6. 分布式l3 vxlan

Yefimov
43 阅读2分钟

1. 拓扑图

本实验基于典型的 Leaf–Spine 架构,构建一个 分布式 VXLAN 网络,并在 Leaf 侧部署 分布式三层网关(Distributed Gateway / Anycast Gateway) ,通过 Border 节点实现 VXLAN 网络与外部 Internet 的互通。

整体目标包括:

  • Leaf1 / Leaf2 作为 VTEP,承载业务接入
  • Spine3 仅负责 Underlay 转发,不参与 VXLAN
  • Border4 既是 VTEP,又是三层出口
  • VXLAN 内部支持跨 VNI 三层互通
  • 业务流量在 Leaf 本地完成三层转发,出口流量经 Border 转发至 Internet image.png

2. 步骤

2.1 Leaf1 & Leaf2

#
ospf 1 router-id 1.1.1.1
 area 0.0.0.0
  network 1.1.1.1 0.0.0.0
  network 100.1.1.0 0.0.0.255
#
 l2vpn enable
#
vsi vxlan10
 gateway vsi-interface 10
 vxlan 10
  tunnel 0
  tunnel 1     
#              
vsi vxlan20    
 gateway vsi-interface 20
 vxlan 20      
  tunnel 0     
  tunnel 1                  
#              
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255
#              
interface GigabitEthernet0/0
 port link-mode route
 combo enable copper
 ip address 100.1.1.1 255.255.255.0
#              
interface GigabitEthernet0/1
 port link-mode route
 combo enable copper
 xconnect vsi vxlan10
#              
interface GigabitEthernet0/2
 port link-mode route
 combo enable copper
 xconnect vsi vxlan20
#
interface Vsi-interface10
 ip address 10.1.1.254 255.255.255.0
 mac-address 0001-0001-0001
 local-proxy-arp enable  
 distributed-gateway local
#              
interface Vsi-interface20
 ip address 10.1.2.254 255.255.255.0
 mac-address 0002-0002-0002
 local-proxy-arp enable  
 distributed-gateway local
#              
interface Tunnel0 mode vxlan
 source 1.1.1.1
 destination 2.2.2.2
#              
interface Tunnel1 mode vxlan
 source 1.1.1.1
 destination 4.4.4.4            
#              
 ip route-static 0.0.0.0 0 10.1.1.253
 ip route-static 0.0.0.0 0 10.1.2.253
#              
 arp distributed-gateway dynamic-entry synchronize
#

2.2 Border4

#
ospf 1 router-id 4.4.4.4
 area 0.0.0.0
  network 4.4.4.4 0.0.0.0
  network 100.3.3.0 0.0.0.255
#
#
 l2vpn enable
#
vsi vxlan10
 gateway vsi-interface 10
 vxlan 10
  tunnel 0
  tunnel 1     
#              
vsi vxlan20    
 gateway vsi-interface 20
 vxlan 20      
  tunnel 0     
  tunnel 1     
#    
interface LoopBack0
 ip address 4.4.4.4 255.255.255.255
#              
interface GigabitEthernet0/0
 port link-mode route
 combo enable copper
 ip address 100.3.3.4 255.255.255.0
#              
interface GigabitEthernet0/1
 port link-mode route
 combo enable copper
 ip address 100.4.4.4 255.255.255.0
#              
interface Vsi-interface10
 ip address 10.1.1.253 255.255.255.0
#              
interface Vsi-interface20
 ip address 10.1.2.253 255.255.255.0
#              
interface Tunnel0 mode vxlan
 source 4.4.4.4
 destination 1.1.1.1
#              
interface Tunnel1 mode vxlan
 source 4.4.4.4
 destination 2.2.2.2
# 
ip route-static 0.0.0.0 0 100.4.4.5
#

2.3 Spine3

#
ospf 1 router-id 3.3.3.3
 area 0.0.0.0
  network 3.3.3.3 0.0.0.0
  network 100.1.1.0 0.0.0.255
  network 100.2.2.0 0.0.0.255
  network 100.3.3.0 0.0.0.255
#              
interface LoopBack0
 ip address 3.3.3.3 255.255.255.255
#              
interface GigabitEthernet0/0
 port link-mode route
 combo enable copper
 ip address 100.1.1.3 255.255.255.0
#              
interface GigabitEthernet0/1
 port link-mode route
 combo enable copper
 ip address 100.2.2.3 255.255.255.0
#              
interface GigabitEthernet0/2
 port link-mode route
 combo enable copper
 ip address 100.3.3.3 255.255.255.0
#

2.4 Internet5

#
interface LoopBack0
 ip address 200.1.1.1 255.255.255.255
#              
interface GigabitEthernet0/0
 port link-mode route
 combo enable copper
 ip address 100.4.4.5 255.255.255.0
#         
 ip route-static 0.0.0.0 0 100.4.4.4
#

3. 实验结果

3.1 Leaf

image.png

3.2 PC_1

image.png

avatar
文章
阅读
粉丝