Match Vxlan VNI

Introduction

From version 2.9.2, Pica8 switches support match vxlan vni fields.Platforms that supports VXLAN also supports matching VXLAN VNI field. The tun_id/tunnel_id uses the lower 24 bits in the lower 32 bits of the 64 bit vnid field.The higher 32 bits are 0x02000000. The udp, tp_dst and tun_id/tunnel_id are the necessary match fields, besides, you can match more fields like dl_vlan, dl_dst, dl_src, nw_src, nw_dst etc.The tp_dst must be the same with the configuration set by "ovs-vsctl set-vxlan-udp-dst-port [port]". This global configuration works well on vxlan decapsulation, but does not work on encapsualtion by vxlan tunnel.

Command

ovs-vsctl set-match-vxlan-vni-enable [true/false]: Please restart the Picos service after enabling or disabling the vxlan vni mode

ovs-vsctl set-vxlan-udp-dst-port [port]: Users can use this command to modify the layer 4 port number. The default value is 4789. If you want to recover the default value from another port number, use the command like this "ovs-vsctl set-vxlan-udp-dst-port"

Flow

ovs-ofctl add-flow br0 udp,tp_dst=5000,tun_id=0x0200000000112233,actions=2

flows info

1.udp,tp_dst,tun_id are the necessary match fields, besides, you can match more fields like dl_vlan,dl_dst,dl_src,nw_src,nw_dst etc.

2.Actions could be set_field vlan vid, push_mpls etc. Vcap actions can not be supported( only push_vlan and only two pop_vlan etc)

Example1

host-----------1+--------------------------+2---------host

| |

host----------3+---------------------------+4---------host

step1: Configure bridge and port

ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 te-1/1/1 vlan_mode=trunk tag=1 -- set interface te-1/1/1 type=pica8
ovs-vsctl add-port br0 te-1/1/2 vlan_mode=trunk tag=1 -- set interface te-1/1/2 type=pica8
ovs-vsctl add-port br0 te-1/1/3 vlan_mode=trunk tag=1 -- set interface te-1/1/3 type=pica8

step2: Enable vxlan vni

ovs-vsctl set-match-vxlan-vni-enable true

step3:set ecmp select group and lag select group

ovs-vsctl set-group-ranges ecmp-select-groups=1-100,lag-select-groups=200-300
sudo systemctl restart picos

step4:add two groups

ovs-ofctl add-group br0 group_id=10,type=select,bucket=set_field:10-\>vlan_vid,set_field:00:00:00:22:22:22-\>dl_src,set_field:00:00:00:33:33:33-\>dl_dst,output:2,bucket=set_field:20-\>vlan_vid,set_field:00:00:00:44:44:44-\>dl_src,set_field:00:00:00:55:55:55-\>dl_dst,output:3
ovs-ofctl add-group br0 group_id=200,type=select,bucket=set_field:1000-\>vlan_vid,set_field:00:00:00:11:11:11-\>eth_dst,output:2,bucket=output:3

step5:add a flow using ecmp-select-group

ovs-ofctl del-flows br0
ovs-ofctl add-flow br0 in_port=1,udp,tp_dst=4789,tun_id=0x0200000000112233,actions=group:10

step6:send src ip changing vxlan packets with tunnel id is 112233,udp dst port is 4789(vxlan dst mac is C8 0A A9 04 49 1A,vxlan src mac is C8 0A A9 9E 14 A5)

step7: add a flow using lag-select-group

ovs-ofctl del-flows br0
ovs-ofctl add-flow br0 in_port=1,udp,tp_dst=4789,tun_id=0x0200000000112233,dl_vlan=10,dl_dst=C8:0A:A9:04:49:1A,actions=group:200

step8:send src ip changing vxlan packets with tunnel id is 112233,udp dst port is 4789(vxlan dst mac is C8 0A A9 04 49 1A,vxlan src mac is C8 0A A9 9E 14 A5)

Result

Step6:vxlan packets will hash to te-1/1/2,te-1/1/3.te-1/1/2 transmit the packets like this(dst mac is 00 00 00 33 33 33,src mac is 00 00 00 22 22 22 vlan is 10).te-1/1/3 transmit the packets like this (dst mac is 00 00 00 55 55 55,src mac is 00 00 00 44 44 44,vlan is 20)

Step8:vxlan packets will hash to te-1/1/2,te-1/1/3.te-1/1/2 and te-1/1/3 transmit the same vxlan packets like this(dst mac is 00 00 00 11 11 11,src mac is C8 0A A9 9E 14 A5,vlan is 1000)