[HCIE]vxlan --静态隧道
![[HCIE]vxlan --静态隧道_第1张图片](http://img.e-com-net.com/image/info8/64d6e110314241a786777929b17e9122.jpg)
实验目的:1.pc2与pc3互通(二层互通);2.pc1与pc3互通(三层互通)
实验说明:sw1划分vlan10 vlan20 ;sw2划分vlan30;上行接口均配置为Trunk
实验步骤:
1.配置CE1/CE2/CE3环回口互通(配置IGP)
1.1配置接口ip
CE1:
interface GE1/0/0
undo portswitch #打开三层接口
undo shutdown #打开接口(默认关闭)
ip address 12.1.1.1 255.255.255.0
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
CE2:
interface GE1/0/0
undo portswitch
undo shutdown
ip address 12.1.1.2 255.255.255.0
#
interface GE1/0/1
undo portswitch
undo shutdown
ip address 23.1.1.2 255.255.255.0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
CE3:
interface GE1/0/0
undo portswitch
undo shutdown
ip address 23.1.1.3 255.255.255.0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
1.2配置路由协议
CE1:
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 12.1.1.1 0.0.0.0
CE2:
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 12.1.1.2 0.0.0.0
network 23.1.1.2 0.0.0.0
CE3:
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 23.1.1.3 0.0.0.0
1.3测试互通
![[HCIE]vxlan --静态隧道_第2张图片](http://img.e-com-net.com/image/info8/9a49616583174a90b35e2e2fe66921fd.jpg)
2.创建BD,分配VNI
CE1:
bridge-domain 100
vxlan vni 5010
#
bridge-domain 200
vxlan vni 5020
CE3:
bridge-domain 300
vxlan vni 5020
3.打开CE1/CE3 G1/0/1接口 undo shutdown
4.创建子接口,并把vlan接入对应BD
CE1:
interface GE1/0/1.20 mode l2 #创建二层子接口
encapsulation dot1q vid 20 #标记vlan 20
bridge-domain 200 #归属BD200
#
interface GE1/0/1.10 mode l2
encapsulation dot1q vid 10
bridge-domain 100
CE3:
interface GE1/0/1.30 mode l2
encapsulation dot1q vid 30
bridge-domain 300
5.配置NVE接口和头部复制列表,建立vxlan隧道
CE1:
interface Nve1
source 1.1.1.1
vni 5020 head-end peer-list 3.3.3.3
CE3:
interface Nve1
source 3.3.3.3
vni 5020 head-end peer-list 1.1.1.1
6.测试pc2与pc3互通
![[HCIE]vxlan --静态隧道_第3张图片](http://img.e-com-net.com/image/info8/21fceeb72df7435892c065fdf45c960a.jpg)
![[HCIE]vxlan --静态隧道_第4张图片](http://img.e-com-net.com/image/info8/fd2e16996cdf43708e7151683ad2d324.jpg)
7.dis vxlan peer/dis vxlan tunnel/dis vxlan vni 5020(关于vxlan的一些查看命令)
配置实验目标2实现三层互通
CE1:
interface Nve1
source 1.1.1.1
vni 5010 head-end peer-list 2.2.2.2
CE3:
interface Nve1
source 3.3.3.3
vni 5020 head-end peer-list 2.2.2.2
#需要undo vni 5020 head-end peer-list 1.1.1.1(模拟器BUG,真机不需要删)
CE2:
bridge-domain 10
vxlan vni 5010
#
bridge-domain 20
vxlan vni 5020
interface Nve1
source 2.2.2.2
vni 5010 head-end peer-list 1.1.1.1
vni 5020 head-end peer-list 3.3.3.3
#
interface Vbdif10
ip address 192.168.10.254 255.255.255.0
#
interface Vbdif20
ip address 192.168.20.254 255.255.255.0
测试pc1与pc3 互通
![[HCIE]vxlan --静态隧道_第5张图片](http://img.e-com-net.com/image/info8/d66d33f7f2144cb1b98d9634de09ec8a.jpg)