Guest

Cisco Cloud Services Router 1000V Series

Cisco CSR 1000V VxLAN Support

  • Viewing Options

  • PDF (291.9 KB)
  • Feedback

Table Of Contents

Cisco CSR 1000V VxLAN Support

Finding Feature Information

Introduction

Prerequisites for Cisco CSR 1000V VxLAN Support

Configuring the Cisco CSR 1000V as a VxLAN Layer 2 Gateway

Configuring the VxLAN UDP Destination Port (Optional)

Creating the Network Virtualization Endpoint (NVE) Interface

Creating the Access Ethernet Flow Point (EFP)

Mapping the VLAN to the Bridge Domain

Command Reference

interface nve

member

member vni

show nve interface

show nve peers

show nve vni

source-interface loopback

Additional References

Feature Information for Cisco CSR 1000V VxLAN Support

Technical Assistance


Cisco CSR 1000V VxLAN Support


First Published: November 21, 2012

This module contains information about VxLAN (Virtual eXtensible Local Area Network) Layer 2 gateway feature support on the Cisco CSR 1000V. VxLAN is a technology that provides a Layer 2 overlay network, allowing for network isolation. The standard 802.1q VLAN implementation limits the number of tags to 4096. However, cloud service providers may want to operate more than 4096 virtual networks. VxLAN uses a 24-bit network ID, which allows for a much larger number of individual i networks to be operated.

Finding Feature Information

Introduction

Prerequisites for Cisco CSR 1000V VxLAN Support

Configuring the Cisco CSR 1000V as a VxLAN Layer 2 Gateway

Command Reference

Additional References

Feature Information for Cisco CSR 1000V VxLAN Support

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Introduction

This feature enables the Cisco CSR 1000V to act as a Layer 2 VxLAN gateway to provide support to bridge traffic across VxLAN segments in a hypervisor and on VLANs on physical servers. The operation of a VxLAN Layer 2 gateway is based on the data plane MAC address learning and flooding of multidestination traffic (such as unknown unicast, multicast, or broadcast frames) using IP multicast.

Acting as a VxLAN Layer 2 gateway, the Cisco CSR 1000V can send and receive packets on multiple VxLAN networks, and provide connectivity between the hosts in a VLAN network and the virtual machines operating on a VxLAN network.

The VxLAN Layer 2 gateway performs the following functions:

Provides support to bridge traffic between a host in a VLAN domain and VMs behind a virtual switch (vSwitch) in a VxLAN domain. The VLAN and the virtual network identifier (VNI) on the VxLAN should be configured as member ports in the same bridge domain.

Implements the Virtual Tunnel Endpoint (VTEP) function, which encapsulates the Layer 2 packet on the IP/UDP tunnel with the VxLAN header (VNI) information before sending it to a multicast group or particular virtual switch on the VxLAN domain.

The VTEP function removes the VxLAN header, identifies the bridge domain under which the VNI is configured and then bridges the inner L2 packet to the VLAN side. The bridge function also learns the remote MAC address (the VM's MAC address behind the virtual switch).

The Layer 2 gateway carries the inner payload of non-IP (Layer 2 traffic), IPv4, and IPv6 traffic over the VxLAN VNI member.

Prerequisites for Cisco CSR 1000V VxLAN Support

The following are the prerequisites to configuring the Cisco CSR 1000V as a VxLAN Layer 2 gateway:

1. Configure the loopback interface.

2. Configure the IP unicast reachability to remote VTEP's.

3. Configure Bidirectional Protocol Independent Multicast (PIM).

For more information, see the IP Multicast: PIM Configuration Guide, Cisco IOS XE Release 3S.

Configuring the Cisco CSR 1000V as a VxLAN Layer 2 Gateway

Creating the Network Virtualization Endpoint (NVE) Interface

Mapping the VLAN to the Bridge Domain

Troubleshooting the VxLAN Gateway Configuration

Configuring the VxLAN UDP Destination Port (Optional)

The default VxLAN UDP destination is 8472. If you want to change the VxLAN UDP destination port value, you must change it before configuring the network virtualization endpoint (NVE) interface.

SUMMARY STEPS

1. enable

2. configure terminal

3. vxlan udp port number

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

router# configure terminal

Enters global configuration mode.

Step 3 

vxlan udp port number

Example:

Router(config)# vxlan udp port 1000

Configures the VxLAN UDP destination port number. The default value is 8472.

Creating the Network Virtualization Endpoint (NVE) Interface

You create the network virtualization endpoint (NVE) interface and then assign member virtual network identifiers (VNIs) to it. The mapping between the VNI range and the multicast group range is either one-to-one or many-to-one.

SUMMARY STEPS

1. interface nve number

2. source-interface loopback loopback interface

3. member vni number multicast-group range-group-address

4. no shutdown

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

interface nve number

Example:

Router(config)# interface nve 1

Creates a network virtualization endpoint (NVE) interface and enters NVE interface configuration mode.

Step 2 

source-interface loopback number

Example:
Router(config-if)# source-interface loopback 0

Assigns the previously-created loopback interface to the NVE interface.

Step 3 

member vni {number | startnumber-endnumber} multicast-group startip-address endip-address

Example:
Router(config-if)# member vni 7115 
multicast-group 225.1.1.1 225.100.100.100

Creates a VNI member or a range of VNI members. Repeat this step for each VNI to be added to the NVE interface. The valid values for the VNI number are from 4096 to 16777215.

Step 4 

no shutdown

Example:

Router(config-if)# no shutdown

Enables the NVE interface.

Creating the Access Ethernet Flow Point (EFP)

After the member VNI is created, you must create the access Ethernet Flow Point (EFP) for the VLAN interface.

SUMMARY STEPS

1. interface GigabitEthernet number

2. service-instance interface id ethernet

3. encapsulation dot1q vlan-ID

4. rewrite ingress tag pop 1 symmetric

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

interface GigabitEthernet number

Example:

Router(config)# interface GigabitEthernet1

Enters interface configuration mode.

Step 2 

service-instance interface id ethernet

Example:

Router(config-if)# service-instance interface 20 ethernet

Configures an Ethernet service instance on the overlay interface being configured and enters service instance configuration mode.

The service-instance identifier range is from 1 to 8000.

Step 3 

encapsulation dot1q vlan-ID

Example:

Router(config-if-srv)# encapsulation dot1q 100

Defines the VLAN encapsulation format as IEEE 802.1Q and specifies the VLAN identifier.

Step 4 

rewrite ingress tag pop 1 symmetric

Example:

Router(config-if-srv)# rewrite ingress tag pop 1 symmetric

Removes the VLAN tag in the Layer 2 traffic before switching to the outgoing VxLAN interface.


Note This command is required to remove the VLAN tag before sending the VLAN traffic to VxLAN and adding the VLAN tag in the reverse direction.


Mapping the VLAN to the Bridge Domain

You must map the VLAN created in the previous procedure to the bridge domain.

SUMMARY STEPS

1. bridge-domain bridge-id

2. member interface service-instance id

3. member vni vni-id

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

bridge-domain bridge-id

Example:

Router(config)# bridge-domain 10

Creates a bridge domain and enters bridge domain configuration mode.

Step 2 

member interface service-instance id

Example:

Router(config-bdomain)# member
gigabitEthernet 1 service-instance 1

Binds the bridge domain to the service instance.

Step 3 

member vni vni-id

Example:
Router(config-bdomain)# member vni 1010

Maps the VNI to the bridge domain.

The following example displays the NVE VNIs configured on the router:

Router# show nve vni 
Interface  VNI          mcast       VNI state
nve1       1010        239.0.0.0      UP
nve2       2010        239.0.0.0      UP
 
 

The following example displays the NVE VNIs assigned to NVE interface 1:

Router(config)# show nve vni interface nve1
Interface  VNI          mcast       VNI state
nve1       1010        239.0.0.0      UP
nve1       1110        239.0.0.0      UP
 
 

The following example shows the status of NVE interface 1:

Router(config)# show nve interface nve1
Interface: nve1, State:up, encapsulation:VXLAN 
source-interface: Lo1 (primary:1.1.1.1, secondary:1.1.1.2)
 
 

The following example shows a detailed display for NVE interface 1:

Router(config)# show nve interface nve1 detail
Interface: nve1, State:up, encapsulation:VXLAN 
source-interface: Lo1 (primary:1.1.1.1, secondary:1.1.1.2)
 
 
VNI          mcast       VNI state
1010        239.0.0.0       UP
1110        239.0.0.0       UP
 
 

The following example shows the NVE peers configured on the router:

Router(config)# show nve peers
Interface Peer-IP         VNI      Up Time
nve1       1.1.1.2        1010      10h
nve2       1.1.1.3        2030      20h  
 
 

The following example shows the bridge domain configuration with the entry in bold displaying the VM's MAC address that was learned on the VxLAN VNI:

Router# show bridge-domain 1000
Bridge-domain 1000 (3 ports in all)
State: UP                    Mac learning: Enabled
Aging-Timer: 300 second(s)
    GigabitEthernet1 service instance 1000
    GigabitEthernet3 service instance 1000
    vni 7639335
   MAC address    Policy  Tag      Age  Pseudoport
   FFFF.FFFF.FFFF flood   static   0    OLIST_PTR:0xe9c2b410
   0050.56A4.ECD2 forward dynamic  297  nve1.VNI7639335 VxLAN [src:10.0.0.1  dst:10.0.0.2]
   0050.56A4.257A forward dynamic  297  GigabitEthernet3.EFP1000
 
 

Command Reference

interface nve

member

member vni

show nve interface

show nve peers

show nve vni

source-interface loopback

interface nve

To create a network virtualization endpoint (NVE) interface and enter NVE interface configuration mode, use the interface nve command in global configuration mode. To remove the NVE interface, use the no form of this command.

interface nve number

no interface nve number

Syntax Description

number

The NVE interface number.


Command Modes

Global configuration (config)

Command History

Release
Modification

Cisco IOS XE Release 3.11S

This command was introduced on the Cisco CSR 1000V.


Examples

The following example enters NVE interface mode:

Router(config)# interface nve 1

Router(config-if)# 

Related Commands

Command
Description

source interface-loopback

Assigns a previously created loopback interface to an NVE interface.


member

To create a VNI member or range of members and map them to a multicast group, use the member command in NVE interface configuration mode. To delete the VNI member or range, use the no form of this command.

member vni {number | startnumber-endnumber} multicast-group startip-address endip-address

no member vni {number | startnumber-endnumber}

Syntax Description

vni

The member VNI.

number

The VNI number. The valid values are from 4096 to 16777215.

startnumber-
endnumber

The starting and ending VNI numbers when entering a range.

multicast-group

The multicast group.

start-ip-address

The starting IPv4 address for the multicast group.

endip-address

The ending IPv4 address for the multicast group.


Command Modes

NVE interface configuration (config-if)

Command History

Release
Modification

Cisco IOS XE Release 3.11S

This command was introduced on the Cisco CSR 1000V.


Examples

The following command creates VNI member 7115, and assigns it to NVE interface 1:
Router(config)# interface nve 1
Router(config-if)# member vni 7115 multicast-group 225.1.1.1 225.100.100.100
 
 
The following command creates a VNI member range from 6010 to 6030 and assigns it to NVE 
interface 1:
Router(config)# interface nve 1
Router(config-if)# member vni 7115 multicast-group 225.1.1.1 225.100.100.100

Related Commands

Command
Description

interface nve

Configures the NVE interface and enters NVE interface configuration mode.

source interface-loopback

Assigns a previously created loopback interface to an NVE interface.


member vni

To map a virtual network identifier to a bridge domain, use the member vni command in bridge-domain configuration mode. To remove the VNI from the bridge domain, use the no form of this command.

member vni vni-id

no member vni vni-id

Syntax Description

vni-id

The VNI number to be mapped to the bridge domain.


Command Modes

Bridge-domain configuration (config-bdomain)

Command History

Release
Modification

Cisco IOS XE Release 3.11S

This command was introduced on the Cisco CSR 1000V.


Examples

The following example map a virtual network identifier to a bridge domain:
Router(config)# bridge-domain 10
Router(config-bdomain)# member vni 1010

Related Commands

Command
Description

member service-instance

Binds a bridge domain to the service instance.


show nve interface

To display the network virtualization endpoint (NVE) interface information, use the show nve interface command in privileged EXEC mode.

show nve interface nve-interface [detail]

Syntax Description

nve-interface

The NVE interface.

detail

(Optional) Displays detailed information about the NVE interface.


Command Modes

EXEC (#)

Command History

Release
Modification

Cisco IOS XE 3.11S

This command was introduced on the Cisco CSR 1000V.


Examples

The following example shows the status of NVE interface 1:

Router# show nve interface nve1
Interface: nve1, State:up, encapsulation:VXLAN 
source-interface: Lo1 (primary:1.1.1.1, secondary:1.1.1.2)
 
 

The following example shows a detailed display for NVE interface 1:

Router# show nve interface nve1 detail
Interface: nve1, State:up, encapsulation:VXLAN 
source-interface: Lo1 (primary:1.1.1.1, secondary:1.1.1.2)
 
 
VNI          mcast       VNI state
1010        239.0.0.0       UP
1110        239.0.0.0       UP

Table 2 describes the significant fields shown in the display.

Table 1 show nve interface Field Descriptions

Field
Description

VNI

The VNI number.

mcast

The multicast address.

VNI state

The current state of the VNI.


Related Commands

Command
Description

show nve peers

Displays the NVE peers configured on the router.

show nve vni

Displays the NVE VNIs configured on the router.


show nve peers

To display the network virtualization endpoint (NVE) peers configured on the router, use the show nve peers command in EXEC mode.

show nve peers

Syntax Description

This command has no arguments or keywords.

Command Modes

EXEC (#)

Command History

Release
Modification

Cisco IOS XE Release 3.11S

This command was introduced on the Cisco CSR 1000V.


Examples

The following example shows the NVE peers configured on the router:

Router# show nve peers
Interface Peer-IP         VNI      Up Time
nve1       1.1.1.2        1010      10h
nve2       1.1.1.3        2030      20h
 
 

Table 2 describes the significant fields shown in the display.

Table 2 show nve peers Field Descriptions

Field
Description

Interface

The NVE interface.

Peer-IP

The peer IP address of the NVE interface.

VNI

The VNI number.

Up Time

The length of time for which the NVE interface has been up.


Related Commands

Command
Description

show nve interface

Displays the NVE interface information.

show nve vni

Displays the NVE VNIs configured on the router.


show nve vni

To display the network virtualization endpoint (NVE) VNIs configured on the router, use the show nve vni command in EXEC mode.

show nve vni [interface nve-interface]

Syntax Description

interface nve-interface

(Optional) Specifies the NVE interface.


Command Modes

EXEC (#)

Command History

Release
Modification

Cisco IOS XE Release 3.11S

This command was introduced on the Cisco CSR 1000V.


Examples

The following example displays all the NVE VNIs configured on the router:

Router# show nve vni 
Interface  VNI          mcast       VNI state
nve1       1010        239.0.0.0      UP
nve2       1110        239.0.0.0      UP

The following example displays the NVE VNIs assigned to NVE interface 1:

Router# show nve vni interface nve1
Interface  VNI          mcast       VNI state
nve1       1010        239.0.0.0       UP
nve1       1110        239.0.0.0       UP
 
 

Table 3 describes the significant fields shown in the display.

Table 3 show nve vni Field Descriptions

Field
Description

Interface

The NVE interface.

VNI

The VNI.

mcast

The multicast address for the NVE interface.

VNI state

The state of the VNI.


Related Commands

Command
Description

show nve interface

Displays the NVE interface information.

show nve peers

Displays the NVE peers configured on the router.


source-interface loopback

To assign a previously created loopback interface to an NVE interface, use the source- interface loopback command in NVE interface configuration mode. To remove the loopback interface from the NVE interface, use the no form of this command.

source-interface loopback number

no source-interface loopback number

Syntax Description

number

The loopback interface assigned to the NVE interface.


Command Modes

NVE interface configuration (config-if)

Command History

Release
Modification

Cisco IOS XE Release 3.11S

This command was introduced on the Cisco CSR 1000V.


Examples

The following example maps a loopback interface to an NVE interface:
Router(config)# interface nve 1
Router(config-if)# source-interface loopback 0

Related Commands

Command
Description

interface nve

Configures the NVE interface and enters NVE interface configuration mode.


Additional References

Related Documents

Related Topic
Document Title

Cisco CSR 1000V installation and software configuration

Cisco CSR 1000V Series Cloud Services Router Software Configuration Guide


Feature Information for Cisco CSR 1000V VxLAN Support

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Table 4 Feature Information for CSR VxLAN Support

Feature Name
Releases
Feature Configuration Information

CSR VxLAN Support

Cisco IOS XE Release 3.11S

This feature was introduced on the Cisco CSR 1000V.


Technical Assistance

Description
Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html