Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Configure Virtual Networks for Multi-tenant Service Operations

 

This section shows how to configure Layer 2 and Layer 3 multi-tenant network services on two virtual networks, blue and green as shown in Figure 1.

This is a typical day one operation that provides virtual network connectivity that isolates traffic between the virtual networks while allowing bridged or routed connectivity for devices in the same virtual network.

To create the Green and Blue networks in Contrail Command, we will configure the following:

  • Four virtual networks, two Green and two Blue

  • Four VPGs to add the access interfaces to the servers

  • Two Logical Routers (LRs) for inter-VN communication, one for the Green virtual network and one for the Blue virtual network

Figure 1: Green and Blue Virtual Networks
Green and Blue Virtual
Networks

At this point we do not have communication between the green and blue networks. LRs cannot connect to other LRs. For inter-LR, or inter-tenant communication, you need to connect the LRs using service chaining. See Configure Service Chaining With PNF.

Create Virtual Networks

A virtual network in the Contrail environment allows hosts in the same network to communicate with each other. This is similar to assigning a VLAN to each host so that hosts on the same VLAN can reach each other.

In this section, we will create four virtual networks, two for the green network and two for the blue virtual network.

To configure a virtual network:

  1. Navigate to Overlay > Virtual Networks and click Create.

    Table 1: Field Descriptions for Virtual Networks

    Field

    Description

    Name

    Name of the virtual network.

    Allocation Mode

    Method used to create the virtual network.

    VXLAN Network Identifier

    VNI number. The default setting is automatically generated.

    Subnet Fields

    Use this area to identify and manage subnets for the virtual network. You can add multiple subnets to a virtual network.

    Network IPAM

    IP address management method for the subnet.

    CIDR

    IP subnet you plan to use for this switching domain.

    Gateway

    Address of gateway used for this switching domain

  2. Fill in the following fields to define four virtual networks. By default Contrail Networking uses the first available host ID in the subnet for that subnet’s default gateway. As a result it’s good practice to avoiding assigning host ID 1 to VMs or BMSs.

    Name:

    Allocation Mode

    Subnets

    Network IPAM

    CIDR

    Gateway

    Green-1

    Default setting of “User defined subnet only”

    Default-domain:default-project:default

    10.2.1.0/24

    10.2.1.1

    Green-2

    Default setting of “User defined subnet only”

    Default-domain:default-project:default

    10.2.3.0/24

    10.2.3.1

    Blue-1

    Default setting of “User defined subnet only”

    Default-domain:default-project:default

    10.2.2.0/24

    10.2.2.1

    Blue-2

    Default setting of “User defined subnet only”

    Default-domain:default-project:default

    10.2.4.0/24

    10.2.4.1

  3. When both virtual networks are created, the Virtual Networks screen displays. You will see that both the green and blue networks are available.

Assign Interfaces to VLANs with Virtual Port Groups

You configure VPGs to add interfaces to your virtual networks. In this section, we will add the access interfaces from the leaf devices to the servers as shown in Figure 2.

Figure 2: Adding VPGs to Virtual Networks
Adding VPGs to Virtual Networks

To create a VPG:

  1. Navigate to Overlay > Virtual Port Group and click Create.
  2. Create four VPGs with the values shown in the following table.

    To assign a physical interface, find the interface under Available Physical Interface. There can be multiple pages of interfaces. To move an interface to the Assigned Physical Interface, click the > next to the interface.

    Name

    VPG1-Green-1

    VPG2-Green-2

    VPG1-Blue-1

    VPG2-Blue-2

    Assigned Physical Interface

    xe-0/0/23:0

    xe-0/0/23:0

    xe-0/0/23:0

    xe-0/0/23:0

    Network

    Green-1

    Green-2

    Blue-1

    Blue-2

    VLAN ID

    101

    103

    102

    104

Enable Layer 3 Routing on Virtual Networks Using Logical Routers

CEM uses logical routers (LRs) to enable routing on virtual networks. It does so by creating a VRF routing instance for each logical router with IRB interfaces on the spine devices. After CEM configures the devices, network traffic from the blue and green networks travels over a VXLAN tunnel from the leaf devices to the spine devices. At the spine devices, the traffic is routed at Layer 3.

In this section, we will enable routing on the blue and the green virtual networks as shown in Figure 3.

Figure 3: Adding Logical Routers to the Virtual Networks
Adding Logical Routers
to the Virtual Networks

To configure the logical routers:

  1. Navigate to Overlay > Logical Routers, and click Create.
  2. Create two virtual networks as shown in the following table:

    Name

    LR-Blue

    LR-Green

    Extend to Physical Router

    DC2-Spine1

    DC2-Spine2

    DC2-Spine1

    DC2-Spine2

    Logical Router Type

    VXLAN Routing

    VXLAN Routing

    Connected Networks

    Blue-1

    Blue-2

    Green-1

    Green-2

Verify Your Virtual Network Configuration

  1. On a spine device, check that IRB interfaces are configured. There are two IRBs for each virtual network.
  2. On a spine device, check that VLANs are configured.
  3. On a spine device, check that VRFs are configured, one for the green network and one for the blue network. Note that the IRB interfaces are added to the VRFs.
  4. When you have finished your configuration, you can run ping between servers in the same virtual network. For example, run ping from BMS1 to BMS3 in the green network.
    host@ix-centos-s2 ~]# ping 10.2.3.101
  5. Run ping from BMS2 to BMS4 in the blue network.
    host@ix-centos-s3 ~]# ping 10.2.4.101