Tungsten Fabric入門寶典丨說說L3VPN及EVPN整合
作者:Tatsuya Naganawa 譯者:TF編譯組
-
如果需要DC之間的MPLS over MPLS,則需要路由器配置來縫合它們
-
-
據我所知,如果不使用硬體解除安裝,基於Linux網路堆疊,kernel vRouter的效能極限將達到1.0 Mpps
-
也就是說,儘管某些配置knob已經可用,但vRouter當前不支援linux api來解除安裝vxlan的encap / decap:
對於路由器/交換機來說,找到一種可以處理MPLS報文的硬體成本確實更高,因為大多數資料中心交換機當前都使用特定的Broadcom晶片,該晶片可以使用vxlan,但不能使用MPLS。
因此在資料中心裡,使用vxlan封裝將是可行的選擇。
-
-
-
Type 6的實施似乎也在進行中:
-
這個文件很好地描述了此行為:
https://www.juniper.net/documentation/en_US/release-independent/solutions/information-products/pathway-pages/solutions/l3gw-vmto-evpn-vxlan-mpls.pdf
-
https://www.juniper.net/documentation/en_US/junos/topics/concept/data-center-interconnect-evpn-vxlan-evpn-mpls-wan-overview.html
-
注意:從R1912起,control / vRouter基於EVPN T5(和VXLAN)實現了服務鏈,因此L3VPN / MPLS over IP將不再是嚴格的要求:
-
#control-node
-
MPLS over GRE也是可以的,雖然它有較少的熵,但可以用於諸如LAG負載平衡等。
-
可以在以下連結找到有關L3VPN / MPLS over (GRE|UDP)的其它示例(TODO:L3VPN / MPLS over (GRE|UDP)的配置示例)
-
https://marcelwiget.blog/2015/07/30/run-juniper-vmx-as-contrail-gateway-for-ipv6-overlay/
[1. 樣例配置]
Tungsten Fabric controller: 192.168.122.141/24
Tungsten Fabric vRouter: 192.168.122.142/24
vn1 (vxlan id: 7), 10.0.1.0/24, route-target: 64512:7 is set
10.0.1.3 is a cirros container inside vn1
vn1 is connected to lr1 (logical-router, vxlan id: 8, route-target 64512:8 is set)
Tungsten Fabric's project setting, 'vxlan routing: enabled' is also set (this settimg might be changed in the future)
CumulusVX: 192.168.122.151/24
swp1: centos152 (10.0.1.152/24) is connected
-> same l2 subnet with the container inside vRouter
swp2: centos153 (192.168.130.153/24) is connected
-> L3VRF will route the traffic from this to the container
[2. bgp 設定]
net add bgp autonomous-system 64513
net add bgp router-id 192.168.122.151
net add bgp neighbor 192.168.122.141 remote-as 64512
net add bgp neighbor 192.168.122.141 capability extended-nexthop
net add bgp l2vpn evpn neighbor 192.168.122.141 activate
net add bgp l2vpn evpn advertise-all-vni
net add bgp l2vpn evpn vni 7 rd 192.168.122.151:7
net add bgp l2vpn evpn vni 7 route-target import 64512:7
net add bgp l2vpn evpn vni 7 route-target export 64512:7
cumulus@cumulus:~$ net show bgp summary
show bgp ipv4 unicast summary
=============================
BGP router identifier 192.168.122.151, local AS number 64513 vrf-id 0
BGP table version 0
RIB entries 0, using 0 bytes of memory
Peers 1, using 19 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
192.168.122.141 4 64512 55 43 0 0 0 00:01:15 NoNeg
Total number of neighbors 1
show bgp ipv6 unicast summary
=============================
% No BGP neighbors found
show bgp l2vpn evpn summary
===========================
BGP router identifier 192.168.122.151, local AS number 64513 vrf-id 0
BGP table version 0
RIB entries 3, using 456 bytes of memory
Peers 1, using 19 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
192.168.122.141 4 64512 55 43 0 0 0 00:01:15 6
Total number of neighbors 1
cumulus@cumulus:~$
[3. l2vni 設定]
net add bridge bridge ports vni7
net add bridge bridge vids 7
net add interface swp1 bridge pvid 7
net add vxlan vni7 vxlan id 7
net add vxlan vni7 bridge learning off
net add vxlan vni7 bridge access 7
net add vxlan vni7 bridge arp-nd-suppress on
net add vxlan vni7 vxlan local-tunnelip 192.168.122.151
net add vlan 7 ip forward off
net add vlan 7 ipv6 forward off
cumulus@cumulus:~$ net show bgp l2vpn evpn route
BGP table version is 18, local router ID is 192.168.122.151
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
EVPN type-2 prefix: [2]:[ESI]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP]
EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP]
EVPN type-5 prefix: [5]:[ESI]:[EthTag]:[IPlen]:[IP]
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 192.168.122.142:1
*> [2]:[0]:[0]:[48]:[52:54:00:d9:db:32]
192.168.122.142 100 0 64512 ?
*> [2]:[0]:[0]:[48]:[52:54:00:d9:db:32]:[32]:[192.168.122.142]
192.168.122.142 100 0 64512 ?
*> [3]:[0]:[32]:[192.168.122.142]
192.168.122.142 200 0 64512 ?
Route Distinguisher: 192.168.122.142:3
*> [2]:[0]:[0]:[48]:[02:98:81:86:80:8a]
192.168.122.142 100 0 64512 ?
*> [2]:[0]:[0]:[48]:[02:98:81:86:80:8a]:[32]:[10.0.1.3]
192.168.122.142 100 0 64512 ?
*> [3]:[0]:[32]:[192.168.122.142]
192.168.122.142 200 0 64512 ?
Route Distinguisher: 192.168.122.142:4
*> [5]:[0]:[0]:[32]:[10.0.1.3]
192.168.122.142 100 0 64512 ?
(snip)
Route Distinguisher: 192.168.122.151:7
*> [3]:[0]:[32]:[192.168.122.151]
192.168.122.151 32768 i
Route Distinguisher: 192.168.122.151:8
*> [5]:[0]:[0]:[24]:[192.168.131.0]
192.168.122.151 0 32768 ?
Displayed 12 prefixes (12 paths)
cumulus@cumulus:~$
[root@centos152 ~] # ping 10.0.1.3
PING 10.0.1.3 (10.0.1.3) 56(84) bytes of data.
64 bytes from 10.0.1.3: icmp_seq=1 ttl=64 time=1.37 ms
64 bytes from 10.0.1.3: icmp_seq=2 ttl=64 time=0.836 ms
64 bytes from 10.0.1.3: icmp_seq=3 ttl=64 time=0.778 ms
64 bytes from 10.0.1.3: icmp_seq=4 ttl=64 time=0.753 ms
64 bytes from 10.0.1.3: icmp_seq=5 ttl=64 time=0.801 ms
--- 10.0.1.3 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4006ms
rtt min/avg/max/mdev = 0.753/0.908/1.374/0.235 ms
[root@centos152 ~] #
cumulus@cumulus:~$ net show evpn arp-cache vni all
VNI 7 #ARP (IPv4 and IPv6, local and remote) 3
IP Type State MAC Remote VTEP
10.0.1.152 local active 52:54:00:20:e5:9a
fe80::28a0:caff:fe62:d16c local active 2a:a0:ca:62:d1:6c
10.0.1.3 remote active 02:98:81:86:80:8a 192.168.122.142
cumulus@cumulus:~$
-> mac address of 10.0.1.3 container is learnt from Tungsten Fabric controller
[4. l3vni 設定]
net add vrf vrf8 vni 8
net add bgp router-id 192.168.122.151
net add bgp vrf vrf8 autonomous-system 64513
net add bgp vrf vrf8 ipv4 unicast redistribute connected
net add bgp vrf vrf8 l2vpn evpn advertise ipv4 unicast
net add bgp vrf vrf8 l2vpn evpn rd 192.168.122.151:8
net add bgp vrf vrf8 l2vpn evpn route-target import 64512:8
net add bgp vrf vrf8 l2vpn evpn route-target export 64512:8
net add vxlan vni8 vxlan id 8
net add interface swp2 bridge pvid 8
net add vlan 8 ip address 192.168.131.254/24
net add vlan 8 vlan-id 8
net add vlan 8 vrf vrf8
net add vxlan vni8 vxlan local-tunnelip 192.168.122.151
net add vxlan vni8 bridge access 8
cumulus@cumulus:~$ net show bgp l2vpn evpn route type prefix
BGP table version is 4, local router ID is 192.168.122.151
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
EVPN type-2 prefix: [2]:[ESI]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP]
EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP]
EVPN type-5 prefix: [5]:[ESI]:[EthTag]:[IPlen]:[IP]
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 192.168.122.142:4
*> [5]:[0]:[0]:[32]:[10.0.1.3]
192.168.122.142 100 0 64512 ?
Route Distinguisher: 192.168.122.151:8
*> [5]:[0]:[0]:[24]:[192.168.131.0]
192.168.122.151 0 32768 ?
Displayed 2 prefixes (2 paths) (of requested type)
cumulus@cumulus:~$
cumulus@cumulus:~$ net show route vrf vrf8
show ip route vrf vrf8
=======================
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR,
> - selected route, * - FIB route
VRF vrf8:
K * 0.0.0.0/0 [255/8192] unreachable (ICMP unreachable), 00:31:09
B>* 10.0.1.3/32 [20/100] via 192.168.122.142, vlan8 onlink, 00:31:09
C>* 192.168.131.0/24 is directly connected, vlan8, 00:29:05
[root@centos153 ~] # ping 10.0.1.3
PING 10.0.1.3 (10.0.1.3) 56(84) bytes of data.
