VXLAN CLI

create vxlan tunnel

create vxlan tunnel src <local-vtep-addr> {dst <remote-vtep-addr>|group <mcast-vtep-addr> <intf-name>} vni <nn> [instance <id>] [encap-vrf-id <nn>] [decap-next [l2|node <name>]] [del] [l3] [src_port <local-vtep-udp-port>] [dst_port <remote-vtep-udp-port>]

Add or delete a VXLAN Tunnel.

VXLAN provides the features needed to allow L2 bridge domains (BDs) to span multiple servers. This is done by building an L2 overlay on top of an L3 network underlay using VXLAN tunnels.

This makes it possible for servers to be co-located in the same data center or be separated geographically as long as they are reachable through the underlay L3 network.

You can refer to this kind of L2 overlay bridge domain as a VXLAN (Virtual eXtensible VLAN) segment.

Example of how to create a VXLAN Tunnel:

create vxlan tunnel src 10.0.3.1 dst 10.0.3.3 vni 13 encap-vrf-id  7

Example of how to create a VXLAN Tunnel with a known name, vxlan_tunnel42:

create vxlan tunnel src 10.0.3.1 dst 10.0.3.3 instance 42
Example of how to create a multicast VXLAN Tunnel with a known name,

vxlan_tunnel23:

create vxlan tunnel src 10.0.3.1 group 239.1.1.1  GigabitEthernet0/8/0 instance 23

Example of how to create a VXLAN Tunnel with custom udp-ports:

create vxlan tunnel src 10.0.3.1 dst 10.0.3.3 vni 13 src_port  59000 dst_port 59001

Example of how to delete a VXLAN Tunnel:

create vxlan tunnel src 10.0.3.1 dst 10.0.3.3 vni 13 del

Declaration: create_vxlan_tunnel_command src/vnet/vxlan/vxlan.c line 919

Implementation: vxlan_add_del_tunnel_command_fn

set flow-offload vxlan

set flow-offload vxlan hw <interface-name> rx <tunnel-name> [del]

Declaration: vxlan_offload_command src/vnet/vxlan/vxlan.c line 1301

Implementation: vxlan_offload_command_fn

set interface ip vxlan-bypass

set interface ip vxlan-bypass <interface> [del]

This command adds the ‘ip4-vxlan-bypass’ graph node for a given interface. By adding the IPv4 vxlan-bypass graph node to an interface, the node checks for and validate input vxlan packet and bypass ip4-lookup, ip4-local, ip4-udp-lookup nodes to speedup vxlan packet forwarding. This node will cause extra overhead to for non-vxlan packets which is kept at a minimum.

Example of graph node before ip4-vxlan-bypass is enabled:

show vlib graph ip4-vxlan-bypass

           Name                      Next                    Previous
ip4-vxlan-bypass                error-drop [0]
                               vxlan4-input [1]
                                ip4-lookup [2]

Example of how to enable ip4-vxlan-bypass on an interface:

set interface ip vxlan-bypass GigabitEthernet2/0/0

Example of graph node after ip4-vxlan-bypass is enabled:

show vlib graph ip4-vxlan-bypass

           Name                      Next                    Previous
ip4-vxlan-bypass                error-drop [0]               ip4-input
                               vxlan4-input [1]        ip4-input-no-checksum
                                ip4-lookup [2]

Example of how to display the feature enabled on an interface:

show ip interface features GigabitEthernet2/0/0

IP feature paths configured on GigabitEthernet2/0/0...
...
ipv4 unicast:
  ip4-vxlan-bypass
  ip4-lookup
...

Example of how to disable ip4-vxlan-bypass on an interface:

set interface ip vxlan-bypass GigabitEthernet2/0/0 del

Declaration: set_interface_ip_vxlan_bypass_command src/vnet/vxlan/vxlan.c line 1123

Implementation: set_ip4_vxlan_bypass

set interface ip6 vxlan-bypass

set interface ip6 vxlan-bypass <interface> [del]

This command adds the ‘ip6-vxlan-bypass’ graph node for a given interface. By adding the IPv6 vxlan-bypass graph node to an interface, the node checks for and validate input vxlan packet and bypass ip6-lookup, ip6-local, ip6-udp-lookup nodes to speedup vxlan packet forwarding. This node will cause extra overhead to for non-vxlan packets which is kept at a minimum.

Example of graph node before ip6-vxlan-bypass is enabled:

show vlib graph ip6-vxlan-bypass

           Name                      Next                    Previous
ip6-vxlan-bypass                error-drop [0]
                               vxlan6-input [1]
                                ip6-lookup [2]

Example of how to enable ip6-vxlan-bypass on an interface:

set interface ip6 vxlan-bypass GigabitEthernet2/0/0

Example of graph node after ip6-vxlan-bypass is enabled:

show vlib graph ip6-vxlan-bypass

           Name                      Next                    Previous
ip6-vxlan-bypass                error-drop [0]               ip6-input
                               vxlan6-input [1]        ip4-input-no-checksum
                                ip6-lookup [2]

Example of how to display the feature enabled on an interface:

show ip interface features GigabitEthernet2/0/0

IP feature paths configured on GigabitEthernet2/0/0...
...
ipv6 unicast:
  ip6-vxlan-bypass
  ip6-lookup
...

Example of how to disable ip6-vxlan-bypass on an interface:

set interface ip6 vxlan-bypass GigabitEthernet2/0/0 del

Declaration: set_interface_ip6_vxlan_bypass_command src/vnet/vxlan/vxlan.c line 1180

Implementation: set_ip6_vxlan_bypass

show vxlan tunnel

show vxlan tunnel [raw]

Display all the VXLAN Tunnel entries.

Example of how to display the VXLAN Tunnel entries:

show vxlan tunnel

[0] src 10.0.3.1 dst 10.0.3.3 src_port 4789 dst_port 4789 vni 13
 encap_fib_index 0 sw_if_index 5 decap_next l2

Declaration: show_vxlan_tunnel_command src/vnet/vxlan/vxlan.c line 983

Implementation: show_vxlan_tunnel_command_fn