Configuring a DCI Scenario with VXLAN EVPN L3VPN Accessing Common L3VPN

The DCI scenario with VXLAN EVPN L3VPN accessing common L3VPN uses different cloud management platforms, and VXLAN tunnels are used to access the DCI backbone network.

Context

Gateways and DCI-PEs are separately deployed. EVPN is used as a control plane protocol to dynamically establish VXLAN tunnels. A DCI-PE runs EVPN to learn a VM's IP route information from a DC and uses VPNv4/VPNv6 to send received host IP routes to the peer DCI-PE, and packets of VM hosts can be forwarded at Layer 3.

In Figure 1, DC gateways GW1 and GW2 connect to the DCI backbone network. To allow inter-DC VM communication, BGP/MPLS IPv4/IPv6 VPN functions are deployed on the DCI backbone network. In addition, EVPN and VXLAN tunnels are deployed between the gateways and DCI-PEs to transmit VM host routes, so that VMs in different DCs can communicate with each other.

Figure 1 DCI scenario with VXLAN EVPN L3VPN accessing common L3VPN

Procedure

  1. Configure a VXLAN tunnel between each DCI-PE and the corresponding gateway. For configuration details, see Configuring VXLAN.
  2. Configure basic L3VPN functions on the DCI backbone network. For configuration details, see Configuring a Basic BGP/MPLS IP VPN or Configuring a Basic BGP/MPLS IPv6 VPN.
  3. Configure DCI-PEs to send the routes that are re-originated in the EVPN address family to a VPNv4/VPNv6 peer.
    1. Run bgp { as-number-plain | as-number-dot }

      The BGP view is displayed.

    2. Run l2vpn-family evpn

      The BGP-EVPN address family view is displayed.

    3. Run peer { ipv4-address | group-name } import reoriginate

      The function to add the re-origination flag to routes received from BGP EVPN peers is enabled.

    4. Run quit

      Return to the BGP view.

    5. Run ipv4-family vpnv4 or ipv6-family vpnv6

      The BGP-VPNv4/VPNv6 address family view is displayed.

    6. Run peer { ipv4-address | group-name } advertise route-reoriginated evpn { mac-ip | ip | mac-ipv6 | ipv6 }

      The device is configured to send routes re-originated in the EVPN address family to a VPNv4/VPNv6 peer.

      After the peer { ipv4-address | group-name } advertise route-reoriginated evpn { mac-ip | ip | mac-ipv6 | ipv6 } command is run and EVPN routes that are received from the DC side and carry the VXLAN encapsulation attribute are re-originated on the DCI-PE, the DCI-PE advertises VPNv4/VPNv6 routes that carry the MPLS encapsulation attribute to the VPNv4/VPNv6 peer on the DCI backbone network.

  4. Configure the DCI-PE to send the routes that are re-originated in the VPNv4/VPNv6 address family to a BGP EVPN peer.
    1. Run bgp as-number

      The BGP view is displayed.

    2. Run ipv4-family vpnv4 or ipv6-family vpnv6

      The BGP-VPNv4/VPNv6 address family view is displayed.

    3. Run peer { ipv4-address | group-name } import reoriginate

      The function to add the re-origination flag to routes received from VPNv4/VPNv6 peers is enabled.

    4. Run quit

      Return to the BGP view.

    5. Run l2vpn-family evpn

      The BGP-EVPN address family view is displayed.

    6. Run peer { ipv4-address | group-name } advertise route-reoriginated { vpnv4 | vpnv6 }

      The device is configured to advertise the routes that are re-originated in the VPNv4/VPNv6 address family to a BGP EVPN peer.

      After the peer { ipv4-address | group-name } advertise route-reoriginated { vpnv4 | vpnv6 } command is run and VPNv4/VPNv6 routes that are received from the DCI backbone network and carry the MPLS encapsulation attribute are re-originated on the DCI-PE, the DCI-PE advertises EVPN routes that carry the VXLAN encapsulation attribute to the BGP EVPN peer on the DC side.

    7. Run peer { ipv4-address | group-name } advertise encap-type vxlan

      EVPN routes that carry the VXLAN encapsulation attribute are sent to the EVPN peer on the DC side.

    8. Run quit

      Exit the BGP-EVPN address family view.

    9. Run quit

      Exit the BGP view.

  5. (Optional) Configure AC access to the DCI backbone network on the DCI-PE. This enables flexible device deployment on the network.
    1. Run evpn

      The EVPN global configuration view is displayed.

    2. Run dci local-route advertise-to-mpls

      The function to advertise local routes carrying the VXLAN attribute based on the encapsulation type on the peer end is enabled.

    3. Run advertise vxlan-tunnel mac

      The function to advertise MAC routes learned from the static VXLAN side based on the encapsulation type on the peer end is enabled.

    4. Run quit

      Exit the EVPN global configuration view.

    5. Run bridge-domain bd-id

      The view of the BD to be bound to an EVPN instance is displayed.

    6. Run vxlan vni vni-id split-horizon-mode

      A VNI is created and bound to a BD, and split horizon is configured for packet forwarding.

    7. Run evpn binding vpn-instance vpn-instance-name [ bd-tag bd-tag ]

      The BD is bound to an EVPN instance. By specifying different bd-tag values, you can bind multiple BDs with different VLANs to the same EVPN instance and isolate services in these BDs.

    8. Run evpn-dci support ac-access

      AC access is configured on the stitching node.

    9. Run quit

      Exit the BD view.

  6. Run commit

    The configuration is committed.

Parent Topic: Configuring DCI Functions
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >