VXLAN Linux, Cisco - yar145/mytestrepo1 GitHub Wiki
Using a VXLAN to create a virtual layer-2 domain for VMs
Using a VXLAN to create a virtual layer-2 domain for VMs
Cisco
Configure VXLAN Feature on Cisco IOS XE Devices
Carrier Ethernet Configuration Guide, Cisco ASR 1000 Series Aggregation Services Routers
ASR1000 : VxLAN Unicast mode Configuration and Verification
Carrier Ethernet Configuration Guide, Cisco ASR 1000 Series Aggregation Services Routers
why port redirection and DNAT does not work with vxlan
How to configure linux vxlans with multiple unicast endpoints
Configure VXLAN Feature on Cisco IOS XE Devices
Carrier Ethernet Configuration Guide, Cisco ASR 1000 Series Aggregation Services Routers
VXLAN EVPN enable STP passthrough
To pass customers BPDUs you have to use Layer 2 Gateway Spanning Tree Protocol (L2G-STP)
Detecting and Mitigating Loops in VXLAN Networks
Configuring VXLAN EVPN Multihoming Configuring Layer 2 Gateway STP
Layer 2 Gateway STP Overview
Beginning with Cisco NX-OS Release 7.0(3)I5(2), EVPN multihoming is supported with the Layer 2 Gateway Spanning Tree Protocol (L2G-STP). The Layer 2 Gateway Spanning Tree Protocol (L2G-STP) builds a loop-free tree topology. However, the Spanning Tree Protocol root must always be in the VXLAN fabric. A bridge ID for the Spanning Tree Protocol consists of a MAC address and the bridge priority. When the system is running in the VXLAN fabric, the system automatically assigns the VTEPs with the MAC address c84c.75fa.6000 from a pool of reserved MAC addresses. As a result, each switch uses the same MAC address for the bridge ID emulating a single logical pseudo root.
The Layer 2 Gateway Spanning Tree Protocol (L2G-STP) is disabled by default on EVPN ESI multihoming VLANs. Use the spanning-tree domain enable CLI command to enable L2G-STP on all VTEPs. With L2G-STP enabled, the VXLAN fabric (all VTEPs) emulates a single pseudo root switch for the customer access switches. The L2G-STP is initiated to run on all VXLAN VLANs by default on boot up and the root is fixed on the overlay. With L2G-STP, the root-guard gets enabled by default on all the access ports. Use spanning-tree domain to additionally enable Spanning Tree Topology Change Notification(STP-TCN), to be tunneled across the fabric.
evpn esi multihoming
spanning-tree domain enable spanning-tree domain 1
Pseudowire Concepts and troubleshooting
OTV
Wide-Area Networking Configuration Guide: Overlay Transport Virtualization
ASR1000 OTV Deployment Modes (OTV on a Stick)
Trying to setup OTV on ASR1000 between two sites.
Linux L2TP ethernet pseudowires
Linux L2TP ethernet pseudowires
root@tun01:# echo 1 > /proc/sys/net/ipv4/ip_forward
root@tun02:# echo 1 > /proc/sys/net/ipv4/ip_forward
root@tun-inet:~# echo 1 > /proc/sys/net/ipv4/ip_forward
root@tun01:# modprobe l2tp_eth
root@tun01:# ip l2tp add tunnel tunnel_id 1000 peer_tunnel_id 2000 encap udp local 1.1.1.2 remote 2.2.2.2 udp_sport 6000 udp_dport 5000
root@tun01:# ip l2tp add session tunnel_id 1000 session_id 3000 peer_session_id 4000
root@tun01:# ip l2tp show tunnel
root@tun02:# modprobe l2tp_eth
root@tun02:# ip l2tp add tunnel tunnel_id 2000 peer_tunnel_id 1000 encap udp local 2.2.2.2 remote 1.1.1.2 udp_sport 5000 udp_dport 6000
root@tun02:# ip l2tp add session tunnel_id 2000 session_id 4000 peer_session_id 3000
root@tun02:# ip l2tp show tunnel
root@tun01:# ip a s dev l2tpeth0
root@tun02:# ip a s dev l2tpeth0
root@tun01:# aptitude install bridge-utils
root@tun02:# aptitude install bridge-utils
root@tun01:# brctl addbr l2tp
root@tun02:# brctl addbr l2tp
root@tun01:# brctl addif l2tp eth1 l2tpeth0
root@tun02:# brctl addif l2tp eth1 l2tpeth0
root@tun01:# brctl show
bridge name bridge id STP enabled interfaces
l2tp 8000.1a8f6e043fa3 no eth1 l2tpeth0
root@tun01:# ip l set dev l2tpeth0 up
root@tun01:# ip l set dev l2tp up
root@tun02:# ip l set dev l2tpeth0 up
root@tun02:~# ip l set dev l2tp up
root@host01:~# nuttcp 192.168.0.4 nuttcp-t: v6.1.2: Error: server not ACKing data
1500B=20B(IP_HEADER)+8B(UDP_HEADER)+12B(L2TP_HEADER)+14B(ETH_HEADER)+20B(IP_HEADER)+20B(TCP_HEADER)+PAYLOAD => PAYLOAD=1406B
root@tun01:# ip link set eth1 mtu 1446
root@tun01:# iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1406:1536 -j TCPMSS --set-mss 1406
root@tun02:# ip link set eth1 mtu 1446
root@tun02:# iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1406:1536 -j TCPMSS --set-mss 1406
root@host01:~# nuttcp 192.168.0.4
45.7992 MB / 10.05 sec = 38.2292 Mbps 15 %TX 30 %RX 0 retrans 1.89 msRTT
L2TPv3
L2 Bridging Across an L3 Network Configuration Example
Xconnect over VRF Aware L2TPv3 in ASR1K
LAN and WAN Configuration Guide, Cisco IOS XE 17.x
The main issue here is that Endpoint is reachable via VRF on ASR1002. The Xconnect endpoint needs to be in Global Routing Table for it to come up. Let us now configure a route for CPE Loopback 1.1.1.1/32 in global pointing to interface GigabitEthernet0/0/0.906 which is itself in VRF.
Once the dummy static route is configured, Xconnect comes up. You can also point it to Null0. This is a workaround to let the router believe that Endpoint is reachable via Global not VRF and is just used for Control Plane. The actual data plane traffic will be via VRF only.
The IP local interface must be a loopback interface and the loopback interface cannot be in a VRF. Configuring any other interface with the "ip local interface" command results in a nonoperational setting.
# PSEUDOWIRE (ETHERNET) EMULATION – basic info – Part1 (AToM) #
PSEUDOWIRE (ETHERNET) EMULATION – basic info- Part 2 (L2TPv3)
0x0004 Ethernet Tagged Mode [RFC4448] 0x0005 Ethernet [RFC4448]