이번 실습에서는 멀티 사이트 간 자유로운 L3 통신을 지원하는 환경을 EVPN-VXLAN 기반으로 구축합니다.
설정 정보 (Spine)
spine 스위치는 fabric 내 모든 leaf를 연결하는 허브 역할을 수행합니다.
대규모 fabric 확장에 유리한 eBGP를 Underlay 프로토콜로 채택하였으며, leaf 간의 직접적인 터널링을 보장하기 위해 Underlay와 Overlay 세션을 분리합니다.
1. Underlay eBGP 구성 (IP Routing)
- 물리적 연결을 바탕으로 VTEP(Loopback) IP의 도달성을 확보하는 단계입니다.
- Interface 피어링: OSPF 등 IGP를 사용하는 대신, 물리 인터페이스에 할당된 IP를 사용하여 Leaf 스위치와 eBGP 피어링을 맺습니다. 이를 통해 대규모 망에서 정밀한 라우팅 정책 제어가 가능해집니다.
- Loopback 경로 중계: Spine은 단순히 자신의 Loopback을 광고하는 것에 그치지 않고, 특정 Leaf로부터 수신한 Loopback(VTEP) 경로를 다른 모든 Leaf에게 중계합니다. 이를 통해 모든 장비가 서로의 VTEP 주소를 학습하고 통신할 수 있는 기반이 마련됩니다.
2. Overlay eBGP 구성 (Loopback 피어링)
- Control Plane에서 실제 테넌트의 MAC/IP 라우팅 정보를 교환하는 단계로, VXLAN의 무결성을 유지하기 위한 특수 설정이 동반됩니다.
- Loopback 피어링 & eBGP Multihop
- 물리 링크 장애 시에도 세션을 유지하기 위해 안정적인 `Loopback0` 인터페이스 간에 피어링을 맺습니다.
- eBGP는 기본적으로 직접 연결된 장비(TTL=1)하고만 피어링을 허용합니다.
- Loopback 간 피어링은 논리적으로 1 Hop 이상 떨어져 있으므로, `ebgp-multihop` 옵션을 통해 TTL 값을 늘려 세션이 정상적으로 수립되도록 합니다.
- Next-Hop 유지(`next-hop-unchanged`)
- eBGP는 기본적으로 next-hop을 자신으로 변경하지만, VXLAN 터널은 leaf 간 직접 연결되어야 하므로 이 옵션을 필수적으로 사용하여 leaf IP를 유지합니다.
- `neighbor EVPN-OVERLAY next-hop-unchanged` 설정을 적용하여, spine이 경로를 중계할 때 최초 출발지 leaf의 VTEP IP를 그대로 유지하도록 강제합니다. 이를 통해 leaf 간 직접적인 VXLAN 터널링이 완성됩니다.
설정 정보 (Spine)
DC1-spine1
[DC1-spine1]
[MP-BGP_EVPN]
router bgp 61001
router-id 1.1.1.1
maximum-paths 4
neighbor EVPN-OVERLAY peer group
neighbor EVPN-OVERLAY next-hop-unchanged
neighbor EVPN-OVERLAY update-source Loopback0
neighbor EVPN-OVERLAY ebgp-multihop 3
neighbor EVPN-OVERLAY send-community extended
neighbor UNDERLAY peer group
neighbor UNDERLAY send-community
neighbor UNDERLAY maximum-routes 12000
neighbor 10.0.11.3 peer group UNDERLAY
neighbor 10.0.11.3 remote-as 61002
neighbor 10.0.11.3 description DC1-leaf1
neighbor 10.0.12.4 peer group UNDERLAY
neighbor 10.0.12.4 remote-as 61003
neighbor 10.0.12.4 description DC1-leaf2
neighbor 10.0.14.6 peer group UNDERLAY
neighbor 10.0.14.6 remote-as 61004
neighbor 10.0.14.6 description DC1-borderleaf
neighbor 10.1.1.1 peer group EVPN-OVERLAY
neighbor 10.1.1.1 remote-as 61002
neighbor 10.1.1.1 description DC1-leaf1
neighbor 10.1.1.2 peer group EVPN-OVERLAY
neighbor 10.1.1.2 remote-as 61003
neighbor 10.1.1.2 description DC1-leaf2
neighbor 10.1.1.4 peer group EVPN-OVERLAY
neighbor 10.1.1.4 remote-as 61004
neighbor 10.1.1.4 description DC1-borderleaf
!
address-family evpn
neighbor EVPN-OVERLAY activate
!
address-family ipv4
no neighbor EVPN-OVERLAY activate
neighbor UNDERLAY activate
network 1.1.1.1/32
DC1-spine2
[DC1-spine2]
[MP-BGP_EVPN]
router bgp 61001
router-id 1.1.1.2
maximum-paths 4
neighbor EVPN-OVERLAY peer group
neighbor EVPN-OVERLAY next-hop-unchanged
neighbor EVPN-OVERLAY update-source Loopback0
neighbor EVPN-OVERLAY ebgp-multihop 3
neighbor EVPN-OVERLAY send-community extended
neighbor UNDERLAY peer group
neighbor UNDERLAY send-community
neighbor UNDERLAY maximum-routes 12000
neighbor 10.0.21.3 peer group UNDERLAY
neighbor 10.0.21.3 remote-as 61002
neighbor 10.0.21.3 description DC1-leaf1
neighbor 10.0.22.4 peer group UNDERLAY
neighbor 10.0.22.4 remote-as 61003
neighbor 10.0.22.4 description DC1-leaf2
neighbor 10.0.24.6 peer group UNDERLAY
neighbor 10.0.24.6 remote-as 61004
neighbor 10.0.24.6 description DC1-borderleaf
neighbor 10.1.1.1 peer group EVPN-OVERLAY
neighbor 10.1.1.1 remote-as 61002
neighbor 10.1.1.1 description DC1-leaf1
neighbor 10.1.1.2 peer group EVPN-OVERLAY
neighbor 10.1.1.2 remote-as 61003
neighbor 10.1.1.2 description DC1-leaf2
neighbor 10.1.1.4 peer group EVPN-OVERLAY
neighbor 10.1.1.4 remote-as 61004
neighbor 10.1.1.4 description DC1-borderleaf
!
address-family evpn
neighbor EVPN-OVERLAY activate
!
address-family ipv4
no neighbor EVPN-OVERLAY activate
neighbor UNDERLAY activate
network 1.1.1.2/32
설정 정보 (Leaf)
leaf 스위치는 호스트와 직접 연결되는 `compute leaf`와 외부 사이트 연결을 담당하는 `border leaf`로 나뉩니다.
eBGP 기반의 Underlay 구성을 적용하여 각 leaf의 독립성을 보장하고, border leaf를 통해 멀티 사이트 간의 유연한 연동을 구현했습니다.
1. 각 Leaf 별 고유 BGP AS 번호 할당 (`loop prevention`)
- 각 leaf(또는 MLAG pair)마다 서로 다른 고유한 AS 번호를 할당했습니다. (예: DC1 Leaf는 61002, DC2 Leaf는 62002 등)
- BGP의 기본 루프 방지 메커니즘인 `AS-Path` 속성이 자연스럽게 동작하여, 설정이 간결해지고 네트워크의 안정성이 높아집니다.
2. Underlay / Overlay 네이버(Neighbor) 분리
- 물리적 경로 확보(Underlay)와 서비스 라우팅 정보 교환(Overlay)의 contorl plane을 분리하여 구성합니다.
- `Underlay peering` (IPv4 Unicast)
- Spine의 물리 인터페이스 IP와 피어링을 맺어 기본 통신 경로를 확립합니다.
- 자신의 Loopback0(Router-ID)와 Loopback1(VTEP Source IP)을 `network` 명령어로 광고함으로써 VXLAN 터널링 경로를 확보합니다.
- `Overlay peering` (L2VPN EVPN)
- spine의 loopback0 IP와 피어링을 맺습니다.
- 실제 테넌트의 MAC/IP 정보를 교환하며 물리 링크 장애 시에도 세션이 유지됩니다.
- eBGP Multihop 설정 (TTL 조정)
- Overlay 피어링은 직접 연결되지 않은 loopback 인터페이스 간에 이루어집니다.
- eBGP는 기본적으로 TTL이 1이므로, `ebgp-multihop` (예: 3) 설정을 필수적으로 적용하여 통신이 가능하도록 합니다.
3. 스위치 역할 별 세부 설정 (Compute vs Border)
이번 Routed L3 멀티 사이트 아키텍처에서는 L2 도메인을 분리하고 L3 라우팅을 통해서만 DC 간 통신을 수행합니다.
- `Compute Leaf`: Anycast Gateway 및 Symmetric IRB
- 호스트가 연결된 compute leaf는 동일한 SVI(Interface Vlan) IP와 Virtual Router MAC을 가지는 Anycast Gateway로 동작하여 단말의 기본 게이트웨이 역할을 수행합니다.
- SVI에 VRF를 바인딩함으로써, 로컬 MAC-IP(type-2) 정보를 학습함과 동시에 다른 서브넷으로 가기 위한 L3VNI 라우팅 처리를 수행합니다.
- `Border Leaf`: DCI Gateway 및 EVPN Domain Remote
- 단일 데이터센터를 넘어 타 사이트와 통신할 때 관문 역할을 수행하며, 연결 구간을 `domain remote`로 정의하여 외부 트래픽을 독립적으로 제어합니다.
- L2 정보(Type-2) 전파 차단: 서브넷이 분리된 Routed L3 환경이므로, 불필요한 브로드캐스트 스톰 방지를 위해 로컬 MAC-IP 정보는 외부(Remote DC)로 전파하지 않습니다.
- L3 정보(Type-5) 중계 (Pass-through): 다른 데이터센터의 대역 정보(IP-Prefix)는 라우팅 효율을 위해 경로를 재생성하지 않고 중계합니다.
- next-hop 제어: `next-hop-self ... ip-prefix` 설정을 통해 경로의 next-hop만 자신(border leaf)으로 변경하고, 기존 원본 RT(예: 62000:5000) 속성은 건드리지 않고 전달합니다.
- RT 매핑 및 수용: 각 DC의 로컬 RT를 상호 `import` 하도록 설정하여, 외부망에서 원본 속성 그대로 중계되어 온 상대방의 서브넷 정보를 로컬 VRF 라우팅 테이블에 성공적으로 안착시킵니다.
설정 정보 (Leaf)
DC1-Leaf1
[DC1-Leaf1]
[vrf]
vrf instance A
!
interface Vlan10
vrf A
ip address 172.16.10.1/24
ip virtual-router address 172.16.10.254
!
interface Vlan20
vrf A
ip address 172.16.20.1/24
ip virtual-router address 172.16.20.254
!
ip virtual-router mac-address 00:00:00:aa:aa:aa
!
ip routing vrf A
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 10 vni 10010
vxlan vlan 20 vni 20020
vxlan vrf A vni 5000
[MP-BGP_EVPN]
router bgp 61002
router-id 10.1.1.1
maximum-paths 4 // ECMP 설정
neighbor SPINE-EVPN peer group
neighbor SPINE-EVPN remote-as 61001
neighbor SPINE-EVPN update-source Loopback0
neighbor SPINE-EVPN ebgp-multihop 3
neighbor SPINE-EVPN send-community extended
neighbor SPINE-UNDERLAY peer group
neighbor SPINE-UNDERLAY remote-as 61001
neighbor SPINE-UNDERLAY send-community
neighbor 1.1.1.1 peer group SPINE-EVPN
neighbor 1.1.1.1 description DC1-spine1
neighbor 1.1.1.2 peer group SPINE-EVPN
neighbor 1.1.1.2 description DC1-spine2
neighbor 10.0.11.1 peer group SPINE-UNDERLAY
neighbor 10.0.21.2 peer group SPINE-UNDERLAY
!
vlan 10
rd 10.1.1.1:10
route-target both 61000:10
redistribute learned
!
vlan 20
rd 10.1.1.1:20
route-target both 61000:20
redistribute learned
!
address-family evpn
neighbor SPINE-EVPN activate
!
address-family ipv4
no neighbor SPINE-EVPN activate
neighbor SPINE-UNDERLAY activate
network 10.1.1.1/32
network 10.2.2.1/32
!
vrf A
rd 10.1.1.1:5000
route-target import 61000:5000
route-target import 62000:5000
route-target export 61000:5000
redistribute connected
DC1-Leaf2
[DC1-Leaf2]
[vrf]
vrf instance A
!
interface Vlan10
vrf A
ip address 172.16.10.2/24
ip virtual-router address 172.16.10.254
!
interface Vlan20
vrf A
ip address 172.16.20.2/24
ip virtual-router address 172.16.20.254
!
ip virtual-router mac-address 00:00:00:aa:aa:aa
!
ip routing vrf A
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 10 vni 10010
vxlan vlan 20 vni 20020
vxlan vrf A vni 5000
[MP-BGP_EVPN]
router bgp 61003
router-id 10.1.1.2
maximum-paths 4 // ECMP 설정
neighbor SPINE-EVPN peer group
neighbor SPINE-EVPN remote-as 61001
neighbor SPINE-EVPN update-source Loopback0
neighbor SPINE-EVPN ebgp-multihop 3
neighbor SPINE-EVPN send-community extended
neighbor SPINE-UNDERLAY peer group
neighbor SPINE-UNDERLAY remote-as 61001
neighbor SPINE-UNDERLAY send-community
neighbor 1.1.1.1 peer group SPINE-EVPN
neighbor 1.1.1.1 description DC1-spine1
neighbor 1.1.1.2 peer group SPINE-EVPN
neighbor 1.1.1.2 description DC1-spine2
neighbor 10.0.12.1 peer group SPINE-UNDERLAY
neighbor 10.0.22.2 peer group SPINE-UNDERLAY
!
vlan 10
rd 10.1.1.2:10
route-target both 61000:10
redistribute learned
!
vlan 20
rd 10.1.1.2:20
route-target both 61000:20
redistribute learned
!
address-family evpn
neighbor SPINE-EVPN activate
!
address-family ipv4
no neighbor SPINE-EVPN activate
neighbor SPINE-UNDERLAY activate
network 10.1.1.2/32
network 10.2.2.2/32
!
vrf A
rd 10.1.1.2:5000
route-target import 61000:5000
route-target import 62000:5000
route-target export 61000:5000
redistribute connected
DC1-borderleaf
[DC1-borderleaf]
vlan 10,20,100,200
[vrf]
vrf instance A
!
vrf instance B
!
interface Vlan100
description External-Link-VRF-A
vrf A
ip address 192.168.100.1/24
!
interface Vlan200
description External-Link-VRF-B
vrf B
ip address 192.168.200.1/24
!
interface Vlan10 // SVI 설정으로 vlan-vrf 매칭
vrf A
!
interface Vlan20 // SVI 설정으로 vlan-vrf 매칭
vrf A
!
ip routing vrf A
ip routing vrf B
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 10 vni 10010
vxlan vlan 20 vni 20020
vxlan vrf A vni 5000
[MP-BGP_EVPN]
router bgp 61004
router-id 10.1.1.4
maximum-paths 4 // ECMP 설정
neighbor DCI-PEER peer group
neighbor DCI-PEER remote-as 65002
neighbor DCI-PEER update-source Loopback0
neighbor DCI-PEER allowas-in 1
neighbor DCI-PEER ebgp-multihop 10
neighbor DCI-PEER send-community extended
neighbor DCI-PEER maximum-routes 12000
neighbor SPINE-EVPN peer group
neighbor SPINE-EVPN remote-as 61001
neighbor SPINE-EVPN update-source Loopback0
neighbor SPINE-EVPN ebgp-multihop 3
neighbor SPINE-EVPN send-community extended
neighbor SPINE-UNDERLAY peer group
neighbor SPINE-UNDERLAY remote-as 61001
neighbor SPINE-UNDERLAY send-community
neighbor WAN-ROUTER peer group
neighbor WAN-ROUTER remote-as 1000
neighbor 1.1.1.1 peer group SPINE-EVPN
neighbor 1.1.1.1 description DC1-spine1
neighbor 1.1.1.2 peer group SPINE-EVPN
neighbor 1.1.1.2 description DC1-spine2
neighbor 10.0.14.1 peer group SPINE-UNDERLAY
neighbor 10.0.24.2 peer group SPINE-UNDERLAY
neighbor 10.123.11.2 peer group WAN-ROUTER
neighbor 10.123.12.2 peer group WAN-ROUTER
neighbor 20.1.1.4 peer group DCI-PEER
neighbor 20.1.1.4 description DC2-borderleaf
!
vlan 10
rd evpn domain all 10.1.1.4:10
route-target both 61000:10
redistribute learned
!
vlan 20
rd evpn domain all 10.1.1.4:20
route-target both 61000:20
redistribute learned
!
address-family evpn
neighbor DCI-PEER activate
neighbor DCI-PEER domain remote
neighbor DCI-PEER next-hop-self received-evpn-routes route-type ip-prefix inter-domain
neighbor SPINE-EVPN activate
!
address-family ipv4
no neighbor SPINE-EVPN activate
neighbor SPINE-UNDERLAY activate
neighbor WAN-ROUTER activate
network 10.1.1.4/32
network 10.2.2.4/32
!
vrf A
rd evpn domain all 10.1.1.4:5000
route-target import 61000:5000
route-target import 62000:5000
route-target import evpn domain remote 1000:5000
route-target export 61000:5000
route-target export evpn domain remote 1000:5000
redistribute static
DC2-Leaf1
[DC2-Leaf1]
[vrf]
vrf instance A
!
interface Vlan30
vrf A
ip address 172.16.30.1/24
ip virtual-router address 172.16.30.254
!
interface Vlan40
vrf A
ip address 172.16.40.1/24
ip virtual-router address 172.16.40.254
!
ip virtual-router mac-address 00:00:00:aa:aa:aa
!
ip routing vrf A
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 30 vni 30030
vxlan vlan 40 vni 40040
vxlan vrf A vni 5000
[MP-BGP_EVPN]
router bgp 62002
router-id 20.1.1.1
maximum-paths 4 // ECMP 설정
neighbor SPINE-EVPN peer group
neighbor SPINE-EVPN remote-as 62001
neighbor SPINE-EVPN update-source Loopback0
neighbor SPINE-EVPN ebgp-multihop 3
neighbor SPINE-EVPN send-community extended
neighbor SPINE-UNDERLAY peer group
neighbor SPINE-UNDERLAY remote-as 62001
neighbor SPINE-UNDERLAY send-community
neighbor 2.1.1.1 peer group SPINE-EVPN
neighbor 2.1.1.1 description DC2-spine1
neighbor 2.1.1.2 peer group SPINE-EVPN
neighbor 2.1.1.2 description DC2-spine2
neighbor 20.0.11.1 peer group SPINE-UNDERLAY
neighbor 20.0.21.2 peer group SPINE-UNDERLAY
!
vlan 30
rd 20.1.1.1:30
route-target both 62000:30
redistribute learned
!
vlan 40
rd 20.1.1.1:40
route-target both 62000:40
redistribute learned
!
address-family evpn
neighbor SPINE-EVPN activate
!
address-family ipv4
no neighbor SPINE-EVPN activate
neighbor SPINE-UNDERLAY activate
network 20.1.1.1/32
network 20.2.2.1/32
!
vrf A
rd 20.1.1.1:5000
route-target import 61000:5000
route-target import 62000:5000
route-target export 62000:5000
redistribute connected
DC2-Leaf2
[DC2-Leaf2]
[vrf]
vrf instance A
!
interface Vlan30
vrf A
ip address 172.16.30.2/24
ip virtual-router address 172.16.30.254
!
interface Vlan40
vrf A
ip address 172.16.40.2/24
ip virtual-router address 172.16.40.254
!
ip virtual-router mac-address 00:00:00:aa:aa:aa
!
ip routing vrf A
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 30 vni 30030
vxlan vlan 40 vni 40040
vxlan vrf A vni 5000
[MP-BGP_EVPN]
router bgp 62003
router-id 20.1.1.2
maximum-paths 4 // ECMP 설정
neighbor SPINE-EVPN peer group
neighbor SPINE-EVPN remote-as 62001
neighbor SPINE-EVPN update-source Loopback0
neighbor SPINE-EVPN ebgp-multihop 3
neighbor SPINE-EVPN send-community extended
neighbor SPINE-UNDERLAY peer group
neighbor SPINE-UNDERLAY remote-as 62001
neighbor SPINE-UNDERLAY send-community
neighbor 2.1.1.1 peer group SPINE-EVPN
neighbor 2.1.1.1 description DC2-spine1
neighbor 2.1.1.2 peer group SPINE-EVPN
neighbor 2.1.1.2 description DC2-spine2
neighbor 20.0.12.1 peer group SPINE-UNDERLAY
neighbor 20.0.22.2 peer group SPINE-UNDERLAY
!
vlan 30
rd 20.1.1.2:30
route-target both 62000:30
redistribute learned
!
