VXLAN ensp实验

配置同网段用户通过VXLAN隧道互通示例

组网需求

如图1所示，某企业在不同的数据中心中都拥有自己的VM，服务器1上的VM1属于VLAN10，服务器2上的VM1属于VLAN20，且位于同网段。现需要通过VXLAN隧道实现不同数据中心相同VM的互通。

NE1配置

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27

<Huawei>sys [Huawei]interface loopback1 [Huawei-LoopBack1]ip address 2.2.2.2 32 [Huawei-LoopBack1]q [Huawei]interface Ethernet 0/0/1 [Huawei-Ethernet0/0/1]ip address 192.168.1.1 24 [Huawei-Ethernet0/0/1]q [Huawei]ospf 1 [Huawei-ospf-1]area 0 [Huawei-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0 [Huawei-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255 [~HUAWEI]bridge-domain 10 [*HUAWEI-bd10]quit [*HUAWEI]interface Ethernet 1/0/2.1 mode l2 [*HUAWEI-Ethernet1/0/2.1]encapsulation dot1q vid 10 [*HUAWEI-Ethernet1/0/2.1]rewrite pop single [*HUAWEI-Ethernet1/0/2.1]bridge-domain 10 [*HUAWEI-Ethernet1/0/2.1]quit [*HUAWEI]com [~HUAWEI]bridge-domain 10 [~HUAWEI-bd10]vxlan vni 5010 [*HUAWEI-bd10]quit [*HUAWEI]interface nve 1 [*HUAWEI-Nve1]source 2.2.2.2    [*HUAWEI-Nve1]vni 5010 head-end peer-list 4.4.4.4 [*HUAWEI-Nve1]quit [*HUAWEI]com

NE2配置

?

1 2 3 4 5 6 7 8 9 10 11 12

<Huawei>sys [Huawei]interface loopback 1 [Huawei-LoopBack1]ip address 3.3.3.3 32 [Huawei]interface Ethernet 0/0/1 [Huawei-Ethernet0/0/1]ip address 192.168.1.2 24 [Huawei]interface Ethernet 0/0/2 [Huawei-Ethernet0/0/2]ip address 192.168.2.1 24 [Huawei]ospf 1 [Huawei-ospf-1]area 0 [Huawei-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0 [Huawei-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255 [Huawei-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255

 NE3配置

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27

<Huawei>sys [Huawei]interface GigabitEthernet 0/0/1 [Huawei-GigabitEthernet0/0/1]ip address 192.168.2.2 255.255.255.0 [Huawei-GigabitEthernet0/0/1]q [Huawei]interface GigabitEthernet 0/0/2 [Huawei]interface Loopback1 [Huawei-LoopBack1]ip address 4.4.4.4 255.255.255.255 [Huawei]ospf 1 [Huawei-ospf-1]area 0 [Huawei-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0 [Huawei-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255 [~HUAWEI]bridge-domain 10 [*HUAWEI-bd10]quit [*HUAWEI]interface Ethernet 1/0/1.1 mode l2 [*HUAWEI-Ethernet1/0/1.1]encapsulation dot1q vid 10 [*HUAWEI-Ethernet1/0/1.1]rewrite pop single [*HUAWEI-Ethernet1/0/1.1]bridge-domain 10 [*HUAWEI-Ethernet1/0/1.1]quit [*HUAWEI]com [~HUAWEI]bridge-domain 10 [~HUAWEI-bd10]vxlan vni 5010 [*HUAWEI-bd10]quit [*HUAWEI]interface nve 1 [*HUAWEI-Nve1]source 4.4.4.4 [*HUAWEI-Nve1]vni 5010 head-end peer-list 2.2.2.2 [*HUAWEI-Nve1]quit [*HUAWEI]com

配置不同网段用户通过VXLAN三层网关通信示例

配置思路

采用如下思路配置不同网段用户通过VXLAN三层网关通信：

1. 分别在Device1、Device2和Device3上配置路由协议，保证网络三层互通。
2. 分别在Device1和Device3上配置业务接入点实现区分业务流量。
3. 分别在Device1、Device2和Device3上配置VXLAN隧道转发业务流量。
4. 在Device2上配置VXLAN三层网关，实现不同网段用户通过VXLAN三层网关互通。

操作步骤

配置路由协议

1、分别配置Device1、Device2和Device3各接口IP地址。

#配置Device1　

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

<HUAWEI> system-view [~HUAWEI] sysname Device1 [*HUAWEI] commit [~Device1] interface loopback 1 [*Device1-LoopBack1] ip address 2.2.2.2 32 [*Device1-LoopBack1] quit [*Device1] interface gigabitethernet 0/1/1 [*Device1-GigabitEthernet0/1/1] ip address 192.168.1.1 24 [*Device1-GigabitEthernet0/1/1] quit [*Device1] ospf [*Device1-ospf-1] area 0 [*Device1-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0 [*Device1-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [*Device1-ospf-1-area-0.0.0.0] quit [*Device1-ospf-1] quit [*Device1] commit

Device2、Device3的配置与Device1配置类似。

OSPF成功配置后，Device之间可通过OSPF协议发现对方的Loopback接口的IP地址，并能互相ping通。以Device1 ping Device3的显示为例。

?

1 2 3 4 5 6 7 8 9 10 11 12 13

[~Device1] ping 4.4.4.4   PING 4.4.4.4: 56  data bytes, press CTRL_C to break     Reply from 4.4.4.4: bytes=56 Sequence=1 ttl=254 time=5 ms     Reply from 4.4.4.4: bytes=56 Sequence=2 ttl=254 time=2 ms     Reply from 4.4.4.4: bytes=56 Sequence=3 ttl=254 time=2 ms     Reply from 4.4.4.4: bytes=56 Sequence=4 ttl=254 time=3 ms     Reply from 4.4.4.4: bytes=56 Sequence=5 ttl=254 time=3 ms     --- 4.4.4.4 ping statistics ---     5 packet(s) transmitted     5 packet(s) received     0.00% packet loss     round-trip min/avg/max = 2/3/5 ms

2、分别在Device1、Device3上配置业务接入点

# 配置Device1 

?

1 2 3 4 5 6 7 8

[~Device1] bridge-domain 10 [*Device1-bd10] quit [*Device1] interface gigabitethernet0/1/2.1 mode l2 [*Device1-GigabitEthernet0/1/2.1] encapsulation dot1q vid 10 [*Device1-GigabitEthernet0/1/2.1] rewrite pop single [*Device1-GigabitEthernet0/1/2.1] bridge-domain 10 [*Device1-GigabitEthernet0/1/2.1] quit [*Device1] commit

　Device3的配置与Device1配置类似　

3、分别在Device1、Device2、Device3上配置VXLAN隧道　　

#Device1

?

1 2 3 4 5 6 7 8

[~Device1] bridge-domain 10 [*Device1-bd10] vxlan vni 5010 [*Device1-bd10] quit [*Device1] interface nve 1 [*Device1-Nve1] source 2.2.2.2 [*Device1-Nve1] vni 5010 head-end peer-list 3.3.3.3 [*Device1-Nve1] quit [*Device1] commit

# 配置Device2　　

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14

[~Device2] bridge-domain 10 [*Device2-bd10] vxlan vni 5010 [*Device2-bd10] quit [*Device2] interface nve 1 [*Device2-Nve1] source 3.3.3.3 [*Device2-Nve1] vni 5010 head-end peer-list 2.2.2.2 [*Device2-Nve1] quit [~Device2] bridge-domain 20 [*Device2-bd20] vxlan vni 5020 [*Device2-bd20] quit [*Device2] interface nve 1 [*Device2-Nve1] vni 5020 head-end peer-list 4.4.4.4 [*Device2-Nve1] quit [*Device2] commit

 #配置Device3　

?

