EVPN与VXLAN(一)
目录
EVPN与VXLAN(一)
基础理论
EVPN与VXLAN结合可谓是强强合作,所谓“强”,我认为体现在这么几个方面:
- 两者都是overlay式网络,在underlay网络的基础上运行;
- 两者都相当于一个具体的应用,都会向内核注册套接字;
- EVPN在BGP-4的基础上又复杂了一层,在BGP-4的基础上又搞出来一个EVPN空间或数据库;
VXLAN为什么需要EVPN的加持呢?
VXLAN本身并没有定义控制层面,只定义了数据转发层面,而扩展的EVPN又特别擅长于控制层面,且两者都专注于二层技术,两者一拍即合!
MP-BGP有多种扩展,为什么VXLAN就选中了EVPN呢?
MP-BGP本身确实有多个地址族,为什么VXLAN偏偏选中了EVPN?MP-BGP做为在承载性最强的协议或应用,有多种地址族,但整体来说无非是分成了两大类,三层或二层,VXLAN是为了实现二层的相关功能,所以肯定在MP-BGP地址族当中与二类相关于地址族当中选择,EVPN是MP-BGP里面在二层方面承载能力最强的。当你在交换机启动EVPN的时候,要先启用二层EVPN的功能。
如何正确理解EVPN?
EVPN是在传统的BGP的基础上实现上,EVPN本身并不和传统的BGP共用一个数据库,而且从传统的BGP当中直接读取想要数据,然后进行单独的加工;所以当你发现传统的BGP邻居工作正常的时候,不要自然地认为EVPN也会工作正常!
EVPN是如何赋能BGP的?
其实说来也简单,VXLAN需要什么,那EVPN就给什么!那VXLAN需要什么呢?VXLAN在隧道建立的前期是需要知道对端的NVE接口的地址和VNI,在隧道建立之后是需要知道对方站的MAC地址表,那EVPN就满足VXLAN这两个需求,通过3类路由信息运载NVE接口的IP和VNI,通过2类的路由信息运载MAC地址 。
EVPN是如何与VXLAN合作的?
EVPN要运行在VXLAN的前面,才能会VXLAN提供想要信息,那EVPN需要什么?EVPN在前期需要NVE接口的IP和VNI,那这个信息在哪里?谁给EVPN提供呢?答案是VXLAN,VXLAN要先给EVPN提供NVE接口的IP地址和NVI,为了实现这个目的,在进行VXLAN配置NVE接口的时候调用EVPN,也要在配置NVI的时候调用EVPN,同时还要EVPN能正常运行起来。我们来总结一下,EVPN能向对方发送3类路由信息的条件:
- BGP邻居要能正常建立
- BGP里面必须把EVPN地址族启用
- 设备本身也要打开二层EVPN的功能(有一些设备不支持EVPN)
- 告诉EVPN本端的VNI
- 告诉EVPN本地的NVE接口IP
EVPN在设备上具体体现是什么?
实际上就是一个的实例或虚拟机,我们也要给它配置RD、RT这些东西;
基础实验(同网段VXLAN互通_EVPN结合VXLAN当中最基础的实验)
-
实验目标
-
让PC1和PC3两台同子网的PC能相互通信
-
环境介绍
- 两台PC全都属于VLAN10
- 两台PC全都没有配置网关,仅仅有IP地址和掩码
-
实验思路
- 在三台PE上先把underlay搞好,让三台PE的LOOKBACK接口能够互相访问
- 然后在CE1和CE2之间先配置EVPN
- 然后在CE1和CE2之间配置VXLAN
-
相关验证DIS命令
# 看EVPN的邻居是否建立 [CE1]dis bgp evpn peer # 看VXLAN隧道是否建立 [CE1]dis vxlan tunnel # 查看EVPN具体的路由信息是否形成 dis bgp evpn all routing-table inclusive-route 0:32:10.0.1.1 -
关键设备版本
[CE1]dis version Huawei Versatile Routing Platform Software VRP (R) software, Version 8.180 (CE12800 V200R005C10SPC607B607) Copyright (C) 2012-2018 Huawei Technologies Co., Ltd. HUAWEI CE12800 uptime is 0 day, 0 hour, 31 minutes SVRP Platform Version 1.0
基础配置
# LSW1和LSW2的基础配置(非关键配置)
# LSW1
sys
sysn SW1
vlan 10
int g0/0/2
port link-ty ac
port de vlan 10
int g0/0/1
port link-ty tr
port trunk all vlan 10
quit
# LSW2
sys
sysn SW2
vlan 10
int g0/0/2
port link-ty ac
port de vlan 10
int g0/0/1
port link-ty tr
port trunk all vlan 10
quit
# 三台PE underlay的配置(非关键配置)
# CE1
sys i
sysn CE1
# 创建互联VLAN
vlan 13
int l0
ip add 10.0.1.1 32
int vlan 13
ip add 10.0.13.1 24
ospf 1 router-id 10.0.1.1
a 0
network 10.0.1.1 0.0.0.0
network 10.0.13.1 0.0.0.0
# 物理接口要放行
int g1/0/0
undo shutdown
port link-ty trunk
port trunk a v 13
##############################
# CE3
sys i
int l0
ip add 10.0.3.3 32
vlan batch 13 23
int vlan 13
ip add 10.0.13.3 24
int vlan 23
ip add 10.0.23.3 24
ospf 1 router-id 10.0.3.3
a 0
network 10.0.3.3 0.0.0.0
network 10.0.13.3 0.0.0.0
network 10.0.23.3 0.0.0.0
int g1/0/0
undo shutdown
port link-ty trunk
port trunk all vlan 13
int g1/0/1
undo shutdown
port link-ty trunk
port trunk all vlan 23
# CE2
sys i
sysn CE2
int l0
ip add 10.0.2.2 32
vlan 23
int vlan 23
ip add 10.0.23.2 24
ospf 1 router-id 10.0.2.2
a 0
network 10.0.2.2 0.0.0.0
network 10.0.23.2 0.0.0.0
int g1/0/0
undo shutdown
port link-ty trunk
port trunk all vlan 23
qu
#####
# 验证
[CE1]ping -a 10.0.1.1 10.0.2.2
PING 10.0.2.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.2.2: bytes=56 Sequence=1 ttl=254 time=11 ms
Reply from 10.0.2.2: bytes=56 Sequence=2 ttl=254 time=7 ms
[CE2]ping -a 10.0.2.2 10.0.1.1
PING 10.0.1.1: 56 data bytes, press CTRL_C to break
Reply from 10.0.1.1: bytes=56 Sequence=1 ttl=254 time=10 ms
Reply from 10.0.1.1: bytes=56 Sequence=2 ttl=254 time=12 ms
EVPN&VXLAN关键配置
# 下面就是关键的EVPN配置了
## CE1
evpn-overlay enable
bgp 100
router-id 10.0.1.1
undo default ipv4-unicast
peer 10.0.2.2 as-number 100
peer 10.0.2.2 connect-interface LoopBack0
#
ipv4-family unicast
undo peer 10.0.2.2 enable
#
l2vpn-family evpn
policy vpn-target
peer 10.0.2.2 enable
## CE2的关键配置
evpn-overlay enable
bgp 100
router-id 10.0.2.2
undo default ipv4-unicast
peer 10.0.1.1 as-number 100
peer 10.0.1.1 connect-interface LoopBack0
#
ipv4-family unicast
peer 10.0.1.1 enable
#
l2vpn-family evpn
policy vpn-target
peer 10.0.1.1 enable
# 验证
[CE2-bgp]dis bgp evpn peer
10.0.1.1 4 100 5 6 0 00:02:29 Established
0
[CE1-bgp]dis bgp evpn peer
10.0.2.2 4 100 5 5 0 00:02:24 Established
# 下面是最关键的配置,是EVPN与VXLN结合的相关配置
## 这一步CE1是通过VXLAN告诉BGP本端的VNI,RD和RT的作用是生成实例
[CE1]bridge-domain 10
[CE1-bd10]vxlan vni 10
[CE1-bd10]evpn
[CE1-bd10-evpn]dis th
evpn
route-distinguisher 10:10
vpn-target 10:10 export-extcommunity
vpn-target 10:10 import-extcommunity
## 这一步是VXLA告诉BGP本端的NVE接口IP
interface Nve1
source 10.0.1.1
vni 10 head-end peer-list protocol bgp
## 从CE1把流量抓上来
interface GE1/0/1
undo shutdown
port link-type trunk
[CE1-GE1/0/1.10]dis th
interface GE1/0/1.10 mode l2
encapsulation dot1q vid 10
bridge-domain 10
# EVPN想要三个东西现在已经凑足了
# 实际上在CE1上就已经形成了EVPN的三类路由信息和EVPN实例
# 就是已经产生的EVPN INSTANCE
[CE1]dis evpn vpn-instance
Total EVPN-Instances configured : 1
EVPN-Instance Name RD Address-family
10 10:10 evpn
[CE1]dis bgp evpn all routing-table inclusive-route 0:32:10.0.1.1
BGP local router ID : 10.0.1.1
Local AS number : 100
Total routes of Route Distinguisher(10:10): 1
BGP routing table entry information of 0:32:10.0.1.1:
Imported route.
