OPBNOS R2.7
Release
  • Open Packet Broker
  • What's New?
  • Getting Started
    • Licensing
    • Limitations
    • Image Management
      • Installing OPBNOS from ONIE
      • Installing OPBNOS from USB Drive
      • Removing available images
      • Rebooting the Switch
    • Supported Platforms
    • Scalability
    • Downloads
  • CLI Configuration Guide
    • Configuring License
    • Configuring Hostname
    • Configuring Username
    • On-Box FlowVision
    • Configuring AAA
      • Configuring AAA
      • Configuring TACACS
      • Configuring RADIUS
    • Configure Packet Timestamping
    • Interface Management
      • Configuring Management Interface
      • Configuring Physical Interface
    • Link Layer Discovery Protocol (LLDP)
      • Enabling LLDP
      • Displaying LLDP Neighbors
    • Configuring Interface Description
    • Configuring Auto Negotiation
    • Configuring FEC
    • Configuring Maximum Transition Unit
    • Configuring Port Speed
    • Configuring Interface Type
    • Configuring VLAN Modes
    • Configuring Loopback Mode
    • Configuring Packet Slicing
    • Configuring Ingress VLAN
    • Configuring Egress Tagging
    • Configuring Rx-only
    • Configuring Tx-only
    • Configuring An-clause
    • Configuring PortChannel
    • Configuring LAG Hash
    • Configuring Flows and Rules
      • Configuring Network Ports
      • Configuring Tool Ports
      • Configuring Flows
      • Configuring Flow Description
      • Configuring Flow Rules (NVIDIA)
      • Configuring Flow Rules (Broadcom)
      • Configuring Flow Match Expression Rules
      • Configuring Flow UDF Rules
      • Configuring Push/Pop VLAN
      • Configuring Flow Override Action(s)
      • Display Flow Information
      • Clear Flow Counters
    • Configuring GTP Flow
    • Configuring IPv6 Reachability Check
    • Configuring VXLAN Flow
    • Configuring VXLAN Stripping
    • Configuring SNMP
      • Configure SNMP community
      • Configuring SNMP Trap
      • Configuring SNMP Threshold
      • Configuring SNMP User
      • Configuring SNMP Location
      • Configuring SNMP Contact
    • Configuring SYSLOG
    • Ping
    • Traceroute
    • Configuring NTP
    • Configuring Timezone
    • Configuring sFlow
    • Display Interface Information
      • Front Panel Port Mapping
    • Display System Information
      • Interface Transceiver Information
      • System Uptime
      • Reboot Cause
      • Show Environment
      • Show System Memory
      • Show Docker Memory
      • Show Services
      • Show Platform Fan
      • Show platform pcieinfo
      • Show Platform PSU
      • Show Platform SSD
      • Show Platform Summary
      • Show Platform Syseeprom
      • Show Platform Temperature
    • Configuration Management
      • Copying Configuration from Switch
      • Copying Running and Startup Configuration
      • Saving Configuration
      • Display Configuration
      • Clearing Startup configuration
    • Zero Touch Provisioning
      • DHCP Discovery
      • ZTP Boot File
      • Enable ZTP
    • Troubleshooting
  • Aviz FlowVision Graphical User Interface Guide
    • FlowVision Controller Installation
      • FV ESXi Host Installation
      • FV VirtualBox Installation
    • System
      • Viewing the Dashboard
      • Accessing System and Device Information
      • Managing Topologies
      • Managing Devices
      • Viewing System Log
      • Managing Users
      • Performing Backup and Restore
      • Viewing Audit Logs
    • Configuration
      • Configuring Ports
      • Configuring Port Groups
      • Configuring Rule Templates
      • Configuring Flows
      • Configuring SNMP Trap
    • Statistics
      • Viewing Port Statistics
      • Viewing Flow Statistics
    • Help
  • REST API Guide
    • FLOW
    • Interface Management
    • Port Channel
    • LLDP
    • SNMP
    • System and Platform
    • Statistics
  • Use Cases
    • For Engineers
      • VxLAN Deployment (NVIDIA)
      • GTP Deployment
      • Truncation and Load Balancing
      • Ingress VLAN and Egress Tagging
      • Loopback-mode Port
      • VXLAN Stripping
      • VLAN Mode/Tag Actions
    • Command Reference
      • Converting Network-to-Tool port
      • Configuring 1G Electrical SFP
      • Enabling FlowVision On-box Support
  • Solution Integration
    • Network Visibility and Analysis with OPB, Arkime, Elasticsearch & Kibana
      • Installation Pre-Requisites
      • Solution Components
      • Configuring OPBNOS
      • Installing Arkime
      • Installing Kibana
      • Troubleshooting
  • Support
    • How to contact Aviz Networks Support?
Powered by GitBook
On this page
  • Configuration steps on the OPB switch
  • Configuration and ping check on the Peer Node

Was this helpful?

