EVPN ELAN over SRTE
在此篇文章里,简单总结下通过SRTE调度EVPN ELAN的流量,然后通过show信息,来查看引流及相关内容,并熟悉EVPN,EVPN基础部分,可以参考之前的文章,里面包含Route Type的信息:EVPN Summary
另外对于ELAN的引流,有很多种选择,常见的是通过对RT1打Color,调用单播流量;对RT3打Color,调用多播流量;对于RT1我们可以看成L3VPN中的“VRF”,也就是基于“VRF”颗粒度进行引流,这么理解可能更好理解
物理拓扑
在此拓扑中,PE1和PE2是 Multi-Homing, PE3是Single-Homing;此测试中主要覆盖下面场景,由于路径单一,所以我们从抓包信息中来看是否被引导到正确的SRTE中:
- PE1和PE2是Head-End,PE3是Tail-End,在PE1和PE2上用Explicit Path引流
- PE3是Head-End,PE1和PE2是Tail-End,在PE3上使用ODN的方式进行自动引流到PE1和PE2
场景1:PE1 和 PE2 是 Head-End
配置
ELAN配置同之前的文章,就不帖了,如果需要可以参考之前文章EVPN Summary,或者直接看后面的附件,里面有全配置,我只贴SRTE引流的配置;下面是PE1的配置:
extcommunity-set opaque color30
30
end-set
!
route-policy evpn-color-in
if evpn-route-type is 1 then
set extcommunity color color30
endif
pass
end-policy
!
evpn
evi 300
bgp
route-policy import evpn-color-in
!
segment-routing
traffic-eng
segment-list elan-143
index 10 mpls label 16004
index 20 mpls label 16003
!
policy elan
color 30 end-point ipv4 192.168.0.3
candidate-paths
preference 100
explicit segment-list elan-143
!
下面是PE2的配置:
extcommunity-set opaque color30
30
end-set
!
route-policy evpn-color-in
if evpn-route-type is 1 then
set extcommunity color color30
endif
pass
end-policy
!
evpn
evi 300
bgp
route-policy import evpn-color-in
!
segment-routing
traffic-eng
segment-list elan-243
index 10 mpls label 16004
index 20 mpls label 16003
!
policy elan
color 30 end-point ipv4 192.168.0.3
candidate-paths
preference 100
explicit segment-list elan-243
!
验证信息
在PE2上确认PE3发过来的路由以及SRTE相关信息(为什么看PE2的,因为我测试的地址会Hash到PE2上~):
RP/0/RSP0/CPU0:PE2#sh mpls for
Mon Feb 8 15:00:09.992 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16001 16001 SR Pfx (idx 1) Hu0/0/0/1 24.1.1.4 0
16003 16003 SR Pfx (idx 3) Hu0/0/0/1 24.1.1.4 60
16004 Pop SR Pfx (idx 4) Hu0/0/0/1 24.1.1.4 0
24000 Pop SR Adj (idx 1) Hu0/0/0/1 24.1.1.4 0
24001 Pop SR Adj (idx 3) Hu0/0/0/1 24.1.1.4 0
24002 Pop EVPN:300 U BD=0 E point2point 106
24003 Pop EVPN:300 M BD=0 EIM point2point 960
24005 Pop No ID Hu0/0/0/1 24.1.1.4 0
24006 16003 SR TE: 1 [TE-INT] Hu0/0/0/1 24.1.1.4 106
24007 Pop No ID srte_c_30_ep point2point 102
24008 24000 EVPN:300 point2point 0
24009 24000 EVPN:300 192.168.0.1 0
RP/0/RSP0/CPU0:PE2#show segment-routing traffic-eng policy tabular
Mon Feb 8 15:00:48.979 UTC
Color Endpoint Admin Oper Binding
State State SID
------ -------------------- ------ ------ --------------------
30 192.168.0.3 up up 24007
RP/0/RSP0/CPU0:PE2#show segment-routing traffic-eng policy color 30
Mon Feb 8 15:01:19.237 UTC
SR-TE policy database
---------------------
Color: 30, End-point: 192.168.0.3
Name: srte_c_30_ep_192.168.0.3
Status:
Admin: up Operational: up for 02:09:53 (since Feb 8 12:51:25.715)
Candidate-paths:
Preference: 100 (configuration) (active)
Name: elan
Requested BSID: dynamic
Explicit: segment-list elan-243 (valid)
Weight: 1, Metric Type: TE
16004
16003
Attributes:
Binding SID: 24007
Forward Class: Not Configured
Steering labeled-services disabled: no
Steering BGP disabled: no
IPv6 caps enable: yes
Invalidation drop enabled: no
RP/0/RSP0/CPU0:PE2#show segment-routing traffic-eng forwarding policy color 30
Mon Feb 8 15:02:12.255 UTC
SR-TE Policy Forwarding database
--------------------------------
Color: 30, End-point: 192.168.0.3
Name: srte_c_30_ep_192.168.0.3
Binding SID: 24007
Active LSP:
Candidate path:
Preference: 100 (configuration)
Name: elan
Local label: 24006
Segment lists:
SL[0]:
Name: elan-243
Switched Packets/Bytes: 1/106
[MPLS -> MPLS]: 1/106
Paths:
Paths:
Path[0]:
Outgoing Label: 16003
Outgoing Interfaces: HundredGigE0/0/0/1
Next Hop: 24.1.1.4
Switched Packets/Bytes: 1/106
[MPLS -> MPLS]: 1/106
FRR Pure Backup: No
ECMP/LFA Backup: No
Internal Recursive Label: Unlabelled (recursive)
Label Stack (Top -> Bottom): { 16003 }
Policy Packets/Bytes Switched: 1/106
RP/0/RSP0/CPU0:PE2#show bgp l2vpn evpn rd 192.168.0.2:300 route-type 1
Mon Feb 8 15:03:13.881 UTC
BGP router identifier 192.168.0.2, local AS number 65001
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 29
BGP NSR Initial initsync version 2 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 192.168.0.2:300 (default for vrf 300)
*> [1][0011.1111.1111.1111.1111][0]/120
0.0.0.0 0 i
* i 192.168.0.1 100 0 i
*>i[1][0011.1111.1111.1111.1111][4294967295]/120
192.168.0.1 100 0 i
*>i[1][0022.2222.2222.2222.2222][0]/120
192.168.0.3 C:30
100 0 i
*>i[1][0022.2222.2222.2222.2222][4294967295]/120
192.168.0.3 C:30
100 0 i
Processed 4 prefixes, 5 paths
RP/0/RSP0/CPU0:PE2#show bgp l2vpn evpn rd 192.168.0.2:300 [1][0022.2222.2222.2222.2222][0]/120
Mon Feb 8 15:04:12.073 UTC
BGP routing table entry for [1][0022.2222.2222.2222.2222][0]/120, Route Distinguisher: 192.168.0.2:300
Versions:
Process bRIB/RIB SendTblVer
Speaker 29 29
Last Modified: Feb 8 13:15:06.364 for 01:49:06
Paths: (1 available, best #1)
Not advertised to any peer
Path #1: Received by speaker 0
Not advertised to any peer
Local
192.168.0.3 C:30 (bsid:24007) (metric 2) from 192.168.0.5 (192.168.0.3)
Received Label 24000
Origin IGP, localpref 100, valid, internal, best, group-best, import-candidate, imported, rib-install
Received Path ID 0, Local Path ID 1, version 29
Extended community: Color:30 RT:65001:300
Originator: 192.168.0.3, Cluster list: 192.168.0.5
SR policy color 30, up, not-registered, bsid 24007
Source AFI: L2VPN EVPN, Source VRF: default, Source Route Distinguisher: 192.168.0.3:300
RP/0/RSP0/CPU0:PE2#show evpn internal-label vpn-id 300 det
Mon Feb 8 15:04:56.825 UTC
VPN-ID Encap Ethernet Segment Id EtherTag Label
---------- ------ --------------------------- ---------- --------
300 MPLS 0011.1111.1111.1111.1111 0 24009
Multi-paths resolved: TRUE (Remote all-active)
Multi-paths Internal label: 24009
MAC 192.168.0.1 24000
EAD/ES 192.168.0.1 0
EAD/EVI 192.168.0.1 24000
Summary pathlist:
0xffffffff (P) 192.168.0.1 24000
300 MPLS 0022.2222.2222.2222.2222 0 24008
Multi-paths resolved: TRUE (Remote all-active)
Multi-paths Internal label: 24008
MAC 192.168.0.3 24000
EAD/ES 192.168.0.3 0
EAD/EVI SR-TE BSID 24007
Summary pathlist:
0xffffffff (P) SR-TE BSID 24007
RP/0/RSP0/CPU0:PE2#show mpls lsd forwarding labels 24008 det
Mon Feb 8 15:05:59.926 UTC
In_Label, (ID), Path_Info: <Type>
24008, (EVPN, id:0x12c encap:0xa tag:0x0 ESI:0x22222200), {}, 1 Paths,
Owner=L2VPN(A)
1/1: IPv4, 'default':4U, BSID/24007, nh=0.0.0.0, lbl=24000
lbl flags= {0x0}, ext_flags=0x8400 (EVPN-Internal-Label, Binding SID) path_flags=0x0
nh-id=0x0, path-id=0, backup-path-id=0, load-metric=0
MPLS eid: N/A
BCDL priority:3, LSD queue:18, version:20,
flags: 0x8, fwd_flags: 0x0 (),
Installed Feb 8 13:15:06.157 (01:50:53 ago)
Prefix eid: N/A
抓包信息 – 在PE2出向抓
为了验证信息,我在PE2和PE4之间多加了几个标签:
场景2:PE3 是 Head-End
配置
PE3配置类似,但这里用到了ODN,目前PE1和PE2是Multi-Homing,因此需要配置两个SR Policy,由于有了ODN后,就可以根据BGP的下一跳自动实例化Policy了,如果ODN在绑定了flexalgo自定义的切片,那么就可以自动化区分服务了;目前有很多人都喜欢静态配置SRTE路径,这样可以更好的控制路径,但往往在一个规模较大的网络中,都用静态的路径对运维人员造成了非常严重的负担,另外自定义的路径也导致报头的极具增加,损耗链路资源的利用率
extcommunity-set opaque color60
60
end-set
!
route-policy evpn-color-in
if evpn-route-type is 1 then
set extcommunity color color60
endif
pass
end-policy
!
evpn
evi 300
bgp
route-policy import evpn-color-in
!
segment-routing
traffic-eng
on-demand color 60
dynamic
metric
type igp
!
验证信息
输出信息类似
RP/0/RSP0/CPU0:PE3#sh mpls for
Tue Feb 9 01:59:14.021 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16001 16001 SR Pfx (idx 1) Hu0/0/0/0 34.1.1.4 80336
16002 16002 SR Pfx (idx 2) Hu0/0/0/0 34.1.1.4 50754
16004 Pop SR Pfx (idx 4) Hu0/0/0/0 34.1.1.4 0
24000 Pop EVPN:300 U BD=0 E point2point 276
24001 Pop EVPN:300 M BD=0 EIM point2point 512
24003 Pop SR Adj (idx 1) Hu0/0/0/0 34.1.1.4 0
24004 Pop SR Adj (idx 3) Hu0/0/0/0 34.1.1.4 0
24005 Pop SR Adj (idx 1) Hu0/0/0/4 35.1.1.5 0
24006 Pop SR Adj (idx 3) Hu0/0/0/4 35.1.1.5 0
24007 24000 EVPN:300 point2point 0
24002 EVPN:300 point2point 0
24008 Pop No ID Hu0/0/0/0 34.1.1.4 0
24009 Pop No ID Hu0/0/0/0 34.1.1.4 0
24010 16001 SR TE: 1 [TE-INT] Hu0/0/0/0 34.1.1.4 0
24011 16002 SR TE: 2 [TE-INT] Hu0/0/0/0 34.1.1.4 276
24012 Pop No ID srte_c_60_ep point2point 0
24013 Pop No ID srte_c_60_ep point2point 264
RP/0/RSP0/CPU0:PE3#
RP/0/RSP0/CPU0:PE3#show segment-routing traffic-eng policy tabular
Tue Feb 9 01:59:31.340 UTC
Color Endpoint Admin Oper Binding
State State SID
------ -------------------- ------ ------ --------------------
60 192.168.0.1 up up 24012
60 192.168.0.2 up up 24013
RP/0/RSP0/CPU0:PE3#
RP/0/RSP0/CPU0:PE3#show segment-routing traffic-eng policy color 60
Tue Feb 9 01:59:43.338 UTC
SR-TE policy database
---------------------
Color: 60, End-point: 192.168.0.1
Name: srte_c_60_ep_192.168.0.1
Status:
Admin: up Operational: up for 12:34:46 (since Feb 8 13:24:56.814)
Candidate-paths:
Preference: 200 (BGP ODN) (active)
Requested BSID: dynamic
Protection Type: protected-preferred
Maximum SID Depth: 10
Dynamic (valid)
Metric Type: IGP, Path Accumulated Metric: 2
16001 [Prefix-SID, 192.168.0.1]
Preference: 100 (BGP ODN)
Requested BSID: dynamic
PCC info:
Symbolic name: bgp_c_60_ep_192.168.0.1_discr_100
PLSP-ID: 1
Protection Type: protected-preferred
Maximum SID Depth: 10
Dynamic (pce) (invalid)
Last error: No path
Metric Type: NONE, Path Accumulated Metric: 0
Attributes:
Binding SID: 24012
Forward Class: Not Configured
Steering labeled-services disabled: no
Steering BGP disabled: no
IPv6 caps enable: yes
Invalidation drop enabled: no
Color: 60, End-point: 192.168.0.2
Name: srte_c_60_ep_192.168.0.2
Status:
Admin: up Operational: up for 12:34:46 (since Feb 8 13:24:56.814)
Candidate-paths:
Preference: 200 (BGP ODN) (active)
Requested BSID: dynamic
Protection Type: protected-preferred
Maximum SID Depth: 10
Dynamic (valid)
Metric Type: IGP, Path Accumulated Metric: 2
16002 [Prefix-SID, 192.168.0.2]
Preference: 100 (BGP ODN)
Requested BSID: dynamic
PCC info:
Symbolic name: bgp_c_60_ep_192.168.0.2_discr_100
PLSP-ID: 2
Protection Type: protected-preferred
Maximum SID Depth: 10
Dynamic (pce) (invalid)
Last error: No path
Metric Type: NONE, Path Accumulated Metric: 0
Attributes:
Binding SID: 24013
Forward Class: Not Configured
Steering labeled-services disabled: no
Steering BGP disabled: no
IPv6 caps enable: yes
Invalidation drop enabled: no
RP/0/RSP0/CPU0:PE3#show bgp l2vpn evpn rd 192.168.0.3:300
Tue Feb 9 02:00:15.774 UTC
BGP router identifier 192.168.0.3, local AS number 65001
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 32
BGP NSR Initial initsync version 2 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 192.168.0.3:300 (default for vrf 300)
*>i[1][0011.1111.1111.1111.1111][0]/120
192.168.0.1 C:60
100 0 i
* i 192.168.0.2 C:60
100 0 i
*>i[1][0011.1111.1111.1111.1111][4294967295]/120
192.168.0.1 C:60
100 0 i
* i 192.168.0.2 C:60
100 0 i
*> [1][0022.2222.2222.2222.2222][0]/120
0.0.0.0 0 i
*>i[2][0][48][0010.9400.0003][0]/104
192.168.0.1 100 0 i
* i 192.168.0.2 100 0 i
*> [2][0][48][0010.9400.0008][0]/104
0.0.0.0 0 i
*>i[3][0][32][192.168.0.1]/80
192.168.0.1 100 0 i
*>i[3][0][32][192.168.0.2]/80
192.168.0.2 100 0 i
*> [3][0][32][192.168.0.3]/80
0.0.0.0 0 i
Processed 8 prefixes, 11 paths
RP/0/RSP0/CPU0:PE3#show bgp l2vpn evpn rd 192.168.0.3:300 [1][0011.1111.1111.1111.1111][0]/120
Tue Feb 9 02:00:32.681 UTC
BGP routing table entry for [1][0011.1111.1111.1111.1111][0]/120, Route Distinguisher: 192.168.0.3:300
Versions:
Process bRIB/RIB SendTblVer
Speaker 31 31
Last Modified: Feb 8 13:24:59.797 for 12:35:33
