diff options
-rw-r--r-- | share/man/man4/vxlan.4 | 103 |
1 files changed, 35 insertions, 68 deletions
diff --git a/share/man/man4/vxlan.4 b/share/man/man4/vxlan.4 index 6b16596ef91..15a2d91c746 100644 --- a/share/man/man4/vxlan.4 +++ b/share/man/man4/vxlan.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: vxlan.4,v 1.10 2021/01/02 09:56:16 dlg Exp $ +.\" $OpenBSD: vxlan.4,v 1.11 2022/02/16 02:13:43 dlg Exp $ .\" .\" Copyright (c) 2013 Reyk Floeter <reyk@openbsd.org> .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: January 2 2021 $ +.Dd $Mdocdate: February 16 2022 $ .Dt VXLAN 4 .Os .Sh NAME @@ -25,60 +25,22 @@ .Sh DESCRIPTION The .Nm -interface is a tunnelling pseudo-device for overlaying virtualized -layer 2 networks over layer 3 networks. +pseudo-device provides interfaces for tunnelling or overlaying +Ethernet networks on top of IPv4 and IPv6 networks using the +Virtual eXtensible Local Area Network (VXLAN) protocol. +.Pp +VXLAN datagrams consist of an Ethernet payload encapsulated by an +8 byte VXLAN header, which in turn is encapsulated by UDP and IP +headers. +Different VXLAN tunnels or overlays between the same VXLAN Tunnel +Endpoints (VTEPs) can be distinguished by an optional 24-bit Virtual +Network Idenfitier (VNI). .Pp A .Nm interface can be created using the .Ic ifconfig vxlan Ns Ar N Ic create -command. -Once configured, the interface encapsulates and decapsulates Ethernet -frames in UDP datagrams that are exchanged with tunnel endpoints. -The default UDP port for VXLAN traffic is 4789. -.Pp -Each -.Nm -interface uses a 24-bit -.Ic vnetid -(virtual networks identifier) -that distinguishes multiple virtualized layer 2 networks and -their tunnels between identical tunnel endpoints. -.Pp -The interface can operate in the following tunnel modes: -.Bl -tag -width multicast -.It Ic unicast mode -When a unicast IP address is configured as the tunnel destination, -all traffic is sent to a single tunnel endpoint. -.It Ic multicast mode -When a multicast IP address is configured as the tunnel destination, -all traffic is sent to all the tunnel endpoints that subscribed for the -specified multicast group. -.It Ic dynamic mode -When -.Nm -is configured for multicast mode and added to a -.Xr bridge 4 , -all broadcast and multicast traffic is sent to the multicast group, -but directed traffic is sent to unicast IP addresses of individual tunnel -endpoints as they are learned by the bridge. -.It Ic multipoint mode -When -.Nm -is configured with -.Ic vnetid any -and added to a -.Xr bridge 4 , -all return traffic is sent to the known tunnel endpoints -as they are learned by the bridge. -In this mode, -.Nm -does not use a specific virtual network identifier but learns the ones -of the individual tunnel endpoints. -It is used to dynamically bridge many virtual networks together. -.El -.Pp -The configuration can be done at runtime or by setting up a +command or by setting up a .Xr hostname.if 5 configuration file for .Xr netstart 8 . @@ -90,20 +52,33 @@ route to the tunnel destination than the hosts or networks routed via the tunnel interface. Alternatively, the tunnel traffic may be configured in a separate routing table to the encapsulated traffic. +.Pp +The interface can operate in the following tunnel modes: +.Bl -tag -width multicast +.It Ic point-to-point mode +When a unicast IP address is configured as the tunnel destination, +all traffic is sent to a single tunnel endpoint. +.It Ic learning mode +When a multicast IP address is configured as the tunnel destination, +broadcast, multicast, and unknown unicast packets are sent to the +specified multicast group. +Packets received by the tunnel source address are used to dynamically +learn the endpoint addresses for the encapsulated Ethernet source +addresses. +.\" .It Ic endpoint mode +.\" When configured without a tunnel destination address, +.El .Sh EXAMPLES -Create a tunnel to a unicast tunnel endpoint, using the virtual tunnel -identifier 5: +Create a point-to-point tunnel using Virtual Network Identifier 5: .Bd -literal -offset indent # ifconfig vxlan0 tunnel 192.168.1.100 192.168.1.200 vnetid 5 # ifconfig vxlan0 10.1.1.100/24 .Ed .Pp -The following examples creates a dynamic tunnel that is attached to a -.Xr bridge 4 : +The following examples creates a learning overlay network: .Bd -literal -offset indent # ifconfig vxlan0 tunnel 192.168.1.100 239.1.1.100 vnetid 7395 # ifconfig vxlan0 10.1.2.100/24 -# ifconfig bridge0 add vxlan0 up .Ed .Pp Prior to the assignment of UDP port 4789 by IANA, some early VXLAN @@ -142,8 +117,8 @@ value to restrict the traffic to the local network: # ifconfig vxlan0 tunnelttl 1 .Ed .Sh SEE ALSO -.Xr bridge 4 , .Xr inet 4 , +.Xr udp 4 , .Xr hostname.if 5 , .Xr ifconfig 8 , .Xr netstart 8 @@ -157,20 +132,15 @@ value to restrict the traffic to the local network: .%A T. Sridhar .%A M. Bursell .%A C. Wright -.%D May 2013 -.%R draft-mahalingam-dutt-dcops-vxlan-04 -.%T VXLAN: A Framework for Overlaying Virtualized Layer 2 Networks over Layer 3 Networks +.%D August 2014 +.%R RFC 7348 +.%T Virtual eXtensible Local Area Network (VXLAN): A Framework for Overlaying Virtualized Layer 2 Networks over Layer 3 Networks .Re .Sh HISTORY The .Nm device first appeared in .Ox 5.5 . -.Sh AUTHORS -The -.Nm -driver was written by -.An Reyk Floeter Aq Mt reyk@openbsd.org . .Sh CAVEATS The .Nm @@ -183,6 +153,3 @@ interoperability with another implementation requires running a decreased MTU of 1450 bytes. In any other case, it is commonly recommended to set the MTU of the transport interfaces to at least 1600 bytes. -.Pp -The implementation does not support IPv6 multicast tunnel endpoints at -present. |