Flood proxy VXLAN configuration example
Network requirements
As shown in Figure 26:
Configure the controller cluster to deploy VXLAN 10 to Switch A, Switch B, and Switch C to provide Layer 2 connectivity for the VMs across the network sites.
Enable flood proxy for VXLAN 10.
Use the MAC address entries issued by the controller to direct traffic forwarding on Switch A, Switch B, and Switch C.
Figure 26: Network diagram
Configuration procedure
Configure IP addresses and unicast routing settings:
# Assign IP addresses to interfaces, as shown in Figure 26. (Details not shown.)
# Configure OSPF on all transport network switches (Switches A through D). (Details not shown.)
Configure Switch A:
# Enable L2VPN.
<SwitchA> system-view [SwitchA] l2vpn enable
# Configure active TCP connection settings.
[SwitchA] ovsdb server tcp ip 10.0.2.15 port 6632
# Enable the OVSDB server.
[SwitchA] ovsdb server enable
# Enable the OVSDB VTEP service.
[SwitchA] vtep enable
# Assign an IP address to Loopback 0.
[SwitchA] interface loopback 0 [SwitchA-LoopBack0] ip address 1.1.1.1 255.255.255.255 [SwitchA-LoopBack0] quit
# Specify the IP address of Loopback 0 as the global source address for VXLAN tunnels.
[SwitchA] tunnel global source-address 1.1.1.1
# Specify site-facing interface Ten-GigabitEthernet 1/0/1 as a VTEP access port.
[SwitchA] interface ten-gigabitethernet 1/0/1 [SwitchA-] vtep access port [SwitchA-Ten-GigabitEthernet1/0/1] quit
# Disable source MAC check on transport-facing interface .
[SwitchA] interface ten-gigabitethernet 1/0/2 [SwitchA-Ten-GigabitEthernet1/0/2] undo mac-address static source-check enable [SwitchA-Ten-GigabitEthernet1/0/2] quit
# Disable remote-MAC address learning.
[SwitchA] vxlan tunnel mac-learning disable
# Enable flood proxy on multicast VXLAN tunnels.
[SwitchA] vxlan tunnel flooding-proxy
Configure Switch B:
# Enable L2VPN.
<SwitchB> system-view [SwitchB] l2vpn enable
# Configure active TCP connection settings.
[SwitchB] ovsdb server tcp ip 10.0.2.15 port 6632
# Enable the OVSDB server.
[SwitchB] ovsdb server enable
# Enable the OVSDB VTEP service.
[SwitchB] vtep enable
# Assign an IP address to Loopback 0.
[SwitchB] interface loopback 0 [SwitchB-LoopBack0] ip address 2.2.2.2 255.255.255.255 [SwitchB-LoopBack0] quit
# Specify the IP address of Loopback 0 as the global source address for VXLAN tunnels.
[SwitchB] tunnel global source-address 2.2.2.2
# Specify site-facing interface Ten-GigabitEthernet 1/0/1 as a VTEP access port.
[SwitchB] interface [SwitchB-Ten-GigabitEthernet1/0/1] vtep access port [SwitchB-Ten-GigabitEthernet1/0/1] quit
# Disable source MAC check on transport-facing interface Ten-GigabitEthernet 1/0/2.
[SwitchB] interface ten-gigabitethernet 1/0/2 [SwitchB-] undo mac-address static source-check enable [SwitchB-Ten-GigabitEthernet1/0/2] quit
# Disable remote-MAC address learning.
[SwitchB] vxlan tunnel mac-learning disable
# Enable flood proxy on multicast VXLAN tunnels.
[SwitchB] vxlan tunnel flooding-proxy
Configure Switch C:
# Enable L2VPN.
<SwitchC> system-view [SwitchC] l2vpn enable
# Configure active TCP connection settings.
[SwitchC] ovsdb server tcp 10.0.2.15 port 6632
# Enable the OVSDB server.
[SwitchC] ovsdb server enable
# Enable the OVSDB VTEP service.
[SwitchC] vtep enable
# Assign an IP address to Loopback 0.
[SwitchC] interface loopback 0 [SwitchC-LoopBack0] ip address 3.3.3.3 255.255.255.255 [SwitchC-LoopBack0] quit
# Specify the IP address of Loopback 0 as the global source address for VXLAN tunnels.
[SwitchC] tunnel global source-address 3.3.3.3
# Specify site-facing interface Ten-GigabitEthernet 1/0/1 as a VTEP access port.
[SwitchC] interface ten-gigabitethernet 1/0/1 [SwitchC-Ten-GigabitEthernet1/0/1] vtep access port [SwitchC-] quit
# Disable source MAC check on transport-facing interface Ten-GigabitEthernet 1/0/2.
[SwitchC] interface ten-gigabitethernet 1/0/2 [SwitchC-Ten-GigabitEthernet1/0/2] undo mac-address static source-check enable [SwitchC-Ten-GigabitEthernet1/0/2] quit
# Disable remote-MAC address learning.
[SwitchC] vxlan tunnel mac-learning disable
# Enable flood proxy on multicast VXLAN tunnels.
[SwitchC] vxlan tunnel flooding-proxy
Configure VXLAN settings on the controller, and configure the flood proxy server. (Details not shown.)
Verifying the configuration
Verify the VXLAN settings on the VTEPs. This example uses Switch A.
# Verify that the VXLAN tunnel interfaces on the VTEP are up.
[SwitchA] display interface tunnel Tunnel1 Current state: UP Line protocol state: UP Description: Tunnel1 Interface Bandwidth: 64 kbps Maximum transmission unit: 1464 Internet protocol processing: disabled Last clearing of counters: Never Tunnel source 1.1.1.1, destination 2.2.2.2 Tunnel protocol/transport UDP_VXLAN/IP Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Input: 0 packets, 0 bytes, 0 drops Output: 0 packets, 0 bytes, 0 drops
# Verify that the VXLAN tunnels have been assigned to the VXLAN, and flood proxy has been enabled on the multicast VXLAN tunnel.
[SwitchA] display l2vpn vsi verbose VSI Name: vpna VSI Index : 0 VSI State : Up MTU : 1500 Bandwidth : Unlimited Broadcast Restrain : Unlimited Multicast Restrain : Unlimited Unknown Unicast Restrain: Unlimited MAC Learning : Enabled MAC Table Limit : - MAC Learning rate : - Drop Unknown : - Flooding : Enabled Statistics : Disabled VXLAN ID : 10 Tunnels: Tunnel Name Link ID State Type Flood proxy Tunnel1 0x5000001 Up Manual Disabled Tunnel2 0x5000002 Up Manual Disabled Tunnel3 0x5000003 Up Manual Enabled ACs: AC Link ID State Type XGE1/0/1 srv2 0 Up Manual
# Verify that the VTEP has obtained the MAC addresses of remote VMs from the controller.
<SwitchA> display l2vpn mac-address MAC Address State VSI Name Link ID/Name Aging cc3e-5f9c-6cdb OVSDB vpna Tunnel1 NotAging cc3e-5f9c-23dc OVSDB vpna Tunnel2 NotAging --- 2 mac address(es) found ---
Verify that VM 1, VM 2, and VM 3 can ping each other. (Details not shown.)