vlan 40
rd 20.1.1.2:40
route-target both 62000:40
redistribute learned
!
address-family evpn
neighbor SPINE-EVPN activate
!
address-family ipv4
no neighbor SPINE-EVPN activate
neighbor SPINE-UNDERLAY activate
network 20.1.1.2/32
network 20.2.2.2/32
!
vrf A
rd 20.1.1.2:5000
route-target import 61000:5000
route-target import 62000:5000
route-target export 62000:5000
redistribute connected
DC2-borderleaf
[DC2-borderleaf]
vlan 30,40,100,200
[vrf]
vrf instance A
!
vrf instance B
!
interface Vlan100
description External-Link-VRF-A
vrf A
ip address 192.168.100.1/24
!
interface Vlan200
description External-Link-VRF-B
vrf B
ip address 192.168.200.1/24
!
interface Vlan30 // SVI 설정으로 vlan-vrf 매칭
vrf A
!
interface Vlan40 // SVI 설정으로 vlan-vrf 매칭
vrf A
!
ip routing vrf A
ip routing vrf B
[VxLAN]
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 30 vni 30030
vxlan vlan 40 vni 40040
vxlan vrf A vni 5000
[MP-BGP_EVPN]
router bgp 62004
router-id 20.1.1.4
maximum-paths 4 // ECMP 설정
neighbor DCI-PEER peer group
neighbor DCI-PEER remote-as 61004
neighbor DCI-PEER update-source Loopback0
neighbor DCI-PEER allowas-in 1
neighbor DCI-PEER ebgp-multihop 10
neighbor DCI-PEER send-community extended
neighbor DCI-PEER maximum-routes 12000
neighbor SPINE-EVPN peer group
neighbor SPINE-EVPN remote-as 62001
neighbor SPINE-EVPN update-source Loopback0
neighbor SPINE-EVPN ebgp-multihop 3
neighbor SPINE-EVPN send-community extended
neighbor SPINE-UNDERLAY peer group
neighbor SPINE-UNDERLAY remote-as 62001
neighbor SPINE-UNDERLAY send-community
neighbor WAN-ROUTER peer group
neighbor WAN-ROUTER remote-as 1000
neighbor 2.1.1.1 peer group SPINE-EVPN
neighbor 2.1.1.1 description DC2-spine1
neighbor 2.1.1.2 peer group SPINE-EVPN
neighbor 2.1.1.2 description DC2-spine2
neighbor 10.1.1.4 peer group DCI-PEER
neighbor 10.1.1.4 description DC1-borderleaf
neighbor 10.123.21.2 peer group WAN-ROUTER
neighbor 10.123.22.2 peer group WAN-ROUTER
neighbor 20.0.14.1 peer group SPINE-UNDERLAY
neighbor 20.0.24.2 peer group SPINE-UNDERLAY
!
vlan 30
rd evpn domain all 20.1.1.4:30
route-target both 62000:30
redistribute learned
!
vlan 40
rd evpn domain all 20.1.1.4:40
route-target both 62000:40
redistribute learned
!
address-family evpn
neighbor DCI-PEER activate
neighbor DCI-PEER domain remote
neighbor DCI-PEER next-hop-self received-evpn-routes route-type ip-prefix inter-domain
neighbor SPINE-EVPN activate
!
address-family ipv4
no neighbor SPINE-EVPN activate
neighbor SPINE-UNDERLAY activate
neighbor WAN-ROUTER activate
network 20.1.1.4/32
network 20.2.2.4/32
!
vrf A
rd evpn domain all 20.1.1.4:5000
route-target import 61000:5000
route-target import 62000:5000
route-target import evpn domain remote 1000:5000
route-target export 62000:5000
route-target export evpn domain remote 1000:5000
redistribute static
VXLAN VTEP 상태 확인
구성이 완료된 후 `show interfaces vxlan 1` 명령어를 통해 VTEP의 상태와 터널링 정보가 올바르게 학습되었는지 확인합니다.
- Status: `Vxlan1 is up` 상태여야 합니다.
- Source Interface: VTEP용 IP인 `Loopback1`이 매핑되어야 합니다.
- VNI Mapping: VLAN(L2) 및 VRF(L3)와 VNI 매핑 정보가 설정과 일치해야 합니다. `Static VLAN to VNI mapping` / `Static VRF to VNI mapping`
- Flood List: BUM(Broadcast, Unknown Unicast, Multicast) 트래픽을 복제해서 보낼 상대방 VTEP 목록이 정상적으로 보여야 합니다. `Headend replication flood vtep list`
1. Compute Leaf (DC1-Leaf1) 확인
- Local Flood List: `10.2.2.2` (Leaf2)와 `10.2.2.4` (Border Leaf)만 확인됩니다.
- Remote Site의 VTEP(`20.2.2.4`)은 보이지 않습니다. 이는 Border Leaf가 Gateway 역할을 수행하며 터널을 종단하기 때문입니다.
2. Border Leaf (DC1-borderleaf) 확인
- L2 Flood List 차단 (Routed L3의 핵심)
- Flood List에 로컬 장비(`10.2.2.1`, `10.2.2.2`)만 존재하며, 원격지 Border Leaf(`20.2.2.4`)는 포함되어 있지 않습니다.
- 서브넷이 분리된 Routed L3 환경에서는 불필요한 ARP/Broadcast 트래픽(BUM 트래픽)이 DCI 구간을 타고 다른 데이터센터로 넘어가는 것을 방지하기 위해, type-3 (IMET) 경로를 통한 L2 터널링을 외부로 확장하지 않습니다.
- VTEP to VTEP bridging: `VTEP to VTEP bridging is enabled` 문구는 이 장비가 단일 스위치를 넘어, 들어온 VXLAN 패킷의 캡슐화를 해제하고 라우팅한 뒤 다시 캡슐화하여 전송하는 트랜짓(Transit) 게이트웨이 역할을 수행할 준비가 되었음을 나타냅니다.
- L3 터널링 (VRF 매핑): `Static VRF to VNI mapping is [A, 5000]` 로그를 통해, 원격지와의 통신은 L2 Flood가 아닌 L3 VNI(5000)를 통한 순수 라우팅(Type-5) 기반 터널링으로 동작함을 증명합니다.
VXLAN VTEP 상태 확인
DC1-Leaf1
[DC1-Leaf1]
DC1-leaf1#show interfaces vxlan 1
Vxlan1 is up, line protocol is up (connected)
Hardware is Vxlan
Source interface is Loopback1 and is active with 10.2.2.1
Listening on UDP port 4789
Replication/Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is
[10, 10010] [20, 20020]
Dynamic VLAN to VNI mapping for 'evpn' is
[4098, 5000]
Note: All Dynamic VLANs used by VCS are internal VLANs.
Use 'show vxlan vni' for details.
Static VRF to VNI mapping is
[A, 5000]
Headend replication flood vtep list is:
10 10.2.2.2 10.2.2.4
20 10.2.2.2 10.2.2.4
Shared Router MAC is 0000.0000.0000
DC1-Leaf2
[DC1-Leaf2]
DC1-leaf2#show interfaces vxlan 1
Vxlan1 is up, line protocol is up (connected)
Hardware is Vxlan
Source interface is Loopback1 and is active with 10.2.2.2
Listening on UDP port 4789
Replication/Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is
[10, 10010] [20, 20020]
Dynamic VLAN to VNI mapping for 'evpn' is
[4097, 5000]
Note: All Dynamic VLANs used by VCS are internal VLANs.
Use 'show vxlan vni' for details.
Static VRF to VNI mapping is
[A, 5000]
Headend replication flood vtep list is:
10 10.2.2.1 10.2.2.4
20 10.2.2.1 10.2.2.4
Shared Router MAC is 0000.0000.0000
DC1-borderleaf
[DC1-borderleaf]
DC1-borderleaf#show interfaces vxlan 1
Vxlan1 is up, line protocol is up (connected)
Hardware is Vxlan
Source interface is Loopback1 and is active with 10.2.2.4
Listening on UDP port 4789
Replication/Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is
[10, 10010] [20, 20020]
Dynamic VLAN to VNI mapping for 'evpn' is
[4097, 5000]
Note: All Dynamic VLANs used by VCS are internal VLANs.
Use 'show vxlan vni' for details.
Static VRF to VNI mapping is
[A, 5000]
Headend replication flood vtep list is:
10 10.2.2.2 10.2.2.1
20 10.2.2.2 10.2.2.1
Shared Router MAC is 0000.0000.0000
VTEP to VTEP bridging is enabled
ARP proxying disabled for requests received over VXLAN
ND proxying disabled for requests received over VXLAN
DC2-Leaf1
[DC2-Leaf1]
DC2-leaf1#show interfaces vxlan 1
Vxlan1 is up, line protocol is up (connected)
Hardware is Vxlan
Source interface is Loopback1 and is active with 20.2.2.1
Listening on UDP port 4789
Replication/Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is
[30, 30030] [40, 40040]
Dynamic VLAN to VNI mapping for 'evpn' is
[4097, 5000]
Note: All Dynamic VLANs used by VCS are internal VLANs.
Use 'show vxlan vni' for details.
Static VRF to VNI mapping is
[A, 5000]
Headend replication flood vtep list is:
30 20.2.2.2 20.2.2.4
40 20.2.2.2 20.2.2.4
Shared Router MAC is 0000.0000.0000
DC2-Leaf2
[DC2-Leaf2]
DC2-leaf2#show interfaces vxlan 1
Vxlan1 is up, line protocol is up (connected)
Hardware is Vxlan
Source interface is Loopback1 and is active with 20.2.2.2
Listening on UDP port 4789
Replication/Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is
[30, 30030] [40, 40040]
Dynamic VLAN to VNI mapping for 'evpn' is
[4097, 5000]
Note: All Dynamic VLANs used by VCS are internal VLANs.
Use 'show vxlan vni' for details.
Static VRF to VNI mapping is
[A, 5000]
Headend replication flood vtep list is:
30 20.2.2.4 20.2.2.1
40 20.2.2.4 20.2.2.1
Shared Router MAC is 0000.0000.0000
DC2-borderleaf
[DC2-borderleaf]
DC2-borderleaf#show interfaces vxlan 1
Vxlan1 is up, line protocol is up (connected)
Hardware is Vxlan
Source interface is Loopback1 and is active with 20.2.2.4
Listening on UDP port 4789
Replication/Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is
[30, 30030] [40, 40040]
Dynamic VLAN to VNI mapping for 'evpn' is
[4097, 5000]
Note: All Dynamic VLANs used by VCS are internal VLANs.
Use 'show vxlan vni' for details.
Static VRF to VNI mapping is
[A, 5000]
Headend replication flood vtep list is:
30 20.2.2.2 20.2.2.1
40 20.2.2.2 20.2.2.1
Shared Router MAC is 0000.0000.0000
VTEP to VTEP bridging is enabled
ARP proxying disabled for requests received over VXLAN
ND proxying disabled for requests received over VXLAN
라우팅 테이블 확인 (Spine / Leaf)
spine 스위치는 Underlay 네트워크의 중심에서 모든 leaf의 경로 정보를 학습하고 있어야 합니다.
특히 eBGP(B E)를 통해 학습된 경로들이 정상적으로 보이는지, 그리고 로컬 사이트(DC1)와 원격 사이트(DC2)로 가는 경로가 올바른 next-hop을 가리키고 있는지 확인합니다.
- DC1 내부의 Leaf Loopback 주소들(`10.1.1.x`, `10.2.2.x`)이 각 Leaf의 물리 인터페이스를 next-hop으로 가리켜야 합니다.
- DC2의 주소 대역(`20.x.x.x`)이 모두 border leaf(`10.0.14.6`)를 next-hop으로 가리켜야 합니다.
라우팅 테이블 (Spine)
DC1-Spine1
[DC1-Spine1]
DC1-spine1#show ip route bgp
...
//DC1 대역 라우팅
B E 10.1.1.1/32 [200/0]
via 10.0.11.3, Ethernet2
B E 10.1.1.2/32 [200/0]
via 10.0.12.4, Ethernet3
B E 10.1.1.4/32 [200/0]
via 10.0.14.6, Ethernet4
B E 10.2.2.1/32 [200/0]
via 10.0.11.3, Ethernet2
B E 10.2.2.2/32 [200/0]
via 10.0.12.4, Ethernet3
B E 10.2.2.4/32 [200/0]
via 10.0.14.6, Ethernet4
// DC2 대역 라우팅
B E 2.1.1.1/32 [200/0]
via 10.0.14.6, Ethernet4 // next-hop: border leaf
B E 2.1.1.2/32 [200/0]
via 10.0.14.6, Ethernet4
B E 20.1.1.1/32 [200/0]
via 10.0.14.6, Ethernet4
B E 20.1.1.2/32 [200/0]
via 10.0.14.6, Ethernet4
B E 20.1.1.4/32 [200/0]
via 10.0.14.6, Ethernet4
B E 20.2.2.1/32 [200/0]
via 10.0.14.6, Ethernet4
B E 20.2.2.2/32 [200/0]
via 10.0.14.6, Ethernet4
B E 20.2.2.4/32 [200/0]
via 10.0.14.6, Ethernet4
DC2-Spine1
[DC2-Spine1]
DC2-spine1#show ip route bgp
...
//DC1 대역 라우팅
B E 1.1.1.1/32 [200/0]
via 20.0.14.6, Ethernet4 // next-hop: border leaf
B E 1.1.1.2/32 [200/0]
via 20.0.14.6, Ethernet4
B E 10.1.1.1/32 [200/0]
via 20.0.14.6, Ethernet4
B E 10.1.1.2/32 [200/0]
via 20.0.14.6, Ethernet4
B E 10.1.1.4/32 [200/0]
via 20.0.14.6, Ethernet4
B E 10.2.2.1/32 [200/0]
via 20.0.14.6, Ethernet4
B E 10.2.2.2/32 [200/0]
via 20.0.14.6, Ethernet4
B E 10.2.2.4/32 [200/0]
via 20.0.14.6, Ethernet4
//DC2 대역 라우팅
B E 20.1.1.1/32 [200/0]
via 20.0.11.3, Ethernet2
B E 20.1.1.2/32 [200/0]
via 20.0.12.4, Ethernet3
B E 20.1.1.4/32 [200/0]
via 20.0.14.6, Ethernet4
B E 20.2.2.1/32 [200/0]
via 20.0.11.3, Ethernet2
B E 20.2.2.2/32 [200/0]
via 20.0.12.4, Ethernet3
B E 20.2.2.4/32 [200/0]
via 20.0.14.6, Ethernet4
leaf 스위치는 Underlay(Global Routing Table)와 Overlay(VRF Routing Table)를 구분해서 확인해야 합니다.
특히 Overlay 테이블에서 물리 인터페이스가 아닌 VTEP IP를 next-hop으로 가리키고 있는지를 확인 해야합니다.
- 글로벌 라우팅 테이블: Underlay 네트워크(eBGP)를 통해 모든 VTEP IP(Loopback1)에 도달할 수 있는지 확인합니다.
- VRF 라우팅 테이블
- host route(type-2): EVPN을 통해 학습한 개별 단말의 호스트 경로(`/32`)가 목적지 장비가 연결된 내부 Leaf 스위치의 VTEP IP를 next-hop으로 올바르게 가리키고 있는지 확인합니다.
- subnet route(type-5): 타 데이터센터(Remote DC)의 서브넷 경로(`/24`)가 DCI 구간의 관문 역할을 하는 Border Leaf의 VTEP IP를 next-hop으로 향하고 있는지 확인합니다.
[leaf]
라우팅 테이블 (Leaf)
DC1-Leaf1
[DC1-Leaf1]
// Underlay 라우팅 테이블
DC1-leaf1#show ip route bgp
...
//spine 대역 라우팅
B E 1.1.1.1/32 [200/0]
via 10.0.11.1, Ethernet1
B E 1.1.1.2/32 [200/0]
via 10.0.21.2, Ethernet2
B E 2.1.1.1/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 2.1.1.2/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
//DC1 대역 라우팅
B E 10.1.1.2/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 10.1.1.4/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 10.2.2.2/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 10.2.2.4/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
//DC2 대역 라우팅
B E 20.1.1.1/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 20.1.1.2/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 20.1.1.4/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 20.2.2.1/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 20.2.2.2/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
B E 20.2.2.4/32 [200/0]
via 10.0.11.1, Ethernet1
via 10.0.21.2, Ethernet2
// Overlay 라우팅 테이블
DC1-leaf1#show ip route vrf A bgp
...
B E 172.16.10.11/32 [200/0]
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:e6:36:c3 local-interface Vxlan1
B E 172.16.20.11/32 [200/0]
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:e6:36:c3 local-interface Vxlan1
B E 172.16.30.0/24 [200/0]
via VTEP 10.2.2.4 VNI 5000 router-mac 00:1c:73:3a:22:13 local-interface Vxlan1
B E 172.16.40.0/24 [200/0]
via VTEP 10.2.2.4 VNI 5000 router-mac 00:1c:73:3a:22:13 local-interface Vxlan1
DC2-Leaf1
[DC2-Leaf1]
// Underlay 라우팅 테이블
DC2-leaf1#show ip route bgp
...
//spine 대역 라우팅
B E 1.1.1.1/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 1.1.1.2/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 2.1.1.1/32 [200/0]
via 20.0.11.1, Ethernet1
B E 2.1.1.2/32 [200/0]
via 20.0.21.2, Ethernet2
//DC1 대역 라우팅
B E 10.1.1.1/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 10.1.1.2/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 10.1.1.4/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 10.2.2.1/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 10.2.2.2/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 10.2.2.4/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
//DC2 대역 라우팅
B E 20.1.1.2/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 20.1.1.4/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 20.2.2.2/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
B E 20.2.2.4/32 [200/0]
via 20.0.11.1, Ethernet1
via 20.0.21.2, Ethernet2
// Overlay 라우팅 테이블
DC2-leaf1#show ip route vrf A bgp
...
B E 172.16.10.0/24 [200/0]
via VTEP 20.2.2.4 VNI 5000 router-mac 00:1c:73:a9:7f:18 local-interface Vxlan1
B E 172.16.20.0/24 [200/0]
via VTEP 20.2.2.4 VNI 5000 router-mac 00:1c:73:a9:7f:18 local-interface Vxlan1
B E 172.16.30.11/32 [200/0]
via VTEP 20.2.2.2 VNI 5000 router-mac 00:1c:73:ae:c9:2a local-interface Vxlan1
B E 172.16.40.11/32 [200/0]
via VTEP 20.2.2.2 VNI 5000 router-mac 00:1c:73:ae:c9:2a local-interface Vxlan1
[border leaf]
라우팅 테이블 (BorderLeaf)
DC1-borderleaf
[DC1-borderleaf]
// Underlay 라우팅 테이블
DC1-borderleaf#show ip route bgp
...
B E 1.1.1.1/32 [200/0]
via 10.0.14.1, Ethernet1
B E 1.1.1.2/32 [200/0]
via 10.0.24.2, Ethernet2
B E 2.1.1.1/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 2.1.1.2/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 10.1.1.1/32 [200/0]
via 10.0.14.1, Ethernet1
via 10.0.24.2, Ethernet2
B E 10.1.1.2/32 [200/0]
via 10.0.14.1, Ethernet1
via 10.0.24.2, Ethernet2
B E 10.2.2.1/32 [200/0]
via 10.0.14.1, Ethernet1
via 10.0.24.2, Ethernet2
B E 10.2.2.2/32 [200/0]
via 10.0.14.1, Ethernet1
via 10.0.24.2, Ethernet2
B E 20.1.1.1/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 20.1.1.2/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 20.1.1.4/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 20.2.2.1/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 20.2.2.2/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
B E 20.2.2.4/32 [200/0]
via 10.123.11.2, Ethernet5
via 10.123.12.2, Ethernet6
// Overlay 라우팅 테이블
DC1-borderleaf#show ip route vrf A bgp
...
B E 172.16.10.10/32 [200/0]
via VTEP 10.2.2.1 VNI 5000 router-mac 00:1c:73:1e:72:06 local-interface Vxlan1
B E 172.16.10.11/32 [200/0]
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:e6:36:c3 local-interface Vxlan1
B E 172.16.10.0/24 [200/0]
via VTEP 10.2.2.1 VNI 5000 router-mac 00:1c:73:1e:72:06 local-interface Vxlan1
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:e6:36:c3 local-interface Vxlan1
B E 172.16.20.10/32 [200/0]
via VTEP 10.2.2.1 VNI 5000 router-mac 00:1c:73:1e:72:06 local-interface Vxlan1
B E 172.16.20.11/32 [200/0]
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:e6:36:c3 local-interface Vxlan1
B E 172.16.20.0/24 [200/0]
via VTEP 10.2.2.1 VNI 5000 router-mac 00:1c:73:1e:72:06 local-interface Vxlan1
via VTEP 10.2.2.2 VNI 5000 router-mac 00:1c:73:e6:36:c3 local-interface Vxlan1
B E 172.16.30.0/24 [200/0]
via VTEP 20.2.2.4 VNI 5000 router-mac 00:1c:73:a9:7f:18 local-interface Vxlan1
B E 172.16.40.0/24 [200/0]
via VTEP 20.2.2.4 VNI 5000 router-mac 00:1c:73:a9:7f:18 local-interface Vxlan1
DC2-borderleaf
[DC2-borderleaf]
// Underlay 라우팅 테이블
DC2-borderleaf#show ip route bgp
...
