Juniper - "Centrally-Routed Bridging Overlay" - Part 2 - Overlay

Nachdem das Underlay-Netzwerk eingerichtet wurde, muss jetzt zur EVPN-Signalisierung das Overlay-Netzwerk konfiguriert werden. Juniper greift hierfür auf iBGP zurück. Für iBGP muss eine Vollvermaschung aller BGP-Sessions konfiguriert werden. Dies skaliert nur bedingt. Um Konfigurationen und Routingtabellen klein zu halten, werden beide Spines als Routereflectoren für die Leafs konfiguriert. Folgende Topologie wird konfiguriert:

Overlay einrichten

Die Spines werden als Route Reflectoren eingerichten, zwischen den Leafs und Spines wird iBGP eingerichtet, um die EVPN-Signalisierung zu gewährleisten. Mit Hilfe des multipath Statements wird Loadbalancing aktiviert.

Spine01

edit protocols bgp group OVERLAY
set description "Overlay Network"
set type internal
set local-address 192.168.0.1
set family evpn signaling
set cluster 192.168.0.1
set multipath

set neighbor 192.168.1.1 description "Leaf01"
set neighbor 192.168.1.1 authentication-key password

set neighbor 192.168.1.2 description "Leaf02"
set neighbor 192.168.1.2 authentication-key password

set neighbor 192.168.1.3 description "Leaf03"
set neighbor 192.168.1.3 authentication-key password

set neighbor 192.168.1.4 description "Leaf04"
set neighbor 192.168.1.4 authentication-key password

set bfd-liveness-detection minimum-interval 350
set bfd-liveness-detection multiplier 3
set bfd-liveness-detection session-mode automatic

up

edit group OVERLAY-RR-Mesh
set description "Route Reflector Overlay"
set type internal
set local-address 192.168.0.1
set family evpn signaling

set neighbor 192.168.0.2 description "Spine01"
set neighbor 192.168.0.2 authentication-key password

set bfd-liveness-detection minimum-interval 350
set bfd-liveness-detection multiplier 3
set bfd-liveness-detection session-mode automatic

top

set routing-options autonomous-system 65000

commit

Spine02

edit protocols bgp group OVERLAY
set description "Overlay Network"
set type internal
set local-address 192.168.0.2
set family evpn signaling
set cluster 192.168.0.2
set multipath

set neighbor 192.168.1.1 description "Leaf01"
set neighbor 192.168.1.1 authentication-key password

set neighbor 192.168.1.2 description "Leaf02"
set neighbor 192.168.1.2 authentication-key password

set neighbor 192.168.1.3 description "Leaf03"
set neighbor 192.168.1.3 authentication-key password

set neighbor 192.168.1.4 description "Leaf04"
set neighbor 192.168.1.4 authentication-key password

set bfd-liveness-detection minimum-interval 350
set bfd-liveness-detection multiplier 3
set bfd-liveness-detection session-mode automatic

up

edit group OVERLAY-RR-Mesh
set description "Route Reflector Overlay"
set type internal
set local-address 192.168.0.2
set family evpn signaling

set neighbor 192.168.0.1 description "Spine02"
set neighbor 192.168.0.1 authentication-key password

set bfd-liveness-detection minimum-interval 350
set bfd-liveness-detection multiplier 3
set bfd-liveness-detection session-mode automatic

top

set routing-options autonomous-system 65000

commit

Leaf01

edit protocols bgp group OVERLAY
set description "Overlay Network"
set type internal
set local-address 192.168.1.1
set family evpn signaling


set neighbor 192.168.0.1 description "Spine01"
set neighbor 192.168.0.1 authentication-key password

set neighbor 192.168.0.2 description "Spine02"
set neighbor 192.168.0.2 authentication-key password

set bfd-liveness-detection minimum-interval 350
set bfd-liveness-detection multiplier 3
set bfd-liveness-detection session-mode automatic

top

set routing-options autonomous-system 65000

commit

Leaf02

edit protocols bgp group OVERLAY
set description "Overlay Network"
set type internal
set local-address 192.168.1.2
set family evpn signaling

set neighbor 192.168.0.1 description "Spine01"
set neighbor 192.168.0.1 authentication-key password

set neighbor 192.168.0.2 description "Spine02"
set neighbor 192.168.0.2 authentication-key password

set bfd-liveness-detection minimum-interval 350
set bfd-liveness-detection multiplier 3
set bfd-liveness-detection session-mode automatic

top

set routing-options autonomous-system 65000

commit

Leaf03

edit protocols bgp group OVERLAY
set description "Overlay Network"
set type internal
set local-address 192.168.1.3
set family evpn signaling

set neighbor 192.168.0.1 description "Spine01"
set neighbor 192.168.0.1 authentication-key password

set neighbor 192.168.0.2 description "Spine02"
set neighbor 192.168.0.2 authentication-key password

set bfd-liveness-detection minimum-interval 350
set bfd-liveness-detection multiplier 3
set bfd-liveness-detection session-mode automatic

top

set routing-options autonomous-system 65000

commit

Leaf04

edit protocols bgp group OVERLAY
set description "Overlay Network"
set type internal
set local-address 192.168.1.4
set family evpn signaling

set neighbor 192.168.0.1 description "Spine01"
set neighbor 192.168.0.1 authentication-key password

set neighbor 192.168.0.2 description "Spine02"
set neighbor 192.168.0.2 authentication-key password

set bfd-liveness-detection minimum-interval 350
set bfd-liveness-detection multiplier 3
set bfd-liveness-detection session-mode automatic

top

set routing-options autonomous-system 65000

commit

show Befehle

Es wird geprüft ob die iBGP-Sessions aufgebaut sind:

root@Leaf01# run show bgp summary
Threading mode: BGP I/O
Groups: 2 Peers: 4 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0
10 8 0 0 0 0
bgp.evpn.0
0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
192.168.0.1 65000 24 24 0 0 10:10 Establ
bgp.evpn.0: 0/0/0/0
192.168.0.2 65000 25 24 0 0 10:06 Establ
bgp.evpn.0: 0/0/0/0
192.168.10.2 65101 12 12 0 19832 10 Establ
inet.0: 4/5/5/0
192.168.10.4 65102 31 24 0 25391 47 Establ
inet.0: 4/5/5/0
root@Spine01# run show bgp summary
Threading mode: BGP I/O
Groups: 3 Peers: 9 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0
20 8 0 0 0 0
bgp.evpn.0
0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
192.168.0.2 65000 1486 1494 0 3 11:11:39 Establ
bgp.evpn.0: 0/0/0/0
192.168.1.1 65000 43 41 0 0 18:02 Establ
bgp.evpn.0: 0/0/0/0
192.168.1.2 65000 33 32 0 0 13:49 Establ
bgp.evpn.0: 0/0/0/0
192.168.1.3 65000 7 5 0 0 2:11 Establ
bgp.evpn.0: 0/0/0/0
192.168.1.4 65000 3 2 0 0 9 Establ
bgp.evpn.0: 0/0/0/0
192.168.10.3 65201 17 19 0 19813 23 Establ
inet.0: 2/5/5/0
192.168.10.7 65202 21 25 0 18796 30 Establ
inet.0: 2/5/5/0
192.168.10.11 65203 21 26 0 11161 31 Establ
inet.0: 2/5/5/0
192.168.10.15 65204 14 14 0 17951 15 Establ
inet.0: 2/5/5/0

Damit ist das Overlay eingerichtet.

Konfiguration – Blöcke

root@Spine01# show routing-options
forwarding-table {
  export pfe-ecmp;
 }

autonomous-system 65000;

root@Spine01# show protocols bgp group OVERLAY
 type internal;
 description "Overlay Network";
 local-address 192.168.0.1;
 family evpn {
  signaling;
 }
 cluster 192.168.0.1;
 multipath;
 bfd-liveness-detection {
  minimum-interval 350;
  multiplier 3;
  session-mode automatic;
  }
 neighbor 192.168.1.1 {
  description Leaf01;
  authentication-key "$9$ETWhlM8LNbYoxNGik.zFBIEhrv"; ## SECRET-DATA
 }
 neighbor 192.168.1.2 {
  description Leaf02;
  authentication-key "$9$ZwGHmf5F/A0QFIcylLX4aZGi."; ## SECRET-DATA
 }
 neighbor 192.168.1.3 {
  description Leaf03;
  authentication-key "$9$3DnRnA0B1hrK8Rh7VwYZGTz3nCu"; ## SECRET-DATA
 }
 neighbor 192.168.1.4 {
  description Leaf04;
 authentication-key "$9$ScJyvLx7VY4Z-Vjqmfn6RhSyK8"; ## SECRET-DATA
 }