No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Typical Configuration Examples

CloudEngine 12800, 12800E, 8800, 7800, 6800, and 5800 Series Switches

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Segment VXLAN to Implement Layer 2 Interworking (Local VNI Mode)

Example for Configuring Segment VXLAN to Implement Layer 2 Interworking (Local VNI Mode)

Applicable Products and Versions

This example applies to the CE12800E (equipped with FD-X series cards), CE8800, CE7800, and CE6800 (excluding CE6875EI, CE6870EI, CE6880EI, CE6850EI, CE6810EI, and CE6810LI) V200R003C00 or later.

Networking Requirements

In Figure 2-51, VXLAN tunnels are established using BGP EVPN within data center A and data center B, and a VXLAN tunnel is established using BGP EVPN between Leaf2 and Leaf3. To enable communication between VM 1 and VM 2, implement Layer 2 communication between data center A and data center B. In this example, the VXLAN tunnel in data center A uses VNI 10 and that in data center B uses VNI 20. When a VXLAN tunnel is configured between Leaf2 and Leaf3, segment VXLAN needs to be configured for VNI conversion.

Figure 2-51 Configuring segment VXLAN to implement Layer 2 interworking
Table 2-13 IP addresses of interfaces

Device

Interface

IP Address

Device

Interface

IP Address

Spine1

10GE1/0/1

192.168.10.1/24

Spine2

10GE1/0/1

192.168.30.1/24

10GE1/0/2

192.168.20.1/24

10GE1/0/2

192.168.40.1/24

Leaf1

10GE1/0/1

192.168.10.2/24

Leaf4

10GE1/0/1

192.168.40.2/24

10GE1/0/2

-

10GE1/0/2

-

LoopBack1

1.1.1.1/32

LoopBack1

4.4.4.4/32

Leaf2

10GE1/0/1

192.168.20.2/24

Leaf3

10GE1/0/1

192.168.30.2/24

10GE1/0/2

192.168.50.1/24

10GE1/0/2

192.168.50.2/24

LoopBack1

2.2.2.2/32

LoopBack1

3.3.3.3/32

Configuration Roadmap

The configuration roadmap is as follows:
  1. Configure IP addresses of nodes.

  2. Configure IGP to enable communication between nodes.

  3. Establish VXLAN tunnels using BGP EVPN within data center A and data center B.

  4. Establish an inter-DC VXLAN tunnel using EBGP EVPN between Leaf2 and Leaf3.

  5. Configure segment VXLAN on Leaf2 and Leaf3.

Data Preparation

To complete the configuration, you need the following data:

  • VMs' VLAN IDs

  • BD IDs

  • VNI ID of the BD that data center A and data center B associate with

  • Number of the AS to which data center A and data center B belong

  • Name of the split horizon group to which Leaf2 and Leaf3 belong

Procedure

  1. Assign an IP address to each interface (including each loopback interface) on each node.

    For configuration details, see Configuration Files in this section.

  2. Configure a routing protocol.

    Configure an IGP within a data center or configure EBGP between data centers. OSPF is used in this example.

    For configuration details, see Configuration Files in this section.

  3. Establish VXLAN tunnels using BGP EVPN within data center A and data center B.
    1. Configure service access points on Leaf1 and Leaf4.

      # Configure Leaf1. Repeat this step for Leaf4.

      <Leaf1> system-view
      [~Leaf1] bridge-domain 10
      [*Leaf1-bd10] quit
      [*Leaf1] interface 10ge 1/0/2.1 mode l2
      [*Leaf1-10GE1/0/2.1] encapsulation dot1q vid 10
      [*Leaf1-10GE1/0/2.1] bridge-domain 10
      [*Leaf1-10GE1/0/2.1] quit
      [*Leaf1] commit

    2. Enable EVPN as the VXLAN control plane on leaf nodes.

      # Configure Leaf1. Repeat this step for Leaf2, Leaf3, and Leaf4.

      [~Leaf1] evpn-overlay enable
      [*Leaf1] commit

    3. Establish a BGP EVPN peer relationship between Leaf1 and Leaf2 in data center A, and establish a BGP EVPN peer relationship between Leaf3 and Leaf4 in data center B.

