VXLAN Interfaces

Virtual Extensible LAN, or VXLAN, interfaces can be used to encapsulate Layer 2 frames inside UDP, carrying traffic for multiple L2 networks across Layer 3 connections such as between routed areas of a datacenter, leased lines, or VPNs.

VXLAN tunnels are commonly used to bypass limitations of traditional VLANs on multi-tenant networks and other areas that require large scale L2 connectivity without direct connections.

There are two main components to a VXLAN tunnel: The VXLAN tunnel itself, and the bridge domain used to terminate the tunneled traffic to another local interface.

VXLAN Configuration

A new VXLAN tunnel is created with the vxlan <tunnel-name> command in config mode, which then enters config-vxlan mode.

In config-vxlan mode, the following commands are available:

instance <id>

Required instance identifier configured on the VXLAN tunnel. Based on this, a new interface will be available in TNSR named vxlan_tunnel<id>. For example, with instance 0 the interface is named vxlan_tunnel0.

vni <u24>

Required VXLAN Network Identifier

source <ip-addr>

Required source IP address on TNSR used to send VXLAN tunnel traffic.

destination <ip-addr>

Required destination IP address for the far side of the tunnel. This can be a multicast address, but if it is, then the multicast interface must also be defined.

encapsulation route-table <rt-table-name>

Routing table used for VXLAN encapsulation.

multicast interface <if-name>

Interface used for multicast. Required if the destination address is a multicast address. If defined, the destination address must be multicast.

Note

The source IP address, destination IP address and encapsulation route table must all be of the same address family, either IPv4 or IPv6.

VXLAN Example

First, create the bridge with the desired set of options:

tnsr(config)# interface bridge domain 10
tnsr(config-bridge)# arp term
tnsr(config-bridge)# flood
tnsr(config-bridge)# uu-flood
tnsr(config-bridge)# forward
tnsr(config-bridge)# learn
tnsr(config-bridge)# exit

Add host interface to bridge domain:

tnsr(config)# int GigabitEthernet3/0/0
tnsr(config-interface)# bridge domain 10 shg 1
tnsr(config-interface)# exit

Create the VXLAN tunnel:

tnsr(config)# vxlan xmpl
tnsr(config-vxlan)# instance 0
tnsr(config-vxlan)# vni 10
tnsr(config-vxlan)# source 203.0.110.2
tnsr(config-vxlan)# destination 203.0.110.25
tnsr(config-vxlan)# exit

Add the VXLAN tunnel to bridge domain:

tnsr(config)# int vxlan_tunnel0
tnsr(config-interface)# bridge domain 10 shg 1
tnsr(config-interface)# exit

VXLAN Status

To view the status of VXLAN tunnels, use the show vxlan command:

tnsr# show vxlan
Name Instance Source IP   Dest IP      Encap Rt   Decap Node IF Name       Mcast IF VNI
---- -------- ----------- ------------ ---------- ---------- ------------- -------- ---
xmpl 0        203.0.110.2 203.0.110.25 ipv4-VRF:0 1          vxlan_tunnel0          10