Juniper Logo

Juniper : VXLAN with pim

Juniper

Faisant suite à l’article sur le static de VXLAN, nous allons maintenant étudier la configuration de VXLAN avec PIM. Il n’est plus nécessaire d’associer un vtep avec sa destination. Nous allons abonner nos VNI à un groupe multicast.

Schéma d’architecture

L’attribut alt de cette image est vide, son nom de fichier est image-6.png.

Configuration de base

SPIN-1

set system host-name SPIN-1
set interfaces ge-0/0/2 description "TO LEAF-1"
set interfaces ge-0/0/2 mtu 9500
set interfaces ge-0/0/2 unit 0 family inet address 10.0.0.0/31
set interfaces ge-0/0/4 description "TO LEAF-2"
set interfaces ge-0/0/4 mtu 9500
set interfaces ge-0/0/4 unit 0 family inet address 10.0.0.2/31
set interfaces lo0 unit 0 family inet address 1.1.1.1/32
set protocols ospf area 0.0.0.0 interface ge-0/0/2.0
set protocols ospf area 0.0.0.0 interface ge-0/0/4.0
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols lldp interface all

SPIN-2

set system host-name SPIN-2
set interfaces ge-0/0/4 description "TO LEAF-1"
set interfaces ge-0/0/4 mtu 9500
set interfaces ge-0/0/4 unit 0 family inet address 10.0.0.4/31
set interfaces ge-0/0/5 description "TO LEAF-2"
set interfaces ge-0/0/5 mtu 9500
set interfaces ge-0/0/5 unit 0 family inet address 10.0.0.6/31
set interfaces lo0 unit 0 family inet address 2.2.2.2/32
set protocols ospf area 0.0.0.0 interface ge-0/0/4.0
set protocols ospf area 0.0.0.0 interface ge-0/0/5.0
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols lldp interface all

LEAF-1

set system host-name LEAF-1
set interfaces ge-0/0/2 description "TO SPIN-1"
set interfaces ge-0/0/2 mtu 9500
set interfaces ge-0/0/2 unit 0 family inet address 10.0.0.1/31
set interfaces ge-0/0/4 description "TO SPIN-2"
set interfaces ge-0/0/4 mtu 9500
set interfaces ge-0/0/4 unit 0 family inet address 10.0.0.5/31
set interfaces lo0 unit 0 family inet address 3.3.3.3/32
set protocols ospf area 0.0.0.0 interface ge-0/0/2.0
set protocols ospf area 0.0.0.0 interface ge-0/0/4.0
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols lldp interface all
set interfaces ge-0/0/6 description CE-1

LEAF-2

set system host-name LEAF-2
set interfaces ge-0/0/4 description "TO SPIN-1"
set interfaces ge-0/0/4 mtu 9500
set interfaces ge-0/0/4 unit 0 family inet address 10.0.0.3/31
set interfaces ge-0/0/5 description "TO SPIN-2"
set interfaces ge-0/0/5 mtu 9500
set interfaces ge-0/0/5 unit 0 family inet address 10.0.0.7/31
set interfaces lo0 unit 0 family inet address 4.4.4.4/32
set protocols ospf area 0.0.0.0 interface ge-0/0/4.0
set protocols ospf area 0.0.0.0 interface ge-0/0/5.0
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols lldp interface all
set interfaces ge-0/0/6 description CE-4

Juniper : VXLAN configuration with pim

SPIN-1

set chassis fpc 0 pic 0 tunnel-services
set protocols pim rp local address 1.1.1.1
set protocols pim interface all mode sparse

SPIN-2

set chassis fpc 0 pic 0 tunnel-services
set protocols pim rp local address 2.2.2.2
set protocols pim interface all

LEAF-1

On configure la source de notre tunnel :

set switch-options vtep-source-interface lo0.0

Contrairement à la configuration static de vxlan nous ne configurons pas de remote-vtep

On map notre vlan-id avec notre VNI

set bridge-domains VNI-5000 vlan-id 100
set bridge-domains VNI-5000 interface ge-0/0/6.100
set bridge-domains VNI-5000 vxlan vni 5000

Nous faisons appartenir notre VNI à un groupe multicast

set bridge-domains VNI-5000 vxlan multicast-group 224.1.1.1
set bridge-domains VNI-5000 vxlan unreachable-vtep-aging-timer 600

On propage le vlan 100 vers le CE-1

set interfaces ge-0/0/6 description CE-1
set interfaces ge-0/0/6 vlan-tagging
set interfaces ge-0/0/6 mtu 9500
set interfaces ge-0/0/6 encapsulation flexible-ethernet-services
set interfaces ge-0/0/6 unit 100 encapsulation vlan-bridge
set interfaces ge-0/0/6 unit 100 vlan-id 100

LEAF-2

On configure la source de notre tunnel :

set switch-options vtep-source-interface lo0.0

Contrairement à la configuration static de vxlan nous ne configurons pas de remote-vtep

On map notre vlan-id avec notre VNI

set bridge-domains VNI-5000 vlan-id 100
set bridge-domains VNI-5000 interface ge-0/0/6.100
set bridge-domains VNI-5000 vxlan vni 5000

Nous faisons appartenir notre VNI à un groupe multicast

set bridge-domains VNI-5000 vxlan multicast-group 224.1.1.1
set bridge-domains VNI-5000 vxlan unreachable-vtep-aging-timer 600

On propage le vlan 100 vers le CE-4

set interfaces ge-0/0/6 description CE-4
set interfaces ge-0/0/6 vlan-tagging
set interfaces ge-0/0/6 mtu 9500
set interfaces ge-0/0/6 encapsulation flexible-ethernet-services
set interfaces ge-0/0/6 unit 100 encapsulation vlan-bridge
set interfaces ge-0/0/6 unit 100 vlan-id 100

Vérifications

PC-A > ping 192.168.0.100
84 bytes from 192.168.0.100 icmp_seq=1 ttl=64 time=3.815 ms
84 bytes from 192.168.0.100 icmp_seq=2 ttl=64 time=60.301 ms
84 bytes from 192.168.0.100 icmp_seq=3 ttl=64 time=7.651 ms
84 bytes from 192.168.0.100 icmp_seq=4 ttl=64 time=5.428 ms
84 bytes from 192.168.0.100 icmp_seq=5 ttl=64 time=3.987 ms


root@LEAF-1> show pim join
Instance: PIM.master Family: INET
R = Rendezvous Point Tree, S = Sparse, W = Wildcard

Group: 224.1.1.1
    Source: *
    RP: 2.2.2.2
    Flags: sparse,rptree,wildcard
    Upstream interface: ge-0/0/4.0

Group: 224.1.1.1
    Source: 3.3.3.3
    Flags: sparse,spt
    Upstream interface: Local

Instance: PIM.master Family: INET6
R = Rendezvous Point Tree, S = Sparse, W = Wildcard

LEAF-1 : fichier de configuration complet

set system host-name LEAF-1
set chassis fpc 0 pic 0 tunnel-services
set interfaces ge-0/0/2 description "TO SPIN-1"
set interfaces ge-0/0/2 mtu 9500
set interfaces ge-0/0/2 unit 0 family inet address 10.0.0.1/31
set interfaces ge-0/0/4 description "TO SPIN-2"
set interfaces ge-0/0/4 mtu 9500
set interfaces ge-0/0/4 unit 0 family inet address 10.0.0.5/31
set interfaces ge-0/0/6 description CE-1
set interfaces ge-0/0/6 vlan-tagging
set interfaces ge-0/0/6 mtu 9500
set interfaces ge-0/0/6 encapsulation flexible-ethernet-services
set interfaces ge-0/0/6 unit 100 encapsulation vlan-bridge
set interfaces ge-0/0/6 unit 100 vlan-id 100
set interfaces lo0 unit 0 family inet address 3.3.3.3/32
set routing-options traceoptions file pim-trace
set routing-options traceoptions flag all
set protocols ospf area 0.0.0.0 interface ge-0/0/2.0
set protocols ospf area 0.0.0.0 interface ge-0/0/4.0
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols pim rp static address 1.1.1.1
set protocols pim rp static address 2.2.2.2
set protocols pim interface all mode sparse
set protocols lldp interface all
set bridge-domains VNI-5000 vlan-id 100
set bridge-domains VNI-5000 interface ge-0/0/6.100
set bridge-domains VNI-5000 vxlan vni 5000
set bridge-domains VNI-5000 vxlan multicast-group 224.1.1.1
set bridge-domains VNI-5000 vxlan unreachable-vtep-aging-timer 600
set switch-options vtep-source-interface lo0.0

LEAF-2 : fichier de configuration complet

set system host-name LEAF-2
set chassis fpc 0 pic 0 tunnel-services
set interfaces ge-0/0/4 description "TO SPIN-1"
set interfaces ge-0/0/4 mtu 9500
set interfaces ge-0/0/4 unit 0 family inet address 10.0.0.3/31
set interfaces ge-0/0/5 description "TO SPIN-2"
set interfaces ge-0/0/5 mtu 9500
set interfaces ge-0/0/5 unit 0 family inet address 10.0.0.7/31
set interfaces ge-0/0/6 description CE-4
set interfaces ge-0/0/6 vlan-tagging
set interfaces ge-0/0/6 mtu 9500
set interfaces ge-0/0/6 encapsulation flexible-ethernet-services
set interfaces ge-0/0/6 unit 100 encapsulation vlan-bridge
set interfaces ge-0/0/6 unit 100 vlan-id 100
set interfaces lo0 unit 0 family inet address 4.4.4.4/32
set protocols ospf area 0.0.0.0 interface ge-0/0/4.0
set protocols ospf area 0.0.0.0 interface ge-0/0/5.0
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols pim rp static address 1.1.1.1
set protocols pim rp static address 2.2.2.2
set protocols pim interface all mode sparse
set protocols lldp interface all
set bridge-domains VNI-5000 vlan-id 100
set bridge-domains VNI-5000 interface ge-0/0/6.100
set bridge-domains VNI-5000 vxlan vni 5000
set bridge-domains VNI-5000 vxlan multicast-group 224.1.1.1
set bridge-domains VNI-5000 vxlan unreachable-vtep-aging-timer 600
set switch-options vtep-source-interface lo0.0

Laisser un commentaire

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.