Versions Compared

Version Old Version 5 New Version Current
Changes made by

Tracy Yang

Tracy Yang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note
titleNOTES:
  • The switch platforms which use this feature are:
    • Trident2
    • Trident2+
    • Tomahawk
    • Tomahawk+
    • Tomahawk 2
    • Tomahawk 3
    • Trident3
    • Maverick
  • If VXLAN is deployed in an MLAG domain, it behaves a little differently. For details, see MLAG Configuration.

  • Open vSwitch Database (OVSDB) management protocol runs in management VRF by default. If you use Ethernet management interface Eth0/1 to connect with the controller, you do not need to do the following operations.

    However, if the L3 VLAN interface is used to connect with the controller, the OVSDB management protocol cannot run normally by default, as all the L3 VLAN interface is in the default VRF by default. You need to modify the configurations to make the L3 VLAN interface management interface and OVSDB management protocol run in the same VRF, so as to run the OVSDB management protocol normally. You can choose either one of the following two ways:

    Way 1. Use the command set protocols ovsdb controller <controller-name> vrf default to move OVSDB management protocol to run in the default VRF. This way is recommended.

    Way 2. Use the command set l3-interface vlan-interface <interface-name> vrf mgmt-vrf to move the L3 VLAN interface connected to the controller to management VRF.

  • All L3-Interface MTU should be set to 1450 bytes as long as VXLAN and OSPF is enabled on the device.

About VXLAN

Virtual Extensible LAN (VXLAN) is an overlay network virtualization technology. An overlay network is a virtual network that is built on top of existing network Layer 2 and Layer 3 technologies to support elastic compute architectures. VXLAN makes it easier for network engineers to scale out a cloud computing environment while logically isolating cloud apps and tenants.

VXLAN Technology

VXLAN uses UDP-based encapsulation to tunnel Ethernet frames and transfers original data packets as tunnel payloads. With the outer UDP tunnel, inner payload data can be quickly transferred on the layer 2 and layer 3 networks. To provide the capability of broadcast domain addressing, the VXLAN technology uses layer 3 IP multicast to replace the Ethernet broadcast. Therefore, the broadcast, unknown unicast, and multicast (BUM) packets can be transferred on virtual networks through broadcasting. For more VXLAN details, please read RFC7348.

VXLAN Standards

As shown in Figure 1-1, a VXLAN packet consists of the outer encapsulation and the inner payloads.

...

The below table shows the traffic changes in the case that interfaces vlans in the access side are binded with a vxlan in the network side.

...

Access->Network

...


Access→Access

(configure with decapsulation mode)

Access→Network

(configure with encapsulation mode)

Network→Access

(configure with decapsulation mode)

none

untag--

>untag

>tag(PVID)

tag-->remain tag

untag-

>untag

->tag(PVID)

tag->remain tag

untag-->untag

tag-->remain tag

service-vlan-add

untag-->tag(

add pvid

PVID)

tag->remain tag

untag

->add encapsulation vlan tagtag

-

>remain tag untag

-

-

>tag(

add pivd

PVID)

tag-

->double tag(outer layer add pvid)

service-vlan-add-delete

 untag

>remain tag

untag-->tag(add

pvid)

tag-->untag

 untag-->add encapsulation vlan

tag->untag(been deleted)

 untag-->tag(add pivd)

vxlan-vlan)

tag-->double tag(outer layer add

pvid)service

vxlan-vlan

-add-replace

 untag->tag(add pvid)

tag-->new tag(replaced with pvid)

 untag-->add encapsulation vlan

tag->tag(changed to encapsulation vlan)

 untag-->tag(add pivd)

tag-->double tag(outer layer add pvid)

service-vlan-delete

 untag

)

service-vlan-add-delete

untag-->untag

tag-->untag

 untag->untag

tag->untag

 untag

untag-->untag

tag

-->remain tag

service-vlan-replace

 untag

-

-

>untag

tag-->new tag(replaced with pvid)

 untag->untag

tag->tag(changed to encapsulation vlan)

 untag-->untag

tag-->remain tag

The below table shows the traffic changes in the case that the interfaces and vlans in the access side are binded with a vxlan in the network side.

Access->Access

Access->Network

Network->Access

none

tag-->remain tag

tag->remain tag

untag-->untag

tag-->remain tag

service-vlan-add

tag->remain tag

tag->remain tag

untag--

(been deleted)

untag-->tag(add vxlan-vlan)

tag-->double tag(outer layer add vxlan-vlan)

service-vlan-add-

delete

tag-->untag

tag->untag(been deleted)

replace

untag-->tag(

add vxlan-vlan

PVID)

tag--

>double tag(outer layer add vxlan-vlan)

service-vlan-add-replace

tag-->new tag(replaced with vxlan-vlan

>remain tag

untag→tag(configured VLAN)

tag->tag(

changed to encapsulation vlan

configured VLAN)

untag-->tag(add vxlan-vlan)

tag-->double tag(outer layer add vxlan-vlan)

service-vlan-delete

tag

untag-->untag

tag-->untag

untag-->untag

tag-->remain tag

service-vlan-replace

tag-

->new tag(replaced with vxlan-vlan)

tag->tag(changed to encapsulation vlan)

untag--

>untag

tag-->remain tagAccess->Access

Access->Network

Network->Access

none

tag-->remain tag

tag->remain tag

...

untag-->untag

tag-->remain tag

service-vlan-

add

tag->remain tag

tag->remain tag

replace

untag-->tag(

add vxlan-vlan)

tag-->double tag(outer layer add vxlan-vlan)

service-vlan-add-delete

tag-->untag

PVID)

tag-

>untag(been deleted)untag

-

->tag(add vxlan-vlan)

tag-->double tag(outer layer add vxlan-vlan)

service-vlan-add-replace

tag--

>remain tag

tag->tag(changed to encapsulation vlan)

untag-->tag(add vxlan-vlan)

tag-->double tag(outer layer add vxlan-vlan)

service-vlan-delete

tag-->untag

tag->untag

untag-->untag

tag-->remain tag

service-vlan-replace

tag-->remain tag

tag-

untag→tag(configured VLAN)

tag->tag(changed to encapsulation vlan)

untag-->untag

tag-->remain tag

VXLAN ECMP

In L2/L3, VXLAN ECMP is supported. Picos supports up to 32-way ECMP.

  • The VXLAN  ECMP does not need special configuration. It entirely depends on the routing ECMP. The route ECMP configure link: ECMP (Equal-Cost Multipath Routing) Configuration
  • PicOS uses info from VXLAN header for hash calculation to ensure better performance.

VXLAN Mac Learning

The VTEP performs source MAC learning on the VNI as a Layer 2 switch.

...

  • The all remote VTEP decapsulates the packet and forwards the frame to access port.

Configure to map VLAN to VXLAN VNI Step

VxLAN supported on PicOS L2/L3 switch. To configure Step, pleae see below.

  • Configure VXLAN soure interface

    Code Block
    set vxlans source-interface loopback address 10.10.10.25
commit


  • Create VXLAN VNI

    Code Block
    set vxlans vni 10010
commit


  • Configure vtep address for VXLAN VNI

    Code Block
    set vxlans vni 10010 flood vtep 10.10.10.12
commit

    Enable VXLAN VNI map with vlan

    Code Block
    set vxlans vni-map-vlan true
commit


  • Add vlan into VXLAN VNI

    Code Block
    set vxlans vni 10010 vlan 100
commit


...