In Figure 1, an enterprise has VMs deployed in different data centers. VM 1 on Server 1
belongs to VLAN 10, VM 1 on Server 2 belongs to VLAN 20, and VM 1 on Server 3 belongs to VLAN 30. Server 1 and Server 2 reside in different network segments; Server 2 and Server 3 reside in the same network segment. To allow VM1s in different data centers to communicate with each other, configure a Layer 3 VXLAN gateway.
Figure 1 VXLAN with centralized gateways in BGP EVPN mode
Configuration Roadmap The configuration roadmap is as follows:
1. Configure a routing protocol on Device1, Device2, and Device3 to allow them to
communicate at Layer 3.
2. Configure a service access point on Device1 and Device3 to differentiate service
traffic.
3. Configure EVPN as the VXLAN control plane.
4. Configure a BGP EVPN peer relationship.
5. Configure EVPN instances.
6. Configure an ingress replication list.
7. Configure Device2 as a Layer 3 VXLAN gateway.
Data Preparation
The following data is needed to complete the configuration:
VMs' VLAN IDs (10, 20, and 30)
IP addresses of interfaces connecting devices
Interior Gateway Protocol (IGP) running between devices (OSPF in this example)
BD IDs (10 and 20)
VNI IDs (5010 and 5020)
EVPN instances' RDs (11:1, 12:1, 21:1, 23:1, and 31:2) and RTs (1:1 and 2:2)
Precautions
VXLAN-related constraints are described in the procedure. To obtain more constraint
information, see Configuration Notes.
Procedure
1. Configure a routing protocol.
# Configure Device1. Configure the devices to advertise the 32-bit IP addresses of loopback interfaces.
# After OSPF is configured, the devices can use OSPF to learn the IP addresses of each other's loopback interfaces and successfully ping each other. The following example shows the command output on Device1 after it pings Device3:
[~Device1] ping 4.4.4.4
PING 4.4.4.4: 56 data bytes, press CTRL_C to break
Reply from 4.4.4.4: bytes=56 Sequence=1 ttl=253 time=5 ms
Reply from 4.4.4.4: bytes=56 Sequence=2 ttl=253 time=2 ms
Reply from 4.4.4.4: bytes=56 Sequence=3 ttl=253 time=2 ms
Reply from 4.4.4.4: bytes=56 Sequence=4 ttl=253 time=3 ms
Reply from 4.4.4.4: bytes=56 Sequence=5 ttl=253 time=3 ms
--- 4.4.4.4 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 2/3/5 ms
2. Configure the VXLAN tunnel mode and enable the VXLAN ACL extension function. (Perform this step on the CE6870EI/CE6875EI only.)
# Configure Device1. The configurations on Device2 and Device3 are similar to
that on Device1, and are not mentioned here.
[~Device1] ip tunnel mode vxlan
[*Device1] assign forward nvo3 acl extend enable
[*Device1] commit
NOTE:
After modifying the VXLAN tunnel mode or enabling the VXLAN ACL extension function, save the configuration and restart the device to make the configuration take effect. Restart the device immediately or after completing all the configurations.
3. Configure a service access point on Device1 and Device3.
# Configure Device1. Repeat this step for Device3.
[~Device1] bridge-domain 10
[*Device1-bd10] quit
[*Device1] interface 10ge 1/0/2.1 mode l2
[*Device1-10GE1/0/2.1] encapsulation dot1q vid 10
[*Device1-10GE1/0/2.1] bridge-domain 10
[*Device1-10GE1/0/2.1] quit
[*Device1] bridge-domain 20
[*Device1-bd20] quit
[*Device1] interface 10ge 1/0/3.1 mode l2
[*Device1-10GE1/0/3.1] encapsulation dot1q vid 30
[*Device1-10GE1/0/3.1] bridge-domain 20
[*Device1-10GE1/0/3.1] quit [*Device1] commit
4. Configure EVPN as the VXLAN control plane on Device1, Device2, and Device3.
# Configure Device1. Repeat this step for Device2 and Device3.
[~Device1] evpn-overlay enable
[*Device1] commit
5. Configure a BGP EVPN peer relationship.
# Configure Device1. Repeat this step for Device2 and Device3.
8. Configure a service loopback interface on Device2. (You do not need to perform
this step on the CE6855HI/CE6856HI/CE6865EI/CE6870EI/CE6875EI/CE6880EI/CE7855EI.)
9. [~Device2] interface eth-trunk 1
10. [*Device2-Eth-Trunk1] service type tunnel
11. [*Device2-Eth-Trunk1] quit
12. [*Device2] interface 10ge 1/0/4
13. [*Device2-10GE1/0/4] eth-trunk 1
14. [*Device2-10GE1/0/4] quit
15. [*Device2] commit
16. Configure Device2 as a Layer 3 VXLAN gateway.
17. [~Device2] interface vbdif 10
18. [*Device2-Vbdif10] ip address 192.168.10.10 24
19. [*Device2-Vbdif10] quit
20. [*Device2] interface vbdif 20
21. [*Device2-Vbdif20] ip address 192.168.20.10 24
22. [*Device2-Vbdif20] quit
[*Device2] commit
23. Verify the configuration.
After completing the configurations, run the display vxlan tunnel and display vxlan vni commands on Device1, Device2, and Device3 to check the VXLAN tunnel and VNI information, respectively. The VNIs are Up. The following example shows the command output on Device1.
