1 of 8

For Engineers

VxLAN Deployment (NVIDIA)

VxLAN is an encapsulation protocol that provides data center connectivity using tunnelling to stretch Layer 2 connections over an underlying Layer 3 network. In Datacenters, VxLAN is used to create overlay networks that sit on top of the physical network, enabling the use of virtual networks.

It uses a VLAN-like encapsulation technique to encapsulate OSI layer 2 Ethernet frames within layer 4 UDP datagrams. VxLAN endpoints, which terminate the VxLAN tunnel, may be either virtual or physical switch ports, which are known as VxLAN tunnel endpoints (VTEPs).

The following image shows a visual representation of the VxLAN deployment:

Configuration

1. Configure Network/Tool port(s) (DUT-1)

The Tunnel port on both sides should be a tool port

2. Configure the VxLAN tunnel(DUT-1)

3. configure Flow to the Tunnel (DUT-1)

4. Configure Network/Tool port(s) (DUT-2)

5. Configure Tunnel at far-end(DUT-2)

6. Configure Flow to match traffic from the Tunnel (DUT-2)

7. Verify

GTP Deployment

GPRS Tunnelling Protocol (GTP) is a group of IP-based communications protocols defined in 3GPAA used to carry General Packet Radio Service(GPRS) within GSM, UMTS, 4G-LTE and 5G radio networks. The GTP deployment has the following features:

GTP Parsing to support single extension header
Rule matching based on the inner header (IP address, L4 Ports, TEID)
Symmetric load balancing on both inner and outer IP (v4/v6) headers

The following image shows a visual representation of the GTP deployment:

Configuration

1. Configure Network/Tool port(s)

2. Enable GTP filtering

3. Configure flow with rules to filter GTP traffic

4. Verify the interfaces

5. Verify the flow

Truncation and Load Balancing

Packet truncation, also called packet slicing, involves discarding bytes from a packet. It removes the payload and provides only the necessary metadata for analysis, and thereby reducing the disk storage requirement at the tool farms.

Port-channel by default provides symmetric hashing for IPv4 and IPv6 traffic, making the source-destination pair redirected to the same tool-connected port(s).

The following image shows a visual representation of truncation and load balancing:

Configuration:

1. Configure Network/Tool port(s)

2. Configure packet truncation

3. Configure port-channel with Tool port(s)

4. Configure flow

5. Verify

Ingress VLAN and Egress Tagging

Ingress VLAN functionality allows customers to assign dedicated VLAN Tags to ingress traffic, creating a mapping between the Network port and tool ports.

Traffic received on network ports can be added with an additional VLAN tag and sent towards the tools for identifying the Network Port(with the assigned VLAN tag).

The following image shows a visual representation of Ingress VLAN and Egress Tagging:

Configuration:

1. Configure Network/Tool port(s)

2. Configure ingress VLAN

3. Enable egress tagging on tool port(s)

4. Configure flow

5. Verify

By default, the Interface will have a native VLAN of n+2 (i.e. Eth12 will have a tag of 14)

Loopback-mode Port

Loopback-mode port means that a physical port can become a network port (ingress) and tool port (egress) to which map rules can be applied. A loopback-mode port is operated in loopback mode and avoids customers to connect a physical cable to make it operate in Loopback mode.

As soon as a loopback-mode port is configured, it is internally changed to loopback mode. This means that the link will always be UP with or without cables inserted. Traffic flows out of a loopback port (Tx direction) and loops back to it (Rx direction).

Loopback-mode ports can provide the following flexibility:

Support for multiple lookups on the same packet.
- For example, Decap the tunnel and look up based on the inner header
Multiple egress actions on the same traffic.
- For example, send to tool as-is and add a VLAN tag

The following image shows a visual representation of the loopback-mode port:

Configuration:

1. Configure Network/Tool port(s)

2. Configure the port as Loopback-mode

3. Configure Flow from Network to Loopback port

4. Configure Flow from Loopback to Tool port

5. Verify

Loopback-mode(i.e. Ethernet20/1) port will always be UP

VXLAN Stripping

Sample Connectivity

A Physical loop is required from the tunnel1-egress_interface (Ethernet41/1) to Tool port to (Ethernet42/1) egress interface for Tagged inner Vlan .

Tunnel Configuration

Use the below command to configure the tunnel attributes:

Tunnel attributes cannot be modified directly. To make changes, delete the existing tunnel and configure a new one.

Flow-Based Egress Configuration

Use the below command to configure the flow to egress the stripped traffic

Example

Show VXLAN Tunnel Command

You can display the vxlan tunnel configurations using this command.

Example

Show Running-Config on OPB

VLAN Mode/Tag Actions

VLAN-aware mode provides OPB administrators with the ability to match traffic based on the VLAN tag and redirect it to the tool port(s).

Push VLAN - Traffic replication to tool ports based on VLAN match and push new VLAN Tag

Pop VLAN - Traffic replication to tool ports based on VLAN match and pop VLAN Tag on egress traffic

The following image shows a visual representation of the VLAN Aware Mode and the VLAN Tag Actions:

Configuration:

Push VLAN:

Configure Network/Tool port(s)

2. Configure VLAN aware-mode

3. Configure flow with Push VLAN

4. Verify

Pop VLAN:

Configure Network/Tool port(s)

2. Configure VLAN aware-mode

3. Configure flow with Pop VLAN

4. Verify

For Engineers

VxLAN Deployment (NVIDIA)

hashtagConfiguration

GTP Deployment

hashtagConfiguration

Truncation and Load Balancing

hashtagConfiguration:

Ingress VLAN and Egress Tagging

hashtagConfiguration:

Loopback-mode Port

hashtagConfiguration:

VXLAN Stripping

hashtagSample Connectivity

hashtagTunnel Configuration

hashtagFlow-Based Egress Configuration

hashtagExample

hashtagShow VXLAN Tunnel Command

hashtagShow Running-Config on OPB

VLAN Mode/Tag Actions

hashtagConfiguration:

hashtag

hashtagPop VLAN:

Truncation and Load Balancing

hashtagConfiguration:

Ingress VLAN and Egress Tagging

hashtagConfiguration:

GTP Deployment

hashtagConfiguration

For Engineers

VXLAN Stripping

hashtagSample Connectivity

hashtagTunnel Configuration

hashtagFlow-Based Egress Configuration

hashtagExample

hashtagShow VXLAN Tunnel Command

hashtagShow Running-Config on OPB

VxLAN Deployment (NVIDIA)

hashtagConfiguration

VLAN Mode/Tag Actions

hashtagConfiguration:

hashtag

hashtagPop VLAN:

Loopback-mode Port

hashtagConfiguration:

Configuration

Configuration

Configuration:

Configuration:

Configuration:

Sample Connectivity

Tunnel Configuration

Flow-Based Egress Configuration

Example

Show VXLAN Tunnel Command

Show Running-Config on OPB

Configuration:

Pop VLAN:

Configuration:

Configuration:

Configuration

Sample Connectivity

Tunnel Configuration

Flow-Based Egress Configuration

Example

Show VXLAN Tunnel Command

Show Running-Config on OPB

Configuration

Configuration:

Pop VLAN:

Configuration: