XNV Dynamic VLAN

Starting in release 15.3, when a virtual machine is detected, ExtremeXOS dynamically creates the VLAN that is required for the VM to send traffic. If a virtual machine shuts down or is moved, its VLAN is pruned to preserve bandwidth. This feature creates an adaptive infrastructure in which the network responds to changes dynamically in the virtual machine network.

Enabling/Disabling XNV Dynamic VLAN

Enabling the XNV dynamic VLAN feature must be done on a per-port basis. XNV requires that the port on which dynamic VLANs is enabled is part of the "default or "base" VLAN as untagged. This "default", or "base", VLAN for the port is the VLAN on which untagged packets are classified to when no VLAN configuration is available for the MAC. This default VLAN should be present, and you should manually add the port to this VLAN before you enable the feature. Enabling this feature on a port results in a failure if any of the following conditions are true:
  • If XNV is not enabled, the command only results in a warning, and does not fail. XNV can be enabled later.
  • The port is not an untagged member of any VLAN.

When a VLAN's MAC is detected on a port, XNV consults the configuration database to determine the VLAN configuration for the VM. For a case where the VM sends tagged traffic, the VLAN tag of the received frame is used to determine VLAN classification for the VM's traffic. If VLAN configuration exists for the VM and it conflicts with the actual tag present in received traffic, XNV reports an EMS message and does not trigger VLAN creation or port addition. However, if no configuration is present for the VM, XNV assumes that there are no restrictions for classifying traffic for the VM to the received VLAN.

For untagged traffic, XNV can determine the VLAN for the VM from any one of the three possible sources:
  • VLAN configuration for the VM MAC entry.
  • VLAN configuration for the VPP associated with the VM's MAC. The VPP can either be a network VPP or a local VPP.
  • In case of untagged traffic from the VM, the "default" VLAN for the port that is specified as part of the dynamic VLAN enable configuration.

This list determines the order of precedence for VLAN classification for untagged traffic only. For tagged VLAN traffic, XNV validates the tag of the received traffic with then VLAN tag configuration for that VM.

In addition to the VLAN tag, you can specify the VR to which the dynamically created VLAN needs to be associated. The VR configuration is relevant only if a VLAN tag is configured for the VM.

expand icon

Associating Dynamically Created VLANS to VRs

Configured VR on Port Configured VR for VM (from VM Mapping Entry or VPP) VLAN Already Exists on the Switch Dynamic VLANs VR
None None No VR-Default
None None Yes VLAN's VR
None VR-X No VR-X (Configured VR for VM) if VR-X is valid.) Otherwise an EMS error is displayed indicating the VR-X is invalid.
None VR-X Yes VLAN's VR. An EMS error is displayed if the VLAN's VR is not VR-X.
VR-X None No VR-X (Port's VR).
VR-X None Yes VR-X if VLAN's VR is VR-X. If it is not, an EMS error is displayed indicating the VR-X is invalid.
VR-X VR-Y No Dynamic VLAN is not created when Port Level VR and VM-MAC VR are different, and FDB is learned on a system generated VMAN. An EMS warning is generated on the switch log, because a Dynamic VLAN cannot be created.
VR-X VR-Y Yes VR-X if VLAN is part of VR-X. Otherwise, EMS error is displayed.

When you disable dynamic VLAN on a port, XNV does the following:

  • Triggers deletion of MAC-based entries on that port in the hardware.
  • If the port has been added to any VLAN by XNV, XNV triggers a flush for those VLANs.
  • If the port has been added to an VLAN by XNV, XNV requests VLAN manager to remove the port from the VLAN.
    Note

    Note

    It is up to the VLAN manager to decide if the port actually needs to be removed from the VLAN.

On deleting the ports from base/default VLAN the below warning message will be thrown and XNV Dynamic vlan gets disabled on that port:

 Warning: Removing the untagged VLAN from a port may disrupt network connectivity. IDM and VMT may not be functional on the port without an untagged VLAN.
Note

Note

This behavior is in effect from ExtremeXOS 16.1.

Example

create vlan v1 
con v1 add ports 1untagged
enable vm-tracking 
enable vm-tracking ports 1 
enable vm-tracking dynamic-vlan ports 1 
con vlan v1 delete ports 1 
Warning: Removing the untagged VLAN from a port may disrupt network connectivity. IDM
and VMT may not be functional on the port without an untagged VLAN. 

show vm-tracking
----------------------------------------------------------    
VM Tracking Global Configuration
----------------------------------------------------------- 
VM Tracking                      : Enabled   
VM  Tracking authentication order: nms vm-map local 
VM Tracking nms reauth  period   : 0 (Re-authentication disabled) 
VM Tracking blackhole policy        : none
-----------------------------------------------------------

Port                         : 1 
VM Tracking                  : Enabled  
VM Tracking Dynamic VLAN     : Disabled 

When XNV is disabled on a port, the XNV dynamic VLAN feature is also disabled. The XNV dynamic VLAN configuration is not persistent, and needs to be re-enabled after XNV is re-enabled on that port.