Configuring Layer 2 Protocol Tunneling

Starting from Netvisor ONE release 6.1.1, PDU Transparency (a.k.a. Layer 2 Protocol Tunneling) is supported on bridge domains by leveraging hardware forwarding capabilities. With this feature certain protocol packets (i.e., PDUs) are no longer terminated on the ingress switch port and then sent to the CPU for processing. They are instead tunneled over a bridge domain. Currently the feature supports STP, LLDP and LACP PDUs.

Layer 2 Protocol Tunneling can be enabled during or after bridge domain creation with the new l2-tunneling keyword. When a bridge domain is created:

CLI (network-admin@switch) > bridge-domain-create name <name> scope <scope> vxlan <vxlan-id> vnet <vnet-id> l2-tunneling {stp | lacp | lldp | all | none}

none is the default value when the l2-tunneling keyword is not used.

Layer 2 Protocol Tunneling configuration can be modified with the following command:

CLI (network-admin@switch) > bride-domain-modify name <name> l2-tunneling {stp | lacp | lldp | all | none}

The bridge-domain-show command includes a new column to display the Layer 2 Protocol Tunneling configuration:

CLI (network-admin@switch) > bridge-domain-show format name,vxlan,auto-vxlan,rsvd-vlan,local-rsvd-vlan,qinq_rsvd_vlan,mac-learning,L2-tunneling,

switch name vxlan  auto-vxlan rsvd-vlan local-rsvd-vlan qinq_rsvd_vlan mac-learning L2-tunneling

------ ---- ------ ---------- --------- --------------- -------------- ------------ ------------

switch bd1  100101 no         1001      1001                           off          all

switch bd2  100102 no         1002      1002                           on           stp,lldp

switch bd3  100103 no         1003      1003                           on           none

Note: Bridge domain PDU transparency leverages the device's hardware capabilities and therefore requires the configuration of a VXLAN Loopback Trunk, even when single pass mode is used.