manualshive.com logo in svg

H3C S5560X-EI Series, Руководство по настройке

Поделиться
Скачать
H3C S5560X-EI Series Скачать руководство пользователя страница 7

 

VXLAN overview 

Virtual eXtensible LAN (VXLAN) is a MAC-in-UDP technology that provides Layer 2 connectivity 
between distant network sites across an IP network. VXLAN is typically used in data centers and 
campus access networks for multitenant services.  

VXLAN provides the following benefits: 

 

Support for more virtual switched domains than VLANs

—Each VXLAN is uniquely 

identified by a 24-bit VXLAN ID. The total number of VXLANs can reach 16777216 (2

24

). This 

specification makes VXLAN a better choice than 802.1Q VLAN to isolate traffic for user 
terminals. 

 

Easy deployment and maintenance

—VXLAN requires deployment only on the edge devices 

of the transport network. Devices in the transport network perform typical Layer 3 forwarding. 

The device supports only IPv4-based VXLAN. IPv6-based VXLAN is not supported. 

VXLAN network model 

As shown in 

Figure 1

, a VXLAN is a virtual Layer 2 network (known as the overlay network) built on 

top of an existing physical Layer 3 network (known as the underlay network). The overlay network 
encapsulates inter-site Layer 2 frames into VXLAN packets and forwards the packets to the 
destination along the Layer 3 forwarding paths provided by the underlay network. The underlay 
network is transparent to tenants, and geographically dispersed sites of a tenant are merged into a 
Layer 2 network.  

The transport edge devices assign user terminals to different VXLANs, and then forward traffic 
between sites for user terminals by using VXLAN tunnels. Supported user terminals include PCs, 
wireless terminals, and user terminals on servers. 

The transport edge devices are VXLAN tunnel endpoints (VTEP). 

An H3C VTEP uses VSIs and VXLAN tunnels to provide VXLAN services. 

 VSI

—A virtual switch instance is a virtual Layer 2 switched domain. Each VSI provides 

switching services only for one VXLAN. VSIs learn MAC addresses and forward frames 
independently of one another. User terminals in different sites have Layer 2 connectivity if they 
are in the same VXLAN. 

 VXLAN 

tunnel

—Logical point-to-point tunnels between VTEPs over the transport network. 

Each VXLAN tunnel can trunk multiple VXLANs. 

VTEPs encapsulate VXLAN traffic in the VXLAN, outer UDP, and outer IP headers. The devices in 
the transport network forward VXLAN traffic only based on the outer IP header. 

Содержание S5560X-EI Series

Страница 1: ...H3C S5560X EI Switch Series VXLAN Configuration Guide New H3C Technologies Co Ltd http www h3c com hk Software version Release 1110 series Document version 6W102 20171207...

Страница 2: ...SecPath SecCenter SecBlade Comware ITCMM and HUASAN are trademarks of New H3C Technologies Co Ltd All other trademarks that may be mentioned in this manual are the property of their respective owners...

Страница 3: ...ces keywords or arguments that are optional x y Braces enclose a set of required syntax choices separated by vertical bars from which you select one x y Square brackets enclose a set of optional synta...

Страница 4: ...generic network device such as a router switch or firewall Represents a routing capable device such as a router or Layer 3 switch Represents a generic switch such as a Layer 2 or Layer 3 switch or a...

Страница 5: ...cumentation To access the most up to date H3C product documentation go to the H3C website at http www h3c com hk To obtain information about installation configuration and maintenance click http www h...

Страница 6: ...the local site 13 Setting the destination UDP port number of VXLAN packets 14 Enabling ARP flood suppression 14 Disabling remote ARP learning for VXLANs 14 Displaying and maintaining VXLANs 15 Unicast...

Страница 7: ...er site Layer 2 frames into VXLAN packets and forwards the packets to the destination along the Layer 3 forwarding paths provided by the underlay network The underlay network is transparent to tenants...

Страница 8: ...the frame It is also called the virtual network identifier VNI 8 byte outer UDP header for VXLAN The default VXLAN destination UDP port number is 4789 20 byte outer IP header Valid addresses of VTEPs...

Страница 9: ...a list of VLANs on a Layer 2 Ethernet interface by using a frame match criterion The frame match criterion specifies the characteristics of traffic from the VLANs such as tagging status and VLAN IDs...

Страница 10: ...iguring VXLAN IP gateways A VTEP uses the following processes to forward traffic at Layer 2 Unicast process Applies to destination known unicast traffic Flood process Applies to multicast broadcast an...

