003-VXLAN集中式网关实验(命令详解版)
VXLAN集中式网关实验1(命令详解版)
最近有读者私信说刚开始学习VXLAN,实战技巧薄弱、部分命令不是很理解,想循序渐进通过实验过渡到真实项目案例。下面从一个简单的集中式网关实验开始,通过2个基础实验和1个项目实验完成封面拓扑的配置实现。 本实验默认读者有一定的网络基础,想系统的学习SDN网络技术,技术细节可参看后续的SDN网络技术原理合集。一、需求和拓扑
(1)全网的PC全部互通,且能访问外网8.8.8.8和114.114.114.114
(2)PC1和PC2属于同一个网段,接入到不同的Leaf下,网关在CE1上。
(3)PC3通过普通的vlan接入网络,PC4通过VBDif接入网络,网关均在CE1交换机上。
(4)最终实现Server1-4可以互访,同时能同时访问8.8.8.8和114.114.114.114
二、网络配置
(一)网络基础配置
基础配置包含接口IP地址、ospf路由、静态路由配置。
1.CE1交换机基础配置
sysname CE1 # interface GE1/0/1 undo portswitch undo shutdown ip address 10.1.12.1 255.255.255.0 # interface GE1/0/2 undo portswitch undo shutdown ip address 10.1.13.1 255.255.255.0 # interface GE1/0/3 undo shutdown port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 20 # interface GE1/0/5 undo portswitch undo shutdown ip address 10.1.14.1 255.255.255.0 # interface GE1/0/6 undo portswitch undo shutdown ip address 10.1.15.1 255.255.255.0 # interface LoopBack0 ip address 1.1.1.1 255.255.255.255 # ospf 1 router-id 1.1.1.1 area 0.0.0.0 network1.1.1.1 0.0.0.0 network10.1.12.1 0.0.0.0 network10.1.13.1 0.0.0.0 network10.1.14.1 0.0.0.0 # ip route-static 8.8.8.8 255.255.255.255 10.1.15.5 ip route-static 114.114.114.114 255.255.255.255 100.1.1.22.CE2交换机基础配置
sysname CE2 # interface GE1/0/1 undo portswitch undo shutdown ip address 10.1.12.2 255.255.255.0 ## interface LoopBack0 ip address 2.2.2.2 255.255.255.255 # ospf 1 router-id 2.2.2.2 area 0.0.0.0 network 2.2.2.2 0.0.0.0 network 10.1.12.2 0.0.0.0 #3.CE3交换机基础配置
sysname CE3 # interface GE1/0/1 undo portswitch undo shutdown ip address 10.1.13.3 255.255.255.0 # interface LoopBack0 ip address 3.3.3.3 255.255.255.255 # interface Nve1 source 3.3.3.3 vni 1 head-end peer-list 1.1.1.1 vni 1 head-end peer-list 2.2.2.2 # ospf 1 router-id 3.3.3.3 area 0.0.0.0 network 3.3.3.3 0.0.0.0 network 10.1.13.3 0.0.0.04.CE4交换机基础配置
sysname CE4 # interface GE1/0/1 undo portswitch undo shutdown ip address 10.1.14.4 255.255.255.0 # interface GE1/0/2 undo portswitch undo shutdown ip address 10.1.46.4 255.255.255.0 # interface LoopBack0 ip address 4.4.4.4 255.255.255.255 # ospf 1 router-id 4.4.4.4 area 0.0.0.0 network 4.4.4.4 0.0.0.0 network 10.1.14.4 0.0.0.0 # ip route-static 10.0.0.0 255.0.0.0 100.1.1.1 ip route-static 20.0.0.0 255.0.0.0 100.1.1.1 ip route-static 30.0.0.0 255.0.0.0 100.1.1.1 ip route-static 114.114.114.114 255.255.255.255 10.1.46.65.vswitch及internet路由器配置
sysname VSW1 # vlan batch 10 # interface G1/0/1 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 10 # interface G1/0/2 port link-type access port default vlan 10 ------------------------------------------- sysname VSW2 # vlan batch 10 # interface G1/0/1 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 10 # interface G1/0/2 port link-type access port default vlan 10 -------------------------------------------- sysname VSW3 # vlan batch 20 # interface G1/0/1 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 20 # interface G1/0/2 port link-type access port default vlan 20 -------------------------------------------- sysname VSW4 # vlan batch 30 # interface G1/0/1 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 30 # interface G1/0/2 port link-type access port default vlan 30 ------------------------------------------- sysname Internet-1 # interface G0/0/0 ip address 10.1.15.5 255.255.255.0 # interface LoopBack0 ip address 8.8.8.8 255.255.255.255 # ip route-static 10.0.0.0 255.0.0.0 10.1.15.1 ip route-static 20.0.0.0 255.0.0.0 10.1.15.1 ip route-static 30.0.0.0 255.0.0.0 10.1.15.1 ip route-static 114.0.0.0 255.0.0.0 10.1.15.1 -------------------------------------------- sysname Internet2 interface G0/0/0 ip address 10.1.46.6 255.255.255.0 # interface LoopBack0 ip address 114.114.114.114 255.255.255.255 # ip route-static 8.8.8.8 255.255.255.255 10.1.46.4 ip route-static 10.0.0.0 255.0.0.0 10.1.46.4 ip route-static 20.0.0.0 255.0.0.0 10.1.46.4 ip route-static 30.0.0.0 255.0.0.0 10.1.46.4 #6.配置完毕后检查路由表
(1)在CE1上查看ospf邻居
(2)在CE1上查看路由表
(3)检查到CE2-4交换机的loop接口地址连通性
(二)静态vxlan配置及BD接入配置
1.CE1交换机VXLAN配置
CE1连接传统二层网络,可使用bd和trunk进行接入,这里vlan20使用trun透传vlan方式、vlan30使用BD子接口方式接入。 vlan batch 20 # bridge-domain 30 vxlan vni 2 # interface GE1/0/4 undo shutdown #针对vlan tag等于30的封装进vbd30 interface GE1/0/4.1 mode l2 encapsulation dot1q vid 30 bridge-domain 30 #配置BD接入配置关联vni1, bridge-domain 10 vxlan vni 1 # #配置BD100用于连接CE-4。 bridge-domain 100 vxlan vni 3 # interface Vbdif10 ip address 10.1.1.254 255.255.255.0 # interface Vbdif30 ip address 30.1.1.254 255.255.255.0 # interface Vbdif100 ip address 100.1.1.1 255.255.255.0 # #配置vlanif作为传统网络vlan20接入的网关。 interface Vlanif20 ip address 20.1.1.254 255.255.255.0 # interface Nve1 source 1.1.1.1 vni 1 head-end peer-list 2.2.2.2 vni 1 head-end peer-list 3.3.3.3 vni 3 head-end peer-list 4.4.4.42.CE2交换机VXLAN配置
bridge-domain 10 vxlan vni 1 # interface GE1/0/2 undo shutdown # interface GE1/0/2.1 mode l2 encapsulation dot1q vid 10 bridge-domain 10 # interface Nve1 source 2.2.2.2 vni 1 head-end peer-list 1.1.1.1 vni 1 head-end peer-list 3.3.3.33.CE3交换机VXLAN配置
sysname CE3 # bridge-domain 10 vxlan vni 1 # interface GE1/0/2 undo shutdown # interface GE1/0/2.1 mode l2 encapsulation dot1q vid 10 bridge-domain 10 # interface Nve1 source 3.3.3.3 vni 1 head-end peer-list 1.1.1.1#手动与CE1和CE2创建头端复制列表 vni 1 head-end peer-list 2.2.2.2 #4.CE3交换机VXLAN配置
sysname CE4 # bridge-domain 100 vxlan vni 3 # interface Vbdif100#请注意之歌vbdif100与CE1也是通过隧道建立互联关系的,CE4作为border-leaf连接外部传统网络和内部的vxlan网络。将路由传递给内部的集中式网关交换机。 ip address 100.1.1.2 255.255.255.0 # interface Nve1 source 4.4.4.4 vni 3 head-end peer-list 1.1.1.1#手动与CE1创建头端复制列表 #注意这些路由条目写的下一跳地址不是直连地址,下面通过转包观察这条路由是怎么进行封装的。 ip route-static 10.0.0.0 255.0.0.0 100.1.1.1 ip route-static 20.0.0.0 255.0.0.0 100.1.1.1 ip route-static 30.0.0.0 255.0.0.0 100.1.1.1三、配置结果验证
1.全网联通性验证
内部全网互通访问互联网全通2.vxlan隧道验证
3.路由表验证
CE1上访问外网114的路由表是通过vbdif封装到vxlan传递给CE2的vbdif100.
四、附件
添加VX start_starting获取lab附件。