玩转华为数据中心交换机系列 | 配置基于VLAN的VLAN Mapping（2 to 2）

Posted 2022-05-02 COCOgsta

素材来源：华为数据中心交换机配置指南

一边学习一边整理试验笔记，并与大家分享，侵权即删，谢谢支持！

附上汇总贴：玩转华为数据中心交换机系列 | 汇总_COCOgsta的博客-CSDN博客

---

组网需求

如图1所示，某数据中心的两个分支布局在不同的地理位置，分支1和分支2位于相同的网段。为了可以规划自己的私网VLAN ID，采用了QinQ方式传输，即Switch2发往ISP网络的报文带有两层Tag。但是由于这两层VLAN ID与ISP网络提供的VLAN Tag不一致，分支报文无法通过ISP网络，从而导致分支无法正常通信，现需要实现分支1和分支2互通。

配置思路

采用如下的思路配置2 to 2的VLAN Mapping：

1. 将连接分支1的Swith1的下行接口划分到VLAN10，将连接分支2的Swith6的下行接口划分到VLAN30。
2. 在Switch2和Switch5上配置QinQ，使发往ISP网络的报文带有两层Tag。
3. 在ISP网络的边缘设备Switch3、Switch4上部署2 to 2的VLAN Mapping功能，将报文的内、外层VLAN ID映射为ISP允许通过的VLAN ID，实现分支的业务互通。

操作步骤

1. 将Switch1、Switch6的下行口划分到指定VLAN，上行口允许VLAN通过

# 配置Switch1。

<HUAWEI> system-view
[~HUAWEI] sysname Switch1
[*HUAWEI] commit
[~Switch1] vlan 10
[*Switch1-vlan10] quit
[*Switch1] interface 10ge 1/0/1
[*Switch1-10GE1/0/1] port default vlan 10
[*Switch1-10GE1/0/1] quit
[*Switch1] interface 10ge 1/0/2
[*Switch1-10GE1/0/2] port link-type trunk
[*Switch1-10GE1/0/2] port trunk allow-pass vlan 10
[*Switch1-10GE1/0/2] quit
[*Switch1] commit

# 配置Switch6。

<HUAWEI> system-view
[~HUAWEI] sysname Switch6
[*HUAWEI] commit
[~Switch6] vlan 30
[*Switch6-vlan30] quit
[*Switch6] interface 10ge 1/0/1
[*Switch6-10GE1/0/1] port default vlan 30
[*Switch6-10GE1/0/1] quit
[*Switch6] interface 10ge 1/0/2
[*Switch6-10GE1/0/2] port link-type trunk
[*Switch6-10GE1/0/2] port trunk allow-pass vlan 30
[*Switch6-10GE1/0/2] quit
[*Switch6] commit

1. 在Switch2和Switch5上配置QinQ，使发往ISP网络的报文带有两层Tag

# 在Switch2上配置接口10GE1/0/1的类型为QinQ，10GE1/0/1的外层Tag为VLAN20。

<HUAWEI> system-view
[~HUAWEI] sysname Switch2
[*HUAWEI] commit
[~Switch2] vlan 20
[*Switch2-vlan20] quit
[*Switch2] interface 10ge 1/0/1
[*Switch2-10GE1/0/1] port link-type dot1q-tunnel
[*Switch2-10GE1/0/1] port default vlan 20
[*Switch2-10GE1/0/1] quit
[*Switch2] interface 10ge 1/0/2
[*Switch2-10GE1/0/2] port link-type trunk
[*Switch2-10GE1/0/2] port trunk allow-pass vlan 20
[*Switch2-10GE1/0/2] quit
[*Switch2] commit

# 在Switch5上配置接口10GE1/0/1的类型为QinQ，10GE1/0/1的外层Tag为VLAN40。

<HUAWEI> system-view
[~HUAWEI] sysname Switch5
[*HUAWEI] commit
[~Switch5] vlan 40
[*Switch5-vlan40] quit
[*Switch5] interface 10ge 1/0/1
[*Switch5-10GE1/0/1] port link-type dot1q-tunnel
[*Switch5-10GE1/0/1] port default vlan 40
[*Switch5-10GE1/0/1] quit
[*Switch5] interface 10ge 1/0/2
[*Switch5-10GE1/0/2] port link-type trunk
[*Switch5-10GE1/0/2] port trunk allow-pass vlan 40
[*Switch5-10GE1/0/2] quit
[*Switch5] commit

1. 在Switch3和Switch4上配置VLAN Mapping

# 配置Switch3。

<HUAWEI> system-view
[~HUAWEI] sysname Switch3
[*HUAWEI] commit
[~Switch3] vlan batch 50
[*Switch3] interface 10ge 1/0/1
[*Switch3-10GE1/0/1] port link-type trunk
[*Switch3-10GE1/0/1] port trunk allow-pass vlan 50
[*Switch3-10GE1/0/1] port vlan-mapping vlan 20 inner-vlan 10 map-vlan 50 map-inner-vlan 60
[*Switch3-10GE1/0/1] quit
[*Switch3] interface 10ge 1/0/2
[*Switch3-10GE1/0/2] port link-type trunk
[*Switch3-10GE1/0/2] port trunk allow-pass vlan 50
[*Switch3-10GE1/0/2] quit
[*Switch3] commit

# 配置Switch4。

<HUAWEI> system-view
[~HUAWEI] sysname Switch4
[*HUAWEI] commit
[~Switch4] vlan batch 50
[*Switch4] interface 10ge 1/0/1
[*Switch4-10GE1/0/1] port link-type trunk
[*Switch4-10GE1/0/1] port trunk allow-pass vlan 50
[*Switch4-10GE1/0/1] port vlan-mapping vlan 40 inner-vlan 30 map-vlan 50 map-inner-vlan 60
[*Switch4-10GE1/0/1] quit
[*Switch4] interface 10ge 1/0/2
[*Switch4-10GE1/0/2] port link-type trunk
[*Switch4-10GE1/0/2] port trunk allow-pass vlan 50
[*Switch4-10GE1/0/2] quit
[*Switch4] commit

1. 验证配置结果

将分支1的Server1和分支2的Server2配置在同一个网段，比如配置分支1的Server1的IP地址为172.16.0.5/16，配置分支2的Server2的IP地址为172.16.0.6/16，分支1和分支2可以互通。以分支1的Server1 ping分支2的Server2的显示为例。

<Server1> ping 172.16.0.6
Pinging 172.16.0.6 with 32 bytes of data:
Reply from 172.16.0.6: bytes=32 time<1ms TTL=128
Reply from 172.16.0.6: bytes=32 time<1ms TTL=128
Reply from 172.16.0.6: bytes=32 time<1ms TTL=128
Reply from 172.16.0.6: bytes=32 time<1ms TTL=128

Ping statistics for 172.16.0.6:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms