组网需求
如下图的组网图所示,Router1为企业分支网关,Router2为企业总部网关,由于分支与总部之间用户的业务需求不同,则将其规划为不同网段。企业分支的PC_1与总部的PC_2终端用户所属VLAN ID分别为VLAN 10、VLAN 20。现企业希望通过分支与总部之间通过BGP EV**方式动态建立VXLAN隧道实现用户间互通
通过VXLAN三层网关通信组网图
配置思路
采用如下思路配置不同网段用户通过BGP EV**方式动态建立VXLAN隧道实现互通:
- 分别在Router1、Router2、Router3上配置路由协议,保证网络三层互通。
- 分别在Router1、Router2上配置VXLAN接入业务选择部署方式。
- 配置BGP EV**对等体关系。
- 在Router1和Router2上配置源端VTEP的IP地址。
- 在Router1和Router2上配置V**实例。
- 在Router1和Router2上配置三层网关。
- 在Router1与Router2之间配置BGP对邻居发布IP前缀类型的路由。
操作步骤
- 配置路由协议。
配置Router1。Router2和Router3的配置与Router1类似,这里不再赘述。配置OSPF时,需要发布设备上的32位Loopback接口地址。
代码语言:javascript复制
<Huawei> system-view
[Huawei] sysname Router1
[Router1] interface loopback 1
[Router1-LoopBack1] ip address 10.1.1.2 32
[Router1-LoopBack1] quit
[Router1] interface ethernet 2/0/0
[Router1-Ethernet2/0/0] undo portswitch
[Router1-Ethernet2/0/0] ip address 192.168.2.1 24
[Router1-Ethernet2/0/0] quit
[Router1] ospf
[Router1-ospf-1] area 0
[Router1-ospf-1-area-0.0.0.0] network 10.1.1.2 0.0.0.0
[Router1-ospf-1-area-0.0.0.0] network 192.168.2.0 0.0.0.255
[Router1-ospf-1-area-0.0.0.0] quit
[Router1-ospf-1] quit
OSPF成功配置后,Router之间可通过OSPF协议发现对方的Loopback接口的IP地址,并能互相ping通。以Router1 ping Router2的显示为例。
代码语言:javascript复制
[Router1] ping 10.2.2.2
PING 10.2.2.2: 56 data bytes, press CTRL_C to break
Reply from 10.2.2.2: bytes=56 Sequence=1 ttl=255 time=1 ms
Reply from 10.2.2.2: bytes=56 Sequence=2 ttl=255 time=5 ms
Reply from 10.2.2.2: bytes=56 Sequence=3 ttl=255 time=5 ms
Reply from 10.2.2.2: bytes=56 Sequence=4 ttl=255 time=2 ms
Reply from 10.2.2.2: bytes=56 Sequence=5 ttl=255 time=2 ms
--- 10.2.2.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/3/5 ms
- 分别在Router1、Router2上配置业务接入点。
配置Router1。Router2的配置与Router1类似,这里不再赘述。
代码语言:javascript复制
[Router1] bridge-domain 10
[Router1-bd10] quit
[Router1] interface ethernet 2/0/1.1 mode l2
[Router1-Ethernet2/0/1.1] encapsulation dot1q vid 10
[Router1-Ethernet2/0/1.1] bridge-domain 10
[Router1-Ethernet2/0/1.1] quit
- 配置BGP EV**对等体关系。
在Router1配置BGP EV**对等体关系。Router2的配置与Router1类似,这里不再赘述。
代码语言:javascript复制
[Router1] bgp 100
[Router1-bgp] peer 10.3.3.2 as-number 100
[Router1-bgp] peer 10.3.3.2 connect-interface LoopBack1
[Router1-bgp] l2V**-family eV**
[Router1-bgp-af-eV**] peer 10.3.3.2 enable
[Router1-bgp-af-eV**] quit
[Router1-bgp] quit
[Router1] interface nve 1
[Router1-Nve1] source 10.1.1.2
[Router1-Nve1] quit
- 在Router1和Router2上配置V**实例。
配置Router1。Router2的配置与Router1类似,这里不再赘述。
代码语言:javascript复制
[Router1] ip V**-instance V**1
[Router1-V**-instance-V**1] ipv4-family
[Router1-V**-instance-V**1-af-ipv4] route-distinguisher 100:1
[Router1-V**-instance-V**1-af-ipv4] V**-target 1:1 eV**
[Router1-V**-instance-V**1-af-ipv4] quit
[Router1-V**-instance-V**1] vxlan vni 5010
[Router1-V**-instance-V**1] quit
[Router1] bridge-domain 10
[Router1-bd10] vxlan vni 2010
[Router1-bd10] quit
- 在Router1和Router2上配置VXLAN三层网关并绑定V**实例。
配置Router1。Router2的配置与Router1类似,这里不再赘述。
代码语言:javascript复制
[Router1] interface vbdif 10
[Router1-Vbdif10] ip binding V**-instance V**1
[Router1-Vbdif10] ip address 192.168.10.10 24
[Router1-Vbdif10] quit
- 在Router1与Router2之间配置BGP对邻居发布IP前缀类型的路由。
配置Router1。Router2的配置与Router1类似,这里不再赘述。
代码语言:javascript复制
[Router1] bgp 100
[Router1-bgp] ipv4-family V**-instance V**1
[Router1-bgp-V**1] import-route direct
[Router1-bgp-V**1] advertise l2V** eV**
[Router1-bgp-V**1] quit
[Router1-bgp] quit
- 验证配置结果。
上述配置成功后,在Router1、Router2上执行命令display vxlan tunnel可查看到VXLAN隧道的信息。以Router1的显示为例。
代码语言:javascript复制
[Router3] display vxlan tunnel
Tunnel ID Source Destination State Type
----------------------------------------------------------------------------
4026531842 10.1.1.2 10.2.2.2 up dynamic
----------------------------------------------------------------------------
Number of vxlan tunnel : 2
配置文件
- Router1的配置文件
#
sysname Router1
#
ip V**-instance V**1
ipv4-family
route-distinguisher 100:1
V**-target 1:1 export-extcommunity eV**
V**-target 1:1 import-extcommunity eV**
vxlan vni 5010
#
bridge-domain 10
vxlan vni 2010
#
interface Ethernet2/0/0
undo portswitch
ip address 192.168.2.1 255.255.255.0
#
interface Ethernet2/0/1.1 mode l2
encapsulation dot1q vid 10
bridge-domain 10
#
interface LoopBack1
ip address 10.1.1.2 255.255.255.255
#
interface Vbdif10
ip binding V**-instance V**1
ip address 192.168.10.10 255.255.255.0
#
interface Nve1
source 10.1.1.2
#
bgp 100
peer 10.2.2.2 as-number 100
peer 10.2.2.2 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 10.2.2.2 enable
#
l2V**-family eV**
policy V**-target
peer 10.2.2.2 enable
#
ipv4-family V**-instance V**1
import-route direct
advertise l2V** eV**
#
ospf 1
area 0.0.0.0
network 10.1.1.2 0.0.0.0
network 192.168.2.0 0.0.0.255
#
return
- Router2的配置文件
#
sysname Router2
#
ip V**-instance V**1
ipv4-family
route-distinguisher 100:1
V**-target 1:1 export-extcommunity eV**
V**-target 1:1 import-extcommunity eV**
vxlan vni 5020
#
bridge-domain 20
vxlan vni 2020
#
interface Ethernet2/0/0
undo portswitch
ip address 192.168.3.1 255.255.255.0
#
interface Ethernet2/0/1.1 mode l2
encapsulation dot1q vid 20
bridge-domain 20
#
interface LoopBack1
ip address 10.2.2.2 255.255.255.255
#
interface Vbdif20
ip binding V**-instance V**1
ip address 192.168.20.10 255.255.255.0
#
interface Nve1
source 10.2.2.2
#
bgp 100
peer 10.1.1.2 as-number 100
peer 10.1.1.2 connect-interface LoopBack1
#
ipv4-family unicast
undo synchronization
peer 10.1.1.2 enable
#
l2V**-family eV**
policy V**-target
peer 10.1.1.2 enable
#
ipv4-family V**-instance V**1
import-route direct
advertise l2V** eV**
#
ospf 1
area 0.0.0.0
network 10.2.2.2 0.0.0.0
network 192.168.3.0 0.0.0.255
#
return
Router3的配置文件
#
sysname Router3
#
interface Ethernet2/0/1
undo portswitch
ip address 192.168.2.2 255.255.255.0
#
interface Ethernet2/0/2
undo portswitch
ip address 192.168.3.2 255.255.255.0
#
interface LoopBack1
ip address 10.3.3.2 255.255.255.255
#
ospf 1
area 0.0.0.0
network 10.3.3.2 0.0.0.0
network 192.168.2.0 0.0.0.255
network 192.168.3.0 0.0.0.255
#
return
