OcNOS SP : Virtual Extensible LAN Guide : VxLAN Command Reference : VXLAN Commands
VXLAN Commands
This chapter describes the VxLAN commands:
evpn
l3vni
mac
access-if-evpn
Use this command to create the evpn access-port.
Use the no form of this command to delete the evpn access-port.
Command Syntax
access-if-evpn
no access-if-evpn
Parameters
None
Command Mode
L2 Sub-interface mode
Applicability
This command was introduced in OcNOS version 6.0.0.
Examples
#configure terminal
(config)#interface xe1.1 switchport
(config-if)#access-if-evpn
(config-access-if)#end
 
arp-cache disable
Use this command to disable the ARP cache for MAC/IP.
When the ARP cache is disabled on a VxLAN access port, OcNOS does not reply to any ARP arriving on this port from the cache. OcNOS withdraws all MAC/IPs configured/learned on this access port and removes the MAC/IP entry for this access port from the local ARP cache.
OcNOS also makes sure that on withdrawing the MAC/IP route, the MAC does not become unknown. If all routes for this MAC are being withdrawn because of this command, then OcNOS advertises a MAC-only route. This is done so that the MAC does not become unknown and only the cache functionality becomes disabled.
Use the no form of this command to enable ARP cache for MAC/IP.
Note: On enabling the cache, an IP will be in conflict, then the cache enable will fail. The conflict has to be manually removed and then the cache enabled.
Command Syntax
arp-cache disable
no arp-cache disable
Parameters
None
Default
By default, the arp-cache option is enabled.
Command Mode
NVO access interface mode
Access interface EVPN mode
Applicability
This command was introduced before OcNOS version 1.3.
The Access interface EVPN mode is supported only from OcNOS version 6.0.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#arp-cache disable
(config-nvo-acc-if)#exit
 
(config)#interface xe7.100 switchport
(config-if)#access-if-evpn
(config-acc-if-evpn)#arp-cache disable
arp-nd cos
Use this command to explicitly set or override the COS value (0-7) in the ARP/ND reply sent (also used in ARP/ND proxy sub-feature). By default ARP/ND reply will use CoS value of received ARP/ND request.
Use the no form of this command to use the default COS value.
Command Syntax
arp-nd cos <0-7>
no arp-nd cos
Parameters
<0-7>
Default
CoS 0 or previous ARP/ND reply CoS being used.
Command Mode
Access if evpn mode
Applicability
This command was introduced in OcNOS version 6.5.3.
Examples
#configure terminal
(config)#interface xe1.1 switchport
(config-if)#access-if-evpn
(config-access-if)#arp-nd cos 5
(config-access-if)#end
arp-nd flood-suppress
Use this command to completely restrict the flood of ARP/ND packets towards remote VTEPs or other access ports.
This command applies only when the ARP cache and ND cache are enabled. When the ARP cache is disabled, ARP flooding is not suppressed even if this command is given. When the ND cache is disabled, ND flooding is not disabled, even if this command is given.
Use the no form of this command to not restrict the flood of ARP/ND packets.
Command Syntax
arp-nd flood-suppress
no arp-nd flood-suppress
Parameters
None
Default
By default, the arp-nd flood-suppress option is disabled.
Command Mode
NVO access interface mode
Access interface EVPN mode
Applicability
This command was introduced before OcNOS version 1.3.
The Access interface EVPN mode is supported only from OcNOS version 6.0.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#arp-nd flood-suppress
(config-nvo-acc-if)#exit
 
(config)#interface xe7.100 switchport
(config-if)#access-if-evpn
(config-acc-if-evpn)#arp-nd flood-supress disable
 
arp-nd refresh timer
Use this command to configure aging out the arp-cache and nd-cache entries for given time multiplied by 3 in seconds.
Use the no form of this command to remove the configuration.
Note: After this timer interval, it sends out ARP to revalidate and 3 times of this would lead to removal of the dynamic entry.
Command Syntax
nvo vxlan arp-nd refresh-timer <3-190>
no nvo vxlan arp-nd refresh-timer
Parameters
<3-190>
Refresh timer value in seconds (age-out is refresh time * 3)
Command Mode
Configuration mode
Applicability
This command was introduced in OcNOS version 4.0.
Example
#config mode
(config)#nvo vxlan arp-nd refresh-timer 100
(config)#no nvo vxlan arp-nd refresh-timer
 
 
clear mac address-table dynamic vxlan
Use this command to clear dynamically learned MACs.
Command Syntax
clear mac address-table dynamic vxlan
clear mac address-table dynamic vxlan vnid <1-16777215>
clear mac address-table dynamic vxlan vnid <1-16777215> (address MACADDR|)
Parameters
address
Clear the specified MAC Address
VNID
VxLAN network identifier
<1-16777215>
Range supported for VNID
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#clear mac address table dynamic vxlan
#clear mac address-table dynamic vxlan vnid 100
#clear mac address-table dynamic vxlan vnid 100 address 0000.0005.0505
clear nvo vxlan counters
Use this command to clear the counters of access ports or network ports.
Command Syntax
clear nvo vxlan counters((access-port (port IFNAME | port-vlan IFNAME (VLAN_ID | outer-vlan) | all)) | (network-port (dst A.B.C.D | all)))
Parameters
port
Port
IFNAME
Interface name
port-vlan
VLAN port
IFNAME
Interface name
VLAN_ID
VLAN identifier
Outer-vlan
Outer VLAN
A.B.C.D
Tunnel destination IPv4 address
all
All access or network ports
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
Example for clearing a VLAN port counter:
#clear nvo vxlan counters access-port port-vlan xe1 2
Example for clearing all access port counters:
#clear nvo vxlan counters access-port all
Example for clearing network port counters:
#clear nvo vxlan counters network-port dst 1.1.1.1
Example for clearing all network port counters:
#clear nvo vxlan counters network-port all
 
 
clear nvo vxlan mac-stale-entries
Use this command to clear MAC entries that are in discard state in the forwarding database.
Command Syntax
clear nvo vxlan mac-stale-entries (vnid <1-16777215> |)
Parameters
<1-16777215>
VxLAN network identifier
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#clear nvo vxlan mac-stale-entries vnid 100
 
 
 
 
 
 
description
Use this command to set a description for a port.
Use the no form of this command to remove the description for a port.
Command Syntax
description LINE
no description
Parameters
LINE
Maximum 32 characters describing this port.
Default
No default value is specified for description LINE commands.
Command Mode
NVO access interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#description member-port xe1 with vlan 2
(config-nvo-acc-if)#exit
 
#show running-config nvo vxlan
!
nvo vxlan enable
!
nvo vxlan access-if port-vlan xe1 2
description member-port xe1 with vlan 2
no shutdown
 
 
dynamic-learning disable
Use this command to disable dynamic learning of MACs at the access port. This command also disables dynamic learning of MAC/IP from ARP/ND messages received on this access port.
Use the no form of this command to enable dynamic learning of MACs at the access port.
Command Syntax
dynamic-learning disable
no dynamic-learning disable
Parameters
None
Default
By default, the dynamic-learning option is enabled.
Command Mode
NVO access interface mode
Access interface EVPN mode
Applicability
This command was introduced before OcNOS version 1.3.
The Access interface EVPN mode is supported only from OcNOS version 6.0.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#dynamic-learning disable
(config-nvo-acc-if)#exit
 
(config)#interface xe7.100 switchport
(config-if)#access-if-evpn
(config-acc-if-evpn)#dynamic-learning disable
 
encapsulation
Use this command to assign a Tag Protocol Identifier (TPID) to an access port.
Use the no form of this command to set the default TPID (0x8100: IEEE 802.1Q VLAN-tagged frame) to an access port.
Note: Before configuring the TPID in the NVO access interface mode, first configure it at port level.
Command Syntax
encapsulation TPID
no encapsulation
Parameters
TPID
Tag Protocol Identifier:
Ox88A8: IEEE 802.1ad Provider Bridging
Ox9100: IEEE 802.1Q VLAN-tagged frame with double tagging
 
Default
The encapsulation TPID default is 0X8100.
Command Mode
NVO access interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#encapsulation 0x9100
(config-nvo-acc-if)#no encapsulation
(config-nvo-acc-if)#exit
 
