VXLAN Commands
This chapter describes the VXLAN commands:
arp-cache disable
Use this command to disable the ARP cache for MAC/IP.
When the ARP cache is disabled on a VxLAN access port, OcNOS does not reply to any ARP arriving on this port from the cache. OcNOS withdraws all MAC/IPs configured/learned on this access port and removes the MAC/IP entry for this access port from the local ARP cache.
OcNOS also makes sure that on withdrawing the MAC/IP route, the MAC does not become unknown. If all routes for this MAC are being withdrawn because of this command, then OcNOS advertises a MAC-only route. This is done so that the MAC does not become unknown and only the cache functionality becomes disabled.
Use the no form of this command to enable ARP cache for MAC/IP.
Note: On enabling the cache, an IP will be in conflict, then the cache enable will fail. The conflict has to be manually removed and then the cache enabled.
Command Syntax
arp-cache disable
no arp-cache disable
Parameters
None
Default
By default, the arp-cache option is enabled.
Command Mode
NVO access interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#arp-cache disable
(config-nvo-acc-if)#exit
arp-nd flood-suppress
Use this command to completely restrict the flood of ARP/ND packets towards remote VTEPs or other access ports.
This command applies only when the ARP cache and ND cache are enabled. When the ARP cache is disabled, ARP flooding is not suppressed even if this command is given. When the ND cache is disabled, ND flooding is not disabled, even if this command is given.
Use the no form of this command to not restrict the flood of ARP/ND packets.
Command Syntax
arp-nd flood-suppress
no arp-nd flood-suppress
Parameters
None
Default
By default, the arp-nd flood-suppress option is disabled.
Command Mode
NVO access interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#arp-nd flood-suppress
(config-nvo-acc-if)#exit
arp-nd refresh timer
Use this command to configure aging out the arp-cache and nd-cache entries for given time multiplied by 3 in secs
Use the no form of this command to remove the configuration.
Command Syntax
nvo vxlan arp-nd refresh-timer <3-190> mac (XX-XX-XX-XX-XX-XX|XX:XX:XX:XX:XX:XX|XXXX.XXXX.XXXX)
no nvo vxlan arp-nd refresh-timer
Parameters
<3-190>
refresh time in seconds
XX-XX-XX-XX-XX-XX
v-mac is mandatory for MH
Command Mode
Config mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#config mode
(config)#nvo vxlan arp-nd refresh-timer 100
(config)#no nvo vxlan arp-nd refresh-timer
Example to configure in MH node
(config)#nvo vxlan arp-nd refresh-timer 100 mac 0000.1111.2222
clear mac address table dynamic vxlan
Use this command to clear dynamically learned MACs.
Command Syntax
clear mac address table dynamic vxlan
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#clear mac address table dynamic vxlan
clear nvo vxlan counters
Use this command to clear the counters of access ports or network ports.
Command Syntax
clear nvo vxlan counters((access-port (port IFNAME | port-vlan IFNAME (VLAN_ID | outer-vlan) | all)) | (network-port (dst A.B.C.D | all)))
Parameters
port
Port
IFNAME
Interface name
port-vlan
VLAN port
IFNAME
Interface name
VLAN_ID
VLAN identifier
Outer-vlan
Outer Vlan
A.B.C.D
Tunnel destination IPv4 address
all
All access or network ports
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
Example for clearing a VLAN port counter:
#clear nvo vxlan counters access-port port-vlan xe1 2
Example for clearing all access port counters:
#clear nvo vxlan counters access-port all
Example for clearing network port counters:
#clear nvo vxlan counters network-port dst 1.1.1.1
Example for clearing all network port counters:
#clear nvo vxlan counters network-port all
clear nvo vxlan tunnels
Use this command to clear the nvo vxlan tunnels to re-establish the tunnel after mapping/un-mapping the QoS profile to vxlan tunnel.
Command Syntax
clear nvo vxlan tunnels (|dst-ip A.B.C.D)
Parameters
dst-ip
VXLAN tunnel destination
A.B.C.D
destination IPv4 address
Command Mode
Exec mode
Applicability
This command was introduced in OcNOS version 3.0.
Example
#clear nvo vxlan tunnels dst-ip 2.2.2.2
Note: clear nvo vxlan tunnels This command will clear all the VXLAN tunnels destination.
clear nvo vxlan tunnels dst-ip A.B.C.D - This command to clear individual tunnel destination( i.e A.B.C.D).
clear nvo vxlan mac-stale-entries
Use this command to clear MAC entries that are in discard state in the forwarding database.
Command Syntax
clear nvo vxlan mac-stale-entries (vnid <1-16777215> |)
Parameters
<1-16777215>
VXLAN network identifier
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#clear nvo vxlan mac-stale-entries vnid 100
description
Use this command to set a description for a port.
Use the no form of this command to remove the description for a port.
Command Syntax
description LINE
no description
Parameters
LINE
Maximum 32 characters describing this port.
Default
No default value is specified for description LINE commands.
Command Mode
NVO access interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#description member-port xe1 with vlan 2
(config-nvo-acc-if)#exit
dynamic-learning disable
Use this command to disable dynamic learning of MACs at the access port. This command also disables dynamic learning of MAC/IP from ARP/ND messages received on this access port.
Use the no form of this command to enable dynamic learning of MACs at the access port.
Command Syntax
dynamic-learning disable
no dynamic-learning disable
Parameters
None
Default
By default, the dynamic-learning option is enabled.
Command Mode
NVO access interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#dynamic-learning disable
(config-nvo-acc-if)#exit
encapsulation
Use this command to assign a Tag Protocol Identifier (TPID) to an access port.
Use the no form of this command to set the default TPID (0x8100: IEEE 802.1Q VLAN-tagged frame) to an access port.
Command Syntax
encapsulation TPID
no encapsulation
Parameters
TPID
Tag Protocol Identifier:
Ox88A8: IEEE 802.1ad Provider Bridging
Ox9100: IEEE 802.1Q VLAN-tagged frame with double tagging
Default
The encapsulation TPID default is 0X8100.
Command Mode
NVO access interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#encapsulation 0x9100
(config-nvo-acc-if)#exit
evpn esi holdtime
Use this command to allow some time for the tunnels to come at the time of vxlan initialization before making the esi up. This avoids traffic to be black-holed when a new PE is added and connected to an already running CE for multi-homing.
Use the no form of this command to make the esi up immediately when configuring the access-if cli.
Command Syntax
evpn esi holdtime <10-300>
no evpn esi holdtime <10-300>
Parameters
<10-300>
Hold time in seconds
Default
Default value is 0.
Command Mode
Configuration Mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)# evpn esi holdtime 100
(config)# exit
evpn vxlan multi-homing enable
Use this command to enable evpn vxlan multi-homing
Use the no form of this command to disable evpn vxlan multi-homing.
Note: Node will have to be restarted for this to be applicable. If there are some nodes in topology which have multi-homed CEs, then nodes which do not have multi-homed CEs should also enable multihoming so, that they can load share traffic to the multi-homed CEs.
