설정 정보 (Leaf)
Leaf 스위치의 주요 설정은 다음과 같습니다.
1. MP-BGP EVPN 활성화
- `send-community extended`: EVPN에서는 RT(Route Target) 와 같은 중요한 정보가 BGP Extended Community 속성을 통해 전달되기에 활성화합니다.
- `address-family evpn`
- EVPN 라우트 타입(1~5)을 교환하기 위해 활성화가 필요합니다.
- 이 주소 패밀리 내에서 `neighbor SPINE activate` 명령을 통해 Spine 스위치와 EVPN 경로를 교환할 세션을 활성화합니다.
2. VLAN별 EVPN 서비스 정의
- VXLAN으로 확장하고자 하는 각 VLAN은 BGP 내에서 고유한 L2VPN 인스턴스로 정의됩니다. 이때 `RD`와 `RT`를 사용하여 각 서비스를 식별하고 격리합니다.
- `rd <값>` (Route Distinguisher): 경로를 전역적으로 고유하게 만들어주는 식별자입니다. 만약 다른 테넌트도 똑같은 VLAN 10을 사용하더라도, RD 값이 다르면 완전히 별개의 경로로 인식됩니다.
- `route-target both <값>`: 경로의 수입/수출 정책을 결정하는 '그룹 태그'입니다. 동일한 RT 값을 가진 스위치들끼리만 해당 VLAN의 경로 정보를 서로 공유하여 하나의 VPN을 형성합니다.
- `redistribute learned`: 해당 VLAN에서 동적으로 학습한 호스트의 MAC 주소를 EVPN Type-2 경로로 변환하여 BGP를 통해 광고하도록 하는 명령입니다.
[Leaf1]
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 10 vni 10010
vxlan vlan 20 vni 20020
[MP-BGP_EVPN]
router bgp 65001
router-id 10.1.1.1
neighbor SPINE peer group
neighbor SPINE remote-as 65001
neighbor SPINE update-source Loopback0
neighbor SPINE send-community extended
neighbor 1.1.1.1 peer group SPINE
neighbor 2.2.2.2 peer group SPINE
!
vlan 10
rd 10.1.1.1:10
route-target both 65001:10
redistribute learned
!
vlan 20
rd 10.1.1.1:20
route-target both 65001:20
redistribute learned
!
address-family evpn
neighbor SPINE activate
[Leaf2]
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 10 vni 10010
[MP-BGP_EVPN]
router bgp 65001
router-id 10.1.1.2
neighbor SPINE peer group
neighbor SPINE remote-as 65001
neighbor SPINE update-source Loopback0
neighbor SPINE send-community extended
neighbor 1.1.1.1 peer group SPINE
neighbor 2.2.2.2 peer group SPINE
!
vlan 10
rd 10.1.1.2:10
route-target both 65001:10
redistribute learned
!
address-family evpn
neighbor SPINE activate
[Leaf3]
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 20 vni 20020
[MP-BGP_EVPN]
router bgp 65001
router-id 10.1.1.3
neighbor SPINE peer group
neighbor SPINE remote-as 65001
neighbor SPINE update-source Loopback0
neighbor SPINE send-community extended
neighbor 1.1.1.1 peer group SPINE
neighbor 2.2.2.2 peer group SPINE
!
vlan 20
rd 10.1.1.3:20
route-target both 65001:20
redistribute learned
!
address-family evpn
neighbor SPINE activate
VXLAN VTEP 상태 확인
- VLAN ↔ VNI 매핑 및 HER VTEP 정보 (L2VPN)
VXLAN 터널에서 사용될 flood list 및 MAC 주소 학습을 EVPN을 통해서 이루어지는 것을 볼 수 있습니다.