 
 
 
evpn esi hold-time
Use this command to allow some time for the tunnels to come at the time of VxLAN initialization before making the ESI up. This avoids traffic to be black-holed when a new PE is added and connected to an already running CE for multihoming.
Use the no form of this command to make the ESI up immediately when configuring the access-if cli.
Command Syntax
evpn esi hold-time <10-300>
no evpn esi hold-time <10-300>
Parameters
<10-300>
Hold time in seconds
Default
The default value is 0.
Command Mode
Configuration Mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)# evpn esi hold-time 100
(config)# exit
evpn
Use this command to configure default gateway behavior on a VTEP for particular VNID.
Use the no form this command to disable default gateway behavior on a VTEP for the particular VNID.
Note: Map an IRB interface to an L2 VNID. This IRB interface can have multiple IP address as configured in IRB IP address CLI and can serve all subnets attached to the L2 VNID.
Command Syntax
evpn <NAME>
no evpn <NAME>
Parameters
NAME
IRB interface name
Command Mode
NVO Mode
Applicability
This command was introduced before OcNOS version 4.1.
Example
#config mode
(config)# nvo vxlan id 2000 ingress-replication inner-vid-disabled
(config-nvo)# evpn irb1
(config-nvo)# no evpn irb1
 
evpn irb-forwarding anycast-gateway-mac
Use this command to configure common anycast mac-address for all the IRB interfaces
Use the no form of this command to remove the global MAC address on all the IRB interfaces.
Command Syntax
evpn irb-forwarding anycast-gateway-mac XXXX.XXXX.XXXX
no evpn irb-forwarding anycast-gateway-mac
Parameters
XX-XX-XX-XX-XX-XX
Source MAC address (Option 1)
XX:XX:XX:XX:XX:XX
Source MAC address (Option 2)
XXXX.XXXX.XXXX
Source MAC address (Option 3)
Command Mode
Configuration Mode
Applicability
This command was introduced before OcNOS version 4.1.
Example
#configure terminal
(config)#evpn irb-forwarding anycast-gateway-mac 0000.0000.1313
Or
(config)#evpn irb-forwarding anycast-gateway-mac 00:00:00:00:13:13
Or
(config)#evpn irb-forwarding anycast-gateway-mac 00-00-00-00-13-13
(config)# no evpn irb-forwarding anycast-gateway-mac
 
evpn irb-if-forwarding anycast-gateway-mac
Use this command to enable an IRB interface to use the global anycast IRB mac-address.
Use the no form of this command to un-configure anycast MAC at IRB interface.
Command Syntax
evpn irb-if-forwarding anycast-gateway-mac
no evpn irb-if-forwarding anycast-gateway-mac
Parameters
None
Command Mode
IRB_IF_Mode
Applicability
This command was introduced before OcNOS version 4.1.
Example
#configure teminal
(config)# interface irb 1
(config-irb-if)# ip vrf forwarding vrfip
(config-irb-if)#evpn irb-if-forwarding anycast-gateway-mac
(config-irb-if)#no evpn irb-if-forwarding anycast-gateway-mac
 
 
 
evpn multi-homed
Use this command to configure single-active or port-active load-balancing Ethernet Segment Identifier (ESI) configuration on a link with multihomed Customer Edge (CE).
Use the no parameter of this command to unconfigure Ethernet Segment Identifier (ESI) configuration on a link with multihomed Customer Edge (CE).
Command Syntax
evpn multi-homed (esi XX:XX:XX:XX:XX:XX:XX:XX:XX | system-mac (XX-XX-XX-XX-XX-XX|XX:XX:XX:XX:XX:XX|XXXX.XXXX.XXXX)) load-balancing single-active
evpn multi-homed system-mac (XX-XX-XX-XX-XX-XX|XX:XX:XX:XX:XX:XX|XXXX.XXXX.XXXX) load-balancing port-active
no evpn multi-homed (esi | system-mac)
Parameters
XX:XX:XX:XX:XX:XX:XX:XX:XX
ESI value in HH:HH:HH:HH:HH:HH:HH:HH:HH - 9 octet format
XX-XX-XX-XX-XX-XX
Host MAC address (Option 1)
XX:XX:XX:XX:XX:XX
Host MAC address (Option 2)
XXXX.XXXX.XXXX
Host MAC address (Option 3)
Default
The default value is 0.
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3 and underwent modifications in the OcNOS version 6.4.1.
Example
#configure terminal
(config)#interface xe1
(config-if)#evpn multi-homed esi 00:11:22:33:44:55:66:77:88 load-balancing single-active
(config)#exit
 
#configure terminal
(config)#interface po1
(config-if)#evpn multi-homed system-mac 0000.0000.1111 load-balancing port-active
(config)#exit
evpn vxlan multihoming enable
Use this command to enable evpn vxlan multi-homing
Use the no form of this command to disable evpn vxlan multi-homing.
Note: You must restart the device after giving this command. If there are devices in the topology which have multi-homed CEs, then devices which do not have multi-homed CEs should also enable multihoming so that they can load share traffic to the multi-homed CEs.
Note: Before enabling multi-homing, configure the hardware-profiles:
hardware-profile filter (Qumran1) with the egress-ipv4 parameter
Command Syntax
evpn vxlan multihoming enable
no evpn vxlan multihoming enable
Parameters
None
Default
By default, multi-homing is disabled.
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3 and changed in OcNOS version 4.0.
Example
#configure terminal
#(config)#evpn vxlan multihoming enable
#(config)#exit
evpn-vlan-service
Use this command to configure VLAN-based EVPN-Service type.
Use the no form of this command to delete the evpn vlan service.
Note: If access port mappings to vnid exists already and VLAN service is configured later and mapped to tenant then we should not allow the mapping, user should either remove and reconfigure the access port mappings.
Command Syntax
evpn-vlan-service vlan-based
no evpn-vlan-service
Parameters
vlan-based
VLAN-based EVPN-Service type
Command Mode
MAC vrf mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#mac vrf vrf1
(config-vrf)# evpn-vlan-service vlan-based
(config-vrf)# no evpn-vlan-service vlan-based
 
hardware-profile filter vxlan
Use this command to configure hardware profile for nvo vxlan. This profile should be enabled before enabling VxLAN.
Note: You need to save the configuration and do a reboot after giving this command.
Command Syntax
hardware-profile filter vxlan enable
hardware-profile filter vxlan disable
Parameters
None
Command Mode
Configure mode
Applicability
This command was introduced in OcNOS version 3.0.
Example
#config mode
(config)# hardware-profile filter vxlan enable
(config)# hardware-profile filter vxlan disable
 
hardware-profile filter vxlan-mh
Use this command to enable the hardware-profile for VxLAN multi-homing to successfully activate multi-homing in the hardware.
Before enabling EVPN multi-homing (evpn multi-homed command), give this command.
Before disabling the hardware-profile, disable EVPN multi-homing.
Note: You need to save the configuration and do a reboot after giving this command.
Use the disable form of this command to disable the configured hardware-profile.
Command Syntax
hardware-profile filter vxlan-mh enable
hardware-profile filter vxlan-mh disable
Parameters
None
Default
By default, the VxLAN multi-homing hardware-profile is disabled.
Command Mode
Configure mode
Applicability
This command was introduced in OcNOS version 3.0.
Example
#configure terminal
#(config)#hardware-profile filter vxlan-mh enable
#(config)#hardware-profile filter vxlan-mh disable
#(config)#exit
 
hardware-profile filter vxlan-short-pkt
Use this command to enable/disable the VxLAN short packet forwarding filter group.
When this filter group is enabled, any short packet received less than 36B is sent to the CPU to add extra bytes to make the packet size up to 64B and sent back to access-port.
Use the disable form of this command to disable the configured hardware-profile.
Command Syntax
hardware-profile filter vxlan-short-pkt enable
hardware-profile filter vxlan-short-pkt disable
Parameters
None
Default
By default, the VxLAN short packet hardware-profile is disabled.
Command Mode
Configure mode
Applicability
This command was introduced in OcNOS version 6.3.1.
Example
#configure terminal
#(config)#hardware-profile filter vxlan-short-pkt enable
#(config)#exit
interface irb
Use this command to configure logical IRB interface.
Use the no form of this command to un-configure logical IRB interface.
Command Syntax
interface irb<1-4094>
no interface irb<1-4094>
Parameters
<1-4094>
IRB interface number
Command Mode
Configure mode
Applicability
This command was introduced in OcNOS version 4.1.
Example
#configure teminal
(config)#interface irb1
(config)#no interface irb1
 
ip address
Use this command to set anycast flag for primary and secondary subnets under IRB interface.
With this anycast gateway can be supported for multiple subnets.
Command Syntax
ip address [ <A.B.C.D/M> | anycast]
ip address [ <A.B.C.D> | <A.B.C.D> | anycast]
ip address [ <A.B.C.D/M> | secondary | anycast]
ip address [ <A.B.C.D> | <A.B.C.D> | secondary | anycast]
Default
The default value is router mac
Parameters
anycast
Anycast flag
secondary
Used for secondary address option
Command Mode
IRB_IF Mode
Applicability
The anycast flag was introduced in OcNOS version 6.3.0.
Example
(config)#interface irb2
(config-irb-if)#ip address 40.1.1.1/24 anycast
(config-irb-if)#ip address 41.1.1.1/24 secondary anycast
(config-irb-if)#
(config)#interface irb1
(config-irb-if)#ip address 42.1.1.1 255.255.255.0 anycast
(config-irb-if)#ip address 43.1.1.1 255.255.255.0 secondary anycast
(config-irb-if)#
 
ipv6 address
Use this command to set anycast flag for any configured subnets under IRB interface.
With this anycast gateway can be supported for multiple subnets.
Command Syntax
ipv6 address [ < X:X::X:X/M > | anycast]
Default
The default value is router mac
Parameters
anycast
Anycast flag
Command Mode
IRB_IF Mode
Applicability
The anycast flag was introduced in OcNOS version 6.3.0.
Example
(config)#interface irb1
(config-irb-if)# ipv6 address 1100::1/64 anycast
ip dhcp relay uplink
Use this command to configure uplink interface towards server per vrf.
Use the no form of this command to un-configure uplink interface.
Command Syntax
ip dhcp relay uplink evpn
no ip dhcp relay uplink evpn
Parameters
evpn
IP VRF IRB interface
Command Mode
Configure mode
Applicability
This command was introduced in OcNOS version 5.0.
Example
#configure teminal
(config)#ip vrf vrf1
(config-vrf)#ip dhcp relay uplink evpn
(config-vrf)#no ip dhcp relay uplink evpn
 
l3vni
Use this command to configure L3 Virtual Network Identifier for an ip vrf
Use the no form of this command to remove L3 Virtual Network Identifier
This identifies a tenant, with this one tenant can have L3VNI as its identifier and he can have multiple L2 networks identified with L2VNI's.
Note: L3 VNID cannot be same as L2 VNID.
Command Syntax
l3vni <L3 VNID>
no l3vni <L3 VNID>
Parameters
<1-16777215>
L3 VNID. Cannot be same as L2 VNID
Command Mode
Configure VRF mode
Applicability
This command was introduced in OcNOS version 4.1.
Example
#configure teminal
(config)#ip vrf vrfip
(config-vrf)#l3vni 10002
(config-vrf)#no l3vni 10002
 
 
mac
Use this command to associate a static MAC address and a static IPv4 or IPv6 address on an access interface.
Use the no form of this command to disassociate a static MAC address and an IPv4 or IPv6 address for an access interface.
Note: When a static host is configured on an access port which is in the down state, its state is Inactive.
Note: The same static mac configuration is not allowed on a different access port as then there will be a chance of conflict. However, if a dynamic packet is sent at another access port which is up and running with the same MAC, it learns as usual. As soon as the port on which the static MAC is configured comes up, static learning is given precedence and the dynamically learned MAC is moved to the port where it is configured statically.
Command Syntax
mac XXXX.XXXX.XXXX
mac XXXX.XXXX.XXXX (ip A.B.C.D | ipv6 X:X::X:X)
no mac XXXX.XXXX.XXXX (ip A.B.C.D | ipv6 X:X::X:X)
Parameters
XXXX.XXXX.XXXX
Static MAC address. The following formats are supported:
XX-XX-XX-XX-XX-XX Source MAC address (Option 1)
XX:XX:XX:XX:XX:XX Source MAC address (Option 2)
XXXX.XXXX.XXXX Source MAC address (Option 3)
A.B.C.D
Static IPv4 address.
X:X::X:X
Static IPv6 address.
Default
No default value is specified for mac command.
Command Mode
NVO access interface mode
Access interface EVPN mode
Applicability
This command was introduced before OcNOS version 1.3.
The Access interface EVPN mode is supported only from OcNOS version 6.0.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#mac 0000.0000.aaaa ip 10.10.10.1
(config-nvo-acc-if)#mac 0000.0000.aaaa ipv6 1201::1
(config-nvo-acc-if)#exit
(config)#interface xe7.100 switchport
(config-if)#access-if-evpn
(config-acc-if-evpn)#arp-nd flood-supress disable
mac vrf
Use this command to create a MAC VRF to use in EVPN routes.
Use the no form of this command to delete the MAC VRF.
Command Syntax
mac vrf WORD
no mac vrf WORD
Parameter
WORD
MAC routing or forwarding instance name.
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#mac vrf vrf1
 
(config)#no mac vrf vrf1
mac-holdtime
Use this command to set the MAC hold time for a MAC/IP or MAC.
The feature holds the MAC in hardware until BGP has withdrawn from the neighbors. This helps to reduce flooding to other access ports.
This setting applies when the access port is shut down, the physical port on which the access port is down, or the access port is removed from the VNID using the no form of the map vpn-id command.
When the MAC hold time is configured as -1, then the MAC is not removed from the hardware and is also not withdrawn from EVPN BGP.
Use the no form of this command to remove the MAC hold time for the MAC/IP or MAC.
Note: When a MAC is moved to discard state, traffic to and from this MAC is discarded. This is applicable only on statically configured MAC/MAC-IPs.
Command Syntax
mac-holdtime <-1-300>
no mac-holdtime
Parameters
<-1-300>
MAC hold time in seconds. Specify -1 to “never expire”.
Default
The default holdtime for mac is 3 seconds.
Command Mode
NVO access interface mode
Access interface EVPN mode
Note: When configured in both modes, then the NVO_ACC_IF_MODE or ACC-IF-EVPN value takes preference for that access port.
Applicability
This command was introduced before OcNOS version 1.3.
This command in NVO_ACC_IF_MODE mode is introduced in OcNOS version 1.3.4.
The Access interface EVPN mode is supported only from OcNOS version 6.0.
Example
#configure terminal
(config)#nvo vxlan id 3 ingress-replication inner-vid-disabled
(config-nvo)#mac-holdtime -1
(config-nvo)#exit
 
(config)#interface xe7.100 switchport
(config-if)#access-if-evpn
(config-acc-if-evpn)#mac-holdtime -1
 
map vpn-id
Use this command to map a tenant to an access-port.
Use the no form of this command to remove the tenant from an access-port
Command Syntax
map vpn-id <1-16777215>
no map vpn-id <1-16777215>
Parameters
<1-16777215>
VxLAN network identifier.
Default
No default value is specified for map vnid command.
Command Mode
NVO access interface mode
Access interface EVPN mode
Applicability
This command was introduced before OcNOS version 1.3.
The Access interface EVPN mode is supported only from OcNOS version 6.0.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#map vpn-id 100
(config-nvo-acc-if)#exit
 
(config)#interface xe7.100 switchport
(config-if)#access-if-evpn
(config-acc-if-evpn)#map vpn-id 100
nd-cache disable
Use this command to disable ND cache for MAC/IPv6.
When the ND cache is disabled on a VxLAN access port, OcNOS does not reply to any ND arriving on this port from the cache. OcNOS withdraws all MAC/IPs configured/learned on this access port and removes the MAC/IP entry for this access port from the local ND cache.
OcNOS also makes sure that on withdrawing the MAC/IP route, the MAC does not become unknown. If all routes for this MAC are being withdrawn because of this command, then OcNOS advertises a MAC-only route. This is done so that the MAC does not become unknown and only the cache functionality becomes disabled.
Use the no form of this command to enable ND cache for MAC/IPv6.
Note: On enabling the cache, an IP will be in conflict, then the cache enable will fail. The conflict has to be manually removed and then the cache enabled.
Command Syntax
nd-cache disable
no nd-cache disable
Parameters
None
Default
By default, the nd-cache option is enabled.
Command Mode
NVO access interface mode
Access interface EVPN mode
Applicability
This command was introduced before OcNOS version 1.3.
The Access interface EVPN mode is supported only from OcNOS version 6.0
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#nd-cache disable
(config-nvo-acc-if)#exit
 
(config)#interface xe7.100 switchport
(config-if)#access-if-evpn
(config-acc-if-evpn)#nd-cache disable
 
 
nvo vxlan
Use this command to enable or disable VxLAN.
You must enable the VxLAN hardware profile with the hardware-profile filter vxlan command before enabling VxLAN.
Note: To make nvo vxlan disable and enable effective, system reboot is required.
Command Syntax
nvo vxlan (enable | disable)
Parameters
None
Default
By default, the VxLAN is disabled.
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan enable
 
(config)#nvo vxlan disable
 
nvo vxlan access-if
Use this command to map a complete interface or a VLAN or VLAN range on an interface to identify the tenant traffic and to enter NVO access interface mode.
The command nvo vxlan access-if port <if_name> default accepts all tagged, double tagged and untagged traffic received on the mapped physical port.
Use the no form of this command to unmap an interface or a VLAN.
Note: When a VxLAN access interface configured as a port VLAN as VLAN-range or port as default, then arp-cache and nd-cache should be disabled and only VNID with inner-vid-enable is mapped.
Note: Inner-vid-enable is one-to-one mapping. VNID is mapped to only on one access-port.
Note: VLAN Range not allowed to be configured for VxLAN stacked access-port.
Command Syntax
nvo vxlan access-if (port IFNAME (| default) | port-vlan IFNAME VLAN_RANGE (| inner-vlan <2-4094>))
no nvo vxlan access-if (port IFNAME | port-vlan IFNAME VLAN_RANGE(| inner-vlan <2-4094>))
Parameters
port
A physical port.
IFNAME
Interface name (Physical/Static lag/Dynamic lag)
default
Default access interface
port-vlan
The physical port on which VLANs are configured
IFNAME
Interface name (Physical/Static lag/Dynamic lag)
VLAN_RANGE
Configure VLANId or VLAN-Range for outer VLAN
Inner-vlan
Inner-VLAN id
<2-4094>
VLAN id
Default
By default, the nvo vxlan access-if option is port VLAN ID.
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3 and VLAN_RANGE option is introduced in OcNOS version 5.0. This command is not available on Qumran2 devices.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2-10
(config-nvo-acc-if)#exit
 
#configure terminal
(config)#nvo vxlan access-if port xe1
(config-nvo-acc-if)#exit
 
#configure terminal
(config)#nvo vxlan access-if port xe1 default
(config-nvo-acc-if)#exit
 
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2 inner-vlan 10
(config-nvo-acc-if)#exit
 
 
nvo vxlan id
Use this command to add a tenant and the type of VPN. This command changes the mode to NVO mode.
Use nvo vxlan id for creating ELAN and use nvo vxlan id xconnect with source and target identifier for ELINE/XConnect.
Use no form of this command to unconfigure the VxLAN ID.
You must enable VxLAN with the nvo vxlan command before you give this command.
Command Syntax
nvo vxlan id <1-16777215> (multicast |) | ((ingress-replication | xconnect target-vxlan-id <1-16777215>) (| inner-vid-disabled)) (etree-leaf|))
no nvo vxlan id <1-16777215>
Parameters
 
Command Mode
Configure mode
Applicability
Introduced before OcNOS version 1.3. Introduced the etree-leaf and xconnect target-vxlan-id <1-16777215> parameters in the OcNOS version 6.5.1.
Example
#configure terminal
(config)#nvo vxlan id 300 ingress-replication
(config-nvo)#exit
 
(config)#nvo vxlan id 200 ingress-replication inner-vid-disabled
(config-nvo)#exit
 
(config)#nvo vxlan id 30 xconnect target-vxlan-id 20
(config-nvo)#exit
 
(config)#nvo vxlan id 40 xconnect target-vxlan-id 50 ingress-replication
(config-nvo)#exit
To configure a VXLAN instance with VXLAN ID for ingress replication, with inner VLAN ID disabled, and as an E-Tree leaf node:
(config)#nvo vxlan id 10 ingress-replication inner-vid-disabled etree-leaf
(config-nvo)#exit
 
 
nvo vxlan irb
Use this command to enable IRB functionality.
Use the no form of this command to disable IRB functionality.
Note: Remove the existing L2 VNID configuration to enable IRB.
Command Syntax
nvo vxlan irb
no nvo vxlan irb
Parameters
None
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 4.1.
Example
#configure terminal
(config)#nvo vxlan irb
(config)#no nvo vxlan irb
 
 
nvo vxlan mac-ageing-time
Use this command to set the dynamically learned MAC aging time.
Use the no form of this command to set the age out the MACs in hardware to its default (300 seconds).
Command Syntax
nvo vxlan mac-ageing-time <10-572>
no nvo vxlan mac-ageing-time
Parameters
<10-572>
Aging time in seconds
Default
The default age out time is 300 seconds.
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan mac-ageing-time 10
(config)#no nvo vxlan mac-ageing-time 10
 
nvo vxlan vtep-ip-global
Use this command to set the source IP address of the VxLAN tunnels.
Use the no form of this command to remove the source IP address of the VxLAN tunnels.
You must enable VxLAN with the nvo vxlan command before you give this command.
Command Syntax
nvo vxlan vtep-ip-global A.B.C.D
no nvo vxlan vtep-ip-global A.B.C.D
Parameters
A.B.C.D
Source VTEP IP address of the global configuration
Default
No default value is specified for nvo vxlan vtep-ip-global command.
Command Mode
NVO mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
(config-nvo)#nvo vxlan vtep-ip-global 10.10.11.1
 
show bgp l2vpn evpn
Use this command to display details about Layer 2 Virtual Private Network (L2VPN) Ethernet Virtual Private Network (EVPN) routes.
Note: A BGP EVPN route update received for an unreachable IP address is also listed by this command and as a best route. This is because the next hop tracking feature is not supported for the EVPN address family. However, the tunnel to this IP address is shown in unresolved state by the show nvo vxlan tunnel output.
Command Syntax
show bgp l2vpn evpn (((vrf WORD)|(rd WORD)|)((prefix-route)|)(detail| time|))
show bgp l2vpn evpn mac-ip ((vrf WORD)|(rd WORD)|)
show bgp l2vpn evpn mcast
show bgp l2vpn evpn multihoming es-route <(rd WORD)|(vrf WORD)>
show bgp l2vpn evpn multihoming ethernet-ad-per-evi <(rd WORD)|(vrf WORD)>
show bgp l2vpn evpn multihoming ethernet-ad-per-es <(rd WORD)|(vrf WORD)>
Parameters
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
show bgp l2vpn evpn detail
BGP route entry for prefix : [1]:[00:00:00:00:11:12:12:22:11:11]:[100]:[100]
Route-Distinguisher: 1.1.1.1:1
Flags : Valid, Selected, IBGP, Labelled
Nexthop : 1.1.1.1 MED value : 0
Community:
Extended Community: RT:100:1 Encapsulation:VxLAN ESI-Label:0
Weight :0, Local Preference :100
AS Path : Local
Origin : IGP
Last Update : Thu Apr 13 12:05:23 2023
Peer : 1.1.1.1
 
BGP route entry for prefix : [2]:[0]:[100]:[48,0000:1111:0000]:[32,10.12.11.12]:[100]
Route-Distinguisher: 1.1.1.1:1
Flags : Valid, Selected, IBGP, Labelled
Nexthop : 1.1.1.1 MED value : 0
Community:
Extended Community: RT:100:1 Encapsulation:VxLAN MAC_mob_seq:Static
Weight :0, Local Preference :100
AS Path : Local
Origin : IGP
Last Update : Thu Apr 13 12:05:23 2023
Peer : 1.1.1.1
Total number of prefixes 2
 
Table 1-1 shows the status codes displayed at the start of a route entry.
 
Table 1-1: status codes 
Status code
Description
Comments
s
suppressed
Whether the route is suppressed and is not advertised to neighbors.
d
damped
When the penalty of a flapping route exceeds the suppress limit, the route is damped and remains in a withdrawn state until its penalty decreases below the reuse limit.
h
history
When the penalty of a flapping route does not exceed the suppress limit, the route is not damped and BGP maintains a history of the flapping route.
*
valid
Whether the route is valid. When a route is not suppressed, damped, or present in the history, it is valid.
>
best
The selected route to be installed in the kernel routing table.
i
internal
The prefix was learned from an iBGP peer.
l
labeled
BGP Labeled Unicast advertises route information between inter region routers.
 
Table 1-2 shows the codes at the end of each route entry that indicate where the route originated.
 
Table 1-2: origin codes
Origin Code
Description
Comments
i
IGP
The route is from an Interior Gateway Protocol.
e
EGP
The route is from an Exterior Gateway Protocol.
?
incomplete
Origin not known. Typically, these are routes redistributed from an IGP.
Table 1-3 explains the fields for each route.
 
Table 1-3: route entry fields 
Field
Description
RD
Route distinguisher: AS number or IP address.
VRF
Name of the VRF.
Network
EVPN route information.
 
The route type indicates the type of routing information advertised by the EVPN control plane:
 
2 MAC/IP Route: Endpoint reachability information, including MAC and IP addresses of the endpoints.
3 Inclusive Multicast Route: Information about how to forward Broadcast, Unknown Unicast and Multicast (BUM) traffic.
 
The other fields included depend on the route type:
Type 2: [ESI]:[E-Tag]:[Length, Host MAC address]:[Length, Host IP address]:[Label/VNID]
Type 3: [E-Tag]:[Length, PE IP address]
 
ESI (Ethernet Segment Identifier): a unique non-zero identifier that identifies an Ethernet segment, which is a set of links that connects a network or device to one or more PEs. ESI 0 denotes a single-homed site.
 
E-Tag (Ethernet tag): identifies a particular broadcast domain such as a VLAN or VNID in the VxLAN case. An EVPN instance consists of one or more broadcast domains.
 
VNID (VxLAN network identifier): identifies Layer 2 segments and maintains Layer 2 isolation between the segments, allowing the addressing of up to 16 million logical networks in the same administrative domain.
 
The status codes are explained in Table 1-1.
Next Hop
IP address of the nexthop for this route.
Metric
Multiple-Exit Discriminator (MED). If there are multiple paths to the same destination from a single routing protocol, then the multiple paths have the same administrative distance and the best path is selected based on this metric. The path with the lowest metric is selected as the optimal path and installed in the routing table.
LocPrf
This value is used only with iBGP sessions within the local autonomous system to determine if a route towards a destination is the “best” one. The path with the highest local preference is preferred.
Weight
This field applies only to routes within an individual router. If a route was learned from a peer, it has a default weight of 0. All routes generated by the local router have a weight of 32,768.
Path
The autonomous systems through which the prefix advertisement passed.
The origin codes are explained in Table 1-2.
Peer
Neighbor address.
Total number of prefixes
The total number of prefixes listed.
show bgp l2vpn evpn prefix-route
Use this command to display the Type-5 prefix remote routes.
Command Syntax
show bgp l2vpn evpn prefix-route <vrf WORD | rd Word>
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 4.1.
Example
rtr1#show bgp l2vpn evpn prefix-route
 
RD[300:1]
ESI Eth-Tag Prefix-Length IP-Address GW-IP Address L3VNID Nexthop Encap
0 45001 24 80.80.80.0 0.0.0.0 45001 2.2.2.2 VxLAN
0 45001 24 90.90.90.0 0.0.0.0 45001 2.2.2.2 VxLAN
0 45001 64 8001:: :: 45001 2.2.2.2 VxLAN
0 45001 64 9001:: :: 45001 2.2.2.2 VxLAN
rtr1#
 
 
show bgp l2vpn evpn summary
Use this command to display a summary of BGP EVPN neighbor status.
Command Syntax
show bgp l2vpn evpn summary
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show bgp l2vpn evpn summary
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 17
1 BGP AS-PATH entries
0 BGP community entries
Neighbor V AS MsgRcv MsgSen TblVer InQ OutQ Up/Down State/PfxRcd AD MACIP MCAST ESI
8.8.8.8 4 100 111 112 17 0 0 00:53:03 3 0 0 3 0
9.9.9.9 4 100 110 110 17 0 0 00:52:10 15 0 13 2 0
13.13.13.13 4 100 132 109 17 0 0 00:51:57 4 0 2 2 0
Total number of neighbors 3
Total number of Established sessions 3
The start of the output shows:
The BGP router identifier and the local router AS number.
The BGP table version tracks the local BGP table version. Any time the BGP best path algorithm executes, the table version increments.
BGP AS-PATH entry and community entries.
Table 1-4 explains the fields for each neighbor entry.
 
Table 1-4: neighbor fields 
Field
Description
Neighbor
IP address of peer.
V
BGP version of peer.
AS
Autonomous system number of peer.
MsgRcvd
Messages received since the BGP connection was established.
MsgSent
Messages sent since the BGP connection was established.
TblVer
Last version of the local router’s BGP database advertised to the peer.
InQ
Received messages waiting in the input queue for further processing.
OutQ
Messages waiting in the output queue to be sent.
Up/Down
Connection up time in the interface.
State/PfxRcd
If the TCP session is up and the BGP peers have formed an adjacency, this field shows how many prefixes have been received from the remote neighbor.
 
Other states:
 
Idle: The local router has not allocated resources for the peer connection, so incoming connection requests are refused
 
Idle (Admin): The peer has shut down
 
Idle (PfxCt): Prefix overflow
 
Idle (G-shut): Graceful shutdown
 
Connect: BGP is waiting for the TCP connection to complete
 
Active: the local router is trying to establish a TCP connection to the remote peer. You might see this if the local peer has been configured, but the remote peer is unreachable or has not been configured.
 
OpenSent: BGP is waiting for an open message from its peer
 
OpenConfirm: BGP received an open message from the peer and is now waiting for a keepalive or notification message. If BGP receives a keep alive message from the peer, the state changes to established. If the message is a notification, the state changes to idle.
 
Established: BGP is ready to exchange update, notification, and keep alive messages with its peer
 
Invalid: The session state is invalid.
AD
Number of EVPN type 1 Ethernet Auto-discovery routes: Only originated for multi-homed sites. Type 1 routes allow fast convergence where PE devices can change the next-hop adjacencies for all MAC addresses associated with a particular Ethernet Segment and aliasing where traffic can be balanced across multiple egress points
MACIP
Number of EVPN type 2 MAC/IP routes: Endpoint reachability information, including MAC and IP addresses of the endpoints.
MCAST
Number of EVPN type 3 Inclusive Multicast routes: Broadcast, Unknown Unicast and Multicast (BUM) traffic.
ESI
Number of EVPN type 4 Ethernet Segment Routes: Used in multi-homing for Designated Forwarder Election. The Designated Forwarder sends BUM traffic to the CE on a particular Ethernet Segment.
show evpn multi-homing all
Use this command to display the multi-homed VTEP details.
Command Syntax
show evpn multi-homing all
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show evpn multi-homing all
ESI                            Access-IF    PE-IP-ADDRESS
===========================================================
00:00:11:22:33:44:55:66:77:88  ce21/1       1.1.1.1
00:00:11:22:33:44:55:66:77:88  ----         2.2.2.2
Total number of entries are 2
 
 
Table 1-5 explains the output fields.
 
Table 1-5: show evpn multi-homing all output details
Field
Description
ESI
An Ethernet segment has an unique nonzero identifier, called the Ethernet segment identifier (ESI). The ESI is encoded as a 10-octet integer that identifies this segment. When manually configuring an ESI value, the most significant octet, known as the type byte, must be 00. When a single-homed CE device is attached to an Ethernet segment, the entire ESI value is zero.
Access-IF
Map the access port ce21/1 for evpn.
PE-IP-ADDRESS
Address of the provider edge router in the interface.
show evpn multihoming-status
Use this command to display the status of multihoming on a VTEP.
Command Syntax
show evpn multihoming-status
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show evpn multihoming-status
Multihoming is ACTIVE in Hardware
show interface irb
Use this command to display the current running configuration of IRB interface.
Command Syntax
show interface irb<1-4094>
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 4.1.
Example
rtr1#show interface irb1
Interface irb1
Hardware is IRB Current HW addr: 0000.0000.ff10
Physical:(Not Applicable) Logical:0000.0000.ff10
Port Mode is Router
Interface index: 700001
Metric 0 mtu 1500
Debounce timer: disable
ARP ageing timeout 1500
<UP,BROADCAST,RUNNING,MULTICAST>
VRF Binding: Associated with vrf1
Label switching is disabled
Administrative Group(s): None
DHCP client is disabled.
Last Flapped: Never
Statistics last cleared: 2019 Mar 14 17:57:06 (00:21:31 ago)
inet 80.80.80.1/24 broadcast 80.80.80.255
inet6 8001::1/64
inet6 fe80::200:ff:fe00:ff10/64
RX
unicast packets 0 multicast packets 0 broadcast packets 0
input packets 0 bytes 0
jumbo packets 0
undersize 0 oversize 0 CRC 0 fragments 0 jabbers 0
input error 0
input with dribble 0 input discard 0
Rx pause 0
TX
unicast packets 0 multicast packets 0 broadcast packets 0
output packets 0 bytes 0
jumbo packets 0
output errors 0 collision 0 deferred 0 late collision 0
output discard 0
Tx pause 0
rtr1#
show nvo vxlan
Use this command to display VxLAN information.
Command Syntax
show nvo vxlan (vnid <1-16777215>|)
Parameters
<1-16777215>
VxLAN network identifier
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#sh nvo vxlan
VxLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
VNID Vni-name Type Interface ESI Vlan DF-Status Src-addr Dst-addr
___________________________________________________________________________________________________________________
10 ---- NW ---- ---- ---- ---- 1.1.1.1 3.3.3.3
10 ---- NW ---- ---- ---- ---- 1.1.1.1 2.2.2.2
10 ---- AC ce21/1 00:00:11:22:33:44:55:66:77:88 2 DF ---- ----
20 ---- NW ---- ---- ---- ---- 1.1.1.1 3.3.3.3
20 ---- NW ---- ---- ---- ---- 1.1.1.1 2.2.2.2
20 ---- AC ce21/1 00:00:11:22:33:44:55:66:77:88 3 NON-DF ---- ----
45001 ---- L3 NW ---- ---- ---- 1.1.1.1 3.3.3.3
 
Total number of entries are 7
 
Table 1-6 explains the fields in the output.
Table 1-6: VxLAN fields
Field
Description
VNID
VxLAN network identifier.
Type
NW - Network Port: VxLAN tunnel
AC - Access Port: Host connection
Interface
Name of the Interface.
Vlan
VLAN identifier
Src-addr
Source address in the interface.
Dst-addr
Destination address in the interface.
Total number of entries
The total number of entries listed.
show nvo vxlan access-if-config
Use this command to display the current running configuration of the access interface.
Command Syntax
show nvo vxlan access-if-config (LINE|)
Parameters
LINE
Access port description
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show nvo vxlan access-if-config
nvo vxlan access-if port-vlan xe1 2
map vnid 100
access-if-description member-port with xe1 as vlan 2
shutdown
mac 0000.0000.1111
mac 0000.0000.aaaa ip 12.12.12.1
map qos-profile cos-to-queue ac_port_ingress
map qos-profile queue-color-to-cos ac_port_egress
!
nvo vxlan access-if port-vlan po1 6
no shutdown
map vnid 100
!
 
show nvo vxlan arp-cache
Use this command to display the ARP cache information.
Command Syntax
show nvo vxlan arp-cache (vnid <1-16777215>|)
Parameters
<1-16777215>
VxLAN network identifier
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show nvo vxlan arp-cache
VxLAN ARP-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________
10 12.12.12.2 0000.0000.2222 Static Local ----
Total number of entries are 1
Table 1-7 explains the fields in the output.
 
Table 1-7: arp cache fields
Field
Description
VNID
VxLAN network identifier.
Ip-Addr
IP address of the vxlan.
Mac-Addr
Device MAC address.
Type
How a host learns a MAC/IP pair:
 
Dynamic Local: Learned by data plane source learning
Dynamic Remote: Learned by EVPN Type 2 (MAC/IP) routes
Static Remote: Statically configured for remote; used only for static VxLAN, not with EVPN
Static Local: Configured on local VTEP
Total number of entries
The total number of entries listed.
show nvo vxlan counters access-port
Use this command to display the receive and transmit counters of an access port.
Note: Due to a limitation in the hardware, the transmit packet counters includes the BUM traffic received on that port.
Note: To see the statistics, you must enable the hardware profile for the access-port with the hardware-profile filter (Qumran1) command with the ac-lif parameter.
Note: All the expected packets might not be seen in the output of this command.
Command Syntax
show nvo vxlan counters access-port (port IFNAME | port-vlan IFNAME VLAN_ID_RANGE (| inner-vlan INNER_VLAN_ID) | all)
Parameters
port
Port Mapping
IFNAME
Access port name
port-vlan
Port-VLAN Mapping
IFNAME
Access port name
VLAN_ID_RANGE
VLAN Id or VLAN Range <2-4094>
INNER_VLAN_ID
Inner-VLAN Id
all
All ports and VLANs
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3 and VLAN_RANGE option is introduced in OcNOS version 5.0.
Example
#show nvo vxlan counters access-port port-vlan xe13 10
 
Data packets:
*If ARP/ND cache is enabled, TX doesn't count ARP/ND replies
from ARP/ND cache and ARP/ND forwarded after uplifting to
the control plane.
RX: packets : 2774939
bytes : 210553516
TX: packets : 4322274
bytes : 326026474
 
Control Packets:
*ARP/ND uplifted and sent/replied from control plane:
Rx Vxlan Arp discard count : 0
Rx Vxlan Nd discard count : 0
Tx Vxlan Arp discard count : 0
Tx Vxlan Nd discard count : 0
Rx Vxlan Arp Request count : 0
Tx Vxlan Arp Request count : 0
Rx Vxlan Arp Reply count : 5
Tx Vxlan Arp Reply count : 1
Rx Vxlan Neighbor Solicitation count : 0
Tx Vxlan Neighbor Solicitation count : 0
Rx Vxlan Neighbor Advertisement count: 3
Tx Vxlan Neighbor Advertisement count: 0
Table 1-8 explains the fields in the output.
 
Table 1-8: access port counters
Field
Description
RX: packets
Number of packets received on an access-interface.
RX: bytes
Number of bytes received.
TX: packets
Number of packets transmitted.
TX: bytes
Number of bytes transmitted.
Rx Vxlan Nd discard count
Number of discarded ND that is received from neighbor.
Tx Vxlan Arp discard count
Number of discarded Arp that is transmitted to peer.
Tx Vxlan Nd discard count
Number of discarded ND that is transmitted to peer.
Rx Vxlan Arp Request count
Number of request ARP that is received from neighbor.
Tx Vxlan Arp Request count
Number of request ARP that is transmitted to peer.
Rx Vxlan Arp Reply count
Number of replied ARP that is received from neighbor.
Tx Vxlan Arp Reply count
Number of replied ARP which is transmitted to peer.
Rx Vxlan Neighbor Solicitation count
Number of request ND that is received from neighbor.
Tx Vxlan Neighbor Solicitation count
Number of replied ND that is received from neighbor.
Rx Vxlan Neighbor Advertisement count
Number of Neighbor Advertisement that is received from neighbor.
Tx Vxlan Neighbor Advertisement count
Number of Neighbor Advertisement which is transmitted to peer.
 
show nvo vxlan counters network-port
Use this command to display the receive and transmit counters of a network port including ARP, ND and GARP counters.
Command Syntax
show nvo vxlan counters network-port (dst A.B.C.D | ALL)
Parameters
A.B.C.D
Tunnel IPv4 address
ALL
All addresses
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show nvo vxlan counters network-port dst 2.2.2.2
 
Data packets:
*If ARP/ND cache is enabled, TX doesn't count ARP/ND replies
from ARP/ND cache and ARP/ND forwarded after uplifting to
the control plane.
RX: packets : 0
bytes : 0
TX: packets : 3570006
bytes : 406980684
 
Control Packets:
*ARP/ND uplifted and sent/replied from control plane:
TX VxLAN ARP discard count : 0
TX VxLAN ND discard count : 0
Tx Vxlan ARP Request count : 0
Tx Vxlan ARP Reply count : 0
Tx Vxlan Neighbor Solicitation count : 0
Tx Vxlan Neighbor Advertisement count: 0
 
Table 1-9 explains the each network entry fields.
 
Table 1-9: show nvo vxlan counters network-port output fields 
Field
Description
RX: packets
Number of hello packets received from neighbor.
RX: bytes
Number of hello packets received from neighbor in bytes received.
TX: packets
Number of hello packets transmitted to neighbor.
TX: bytes
Number of hello packets transmitted to neighbor in bytes transmitted.
Tx VxLAN Arp discard count
Number of discarded Arp that is transmitted to peer.
Tx VxLAN Nd discard count
Number of discarded ND that is transmitted to peer.
Tx Vxlan Arp Request count
Number of request ARP that is transmitted to peer.
Tx Vxlan Arp Reply count
Number of replied ARP which is transmitted to peer.
Tx Vxlan Neighbor Solicitation count
Number of replied ND that is received from neighbor.
Tx Vxlan Neighbor Advertisement count
Number of Neighbor Advertisement which is transmitted to peer.
 
show evpn
Use this command to display the L3 VNI, L2 VNI and IRB interface mapping.
Command Syntax
show evpn l3vni-map
show evpn irb-status
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 4.1.
Example
rtr3#show evpn l3vni-map
L3VNI L2VNI IRB-interface
===================================
45001 10 irb1
45001 20 irb2
 
rtr3#show evpn irb-status
IRB is ACTIVE in Hardware
 
 
show nvo vxlan mac-table
Use this command to display the host MAC address table. Use the hardware option to see the ageout time for the dynamically learn macs.
Command Syntax
show nvo vxlan mac-table (vnid <1-16777215>|) (summary | hardware |)
Parameters
<1-16777215>
VxLAN network identifier
summary
Display a count of MAC addresses
hardware
Display hardware information
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show nvo vxlan mac-table
=====================================================================================================================================================
VxLAN MAC Entries
=====================================================================================================================================================
VNID Interface VlanId Inner-VlanId Mac-Addr VTEP-Ip/ESI Type Status AccessPortDesc
_____________________________________________________________________________________________________________________________________________________
10 ce21/1 2 ---- 0000.0000.1111 1.1.1.1 Static Local ------- partner-port
10 ---- ---- ---- 0000.0000.2222 3.3.3.3 Static Remote ------- -------
20 ce21/1 3 ---- 0000.0000.cccc 1.1.1.1 Static Local Discard -------
20 ---- ---- ---- 0000.0000.dddd 3.3.3.3 Static Remote ------- -------
Total number of entries are : 4
 
#show nvo vxlan mac-table hardware
=====================================================================================================================================================
VxLAN MAC Entries
=====================================================================================================================================================
VNID Interface VlanId Inner-VlanId Mac-Addr VTEP-Ip/ESI Type Status Time-out AccessPortDesc
_____________________________________________________________________________________________________________________________________________________
10 ce21/1 2 --- 0000.0000.1111 1.1.1.1 Static Local ----- --- partner-port
10 --- --- --- 0000.0000.2222 3.3.3.3 Dyanamic Remote ----- ---
10 --- --- --- 0000.0000.aa11 3.3.3.3 Dyanamic Remote ----- ---
10 ce21/1 2 --- 0000.0000.bb11 1.1.1.1 Dynamic Local ----- 300 partner-port
10 ce21/1 2 --- 0000.0000.bb12 1.1.1.1 Dynamic Local ----- 277 partner-port
20 ce21/1 --- --- 0000.0000.cccc 1.1.1.1 Static Local Discard ---
20 --- --- --- 0000.0000.dddd 3.3.3.3 Dyanamic Remote ----- ---
Total number of entries are 7
Table 1-10 explains the fields in the output.
Table 1-10: MAC table fields
Field
Description
VNID
VxLAN network identifier
Interface
Interface name
VlanId
VLAN identifier
Mac-Addr
MAC address
VTEP-Ip
VTEP identifier
Type
How a host learns a MAC/IP pair:
 
Dynamic Remote: Learned by EVPN Type 2 (MAC/IP) routes
Static Remote: Statically configured for remote; used only for static VxLAN, not with EVPN
Static Local: Configured on local VTEP
Dynamic Local: Learned by data plane source learning
Status
Max Move conflict: When a MAC has moved too many times (5 or more times in 180 seconds). This is according to the procedures defined in RFC 7432, Section 15.1.
 
Discard: If a MAC hold time is configured, then if the VxLAN access port goes down (admin or operational), the MAC is moved to the discard state for the period of the hold time. The MAC is also moved to the discard state if the VNID is unmapped from the port. In dynamically learned cases, the MAC is also moved to discard when learning is disabled.
Time-out
Age timeout for dynamically learned MACs.
AccessPortDesc
Access port description.
Total number of entries
The total number of entries listed.
 
show nvo vxlan static host state
Use this command to display the state of the host which is configured statically.
Command Syntax
show nvo vxlan static host state
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show nvo vxlan static host state
VxLAN Static Host Information
=============================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
 
VNID Ifname Outer-Vlan Inner-vlan Ip-Addr Mac-Addr Status
___________________________________________________________________________________________________________
10 xe13 10 --- 12.12.12.2 0000.0000.2222 Active
10 xe17 10 --- 11.11.11.1 0000.0000.bbbb Inactive
10 xe17 30 40 0.0.0.0 0000.1111.2222 Inactive
 
Total number of entries are 5
 
Table 1-11 explains the output fields.
Table 1-11: Static host fields
Field
Description
VNID
VxLAN network identifier
Ifname
Interface name
Vlan
VLAN name
Ip-Addr
IP address
Mac-Addr
MAC address
Status
Status of the MAC/IP on the host:
Conflict: When a MAC/IP was configured, the conflict was not known as the VNID was not mapped to the access port. After the VNID is mapped, if the same MAC/IP is present statically on some other port on the same VNID, then it is in conflict state.
 
Learnt Conflict: When a MAC/IP was configured, the conflict was not known. However, it is now in conflict because the same MAC/IP is configured on an access port on VTEP1 and on an access port on VTEP2. Because the BGP session/tunnel was not up, the MAC/IP was not known to the other VTEP and the configuration was allowed. When the BGP session/tunnel comes up and it finds such a conflicted route, it marks the state as Learnt Conflict.
 
Inactive: Configured but not operating, such as when the port is not mapped to any VNID. The port is down and the ARP/ND cache is disabled.
 
Active: Operating host MAC/IP.
show nvo vxlan tunnel
Use this command to view the source, destination, and status of the VxLAN tunnel entries.
Command Syntax
show nvo vxlan tunnel
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
The following is a sample output of the show nvo vxlan tunnel command.
#show nvo vxlan tunnel
VxLAN Network tunnel Entries
Source Destination Status Up/Down Update
====================================================
1.1.1.1 2.2.2.2 Installed 00:00:20 00:00:20
Total number of entries are 1
Table 1-12 explains the output fields.
Table 1-12: VxLAN tunnel fields
Field
Description
Source
Tunnel source IP address.
Destination
Tunnel destination IP address.
Status
Installed: Tunnel Installed in the hardware and operating.
 