Export as PDF
  1. CLI Configuration Guide

Configuring IPv6 Reachability Check

PreviousConfiguring GTP FlowNextConfiguring VXLAN Flow

Last updated 5 months ago

Was this helpful?

Before sending the VXLAN encapsulated packets to the OPBNOS switch, the peer node can check the IPv6 reachability to the switch using the ping command. Here, we can configure multiple vlan and SVI configurations with multiple IPv6 to each vlan. Each IPv6 would be reachable(ping check) from the peer node. It ensures proper handling of VXLAN and ICMP packets through flow-based rules.

This feature is supported only on the Nvidia platforms

Configuration steps on the OPB switch

1. Create VLAN

pbnoscli# configure terminal 
pbnoscli(config)# vlan <vlan-id>
pbnoscli(config)# end
pbnoscli# save

2. SVI Configuration (Configure IPv6 to Switched Virtual Interface with VLAN)

pbnoscli# configure terminal
pbnoscli(config)# interface vlan <vlan-id> //associated with one VLAN only
pbnoscli(config-if)# ip add <ipv6-address/64>
pbnoscli(config-if)# ip add <ipv6-address/64>
..
..
pbnoscli(config-if)# end
pbnoscli#save

3. VLAN Membership (Static)

pbnoscli# configure terminal
pbnoscli(config-if)# interface ethernet <Ethernet Name>
pbnoscli(config-if)# switchport vlan <vlan-id>
pbnoscli(config-if)# end
pbnoscli# save

4. VXLAN Encapsulation and Packet Handling

When the peer device checks for OPBNOS reachability, certain types of packets, including ARP, ICMP, and ICMPv6, need to be processed along with the VXLAN packet that needs to be forwarded. But to achieve this PING related packets are lifted to the CPU.

There are two types of traffic discussed:

  1. ICMP/ICMPv6 Traffic for Reachability: The CPU should always process this traffic.

  2. VXLAN Data Traffic from the Peer: This traffic should always be handled in the data path or hardware.

However, when a flow is configured to match all IP traffic, ICMP/ICMPv6 packets are also matched and forwarded to tool ports, which causes the ping to fail. To address this, we added a flow provision to send only ICMP/ICMPv6 packets to the CPU for ping handling, while the rest of the data traffic is handled and forwarded by the hardware.

Example

pbnoscli# configure terminal
pbnoscli(config)# flow flow1
pbnoscli(config-flow-flow1)# network-ports Ethernet2/1
pbnoscli(config-flow-flow1)# tool-ports Ethernet32/1 
pbnoscli(config-flow-flow1)# rule 10 permit ethertype 0x0806 counters enable 
pbnoscli(config-flow-flow1)# rule 10 action override-to cpu 
pbnoscli(config-flow-flow1)# rule 20 permit protocol 1 counters enable 
pbnoscli(config-flow-flow1)# rule 20 action override-to cpu 
pbnoscli(config-flow-flow1)# rule 30 permit protocol 58 counters enable 
pbnoscli(config-flow-flow1)# rule 30 action override-to cpu 
pbnoscli(config-flow-flow1)# rule 40 permit match-all ipv6 counters enable
pbnoscli(config-flow-flow1)# end
pbnoscli# save

If the vxlan packet is not destined to OPBNOS, add another rule and set dest-mac from the tunnel Source MAC

Example

rule 50 action overwrite dest-mac 1c:34:da:24:de:00 dest-port 4789

EtherType and Protocol Numbers to Distinguish ARP, ICMP, and ICMPv6:

  • ARP: EtherType 0x0806

  • IPv4 Ping (ICMP): Protocol Number 1

  • IPv6 Ping (ICMPv6): Protocol Number 58

Configuration and ping check on the Peer Node

1. Configure IPv6 on interfaces(not associated with VLAN)

// sonic command
sudo config interface ip add <Ethernet Name> <ipv6-address/64>

2. Ping to the IPv6 address configured on the OPBNOS switch

ping <ipv6-address>