Example for Configuring VXLAN for Different Subnets
- Tracy Yang
Owned by Tracy Yang
Nov 28, 2023
4 min read
Loading data...
Networking Requirements
Figure 1 VXLAN Networking Topology with Centralized Gateway Deployment
As shown in Figure 1, in the centralized gateway scenario, an enterprise has its own servers in different data centers, Server 1 belongs to VLAN 200, Server 2 belongs to VLAN 100 and Server 3 belongs to VLAN 300. Server 1, Server 2 and Server 3 are located in different network segments. Cross-subnet packet forwarding needs to be implemented through a centralized Layer 3 gateway.
Configure different servers on different network segments to communicate with each other through a VXLAN centralized Layer 3 gateway by the following roadmap:
- Configure static routes on Switch 1, Switch 2, and Switch 3 respectively to ensure network connectivity at the underlay network.
- Configure VXLAN access network on Switch 1, Switch 2 and Switch 3 respectively to differentiate service flow.
- Configure VXLAN tunnels on Switch 1, Switch 2 and Switch 3 respectively to forward service flow.
- To enable users of different network segments to communicate with each other, configure VXLAN Layer 3 gateway on Switch 3. The following steps include how to configure VXLAN Layer 3 gateway:
a) Configure VXLAN mapping of VNI to VLAN:
set vxlans vni <vni_id> vlan <vlan_id>
b) Configure L3 VLAN interface:
set vlans vlan-id <vlan_id> l3-interface <interface_name>
c) Configure the IP the L3 VLAN interface:
set l3-interface vlan-interface <interface_name> address <IP_address> prefix-length <prefix_length>
Procedure
This section describes the steps of configuring VXLAN for different subnets on Switch1, Switch2 and Switch3.
Switch1
Step 1 Configure the VLANs.
admin@Switch1# set vlans vlan-id 200 admin@Switch1# set vlans vlan-id 3073 admin@Switch1# set vlans vlan-id 3073 l3-interface vlan3073 admin@Switch1# set l3-interface vlan-interface vlan3073 address 100.30.3.3 prefix-length 24 admin@Switch1# set interface gigabit-ethernet te-1/1/1 family ethernet-switching native-vlan-id 3073 admin@Switch1# set interface gigabit-ethernet te-1/1/5 family ethernet-switching port-mode trunk admin@Switch1# set interface gigabit-ethernet te-1/1/5 family ethernet-switching vlan members 200
Step 2 Enable IP routing and configure the route.
admin@Switch1# set ip routing enable true admin@Switch1# set l3-interface loopback lo address 3.3.3.3 prefix-length 32 admin@Switch1# set protocols static route 1.1.1.1/32 next-hop 100.30.3.4
Step 3 Configure VXLAN tunnel.
admin@Switch1# set vxlans source-interface lo address 3.3.3.3 admin@Switch1# set vxlans vni 10030 vlan 200 admin@Switch1# set vxlans vni 10030 flood vtep 1.1.1.1
Step 4 Commit the configurations.
admin@Switch1# commit
Switch2
Step 1 Configure the VLANs.
admin@Switch2# set vlans vlan-id 100 admin@Switch2# set vlans vlan-id 4094 admin@Switch2# set vlans vlan-id 4094 l3-interface vlan4094 admin@Switch2# set l3-interface vlan-interface vlan4094 address 100.10.2.2 prefix-length 24 admin@Switch2# set interface gigabit-ethernet te-1/1/25 family ethernet-switching native-vlan-id 4094 admin@Switch2# set interface gigabit-ethernet te-1/1/3 family ethernet-switching port-mode trunk admin@Switch2# set interface gigabit-ethernet te-1/1/3 family ethernet-switching vlan members 100
Step 2 Enable IP routing and configure the route.
admin@Switch2# set ip routing enable true admin@Switch2# set l3-interface loopback lo address 2.2.2.2 prefix-length 32 admin@Switch2# set protocols static route 1.1.1.1/32 next-hop 100.10.2.1
Step 3 Configure VXLAN tunnel.
admin@Switch2# set vxlans source-interface lo address 2.2.2.2 admin@Switch2# set vxlans vni 10010 vlan 100 admin@Switch2# set vxlans vni 10010 flood vtep 1.1.1.1
Step 4 Commit the configurations.
admin@Switch2# commit
Switch3
Step 1 Configure the VLANs.
admin@Switch3# set vlans vlan-id 100 l3-interface vlan100 admin@Switch3# set vlans vlan-id 200 l3-interface vlan200 admin@Switch3# set vlans vlan-id 300 l3-interface vlan300 admin@Switch3# set vlans vlan-id 3073 l3-interface vlan3073 admin@Switch3# set vlans vlan-id 4094 l3-interface vlan4094 admin@Switch3# set l3-interface vlan-interface vlan100 address 192.168.10.254 prefix-length 24 admin@Switch3# set l3-interface vlan-interface vlan200 address 192.168.20.254 prefix-length 24 admin@Switch3# set l3-interface vlan-interface vlan300 address 192.168.30.254 prefix-length 24 admin@Switch3# set l3-interface vlan-interface vlan3073 address 100.30.3.4 prefix-length 24 admin@Switch3# set l3-interface vlan-interface vlan4094 address 100.10.2.1 prefix-length 24 admin@Switch3# set interface gigabit-ethernet te-1/1/2 family ethernet-switching native-vlan-id 300 admin@Switch3# set interface gigabit-ethernet te-1/1/2 family ethernet-switching port-mode trunk admin@Switch3# set interface gigabit-ethernet te-1/1/23 family ethernet-switching native-vlan-id 3073 admin@Switch3# set interface gigabit-ethernet te-1/1/27 family ethernet-switching native-vlan-id 4094
Step 2 Enable IP routing and configure the route.
admin@Switch3# set ip routing enable true admin@Switch3# set l3-interface loopback lo address 1.1.1.1 prefix-length 32 admin@Switch3# set protocols static route 2.2.2.2/32 next-hop 100.10.2.2 admin@Switch3# set protocols static route 3.3.3.3/32 next-hop 100.30.3.3
Step 3 Configure VXLAN tunnel.
admin@Switch3# set vxlans source-interface lo address 1.1.1.1 admin@Switch3# set vxlans vni 10010 flood vtep 2.2.2.2 admin@Switch3# set vxlans vni 10030 flood vtep 3.3.3.3
Step 4 Configure VXLAN mapping of VNI to VLAN.
admin@Switch3# set vxlans vni 10010 vlan 100 admin@Switch3# set vxlans vni 10030 vlan 200
Step 5 Commit the configurations.
admin@Switch3# commit
Verify the Configuration
- You can use the run show vxlan tunnel command to display the VXLAN tunnel information and tunnel state.
admin@Switch1# run show vxlan tunnel Total number of tunnels: 1 VNI 10030, Encap:service-vlan-delete, Decap:service-vlan-add-replace src addr:3.3.3.3, dst addr:1.1.1.1, state:UP traffic type:all nexthops:100.30.3.4 output ports:te-1/1/1 admin@Switch2# run show vxlan tunnel Total number of tunnels: 1 VNI 10010, Encap:service-vlan-delete, Decap:service-vlan-add-replace src addr:2.2.2.2, dst addr:1.1.1.1, state:UP traffic type:all nexthops:100.10.2.1 output ports:te-1/1/25 admin@Switch3# run show vxlan tunnel Total number of tunnels: 2 VNI 10010, Encap:service-vlan-delete, Decap:service-vlan-add-replace src addr:1.1.1.1, dst addr:2.2.2.2, state:UP traffic type:all nexthops:100.10.2.2 output ports:te-1/1/27 VNI 10030, Encap:service-vlan-delete, Decap:service-vlan-add-replace src addr:1.1.1.1, dst addr:3.3.3.3, state:UP traffic type:all nexthops:100.30.3.3 output ports:te-1/1/23
- You can use the run show vxlan address-table command to display the VXLAN MAC address table.
admin@Switch1# run show vxlan address-table VNID MAC address Type Interface VTEP ----------- ----------------- ------- ---------------- --------------- 10030 00:00:00:00:22:22 Dynamic te-1/1/5 10030 50:9a:4c:e6:7b:71 Dynamic 1.1.1.1 Entries in access port: 1 Entries in network port: 1 admin@Switch2# run show vxlan address-table VNID MAC address Type Interface VTEP ----------- ----------------- ------- ---------------- --------------- 10010 00:00:00:00:44:44 Dynamic te-1/1/3 10010 50:9a:4c:e6:7b:71 Dynamic 1.1.1.1 Entries in access port: 1 Entries in network port: 1 admin@Switch3# run show vxlan address-table VNID MAC address Type Interface VTEP ----------- ----------------- ------- ---------------- --------------- 10010 00:00:00:00:44:44 Dynamic 2.2.2.2 10030 00:00:00:00:22:22 Dynamic 3.3.3.3 Entries in access port: 0 Entries in network port: 2
- You can use the run show vxlan arp command to display the ARP table on Switch 3.
admin@Switch3# run show vxlan arp IP-ADDRESS MAC-ADDRESS VNI REMOTE-VTEP Interface Status Age --------------- ----------------- -------- --------------- ---------- ------- 192.168.10.1 00:00:00:00:44:44 10010 2.2.2.2 Dynamic 0 192.168.20.1 00:00:00:00:22:22 10030 3.3.3.3 Dynamic 0
Copyright © 2024 Pica8 Inc. All Rights Reserved.