Bridge Layer 2 Protocol Tunneling

Follow

A VXLAN connects layer 2 domains across a layer 3 fabric; however, layer 2 protocol packets, such as LLDP, LACP, STP, and CDP are normally terminated at the ingres VTEP. If you want the VXLAN to behave more like a wire or hub, where protocol packets are tunneled instead of being terminated locally, you can enable bridge layer 2 protocol tunneling.

To configure bridge layer 2 protocol tunneling for all protocols:

cumulus@switch:~$ net add int swp1 bridge l2protocol-tunnel all
cumulus@switch:~$ net pending
cumulus@switch:~$ net commit

To configure bridge layer 2 protocol tunneling for a specific protocol, such as LACP:

cumulus@switch:~$ net add int swp1 bridge l2protocol-tunnel lacp
cumulus@switch:~$ net pending
cumulus@switch:~$ net commit

The above command creates the following configuration in the /etc/network/interfaces file:

auto swp1
iface swp1
    bridge-access 10
    bridge-l2protocol-tunnel lacp

auto swp2
iface swp2

auto swp3
iface swp3

auto swp4
iface swp4

LLDP Example

LLDP.png

LACP Example

LACP.png

Pseudo-Wire Example

pseudoWire.png

 Use caution when enabling bridge layer 2 protocol tunneling:

  • Layer 2 protocol tunneling is not a full-featured pseudo-wire solution; there is no end-to-end link status tracking or feedback.
  • Layer 2 protocols typically run on a link local scope. Running the protocols through a tunnel across a layer 3 fabric incurs significantly higher latency, which might require you to tune protocol timers.
  • The lack of end to end link/tunnel status feedback and the higher protocol timeout values make for a higher protocol convergence time in case of change.
Have more questions? Submit a request

Comments

Powered by Zendesk