VXLAN - adding VLAN TAG is causing neighbor advertisement flooding

  • 1
  • Problem
  • Updated 1 year ago
I run Cumulus Linux 3.2.0 with VXLAN future on my PC (VirtualBOX). The "normal" VXLAN configuration is working without any issue but when I add VLAN tag the switches are flooding neighbor advertisement. 

Example configuration:
auto vxlan10100
iface vxlan10100
    bridge-vids 100 200  
    vxlan-id 10100
    vxlan-local-tunnelip 10.0.0.11


I can see the TAG in the packet capture but i am not sure why it is flooding this... 
Photo of Ondrej Bily

Ondrej Bily

  • 140 Points 100 badge 2x thumb

Posted 1 year ago

  • 1
Photo of Sean Cavanaugh

Sean Cavanaugh, Alum

  • 3,380 Points 3k badge 2x thumb
The VXLAN interface should only contain 1 VLAN. Use the bridge-access command. Create a VxLAN interface per VLAN. The configuration you provided is a trunk. I am actually thinking of trying to get a warning provided by ifupdown because this is not the first time I have seen this invalid config (it can be confusing)
Photo of Ondrej Bily

Ondrej Bily

  • 140 Points 100 badge 2x thumb
Sean, thank you for the reply. But how to add tag to the traffic. It is optional parameter for VXLANs if i am not wrong. We would like to have one VNI, that would carry multiple VLANs/tags. 
Photo of Sean Cavanaugh

Sean Cavanaugh, Alum

  • 3,380 Points 3k badge 2x thumb
Our implementation does not keep the VLAN tag. When you keep the VLAN tag you are limited to 4094 VXLANs losing a lot of the benefit of VXLAN. Why can't you just create multiple VXLANs?
Photo of Ondrej Bily

Ondrej Bily

  • 140 Points 100 badge 2x thumb
We can have multiple VXLANs it is not a problem. We just wanted to have one VXLAN per "product" for better visibility/management. But if it is not a possible it is not problem at all. Thank you very much for you quick response!