引言

随着业务对带宽、低时延和可扩展性的需求不断提升,传统的三层数据中心网络架构逐渐被更高效、扁平化的Spine-Leaf架构所取代。本项目旨在以 Cisco N9K-C9336C 为 Spine,Arista 7050QX-32S 为 Leaf,从0构建一张现代化的数据中心网络,具备 100G 核心、40G 接入的能力,支持 VXLAN/EVPN Overlay 网络。

第一章:设计蓝图——为何选择 Spine-Leaf 架构

Spine-Leaf 的优势

  • 所有Leaf交换机到Spine交换机等距离,低时延、高吞吐
  • 支持水平扩展,可按需添加Leaf节点和Spine节点
  • ECMP负载均衡,实现全网带宽利用最大化

架构概述

  • 2台Cisco N9K-C9336C(36x 100G)为Spine
  • 8台Arista 7050QX-32S(32x 40G)为Leaf,提供对服务器的高速接入
  • 全网无阻塞CLOS拓扑,Leaf与Spine互联,Leaf下挂服务器

第二章:硬件选型与端口分配策略

Cisco N9K-C9336C(Spine)

  • 36个QSFP28 100G 接口,可拆分为 4x 25G
  • NX-OS 系统,支持VXLAN EVPN、ACI

Arista 7050QX-32S(Leaf)

  • 32个QSFP+ 40G 接口,可拆分为4x 10G
  • EOS系统,开放性好,支持VXLAN EVPN

接口布局示意

  • 每台 Leaf 用 2 条 40G 上联 Spine(与两个 Spine 分别对接)
  • 每台 Leaf 剩余接口用于连接 16 台服务器(每端口 40G)

第三章:拓扑构建与布线设计

网络拓扑图

             +--------------------+
             |   Spine 1 (100G)   |
             +--------------------+
             |   Spine 2 (100G)   |
             +--------------------+
               /    |     |     \
              /     |     |      \
     +-----------+  ...  +-----------+
     | Leaf 1    |      | Leaf 8    |
     | (40G x32) |      | (40G x32) |
     +-----------+      +-----------+
          |                  |
     +---------+        +---------+
     | Server  |        | Server  |
     +---------+        +---------+

布线规划

  • Spine 与 Leaf 互联:40G SR4 + MPO 多模 / 40G AOC
  • Leaf 到服务器:40G SR4 + MPO 多模 / 40G AOC or 分拆 4x10G DAC/AOC

第四章:初始配置与自动化(统一 BGP AS65530)

Cisco N9K Spine(示例)

hostname Spine1
interface loopback0
  ip address 100.100.21.1/32

router bgp 65530
  router-id 100.100.21.1
  neighbor 100.100.21.11 remote-as 65530
  neighbor 100.100.21.12 remote-as 65530
  neighbor 100.100.21.13 remote-as 65530
  neighbor 100.100.21.14 remote-as 65530
  neighbor 100.100.21.15 remote-as 65530
  neighbor 100.100.21.16 remote-as 65530
  neighbor 100.100.21.17 remote-as 65530
  neighbor 100.100.21.18 remote-as 65530
  address-family l2vpn evpn
    neighbor 100.100.21.11 activate
    neighbor 100.100.21.12 activate
    neighbor 100.100.21.13 activate
    neighbor 100.100.21.14 activate
    neighbor 100.100.21.15 activate
    neighbor 100.100.21.16 activate
    neighbor 100.100.21.17 activate
    neighbor 100.100.21.18 activate

Arista Leaf 配置(Leaf1 & Leaf2 为一组)

hostname Leaf1
interface Loopback0
  ip address 100.100.21.11/32

interface Ethernet1
  description To-Spine1
  no switchport
  ip address 192.0.2.1/31
interface Ethernet2
  description To-Spine2
  no switchport
  ip address 192.0.2.3/31

interface Ethernet31
  channel-group 100 mode active
interface Ethernet32
  channel-group 100 mode active

port-channel 100
  description MLAG-PEER
  switchport
  mlag 100

interface Vlan10
  ip address 10.10.10.1/24
  vrrp 10 ip 10.10.10.254

interface Vxlan1
  vxlan source-interface Loopback0
  vxlan vlan 10 vni 10100
  vxlan virtual-router encapsulation mac-address 00:aa:bb:cc:dd:ee

router bgp 65530
  router-id 100.100.21.11
  neighbor 100.100.21.1 remote-as 65530
  neighbor 100.100.21.2 remote-as 65530
  address-family l2vpn evpn
    neighbor 100.100.21.1 activate
    neighbor 100.100.21.2 activate
  vlan 10
    rd 100.100.21.11:10
    route-target both 100:10
    redistribute learned

MLAG 配置(Leaf1 & Leaf2)

mlag configuration
  domain-id MLAG-DOMAIN-1
  local-interface Vlan4094
  peer-address 10.0.0.2
  peer-link Port-Channel100
  reload-delay mlag 300
  reload-delay non-mlag 330

南ことり の 小窝原创文章,转载请注明来自:从0开始构建一张现代化数据中心网络:实战 N9K 与 Arista 的 Spine-Leaf 架构