当前位置: 首页 > news >正文

华为SRv6 policy EVPN配置案例

news 来源:原创 2024/7/5 18:35:29

在这里插入图片描述

P1

segment-routing ipv6
encapsulation source-address 2001:1::1 //配置loop 0口地址为封装源地址
locator srv6 ipv6-prefix 2000:1:: 96 static 16 //配置locator前缀,并设置为手动配置自身的end sid和end-x
opcode ::1 end no-flavor //配置自身的end sid
opcode ::3001 end-x interface Ethernet3/0/0 nexthop 2001::2 no-flavor //配置自身接口end-x
opcode ::3002 end-x interface Ethernet3/0/1 nexthop 2001::6 no-flavor
opcode ::3003 end-x interface Ethernet3/0/2 nexthop 2001::A no-flavor

isis 1
is-level level-2
cost-style wide
network-entity 49.0001.0000.0000.0001.00
is-name p1

ipv6 enable topology ipv6 //开启ipv6拓扑功能
segment-routing ipv6 locator srv6 auto-sid-disable //关闭自动分配end sid功能

interface Ethernet3/0/0
undo shutdown
ipv6 enable
ipv6 address 2001::1/126
isis ipv6 enable 1
isis circuit-type p2p

interface Ethernet3/0/1
undo shutdown
ipv6 enable
ipv6 address 2001::5/126
isis ipv6 enable 1
isis circuit-type p2p

interface Ethernet3/0/2
undo shutdown
ipv6 enable
ipv6 address 2001::9/126
isis ipv6 enable 1
isis circuit-type p2p

interface LoopBack0
ipv6 enable
ipv6 address 2001:1::1/128
isis ipv6 enable 1

bgp 100
router-id 1.1.1.1
peer 2001:1::2 as-number 100
peer 2001:1::2 connect-interface LoopBack0
peer 2001:1::3 as-number 100
peer 2001:1::3 connect-interface LoopBack0
peer 2001:1::4 as-number 100
peer 2001:1::4 connect-interface LoopBack0

ipv4-family unicast
undo synchronization

l2vpn-family evpn
undo policy vpn-target
peer 2001:1::2 enable
peer 2001:1::2 advertise encap-type srv6 //实现evpn路由迭代到srv6转发
peer 2001:1::3 enable
peer 2001:1::3 reflect-client
peer 2001:1::3 advertise encap-type srv6
peer 2001:1::4 enable
peer 2001:1::4 reflect-client
peer 2001:1::4 advertise encap-type srv6

P2

segment-routing ipv6
encapsulation source-address 2001:1::2
locator srv6 ipv6-prefix 2000:2:: 96 static 16
opcode ::1 end no-flavor
opcode ::3001 end-x interface Ethernet3/0/0 nexthop 2001::E no-flavor
opcode ::3002 end-x interface Ethernet3/0/1 nexthop 2001::12 no-flavor
opcode ::3003 end-x interface Ethernet3/0/2 nexthop 2001::9 no-flavor

isis 1
is-level level-2
cost-style wide
network-entity 49.0001.0000.0000.0002.00
is-name p2

ipv6 enable topology ipv6
segment-routing ipv6 locator srv6 auto-sid-disable

interface Ethernet3/0/0
undo shutdown
ipv6 enable
ipv6 address 2001:😄/126
isis ipv6 enable 1
isis circuit-type p2p

interface Ethernet3/0/1
undo shutdown
ipv6 enable
ipv6 address 2001::11/126
isis ipv6 enable 1
isis circuit-type p2p

interface Ethernet3/0/2
undo shutdown
ipv6 enable
ipv6 address 2001::A/126
isis ipv6 enable 1
isis circuit-type p2p

interface LoopBack0
ipv6 enable
ipv6 address 2001:1::2/128
isis ipv6 enable 1

interface NULL0

bgp 100
router-id 2.2.2.2
peer 2001:1::1 as-number 100
peer 2001:1::1 connect-interface LoopBack0
peer 2001:1::3 as-number 100
peer 2001:1::3 connect-interface LoopBack0
peer 2001:1::4 as-number 100
peer 2001:1::4 connect-interface LoopBack0

ipv4-family unicast
undo synchronization

l2vpn-family evpn
undo policy vpn-target
peer 2001:1::1 enable
peer 2001:1::1 advertise encap-type srv6
peer 2001:1::3 enable
peer 2001:1::3 reflect-client
peer 2001:1::3 advertise encap-type srv6
peer 2001:1::4 enable
peer 2001:1::4 reflect-client
peer 2001:1::4 advertise encap-type srv6

PE1

tunnel-policy p1 //配置隧道选择策略,优选sr-mpls policy 防止负载分担,默认只用主的
tunnel select-seq ipv6 srv6-te-policy load-balance-number 1

ip vpn-instance vpna //创建vpn实例
ipv4-family
route-distinguisher 100:100
apply-label per-instance
vpn-target 100:100 export-extcommunity evpn //为VPN实例IPv4地址族配置EVPN路由的VPN-Target属性
vpn-target 100:100 import-extcommunity evpn
tnl-policy p1 evpn //关联隧道策略
evpn mpls routing-enable //使能EVPN生成和发布IP前缀路由和IRB路由的功能
default-color 100 evpn //关联隧道策略并设置color值为100

te ipv6-router-id 2001:1::3 //配置全局te ipv6 router id
bfd
quit
sbfd //配置sbfd功能
destination ipv6 2001:1::4 remote-discriminator 4.4.4.4
reflector discriminator 3.3.3.3 //配置sbfd反射描述符

segment-routing ipv6
encapsulation source-address 2001:1::3 //配置loop 0口地址为封装源地址
locator srv6 ipv6-prefix 2000:3:: 96 static 16 //配置locator前缀,并设置为手动配置自身的end sid和end-x
opcode ::1 end no-flavor //配置自身的end sid
opcode ::100 end-dt4 vpn-instance vpna evpn //标识网络中的ipv4的实例路由
segment-list pe1-pe2-1 //配置主路线走拓扑上面走
index 10 sid ipv6 2000:1::3002
index 20 sid ipv6 2000:4::1
segment-list pe2-pe1-1 //配置备路线走拓扑下面走
index 10 sid ipv6 2000:2::3002
index 20 sid ipv6 2000:4::1
srv6-te policy p1 endpoint 2001:1::4 color 100 //用color进行引流
candidate-path preference 100
segment-list pe1-pe2-1
candidate-path preference 50
segment-list pe2-pe1-1
srv6-te-policy bfd seamless enable //开启srv6 policy的hotstandby
serv6-te-policy backup hot-standby enable

isis 1
is-level level-2
cost-style wide
network-entity 49.0001.0000.0000.0003.00
is-name pe1

ipv6 enable topology ipv6
segment-routing ipv6 locator srv6 auto-sid-disable

interface Ethernet3/0/0
undo shutdown
ipv6 enable
ipv6 address 2001::2/126
isis ipv6 enable 1
isis circuit-type p2p

interface Ethernet3/0/1
undo shutdown
ipv6 enable
ipv6 address 2001::E/126
isis ipv6 enable 1
isis circuit-type p2p

interface Ethernet3/0/2
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.0.1 255.255.255.252

interface LoopBack0
ipv6 enable
ipv6 address 2001:1::3/128
isis ipv6 enable 1

bgp 100
router-id 3.3.3.3
peer 2001:1::1 as-number 100
peer 2001:1::1 connect-interface LoopBack0
peer 2001:1::2 as-number 100
peer 2001:1::2 connect-interface LoopBack0

ipv4-family unicast
undo synchronization

ipv4-family vpn-instance vpna
network 192.168.0.0 255.255.255.252
advertise l2vpn evpn
segment-routing ipv6 locator srv6 evpn //使私网路由上送evpn协议时带上SID属性功能
segment-routing ipv6 traffic-engineer best-effort evpn //EVPN路由迭代到srv6 policy,同时使用srv6 be隧道作为备份逃生路径

l2vpn-family evpn
policy vpn-target
peer 2001:1::1 enable
peer 2001:1::1 advertise encap-type srv6
peer 2001:1::2 enable
peer 2001:1::2 advertise encap-type srv6

PE2

tunnel-policy p1
tunnel select-seq ipv6 srv6-te-policy load-balance-number 1

ip vpn-instance vpna
ipv4-family
route-distinguisher 100:200
apply-label per-instance
vpn-target 100:100 export-extcommunity evpn
vpn-target 100:100 import-extcommunity evpn
tnl-policy p1 evpn
evpn mpls routing-enable
default-color 100 evpn

te ipv6-router-id 2001:1::4 //配置全局te ipv6 router id
bfd
quit
sbfd //配置sbfd功能
destination ipv6 2001:1::3 remote-discriminator 3.3.3.3
reflector discriminator 4.4.4.4 //配置sbfd反射描述符

segment-routing ipv6
encapsulation source-address 2001:1::4
locator srv6 ipv6-prefix 2000:4:: 96 static 16
opcode ::1 end no-flavor
opcode ::100 end-dt4 vpn-instance vpna evpn
segment-list pe1-pe2-1
index 10 sid ipv6 2000:1::3001
index 20 sid ipv6 2000:3::1
segment-list pe2-pe1-1
index 10 sid ipv6 2000:2::3001
index 20 sid ipv6 2000:3::1
srv6-te policy p1 endpoint 2001:1::3 color 100
candidate-path preference 100
segment-list pe1-pe2-1
candidate-path preference 50
segment-list pe2-pe1-1
srv6-te-policy bfd seamless enable //开启srv6 policy的hotstandby
serv6-te-policy backup hot-standby enable

isis 1
is-level level-2
cost-style wide
network-entity 49.0001.0000.0000.0004.00
is-name pe2

ipv6 enable topology ipv6
segment-routing ipv6 locator srv6 auto-sid-disable

interface Ethernet3/0/0
undo shutdown
ipv6 enable
ipv6 address 2001::6/126
isis ipv6 enable 1
isis circuit-type p2p

