(继续上一篇的5、结果验证)
5.5、不同网段,不同Leaf下服务器Ping
(抓包端口:
- Leaf1网络侧GE1/0/0和业务侧GE1/0/1
- Leaf2网络侧GE1/0/0和业务侧GE1/0/1)
1、分析
10.10.10.10和172.16.1.20是不同网段,处于不同Leaf下。
由于ENSP下,服务器都类似静默主机,不首先发起通信,所以存在arp过程。
谁首先发起Ping的场景不同。
假定10.10.10.10 ping 172.16.1.20,有以下操作:
1)arp1和arp1reply
首先,10.10.10.10 ping 172.16.1.20,由于10.10.10.10不知道自己网关10.10.10.1的mac(假定为mac1)地址,10.10.10.10先arp(假设为arp1),获得10.10.10.1的mac1。
10.10.10.1会记录10.10.10.10arp信息(检查命令:dis arp)。
2)icmp1,timeout
10.10.10.10对自己的网关mac地址解析完成后,发出第一个Ping包(简称icmp1)。第一个Ping包会超时。
3)arp2
Leaf1收到后,查询vpn1的路由表,由于172.16.1.1配置为分布式网关,Leaf1上的172.16.1.1需要负责路由这个Ping包,但此时172.16.1.1并不知道172.16.1.20在哪里,所以172.16.1.1需要发送arp2,请求获得172.16.1.20的mac2。这个arp2会从本地对应bridge-domian端口发出去;也会发往vxlan peer,送到Leaf2,Leaf2继续从本地对应bridge-domain端口(属于vxlan vni对应的bridge-domain的端口)发出arp2,最终172.16.1.20收到arp2。
4)arp2reply
182.16.1.20发送的arp2reply,会单播回复给172.16.1.1,Leaf2的172.16.1.1会处理这个arp2reply,并记录172.16.1.20的arp信息(检查命令:dis arp)。
5)irb route
Leaf2的172.16.1.1收到arp2reply,会把172.16.1.20/mac2这个arp信息形成evpn type2 irb route,通过bgp evpn update,宣告给RR(携带mac2/172.16.1.20/L2VNI/L3VNI/router mac),RR再宣告给Leaf1。
6)host route
Leaf1收到这个update,会更新自己对应bridge-domain的mac表和对应vpn的路由表(产生172.16.1.20的主机路由)。
7)icmp2
10.10.10.10发出第二个Ping包(icmp2),Leaf1收到去往172.16.1.20的icmp2后,查看vpn路由表的172.16.1.20的host route,会进行L3VNI vxlan封装,送Leaf2处理。Leaf2 NVE端口接受这个vxlan包,进行vxlan解封装,Leaf2查找本地路由表,决定从172.16.1.1送出icmp2,再依赖arp表,完成封装,最终从172.16.1.1的端口送出,到达172.16.1.20。
172.16.1.20发icmp2 reply,到达Leaf2后,查看vpn路由表10.10.10.0/24,下一跳为vxlan 20.20.20.20(这条路由是通过bgp evpn type 5 prefix route学习到的),进行L3VNI vxlan封装,送到Leaf1处理。Leaf1 NVE端口接受这个vxlan包,进行vxlan解封装,Leaf1查看vpn路由,决定从10.10.10.1送出icmp2 reply,再依赖arp表,完成封装,最终从10.10.10.1的端口送出,到达10.10.10.10。至此,完成了icmp2 request/reply的过程。
整个过程数据流如下图所示:
2、测试
1)ping前检查
ping之前,检查各表项相关信息都为空
10.10.10.10,arp -a,没有10.10.10.1的arp信息。
172.16.1.20,类似,没有172.16.1.1的arp信息。
Leaf1 mac/arp没有10.10.10.10/172.16.1.20相关信息:
[Leaf1]dis arp
ARP Entry Types: D - Dynamic, S - Static, I - Interface, O - OpenFlow, RD - Redirect
EXP: Expire-time VLAN:VLAN or Bridge Domain
IP ADDRESS MAC ADDRESS EXP(M) TYPE/VLAN INTERFACE VPN-INSTANCE
----------------------------------------------------------------------------------------
192.168.12.2 387d-c801-0100 I GE1/0/0
192.168.12.1 387d-c803-0101 19 D GE1/0/0
172.16.1.1 0001-0001-0001 I Vbdif100 vpn1
10.10.10.1 707b-e8da-5876 I Vbdif200 vpn1
----------------------------------------------------------------------------------------
Total:4 Dynamic:1 Static:0 Interface:3 OpenFlow:0
Redirect:0
[Leaf1]dis mac
Flags: * - Backup
BD : bridge-domain Age : dynamic MAC learned time in seconds
-------------------------------------------------------------------------------
MAC Address VLAN/VSI/BD Learned-From Type Age
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Total items: 0
[Leaf1]dis ip routin
[Leaf1]dis ip routing-table vpn
[Leaf1]dis ip routing-table vpn-instance vp
[Leaf1]dis ip routing-table vpn-instance vpn1
Proto: Protocol Pre: Preference
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : vpn1
Destinations : 9 Routes : 9
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.10.10.0/24 Direct 0 0 D 10.10.10.1 Vbdif200
10.10.10.1/32 Direct 0 0 D 127.0.0.1 Vbdif200
10.10.10.255/32 Direct 0 0 D 127.0.0.1 Vbdif200
172.16.1.0/24 Direct 0 0 D 172.16.1.1 Vbdif100
172.16.1.1/32 Direct 0 0 D 127.0.0.1 Vbdif100
172.16.1.255/32 Direct 0 0 D 127.0.0.1 Vbdif100
182.1.1.0/24 IBGP 255 0 RD 40.40.40.40 VXLAN
182.1.1.1/32 IBGP 255 0 RD 40.40.40.40 VXLAN
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[Leaf1]Leaf2也没有10.10.10.10/172.16.1.20相关信息
[Leaf2]dis arp
ARP Entry Types: D - Dynamic, S - Static, I - Interface, O - OpenFlow, RD - Redirect
EXP: Expire-time VLAN:VLAN or Bridge Domain
IP ADDRESS MAC ADDRESS EXP(M) TYPE/VLAN INTERFACE VPN-INSTANCE
----------------------------------------------------------------------------------------
192.168.13.3 387d-c802-0100 I GE1/0/0
192.168.13.1 387d-c803-0102 8 D GE1/0/0
172.16.1.1 0001-0001-0001 I Vbdif300 vpn1
----------------------------------------------------------------------------------------
Total:3 Dynamic:1 Static:0 Interface:2 OpenFlow:0
Redirect:0
[Leaf2]dis mac
Flags: * - Backup
BD : bridge-domain Age : dynamic MAC learned time in seconds
-------------------------------------------------------------------------------
MAC Address VLAN/VSI/BD Learned-From Type Age
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Total items: 0
[Leaf2]dis ip routi
[Leaf2]dis ip routing-table vp
[Leaf2]dis ip routing-table vpn-instance vp
[Leaf2]dis ip routing-table vpn-instance vpn1
Proto: Protocol Pre: Preference
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : vpn1
Destinations : 8 Routes : 8
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.10.10.0/24 IBGP 255 0 RD 20.20.20.20 VXLAN
10.10.10.1/32 IBGP 255 0 RD 20.20.20.20 VXLAN
172.16.1.0/24 Direct 0 0 D 172.16.1.1 Vbdif300
172.16.1.1/32 Direct 0 0 D 127.0.0.1 Vbdif300
172.16.1.255/32 Direct 0 0 D 127.0.0.1 Vbdif300
182.1.1.0/24 IBGP 255 0 RD 40.40.40.40 VXLAN
182.1.1.1/32 IBGP 255 0 RD 40.40.40.40 VXLAN
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[Leaf2]2)ping不通的问题排除
一开始,10.10.10.10 ping不通172.16.1.20:
通告抓包检查,arp1/arp1 reply正常:
Leaf1也有10.10.10.10的arp1/mac1信息:
由于10.10.10.1的vbdif没有配置arp collect host,没有触发evpn type2 irb route update。
Leaf1收到icmp1后,触发172.16.1.1发arp2(查询172.16.1.20的mac2)。并通过vxlan发给了Leaf2:
Leaf1 g1/0/0和Leaf2 g1/0/0都抓到arp2包:
Frame 80: 116 bytes on wire (928 bits), 116 bytes captured (928 bits) on interface -, id 0
Ethernet II, Src: 38:7d:c8:01:01:00 (38:7d:c8:01:01:00), Dst: 38:7d:c8:03:01:01 (38:7d:c8:03:01:01)
Internet Protocol Version 4, Src: 20.20.20.20, Dst: 30.30.30.30
User Datagram Protocol, Src Port: 4789, Dst Port: 4789
Virtual eXtensible Local Area Network
Flags: 0x0800, VXLAN Network ID (VNI)
Group Policy ID: 0
VXLAN Network Identifier (VNI): 8000
Reserved: 0
Ethernet II, Src: EquipTra_01:00:01 (00:01:00:01:00:01), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)
Hardware type: Ethernet (1)
Protocol type: IPv4 (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: request (1)
Sender MAC address: EquipTra_01:00:01 (00:01:00:01:00:01)
Sender IP address: 172.16.1.1
Target MAC address: 00:00:00_00:00:00 (00:00:00:00:00:00)
Target IP address: 172.16.1.20
Exablaze trailer, Device: 0, Port: 0, Timestamp: 08:00:0.000000000000
但这个arp2没有从Leaf1和Leaf2对应的业务端口发出。。。
执行undo bridge-domain/bridge-domain后,10.10.10.10 ping通 172.16.1.20
3)Leaf1业务侧抓包(Leaf1 GE1/0/1)
336,337——arp1/arp1 reply
10.10.10.10发arp1,请求10.10.10.1的mac1,并得到arp1 reply。
338——icmp1
10.10.10.10发出icmp1(0xb613),icmp1 timeout。
Leaf1收到icmp1,会查vpn1的路由表,需从172.16.1.1发出icmp1,但172.16.1.1没有172.16.1.20的mac2,所以172.16.1.1需要先发arp2,去请求172.16.1.20的mac2。就是339这个包。而本身这个icmp包由于超时,没有reply了。
339——arp2
网关172.16.1.1不知道172.16.1.20的mac,发出arp2。arp2从属于bridge-domain 100的端口g1/0/1.1发出。
341——icmp2
10.10.10.10继续发出第二个ping包(0xb813),并收到reply。后续ping包能ping通了。
4)Leaf1 网络侧抓包分析(Leaf1 GE1/0/0)
210——arp2
arp2是广播包,所以也从brdige-domain 100对应vni 8000发给vxlan peer(30.30.30.30)。
210具体信息:
Frame 210: 116 bytes on wire (928 bits), 116 bytes captured (928 bits) on interface -, id 0
Ethernet II, Src: 38:7d:c8:01:01:00 (38:7d:c8:01:01:00), Dst: 38:7d:c8:03:01:01 (38:7d:c8:03:01:01)
Internet Protocol Version 4, Src: 20.20.20.20, Dst: 30.30.30.30
User Datagram Protocol, Src Port: 4789, Dst Port: 4789
Virtual eXtensible Local Area Network
Flags: 0x0800, VXLAN Network ID (VNI)
Group Policy ID: 0
VXLAN Network Identifier (VNI): 8000
Reserved: 0
Ethernet II, Src: EquipTra_01:00:01 (00:01:00:01:00:01), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)
Hardware type: Ethernet (1)
Protocol type: IPv4 (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: request (1)
Sender MAC address: EquipTra_01:00:01 (00:01:00:01:00:01)
Sender IP address: 172.16.1.1
Target MAC address: 00:00:00_00:00:00 (00:00:00:00:00:00)
Target IP address: 172.16.1.20
Exablaze trailer, Device: 0, Port: 0, Timestamp: 08:00:0.000000000000
212——irb route
spine1(RR)发给Leaf1的bgp evpn type2 irb route update。
这个信息是Leaf2通过vxlan收到arp2后,leaf2从vni 8000对应bridge-domain 300的端口g1/0/1.3发出arp2,172.16.1.20收到arp2。随后,172.16.1.20发出arp2 reply,leaf2的172.16.1.1收到这个arp2 reply后,触发leaf2(30.30.30.30)产生bgp evpn irb route update,这个update发给RR,RR再发给Leaf1。这个arp2 reply并没有传回Leaf1的172.16.1.1对应端口,这也是分布式网关工作机制,而是由本地网关172.16.1.1来处理。
Leaf1收到这个irb route后,会把172.16.1.20/32主机路由注入L3VPN路由表里。(见后面Leaf1的mac/arp/ip route信息)。
irb route具体信息:
Frame 212: 195 bytes on wire (1560 bits), 195 bytes captured (1560 bits) on interface -, id 0
Ethernet II, Src: 38:7d:c8:03:01:01 (38:7d:c8:03:01:01), Dst: 38:7d:c8:01:01:00 (38:7d:c8:01:01:00)
Internet Protocol Version 4, Src: 1.1.1.1, Dst: 2.2.2.2
Transmission Control Protocol, Src Port: 179, Dst Port: 60785, Seq: 286, Ack: 267, Len: 141
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 141
Type: UPDATE Message (2)
Withdrawn Routes Length: 0
Total Path Attribute Length: 118
Path attributes
Path Attribute - ORIGIN: INCOMPLETE
Path Attribute - AS_PATH: empty
Path Attribute - LOCAL_PREF: 100
Path Attribute - ORIGINATOR_ID: 3.3.3.3
Path Attribute - CLUSTER_LIST: 1.1.1.1
Path Attribute - EXTENDED_COMMUNITIES
Flags: 0xc0, Optional, Transitive, Complete
Type Code: EXTENDED_COMMUNITIES (16)
Length: 32
Carried extended communities: (4 communities)
Route Target: 100:10 [Transitive 2-Octet AS-Specific]
Route Target: 200:10 [Transitive 2-Octet AS-Specific]
Encapsulation: VXLAN Encapsulation [Transitive Opaque]
EVPN Router MAC: Router MAC: 70:7b:e8:2d:5c:d3 [Transitive EVPN]
Path Attribute - MP_REACH_NLRI
Flags: 0x90, Optional, Extended-Length, Non-transitive, Complete
Type Code: MP_REACH_NLRI (14)
Length: 51
Address family identifier (AFI): Layer-2 VPN (25)
Subsequent address family identifier (SAFI): EVPN (70)
Next hop: 1e1e1e1e
IPv4 Address: 30.30.30.30
[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]
Number of Subnetwork points of attachment (SNPA): 0
Network Layer Reachability Information (NLRI)
EVPN NLRI: MAC Advertisement Route
Route Type: MAC Advertisement Route (2)
Length: 40
Route Distinguisher: 0000001e00000001 (30:1)
ESI: 00:00:00:00:00:00:00:00:00:00
Ethernet Tag ID: 0
MAC Address Length: 48
MAC Address: HuaweiTe_e3:2a:d7 (54:89:98:e3:2a:d7)
IP Address Length: 32
IPv4 address: 172.16.1.20
VNI: 8000
VNI: 100
214——icmp2
第二个icmp ping包(0xb813)到达Leaf1,ping包目的地址为172.16.1.20,依赖前面刚建立的172.16.1.20主机路由信息,下一跳为30.30.30.30,L3VNI为100,Router MAC: 70:7b:e8:2d:5c:d3(Leaf2的NVE端口mac),送往Leaf2.
214具体信息:
Frame 214: 124 bytes on wire (992 bits), 124 bytes captured (992 bits) on interface -, id 0
Ethernet II, Src: 38:7d:c8:01:01:00 (38:7d:c8:01:01:00), Dst: 38:7d:c8:03:01:01 (38:7d:c8:03:01:01)
Internet Protocol Version 4, Src: 20.20.20.20, Dst: 30.30.30.30
User Datagram Protocol, Src Port: 4789, Dst Port: 4789
Virtual eXtensible Local Area Network
Flags: 0x0800, VXLAN Network ID (VNI)
Group Policy ID: 0
VXLAN Network Identifier (VNI): 100
Reserved: 0
Ethernet II, Src: HuaweiTe_da:58:76 (70:7b:e8:da:58:76), Dst: HuaweiTe_2d:5c:d3 (70:7b:e8:2d:5c:d3)
Destination: HuaweiTe_2d:5c:d3 (70:7b:e8:2d:5c:d3)
Source: HuaweiTe_da:58:76 (70:7b:e8:da:58:76)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 10.10.10.10, Dst: 172.16.1.20
Internet Control Message Protocol
5)Leaf2 网络侧抓包分析(Leaf2 GE1/0/0)
189——arp2
就是同一arp2在leaf2的抓包信息,对应Leaf1 vxlan端口抓包210。
190——irb route
就是Leaf2的172.16.1.1收到172.16.1.20发出的arp2 reply后,触发BGP发出bgp evpn type 2 irb route update,并发送给1.1.1.1(RR)。
190具体信息:
Frame 190: 181 bytes on wire (1448 bits), 181 bytes captured (1448 bits) on interface -, id 0
Ethernet II, Src: 38:7d:c8:02:01:00 (38:7d:c8:02:01:00), Dst: 38:7d:c8:03:01:02 (38:7d:c8:03:01:02)
Internet Protocol Version 4, Src: 3.3.3.3, Dst: 1.1.1.1
Transmission Control Protocol, Src Port: 62694, Dst Port: 179, Seq: 248, Ack: 229, Len: 127
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 127
Type: UPDATE Message (2)
Withdrawn Routes Length: 0
Total Path Attribute Length: 104
Path attributes
Path Attribute - ORIGIN: INCOMPLETE
Path Attribute - AS_PATH: empty
Path Attribute - LOCAL_PREF: 100
Path Attribute - EXTENDED_COMMUNITIES
Flags: 0xc0, Optional, Transitive, Complete
Type Code: EXTENDED_COMMUNITIES (16)
Length: 32
Carried extended communities: (4 communities)
Route Target: 100:10 [Transitive 2-Octet AS-Specific]
Route Target: 200:10 [Transitive 2-Octet AS-Specific]
Encapsulation: VXLAN Encapsulation [Transitive Opaque]
EVPN Router MAC: Router MAC: 70:7b:e8:2d:5c:d3 [Transitive EVPN]
Path Attribute - MP_REACH_NLRI
Flags: 0x90, Optional, Extended-Length, Non-transitive, Complete
Type Code: MP_REACH_NLRI (14)
Length: 51
Address family identifier (AFI): Layer-2 VPN (25)
Subsequent address family identifier (SAFI): EVPN (70)
Next hop: 1e1e1e1e
IPv4 Address: 30.30.30.30
[Expert Info (Error/Malformed): Unknown Next Hop length (4 bytes)]
Number of Subnetwork points of attachment (SNPA): 0
Network Layer Reachability Information (NLRI)
EVPN NLRI: MAC Advertisement Route
Route Type: MAC Advertisement Route (2)
Length: 40
Route Distinguisher: 0000001e00000001 (30:1)
ESI: 00:00:00:00:00:00:00:00:00:00
Ethernet Tag ID: 0
MAC Address Length: 48
MAC Address: HuaweiTe_e3:2a:d7 (54:89:98:e3:2a:d7)
IP Address Length: 32
IPv4 address: 172.16.1.20
VNI: 8000
VNI: 100
191——irb route
RR反射的190这个update,其实不应该再传回给自己。
194——icmp2
就是10.10.10.10发出的icmp2(0xb813),并成功reply。
6)Leaf2 业务侧抓包分析(Leaf2 GE1/0/1)
270——arp2
271——arp2 reply
172.16.1.20收到arp2,发出arp2 reply,并实际由Leaf2的172.16.1.1截获,并进行处理。Leaf1/Leaf2的172.16.1.1配置了相同的mac。可以看到arp2 reply回复的mac为:0001:0001:0001:
Frame 271: 70 bytes on wire (560 bits), 70 bytes captured (560 bits) on interface -, id 0
Ethernet II, Src: HuaweiTe_e3:2a:d7 (54:89:98:e3:2a:d7), Dst: EquipTra_01:00:01 (00:01:00:01:00:01)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 30
Address Resolution Protocol (reply)
正是分布式网关172.16.1.1配置的mac地址:
#
interface Vbdif100
ip binding vpn-instance vpn1
ip address 172.16.1.1 255.255.255.0
mac-address 0001-0001-0001
vxlan anycast-gateway enable
arp collect host enable
# 273——icmp2 request/reply
就是10.10.10.10发出的第二个ping包(0xb813),并收到icmp2 reply。
7)Leaf1 mac/arp/vpn1 route分析
10.10.10.10成功ping通172.16.1.20地址后,
Leaf1没有172.16.1.20的arp信息,因为Leaf1的172.16.1.1端口没有收到172.16.1.20的arp2 reply(被Leaf2的172.16.1.1截胡了。。。)
Leaf1的bridge-domain 100也没有172.16.1.20的mac信息,因为10.10.10.10和172.16.1.20是三层通信,172.16.1.20的mac地址没有用于数据通信,就是说Leaf1的bridge-domain并没有看到源地址为172.16.1.20的mac,所以这个mac没有放入二层表格(mac vrf)。
Leaf1的bridge-domain 200学习到了10.10.10.10的mac信息。
Leaf1的vpn1(ip vrf),出现了172.16.1.20的主机路由,原因之前已经说明。
[Leaf1-GE1/0/1.1]dis arp
ARP Entry Types: D - Dynamic, S - Static, I - Interface, O - OpenFlow, RD - Redirect
EXP: Expire-time VLAN:VLAN or Bridge Domain
IP ADDRESS MAC ADDRESS EXP(M) TYPE/VLAN INTERFACE VPN-INSTANCE
----------------------------------------------------------------------------------------
192.168.12.2 387d-c801-0100 I GE1/0/0
192.168.12.1 387d-c803-0101 19 D GE1/0/0
172.16.1.1 0001-0001-0001 I Vbdif100 vpn1
10.10.10.1 707b-e8da-5876 I Vbdif200 vpn1
10.10.10.10 5489-9896-70c5 19 D/BD200 GE1/0/1.2 vpn1
----------------------------------------------------------------------------------------
Total:5 Dynamic:2 Static:0 Interface:3 OpenFlow:0
Redirect:0
[Leaf1-GE1/0/1.1]dis mac
Flags: * - Backup
BD : bridge-domain Age : dynamic MAC learned time in seconds
-------------------------------------------------------------------------------
MAC Address VLAN/VSI/BD Learned-From Type Age
-------------------------------------------------------------------------------
5489-9896-70c5 -/-/200 GE1/0/1.2 dynamic -
5489-9896-70c5 -/-/200 GE1/0/1.2 dynamic -
-------------------------------------------------------------------------------
Total items: 2
[Leaf1-GE1/0/1.1]dis ip routing-table vpn-instance vpn1
Proto: Protocol Pre: Preference
Route Flags: R - relay, D - download to fib, T - to vpn-instance, B - black hole route
------------------------------------------------------------------------------
Routing Table : vpn1
Destinations : 10 Routes : 10
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.10.10.0/24 Direct 0 0 D 10.10.10.1 Vbdif200
10.10.10.1/32 Direct 0 0 D 127.0.0.1 Vbdif200
10.10.10.255/32 Direct 0 0 D 127.0.0.1 Vbdif200
172.16.1.0/24 Direct 0 0 D 172.16.1.1 Vbdif100
172.16.1.1/32 Direct 0 0 D 127.0.0.1 Vbdif100
172.16.1.20/32 IBGP 255 0 RD 30.30.30.30 VXLAN
172.16.1.255/32 Direct 0 0 D 127.0.0.1 Vbdif100
182.1.1.0/24 IBGP 255 0 RD 40.40.40.40 VXLAN
182.1.1.1/32 IBGP 255 0 RD 40.40.40.40 VXLAN
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[Leaf1-GE1/0/1.1]8)Leaf2 mac/arp信息分析
[Leaf2-GE1/0/1.3]dis arp
ARP Entry Types: D - Dynamic, S - Static, I - Interface, O - OpenFlow, RD - Redirect
EXP: Expire-time VLAN:VLAN or Bridge Domain
IP ADDRESS MAC ADDRESS EXP(M) TYPE/VLAN INTERFACE VPN-INSTANCE
----------------------------------------------------------------------------------------
192.168.13.3 387d-c802-0100 I GE1/0/0
192.168.13.1 387d-c803-0102 19 D GE1/0/0
172.16.1.1 0001-0001-0001 I Vbdif300 vpn1
172.16.1.20 5489-98e3-2ad7 18 D/BD300 GE1/0/1.3 vpn1
----------------------------------------------------------------------------------------
Total:4 Dynamic:2 Static:0 Interface:2 OpenFlow:0
Redirect:0
[Leaf2-GE1/0/1.3]dis mac
Flags: * - Backup
BD : bridge-domain Age : dynamic MAC learned time in seconds
-------------------------------------------------------------------------------
MAC Address VLAN/VSI/BD Learned-From Type Age
-------------------------------------------------------------------------------
0001-0001-0001 -/-/300 20.20.20.20 dynamic -
5489-98e3-2ad7 -/-/300 GE1/0/1.3 dynamic -
0001-0001-0001 -/-/300 20.20.20.20 dynamic -
5489-98e3-2ad7 -/-/300 GE1/0/1.3 dynamic -
-------------------------------------------------------------------------------
Total items: 4
[Leaf2-GE1/0/1.3]Leaf2收到arp2 reply,并保存了172.16.1.20的arp信息。
Leaf2的bridge-domain 300也学习到了172.16.1.20的mac信息。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
