tutorial

Setup vxlan Network with L2 Connectivity between VMs

Abdul Aziz
facebook
x
reddit
linkedin
Setup vxlan Network with L2 Connectivity between VMs

This tutorial show you how to create vxlan Network with L2 Connectivity between VMs (Compute Engine) in google cloud

Create VPC Network named vxlan-network with custom mode

Terminal window
1
gcloud compute networks create vxlan-network \
2
  --project=trial-project-andania \
3
  --subnet-mode=custom

Create Subnet on vxlan-network VPC Network

Terminal window
1
gcloud compute networks subnets create us-central1-subnet \
2
  --project=trial-project-andania \
3
  --range=10.40.0.0/20 \
4
  --network=vxlan-network \
5
  --region=us-central1

Create firewall rules to allow SSH and icmp for the VMs

Terminal window
1
gcloud compute firewall-rules create vxlan-network-allow-ssh-icmp \
2
  --project=trial-project-andania \
3
  --network vxlan-network \
4
  --allow tcp:22,icmp

Create two VM instances named vm-a and vm-b. (I use spot vm for this example to reduce the cost)

Terminal window
1
gcloud compute instances create vm-a \
2
  --project=trial-project-andania \
3
  --image-family=ubuntu-2004-lts --image-project=ubuntu-os-cloud \
4
  --zone=us-central1-a \
5
  --boot-disk-size 10G \
6
  --machine-type=e2-medium \
7
  --can-ip-forward \
8
  --network=vxlan-network \
9
  --subnet=us-central1-subnet \
10
  --scopes cloud-platform \
11
  --provisioning-model=SPOT
12


13
gcloud compute instances create vm-b \
14
  --project=trial-project-andania \
15
  --image-family=ubuntu-2004-lts --image-project=ubuntu-os-cloud \
16
  --zone=us-central1-a \
17
  --boot-disk-size 10G \
18
  --machine-type=e2-medium \
19
  --can-ip-forward \
20
  --network=vxlan-network \
21
  --subnet=us-central1-subnet \
22
  --scopes cloud-platform \
23
  --provisioning-model=SPOT

Setup vxlan on both VMs

  • SSH to vm-a as root user and setup vxlan

    Terminal window
    1
    gcloud compute ssh root@vm-a --zone us-central1-a
    2
    ip link add vxlan0 type vxlan id 42 dev ens4 dstport 0
    3
    bridge fdb append to 00:00:00:00:00:00 dst $VM_B_IP dev vxlan0
    4
    ip addr add 10.200.0.2/24 dev vxlan0
    5
    ip link set up dev vxlan0

  • SSH to vm-b as root user and setup vxlan

    Terminal window
    1
    ip link add vxlan0 type vxlan id 42 dev ens4 dstport 0
    2
    bridge fdb append to 00:00:00:00:00:00 dst 10.40.0.2 dev vxlan0
    3
    ip addr add 10.200.0.3/24 dev vxlan0
    4
    ip link set up dev vxlan0

    Test ping from vm-a to vm-b and vice versa. You will get an error Destination Host Unreachable. This is because we still not open port to allow connectivity on vxlan.

Add firewall rules to open Overlay Transport Virtualization (OTV) and Virtual eXtensible Local Area Network (VXLAN) UDP ports

Terminal window
1
gcloud compute firewall-rules create vxlan-network-allow-vxlan-udp \
2
  --project=trial-project-andania \
3
  --network=vxlan-network \
4
  --allow udp:4789,udp:8472

Now test ping again from vm-a to vm-b and vice versa. The ping will now success.

#networking #vxlan #google cloud