华为VXLAN 3层互通(静态集中式网关)
网络2年前 (2021-02-13)
模拟需求为企业已经建成比较成熟的园区网络,但是没有专用的数据中心网络,所有的服务器分布在不同的部门,并且不具备集中放置的条件,现在用户希望在已有园区网络上构建一个虚拟的数据中心网络,需求如下:
1.将散落在不同部门的服务器构建成一个虚拟网络,实现资源整合和业务灵活部署
2.各服务器上部署着大量的VM,不同业务的VM之间需要实现三层互通
拓扑
企业在不同的数据中心都拥有自己的VM,Server1上的某个虚拟机属于VLAN10,Server3上的某个虚拟机属于VLAN 20,现需要通过VXLAN隧道实现不同业务的VM之间的三层互通
| 设备 | VXLAN隧道 | BD | VNI | Source IP | Peer IP |
| leaf1 | 10 | leaf1→spine | 10 | 2.2.2.2 | 1.1.1.1 |
| 20 | 20 | ||||
| leaf2 | 10 | leaf2→spine | 10 | 3.3.3.3 | 1.1.1.1 |
| 20 | 20 | ||||
| spine | 10 | spine→leaf1 | 10 | 1.1.1.1 | 2.2.2.2 |
| 20 | 20 | ||||
| 10 | spine→leaf2 | 10 | 3.3.3.3 | ||
| 20 | 20 |
过程
配置传统交换机SW1和SW2
分别在spine、leaf1、leaf2上配置动态路由协议,保证网络三层互通
分别在spine、leaf1、leaf2上配置VXLAN接入业务部署方式
分别在spine、leaf1、leaf2上配置VXLAN隧道
在spine上配置VXLAN三层网关
配置
sw1
system-view sysname SW1 undo info-center enable vlan batch 10 20 interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 20 interface GigabitEthernet0/0/2 port hybrid pvid vlan 10 port hybrid untagged vlan 10 interface GigabitEthernet0/0/3 port hybrid pvid vlan 20 port hybrid untagged vlan 20 quit
sw2
system-view sysname SW2 undo info-center enable vlan batch 10 20 interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 20 interface GigabitEthernet0/0/2 port hybrid pvid vlan 10 port hybrid untagged vlan 10 interface GigabitEthernet0/0/3 port hybrid pvid vlan 20 port hybrid untagged vlan 20 quit
leaf1
system-view immediately sysname leaf1 bridge-domain 10 vxlan vni 10 # interface GE1/0/0 undo shutdown undo portswitch ip address 172.16.1.2 24 # interface GE1/0/1 undo shutdown # interface GE1/0/1.10 mode l2 encapsulation dot1q vid 10 bridge-domain 10 # interface loopback 0 ip address 2.2.2.2 32 # interface nve 1 source 2.2.2.2 vni 10 head-end peer-list 1.1.1.1 vni 20 head-end peer-list 1.1.1.1 # ospf router-id 2.2.2.2 area 0 network 2.2.2.2 0.0.0.0 network 172.16.1.0 0.0.255.255 #
leaf2
system-view immediately sysname leaf2 bridge-domain 20 vxlan vni 20 # interface GE1/0/0 undo shutdown undo portswitch ip address 172.16.2.2 24 # interface GE1/0/1 undo shutdown # interface GE1/0/1.10 mode l2 encapsulation dot1q vid 10 bridge-domain 10 # interface GE1/0/1.20 mode l2 encapsulation dot1q vid 20 bridge-domain 20 # interface loopback 0 ip address 3.3.3.3 32 # interface nve 1 source 3.3.3.3 vni 10 head-end peer-list 1.1.1.1 vni 20 head-end peer-list 1.1.1.1 # ospf router-id 3.3.3.3 area 0 network 3.3.3.3 0.0.0.0 network 172.16.2.0 0.0.255.255 #
spine
system-view immediately sysname spine bridge-domain 10 vxlan vni 10 bridge-domain 20 vxlan vni 20 # interface vbdif 10 ip address 192.168.10.254 24 # interface vbdif 20 ip address 192.168.20.254 24 # interface loopback 0 ip address 1.1.1.1 32 # interface GE1/0/0 undo shutdown undo portswitch ip address 172.16.1.1 24 # interface GE1/0/1 undo shutdown undo portswitch ip address 172.16.2.1 24 # interface nve 1 source 1.1.1.1 vni 10 head-end peer-list 2.2.2.2 vni 20 head-end peer-list 2.2.2.2 vni 10 head-end peer-list 3.3.3.3 vni 20 head-end peer-list 3.3.3.3 # ospf router-id 1.1.1.1 area 0 network 1.1.1.1 0.0.0.0 network 172.16.0.0 0.0.255.255 #
本站所有文章均可随意转载,转载时请保留原文链接及作者。
,想必也是非常愉悦的事!
