Tunnel Concentrator Service Settings

The following table describes the fields in the Tunnel Concentrator Service configuration. Note that each field is a required configuration, unless specified otherwise.

Table 1. Tunnel Concentrator Service
Field	Description
Name	Enter a name for the Tunnel Concentrator Service.
Description	(Optional) Enter a description for the Tunnel Concentrator Service.
Single Tunnel Concentrator Redundant Tunnel Concentrator	Select one of these options only: Select Single Tunnel Concentrator if the service will use a single instance of Tunnel Concentrator. Select Redundant Tunnel Concentrator if the service will use a pair of Tunnel Concentrator instances in an HA configuration.
Tunnel IP Address/CIDR	Enter the IP address and network mask to which APs should direct tunneled traffic (for example, 10.10.10.3/24). Note that address functionality differs depending on whether or not you configured High Availability: For a Single Tunnel Concentrator service, this address is the tunnel termination point for this Tunnel Concentrator. For a Redundant Tunnel Concentrator service, this address is a VRRP address that is used by the service to provide High Availability. Tunneled traffic that arrives at this address is redirected to the IP address for the active Tunnel Concentrator in the pair.
Gateway	(Optional) Enter the address of the default gateway.
VRRP Router ID	(Redundant Tunnel Concentrator only) Enter the ID for the VRRP router. ExtremeCloud IQ configures the same VRRP Router ID for both the primary and backup Tunnel Concentrators (range 1-255). The VRRP Router ID must be different for each cluster of VRRP devices. In addition, the ID must be different than the VRRP Router IDs that were configured on the data ports for the individual Tunnel Concentrator instances.
Native VLAN	Enter the Native VLAN ID. This VLAN is untagged.
Note: The fields in this section are relevant to a specific instance of Tunnel Concentrator. If you selected Redundant Tunnel Concentrator Service, these fields appear twice because the service includes a pair of instances. In this case, complete the fields separately with values that are relevant to each instance.
Device Tunnel Concentrator	From the drop-down, select a specific Tunnel Concentrator device instance to assume this role in the service.
Tunnel Port	From the menu, select a port for the tunnel for this Tunnel Concentrator instance. If you are deploying LAG on this Tunnel Concentrator, select a LAG port.
VLAN ID	Select the tunneling VLAN ID for this Tunnel Concentrator instance. If the VLAN is untagged, select Untagged.
IP Address	(Redundant Tunnel Concentrator only) Enter an IP address to act as tunnel termination point for this instance in the HA pair. Data that goes from the AP to the Tunnel IP Address gets redirected to this IP Address when this Tunnel Concentrator is active.
Bridge Port	From the menu, select a bridge port for the tunnel for this Tunnel Concentrator instance. If you are deploying LAG on this Tunnel Concentrator instance, you may select a LAG port, although it's not mandatory.
Broadcast/Multicast Control
Permitted Multicast IP Addresses	This section provides access rules for multicast packets that cross this Tunnel Concentrator serivce, based on the multicast address. The service allows multicast packets where the multicast destination is permitted by an assigned rule and discards multicast packets where none of the assigned rules permit multicast packets to that address. To add a multicast rule to this service, select one of the following options: Add New Rule—To assign an IP address or range of addreseses as allowed destination for multicast packets, select this option and then enter the IP address or network address. Add Pre-defined Rule—To assign one of the preconfigured default rules to this Tunnel Concentrator service, select this option, and then select the rule. Within each rule, the IP Address field identifies either a specific IP address (e.g., 224.0.0.5) as a multicast destination, or a network address (e.g., 224.0.0.0/5) for a range of allowed addresses. If you enter a network address, Tunnel Concentrator allows multicast packets where the destination multicast address is encompassed by that range. To remove a rule from your control list, select the adjacent (Delete) icon.
Block Non-Essential Broadcast	When this setting is selected (the default setting), the Tunnel Concentrator service blocks broadcast traffic, except for ARP and DHCP traffic. When this setting is not selected, the Tunnel Concentrator service floods broadcast traffic to all APs.
ARP Proxy	When this setting is selected (the default setting), the Tunnel Concentrator service maintains an ARP table and can proxy and respond to ARP requests. When this setting is not selected, Tunnel Concentrator floods ARP requests to all APs.

Note

The Broadcast/Multicast Control section covers how the Tunnel Concentrator service handles broadcast and multicast traffic that crosses Tunnel Concentrator. Additional broadcast and multicast configurations that you apply throughout your network impact the amount of broadcast and multicast traffic that attempts to cross Tunnel Concentrator.

When you have completed your configuration, select Save.