Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

vxlan-disable-copy-tos-decap

Syntax

Hierarchy Level

Description

Disable copying the Type of Service (ToS) field from the outer IP header in a Virtual Extensible LAN (VXLAN) packet to the inner IP header when de-encapsulating the original packet. The ToS field includes values for differentiated services code points (DSCP) and explicit congestion notification (ECN).

In networks where you configure quality of service (QoS) options, traffic moving through the network might include a DSCP value in the ToS field of the IP header for classifying and policing packets. Similarly, network nodes might use the ECN bits in the ToS field of the IP header to enable end-to-end notification of network congestion so the sender can reduce the transmission rate before nodes must start dropping packets. If you have VXLAN tunnels configured in your network, when encapsulating the original packet in the VXLAN header, some devices (such as the QFX5000 line of switches) copy the DSCP and ECN bits from the original packet's IP header (the inner IP header) to the VXLAN IP header (the outer IP header) by default. At the other end of the tunnel, the same types of devices de-encapsulate the packet and copy the outer IP DSCP and ECN bits back to the inner IP header.

However, some devices (such as the QFX10000 line of switches) don't have the ability to copy ToS field bits upon VXLAN encapsulation and de-encapsulation. As a result, you might see unexpected results if the devices on both ends of the tunnel don't consistently copy the ToS bits during encapsulation and de-encapsulation. For example, the decapsulating node might overwrite the inner IP header DSCP bits in a packet with 000000, which inadvertently lowers the priority of the packet to best effort.

To account for these differences in VXLAN encapsulation behavior, you can configure the vxlan-disable-copy-tos-encap statement to disable copying ToS field values from inner to outer IP headers during encapsulation. Similarly, you can configure the vxlan-disable-copy-tos-decap statement to disable copying ToS values from the outer IP header back to the inner IP header during de-encapsulation.

Default

Copying ToS bits during VXLAN tunnel de-encapsulation is enabled on supporting devices.

Note:

Some platforms support copying and disabling copy of only the DSCP bits in the ToS field, and not the ECN bits. Other platforms (such as EX4650 and QFX5120 switches) support copying and disabling copy of both the DSCP and ECN bits. See Feature Explorer for specific platform and release version support details.

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to a configuration.

Release Information

Statement introduced in Junos OS Release 18.4R2 to disable copying the DSCP bits in the ToS field during VXLAN de-encapsulation.

Support added in Junos OS Release 21.1R1 for copying and disabling copy of ECN bits in the ToS field during VXLAN de-encapsulation.