VXLAN-EVPN with IRB
Overview
An EVPN-based Integrated Routing and Bridging solution used for forwarding of intra-subnets and inter-subnets traffic.
There are 2 modes of IRB.
Symmetric IRB
In this mode, both the ingress and egress VTEPs perform layer-2 and layer-3 lookups (switching and routing). In this case, a given VTEP needs to learn the ARP and MAC-address entries only for tenant systems (TSs) across the tenant VxLAN network belonging to VNIDs attached to that VTEP.
Asymmetric IRB
In this mode, the ingress VTEP perform layer-2 and layer-3 lookups and egress VTEPs perform layer-2 lookups only.
The disadvantage of this mode is the need for each VTEP in the tenant network to be configured with all the VNIDs for that tenant irrespective of whether a given VTEP has TS attached for that VNID or not.
Three approaches are available to achieve IRB solution.
• Centralized Gateway
• Anycast Gateway
• Distributed Gateway
Topology
The procedures in this section use the topology in
Figure 9-10.
VxLAN EVPN IRB
Note: In the above topology TS1, TS2 are the tenant systems. The blue and red color denotes different subnets in the Tenant systems.
Base Configuration - L2 VXLAN
VTEP1
(Multi-homed group1) - Part of both Multi-homed with po1(MH2).
Hardware profile and generic configuration:
#configure terminal | Enter Configure mode. |
(config)#hardware-profile filter vxlan enable | Enable hardware-profile filter for VXLAN. |
(config)#hardware-profile filter vxlan-mh enable | Enable hardware-profile filter for VXLAN multi-homing. |
(config)#hardware-profile filter egress-ipv4 enable | Enable hardware-profile filter for egress IPv4. |
(config)#evpn vxlan multihoming enable | Enable Multihoming, save configs and reboot the board for multihoming to be effective |
(config)#hardware-profile statistics ac-lif enable | Enable ac-lif for VXLAN access-if port counters |
(config)#qos enable | Enabling QoS |
(config)#commit | Commit the candidate configuration to running configuration |
Interface and loopback configuration:
(config)#interface po1 | Enter Interface mode for po1 (MH2) |
(config-if)#switchport | Make it L2 interface |
(config-if)# evpn multi-homed system-mac 0000.0000.2222 | Configure system MAC as ESI value for Lag (po1) interface. VTEP1 and VTEP2 should have same ESI value |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe2 | Enter Interface mode for xe2 |
(config-if)#channel-group 1 mode active | Make it member port of po1 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe3 | Enter Interface mode for xe3 |
(config-if)#channel-group 1 mode active | Make it member port of po1 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface lo | Enter Interface mode for lo |
(config-if)#ip address 1.1.1.1/32 secondary | Configure loopback IP address as 1.1.1.1 for VTEP1 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface po2 | Enter Interface mode for po2 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe25 | Enter Interface mode for xe25 |
(config-if)#channel-group 2 mode active | Make it member port of po2 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe26 | Enter Interface mode for xe26 |
(config-if)#channel-group 2 mode active | Make it member port of po2 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface po2 | Enter Interface mode for po2 |
(config-if)#ip address 100.11.11.1/24 | Configure IP address as 100.11.11.1 on network side of Spine-P3 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#commit | Commit the candidate configuration to running configuration |
OSPF configuration:
(config)#router ospf 100 | Enter into router OSPF mode |
(config-router)#ospf router-id 1.1.1.1 | Configure router-id as 1.1.1.1 (lo IP address) |
(config-router)#network 1.1.1.1/32 area 0.0.0.0 | Add 1.1.1.1 (lo IP address) network into area 0 |
(config-router)#network 100.11.11.0/24 area 0.0.0.0 | Add 100.11.11.0 (Spine-P3) network into area 0 |
(config-router)#bfd all-interfaces | Enabling BFD on all OSPF interface for fast convergence |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#commit | Commit the candidate configuration to running configuration |
BGP configuration:
(Config)#router bgp 5000 | Enter into Router BGP mode |
(config-router)#bgp router-id 1.1.1.1 | Configure router-id as 1.1.1.1 (lo IP address) |
(config-router)#neighbor 2.2.2.2 remote-as 5000 | Specify a VTEP2 loopback IP address and remote-as defined |
(config-router)#neighbor 2.2.2.2 update-source lo | Configure update as loopback for VTEP2 |
(config-router)#neighbor 2.2.2.2 advertisement-interval 0 | Configure advertisement-interval as 0 for fast convergence for VTEP2 |
(config-router)#neighbor 4.4.4.4 remote-as 5000 | Specify a VTEP4 loopback IP address and remote-as defined |
(config-router)#neighbor 4.4.4.4 update-source lo | Configure update as loopback for VTEP4 |
(config-router)#neighbor 4.4.4.4 advertisement-interval 0 | Configure advertisement-interval as 0 for fast convergence for VTEP4 |
(config-router)#neighbor 5.5.5.5 remote-as 5000 | Specify a VTEP5 loopback IP address and remote-as defined |
(config-router)#neighbor 5.5.5.5 update-source lo | Configure update as loopback for VTEP5 |
(config-router)#neighbor 5.5.5.5 advertisement-interval 0 | Configure advertisement-interval as 0 for fast convergence for VTEP5 |
(config-router)#address-family l2vpn evpn | Enter into L2VPN EVPN address family mode |
(config-router-af)#neighbor 2.2.2.2 activate | Activate 2.2.2.2(VTEP2) into L2VPN EVPN address family mode |
(config-router-af)#neighbor 4.4.4.4 activate | Activate 3.3.3.3(VTEP4) into L2VPN EVPN address family mode |
(config-router-af)#neighbor 5.5.5.5 activate | Activate 5.5.5.5(VTEP5) into L2VPN EVPN address family mode |
(config-router-af)#exit-address-family | Exit from L2VPN address family mode |
(config-router)#exit | Exit from Router BGP mode and enter into config mode |
(config)#commit | Commit the candidate configuration to running configuration |
L2 MAC VRF Configuration:
(config)#mac vrf L2VRF1 | Create MAC routing/forwarding instance with L2VRF1 name and enter into VRF mode |
(config-vrf)#rd 1.1.1.1:11 | Assign RD value |
(config-vrf)#description MAC VRF RED | Give description to L2VRF1 as RED |
(config-vrf)#route-target both 9.9.9.9:100 | Assign route-target value for same for import and export. Should be same on all node for L2VRF1 |
(config-vrf)#exit | Exit from VRF mode |
(config)#mac vrf L2VRF2 | Create MAC routing/forwarding instance with L2VRF2 name and enter into VRF mode |
(config-vrf)#rd 1.1.1.1:21 | Assign RD value |
(config-vrf)#route-target both 90.90.90.90:100 | Assign route-target value for same for import and export |
(config-vrf)#description MAC VRF BLUE | Give description to L2VRF2 as BLUE |
(config-vrf)#exit | Exit from VRF mode |
(config)#commit | Commit the candidate configuration to running configuration |
L2 VXLAN configuration:
(config)#nvo vxlan enable | Enable VXLAN |
(config)#evpn esi hold-time 90 | Configure ESI hold time to allow tunnel to come up at the time of VXLAN initialization before making the ESI up. It should be same on both VTEP1 and VTEP2 |
(config)#nvo vxlan vtep-ip-global 1.1.1.1 | Configure Source vtep-ip-global configuration - Use loopback IP address |
(config)#nvo vxlan id 101 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# vni-name VNI-101 | Configure VNI name as VNI-101 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# vni-name VNI-201 | Configure VNI name as VNI-201 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#nvo vxlan access-if port-vlan po1 10 | Enable port-VLAN mapping i.e. access port to outer-VLAN (SVLAN) - Multihomed access port |
(config-nvo-acc-if)#map vnid 101 | Map VXLAN Identified to access-port for VXLAN |
(config-nvo-acc-if)# mac 0000.2222.1010 ip 11.11.11.51 | Configure static MAC-IP |
(config-nvo-acc-if)#exit | Exit from VXLAN access-interface mode and enter into configuration mode |
(config)#nvo vxlan access-if port-vlan po1 20 | Enable port-VLAN mapping i.e. access port to outer-VLAN (SVLAN) - Multihomed access port |
(config-nvo-acc-if)#map vnid 201 | Map VXLAN Identified to access-port for VXLAN |
(config-nvo-acc-if)# mac 0000.2222.1020 ip 21.21.21.51 | Configure static MAC-IP |
(config-nvo-acc-if)#exit | Exit from VXLAN access-interface mode and enter into configuration mode |
(config)#exit | Exit from configuration mode |
(config)#commit | Commit the candidate configuration to running configuration |
VTEP2
(Multi-homed group1) - Part of both Multi-homed with po1(MH1).
Hardware profile and generic configuration:
#configure terminal | Enter Configure mode. |
(config)#hardware-profile filter vxlan enable | Enable hardware-profile filter for VXLAN. |
(config)#hardware-profile filter vxlan-mh enable | Enable hardware-profile filter for VXLAN multi-homing. |
(config)#hardware-profile filter egress-ipv4 enable | Enable hardware-profile filter for egress IPv4. |
(config)#evpn vxlan multihoming enable | Enable Multihoming, save configs and reboot the board for multihoming to be effective |
(config)#hardware-profile statistics ac-lif enable | Enable ac-lif for VXLAN access-if port counters |
(config)#qos enable | Enabling QoS |
(config)#commit | Commit the candidate configuration to running configuration |
Interface and loopback configuration:
(config)#interface po1 | Enter Interface mode for po1 (MH2) |
(config-if)#switchport | Make it L2 interface |
(config-if)# evpn multi-homed system-mac 0000.0000.2222 | Configure system MAC as ESI value for Lag (po1) interface. VTEP1 and VTEP2 should have same ESI value |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe8 | Enter Interface mode for xe2 |
(config-if)#channel-group 1 mode active | Make it member port of po1 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe9 | Enter Interface mode for xe3 |
(config-if)#channel-group 1 mode active | Make it member port of po1 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface lo | Enter Interface mode for lo |
(config-if)#ip address 2.2.2.2/32 secondary | Configure loopback IP address as 2.2.2.2 for VTEP2 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface po3 | Enter Interface mode for po3 |
(config)#i switchport | Configure po3 as L2 interface |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe27 | Enter Interface mode for xe27 |
(config-if)#channel-group 3 mode active | Make it member port of po3 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe28 | Enter Interface mode for xe28 |
(config-if)#channel-group 3 mode active | Make it member port of po3 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)# bridge 1 protocol rstp vlan-bridge | Configure bridge 1 |
(config)# vlan database | Enter into VLAN database mode |
(config)#vlan 2 bridge 1 state enable | Configure VLAN 2 as part of bridge 1 |
(config)#interface po3 | Enter Interface mode for po3 |
(config-if)# bridge-group 1 | Configure bridge 1 for po3 |
(config-if)# switchport mode trunk | Switchport mode as trunk |
(config-if)# switchport trunk allowed vlan add 2 | Trunk allowed VLAN 2 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config) interface vlan1.2 | Enter into SVI port VLAN1.2 |
(config-if)#ip address 100.12.12.1/24 | Configure IP address as 100.12.12.1 on network side of Spine-P3 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#commit | Commit the candidate configuration to running configuration |
OSPF configuration:
(config)#router ospf 100 | Enter into router OSPF mode |
(config-router)#ospf router-id 2.2.2.2 | Configure router-id as 2.2.2.2 (lo IP address) |
(config-router)#network 2.2.2.2/32 area 0.0.0.0 | Add 2.2.2.2 (lo IP address) network into area 0 |
(config-router)#network 100.12.12.0/24 area 0.0.0.0 | Add 100.12.12.0(Spine-P3) network into area 0 |
(config-router)#bfd all-interfaces | Enabling bfd on all ospf interface for fast convergence |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#commit | Commit the candidate configuration to running configuration |
BGP configuration:
(Config)#router bgp 5000 | Enter into Router BGP mode |
(config-router)#bgp router-id 2.2.2.2 | Configure router-id as 2.2.2.2 (lo IP address) |
(config-router)#neighbor 1.1.1.1 remote-as 5000 | Specify a VTEP1 loopback IP address and remote-as defined |
(config-router)#neighbor 1.1.1.1 update-source lo | Configure update as loopback for VTEP1 |
(config-router)#neighbor 1.1.1.1 advertisement-interval 0 | Configure advertisement-interval as 0 for fast convergence for VTEP1 |
(config-router)#neighbor 4.4.4.4 remote-as 5000 | Specify a VTEP4 loopback IP address and remote-as defined |
(config-router)#neighbor 4.4.4.4 update-source lo | Configure update as loopback for VTEP4 |
(config-router)#neighbor 4.4.4.4 advertisement-interval 0 | Configure advertisement-interval as 0 for fast convergence for VTEP4 |
(config-router)#neighbor 5.5.5.5 remote-as 5000 | Specify a VTEP5 loopback IP address and remote-as defined |
(config-router)#neighbor 5.5.5.5 update-source lo | Configure update as loopback for VTEP5 |
(config-router)#neighbor 5.5.5.5 advertisement-interval 0 | Configure advertisement-interval as 0 for fast convergence for VTEP5 |
(config-router)#address-family l2vpn evpn | Enter into L2VPN EVPN address family mode |
(config-router-af)#neighbor 1.1.1.1 activate | Activate 1.1.1.1(VTEP1) into L2VPN EVPN address family mode |
(config-router-af)#neighbor 4.4.4.4 activate | Activate 4.4.4.4(VTEP4) into L2VPN EVPN address family mode |
(config-router-af)#neighbor 5.5.5.5 activate | Activate 5.5.5.5(VTEP5) into L2VPN EVPN address family mode |
(config-router-af)#exit-address-family | Exit from L2VPN address family mode |
(config-router)#exit | Exit from Router BGP mode and enter into config mode |
(config)#commit | Commit the candidate configuration to running configuration |
VRF Configuration:
(config)#mac vrf L2VRF1 | Create MAC routing/forwarding instance with L2VRF1 name and enter into VRF mode |
(config-vrf)#rd 2.2.2.2:11 | Assign RD value |
(config-vrf)#description MAC VRF RED | Give description to L2VRF1 as RED |
(config-vrf)#route-target both 9.9.9.9:100 | Assign route-target value for same for import and export. Should be same on all node for L2VRF1 |
(config-vrf)#exit | Exit from VRF mode |
(config)#mac vrf L2VRF2 | Create MAC routing/forwarding instance with L2VRF2 name and enter into VRF mode |
(config-vrf)#rd 2.2.2.2:21 | Assign RD value |
(config-vrf)#route-target both 90.90.90.90:100 | Assign route-target value for same for import and export |
(config-vrf)#description MAC VRF BLUE | Give description to L2VRF2 as BLUE |
(config-vrf)#exit | Exit from VRF mode |
(config)#commit | Commit the candidate configuration to running configuration |
VXLAN configuration:
(config)#nvo vxlan enable | Enable VXLAN |
(config)#evpn esi hold-time 90 | Configure ESI hold time to allow tunnel to come up at the time of vxlan initialization before making the ESI up.It should be same on both VTEP1 and VTEP2 |
(config)#nvo vxlan vtep-ip-global 2.2.2.2 | Configure Source vtep-IP-global configuration - Use loopback IP address |
(config)#nvo vxlan id 101 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# vni-name VNI-101 | Configure VNI name as VNI-101 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# vni-name VNI-201 | Configure VNI name as VNI-201 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan access-if port-vlan po1 10 | Enable port-VLAN mapping i.e. access port to outer-vlan (SVLAN) - Multihomed access port |
(config-nvo-acc-if)#map vnid 101 | Map VXLAN Identified to access-port for VXLAN |
(config-nvo-acc-if)# mac 0000.2222.1010 ip 11.11.11.51 | Configure static MAC-IP |
(config-nvo-acc-if)#exit | Exit from VXLAN access-interface mode and enter into configuration mode |
(config)#nvo vxlan access-if port-vlan po1 20 | Enable port-VLAN mapping i.e. access port to outer-VLAN (SVLAN) - Multihomed access port |
(config-nvo-acc-if)#map vnid 201 | Map VXLAN Identified to access-port for VXLAN |
(config-nvo-acc-if)# mac 0000.2222.1020 ip 21.21.21.51 | Configure static MAC-IP |
(config-nvo-acc-if)#exit | Exit from VXLAN access-interface mode and enter into configuration mode |
(config)#commit | Commit the candidate configuration to running configuration |
VTEP4
Single Home -SH5.
Hardware profile and generic configuration:
#configure terminal | Enter Configure mode. |
(config)#hardware-profile filter vxlan enable | Enable hardware-profile filter for VXLAN. |
(config)#hardware-profile filter egress-ipv4 enable | Enable hardware-profile filter for egress IPv4. |
(config)#hardware-profile statistics ac-lif enable | Enable ac-lif for vxlan access-if port counters |
(config)#qos enable | Enabling qos |
(config)#commit | Commit the candidate configuration to running configuration |
Interface and loopback configuration:
(config)#interface sa1 | Enter Interface mode for sa1 (SH5) |
(config-if)#switchport | Make it L2 interface |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface lo | Enter Interface mode for lo |
(config-if)#ip address 4.4.4.4/32 secondary | Configure loopback IP address as 4.4.4.4 for VTEP4 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface po4 | Enter Interface mode for po4 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe7 | Enter Interface mode for xe7 |
(config-if)#channel-group 4 mode active | Make it member port of po4 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe9 | Enter Interface mode for xe9 |
(config-if)#channel-group 4 mode active | Make it member port of po4 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config) interface po4.4 | Enter L3SI po4.4 |
(config-if)# encapsulation dot1q 4 | Encapsulation as dot1q with VLAN 4 |
(config-if)#ip address 100.14.14.1/24 | Configure IP address as 100.14.14.1 on network side of Spine-P3 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#commit | Commit the candidate configuration to running configuration |
OSPF configuration:
(config)#router ospf 100 | Enter into router OSPF mode |
(config-router)#ospf router-id 4.4.4.4 | Configure router-id as 4.4.4.4 (lo IP address) |
(config-router)#network 4.4.4.4/32 area 0.0.0.0 | Add 4.4.4.4 (lo IP address) network into area 0 |
(config-router)#network 100.14.14.0/24 area 0.0.0.0 | Add 100.14.14.0(Spine-P3) network into area 0 |
(config-router)#bfd all-interfaces | Enabling bfd on all ospf interface for fast convergence |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#commit | Commit the candidate configuration to running configuration |
BGP configuration:
(Config)#router bgp 5000 | Enter into Router BGP mode |
(config-router)#bgp router-id 4.4.4.4 | Configure router-id as 4.4.4.4 (lo IP address) |
(config-router)#neighbor 1.1.1.1 remote-as 5000 | Specify a VTEP1 loopback IP address and remote-as defined |
(config-router)#neighbor 1.1.1.1 update-source lo | Configure update as loopback for VTEP1 |
(config-router)#neighbor 1.1.1.1 advertisement-interval 0 | Configure advertisement-interval as 0 for fast convergence for VTEP1 |
(config-router)#neighbor 2.2.2.2 remote-as 5000 | Specify a VTEP2 loopback IP address and remote-as defined |
(config-router)#neighbor 2.2.2.2 update-source lo | Configure update as loopback for VTEP2 |
(config-router)#neighbor 2.2.2.2 advertisement-interval 0 | Configure advertisement-interval as 0 for fast convergence for VTEP2 |
(config-router)#neighbor 5.5.5.5 remote-as 5000 | Specify a VTEP5 loopback IP address and remote-as defined |
(config-router)#neighbor 5.5.5.5 update-source lo | Configure update as loopback for VTEP5 |
(config-router)#neighbor 5.5.5.5 advertisement-interval 0 | Configure advertisement-interval as 0 for fast convergence for VTEP5 |
(config-router)#address-family l2vpn evpn | Enter into L2VPN EVPN address family mode |
(config-router-af)#neighbor 1.1.1.1 activate | Activate 1.1.1.1(VTEP1) into L2VPN EVPN address family mode |
(config-router-af)#neighbor 2.2.2.2 activate | Activate 2.2.2.2(VTEP2) into L2VPN EVPN address family mode |
(config-router-af)#neighbor 5.5.5.5 activate | Activate 5.5.5.5(VTEP5) into L2VPN EVPN address family mode |
(config-router-af)#exit-address-family | Exit from L2VPN address family mode |
(config-router)#exit | Exit from Router BGP mode and enter into config mode |
(config)#commit | Commit the candidate configuration to running configuration |
VRF Configuration:
(config)#mac vrf L2VRF1 | Create MAC routing/forwarding instance with L2VRF1 name and enter into VRF mode |
(config-vrf)#rd 4.4.4.4:11 | Assign RD value |
(config-vrf)#description MAC VRF RED | Give description to L2VRF1 as RED |
(config-vrf)#route-target both 9.9.9.9:100 | Assign route-target value for same for import and export. Should be same on all node for L2VRF1 |
(config-vrf)#exit | Exit from VRF mode |
(config)#mac vrf L2VRF2 | Create MAC routing/forwarding instance with L2VRF2 name and enter into VRF mode |
(config-vrf)#rd 4.4.4.4:21 | Assign RD value |
(config-vrf)#route-target both 90.90.90.90:100 | Assign route-target value for same for import and export |
(config-vrf)#description MAC VRF BLUE | Give description to L2VRF2 as BLUE |
(config-vrf)#exit | Exit from VRF mode |
(config)#commit | Commit the candidate configuration to running configuration |
VXLAN configuration:
(config)#nvo vxlan enable | Enable VXLAN |
(config)#nvo vxlan vtep-ip-global 4.4.4.4 | Configure Source vtep-IP-global configuration. Use loopback IP address |
(config)#nvo vxlan id 101 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# vni-name VNI-101 | Configure VNI name as VNI-101 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# vni-name VNI-201 | Configure VNI name as VNI-201 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#commit | Commit the candidate configuration to running configuration |
(config)# nvo vxlan access-if port-vlan sa1 20 | Enable port-VLAN mapping i.e. access port to outer-vlan (SVLAN) - Multihomed access port |
(config-nvo-acc-if)#map vnid 201 | Map VXLAN Identified to access-port for VXLAN |
(config-nvo-acc-if)# mac 0000.5555.1020 ip 21.21.21.101 | Configure static MAC-IP |
(config-nvo-acc-if)#exit | Exit from VXLAN access-interface mode and enter into configuration mode |
(config)#exit | Exit from configuration mode |
(config)#commit | Commit the candidate configuration to running configuration |
VTEP5
Single Home -SH3
Hardware profile and generic configuration:
#configure terminal | Enter Configure mode. |
(config)#hardware-profile filter vxlan enable | Enable hardware-profile filter for VXLAN. |
(config)#hardware-profile filter egress-ipv4 enable | Enable hardware-profile filter for egress IPv4. |
(config)#hardware-profile statistics ac-lif enable | Enable ac-lif for vxlan access-if port counters |
(config)#qos enable | Enabling qos |
(config)#commit | Commit the candidate configuration to running configuration |
Interface and loopback configuration:
(config)#interface xe48 | Enter Interface mode for xe48 (SH3) |
(config-if)#switchport | Make it L2 interface |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface lo | Enter Interface mode for lo |
(config-if)#ip address 5.5.5.5/32 secondary | Configure loopback IP address as 5.5.5.5 for VTEP5 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config) interface xe40 | Enter interface mode |
(config-if)#ip address 100.15.15.1/24 | Configure IP address as 100.15.15.1 on network side of Spine-P3 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#commit | Commit the candidate configuration to running configuration |
OSPF configuration:
(config)#router ospf 100 | Enter into router OSPF mode |
(config-router)#ospf router-id 5.5.5.5 | Configure router-id as 5.5.5.5 (lo IP address) |
(config-router)#network 5.5.5.5/32 area 0.0.0.0 | Add 5.5.5.5 (lo IP address) network into area 0 |
(config-router)#network 100.15.15.0/24 area 0.0.0.0 | Add 100.15.15.0(Spine-P3) network into area 0 |
(config-router)#bfd all-interfaces | Enabling bfd on all ospf interface for fast convergence |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#commit | Commit the candidate configuration to running configuration |
BGP configuration:
(Config)#router bgp 5000 | Enter into Router BGP mode |
(config-router)#bgp router-id 5.5.5.5 | Configure router-id as 5.5.5.5(lo IP address) |
(config-router)#neighbor 1.1.1.1 remote-as 5000 | Specify a VTEP1 loopback IP address and remote-as defined |
(config-router)#neighbor 1.1.1.1 update-source lo | Configure update as loopback for VTEP1 |
(config-router)#neighbor 1.1.1.1 advertisement-interval 0 | Configure advertisement-interval as 0 for fast convergence for VTEP1 |
(config-router)#neighbor 2.2.2.2 remote-as 5000 | Specify a VTEP2 loopback IP address and remote-as defined |
(config-router)#neighbor 2.2.2.2 update-source lo | Configure update as loopback for VTEP2 |
(config-router)#neighbor 2.2.2.2 advertisement-interval 0 | Configure advertisement-interval as 0 for fast convergence for VTEP2 |
(config-router)#neighbor 4.4.4.4 remote-as 5000 | Specify a VTEP4 loopback IP address and remote-as defined |
(config-router)#neighbor 4.4.4.4 update-source lo | Configure update as loopback for VTEP4 |
(config-router)#neighbor 4.4.4.4 advertisement-interval 0 | Configure advertisement-interval as 0 for fast convergence for VTEP4 |
(config-router)#address-family l2vpn evpn | Enter into L2VPN EVPN address family mode |
(config-router-af)#neighbor 1.1.1.1 activate | Activate 1.1.1.1(VTEP1) into L2VPN EVPN address family mode |
(config-router-af)#neighbor 2.2.2.2 activate | Activate 2.2.2.2(VTEP2) into L2VPN EVPN address family mode |
(config-router-af)#neighbor 4.4.4.4 activate | Activate 4.4.4.4(VTEP4) into L2VPN EVPN address family mode |
(config-router-af)#exit-address-family | Exit from L2VPN address family mode |
(config-router)#exit | Exit from Router BGP mode and enter into config mode |
(config)#commit | Commit the candidate configuration to running configuration |
VRF Configuration:
(config)#mac vrf L2VRF1 | Create MAC routing/forwarding instance with L2VRF1 name and enter into VRF mode |
(config-vrf)#rd 5.5.5.5:11 | Assign RD value |
(config-vrf)#description MAC VRF RED | Give description to L2VRF1 as RED |
(config-vrf)#route-target both 9.9.9.9:100 | Assign route-target value for same for import and export. Should be same on all node for L2VRF1 |
(config-vrf)#exit | Exit from VRF mode |
(config)#mac vrf L2VRF2 | Create MAC routing/forwarding instance with L2VRF2 name and enter into VRF mode |
(config-vrf)#rd 5.5.5.5:21 | Assign RD value |
(config-vrf)#route-target both 90.90.90.90:100 | Assign route-target value for same for import and export |
(config-vrf)#description MAC VRF BLUE | Give description to L2VRF2 as BLUE |
(config-vrf)#exit | Exit from VRF mode |
(config)#commit | Commit the candidate configuration to running configuration |
VXLAN configuration:
(config)#nvo vxlan enable | Enable VXLAN |
(config)#nvo vxlan vtep-ip-global 5.5.5.5 | Configure Source vtep-IP-global configuration. Use loopback IP address |
(config)#nvo vxlan id 101 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# vni-name VNI-101 | Configure VNI name as VNI-101 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2 | Assign vrf for EVPN-BGP to carry EVPN route |
(config-nvo)# vni-name VNI-201 | Configure VNI name as VNI-201 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)# nvo vxlan access-if port-vlan xe48 10 | Enable port-VLAN mapping i.e. access port to outer-vlan (SVLAN) - Multihomed access port |
(config-nvo-acc-if)#map vnid 101 | Map VXLAN Identified to access-port for VXLAN |
(config-nvo-acc-if)# mac 0000.4444.1010 ip 11.11.11.201 | Configure static MAC-IP |
(config-nvo-acc-if)#exit | Exit from VXLAN access-interface mode and enter into configuration mode |
(config)#commit | Commit the candidate configuration to running configuration |
Switch1 (MH2)
Multihomed to 2-VTEPs (VTEP1 and VTEP2). It acts as Tenant system for VLAN1.20.
