配置EVPN VPWS over SRv6 BE示例

NE20E-S V800R011C10 配置指南 - Segment Routing 02

评分并提供意见反馈 :

华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言，希望能帮助您更容易理解此文档的内容。请注意：即使是最好的机器翻译，其准确度也不及专业翻译人员的水平。华为对于翻译的准确性不承担任何责任，并建议您参考英文文档（已提供链接）。

介绍通过SRv6 BE承载EVPN专线业务的配置过程。

组网需求

如图3-7所示：PE1、P和PE2属于同一自治系统，要求它们之间通过IS-IS协议达到IPv6网络互连的目的。在PE1和PE2之间通过建立双向SRv6 BE承载EVPN专线业务。

图3-7 配置EVPN VPWS over SRv6 BE组网图

本例中interface1、interface2分别代表GE0/1/0、GE0/2/0。

配置思路

采用如下的思路配置EVPN VPWS over SRv6 BE：

使能各路由器的IPv6转发能力，配置各接口的IPv6地址。
在各路由器上使能IS-IS，配置Level级别，指定网络实体。
在PE设备上配置EVPN VPWS实例、EVPL实例并将EVPL实例绑定到接入侧子接口。
在PE设备之间建立BGP EVPN对等体关系。
在PE设备上配置SRv6 BE。

数据准备

为完成此配置例，需准备如下的数据：

EVPN实例名称evrf1。
EVPN实例的RD值为100:1和RT为1:1。

操作步骤

使能各路由器的IPv6转发能力，配置各接口的IPv6地址，以PE1为例，其他路由器的配置过程相同，不再赘述

<HUAWEI> system-view
[~HUAWEI] sysname PE1
[*HUAWEI] commit
[~PE1] interface gigabitethernet 0/1/0
[~PE1-GigabitEthernet0/1/0] ipv6 enable
[*PE1-GigabitEthernet0/1/0] ipv6 address 2001:DB8:10::1 64
[*PE1-GigabitEthernet0/1/0] quit
[*PE1] interface LoopBack 1
[*PE1-LoopBack1] ipv6 enable
[*PE1-LoopBack1] ipv6 address 2001:DB8:1::1 64
[*PE1-LoopBack1] quit
[*PE1] commit

配置IS-IS

# 配置PE1。

[~PE1] isis 1

[*PE1-isis-1] is-level level-1

[*PE1-isis-1] cost-style wide

[*PE1-isis-1] network-entity 10.0000.0000.0001.00

[*PE1-isis-1] ipv6 enable topology standard

[*PE1-isis-1] segment-routing ipv6 locator PE1

[*PE1-isis-1] quit

[*PE1] interface gigabitethernet 0/1/0

[*PE1-GigabitEthernet0/1/0] isis ipv6 enable 1

[*PE1-GigabitEthernet0/1/0] commit

[~PE1-GigabitEthernet0/1/0] quit

[*PE1] interface loopback1

[*PE1-LoopBack1] isis ipv6 enable 1

[*PE1-LoopBack1] commit

[~PE1-LoopBack1] quit

# 配置P。

[~P] isis 1

[*P-isis-1] is-level level-1

[*P-isis-1] cost-style wide

[*P-isis-1] network-entity 10.0000.0000.0002.00

[*P-isis-1] ipv6 enable topology standard

[*P-isis-1] quit

[*P] interface gigabitethernet 0/1/0

[*P-GigabitEthernet0/1/0] isis ipv6 enable 1

[*P-GigabitEthernet0/1/0] commit

[~P-GigabitEthernet0/1/0] quit

[*P] interface gigabitethernet 0/2/0

[*P-GigabitEthernet0/2/0] isis ipv6 enable 1

[*P-GigabitEthernet0/2/0] commit

[~P-GigabitEthernet0/2/0] quit

[*P] interface loopback1

[*P-LoopBack1] isis ipv6 enable 1

[*P-LoopBack1] commit

[~P-LoopBack1] quit

# 配置PE2。

[~PE2] isis 1

[*PE2-isis-1] is-level level-1

[*PE2-isis-1] cost-style wide

[*PE2-isis-1] network-entity 10.0000.0000.0003.00

[*PE2-isis-1] ipv6 enable topology standard

[*PE2-isis-1] segment-routing ipv6 locator PE2

[*PE2-isis-1] quit

[*PE2] interface gigabitethernet 0/1/0

[*PE2-GigabitEthernet0/1/0] isis ipv6 enable 1

[*PE2-GigabitEthernet0/1/0] commit

[*PE2-GigabitEthernet0/1/0] quit

[*PE2] interface loopback1

[*PE2-LoopBack1] isis ipv6 enable 1

[*PE2-LoopBack1] commit

[~PE2-LoopBack1] quit

配置完成后，可按如下指导检查IS-IS是否配置成功。

# 显示IS-IS邻居信息。以PE1为例。

[~PE1] display isis peer

                          Peer information for ISIS(1)
                         
