Configuring a Tunnel Gateway in Your Data Center
Scenarios
This section describes how to configure tunnels on VXLAN tunnel switches in an on-premises data center.
This section provides configuration references for the two networking scenarios in your data center.
Huawei CE6850 series switches are used as an example.
L2CGs are currently available for open beta test in CN East-Shanghai1 and CN South-Guangzhou. You can use this function after obtaining the open beta test permissions.
Procedure
Scenario 1: Layer 2 subnet gateway and VXLAN tunnel on different switches
In the following example, the IP address on the cloud is 192.168.71.199, the tunnel IP address of the VXLAN switch in the on-premises data center is 192.168.22.99, and the tunnel VNI is 5010.
To configure the tunnel gateway of your data center, configure the switch to divert the traffic of the VLAN corresponding to the Layer 2 subnet to the tunnel.
- Log in to the tunnel switch and run the system-view command to switch to the system view.
- Create a Layer 2 sub-interface and use the sub-interface to divert traffic from the VLAN of the specific Layer 2 network to the tunnel. The following commands are for reference.
interface eth-trunk4.1 mode l2
encapsulation dot1q vid 5010
bridge-domain 10
commit
- Run the bridge-domain bd-id command to switch to the bridge domain (BD) view and configure the VXLAN VNI for the BD.
bridge-domain 10
vxlan vni 5010
commit
- Run the quit command to return to the system view.
- Run the loopback command to enter the interface view and configure an IP address for the interface. The following commands are for reference.
interface LoopBack0
ip address 192.168.71.199 255.255.255.255
commit
- Run the interface nve nve-number command to create an NVE interface, switch to the NVE interface view, and configure the IP address (192.168.71.199) for the source VTEP of the VXLAN tunnel.
interface NVE1
source 192.168.71.199
- Run the vni command to configure the switch. The following commands are for reference.
vni 5010 head-end peer-list 192.168.22.99
commit
Scenario 2: Layer 2 subnet gateway and VXLAN tunnel on the same switch
In the following example, the IP address on the cloud is 2.2.2.2, the tunnel IP address of the VXLAN switch in the on-premises data center is 192.168.22.99, and the tunnel VNI is 5010.
To configure the tunnel gateway of your data center, configure the Layer 2 subnet gateway to divert the traffic of the VLAN corresponding to the Layer 2 subnet to the tunnel.
- Log in to the tunnel switch and run the system-view command to switch to the system view.
- Run the interface vbdif bd-id command to create a VBDIF interface, switch to the VBDIF interface view, and configure a gateway.
interface Vbdif20
ip address 10.0.1.1 255.255.255.0
ip address 10.0.2.1 255.255.255.0 sub
- Create a Layer 2 sub-interface and use the sub-interface to divert traffic from the VLAN of the specific Layer 2 network to the tunnel. The following commands are for reference.
encapsulation dot1q vid 100
bridge-domain 10
commit
- Run the bridge-domain bd-id command to switch to the bridge domain (BD) view and configure the VXLAN VNI for the BD.
bridge-domain 10
vxlan vni 5010
commit
- Run the quit command to return to the system view.
- Run the loopback command to enter the interface view and configure an IP address for the interface. The following commands are for reference.
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
commit
- Run the interface nve nve-number command to create an NVE interface, switch to the NVE interface view, and configure the IP address for the source VTEP of the VXLAN tunnel.
interface NVE1
source 2.2.2.2
- Run the vni command to configure the switch. The following commands are for reference.
vni 5010 head-end peer-list 192.168.22.99
commit
Last Article: Deleting a Layer 2 Connection
Next Article: Monitoring
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.