Example for Configuring VXLAN for Different Subnets

Owned by Tracy Yang
Nov 28, 2023
4 min read

Networking Requirements

Figure 1 VXLAN Networking Topology with Centralized Gateway Deployment

As shown in Figure 1, in the centralized gateway scenario, an enterprise has its own servers in different data centers, Server 1 belongs to VLAN 200, Server 2 belongs to VLAN 100 and Server 3 belongs to VLAN 300. Server 1, Server 2 and Server 3 are located in different network segments. Cross-subnet packet forwarding needs to be implemented through a centralized Layer 3 gateway.

Configure different servers on different network segments to communicate with each other through a VXLAN centralized Layer 3 gateway by the following roadmap:

  1.  Configure static routes on Switch 1, Switch 2, and Switch 3 respectively to ensure network connectivity at the underlay network.
  2.  Configure VXLAN access network on Switch 1, Switch 2 and Switch 3 respectively to differentiate service flow.
  3.  Configure VXLAN tunnels on Switch 1, Switch 2 and Switch 3 respectively to forward service flow.
  4.  To enable users of different network segments to communicate with each other, configure VXLAN Layer 3 gateway on Switch 3. The following steps include how to configure VXLAN Layer 3 gateway:

            a) Configure VXLAN mapping of VNI to VLAN:

                 set vxlans vni <vni_id> vlan <vlan_id>

            b) Configure L3 VLAN interface:

         set vlans vlan-id <vlan_id> l3-interface <interface_name>

     c) Configure the IP the L3 VLAN interface:

         set l3-interface vlan-interface <interface_name> address <IP_address> prefix-length <prefix_length>

Procedure

This section describes the steps of configuring VXLAN for different subnets on Switch1, Switch2 and Switch3.

Switch1

Step 1       Configure the VLANs.

admin@Switch1# set vlans vlan-id 200
admin@Switch1# set vlans vlan-id 3073
admin@Switch1# set vlans vlan-id 3073 l3-interface vlan3073
admin@Switch1# set l3-interface vlan-interface vlan3073 address 100.30.3.3 prefix-length 24
admin@Switch1# set interface gigabit-ethernet te-1/1/1 family ethernet-switching native-vlan-id 3073
admin@Switch1# set interface gigabit-ethernet te-1/1/5 family ethernet-switching port-mode trunk
admin@Switch1# set interface gigabit-ethernet te-1/1/5 family ethernet-switching vlan members 200

Step 2       Enable IP routing and configure the route.

admin@Switch1# set ip routing enable true
admin@Switch1# set l3-interface loopback lo address 3.3.3.3 prefix-length 32
admin@Switch1# set protocols static route 1.1.1.1/32 next-hop 100.30.3.4

Step 3       Configure VXLAN tunnel.

admin@Switch1# set vxlans source-interface lo address 3.3.3.3
admin@Switch1# set vxlans vni 10030 vlan 200
admin@Switch1# set vxlans vni 10030 flood vtep 1.1.1.1

Step 4       Commit the configurations.

admin@Switch1# commit

Switch2

Step 1       Configure the VLANs.

admin@Switch2# set vlans vlan-id 100
admin@Switch2# set vlans vlan-id 4094
admin@Switch2# set vlans vlan-id 4094 l3-interface vlan4094
admin@Switch2# set l3-interface vlan-interface vlan4094 address 100.10.2.2 prefix-length 24
admin@Switch2# set interface gigabit-ethernet te-1/1/25 family ethernet-switching native-vlan-id 4094
admin@Switch2# set interface gigabit-ethernet te-1/1/3 family ethernet-switching port-mode trunk
admin@Switch2# set interface gigabit-ethernet te-1/1/3 family ethernet-switching vlan members 100

Step 2       Enable IP routing and configure the route.

admin@Switch2# set ip routing enable true
admin@Switch2# set l3-interface loopback lo address 2.2.2.2 prefix-length 32
admin@Switch2# set protocols static route 1.1.1.1/32 next-hop 100.10.2.1

Step 3       Configure VXLAN tunnel.

admin@Switch2# set vxlans source-interface lo address 2.2.2.2
admin@Switch2# set vxlans vni 10010 vlan 100
admin@Switch2# set vxlans vni 10010 flood vtep 1.1.1.1

Step 4       Commit the configurations.

admin@Switch2# commit

Switch3

Step 1       Configure the VLANs.

admin@Switch3# set vlans vlan-id 100 l3-interface vlan100
admin@Switch3# set vlans vlan-id 200 l3-interface vlan200
admin@Switch3# set vlans vlan-id 300 l3-interface vlan300
admin@Switch3# set vlans vlan-id 3073 l3-interface vlan3073
admin@Switch3# set vlans vlan-id 4094 l3-interface vlan4094
admin@Switch3# set l3-interface vlan-interface vlan100 address 192.168.10.254 prefix-length 24
admin@Switch3# set l3-interface vlan-interface vlan200 address 192.168.20.254 prefix-length 24
admin@Switch3# set l3-interface vlan-interface vlan300 address 192.168.30.254 prefix-length 24
admin@Switch3# set l3-interface vlan-interface vlan3073 address 100.30.3.4 prefix-length 24
admin@Switch3# set l3-interface vlan-interface vlan4094 address 100.10.2.1 prefix-length 24
admin@Switch3# set interface gigabit-ethernet te-1/1/2 family ethernet-switching native-vlan-id 300
admin@Switch3# set interface gigabit-ethernet te-1/1/2 family ethernet-switching port-mode trunk
admin@Switch3# set interface gigabit-ethernet te-1/1/23 family ethernet-switching native-vlan-id 3073
admin@Switch3# set interface gigabit-ethernet te-1/1/27 family ethernet-switching native-vlan-id 4094

Step 2       Enable IP routing and configure the route.

admin@Switch3# set ip routing enable true
admin@Switch3# set l3-interface loopback lo address 1.1.1.1 prefix-length 32
admin@Switch3# set protocols static route 2.2.2.2/32 next-hop 100.10.2.2
admin@Switch3# set protocols static route 3.3.3.3/32 next-hop 100.30.3.3

Step 3       Configure VXLAN tunnel.

admin@Switch3# set vxlans source-interface lo address 1.1.1.1
admin@Switch3# set vxlans vni 10010 flood vtep 2.2.2.2
admin@Switch3# set vxlans vni 10030 flood vtep 3.3.3.3

Step 4       Configure VXLAN mapping of VNI to VLAN.

admin@Switch3# set vxlans vni 10010 vlan 100
admin@Switch3# set vxlans vni 10030 vlan 200

Step 5       Commit the configurations.

admin@Switch3# commit

Verify the Configuration

  • You can use the run show vxlan tunnel command to display the VXLAN tunnel information and tunnel state.
admin@Switch1# run show vxlan tunnel
Total number of tunnels: 1

VNI 10030, Encap:service-vlan-delete, Decap:service-vlan-add-replace
  src addr:3.3.3.3, dst addr:1.1.1.1, state:UP
  traffic type:all
  nexthops:100.30.3.4
  output ports:te-1/1/1

admin@Switch2# run show vxlan tunnel
Total number of tunnels: 1

VNI 10010, Encap:service-vlan-delete, Decap:service-vlan-add-replace
  src addr:2.2.2.2, dst addr:1.1.1.1, state:UP
  traffic type:all
  nexthops:100.10.2.1
  output ports:te-1/1/25

admin@Switch3# run show vxlan tunnel
Total number of tunnels: 2

VNI 10010, Encap:service-vlan-delete, Decap:service-vlan-add-replace
  src addr:1.1.1.1, dst addr:2.2.2.2, state:UP
  traffic type:all
  nexthops:100.10.2.2
  output ports:te-1/1/27

VNI 10030, Encap:service-vlan-delete, Decap:service-vlan-add-replace
  src addr:1.1.1.1, dst addr:3.3.3.3, state:UP
  traffic type:all
  nexthops:100.30.3.3
  output ports:te-1/1/23
  • You can use the run show vxlan address-table command to display the VXLAN MAC address table.
admin@Switch1# run show vxlan address-table
VNID           MAC address          Type        Interface          VTEP
-----------    -----------------    -------     ----------------   ---------------
10030          00:00:00:00:22:22    Dynamic     te-1/1/5                          
10030          50:9a:4c:e6:7b:71    Dynamic                        1.1.1.1      
Entries in access port:  1
Entries in network port: 1

admin@Switch2# run show vxlan address-table
VNID           MAC address          Type        Interface          VTEP
-----------    -----------------    -------      ----------------  ---------------
10010          00:00:00:00:44:44    Dynamic     te-1/1/3                        
10010          50:9a:4c:e6:7b:71    Dynamic                        1.1.1.1     
Entries in access port:  1
Entries in network port: 1


admin@Switch3# run show vxlan address-table
VNID           MAC address            Type         Interface            VTEP
-----------    -----------------      -------      ----------------     ---------------
10010          00:00:00:00:44:44      Dynamic                           2.2.2.2     
10030          00:00:00:00:22:22      Dynamic                           3.3.3.3       
Entries in access port:  0
Entries in network port: 2
  • You can use the run show vxlan arp command to display the ARP table on Switch 3.
admin@Switch3# run show vxlan arp
IP-ADDRESS       MAC-ADDRESS  VNI      REMOTE-VTEP    Interface           Status        Age
---------------  -----------------     --------       ---------------     ----------    -------
192.168.10.1     00:00:00:00:44:44     10010          2.2.2.2             Dynamic       0  
192.168.20.1     00:00:00:00:22:22     10030          3.3.3.3             Dynamic       0  

Copyright © 2024 Pica8 Inc. All Rights Reserved.