Manually Configuring VXLANs on QFX Series and EX4600 Switches

 

You can configure QFX5100, QFX5110, QFX5200, QFX5210, and EX4600 switches to act as a VTEP. (If the switch is acting as a transit Layer 3 switch for downstream VTEPs, you do not need to perform the steps in this topic as no special configuration is needed.)

Note

To ensure that QFX Series and EX4600 switches that are configured to act as VTEPs function properly, you must enable a routing protocol, for example, OSPF, on the VTEPs’ loopback interface and Layer 3 interfaces. For more information about configuring OSPF on a VTEP, see Examples: Manually Configuring VXLANs on QFX Series and EX4600 Switches.

Configuring a Source IP Address

On a switch that will act as a VTEP, you must configure an IP address that will be used as the source address in the outer IP header of the VXLAN packet. This is the VXLAN tunnel source address.

  1. Create a reachable IPv4 address on the loopback interface.
    [edit]

    user@switch# set interfaces lo0.0 unit 0 family inet address ip-address
  2. Configure the address to be used as the tunnel source address.
    [edit]

    user@switch# set switch-options vtep-interface-source lo0.0

Configuring PIM for VXLANs

If you are not using an SDN controller to create a VXLAN control plane, you must enable PIM on the switch so that the VTEP can use multicast groups to establish reachability with other VTEPs and to forward BUM traffic.

  1. Enable PIM on the interface that connects to the Layer 3 network. This is the interface that performs the VXLAN encapsulation and de-encapsulation.
    [edit]

    user@switch# set protocols pim interface interface-name
  2. Configure the address of a PIM rendezvous point.
    [edit]

    user@switch# set protocols pim rp static address ip-address

Configuring VXLANs

You configure VXLANs under the vlan stanza (which is why QFX5100, QFX5110, QFX5200, QFX5210, and EX4600 switches support 4000 VXLANs). You must also configure the server-facing interfaces to be VLAN members.

  1. Create a VLAN to VXLAN mapping and assign a multicast group address to the VXLAN. All members of a VXLAN must use the same multicast group address.
    [edit]

    user@switch# set vlans name vlan-id ID vxlan vni ID multicast-group multicast-group-address
  2. (Optional) Configure the switch to retain the original VLAN tag (in the inner Ethernet packet) after VXLAN encapsulation. By default, the original tag is dropped when the packet is encapsulated.
    [edit]

    user@switch# set vlans name vxlan encapsulate-inner-vlan
  3. (Optional) Configure the switch to de-encapsulate and accept original VLAN tags in VXLAN packets. By default, the original tag is dropped when the packet is encapsulated.
    [edit]

    user@switch# set protocols l2-learning decapsulate-accept-inner-vlan
  4. Configure server-facing interfaces to support multiple VLANs.
    [edit]

    user@switch# set interfaces interface unit unit family ethernet-switching interface-mode trunk


    [edit]

    user@switch# set interfaces interface unit unit family ethernet-switching vlan members all

    You must create a VLAN to VXLAN mapping for each VLAN that will need Layer 2 connectivity over the Layer 3 network.

Related Documentation