VXLAN 主动-主动模式
VXLAN 主动-主动模式 使一对 MLAG 交换机能够充当单个 VTEP,从而为裸机以及虚拟化工作负载提供主动-主动 VXLAN 终止。
要使用 VXLAN 主动-主动模式,您需要配置
配置 VXLAN 主动-主动
要配置 VXLAN 主动-主动模式,您必须为 MLAG 对中的每台交换机配置一个虚拟 IP 地址,用于 VXLAN 数据路径终止。VXLAN 终止地址是在环回接口下配置的任播 IP 地址。通过 MLAG 对等互连,两台交换机都使用任播 IP 地址进行 VXLAN 封装和解封装。这使远程 VTEP 能够针对一个逻辑 VTEP 学习连接到 MLAG 交换机的主机 MAC 地址,即使交换机独立封装和解封装源自主机第 2 层流量也是如此。
MLAG 动态添加和删除任播 IP 地址作为环回接口地址,如下所示
- 当交换机启动时,所有 VXLAN 接口都处于 PROTO_DOWN 状态。任播 IP 地址未使用。
- MLAG 对等互连发生,并且交换机之间成功进行 VXLAN 接口一致性检查。
clagd守护进程将任播地址作为第二个地址添加到环回接口。然后,它将 VXLAN 接口的本地 IP 地址从唯一地址更改为任播 IP 地址,并将接口置于 UP 状态。
- 给定 VXLAN 接口的主动-主动配置在 MLAG 对中的两台交换机之间必须一致;MLAG 确保配置在启动 VXLAN 接口之前是一致的。
- 用于 VXLAN 终止的任播虚拟 IP 地址在 MLAG 对中的两台交换机上必须相同。
- 您必须配置具有相同 VXLAN ID 的 VXLAN 接口,该接口在 MLAG 对中的两台交换机上都必须是管理性启动的。运行
clagctl命令以检查是否有任何 VXLAN 交换机处于 PROTO_DOWN 状态。
- 如果将 VXLAN 主动-主动与 EVPN 对称模式一起使用,则必须在 MLAG 对中的两台交换机上设置任播 MAC 地址;请参阅发布主 IP 地址。
- NVIDIA 建议您在配置 MLAG 接口之前配置任播 IP 地址。
要配置任播 IP 地址
运行 nv set nve vxlan mlag shared-address 命令。
cumulus@leaf01:~$ nv set nve vxlan mlag shared-address 10.0.1.12
cumulus@leaf01:~$ nv config apply
cumulus@leaf02:~$ nv set nve vxlan mlag shared-address 10.0.1.12
cumulus@leaf02:~$ nv config apply
在 /etc/network/interfaces 文件中的环回接口下添加 clagd-vxlan-anycast-ip 参数
cumulus@leaf01:~$ sudo nano /etc/network/interfaces
...
auto lo
iface lo inet loopback
address 10.10.10.1/32
clagd-vxlan-anycast-ip 10.0.1.12
...
cumulus@leaf02:~$ sudo nano /etc/network/interfaces
...
auto lo
iface lo inet loopback
address 10.10.10.2/32
clagd-vxlan-anycast-ip 10.0.1.12
...
当您将 EVPN 与 MLAG 一起使用时,EVPN 可能会将本地 MAC 地址或邻居条目安装为远程条目。为了防止 EVPN 从 MLAG 接管本地 MAC 地址或邻居条目的所有权,您可以将所有本地第 2 层 VNI 与唯一站点 ID 相关联,该站点 ID 代表 MLAG 对。请参阅为 MLAG 配置站点 ID。
故障排除
本节介绍 VXLAN 主动-主动故障条件,并提供故障排除命令。
故障条件
故障条件 | 行为 |
|---|---|
| 对等链路断开。 | 主 MLAG 交换机继续保持所有 VXLAN 接口使用任播 IP 地址处于启动状态,而辅助交换机关闭所有 VXLAN 接口并将其置于 PROTO_DOWN 状态。辅助 MLAG 交换机从环回接口删除任播 IP 地址。 |
| 其中一台交换机断开。 | 另一台可操作的交换机继续使用任播 IP 地址。 |
clagd 停止。 | 所有 VXLAN 接口都进入 PROTO_DOWN 状态。交换机从环回接口删除任播 IP 地址,并且 VXLAN 接口的本地 IP 地址从任播 IP 地址更改为唯一的非虚拟 IP 地址。 |
| MLAG 对等互连未在交换机之间建立。 | clagd 在重新加载计时器到期后,使用配置的任播 IP 地址启动所有 VXLAN 接口。即使未建立对等互连,这也允许 VXLAN 接口在两台交换机上都启动并运行。 |
| 对等链路断开,但对等交换机已启动(备份链路处于活动状态)。 | 辅助交换机上的所有 VXLAN 接口都进入 PROTO_DOWN 状态。 |
| MLAG 对等体上的任播 IP 地址不同。 | 辅助交换机上的 VXLAN 接口进入 PROTO_DOWN 状态。 |
故障排除命令
要显示交换机上的 MLAG 配置,请运行 NVUE nv show mlag 命令
cumulus@leaf01:mgmt:~$ nv show mlag
operational applied description
-------------- ----------------------- ----------------- ------------------------------------------------------
enable on Turn the feature 'on' or 'off'. The default is 'off'.
debug off Enable MLAG debugging
init-delay 180 The delay, in seconds, before bonds are brought up.
mac-address 44:38:39:FF:00:aa 44:38:39:FF:00:AA Override anycast-mac and anycast-id
peer-ip fe80::4638:39ff:fe00:5a linklocal Peer Ip Address
priority 32768 32768 Mlag Priority
[backup] 10.10.10.2 10.10.10.2 Set of MLAG backups
anycast-ip 10.0.1.12 Vxlan Anycast Ip address
backup-active True Mlag Backup Status
backup-reason Mlag Backup Reason
local-id 44:38:39:00:00:59 Mlag Local Unique Id
local-role primary Mlag Local Role
peer-alive True Mlag Peer Alive Status
peer-id 44:38:39:00:00:5a Mlag Peer Unique Id
peer-interface peerlink.4094 Mlag Peerlink Interface
peer-priority 32768 Mlag Peer Priority
peer-role secondary Mlag Peer Role
要显示交换机上的 MLAG 邻居信息,请运行 NVUE nv show mlag neighbor 命令
cumulus@leaf01:mgmt:~$ nv show mlag neighbor
operational applied description
-- ----------- ------- -----------
dynamic
==========
interface ip-address lladdr vlan-id
-- --------- ---------- ------ -------
permanent
============
address-family interface ip-address lladdr vlan-id
-- -------------- --------- ------------------------ ----------------- -------
1 10 vlan10 fe80::4638:39ff:fe22:1b1 44:38:39:22:01:b1 10
2 10 vlan20 fe80::4638:39ff:fe22:1b1 44:38:39:22:01:b1 20
3 10 vlan10 fe80::4638:39ff:fe22:1af 44:38:39:22:01:af 10
4 10 vlan20 fe80::4638:39ff:fe22:1af 44:38:39:22:01:af 20
要显示 MLAG 行为以及 MLAG 对之间的任何不一致,请运行 clagctl 命令。
在以下示例中,此 MLAG 接口不存在冲突,并且 VXLAN 已启动并运行(没有 Proto-Down)。MLAG 对共享用于 VTEP 终止的 VXLAN 任播 IP 地址正在使用中,为 10.0.1.12。
cumulus@leaf01$ clagctl
The peer is alive
Our Priority, ID, and Role: 32768 44:38:39:00:00:59 primary
Peer Priority, ID, and Role: 32768 44:38:39:00:00:5a secondary
Peer Interface and IP: peerlink.4094 fe80::4638:39ff:fe00:5a (linklocal)
VxLAN Anycast IP: 10.0.1.12
Backup IP: 10.10.10.2 (active)
System MAC: 44:38:39:FF:00:aa
CLAG Interfaces
Our Interface Peer Interface CLAG Id Conflicts Proto-Down Reason
---------------- ---------------- ------- -------------------- -----------------
bond1 - 1 - -
vxlan48 vxlan48 - - -
在以下示例中,主交换机配置了错误的 VXLAN 任播 IP 地址。当您在辅助交换机上运行 clagctl 命令时,Proto-Down Reason 在 bond01 上显示 anycast-ip-mismatch,在 vxlan48 上显示 vxlan-single,anycast-ip-mismatch。
cumulus@leaf04:mgmt:~$ clagctl
The peer is alive
Our Priority, ID, and Role: 32768 44:38:39:00:00:5e secondary
Peer Priority, ID, and Role: 32768 44:38:39:00:00:5d primary
Peer Interface and IP: peerlink.4094 fe80::4638:39ff:fe00:5d (linklocal)
VxLAN Anycast IP: 10.0.1.34
Backup IP: 10.10.10.3 (active)
System MAC: 44:38:39:FF:00:bb
CLAG Interfaces
Our Interface Peer Interface CLAG Id Conflicts Proto-Down Reason
---------------- ---------------- ------- -------------------- -----------------
bond1 - 1 - anycast-ip-mismatch
vxlan48 - - - vxlan-single,anycast-ip-mismatch
配置示例
此示例中的命令配置了
- leaf01 和 leaf02 之间以及 leaf03 和 leaf04 之间的 MLAG。
- 所有叶子和 spine 上的 BGP 无编号。
- EVPN 作为 BGP 邻居之间 VXLAN 的控制平面。
- 每个叶子上的单个 VXLAN 设备 (vxlan48)。VLAN 10 映射到 VNI 10,VLAN 20 映射到 VNI 20。VXLAN 设备是默认网桥
br_default的一部分。 - leaf01 和 leaf02 上的任播 IP 地址 10.0.1.12,以及 leaf03 和 leaf04 上的 10.0.1.34。
- 将 server01 链接到 leaf01 和 leaf02,以及将 server04 链接到 leaf03 和 leaf04 的第 2 层绑定。该示例显示了 server01 和 server04
/etc/network/interfaces文件配置。
cumulus@leaf01:~$ nv set interface lo ip address 10.10.10.1/32
cumulus@leaf01:~$ nv set interface swp1,swp49-52
cumulus@leaf01:~$ nv set interface bond1 bond member swp1
cumulus@leaf01:~$ nv set interface bond1 bond mlag id 1
cumulus@leaf01:~$ nv set interface bond1 bridge domain br_default
cumulus@leaf01:~$ nv set interface peerlink bond member swp49-50
cumulus@leaf01:~$ nv set system global anycast-mac 44:38:39:FF:00:AA
cumulus@leaf01:~$ nv set mlag backup 10.10.10.2
cumulus@leaf01:~$ nv set mlag peer-ip linklocal
cumulus@leaf01:~$ nv set interface vlan10
cumulus@leaf01:~$ nv set interface vlan20
cumulus@leaf01:~$ nv set bridge domain br_default vlan 10,20
cumulus@leaf01:~$ nv set bridge domain br_default vlan 10 vni 10
cumulus@leaf01:~$ nv set bridge domain br_default vlan 20 vni 20
cumulus@leaf01:~$ nv set nve vxlan mlag shared-address 10.0.1.12
cumulus@leaf01:~$ nv set router bgp autonomous-system 65101
cumulus@leaf01:~$ nv set router bgp router-id 10.10.10.1
cumulus@leaf01:~$ nv set vrf default router bgp neighbor swp51 remote-as external
cumulus@leaf01:~$ nv set vrf default router bgp neighbor swp52 remote-as external
cumulus@leaf01:~$ nv set vrf default router bgp neighbor peerlink.4094 remote-as external
cumulus@leaf01:~$ nv set vrf default router bgp address-family ipv4-unicast network 10.10.10.1/32
cumulus@leaf01:~$ nv set vrf default router bgp address-family ipv4-unicast redistribute connected
cumulus@leaf01:~$ nv set evpn enable on
cumulus@leaf01:~$ nv set vrf default router bgp neighbor swp51 address-family l2vpn-evpn enable on
cumulus@leaf01:~$ nv set vrf default router bgp neighbor swp52 address-family l2vpn-evpn enable on
cumulus@leaf01:~$ nv set vrf default router bgp neighbor peerlink.4094 address-family l2vpn-evpn enable on
cumulus@leaf01:~$ nv config apply
cumulus@leaf02:~$ nv set interface lo ip address 10.10.10.2/32
cumulus@leaf02:~$ nv set interface swp1,swp49-52
cumulus@leaf02:~$ nv set interface bond1 bond member swp1
cumulus@leaf02:~$ nv set interface bond1 bond mlag id 1
cumulus@leaf02:~$ nv set interface bond1 bridge domain br_default
cumulus@leaf02:~$ nv set interface peerlink bond member swp49-50
cumulus@leaf02:~$ nv set system global anycast-mac 44:38:39:FF:00:AA
cumulus@leaf02:~$ nv set mlag backup 10.10.10.1
cumulus@leaf02:~$ nv set mlag peer-ip linklocal
cumulus@leaf02:~$ nv set interface vlan10
cumulus@leaf02:~$ nv set interface vlan20
cumulus@leaf02:~$ nv set bridge domain br_default vlan 10,20
cumulus@leaf02:~$ nv set bridge domain br_default vlan 10 vni 10
cumulus@leaf02:~$ nv set bridge domain br_default vlan 20 vni 20
cumulus@leaf02:~$ nv set nve vxlan mlag shared-address 10.0.1.12
cumulus@leaf02:~$ nv set router bgp autonomous-system 65102
cumulus@leaf02:~$ nv set router bgp router-id 10.10.10.2
cumulus@leaf02:~$ nv set vrf default router bgp neighbor swp51 remote-as external
cumulus@leaf02:~$ nv set vrf default router bgp neighbor swp52 remote-as external
cumulus@leaf02:~$ nv set vrf default router bgp neighbor peerlink.4094 remote-as external
cumulus@leaf02:~$ nv set vrf default router bgp address-family ipv4-unicast network 10.10.10.2/32
cumulus@leaf02:~$ nv set vrf default router bgp address-family ipv4-unicast redistribute connected
cumulus@leaf02:~$ nv set evpn enable on
cumulus@leaf02:~$ nv set vrf default router bgp neighbor swp51 address-family l2vpn-evpn enable on
cumulus@leaf02:~$ nv set vrf default router bgp neighbor swp52 address-family l2vpn-evpn enable on
cumulus@leaf02:~$ nv set vrf default router bgp neighbor peerlink.4094 address-family l2vpn-evpn enable on
cumulus@leaf02:~$ nv config apply
cumulus@leaf03:~$ nv set interface lo ip address 10.10.10.3/32
cumulus@leaf03:~$ nv set interface swp1,swp49-52
cumulus@leaf03:~$ nv set interface bond1 bond member swp1
cumulus@leaf03:~$ nv set interface bond1 bond mlag id 1
cumulus@leaf03:~$ nv set interface bond1 bridge domain br_default
cumulus@leaf03:~$ nv set interface peerlink bond member swp49-50
cumulus@leaf03:~$ nv set system global anycast-mac 44:38:39:FF:00:BB
cumulus@leaf03:~$ nv set mlag backup 10.10.10.4
cumulus@leaf03:~$ nv set mlag peer-ip linklocal
cumulus@leaf03:~$ nv set interface vlan10
cumulus@leaf03:~$ nv set interface vlan20
cumulus@leaf03:~$ nv set bridge domain br_default vlan 10,20
cumulus@leaf03:~$ nv set bridge domain br_default vlan 10 vni 10
cumulus@leaf03:~$ nv set bridge domain br_default vlan 20 vni 20
cumulus@leaf03:~$ nv set nve vxlan mlag shared-address 10.0.1.34
cumulus@leaf03:~$ nv set router bgp autonomous-system 65103
cumulus@leaf03:~$ nv set router bgp router-id 10.10.10.3
cumulus@leaf03:~$ nv set vrf default router bgp neighbor swp51 remote-as external
cumulus@leaf03:~$ nv set vrf default router bgp neighbor swp52 remote-as external
cumulus@leaf03:~$ nv set vrf default router bgp neighbor peerlink.4094 remote-as external
cumulus@leaf03:~$ nv set vrf default router bgp address-family ipv4-unicast network 10.10.10.3/32
cumulus@leaf03:~$ nv set vrf default router bgp address-family ipv4-unicast redistribute connected
cumulus@leaf03:~$ nv set evpn enable on
cumulus@leaf03:~$ nv set vrf default router bgp neighbor swp51 address-family l2vpn-evpn enable on
cumulus@leaf03:~$ nv set vrf default router bgp neighbor swp52 address-family l2vpn-evpn enable on
cumulus@leaf03:~$ nv set vrf default router bgp neighbor peerlink.4094 address-family l2vpn-evpn enable on
cumulus@leaf03:~$ nv config apply
cumulus@leaf04:~$ nv set interface lo ip address 10.10.10.4/32
cumulus@leaf04:~$ nv set interface swp1,swp49-52
cumulus@leaf04:~$ nv set interface bond1 bond member swp1
cumulus@leaf04:~$ nv set interface bond1 bond mlag id 1
cumulus@leaf04:~$ nv set interface bond1 bridge domain br_default
cumulus@leaf04:~$ nv set interface peerlink bond member swp49-50
cumulus@leaf04:~$ nv set system global anycast-mac 44:38:39:FF:00:BB
cumulus@leaf04:~$ nv set mlag backup 10.10.10.3
cumulus@leaf04:~$ nv set mlag peer-ip linklocal
cumulus@leaf04:~$ nv set interface vlan10
cumulus@leaf04:~$ nv set interface vlan20
cumulus@leaf04:~$ nv set bridge domain br_default vlan 10,20
cumulus@leaf04:~$ nv set bridge domain br_default vlan 10 vni 10
cumulus@leaf04:~$ nv set bridge domain br_default vlan 20 vni 20
cumulus@leaf04:~$ nv set nve vxlan mlag shared-address 10.0.1.34
cumulus@leaf04:~$ nv set router bgp autonomous-system 65104
cumulus@leaf04:~$ nv set router bgp router-id 10.10.10.4
cumulus@leaf04:~$ nv set vrf default router bgp neighbor swp51 remote-as external
cumulus@leaf04:~$ nv set vrf default router bgp neighbor swp52 remote-as external
cumulus@leaf04:~$ nv set vrf default router bgp neighbor peerlink.4094 remote-as external
cumulus@leaf04:~$ nv set vrf default router bgp address-family ipv4-unicast network 10.10.10.4/32
cumulus@leaf04:~$ nv set vrf default router bgp address-family ipv4-unicast redistribute connected
cumulus@leaf04:~$ nv set evpn enable on
cumulus@leaf04:~$ nv set vrf default router bgp neighbor swp51 address-family l2vpn-evpn enable on
cumulus@leaf04:~$ nv set vrf default router bgp neighbor swp52 address-family l2vpn-evpn enable on
cumulus@leaf04:~$ nv set vrf default router bgp neighbor peerlink.4094 address-family l2vpn-evpn enable on
cumulus@leaf04:~$ nv config apply
cumulus@spine01:~$ nv set interface lo ip address 10.10.10.101/32
cumulus@spine01:~$ nv set interface swp1-4
cumulus@spine01:~$ nv set router bgp autonomous-system 65199
cumulus@spine01:~$ nv set router bgp router-id 10.10.10.101
cumulus@spine01:~$ nv set vrf default router bgp peer-group underlay remote-as external
cumulus@spine01:~$ nv set vrf default router bgp neighbor swp1 remote-as external
cumulus@spine01:~$ nv set vrf default router bgp neighbor swp2 remote-as external
cumulus@spine01:~$ nv set vrf default router bgp neighbor swp3 remote-as external
cumulus@spine01:~$ nv set vrf default router bgp neighbor swp4 remote-as external
cumulus@spine01:~$ nv set vrf default router bgp address-family ipv4-unicast redistribute connected
cumulus@spine01:~$ nv set vrf default router bgp neighbor swp1 address-family l2vpn-evpn enable on
cumulus@spine01:~$ nv set vrf default router bgp neighbor swp2 address-family l2vpn-evpn enable on
cumulus@spine01:~$ nv set vrf default router bgp neighbor swp3 address-family l2vpn-evpn enable on
cumulus@spine01:~$ nv set vrf default router bgp neighbor swp4 address-family l2vpn-evpn enable on
cumulus@spine01:~$ nv config apply
cumulus@spine02:~$ nv set interface lo ip address 10.10.10.102/32
cumulus@spine02:~$ nv set interface swp1-4
cumulus@spine02:~$ nv set router bgp autonomous-system 65199
cumulus@spine02:~$ nv set router bgp router-id 10.10.10.102
cumulus@spine02:~$ nv set vrf default router bgp peer-group underlay remote-as external
cumulus@spine02:~$ nv set vrf default router bgp neighbor swp1 remote-as external
cumulus@spine02:~$ nv set vrf default router bgp neighbor swp2 remote-as external
cumulus@spine02:~$ nv set vrf default router bgp neighbor swp3 remote-as external
cumulus@spine02:~$ nv set vrf default router bgp neighbor swp4 remote-as external
cumulus@spine02:~$ nv set vrf default router bgp address-family ipv4-unicast redistribute connected
cumulus@spine02:~$ nv set vrf default router bgp neighbor swp1 address-family l2vpn-evpn enable on
cumulus@spine02:~$ nv set vrf default router bgp neighbor swp2 address-family l2vpn-evpn enable on
cumulus@spine02:~$ nv set vrf default router bgp neighbor swp3 address-family l2vpn-evpn enable on
cumulus@spine02:~$ nv set vrf default router bgp neighbor swp4 address-family l2vpn-evpn enable on
cumulus@spine02:~$ nv config apply
cumulus@leaf01:~$ sudo cat /etc/nvue.d/startup.yaml
- set:
bridge:
domain:
br_default:
vlan:
'10':
vni:
'10': {}
'20':
vni:
'20': {}
evpn:
enable: on
interface:
bond1:
bond:
member:
swp1: {}
mlag:
enable: on
id: 1
bridge:
domain:
br_default: {}
type: bond
eth0:
ip:
address:
dhcp: {}
vrf: mgmt
type: eth
lo:
ip:
address:
10.10.10.1/32: {}
type: loopback
peerlink:
bond:
member:
swp49: {}
swp50: {}
type: peerlink
peerlink.4094:
base-interface: peerlink
type: sub
vlan: 4094
swp1:
type: swp
swp49:
type: swp
swp50:
type: swp
swp51:
type: swp
swp52:
type: swp
vlan10:
type: svi
vlan: 10
vlan20:
type: svi
vlan: 20
mlag:
backup:
10.10.10.2: {}
enable: on
peer-ip: linklocal
nve:
vxlan:
enable: on
mlag:
shared-address: 10.0.1.12
router:
bgp:
autonomous-system: 65101
enable: on
router-id: 10.10.10.1
service:
ntp:
mgmt:
server:
0.cumulusnetworks.pool.ntp.org: {}
1.cumulusnetworks.pool.ntp.org: {}
2.cumulusnetworks.pool.ntp.org: {}
3.cumulusnetworks.pool.ntp.org: {}
system:
aaa:
class:
nvapply:
action: allow
command-path:
/:
permission: all
nvshow:
action: allow
command-path:
/:
permission: ro
sudo:
action: allow
command-path:
/:
permission: all
role:
nvue-admin:
class:
nvapply: {}
nvue-monitor:
class:
nvshow: {}
system-admin:
class:
nvapply: {}
sudo: {}
user:
cumulus:
full-name: cumulus,,,
hashed-password: $6$oUZN3YNn0KEqb9JM$bR.wk.hti5DfDJg08Pvy4O3mp8Dn1zuaaGK/uRNoXpEpOUNdHdAvR5i5zb3uwP4uPYYAUx8ofd64TmRcUespA0
role: system-admin
api:
state: enabled
config:
auto-save:
enable: on
control-plane:
acl:
acl-default-dos:
inbound: {}
acl-default-whitelist:
inbound: {}
global:
anycast-mac: 44:38:39:FF:00:AA
fabric-mac: 00:00:5E:00:01:01
system-mac: 44:38:39:22:01:7a
hostname: leaf01
reboot:
mode: cold
ssh-server:
state: enabled
wjh:
channel:
forwarding:
trigger:
l2: {}
l3: {}
tunnel: {}
enable: on
vrf:
default:
router:
bgp:
address-family:
ipv4-unicast:
enable: on
network:
10.10.10.1/32: {}
redistribute:
connected:
enable: on
l2vpn-evpn:
enable: on
enable: on
neighbor:
peerlink.4094:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp51:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp52:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
cumulus@leaf02:~$ sudo cat /etc/nvue.d/startup.yaml
- set:
bridge:
domain:
br_default:
vlan:
'10':
vni:
'10': {}
'20':
vni:
'20': {}
evpn:
enable: on
interface:
bond1:
bond:
member:
swp1: {}
mlag:
enable: on
id: 1
bridge:
domain:
br_default: {}
type: bond
eth0:
ip:
address:
dhcp: {}
vrf: mgmt
type: eth
lo:
ip:
address:
10.10.10.2/32: {}
type: loopback
peerlink:
bond:
member:
swp49: {}
swp50: {}
type: peerlink
peerlink.4094:
base-interface: peerlink
type: sub
vlan: 4094
swp1:
type: swp
swp49:
type: swp
swp50:
type: swp
swp51:
type: swp
swp52:
type: swp
vlan10:
type: svi
vlan: 10
vlan20:
type: svi
vlan: 20
mlag:
backup:
10.10.10.1: {}
enable: on
peer-ip: linklocal
nve:
vxlan:
enable: on
mlag:
shared-address: 10.0.1.12
router:
bgp:
autonomous-system: 65102
enable: on
router-id: 10.10.10.2
service:
ntp:
mgmt:
server:
0.cumulusnetworks.pool.ntp.org: {}
1.cumulusnetworks.pool.ntp.org: {}
2.cumulusnetworks.pool.ntp.org: {}
3.cumulusnetworks.pool.ntp.org: {}
system:
aaa:
class:
nvapply:
action: allow
command-path:
/:
permission: all
nvshow:
action: allow
command-path:
/:
permission: ro
sudo:
action: allow
command-path:
/:
permission: all
role:
nvue-admin:
class:
nvapply: {}
nvue-monitor:
class:
nvshow: {}
system-admin:
class:
nvapply: {}
sudo: {}
user:
cumulus:
full-name: cumulus,,,
hashed-password: $6$LgnUK2KofdPm7n6m$gKVSvoCLGfp6NFtIzIFYNc0IT7SRjvvjJfAONmUjFrN1H7VdxnlJHnyPXivQIq.I6QoOHT2o/buwAjYI5I4rt0
role: system-admin
api:
state: enabled
config:
auto-save:
enable: on
control-plane:
acl:
acl-default-dos:
inbound: {}
acl-default-whitelist:
inbound: {}
global:
anycast-mac: 44:38:39:FF:00:AA
fabric-mac: 00:00:5E:00:01:01
system-mac: 44:38:39:22:01:78
hostname: leaf02
reboot:
mode: cold
ssh-server:
state: enabled
wjh:
channel:
forwarding:
trigger:
l2: {}
l3: {}
tunnel: {}
enable: on
vrf:
default:
router:
bgp:
address-family:
ipv4-unicast:
enable: on
network:
10.10.10.2/32: {}
redistribute:
connected:
enable: on
l2vpn-evpn:
enable: on
enable: on
neighbor:
peerlink.4094:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp51:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp52:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
cumulus@leaf03:~$ sudo cat /etc/nvue.d/startup.yaml
- set:
bridge:
domain:
br_default:
vlan:
'10':
vni:
'10': {}
'20':
vni:
'20': {}
evpn:
enable: on
interface:
bond1:
bond:
member:
swp1: {}
mlag:
enable: on
id: 1
bridge:
domain:
br_default: {}
type: bond
eth0:
ip:
address:
dhcp: {}
vrf: mgmt
type: eth
lo:
ip:
address:
10.10.10.3/32: {}
type: loopback
peerlink:
bond:
member:
swp49: {}
swp50: {}
type: peerlink
peerlink.4094:
base-interface: peerlink
type: sub
vlan: 4094
swp1:
type: swp
swp49:
type: swp
swp50:
type: swp
swp51:
type: swp
swp52:
type: swp
vlan10:
type: svi
vlan: 10
vlan20:
type: svi
vlan: 20
mlag:
backup:
10.10.10.4: {}
enable: on
peer-ip: linklocal
nve:
vxlan:
enable: on
mlag:
shared-address: 10.0.1.34
router:
bgp:
autonomous-system: 65103
enable: on
router-id: 10.10.10.3
service:
ntp:
mgmt:
server:
0.cumulusnetworks.pool.ntp.org: {}
1.cumulusnetworks.pool.ntp.org: {}
2.cumulusnetworks.pool.ntp.org: {}
3.cumulusnetworks.pool.ntp.org: {}
system:
aaa:
class:
nvapply:
action: allow
command-path:
/:
permission: all
nvshow:
action: allow
command-path:
/:
permission: ro
sudo:
action: allow
command-path:
/:
permission: all
role:
nvue-admin:
class:
nvapply: {}
nvue-monitor:
class:
nvshow: {}
system-admin:
class:
nvapply: {}
sudo: {}
user:
cumulus:
full-name: cumulus,,,
hashed-password: $6$s7Z8L4oTOtEMFyO1$Y2PG.Y/DxxOCULiPBwf2IbgxGoz7YVeiqNAgBfv2gR3Ey9zbXNjiVFwXINkUfHkEBEYec2FPus9s/93szZ13L.
role: system-admin
api:
state: enabled
config:
auto-save:
enable: on
control-plane:
acl:
acl-default-dos:
inbound: {}
acl-default-whitelist:
inbound: {}
global:
anycast-mac: 44:38:39:FF:00:BB
fabric-mac: 00:00:5E:00:01:01
system-mac: 44:38:39:22:01:84
hostname: leaf03
reboot:
mode: cold
ssh-server:
state: enabled
wjh:
channel:
forwarding:
trigger:
l2: {}
l3: {}
tunnel: {}
enable: on
vrf:
default:
router:
bgp:
address-family:
ipv4-unicast:
enable: on
network:
10.10.10.3/32: {}
redistribute:
connected:
enable: on
l2vpn-evpn:
enable: on
enable: on
neighbor:
peerlink.4094:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp51:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp52:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
cumulus@leaf04:~$ sudo cat /etc/nvue.d/startup.yaml
- set:
bridge:
domain:
br_default:
vlan:
'10':
vni:
'10': {}
'20':
vni:
'20': {}
evpn:
enable: on
interface:
bond1:
bond:
member:
swp1: {}
mlag:
enable: on
id: 1
bridge:
domain:
br_default: {}
type: bond
eth0:
ip:
address:
dhcp: {}
vrf: mgmt
type: eth
lo:
ip:
address:
10.10.10.4/32: {}
type: loopback
peerlink:
bond:
member:
swp49: {}
swp50: {}
type: peerlink
peerlink.4094:
base-interface: peerlink
type: sub
vlan: 4094
swp1:
type: swp
swp49:
type: swp
swp50:
type: swp
swp51:
type: swp
swp52:
type: swp
vlan10:
type: svi
vlan: 10
vlan20:
type: svi
vlan: 20
mlag:
backup:
10.10.10.3: {}
enable: on
peer-ip: linklocal
nve:
vxlan:
enable: on
mlag:
shared-address: 10.0.1.34
router:
bgp:
autonomous-system: 65104
enable: on
router-id: 10.10.10.4
service:
ntp:
mgmt:
server:
0.cumulusnetworks.pool.ntp.org: {}
1.cumulusnetworks.pool.ntp.org: {}
2.cumulusnetworks.pool.ntp.org: {}
3.cumulusnetworks.pool.ntp.org: {}
system:
aaa:
class:
nvapply:
action: allow
command-path:
/:
permission: all
nvshow:
action: allow
command-path:
/:
permission: ro
sudo:
action: allow
command-path:
/:
permission: all
role:
nvue-admin:
class:
nvapply: {}
nvue-monitor:
class:
nvshow: {}
system-admin:
class:
nvapply: {}
sudo: {}
user:
cumulus:
full-name: cumulus,,,
hashed-password: $6$R3sLiogPvZYI5cUo$8EJcDFHAabnAmNb2XWBS85LtjNpisAvWxwZ1Q4u3Ufiv2T4nEc7TwpYqdKYg5Yl/x7Bn2XbZKeFZ6GpvQ1nmj.
role: system-admin
api:
state: enabled
config:
auto-save:
enable: on
control-plane:
acl:
acl-default-dos:
inbound: {}
acl-default-whitelist:
inbound: {}
global:
anycast-mac: 44:38:39:FF:00:BB
fabric-mac: 00:00:5E:00:01:01
system-mac: 44:38:39:22:01:8a
hostname: leaf04
reboot:
mode: cold
ssh-server:
state: enabled
wjh:
channel:
forwarding:
trigger:
l2: {}
l3: {}
tunnel: {}
enable: on
vrf:
default:
router:
bgp:
address-family:
ipv4-unicast:
enable: on
network:
10.10.10.4/32: {}
redistribute:
connected:
enable: on
l2vpn-evpn:
enable: on
enable: on
neighbor:
peerlink.4094:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp51:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp52:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
cumulus@spine01:~$ sudo cat /etc/nvue.d/startup.yaml
- set:
evpn:
enable: on
interface:
eth0:
ip:
address:
dhcp: {}
vrf: mgmt
type: eth
lo:
ip:
address:
10.10.10.101/32: {}
type: loopback
swp1:
type: swp
swp2:
type: swp
swp3:
type: swp
swp4:
type: swp
nve:
vxlan:
enable: on
router:
bgp:
autonomous-system: 65199
enable: on
router-id: 10.10.10.101
service:
ntp:
mgmt:
server:
0.cumulusnetworks.pool.ntp.org: {}
1.cumulusnetworks.pool.ntp.org: {}
2.cumulusnetworks.pool.ntp.org: {}
3.cumulusnetworks.pool.ntp.org: {}
system:
aaa:
class:
nvapply:
action: allow
command-path:
/:
permission: all
nvshow:
action: allow
command-path:
/:
permission: ro
sudo:
action: allow
command-path:
/:
permission: all
role:
nvue-admin:
class:
nvapply: {}
nvue-monitor:
class:
nvshow: {}
system-admin:
class:
nvapply: {}
sudo: {}
user:
cumulus:
full-name: cumulus,,,
hashed-password: $6$n0CbAqxMRKBnnQKP$zXodkw5uKNjvpRgJJyYJbPfzeQjhYaIbVqpBgtLWrT5F/m6mgML0ghwjfFaqsqdPd4vFHGfuF66VVZrfmYeAm.
role: system-admin
api:
state: enabled
config:
auto-save:
enable: on
control-plane:
acl:
acl-default-dos:
inbound: {}
acl-default-whitelist:
inbound: {}
global:
fabric-mac: 00:00:5E:00:01:01
system-mac: 44:38:39:22:01:82
hostname: spine01
reboot:
mode: cold
ssh-server:
state: enabled
wjh:
channel:
forwarding:
trigger:
l2: {}
l3: {}
tunnel: {}
enable: on
vrf:
default:
router:
bgp:
address-family:
ipv4-unicast:
enable: on
redistribute:
connected:
enable: on
l2vpn-evpn:
enable: on
enable: on
neighbor:
swp1:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp2:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp3:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp4:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
peer-group:
underlay:
remote-as: external
cumulus@spine02:~$ sudo cat /etc/nvue.d/startup.yaml
- set:
interface:
eth0:
ip:
address:
dhcp: {}
vrf: mgmt
type: eth
lo:
ip:
address:
10.10.10.102/32: {}
type: loopback
swp1:
type: swp
swp2:
type: swp
swp3:
type: swp
swp4:
type: swp
router:
bgp:
autonomous-system: 65199
enable: on
router-id: 10.10.10.102
service:
ntp:
mgmt:
server:
0.cumulusnetworks.pool.ntp.org: {}
1.cumulusnetworks.pool.ntp.org: {}
2.cumulusnetworks.pool.ntp.org: {}
3.cumulusnetworks.pool.ntp.org: {}
system:
aaa:
class:
nvapply:
action: allow
command-path:
/:
permission: all
nvshow:
action: allow
command-path:
/:
permission: ro
sudo:
action: allow
command-path:
/:
permission: all
role:
nvue-admin:
class:
nvapply: {}
nvue-monitor:
class:
nvshow: {}
system-admin:
class:
nvapply: {}
sudo: {}
user:
cumulus:
full-name: cumulus,,,
hashed-password: $6$7LHHn9oEA0i/Zzdw$wIgRjxG/bC7hLyJYhxkxco9wVWpJr6/z1LVQAEjN9Y2tqpzHVZhpYOzGyJ43Ht3VJlAwmj3yLwo.s9lESPA.b0
role: system-admin
api:
state: enabled
config:
auto-save:
enable: on
control-plane:
acl:
acl-default-dos:
inbound: {}
acl-default-whitelist:
inbound: {}
global:
fabric-mac: 00:00:5E:00:01:01
system-mac: 44:38:39:22:01:92
hostname: spine02
reboot:
mode: cold
ssh-server:
state: enabled
wjh:
channel:
forwarding:
trigger:
l2: {}
l3: {}
tunnel: {}
enable: on
vrf:
default:
router:
bgp:
address-family:
ipv4-unicast:
enable: on
redistribute:
connected:
enable: on
l2vpn-evpn:
enable: on
enable: on
neighbor:
swp1:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp2:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp3:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
swp4:
address-family:
l2vpn-evpn:
enable: on
remote-as: external
type: unnumbered
peer-group:
underlay:
remote-as: external
cumulus@leaf01:~$ sudo cat /etc/network/interfaces
...
auto lo
iface lo inet loopback
address 10.10.10.1/32
clagd-vxlan-anycast-ip 10.0.1.12
vxlan-local-tunnelip 10.10.10.1
auto mgmt
iface mgmt
address 127.0.0.1/8
address ::1/128
vrf-table auto
auto eth0
iface eth0 inet dhcp
ip-forward off
ip6-forward off
vrf mgmt
auto swp1
iface swp1
auto swp49
iface swp49
auto swp50
iface swp50
auto swp51
iface swp51
auto swp52
iface swp52
auto bond1
iface bond1
bond-slaves swp1
bond-mode 802.3ad
bond-lacp-bypass-allow no
clag-id 1
auto peerlink
iface peerlink
bond-slaves swp49 swp50
bond-mode 802.3ad
bond-lacp-bypass-allow no
auto peerlink.4094
iface peerlink.4094
clagd-peer-ip linklocal
clagd-backup-ip 10.10.10.2
clagd-sys-mac 44:38:39:FF:00:AA
clagd-args --initDelay 180
auto vlan10
iface vlan10
hwaddress 44:38:39:22:01:af
vlan-raw-device br_default
vlan-id 10
auto vlan20
iface vlan20
hwaddress 44:38:39:22:01:af
vlan-raw-device br_default
vlan-id 20
auto vxlan48
iface vxlan48
bridge-vlan-vni-map 10=10 20=20
bridge-learning off
auto br_default
iface br_default
bridge-ports bond1 peerlink vxlan48
hwaddress 44:38:39:22:01:af
bridge-vlan-aware yes
bridge-vids 10 20
bridge-pvid 1
cumulus@leaf02:~$ sudo cat /etc/network/interfaces
...
auto lo
iface lo inet loopback
address 10.10.10.2/32
clagd-vxlan-anycast-ip 10.0.1.12
vxlan-local-tunnelip 10.10.10.2
auto mgmt
iface mgmt
address 127.0.0.1/8
address ::1/128
vrf-table auto
auto eth0
iface eth0 inet dhcp
ip-forward off
ip6-forward off
vrf mgmt
auto swp1
iface swp1
auto swp49
iface swp49
auto swp50
iface swp50
auto swp51
iface swp51
auto swp52
iface swp52
auto bond1
iface bond1
bond-slaves swp1
bond-mode 802.3ad
bond-lacp-bypass-allow no
clag-id 1
auto peerlink
iface peerlink
bond-slaves swp49 swp50
bond-mode 802.3ad
bond-lacp-bypass-allow no
auto peerlink.4094
iface peerlink.4094
clagd-peer-ip linklocal
clagd-backup-ip 10.10.10.1
clagd-sys-mac 44:38:39:FF:00:AA
clagd-args --initDelay 180
auto vlan10
iface vlan10
hwaddress 44:38:39:22:01:af
vlan-raw-device br_default
vlan-id 10
auto vlan20
iface vlan20
hwaddress 44:38:39:22:01:af
vlan-raw-device br_default
vlan-id 20
auto vxlan48
iface vxlan48
bridge-vlan-vni-map 10=10 20=20
bridge-learning off
auto br_default
iface br_default
bridge-ports bond1 peerlink vxlan48
hwaddress 44:38:39:22:01:af
bridge-vlan-aware yes
bridge-vids 10 20
bridge-pvid 1
cumulus@leaf03:~$ sudo cat /etc/network/interfaces
...
auto lo
iface lo inet loopback
address 10.10.10.3/32
clagd-vxlan-anycast-ip 10.0.1.34
vxlan-local-tunnelip 10.10.10.3
auto mgmt
iface mgmt
address 127.0.0.1/8
address ::1/128
vrf-table auto
auto eth0
iface eth0 inet dhcp
ip-forward off
ip6-forward off
vrf mgmt
auto swp1
iface swp1
auto swp49
iface swp49
auto swp50
iface swp50
auto swp51
iface swp51
auto swp52
iface swp52
auto bond1
iface bond1
bond-slaves swp1
bond-mode 802.3ad
bond-lacp-bypass-allow no
clag-id 1
auto peerlink
iface peerlink
bond-slaves swp49 swp50
bond-mode 802.3ad
bond-lacp-bypass-allow no
auto peerlink.4094
iface peerlink.4094
clagd-peer-ip linklocal
clagd-backup-ip 10.10.10.4
clagd-sys-mac 44:38:39:FF:00:AA
clagd-args --initDelay 180
auto vlan10
iface vlan10
hwaddress 44:38:39:22:01:bb
vlan-raw-device br_default
vlan-id 10
auto vlan20
iface vlan20
hwaddress 44:38:39:22:01:bb
vlan-raw-device br_default
vlan-id 20
auto vxlan48
iface vxlan48
bridge-vlan-vni-map 10=10 20=20
bridge-learning off
auto br_default
iface br_default
bridge-ports bond1 peerlink vxlan48
hwaddress 44:38:39:22:01:bb
bridge-vlan-aware yes
bridge-vids 10 20
bridge-pvid 1
cumulus@leaf04:~$ sudo cat /etc/network/interfaces
...
auto lo
iface lo inet loopback
address 10.10.10.4/32
clagd-vxlan-anycast-ip 10.0.1.34
vxlan-local-tunnelip 10.10.10.4
auto mgmt
iface mgmt
address 127.0.0.1/8
address ::1/128
vrf-table auto
auto eth0
iface eth0 inet dhcp
ip-forward off
ip6-forward off
vrf mgmt
auto swp1
iface swp1
auto swp49
iface swp49
auto swp50
iface swp50
auto swp51
iface swp51
auto swp52
iface swp52
auto bond1
iface bond1
bond-slaves swp1
bond-mode 802.3ad
bond-lacp-bypass-allow no
clag-id 1
auto peerlink
iface peerlink
bond-slaves swp49 swp50
bond-mode 802.3ad
bond-lacp-bypass-allow no
auto peerlink.4094
iface peerlink.4094
clagd-peer-ip linklocal
clagd-backup-ip 10.10.10.3
clagd-sys-mac 44:38:39:FF:00:BB
clagd-args --initDelay 180
auto vlan10
iface vlan10
hwaddress 44:38:39:22:01:c1
vlan-raw-device br_default
vlan-id 10
auto vlan20
iface vlan20
hwaddress 44:38:39:22:01:c1
vlan-raw-device br_default
vlan-id 20
auto vxlan48
iface vxlan48
bridge-vlan-vni-map 10=10 20=20
bridge-learning off
auto br_default
iface br_default
bridge-ports bond1 peerlink vxlan48
hwaddress 44:38:39:22:01:c1
bridge-vlan-aware yes
bridge-vids 10 20
bridge-pvid 1
cumulus@spine01:~$ sudo cat /etc/network/interfaces
...
auto lo
iface lo inet loopback
address 10.10.10.101/32
auto mgmt
iface mgmt
address 127.0.0.1/8
address ::1/128
vrf-table auto
auto eth0
iface eth0 inet dhcp
ip-forward off
ip6-forward off
vrf mgmt
auto swp1
iface swp1
auto swp2
iface swp2
auto swp3
iface swp3
auto swp4
iface swp4
cumulus@spine02:~$ sudo cat /etc/network/interfaces
...
auto lo
iface lo inet loopback
address 10.10.10.102/32
auto mgmt
iface mgmt
address 127.0.0.1/8
address ::1/128
vrf-table auto
auto eth0
iface eth0 inet dhcp
ip-forward off
ip6-forward off
vrf mgmt
auto swp1
iface swp1
auto swp2
iface swp2
auto swp3
iface swp3
auto swp4
iface swp4
auto lo iface lo inet loopback auto lo iface lo inet static address 10.0.0.31/32auto eth0 iface eth0 inet dhcp
auto eth1 iface eth1
auto eth2 iface eth2
auto bond1 iface bond1 bond-slaves eth1 eth2 bond-miimon 100 bond-min-links 1 bond-mode 802.3ad bond-xmit-hash-policy layer3+4 bond-lacp-rate 1
auto bond1.10 iface bond1.10 address 172.16.10.101/24 auto bond1.20 iface bond1.20 address 172.16.20.101/24
auto lo iface lo inet loopbackauto lo iface lo inet static address 10.0.0.33/32
auto eth0 iface eth0 inet dhcp
auto eth1 iface eth1
auto eth2 iface eth2
auto bond1 iface bond1 bond-slaves eth1 eth2 bond-miimon 100 bond-min-links 1 bond-mode 802.3ad bond-xmit-hash-policy layer3+4 bond-lacp-rate 1
auto bond1.10 iface bond1.10 address 172.16.10.103/24 auto bond1.20 iface bond1.20 address 172.16.20.103/24
cumulus@leaf01:~$ sudo cat /etc/frr/frr.conf
...
vrf default
exit-vrf
vrf mgmt
exit-vrf
router bgp 65101 vrf default
bgp router-id 10.10.10.1
timers bgp 3 9
bgp deterministic-med
! Neighbors
neighbor peerlink.4094 interface remote-as external
neighbor peerlink.4094 timers 3 9
neighbor peerlink.4094 timers connect 10
neighbor peerlink.4094 advertisement-interval 0
neighbor peerlink.4094 capability extended-nexthop
neighbor swp51 interface remote-as external
neighbor swp51 timers 3 9
neighbor swp51 timers connect 10
neighbor swp51 advertisement-interval 0
neighbor swp51 capability extended-nexthop
neighbor swp52 interface remote-as external
neighbor swp52 timers 3 9
neighbor swp52 timers connect 10
neighbor swp52 advertisement-interval 0
neighbor swp52 capability extended-nexthop
! Address families
address-family ipv4 unicast
network 10.10.10.1/32
redistribute connected
maximum-paths ibgp 64
maximum-paths 64
distance bgp 20 200 200
neighbor peerlink.4094 activate
neighbor swp51 activate
neighbor swp52 activate
exit-address-family
address-family l2vpn evpn
advertise-all-vni
neighbor peerlink.4094 activate
neighbor swp51 activate
neighbor swp52 activate
exit-address-family
! end of router bgp 65101 vrf default
cumulus@leaf02:~$ sudo cat /etc/frr/frr.conf
...
vrf default
exit-vrf
vrf mgmt
exit-vrf
router bgp 65102 vrf default
bgp router-id 10.10.10.2
timers bgp 3 9
bgp deterministic-med
! Neighbors
neighbor peerlink.4094 interface remote-as external
neighbor peerlink.4094 timers 3 9
neighbor peerlink.4094 timers connect 10
neighbor peerlink.4094 advertisement-interval 0
neighbor peerlink.4094 capability extended-nexthop
neighbor swp51 interface remote-as external
neighbor swp51 timers 3 9
neighbor swp51 timers connect 10
neighbor swp51 advertisement-interval 0
neighbor swp51 capability extended-nexthop
neighbor swp52 interface remote-as external
neighbor swp52 timers 3 9
neighbor swp52 timers connect 10
neighbor swp52 advertisement-interval 0
neighbor swp52 capability extended-nexthop
! Address families
address-family ipv4 unicast
network 10.10.10.2/32
redistribute connected
maximum-paths ibgp 64
maximum-paths 64
distance bgp 20 200 200
neighbor peerlink.4094 activate
neighbor swp51 activate
neighbor swp52 activate
exit-address-family
address-family l2vpn evpn
advertise-all-vni
neighbor peerlink.4094 activate
neighbor swp51 activate
neighbor swp52 activate
exit-address-family
! end of router bgp 65102 vrf default
cumulus@leaf03:~$ sudo cat /etc/frr/frr.conf
...
