SLX routers support VXLAN Layer 2 gateway functionality. By acting as VXLAN Layer 3 gateways, SLX routers can route Layer 3 traffic while also terminating VXLAN tunnels.
To support Layer 3 functionality, a virtual Ethernet (VE) interface must be configured over a VLAN or a bridge domain that contains VXLAN tunnel members and attachment circuit (AC) end-point members. Such a VE (also known as VE over VXLAN or VXLAN VE) can route and switch VXLAN traffic simultaneously.
The following table describes the support for a variety of functions available under VXLAN Layer 3 gateway.
| Functionality | Description | Comments |
|---|---|---|
| Routing protocols | Routing protocols cannot be enabled on a VE configured as a VXLAN Layer 3 gateway. | No routing protocols (such as OSPF or IS-IS) are supported on such a VE. |
| VRF: VRF-lite, Multi-VRF) | A VE over VXLAN can be part of a nondefault VRF. | L3VPN-VRF is not yet supported under Logical VTEP. |
| ECMP | Support for up to 64 ECMP paths for tunnel routing. | |
| Statistics | Tunnel statistics are supported. | By default, statistics are enabled for both directions. If hardware resources are not available, then "N/A" is displayed. |
| BFD | BFD is not supported. | BFD is not supported for static tunnels. |
| VRRP | VRRPe source IP address, EVPN-MCT is not supported. | CLI configuration is not restricted. |
| MTU | MTU value is not configurable. | MTU is based on an IP interface MTU. If the packet is bigger than the IP interface MTU minus the VXLAN header, the packet is dropped. |
| TTL | TTL value is not configurable. | Default TTL value is 64. |
| QoS | QoS is not configurable. | Default QoS value is 0, which is applied to the DSCP field of the IP header. |
| Tunnel uniform, pipe mode for TTL, QoS | Tunnel mode (uniform or pipe mode) is not configurable | By default, tunnel mode is pipe mode: in both directions, DSCP and TTL values are not carried from or to the native packet. In the VLAN-to-VXLAN direction, the default tunnel QoS and TTL values are used. |
| Exporting VE-over-VXLAN interface IP address using other protocols | Routing protocols running on other IP interfaces can export the VE-over-VXLAN IP address as connected routes. | A VE with VXLAN tunnels is treated as a directly connected subnet. This VE does not support protocols. However, as there is a connected subnet, reachability to this VE can be advertised through protocols such as OSPF, IS-IS, configured as part of other Layer 3 interface configurations. |
| Ping, Traceroute | Ping and Traceroute are supported. | Ping supports traffic from and to VXLAN tunnels. |
| ARP | Dynamic ARP learning is supported in the VXLAN VE. | |
| Proxy ARP | Proxy ARP is not supported. | Proxy ARP configuration is not restricted, but the functionality is not supported. |
| Static ARP | Static ARP is supported. | Static ARP to an IP address reachable through a VXLAN tunnel is supported. The interface in the static ARP must be configured as the VE interface to which the host on the VXLAN tunnel is connected. |
| IPv6 | IPv6 is supported. | |
| Static routes | Static routes are supported. | A static route can be configured to an IP address that is reachable through a VXLAN tunnel. |
| RPF | Reverse path forwarding (RPF) is not supported in the VXLAN VE. | RPF configuration is not restricted, but RPF functionality is not supported. |
| Multicast | Layer 3 multicast is not supported. | |
| PBR | Policy-based routing (PBR) is not supported. | ACL/PBR for native packets is not supported. |
| HA, ISSU | Hitless HA or ISSU is not supported. | Traffic hits are observed. |
| Inter-overlay routing |
|
|
| Interoperability | The Layer 3 gateway inter-operates with other SLX platforms in extension mode. | Interoperability with other VXLAN-supporting devices or hypervisors is not restricted but is not supported. |
| CAM profile | VXLAN Layer 2 and Layer 3 gateway is supported only in the VxlanExtended TCAM profile | The configuration is not restricted in other profiles, but functionality is not supported. |
| Layer 2 gateway functionality | All the present Layer 2 gateway functions are supported on the Layer 3 gateway. | Only static VXLAN tunnels with regular VTEPs are supported. Logical VTEP tunnels are not supported. |