Страница 11: ...en sends one replica to the destination IP address of each VXLAN tunnel in the VXLAN See Figure 5 Each destination VTEP floods the inner Ethernet frame to all the site facing interfaces in the VXLAN T...

Страница 12: ...RP flood suppression table with local and remote MAC addresses If an ARP request has a matching entry the VTEP replies to the request on behalf of the user terminal If no match is found the VTEP flood...

Страница 13: ...n the MAC address of Terminal 1 10 VTEP 3 creates a suppression entry for Terminal 10 and replies to the ARP request VXLAN IP gateways A VXLAN IP gateway provides Layer 3 forwarding services for user...

Страница 14: ...tunnel has only one route in the underlay network VXLAN configuration task list Tasks at a glance Remarks Required Setting the forwarding mode for VXLANs N A Required Creating a VXLAN on a VSI N A Req...

Страница 15: ...3 Create a VSI and enter VSI view vsi vsi name By default no VSIs exist 4 Optional Configure a VSI description description text By default a VSI does not have a description 5 Enable the VSI undo shutd...

Страница 16: ...ess is specified for a tunnel Specify the remote VTEP s IP address This IP address will be the destination IP address in the outer IP header of tunneled VXLAN packets As a best practice do not configu...

Страница 17: ...rvice instance to a VSI xconnect vsi vsi name access mode vlan By default an Ethernet service instance is not mapped to any VSI Mapping dynamic Ethernet service instances to VSIs About dynamic Etherne...

Страница 18: ...emote MAC address entries Do not configure static remote MAC entries for VXLAN tunnels that are automatically established by using EVPN EVPN re establishes VXLAN tunnels if the transport facing interf...

Страница 19: ...nge logging Step Command Remarks 1 Enter system view system view N A 2 Enable local MAC change logging vxlan local mac report By default local MAC change logging is disabled Confining floods to the lo...

Страница 20: ...he table If the flooding disable command is configured set the MAC aging timer to a higher value than the aging timer for ARP flood suppression entries on all VTEPs This setting prevents the traffic b...

Страница 21: ...interface type interface number service instance instance id verbose Display information about VSIs display l2vpn vsi name vsi name verbose Display information about tunnel interfaces display interfa...

Страница 22: ...y 2 Configure IP addresses and unicast routing settings Assign IP addresses to interfaces as shown in Figure 7 Details not shown Configure OSPF on all transport network switches Switches A through D D...

Страница 23: ...nk SwitchA GigabitEthernet1 0 1 port trunk permit vlan 2 SwitchA GigabitEthernet1 0 1 service instance 1000 SwitchA GigabitEthernet1 0 1 srv1000 encapsulation s vid 2 Map Ethernet service instance 100...

Страница 24: ...2 Map Ethernet service instance 1000 to VSI vpna SwitchB GigabitEthernet1 0 1 srv1000 xconnect vsi vpna SwitchB GigabitEthernet1 0 1 srv1000 quit SwitchB GigabitEthernet1 0 1 quit 5 Configure Switch C...

Страница 25: ...vsi vpna SwitchC GigabitEthernet1 0 1 srv1000 quit SwitchC GigabitEthernet1 0 1 quit Verifying the configuration 1 Verify the VXLAN settings on the VTEPs This example uses Switch A Verify that the VX...

Страница 26: ...l2 0x5000002 Up Manual Disabled ACs AC Link ID State Type GE1 0 1 srv1000 0 Up Manual Verify that the VTEP has learned the MAC addresses of remote user terminals SwitchA display l2vpn mac address MAC...

Страница 27: ...ributed VXLAN IP gateway deployment Deploy one VXLAN IP gateway on each VTEP to provide Layer 3 forwarding for VXLANs at their respective sites This design distributes the Layer 3 traffic load across...

Страница 28: ...VXLAN IP gateway placement design As shown in Figure 10 the network uses the following process to forward Layer 3 traffic from the user terminal at 10 1 1 11 to the Layer 3 network 1 The user termina...

Страница 29: ...Distributed VXLAN IP gateway deployment As shown in Figure 11 each site s VTEP acts as a gateway to perform Layer 3 forwarding for the VXLANs of the local site A VTEP acts as a border gateway to the L...

Страница 30: ...3 network VXLAN tunnel VXLAN tunnel Terminal Site 2 Terminal Site 3 Terminal Site 4 Terminal Site 5 Terminal Site 6 VTEP Distributed VXLAN IP gateway VTEP Distributed VXLAN IP gateway VTEP Border gate...

