No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E-M2 V800R010C10SPC500 Feature Description - LAN Access and MAN Access 01

This is NE40E-M2 V800R010C10SPC500 Feature Description - LAN Access and MAN Access
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
VXLAN Active-Active Reliability

VXLAN Active-Active Reliability

Basic Concepts

In the scenario where an enterprise site and data center are interconnected, the VPN GWs (PE1 and PE2) and the enterprise Site (CPE) are connected through VXLAN tunnels to exchange L2/L3 services between the enterprise site (CPE) and data center. The data center gateway (CE1) is dual-homed to PE1 and PE2 to access the VXLAN network, which enhances network access reliability. When one PE fails, services can be rapidly switched to the other PE, minimizing the impact on services.

As shown in Figure 15-48, PE1 and PE2 use a virtual address as an NVE interface address at the network side, namely, the Anycast VTEP address. In this way, the CPE is aware of only one remote NVE interface and establishes a VXLAN tunnel with the virtual address. The packets from the CPE can reach CE1 through either PE1 or PE2. However, single-homed CEs may exist, such as CE2 and CE3. As a result, after reaching a PE, the packets from the CPE may need to be forwarded by the other PE to a single-homed CE. Therefore, a bypass VXLAN tunnel needs to be established between PE1 and PE2. An EVPN peer relationship is established between PE1 and PE2. Different addresses, namely, bypass VTEP addresses, are configured for PE1 and PE2 so that they can establish a bypass VXLAN tunnel.

Figure 15-48 Basic networking of the VXLAN active-active scenario

Control Plane

  • PE2 sends a multicast route to PE1. The source address of the route is the Anycast VTEP address shared by PE1 and PE2. The route carries the bypass VXLAN extended community attribute, including the bypass VTEP address of PE1.
  • After receiving the multicast route from PE2, PE1 considers that an Anycast relationship be established with PE2. This is because the source address (Anycast VTEP address) of the route is the same as the local virtual address of PE1 and the route carries the bypass VTEP extended community attribute. Based on the bypass VXLAN extended attribute of the route, PE1 establishes a bypass VXLAN tunnel to PE2.
  • PE1 learns the MAC address of the CEs through upstream packets at the AC side and advertises the routes to PE2 through BGP EVPN. The routes carry the ESI of the links accessed by the CEs, and information about the VLANs that the CE access, and bypass VXLAN extended community attribute.
  • PE1 learns the MAC address of the CPE through downstream packets at the network side, specifies that the next-hop address of the MAC route can be iterated to a static VXLAN tunnel, and advertises the route to PE2. The next-hop address of the MAC route cannot be changed.

Data Packets Processing

  • Layer 2 unicast packet forwarding

    • Uplink

      As shown in Figure 15-49, after receiving Layer 2 unicast packets destined for the CPE from CE1, CE2, and CE3, PE1 and PE2 search for their local MAC address table to obtain outbound interfaces, perform VXLAN encapsulation on the packets, and forward them to the CPE.

      Figure 15-49 Uplink unicast packet forwarding
    • Downlink

      As shown in Figure 15-50:

      After receiving a Layer 2 unicast packet sent by the CPE to CE1, PE1 performs VXLAN decapsulation on the packet, searches the local MAC address table for the destination MAC address, obtains the outbound interface, and forwards the packet to CE1.

      After receiving a Layer 2 unicast packet sent by the CPE to CE2, PE1 performs VXLAN decapsulation on the packet, searches the local MAC address table for the destination MAC address, obtains the outbound interface, and forwards the packet to CE2.

      After receiving a Layer 2 unicast packet sent by the CPE to CE3, PE1 performs VXLAN decapsulation on the packet, searches the local MAC address table for the destination MAC address, and forwards it to PE2 over the bypass VXLAN tunnel. After the packet reaches PE2, PE2 searches the destination MAC address, obtains the outbound interface, and forwards the packet to CE3.

      The process for PE2 to forward packets from the CPE is the same as that for PE1 to forward packets from the CPE.

      Figure 15-50 Downlink unicast packet forwarding
  • BUM packet forwarding

    • As shown in Figure 15-51, if the destination address of a BUM packet from the CPE is the Anycast VTEP address of PE1 and PE2, the BUM packet may be forwarded to either PE1 or PE2. If the BUM packet reaches PE2 first, PE2 sends a copy of the packet to CE3 and CE1. In addition, PE2 sends a copy of the packet to PE1 through the bypass VXLAN tunnel between PE1 and PE2. After the copy of the packet reaches PE1, PE1 sends it to CE2, not to the CPE or CE1. In this way, CE1 receives only one copy of the packet.

      Figure 15-51 BUM packets from the CPE
    • As shown in Figure 15-52, after a BUM packet from CE2 reaches PE1, PE1 sends a copy of the packet to CE1 and the CPE. In addition, PE1 sends a copy of the packet to PE2 through the bypass VXLAN tunnel between PE1 and PE2. After the copy of the packet reaches PE2, PE2 sends it to CE3, not to the CPE or CE1.

      Figure 15-52 BUM packets from CE2
    • As shown in Figure 15-53, after a BUM packet from CE1 reaches PE1, PE1 sends a copy of the packet to CE2 and the CPE. In addition, PE1 sends a copy of the packet to PE2 through the bypass VXLAN tunnel between PE1 and PE2. After the copy of the packet reaches PE2, PE2 sends it to CE3, not to the CPE or CE1.

      Figure 15-53 BUM packets from CE1
  • Layer 3 packets transmitted on the same subnet

    • Uplink

      As shown in Figure 15-49, after receiving Layer 3 unicast packets destined for the CPE from CE1, CE2, and CE3, PE1 and PE2 search for the destination address and directly forward them to the CPE because they are on the same network segment.

    • Downlink

      As shown in Figure 15-50:

      After the Layer 3 unicast packet sent from the CPE to CE1 reaches PE1, PE1 searches for the destination address and directly sends it to CE1 because they are on the same network segment.

      After the Layer 3 unicast packet sent from the CPE to CE2 reaches PE1, PE1 searches for the destination address and directly sends it to CE2 because they are on the same network segment.

      After the Layer 3 unicast packet sent from the CPE to CE3 reaches PE1, PE1 searches for the destination address and sends it to PE2, then sends it to CE3, because they are on the same network segment.

      The process for PE2 to forward packets from the CPE is the same as that for PE1 to forward packets from the CPE.

  • Layer 3 packets transmitted across subnets

    • Uplink

      As shown in Figure 15-49:

      Because the CPE is on a different network segment from PE1 and PE2, the destination MAC address of a Layer 3 unicast packet sent from CE1, CE2, or CE3 to the CPE is the MAC address of the BDIF interface on the Layer 3 gateway of PE1 or PE2. After receiving the packet, PE1 or PE2 removes the Layer 2 tag from the packet, searches for a matching Layer 3 routing entry, and obtains the outbound interface that is the BDIF interface connecting the CPE to the Layer 3 gateway. The BDIF interface searches the ARP table, obtains the destination MAC address, encapsulates the packet into a VXLAN packet, and sends it to the CPE through the VXLAN tunnel.

      After receiving the Layer 3 packet from PE1 or PE2, the CPE removes the Layer 2 tag from the packet because the destination MAC address is the MAC address of the BDIF interface on the CPE. Then the CPE searches the Layer 3 routing table to obtain a next-hop address to forward the packet.

    • Downlink

      As shown in Figure 15-50:

      Before sending a Layer 3 unicast packet to CE1 across subnets, the CPE searches its Layer 3 routing table and obtains the outbound interface that is the BDIF interface on the Layer 3 gateway connecting to PE1. The BDIF interface searches the ARP table to obtain the destination MAC address, encapsulates the packet into a VXLAN packet, and forwards it to PE1 over the VXLAN tunnel.

      After receiving the packet from the CPE, PE1 removes the Layer 2 tag from the packet because the destination address of the packet is the MAC address of PE1's BDIF interface. Then PE1 searches the Layer 3 routing table and obtains the outbound interface that is the BDIF interface connecting PE1 to its attached CE. The BDIF interface searches its ARP table and obtains the destination address, performs Layer-2 encapsulation for the packet, and sends it to CE1.

      The process for PE2 to forward packets from the CPE is the same as that for PE1 to forward packets from the CPE.

Download
Updated: 2019-01-02

Document ID: EDOC1100058405

Views: 18299

Downloads: 26

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next