22.4 VXLAN Command Descriptions
VXLAN Global Configuration Commands
VXLAN Interface Configuration Commands
VXLAN Display and Clear Commands
clear vxlan counters
The clear vxlan counters command resets the VXLAN counters.
Command Mode
Privileged EXEC
Command Syntax
clear vxlan counters ROUTE_TYPE
Parameters
ROUTE_TYPE     Specifies the type of VXLAN counter reset by the command.
software     Command resets software counters.
varp     Command resets virtual-ARP counters.
Related Commands
show vxlan counters displays the VXLAN counters.
Example
This command resets the VXLAN counters
switch#clear vxlan counters software
switch#show vxlan counters software
encap_bytes:0
encap_pkts:0
encap_read_err:0
encap_discard_runt:0
encap_discard_vlan_range:0
encap_discard_vlan_map:0
encap_send_err:0
encap_timeout:0
decap_bytes_total:0
decap_pkts_total:0
decap_bytes:0
decap_pkts:0
decap_runt:0
decap_pkt_filter:0
decap_bytes_filter:0
decap_discard_vxhdr:0
decap_discard_vlan_map:0
decap_timeout:0
decap_sock_err:0
switch#
interface vxlan
The interface vxlan command places the switch in VXLAN-interface configuration mode for modifying the specified VXLAN tunnel interface (VTI). The command also instantiates the interface if it was not previously created.
VXLAN interface configuration mode is not a group change mode; running-config is changed immediately after commands are executed. The exit command does not affect the configuration.
The no interface vxlan deletes the specified VTI interface, including its configuration statements, from running-config. The default interface vxlan command removes all configuration statements for the specified VTI from running-config without deleting the interfaces.
Command Mode
Global Configuration
Command Syntax
interface vxlan vx_range
no interface vxlan vx_range
default interface vxlan vx_range
Parameter
vx_range     VXLAN interface number. The only permitted value is 1.
Commands Available in link-flap Configuration Mode
Example
These commands create VXLAN tunnel interface 1, place the switch in VXLAN-interface configuration mode, then display parameters of the new VTI.
switch(config)#interface vxlan 1
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan udp-port 4789
switch(config-if-Vx1)#
This command exits VXLAN-interface configuration mode, placing the switch in global configuration mode.
switch(config-if-Vx1)#exit
switch(config)#
ip address virtual
The ip address virtual command configures a specified address as the primary IPv4 address and as a virtual IP address for the configuration mode VLAN interface. The address resolves to the virtual MAC address configured through the ip virtual-router mac-address command. The command includes a subnet designation that is required in primary IP address assignments.
This command is typically used in VXLAN routing configurations as an alternative to assigning a unique IP address to each VTEP. All existing IPv4 addresses must be removed from the interface before executing this command.
The no ip address virtual and default ip address virtual commands remove the IPv4 address and virtual IP assignment from the configuration mode interface by deleting the ip address virtual command from running-config.
Removing the IPv4 address assignments from an interface disables IPv4 processing on that port.
Command Mode
Interface-VLAN Configuration
Command Syntax
ip address virtual ipv4_subnet
no ip address virtual
default ip address virtual
Parameters
ipv4_subnet     IPv4 and subnet address (CIDR or address-mask notation).
Related Commands
Example
This command configures 10.10.10.1 as the IPv4 address and virtual address for VLAN 100.
switch(config-if-Vl100)#show active
interface Vlan100
   ip address virtual 10.10.10.1/28
switch(config-if-Vl100)#
show service vxlan
The show service vxlan command displays the status of the Vxlan Control Service (VCS) and the received (from all connected VTEPs) and advertised (to all connected VTEPs) MAC address reachability information.
Command Mode
EXEC
Command Syntax
show service vxlan [status | switch [SWITCH_TYPE] | vni [VNI_INFO]]
Parameters
SWITCH_TYPE    displayed by switch type. Options include:
word     hostname, IP address, or ID of the switch.
all     all switches.
VNI_INFO     displayed with VNI information. Options include:
advertised     advertised MAC addresses.
received     received MAC addresses.
Example
This command displays the status of the VCS.
switch(config)#show service vxlan status
Vxlan Controller Service is   : stopped
Mac learning                  : Control plane
Resync period                 : 300 seconds
Resync in progress            : No
Capability                    : VXLAN v4 overlay routing
                                VXLAN v4 overlay indirect routing
fm319(config-if-Vx1)#show service vxlan status
Vxlan Controller Service is   : stopped
Mac learning                  : Control plane
Resync period                 : 300 seconds
Resync in progress            : No
Capability                    : VXLAN v4 overlay routing
                                VXLAN v4 overlay indirect routing
 
switch(config)#
show vxlan address-table
The show vxlan address-table command displays the VXLAN address table. Entries are created by extracting information from packets received from remote VTEPs.
The VXLAN address table correlates MAC addresses that are accessible through remote VTEPs with the local VLAN and the IP address of the VTP through which the addressed device is accessible. The VTI uses this table when constructing the VXLAN encapsulation fields to specify the destination IP address of the recipient VTEP and the VNI segment through which the device’s remote VLAN is accessed.
Command Mode
EXEC
Command Syntax
show vxlan address-table [ENTRY_TYPE][MAC_ADDR][VLANS][REMOTE_VTEP]
Parameters
ENTRY_TYPE    command filters display by entry type. Options include:
<no parameter>     all table entries.
configured     static entries; includes unconfigured VLAN entries.
dynamic     entries learned though packet receipts.
static     entries entered by CLI commands.
unicast     entries with unicast MAC address.
MAC_ADDR     command uses MAC address to filter displayed entries.
<no parameter>     all MAC addresses table entries.
address mac_address     displays entries with specified address (dotted hex notation – H.H.H).
VLANS     command filters display by VLAN.
<no parameter>     all VLANs.
vlan v_num     VLAN specified by v_num.
REMOTE_VTEP     Filters entries by IP address of the remote VTEPs. Options include:
<no parameter>     all items.
vtep ipaddr_1 [ipaddr_2...ipaddr_n]     Identifies VTEPs by their IP address.
Example
This command displays the VXLAN address table.
switch>show vxlan address-table
          Vxlan Mac Address Table
----------------------------------------------------------------------
 
Vlan  Mac Address     Type     Prt  Vtep             Moves   Last Move
----  -----------     ----     ---  ----             -----   ---------
  51  0000.0051.0101  DYNAMIC  Vx1  10.25.2.12       1       4 days, 0:37:14 ago
  51  0000.0051.0102  DYNAMIC  Vx1  10.25.2.12       1       4 days, 0:37:14 ago
  51  0000.0051.0103  DYNAMIC  Vx1  10.25.2.12       1       4 days, 0:37:14 ago
  51  0000.0051.0104  DYNAMIC  Vx1  10.25.2.12       1       4 days, 0:37:14 ago
  51  0000.0051.0105  DYNAMIC  Vx1  10.25.2.12       1       4 days, 0:37:14 ago
  61  0000.0061.0102  DYNAMIC  Vx1  10.25.2.12       1       4 days, 0:37:14 ago
  61  0000.0061.0103  DYNAMIC  Vx1  10.25.2.12       1       4 days, 0:37:14 ago
  61  0000.0061.0104  DYNAMIC  Vx1  10.25.2.12       1       4 days, 0:37:14 ago
  61  0000.0061.0105  DYNAMIC  Vx1  10.25.2.12       1       4 days, 0:37:14 ago
switch>
show vxlan counters
The show vxlan counters command displays the VXLAN counters.
Command Mode
EXEC
Command Syntax
show vxlan counters ROUTE_TYPE
Parameters
ROUTE_TYPE     Specifies the type of VXLAN counter displayed by the command.
software     Command displays software routers.
varp     Command displays virtual-ARP counters.
vtep     Command displays counters for VTEPs which are identified by their IP address. An optional keyword allows the user to view a single direction of the counters:
encap     “encap” counters count packets coming from the edge, encapsulated on the device and directed to the core.
decap     “decap” counters count packets coming from the core, decapsulated on the device and heading towards the edge.
Related Commands
clear vxlan counters resets the VXLAN counters.
Example
This command displays the VXLAN counters for software routers.
switch>show vxlan counters software
encap_bytes:3452284
encap_pkts:27841
encap_read_err:1
encap_discard_runt:0
encap_discard_vlan_range:0
encap_discard_vlan_map:0
encap_send_err:0
encap_timeout:1427
decap_bytes_total:382412426
decap_pkts_total:2259858
decap_bytes:0
decap_pkts:0
decap_runt:0
decap_pkt_filter:45128
decap_bytes_filter:5908326
decap_discard_vxhdr:0
decap_discard_vlan_map:2214730
decap_timeout:0
decap_sock_err:1
switch>
This command displays the VXLAN counters for VTEPs.
switch>show vxlan counters vtep
                                                                   Decap Drop or
                                  Decap Known           Decap BUM      Exception
VTEP         Decap Bytes      Unicast Packets           Packets          Packets
-------- --------------- -------------------- -------------------- -------------
1.0.14.1     62526968000            312632701            312636979             2
1.0.16.1             800                    2                    6     312279633
1.0.23.1             800                    2                    6             2
unlearnt               0                    0                    0             0
                                              Encap Drop or
                                                  Exception
VTEP         Encap Bytes        Encap Packets       Packets
-------- --------------- -------------------- -------------
1.0.14.1     30579308814            268239551             2
1.0.16.1            1140                   10             2
1.0.23.1               0                    0             0
 
switch>
show vxlan flood vtep
The show vxlan flood vtep command displays the flood list that the switch is using to perform head-end replication. Head-end replication is a data distribution method that supports broadcast, unknown unicast, and multicast (BUM) traffic over VXLANs by replicating BUM data locally for transmission to the set of remote VTEPs that a flood list specifies. The command displays the VLAN ID that references the configured VNIs ( vxlan vlan vni).
The flood list is determined by the vxlan flood vtep command.
Command Mode
EXEC
Command Syntax
show vxlan flood vtep [VLANS]
Parameters
VLANS      command filters display by the reference VLAN.
<no parameter>     all VLANs.
vlan v_range     VLANs specified by v_range.
Valid v_range formats include number, range, or comma-delimited list of numbers and ranges.
Guidelines
The command displays flood list contents only when the VLAN line protocol status is up.
Related Commands
vxlan flood vtep configures the flood list.
Example
These commands display the VTEPs that have exchanged data with the configured VTI.
switch>show vxlan flood vtep vlan 100-102
          Vxlan Flood Vtep Table
--------------------------------------------------------
 
Vlan   Ip Address
----   -------------------------------------------------
100    3.3.3.3
101    11.1.1.1         11.1.1.2         11.1.1.3
102    11.1.1.1         11.1.1.2         11.1.1.3
       12.1.1.1
switch>
show vxlan vtep
The show vxlan vtep command displays information about remote VTEPs that the configured VTI has discovered and with whom it has exchanged packets.
Command Mode
EXEC
Command Syntax
show vxlan vtep
Example
These commands display the VTEPs that have exchanged data with the configured VTI.
switch>show vxlan vtep
Remote vteps for Vxlan1:
10.52.2.12
Total number of remote vteps:  1
switch>
vxlan flood vtep
The vxlan flood vtep command supports VXLAN head-end replication by creating or modifying a list that specifies remote VTEPs to which the switch bridges replicated traffic. Head-end replication is a data distribution method that supports broadcast, unknown unicast, and multicast (BUM) traffic over VXLANs by replicating BUM data locally for transmission to the set of remote VTEPs that a flood list specifies. This data flooding facilitates remote MAC address learning through the forwarding of data with unknown MACs.
Each vxlan flood vtep statement in running-config associates a set of VTEP addresses to an access VNI. A default flood list is also configurable that applies to all VNIs for which a flood list is not configured. The vxlan flood vtep command is available in the following formats to create or modify corresponding running-config statements:
vxlan flood vtep creates a statement for a specified VNI and replaces existing statements for that VNI.
vxlan flood vtep add modifies an existing flood statement by adding the specified VTEPs. This statement creates a list if it references a VNI that has no flood statement.
vxlan flood vtep remove modifies an existing flood statement by deleting the specified VTEPs. This statement has no effect if it references a VNI that has no flood statement.
The vxlan flood vtep command specifies a VNI by referencing its associated VLAN ID ( vxlan vlan vni). The command provides these options for specifying the reference VLANs:
a single VLAN: creates or modifies a single statement referenced by the command.
a range of VLANs: creates or modifies all statements referenced by the VLAN range.
no VLAN: creates or modifies the default list
The no vxlan flood vtep and default vxlan flood vtep commands remove the specified flood list by deleting the corresponding vxlan flood vtep statements from running-config. Commands that specify a VLAN range remove all corresponding statements.
Command Mode
Interface-VXLAN Configuration
Command Syntax
vxlan [ACCESS_VNI] flood vtep [MODIFY] VTEP_1 [VTEP_2] ... [VTEP_N]
no vxlan [ACCESS_VNI] flood vtep
default vxlan [ACCESS_VNI] flood vtep
Parameters
ACCESS_VNI     VLAN ID associated to the flood list’s target VNI. Value ranges from 1 to 4094.
<no parameter >     default list.
vlan vlan_range     List of VLANs. (Number, range, comma-delimited list of numbers and ranges). Numbers range from 1 to 4094.
MODIFY     Statement modification method. Options include:
<no parameter >     creates new list for specified VLANs. Current list is overwritten.
add     specified VTEPs are added to existing list.
remove     specified VTEPs are deleted from existing list.
VTEP_X     IPv4 address of VTEPs that are added or removed from the list.
Example
These commands create a default VXLAN head-end replication flood list.
switch(config)#interface vxlan 1
switch(config-if-Vx1)#vxlan flood vtep 10.1.1.1 10.1.1.2
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan flood vtep 10.1.1.1 10.1.1.2
   vxlan udp-port 4789
switch(config-if-Vx1)#
These commands create VXLAN head-end replication flood lists for the VNIs accessed through VLANs 101 and 102.
switch(config-if-Vx1)#vxlan vlan 101-102 flood vtep 11.1.1.1 11.1.1.2 11.1.1.3
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan flood vtep 10.1.1.1 10.1.1.2
   vxlan vlan 101 flood vtep 11.1.1.1 11.1.1.2 11.1.1.3
   vxlan vlan 102 flood vtep 11.1.1.1 11.1.1.2 11.1.1.3
   vxlan udp-port 4789
switch(config-if-Vx1)#
These commands add two VTEPs for the VNI access through VLAN 102.
switch(config-if-Vx1)#vxlan vlan 102 flood vtep add 12.1.1.1
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan flood vtep 10.1.1.1 10.1.1.2
   vxlan vlan 101 flood vtep 11.1.1.1 11.1.1.2 11.1.1.3
   vxlan vlan 102 flood vtep 11.1.1.1 11.1.1.2 11.1.1.3 12.1.1.1
   vxlan udp-port 4789
switch(config-if-Vx1)#
vxlan multicast-group
The vxlan multicast-group command associates a specified multicast group with the configuration mode VXLAN interface (VTI), which handles multicast and broadcast traffic as a layer 2 interface in a bridging domain.
The VTI maps multicast traffic from its associated VLANs to the specified multicast group. Inter-VTEP multicast communications include all VTEPs that are associated with the specified multicast group, which is independent of any other multicast groups that VLAN hosts may join.
A VTI can be associated with one multicast group. By default, a VTI is not associated with any multicast group.
The no vxlan multicast-group and default vxlan multicast-group commands removes the multicast group – VTI association by removing the vxlan multicast-group command from running-config.
Command Mode
Interface-VXLAN Configuration
Command Syntax
vxlan multicast-group group_addr
no vxlan multicast-group
default vxlan multicast-group
Parameters
group_addr     IPv4 address of multicast group. Dotted decimal notation of a valid multicast address.
Related Commands
interface vxlan places the switch in VXLAN interface configuration mode.
Examples
This command associates the multicast address of 227.10.1.1 with VTI 1.
switch(config)#interface vxlan 1
switch(config-if-Vx1)#vxlan multicast-group 227.10.1.1
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan multicast-group 227.10.1.1
   vxlan udp-port 4789
switch(config-if-Vx1)#
This command changes VTI 1’s multicast group association.
switch(config-if-Vx1)#vxlan multicast-group 227.10.5.5
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan multicast-group 227.10.5.5
   vxlan udp-port 4789
switch(config-if-Vx1)#
This command removes the multicast group association from VTI 1.
switch(config-if-Vx1)#no vxlan multicast-group
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan udp-port 4789
switch(config-if-Vx1)#
vxlan multicast-group decap
The vxlan multicast-group decap command enables VXLAN multicast decapsulation.
VTEPs are enabled by VXLAN multicast decapsulation, supporting Head End Replication (HER). Multicast encapsulated Broadcast/Unknown/Multicast (BUM) packets terminate VTEPs from remote VTEPs that do not support HER.
The no vxlan multicast-group decap and default vxlan multicast-group decap commands disable VXLAN multicast decapsulation.
Command Mode
Interface-VXLAN Configuration
Command Syntax
vxlan multicast-group decap group_addr
no vxlan multicast-group decap
default vxlan multicast-group decap
Parameters
group_addr     IPv4 address of multicast group. Dotted decimal notation of a valid multicast address.
Examples
This command enables VXLAN multicast decapsulation.
switch(config)#interface vxlan 1
switch(config-config-if-Vx1)#vxlan multicast-group decap 230.1.1.1
switch(config-config-if-Vx1)#
This command disables VXLAN multicast decapsulation.
switch(config)#interface vxlan 1
switch(config-config-if-Vx1)#no vxlan multicast-group decap 230.1.1.1
switch(config-config-if-Vx1)#
vxlan source-interface
The vxlan source-interface command specifies the interface from which the configuration mode VXLAN interface (VTI) derives the source address (IP) that it uses when exchanging VXLAN frames. There is no default source interface assignment.
The no vxlan source-interface and default vxlan source-interface commands remove the source interface assignment from the configuration mode VXLAN interface by deleting the corresponding ip vxlan source-interface command from running-config.
Command Mode
Interface-VXLAN Configuration
Command Syntax
vxlan source-interface INT_NAME
no vxlan source-interface
default vxlan source-interface
Parameters
INT_NAME     Interface type and number. Options include:
loopback l_num     Loopback interface specified by l_num.
Guidelines
A VXLAN interface is inoperable without the source-interface assignment.
Related Commands
interface vxlan places the switch in VXLAN interface configuration mode.
Example
These commands configure VTI 1 to use the IP address 10.25.25.3 as the source address of outbound VXLAN frames.
switch(config)#interface loopback 15
switch(config-if-Lo15)#ip address 10.25.25.3/24
switch(config-if-Lo15)#exit
switch(config)#interface vxlan 1
switch(config-if-Vx1)#vxlan source-interface loopback 15
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan source-interface Loopback15
   vxlan udp-port 4789
switch(config-if-Vx1)#
vxlan udp-port
The vxlan udp-port command associates a UDP port with the configuration mode VXLAN interface (VTI). By default, UDP port 4789 is associated with the VTI.
Packets bridged to the VTI from a VLAN are encapsulated with a VXLAN header that includes the VNI associated with the VLAN and the IP address of the VTEP that connects to the recipient, then sent through the UDP port. Packets that arrive through the UDP port are sent to the bridging domain of the recipient VLAN as determined by the VNI number in the VXLAN header and the interface’s VNI-VLAN map.
The no vxlan udp-port and default vxlan udp-port command restores the default UDP port association (4789) on the configuration mode interface by deleting the corresponding vxlan udp-port command from running-config.
Command Mode
Interface-VXLAN Configuration
Command Syntax
vxlan udp-port port_id
no vxlan udp-port
default vxlan udp-port
Parameters
port_id     UDP port number. Value ranges from 1024 to 65535.
Guidelines
UDP port 4789 is reserved by convention for VXLAN usage. Under most typical applications, this parameter should be set to the default value.
Related Commands
interface vxlan places the switch in VXLAN interface configuration mode.
Example
This command associates UDP port 5500 with VXLAN interface 1.
switch(config)#interface vxlan 1
switch(config-if-Vx1)#vxlan udp-port 5500
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan udp-port 5500
switch(config-if-Vx1)#
This command resets the VXLAN interface 1 UDP port association of 4789.
switch(config-if-Vx1)#no vxlan udp-port
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan udp-port 4789
switch(config-if-Vx1)#
vxlan vlan vni
The vxlan vlan vni command associates a VLAN ID with a virtual network identifier (VNI). A VNI is a 24-bit number that is assigned to a VLAN to distinguish it from other VLANs that are on a VXLAN tunnel interface (VTI). VNI values range from 1 to 16777215 in decimal notation and from 0.0.1 to 255.255.255 in dotted decimal notation.
When a VLAN bridges a packet to the VTI, the packet is encapsulated with a VXLAN header that includes the VNI that is associated with the VLAN. Packets that arrive on the VTI’s UDP socket are bridged to the VLAN that is associated with the VNI specified by the VXLAN header that encapsulates the packet.
The VTI requires a one-to-one correspondence between specified VLANs and VNI values. Commands that assign a new VNI to a previously configured VLAN replace the existing VLAN assignment statement in running-config. Commands that attempt to assign a VNI value to a second VLAN generate a CLI error.
The no vxlan vlan vni and default vxlan vlan vni commands remove the specified VLAN-VNI association from the configuration mode interface by deleting the corresponding vxlan vlan command from running-config.
Command Mode
Interface-VXLAN Configuration
Command Syntax
vxlan vlan vlan_id vni vni_id
no vxlan vlan vlan_id vni [vni_id]
default vxlan vlan vlan_id vni [vni_id]
Parameters
vlan_id     number of access VLAN. Value ranges from 1 to 4094.
vni_id     VNI number. Valid formats: decimal <1 to 16777215> or dotted decimal <0.0.1 to 255.255.255>.
Example
These commands associate VLAN 100 to VNI 100 and VLAN 200 to VNI 10.10.200.
switch(config)#interface vxlan 1
switch(config-if-Vx1)#vxlan vlan 100 vni 100
switch(config-if-Vx1)#vxlan vlan 200 vni 10.10.200
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan udp-port 4789
   vxlan vlan 200 vni 658120
   vxlan vlan 100 vni 100
switch(config-if-Vx1)#vxlan vni notation dotted
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan udp-port 4789
   vxlan vlan 200 vni 10.10.200
   vxlan vlan 100 vni 0.0.100
switch(config-if-Vx1)#
vxlan vni notation dotted
The vxlan vni notation dotted command configures the switch to display VNIs in dotted decimal notation. A virtual network identifier (VNI) is a 24-bit number that is assigned to a VLAN to distinguish it from other VLANs that are on a VXLAN tunnel interface. VNI values range from 1 to 16777215 in decimal notation and from 0.0.1 to 255.255.255 in dotted decimal notation.
The command affects the VNI number display in all show commands, including show running-config. Commands that include VNI as a parameter may use decimal or dotted decimal notion regardless of the setting of this command. By default, show commands display VNI number in decimal notation.
The no vxlan vni notation dotted and default vxlan vni notation dotted commands restore the default setting of displaying vni numbers in decimal notation by deleting the vxlan vni notation dotted command from running-config.
Command Mode
Global Configuration
Command Syntax
vxlan vni notation dotted
no vxlan vni notation dotted
default vxlan vni notation dotted
Examples
These commands configure the switch to display vni numbers in dotted decimal notation, then displays a configuration that includes a vni setting.
switch(config)#vxlan vni notation dotted
switch(config)#interface vxlan 1
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan udp-port 4789
   vxlan vlan 333 vni 3.4.5
switch(config-if-Vx1)#
These commands configure the switch to display vni numbers in decimal notation, then displays a configuration that includes a vni setting.
switch(config)#no vxlan vni notation dotted
switch(config)#interface vxlan 1
switch(config-if-Vx1)#show active
interface Vxlan1
   vxlan udp-port 4789
   vxlan vlan 333 vni 197637
switch(config-if-Vx1)#