No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VXLAN

CloudEngine 12800 and 12800E V200R003C00

This document describes the configurations of VXLAN.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring BFD for VXLAN in Centralized Gateway Mode for Static Tunnel Establishment

Example for Configuring BFD for VXLAN in Centralized Gateway Mode for Static Tunnel Establishment

Networking Requirements

On the network shown in Figure 12-7, an enterprise has VMs deployed in different data centers. VM1 on Server1 belongs to VLAN 10, and VM1 on Server2 belongs to VLAN 20. Server1 and Server2 reside on the same network segment. To allow VM1s in different data centers to communicate with each other, configure centralized VXLAN gateways. Whey there is a great number of VMs, using centralized replication reduces the gateway pressure. To improve network reliability, configure BFD for the VXLAN tunnels between the VXLAN gateways and Servicenode cluster. If a Servicenode fails, the VXLAN gateway connected to the Servicenode quickly detects this failure and switches its traffic to the backup Servicenode, thereby preventing traffic loss caused by slow fault awareness.

Figure 12-7 BFD for VXLAN in centralized gateway mode

Configuration Roadmap

The configuration roadmap is as follows:
  1. Configure a routing protocol on Device1 and Device2 to allow them to communicate at Layer 3.

  2. Configure service access points on Device1 and Device2 to differentiate service traffic.

  3. Use the ingress replication mode to configure a VXLAN tunnel between Device1 and Device2 to forward service traffic.

  4. Use the centralized replication mode to configure a VXLAN tunnel between Device1 and Servicenodes and between Device2 and Servicenodes, and deploy BFD for the VXLAN tunnels to improve network reliability.

Data Preparation

To complete the configuration, you need the following data:

  • VMs' VLAN IDs (10 and 20)

  • IP addresses of interfaces connecting devices

  • IGP running between devices (OSPF in this example)

  • BD IDs (10 and 20)

  • VNI ID (5010)

  • Servicenode addresses (3.3.3.3 and 4.4.4.4)

Precautions

For the CE12800, in addition to the configuration in the procedure, you may also need to run the following commands based on actual requirements:
  • Run the assign forward nvo3 service extend enable command in the system view to enable the NVO3 service extension function.

    NOTE:

    By default, the NVO3 service extension function is disabled on the device. After the NVO3 service is deployed on a device, there is a high probability that other ACL-consuming services such as MQC, simplified ACL, traffic policing, BD traffic statistics collection, and DHCP fail to be configured on the device. You can enable the NVO3 ACL extension function to lower the configuration failure probability of EC (except the CE-L48GT-EC and CE-L48GS-EC cards), ED, EF, and EG series cards.

  • Run the assign forward nvo3 f-linecard compatibility enable command in the system view to ensure that VXLAN traffic can be forwarded when the card interoperability mode is non-enhanced mode.

    NOTE:

    If VXLAN traffic is forwarded between cards when the card interoperability mode is non-enhanced mode, the VXLAN traffic may fail to be forwarded. To use the VXLAN function, you must configure the assign forward nvo3 f-linecard compatibility enable command when the card interoperability mode is non-enhanced mode.

VXLAN-related constraints are described in the procedure. To obtain more constraint information, see Licensing Requirements and Limitations for VXLANs.

Procedure

  1. Configure a routing protocol.

    Assign an IP address to each interface on Device1 and Device2. Ensure that the 32-bit loopback address of each device is advertised after OSPF is enabled.

    # Configure Device1.
    <HUAWEI> system-view
    [~HUAWEI] sysname Device1
    [*HUAWEI] commit
    [~Device1] interface loopback 1
    [*Device1-LoopBack1] ip address 1.1.1.1 32
    [*Device1-LoopBack1] quit
    [*Device1] interface 10ge 1/0/1
    [*Device1-10GE1/0/1] undo portswitch
    [*Device1-10GE1/0/1] ip address 192.168.1.1 24
    [*Device1-10GE1/0/1] quit
    [*Device1] ospf
    [*Device1-ospf-1] area 0
    [*Device1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0
    [*Device1-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255
    [*Device1-ospf-1-area-0.0.0.0] quit
    [*Device1-ospf-1] quit
    [*Device1] commit

    The configuration of Device2 is similar to the configuration of Device1. For configuration details, see Configuration Files in this section.

    After OSPF is configured, the devices can use OSPF to learn the IP addresses of loopback interfaces of each other and successfully ping each other.

  2. Configure service access points on Device1 and Device2.

    # Configure Device1.
    [~Device1] bridge-domain 10
    [*Device1-bd10] quit
    [*Device1] interface 10ge 1/0/2.1 mode l2
    [*Device1-10GE1/0/2.1] encapsulation dot1q vid 10
    [*Device1-10GE1/0/2.1] bridge-domain 10
    [*Device1-10GE1/0/2.1] quit
    [*Device1] commit

    The configuration of Device2 is similar to the configuration of Device1. For configuration details, see Configuration Files in this section.

  3. Configure VXLAN tunnels on Device1, Device2, and Servicenodes.

    [~Device1] bridge-domain 10
    [*Device1-bd10] vxlan vni 5010
    [*Device1-bd10] quit
    [*Device1] interface nve 1
    [*Device1-Nve1] source 1.1.1.1
    [*Device1-Nve1] vni 5010 head-end peer-list 2.2.2.2
    [*Device1-Nve1] vni 5010 flood-vtep 3.3.3.3
    [*Device1-Nve1] vni 5010 flood-vtep 4.4.4.4
    [*Device1-Nve1] quit
    [*Device1] commit

    The configuration of Device2 is similar to the configuration of Device1. For configuration details, see Configuration Files in this section.

  4. Deploy BFD for the VXLAN tunnels between devices and Servicenodes.

    # Configure Device1.

    [~Device1] bfd
    [*Device1-bfd] quit
    [*Device1] bfd a bind vxlan peer-ip 3.3.3.3 source-ip 1.1.1.1 peer-mac 3883-2011-1200 auto
    [*Device1-bfd-session-a] quit
    [*Device1] bfd b bind vxlan peer-ip 4.4.4.4 source-ip 1.1.1.1 peer-mac 3883-2021-1200 auto
    [*Device1-bfd-session-b] quit
    [*Device1] commit

    The configuration of Device2 is similar to the configuration of Device1. For configuration details, see Configuration Files in this section.

  5. Verify the configuration.

    After completing the configurations, run the display vxlan tunnel command on Device1 and Device2 to view the VXLAN tunnel information. The following example uses the command output on Device1.

    [~Device1] display vxlan tunnel
    Number of vxlan tunnel : 3
    Tunnel ID   Source                Destination           State  Type     Uptime                                                      
    -----------------------------------------------------------------------------------
    4026531841  1.1.1.1               2.2.2.2               up     static   0035h20m
    4026531842  1.1.1.1               3.3.3.3               up     static   0035h21m
    4026531843  1.1.1.1               4.4.4.4               up     static   0035h22m

    Run the display vxlan flood-vtep vni vni-id command to view the information about the centralized replication list.

    [~Device1] display vxlan flood-vtep vni 5010
    Number of peers : 2
    Vni ID    Source             Destination       Type       Status
    ----------------------------------------------------------------------
    5010      1.1.1.1            3.3.3.3           static     primary          
    5010      1.1.1.1            4.4.4.4           static     backup           
    

    Run the display bfd session all command to view the BFD information.

    [~Device1] display bfd session all
    S: Static session
    D: Dynamic session
    IP: IP session
    IF: Single-hop session
    PEER: Multi-hop session
    LDP: LDP session
    LSP: Label switched path
    TE: Traffic Engineering
    AUTO: Automatically negotiated session
    VXLAN: VXLAN session
    (w): State in WTR
    (*): State is invalid
    Total UP/DOWN Session Number : 2/0
    --------------------------------------------------------------------------------
    Local      Remote     PeerIpAddr      State     Type        InterfaceName 
    --------------------------------------------------------------------------------
    16385      16385      3.3.3.3         Up        S/AUTO-VXLAN       - 
    16386      16385      4.4.4.4         Up        S/AUTO-VXLAN       - 
    --------------------------------------------------------------------------------

Configuration Files

  • Device1 configuration file

    #
    sysname Device1
    #
    bfd
    #
    bridge-domain 10
     vxlan vni 5010
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.1.1 255.255.255.0
    #
    interface 10GE1/0/2.1 mode l2
     encapsulation dot1q vid 10
     bridge-domain 10
    #
    interface LoopBack1
     ip address 1.1.1.1 255.255.255.255
    #
    interface Nve1
     source 1.1.1.1
     vni 5010 head-end peer-list 2.2.2.2
     vni 5010 flood-vtep 3.3.3.3
     vni 5010 flood-vtep 4.4.4.4
    #
    bfd a bind vxlan peer-ip 3.3.3.3 source-ip 1.1.1.1 peer-mac 3883-2011-1200 auto
    #
    bfd b bind vxlan peer-ip 4.4.4.4 source-ip 1.1.1.1 peer-mac 3883-2021-1200 auto
    #
    ospf 1
     area 0.0.0.0
      network 1.1.1.1 0.0.0.0
      network 192.168.1.0 0.0.0.255
    #
    return
  • Device2 configuration file

    #
    sysname Device2
    #
    bfd
    #
    bridge-domain 20
     vxlan vni 5010
    #
    interface 10GE1/0/1
     undo portswitch
     ip address 192.168.2.1 255.255.255.0
    #
    interface 10GE1/0/2.1 mode l2
     encapsulation dot1q vid 20
     bridge-domain 20
    #
    interface LoopBack1
     ip address 2.2.2.2 255.255.255.255
    #
    interface Nve1
     source 2.2.2.2
     vni 5010 head-end peer-list 1.1.1.1
     vni 5010 flood-vtep 3.3.3.3
     vni 5010 flood-vtep 4.4.4.4
    #
    bfd a bind vxlan peer-ip 3.3.3.3 source-ip 2.2.2.2 peer-mac 3883-2011-1200 auto
    #
    bfd b bind vxlan peer-ip 4.4.4.4 source-ip 2.2.2.2 peer-mac 3883-2021-1200 auto
    #
    ospf 1
     area 0.0.0.0
      network 2.2.2.2 0.0.0.0
      network 192.168.2.0 0.0.0.255
    #
    return
Translation
Download
Updated: 2019-05-05

Document ID: EDOC1100004207

Views: 30970

Downloads: 66

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next