ACs do not support the Ethernet access mode when you map them to VSIs by using the xconnect vsi command. For more information about this command, see VXLAN Command Reference.

ACs do not support the encapsulation s-vid { vlan-id | vlan-id-list } c-vid { vlan-id-list | all } criterion.

MVXLAN supports only IPv4 underlay networks in the current software version.

MVXLAN modes

MVXLAN supports the following traffic transmission modes:

· Ingress replication—Used for forwarding multicast traffic of multiple VPN instances in a VXLAN network.

· Multicast distribution tree (MDT)—Used for forwarding multicast traffic in an EVPN VXLAN network.

Figure 1 shows a typical MVXLAN network that uses ingress replication. In the network, the border device is attached to multiple sources, and the VTEPs are attached to multicast receivers. VXLAN tunnels are manually established between the border device and the VTEPs and assigned to VXLANs. When receiving multicast packets, the border device identifies the VPN instance to which the packets belong and forwards them to the VTEPs configured with the VPN instance. Then, the VTEPs forward the multicast packets to the attached multicast receivers in the VPN instance.

Figure 1 Ingress replication MVXLAN network model

‌

Working mechanism

Ingress replication MVXLAN requires the following configuration on the border device and VTEPs:

· On the border device, create VSI interfaces, associate them with VPN instances, and enable IGMP on the VSI interfaces.

· On the border device, associate the multicast source-facing interfaces with VPN instances.

· On the border device and VTEPs, enable IGMP snooping on VSIs.

The border device and VTEPs learn multicast forwarding entries as follows:

1. On the border device, VSI interfaces broadcast IGMP queries in their respective VXLANs after they are enabled with IGMP.

2. The VTEPs mark the VXLAN tunnel interfaces where the IGMP queries are received as IGMP snooping router ports, remove VXLAN encapsulation from the IGMP queries, and forward them to local hosts.

3. Multicast receivers reply with IGMP membership reports.

4. The VTEPs mark the ACs where the IGMP membership reports are received as IGMP snooping member ports and forward the reports to the border device through VXLAN tunnels.

5. The border device receives the IGMP membership reports and generates multicast forwarding entries. In the entries, the outgoing interfaces are the VSI interfaces that are associated with the VXLANs to which the IGMP membership reports belong.

Having learned multicast forwarding entries, the border device and VTEPs forward multicast traffic as follows:

1. When receiving multicast packets, the border device identifies their VPN instance by the incoming interface and forwards them based on the multicast forwarding table of the VPN instance.

2. If the traffic outgoing interface is a VSI interface, the border device forwards the multicast packets through all VXLAN tunnels of the VXLAN associated with the VSI interface.

3. The VTEPs decapsulate the multicast packets and forward them out of member ports to multicast receivers.

MDT MVXLAN

On the public network, MVXLAN multicast traffic is forwarded along an MDT rooted at the multicast source-side VTEP to leaf receiver-side VTEPs through unidirectional MVXLAN tunnels. MDT-based transmission ensures that multicast traffic is forwarded along optimal paths.

Benefits

MDT MVXLAN provides the following benefits:

· On-demand multicast forwarding—Creates multicast distribution trees and manages multicast group members by using BGP EVPN routes and PIM.

· Inter-VXLAN multicast forwarding—Uses distributed EVPN gateways to forward Layer 3 multicast traffic between VXLANs.

Network model

As shown in Figure 2, distributed EVPN gateways are collocated with the VTEPs, and MVXLANs are created on the VTEPs to direct multicast traffic forwarding. When receiving multicast packets, a VTEP forwards them through ACs and MVXLAN tunnels to multicast receivers.

For more information about VTEPs, VSIs, and VXLANs, see VXLAN Configuration Guide. For more information about EVPN configuration, see "Configuring EVPN."

Figure 2 MDT MVXLAN network model

Basic concepts

The following are the basic concepts in MVXLAN:

· MDT—An MDT is a multicast distribution tree constructed by all VTEPs in the same MVXLAN. MDTs include the default MDT and the data MDT.

· Default group—A default group is a unique multicast address assigned to each MVXLAN on the public network. It is the unique identifier of an MVXLAN on the public network and helps build the default MDT for an MVXLAN on the public network. Packets of the private multicast groups in an MVXLAN are encapsulated into packets of the default group before they are transmitted on the public network.

· Default MDT—A default MDT uses a default group address as its group address. The default MDT of an MVXLAN is uniquely identified by the default group and transmits all private multicast packets of the MVXLAN. A default MDT is automatically created after the default group is specified and will always exist on the public network, regardless of whether multicast services exist on the public network or MVXLAN.

· Data MDT—A data MDT is an MDT that uses a data group as it group address. At MDT switchover, VTEPs with downstream receivers join a data group to build a data MDT. The ingress VTEP forwards the encapsulated MVXLAN multicast traffic along the data MDT over the public network.

MP-BGP extension for MVXLAN

To support MVXLAN, MP-BGP introduces the following routes for creating MDTs under the EVPN address family:

· Supplementary broadcast domain selective multicast Ethernet tag (SBD-SMET) route—Contains private multicast source address and private multicast group address information. A receiver-side VTEP uses the SBD-SMET route to advertise its interest in a specific (*, G) or (S, G). An SBD-SMET route carries the RD configured in VPN instance view and export targets configured in VPN instance IPv4 address family view.

· Selective provider multicast service interface route—Also known as S-PMSI A-D route. An S-PMSI A-D route contains the private multicast source address, private multicast group address, default or data group address, and MVXLAN source interface address. S-PMSI A-D routes are used by the multicast source-side VTEP and its BGP peers to establish the default MDT and switch traffic from the default MDT to a data MDT. An S-PMSI A-D route carries the RD configured in VPN instance view and export targets configured in VPN instance IPv4 address family view.

Automatic MVXLAN tunnel establishment and assignment

In an MVXLAN network, VTEPs automatically establish MVXLAN tunnels and assign them to MVXLANs to forward Layer 3 multicast traffic. The tunnel source is the MVXLAN source interface address, and the tunnel destination is the default or data group address. An MVXLAN tunnel is a unidirectional tunnel from the multicast source-side VTEP to a multicast receiver-side VTEP.

Default MDT establishment

The multicast routing protocol running on the public network can be PIM-SM or PIM-SSM. The process of creating a default MDT is the same in these PIM modes. All VTEPs in an MVXLAN join the default MDT of the MVXLAN. The private multicast packets of the MVXLAN are forwarded along the default MDT to the VTEPs, no matter whether the site attached to a VTEP contains receivers.

Figure 3 Default MDT establishment in a PIM-SM network

As shown in Figure 3, PIM-SM runs on the public network, and MVXLAN is configured on all VTEPs. The process for establishing a default MDT is as follows:

1. VTEP 1 sends an S-PMSI A-D route that contains (*, *) to VTEP 2 and VTEP 3.

2. VTEP 2 and VTEP 3 receive the route and join a multicast group according to the PMSI tunnel attribute of the route. The PMSI tunnel attribute contains the following information:

¡ The multicast source is the IP address of the MVXLAN source interface on VTEP 1.

¡ The multicast group is the default group configured on VTEP 1.

3. Multicast forwarding entries are created on each device along the paths on the public network, and a shortest path tree (SPT) with VTEP 1 as the root and VTEP 2 and VTEP 3 as leaves is created. The SPT is the default MDT.

Default MDT-based transmission

After the default MDT is established, the multicast source sends the private multicast traffic to the receivers in each site along the default MDT. The private multicast packets are encapsulated into public multicast packets on the local VTEP and transmitted along the default MDT. Then, they are decapsulated on the remote VTEPs and transmitted in remote VXLAN sites.

Figure 4 Multicast data packet transmission

As shown in Figure 4, PIM-SM runs on the public network, the multicast source is attached to VTEP 1, and the multicast receiver is attached to VTEP 2. The multicast forwarding process is as follows:

1. The multicast source sends private multicast packets (192.1.1.1, 225.1.1.1) to VTEP 1.

2. VTEP 1 creates a multicast forwarding entry for (192.1.1.1, 225.1.1.1).

3. VTEP 1 processes the packets based on whether the receiver has joined the private multicast group:

¡ If the receiver has sent an IGMP join message to VTEP 2, VTEP 1 has an SBD-SMET route sent by VTEP 1 that contains (*, G). VTEP 1 adds VXLAN encapsulation to the packets according to the route and forwards them to VTEP 2 and VTEP 3 along the default MDT. In the outer IP header of the VXLAN packets, the source IP address is the IP address of the MVXLAN source interface, and the destination IP address is the default group address.

¡ If no receiver exists, VTEP 1 drops the packets.

4. VTEP 2 decapsulates the VXLAN packets and forwards the private multicast packets to the receiver.

5. VTEP 3 decapsulates the VXLAN packets and drops the private multicast packets because no local receiver exists.

MDT switchover

An MVXLAN can use the default MDT or a data MDT for multicast traffic forwarding. The default MDT is uniquely identified by the default group, and a data MDT is uniquely identified by a data group. Each default group is associated with a data group range.

Switching from the default MDT to a data MDT

When a multicast packet of an MVXLAN is transmitted through the default MDT on the public network, the packet is forwarded to all VTEPs configured with the VPN instance of the MVXLAN. This occurs whether or not any active receivers exist in the sites attached to the VTEPs. When the rate of the multicast traffic of that MVXLAN is high, multicast traffic might be flooded on the public network. This increases the bandwidth use and brings extra burden on the VTEPs.

To optimize multicast transmission, the MDT-based MVXLAN solution introduces a dedicated data MDT. The data MDT is built between the VTEPs that are attached to MVXLAN multicast receivers and multicast sources. When specific network criteria are met, multicast traffic is switched from the default MDT to the data MDT.

A switchover from the default MDT to the data MDT is initiated as follows:

1. The source-side VTEP periodically examines MVXLAN multicast traffic. The default MDT switches to the data MDT if the private multicast traffic has passed the ACL rule filtering for default MDT to data MDT switchover.

2. The source-side VTEP selects a least-used address from the data group range and sends an S-PMSI A-D route to all the other VTEPs down the default MDT. This route contains the private multicast source address, private multicast group address, IP address of the MVXLAN source interface, and data group address.

3. Each VTEP that receives the route examines whether it has receivers of that private multicast stream.

If so, it joins the data MDT rooted at the source-side VTEP. Otherwise, it caches the route and will join the data MDT when it has attached receivers.

4. After sending the S-PMSI A-D route, the source-side VTEP starts the data-delay timer. When the timer expires, the source-side VTEP uses the data group address to encapsulate the private multicast traffic. The multicast traffic is then forwarded down the data MDT.

5. After the multicast traffic is switched from the default MDT to the data MDT, a downstream VTEP can leave the data MDT by sending a PIM prune message if it no longer has active receivers attached to it.

Switching from the data MDT to the default MDT

After the MXVLAN multicast traffic is switched to the data MDT, the multicast traffic conditions might change and no longer meet the switchover criterion. In this case, the source-side VTEP initiates a backward MDT switchover process when any of the following criteria are met:

· The associated data group range is changed, and the data group address for encapsulating the MVXLAN multicast traffic is not in the new address range.

· The ACL rule for controlling the switchover from the default MDT to the data MDT has changed, and the MVXLAN multicast traffic fails to pass the new ACL rule.

Configuring ingress replication MVXLAN

Restrictions and guidelines: Multicast source location

You can attach a multicast source only to a border device in an ingress replication MVXLAN network.

Ingress replication MVXLAN tasks at a glance

To configure ingress replication MVXLAN, perform the following tasks:

1. Configuring VXLAN

a. Configuring a VXLAN on a VSI

b. Configuring a VXLAN tunnel

c. Manually assigning VXLAN tunnels to a VXLAN

d. Assigning customer frames to a VSI

For more information about VXLAN configuration, see VXLAN Configuration Guide.

2. Configuring IGMP and IGMP snooping

a. Enabling IGMP on a VSI interface on a border device

b. Enabling IGMP snooping on a VSI on a border device or VTEP

For more information about IGMP and IGMP snooping configuration, see IP Multicast Configuration Guide.

3. Configuring a VPN instance

a. Creating a VPN instance

b. Associating a VSI interface with a multicast source-facing interface on a border device

For more information about VPN instance configuration, see MPLS L3VPN configuration in MPLS Configuration Guide.

4. Configuring MVXLAN

a. Enabling IP multicast routing for a VPN instance

b. Creating an MVXLAN

c. Configuring a VSI interface as a distributed DR interface

You must perform this task on a VTEP if the VTEP acts as a distributed VXLAN IP gateway.

Enabling IP multicast routing for a VPN instance

1. Enter system view.

system-view

2. Enable IP multicast routing for a VPN instance and enter MRIB view.

multicast routing vpn-instance instance-name

By default, IP multicast routing is disabled for VPN instances.

For more information about this command, see multicast routing and forwarding commands in IP Multicast Command Reference.

Creating an MVXLAN

About this task

You can create one or multiple ingress replication MVXLANs on a VTEP to provide services for different VPN instances and the public instance.

Creating an MVXLAN for a VPN instance

1. Enter system view.

system-view

2. Create an ingress replication MVXLAN and enter MVXLAN view.

multicast-vpn vxlan vpn-instance instance-name mode ingress-replication

3. Create the MVXLAN IPv4 address family and enter its view.

address-family ipv4

Creating an MVXLAN for the public instance

1. Enter system view.

system-view

2. Create an ingress replication MVXLAN and enter MVXLAN view.

multicast-vpn vxlan public-instance mode ingress-replication

3. Create the MVXLAN IPv4 address family and enter its view.

address-family ipv4

Configuring a VSI interface as a distributed DR interface

About this task

On the VTEPs configured with MVXLAN, you must specify the VSI interfaces that act as distributed EVPN gateways as distributed designated router (DR) interfaces. This operation ensures that a distributed EVPN gateway can forward multicast traffic to the local site.

Procedure

1. Enter system view.

system-view

2. Enter VSI interface view.

interface vsi-interface interface-number

3. Configure the VSI interface as a distributed DR interface.

pim distributed-dr

By default, a VSI interface is not a distributed DR interface.

Ingress replication MVXLAN configuration examples

Example: Configuring an ingress replication MVXLAN

Network configuration

As shown in Figure 5, the border device is attached to a multicast source in VPN A. Configure an ingress replication MVXLAN to forward the multicast traffic from the source to the receivers, and configure VTEP 1 as a centralized VXLAN IP gateway.

Figure 5 Network diagram

‌

Procedure

1. Configure IP addresses and unicast routing settings:

# Assign IP addresses to interfaces, as shown in Figure 5. (Details not shown.)

# Configure OSPF on the border device and VTEPs for them to reach one another. (Details not shown.)

2. Configure the border device:

# Enable L2VPN and IGMP snooping.

<Border> system-view

[Border] l2vpn enable

[Border] igmp-snooping

[Border-igmp-snooping] quit

# Enable IP multicast routing.

[Border] multicast routing vpn-instance vpna

[Border-mrib] quit

# Set up VXLAN tunnels to the VTEPs.

[Border] interface tunnel 1 mode vxlan

[Border-Tunnel1] source 2.2.2.2

[Border-Tunnel1] destination 1.1.1.1

[Border-Tunnel1] quit

[Border] interface tunnel 2 mode vxlan

[Border-Tunnel2] source 2.2.2.2

[Border-Tunnel2] destination 3.3.3.3

[Border-Tunnel2] quit

# Create VSI vpna and VXLAN 10, and enable IGMP snooping on VSI vpna.

[Border] vsi vpna

[Border-vsi-vpna] igmp-snooping enable

[Border-vsi-vpna] vxlan 10

# Assign Tunnel 1 and Tunnel 2 to VXLAN 10.

[Border-vsi-vpna-vxlan-10] tunnel 1

[Border-vsi-vpna-vxlan-10] tunnel 2

[Border-vsi-vpna-vxlan-10] quit

[Border-vsi-vpna] quit

# Create VPN instance vpna.

[Border] ip vpn-instance vpna

[Border-vpn-instance-vpna] quit

# Configure VSI-interface 1, associate it with VPN instance vpna, and enable IGMP on it.

[Border] interface vsi-interface vsi 1

[Border-Vsi-interface] ip binding vpn-instance vpna

[Border-Vsi-interface] ip address 100.1.1.2 255.255.255.0

[Border-Vsi-interface] igmp enable

[Border-Vsi-interface] quit

# Specify VSI-interface 1 as the gateway interface for VSI vpna.

[VTEP1] vsi vpna

[VTEP1-vsi-vpna] gateway vsi-interface 1

[VTEP1-vsi-vpna] quit

# Associate multicast source-facing interface VLAN-interface 30 with VPN instance vpna, and enable PIM SM on VLAN-interface 30.

[Border] interface vlan-interface 30

[Border-Vlan-interface30] ip binding vpn-instance vpna

[Border-Vlan-interface30] ip address 100.2.2.2 255.255.255.0

[Border-Vlan-interface30] pim sm

[Border-Vlan-interface30] quit

# Create an ingress replication MVXLAN, and create the MVXLAN IPv4 address family and enter its view.

[Border] multicast-vpn vxlan vpn-instance vpna mode ingress-replication

[Border-mvxlan-vpna] address-family ipv4

3. Configure VTEP 1:

# Enable L2VPN and IGMP snooping.

<VTEP1> system-view

[VTEP1] l2vpn enable

[VTEP1] igmp-snooping

[VTEP1-igmp-snooping] quit

# Set up a VXLAN tunnel to the border device.

[VTEP1] interface tunnel 2 mode vxlan

[VTEP1-Tunnel2] source 1.1.1.1

[VTEP1-Tunnel2] destination 2.2.2.2

[VTEP1-Tunnel2] quit

# Create VSI vpna and VXLAN 10, and enable IGMP snooping on VSI vpna.

[VTEP1] vsi vpna

[VTEP1-vsi-vpna] igmp-snooping enable

[VTEP1-vsi-vpna] vxlan 10

# Assign Tunnel 2 to VXLAN 10.

[VTEP1-vsi-vpna-vxlan-10] tunnel 2

[VTEP1-vsi-vpna-vxlan-10] quit

[VTEP1-vsi-vpna] quit

# On HundredGigE 3/0/1 and HundredGigE 3/0/2, create Ethernet service instance 1000 to match VLAN 2 and map Ethernet service instance 1000 to VSI vpna.

[VTEP1] interface hundredgige 3/0/1

[VTEP1-HundredGigE3/0/1] service-instance 1000

[VTEP1-HundredGigE3/0/1-srv1000] encapsulation s-vid 2

[VTEP1-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[VTEP1-HundredGigE3/0/1-srv1000] quit

[VTEP1-HundredGigE3/0/1] quit

[VTEP1] interface hundredgige 3/0/2

[VTEP1-HundredGigE3/0/2] service-instance 1000

[VTEP1-HundredGigE3/0/2-srv1000] encapsulation s-vid 2

[VTEP1-HundredGigE3/0/2-srv1000] xconnect vsi vpna

[VTEP1-HundredGigE3/0/2-srv1000] quit

[VTEP1-HundredGigE3/0/2] quit

4. Configuring VTEP 2:

# Enable L2VPN and IGMP snooping.

<VTEP2> system-view

[VTEP2] l2vpn enable

[VTEP2] igmp-snooping

[VTEP2-igmp-snooping] quit

# Set up a VXLAN tunnel to the border device.

[VTEP2] interface tunnel 2 mode vxlan

[VTEP2-Tunnel2] source 3.3.3.3

[VTEP2-Tunnel2] destination 2.2.2.2

[VTEP2-Tunnel2] quit

# Create VSI vpna and VXLAN 10, and enable IGMP snooping on VSI vpna.

[VTEP2] vsi vpna

[VTEP2-vsi-vpna] igmp-snooping enable

[VTEP2-vsi-vpna] vxlan 10

# Assign Tunnel 2 to VXLAN 10.

[VTEP2-vsi-vpna-vxlan-10] tunnel 2

[VTEP2-vsi-vpna-vxlan-10] quit

[VTEP2-vsi-vpna] quit

# On HundredGigE 3/0/1 and HundredGigE 3/0/2, create Ethernet service instance 1000 to match VLAN 2 and map Ethernet service instance 1000 to VSI vpna.

[VTEP2] interface hundredgige 3/0/1

[VTEP2-HundredGigE3/0/1] service-instance 1000

[VTEP2-HundredGigE3/0/1-srv1000] encapsulation s-vid 2

[VTEP2-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[VTEP2-HundredGigE3/0/1-srv1000] quit

[VTEP2-HundredGigE3/0/1] quit

[VTEP2] interface hundredgige 3/0/2

[VTEP2-HundredGigE3/0/2] service-instance 1000

[VTEP2-HundredGigE3/0/2-srv1000] encapsulation s-vid 2

[VTEP2-HundredGigE3/0/2-srv1000] xconnect vsi vpna

[VTEP2-HundredGigE3/0/2-srv1000] quit

[VTEP2-HundredGigE3/0/2] quit

Verifying the configuration

1. Verify the MVXLAN settings on the border device:

# Verify that the VXLAN tunnel interfaces are up on the border device.

[Border] display interface tunnel 1

Tunnel1

Current state: UP

Line protocol state: UP

Description: Tunnel2 Interface

Bandwidth: 64 kbps

Maximum transmission unit: 1464

Internet protocol processing: Disabled

Output queue - Urgent queuing: Size/Length/Discards 0/100/0

Output queue - Protocol queuing: Size/Length/Discards 0/500/0

Output queue - FIFO queuing: Size/Length/Discards 0/75/0

Last clearing of counters: Never

Tunnel source 2.2.2.2, destination 1.1.1.1

Tunnel protocol/transport UDP_VXLAN/IP

Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec

Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec

Input: 0 packets, 0 bytes, 0 drops

Output: 0 packets, 0 bytes, 0 drops

# Verify that VSI-interface 1 is up.

[Border] display interface vsi-interface brief

Brief information on interfaces in route mode:

Link: ADM - administratively down; Stby - standby

Protocol: (s) - spoofing

Interface Link Protocol Primary IP Description

Vsi1 UP UP 10.1.1.1

# Verify that the border device has multicast routing entries.

[Border] display pim vpn-instance vpna routing-table

Total 17 (*, G) entries; 18 (S, G) entries

(10.1.2.99, 225.0.1.1)

RP: 10.1.2.88 (local)

Protocol: pim-sm, Flag: SPT 2MSDP LOC ACT 2MVPN

UpTime: 21:24:27

Upstream interface: Vlan-interface30

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface1

Protocol: pim-sm, UpTime: 07:08:26, Expires: -

2. Verify the MVXLAN settings on VTEP 1:

# Verify that the interfaces that host ACs are member ports.

[VTEP1] display igmp-snooping group

Total 1 entries.

VSI vpna: Total 1 entries.

(0.0.0.0, 225.0.1.1)

Host ports (1 in total):

HGE1/0/1 (Link ID 0) (00:04:20)

HGE1/0/2 (Link ID 1) (00:04:20)

# Verify that Tunnel 2 is a router port.

[VTEP1] display igmp-snooping router-port

VSI vpna:

Router ports (1 in total):

Tun2 (VXLAN ID 10) (00:03:23)

3. Verify that the multicast receivers can receive the multicast traffic sent by the multicast source. (Details not shown.)

Configuring MDT-based MVXLAN

Restrictions and guidelines: MDT-based MVXLAN configuration

MDT-based MVXLAN is not supported for a multicast source if the following conditions exist:

· The upstream interface in the multicast entry is a multicast tunnel.

· The downstream interface list contains more than two interfaces.

To display multicast entries, use the display multicast routing-table command.

MDT-based MVXLAN tasks at a glance

To configure MDT-based MVXLAN, perform the following tasks:

1. Configuring EVPN

a. Configuring a VXLAN on a VSI

b. Mapping ACs to a VSI

c. Configuring an EVPN instance

d. Configuring BGP to advertise BGP EVPN routes

e. Configuring a distributed EVPN gateway

For more information about EVPN configuration, see "Configuring EVPN."

2. Configuring IGMP and IGMP snooping

a. Enabling IGMP on a VSI interface

b. Enabling IGMP snooping

c. Configuring IGMP snooping proxying

For more information about IGMP and IGMP snooping configuration, see IP Multicast Configuration Guide.

3. Configuring PIM on the transport-facing interfaces of VTEPs

Choose one of the following tasks:

¡ Configuring PIM-SM

¡ Configuring PIM-SSM

For more information about PIM configuration, see IP Multicast Configuration Guide.

4. Configuring MVXLAN

a. Enabling IP multicast routing for a VPN instance

b. Creating an MVXLAN

c. Configuring a default group

d. Specifying the MVXLAN source interface

e. Configuring MDT switchover parameters

f. Configuring a VSI interface as a distributed DR interface

g. Configuring an MVXLAN extranet RPF selection policy

Enabling IP multicast routing for a VPN instance

1. Enter system view.

system-view

2. Enable IP multicast routing for a VPN instance and enter MRIB view.

multicast routing vpn-instance instance-name

By default, IP multicast routing is disabled for VPN instances.

For more information about this command, see multicast routing and forwarding commands in IP Multicast Command Reference.

Creating an MVXLAN

About this task

You can create one or multiple MDT-based MVXLANs on a VTEP to provide services for different VPN instances and the public instance.

Creating an MVXLAN for a VPN instance

1. Enter system view.

system-view

2. Create an MDT-based MVXLAN and enter MVXLAN view.

multicast-vpn vxlan vpn-instance instance-name mode mdt

Creating an MVXLAN for the public instance

1. Enter system view.

system-view

2. Create an MDT-based MVXLAN and enter MVXLAN view.

multicast-vpn vxlan public-instance mode mdt

Configuring a default group

About this task

When adding VXLAN encapsulation to private multicast packets, the VTEP uses the default group as the destination IP address in the outer IP header.

Restrictions and guidelines

The default group address of an MVXLAN must be unique among MVXLANs, and it cannot be the same as a data group address of any MVXLAN.