Command Syntax
evpn vxlan multihoming enable
no evpn vxlan multihoming enable
Parameters
None
Default
By Default Multi-homing will be d]isabled
Command Mode
Configuration Mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
#(config)# evpn vxlan multihoming enable
#(config)# exit
evpn multi-homed
Use this command to configure interfaces as multi-homed and configure esi-value in case of physical and static lag and system-mac in case of Dynamic lag.
Use the no parameter of this command to unconfigure multi-homed on the interface.
Command Syntax
evpn multi-homed (esi XX:XX:XX:XX:XX:XX:XX:XX:XX | system-mac (XX-XX-XX-XX-XX-XX|XX:XX:XX:XX:XX:XX|XXXX.XXXX.XXXX)
no evpn multi-homed (esi | system-mac)
Parameters
XX:XX:XX:XX:XX:XX:XX:XX:XX
ESI value in HH:HH:HH:HH:HH:HH:HH:HH:HH - 9
octet format
XX-XX-XX-XX-XX-XX
Host MAC address (Option 1)
XX:XX:XX:XX:XX:XX
Host MAC address (Option 2)
XXXX.XXXX.XXXX
Host MAC address (Option 3)
Default
Default value is 0.
Command Mode
Interface Mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)# interface xe1
(config)# evpn multi-homed esi 00:11:22:33:44:55:66:77:88
(config)# exit
configure terminal
(config)# interface po1
(config)# evpn multi-homed system-mac 0000.0000.1111
(config)# exit
evpn-vlan-service
Use this command to configure EVPN-Service type.
Use the no form of this command to delete the evpn vlan service.
Note: If access port mappings to vnid exists already and VLAN service is configured later and mapped to tenant then we should not allow the mapping, user should either remove and reconfigure the access port mappings.
Command Syntax
evpn-vlan-service (vlan-aware-bundle | vlan-based)
no evpn-vlan-service
Parameters
vlan-based
VLAN-based mapping of a mac-vrf to single VNI (1 to 1)
vlan-aware-bundle
VLAN-aware-bundle mapping of a mac-vrf to multiple VNI (1 to many)
Default
By default, vlan-aware-bundle service is applied when we no evpn-vlan-service configuration is specified explicitly.
Command Mode
MAC vrf mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#mac vrf vrf1
(config-vrf)# evpn-vlan-service vlan-based
(config-vrf)# no evpn-vlan-service vlan-based
garp-gna enable
Use this command to enable GARP/GNA packets per vxlan on the outgoing access interfaces where it is configured.
Use the no form this command to disable GARP/GNA packets on the outgoing access interfaces.
By default it will be disable
Command Syntax
garp-gna enable
garp-gna enable
Parameters
None
Command Mode
config-nvo-acc-if mode
Applicability
This command is introduced in OcNOS version 1.3.6.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 10
config-nvo-acc-if)#garp-gna enable
load-balance rtag7 vxlan inner-l2
Use this command to enable RTAG7 load balancing for VxLAN for inner-L2 packets on the access side for load sharing of traffic on tunnel paths. This command also enables random UDP source port generation for the VxLAN UDP tunnels based on the L2 frame being received on the VxLAN access port.
Use the no parameter of this command to disable load balance for RTAG7 for VxLAN for inner-L2 frames.
Command Syntax
load-balance rtag7 vxlan inner-l2 (dest-mac | src-mac)
no load-balance rtag7 vxlan inner-l2 (dest-mac | src-mac)
Parameter
dest-mac
Destination MAC Address.
src-mac
Source MAC Address.
Default
By default, the load-balance rtag7 vxlan inner-l2 default is src-mac.
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#load-balance rtag7 vxlan inner-l2 dest-mac
(config)#no load-balance rtag7 vxlan inner-l2 dest-mac
load-balance rtag7 vxlan inner-l3
Use this command to enable RTAG7 load balancing for VxLAN for inner-L3 IPv4 and IPv6 packets on the access side for load sharing of traffic on tunnel paths. This command also enables random UDP source port generation for the VxLAN UDP tunnels based on the L3 frame being received on the VxLAN access port.
Use the no parameter of this command to disable load balance for RTAG7 for VxLAN for inner-L3 IPv4 and IPv6 frames.
Command Syntax
load-balance rtag7 vxlan inner-l3 (dest-ip | destl4-port | protocol-id | src-ip | srcl4-port)
no load-balance rtag7 vxlan inner-l3 (dest-ip | destl4-port | protocol-id | src-ip | srcl4-port)
Parameter
dest-ip
Destination IP.
destl4-port
Destination l4 port.
protocol-id
Protocol (IPv4).
src-ip
Source IP.
srcl4-port
Source l4 port.
Default
By default, the load-balance rtag7 vxlan inner-l3 default is src-ip.
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#load-balance rtag7 vxlan inner-l3 dest-ip
(config)#no load-balance rtag7 vxlan inner-l3 dest-ip
mac
Use this command to associate a static MAC address and a static IPv4 or IPv6 address on an access interface.
Use the no form of this command to disassociate a static MAC address and an IPv4 or IPv6 address for an access interface.
Note: When a static host is configured on an access port which is in the down state, its state is Inactive.
Note: The same static mac configuration is not allowed on a different access port as then there will be a chance of conflict. However, if a dynamic packet is sent at another access port which is up and running with the same MAC, it learns as usual. As soon as the port on which the static MAC is configured comes up, static learning is given precedence and the dynamically learned MAC is moved to the port where it is configured statically.
Command Syntax
mac XXXX.XXXX.XXXX
mac XXXX.XXXX.XXXX (ip A.B.C.D | ipv6 X:X::X:X)
no mac XXXX.XXXX.XXXX (ip A.B.C.D | ipv6 X:X::X:X)
Parameters
XXXX.XXXX.XXXX
Static MAC address. The following formats are supported:
XX-XX-XX-XX-XX-XX Source MAC address (Option 1)
XX:XX:XX:XX:XX:XX Source MAC address (Option 2)
XXXX.XXXX.XXXX Source MAC address (Option 3)
A.B.C.D
Static IPv4 address.
X:X::X:X
Static IPv6 address.
Default
No default value is specified for mac command.
Command Mode
NVO access interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#mac 0000.0000.aaaa ip 10.10.10.1
(config-nvo-acc-if)#mac 0000.0000.aaaa ipv6 1201::1
(config-nvo-acc-if)#exit
mac vrf
Use this command to create a MAC VRF to use in EVPN routes.
Use the no parameter of this command to delete the MAC VRF.
Command Syntax
mac vrf WORD
no mac vrf WORD
Parameter
WORD
MAC routing or forwarding instance name.
Default
No default value is specified for mac vrf WORD command.
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#mac vrf vrf1
(config)#no mac vrf vrf1
mac-holdtime
Use this command to set the MAC hold time for a MAC/IP or MAC.
The feature holds the MAC in hardware until BGP has withdrawn from the neighbors. This helps to reduce flooding to other access ports.
This setting applies when the access port is shut down, the physical port on which the access port is down, or the access port is removed from the VNID using the
no form of the
map vnid command.
When the MAC hold time is configured as -1, then the MAC is not removed from the hardware and is also not withdrawn from EVPN BGP.
Use the no form of this command to remove the MAC hold time for the MAC/IP or MAC.
Note: When a MAC is moved to discard state, traffic to and from this MAC is discarded. This is applicable only on statically configured MAC/MAC-IPs.
Command Syntax
mac-holdtime <-1-300>
no mac-holdtime
Parameters
<-1-300>
MAC hold time in seconds. Specify -1 to “never expire”.
Default
The default holdtime for mac is 3 seconds.
Command Mode
NVO mode and NVO_ACC_IF_MODE mode
Note: When configured in both modes, then the NVO_ACC_IF_MODE value takes preference for that access port.
Applicability
This command was introduced before OcNOS version 1.3.
This command in NVO_ACC_IF_MODE mode is introduced in OcNOS version 1.3.4.
Example
#configure terminal
(config)#nvo vxlan id 3 ingress-replication inner-vid-disabled
(config-nvo)#mac-holdtime -1
(config-nvo)#exit
map vnid
Use this command to map a tenant to an access-port.
Use the no form of this command to remove the tenant from an access-port
Command Syntax
map vnid <1-16777215>
no map vnid <1-16777215>
Parameters
<1-16777215>
VxLAN network identifier.
Default
No default value is specified for map vnid command.
Command Mode
NVO access interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#map vnid 100
(config-nvo-acc-if)#exit
nd-cache disable
Use this command to disable ND cache for MAC/IPv6.
When the ND cache is disabled on a VxLAN access port, OcNOS does not reply to any ND arriving on this port from the cache. OcNOS withdraws all MAC/IPs configured/learned on this access port and removes the MAC/IP entry for this access port from the local ND cache.
OcNOS also makes sure that on withdrawing the MAC/IP route, the MAC does not become unknown. If all routes for this MAC are being withdrawn because of this command, then OcNOS advertises a MAC-only route. This is done so that the MAC does not become unknown and only the cache functionality becomes disabled.
Use the no form of this command to enable ND cache for MAC/IPv6.
Note: On enabling the cache, an IP will be in conflict, then the cache enable will fail. The conflict has to be manually removed and then the cache enabled.
Command Syntax
nd-cache disable
no nd-cache disable
Parameters
None
Default
By default, the nd-cache option is enabled.
Command Mode
NVO access interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#nd-cache disable
(config-nvo-acc-if)#exit
no nvo vxlan
Use this command to delete a given tenant or all tenants/VPNs.
Command Syntax
no nvo vxlan (id <1-16777215>|all-vnids)
Parameters
<1-16777215>
VXLAN Network Identifier.
all-vnids
Delete all VxLAN network identifiers.
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#no nvo vxlan id 100
nvo vxlan
Use this command to enable or disable VxLAN.
Command Syntax
nvo vxlan (enable | disable)
Parameters
None
Default
By default, the nvo vxlan option is disabled.
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan enable
(config)#nvo vxlan disable
nvo vxlan id
Use this command to add a tenant and the type of VPN. This command changes the mode to NVO mode.
Use no form of this command to unconfigure the VXLAN ID.
Before using this command, enable VXLAN by using the
nvo vxlan command.
Command Syntax
nvo vxlan id <1-16777215> (etree-leaf|) ((ingress-replication (inner-vid-disabled | bridge-vlan VLAN-ID | etree-leaf)
no nvo vxlan id <1-16777215>
Parameters
vxaln id <1-16777215> | Specifies the VXLAN Network Identifier (VNID) to identify the virtual VXLAN overlay network segment. |
multicast | (Optional) Specifies a multicast mode (point to multipoint) used for transmitting VXLAN encapsulated multicast packets. |
ingress-replication | (Optional) Enables head-end replication for forwarding BUM traffic. |
bridge-vlan VLAN-ID | (Optional) Specifies the VLAN ID. |
inner-vid-disabled | (Optional) Disables the transmission of the VLAN ID (VID) with traffic leaving the network port. |
etree-leaf | (Optional) Configures the device as a leaf node within the E-Tree topology, implying its role in forwarding BUM traffic within the E-Tree service model. |
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3. Introduced the etree-leaf parameter in the OcNOS version 6.5.1
Example
#configure terminal
(config)#nvo vxlan id 300 ingress-replication
(config-nvo)#exit
(config)#nvo vxlan id 200 ingress-replication inner-vid-disabled
(config-nvo)#exit
To configure a VXLAN instance with VXLAN ID for ingress replication, with inner VLAN ID disabled, and as an E-Tree leaf node:
(config)#nvo vxlan id 10 ingress-replication inner-vid-disabled etree-leaf
(config-nvo)#exit
To configure a VXLAN instance with VLAN-VNID mapping for ingress replication on the leaf node:
(config)#nvo vxlan id 101 ingress-replication bridge-vlan 101
(config-nvo)#exit
nvo vxlan access-if
Use this command to map a complete interface or a VLAN or VLAN range on an interface to identify the tenant traffic and to enter NVO access interface mode.
The command "nvo vxlan access-if port <if_name> default" accepts all tagged, double tagged and untagged traffic received on the mapped physical port.
Use the no form of this command to unmap an interface or a VLAN.
Note: When a VxLAN access interface configured as a port VLAN as vlan-range or port as default, then arp-cache and nd-cache should be disabled and only VNID with inner-vid-enable is mapped.
Note: Inner-vid-enable is one-to-one mapping. VNID is mapped to only on one access-port.
Note: Vlan Range not allowed to be configured for Vxlan stacked access-port.
Command Syntax
nvo vxlan access-if (port IFNAME (| default) | port-vlan IFNAME VLAN_RANGE (| inner-vlan <2-4094>))
no nvo vxlan access-if (port IFNAME | port-vlan IFNAME VLAN_RANGE(| inner-vlan <2-4094>))
Parameters
port
A physical port.
IFNAME
Interface name (Physical/Static lag/Dynamic lag)
default
Default access interface
port-vlan
The physical port on which VLANs are configured
IFNAME
Interface name (Physical/Static lag/Dynamic lag)
VLAN_RANGE
Configure VlanId or Vlan-Range for outer vlan
Inner-vlan
Inner-vlan id
<2-4094>
VLAN id
Default
By default, the nvo vxlan access-if option is port VLAN ID and VLAN_RANGE option is introduced in OcNOS version 5.0..
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2-10
(config-nvo-acc-if)#exit
#configure terminal
(config)#nvo vxlan access-if port xe1
(config-nvo-acc-if)#exit
#configure terminal
(config)#nvo vxlan access-if port xe1 default
(config-nvo-acc-if)#exit
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2 inner-vlan 10
(config-nvo-acc-if)#exit
nvo vxlan mac-ageing-time
Use this command to set the dynamically learned MAC aging time.
Use the no form of this command to set the age out the MACs in hardware to its default (300 seconds).
Command Syntax
nvo vxlan mac-ageing-time <10-572>
no nvo vxlan mac-ageing-time
Parameters
<10-572>
Ageing time in seconds.
Default
The default age out time is 300 seconds.
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan mac-ageing-time 10
nvo vxlan max-cache-disable
Use this command to configure the maximum number of ARP and ND cache disables on access ports configured with the port+VLAN options. This command does not limit the ARP and ND cache disables on access ports created with only the port option.
Use the no form of this command to set the maximum number of ARP and ND cache disables to its default (0).
