EVPN VXLAN Configuration on Asterfusion Virtual SONiC Switch (vAsterNOS)
- 1 Purpose
- 2 vAsterNOS introduction
- 3 EVPN VXLAN introduction
- 4 EVPN VXLAN typical scenario configuration
- 4.1 Requirements
- 4.2 Topology
- 4.3 Test environment
- 4.4 Device interconnection IP
- 4.5 Preparation before testing
- 4.6 Configuration steps
- 4.7 Verify network configuration
- 5 Conclusion
- Asterfusion CX-N data center switches as the links below
1 Purpose
This article mainly introduces the configuration implementation of EVPN VXLAN scenarios in Asterfusion virtual SONiC switch (vAsterNOS). By reading this article, users can quickly understand and master the configuration method of EVPN VXLAN in Asterfusion SONiC switch.
2 vAsterNOS introduction
vAsterNOS is a virtual operating system for sonic switches launched by Asterfusion. It inherits all the software features of AsterNOS and can run in network virtualization software such as GNS3 and EVE-NG. Users can better understand the characteristics of Asterfusion enterprise SONiC switches by using vAsterNOS, thereby providing strong support for building an efficient and stable network.
For information about setting up the usage environment of vAsterNOS, please read:
Asterfusion Virtual SONiC Switch Instructions
3 EVPN VXLAN introduction
VXLAN (Virtual eXtensible Local Area Network) technology is an extension of VLAN and is defined by IETF in RFC7348. VXLAN uses MAC in UDP (User Datagram Protocol) encapsulation method and is a network virtualization technology in NVO3 (Network Virtualization over Layer 3).
EVPN (Ethernet VPN) is the control plane of VXLAN. EVPN defines several new BGP EVPN routes by extending the BGP protocol, and implements VTEP automatic discovery, host address learning and other behaviors by publishing EVPN routes in the network. EVPN defines five routing types, of which Type1 to Type4 are defined in RFC7432, and Type5 is defined in subsequent drafts.
4 EVPN VXLAN typical scenario configuration
4.1 Requirements
The user’s data center currently has two subnets, with a total of four VMs deployed on two Leaf switches. VM-A1, VM-A2, and VM-B1 are deployed on Leaf1, and VM-A3 is deployed on Leaf2. A1, A2 and A3 are on the same network segment, and B1 is on another network segment. It is now required to implement intercommunication between VMs through BGP EVPN VXLAN.
4.2 Topology
4.3 Test environment
This configuration example is implemented using Asterfusion virtual SONiC switch (vAsterNOS), so a virtual environment running vAsterNOS is required. For specific environment construction, please refer to the relevant links in Chapter 2 of this article.
4.4 Device interconnection IP
|
4.5 Preparation before testing
Make sure that each vAsterNOS and VM device is online correctly and connected correctly according to the topology.
4.6 Configuration steps
Step 1
Modify the mac addresses of leaf1, leaf2, and spine devices. Since the initial mac addresses are the same, you must modify the mac addresses before configuring the service. Only then can functions such as EVPN VXLAN operate normally. Here, modify the device addresses of leaf1 and leaf2 respectively so that the mac addresses of the three devices are different.
sonic# system bash
admin@sonic:~$ sudo vi /etc/sonic/config_db.json
Modify the following location.
Reload the configuration and exit system bash.
admin@sonic:~$ sudo config reload -yf
admin@sonic:~$ exit
Step 2
Configure the VLAN and its member ports, and configure the IP of each port (the IP of the gateway of the VM under the same VNI must be consistent).
