Protocol Tunneling

To make L2PT configuration easier, in ExtremeXOS you can create L2PT profiles. An L2PT profile specifies the tunneling action and other parameters for protocols (specified using protocol filters) that should be tunneled. You can then apply the profile to the interfaces of the service that are participating in L2PT. And you can also change the profile when it is already bound to an interface.

The L2PT parameters that can be configured through a profile include the following:
The following validity checks are performed when an entry for a protocol filter is created in an L2PT profile:
The following validity checks are performed when a L2PT profile is bound to an interface of a service:

Typically, you will want to configure the tunneling action for all customer facing interfaces of the service that participate in L2PT as tunnel, and the tunneling action for all network facing interfaces as encapsulate/decapsulate. Once any interface of the service is configured to tunnel a protocol, the switch will configure all tagged ports and PWs or VXLAN RTEPs of the service to encapsulate/decapsulate mode. You can override this implicit configuration by binding the RTEPs a profile to the service interface that specifies a different tunneling action.

For example, consider a VMAN service named c1 with customer facing ports 1, 2 and 3 and network facing ports 4, 5, 6. Ports 4, 5 and 6 are added as tagged to the VMAN and 1, 2 and 3 are added as untagged to the VMAN. The operator wants to tunnel LACP and EFM OAM on all customer facing ports at CoS 5. The configurations that he or she must make are as follows:

# Create a protocol filter
create protocol filter “my_slow_protocols_filter”

# Add LACP to the protocol filter
configure protocol filter “my_slow_protocols_filter” 
add dest-mac 01:80:C2:00:00:02 etype 0x8809 field offset 14 value 01 mask FF

# Add EFM OAM to the protocol filter
configure protocol filter “my_slow_protocols_filter” 
add dest-mac 01:80:C2:00:00:02 etype 0x8809 field offset 14 value 03 mask FF

# Create an L2PT profile for the customer facing ports named c1_l2pt_profile
create l2pt profile “c1_l2pt_profile”

# Enable CDP tunneling with CoS 5
configure l2pt profile “c1_l2pt_profile” add protocol filter 
“my_slow_protocols_filter” action tunnel cos 5

# Enable CDP tunneling with CoS 3 and DSCP 38 in case of VXLAN tenant VLAN
configure l2pt profile “c1_l2pt_profile” add protocol filter
“my_slow_protocols_filter” action tunnel cos 5 dscp 38

# Bind c1_l2pt_profile to all customer facing ports
configure vman c1 ports 1,2,3 l2pt profile “c1_l2pt_profile”

# Please note that the network facing port 4, 5 and 6 don‘t have to be explicitly
# configured to encapsulate/decapsulate mode since the switch implicitly sets all
# tagged ports to encapsulate/decapsulate mode when an L2PT profile is bound to
# any port of the service.

The operator also has the option to configure the L2PT destination MAC address (i.e., the DA used by L2PT encapsulated PDUs). This is may be done using the following CLI command:

configure l2pt encapsulation dest-mac mac_address

The L2PT destination MAC address may only be changed when no L2PT profiles have been bound to any service interface. The default L2PT DA MAC is 01:00:0C:CD:CD:D0 (selected to be interoperable with Cisco and Juniper).

Use the following commands to view the status and statistics of L2PT:

show [vlan | vman] vlan_name {ports port_list} l2pt {detail}

show {l2vpn} [vpls vpls_name | vpws vpws_name] {peer ipaddress} l2pt {detail}

show [[{vlan} vlan_name] {{vxlan {vr vr_name} rtep rtep_ipv4}}] l2pt {detail}

Use the following commands to clear L2PT stats:

clear l2pt counters {[vlan | vman] vlan_name {ports port_list}}

clear l2pt counters {[vpls vpls_name {peer ipaddress} | vpws vpws_name]}

clear l2pt counters {[vlan] vlan_name {{vxlan {vr vr_name} rtep rtep_ipvs}}}