Configuring a VXLAN Service Access Point

Layer 2 sub-interfaces are used for service access on VXLANs. These Layer 2 sub-interfaces can have different encapsulation types configured to transmit various types of data packets. A bridge domain (BD) is a broadcast domain. After a Layer 2 sub-interface is associated with a BD, the sub-interface can transmit data packets through this BD.

Context

As shown in Table 1, Layer 2 sub-interfaces can have different encapsulation types configured to transmit various types of data packets.
Table 1 Traffic encapsulation types

Traffic Encapsulation Type

Description

dot1q

This type of sub-interface accepts only packets with a specified tag.

The dot1q traffic encapsulation type has the following restrictions:
  • The VLAN ID encapsulated by a Layer 2 sub-interface cannot be the same as that allowed to pass by the Layer 2 interface where the sub-interface resides.
  • The VLAN IDs encapsulated by a Layer 2 sub-interface and a Layer 3 sub-interface cannot be the same.

untag

This type of sub-interface accepts only untagged packets.

The untag traffic encapsulation type has the following restrictions:
  • The physical interface where the sub-interface resides must have only default configurations.
  • Only Layer 2 physical interfaces and Layer 2 Eth-Trunk interfaces can have untag Layer 2 sub-interfaces created.
  • Only one untag Layer 2 sub-interface can be created on a main interface.

default

This type of sub-interface accepts all packets, irrespective of whether the packets carry VLAN tags.

The default traffic encapsulation type has the following restrictions:
  • The interface where the sub-interface resides must not be added to any VLAN.
  • Only Layer 2 physical interfaces and Layer 2 Eth-Trunk interfaces can have default Layer 2 sub-interfaces created.
  • If default is configured for a Layer 2 sub-interface on a main interface, the main interface cannot have other types of Layer 2 sub-interfaces configured.

qinq

Packets received by this type of sub-interface carry two or more VLAN tags. The sub-interface determines whether to accept the packets based on the innermost two VLAN tags.

Configure a service access point on a Layer 2 gateway:

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run bridge-domain bd-id

    A BD is created, and the BD view is displayed.

  3. (Optional) Run description description

    A description is configured for the BD.

  4. Run quit

    Return to the system view.

  5. Run interface interface-type interface-number.subnum mode l2

    A Layer 2 sub-interface is created, and the sub-interface view is displayed.

    Before running this command, ensure that the Layer 2 main interface does not have the port link-type dot1q-tunnel command configuration. If the configuration has existed, run the undo port link-type command to delete it.

  6. Run encapsulation { dot1q [ vid vid ] | default | untag | qinq [ vid pe-vid ce-vid { low-ce-vid [ to high-ce-vid ] } ] }

    A traffic encapsulation type is specified for the Layer 2 sub-interface.

  7. Run rewrite pop { single | double }

    The sub-interface is enabled to remove single or double VLAN tags from received packets.

    If the received packets each carry a single VLAN tag, specify single.

    If the traffic encapsulation type is specified as qinq in the preceding step using the encapsulation qinq vid pe-vid ce-vid { low-ce-vid [ to high-ce-vid ] | default } command, specify double.

  8. Run bridge-domain bd-id

    The Layer 2 sub-interface is added to the BD so that the sub-interface can transmit data packets through this BD.

    If a default Layer 2 sub-interface is added to a BD, no BDIF interface can be created for the BD.

  9. Run commit

    The configuration is committed.

Parent Topic: Configuring VXLAN in Centralized Gateway Mode for Static Tunnel Establishment
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >