OcNOS DC : Virtual Extensible Local Area Network Guide : VxLAN - Data Forwarding Configuration : VLAN to VNID Mapping
VLAN to VNID Mapping
Overview
OcNOS supports mapping Virtual Local Area Network Identifier (VLAN ID) to Virtual Extensible Local Area Network Identifier (VNID) to extend the Layer 2 VLAN over to the Layer 3 VxLAN. The VLAN ID is a unique number assigned to a specific VLAN, and the VNID is the same for a specific VxLAN. The Virtual Tunnel Endpoint (VTEP) is a network device or a software component that encapsulates the ethernet frames from a specific VLAN ID into a VxLAN header that contains the VNID. This encapsulated frame is the VxLAN packet, which is again encapsulated in the UDP packet and wrapped in an outer IP header to transport it to the IP network.
Feature Characteristics
The VLAN ID to VNID communication is regardless the physical and logical port.
Each VNID is allowed to map with a single VLAN ID.
VLAN is removed over the tunnel and re-added when egressing out of the host-connected port.
Benefits
The feature enhances the scalability and flexibility by extending the VLAN to VxLAN boundaries.
Configuration
This section shows the procedure for configuring VxLAN using VLAN to VNI mapping.
Topology
This topology demonstrates the configuration necessary to enable VxLAN VLAN-to-VNID mapping. Leaf1 and Leaf2 are VxLAN VTEPs in the Autonomous System (ASN) 100, and the Spine1 resides in a different Autonomous System (ASN) 200. The setup involves establishing eBGP IPv4 (underlay) neighborship between interface addresses and L2VPN EVPN (overlay) neighborship between loopback interfaces.
Once the underlay and overlay neighborships are established, configure the VxLAN tunnel between Leaf1 and Leaf2. The global VTEP IP is the loopback address.
VLAN to VNID mapping
Configuring VLAN to VNID mapping
Follow the steps to configure the VxLAN EVPN using VLAN to VNI mapping. The detailed configuration procedure demonstrates how access-if VxLAN is configured on a switchport in trunk mode.
Note: The configuration of access-if VxLAN is allowed in the access mode also. The example is as follows:
(config)#interface xe12
(config-if)# switchport
(config-if)# bridge-group 1 spanning-tree disable
(config-if)# switchport mode access
(config-if)# switchport access vlan 20
(config-if)# access-if-vxlan
(config-if)#exit
Configure the Leaf1 and Leaf2:
The parameters used in the configuration procedure are as present for Leaf1. Use the same commands with the Leaf2 parameters to configure the Leaf2.
1. Configure the hostname of the VTEP.
(config)#hostname Leaf1
(config)#commit
2. Configure the bridge type using the bridge 1 protocol rstp vlan-bridge command. This command enables the RSTP VLAN bridge type.
(config)#bridge 1 protocol rstp vlan-bridge
3. Enter the VLAN database using the vlan database command and associate the VLAN with a bridge.
(config)#vlan database
(config-vlan)#vlan 10 bridge 1 state enable
4. Enable the VxLAN globally on the VTEP.
(config)#nvo VxLAN enable
Note: Save and reboot the system to enable the VxLAN in the hardware.
5. Create the MAC VRF and name it using mac vrf vrf10. Configure the VLAN-based service type using evpn-vlan-service vlan-based command, assign a unique route distinguisher and route target value using rd 1.1.1.1:10 and route-target both 100:10 commands respectively.
(config)#mac vrf vrf10
(config-vrf)#evpn-vlan-service vlan-based
(config-vrf)#rd 1.1.1.1:10
(config-vrf)#route-target both 100:10
6. Configure a global IP to the VTEP. This IP address uniquely identifies the VTEP.
(config)#nvo VxLAN vtep-ip-global 1.1.1.1
7. Create a VNID and map it with the bridge VLAN using nvo VxLAN id 10 ingress-replication bridge-vlan 10. Configure the host-reachability-protocol as BGP-EVPN and associate the MAC VRF.
(config)#nvo VxLAN id 10 ingress-replication bridge-vlan 10
(config-nvo)#VxLAN host-reachability-protocol evpn-bgp vrf10
8. Assign the IP addresses to the physical and loopback interfaces of the Leaf1 to connect to the Spine.
(config)#interface ce49
(config-if)#ip address 11.10.1.1/24
(config-if)#exit
(config)#interface lo
(config-if)#ip address 1.1.1.1/32 secondary
9. Configure the interface xe11 as a switchport. Use the command bridge-group 1 spanning-tree disable to associate the bridge group to this interface and disable the Spanning Tree Protocol (STP) to avoid the port block. Configure the switching characteristic of this interface to trunk mode using the switchport mode trunk command and this allows multiple VLANs to run in the interface. Use the command switchport trunk allowed vlan add 10 to enable VLAN 10 through this interface. Map this interface with the VxLAN using access-if-VxLAN command.
(config)#interface xe11
(config-if)#switchport
(config-if)# bridge-group 1 spanning-tree disable
(config-if)#switchport mode trunk
(config-if)#switchport trunk allowed vlan add 10
(config-if)#access-if-vxlan
10. Configure the BGP and specify the autonomous number (ASN).
(config)#router bgp 100
11. Configure the router ID.
(config-router)#bgp router-id 1.1.1.1
12. Configure the neighboring eBGP peers in a different ASN.
(config-router)#neighbor 11.10.1.2 remote-as 200
(config-router)#neighbor 11.11.11.11 remote-as 200
13. Configure eBGP multihop as the neighboring peer is not directly connected.
(config-router)#neighbor 11.11.11.11 ebgp-multihop
14. Configure the source loopback address.
(config-router)#neighbor 11.11.11.11 update-source lo
15. Configure the IPv4 address family and activate the neighbor.
(config-router)#address-family ipv4 unicast
(config-router-af)#network 1.1.1.1/32
(config-router)#neighbor 11.10.1.2 activate
(config-router-af)#neighbor 11.10.1.2 allowas-in 1
(config-router-af)#exit-address-family
16. Configure the Layer 2 VPN address family and activate the neighbor.
(config-router)#address-family l2vpn evpn
(config-router-af)#neighbor 11.11.11.11 activate
(config-router-af)#neighbor 11.11.11.11 allowas-in 1
(config-router-af)#exit-address-family
(config-router)#exit
(config)#commit
Configure the Spine1:
1. Configure the hostname of the Spine.
(config)#hostname Spine1
(config)#commit
2. Assign the IP addresses to the physical and loopback interfaces of the Spine.
(config)#interface ce1
(config-if)#ip address 11.10.1.2/24
(config-if)#exit
(config)#interface ce24
(config-if)#ip address 21.10.1.2/24
(config-if)#exit
(config)#interface lo
(config-if)#ip address 11.11.11.11/32 secondary
(config-if)#exit
3. Configure the BGP and specify the ASN.
(config)#router bgp 200
4. Configure the router ID.
(config-router)#bgp router-id 11.11.11.11
5. Disable the inbound route filter.
(config-router)#no bgp inbound-route-filter
6. Configure the neighboring eBGP neighbor in a different ASN.
(config-router)#neighbor 11.10.1.1 remote-as 100
(config-router)#neighbor 21.10.1.1 remote-as 100
(config-router)#neighbor 1.1.1.1 remote-as 100
(config-router)#neighbor 2.2.2.2 remote-as 100
7. Configure eBGP multihop as the neighboring peer might not be directly connected.
(config-router)#neighbor 1.1.1.1 ebgp-multihop
(config-router)#neighbor 2.2.2.2 ebgp-multihop
8. Configure the source loopback address.
(config-router)#neighbor 1.1.1.1 update-source
(config-router)#neighbor 2.2.2.2 update-source
9. Configure the IPv4 address family and activate the neighbor.
(config-router)#address-family ipv4 unicast
(config-router-af)#network 11.11.11.11/32
(config-router-af)#neighbor 11.10.1.1 activate
(config-router-af)#neighbor 21.10.1.1 activate
(config-router-af)#exit-address-family
10. Configure the Layer 2 VPN address family and activate the neighbor.
(config-router)#address-family l2vpn evpn
(config-router-af)#neighbor 1.1.1.1 activate
(config-router-af)#neighbor 2.2.2.2 activate
(config-router-af)#exit-address-family
(config-router)#exit
(config)#commit
Running configurations
The running configuration for the Leaf1 is as follows:
hostname Leaf1
bridge 1 protocol rstp vlan-bridge
tfo Disable
!
vlan database
vlan 10 bridge 1 state enable
!
nvo VxLAN enable
!
mac vrf vrf10
evpn-vlan-service vlan-based
rd 1.1.1.1:10
route-target both 100:10
!
nvo VxLAN vtep-ip-global 1.1.1.1
!
nvo VxLAN id 10 ingress-replication bridge-vlan 10
VxLAN host-reachability-protocol evpn-bgp vrf10
!
interface ce49
ip address 11.10.1.1/24
!
interface lo
ip address 1.1.1.1/32 secondary
!
interface xe11
switchport
bridge-group 1 spanning-tree disable
switchport mode trunk
switchport trunk allowed vlan add 10
access-if-vxlan
!
exit
!
router bgp 100
bgp router-id 1.1.1.1
neighbor 11.10.1.2 remote-as 200
neighbor 11.11.11.11 remote-as 200
neighbor 11.11.11.11 ebgp-multihop
neighbor 11.11.11.11 update-source lo
!
address-family ipv4 unicast
network 1.1.1.1/32
neighbor 11.10.1.2 activate
neighbor 11.10.1.2 allowas-in 1
exit-address-family
!
address-family l2vpn evpn
neighbor 11.11.11.11 activate
neighbor 11.11.11.11 allowas-in 1
exit-address-family
!
exit
!
end
The running configuration for the Spine1 is as follows:
hostname Spine1
!
interface ce1
ip address 11.10.1.2/24
!
interface ce24
ip address 21.10.1.2/24
lldp-agent
!
interface lo
ip address 11.11.11.11/32 secondary
!
router bgp 200
bgp router-id 11.11.11.11
no bgp inbound-route-filter
neighbor 1.1.1.1 remote-as 100
neighbor 2.2.2.2 remote-as 100
neighbor 11.10.1.1 remote-as 100
neighbor 21.10.1.1 remote-as 100
neighbor 1.1.1.1 ebgp-multihop
neighbor 1.1.1.1 update-source lo
neighbor 2.2.2.2 ebgp-multihop
neighbor 2.2.2.2 update-source lo
!
address-family ipv4 unicast
network 11.11.11.11/32
neighbor 11.10.1.1 activate
neighbor 21.10.1.1 activate
exit-address-family
!
address-family l2vpn evpn
neighbor 1.1.1.1 activate
neighbor 2.2.2.2 activate
exit-address-family
!
exit
end
Validation
Validate the show output after configuration as shown below.
Leaf1:
 
