Overview
A Pica8 Network device implements Open vSwitch Database (OVSDB) management protocol, has connections with network virtualization controller, and can use Open vSwitch Database management protocol to deploy and manage VXLANs on VTEPs. For more OVSDB management protocol details, please read RFC7047.
Decapsulation-mode configuration will NOT take effect in OVSDB VTEP scenarios. Whether or not to add a VLAN tag to the decapsulated packet depends on the configuration of the VLAN on the outgoing port:
- For the native VLAN, frames for this VLAN are sent from the port without a tag.
- For trunk interface, outgoing packet from this VLAN will be tagged or untagged which is consistent with the VLAN tagged/untagged configuration.
NOTE:
VXLAN can be configured remotely via OVSDB. And MAC addresses learned can be synced to the OVSDB and vice versa.
...
To create and install an SSL key and certificate on a Pica device:
- Update the system time, or certificate will show expired.
- Install openssl on Pica8 device or linux computer
- Initialize a PKI on Pica8 device or linux computer
# ovs-pki init --force - On Pica8 device or the same Linux computer on which the PKI exists, create a new key and certificate for the Pica8 device.
# ovs-pki req+sign pica8 - Copy only the pica8
-privkey.pemand pica8-cert.pemfiles from the Linux computer to the /ovs/var/lib/openvswitch/pki directory on the Pica8 device.
...