64 bytes from 10.0.1.3: icmp_seq=1 ttl=62 time=1.27 ms
64 bytes from 10.0.1.3: icmp_seq=2 ttl=62 time=0.892 ms
64 bytes from 10.0.1.3: icmp_seq=3 ttl=62 time=0.912 ms
64 bytes from 10.0.1.3: icmp_seq=4 ttl=62 time=0.851 ms
--- 10.0.1.3 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 0.851/0.981/1.272/0.173 ms
[root@centos153 ~] #
[root@centos153 ~] #
[root@centos153 ~] # ip -o a
1: lo inet 127.0.0.1/8 scope host lo\ valid_lft forever preferred_lft forever
1: lo inet6 ::1/128 scope host \ valid_lft forever preferred_lft forever
2: eth0 inet 192.168.131.153/24 brd 192.168.131.255 scope global noprefixroute eth0\ valid_lft forever preferred_lft forever
2: eth0 inet6 fe80::24a9:6145:e488:5f15/64 scope link noprefixroute \ valid_lft forever preferred_lft forever
[root@centos153 ~] #
[root@centos153 ~] # ip route
default via 192.168.131.254 dev eth0 proto static metric 100
192.168.131.0/24 dev eth0 proto kernel scope link src 192.168.131.153 metric 100
[root@centos153 ~] #
# docker exec -it config_api_1 bash
# sed -i 's/snat-routing/vxlan-routing/' /usr/lib/python2.7/site-packages/vnc_cfg_api_server/resources/logical_router.py
# exit
# docker restart config_api_1
-
編排器需要是openstack
(one VM is created in virtual-network vn1)
(kolla-toolbox)[ansible@ip- 172- 31- 13- 153 /]$ openstack server list
+--------------------------------------+------+--------+--------------+--------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+------+--------+--------------+--------+---------+
| e3a43979-a8ae- 4f05-b065-0b0841cee47b | vm1 | ACTIVE | vn1=10.0.1.3 | cirros | m1.tiny |
+--------------------------------------+------+--------+--------------+--------+---------+
(kolla-toolbox)[ansible@ip- 172- 31- 13- 153 /]$
( when logical-router is not connected to vn1, no type 5 route is seen)
[root@ip- 172- 31- 13- 153 ~] # ./contrail-introspect-cli/ist.py ctr route show --family evpn | grep ^5
[root@ip- 172- 31- 13- 153 ~] #
( when logical-router is connected to vn1, type 5 route for this VM is sent to other bgp peer)
[root@ip- 172- 31- 13- 153 ~] # ./contrail-introspect-cli/ist.py ctr route show --family evpn | grep ^5
5- 0:0- 0- 10.0. 1.3/ 32, age: 0:00:07. 126096, last_modified: 2020-Jan- 12 13:50:27.307760
5- 172.31. 13.153:3- 0- 10.0. 1.3/ 32, age: 0:00:07. 077088, last_modified: 2020-Jan- 12 13:50:27.356768
[root@ip- 172- 31- 13- 153 ~] #
-
使用opencontrailnightly:1912-latest測試過,一個節點安裝(openstack controller, tungsten fabric controller, vRouter)
(kolla-toolbox)[ansible@ip- 172- 31- 13- 153 /]$ openstack network list
+--------------------------------------+-------------------------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+-------------------------+--------------------------------------+
| 667344f9-36f1-4d56-8d9e-e5b8c856658b | LR::lr1 | ab81f262-52d3-496f-825e-758ca5e6d60f |
| 0acf42ab-f917-4a32-a95a-5f2a555e955d | ip-fabric | |
| 5ac821b2-b823-4ea7-8be2-e1ee71547df8 | LR::lr2 | 45b16ec8-0497-4610-843d-13d6913f4c41 |
| 0a0e30c2-d2fa-46dd-bd6f-233897f156f4 | vn1 | c739aa67-bad3-4a69-b110-797018579b22 |
| 822b12ae-8b9c-4c32-be91-1611c245e761 | vn2 | c67c9f25-8169-44dd-b1cd-8d9ab788a0da |
| 16715adc-93cb-4297-847a-50fcbcdef98b | __link_local_ _ | |
| 95b08fcc-b027-407a-8b35-8470989b7d5a | dci-network | |
| 728957ed-9db3-4502-b45a-2ce3ce0ed575 | default-virtual-network | |
+--------------------------------------+-------------------------+--------------------------------------+
(kolla-toolbox)[ansible@ip- 172- 31- 13- 153 /]$
(kolla-toolbox)[ansible@ip- 172- 31- 13- 153 /]$ openstack server list
+--------------------------------------+------------+--------+--------------------------------------+--------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+------------+--------+--------------------------------------+--------+---------+
| 4477700f- 8183- 4f81-b7bf- 7fb16e74aba8 | vm2 | ACTIVE | vn2=10.0.2.4 | cirros | m1.tiny |
| b631b50c-5ccf-4e48-86a8-bf390c174180 | lr1-to-lr2 | ACTIVE | LR::lr1= 10.0. 11.3; LR::lr2= 10.0. 12.3 | cirros | m1.tiny |
| e3a43979-a8ae- 4f05-b065-0b0841cee47b | vm1 | ACTIVE | vn1=10.0.1.3 | cirros | m1.tiny |
+--------------------------------------+------------+--------+--------------------------------------+--------+---------+
(kolla-toolbox)[ansible@ip- 172- 31- 13- 153 /]$
[ root@ip -172-31-13-153 ~]# ./contrail-introspect-cli/ist.py ctr route show --family evpn | grep -e ^ 5 -e evpn -A 1
default-domain:admin:__contrail_lr_internal_vn_62651c76 -7851-4459-8d54 -41b2b1289e21__:__contrail_lr_internal_vn_62651c76 -7851-4459-8d54 -41b2b1289e21__.evpn .0: 2 destinations, 2 routes ( 1 primary, 1 secondary, 0 infeasible)
5-0: 0-0-10.0.1.3/ 32, age: 0: 00: 40.299110, last_modified: 2020-Jan -12 14: 00: 39.070835
[ServiceChain (service- interface)| None] age: 0:00:40.302293, localpref: 200, nh: 172.31.13.153, encap: ['vxlan'], label: 8, AS path: None
--
5-0: 0-0-10.0.2.4/ 32, age: 0: 04: 22.046440, last_modified: 2020-Jan -12 13: 56: 57.323505
[XMPP|ip -172-31-13-153.local] age: 0: 04: 22.049981, localpref: 200, nh: 172.31.13.153, encap: [ 'vxlan'], label: 8, AS path: None
--
default-domain:admin:__contrail_lr_internal_vn_62651c76 -7851-4459-8d54 -41b2b1289e21__:service -20c08253 -7212-40e2-8211-1548652de4b9- default-domain_admin_lr1-to-lr2.evpn .0: 2 destinations, 2 routes ( 1 primary, 1 secondary, 0 infeasible)
5-0: 0-0-10.0.1.3/ 32, age: 0: 00: 40.299524, last_modified: 2020-Jan -12 14: 00: 39.070421
[ServiceChain (service- interface)| None] age: 0:00:40.303335, localpref: 200, nh: 172.31.13.153, encap: ['vxlan'], label: 8, AS path: None
--
5-0: 0-0-10.0.2.4/ 32, age: 0: 00: 40.316583, last_modified: 2020-Jan -12 14: 00: 39.053362
[XMPP|ip -172-31-13-153.local] age: 0: 00: 40.320727, localpref: 200, nh: 172.31.13.153, encap: [ 'vxlan'], label: 8, AS path: None
--
default-domain:admin:__contrail_lr_internal_vn_7693de7f -9b96 -41de -84af-c6db113132e2__:__contrail_lr_internal_vn_7693de7f -9b96 -41de -84af-c6db113132e2__.evpn .0: 2 destinations, 2 routes ( 1 primary, 1 secondary, 0 infeasible)
5-0: 0-0-10.0.1.3/ 32, age: 0: 10: 52.062185, last_modified: 2020-Jan -12 13: 50: 27.307760
[XMPP|ip -172-31-13-153.local] age: 0: 10: 52.066796, localpref: 200, nh: 172.31.13.153, encap: [ 'vxlan'], label: 6, AS path: None
--
5-0: 0-0-10.0.2.4/ 32, age: 0: 00: 40.299766, last_modified: 2020-Jan -12 14: 00: 39.070179
[ServiceChain (service- interface)| None] age: 0:00:40.304752, localpref: 200, nh: 172.31.13.153, encap: ['vxlan'], label: 6, AS path: None
--
default-domain:admin:__contrail_lr_internal_vn_7693de7f -9b96 -41de -84af-c6db113132e2__:service -20c08253 -7212-40e2-8211-1548652de4b9- default-domain_admin_lr1-to-lr2.evpn .0: 2 destinations, 2 routes ( 1 primary, 1 secondary, 0 infeasible)
5-0: 0-0-10.0.1.3/ 32, age: 0: 00: 40.465418, last_modified: 2020-Jan -12 14: 00: 38.904527
[XMPP|ip -172-31-13-153.local] age: 0: 00: 40.470671, localpref: 200, nh: 172.31.13.153, encap: [ 'vxlan'], label: 6, AS path: None
--
5-0: 0-0-10.0.2.4/ 32, age: 0: 00: 40.299958, last_modified: 2020-Jan -12 14: 00: 39.069987
[ServiceChain (service- interface)| None] age: 0:00:40.305449, localpref: 200, nh: 172.31.13.153, encap: ['vxlan'], label: 6, AS path: None
--
default-domain:admin:vn1:vn1.evpn .0: 4 destinations, 4 routes ( 4 primary, 0 secondary, 0 infeasible)
--
default-domain:admin:vn2:vn2.evpn .0: 4 destinations, 4 routes ( 4 primary, 0 secondary, 0 infeasible)
--
bgp.evpn .0: 13 destinations, 13 routes ( 0 primary, 13 secondary, 0 infeasible)
--
5-172.31.13.153: 3-0-10.0.1.3/ 32, age: 0: 10: 52.013177, last_modified: 2020-Jan -12 13: 50: 27.356768
[XMPP|ip -172-31-13-153.local] age: 0: 10: 52.023700, localpref: 200, nh: 172.31.13.153, encap: [ 'vxlan'], label: 6, AS path: None
--
5-172.31.13.153: 5-0-10.0.2.4/ 32, age: 0: 04: 22.046385, last_modified: 2020-Jan -12 13: 56: 57.323560
[XMPP|ip -172-31-13-153.local] age: 0: 04: 22.057108, localpref: 200, nh: 172.31.13.153, encap: [ 'vxlan'], label: 8, AS path: None
--
5-172.31.13.153: 6-0-10.0.2.4/ 32, age: 0: 00: 40.299816, last_modified: 2020-Jan -12 14: 00: 39.070129
[ServiceChain (service- interface)| None] age: 0:00:40.310798, localpref: 200, nh: 172.31.13.153, encap: ['vxlan'], label: 6, AS path: None
--
5-172.31.13.153: 7-0-10.0.1.3/ 32, age: 0: 00: 40.299164, last_modified: 2020-Jan -12 14: 00: 39.070781
[ServiceChain (service- interface)| None] age: 0:00:40.310369, localpref: 200, nh: 172.31.13.153, encap: ['vxlan'], label: 8, AS path: None
--
default-domain: default-project:ip-fabric:ip-fabric.evpn .0: 4 destinations, 4 routes ( 4 primary, 0 secondary, 0 infeasible)
[ root@ip -172-31-13-153 ~]#
[ root@ip -172-31-13-153 ~]# ./contrail-introspect-cli/ist.py vr vrf
+--------------------------------------+---------+---------+---------+-----------+----------+--------------------------------------+
| name | ucindex | mcindex | brindex | evpnindex | vxlan_id | vn |
+--------------------------------------+---------+---------+---------+-----------+----------+--------------------------------------+
| default-domain:admin:__contrail_lr_i | 5 | 5 | 5 | 5 | 8 | default-domain:admin:__contrail_lr_i |
| nternal_vn_62651c76 -7851-4459-8d54 -4 | | | | | | nternal_vn_62651c76 -7851-4459-8d54 -4 |
| 1b2b1289e21__:__contrail_lr_internal | | | | | | 1b2b1289e21__ |
| _vn_62651c76 -7851-4459-8d54 -41b2b128 | | | | | | |
| 9e21__ | | | | | | |
| default-domain:admin:__contrail_lr_i | 7 | 7 | 7 | 7 | 0 | N/A |
| nternal_vn_62651c76 -7851-4459-8d54 -4 | | | | | | |
| 1b2b1289e21__:service -86899929-7419 | | | | | | |
| -427a -9b3f-f8e4a3d990eb- default- | | | | | | |
| domain_admin_lr1-to-lr2 | | | | | | |
| default-domain:admin | 3 | 3 | 3 | 3 | 6 | default-domain:admin |
| :__contrail_lr_internal_vn_7693de7f- | | | | | | :__contrail_lr_internal_vn_7693de7f- |