B E 1.1.1.1/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 1.1.1.2/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 2.1.1.1/32 [200/0]
via 20.0.14.1, Ethernet1
B E 2.1.1.2/32 [200/0]
via 20.0.24.2, Ethernet2
B E 10.1.1.1/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 10.1.1.2/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 10.1.1.4/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 10.2.2.1/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 10.2.2.2/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 10.2.2.4/32 [200/0]
via 10.123.21.2, Ethernet5
via 10.123.22.2, Ethernet6
B E 20.1.1.1/32 [200/0]
via 20.0.14.1, Ethernet1
via 20.0.24.2, Ethernet2
B E 20.1.1.2/32 [200/0]
via 20.0.14.1, Ethernet1
via 20.0.24.2, Ethernet2
B E 20.2.2.1/32 [200/0]
via 20.0.14.1, Ethernet1
via 20.0.24.2, Ethernet2
B E 20.2.2.2/32 [200/0]
via 20.0.14.1, Ethernet1
via 20.0.24.2, Ethernet2
// Overlay 라우팅 테이블
DC2-borderleaf#show ip route vrf A bgp
...
B E 172.16.10.0/24 [200/0]
via VTEP 10.2.2.4 VNI 5000 router-mac 00:1c:73:3a:22:13 local-interface Vxlan1
B E 172.16.20.0/24 [200/0]
via VTEP 10.2.2.4 VNI 5000 router-mac 00:1c:73:3a:22:13 local-interface Vxlan1
B E 172.16.30.10/32 [200/0]
via VTEP 20.2.2.1 VNI 5000 router-mac 00:1c:73:55:1e:e2 local-interface Vxlan1
B E 172.16.30.11/32 [200/0]
via VTEP 20.2.2.2 VNI 5000 router-mac 00:1c:73:ae:c9:2a local-interface Vxlan1
B E 172.16.30.0/24 [200/0]
via VTEP 20.2.2.2 VNI 5000 router-mac 00:1c:73:ae:c9:2a local-interface Vxlan1
via VTEP 20.2.2.1 VNI 5000 router-mac 00:1c:73:55:1e:e2 local-interface Vxlan1
B E 172.16.40.10/32 [200/0]
via VTEP 20.2.2.1 VNI 5000 router-mac 00:1c:73:55:1e:e2 local-interface Vxlan1
B E 172.16.40.11/32 [200/0]
via VTEP 20.2.2.2 VNI 5000 router-mac 00:1c:73:ae:c9:2a local-interface Vxlan1
B E 172.16.40.0/24 [200/0]
via VTEP 20.2.2.2 VNI 5000 router-mac 00:1c:73:ae:c9:2a local-interface Vxlan1
via VTEP 20.2.2.1 VNI 5000 router-mac 00:1c:73:55:1e:e2 local-interface Vxlan1
BGP EVPN 라우트 확인
[spine]
spine 스위치는 fabric 내의 모든 EVPN 경로 정보가 모이는 route-reflector 역할을 수행합니다. 따라서 spine의 BGP 테이블을 확인하면 전체 네트워크의 현황을 파악할 수 있습니다.
- Neighbor 상태: leaf1, leaf2, BorderLeaf와 BGP 세션이 `Estab`(Established) 상태여야 합니다.
- 경로 학습: local(DC1) 경로뿐만 아니라, border leaf를 통해 학습한 remote(DC2) 경로가 보여야 합니다.
- AS Path: DC2에서 넘어온 경로는 AS Path에 `62004`(DC2 border)와 `62001`(DC2 spine) 등이 포함되어 있어 DCI 연동 상태를 증명합니다.
BGP EVPN 라우트(Spine)
DC1-Spine1
[DC1-Spine1]
DC1-spine1#show bgp evpn summary
...
Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
DC1-leaf1 10.1.1.1 4 61002 247 229 0 0 02:59:24 Estab 8 8 14
DC1-leaf2 10.1.1.2 4 61003 240 228 0 0 02:53:55 Estab 8 8 14
DC1-borderleaf 10.1.1.4 4 61004 243 248 0 0 02:58:34 Estab 6 6 16
DC1-spine1#show bgp evpn
...
Network Next Hop Metric LocPref Weight Path
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111 172.16.10.10
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222 172.16.20.10
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 61003 i
* > RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 61003 i
* > RD: 10.1.1.2:20 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 61003 i
* > RD: 10.1.1.2:20 mac-ip 0000.0000.4444 172.16.20.11
10.2.2.2 - 100 0 61003 i
* > RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 61003 i
* > RD: 10.1.1.2:20 imet 10.2.2.2
10.2.2.2 - 100 0 61003 i
* > RD: 10.1.1.4:10 imet 10.2.2.4
10.2.2.4 - 100 0 61004 i
* > RD: 10.1.1.4:20 imet 10.2.2.4
10.2.2.4 - 100 0 61004 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 61003 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.20.0/24
10.2.2.1 - 100 0 61002 i
* > RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24
10.2.2.2 - 100 0 61003 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.30.0/24
10.2.2.4 - 100 0 61004 62004 62001 62002 i
* > RD: 20.1.1.2:5000 ip-prefix 172.16.30.0/24
10.2.2.4 - 100 0 61004 62004 62001 62003 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.40.0/24
10.2.2.4 - 100 0 61004 62004 62001 62002 i
* > RD: 20.1.1.2:5000 ip-prefix 172.16.40.0/24
10.2.2.4 - 100 0 61004 62004 62001 62003 i
DC2-Spine1
[DC2-Spine1]
DC2-spine1#show bgp evpn summary
...
Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
DC2-leaf1 20.1.1.1 4 62002 249 234 0 0 02:54:33 Estab 8 8 14
DC2-leaf2 20.1.1.2 4 62003 253 233 0 0 02:54:34 Estab 8 8 14
DC2-borderleaf 20.1.1.4 4 62004 251 251 0 0 02:54:33 Estab 6 6 16
DC2-spine1#show bgp evpn
...
Network Next Hop Metric LocPref Weight Path
* > RD: 20.1.1.1:30 mac-ip 0000.0000.5555
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.1:30 mac-ip 0000.0000.5555 172.16.30.10
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.1:40 mac-ip 0000.0000.6666
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.1:40 mac-ip 0000.0000.6666 172.16.40.10
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.2:30 mac-ip 0000.0000.7777
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.2:30 mac-ip 0000.0000.7777 172.16.30.11
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.2:40 mac-ip 0000.0000.8888
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.2:40 mac-ip 0000.0000.8888 172.16.40.11
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.1:30 imet 20.2.2.1
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.1:40 imet 20.2.2.1
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.2:30 imet 20.2.2.2
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.2:40 imet 20.2.2.2
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.4:30 imet 20.2.2.4
20.2.2.4 - 100 0 62004 i
* > RD: 20.1.1.4:40 imet 20.2.2.4
20.2.2.4 - 100 0 62004 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
20.2.2.4 - 100 0 62004 61004 61001 61002 i
* > RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
20.2.2.4 - 100 0 62004 61004 61001 61003 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.20.0/24
20.2.2.4 - 100 0 62004 61004 61001 61002 i
* > RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24
20.2.2.4 - 100 0 62004 61004 61001 61003 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.30.0/24
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.2:5000 ip-prefix 172.16.30.0/24
20.2.2.2 - 100 0 62003 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.40.0/24
20.2.2.1 - 100 0 62002 i
* > RD: 20.1.1.2:5000 ip-prefix 172.16.40.0/24
20.2.2.2 - 100 0 62003 i
[leaf]
compute leaf는 자신이 통신해야 할 대상(local 및 remote subnet)의 경로를 올바르게 학습하고 있는지 확인합니다.
- local leaf 간 통신: Leaf2에 있는 호스트(`3333`, `4444`)는 leaf2의 VTEP IP(`10.2.2.2`)를 next-hop으로 가리킵니다.
- remote site 통신: DC2에 있는 subnet(`172.16.30.0/24`, `172.16.40.0/24`)은 border leaf의 VTEP IP(`10.2.2.4`)를 next-hop으로 가리킵니다.
BGP EVPN 라우트(Leaf)
DC1-Leaf1
[DC1-Leaf1]
DC1-leaf1#show bgp evpn summary
...
Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
DC1-spine1 1.1.1.1 4 61001 232 249 0 0 03:01:39 Estab 14 14 14
DC1-spine2 1.1.1.2 4 61001 233 243 0 0 02:56:48 Estab 14 14 16
DC1-leaf1#show bgp evpn
BGP routing table information for VRF default
Router identifier 10.1.1.1, local AS number 61002
Route status codes: * - valid, > - active, S - Stale, E - ECMP head, e - ECMP
c - Contributing to ECMP, % - Pending best path selection
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster List, LL Nexthop - Link Local Nexthop
Network Next Hop Metric LocPref Weight Path
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111
- - - 0 i
* > RD: 10.1.1.1:10 mac-ip 0000.0000.1111 172.16.10.10
- - - 0 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222
- - - 0 i
* > RD: 10.1.1.1:20 mac-ip 0000.0000.2222 172.16.20.10
- - - 0 i
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.2:20 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:20 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.2:20 mac-ip 0000.0000.4444 172.16.20.11
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:20 mac-ip 0000.0000.4444 172.16.20.11
10.2.2.2 - 100 0 61001 61003 i
* > RD: 10.1.1.1:10 imet 10.2.2.1
- - - 0 i
* > RD: 10.1.1.1:20 imet 10.2.2.1
- - - 0 i
* >Ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.2:20 imet 10.2.2.2
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:20 imet 10.2.2.2
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.4:10 imet 10.2.2.4
10.2.2.4 - 100 0 61001 61004 i
* ec RD: 10.1.1.4:10 imet 10.2.2.4
10.2.2.4 - 100 0 61001 61004 i
* >Ec RD: 10.1.1.4:20 imet 10.2.2.4
10.2.2.4 - 100 0 61001 61004 i
* ec RD: 10.1.1.4:20 imet 10.2.2.4
10.2.2.4 - 100 0 61001 61004 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
- - - 0 i
* >Ec RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 61001 61003 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.20.0/24
- - - 0 i
* >Ec RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 20.1.1.1:5000 ip-prefix 172.16.30.0/24
10.2.2.4 - 100 0 61001 61004 62004 62001 62002 i
* ec RD: 20.1.1.1:5000 ip-prefix 172.16.30.0/24
10.2.2.4 - 100 0 61001 61004 62004 62001 62002 i
* >Ec RD: 20.1.1.2:5000 ip-prefix 172.16.30.0/24
10.2.2.4 - 100 0 61001 61004 62004 62001 62003 i
* ec RD: 20.1.1.2:5000 ip-prefix 172.16.30.0/24
10.2.2.4 - 100 0 61001 61004 62004 62001 62003 i
* >Ec RD: 20.1.1.1:5000 ip-prefix 172.16.40.0/24
10.2.2.4 - 100 0 61001 61004 62004 62001 62002 i
* ec RD: 20.1.1.1:5000 ip-prefix 172.16.40.0/24
10.2.2.4 - 100 0 61001 61004 62004 62001 62002 i
* >Ec RD: 20.1.1.2:5000 ip-prefix 172.16.40.0/24
10.2.2.4 - 100 0 61001 61004 62004 62001 62003 i
* ec RD: 20.1.1.2:5000 ip-prefix 172.16.40.0/24
10.2.2.4 - 100 0 61001 61004 62004 62001 62003 i
DC2-Leaf1
[DC2-Leaf1]
DC2-leaf1#show bgp evpn summary
...
Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
DC2-spine1 2.1.1.1 4 62001 237 251 0 0 02:56:50 Estab 14 14 18
DC2-spine2 2.1.1.2 4 62001 245 253 0 0 03:05:26 Estab 14 14 12
DC2-leaf1#show bgp evpn
BGP routing table information for VRF default
Router identifier 20.1.1.1, local AS number 62002
Route status codes: * - valid, > - active, S - Stale, E - ECMP head, e - ECMP
c - Contributing to ECMP, % - Pending best path selection
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster List, LL Nexthop - Link Local Nexthop
Network Next Hop Metric LocPref Weight Path
* > RD: 20.1.1.1:30 mac-ip 0000.0000.5555
- - - 0 i
* > RD: 20.1.1.1:30 mac-ip 0000.0000.5555 172.16.30.10
- - - 0 i
* > RD: 20.1.1.1:40 mac-ip 0000.0000.6666
- - - 0 i
* > RD: 20.1.1.1:40 mac-ip 0000.0000.6666 172.16.40.10
- - - 0 i
* >Ec RD: 20.1.1.2:30 mac-ip 0000.0000.7777
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:30 mac-ip 0000.0000.7777
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.2:30 mac-ip 0000.0000.7777 172.16.30.11
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:30 mac-ip 0000.0000.7777 172.16.30.11
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.2:40 mac-ip 0000.0000.8888
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:40 mac-ip 0000.0000.8888
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.2:40 mac-ip 0000.0000.8888 172.16.40.11
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:40 mac-ip 0000.0000.8888 172.16.40.11
20.2.2.2 - 100 0 62001 62003 i
* > RD: 20.1.1.1:30 imet 20.2.2.1
- - - 0 i
* > RD: 20.1.1.1:40 imet 20.2.2.1
- - - 0 i
* >Ec RD: 20.1.1.2:30 imet 20.2.2.2
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:30 imet 20.2.2.2
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.2:40 imet 20.2.2.2
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:40 imet 20.2.2.2
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.4:30 imet 20.2.2.4
20.2.2.4 - 100 0 62001 62004 i
* ec RD: 20.1.1.4:30 imet 20.2.2.4
20.2.2.4 - 100 0 62001 62004 i
* >Ec RD: 20.1.1.4:40 imet 20.2.2.4
20.2.2.4 - 100 0 62001 62004 i
* ec RD: 20.1.1.4:40 imet 20.2.2.4
20.2.2.4 - 100 0 62001 62004 i
* >Ec RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
20.2.2.4 - 100 0 62001 62004 61004 61001 61002 i
* ec RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
20.2.2.4 - 100 0 62001 62004 61004 61001 61002 i
* >Ec RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
20.2.2.4 - 100 0 62001 62004 61004 61001 61003 i
* ec RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
20.2.2.4 - 100 0 62001 62004 61004 61001 61003 i
* >Ec RD: 10.1.1.1:5000 ip-prefix 172.16.20.0/24
20.2.2.4 - 100 0 62001 62004 61004 61001 61002 i
* ec RD: 10.1.1.1:5000 ip-prefix 172.16.20.0/24
20.2.2.4 - 100 0 62001 62004 61004 61001 61002 i
* >Ec RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24
20.2.2.4 - 100 0 62001 62004 61004 61001 61003 i
* ec RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24
20.2.2.4 - 100 0 62001 62004 61004 61001 61003 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.30.0/24
- - - 0 i
* >Ec RD: 20.1.1.2:5000 ip-prefix 172.16.30.0/24
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:5000 ip-prefix 172.16.30.0/24
20.2.2.2 - 100 0 62001 62003 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.40.0/24
- - - 0 i
* >Ec RD: 20.1.1.2:5000 ip-prefix 172.16.40.0/24
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:5000 ip-prefix 172.16.40.0/24
20.2.2.2 - 100 0 62001 62003 i
DC1-Leaf1 상세 정보
// 172.16.30.0/24 대역 정보
// DC2-leaf1, leaf2 경로 정보 존재
DC1-leaf1#show bgp evpn route-type ip-prefix 172.16.30.0/24 detail
BGP routing table information for VRF default
Router identifier 10.1.1.1, local AS number 61002
BGP routing table entry for ip-prefix 172.16.30.0/24, Route Distinguisher: 20.1.1.1:5000
Paths: 2 available
61001 61004 62004 62001 62002
10.2.2.4 from 1.1.1.1 (1.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:3a:22:13
VNI: 5000
61001 61004 62004 62001 62002
10.2.2.4 from 1.1.1.2 (1.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:3a:22:13
VNI: 5000
BGP routing table entry for ip-prefix 172.16.30.0/24, Route Distinguisher: 20.1.1.2:5000
Paths: 2 available
61001 61004 62004 62001 62003
10.2.2.4 from 1.1.1.1 (1.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:3a:22:13
VNI: 5000
61001 61004 62004 62001 62003
10.2.2.4 from 1.1.1.2 (1.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:3a:22:13
VNI: 5000
DC2-Leaf1 상세 정보
// 172.16.10.0/24 대역 정보
// DC1-leaf1, leaf2 경로 정보 존재
DC2-leaf1#show bgp evpn route-type ip-prefix 172.16.10.0/24 detail
BGP routing table information for VRF default
Router identifier 20.1.1.1, local AS number 62002
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 10.1.1.1:5000
Paths: 2 available
62001 62004 61004 61001 61002
20.2.2.4 from 2.1.1.2 (2.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:a9:7f:18
VNI: 5000
62001 62004 61004 61001 61002
20.2.2.4 from 2.1.1.1 (2.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:a9:7f:18
VNI: 5000
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 10.1.1.2:5000
Paths: 2 available
62001 62004 61004 61001 61003
20.2.2.4 from 2.1.1.2 (2.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:a9:7f:18
VNI: 5000
62001 62004 61004 61001 61003
20.2.2.4 from 2.1.1.1 (2.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:a9:7f:18
VNI: 5000
[border leaf]
border leaf는 DC1과 DC2를 연결하는 DCI gateway로서, Routed L3 환경(각 DC별 독립 서브넷 사용)에서는 경로 타입에 따라 전파 역할이 명확히 구분됩니다.
- Type-2 (MAC-IP): 로컬 도메인 전용 (Local Routing & Bridging)
- 확인 명령어: `show bgp evpn route-type mac-ip xxx detail`
- DC 간 L2 확장(VLAN 연동)을 하지 않으므로, 호스트의 MAC-IP 정보는 DCI 구간을 넘어갈 필요가 없습니다.
- DCI 전파 차단: border leaf는 내부 leaf로부터 type-2 경로를 수신하지만, 외부(Remote DC) 연동을 위한 L2 RT(Route-Target)가 설정되어 있지 않아 원격지로 전파하지 않습니다.
- 결과: type-2 경로는 철저하게 각 데이터센터 내부에서만 유효하며, 로컬 Leaf 간의 스위칭 및 라우팅에만 사용됩니다.
- Type-5 (IP-Prefix): 데이터센터 간 라우팅 (Inter-DC Routing)
- 확인 명령어: `show bgp evpn route-type ip-prefix xxx detail`
- L3 라우팅 정보는 효율성을 위해 Border Leaf가 경로를 소유하지 않고 중계 역할만 합니다.
- 동작 원리:
- 물리적으로 분리된 서로 다른 서브넷(예: DC1의 `10.x`, DC2의 `30.x`) 간 L3 통신을 지원합니다.
- 대규모 라우팅 환경에서의 효율성을 위해, border leaf는 경로를 재생성(re-originate)하지 않고 원본 경로의 속성을 유지한 채 중계(Pass-through)하는 역할을 수행합니다.
- 상세 동작
- 수신 (Remote → Border)
- 원격지(DC2) border leaf로부터 수신한 라우팅 테이블(`remote` 키워드 및 `from 20.1.1.4` 표시)을 확인 시, RD(`20.1.1.1:5000`)와 RT(`62000:5000`)가 DC2 원본 Leaf의 값 그대로 유지되어 도착합니다.
- DCI 구간 전용 공통 RT(`1000:5000`)로 변환되지 않으며, 경로의 오리지널 출처 정보를 보존합니다.
- 내부 전파 (Border → Local)
- Border Leaf는 외부에서 수신한 정보를 내부 Spine/Leaf로 전파하기 위해 로컬 BGP 테이블에 새롭게 등록합니다. (`from - (0.0.0.0)` 표시)
- 이때도 속성을 변환하지 않고 원본 RT(62000:5000)를 그대로 달아서 내부로 광고합니다.
- Routed L3 환경에서는 서브넷 중복이 없으므로 이 type-5 정보는 충돌 없이 Best Path로 선정되며, 로컬 Leaf 스위치들이 상대방의 RT(`import 62000:5000`)를 수용하도록 설정되어 있어 최종적으로 각 단말 간 자유로운 L3 라우팅이 완성됩니다.
