Configuring Route Advertisement on DC-GWs

Route advertisement can be configured on DC-GWs to allow the DC-GWs to construct their own forwarding entries based on the received EVPN or BGP routes.

Procedure

  1. Configure DC-GWs to advertise default static VPN routes and VPN loopback routes through EVPN.
    1. Run system-view

      The system view is displayed.

    2. Run interface Loopback interface-number

      The loopback interface view is displayed.

    3. Run ip binding vpn-instance vpn-instance-name

      The loopback interface is bound to an L3VPN instance.

    4. (Optional) Run ipv6 enable

      IPv6 is enabled on the loopback interface. This step is mandatory when the loopback interface is configured with an IPv6 address.

    5. Configure an IPv4 or IPv6 address for the loopback interface.

      • To configure an IPv4 address for the loopback interface, run the ip address ip-address { mask | mask-length } command.

      • To configure an IPv6 address for the loopback interface, run the ipv6 address { ipv6-address prefix-length | ipv6-address/prefix-length } command.

    6. Run quit

      Exit from the loopback interface view.

    7. Configure default static VPN routes.

      • To create a default static VPN IPv4 route, run the ip route-static vpn-instance vpn-instance-name 0.0.0.0 { 0.0.0.0 | 0 } { nexthop-address | interface-type interface-number [ nexthop-address ] } [ tag tag ] command.

      • To create a default static VPN IPv6 route, run the ip route-static vpn-instance vpn-instance-name :: 0 { nexthop-ipv6–address | interface-type interface-number [ nexthop-ipv6-address ] } [ tag tag ] command.

    8. Create a route-policy so that default static VPN routes and VPN loopback routes of the L3VPN instance can be filtered out. For configuration details, see Configuring a Route-Policy.
    9. Run ip vpn-instance vpn-instance-name

      The VPN instance view is displayed.

    10. Enter the IPv4 or IPv6 address family view of the VPN instance.

      • To enter the IPv4 address family view of the VPN instance, run the ipv4-family command.

      • To enter the IPv6 address family view of the VPN instance, run the ipv6-family command.

    11. Run export route-policy policy-name evpn

      The L3VPN instance is bound to an export route-policy. This route-policy is used to filter the routes advertised to the EVPN instance from the L3VPN instance so that the L3VPN instance advertises only the default static VPN routes and VPN loopback routes to the EVPN instance.

    12. Run quit

      Exit from the IPv4 or IPv6 address family view of the VPN instance.

    13. Run quit

      Exit from the VPN instance view.

    14. Create a route-policy to filter the mobile phone routes received by the DC-GW from the L2GW/L3GW and prohibit the advertisement of such mobile phone routes. For details about how to create a route-policy, see Configuring a Route-Policy.
    15. Run bgp { as-number-plain | as-number-dot }

      The BGP view is displayed.

    16. Run l2vpn-family evpn

      The BGP-EVPN address family view is displayed.

    17. Run peer { group-name | ipv4-address } route-policy route-policy-name export

      The route-policy is used to prohibit DC-GWs from advertising mobile phone routes to each other.

    18. Run quit

      Exit from the BGP-EVPN address family view.

    19. Enter the IPv4 or IPv6 address family view of a BGP-VPN instance.

      • To enter the IPv4 address family view of a BGP-VPN instance, run the ipv4-family vpn-instance vpn-instance-name command.

      • To enter the IPv6 address family view of a BGP-VPN instance, run the ipv6-family vpn-instance vpn-instance-name command.

    20. Run import-route direct [ med med | route-policy route-policy-name ] *

      VPN loopback routes are imported to the IPv4 or IPv6 address family of the BGP-VPN instance.

    21. Run network { 0.0.0.0 0 | :: 0 }

      Default static VPN routes are imported to the IPv4 or IPv6 address family of the BGP-VPN instance.

    22. Run advertise l2vpn evpn

      The function to advertise IP routes from the VPN instance to the EVPN instance is enabled.

    23. Run quit

      Exit from the IPv4 or IPv6 address family view of the BGP-VPN instance.

    24. Run quit

      Exit from the BGP view.

  2. Establish BGP VPN peer relationships between DC-GWs and VNFs.
    1. Run route-policy route-policy-name deny node node

      A route-policy that denies all routes is created.

    2. Run quit

      Exit from the route-policy view.

    3. Run bgp { as-number-plain | as-number-dot }

      The BGP view is displayed.

    4. Enter the IPv4 or IPv6 address family view of a BGP-VPN instance.

      • To enter the IPv4 address family view of a BGP-VPN instance, run the ipv4-family vpn-instance vpn-instance-name command.

      • To enter the IPv6 address family view of a BGP-VPN instance, run the ipv6-family vpn-instance vpn-instance-name command.

    5. Run peer { ipv4-address | ipv6-address | group-name } as-number { as-number-plain | as-number-dot }

      A BGP VPN peer relationship is established.

    6. Run peer { ipv4-address | ipv6-address | group-name } connect-interface interface-type interface-number [ ipv4-source-address ]

      The source interface and source IP address are specified for the TCP connection to be set up between BGP peers.

    7. Run peer { ipv4-address | ipv6-address | group-name } route-policy route-policy-name export

      The route-policy is applied so that DC-GWs do not advertise BGP VPN routes to VNFs. This prevents route loops.

    8. Run quit

      Exit from the IPv4 or IPv6 address family view of the BGP-VPN instance.

  3. Configure DC-GWs to generate ARP or ND entries for Layer 2 forwarding based on the ARP or ND information in EVPN routes.
    1. Run interface vbdif bd-id

      The VBDIF interface view is displayed.

    2. Run anycast-gateway enable

      The distributed gateway function is enabled.

    3. Configure DC-GWs to generate ARP or ND entries for Layer 2 forwarding based on the ARP or ND information in EVPN routes.

      • To allow DC-GWs to generate ARP entries for Layer 2 forwarding based on the ARP information in EVPN routes, run the arp generate-rd-table enable command.

      • To allow DC-GWs to generate ND entries for Layer 2 forwarding based on the ND information in EVPN routes, run the ipv6 nd generate-rd-table enable command.

    4. (Optional) Run ipv6 nd dad attempts 0

      Duplicate address detection (DAD) is prohibited. This command is mandatory in IPv6 scenarios to prevent service interruptions occurred because the system detects that the IPv6 address of another device is the same as the VBDIF interface's IP address.

    5. Run quit

      Exit from the VBDIF interface view.

  4. (Optional) Configure the asymmetric mode for IRB routes. If L2GW/L3GWs are configured to advertise IRB or IRBv6 routes to DC-GWs, the asymmetric IRB function needs to be configured on DC-GWs.
    1. Run bgp { as-number-plain | as-number-dot }

      The BGP view is displayed.

    2. Enter the IPv4 or IPv6 address family view of a BGP-VPN instance.

      • To enter the IPv4 address family view of a BGP-VPN instance, run the ipv4-family vpn-instance vpn-instance-name command.

      • To enter the IPv6 address family view of a BGP-VPN instance, run the ipv6-family vpn-instance vpn-instance-name command.

    3. Run irb asymmetric

      The asymmetric mode is enabled for IRB routes.

    4. Run quit

      Exit from the IPv4 or IPv6 address family view of the BGP-VPN instance.

  5. Run commit

    The configuration is committed.

Parent Topic: Configuring the NFVI Distributed Gateway Function (SR Tunnels)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >