【物理交换机配置 ipv4/ipv6 VXLAN隧道】

两台交换机配置VXLAN隧道，实现相同网段两台PC之间的互访

IPV4：

拓扑如下：

配置如下

配置基础IP地址:，完成基本链路通信

PC1

PC2

SW01

以下是SW01的交换机配置
Please configure the login password (8-16)
Enter Password:
Confirm Password:
Info: Save the password now. Please wait for a moment. 
Info: The max number of VTY users is 5, the number of current VTY users online is 0, and total number of terminal users online is 1.
      The current login time is 2024-07-28 12:21:27.
<HUAWEI>sys
Enter system view, return user view with return command.
[~HUAWEI]sysname  SW01   //修改设备的主机名
[*HUAWEI]commit
[~SW01]
[~SW01]int loopback  1   //添加loopback接口
[*SW01-LoopBack1]ip address 1.1.1.1 32 配置loopback接口IP地址，后续充当VTEP的地址
[*SW01-LoopBack1]quit
[*SW01]int  10GE1/0/1
[*SW01-GE1/0/1]undo portswitch   //取消二层口，配置三层IP地址
[*SW01-GE1/0/1]ip address  10.0.0.1 30 
[*SW01-GE1/0/1]quit  
[*SW01]ip route-static 2.2.2.2 32 10.0.0.2  //打通跟SW02looback地址的通信
[*SW01]commit

SW02

以下是SW02的配置：
Please press "Enter" to start command line
eNSP Lite can only be used for practice.------
This device is an emulator and does not reflect a physical device model.
Some functions and commands may not supported.
Please read the feature list carefully before using.
----------------------------------------------
 
User interface con0 is available
 
Please configure the login password (8-16)
Enter Password:
Confirm Password:
Info: Save the password now. Please wait for a moment. 
Info: The max number of VTY users is 5, the number of current VTY users online is 0, and total number of terminal users online is 1.
      The current login time is 2024-07-28 12:26:41.
<HUAWEI>sys 
Enter system view, return user view with return command.
[~HUAWEI]sysname SW02
[*HUAWEI]commit
[~SW02]int loopback 1
[*SW02-LoopBack1]ip address  2.2.2.2 32 
[*SW02-LoopBack1]quit 
[*SW02]int GE 1/0/1
[*SW02-GE1/0/1]undo portswitch  
[*SW02-GE1/0/1]ip address  10.0.0.2 30 
[*SW02-GE1/0/1]quit  
[*SW02]ip route-static  1.1.1.1 32 10.0.0.1 
[*SW02]commit

测试批次能否正常通信：

建立静态VXLAN隧道:

SW01

[~SW01]bridge-domain  1  //创建bd
[*SW01-bd1]vxlan  vn
[*SW01-bd1]vxlan  vni  ?
  INTEGER<1-16777215>  Value of VXLAN network identifier
 
[*SW01-bd1]vxlan  vni  1   //在BD中绑定VNI
[*SW01-bd1]quit
[*SW01]int Nve ?  //创建NVE接口
  <1-1>  Nve interface number
 
[*SW01]int Nve 1 
Info: Ensure that the IP addresses and MAC addresses of the NVE interfaces on Devices are the same, as they are dual-active gateways using M-LAG.  
[*SW01-Nve1]source  ?
  X.X.X.X   IP address
  X:X::X:X  IPv6 address
[*SW01-Nve1]source  1.1.1.1 //配置VETP的IP地址
[*SW01-Nve1]vni 1 ?
  flood-vtep   Flood vtep IP address
  head-end     Head end mode
  mcast-group  Mcast group mode
  reserved     Reserved
  <cr>         
 
[*SW01-Nve1]vni 1  head-end  peer-list  2.2.2.2 //跟SW02配对，本端NVE将根据此列表复制并转发报文
[*SW01-Nve1]commit  确定提交配置

建立情况验证

SW02

[~SW02]bridge-domain   1 
[*SW02-bd1]vxlan  vni 1
[*SW02-bd1]quit
[*SW02]int Nve  1
Info: Ensure that the IP addresses and MAC addresses of the NVE interfaces on Devices are the same, as they are dual-active gateways using M-LAG.
[*SW02-Nve1]sou
[*SW02-Nve1]source  2.2.2.2 
[*SW02-Nve1]vni 1 head-end  peer-list 1.1.1.1 
[*SW02-Nve1]commit
[~SW02-Nve1]

配置业务接入：

SW01配置PC1接入静态VXLAN隧道：

[~SW01]int  10GE1/0/2.1 mode l2 
[*SW01-GE1/0/2.1]commit
[~SW01-GE1/0/2.1]encapsulation   untag  
Warning: To prevent unpredictable results, ensure that a main interface is not configured before you configure the untag or default mode for its sub-interface.
[*SW01-GE1/0/2.1]bridge-domain  1
[*SW01-GE1/0/2.1]commit

SW02配置PC2接入静态VXLAN隧道：

[~SW02] int 10GE1/0/2.1  mode l2
[*SW02-GE1/0/2.1]encapsulation  untag  //封装的方式为untag，如果想加VLAN可以通过dot1q  vid xx 
Warning: To prevent unpredictable results, ensure that a main interface is not configured before you configure the untag or default mode for its sub-interface.
[*SW02-GE1/0/2.1]bridge-domain  1  //绑定BD
[*SW02-GE1/0/2.1]commit

结果验证：

IPV6

将上述配置修改为使用 IPv6 地址的 VXLAN 隧道，包括 VTEP 地址和隧道端点地址，步骤如下：

交换机 A (SW01) 配置

1. 配置 Loopback 接口：

   [~SW01]int loopback 1
   [*SW01-LoopBack1]ipv6 address 2001::1/128  # 配置 Loopback 接口的 IPv6 地址
   [*SW01-LoopBack1]quit
   [*SW01-LoopBack1]quit
   

2. 配置物理接口和 IPv6 地址：

   [*SW01]int 10GE1/0/1
   [*SW01-GE1/0/1]undo portswitch
   [*SW01-GE1/0/1]ipv6 address 2001:0:0:1::1/64
   [*SW01-GE1/0/1]quit
   

3. 配置静态路由：

   [*SW01]ipv6 route-static 2001::2 128 2001:0:0:1::2
   

4. 配置 VXLAN 隧道：

   bash复制代码[*SW01]bridge-domain 1
   [*SW01-bd1]vxlan vni 1
   [*SW01-bd1]quit
   
   [*SW01]int Nve 1
   [*SW01-Nve1]source 2001::1
   [*SW01-Nve1]vni 1 head-end peer-list 2001::2
   [*SW01-Nve1]commit
   

交换机 B (SW02) 配置

1. 配置 Loopback 接口：

   [~SW02]int loopback 1
   [*SW02-LoopBack1]ipv6 address 2001::2/128  # 配置 Loopback 接口的 IPv6 地址
   [*SW02-LoopBack1]quit
   

2. 配置物理接口和 IPv6 地址：

   [*SW02]int 10GE1/0/1
   [*SW02-GE1/0/1]undo portswitch
   [*SW02-GE1/0/1]ipv6 address 2001:0:0:1::2/64
   [*SW02-GE1/0/1]quit
   

3. 配置静态路由：

   [*SW02]ipv6 route-static 2001::1 128 2001:0:0:1::1
   

4. 配置 VXLAN 隧道：

   [*SW02]bridge-domain 1
   [*SW02-bd1]vxlan vni 1
   [*SW02-bd1]quit
   
   [*SW02]int Nve 1
   [*SW02-Nve1]source 2001::2
   [*SW02-Nve1]vni 1 head-end peer-list 2001::1
   [*SW02-Nve1]commit
   

业务接入配置

交换机 A (SW01)

[*SW01]int 10GE1/0/2.1 mode l2
[*SW01-GE1/0/2.1]encapsulation untag
[*SW01-GE1/0/2.1]bridge-domain 1
[*SW01-GE1/0/2.1]commit

交换机 B (SW02)

bash复制代码[*SW02]int 10GE1/0/2.1 mode l2
[*SW02-GE1/0/2.1]encapsulation untag
[*SW02-GE1/0/2.1]bridge-domain 1
[*SW02-GE1/0/2.1]commit

验证

1. 在两台交换机上检查 VXLAN 隧道状态：

   bash复制代码display nve interface
   display nve peer-list
   

2. 在两台 PC 上相互 ping 测试：

   bash复制代码ping 10.0.0.2  # 从 PC1 ping PC2
   ping 10.0.0.1  # 从 PC2 ping PC1
   

通过这些配置，你可以在两台交换机之间建立基于 IPv6 的 VXLAN 隧道，使得在相同网段下的两台 PC 能够互访。确保配置中的 IP 地址、接口名和其他参数与实际网络环境相符。