vrf default
exit-vrf
vrf mgmt
exit-vrf
router bgp 65103 vrf default
bgp router-id 10.10.10.3
timers bgp 3 9
bgp deterministic-med
! Neighbors
neighbor peerlink.4094 interface remote-as external
neighbor peerlink.4094 timers 3 9
neighbor peerlink.4094 timers connect 10
neighbor peerlink.4094 advertisement-interval 0
neighbor peerlink.4094 capability extended-nexthop
neighbor swp51 interface remote-as external
neighbor swp51 timers 3 9
neighbor swp51 timers connect 10
neighbor swp51 advertisement-interval 0
neighbor swp51 capability extended-nexthop
neighbor swp52 interface remote-as external
neighbor swp52 timers 3 9
neighbor swp52 timers connect 10
neighbor swp52 advertisement-interval 0
neighbor swp52 capability extended-nexthop
! Address families
address-family ipv4 unicast
network 10.10.10.3/32
redistribute connected
maximum-paths ibgp 64
maximum-paths 64
distance bgp 20 200 200
neighbor peerlink.4094 activate
neighbor swp51 activate
neighbor swp52 activate
exit-address-family
address-family l2vpn evpn
advertise-all-vni
neighbor peerlink.4094 activate
neighbor swp51 activate
neighbor swp52 activate
exit-address-family
! end of router bgp 65103 vrf default
cumulus@leaf04:~$ sudo cat /etc/frr/frr.conf
...
vrf default
exit-vrf
vrf mgmt
exit-vrf
router bgp 65104 vrf default
bgp router-id 10.10.10.4
timers bgp 3 9
bgp deterministic-med
! Neighbors
neighbor peerlink.4094 interface remote-as external
neighbor peerlink.4094 timers 3 9
neighbor peerlink.4094 timers connect 10
neighbor peerlink.4094 advertisement-interval 0
neighbor peerlink.4094 capability extended-nexthop
neighbor swp51 interface remote-as external
neighbor swp51 timers 3 9
neighbor swp51 timers connect 10
neighbor swp51 advertisement-interval 0
neighbor swp51 capability extended-nexthop
neighbor swp52 interface remote-as external
neighbor swp52 timers 3 9
neighbor swp52 timers connect 10
neighbor swp52 advertisement-interval 0
neighbor swp52 capability extended-nexthop
! Address families
address-family ipv4 unicast
network 10.10.10.4/32
redistribute connected
maximum-paths ibgp 64
maximum-paths 64
distance bgp 20 200 200
neighbor peerlink.4094 activate
neighbor swp51 activate
neighbor swp52 activate
exit-address-family
address-family l2vpn evpn
advertise-all-vni
neighbor peerlink.4094 activate
neighbor swp51 activate
neighbor swp52 activate
exit-address-family
! end of router bgp 65104 vrf default
cumulus@spine01:~$ sudo cat /etc/frr/frr.conf
...
vrf default
exit-vrf
vrf mgmt
exit-vrf
router bgp 65199 vrf default
bgp router-id 10.10.10.101
timers bgp 3 9
bgp deterministic-med
! Neighbors
neighbor underlay peer-group
neighbor underlay remote-as external
neighbor underlay timers 3 9
neighbor underlay timers connect 10
neighbor underlay advertisement-interval 0
no neighbor underlay capability extended-nexthop
neighbor swp1 interface remote-as external
neighbor swp1 timers 3 9
neighbor swp1 timers connect 10
neighbor swp1 advertisement-interval 0
neighbor swp1 capability extended-nexthop
neighbor swp2 interface remote-as external
neighbor swp2 timers 3 9
neighbor swp2 timers connect 10
neighbor swp2 advertisement-interval 0
neighbor swp2 capability extended-nexthop
neighbor swp3 interface remote-as external
neighbor swp3 timers 3 9
neighbor swp3 timers connect 10
neighbor swp3 advertisement-interval 0
neighbor swp3 capability extended-nexthop
neighbor swp4 interface remote-as external
neighbor swp4 timers 3 9
neighbor swp4 timers connect 10
neighbor swp4 advertisement-interval 0
neighbor swp4 capability extended-nexthop
! Address families
address-family ipv4 unicast
redistribute connected
maximum-paths ibgp 64
maximum-paths 64
distance bgp 20 200 200
neighbor swp1 activate
neighbor swp2 activate
neighbor swp3 activate
neighbor swp4 activate
neighbor underlay activate
exit-address-family
address-family l2vpn evpn
neighbor swp1 activate
neighbor swp2 activate
neighbor swp3 activate
neighbor swp4 activate
exit-address-family
! end of router bgp 65199 vrf default
cumulus@spine02:~$ sudo cat /etc/frr/frr.conf
...
vrf default
exit-vrf
vrf mgmt
exit-vrf
router bgp 65199 vrf default
bgp router-id 10.10.10.102
timers bgp 3 9
bgp deterministic-med
! Neighbors
neighbor underlay peer-group
neighbor underlay remote-as external
neighbor underlay timers 3 9
neighbor underlay timers connect 10
neighbor underlay advertisement-interval 0
no neighbor underlay capability extended-nexthop
neighbor swp1 interface remote-as external
neighbor swp1 timers 3 9
neighbor swp1 timers connect 10
neighbor swp1 advertisement-interval 0
neighbor swp1 capability extended-nexthop
neighbor swp2 interface remote-as external
neighbor swp2 timers 3 9
neighbor swp2 timers connect 10
neighbor swp2 advertisement-interval 0
neighbor swp2 capability extended-nexthop
neighbor swp3 interface remote-as external
neighbor swp3 timers 3 9
neighbor swp3 timers connect 10
neighbor swp3 advertisement-interval 0
neighbor swp3 capability extended-nexthop
neighbor swp4 interface remote-as external
neighbor swp4 timers 3 9
neighbor swp4 timers connect 10activate
neighbor swp4 advertisement-interval 0
neighbor swp4 capability extended-nexthop
! Address families
address-family ipv4 unicast
redistribute connected
maximum-paths ibgp 64
maximum-paths 64
distance bgp 20 200 200
neighbor swp1 activate
neighbor swp2 activate
neighbor swp3 activate
neighbor swp4 activate
neighbor underlay activate
exit-address-family
address-family l2vpn evpn
neighbor swp1 activate
neighbor swp2 activate
neighbor swp3 activate
neighbor swp4 activate
exit-address-family
! end of router bgp 65199 vrf default
有关完整的 EVPN 对称主动-主动配置示例,请参阅配置示例。