VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel

VxLAN (Virtual eXtensible Local Area Network) GPE (Generic Protocol Extension) is intended to extend the existing VxLAN protocol to provide protocol typing, OAM, and versioning capabilities.

Restrictions for VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel

  • VxLAN GPE tunnel and VxLAN dummy-L2 tunnel do not support IS-IS.

  • Layer2 traffic is not supported.

  • IPv6 for underlay encapsulation is not supported.

Information About VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel

Overview

Virtual eXtensible Local Area Network (VxLAN) defines an encapsulation format that encapsulates Ethernet frames in an outer UDP/IP transport. As data centers evolve, the need to carry other protocols encapsulated in an IP packet is required, and the need to provide increased visibility and diagnostic capabilities within the overlay. The VxLAN header does not specify the protocol being encapsulated and therefore is currently limited to encapsulating only Ethernet frame payload, nor does it provide the ability to define Operations, Administration, and Maintenance (OAM) protocols. In addition, new transports need not use transport layer port numbers to identify tunnel payload, rather it encourages encapsulations to use their own identifiers for this purpose. VxLAN GPE (Generic Protocol Extension) is intended to extend the existing VxLAN protocol to provide protocol typing, OAM and versioning capabilities.

The following are the main features of VxLAN GPE Tunnel:

  • Encapsulates layer-3 packets directly into a VxLAN tunnel without any layer-2 bridge-domain requirements or dependencies.

  • Provides an equal-cost multi-path (ECMP) entropy benefits on the underlay (core) network by calculating the outer-source UDP port based on the inner IP protocol, source or destination IP addresses and L4 port numbers (5-tuple).

  • Leverages VxLAN-GPE draft-IETF, which provides direct upper layer protocols options such as, IPv4, IPv6, Ethernet (MAC), Network-Service-Header (NSH) without a layer-2 header.

  • Overlay encapsulation is supported for both IPv4 and IPv6, whereas underlay encapsulation is supported only for IPv4.

  • 8K Tunnel interfaces with VxLAN GPE or VxLAN dummy-L2 mode are supported.

  • 3-tuple hash is enabled to generate UDP source port for both VxLAN GPE and VxLAN Dummy-L2 tunnels for all the packets.

  • UDP source port hash uses 3 tuples for fragments, and 5 tuples for non-fragments.

Feature Information for VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1. Feature Information for VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel

Feature Name

Releases

Feature Information

VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel

Cisco IOS XE Denali 16.3.1

The following commands were introduced by this feature: vxlan gpe-tunnel-udp-port xxx .

Manually configure the source port range for VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel

Cisco IOS XE Everest 16.5.1b

The following commands were introduced by this feature:

  • vxlan source-port-range udp

  • vxlan source-port-range gpe-tunnel-udp

  • vxlan source-port-range dummy-l2-tunnel-udp

Microsoft - VxLAN GPE Tunnel IPv6 Support

VxLAN 8K GPE Tunnel Support

Cisco IOS XE Fuji 16.7.1

Overlay encapsulation is supported for both IPv4 and IPv6, whereas underlay encapsulation is supported only for IPv4.

8K Tunnel interfaces with VxLAN GPE or VxLAN dummy-L2 mode are supported.

VXLAN Fragment UDP Source Port

Cisco IOS XE 16.8.1

Global tunnel CLIs are added to enable 3-tuple hash to generate UDP source port for both VxLAN-GPE and VxLAN Dummy-L2 tunnels.

Support both global and under interface tunnel.

IPv6 VxLAN GPE Tunnel and IPv6 VxLAN Dummy-L2 Tunnel

Cisco IOS XE Gibraltar 16.12.1

VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel support IPv6 tunnel mode.