Страница 31: ...7 GW 1 de encapsulates the ARP request and creates an ARP entry for Terminal 4 The entry contains Terminal 4 s IP address 10 1 1 12 the MAC address of VSI interface 10 on GW 2 and the incoming tunnel...

Страница 32: ...cket is 10 1 1 2 the border gateway b Floods an ARP request to the local and remote sites in VXLAN 10 to obtain the MAC address of 10 1 1 2 5 The border gateway de encapsulates the ARP request creates...

Страница 33: ...next hop Configuration procedure Step Command Remarks 1 Enter system view system view N A 2 Create a VSI interface and enter VSI interface view interface vsi interface vsi interface id By default no V...

Страница 34: ...uted VXLAN IP gateways each gateway learns ND information independently A gateway does not forward ND packets destined for it to other gateways For distributed VXLAN IP gateways to have the same ND en...

Страница 35: ...ration examples Centralized VXLAN IP gateway configuration example Network requirements As shown in Figure 13 Configure VXLAN 10 as a unicast mode VXLAN on Switch A Switch B and Switch C to provide co...

Страница 36: ...em view SwitchA l2vpn enable Enable Layer 2 forwarding for VXLANs SwitchA undo vxlan ip forwarding Create VSI vpna and VXLAN 10 SwitchA vsi vpna SwitchA vsi vpna vxlan 10 SwitchA vsi vpna vxlan 10 qui...

Страница 37: ...ed as the source IP address of the VXLAN tunnels to Switch A and Switch C SwitchB interface loopback 0 SwitchB Loopback0 ip address 2 2 2 2 255 255 255 255 SwitchB Loopback0 quit Create a VXLAN tunnel...

Страница 38: ...ce 3 3 3 3 SwitchC Tunnel1 destination 1 1 1 1 SwitchC Tunnel1 quit Create a VXLAN tunnel to Switch B The tunnel interface name is Tunnel 3 SwitchC interface tunnel 3 mode vxlan SwitchC Tunnel3 source...

Страница 39: ...vsi interface 1 Vsi interface1 Current state UP Line protocol state UP Description Vsi interface1 Interface Bandwidth 1000000 kbps Maximum transmission unit 1500 Internet address 10 1 1 1 24 primary...

Страница 40: ...Blackhole D Dynamic S Static R Relay F FRR Destination Mask Nexthop Flag OutInterface Token Label 10 1 1 11 32 10 1 1 11 UH Vsi1 Null 2 Verify that the user terminals can access the WAN Verify that Te...

Страница 41: ...14 Details not shown Configure OSPF on all transport network switches Switches A through D Details not shown Configure OSPF to advertise routes to networks 10 1 1 0 24 20 1 1 0 24 and 25 1 1 0 24 on...

Страница 42: ...witchA vsi vpna vxlan 10 SwitchA vsi vpna vxlan 10 tunnel 1 SwitchA vsi vpna vxlan 10 tunnel 2 SwitchA vsi vpna vxlan 10 quit SwitchA vsi vpna quit Assign Tunnel 1 and Tunnel 2 to VXLAN 30 SwitchA vsi...

Страница 43: ...p distributed gateway dynamic entry synchronize Specify VSI interface 1 as the gateway interface for VSI vpna SwitchA vsi vpna SwitchA vsi vpna gateway vsi interface 1 SwitchA vsi vpna quit Specify VS...

Страница 44: ...rface 1 and assign the interface an IP address SwitchB interface vsi interface 1 SwitchB Vsi interface1 ip address 10 1 1 2 255 255 255 0 SwitchB Vsi interface1 quit Create VSI interface 2 and assign...

Страница 45: ...na vxlan 10 tunnel 3 SwitchC vsi vpna vxlan 10 quit SwitchC vsi vpna quit Assign Tunnel 1 and Tunnel 3 to VXLAN 30 SwitchC vsi vpnb SwitchC vsi vpnb vxlan 30 SwitchC vsi vpnb vxlan 30 tunnel 1 SwitchC...

Страница 46: ...local SwitchC Vsi interface2 local proxy arp enable SwitchC Vsi interface2 quit Specify VSI interface 2 as the gateway interface for VSI vpnb SwitchC vsi vpnb SwitchC vsi vpna gateway vsi interface 2...

Страница 47: ...se VSI Name vpna VSI Index 0 VSI State Up MTU 1500 Bandwidth Broadcast Restrain Multicast Restrain Unknown Unicast Restrain MAC Learning Enabled MAC Table Limit MAC Learning rate Drop Unknown Flooding...

Страница 48: ...Interface Bandwidth 1000000 kbps Maximum transmission unit 1500 Internet address 10 1 1 2 24 primary IP packet frame type Ethernet II hardware address 0011 2200 0102 IPv6 packet frame type Ethernet I...

Страница 49: ...UH Vsi1 Null SwitchB display fib 20 1 1 12 Destination count 1 FIB entry count 1 Flag U Useable G Gateway H Host B Blackhole D Dynamic S Static R Relay F FRR Destination Mask Nexthop Flag OutInterfac...

Страница 50: ...ill reboot the device Continue Y N y 2 On Terminal 1 and Terminal 2 specify 1 1 and 4 1 as the gateway address respectively Details not shown 3 Configure IP addresses and unicast routing settings Assi...

Страница 51: ...1 SwitchA vsi vpna vxlan 10 tunnel 2 SwitchA vsi vpna vxlan 10 quit SwitchA vsi vpna quit Assign Tunnel 1 and Tunnel 2 to VXLAN 20 SwitchA vsi vpnb SwitchA vsi vpnb vxlan 20 SwitchA vsi vpnb vxlan 20...

Страница 52: ...tchA Vsi interface2 quit Specify VSI interface 2 as the gateway interface for VSI vpnb SwitchA vsi vpnb SwitchA vsi vpnb gateway vsi interface 2 SwitchA vsi vpnb quit Configure an IPv6 static route Se...

Страница 53: ...nterface an IPv6 address SwitchB interface vsi interface 1 SwitchB Vsi interface1 ipv6 address 1 2 64 SwitchB Vsi interface1 quit Create VSI interface 2 and assign the interface an IPv6 address Switch...

Страница 54: ...LAN 20 SwitchC vsi vpnb SwitchC vsi vpnb vxlan 20 SwitchC vsi vpnb vxlan 20 tunnel 1 SwitchC vsi vpnb vxlan 20 tunnel 3 SwitchC vsi vpnb vxlan 20 quit SwitchC vsi vpnb quit On GigabitEthernet 1 0 1 cr...

Страница 55: ...C vsi vpnb quit Configure an IPv6 static route Set the destination address to 3 64 and the next hop to 4 2 SwitchC ipv6 route static 3 64 4 2 Verifying the configuration 1 Verify the distributed VXLAN...

Страница 56: ...ateway interfaces for the VSIs SwitchA display l2vpn vsi verbose VSI Name vpna VSI Index 0 VSI State Up MTU 1500 Bandwidth Broadcast Restrain Multicast Restrain Unknown Unicast Restrain MAC Learning E...

Страница 57: ...ntry count 1 Flag U Useable G Gateway H Host B Blackhole D Dynamic S Static R Relay F FRR Destination 4 400 Prefix length 128 Nexthop 4 400 Flags UH Time stamp 0x2c Label Null Interface Vsi2 Token Inv...

Страница 58: ...sec Input 0 packets 0 bytes 0 drops Output 0 packets 0 bytes 0 drops Verify that the VXLAN tunnels have been assigned to the VXLANs and the VSI interfaces are the gateway interfaces for the VSIs Swit...

Страница 59: ...amic S Static R Relay F FRR Destination 1 100 Prefix length 128 Nexthop 1 100 Flags UH Time stamp 0x21 Label Null Interface Vsi1 Token Invalid SwitchB display ipv6 fib 4 400 Destination count 1 FIB en...

Страница 60: ...odel 1 VXLAN overview 1 VXLAN static Ethernet service instance VSI mapping 11 F flooding VXLAN ARP flood suppression 6 14 VXLAN local flood confine 13 VXLAN traffic forwarding flood process 4 5 format...

Страница 61: ...rview 1 maintaining VXLAN 15 VXLAN IP gateway 29 managing VXLAN MAC address entries 12 manual VXLAN tunnel configuration 9 mapping VXLAN AC VSI 10 VXLAN dynamic Ethernet service instance VSI 11 VXLAN...

Страница 62: ...ket destination UDP port 14 protocols and standards VXLAN 7 proxying VXLAN traffic forwarding flood proxy mode 5 R remote VXLAN remote MAC address learning 12 VXLAN static MAC address entry 12 restric...

Страница 63: ...lized 22 IP gateway distributed 23 IP gateway separated from VTEP 21 IP gateway configuration 21 29 IP gateway configuration centralized 26 29 IP gateway configuration distributed 27 IP gateway config...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды