No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

ME60 V800R010C10SPC500 Configuration Guide - LAN Access and MAN Access 01

This is ME60 V800R010C10SPC500 Configuration Guide - LAN Access and MAN Access
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring VXLAN in Distributed Gateway Mode Using BGP EVPN

Example for Configuring VXLAN in Distributed Gateway Mode Using BGP EVPN

This section provides an example for configuring VXLAN in distributed gateway mode using BGP EVPN.

Networking Requirements

Distributed VXLAN gateways can be configured to address problems that occur in legacy centralized VXLAN gateway networking, for example, forwarding paths are not optimal, and the ARP entry specification is a bottleneck.

On the network shown in Figure 17-20, an enterprise has VMs deployed in different data centers. VM 1 on Server 1 belongs to VLAN 10, and VM 1 on Server 2 belongs to VLAN 20. VM 1 on Server 1 and VM 1 on Server 2 reside on different network segments. To allow VM1s in different data centers to communicate with each other, configure distributed VXLAN gateways.

Figure 17-20 VXLAN in distributed gateway mode using BGP EVPN
NOTE:

In this example, most configurations are performed on Device 1, Device 2, and Device 3. Devices can be deployed as these devices.

Interface 1 and Interface 2 represent GE 1/0/0 and GE 1/0/1, respectively.


Table 17-5 Interface IP addresses

Device

Interface

IP Address

Device 1

GigabitEthernet 1/0/0

192.168.3.2/24

GigabitEthernet 1/0/1

192.168.2.2/24

LoopBack0

1.1.1.1/32

Device 2

GigabitEthernet 1/0/0

192.168.2.1/24

LoopBack0

2.2.2.2/32

Device 3

GigabitEthernet 1/0/0

192.168.3.1/24

LoopBack0

3.3.3.3/32

Configuration Roadmap

The configuration roadmap is as follows:
  1. Configure IGP to run between Device 1 and Device 2 and between Device 1 and Device 3.
  2. Configure a service access point on Device 2 and Device 3 to differentiate service traffic.
  3. Specify Device 1 as a BGP EVPN peer for Device 2 and Device 3.
  4. Specify Device 2 and Device 3 as BGP EVPN peers for Device 1 and configure Device 2 and Device 3 as RR clients.
  5. Configure VPN and EVPN instances on Device 2 and Device 3.
  6. Configure an ingress replication list on Device 2 and Device 3.
  7. Configure Device 2 and Device 3 as Layer 3 VXLAN gateways.
  8. Configure IRB route advertisement on Device 1, Device 2, and Device 3.

Data Preparation

To complete the configuration, you need the following data.

  • VMs' VLAN IDs (10 and 20)
  • IP addresses of interfaces connecting devices
  • BD IDs (10 and 20)
  • VNI IDs (10 and 20)
  • VNI ID in VPN instance (5010)

Procedure

  1. Configure IGP routing protocol.

    Assign an IP address to each interface on Device 1, Device 2, and Device 3 according to Figure 17-20.

    # Configure Device 1.

    <HUAWEI> system-view
    [~HUAWEI] sysname Device1
    [*HUAWEI] commit
    [~Device1] isis 1
    [*Device1-isis-1] network-entity 10.0000.0000.0001.00
    [*Device1-isis-1] quit
    [*Device1] commit
    [~Device1] interface loopback 0
    [*Device1-LoopBack0] ip address 1.1.1.1 32
    [*Device1-LoopBack0] isis enable 1
    [*Device1-LoopBack0] quit
    [*Device1] interface GigabitEthernet1/0/0
    [*Device1-GigabitEthernet1/0/0] ip address 192.168.3.2 24
    [*Device1-GigabitEthernet1/0/0] isis enable 1
    [*Device1-GigabitEthernet1/0/0] quit
    [*Device1] interface GigabitEthernet1/0/1
    [*Device1-GigabitEthernet1/0/1] ip address 192.168.2.2 24
    [*Device1-GigabitEthernet1/0/1] isis enable 1
    [*Device1-GigabitEthernet1/0/1] quit
    [*Device1] commit

    Repeat the other steps for Device 2 and Device 3. For configuration details, see Configuration Files in this section.

  2. Configure a service access point on Device 2 and Device 3.

    # Configure Device 2.

    [~Device2] bridge-domain 10
    [*Device2-bd10] quit
    [*Device2] interface GigabitEthernet1/0/1.1 mode l2
    [*Device2-GigabitEthernet1/0/1.1] encapsulation dot1q vid 10
    [*Device2-GigabitEthernet1/0/1.1] rewrite pop single
    [*Device2-GigabitEthernet1/0/1.1] bridge-domain 10
    [*Device2-GigabitEthernet1/0/1.1] quit
    [*Device2] commit

    Repeat this step for Device 3. For configuration details, see Configuration Files in this section.

  3. Specify Device 1 as a BGP EVPN peer for Device 2 and Device 3.

    # Specify Device 1 as a BGP EVPN peer for Device 2.
    [~Device2] bgp 100
    [*Device2-bgp] peer 1.1.1.1 as-number 100
    [*Device2-bgp] peer 1.1.1.1 connect-interface LoopBack0
    [*Device2-bgp] l2vpn-family evpn
    [*Device2-bgp-af-evpn] peer 1.1.1.1 enable
    [*Device2-bgp-af-evpn] peer 1.1.1.1 advertise encap-type vxlan
    [*Device2-bgp-af-evpn] quit
    [*Device2-bgp] quit
    [*Device2] commit

    Repeat this step for Device 3. For configuration details, see Configuration Files in this section.

  4. Specify Device 2 and Device 3 as BGP EVPN peers for Device 1 and configure them as RR clients.

    # Specify BGP EVPN peers for Device 1.
    [~Device1] bgp 100
    [*Device1-bgp] peer 2.2.2.2 as-number 100
    [*Device1-bgp] peer 2.2.2.2 connect-interface LoopBack0
    [*Device1-bgp] peer 3.3.3.3 as-number 100
    [*Device1-bgp] peer 3.3.3.3 connect-interface LoopBack0
    [*Device1-bgp] l2vpn-family evpn
    [*Device1-bgp-af-evpn] peer 2.2.2.2 enable
    [*Device1-bgp-af-evpn] peer 2.2.2.2 advertise encap-type vxlan
    [*Device1-bgp-af-evpn] peer 2.2.2.2 reflect-client
    [*Device1-bgp-af-evpn] peer 3.3.3.3 enable
    [*Device1-bgp-af-evpn] peer 3.3.3.3 advertise encap-type vxlan
    [*Device1-bgp-af-evpn] peer 3.3.3.3 reflect-client
    [*Device1-bgp-af-evpn] undo policy vpn-target
    [*Device1-bgp-af-evpn] quit
    [*Device1-bgp] quit
    [*Device1] commit

  5. Configure VPN and EVPN instances on Device 2 and Device 3.

    # Configure VPN and EVPN instances on Device 2.

    [~Device2] ip vpn-instance vpn1
    [*Device2-vpn-instance-vpn1] vxlan vni 5010
    [*Device2-vpn-instance-vpn1] ipv4-family
    [*Device2-vpn-instance-vpn1-af-ipv4] route-distinguisher 11:11
    [*Device2-vpn-instance-vpn1-af-ipv4] vpn-target 1:1
    [*Device2-vpn-instance-vpn1-af-ipv4] vpn-target 11:1 evpn
    [*Device2-vpn-instance-vpn1-af-ipv4] quit
    [*Device2-vpn-instance-vpn1] quit
    [*Device2] evpn vpn-instance evrf3 bd-mode
    [*Device2-evpn-instance-evrf3] route-distinguisher 10:1
    [*Device2-evpn-instance-evrf3] vpn-target 11:1
    [*Device2-evpn-instance-evrf3] quit
    [*Device2] bridge-domain 10
    [*Device2-bd10] vxlan vni 10 split-horizon-mode
    [*Device2-bd10] evpn binding vpn-instance evrf3
    [*Device2-bd10] quit
    [*Device2] commit

    Repeat this step for Device 3. For configuration details, see Configuration Files in this section.

  6. Configure an ingress replication list on Device 2 and Device 3.

    # Configure an ingress replication list on Device 2.
    [~Device2] interface nve 1
    [*Device2-Nve1] source 2.2.2.2
    [*Device2-Nve1] vni 10 head-end peer-list protocol bgp
    [*Device2-Nve1] quit
    [*Device2] commit

    Repeat this step for Device 3. For configuration details, see Configuration Files in this section.

  7. Configure Device 2 and Device 3 as Layer 3 VXLAN gateways.

    # Configure Device 2.

    [~Device2] interface Vbdif10
    [*Device2-Vbdif10] ip binding vpn-instance vpn1
    [*Device2-Vbdif10] ip address 10.1.1.1 255.255.255.0
    [*Device2-Vbdif10] arp distribute-gateway enable
    [*Device2-Vbdif10] arp collect host enable
    [*Device2-Vbdif10] quit
    [*Device2] commit

    Repeat this step for Device 3. Note that the IP addresses of VBDIF interfaces on Device 2 and Device 3 must belong to different network segments. For configuration details, see Configuration Files in this section.

  8. Configure IRB route advertisement on Device 1, Device 2, and Device 3.

    # Configure Device 1.

    [~Device1] bgp 100
    [~Device1-bgp] l2vpn-family evpn
    [~Device1-bgp-af-evpn] peer 2.2.2.2 advertise irb
    [*Device1-bgp-af-evpn] peer 3.3.3.3 advertise irb
    [*Device1-bgp-af-evpn] quit
    [*Device1-bgp] quit
    [*Device1] commit

    # Configure Device 2.

    [~Device2] bgp 100
    [~Device2-bgp] l2vpn-family evpn
    [~Device2-bgp-af-evpn] peer 1.1.1.1 advertise irb
    [*Device2-bgp-af-evpn] quit
    [*Device2-bgp] quit
    [*Device2] commit

    Repeat this step for Device 3. For configuration details, see Configuration Files in this section.

  9. Verify the configuration.

    After completing the configurations, run the display vxlan tunnel command on Device 2 and Device 3 to check VXLAN tunnel information. The following example uses the command output on Device 2.

    [*Device2] display vxlan tunnel
    Number of vxlan tunnel : 1
    Tunnel ID   Source           Destination      State  Type     Uptime
    --------------------------------------------------------------------
    4026531841  2.2.2.2          3.3.3.3          up     dynamic  0026h29m

    Run the display bgp evpn all routing-table command to check EVPN route information.

    [*Device2]display bgp evpn all routing-table
     Local AS number : 100
    
     BGP Local router ID is 2.2.2.2
     Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
                   h - history,  i - internal, s - suppressed, S - Stale
                   Origin : i - IGP, e - EGP, ? - incomplete
    
    
     EVN address family:
     Number of Mac Routes: 2
     Route Distinguisher: 10:1
           Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr)  NextHop
     *>    0:48:38cf-cf21-1200:0:0.0.0.0                          0.0.0.0
     Route Distinguisher: 20:1
           Network(EthTagId/MacAddrLen/MacAddr/IpAddrLen/IpAddr)  NextHop
     *>i   0:48:38cf-cf31-1200:0:0.0.0.0                          3.3.3.3
    
     EVN address family:
     Number of Inclusive Multicast Routes: 2
     Route Distinguisher: 10:1
           Network(EthTagId/IpAddrLen/OriginalIp)                 NextHop
     *>    0:32:2.2.2.2                                           0.0.0.0
     Route Distinguisher: 20:1
           Network(EthTagId/IpAddrLen/OriginalIp)                 NextHop
     *>i   0:32:3.3.3.3                                           3.3.3.3

    VM1s on different servers can communicate.

Configuration Files

  • Device 1 configuration file

    #
    sysname Device1
    #
    isis 1
     network-entity 10.0000.0000.0001.00
    #
    interface GigabitEthernet1/0/0
     undo shutdown
     ip address 192.168.3.2 255.255.255.0
     isis enable 1
    #
    interface GigabitEthernet1/0/1
     undo shutdown
     ip address 192.168.2.2 255.255.255.0
     isis enable 1
    #
    interface LoopBack0
     ip address 1.1.1.1 255.255.255.255
     isis enable 1
    #
    bgp 100
     peer 2.2.2.2 as-number 100
     peer 2.2.2.2 connect-interface LoopBack0
     peer 3.3.3.3 as-number 100
     peer 3.3.3.3 connect-interface LoopBack0
     #
     l2vpn-family evpn
      undo policy vpn-target
      peer 2.2.2.2 enable
      peer 2.2.2.2 advertise encap-type vxlan
      peer 2.2.2.2 advertise irb
      peer 2.2.2.2 reflect-client
      peer 3.3.3.3 enable
      peer 3.3.3.3 advertise encap-type vxlan
      peer 3.3.3.3 advertise irb
      peer 3.3.3.3 reflect-client
    #
    return
  • Device 2 configuration file

    #
    sysname Device2
    #
    isis 1
     network-entity 10.0000.0000.0002.00
    #
    ip vpn-instance vpn1
     ipv4-family
      route-distinguisher 11:11
      vpn-target 1:1 export-extcommunity
      vpn-target 11:1 export-extcommunity evpn
      vpn-target 1:1 import-extcommunity
      vpn-target 11:1 import-extcommunity evpn
     vxlan vni 5010
    #
    evpn vpn-instance evrf3 bd-mode
     route-distinguisher 10:1
     vpn-target 11:1 export-extcommunity
     vpn-target 11:1 import-extcommunity
    #
    bridge-domain 10
     vxlan vni 10 split-horizon-mode
     evpn binding vpn-instance evrf3
    #
    interface Vbdif10
     ip binding vpn-instance vpn1
     ip address 10.1.1.1 255.255.255.0
     arp collect host enable
     arp distribute-gateway enable
    #
    interface GigabitEthernet1/0/0
     undo shutdown
     ip address 192.168.2.1 255.255.255.0
     isis enable 1
    #
    interface GigabitEthernet1/0/1.1 mode l2
     encapsulation dot1q vid 10
     rewrite pop single
     bridge-domain 10
    #
    interface LoopBack0
     ip address 2.2.2.2 255.255.255.255
     isis enable 1
    #
    interface Nve1
     source 2.2.2.2
     vni 10 head-end peer-list protocol bgp
    #
    bgp 100
     peer 1.1.1.1 as-number 100
     peer 1.1.1.1 connect-interface LoopBack0
     #
     l2vpn-family evpn
      undo policy vpn-target
      peer 1.1.1.1 enable
      peer 1.1.1.1 advertise encap-type vxlan
      peer 1.1.1.1 advertise irb
    #
    return
  • Device 3 configuration file

    #
    sysname Device3
    #
    isis 1
     network-entity 10.0000.0000.0003.00
    #
    ip vpn-instance vpn1
     ipv4-family
      route-distinguisher 22:22
      vpn-target 2:2 export-extcommunity
      vpn-target 11:1 export-extcommunity evpn
      vpn-target 2:2 import-extcommunity
      vpn-target 11:1 import-extcommunity evpn
     vxlan vni 5010
    #
    evpn vpn-instance evrf3 bd-mode
     route-distinguisher 20:1
     vpn-target 11:1 export-extcommunity
     vpn-target 11:1 import-extcommunity
    #
    bridge-domain 20
     vxlan vni 20 split-horizon-mode
     evpn binding vpn-instance evrf3
    #
    interface Vbdif20
     ip binding vpn-instance vpn1
     ip address 20.1.1.1 255.255.255.0
     arp collect host enable
     arp distribute-gateway enable
    #
    interface GigabitEthernet1/0/0
     undo shutdown
     ip address 192.168.3.1 255.255.255.0
     isis enable 1
    #
    interface GigabitEthernet1/0/1.1 mode l2
     encapsulation dot1q vid 20
     rewrite pop single
     bridge-domain 20
    #
    interface LoopBack0
     ip address 3.3.3.3 255.255.255.255
     isis enable 1
    #
    interface Nve1
     source 3.3.3.3
     vni 20 head-end peer-list protocol bgp
    #
    bgp 100
     peer 1.1.1.1 as-number 100
     peer 1.1.1.1 connect-interface LoopBack0
     #
     l2vpn-family evpn
      undo policy vpn-target
      peer 1.1.1.1 enable
      peer 1.1.1.1 advertise encap-type vxlan
      peer 1.1.1.1 advertise irb
    #
    return
Translation
Download
Updated: 2019-01-04

Document ID: EDOC1100059440

Views: 29882

Downloads: 21

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next