| 9b96 -41de -84af-c6db113132e2__ | | | | | | 9b96 -41de -84af-c6db113132e2__ |
| :__contrail_lr_internal_vn_7693de7f- | | | | | | |
| 9b96 -41de -84af-c6db113132e2__ | | | | | | |
| default-domain:admin | 6 | 6 | 6 | 6 | 0 | N/A |
| :__contrail_lr_internal_vn_7693de7f- | | | | | | |
| 9b96 -41de -84af- | | | | | | |
| c6db113132e2__:service -86899929-7419 | | | | | | |
| -427a -9b3f-f8e4a3d990eb- default- | | | | | | |
| domain_admin_lr1-to-lr2 | | | | | | |
| default-domain:admin:vn1:vn1 | 2 | 2 | 2 | 2 | 5 | default-domain:admin:vn1 |
| default-domain:admin:vn2:vn2 | 4 | 4 | 4 | 4 | 7 | default-domain:admin:vn2 |
| default-domain: default-project:ip- | 0 | 0 | 0 | 0 | 0 | N/A |
| fabric:__default__ | | | | | | |
| default-domain: default-project:ip- | 1 | 1 | 1 | 1 | 2 | default-domain: default-project:ip- |
| fabric:ip-fabric | | | | | | fabric |
+--------------------------------------+---------+---------+---------+-----------+----------+--------------------------------------+
[ root@ip -172-31-13-153 ~]#
[ root@ip -172-31-13-153 ~]# ./contrail-introspect-cli/ist.py vr route -v 3
0.255.255.252/ 32
[ 172.31.13.153] pref: 200
to 2: 34: 66: 61:a2: 96 via tap346661a2 -96, assigned_label: 39, nh_index: 46 , nh_type: interface, nh_policy:enabled, active_label:39, vxlan_id:0
[LocalVmPort] pref: 200
to 2: 34: 66: 61:a2: 96 via tap346661a2 -96, assigned_label: 39, nh_index: 46 , nh_type: interface, nh_policy:enabled, active_label:39, vxlan_id:0
10.0.1.3/ 32
[EVPN-ROUTING] pref: 200
to 2: 98: 88: 3c: 38: 50 via tap98883c38 -50, assigned_label: -1, nh_index: 34 , nh_type: interface, nh_policy:enabled, active_label:6, vxlan_id:6
10.0.2.4/ 32
[ 172.31.13.153] pref: 200
to 2: 34: 66: 61:a2: 96 via tap346661a2 -96, assigned_label: 39, nh_index: 46 , nh_type: interface, nh_policy:enabled, active_label:39, vxlan_id:0
10.0.11.0/ 24
[Local] pref: 100
nh_index: 1 , nh_type:discard, nh_policy:disabled, active_label: -1, vxlan_id: 0
10.0.11.1/ 32
[Local] pref: 100
to 0: 0: 0: 0: 0: 1 via pkt0, assigned_label: -1, nh_index: 13 , nh_type: interface, nh_policy:enabled, active_label:-1, vxlan_id:0
10.0.11.2/ 32
[Local] pref: 100
to 0: 0: 0: 0: 0: 1 via pkt0, assigned_label: -1, nh_index: 13 , nh_type: interface, nh_policy:enabled, active_label:-1, vxlan_id:0
10.0.11.3/ 32
[ 172.31.13.153] pref: 200
to 2: 34: 66: 61:a2: 96 via tap346661a2 -96, assigned_label: 39, nh_index: 46 , nh_type: interface, nh_policy:enabled, active_label:39, vxlan_id:0
[LocalVmPort] pref: 200
to 2: 34: 66: 61:a2: 96 via tap346661a2 -96, assigned_label: 39, nh_index: 46 , nh_type: interface, nh_policy:enabled, active_label:39, vxlan_id:0
169.254.169.254/ 32
[LinkLocal] pref: 100
via vhost0, nh_index: 11 , nh_type:receive, nh_policy:enabled, active_label: 0, vxlan_id: 0
[ root@ip -172-31-13-153 ~]#
[ root@ip -172-31-13-153 ~]# ./contrail-introspect-cli/ist.py vr route -v 5
0.255.255.251/ 32
[ 172.31.13.153] pref: 200
to 2: 15: 37:f5:fa:fb via tap1537f5fa-fb, assigned_label: 44, nh_index: 51 , nh_type: interface, nh_policy:enabled, active_label:44, vxlan_id:0
[LocalVmPort] pref: 200
to 2: 15: 37:f5:fa:fb via tap1537f5fa-fb, assigned_label: 44, nh_index: 51 , nh_type: interface, nh_policy:enabled, active_label:44, vxlan_id:0
10.0.1.3/ 32
[ 172.31.13.153] pref: 200