  System Id     Interface         Circuit Id        State HoldTime Type     PRI
--------------------------------------------------------------------------------
0000.0000.0002  GE0/1/0           0000.0000.0002.01  Up   8s       L1       64 

Total Peer(s): 1

# 显示IS-IS路由表信息。以PE1为例。

[~PE1] display isis route

                         Route information for ISIS(1)
                         -----------------------------

                        ISIS(1) Level-1 Forwarding Table
                        --------------------------------

 IPV6 Dest.        ExitInterface      NextHop                    Cost     Flags    
--------------------------------------------------------------------------------
2001:DB8:1::/64    GE0/1/0            Direct                     10       D/-/L/-  
2001:DB8:2::2/128  GE0/1/0            FE80::3A5D:67FF:FE31:307   10       A/-/-/-  
2001:DB8:3::3/128  GE0/1/0            FE80::3A5D:67FF:FE31:307   20       A/-/-/-  
2001:DB8:10::/64   GE0/1/0            FE80::3A5D:67FF:FE31:307   20       A/-/-/-  
2001:DB8:20::/64   GE0/1/0            FE80::3A5D:67FF:FE31:307   20       A/-/-/-  
     Flags: D-Direct, A-Added to URT, L-Advertised in LSPs, S-IGP Shortcut, 
            U-Up/Down Bit Set, LP-Local Prefix-Sid

在PE设备上配置EVPN实例、EVPL实例并将EVPL实例绑定到接入侧子接口

# 配置PE1。

[~PE1] evpn vpn-instance evrf1 vpws

[*PE1-vpws-evpn-instance-evrf1] route-distinguisher 100:1

[*PE1-vpws-evpn-instance-evrf1] vpn-target 1:1

[*PE1-vpws-evpn-instance-evrf1] quit

[*PE1] evpl instance 1 srv6-mode

[*PE1-evpl-srv6-1] evpn binding vpn-instance evrf1

[*PE1-evpl-srv6-1] local-service-id 100 remote-service-id 200

[*PE1-evpl-srv6-1] quit

[*PE1] interface gigabitethernet 0/2/0.1 mode l2

[*PE1-GigabitEthernet 0/2/0.1] encapsulation dot1q vid 1

[*PE1-GigabitEthernet 0/2/0.1] evpl instance 1

[*PE1-GigabitEthernet 0/2/0.1] quit

[*PE1] commit

# 配置PE2。

[~PE2] evpn vpn-instance evrf1 vpws

[*PE2-vpws-evpn-instance-evrf1] route-distinguisher 100:1

[*PE2-vpws-evpn-instance-evrf1] vpn-target 1:1

[*PE2-vpws-evpn-instance-evrf1] quit

[*PE2] evpl instance 1 srv6-mode

[*PE2-evpl-srv6-1] evpn binding vpn-instance evrf1

[*PE2-evpl-srv6-1] local-service-id 200 remote-service-id 100

[*PE2-evpl-srv6-1] quit

[*PE2] interface gigabitethernet 0/2/0.1 mode l2

[*PE2-GigabitEthernet 0/2/0.1] encapsulation dot1q vid 1

[*PE2-GigabitEthernet 0/2/0.1] evpl instance 1

[*PE2-GigabitEthernet 0/2/0.1] quit

[*PE2] commit

在PE设备之间建立BGP EVPN对等体关系

# 配置PE1。

[~PE1] bgp 100

[*PE1-bgp] route-id 1.1.1.1

[*PE1-bgp] peer 2001:DB8:3::3 as-number 100

[*PE1-bgp] peer 2001:DB8:3::3 connect-interface loopback 1

[*PE1-bgp] l2vpn-family evpn

[*PE1-bgp-af-evpn] peer 2001:DB8:3::3 enable

[*PE1-bgp-af-evpn] quit

[*PE1-bgp] quit

[*PE1] commit

# 配置PE2。

[~PE2] bgp 100

[*PE2-bgp] route-id 3.3.3.3

[*PE2-bgp] peer 2001:DB8:1::1 as-number 100

[*PE2-bgp] peer 2001:DB8:1::1 connect-interface loopback 1

[*PE2-bgp] l2vpn-family evpn

[*PE2-bgp-af-evpn] peer 2001:DB8:1::1 enable

[*PE2-bgp-af-evpn] quit

[*PE2-bgp] quit

[*PE2] commit

配置完成后，在PE设备上执行display bgp evpn peer命令，可以看到PE之间的BGP EVPN对等体关系已建立，并达到Established状态。

