Configuring Route Advertisement on DC-GWs

Route advertisement can be configured on DC-GWs to allow the DC-GWs to construct their own forwarding entries based on the received EVPN routes.

Procedure

  1. Configure DC-GWs to advertise the VPN loopback routes and the mobile phone routes received from VNFs through EVPN.
    1. Run system-view

      The system view is displayed.

    2. Run interface Loopback interface-number

      The loopback interface view is displayed.

    3. Run ip binding vpn-instance vpn-instance-name

      The loopback interface is bound to an L3VPN instance.

    4. (Optional) Run ipv6 enable

      IPv6 is enabled on the loopback interface. This step is mandatory when the loopback interface is configured with an IPv6 address.

    5. Configure an IPv4 or IPv6 address for the loopback interface.

      • To configure an IPv4 address for the loopback interface, run the ip address ip-address { mask | mask-length } command.

      • To configure an IPv6 address for the loopback interface, run the ipv6 address { ipv6-address prefix-length | ipv6-address/prefix-length } command.

    6. Run quit

      Exit from the loopback interface view.

    7. Create a route-policy to filter and modify the advertised and received routes. For configuration details, see Configuring a Route-Policy. A route-policy must support the following functions:

      • Export route-policy: An if-match clause configured in the route-policy can be used to filter VPN loopback routes and mobile phone routes in the L3VPN instance. You can run the apply gateway-ip { origin-nexthop | ipv4-address } or apply ipv6 gateway-ip { origin-nexthop | ipv6-address } command to configure the original next-hop address of mobile phone routes as a gateway address.

      • Import route-policy: You can run the apply gateway-ip none or apply ipv6 gateway-ip none command to delete gateway addresses from the routes received from L2GW/L3GWs to ensure that the BGP VPN packets sent by DC-GWs to VNFs can be recursed over SR tunnels, instead of being forwarded through VBDIF interfaces based on gateway addresses (DC-GWs do not have VBDIF interfaces).

    8. Run ip vpn-instance vpn-instance-name

      The VPN instance view is displayed.

    9. Enter the IPv4 or IPv6 address family view of the VPN instance.

      • To enter the IPv4 address family view of the VPN instance, run the ipv4-family command.

      • To enter the IPv6 address family view of the VPN instance, run the ipv6-family command.

    10. Run export route-policy policy-name evpn

      The L3VPN instance is bound to an export route-policy. This route-policy is used to filter the routes advertised to the EVPN instance from the L3VPN instance so that the L3VPN instance advertises only the mobile phone routes and VPN loopback routes to the EVPN instance.

    11. Run import route-policy policy-name evpn

      The L3VPN instance is bound to an import route-policy. This route-policy is used to filter the routes received by the L3VPN instance so that the gateway addresses are deleted from the routes received from L2GW/L3GWs.

    12. Run quit

      Exit from the IPv4 or IPv6 address family view of the VPN instance.

    13. Run quit

      Exit from the VPN instance view.

    14. Create a route-policy to filter the mobile phone routes received by the DC-GW from the L2GW/L3GW and prohibit the advertisement of such mobile phone routes. For details about how to create a route-policy, see Configuring a Route-Policy.
    15. Run bgp { as-number-plain | as-number-dot }

      The BGP view is displayed.

    16. Run l2vpn-family evpn

      The BGP-EVPN address family view is displayed.

    17. Run peer { group-name | ipv4-address } route-policy route-policy-name export

      The route-policy is used to prohibit DC-GWs from advertising mobile phone routes to each other.

    18. Run quit

      Exit from the BGP-EVPN address family view.

    19. Enter the IPv4 or IPv6 address family view of a BGP-VPN instance.

      • To enter the IPv4 address family view of a BGP-VPN instance, run the ipv4-family vpn-instance vpn-instance-name command.

      • To enter the IPv6 address family view of a BGP-VPN instance, run the ipv6-family vpn-instance vpn-instance-name command.

    20. Run import-route direct [ med med | route-policy route-policy-name ] *

      VPN loopback routes are imported to the IPv4 or IPv6 address family of the BGP-VPN instance.

    21. Run advertise l2vpn evpn

      The function to advertise IP routes from the VPN instance to the EVPN instance is enabled.

    22. Run quit

      Exit from the IPv4 or IPv6 address family view of the BGP-VPN instance.

    23. Run quit

      Exit from the BGP view.

  2. Establish BGP VPN peer relationships between DC-GWs and VNFs.
    1. Run route-policy route-policy-name deny node node

      A route-policy that denies all routes is created.

    2. Run quit

      Exit from the route-policy view.

    3. Run bgp { as-number-plain | as-number-dot }

      The BGP view is displayed.

    4. Enter the IPv4 or IPv6 address family view of a BGP-VPN instance.

      • To enter the IPv4 address family view of a BGP-VPN instance, run the ipv4-family vpn-instance vpn-instance-name command.

      • To enter the IPv6 address family view of a BGP-VPN instance, run the ipv6-family vpn-instance vpn-instance-name command.

    5. Run peer { ipv4-address | ipv6-address | group-name } as-number { as-number-plain | as-number-dot }

      A BGP VPN peer relationship is established.

    6. Run peer { ipv4-address | ipv6-address | group-name } connect-interface interface-type interface-number [ ipv4-source-address ]

      The source interface and source IP address are specified for the TCP connection to be set up between BGP peers.

    7. Run peer { ipv4-address | ipv6-address | group-name } route-policy route-policy-name export

      The route-policy is applied so that DC-GWs do not advertise BGP VPN routes to VNFs. This prevents route loops.

    8. Run peer { ipv4-address | ipv6-address | group-name } reflect-client

      The RR function is configured to reflect BGP VPN routes. This function allows VNFs to share mobile phone routes.

    9. Run quit

      Exit from the IPv4 or IPv6 address family view of the BGP-VPN instance.

  3. Configure RRs in BGP EVPN so that EVPN routes can be synchronized between L2GW/L3GWs and the EVPN routes sent by L2GW/L3GWs can be reflected to PEs.
    1. Run l2vpn-family evpn

      The BGP-EVPN address family view is displayed.

    2. Run peer { group-name | ipv4-address } reflect-client

      L2GW/L3GWs and PEs are configured as RR clients.

    3. Run peer { group-name | ipv4-address } next-hop-invariable

      DC-GWs are configured not to modify the next hop during route advertisement to PEs and L2GW/L3GWs and the next-hop address is still the IP address of an L2GW/L3GW when a PE receives routes from a VNF. Upon receipt of default routes, the next -hop addresses of L2GW/L3GWs are the IP addresses of PEs. In this way, routes are recursed over E2E SR-MPLS TE tunnels.

  4. Run commit

    The configuration is committed.

Parent Topic: Configuring the NFVI Distributed Gateway Function (BGP EVPN over E2E SR Tunnels)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >