Topology
The procedures in this section use the topology in Figure 13-14.
Figure 13-14: DHCP Relay over IRB
ROUTER-1
#configure terminal | Enter Configure mode. |
(config)#interface lo | Enter Interface mode for loopback. |
(config-if)#ip address 1.1.1.1/32 secondary | Assign secondary IP address. |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#hardware-profile filter vxlan enable | Enable hardware-profile filter for VXLAN. |
(config)#nvo vxlan enable | Enable VXLAN |
(config)#nvo vxlan irb | Enable VXLAN IRB |
(config)#ip vrf vrf1 | Create routing/forwarding instance with VRF1 name and enter into VRF mode |
(config-vrf)#rd 200:1 | Assign RD value |
(config-vrf)#route-target both 200:1 | Assign route target value |
(config-vrf)#ip dhcp relay address 40.40.40.1 | The relay address configured should be server interface address connected to DUT machine |
(config-vrf)#ip dhcp relay uplink evpn | Configure the uplink interface as L3 VNI interface for specific VRF |
(config-vrf)#l3vni 45001 | Configure L3VNI as 45001 for VRF1 |
(config-vrf)#exit | Exit IP VRF mode |
(config)#mac vrf vrfred | Create MAC VRF instance with vrfred name and enter into VRF mode |
(config-vrf)#rd 1.1.1.1:1 | Assign RD value |
(config-vrf)#route-target both 1.1.1.1:1 | Assign route target value |
(config-vrf)#exit | Exit MAC VRF mode |
(config)#interface irb 1 | Configure IRB interface |
(config-irb-if)#ip vrf forwarding vrf1 | Configure IP VRF forwarding |
(config-irb-if)#ip address 11.1.1.1/24 | Assign IP address on IRB interface. |
(config-irb-if)#ip dhcp relay | Relay should be configured on the interface connecting to the relay |
(config-irb-if)#exit | Exit IRB interface mode |
(config)#interface irb 2 | Configure irb interface |
(config-irb-if)#ip vrf forwarding vrf1 | Configure IP VRF forwarding |
(config-irb-if)#ip address 70.70.70.1/24 | Assign IP address on IRB interface. |
(config-irb-if)#exit | Exit IRB interface mode |
(config)#interface ce49 | Enter Interface mode for ce49. |
(config-if)#ip address 10.1.1.0/31 | Assign IP address on ce49 interface. |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe5 | Enter Interface mode for xe5. |
(config-if)#switchport | Configure interface as L2 interface |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#router ospf | Enter the Router OSPF mode |
(config-router)#network 1.1.1.1/32 area 0.0.0.0 | Advertise loopback address in OSPF |
(config-router)#network 10.1.1.0/31 area 0.0.0.0 | Advertise network address in OSPF |
(config-router)#exit | Exit from Router OSPF mode and enter into config mode |
(config)#router bgp 1 | Enter into BGP router mode |
(config-router)#neighbor 2.2.2.2 remote-as 1 | Specify a VTEP2 loopback IP address and remote-as defined |
(config-router)#neighbor 2.2.2.2 update-source 1.1.1.1 | Configure update as loopback for VTEP2 |
(config-router)#address-family l2vpn evpn | Enter into L2VPN EVPN address family mode |
(config-router-af)#neighbor 2.2.2.2 activate | Activate neighbor in L2VPN mode |
(config-router-af)#exit-address-family | Exit from Address family mode |
(config-router)#address-family ipv4 vrf vrf1 | Enter into address-family mode for VRF1 |
(config-router-af)#redistribute connected | Configure Redistribute connected |
(config-router-af)#exit-address-family | Exit from Address family mode |
(config-router)#exit | Exit from router BGP mode and enter into config mode |
(config)#nvo vxlan vtep-ip-global 1.1.1.1 | Configure Source VTEP-IP-global configuration. Use loopback IP address |
(config)#nvo vxlan id 10 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid-disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp vrfred | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)#evpn irb1 | Configure IRB1 under VXLAN ID 10 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan id 30 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid-disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp vrfred | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)#evpn irb2 | Configure IRB2 under VXLAN ID 30 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan access-if port-vlan xe5 2 | Enable port-VLAN mapping i.e. access port to outer-VLAN (SVLAN) - Multihomed access port |
(config-nvo-acc-if)#map vnid 10 | Map VXLAN Identified to access-port for VXLAN |
(config-nvo-acc-if)#exit | Exit from VXLAN access-interface mode and enter into configuration mode |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#exit | Exit from configuration mode |
ROUTER-2
#configure terminal | Enter Configure mode. |
(config)#interface ce0 | Enter Interface mode for ce0. |
(config-if)#ip address 10.1.1.1/31 | Assign IP address on ce0 interface. |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe13 | Enter Interface mode for xe13. |
(config-if)#ip address 30.1.1.1/31 | Assign IP address on xe13 interface. |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#router ospf | Enter the Router OSPF mode |
(config-router)#network 10.1.1.0/24 area 0.0.0.0 | Advertise network address in OSPF |
(config-router)#network 30.30.30.0/24 area 0.0.0.0 | Advertise network address in OSPF |
(config-router)#exit | Exit from Router OSPF mode and enter into config mode |
(config)#commit | commit the candidate configuration to the running configuration |
(config)#exit | Exit from configuration mode |
ROUTER-3
#configure terminal | Enter Configure mode. |
(config)#interface lo | Enter Interface mode for loopback. |
(config-if)#ip address 2.2.2.2/32 secondary | Assign secondary IP address. |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#hardware-profile filter vxlan enable | Enable hardware-profile filter for VXLAN. |
(config)#nvo vxlan enable | Enable VXLAN |
(config)#nvo vxlan irb | Enable VXLAN IRB |
(config)#ip vrf vrf1 | Create routing/forwarding instance with VRF1 name and enter into VRF mode |
(config-vrf)#rd 300:1 | Assign RD value |
(config-vrf)#route-target both 200:1 | Assign route target value |
(config-vrf)#ip dhcp relay uplink evpn | Configure the uplink interface as L3 VNI interface for specific VRF |
(config-vrf)#l3vni 45001 | Configure L3VNI as 45001 for VRF1 |
(config-vrf)#exit | Exit IP VRF mode |
(config)#mac vrf vrfred | Create MAC VRF instance with vrfred name and enter into VRF mode |
(config-vrf)#rd 2.2.2.1:1 | Assign RD value |
(config-vrf)#route-target both 1.1.1.1:1 | Assign route target value |
(config-vrf)#exit | Exit MAC VRF mode |
(config)#interface irb 2 | Configure IRB interface |
(config-irb-if)#ip vrf forwarding vrf1 | Configure IP VRF forwarding |
(config-irb-if)#ip address 40.40.40.2/24 | Assign IP address on IRB interface. |
(config-irb-if)#exit | Exit IRB interface mode |
(config)#interface xe13 | Enter Interface mode for xe13. |
(config-if)#ip address 30.1.1.0/31 | Assign IP address on xe13 interface. |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe19 | Enter Interface mode for xe19. |
(config-if)#switchport | Configure interface as L2 interface |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#router ospf | Enter the Router OSPF mode |
(config-router)#network 2.2.2.2/32 area 0.0.0.0 | Advertise loopback address in OSPF |
(config-router)#network 30.1.1.0/24 area 0.0.0.0 | Advertise network address in OSPF |
(config-router)#network 40.1.1.0/24 area 0.0.0.0 | Advertise network address in OSPF |
(config-router)#exit | Exit from Router OSPF mode and enter into config mode |
(config)#router bgp 1 | Enter into BGP router mode |
(config-router)#neighbor 1.1.1.1 remote-as 1 | Specify a VTEP1 loopback IP address and remote-as defined |
(config-router)#neighbor 1.1.1.1 update-source 2.2.2.2 | Configure update as loopback for VTEP1 |
(config-router)#address-family l2vpn evpn | Enter into L2VPN EVPN address family mode |
(config-router-af)#neighbor 1.1.1.1 activate | Activate neighbor in L2VPN mode |
(config-router-af)#exit-address-family | Exit from Address family mode |
(config-router)#address-family ipv4 vrf vrf1 | Enter into address-family mode for VRF1 |
(config-router-af)#redistribute connected | Configure Redistribute connected |
(config-router-af)#exit-address-family | Exit from Address family mode |
(config-router)#exit | Exit from router BGP mode and enter into config mode |
(config)#nvo vxlan vtep-ip-global 2.2.2.2 | Configure Source VTEP-IP-global configuration. Use loopback IP address |
(config)#nvo vxlan id 10 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid-disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp vrfred | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan id 20 ingress-replication inner-vid-disabled | Configure VXLAN Network identifier with/without inner-vid-disabled configure and enter into VXLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp vrfred | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)#evpn irb2 | Configure IRB2 under VXLAN ID 20 |
(config-nvo)#exit | Exit from VXLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan access-if port xe19 | Enable port mapping i.e. access port |
(config-nvo-acc-if)#map vnid 20 | Map VXLAN Identified to access-port for VXLAN |
(config-nvo-acc-if)#exit | Exit from VXLAN access-interface mode and enter into configuration mode |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#exit | Exit from configuration mode |
Validation
ROUTER-1
VTEP1#show running-config nvo vxlan
!
nvo vxlan enable
!
nvo vxlan irb
!
nvo vxlan vtep-ip-global 1.1.1.1
!
nvo vxlan id 10 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp vrfred
evpn irb1
!
nvo vxlan id 30 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp vrfred
evpn irb2
!
nvo vxlan access-if port xe2
map vnid 10
!
nvo vxlan access-if port-vlan xe5 2
map vnid 10
!
VTEP1#show ip dhcp relay
DHCP relay service is Enabled.
VRF Name: vrf1
Option 82: Disabled
DHCP Servers configured: 40.40.40.1
Interface Uplink/Downlink
--------- -------------
irb1 Downlink
evpn uplink
Incoming DHCPv4 packets which already contain relay agent option are FORWARDED unchanged.
VTEP1#show nvo vxlan mac-table
==========================================================================================================================================
VXLAN MAC Entries
==========================================================================================================================================
VNID Interface VlanId Vlan-RangeId Inner-VlanId Mac-Addr VTEP-Ip/ESI Type Status AccessPortDesc
__________________________________________________________________________________________________________________________________________
10 xe5 2 ---- ---- 0000.2837.ddf5 1.1.1.1 Dynamic Local ------- -------
10 irb1 b86a.97f9.85be 1.1.1.1 Static Local ------- -------
30 irb2 b86a.97f9.85be 1.1.1.1 Static Local ------- -------
Total number of entries are : 3
VTEP1#show nvo vxlan arp-cache
VXLAN ARP-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________
30 70.70.70.1 b86a.97f9.85be Static Local ----
10 11.1.1.1 b86a.97f9.85be Static Local ----
10 11.1.1.30 0000.2837.ddf5 Dynamic Local ----
Total number of entries are 3
VTEP1#show nvo vxlan tunnel
VXLAN Network tunnel Entries
Source Destination Status Up/Down Update
============================================================================
1.1.1.1 2.2.2.2 Installed 01:51:11 01:51:11
Total number of entries are 1
ROUTER-2
VTEP2#show running-config nvo vxlan
!
nvo vxlan enable
!
nvo vxlan irb
!
nvo vxlan vtep-ip-global 2.2.2.2
!
nvo vxlan id 10 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp vrfred
!
nvo vxlan id 20 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp vrfred
evpn irb2
!
nvo vxlan access-if port xe19
map vnid 20
!
!
VTEP2#show nvo vxlan arp-cache
VXLAN ARP-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________
20 40.40.40.2 b86a.9761.ea3d Static Local ----
20 40.40.40.1 0002.a54f.1577 Dynamic Local ----
20 40.40.40.101 0000.2837.ddf3 Dynamic Local ----
10 11.1.1.1 b86a.97f9.85be Static Remote ----
10 11.1.1.30 0000.2837.ddf6 Dynamic Remote ----
Total number of entries are 5
VTEP2#show running-config dhcp
interface eth0
ip address dhcp
!
!
ip vrf vrf1
ip dhcp relay uplink evpn
Last modified date: 08/29/2023