OPBNOS R2.8
Release
  • Open Packet Broker
  • What's New?
  • Getting Started
    • Licensing
    • Limitations
    • Image Management
      • Installing OPBNOS from ONIE
      • Installing OPBNOS from USB Drive
      • Image Upgrade from OPBNOS
      • Selecting OPBNOS on next boot
      • Removing available images
      • Rebooting the Switch
    • Supported Platforms
    • Scalability
    • Downloads
  • CLI Configuration Guide
    • Configuring License
    • Configuring Hostname
    • Configuring Username
    • On-Box FlowVision
    • Configuring AAA
      • Configuring AAA
      • Configuring TACACS
      • Configuring RADIUS
    • Configure Packet Timestamping
    • Interface Management
      • Configuring Management Interface
      • Configuring Physical Interface
    • Link Layer Discovery Protocol (LLDP)
      • Enabling LLDP
      • Displaying LLDP Neighbors
    • Configuring Interface Description
    • Configuring Auto Negotiation
    • Configuring FEC
    • Configuring Maximum Transition Unit
    • Configuring Port Speed
    • Configuring Port Breakout
    • Configuring Interface Type
    • Configuring VLAN Modes
    • Configuring Loopback Mode
    • Configuring Packet Slicing
    • Configuring Ingress VLAN
    • Configuring Egress Tagging
    • Configuring Rx-only
    • Configuring Tx-only
    • Configuring An-clause
    • Configuring PortChannel
    • Configuring LAG Hash
    • Configuring Flows and Rules
      • Configuring Network Ports
      • Configuring Tool Ports
      • Configuring Flows
      • Configuring Flow Description
      • Configuring Flow Rules (NVIDIA)
      • Configuring Flow Rules (Broadcom)
      • Configuring Flow Match Expression Rules
      • Configuring Flow UDF Rules
      • Configuring Push/Pop VLAN
      • Configuring Flow Override Action(s)
      • Display Flow Information
      • Clear Flow Counters
    • Configuring GTP Flow
    • Configuring IPv6 Reachability Check
    • Configuring VXLAN Flow
    • Configuring VXLAN Stripping
    • Configuring SNMP
      • Configure SNMP community
      • Configuring SNMP Trap
      • Configuring SNMP Threshold
      • Configuring SNMP User
      • Configuring SNMP Location
      • Configuring SNMP Contact
    • Configuring SYSLOG
    • Ping
    • Traceroute
    • Configuring NTP
    • Configuring Timezone
    • Configuring sFlow
    • Display Interface Information
      • Front Panel Port Mapping
    • Display System Information
      • Interface Transceiver Information
      • System Uptime
      • Reboot Cause
      • Show Environment
      • Show System Memory
      • Show Docker Memory
      • Show Services
      • Show Platform Fan
      • Show platform pcieinfo
      • Show Platform PSU
      • Show Platform SSD
      • Show Platform Summary
      • Show Platform Syseeprom
      • Show Platform Temperature
    • Configuration Management
      • Copying Configuration from Switch
      • Copying Running and Startup Configuration
      • Saving Configuration
      • Display Configuration
      • Clearing Startup configuration
    • Zero Touch Provisioning
      • DHCP Discovery
      • ZTP Boot File
      • Enable ZTP
    • Troubleshooting
  • Aviz FlowVision Graphical User Interface Guide
    • FlowVision Controller Installation
      • FV ESXi Host Installation
      • FV VirtualBox Installation
    • System
      • Viewing the Dashboard
      • Accessing System and Device Information
      • Managing Topologies
      • Managing Devices
      • Viewing System Log
      • Managing Users
      • Performing Backup and Restore
      • Viewing Audit Logs
    • Configuration
      • Configuring Ports
      • Configuring Port Groups
      • Configuring Rule Templates
      • Configuring Vxlan Tunnel
      • Configuring Flows
      • Configuring VLAN
      • Configuring SNMP Trap
    • Statistics
      • Viewing Port Statistics
      • Viewing Flow Statistics
    • Help
  • REST API Guide
    • FLOW
    • Interface Management
    • Port Channel
    • LLDP
    • SNMP
    • System and Platform
    • Statistics
  • Use Cases
    • For Engineers
      • VxLAN Deployment (NVIDIA)
      • GTP Deployment
      • Truncation and Load Balancing
      • Ingress VLAN and Egress Tagging
      • Loopback-mode Port
      • VXLAN Stripping
      • VLAN Mode/Tag Actions
    • Command Reference
      • Converting Network-to-Tool port
      • Configuring 1G Electrical SFP
      • Enabling FlowVision On-box Support
  • Solution Integration
    • Network Visibility and Analysis with OPB, Arkime, Elasticsearch & Kibana
      • Installation Pre-Requisites
      • Solution Components
      • Configuring OPBNOS
      • Installing Arkime
      • Installing Kibana
      • Troubleshooting
  • Support
    • How to contact Aviz Networks Support?
Powered by GitBook
On this page
  • Restrictions
  • Flow-based IP-Swap Configuration
  • Tunnel Configuration
  • Tunnel Attributes
  • Flow-Based Egress Configuration
  • Show VXLAN Tunnel Command

Was this helpful?

Export as PDF
  1. CLI Configuration Guide

Configuring VXLAN Stripping

PreviousConfiguring VXLAN FlowNextConfiguring SNMP

Was this helpful?

Configure this feature to strip all incoming IPv4/IPv6 VxLAN traffic.

