Configuring virtual overlay networks
A virtual overlay network uses tunneling protocols to extend isolated network segments between servers for multi-tenant data center networks. Overlay networking can be implemented using various networking protocols and standards. FortiADC supports the Virtual Extensive LAN (VXLAN) and Network Virtualization using Generic Routing Encapsulation (NVGRE) protocols.
VXLAN and NVGRE are officially documented in RFC 7348 and RFC 7637, respectively.
To configure a virtual overlay network:
- From a virtual domain, go to Network > Interface.
- Click the Overlay Tunnel tab.
- Click Create New to display the configuration editor.
- Configure the following Overlay Tunnel settings:
Setting Guideline Name Specify a unique name for the overlay tunnel.
Specify a unique name for the overlay tunnel. Valid characters are
A
-Z
,a
-z
,0
-9
,_
, and-
. No spaces.After you initially save the configuration, you cannot edit the name.
Mode Select a virtual overlay networking protocol:
- VXLAN
- NVGRE
VXLAN is the default option.
VXLAN Type
The VXLAN Type option is available if the Mode is VXLAN.
Select the VXLAN gateway type:
- Linux VXLAN
- Flannel VXLAN
Linux VXLAN is the default option.
Interface Specify the outing interface for VXLAN encapsulated traffic.
IP Version Select an IPv4 address type:
- IPv4 Unicast
- IPv4 Multicast
Multicast TTL The Multicast TTL option is available if the IP Version is IPv4 Multicast.
Specify the multicast TTL. Valid values are from 0 (default) to 255, minimum value is 1.
Destination IP Specify the destination IP address.
Note: For IPv4 unicast, you specify multiple IP addresses; for IPv4 multicast, specify one IP address only.
Port The Port option is available if the Mode is VXLAN.
Specify the VXLAN destination port (number). The default is 4789. The valid range is 1–6553.
VNI The VNI option is available if the Mode is VXLAN.
Specify the VXLAN network ID. The valid range is 1–16777215.
VSID
The VSID option is available if the Mode is NVGRE.
Specify the Virtual Subnet Identifier (VSID) for NVGRE.
- Click Save.
Once the Overlay Tunnel settings are saved, the Remote Host MAC Mapping will be available to configure. - In the Remote Host MAC Mapping section, click Create New to display the configuration editor.
- Configure the following Remote Host MAC Mapping settings:
Setting Guideline Host MAC Specify the MAC address of the remote host. VTEP Specify the IPv4 address of the virtual tunnel endpoint. - Click Save.
The dialog closes once the Remote Host MAC Mapping configuration is saved. - Click Save to update the Overlay Tunnel configuration.
|