在PE设备之间建立SRv6 BE

# 配置PE1。

[~PE1] segment-routing ipv6

[*PE1-segment-routing-ipv6] encapsulation source-address 2001:DB8:1::1

[*PE1-segment-routing-ipv6] locator PE1 ipv6-prefix 2001:DB8:11::11 64 static 32

[*PE1-segment-routing-ipv6-locator] quit

[*PE1-segment-routing-ipv6] quit

[*PE1] bgp 100

[*PE1-bgp] l2vpn-family evpn

[*PE1-bgp-af-evpn] peer 2001:DB8:1::1 advertise encap-type srv6

[*PE1-bgp-af-evpn] quit

[*PE1-bgp] quit

[*PE1] evpl instance 1 srv6-mode

[*PE1-evpl-srv6-1] segment-routing ipv6 locator PE1

[*PE1-evpl-srv6-1] quit

[*PE1] evpn vpn-instance evrf1 vpws

[*PE1-vpws-evpn-instance-evrf1] segment-routing ipv6 best-effort

[*PE1-vpws-evpn-instance-evrf1] quit

[*PE1] commit

# 配置PE2。

[~PE2] segment-routing ipv6

[*PE2-segment-routing-ipv6] encapsulation source-address 2001:DB8:3::3

[*PE2-segment-routing-ipv6] locator PE2 ipv6-prefix 2001:DB8:30::30 64 static 32

[*PE2-segment-routing-ipv6-locator] quit

[*PE2-segment-routing-ipv6] quit

[*PE2] bgp 100

[*PE2-bgp] l2vpn-family evpn

[*PE2-bgp-af-evpn] peer 2001:DB8:3::3 advertise encap-type srv6

[*PE2-bgp-af-evpn] quit

[*PE2-bgp] quit

[*PE2] evpl instance 1 srv6-mode

[*PE2-evpl-srv6-1] segment-routing ipv6 locator PE2

[*PE2-evpl-srv6-1] quit

[*PE2] evpn vpn-instance evrf1 vpws

[*PE2-vpws-evpn-instance-evrf1] segment-routing ipv6 best-effort

[*PE2-vpws-evpn-instance-evrf1] quit

[*PE2] commit

检查配置结果

在PE上通过配置命令display bgp evpn evpl，可以查看到EVPL的状态。以PE1为例：

[~PE1] display bgp evpn evpl

Total EVPLs: 1      1 Up     0 Down

EVPL ID : 1
State : up
EVPL Type : srv6-mode 
Interface : GigabitEthernet0/2/0.1
Local MTU : 1500
Local Control Word : false
Local Redundancy Mode : all-active
Local DF State : primary
Local ESI : 0000.0000.0000.0000.0000
Remote Redundancy Mode : all-active
Remote Primary DF Number : 1
Remote Backup DF Number : 0
Remote None DF Number : 0
Peer IP : 10.1.13.184
 Origin Nexthop IP : 2001:DB8:3::3
 DF State : primary
 Remote MTU : 1500
 Remote Control Word : false
 Remote ESI : 0000.0000.0000.0000.0000
 Tunnel ID : 
               Out Interface : 
Last Interface UP Timestamp : 2018-12-12 7:37:20:398
Last Designated Primary Timestamp : --
Last Designated Backup Timestamp : --

在PE上通过配置命令display bgp evpn all routing-table，可以看到远端发来的EVPN路由。以PE1为例：

[~PE1] display bgp evpn all routing-table

 Local AS number : 100

 BGP Local router ID is 1.1.1.1
 Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 
 EVPN address family:
 Number of A-D Routes: 2
 Route Distinguisher: 100:1
       Network(ESI/EthTagId)                                  NextHop
 *>    0000.0000.0000.0000.0000:100                           127.0.0.1
 *>i   0000.0000.0000.0000.0000:200                           2001:DB8:3::3
    

 EVPN-Instance evrf1:
 Number of A-D Routes: 2
       Network(ESI/EthTagId)                                  NextHop
 *>    0000.0000.0000.0000.0000:100                           127.0.0.1
 *>i   0000.0000.0000.0000.0000:200                           2001:DB8:3::3

配置文件

PE1的配置文件

#
sysname PE1
#
evpn vpn-instance evrf1 vpws
 route-distinguisher 100:1
 segment-routing ipv6 best-effort
 vpn-target 1:1 export-extcommunity
 vpn-target 1:1 import-extcommunity
#
evpl instance 1 srv6-mode
 evpn binding vpn-instance evrf1
 local-service-id 100 remote-service-id 200
 segment-routing ipv6 locator PE1 
#
segment-routing ipv6
 encapsulation source-address 2001:DB8:1::1
 locator PE1 ipv6-prefix 2001:DB8:11::11 64 static 32
#
isis 1
 is-level level-1
 cost-style wide
 network-entity 10.0000.0000.0001.00
 #
 ipv6 enable topology standard
 segment-routing ipv6 locator PE1
#
interface GigabitEthernet0/1/0
 undo shutdown
 ipv6 enable
 ipv6 address 2001:DB8:10::1/64
 isis ipv6 enable 1
#
interface GigabitEthernet0/2/0.1 mode l2
 encapsulation dot1q vid 1
 evpl instance 1
#
interface LoopBack1
 ipv6 enable
 ip address 1.1.1.1 255.255.255.255
 ipv6 address 2001:DB8:1::1/64
 isis ipv6 enable 1
#
bgp 100
 router-id 1.1.1.1
 peer 2001:DB8:3::3 as-number 100
 peer 2001:DB8:3::3 connect-interface LoopBack1
 #
 ipv4-family unicast
  undo synchronization
 #              
 l2vpn-family evpn
  undo policy vpn-target
  peer 2001:DB8:3::3 enable
  peer 2001:DB8:3::3 advertise encap-type srv6
#
return

P的配置文件

#
sysname P
#
isis 1
 is-level level-1
 cost-style wide
 network-entity 10.0000.0000.0002.00
 #
 ipv6 enable topology standard
#
interface GigabitEthernet0/1/0
 undo shutdown
 ipv6 enable
 ipv6 address 2001:DB8:10::2/64
 isis ipv6 enable 1
#
interface GigabitEthernet0/2/0
 undo shutdown
 ipv6 enable
 ipv6 address 2001:DB8:20::1/64
 isis ipv6 enable 1
#
interface LoopBack1
 ipv6 enable
 ipv6 address 2001:DB8:2::2/128
 isis ipv6 enable 1
#
return

PE2的配置文件

#
sysname PE2
#
evpn vpn-instance evrf1 vpws
 route-distinguisher 100:1
 segment-routing ipv6 best-effort
 vpn-target 1:1 export-extcommunity
 vpn-target 1:1 import-extcommunity
#
evpl instance 1 srv6-mode
 evpn binding vpn-instance evrf1
 local-service-id 200 remote-service-id 100
 segment-routing ipv6 locator PE2 
#
segment-routing ipv6
 encapsulation source-address 2001:DB8:3::3
 locator PE2 ipv6-prefix 2001:DB8:30::30 64 static 32
#
isis 1
 is-level level-1
 cost-style wide
 network-entity 10.0000.0000.0003.00
 #
 ipv6 enable topology standard
 segment-routing ipv6 locator PE2
#
interface GigabitEthernet0/1/0
 undo shutdown
 ipv6 enable
 ipv6 address 2001:DB8:20::2/64
 isis ipv6 enable 1
#
interface GigabitEthernet0/2/0.1 mode l2
 encapsulation dot1q vid 1
 evpl instance 1
#
interface LoopBack1
 ipv6 enable
 ip address 3.3.3.3 255.255.255.255
 ipv6 address 2001:DB8:3::3/64
 isis ipv6 enable 1
#
bgp 100
 router-id 3.3.3.3
 peer 2001:DB8:1::1 as-number 100
 peer 2001:DB8:1::1 connect-interface LoopBack1
 #
 ipv4-family unicast
  undo synchronization
 #              
 l2vpn-family evpn
  undo policy vpn-target
  peer 2001:DB8:1::1 enable
  peer 2001:DB8:1::1 advertise encap-type srv6
#
return

翻译

English

下载文档

更新时间：2020-02-07

文档编号：EDOC1100125618

浏览量：9023

下载量：46

平均得分:

本文档适用于这些产品

组网需求

配置思路

数据准备

操作步骤

配置文件

相关版本

相关文档