Match Vxlan VNI
Introduction
From version 2.9.2, Pica8 switches support match vxlan vni fields.Platforms that supports VXLAN also supports matching VXLAN VNI field. The tun_id/tunnel_id uses the lower 24 bits in the lower 32 bits of the 64 bit vnid field.The higher 32 bits are 0x02000000. The udp, tp_dst and tun_id/tunnel_id are the necessary match fields, besides, you can match more fields like dl_vlan, dl_dst, dl_src, nw_src, nw_dst etc.The tp_dst must be the same with the configuration set by "ovs-vsctl set-vxlan-udp-dst-port [port]". This global configuration works well on vxlan decapsulation, but does not work on encapsualtion by vxlan tunnel.
Command
ovs-vsctl set-match-vxlan-vni-enable [true/false]: Please restart the Picos service after enabling or disabling the vxlan vni mode
ovs-vsctl set-vxlan-udp-dst-port [port]: Users can use this command to modify the layer 4 port number. The default value is 4789. If you want to recover the default value from another port number, use the command like this "ovs-vsctl set-vxlan-udp-dst-port"
Flow
ovs-ofctl add-flow br0 udp,tp_dst=5000,tun_id=0x0200000000112233,actions=2
flows info
1.udp,tp_dst,tun_id are the necessary match fields, besides, you can match more fields like dl_vlan,dl_dst,dl_src,nw_src,nw_dst etc.
2.Actions could be set_field vlan vid, push_mpls etc. Vcap actions can not be supported( only push_vlan and only two pop_vlan etc)
Example1
host-----------1+--------------------------+2---------host
           |                                     |
host----------3+---------------------------+4---------host
step1: Configure bridge and port
ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8 ovs-vsctl add-port br0 te-1/1/1 vlan_mode=trunk tag=1 -- set interface te-1/1/1 type=pica8 ovs-vsctl add-port br0 te-1/1/2 vlan_mode=trunk tag=1 -- set interface te-1/1/2 type=pica8 ovs-vsctl add-port br0 te-1/1/3 vlan_mode=trunk tag=1 -- set interface te-1/1/3 type=pica8
step2: Enable vxlan vni
ovs-vsctl set-match-vxlan-vni-enable true
step3:set  ecmp select group and lag select group
ovs-vsctl set-group-ranges ecmp-select-groups=1-100,lag-select-groups=200-300 sudo systemctl restart picos
step4:add two groups
ovs-ofctl add-group br0 group_id=10,type=select,bucket=set_field:10-\>vlan_vid,set_field:00:00:00:22:22:22-\>dl_src,set_field:00:00:00:33:33:33-\>dl_dst,output:2,bucket=set_field:20-\>vlan_vid,set_field:00:00:00:44:44:44-\>dl_src,set_field:00:00:00:55:55:55-\>dl_dst,output:3 ovs-ofctl add-group br0 group_id=200,type=select,bucket=set_field:1000-\>vlan_vid,set_field:00:00:00:11:11:11-\>eth_dst,output:2,bucket=output:3
step5:add a flow using ecmp-select-group
ovs-ofctl del-flows br0 ovs-ofctl add-flow br0 in_port=1,udp,tp_dst=4789,tun_id=0x0200000000112233,actions=group:10
step6:send src ip changing vxlan packets with tunnel id is 112233,udp dst port is 4789(vxlan dst mac is C8 0A A9 04 49 1A,vxlan src mac is C8 0A A9 9E 14 A5)
step7: add a flow using lag-select-group
ovs-ofctl del-flows br0 ovs-ofctl add-flow br0 in_port=1,udp,tp_dst=4789,tun_id=0x0200000000112233,dl_vlan=10,dl_dst=C8:0A:A9:04:49:1A,actions=group:200
step8:send src ip changing vxlan packets with tunnel id is 112233,udp dst port is 4789(vxlan dst mac is C8 0A A9 04 49 1A,vxlan src mac is C8 0A A9 9E 14 A5)
Result
Step6:vxlan packets will hash to te-1/1/2,te-1/1/3.te-1/1/2 transmit the packets like this(dst mac is 00 00 00 33 33 33,src mac is  00 00 00 22 22 22 vlan is 10).te-1/1/3 transmit the packets like this (dst mac is 00 00 00 55 55 55,src mac is 00 00 00 44 44 44,vlan is 20)
Step8:vxlan packets will hash to te-1/1/2,te-1/1/3.te-1/1/2 and te-1/1/3 transmit the same vxlan packets like this(dst mac is 00 00 00 11 11 11,src mac is C8 0A A9 9E 14 A5,vlan is 1000)
Copyright © 2024 Pica8 Inc. All Rights Reserved.