Resolved: Tunnel destination IP is reachable, but VxLAN tunnel not installed in hardware. Therefore, not operating.
 
Unresolved: Tunnel destination IP not reachable because L3 route is down.
Up/Down
When the tunnel came up or went down
Update
When the tunnel was last updated
Total number of entries
The total number of entries listed.
show nvo vxlan route-count
Use this command to display the VxLAN active route (MAC-IP and MAC-only) count information.
Command Syntax
show nvo vxlan route-count (|vnid <1-16777215>)
Parameters
<1-16777215>
Range supported for VNID
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3 and modified to include the GW-IPv4, and Prefix IPv4 in OcNOS version 1.3.5.
Example
#show nvo vxlan route-count
VxLAN Active route count information
====================================
Max route count : 32768
Active route count: 0
 
---------------------------------------------
VNID Total MACONLY MACIPv4 MACIPv6
---------------------------------------------
100 0 0 0 0
10 0 0 1 0
 
Total number of entries are 2
 
Table 1-13 explains the output fields.
 
Table 1-13: show nvo vxlan route-count output details
Field
Description
Max route count
Maximum number of route count in vxlan.
Active route count
Number of active route count in the interface.
VNID
VNID is used to identify Layer 2 segments and to maintain Layer 2 isolation between the segments.
Total
Total number of entries for the interface.
MACONLY
The MAC-only route for the local interface appears in the VxLAN instance route table.
MACIPv4
IPv4 media access control (MAC) address for a default virtual gateway.
MACIPv6
IPv6 media access control (MAC) address for a default virtual gateway.
show nvo vxlan vni-name
Use this command to display the vxlan results based on vni-name.
Command Syntax
show nvo vxlan vni-name (WORD)
Parameters
WORD
VxLAN id name
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show nvo vxlan vni-name SITEA-PRO
VxLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
VNID Vni-name Type Interface ESI Vlan DF-Status Src-addr Dst-addr
____________________________________________________________________________________________________________
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.6.8
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.6.9
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.3.1
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.1.2
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.5.1
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.2.2
1 ---- NW ---- ---------- ---- ------ 10.0.1.1 10.0.2.1
1 SITEA-PRO AC xe7 — Single Homed port — 2 ------ ---- ----
1 SITEA-PRO AC xe1 — Single Homed port — 1010 ------ ---- ----
1 SITEA-PRO AC xe1 — Single Homed port — 100 ------ ---- ----
1 SITEA-PRO AC xe1 — Single Homed port — 2020 ------ ---- ----
1 SITEA-PRO AC po1 — Single Homed port — 100 ------ ---- ----
1 SITEA-PRO AC po1 — Single Homed port — 2 ------ ---- ----
1 SITEA-PRO AC po1 — Single Homed port — 200 ------ ---- ----
1 SITEA-PRO AC xe8 — Single Homed port — ---- ------ ---- ----
1 SITEA-PRO AC po2 — Single Homed port — ---- ------ ---- ----
Total number of entries are 16
 
show nvo vxlan xconnect
Use this command to display the VPWS xconnect details of the MTU, AC-NW connections, and network status.
Command Syntax
show nvo vxlan xconnect
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced in OcNOS version 5.1.
Example
MH-VTEP3#sh nvo vxlan xconnect
EVPN Xconnect Info
========================
AC-AC: Local-Cross-connect
AC-NW: Cross-connect to Network
AC-UP: Access-port is up
AC-DN: Access-port is down
NW-UP: Network is up
NW-DN: Network is down
NW-SET: Network and AC both are up
 
Local Remote Connection-Details
================================ ============ ===================================================================================
VPN-ID EVI-Name MTU VPN-ID Source Destination PE-IP MTU Type NW-Status
================================ ============ ===================================================================================
92 ---- 1500 91 xe2 92 --- Single Homed Port --- 102.1.1.1 1500 AC-NW NW-SET
94 ---- 1500 93 xe2 94 --- Single Homed Port --- 102.1.1.1 1500 AC-NW NW-SET
38052 ---- 1500 38051 xe2 380 716 00:11:22:33:00:00:00:55:66:77 101.1.1.1 1500 AC-NW NW-SET
102.1.1.1 1500 ---- ----
39012 ---- 1500 39011 xe2 390 715 00:00:00:12:34:90:90:00:00:00 101.1.1.1 1500 AC-NW NW-SET
102.1.1.1 1500 ---- ----
Total number of entries are 4
Table 1-14 explains the output fields.
Table 1-14: show nvo vxlan xconnect fields 
Field
Description
Local VPN-ID
Source VPWS ID
Local EVI-Name
EVI name of the local VPWS ID
Local MTU
Local MTU
Remote VPN-ID
Remote (target) VPWS ID
Source
Source AC port
Destination
Destination AC port: “Single Homed Port” or ESI value if it is multi-homed port
PE-IP
IP Address of the provider edge.
MTU
Remote MTU
Type
Connection details of the AC port
NW-Status
Connection details of the NW port
Total number of entries
Total number of entries listed.
 
show running-config interface irb
Use this command to display the current running configuration of IRB interface.
Command Syntax
show running-config interface irb<1-4094>
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced in a version before OcNOS version 4.1.
Example
#show running-config interface irb1
!
interface irb1
ip vrf forwarding vrfip
ip address 144.144.144.1/24
ipv6 address 1201::1/48
evpn irb-if-forwarding anycast-gateway-mac
shutdown
!
 
show running-config nvo vxlan
Use this command to display the current running configuration of VxLANs.
Command Syntax
show running-config nvo vxlan
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced in a version before OcNOS version 1.3; nvo vxlan id xconnect was introduced in OcNOS version 5.1.
Example
#sh running-config nvo vxlan
!
evpn vxlan multihoming enable
!
evpn esi hold-time 100
!
nvo vxlan enable
!
nvo vxlan irb
!
evpn irb-forwarding anycast-gateway-mac 0000.0000.ff10
!
nvo vxlan vtep-ip-global 2.2.2.2
!
nvo vxlan mac-ageing-time 10
!
nvo vxlan id 10 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp vrfred
evpn irb1
!
nvo vxlan id 100 xconnect target-vxlan-id 200
vxlan host-reachability-protocol evpn-bgp vrfblue
!
nvo vxlan access-if port-vlan xe13 10
no shutdown
map vnid 10
mac 0000.0000.2222 ip 12.12.12.2
!
nvo vxlan access-if port-vlan xe17 10
no shutdown
map vnid 10
mac 0000.0000.bbbb ip 11.11.11.1
!
nvo vxlan access-if port-vlan xe17 30
no shutdown
map vnid 10
mac 0000.1111.2222
!
nvo vxlan access-if port-vlan xe1 11
description member-port xe1 with vlan 11
no shutdown
map vnid 10
!
nvo vxlan access-if port-vlan xe1 10
no shutdown
map vnid 10
!
nvo vxlan access-if port-vlan xe1 12
no shutdown
map vnid 10
!
nvo vxlan access-if port-vlan xe9 100
no shutdown
map vnid 100
!
 
 
 
 
shutdown
Use this command to administratively shut down an NVO access interface.
Use the no form of this command to start an NVO access interface.
Command Syntax
shutdown
no shutdown
Parameters
None
Default
The NVO access interface is running by default.
Command Mode
NVO access interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#nvo vxlan access-if port-vlan xe1 2
(config-nvo-acc-if)#shutdown
(config-nvo-acc-if)#exit
vxlan host-reachability-protocol evpn-bgp
Use this command to set the host reachable protocol to Ethernet-VPN over BGP. This defines BGP as the mechanism for host reachability advertisement.
Use use the no form of this command to remove Ethernet-VPN as the host reachable protocol.
Command Syntax
vxlan host-reachability-protocol evpn-bgp NAME
no vxlan host-reachability-protocol evpn-bgp
Parameters
NAME
Name of the VRF to carry VNID routes
Command Mode
NVO mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
(config)#nvo vxlan id 3 ingress-replication inner-vid-disabled
(config-nvo)#vxlan host-reachability-protocol evpn-bgp Blue