VXLAN ensp实验

配置同网段用户通过VXLAN隧道互通示例

组网需求

如图1所示，某企业在不同的数据中心中都拥有自己的VM，服务器1上的VM1属于VLAN10，服务器2上的VM1属于VLAN20，且位于同网段。现需要通过VXLAN隧道实现不同数据中心相同VM的互通。

NE1配置

<Huawei>sys
[Huawei]interface loopback1
[Huawei-LoopBack1]ip address 2.2.2.2 32
[Huawei-LoopBack1]q
[Huawei]interface Ethernet 0/0/1
[Huawei-Ethernet0/0/1]ip address 192.168.1.1 24
[Huawei-Ethernet0/0/1]q
[Huawei]ospf 1
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[~HUAWEI]bridge-domain 10
[*HUAWEI-bd10]quit
[*HUAWEI]interface Ethernet 1/0/2.1 mode l2
[*HUAWEI-Ethernet1/0/2.1]encapsulation dot1q vid 10
[*HUAWEI-Ethernet1/0/2.1]rewrite pop single
[*HUAWEI-Ethernet1/0/2.1]bridge-domain 10
[*HUAWEI-Ethernet1/0/2.1]quit
[*HUAWEI]com
[~HUAWEI]bridge-domain 10
[~HUAWEI-bd10]vxlan vni 5010
[*HUAWEI-bd10]quit
[*HUAWEI]interface nve 1
[*HUAWEI-Nve1]source 2.2.2.2	
[*HUAWEI-Nve1]vni 5010 head-end peer-list 4.4.4.4
[*HUAWEI-Nve1]quit
[*HUAWEI]com

NE2配置

<Huawei>sys
[Huawei]interface loopback 1
[Huawei-LoopBack1]ip address 3.3.3.3 32
[Huawei]interface Ethernet 0/0/1
[Huawei-Ethernet0/0/1]ip address 192.168.1.2 24
[Huawei]interface Ethernet 0/0/2
[Huawei-Ethernet0/0/2]ip address 192.168.2.1 24
[Huawei]ospf 1
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[Huawei-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255

NE3配置

<Huawei>sys
[Huawei]interface GigabitEthernet 0/0/1
[Huawei-GigabitEthernet0/0/1]ip address 192.168.2.2 255.255.255.0
[Huawei-GigabitEthernet0/0/1]q
[Huawei]interface GigabitEthernet 0/0/2
[Huawei]interface Loopback1
[Huawei-LoopBack1]ip address 4.4.4.4 255.255.255.255
[Huawei]ospf 1
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255
[~HUAWEI]bridge-domain 10
[*HUAWEI-bd10]quit
[*HUAWEI]interface Ethernet 1/0/1.1 mode l2
[*HUAWEI-Ethernet1/0/1.1]encapsulation dot1q vid 10
[*HUAWEI-Ethernet1/0/1.1]rewrite pop single 
[*HUAWEI-Ethernet1/0/1.1]bridge-domain 10
[*HUAWEI-Ethernet1/0/1.1]quit
[*HUAWEI]com
[~HUAWEI]bridge-domain 10
[~HUAWEI-bd10]vxlan vni 5010
[*HUAWEI-bd10]quit
[*HUAWEI]interface nve 1
[*HUAWEI-Nve1]source 4.4.4.4
[*HUAWEI-Nve1]vni 5010 head-end peer-list 2.2.2.2
[*HUAWEI-Nve1]quit
[*HUAWEI]com

配置不同网段用户通过VXLAN三层网关通信示例

配置思路

采用如下思路配置不同网段用户通过VXLAN三层网关通信：

分别在Device1、Device2和Device3上配置路由协议，保证网络三层互通。
分别在Device1和Device3上配置业务接入点实现区分业务流量。
分别在Device1、Device2和Device3上配置VXLAN隧道转发业务流量。
在Device2上配置VXLAN三层网关，实现不同网段用户通过VXLAN三层网关互通。

操作步骤

配置路由协议

1、分别配置Device1、Device2和Device3各接口IP地址。

#配置Device1　

<HUAWEI> system-view
[~HUAWEI] sysname Device1
[*HUAWEI] commit
[~Device1] interface loopback 1
[*Device1-LoopBack1] ip address 2.2.2.2 32
[*Device1-LoopBack1] quit
[*Device1] interface gigabitethernet 0/1/1
[*Device1-GigabitEthernet0/1/1] ip address 192.168.1.1 24
[*Device1-GigabitEthernet0/1/1] quit
[*Device1] ospf
[*Device1-ospf-1] area 0
[*Device1-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[*Device1-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
[*Device1-ospf-1-area-0.0.0.0] quit
[*Device1-ospf-1] quit
[*Device1] commit

Device2、Device3的配置与Device1配置类似。

OSPF成功配置后，Device之间可通过OSPF协议发现对方的Loopback接口的IP地址，并能互相ping通。以Device1 ping Device3的显示为例。

[~Device1] ping 4.4.4.4
  PING 4.4.4.4: 56  data bytes, press CTRL_C to break
    Reply from 4.4.4.4: bytes=56 Sequence=1 ttl=254 time=5 ms
    Reply from 4.4.4.4: bytes=56 Sequence=2 ttl=254 time=2 ms
    Reply from 4.4.4.4: bytes=56 Sequence=3 ttl=254 time=2 ms
    Reply from 4.4.4.4: bytes=56 Sequence=4 ttl=254 time=3 ms
    Reply from 4.4.4.4: bytes=56 Sequence=5 ttl=254 time=3 ms

  --- 4.4.4.4 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 2/3/5 ms

2、分别在Device1、Device3上配置业务接入点

# 配置Device1

[~Device1] bridge-domain 10
[*Device1-bd10] quit
[*Device1] interface gigabitethernet0/1/2.1 mode l2
[*Device1-GigabitEthernet0/1/2.1] encapsulation dot1q vid 10
[*Device1-GigabitEthernet0/1/2.1] rewrite pop single
[*Device1-GigabitEthernet0/1/2.1] bridge-domain 10
[*Device1-GigabitEthernet0/1/2.1] quit
[*Device1] commit

　Device3的配置与Device1配置类似　

3、分别在Device1、Device2、Device3上配置VXLAN隧道　　

#Device1

[~Device1] bridge-domain 10
[*Device1-bd10] vxlan vni 5010
[*Device1-bd10] quit
[*Device1] interface nve 1
[*Device1-Nve1] source 2.2.2.2
[*Device1-Nve1] vni 5010 head-end peer-list 3.3.3.3
[*Device1-Nve1] quit
[*Device1] commit

# 配置Device2　　

[~Device2] bridge-domain 10
[*Device2-bd10] vxlan vni 5010
[*Device2-bd10] quit
[*Device2] interface nve 1
[*Device2-Nve1] source 3.3.3.3
[*Device2-Nve1] vni 5010 head-end peer-list 2.2.2.2
[*Device2-Nve1] quit
[~Device2] bridge-domain 20
[*Device2-bd20] vxlan vni 5020
[*Device2-bd20] quit
[*Device2] interface nve 1
[*Device2-Nve1] vni 5020 head-end peer-list 4.4.4.4
[*Device2-Nve1] quit
[*Device2] commit

#配置Device3　

[~Device3] bridge-domain 20
[*Device3-bd20] vxlan vni 5020
[*Device3-bd20] quit
[*Device3] interface nve 1
[*Device3-Nve1] source 4.4.4.4
[*Device3-Nve1] vni 5020 head-end peer-list 3.3.3.3
[*Device3-Nve1] quit
[*Device3] commit

4、在Device2上配置VXLAN三层网关　　

[~Device2] interface vbdif 10
[*Device2-Vbdif10] ip address 192.168.10.10 24
[*Device2-Vbdif10] quit
[*Device2] interface vbdif 20
[*Device2-Vbdif20] ip address 192.168.20.10 24
[*Device2-Vbdif20] quit
[*Device2-Vbdif20] commit

5、检查配置结果　　

上述配置成功后，在Device1、Device2、Device3上执行display vxlan vni命令可查看到VNI的状态是Up；执行display vxlan tunnel命令可查看到VXLAN隧道的信息。以Device2显示为例。　

[~Device2] display vxlan vni
Number of vxlan vni: 2
VNI            BD-ID            State
---------------------------------------
5010           10               up
5020           20               up
[~Device2] display vxlan tunnel
Number of Vxlan tunnel : 2
Tunnel ID   Source           Destination        State  Type    Uptime
---------------------------------------------------------------------
4026531841  3.3.3.3          2.2.2.2            up     static 0029h30m
4026531842  3.3.3.3          4.4.4.4            up     static 0029h44m

　完整配置

Device1

#
sysname Device1
#
bridge-domain 10
 vxlan vni 5010
#
interface GigabitEthernet0/1/1
 undo shutdown
 ip address 192.168.1.1 255.255.255.0
#
interface GigabitEthernet0/1/2
 undo shutdown
#
interface GigabitEthernet0/1/2.1 mode l2
 encapsulation dot1q vid 10
 rewrite pop single
 bridge-domain 10
#
interface LoopBack1
 ip address 2.2.2.2 255.255.255.255
#
interface Nve1
 source 2.2.2.2
 vni 5010 head-end peer-list 3.3.3.3
#
ospf 1
 area 0.0.0.0
  network 2.2.2.2 0.0.0.0
  network 192.168.1.0 0.0.0.255
#
return

Device2

#
sysname Device2
#
bridge-domain 10
 vxlan vni 5010
#
bridge-domain 20
 vxlan vni 5020
#
interface Vbdif10
 ip address 192.168.10.10 255.255.255.0
#
interface Vbdif20
 ip address 192.168.20.10 255.255.255.0
#
interface GigabitEthernet0/1/1
 undo shutdown
 ip address 192.168.1.2 255.255.255.0
#
interface GigabitEthernet0/1/2
 undo shutdown
 ip address 192.168.2.1 255.255.255.0
#
interface LoopBack1
 ip address 3.3.3.3 255.255.255.255
#
interface Nve1
 source 3.3.3.3
 vni 5010 head-end peer-list 2.2.2.2
 vni 5020 head-end peer-list 4.4.4.4
#
ospf 1
 area 0.0.0.0
  network 3.3.3.3 0.0.0.0
  network 192.168.1.0 0.0.0.255
  network 192.168.2.0 0.0.0.255
#
return

　Device3

#
sysname Device3
#
bridge-domain 20
 vxlan vni 5020
#
interface GigabitEthernet0/1/1
 undo shutdown
 ip address 192.168.2.2 255.255.255.0
#
interface GigabitEthernet0/1/2
 undo shutdown
#
interface GigabitEthernet0/1/2.1 mode l2
 encapsulation dot1q vid 20
 rewrite pop single
 bridge-domain 20
#
interface LoopBack1
 ip address 4.4.4.4 255.255.255.255
#
interface Nve1
 source 4.4.4.4
 vni 5020 head-end peer-list 3.3.3.3
#
ospf 1
 area 0.0.0.0
  network 4.4.4.4 0.0.0.0
  network 192.168.2.0 0.0.0.255
#
return

posted @ 2022-09-27 16:58 leagueandlegends 阅读(520) 评论(0) 编辑收藏举报

刷新页面返回顶部

leagueandlegends

三更灯火五更鸡，正是男儿读书时。黑发不知勤学早，白首方悔读书迟。