Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

vxlan-disable-copy-tos-encap

Syntax

Hierarchy Level

Description

Disable copying the Type of Service (ToS) field from the IP header of a packet to the outer IP header of a Virtual Extensible LAN (VXLAN) packet when encapsulating the packet. The ToS field includes values for differentiated services code points (DSCP) and explicit congestion notification (ECN).

In networks where you configure quality of service (QoS) options, traffic moving through the network might include a DSCP value in the ToS field of the IP header for classifying and policing packets. Similarly, network nodes might use the ECN bits in the ToS field of the IP header to enable end-to-end notification of network congestion so the sender can reduce the transmission rate before nodes must start dropping packets. If you have VXLAN tunnels configured in your network, when encapsulating the original packet in the VXLAN header, some devices copy the DSCP and ECN bits from the original packet's IP header (the inner IP header) to the VXLAN IP header (the outer IP header) by default. At the other end of the tunnel, the same types of devices decapsulate the packet and copy the outer IP DSCP and ECN bits back to the inner IP header.

However, some devices (such as the QFX10000 line of switches) don't have the ability to copy ToS field bits upon VXLAN encapsulation and decapsulation. As a result, you might see unexpected results if the devices on both ends of the tunnel don't consistently copy the ToS bits during encapsulation and decapsulation. For example, the decapsulating node might overwrite the inner IP header DSCP bits in a packet with 000000, which inadvertently lowers the priority of the packet to best effort.

To account for these differences in VXLAN encapsulation behavior, you can configure the vxlan-disable-copy-tos-encap statement to disable copying ToS field values from inner to outer IP headers during encapsulation. Similarly, you can configure the vxlan-disable-copy-tos-decap statement to disable copying ToS values from the outer IP header back to the inner IP header during de-encapsulation.

Note:

QFX5130 and QFX5700 switches do not require vxlan-disable-copy-tos-encap, as this is the default behavior for these switches.

CAUTION:

Committing either vxlan-disable-copy-tos-encap or vxlan-disable-copy-tos-decap restarts the FPC causing a disruption in traffic until the FPC recreates the interfaces and tunnels.

Default

Copying ToS bits during VXLAN tunnel encapsulation is enabled on supporting devices.

Note:

Some platforms support copying and disabling copy of only the DSCP bits in the ToS field, and not the ECN bits. Other platforms (such as EX4650 and QFX5120 switches) support copying and disabling copy of both the DSCP and ECN bits. See Feature Explorer for specific platform and release version support details.

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 18.4R2 to disable copying the DSCP bits in the ToS field during VXLAN encapsulation.

Support added in Junos OS Release 21.1R1 for copying and disabling copy of ECN bits in the ToS field during VXLAN encapsulation.