- 수신 (Remote → Border)
BGP EVPN 라우트(BorderLeaf)
DC1-borderleaf 상세 정보
// 172.16.10.0/24 대역 정보
DC1-borderleaf#show bgp evpn route-type ip-prefix 172.16.10.0/24 detail
BGP routing table information for VRF default
Router identifier 10.1.1.4, local AS number 61004
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 10.1.1.1:5000
Paths: 2 available
61001 61002
10.2.2.1 from 1.1.1.1 (1.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:1e:72:06
VNI: 5000
61001 61002
10.2.2.1 from 1.1.1.2 (1.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:1e:72:06
VNI: 5000
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 10.1.1.2:5000
Paths: 2 available
61001 61003
10.2.2.2 from 1.1.1.2 (1.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:e6:36:c3
VNI: 5000
61001 61003
10.2.2.2 from 1.1.1.1 (1.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:e6:36:c3
VNI: 5000
// DC2-borderleaf로 보내는 정보
BGP routing table entry for ip-prefix 172.16.10.0/24 remote, Route Distinguisher: 10.1.1.1:5000
Paths: 2 available
61001 61002
10.2.2.1 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:1e:72:06
VNI: 5000
61001 61002
10.2.2.1 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:1e:72:06
VNI: 5000
BGP routing table entry for ip-prefix 172.16.10.0/24 remote, Route Distinguisher: 10.1.1.2:5000
Paths: 2 available
61001 61003
10.2.2.2 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:e6:36:c3
VNI: 5000
61001 61003
10.2.2.2 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:e6:36:c3
VNI: 5000
// 172.16.30.0/24 대역 정보
DC1-borderleaf#show bgp evpn route-type ip-prefix 172.16.30.0/24 detail
BGP routing table information for VRF default
Router identifier 10.1.1.4, local AS number 61004
// 내부 전파를 위한 정보
BGP routing table entry for ip-prefix 172.16.30.0/24, Route Distinguisher: 20.1.1.1:5000
Paths: 1 available
62004 62001 62002
20.2.2.4 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:a9:7f:18
VNI: 5000
BGP routing table entry for ip-prefix 172.16.30.0/24, Route Distinguisher: 20.1.1.2:5000
Paths: 1 available
62004 62001 62003
20.2.2.4 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:a9:7f:18
VNI: 5000
// DC2-borderleaf로 부터 받은 정보
BGP routing table entry for ip-prefix 172.16.30.0/24 remote, Route Distinguisher: 20.1.1.1:5000
Paths: 1 available
62004 62001 62002
20.2.2.4 from 20.1.1.4 (20.1.1.4)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:a9:7f:18
VNI: 5000
BGP routing table entry for ip-prefix 172.16.30.0/24 remote, Route Distinguisher: 20.1.1.2:5000
Paths: 1 available
62004 62001 62003
20.2.2.4 from 20.1.1.4 (20.1.1.4)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:a9:7f:18
VNI: 5000
DC2-borderleaf 상세 정보
// 172.16.30.0/24 대역 정보
DC2-borderleaf#show bgp evpn route-type ip-prefix 172.16.30.0/24 detail
BGP routing table information for VRF default
Router identifier 20.1.1.4, local AS number 62004
BGP routing table entry for ip-prefix 172.16.30.0/24, Route Distinguisher: 20.1.1.1:5000
Paths: 2 available
62001 62002
20.2.2.1 from 2.1.1.2 (2.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:55:1e:e2
VNI: 5000
62001 62002
20.2.2.1 from 2.1.1.1 (2.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:55:1e:e2
VNI: 5000
BGP routing table entry for ip-prefix 172.16.30.0/24, Route Distinguisher: 20.1.1.2:5000
Paths: 2 available
62001 62003
20.2.2.2 from 2.1.1.2 (2.1.1.2)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:ae:c9:2a
VNI: 5000
62001 62003
20.2.2.2 from 2.1.1.1 (2.1.1.1)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:ae:c9:2a
VNI: 5000
BGP routing table entry for ip-prefix 172.16.30.0/24 remote, Route Distinguisher: 20.1.1.1:5000
Paths: 2 available
62001 62002
20.2.2.1 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:55:1e:e2
VNI: 5000
62001 62002
20.2.2.1 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:55:1e:e2
VNI: 5000
BGP routing table entry for ip-prefix 172.16.30.0/24 remote, Route Distinguisher: 20.1.1.2:5000
Paths: 2 available
62001 62003
20.2.2.2 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP head, ECMP, best, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:ae:c9:2a
VNI: 5000
62001 62003
20.2.2.2 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, ECMP, ECMP contributor
Extended Community: Route-Target-AS:62000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:ae:c9:2a
VNI: 5000
// 172.16.10.0/24 대역 정보
DC2-borderleaf#show bgp evpn route-type ip-prefix 172.16.10.0/24 detail
BGP routing table information for VRF default
Router identifier 20.1.1.4, local AS number 62004
// 내부 전파를 위한 정보
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 10.1.1.1:5000
Paths: 1 available
61004 61001 61002
10.2.2.4 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:3a:22:13
VNI: 5000
BGP routing table entry for ip-prefix 172.16.10.0/24, Route Distinguisher: 10.1.1.2:5000
Paths: 1 available
61004 61001 61003
10.2.2.4 from - (0.0.0.0)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:3a:22:13
VNI: 5000
// DC1-borderleaf로 부터 받은 정보
BGP routing table entry for ip-prefix 172.16.10.0/24 remote, Route Distinguisher: 10.1.1.1:5000
Paths: 1 available
61004 61001 61002
10.2.2.4 from 10.1.1.4 (10.1.1.4)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:3a:22:13
VNI: 5000
BGP routing table entry for ip-prefix 172.16.10.0/24 remote, Route Distinguisher: 10.1.1.2:5000
Paths: 1 available
61004 61001 61003
10.2.2.4 from 10.1.1.4 (10.1.1.4)
Origin IGP, metric -, localpref 100, weight 0, tag 0, valid, external, best
Extended Community: Route-Target-AS:61000:5000 TunnelEncap:tunnelTypeVxlan EvpnRouterMac:00:1c:73:3a:22:13
VNI: 5000
DC1-borderleaf
[DC1-borderleaf]
DC1-borderleaf#show bgp evpn summary
BGP summary information for VRF default
Router identifier 10.1.1.4, local AS number 61004
Neighbor Status Codes: m - Under maintenance
Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
DC1-spine1 1.1.1.1 4 61001 266 261 0 0 03:14:20 Estab 16 16 18
DC1-spine2 1.1.1.2 4 61001 259 244 0 0 03:10:19 Estab 16 16 10
DC2-borderleaf 20.1.1.4 4 62004 238 240 0 0 03:14:16 Estab 4 4 4
DC1-borderleaf#show bgp evpn route-type imet
BGP routing table information for VRF default
Router identifier 10.1.1.4, local AS number 61004
Route status codes: * - valid, > - active, S - Stale, E - ECMP head, e - ECMP
c - Contributing to ECMP, % - Pending best path selection
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster List, LL Nexthop - Link Local Nexthop
Network Next Hop Metric LocPref Weight Path
* >Ec RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 61001 61002 i
* ec RD: 10.1.1.1:10 imet 10.2.2.1
10.2.2.1 - 100 0 61001 61002 i
* >Ec RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 61001 61002 i
* ec RD: 10.1.1.1:20 imet 10.2.2.1
10.2.2.1 - 100 0 61001 61002 i
* >Ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:10 imet 10.2.2.2
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.2:20 imet 10.2.2.2
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:20 imet 10.2.2.2
10.2.2.2 - 100 0 61001 61003 i
* > RD: 10.1.1.4:10 imet 10.2.2.4
- - - 0 i
* > RD: 10.1.1.4:20 imet 10.2.2.4
- - - 0 i
DC1-borderleaf#show bgp evpn route-type mac-ip
...
Network Next Hop Metric LocPref Weight Path
* >Ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 61001 61002 i
* ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111
10.2.2.1 - 100 0 61001 61002 i
* >Ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111 172.16.10.10
10.2.2.1 - 100 0 61001 61002 i
* ec RD: 10.1.1.1:10 mac-ip 0000.0000.1111 172.16.10.10
10.2.2.1 - 100 0 61001 61002 i
* >Ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 61001 61002 i
* ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222
10.2.2.1 - 100 0 61001 61002 i
* >Ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222 172.16.20.10
10.2.2.1 - 100 0 61001 61002 i
* ec RD: 10.1.1.1:20 mac-ip 0000.0000.2222 172.16.20.10
10.2.2.1 - 100 0 61001 61002 i
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:10 mac-ip 0000.0000.3333 172.16.10.11
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.2:20 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:20 mac-ip 0000.0000.4444
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.2:20 mac-ip 0000.0000.4444 172.16.20.11
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:20 mac-ip 0000.0000.4444 172.16.20.11
10.2.2.2 - 100 0 61001 61003 i
============================
DC1-borderleaf#show bgp evpn route-type ip-prefix
...
Network Next Hop Metric LocPref Weight Path
* >Ec RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
10.2.2.1 - 100 0 61001 61002 i
* ec RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
10.2.2.1 - 100 0 61001 61002 i
* >Ec RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.1:5000 ip-prefix 172.16.20.0/24
10.2.2.1 - 100 0 61001 61002 i
* ec RD: 10.1.1.1:5000 ip-prefix 172.16.20.0/24
10.2.2.1 - 100 0 61001 61002 i
* >Ec RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24
10.2.2.2 - 100 0 61001 61003 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.30.0/24
20.2.2.4 - 100 0 62004 62001 62002 i
* > RD: 20.1.1.2:5000 ip-prefix 172.16.30.0/24
20.2.2.4 - 100 0 62004 62001 62003 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.40.0/24
20.2.2.4 - 100 0 62004 62001 62002 i
* > RD: 20.1.1.2:5000 ip-prefix 172.16.40.0/24
20.2.2.4 - 100 0 62004 62001 62003 i
* >Ec RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24 remote
10.2.2.1 - 100 0 61001 61002 i
* ec RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24 remote
10.2.2.1 - 100 0 61001 61002 i
* >Ec RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24 remote
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24 remote
10.2.2.2 - 100 0 61001 61003 i
* >Ec RD: 10.1.1.1:5000 ip-prefix 172.16.20.0/24 remote
10.2.2.1 - 100 0 61001 61002 i
* ec RD: 10.1.1.1:5000 ip-prefix 172.16.20.0/24 remote
10.2.2.1 - 100 0 61001 61002 i
* >Ec RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24 remote
10.2.2.2 - 100 0 61001 61003 i
* ec RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24 remote
10.2.2.2 - 100 0 61001 61003 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.30.0/24 remote
20.2.2.4 - 100 0 62004 62001 62002 i
* > RD: 20.1.1.2:5000 ip-prefix 172.16.30.0/24 remote
20.2.2.4 - 100 0 62004 62001 62003 i
* > RD: 20.1.1.1:5000 ip-prefix 172.16.40.0/24 remote
20.2.2.4 - 100 0 62004 62001 62002 i
* > RD: 20.1.1.2:5000 ip-prefix 172.16.40.0/24 remote
20.2.2.4 - 100 0 62004 62001 62003 i
DC2-borderleaf
[DC2-borderleaf]
DC2-borderleaf#show bgp evpn summary
BGP summary information for VRF default
Router identifier 20.1.1.4, local AS number 62004
Neighbor Status Codes: m - Under maintenance
Neighbor Status Codes: m - Under maintenance
Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc PfxAdv
DC2-spine1 2.1.1.1 4 62001 269 269 0 0 03:10:20 Estab 16 16 20
DC2-spine2 2.1.1.2 4 62001 275 253 0 0 03:14:14 Estab 16 16 8
DC1-borderleaf 10.1.1.4 4 61004 240 238 0 0 03:14:18 Estab 4 4 4
DC2-borderleaf#show bgp evpn route-type imet
BGP routing table information for VRF default
Router identifier 20.1.1.4, local AS number 62004
Route status codes: * - valid, > - active, S - Stale, E - ECMP head, e - ECMP
c - Contributing to ECMP, % - Pending best path selection
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster List, LL Nexthop - Link Local Nexthop
Network Next Hop Metric LocPref Weight Path
* >Ec RD: 20.1.1.1:30 imet 20.2.2.1
20.2.2.1 - 100 0 62001 62002 i
* ec RD: 20.1.1.1:30 imet 20.2.2.1
20.2.2.1 - 100 0 62001 62002 i
* >Ec RD: 20.1.1.1:40 imet 20.2.2.1
20.2.2.1 - 100 0 62001 62002 i
* ec RD: 20.1.1.1:40 imet 20.2.2.1
20.2.2.1 - 100 0 62001 62002 i
* >Ec RD: 20.1.1.2:30 imet 20.2.2.2
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:30 imet 20.2.2.2
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.2:40 imet 20.2.2.2
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:40 imet 20.2.2.2
20.2.2.2 - 100 0 62001 62003 i
* > RD: 20.1.1.4:30 imet 20.2.2.4
- - - 0 i
* > RD: 20.1.1.4:40 imet 20.2.2.4
- - - 0 i
DC2-borderleaf#show bgp evpn route-type mac-ip
...
Network Next Hop Metric LocPref Weight Path
* >Ec RD: 20.1.1.1:30 mac-ip 0000.0000.5555
20.2.2.1 - 100 0 62001 62002 i
* ec RD: 20.1.1.1:30 mac-ip 0000.0000.5555
20.2.2.1 - 100 0 62001 62002 i
* >Ec RD: 20.1.1.1:30 mac-ip 0000.0000.5555 172.16.30.10
20.2.2.1 - 100 0 62001 62002 i
* ec RD: 20.1.1.1:30 mac-ip 0000.0000.5555 172.16.30.10
20.2.2.1 - 100 0 62001 62002 i
* >Ec RD: 20.1.1.1:40 mac-ip 0000.0000.6666
20.2.2.1 - 100 0 62001 62002 i
* ec RD: 20.1.1.1:40 mac-ip 0000.0000.6666
20.2.2.1 - 100 0 62001 62002 i
* >Ec RD: 20.1.1.1:40 mac-ip 0000.0000.6666 172.16.40.10
20.2.2.1 - 100 0 62001 62002 i
* ec RD: 20.1.1.1:40 mac-ip 0000.0000.6666 172.16.40.10
20.2.2.1 - 100 0 62001 62002 i
* >Ec RD: 20.1.1.2:30 mac-ip 0000.0000.7777
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:30 mac-ip 0000.0000.7777
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.2:30 mac-ip 0000.0000.7777 172.16.30.11
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:30 mac-ip 0000.0000.7777 172.16.30.11
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.2:40 mac-ip 0000.0000.8888
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:40 mac-ip 0000.0000.8888
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.2:40 mac-ip 0000.0000.8888 172.16.40.11
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:40 mac-ip 0000.0000.8888 172.16.40.11
20.2.2.2 - 100 0 62001 62003 i
============================
DC2-borderleaf#show bgp evpn route-type ip-prefix
...
Network Next Hop Metric LocPref Weight Path
* > RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24
10.2.2.4 - 100 0 61004 61001 61002 i
* > RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24
10.2.2.4 - 100 0 61004 61001 61003 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.20.0/24
10.2.2.4 - 100 0 61004 61001 61002 i
* > RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24
10.2.2.4 - 100 0 61004 61001 61003 i
* >Ec RD: 20.1.1.1:5000 ip-prefix 172.16.30.0/24
20.2.2.1 - 100 0 62001 62002 i
* ec RD: 20.1.1.1:5000 ip-prefix 172.16.30.0/24
20.2.2.1 - 100 0 62001 62002 i
* >Ec RD: 20.1.1.2:5000 ip-prefix 172.16.30.0/24
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:5000 ip-prefix 172.16.30.0/24
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.1:5000 ip-prefix 172.16.40.0/24
20.2.2.1 - 100 0 62001 62002 i
* ec RD: 20.1.1.1:5000 ip-prefix 172.16.40.0/24
20.2.2.1 - 100 0 62001 62002 i
* >Ec RD: 20.1.1.2:5000 ip-prefix 172.16.40.0/24
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:5000 ip-prefix 172.16.40.0/24
20.2.2.2 - 100 0 62001 62003 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.10.0/24 remote
10.2.2.4 - 100 0 61004 61001 61002 i
* > RD: 10.1.1.2:5000 ip-prefix 172.16.10.0/24 remote
10.2.2.4 - 100 0 61004 61001 61003 i
* > RD: 10.1.1.1:5000 ip-prefix 172.16.20.0/24 remote
10.2.2.4 - 100 0 61004 61001 61002 i
* > RD: 10.1.1.2:5000 ip-prefix 172.16.20.0/24 remote
10.2.2.4 - 100 0 61004 61001 61003 i
* >Ec RD: 20.1.1.1:5000 ip-prefix 172.16.30.0/24 remote
20.2.2.1 - 100 0 62001 62002 i
* ec RD: 20.1.1.1:5000 ip-prefix 172.16.30.0/24 remote
20.2.2.1 - 100 0 62001 62002 i
* >Ec RD: 20.1.1.2:5000 ip-prefix 172.16.30.0/24 remote
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:5000 ip-prefix 172.16.30.0/24 remote
20.2.2.2 - 100 0 62001 62003 i
* >Ec RD: 20.1.1.1:5000 ip-prefix 172.16.40.0/24 remote
20.2.2.1 - 100 0 62001 62002 i
* ec RD: 20.1.1.1:5000 ip-prefix 172.16.40.0/24 remote
20.2.2.1 - 100 0 62001 62002 i
* >Ec RD: 20.1.1.2:5000 ip-prefix 172.16.40.0/24 remote
20.2.2.2 - 100 0 62001 62003 i
* ec RD: 20.1.1.2:5000 ip-prefix 172.16.40.0/24 remote
20.2.2.2 - 100 0 62001 62003 i
Ping 테스트
Ping 테스트
host1#ping 172.16.10.11
PING 172.16.10.11 (172.16.10.11) 72(100) bytes of data.
80 bytes from 172.16.10.11: icmp_seq=1 ttl=64 time=34.6 ms
80 bytes from 172.16.10.11: icmp_seq=2 ttl=64 time=11.4 ms
host1#ping 172.16.20.10
PING 172.16.20.10 (172.16.20.10) 72(100) bytes of data.
80 bytes from 172.16.20.10: icmp_seq=1 ttl=63 time=6.83 ms
80 bytes from 172.16.20.10: icmp_seq=2 ttl=63 time=7.60 ms
host1#ping 172.16.20.11
PING 172.16.20.11 (172.16.20.11) 72(100) bytes of data.
80 bytes from 172.16.20.11: icmp_seq=1 ttl=62 time=20.0 ms
80 bytes from 172.16.20.11: icmp_seq=2 ttl=62 time=9.23 ms
host1#ping 172.16.30.10
PING 172.16.30.10 (172.16.30.10) 72(100) bytes of data.
80 bytes from 172.16.30.10: icmp_seq=1 ttl=60 time=51.9 ms
80 bytes from 172.16.30.10: icmp_seq=2 ttl=60 time=36.7 ms
host1#ping 172.16.30.11
PING 172.16.30.11 (172.16.30.11) 72(100) bytes of data.
80 bytes from 172.16.30.11: icmp_seq=1 ttl=60 time=15.5 ms
80 bytes from 172.16.30.11: icmp_seq=2 ttl=60 time=20.2 ms
host1#ping 172.16.40.10
PING 172.16.40.10 (172.16.40.10) 72(100) bytes of data.
80 bytes from 172.16.40.10: icmp_seq=1 ttl=60 time=41.8 ms
80 bytes from 172.16.40.10: icmp_seq=2 ttl=60 time=14.9 ms
host1#ping 172.16.40.11
PING 172.16.40.11 (172.16.40.11) 72(100) bytes of data.
80 bytes from 172.16.40.11: icmp_seq=1 ttl=60 time=28.1 ms
80 bytes from 172.16.40.11: icmp_seq=2 ttl=60 time=25.4 ms
[참고 사이트]
Arista_VXLAN BGP EVPN Multi-Site.pdf
1.97MB
[Config]
github: vxlan-evpn_multi-site_routed-L3
'Routing > VXLAN-EVPN' 카테고리의 다른 글
| [EVPN] Multi-Site 환경 VXLAN-EVPN 설계 및 실습 (Stretched L2) (0) | 2026.03.17 |
|---|---|
| [EVPN] VXLAN-EVPN 이중화와 Failover 구조 - 멀티호밍 (Multi-homing) (0) | 2026.03.10 |
| [EVPN] VXLAN-EVPN 연동 실습#4 - EVPN Overlay L3VPN 연동 (멑티 테넌트) (0) | 2026.03.03 |
| [EVPN] VXLAN-EVPN 연동 실습#3 - EVPN Overlay L3VPN 연동 (단일 테넌트) (0) | 2026.01.31 |
| [EVPN] VXLAN-EVPN 연동 실습#2 - EVPN Overlay L2VPN 연동 (단일 테넌트) (0) | 2026.01.24 |