This feature is supported only on NVIDIA spectrum-2/3 platforms

Restrictions

  • The source-IP in tunnel configuration & dest-IP in flow rule configuration should be the same for VxLAN stripping to work.

  • The dest-mac in the flow rule configuration should be the system-mac of the switch, this can be retrieved using the "show platform syseeprom" command.

  • A physical loopback is required between egress-interface from the tunnel and the tool port as Egress interface for Inner Tagged Vlan.

Flow-based IP-Swap Configuration

Use the below command to configure the flow to swap the MAC & the IP address of incoming traffic:

Reference

Command

flow <name>

network-ports <port>

tool-ports <tunnel>

rule <to wap IP & MAC>

Description

Add flow

Parameters

description Configure description for flow enable Enable the flow

end Exit to Exec Prompt

exit Exit from the Current Prompt network-ports Configure network or TAP ports

no no form

rule Configure rule

tool-ports Configure network tool or analyzer ports

Mode

FLOW

Example

pbnoscli(config)# flow swap
pbnoscli(config-flow-swap)# network-ports Ethernet1/1
pbnoscli(config-flow-swap)# tool-ports Ethernet50/1
pbnoscli(config-flow-swap)# rule 5 permit protocol 58 counters enable
pbnoscli(config-flow-swap)# rule 5 action override-to cpu
pbnoscli(config-flow-swap)# rule 6 permit match-all counters enable
pbnoscli(config-flow-swap)# rule 6 action overwrite dest-ip 10.10.10.1 dest-mac 1c:34:da:23:77:00 dest-port 4789
pbnoscli(config-flow-swap)# rule 7 permit match-all ipv6 counters enable
pbnoscli(config-flow-swap)# rule 7 action overwrite dest-mac 1c:34:da:23:77:00 dest-port 4789
pbnoscli(config-flow-swap)# end
pbnoscli#

A Physical loop is required from the tunnel1-egress_interface (Ethernet41/1) to Tool port to (Ethernet42/1) egress interface for Tagged inner Vlan .

Tunnel Configuration

Reference

Command

tunnel <tunnelname> no tunnel <tunnelname>

Description

Create tunnel

Parameters

Tunnelname

Mode

CONFIG

Example

pbnoscli(config)# tunnel tunnel1
pbnoscli(config)# no tunnel tunnel1

Tunnel Attributes

Use the below command to configure the tunnel attributes:

Tunnel attributes cannot be modified directly. To make changes, delete the existing tunnel and configure a new one.

Reference

Command

[no] tunnel <tunnel-name>

Description

Create tunnel

Parameters

comment: Configure comment for tunnel

decap-vxlan: Enable Tunnel to decap VXLAN packet destined to the device

destination-ip: Destination IP address

gateway: Gateway IPv4 Address

ingress-interface: Configure tunnel port

source-ip: Source IP address

source-port: Tunnel Source Port

strip-vxlan: Enable Tunnel to STRIP all the incoming VXLAN packet

vlan-tagging: Tunnel VLAN Tagging

vni: VXLAN network identifier

Mode

TUNNEL

Example

pbnoscli(config)# tunnel tunnel1
pbnoscli(config-tunnel-tunnel1)# ingress-interface Ethernet50/1
pbnoscli(config-tunnel-tunnel1)# strip-vxlan egress Ethernet41/1
pbnoscli(config-tunnel-tunnel1)# source-ip 10.10.10.1
pbnoscli(config-tunnel-tunnel1)# destination-ip 10.10.10.2
pbnoscli(config-tunnel-tunnel1)# vni 4098
pbnoscli(config-tunnel-tunnel1)# vlan-tagging disable
pbnoscli(config-tunnel-tunnel1)#

Flow-Based Egress Configuration

Use the below command to configure the flow to egress the stripped traffic

Reference

Command

flow <name>

network-ports <port>

tool-ports <port>

rule 1 permit match all

rule 2 permit match-all ipv6

Description

Add flow

Parameters

description Configure description for flow enable Enable the flow

end Exit to Exec Prompt

exit Exit from the Current Prompt network-ports Configure network or TAP ports

no no form

rule Configure rule

tool-ports Configure network tool or analyzer ports

Mode

FLOW

Example

pbnoscli(config)# flow egress
pbnoscli(config-flow-egress)# network-ports Ethernet42/1
pbnoscli(config-flow-egress)# tool-ports Ethernet64/1
pbnoscli(config-flow-egress)# rule 10 permit match-all counters enable
pbnoscli(config-flow-egress)# rule 20 permit match-all ipv6 counters enable
pbnoscli(config-flow-egress)# rule 20 action override-to Ethernet64/1
pbnoscli(config-flow-egress)# end
pbnoscli#

Show VXLAN Tunnel Command

You can display the Vxlan tunnel configurations using this command.

Reference

Command

vxlan ("VxLAN Tunnel") tunnel ("Tunnel Information") (all ("Displays all VXLAN Tunnel configuration") | ("Displays specific VXLAN Tunnel configuration") <tunnelid:string length[10]> ("Tunnel Name")),

Description

Displays VXLAN tunnel

Example

pbnoscli# show vxlan tunnel all

===============================================
VXLAN Tunnel - tunnel1
===============================================
Tunnel Port       : Ethernet50/1
Source IP         : 10.10.10.1
Destination IP    : 10.10.10.2
Source MAC        : 1c:34:da:23:77:00
VN-ID             : 4098
Vlan Tagging      : false
Tunnel Status     : UP
pbnoscli#

The strip-vxlan interface in the tunnel configuration should be a configured as .

logical loopback