In recent blog entries, I have discussed how to use the UBridge tool to bridge standalone Windows PC to any VXLAN over the IP network. UBridge is a open source tool that can run on most of Intel base Windows system such as XP, Windows 7, Windows 8 and other Windows servers.

You don’t even need to install it, all you need just to install the Winpcap. By using UBridge, you don’t’ need any VXLAN gateway switch or Linux system, as UBridge is like an internal switch that can directly bridge your PC’s NIC to the VXLAN.

As UBridge is implemented according to RFC, it’s fully compatible with the standard multicast transport for BUM frame. So you can use UBridge to integrate with other vender’s VXLAN implementation, such as NSX of VMware, N1000v of Cisco, Arista switch etc.

Besides, inside the release of iptools 0.98, UBridge also supports the Head End Replication (HER) using static configuration of remote VTEPs. It was tested to be compatible with Arista HER implementation.

Just like all other tunneling technology (e.g. GRE or IPsec), as there is additional overhead on the original Ethernet frame, so you may need to adjust the MTU of the NICs. Despite that, I have tested different applications by bridging the PCs using the UBridge. Even without changes any MTU size, most of the applications such as remote desktop, FTP and even TFTP still work fine.

However, that’s not all the case. One of the examples I want to show you is the telnet to the Arista switch over VXLAN. Using the setup as in this blog entry, I can smoothly telnet to the SVI which is actually on the VXLAN of the Arista switch using the Windows interface that being bridged.

To generate a large packet, just issue some commands that will generate a long output. A simple test is just type “show ?”. Now, the telnet just display few lines, then the whole telnet session will hang.

Why is it? Most likely because of the MTU issue. As discussed before, VXLAN is a tunneling technology that uses the IP network to carry over the Ethernet frame. Below is a VXLAN packet.

Lets calculate the overhead. The original Ethernet frame is encapsulated over any frame that have another outer Ethernet header (14 bytes), IP header (20 bytes), UDP header (8 bytes) and VXLAN header (8 bytes). A total of 50 bytes.

Of course, if you can increase the MTU size of the transit IP network for 50 bytes, then that will be the best solution. Yet, that’s not always practical (e.g. due to the hardware limitation of the physical interface). Then the alternation is to decrease the MTU size of the VXLAN interface that being bridged.

So in the Arista switch, I lower the MTU size of the SVI. Lets check the original MTU size as below:

So change it to be 1450 bytes.

Now restart another telnet session, the “show ?” works perfectly.

In this example, I will demonstrate how to configure VXLAN HER (head end replication) of the UBridge to bridge with the Arista switch.  
The setup is as below:

1. 2 different standalone Windows machine running the UBridge with physical interface IP (VTEP) address 10.10.1.33/24 and 10.10.1.63 respectively, their loopback interface with IP address 10.20.1.33//24 and 10.20.1.63/24 respectively  are to be bridged on VXLAN 5000.
2. Arista switch with a routed port (interface E1) using IP address 10.10.1.70, but this address is not for the VTEP, since Arista doesn’t allow physical interface as the source interface of the VTEP. It requires using a loopback interface, so I use 10.80.1.1 on interface loopback 1 as the VTEP. This address needs to be routable among the VTEPs of the 2 Windows PC. A SVI on VLAN 100 with IP address 10.20.1.1/24 will be bridged to the VXLAN 5000.

To summarize:

• VNID is 5000
• The VTEPs: 10.10.1.33 and 10.10.1.63 (standalone PC), 10.80.1.1 (Arista)
• UDP port 8472
• VXLAN subnet 10.20.1.0/24

Configuration of the Arista switch:

Step 1. Create the loopback interface

interface Loopback1
   ip address 10.80.1.1/32

Step 2. Create the VLAN 100 and SVI

vlan 100
interface Vlan100
   ip address 10.20.1.1/24

Step 3. Enable routing and configure the interface E1 as a routed port

ip routing
!
interface Ethernet1
   no switchport
   ip address 10.10.1.70/24

Step 4. Create the VXLAN and bridge with the VLAN 100

interface Vxlan1
   vxlan source-interface Loopback1
   vxlan udp-port 8472
   vxlan vlan 100 vni 5000
   vxlan flood vtep 10.10.1.33 10.10.1.63

On Windows PC:

Before executing the UBridge, need to make the Windows VTEP routable to the loopback interface of the Arista. To make it simple, just add a static route in 2 of the Windows PC:

C:\> route add 10.80.1.0 mask 255.255.255.0 10.10.1.70

Then execute the UBridge on PC 10.10.1.33 (please refer to my previous blog entry for the explanation of this command):

C:\>ubdg 5000#V:E@10.10.1.33:10.10.1.63+10.80.1.1 5000#W:E

Similarly, for PC 10.10.1.63:

C:\>ubdg 5000#V:E@10.10.1.63:10.10.1.33+10.80.1.1 5000#W:E

Now I can ping between the Windows PCs and the VLAN interface of the Arista switch.

You find that the Arista switch learns the VTEP address of the Windows, also the MAC address of the Windows loopback interfaces in the MAC address table.

Thats not the end, you can follow my next blog entry for the discussion of the MTU size issue of VXLAN.

In previous blog entries, I have discussed how to use UBridge to bridge local Windows machines to VXLAN with Cisco Nexus 1000v. Now, I want to add the integration with the Arista switch.
Using the same environment as before:

1. Standalone Windows machine running the UBridge with physical interface IP address 10.10.1.63 as the VTEP, the loopback interface with IP address 10.20.1.63/24 to be on VXLAN 5000
2. Arista switch (I use the virtual edition 4.14.5F and installed in VMWare workstation) with a routed port (interface E1) using IP address 10.10.1.70, but this address is not for the VTEP, since Arista doesn’t allow physical interface as the source interface of the VTEP. It requires using a loopback interface, so I use 10.80.1.1 on interface loopback 1 as the VTEP. This address need to be routable among all the other VTEPs. A SVI on VLAN 100 with IP address 10.20.1.1/24 will be bridged to the VXLAN.

To summarize:

• VNID is 5000
• The VTEPs: 10.10.1.63 (standalone PC), 10.10.1.68 (ESX), 10.80.1.1 (Arista)
• Multicast group 225.1.1.1 and UDP port 8472
• VXLAN subnet 10.20.1.0/24

Configuration of the Arista switch:

Step 1. Create the loopback interface

interface Loopback1
   ip address 10.80.1.1/32

Step 2. Create the VLAN 100 and SVI

vlan 100
interface Vlan100
   ip address 10.20.1.1/24

Step 3. Configure the interface E1 and enable both unicast and multicast routing

ip routing
!
ip multicast-routing
!
interface Ethernet1
   no switchport
   ip address 10.10.1.70/24
   ip pim sparse-mode

Step 4. Create the VXLAN and bridge with the VLAN 100

interface Vxlan1
   vxlan multicast-group 225.1.1.1
   vxlan source-interface Loopback1
   vxlan udp-port 8472
   vxlan vlan 100 vni 5000

On Windows PC:

Before executing the Ubridge, need to make the Windows VTEP routable to the loopback interface of the Arista. To make it simple, just add a static route in the Windows:

C:\> route add 10.80.1.0 mask 255.255.255.0 10.10.1.70

Then execute the Ubridge:

C:\>ubdg 5000#V:E@10.10.1.63:225.1.1.1 5000#W:E

Now I can ping between the Windows and the VLAN interface of the Arista switch.

To verify in the Arista switch:

You find that the Arista switch learns the VTEP address of the Windows, also the MAC address of the Windows loopback interface in the MAC address table.