SLX routers support VXLAN Layer 2 gateway functionality. By acting as VXLAN Layer 3 gateways, SLX routers are capable of routing Layer 3 traffic while also terminating VXLAN tunnels.
To support Layer 3 functionality, a virtual Ethernet (VE) interface must be configured over either a VLAN or a bridge domain (BD) that contains both VXLAN tunnel members and attachment circuit (AC) end-point members. Such a VE (also known as "VE over VXLAN" or "VXLAN VE") can route and switch VXLAN traffic simultaneously.
With VXLAN Layer 3 gateways over VLANs/BDs, both static/EVPN and single/logical, the following options are supported:
The following table lists and describes the support for a variety of functionalities available under VXLAN Layer 3 gateway.
| Functionality | Description | Comments |
|---|---|---|
| Routing protocols | Routing protocols cannot be enabled on a VE configured as a VXLAN Layer 3 gateway. | No routing protocols (such as OSPFor ISIS) are supported on such a VE. |
| VRF: VRF-lite/Multi-VRF) | A VE over VXLAN can be part of a nondefault VRF. | L3VPN-VRF is not yet supported under Logical VTEP. |
| ECMP | Support ECMP paths (8) for tunnel routing. | More than eight is not restricted but is not supported. The topology must be such that more than eight paths are not present for a VXLAN tunnel. |
| Statistics | Tunnel statistics are supported. | By default, statistics are enabled for both directions. If hardware resources are not available, then "N/A" is displayed. |
| BFD | BFD is not supported. | BFD is not supported for static tunnels. |
| VRRP | VRRPe source IP address/EVPN-MCT is not supported. | CLI configuration is not restricted. |
| MTU | MTU value is not configurable. | MTU is based on an IP interface MTU. If the packet is bigger than the IP interface MTU minus the VXLAN header, the packet is dropped. |
| TTL | TTL value is not configurable. | Default TTL value is 64. |
| QoS | QoS is not configurable. | Default QoS value is 0, which is applied to the DSCP field of the IP header. |
| -Tunnel uniform/pipe mode for TTL/QoS | Tunnel mode (uniform or pipe mode) is not configurable | By default, tunnel mode is pipe mode: in both directions, DSCP/TTL values are not carried from or to the native packet. In the VLAN-to-VXLAN direction, the default tunnel QoS/TTL values are used. |
| Exporting VE-over-VXLAN interface IP address using other protocols | Routing protocols running on other IP interfaces can export the VE-over-VXLAN IP address as connected routes. | A VE with VXLAN tunnels is treated as a directly connected subnet. This VE does not support protocols, as described above. However, as there is a connected subnet, reachability to this VE can be advertised through protocols such as OSPF, ISIS, and so on, configured as part of other Layer 3 interface configurations. |
| Ping/Traceroute | Ping and Traceroute are supported. | Ping supports traffic from/to VXLAN tunnels. |
| ARP | Dynamic ARP learning is supported in the VXLAN VE. | |
| Proxy ARP | Proxy ARP is not supported. | Proxy ARP configuration is not restricted, but the functionality is not supported. |
| Static ARP | Static ARP is supported. | Static ARP to an IP address reachable through a VXLAN tunnel is supported. The interface in the static ARP must be configured as the VE interface to which the host on the VXLAN tunnel is connected. |
| IPv6 | IPv6 is supported. | |
| Static routes | Static routes are supported. | A static route can be configured to an IP address that is reachable through a VXLAN tunnel. |
| RPF | Reverse path forwarding (RPF) is not supported in the VXLAN VE. | RPF configuration is not restricted, but RPF functionality is not supported. |
| Multicast | Layer 3 multicast is not supported. | |
| PBR | Policy-based routing (PBR) is not supported. | ACL/PBR for native packets is not supported. |
| HA/ISSU | Hitless HA/ISSU is not supported. | Traffic hits are observed. |
| Inter-overlay routing |
|
|
| Interoperability | The Layer 3 gateway interoperates with other SLX platforms in extension mode. | Interoperability with other VXLAN-supporting devices/hypervisors is not restricted but is not supported. |
| CAM profile | VXLAN L2/L3 gateway is supported only in the VxlanExtended TCAM profile | The configuration is not restricted in other profiles, but functionality is not supported. |
| Layer 2 gateway functionality | All the present Layer 2 gateway functionalities are supported on the Layer 3 gateway. |
Only static VXLAN tunnels with regular VTEPs are supported; logical VTEP tunnels are not supported. |