Introduction
Virtual eXtensible Local Area Network (VXLAN) is a tunneling protocol designed to solve the problem of limited VLAN IDs (4096) in IEEE 802.1Q, and it is described by IETF RFC 7348. With VXLAN the size of the identifier is expanded to 24 bits (16777216). It creates a Layer 2 overlay scheme on a Layer 3 network and the protocol runs over UDP.
Only devices within the same VXLAN segment can communicate with each other. Each VXLAN segment is identified through a 24-bit segment ID, termed the VXLAN Network Identifier (VNI). Unlike most tunnels, a VXLAN is a 1 to N network, not just point to point. A VXLAN device can learn the IP address of the other endpoint dynamically in a manner similar to a learning bridge. Multicast or unicast is used to flood broadcast, unknown unicast, and multicast traffic. VXLAN endpoints, which terminate VXLAN tunnels are known as VXLAN tunnel endpoints (VTEPs).
Configuration options
This section describes the VXLAN interface and VTEP configuration options.
Sub-menu: /interface vxlan
Property | Description |
---|---|
arp (disabled | enabled | local-proxy-arp | proxy-arp | reply-only; Default: enabled) | Address Resolution Protocol setting
|
arp-timeout (auto | integer; Default: auto) | How long the ARP record is kept in the ARP table after no packets are received from IP. Value auto equals to the value of arp-timeout in IP/Settings, default is the 30s. |
comment (string; Default: ) | Short description of the interface. |
disabled (yes | no; Default: no) | Changes whether the interface is disabled. |
group (IPv4; Default: ) | When specified, a multicast group address can be used to forward broadcast, unknown unicast, and multicast traffic between VTEPs. This property requires specifying the interface setting. The interface will use IGMP to join the specified multicast group, make sure to add the necessary PIM and IGMP configuration. |
interface (name; Default: ) | Interface name used for multicast forwarding. This property requires specifying the group setting. |
mac-address (read-only, Default: ) | Automatically assigned interface MAC address. This setting cannot be changed. |
mtu (integer; Default: 1500) | For the maximum transmission unit, the VXLAN interface will set MTU to 1500 by default. The |
name (text; Default: vxlan1) | Name of the interface. |
port (integer: 1..65535; Default: 8472) | Used UDP port number. |
vni (integer: 1..16777216; Default: ) | VXLAN Network Identifier (VNI). |
Sub-menu:
/interface vxlan
Property | Description |
---|---|
interface (name; Default: ) | Name of the VXLAN interface. |
port (integer: 1..65535; Default: 8472) | Used UDP port number. |
remote-ip (IPv4; Default: ) | The IPv4 destination address of remote VTEP. |
Configuration example
This configuration example creates a single VXLAN tunnel between two statically configured VTEP endpoints.
First, create VXLAN interfaces on both routers.
/interface vxlan add name=vxlan1 port=8472 vni=10
Then configure VTEPs on both routers with respective IPv4 destination addresses. Both devices should have an active route toward the destination address.
# Router1 /interface vxlan vteps add interface=vxlan1 remote-ip=192.168.10.10 # Router2 /interface vxlan vteps add interface=vxlan1 remote-ip=192.168.20.20
Configuration is complete. It is possible to include the VXLAN interface into a bridge with other Ethernet interfaces.