물리적으로 분리된 두 데이터센터(DC1, DC2)를 VXLAN-EVPN으로 연동하여, 동일 서브넷이 확장되는 Stretched L2 환경과 Symmetric IRB 기반의 Inter-VLAN 라우팅을 구현합니다.
설정 정보 (Spine)
spine 스위치는 fabric 내 모든 leaf를 연결하는 허브 역할을 수행합니다.
대규모 fabric 확장에 유리한 eBGP를 Underlay 프로토콜로 채택하였으며, leaf 간의 직접적인 터널링을 보장하기 위해 Underlay와 Overlay 세션을 분리합니다.
1. Underlay eBGP 구성 (IP Routing)
- 물리적 연결을 바탕으로 VTEP(Loopback) IP의 도달성을 확보하는 단계입니다.
- Interface 피어링: OSPF 대신 물리 인터페이스 IP를 사용하여 leaf와 eBGP 피어링을 맺습니다. 이를 통해 정책 기반의 경로 제어가 가능해집니다.
- Loopback 광고: Leaf 스위치들이 서로의 VTEP IP를 알 수 있도록, spine은 자신의 `Loopback0`을 `network` 명령어로 광고하고 leaf로부터 수신한 Loopback 경로를 라우팅 테이블에 등록합니다.
2. Overlay eBGP 구성 (Loopback 피어링)
- 실제 테넌트의 트래픽 정보를 교환하는 단계로, VxLAN의 무결성을 위해 특별한 설정이 필요합니다.
- Loopback 피어링 & eBGP Multihop
- 물리 링크 장애 시에도 세션을 유지하기 위해 안정적인 `Loopback0` 인터페이스 간에 피어링을 맺습니다.
- 다만, eBGP 설정 시 기본적으로 직접 연결된 장비하고만 피어링을 맺기에 TTL 1로 적용됩니다.
- `ebgp-multihop`: Loopback 인터페이스 간 통신일 경우 IP 대역이 달라 직접 연결된 피어로 인식하지 않기에 TTL 값을 늘려 통신이 가능하도록 합니다.
- `next-hop-unchanged`
- eBGP는 기본적으로 next-hop을 자신으로 변경하지만, VXLAN 터널은 leaf 간 직접 연결되어야 하므로 이 옵션을 필수적으로 사용하여 leaf IP를 유지합니다.
- `neighbor EVPN-OVERLAY next-hop-unchanged` 설정을 적용하여, spine이 경로를 중계할 때 최초 출발지 leaf의 VTEP IP를 그대로 유지하도록 강제합니다. 이를 통해 leaf 간 직접적인 VXLAN 터널링이 완성됩니다.
설정 정보 (Spine)
DC1-spine1
[DC1-spine1]
[MP-BGP_EVPN]
router bgp 61001
router-id 1.1.1.1
maximum-paths 4
neighbor EVPN-OVERLAY peer group
neighbor EVPN-OVERLAY next-hop-unchanged
neighbor EVPN-OVERLAY update-source Loopback0
neighbor EVPN-OVERLAY ebgp-multihop 3
neighbor EVPN-OVERLAY send-community extended
neighbor UNDERLAY peer group
neighbor UNDERLAY send-community
neighbor UNDERLAY maximum-routes 12000
neighbor 10.0.11.3 peer group UNDERLAY
neighbor 10.0.11.3 remote-as 61002
neighbor 10.0.11.3 description DC1-leaf1
neighbor 10.0.12.4 peer group UNDERLAY
neighbor 10.0.12.4 remote-as 61003
neighbor 10.0.12.4 description DC1-leaf2
neighbor 10.0.14.6 peer group UNDERLAY
neighbor 10.0.14.6 remote-as 61004
neighbor 10.0.14.6 description DC1-borderleaf
neighbor 10.1.1.1 peer group EVPN-OVERLAY
neighbor 10.1.1.1 remote-as 61002
neighbor 10.1.1.1 description DC1-leaf1
neighbor 10.1.1.2 peer group EVPN-OVERLAY
neighbor 10.1.1.2 remote-as 61003
neighbor 10.1.1.2 description DC1-leaf2
neighbor 10.1.1.4 peer group EVPN-OVERLAY
neighbor 10.1.1.4 remote-as 61004
neighbor 10.1.1.4 description DC1-borderleaf
!
address-family evpn
neighbor EVPN-OVERLAY activate
!
address-family ipv4
no neighbor EVPN-OVERLAY activate
neighbor UNDERLAY activate
network 1.1.1.1/32
DC1-spine2
[DC1-spine2]
[MP-BGP_EVPN]
router bgp 61001
router-id 1.1.1.2
maximum-paths 4
neighbor EVPN-OVERLAY peer group
neighbor EVPN-OVERLAY next-hop-unchanged
neighbor EVPN-OVERLAY update-source Loopback0
neighbor EVPN-OVERLAY ebgp-multihop 3
neighbor EVPN-OVERLAY send-community extended
neighbor UNDERLAY peer group
neighbor UNDERLAY send-community
neighbor UNDERLAY maximum-routes 12000
neighbor 10.0.21.3 peer group UNDERLAY
neighbor 10.0.21.3 remote-as 61002
neighbor 10.0.21.3 description DC1-leaf1
neighbor 10.0.22.4 peer group UNDERLAY
neighbor 10.0.22.4 remote-as 61003
neighbor 10.0.22.4 description DC1-leaf2
neighbor 10.0.24.6 peer group UNDERLAY
neighbor 10.0.24.6 remote-as 61004
neighbor 10.0.24.6 description DC1-borderleaf
neighbor 10.1.1.1 peer group EVPN-OVERLAY
neighbor 10.1.1.1 remote-as 61002
neighbor 10.1.1.1 description DC1-leaf1
neighbor 10.1.1.2 peer group EVPN-OVERLAY
neighbor 10.1.1.2 remote-as 61003
neighbor 10.1.1.2 description DC1-leaf2
neighbor 10.1.1.4 peer group EVPN-OVERLAY
neighbor 10.1.1.4 remote-as 61004
neighbor 10.1.1.4 description DC1-borderleaf
!
address-family evpn
neighbor EVPN-OVERLAY activate
!
address-family ipv4
no neighbor EVPN-OVERLAY activate
neighbor UNDERLAY activate
network 1.1.1.2/32
설정 정보 (Leaf)
leaf 스위치는 호스트와 직접 연결되는 `compute leaf`와 외부 사이트 연결을 담당하는 `border leaf`로 나뉩니다.
eBGP 기반의 Underlay 구성을 적용하여 각 leaf의 독립성을 보장하고, border leaf를 통해 멀티 사이트 간의 유연한 연동을 구현했습니다.
1. 각 Leaf 별 고유 BGP AS 번호 할당 (`loop prevention`)
- 각 leaf(또는 MLAG pair)마다 서로 다른 고유한 AS 번호를 할당했습니다. (예: AS 61002, 61003)
- BGP의 기본 루프 방지 메커니즘인 `AS-Path` 속성이 자연스럽게 동작하여, 설정이 간결해지고 네트워크의 안정성이 높아집니다.
2. Underlay / Overlay 네이버(Neighbor) 분리
- 물리적 경로(Underlay)와 서비스 정보 교환(Overlay)을 분리하여 구성합니다.
- `Underlay peering` (IPv4 Unicast)
- spine의 물리 인터페이스 IP와 피어링을 맺습니다.
- 자신의 Loopback0(Router-ID)와 Loopback1(VTEP IP)을 `network` 명령어로 광고함으로써 터널링 경로를 확보합니다.
- `Overlay peering` (L2VPN EVPN)
- spine의 loopback0 IP와 피어링을 맺습니다.
- 실제 테넌트의 MAC/IP 정보를 교환하며 물리 링크 장애 시에도 세션이 유지됩니다.
- eBGP Multihop 설정 (TTL 조정)
- Overlay 피어링은 직접 연결되지 않은 loopback 인터페이스 간에 이루어집니다.
- eBGP는 기본 TTL이 1이므로, `ebgp-multihop 3` 설정을 필수적으로 적용하여 통신이 가능하도록 합니다.
3. border leaf의 Multi-Site (DCI) 설정 (Gateway 역할)
- border leaf는 단일 데이터센터를 넘어 다른 사이트와 통신할 때 gateway 역할을 수행하며, EVPN domain 기능을 통해 트래픽을 제어합니다.
- `EVPN Domain Remote`
- 다른 데이터센터(Site)와의 연결 구간을 `'remote'`라는 별도의 도메인으로 정의하여 관리합니다.
- L2 정보(Type-2)의 재생성 (Re-originate)
- MAC-IP 정보는 L2 도메인 특성상 border leaf에서 터널이 종단됩니다.
- 따라서 다른 데이터 센터로 보낼 때 경로를 재생성하며, DCI용 RT(예: 1000:xx)를 새로 부착합니다.
- L3 정보(Type-5)의 중계 (Pass-through)
- IP-Prefix 정보는 라우팅 효율을 위해 경로를 재생성하지 않고 중계합니다.
- `next-hop-self ... ip-prefix` 설정을 통해 next-hop만 변경하고 기존 RT(61000:xx)를 유지하여 전달합니다.
- RT 매핑: 내부 통신용 RT(`61000:xx`)와 외부 연동용 RT(`1000:xx`)를 구분하여 설정함으로써, 로컬 트래픽과 DCI 트래픽을 분리합니다.
- SVI 설정 (L2-L3 Context Binding)
- border leaf는 호스트의 직접적인 gateway(anycast gw)가 아니지만, Symmetric IRB 동작을 위한 L2-L3 매핑 정보를 제공하기 위해 SVI(Interface Vlan) 설정이 필요합니다.
- `interface vlan`에 `vrf`를 설정함으로써, BGP가 Type-2(MAC-IP) 경로를 외부로 보낼 때 "이 MAC-IP는 VRF x에 속한다"는 것을 인지하게 합니다.
- 이 설정이 있어야만 Type-2 경로에 L3 RT(예: 1000:5000)와 L3 VNI 정보가 함께 부착되어, 원격지에서 서브넷 간 통신(Inter-VLAN Routing)이 가능해집니다.
설정 정보 (Leaf)
DC1-Leaf1
[DC1-Leaf1]
[vrf]
vrf instance A
!
interface Vlan10
vrf A
ip address 172.16.10.1/24
ip virtual-router address 172.16.10.254
!
interface Vlan20
vrf A
ip address 172.16.20.1/24
ip virtual-router address 172.16.20.254
!
ip virtual-router mac-address 00:00:00:aa:aa:aa
!
ip routing vrf A
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 10 vni 10010
vxlan vlan 20 vni 20020
vxlan vrf A vni 5000
[MP-BGP_EVPN]
router bgp 61002
router-id 10.1.1.1
maximum-paths 4 // ECMP 설정
neighbor SPINE-EVPN peer group
neighbor SPINE-EVPN remote-as 61001
neighbor SPINE-EVPN update-source Loopback0
neighbor SPINE-EVPN ebgp-multihop 3
neighbor SPINE-EVPN send-community extended
neighbor SPINE-UNDERLAY peer group
neighbor SPINE-UNDERLAY remote-as 61001
neighbor SPINE-UNDERLAY send-community
neighbor 1.1.1.1 peer group SPINE-EVPN
neighbor 1.1.1.2 peer group SPINE-EVPN
neighbor 10.0.11.1 peer group SPINE-UNDERLAY
neighbor 10.0.21.2 peer group SPINE-UNDERLAY
!
vlan 10
rd 10.1.1.1:10
route-target both 61000:10
redistribute learned
!
vlan 20
rd 10.1.1.1:20
route-target both 61000:20
redistribute learned
!
address-family evpn
neighbor SPINE-EVPN activate
!
address-family ipv4
no neighbor SPINE-EVPN activate
neighbor SPINE-UNDERLAY activate
network 10.1.1.1/32
network 10.2.2.1/32
!
vrf A
rd 10.1.1.1:5000
route-target import 61000:5000
route-target export 61000:5000
redistribute connected
DC1-Leaf2
[DC1-Leaf2]
[vrf]
vrf instance A
!
interface Vlan10
vrf A
ip address 172.16.10.2/24
ip virtual-router address 172.16.10.254
!
interface Vlan20
vrf A
ip address 172.16.20.2/24
ip virtual-router address 172.16.20.254
!
ip virtual-router mac-address 00:00:00:aa:aa:aa
!
ip routing vrf A
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 10 vni 10010
vxlan vlan 20 vni 20020
vxlan vrf A vni 5000
[MP-BGP_EVPN]
router bgp 61003
router-id 10.1.1.2
maximum-paths 4 // ECMP 설정
neighbor SPINE-EVPN peer group
neighbor SPINE-EVPN remote-as 61001
neighbor SPINE-EVPN update-source Loopback0
neighbor SPINE-EVPN ebgp-multihop 3
neighbor SPINE-EVPN send-community extended
neighbor SPINE-UNDERLAY peer group
neighbor SPINE-UNDERLAY remote-as 61001
neighbor SPINE-UNDERLAY send-community
neighbor 1.1.1.1 peer group SPINE-EVPN
neighbor 1.1.1.2 peer group SPINE-EVPN
neighbor 10.0.12.1 peer group SPINE-UNDERLAY
neighbor 10.0.22.2 peer group SPINE-UNDERLAY
!
vlan 10
rd 10.1.1.2:10
route-target both 61000:10
redistribute learned
!
vlan 20
rd 10.1.1.2:20
route-target both 61000:20
redistribute learned
!
address-family evpn
neighbor SPINE-EVPN activate
!
address-family ipv4
no neighbor SPINE-EVPN activate
neighbor SPINE-UNDERLAY activate
network 10.1.1.2/32
network 10.2.2.2/32
!
vrf A
rd 10.1.1.2:5000
route-target import 61000:5000
route-target export 61000:5000
redistribute connected
DC1-borderleaf
[DC1-borderleaf]
vlan 10,20,100,200
[vrf]
vrf instance A
!
vrf instance B
!
interface Vlan100
description External-Link-VRF-A
vrf A
ip address 192.168.100.1/24
!
interface Vlan200
description External-Link-VRF-B
vrf B
ip address 192.168.200.1/24
!
interface Vlan10 // SVI 설정으로 vlan-vrf 매칭
vrf A
!
interface Vlan20 // SVI 설정으로 vlan-vrf 매칭
vrf A
!
ip routing vrf A
ip routing vrf B
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 10 vni 10010
vxlan vlan 20 vni 20020
vxlan vrf A vni 5000
[MP-BGP_EVPN]
router bgp 61004
router-id 10.1.1.4
maximum-paths 4 // ECMP 설정
neighbor DCI-PEER peer group
neighbor DCI-PEER remote-as 65002
neighbor DCI-PEER update-source Loopback0
neighbor DCI-PEER allowas-in 1
neighbor DCI-PEER ebgp-multihop 10
neighbor DCI-PEER send-community extended
neighbor DCI-PEER maximum-routes 12000
neighbor SPINE-EVPN peer group
neighbor SPINE-EVPN remote-as 61001
neighbor SPINE-EVPN update-source Loopback0
neighbor SPINE-EVPN ebgp-multihop 3
neighbor SPINE-EVPN send-community extended
neighbor SPINE-UNDERLAY peer group
neighbor SPINE-UNDERLAY remote-as 61001
neighbor SPINE-UNDERLAY send-community
neighbor WAN-ROUTER peer group
neighbor WAN-ROUTER remote-as 1000
neighbor 1.1.1.1 peer group SPINE-EVPN
neighbor 1.1.1.2 peer group SPINE-EVPN
neighbor 10.0.14.1 peer group SPINE-UNDERLAY
neighbor 10.0.24.2 peer group SPINE-UNDERLAY
neighbor 10.123.11.2 peer group WAN-ROUTER
neighbor 10.123.12.2 peer group WAN-ROUTER
neighbor 20.1.1.4 peer group DCI-PEER
!
vlan 10
rd evpn domain all 10.1.1.4:10
route-target both 61000:10
route-target import export evpn domain remote 1000:10
redistribute learned
!
vlan 20
rd evpn domain all 10.1.1.4:20
route-target both 61000:20
route-target import export evpn domain remote 1000:20
redistribute learned
!
address-family evpn
neighbor DCI-PEER activate
neighbor DCI-PEER domain remote
neighbor DCI-PEER next-hop-self received-evpn-routes route-type ip-prefix inter-domain
neighbor SPINE-EVPN activate
!
address-family ipv4
no neighbor SPINE-EVPN activate
neighbor SPINE-UNDERLAY activate
neighbor WAN-ROUTER activate
network 10.1.1.4/32
network 10.2.2.4/32
!
vrf A
rd evpn domain all 10.1.1.4:5000
route-target import 61000:5000
route-target import evpn domain remote 1000:5000
route-target export 61000:5000
route-target export evpn domain remote 1000:5000
redistribute static
VXLAN VTEP 상태 확인
구성이 완료된 후 `show interfaces vxlan 1` 명령어를 통해 VTEP의 상태와 터널링 정보가 올바르게 학습되었는지 확인합니다.
- Status: `Vxlan1 is up` 상태여야 합니다.
- Source Interface: VTEP용 IP인 `Loopback1`이 매핑되어야 합니다.
- VNI Mapping: VLAN(L2) 및 VRF(L3)와 VNI 매핑 정보가 설정과 일치해야 합니다. `Static VLAN to VNI mapping` / `Static VRF to VNI mapping`
- Flood List: BUM(Broadcast, Unknown Unicast, Multicast) 트래픽을 복제해서 보낼 상대방 VTEP 목록이 정상적으로 보여야 합니다. `Headend replication flood vtep list`
1. Compute Leaf (DC1-Leaf1) 확인
- Flood List: `10.2.2.2` (Leaf2)와 `10.2.2.4` (Border Leaf)만 보입니다.
- Remote Site의 VTEP(`20.2.2.4`)은 보이지 않습니다. 이는 Border Leaf가 Gateway 역할을 수행하며 터널을 종단하기 때문입니다.
2. Border Leaf (DC1-borderleaf) 확인
- Flood List: `10.2.2.1`, `10.2.2.2` (Local) 뿐만 아니라 `20.2.2.4` (Remote Border Leaf)가 포함되어 있습니다. 이는 EVPN Type-3 (IMET) 경로 교환이 정상적으로 이루어졌음을 의미합니다.
- Gateway 활성화: `VTEP to VTEP bridging to remote domain is enabled` 문구는 해당 장비가 EVPN Domain 간의 브릿징(Gateway) 역할을 수행하고 있음을 나타냅니다.
VTEP 상태
DC1-Leaf1
[DC1-Leaf1]
DC1-leaf1#show interfaces vxlan 1
Vxlan1 is up, line protocol is up (connected)
Hardware is Vxlan
Source interface is Loopback1 and is active with 10.2.2.1
Listening on UDP port 4789
Replication/Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is
[10, 10010] [20, 20020]
Dynamic VLAN to VNI mapping for 'evpn' is
[4098, 5000]
Note: All Dynamic VLANs used by VCS are internal VLANs.
Use 'show vxlan vni' for details.
Static VRF to VNI mapping is
[A, 5000]
Headend replication flood vtep list is:
10 10.2.2.2 10.2.2.4
20 10.2.2.2 10.2.2.4
Shared Router MAC is 0000.0000.0000
DC1-Leaf2
[DC1-Leaf2]
DC1-leaf2#show interfaces vxlan 1
Vxlan1 is up, line protocol is up (connected)
Hardware is Vxlan
Source interface is Loopback1 and is active with 10.2.2.2
Listening on UDP port 4789
Replication/Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is
[10, 10010] [20, 20020]
Dynamic VLAN to VNI mapping for 'evpn' is
[4097, 5000]
Note: All Dynamic VLANs used by VCS are internal VLANs.
Use 'show vxlan vni' for details.
Static VRF to VNI mapping is
[A, 5000]
Headend replication flood vtep list is:
10 10.2.2.1 10.2.2.4
20 10.2.2.1 10.2.2.4
Shared Router MAC is 0000.0000.0000
DC1-borderleaf
[DC1-borderleaf]
DC1-borderleaf#show interfaces vxlan 1
Vxlan1 is up, line protocol is up (connected)
Hardware is Vxlan
Source interface is Loopback1 and is active with 10.2.2.4
Listening on UDP port 4789
Replication/Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is
[10, 10010] [20, 20020]
Dynamic VLAN to VNI mapping for 'evpn' is
[4098, 5000]
Note: All Dynamic VLANs used by VCS are internal VLANs.
Use 'show vxlan vni' for details.
Static VRF to VNI mapping is
[A, 5000]
Headend replication flood vtep list is:
10 10.2.2.2 10.2.2.1 20.2.2.4
20 10.2.2.2 10.2.2.1 20.2.2.4
Shared Router MAC is 0000.0000.0000
VTEP to VTEP bridging to remote domain is enabled
ARP proxying disabled for requests received over VXLAN
ND proxying disabled for requests received over VXLAN
라우팅 테이블 확인 (Spine / Leaf)
spine 스위치는 Underlay 네트워크의 중심에서 모든 leaf의 경로 정보를 학습하고 있어야 합니다.
특히 eBGP(B E)를 통해 학습된 경로들이 정상적으로 보이는지, 그리고 로컬 사이트(DC1)와 원격 사이트(DC2)로 가는 경로가 올바른 next-hop을 가리키고 있는지 확인합니다.
- DC1 내부의 Leaf Loopback 주소들(`10.1.1.x`, `10.2.2.x`)이 각 Leaf의 물리 인터페이스를 next-hop으로 가리켜야 합니다.
- DC2의 주소 대역(`20.x.x.x`)이 모두 border leaf(`10.0.14.6`)를 next-hop으로 가리켜야 합니다.
라우팅 테이블(Spine)
DC1-Spine1
[DC1-Spine1]
DC1-spine1#show ip route bgp
...
//DC1 대역 라우팅
B E 10.1.1.1/32 [200/0]
via 10.0.11.3, Ethernet2
B E 10.1.1.2/32 [200/0]
via 10.0.12.4, Ethernet3
B E 10.1.1.4/32 [200/0]
via 10.0.14.6, Ethernet4
B E 10.2.2.1/32 [200/0]
via 10.0.11.3, Ethernet2
B E 10.2.2.2/32 [200/0]
via 10.0.12.4, Ethernet3
B E 10.2.2.4/32 [200/0]
via 10.0.14.6, Ethernet4
// DC2 대역 라우팅
B E 2.1.1.1/32 [200/0]
via 10.0.14.6, Ethernet4 // next-hop: border leaf
B E 2.1.1.2/32 [200/0]
via 10.0.14.6, Ethernet4
B E 20.1.1.1/32 [200/0]
via 10.0.14.6, Ethernet4
B E 20.1.1.2/32 [200/0]
via 10.0.14.6, Ethernet4
B E 20.1.1.4/32 [200/0]
via 10.0.14.6, Ethernet4
B E 20.2.2.1/32 [200/0]
via 10.0.14.6, Ethernet4
B E 20.2.2.2/32 [200/0]
via 10.0.14.6, Ethernet4
B E 20.2.2.4/32 [200/0]
via 10.0.14.6, Ethernet4
DC2-Spine1
[DC2-Spine1]
DC2-spine1#show ip route bgp
...
//DC1 대역 라우팅
B E 1.1.1.1/32 [200/0]
via 20.0.14.6, Ethernet4 // next-hop: border leaf
B E 1.1.1.2/32 [200/0]
via 20.0.14.6, Ethernet4
B E 10.1.1.1/32 [200/0]
via 20.0.14.6, Ethernet4
B E 10.1.1.2/32 [200/0]
via 20.0.14.6, Ethernet4
B E 10.1.1.4/32 [200/0]
via 20.0.14.6, Ethernet4
B E 10.2.2.1/32 [200/0]
via 20.0.14.6, Ethernet4
B E 10.2.2.2/32 [200/0]
via 20.0.14.6, Ethernet4
B E 10.2.2.4/32 [200/0]
via 20.0.14.6, Ethernet4
//DC2 대역 라우팅
B E 20.1.1.1/32 [200/0]
via 20.0.11.3, Ethernet2
B E 20.1.1.2/32 [200/0]
via 20.0.12.4, Ethernet3
B E 20.1.1.4/32 [200/0]
via 20.0.14.6, Ethernet4
B E 20.2.2.1/32 [200/0]
via 20.0.11.3, Ethernet2
B E 20.2.2.2/32 [200/0]
via 20.0.12.4, Ethernet3
B E 20.2.2.4/32 [200/0]
via 20.0.14.6, Ethernet4
leaf 스위치는 Underlay(Global Routing Table)와 Overlay(VRF Routing Table)를 구분해서 확인해야 합니다.
특히 Overlay 테이블에서 물리 인터페이스가 아닌 VTEP IP를 next-hop으로 가리키고 있는지를 확인 해야합니다.
- 글로벌 라우팅 테이블: Underlay 네트워크(eBGP)를 통해 모든 VTEP IP(Loopback1)에 도달할 수 있는지 확인합니다.
- VRF 라우팅 테이블: EVPN을 통해 학습한 테넌트의 호스트 경로(`/32`)가 올바른 VXLAN 터널을 가리키고 있는지 확인합니다.
라우팅 테이블(Leaf)
DC1-Leaf1
[DC1-Leaf1]
// Underlay 라우팅 테이블
DC1-leaf1#show ip route bgp
...
//spine 대역 라우팅
B E 1.1.1.1/32 [200/0]
via 10.0.11.1, Ethernet1
B E 1.1.1.2/32 [200/0]
via 10.0.21.2, Ethernet2
B E 2.1.1.1/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 2.1.1.2/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
//DC1 대역 라우팅
B E 10.1.1.2/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 10.1.1.4/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 10.2.2.2/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 10.2.2.4/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
//DC2 대역 라우팅
B E 20.1.1.1/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 20.1.1.2/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 20.1.1.4/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 20.2.2.1/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 20.2.2.2/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 20.2.2.4/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
// Overlay 라우팅 테이블
DC1-leaf1#show ip route vrf A bgp
...
