Base Configuration

OcNOS-SP : Virtual Extensible LAN Guide : Virtual Extensible LAN Configuration Guide : VXLAN-EVPN with IRB : Base Configuration - L2 VXLAN

Base Configuration - L2 VXLAN

VTEP1

(Multi-homed group1) - Part of both Multi-homed with po1(MH2).

Hardware profile and generic configuration:

#configure terminal	Enter Configure mode.
(config)#hardware-profile filter vxlan enable	Enable hardware-profile filter for VXLAN.
(config)#hardware-profile filter vxlan-mh enable	Enable hardware-profile filter for VXLAN multi-homing.
(config)#hardware-profile filter egress-ipv4 enable	Enable hardware-profile filter for egress IPv4.
(config)#evpn vxlan multihoming enable	Enable Multihoming, save configs and reboot the board for multihoming to be effective
(config)#hardware-profile statistics ac-lif enable	Enable ac-lif for VXLAN access-if port counters
(config)#qos enable	Enabling QoS
(config)#commit	Commit the candidate configuration to running configuration

Interface and loopback configuration:

(config)#interface po1	Enter Interface mode for po1 (MH2)
(config-if)#switchport	Make it L2 interface
(config-if)# evpn multi-homed system-mac 0000.0000.2222	Configure system MAC as ESI value for Lag (po1) interface. VTEP1 and VTEP2 should have same ESI value
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe2	Enter Interface mode for xe2
(config-if)#channel-group 1 mode active	Make it member port of po1
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe3	Enter Interface mode for xe3
(config-if)#channel-group 1 mode active	Make it member port of po1
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface lo	Enter Interface mode for lo
(config-if)#ip address 1.1.1.1/32 secondary	Configure loopback IP address as 1.1.1.1 for VTEP1
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface po2	Enter Interface mode for po2
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe25	Enter Interface mode for xe25
(config-if)#channel-group 2 mode active	Make it member port of po2
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe26	Enter Interface mode for xe26
(config-if)#channel-group 2 mode active	Make it member port of po2
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface po2	Enter Interface mode for po2
(config-if)#ip address 100.11.11.1/24	Configure IP address as 100.11.11.1 on network side of Spine-P3
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#commit	Commit the candidate configuration to running configuration

OSPF configuration:

(config)#router ospf 100	Enter into router OSPF mode
(config-router)#ospf router-id 1.1.1.1	Configure router-id as 1.1.1.1 (lo IP address)
(config-router)#network 1.1.1.1/32 area 0.0.0.0	Add 1.1.1.1 (lo IP address) network into area 0
(config-router)#network 100.11.11.0/24 area 0.0.0.0	Add 100.11.11.0 (Spine-P3) network into area 0
(config-router)#bfd all-interfaces	Enabling BFD on all OSPF interface for fast convergence
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#commit	Commit the candidate configuration to running configuration

BGP configuration:

(Config)#router bgp 5000	Enter into Router BGP mode
(config-router)#bgp router-id 1.1.1.1	Configure router-id as 1.1.1.1 (lo IP address)
(config-router)#neighbor 2.2.2.2 remote-as 5000	Specify a VTEP2 loopback IP address and remote-as defined
(config-router)#neighbor 2.2.2.2 update-source lo	Configure update as loopback for VTEP2
(config-router)#neighbor 2.2.2.2 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP2
(config-router)#neighbor 4.4.4.4 remote-as 5000	Specify a VTEP4 loopback IP address and remote-as defined
(config-router)#neighbor 4.4.4.4 update-source lo	Configure update as loopback for VTEP4
(config-router)#neighbor 4.4.4.4 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP4
(config-router)#neighbor 5.5.5.5 remote-as 5000	Specify a VTEP5 loopback IP address and remote-as defined
(config-router)#neighbor 5.5.5.5 update-source lo	Configure update as loopback for VTEP5
(config-router)#neighbor 5.5.5.5 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP5
(config-router)#address-family l2vpn evpn	Enter into L2VPN EVPN address family mode
(config-router-af)#neighbor 2.2.2.2 activate	Activate 2.2.2.2(VTEP2) into L2VPN EVPN address family mode
(config-router-af)#neighbor 4.4.4.4 activate	Activate 3.3.3.3(VTEP4) into L2VPN EVPN address family mode
(config-router-af)#neighbor 5.5.5.5 activate	Activate 5.5.5.5(VTEP5) into L2VPN EVPN address family mode
(config-router-af)#exit-address-family	Exit from L2VPN address family mode
(config-router)#exit	Exit from Router BGP mode and enter into config mode
(config)#commit	Commit the candidate configuration to running configuration

