In specific deployments, e.g., with BGP EVPN configured for OVN logical switches / routers (the BGP control plane is executed outside of OVN), OVN needs to be able to reach remote destinations through remote VTEP (VXLAN tunnel endpoints).

Remote VTEPs are specified by:

• remote IP
• remote UDP port

These tunnel endpoints are learnt by the control plane and installed in the Linux (VRF) FDB table where the control plane daemon runs.  With FRR that translates into FRR inserting FDB entries ("dst" entries) onto the linux bridge for each remote VTEP it learnt through EVPN.

E.g., for a VTEP learnt for VRF VNI 20, reachable at IP 20.0.0.2:

 $ podman exec -it evpn-host1 bridge fdb show dev vxlan-20 | grep dst | grep permanent
 00:00:00:00:00:00 dst 20.0.0.2 self permanent

OVN should provide a way for users to configure an OVN logical switch or a logical router to monitor and automatically install rules to send/receive (VXLAN encap/decap) packets towards dynamically learnt VTEPs.

Notes on potential implementation details:

• from a NB perspective a VXLAN VNI relevant to a logical switch/router could be represented by a new logical switch/router port of type=vxlan
• ovn-controller could monitor through netlink the Linux VRF where the remote VTEP "dst" entries are created
• from a SB perspective "dynamic" Port_Bindings could be created for each of the remote VTEPs - in practice these port_bindings might be very similar to port_bindings created today for Transit Switch/Router remote ports
• from an OpenFlow perspective, ovn-controller would have to handle this new type of Port_Bindings and generate flows that implement "logical output" and "logical input" of packets on these Port_Bindings (similar to TS / TR)