B E 172.16.10.11/32 [200/0]
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:92:22:05 local-interface Vxlan1
B E 172.16.10.12/32 [200/0]
via VTEP 10.2.2.4 VNI 5000 router-mac 00:1c:73:18:b9:2b local-interface Vxlan1
B E 172.16.10.13/32 [200/0]
via VTEP 10.2.2.4 VNI 5000 router-mac 00:1c:73:18:b9:2b local-interface Vxlan1
B E 172.16.20.21/32 [200/0]
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:92:22:05 local-interface Vxlan1
B E 172.16.20.22/32 [200/0]
via VTEP 10.2.2.4 VNI 5000 router-mac 00:1c:73:18:b9:2b local-interface Vxlan1
B E 172.16.20.23/32 [200/0]
via VTEP 10.2.2.4 VNI 5000 router-mac 00:1c:73:18:b9:2b local-interface Vxlan1
DC2-Leaf1
[DC2-Leaf1]
// Underlay 라우팅 테이블
DC2-leaf1#show ip route bgp
...
//spine 대역 라우팅
B E 1.1.1.1/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 1.1.1.2/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 2.1.1.1/32 [200/0]
via 20.0.11.1, Ethernet1
B E 2.1.1.2/32 [200/0]
via 20.0.21.2, Ethernet2
//DC1 대역 라우팅
B E 10.1.1.1/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 10.1.1.2/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 10.1.1.4/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 10.2.2.1/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 10.2.2.2/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 10.2.2.4/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
//DC2 대역 라우팅
B E 20.1.1.2/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 20.1.1.4/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 20.2.2.2/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 20.2.2.4/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
// Overlay 라우팅 테이블
DC2-leaf1#show ip route vrf A bgp
...
B E 172.16.10.10/32 [200/0]
via VTEP 20.2.2.4 VNI 5000 router-mac 00:1c:73:64:bc:3f local-interface Vxlan1
B E 172.16.10.11/32 [200/0]
via VTEP 20.2.2.4 VNI 5000 router-mac 00:1c:73:64:bc:3f local-interface Vxlan1
B E 172.16.10.13/32 [200/0]
via VTEP 20.2.2.2 VNI 5000 router-mac 00:1c:73:8c:47:83 local-interface Vxlan1
B E 172.16.20.20/32 [200/0]
via VTEP 20.2.2.4 VNI 5000 router-mac 00:1c:73:64:bc:3f local-interface Vxlan1
B E 172.16.20.21/32 [200/0]
via VTEP 20.2.2.4 VNI 5000 router-mac 00:1c:73:64:bc:3f local-interface Vxlan1
B E 172.16.20.23/32 [200/0]
via VTEP 20.2.2.2 VNI 5000 router-mac 00:1c:73:8c:47:83 local-interface Vxlan1
DC1-borderleaf
[DC1-borderleaf]
// Underlay 라우팅 테이블
DC1-borderleaf#show ip route bgp
...
B E 1.1.1.1/32 [200/0]
via 10.0.14.1, Ethernet1
B E 1.1.1.2/32 [200/0]
via 10.0.24.2, Ethernet2
B E 2.1.1.1/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 2.1.1.2/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 10.1.1.1/32 [200/0]
via 10.0.14.1, Ethernet1
via 10.0.24.2, Ethernet2
B E 10.1.1.2/32 [200/0]
via 10.0.14.1, Ethernet1
via 10.0.24.2, Ethernet2
B E 10.2.2.1/32 [200/0]
via 10.0.14.1, Ethernet1
via 10.0.24.2, Ethernet2
B E 10.2.2.2/32 [200/0]
via 10.0.14.1, Ethernet1
via 10.0.24.2, Ethernet2
B E 20.1.1.1/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 20.1.1.2/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 20.1.1.4/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 20.2.2.1/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 20.2.2.2/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 20.2.2.4/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
// Overlay 라우팅 테이블
DC1-borderleaf#show ip route vrf A bgp
...
B E 172.16.10.10/32 [200/0]
via VTEP 10.2.2.1 VNI 5000 router-mac 00:1c:73:04:15:13 local-interface Vxlan1
B E 172.16.10.11/32 [200/0]
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:92:22:05 local-interface Vxlan1
B E 172.16.10.12/32 [200/0]
via VTEP 20.2.2.4 VNI 5000 router-mac 00:1c:73:64:bc:3f local-interface Vxlan1
B E 172.16.10.13/32 [200/0]
via VTEP 20.2.2.4 VNI 5000 router-mac 00:1c:73:64:bc:3f local-interface Vxlan1
B E 172.16.10.0/24 [200/0]
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:92:22:05 local-interface Vxlan1
via VTEP 10.2.2.1 VNI 5000 router-mac 00:1c:73:04:15:13 local-interface Vxlan1
B E 172.16.20.20/32 [200/0]
via VTEP 10.2.2.1 VNI 5000 router-mac 00:1c:73:04:15:13 local-interface Vxlan1
B E 172.16.20.21/32 [200/0]
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:92:22:05 local-interface Vxlan1
B E 172.16.20.22/32 [200/0]
via VTEP 20.2.2.4 VNI 5000 router-mac 00:1c:73:64:bc:3f local-interface Vxlan1
B E 172.16.20.23/32 [200/0]
via VTEP 20.2.2.4 VNI 5000 router-mac 00:1c:73:64:bc:3f local-interface Vxlan1
B E 172.16.20.0/24 [200/0]
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:92:22:05 local-interface Vxlan1
via VTEP 10.2.2.1 VNI 5000 router-mac 00:1c:73:04:15:13 local-interface Vxlan1
DC2-borderleaf
[DC2-borderleaf]
// Underlay 라우팅 테이블
DC2-borderleaf#show ip route bgp
...
B E 1.1.1.1/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 1.1.1.2/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 2.1.1.1/32 [200/0]
via 20.0.14.1, Ethernet1
B E 2.1.1.2/32 [200/0]
via 20.0.24.2, Ethernet2
B E 10.1.1.1/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 10.1.1.2/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 10.1.1.4/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 10.2.2.1/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 10.2.2.2/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 10.2.2.4/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 20.1.1.1/32 [200/0]
via 20.0.14.1, Ethernet1
via 20.0.24.2, Ethernet2
B E 20.1.1.2/32 [200/0]
via 20.0.14.1, Ethernet1
via 20.0.24.2, Ethernet2
B E 20.2.2.1/32 [200/0]
via 20.0.14.1, Ethernet1
via 20.0.24.2, Ethernet2
B E 20.2.2.2/32 [200/0]
via 20.0.14.1, Ethernet1
via 20.0.24.2, Ethernet2
// Overlay 라우팅 테이블
DC2-borderleaf#show ip route vrf A bgp
...
B E 172.16.10.10/32 [200/0]
via VTEP 10.2.2.4 VNI 5000 router-mac 00:1c:73:18:b9:2b local-interface Vxlan1
B E 172.16.10.11/32 [200/0]
via VTEP 10.2.2.4 VNI 5000 router-mac 00:1c:73:18:b9:2b local-interface Vxlan1
B E 172.16.10.12/32 [200/0]
via VTEP 20.2.2.1 VNI 5000 router-mac 00:1c:73:bf:f9:c1 local-interface Vxlan1
B E 172.16.10.13/32 [200/0]
via VTEP 20.2.2.2 VNI 5000 router-mac 00:1c:73:8c:47:83 local-interface Vxlan1
B E 172.16.10.0/24 [200/0]
via VTEP 20.2.2.2 VNI 5000 router-mac 00:1c:73:8c:47:83 local-interface Vxlan1
via VTEP 20.2.2.1 VNI 5000 router-mac 00:1c:73:bf:f9:c1 local-interface Vxlan1
B E 172.16.20.20/32 [200/0]
via VTEP 10.2.2.4 VNI 5000 router-mac 00:1c:73:18:b9:2b local-interface Vxlan1
B E 172.16.20.21/32 [200/0]
via VTEP 10.2.2.4 VNI 5000 router-mac 00:1c:73:18:b9:2b local-interface Vxlan1
B E 172.16.20.22/32 [200/0]
via VTEP 20.2.2.1 VNI 5000 router-mac 00:1c:73:bf:f9:c1 local-interface Vxlan1
B E 172.16.20.23/32 [200/0]
via VTEP 20.2.2.2 VNI 5000 router-mac 00:1c:73:8c:47:83 local-interface Vxlan1
B E 172.16.20.0/24 [200/0]
via VTEP 20.2.2.2 VNI 5000 router-mac 00:1c:73:8c:47:83 local-interface Vxlan1
via VTEP 20.2.2.1 VNI 5000 router-mac 00:1c:73:bf:f9:c1 local-interface Vxlan1
BGP EVPN 라우트 확인
[spine]
spine 스위치는 fabric 내의 모든 EVPN 경로 정보가 모이는 route-reflector 역할을 수행합니다. 따라서 spine의 BGP 테이블을 확인하면 전체 네트워크의 현황을 파악할 수 있습니다.