From: 0.0.0.0 (0.0.0.0)
Route Duration: 0d00h06m46s
Direct Out-interface:
Original nexthop: 10.0.1.1
Qos information : 0x0
# RT在这里面,这个RT至关重要,如果没有RT,EVPN-INSTANCE就不会产生的三类路由信息
Ext-Community: RT <10 : 10>, Tunnel Type <VxLan>
AS-path Nil, origin incomplete, pref-val 0, valid, local, best, select, pre 255
PMSI: Flags 0, Ingress Replication, Label 0:0:0(10), Tunnel Identifier:10.0.1.1
Route Type: 3 (Inclusive Multicast Route)
Ethernet Tag ID: 0, Originator IP:10.0.1.1/32
Advertised to such 1 peers:
10.0.2.2
# EVPN-INSTANCE 产生的三类EVPN路由信息
EVPN-Instance 10:
Number of Inclusive Multicast Routes: 1
BGP routing table entry information of 0:32:10.0.1.1:
Route Distinguisher: 10:10 # 携带RD
Imported route.
From: 0.0.0.0 (0.0.0.0)
Route Duration: 0d00h06m46s
Direct Out-interface:
Original nexthop: 10.0.1.1
Qos information : 0x0
Ext-Community: Tunnel Type <VxLan>
AS-path Nil, origin incomplete, pref-val 0, valid, local, best, select, pre 0
PMSI: Flags 0, Ingress Replication, Label 0:0:0(10), Tunnel Identifier:10.0.1.1 # VNI在这一行
Route Type: 3 (Inclusive Multicast Route) # 此处标识路由的类型
Ethernet Tag ID: 0, Originator IP:10.0.1.1/32 # 这个地址就是NVE接口的IP
Not advertised to any peer yet
# 我们现在再把CE2的配置补全,如下所示:
[CE2]bridge-domain 10
[CE2-bd10]vxlan vni 10
[CE2-bd10] evpn
[CE2-bd10-evpn] route-distinguisher 10:10
[CE2-bd10-evpn] vpn-target 10:10 export-extcommunity
[CE2-bd10-evpn] vpn-target 10:10 import-extcommunity
## CE2
interface Nve1
source 10.0.2.2
vni 10 head-end peer-list protocol bgp
## 从CE2把流量抓上来
interface GE1/0/1
undo shutdown
port link-type trunk
[CE1-GE1/0/1.10]dis th
interface GE1/0/1.10 mode l2
encapsulation dot1q vid 10
bridge-domain 10
验证
[CE2]dis evpn vpn-instance
Total EVPN-Instances configured : 1
EVPN-Instance Name RD Address-family
10 10:10 evpn
[CE2]dis bgp evpn all routing-table inclusive-route 0:32:10.0.2.2
BGP local router ID : 10.0.2.2
Local AS number : 100
Total routes of Route Distinguisher(10:10): 1
BGP routing table entry information of 0:32:10.0.2.2:
Imported route.
From: 0.0.0.0 (0.0.0.0)
Route Duration: 0d00h01m20s
Direct Out-interface:
Original nexthop: 10.0.2.2
Qos information : 0x0
Ext-Community: RT <10 : 10>, Tunnel Type <VxLan>
AS-path Nil, origin incomplete, pref-val 0, valid, local, best, select, pre 255
PMSI: Flags 0, Ingress Replication, Label 0:0:0(10), Tunnel Identifier:10.0.2.2
Route Type: 3 (Inclusive Multicast Route)
Ethernet Tag ID: 0, Originator IP:10.0.2.2/32
Advertised to such 1 peers:
10.0.1.1
EVPN-Instance 10:
Number of Inclusive Multicast Routes: 1
BGP routing table entry information of 0:32:10.0.2.2:
Route Distinguisher: 10:10
Imported route.
