1、网络拓扑图
2、实验目的
通过OSPFv2的配置令设备leaf1、spine与leaf2相互联通,构建基于IPv4的underlay网络,PC1与PC2属于不同网段且不同VLAN的用户;通过在三台设备上配置VXLAN隧道,实现两台客户端主机跨网段之间的互访,VXLAN网关集中在spine上
3、实验配置
leaf1:
<leaf1>display current-configuration
!Software Version V200R005C10SPC607B607
!Last configuration was updated at 2024-01-11 11:45:14+00:00
!Last configuration was saved at 2024-01-11 12:19:32+00:00
#
sysname leaf1
#
device board 17 board-type CE-MPUB
device board 1 board-type CE-LPUE
#
bridge-domain 10 #创建本地桥接域,把两个域桥接在一起
vxlan vni 1000 #创建VXLAN,其VNI编号为1000
#
aaa
#
authentication-scheme default
#
authorization-scheme default
#
accounting-scheme default
#
domain default
#
domain default_admin
#
interface MEth0/0/0
undo shutdown
#
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.1.1.1 255.255.255.0
#
interface GE1/0/1
undo shutdown
#
interface GE1/0/1.10 mode l2
encapsulation dot1q vid 10
bridge-domain 10
#
interface GE1/0/2
shutdown
#
interface GE1/0/3
shutdown
#
interface GE1/0/4
shutdown
#
interface GE1/0/5
shutdown
#
interface GE1/0/6
shutdown
#
interface GE1/0/7
shutdown
#
interface GE1/0/8
shutdown
#
interface GE1/0/9
shutdown
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface Nve1#创建并进入NVE接口
source 1.1.1.1#指定VTEP接口
vni 1000 head-end peer-list 2.2.2.2 #在VNI 1000下指定对端NVE设备的VTEP地址
#
interface NULL0
#
ospf 100 router-id 1.1.1.1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
#
ssh authorization-type default aaa
#
ssh server cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
ssh server dh-exchange min-len 1024
#
ssh client cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
user-interface con 0
#
vm-manager
#
return
<leaf1>
spine:
<spine>display current-configuration
!Software Version V200R005C10SPC607B607
!Last configuration was updated at 2024-01-11 11:40:22+00:00
!Last configuration was saved at 2024-01-11 12:19:23+00:00
#
sysname spine
#
device board 17 board-type CE-MPUB
device board 1 board-type CE-LPUE
#
bridge-domain 10
vxlan vni 1000
#
bridge-domain 20
vxlan vni 2000
#
aaa
#
authentication-scheme default
#
authorization-scheme default
#
accounting-scheme default
#
domain default
#
domain default_admin
#
interface Vbdif10
ip address 192.168.1.1 255.255.255.0
#
interface Vbdif20
ip address 172.16.1.1 255.255.255.0
#
interface MEth0/0/0
undo shutdown
#
interface GE1/0/0
undo portswitch
undo shutdown
ip address 10.1.1.2 255.255.255.0
#
interface GE1/0/1
undo portswitch
undo shutdown
ip address 20.1.1.1 255.255.255.0
#
interface GE1/0/2
shutdown
#
interface GE1/0/3
shutdown
#
interface GE1/0/4
shutdown
#
interface GE1/0/5
shutdown
#
interface GE1/0/6
shutdown
#
interface GE1/0/7
shutdown
#
interface GE1/0/8
shutdown
#
interface GE1/0/9
shutdown
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
interface Nve1
source 2.2.2.2
vni 1000 head-end peer-list 1.1.1.1
vni 2000 head-end peer-list 3.3.3.3
#
interface NULL0
#
ospf 100 router-id 2.2.2.2
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255
network 20.1.1.0 0.0.0.255
#
ssh authorization-type default aaa
#
ssh server cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
ssh server dh-exchange min-len 1024
#
ssh client cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
user-interface con 0
#
vm-manager
#
return
<spine>
leaf2:
<leaf2>display current-configuration
!Software Version V200R005C10SPC607B607
!Last configuration was updated at 2024-01-11 11:37:19+00:00
!Last configuration was saved at 2024-01-11 12:19:50+00:00
#
sysname leaf2
#
device board 17 board-type CE-MPUB
device board 1 board-type CE-LPUE
#
bridge-domain 20
vxlan vni 2000
#
aaa
#
authentication-scheme default
#
authorization-scheme default
#
accounting-scheme default
#
domain default
#
domain default_admin
#
interface MEth0/0/0
undo shutdown
#
interface GE1/0/0
undo portswitch
undo shutdown
ip address 20.1.1.2 255.255.255.0
#
interface GE1/0/1
undo shutdown
#
interface GE1/0/1.20 mode l2
encapsulation dot1q vid 20
bridge-domain 20
#
interface GE1/0/2
shutdown
#
interface GE1/0/3
shutdown
#
interface GE1/0/4
shutdown
#
interface GE1/0/5
shutdown
#
interface GE1/0/6
shutdown
#
interface GE1/0/7
shutdown
#
interface GE1/0/8
shutdown
#
interface GE1/0/9
shutdown
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
interface Nve1
source 3.3.3.3
vni 2000 head-end peer-list 2.2.2.2
#
interface NULL0
#
ospf 100 router-id 3.3.3.3
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 20.1.1.0 0.0.0.255
#
ssh authorization-type default aaa
#
ssh server cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
ssh server dh-exchange min-len 1024
#
ssh client cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr aes256_
cbc aes128_cbc 3des_cbc
#
user-interface con 0
#
vm-manager
#
return
<leaf2>
4、实验分析
工作原理:
PC1与PC2通信,内层PC1查找网关,外层NVE1隧道,vtep之间通信(vtep1-1.1.1.1与vtep2-2.2.2.2)
以下同理
5、实验结果
两台主机正常通信
标签:cbc,网关,子网,ctr,default,GE1,shutdown,interface,VXLAN From: https://blog.51cto.com/u_13560030/9200023