to 2: 15: 37:f5:fa:fb via tap1537f5fa-fb, assigned_label: 44, nh_index: 51 , nh_type: interface, nh_policy:enabled, active_label:44, vxlan_id:0
10.0.2.4/ 32
[EVPN-ROUTING] pref: 200
to 2: 19:e0:a2:b:f3 via tap19e0a20b-f3, assigned_label: -1, nh_index: 63 , nh_type: interface, nh_policy:enabled, active_label:8, vxlan_id:8
10.0.12.0/ 24
[Local] pref: 100
nh_index: 1 , nh_type:discard, nh_policy:disabled, active_label: -1, vxlan_id: 0
10.0.12.1/ 32
[Local] pref: 100
to 0: 0: 0: 0: 0: 1 via pkt0, assigned_label: -1, nh_index: 13 , nh_type: interface, nh_policy:enabled, active_label:-1, vxlan_id:0
10.0.12.2/ 32
[Local] pref: 100
to 0: 0: 0: 0: 0: 1 via pkt0, assigned_label: -1, nh_index: 13 , nh_type: interface, nh_policy:enabled, active_label:-1, vxlan_id:0
10.0.12.3/ 32
[ 172.31.13.153] pref: 100
to 2: 15: 37:f5:fa:fb via tap1537f5fa-fb, assigned_label: 44, nh_index: 51 , nh_type: interface, nh_policy:enabled, active_label:44, vxlan_id:0
[LocalVmPort] pref: 100
to 2: 15: 37:f5:fa:fb via tap1537f5fa-fb, assigned_label: 44, nh_index: 51 , nh_type: interface, nh_policy:enabled, active_label:44, vxlan_id:0
169.254.169.254/ 32
[LinkLocal] pref: 100
via vhost0, nh_index: 11 , nh_type:receive, nh_policy:enabled, active_label: 0, vxlan_id: 0
[ root@ip -172-31-13-153 ~]#
[ root@ip -172-31-13-153 ~]# ./contrail-introspect-cli/ist.py vr route -v 6
0.255.255.252/ 32
[ 172.31.13.153] pref: 200
to 2: 34: 66: 61:a2: 96 via tap346661a2 -96, assigned_label: 39, nh_index: 46 , nh_type: interface, nh_policy:enabled, active_label:39, vxlan_id:0
10.0.2.4/ 32
[ 172.31.13.153] pref: 200
to 2: 34: 66: 61:a2: 96 via tap346661a2 -96, assigned_label: 39, nh_index: 46 , nh_type: interface, nh_policy:enabled, active_label:39, vxlan_id:0
10.0.11.3/ 32
[ 172.31.13.153] pref: 200
to 2: 34: 66: 61:a2: 96 via tap346661a2 -96, assigned_label: 39, nh_index: 46 , nh_type: interface, nh_policy:enabled, active_label:39, vxlan_id:0
[ root@ip -172-31-13-153 ~]#
[ root@ip -172-31-13-153 ~]#
[ root@ip -172-31-13-153 ~]# ./contrail-introspect-cli/ist.py vr route -v 7
0.255.255.251/ 32
[ 172.31.13.153] pref: 200
to 2: 15: 37:f5:fa:fb via tap1537f5fa-fb, assigned_label: 44, nh_index: 51 , nh_type: interface, nh_policy:enabled, active_label:44, vxlan_id:0
10.0.1.3/ 32
[ 172.31.13.153] pref: 200
to 2: 15: 37:f5:fa:fb via tap1537f5fa-fb, assigned_label: 44, nh_index: 51 , nh_type: interface, nh_policy:enabled, active_label:44, vxlan_id:0
10.0.12.3/ 32
[ 172.31.13.153] pref: 100
to 2: 15: 37:f5:fa:fb via tap1537f5fa-fb, assigned_label: 44, nh_index: 51 , nh_type: interface, nh_policy:enabled, active_label:44, vxlan_id:0
[ root@ip -172-31-13-153 ~]#
[ root@ip -172-31-13-153 ~]# ./contrail-introspect-cli/ist.py ctr route show --family l3vpn
bgp.l3vpn .0: 9 destinations, 9 routes ( 0 primary, 9 secondary, 0 infeasible)
172.31.13.153: 1: 172.31.13.153/ 32, age: 0: 40: 32.414715, last_modified: 2020-Jan -12 13: 38: 26.922346
[XMPP ( interface)| ip-172-31-13-153. local] age: 0:40:32.418428, localpref: 100, nh: 172.31.13.153, encap: ['gre', 'udp', 'native'], label: 17, AS path: None
172.31.13.153: 2: 10.0.1.3/ 32, age: 0: 29: 55.551280, last_modified: 2020-Jan -12 13: 49: 03.785781
[XMPP ( interface)| ip-172-31-13-153. local] age: 0:29:55.555402, localpref: 200, nh: 172.31.13.153, encap: ['gre', 'udp'], label: 25, AS path: None
172.31.13.153: 3: 0.255.255.252/ 32, age: 0: 19: 58.759556, last_modified: 2020-Jan -12 13: 59: 00.577505
[XMPP (service- interface)| ip-172-31-13-153. local] age: 0:19:58.763917, localpref: 200, nh: 172.31.13.153, encap: ['gre', 'udp'], label: 39, AS path: None
172.31.13.153: 3: 10.0.11.3/ 32, age: 0: 23: 22.131030, last_modified: 2020-Jan -12 13: 55: 37.206031
[XMPP ( interface)| ip-172-31-13-153. local] age: 0:23:22.135685, localpref: 200, nh: 172.31.13.153, encap: ['gre', 'udp'], label: 39, AS path: None
172.31.13.153: 4: 10.0.2.4/ 32, age: 0: 22: 02.013695, last_modified: 2020-Jan -12 13: 56: 57.323366
[XMPP ( interface)| ip-172-31-13-153. local] age: 0:22:02.018717, localpref: 200, nh: 172.31.13.153, encap: ['gre', 'udp'], label: 49, AS path: None
172.31.13.153: 5: 0.255.255.251/ 32, age: 0: 19: 58.547299, last_modified: 2020-Jan -12 13: 59: 00.789762
[XMPP (service- interface)| ip-172-31-13-153. local] age: 0:19:58.552631, localpref: 200, nh: 172.31.13.153, encap: ['gre', 'udp'], label: 44, AS path: None
172.31.13.153: 5: 10.0.12.3/ 32, age: 0: 23: 35.850393, last_modified: 2020-Jan -12 13: 55: 23.486668
[XMPP ( interface)| ip-172-31-13-153. local] age: 0:23:35.856031, localpref: 100, nh: 172.31.13.153, encap: ['gre', 'udp'], label: 44, AS path: None
172.31.13.153: 6: 10.0.2.4/ 32, age: 0: 08: 56.528333, last_modified: 2020-Jan -12 14: 10: 02.808728
[ServiceChain (service- interface)| None] age: 0:08:56.534255, localpref: 200, nh: 172.31.13.153, encap: ['gre', 'udp'], label: 39, AS path: None
172.31.13.153: 7: 10.0.1.3/ 32, age: 0: 08: 56.527653, last_modified: 2020-Jan -12 14: 10: 02.809408
[ServiceChain (service- interface)| None] age: 0:08:56.533918, localpref: 200, nh: 172.31.13.153, encap: ['gre', 'udp'], label: 44, AS path: None
[ root@ip -172-31-13-153 ~]#
-
第八篇: TF支援API一覽
-
第九篇: TF如何連線到物理網路
-
第十篇: TF基於應用程式的安全策略
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/69957171/viewspace-2694670/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- Tungsten Fabric入門寶典丨編排器整合
- Tungsten Fabric入門寶典丨多編排器用法及配置
- Tungsten Fabric入門寶典丨8個典型故障及排查Tips
- Tungsten Fabric入門寶典丨TF元件的七種“武器”元件
- Tungsten Fabric入門寶典丨首次啟動和執行指南
- Tungsten Fabric入門寶典丨關於安裝的那些事(下)
- Tungsten Fabric入門寶典丨關於叢集更新的那些事
- Tungsten Fabric入門寶典丨關於服務鏈、BGPaaS及其它
- Tungsten Fabric入門寶典丨開始第二天的工作
- Tungsten Fabric入門寶典丨關於多叢集和多資料中心
- Tungsten Fabric架構解析丨TF如何編排架構
- TF實戰丨使用Vagrant安裝Tungsten Fabric
- Tungsten Fabric與K8s整合指南丨建立隔離名稱空間K8S
- Tungsten Fabric架構解析丨TF的服務鏈架構
- Tungsten Fabric架構解析丨vRouter的部署選項架構VR
- Tungsten Fabric架構解析丨TF如何收集、分析、部署?架構
- Tungsten Fabric架構解析丨TF支援API一覽架構API
- Tungsten Fabric架構解析丨TF怎麼運作?架構
- Tungsten Fabric解決方案指南-Kubernetes整合
- Tungsten Fabric知識庫丨vRouter內部執行探秘VR
- Tungsten Fabric知識庫丨更多元件內部探秘元件
- vc入門寶典(十) (轉)
- vc入門寶典(九) (轉)
- Tungsten Fabric架構解析丨詳解vRouter體系結構架構VR
- Tungsten Fabric知識庫丨構建、安裝與公有云部署
- VC入門寶典三(String) (轉)
- vc入門寶典八(基本操作) (轉)
- vc入門寶典(一)(選單) (轉)
- vc入門寶典七(工具欄) (轉)
- 說下Python入門Python
- Tungsten Fabric架構解析丨TF基於應用程式的安全策略架構
- Tungsten Fabric知識庫丨測試2000個vRouter節點部署VR
- vc入門寶典六(多執行緒) (轉)執行緒
- Tungsten Fabric解決方案指南-Gateway MXGateway
- Tungsten Fabric知識庫丨這裡有18個TF補丁程式,建議收藏
- 【官方重磅釋出】Google AdMob新手入門寶典Go
- 利用DDP技術提升Tungsten Fabric vRouter效能VR
- Tungsten Fabric架構和最新技術進展丨TF成立大會演講實錄架構