Procedure

1. Enter system view.

system-view

2. Enter MVXLAN view.

multicast-vpn vxlan vpn-instance instance-name mode mdt

3. Create the MVXLAN IPv4 address family and enter its view.

address-family ipv4

4. Configure the default group.

default-group group-address

By default, no default group exists.

Specifying the MVXLAN source interface

About this task

When adding VXLAN encapsulation to private multicast packets, the VTEP uses the IP address of the MVXLAN source interface as the source IP address in the outer IP header.

Restrictions and guidelines

For the VTEP to obtain correct routing information, you must specify the interface used for establishing BGP peer relationships as the MVXLAN source interface.

Procedure

1. Enter system view.

system-view

2. Enter MVXLAN view.

multicast-vpn vxlan vpn-instance instance-name mode mdt

3. Enter MVXLAN IPv4 address family view.

address-family ipv4

4. Specify the MVXLAN source interface.

source interface-type interface-number

By default, no MVXLAN source interface is specified.

Configuring MDT switchover parameters

About this task

Restrictions and guidelines

On a VTEP, the data group range of an MVXLAN cannot include the default group or data groups of any other MVXLAN.

All VPN instances share the data group resources. As a best practice to avoid data group resource exhaustion, specify a reasonable data group range for a VPN instance.

Procedure

1. Enter system view.

system-view

2. Enter MVXLAN view.

multicast-vpn vxlan vpn-instance instance-name mode mdt

3. Enter MVXLAN IPv4 address family view.

address-family ipv4

4. Configure the data group range and the switchover criteria.

data-group group-address { mask-length | mask } [ { acl acl-number | name acl-name } ]

By default, no data group range exists, and the default MDT to data MDT switchover never occurs.

5. Set the data-delay period.

data-delay delay

By default, the data-delay period is 3 seconds.

Configuring a VSI interface as a distributed DR interface

About this task

Procedure

1. Enter system view.

system-view

2. Enter VSI interface view.

interface vsi-interface interface-number

3. Configure the VSI interface as a distributed DR interface.

pim distributed-dr

A VSI instance is not a distributed DR interface.

Configuring an MVXLAN extranet RPF selection policy

About this task

MVXLAN extranet RPF routing policies are used for multicast transmission when multicast sources and receivers are located in different VPNs.

MVXLAN extranet RPF selection policies identify the multicast traffic to forward between VPN instances based on the L3 VXLAN ID or VPN instance of traffic.

· L3 VXLAN ID-based RPF selection policy—A policy of this kind specifies the L3 VXLAN ID of the VPN instance where a multicast source resides, a multicast source address, and a multicast group address.

A multicast source-side VTEP matches the L3 VXLAN ID, multicast source address, and multicast group address in multicast packets with RPF selection policies. If a match is found, the VTEP forwards the packets to the receiver VPN instance.

With RPF selection policies configured, a multicast receiver-side VTEP forwards multicast traffic as follows:

a. Removes the VXLAN header added by the multicast source-side VTEP from received multicast packets. The VXLAN header includes the L3 VXLAN ID of the source VPN instance.

b. Matches the L3 VXLAN ID, multicast source address, and multicast group address of the packets with RPF selection policies.

c. Forwards the packets in the receiver VPN instance if a match is found.

· VPN instance-based RPF selection policy—A policy of this kind specifies the VPN instance where a multicast source resides, a multicast source address, and a multicast group address.

A multicast source-side VTEP matches the VPN instance, multicast source address, and multicast group address in multicast packets with RPF selection policies. If a match is found, the VTEP forwards the packets to the receiver VPN instance.

With RPF selection policies configured, a multicast receiver-side VTEP forwards multicast traffic as follows:

a. Removes the VXLAN header added by the multicast source-side VTEP from received multicast packets. The VXLAN header includes the L3 VXLAN ID of the source VPN instance.

b. Matches the VPN instance, multicast source address, and multicast group address of the packets with RPF selection policies.

c. Forwards the packets in the receiver VPN instance if a match is found.

You can use RPF selection policies on the following networks:

· Asymmetrically configured extranet—The source VPN instance is not configured on the multicast receiver-side VTEP.

¡ On the multicast source-side VTEP, you can configure either L3 VXLAN ID-based or VPN instance-based RPF selection policies.

¡ On the multicast receiver-side VTEP, you can configure only L3 VXLAN ID-based RPF selection policies.

· Symmetrically configured extranet—The source VPN instance is configured on the multicast receiver-side VTEP. You can configure either L3 VXLAN ID-based or VPN instance-based RPF selection policies on the multicast source-side and receiver-side VTEPs.

If some of the multicast receivers reside on the public network, specify only the multicast source address and multicast group address in the related RPF selection policies. On the multicast receiver-side VTEP, perform the following tasks for the VTEP to forward multicast traffic in both the receiver VPN instance and the public network:

1. Assign an L3 VXLAN ID to the public instance.

2. Configure an RPF selection policy that does not include an L3 VXLAN ID or VPN instance for the receiver VPN instance.

Restrictions and guidelines

The PIM mode in the source VPN instance and the receiver VPN instance must be the same. Only PIM-SM and PIM-SSM are supported.

When you use PIM-SM, use one of the following schemes as a best practice:

· Specifying only the multicast source address—Configure two RPF selection policies as follows:

¡ In one policy, configure the multicast source address as the RP address of the multicast group that requires inter-VPN transmission.

¡ In the other policy, specify the multicast source address of the source VPN instance.

If multiple multicast groups require inter-VPN transmission, configure a dedicated RP for the multicast groups and specify the multicast source address as the RP address in RPF selection policies.

· Specifying only the multicast group address—Configure one RPF selection policy that specifies the multicast group address of the source VPN instance.

When you use PIM-SSM, configure one RPF selection policy that contains both the multicast source address and multicast group address as a best practice.

Multicast packets can only be forwarded between two VPNs. The receiver VPN instance cannot also be the source VPN instance.

You cannot specify both an L3 VXLAN ID and an MPLS L3VPN instance for a multicast source address and multicast group address pair.

· In PIM-SM mode, you can configure one RPF selection policy that specifies an L3 VXLAN ID or VPN instance for a multicast group address.

· In PIM-SSM mode, you can configure one RPF selection policy that specifies an L3 VXLAN ID or VPN instance for a multicast source address and multicast group address pair.

For a receiver VPN instance, you must configure the same types of RPF selection policies for all multicast traffic from the same source VPN instance.

If an IPv4 MVPN extranet RPF selection policy with only the multicast group address specified is configured in the receiver VPN instance, the multicast traffic for the intra-VPN transmission will be interrupted.

Multicast source addresses in different MVXLAN extranet RPF routing policies cannot be the same, but they can overlap. The same restriction applies to the multicast group addresses in different MVXLAN extranet RPF routing policies. If multiple routing policies exist for an (S, G) entry, the device selects the policy in which the multicast group address has the longest mask. If multiple policies have the same mask length, the device selects the policy in which the multicast source address has the longest mask.

Procedure

1. Enter system view.

system-view

2. Enter MRIB view.

multicast routing [ vpn-instance vpn-instance-name ]

3. Configure an IPv4 MVXLAN extranet RPF selection policy.

multicast extranet select-rpf [ l3-vni vxlan-id | vpn-instance vpn-instance-name ] { source source-address { mask | mask-length } | group group-address { mask | mask-length } } *

Display and maintenance commands for MDT-based MVXLAN

Execute display commands in any view.

Task	Command
Display received data group information in an MVXLAN.	display multicast-vpn vxlan { vpn-instance instance-name \| public-instance } data-group receive [ brief \| [ active \| group group-address \| sender source-address \| vpn-source-address [ mask { mask-length \| mask } ] \| vpn-group-address [ mask { mask-length \| mask } ] ] * ]
Display sent data group information in an MVXLAN.	display multicast-vpn vxlan { vpn-instance instance-name \| public-instance } data-group send [ group group-address \| vpn-source-address [ mask { mask-length \| mask } ] \| vpn-group-address [ mask { mask-length \| mask } ] ] *
Display information about default groups.	display multicast-vpn vxlan [ vpn-instance instance-name \| public-instance ] default-group { local \| remote }

MDT-based MVXLAN configuration examples

Example: Configuring intra-VPN MVXLAN Layer 3 multicast forwarding

Network configuration

As shown in Figure 6, VM 1 is the multicast source of multicast group 225.0.0.0, and the other VMs are multicast receivers. Configure MVXLAN to forward the multicast traffic from the source to the receivers.

· Configure VXLAN 10 and VXLAN 20 on Switch A and Switch B to extend VLAN 2 and VLAN 3 across the sites.

· Configure Switch A and Switch B as distributed EVPN gateways to provide gateway services. Configure Switch C as a border gateway to provide access to the connected Layer 3 network.

· Configure Switch D as an RR to reflect BGP EVPN routes between Switch A, Switch B, and Switch C.

· Configure PIM-SM on the transport-facing interfaces of Switches A through D. Configure IGMP snooping on Switches A through C for multicast forwarding entry creation.

Figure 6 Network diagram

‌

Procedure

1. On VM 1 and VM 3, specify 10.1.1.1 as the gateway address. On VM 2 and VM 4, specify 10.1.2.1 as the gateway address. (Details not shown.)

2. Configure IP addresses and unicast routing settings:

# Assign IP addresses to interfaces, as shown in Figure 6. (Details not shown.)

# Configure OSPF on all transport network switches (Switches A through D) for them to reach one another. (Details not shown.)

3. Configure Switch A:

# Enable L2VPN and IP multicast routing.

<SwitchA> system-view

[SwitchA] l2vpn enable

[SwitchA] multicast routing

[SwitchA-mrib] quit

# Enable the IGMP snooping feature.

[SwitchA] igmp-snooping

[SwitchA-igmp-snooping] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchA] vxlan tunnel mac-learning disable

[SwitchA] vxlan tunnel arp-learning disable

# Create VLAN-interface 11 and enter its view.

[SwitchA] vlan 11

[SwitchA-vlan11] quit

[SwitchA] interface vlan-interface 11

# Enable PIM-SM on VLAN-interface 11.

[SwitchA-Vlan-interface11] pim sm

[SwitchA-Vlan-interface11] quit

# Create an EVPN instance on VSI vpna.

[SwitchA] vsi vpna

[SwitchA-vsi-vpna] evpn encapsulation vxlan

[SwitchA-vsi-vpna-evpn-vxlan] route-distinguisher auto

[SwitchA-vsi-vpna-evpn-vxlan] vpn-target auto

[SwitchA-vsi-vpna-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpna.

[SwitchA-vsi-vpna] igmp-snooping enable

[SwitchA-vsi-vpna] igmp-snooping proxy enable

# Create VXLAN 10.

[SwitchA-vsi-vpna] vxlan 10

[SwitchA-vsi-vpna-vxlan-10] quit

[SwitchA-vsi-vpna] quit

# Create an EVPN instance on VSI vpnb.

[SwitchA] vsi vpnb

[SwitchA-vsi-vpnb] evpn encapsulation vxlan

[SwitchA-vsi-vpnb-evpn-vxlan] route-distinguisher auto

[SwitchA-vsi-vpnb-evpn-vxlan] vpn-target auto

[SwitchA-vsi-vpnb-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpnb.

[SwitchA-vsi-vpnb] igmp-snooping enable

[SwitchA-vsi-vpnb] igmp-snooping proxy enable

# Create VXLAN 20.

[SwitchA-vsi-vpnb] vxlan 20

[SwitchA-vsi-vpnb-vxlan-20] quit

[SwitchA-vsi-vpnb] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchA] bgp 200

[SwitchA-bgp-default] peer 4.4.4.4 as-number 200

[SwitchA-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchA-bgp-default] address-family l2vpn evpn

[SwitchA-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchA-bgp-default-evpn] quit

[SwitchA-bgp-default] quit

# Create VLAN 2.

[SwitchA] vlan 2

[SwitchA-vlan2] quit

# Create VLAN 3.

[SwitchA] vlan 3

[SwitchA-vlan3] quit

# Configure HundredGigE 3/0/1 as a trunk port and assign it to VLAN 2 and VLAN 3.

[SwitchA] interface hundredgige 3/0/1

[SwitchA-HundredGigE3/0/1] port link-type trunk

[SwitchA-HundredGigE3/0/1] port trunk permit vlan 2 3

# On HundredGigE 3/0/1, create Ethernet service instance 1000 to match VLAN 2.

[SwitchA-HundredGigE3/0/1] service-instance 1000

[SwitchA-HundredGigE3/0/1-srv1000] encapsulation s-vid 2

# Map Ethernet service instance 1000 to VSI vpna.

[SwitchA-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[SwitchA-HundredGigE3/0/1-srv1000] quit

# On HundredGigE 3/0/1, create Ethernet service instance 2000 to match VLAN 3.

[SwitchA-HundredGigE3/0/1] service-instance 2000

[SwitchA-HundredGigE3/0/1-srv2000] encapsulation s-vid 3

# Map Ethernet service instance 2000 to VSI vpnb.

[SwitchA-HundredGigE3/0/1-srv2000] xconnect vsi vpnb

[SwitchA-HundredGigE3/0/1-srv2000] quit

[SwitchA-HundredGigE3/0/1] quit

# Configure RD and route target settings for VPN instance vpna.

[SwitchA] ip vpn-instance vpna

[SwitchA-vpn-instance-vpna] route-distinguisher 1:1

[SwitchA-vpn-instance-vpna] address-family ipv4

[SwitchA-vpn-ipv4-vpna] vpn-target 1:1

[SwitchA-vpn-ipv4-vpna] quit

[SwitchA-vpn-instance-vpna] address-family evpn

[SwitchA-vpn-evpn-vpna] vpn-target 1:1

[SwitchA-vpn-evpn-vpna] quit

[SwitchA-vpn-instance-vpna] quit

# Configure VSI-interface 1.

[SwitchA] interface vsi-interface 1

[SwitchA-Vsi-interface1] ip binding vpn-instance vpna

[SwitchA-Vsi-interface1] ip address 10.1.1.1 255.255.255.0

[SwitchA-Vsi-interface1] pim sm

[SwitchA-Vsi-interface1] pim distributed-dr

[SwitchA-Vsi-interface1] mac-address 1-1-1

[SwitchA-Vsi-interface1] distributed-gateway local

[SwitchA-Vsi-interface1] local-proxy-arp enable

[SwitchA-Vsi-interface1] quit

# Configure VSI-interface 2.

[SwitchA] interface vsi-interface 2

[SwitchA-Vsi-interface2] ip binding vpn-instance vpna

[SwitchA-Vsi-interface2] ip address 10.1.2.1 255.255.255.0

[SwitchA-Vsi-interface2] igmp enable

[SwitchA-Vsi-interface2] pim distributed-dr

[SwitchA-Vsi-interface2] mac-address 2-2-2

[SwitchA-Vsi-interface2] distributed-gateway local

[SwitchA-Vsi-interface2] local-proxy-arp enable

[SwitchA-Vsi-interface2] quit

# Associate VSI-interface 3 with VPN instance vpna, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchA] interface vsi-interface 3

[SwitchA-Vsi-interface3] ip binding vpn-instance vpna

[SwitchA-Vsi-interface3] l3-vni 1000

[SwitchA-Vsi-interface3] pim sm

[SwitchA-Vsi-interface3] quit

# Enable IP multicast routing for VPN instance vpna.

[SwitchA] multicast routing vpn-instance vpna

[SwitchA-mrib-vpna] quit

# Create an MDT-based MVXLAN for VPN instance vpna and enter MVXLAN IPv4 address family view. Configure the default group, MVXLAN source interface, and data group range settings.

[SwitchA] multicast-vpn vxlan vpn-instance vpna mode mdt

[SwitchA-mvxlan-vpna] address-family ipv4

[SwitchA-mvxlan-vpna-ipv4] default-group 236.0.0.1

[SwitchA-mvxlan-vpna-ipv4] source loopback 0

[SwitchA-mvxlan-vpna-ipv4] data-group 239.0.1.0 24

[SwitchA-mvxlan-vpna-ipv4] quit

[SwitchA-mvxlan-vpna] quit

# Configure Loopback 1.

[SwitchA] interface loopback 1

[SwitchA-LoopBack1] ip binding vpn-instance vpna

[SwitchA-LoopBack1] ip address 12.12.12.12 32

[SwitchA-LoopBack1] pim sm

[SwitchA-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpna.

[SwitchA] pim vpn-instance vpna

[SwitchA-pim-vpna] c-bsr 12.12.12.12

[SwitchA-pim-vpna] c-rp 12.12.12.12

[SwitchA-pim-vpna] quit

# Specify VSI-interface 1 as the gateway interface for VSI vpna.

[SwitchA] vsi vpna

[SwitchA-vsi-vpna] gateway vsi-interface 1

[SwitchA-vsi-vpna] quit

# Specify VSI-interface 2 as the gateway interface for VSI vpnb.

[SwitchA] vsi vpnb

[SwitchA-vsi-vpnb] gateway vsi-interface 2

[SwitchA-vsi-vpnb] quit

4. Configure Switch B:

# Enable L2VPN and IP multicast routing.

<SwitchB> system-view

[SwitchB] l2vpn enable

[SwitchB] multicast routing

[SwitchB-mrib] quit

# Enable the IGMP snooping feature.

[SwitchB] igmp-snooping

[SwitchB-igmp-snooping] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchB] vxlan tunnel mac-learning disable

[SwitchB] vxlan tunnel arp-learning disable

# Create VLAN-interface 12 and enter its view.

[SwitchB] vlan 12

[SwitchB-vlan12] quit

[SwitchB] interface vlan-interface 12

# Enable PIM-SM on VLAN-interface 12.

[SwitchB-Vlan-interface12] pim sm

[SwitchB-Vlan-interface12] quit

# Create an EVPN instance on VSI vpna.

[SwitchB] vsi vpna

[SwitchB-vsi-vpna] evpn encapsulation vxlan

[SwitchB-vsi-vpna-evpn-vxlan] route-distinguisher auto

[SwitchB-vsi-vpna-evpn-vxlan] vpn-target auto

[SwitchB-vsi-vpna-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpna.

[SwitchB-vsi-vpna] igmp-snooping enable

[SwitchB-vsi-vpna] igmp-snooping proxy enable

# Create VXLAN 10.

[SwitchB-vsi-vpna] vxlan 10

[SwitchB-vsi-vpna-vxlan-10] quit

[SwitchB-vsi-vpna] quit

# Create an EVPN instance on VSI vpnb.

[SwitchB] vsi vpnb

[SwitchB-vsi-vpnb] evpn encapsulation vxlan

[SwitchB-vsi-vpnb-evpn-vxlan] route-distinguisher auto

[SwitchB-vsi-vpnb-evpn-vxlan] vpn-target auto

[SwitchB-vsi-vpnb-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpnb.

[SwitchB-vsi-vpnb] igmp-snooping enable

[SwitchB-vsi-vpnb] igmp-snooping proxy enable

# Create VXLAN 20.

[SwitchB-vsi-vpnb] vxlan 20

[SwitchB-vsi-vpnb-vxlan-20] quit

[SwitchB-vsi-vpnb] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchB] bgp 200

[SwitchB-bgp-default] peer 4.4.4.4 as-number 200

[SwitchB-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchB-bgp-default] address-family l2vpn evpn

[SwitchB-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchB-bgp-default-evpn] quit

[SwitchB-bgp-default] quit

# Create VLAN 2.

[SwitchB] vlan 2

[SwitchB-vlan2] quit

# Create VLAN 3.

[SwitchB] vlan 3

[SwitchB-vlan3] quit

# Configure HundredGigE 3/0/1 as a trunk port and assign it to VLAN 2 and VLAN 3.

[SwitchB] interface hundredgige 3/0/1

[SwitchB-HundredGigE3/0/1] port link-type trunk

[SwitchB-HundredGigE3/0/1] port trunk permit vlan 2 3

# On HundredGigE 3/0/1, create Ethernet service instance 1000 to match VLAN 2.

[SwitchB-HundredGigE3/0/1] service-instance 1000

[SwitchB-HundredGigE3/0/1-srv1000]encapsulation s-vid 2

# Map Ethernet service instance 1000 to VSI vpna.

[SwitchB-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[SwitchB-HundredGigE3/0/1-srv1000] quit

# On HundredGigE 3/0/1, create Ethernet service instance 2000 to match VLAN 3.

[SwitchB-HundredGigE3/0/1] service-instance 2000

[SwitchB-HundredGigE3/0/1-srv2000] encapsulation s-vid 3

# Map Ethernet service instance 2000 to VSI vpnb.

[SwitchB-HundredGigE3/0/1-srv2000] xconnect vsi vpnb

[SwitchB-HundredGigE3/0/1-srv2000] quit

[SwitchB-HundredGigE3/0/1] quit

# Configure RD and route target settings for VPN instance vpna.

[SwitchB] ip vpn-instance vpna

[SwitchB-vpn-instance-vpna] route-distinguisher 1:1

[SwitchB-vpn-instance-vpna] address-family ipv4

[SwitchB-vpn-ipv4-vpna] vpn-target 1:1

[SwitchB-vpn-ipv4-vpna] quit

[SwitchB-vpn-instance-vpna] address-family evpn

[SwitchB-vpn-evpn-vpna] vpn-target 1:1

[SwitchB-vpn-evpn-vpna] quit

[SwitchB-vpn-instance-vpna] quit

# Configure VSI-interface 1.

[SwitchB] interface vsi-interface 1

[SwitchB-Vsi-interface1] ip binding vpn-instance vpna

[SwitchB-Vsi-interface1] ip address 10.1.1.1 255.255.255.0

[SwitchB-Vsi-interface1] igmp enable

[SwitchB-Vsi-interface1] mac-address 1-1-1

[SwitchB-Vsi-interface1] distributed-gateway local

[SwitchB-Vsi-interface1] local-proxy-arp enable

[SwitchB-Vsi-interface1] quit

# Configure VSI-interface 2.

[SwitchB] interface vsi-interface 2

[SwitchB-Vsi-interface2] ip binding vpn-instance vpna

[SwitchB-Vsi-interface2] ip address 10.1.2.1 255.255.255.0

[SwitchB-Vsi-interface2] igmp enable

[SwitchB-Vsi-interface2] mac-address 2-2-2

[SwitchB-Vsi-interface2] distributed-gateway local

[SwitchB-Vsi-interface2] local-proxy-arp enable

[SwitchB-Vsi-interface2] quit

# Associate VSI-interface 3 with VPN instance vpna, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchB] interface vsi-interface 3

[SwitchB-Vsi-interface3] ip binding vpn-instance vpna

[SwitchB-Vsi-interface3] l3-vni 1000

[SwitchB-Vsi-interface3] pim sm

[SwitchB-Vsi-interface3] quit

# Enable IP multicast routing for VPN instance vpna.

[SwitchB] multicast routing vpn-instance vpna

[SwitchB-mrib-vpna] quit

# Create an MDT-based MVXLAN for VPN instance vpna and enter MVXLAN IPv4 address family view. Configure the MVXLAN source interface.

[SwitchB] multicast-vpn vxlan vpn-instance vpna mode mdt

[SwitchB-mvxlan-vpna] address-family ipv4

[SwitchB-mvxlan-vpna-ipv4] source loopback 0

[SwitchB-mvxlan-vpna-ipv4] quit

[SwitchB-mvxlan-vpna] quit

# Configure Loopback 1.

[SwitchB] interface loopback 1

[SwitchB-LoopBack1] ip binding vpn-instance vpna

[SwitchB-LoopBack1] ip address 12.12.12.12 32

[SwitchB-LoopBack1] pim sm

[SwitchB-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpna.

[SwitchB] pim vpn-instance vpna

[SwitchB-pim-vpna] c-bsr 12.12.12.12

[SwitchB-pim-vpna] c-rp 12.12.12.12

[SwitchB-pim-vpna] quit

# Specify VSI-interface 1 as the gateway interface for VSI vpna.

[SwitchB] vsi vpna

[SwitchB-vsi-vpna] gateway vsi-interface 1

[SwitchB-vsi-vpna] quit

# Specify VSI-interface 2 as the gateway interface for VSI vpnb.

[SwitchB] vsi vpnb

[SwitchB-vsi-vpnb] gateway vsi-interface 2

[SwitchB-vsi-vpnb] quit

5. Configure Switch C:

# Enable L2VPN and IP multicast routing.

<SwitchC> system-view

[SwitchC] l2vpn enable

[SwitchC] multicast routing

[SwitchC-mrib] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchC] vxlan tunnel mac-learning disable

[SwitchC] vxlan tunnel arp-learning disable

# Create VLAN-interface 13 and enter its view.

[SwitchC] vlan 13

[SwitchC-vlan13] quit

[SwitchC] interface vlan-interface 13

# Enable PIM-SM on VLAN-interface 13.

[SwitchC-Vlan-interface13] pim sm

[SwitchC-Vlan-interface13] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchC] bgp 200

[SwitchC-bgp-default] peer 4.4.4.4 as-number 200

[SwitchC-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchC-bgp-default] address-family l2vpn evpn

[SwitchC-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchC-bgp-default-evpn] quit

[SwitchC-bgp-default] quit

# Configure RD and route target settings for VPN instance vpna.

[SwitchC] ip vpn-instance vpna

[SwitchC-vpn-instance-vpna] route-distinguisher 1:1

[SwitchC-vpn-instance-vpna] address-family ipv4

[SwitchC-vpn-ipv4-vpna] vpn-target 1:1

[SwitchC-vpn-ipv4-vpna] quit

[SwitchC-vpn-instance-vpna] address-family evpn

[SwitchC-vpn-evpn-vpna] vpn-target 1:1

[SwitchC-vpn-evpn-vpna] quit

[SwitchC-vpn-instance-vpna] quit

# Associate VSI-interface 3 with VPN instance vpna, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchC] interface vsi-interface 3

[SwitchC-Vsi-interface3] ip binding vpn-instance vpna

[SwitchC-Vsi-interface3] l3-vni 1000

[SwitchC-Vsi-interface3] pim sm

[SwitchC-Vsi-interface3] quit

# Enable IP multicast routing on VPN instance vpna.

[SwitchC] multicast routing vpn-instance vpna

[SwitchC-mrib-vpna] quit

# Create an MDT-based MVXLAN for VPN instance vpna and enter MVXLAN IPv4 address family view. Configure the MVXLAN source interface.

