No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VXLAN

CloudEngine 12800 and 12800E V200R003C00

This document describes the configurations of VXLAN.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Application of VRRP over VXLAN in Inter-DC Master/Backup Gateway Scenarios Where Two VLXAN Networks Connect

Application of VRRP over VXLAN in Inter-DC Master/Backup Gateway Scenarios Where Two VLXAN Networks Connect

Service Description

To improve reliability of ever-growing services, some enterprises require DCs that have VXLAN configured to be deployed in different regions and multi-active gateways to be deployed in each DC. If one DC fails to work, the backup DC takes over services, thereby improving DC reliability.

Networking Description

On the network shown in Figure 6-7, two separate DCs are deployed. VXLAN tunnels are deployed between gateways and the access device in each DC, between gateways in different DCs, and between the access devices and gateways in the other DC. A dynamic fabric service (DFS) group is deployed on gateways in each DC to perform packet replication. It is required that the master/backup gateway status of the two DCs be determined using VRRP.

Figure 6-7 Inter-DC master and backup gateways on different VXLAN networks

Feature Deployment

To implement the inter-DC master/backup gateway function, perform the following operations:
  1. Establish a VXLAN tunnel between L3GWs in different DCs, and configure a VNI and bind it to a BD.

  2. Establish a VXLAN tunnel between each access device (Device) and each L3GW in each DC, and configure a VNI and bind it to a BD.

  3. Create a VBDIF interface on each L3GW and configure VRRP for master/backup gateway negotiation.

  4. Deploy a DFS group on the two L3GWs in each DC for packet replication, allowing active-active gateway implementation.

  5. Configure Layer 2 sub-interfaces on Device in each DC for host access.

  6. (Optional) Perform either of the following configurations to prevent packet loss during revertive switching after the master devices recover.

    • After VRRP status becomes stable, configure the two master VRRP devices to advertise VTEP routes after a delay that is longer than the time taken by VRRP-becoming-master. If the two master devices need to be restarted due to failures, manually power off one master device and do not restore it until the other master device recovers.

    • Configure a VTEP direct route on the loopback interfaces of the two master VRRP devices and associate the direct route with the VRRP status, so that the cost of the direct route can be adjusted according to the VRRP status. Specifically, if VRRP is not in the Master state, the cost increases, and the route priority decreases. Configure a dynamic routing protocol to import the direct route, to ensure that the VRRP status affects route selection of the dynamic routing protocol and traffic is imported to the recovery link only after VRRP status becomes Master. In addition, enable the backup VRRP devices to forward service traffic through VBDIF interfaces. If multiple VRRP groups need to be configured, configure the VRRP group that is associated with the loopback interface route as the mVRRP group and the rest as service VRRP groups, and bind the service VRRP groups to the mVRRP group.

NOTE:

The two L3GWs in each DC must have the same VTEP address, virtual IP address, and VRRP priority; otherwise, the VRRP status on the gateways of the other DC will flap.

After the configurations are complete, VRRP master/backup negotiation and network traffic forwarding are performed as follows:
  • VRRP master/backup negotiation: The VBDIF interfaces on the two L3GWs in DC1 send VRRP Advertisement packets through a VXLAN tunnel to DC2. Upon receipt, DC2 sends the VRRP Advertisement packets to both L3GW3 and L3GW4. If L3GW3 and L3GW4 find that the VRRP priority of DC1 is higher, they change their VRRP status to backup. If L3GW3 and L3GW4 find that the VRRP priority of DC1 is lower, they change their VRRP status to master.

  • Intra-subnet host traffic forwarding: Host traffic in the same network segment is forwarded at Layer 2 through the VXLAN tunnel between the two access devices in different DCs.

  • Inter-subnet host traffic forwarding: can be classified as host-to-host traffic forwarding or host-to-a network outside the DC traffic forwarding. The following example shows the forwarding process for host-to-VXLAN network traffic. After a service packet enters an access device in a DC, the device forwards the packet to an L3GW through a VXLAN tunnel. The L3GW performs VXLAN decapsulation and obtains the next-hop address and outbound interface after querying the route to the destination IP address carried in the decapsulated packet. The L3GW then sends the packet to the network side.

Translation
Download
Updated: 2019-05-05

Document ID: EDOC1100004207

Views: 29940

Downloads: 66

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next