Configuring a VXLAN Using the CLI
This section describes the VXLAN configuration method on the CLI.
Context
The FW acts as a Layer-3 gateway on a VXLAN. You must configure a VXLAN tunnel and a VXLAN interface (BDIF interface).
The IP address of the source VTEP of the NVE interface and the ingress replication list of the VNI define a VXLAN tunnel.
Procedure
- Access the system view.
- Create a BD and access the BD view.
bridge-domain bd-id
- Optional: Configure a description for the BD.
If a VXLAN has many BDs, you can configure a description for each BD to mark their features, for example, forwarding service types.
description description - Create a VNI and associate it with a BD.
vxlan vni vni-id
- Return to the system view.
- Create an NVE interface and access the NVE interface view.
interface nve nve-number
- Set an IP address for the source VTEP.
The value can be the IP address of a physical interface or the loopback interface. In hot standby scenarios, use the VRRP virtual IP address.
source ip-address - Configure the ingress replication list of the VNI to specify
the VNI and IP address of the remote VTEP.
vni vni-id head-end peer-list ip-address &<1-10>
The IP address of the remote VTEP cannot be in the same network segment as the IP address of the BDIF. Otherwise, the VXLAN tunnel cannot be established.
- Return to the system view.
- Optional: Specify the VNI and set the MAC address
corresponding to the IP address of the remote VTEP.
A static MAC address entry is configured for the VXLAN. Packets matching the VNI and destination MAC address are encapsulated and sent to the IP address of the remote VTEP. This entry will not age.
mac-address static mac-address vni vni-id peer ip-address - Configure a BDIF interface.
For detailed configurations, see Configuring BDIF Interfaces (VXLAN Interfaces).