.168.2.1(CP)
Virtual Network: 20000
Members:
Untagged: port-channel20
VLAN 200: port-channel1000
VxLAN Virtual Network Identifier: 20000
Source Interface: loopback0(192.168.1.1)
Remote-VTEPs (flood-list): 192.168.2.1(CP)
LEAF1# 2. 验证 EVPN 配置和 EVPN 参数
LEAF1# show evpn evi EVI : 10000, State : up Bridge-Domain : Virtual-Network 10000, VNI 10000 Route-Distinguisher : 1:192.168.1.1:10000(auto) Route-Targets : 0:100:268445456(auto) both Inclusive Multicast : 192.168.2.1 IRB : Enabled(tenant1) EVI : 20000, State : up Bridge-Domain : Virtual-Network 20000, VNI 20000 Route-Distinguisher : 1:192.168.1.1:20000(auto) Route-Targets : 0:100:268455456(auto) both Inclusive Multicast : 192.168.2.1 IRB : Enabled(tenant1) LEAF1#
3. 验证分支和主干节点之间的 BGP EVPN 邻居
LEAF1# show ip bgp l2vpn evpn summary BGP router identifier 172.16.0.1 local AS number 100 Neighbor AS MsgRcvd MsgSent Up/Down State/Pfx 172.201.0.1 101 1132 1116 13:29:00 27 172.202.0.1 101 1131 1118 13:29:02 28 LEAF1#
4. 检查主机 A 和主机 B 之间的连接
root@HOST-A:~# ping 10.2.0.10 -c 5 PING 10.2.0.10 (10.2.0.10) 56(84) bytes of data. 64 bytes from 10.2.0.10: icmp_seq=1 ttl=63 time=0.824 ms 64 bytes from 10.2.0.10: icmp_seq=2 ttl=63 time=0.847 ms 64 bytes from 10.2.0.10: icmp_seq=3 ttl=63 time=0.835 ms 64 bytes from 10.2.0.10: icmp_seq=4 ttl=63 time=0.944 ms 64 bytes from 10.2.0.10: icmp_seq=5 ttl=63 time=0.806 ms --- 10.2.0.10 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4078ms rtt min/avg/max/mdev = 0.806/0.851/0.944/0.051 ms root@HOST-A:~#
5. 检查主机 A 和主机 C 之间的连接
root@HOST-A:~# ping 10.1.0.20 -c 5 PING 10.1.0.20 (10.1.0.20) 56(84) bytes of data. 64 bytes from 10.1.0.20: icmp_seq=1 ttl=64 time=0.741 ms 64 bytes from 10.1.0.20: icmp_seq=2 ttl=64 time=0.737 ms 64 bytes from 10.1.0.20: icmp_seq=3 ttl=64 time=0.772 ms 64 bytes from 10.1.0.20: icmp_seq=4 ttl=64 time=0.799 ms 64 bytes from 10.1.0.20: icmp_seq=5 ttl=64 time=0.866 ms --- 10.1.0.20 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4061ms rtt min/avg/max/mdev = 0.737/0.783/0.866/0.047 ms root@HOST-A:~#
6. 检查主机 A 和主机 D 之间的连接
root@HOST-A:~# ping 10.2.0.20 -c 5 PING 10.2.0.20 (10.2.0.20) 56(84) bytes of data. 64 bytes from 10.2.0.20: icmp_seq=1 ttl=63 time=0.707 ms 64 bytes from 10.2.0.20: icmp_seq=2 ttl=63 time=0.671 ms 64 bytes from 10.2.0.20: icmp_seq=3 ttl=63 time=0.687 ms 64 bytes from 10.2.0.20: icmp_seq=4 ttl=63 time=0.640 ms 64 bytes from 10.2.0.20: icmp_seq=5 ttl=63 time=0.644 ms --- 10.2.0.20 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4089ms rtt min/avg/max/mdev = 0.640/0.669/0.707/0.041 ms root@HOST-A:~#
注: 按照步骤 1 至 6 检查其他主机组合与主机之间的 ping 连接,并通过不同的虚拟网络 IP 地址检查主机之间的连接。
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\