1 .. SPDX-License-Identifier: GPL-2.0 2 3 ====================================================== 4 Virtual eXtensible Local Area Networking documentation 5 ====================================================== 6 7 The VXLAN protocol is a tunnelling protocol designed to solve the 8 problem of limited VLAN IDs (4096) in IEEE 802.1q. With VXLAN the 9 size of the identifier is expanded to 24 bits (16777216). 10 11 VXLAN is described by IETF RFC 7348, and has been implemented by a 12 number of vendors. The protocol runs over UDP using a single 13 destination port. This document describes the Linux kernel tunnel 14 device, there is also a separate implementation of VXLAN for 15 Openvswitch. 16 17 Unlike most tunnels, a VXLAN is a 1 to N network, not just point to 18 point. A VXLAN device can learn the IP address of the other endpoint 19 either dynamically in a manner similar to a learning bridge, or make 20 use of statically-configured forwarding entries. 21 22 The management of vxlan is done in a manner similar to its two closest 23 neighbors GRE and VLAN. Configuring VXLAN requires the version of 24 iproute2 that matches the kernel release where VXLAN was first merged 25 upstream. 26 27 1. Create vxlan device:: 28 29 # ip link add vxlan0 type vxlan id 42 group 239.1.1.1 dev eth1 dstport 4789 30 31 This creates a new device named vxlan0. The device uses the multicast 32 group 239.1.1.1 over eth1 to handle traffic for which there is no 33 entry in the forwarding table. The destination port number is set to 34 the IANA-assigned value of 4789. The Linux implementation of VXLAN 35 pre-dates the IANA's selection of a standard destination port number 36 and uses the Linux-selected value by default to maintain backwards 37 compatibility. 38 39 2. Delete vxlan device:: 40 41 # ip link delete vxlan0 42 43 3. Show vxlan info:: 44 45 # ip -d link show vxlan0 46 47 It is possible to create, destroy and display the vxlan 48 forwarding table using the new bridge command. 49 50 1. Create forwarding table entry:: 51 52 # bridge fdb add to 00:17:42:8a:b4:05 dst 192.19.0.2 dev vxlan0 53 54 2. Delete forwarding table entry:: 55 56 # bridge fdb delete 00:17:42:8a:b4:05 dev vxlan0 57 58 3. Show forwarding table:: 59 60 # bridge fdb show dev vxlan0 61 62 The following NIC features may indicate support for UDP tunnel-related 63 offloads (most commonly VXLAN features, but support for a particular 64 encapsulation protocol is NIC specific): 65 66 - `tx-udp_tnl-segmentation` 67 - `tx-udp_tnl-csum-segmentation` 68 ability to perform TCP segmentation offload of UDP encapsulated frames 69 70 - `rx-udp_tunnel-port-offload` 71 receive side parsing of UDP encapsulated frames which allows NICs to 72 perform protocol-aware offloads, like checksum validation offload of 73 inner frames (only needed by NICs without protocol-agnostic offloads) 74 75 For devices supporting `rx-udp_tunnel-port-offload` the list of currently 76 offloaded ports can be interrogated with `ethtool`:: 77 78 $ ethtool --show-tunnels eth0 79 Tunnel information for eth0: 80 UDP port table 0: 81 Size: 4 82 Types: vxlan 83 No entries 84 UDP port table 1: 85 Size: 4 86 Types: geneve, vxlan-gpe 87 Entries (1): 88 port 1230, vxlan-gpe
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.