#configure terminal | Enter Configure mode. |
(config)# bridge 1 protocol rstp vlan-bridge | Configure RSTP VLAN bridge |
(config)# vlan database | Enter into VLAN database mode |
(config)#vlan 2-20 bridge 1 state enable | Configure VLANs from 2-20 and associate with bridge 1 |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#interface xe7 | Enter Interface mode for xe7 |
(config-if)#switchport | Make as L2 port by configuring switchport |
(config-if)#bridge-group 1 | Associate bridge 1 into interface |
(config-if)# bridge-group 1 spanning-tree disable | Configure interface as STP disable |
(config-if)# switchport mode trunk | Mode as trunk |
(config-if)# switchport trunk allowed vlan add 2,10,20 | Trunk allowed VLAN as 2.10.20 |
(config-if)#switchport trunk native vlan 2 | Native VLAN as 2 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface po1 | Enter Interface mode for po1 |
(config-if)#switchport | Make po1 as L2 port by configuring switchport |
(config-if)#bridge-group 1 | Associate po1 to bridge 1 |
(config-if)# bridge-group 1 spanning-tree disable | Configure po1 as STP disable |
(config-if)# switchport mode trunk | Mode as trunk |
(config-if)# switchport trunk allowed vlan add 2,10,20 | Trunk allowed VLAN as 2.10.20 |
(config-if)#switchport trunk native vlan 2 | Native VLAN as 2 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe3 | Enter Interface mode for xe3 |
(config-if)#channel-group 1 mode active | Make it member port of po1 |
(config)#interface xe4 | Enter Interface mode for xe4 |
(config-if)#channel-group 1 mode active | Make it member port of po1 |
(config)#exit | Exit from configuration mode |
(config)#interface xe9 | Enter Interface mode for xe9 |
(config-if)#channel-group 1 mode active | Make it member port of po1 |
(config)#interface xe10 | Enter Interface mode for xe10 |
(config-if)#channel-group 1 mode active | Make it member port of po1 |
(config)#exit | Exit from configuration mode |
(config)#interface vlan1.20 | Enter Interface mode for VLAN1.20 |
(config-if)# ip address 21.21.21.2/24 | Configure IP address |
(config-if)#ipv6 address 21:21::21:2/48 | Configure IPv6 address |
(config-if)#exit | Exit from configuration mode |
(config)#commit | Commit the candidate configuration to running configuration |
Switch2 (SH5)
#configure terminal | Enter Configure mode. |
(config)# bridge 1 protocol rstp vlan-bridge | Configure RSTP VLAN bridge |
(config)# vlan database | |
(config)#vlan 2-20 bridge 1 state enable | Configure VLANs from 2-20 and associate with bridge 1 |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#interface xe22 | Enter Interface mode for xe22 |
(config-if)#switchport | Make xe22 as L2 port by configuring switchport |
(config-if)#bridge-group 1 | Associate xe22 to bridge 1 |
(config-if)# bridge-group 1 spanning-tree disable | Configure xe22 as STP disable |
(config-if)# switchport mode trunk | Mode as trunk |
(config-if)# switchport trunk allowed vlan add 6,10,20 | Trunk allowed VLAN as 6,.10 &.20 |
(config-if)#switchport trunk native vlan 6 | Native VLAN as 6 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface sa1 | Enter Interface mode for sa11 |
(config-if)#switchport | Make sa1 as L2 port by configuring switchport |
(config-if)#bridge-group 1 | Associate sa1 to bridge 1 |
(config-if)# bridge-group 1 spanning-tree disable | Configure sa1 as STP disable |
(config-if)# switchport mode trunk | Mode as trunk |
(config-if)# switchport trunk allowed vlan add 6,10,20 | Trunk allowed VLAN as 2,.10.& 20 |
(config-if)#switchport trunk native vlan 6 | Native VLAN as 6 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe3 | Enter Interface mode for xe3 |
(config-if)# static-channel-group 1 | Make it member port of sa1 |
(config)#interface xe4 | Enter Interface mode for xe4 |
(config-if)# static-channel-group 1 | Make it member port of sa1 |
(config)#exit | Exit from configuration mode |
(config)#interface vlan1.20 | Enter Interface mode for VLAN1.20 |
(config-if)# ip address 21.21.21.3/24 | Configure IP address |
(config-if)#ipv6 address 21:21::21:3/48 | Configure IPv6 address |
(config-if)#exit | Exit from configuration mode |
(config)#commit | Commit the candidate configuration to running configuration |
Spine-P3
Spine node where all VTEPs are connected.
Generic configuration:
#configure terminal | Enter Configure mode. |
(config)#qos enable | Enabling qos |
(config)#commit | Commit the candidate configuration to running configuration |
Interface and loopback configuration:
(config)#interface lo | Enter Interface mode for lo |
(config-if)#ip address 100.100.100.100/32 secondary | Configure loopback IP address as 100.100.100.100 for Spine-P3 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface po2 | Enter Interface mode for po2 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe25 | Enter Interface mode for xe25 |
(config-if)#channel-group 2 mode active | Make it member port of po2 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe26 | Enter Interface mode for xe26 |
(config-if)#channel-group 2 mode active | Make it member port of po3 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface po2 | Enter Interface mode for po2 |
(config-if)#ip address 100.11.11.2/24 | Configure IP address as 100.11.11.2 on network side of VTEP1 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface po3 | Enter Interface mode for po3 |
(config)#i switchport | Configure po3 as L2 interface |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe27 | Enter Interface mode for xe27 |
(config-if)#channel-group 3 mode active | Make it member port of po3 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe28 | Enter Interface mode for xe28 |
(config-if)#channel-group 3 mode active | Make it member port of po3 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)# bridge 1 protocol rstp vlan-bridge | Configure bridge 1 |
(config)# vlan database | Enter into VLAN database mode |
(config)#vlan 2 bridge 1 state enable | Configure VLAN 2 as part of bridge 1 |
(config)#interface po3 | Enter Interface mode for po3 |
(config-if)# bridge-group 1 | Configure bridge 1 for po3 |
(config-if)# switchport mode trunk | Switchport mode as trunk |
(config-if)# switchport trunk allowed vlan add 2 | Trunk allowed VLAN 2 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config) interface vlan1.2 | Enter into SVI port VLAN1.2 |
(config-if)#ip address 100.12.12.2/24 | Configure IP address as 100.12.12.2 on network side of VTEP2 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface po4 | Enter Interface mode for po4 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe7 | Enter Interface mode for xe7 |
(config-if)#channel-group 4 mode active | Make it member port of po4 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe9 | Enter Interface mode for xe9 |
(config-if)#channel-group 4 mode active | Make it member port of po4 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config) interface po4.4 | Enter L3SI po4.4 |
(config-if)# encapsulation dot1q 4 | Encapsulation as dot1q with VLAN 4 |
(config-if)#ip address 100.14.14.2/24 | Configure IP address as 100.14.14.12 on network side of VTEP4 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config) interface xe40 | Enter interface mode |
(config-if)#ip address 100.15.15.1/24 | Configure IP address as 100.15.15.1 on network side of VTEP5 |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#commit | Commit the candidate configuration to running configuration |
OSPF configuration:
(config)#router ospf 100 | Enter into router OSPF mode |
(config-router)#ospf router-id 100.100.100.100 | Configure router-id as 100.100.100.100 (lo IP address) |
(config-router)#network 100.100.100.100/32 area 0.0.0.0 | Add 100.100.100.100 (lo IP address) network into area 0 |
(config-router)#network 100.11.11.0/24 area 0.0.0.0 | Add 100.11.11.0 (VTEP1) network into area 0 |
(config-router)#network 100.12.12.0/24 area 0.0.0.0 | Add 100.12.12.0 (VTEP2) network into area 0 |
(config-router)#network 100.14.14.0/24 area 0.0.0.0 | Add 100.14.14.0 (VTEP4) network into area 0 |
(config-router)#network 100.15.15.0/24 area 0.0.0.0 | Add 100.15.15.0 (VTEP5) network into area 0 |
(config-router)#bfd all-interfaces | Enabling bfd on all ospf interface for fast convergence |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#commit | Commit the candidate configuration to running configuration |
Centralized Gateway
In Centralized gateway approach, when two TS belonging to two different subnets connected to the same/different VTEP node, wanted to communicate with each other, their traffic needed to be back hauled from the VTEP node to the centralized gateway node where inter- subnet switching is performed and then back to the VTEP node.
IRB Configuration for Centralized Gateway
Configure from Base Configuration-L2 VXLAN section, then configure below commands for centralized gateway approach.
VTEP5
(config)#nvo vxlan irb | Enable VXLAN IRB |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#ip vrf L3VRF1 | Create MAC routing/forwarding instance with L3VRF1 name and enter into VRF mode |
(config-vrf)#rd 51000:11 | Assign RD value |
(config-vrf)# route-target both 100:100 | Assign route-target value for same for import and export. |
(config-vrf)# l3vni 1000 | Configure L3VNI as 1000 for L3VRF1 |
(config-vrf)#exit | Exit from VRF mode |
(config)#commit | Commit the candidate configuration to running configuration |
(config)# interface irb1001 | Configure IRB interface 1001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 11.11.11.1/24 | Configure IP address |
(config-if)ipv6 address 11:11::11:1/48 | Configure IPv6 address |
(config-if)exit | Exit from interface config mode |
(config)#commit | Commit the candidate configuration to running configuration |
(config)# interface irb2001 | Configure IRB interface 2001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 21.21.21.1/24 | Configure IP address |
(config-if)ipv6 address 21:21::21:1/48 | Configure IPv6 address |
(config-if)exit | Exit from interface config mode |
(config)router bgp 5000 | Enter into BGP router mode |
(config-router)#address-family ipv4 vrf L3VRF1 | Enter into address-family mode for L3VRF1 |
(config-router-af)#redistribute connected | Redistribute connected |
(config-router-af)#exit-address-family | Exit from address-family |
(config-router)#exit | Exit from bgp router configuration mode |
(config)#commit | Commit the candidate configuration to running configuration |
(config)# nvo vxlan id 101 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# evpn irb1001 | Configure IRB1001 under VXLAN ID 101 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# evpn irb2001 | Configure IRB2001 under VXLAN ID 201 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#commit | Commit the candidate configuration to running configuration |
Validation
VTEP5
TB2-VTEP5#show nvo vxlan tunnel
VXLAN Network tunnel Entries
Source Destination Status Up/Down Update
============================================================================
5.5.5.5 2.2.2.2 Installed 00:26:30 00:26:30
5.5.5.5 4.4.4.4 Installed 00:26:30 00:26:30
5.5.5.5 1.1.1.1 Installed 00:26:30 00:26:30
Total number of entries are 3
TB2-VTEP5#show nvo vxlan
VXLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
VNID VNI-Name VNI-Type Type Interface ESI VLAN DF-Status Src-Addr Dst-Addr
_______________________________________________________________________________________________________________________________
101 VNI-101 L2 NW ---- ---- ---- ---- 5.5.5.5 2.2.2.2
101 VNI-101 L2 NW ---- ---- ---- ---- 5.5.5.5 4.4.4.4
101 VNI-101 L2 NW ---- ---- ---- ---- 5.5.5.5 1.1.1.1
101 VNI-101 -- AC xe48 --- Single Homed Port --- 10 ---- ---- ----
201 VNI-201 L2 NW ---- ---- ---- ---- 5.5.5.5 2.2.2.2
201 VNI-201 L2 NW ---- ---- ---- ---- 5.5.5.5 4.4.4.4
201 VNI-201 L2 NW ---- ---- ---- ---- 5.5.5.5 1.1.1.1
Total number of entries are 7
TB2-VTEP5#show nvo vxlan arp-cache
VXLAN ARP-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________
201 21.21.21.51 0000.2222.1020 Static Remote ----
201 21.21.21.1 3c2c.99d6.167a Static Local ----
201 21.21.21.101 0000.4444.1020 Static Remote ----
101 11.11.11.51 0000.2222.1010 Static Remote ----
101 11.11.11.1 3c2c.99d6.167a Static Local ----
101 11.11.11.201 0000.5555.1010 Static Local ----
Total number of entries are 6
TB2-VTEP5#show nvo vxlan nd-cache
VXLAN ND-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________________________________
201 21:21::21:1 3c2c.99d6.167a Static Local ----
101 11:11::11:1 3c2c.99d6.167a Static Local ----
Total number of entries are 2
TB2-VTEP5#show nvo vxlan l3vni-map
L3VNI L2VNI IRB-interface
===================================
1000 101 irb1001
1000 201 irb2001
TB2-VTEP5#show ip route vrf L3VRF1
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2,
ia - IS-IS inter area, E - EVPN,
v - vrf leaked
* - candidate default
IP Route Table for VRF "L3VRF1"
C 11.11.11.0/24 is directly connected, irb1001, 00:27:00
C 21.21.21.0/24 is directly connected, irb2001, 00:26:58
C 127.0.0.0/8 is directly connected, lo.L3VRF1, 00:32:53
Gateway of last resort is not set
TB2-VTEP5#show ipv6 route vrf L3VRF1
IPv6 Routing Table
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
IA - OSPF inter area, E1 - OSPF external type 1,
E2 - OSPF external type 2, E - EVPN N1 - OSPF NSSA external type 1,
N2 - OSPF NSSA external type 2, i - IS-IS, B - BGP
Timers: Uptime
IP Route Table for VRF "L3VRF1"
C ::1/128 via ::, lo.L3VRF1, 00:32:53
C 11:11::/48 via ::, irb1001, 00:27:00
C 21:21::/48 via ::, irb2001, 00:26:58
C fe80::/64 via ::, irb2001, 00:04:38
TB2-VTEP5#show ip route summary
-----------------------------------------------
IP routing table name is Default-IP-Routing-Table(0)
-----------------------------------------------
IP routing table maximum-paths : 8
Total number of IPv4 routes : 12
Total number of IPv4 paths : 12
Pending routes (due to route max reached): 0
Route Source Networks
connected 3
ospf 9
Total 12
FIB 12
ECMP statistics (active in ASIC):
Total number of IPv4 ECMP routes : 0
Total number of IPv4 ECMP paths : 0
TB2-VTEP5#show ipv6 route summary
-----------------------------------------------
IPv6 routing table name is Default-IPv6-Routing-Table(0)
-----------------------------------------------
IPv6 routing table maximum-paths : 8
Total number of IPv6 routes : 2
Total number of IPv6 paths : 2
Pending routes (due to route max reached): 0
Route Source Networks
connected 2
Total 2
FIB 2
ECMP statistics (active in ASIC):
Total number of IPv6 ECMP routes : 0
Total number of IPv6 ECMP paths : 0
TB2-VTEP5#show bgp l2vpn evpn
BGP table version is 11, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
l - labeled, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
[EVPN route type]:[ESI]:[VNID]:[relevent route informantion]
1 - Ethernet Auto-discovery Route
2 - MAC/IP Route
3 - Inclusive Multicast Route
4 - Ethernet Segment Route
5 - Prefix Route
Network Next Hop Metric LocPrf Weight Path Peer Encap
RD[1.1.1.1:1]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [4]:[00:00:00:00:00:22:22:00:00:00]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[1.1.1.1:11]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[1.1.1.1:21]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [3]:[201]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[2.2.2.2:1]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [4]:[00:00:00:00:00:22:22:00:00:00]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[2.2.2.2:11]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [3]:[101]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[2.2.2.2:21]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [3]:[201]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[4.4.4.4:11]
*>i [3]:[101]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
RD[4.4.4.4:21]
*>i [2]:[0]:[201]:[48,0000:4444:1020]:[32,21.21.21.101]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [3]:[201]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
RD[5.5.5.5:11] VRF[L2VRF1]:
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> [2]:[0]:[101]:[48,0000:5555:1010]:[32,11.11.11.201]:[101]
5.5.5.5 0 100 32768 i ---------- VXLAN
*> [2]:[0]:[101]:[48,3c2c:99d6:167a]:[32,11.11.11.1]:[101]
5.5.5.5 0 100 32768 i ---------- VXLAN
*> [2]:[0]:[101]:[48,3c2c:99d6:167a]:[128,11:11::11:1]:[101]
5.5.5.5 0 100 32768 i ---------- VXLAN
* i [3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i [3]:[101]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [3]:[101]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*> [3]:[101]:[32,5.5.5.5]
5.5.5.5 0 100 32768 i ---------- VXLAN
RD[5.5.5.5:21] VRF[L2VRF2]:
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[0]:[201]:[48,0000:4444:1020]:[32,21.21.21.101]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*> [2]:[0]:[201]:[48,3c2c:99d6:167a]:[32,21.21.21.1]:[201]
5.5.5.5 0 100 32768 i ---------- VXLAN
*> [2]:[0]:[201]:[48,3c2c:99d6:167a]:[128,21:21::21:1]:[201]
5.5.5.5 0 100 32768 i ---------- VXLAN
* i [3]:[201]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i [3]:[201]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [3]:[201]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*> [3]:[201]:[32,5.5.5.5]
5.5.5.5 0 100 32768 i ---------- VXLAN
Total number of prefixes 39
TB2-VTEP5#
Anycast Gateway
For today's large multi-tenant data center, centralized L3 gateway scheme is very inefficient and sometimes impractical. In order to overcome the drawback of centralized L3GW approach, anycast mode is used.
In Anycast gateway approach, all the VTEPs acts as default gateway for all the VNIDs. We will configure same anycast MAC in all VTEPs.
IRB Configuration for Anycast
Configure from Base Configuration-L2 VXLAN section, then configure below commands for Anycast gateway approach.
VTEP1
(config)#nvo vxlan irb | Enable VXLAN IRB |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#ip vrf L3VRF1 | Create MAC routing/forwarding instance with L3VRF1 name and enter into VRF mode |
(config-vrf)#rd 11000:11 | Assign RD value |
(config-vrf)# route-target both 100:100 | Assign route-target value for same for import and export. |
(config-vrf)# l3vni 1000 | Configure L3VNI as 1000 for L3VRF1 |
(config-vrf)#exit | Exit from VRF mode |
(config)# evpn irb-forwarding anycast-gateway-mac 0000.0000.1111 | Configure anycast MAC address |
(config)#commit | Commit the candidate configuration to running configuration |
(config)# interface irb1001 | Configure IRB interface 1001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 11.11.11.1/24 anycast | Configure IP address |
(config-if)ipv6 address 11:11::11:1/48 | Configure IPv6 address |
(config-if) evpn irb-if-forwarding anycast-gateway-mac | Configure anycast MAC address |
(config-if)exit | Exit from interface config mode |
(config)# interface irb2001 | Configure IRB interface 2001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 21.21.21.1/24 anycast | Configure IP address |
(config-if)ipv6 address 21:21::21:1/48 | Configure IPv6 address |
(config-if) evpn irb-if-forwarding anycast-gateway-mac | Configure anycast MAC address |
(config-if)exit | Exit from interface config mode |
(config)#commit | Commit the candidate configuration to running configuration |
(config)router bgp 5000 | Enter into BGP router mode |
(config-router)#address-family ipv4 vrf L3VRF1 | Enter into address-family mode for L3VRF1 |
(config-router-af)#redistribute connected | Redistribute connected |
(config-router-af)#exit-address-family | Exit from address-family |
(config)# nvo vxlan id 101 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# evpn irb1001 | Configure IRB1001 under VXLAN ID 101 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# evpn irb2001 | Configure IRB2001 under VXLAN ID 201 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#commit | Commit the candidate configuration to running configuration |
VTEP2
(config)#nvo vxlan irb | Enable VXLAN IRB |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#ip vrf L3VRF1 | Create MAC routing/forwarding instance with L3VRF1 name and enter into VRF mode |
(config-vrf)#rd 21000:11 | Assign RD value |
(config-vrf)# route-target both 100:100 | Assign route-target value for same for import and export. |
(config-vrf)# l3vni 1000 | Configure L3VNI as 1000 for L3VRF1 |
(config-vrf)#exit | Exit from VRF mode |
(config)# evpn irb-forwarding anycast-gateway-mac 0000.0000.1111 | Configure anycast MAC address |
(config)#commit | Commit the candidate configuration to running configuration |
(config)# interface irb1001 | Configure IRB interface 1001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 11.11.11.1/24 anycast | Configure IP address |
(config-if)ipv6 address 11:11::11:1/48 | Configure IPv6 address |
(config-if) evpn irb-if-forwarding anycast-gateway-mac | Configure anycast MAC address |
(config-if)exit | Exit from interface config mode |
(config)# interface irb2001 | Configure IRB interface 2001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 21.21.21.1/24 anycast | Configure IP address |
(config-if)ipv6 address 21:21::21:1/48 | Configure IPv6 address |
(config-if) evpn irb-if-forwarding anycast-gateway-mac | Configure anycast MAC address |
(config-if)exit | Exit from interface config mode |
(config)#commit | Commit the candidate configuration to running configuration |
(config)router bgp 5000 | Enter into BGP router mode |
(config-router)#address-family ipv4 vrf L3VRF1 | Enter into address-family mode for L3VRF1 |
(config-router-af)#redistribute connected | Redistribute connected |
(config-router-af)#exit-address-family | Exit from address-family |
(config)# nvo vxlan id 101 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# evpn irb1001 | Configure IRB1001 under VXLAN ID 101 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# evpn irb2001 | Configure IRB2001 under VXLAN ID 201 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#commit | Commit the candidate configuration to running configuration |
VTEP4
(config)#nvo vxlan irb | Enable VXLAN IRB |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#ip vrf L3VRF1 | Create MAC routing/forwarding instance with L3VRF1 name and enter into VRF mode |
(config-vrf)#rd 41000:11 | Assign RD value |
(config-vrf)# route-target both 100:100 | Assign route-target value for same for import and export. |
(config-vrf)# l3vni 1000 | Configure L3VNI as 1000 for L3VRF1 |
(config-vrf)#exit | Exit from VRF mode |
(config)# evpn irb-forwarding anycast-gateway-mac 0000.0000.1111 | Configure anycast MAC address |
(config)#commit | Commit the candidate configuration to running configuration |
(config)# interface irb1001 | Configure IRB interface 1001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 11.11.11.1/24 anycast | Configure IP address |
(config-if)ipv6 address 11:11::11:1/48 | Configure IPv6 address |
(config-if) evpn irb-if-forwarding anycast-gateway-mac | Configure anycast MAC address |
(config-if)exit | Exit from interface config mode |
(config)# interface irb2001 | Configure IRB interface 2001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 21.21.21.1/24 anycast | Configure IP address |
(config-if)ipv6 address 21:21::21:1/48 | Configure IPv6 address |
(config-if) evpn irb-if-forwarding anycast-gateway-mac | Configure anycast MAC address |
(config-if)exit | Exit from interface config mode |
(config)#commit | Commit the candidate configuration to running configuration |
(config)router bgp 5000 | Enter into BGP router mode |
(config-router)#address-family ipv4 vrf L3VRF1 | Enter into address-family mode for L3VRF1 |
(config-router-af)#redistribute connected | Redistribute connected |
(config-router-af)#exit-address-family | Exit from address-family |
(config)# nvo vxlan id 101 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# evpn irb1001 | Configure IRB1001 under VXLAN ID 101 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# evpn irb2001 | Configure IRB2001 under VXLAN ID 201 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#commit | Commit the candidate configuration to running configuration |
VTEP5
(config)#nvo vxlan irb | Enable VXLAN IRB |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#ip vrf L3VRF1 | Create MAC routing/forwarding instance with L3VRF1 name and enter into VRF mode |
(config-vrf)#rd 51000:11 | Assign RD value |
(config-vrf)# route-target both 100:100 | Assign route-target value for same for import and export. |
(config-vrf)# l3vni 1000 | Configure L3VNI as 1000 for L3VRF1 |
(config-vrf)#exit | Exit from VRF mode |
(config)# evpn irb-forwarding anycast-gateway-mac 0000.0000.1111 | Configure anycast MAC address |
(config)#commit | Commit the candidate configuration to running configuration |
(config)# interface irb1001 | Configure IRB interface 1001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 11.11.11.1/24 anycast | Configure IP address |
(config-if)ipv6 address 11:11::11:1/48 | Configure IPv6 address |
(config-if) evpn irb-if-forwarding anycast-gateway-mac | Configure anycast MAC address |
(config-if)exit | Exit from interface config mode |
(config)# interface irb2001 | Configure IRB interface 2001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 21.21.21.1/24 anycast | Configure IP address |
(config-if)ipv6 address 21:21::21:1/48 | Configure IPv6 address |
(config-if) evpn irb-if-forwarding anycast-gateway-mac | Configure anycast MAC address |
(config-if)exit | Exit from interface config mode |
(config)#commit | Commit the candidate configuration to running configuration |
(config)router bgp 5000 | Enter into BGP router mode |
(config-router)#address-family ipv4 vrf L3VRF1 | Enter into address-family mode for L3VRF1 |
(config-router-af)#redistribute connected | Redistribute connected |
(config-router-af)#exit-address-family | Exit from address-family |
(config)# nvo vxlan id 101 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# evpn irb1001 | Configure IRB1001 under VXLAN ID 101 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# evpn irb2001 | Configure IRB2001 under VXLAN ID 201 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#commit | Commit the candidate configuration to running configuration |
Validations
VTEP1
TB2-VTEP1#show nvo vxlan tunnel
VXLAN Network tunnel Entries
Source Destination Status Up/Down Update
============================================================================
1.1.1.1 5.5.5.5 Installed 00:13:05 00:13:05
1.1.1.1 4.4.4.4 Installed 00:18:33 00:18:33
1.1.1.1 2.2.2.2 Installed 00:18:34 00:18:34
Total number of entries are 3
TB2-VTEP1#show nvo vxlan
VXLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
VNID VNI-Name VNI-Type Type Interface ESI VLAN DF-Status Src-Addr Dst-Addr
_______________________________________________________________________________________________________________________________
101 VNI-101 L2 NW ---- ---- ---- ---- 1.1.1.1 5.5.5.5
101 VNI-101 L2 NW ---- ---- ---- ---- 1.1.1.1 4.4.4.4
101 VNI-101 L2 NW ---- ---- ---- ---- 1.1.1.1 2.2.2.2
101 VNI-101 -- AC po1 00:00:00:00:00:22:22:00:00:00 10 DF ---- ----
201 VNI-201 L2 NW ---- ---- ---- ---- 1.1.1.1 5.5.5.5
201 VNI-201 L2 NW ---- ---- ---- ---- 1.1.1.1 4.4.4.4
201 VNI-201 L2 NW ---- ---- ---- ---- 1.1.1.1 2.2.2.2
201 VNI-201 -- AC po1 00:00:00:00:00:22:22:00:00:00 20 DF ---- ----
Total number of entries are 8
TB2-VTEP1#show nvo vxlan arp-cache
VXLAN ARP-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________
201 21.21.21.51 0000.2222.1020 Static Local ----
201 21.21.21.1 0000.0000.1111 Static Local ----
201 21.21.21.101 0000.4444.1020 Static Remote ----
101 11.11.11.51 0000.2222.1010 Static Local ----
101 11.11.11.1 0000.0000.1111 Static Local ----
101 11.11.11.201 0000.5555.1010 Static Remote ----
Total number of entries are 6
TB2-VTEP1#show nvo vxlan nd-cache
VXLAN ND-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________________________________
201 21:21::21:1 0000.0000.1111 Static Local ----
101 11:11::11:1 0000.0000.1111 Static Local ----
Total number of entries are 2
TB2-VTEP1#show nvo vxlan l3vni-map
L3VNI L2VNI IRB-interface
===================================
1000 101 irb1001
1000 201 irb2001
TB2-VTEP1#show ip route vrf L3VRF1
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2,
ia - IS-IS inter area, E - EVPN,
v - vrf leaked
* - candidate default
IP Route Table for VRF "L3VRF1"
C 11.11.11.0/24 is directly connected, irb1001, 00:19:26
C 21.21.21.0/24 is directly connected, irb2001, 00:19:26
C 127.0.0.0/8 is directly connected, lo.L3VRF1, 00:19:28
Gateway of last resort is not set
TB2-VTEP1#show ipv6 route vrf L3VRF1
IPv6 Routing Table
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
IA - OSPF inter area, E1 - OSPF external type 1,
E2 - OSPF external type 2, E - EVPN N1 - OSPF NSSA external type 1,
N2 - OSPF NSSA external type 2, i - IS-IS, B - BGP
Timers: Uptime
IP Route Table for VRF "L3VRF1"
C ::1/128 via ::, lo.L3VRF1, 00:19:28
C 11:11::/48 via ::, irb1001, 00:19:26
C 21:21::/48 via ::, irb2001, 00:19:26
C fe80::/64 via ::, irb2001, 00:19:25
TB2-VTEP1#show ip route summary
-----------------------------------------------
IP routing table name is Default-IP-Routing-Table(0)
-----------------------------------------------
IP routing table maximum-paths : 8
Total number of IPv4 routes : 12
Total number of IPv4 paths : 12
Pending routes (due to route max reached): 0
Route Source Networks
connected 3
ospf 9
Total 12
FIB 12
ECMP statistics (active in ASIC):
Total number of IPv4 ECMP routes : 0
Total number of IPv4 ECMP paths : 0
TB2-VTEP1#show ipv6 route summary
-----------------------------------------------
IPv6 routing table name is Default-IPv6-Routing-Table(0)
-----------------------------------------------
IPv6 routing table maximum-paths : 8
Total number of IPv6 routes : 2
Total number of IPv6 paths : 2
Pending routes (due to route max reached): 0
Route Source Networks
connected 2
Total 2
FIB 2
ECMP statistics (active in ASIC):
Total number of IPv6 ECMP routes : 0
Total number of IPv6 ECMP paths : 0
TB2-VTEP1#show bgp l2vpn evpn
BGP table version is 6, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
l - labeled, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
[EVPN route type]:[ESI]:[VNID]:[relevent route informantion]
1 - Ethernet Auto-discovery Route
2 - MAC/IP Route
3 - Inclusive Multicast Route
4 - Ethernet Segment Route
5 - Prefix Route
Network Next Hop Metric LocPrf Weight Path Peer Encap
RD[21000:11]
*>i [5]:[0]:[1000]:[24]:[11.11.11.0]:[0.0.0.0]:[1000]
2.2.2.2 0 100 0 ? 2.2.2.2 VXLAN
*>i [5]:[0]:[1000]:[24]:[21.21.21.0]:[0.0.0.0]:[1000]
2.2.2.2 0 100 0 ? 2.2.2.2 VXLAN
RD[41000:11]
*>i [5]:[0]:[1000]:[24]:[11.11.11.0]:[0.0.0.0]:[1000]
4.4.4.4 0 100 0 ? 4.4.4.4 VXLAN
*>i [5]:[0]:[1000]:[24]:[21.21.21.0]:[0.0.0.0]:[1000]
4.4.4.4 0 100 0 ? 4.4.4.4 VXLAN
RD[51000:11]
*>i [5]:[0]:[1000]:[24]:[11.11.11.0]:[0.0.0.0]:[1000]
5.5.5.5 0 100 0 ? 5.5.5.5 VXLAN
*>i [5]:[0]:[1000]:[24]:[21.21.21.0]:[0.0.0.0]:[1000]
5.5.5.5 0 100 0 ? 5.5.5.5 VXLAN
RD[1.1.1.1:1] VRF[evpn-gvrf-1]:
*> [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 32768 i ---------- VXLAN
*> [4]:[00:00:00:00:00:22:22:00:00:00]:[32,1.1.1.1]
1.1.1.1 0 100 32768 i ---------- VXLAN
* i [4]:[00:00:00:00:00:22:22:00:00:00]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[1.1.1.1:11] VRF[L2VRF1]:
*> [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
1.1.1.1 0 100 32768 i ---------- VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i 4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> 1.1.1.1 0 100 32768 i ---------- VXLAN
* i [2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i 4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> 1.1.1.1 0 100 32768 i ---------- VXLAN
*> [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
1.1.1.1 0 100 32768 i ---------- VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[0]:[101]:[48,0000:5555:1010]:[32,11.11.11.201]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*> [3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 32768 i ---------- VXLAN
* i [3]:[101]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [3]:[101]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i [3]:[101]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
RD[1.1.1.1:21] VRF[L2VRF2]:
*> [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
1.1.1.1 0 100 32768 i ---------- VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i 4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> 1.1.1.1 0 100 32768 i ---------- VXLAN
* i [2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i 4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> 1.1.1.1 0 100 32768 i ---------- VXLAN
*> [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
1.1.1.1 0 100 32768 i ---------- VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[0]:[201]:[48,0000:4444:1020]:[32,21.21.21.101]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*> [3]:[201]:[32,1.1.1.1]
1.1.1.1 0 100 32768 i ---------- VXLAN
* i [3]:[201]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [3]:[201]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i [3]:[201]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
RD[2.2.2.2:1]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [4]:[00:00:00:00:00:22:22:00:00:00]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[2.2.2.2:11]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [3]:[101]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[2.2.2.2:21]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [3]:[201]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[4.4.4.4:11]
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [3]:[101]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
RD[4.4.4.4:21]
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [2]:[0]:[201]:[48,0000:4444:1020]:[32,21.21.21.101]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [3]:[201]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
RD[5.5.5.5:11]
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i [2]:[0]:[101]:[48,0000:5555:1010]:[32,11.11.11.201]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i [3]:[101]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
RD[5.5.5.5:21]
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i [3]:[201]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
Total number of prefixes 55
TB2-VTEP1#
TB2-VTEP2#show nvo vxlan tunnel
VXLAN Network tunnel Entries
Source Destination Status Up/Down Update
============================================================================
2.2.2.2 4.4.4.4 Installed 00:18:42 00:18:42
2.2.2.2 1.1.1.1 Installed 00:18:43 00:18:43
2.2.2.2 5.5.5.5 Installed 00:13:14 00:13:14
Total number of entries are 3
TB2-VTEP2#show nvo vxlan
VXLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
VNID VNI-Name VNI-Type Type Interface ESI VLAN DF-Status Src-Addr Dst-Addr
_______________________________________________________________________________________________________________________________
101 VNI-101 L2 NW ---- ---- ---- ---- 2.2.2.2 4.4.4.4
101 VNI-101 L2 NW ---- ---- ---- ---- 2.2.2.2 1.1.1.1
101 VNI-101 L2 NW ---- ---- ---- ---- 2.2.2.2 5.5.5.5
101 VNI-101 -- AC po1 00:00:00:00:00:22:22:00:00:00 10 NON-DF ---- ----
201 VNI-201 L2 NW ---- ---- ---- ---- 2.2.2.2 4.4.4.4
201 VNI-201 L2 NW ---- ---- ---- ---- 2.2.2.2 1.1.1.1
201 VNI-201 L2 NW ---- ---- ---- ---- 2.2.2.2 5.5.5.5
201 VNI-201 -- AC po1 00:00:00:00:00:22:22:00:00:00 20 NON-DF ---- ----
Total number of entries are 8
TB2-VTEP2#show nvo vxlan arp-cache
VXLAN ARP-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________
201 21.21.21.51 0000.2222.1020 Static Local ----
201 21.21.21.1 0000.0000.1111 Static Local ----
201 21.21.21.101 0000.4444.1020 Static Remote ----
101 11.11.11.51 0000.2222.1010 Static Local ----
101 11.11.11.1 0000.0000.1111 Static Local ----
101 11.11.11.201 0000.5555.1010 Static Remote ----
Total number of entries are 6
TB2-VTEP2#show nvo vxlan nd-cache
VXLAN ND-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________________________________
201 21:21::21:1 0000.0000.1111 Static Local ----
101 11:11::11:1 0000.0000.1111 Static Local ----
Total number of entries are 2
TB2-VTEP2#show nvo vxlan l3vni-map
L3VNI L2VNI IRB-interface
===================================
1000 101 irb1001
1000 201 irb2001
TB2-VTEP2#show ip route vrf L3VRF1
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2,
ia - IS-IS inter area, E - EVPN,
v - vrf leaked
* - candidate default
IP Route Table for VRF "L3VRF1"
C 11.11.11.0/24 is directly connected, irb1001, 00:19:37
C 21.21.21.0/24 is directly connected, irb2001, 00:19:37
C 127.0.0.0/8 is directly connected, lo.L3VRF1, 00:19:40
Gateway of last resort is not set
TB2-VTEP2#show ipv6 route vrf L3VRF1
IPv6 Routing Table
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
IA - OSPF inter area, E1 - OSPF external type 1,
E2 - OSPF external type 2, E - EVPN N1 - OSPF NSSA external type 1,
N2 - OSPF NSSA external type 2, i - IS-IS, B - BGP
Timers: Uptime
IP Route Table for VRF "L3VRF1"
C ::1/128 via ::, lo.L3VRF1, 00:19:40
C 11:11::/48 via ::, irb1001, 00:19:37
C 21:21::/48 via ::, irb2001, 00:19:37
C fe80::/64 via ::, irb2001, 00:19:36
TB2-VTEP2#show ip route summary
-----------------------------------------------
IP routing table name is Default-IP-Routing-Table(0)
-----------------------------------------------
IP routing table maximum-paths : 8
Total number of IPv4 routes : 12
Total number of IPv4 paths : 12
Pending routes (due to route max reached): 0
Route Source Networks
connected 3
ospf 9
Total 12
FIB 12
ECMP statistics (active in ASIC):
Total number of IPv4 ECMP routes : 0
Total number of IPv4 ECMP paths : 0
TB2-VTEP2#show ipv6 route summary
-----------------------------------------------
IPv6 routing table name is Default-IPv6-Routing-Table(0)
-----------------------------------------------
IPv6 routing table maximum-paths : 8
Total number of IPv6 routes : 2
Total number of IPv6 paths : 2
Pending routes (due to route max reached): 0
Route Source Networks
connected 2
Total 2
FIB 2
ECMP statistics (active in ASIC):
Total number of IPv6 ECMP routes : 0
Total number of IPv6 ECMP paths : 0
TB2-VTEP2#show bgp l2vpn evpn
BGP table version is 6, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
l - labeled, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
[EVPN route type]:[ESI]:[VNID]:[relevent route informantion]
1 - Ethernet Auto-discovery Route
2 - MAC/IP Route
3 - Inclusive Multicast Route
4 - Ethernet Segment Route
5 - Prefix Route
Network Next Hop Metric LocPrf Weight Path Peer Encap
RD[11000:11]
*>i[5]:[0]:[1000]:[24]:[11.11.11.0]:[0.0.0.0]:[1000]
1.1.1.1 0 100 0 ? 1.1.1.1 VXLAN
*>i[5]:[0]:[1000]:[24]:[21.21.21.0]:[0.0.0.0]:[1000]
1.1.1.1 0 100 0 ? 1.1.1.1 VXLAN
RD[41000:11]
*>i[5]:[0]:[1000]:[24]:[11.11.11.0]:[0.0.0.0]:[1000]
4.4.4.4 0 100 0 ? 4.4.4.4 VXLAN
*>i[5]:[0]:[1000]:[24]:[21.21.21.0]:[0.0.0.0]:[1000]
4.4.4.4 0 100 0 ? 4.4.4.4 VXLAN
RD[51000:11]
*>i[5]:[0]:[1000]:[24]:[11.11.11.0]:[0.0.0.0]:[1000]
5.5.5.5 0 100 0 ? 5.5.5.5 VXLAN
*>i[5]:[0]:[1000]:[24]:[21.21.21.0]:[0.0.0.0]:[1000]
5.5.5.5 0 100 0 ? 5.5.5.5 VXLAN
RD[1.1.1.1:1]
*>i[1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i[4]:[00:00:00:00:00:22:22:00:00:00]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[1.1.1.1:11]
*>i[1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i[2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i[2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i[2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i[3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[1.1.1.1:21]
*>i[1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i[2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i[2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i[2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i[3]:[201]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[2.2.2.2:1] VRF[evpn-gvrf-1]:
*> [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
2.2.2.2 0 100 32768 i ---------- VXLAN
* i[4]:[00:00:00:00:00:22:22:00:00:00]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*> [4]:[00:00:00:00:00:22:22:00:00:00]:[32,2.2.2.2]
2.2.2.2 0 100 32768 i ---------- VXLAN
RD[2.2.2.2:11] VRF[L2VRF1]:
* i[1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*> 2.2.2.2 0 100 32768 i ---------- VXLAN
* i[1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i[2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i 4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i 1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*> 2.2.2.2 0 100 32768 i ---------- VXLAN
* i[2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i 4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i 1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*> 2.2.2.2 0 100 32768 i ---------- VXLAN
* i[2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*> 2.2.2.2 0 100 32768 i ---------- VXLAN
* i[2]:[0]:[101]:[48,0000:5555:1010]:[32,11.11.11.201]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i[3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*> [3]:[101]:[32,2.2.2.2]
2.2.2.2 0 100 32768 i ---------- VXLAN
* i[3]:[101]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i[3]:[101]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
RD[2.2.2.2:21] VRF[L2VRF2]:
* i[1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*> 2.2.2.2 0 100 32768 i ---------- VXLAN
* i[1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i[2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i 4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i 1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*> 2.2.2.2 0 100 32768 i ---------- VXLAN
* i[2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i 4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i 1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*> 2.2.2.2 0 100 32768 i ---------- VXLAN
* i[2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*> 2.2.2.2 0 100 32768 i ---------- VXLAN
* i[2]:[0]:[201]:[48,0000:4444:1020]:[32,21.21.21.101]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i[3]:[201]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*> [3]:[201]:[32,2.2.2.2]
2.2.2.2 0 100 32768 i ---------- VXLAN
* i[3]:[201]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i[3]:[201]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
RD[4.4.4.4:11]
*>i[2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i[2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i[3]:[101]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
RD[4.4.4.4:21]
*>i[2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i[2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i[2]:[0]:[201]:[48,0000:4444:1020]:[32,21.21.21.101]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i[3]:[201]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
RD[5.5.5.5:11]
*>i[2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i[2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i[2]:[0]:[101]:[48,0000:5555:1010]:[32,11.11.11.201]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i[3]:[101]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
RD[5.5.5.5:21]
*>i[2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i[2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i[3]:[201]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
Total number of prefixes 55
TB2-VTEP2#
VTEP4
TB2-VTEP4#show nvo vxlan tunnel
VXLAN Network tunnel Entries
Source Destination Status Up/Down Update
============================================================================
4.4.4.4 2.2.2.2 Installed 00:18:55 00:18:55
4.4.4.4 1.1.1.1 Installed 00:18:55 00:18:55
4.4.4.4 5.5.5.5 Installed 00:13:27 00:13:27
Total number of entries are 3
TB2-VTEP4#show nvo vxlan
VXLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
VNID VNI-Name VNI-Type Type Interface ESI VLAN DF-Status Src-Addr Dst-Addr
_______________________________________________________________________________________________________________________________
101 VNI-101 L2 NW ---- ---- ---- ---- 4.4.4.4 2.2.2.2
101 VNI-101 L2 NW ---- ---- ---- ---- 4.4.4.4 1.1.1.1
101 VNI-101 L2 NW ---- ---- ---- ---- 4.4.4.4 5.5.5.5
201 VNI-201 L2 NW ---- ---- ---- ---- 4.4.4.4 2.2.2.2
201 VNI-201 L2 NW ---- ---- ---- ---- 4.4.4.4 1.1.1.1
201 VNI-201 L2 NW ---- ---- ---- ---- 4.4.4.4 5.5.5.5
201 VNI-201 -- AC sa1 --- Single Homed Port --- 20 ---- ---- ----
Total number of entries are 7
TB2-VTEP4#show nvo vxlan arp-cache
VXLAN ARP-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________
201 21.21.21.51 0000.2222.1020 Static Remote ----
201 21.21.21.1 0000.0000.1111 Static Local ----
201 21.21.21.101 0000.4444.1020 Static Local ----
101 11.11.11.51 0000.2222.1010 Static Remote ----
101 11.11.11.1 0000.0000.1111 Static Local ----
101 11.11.11.201 0000.5555.1010 Static Remote ----
Total number of entries are 6
TB2-VTEP4#show nvo vxlan nd-cache
VXLAN ND-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________________________________
201 21:21::21:1 0000.0000.1111 Static Local ----
101 11:11::11:1 0000.0000.1111 Static Local ----
Total number of entries are 2
TB2-VTEP4#show nvo vxlan l3vni-map
L3VNI L2VNI IRB-interface
===================================
1000 101 irb1001
1000 201 irb2001
TB2-VTEP4#show ip route vrf L3VRF1
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2,
ia - IS-IS inter area, E - EVPN,
v - vrf leaked
* - candidate default
IP Route Table for VRF "L3VRF1"
C 11.11.11.0/24 is directly connected, irb1001, 00:19:46
C 21.21.21.0/24 is directly connected, irb2001, 00:19:46
C 127.0.0.0/8 is directly connected, lo.L3VRF1, 00:19:49
Gateway of last resort is not set
TB2-VTEP4#show ipv6 route vrf L3VRF1
IPv6 Routing Table
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
IA - OSPF inter area, E1 - OSPF external type 1,
E2 - OSPF external type 2, E - EVPN N1 - OSPF NSSA external type 1,
N2 - OSPF NSSA external type 2, i - IS-IS, B - BGP
Timers: Uptime
IP Route Table for VRF "L3VRF1"
C ::1/128 via ::, lo.L3VRF1, 00:19:49
C 11:11::/48 via ::, irb1001, 00:19:46
C 21:21::/48 via ::, irb2001, 00:19:46
C fe80::/64 via ::, irb2001, 00:19:46
TB2-VTEP4#show ip route summary
-----------------------------------------------
IP routing table name is Default-IP-Routing-Table(0)
-----------------------------------------------
IP routing table maximum-paths : 8
Total number of IPv4 routes : 12
Total number of IPv4 paths : 12
Pending routes (due to route max reached): 0
Route Source Networks
connected 3
ospf 9
Total 12
FIB 12
ECMP statistics (active in ASIC):
Total number of IPv4 ECMP routes : 0
Total number of IPv4 ECMP paths : 0
TB2-VTEP4#show ipv6 route summary
-----------------------------------------------
IPv6 routing table name is Default-IPv6-Routing-Table(0)
-----------------------------------------------
IPv6 routing table maximum-paths : 8
Total number of IPv6 routes : 2
Total number of IPv6 paths : 2
Pending routes (due to route max reached): 0
Route Source Networks
connected 2
Total 2
FIB 2
ECMP statistics (active in ASIC):
Total number of IPv6 ECMP routes : 0
Total number of IPv6 ECMP paths : 0
TB2-VTEP4#show bgp l2vpn evpn
BGP table version is 4, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
l - labeled, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
[EVPN route type]:[ESI]:[VNID]:[relevent route informantion]
1 - Ethernet Auto-discovery Route
2 - MAC/IP Route
3 - Inclusive Multicast Route
4 - Ethernet Segment Route
5 - Prefix Route
Network Next Hop Metric LocPrf Weight Path Peer Encap
RD[11000:11]
*>i [5]:[0]:[1000]:[24]:[11.11.11.0]:[0.0.0.0]:[1000]
1.1.1.1 0 100 0 ? 1.1.1.1 VXLAN
*>i [5]:[0]:[1000]:[24]:[21.21.21.0]:[0.0.0.0]:[1000]
1.1.1.1 0 100 0 ? 1.1.1.1 VXLAN
RD[21000:11]
*>i [5]:[0]:[1000]:[24]:[11.11.11.0]:[0.0.0.0]:[1000]
2.2.2.2 0 100 0 ? 2.2.2.2 VXLAN
*>i [5]:[0]:[1000]:[24]:[21.21.21.0]:[0.0.0.0]:[1000]
2.2.2.2 0 100 0 ? 2.2.2.2 VXLAN
RD[51000:11]
*>i [5]:[0]:[1000]:[24]:[11.11.11.0]:[0.0.0.0]:[1000]
5.5.5.5 0 100 0 ? 5.5.5.5 VXLAN
*>i [5]:[0]:[1000]:[24]:[21.21.21.0]:[0.0.0.0]:[1000]
5.5.5.5 0 100 0 ? 5.5.5.5 VXLAN
RD[1.1.1.1:1]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [4]:[00:00:00:00:00:22:22:00:00:00]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[1.1.1.1:11]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[1.1.1.1:21]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [3]:[201]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[2.2.2.2:1]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [4]:[00:00:00:00:00:22:22:00:00:00]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[2.2.2.2:11]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [3]:[101]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[2.2.2.2:21]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [3]:[201]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[4.4.4.4:11] VRF[L2VRF1]:
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i 1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> 4.4.4.4 0 100 32768 i ---------- VXLAN
* i [2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i 1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> 4.4.4.4 0 100 32768 i ---------- VXLAN
* i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[0]:[101]:[48,0000:5555:1010]:[32,11.11.11.201]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i [3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i [3]:[101]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> [3]:[101]:[32,4.4.4.4]
4.4.4.4 0 100 32768 i ---------- VXLAN
* i [3]:[101]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
RD[4.4.4.4:21] VRF[L2VRF2]:
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i 1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> 4.4.4.4 0 100 32768 i ---------- VXLAN
* i [2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i 1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> 4.4.4.4 0 100 32768 i ---------- VXLAN
* i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> [2]:[0]:[201]:[48,0000:4444:1020]:[32,21.21.21.101]:[201]
4.4.4.4 0 100 32768 i ---------- VXLAN
* i [3]:[201]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i [3]:[201]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> [3]:[201]:[32,4.4.4.4]
4.4.4.4 0 100 32768 i ---------- VXLAN
* i [3]:[201]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
RD[5.5.5.5:11]
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i [2]:[0]:[101]:[48,0000:5555:1010]:[32,11.11.11.201]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i [3]:[101]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
RD[5.5.5.5:21]
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i [3]:[201]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
Total number of prefixes 57
TB2-VTEP4#
VTEP5
TB2-VTEP5#show nvo vxlan tunnel
VXLAN Network tunnel Entries
Source Destination Status Up/Down Update
============================================================================
5.5.5.5 2.2.2.2 Installed 00:13:36 00:13:36
5.5.5.5 4.4.4.4 Installed 00:13:36 00:13:36
5.5.5.5 1.1.1.1 Installed 00:13:36 00:13:36
Total number of entries are 3
TB2-VTEP5#show nvo vxlan
VXLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
VNID VNI-Name VNI-Type Type Interface ESI VLAN DF-Status Src-Addr Dst-Addr
_______________________________________________________________________________________________________________________________
101 VNI-101 L2 NW ---- ---- ---- ---- 5.5.5.5 2.2.2.2
101 VNI-101 L2 NW ---- ---- ---- ---- 5.5.5.5 4.4.4.4
101 VNI-101 L2 NW ---- ---- ---- ---- 5.5.5.5 1.1.1.1
101 VNI-101 -- AC xe48 --- Single Homed Port --- 10 ---- ---- ----
201 VNI-201 L2 NW ---- ---- ---- ---- 5.5.5.5 2.2.2.2
201 VNI-201 L2 NW ---- ---- ---- ---- 5.5.5.5 4.4.4.4
201 VNI-201 L2 NW ---- ---- ---- ---- 5.5.5.5 1.1.1.1
Total number of entries are 7
TB2-VTEP5#show nvo vxlan arp-cache
VXLAN ARP-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________
201 21.21.21.51 0000.2222.1020 Static Remote ----
201 21.21.21.1 0000.0000.1111 Static Local ----
201 21.21.21.101 0000.4444.1020 Static Remote ----
101 11.11.11.51 0000.2222.1010 Static Remote ----
101 11.11.11.1 0000.0000.1111 Static Local ----
101 11.11.11.201 0000.5555.1010 Static Local ----
Total number of entries are 6
TB2-VTEP5#show nvo vxlan nd-cache
VXLAN ND-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________________________________
201 21:21::21:1 0000.0000.1111 Static Local ----
101 11:11::11:1 0000.0000.1111 Static Local ----
Total number of entries are 2
TB2-VTEP5#show nvo vxlan l3vni-map
L3VNI L2VNI IRB-interface
===================================
1000 101 irb1001
1000 201 irb2001
TB2-VTEP5#show ip route vrf L3VRF1
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2,
ia - IS-IS inter area, E - EVPN,
v - vrf leaked
* - candidate default
IP Route Table for VRF "L3VRF1"
C 11.11.11.0/24 is directly connected, irb1001, 00:14:07
C 21.21.21.0/24 is directly connected, irb2001, 00:14:05
C 127.0.0.0/8 is directly connected, lo.L3VRF1, 00:20:00
Gateway of last resort is not set
TB2-VTEP5#show ipv6 route vrf L3VRF1
IPv6 Routing Table
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
IA - OSPF inter area, E1 - OSPF external type 1,
E2 - OSPF external type 2, E - EVPN N1 - OSPF NSSA external type 1,
N2 - OSPF NSSA external type 2, i - IS-IS, B - BGP
Timers: Uptime
IP Route Table for VRF "L3VRF1"
C ::1/128 via ::, lo.L3VRF1, 00:20:00
C 11:11::/48 via ::, irb1001, 00:14:07
C 21:21::/48 via ::, irb2001, 00:14:05
C fe80::/64 via ::, irb2001, 00:14:05
TB2-VTEP5#show ip route summary
-----------------------------------------------
IP routing table name is Default-IP-Routing-Table(0)
-----------------------------------------------
IP routing table maximum-paths : 8
Total number of IPv4 routes : 12
Total number of IPv4 paths : 12
Pending routes (due to route max reached): 0
Route Source Networks
connected 3
ospf 9
Total 12
FIB 12
ECMP statistics (active in ASIC):
Total number of IPv4 ECMP routes : 0
Total number of IPv4 ECMP paths : 0
TB2-VTEP5#show ipv6 route summary
-----------------------------------------------
IPv6 routing table name is Default-IPv6-Routing-Table(0)
-----------------------------------------------
IPv6 routing table maximum-paths : 8
Total number of IPv6 routes : 2
Total number of IPv6 paths : 2
Pending routes (due to route max reached): 0
Route Source Networks
connected 2
Total 2
FIB 2
ECMP statistics (active in ASIC):
Total number of IPv6 ECMP routes : 0
Total number of IPv6 ECMP paths : 0
TB2-VTEP5#show bgp l2vpn evpn
BGP table version is 7, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
l - labeled, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
[EVPN route type]:[ESI]:[VNID]:[relevent route informantion]
1 - Ethernet Auto-discovery Route
2 - MAC/IP Route
3 - Inclusive Multicast Route
4 - Ethernet Segment Route
5 - Prefix Route
Network Next Hop Metric LocPrf Weight Path Peer Encap
RD[11000:11]
*>i [5]:[0]:[1000]:[24]:[11.11.11.0]:[0.0.0.0]:[1000]
1.1.1.1 0 100 0 ? 1.1.1.1 VXLAN
*>i [5]:[0]:[1000]:[24]:[21.21.21.0]:[0.0.0.0]:[1000]
1.1.1.1 0 100 0 ? 1.1.1.1 VXLAN
RD[21000:11]
*>i [5]:[0]:[1000]:[24]:[11.11.11.0]:[0.0.0.0]:[1000]
2.2.2.2 0 100 0 ? 2.2.2.2 VXLAN
*>i [5]:[0]:[1000]:[24]:[21.21.21.0]:[0.0.0.0]:[1000]
2.2.2.2 0 100 0 ? 2.2.2.2 VXLAN
RD[41000:11]
*>i [5]:[0]:[1000]:[24]:[11.11.11.0]:[0.0.0.0]:[1000]
4.4.4.4 0 100 0 ? 4.4.4.4 VXLAN
*>i [5]:[0]:[1000]:[24]:[21.21.21.0]:[0.0.0.0]:[1000]
4.4.4.4 0 100 0 ? 4.4.4.4 VXLAN
RD[1.1.1.1:1]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [4]:[00:00:00:00:00:22:22:00:00:00]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[1.1.1.1:11]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[1.1.1.1:21]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [3]:[201]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[2.2.2.2:1]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [4]:[00:00:00:00:00:22:22:00:00:00]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[2.2.2.2:11]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [3]:[101]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[2.2.2.2:21]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [3]:[201]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[4.4.4.4:11]
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [3]:[101]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
RD[4.4.4.4:21]
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [2]:[0]:[201]:[48,0000:4444:1020]:[32,21.21.21.101]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [3]:[201]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
RD[5.5.5.5:11] VRF[L2VRF1]:
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> [2]:[0]:[101]:[48,0000:0000:1111]:[32,11.11.11.1]:[101]
5.5.5.5 0 100 32768 i ---------- VXLAN
* i 4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i 1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*> [2]:[0]:[101]:[48,0000:0000:1111]:[128,11:11::11:1]:[101]
5.5.5.5 0 100 32768 i ---------- VXLAN
* i 4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i 1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> [2]:[0]:[101]:[48,0000:5555:1010]:[32,11.11.11.201]:[101]
5.5.5.5 0 100 32768 i ---------- VXLAN
* i [3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i [3]:[101]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [3]:[101]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*> [3]:[101]:[32,5.5.5.5]
5.5.5.5 0 100 32768 i ---------- VXLAN
RD[5.5.5.5:21] VRF[L2VRF2]:
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> [2]:[0]:[201]:[48,0000:0000:1111]:[32,21.21.21.1]:[201]
5.5.5.5 0 100 32768 i ---------- VXLAN
* i 4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i 1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*> [2]:[0]:[201]:[48,0000:0000:1111]:[128,21:21::21:1]:[201]
5.5.5.5 0 100 32768 i ---------- VXLAN
* i 4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i 1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[0]:[201]:[48,0000:4444:1020]:[32,21.21.21.101]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i [3]:[201]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i [3]:[201]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [3]:[201]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*> [3]:[201]:[32,5.5.5.5]
5.5.5.5 0 100 32768 i ---------- VXLAN
Total number of prefixes 57
TB2-VTEP5#
Distributed Gateway
In distributed gateway approach, VTEP will act as default gateways for one or more VNIDs,
Each VTEP having its own default gateway IP and MAC configuration for a given VNID.
IRB Configuration for Distributed
Configure from Base Configuration-L2 VXLAN section, then configure below commands for centralized distributed approach.
VTEP4
(config)#nvo vxlan irb | Enable VXLAN irb |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#ip vrf L3VRF1 | Create MAC routing/forwarding instance with L3VRF1 name and enter into VRF mode |
(config-vrf)#rd 41000:11 | Assign RD value |
(config-vrf)# route-target both 100:100 | Assign route-target value for same for import and export. |
(config-vrf)# l3vni 1000 | Configure L3VNI as 1000 for L3VRF1 |
(config-vrf)#exit | Exit from VRF mode |
(config)# interface irb2001 | Configure IRB interface 2001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 21.21.21.1/24 | Configure IP address |
(config-if)ipv6 address 21:21::21:1/48 | Configure IPv6 address |
(config-if)exit | Exit from interface config mode |
(config)#commit | Commit the candidate configuration to running configuration |
(config)router bgp 5000 | Enter into BGP router mode |
(config-router)#address-family ipv4 vrf L3VRF1 | Enter into address-family mode for L3VRF1 |
(config-router-af)#redistribute connected | Redistribute connected |
(config-router-af)#exit-address-family | Exit from address-family |
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# evpn irb2001 | Configure IRB2001 under VXLAN id 201 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#commit | Commit the candidate configuration to running configuration |
VTEP5
Unconfigure vnid 201 from nvo vxlan.
(config)#nvo vxlan irb | Enable VXLAN IRB |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#ip vrf L3VRF1 | Create mac routing/forwarding instance with L3VRF1 name and enter into VRF mode |
(config-vrf)#rd 51000:11 | Assign RD value |
(config-vrf)# route-target both 100:100 | Assign route-target value for same for import and export. |
(config-vrf)# l3vni 1000 | Configure L3VNI as 1000 for L3VRF1 |
(config-vrf)#exit | Exit from VRF mode |
(config)# interface irb1001 | Configure IRB interface 1001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 11.11.11.1/24 | Configure IP address |
(config-if)ipv6 address 11:11::11:1/48 | Configure IPv6 address |
(config-if)exit | Exit from interface config mode |
(config)#commit | Commit the candidate configuration to running configuration |
(config)router bgp 5000 | Enter into BGP router mode |
(config-router)#address-family ipv4 vrf L3VRF1 | Enter into address-family mode for L3VRF1 |
(config-router-af)#redistribute connected | Redistribute connected |
(config-router-af)#exit-address-family | Exit from address-family |
(config)# nvo vxlan id 101 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1 | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)# evpn irb1001 | Configure IRB under VXLAN id 101 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#commit | Commit the candidate configuration to running configuration |
Validations
VTEP4
TB2-VTEP4#show nvo vxlan tunnel
VXLAN Network tunnel Entries
Source Destination Status Up/Down Update
============================================================================
4.4.4.4 2.2.2.2 Installed 00:01:17 00:01:17
4.4.4.4 1.1.1.1 Installed 00:01:17 00:01:17
4.4.4.4 5.5.5.5 Installed 00:02:22 00:02:22
Total number of entries are 3
TB2-VTEP4#show nvo vxlan
VXLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
VNID VNI-Name VNI-Type Type Interface ESI VLAN DF-Status Src-Addr Dst-Addr
_______________________________________________________________________________________________________________________________
201 VNI-201 L2 NW ---- ---- ---- ---- 4.4.4.4 2.2.2.2
201 VNI-201 L2 NW ---- ---- ---- ---- 4.4.4.4 1.1.1.1
201 VNI-201 -- AC sa1 --- Single Homed Port --- 20 ---- ---- ----
1000 ---- L3 NW ---- ---- ---- ---- 4.4.4.4 5.5.5.5
Total number of entries are 4
TB2-VTEP4#show nvo vxlan arp-cache
VXLAN ARP-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________
201 21.21.21.51 0000.2222.1020 Static Remote ----
201 21.21.21.1 3c2c.99c7.077a Static Local ----
201 21.21.21.101 0000.4444.1020 Static Local ----
Total number of entries are 3
TB2-VTEP4#show nvo vxlan l3vni-map
L3VNI L2VNI IRB-interface
===================================
1000 201 irb2001
TB2-VTEP4#show ip route vrf L3VRF1
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2,
ia - IS-IS inter area, E - EVPN,
v - vrf leaked
* - candidate default
IP Route Table for VRF "L3VRF1"
B 5.5.5.5/32 [0/0] is directly connected, tunvxlan2, 00:02:23
B 11.11.11.0/24 [200/0] via 5.5.5.5 (recursive is directly connected, tunvxlan2), 00:01:26
C 21.21.21.0/24 is directly connected, irb2001, 00:01:18
C 127.0.0.0/8 is directly connected, lo.L3VRF1, 00:02:23
Gateway of last resort is not set
TB2-VTEP4#show ip route summary
-----------------------------------------------
IP routing table name is Default-IP-Routing-Table(0)
-----------------------------------------------
IP routing table maximum-paths : 8
Total number of IPv4 routes : 12
Total number of IPv4 paths : 12
Pending routes (due to route max reached): 0
Route Source Networks
connected 3
ospf 9
Total 12
FIB 12
ECMP statistics (active in ASIC):
Total number of IPv4 ECMP routes : 0
Total number of IPv4 ECMP paths : 0
TB2-VTEP4#show bgp l2vpn evpn
BGP table version is 13, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
l - labeled, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
[EVPN route type]:[ESI]:[VNID]:[relevent route informantion]
1 - Ethernet Auto-discovery Route
2 - MAC/IP Route
3 - Inclusive Multicast Route
4 - Ethernet Segment Route
5 - Prefix Route
Network Next Hop Metric LocPrf Weight Path Peer Encap
RD[51000:11]
*>i [5]:[0]:[1000]:[24]:[11.11.11.0]:[0.0.0.0]:[1000]
5.5.5.5 0 100 0 ? 5.5.5.5 VXLAN
RD[1.1.1.1:1]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [4]:[00:00:00:00:00:22:22:00:00:00]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[1.1.1.1:11]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[1.1.1.1:21]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [3]:[201]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[2.2.2.2:1]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [4]:[00:00:00:00:00:22:22:00:00:00]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[2.2.2.2:11]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [3]:[101]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[2.2.2.2:21]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [3]:[201]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[4.4.4.4:11] VRF[L2VRF1]:
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[0]:[101]:[48,0000:5555:1010]:[32,11.11.11.201]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i [2]:[0]:[101]:[48,3c2c:99d6:167a]:[32,11.11.11.1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i [2]:[0]:[101]:[48,3c2c:99d6:167a]:[128,11:11::11:1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
* i [3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i [3]:[101]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [3]:[101]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
RD[4.4.4.4:21] VRF[L2VRF2]:
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> [2]:[0]:[201]:[48,0000:4444:1020]:[32,21.21.21.101]:[201]
4.4.4.4 0 100 32768 i ---------- VXLAN
*> [2]:[0]:[201]:[48,3c2c:99c7:077a]:[32,21.21.21.1]:[201]
4.4.4.4 0 100 32768 i ---------- VXLAN
*> [2]:[0]:[201]:[48,3c2c:99c7:077a]:[128,21:21::21:1]:[201]
4.4.4.4 0 100 32768 i ---------- VXLAN
* i [3]:[201]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i [3]:[201]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> [3]:[201]:[32,4.4.4.4]
4.4.4.4 0 100 32768 i ---------- VXLAN
RD[5.5.5.5:11]
*>i [2]:[0]:[101]:[48,0000:5555:1010]:[32,11.11.11.201]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i [2]:[0]:[101]:[48,3c2c:99d6:167a]:[32,11.11.11.1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i [2]:[0]:[101]:[48,3c2c:99d6:167a]:[128,11:11::11:1]:[101]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
*>i [3]:[101]:[32,5.5.5.5]
5.5.5.5 0 100 0 i 5.5.5.5 VXLAN
Total number of prefixes 39
TB2-VTEP4#
VTEP5
TB2-VTEP5#show nvo vxlan tunnel
VXLAN Network tunnel Entries
Source Destination Status Up/Down Update
============================================================================
5.5.5.5 2.2.2.2 Installed 00:34:13 00:34:13
5.5.5.5 4.4.4.4 Installed 00:01:26 00:01:26
5.5.5.5 1.1.1.1 Installed 00:34:13 00:34:13
Total number of entries are 3
TB2-VTEP5#show nvo vxlan
VXLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
VNID VNI-Name VNI-Type Type Interface ESI VLAN DF-Status Src-Addr Dst-Addr
_______________________________________________________________________________________________________________________________
101 VNI-101 L2 NW ---- ---- ---- ---- 5.5.5.5 2.2.2.2
101 VNI-101 L2 NW ---- ---- ---- ---- 5.5.5.5 1.1.1.1
101 VNI-101 -- AC xe48 --- Single Homed Port --- 10 ---- ---- ----
1000 ---- L3 NW ---- ---- ---- ---- 5.5.5.5 4.4.4.4
Total number of entries are 4
TB2-VTEP5#show nvo vxlan arp-cache
VXLAN ARP-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________
101 11.11.11.51 0000.2222.1010 Static Remote ----
101 11.11.11.1 3c2c.99d6.167a Static Local ----
101 11.11.11.201 0000.5555.1010 Static Local ----
Total number of entries are 3
Total number of entries are 1
TB2-VTEP5#show nvo vxlan l3vni-map
L3VNI L2VNI IRB-interface
===================================
1000 101 irb1001
TB2-VTEP5#show ip route vrf L3VRF1
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2,
ia - IS-IS inter area, E - EVPN,
v - vrf leaked
* - candidate default
IP Route Table for VRF "L3VRF1"
B 4.4.4.4/32 [0/0] is directly connected, tunvxlan2, 00:01:26
C 11.11.11.0/24 is directly connected, irb1001, 00:34:43
B 21.21.21.0/24 [200/0] via 4.4.4.4 (recursive is directly connected, tunvxlan2), 00:01:26
C 127.0.0.0/8 is directly connected, lo.L3VRF1, 00:40:36
Gateway of last resort is not set
TB2-VTEP5#show ip route summary
-----------------------------------------------
IP routing table name is Default-IP-Routing-Table(0)
-----------------------------------------------
IP routing table maximum-paths : 8
Total number of IPv4 routes : 12
Total number of IPv4 paths : 12
Pending routes (due to route max reached): 0
Route Source Networks
connected 3
ospf 9
Total 12
FIB 12
ECMP statistics (active in ASIC):
Total number of IPv4 ECMP routes : 0
Total number of IPv4 ECMP paths : 0
TB2-VTEP5#show bgp l2vpn evpn
BGP table version is 13, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
l - labeled, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
[EVPN route type]:[ESI]:[VNID]:[relevent route informantion]
1 - Ethernet Auto-discovery Route
2 - MAC/IP Route
3 - Inclusive Multicast Route
4 - Ethernet Segment Route
5 - Prefix Route
Network Next Hop Metric LocPrf Weight Path Peer Encap
RD[41000:11]
*>i [5]:[0]:[1000]:[24]:[21.21.21.0]:[0.0.0.0]:[1000]
4.4.4.4 0 100 0 ? 4.4.4.4 VXLAN
RD[1.1.1.1:1]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [4]:[00:00:00:00:00:22:22:00:00:00]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[1.1.1.1:11]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[1.1.1.1:21]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
*>i [3]:[201]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
RD[2.2.2.2:1]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [4]:[00:00:00:00:00:22:22:00:00:00]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[2.2.2.2:11]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [3]:[101]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[2.2.2.2:21]
*>i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*>i [3]:[201]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
RD[4.4.4.4:21]
*>i [2]:[0]:[201]:[48,0000:4444:1020]:[32,21.21.21.101]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [2]:[0]:[201]:[48,3c2c:99c7:077a]:[32,21.21.21.1]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [2]:[0]:[201]:[48,3c2c:99c7:077a]:[128,21:21::21:1]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
*>i [3]:[201]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
RD[5.5.5.5:11] VRF[L2VRF1]:
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[101]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[00:00:00:00:00:22:22:00:00:00]:[101]:[48,0000:2222:1010]:[32,11.11.11.51]:[101]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> [2]:[0]:[101]:[48,0000:5555:1010]:[32,11.11.11.201]:[101]
5.5.5.5 0 100 32768 i ---------- VXLAN
*> [2]:[0]:[101]:[48,3c2c:99d6:167a]:[32,11.11.11.1]:[101]
5.5.5.5 0 100 32768 i ---------- VXLAN
*> [2]:[0]:[101]:[48,3c2c:99d6:167a]:[128,11:11::11:1]:[101]
5.5.5.5 0 100 32768 i ---------- VXLAN
* i [3]:[101]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i [3]:[101]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
*> [3]:[101]:[32,5.5.5.5]
5.5.5.5 0 100 32768 i ---------- VXLAN
RD[5.5.5.5:21] VRF[L2VRF2]:
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[201]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [1]:[00:00:00:00:00:22:22:00:00:00]:[4294967295]:[0]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[00:00:00:00:00:22:22:00:00:00]:[201]:[48,0000:2222:1020]:[32,21.21.21.51]:[201]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i 2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [2]:[0]:[201]:[48,0000:4444:1020]:[32,21.21.21.101]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i [2]:[0]:[201]:[48,3c2c:99c7:077a]:[32,21.21.21.1]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i [2]:[0]:[201]:[48,3c2c:99c7:077a]:[128,21:21::21:1]:[201]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
* i [3]:[201]:[32,1.1.1.1]
1.1.1.1 0 100 0 i 1.1.1.1 VXLAN
* i [3]:[201]:[32,2.2.2.2]
2.2.2.2 0 100 0 i 2.2.2.2 VXLAN
* i [3]:[201]:[32,4.4.4.4]
4.4.4.4 0 100 0 i 4.4.4.4 VXLAN
Total number of prefixes 39
TB2-VTEP5#
VxLAN IRB ECMP
In multihoming, anycast-IP and the same subnet is configured on the multihomed devices within the same VPN on IRB interfaces connected to the multihomed CE. Both VTEP's will advertise same connected prefix route, remote VTEP need to understand this and treat the traffic destined to multihomed CE as ECMP traffic i.e Routed traffic should loadshare to both the VTEP's.
IRB ECMP Configuration
Configure from base configuration-L2 VXLAN section and perform commit after configuration, then configure below commands for ECMP approach.
VTEP1
Configure max-path ibgp 2 on VTEP1 under BGP IPv4 VRF address family.
(config)router bgp 5000 | Enter into BGP router mode |
(config-router)#address-family ipv4 vrf L3VRF1 | Enter into address-family mode for L3VRF1 |
(config-router)# max-paths ibgp 2 | Configure BGP max-path . |
(config-router-af)#redistribute connected | Redistribute connected |
(config-router-af)#exit-address-family | Exit form address-family |
(config-router-af)#commit | Commit the transaction |
VTEP1 IRB configuration
(config)#nvo vxlan irb | Enable VXLAN IRB |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#ip vrf L3VRF1 | Create MAC routing/forwarding instance with L3VRF1 name and enter into VRF mode |
(config-vrf)#rd 11000:11 | Assign RD value |
(config-vrf)# route-target both 100:100 | Assign route-target value for same for import and export. |
(config-vrf)# l3vni 1000 | Configure L3VNI as 1000 for L3VRF1 |
(config-vrf)#exit | Exit from VRF mode |
(config)# evpn irb-forwarding anycast-gateway-mac 0000.0000.1111 | Configure anycast MAC address |
(config)#commit | Commit the candidate configuration to running configuration |
(config)# interface irb1001 | Configure IRV interface 1001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 11.11.11.1/24 anycast | Configure IP address |
(config-if)ipv6 address 11:11::11:1/48 | Configure IPv6 address |
(config-if) evpn irb-if-forwarding anycast-gateway-mac | Configure anycast MAC address |
(config-if)exit | Exit from interface config mode |
(config)# interface irb 2001 | Configure IRB interface 2001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 21.21.21.1/24 anycast | Configure IP address |
(config-if)ipv6 address 21:21::21:1/48 | Configure IPv6 address |
(config-if) evpn irb-if-forwarding anycast-gateway-mac | Configure anycast MAC address |
(config-if)exit | Exit from interface config mode |
(config)#commit | Commit the candidate configuration to running configuration |
(config)router bgp 5000 | Enter into BGP router mode |
(config-router)#address-family ipv4 vrf L3VRF1 | Enter into address-family mode for L3VRF1 |
(config-router-af)#redistribute connected | Redistribute connected |
(config-router-af)#exit-address-family | Exit form address-family |
(config)# nvo vxlan id 101 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1 | Assign VRF for evpn-bgp to carry EVPN route |
(config-nvo)# evpn irb1001 | Configure IRB1001 under VXLAN ID 101 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2 | Assign VRF for evpn-bgp to carry EVPN route |
(config-nvo)# evpn irb2001 | Configure irb2001 under VXLAN ID 201 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#commit | Commit the candidate configuration to running configuration |
VTEP2
Configure max-path ibgp 2 on VTEP1 under BGP IPv4 VRF address family.
(config)router bgp 5000 | Enter into BGP router mode |
(config-router)#address-family ipv4 vrf L3VRF1 | Enter into address-family mode for L3VRF1 |
(config-router-af)# max-paths ibgp 2 | Configure BGP max-path . |
(config-router-af)#redistribute connected | Redistribute connected |
(config-router-af)#exit-address-family | Exit form address-family |
(config-router-af)#commit | Commit the transaction |
VTEP2 IRB configuration
(config)#nvo vxlan irb | Enable VXLAN irb |
(config)#commit | Commit the candidate configuration to running configuration |
(config)#ip vrf L3VRF1 | Create MAC routing/forwarding instance with L3VRF1 name and enter into VRF mode |
(config-vrf)#rd 21000:11 | Assign RD value |
(config-vrf)# route-target both 100:100 | Assign route-target value for same for import and export. |
(config-vrf)# l3vni 1000 | Configure L3VNI as 1000 for L3VRF1 |
(config-vrf)#exit | Exit from VRF mode |
(config)# evpn irb-forwarding anycast-gateway-mac 0000.0000.1111 | Configure anycast MAC address |
(config)#commit | Commit the candidate configuration to running configuration |
(config)# interface irb 1001 | Configure IRB interface 1001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 11.11.11.1/24 anycast | Configure IP address |
(config-if)ipv6 address 11:11::11:1/48 | Configure IPv6 address |
(config-if) evpn irb-if-forwarding anycast-gateway-mac | Configure anycast MAC address |
(config-if)exit | Exit from interface config mode |
(config)# interface irb 2001 | Configure IRB interface 2001 |
(config-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-if)ip address 21.21.21.1/24 anycast | Configure IP address |
(config-if)ipv6 address 21:21::21:1/48 | Configure IPv6 address |
(config-if) evpn irb-if-forwarding anycast-gateway-mac | Configure anycast MAC address |
(config-if)exit | Exit from interface config mode |
(config)#commit | Commit the candidate configuration to running configuration |
(config)router bgp 5000 | Enter into BGP router mode |
(config-router)#address-family ipv4 vrf L3VRF1 | Enter into address-family mode for L3VRF1 |
(config-router-af)#redistribute connected | Redistribute connected |
(config-router-af)#exit-address-family | Exit form address-family |
(config)# nvo vxlan id 101 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1 | Assign VRF for evpn-bgp to carry EVPN route |
(config-nvo)# evpn irb1001 | Configure irb1001 under VXLAN ID 101 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2 | Assign VRF for evpn-bgp to carry EVPN route |
(config-nvo)# evpn irb2001 | Configure irb2001 under VXLAN id 201 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#commit | Commit the candidate configuration to running configuration |
VTEP5
Unconfigure - evpn irb-forwarding anycast-gateway-mac and assign different IP address and IPv6 address to IRB interfaces on VTEP1. Resolve the ARP on Traffic generator and verify the learnt MAC is same as IRB interface MAC not the anycast MAC (0000.0000.1111). Configure BGP max-path under BGP process.
Enable VXLAN Multihhoming on VTEP5 and reboot the node to apply the Multihoming configuration to hardware.
(config)#hardware-profile filter vxlan enable | Enable hardware-profile filter for VXLAN. |
(config)#hardware-profile filter vxlan-mh enable | Enable hardware-profile filter for VXLAN multi-homing. |
(config)#hardware-profile filter egress-ipv4 enable | Enable hardware-profile filter for egress IPv4. |
(config)#commit | Commit the transaction |
(config)#evpn vxlan multihoming enable | Enable Multihoming, save configs and reboot the board for multihoming to be effective |
(config)#commit | Commit the transaction |
(config)#nvo vxlan irb | Enable VXLAN IRB |
(config)#commit | Commit the transaction |
(config)#ip vrf L3VRF1 | Create MAC routing/forwarding instance with L3VRF1 name and enter into VRF mode |
(config-vrf)#rd 51000:11 | Assign RD value |
(config-vrf)# route-target both 100:100 | Assign route-target value for same for import and export. |
(config-vrf)# l3vni 1000 | Configure L3VNI as 1000 for L3VRF1 |
(config-vrf)#commit | Commit the transaction |
(config)# no evpn irb-forwarding anycast-gateway-mac | Delete EVPN irb-forwarding anycast-gateway-MAC address |
(config)#commit | Commit the transaction |
(config)# interface irb1001 | Configure IRB interface 1001 |
(config-irb-if)ip vrf forwarding L3VRF1 | Configure L3VRF1 |
(config-irb-if)ip address 101.11.11.1/24 | Configure IP address |
(config-irb-if)ipv6 address 101:11::11:1/48 | Configure IPv6 address |
(config-irb-if)#commit | Commit the trasaction |
(config)router bgp 5000 | Enter into BGP router mode |
(config-router)#address-family ipv4 vrf L3VRF1 | Enter into address-family mode for L3VRF1 |
(config-router-af)# max-paths ibgp 2 | Configure BGP max-path . |
(config-router-af)#redistribute connected | Redistribute connected |
(config-router-af)#exit-address-family | Exit form address-family |
(config-router-af)#commit | Commit the trasaction |
(config)# nvo vxlan id 101 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1 | Assign VRF for evpn-bgp to carry EVPN route |
(config-nvo)# evpn irb1001 | Configure irb1001 under VXLAN ID 101 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config-nvo)#commit | Commit the trasaction |
Validations
On VTEP5, verify that in the VRF routing table , ECMP path for the IRB address (11.11.11.1) is via VTEP1 - 1.1.1.1 and VTEP2 -2.2.2.2 . Send the Traffic from VTEP5 Single homed to Multihomed. Traffic should be forwarded via VTEP1 and VTEP2 and is load shared between the Multihome VTEPs.
VTEP5
TB2-VTEP5#show nvo vxlan tunnel
VXLAN Network tunnel Entries
Source Destination Status Up/Down Update
============================================================================
5.5.5.5 2.2.2.2 Installed 00:34:13 00:34:13
5.5.5.5 4.4.4.4 Installed 00:01:26 00:01:26
5.5.5.5 1.1.1.1 Installed 00:34:13 00:34:13
Total number of entries are 3
TB2-VTEP5#show nvo vxlan
VXLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
VNID VNI-Name VNI-Type Type Interface ESI VLAN DF-Status Src-Addr Dst-Addr
_______________________________________________________________________________________________________________________________
101 VNI-101 L2 NW ---- ---- ---- ---- 5.5.5.5 2.2.2.2
101 VNI-101 L2 NW ---- ---- ---- ---- 5.5.5.5 1.1.1.1
101 VNI-101 -- AC xe48 --- Single Homed Port --- 10 ---- ---- ----
1000 ---- L3 NW ---- ---- ---- ---- 5.5.5.5 4.4.4.4
Total number of entries are 4
TB2-VTEP5#show nvo vxlan arp-cache
VXLAN ARP-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________
101 11.11.11.1 0000.0000.1111 Static Remote ----
101 101.11.11.1 3c2c.99d6.168a Static Local ----
101 11.11.11.201 0000.5555.1010 Static Local ----
Total number of entries are 3
Total number of entries are 1
TB2-VTEP5#show nvo vxlan l3vni-map
L3VNI L2VNI IRB-interface
===================================
1000 101 irb1001
TB2-VTEP5#show ip route vrf L3VRF1
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2,
ia - IS-IS inter area, E - EVPN,
v - vrf leaked
* - candidate default
IP Route Table for VRF "L3VRF1"
C 101.11.11.0/24 is directly connected, irb1001, 00:34:43
B 11.11.11.0/24 [200/0] via 1.1.1.1 (recursive is directly connected, tunvxlan1001), 00:01:26
[200/0] via 2.2.2.2 (recursive is directly connected, tunvxlan1001), 00:01:26
C 127.0.0.0/8 is directly connected, lo.L3VRF1, 00:40:36
Gateway of last resort is not set
Send 10000 pps from VTEP5 (Traffic generator- SH5) and verify the counters on VTEP5, VTEP1, VTEP2 and Switch
TB2-VTEP5#show interface counter rate mbps
+-------------------+--------------+-------------+--------------+-------------+
| Interface | Rx mbps | Rx pps | Tx mbps | Tx pps |
+-------------------+--------------+-------------+--------------+-------------+
xe48 100 10000 0.01 8
xe40 0.00 0 106.76 10000
On VTEP1 and VTEP2, verify that traffic is load-balanced on ECMP path from VTEP5.
VTEP1
TB2-VTEP1#show interface counter rate mbps
+-------------------+--------------+-------------+--------------+-------------+
| Interface | Rx mbps | Rx pps | Tx mbps | Tx pps |
+-------------------+--------------+-------------+--------------+-------------+
po2 62.75 5000 0.01 8
po1 0.00 0 62.98 5000
xe25 31.98 2500 0 0
xe26 30.95 2501 0 0
xe2 0.00 0 31.53 2500
xe3 0.00 0 30.53 2500
VTEP2
TB2-VTEP2#show interface counter rate mbps
+-------------------+--------------+-------------+--------------+-------------+
| Interface | Rx mbps | Rx pps | Tx mbps | Tx pps |
+-------------------+--------------+-------------+--------------+-------------+
po3 62.75 5000 0.01 8
po1 0.00 0 62.98 5000
xe27 31.98 2500 0 0
xe28 30.95 2501 0 0
xe8 0.00 0 31.53 2500
xe9 0.00 0 30.53 2500
Verify the Traffic on Multihomed Switch :
SW1(Multihomed)
TB2-SW1#show interface counter rate mbps
+-------------------+--------------+-------------+--------------+-------------+
| Interface | Rx mbps | Rx pps | Tx mbps | Tx pps |
+-------------------+--------------+-------------+--------------+-------------+
po1 100 10000 0.01 8
xe7 0.00 0 100 10000
xe8 25.01 2501 0 0
xe9 24.99 2499 0 0
xe2 24.98 2499 0 0
xe3 25.02 2501 0 0