Manually Configuring VXLANs on QFX Series and EX4600 Switches
You can configure QFX5100, QFX5110, QFX5200, QFX5210, and EX4600 switches to act as a VTEP. (If the switch is acting as a transit Layer 3 switch for downstream VTEPs, you do not need to perform the steps in this topic as no special configuration is needed.)
To ensure that QFX Series and EX4600 switches that are configured to act as VTEPs function properly, you must enable a routing protocol, for example, OSPF, on the VTEPs’ loopback interface and Layer 3 interfaces. For more information about configuring OSPF on a VTEP, see Examples: Manually Configuring VXLANs on QFX Series and EX4600 Switches.
Configuring a Source IP Address
On a switch that will act as a VTEP, you must configure an IP address that will be used as the source address in the outer IP header of the VXLAN packet. This is the VXLAN tunnel source address.
- Create a reachable IPv4 address on the loopback interface.
user@switch# set interfaces lo0.0 unit 0 family inet address ip-address
- Configure the address to be used as the tunnel source
user@switch# set switch-options vtep-interface-source lo0.0
Configuring PIM for VXLANs
If you are not using an SDN controller to create a VXLAN control plane, you must enable PIM on the switch so that the VTEP can use multicast groups to establish reachability with other VTEPs and to forward BUM traffic.
- Enable PIM on the interface that connects to the Layer
3 network. This is the interface that performs the VXLAN encapsulation
user@switch# set protocols pim interface interface-name
- Configure the address of a PIM rendezvous point.
user@switch# set protocols pim rp static address ip-address
You configure VXLANs under the vlan stanza (which is why QFX5100, QFX5110, QFX5200, QFX5210, and EX4600 switches support 4000 VXLANs). You must also configure the server-facing interfaces to be VLAN members.
- Create a VLAN to VXLAN mapping and assign a multicast
group address to the VXLAN. All members of a VXLAN must use the same
multicast group address.
user@switch# set vlans name vlan-id ID vxlan vni ID multicast-group multicast-group-address
- (Optional) Configure the switch to retain the original
VLAN tag (in the inner Ethernet packet) after VXLAN encapsulation.
By default, the original tag is dropped when the packet is encapsulated.
user@switch# set vlans name vxlan encapsulate-inner-vlan
- (Optional) Configure the switch to de-encapsulate and
accept original VLAN tags in VXLAN packets. By default, the original
tag is dropped when the packet is encapsulated.
user@switch# set protocols l2-learning decapsulate-accept-inner-vlan
- Configure server-facing interfaces to support multiple
user@switch# set interfaces interface unit unit family ethernet-switching interface-mode trunk
user@switch# set interfaces interface unit unit family ethernet-switching vlan members all
You must create a VLAN to VXLAN mapping for each VLAN that will need Layer 2 connectivity over the Layer 3 network.