Paths: (2 available, best #1)
Not advertised to any peer
Path #1: Received by speaker 0
Not advertised to any peer
Local
192.168.0.1 C:60 (bsid:24012) (metric 2) from 192.168.0.5 (192.168.0.1)
Received Label 24000
Origin IGP, localpref 100, valid, internal, best, group-best, import-candidate, imported, rib-install
Received Path ID 0, Local Path ID 1, version 26
Extended community: Color:60 RT:65001:300
Originator: 192.168.0.1, Cluster list: 192.168.0.5
SR policy color 60, up, registered, bsid 24012, if-handle 0x02000220
Source AFI: L2VPN EVPN, Source VRF: default, Source Route Distinguisher: 192.168.0.1:300
Path #2: Received by speaker 0
Not advertised to any peer
Local
192.168.0.2 C:60 (bsid:24013) (metric 2) from 192.168.0.5 (192.168.0.2)
Received Label 24002
Origin IGP, localpref 100, valid, internal, import-candidate, imported, rib-install
Received Path ID 0, Local Path ID 0, version 0
Extended community: Color:60 RT:65001:300
Originator: 192.168.0.2, Cluster list: 192.168.0.5
SR policy color 60, up, registered, bsid 24013, if-handle 0x02000260
Source AFI: L2VPN EVPN, Source VRF: default, Source Route Distinguisher: 192.168.0.2:300
RP/0/RSP0/CPU0:PE3#
RP/0/RSP0/CPU0:PE3#show evpn internal-label vpn-id 300 det
Tue Feb 9 02:00:49.224 UTC
VPN-ID Encap Ethernet Segment Id EtherTag Label
---------- ------ --------------------------- ---------- --------
300 MPLS 0011.1111.1111.1111.1111 0 24007
Multi-paths resolved: TRUE (Remote all-active)
Multi-paths Internal label: 24007
MAC 192.168.0.1 24000
192.168.0.2 24002
EAD/ES 192.168.0.1 0
192.168.0.2 0
EAD/EVI SR-TE BSID 24012
SR-TE BSID 24013
Summary pathlist:
0xffffffff (P) SR-TE BSID 24012
0xffffffff (P) SR-TE BSID 24013
抓包信息
由于我没有绑定flexalgo 自定义切片,再加上目前topology简单,所以只有一层label,因此就不抓包展示了,如果需要看最后的附件
快速收敛
L3VPN中有PIC-Edge来加速BGP收敛速度,那么EVPN ELAN是否也有类似的技术?默认情况下,我们在H1上关闭H1和PE2的链路,流量会绕行到PE1,这期间需要一定的收敛时间
在我的测试中,100pps(128byte)的发包速度,收敛后丢了5个报文
在IOS XR中,731会正式支持,如下PE1和PE2的配置:
evpn
interface Bundle-Ether100
ethernet-segment
convergence
reroute
!
开启reroute后,可以看下LFIB,PE1和PE2上均多了一个Label,此处只贴PE2的
RP/0/RSP0/CPU0:PE2#sh mpls for
Tue Feb 9 03:19:23.371 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16001 16001 SR Pfx (idx 1) Hu0/0/0/1 24.1.1.4 0
16003 16003 SR Pfx (idx 3) Hu0/0/0/1 24.1.1.4 60
16004 Pop SR Pfx (idx 4) Hu0/0/0/1 24.1.1.4 330
24000 Pop SR Adj (idx 1) Hu0/0/0/1 24.1.1.4 0
24001 Pop SR Adj (idx 3) Hu0/0/0/1 24.1.1.4 0
24002 Pop EVPN:300 U BD=0 E point2point 828840
24003 Pop EVPN:300 M BD=0 EIM point2point 1088
24005 Pop No ID Hu0/0/0/1 24.1.1.4 0
24006 Pop EVPN:300 F BD=0 EF point2point 0
24007 Pop No ID srte_c_30_ep point2point 408
24008 24000 EVPN:300 point2point 0
24009 24000 EVPN:300 192.168.0.1 0
24010 16002 SR TE: 1 [TE-INT] Hu0/0/0/1 24.1.1.4 318
我们用同样的测试方法,发现已经不再丢包了
附件
测试由于跨了一个晚上,对于PE2面向Core的抓包,我过滤了中间没有用的label(800-13420),否则文件太大