- Neighbor 상태: leaf1, leaf2, BorderLeaf와 BGP 세션이 `Estab`(Established) 상태여야 합니다.
- 경로 학습: local(DC1) 경로뿐만 아니라, border leaf를 통해 학습한 remote(DC2) 경로가 보여야 합니다.
- AS Path: DC2에서 넘어온 경로는 AS Path에 `62004`(DC2 border)와 `62001`(DC2 spine) 등이 포함되어 있어 DCI 연동 상태를 증명합니다.
BGP EVPN 라우트(Spine)
DC1-Spine1
[DC1-Spine1]
DC1-spine1#show bgp evpn summary
...
Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
DC1-leaf1 10.1.1.1 4 61002 494 503 0 0 06:30:10 Estab 8 8 18
DC1-leaf2 10.1.1.2 4 61003 497 494 0 0 06:29:18 Estab 8 8 18
DC1-borderleaf 10.1.1.4 4 61004 492 499 0 0 06:29:03 Estab 10 10 16
DC1-spine1#show bgp evpn
...
Network Next Hop Metric LocPref Weight Path
//DC1 호스트 정보
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111 172.16.10.10
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222 172.16.20.20
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 61003 i
* > RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 61003 i
* > RD: 10.1.1.2:20 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 61003 i
* > RD: 10.1.1.2:20 mac-ip 0000.0000.4444 172.16.20.21
10.2.2.2 - 100 0 61003 i
//DC2 호스트 정보
* > RD: 10.1.1.4:10 mac-ip 0000.0000.5555
10.2.2.4 - 100 0 61004 62004 62001 62002 i
* > RD: 10.1.1.4:10 mac-ip 0000.0000.5555 172.16.10.12
10.2.2.4 - 100 0 61004 62004 62001 62002 i
* > RD: 10.1.1.4:20 mac-ip 0000.0000.6666
10.2.2.4 - 100 0 61004 62004 62001 62002 i
* > RD: 10.1.1.4:20 mac-ip 0000.0000.6666 172.16.20.22
10.2.2.4 - 100 0 61004 62004 62001 62002 i
* > RD: 10.1.1.4:10 mac-ip 0000.0000.7777
10.2.2.4 - 100 0 61004 62004 62001 62003 i
* > RD: 10.1.1.4:10 mac-ip 0000.0000.7777 172.16.10.13
10.2.2.4 - 100 0 61004 62004 62001 62003 i
* > RD: 10.1.1.4:20 mac-ip 0000.0000.8888
10.2.2.4 - 100 0 61004 62004 62001 62003 i
* > RD: 10.1.1.4:20 mac-ip 0000.0000.8888 172.16.20.23
10.2.2.4 - 100 0 61004 62004 62001 62003 i
* > RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 61003 i
* > RD: 10.1.1.2:20 imet 10.2.2.2
10.2.2.2 - 100 0 61003 i
* > RD: 10.1.1.4:10 imet 10.2.2.4
10.2.2.4 - 100 0 61004 i
* > RD: 10.1.1.4:20 imet 10.2.2.4
10.2.2.4 - 100 0 61004 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 61003 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.20.0/24
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24
10.2.2.2 - 100 0 61003 i
DC2-Spine1
[DC2-Spine1]
DC2-spine1#show bgp evpn summary
...
Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
DC2-leaf1 20.1.1.1 4 62002 500 503 0 0 06:27:34 Estab 8 8 18
DC2-leaf2 20.1.1.2 4 62003 520 498 0 0 06:32:41 Estab 8 8 18
DC2-borderleaf 20.1.1.4 4 62004 524 497 0 0 06:31:57 Estab 10 10 16
DC2-spine1#show bgp evpn
...
Network Next Hop Metric LocPref Weight Path
//DC1 호스트 정보
* > RD: 20.1.1.4:10 mac-ip 0000.0000.1111
20.2.2.4 - 100 0 62004 61004 61001 61002 i
* > RD: 20.1.1.4:10 mac-ip 0000.0000.1111 172.16.10.10
20.2.2.4 - 100 0 62004 61004 61001 61002 i
* > RD: 20.1.1.4:20 mac-ip 0000.0000.2222
20.2.2.4 - 100 0 62004 61004 61001 61002 i
* > RD: 20.1.1.4:20 mac-ip 0000.0000.2222 172.16.20.20
20.2.2.4 - 100 0 62004 61004 61001 61002 i
* > RD: 20.1.1.4:10 mac-ip 0000.0000.3333
20.2.2.4 - 100 0 62004 61004 61001 61003 i
* > RD: 20.1.1.4:10 mac-ip 0000.0000.3333 172.16.10.11
20.2.2.4 - 100 0 62004 61004 61001 61003 i
* > RD: 20.1.1.4:20 mac-ip 0000.0000.4444
20.2.2.4 - 100 0 62004 61004 61001 61003 i
* > RD: 20.1.1.4:20 mac-ip 0000.0000.4444 172.16.20.21
20.2.2.4 - 100 0 62004 61004 61001 61003 i
//DC2 호스트 정보
* > RD: 20.1.1.1:10 mac-ip 0000.0000.5555
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.1:10 mac-ip 0000.0000.5555 172.16.10.12
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.1:20 mac-ip 0000.0000.6666
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.1:20 mac-ip 0000.0000.6666 172.16.20.22
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.2:10 mac-ip 0000.0000.7777
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.2:10 mac-ip 0000.0000.7777 172.16.10.13
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.2:20 mac-ip 0000.0000.8888
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.2:20 mac-ip 0000.0000.8888 172.16.20.23
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.1:10 imet 20.2.2.1
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.1:20 imet 20.2.2.1
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.2:10 imet 20.2.2.2
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.2:20 imet 20.2.2.2
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.4:10 imet 20.2.2.4
20.2.2.4 - 100 0 62004 i
* > RD: 20.1.1.4:20 imet 20.2.2.4
20.2.2.4 - 100 0 62004 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.10.0/24
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.2:5000 ip-prefix 172.16.10.0/24
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.20.0/24
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.2:5000 ip-prefix 172.16.20.0/24
20.2.2.2 - 100 0 62003 i
[leaf]
compute leaf는 자신이 통신해야 할 대상(Local 및 Remote 호스트)의 경로를 올바르게 학습하고 있는지 확인합니다.
- local leaf 간 통신: Leaf2에 있는 호스트(`3333`, `4444`)는 leaf2의 VTEP IP(`10.2.2.2`)를 next-hop으로 가리킵니다.
- remote site 통신: DC2에 있는 호스트(`5555` 등)는 border leaf의 VTEP IP(`10.2.2.4`)를 next-hop으로 가리킵니다.
BGP EVPN 라우트(Leaf)
DC1-Leaf1
[DC1-Leaf1]
DC1-leaf1#show bgp evpn summary
...
Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
DC1-spine1 1.1.1.1 4 61001 510 501 0 0 06:35:42 Estab 18 18 11
DC1-spine2 1.1.1.2 4 61001 516 509 0 0 06:34:29 Estab 18 18 23
DC1-leaf1#show bgp evpn
BGP routing table information for VRF default
Router identifier 10.1.1.1, local AS number 61002
Route status codes: * - valid, > - active, S - Stale, E - ECMP head, e - ECMP
c - Contributing to ECMP, % - Pending best path selection
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster List, LL Nexthop - Link Local Nexthop
Network Next Hop Metric LocPref Weight Path
// DC1 호스트 정보
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111
- - - 0 i
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111 172.16.10.10
- - - 0 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222
- - - 0 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222 172.16.20.20
- - - 0 i
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.2:20 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:20 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.2:20 mac-ip 0000.0000.4444 172.16.20.21
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:20 mac-ip 0000.0000.4444 172.16.20.21
10.2.2.2 - 100 0 61001 61003 i
// DC2 호스트 정보
* >Ec RD: 10.1.1.4:10 mac-ip 0000.0000.5555
10.2.2.4 - 100 0 61001 61004 62004 62001 62002 i
* ec RD: 10.1.1.4:10 mac-ip 0000.0000.5555
10.2.2.4 - 100 0 61001 61004 62004 62001 62002 i
* >Ec RD: 10.1.1.4:10 mac-ip 0000.0000.5555 172.16.10.12
10.2.2.4 - 100 0 61001 61004 62004 62001 62002 i
* ec RD: 10.1.1.4:10 mac-ip 0000.0000.5555 172.16.10.12
10.2.2.4 - 100 0 61001 61004 62004 62001 62002 i
* >Ec RD: 10.1.1.4:20 mac-ip 0000.0000.6666
10.2.2.4 - 100 0 61001 61004 62004 62001 62002 i
* ec RD: 10.1.1.4:20 mac-ip 0000.0000.6666
10.2.2.4 - 100 0 61001 61004 62004 62001 62002 i
* >Ec RD: 10.1.1.4:20 mac-ip 0000.0000.6666 172.16.20.22
10.2.2.4 - 100 0 61001 61004 62004 62001 62002 i
* ec RD: 10.1.1.4:20 mac-ip 0000.0000.6666 172.16.20.22
10.2.2.4 - 100 0 61001 61004 62004 62001 62002 i
* >Ec RD: 10.1.1.4:10 mac-ip 0000.0000.7777
10.2.2.4 - 100 0 61001 61004 62004 62001 62003 i
* ec RD: 10.1.1.4:10 mac-ip 0000.0000.7777
10.2.2.4 - 100 0 61001 61004 62004 62001 62003 i
* >Ec RD: 10.1.1.4:10 mac-ip 0000.0000.7777 172.16.10.13
10.2.2.4 - 100 0 61001 61004 62004 62001 62003 i
* ec RD: 10.1.1.4:10 mac-ip 0000.0000.7777 172.16.10.13
10.2.2.4 - 100 0 61001 61004 62004 62001 62003 i
* >Ec RD: 10.1.1.4:20 mac-ip 0000.0000.8888
10.2.2.4 - 100 0 61001 61004 62004 62001 62003 i
* ec RD: 10.1.1.4:20 mac-ip 0000.0000.8888
10.2.2.4 - 100 0 61001 61004 62004 62001 62003 i
* >Ec RD: 10.1.1.4:20 mac-ip 0000.0000.8888 172.16.20.23
10.2.2.4 - 100 0 61001 61004 62004 62001 62003 i
* ec RD: 10.1.1.4:20 mac-ip 0000.0000.8888 172.16.20.23
10.2.2.4 - 100 0 61001 61004 62004 62001 62003 i
* > RD: 10.1.1.1:10 imet 10.2.2.1
- - - 0 i
* > RD: 10.1.1.1:20 imet 10.2.2.1
- - - 0 i
* >Ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.2:20 imet 10.2.2.2
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:20 imet 10.2.2.2
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.4:10 imet 10.2.2.4
10.2.2.4 - 100 0 61001 61004 i
* ec RD: 10.1.1.4:10 imet 10.2.2.4
10.2.2.4 - 100 0 61001 61004 i
* >Ec RD: 10.1.1.4:20 imet 10.2.2.4
10.2.2.4 - 100 0 61001 61004 i
* ec RD: 10.1.1.4:20 imet 10.2.2.4
10.2.2.4 - 100 0 61001 61004 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
- - - 0 i
* >Ec RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 61001 61003 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.20.0/24
- - - 0 i
* >Ec RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24
10.2.2.2 - 100 0 61001 61003 i
DC2-Leaf1
[DC2-Leaf1]
DC2-leaf1#show bgp evpn summary
...
Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
DC2-spine1 2.1.1.1 4 62001 515 511 0 0 06:37:18 Estab 18 18 20
DC2-spine2 2.1.1.2 4 62001 517 508 0 0 06:37:20 Estab 18 18 14
DC2-leaf1#show bgp evpn
BGP routing table information for VRF default
Router identifier 20.1.1.1, local AS number 62002
Route status codes: * - valid, > - active, S - Stale, E - ECMP head, e - ECMP
c - Contributing to ECMP, % - Pending best path selection
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster List, LL Nexthop - Link Local Nexthop
Network Next Hop Metric LocPref Weight Path
// DC1 호스트 정보
* >Ec RD: 20.1.1.4:10 mac-ip 0000.0000.1111
20.2.2.4 - 100 0 62001 62004 61004 61001 61002 i
* ec RD: 20.1.1.4:10 mac-ip 0000.0000.1111
20.2.2.4 - 100 0 62001 62004 61004 61001 61002 i
* >Ec RD: 20.1.1.4:10 mac-ip 0000.0000.1111 172.16.10.10
20.2.2.4 - 100 0 62001 62004 61004 61001 61002 i
* ec RD: 20.1.1.4:10 mac-ip 0000.0000.1111 172.16.10.10
20.2.2.4 - 100 0 62001 62004 61004 61001 61002 i
* >Ec RD: 20.1.1.4:20 mac-ip 0000.0000.2222
20.2.2.4 - 100 0 62001 62004 61004 61001 61002 i
* ec RD: 20.1.1.4:20 mac-ip 0000.0000.2222
20.2.2.4 - 100 0 62001 62004 61004 61001 61002 i
* >Ec RD: 20.1.1.4:20 mac-ip 0000.0000.2222 172.16.20.20
20.2.2.4 - 100 0 62001 62004 61004 61001 61002 i
* ec RD: 20.1.1.4:20 mac-ip 0000.0000.2222 172.16.20.20
20.2.2.4 - 100 0 62001 62004 61004 61001 61002 i
* >Ec RD: 20.1.1.4:10 mac-ip 0000.0000.3333
20.2.2.4 - 100 0 62001 62004 61004 61001 61003 i
* ec RD: 20.1.1.4:10 mac-ip 0000.0000.3333
20.2.2.4 - 100 0 62001 62004 61004 61001 61003 i
* >Ec RD: 20.1.1.4:10 mac-ip 0000.0000.3333 172.16.10.11
20.2.2.4 - 100 0 62001 62004 61004 61001 61003 i
* ec RD: 20.1.1.4:10 mac-ip 0000.0000.3333 172.16.10.11
20.2.2.4 - 100 0 62001 62004 61004 61001 61003 i
* >Ec RD: 20.1.1.4:20 mac-ip 0000.0000.4444
20.2.2.4 - 100 0 62001 62004 61004 61001 61003 i
* ec RD: 20.1.1.4:20 mac-ip 0000.0000.4444
20.2.2.4 - 100 0 62001 62004 61004 61001 61003 i
* >Ec RD: 20.1.1.4:20 mac-ip 0000.0000.4444 172.16.20.21
20.2.2.4 - 100 0 62001 62004 61004 61001 61003 i
* ec RD: 20.1.1.4:20 mac-ip 0000.0000.4444 172.16.20.21
20.2.2.4 - 100 0 62001 62004 61004 61001 61003 i
// DC2 호스트 정보
* > RD: 20.1.1.1:10 mac-ip 0000.0000.5555
- - - 0 i
* > RD: 20.1.1.1:10 mac-ip 0000.0000.5555 172.16.10.12
- - - 0 i
* > RD: 20.1.1.1:20 mac-ip 0000.0000.6666
- - - 0 i
* > RD: 20.1.1.1:20 mac-ip 0000.0000.6666 172.16.20.22
- - - 0 i
* >Ec RD: 20.1.1.2:10 mac-ip 0000.0000.7777
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:10 mac-ip 0000.0000.7777
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.2:10 mac-ip 0000.0000.7777 172.16.10.13
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:10 mac-ip 0000.0000.7777 172.16.10.13
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.2:20 mac-ip 0000.0000.8888
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:20 mac-ip 0000.0000.8888
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.2:20 mac-ip 0000.0000.8888 172.16.20.23
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:20 mac-ip 0000.0000.8888 172.16.20.23
20.2.2.2 - 100 0 62001 62003 i
* > RD: 20.1.1.1:10 imet 20.2.2.1
- - - 0 i
* > RD: 20.1.1.1:20 imet 20.2.2.1
- - - 0 i
* >Ec RD: 20.1.1.2:10 imet 20.2.2.2
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:10 imet 20.2.2.2
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.2:20 imet 20.2.2.2
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:20 imet 20.2.2.2
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.4:10 imet 20.2.2.4
20.2.2.4 - 100 0 62001 62004 i
* ec RD: 20.1.1.4:10 imet 20.2.2.4
20.2.2.4 - 100 0 62001 62004 i
* >Ec RD: 20.1.1.4:20 imet 20.2.2.4
20.2.2.4 - 100 0 62001 62004 i
* ec RD: 20.1.1.4:20 imet 20.2.2.4
20.2.2.4 - 100 0 62001 62004 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.10.0/24
- - - 0 i
* >Ec RD: 20.1.1.2:5000 ip-prefix 172.16.10.0/24
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:5000 ip-prefix 172.16.10.0/24
20.2.2.2 - 100 0 62001 62003 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.20.0/24
- - - 0 i
* >Ec RD: 20.1.1.2:5000 ip-prefix 172.16.20.0/24
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:5000 ip-prefix 172.16.20.0/24
20.2.2.2 - 100 0 62001 62003 i
BGP EVPN 라우트(Leaf) 상세정보
DC1-leaf1
// DC2 호스트 정보 - RD 정보 DC1-borderleaf 정보로 등록 됨
DC1-leaf1#show bgp evpn route-type mac-ip 172.16.10.12 detail
BGP routing table information for VRF default
Router identifier 10.1.1.1, local AS number 61002
BGP routing table entry for mac-ip 0000.0000.5555 172.16.10.12, Route Distinguisher: 10.1.1.4:10
Paths: 2 available
61001 61004 62004 62001 62002
10.2.2.4 from 1.1.1.1 (1.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:61000:10 Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:18:b9:2b
VNI: 10010 L3 VNI: 5000 ESI: 0000:0000:0000:0000:0000
61001 61004 62004 62001 62002
10.2.2.4 from 1.1.1.2 (1.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:61000:10 Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:18:b9:2b
VNI: 10010 L3 VNI: 5000 ESI: 0000:0000:0000:0000:0000
// DC1 호스트 정보 - RD: DC1-leaf1
DC1-leaf1#show bgp evpn route-type mac-ip 172.16.20.20 detail
BGP routing table information for VRF default
Router identifier 10.1.1.1, local AS number 61002
BGP routing table entry for mac-ip 0000.0000.2222 172.16.20.20, Route Distinguisher: 10.1.1.1:20
Paths: 1 available
Local
- from - (0.0.0.0)
Origin IGP, metric -, localpref -, weight 0, tag 0, valid, local, best
Extended Community: Route-Target-AS:61000:20 Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan
VNI: 20020 L3 VNI: 5000 ESI: 0000:0000:0000:0000:0000
// 172.16.10.0/24 대역 정보
// DC1-leaf1, leaf2 경로 정보 존재
DC1-leaf1#show bgp evpn route-type ip-prefix 172.16.10.0/24 detail
BGP routing table information for VRF default
Router identifier 10.1.1.1, local AS number 61002
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 10.1.1.1:5000
Paths: 1 available
Local
- from - (0.0.0.0)
Origin IGP, metric -, localpref -, weight 0, tag 0, valid, local, best, redistributed (Connected)
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:04:15:13
VNI: 5000
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 10.1.1.2:5000
Paths: 2 available
61001 61003
10.2.2.2 from 1.1.1.1 (1.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:92:22:05
VNI: 5000
61001 61003
10.2.2.2 from 1.1.1.2 (1.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:92:22:05
VNI: 5000
DC2-leaf1
// DC2 호스트 정보 - RD: DC2-leaf1
DC2-leaf1#show bgp evpn route-type mac-ip 172.16.10.12 detail
BGP routing table information for VRF default
Router identifier 20.1.1.1, local AS number 62002
BGP routing table entry for mac-ip 0000.0000.5555 172.16.10.12, Route Distinguisher: 20.1.1.1:10
Paths: 1 available
Local
- from - (0.0.0.0)
Origin IGP, metric -, localpref -, weight 0, tag 0, valid, local, best
Extended Community: Route-Target-AS:62000:10 Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan
VNI: 10010 L3 VNI: 5000 ESI: 0000:0000:0000:0000:0000
// DC1 호스트 정보 - RD 정보 DC2-borderleaf 정보로 등록 됨
DC2-leaf1#show bgp evpn route-type mac-ip 172.16.20.20 detail
BGP routing table information for VRF default
Router identifier 20.1.1.1, local AS number 62002
BGP routing table entry for mac-ip 0000.0000.2222 172.16.20.20, Route Distinguisher: 20.1.1.4:20
Paths: 2 available
62001 62004 61004 61001 61002
20.2.2.4 from 2.1.1.2 (2.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:62000:20 Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:64:bc:3f
VNI: 20020 L3 VNI: 5000 ESI: 0000:0000:0000:0000:0000
62001 62004 61004 61001 61002
20.2.2.4 from 2.1.1.1 (2.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:62000:20 Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:64:bc:3f
VNI: 20020 L3 VNI: 5000 ESI: 0000:0000:0000:0000:0000
// 172.16.10.0/24 대역 정보
// DC2-leaf1, leaf2 경로 정보 존재
DC2-leaf1#show bgp evpn route-type ip-prefix 172.16.10.0/24 detail
BGP routing table information for VRF default
Router identifier 20.1.1.1, local AS number 62002
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 20.1.1.1:5000
Paths: 1 available
Local
- from - (0.0.0.0)
Origin IGP, metric -, localpref -, weight 0, tag 0, valid, local, best, redistributed (Connected)
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:bf:f9:c1
VNI: 5000
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 20.1.1.2:5000
Paths: 2 available
62001 62003
20.2.2.2 from 2.1.1.1 (2.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:8c:47:83
VNI: 5000
62001 62003
20.2.2.2 from 2.1.1.2 (2.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:8c:47:83
VNI: 5000
[border leaf]
border leaf는 DC1과 DC2를 연결하는 gateway로서, Type-2(MAC-IP)와 Type-5(IP-Prefix) 경로를 처리하는 방식이 다릅니다.
- Type-2 (MAC-IP): 재생성 (Re-origination) `show bgp evpn route-type mac-ip xxx detail`
- Border Leaf는 L2 도메인의 경계점(Gateway) 역할을 수행하므로, 경로를 종단(Termination) 후 재생성하여 전파합니다.
- 동작 원리: L2 VNI 경로는 도메인이 분리되어 있으므로, border leaf가 경로를 새로 생성해서 넘깁니다.
- 상세 동작
- 수신 (Remote → Border): remote site에서 넘어온 정보를 확인해 보면, RD는 Remote Border Leaf의 값으로 바뀌어 있고, RT는 DCI 전용(예: 1000:xx)으로 변경되어 있습니다.
- 내부 전파 (Border → Local): 내부 스파인/Leaf로 전파할 때는 border leaf가 새로운 시점(next-hop)이 됩니다. 따라서 RD와 RT를 border leaf 자신의 로컬 값(예: 61000:xx)으로 다시 변경하여 내부로 광고합니다.
- Type-5 (IP-Prefix): 중계 (Pass-through) `show bgp evpn route-type ip-prefix xxx detail`
- L3 라우팅 정보는 효율성을 위해 Border Leaf가 경로를 소유하지 않고 중계 역할만 합니다.
- 동작 원리: L3 VNI 경로는 라우팅 효율성을 위해 경로를 재생성하지 않고 그대로 중계합니다.
- 상세 동작
- 수신 (Remote → Border)
- remote 경로임에도 불구하고 RD와 RT가 원본 소스인 DC2 leaf(예: 20.1.1.1)의 값 그대로 유지됩니다.
- border leaf는 next-hop만 자신으로 변경할 뿐, 속성은 건드리지 않는 전달자 역할을 수행합니다.
- 내부 전파 (Border → Local)
- Stretched L2 환경(동일 서브넷 존재)에서는 BGP Best Path 선정 기준에 의해 내부(local) 경로가 우선됩니다.
- 따라서 remote에서 받은 Type-5 정보는 라우팅 테이블에서 후순위로 밀려 내부 spine/leaf로는 전파되지 않습니다.
- 수신 (Remote → Border)
[`L2VNI(Type-2)`]
L2VNI(Type-2)
DC1-borderleaf
DC1-borderleaf#show bgp evpn route-type mac-ip 172.16.10.12 detail
BGP routing table information for VRF default
Router identifier 10.1.1.4, local AS number 61004
// DC2 host에 대한 RD,RT 정보가 변경됨
// local로 보내는 정보
BGP routing table entry for mac-ip 0000.0000.5555 172.16.10.12, Route Distinguisher: 10.1.1.4:10 //DC1 border leaf RD로 변경해서 내부 전파
Paths: 1 available
62004 62001 62002
- from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:61000:10 Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan
VNI: 10010 L3 VNI: 5000 ESI: 0000:0000:0000:0000:0000
// remote(DC2)에서 받은 정보 (from 20.1.1.4)
BGP routing table entry for mac-ip 0000.0000.5555 172.16.10.12 remote, Route Distinguisher: 20.1.1.4:10 //DC2 border leaf RD로 변경되어 도착
Paths: 1 available
62004 62001 62002
20.2.2.4 from 20.1.1.4 (20.1.1.4)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:1000:10 Route-Target-AS:1000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:64:bc:3f
VNI: 10010 L3 VNI: 5000 ESI: 0000:0000:0000:0000:0000
DC2-borderleaf
DC2-borderleaf#show bgp evpn route-type mac-ip 172.16.10.12 detail
BGP routing table information for VRF default
Router identifier 20.1.1.4, local AS number 62004
// local에서 받은 정보 (from 2.1.1.1 / 2.1.1.2)
BGP routing table entry for mac-ip 0000.0000.5555 172.16.10.12, Route Distinguisher: 20.1.1.1:10
Paths: 2 available
62001 62002
20.2.2.1 from 2.1.1.2 (2.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:62000:10 Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:bf:f9:c1
VNI: 10010 L3 VNI: 5000 ESI: 0000:0000:0000:0000:0000
62001 62002
20.2.2.1 from 2.1.1.1 (2.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:62000:10 Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:bf:f9:c1
VNI: 10010 L3 VNI: 5000 ESI: 0000:0000:0000:0000:0000
// remote(DC2)로 보내는 정보 (from -)
// DC2 host에 대한 RD,RT 정보가 변경됨
BGP routing table entry for mac-ip 0000.0000.5555 172.16.10.12 remote, Route Distinguisher: 20.1.1.4:10
Paths: 1 available
62001 62002
- from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:1000:10 Route-Target-AS:1000:5000 TunnelEncap:tunnelTypeVxlan
VNI: 10010 L3 VNI: 5000 ESI: 0000:0000:0000:0000:0000
[`L3VNI(Type-5)`]
L3VNI(Type-5)
DC1-borderleaf
// 172.16.10.0/24 대역 정보
DC1-borderleaf#show bgp evpn route-type ip-prefix 172.16.10.0/24 detail
BGP routing table information for VRF default
Router identifier 10.1.1.4, local AS number 61004
// local
// DC1-leaf1 경로
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 10.1.1.1:5000
Paths: 2 available
61001 61002
10.2.2.1 from 1.1.1.1 (1.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:04:15:13
VNI: 5000
61001 61002
10.2.2.1 from 1.1.1.2 (1.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:04:15:13
VNI: 5000
// DC1-leaf2 경로
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 10.1.1.2:5000
Paths: 2 available
61001 61003
10.2.2.2 from 1.1.1.1 (1.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:92:22:05
VNI: 5000
61001 61003
10.2.2.2 from 1.1.1.2 (1.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:92:22:05
VNI: 5000
// remote로 보내는 정보 (from -)
// DC1 leaf RD,RT 유지해서 전달
BGP routing table entry for ip-prefix 172.16.10.0/24 remote, Route Distinguisher: 10.1.1.1:5000
Paths: 2 available
61001 61002
10.2.2.1 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:04:15:13
VNI: 5000
61001 61002
10.2.2.1 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:04:15:13
VNI: 5000
// remote로 보내는 정보 (from -)
BGP routing table entry for ip-prefix 172.16.10.0/24 remote, Route Distinguisher: 10.1.1.2:5000
Paths: 2 available
61001 61003
10.2.2.2 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:92:22:05
VNI: 5000
61001 61003
10.2.2.2 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:92:22:05
VNI: 5000
// remote(DC2)에서 받은 정보 (from 20.1.1.4)
// DC2 leaf RD,RT 유지되어 수신 -> 내부로 전파는 X
BGP routing table entry for ip-prefix 172.16.10.0/24 remote, Route Distinguisher: 20.1.1.1:5000 //DC2 leaf-1 RD,RT 유지
Paths: 1 available
62004 62001 62002
20.2.2.4 from 20.1.1.4 (20.1.1.4)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:64:bc:3f
VNI: 5000
BGP routing table entry for ip-prefix 172.16.10.0/24 remote, Route Distinguisher: 20.1.1.2:5000 //DC2 leaf-2 RD,RT 유지
Paths: 1 available
62004 62001 62003
20.2.2.4 from 20.1.1.4 (20.1.1.4)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:64:bc:3f
VNI: 5000
DC2-borderleaf
// 172.16.10.0/24 대역 정보
DC2-borderleaf#show bgp evpn route-type ip-prefix 172.16.10.0/24 detail
BGP routing table information for VRF default
Router identifier 20.1.1.4, local AS number 62004
// local
// DC2-leaf1 경로
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 20.1.1.1:5000
Paths: 2 available
62001 62002
20.2.2.1 from 2.1.1.1 (2.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:bf:f9:c1
VNI: 5000
62001 62002
20.2.2.1 from 2.1.1.2 (2.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:bf:f9:c1
VNI: 5000
// DC2-leaf2 경로
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 20.1.1.2:5000
Paths: 2 available
62001 62003
20.2.2.2 from 2.1.1.1 (2.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:8c:47:83
VNI: 5000
62001 62003
20.2.2.2 from 2.1.1.2 (2.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:8c:47:83
VNI: 5000
// remote(DC1)에서 받은 정보 (from 10.1.1.4)
// DC1 leaf RD,RT 유지되어 수신 -> 내부로 전파는 X
BGP routing table entry for ip-prefix 172.16.10.0/24 remote, Route Distinguisher: 10.1.1.1:5000
Paths: 1 available
61004 61001 61002
10.2.2.4 from 10.1.1.4 (10.1.1.4)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:18:b9:2b
VNI: 5000
BGP routing table entry for ip-prefix 172.16.10.0/24 remote, Route Distinguisher: 10.1.1.2:5000
Paths: 1 available
61004 61001 61003
10.2.2.4 from 10.1.1.4 (10.1.1.4)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:18:b9:2b
VNI: 5000
// remote로 보내는 정보 (from -)
// DC2 leaf RD,RT 유지해서 전달
BGP routing table entry for ip-prefix 172.16.10.0/24 remote, Route Distinguisher: 20.1.1.1:5000
Paths: 2 available
62001 62002
20.2.2.1 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:bf:f9:c1
VNI: 5000
62001 62002
20.2.2.1 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:bf:f9:c1
VNI: 5000
// remote로 보내는 정보 (from -)
BGP routing table entry for ip-prefix 172.16.10.0/24 remote, Route Distinguisher: 20.1.1.2:5000
Paths: 2 available
62001 62003
20.2.2.2 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:8c:47:83
VNI: 5000
62001 62003
20.2.2.2 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:8c:47:83
VNI: 5000
Ping 테스트
Ping 테스트
host1#ping 172.16.10.11
PING 172.16.10.11 (172.16.10.11) 72(100) bytes of data.
80 bytes from 172.16.10.11: icmp_seq=1 ttl=64 time=40.4 ms
80 bytes from 172.16.10.11: icmp_seq=2 ttl=64 time=31.3 ms
host1#ping 172.16.10.12
PING 172.16.10.12 (172.16.10.12) 72(100) bytes of data.
80 bytes from 172.16.10.12: icmp_seq=1 ttl=64 time=126 ms
80 bytes from 172.16.10.12: icmp_seq=2 ttl=64 time=125 ms
host1#ping 172.16.10.13
PING 172.16.10.13 (172.16.10.13) 72(100) bytes of data.
80 bytes from 172.16.10.13: icmp_seq=1 ttl=64 time=47.2 ms
80 bytes from 172.16.10.13: icmp_seq=2 ttl=64 time=65.2 ms
host1#ping 172.16.20.20
PING 172.16.20.20 (172.16.20.20) 72(100) bytes of data.
80 bytes from 172.16.20.20: icmp_seq=1 ttl=63 time=5.52 ms
80 bytes from 172.16.20.20: icmp_seq=2 ttl=63 time=3.12 ms
host1#ping 172.16.20.21
PING 172.16.20.21 (172.16.20.21) 72(100) bytes of data.
80 bytes from 172.16.20.21: icmp_seq=1 ttl=62 time=9.26 ms
80 bytes from 172.16.20.21: icmp_seq=2 ttl=62 time=4.92 ms
host1#ping 172.16.20.22
PING 172.16.20.22 (172.16.20.22) 72(100) bytes of data.
80 bytes from 172.16.20.22: icmp_seq=1 ttl=60 time=62.6 ms
80 bytes from 172.16.20.22: icmp_seq=2 ttl=60 time=68.4 ms
host1#ping 172.16.20.23
PING 172.16.20.23 (172.16.20.23) 72(100) bytes of data.
80 bytes from 172.16.20.23: icmp_seq=1 ttl=60 time=65.2 ms
80 bytes from 172.16.20.23: icmp_seq=2 ttl=60 time=87.7 ms
[참고 사이트]
Arista_VXLAN_BGP_EVPN_Multi-Site.pdf
1.97MB
[Config]
github: vxlan-evpn_multi-site_stretched-L2
'Routing > VXLAN-EVPN' 카테고리의 다른 글
| [EVPN] Multi-Site 환경 VXLAN-EVPN 설계 및 실습 (Routed L3) (0) | 2026.03.24 |
|---|---|
| [EVPN] VXLAN-EVPN 이중화와 Failover 구조 - 멀티호밍 (Multi-homing) (0) | 2026.03.10 |
| [EVPN] VXLAN-EVPN 연동 실습#4 - EVPN Overlay L3VPN 연동 (멑티 테넌트) (0) | 2026.03.03 |
| [EVPN] VXLAN-EVPN 연동 실습#3 - EVPN Overlay L3VPN 연동 (단일 테넌트) (0) | 2026.01.31 |
| [EVPN] VXLAN-EVPN 연동 실습#2 - EVPN Overlay L2VPN 연동 (단일 테넌트) (0) | 2026.01.24 |