동일 VLAN간의 통신에 사용되는 L2 VNI 정보를 확인합니다. 설정한 VLAN과 VNI의 매핑 상태를 보여줍니다. `Static VLAN to VNI mapping`
BUM 트래픽 복제를 위한 HER(Head-End Replication) VTEP 리스트가 함께 표시됩니다. `Headend replication flood vtep list`
[Leaf1]
Leaf1#show interfaces vxlan 1
Vxlan1 is up, line protocol is up (connected)
Hardware is Vxlan
Source interface is Loopback1 and is active with 10.2.2.1
Listening on UDP port 4789
Replication/Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is
[10, 10010] [20, 20020]
Note: All Dynamic VLANs used by VCS are internal VLANs.
Use 'show vxlan vni' for details.
Static VRF to VNI mapping is not configured
Headend replication flood vtep list is:
10 10.2.2.2
20 10.2.2.3
Shared Router MAC is 0000.0000.0000
Leaf1#show vxlan vtep detail
Remote VTEPS for Vxlan1:
VTEP Learned Via MAC Address Learning Tunnel Type(s)
------------ ----------------- ------------------------- --------------
10.2.2.2 control plane control plane unicast, flood
10.2.2.3 control plane control plane unicast, flood
Total number of remote VTEPS: 2
[Leaf2]
Leaf2#show vxlan vtep detail
Remote VTEPS for Vxlan1:
VTEP Learned Via MAC Address Learning Tunnel Type(s)
------------ ----------------- ------------------------- --------------
10.2.2.1 control plane control plane flood, unicast
Total number of remote VTEPS: 1
[Leaf3]
Leaf3#show vxlan vtep detail
Remote VTEPS for Vxlan1:
VTEP Learned Via MAC Address Learning Tunnel Type(s)
------------ ----------------- ------------------------- --------------
10.2.2.1 control plane control plane flood, unicast
Total number of remote VTEPS: 1
VXLAN Address Table 확인
VXLAN을 통해 통신하는 원격 host의 MAC 주소 테이블로 같은 대역(VLAN)의 host 주소만 등록됩니다.
[Leaf1]
Leaf1#show vxlan address-table
Vxlan Mac Address Table
----------------------------------------------------------------------
VLAN Mac Address Type Prt VTEP Moves Last Move
---- ----------- ---- --- ---- ----- ---------
10 0000.0000.3333 EVPN Vx1 10.2.2.2 1 2:51:24 ago
10 0000.0000.4444 EVPN Vx1 10.2.2.2 1 2:35:36 ago
20 0000.0000.6666 EVPN Vx1 10.2.2.3 1 2:52:01 ago
20 0000.0000.5555 EVPN Vx1 10.2.2.3 1 2:41:33 ago
Total Remote Mac Addresses for this criterion: 4
[Leaf2]
Leaf2#show vxlan address-table
Vxlan Mac Address Table
----------------------------------------------------------------------
VLAN Mac Address Type Prt VTEP Moves Last Move
---- ----------- ---- --- ---- ----- ---------
10 0000.0000.1111 EVPN Vx1 10.2.2.1 1 2:52:26 ago
Total Remote Mac Addresses for this criterion: 1
[Leaf3]
Leaf3#show vxlan address-table
Vxlan Mac Address Table
----------------------------------------------------------------------
VLAN Mac Address Type Prt VTEP Moves Last Move
---- ----------- ---- --- ---- ----- ---------
20 0000.0000.2222 EVPN Vx1 10.2.2.1 1 2:53:12 ago
Total Remote Mac Addresses for this criterion: 1
MAC Address Table 확인
[Leaf1]
Leaf1#show mac address-table
Mac Address Table
------------------------------------------------------------------
Vlan Mac Address Type Ports Moves Last Move
---- ----------- ---- ----- ----- ---------
10 0000.0000.1111 DYNAMIC Et3 1 2:55:51 ago
10 0000.0000.3333 DYNAMIC Vx1 1 2:53:35 ago
10 0000.0000.4444 DYNAMIC Vx1 1 2:37:47 ago
20 0000.0000.2222 DYNAMIC Et4 1 2:54:20 ago
20 0000.0000.6666 DYNAMIC Vx1 1 2:54:12 ago
20 0000.0000.5555 DYNAMIC Vx1 1 2:43:44 ago
Total Mac Addresses for this criterion: 6
[Leaf2]
Leaf2#show mac address-table
Mac Address Table
------------------------------------------------------------------
Vlan Mac Address Type Ports Moves Last Move
---- ----------- ---- ----- ----- ---------
10 0000.0000.1111 DYNAMIC Vx1 1 2:55:28 ago
10 0000.0000.3333 DYNAMIC Et3 1 2:55:09 ago
10 0000.0000.4444 DYNAMIC Et4 1 2:39:21 ago
Total Mac Addresses for this criterion: 3
[Leaf3]
Leaf3#show mac address-table
Mac Address Table
------------------------------------------------------------------
Vlan Mac Address Type Ports Moves Last Move
---- ----------- ---- ----- ----- ---------
20 0000.0000.2222 DYNAMIC Vx1 1 2:55:57 ago
20 0000.0000.6666 DYNAMIC Et4 1 2:56:00 ago
20 0000.0000.5555 DYNAMIC Et3 1 2:45:30 ago
Total Mac Addresses for this criterion: 3
라우팅 테이블 확인 (Spine / Leaf)
Spine은 VTEP 간의 안정적인 경로를 제공하는 역할을 합니다.
그렇기에 Overlay 대역에 대한 라우팅 정보는 가지지 않으며 Leaf 스위치 간의 통신 경로인 Underlay 라우팅만 존재합니다.
[Spine1]
Spine1#show ip route ospf
...
O 2.2.2.2/32 [110/30]
via 10.0.11.3, Ethernet2
via 10.0.12.4, Ethernet3
via 10.0.13.5, Ethernet4
O 10.0.21.0/29 [110/20]
via 10.0.11.3, Ethernet2
O 10.0.22.0/29 [110/20]
via 10.0.12.4, Ethernet3
O 10.0.23.0/29 [110/20]
via 10.0.13.5, Ethernet4
O 10.1.1.1/32 [110/20]
via 10.0.11.3, Ethernet2
O 10.1.1.2/32 [110/20]
via 10.0.12.4, Ethernet3
O 10.1.1.3/32 [110/20]
via 10.0.13.5, Ethernet4
O 10.2.2.1/32 [110/20]
via 10.0.11.3, Ethernet2
O 10.2.2.2/32 [110/20]
via 10.0.12.4, Ethernet3
O 10.2.2.3/32 [110/20]
via 10.0.13.5, Ethernet4
// bgp 라우팅 정보 없음
Spine1#show ip route bgp
...
[Spine2]
Spine2#show ip route ospf
...
O 1.1.1.1/32 [110/30]
via 10.0.21.3, Ethernet2
via 10.0.22.4, Ethernet3
via 10.0.23.5, Ethernet4
O 10.0.11.0/29 [110/20]
via 10.0.21.3, Ethernet2
O 10.0.12.0/29 [110/20]
via 10.0.22.4, Ethernet3
O 10.0.13.0/29 [110/20]
via 10.0.23.5, Ethernet4
O 10.1.1.1/32 [110/20]
via 10.0.21.3, Ethernet2
O 10.1.1.2/32 [110/20]
via 10.0.22.4, Ethernet3
O 10.1.1.3/32 [110/20]
via 10.0.23.5, Ethernet4
O 10.2.2.1/32 [110/20]
via 10.0.21.3, Ethernet2
O 10.2.2.2/32 [110/20]
via 10.0.22.4, Ethernet3
O 10.2.2.3/32 [110/20]
via 10.0.23.5, Ethernet4
// bgp 라우팅 정보 없음
Spine2#show ip route bgp
...
[Leaf1]
Leaf1#show ip route ospf
...
O 1.1.1.1/32 [110/20]
via 10.0.11.1, Ethernet1
O 2.2.2.2/32 [110/20]
via 10.0.21.2, Ethernet2
O 10.0.12.0/29 [110/20]
via 10.0.11.1, Ethernet1
O 10.0.13.0/29 [110/20]
via 10.0.11.1, Ethernet1
O 10.0.22.0/29 [110/20]
via 10.0.21.2, Ethernet2
O 10.0.23.0/29 [110/20]
via 10.0.21.2, Ethernet2
O 10.1.1.2/32 [110/30]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
O 10.1.1.3/32 [110/30]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
O 10.2.2.2/32 [110/30]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
O 10.2.2.3/32 [110/30]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
// bgp 라우팅 정보 없음
Leaf1#show ip route bgp
...
[Leaf2]
Leaf2#show ip route ospf
...
O 1.1.1.1/32 [110/20]
via 10.0.12.1, Ethernet1
O 2.2.2.2/32 [110/20]
via 10.0.22.2, Ethernet2
O 10.0.11.0/29 [110/20]
via 10.0.12.1, Ethernet1
O 10.0.13.0/29 [110/20]
via 10.0.12.1, Ethernet1
O 10.0.21.0/29 [110/20]
via 10.0.22.2, Ethernet2
O 10.0.23.0/29 [110/20]
via 10.0.22.2, Ethernet2
O 10.1.1.1/32 [110/30]
via 10.0.12.1, Ethernet1
via 10.0.22.2, Ethernet2
O 10.1.1.3/32 [110/30]
via 10.0.12.1, Ethernet1
via 10.0.22.2, Ethernet2
O 10.2.2.1/32 [110/30]
via 10.0.12.1, Ethernet1
via 10.0.22.2, Ethernet2
O 10.2.2.3/32 [110/30]
via 10.0.12.1, Ethernet1
via 10.0.22.2, Ethernet2
// bgp 라우팅 정보 없음
Leaf2#show ip route bgp
...
[Leaf3]
Leaf3#show ip route ospf
...
O 1.1.1.1/32 [110/20]
via 10.0.13.1, Ethernet1
O 2.2.2.2/32 [110/20]
via 10.0.23.2, Ethernet2
O 10.0.11.0/29 [110/20]
via 10.0.13.1, Ethernet1
O 10.0.12.0/29 [110/20]
via 10.0.13.1, Ethernet1
O 10.0.21.0/29 [110/20]
via 10.0.23.2, Ethernet2
O 10.0.22.0/29 [110/20]
via 10.0.23.2, Ethernet2
O 10.1.1.1/32 [110/30]
via 10.0.13.1, Ethernet1
via 10.0.23.2, Ethernet2
O 10.1.1.2/32 [110/30]
via 10.0.13.1, Ethernet1
via 10.0.23.2, Ethernet2
O 10.2.2.1/32 [110/30]
via 10.0.13.1, Ethernet1
via 10.0.23.2, Ethernet2
O 10.2.2.2/32 [110/30]
via 10.0.13.1, Ethernet1
via 10.0.23.2, Ethernet2
// bgp 라우팅 정보 없음
Leaf3#show ip route bgp
...
BGP EVPN 라우트 확인
BGP 테이블을 확인하여, EVPN을 통해 네트워크 정보가 올바르게 전파되고 있는지 확인합니다.
- `IMET (Inclusive Multicast Ethernet Tag)`: VTEP IP들이 다 학습되었는지 확인합니다. (`Route Type 3`)
- `MAC/IP`: 각 호스트의 MAC, IP가 리모트 VTEP과 매핑되어 학습되는지 확인합니다. (`Route Type 2`)
[Spine1]
Spine1#show bgp evpn summary
...
Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
10.1.1.1 4 65001 177 177 0 0 02:22:57 Estab 4 4 6
10.1.1.2 4 65001 174 178 0 0 02:21:13 Estab 3 3 7
10.1.1.3 4 65001 174 177 0 0 02:21:28 Estab 3 3 7
Spine1#show bgp evpn
...
Network Next Hop Metric LocPref Weight Path
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 i
* > RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 i
* > RD: 10.1.1.2:10 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 i
* > RD: 10.1.1.3:20 mac-ip 0000.0000.6666
10.2.2.3 - 100 0 i
* > RD: 10.1.1.3:20 mac-ip 0000.0000.5555
10.2.2.3 - 100 0 i
* > RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 i
* > RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 i
* > RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 i
* > RD: 10.1.1.3:20 imet 10.2.2.3
10.2.2.3 - 100 0 i
[Spine2]
Spine2#show bgp evpn summary
...
Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
10.1.1.1 4 65001 176 173 0 0 02:20:47 Estab 4 4 6
10.1.1.2 4 65001 170 177 0 0 02:18:53 Estab 3 3 7
10.1.1.3 4 65001 171 173 0 0 02:19:10 Estab 3 3 7
Spine2#show bgp evpn
...
Network Next Hop Metric LocPref Weight Path
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 i
* > RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 i
* > RD: 10.1.1.2:10 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 i
* > RD: 10.1.1.3:20 mac-ip 0000.0000.6666
10.2.2.3 - 100 0 i
* > RD: 10.1.1.3:20 mac-ip 0000.0000.5555
10.2.2.3 - 100 0 i
* > RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 i
* > RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 i
* > RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 i
* > RD: 10.1.1.3:20 imet 10.2.2.3
10.2.2.3 - 100 0 i
이번 L2VPN 연동 실습은 SVI에 IP를 설정하지 않아 순수 L2 통신만 수행합니다. 따라서 BGP EVPN 테이블을 확인하면 IP 주소 정보가 없는 MAC-only Type-2 경로만 광고되는 것을 볼 수 있습니다.
`show bgp evpn detail` 명령으로 상세 정보를 봐도 L2VNI만 포함될 뿐, IP 주소나 L3VNI 정보는 없습니다.
컨트롤 플레인에서 교환된 이 정보들을 바탕으로 최종적으로 EVPN MAC 테이블(`show bgp evpn mac`)이 완성됩니다.
이 테이블은 원격지 호스트의 MAC 주소가 어떤 VTEP 너머에 있는지 알려주어, VXLAN을 통한 효율적인 L2 프레임 포워딩을 가능하게 합니다.
[Leaf1]
Leaf1# show bgp evpn summary
...
Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
1.1.1.1 4 65001 191 191 0 0 02:34:41 Estab 6 6 4
2.2.2.2 4 65001 189 194 0 0 02:34:51 Estab 6 6 4
Leaf1#show bgp evpn
BGP routing table information for VRF default
Router identifier 10.1.1.1, local AS number 65001
Route status codes: * - valid, > - active, S - Stale, E - ECMP head, e - ECMP
c - Contributing to ECMP, % - Pending best path selection
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster List, LL Nexthop - Link Local Nexthop
Network Next Hop Metric LocPref Weight Path
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111
- - - 0 i
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222
- - - 0 i
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.3:20 mac-ip 0000.0000.6666
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* ec RD: 10.1.1.3:20 mac-ip 0000.0000.6666
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.3:20 mac-ip 0000.0000.5555
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* ec RD: 10.1.1.3:20 mac-ip 0000.0000.5555
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* > RD: 10.1.1.1:10 imet 10.2.2.1
- - - 0 i
* > RD: 10.1.1.1:20 imet 10.2.2.1
- - - 0 i
* >Ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.3:20 imet 10.2.2.3
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* ec RD: 10.1.1.3:20 imet 10.2.2.3
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
Leaf1#show bgp evpn mac
VLAN Label Encap MAC Tunnel Endpoint Seq#
----- ------ ----- ------------------ ------------------ ------
10 10010 VXLAN 0000.0000.3333 10.2.2.2 -
10 10010 VXLAN 0000.0000.3333 10.2.2.2 -
10 10010 VXLAN 0000.0000.1111 Local -
10 10010 VXLAN 0000.0000.4444 10.2.2.2 -
10 10010 VXLAN 0000.0000.4444 10.2.2.2 -
20 20020 VXLAN 0000.0000.2222 Local -
20 20020 VXLAN 0000.0000.6666 10.2.2.3 -
20 20020 VXLAN 0000.0000.6666 10.2.2.3 -
20 20020 VXLAN 0000.0000.5555 10.2.2.3 -
20 20020 VXLAN 0000.0000.5555 10.2.2.3 -
Leaf1#show bgp evpn detail
BGP routing table entry for mac-ip 0000.0000.3333, Route Distinguisher: 10.1.1.2:10
Paths: 2 available
Local
10.2.2.2 from 1.1.1.1 (1.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, internal, ECMP head, ECMP, best, ECMP contributor
Originator: 10.1.1.2, Cluster list: 1.1.1.1
Extended Community: Route-Target-AS:65001:10 TunnelEncap:tunnelTypeVxlan
VNI: 10010 ESI: 0000:0000:0000:0000:0000
Local
10.2.2.2 from 2.2.2.2 (2.2.2.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, internal, ECMP, ECMP contributor
Originator: 10.1.1.2, Cluster list: 2.2.2.2
Extended Community: Route-Target-AS:65001:10 TunnelEncap:tunnelTypeVxlan
VNI: 10010 ESI: 0000:0000:0000:0000:0000
...
BGP routing table entry for mac-ip 0000.0000.5555, Route Distinguisher: 10.1.1.3:20
Paths: 2 available
Local
10.2.2.3 from 1.1.1.1 (1.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, internal, ECMP head, ECMP, best, ECMP contributor
Originator: 10.1.1.3, Cluster list: 1.1.1.1
Extended Community: Route-Target-AS:65001:20 TunnelEncap:tunnelTypeVxlan
VNI: 20020 ESI: 0000:0000:0000:0000:0000
Local
10.2.2.3 from 2.2.2.2 (2.2.2.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, internal, ECMP, ECMP contributor
Originator: 10.1.1.3, Cluster list: 2.2.2.2
Extended Community: Route-Target-AS:65001:20 TunnelEncap:tunnelTypeVxlan
VNI: 20020 ESI: 0000:0000:0000:0000:0000
[Leaf2]
Leaf2# show bgp evpn summary
...
Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
1.1.1.1 4 65001 204 199 0 0 02:42:32 Estab 7 7 3
2.2.2.2 4 65001 205 199 0 0 02:42:32 Estab 7 7 3
Leaf2#show bgp evpn
...
Network Next Hop Metric LocPref Weight Path
* >Ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* > RD: 10.1.1.2:10 mac-ip 0000.0000.3333
- - - 0 i
* >Ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* > RD: 10.1.1.2:10 mac-ip 0000.0000.4444
- - - 0 i
* >Ec RD: 10.1.1.3:20 mac-ip 0000.0000.6666
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* ec RD: 10.1.1.3:20 mac-ip 0000.0000.6666
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.3:20 mac-ip 0000.0000.5555
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* ec RD: 10.1.1.3:20 mac-ip 0000.0000.5555
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* >Ec RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* > RD: 10.1.1.2:10 imet 10.2.2.2
- - - 0 i
* >Ec RD: 10.1.1.3:20 imet 10.2.2.3
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* ec RD: 10.1.1.3:20 imet 10.2.2.3
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
Leaf2#show bgp evpn mac
VLAN Label Encap MAC Tunnel Endpoint Seq#
----- ------ ----- ------------------ ------------------ ------
10 10010 VXLAN 0000.0000.3333 Local -
10 10010 VXLAN 0000.0000.4444 Local -
10 10010 VXLAN 0000.0000.1111 10.2.2.1 -
10 10010 VXLAN 0000.0000.1111 10.2.2.1 -
[Leaf3]
Leaf3# show bgp evpn summary
...
Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
1.1.1.1 4 65001 203 203 0 0 02:45:07 Estab 7 7 3
2.2.2.2 4 65001 204 201 0 0 02:45:09 Estab 7 7 3
Leaf3#show bgp evpn
...
Network Next Hop Metric LocPref Weight Path
* >Ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* >Ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* > RD: 10.1.1.3:20 mac-ip 0000.0000.6666
- - - 0 i
* > RD: 10.1.1.3:20 mac-ip 0000.0000.5555
- - - 0 i
* >Ec RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* > RD: 10.1.1.3:20 imet 10.2.2.3
- - - 0 i
Leaf3#show bgp evpn mac
VLAN Label Encap MAC Tunnel Endpoint Seq#
----- ------ ----- ------------------ ------------------ ------
20 20020 VXLAN 0000.0000.6666 Local -
20 20020 VXLAN 0000.0000.2222 10.2.2.1 -
20 20020 VXLAN 0000.0000.2222 10.2.2.1 -
20 20020 VXLAN 0000.0000.5555 Local -
Ping 테스트
컨트롤 플레인과 데이터 플레인 설정이 모두 완료되었으므로, 최종적으로 동일한 L2 도메인에 속한 호스트 간의 통신을 확인합니다.
Host1(vlan 10), Host2(vlan 20)에서 서로 다른 Leaf 스위치에 연결된 Host로 ping 테스트를 수행한 결과, 양방향 통신이 정상적으로 이루어지는 것을 확인할 수 있습니다.
이는 EVPN 컨트롤 플레인을 통해 MAC 주소가 올바르게 교환되고, VXLAN 데이터 플레인을 통해 L2 프레임이 성공적으로 터널링 되었음을 의미합니다.
[VLAN 10]
host1#ping 172.16.10.11
PING 172.16.10.11 (172.16.10.11) 72(100) bytes of data.
80 bytes from 172.16.10.11: icmp_seq=1 ttl=64 time=14.9 ms
80 bytes from 172.16.10.11: icmp_seq=2 ttl=64 time=8.06 ms
80 bytes from 172.16.10.11: icmp_seq=3 ttl=64 time=2.94 ms
host1#ping 172.16.10.12
PING 172.16.10.12 (172.16.10.12) 72(100) bytes of data.
80 bytes from 172.16.10.12: icmp_seq=1 ttl=64 time=5.71 ms
80 bytes from 172.16.10.12: icmp_seq=2 ttl=64 time=7.42 ms
80 bytes from 172.16.10.12: icmp_seq=3 ttl=64 time=6.22 ms
[VLAN 20]
host2#ping 172.16.20.21
PING 172.16.20.21 (172.16.20.21) 72(100) bytes of data.
80 bytes from 172.16.20.21: icmp_seq=1 ttl=64 time=3.89 ms
80 bytes from 172.16.20.21: icmp_seq=2 ttl=64 time=3.15 ms
80 bytes from 172.16.20.21: icmp_seq=3 ttl=64 time=5.08 ms
host2#ping 172.16.20.22
PING 172.16.20.22 (172.16.20.22) 72(100) bytes of data.
80 bytes from 172.16.20.22: icmp_seq=1 ttl=64 time=6.84 ms
80 bytes from 172.16.20.22: icmp_seq=2 ttl=64 time=2.37 ms
80 bytes from 172.16.20.22: icmp_seq=3 ttl=64 time=2.29 ms
[참고 사이트]
https://www.youtube.com/watch?v=UK6nFC3po48
https://www.arista.com/ko/um-eos/eos-configuring-evpn#xx1307270
'Routing > VXLAN-EVPN' 카테고리의 다른 글
| [EVPN] VXLAN-EVPN 연동 실습#1 - Underlay 구축 (OSPF, BGP) (0) | 2026.01.17 |
|---|---|
| [EVPN] EVPN MAC Learning, ARP Suppression 동작 원리 (0) | 2026.01.10 |
| [EVPN] EVPN Route Type 완벽 정리 (Type 1~5) (0) | 2026.01.03 |
| [EVPN] EVPN 구성 필수 요소 (RD, RT, MP-BGP) (0) | 2025.12.27 |
| [EVPN] EVPN(Ethernet VPN) 이란? (+용어정리) (1) | 2025.12.20 |