Note: If any MAC is in conflict when the max cache disable is being unconfigured, then the corresponding caches will not be enabled. This can be enabled after manually, removing the conflict. Caches where there is no conflict, will be enabled.
Command Syntax
nvo vxlan max-cache-disable <1-200>
no nvo vxlan max-cache-disable
Parameters
<-1-200>
Number of ARP/ND cache disable allowed
Default
The default maximum number of ARP and ND cache disables is 0.
Command Mode
Configuration mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan max-cache-disable 10
(config-nvo)#exit
nvo vxlan vtep-ip-global
Use this command to set the source IP address of the VxLAN tunnels.
Use the no form of this command to remove the source IP address of the VxLAN tunnels.
Command Syntax
nvo vxlan vtep-ip-global A.B.C.D
no nvo vxlan vtep-ip-global A.B.C.D
Parameters
A.B.C.D
Source VTEP IP address of the global configuration
Default
No default value is specified for nvo vxlan vtep-ip-global command.
Command Mode
NVO mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
(config-nvo)#nvo vxlan vtep-ip-global 10.10.11.1
show bgp l2vpn evpn
Use this command to display details about Layer 2 Virtual Private Network (L2VPN) Ethernet Virtual Private Network (EVPN) routes.
Note: A BGP EVPN route update received for an unreachable IP address is also listed by this command and as a best route. This is because the next hop tracking feature is not supported for the EVPN address family. However, the tunnel to this IP address is shown in unresolved state by the
show nvo vxlan tunnel output.
Note: An E-tag (Ethernet tag) can have the value of zero/VID/VNID based on the use case. An E-tag can go up to 32 bits and no restrictions are noted in the RFC. Since an E-tag can have different values, it should not be compared with the label/VNID.
Command Syntax
show bgp l2vpn evpn ((vrf WORD)|(rd WORD)| time|)
show bgp l2vpn evpn mac-ip ((vrf WORD)|(rd WORD)|)
show bgp l2vpn evpn mcast
show bgp l2vpn evpn multihoming es-route <(rd WORD)|(vrf WORD)>
show bgp l2vpn evpn multihoming ethernet-ad-per-evi <(rd WORD)|(vrf WORD)>
show bgp l2vpn evpn multihoming ethernet-ad-per-es <(rd WORD)|(vrf WORD)>
Parameters
vrf
Virtual Routing and Forwarding instance
WORD
VRF name
rd
Route distinguisher
WORD
Route distinguisher: ASN:nn or IP:nn
time
Display learned time for EVPN routes
mac-ip
MAC/IP routes (EVPN type 2)
mcast
Multicast routes (EVPN type 3)
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show bgp l2vpn evpn
BGP table version is 25, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
l - labeled, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
[EVPN route type]:[ESI]:[VNID]:[relevent route informantion]
1 - Ethernet Auto-discovery Route
2 - MAC/IP Route
3 - Inclusive Multicast Route
4 - Ethernet Segment Route
Network Next Hop Metric LocPrf Weight Path Peer
RD[1.1.1.1:1] VRF[vrfblue]:
*> [2]:[0]:[100]:[48,0000.00aa.aaaa]:[32,10.1.1.2]:[100]
1.1.1.1 0 100 32768 i
*>i [2]:[0]:[100]:[48,0000.00bb.bbbb]:[32,10.1.1.3]:[100]
4.4.4.4 0 100 0 i 10.1.1.1
*> [3]:[100]:[32,1.1.1.1]
1.1.1.1 0 100 32768 i
*>i [3]:[100]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 10.1.1.1
*> [3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 32768 i
*>i [3]:[101]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 10.1.1.1
RD[2.2.2.2:1]
*>i [2]:[0]:[100]:[48,0000.00bb.bbbb]:[32,10.1.1.3]:[100]
4.4.4.4 0 100 0 i 10.1.1.1
*>i [3]:[100]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 10.1.1.1
*>i [3]:[101]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 10.1.1.1
Total number of prefixes 9
Table 1-1 shows the status codes displayed at the start of a route entry.
Table 1-1: status codes
Status code | Description | Comments |
s | suppressed | Whether the route is suppressed and is not advertised to neighbors. |
d | damped | When the penalty of a flapping route exceeds the suppress limit, the route is damped and remains in a withdrawn state until its penalty decreases below the reuse limit. |
h | history | When the penalty of a flapping route does not exceed the suppress limit, the route is not damped and BGP maintains a history of the flapping route. |
* | valid | Whether the route is valid. When a route is not suppressed, damped, or present in the history, it is valid. |
> | best | The selected route to be installed in the kernel routing table. |
i | internal | The prefix was learned from an iBGP peer. |
l | labeled | BGP Labeled Unicast advertises route information between inter region routers. |
Table 1-2 shows the codes at the end of each route entry that indicate where the route originated.
Table 1-2: origin codes
Origin Code | Description | Comments |
i | IGP | The route is from an Interior Gateway Protocol. |
e | EGP | The route is from an Exterior Gateway Protocol. |
? | incomplete | Origin not known. Typically, these are routes redistributed from an IGP. |
Table 1-3 explains the fields for each route.
Table 1-3: route entry fields
Field | Description |
---|
RD | Route distinguisher: AS number or IP address. |
VRF | Name of the VRF. |
Network | EVPN route information. The route type indicates the type of routing information advertised by the EVPN control plane: 2 MAC/IP Route: Endpoint reachability information, including MAC and IP addresses of the endpoints. 3 Inclusive Multicast Route: Information about how to forward Broadcast, Unknown Unicast and Multicast (BUM) traffic. The other fields included depend on the route type: Type 2: [ESI]:[E-Tag]:[Length, Host MAC address]:[Length, Host IP address]:[Label/VNID] Type 3: [E-Tag]:[Length, PE IP address] ESI (Ethernet Segment Identifier): a unique non-zero identifier that identifies an Ethernet segment, which is a set of links that connects a network or device to one or more PEs. ESI 0 denotes a single-homed site. E-Tag (Ethernet tag): identifies a particular broadcast domain such as a VLAN or VNID in the VxLAN case. An EVPN instance consists of one or more broadcast domains. VNID (VXLAN network identifier): identifies Layer 2 segments and maintains Layer 2 isolation between the segments, allowing the addressing of up to 16 million logical networks in the same administrative domain. The status codes are explained in Table 1-1. |
Next Hop | IP address of the nexthop for this route. |
Metric | Multiple-Exit Discriminator (MED). If there are multiple paths to the same destination from a single routing protocol, then the multiple paths have the same administrative distance and the best path is selected based on this metric. The path with the lowest metric is selected as the optimal path and installed in the routing table. |
LocPrf | Local preference set with the set local-preference command. This value is used only with iBGP sessions within the local autonomous system to determine if a route towards a destination is the “best” one. The path with the highest local preference is preferred. |
Weight | This field applies only to routes within an individual router. If a route was learned from a peer, it has a default weight of 0. All routes generated by the local router have a weight of 32,768. |
Path | The autonomous systems through which the prefix advertisement passed. The origin codes are explained in Table 1-2. |
Peer | Neighbor address. |
Total number of prefixes | The total number of prefixes listed. |
show bgp l2vpn evpn summary
Use this command to display a summary of BGP EVPN neighbor status.