How to Configure VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel

Configuring VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel

  1. Configure Vxlan GPE Tunnel on VTEP1.

    interface Tunnel1 
      ip address 192.168.1.1 255.255.255.0 
      tunnel source GigabitEthernet2 
      tunnel mode vxlan-gpe ipv4 
      tunnel destination 20.1.1.17
      tunnel vxlan vni 123456
    
  2. Configure Vxlan GPE Tunnel on VTEP2.

    interface Tunnel1 
      ip address 192.168.1.2 255.255.255.0 
      tunnel source GigabitEthernet2 
      tunnel mode vxlan-gpe ipv4 
      tunnel destination 20.1.1.16 
      tunnel vxlan vni 123456
    
  3. Configure Vxlan Dummy-L2 Tunnel on VTEP1.

    interface Tunnel0 
      ip address 192.168.2.3 255.255.255.0 
      tunnel source GigabitEthernet2 
      tunnel mode vxlan ipv4 default-mac  
      tunnel destination 20.1.1.17
      tunnel vxlan vni 123456
    
  4. Configure Vxlan Dummy-L2 Tunnel on VTEP2.

    interface Tunnel1 
      ip address 192.168.2.1 255.255.255.0 
      tunnel source GigabitEthernet2 
      tunnel mode vxlan ipv4 default-mac  
      tunnel destination 20.1.1.16 
      tunnel vxlan vni 123456
    
  5. (Optional) Change UDP dst port for Vxlan Dummy-L2 Tunnel. Default UDP port of Dummy-L2 Tunnel is 4789.

    (config)#vxlan dummy-l2-tunnel-udp-port 4789
  6. (Optional) Change UDP dst port for Vxlan GPE Tunnel. Default UDP port of GPE Tunnel is 4790.

    (config)#vxlan gpe-tunnel-udp-port 4790
    

Verifying VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel

##show platform software vxlan fp active udp-port
VXLAN UDP Port: 6000
VXLAN GPE Tunnel UDP Port: 4000
VXLAN Dummy L2 Tunnel UDP Port: 6000
VXLAN UDP Source Port Range: 1025 - 65535
VXLAN GPE Tunnel UDP Source Port Range: 1025 - 65535
VXLAN Dummy L2 Tunnel UDP Source Port Range: 1025 – 65535
VXLAN GPE Tunnel UDP Source Port Hash: 3 tuples
VXLAN  Dummy L2 Tunnel UDP Source Port Hash: 3 tuples

Perform the following steps to add new tunnel mode:
#interface tunnel0
     tunnel mode vxlan ipv4 default-mac | xxxx.xxxx.xxxx xxxx.xxxx.xxxx

#interface tunnel1
    tunnel mode vxlan-gpe ipv4

Perform the following steps to add VxLAN VNI in tunnel:
#interface tunnel0
tunnel vxlan vni xxxx

Perform the following steps to add VxLAN source port hash in tunnel:
#interface tunnel0
vxlan source-port-hash 3-tuple
vxlan source-port-hash 3-tuple-for-fragments

Configuration Examples for VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel

Example: VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel

Example: VxLAN GPE Tunnel

#interface Tunnel0
 ip address 192.168.2.1 255.255.255.0
 ipv6 address 2001::1/64
 tunnel source GigabitEthernet2
 tunnel mode vxlan ipv4 default-mac
 tunnel destination 20.1.1.16
 tunnel vxlan vni 123456


#interface Tunnel1
 ip address 192.168.1.2 255.255.255.0
 ipv6 address 2002::2/64
 tunnel source GigabitEthernet2
 tunnel mode vxlan-gpe ipv4
 tunnel destination 20.1.1.16
 tunnel vxlan vni 123456


#sh pl soft vxlan f0 udp-port 
VXLAN UDP Port: 4789
VXLAN GPE Tunnel UDP Port: 4790
VXLAN Dummy L2 Tunnel UDP Port: 4789
VXLAN UDP Source Port Range: 600 - 6000
VXLAN GPE Tunnel UDP Source Port Range: 400 - 4000
VXLAN Dummy L2 Tunnel UDP Source Port Range: 1025 – 65535
VXLAN GPE Tunnel UDP Source Port Hash: 5 tuples
VXLAN  Dummy L2 Tunnel UDP Source Port Hash: 5 tuples

Additional References for VxLAN GPE Tunnel and VxLAN Dummy-L2 Tunnel

Standards and RFCs

Standard/RFC

Title

draft-ietf-nvo3-vxlan-gpe-02.txt

Generic Protocol Extension for VXLAN

MIBs

MIB

MIBs Link

  • CISCO-MIB

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

Technical Assistance

Description

Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html