Configuring Route Advertisement on a DC Gateway

Procedure

1. Configure the DC gateway to establish a VPN BGP peer relationship with a VNF.
   1. Run route-policy route-policy-name deny node node

      A route-policy that denies all routes is created.

   2. Run quit

      Exit the route-policy view.

   3. Run bgp { as-number-plain | as-number-dot }

      The BGP view is displayed.

   4. Enter the BGP VPN instance IPv4/IPv6 address family view.

      • Run ipv4-family vpn-instance vpn-instance-name

        The BGP VPN instance IPv4 address family view is displayed.

      • Run ipv6-family vpn-instance vpn-instance-name

        The BGP VPN instance IPv6 address family view is displayed.

   5. Run peer { ipv4-address | ipv6-address | group-name } as-number { as-number-plain | as-number-dot }

      A VPN BGP peer relationship is established.

   6. Run peer { ipv4-address | ipv6-address| group-name } connect-interface interface-type interface-number [ ipv4-source-address ]

      A source interface and source address are specified for the setup of a TCP connection with the BGP peer.

   7. Run peer { ipv4-address| ipv6-address | group-name } route-policy route-policy-name export

      A route-policy is applied to prevent the DC gateway from advertising VPN BGP routes to VNFs. This helps prevent routing loops.

   8. Run quit

      Exit the BGP VPN instance IPv4/IPv6 address family view.

   9. Run quit

      Exit the BGP view.

2. Configure the DC gateway to advertise VPN routes through EVPN.
   1. Run system-view

      The system view is displayed.

   2. Run interface Loopback interface-number

      The loopback interface view is displayed.

   3. Run ip binding vpn-instance vpn-instance-name

      The loopback interface is bound to the L3VPN instance.

   4. (Optional) Run ipv6 enable

      IPv6 is enabled on the interface. This step is mandatory if the interface requires an IPv6 address.

   5. Configure an IPv4/IPv6 address for the interface.

      • Run ip address ip-address { mask | mask-length }

        An IPv4 address is configured for the interface.

      • Run ipv6 address { ipv6-address prefix-length | ipv6-address/prefix-length }

        An IPv6 address is configured for the interface.

   6. Run quit

      Exit the loopback interface view.

   7. Configure default VPN static routes.

      • Run ip route-static vpn-instance vpn-instance-name 0.0.0.0 { 0.0.0.0 | 0 } { nexthop-address | interface-type interface-number [ nexthop-address ] } [ tag tag ]

        A default VPN IPv4 static route is created.

      • Run ipv6 route-static vpn-instance vpn-instance-name :: 0 { nexthop-ipv6–address | interface-type interface-number [ nexthop-ipv6-address ] } [ tag tag ]

        A default VPN IPv6 static route is created.

   8. Create a route-policy that can provide the following functions:
      • Filters the default VPN static routes and VPN loopback routes in the L3VPN instance.
      • Filters VPN UE routes received by the DC gateway (through VPN BGP neighbor relationships with VNFs) and applies the apply gateway-ip origin-nexthop or apply ipv6 gateway-ip origin-nexthop configuration to these routes to set the original next hop address of these routes to the gateway address.

      For details, see Routing Policy Configuration.

   9. Run ip vpn-instance vpn-instance-name

      The VPN instance view is displayed.

   10. Enter the VPN instance IPv4/IPv6 address family view.

       • Run ipv4-family

         The VPN instance IPv4 address family view is displayed.

       • Run ipv6-family

         The VPN instance IPv6 address family view is displayed.

   11. Run export route-policy policy-name evpn

       The L3VPN instance is associated with an export route-policy that is used to filter routes to be advertised by the current L3VPN instance to the EVPN instance. Ensure that the L3VPN instance advertises only default VPN static routes, VPN loopback routes, and VPN UE routes to the EVPN instance, and the L3VPN instance changes the original next hop of VPN UE routes to the gateway address before advertising these routes.

   12. Run quit

       Exit the VPN instance IPv4/IPv6 address family view.

   13. Run quit

       Exit the VPN instance view.

   14. Create a route-policy on the DC gateway to prevent the gateway from advertising UE routes. For details, see Routing Policy Configuration.
   15. Run bgp { as-number-plain | as-number-dot }

       The BGP view is displayed.

   16. Run l2vpn-family evpn

       The BGP EVPN address family view is displayed.

   17. Run peer { group-name | ipv4-address | ipv6-address } route-policy route-policy-name export

       A route-policy is applied to each DC gateway, so that DC gateways do not advertise UE routes to each other.

   18. Run quit

       Exit the BGP EVPN address family view.

   19. Enter the BGP VPN instance IPv4/IPv6 address family view.

       • Run ipv4-family vpn-instance vpn-instance-name

         The BGP VPN instance IPv4 address family view is displayed.

       • Run ipv6-family vpn-instance vpn-instance-name

         The BGP VPN instance IPv6 address family view is displayed.

   20. Run import-route direct [ med med | route-policy route-policy-name ] ^*

       VPN loopback routes are imported to the BGP VPN instance IPv4/IPv6 address family.

   21. Run network { 0.0.0.0 0 | :: 0 }

       A default VPN static route is imported to the BGP VPN instance IPv4/IPv6 address family.

   22. Run advertise l2vpn evpn

       The VPN instance is enabled to advertise EVPN IP prefix routes.

   23. Run quit

       Return to the BGP view.

   24. Run quit

       Exit the BGP view.

3. Run commit

   The configuration is committed.