Base Configuration

OcNOS-SP : Virtual Extensible LAN Guide : Virtual Extensible LAN Configuration Guide : VXLAN-EVPN with IRB QoS : Base Configuration - L2 VXLAN

Base Configuration - L2 VXLAN

VTEP1

(Multi-homed group1) - Part of both Multi-homed with po1(MH2).

Hardware profile and generic configuration:

#configure terminal	Enter Configure mode.
(config)#hardware-profile filter vxlan enable	Enable hardware-profile filter for VXLAN.
(config)#hardware-profile filter vxlan-mh enable	Enable hardware-profile filter for VXLAN multi-homing.
(config)#hardware-profile filter egress-ipv4 enable	Enable hardware-profile filter for egress IPv4.
(config)#evpn vxlan multihoming enable	Enable Multihoming, save configs and reboot the board for multihoming to be effective
(config)#hardware-profile statistics ac-lif enable	Enable ac-lif for vxlan access-if port counters
(config)#qos enable	Enabling qos

Interface and loopback configuration:

(config)#interface po1	Enter Interface mode for po1 (MH2)
(config-if)#switchport	Make it L2 interface
(config-if)# evpn multi-homed system-mac 0000.0000.2222	Configure system mac as ESI value for Lag (po1) interface. VTEP1 and VTEP2 should have same ESI value
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe3	Enter Interface mode for xe3
(config-if)#channel-group 1 mode active	Make it member port of po1
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface lo	Enter Interface mode for lo
(config-if)#ip address 1.1.1.1/32 secondary	Configure loopback ip address as 1.1.1.1 for VTEP1
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface ce52	Enter Interface mode for network side port
(config-if)#ip address 100.11.11.1/24	Configure ip address as 100.11.11.1 on network side of Spine-P3
(config-if)#exit	Exit Interface mode and return to Configure mode.

OSPF configuration:

(config)#router ospf 100	Enter into router OSPF mode
(config-router)#ospf router-id 1.1.1.1	Configure router-id as 1.1.1.1 (lo ip address)
(config-router)#network 1.1.1.1/32 area 0.0.0.0	Add 1.1.1.1 (lo ip address) network into area 0
(config-router)#network 100.11.11.0/24 area 0.0.0.0	Add 100.11.11.0(Spine-P3) network into area 0
(config-router)#bfd all-interfaces	Enabling bfd on all ospf interface for fast convergence
(config-if)#exit	Exit Interface mode and return to Configure mode.

BGP configuration:

(config)#router bgp 5000	Enter into Router BGP mode
(config-router)#bgp router-id 1.1.1.1	Configure router-id as 1.1.1.1 (lo ip address)
(config-router)#neighbor 2.2.2.2 remote-as 5000	Specify a VTEP2 loopback ip address and remote-as defined
(config-router)#neighbor 2.2.2.2 update-source lo	Configure update as loopback for VTEP2
(config-router)#neighbor 2.2.2.2 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP2
(config-router)#neighbor 4.4.4.4 remote-as 5000	Specify a VTEP4 loopback ip address and remote-as defined
(config-router)#neighbor 4.4.4.4 update-source lo	Configure update as loopback for VTEP4
(config-router)#neighbor 4.4.4.4 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP4
(config-router)#neighbor 5.5.5.5 remote-as 5000	Specify a VTEP5 loopback ip address and remote-as defined
(config-router)#neighbor 5.5.5.5 update-source lo	Configure update as loopback for VTEP5
(config-router)#neighbor 5.5.5.5 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP5
(config-router)#address-family l2vpn evpn	Enter into l2vpn EVPN address family mode
(config-router-af)#neighbor 2.2.2.2 activate	Activate 2.2.2.2(VTEP2) into l2vpn evpn address family mode
(config-router-af)#neighbor 4.4.4.4 activate	Activate 3.3.3.3(VTEP4) into l2vpn evpn address family mode
(config-router-af)#neighbor 5.5.5.5 activate	Activate 5.5.5.5(VTEP5) into l2vpn evpn address family mode
(config-router-af)#exit-address-family	Exit from l2vpn address family mode
(config-router)#exit	Exit from Router BGP mode and enter into config mode

L2 MAC VRF Configuration:

(config)#mac vrf L2VRF1	Create mac routing/forwarding instance with L2VRF1 name and enter into vrf mode
(config-vrf)#rd 1.1.1.1:11	Assign RD value
(config-vrf)#description MAC VRF RED	Give description to L2VRF1 as RED
(config-vrf)#route-target both 9.9.9.9:100	Assign route-target value for same for import and export. Should be same on all node for L2VRF1
(config-vrf)#exit	Exit from vrf mode
(config)#mac vrf L2VRF2	Create mac routing/forwarding instance with L2VRF2 name and enter into vrf mode
(config-vrf)#rd 1.1.1.1:21	Assign RD value
(config-vrf)#route-target both 90.90.90.90:100	Assign route-target value for same for import and export
(config-vrf)#description MAC VRF BLUE	Give description to L2VRF2 as BLUE
(config-vrf)#exit	Exit from vrf mode

L2 VXLAN configuration:

(config)#nvo vxlan enable	Enable VXLAN
(config)#evpn esi hold-time 90	Configure ESI hold time to allow tunnel to come up at the time of vxlan initialization before making the ESI up. It should be same on both VTEP1 and VTEP2
(config)#nvo vxlan vtep-ip-global 1.1.1.1	Configure Source vtep-ip-global configuration - Use loopback ip address
(config)#nvo vxlan id 101 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1	Assign vrf for evpn-bgp to carry EVPN route
(config-nvo)# vni-name VNI-101	Configure VNI name as VNI-101
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2	Assign vrf for evpn-bgp to carry EVPN route
(config-nvo)# vni-name VNI-201	Configure VNI name as VNI-201
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)#nvo vxlan access-if port-vlan po1 10	Enable port-vlan mapping i.e. access port to outer-vlan (SVLAN) - Multihomed access port
(config-nvo-acc-if)#map vnid 101	Map VXLAN Identified to access-port for VXLAN
(config-nvo-acc-if)# mac 0000.2222.1010 ip 11.11.11.51	Configure static mac-ip
(config-nvo-acc-if)#exit	Exit from VXLAN access-interface mode and enter into configuration mode
(config)#nvo vxlan access-if port-vlan po1 20	Enable port-vlan mapping i.e. access port to outer-vlan (SVLAN) - Multihomed access port
(config-nvo-acc-if)#map vnid 201	Map VXLAN Identified to access-port for VXLAN
(config-nvo-acc-if)# mac 0000.2222.1020 ip 21.21.21.51	Configure static mac-ip
(config-nvo-acc-if)#commit	Commit the candidate configuration to the running configuration
(config-nvo-acc-if)#exit	Exit from VXLAN access-interface mode and enter into configuration mode
(config)#exit	Exit from configuration mode

VTEP2

(Multi-homed group1) - Part of both Multi-homed with po1(MH1).

Hardware profile and generic configuration:

#configure terminal	Enter Configure mode.
(config)#hardware-profile filter vxlan enable	Enable hardware-profile filter for VXLAN.
(config)#hardware-profile filter vxlan-mh enable	Enable hardware-profile filter for VXLAN multi-homing.
(config)#hardware-profile filter egress-ipv4 enable	Enable hardware-profile filter for egress IPv4.
(config)#evpn vxlan multihoming enable	Enable Multihoming, save configs and reboot the board for multihoming to be effective
(config)#hardware-profile statistics ac-lif enable	Enable ac-lif for vxlan access-if port counters
(config)#qos enable	Enabling qos

Interface and loopback configuration:

(config)#interface po1	Enter Interface mode for po1 (MH2)
(config-if)#switchport	Make it L2 interface
(config-if)# evpn multi-homed system-mac 0000.0000.2222	Configure system mac as ESI value for Lag (po1) interface. VTEP1 and VTEP2 should have same ESI value
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe2	Enter Interface mode for xe2
(config-if)#channel-group 1 mode active	Make it member port of po1
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface lo	Enter Interface mode for lo
(config-if)#ip address 2.2.2.2/32 secondary	Configure loopback ip address as 2.2.2.2 for VTEP2
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config) interface xe29	Enter into network side interface
(config-if)#ip address 100.12.12.1/24	Configure ip address as 100.12.12.1 on network side of Spine-P3
(config-if)#exit	Exit Interface mode and return to Configure mode.

OSPF configuration:

(config)#router ospf 100	Enter into router OSPF mode
(config-router)#ospf router-id 2.2.2.2	Configure router-id as 2.2.2.2 (lo ip address)
(config-router)#network 2.2.2.2/32 area 0.0.0.0	Add 2.2.2.2 (lo ip address) network into area 0
(config-router)#network 100.12.12.0/24 area 0.0.0.0	Add 100.12.12.0(Spine-P3) network into area 0
(config-router)#bfd all-interfaces	Enabling bfd on all ospf interface for fast convergence
(config-if)#exit	Exit Interface mode and return to Configure mode.

BGP configuration:

(config)#router bgp 5000	Enter into Router BGP mode
(config-router)#bgp router-id 2.2.2.2	Configure router-id as 2.2.2.2 (lo ip address)
(config-router)#neighbor 1.1.1.1 remote-as 5000	Specify a VTEP1 loopback ip address and remote-as defined
(config-router)#neighbor 1.1.1.1 update-source lo	Configure update as loopback for VTEP1
(config-router)#neighbor 1.1.1.1 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP1
(config-router)#neighbor 4.4.4.4 remote-as 5000	Specify a VTEP4 loopback ip address and remote-as defined
(config-router)#neighbor 4.4.4.4 update-source lo	Configure update as loopback for VTEP4
(config-router)#neighbor 4.4.4.4 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP4
(config-router)#neighbor 5.5.5.5 remote-as 5000	Specify a VTEP5 loopback ip address and remote-as defined
(config-router)#neighbor 5.5.5.5 update-source lo	Configure update as loopback for VTEP5
(config-router)#neighbor 5.5.5.5 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP5
(config-router)#address-family l2vpn evpn	Enter into l2vpn EVPN address family mode
(config-router-af)#neighbor 1.1.1.1 activate	Activate 1.1.1.1(VTEP1) into l2vpn evpn address family mode
(config-router-af)#neighbor 4.4.4.4 activate	Activate 4.4.4.4(VTEP4) into l2vpn evpn address family mode
(config-router-af)#neighbor 5.5.5.5 activate	Activate 5.5.5.5(VTEP5) into l2vpn evpn address family mode
(config-router-af)#exit-address-family	Exit from l2vpn address family mode
(config-router)#exit	Exit from Router BGP mode and enter into config mode

VRF Configuration:

(config)#mac vrf L2VRF1	Create mac routing/forwarding instance with L2VRF1 name and enter into vrf mode
(config-vrf)#rd 2.2.2.2:11	Assign RD value
(config-vrf)#description MAC VRF RED	Give description to L2VRF1 as RED
(config-vrf)#route-target both 9.9.9.9:100	Assign route-target value for same for import and export. Should be same on all node for L2VRF1
(config-vrf)#exit	Exit from vrf mode
(config)#mac vrf L2VRF2	Create mac routing/forwarding instance with L2VRF2 name and enter into vrf mode
(config-vrf)#rd 2.2.2.2:21	Assign RD value
(config-vrf)#route-target both 90.90.90.90:100	Assign route-target value for same for import and export
(config-vrf)#description MAC VRF BLUE	Give description to L2VRF2 as BLUE
(config-vrf)#exit	Exit from vrf mode

VXLAN configuration:

(config)#nvo vxlan enable	Enable VXLAN
(config)#evpn esi hold-time 90	Configure ESI hold time to allow tunnel to come up at the time of vxlan initialization before making the ESI up.It should be same on both VTEP1 and VTEP2
(config)#nvo vxlan vtep-ip-global 2.2.2.2	Configure Source vtep-ip-global configuration - Use loopback ip address
(config)#nvo vxlan id 101 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1	Assign vrf for evpn-bgp to carry EVPN route
(config-nvo)# vni-name VNI-101	Configure VNI name as VNI-101
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2	Assign vrf for evpn-bgp to carry EVPN route
(config-nvo)# vni-name VNI-201	Configure VNI name as VNI-201
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)#nvo vxlan access-if port-vlan po1 10	Enable port-vlan mapping i.e. access port to outer-vlan (SVLAN) - Multihomed access port
(config-nvo-acc-if)#map vnid 101	Map VXLAN Identified to access-port for VXLAN
(config-nvo-acc-if)# mac 0000.2222.1010 ip 11.11.11.51	Configure static mac-ip
(config-nvo-acc-if)#exit	Exit from VXLAN access-interface mode and enter into configuration mode
(config)#nvo vxlan access-if port-vlan po1 20	Enable port-vlan mapping i.e. access port to outer-vlan (SVLAN) - Multihomed access port
(config-nvo-acc-if)#map vnid 201	Map VXLAN Identified to access-port for VXLAN
(config-nvo-acc-if)# mac 0000.2222.1020 ip 21.21.21.51	Configure static mac-ip
(config-nvo-acc-if)#commit	Commit the candidate configuration to the running configuration
(config-nvo-acc-if)#exit	Exit from VXLAN access-interface mode and enter into configuration mode
(config)#exit	Exit from configuration mode

VTEP4

Single Home -SH5.

Hardware profile and generic configuration:

#configure terminal	Enter Configure mode.
(config)#hardware-profile filter vxlan enable	Enable hardware-profile filter for VXLAN.
(config)#hardware-profile filter vxlan-mh enable	Enable hardware profile mh in SH VTEP also
(config)#hardware-profile filter egress-ipv4 enable	Enable hardware-profile filter for egress IPv4.
(config)#hardware-profile statistics ac-lif enable	Enable ac-lif for vxlan access-if port counters
(config)#evpn vxlan multihoming enable	Enable Multihoming, save configs and reboot the board for multihoming to be effective
(config)#qos enable	Enabling qos

Interface and loopback configuration:

(config)#interface xe3	Enter Interface mode for xe3
(config-if)#switchport	Make it L2 interface
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface lo	Enter Interface mode for lo
(config-if)#ip address 4.4.4.4/32 secondary	Configure loopback ip address as 4.4.4.4 for VTEP4
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config) interface ce49	Enter interface towards network side
(config-if)#ip address 100.14.14.1/24	Configure ip address as 100.14.14.1 on network side of Spine-P3
(config-if)#exit	Exit Interface mode and return to Configure mode.

OSPF configuration:

(config)#router ospf 100	Enter into router OSPF mode
(config-router)#ospf router-id 4.4.4.4	Configure router-id as 4.4.4.4 (lo ip address)
(config-router)#network 4.4.4.4/32 area 0.0.0.0	Add 4.4.4.4 (lo ip address) network into area 0
(config-router)#network 100.14.14.0/24 area 0.0.0.0	Add 100.14.14.0(Spine-P3) network into area 0
(config-router)#bfd all-interfaces	Enabling bfd on all ospf interface for fast convergence
(config-if)#exit	Exit Interface mode and return to Configure mode.

BGP configuration:

(config)#router bgp 5000	Enter into Router BGP mode
(config-router)#bgp router-id 4.4.4.4	Configure router-id as 4.4.4.4 (lo ip address)
(config-router)#neighbor 1.1.1.1 remote-as 5000	Specify a VTEP1 loopback ip address and remote-as defined
(config-router)#neighbor 1.1.1.1 update-source lo	Configure update as loopback for VTEP1
(config-router)#neighbor 1.1.1.1 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP1
(config-router)#neighbor 2.2.2.2 remote-as 5000	Specify a VTEP2 loopback ip address and remote-as defined
(config-router)#neighbor 2.2.2.2 update-source lo	Configure update as loopback for VTEP2
(config-router)#neighbor 2.2.2.2 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP2
(config-router)#neighbor 5.5.5.5 remote-as 5000	Specify a VTEP5 loopback ip address and remote-as defined
(config-router)#neighbor 5.5.5.5 update-source lo	Configure update as loopback for VTEP5
(config-router)#neighbor 5.5.5.5 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP5
(config-router)#address-family l2vpn evpn	Enter into l2vpn EVPN address family mode
(config-router-af)#neighbor 1.1.1.1 activate	Activate 1.1.1.1(VTEP1) into l2vpn evpn address family mode
(config-router-af)#neighbor 2.2.2.2 activate	Activate 2.2.2.2(VTEP2) into l2vpn evpn address family mode
(config-router-af)#neighbor 5.5.5.5 activate	Activate 5.5.5.5(VTEP5) into l2vpn evpn address family mode
(config-router-af)#exit-address-family	Exit from l2vpn address family mode
(config-router)#exit	Exit from Router BGP mode and enter into config mode

VRF Configuration:

(config)#mac vrf L2VRF1	Create mac routing/forwarding instance with L2VRF1 name and enter into vrf mode
(config-vrf)#rd 4.4.4.4:11	Assign RD value
(config-vrf)#description MAC VRF RED	Give description to L2VRF1 as RED
(config-vrf)#route-target both 9.9.9.9:100	Assign route-target value for same for import and export. Should be same on all node for L2VRF1
(config-vrf)#exit	Exit from vrf mode
(config)#mac vrf L2VRF2	Create mac routing/forwarding instance with L2VRF2 name and enter into vrf mode
(config-vrf)#rd 4.4.4.4:21	Assign RD value
(config-vrf)#route-target both 90.90.90.90:100	Assign route-target value for same for import and export
(config-vrf)#description MAC VRF BLUE	Give description to L2VRF2 as BLUE
(config-vrf)#exit	Exit from vrf mode

VXLAN configuration:

(config)#nvo vxlan enable	Enable VXLAN
(config)#nvo vxlan vtep-ip-global 4.4.4.4	Configure Source vtep-ip-global configuration. Use loopback ip address
(config)#nvo vxlan id 101 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1	Assign vrf for evpn-bgp to carry EVPN route
(config-nvo)# vni-name VNI-101	Configure VNI name as VNI-101
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2	Assign vrf for evpn-bgp to carry EVPN route
(config-nvo)# vni-name VNI-201	Configure VNI name as VNI-201
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)# nvo vxlan access-if port-vlan xe3 20	Enable port-vlan mapping i.e. access port to outer-vlan (SVLAN)
(config-nvo-acc-if)#map vnid 201	Map VXLAN Identified to access-port for VXLAN
(config-nvo-acc-if)# mac 0000.5555.1020 ip 21.21.21.101	Configure static mac-ip
(config-nvo-acc-if)#commit	Commit the candidate configuration to the running configuration
(config-nvo-acc-if)#exit	Exit from VXLAN access-interface mode and enter into configuration mode
(config)#exit	Exit from configuration mode

VTEP5

Single Home -SH3

Hardware profile and generic configuration:

#configure terminal	Enter Configure mode.
(config)#hardware-profile filter vxlan enable	Enable hardware-profile filter for VXLAN.
(config)#hardware-profile filter vxlan-mh enable	Enable hardware profile mh in SH VTEP also
(config)#hardware-profile filter egress-ipv4 enable	Enable hardware-profile filter for egress IPv4.
(config)#hardware-profile statistics ac-lif enable	Enable ac-lif for vxlan access-if port counters
(config)#evpn vxlan multihoming enable	Enable Multihoming, save configs and reboot the board for multihoming to be effective
(config)#qos enable	Enabling qos

Interface and loopback configuration:

(config)#interface xe1	Enter Interface mode for xe1 (SH5)
(config-if)#switchport	Make it L2 interface
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface lo	Enter Interface mode for lo
(config-if)#ip address 5.5.5.5/32 secondary	Configure loopback ip address as 5.5.5.5 for VTEP5
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config) interface ce53	Enter interface mode
(config-if)#ip address 100.15.15.1/24	Configure ip address as 100.15.15.1 on network side of Spine-P3
(config-if)#exit	Exit Interface mode and return to Configure mode.

OSPF configuration:

(config)#router ospf 100	Enter into router OSPF mode
(config-router)#ospf router-id 5.5.5.5	Configure router-id as 5.5.5.5 (lo ip address)
(config-router)#network 5.5.5.5/32 area 0.0.0.0	Add 5.5.5.5 (lo ip address) network into area 0
(config-router)#network 100.15.15.0/24 area 0.0.0.0	Add 100.15.15.0(Spine-P3) network into area 0
(config-router)#bfd all-interfaces	Enabling bfd on all ospf interface for fast convergence
(config-if)#exit	Exit Interface mode and return to Configure mode.

BGP configuration:

(config)#router bgp 5000	Enter into Router BGP mode
(config-router)#bgp router-id 5.5.5.5	Configure router-id as 5.5.5.5(lo ip address)
(config-router)#neighbor 1.1.1.1 remote-as 5000	Specify a VTEP1 loopback ip address and remote-as defined
(config-router)#neighbor 1.1.1.1 update-source lo	Configure update as loopback for VTEP1
(config-router)#neighbor 1.1.1.1 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP1
(config-router)#neighbor 2.2.2.2 remote-as 5000	Specify a VTEP2 loopback ip address and remote-as defined
(config-router)#neighbor 2.2.2.2 update-source lo	Configure update as loopback for VTEP2
(config-router)#neighbor 2.2.2.2 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP2
(config-router)#neighbor 4.4.4.4 remote-as 5000	Specify a VTEP4 loopback ip address and remote-as defined
(config-router)#neighbor 4.4.4.4 update-source lo	Configure update as loopback for VTEP4
(config-router)#neighbor 4.4.4.4 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP4
(config-router)#address-family l2vpn evpn	Enter into l2vpn EVPN address family mode
(config-router-af)#neighbor 1.1.1.1 activate	Activate 1.1.1.1(VTEP1) into l2vpn evpn address family mode
(config-router-af)#neighbor 2.2.2.2 activate	Activate 2.2.2.2(VTEP2) into l2vpn evpn address family mode
(config-router-af)#neighbor 4.4.4.4 activate	Activate 4.4.4.4(VTEP4) into l2vpn evpn address family mode
(config-router-af)#exit-address-family	Exit from l2vpn address family mode
(config-router)#exit	Exit from Router BGP mode and enter into config mode

VRF Configuration:

(config)#mac vrf L2VRF1	Create mac routing/forwarding instance with L2VRF1 name and enter into vrf mode
(config-vrf)#rd 5.5.5.5:11	Assign RD value
(config-vrf)#description MAC VRF RED	Give description to L2VRF1 as RED
(config-vrf)#route-target both 9.9.9.9:100	Assign route-target value for same for import and export. Should be same on all node for L2VRF1
(config-vrf)#exit	Exit from vrf mode
(config)#mac vrf L2VRF2	Create mac routing/forwarding instance with L2VRF2 name and enter into vrf mode
(config-vrf)#rd 5.5.5.5:21	Assign RD value
(config-vrf)#route-target both 90.90.90.90:100	Assign route-target value for same for import and export
(config-vrf)#description MAC VRF BLUE	Give description to L2VRF2 as BLUE
(config-vrf)#exit	Exit from vrf mode

VXLAN configuration:

(config)#nvo vxlan enable	Enable VXLAN
(config)#nvo vxlan vtep-ip-global 5.5.5.5	Configure Source vtep-ip-global configuration. Use loopback ip address
(config)#nvo vxlan id 101 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1	Assign vrf for evpn-bgp to carry EVPN route
(config-nvo)# vni-name VNI-101	Configure VNI name as VNI-101
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2	Assign vrf for evpn-bgp to carry EVPN route
(config-nvo)# vni-name VNI-201	Configure VNI name as VNI-201
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)# nvo vxlan access-if port-vlan xe1 10	Enable port-vlan mapping i.e. access port to outer-vlan (SVLAN)
(config-nvo-acc-if)#map vnid 101	Map VXLAN Identified to access-port for VXLAN
(config-nvo-acc-if)# mac 0000.4444.1010 ip 11.11.11.201	Configure static mac-ip
(config-nvo-acc-if)#commit	Commit the candidate configuration to the running configuration
(config-nvo-acc-if)#exit	Exit from VXLAN access-interface mode and enter into configuration mode
(config)#exit	Exit from configuration mode

Switch1 (MH2)

Multihomed to 2-VTEPs (VTEP1 and VTEP2). It acts as Tenant system for vlan1.20.