[SwitchC] multicast-vpn vxlan vpn-instance vpna mode mdt

[SwitchC-mvxlan-vpna] address-family ipv4

[SwitchC-mvxlan-vpna-ipv4] source loopback 0

[SwitchC-mvxlan-vpna-ipv4] quit

[SwitchC-mvxlan-vpna] quit

# Configure Loopback 1.

[SwitchC] interface loopback 1

[SwitchC-LoopBack1] ip binding vpn-instance vpna

[SwitchC-LoopBack1] ip address 12.12.12.12 32

[SwitchC-LoopBack1] pim sm

[SwitchC-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpna.

[SwitchC] pim vpn-instance vpna

[SwitchC-pim-vpna] c-bsr 12.12.12.12

[SwitchC-pim-vpna] c-rp 12.12.12.12

[SwitchC-pim-vpna] quit

# Configure a default route. Specify the next hop as 20.1.1.100, the IP address of a device in the Layer 3 network.

[SwitchC] ip route-static vpn-instance vpna 0.0.0.0 0 20.1.1.100

# Import the default route to the BGP IPv4 unicast routing table of VPN instance vpna.

[SwitchC] bgp 200

[SwitchC-bgp-default] ip vpn-instance vpna

[SwitchC-bgp-default-vpna] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4-vpna] default-route imported

[SwitchC-bgp-default-ipv4-vpna] import-route static

[SwitchC-bgp-default-ipv4-vpna] quit

[SwitchC-bgp-default-vpna] quit

[SwitchC-bgp-default] quit

# Associate HundredGigE 3/0/2 with VPN instance vpna.

[SwitchC] interface hundredgige 3/0/2

[SwitchC-HundredGigE3/0/2] ip binding vpn-instance vpna

[SwitchC-HundredGigE3/0/2] ip address 20.1.1.3 24

[SwitchC-HundredGigE3/0/2] pim sm

[SwitchC-HundredGigE3/0/2] quit

# Create VLAN 20.

[SwitchC] vlan 20

[SwitchC-vlan20] quit

# Configure VLAN-interface 20 that connects to the Layer 3 network and associate the interface with VPN instance vpna.

[SwitchC] interface vlan-interface 20

[SwitchC-Vlan-interface20] ip binding vpn-instance vpna

[SwitchC-Vlan-interface20] ip address 20.1.1.3 24

[SwitchC-Vlan-interface20] pim sm

[SwitchC-Vlan-interface20] quit

6. Configure Switch D:

# Enable IP multicast routing.

<SwitchD> system-view

[SwitchD] multicast routing

[SwitchD-mrib] quit

# Enter PIM view, and configure Loopback 0 as a candidate-BSR and candidate-RP in the public network.

[SwitchD] pim

[SwitchD-pim] c-bsr 4.4.4.4

[SwitchD-pim] c-rp 4.4.4.4

[SwitchD-pim] quit

# Enable PIM-SM on VLAN-interface 11.

[SwitchD] interface vlan-interface11

[SwitchD-Vlan-interface11] pim sm

[SwitchD-Vlan-interface11] quit

# Enable PIM-SM on VLAN-interface 12.

[SwitchD] interface vlan-interface12

[SwitchD-Vlan-interface12] pim sm

[SwitchD-Vlan-interface12] quit

# Enable PIM-SM on VLAN-interface 13.

[SwitchD] interface vlan-interface13

[SwitchD-Vlan-interface13] pim sm

[SwitchD-Vlan-interface13] quit

# Establish BGP connections with other transport network switches.

[SwitchD] bgp 200

[SwitchD-bgp-default] group evpn

[SwitchD-bgp-default] peer 1.1.1.1 group evpn

[SwitchD-bgp-default] peer 2.2.2.2 group evpn

[SwitchD-bgp-default] peer 3.3.3.3 group evpn

[SwitchD-bgp-default] peer evpn as-number 200

[SwitchD-bgp-default] peer evpn connect-interface loopback 0

# Configure BGP to advertise BGP EVPN routes, and disable route target filtering of received BGP EVPN routes.

[SwitchD-bgp-default] address-family l2vpn evpn

[SwitchD-bgp-default-evpn] peer evpn enable

[SwitchD-bgp-default-evpn] undo policy vpn-target

# Configure Switch D as an RR.

[SwitchD-bgp-default-evpn] peer evpn reflect-client

[SwitchD-bgp-default-evpn] quit

[SwitchD-bgp-default] quit

Verifying the configuration

1. Verify the multicast routing information on Switch A:

# Verify that Switch A has multicast routing entries for VPN instance vpna.

<SwitchA> display pim vpn-instance vpna routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: WC RC

UpTime: 02:57:31

Upstream interface: Register-Tunnel0

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: MTunnel0

Protocol: MD, UpTime: 02:57:31, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: SPT 2MSDP LOC ACT SQ RC 2MVPN

UpTime: 04:44:08

Upstream interface: Vsi-interface1

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: MTunnel1

Protocol: MD, UpTime: 02:00:27, Expires: -

# Verify that Switch A has multicast routing entries for the public network.

<SwitchA> display pim routing-table

Total 0 (*, G) entries; 2 (S, G) entries

(1.1.1.1, 236.0.0.1)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT LOC VXLAN_L3

UpTime: 02:09:52

Upstream interface: MTunnel0 (VPN: vpna)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vlan-interface11

Protocol: pim-sm, UpTime: 01:16:34, Expires: 00:03:10

(1.1.1.1, 239.0.1.0)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT LOC VXLAN_L3

UpTime: 02:08:52

Upstream interface: MTunnel1 (VPN: vpna)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vlan-interface11

Protocol: pim-sm, UpTime: 01:15:34, Expires: 00:03:11

2. Verify the multicast routing information on Switch B:

# Verify that Switch B has multicast routing entries for VPN instance vpna.

<SwitchB> display pim vpn-instance vpna routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: WC

UpTime: 05:04:06

Upstream interface: Register-Tunnel0

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface1

Protocol: igmp, UpTime: 05:04:06, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: SPT ACT RQ FROMVXLAN

UpTime: 01:57:12

Upstream interface: MVXLAN-UPE0 (0.0.0.0)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface1

Protocol: pim-sm, UpTime: 01:57:12, Expires: -

# Verify that Switch B has multicast routing entries for the public network.

<SwitchB> display pim routing-table

Total 0 (*, G) entries; 2 (S, G) entries

(1.1.1.1, 236.0.0.1)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT

UpTime: 01:59:46

Upstream interface: Vlan-interface12

Upstream neighbor: 12.1.1.4

RPF prime neighbor: 12.1.1.4

Downstream interface information:

Total number of downstream interfaces: 1

1: MVXLAN-UPE0

Protocol: MD, UpTime: 01:59:46, Expires: -

(1.1.1.1, 239.0.1.0)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT ACT

UpTime: 01:58:46

Upstream interface: Vlan-interface12

Upstream neighbor: 12.1.1.4

RPF prime neighbor: 12.1.1.4

Downstream interface information:

Total number of downstream interfaces: 1

1: MVXLAN-UPE0

Protocol: MD, UpTime: 01:58:46, Expires: -

Example: Configuring MVXLAN extranet on the receiver VPN instance for symmetrically configured extranet

Network configuration

As shown in Figure 7, VM 1 is the multicast source of multicast group 225.0.0.0, and the other VMs are multicast receivers. VM 1, VM 2, and VM 3 belong to VPN instance vpna, and VM 4 belongs to VPN instance vpnb. VM 1 and VM 3 are in VXLAN 10, and VM 2 and VM 4 are in VXLAN 20. Configure MVXLAN to forward the multicast traffic from the source to the receivers.

· Configure VXLAN 10 and VXLAN 20 on Switch A and Switch B to extend VLAN 2 and VLAN 3 across the sites.

· Configure Switch A and Switch B as distributed EVPN gateways to provide gateway services. Configure Switch C as a border gateway to provide access to the connected Layer 3 network.

· Configure Switch D as an RR to reflect BGP EVPN routes between Switch A, Switch B, and Switch C.

· Configure PIM-SM on the transport-facing interfaces of Switches A through D. Configure IGMP snooping on Switches A through C for multicast forwarding entry creation.

· Configure MVXLAN extranet to import the traffic of VPN instance vpna to VPN instance vpnb based on the L3 VXLAN ID on Switch B.

Figure 7 Network diagram

‌

Procedure

1. On VM 1 and VM 3, specify 10.1.1.1 as the gateway address. On VM 2 and VM 4, specify 10.1.2.1 as the gateway address. (Details not shown.)

2. Configure IP addresses and unicast routing settings:

# Assign IP addresses to interfaces, as shown in Figure 7. (Details not shown.)

# Configure OSPF on all transport network switches (Switches A through D) for them to reach one another. (Details not shown.)

3. Configure Switch A:

# Enable L2VPN and IP multicast routing.

<SwitchA> system-view

[SwitchA] l2vpn enable

[SwitchA] multicast routing

[SwitchA-mrib] quit

# Enable the IGMP snooping feature.

[SwitchA] igmp-snooping

[SwitchA-igmp-snooping] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchA] vxlan tunnel mac-learning disable

[SwitchA] vxlan tunnel arp-learning disable

# Create VLAN-interface 11 and enter its view.

[SwitchA] vlan 11

[SwitchA-vlan11] quit

[SwitchA] interface vlan-interface 11

# Enable PIM-SM on VLAN-interface 11.

[SwitchA-Vlan-interface11] pim sm

[SwitchA-Vlan-interface11] quit

# Create an EVPN instance on VSI vpna.

[SwitchA] vsi vpna

[SwitchA-vsi-vpna] evpn encapsulation vxlan

[SwitchA-vsi-vpna-evpn-vxlan] route-distinguisher auto

[SwitchA-vsi-vpna-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchA-vsi-vpna-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchA-vsi-vpna-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpna.

[SwitchA-vsi-vpna] igmp-snooping enable

[SwitchA-vsi-vpna] igmp-snooping proxy enable

# Create VXLAN 10.

[SwitchA-vsi-vpna] vxlan 10

[SwitchA-vsi-vpna-vxlan-10] quit

[SwitchA-vsi-vpna] quit

# Create an EVPN instance on VSI vpnb.

[SwitchA] vsi vpnb

[SwitchA-vsi-vpnb] evpn encapsulation vxlan

[SwitchA-vsi-vpnb-evpn-vxlan] route-distinguisher auto

[SwitchA-vsi-vpnb-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchA-vsi-vpnb-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchA-vsi-vpnb-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpnb.

[SwitchA-vsi-vpnb] igmp-snooping enable

[SwitchA-vsi-vpnb] igmp-snooping proxy enable

# Create VXLAN 20.

[SwitchA-vsi-vpnb] vxlan 20

[SwitchA-vsi-vpnb-vxlan-20] quit

[SwitchA-vsi-vpnb] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchA] bgp 200

[SwitchA-bgp-default] peer 4.4.4.4 as-number 200

[SwitchA-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchA-bgp-default] address-family l2vpn evpn

[SwitchA-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchA-bgp-default-evpn] quit

[SwitchA-bgp-default] quit

# Create VLAN 2.

[SwitchA] vlan 2

[SwitchA-vlan2] quit

# Create VLAN 3.

[SwitchA] vlan 3

[SwitchA-vlan3] quit

# Configure HundredGigE 3/0/1 as a trunk port and assign it to VLAN 2 and VLAN 3.

[SwitchA] interface hundredgige 3/0/1

[SwitchA-HundredGigE3/0/1] port link-type trunk

[SwitchA-HundredGigE3/0/1] port trunk permit vlan 2 3

# On HundredGigE 3/0/1, create Ethernet service instance 1000 to match VLAN 2.

[SwitchA-HundredGigE3/0/1] service-instance 1000

[SwitchA-HundredGigE3/0/1-srv1000] encapsulation s-vid 2

# Map Ethernet service instance 1000 to VSI vpna.

[SwitchA-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[SwitchA-HundredGigE3/0/1-srv1000] quit

# On HundredGigE 3/0/1, create Ethernet service instance 2000 to match VLAN 3.

[SwitchA-HundredGigE3/0/1] service-instance 2000

[SwitchA-HundredGigE3/0/1-srv2000] encapsulation s-vid 3

# Map Ethernet service instance 2000 to VSI vpnb.

[SwitchA-HundredGigE3/0/1-srv2000] xconnect vsi vpnb

[SwitchA-HundredGigE3/0/1-srv2000] quit

[SwitchA-HundredGigE3/0/1] quit

# Configure RD and route target settings for VPN instance vpna.

[SwitchA] ip vpn-instance vpna

[SwitchA-vpn-instance-vpna] route-distinguisher 1:1

[SwitchA-vpn-instance-vpna] address-family ipv4

[SwitchA-vpn-ipv4-vpna] vpn-target 1:1

[SwitchA-vpn-ipv4-vpna] quit

[SwitchA-vpn-instance-vpna] address-family evpn

[SwitchA-vpn-evpn-vpna] vpn-target 1:1

[SwitchA-vpn-evpn-vpna] quit

[SwitchA-vpn-instance-vpna] quit

# Configure VSI-interface 1.

[SwitchA] interface vsi-interface 1

[SwitchA-Vsi-interface1] ip binding vpn-instance vpna

[SwitchA-Vsi-interface1] ip address 10.1.1.1 255.255.255.0

[SwitchA-Vsi-interface1] pim sm

[SwitchA-Vsi-interface1] pim distributed-dr

[SwitchA-Vsi-interface1] mac-address 1-1-1

[SwitchA-Vsi-interface1] distributed-gateway local

[SwitchA-Vsi-interface1] local-proxy-arp enable

[SwitchA-Vsi-interface1] quit

# Configure VSI-interface 2.

[SwitchA] interface vsi-interface 2

[SwitchA-Vsi-interface2] ip binding vpn-instance vpna

[SwitchA-Vsi-interface2] ip address 10.1.2.1 255.255.255.0

[SwitchA-Vsi-interface2] igmp enable

[SwitchA-Vsi-interface2] mac-address 2-2-2

[SwitchA-Vsi-interface2] distributed-gateway local

[SwitchA-Vsi-interface2] local-proxy-arp enable

[SwitchA-Vsi-interface2] quit

# Associate VSI-interface 3 with VPN instance vpna, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchA] interface vsi-interface 3

[SwitchA-Vsi-interface3] ip binding vpn-instance vpna

[SwitchA-Vsi-interface3] l3-vni 1000

[SwitchA-Vsi-interface3] pim sm

[SwitchA-Vsi-interface3] quit

# Enable IP multicast routing for VPN instance vpna.

[SwitchA] multicast routing vpn-instance vpna

[SwitchA-mrib-vpna] quit

# Create an MDT-based MVXLAN for VPN instance vpna and enter MVXLAN IPv4 address family view. Configure the default group, MVXLAN source interface, and data group range settings.

[SwitchA] multicast-vpn vxlan vpn-instance vpna mode mdt

[SwitchA-mvxlan-vpna] address-family ipv4

[SwitchA-mvxlan-vpna-ipv4] default-group 236.0.0.1

[SwitchA-mvxlan-vpna-ipv4] source loopback 0

[SwitchA-mvxlan-vpna-ipv4] data-group 239.0.1.0 25

[SwitchA-mvxlan-vpna-ipv4] quit

[SwitchA-mvxlan-vpna] quit

# Configure Loopback 1.

[SwitchA] interface loopback 1

[SwitchA-LoopBack1] ip binding vpn-instance vpna

[SwitchA-LoopBack1] ip address 12.12.12.12 32

[SwitchA-LoopBack1] pim sm

[SwitchA-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpna.

[SwitchA] pim vpn-instance vpna

[SwitchA-pim-vpna] c-bsr 12.12.12.12

[SwitchA-pim-vpna] c-rp 12.12.12.12

[SwitchA-pim-vpna] quit

# Specify VSI-interface 1 as the gateway interface for VSI vpna.

[SwitchA] vsi vpna

[SwitchA-vsi-vpna] gateway vsi-interface 1

[SwitchA-vsi-vpna] quit

# Specify VSI-interface 2 as the gateway interface for VSI vpnb.

[SwitchA] vsi vpnb

[SwitchA-vsi-vpnb] gateway vsi-interface 2

[SwitchA-vsi-vpnb] quit

4. Configure Switch B:

# Enable L2VPN and IP multicast routing.

<SwitchB> system-view

[SwitchB] l2vpn enable

[SwitchB] multicast routing

[SwitchB-mrib] quit

# Enable the IGMP snooping feature.

[SwitchB] igmp-snooping

[SwitchB-igmp-snooping] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchB] vxlan tunnel mac-learning disable

[SwitchB] vxlan tunnel arp-learning disable

# Create VLAN-interface 12 and enter its view.

[SwitchB] vlan 12

[SwitchB-vlan12] quit

[SwitchB] interface vlan-interface 12

# Enable PIM-SM on VLAN-interface 12.

[SwitchB-Vlan-interface12] pim sm

[SwitchB-Vlan-interface12] quit

# Create an EVPN instance on VSI vpna.

[SwitchB] vsi vpna

[SwitchB-vsi-vpna] evpn encapsulation vxlan

[SwitchB-vsi-vpna-evpn-vxlan] route-distinguisher auto

[SwitchB-vsi-vpna-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchB-vsi-vpna-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchB-vsi-vpna-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpnc

[SwitchB-vsi-vpna] igmp-snooping enable

[SwitchB-vsi-vpna] igmp-snooping proxy enable

# Create VXLAN 10.

[SwitchB-vsi-vpna] vxlan 10

[SwitchB-vsi-vpna-vxlan-10] quit

[SwitchB-vsi-vpna] quit

# Create an EVPN instance on VSI vpnb.

[SwitchB] vsi vpnb

[SwitchB-vsi-vpnb] evpn encapsulation vxlan

[SwitchB-vsi-vpnb-evpn-vxlan] route-distinguisher auto

[SwitchB-vsi-vpnb-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchB-vsi-vpnb-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchB-vsi-vpnb-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpnb.

[SwitchB-vsi-vpnb] igmp-snooping enable

[SwitchB-vsi-vpnb] igmp-snooping proxy enable

# Create VXLAN 20.

[SwitchB-vsi-vpnb] vxlan 20

[SwitchB-vsi-vpnb-vxlan-20] quit

[SwitchB-vsi-vpnb] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchB] bgp 200

[SwitchB-bgp-default] peer 4.4.4.4 as-number 200

[SwitchB-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchB-bgp-default] address-family l2vpn evpn

[SwitchB-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchB-bgp-default-evpn] quit

[SwitchB-bgp-default] quit

# Create VLAN 2.

[SwitchB] vlan 2

[SwitchB-vlan2] quit

# Create VLAN 3.

[SwitchB] vlan 3

[SwitchB-vlan3] quit

# Configure HundredGigE 3/0/1 as a trunk port and assign it to VLAN 2.

[SwitchB] interface hundredgige 3/0/1

[SwitchB-HundredGigE3/0/1] port link-type trunk

[SwitchB-HundredGigE3/0/1] port trunk permit vlan 2

# On HundredGigE 3/0/1, create Ethernet service instance 1000 to match VLAN 2.

[SwitchB] interface hundredgige 3/0/1

[SwitchB-HundredGigE3/0/1] service-instance 1000

[SwitchB-HundredGigE3/0/1-srv1000]encapsulation s-vid 2

# Map Ethernet service instance 1000 to VSI vpna.

[SwitchB-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[SwitchB-HundredGigE3/0/1-srv1000] quit

# Configure HundredGigE 3/0/2 as a trunk port and assign it to VLAN 3.

[SwitchB] interface hundredgige 3/0/2

[SwitchB-HundredGigE3/0/2] port link-type trunk

[SwitchB-HundredGigE3/0/2] port trunk permit vlan 3

# On HundredGigE 3/0/2, create Ethernet service instance 2000 to match VLAN 3.

[SwitchB-HundredGigE3/0/2] service-instance 2000

[SwitchB-HundredGigE3/0/2-srv2000] encapsulation s-vid 3

# Map Ethernet service instance 2000 to VSI vpnb.

[SwitchB-HundredGigE3/0/2-srv2000] xconnect vsi vpnb

[SwitchB-HundredGigE3/0/2-srv2000] quit

[SwitchB-HundredGigE3/0/2] quit

# Configure RD and route target settings for VPN instance vpna.

[SwitchB] ip vpn-instance vpna

[SwitchB-vpn-instance-vpna] route-distinguisher 1:1

[SwitchB-vpn-instance-vpna] address-family ipv4

[SwitchB-vpn-ipv4-vpna] vpn-target 1:1

[SwitchB-vpn-ipv4-vpna] quit

[SwitchB-vpn-instance-vpna] address-family evpn

[SwitchB-vpn-evpn-vpna] vpn-target 1:1

[SwitchB-vpn-evpn-vpna] quit

[SwitchB-vpn-instance-vpna] quit

# Configure RD and route target settings for VPN instance vpnb.

[SwitchB] ip vpn-instance vpnb

[SwitchB-vpn-instance-vpnb] route-distinguisher 2:2

[SwitchB-vpn-instance-vpnb] address-family ipv4

[SwitchB-vpn-ipv4-vpnb] vpn-target 1:1

[SwitchB-vpn-ipv4-vpnb] quit

[SwitchB-vpn-instance-vpnb] address-family evpn

[SwitchB-vpn-evpn-vpnb] vpn-target 1:1

[SwitchB-vpn-evpn-vpnb] quit

[SwitchB-vpn-instance-vpnb] quit

# Configure VSI-interface 1.

[SwitchB] interface vsi-interface 1

[SwitchB-Vsi-interface1] ip binding vpn-instance vpna

[SwitchB-Vsi-interface1] ip address 10.1.1.1 255.255.255.0

[SwitchB-Vsi-interface1] igmp enable

[SwitchB-Vsi-interface1] mac-address 1-1-1

[SwitchB-Vsi-interface1] distributed-gateway local

[SwitchB-Vsi-interface1] local-proxy-arp enable

[SwitchB-Vsi-interface1] quit

# Configure VSI-interface 2.

[SwitchB] interface vsi-interface 2

[SwitchB-Vsi-interface2] ip binding vpn-instance vpnb

[SwitchB-Vsi-interface2] ip address 10.1.2.1 255.255.255.0

[SwitchB-Vsi-interface2] igmp enable

[SwitchB-Vsi-interface2] mac-address 2-2-2

[SwitchB-Vsi-interface2] distributed-gateway local

[SwitchB-Vsi-interface2] local-proxy-arp enable

[SwitchB-Vsi-interface2] quit

# Associate VSI-interface 3 with VPN instance vpna, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchB] interface vsi-interface 3

[SwitchB-Vsi-interface3] ip binding vpn-instance vpna

[SwitchB-Vsi-interface3] l3-vni 1000

[SwitchB-Vsi-interface3] pim sm

[SwitchB-Vsi-interface3] quit

# Enable IP multicast routing for VPN instance vpna.

[SwitchB] multicast routing vpn-instance vpna

[SwitchB-mrib-vpna] quit

# Enable IP multicast routing for VPN instance vpnb.

[SwitchB] multicast routing vpn-instance vpnb

[SwitchB-mrib-vpnb] quit

# Create an MDT-based MVXLAN for VPN instance vpna, enter MVXLAN IPv4 address family view, and configure the MVXLAN source interface.

[SwitchB] multicast-vpn vxlan vpn-instance vpna mode mdt

[SwitchB-mvxlan-vpna] address-family ipv4

[SwitchB-mvxlan-vpna-ipv4] source loopback 0

[SwitchB-mvxlan-vpna-ipv4] quit

[SwitchB-mvxlan-vpna] quit

# Configure Loopback 1.

[SwitchB] interface loopback 1

[SwitchB-LoopBack1] ip binding vpn-instance vpna

[SwitchB-LoopBack1] ip address 12.12.12.12 32

[SwitchB-LoopBack1] pim sm

[SwitchB-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpna.

[SwitchB] pim vpn-instance vpna

[SwitchB-pim-vpna] c-bsr 12.12.12.12

[SwitchB-pim-vpna] c-rp 12.12.12.12

[SwitchB-pim-vpna] quit

# Configure Loopback 2.

[SwitchB] interface loopback 2

[SwitchB-LoopBack2] ip binding vpn-instance vpnb

[SwitchB-LoopBack2] ip address 13.13.13.13 32

[SwitchB-LoopBack2] pim sm

[SwitchB-LoopBack2] quit

# Enter VPN instance PIM view, and configure Loopback 2 as a candidate-BSR and candidate-RP in VPN instance vpnb.

[SwitchB] pim vpn-instance vpnb

[SwitchB-pim-vpnb] c-bsr 13.13.13.13

[SwitchB-pim-vpnb] c-rp 13.13.13.13

[SwitchB-pim-vpnb] quit

# Specify VSI-interface 1 as the gateway interface for VSI vpna.

[SwitchB] vsi vpna

[SwitchB-vsi-vpna] gateway vsi-interface 1

[SwitchB-vsi-vpna] quit

# Specify VSI-interface 2 as the gateway interface for VSI vpnb.

[SwitchB] vsi vpnb

[SwitchB-vsi-vpnb] gateway vsi-interface 2

[SwitchB-vsi-vpnb] quit

# Enable IP multicast routing for VPN instance vpnb, and import the traffic of VPN instance vpna to VPN instance vpnb.

[SwitchB] multicast routing vpn-instance vpnb

[SwitchB-mrib-vpnb] multicast extranet select-rpf l3-vni 1000 group 225.0.0.0 16

5. Configure Switch C:

# Enable L2VPN and IP multicast routing.

<SwitchC> system-view

[SwitchC] l2vpn enable

[SwitchC] multicast routing

[SwitchC-mrib] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchC] vxlan tunnel mac-learning disable

[SwitchC] vxlan tunnel arp-learning disable

# Create VLAN-interface 13 and enter its view.

[SwitchC] vlan 13

[SwitchC-vlan13] quit

[SwitchC] interface vlan-interface 13

# Enable PIM-SM on VLAN-interface 13.

[SwitchC-Vlan-interface13] pim sm

[SwitchC-Vlan-interface13] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchC] bgp 200

[SwitchC-bgp-default] peer 4.4.4.4 as-number 200

[SwitchC-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchC-bgp-default] address-family l2vpn evpn

[SwitchC-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchC-bgp-default-evpn] quit

[SwitchC-bgp-default] quit

# Configure RD and route target settings for VPN instance vpna.

[SwitchC] ip vpn-instance vpna

[SwitchC-vpn-instance-vpna] route-distinguisher 1:1

[SwitchC-vpn-instance-vpna] address-family ipv4

[SwitchC-vpn-ipv4-vpna] vpn-target 1:1

[SwitchC-vpn-ipv4-vpna] quit

[SwitchC-vpn-instance-vpna] address-family evpn

[SwitchC-vpn-evpn-vpna] vpn-target 1:1

[SwitchC-vpn-evpn-vpna] quit

[SwitchC-vpn-instance-vpna] quit

# Configure RD and route target settings for VPN instance vpnb.

[SwitchC] ip vpn-instance vpnb

[SwitchC-vpn-instance-vpna] route-distinguisher 2:2

[SwitchC-vpn-instance-vpna] address-family ipv4

[SwitchC-vpn-ipv4-vpna] vpn-target 1:1

[SwitchC-vpn-ipv4-vpna] quit

[SwitchC-vpn-instance-vpna] address-family evpn

[SwitchC-vpn-evpn-vpna] vpn-target 1:1

[SwitchC-vpn-evpn-vpna] quit

[SwitchC-vpn-instance-vpna] quit

# Associate VSI-interface 3 with VPN instance vpna, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchC] interface vsi-interface 3

[SwitchC-Vsi-interface3] ip binding vpn-instance vpna

[SwitchC-Vsi-interface3] l3-vni 1000

[SwitchC-Vsi-interface3] pim sm

[SwitchC-Vsi-interface3] quit

# Enable IP multicast routing for VPN instance vpna.

[SwitchC] multicast routing vpn-instance vpna

[SwitchC-mrib-vpna] quit

# Enable IP multicast routing for VPN instance vpnb.

[SwitchC] multicast routing vpn-instance vpnb

[SwitchC-mrib-vpnb] quit

# Create an MDT-based MVXLAN for VPN instance vpna, enter MVXLAN IPv4 address family view, and configure the MVXLAN source interface.

[SwitchC] multicast-vpn vxlan vpn-instance vpna mode mdt

[SwitchC-mvxlan-vpna] address-family ipv4

[SwitchC-mvxlan-vpna-ipv4] source loopback 0

[SwitchC-mvxlan-vpna-ipv4] quit

[SwitchC-mvxlan-vpna] quit

# Configure Loopback 1.

[SwitchC] interface loopback 1

[SwitchC-LoopBack1] ip binding vpn-instance vpna

[SwitchC-LoopBack1] ip address 12.12.12.12 32

[SwitchC-LoopBack1] pim sm

[SwitchC-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpna.

[SwitchC] pim vpn-instance vpna

[SwitchC-pim-vpna] c-bsr 12.12.12.12

[SwitchC-pim-vpna] c-rp 12.12.12.12

[SwitchC-pim-vpna] quit

# Configure Loopback 2.

[SwitchC] interface loopback 2

[SwitchC-LoopBack2] ip binding vpn-instance vpnb

[SwitchC-LoopBack2] ip address 13.13.13.13 32

[SwitchC-LoopBack2] pim sm

[SwitchC-LoopBack2] quit

# Enter VPN instance PIM view, and configure Loopback 2 as a candidate-BSR and candidate-RP in VPN instance vpnb.

[SwitchC] pim vpn-instance vpnb

[SwitchC-pim-vpnb] c-bsr 13.13.13.13

[SwitchC-pim-vpnb] c-rp 13.13.13.13

[SwitchC-pim-vpnb] quit

# Configure a default route. Specify the next hop as 20.1.1.100, the IP address of a device in the Layer 3 network.

[SwitchC] ip route-static vpn-instance vpnb 0.0.0.0 0 20.1.1.100

# Import the default route to the BGP IPv4 unicast routing table of VPN instance vpnb.

[SwitchC] bgp 200

[SwitchC-bgp-default] ip vpn-instance vpnb

[SwitchC-bgp-default-vpnb] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4-vpnb] default-route imported

[SwitchC-bgp-default-ipv4-vpnb] import-route static

[SwitchC-bgp-default-ipv4-vpnb] quit

[SwitchC-bgp-default-vpnb] quit

[SwitchC-bgp-default] quit

# Create VLAN 20.

[SwitchC] vlan 20

[SwitchC-vlan20] quit

# Configure VLAN-interface 20 that connects to the Layer 3 network and associate the interface with VPN instance vpnb.

[SwitchC] interface vlan-interface 20

[SwitchC-Vlan-interface20] ip binding vpn-instance vpnb

[SwitchC-Vlan-interface20] ip address 20.1.1.3 24

[SwitchC-Vlan-interface20] pim sm

[SwitchC-Vlan-interface20] quit

# Enable IP multicast routing for VPN instance vpnb, and import the traffic of VPN instance vpna to VPN instance vpnb.

[SwitchC] multicast routing vpn-instance vpnb

[SwitchC-mrib-vpnb] multicast extranet select-rpf l3-vni 1000 group 225.0.0.0 16

6. Configure Switch D:

# Enable IP multicast routing.

<SwitchD> system-view

[SwitchD] multicast routing

[SwitchD-mrib] quit

# Enter PIM view, and configure Loopback 0 as a candidate-BSR and candidate-RP in the public network.

[SwitchD] pim

[SwitchD-pim] c-bsr 4.4.4.4

[SwitchD-pim] c-rp 4.4.4.4

[SwitchD-pim] quit

# Enable PIM-SM on VLAN-interface 11.

[SwitchD] interface vlan-interface11

[SwitchD-Vlan-interface11] pim sm

[SwitchD-Vlan-interface11] quit

# Enable PIM-SM on VLAN-interface 12.

[SwitchD] interface vlan-interface12

[SwitchD-Vlan-interface12] pim sm

[SwitchD-Vlan-interface12] quit

# Enable PIM-SM on VLAN-interface 13.

[SwitchD] interface vlan-interface13

[SwitchD-Vlan-interface13] pim sm

[SwitchD-Vlan-interface13] quit

# Establish BGP connections with other transport network switches.

[SwitchD] bgp 200

[SwitchD-bgp-default] group evpn

[SwitchD-bgp-default] peer 1.1.1.1 group evpn

[SwitchD-bgp-default] peer 2.2.2.2 group evpn

[SwitchD-bgp-default] peer 3.3.3.3 group evpn

[SwitchD-bgp-default] peer evpn as-number 200

[SwitchD-bgp-default] peer evpn connect-interface loopback 0

# Configure BGP to advertise BGP EVPN routes, and disable route target filtering of received BGP EVPN routes.

[SwitchD-bgp-default] address-family l2vpn evpn

[SwitchD-bgp-default-evpn] peer evpn enable

[SwitchD-bgp-default-evpn] undo policy vpn-target

# Configure Switch D as an RR.

[SwitchD-bgp-default-evpn] peer evpn reflect-client

[SwitchD-bgp-default-evpn] quit

[SwitchD-bgp-default] quit

Verifying the configuration

1. Verify the multicast routing information on Switch A:

# Verify that Switch A has multicast routing entries for VPN instance vpna.

<SwitchA> display pim vpn-instance vpna routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: WC RC

UpTime: 03:01:20

Upstream interface: Register-Tunnel0

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: MTunnel0

Protocol: MD, UpTime: 02:57:31, Expires: -

2: Vsi-interface2

Protocol: igmp, UpTime: 03:01:22, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: SPT 2MSDP LOC ACT SQ RC 2MVPN

UpTime: 03:01:20

Upstream interface: Vsi-interface1

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: MTunnel1

Protocol: MD, UpTime: 02:56:31, Expires: -

2: Vsi-interface2

Protocol: igmp, UpTime: 03:01:22, Expires: -

# Verify that Switch A has multicast routing entries for the public network.

<SwitchA> display pim routing-table

Total 0 (*, G) entries; 2 (S, G) entries

(1.1.1.1, 236.0.0.1)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT LOC VXLAN_L3

UpTime: 04:09:52

Upstream interface: MTunnel0 (VPN: vpna)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vlan-interface11

Protocol: pim-sm, UpTime: 04:09:40, Expires: 00:03:10

(1.1.1.1, 239.0.1.0)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT LOC VXLAN_L3

UpTime: 03:00:20

Upstream interface: MTunnel1 (VPN: vpna)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vlan-interface11

Protocol: pim-sm, UpTime: 03:00:20, Expires: 00:03:11

2. Verify the multicast routing information on Switch B:

# Verify that Switch B has multicast routing entries for VPN instance vpna.

<SwitchB> display pim vpn-instance vpna routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: WC

UpTime: 03:01:20

Upstream interface: Register-Tunnel0

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 2

1: Extranet (VPN: vpnb)

Protocol: MD, UpTime: 03:01:20, Expires: -

2: Vsi-interface1

Protocol: igmp, UpTime: 03:01:20, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: SPT ACT FROMVXLAN

UpTime: 03:00:20

Upstream interface: MVXLAN-UPE0 (0.0.0.0)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 2

1: Extranet (VPN: vpnb)

Protocol: MD, UpTime: 03:00:20, Expires: -

2: Vsi-interface1

Protocol: pim-sm, UpTime: 03:00:20, Expires: -

# Verify that Switch B has multicast routing entries for VPN instance vpnb.

<SwitchB> display pim vpn-instance vpnb routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 13.13.13.13 (local)

Protocol: pim-sm, Flag: WC

UpTime: 03:01:20

Upstream interface: Extranet (VPN: vpna, l3-vni: 1000)

Upstream neighbor: 127.0.0.1

RPF prime neighbor: 127.0.0.1

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface2

Protocol: igmp, UpTime: 05:04:11, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 13.13.13.13 (local)

Protocol: pim-sm, Flag: SPT ACT RQ 2MVPN

UpTime: 03:00:20

Upstream interface: Extranet (VPN: vpna, l3-vni: 1000)

Upstream neighbor: 127.0.0.1

RPF prime neighbor: 127.0.0.1

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface2

Protocol: pim-sm, UpTime: 03:00:20, Expires: -

# Verify that Switch B has multicast routing entries for the public network.

<SwitchB> display pim routing-table

Total 0 (*, G) entries; 2 (S, G) entries

(1.1.1.1, 236.0.0.1)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT

UpTime: 04:09:00

Upstream interface: Vlan-interface12

Upstream neighbor: 12.1.1.4

RPF prime neighbor: 12.1.1.4

Downstream interface information:

Total number of downstream interfaces: 1

1: MVXLAN-UPE0

Protocol: MD, UpTime: 04:09:40, Expires: -

(1.1.1.1, 239.0.1.0)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT ACT 2MVPN

UpTime: 03:00:20

Upstream interface: Vlan-interface12

Upstream neighbor: 12.1.1.4

RPF prime neighbor: 12.1.1.4

Downstream interface information:

Total number of downstream interfaces: 1

1: MVXLAN-UPE0

Protocol: MD, UpTime: 03:00:20, Expires: -

Example: Configuring MVXLAN extranet on the receiver VPN instance for asymmetrically configured extranet

Network configuration

As shown in Figure 8, VM 1 is the multicast source of multicast group 225.0.0.0, and the other VMs are multicast receivers. VM 1 and VM 2 belong to VPN instance vpna, VM 3 belongs to VPN instance vpnb, and VM 4 belongs to vpnc. VM 1 and VM 3 are in VXLAN 10, and VM 2 and VM 4 are in VXLAN 20. Configure MVXLAN to forward the multicast traffic from the source to the receivers.

· Configure VXLAN 10 and VXLAN 20 on Switch A and Switch B to extend VLAN 2 and VLAN 3 across the sites.

· Configure Switch A and Switch B as distributed EVPN gateways to provide gateway services. Configure Switch C as a border gateway to provide access to the connected Layer 3 network.

· Configure Switch D as an RR to reflect BGP EVPN routes between Switch A, Switch B, and Switch C.

· Configure PIM-SM on the transport-facing interfaces of Switches A through D. Configure IGMP snooping on Switches A through C for multicast forwarding entry creation.

· Configure MVXLAN extranet to import the traffic of VPN instance vpna to VPN instance vpnb and VPN instance vpnc based on the L3 VXLAN ID on Switch B.

Figure 8 Network diagram

‌

Procedure

1. On VM 1 and VM 3, specify 10.1.1.1 as the gateway address. On VM 2 and VM 4, specify 10.1.2.1 as the gateway address. (Details not shown.)

2. Configure IP addresses and unicast routing settings:

# Assign IP addresses to interfaces, as shown in Figure 8. (Details not shown.)

# Configure OSPF on all transport network switches (Switches A through D) for them to reach one another. (Details not shown.)

3. Configure Switch A:

# Enable L2VPN and IP multicast routing.

<SwitchA> system-view

[SwitchA] l2vpn enable

[SwitchA] multicast routing

[SwitchA-mrib] quit

# Enable the IGMP snooping feature.

[SwitchA] igmp-snooping

[SwitchA-igmp-snooping] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchA] vxlan tunnel mac-learning disable

[SwitchA] vxlan tunnel arp-learning disable

# Create VLAN-interface 11 and enter its view.

[SwitchA] vlan 11

[SwitchA-vlan11] quit

[SwitchA] interface vlan-interface 11

# Enable PIM-SM on VLAN-interface 11.

[SwitchA-Vlan-interface11] pim sm

[SwitchA-Vlan-interface11] quit

# Create an EVPN instance on VSI vpna.

[SwitchA] vsi vpna

[SwitchA-vsi-vpna] evpn encapsulation vxlan

[SwitchA-vsi-vpna-evpn-vxlan] route-distinguisher auto

[SwitchA-vsi-vpna-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchA-vsi-vpna-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchA-vsi-vpna-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpna.

[SwitchA-vsi-vpna] igmp-snooping enable

[SwitchA-vsi-vpna] igmp-snooping proxy enable

# Create VXLAN 10.

[SwitchA-vsi-vpna] vxlan 10

[SwitchA-vsi-vpna-vxlan-10] quit

[SwitchA-vsi-vpna] quit

# Create an EVPN instance on VSI vpnb.

[SwitchA] vsi vpnb

[SwitchA-vsi-vpnb] evpn encapsulation vxlan

[SwitchA-vsi-vpnb-evpn-vxlan] route-distinguisher auto

[SwitchA-vsi-vpnb-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchA-vsi-vpnb-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchA-vsi-vpnb-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpnb.

[SwitchA-vsi-vpnb] igmp-snooping enable

[SwitchA-vsi-vpnb] igmp-snooping proxy enable

# Create VXLAN 20.

[SwitchA-vsi-vpnb] vxlan 20

[SwitchA-vsi-vpnb-vxlan-20] quit

[SwitchA-vsi-vpnb] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchA] bgp 200

[SwitchA-bgp-default] peer 4.4.4.4 as-number 200

[SwitchA-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchA-bgp-default] address-family l2vpn evpn

[SwitchA-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchA-bgp-default-evpn] quit

[SwitchA-bgp-default] quit

# Create VLAN 2.

[SwitchA] vlan 2

[SwitchA-vlan2] quit

# Create VLAN 3.

[SwitchA] vlan 3

[SwitchA-vlan3] quit

# Configure HundredGigE 3/0/1 as a trunk port and assign it to VLAN 2 and VLAN 3.

[SwitchA] interface hundredgige 3/0/1

[SwitchA-HundredGigE3/0/1] port link-type trunk

[SwitchA-HundredGigE3/0/1] port trunk permit vlan 2 3

# On HundredGigE 3/0/1, create Ethernet service instance 1000 to match VLAN 2.

[SwitchA-HundredGigE3/0/1] service-instance 1000

[SwitchA-HundredGigE3/0/1-srv1000] encapsulation s-vid 2

# Map Ethernet service instance 1000 to VSI vpna.

[SwitchA-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[SwitchA-HundredGigE3/0/1-srv1000] quit

# On HundredGigE 3/0/1, create Ethernet service instance 2000 to match VLAN 3.

[SwitchA-HundredGigE3/0/1] service-instance 2000

[SwitchA-HundredGigE3/0/1-srv2000] encapsulation s-vid 3

# Map Ethernet service instance 2000 to VSI vpnb.

[SwitchA-HundredGigE3/0/1-srv2000] xconnect vsi vpnb

[SwitchA-HundredGigE3/0/1-srv2000] quit

[SwitchA-HundredGigE3/0/1] quit

# Configure RD and route target settings for VPN instance vpna.

[SwitchA] ip vpn-instance vpna

[SwitchA-vpn-instance-vpna] route-distinguisher 1:1

[SwitchA-vpn-instance-vpna] address-family ipv4

[SwitchA-vpn-ipv4-vpna] vpn-target 1:1

[SwitchA-vpn-ipv4-vpna] quit

[SwitchA-vpn-instance-vpna] address-family evpn

[SwitchA-vpn-evpn-vpna] vpn-target 1:1

[SwitchA-vpn-evpn-vpna] quit

[SwitchA-vpn-instance-vpna] quit

# Configure VSI-interface 1.

[SwitchA] interface vsi-interface 1

[SwitchA-Vsi-interface1] ip binding vpn-instance vpna

[SwitchA-Vsi-interface1] ip address 10.1.1.1 255.255.255.0

[SwitchA-Vsi-interface1] pim sm

[SwitchA-Vsi-interface1] pim distributed-dr

[SwitchA-Vsi-interface1] mac-address 1-1-1

[SwitchA-Vsi-interface1] distributed-gateway local

[SwitchA-Vsi-interface1] local-proxy-arp enable

[SwitchA-Vsi-interface1] quit

# Configure VSI-interface 2.

[SwitchA] interface vsi-interface 2

[SwitchA-Vsi-interface2] ip binding vpn-instance vpna

[SwitchA-Vsi-interface2] ip address 10.1.2.1 255.255.255.0

[SwitchA-Vsi-interface2] igmp enable

[SwitchA-Vsi-interface2] mac-address 2-2-2

[SwitchA-Vsi-interface2] distributed-gateway local

[SwitchA-Vsi-interface2] local-proxy-arp enable

[SwitchA-Vsi-interface2] quit

# Associate VSI-interface 3 with VPN instance vpna, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchA] interface vsi-interface 3

[SwitchA-Vsi-interface3] ip binding vpn-instance vpna

[SwitchA-Vsi-interface3] l3-vni 1000

[SwitchA-Vsi-interface3] pim sm

[SwitchA-Vsi-interface3] quit

# Enable IP multicast routing for VPN instance vpna.

[SwitchA] multicast routing vpn-instance vpna

[SwitchA-mrib-vpna] quit

# Create an MDT-based MVXLAN for VPN instance vpna and enter MVXLAN IPv4 address family view. Configure the default group, MVXLAN source interface, and data group range settings.

[SwitchA] multicast-vpn vxlan vpn-instance vpna mode mdt

[SwitchA-mvxlan-vpna] address-family ipv4

[SwitchA-mvxlan-vpna-ipv4] default-group 236.0.0.1

[SwitchA-mvxlan-vpna-ipv4] source loopback 0

[SwitchA-mvxlan-vpna-ipv4] data-group 239.0.1.0 25

[SwitchA-mvxlan-vpna-ipv4] quit

[SwitchA-mvxlan-vpna] quit

# Configure Loopback 1.

[SwitchA] interface loopback 1

[SwitchA-LoopBack1] ip binding vpn-instance vpna

[SwitchA-LoopBack1] ip address 12.12.12.12 32

[SwitchA-LoopBack1] pim sm

[SwitchA-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpna.

[SwitchA] pim vpn-instance vpna

[SwitchA-pim-vpna] c-bsr 12.12.12.12

[SwitchA-pim-vpna] c-rp 12.12.12.12

[SwitchA-pim-vpna] quit

# Specify VSI-interface 1 as the gateway interface for VSI vpna.

[SwitchA] vsi vpna

[SwitchA-vsi-vpna] gateway vsi-interface 1

[SwitchA-vsi-vpna] quit

# Specify VSI-interface 2 as the gateway interface for VSI vpnb.

[SwitchA] vsi vpnb

[SwitchA-vsi-vpnb] gateway vsi-interface 2

[SwitchA-vsi-vpnb] quit

4. Configure Switch B:

# Enable L2VPN and IP multicast routing.

<SwitchB> system-view

[SwitchB] l2vpn enable

[SwitchB] multicast routing

[SwitchB-mrib] quit

# Enable the IGMP snooping feature.

[SwitchB] igmp-snooping

[SwitchB-igmp-snooping] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchB] vxlan tunnel mac-learning disable

[SwitchB] vxlan tunnel arp-learning disable

# Create VLAN-interface 12 and enter its view.

[SwitchB] vlan 12

[SwitchB-vlan12] quit

[SwitchB] interface vlan-interface 12

# Enable PIM-SM on VLAN-interface 12.

[SwitchB-Vlan-interface12] pim sm

[SwitchB-Vlan-interface12] quit

# Create an EVPN instance on VSI vpna.

[SwitchB] vsi vpna

[SwitchB-vsi-vpna] evpn encapsulation vxlan

[SwitchB-vsi-vpna-evpn-vxlan] route-distinguisher auto

[SwitchB-vsi-vpna-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchB-vsi-vpna-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchB-vsi-vpna-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpna.

[SwitchB-vsi-vpna] igmp-snooping enable

[SwitchB-vsi-vpna] igmp-snooping proxy enable

# Create VXLAN 10.

[SwitchB-vsi-vpna] vxlan 10

[SwitchB-vsi-vpna-vxlan-10] quit

[SwitchB-vsi-vpna] quit

# Create an EVPN instance on VSI vpnb.

[SwitchB] vsi vpnb

[SwitchB-vsi-vpnb] evpn encapsulation vxlan

[SwitchB-vsi-vpnb-evpn-vxlan] route-distinguisher auto

[SwitchB-vsi-vpnb-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchB-vsi-vpnb-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchB-vsi-vpnb-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpnb.

[SwitchB-vsi-vpnb] igmp-snooping enable

[SwitchB-vsi-vpnb] igmp-snooping proxy enable

# Create VXLAN 20.

[SwitchB-vsi-vpnb] vxlan 20

[SwitchB-vsi-vpnb-vxlan-20] quit

[SwitchB-vsi-vpnb] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchB] bgp 200

[SwitchB-bgp-default] peer 4.4.4.4 as-number 200

[SwitchB-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchB-bgp-default] address-family l2vpn evpn

[SwitchB-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchB-bgp-default-evpn] quit

[SwitchB-bgp-default] quit

# Create VLAN 2.

[SwitchB] vlan 2

[SwitchB-vlan2] quit

# Create VLAN 3.

[SwitchB] vlan 3

[SwitchB-vlan3] quit

# Configure HundredGigE 3/0/1 as a trunk port and assign it to VLAN 2.

[SwitchB] interface hundredgige 3/0/1

[SwitchB-HundredGigE3/0/1] port link-type trunk

[SwitchB-HundredGigE3/0/1] port trunk permit vlan 2

# On HundredGigE 3/0/1, create Ethernet service instance 1000 to match VLAN 2.

[SwitchB] interface hundredgige 3/0/1

[SwitchB-HundredGigE3/0/1] service-instance 1000

[SwitchB-HundredGigE3/0/1-srv1000]encapsulation s-vid 2

# Map Ethernet service instance 1000 to VSI vpna.

[SwitchB-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[SwitchB-HundredGigE3/0/1-srv1000] quit

# Configure HundredGigE 3/0/2 as a trunk port and assign it to VLAN 3.

[SwitchB] interface hundredgige 3/0/2

[SwitchB-HundredGigE3/0/2] port link-type trunk

[SwitchB-HundredGigE3/0/2] port trunk permit vlan 3

# On HundredGigE 3/0/2, create Ethernet service instance 2000 to match VLAN 3.

[SwitchB-HundredGigE3/0/2] service-instance 2000

[SwitchB-HundredGigE3/0/2-srv2000] encapsulation s-vid 3

# Map Ethernet service instance 2000 to VSI vpnb.

[SwitchB-HundredGigE3/0/2-srv2000] xconnect vsi vpnb

[SwitchB-HundredGigE3/0/2-srv2000] quit

[SwitchB-HundredGigE3/0/2] quit

# Configure RD and route target settings for VPN instance vpnb.

[SwitchB] ip vpn-instance vpnb

[SwitchB-vpn-instance-vpnb] route-distinguisher 2:2

[SwitchB-vpn-instance-vpnb] address-family ipv4

[SwitchB-vpn-ipv4-vpnb] vpn-target 1:1

[SwitchB-vpn-ipv4-vpnb] quit

[SwitchB-vpn-instance-vpnb] address-family evpn

[SwitchB-vpn-evpn-vpnb] vpn-target 1:1

[SwitchB-vpn-evpn-vpnb] quit

[SwitchB-vpn-instance-vpnb] quit

# Configure RD and route target settings for VPN instance vpnc.

[SwitchB] ip vpn-instance vpnc

[SwitchB-vpn-instance-vpnc] route-distinguisher 3:3

[SwitchB-vpn-instance-vpnc] address-family ipv4

[SwitchB-vpn-ipv4-vpnc] vpn-target 1:1

[SwitchB-vpn-ipv4-vpnc] quit

[SwitchB-vpn-instance-vpnc] address-family evpn

[SwitchB-vpn-evpn-vpnc] vpn-target 1:1

[SwitchB-vpn-evpn-vpnc] quit

[SwitchB-vpn-instance-vpnc] quit

# Configure VSI-interface 1.

[SwitchB] interface vsi-interface 1

[SwitchB-Vsi-interface1] ip binding vpn-instance vpnb

[SwitchB-Vsi-interface1] ip address 10.1.1.1 255.255.255.0

[SwitchB-Vsi-interface1] igmp enable

[SwitchB-Vsi-interface1] mac-address 1-1-1

[SwitchB-Vsi-interface1] distributed-gateway local

[SwitchB-Vsi-interface1] local-proxy-arp enable

[SwitchB-Vsi-interface1] quit

# Configure VSI-interface 2.

[SwitchB] interface vsi-interface 2

[SwitchB-Vsi-interface2] ip binding vpn-instance vpnc

[SwitchB-Vsi-interface2] ip address 10.1.2.1 255.255.255.0

[SwitchB-Vsi-interface2] igmp enable

[SwitchB-Vsi-interface2] mac-address 2-2-2

[SwitchB-Vsi-interface2] distributed-gateway local

[SwitchB-Vsi-interface2] local-proxy-arp enable

[SwitchB-Vsi-interface2] quit

# Configure the L3 VXLAN ID as 1000 for VSI-interface 3.

[SwitchB] interface vsi-interface 3

[SwitchB-Vsi-interface3] l3-vni 1000

[SwitchB-Vsi-interface3] pim sm

[SwitchB-Vsi-interface3] quit

# Enable IP multicast routing for VPN instance vpnb.

[SwitchB] multicast routing vpn-instance vpnb

[SwitchB-mrib-vpnb] quit

# Enable IP multicast routing for VPN instance vpnc.

[SwitchB] multicast routing vpn-instance vpnc

[SwitchB-mrib-vpnc] quit

# Create an MDT-based MVXLAN for VPN instance vpnb, enter MVXLAN IPv4 address family view, and configure the MVXLAN source interface.

[SwitchB] multicast-vpn vxlan vpn-instance vpnb mode mdt

[SwitchB-mvxlan-vpnb] address-family ipv4

[SwitchB-mvxlan-vpnb-ipv4] source loopback 0

[SwitchB-mvxlan-vpnb-ipv4] quit

[SwitchB-mvxlan-vpnb] quit

# Create an MDT-based MVXLAN for VPN instance vpnc, enter MVXLAN IPv4 address family view, and configure the MVXLAN source interface.

[SwitchB] multicast-vpn vxlan vpn-instance vpnc mode mdt

[SwitchB-mvxlan-vpnc] address-family ipv4

[SwitchB-mvxlan-vpnc-ipv4] source loopback 0

[SwitchB-mvxlan-vpnc-ipv4] quit

[SwitchB-mvxlan-vpnc] quit

# Configure Loopback 1.

[SwitchB] interface loopback 1

[SwitchB-LoopBack1] ip binding vpn-instance vpnb

[SwitchB-LoopBack1] ip address 12.12.12.12 32

[SwitchB-LoopBack1] pim sm

[SwitchB-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpnb.

[SwitchB] pim vpn-instance vpnb

[SwitchB-pim-vpnb] c-bsr 12.12.12.12

[SwitchB-pim-vpnb] c-rp 12.12.12.12

[SwitchB-pim-vpnb] quit

# Configure Loopback 2.

[SwitchB] interface loopback 2

[SwitchB-LoopBack2] ip binding vpn-instance vpnc

[SwitchB-LoopBack2] ip address 13.13.13.13 32

[SwitchB-LoopBack2] pim sm

[SwitchB-LoopBack2] quit

# Enter VPN instance PIM view, and configure Loopback 2 as a candidate-BSR and candidate-RP in VPN instance vpnc.

[SwitchB] pim vpn-instance vpnc

[SwitchB-pim-vpnc] c-bsr 13.13.13.13

[SwitchB-pim-vpnc] c-rp 13.13.13.13

[SwitchB-pim-vpnc] quit

# Specify VSI-interface 1 as the gateway interface for VSI vpna.

[SwitchB] vsi vpna

[SwitchB-vsi-vpna] gateway vsi-interface 1

[SwitchB-vsi-vpna] quit

# Specify VSI-interface 2 as the gateway interface for VSI vpnb.

[SwitchB] vsi vpnb

[SwitchB-vsi-vpnb] gateway vsi-interface 2

[SwitchB-vsi-vpnb] quit

# Enable IP multicast routing for VPN instance vpnb and VPN instance vpnc, and import the traffic of VPN instance vpna to VPN instance vpnb and VPN instance vpnc.

[SwitchB] multicast routing vpn-instance vpnb

[SwitchB-mrib-vpnb] multicast extranet select-rpf l3-vni 1000 group 225.0.0.0 16

[SwitchB] multicast routing vpn-instance vpnc

[SwitchB-mrib-vpnc] multicast extranet select-rpf l3-vni 1000 group 225.0.0.0 16

5. Configure Switch C:

# Enable L2VPN and IP multicast routing.

<SwitchC> system-view

[SwitchC] l2vpn enable

[SwitchC] multicast routing

[SwitchC-mrib] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchC] vxlan tunnel mac-learning disable

[SwitchC] vxlan tunnel arp-learning disable

# Create VLAN-interface 13 and enter its view.

[SwitchC] vlan 13

[SwitchC-vlan13] quit

[SwitchC] interface vlan-interface 13

# Enable PIM-SM on VLAN-interface 13.

[SwitchC-Vlan-interface13] pim sm

[SwitchC-Vlan-interface13] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchC] bgp 200

[SwitchC-bgp-default] peer 4.4.4.4 as-number 200

[SwitchC-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchC-bgp-default] address-family l2vpn evpn

[SwitchC-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchC-bgp-default-evpn] quit

[SwitchC-bgp-default] quit

# Configure RD and route target settings for VPN instance vpnb.

[SwitchC] ip vpn-instance vpnb

[SwitchC-vpn-instance-vpnb] route-distinguisher 1:1

[SwitchC-vpn-instance-vpnb] address-family ipv4

[SwitchC-vpn-ipv4-vpnb] vpn-target 1:1

[SwitchC-vpn-ipv4-vpnb] quit

[SwitchC-vpn-instance-vpnb] address-family evpn

[SwitchC-vpn-evpn-vpnb] vpn-target 1:1

[SwitchC-vpn-evpn-vpnb] quit

[SwitchC-vpn-instance-vpnb] quit

# Configure the L3 VXLAN ID as 1000 for VSI-interface 3.

[SwitchC] interface vsi-interface 3

[SwitchC-Vsi-interface3] l3-vni 1000

[SwitchC-Vsi-interface3] pim sm

[SwitchC-Vsi-interface3] quit

# Enable IP multicast routing for VPN instance vpnb.

[SwitchC] multicast routing vpn-instance vpnb

[SwitchC-mrib-vpna] quit

# Create an MDT-based MVXLAN for VPN instance vpnb, enter MVXLAN IPv4 address family view, and configure the MVXLAN source interface.

[SwitchC] multicast-vpn vxlan vpn-instance vpnb mode mdt

[SwitchC-mvxlan-vpnb] address-family ipv4

[SwitchC-mvxlan-vpnb-ipv4] source loopback 0

[SwitchC-mvxlan-vpnb-ipv4] quit

[SwitchC-mvxlan-vpnb] quit

# Configure Loopback 1.

[SwitchC] interface loopback 1

[SwitchC-LoopBack1] ip binding vpn-instance vpnb

[SwitchC-LoopBack1] ip address 12.12.12.12 32

[SwitchC-LoopBack1] pim sm

[SwitchC-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpnb.

[SwitchC] pim vpn-instance vpnb

[SwitchC-pim-vpnb] c-bsr 12.12.12.12

[SwitchC-pim-vpnb] c-rp 12.12.12.12

[SwitchC-pim-vpnb] quit

# Configure a default route. Specify the next hop as 20.1.1.100, the IP address of a device in the Layer 3 network.

[SwitchC] ip route-static vpn-instance vpnb 0.0.0.0 0 20.1.1.100

# Import the default route to the BGP IPv4 unicast routing table of VPN instance vpnb.

[SwitchC] bgp 200

[SwitchC-bgp-default] ip vpn-instance vpnb

[SwitchC-bgp-default-vpnb] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4-vpnb] default-route imported

[SwitchC-bgp-default-ipv4-vpnb] import-route static

[SwitchC-bgp-default-ipv4-vpnb] quit

[SwitchC-bgp-default-vpnb] quit

[SwitchC-bgp-default] quit

# Create VLAN 20.

[SwitchC] vlan 20

[SwitchC-vlan20] quit

# Configure VLAN-interface 20 that connects to the Layer 3 network and associate the interface with VPN instance vpnb.

[SwitchC] interface vlan-interface 20

[SwitchC-Vlan-interface20] ip binding vpn-instance vpnb

[SwitchC-Vlan-interface20] ip address 20.1.1.3 24

[SwitchC-Vlan-interface20] pim sm

[SwitchC-Vlan-interface20] quit

# Enable IP multicast routing for VPN instance vpnb, and import the traffic of VPN instance vpna to VPN instance vpnb.

[SwitchC] multicast routing vpn-instance vpnb

[SwitchC-mrib-vpnb] multicast extranet select-rpf l3-vni 1000 group 225.0.0.0 16

6. Configure Switch D:

# Enable IP multicast routing.

<SwitchD> system-view

[SwitchD] multicast routing

[SwitchD-mrib] quit

# Enter PIM view, and configure Loopback 0 as a candidate-BSR and candidate-RP in the public network.

[SwitchD] pim

[SwitchD-pim] c-bsr 4.4.4.4

[SwitchD-pim] c-rp 4.4.4.4

[SwitchD-pim] quit

# Enable PIM-SM on VLAN-interface 11.

[SwitchD] interface vlan-interface11

[SwitchD-Vlan-interface11] pim sm

[SwitchD-Vlan-interface11] quit

# Enable PIM-SM on VLAN-interface 12.

[SwitchD] interface vlan-interface12

[SwitchD-Vlan-interface12] pim sm

[SwitchD-Vlan-interface12] quit

# Enable PIM-SM on VLAN-interface 13.

[SwitchD] interface vlan-interface13

[SwitchD-Vlan-interface13] pim sm

[SwitchD-Vlan-interface13] quit

# Establish BGP connections with other transport network switches.

[SwitchD] bgp 200

[SwitchD-bgp-default] group evpn

[SwitchD-bgp-default] peer 1.1.1.1 group evpn

[SwitchD-bgp-default] peer 2.2.2.2 group evpn

[SwitchD-bgp-default] peer 3.3.3.3 group evpn

[SwitchD-bgp-default] peer evpn as-number 200

[SwitchD-bgp-default] peer evpn connect-interface loopback 0

# Configure BGP to advertise BGP EVPN routes, and disable route target filtering of received BGP EVPN routes.

[SwitchD-bgp-default] address-family l2vpn evpn

[SwitchD-bgp-default-evpn] peer evpn enable

[SwitchD-bgp-default-evpn] undo policy vpn-target

# Configure Switch D as an RR.

[SwitchD-bgp-default-evpn] peer evpn reflect-client

[SwitchD-bgp-default-evpn] quit

[SwitchD-bgp-default] quit

Verifying the configuration

1. Verify the multicast routing information on Switch A:

# Verify that Switch A has multicast routing entries for VPN instance vpna.

<SwitchA> display pim vpn-instance vpna routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: WC RC

UpTime: 02:57:31

Upstream interface: Register-Tunnel0

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: MTunnel0

Protocol: MD, UpTime: 02:56:31, Expires: -

2: Vsi-interface2

Protocol: igmp, UpTime: 02:57:31, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: SPT 2MSDP LOC ACT SQ RC 2MVPN

UpTime: 02:56:31

Upstream interface: Vsi-interface1

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: MTunnel1

Protocol: MD, UpTime: 02:56:21, Expires: -

2: Vsi-interface2

Protocol: igmp, UpTime: 02:56:31, Expires: -

# Verify that Switch A has multicast routing entries for the public network.

<SwitchA> display pim routing-table

Total 0 (*, G) entries; 2 (S, G) entries

(1.1.1.1, 236.0.0.1)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT LOC VXLAN_L3

UpTime: 03:09:52

Upstream interface: MTunnel0 (VPN: vpna)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vlan-interface11

Protocol: pim-sm, UpTime: 03:08:52, Expires: 00:03:10

(1.1.1.1, 239.0.1.0)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT LOC VXLAN_L3

UpTime: 02:55:31

Upstream interface: MTunnel1 (VPN: vpna)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vlan-interface11

Protocol: pim-sm, UpTime: 02:55:20, Expires: 00:03:11

2. Verify the multicast routing information on Switch B:

# Verify that Switch B has multicast routing entries for VPN instance vpnb.

<SwitchB> display pim vpn-instance vpnb routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: WC

UpTime: 02:56:32

Upstream interface: Extranet (public instance, l3-vni: 1000)

Upstream neighbor: 127.0.0.1

RPF prime neighbor: 127.0.0.1

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface1

Protocol: igmp, UpTime: 02:56:32, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: SPT ACT RQ 2MVPN

UpTime: 02:55:20

Upstream interface: Extranet (public instance, l3-vni: 1000)

Upstream neighbor: 127.0.0.1

RPF prime neighbor: 127.0.0.1

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface1

Protocol: pim-sm, UpTime: 02:55:20, Expires: -

# Verify that Switch B has multicast routing entries for VPN instance vpnc.

<SwitchB> display pim vpn-instance vpnc routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 13.13.13.13 (local)

Protocol: pim-sm, Flag: WC

UpTime: 02:56:32

Upstream interface: Extranet (public instance, l3-vni: 1000)

Upstream neighbor: 127.0.0.1

RPF prime neighbor: 127.0.0.1

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface2

Protocol: igmp, UpTime: 02:56:32, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 13.13.13.13 (local)

Protocol: pim-sm, Flag: SPT ACT RQ 2MVPN

UpTime: 02:55:20

Upstream interface: Extranet (public instance, l3-vni: 1000)

Upstream neighbor: 127.0.0.1

RPF prime neighbor: 127.0.0.1

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface2

Protocol: pim-sm, UpTime: 02:55:20, Expires: -

# Verify that Switch B has multicast routing entries for the public network.

<SwitchB> display pim routing-table

Total 0 (*, G) entries; 2 (S, G) entries

(1.1.1.1, 236.0.0.1)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT

UpTime: 03:08:52

Upstream interface: Vlan-interface12

Upstream neighbor: 12.1.1.4

RPF prime neighbor: 12.1.1.4

Downstream interface information:

Total number of downstream interfaces: 1

1: MVXLAN-UPE0

Protocol: MD, UpTime: 03:08:52, Expires: -

(1.1.1.1, 239.0.1.0)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT ACT 2MVPN

UpTime: 02:55:31

Upstream interface: Vlan-interface12

Upstream neighbor: 12.1.1.4

RPF prime neighbor: 12.1.1.4

Downstream interface information:

Total number of downstream interfaces: 1

1: MVXLAN-UPE0

Protocol: MD, UpTime: 02:55:31, Expires: -

Example: Configuring MVXLAN extranet on the source VPN instance for asymmetrically configured extranet

Network configuration

As shown in Figure 9, VM 1 and VM 2 the multicast sources of multicast group 225.0.0.0, and the other VMs are multicast receivers. VM 1 belongs to VPN instance vpna, VM 2, VM 3, and VM 4 belong to VPN instance vpnb. VM 1 and VM 3 are in VXLAN 10, and VM 2 and VM 4 are in VXLAN 20. Configure MVXLAN to forward the multicast traffic from the source to the receivers.

· Configure VXLAN 10 and VXLAN 20 on Switch A and Switch B to extend VLAN 2 and VLAN 3 across the sites.

· Configure Switch A and Switch B as distributed EVPN gateways to provide gateway services. Configure Switch C as a border gateway to provide access to the connected Layer 3 network.

· Configure Switch D as an RR to reflect BGP EVPN routes between Switch A, Switch B, and Switch C.

· Configure PIM-SM on the transport-facing interfaces of Switches A through D. Configure IGMP snooping on Switches A through C for multicast forwarding entry creation.

· Configure MVXLAN extranet to import the traffic of VPN instance vpna to VPN instance vpnb based on the source VPN instance on Switch A.

Figure 9 Network diagram

‌

Procedure

1. On VM 1 and VM 2, specify 10.1.1.1 as the gateway address. On VM 3 and VM 4, specify 10.1.2.1 as the gateway address. (Details not shown.)

2. Configure IP addresses and unicast routing settings:

# Assign IP addresses to interfaces, as shown in Figure 9. (Details not shown.)

# Configure OSPF on all transport network switches (Switches A through D) for them to reach one another. (Details not shown.)

3. Configure Switch A:

# Enable L2VPN and IP multicast routing.

<SwitchA> system-view

[SwitchA] l2vpn enable

[SwitchA] multicast routing

[SwitchA-mrib] quit

# Enable the IGMP snooping feature.

[SwitchA] igmp-snooping

[SwitchA-igmp-snooping] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchA] vxlan tunnel mac-learning disable

[SwitchA] vxlan tunnel arp-learning disable

# Create VLAN-interface 11 and enter its view.

[SwitchA] vlan 11

[SwitchA-vlan11] quit

[SwitchA] interface vlan-interface 11

# Enable PIM-SM on VLAN-interface 11.

[SwitchA-Vlan-interface11] pim sm

[SwitchA-Vlan-interface11] quit

# Create an EVPN instance on VSI vpna.

[SwitchA] vsi vpna

[SwitchA-vsi-vpna] evpn encapsulation vxlan

[SwitchA-vsi-vpna-evpn-vxlan] route-distinguisher auto

[SwitchA-vsi-vpna-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchA-vsi-vpna-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchA-vsi-vpna-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpna.

[SwitchA-vsi-vpna] igmp-snooping enable

[SwitchA-vsi-vpna] igmp-snooping proxy enable

# Create VXLAN 10.

[SwitchA-vsi-vpna] vxlan 10

[SwitchA-vsi-vpna-vxlan-10] quit

[SwitchA-vsi-vpna] quit

# Create an EVPN instance on VSI vpnb.

[SwitchA] vsi vpnb

[SwitchA-vsi-vpnb] evpn encapsulation vxlan

[SwitchA-vsi-vpnb-evpn-vxlan] route-distinguisher auto

[SwitchA-vsi-vpnb-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchA-vsi-vpnb-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchA-vsi-vpnb-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpnb.

[SwitchA-vsi-vpnb] igmp-snooping enable

[SwitchA-vsi-vpnb] igmp-snooping proxy enable

# Create VXLAN 20.

[SwitchA-vsi-vpnb] vxlan 20

[SwitchA-vsi-vpnb-vxlan-20] quit

[SwitchA-vsi-vpnb] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchA] bgp 200

[SwitchA-bgp-default] peer 4.4.4.4 as-number 200

[SwitchA-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchA-bgp-default] address-family l2vpn evpn

[SwitchA-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchA-bgp-default-evpn] quit

[SwitchA-bgp-default] quit

# Create VLAN 2.

[SwitchA] vlan 2

[SwitchA-vlan2] quit

# Create VLAN 3.

[SwitchA] vlan 3

[SwitchA-vlan3] quit

# Configure HundredGigE 3/0/1 as a trunk port and assign it to VLAN 2 and VLAN 3.

[SwitchA] interface hundredgige 3/0/1

[SwitchA-HundredGigE3/0/1] port link-type trunk

[SwitchA-HundredGigE3/0/1] port trunk permit vlan 2 3

# On HundredGigE 3/0/1, create Ethernet service instance 1000 to match VLAN 2.

[SwitchA-HundredGigE3/0/1] service-instance 1000

[SwitchA-HundredGigE3/0/1-srv1000] encapsulation s-vid 2

# Map Ethernet service instance 1000 to VSI vpna.

[SwitchA-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[SwitchA-HundredGigE3/0/1-srv1000] quit

# On HundredGigE 3/0/1, create Ethernet service instance 2000 to match VLAN 3.

[SwitchA-HundredGigE3/0/1] service-instance 2000

[SwitchA-HundredGigE3/0/1-srv2000] encapsulation s-vid 3

# Map Ethernet service instance 2000 to VSI vpnb.

[SwitchA-HundredGigE3/0/1-srv2000] xconnect vsi vpnb

[SwitchA-HundredGigE3/0/1-srv2000] quit

[SwitchA-HundredGigE3/0/1] quit

# Configure RD and route target settings for VPN instance vpna.

[SwitchA] ip vpn-instance vpna

[SwitchA-vpn-instance-vpna] route-distinguisher 1:1

[SwitchA-vpn-instance-vpna] address-family ipv4

[SwitchA-vpn-ipv4-vpna] vpn-target 1:1

[SwitchA-vpn-ipv4-vpna] quit

[SwitchA-vpn-instance-vpna] address-family evpn

[SwitchA-vpn-evpn-vpna] vpn-target 1:1

[SwitchA-vpn-evpn-vpna] quit

[SwitchA-vpn-instance-vpna] quit

# Configure RD and route target settings for VPN instance vpnb.

[SwitchA] ip vpn-instance vpnb

[SwitchA-vpn-instance-vpnb] route-distinguisher 2:2

[SwitchA-vpn-instance-vpnb] address-family ipv4

[SwitchA-vpn-ipv4-vpnb] vpn-target 1:1

[SwitchA-vpn-ipv4-vpnb] quit

[SwitchA-vpn-instance-vpnb] address-family evpn

[SwitchA-vpn-evpn-vpnb] vpn-target 1:1

[SwitchA-vpn-evpn-vpnb] quit

[SwitchA-vpn-instance-vpnb] quit

# Configure VSI-interface 1.

[SwitchA] interface vsi-interface 1

[SwitchA-Vsi-interface1] ip binding vpn-instance vpna

[SwitchA-Vsi-interface1] ip address 10.1.1.1 255.255.255.0

[SwitchA-Vsi-interface1] pim sm

[SwitchA-Vsi-interface1] pim distributed-dr

[SwitchA-Vsi-interface1] mac-address 1-1-1

[SwitchA-Vsi-interface1] distributed-gateway local

[SwitchA-Vsi-interface1] local-proxy-arp enable

[SwitchA-Vsi-interface1] quit

# Configure VSI-interface 2.

[SwitchA] interface vsi-interface 2

[SwitchA-Vsi-interface2] ip binding vpn-instance vpnb

[SwitchA-Vsi-interface2] ip address 10.1.2.1 255.255.255.0

[SwitchA-Vsi-interface2] pim sm

[SwitchA-Vsi-interface2] pim distributed-dr

[SwitchA-Vsi-interface2] mac-address 2-2-2

[SwitchA-Vsi-interface2] distributed-gateway local

[SwitchA-Vsi-interface2] local-proxy-arp enable

[SwitchA-Vsi-interface2] quit

# Associate VSI-interface 3 with VPN instance vpna, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchA] interface vsi-interface 3

[SwitchA-Vsi-interface3] ip binding vpn-instance vpna

[SwitchA-Vsi-interface3] l3-vni 1000

[SwitchA-Vsi-interface3] quit

# Associate VSI-interface 4 with VPN instance vpnb, and configure the L3 VXLAN ID as 2000 for the VPN instance.

[SwitchA] interface vsi-interface 4

[SwitchA-Vsi-interface4] ip binding vpn-instance vpnb

[SwitchA-Vsi-interface4] l3-vni 2000

[SwitchA-Vsi-interface4] pim sm

[SwitchA-Vsi-interface4] quit

# Enable IP multicast routing for VPN instance vpna.

[SwitchA] multicast routing vpn-instance vpna

[SwitchA-mrib-vpna] quit

# Enable IP multicast routing for VPN instance vpnb.

[SwitchA] multicast routing vpn-instance vpnb

[SwitchA-mrib-vpnb] quit

# Create an MDT-based MVXLAN for VPN instance vpnb and enter MVXLAN IPv4 address family view. Configure the default group, MVXLAN source interface, and data group range settings.

[SwitchA] multicast-vpn vxlan vpn-instance vpnb mode mdt

[SwitchA-mvxlan-vpnb] address-family ipv4

[SwitchA-mvxlan-vpnb-ipv4] default-group 236.0.0.1

[SwitchA-mvxlan-vpnb-ipv4] source loopback 0

[SwitchA-mvxlan-vpnb-ipv4] data-group 239.0.1.0 25

[SwitchA-mvxlan-vpnb-ipv4] quit

[SwitchA-mvxlan-vpnb] quit

# Configure Loopback 1.

[SwitchA] interface loopback 1

[SwitchA-LoopBack1] ip binding vpn-instance vpna

[SwitchA-LoopBack1] ip address 12.12.12.12 32

[SwitchA-LoopBack1] pim sm

[SwitchA-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpna.

[SwitchA] pim vpn-instance vpna

[SwitchA-pim-vpna] c-bsr 12.12.12.12

[SwitchA-pim-vpna] c-rp 12.12.12.12

[SwitchA-pim-vpna] quit

# Configure Loopback 2.

[SwitchA] interface loopback 2

[SwitchA-LoopBack1] ip binding vpn-instance vpnb

[SwitchA-LoopBack1] ip address 13.13.13.13 32

[SwitchA-LoopBack1] pim sm

[SwitchA-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 2 as a candidate-BSR and candidate-RP in VPN instance vpnb.

[SwitchA] pim vpn-instance vpnb

[SwitchA-pim-vpnb] c-bsr 13.13.13.13

[SwitchA-pim-vpnb] c-rp 13.13.13.13

[SwitchA-pim-vpna] quit

# Specify VSI-interface 1 as the gateway interface for VSI vpna.

[SwitchA] vsi vpna

[SwitchA-vsi-vpna] gateway vsi-interface 1

[SwitchA-vsi-vpna] quit

# Specify VSI-interface 2 as the gateway interface for VSI vpnb.

[SwitchA] vsi vpnb

[SwitchA-vsi-vpnb] gateway vsi-interface 2

[SwitchA-vsi-vpnb] quit

# Enable IP multicast routing for VPN instance vpnb, and import the traffic of VPN instance vpna to VPN instance vpnb.

[SwitchA] multicast routing vpn-instance vpnb

[SwitchA-mrib-vpnb] multicast extranet select-rpf vpn-instance vpna group 225.0.0.0 16

4. Configure Switch B:

# Enable L2VPN and IP multicast routing.

<SwitchB> system-view

[SwitchB] l2vpn enable

[SwitchB] multicast routing

[SwitchB-mrib] quit

# Enable the IGMP snooping feature.

[SwitchB] igmp-snooping

[SwitchB-igmp-snooping] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchB] vxlan tunnel mac-learning disable

[SwitchB] vxlan tunnel arp-learning disable

# Create VLAN-interface 12 and enter its view.

[SwitchB] vlan 12

[SwitchB-vlan12] quit

[SwitchB] interface vlan-interface 10

# Enable PIM-SM on VLAN-interface 12.

[SwitchB-Vlan-interface12] pim sm

[SwitchB-Vlan-interface12] quit

# Create an EVPN instance on VSI vpna.

[SwitchB] vsi vpna

[SwitchB-vsi-vpna] evpn encapsulation vxlan

[SwitchB-vsi-vpna-evpn-vxlan] route-distinguisher auto

[SwitchB-vsi-vpna-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchB-vsi-vpna-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchB-vsi-vpna-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpna.

[SwitchB-vsi-vpna] igmp-snooping enable

[SwitchB-vsi-vpna] igmp-snooping proxy enable

# Create VXLAN 10.

[SwitchB-vsi-vpna] vxlan 10

[SwitchB-vsi-vpna-vxlan-10] quit

[SwitchB-vsi-vpna] quit

# Create an EVPN instance on VSI vpnb.

[SwitchB] vsi vpnb

[SwitchB-vsi-vpnb] evpn encapsulation vxlan

[SwitchB-vsi-vpnb-evpn-vxlan] route-distinguisher auto

[SwitchB-vsi-vpnb-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchB-vsi-vpnb-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchB-vsi-vpnb-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpnb.

[SwitchB-vsi-vpnb] igmp-snooping enable

[SwitchB-vsi-vpnb] igmp-snooping proxy enable

# Create VXLAN 20.

[SwitchB-vsi-vpnb] vxlan 20

[SwitchB-vsi-vpnb-vxlan-20] quit

[SwitchB-vsi-vpnb] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchB] bgp 200

[SwitchB-bgp-default] peer 4.4.4.4 as-number 200

[SwitchB-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchB-bgp-default] address-family l2vpn evpn

[SwitchB-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchB-bgp-default-evpn] quit

[SwitchB-bgp-default] quit

# Create VLAN 2.

[SwitchB] vlan 2

[SwitchB-vlan2] quit

# Create VLAN 3.

[SwitchB] vlan 3

[SwitchB-vlan3] quit

# Configure HundredGigE 3/0/1 as a trunk port and assign it to VLAN 2.

[SwitchB] interface hundredgige 3/0/1

[SwitchB-HundredGigE3/0/1] port link-type trunk

[SwitchB-HundredGigE3/0/1] port trunk permit vlan 2

# On HundredGigE 3/0/1, create Ethernet service instance 1000 to match VLAN 2.

[SwitchB] interface hundredgige 3/0/1

[SwitchB-HundredGigE3/0/1] service-instance 1000

[SwitchB-HundredGigE3/0/1-srv1000]encapsulation s-vid 2

# Map Ethernet service instance 1000 to VSI vpna.

[SwitchB-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[SwitchB-HundredGigE3/0/1-srv1000] quit

# Configure HundredGigE 3/0/2 as a trunk port and assign it to VLAN 3.

[SwitchB] interface hundredgige 3/0/2

[SwitchB-HundredGigE3/0/2] port link-type trunk

[SwitchB-HundredGigE3/0/2] port trunk permit vlan 3

# On HundredGigE 3/0/2, create Ethernet service instance 2000 to match VLAN 3.

[SwitchB-HundredGigE3/0/2] service-instance 2000

[SwitchB-HundredGigE3/0/2-srv2000] encapsulation s-vid 3

# Map Ethernet service instance 2000 to VSI vpnb.

[SwitchB-HundredGigE3/0/2-srv2000] xconnect vsi vpnb

[SwitchB-HundredGigE3/0/2-srv2000] quit

[SwitchB-HundredGigE3/0/2] quit

# Configure RD and route target settings for VPN instance vpnb.

[SwitchB] ip vpn-instance vpnb

[SwitchB-vpn-instance-vpnb] route-distinguisher 2:2

[SwitchB-vpn-instance-vpnb] address-family ipv4

[SwitchB-vpn-ipv4-vpnb] vpn-target 1:1

[SwitchB-vpn-ipv4-vpnb] quit

[SwitchB-vpn-instance-vpnb] address-family evpn

[SwitchB-vpn-evpn-vpnb] vpn-target 1:1

[SwitchB-vpn-evpn-vpnb] quit

[SwitchB-vpn-instance-vpnb] quit

# Configure VSI-interface 1.

[SwitchB] interface vsi-interface 1

[SwitchB-Vsi-interface1] ip binding vpn-instance vpnb

[SwitchB-Vsi-interface1] ip address 10.1.1.1 255.255.255.0

[SwitchB-Vsi-interface1] igmp enable

[SwitchB-Vsi-interface1] mac-address 1-1-1

[SwitchB-Vsi-interface1] distributed-gateway local

[SwitchB-Vsi-interface1] local-proxy-arp enable

[SwitchB-Vsi-interface1] quit

# Configure VSI-interface 2.

[SwitchB] interface vsi-interface 2

[SwitchB-Vsi-interface2] ip binding vpn-instance vpnb

[SwitchB-Vsi-interface2] ip address 10.1.2.1 255.255.255.0

[SwitchB-Vsi-interface2] igmp enable

[SwitchB-Vsi-interface2] mac-address 2-2-2

[SwitchB-Vsi-interface2] distributed-gateway local

[SwitchB-Vsi-interface2] local-proxy-arp enable

[SwitchB-Vsi-interface2] quit

# Associate VSI-interface 3 with VPN instance vpnb, and configure the L3 VXLAN ID as 2000 for the VPN instance.

[SwitchB] interface vsi-interface 3

[SwitchB-Vsi-interface3] ip binding vpn-instance vpnb

[SwitchB-Vsi-interface3] l3-vni 2000

[SwitchB-Vsi-interface3] pim sm

[SwitchB-Vsi-interface3] quit

# Associate VSI-interface 4 with VPN instance vpna, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchB] interface vsi-interface 4

[SwitchB-Vsi-interface4] ip binding vpn-instance vpna

[SwitchB-Vsi-interface4] l3-vni 1000

[SwitchB-Vsi-interface4] quit

# Enable IP multicast routing for VPN instance vpnb.

[SwitchB] multicast routing vpn-instance vpnb

[SwitchB-mrib-vpnb] quit

# Create an MDT-based MVXLAN for VPN instance vpnb, enter MVXLAN IPv4 address family view, and configure the MVXLAN source interface.

[SwitchB] multicast-vpn vxlan vpn-instance vpnb mode mdt

[SwitchB-mvxlan-vpnb] address-family ipv4

[SwitchB-mvxlan-vpnb-ipv4] source loopback 0

[SwitchB-mvxlan-vpnb-ipv4] quit

[SwitchB-mvxlan-vpnb] quit

# Configure Loopback 1.

[SwitchB] interface loopback 1

[SwitchB-LoopBack1] ip binding vpn-instance vpnb

[SwitchB-LoopBack1] ip address 12.12.12.12 32

[SwitchB-LoopBack1] pim sm

[SwitchB-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpnb.

[SwitchB] pim vpn-instance vpnb

[SwitchB-pim-vpnb] c-bsr 12.12.12.12

[SwitchB-pim-vpnb] c-rp 12.12.12.12

[SwitchB-pim-vpnb] quit

# Specify VSI-interface 1 as the gateway interface for VSI vpna.

[SwitchB] vsi vpna

[SwitchB-vsi-vpna] gateway vsi-interface 1

[SwitchB-vsi-vpna] quit

# Specify VSI-interface 2 as the gateway interface for VSI vpnb.

[SwitchB] vsi vpnb

[SwitchB-vsi-vpnb] gateway vsi-interface 2

[SwitchB-vsi-vpnb] quit

5. Configure Switch C:

# Enable L2VPN and IP multicast routing.

<SwitchC> system-view

[SwitchC] l2vpn enable

[SwitchC] multicast routing

[SwitchC-mrib] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchC] vxlan tunnel mac-learning disable

[SwitchC] vxlan tunnel arp-learning disable

# Create VLAN-interface 13 and enter its view.

[SwitchC] vlan 13

[SwitchC-vlan13] quit

[SwitchC] interface vlan-interface 13

# Enable PIM-SM on VLAN-interface 13.

[SwitchC-Vlan-interface13] pim sm

[SwitchC-Vlan-interface13] quit

# Configure RD and route target settings for VPN instance vpnb.

[SwitchC] ip vpn-instance vpnb

[SwitchC-vpn-instance-vpnb] route-distinguisher 2:2

[SwitchC-vpn-instance-vpnb] address-family ipv4

[SwitchC-vpn-ipv4-vpnb] vpn-target 1:1

[SwitchC-vpn-ipv4-vpnb] quit

[SwitchC-vpn-instance-vpnb] address-family evpn

[SwitchC-vpn-evpn-vpnb] vpn-target 1:1

[SwitchC-vpn-evpn-vpnb] quit

[SwitchC-vpn-instance-vpnb] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchC] bgp 200

[SwitchC-bgp-default] peer 4.4.4.4 as-number 200

[SwitchC-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchC-bgp-default] address-family l2vpn evpn

[SwitchC-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchC-bgp-default-evpn] quit

[SwitchC-bgp-default] quit

# Associate VSI-interface 3 with VPN instance vpnb, and configure the L3 VXLAN ID as 2000 for the VPN instance.

[SwitchC] interface vsi-interface 3

[SwitchC-Vsi-interface3] ip binding vpn-instance vpnb

[SwitchC-Vsi-interface3] l3-vni 2000

[SwitchC-Vsi-interface3] pim sm

[SwitchC-Vsi-interface3] quit

# Associate VSI-interface 4 with VPN instance vpna, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchC] interface vsi-interface 4

[SwitchC-Vsi-interface4] ip binding vpn-instance vpna

[SwitchC-Vsi-interface4] l3-vni 1000

[SwitchC-Vsi-interface4] quit

# Enable IP multicast routing for VPN instance vpnb.

[SwitchC] multicast routing vpn-instance vpnb

[SwitchC-mrib-vpnb] quit

# Create an MDT-based MVXLAN for VPN instance vpnb, enter MVXLAN IPv4 address family view, and configure the MVXLAN source interface.

[SwitchC] multicast-vpn vxlan vpn-instance vpnb mode mdt

[SwitchC-mvxlan-vpnb] address-family ipv4

[SwitchC-mvxlan-vpnb-ipv4] source loopback 0

[SwitchC-mvxlan-vpnb-ipv4] quit

[SwitchC-mvxlan-vpnb] quit

# Configure Loopback 1.

[SwitchC] interface loopback 1

[SwitchC-LoopBack1] ip binding vpn-instance vpnb

[SwitchC-LoopBack1] ip address 12.12.12.12 32

[SwitchC-LoopBack1] pim sm

[SwitchC-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpnb.

[SwitchC] pim vpn-instance vpnb

[SwitchC-pim-vpnb] c-bsr 12.12.12.12

[SwitchC-pim-vpnb] c-rp 12.12.12.12

[SwitchC-pim-vpnb] quit

# Configure a default route. Specify the next hop as 20.1.1.100, the IP address of a device in the Layer 3 network.

[SwitchC] ip route-static vpn-instance vpnb 0.0.0.0 0 20.1.1.100

# Import the default route to the BGP IPv4 unicast routing table of VPN instance vpnb.

[SwitchC] bgp 200

[SwitchC-bgp-default] ip vpn-instance vpnb

[SwitchC-bgp-default-vpna] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4-vpnb] default-route imported

[SwitchC-bgp-default-ipv4-vpnb] import-route static

[SwitchC-bgp-default-ipv4-vpnb] quit

[SwitchC-bgp-default-vpnb] quit

[SwitchC-bgp-default] quit

# Create VLAN 20.

[SwitchC] vlan 20

[SwitchC-vlan20] quit

# Configure VLAN-interface 20 that connects to the Layer 3 network and associate the interface with VPN instance vpnb.

[SwitchC] interface vlan-interface 20

[SwitchC-Vlan-interface20] ip binding vpn-instance vpnb

[SwitchC-Vlan-interface20] ip address 20.1.1.3 24

[SwitchC-Vlan-interface20] pim sm

[SwitchC-Vlan-interface20] quit

6. Configure Switch D:

# Enable IP multicast routing.

<SwitchD> system-view

[SwitchD] multicast routing

[SwitchD-mrib] quit

# Enter PIM view, and configure Loopback 0 as a candidate-BSR and candidate-RP in the public network.

[SwitchD] pim

[SwitchD-pim] c-bsr 4.4.4.4

[SwitchD-pim] c-rp 4.4.4.4

[SwitchD-pim] quit

# Enable PIM-SM on VLAN-interface 11.

[SwitchD] interface vlan-interface11

[SwitchD-Vlan-interface11] pim sm

[SwitchD-Vlan-interface11] quit

# Enable PIM-SM on VLAN-interface 12.

[SwitchD] interface vlan-interface12

[SwitchD-Vlan-interface12] pim sm

[SwitchD-Vlan-interface12] quit

# Enable PIM-SM on VLAN-interface 13.

[SwitchD] interface vlan-interface13

[SwitchD-Vlan-interface13] pim sm

[SwitchD-Vlan-interface13] quit

# Establish BGP connections with other transport network switches.

[SwitchD] bgp 200

[SwitchD-bgp-default] group evpn

[SwitchD-bgp-default] peer 1.1.1.1 group evpn

[SwitchD-bgp-default] peer 2.2.2.2 group evpn

[SwitchD-bgp-default] peer 3.3.3.3 group evpn

[SwitchD-bgp-default] peer evpn as-number 200

[SwitchD-bgp-default] peer evpn connect-interface loopback 0

# Configure BGP to advertise BGP EVPN routes, and disable route target filtering of received BGP EVPN routes.

[SwitchD-bgp-default] address-family l2vpn evpn

[SwitchD-bgp-default-evpn] peer evpn enable

[SwitchD-bgp-default-evpn] undo policy vpn-target

# Configure Switch D as an RR.

[SwitchD-bgp-default-evpn] peer evpn reflect-client

[SwitchD-bgp-default-evpn] quit

[SwitchD-bgp-default] quit

Verifying the configuration

1. Verify the multicast routing information on Switch A:

# Verify that Switch A has multicast routing entries for VPN instance vpna.

<SwitchA> display pim vpn-instance vpna routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: WC

UpTime: 02:57:31

Upstream interface: Register-Tunnel0

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Extranet (VPN: vpnb)

Protocol: MD, UpTime: 02:57:31, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: SPT LOC ACT 2MVPN

UpTime: 02:56:31

Upstream interface: Vsi-interface1

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Extranet (VPN: vpnb)

Protocol: MD, UpTime: 02:56:31, Expires: -

# Verify that Switch A has multicast routing entries for VPN instance vpnb.

<SwitchA> display pim vpn-instance vpnb routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 13.13.13.13 (local)

Protocol: pim-sm, Flag: WC RC

UpTime: 02:57:31

Upstream interface: Extranet (VPN: vpna)

Upstream neighbor: 127.0.0.1

RPF prime neighbor: 127.0.0.1

Downstream interface information:

Total number of downstream interfaces: 1

1: MTunnel0

Protocol: MD, UpTime: 02:57:31, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 13.13.13.13(local)

Protocol: pim-sm, Flag: SPT ACT SQ RC 2MVPN

UpTime: 02:56:31

Upstream interface: Extranet (VPN: vpna)

Upstream neighbor: 127.0.0.1

RPF prime neighbor: 127.0.0.1

Downstream interface information:

Total number of downstream interfaces: 1

1: MTunnel1

Protocol: MD, UpTime: 02:56:31, Expires: -

# Verify that Switch A has multicast routing entries for the public network.

<SwitchA> display pim routing-table

Total 0 (*, G) entries; 2 (S, G) entries

(1.1.1.1, 236.0.0.1)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT LOC VXLAN_L3

UpTime: 04:09:52

Upstream interface: MTunnel0 (VPN: vpnb)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vlan-interface11

Protocol: pim-sm, UpTime: 04:09:50, Expires: 00:03:10

(1.1.1.1, 239.0.1.0)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT LOC VXLAN_L3

UpTime: 02:55:52

Upstream interface: MTunnel1 (VPN: vpnb)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vlan-interface11

Protocol: pim-sm, UpTime: 02:55:34, Expires: 00:03:11

2. Verify the multicast routing information on Switch B:

# Verify that Switch B has multicast routing entries for VPN instance vpnb.

<SwitchB> display pim vpn-instance vpnb routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: WC

UpTime: 02:56:30

Upstream interface: Register-Tunnel0

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface1

Protocol: igmp, UpTime: 02:56:30, Expires: -

2: Vsi-interface2

Protocol: igmp, UpTime: 02:56:30, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: SPT ACT RQ 2MVPN FROMVXLAN

UpTime: 02:55:32

Upstream interface: MVXLAN-UPE0 (0.0.0.0)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface1

Protocol: igmp, UpTime: 02:55:32, Expires: -

2: Vsi-interface2

Protocol: igmp, UpTime: 02:56:30, Expires: -

# Verify that Switch B has multicast routing entries for the public network.

<SwitchB> display pim routing-table

Total 0 (*, G) entries; 2 (S, G) entries

(1.1.1.1, 236.0.0.1)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT

UpTime: 01:59:46

Upstream interface: Vlan-interface12

Upstream neighbor: 12.1.1.4

RPF prime neighbor: 12.1.1.4

Downstream interface information:

Total number of downstream interfaces: 1

1: MVXLAN-UPE0

Protocol: MD, UpTime: 01:59:46, Expires: -

(1.1.1.1, 239.0.1.0)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT ACT 2MVPN

UpTime: 02:55:32

Upstream interface: Vlan-interface12

Upstream neighbor: 12.1.1.4

RPF prime neighbor: 12.1.1.4

Downstream interface information:

Total number of downstream interfaces: 1

1: MVXLAN-UPE0

Protocol: MD, UpTime: 02:55:32, Expires: -

Example: Configuring MVXLAN extranet on the multicast source-side border node of an MVXLAN network

Network configuration

As shown in Figure 10, Switch C is attached to a multicast source, and the VMs are multicast receivers. The multicast source belongs to VPN instance vpna, and the VMs belong to VPN instance vpnb. VM 1 and VM 3 are in VXLAN 10, and VM 2 and VM 4 are in VXLAN 20. Configure MVXLAN to forward the multicast traffic from the source to the receivers.

· Configure VXLAN 10 and VXLAN 20 on Switch A and Switch B to extend VLAN 2 and VLAN 3 across the sites.

· Configure Switch A and Switch B as distributed EVPN gateways to provide gateway services. Configure Switch C as a border gateway to provide access to the connected Layer 3 network.

· Configure Switch D as an RR to reflect BGP EVPN routes between Switch A, Switch B, and Switch C.

· Configure PIM-SM on the transport-facing interfaces of Switches A through D. Configure IGMP snooping on Switches A through C for multicast forwarding entry creation.

· Configure MVXLAN extranet to import the traffic of VPN instance vpna to VPN instance vpnb based on the L3 VXLAN ID on Switch C.

Figure 10 Network diagram

‌

Procedure

1. On VM 1 and VM 2, specify 10.1.1.1 as the gateway address. On VM 3 and VM 4, specify 10.1.2.1 as the gateway address. (Details not shown.)

2. Configure IP addresses and unicast routing settings:

# Assign IP addresses to interfaces, as shown in Figure 10. (Details not shown.)

# Configure OSPF on all transport network switches (Switches A through D) for them to reach one another. (Details not shown.)

3. Configure Switch A:

# Enable L2VPN and IP multicast routing.

<SwitchA> system-view

[SwitchA] l2vpn enable

[SwitchA] multicast routing

[SwitchA-mrib] quit

# Enable the IGMP snooping feature.

[SwitchA] igmp-snooping

[SwitchA-igmp-snooping] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchA] vxlan tunnel mac-learning disable

[SwitchA] vxlan tunnel arp-learning disable

# Create VLAN-interface 13 and enter its view.

[SwitchA] vlan 13

[SwitchA-vlan13] quit

[SwitchA] interface vlan-interface 13

# Enable PIM-SM on VLAN-interface 13.

[SwitchA-Vlan-interface13] pim sm

[SwitchA-Vlan-interface13] quit

# Create an EVPN instance on VSI vpna.

[SwitchA] vsi vpna

[SwitchA-vsi-vpna] evpn encapsulation vxlan

[SwitchA-vsi-vpna-evpn-vxlan] route-distinguisher auto

[SwitchA-vsi-vpna-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchA-vsi-vpna-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchA-vsi-vpna-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpna.

[SwitchA-vsi-vpna] igmp-snooping enable

[SwitchA-vsi-vpna] igmp-snooping proxy enable

# Create VXLAN 10.

[SwitchA-vsi-vpna] vxlan 10

[SwitchA-vsi-vpna-vxlan-10] quit

[SwitchA-vsi-vpna] quit

# Create an EVPN instance on VSI vpnb.

[SwitchA] vsi vpnb

[SwitchA-vsi-vpnb] evpn encapsulation vxlan

[SwitchA-vsi-vpnb-evpn-vxlan] route-distinguisher auto

[SwitchA-vsi-vpnb-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchA-vsi-vpnb-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchA-vsi-vpnb-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpnb.

[SwitchA-vsi-vpnb] igmp-snooping enable

[SwitchA-vsi-vpnb] igmp-snooping proxy enable

# Create VXLAN 20.

[SwitchA-vsi-vpnb] vxlan 20

[SwitchA-vsi-vpnb-vxlan-20] quit

[SwitchA-vsi-vpnb] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchA] bgp 200

[SwitchA-bgp-default] peer 4.4.4.4 as-number 200

[SwitchA-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchA-bgp-default] address-family l2vpn evpn

[SwitchA-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchA-bgp-default-evpn] quit

[SwitchA-bgp-default] quit

# Create VLAN 2.

[SwitchA] vlan 2

[SwitchA-vlan2] quit

# Create VLAN 3.

[SwitchA] vlan 3

[SwitchA-vlan3] quit

# Configure HundredGigE 3/0/1 as a trunk port and assign it to VLAN 2 and VLAN 3.

[SwitchA] interface hundredgige 3/0/1

[SwitchA-HundredGigE3/0/1] port link-type trunk

[SwitchA-HundredGigE3/0/1] port trunk permit vlan 2 3

# On HundredGigE 3/0/1, create Ethernet service instance 1000 to match VLAN 2.

[SwitchA-HundredGigE3/0/1] service-instance 1000

[SwitchA-HundredGigE3/0/1-srv1000] encapsulation s-vid 2

# Map Ethernet service instance 1000 to VSI vpna.

[SwitchA-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[SwitchA-HundredGigE3/0/1-srv1000] quit

# On HundredGigE 3/0/1, create Ethernet service instance 2000 to match VLAN 3.

[SwitchA-HundredGigE3/0/1] service-instance 2000

[SwitchA-HundredGigE3/0/1-srv2000] encapsulation s-vid 3

# Map Ethernet service instance 2000 to VSI vpnb.

[SwitchA-HundredGigE3/0/1-srv2000] xconnect vsi vpnb

[SwitchA-HundredGigE3/0/1-srv2000] quit

[SwitchA-HundredGigE3/0/1] quit

# Configure RD and route target settings for VPN instance vpnb.

[SwitchA] ip vpn-instance vpnb

[SwitchA-vpn-instance-vpnb] route-distinguisher 2:2

[SwitchA-vpn-instance-vpnb] address-family ipv4

[SwitchA-vpn-ipv4-vpnb] vpn-target 1:1

[SwitchA-vpn-ipv4-vpnb] quit

[SwitchA-vpn-instance-vpnb] address-family evpn

[SwitchA-vpn-evpn-vpnb] vpn-target 1:1

[SwitchA-vpn-evpn-vpnb] quit

[SwitchA-vpn-instance-vpnb] quit

# Configure VSI-interface 1.

[SwitchA] interface vsi-interface 1

[SwitchA-Vsi-interface1] ip binding vpn-instance vpnb

[SwitchA-Vsi-interface1] ip address 10.1.1.1 255.255.255.0

[SwitchA-Vsi-interface1] igmp enable

[SwitchA-Vsi-interface1] mac-address 1-1-1

[SwitchA-Vsi-interface1] distributed-gateway local

[SwitchA-Vsi-interface1] local-proxy-arp enable

[SwitchA-Vsi-interface1] quit

# Configure VSI-interface 2.

[SwitchA] interface vsi-interface 2

[SwitchA-Vsi-interface2] ip binding vpn-instance vpnb

[SwitchA-Vsi-interface2] ip address 10.1.2.1 255.255.255.0

[SwitchA-Vsi-interface2] igmp enable

[SwitchA-Vsi-interface2] mac-address 2-2-2

[SwitchA-Vsi-interface2] distributed-gateway local

[SwitchA-Vsi-interface2] local-proxy-arp enable

[SwitchA-Vsi-interface2] quit

# Associate VSI-interface 3 with VPN instance vpna, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchA] interface vsi-interface 3

[SwitchA-Vsi-interface3] ip binding vpn-instance vpnb

[SwitchA-Vsi-interface3] l3-vni 1000

[SwitchA-Vsi-interface3] quit

# Associate VSI-interface 4 with VPN instance vpnb, and configure the L3 VXLAN ID as 2000 for the VPN instance.

[SwitchA] interface vsi-interface 4

[SwitchA-Vsi-interface4] ip binding vpn-instance vpnb

[SwitchA-Vsi-interface4] l3-vni 2000

[SwitchA-Vsi-interface4] pim sm

[SwitchA-Vsi-interface4] quit

# Enable IP multicast routing for VPN instance vpnb.

[SwitchA] multicast routing vpn-instance vpnb

[SwitchA-mrib-vpnb] quit

# Create an MDT-based MVXLAN for VPN instance vpnb and enter MVXLAN IPv4 address family view. Configure the default group, MVXLAN source interface, and data group range settings.

