Administrator Guide
VXLAN Header :
• VXLAN Flags : Reserved bits set to zero except bit 3, the rst bit, which is set to 1 for a valid VNI
• VNI: The 24-bit eld that is the VXLAN Network Identier
• Reserved: A set of elds, 24 bits and 8 bits, that are reserved and set to zero .
Frame Check
Sequence (FCS):
Note that the original Ethernet frame's FCS is not included, but new FCS is generated on the outer Ethernet
frame.
Conguring and Controlling VXLAN from the NVP
Controller GUI
You can congure and control VXLAN from the NVP controller GUI, by adding a hardware device to NSX and authenticating the device.
1 Generate a certicate in your system and add it to the NSX before adding a hardware device for authentication.
To generate a certicate, use the following command:
• crypto cert generate self-signed cert-file flash://vtep-cert.pem key-file flash://vtep-
privkey.pem
To view the certicate, use the following command:
• show file flash://vtep-cert.pem
The output appears similar to the following example:
-----BEGIN CERTIFICATE-----
MIID3jCCAsagAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmTELMAkGA1UEBhMCVVMxFTATBgNVBAMMDHd3dy5kZWxsLmNvb
TENMAsGA1UECgwERGVsbDEYMBYGA1UECwwPRGVsbCBOZXR3b3JraW5nMREwDwYDVQQHDAhTQU4gSm9zZTETMBEGA1UECA
wKQ2FsaWZvcm5pYTEiMCAGCSqGSIb3DQEJARYTc29tZW9uZUBleGFtcGxlLmNvbTAeFw0xNTExMjAwMzA0NTNaFw0yNTE
xMTcwMzA0NTNaMIGZMQswCQYDVQQGEwJVUzEVMBMGA1UEAwwMd3d3LmRlbGwuY29tMQ0wCwYDVQQKDAREZWxsMRgwFgYD
VQQLDA9EZWxsIE5ldHdvcmtpbmcxETAPBgNVBAcMCFNBTiBKb3NlMRMwEQYDVQQIDApDYWxpZm9ybmlhMSIwIAYJKoZIh
vcNAQkBFhNzb21lb25lQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGaGq3Cv4/
RpuoiuePrnayORRhzEW/H2Ypv8OKEcew1gySmFz24LQttzSHo4AO+qF3LkILvFW2RaHZ1mxbmm95d3PnZ8fXg2wgPz+
+T6coHGYH0o0+LkHVBb3IIXd/CSp+TBRzAwWMPS7tnaRv1UqiJtm6/RjcJghbf6zcQWUcg2CTtKe5ej/
rS2tIU9EBGCzL3xs6DRB3lvScgmuckc5L18qWqNHRWMdKFgKwHKUOOvHakPFs9RNJNy5Sxwfe/kgkVmqA/
KWiRIecLIgmgYjKu2E0uC3URpuydoN7UwPSeigXWeR3JyhzfFVEr5LtyXVpo9zS2JGyygKtzZBpke1wIDAQABoy8wLTAM
BgNVHRMEBTADAQH/MB0GA1UdDgQWBBTaOaPuXmtLDTJVv++VYBiQr9gHCTANBgkqhkiG9w0BAQUFAAOCAQEAn5E/
w3BLQrX3e3Jv3EUFftGV0NABXOQxb/ODH4doA/68nQcvW7GZgpwoxe77YQH+C/uBNFwSBFxsu9ZkXhKu2q8wrCd
+cnuaNu7Kq2V0DGSdR7eIkDTHkflttHbMmRfStHLetk3bA0HgXTW5c+vFn79EX/nJqxIvkl5ADT7k5JZR
+j6i9eskgUlvBuV5OOZKzh29Gy4sjXvdYL5GirZFon8iZNY5FON
+WlpcLJ9GjMvVfwvJx7exVs9cqXvm6UZ4Bf262STKbm+Q4qz30tyjDdF1xDBcBjL83UcEvSW65V/
sSFKBohqu40EWXIBJ0QbKvFWv91rbjkgtsrHVTdohrA==
-----END CERTIFICATE-----
Copy and paste the generated certicate to the NSX.
2 Create Service Node
To create service node, the required elds are the IP address and SSL certicate of the server. The Service node is responsible for
broadcast/unknown unicast/multicast trac replication. The following is the snapshot of the user interface for the creation of service
node:
Virtual Extensible LAN (VXLAN)
1049