Example for Configuring VXLAN for Different Subnets
Networking Requirements
Figure 1Â VXLAN Networking Topology with Centralized Gateway Deployment
As shown in Figure 1, in the centralized gateway scenario, an enterprise has its own servers in different data centers, Server 1 belongs to VLAN 200, Server 2 belongs to VLAN 100 and Server 3 belongs to VLAN 300. Server 1, Server 2 and Server 3 are located in different network segments. Cross-subnet packet forwarding needs to be implemented through a centralized Layer 3 gateway.
Configure different servers on different network segments to communicate with each other through a VXLAN centralized Layer 3 gateway by the following roadmap:
- Â Configure static routes on Switch 1, Switch 2, and Switch 3 respectively to ensure network connectivity at the underlay network.
- Â Configure VXLAN access network on Switch 1, Switch 2 and Switch 3 respectively to differentiate service flow.
- Â Configure VXLAN tunnels on Switch 1, Switch 2 and Switch 3 respectively to forward service flow.
- Â To enable users of different network segments to communicate with each other, configure VXLAN Layer 3 gateway on Switch 3. The following steps include how to configure VXLAN Layer 3 gateway:
      a) Configure VXLAN mapping of VNI to VLAN:
         set vxlans vni <vni_id> vlan <vlan_id>
      b) Configure L3 VLAN interface:
     set vlans vlan-id <vlan_id> l3-interface <interface_name>
   c) Configure the IP the L3 VLAN interface:
     set l3-interface vlan-interface <interface_name> address <IP_address> prefix-length <prefix_length>
Procedure
This section describes the steps of configuring VXLAN for different subnets on Switch1, Switch2 and Switch3.
Switch1
Step 1Â Â Â Â Configure the VLANs.
admin@Switch1# set vlans vlan-id 200 admin@Switch1# set vlans vlan-id 3073 admin@Switch1# set vlans vlan-id 3073 l3-interface vlan3073 admin@Switch1# set l3-interface vlan-interface vlan3073 address 100.30.3.3 prefix-length 24 admin@Switch1# set interface gigabit-ethernet te-1/1/1 family ethernet-switching native-vlan-id 3073 admin@Switch1# set interface gigabit-ethernet te-1/1/5 family ethernet-switching port-mode trunk admin@Switch1# set interface gigabit-ethernet te-1/1/5 family ethernet-switching vlan members 200
Step 2Â Â Â Â Enable IP routing and configure the route.
admin@Switch1# set ip routing enable true admin@Switch1# set l3-interface loopback lo address 3.3.3.3 prefix-length 32 admin@Switch1# set protocols static route 1.1.1.1/32 next-hop 100.30.3.4
Step 3Â Â Â Â Configure VXLAN tunnel.
admin@Switch1# set vxlans source-interface lo address 3.3.3.3 admin@Switch1# set vxlans vni 10030 vlan 200 admin@Switch1# set vxlans vni 10030 flood vtep 1.1.1.1
Step 4Â Â Â Â Commit the configurations.
admin@Switch1# commit
Switch2
Step 1Â Â Â Â Configure the VLANs.
admin@Switch2# set vlans vlan-id 100 admin@Switch2# set vlans vlan-id 4094 admin@Switch2# set vlans vlan-id 4094 l3-interface vlan4094 admin@Switch2# set l3-interface vlan-interface vlan4094 address 100.10.2.2 prefix-length 24 admin@Switch2# set interface gigabit-ethernet te-1/1/25 family ethernet-switching native-vlan-id 4094 admin@Switch2# set interface gigabit-ethernet te-1/1/3 family ethernet-switching port-mode trunk admin@Switch2# set interface gigabit-ethernet te-1/1/3 family ethernet-switching vlan members 100
Step 2Â Â Â Â Enable IP routing and configure the route.
admin@Switch2# set ip routing enable true admin@Switch2# set l3-interface loopback lo address 2.2.2.2 prefix-length 32 admin@Switch2# set protocols static route 1.1.1.1/32 next-hop 100.10.2.1
Step 3Â Â Â Â Configure VXLAN tunnel.
admin@Switch2# set vxlans source-interface lo address 2.2.2.2 admin@Switch2# set vxlans vni 10010 vlan 100 admin@Switch2# set vxlans vni 10010 flood vtep 1.1.1.1
Step 4Â Â Â Â Commit the configurations.
admin@Switch2# commit
Switch3
Step 1Â Â Â Â Configure the VLANs.
admin@Switch3# set vlans vlan-id 100 l3-interface vlan100 admin@Switch3# set vlans vlan-id 200 l3-interface vlan200 admin@Switch3# set vlans vlan-id 300 l3-interface vlan300 admin@Switch3# set vlans vlan-id 3073 l3-interface vlan3073 admin@Switch3# set vlans vlan-id 4094 l3-interface vlan4094 admin@Switch3# set l3-interface vlan-interface vlan100 address 192.168.10.254 prefix-length 24 admin@Switch3# set l3-interface vlan-interface vlan200 address 192.168.20.254 prefix-length 24 admin@Switch3# set l3-interface vlan-interface vlan300 address 192.168.30.254 prefix-length 24 admin@Switch3# set l3-interface vlan-interface vlan3073 address 100.30.3.4 prefix-length 24 admin@Switch3# set l3-interface vlan-interface vlan4094 address 100.10.2.1 prefix-length 24 admin@Switch3# set interface gigabit-ethernet te-1/1/2 family ethernet-switching native-vlan-id 300 admin@Switch3# set interface gigabit-ethernet te-1/1/2 family ethernet-switching port-mode trunk admin@Switch3# set interface gigabit-ethernet te-1/1/23 family ethernet-switching native-vlan-id 3073 admin@Switch3# set interface gigabit-ethernet te-1/1/27 family ethernet-switching native-vlan-id 4094
Step 2Â Â Â Â Enable IP routing and configure the route.
admin@Switch3# set ip routing enable true admin@Switch3# set l3-interface loopback lo address 1.1.1.1 prefix-length 32 admin@Switch3# set protocols static route 2.2.2.2/32 next-hop 100.10.2.2 admin@Switch3# set protocols static route 3.3.3.3/32 next-hop 100.30.3.3
Step 3Â Â Â Â Configure VXLAN tunnel.
admin@Switch3# set vxlans source-interface lo address 1.1.1.1 admin@Switch3# set vxlans vni 10010 flood vtep 2.2.2.2 admin@Switch3# set vxlans vni 10030 flood vtep 3.3.3.3
Step 4Â Â Â Â Configure VXLAN mapping of VNI to VLAN.
admin@Switch3# set vxlans vni 10010 vlan 100 admin@Switch3# set vxlans vni 10030 vlan 200
Step 5Â Â Â Â Commit the configurations.
admin@Switch3# commit
Verify the Configuration
- You can use the run show vxlan tunnel command to display the VXLAN tunnel information and tunnel state.
admin@Switch1# run show vxlan tunnel Total number of tunnels: 1 VNI 10030, Encap:service-vlan-delete, Decap:service-vlan-add-replace  src addr:3.3.3.3, dst addr:1.1.1.1, state:UP  traffic type:all  nexthops:100.30.3.4  output ports:te-1/1/1 admin@Switch2# run show vxlan tunnel Total number of tunnels: 1 VNI 10010, Encap:service-vlan-delete, Decap:service-vlan-add-replace  src addr:2.2.2.2, dst addr:1.1.1.1, state:UP  traffic type:all  nexthops:100.10.2.1  output ports:te-1/1/25 admin@Switch3# run show vxlan tunnel Total number of tunnels: 2 VNI 10010, Encap:service-vlan-delete, Decap:service-vlan-add-replace  src addr:1.1.1.1, dst addr:2.2.2.2, state:UP  traffic type:all  nexthops:100.10.2.2  output ports:te-1/1/27 VNI 10030, Encap:service-vlan-delete, Decap:service-vlan-add-replace  src addr:1.1.1.1, dst addr:3.3.3.3, state:UP  traffic type:all  nexthops:100.30.3.3  output ports:te-1/1/23
- You can use the run show vxlan address-table command to display the VXLAN MAC address table.
admin@Switch1# run show vxlan address-table VNID          MAC address     Type      Interface         VTEP -----------    -----------------    -------    ----------------   --------------- 10030         00:00:00:00:22:22   Dynamic   te-1/1/5                          10030         50:9a:4c:e6:7b:71   Dynamic                    1.1.1.1      Entries in access port: 1 Entries in network port: 1 admin@Switch2# run show vxlan address-table VNID          MAC address     Type      Interface         VTEP -----------   -----------------   -------     ----------------  --------------- 10010         00:00:00:00:44:44   Dynamic   te-1/1/3                        10010         50:9a:4c:e6:7b:71   Dynamic                    1.1.1.1     Entries in access port: 1 Entries in network port: 1 admin@Switch3# run show vxlan address-table VNID          MAC address      Type      Interface           VTEP -----------   -----------------     -------     ----------------    --------------- 10010         00:00:00:00:44:44   Dynamic                       2.2.2.2     10030         00:00:00:00:22:22   Dynamic                       3.3.3.3       Entries in access port: 0 Entries in network port: 2
- You can use the run show vxlan arp command to display the ARP table on Switch 3.
admin@Switch3# run show vxlan arp IP-ADDRESS   MAC-ADDRESS VNI   Status  Age Interface REMOTE-VTEP ---------------  -----------------    -------- --------- ---------- ----------- ----------- 192.168.10.1    00:00:00:00:44:44 10010    Dynamic 0 2.2.2.2               192.168.20.1    00:00:00:00:22:22 10030    Dynamic 0 3.3.3.3             Â
Copyright © 2024 Pica8 Inc. All Rights Reserved.