이번 실습에서는 여러 부서의 네트워크를 논리적으로 분리하고, 각 테넌트 내에서 자유로운 L3 통신을 지원하는 멀티 테넌트(Multi-Tenant) 환경을 EVPN-VXLAN 기반으로 구축합니다.
설정 정보 (Leaf)
Leaf 스위치의 주요 설정은 다음과 같습니다.
1. VRF(Virtual Routing and Forwarding)를 이용한 테넌트 격리
- 네트워크 분리를 위해 각 테넌트마다 독립적인 라우팅 공간을 제공하는 VRF를 사용합니다.
- VRF 생성: `VRF A`와 `VRF B`를 생성하여 두 개의 논리적 테넌트로 분리합니다.
- RT(Route Target) 설정
- 각 VRF에 고유한 RT 값을 할당하여 BGP가 경로 정보를 교환할 때, 동일한 RT 값을 가진 VTEP끼리만 통신하도록 제한합니다.
- VRF A-RT: `65001:5000`
- VRF B-RT: `65001:7000`
- 각 VRF에 고유한 RT 값을 할당하여 BGP가 경로 정보를 교환할 때, 동일한 RT 값을 가진 VTEP끼리만 통신하도록 제한합니다.
2. Anycast Gateway 설정
- 데이터센터 패브릭 내 모든 호스트의 Gateway 경로를 최적화하고 이중화를 구현하기 위해 `Anycast Gateway`를 설정합니다.
- 동일한 가상 IP/MAC
- 모든 Leaf 스위치에서 각 테넌트의 Gateway 역할을 하는 SVI(Switch Virtual Interface)에 아래와 같이 동일한 가상 IP와 가상 MAC 주소를 설정합니다.
- 이를 통해 특정 Leaf 스위치에 장애가 발생해도 호스트는 중단 없이 통신할 수 있습니다.
- 가상 IP: `172.16.x.254/24`
- 가상 MAC: `00:00:00:aa:aa:aa`
3. L3VPN을 위한 BGP 설정
- 테넌트 내에서 VLAN 간 라우팅(Inter-VLAN Routing)을 활성화하고, 불필요한 정보 전파를 막아 Control Plane을 최적화합니다.
- L3 경로 정보 광고 (`redistribute connected`)
- 동일 테넌트 내 서로 다른 서브넷 간의 L3 통신을 위해 `redistribute connected` 명령어를 사용합니다.
- 이 설정은 Leaf 스위치에 직접 연결된 대역 정보를 Route-Type 5 (IP Prefix) 형태로 변환하여 다른 VTEP들에게 광고하는 역할을 합니다.
- 불필요한 L2 정보 전파 제한
- 순수 L3 통신만 필요한 VLAN(예: Leaf2의 VLAN 11, Leaf3의 VLAN 20)에 대해서는 Route-Type 2 (MAC-IP) 경로 광고를 비활성화합니다.
- 해당 VLAN의 MAC 주소 정보가 다른 Leaf 스위치로 불필요하게 전파되는 것을 막아 EVPN BGP 테이블의 효율성을 높입니다.
Leaf 설정 확인
Leaf 설정 내용 입니다.
[Leaf1]
[Leaf1]
[vrf]
vrf instance A
!
vrf instance B
!
interface Vlan10
vrf A
ip address 172.16.10.1/24
ip virtual-router address 172.16.10.254
!
interface Vlan20
vrf B
ip address 172.16.20.1/24
ip virtual-router address 172.16.20.254
!
ip virtual-router mac-address 00:00:00:aa:aa:aa
!
ip routing vrf A
ip routing vrf B
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 10 vni 10010
vxlan vlan 20 vni 20020
vxlan vrf A vni 5000
vxlan vrf B vni 7000
[MP-BGP_EVPN]
router bgp 65001
router-id 10.1.1.1
neighbor SPINE peer group
neighbor SPINE remote-as 65001
neighbor SPINE update-source Loopback0
neighbor SPINE send-community extended
neighbor 1.1.1.1 peer group SPINE
neighbor 2.2.2.2 peer group SPINE
!
vlan 10
rd 10.1.1.1:10
route-target both 65001:10
redistribute learned
!
vlan 20
rd 10.1.1.1:20
route-target both 65001:20
redistribute learned
!
address-family evpn
neighbor SPINE activate
!
vrf A
rd 10.1.1.1:5000
route-target import 65001:5000
route-target export 65001:5000
redistribute connected
!
vrf B
rd 10.1.1.1:7000
route-target import 65001:7000
route-target export 65001:7000
redistribute connected
[Leaf2]
[Leaf2]
[vrf]
vrf instance A
!
vrf instance B
!
interface Vlan10
vrf A
ip address 172.16.10.2/24
ip virtual-router address 172.16.10.254
!
interface Vlan11
vrf B
ip address 172.16.10.2/24
ip virtual-router address 172.16.10.254
!
ip virtual-router mac-address 00:00:00:aa:aa:aa
!
ip routing vrf A
ip routing vrf B
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 10 vni 10010
vxlan vrf A vni 5000
vxlan vrf B vni 7000
[MP-BGP_EVPN]
router bgp 65001
router-id 10.1.1.2
neighbor SPINE peer group
neighbor SPINE remote-as 65001
neighbor SPINE update-source Loopback0
neighbor SPINE send-community extended
neighbor 1.1.1.1 peer group SPINE
neighbor 2.2.2.2 peer group SPINE
!
vlan 10
rd 10.1.1.2:10
route-target both 65001:10
redistribute learned
!
address-family evpn
neighbor SPINE activate
!
vrf A
rd 10.1.1.2:5000
route-target import 65001:5000
route-target export 65001:5000
redistribute connected
!
vrf B
rd 10.1.1.2:7000
route-target import 65001:7000
route-target export 65001:7000
redistribute connected
[Leaf3]
[Leaf3]
[vrf]
vrf instance A
!
vrf instance B
!
interface Vlan20
vrf A
ip address 172.16.20.2/24
ip virtual-router address 172.16.20.254
!
interface Vlan21
vrf B
ip address 172.16.20.2/24
ip virtual-router address 172.16.20.254
!
ip virtual-router mac-address 00:00:00:aa:aa:aa
!
ip routing vrf A
ip routing vrf B
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 21 vni 20020
vxlan vrf A vni 5000
vxlan vrf B vni 7000
[MP-BGP_EVPN]
router bgp 65001
router-id 10.1.1.3
neighbor SPINE peer group
neighbor SPINE remote-as 65001
neighbor SPINE update-source Loopback0
neighbor SPINE send-community extended
neighbor 1.1.1.1 peer group SPINE
neighbor 2.2.2.2 peer group SPINE
!
vlan 21
rd 10.1.1.3:21
route-target both 65001:20
redistribute learned
!
address-family evpn
neighbor SPINE activate
!
vrf A
rd 10.1.1.3:5000
route-target import 65001:5000
route-target export 65001:5000
redistribute connected
!
vrf B
rd 10.1.1.3:7000
route-target import 65001:7000
route-target export 65001:7000
redistribute connected
VXLAN VTEP 상태 확인
- VLAN ↔ VNI 매핑 및 HER VTEP 정보 (L2VPN)
- 동일 VLAN간의 통신에 사용되는 L2 VNI 정보를 확인합니다. 설정한 VLAN과 VNI의 매핑 상태를 보여줍니다. `Static VLAN to VNI mapping`
- BUM 트래픽 복제를 위한 HER(Head-End Replication) VTEP 리스트가 함께 표시됩니다. `Headend replication flood vtep list`
- VRF ↔ VNI 매핑 정보 (L3VPN)
- 테넌트(VRF) 내 서로 다른 서브넷 간의 라우팅 통신에 사용되는 L3 VNI 정보를 확인합니다. Static VRF to VNI mapping
VXLAN VTEP 상태
[Leaf1]
[Leaf1]
Leaf1#show interfaces vxlan 1
Vxlan1 is up, line protocol is up (connected)
Hardware is Vxlan
Source interface is Loopback1 and is active with 10.2.2.1
Listening on UDP port 4789
Replication/Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is
[10, 10010] [20, 20020]
Dynamic VLAN to VNI mapping for 'evpn' is
[4097, 7000] [4098, 5000]
Note: All Dynamic VLANs used by VCS are internal VLANs.
Use 'show vxlan vni' for details.
Static VRF to VNI mapping is
[A, 5000]
[B, 7000]
Headend replication flood vtep list is:
10 10.2.2.2
20 10.2.2.3
Shared Router MAC is 0000.0000.0000
Leaf1#show vxlan vtep detail
Remote VTEPS for Vxlan1:
VTEP Learned Via MAC Address Learning Tunnel Type(s)
------------ ----------------- ------------------------- --------------
10.2.2.2 control plane control plane unicast, flood
10.2.2.3 control plane control plane unicast, flood
Total number of remote VTEPS: 2
[Leaf2]
[Leaf2]
Leaf2#show interfaces vxlan 1
Vxlan1 is up, line protocol is up (connected)
Hardware is Vxlan
Source interface is Loopback1 and is active with 10.2.2.2
Listening on UDP port 4789
Replication/Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is
[10, 10010]
Dynamic VLAN to VNI mapping for 'evpn' is
[4097, 7000] [4098, 5000]
Note: All Dynamic VLANs used by VCS are internal VLANs.
Use 'show vxlan vni' for details.
Static VRF to VNI mapping is
[A, 5000]
[B, 7000]
Headend replication flood vtep list is:
10 10.2.2.1
Shared Router MAC is 0000.0000.0000
Leaf2#show vxlan vtep detail
Remote VTEPS for Vxlan1:
VTEP Learned Via MAC Address Learning Tunnel Type(s)
--------- -------------- ---------------------- --------------
10.2.2.1 control plane control plane flood, unicast
Total number of remote VTEPS: 1
[Leaf3]
[Leaf3]
Leaf3#show interfaces vxlan 1
Vxlan1 is up, line protocol is up (connected)
Hardware is Vxlan
Source interface is Loopback1 and is active with 10.2.2.3
Listening on UDP port 4789
Replication/Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is
[21, 20020]
Dynamic VLAN to VNI mapping for 'evpn' is
[4097, 7000] [4098, 5000]
Note: All Dynamic VLANs used by VCS are internal VLANs.
Use 'show vxlan vni' for details.
Static VRF to VNI mapping is
[A, 5000]
[B, 7000]
Headend replication flood vtep list is:
21 10.2.2.1
Shared Router MAC is 0000.0000.0000
Leaf3#show vxlan vtep detail
Remote VTEPS for Vxlan1:
VTEP Learned Via MAC Address Learning Tunnel Type(s)
--------- -------------- ---------------------- --------------
10.2.2.1 control plane control plane unicast, flood
Total number of remote VTEPS: 1
VXLAN Address Table 확인
L3 통신은 라우팅으로 처리되기에 L2 VNI 통신에 대한 Mac 주소만 저장하고 있습니다.
VXLAN Address Table
[Leaf1]
Leaf1#show vxlan address-table
Vxlan Mac Address Table
----------------------------------------------------------------------
VLAN Mac Address Type Prt VTEP Moves Last Move
---- ----------- ---- --- ---- ----- ---------
10 0000.0000.3333 EVPN Vx1 10.2.2.2 1 6:15:46 ago
20 0000.0000.6666 EVPN Vx1 10.2.2.3 1 5:30:25 ago
Total Remote Mac Addresses for this criterion: 2
[Leaf2]
Leaf2#show vxlan address-table
Vxlan Mac Address Table
----------------------------------------------------------------------
VLAN Mac Address Type Prt VTEP Moves Last Move
---- ----------- ---- --- ---- ----- ---------
10 0000.0000.1111 EVPN Vx1 10.2.2.1 1 6:14:41 ago
Total Remote Mac Addresses for this criterion: 1
[Leaf3]
Leaf3#show vxlan address-table
Vxlan Mac Address Table
----------------------------------------------------------------------
VLAN Mac Address Type Prt VTEP Moves Last Move
---- ----------- ---- --- ---- ----- ---------
21 0000.0000.2222 EVPN Vx1 10.2.2.1 1 5:30:36 ago
Total Remote Mac Addresses for this criterion: 1
MAC Address Table 확인
MAC Address Table
[Leaf1]
Leaf1#show mac address-table
Mac Address Table
------------------------------------------------------------------
Vlan Mac Address Type Ports Moves Last Move
---- ----------- ---- ----- ----- ---------
1 0000.00aa.aaaa STATIC Cpu
10 0000.00aa.aaaa STATIC Cpu
10 0000.0000.1111 DYNAMIC Et3 1 6:16:05 ago
10 0000.0000.3333 DYNAMIC Vx1 1 6:17:18 ago
20 0000.00aa.aaaa STATIC Cpu
20 0000.0000.6666 DYNAMIC Vx1 1 5:31:57 ago
20 0000.0000.2222 DYNAMIC Et4 1 5:31:57 ago
Total Mac Addresses for this criterion: 7
[Leaf2]
Leaf2#show mac address-table
Mac Address Table
------------------------------------------------------------------
Vlan Mac Address Type Ports Moves Last Move
---- ----------- ---- ----- ----- ---------
1 0000.00aa.aaaa STATIC Cpu
10 0000.00aa.aaaa STATIC Cpu
10 0000.0000.1111 DYNAMIC Vx1 1 6:19:58 ago
10 0000.0000.3333 DYNAMIC Et3 1 6:21:11 ago
11 0000.00aa.aaaa STATIC Cpu
11 0000.0000.4444 DYNAMIC Et4 1 5:32:48 ago
Total Mac Addresses for this criterion: 6
[Leaf3]
Leaf3#show mac address-table
Mac Address Table
------------------------------------------------------------------
Vlan Mac Address Type Ports Moves Last Move
---- ----------- ---- ----- ----- ---------
1 0000.00aa.aaaa STATIC Cpu
20 0000.00aa.aaaa STATIC Cpu
20 0000.0000.5555 DYNAMIC Et3 1 6:57:51 ago
21 0000.00aa.aaaa STATIC Cpu
21 0000.0000.6666 DYNAMIC Et4 1 6:13:01 ago
21 0000.0000.2222 DYNAMIC Vx1 1 6:13:01 ago
Total Mac Addresses for this criterion: 6
라우팅 테이블 확인 (Spine / Leaf)
Spine은 VTEP 간의 안정적인 경로를 제공하는 역할을 합니다.
그렇기에 Spine에서는 Overlay 대역에 대한 라우팅 정보는 가지지 않으며 Leaf 스위치 간의 통신 경로인 Underlay 라우팅만 존재합니다.
라우팅 테이블(Spine)
[Spine1]
[Spine1]
Spine1#show ip route ospf
...
O 2.2.2.2/32 [110/30]
via 10.0.11.3, Ethernet2
via 10.0.12.4, Ethernet3
via 10.0.13.5, Ethernet4
O 10.0.21.0/29 [110/20]
via 10.0.11.3, Ethernet2
O 10.0.22.0/29 [110/20]
via 10.0.12.4, Ethernet3
O 10.0.23.0/29 [110/20]
via 10.0.13.5, Ethernet4
O 10.1.1.1/32 [110/20]
via 10.0.11.3, Ethernet2
O 10.1.1.2/32 [110/20]
via 10.0.12.4, Ethernet3
O 10.1.1.3/32 [110/20]
via 10.0.13.5, Ethernet4
O 10.2.2.1/32 [110/20]
via 10.0.11.3, Ethernet2
O 10.2.2.2/32 [110/20]
via 10.0.12.4, Ethernet3
O 10.2.2.3/32 [110/20]
via 10.0.13.5, Ethernet4
// bgp 라우팅 정보 없음
Spine1#show ip route bgp
...
[Spine2]
[Spine2]
Spine2#show ip route ospf
...
O 1.1.1.1/32 [110/30]
via 10.0.21.3, Ethernet2
via 10.0.22.4, Ethernet3
via 10.0.23.5, Ethernet4
O 10.0.11.0/29 [110/20]
via 10.0.21.3, Ethernet2
O 10.0.12.0/29 [110/20]
via 10.0.22.4, Ethernet3
O 10.0.13.0/29 [110/20]
via 10.0.23.5, Ethernet4
O 10.1.1.1/32 [110/20]
via 10.0.21.3, Ethernet2
O 10.1.1.2/32 [110/20]
via 10.0.22.4, Ethernet3
O 10.1.1.3/32 [110/20]
via 10.0.23.5, Ethernet4
O 10.2.2.1/32 [110/20]
via 10.0.21.3, Ethernet2
O 10.2.2.2/32 [110/20]
via 10.0.22.4, Ethernet3
O 10.2.2.3/32 [110/20]
via 10.0.23.5, Ethernet4
// bgp 라우팅 정보 없음
Spine2#show ip route bgp
...
Leaf 스위치는 두 가지 종류의 라우팅 테이블을 가집니다.
- 글로벌 라우팅 테이블: Spine과 마찬가지로 다른 VTEP로 향하는 Underlay 경로 정보만 존재합니다.
- VRF 라우팅 테이블: 테넌트별로 생성된 VRF 내부를 확인하면, 비로소 Overlay 경로 정보를 볼 수 있습니다.
라우팅 테이블(Leaf)
[Leaf1]
[Leaf1]
Leaf1#show ip route ospf
...
O 1.1.1.1/32 [110/20]
via 10.0.11.1, Ethernet1
O 2.2.2.2/32 [110/20]
via 10.0.21.2, Ethernet2
O 10.0.12.0/29 [110/20]
via 10.0.11.1, Ethernet1
O 10.0.13.0/29 [110/20]
via 10.0.11.1, Ethernet1
O 10.0.22.0/29 [110/20]
via 10.0.21.2, Ethernet2
O 10.0.23.0/29 [110/20]
via 10.0.21.2, Ethernet2
O 10.1.1.2/32 [110/30]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
O 10.1.1.3/32 [110/30]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
O 10.2.2.2/32 [110/30]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
O 10.2.2.3/32 [110/30]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
// bgp 라우팅 정보 없음
Leaf1#show ip route bgp
...
Leaf1#show ip route vrf A
...
B I 172.16.10.11/32 [200/0]
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:d5:84:93 local-interface Vxlan1
C 172.16.10.0/24
directly connected, Vlan10
B I 172.16.20.0/24 [200/0]
via VTEP 10.2.2.3 VNI 5000 router-mac 00:1c:73:f3:76:dc local-interface Vxlan1
Leaf1#show ip route vrf B
...
B I 172.16.10.0/24 [200/0]
via VTEP 10.2.2.2 VNI 7000 router-mac 00:1c:73:d5:84:93 local-interface Vxlan1
B I 172.16.20.22/32 [200/0]
via VTEP 10.2.2.3 VNI 7000 router-mac 00:1c:73:f3:76:dc local-interface Vxlan1
C 172.16.20.0/24
directly connected, Vlan20
[Leaf2]
[Leaf2]
Leaf2#show ip route ospf
...
O 1.1.1.1/32 [110/20]
via 10.0.12.1, Ethernet1
O 2.2.2.2/32 [110/20]
via 10.0.22.2, Ethernet2
O 10.0.11.0/29 [110/20]
via 10.0.12.1, Ethernet1
O 10.0.13.0/29 [110/20]
via 10.0.12.1, Ethernet1
O 10.0.21.0/29 [110/20]
via 10.0.22.2, Ethernet2
O 10.0.23.0/29 [110/20]
via 10.0.22.2, Ethernet2
O 10.1.1.1/32 [110/30]
via 10.0.12.1, Ethernet1
via 10.0.22.2, Ethernet2
O 10.1.1.3/32 [110/30]
via 10.0.12.1, Ethernet1
via 10.0.22.2, Ethernet2
O 10.2.2.1/32 [110/30]
via 10.0.12.1, Ethernet1
via 10.0.22.2, Ethernet2
O 10.2.2.3/32 [110/30]
via 10.0.12.1, Ethernet1
via 10.0.22.2, Ethernet2
// bgp 라우팅 정보 없음
Leaf2#show ip route bgp
...
Leaf2#show ip route vrf A
...
B I 172.16.10.10/32 [200/0]
via VTEP 10.2.2.1 VNI 5000 router-mac 00:1c:73:1a:10:f8 local-interface Vxlan1
C 172.16.10.0/24
directly connected, Vlan10
B I 172.16.20.0/24 [200/0]
via VTEP 10.2.2.3 VNI 5000 router-mac 00:1c:73:f3:76:dc local-interface Vxlan1
Leaf2#show ip route vrf B
...
C 172.16.10.0/24
directly connected, Vlan11
B I 172.16.20.20/32 [200/0]
via VTEP 10.2.2.1 VNI 7000 router-mac 00:1c:73:1a:10:f8 local-interface Vxlan1
B I 172.16.20.22/32 [200/0]
via VTEP 10.2.2.3 VNI 7000 router-mac 00:1c:73:f3:76:dc local-interface Vxlan1
B I 172.16.20.0/24 [200/0]
via VTEP 10.2.2.1 VNI 7000 router-mac 00:1c:73:1a:10:f8 local-interface Vxlan1
[Leaf3]
[Leaf3]
Leaf3#show ip route ospf
...
O 1.1.1.1/32 [110/20]
via 10.0.13.1, Ethernet1
O 2.2.2.2/32 [110/20]
via 10.0.23.2, Ethernet2
O 10.0.11.0/29 [110/20]
via 10.0.13.1, Ethernet1
O 10.0.12.0/29 [110/20]
via 10.0.13.1, Ethernet1
O 10.0.21.0/29 [110/20]
via 10.0.23.2, Ethernet2
O 10.0.22.0/29 [110/20]
via 10.0.23.2, Ethernet2
O 10.1.1.1/32 [110/30]
via 10.0.13.1, Ethernet1
via 10.0.23.2, Ethernet2
O 10.1.1.2/32 [110/30]
via 10.0.13.1, Ethernet1
via 10.0.23.2, Ethernet2
O 10.2.2.1/32 [110/30]
via 10.0.13.1, Ethernet1
via 10.0.23.2, Ethernet2
O 10.2.2.2/32 [110/30]
via 10.0.13.1, Ethernet1
via 10.0.23.2, Ethernet2
// bgp 라우팅 정보 없음
Leaf3#show ip route bgp
...
Leaf3#show ip route vrf A
...
B I 172.16.10.10/32 [200/0]
via VTEP 10.2.2.1 VNI 5000 router-mac 00:1c:73:1a:10:f8 local-interface Vxlan1
B I 172.16.10.11/32 [200/0]
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:d5:84:93 local-interface Vxlan1
B I 172.16.10.0/24 [200/0]
via VTEP 10.2.2.1 VNI 5000 router-mac 00:1c:73:1a:10
:f8 local-interface Vxlan1
C 172.16.20.0/24
directly connected, Vlan20
Leaf3#show ip route vrf B
...
B I 172.16.10.0/24 [200/0]
via VTEP 10.2.2.2 VNI 7000 router-mac 00:1c:73:d5:84:93 local-interface Vxlan1
B I 172.16.20.20/32 [200/0]
via VTEP 10.2.2.1 VNI 7000 router-mac 00:1c:73:1a:10:f8 local-interface Vxlan1
C 172.16.20.0/24
directly connected, Vlan21
BGP EVPN 라우트 확인
BGP 테이블을 확인하여, EVPN을 통해 네트워크 정보가 올바르게 전파되고 있는지 확인합니다.
- Route Type 3 (IMET 경로): BUM 트래픽 처리를 위한 경로입니다. 패브릭 내 모든 VTEP IP들이 정상적으로 학습되었는지 확인합니다.
- Route Type 2 (MAC/IP 경로): 호스트의 MAC과 IP 주소 정보입니다. 특정 호스트가 어느 원격 VTEP에 연결되어 있는지 확인합니다.
- Route Type 5 (IP Prefix 경로): L3 라우팅을 위한 IP Prefix(네트워크 대역) 정보입니다. VRF 간 혹은 서브넷 간 통신에 필요한 경로가 학습되었는지 확인합니다.
BGP EVPN 라우트(Spine)
[Spine1]
[Spine1]
Spine1#show bgp evpn summary
...
Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
10.1.1.1 4 65001 556 570 0 0 07:35:49 Estab 8 8 10
10.1.1.2 4 65001 552 571 0 0 07:35:49 Estab 5 5 13
10.1.1.3 4 65001 556 569 0 0 07:35:46 Estab 5 5 13
Spine1#show bgp evpn
...
Network Next Hop Metric LocPref Weight Path
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 i
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111 172.16.10.10
10.2.2.1 - 100 0 i
* > RD: 10.1.1.3:21 mac-ip 0000.0000.6666
10.2.2.3 - 100 0 i
* > RD: 10.1.1.3:21 mac-ip 0000.0000.6666 172.16.20.22
10.2.2.3 - 100 0 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222 172.16.20.20
10.2.2.1 - 100 0 i
* > RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 i
* > RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 i
* > RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 i
* > RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 i
* > RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 i
* > RD: 10.1.1.3:21 imet 10.2.2.3
10.2.2.3 - 100 0 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
10.2.2.1 - 100 0 i
* > RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 i
* > RD: 10.1.1.2:7000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 i
* > RD: 10.1.1.1:7000 ip-prefix 172.16.20.0/24
10.2.2.1 - 100 0 i
* > RD: 10.1.1.3:5000 ip-prefix 172.16.20.0/24
10.2.2.3 - 100 0 i
* > RD: 10.1.1.3:7000 ip-prefix 172.16.20.0/24
10.2.2.3 - 100 0 i
[Spine2]
[Spine2]
Spine2#show bgp evpn summary
...
Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
10.1.1.1 4 65001 563 575 0 0 07:38:49 Estab 8 8 10
10.1.1.2 4 65001 552 578 0 0 07:38:49 Estab 5 5 13
10.1.1.3 4 65001 563 572 0 0 07:38:51 Estab 5 5 13
Spine2#show bgp evpn
...
Network Next Hop Metric LocPref Weight Path
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 i
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111 172.16.10.10
10.2.2.1 - 100 0 i
* > RD: 10.1.1.3:21 mac-ip 0000.0000.6666
10.2.2.3 - 100 0 i
* > RD: 10.1.1.3:21 mac-ip 0000.0000.6666 172.16.20.22
10.2.2.3 - 100 0 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222 172.16.20.20
10.2.2.1 - 100 0 i
* > RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 i
* > RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 i
* > RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 i
* > RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 i
* > RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 i
* > RD: 10.1.1.3:21 imet 10.2.2.3
10.2.2.3 - 100 0 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
10.2.2.1 - 100 0 i
* > RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 i
* > RD: 10.1.1.2:7000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 i
* > RD: 10.1.1.1:7000 ip-prefix 172.16.20.0/24
10.2.2.1 - 100 0 i
* > RD: 10.1.1.3:5000 ip-prefix 172.16.20.0/24
10.2.2.3 - 100 0 i
* > RD: 10.1.1.3:7000 ip-prefix 172.16.20.0/24
10.2.2.3 - 100 0 i
🤔 Host 4, 5의 MAC/IP 정보는 보이지 않는 이유?
실습 환경에서 Host 4, 5는 L2 VXLAN으로 확장되지 않고, L3 라우팅을 위한 L3VNI만 적용되어 있습니다.
- Host 4: 172.16.10.12 (VLAN 11)
- Host 5: 172.16.20.21 (VLAN 20)
EVPN Type-2 (MAC/IP) 경로가 BGP로 광고되기 위한 조건은 다음과 같습니다.
- 해당 VLAN이 VXLAN으로 확장 (L2VNI 매핑) 설정되어야 합니다.
- 해당 VLAN이 BGP EVPN 인스턴스에 포함되어야 합니다.
EVPN Type-2 경로는 L2 VNI로 확장된 VLAN에 속한 호스트 정보만 광고하기 때문입니다.
Host 4, 5가 속한 VLAN은 다른 Leaf와 L2 VNI 통신이 없으므로 MAC 주소를 교환할 수 없는 것입니다.
해당 VLAN은 VRF에 연결되어 L3VNI를 통한 라우팅 통신만 가능합니다.
BGP EVPN 라우트(Leaf)
[Leaf1]
[Leaf1]
Leaf1# show bgp evpn summary
...
Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
1.1.1.1 4 65001 511 497 0 0 06:45:28 Estab 10 10 8
2.2.2.2 4 65001 514 501 0 0 06:46:44 Estab 10 10 8
Leaf1#show bgp evpn
BGP routing table information for VRF default
Router identifier 10.1.1.1, local AS number 65001
Route status codes: * - valid, > - active, S - Stale, E - ECMP head, e - ECMP
c - Contributing to ECMP, % - Pending best path selection
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster List, LL Nexthop - Link Local Nexthop
Network Next Hop Metric LocPref Weight Path
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111
- - - 0 i
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111 172.16.10.10
- - - 0 i
* >Ec RD: 10.1.1.3:21 mac-ip 0000.0000.6666
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* ec RD: 10.1.1.3:21 mac-ip 0000.0000.6666
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* >Ec RD: 10.1.1.3:21 mac-ip 0000.0000.6666 172.16.20.22
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* ec RD: 10.1.1.3:21 mac-ip 0000.0000.6666 172.16.20.22
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222
- - - 0 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222 172.16.20.20
- - - 0 i
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* > RD: 10.1.1.1:10 imet 10.2.2.1
- - - 0 i
* > RD: 10.1.1.1:20 imet 10.2.2.1
- - - 0 i
* >Ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.3:21 imet 10.2.2.3
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* ec RD: 10.1.1.3:21 imet 10.2.2.3
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* > RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
- - - 0 i
* > RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* > RD: 10.1.1.2:7000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* RD: 10.1.1.2:7000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* > RD: 10.1.1.1:7000 ip-prefix 172.16.20.0/24
- - - 0 i
* > RD: 10.1.1.3:5000 ip-prefix 172.16.20.0/24
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* RD: 10.1.1.3:5000 ip-prefix 172.16.20.0/24
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* > RD: 10.1.1.3:7000 ip-prefix 172.16.20.0/24
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* RD: 10.1.1.3:7000 ip-prefix 172.16.20.0/24
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
[Leaf2]
[Leaf2]
Leaf2# show bgp evpn summary
...
Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
1.1.1.1 4 65001 526 505 0 0 06:57:03 Estab 13 13 5
2.2.2.2 4 65001 529 505 0 0 06:58:18 Estab 13 13 5
Leaf2#show bgp evpn
...
Network Next Hop Metric LocPref Weight Path
* >Ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111 172.16.10.10
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111 172.16.10.10
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.3:21 mac-ip 0000.0000.6666
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* ec RD: 10.1.1.3:21 mac-ip 0000.0000.6666
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* >Ec RD: 10.1.1.3:21 mac-ip 0000.0000.6666 172.16.20.22
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* ec RD: 10.1.1.3:21 mac-ip 0000.0000.6666 172.16.20.22
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* >Ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* >Ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222 172.16.20.20
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222 172.16.20.20
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* > RD: 10.1.1.2:10 mac-ip 0000.0000.3333
- - - 0 i
* > RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
- - - 0 i
* >Ec RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* > RD: 10.1.1.2:10 imet 10.2.2.2
- - - 0 i
* >Ec RD: 10.1.1.3:21 imet 10.2.2.3
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* ec RD: 10.1.1.3:21 imet 10.2.2.3
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* > RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* > RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
- - - 0 i
* > RD: 10.1.1.2:7000 ip-prefix 172.16.10.0/24
- - - 0 i
* > RD: 10.1.1.1:7000 ip-prefix 172.16.20.0/24
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* RD: 10.1.1.1:7000 ip-prefix 172.16.20.0/24
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* > RD: 10.1.1.3:5000 ip-prefix 172.16.20.0/24
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* RD: 10.1.1.3:5000 ip-prefix 172.16.20.0/24
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
* > RD: 10.1.1.3:7000 ip-prefix 172.16.20.0/24
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 1.1.1.1
* RD: 10.1.1.3:7000 ip-prefix 172.16.20.0/24
10.2.2.3 - 100 0 i Or-ID: 10.1.1.3 C-LST: 2.2.2.2
[Leaf3]
[Leaf3]
Leaf3# show bgp evpn summary
...
Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
1.1.1.1 4 65001 536 524 0 0 07:07:18 Estab 13 13 5
2.2.2.2 4 65001 537 528 0 0 07:08:38 Estab 13 13 5
Leaf3#show bgp evpn
...
Network Next Hop Metric LocPref Weight Path
* >Ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111 172.16.10.10
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111 172.16.10.10
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* > RD: 10.1.1.3:21 mac-ip 0000.0000.6666
- - - 0 i
* > RD: 10.1.1.3:21 mac-ip 0000.0000.6666 172.16.20.22
- - - 0 i
* >Ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222 172.16.20.20
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222 172.16.20.20
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* >Ec RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* ec RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* >Ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* > RD: 10.1.1.3:21 imet 10.2.2.3
- - - 0 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* > RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* > RD: 10.1.1.2:7000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 1.1.1.1
* RD: 10.1.1.2:7000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 i Or-ID: 10.1.1.2 C-LST: 2.2.2.2
* > RD: 10.1.1.1:7000 ip-prefix 172.16.20.0/24
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 1.1.1.1
* RD: 10.1.1.1:7000 ip-prefix 172.16.20.0/24
10.2.2.1 - 100 0 i Or-ID: 10.1.1.1 C-LST: 2.2.2.2
* > RD: 10.1.1.3:5000 ip-prefix 172.16.20.0/24
- - - 0 i
* > RD: 10.1.1.3:7000 ip-prefix 172.16.20.0/24
- - - 0 i
💡 L2VNI, L3VNI 어떻게 인식하고 처리할까?
Leaf 스위치(=VTEP)는 들어온 패킷을 아래 순서로 판단합니다.
(1) 수신 인터페이스 확인
- 해당 인터페이스(VLAN)는 어떤 VRF에 속하는지, 그리고 어떤 VNI와 매핑되어 있는지 확인
- → 예: Leaf1 - VLAN 10은 VRF A, VNI 10010 / VLAN 20은 VRF B, VNI 20020
(2) 목적지 MAC or IP 판단
상황 동작 방식
같은 VLAN / 같은 서브넷 L2 switching 수행→ MAC lookup → 로컬에 없으면 EVPN Type-2 MAC/IP Advertisement lookup → L2VNI 터널로 VXLAN 캡슐화 전송 다른 VLAN(다른 Subnet) L3 routing 수행 → VRF의 L3VNI를 통해 목적지 Leaf로 전달 (EVPN Type-5 참조)
Host_A(172.16.10.10/24) -- VLAN10 (VRF A)
|
Leaf1 (L3VNI 5000)
|
VXLAN TUNNEL (VNI 5000)
|
Leaf2 (VRF A, L3VNI 5000)
|
Host_B(172.16.20.20/24) -- VLAN20 (VRF A)
Ping 테스트
Ping 테스트 결과(VLAN10/VLAN20)
VLAN 10
[VLAN 10]
host1#ping 172.16.10.11
PING 172.16.10.11 (172.16.10.11) 72(100) bytes of data.
80 bytes from 172.16.10.11: icmp_seq=1 ttl=64 time=3.59 ms
80 bytes from 172.16.10.11: icmp_seq=2 ttl=64 time=2.92 ms
80 bytes from 172.16.10.11: icmp_seq=3 ttl=64 time=3.88 ms
host1#ping 172.16.20.21
PING 172.16.20.21 (172.16.20.21) 72(100) bytes of data.
80 bytes from 172.16.20.21: icmp_seq=1 ttl=62 time=4.95 ms
80 bytes from 172.16.20.21: icmp_seq=2 ttl=62 time=3.56 ms
80 bytes from 172.16.20.21: icmp_seq=3 ttl=62 time=3.34 ms
host1#ping 172.16.10.12
PING 172.16.10.12 (172.16.10.12) 72(100) bytes of data.
--- 172.16.10.12 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 40ms
host1#ping 172.16.20.20
PING 172.16.20.20 (172.16.20.20) 72(100) bytes of data.
--- 172.16.20.20 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 43ms
host1#ping 172.16.20.22
PING 172.16.20.22 (172.16.20.22) 72(100) bytes of data.
--- 172.16.20.22 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 47ms
VLAN 20
[VLAN 20]
host2#ping 172.16.10.12
PING 172.16.10.12 (172.16.10.12) 72(100) bytes of data.
80 bytes from 172.16.10.12: icmp_seq=1 ttl=62 time=6.34 ms
80 bytes from 172.16.10.12: icmp_seq=2 ttl=62 time=3.50 ms
80 bytes from 172.16.10.12: icmp_seq=3 ttl=62 time=3.25 ms
host2#ping 172.16.20.22
PING 172.16.20.22 (172.16.20.22) 72(100) bytes of data.
80 bytes from 172.16.20.22: icmp_seq=1 ttl=64 time=3.91 ms
80 bytes from 172.16.20.22: icmp_seq=2 ttl=64 time=3.97 ms
80 bytes from 172.16.20.22: icmp_seq=3 ttl=64 time=2.51 ms
host2#ping 172.16.10.10
PING 172.16.10.10 (172.16.10.10) 72(100) bytes of data.
--- 172.16.10.10 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 41ms
host2#ping 172.16.10.11
PING 172.16.10.11 (172.16.10.11) 72(100) bytes of data.
--- 172.16.10.11 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 42ms
host2#ping 172.16.20.21
PING 172.16.20.21 (172.16.20.21) 72(100) bytes of data.
--- 172.16.20.21 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 42ms
[참고 사이트]
https://www.youtube.com/watch?v=UK6nFC3po48
https://www.arista.com/ko/um-eos/eos-configuring-evpn#xx1307270
[Config]
github: vxlan-evpn_L3VPN-multi
'Routing > VXLAN-EVPN' 카테고리의 다른 글
| [EVPN] Multi-Site 환경 VXLAN-EVPN 설계 및 실습 (Stretched L2) (0) | 2026.03.17 |
|---|---|
| [EVPN] VXLAN-EVPN 이중화와 Failover 구조 - 멀티호밍 (Multi-homing) (0) | 2026.03.10 |
| [EVPN] VXLAN-EVPN 연동 실습#3 - EVPN Overlay L3VPN 연동 (단일 테넌트) (0) | 2026.01.31 |
| [EVPN] VXLAN-EVPN 연동 실습#2 - EVPN Overlay L2VPN 연동 (단일 테넌트) (0) | 2026.01.24 |
| [EVPN] VXLAN-EVPN 연동 실습#1 - Underlay 구축 (OSPF, BGP) (0) | 2026.01.17 |
