VLAN to VNID Mapping

OcNOS DC : Virtual Extensible Local Area Network Guide : VxLAN - Data Forwarding Configuration : VLAN to VNID Mapping

Overview

OcNOS supports mapping Virtual Local Area Network Identifier (VLAN ID) to Virtual Extensible Local Area Network Identifier (VNID) to extend the Layer 2 VLAN over to the Layer 3 VxLAN. The VLAN ID is a unique number assigned to a specific VLAN, and the VNID is the same for a specific VxLAN. The Virtual Tunnel Endpoint (VTEP) is a network device or a software component that encapsulates the ethernet frames from a specific VLAN ID into a VxLAN header that contains the VNID. This encapsulated frame is the VxLAN packet, which is again encapsulated in the UDP packet and wrapped in an outer IP header to transport it to the IP network.

Feature Characteristics

• The VLAN ID to VNID communication is regardless the physical and logical port.

• Each VNID is allowed to map with a single VLAN ID.

• VLAN is removed over the tunnel and re-added when egressing out of the host-connected port.

Benefits

The feature enhances the scalability and flexibility by extending the VLAN to VxLAN boundaries.

Configuration

This section shows the procedure for configuring VxLAN using VLAN to VNI mapping.

Topology

This topology demonstrates the configuration necessary to enable VxLAN VLAN-to-VNID mapping. Leaf1 and Leaf2 are VxLAN VTEPs in the Autonomous System (ASN) 100, and the Spine1 resides in a different Autonomous System (ASN) 200. The setup involves establishing eBGP IPv4 (underlay) neighborship between interface addresses and L2VPN EVPN (overlay) neighborship between loopback interfaces.

Once the underlay and overlay neighborships are established, configure the VxLAN tunnel between Leaf1 and Leaf2. The global VTEP IP is the loopback address.

VLAN to VNID mapping

Configuring VLAN to VNID mapping

Follow the steps to configure the VxLAN EVPN using VLAN to VNI mapping. The detailed configuration procedure demonstrates how access-if VxLAN is configured on a switchport in trunk mode.

Note: The configuration of access-if VxLAN is allowed in the access mode also. The example is as follows:

(config)#interface xe12

(config-if)# switchport

(config-if)# bridge-group 1 spanning-tree disable

(config-if)# switchport mode access

(config-if)# switchport access vlan 20

(config-if)# access-if-vxlan

(config-if)#exit

Configure the Leaf1 and Leaf2:

The parameters used in the configuration procedure are as present for Leaf1. Use the same commands with the Leaf2 parameters to configure the Leaf2.

1. Configure the hostname of the VTEP.

(config)#hostname Leaf1

(config)#commit

2. Configure the bridge type using the bridge 1 protocol rstp vlan-bridge command. This command enables the RSTP VLAN bridge type.

(config)#bridge 1 protocol rstp vlan-bridge

3. Enter the VLAN database using the vlan database command and associate the VLAN with a bridge.

(config)#vlan database

(config-vlan)#vlan 10 bridge 1 state enable

4. Enable the VxLAN globally on the VTEP.

(config)#nvo VxLAN enable

Note: Save and reboot the system to enable the VxLAN in the hardware.

5. Create the MAC VRF and name it using mac vrf vrf10. Configure the VLAN-based service type using evpn-vlan-service vlan-based command, assign a unique route distinguisher and route target value using rd 1.1.1.1:10 and route-target both 100:10 commands respectively.

(config)#mac vrf vrf10

(config-vrf)#evpn-vlan-service vlan-based

(config-vrf)#rd 1.1.1.1:10

(config-vrf)#route-target both 100:10

6. Configure a global IP to the VTEP. This IP address uniquely identifies the VTEP.

(config)#nvo VxLAN vtep-ip-global 1.1.1.1

7. Create a VNID and map it with the bridge VLAN using nvo VxLAN id 10 ingress-replication bridge-vlan 10. Configure the host-reachability-protocol as BGP-EVPN and associate the MAC VRF.

