Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Static VXLAN

 

Juniper Networks supports the static Virtual Extensible LAN (VXLAN) feature in a small multichassis link aggregation group (MC-LAG) network. For more information, see these topics:

Understanding Static VXLAN

Static Virtual Extensible LAN (VXLAN), also known as unicast VXLAN, enables you to statically configure source and destination virtual tunnel endpoints (VTEPs) for a particular traffic flow. A source VTEP encapsulates and a destination VTEP de-encapsulates Layer 2 packets with a VXLAN header, thereby tunneling the packets through an underlying Layer 3 IP network.

Starting in Junos OS Release 14.1X53-D40, Juniper Networks supports static VXLAN in small MC-LAG networks.

This topic includes the following information:

Benefits of Static VXLAN

  • Instead of using an Ethernet VPN (EVPN) control plane to learn the MAC addresses of hosts, static VXLAN uses a flooding-and-learning technique in the VXLAN data plane. Therefore, using static VXLAN reduces complexity in the control plane.

  • For a small MC-LAG network, EVPN might be overly complex to configure and maintain. Static VXLAN provides the benefits of VXLAN and is relatively easy to design and configure.

How Static VXLAN Works

To enable static VXLAN on a Juniper Networks device that functions as a VTEP, you must configure:

  • A list that includes one or more remote VTEPs with which the local VTEP can form a VXLAN tunnel.

  • Ingress node replication.

  • The VTEP’s loopback interface (lo0):

    • Configure an anycast IP address as the primary interface.

    • Specify this interface as the source interface for a VXLAN tunnel.

When a VTEP receives a broadcast, unknown unicast, or multicast (BUM) packet, the VTEP uses ingress node replication to replicate and flood the packet to the statically defined remote VTEPs on your list. The remote VTEPs in turn flood the packet to the hosts in each VXLAN of which the VTEPs are aware.

The VTEPs learn the MAC addresses of remote hosts from the VTEPs on the remote VTEP list and the MAC addresses of local hosts from the local access interfaces. Upon learning a MAC address of a host, the MAC address is then added to the Ethernet switching table.

Supported Static VXLAN Use Case

We support static VXLAN in a small network in which MC-LAGs are implemented. In the MC-LAG network shown in Figure 1:

Figure 1: Sample MC-LAG Network with Static VXLAN
 Sample MC-LAG Network
with Static VXLAN
  • The bottom layer includes hosts (Host 1 through Host 4), each of which is multihomed to leaf devices and is a member of a VXLAN.

  • The middle layer includes leaf devices (Leaf 1 through Leaf 4), each of which functions as a Layer 2 VXLAN gateway. In addition, Leaf 1 and Leaf 2 form an MC-LAG and together, both leaf devices function as VTEP 1. Leaf 3 and Leaf 4 form another MC-LAG and function as VTEP 2.

  • The top layer includes spine devices (Spine 1 and Spine 2), which form an MC-LAG. These devices function as IP routers.

Note the following about the configuration of Leaf 1 through Leaf 4 on which static VXLAN is configured:

  • Instead of EVPN, static VXLAN is enabled.

  • Each leaf device is an MC-LAG member and functions along with its MC-LAG peer as a VTEP. That is, two physical leaf devices make up each virtual VTEP. This situation impacts the configuration in the following ways:

    • On each leaf device that forms a VTEP, you must configure the same loopback address.

    • On each leaf device that forms a VTEP, you must configure the same remote VTEP list.

    For a sample configuration, see Configuring Static VXLAN.

  • Instead of an IP multicast feature, ingress node replication is enabled.

Configuring Static VXLAN

You can implement Virtual Extensible LAN (VXLAN) in a small multichassis link aggregation group (MC-LAG) network using the static VXLAN feature. In the MC-LAG network, Juniper Networks devices function as source and destination virtual tunnel endpoints (VTEPs). In this environment, static VXLAN serves two purposes:

  • To learn the MAC addresses of hosts in a VXLAN. To accomplish this task, static VXLAN uses the ingress node replication feature to flood broadcast, unknown unicast, and multicast (BUM) packets throughout a VXLAN. The VTEPs learn the MAC addresses of remote hosts from the VTEPs on the remote VTEP list and the MAC addresses of local hosts from the local access interfaces. Upon learning of a host’s MAC address, the MAC address is then added to the Ethernet switching table.

  • To encapsulate Layer 2 packets with a VXLAN header and later de-encapsulate the packets, thereby enabling them to be tunneled through an underlying Layer 3 IP network. For this task to be accomplished, on each VTEP, you configure a list of statically defined remote VTEPs with which the local VTEP can form a VXLAN tunnel.

To ensure that you understand how to configure the loopback address and remote VTEP list on each Juniper Networks device that functions as a VTEP, see Figure 2 and Table 1.

In the sample MC-LAG network shown in Figure 2, note that each VTEP (VTEP 1 and VTEP 2) comprises two physical leaf devices. That is, the two physical leaf devices function as a single virtual entity. As a result, for both leaf devices that compose a VTEP, you must configure the following:

  • The same loopback anycast IP address.

  • The same remote VTEP list.

Figure 2: Sample MC-LAG Network with Static VXLAN
Sample MC-LAG Network
with Static VXLAN

Table 1 shows the sample loopback address and remote VTEP list configured on each leaf device in the network.

Table 1: Sample Static VXLAN Configurations

Static VXLAN Parameters

VTEP 1:

Leaf 1 Configuration

VTEP 1:

Leaf 2 Configuration

VTEP 2:

Leaf 3 Configuration

VTEP 2:

Leaf 4 Configuration

Loopback anycast IP address

192.88.99.110/32

192.88.99.110/32

192.88.99.120/32

192.88.99.120/32

Remote VTEP list

192.88.99.120

192.88.99.120

192.88.99.110

192.88.99.110

Before You Begin

  • Verify that Ethernet VPN (EVPN) is not enabled on the Juniper Networks devices that function as leaf devices.

  • Verify that IP multicast is not enabled on the leaf devices.

Note

This procedure focuses on configuring the static VXLAN feature. It does not show how to configure peripheral but related entities such as interfaces, VLANs, and so on. However, the sample configuration that follows the procedure includes a more comprehensive configuration, including the related entities.

To enable static VXLAN on a leaf device:

  1. Configure the loopback interface (lo0).
    1. Specify an anycast IP address as the primary address for the loopback interface.
      [edit]

      user@switch# set interfaces lo0 unit logical-unit-number family inet address anycast-ip-address primary
    2. Specify the loopback interface as the source interface for VXLAN tunnels.
      [edit]

      user@switch# set switch-options vtep-source-interface lo0.logical-unit-number
  2. Create a list of statically defined remote VTEPs.
    [edit]

    user@switch# set switch-options remote-vtep-list remote-vtep-loopback address(es)
  3. For each VXLAN, enable ingress node replication.
    [edit]

    user@switch# set vlans vxlan-name vxlan ingress-node-replication

Sample Static VXLAN Configuration

These show configuration output snippets display a static VXLAN sample configuration for leafs 1 and 2 (VTEP 1) and include the parameters outlined in Table 1.

Release History Table
Release
Description
Starting in Junos OS Release 14.1X53-D40, Juniper Networks supports static VXLAN in small MC-LAG networks.