Documente Academic
Documente Profesional
Documente Cultură
Underlay
DMAC SMAC 802.1Q Etype Payload FCS Version IHL TOS Total Length
6 bytes 6 bytes 4 bytes 2 bytes 46~9000 bytes 4 bytes Identification Flags Fragment Offset
* VXLAN adds 50 bytes of overhead Classical Ethernet Frame (Original L2 Frame)
Time to Live Protocol = 17 Header Checksum
Terminology IPv4 Source Address
VXLAN Overlay layer 2 overlay on top of Layer 3 underlay, identified by
Ipv4 Destination Address
VNID & extends/tunnels traffic from one VTEP to another
Source Port = (random) Dest Port = 4789
VXLAN Underlay services such as OSPF, IS-IS, EIGRP, Multicast & BGP
that provides the transport for VXLAN UDP Length UDP Checksum
VXLAN Tunnel End Point (VTEP) a device that perform VXLAN R|R|R|R|I|R|R|R Reserved
encap/decapsulation, could be hardware or software
VXLAN Network Identifier (VNI) Reserved
VNI/VNID each VXLAN segment identified by 24-bit segment ID, only
Destination MAC Address
hosts on the same VNI are allowed to communicate with each other. It
overcome 4094 VLAN scale limitation. Thus, segment IDs are globally
Overlay
significant and VLAN IDs are locally significant
Source MAC Address
VXLAN Gateway VTEP that bridge layer 2/3 traffic between VXLAN segments
Optional: 802.1Q VLAN Header
Network virtualization Edge (NVE) logical representation of the VTEP,
Ethertype
I.e. NVE is the tunnel interface
Original Ethernet Payload
BUM Traffic Broadcast, Unknown Layer-2 Unicast and Multicast
Data Plane learning technique for VXLAN, VTEP will flood the MP-BGP EVPN introduces control-plane learning for end hosts
packet to all neighbor and will learn the remote end. behind remote VTEPs. Provides control & data plane separation
Last update Jan 5, 2017 (version 1.00)
References: https://cloudpacket.net/bookmarks/ Page 1/2 Prepared By Shakib Shaygan
VXLAN
Gateway Types Leaf Node Configuration - L2 VNI
# 1-Feature enablement # 5-Anycast addresses
VXLAN Red VLAN 10
feature bgp/pim/interface-vlan fabric forwar any-cast-
vn-segment-vlan-based gateway 0001.0001.0001
Egress packet is
nv overlay/nxapi/lldp
802.1q tagged
VXLAN L2 fabric/fabric forwar interface vlan 100
Gateway nv overlay evpn vrf member EVPN-TENANT
ip add 100.1.1.254/24
VXLAN Red VXLAN Blue # 2-Map VLAN to VXLAN fabric forw mode anycast
vlan 100
Egress packet is vn-segment 10000 # 6-Configure BGP
another vxlan segment router bgp 100
VXLAN L3 # 3-Create L2 VNI router-id 192.168.1.1
Gateway/Router evpn address-family l2vpn evpn
vni 10000 l2 neighbor 192.168.10.10
Layer 2 Gateway is required when layer 2 traffic (802.1q) rd 10000:1 remote-as 100
comes from VLAN into VXLAN segment (encapsulation) or route-target import 10000:1 update-source lo0
the ingress VXLAN packet egresses out an 802.1q tagged route-target export 10000:1 address-fam l2vpn evpn
interface (decapsulation) where packet is bridged to a new vlan send-comm extended
# 4-Configure NVE Interface vrf EVPN-TENENT
Layer 3 Gateway is used when there is a VXLAN to VXLAN interface nve1 address-fam ipv4 unicast
routing.The ingress packet is a VXLAN packet on a routed source-interface lo 0 advertise l2vpn evpn
segment but the packet egresses out on a tagged 802.1q host-reachability prot bgp
interface and the packet is routed to a new VLAN member vni 10000
mcast-group 239.1.1.1
Asymmetric IRB supress-arp
SVI 300
SVI 200
SVI 300
SVI 300
SVI 200
SVI 300
source-interface lo 0
host-reachability prot bgp
member vni 20000 associate-vrf