[SwitchA] multicast-vpn vxlan vpn-instance vpnb mode mdt

[SwitchA-mvxlan-vpnb] address-family ipv4

[SwitchA-mvxlan-vpnb-ipv4] default-group 236.0.0.1

[SwitchA-mvxlan-vpnb-ipv4] source loopback 0

[SwitchA-mvxlan-vpnb-ipv4] data-group 239.0.1.0 25

[SwitchA-mvxlan-vpnb-ipv4] quit

[SwitchA-mvxlan-vpnb] quit

# Configure Loopback 1.

[SwitchA] interface loopback 1

[SwitchA-LoopBack1] ip binding vpn-instance vpnb

[SwitchA-LoopBack1] ip address 12.12.12.12 32

[SwitchA-LoopBack1] pim sm

[SwitchA-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpnb.

[SwitchA] pim vpn-instance vpnb

[SwitchA-pim-vpnb] c-bsr 12.12.12.12

[SwitchA-pim-vpnb] c-rp 12.12.12.12

[SwitchA-pim-vpna] quit

# Specify VSI-interface 1 as the gateway interface for VSI vpna.

[SwitchA] vsi vpna

[SwitchA-vsi-vpna] gateway vsi-interface 1

[SwitchA-vsi-vpna] quit

# Specify VSI-interface 2 as the gateway interface for VSI vpnb.

[SwitchA] vsi vpnb

[SwitchA-vsi-vpnb] gateway vsi-interface 2

[SwitchA-vsi-vpnb] quit

4. Configure Switch B:

# Enable L2VPN and IP multicast routing.

<SwitchB> system-view

[SwitchB] l2vpn enable

[SwitchB] multicast routing

[SwitchB-mrib] quit

# Enable the IGMP snooping feature.

[SwitchB] igmp-snooping

[SwitchB-igmp-snooping] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchB] vxlan tunnel mac-learning disable

[SwitchB] vxlan tunnel arp-learning disable

# Create VLAN-interface 12 and enter its view.

[SwitchB] vlan 12

[SwitchB-vlan12] quit

[SwitchB] interface vlan-interface 10

# Enable PIM-SM on VLAN-interface 12.

[SwitchB-Vlan-interface12] pim sm

[SwitchB-Vlan-interface12] quit

# Create an EVPN instance on VSI vpna.

[SwitchB] vsi vpna

[SwitchB-vsi-vpna] evpn encapsulation vxlan

[SwitchB-vsi-vpna-evpn-vxlan] route-distinguisher auto

[SwitchB-vsi-vpna-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchB-vsi-vpna-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchB-vsi-vpna-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpna.

[SwitchB-vsi-vpna] igmp-snooping enable

[SwitchB-vsi-vpna] igmp-snooping proxy enable

# Create VXLAN 10.

[SwitchB-vsi-vpna] vxlan 10

[SwitchB-vsi-vpna-vxlan-10] quit

[SwitchB-vsi-vpna] quit

# Create an EVPN instance on VSI vpnb.

[SwitchB] vsi vpnb

[SwitchB-vsi-vpnb] evpn encapsulation vxlan

[SwitchB-vsi-vpnb-evpn-vxlan] route-distinguisher auto

[SwitchB-vsi-vpnb-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchB-vsi-vpnb-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchB-vsi-vpnb-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpnb.

[SwitchB-vsi-vpnb] igmp-snooping enable

[SwitchB-vsi-vpnb] igmp-snooping proxy enable

# Create VXLAN 20.

[SwitchB-vsi-vpnb] vxlan 20

[SwitchB-vsi-vpnb-vxlan-20] quit

[SwitchB-vsi-vpnb] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchB] bgp 200

[SwitchB-bgp-default] peer 4.4.4.4 as-number 200

[SwitchB-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchB-bgp-default] address-family l2vpn evpn

[SwitchB-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchB-bgp-default-evpn] quit

[SwitchB-bgp-default] quit

# Create VLAN 2.

[SwitchB] vlan 2

[SwitchB-vlan2] quit

# Create VLAN 3.

[SwitchB] vlan 3

[SwitchB-vlan3] quit

# Configure HundredGigE 3/0/1 as a trunk port and assign it to VLAN 2.

[SwitchB] interface hundredgige 3/0/1

[SwitchB-HundredGigE3/0/1] port link-type trunk

[SwitchB-HundredGigE3/0/1] port trunk permit vlan 2

# On HundredGigE 3/0/1, create Ethernet service instance 1000 to match VLAN 2.

[SwitchB-HundredGigE3/0/1] service-instance 1000

[SwitchB-HundredGigE3/0/1-srv1000]encapsulation s-vid 2

# Map Ethernet service instance 1000 to VSI vpna.

[SwitchB-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[SwitchB-HundredGigE3/0/1-srv1000] quit

# Configure HundredGigE 3/0/2 as a trunk port and assign it to VLAN 3.

[SwitchB] interface hundredgige 3/0/2

[SwitchB-HundredGigE3/0/2] port link-type trunk

[SwitchB-HundredGigE3/0/2] port trunk permit vlan 3

# On HundredGigE 3/0/2, create Ethernet service instance 2000 to match VLAN 3.

[SwitchB-HundredGigE3/0/2] service-instance 2000

[SwitchB-HundredGigE3/0/2-srv2000] encapsulation s-vid 3

# Map Ethernet service instance 2000 to VSI vpnb.

[SwitchB-HundredGigE3/0/2-srv2000] xconnect vsi vpnb

[SwitchB-HundredGigE3/0/2-srv2000] quit

[SwitchB-HundredGigE3/0/2] quit

# Configure RD and route target settings for VPN instance vpnb.

[SwitchB] ip vpn-instance vpnb

[SwitchB-vpn-instance-vpnb] route-distinguisher 2:2

[SwitchB-vpn-instance-vpnb] address-family ipv4

[SwitchB-vpn-ipv4-vpnb] vpn-target 1:1

[SwitchB-vpn-ipv4-vpnb] quit

[SwitchB-vpn-instance-vpnb] address-family evpn

[SwitchB-vpn-evpn-vpnb] vpn-target 1:1

[SwitchB-vpn-evpn-vpnb] quit

[SwitchB-vpn-instance-vpnb] quit

# Configure VSI-interface 1.

[SwitchB] interface vsi-interface 1

[SwitchB-Vsi-interface1] ip binding vpn-instance vpnb

[SwitchB-Vsi-interface1] ip address 10.1.1.1 255.255.255.0

[SwitchB-Vsi-interface1] igmp enable

[SwitchB-Vsi-interface1] mac-address 1-1-1

[SwitchB-Vsi-interface1] distributed-gateway local

[SwitchB-Vsi-interface1] local-proxy-arp enable

[SwitchB-Vsi-interface1] quit

# Configure VSI-interface 2.

[SwitchB] interface vsi-interface 2

[SwitchB-Vsi-interface2] ip binding vpn-instance vpnb

[SwitchB-Vsi-interface2] ip address 10.1.2.1 255.255.255.0

[SwitchB-Vsi-interface2] igmp enable

[SwitchB-Vsi-interface2] mac-address 2-2-2

[SwitchB-Vsi-interface2] distributed-gateway local

[SwitchB-Vsi-interface2] local-proxy-arp enable

[SwitchB-Vsi-interface2] quit

# Associate VSI-interface 3 with VPN instance vpnb, and configure the L3 VXLAN ID as 2000 for the VPN instance.

[SwitchB] interface vsi-interface 3

[SwitchB-Vsi-interface3] ip binding vpn-instance vpnb

[SwitchB-Vsi-interface3] l3-vni 2000

[SwitchB-Vsi-interface3] pim sm

[SwitchB-Vsi-interface3] quit

# Associate VSI-interface 4 with VPN instance vpnb, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchB] interface vsi-interface 4

[SwitchB-Vsi-interface4] ip binding vpn-instance vpna

[SwitchB-Vsi-interface4] l3-vni 1000

[SwitchB-Vsi-interface4] quit

# Enable IP multicast routing for VPN instance vpnb.

[SwitchB] multicast routing vpn-instance vpnb

[SwitchB-mrib-vpnb] quit

# Create an MDT-based MVXLAN for VPN instance vpnb, enter MVXLAN IPv4 address family view, and configure the MVXLAN source interface.

[SwitchB] multicast-vpn vxlan vpn-instance vpnb mode mdt

[SwitchB-mvxlan-vpnb] address-family ipv4

[SwitchB-mvxlan-vpnb-ipv4] source loopback 0

[SwitchB-mvxlan-vpnb-ipv4] quit

[SwitchB-mvxlan-vpnb] quit

# Configure Loopback 1.

[SwitchB] interface loopback 1

[SwitchB-LoopBack1] ip binding vpn-instance vpnb

[SwitchB-LoopBack1] ip address 12.12.12.12 32

[SwitchB-LoopBack1] pim sm

[SwitchB-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpnb.

[SwitchB] pim vpn-instance vpnb

[SwitchB-pim-vpnb] c-bsr 12.12.12.12

[SwitchB-pim-vpnb] c-rp 12.12.12.12

[SwitchB-pim-vpnb] quit

# Specify VSI-interface 1 as the gateway interface for VSI vpna.

[SwitchB] vsi vpna

[SwitchB-vsi-vpna] gateway vsi-interface 1

[SwitchB-vsi-vpna] quit

# Specify VSI-interface 2 as the gateway interface for VSI vpnb.

[SwitchB] vsi vpnb

[SwitchB-vsi-vpnb] gateway vsi-interface 2

[SwitchB-vsi-vpnb] quit

5. Configure Switch C:

# Enable L2VPN and IP multicast routing.

<SwitchC> system-view

[SwitchC] l2vpn enable

[SwitchC] multicast routing

[SwitchC-mrib] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchC] vxlan tunnel mac-learning disable

[SwitchC] vxlan tunnel arp-learning disable

# Create VLAN-interface 11 and enter its view.

[SwitchC] vlan 11

[SwitchC-vlan11] quit

[SwitchC] interface vlan-interface 11

# Enable PIM-SM on VLAN-interface 11.

[SwitchC-Vlan-interface11] pim sm

[SwitchC-Vlan-interface11] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchC] bgp 200

[SwitchC-bgp-default] peer 4.4.4.4 as-number 200

[SwitchC-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchC-bgp-default] address-family l2vpn evpn

[SwitchC-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchC-bgp-default-evpn] quit

[SwitchC-bgp-default] quit

# Configure RD and route target settings for VPN instance vpna.

[SwitchC] ip vpn-instance vpna

[SwitchC-vpn-instance-vpna] route-distinguisher 1:1

[SwitchC-vpn-instance-vpna] address-family ipv4

[SwitchC-vpn-ipv4-vpna] vpn-target 1:1

[SwitchC-vpn-ipv4-vpna] quit

[SwitchC-vpn-instance-vpna] address-family evpn

[SwitchC-vpn-evpn-vpna] vpn-target 1:1

[SwitchC-vpn-evpn-vpna] quit

[SwitchC-vpn-instance-vpna] quit

# Configure RD and route target settings for VPN instance vpnb.

[SwitchC] ip vpn-instance vpnb

[SwitchC-vpn-instance-vpnb] route-distinguisher 2:2

[SwitchC-vpn-instance-vpnb] address-family ipv4

[SwitchC-vpn-ipv4-vpnb] vpn-target 1:1

[SwitchC-vpn-ipv4-vpnb] quit

[SwitchC-vpn-instance-vpnb] address-family evpn

[SwitchC-vpn-evpn-vpnb] vpn-target 1:1

[SwitchC-vpn-evpn-vpnb] quit

[SwitchC-vpn-instance-vpnb] quit

# Associate VSI-interface 3 with VPN instance vpna, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchC] interface vsi-interface 3

[SwitchC-Vsi-interface3] ip binding vpn-instance vpna

[SwitchC-Vsi-interface3] l3-vni 1000

[SwitchC-Vsi-interface3] quit

# Associate VSI-interface 4 with VPN instance vpnb, and configure the L3 VXLAN ID as 2000 for the VPN instance.

[SwitchC] interface vsi-interface 4

[SwitchC-Vsi-interface4] ip binding vpn-instance vpnb

[SwitchC-Vsi-interface4] l3-vni 2000

[SwitchC-Vsi-interface4] pim sm

[SwitchC-Vsi-interface4] quit

# Enable IP multicast routing for VPN instance vpna.

[SwitchC] multicast routing vpn-instance vpna

[SwitchC-mrib-vpna] quit

# Enable IP multicast routing for VPN instance vpnb.

[SwitchC] multicast routing vpn-instance vpnb

[SwitchC-mrib-vpnb] quit

# Create an MDT-based MVXLAN for VPN instance vpnb and enter MVXLAN IPv4 address family view. Configure the default group, MVXLAN source interface, and data group range settings.

[SwitchC] multicast-vpn vxlan vpn-instance vpnb mode mdt

[SwitchC-mvxlan-vpnb] address-family ipv4

[SwitchC-mvxlan-vpnb-ipv4] default-group 236.0.0.1

[SwitchC-mvxlan-vpnb-ipv4] source loopback 0

[SwitchC-mvxlan-vpnb-ipv4] data-group 239.0.1.0 25

[SwitchC-mvxlan-vpnb-ipv4] quit

[SwitchC-mvxlan-vpnb] quit

# Configure Loopback 1.

[SwitchC] interface loopback 1

[SwitchC-LoopBack1] ip binding vpn-instance vpna

[SwitchC-LoopBack1] ip address 12.12.12.12 32

[SwitchC-LoopBack1] pim sm

[SwitchC-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpna.

[SwitchC] pim vpn-instance vpna

[SwitchC-pim-vpna] c-bsr 12.12.12.12

[SwitchC-pim-vpna] c-rp 12.12.12.12

[SwitchC-pim-vpna] quit

# Configure Loopback 2.

[SwitchC] interface loopback 2

[SwitchC-LoopBack1] ip binding vpn-instance vpnb

[SwitchC-LoopBack1] ip address 13.13.13.13 32

[SwitchC-LoopBack1] pim sm

[SwitchC-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 2 as a candidate-BSR and candidate-RP in VPN instance vpnb.

[SwitchC] pim vpn-instance vpnb

[SwitchC-pim-vpnb] c-bsr 13.13.13.13

[SwitchC-pim-vpnb] c-rp 13.13.13.13

[SwitchC-pim-vpna] quit

# Configure a default route. Specify the next hop as 20.1.1.100, the IP address of a device in the Layer 3 network.

[SwitchC] ip route-static vpn-instance vpna 100.100.100.1 24 20.1.1.100

# Import the default route to the BGP IPv4 unicast routing table of VPN instance vpna.

[SwitchC] bgp 200

[SwitchC-bgp-default] ip vpn-instance vpna

[SwitchC-bgp-default-vpna] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4-vpna] default-route imported

[SwitchC-bgp-default-ipv4-vpna] import-route static

[SwitchC-bgp-default-ipv4-vpna] quit

[SwitchC-bgp-default-vpna] quit

[SwitchC-bgp-default] quit

# Create VLAN 20.

[SwitchC] vlan 20

[SwitchC-vlan20] quit

# Configure VLAN-interface 20 that connects to the Layer 3 network and associate the interface with VPN instance vpna.

[SwitchC] interface vlan-interface 20

[SwitchC-Vlan-interface20] ip binding vpn-instance vpna

[SwitchC-Vlan-interface20] ip address 20.1.1.3 24

[SwitchC-Vlan-interface20] pim sm

[SwitchC-Vlan-interface20] quit

# Enable IP multicast routing for VPN instance vpnb, and import the traffic of VPN instance vpna to VPN instance vpnb.

[SwitchC] multicast routing vpn-instance vpnb

[SwitchC-mrib-vpnb] multicast extranet select-rpf l3-vni 1000 group 225.0.0.0 16

6. Configure Switch D:

# Enable IP multicast routing.

<SwitchD> system-view

[SwitchD] multicast routing

[SwitchD-mrib] quit

# Enter PIM view, and configure Loopback 0 as a candidate-BSR and candidate-RP in the public network.

[SwitchD] pim

[SwitchD-pim] c-bsr 4.4.4.4

[SwitchD-pim] c-rp 4.4.4.4

[SwitchD-pim] quit

# Enable PIM-SM on VLAN-interface 11.

[SwitchD] interface vlan-interface11

[SwitchD-Vlan-interface11] pim sm

[SwitchD-Vlan-interface11] quit

# Enable PIM-SM on VLAN-interface 12.

[SwitchD] interface vlan-interface12

[SwitchD-Vlan-interface12] pim sm

[SwitchD-Vlan-interface12] quit

# Enable PIM-SM on VLAN-interface 13.

[SwitchD] interface vlan-interface13

[SwitchD-Vlan-interface13] pim sm

[SwitchD-Vlan-interface13] quit

# Establish BGP connections with other transport network switches.

[SwitchD] bgp 200

[SwitchD-bgp-default] group evpn

[SwitchD-bgp-default] peer 1.1.1.1 group evpn

[SwitchD-bgp-default] peer 2.2.2.2 group evpn

[SwitchD-bgp-default] peer 3.3.3.3 group evpn

[SwitchD-bgp-default] peer evpn as-number 200

[SwitchD-bgp-default] peer evpn connect-interface loopback 0

# Configure BGP to advertise BGP EVPN routes, and disable route target filtering of received BGP EVPN routes.

[SwitchD-bgp-default] address-family l2vpn evpn

[SwitchD-bgp-default-evpn] peer evpn enable

[SwitchD-bgp-default-evpn] undo policy vpn-target

# Configure Switch D as an RR.

[SwitchD-bgp-default-evpn] peer evpn reflect-client

[SwitchD-bgp-default-evpn] quit

[SwitchD-bgp-default] quit

Verifying the configuration

1. Verify the multicast routing information on Switch C:

# Verify that Switch C has multicast routing entries for VPN instance vpna.

<SwitchC> display pim vpn-instance vpna routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: WC

UpTime: 02:57:31

Upstream interface: Register-Tunnel0

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Extranet (VPN: vpnb)

Protocol: MD, UpTime: 02:57:31, Expires: -

(20.1.1.10, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: SPT LOC ACT 2MVPN

UpTime: 02:56:31

Upstream interface: Vlan-interface20

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Extranet (VPN: vpnb)

Protocol: MD, UpTime: 02:56:31, Expires: -

# Verify that Switch C has multicast routing entries for VPN instance vpnb.

<SwitchC> display pim vpn-instance vpnb routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 13.13.13.13 (local)

Protocol: pim-sm, Flag: WC RC

UpTime: 02:57:31

Upstream interface: Extranet (VPN: vpna)

Upstream neighbor: 127.0.0.1

RPF prime neighbor: 127.0.0.1

Downstream interface information:

Total number of downstream interfaces: 1

1: MTunnel0

Protocol: MD, UpTime: 02:57:31, Expires: -

(20.1.1.10, 225.0.0.0)

RP: 13.13.13.13(local)

Protocol: pim-sm, Flag: SPT ACT SQ RC 2MVPN

UpTime: 02:56:31

Upstream interface: Extranet (VPN: vpna)

Upstream neighbor: 127.0.0.1

RPF prime neighbor: 127.0.0.1

Downstream interface information:

Total number of downstream interfaces: 1

1: MTunnel1

Protocol: MD, UpTime: 02:56:31, Expires: -

# Verify that Switch C has multicast routing entries for the public instance.

<SwitchC> display pim routing-table

Total 0 (*, G) entries; 2 (S, G) entries

(1.1.1.1, 236.0.0.1)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT LOC VXLAN_L3

UpTime: 04:09:52

Upstream interface: MTunnel0 (VPN: vpnb)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vlan-interface11

Protocol: pim-sm, UpTime: 04:09:50, Expires: 00:03:10

(1.1.1.1, 239.0.1.0)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT LOC VXLAN_L3

UpTime: 02:55:52

Upstream interface: MTunnel1 (VPN: vpnb)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vlan-interface11

Protocol: pim-sm, UpTime: 02:55:34, Expires: 00:03:11

2. Verify the multicast routing information on Switch B:

# Verify that Switch B has multicast routing entries for VPN instance vpnc.

<SwitchB> display pim vpn-instance vpnb routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: WC

UpTime: 02:56:30

Upstream interface: Register-Tunnel0

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface1

Protocol: igmp, UpTime: 02:56:30, Expires: -

2: Vsi-interface2

Protocol: igmp, UpTime: 02:56:30, Expires: -

(20.1.1.10, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: SPT ACT RQ 2MVPN FROMVXLAN

UpTime: 02:55:32

Upstream interface: MVXLAN-UPE0 (0.0.0.0)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface1

Protocol: igmp, UpTime: 02:55:32, Expires: -

2: Vsi-interface2

Protocol: igmp, UpTime: 02:56:30, Expires: -

# Verify that Switch B has multicast routing entries for the public network.

<SwitchB> display pim routing-table

Total 0 (*, G) entries; 2 (S, G) entries

(1.1.1.1, 236.0.0.1)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT

UpTime: 01:59:46

Upstream interface: Vlan-interface12

Upstream neighbor: 12.1.1.4

RPF prime neighbor: 12.1.1.4

Downstream interface information:

Total number of downstream interfaces: 1

1: MVXLAN-UPE0

Protocol: MD, UpTime: 01:59:46, Expires: -

(1.1.1.1, 239.0.1.0)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT ACT 2MVPN

UpTime: 02:55:32

Upstream interface: Vlan-interface12

Upstream neighbor: 12.1.1.4

RPF prime neighbor: 12.1.1.4

Downstream interface information:

Total number of downstream interfaces: 1

1: MVXLAN-UPE0

Protocol: MD, UpTime: 02:55:32, Expires: -

Example: Configuring MVXLAN extranet with receivers on both VPNs and the public network

Network configuration

As shown in Figure 11, VM 1 is the multicast source of multicast group 225.0.0.0, and the other VMs are multicast receivers. VM 1 and VM 2 belong to VPN instance vpna, VM 3 belongs to the public instance, and VM 4 belongs to VPN instance vpnb. VM 1 and VM 3 are in VXLAN 10, and VM 2 and VM 4 are in VXLAN 20. Configure MVXLAN to forward the multicast traffic from the source to the receivers.

· Configure VXLAN 10 and VXLAN 20 on Switch A and Switch B to extend VLAN 2 and VLAN 3 across the sites.

· Configure Switch A and Switch B as distributed EVPN gateways to provide gateway services. Configure Switch C as a border gateway to provide access to the connected Layer 3 network.

· Configure Switch D as an RR to reflect BGP EVPN routes between Switch A, Switch B, and Switch C.

· Configure PIM-SM on the transport-facing interfaces of Switches A through D. Configure IGMP snooping on Switches A through C for multicast forwarding entry creation.

· Configure MVXLAN extranet to import the traffic of VPN instance vpna to VPN instance vpnb and the public instance.

Figure 11 Network diagram

‌

Procedure

1. On VM 1 and VM 2, specify 10.1.1.1 as the gateway address. On VM 3 and VM 4, specify 10.1.2.1 as the gateway address. (Details not shown.)

2. Configure IP addresses and unicast routing settings:

# Assign IP addresses to interfaces, as shown in Figure 11. (Details not shown.)

# Configure OSPF on all transport network switches (Switches A through D) for them to reach one another. (Details not shown.)

3. Configure Switch A:

# Enable L2VPN and IP multicast routing.

<SwitchA> system-view

[SwitchA] l2vpn enable

[SwitchA] multicast routing

[SwitchA-mrib] quit

# Enable the IGMP snooping feature.

[SwitchA] igmp-snooping

[SwitchA-igmp-snooping] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchA] vxlan tunnel mac-learning disable

[SwitchA] vxlan tunnel arp-learning disable

# Create VLAN-interface 11 and enter its view.

[SwitchA] vlan 11

[SwitchA-vlan11] quit

[SwitchA] interface vlan-interface 11

# Enable PIM-SM on VLAN-interface 11.

[SwitchA-Vlan-interface11] pim sm

[SwitchA-Vlan-interface11] quit

# Create an EVPN instance on VSI vpna.

[SwitchA] vsi vpna

[SwitchA-vsi-vpna] evpn encapsulation vxlan

[SwitchA-vsi-vpna-evpn-vxlan] route-distinguisher auto

[SwitchA-vsi-vpna-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchA-vsi-vpna-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchA-vsi-vpna-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpna.

[SwitchA-vsi-vpna] igmp-snooping enable

[SwitchA-vsi-vpna] igmp-snooping proxy enable

# Create VXLAN 10.

[SwitchA-vsi-vpna] vxlan 10

[SwitchA-vsi-vpna-vxlan-10] quit

[SwitchA-vsi-vpna] quit

# Create an EVPN instance on VSI vpnb.

[SwitchA] vsi vpnb

[SwitchA-vsi-vpnb] evpn encapsulation vxlan

[SwitchA-vsi-vpnb-evpn-vxlan] route-distinguisher auto

[SwitchA-vsi-vpnb-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchA-vsi-vpnb-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchA-vsi-vpnb-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpnb.

[SwitchA-vsi-vpnb] igmp-snooping enable

[SwitchA-vsi-vpnb] igmp-snooping proxy enable

# Create VXLAN 20.

[SwitchA-vsi-vpnb] vxlan 20

[SwitchA-vsi-vpnb-vxlan-20] quit

[SwitchA-vsi-vpnb] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchA] bgp 200

[SwitchA-bgp-default] peer 4.4.4.4 as-number 200

[SwitchA-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchA-bgp-default] address-family l2vpn evpn

[SwitchA-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchA-bgp-default-evpn] quit

[SwitchA-bgp-default] quit

# Create VLAN 2.

[SwitchA] vlan 2

[SwitchA-vlan2] quit

# Create VLAN 3.

[SwitchA] vlan 3

[SwitchA-vlan3] quit

# Configure HundredGigE 3/0/1 as a trunk port and assign it to VLAN 2 and VLAN 3.

[SwitchA] interface hundredgige 3/0/1

[SwitchA-HundredGigE3/0/1] port link-type trunk

[SwitchA-HundredGigE3/0/1] port trunk permit vlan 2 3

# On HundredGigE 3/0/1, create Ethernet service instance 1000 to match VLAN 2.

[SwitchA-HundredGigE3/0/1] service-instance 1000

[SwitchA-HundredGigE3/0/1-srv1000] encapsulation s-vid 2

# Map Ethernet service instance 1000 to VSI vpna.

[SwitchA-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[SwitchA-HundredGigE3/0/1-srv1000] quit

# On HundredGigE 3/0/1, create Ethernet service instance 2000 to match VLAN 3.

[SwitchA-HundredGigE3/0/1] service-instance 2000

[SwitchA-HundredGigE3/0/1-srv2000] encapsulation s-vid 3

# Map Ethernet service instance 2000 to VSI vpnb.

[SwitchA-HundredGigE3/0/1-srv2000] xconnect vsi vpnb

[SwitchA-HundredGigE3/0/1-srv2000] quit

[SwitchA-HundredGigE3/0/1] quit

# Configure RD and route target settings for VPN instance vpna.

[SwitchA] ip vpn-instance vpna

[SwitchA-vpn-instance-vpna] route-distinguisher 1:1

[SwitchA-vpn-instance-vpna] address-family ipv4

[SwitchA-vpn-ipv4-vpna] vpn-target 1:1

[SwitchA-vpn-ipv4-vpna] quit

[SwitchA-vpn-instance-vpna] address-family evpn

[SwitchA-vpn-evpn-vpna] vpn-target 1:1

[SwitchA-vpn-evpn-vpna] quit

[SwitchA-vpn-instance-vpna] quit

# Configure VSI-interface 1.

[SwitchA] interface vsi-interface 1

[SwitchA-Vsi-interface1] ip binding vpn-instance vpna

[SwitchA-Vsi-interface1] ip address 10.1.1.1 255.255.255.0

[SwitchA-Vsi-interface1] pim sm

[SwitchA-Vsi-interface1] pim distributed-dr

[SwitchA-Vsi-interface1] mac-address 1-1-1

[SwitchA-Vsi-interface1] distributed-gateway local

[SwitchA-Vsi-interface1] local-proxy-arp enable

[SwitchA-Vsi-interface1] quit

# Configure VSI-interface 2.

[SwitchA] interface vsi-interface 2

[SwitchA-Vsi-interface2] ip binding vpn-instance vpna

[SwitchA-Vsi-interface2] ip address 10.1.2.1 255.255.255.0

[SwitchA-Vsi-interface2] igmp enable

[SwitchA-Vsi-interface2] mac-address 2-2-2

[SwitchA-Vsi-interface2] distributed-gateway local

[SwitchA-Vsi-interface2] local-proxy-arp enable

[SwitchA-Vsi-interface2] quit

# Associate VSI-interface 3 with VPN instance vpna, and configure the L3 VXLAN ID as 1000 for the VPN instance.

[SwitchA] interface vsi-interface 3

[SwitchA-Vsi-interface3] ip binding vpn-instance vpna

[SwitchA-Vsi-interface3] l3-vni 1000

[SwitchA-Vsi-interface3] pim sm

[SwitchA-Vsi-interface3] quit

# Enable IP multicast routing for VPN instance vpna.

[SwitchA] multicast routing vpn-instance vpna

[SwitchA-mrib-vpna] quit

# Create an MDT-based MVXLAN for VPN instance vpna and enter MVXLAN IPv4 address family view. Configure the default group, MVXLAN source interface, and data group range settings.

[SwitchA] multicast-vpn vxlan vpn-instance vpna mode mdt

[SwitchA-mvxlan-vpna] address-family ipv4

[SwitchA-mvxlan-vpna-ipv4] default-group 236.0.0.1

[SwitchA-mvxlan-vpna-ipv4] source loopback 0

[SwitchA-mvxlan-vpna-ipv4] data-group 239.0.1.0 25

[SwitchA-mvxlan-vpna-ipv4] quit

[SwitchA-mvxlan-vpna] quit

# Configure Loopback 1.

[SwitchA] interface loopback 1

[SwitchA-LoopBack1] ip binding vpn-instance vpna

[SwitchA-LoopBack1] ip address 12.12.12.12 32

[SwitchA-LoopBack1] pim sm

[SwitchA-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpna.

[SwitchA] pim vpn-instance vpna

[SwitchA-pim-vpna] c-bsr 12.12.12.12

[SwitchA-pim-vpna] c-rp 12.12.12.12

[SwitchA-pim-vpna] quit

# Specify VSI-interface 1 as the gateway interface for VSI vpna.

[SwitchA] vsi vpna

[SwitchA-vsi-vpna] gateway vsi-interface 1

[SwitchA-vsi-vpna] quit

# Specify VSI-interface 2 as the gateway interface for VSI vpnb.

[SwitchA] vsi vpnb

[SwitchA-vsi-vpnb] gateway vsi-interface 2

[SwitchA-vsi-vpnb] quit

4. Configure Switch B:

# Enable L2VPN and IP multicast routing.

<SwitchB> system-view

[SwitchB] l2vpn enable

[SwitchB] multicast routing

[SwitchB-mrib] quit

# Enable the IGMP snooping feature.

[SwitchB] igmp-snooping

[SwitchB-igmp-snooping] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchB] vxlan tunnel mac-learning disable

[SwitchB] vxlan tunnel arp-learning disable

# Create VLAN-interface 12 and enter its view.

[SwitchB] vlan 12

[SwitchB-vlan12] quit

[SwitchB] interface vlan-interface 12

# Enable PIM-SM on VLAN-interface 12.

[SwitchB-Vlan-interface12] pim sm

[SwitchB-Vlan-interface12] quit

# Create an EVPN instance on VSI vpna.

[SwitchB] vsi vpna

[SwitchB-vsi-vpna] evpn encapsulation vxlan

[SwitchB-vsi-vpna-evpn-vxlan] route-distinguisher auto

[SwitchB-vsi-vpna-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchB-vsi-vpna-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchB-vsi-vpna-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpna.

[SwitchB-vsi-vpna] igmp-snooping enable

[SwitchB-vsi-vpna] igmp-snooping proxy enable

# Create VXLAN 10.

[SwitchB-vsi-vpna] vxlan 10

[SwitchB-vsi-vpna-vxlan-10] quit

[SwitchB-vsi-vpna] quit

# Create an EVPN instance on VSI vpnb.

[SwitchB] vsi vpnb

[SwitchB-vsi-vpnb] evpn encapsulation vxlan

[SwitchB-vsi-vpnb-evpn-vxlan] route-distinguisher auto

[SwitchB-vsi-vpnb-evpn-vxlan] vpn-target auto export-extcommunity

[SwitchB-vsi-vpnb-evpn-vxlan] vpn-target auto import-extcommunity

[SwitchB-vsi-vpnb-evpn-vxlan] quit

# Enable IGMP snooping and IGMP snooping proxying on VSI vpnb.

[SwitchB-vsi-vpnb] igmp-snooping enable

[SwitchB-vsi-vpnb] igmp-snooping proxy enable

# Create VXLAN 20.

[SwitchB-vsi-vpnb] vxlan 20

[SwitchB-vsi-vpnb-vxlan-20] quit

[SwitchB-vsi-vpnb] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchB] bgp 200

[SwitchB-bgp-default] peer 4.4.4.4 as-number 200

[SwitchB-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchB-bgp-default] address-family l2vpn evpn

[SwitchB-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchB-bgp-default-evpn] quit

[SwitchB-bgp-default] quit

# Create VLAN 2.

[SwitchB] vlan 2

[SwitchB-vlan2] quit

# Create VLAN 3.

[SwitchB] vlan 3

[SwitchB-vlan3] quit

# Configure HundredGigE 3/0/1 as a trunk port and assign it to VLAN 2.

[SwitchB] interface hundredgige 3/0/1

[SwitchB-HundredGigE3/0/1] port link-type trunk

[SwitchB-HundredGigE3/0/1] port trunk permit vlan 2

# On HundredGigE 3/0/1, create Ethernet service instance 1000 to match VLAN 2.

[SwitchB] interface hundredgige 3/0/1

[SwitchB-HundredGigE3/0/1] service-instance 1000

[SwitchB-HundredGigE3/0/1-srv1000]encapsulation s-vid 2

# Map Ethernet service instance 1000 to VSI vpna.

[SwitchB-HundredGigE3/0/1-srv1000] xconnect vsi vpna

[SwitchB-HundredGigE3/0/1-srv1000] quit

# Configure HundredGigE 3/0/2 as a trunk port and assign it to VLAN 3.

[SwitchB] interface hundredgige 3/0/2

[SwitchB-HundredGigE3/0/2] port link-type trunk

[SwitchB-HundredGigE3/0/2] port trunk permit vlan 3

# On HundredGigE 3/0/2, create Ethernet service instance 2000 to match VLAN 3.

[SwitchB-HundredGigE3/0/2] service-instance 2000

[SwitchB-HundredGigE3/0/2-srv2000] encapsulation s-vid 3

# Map Ethernet service instance 2000 to VSI vpnb.

[SwitchB-HundredGigE3/0/2-srv2000] xconnect vsi vpnb

[SwitchB-HundredGigE3/0/2-srv2000] quit

[SwitchB-HundredGigE3/0/2] quit

# Configure RD and route target settings for VPN instance vpnb.

[SwitchB] ip vpn-instance vpnb

[SwitchB-vpn-instance-vpnb] route-distinguisher 1:1

[SwitchB-vpn-instance-vpnb] address-family ipv4

[SwitchB-vpn-ipv4-vpnb] vpn-target 1:1

[SwitchB-vpn-ipv4-vpnb] quit

[SwitchB-vpn-instance-vpnb] address-family evpn

[SwitchB-vpn-evpn-vpnb] vpn-target 1:1

[SwitchB-vpn-evpn-vpnb] quit

[SwitchB-vpn-instance-vpnb] quit

# Configure RD and route target settings for the public instance.

[SwitchB] ip public-instance

[SwitchB-public-instance] route-distinguisher 2:2

[SwitchB-public-instance] address-family ipv4

[SwitchB-public-instance-ipv4] vpn-target 1:1

[SwitchB-public-instance-ipv4] quit

[SwitchB-public-instance] address-family evpn

[SwitchB-public-instance-evpn] vpn-target 1:1

[SwitchB-public-instance-evpn] quit

[SwitchB-public-instance] quit

# Configure VSI-interface 1.

[SwitchB] interface vsi-interface 1

[SwitchB-Vsi-interface1] ip address 10.1.1.1 255.255.255.0

[SwitchB-Vsi-interface1] igmp enable

[SwitchB-Vsi-interface1] mac-address 1-1-1

[SwitchB-Vsi-interface1] distributed-gateway local

[SwitchB-Vsi-interface1] local-proxy-arp enable

[SwitchB-Vsi-interface1] quit

# Configure VSI-interface 2.

[SwitchB] interface vsi-interface 2

[SwitchB-Vsi-interface2] ip binding vpn-instance vpnb

[SwitchB-Vsi-interface2] ip address 10.1.2.1 255.255.255.0

[SwitchB-Vsi-interface2] igmp enable

[SwitchB-Vsi-interface2] mac-address 2-2-2

[SwitchB-Vsi-interface2] distributed-gateway local

[SwitchB-Vsi-interface2] local-proxy-arp enable

[SwitchB-Vsi-interface2] quit

# Create VSI-interface 4 and configure its L3 VXLAN ID as 1000.

[SwitchB] interface vsi-interface 4

[SwitchB-Vsi-interface4] l3-vni 1000

[SwitchB-Vsi-interface4] pim sm

[SwitchB-Vsi-interface4] quit

# Enable IP multicast routing for VPN instance vpnb.

[SwitchB] multicast routing vpn-instance vpnb

[SwitchB-mrib-vpnb] quit

# Create an MDT-based MVXLAN for VPN instance vpnb, enter MVXLAN IPv4 address family view, and configure the MVXLAN source interface.

[SwitchB] multicast-vpn vxlan vpn-instance vpnb mode mdt

[SwitchB-mvxlan-vpnb] address-family ipv4

[SwitchB-mvxlan-vpnb-ipv4] source loopback 0

[SwitchB-mvxlan-vpnb-ipv4] quit

[SwitchB-mvxlan-vpnb] quit

# Configure Loopback 1.

[SwitchB] interface loopback 1

[SwitchB-LoopBack1] ip binding vpn-instance vpnb

[SwitchB-LoopBack1] ip address 12.12.12.12 32

[SwitchB-LoopBack1] pim sm

[SwitchB-LoopBack1] quit

# Enter VPN instance PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in VPN instance vpnb.

[SwitchB] pim vpn-instance vpnb

[SwitchB-pim-vpnb] c-bsr 12.12.12.12

[SwitchB-pim-vpnb] c-rp 12.12.12.12

[SwitchB-pim-vpnb] quit

# Configure Loopback 2.

[SwitchB] interface loopback 2

[SwitchB-LoopBack2] ip address 13.13.13.13 32

[SwitchB-LoopBack2] pim sm

[SwitchB-LoopBack2] quit

# Create IPv4 basic ACL 2000 and enter its view. Create a rule in the ACL to permit only packets from 225.0.0.0/8.

[SwitchB-acl-ipv4-basic-2000] acl basic 2000

[SwitchB-acl-ipv4-basic-2000] rule permit source 225.0.0.0 0.255.255.255

[SwitchB-acl-ipv4-basic-2000] quit

# Enter public instance PIM view, configure Loopback 2 as a candidate-BSR and candidate-RP in the public instance, and specify a candidate-RP policy.

[SwitchB] pim

[SwitchB-pim] c-bsr 13.13.13.13

[SwitchB-pim] c-rp 13.13.13.13 group-policy 2000

[SwitchB-pim] quit

# Specify VSI-interface 1 as the gateway interface for VSI vpna.

[SwitchB] vsi vpnc

[SwitchB-vsi-vpna] gateway vsi-interface 1

[SwitchB-vsi-vpna] quit

# Specify VSI-interface 2 as the gateway interface for VSI vpnb.

[SwitchB] vsi vpnc

[SwitchB-vsi-vpnb] gateway vsi-interface 2

[SwitchB-vsi-vpnb] quit

# Enable IP multicast routing for VPN instance vpnb, and import the traffic of VPN instance vpna to VPN instance vpnb.

[SwitchB] multicast routing vpn-instance vpnb

[SwitchB-mrib-vpnb] multicast extranet select-rpf group 225.0.0.0 16

5. Configure Switch C:

# Enable L2VPN and IP multicast routing.

<SwitchC> system-view

[SwitchC] l2vpn enable

[SwitchC] multicast routing

[SwitchC-mrib] quit

# Disable remote MAC address learning and remote ARP learning.

[SwitchC] vxlan tunnel mac-learning disable

[SwitchC] vxlan tunnel arp-learning disable

# Create VLAN-interface 13 and enter its view.

[SwitchC] vlan 13

[SwitchC-vlan13] quit

[SwitchC] interface vlan-interface 13

# Enable PIM-SM on VLAN-interface 13.

[SwitchC-Vlan-interface13] pim sm

[SwitchC-Vlan-interface13] quit

# Configure BGP to advertise BGP EVPN routes.

[SwitchC] bgp 200

[SwitchC-bgp-default] peer 4.4.4.4 as-number 200

[SwitchC-bgp-default] peer 4.4.4.4 connect-interface loopback 0

[SwitchC-bgp-default] address-family l2vpn evpn

[SwitchC-bgp-default-evpn] peer 4.4.4.4 enable

[SwitchC-bgp-default-evpn] quit

[SwitchC-bgp-default] quit

# Configure RD and route target settings for the public instance.

[SwitchC] ip public-instance

[SwitchC-public-instance] route-distinguisher 1:1

[SwitchC-public-instance] address-family ipv4

[SwitchC-public-instance] vpn-target 1:1

[SwitchC-public-instance] quit

[SwitchC-public-instance] address-family evpn

[SwitchC-public-instance] vpn-target 1:1

[SwitchC-public-instance] quit

# Configure the L3 VXLAN ID as 1000 for VSI-interface 3.

[SwitchC] interface vsi-interface 3

[SwitchC-Vsi-interface3] l3-vni 1000

[SwitchC-Vsi-interface3] pim sm

[SwitchC-Vsi-interface3] quit

# Create an MDT-based MVXLAN for the public instance, enter MVXLAN IPv4 address family view, and configure the MVXLAN source interface.

[SwitchC] multicast-vpn vxlan public-instance mode mdt

[SwitchC-mvxlan-public-instance] address-family ipv4

[SwitchC-mvxlan-public-instance-ipv4] source loopback 0

[SwitchC-mvxlan-public-instance-ipv4] quit

[SwitchC-mvxlan-public-instance] quit

# Configure Loopback 1.

[SwitchC] interface loopback 1

[SwitchC-LoopBack1] ip address 12.12.12.12 32

[SwitchC-LoopBack1] pim sm

[SwitchC-LoopBack1] quit

# Create IPv4 basic ACL 2000 and enter its view. Create a rule in the ACL to permit only packets from 225.0.0.0/8.

[SwitchC-acl-ipv4-basic-2000] acl basic 2000

[SwitchC-acl-ipv4-basic-2000] rule permit source 225.0.0.0 0.255.255.255

[SwitchC-acl-ipv4-basic-2000] qui

# Enter PIM view, and configure Loopback 1 as a candidate-BSR and candidate-RP in the public network.

[SwitchC] pim

[SwitchC-pim] c-bsr 12.12.12.12

[SwitchC-pim] c-rp 12.12.12.12 group-policy 2000

[SwitchC-pim] quit

# Configure a default route. Specify the next hop as 20.1.1.100, the IP address of a device in the Layer 3 network.

[SwitchC] ip route-static 0.0.0.0 0 20.1.1.100

# Import the default route to the BGP IPv4 unicast routing table of the public instance.

[SwitchC] bgp 200

[SwitchC-bgp-default] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4] default-route imported

[SwitchC-bgp-default-ipv4] import-route static

[SwitchC-bgp-default-ipv4] quit

[SwitchC-bgp-default] quit

# Create VLAN 20.

[SwitchC] vlan 20

[SwitchC-vlan20] quit

# Configure VLAN-interface 20 that connects to the Layer 3 network and associate the interface with the public instance.

[SwitchC] interface vlan-interface 20

[SwitchC-Vlan-interface20] ip address 20.1.1.3 24

[SwitchC-Vlan-interface20] pim sm

[SwitchC-Vlan-interface20] quit

6. Configure Switch D:

# Enable IP multicast routing.

<SwitchD> system-view

[SwitchD] multicast routing

[SwitchD-mrib] quit

# Enter PIM view, and configure Loopback 0 as a candidate-BSR and candidate-RP in the public network.

[SwitchD] pim

[SwitchD-pim] c-bsr 4.4.4.4

[SwitchD-pim] c-rp 4.4.4.4

[SwitchD-pim] quit

# Enable PIM-SM on VLAN-interface 11.

[SwitchD] interface vlan-interface11

[SwitchD-Vlan-interface11] pim sm

[SwitchD-Vlan-interface11] quit

# Enable PIM-SM on VLAN-interface 12.

[SwitchD] interface vlan-interface12

[SwitchD-Vlan-interface12] pim sm

[SwitchD-Vlan-interface12] quit

# Enable PIM-SM on VLAN-interface 13.

[SwitchD] interface vlan-interface13

[SwitchD-Vlan-interface13] pim sm

[SwitchD-Vlan-interface13] quit

# Establish BGP connections with other transport network switches.

[SwitchD] bgp 200

[SwitchD-bgp-default] group evpn

[SwitchD-bgp-default] peer 1.1.1.1 group evpn

[SwitchD-bgp-default] peer 2.2.2.2 group evpn

[SwitchD-bgp-default] peer 3.3.3.3 group evpn

[SwitchD-bgp-default] peer evpn as-number 200

[SwitchD-bgp-default] peer evpn connect-interface loopback 0

# Configure BGP to advertise BGP EVPN routes, and disable route target filtering of received BGP EVPN routes.

[SwitchD-bgp-default] address-family l2vpn evpn

[SwitchD-bgp-default-evpn] peer evpn enable

[SwitchD-bgp-default-evpn] undo policy vpn-target

# Configure Switch D as an RR.

[SwitchD-bgp-default-evpn] peer evpn reflect-client

[SwitchD-bgp-default-evpn] quit

[SwitchD-bgp-default] quit

Verifying the configuration

1. Verify the multicast routing information on Switch A:

# Verify that Switch A has multicast routing entries for VPN instance vpna.

<SwitchA> display pim vpn-instance vpna routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: WC RC

UpTime: 02:57:31

Upstream interface: Register-Tunnel0

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: MTunnel0

Protocol: MD, UpTime: 02:57:31, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: SPT 2MSDP LOC ACT SQ RC 2MVPN

UpTime: 02:56:31

Upstream interface: Vsi-interface1

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: MTunnel1

Protocol: MD, UpTime: 02:56:31, Expires: -

# Verify that Switch A has multicast routing entries for the public network.

<SwitchA> display pim routing-table

Total 0 (*, G) entries; 2 (S, G) entries

(1.1.1.1, 236.0.0.1)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT LOC VXLAN_L3

UpTime: 03:09:52

Upstream interface: MTunnel0 (VPN: vpna)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vlan-interface11

Protocol: pim-sm, UpTime: 03:09:50, Expires: 00:03:10

(1.1.1.1, 239.0.1.0)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT LOC VXLAN_L3

UpTime: 02:55:31

Upstream interface: MTunnel1 (VPN: vpna)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vlan-interface11

Protocol: pim-sm, UpTime: 02:55:28, Expires: 00:03:11

2. Verify the multicast routing information on Switch B:

# Verify that Switch B has multicast routing entries for VPN instance vpnb.

<SwitchB> display pim vpn-instance vpnb routing-table

Total 1 (*, G) entries; 1 (S, G) entries

(*, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: WC

UpTime: 02:56:35

Upstream interface: Extranet (public instance)

Upstream neighbor: 127.0.0.1

RPF prime neighbor: 127.0.0.1

Downstream interface information:

Total number of downstream interfaces: 11: Vsi-interface2

Protocol: igmp, UpTime: 02:56:35, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: SPT ACT RQ 2MVPN

UpTime: 02:56:31

Upstream interface: Extranet (public instance)

Upstream neighbor: 127.0.0.1

RPF prime neighbor: 127.0.0.1

Downstream interface information:

Total number of downstream interfaces: 1 1: Vsi-interface2

Protocol: igmp, UpTime: 02:56:31, Expires: -

# Verify that Switch B has multicast routing entries for the public network.

<SwitchB> display pim routing-table

Total 1 (*, G) entries; 3 (S, G) entries

(*, 225.0.0.0)

RP: 13.13.13.13 (local)

Protocol: pim-sm, Flag: WC

UpTime: 02:56:31

Upstream interface: Register-Tunnel0

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 2

1: Vsi-interface 1

Protocol: igmp, UpTime: 02:56:31, Expires: -

2: Extranet (VPN: vpnb)

Protocol: MD, UpTime: 02:56:31, Expires: -

(10.1.1.10, 225.0.0.0)

RP: 12.12.12.12 (local)

Protocol: pim-sm, Flag: SPT ACT RQ 2MVPN

UpTime: 02:56:30

Upstream interface: MVXLAN-UPE0 (0.0.0.0)

Upstream neighbor: NULL

RPF prime neighbor: NULL

Downstream interface information:

Total number of downstream interfaces: 1

1: Vsi-interface 1

Protocol: igmp, UpTime: 02:56:31, Expires: -

2: Extranet (VPN: vpnb)

Protocol: MD, UpTime: 02:56:31, Expires: -

(1.1.1.1, 236.0.0.1)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT

UpTime: 03:00:46

Upstream interface: Vlan-interface12

Upstream neighbor: 12.1.1.4

RPF prime neighbor: 12.1.1.4

Downstream interface information:

Total number of downstream interfaces: 1

1: MVXLAN-UPE0

Protocol: MD, UpTime: 03:00:46, Expires: -

(1.1.1.1, 239.0.1.0)

RP: 4.4.4.4

Protocol: pim-sm, Flag: SPT ACT 2MVPN

UpTime: 02:56:31

Upstream interface: Vlan-interface12

Upstream neighbor: 12.1.1.4

RPF prime neighbor: 12.1.1.4

Downstream interface information:

Total number of downstream interfaces: 1

1: MVXLAN-UPE0

Protocol: MD, UpTime: 02:56:31, Expires: -

18-EVPN Configuration Guide

Benefits

MP-BGP extension for MVXLAN

Automatic MVXLAN tunnel establishment and assignment

Default MDT-based transmission

MDT switchover

Switching from the default MDT to a data MDT

Switching from the data MDT to the default MDT

About this task

Creating an MVXLAN for a VPN instance

Creating an MVXLAN for the public instance

About this task

Procedure

Network configuration

Procedure

Verifying the configuration

Enabling IP multicast routing for a VPN instance

Creating an MVXLAN

About this task

Creating an MVXLAN for a VPN instance

Creating an MVXLAN for the public instance

Configuring a default group

Restrictions and guidelines

Procedure

Specifying the MVXLAN source interface

About this task

Restrictions and guidelines

Procedure

About this task

Restrictions and guidelines

Procedure

About this task

Procedure

About this task

Restrictions and guidelines

Procedure

Network configuration

Procedure

Example: Configuring MVXLAN extranet on the receiver VPN instance for symmetrically configured extranet

Network configuration

Procedure

Verifying the configuration

Network configuration

Procedure

Verifying the configuration

Network configuration

Procedure

Verifying the configuration

Network configuration

Procedure

Verifying the configuration

Network configuration

Procedure

Verifying the configuration

Cloud & AI

InterConnect

Intelligent Terminal Products

Product Support Services

Technical Service Solutions

Resource Center

Policy

Online Help

Become a Partner

Partner Resources

Partner Business Management

Company Information

News & Events

Contact Us