Leaf1#show ip bgp summary
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 7
3 BGP AS-PATH entries
0 BGP community entries
 
Neighbor V AS MsgRcv MsgSen TblVer InQ OutQ Up/Down State/PfxRcd Desc
11.10.1.2 4 200 266 264 7 0 0 01:37:50 2
 
Total number of neighbors 1
 
Total number of Established sessions 1
Leaf1#show bgp l2vpn evpn summary
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 8
3 BGP AS-PATH entries
0 BGP community entries
 
Neighbor V AS MsgRcv MsgSen TblVer InQ OutQ Up/Down State/PfxRcd AD MACIP MCAST ESI PREFIX-ROUTE
11.11.11.11 4 200 237 235 8 0 0 01:36:10 3 0 1 2 0 0
 
Total number of neighbors 1
 
Total number of Established sessions 1
Leaf1#show nvo VxLAN tunnel
VxLAN Network tunnel Entries
Source Destination Status Up/Down Update Redund Description
=========================================================================================================
1.1.1.1 2.2.2.2 Installed 01:35:22 01:35:22 ---- ----
 
Total number of entries are 1
Leaf1#show nvo VxLAN vlan-vnid bridge-vlan 10
VLAN VNID Interface
__________________________________________________________
10 10 xe11
 
Total number of entries are 1
 
Leaf1#show nvo VxLAN vlan-vnid vnid 10
VLAN VNID Interface
__________________________________________________________
10 10 xe11
 
Total number of entries are 1
 
Leaf1#show nvo VxLAN vlan-vnid
VLAN VNID Interface
__________________________________________________________
10 10 xe11
 
Total number of entries are 2
Leaf1#
 
Leaf1#show nvo vxlan
VxLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
 
VNID VNI-Name VNI-Type Type Interface ESI VLAN DF-Status Src-Addr Dst-Addr Redund Description
________________________________________________________________________________________________________________________________________________________
10 ---- L2 NW ---- ---- ---- ---- 1.1.1.1 2.2.2.2 ---- ----
10 ---- -- AC xe11 --- Single Homed Port --- 10 ---- ---- ----
 
Total number of entries are 2
Spine1:
 
Spine1#show ip bgp summary
BGP router identifier 11.11.11.11, local AS number 200
BGP table version is 3
2 BGP AS-PATH entries
0 BGP community entries
 
Neighbor V AS MsgRcv MsgSen TblVer InQ OutQ Up/Down State/PfxRcd Desc
11.10.1.1 4 100 247 246 3 0 0 01:44:11 1
21.10.1.1 4 100 249 247 3 0 0 01:44:11 1
 
Total number of neighbors 2
 
Total number of Established sessions 2
Spine1#
Spine1#show bgp l2vpn evpn summary
BGP router identifier 11.11.11.11, local AS number 200
BGP table version is 9
2 BGP AS-PATH entries
0 BGP community entries
 
Neighbor V AS MsgRcv MsgSen TblVer InQ OutQ Up/Down State/PfxRcd AD MACIP MCAST ESI PREFIX-ROUTE
1.1.1.1 4 100 249 252 9 0 0 01:42:31 3 0 1 2 0 0
2.2.2.2 4 100 251 250 9 0 0 01:42:01 3 0 1 2 0 0
 
Total number of neighbors 2
 
Total number of Established sessions 2
VLAN VNID Mapping Command
The VLAN VNID mapping feature introduces the following configuration command.
access-if-vxlan
Use this command to create a logical port per parent interface for egress VLAN translation.
Use no form of this command to unconfigure the access-if-vxlan.
Command Syntax
access-if-vxlan
no access-if-vxlan
Parameters
None
Default
None
Command Mode
Interface mode
Applicability
Introduced in OcNOS version 6.5.2.
Example
The below example shows how to configure a logical port per parent interface:
OcNOS#configure terminal
OcNOS(config)#interface xe1
OcNOS(config-if)#access-if-vxlan
show nvo VxLAN vlan-vnid
Use this command to display the VLAIN ID to VNID mapping.
Command Syntax
show nvo VxLAN vlan-vnid (bridge-vlan <VLAN ID> (summary |) | vnid <VNID> | summary)
Parameters
 
Default
None
Command Mode
Exec mode
Applicability
Introduced in OcNOS version 6.5.2.
Example
The below examples show the output of VLAN to VNID mapping:
OcNOS#show nvo VxLAN vlan-vnid
VLAN VNID Interface
__________________________________________________________
10 10 xe11
 
Total number of entries are 1
OcNOS#
 
OcNOS#show nvo VxLAN vlan-vnid bridge-vlan 10
VLAN VNID Interface
__________________________________________________________
10 10 xe11
 
Total number of entries are 1
OcNOS#
 
Table P‑2-1 explains the output fields.
Table 2-1: VLAN VNID fields
Field
Description
VLAN
VLAN Identifier.
VNID
VxLAN Identifier.
Interface
Name of the interface.
Glossary
The following provides definitions for key terms or abbreviations and their meanings used throughout this document:
 
Key Terms/Acronym
Description
Virtual Local Area Network Identifier (VLAN ID)
Virtual Local Area Network Identifier is a 12-bit unique identifier assigned to a VLAN to identify it in a network.
Virtual Extensible Local Area Network Identifier (VNID)
Virtual Extensible Local Area Network Identifier is a unique 24-bit identifier assigned to a VxLAN to identify it in a network.
Virtual Local Area Network (VLAN)
Virtual Local Area Network in a network configuration creates a separate and isolated virtual network with other virtual networks over a single physical interface.
Virtual Extensible Local Area Network (VxLAN)
Virtual Extensible Local Area Network (VxLAN) enables the creation of a virtualized Layer 2 network over the Layer 3 infrastructure. This is an overlay network on Layer 3 designed to overcome the limitations of VLANs.
Virtual Tunnel Endpoint (VTEP)
Virtual Tunnel Endpoint is a significant component in VxLAN that encapsulates or decapsulates the VxLAN traffic as it enters or leaves the VxLAN overlay network respectively.