No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE20E-S2 V800R010C10SPC500 Configuration Guide - LAN Access and MAN Access 01

This is NE20E-S2 V800R010C10SPC500 Configuration Guide - LAN Access and MAN Access
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Three-Segment VXLAN to Implement DCI

Configuring Three-Segment VXLAN to Implement DCI

Three-Segment VXLAN can be configured to enable communication between VMs in different DCs.

Usage Scenario

To meet the requirements of geographical redundancy, inter-regional operations, and user access, an increasing number of enterprises are deploying data centers (DCs) across multiple regions.Data Center Interconnect (DCI) is a solution that enables intercommunication between the VMs of multiple DCs. Using technologies such as VXLAN and BGP EVPN, DCI securely and reliably transmits DC packets over carrier networks. Three-segment VXLAN can be configured to enable communications between VMs in different DCs.

Pre-configuration Tasks

Before configuring three-segment VXLAN to implement DCI, complete the following tasks:

  • Configure an IGP in DCs.

Configuration Procedures

Perform one or more of the following configurations as required.

Configuring Three-Segment VXLAN to Implement Layer 3 Interworking

The three-segment VXLAN can be configured to enable communications between inter-subnet VMs in DCs that belong to different ASs.

Context

As shown in Figure 17-12, BGP EVPN must be configured to create VXLAN tunnels between distributed gateways in each DC and to create VXLAN tunnels between leaf nodes so that the inter-subnet VMs in DC A and DC B can communicate with each other.

When DC A and DC B belong to the same BGP AS, Leaf 2 or Leaf 3 does not forward EVPN routes received from an IBGP EVPN peer to other IBGP EVPN peers. Therefore, it is necessary to configure Leaf 2 and Leaf 3 as route reflectors (RRs).

Figure 17-12 Configuring the three-segment VXLAN tunnels

Procedure

  1. Configure BGP EVPN within DC A and DC B to establish VXLAN tunnels. For details, see Configuring VXLAN in Distributed Gateway Mode Using BGP EVPN.
  2. Configure BGP EVPN on Leaf 2 and Leaf 3 to establish a VXLAN tunnel between them. For details, see Configuring VXLAN in Distributed Gateway Mode Using BGP EVPN.
  3. (Optional) Configure Leaf 2 and Leaf 3 as RRs. For details, see Configuring a BGP Route Reflector.
  4. Configure Leaf 2 and Leaf 3 to advertise routes that are re-originated by the EVPN address family to BGP EVPN peers.
    1. Run bgp as-number

      The BGP view is displayed.

    2. Run l2vpn-family evpn

      The BGP-EVPN address family view is displayed.

    3. Run peer { ipv4-address | group-name } import reoriginate

      The function to re-originate routes received from BGP EVPN peers is enabled.

    4. Run peer { ipv4-address | group-name } advertise route-reoriginated evpn { mac-ip | ip }

      The function to advertise re-originated EVPN routes to BGP EVPN peers is enabled.

      After route re-origination is enabled, Leaf 2 or Leaf 3 changes the next hop of a received EVPN route to itself, replaces the router MAC address in the gateway MAC address attribute with its own router MAC address, and replaces the Layer 3 VNI with the VPN instance Layer 3 VNI.

  5. Run commit

    The configuration is committed.

Configuring Three-Segment VXLAN to Implement Layer 2 Interworking

Three-segment VXLAN tunnels can be configured to enable communication between VMs that belong to the same subnet but different DCs.

Context

On the network shown in Figure 17-13, VXLAN tunnels are configured both within DC A and DC B and between transit leaf nodes in both DCs. To enable communication between VM 1 and VM 2, implement Layer 2 communication between DC A and DC B. If the VXLAN tunnels within DC A and DC B use the same VXLAN Network Identifier (VNI), this VNI can also be used to establish a VXLAN tunnel between Transit Leaf 1 and Transit Leaf 2. In practice, however, different DCs have their own VNI spaces, and therefore the VXLAN tunnels within DC A and DC B mostly likely use different VNIs. To configure a VXLAN tunnel between Transit Leaf 1 and Transit Leaf 2 in such cases, perform a VNI conversion.

Such as shown in Figure 17-13, the VXLAN tunnel in DC A uses the VNI 10, and that in DC B uses the VNI 20. Transit Leaf 2's VNI (20) must be configured as the outbound VNI on Transit Leaf 1, and Transit Leaf 1's VNI (10) as the outbound VNI on Transit Leaf 2. After the configuration is complete, Layer 2 packets can be forwarded properly. Take DC A sending packets to DC B as an example. After receiving VXLAN packets within DC A, Transit Leaf 1 decapsulates the packets and then uses the outbound VNI 20 to re-encapsulate the packets before sending them to Transit Leaf 2. Upon receipt, Transit Leaf 2 forwards them as normal VXLAN packets.

Figure 17-13 Configuring three-segment VXLAN to implement Layer 2 interworking
NOTE:
  • Layer 2 communication between VMs in different DCs is implemented here, therefore avoiding the need to configure a Layer 3 gateway.

  • If DC A and DC B belong to the same AS, configure an RR on the edge device. If DC A and DC B do not belong to the same AS, establish an EBGP EVPN peer relationship between edge devices.

Procedure

  1. Configure BGP EVPN within DC A and DC B to establish VXLAN tunnels. For details, see Configuring VXLAN in Centralized Gateway Mode Using BGP EVPN. There is no need to configure a VXLAN Layer 3 gateway.
  2. Configure BGP EVPN on Transit Leaf 1 and Transit Leaf 2 to establish a VXLAN tunnel between them. For details, see Configuring VXLAN in Centralized Gateway Mode Using BGP EVPN. There is no need to configure a VXLAN Layer 3 gateway.
  3. Configure Transit Leaf 1 and Transit Leaf 2 to advertise routes that are re-originated by the EVPN address family to BGP EVPN peers.

    1. Run bgp as-number

      The BGP view is displayed.

    2. Run l2vpn-family evpn

      The BGP-EVPN address family view is displayed.

    3. Run peer { group-name | ipv4-address } split-group split-group-name

      A split horizon group (SHG) to which BGP EVPN peers (or peer groups) belong is configured.

      In Layer 2 interworking scenarios, to prevent forwarding BUM traffic from causing a loop, an SHG must be configured. Separately specify the name of the SHG between Transit Leaf 1 and Transit Leaf 2 on each, so that devices within DC A and DC B belong to the default SHG and Transit Leaf 1 and Transit Leaf 2 belong to the specified SHG. In this manner, when a transit leaf node receives BUM traffic, it does not forward traffic to a device belonging to the same SHG, therefore preventing loops.

    4. Run peer { ipv4-address | group-name } import reoriginate

      The function to re-originate routes received from BGP EVPN peers is enabled.

      Enable on transit leaf nodes the function to re-originate routes received from BGP EVPN peers within DCs and between the DCs (between transit leaf nodes).

    5. Run peer { ipv4-address | group-name } advertise route-reoriginated evpn mac

      The function to advertise re-originated EVPN routes to BGP EVPN peers is enabled.

      In Layer 2 interworking scenarios, configure the function to advertise only re-originated MAC routes to BGP EVPN peers. Enable on transit leaf nodes the function to advertise re-originated MAC routes to BGP EVPN peers within DCs and between the DCs (between transit leaf nodes).

    6. Run commit

      The configuration is committed.

Verifying the Configuration of Using Three-Segment VXLAN to Implement DCI

After configuring three-segment VXLAN to implement DCI, verify the configuration, such as EVPN instances and VXLAN tunnel information.

Prerequisites

Configurations of using three-segment VXLAN to implement DCI have been complete.

Procedure

  • Run the display bridge-domain [ bd-id [ brief | verbose ] ] command to check BD configurations.
  • Run the [ nve-number | main ] command to check NVE interface information.
  • Run the display evpn vpn-instance [ name vpn-instance-name ] command to check EVPN instance information.
  • Run the display bgp evpn peer [ [ ipv4-address ] verbose ] command to check BGP EVPN peer information.
  • Run the display vxlan peer [ vni vni-id ] command to check ingress replication lists of a VNI or all VNIs.
  • Run the display vxlan tunnel [ tunnel-id ] [ verbose ] command to check VXLAN tunnel information.
  • Run the display vxlan vni [ vni-id [ verbose ] ] command to check VNI information.
  • Run the display interface vbdif [ bd-id ] command to check VBDIF interface information and statistics.
  • Run the display mac-address limit bridge-domain bd-id command to check dynamically learning MAC address limiting configurations of a BD.
  • Run the display bgp evpn all routing-table command to check EVPN route information.
Translation
Download
Updated: 2019-01-02

Document ID: EDOC1100055378

Views: 16850

Downloads: 35

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next