Spine
sonic# configure terminal
sonic(config)# interface ethernet 0/0
sonic(config-if-0/0)# ip address 11.11.11.2/24
sonic(config)# interface ethernet 0/1
sonic(config-if-0/1)# ip address 22.22.22.2/24
Leaf1
sonic# configure terminal
sonic(config)# interface ethernet 0/0
sonic(config-if-0/0)# ip address 11.11.11.1/24
sonic# configure terminal
sonic(config)# vlan 100
sonic(config)# vlan 200
sonic(config)# interface vlan 100
sonic(config-vlanif-100)# ip address 100.0.0.1/24
sonic(config)# interface vlan 200
sonic(config-vlanif-200)# ip address 200.0.0.1/24
sonic# configure terminal
sonic(config)# interface ethernet 0/1
sonic(config-if-0/1)# switchport
sonic(config-if-0/1)# switchport access vlan 100
sonic(config)# interface ethernet 0/2
sonic(config-if-0/2)# switchport
sonic(config-if-0/2)# switchport access vlan 100
sonic(config)# interface ethernet 0/3
sonic(config-if-0/3)# switchport
sonic(config-if-0/3)# switchport access vlan 200
Leaf2
sonic# configure terminal
sonic(config)# interface ethernet 0/0
sonic(config-if-0/0)# ip address 22.22.22.1/24
sonic# configure terminal
sonic(config)# vlan 300
sonic(config)# interface vlan 300
sonic(config-vlanif-300)# ip address 100.0.0.1/24
sonic# configure terminal
sonic(config)# interface ethernet 0/1
sonic(config-if-0/1)# switchport
sonic(config-if-0/1)# switchport access vlan 300
Step 3
Establish BGP neighbor.
Spine
sonic# configure terminal
sonic(config)# interface loopback 0
sonic(config-loif-0)# ip address 10.1.0.210/32
sonic# configure terminal
sonic(config)# router bgp 65200
sonic(config-router)# bgp router-id 10.1.0.210
sonic(config-router)# no bgp ebgp-requires-policy
sonic(config-router)# neighbor 11.11.11.1 remote-as 65201
sonic(config-router)# address-family ipv4
sonic(config-router-af)# neighbor 11.11.11.1 activate
sonic(config-router-af)# q
sonic(config-router)# neighbor 22.22.22.1 remote-as 65202
sonic(config-router)# address-family ipv4
sonic(config-router-af)# neighbor 22.22.22.1 activate
Leaf1
sonic# configure terminal
sonic(config)# interface loopback 0
sonic(config-loif-0)# ip address 10.1.0.211/32
sonic# configure terminal
sonic(config)# router bgp 65201
sonic(config-router)# bgp router-id 10.1.0.211
sonic(config-router)# no bgp ebgp-requires-policy
sonic(config-router)# neighbor 11.11.11.2 remote-as 65200
sonic(config-router)# address-family ipv4
sonic(config-router-af)# neighbor 11.11.11.2 activate
Leaf2
sonic# configure terminal
sonic(config)# interface loopback 0
sonic(config-loif-0)# ip address 10.1.0.212/32
sonic# configure terminal
sonic(config)# router bgp 65202
sonic(config-router)# bgp router-id 10.1.0.212
sonic(config-router)# no bgp ebgp-requires-policy
sonic(config-router)# neighbor 22.22.22.2 remote-as 65200
sonic(config-router)# address-family ipv4
sonic(config-router-af)# neighbor 22.22.22.2 activate
Step 4
Configure VTEP on Leaf and enable EVPN.
Leaf1
sonic# configure terminal
sonic(config)# interface vxlan 0
sonic(config-vxlanif-0)# source 10.1.0.211
sonic(config-vxlanif-0)# end
sonic# write
sonic# reload
sonic# configure terminal
sonic(config)# router bgp 65201
sonic(config-router)# address-family l2vpn evpn
sonic(config-router-af)# neighbor 11.11.11.2 activate
sonic(config-router-af)# advertise-all-vni
Leaf2
sonic# configure terminal
sonic(config)# interface vxlan 0
sonic(config-vxlanif-0)# source 10.1.0.212
sonic(config-vxlanif-0)# end
sonic# write
sonic# reload
sonic# configure terminal
sonic(config)# router bgp 65202
sonic(config-router)# address-family l2vpn evpn
sonic(config-router-af)# neighbor 22.22.22.2 activate
sonic(config-router-af)# advertise-all-vni
Step 5
Create a VRF on the leaf and bind the port.
Leaf1
sonic# configure terminal
sonic(config)# vrf 123
sonic(config)# interface vlan 100
sonic(config-vlanif-100)# vrf 123
sonic(config)# interface vlan 200
sonic(config-vlanif-200)# vrf 123
Leaf2
sonic# configure terminal
sonic(config)# vrf 456
sonic(config)# interface vlan 300
sonic(config-vlanif-300)# vrf 456
Step 6
Configure Layer 2 VXLAN mapping.
Leaf1
sonic# configure terminal
sonic(config)# vlan 100
sonic(config-vlan-100)# vni 100
sonic(config-vlan-100)# exit
sonic(config)# vlan 200
sonic(config-vlan-200)# vni 200
Leaf2
sonic# configure terminal
sonic(config)# vlan 300
sonic(config-vlan-300)# vni 100
Step 7
Configure Layer 3 VXLAN mapping.
Leaf1
sonic# configure terminal
sonic(config)# vrf 123
sonic(config-vrf)# vni 1000
Leaf2
sonic# configure terminal
sonic(config)# vrf 456
sonic(config-vrf)# vni 1000
Step 8
Modify the port MAC address (the MAC of the gateway of the VM under the same VNI must be consistent).
Leaf1
sonic# configure terminal
sonic(config)# interface vlan 100
sonic(config-vlanif-100)# mac-address 00:11:22:33:44:55
sonic(config-vlanif-100)# exit
sonic(config)# interface vlan 200
sonic(config-vlanif-200)# mac-address 00:11:22:33:44:66
Leaf2
sonic# configure terminal
sonic(config)# interface vlan 300
sonic(config-vlanif-300)# mac-address 00:11:22:33:44:55
Step 9
Route advertisement.
Spine
sonic# configure terminal
sonic(config)# router bgp 65200
sonic(config-router)# address-family ipv4 unicast
sonic(config-router)# network 10.1.0.210/32
sonic(config-router)# address-family l2vpn evpn
sonic(config-router-af)# neighbor 11.11.11.1 activate
sonic(config-router-af)# neighbor 22.22.22.1 activate
sonic(config-router-af)# advertise-all-vni
Leaf1
sonic# configure terminal
sonic(config)# router bgp 65201
sonic(config-router)# address-family ipv4 unicast
sonic(config-router)# network 10.1.0.211/32
Leaf2
sonic# configure terminal
sonic(config)# router bgp 65202
sonic(config-router)# address-family ipv4 unicast
sonic(config-router)# network 10.1.0.212/32
Step 10
Enable ARP proxy.
Leaf1
sonic# configure terminal
sonic(config)# interface vlan 100
sonic(config-vlanif-100)# arp proxy mode evpn
sonic(config-vlanif-100)# exit
sonic(config)# interface vlan 200
sonic(config-vlanif-200)# arp proxy mode evpn
Leaf2
sonic# configure terminal
sonic(config)# interface vlan 300
sonic(config-vlanif-300)# arp proxy mode evpn
Step 11
Configure the IP address, gateway of the VM, online each VM, and verify whether the VMs can communicate with each other.
Server-A1
[root@localhost ~]# ifconfig eth0 100.0.0.2/24
[root@localhost ~]# route add default gw 100.0.0.1
Server-A2
[root@localhost ~]# ifconfig eth0 100.0.0.3/24
[root@localhost ~]# route add default gw 100.0.0.1
Server-B1
[root@localhost ~]# ifconfig eth0 200.0.0.2/24
[root@localhost ~]# route add default gw 200.0.0.1
Server-A3
[root@localhost ~]# ifconfig eth0 100.0.0.4/24
[root@localhost ~]# route add default gw 100.0.0.1
4.7 Verify network configuration
1.Each vm can ping each other successfully.
2.View the vxlan mapping table and tunnel of leaf1.
sonic# show vxlan map
sonic# show vxlan tunnel
3.View the vxlan mapping table and tunnel of leaf2.
sonic# show vxlan map
sonic# show vxlan tunnel
5 Conclusion
In this instance, after using vAsterNOS and VM equipment to network and configure the EVPN VXLAN network, the VMs can communicate with each other normally, and the vxlan tunnels can be correctly established between leaves, and the relevant routes also work normally, indicating the EVPN VXLAN function of vAsterNOS are normal and can meet user networking needs. At the same time, the functional features and configuration methods of Asterfusion Data Center switch are completely consistent with vAsterNOS. After users verify the configuration through vAsterNOS, they can directly use Asterfusion Data Center switch to implement it.
Asterfusion CX-N data center switches as the links below
If you have more technical questions, feel free to propose a ticket on our https://help.cloudswit.ch/portal/en/signin