From: 0.0.0.0 (0.0.0.0)
Route Duration: 0d00h01m20s
Direct Out-interface:
Original nexthop: 10.0.2.2
Qos information : 0x0
Ext-Community: Tunnel Type <VxLan>
AS-path Nil, origin incomplete, pref-val 0, valid, local, best, select, pre 0
PMSI: Flags 0, Ingress Replication, Label 0:0:0(10), Tunnel Identifier:10.0.2.2
Route Type: 3 (Inclusive Multicast Route)
Ethernet Tag ID: 0, Originator IP:10.0.2.2/32
Not advertised to any peer yet
# 显示已经有一条路由信息传过来了
[CE2]dis bgp evpn peer
BGP local router ID : 10.0.2.2
Local AS number : 100
Total number of peers : 1
Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pr
efRcv
10.0.1.1 4 100 15 14 0 00:07:00 Established
1
# 验证一下,看两端的VXLAN隧道是否建立,注意看TTYPE上是Dynamic而不是static
# 说明这是通过EVPN动态的方式建立的
[CE2-Nve1]dis vxlan tunnel
Number of vxlan tunnel : 1
Tunnel ID Source Destination State Type Uptime
4026531841 10.0.2.2 10.0.1.1 up dynamic 00:12:55
进阶实验(集中式网关)
基础理论
这个小节我们还是讨论一下VXLAN与EVPN的结合,只不过这一次我们稍稍加一点难度,实现一下通过集中式网关实现跨网段的通信。在学习VXLAN之初,我们会认为VXLAN只不过就是解决虚拟机平滑迁移的问题,比如,可以从A站点的192.168.10.0网段迁移互B站点的192.168.10.0网段,开机之后还能正常被访问。但我们忽视了一个问题,那就是虚拟机并只是整个IT机房的一部分,虚拟机本身需要跟其它网段的主机进行交互才能完成更大的任务的,关于二层的同网段的VXLAN互通问题我们在上一节已经解决了,这一节我们的解决的不同网段的VXLAN主机之间是如何互相访问的?
如上图所示,当我们使用集中式网关时,也就是将网关设置在CE3上,那PC1与PC2之间是如何通信的?PC1与PC4之间又是如何通信的?
- 配置思路:
- 先将三台CE的underlay网络打通,实现相互之间通过lookback接口都能互访;
- CE1与CE3之间配置EVPN和VXLAN
- CE2与CE3之间配置EVPN和VXLAN
- CE3要配置VBDIF接口,并配置成反射器
关键配置
underlay
# 三台PE underlay的配置(非关键配置)
# CE1
sys i
sysn CE1
# 创建互联VLAN
vlan 13
int l0
ip add 10.0.1.1 32
int vlan 13
ip add 10.0.13.1 24
ospf 1 router-id 10.0.1.1
a 0
network 10.0.1.1 0.0.0.0
network 10.0.13.1 0.0.0.0
# 物理接口要放行
int g1/0/0
undo shutdown
port link-ty trunk
port trunk a v 13
##############################
# CE3
sys i
int l0
ip add 10.0.3.3 32
vlan batch 13 23
int vlan 13
ip add 10.0.13.3 24
int vlan 23
ip add 10.0.23.3 24
ospf 1 router-id 10.0.3.3
a 0
network 10.0.3.3 0.0.0.0
network 10.0.13.3 0.0.0.0
network 10.0.23.3 0.0.0.0
int g1/0/0
undo shutdown
port link-ty trunk
port trunk all vlan 13
int g1/0/1
undo shutdown
port link-ty trunk
port trunk all vlan 23
# CE2
sys i
sysn CE2
int l0
ip add 10.0.2.2 32
vlan 23
int vlan 23
ip add 10.0.23.2 24
ospf 1 router-id 10.0.2.2
a 0
network 10.0.2.2 0.0.0.0
network 10.0.23.2 0.0.0.0
int g1/0/0
undo shutdown
port link-ty trunk
port trunk all vlan 23
qu
#####
# 验证
[CE1]ping -a 10.0.1.1 10.0.2.2
PING 10.0.2.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.2.2: bytes=56 Sequence=1 ttl=254 time=11 ms
Reply from 10.0.2.2: bytes=56 Sequence=2 ttl=254 time=7 ms
[CE2]ping -a 10.0.2.2 10.0.1.1
PING 10.0.1.1: 56 data bytes, press CTRL_C to break
Reply from 10.0.1.1: bytes=56 Sequence=1 ttl=254 time=10 ms
Reply from 10.0.1.1: bytes=56 Sequence=2 ttl=254 time=12 ms
EVPN
第二步:三台PE之间的EVPN的配置
但你想一下,我们做VXLAN跨网段的通信就真的仅仅是做跨网段的通信吗?那同子网的通信需求还有没有呢?当然是有的,所以我们也要把CE1与CE2之间、CE2与CE1之间也建立EVPN隧道,这样的话,跨网段通信我们依赖将来在CE3上设置VBDIF接口来实现,那同子网的通信就在CE1和CE2之间传输。像CE1和CE2相互连接这种需求,其实我们只要在CE3上配置反射就能轻松实现,这也是真实环境当中常常使用的方法,那我们再把反射器的配置加上。
# CE1的配置
evpn-overlay enable
bgp 100
peer 10.0.3.3 as-number 100
peer 10.0.3.3 connect-interface LoopBack0
#
ipv4-family unicast
peer 10.0.3.3 enable
#
l2vpn-family evpn
policy vpn-target
peer 10.0.3.3 enable
y
quit
# CE2的配置
evpn-overlay enable
bgp 100
peer 10.0.3.3 as-number 100
peer 10.0.3.3 connect-interface LoopBack0
#
ipv4-family unicast
peer 10.0.3.3 enable
#
l2vpn-family evpn
policy vpn-target
peer 10.0.3.3 enable
y
quit
# CE3的配置
evpn-overlay enable
bgp 100
peer 10.0.1.1 as-number 100
peer 10.0.1.1 connect-interface LoopBack0
peer 10.0.2.2 as-number 100
peer 10.0.2.2 connect-interface LoopBack0
#
ipv4-family unicast
peer 10.0.1.1 enable
peer 10.0.2.2 enable
#
l2vpn-family evpn
policy vpn-target
peer 10.0.1.1 enable
y
# 反射器的配置
peer 10.0.1.1 reflect-client
peer 10.0.2.2 enable
y
# 反射器的配置
peer 10.0.2.2 reflect-client
quit
接入配置
# LSW1和LSW2的基础配置(非关键配置)
# LSW1
sys
sysn SW1
vlan 10
int g0/0/2
port link-ty ac
port de vlan 10
int g0/0/3
port link-ty ac
port de vlan 20
int g0/0/1
port link-ty tr
port trunk all vlan 10 20
quit
# LSW2
sys
sysn SW2
vlan 10
int g0/0/2
port link-ty ac
port de vlan 10
int g0/0/3
port link-ty ac
port de vlan 20
int g0/0/1
port link-ty tr
port trunk all vlan 10 20
quit
VXLAN配置
# CE1上的配置
bridge-domain 10
vxlan vni 10
evpn
route-distinguisher 10:10
vpn-target 10:10 export-extcommunity
vpn-target 10:10 import-extcommunity
bridge-domain 20
vxlan vni 20
evpn
route-distinguisher 20:20
vpn-target 20:20 export-extcommunity
vpn-target 20:20 import-extcommunity
int g1/0/1
undo shutdown
port link-type trunk
interface GE1/0/1.10 mode l2
encapsulation dot1q vid 10
bridge-domain 10
interface GE1/0/1.20 mode l2
encapsulation dot1q vid 20
bridge-domain 20
interface Nve1
source 10.0.1.1
vni 10 head-end peer-list protocol bgp
vni 20 head-end peer-list protocol bgp # ENSP有问题,两条都敲不行,CE1这一行不敲;
# CE2上的配置
bridge-domain 10
vxlan vni 10
evpn
route-distinguisher 10:10
vpn-target 10:10 export-extcommunity
vpn-target 10:10 import-extcommunity
bridge-domain 20
vxlan vni 20
evpn
route-distinguisher 20:20
vpn-target 20:20 export-extcommunity
vpn-target 20:20 import-extcommunity
int g1/0/1
undo shutdown
port link-type trunk
interface GE1/0/1.10 mode l2
encapsulation dot1q vid 10
bridge-domain 10
interface GE1/0/1.20 mode l2
encapsulation dot1q vid 20
bridge-domain 20
interface Nve1
source 10.0.2.2
vni 20 head-end peer-list protocol bgp
vni 10 head-end peer-list protocol bgp #ENSP有问题,两条都敲不行,CE2这一行不敲;
# CE3的配置
interface Nve1
source 10.0.3.3
vni 10 head-end peer-list protocol bgp
vni 20 head-end peer-list protocol bgp
bridge-domain 10
vxlan vni 10
evpn
route-distinguisher 10:10
vpn-target 10:10 export-extcommunity
vpn-target 10:10 import-extcommunity
bridge-domain 20
vxlan vni 20
evpn
route-distinguisher 20:20
vpn-target 20:20 export-extcommunity
vpn-target 20:20 import-extcommunity
int VBDif 10
ip add 192.168.10.1 24
int VBDIF 20
ip add 192.168.20.1 24
验证
# 集中式网关,会有所有PC的ARP表项
[CE3]dis arp
ARP Entry Types: D - Dynamic, S - Static, I - Interface, O - OpenFlow, RD - Redi
rect
EXP: Expire-time VLAN:VLAN or Bridge Domain
IP ADDRESS MAC ADDRESS EXP(M) TYPE/VLAN INTERFACE VPN-INSTA
NCE
--------------------------------------------------------------------------------
--------
10.0.13.3 707b-e8d9-42fa I Vlanif13
10.0.13.1 707b-e8d9-0496 18 D/13 GE1/0/0
10.0.23.3 707b-e8d9-42fa I Vlanif23
10.0.23.2 707b-e863-07ba 18 D/23 GE1/0/1
192.168.10.1 707b-e8d9-42fa I Vbdif10
192.168.10.2 5489-982c-2d10 16 D/BD10 10.0.1.1
192.168.20.1 707b-e8d9-42fa I Vbdif20
192.168.20.44 5489-9800-407d 16 D/BD20 10.0.2.2
--------------------------------------------------------------------------------
--------
Total:8 Dynamic:4 Static:0 Interface:4 OpenFlow:0
Redirect:0
# 查看CE3,集中式网关产生的MAC路由
[CE3]dis bgp evpn all routing-table mac-route
Local AS number : 100
BGP Local router ID is 10.0.3.3
Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
# 集中式网关产生了两条MAC路由
# 这两条路由就是网关的MAC地址
# 这两条路由会交给CE1和CE2,这个CE1和CE2在通信的时候在不需要再广播了
EVPN address family:
Number of Mac Routes: 2 # 类型2路由信息
Route Distinguisher: 10:10
Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr) NextHop
*> 0:48:707b-e8d9-42fa:0:0.0.0.0 0.0.0.0
Route Distinguisher: 20:20
Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr) NextHop
*> 0:48:707b-e8d9-42fa:0:0.0.0.0 0.0.0.0
EVPN-Instance 10:
Number of Mac Routes: 1
Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr) NextHop
*> 0:48:707b-e8d9-42fa:0:0.0.0.0 0.0.0.0
EVPN-Instance 20:
Number of Mac Routes: 1
Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr) NextHop
*> 0:48:707b-e8d9-42fa:0:0.0.0.0 0.0.0.0
# 上面的MAC地址就是网关的MAC地址,如下所示:
[CE3]dis arp | incl 192.168.10.1
ARP Entry Types: D - Dynamic, S - Static, I - Interface, O - OpenFlow, RD - Redi
rect
EXP: Expire-time VLAN:VLAN or Bridge Domain
IP ADDRESS MAC ADDRESS EXP(M) TYPE/VLAN INTERFACE VPN-INSTA
NCE
--------------------------------------------------------------------------------
--------
192.168.10.1 707b-e8d9-42fa I Vbdif10
--------------------------------------------------------------------------------
--------
Total:8 Dynamic:4 Static:0 Interface:4 OpenFlow:0
Redirect:0
[CE3]dis arp | incl 192.168.20.1
ARP Entry Types: D - Dynamic, S - Static, I - Interface, O - OpenFlow, RD - Redi
rect
EXP: Expire-time VLAN:VLAN or Bridge Domain
IP ADDRESS MAC ADDRESS EXP(M) TYPE/VLAN INTERFACE VPN-INSTA
NCE
--------------------------------------------------------------------------------
--------
192.168.20.1 707b-e8d9-42fa I Vbdif20
--------------------------------------------------------------------------------
--------
Total:8 Dynamic:4 Static:0 Interface:4 OpenFlow:0
Redirect:0
[CE3]
# 集中式网关的MAC最终会下发到CE1和CE2上
[CE1]dis mac-address bridge-domain 10
Flags: * - Backup
BD : bridge-domain Age : dynamic MAC learned time in seconds
-------------------------------------------------------------------------------
MAC Address VLAN/VSI/BD Learned-From Type Age
-------------------------------------------------------------------------------
# 这一行就是
707b-e8d9-42fa -/-/10 10.0.3.3 dynamic -
5489-982c-2d10 -/-/10 GE1/0/1.10 dynamic -
# 这一行也是
707b-e8d9-42fa -/-/10 10.0.3.3 dynamic -
5489-982c-2d10 -/-/10 GE1/0/1.10 dynamic -
-------------------------------------------------------------------------------