interface Ethernet3/0/1
undo shutdown
ipv6 enable
ipv6 address 2001::12/126
isis ipv6 enable 1
isis circuit-type p2p

interface Ethernet3/0/2
undo shutdown
ip binding vpn-instance vpna
ip address 192.168.1.1 255.255.255.252

interface LoopBack0
ipv6 enable
ipv6 address 2001:1::4/128
isis ipv6 enable 1

bgp 100
router-id 4.4.4.4
peer 2001:1::1 as-number 100
peer 2001:1::1 connect-interface LoopBack0
peer 2001:1::2 as-number 100
peer 2001:1::2 connect-interface LoopBack0

ipv4-family unicast
undo synchronization

ipv4-family vpn-instance vpna
network 192.168.1.0 255.255.255.252
advertise l2vpn evpn
segment-routing ipv6 locator srv6 evpn
segment-routing ipv6 traffic-engineer best-effort evpn

l2vpn-family evpn
policy vpn-target
peer 2001:1::1 enable
peer 2001:1::1 advertise encap-type srv6
peer 2001:1::2 enable
peer 2001:1::2 advertise encap-type srv6

查看

dis isis route ipv6

dis segment-routing ipv6 local-sid forwarding

dis srv6-te policy

dis bgp evpn peer

dis bgp evpn all routing-table

dis ip routing-table vpn-instance vpna 192.168.1.0 verbose

dis segment-routing ipv6 local-sid end-x 2000:1::3002 forwarding

dis ip routing-table vpn-instance vpna 192.168.1.2

dis bgp evpn all routing-table prefix-route 0:192.168.1.0:30

dis srv6-te policy policy-name p1 //sbfd功能查看

相关文章:

  • CS中的局部性原理
  • vite项目如何在本地启动https协议
  • 【SpringBoot3学习 | 第1篇】SpringBoot3介绍与配置文件
  • 01:Linux的基本命令
  • 强化学习-5 策略梯度、Actor-Critic 算法
  • IOS Swift 从入门到精通:写入 Firestore数据库
  • 【ACM出版,马来西亚-吉隆坡举行】第四届互联网技术与教育信息化国际会议 (ITEI 2024)
  • 电路笔记(PCB):电流容量(IPC-2221和IPC-2152)+阻抗匹配
  • JavaMySQL 学习(基础)
  • 仿论坛项目--初识Spring Boot
  • 网络爬虫基础知识
  • RealMAN:大规模真实录制且经过注释的麦克风阵列数据集
  • Linux常用指令汇总
  • Perl语言入门指南
  • 【MindSpore学习打卡】应用实践-计算机视觉-ShuffleNet图像分类:从理论到实践
  • [LeetCode] Wiggle Sort
  • android图片蒙层
  • C++回声服务器_9-epoll边缘触发模式版本服务器
  • ERLANG 网工修炼笔记 ---- UDP
  • IDEA常用插件整理
  • Mysql5.6主从复制
  • springMvc学习笔记(2)
  • SQLServer之创建数据库快照
  • uva 10370 Above Average
  • vue中实现单选
  • 对象引论
  • 开发基于以太坊智能合约的DApp
  • 每天一个设计模式之命令模式
  • 如何使用 JavaScript 解析 URL
  • 思否第一天
  • 无服务器化是企业 IT 架构的未来吗?
  • 移动端唤起键盘时取消position:fixed定位
  • ​LeetCode解法汇总2696. 删除子串后的字符串最小长度
  • # 深度解析 Socket 与 WebSocket:原理、区别与应用
  • ### Cause: com.mysql.jdbc.exceptions.jdbc4.MySQLTr
  • ###51单片机学习(1)-----单片机烧录软件的使用,以及如何建立一个工程项目
  • #多叉树深度遍历_结合深度学习的视频编码方法--帧内预测
  • #我与Java虚拟机的故事#连载09:面试大厂逃不过的JVM
  • (带教程)商业版SEO关键词按天计费系统:关键词排名优化、代理服务、手机自适应及搭建教程
  • (第27天)Oracle 数据泵转换分区表
  • (附源码)计算机毕业设计SSM基于java的云顶博客系统
  • (含笔试题)深度解析数据在内存中的存储
  • (三)mysql_MYSQL(三)
  • (算法设计与分析)第一章算法概述-习题
  • (转)Unity3DUnity3D在android下调试
  • ******IT公司面试题汇总+优秀技术博客汇总
  • .NET Core 版本不支持的问题
  • .Net 路由处理厉害了
  • .NET/C# 使用 SpanT 为字符串处理提升性能
  • .NET国产化改造探索(一)、VMware安装银河麒麟
  • .net企业级架构实战之7——Spring.net整合Asp.net mvc
  • .sys文件乱码_python vscode输出乱码
  • [20171106]配置客户端连接注意.txt
  • [Algorithm][动态规划][两个数组的DP][正则表达式匹配][交错字符串][两个字符串的最小ASCII删除和][最长重复子数组]详细讲解
  • [Android Studio] 开发Java 程序