| stephen hemminger | d342894 | 2012-10-01 12:32:35 +0000 | [diff] [blame] | 1 | Virtual eXtensible Local Area Networking documentation |
| 2 | ====================================================== |
| 3 | |
| Rick Jones | e8fed98 | 2015-08-12 10:23:14 -0700 | [diff] [blame] | 4 | The VXLAN protocol is a tunnelling protocol designed to solve the |
| 5 | problem of limited VLAN IDs (4096) in IEEE 802.1q. With VXLAN the |
| 6 | size of the identifier is expanded to 24 bits (16777216). |
| stephen hemminger | d342894 | 2012-10-01 12:32:35 +0000 | [diff] [blame] | 7 | |
| Rick Jones | e8fed98 | 2015-08-12 10:23:14 -0700 | [diff] [blame] | 8 | VXLAN is described by IETF RFC 7348, and has been implemented by a |
| 9 | number of vendors. The protocol runs over UDP using a single |
| 10 | destination port. This document describes the Linux kernel tunnel |
| 11 | device, there is also a separate implementation of VXLAN for |
| 12 | Openvswitch. |
| stephen hemminger | d342894 | 2012-10-01 12:32:35 +0000 | [diff] [blame] | 13 | |
| Rick Jones | e8fed98 | 2015-08-12 10:23:14 -0700 | [diff] [blame] | 14 | Unlike most tunnels, a VXLAN is a 1 to N network, not just point to |
| 15 | point. A VXLAN device can learn the IP address of the other endpoint |
| 16 | either dynamically in a manner similar to a learning bridge, or make |
| 17 | use of statically-configured forwarding entries. |
| stephen hemminger | d342894 | 2012-10-01 12:32:35 +0000 | [diff] [blame] | 18 | |
| Rick Jones | e8fed98 | 2015-08-12 10:23:14 -0700 | [diff] [blame] | 19 | The management of vxlan is done in a manner similar to its two closest |
| 20 | neighbors GRE and VLAN. Configuring VXLAN requires the version of |
| 21 | iproute2 that matches the kernel release where VXLAN was first merged |
| 22 | upstream. |
| stephen hemminger | d342894 | 2012-10-01 12:32:35 +0000 | [diff] [blame] | 23 | |
| 24 | 1. Create vxlan device |
| Rick Jones | e8fed98 | 2015-08-12 10:23:14 -0700 | [diff] [blame] | 25 | # ip link add vxlan0 type vxlan id 42 group 239.1.1.1 dev eth1 dstport 4789 |
| stephen hemminger | d342894 | 2012-10-01 12:32:35 +0000 | [diff] [blame] | 26 | |
| Rick Jones | e8fed98 | 2015-08-12 10:23:14 -0700 | [diff] [blame] | 27 | This creates a new device named vxlan0. The device uses the multicast |
| 28 | group 239.1.1.1 over eth1 to handle traffic for which there is no |
| 29 | entry in the forwarding table. The destination port number is set to |
| 30 | the IANA-assigned value of 4789. The Linux implementation of VXLAN |
| 31 | pre-dates the IANA's selection of a standard destination port number |
| 32 | and uses the Linux-selected value by default to maintain backwards |
| 33 | compatibility. |
| stephen hemminger | d342894 | 2012-10-01 12:32:35 +0000 | [diff] [blame] | 34 | |
| 35 | 2. Delete vxlan device |
| 36 | # ip link delete vxlan0 |
| 37 | |
| 38 | 3. Show vxlan info |
| Zhi Yong Wu | cc9b310 | 2012-11-22 00:10:01 +0000 | [diff] [blame] | 39 | # ip -d link show vxlan0 |
| stephen hemminger | d342894 | 2012-10-01 12:32:35 +0000 | [diff] [blame] | 40 | |
| 41 | It is possible to create, destroy and display the vxlan |
| 42 | forwarding table using the new bridge command. |
| 43 | |
| 44 | 1. Create forwarding table entry |
| 45 | # bridge fdb add to 00:17:42:8a:b4:05 dst 192.19.0.2 dev vxlan0 |
| 46 | |
| 47 | 2. Delete forwarding table entry |
| Zhi Yong Wu | cc9b310 | 2012-11-22 00:10:01 +0000 | [diff] [blame] | 48 | # bridge fdb delete 00:17:42:8a:b4:05 dev vxlan0 |
| stephen hemminger | d342894 | 2012-10-01 12:32:35 +0000 | [diff] [blame] | 49 | |
| 50 | 3. Show forwarding table |
| 51 | # bridge fdb show dev vxlan0 |