Implementing L2PT in ExtremeXOS
In
ExtremeXOS, the L2PT data-plane is implemented almost entirely in software.
When you attach a L2PT profile to a service interface, the following
ACL rules are configured:
- An ACL rule is added to copy and drop all
packets with a destination address equal to the L2PT destination MAC address, and an outer
VLAN ID equal to the VLAN tag of the service. In case of VXLAN tenant VLAN,
the condition for VLAN ID is modified so that the packet is copied to CPU on any VLAN
received. The traffic for the destined tenant VLAN ID can be received on any underlay L3
VLAN.
- For each protocol that is tunneled on the
service interface, an ACL rule is added to copy and drop all packets with the same the
destination address as the protocol. If the protocol defines an EtherType, then the rule is
also qualified with the EtherType.
- If any protocol is tunneled on the service
interface, an ACL rule is added to drop all packets received on the service interface with a
destination address equal to the L2PT destination MAC address.