# VXLAN: VNI mismatch on tunnel vxlan0, expected 100, received 200 from 10.0.0.2

- **ID:** `networking/vxlan-vni-mismatch`
- **Domain:** networking
- **Category:** protocol_error
- **Verification:** ai_generated
- **Fix Rate:** 85%

## Root Cause

VXLAN VNI mismatch occurs when two endpoints of a VXLAN tunnel are configured with different Virtual Network Identifiers, causing packets to be dropped or misrouted.

## Version Compatibility

| Version | Status | Introduced | Deprecated |
|---------|--------|------------|------------|
| Linux kernel 5.10+ | active | — | — |
| Open vSwitch 2.17+ | active | — | — |
| Cisco IOS XE 17.3+ | active | — | — |

## Workarounds

1. **Check the VXLAN configuration on both endpoints using 'ip -d link show vxlan0' and update the VNI: ip link set vxlan0 type vxlan id 100** (90% success)
   ```
   Check the VXLAN configuration on both endpoints using 'ip -d link show vxlan0' and update the VNI: ip link set vxlan0 type vxlan id 100
   ```
2. **If using Open vSwitch, verify the VNI in the bridge configuration: ovs-vsctl list interface vxlan0 | grep vni, then set the correct value: ovs-vsctl set interface vxlan0 options:vni=100** (85% success)
   ```
   If using Open vSwitch, verify the VNI in the bridge configuration: ovs-vsctl list interface vxlan0 | grep vni, then set the correct value: ovs-vsctl set interface vxlan0 options:vni=100
   ```
3. **Temporarily set the VXLAN interface to learning mode to diagnose the mismatch: ip link set vxlan0 type vxlan learning** (70% success)
   ```
   Temporarily set the VXLAN interface to learning mode to diagnose the mismatch: ip link set vxlan0 type vxlan learning
   ```

## Dead Ends

- **** — 重启 VXLAN 接口或整个主机无法修复配置不匹配；两端的 VNI 值必须对齐。 (95% fail)
- **** — 增加 VXLAN 接口的 MTU 可能有助于分片，但无法解决 VNI 不匹配问题，这是一个逻辑标识符问题。 (90% fail)
- **** — 禁用底层网络上的防火墙规则可能允许 VXLAN 数据包通过，但 VNI 不匹配仍会导致隧道端点丢弃数据包。 (85% fail)