概念网上有很多,此处直接实验帮助理解
通俗一点讲就是A到B建立一个的隧道,A将包打上标签 B收包,B收包后去标签再向下传输。
目的:PC1与PC2通信
现状:1、CE1、CE2、LSW1为三层互通
2、PC1与PC2同网段
3、不改变现状通过vxlan解决PC1与PC2之间的二层通信
步骤:1、CE1、CE2、LSW1之间使用静态路由或者ospf,使CE1上的1.1.1.1与CE2上的2.2.2.2可以通信。(作者这里使用的使ospf)
2、CE1与CE2上做VXLAN相关配置(两边配置基本对称)
3、测试PC1与PC2之间通信
实验:CE1、CE2、LSW1之间互通配置此处略(只要实现1.1.1.1和2.2.2.2通就行)
1、业务接入点配置
CE1
[CE1] bridge-domain 10 #创建桥域
[CE1-bd10] vxlan vni 100 #该桥域绑定vni
[CE1-bd10] quit
[CE1] interface GE 1/0/2
[CE1-GE1/0/2] undo shutdown
[CE1-GE1/0/2] quit
[CE1] interface GE 1/0/2.100 mode l2 #创建子接口,且该子接口模式为l2
[CE1-GE1/0/2.100] encapsulation dot1q vid 10 #该子接口绑定的vlanid(此处vlanid指的是PC1所属vlan)
[CE1-GE1/0/2.100] bridge-domain 10 #该子接口绑定桥域10
[CE1-GE1/0/2.100] quit
CE2
[CE2] bridge-domain 10 #创建桥域
[CE2-bd10] vxlan vni 100 #该桥域绑定vni
[CE2-bd10] quit
[CE2] interface GE 1/0/2
[CE2-GE1/0/2] undo shutdown
[CE2-GE1/0/2] quit
[CE2] interface GE 1/0/2.100 mode l2 #创建子接口,且该子接口模式为l2
[CE2-GE1/0/2.100] encapsulation dot1q vid 10 #该子接口绑定的vlanid(此处vlanid指的是PC2所属vlan)
[CE2-GE1/0/2.100] bridge-domain 10 #该子接口绑定桥域10
[CE2-GE1/0/2.100] quit
CE1的vxlan隧道建立
[CE1] interface Nve1 #创建vxlan隧道
[CE1-Nve1] source 1.1.1.1 #隧道源地址
[CE1-Nve1] vni 100 head-end peer-list 2.2.2.2 #隧道目的地址
[CE1-Nve1] quit
CE2的vxlan隧道建立
[CE2] interface Nve1 #创建vxlan隧道
[CE2-Nve1] source 2.2.2.2 #隧道源地址
[CE2-Nve1] vni 100 head-end peer-list 1.1.1.1 #隧道目的地址
[CE2-Nve1] quit
查看vxlan隧道建立情况,一般state参数为up隧道建立成功
[~CE1]display vxlan tunnel
Number of vxlan tunnel : 1
Tunnel ID Source Destination State Type Uptime
--------------------------------------------------------------------------------
---
4026531841 1.1.1.1 2.2.2.2 up static 00:01:59
[~CE1]
如上配置后PC1与PC2就可以通信了 ENSP存在BUG 若不通手工在PC上配置对方的arp表项
PC1: arp -s PC2地址 PC2MAC
PC1: arp -s PC1地址 PC1MAC
以下是5台设备的配置
[~CE1]dis cu
!Software Version V200R005C10SPC607B607
!Last configuration was updated at 2024-06-19 10:03:48+00:00
!Last configuration was saved at 2024-06-18 15:44:33+00:00
#
sysname CE1
#
device board 17 board-type CE-MPUB
device board 1 board-type CE-LPUE
#
bridge-domain 10
vxlan vni 100
#
aaa
#
authentication-scheme default
#
authorization-scheme default
#
accounting-scheme default
#
domain default
#
domain default_admin
#
interface MEth0/0/0
undo shutdown
#
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.0.12.1 255.255.255.0
#
interface GE1/0/1
undo shutdown
port link-type trunk
#
interface GE1/0/1.1 mode l2
encapsulation dot1q vid 10
bridge-domain 10
#
interface GE1/0/2
shutdown
#
interface GE1/0/3
shutdown
#
interface GE1/0/4
shutdown
#
interface GE1/0/5
shutdown
#
interface GE1/0/6
shutdown
#
interface GE1/0/7
shutdown
#
interface GE1/0/8
shutdown
#
interface GE1/0/9
shutdown
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface Nve1
source 1.1.1.1
vni 100 head-end peer-list 2.2.2.2
#
interface NULL0
#
ospf 1
area 0.0.0.0
description tyh
network 1.1.1.1 0.0.0.0
network 10.0.12.0 0.0.0.255
#
ssh authorization-type default aaa
#
ssh server cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
ssh server dh-exchange min-len 1024
#
ssh client cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
user-interface con 0
#
vm-manager
#
return
[~CE1]
[~CE1]
[CE2]dis cu
!Software Version V200R005C10SPC607B607
!Last configuration was updated at 2024-06-19 10:10:08+00:00
!Last configuration was saved at 2024-06-18 15:44:50+00:00
#
sysname CE2
#
device board 17 board-type CE-MPUB
device board 1 board-type CE-LPUE
#
bridge-domain 10
vxlan vni 100
#
aaa
#
authentication-scheme default
#
authorization-scheme default
#
accounting-scheme default
#
domain default
#
domain default_admin
#
interface MEth0/0/0
undo shutdown
#
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.0.23.1 255.255.255.0
#
interface GE1/0/1
undo shutdown
port link-type trunk
#
interface GE1/0/1.1 mode l2
encapsulation dot1q vid 10
bridge-domain 10
#
interface GE1/0/2
shutdown
#
interface GE1/0/3
shutdown
#
interface GE1/0/4
shutdown
#
interface GE1/0/5
shutdown
#
interface GE1/0/6
shutdown
#
interface GE1/0/7
shutdown
#
interface GE1/0/8
shutdown
#
interface GE1/0/9
shutdown
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
interface Nve1
source 2.2.2.2
vni 100 head-end peer-list 1.1.1.1
#
interface NULL0
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.0.23.0 0.0.0.255
#
ssh authorization-type default aaa
#
ssh server cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
ssh server dh-exchange min-len 1024
#
ssh client cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
user-interface con 0
#
vm-manager
#
return
[CE2]
[CE2]
[LSW1]DIS CU
#
sysname LSW1
#
vlan batch 100 200
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
#
interface Vlanif100
ip address 10.0.12.2 255.255.255.0
#
interface Vlanif200
ip address 10.0.23.2 255.255.255.0
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 200
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface GigabitEthernet0/0/9
#
interface GigabitEthernet0/0/10
#
interface GigabitEthernet0/0/11
#
interface GigabitEthernet0/0/12
#
interface GigabitEthernet0/0/13
#
interface GigabitEthernet0/0/14
#
interface GigabitEthernet0/0/15
#
interface GigabitEthernet0/0/16
#
interface GigabitEthernet0/0/17
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
#
interface GigabitEthernet0/0/24
#
interface NULL0
#
ospf 1
area 0.0.0.0
network 10.0.12.0 0.0.0.255
network 10.0.23.0 0.0.0.255
#
user-interface con 0
user-interface vty 0 4
#
return
[LSW1]
[LSW2]
[LSW2]DIS CU
#
sysname LSW2
#
vlan batch 10
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 10
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface GigabitEthernet0/0/9
#
interface GigabitEthernet0/0/10
#
interface GigabitEthernet0/0/11
#
interface GigabitEthernet0/0/12
#
interface GigabitEthernet0/0/13
#
interface GigabitEthernet0/0/14
#
interface GigabitEthernet0/0/15
#
interface GigabitEthernet0/0/16
#
interface GigabitEthernet0/0/17
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
#
interface GigabitEthernet0/0/24
#
interface NULL0
#
user-interface con 0
user-interface vty 0 4
#
return
[LSW2]
[LSW3]DIS CU
#
sysname LSW3
#
vlan batch 10
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 10
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface GigabitEthernet0/0/9
#
interface GigabitEthernet0/0/10
#
interface GigabitEthernet0/0/11
#
interface GigabitEthernet0/0/12
#
interface GigabitEthernet0/0/13
#
interface GigabitEthernet0/0/14
#
interface GigabitEthernet0/0/15
#
interface GigabitEthernet0/0/16
#
interface GigabitEthernet0/0/17
#
interface GigabitEthernet0/0/18
#
interface GigabitEthernet0/0/19
#
interface GigabitEthernet0/0/20
#
interface GigabitEthernet0/0/21
#
interface GigabitEthernet0/0/22
#
interface GigabitEthernet0/0/23
#
interface GigabitEthernet0/0/24
#
interface NULL0
#
user-interface con 0
user-interface vty 0 4
#
return
[LSW3]