1 2 3 4 5 6 7 8

[~Device3] bridge-domain 20 [*Device3-bd20] vxlan vni 5020 [*Device3-bd20] quit [*Device3] interface nve 1 [*Device3-Nve1] source 4.4.4.4 [*Device3-Nve1] vni 5020 head-end peer-list 3.3.3.3 [*Device3-Nve1] quit [*Device3] commit

4、在Device2上配置VXLAN三层网关　　

?

1 2 3 4 5 6 7

[~Device2] interface vbdif 10 [*Device2-Vbdif10] ip address 192.168.10.10 24 [*Device2-Vbdif10] quit [*Device2] interface vbdif 20 [*Device2-Vbdif20] ip address 192.168.20.10 24 [*Device2-Vbdif20] quit [*Device2-Vbdif20] commit

5、检查配置结果　　

上述配置成功后，在Device1、Device2、Device3上执行display vxlan vni命令可查看到VNI的状态是Up；执行display vxlan tunnel命令可查看到VXLAN隧道的信息。以Device2显示为例。　

?

1 2 3 4 5 6 7 8 9 10 11 12

[~Device2] display vxlan vni Number of vxlan vni: 2 VNI            BD-ID            State --------------------------------------- 5010           10               up 5020           20               up [~Device2] display vxlan tunnel Number of Vxlan tunnel : 2 Tunnel ID   Source           Destination        State  Type    Uptime --------------------------------------------------------------------- 4026531841  3.3.3.3          2.2.2.2            up     static 0029h30m 4026531842  3.3.3.3          4.4.4.4            up     static 0029h44m

　完整配置

Device1

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

# sysname Device1 # bridge-domain 10  vxlan vni 5010 # interface GigabitEthernet0/1/1  undo shutdown  ip address 192.168.1.1 255.255.255.0 # interface GigabitEthernet0/1/2  undo shutdown # interface GigabitEthernet0/1/2.1 mode l2  encapsulation dot1q vid 10  rewrite pop single  bridge-domain 10 # interface LoopBack1  ip address 2.2.2.2 255.255.255.255 # interface Nve1  source 2.2.2.2  vni 5010 head-end peer-list 3.3.3.3 # ospf 1  area 0.0.0.0   network 2.2.2.2 0.0.0.0   network 192.168.1.0 0.0.0.255 # return

 Device2

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38

# sysname Device2 # bridge-domain 10  vxlan vni 5010 # bridge-domain 20  vxlan vni 5020 # interface Vbdif10  ip address 192.168.10.10 255.255.255.0 # interface Vbdif20  ip address 192.168.20.10 255.255.255.0 # interface GigabitEthernet0/1/1  undo shutdown  ip address 192.168.1.2 255.255.255.0 # interface GigabitEthernet0/1/2  undo shutdown  ip address 192.168.2.1 255.255.255.0 # interface LoopBack1  ip address 3.3.3.3 255.255.255.255 # interface Nve1  source 3.3.3.3  vni 5010 head-end peer-list 2.2.2.2  vni 5020 head-end peer-list 4.4.4.4 # ospf 1  area 0.0.0.0   network 3.3.3.3 0.0.0.0   network 192.168.1.0 0.0.0.255   network 192.168.2.0 0.0.0.255 # return

　Device3

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

# sysname Device3 # bridge-domain 20  vxlan vni 5020 # interface GigabitEthernet0/1/1  undo shutdown  ip address 192.168.2.2 255.255.255.0 # interface GigabitEthernet0/1/2  undo shutdown # interface GigabitEthernet0/1/2.1 mode l2  encapsulation dot1q vid 20  rewrite pop single  bridge-domain 20 # interface LoopBack1  ip address 4.4.4.4 255.255.255.255 # interface Nve1  source 4.4.4.4  vni 5020 head-end peer-list 3.3.3.3 # ospf 1  area 0.0.0.0   network 4.4.4.4 0.0.0.0   network 192.168.2.0 0.0.0.255 # return