(config)#nvo VxLAN id 10 ingress-replication bridge-vlan 10

(config-nvo)#VxLAN host-reachability-protocol evpn-bgp vrf10

8. Assign the IP addresses to the physical and loopback interfaces of the Leaf1 to connect to the Spine.

(config)#interface ce49

(config-if)#ip address 11.10.1.1/24

(config-if)#exit

(config)#interface lo

(config-if)#ip address 1.1.1.1/32 secondary

9. Configure the interface xe11 as a switchport. Use the command bridge-group 1 spanning-tree disable to associate the bridge group to this interface and disable the Spanning Tree Protocol (STP) to avoid the port block. Configure the switching characteristic of this interface to trunk mode using the switchport mode trunk command and this allows multiple VLANs to run in the interface. Use the command switchport trunk allowed vlan add 10 to enable VLAN 10 through this interface. Map this interface with the VxLAN using access-if-VxLAN command.

(config)#interface xe11

(config-if)#switchport

(config-if)# bridge-group 1 spanning-tree disable

(config-if)#switchport mode trunk

(config-if)#switchport trunk allowed vlan add 10

(config-if)#access-if-vxlan

10. Configure the BGP and specify the autonomous number (ASN).

(config)#router bgp 100

11. Configure the router ID.

(config-router)#bgp router-id 1.1.1.1

12. Configure the neighboring eBGP peers in a different ASN.

(config-router)#neighbor 11.10.1.2 remote-as 200

(config-router)#neighbor 11.11.11.11 remote-as 200

13. Configure eBGP multihop as the neighboring peer is not directly connected.

(config-router)#neighbor 11.11.11.11 ebgp-multihop

14. Configure the source loopback address.

(config-router)#neighbor 11.11.11.11 update-source lo

15. Configure the IPv4 address family and activate the neighbor.

(config-router)#address-family ipv4 unicast

(config-router-af)#network 1.1.1.1/32

(config-router)#neighbor 11.10.1.2 activate

(config-router-af)#neighbor 11.10.1.2 allowas-in 1

(config-router-af)#exit-address-family

16. Configure the Layer 2 VPN address family and activate the neighbor.

(config-router)#address-family l2vpn evpn

(config-router-af)#neighbor 11.11.11.11 activate

(config-router-af)#neighbor 11.11.11.11 allowas-in 1

(config-router-af)#exit-address-family

(config-router)#exit

(config)#commit

Configure the Spine1:

1. Configure the hostname of the Spine.

(config)#hostname Spine1

(config)#commit

2. Assign the IP addresses to the physical and loopback interfaces of the Spine.

(config)#interface ce1

(config-if)#ip address 11.10.1.2/24

(config-if)#exit

(config)#interface ce24

(config-if)#ip address 21.10.1.2/24

(config-if)#exit

(config)#interface lo

(config-if)#ip address 11.11.11.11/32 secondary

(config-if)#exit

3. Configure the BGP and specify the ASN.

(config)#router bgp 200

4. Configure the router ID.

(config-router)#bgp router-id 11.11.11.11

5. Disable the inbound route filter.

(config-router)#no bgp inbound-route-filter

6. Configure the neighboring eBGP neighbor in a different ASN.

(config-router)#neighbor 11.10.1.1 remote-as 100

(config-router)#neighbor 21.10.1.1 remote-as 100

(config-router)#neighbor 1.1.1.1 remote-as 100

(config-router)#neighbor 2.2.2.2 remote-as 100

7. Configure eBGP multihop as the neighboring peer might not be directly connected.

(config-router)#neighbor 1.1.1.1 ebgp-multihop

(config-router)#neighbor 2.2.2.2 ebgp-multihop

8. Configure the source loopback address.

(config-router)#neighbor 1.1.1.1 update-source

(config-router)#neighbor 2.2.2.2 update-source

9. Configure the IPv4 address family and activate the neighbor.

(config-router)#address-family ipv4 unicast

(config-router-af)#network 11.11.11.11/32

(config-router-af)#neighbor 11.10.1.1 activate

(config-router-af)#neighbor 21.10.1.1 activate

(config-router-af)#exit-address-family

10. Configure the Layer 2 VPN address family and activate the neighbor.

(config-router)#address-family l2vpn evpn

(config-router-af)#neighbor 1.1.1.1 activate

(config-router-af)#neighbor 2.2.2.2 activate

(config-router-af)#exit-address-family

(config-router)#exit

(config)#commit

Running configurations

The running configuration for the Leaf1 is as follows:

hostname Leaf1

bridge 1 protocol rstp vlan-bridge

tfo Disable

vlan database

vlan 10 bridge 1 state enable

nvo VxLAN enable

mac vrf vrf10

evpn-vlan-service vlan-based

rd 1.1.1.1:10

route-target both 100:10

nvo VxLAN vtep-ip-global 1.1.1.1

nvo VxLAN id 10 ingress-replication bridge-vlan 10

VxLAN host-reachability-protocol evpn-bgp vrf10

interface ce49

ip address 11.10.1.1/24

interface lo

ip address 1.1.1.1/32 secondary

interface xe11

switchport

bridge-group 1 spanning-tree disable

switchport mode trunk

switchport trunk allowed vlan add 10

access-if-vxlan

exit

router bgp 100

bgp router-id 1.1.1.1

neighbor 11.10.1.2 remote-as 200

neighbor 11.11.11.11 remote-as 200

neighbor 11.11.11.11 ebgp-multihop

neighbor 11.11.11.11 update-source lo

address-family ipv4 unicast

network 1.1.1.1/32

neighbor 11.10.1.2 activate

neighbor 11.10.1.2 allowas-in 1

exit-address-family

address-family l2vpn evpn

neighbor 11.11.11.11 activate

neighbor 11.11.11.11 allowas-in 1

exit-address-family

exit

end

The running configuration for the Spine1 is as follows:

hostname Spine1

interface ce1

ip address 11.10.1.2/24

interface ce24

ip address 21.10.1.2/24

lldp-agent

interface lo

ip address 11.11.11.11/32 secondary

router bgp 200

bgp router-id 11.11.11.11

no bgp inbound-route-filter

neighbor 1.1.1.1 remote-as 100

neighbor 2.2.2.2 remote-as 100

neighbor 11.10.1.1 remote-as 100

neighbor 21.10.1.1 remote-as 100

neighbor 1.1.1.1 ebgp-multihop

neighbor 1.1.1.1 update-source lo

neighbor 2.2.2.2 ebgp-multihop

neighbor 2.2.2.2 update-source lo

address-family ipv4 unicast

network 11.11.11.11/32

neighbor 11.10.1.1 activate

neighbor 21.10.1.1 activate

exit-address-family

address-family l2vpn evpn

neighbor 1.1.1.1 activate

neighbor 2.2.2.2 activate

exit-address-family

exit

end

Validation

Validate the show output after configuration as shown below.

Leaf1:

Leaf1#show ip bgp summary

BGP router identifier 1.1.1.1, local AS number 100

BGP table version is 7

3 BGP AS-PATH entries

0 BGP community entries

Neighbor V AS MsgRcv MsgSen TblVer InQ OutQ Up/Down State/PfxRcd Desc

11.10.1.2 4 200 266 264 7 0 0 01:37:50 2

Total number of neighbors 1

Total number of Established sessions 1

Leaf1#show bgp l2vpn evpn summary

BGP router identifier 1.1.1.1, local AS number 100

BGP table version is 8

3 BGP AS-PATH entries

0 BGP community entries

Neighbor V AS MsgRcv MsgSen TblVer InQ OutQ Up/Down State/PfxRcd AD MACIP MCAST ESI PREFIX-ROUTE

11.11.11.11 4 200 237 235 8 0 0 01:36:10 3 0 1 2 0 0

Total number of neighbors 1

Total number of Established sessions 1

Leaf1#show nvo VxLAN tunnel

VxLAN Network tunnel Entries

Source Destination Status Up/Down Update Redund Description

=========================================================================================================

1.1.1.1 2.2.2.2 Installed 01:35:22 01:35:22 ---- ----

Total number of entries are 1

Leaf1#show nvo VxLAN vlan-vnid bridge-vlan 10

VLAN VNID Interface

__________________________________________________________

10 10 xe11

Total number of entries are 1

Leaf1#show nvo VxLAN vlan-vnid vnid 10

VLAN VNID Interface

__________________________________________________________

10 10 xe11

Total number of entries are 1

Leaf1#show nvo VxLAN vlan-vnid

VLAN VNID Interface

__________________________________________________________

10 10 xe11

Total number of entries are 2

Leaf1#

Leaf1#show nvo vxlan

VxLAN Information

=================

Codes: NW - Network Port

AC - Access Port

(u) - Untagged

VNID VNI-Name VNI-Type Type Interface ESI VLAN DF-Status Src-Addr Dst-Addr Redund Description

________________________________________________________________________________________________________________________________________________________

10 ---- L2 NW ---- ---- ---- ---- 1.1.1.1 2.2.2.2 ---- ----

10 ---- -- AC xe11 --- Single Homed Port --- 10 ---- ---- ----

Total number of entries are 2

Spine1:

Spine1#show ip bgp summary

BGP router identifier 11.11.11.11, local AS number 200

BGP table version is 3

2 BGP AS-PATH entries

0 BGP community entries

Neighbor V AS MsgRcv MsgSen TblVer InQ OutQ Up/Down State/PfxRcd Desc

11.10.1.1 4 100 247 246 3 0 0 01:44:11 1

21.10.1.1 4 100 249 247 3 0 0 01:44:11 1

Total number of neighbors 2

Total number of Established sessions 2

Spine1#

Spine1#show bgp l2vpn evpn summary

BGP router identifier 11.11.11.11, local AS number 200

BGP table version is 9

2 BGP AS-PATH entries

0 BGP community entries

Neighbor V AS MsgRcv MsgSen TblVer InQ OutQ Up/Down State/PfxRcd AD MACIP MCAST ESI PREFIX-ROUTE

1.1.1.1 4 100 249 252 9 0 0 01:42:31 3 0 1 2 0 0

2.2.2.2 4 100 251 250 9 0 0 01:42:01 3 0 1 2 0 0

Total number of neighbors 2

Total number of Established sessions 2

VLAN VNID Mapping Command

The VLAN VNID mapping feature introduces the following configuration command.

access-if-vxlan

Use this command to create a logical port per parent interface for egress VLAN translation.

Use no form of this command to unconfigure the access-if-vxlan.

Command Syntax

access-if-vxlan

no access-if-vxlan

Parameters

None

Default

None

Command Mode

Interface mode

Applicability

Introduced in OcNOS version 6.5.2.

Example

The below example shows how to configure a logical port per parent interface:

OcNOS#configure terminal

OcNOS(config)#interface xe1

OcNOS(config-if)#access-if-vxlan

show nvo VxLAN vlan-vnid

Use this command to display the VLAIN ID to VNID mapping.

Command Syntax

show nvo VxLAN vlan-vnid (bridge-vlan <VLAN ID> (summary |) | vnid <VNID> | summary)

Parameters

vnid <VNID>	(Optional) Displays all the VLAN ID to VNID mapping.
bridge-vlan <VLAN ID>	(Optional) Displays all the VLAN ID to VNID mapping.
summary	(Optional) Displays the total count of VLAN to VNID mapping.

Default

None

Command Mode

Exec mode

Applicability

Introduced in OcNOS version 6.5.2.

Example

The below examples show the output of VLAN to VNID mapping:

OcNOS#show nvo VxLAN vlan-vnid

VLAN VNID Interface

__________________________________________________________

10 10 xe11

Total number of entries are 1

OcNOS#

OcNOS#show nvo VxLAN vlan-vnid bridge-vlan 10

VLAN VNID Interface

__________________________________________________________

10 10 xe11

Total number of entries are 1

OcNOS#

Table P‑2-1 explains the output fields.

Table 2-1: VLAN VNID fields
Field	Description
VLAN	VLAN Identifier.
VNID	VxLAN Identifier.
Interface	Name of the interface.

Glossary

The following provides definitions for key terms or abbreviations and their meanings used throughout this document:

Key Terms/Acronym	Description
Virtual Local Area Network Identifier (VLAN ID)	Virtual Local Area Network Identifier is a 12-bit unique identifier assigned to a VLAN to identify it in a network.
Virtual Extensible Local Area Network Identifier (VNID)	Virtual Extensible Local Area Network Identifier is a unique 24-bit identifier assigned to a VxLAN to identify it in a network.
Virtual Local Area Network (VLAN)	Virtual Local Area Network in a network configuration creates a separate and isolated virtual network with other virtual networks over a single physical interface.
Virtual Extensible Local Area Network (VxLAN)	Virtual Extensible Local Area Network (VxLAN) enables the creation of a virtualized Layer 2 network over the Layer 3 infrastructure. This is an overlay network on Layer 3 designed to overcome the limitations of VLANs.
Virtual Tunnel Endpoint (VTEP)	Virtual Tunnel Endpoint is a significant component in VxLAN that encapsulates or decapsulates the VxLAN traffic as it enters or leaves the VxLAN overlay network respectively.