Overlay Logical Switches (or overlay logical networks) provide L2 (layer 2) connectivity to a collection of Virtual Machines (VMs) over an underlying L3 (layer 3) network. The overlay is implemented using a tunneling mechanism such as VXLAN (Virtual eXtensible Local Area Network), STT (Stateless Transport Tunneling), GENEVE (Generic Network Virtualization Encapsulation), GRE (Generic Routing Encapsulation), etc. Of these, VXLAN is gaining traction in the networking industry at this time and is being implemented in physical switches from a number of switch vendors.
Since certain applications may be hosted on physical servers, there is often a need to provide layer 2 connectivity between a number of ports/VLANs in the physical network and an overlay logical network. Handling of traffic destined to Broadcast/Unknown-unicast/Multicast (BUM) MAC addresses poses some challenges. Such traffic needs to be replicated and delivered to all virtual machines that have an interface on the overlay logical switch, and all physical machines on physical networks/VLANs being connected with the overlay logical switch.
In some network systems, the above replication functionality is offloaded—BUM traffic to be replicated is forwarded to a replication node which then replicates the traffic to all end-points that should receive the traffic. However, Reverse Path Filtering (RPF) policies in some of these systems drop packets in which the source IP address does not match the IP subnet of the interface that the packet was received on. In such network systems, the replication node modifies the source IP address in the replicated packet to its own so as to pass RPF checks in the physical network. By doing so, the context of the original sender of the BUM traffic is lost, and a receiving node cannot infer this information and hence cannot use BUM traffic to populate its Layer 2 forwarding tables.