Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring OVSDB-Managed VXLANs

 
Note

This topic does not apply to QFX5100 and QFX10002 switches, which support the dynamic configuration of OVSDB-managed VXLANs. Although the OVSDB-managed VXLAN configuration is automated on these switches, there are tasks that you must perform before and after the dynamic configuration. For more information about the required tasks, see Understanding Dynamically Configured VXLANs in an OVSDB Environment.

To implement the OVSDB management protocol on a Juniper Networks device, you must configure OVSDB-managed VXLANs.

For Layer 2 broadcast, unknown unicast, and multicast (BUM) traffic that originates in an OVSDB-managed VXLAN and is forwarded to interfaces within the same VXLAN, you can optionally enable ingress node replication. With this feature enabled, the Juniper Networks device handles the replication of these packets and the forwarding of the replicas to interfaces within the same OVSDB-managed VXLAN. For more information about using ingress node replication or a service node, which is the default way to handle Layer 2 BUM traffic, see Understanding How Layer 2 BUM and Layer 3 Routed Multicast Traffic Are Handled with OVSDB.

Note

When Juniper Networks devices replicate Layer 2 BUM packets to a large number of remote software virtual tunnel endpoints (VTEPs), the performance of the Juniper Networks devices might be impacted.

Before you configure VXLANs on a Juniper Networks device, using the Junos OS CLI:

  • You must perform the configuration described in Setting Up the OVSDB Protocol on Juniper Networks Devices that Support Manual Configuration of VXLANs.

  • For each OVSDB-managed VXLAN that you plan to configure on a Juniper Networks device, you must configure a logical switch in VMware NSX Manager or in the NSX API. (For information about configuring a logical switch, see the documentation that accompanies NSX Manager or the NSX API.) Based on the name and VXLAN network identifier (VNI) that you configure for the logical switch, NSX automatically generates a universally unique identifier (UUID) for the logical switch. You must retain the UUID of the logical switch for use when configuring a corresponding VXLAN on the Juniper Networks device as described in the following procedure.

To configure an OVSDB-managed VXLAN on a Juniper Networks device:

  1. Configure the VXLANs that you want OVSDB to manage. You can configure the VXLANs in the context of a bridge domain, VLAN, routing instance, or switching instance. Note

    For the name of the bridge domain or VLAN, you must specify the UUID for the logical switch configured in NSX Manager or the NSX API.

    Bridge domains:

    [edit bridge-domains bridge-domain-name vxlan]
    user@host# set ovsdb-managed


    VLANs:

    [edit vlans vlan-name vxlan]
    user@device# set ovsdb-managed


    Bridge domains within the specified routing instance:

    [edit routing-instances routing-instance-name bridge-domains bridge-domain-name vxlan]
    user@host# set ovsdb-managed


    VLANs within the specified routing instance:

    [edit routing-instances routing-instance-name vlans vlan-name vxlan]
    user@device# set ovsdb-managed


    Default switching instance within the specified routing instance:

    [edit routing-instances routing-instance-name switch-options]
    user@host# set ovsdb-managed


    All VXLAN entities within the specified routing instance:

    [edit routing-instances routing-instance-name vxlan]
    user@host# set ovsdb-managed
  2. (Optional) Enable ingress node replication to handle Layer 2 BUM traffic on interfaces in the same VXLAN in which the traffic originated. You can configure ingress node replication in the context of a bridge domain, VLAN, or routing instance.

    Bridge domains:

    [edit bridge-domains bridge-domain-name vxlan]


    VLANs:

    [edit vlans vlan-name vxlan]
    user@device# set ingress-node-replication


    Bridge domains, VLANs, or all VXLAN entities, respectively, within the specified routing instance:

    [edit routing-instances routing-instance-name bridge-domains bridge-domain-name vxlan]
    [edit routing-instances routing-instance-name vlans vlan-name vxlan]
    [edit routing-instances routing-instance-name vxlan]