#configure terminal	Enter Configure mode.
(config)# bridge 1 protocol rstp vlan-bridge	Configure rstp vlan bridge
(config)# vlan database	Enter vlan database config mode
(config)#vlan 2-20 bridge 1 state enable	Configure vlans from 2-20 and associate with bridge 1
(config)#interface xe5	Enter Interface mode for xe5 which is connected to TG
(config-if)#switchport	Make as L2 port by configuring switchport
(config-if)#bridge-group 1	Associate bridge 1 into interface
(config-if)# bridge-group 1 spanning-tree disable	Configure interface as stp disable
(config-if)# switchport mode trunk	Mode as trunk
(config-if)# switchport trunk allowed vlan add 10,20	Trunk allowed vlan as 10.20
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface po1	Enter Interface mode for po1
(config-if)#switchport	Make po1 as L2 port by configuring switchport
(config-if)#bridge-group 1	Associate po1 to bridge 1
(config-if)# bridge-group 1 spanning-tree disable	Configure po1 as stp disable
(config-if)# switchport mode trunk	Mode as trunk
(config-if)# switchport trunk allowed vlan add 10,20	Trunk allowed vlan as 2.10.20
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe3	Enter Interface mode for xe3
(config-if)#channel-group 1 mode active	Make it member port of po1
(config)#interface xe2	Enter Interface mode for xe2
(config-if)#channel-group 1 mode active	Make it member port of po1
(config-if)#commit	Commit the candidate configuration to the running configuration
(config-if)#exit	Exit from configuration mode

Spine-P3

Spine node where all VTEPs are connected.

Generic configuration:

#configure terminal	Enter Configure mode.
(Config)#qos enable	Enabling qos

Interface and loopback configuration:

(config)#interface lo	Enter Interface mode for lo
(config-if)#ip address 100.100.100.100/32 secondary	Configure loopback ip address as 100.100.100.100 for Spine-P3
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface ce16/1	Enter Interface mode for ce16/1
(config-if)#ip address 100.11.11.2/24	Configure ip address as 100.11.11.2 on network side of VTEP1
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config) interface ce5/1	Enter into ce5/1 interface mode
(config-if)#ip address 100.12.12.2/24	Configure ip address as 100.12.12.2 on network side of VTEP2
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config) interface ce9/1	Enter ce9/1 interface mode
(config-if)#ip address 100.14.14.2/24	Configure ip address as 100.14.14.12 on network side of VTEP4
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config) interface ce23/1	Enter interface mode
(config-if)#ip address 100.15.15.1/24	Configure ip address as 100.15.15.1 on network side of VTEP5
(config-if)#exit	Exit Interface mode and return to Configure mode.

OSPF configuration:

(config)#router ospf 100	Enter into router OSPF mode
(config-router)#ospf router-id 100.100.100.100	Configure router-id as 100.100.100.100 (lo ip address)
(config-router)#network 100.100.100.100/32 area 0.0.0.0	Add 100.100.100.100 (lo ip address) network into area 0
(config-router)#network 100.11.11.0/24 area 0.0.0.0	Add 100.11.11.0 (VTEP1) network into area 0
(config-router)#network 100.12.12.0/24 area 0.0.0.0	Add 100.12.12.0 (VTEP2) network into area 0
(config-router)#network 100.14.14.0/24 area 0.0.0.0	Add 100.14.14.0 (VTEP4) network into area 0
(config-router)#network 100.15.15.0/24 area 0.0.0.0	Add 100.15.15.0 (VTEP5) network into area 0
(config-router)#bfd all-interfaces	Enabling bfd on all ospf interface for fast convergence
(config-router)#commit	Commit the candidate configuration to the running configuration
(config-router)#exit	Exit Interface mode and return to Configure mode.

Last modified date: 08/29/2023