Configuring the Overlay: VTEP Interconnections and VNIs



VTEPs can be configured as individual vRouter interfaces. However, as discussed in the About VTEP High Availability section, VTEPs are more commonly configured on switch pairs running VRRP to support redundant logical VIPs for VXLAN termination.


In this latter case, the first step is to create a VIP instead of a regular interface.


Both cases are exemplified below (a. and b.) in the list of steps required to set up the overlay:


  1. First configure the underlay’s vRouter interfaces, with the proper MTU:


    1. Create a vRouter and add a vRouter interface for each VTEP:


CLI (network-admin@switch) > vrouter-create name <vr-name> vnet <vnet-name> router-type hardware hw-vrrp-id <id>


CLI (network-admin@switch) > vrouter-interface-add vrouter-name <vr-name> ip <network/netmask> vlan <y> mtu <mtu>


    1. For VTEP HA instead add a vRouter interface using VRRP:


CLI (network-admin@switch) > vrouter-interface-add vrouter-name <vr-name> ip <network/netmask> vlan <y> vrrp-id <id> vrrp-primary <ethz.y> mtu <mtu>


<mtu> can be set for example to 1580 bytes (or more).



  1. Once the VTEPs are created, configure the VTEP connections (also referred to as ‘tunnels’) from sources to destinations. On non-redundant switches, the tunnel is created with scope local whereas on redundant switches the tunnel is created with scope cluster:


CLI (network-admin@switch) > tunnel-create name <tunnel-name> local-ip <ip1> remote-ip <ip2> scope local vrouter-name <vr-name>

 

CLI (network-admin@switch) > tunnel-create name <tunnel-name> local-ip <vip1> remote-ip <vip2> scope cluster vrouter-name <vr-name> peer-vrouter-name <peer-vr-name>


  1. Then create the mappings between VNIs and VLANs on the respective switches:


CLI (network-admin@switch) > vlan-create scope <scope> id <vlan-id> vxlan <vnid>


Note: A VLAN can be associated to a VNI when created on a VTEP HA pair with the vlan-create scope cluster id <vlan-id> vxlan <vnid> command. Also, the mappings can be set up also with the vlan-modify id <vlan-id> vxlan <vnid> command after VLAN creation.


To add ports to the VLAN, use the vlan-port-add command, for example:


CLI (network-admin@switch) > vlan-port-add vlan-id <vlan-id> ports <port numbers>


To delete a VLAN with its mapping, use the vlan-delete command.


Lastly, to display the information about a VLAN, for example to verify a VNI mapping and the list of ports added to it, use the vlan-show command:


CLI (network-admin@switch) > vlan-show id 70 format id, type, vxlan, scope, description, ports, untagged-ports


id  type    vxlan        scope        description       ports                                        untagged-ports

--  ------ -------- ------- ----------  --------------------------                     ------------

70  public  70000        cluster  vlan-70        0-2, 5-48, 50-52, 54-56, 63-70, 272-273,                none
                                               275-276, 278-280, 397        


  1. Add the required VNI mappings to the VXLAN connections:


CLI (network-admin@switch) > tunnel-vxlan-add name <tunnel-name> vxlan <vnid>


  1. For monitoring VXLAN specific states and statistics, use the following commands:


vlan-show

Displays the VXLAN ID associated with the VLAN ID.

tunnel-show

Displays the configured tunnel and the state.

trunk-show

Displays the port used for BUM traffic re-circulation.

ports-stats-show

Displays statistics for each port.

tunnel-stats-show

Displays statistics for each tunnel.

vxlan-stats-show

Displays statistics for each VXLAN ID.