Shulou(Shulou.com)06/02 Report--

1. Basic VXLAN

2. Experimental topology

Leaf-1A and Leaf-1B deploy VXLAN,Leaf-1a and leaf-1b switches to statically create VXLAN tunnels to communicate with PC1 and PC2 of the same network segment

Configuration ideas:

1. Spine1 leaf-a leaf-b configures loopback port as vtep ip

2. Spine1 leaf-1 leaf-b configure ospf protocol

3. Spine1, as transit, does not need to configure vxlan, and forwards vxlan according to normal ip.

4. Leaf-a,leaf-b, as a nve switch, creates vxlan tunnel communication and configures service access points.

5. Lsw1, as a switch, is responsible for labeling vlan and dividing pc into vlan10.

6. Pc1,pc2 does not need to configure gateway address to simulate layer 2 communication.

2.1Configuring the ip address of Spine-1, which is called "Mutawa", "Mutam,"

[HUAWEI] sysname Spine-1 [Leaf-1A] interface LooBack1 [Leaf-1A-LoopBack1] ip address 2.2.2.2 255.255.255.255#

The following outline

After the configuration is complete, check the IP address configuration

2.2 configure OSPF

Leaf-1a,leaf-1b assignment configures loop return loopback1, which, as vtep ip, advertises into the underlying routing protocol

Configuration of spine-1

Ospf 1 area 0.0.0.0 network 1.1.1.1 0.0.0.0 network 172.16.12.0 0.0.0.255 network 172.16.13.0 0.0.0.255

Configuration of leaf-1a

Ospf 1 area 0.0.0.0 network 2.2.2.2 0.0.0.0 network 172.16.12.0 0.0.0.255

Configuration of leaf-1b

Ospf 1 area 0.0.0.0 network 3.3.3.3 0.0.0.0 network 172.16.13.0 0.0.0.255

After the configuration is complete, check the establishment of ospf neighbors

2.3 configure vxlan basic configuration for leaf-1a and leaf-1b

[Leaf-1A] bridge-domain 10 # create layer 2 broadcast domain bd10 [Leaf-1A-bd10] vxlan vni 5000 # create vxlan vni 5000 [Leaf-1A-bd10] Q [Leaf-1A] interface Nve1 # create nve interface and vxlan tunnel [Leaf-1A-Nve1] source 2.2 .2.2 # configure the local vtep address [Leaf-1A-Nve1] vni 5000 head-end peer-list 3.3.3.3 # configure the peer vtep address and the corresponding vni number [Leaf-1B] bridge-domain 10 [Leaf-1B-bd10] vxlan vni 5000 [Leaf-1B-bd10] Q [Leaf-1B] interface Nve 1 [Leaf-1B-Nve1] so [Leaf-1B-Nve1] source 3.3.3.3 [Leaf-1B-Nve1] vni 5000 head-end peer-list 2.2.2.2

2.4 configure service access points for leaf-1a and leaf-1b

[Leaf-1B] interface GE1/0/1.1 mode L2 # create layer 2 subinterface [Leaf-1B-GE1/0/1.1] encapsulation dot1q vid 10 # unpackaged in dot1q format Vlan id 10 [Leaf-1B-GE1/0/1.1] bridge-domain 10 # added to bd 10 [Leaf-1A] interface GE1/0/1.1 mode L2 # to create layer 2 subinterface [Leaf-1AGE1/0/1.1] encapsulation dot1q vid 10 # unpackaged in dot1q,vlan id 10 [Leaf-1A-GE1/0/1.1] bridge-domain 10

2.3. Configure vlan for sw1,sw2

Interface Ethernet0/0/1 port link-type trunk port trunk allow-pass vlan 10interface Ethernet0/0/2 port link-type access port default vlan 10

2.4 verify the configuration results and check the leaf-a configuration

Check vxlan vni information

Check vxlan tunnel information

Pc1 testing pc2 interoperability

Confirm that the tunnel configuration is successful

Third, data capture package

Grab the ge1/0/0 interface packet of leaf1-a

You can see that the ipv4 icmp message is normal

Grab the ge1/0/1 interface packet of leaf-a

1. Ospf hello message. Because ospf protocol is running between spine and leaf

2. Udp message. Vxlan is mac in udp. All messages are encapsulated in udp protocol. The source and destination addresses are actually vtep addresses.

The ge1/1 data capture package of spine-1 is basically the same.

It is worth noting that the mac address here is not the mac address of pc, but the mac address of the switch at both ends of the vxlan tunnel.

Summary:

1. Ordinary switches do not need extra configuration for vxlan, and forward vxlan packets according to the messages of normal udp protocol.

2. Generally speaking, you can not see the specific content of the vlxan message by grabbing the packet.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.