      # Establish a BGP EVPN peer relationship on Leaf1. Repeat this step for Leaf2, Leaf3, and Leaf4.

      [~Leaf1] bgp 100 instance evpn1
      [*Leaf1-bgp-instance-evpn1] peer 2.2.2.2 as-number 100
      [*Leaf1-bgp-instance-evpn1] peer 2.2.2.2 connect-interface LoopBack1
      [*Leaf1-bgp-instance-evpn1] l2vpn-family evpn
      [*Leaf1-bgp-instance-evpn1-af-evpn] peer 2.2.2.2 enable
      [*Leaf1-bgp-instance-evpn1-af-evpn] quit
      [*Leaf1-bgp-instance-evpn1] quit
      [*Leaf1] commit

    4. Configure EVPN instances on leaf nodes.

      # Configure Leaf1. Repeat this step for Leaf2, Leaf3, and Leaf4.

      [~Leaf1] bridge-domain 10
      [~Leaf1-bd10] vxlan vni 10
      [*Leaf1-bd10] evpn
      [*Leaf1-bd10-evpn] route-distinguisher 10:1
      [*Leaf1-bd10-evpn] vpn-target 11:1
      [*Leaf1-bd10-evpn] quit
      [*Leaf1-bd10] quit
      [*Leaf1] commit

    5. Enable ingress replication on leaf nodes.

      # Configure Leaf1. Repeat this step for Leaf2, Leaf3, and Leaf4.

      [~Leaf1] interface nve 1
      [*Leaf1-Nve1] source 1.1.1.1
      [*Leaf1-Nve1] vni 10 head-end peer-list protocol bgp
      [*Leaf1-Nve1] quit
      [*Leaf1] commit

  4. Establish an inter-DC VXLAN tunnel using EBGP EVPN between Leaf2 and Leaf3.

    # Configure Leaf2.

    [~Leaf2] bgp 100 instance evpn1
    [*Leaf2-bgp-instance-evpn1] peer 3.3.3.3 as-number 200
    [*Leaf2-bgp-instance-evpn1] peer 3.3.3.3 connect-interface LoopBack1
    [*Leaf2-bgp-instance-evpn1] peer 3.3.3.3 ebgp-max-hop 255
    [*Leaf2-bgp-instance-evpn1] l2vpn-family evpn
    [*Leaf2-bgp-instance-evpn1-af-evpn] peer 3.3.3.3 enable
    [*Leaf2-bgp-instance-evpn1-af-evpn] quit
    [*Leaf2-bgp-instance-evpn1] quit
    [*Leaf2] commit

    # Configure Leaf3.

    [~Leaf3] bgp 200 instance evpn1
    [*Leaf3-bgp-instance-evpn1] peer 2.2.2.2 as-number 100
    [*Leaf3-bgp-instance-evpn1] peer 2.2.2.2 connect-interface LoopBack1
    [*Leaf3-bgp-instance-evpn1] peer 2.2.2.2 ebgp-max-hop 255
    [*Leaf3-bgp-instance-evpn1] l2vpn-family evpn
    [*Leaf3-bgp-instance-evpn1-af-evpn] peer 2.2.2.2 enable
    [*Leaf3-bgp-instance-evpn1-af-evpn] quit
    [*Leaf3-bgp-instance-evpn1] quit
    [*Leaf3] commit

  5. Configure segment VXLAN on Leaf2 and Leaf3.
    1. Configure a split horizon group to which BGP EVPN peers belong.

      # Configure Leaf2.

      [~Leaf2] bgp 100 instance evpn1
      [~Leaf2-bgp-instance-evpn1] l2vpn-family evpn
      [~Leaf2-bgp-instance-evpn1-af-evpn] peer 3.3.3.3 split-group sg1
      [*Leaf2-bgp-instance-evpn1-af-evpn] commit

      # Configure Leaf3.

      [~Leaf3] bgp 200 instance evpn1
      [~Leaf3-bgp-instance-evpn1] l2vpn-family evpn
      [~Leaf3-bgp-instance-evpn1-af-evpn] peer 2.2.2.2 split-group sg1
      [*Leaf3-bgp-instance-evpn1-af-evpn] commit

    2. Configure the function to advertise re-originated MAC routes to BGP EVPN peers.

      # Configure Leaf2.

      [~Leaf2-bgp-instance-evpn1-af-evpn] peer 1.1.1.1 import reoriginate
      [*Leaf2-bgp-instance-evpn1-af-evpn] peer 1.1.1.1 advertise route-reoriginated evpn mac
      [*Leaf2-bgp-instance-evpn1-af-evpn] peer 3.3.3.3 import reoriginate
      [*Leaf2-bgp-instance-evpn1-af-evpn] peer 3.3.3.3 advertise route-reoriginated evpn mac
      [*Leaf2-bgp-instance-evpn1-af-evpn] quit
      [*Leaf2-bgp-instance-evpn1] quit
      [*Leaf2] commit

      # Configure Leaf3.

      [~Leaf3-bgp-instance-evpn1-af-evpn] peer 4.4.4.4 import reoriginate
      [*Leaf3-bgp-instance-evpn1-af-evpn] peer 4.4.4.4 advertise route-reoriginated evpn mac
      [*Leaf3-bgp-instance-evpn1-af-evpn] peer 2.2.2.2 import reoriginate
      [*Leaf3-bgp-instance-evpn1-af-evpn] peer 2.2.2.2 advertise route-reoriginated evpn mac
      [*Leaf3-bgp-instance-evpn1-af-evpn] quit
      [*Leaf3-bgp-instance-evpn1] quit
      [*Leaf3] commit

Verifying the Configuration

After completing the configurations, run the display vxlan tunnel command on leaf nodes to check VXLAN tunnel information and run the display vxlan peer command to check VXLAN peer information. The following example shows the command outputs on Leaf2.

[~Leaf2] display vxlan tunnel
Number of vxlan tunnel : 2
Tunnel ID   Source                Destination           State  Type     Uptime
-----------------------------------------------------------------------------------
4026531924  2.2.2.2               1.1.1.1               up     dynamic  00:39:19
4026531925  2.2.2.2               3.3.3.3               up     dynamic  00:39:09
[~Leaf2] display vxlan peer
Number of peers : 2
Vni ID    Source                  Destination            Type      Out Vni ID
-------------------------------------------------------------------------------
10        2.2.2.2                 1.1.1.1                dynamic   10
10        2.2.2.2                 3.3.3.3                dynamic   20

VM1 and VM2 can communicate at Layer 2.

Configuration File

  • Spine1 configuration file

    #
    sysname Spine1
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.10.1 255.255.255.0
    #
    interface 10GE1/0/2
     undo portswitch
     ip address 192.168.20.1 255.255.255.0
    #
    ospf 1
     area 0.0.0.0
      network 192.168.10.0 0.0.0.255
      network 192.168.20.0 0.0.0.255
    #
    return 
  • Leaf1 configuration file

    #
    sysname Leaf1
    #
    evpn-overlay enable
    #
    bridge-domain 10
     vxlan vni 10
     evpn
      route-distinguisher 10:1
      vpn-target 11:1 export-extcommunity
      vpn-target 11:1 import-extcommunity
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.10.2 255.255.255.0
    #
    interface 10GE1/0/2.1 mode l2
     encapsulation dot1q vid 10
     bridge-domain 10
    #
    interface LoopBack1
     ip address 1.1.1.1 255.255.255.255
    #
    interface Nve1
     source 1.1.1.1
     vni 10 head-end peer-list protocol bgp
    #
    bgp 100 instance evpn1
     peer 2.2.2.2 as-number 100
     peer 2.2.2.2 connect-interface LoopBack1
     #
     l2vpn-family evpn
      policy vpn-target
      peer 2.2.2.2 enable
    #
    ospf 1
     area 0.0.0.0
      network 1.1.1.1 0.0.0.0
      network 192.168.10.0 0.0.0.255
    #
    return
  • Leaf2 configuration file

    #
    sysname Leaf2
    #
    evpn-overlay enable
    #
    bridge-domain 10
     vxlan vni 10
     evpn
      route-distinguisher 20:1
      vpn-target 11:1 export-extcommunity
      vpn-target 11:1 import-extcommunity
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.20.2 255.255.255.0
    #
    interface 10GE1/0/2
     undo portswitch
     ip address 192.168.50.1 255.255.255.0
    #
    interface LoopBack1
     ip address 2.2.2.2 255.255.255.255
    #
    interface Nve1
     source 2.2.2.2
     vni 10 head-end peer-list protocol bgp
    #
    bgp 10
     peer 192.168.50.2 as-number 20
     #
     ipv4-family unicast
      network 2.2.2.2 255.255.255.255
      peer 192.168.50.2 enable
    #
    bgp 100 instance evpn1
     peer 1.1.1.1 as-number 100
     peer 1.1.1.1 connect-interface LoopBack1
     peer 3.3.3.3 as-number 200
     peer 3.3.3.3 ebgp-max-hop 255
     peer 3.3.3.3 connect-interface LoopBack1
     #
     l2vpn-family evpn
      policy vpn-target
      peer 1.1.1.1 enable
      peer 1.1.1.1 import reoriginate
      peer 1.1.1.1 advertise route-reoriginated evpn mac
      peer 3.3.3.3 enable
      peer 3.3.3.3 split-group sg1
      peer 3.3.3.3 import reoriginate
      peer 3.3.3.3 advertise route-reoriginated evpn mac
    #
    ospf 1
     area 0.0.0.0
      network 2.2.2.2 0.0.0.0
      network 192.168.20.0 0.0.0.255
    #
    return  
  • Spine2 configuration file

    #
    sysname Spine2
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.30.1 255.255.255.0
    #
    interface 10GE1/0/2
     undo portswitch
     ip address 192.168.40.1 255.255.255.0
    #
    ospf 1
     area 0.0.0.0
      network 192.168.30.0 0.0.0.255
      network 192.168.40.0 0.0.0.255
    #
    return
    
  • Leaf3 configuration file

    #
    sysname Leaf3
    #
    evpn-overlay enable
    #
    bridge-domain 10
     vxlan vni 20
     evpn
      route-distinguisher 30:1
      vpn-target 11:1 export-extcommunity
      vpn-target 11:1 import-extcommunity
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.30.2 255.255.255.0
    #
    interface 10GE1/0/2
     undo portswitch
     ip address 192.168.50.2 255.255.255.0
    #
    interface LoopBack1
     ip address 3.3.3.3 255.255.255.255
    #
    interface Nve1
     source 3.3.3.3
     vni 20 head-end peer-list protocol bgp
    #
    bgp 20
     peer 192.168.50.1 as-number 10
     #
     ipv4-family unicast
      network 3.3.3.3 255.255.255.255
      peer 192.168.50.1 enable
    #
    bgp 200 instance evpn1
     peer 2.2.2.2 as-number 100
     peer 2.2.2.2 ebgp-max-hop 255
     peer 2.2.2.2 connect-interface LoopBack1
     peer 4.4.4.4 as-number 200
     peer 4.4.4.4 connect-interface LoopBack1
     #
     l2vpn-family evpn
      policy vpn-target
      peer 2.2.2.2 enable
      peer 2.2.2.2 split-group sg1
      peer 2.2.2.2 import reoriginate
      peer 2.2.2.2 advertise route-reoriginated evpn mac
      peer 4.4.4.4 enable
      peer 4.4.4.4 import reoriginate
      peer 4.4.4.4 advertise route-reoriginated evpn mac
    #
    ospf 1
     area 0.0.0.0
      network 3.3.3.3 0.0.0.0
      network 192.168.30.0 0.0.0.255
    #
    return
    
  • Leaf4 configuration file

    #
    sysname Leaf4
    #
    evpn-overlay enable
    #
    bridge-domain 10
     vxlan vni 20
     evpn
      route-distinguisher 40:1
      vpn-target 11:1 export-extcommunity
      vpn-target 11:1 import-extcommunity
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.40.2 255.255.255.0
    #
    interface 10GE1/0/2.1 mode l2
     encapsulation dot1q vid 10
     bridge-domain 10
    #
    interface LoopBack1
     ip address 4.4.4.4 255.255.255.255
    #
    interface Nve1
     source 4.4.4.4
     vni 20 head-end peer-list protocol bgp
    #
    bgp 200 instance evpn1
     peer 3.3.3.3 as-number 200
     peer 3.3.3.3 connect-interface LoopBack1
     #
     l2vpn-family evpn
      policy vpn-target
      peer 3.3.3.3 enable
    #
    ospf 1
     area 0.0.0.0
      network 4.4.4.4 0.0.0.0
      network 192.168.40.0 0.0.0.255
    #
    return
Download
Updated: 2019-04-03

Document ID: EDOC1000039339

Views: 118284

Downloads: 7532

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next