background image

 

17 

context-admin 

Usage guidelines 

VXLAN fast forwarding enables the device to bypass QoS and security services when the device 
forwards data traffic over VXLAN tunnels based on the software. As a best practice, enable this 
feature to improve forwarding speed only when QoS and security services are not configured on the 
following interfaces: 

 

VSI interfaces. 

 

Traffic outgoing interfaces for VXLAN tunnels. 

When VXLAN fast forwarding is enabled, a VXLAN tunnel cannot use ECMP routes to load share 
traffic. Instead, it selects one route from the ECMP routes to forward VXLAN packets. 

Examples 

# Enable VXLAN fast forwarding. 

<Sysname> system 

[Sysname] vxlan fast-forwarding enable

 

vxlan invalid-udp-checksum discard 

Use 

vxlan invalid-udp-checksum discard

  to enable  the device to drop  the  VXLAN 

packets that fail UDP checksum check. 

Use 

undo vxlan invalid-udp-checksum discard

 to restore the default. 

Syntax 

vxlan invalid-udp-checksum discard 

undo vxlan invalid-udp-checksum discard 

Default 

The device does not check the UDP checksum of VXLAN packets. 

Views 

System view 

Predefined user roles 

network-admin 

context-admin 

Usage guidelines 

This command enables the device to check the UDP checksum of VXLAN packets.  

The device always sets the UDP checksum of VXLAN packets to 0. For compatibility with third-party 
devices,  a  VXLAN packet can pass the check if  its  UDP  checksum is 0 or correct. If its UDP 
checksum is incorrect, the VXLAN packet fails the check and is dropped. 

Examples 

# Enable the device to drop the VXLAN packets that fail UDP checksum check. 

<Sysname> system-view 

[Sysname] vxlan invalid-udp-checksum discard

 

vxlan local-mac report 

Use 

vxlan local-mac report

 to enable local-MAC logging. 

Содержание SecPath F50X0-D Series

Страница 1: ...H3C SecPath F50X0 D F5000 AK Firewall Series Comware 7 VXLAN Command Reference New H3C Technologies Co Ltd http www h3c com Software version F9620 Document version 6W401 20200901...

Страница 2: ...H3C Technologies Co Ltd any trademarks that may be mentioned in this document are the property of their respective owners Notice The information in this document is subject to change without notice A...

Страница 3: ...nd keywords that you enter literally as shown Italic Italic text represents arguments that you replace with actual values Square brackets enclose syntax choices keywords or arguments that are optional...

Страница 4: ...at contains additional or supplementary information TIP An alert that provides helpful information Network topology icons Convention Description Represents a generic network device such as a router sw...

Страница 5: ...document might use devices that differ from your device in hardware model configuration or software version It is normal that the port numbers sample output screenshots and other information in the e...

Страница 6: ...fast forwarding enable 16 vxlan invalid udp checksum discard 17 vxlan local mac report 17 vxlan tunnel mac learning disable 18 vxlan udp port 19 xconnect vsi 19 VXLAN IP gateway commands 20 arp distri...

Страница 7: ...ers text Specifies a description a case sensitive string of 1 to 80 characters Examples Configure a description for VSI vpn1 Sysname system view Sysname vsi vpn1 Sysname vsi vpn1 description vsi for v...

Страница 8: ...all Layer 3 interfaces that are mapped to VSIs Sysname display l2vpn interface Total number of interfaces 2 1 up 1 down Interface Owner Link ID State Type GE1 2 5 1 vxlan3 1 Up VSI GE1 2 5 2 vxlan4 2...

Страница 9: ...If you do not specify a VSI this command displays MAC address entries for all VSIs dynamic Specifies dynamic MAC address entries learned in the data plane If you do not specify this keyword the comma...

Страница 10: ...Use display l2vpn vsi to display information about VSIs Syntax display l2vpn vsi name vsi name verbose Views Any view Predefined user roles network admin network operator context admin context operat...

Страница 11: ...ateway Interface VSI interface 100 VXLAN ID 10 Tunnels Tunnel Name Link ID State Type Flood Proxy Split horizon Tunnel1 0x5000001 Up Manual Disabled Enabled Tunnel2 0x5000002 Up Manual Disabled Enable...

Страница 12: ...The VTEP floods unknown unicast frames only to local sites Gateway Interface VSI interface name State Tunnel state Up The tunnel is operating correctly Blocked The tunnel is a backup tunnel Its tunnel...

Страница 13: ...unnels associated with the specified VXLAN Examples Display VXLAN tunnel information for all VXLANs Sysname display vxlan tunnel Total number of VXLANs 1 VXLAN ID 10 VSI name vpna Total tunnels 3 3 up...

Страница 14: ...erver replicates and forwards flood traffic to remote VTEPs Disabled Flood proxy is disabled Split horizon State of split horizon Enabled Split horizon is enabled on the VXLAN tunnel The VXLAN tunnel...

Страница 15: ...ble Default L2VPN is disabled Views System view Predefined user roles network admin context admin Usage guidelines You must enable L2VPN before you can configure L2VPN settings Examples Enable L2VPN S...

Страница 16: ...ddress is the MAC address of a VM in a remote site Remote MAC entries can be manually added or dynamically learned When you add a remote MAC address entry make sure the specified VSI s VXLAN has been...

Страница 17: ...00 bytes for VSI vxlan1 Sysname system view Sysname vsi vxlan1 Sysname vsi vxlan1 mtu 1400 Related commands display l2vpn vsi reserved vxlan Use reserved vxlan to specify a reserved VXLAN Use undo res...

Страница 18: ...limit or the device learns incorrect MAC addresses Examples Clear the dynamic MAC address entries on VSI vpn1 Sysname reset l2vpn mac address vsi vpn1 Related commands display l2vpn mac address vsi se...

Страница 19: ...ut down a VSI Use undo shutdown to bring up a VSI Syntax shutdown undo shutdown Default VSIs are not manually shut down Views VSI view Predefined user roles network admin context admin Usage guideline...

Страница 20: ...t traffic to each tunnel in the VXLAN You can assign multiple VXLAN tunnels to a VXLAN and configure a VXLAN tunnel to trunk multiple VXLANs Examples Assign VXLAN tunnels 1 and 2 to VXLAN 10000 Sysnam...

Страница 21: ...undo vsi to delete a VSI Syntax vsi vsi name undo vsi vsi name Default No VSIs exist Views System view Predefined user roles network admin context admin Parameters vsi name Specifies a VSI name a cas...

Страница 22: ...VXLAN for a VSI The VXLAN ID for each VSI must be unique Examples Create VXLAN 10000 for VSI vpna and enter VXLAN view Sysname system view Sysname vsi vpna Sysname vsi vpna vxlan 10000 Sysname vsi vp...

Страница 23: ...rd to enable the device to drop the VXLAN packets that fail UDP checksum check Use undo vxlan invalid udp checksum discard to restore the default Syntax vxlan invalid udp checksum discard undo vxlan i...

Страница 24: ...and output rules including output destinations For more information about configuring the information center see Network Management and Monitoring Configuration Guide Examples Enable local MAC loggin...

Страница 25: ...arameters port number Specifies a UDP port number in the range of 1 to 65535 As a best practice specify a port number in the range of 1024 to 65535 to avoid conflict with well known ports Usage guidel...

Страница 26: ...ysname vsi vpn1 quit Sysname interface gigabitethernet 1 2 5 1 Sysname GigabitEthernet1 2 5 1 xconnect vsi vpn1 Related commands display l2vpn interface vsi VXLAN IP gateway commands arp distributed g...

Страница 27: ...oxy arp enable Layer 3 IP Services Command Reference bandwidth Use bandwidth to set the expected bandwidth for a VSI interface Use undo bandwidth to restore the default Syntax bandwidth bandwidth valu...

Страница 28: ...e their default settings 3 If the restoration attempt still fails follow the error message instructions to resolve the problem Examples Restore the default settings for VSI interface 100 Sysname syste...

Страница 29: ...aces If you specify a VSI interface this command displays information about the specified interface For more information about VA interfaces see PPP configuration in PPP and PPPoE Configuration Guide...

Страница 30: ...ternet address ip address mask length Type IP address of the interface and type of the address in parentheses Possible IP address types include Primary Manually configured primary IP address Sub Manua...

Страница 31: ...ief information about all VSI interfaces Sysname display interface vsi interface brief Brief information on interfaces in route mode Link ADM administratively down Stby standby Protocol s spoofing Int...

Страница 32: ...n manually shut down by using the shutdown command To restore the physical state of the interface use the undo shutdown command Not connected The interface is not mapped to any VSI or the mapped VSI d...

Страница 33: ...s IP address are identical to the do care bits in the specified subnet address the packet is assigned to the VSI All don t care bits are ignored The 0s and 1s in a wildcard mask can be noncontiguous...

Страница 34: ...191 Usage guidelines A VSI can have only one gateway interface Multiple VSIs can share a gateway interface Examples Specify VSI interface 100 as the gateway interface for VSI vpna Sysname system view...

Страница 35: ...n a MAC address to a VSI interface Use undo mac address to restore the default Syntax mac address mac address undo mac address Default The MAC address of a VSI interface is the bridge MAC address View...

Страница 36: ...ined user roles network admin context admin Parameters vsi interface vsi interface id Specifies a VSI interface by its number Make sure the specified VSI interface has been created on the device If yo...

Страница 37: ...ysname interface vsi interface 100 Sysname Vsi interface100 shutdown vtep group member local Use vtep group member local to assign the local VTEP to a VTEP group Use undo vtep group member local to re...

Страница 38: ...a VTEP group and its member VTEPs Syntax vtep group group ip member remote member ip 1 8 undo vtep group group ip member remote Default No VTEP group is specified Views System view Predefined user rol...

Страница 39: ...rfaces To save resources on VTEPs in an SDN transport network you can temporarily disable remote ARP learning when the controller and VTEPs are synchronizing entries After the entry synchronization is...

Отзывы: