Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document.
Note: Even the most advanced machine translation cannot match the quality of professional translators.
Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for configuring VXLAN to Enable Communication for Users in the Same Network Segment (BGP EVPN Mode)
Networking Requirements
An enterprise has constructed a mature campus network but does not have a dedicated data center network. All the servers of the enterprise are scattered in different departments and do not support centralized placement. The enterprise wants to construct a virtual data center network over the existing campus network to meet the following requirements:
- Servers scattered in different departments form a virtual network, realizing resource integration and flexible service deployment.
- A lot of VMs are deployed on servers. Servers in the same network segment achieve Layer 2 interconnection.
Figure 1-63 Configuring VXLAN to Enable Communication for Users in the Same Network Segment (BGP EVPN Mode)
![]()
This example uses the interface on the LE1D2S04SEC0, LE1D2X32SEC0, LE1D2H02QEC0, or X series card as the tunnel-side interface as an example to describe the configuration.
Data Preparation
Table 1-11 Configuring BGP EVPN-related data
Device |
EVPN Instance |
RD Value |
BD |
VNI |
Router ID |
Peer IP |
|---|---|---|---|---|---|---|
VTEP1 |
evpn10:
|
1:10 |
10 |
10 |
10.1.1.1 |
10.2.2.2 |
VTEP2 |
evpn10:
|
2:10 |
10 |
10 |
10.2.2.2 |
10.1.1.1 |
Configuration Roadmap
The configuration roadmap is as follows:
- Configure a routing protocol on Switch1, VTEP1, and VTEP2 to ensure Layer 3 interconnection.
- Configure a deployment mode for the VXLAN access service on VTEP1 and VTEP2, and configure a VLAN on Switch2 and Switch3.
- Configure an EVPN instance on VTEP1 and VTEP2, and bind the instance to a bridge domain (BD).
- Configure a BGP EVPN peer relationship between VTEP1 and VTEP2.
- Configure the destination address of the VXLAN tunnel on VTEP1 and VTEP2.
Layer 3 interconnection of the campus network is the basis of the virtual network. If Layer 3 interconnection has been implemented on the existing campus network, ignore step 1.
Procedure
- Configure a routing protocol.
# Configure IP addresses of interfaces on VTEP1. The configurations of Switch1 and VTEP2 are similar to those of VTEP1, and are not mentioned here. When OSPF is used, the loopback interface addresses of devices must be advertised.
<Quidway> system-view [Quidway] sysname VTEP1 [VTEP1] interface loopback 1 [VTEP1-LoopBack1] ip address 10.1.1.1 32 [VTEP1-LoopBack1] quit [VTEP1] interface gigabitethernet 1/0/1 [VTEP1-GigabitEthernet1/0/1] undo portswitch [VTEP1-GigabitEthernet1/0/1] ip address 192.168.1.1 24 [VTEP1-GigabitEthernet1/0/1] quit [VTEP1] ospf router-id 10.1.1.1 [VTEP1-ospf-1] area 0 [VTEP1-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.0 [VTEP1-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [VTEP1-ospf-1-area-0.0.0.0] quit [VTEP1-ospf-1] quit
# After OSPF is configured, VTEP1 and VTEP2 can learn the loopback interface address of each other and successfully ping each other. The following shows the result when VTEP1 pings VTEP2.
[VTEP1] ping 10.2.2.2 PING 10.2.2.2: 56 data bytes, press CTRL_C to break Reply from 10.2.2.2: bytes=56 Sequence=1 ttl=255 time=240 ms Reply from 10.2.2.2: bytes=56 Sequence=2 ttl=255 time=5 ms Reply from 10.2.2.2: bytes=56 Sequence=3 ttl=255 time=5 ms Reply from 10.2.2.2: bytes=56 Sequence=4 ttl=255 time=14 ms Reply from 10.2.2.2: bytes=56 Sequence=5 ttl=255 time=5 ms --- 10.2.2.2 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 5/53/240 ms - Configure VLAN access on Switch2 and Switch3 and configure the access point for the VXLAN service on VTEP1 and VTEP2.
# Configure Switch2.
<Quidway> system-view [Quidway] sysname Switch2 [Switch2] vlan batch 10 [Switch2] interface gigabitethernet 1/0/2 [Switch2-GigabitEthernet1/0/2] port link-type access [Switch2-GigabitEthernet1/0/2] port default vlan 10 [Switch2-GigabitEthernet1/0/2] quit [Switch2] interface gigabitethernet 1/0/1 [Switch2-GigabitEthernet1/0/1] port link-type trunk [Switch2-GigabitEthernet1/0/1] port trunk allow-pass vlan 10 [Switch2-GigabitEthernet1/0/1] quit
# Configure Switch3.
<Quidway> system-view [Quidway] sysname Switch3 [Switch3] vlan batch 10 [Switch3] interface gigabitethernet 1/0/2 [Switch3-GigabitEthernet1/0/2] port link-type access [Switch3-GigabitEthernet1/0/2] port default vlan 10 [Switch3-GigabitEthernet1/0/2] quit [Switch3] interface gigabitethernet 1/0/1 [Switch3-GigabitEthernet1/0/1] port link-type trunk [Switch3-GigabitEthernet1/0/1] port trunk allow-pass vlan 10 [Switch3-GigabitEthernet1/0/1] quit
# Configure VTEP1.
[VTEP1] bridge-domain 10 [VTEP1-bd10] quit [VTEP1] vcmp role silent [VTEP1] interface gigabitethernet 1/0/2 [VTEP1-GigabitEthernet1/0/2] port link-type trunk [VTEP1-GigabitEthernet1/0/2] quit [VTEP1] interface gigabitethernet 1/0/2.1 mode l2 [VTEP1-GigabitEthernet1/0/2.1] encapsulation dot1q vid 10 [VTEP1-GigabitEthernet1/0/2.1] bridge-domain 10 [VTEP1-GigabitEthernet1/0/2.1] quit
# Configure VTEP2.
[VTEP2] bridge-domain 10 [VTEP2-bd10] quit [VTEP2] vcmp role silent [VTEP2] interface gigabitethernet 1/0/2 [VTEP2-GigabitEthernet1/0/2] port link-type trunk [VTEP2-GigabitEthernet1/0/2] quit [VTEP2] interface gigabitethernet 1/0/2.1 mode l2 [VTEP2-GigabitEthernet1/0/2.1] encapsulation dot1q vid 10 [VTEP2-GigabitEthernet1/0/2.1] bridge-domain 10 [VTEP2-GigabitEthernet1/0/2.1] quit
- Configure an EVPN instance on VTEP1, and VTEP2, and bind the instance to a BD.
# Configure VTEP1.
[VTEP1] evpn vpn-instance evpn10 bd-mode [VTEP1-evpn-instance-evpn10] route-distinguisher 1:10 [VTEP1-evpn-instance-evpn10] vpn-target 10:1 both [VTEP1-evpn-instance-evpn10] quit [VTEP1] bridge-domain 10 [VTEP1-bd10] vxlan vni 10 [VTEP1-bd10] evpn binding vpn-instance evpn10 [VTEP1-bd10] quit
# Configure VTEP2.
[VTEP2] evpn vpn-instance evpn10 bd-mode [VTEP2-evpn-instance-evpn10] route-distinguisher 2:10 [VTEP2-evpn-instance-evpn10] vpn-target 10:1 both [VTEP2-evpn-instance-evpn10] quit [VTEP2] bridge-domain 10 [VTEP2-bd10] vxlan vni 10 [VTEP2-bd10] evpn binding vpn-instance evpn10 [VTEP2-bd10] quit
- Configure a BGP EVPN peer relationship among VTEP1 and VTEP2.
# Configure VTEP1.
[VTEP1] bgp 100 [VTEP1-bgp] router-id 10.1.1.1 [VTEP1-bgp] peer 10.2.2.2 as-number 100 [VTEP1-bgp] peer 10.2.2.2 connect-interface LoopBack1 [VTEP1-bgp] l2vpn-family evpn [VTEP1-bgp-af-evpn] peer 10.2.2.2 enable [VTEP1-bgp-af-evpn] quit [VTEP1-bgp] quit
# Configure VTEP2.
[VTEP2] bgp 100 [VTEP2-bgp] router-id 10.2.2.2 [VTEP2-bgp] peer 10.1.1.1 as-number 100 [VTEP2-bgp] peer 10.1.1.1 connect-interface LoopBack1 [VTEP2-bgp] l2vpn-family evpn [VTEP2-bgp-af-evpn] peer 10.1.1.1 enable [VTEP2-bgp-af-evpn] quit [VTEP2-bgp] quit
- Configure the destination address of the VXLAN tunnel on VTEP1, and VTEP2.
# Configure VTEP1.
[VTEP1] interface nve 1 [VTEP1-Nve1] source 10.1.1.1 [VTEP1-Nve1] vni 10 head-end peer-list protocol bgp [VTEP1-Nve1] quit
# Configure VTEP2.
[VTEP2] interface nve 1 [VTEP2-Nve1] source 10.2.2.2 [VTEP2-Nve1] vni 10 head-end peer-list protocol bgp [VTEP2-Nve1] quit
- Verify configuration results.
# After the preceding configuration, run the display vxlan vni and display vxlan tunnel commands on VTEP1 and VTEP2. You can view that the VNI state is up and VXLAN tunnel information is displayed. The following shows the result on VTEP1.
[VTEP1] display vxlan vni VNI BD-ID State ----------------------------------------- 10 10 up ----------------------------------------- Number of vxlan vni bound to BD is : 1 VNI VRF-ID ----------------------------------------- ----------------------------------------- Number of vxlan vni bound to VPN is : 0
[VTEP1] display vxlan tunnel Tunnel ID Source Destination State Type ---------------------------------------------------------------------------- 4026531841 10.1.1.1 10.2.2.2 up l2 dynamic ---------------------------------------------------------------------------- Number of vxlan tunnel : Total : 1 Static: 0 L2 dynamic: 1 L3 dynamic: 0
# After the configuration, users in the same network segment achieve Layer 2 interconnection. The following shows the result when Server1 VM1 pings Server2 VM1.
C:\Users\VM1>ping 192.168.10.11 Pinging 192.168.10.11 with 32 bytes of data: Reply from 192.168.10.11: bytes=32 time=1ms TTL=126 Reply from 192.168.10.11: bytes=32 time=1ms TTL=126 Reply from 192.168.10.11: bytes=32 time=1ms TTL=126 Reply from 192.168.10.11: bytes=32 time=1ms TTL=126 Ping statistics for 192.168.10.11: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 1ms, Maximum = 1ms, Average = 1ms
Configuration Files
Configuration file of Switch1
# sysname Switch1 # interface GigabitEthernet1/0/1 undo portswitch ip address 192.168.1.2 255.255.255.0 # interface GigabitEthernet1/0/2 undo portswitch ip address 192.168.2.1 255.255.255.0 # ospf 1 router-id 192.168.2.1 area 0.0.0.0 network 192.168.1.0 0.0.0.255 network 192.168.2.0 0.0.0.255 # return
Configuration file of VTEP1
# sysname VTEP1 # vcmp role silent # evpn vpn-instance evpn10 bd-mode route-distinguisher 1:10 vpn-target 10:1 export-extcommunity vpn-target 10:1 import-extcommunity # bridge-domain 10 vxlan vni 10 evpn binding vpn-instance evpn10 # interface GigabitEthernet1/0/1 undo portswitch ip address 192.168.1.1 255.255.255.0 # interface GigabitEthernet1/0/2 port link-type trunk # interface GigabitEthernet1/0/2.1 mode l2 encapsulation dot1q vid 10 bridge-domain 10 # interface LoopBack1 ip address 10.1.1.1 255.255.255.255 # interface Nve1 source 10.1.1.1 vni 10 head-end peer-list protocol bgp # bgp 100 router-id 10.1.1.1 peer 10.2.2.2 as-number 100 peer 10.2.2.2 connect-interface LoopBack1 # ipv4-family unicast undo synchronization peer 10.2.2.2 enable # l2vpn-family evpn policy vpn-target peer 10.2.2.2 enable # ospf 1 router-id 10.1.1.1 area 0.0.0.0 network 10.1.1.1 0.0.0.0 network 192.168.1.0 0.0.0.255 # return
Configuration file of VTEP2
# sysname VTEP2 # vcmp role silent # evpn vpn-instance evpn10 bd-mode route-distinguisher 2:10 vpn-target 10:1 export-extcommunity vpn-target 10:1 import-extcommunity # bridge-domain 10 vxlan vni 10 evpn binding vpn-instance evpn10 # interface GigabitEthernet1/0/1 undo portswitch ip address 192.168.2.2 255.255.255.0 # interface GigabitEthernet1/0/2 port link-type trunk # interface GigabitEthernet1/0/2.1 mode l2 encapsulation dot1q vid 10 bridge-domain 10 # interface LoopBack1 ip address 10.2.2.2 255.255.255.255 # interface Nve1 source 10.2.2.2 vni 10 head-end peer-list protocol bgp # bgp 100 router-id 10.2.2.2 peer 10.1.1.1 as-number 100 peer 10.1.1.1 connect-interface LoopBack1 # ipv4-family unicast undo synchronization peer 10.1.1.1 enable # l2vpn-family evpn policy vpn-target peer 10.1.1.1 enable # ospf 1 router-id 10.2.2.2 area 0.0.0.0 network 10.2.2.2 0.0.0.0 network 192.168.2.0 0.0.0.255 # return
Configuration file of Switch2
# sysname Switch2 # vlan batch 10 # interface GigabitEthernet1/0/1 port link-type trunk port trunk allow-pass vlan 10 # interface GigabitEthernet1/0/2 port link-type access port default vlan 10 # return
Configuration file of Switch3
# sysname Switch3 # vlan batch 10 # interface GigabitEthernet1/0/1 port link-type trunk port trunk allow-pass vlan 10 # interface GigabitEthernet1/0/2 port link-type access port default vlan 10 # return