之前一直不知道为什么会有人要在Wireguard上跑VXLAN,现在道个歉,是咱笨蛋了。Wireguard上跑不了ISIS,对不起。(当然其实也可以跑gretap来进行)
如果最近丢人的发现有个号码,停机保号太久又没交钱,没拉去销号,然后拉销户账单了….,尴尬。所以网络组网变得有点奇怪。
但本质上这个是为了解决两台Debian软路由,在两个地方多个NAT后面打通。
FRRouting配置
节点配置
每个节点的配置基本都相同
router bgp 65535
bgp router-id 10.0.0.8
no bgp default ipv4-unicast
neighbor EVPN:RR peer-group
neighbor EVPN:RR remote-as 139618
neighbor EVPN:RR update-source 10.0.0.8
neighbor 10.0.0.6 peer-group EVPN:RR
!
address-family l2vpn evpn
neighbor 10.0.0.6 activate
advertise-all-vni
advertise-svi-ip
exit-address-family
exitRR配置
router bgp 65535
bgp router-id 10.0.0.6
bgp log-neighbor-changes
no bgp default ipv4-unicast
bgp cluster-id 10.0.0.6
neighbor EVPN:IBGP peer-group
neighbor EVPN:IBGP remote-as 65535
neighbor EVPN:IBGP update-source 10.0.0.6
bgp listen range 10.0.0.0/24 peer-group EVPN:IBGP
!
address-family l2vpn evpn
neighbor EVPN:IBGP activate
neighbor EVPN:IBGP route-reflector-client
advertise-all-vni
advertise-svi-ip
exit-address-family
exit参考
[使用 FRR 在 Linux 上设定 BGP EVPN](https://blog.razuritta.me/post/bgp-evpn-with-frrouting-on-linux/)
