Hi John, On Fri, 2017-09-22 at 05:59 +0000, John Lo (loj) wrote: > Hi Marco, > > I am not sure this can work. After VXLAN encap, there is no IP lookup (as it > is expensive) so it won't naturally follow the IP for-us path to ip4-local and > ip4-udp-lookup and vxlan-input nodes. Instead, packet forwarding will follow > the DPO forwarding chain setup by L3 FIB for the DIP of the VXLAN tunnel. It > will depends on how the forwarding chain is setup and whether loopback would > turn around the packet into IP forwarding path properly. > > From the "show node counters" output, we can see packets are VXLAN encap'ed > and then dropped because of drop adjacency. You can enable packet trace using > "trace add vhost-user-input <n>", send a few packets, and then "show trace". > The packet trace output should give you pretty good info on how packets are L2 > forwarded, VXLAN encap'ed, forwarded, and dropped to see why it is not working > and if the forwarding behavior can be changed for your testing purposes. Thanks for the great hint. Will try this and see where I land :)
> > Regards, > John Cheers, Marco > > -----Original Message----- > From: vpp-dev-boun...@lists.fd.io [mailto:vpp-dev-boun...@lists.fd.io] On > Behalf Of Marco Varlese > Sent: Thursday, September 21, 2017 2:51 AM > To: vpp-dev <vpp-dev@lists.fd.io> > Subject: [vpp-dev] VXLAN tunnel setup on single host? > > Resending this since it looks like it was never handled by the mail server... > :( > > On Wed, 2017-09-20 at 16:42 +0200, Marco Varlese wrote: > > Hi, > > > > I am wondering if it's possible to have a VXLAN setup using a single > > host environment. > > > > I thought to use two bridges; each bridge containing: > > * a virutal interface to be connected to the VM; > > * a vxlan tunnel interface; > > * a loop device (with the IP configured as the vxlan tunnel > > termination) - guess this might be the issue but do not know what else > > to be used :( > > > > Basically, I'd like to be able to send a ping from VM-1 to VM-2 (and > > vice- > > versa) over a vxlan-tunnel. Unfortunately, I didn't succeed and any > > help would be really appreciated. > > > > I am doing this since I'm working on a new tunnel protocol and having > > a setup on a single host would be simpler for me to setup/maintain in my > > environment. > > I chose VXLAN to try out (in this setup) an existing tunnel protocol first. > > > > Below the set of command I am using: > > > > ###################################################################### > > # > > # CREATE TAP interface for VM1 > > $PATH/vppctl create vhost socket /tmp/sock1.sock server $PATH/vppctl > > set interface state VirtualEthernet0/0/0 up > > > > # CREATE VXLAN-TUNNEL-0 > > $PATH/vppctl create vxlan tunnel src 10.0.3.1 dst 10.0.3.3 vni 13 > > decap-next > > l2 # creates vxlan_tunnel0 > > > > # CREATE LOOPBACK interface LOOP0 > > $PATH/vppctl loopback create mac 1a:2b:3c:4d:5e:6f $PATH/vppctl set > > interface state loop0 up $PATH/vppctl set interface ip table loop0 5 > > $PATH/vppctl set interface ip address loop0 10.0.3.1/24 > > > > ###################################################################### > > # > > # CREATE TAP interface for VM2 > > $PATH/vppctl create vhost socket /tmp/sock2.sock server $PATH/vppctl > > set interface state VirtualEthernet0/0/1 up > > > > # CREATE VXLAN-TUNNEL-1 > > $PATH/vppctl create vxlan tunnel src 10.0.3.3 dst 10.0.3.1 vni 13 > > decap-next > > l2 # creates vxlan_tunnel1 > > > > # CREATE LOOPBACK interface LOOP1 > > $PATH/vppctl loopback create mac a1:b2:c3:d4:e5:f6 $PATH/vppctl set > > interface state loop1 up $PATH/vppctl set interface ip table loop1 5 > > $PATH/vppctl set interface ip address loop1 10.0.3.3/24 > > > > ###################################################################### > > # # CREATE bridge-domain 1 with loop0 / vxlan_tunnel0 / tap0 > > $PATH/vppctl create bridge-domain 1 learn 1 forward 1 uu-flood 1 flood > > 1 arp- term 0 $PATH/vppctl set interface l2 bridge > > VirtualEthernet0/0/0 1 $PATH/vppctl set interface l2 bridge > > vxlan_tunnel0 1 $PATH/vppctl set interface l2 bridge loop0 1 bvi > > > > # CREATE bridge-domain 2 with loop1 / vxlan_tunnel1 / tap1 > > $PATH/vppctl create bridge-domain 2 learn 1 forward 1 uu-flood 1 flood > > 1 arp- term 0 $PATH/vppctl set interface l2 bridge > > VirtualEthernet0/0/1 2 $PATH/vppctl set interface l2 bridge > > vxlan_tunnel1 2 $PATH/vppctl set interface l2 bridge loop1 2 bvi > > > > $PATH/vppctl set bridge-domain arp term 1 $PATH/vppctl set > > bridge-domain arp term 2 > > > > $PATH/vppctl set bridge-domain arp entry 1 10.0.3.1 1a:2b:3c:4d:5e:6f > > $PATH/vppctl set bridge-domain arp entry 2 10.0.3.1 1a:2b:3c:4d:5e:6f > > $PATH/vppctl set bridge-domain arp entry 2 10.0.3.2 a1:b2:c3:d4:e5:f6 > > $PATH/vppctl set bridge-domain arp entry 1 10.0.3.2 a1:b2:c3:d4:e5:f6 > > > > > > Some output I collected when trying to ping from one VM to another. > > DBGvpp# show int > > Name Idx State Counter C > > ou > > nt > > VirtualEthernet0/0/0 1 up rx > > packets 34 > > rx > > bytes 5115 > > drops > > > > 34 > > VirtualEthernet0/0/1 4 up rx > > packets 50 > > rx > > bytes 5775 > > drops > > > > 50 > > local0 0 down > > loop0 3 up rx > > packets 34 > > rx > > bytes 4639 > > drops > > > > 34 > > ip4 > > > > 9 > > ip6 > > > > 17 > > loop1 6 up rx > > packets 50 > > rx > > bytes 5075 > > drops > > > > 50 > > ip4 > > > > 9 > > ip6 > > > > 17 > > vxlan_tunnel0 2 up tx > > packets 34 > > tx > > bytes 6339 > > vxlan_tunnel1 5 up tx > > packets 50 > > tx > > bytes 7575 > > DBGvpp# show node counters > > Count Node Reason > > 37 ip6-input ip6 adjacency drop > > 115 ip4-input ip4 adjacency drop > > 96 vxlan4-encap good packets encapsulated > > 96 l2-output L2 output packets > > 96 l2-learn L2 learn packets > > 2 l2-learn L2 learn misses > > 2 l2-learn L2 learn hit updates > > 96 l2-input L2 input packets > > 192 l2-flood L2 flood packets > > 40 arp-input IP4 source address not > > local > > to subnet > > > > > > Thanks, > > Marco > > > > _______________________________________________ > vpp-dev mailing list > vpp-dev@lists.fd.io > https://lists.fd.io/mailman/listinfo/vpp-dev > _______________________________________________ vpp-dev mailing list vpp-dev@lists.fd.io https://lists.fd.io/mailman/listinfo/vpp-dev