Command Syntax
show bgp l2vpn evpn summary
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show bgp l2vpn evpn summary
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 17
1 BGP AS-PATH entries
0 BGP community entries
Neighbor V AS MsgRcv MsgSen TblVer InQ OutQ Up/Down State/PfxRcd AD MACIP MCAST ESI
8.8.8.8 4 100 111 112 17 0 0 00:53:03 3 0 0 3 0
9.9.9.9 4 100 110 110 17 0 0 00:52:10 15 0 13 2 0
13.13.13.13 4 100 132 109 17 0 0 00:51:57 4 0 2 2 0
Total number of neighbors 3
Total number of Established sessions 3
The start of the output shows:
• The BGP router identifier and the local router AS number.
• The BGP table version tracks the local BGP table version. Any time the BGP best path algorithm executes, the table version increments.
• BGP AS-PATH entry and community entries.
Table 1-4 explains the fields for each neighbor entry.
Table 1-4: neighbor fields
Field | Description |
---|
Neighbor | IP address of peer. |
V | BGP version of peer. |
AS | Autonomous system number of peer. |
MsgRcvd | Messages received since the BGP connection was established. |
MsgSent | Messages sent since the BGP connection was established. |
TblVer | Last version of the local router’s BGP database advertised to the peer. |
InQ | Received messages waiting in the input queue for further processing. |
OutQ | Messages waiting in the output queue to be sent. |
Up/Down | Connection up time in the interface. |
State/PfxRcd | If the TCP session is up and the BGP peers have formed an adjacency, this field shows how many prefixes have been received from the remote neighbor. Other states: Idle: The local router has not allocated resources for the peer connection, so incoming connection requests are refused Idle (Admin): The peer has shut down Idle (PfxCt): Prefix overflow Idle (G-shut): Graceful shutdown Connect: BGP is waiting for the TCP connection to complete Active: the local router is trying to establish a TCP connection to the remote peer. You might see this if the local peer has been configured, but the remote peer is unreachable or has not been configured. OpenSent: BGP is waiting for an open message from its peer OpenConfirm: BGP received an open message from the peer and is now waiting for a keepalive or notification message. If BGP receives a keep alive message from the peer, the state changes to established. If the message is a notification, the state changes to idle. Established: BGP is ready to exchange update, notification, and keep alive messages with its peer Invalid: The session state is invalid. |
AD | Number of EVPN type 1 Ethernet Auto-discovery routes: Only originated for multi-homed sites. Type 1 routes allow fast convergence where PE devices can change the next-hop adjacencies for all MAC addresses associated with a particular Ethernet Segment and aliasing where traffic can be balanced across multiple egress points |
MACIP | Number of EVPN type 2 MAC/IP routes: Endpoint reachability information, including MAC and IP addresses of the endpoints. |
MCAST | Number of EVPN type 3 Inclusive Multicast routes: Broadcast, Unknown Unicast and Multicast (BUM) traffic. |
ESI | Number of EVPN type 4 Ethernet Segment Routes: Used in multi-homing for Designated Forwarder Election. The Designated Forwarder sends BUM traffic to the CE on a particular Ethernet Segment. |
show nvo vxlan
Use this command to display VXLAN information.
Command Syntax
show nvo vxlan (vnid <1-16777215>|)
Parameters
<1-16777215>
VXLAN network identifier.
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#sh nvo vxlan
VXLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
VNID Vni-name Type Interface ESI Vlan DF-Status Src-addr Dst-addr
___________________________________________________________________________________________________________________
10 ---- NW ---- ---- ---- ---- 1.1.1.1 3.3.3.3
10 ---- NW ---- ---- ---- ---- 1.1.1.1 2.2.2.2
10 ---- AC ce21/1 00:00:11:22:33:44:55:66:77:88 2 DF ---- ----
20 ---- NW ---- ---- ---- ---- 1.1.1.1 3.3.3.3
20 ---- NW ---- ---- ---- ---- 1.1.1.1 2.2.2.2
20 ---- AC ce21/1 00:00:11:22:33:44:55:66:77:88 3 NON-DF ---- ----
Total number of entries are 6
Table 1-5 explains the fields in the output.
Table 1-5: VxLAN fields
Field | Description |
---|
VNID | VXLAN network identifier. |
Type | NW - Network Port: VxLAN tunnel AC - Access Port: Host connection |
Interface | Name of the Interface. |
Vlan | VLAN identifier |
Src-addr | Source address in the interface. |
Dst-addr | Destination address in the interface. |
Total number of entries | The total number of entries listed. |
show nvo vxlan access-if-config
Use this command to display the current running configuration of the access interface.
Command Syntax
show nvo vxlan access-if-config (LINE|)
Parameters
LINE
Access port description.
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3,
Added new cli "garp-gna enable" under access-if cli in OcNOS version 1.3.6.
Example
#show nvo vxlan access-if-config
nvo vxlan access-if port-vlan xe1 2
map vnid 100
garp-gna enable
access-if-description member-port with xe1 as vlan 2
dynamic-learning disable
arp-nd flood-suppress
arp-cache disable
nd-cache disable
shutdown
mac 0000.0000.1111
mac 0000.0000.aaaa ip 12.12.12.1
mac 0000.0000.bbbb ipv6 1201::1
map qos-profile ingress 100
cos 2 egress
!
nvo vxlan access-if port-vlan po1 6 inner-vlan 5
encapsulation 0x9100
no shutdown
map vnid 100
!
show nvo vxlan arp-cache
Use this command to display the ARP cache information.
Command Syntax
show nvo vxlan arp-cache (vnid <1-16777215>|summary|)
Parameters
<1-16777215>
VXLAN network identifier.
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3, modified to include new fields – Age-Out and Retries-Left in OcNOS version 1.3.5.
Remote Static and Dynamic keyword got changed to Static and Dynamic Remote in MAC table in OcNOS version 1.3.6.
Example
#sh nvo vxlan arp-cache
VXLAN ARP-CACHE Information
===========================
ND Timeout : 300 sec Random-Jitter-Max : 640
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
______________________________________________________________________________
10 11.11.11.2 0000.0000.bbbb Dynamic Local 224 2
10 11.11.11.1 0000.0000.aaaa Dynamic Remote----
Total number of entries are 2
Table 1-10 explains the output fields.
Table 1-6: ARP cache fields
Field | Description |
---|
VNID | VXLAN network identifier |
Ip-Addr | IP address of the vxlan |
Mac-Addr | Device MAC address |
Type | How a host learns a MAC/IP pair: Dynamic: Learned by data plane source learning Evpn: Learned by EVPN Type 2 (MAC/IP) routes Static Remote: Statically configured for remote; used only for static VxLAN, not with EVPN Static Local: Configured on local VTEP |
Age=Out | ARP entry expire time |
Total number of entries | The total number of entries listed. |
show nvo vxlan counters access-port
Use this command to display the receive and transmit counters of an access port including ARP, ND and GARP counters in the same command.
Note: Due to a limitation in the hardware, the transmit packet counters includes the BUM traffic received on that port.
Command Syntax
show nvo vxlan counters access-port (port IFNAME | port-vlan IFNAME VLAN_ID)
Parameters
port
Port Mapping
IFNAME
Access port name
port-vlan
Port-vlan Mapping
IFNAME
Access port name
VLAN_ID_RANGE
Vlan Id or Vlan Range <2-4094>
INNER_VLAN_ID
Inner-Vlan Id
all
All ports and VLANs
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3 and added Control packet (ARP, ND and GARP) counters in
OcNOS version 1.3.5. The VLAN_RANGE option is introduced in OcNOS version 5.0.
Example
#show nvo vxlan counters access-port port-vlan xe1 2
Data packets:
*If ARP/ND cache is enabled, TX doesn't count ARP/ND replies
from ARP/ND cache and ARP/ND forwarded after uplifting to
the control plane.
RX: packets : 2774939
bytes : 210553516
TX: packets : 4322274
bytes : 326026474
Control Packets:
*ARP/ND uplifted and sent/replied from control plane:
Rx Vxlan Arp discard count : 0
Rx Vxlan Nd discard count : 2
Tx Vxlan Arp discard count : 0
Tx Vxlan Nd discard count : 0
Rx Vxlan Arp Request count : 2
Tx Vxlan Arp Request count : 0
Rx Vxlan Arp Reply count : 5
Tx Vxlan Arp Reply count : 1
Rx Vxlan Neighbor Solicitation count : 6
Tx Vxlan Neighbor Solicitation count : 0
Rx Vxlan Neighbor Advertisement count: 0
Tx Vxlan Neighbor Advertisement count: 4
Rx Vxlan Gratuitous ARP count : 0
Tx Vxlan Gratuitous ARP count : 0
Rx Vxlan Gratuitous Neighbor Advertisement count: 3
Tx Vxlan Gratuitous Neighbor Advertisement count: 0
#
Table 1-7 explains the fields in the output.
Table 1-7: access port counters
Field | Description |
---|
RX: packets | Number of packets received. |
RX: bytes | Number of bytes received. |
TX: packets | Number of packets transmitted. |
TX: bytes | Number of bytes transmitted. |
Rx Vxlan Nd discard count | Number of discarded ND that is received from neighbor. |
Tx Vxlan Arp discard count | Number of discarded Arp that is transmitted to peer. |
Rx Vxlan Nd discard count | Number of discarded ND that is transmitted to peer. |
Rx Vxlan Arp Request count | Number of request ARP that is received from neighbor. |
Tx Vxlan Arp Request count | Number of request ARP that is transmitted to peer. |
Rx Vxlan Arp Reply count | Number of replied ARP that is received from neighbor. |
Tx Vxlan Arp Reply count | Number of replied ARP which is transmitted to peer. |
Rx Vxlan Neighbor Solicitation count | Number of request ND that is received from neighbor. |
Tx Vxlan Neighbor Solicitation count | Number of replied ND that is transmitted to peer. |
Rx Vxlan Neighbor Advertisement count | Number of Neighbor Advertisement that is received from neighbor. |
Tx Vxlan Neighbor Advertisement count | Number of Neighbor Advertisement that is transmitted to peer |
Rx Vxlan Gratuitous ARP count | Number of Gratuitous ARP that is received from neighbor. |
Tx Vxlan Gratuitous ARP count | Number of Gratuitous ARP which is transmitted to peer. |
Rx Vxlan Gratuitous Neighbor Advertisement count | Number of Gratuitous Neighbor Advertisement that is received from neighbor. |
Tx Vxlan Neighbor Gratuitous Advertisement count | Number of Gratuitous Neighbor Advertisement which is transmitted to peer. |
show nvo vxlan counters network-port
Use this command to display the receive and transmit counters of a network port including ARP, ND and GARP counters in the same command.
Command Syntax
show nvo vxlan counters network-port dst A.B.C.D
Parameters
A.B.C.D
Tunnel IPv4 address
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3 and added control packets (ARP, ND, and GARP) counters in OcNOS version 1.3.5.
Example
VTEP1#sh nvo vxlan counters network-port dst 100.2.2.2
Data packets:
*If ARP/ND cache is enabled, TX doesn't count ARP/ND replies
from ARP/ND cache and ARP/ND forwarded after uplifting to
the control plane.
RX: packets : 814327
bytes : 92833544
TX: packets : 1508023
bytes : 171914622
Control Packets:
*ARP/ND uplifted and sent/replied from control plane:
TX VXLAN Arp discard count : 0
TX VXLAN ND discard count : 0
Tx Vxlan Arp Request count : 0
Tx Vxlan Arp Reply count : 0
Tx Vxlan Neighbor Solicitation count : 0
Tx Vxlan Neighbor Advertisement count: 0
Rx Vxlan Gratuitous ARP count: 0
Tx Vxlan Gratuitous ARP count: 0
Rx Vxlan Gratuitous Neighbor Advertisement count: 0
Tx Vxlan Gratuitous Neighbor Advertisement count: 0
Table 1-8 explains each network entry fields.
Table 1-8: show nvo vxlan counters network-port output fields
Field | Description |
---|
RX: packets | Number of hello packets received from neighbor. |
RX: bytes | Number of hello packets received from neighbor in bytes received. |
TX: packets | Number of hello packets transmitted to neighbor. |
TX: bytes | Number of hello packets transmitted to neighbor in bytes transmitted. |
Rx Vxlan Nd discard count | Number of discarded ND that is received from neighbor. |
Tx Vxlan Arp discard count | Number of discarded Arp that is transmitted to peer. |
Rx Vxlan Nd discard count | Number of discarded ND that is transmitted to peer. |
Rx Vxlan Arp Request count | Number of request ARP that is received from neighbor. |
Tx Vxlan Arp Request count | Number of request ARP that is transmitted to peer. |
Rx Vxlan Arp Reply count | Number of replied ARP that is received from neighbor. |
Tx Vxlan Arp Reply count | Number of replied ARP which is transmitted to peer. |
Rx Vxlan Neighbor Solicitation count | Number of request ND that is received from neighbor. |
Tx Vxlan Neighbor Solicitation count | Number of replied ND that is transmitted to peer. |
Rx Vxlan Neighbor Advertisement count | Number of Neighbor Advertisement that is received from neighbor. |
Tx Vxlan Neighbor Advertisement count | Number of Neighbor Advertisement that is transmitted to peer. |
Rx Vxlan Gratuitous ARP count | Number of Gratuitous ARP that is received from neighbor. |
Tx Vxlan Gratuitous ARP count | Number of Gratuitous ARP which is transmitted to peer. |
Rx Vxlan Gratuitous Neighbor Advertisement count | Number of Gratuitous Neighbor Advertisement that is received from neighbor. |
Tx Vxlan Neighbor Gratuitous Advertisement count | Number of Gratuitous Neighbor Advertisement which is transmitted to peer. |
show nvo vxlan mac-table
Use this command to display the host MAC address table. Use the hardware option to see the age out time for dynamically learned macs.
Command Syntax
show nvo vxlan mac-table (vnid <1-16777215>|) (summary | hardware |)
Parameters
<1-16777215>
VXLAN network identifier.
summary
Count the MAC addresses.
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Remote Static and Dynamic keyword got changed to Static and Dynamic Remote in MAC table in OcNOS version 1.3.6.
Example
#show nvo vxlan mac-table
=====================================================================================================================================================
VXLAN MAC Entries
=====================================================================================================================================================
VNID Interface VlanId Inner-VlanId Mac-Addr VTEP-Ip/ESI Type Status AccessPortDesc
_____________________________________________________________________________________________________________________________________________________
10 ce21/1 2 ---- 0000.0000.1111 1.1.1.1 Static Local ------- partner-port
10 ---- ---- ---- 0000.0000.2222 3.3.3.3 Static Remote ------- -------
20 ce21/1 3 ---- 0000.0000.cccc 1.1.1.1 Static Local Discard -------
20 ---- ---- ---- 0000.0000.dddd 3.3.3.3 Static Remote ------- -------
Total number of entries are : 4
#show nvo vxlan mac-table hardware
=====================================================================================================================================================
VXLAN MAC Entries
=====================================================================================================================================================
VNID Interface VlanId Inner-VlanId Mac-Addr VTEP-Ip/ESI Type Status Time-out AccessPortDesc
_____________________________________________________________________________________________________________________________________________________
10 ce21/1 2 --- 0000.0000.1111 1.1.1.1 Static Local ----- --- partner-port
10 --- --- --- 0000.0000.2222 3.3.3.3 Static Remote ----- ---
10 --- --- --- 0000.0000.aa11 3.3.3.3 Static Remote ----- ---
10 ce21/1 2 --- 0000.0000.bb11 1.1.1.1 Dynamic Local ----- 300 partner-port
10 ce21/1 2 --- 0000.0000.bb12 1.1.1.1 Dynamic Local ----- 277 partner-port
20 ce21/1 --- --- 0000.0000.cccc 1.1.1.1 Static Local Discard ---
20 --- --- --- 0000.0000.dddd 3.3.3.3 Static Remote ----- ---
Total number of entries are 7
Table 1-9 explains the fields in the output.
Table 1-9: MAC table fields
Field | Description |
---|
VNID | VXLAN network identifier |
Interface | Interface name |
VlanId | VLAN identifier |
Mac-Addr | MAC address |
VTEP-Ip | VTEP identifier/Ethernet Segment Identifier |
Type | How a host learns a MAC/IP pair: Remote: Statically configured for remote; used only for static VxLAN, not with EVPN Static Local: Configured on local VTEP Dynamic Local: Learned by data plane source learning |
Status | Max Move conflict: When a MAC has moved too many times (5 or more times in 180 seconds). This is according to the procedures defined in RFC 7432, Section 15.1. Discard: If a MAC hold time is configured, then if the VxLAN access port goes down (admin or operational), the MAC is moved to the discard state for the period of the hold time. The MAC is also moved to the discard state if the VNID is unmapped from the port. In dynamically learned cases, the MAC is also moved to discard when learning is disabled. |
Time-out | Age timeout for dynamically learned MACs. |
AccessPortDesc | Access port description. |
Total number of entries | The total number of entries listed. |
show nvo vxlan nd-cache
Use this command to display the Neighbor Discovery cache.
Command Syntax
show nvo vxlan nd-cache (vnid <1-16777215>|summary|)
Parameters
<1-16777215>
VXLAN network identifier.
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3, modified to include new fields – Age-Out and Retries-Left in OcNOS version 1.3.5.
Remote Static and Dynamic keyword got changed to Static and Dynamic Remote in ND table in OcNOS version 1.3.6.
Example
#show nvo vxlan nd-cache
VXLAN ND-CACHE Information
===========================
ND Timeout : 300 sec Random-Jitter-Max : 640
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
______________________________________________________________________________
10 2001::1 0000.0000.1111 Dynamic Local 274 2
10 2001::2 0000.0000.2222 Dynamic Remote ----
Total number of entries are 2
Table 1-10 explains the output fields.
Table 1-10: ND cache fields
Field | Description |
---|
VNID | VXLAN network identifier |
Ip-Addr | IP address |
Mac-Addr | MAC address |
Type | How a host learns a MAC/IP pair: Static Remote: Statically configured for remote; used only for static VxLAN, not with EVPN Static Local: Configured on local VTEP Dynamic: Learned by data plane source learning Evpn: Learned by EVPN Type 2 (MAC/IP) routes |
Age-Out | ND entry expire Time |
Total number of entries | The total number of entries listed. |
show nvo vxlan static host state
Use this command to display the state of the host which is configured statically.
Command Syntax
show nvo vxlan static host state
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#sh nvo vxlan static host state
VNID Ifname Vlan Ip-Addr Mac-Addr Status
______________________________________________________________________
100 xe1 2 12.12.12.1 0000.0000.aaaa Inactive
100 xe2 2 1201::1 0000.0000.bbbb Conflict
100 xe3 2 120.120.120.1 0000.0000.bb11 Active
Table 1-11 explains the output fields.
Table 1-11: Static host fields
Field | Description |
---|
VNID | VXLAN network identifier |
Ifname | Interface name |
Vlan | VLAN name |
Ip-Addr | IP address |
Mac-Addr | MAC address |
Status | Status of the MAC/IP on the host: Conflict: When a MAC/IP was configured, the conflict was not known as the VNID was not mapped to the access port. After the VNID is mapped, if the same MAC/IP is present statically on some other port on the same VNID, then it is in conflict state. Learnt Conflict: When a MAC/IP was configured, the conflict was not known. However, it is now in conflict because the same MAC/IP is configured on an access port on VTEP1 and on an access port on VTEP2. Because the BGP session/tunnel was not up, the MAC/IP was not known to the other VTEP and the configuration was allowed. When the BGP session/tunnel comes up and it finds such a conflicted route, it marks the state as Learnt Conflict. Inactive: Configured but not operating, such as when the port is not mapped to any VNID. The port is down and the ARP/ND cache is disabled. Active: Operating host MAC/IP. |
show nvo vxlan tunnel
Use this command to view the source, destination, and status of the VxLAN tunnel entries.
Command Syntax
show nvo vxlan tunnel
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
The following is a sample output of the show nvo vxlan tunnel command.
#show nvo vxlan tunnel
VXLAN Network tunnel Entries
Source Destination Status Up/Down Update
====================================================
1.1.1.1 2.2.2.2 Installed 00:00:20 00:00:20
Total number of entries are 1
#
Table 1-12 explains the output fields.
Table 1-12: VxLAN tunnel fields
Field | Description |
---|
Source | Tunnel source IP address. |
Destination | Tunnel destination IP address. |
Status | Installed: Tunnel Installed in the hardware and operating. Resolved: Tunnel destination IP is reachable, but VxLAN tunnel not installed in hardware. Therefore, not operating. Unresolved: Tunnel destination IP not reachable because L3 route is down. |
Up/Down | When the tunnel came up or went down |
Update | When the tunnel was last updated |
Total number of entries | The total number of entries listed. |
show running-config nvo vxlan
Use this command to display the current running configuration of VxLANs.
Command Syntax
show running-config nvo vxlan
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced in a version before OcNOS version 1.3 and added few CLIs for IRB and ARP-ND refresh timer for OcNOS version 1.3.5.
Example
#show running-config nvo vxlan
!
nvo vxlan multihoming enable
!
nvo vxlan enable
!
nvo vxlan vtep-ip-global 1.1.1.1
!
nvo vxlan max-cache-disable 10
!
nvo vxlan tunnel qos-map-mode cos-dscp ingress QUE_DSCP
!
nvo vxlan tunnel qos-map-mode cos-dscp egress DSCP_QUE
!
nvo vxlan id 100 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp vrf1
mac-holdtime 20
!
nvo vxlan access-if port-vlan xe1 2
map vnid 100
access-if-description member-port with xe1 as vlan 2
dynamic-learning disable
arp-nd flood-suppress
arp-cache disable
nd-cache disable
shutdown
mac 0000.0000.1111
mac 0000.0000.aaaa ip 12.12.12.1
mac 0000.0000.bbbb ipv6 1201::1
map qos-profile cos-to-queue COS_QUE
map qos-profile queue-color-to-cos QUE_COS
!
nvo vxlan access-if port-vlan po1 6 inner-vlan 5
encapsulation 0x9100
no shutdown
map vnid 100
!
show evpn multi-homing all
Use this command to display the multi-homed VTEP details.
Command Syntax
show evpn multi-homing (all |)
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show evpn multi-homing all
ESI Access-IF PE-IP-ADDRESS
===========================================================
00:00:11:22:33:44:55:66:77:88 ce21/1 1.1.1.1
00:00:11:22:33:44:55:66:77:88 ---- 2.2.2.2
Total number of entries are 2
Table 1-13 explains the output fields.
Table 1-13: show evpn multi-homing all output details
Field | Description |
---|
ESI | An Ethernet segment has an unique nonzero identifier, called the Ethernet segment identifier (ESI). The ESI is encoded as a 10-octet integer that identifies this segment. When manually configuring an ESI value, the most significant octet, known as the type byte, must be 00. When a single-homed CE device is attached to an Ethernet segment, the entire ESI value is zero. |
Access-IF | Map the access port ce21/1 for evpn. |
PE-IP-ADDRESS | Address of the provider edge router in the interface. |
show evpn multihoming-status
Use this command to display the status of multihoming on a VTEP.
Command Syntax
show evpn multihoming-status
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show evpn multihoming-status
Multihoming is ACTIVE in Hardware
show nvo vxlan route-count
Use this command to display the vxlan active route (MAC-IP.MAC-IPv6 and MAC-only) count information.
Command Syntax
show nvo vxlan route-count (|vnid <1-16777215>)
Parameters
<1-16777215>
Range supported for VNID.
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3 and modified to include new fields – GW-IPv4, GW_IPv6, Prefix IPv4 and Prefix IPv6 in OcNOS version 1.3.5.
Example
#show nvo vxlan route-count
VXLAN Active route count information
====================================
Max route count : 32768
Active route count: 7
Note: Prefix count refers only local routes
It does not include evpn prefix routes
----------------------------------------------------------------------------------------
VNID Total MACONLY MACIPv4 MACIPv6 GW GW Prefix Prefix
MACIPv4 MACIPv6 IPv4 IPv6
----------------------------------------------------------------------------------------
2000 3 1 1 1 0 0 0 0
1000 0 0 0 0 0 0 0 0
10002 4 0 0 0 1 1 1 1
Total number of entries are 3
Table 1-14 explains the output fields.
Table 1-14: show nvo vxlan route-count output details
Field | Description |
---|
Max route count | Maximum number of route count in vxlan. |
Active route count | Number of active route count in the interface. |
VNID | VNID is used to identify Layer 2 segments and to maintain Layer 2 isolation between the segments. |
Total | Total number of entries for the interface. |
MACONLY | The MAC-only route for the local interface appears in the VXLAN instance route table. |
MACIPv4 | IPv4 media access control (MAC) address for a default virtual gateway. |
MACIPv6 | IPv6 media access control (MAC) address for a default virtual gateway. |
show nvo vxlan vni-name
Use this command to display the vxlan results bashed on vni-name.
Command Syntax
show nvo vxlan vni-name (WORD)
Parameters
WORD
VNI name of max size 10 character and should not be only numeric.
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show nvo vxlan vni-name SITEA-PRO
VXLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
VNID Vni-name Type Interface ESI Vlan DF-Status Src-addr Dst-addr
____________________________________________________________________________________________________________
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.6.8
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.6.9
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.3.1
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.1.2
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.5.1
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.2.2
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.2.1
1 SITEA-PRO AC xe7 — Single Homed port — 2 ------ ---- ----
1 SITEA-PRO AC xe1 — Single Homed port — 1010 ------ ---- ----
1 SITEA-PRO AC xe1 — Single Homed port — 100 ------ ---- ----
1 SITEA-PRO AC xe1 — Single Homed port — 2020 ------ ---- ----
1 SITEA-PRO AC po1 — Single Homed port — 100 ------ ---- ----
1 SITEA-PRO AC po1 — Single Homed port — 2 ------ ---- ----
1 SITEA-PRO AC po1 — Single Homed port — 200 ------ ---- ----
1 SITEA-PRO AC xe8 — Single Homed port — ---- ------ ---- ----
1 SITEA-PRO AC po2 — Single Homed port — ---- ------ ---- ----
Total number of entries are 16
shutdown
Use this command to administratively shut down an NVO access interface.
Use the no form of this command to start an NVO access interface.
Command Syntax
shutdown
no shutdown
Parameters
None
Default
The NVO access interface is running by default.
Command Mode
NVO access interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#shutdown
(config-nvo-acc-if)#exit
vxlan host-reachability-protocol evpn-bgp
Use this command to set the host reachable protocol to Ethernet-VPN over BGP. This defines BGP as the mechanism for host reachability advertisement.
Use use the no form of this command to remove Ethernet-VPN as the host reachable protocol.
Command Syntax
vxlan host-reachability-protocol evpn-bgp NAME
no vxlan host-reachability-protocol evpn-bgp
Parameters
NAME
Name of the VRF to carry VNID routes.
Default
No default value is specified for vxlan host-reachability-protocol command.
Command Mode
NVO mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
(config)#nvo vxlan id 3
(config-nvo)#vxlan host-reachability-protocol evpn-bgp Blue
vlan-xlate-1 large
Use this command to increase the size of the VLAN_XLATE_1_DOUBLE table to 20k. Internally, the BCM maintains VLAN_XLATE_1_DOUBLE table for access interfaces, L2vnid,and L3vnid. The default size of the table is 16k. After configuring the CLI, the table size is increased to 20k.
Use the no form of this command to change the VLAN_XLATE_1_DOUBLE table size to default.
Note: Reboot the system after configuring the CLI.
Command Syntax
vlan-xlate-1 large
no vlan-xlate-1 large
Parameters
None
Default
None
Command Mode
Configuration Mode
Applicability
This command was introduced before OcNOS version 6.5.3.
Examples
(config)#vlan-xlate-1 large
OcNOS(config)#commit
%% System Reboot required, please save the config and reboot the board.
OcNOS(config)#end
OcNOS#