diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml b/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml
index 2c70129e54a428cc9c234c380502738c457e5f94..5badefd402ed675727fb6dda496932286f34442f 100644
--- a/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml
+++ b/inventory/sample/group_vars/k8s-cluster/k8s-net-calico.yml
@@ -68,6 +68,10 @@
 # set VXLAN encapsulation mode: "Always", "CrossSubnet", "Never"
 # calico_vxlan_mode: 'Never'
 
+# set VXLAN port and VNI
+# calico_vxlan_vni: 4096
+# calico_vxlan_port: 4789
+
 # If you want to use non default IP_AUTODETECTION_METHOD for calico node set this option to one of:
 # * can-reach=DESTINATION
 # * interface=INTERFACE-REGEX
diff --git a/roles/network_plugin/calico/defaults/main.yml b/roles/network_plugin/calico/defaults/main.yml
index b8ed033938633e1e69ac2c7855c72e66a72caf15..f183606c2d04dd49f331769ffb96e3d929ac11b0 100644
--- a/roles/network_plugin/calico/defaults/main.yml
+++ b/roles/network_plugin/calico/defaults/main.yml
@@ -29,6 +29,12 @@ calico_node_memory_requests: 64M
 calico_node_cpu_requests: 150m
 calico_felix_chaininsertmode: Insert
 
+# Virtual network ID to use for VXLAN traffic. A value of 0 means “use the kernel default”.
+calico_vxlan_vni: 4096
+
+# Port to use for VXLAN traffic. A value of 0 means “use the kernel default”.
+calico_vxlan_port: 4789
+
 # Enable Prometheus Metrics endpoint for felix
 calico_felix_prometheusmetricsenabled: false
 calico_felix_prometheusmetricsport: 9091
diff --git a/roles/network_plugin/calico/templates/calico-node.yml.j2 b/roles/network_plugin/calico/templates/calico-node.yml.j2
index 14366c33dfbf85aa42aa0512e5bb9b14fbc084a5..4f54a4e3111ddcdec79606703e0c85a1f8fbcbf7 100644
--- a/roles/network_plugin/calico/templates/calico-node.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-node.yml.j2
@@ -173,6 +173,12 @@ spec:
             # Wait for the datastore.
             - name: WAIT_FOR_DATASTORE
               value: "true"
+{% endif %}
+{% if calico_network_backend is defined and calico_network_backend == 'vxlan' %}
+            - name: FELIX_VXLANVNI
+              value: "{{ calico_vxlan_vni }}"
+            - name: FELIX_VXLANPORT
+              value: "{{ calico_vxlan_port }}"
 {% endif %}
             # Choose the backend to use.
             - name: CALICO_NETWORKING_BACKEND