1、网络拓扑图
2、配置步骤
1)BD域:VXLAN中的“同一大二层域”,就类似于传统网络中VLAN(虚拟局域网)的概念,叫做Bridge-Domain,简称BD。BD域用于桥接不同的二层网络,不同的BD是通过VNI来区分的,BD与VNI是1:1的映射关系。
bridge-domain 10 //表示创建一个“大二层广播域”BD,其编号为10
vxlan vni 5000 //表示在BD 10下,指定与之关联的VNI为5000
#
<HUAWEI> display vxlan vni
Number of vxlan vni : 1
VNI BD-ID State
---------------------------------------
5000 10 up
BD与VNI是绑定关系,将交换机上不同的二层接口划分到BD域下,就能确定报文要经过的VXLAN隧道
2)将不同的二层接口(Vlan)划分到不同的BD下,实现VM通过进入不同的Vxlan隧道。
interface 10GE1/0/1.1 mode l2 //创建二层子接口10GE1/0/1.1
encapsulation dot1q vid 10 //只允许携带VLAN Tag 10的报文进入VXLAN隧道
bridge-domain 10 //指定报文进入的是BD 10
#
interface 10GE1/0/1.2 mode l2 //创建二层子接口10GE1/0/1.2
encapsulation untag //只允许不携带VLAN Tag的报文进入VXLAN隧道
bridge-domain 20 //指定报文进入的是BD 20
#
3)VxLAN隧道建立
interface Nve1 //创建逻辑接口NVE 1
source 1.1.1.1 //配置源VTEP的IP地址(推荐使用Loopback接口的IP地址)
vni 5000 head-end peer-list 2.2.2.2
vni 5000 head-end peer-list 2.2.2.3
#
<HUAWEI> display vxlan vni 5000 verbose
BD ID : 10
State : up
NVE : 288
Source Address : 1.1.1.1
Source IPv6 Address : -
UDP Port : 4789
BUM Mode : head-end
Group Address : -
Peer List : 2.2.2.2 2.2.2.3
IPv6 Peer List : -
3、具体配置
ce1:
[ce1]display current-configuration
!Software Version V200R005C10SPC607B607
!Last configuration was updated at 2024-08-10 23:59:34+00:00
#
sysname ce1
#
device board 17 board-type CE-MPUB
device board 1 board-type CE-LPUE
#
bridge-domain 10
vxlan vni 5000
#
aaa
#
authentication-scheme default
#
authorization-scheme default
#
accounting-scheme default
#
domain default
#
domain default_admin
#
interface MEth0/0/0
undo shutdown
#
interface GE1/0/0
undo shutdown
#
interface GE1/0/0.1 mode l2
encapsulation dot1q vid 10
bridge-domain 10
#
interface GE1/0/1
undo portswitch
undo shutdown
ip address 20.1.1.1 255.255.255.0
#
interface GE1/0/2
shutdown
#
interface GE1/0/3
shutdown
#
interface GE1/0/4
shutdown
#
interface GE1/0/5
shutdown
#
interface GE1/0/6
shutdown
#
interface GE1/0/7
shutdown
#
interface GE1/0/8
shutdown
#
interface GE1/0/9
shutdown
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface Nve1
source 1.1.1.1
vni 5000 head-end peer-list 3.3.3.3
#
interface NULL0
#
ospf 100 router-id 1.1.1.1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 20.1.1.0 0.0.0.255
#
ssh authorization-type default aaa
#
ssh server cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
ssh server dh-exchange min-len 1024
#
ssh client cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
user-interface con 0
#
vm-manager
#
return
[ce1]
ce3:
[ce3]display current-configuration
!Software Version V200R005C10SPC607B607
!Last configuration was updated at 2024-08-11 00:00:19+00:00
#
sysname ce3
#
device board 17 board-type CE-MPUB
device board 1 board-type CE-LPUE
#
bridge-domain 10
vxlan vni 5000
#
aaa
#
authentication-scheme default
#
authorization-scheme default
#
accounting-scheme default
#
domain default
#
domain default_admin
#
interface MEth0/0/0
undo shutdown
#
interface GE1/0/0
undo shutdown
#
interface GE1/0/0.1 mode l2
encapsulation dot1q vid 20
bridge-domain 10
#
interface GE1/0/1
undo portswitch
undo shutdown
ip address 30.1.1.2 255.255.255.0
#
interface GE1/0/2
shutdown
#
interface GE1/0/3
shutdown
#
interface GE1/0/4
shutdown
#
interface GE1/0/5
shutdown
#
interface GE1/0/6
shutdown
#
interface GE1/0/7
shutdown
#
interface GE1/0/8
shutdown
#
interface GE1/0/9
shutdown
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
interface Nve1
source 3.3.3.3
vni 5000 head-end peer-list 1.1.1.1
#
interface NULL0
#
ospf 100 router-id 3.3.3.3
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 30.1.1.0 0.0.0.255
#
ssh authorization-type default aaa
#
ssh server cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
ssh server dh-exchange min-len 1024
#
ssh client cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
user-interface con 0
#
vm-manager
#
return
[ce3]
