vxlan bridge 1d

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# +--------------------+                               +----------------------+
# | H1 (vrf)           |                               |             H2 (vrf) |
# |    + $h1           |                               |  + $h2               |
# |    | 192.0.2.1/28  |                               |  | 192.0.2.2/28      |
# +----|---------------+                               +--|-------------------+
#      |                                                  |
# +----|--------------------------------------------------|-------------------+
# | SW |                                                  |                   |
# | +--|--------------------------------------------------|-----------------+ |
# | |  + $swp1                   BR1 (802.1d)             + $swp2           | |
# | |                                                                       | |
# | |  + vx1 (vxlan)                                                        | |
# | |    local 192.0.2.17                                                   | |
# | |    remote 192.0.2.34 192.0.2.50                                       | |
# | |    id 1000 dstport $VXPORT                                            | |
# | +-----------------------------------------------------------------------+ |
# |                                                                           |
# |  192.0.2.32/28 via 192.0.2.18                                             |
# |  192.0.2.48/28 via 192.0.2.18                                             |
# |                                                                           |
# |    + $rp1                                                                 |
# |    | 192.0.2.17/28                                                        |
# +----|----------------------------------------------------------------------+
#      |
# +----|--------------------------------------------------------+
# |    |                                             VRP2 (vrf) |
# |    + $rp2                                                   |
# |      192.0.2.18/28                                          |
# |                                                             |   (maybe) HW
# =============================================================================
# |                                                             |  (likely) SW
# |    + v1 (veth)                             + v3 (veth)      |
# |    | 192.0.2.33/28                         | 192.0.2.49/28  |
# +----|---------------------------------------|----------------+
#      |                                       |
# +----|------------------------------+   +----|------------------------------+
# |    + v2 (veth)        NS1 (netns) |   |    + v4 (veth)        NS2 (netns) |
# |      192.0.2.34/28                |   |      192.0.2.50/28                |
# |                                   |   |                                   |
# |   192.0.2.16/28 via 192.0.2.33    |   |   192.0.2.16/28 via 192.0.2.49    |
# |   192.0.2.50/32 via 192.0.2.33    |   |   192.0.2.34/32 via 192.0.2.49    |
# |                                   |   |                                   |
# | +-------------------------------+ |   | +-------------------------------+ |
# | |                  BR2 (802.1d) | |   | |                  BR2 (802.1d) | |
# | |  + vx2 (vxlan)                | |   | |  + vx2 (vxlan)                | |
# | |    local 192.0.2.34           | |   | |    local 192.0.2.50           | |
# | |    remote 192.0.2.17          | |   | |    remote 192.0.2.17          | |
# | |    remote 192.0.2.50          | |   | |    remote 192.0.2.34          | |
# | |    id 1000 dstport $VXPORT    | |   | |    id 1000 dstport $VXPORT    | |
# | |                               | |   | |                               | |
# | |  + w1 (veth)                  | |   | |  + w1 (veth)                  | |
# | +--|----------------------------+ |   | +--|----------------------------+ |
# |    |                              |   |    |                              |
# | +--|----------------------------+ |   | +--|----------------------------+ |
# | |  |                  VW2 (vrf) | |   | |  |                  VW2 (vrf) | |
# | |  + w2 (veth)                  | |   | |  + w2 (veth)                  | |
# | |    192.0.2.3/28               | |   | |    192.0.2.4/28               | |
# | +-------------------------------+ |   | +-------------------------------+ |
# +-----------------------------------+   +-----------------------------------+

搭建环境

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
# vrf
ip -4 rule add pref 32765 table local
ip -4 rule del pref 0

# forwarding enable
sysctl net.ipv4.conf.all.forwarding=1

# h1 create
ip link add dev vlinux_veth0 type vrf table 1
ip -4 route add table 1 unreachable default metric 4278198272
ip link set dev vlinux_veth0 up
ip link set dev linux_veth0 master vlinux_veth0
ip link set dev linux_veth0 up
ip addr add 192.0.2.1/28 dev linux_veth0

# h2 create
ip link add dev vlinux_veth3 type vrf table 2
ip -4 route add table 2 unreachable default metric 4278198272
ip link set dev vlinux_veth3 up
ip link set dev linux_veth3 master vlinux_veth3
ip link set dev linux_veth3 up
ip addr add 192.0.2.2/28 dev linux_veth3

# switch create
ip link add name br1 type bridge vlan_filtering 0 mcast_snooping 0
# Make sure the bridge uses the MAC address of the local port and not
# that of the VxLAN's device.
ip link set dev br1 address $(mac_get $swp1)
ip link set dev br1 up

# rp1 create
ip link set dev linux_veth4 up
ip addr add dev linux_veth4 192.0.2.17/28
ip route add 192.0.2.32/28 nexthop via 192.0.2.18
ip route add 192.0.2.48/28 nexthop via 192.0.2.18

ip link add name vx1 type vxlan id 1000 local 192.0.2.17 dstport 4789 nolearning noudpcsum tos inherit ttl 100
ip link set dev vx1 up
ip link set dev vx1 master br1

ip link set dev linux_veth1 master br1
ip link set dev linux_veth1 up

ip link set dev linux_veth2 master br1
ip link set dev linux_veth2 up

bridge fdb append dev vx1 00:00:00:00:00:00 dst 192.0.2.34 self
bridge fdb append dev vx1 00:00:00:00:00:00 dst 192.0.2.50 self

ip link add name v1 type veth peer name v2
ip link add name v3 type veth peer name v4

# vrp2 create
ip link add dev vlinux_veth5 type vrf table 3
ip -4 route add table 3 unreachable default metric 4278198272 
ip link set dev vlinux_veth5 up
ip link set dev linux_veth5 master vlinux_veth5
ip link set dev linux_veth5 up
ip addr add 192.0.2.18/28 dev linux_veth5

ip link set dev v1 master vlinux_veth5
ip link set dev v1 up
ip addr add 192.0.2.33/28 dev v1

ip link set dev v3 master vlinux_veth5
ip link set dev v3 up
ip addr add 192.0.2.49/28 dev v3

# ns1 create
ip netns add ns1
ip link set dev v2 netns ns1
ip netns exec ns1 bash
ip link set dev v2 up
ip addr add dev v2 192.0.2.34/28
ip link add name br2 type bridge vlan_filtering 0
ip link set dev br2 up
ip link add name w1 type veth peer name w2
ip link set dev w1 master br2
ip link set dev w1 up
ip link add name vx2 type vxlan id 1000 local 192.0.2.34 dstport 4789        
ip link set dev vx2 up
bridge fdb append dev vx2 00:00:00:00:00:00 dst 192.0.2.17 self
bridge fdb append dev vx2 00:00:00:00:00:00 dst 192.0.2.50 self    
ip link set dev vx2 master br2
ip link add dev vw2 type vrf table 4
ip -4 route add table 4 unreachable default metric 4278198272 
ip link set dev vw2 up
ip link set dev w2 master vw2
ip link set dev w2 up
ip addr add dev w2 192.0.2.3/28
ip route add 192.0.2.16/28 nexthop via 192.0.2.33    
ip route add 192.0.2.50/32 nexthop via 192.0.2.33

# ns2 create
ip netns add ns2
ip link set dev v4 netns ns2
ip netns exec ns2 bash
ip link set dev v4 up
ip addr add dev v4 192.0.2.50/28 
ip link add name br2 type bridge vlan_filtering 0
ip link set dev br2 up
ip link add name w1 type veth peer name w2
ip link set dev w1 master br2
ip link set dev w1 up
ip link add name vx2 type vxlan id 1000 local 192.0.2.50 dstport 4789        
ip link set dev vx2 up
bridge fdb append dev vx2 00:00:00:00:00:00 dst 192.0.2.17 self
bridge fdb append dev vx2 00:00:00:00:00:00 dst 192.0.2.34 self    
ip link set dev vx2 master br2
ip link add dev vw2 type vrf table 5
ip -4 route add table 5 unreachable default metric 4278198272 
ip link set dev vw2 up
ip link set dev w2 master vw2
ip link set dev w2 up
ip addr add 192.0.2.4/24 dev w2
ip route add 192.0.2.16/28 nexthop via 192.0.2.49
ip route add 192.0.2.34/32 nexthop via 192.0.2.49