No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Typical Configuration Examples

CloudEngine 12800, 12800E, 8800, 7800, 6800, and 5800 Series Switches

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Segment VXLAN to Implement Layer 2 Interworking (Mapping VNI Mode)

Example for Configuring Segment VXLAN to Implement Layer 2 Interworking (Mapping VNI Mode)

Applicable Products and Versions

This example applies to the CE12800, CE6870EI, and CE6875EI V200R003C00 or later.

This example applies to the CE12800E (equipped with ED-E, EG-E, and EGA-E series cards), CE5880EI, and CE6880EI V200R005C10 or later.

Networking Requirements

In Figure 2-52, VXLAN tunnels are established using BGP EVPN within data center A and data center B, and a VXLAN tunnel is established using BGP EVPN between Leaf2 and Leaf3. To enable communication between VM 1 and VM 2, implement Layer 2 communication between data center A and data center B. In this example, the VXLAN tunnel in data center A uses VNI 10 and that in data center B uses VNI 20. When a VXLAN tunnel is configured between Leaf2 and Leaf3, segment VXLAN needs to be configured for VNI conversion.

Figure 2-52 Configuring segment VXLAN to implement Layer 2 interworking
Table 2-14 IP addresses of interfaces

Device

Interface

IP Address

Device

Interface

IP Address

Spine1

10GE1/0/1

192.168.10.1/24

Spine2

10GE1/0/1

192.168.30.1/24

10GE1/0/2

192.168.20.1/24

10GE1/0/2

192.168.40.1/24

Leaf1

10GE1/0/1

192.168.10.2/24

Leaf4

10GE1/0/1

192.168.40.2/24

10GE1/0/2

-

10GE1/0/2

-

LoopBack1

1.1.1.1/32

LoopBack1

4.4.4.4/32

Leaf2

10GE1/0/1

192.168.20.2/24

Leaf3

10GE1/0/1

192.168.30.2/24

10GE1/0/2

192.168.50.1/24

10GE1/0/2

192.168.50.2/24

LoopBack1

2.2.2.2/32

LoopBack1

3.3.3.3/32

Configuration Roadmap

The configuration roadmap is as follows:
  1. Configure IP addresses of nodes.

  2. Configure a routing protocol to ensure route reachability between nodes.

  3. Establish VXLAN tunnels using BGP EVPN within data center A and data center B.

  4. Establish an inter-DC VXLAN tunnel using EBGP EVPN between Leaf2 and Leaf3.

  5. Configure segment VXLAN on Leaf2 and Leaf3.

Data Preparation

To complete the configuration, you need the following data:

  • VMs' VLAN IDs

  • BD IDs

  • VNI ID of the BD that data center A and data center B associate with

  • Mapping VNI ID between data center A and data center B

  • Number of the AS to which data center A and data center B belong

  • Name of the split horizon group to which the mapping VNI ID belongs

Procedure

  1. Assign an IP address to each interface (including each loopback interface) on each node.

    For configuration details, see Configuration Files in this section.

  2. Configure a routing protocol.

    Configure an IGP within a data center or configure EBGP between data centers. OSPF is used in this example.

    For configuration details, see Configuration Files in this section.

  3. Configure the VXLAN tunnel mode and enable the VXLAN ACL extension function. (This step only needs to be performed on the CE12800, CE6870EI, and CE6875EI.)

    # Configure Leaf1. Repeat this step for Leaf2, Leaf3, and Leaf4.

    <Leaf1> system-view
    [~Leaf1] ip tunnel mode vxlan
    [*Leaf1] assign forward nvo3 acl extend enable
    [*Leaf1] commit
    NOTE:

    After configuring the VXLAN tunnel mode and enabling the VXLAN ACL extension function, you need to save the configuration and restart the device to make the configuration take effect. You can restart the device immediately or after all the configurations are complete.

  4. (CE12800) Set the card interoperability mode of Leaf2 and Leaf3 to enhanced mode.

    # Configure Leaf2. Repeat this step for Leaf3.

    [~Leaf2] set forward capability enhanced
    Warning: Current configuration should be committed and saved, and it will take effect after reboot. [Y/N]: y
    [*Leaf2] commit
    NOTE:

    After setting the card interoperability mode to enhanced mode, you need to save the configuration and restart the switch to make the configuration take effect. You can restart the switch immediately or after all the configurations are complete.

  5. Establish VXLAN tunnels using BGP EVPN within data center A and data center B.
    1. Configure service access points on Leaf1 and Leaf4.

      # Configure Leaf1. Repeat this step for Leaf4.

      [~Leaf1] bridge-domain 10
      [*Leaf1-bd10] quit
      [*Leaf1] interface 10ge 1/0/2.1 mode l2
      [*Leaf1-10GE1/0/2.1] encapsulation dot1q vid 10
      [*Leaf1-10GE1/0/2.1] bridge-domain 10
      [*Leaf1-10GE1/0/2.1] quit
      [*Leaf1] commit

    2. Enable EVPN as the VXLAN control plane on leaf nodes.

      # Configure Leaf1. Repeat this step for Leaf2, Leaf3, and Leaf4.

      [~Leaf1] evpn-overlay enable
      [*Leaf1] commit

    3. Establish a BGP EVPN peer relationship between Leaf1 and Leaf2 in data center A, and establish a BGP EVPN peer relationship between Leaf3 and Leaf4 in data center B.

      # Establish a BGP EVPN peer relationship on Leaf1. Repeat this step for Leaf2, Leaf3, and Leaf4.

      [~Leaf1] bgp 100 instance evpn1
      [*Leaf1-bgp-instance-evpn1] peer 2.2.2.2 as-number 100
      [*Leaf1-bgp-instance-evpn1] peer 2.2.2.2 connect-interface LoopBack1
      [*Leaf1-bgp-instance-evpn1] l2vpn-family evpn
      [*Leaf1-bgp-instance-evpn1-af-evpn] peer 2.2.2.2 enable
      [*Leaf1-bgp-instance-evpn1-af-evpn] quit
      [*Leaf1-bgp-instance-evpn1] quit
      [*Leaf1] commit

    4. Configure EVPN instances on Leaf1 and Leaf4.

      # Configure Leaf1. Repeat this step for Leaf4.

      [~Leaf1] bridge-domain 10
      [~Leaf1-bd10] vxlan vni 10
      [*Leaf1-bd10] evpn
      [*Leaf1-bd10-evpn] route-distinguisher 10:1
      [*Leaf1-bd10-evpn] vpn-target 11:1
      [*Leaf1-bd10-evpn] quit
      [*Leaf1-bd10] quit
      [*Leaf1] commit

    5. Enable ingress replication on leaf nodes.

      # Configure Leaf1. Repeat this step for Leaf2, Leaf3, and Leaf4.

      [~Leaf1] interface nve 1
      [*Leaf1-Nve1] source 1.1.1.1
      [*Leaf1-Nve1] vni 10 head-end peer-list protocol bgp
      [*Leaf1-Nve1] quit
      [*Leaf1] commit

  6. Establish an EBGP EVPN peer relationship between Leaf2 and Leaf3.

    # Configure Leaf2.

    [~Leaf2] bgp 100 instance evpn1
    [*Leaf2-bgp-instance-evpn1] peer 3.3.3.3 as-number 200
    [*Leaf2-bgp-instance-evpn1] peer 3.3.3.3 connect-interface LoopBack1
    [*Leaf2-bgp-instance-evpn1] peer 3.3.3.3 ebgp-max-hop 255
    [*Leaf2-bgp-instance-evpn1] l2vpn-family evpn
    [*Leaf2-bgp-instance-evpn1-af-evpn] peer 3.3.3.3 enable
    [*Leaf2-bgp-instance-evpn1-af-evpn] quit
    [*Leaf2-bgp-instance-evpn1] quit
    [*Leaf2] commit

    # Configure Leaf3.

    [~Leaf3] bgp 200 instance evpn1
    [*Leaf3-bgp-instance-evpn1] peer 2.2.2.2 as-number 100
    [*Leaf3-bgp-instance-evpn1] peer 2.2.2.2 connect-interface LoopBack1
    [*Leaf3-bgp-instance-evpn1] peer 2.2.2.2 ebgp-max-hop 255
    [*Leaf3-bgp-instance-evpn1] l2vpn-family evpn
    [*Leaf3-bgp-instance-evpn1-af-evpn] peer 2.2.2.2 enable
    [*Leaf3-bgp-instance-evpn1-af-evpn] quit
    [*Leaf3-bgp-instance-evpn1] quit
    [*Leaf3] commit

  7. Configure Segment VXLAN on Leaf2 and Leaf3.
    1. Configure a split horizon group to which BGP EVPN peers belong.

      # Configure Leaf2.

      [~Leaf2] bgp 100 instance evpn1
      [~Leaf2-bgp-instance-evpn1] l2vpn-family evpn
      [~Leaf2-bgp-instance-evpn1-af-evpn] peer 3.3.3.3 split-group sg1
      [*Leaf2-bgp-instance-evpn1-af-evpn] commit

      # Configure Leaf3.

      [~Leaf3] bgp 200 instance evpn1
      [~Leaf3-bgp-instance-evpn1] l2vpn-family evpn
      [~Leaf3-bgp-instance-evpn1-af-evpn] peer 2.2.2.2 split-group sg1
      [*Leaf3-bgp-instance-evpn1-af-evpn] commit

    2. Configure the function to advertise re-originated MAC routes to BGP EVPN peers.

      # Configure Leaf2.

      [~Leaf2-bgp-instance-evpn1-af-evpn] peer 1.1.1.1 import reoriginate
      [*Leaf2-bgp-instance-evpn1-af-evpn] peer 1.1.1.1 advertise route-reoriginated evpn mac
      [*Leaf2-bgp-instance-evpn1-af-evpn] peer 3.3.3.3 import reoriginate
      [*Leaf2-bgp-instance-evpn1-af-evpn] peer 3.3.3.3 advertise route-reoriginated evpn mac
      [*Leaf2-bgp-instance-evpn1-af-evpn] quit
      [*Leaf2-bgp-instance-evpn1] quit
      [*Leaf2] commit

      # Configure Leaf3.

      [~Leaf3-bgp-instance-evpn1-af-evpn] peer 4.4.4.4 import reoriginate
      [*Leaf3-bgp-instance-evpn1-af-evpn] peer 4.4.4.4 advertise route-reoriginated evpn mac
      [*Leaf3-bgp-instance-evpn1-af-evpn] peer 2.2.2.2 import reoriginate
      [*Leaf3-bgp-instance-evpn1-af-evpn] peer 2.2.2.2 advertise route-reoriginated evpn mac
      [*Leaf3-bgp-instance-evpn1-af-evpn] quit
      [*Leaf3-bgp-instance-evpn1] quit
      [*Leaf3] commit

    3. Configure the mapping VNI of the associated BD, and specify the split horizon group to which the mapping VNI belongs.

      # Configure Leaf2.

      [~Leaf2] bridge-domain 10
      [~Leaf2-bd10] vxlan vni 30 split-group sg1
      [*Leaf2-bd10] quit
      [*Leaf2] commit

      # Configure Leaf3.

      [~Leaf3] bridge-domain 10
      [~Leaf3-bd10] vxlan vni 30 split-group sg1
      [*Leaf3-bd10] quit
      [*Leaf3] commit

  8. Configure EVPN instances on Leaf2 and Leaf3.

    # Configure Leaf2.

    [~Leaf2] bridge-domain 10
    [~Leaf2-bd10] vxlan vni 10
    [*Leaf2-bd10] evpn
    [*Leaf2-bd10-evpn] route-distinguisher 20:1
    [*Leaf2-bd10-evpn] vpn-target 11:1
    [*Leaf2-bd10-evpn] quit
    [*Leaf2-bd10] quit
    [*Leaf2] commit

    # Configure Leaf3.

    [~Leaf3] bridge-domain 10
    [~Leaf3-bd10] vxlan vni 20
    [*Leaf3-bd10] evpn
    [*Leaf3-bd10-evpn] route-distinguisher 30:1
    [*Leaf3-bd10-evpn] vpn-target 11:1
    [*Leaf3-bd10-evpn] quit
    [*Leaf3-bd10] quit
    [*Leaf3] commit

  9. Configure ingress replication of the mapping VNI on Leaf2 and Leaf3.

    # Configure Leaf2.

    [~Leaf2] interface nve 1
    [*Leaf2-Nve1] vni 30 head-end peer-list protocol bgp
    [*Leaf2-Nve1] quit
    [*Leaf2] commit

    # Configure Leaf3.

    [~Leaf3] interface nve 1
    [*Leaf3-Nve1] vni 30 head-end peer-list protocol bgp
    [*Leaf3-Nve1] quit
    [*Leaf3] commit

Verifying the Configuration

After completing the configurations, run the display vxlan tunnel command on leaf nodes to check VXLAN tunnel information and run the display vxlan peer command to check VXLAN peer information. The following example shows the command outputs on Leaf2.

[~Leaf2] display vxlan tunnel
Number of vxlan tunnel : 2
Tunnel ID   Source                Destination           State  Type     Uptime
-----------------------------------------------------------------------------------
4026531924  2.2.2.2               1.1.1.1               up     dynamic  00:39:19  
4026531925  2.2.2.2               3.3.3.3               up     dynamic  00:39:09 
[~Leaf2] display vxlan peer
Number of peers : 2
Vni ID    Source                  Destination            Type      Out Vni ID
-------------------------------------------------------------------------------
10        2.2.2.2                 1.1.1.1                dynamic   10
30        2.2.2.2                 3.3.3.3                dynamic   30

VM1 and VM2 can communicate at Layer 2.

Configuration File

The following example is the CE12800 configuration file.

  • Spine1 configuration file

    #
    sysname Spine1
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.10.1 255.255.255.0
    #               
    interface 10GE1/0/2
     undo portswitch
     ip address 192.168.20.1 255.255.255.0
    #               
    ospf 1          
     area 0.0.0.0   
      network 192.168.10.0 0.0.0.255
      network 192.168.20.0 0.0.0.255
    #               
    return 
  • Leaf1 configuration file

    #
    sysname Leaf1
    #
    assign forward nvo3 acl extend enable
    #
    evpn-overlay enable
    #
    bridge-domain 10
     vxlan vni 10
     evpn
      route-distinguisher 10:1
      vpn-target 11:1 export-extcommunity
      vpn-target 11:1 import-extcommunity
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.10.2 255.255.255.0
    #
    interface 10GE1/0/2.1 mode l2
     encapsulation dot1q vid 10
     bridge-domain 10
    #
    interface LoopBack1
     ip address 1.1.1.1 255.255.255.255
    #
    interface Nve1
     source 1.1.1.1
     vni 10 head-end peer-list protocol bgp
    #
    bgp 100 instance evpn1
     peer 2.2.2.2 as-number 100
     peer 2.2.2.2 connect-interface LoopBack1
     #
     l2vpn-family evpn
      policy vpn-target
      peer 2.2.2.2 enable
    #
    ospf 1
     area 0.0.0.0
      network 1.1.1.1 0.0.0.0
      network 192.168.10.0 0.0.0.255
    #
    return
  • Leaf2 configuration file

    #
    sysname Leaf2
    #
    set forward capability enhanced
    #
    assign forward nvo3 acl extend enable
    #
    evpn-overlay enable
    #
    bridge-domain 10
     vxlan vni 10
     vxlan vni 30 split-group sg1
     evpn
      route-distinguisher 20:1
      vpn-target 11:1 export-extcommunity
      vpn-target 11:1 import-extcommunity
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.20.2 255.255.255.0
    #
    interface 10GE1/0/2
     undo portswitch
     ip address 192.168.50.1 255.255.255.0
    #
    interface LoopBack1
     ip address 2.2.2.2 255.255.255.255
    #
    interface Nve1
     source 2.2.2.2
     vni 10 head-end peer-list protocol bgp
     vni 30 head-end peer-list protocol bgp
    #
    bgp 10
     peer 192.168.50.2 as-number 20
     #
     ipv4-family unicast
      network 2.2.2.2 255.255.255.255
      peer 192.168.50.2 enable
    #
    bgp 100 instance evpn1
     peer 1.1.1.1 as-number 100
     peer 1.1.1.1 connect-interface LoopBack1
     peer 3.3.3.3 as-number 200
     peer 3.3.3.3 ebgp-max-hop 255
     peer 3.3.3.3 connect-interface LoopBack1
     #
     l2vpn-family evpn
      policy vpn-target
      peer 1.1.1.1 enable
      peer 1.1.1.1 import reoriginate
      peer 1.1.1.1 advertise route-reoriginated evpn mac
      peer 3.3.3.3 enable
      peer 3.3.3.3 split-group sg1
      peer 3.3.3.3 import reoriginate
      peer 3.3.3.3 advertise route-reoriginated evpn mac
    #
    ospf 1
     area 0.0.0.0
      network 2.2.2.2 0.0.0.0
      network 192.168.20.0 0.0.0.255
    #
    return  
  • Spine2 configuration file

    #
    sysname Spine2
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.30.1 255.255.255.0
    #               
    interface 10GE1/0/2
     undo portswitch
     ip address 192.168.40.1 255.255.255.0
    #               
    ospf 1          
     area 0.0.0.0   
      network 192.168.30.0 0.0.0.255
      network 192.168.40.0 0.0.0.255
    #               
    return
    
  • Leaf3 configuration file

    #
    sysname Leaf3
    #
    set forward capability enhanced
    #
    assign forward nvo3 acl extend enable
    #
    evpn-overlay enable
    #
    bridge-domain 10
     vxlan vni 20
     vxlan vni 30 split-group sg1
     evpn
      route-distinguisher 30:1
      vpn-target 11:1 export-extcommunity
      vpn-target 11:1 import-extcommunity
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.30.2 255.255.255.0
    #
    interface 10GE1/0/2
     undo portswitch
     ip address 192.168.50.2 255.255.255.0
    #
    interface LoopBack1
     ip address 3.3.3.3 255.255.255.255
    #
    interface Nve1
     source 3.3.3.3
     vni 20 head-end peer-list protocol bgp
     vni 30 head-end peer-list protocol bgp
    #
    bgp 20
     peer 192.168.50.1 as-number 10
     #
     ipv4-family unicast
      network 3.3.3.3 255.255.255.255
      peer 192.168.50.1 enable
    #
    bgp 200 instance evpn1
     peer 2.2.2.2 as-number 100
     peer 2.2.2.2 ebgp-max-hop 255
     peer 2.2.2.2 connect-interface LoopBack1
     peer 4.4.4.4 as-number 200
     peer 4.4.4.4 connect-interface LoopBack1
     #
     l2vpn-family evpn
      policy vpn-target
      peer 2.2.2.2 enable
      peer 2.2.2.2 split-group sg1
      peer 2.2.2.2 import reoriginate
      peer 2.2.2.2 advertise route-reoriginated evpn mac
      peer 4.4.4.4 enable
      peer 4.4.4.4 import reoriginate
      peer 4.4.4.4 advertise route-reoriginated evpn mac
    #
    ospf 1
     area 0.0.0.0
      network 3.3.3.3 0.0.0.0
      network 192.168.30.0 0.0.0.255
    #
    return
    
  • Leaf4 configuration file

    #
    sysname Leaf4
    #
    assign forward nvo3 acl extend enable
    #
    evpn-overlay enable
    #
    bridge-domain 10
     vxlan vni 20
     evpn
      route-distinguisher 40:1
      vpn-target 11:1 export-extcommunity
      vpn-target 11:1 import-extcommunity
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.40.2 255.255.255.0
    #
    interface 10GE1/0/2.1 mode l2
     encapsulation dot1q vid 10
     bridge-domain 10
    #
    interface LoopBack1
     ip address 4.4.4.4 255.255.255.255
    #
    interface Nve1
     source 4.4.4.4
     vni 20 head-end peer-list protocol bgp
    #
    bgp 200 instance evpn1
     peer 3.3.3.3 as-number 200
     peer 3.3.3.3 connect-interface LoopBack1
     #
     l2vpn-family evpn
      policy vpn-target
      peer 3.3.3.3 enable
    #
    ospf 1
     area 0.0.0.0
      network 4.4.4.4 0.0.0.0
      network 192.168.40.0 0.0.0.255
    #
    return
Download
Updated: 2019-04-03

Document ID: EDOC1000039339

Views: 116508

Downloads: 7528

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next