Configuring IPv6 Reachability Check
Last updated
Last updated
Before sending the VXLAN encapsulated packets to the OPBNOS switch, the peer node can check the IPv6 reachability to the switch using the ping command. Here, we can configure multiple vlan and SVI configurations with multiple IPv6 to each vlan. Each IPv6 would be reachable(ping check) from the peer node. It ensures proper handling of VXLAN and ICMP packets through flow-based rules.
This feature is supported only on the Nvidia platforms
1. Create VLAN
2. SVI Configuration (Configure IPv6 to Switched Virtual Interface with VLAN)
3. VLAN Membership (Static)
4. VXLAN Encapsulation and Packet Handling
When the peer device checks for OPBNOS reachability, certain types of packets, including ARP, ICMP, and ICMPv6, need to be processed along with the VXLAN packet that needs to be forwarded. But to achieve this PING related packets are lifted to the CPU.
There are two types of traffic discussed:
ICMP/ICMPv6 Traffic for Reachability: The CPU should always process this traffic.
VXLAN Data Traffic from the Peer: This traffic should always be handled in the data path or hardware.
However, when a flow is configured to match all IP traffic, ICMP/ICMPv6 packets are also matched and forwarded to tool ports, which causes the ping to fail. To address this, we added a flow provision to send only ICMP/ICMPv6 packets to the CPU for ping handling, while the rest of the data traffic is handled and forwarded by the hardware.
If the vxlan packet is not destined to OPBNOS, add another rule and set dest-mac from the tunnel Source MAC
EtherType and Protocol Numbers to Distinguish ARP, ICMP, and ICMPv6:
ARP: EtherType 0x0806
IPv4 Ping (ICMP): Protocol Number 1
IPv6 Ping (ICMPv6): Protocol Number 58
1. Configure IPv6 on interfaces(not associated with VLAN)
2. Ping to the IPv6 address configured on the OPBNOS switch
