Flood proxy VXLAN configuration example

Network requirements

As shown in Figure 26:

Configuration procedure

  1. Configure IP addresses and unicast routing settings:

    # Assign IP addresses to interfaces, as shown in Figure 26. (Details not shown.)

    # Configure OSPF on all transport network switches (Switches A through D). (Details not shown.)

  2. Configure Switch A:

    # Enable L2VPN.

    <SwitchA> system-view
    [SwitchA] l2vpn enable
    

    # Configure active TCP connection settings.

    [SwitchA] ovsdb server tcp ip 10.0.2.15 port 6632
    

    # Enable the OVSDB server.

    [SwitchA] ovsdb server enable
    

    # Enable the OVSDB VTEP service.

    [SwitchA] vtep enable
    

    # Assign an IP address to Loopback 0.

    [SwitchA] interface loopback 0
    [SwitchA-LoopBack0] ip address 1.1.1.1 255.255.255.255
    [SwitchA-LoopBack0] quit
    

    # Specify the IP address of Loopback 0 as the global source address for VXLAN tunnels.

    [SwitchA] tunnel global source-address 1.1.1.1
    

    # Specify site-facing interface Ten-GigabitEthernet 1/0/1 as a VTEP access port.

    [SwitchA] interface ten-gigabitethernet 1/0/1
    [SwitchA-] vtep access port
    [SwitchA-Ten-GigabitEthernet1/0/1] quit
    

    # Disable source MAC check on transport-facing interface .

    [SwitchA] interface ten-gigabitethernet 1/0/2
    [SwitchA-Ten-GigabitEthernet1/0/2] undo mac-address static source-check enable
    [SwitchA-Ten-GigabitEthernet1/0/2] quit
    

    # Disable remote-MAC address learning.

    [SwitchA] vxlan tunnel mac-learning disable
    

    # Enable flood proxy on multicast VXLAN tunnels.

    [SwitchA] vxlan tunnel flooding-proxy
    
  3. Configure Switch B:

    # Enable L2VPN.

    <SwitchB> system-view
    [SwitchB] l2vpn enable
    

    # Configure active TCP connection settings.

    [SwitchB] ovsdb server tcp ip 10.0.2.15 port 6632
    

    # Enable the OVSDB server.

    [SwitchB] ovsdb server enable
    

    # Enable the OVSDB VTEP service.

    [SwitchB] vtep enable
    

    # Assign an IP address to Loopback 0.

    [SwitchB] interface loopback 0
    [SwitchB-LoopBack0] ip address 2.2.2.2 255.255.255.255
    [SwitchB-LoopBack0] quit
    

    # Specify the IP address of Loopback 0 as the global source address for VXLAN tunnels.

    [SwitchB] tunnel global source-address 2.2.2.2
    

    # Specify site-facing interface Ten-GigabitEthernet 1/0/1 as a VTEP access port.

    [SwitchB] interface 
    [SwitchB-Ten-GigabitEthernet1/0/1] vtep access port
    [SwitchB-Ten-GigabitEthernet1/0/1] quit
    

    # Disable source MAC check on transport-facing interface Ten-GigabitEthernet 1/0/2.

    [SwitchB] interface ten-gigabitethernet 1/0/2
    [SwitchB-] undo mac-address static source-check enable
    [SwitchB-Ten-GigabitEthernet1/0/2] quit
    

    # Disable remote-MAC address learning.

    [SwitchB] vxlan tunnel mac-learning disable
    

    # Enable flood proxy on multicast VXLAN tunnels.

    [SwitchB] vxlan tunnel flooding-proxy
    
  4. Configure Switch C:

    # Enable L2VPN.

    <SwitchC> system-view
    [SwitchC] l2vpn enable
    

    # Configure active TCP connection settings.

    [SwitchC] ovsdb server tcp 10.0.2.15 port 6632
    

    # Enable the OVSDB server.

    [SwitchC] ovsdb server enable
    

    # Enable the OVSDB VTEP service.

    [SwitchC] vtep enable
    

    # Assign an IP address to Loopback 0.

    [SwitchC] interface loopback 0
    [SwitchC-LoopBack0] ip address 3.3.3.3 255.255.255.255
    [SwitchC-LoopBack0] quit
    

    # Specify the IP address of Loopback 0 as the global source address for VXLAN tunnels.

    [SwitchC] tunnel global source-address 3.3.3.3
    

    # Specify site-facing interface Ten-GigabitEthernet 1/0/1 as a VTEP access port.

    [SwitchC] interface ten-gigabitethernet 1/0/1
    [SwitchC-Ten-GigabitEthernet1/0/1] vtep access port
    [SwitchC-] quit
    

    # Disable source MAC check on transport-facing interface Ten-GigabitEthernet 1/0/2.

    [SwitchC] interface ten-gigabitethernet 1/0/2
    [SwitchC-Ten-GigabitEthernet1/0/2] undo mac-address static source-check enable
    [SwitchC-Ten-GigabitEthernet1/0/2] quit
    

    # Disable remote-MAC address learning.

    [SwitchC] vxlan tunnel mac-learning disable
    

    # Enable flood proxy on multicast VXLAN tunnels.

    [SwitchC] vxlan tunnel flooding-proxy
    
  5. Configure VXLAN settings on the controller, and configure the flood proxy server. (Details not shown.)

Verifying the configuration

  1. Verify the VXLAN settings on the VTEPs. This example uses Switch A.

    # Verify that the VXLAN tunnel interfaces on the VTEP are up.

    [SwitchA] display interface tunnel
    Tunnel1
    Current state: UP
    Line protocol state: UP
    Description: Tunnel1 Interface
    Bandwidth: 64 kbps
    Maximum transmission unit: 1464
    Internet protocol processing: disabled
    Last clearing of counters: Never
    Tunnel source 1.1.1.1, destination 2.2.2.2
    Tunnel protocol/transport UDP_VXLAN/IP
    Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
    Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
    Input: 0 packets, 0 bytes, 0 drops
    Output: 0 packets, 0 bytes, 0 drops
    

    # Verify that the VXLAN tunnels have been assigned to the VXLAN, and flood proxy has been enabled on the multicast VXLAN tunnel.

    [SwitchA] display l2vpn vsi verbose
    VSI Name: vpna
      VSI Index               : 0
      VSI State               : Up
      MTU                     : 1500
      Bandwidth               : Unlimited
      Broadcast Restrain      : Unlimited
      Multicast Restrain      : Unlimited
      Unknown Unicast Restrain: Unlimited
      MAC Learning            : Enabled
      MAC Table Limit         : -
      MAC Learning rate       : -
      Drop Unknown            : -
      Flooding                : Enabled
      Statistics              : Disabled
      VXLAN ID                : 10
      Tunnels:
        Tunnel Name          Link ID    State  Type        Flood proxy
        Tunnel1              0x5000001  Up     Manual      Disabled
        Tunnel2              0x5000002  Up     Manual      Disabled
        Tunnel3              0x5000003  Up     Manual      Enabled
      ACs:
        AC                               Link ID    State    Type
        XGE1/0/1 srv2                    0          Up       Manual
    

    # Verify that the VTEP has obtained the MAC addresses of remote VMs from the controller.

    <SwitchA> display l2vpn mac-address
    MAC Address      State    VSI Name                        Link ID/Name  Aging
    cc3e-5f9c-6cdb   OVSDB    vpna                            Tunnel1       NotAging
    cc3e-5f9c-23dc   OVSDB    vpna                            Tunnel2       NotAging
    --- 2 mac address(es) found  ---
    
  2. Verify that VM 1, VM 2, and VM 3 can ping each other. (Details not shown.)