L2 MAC VRF Configuration:

(config)#mac vrf L2VRF1	Create MAC routing/forwarding instance with L2VRF1 name and enter into VRF mode
(config-vrf)#rd 1.1.1.1:11	Assign RD value
(config-vrf)#description MAC VRF RED	Give description to L2VRF1 as RED
(config-vrf)#route-target both 9.9.9.9:100	Assign route-target value for same for import and export. Should be same on all node for L2VRF1
(config-vrf)#exit	Exit from VRF mode
(config)#mac vrf L2VRF2	Create MAC routing/forwarding instance with L2VRF2 name and enter into VRF mode
(config-vrf)#rd 1.1.1.1:21	Assign RD value
(config-vrf)#route-target both 90.90.90.90:100	Assign route-target value for same for import and export
(config-vrf)#description MAC VRF BLUE	Give description to L2VRF2 as BLUE
(config-vrf)#exit	Exit from VRF mode
(config)#commit	Commit the candidate configuration to running configuration

L2 VXLAN configuration:

(config)#nvo vxlan enable	Enable VXLAN
(config)#evpn esi hold-time 90	Configure ESI hold time to allow tunnel to come up at the time of VXLAN initialization before making the ESI up. It should be same on both VTEP1 and VTEP2
(config)#nvo vxlan vtep-ip-global 1.1.1.1	Configure Source vtep-ip-global configuration - Use loopback IP address
(config)#nvo vxlan id 101 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1	Assign VRF for EVPN-BGP to carry EVPN route
(config-nvo)# vni-name VNI-101	Configure VNI name as VNI-101
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2	Assign VRF for EVPN-BGP to carry EVPN route
(config-nvo)# vni-name VNI-201	Configure VNI name as VNI-201
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)#commit	Commit the candidate configuration to running configuration
(config)#nvo vxlan access-if port-vlan po1 10	Enable port-VLAN mapping i.e. access port to outer-VLAN (SVLAN) - Multihomed access port
(config-nvo-acc-if)#map vnid 101	Map VXLAN Identified to access-port for VXLAN
(config-nvo-acc-if)# mac 0000.2222.1010 ip 11.11.11.51	Configure static MAC-IP
(config-nvo-acc-if)#exit	Exit from VXLAN access-interface mode and enter into configuration mode
(config)#nvo vxlan access-if port-vlan po1 20	Enable port-VLAN mapping i.e. access port to outer-VLAN (SVLAN) - Multihomed access port
(config-nvo-acc-if)#map vnid 201	Map VXLAN Identified to access-port for VXLAN
(config-nvo-acc-if)# mac 0000.2222.1020 ip 21.21.21.51	Configure static MAC-IP
(config-nvo-acc-if)#exit	Exit from VXLAN access-interface mode and enter into configuration mode
(config)#exit	Exit from configuration mode
(config)#commit	Commit the candidate configuration to running configuration

VTEP2

(Multi-homed group1) - Part of both Multi-homed with po1(MH1).

Hardware profile and generic configuration:

#configure terminal	Enter Configure mode.
(config)#hardware-profile filter vxlan enable	Enable hardware-profile filter for VXLAN.
(config)#hardware-profile filter vxlan-mh enable	Enable hardware-profile filter for VXLAN multi-homing.
(config)#hardware-profile filter egress-ipv4 enable	Enable hardware-profile filter for egress IPv4.
(config)#evpn vxlan multihoming enable	Enable Multihoming, save configs and reboot the board for multihoming to be effective
(config)#hardware-profile statistics ac-lif enable	Enable ac-lif for VXLAN access-if port counters
(config)#qos enable	Enabling QoS
(config)#commit	Commit the candidate configuration to running configuration

Interface and loopback configuration:

(config)#interface po1	Enter Interface mode for po1 (MH2)
(config-if)#switchport	Make it L2 interface
(config-if)# evpn multi-homed system-mac 0000.0000.2222	Configure system MAC as ESI value for Lag (po1) interface. VTEP1 and VTEP2 should have same ESI value
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe8	Enter Interface mode for xe2
(config-if)#channel-group 1 mode active	Make it member port of po1
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe9	Enter Interface mode for xe3
(config-if)#channel-group 1 mode active	Make it member port of po1
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface lo	Enter Interface mode for lo
(config-if)#ip address 2.2.2.2/32 secondary	Configure loopback IP address as 2.2.2.2 for VTEP2
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface po3	Enter Interface mode for po3
(config)#i switchport	Configure po3 as L2 interface
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe27	Enter Interface mode for xe27
(config-if)#channel-group 3 mode active	Make it member port of po3
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe28	Enter Interface mode for xe28
(config-if)#channel-group 3 mode active	Make it member port of po3
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)# bridge 1 protocol rstp vlan-bridge	Configure bridge 1
(config)# vlan database	Enter into VLAN database mode
(config)#vlan 2 bridge 1 state enable	Configure VLAN 2 as part of bridge 1
(config)#interface po3	Enter Interface mode for po3
(config-if)# bridge-group 1	Configure bridge 1 for po3
(config-if)# switchport mode trunk	Switchport mode as trunk
(config-if)# switchport trunk allowed vlan add 2	Trunk allowed VLAN 2
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config) interface vlan1.2	Enter into SVI port VLAN1.2
(config-if)#ip address 100.12.12.1/24	Configure IP address as 100.12.12.1 on network side of Spine-P3
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#commit	Commit the candidate configuration to running configuration

OSPF configuration:

(config)#router ospf 100	Enter into router OSPF mode
(config-router)#ospf router-id 2.2.2.2	Configure router-id as 2.2.2.2 (lo IP address)
(config-router)#network 2.2.2.2/32 area 0.0.0.0	Add 2.2.2.2 (lo IP address) network into area 0
(config-router)#network 100.12.12.0/24 area 0.0.0.0	Add 100.12.12.0(Spine-P3) network into area 0
(config-router)#bfd all-interfaces	Enabling bfd on all ospf interface for fast convergence
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#commit	Commit the candidate configuration to running configuration

BGP configuration:

(Config)#router bgp 5000	Enter into Router BGP mode
(config-router)#bgp router-id 2.2.2.2	Configure router-id as 2.2.2.2 (lo IP address)
(config-router)#neighbor 1.1.1.1 remote-as 5000	Specify a VTEP1 loopback IP address and remote-as defined
(config-router)#neighbor 1.1.1.1 update-source lo	Configure update as loopback for VTEP1
(config-router)#neighbor 1.1.1.1 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP1
(config-router)#neighbor 4.4.4.4 remote-as 5000	Specify a VTEP4 loopback IP address and remote-as defined
(config-router)#neighbor 4.4.4.4 update-source lo	Configure update as loopback for VTEP4
(config-router)#neighbor 4.4.4.4 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP4
(config-router)#neighbor 5.5.5.5 remote-as 5000	Specify a VTEP5 loopback IP address and remote-as defined
(config-router)#neighbor 5.5.5.5 update-source lo	Configure update as loopback for VTEP5
(config-router)#neighbor 5.5.5.5 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP5
(config-router)#address-family l2vpn evpn	Enter into L2VPN EVPN address family mode
(config-router-af)#neighbor 1.1.1.1 activate	Activate 1.1.1.1(VTEP1) into L2VPN EVPN address family mode
(config-router-af)#neighbor 4.4.4.4 activate	Activate 4.4.4.4(VTEP4) into L2VPN EVPN address family mode
(config-router-af)#neighbor 5.5.5.5 activate	Activate 5.5.5.5(VTEP5) into L2VPN EVPN address family mode
(config-router-af)#exit-address-family	Exit from L2VPN address family mode
(config-router)#exit	Exit from Router BGP mode and enter into config mode
(config)#commit	Commit the candidate configuration to running configuration

VRF Configuration:

(config)#mac vrf L2VRF1	Create MAC routing/forwarding instance with L2VRF1 name and enter into VRF mode
(config-vrf)#rd 2.2.2.2:11	Assign RD value
(config-vrf)#description MAC VRF RED	Give description to L2VRF1 as RED
(config-vrf)#route-target both 9.9.9.9:100	Assign route-target value for same for import and export. Should be same on all node for L2VRF1
(config-vrf)#exit	Exit from VRF mode
(config)#mac vrf L2VRF2	Create MAC routing/forwarding instance with L2VRF2 name and enter into VRF mode
(config-vrf)#rd 2.2.2.2:21	Assign RD value
(config-vrf)#route-target both 90.90.90.90:100	Assign route-target value for same for import and export
(config-vrf)#description MAC VRF BLUE	Give description to L2VRF2 as BLUE
(config-vrf)#exit	Exit from VRF mode
(config)#commit	Commit the candidate configuration to running configuration

VXLAN configuration:

(config)#nvo vxlan enable	Enable VXLAN
(config)#evpn esi hold-time 90	Configure ESI hold time to allow tunnel to come up at the time of vxlan initialization before making the ESI up.It should be same on both VTEP1 and VTEP2
(config)#nvo vxlan vtep-ip-global 2.2.2.2	Configure Source vtep-IP-global configuration - Use loopback IP address
(config)#nvo vxlan id 101 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1	Assign VRF for EVPN-BGP to carry EVPN route
(config-nvo)# vni-name VNI-101	Configure VNI name as VNI-101
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)#commit	Commit the candidate configuration to running configuration
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2	Assign VRF for EVPN-BGP to carry EVPN route
(config-nvo)# vni-name VNI-201	Configure VNI name as VNI-201
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)#nvo vxlan access-if port-vlan po1 10	Enable port-VLAN mapping i.e. access port to outer-vlan (SVLAN) - Multihomed access port
(config-nvo-acc-if)#map vnid 101	Map VXLAN Identified to access-port for VXLAN
(config-nvo-acc-if)# mac 0000.2222.1010 ip 11.11.11.51	Configure static MAC-IP
(config-nvo-acc-if)#exit	Exit from VXLAN access-interface mode and enter into configuration mode
(config)#nvo vxlan access-if port-vlan po1 20	Enable port-VLAN mapping i.e. access port to outer-VLAN (SVLAN) - Multihomed access port
(config-nvo-acc-if)#map vnid 201	Map VXLAN Identified to access-port for VXLAN
(config-nvo-acc-if)# mac 0000.2222.1020 ip 21.21.21.51	Configure static MAC-IP
(config-nvo-acc-if)#exit	Exit from VXLAN access-interface mode and enter into configuration mode
(config)#commit	Commit the candidate configuration to running configuration

VTEP4

Single Home -SH5.

Hardware profile and generic configuration:

#configure terminal	Enter Configure mode.
(config)#hardware-profile filter vxlan enable	Enable hardware-profile filter for VXLAN.
(config)#hardware-profile filter egress-ipv4 enable	Enable hardware-profile filter for egress IPv4.
(config)#hardware-profile statistics ac-lif enable	Enable ac-lif for vxlan access-if port counters
(config)#qos enable	Enabling qos
(config)#commit	Commit the candidate configuration to running configuration

Interface and loopback configuration:

(config)#interface sa1	Enter Interface mode for sa1 (SH5)
(config-if)#switchport	Make it L2 interface
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface lo	Enter Interface mode for lo
(config-if)#ip address 4.4.4.4/32 secondary	Configure loopback IP address as 4.4.4.4 for VTEP4
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface po4	Enter Interface mode for po4
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe7	Enter Interface mode for xe7
(config-if)#channel-group 4 mode active	Make it member port of po4
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe9	Enter Interface mode for xe9
(config-if)#channel-group 4 mode active	Make it member port of po4
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config) interface po4.4	Enter L3SI po4.4
(config-if)# encapsulation dot1q 4	Encapsulation as dot1q with VLAN 4
(config-if)#ip address 100.14.14.1/24	Configure IP address as 100.14.14.1 on network side of Spine-P3
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#commit	Commit the candidate configuration to running configuration

OSPF configuration:

(config)#router ospf 100	Enter into router OSPF mode
(config-router)#ospf router-id 4.4.4.4	Configure router-id as 4.4.4.4 (lo IP address)
(config-router)#network 4.4.4.4/32 area 0.0.0.0	Add 4.4.4.4 (lo IP address) network into area 0
(config-router)#network 100.14.14.0/24 area 0.0.0.0	Add 100.14.14.0(Spine-P3) network into area 0
(config-router)#bfd all-interfaces	Enabling bfd on all ospf interface for fast convergence
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#commit	Commit the candidate configuration to running configuration

BGP configuration:

(Config)#router bgp 5000	Enter into Router BGP mode
(config-router)#bgp router-id 4.4.4.4	Configure router-id as 4.4.4.4 (lo IP address)
(config-router)#neighbor 1.1.1.1 remote-as 5000	Specify a VTEP1 loopback IP address and remote-as defined
(config-router)#neighbor 1.1.1.1 update-source lo	Configure update as loopback for VTEP1
(config-router)#neighbor 1.1.1.1 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP1
(config-router)#neighbor 2.2.2.2 remote-as 5000	Specify a VTEP2 loopback IP address and remote-as defined
(config-router)#neighbor 2.2.2.2 update-source lo	Configure update as loopback for VTEP2
(config-router)#neighbor 2.2.2.2 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP2
(config-router)#neighbor 5.5.5.5 remote-as 5000	Specify a VTEP5 loopback IP address and remote-as defined
(config-router)#neighbor 5.5.5.5 update-source lo	Configure update as loopback for VTEP5
(config-router)#neighbor 5.5.5.5 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP5
(config-router)#address-family l2vpn evpn	Enter into L2VPN EVPN address family mode
(config-router-af)#neighbor 1.1.1.1 activate	Activate 1.1.1.1(VTEP1) into L2VPN EVPN address family mode
(config-router-af)#neighbor 2.2.2.2 activate	Activate 2.2.2.2(VTEP2) into L2VPN EVPN address family mode
(config-router-af)#neighbor 5.5.5.5 activate	Activate 5.5.5.5(VTEP5) into L2VPN EVPN address family mode
(config-router-af)#exit-address-family	Exit from L2VPN address family mode
(config-router)#exit	Exit from Router BGP mode and enter into config mode
(config)#commit	Commit the candidate configuration to running configuration

VRF Configuration:

(config)#mac vrf L2VRF1	Create MAC routing/forwarding instance with L2VRF1 name and enter into VRF mode
(config-vrf)#rd 4.4.4.4:11	Assign RD value
(config-vrf)#description MAC VRF RED	Give description to L2VRF1 as RED
(config-vrf)#route-target both 9.9.9.9:100	Assign route-target value for same for import and export. Should be same on all node for L2VRF1
(config-vrf)#exit	Exit from VRF mode
(config)#mac vrf L2VRF2	Create MAC routing/forwarding instance with L2VRF2 name and enter into VRF mode
(config-vrf)#rd 4.4.4.4:21	Assign RD value
(config-vrf)#route-target both 90.90.90.90:100	Assign route-target value for same for import and export
(config-vrf)#description MAC VRF BLUE	Give description to L2VRF2 as BLUE
(config-vrf)#exit	Exit from VRF mode
(config)#commit	Commit the candidate configuration to running configuration

VXLAN configuration:

(config)#nvo vxlan enable	Enable VXLAN
(config)#nvo vxlan vtep-ip-global 4.4.4.4	Configure Source vtep-IP-global configuration. Use loopback IP address
(config)#nvo vxlan id 101 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1	Assign VRF for EVPN-BGP to carry EVPN route
(config-nvo)# vni-name VNI-101	Configure VNI name as VNI-101
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2	Assign VRF for EVPN-BGP to carry EVPN route
(config-nvo)# vni-name VNI-201	Configure VNI name as VNI-201
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)#commit	Commit the candidate configuration to running configuration
(config)# nvo vxlan access-if port-vlan sa1 20	Enable port-VLAN mapping i.e. access port to outer-vlan (SVLAN) - Multihomed access port
(config-nvo-acc-if)#map vnid 201	Map VXLAN Identified to access-port for VXLAN
(config-nvo-acc-if)# mac 0000.5555.1020 ip 21.21.21.101	Configure static MAC-IP
(config-nvo-acc-if)#exit	Exit from VXLAN access-interface mode and enter into configuration mode
(config)#exit	Exit from configuration mode
(config)#commit	Commit the candidate configuration to running configuration

VTEP5

Single Home -SH3

Hardware profile and generic configuration:

#configure terminal	Enter Configure mode.
(config)#hardware-profile filter vxlan enable	Enable hardware-profile filter for VXLAN.
(config)#hardware-profile filter egress-ipv4 enable	Enable hardware-profile filter for egress IPv4.
(config)#hardware-profile statistics ac-lif enable	Enable ac-lif for vxlan access-if port counters
(config)#qos enable	Enabling qos
(config)#commit	Commit the candidate configuration to running configuration

Interface and loopback configuration:

(config)#interface xe48	Enter Interface mode for xe48 (SH3)
(config-if)#switchport	Make it L2 interface
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface lo	Enter Interface mode for lo
(config-if)#ip address 5.5.5.5/32 secondary	Configure loopback IP address as 5.5.5.5 for VTEP5
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config) interface xe40	Enter interface mode
(config-if)#ip address 100.15.15.1/24	Configure IP address as 100.15.15.1 on network side of Spine-P3
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#commit	Commit the candidate configuration to running configuration

OSPF configuration:

(config)#router ospf 100	Enter into router OSPF mode
(config-router)#ospf router-id 5.5.5.5	Configure router-id as 5.5.5.5 (lo IP address)
(config-router)#network 5.5.5.5/32 area 0.0.0.0	Add 5.5.5.5 (lo IP address) network into area 0
(config-router)#network 100.15.15.0/24 area 0.0.0.0	Add 100.15.15.0(Spine-P3) network into area 0
(config-router)#bfd all-interfaces	Enabling bfd on all ospf interface for fast convergence
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#commit	Commit the candidate configuration to running configuration

BGP configuration:

(Config)#router bgp 5000	Enter into Router BGP mode
(config-router)#bgp router-id 5.5.5.5	Configure router-id as 5.5.5.5(lo IP address)
(config-router)#neighbor 1.1.1.1 remote-as 5000	Specify a VTEP1 loopback IP address and remote-as defined
(config-router)#neighbor 1.1.1.1 update-source lo	Configure update as loopback for VTEP1
(config-router)#neighbor 1.1.1.1 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP1
(config-router)#neighbor 2.2.2.2 remote-as 5000	Specify a VTEP2 loopback IP address and remote-as defined
(config-router)#neighbor 2.2.2.2 update-source lo	Configure update as loopback for VTEP2
(config-router)#neighbor 2.2.2.2 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP2
(config-router)#neighbor 4.4.4.4 remote-as 5000	Specify a VTEP4 loopback IP address and remote-as defined
(config-router)#neighbor 4.4.4.4 update-source lo	Configure update as loopback for VTEP4
(config-router)#neighbor 4.4.4.4 advertisement-interval 0	Configure advertisement-interval as 0 for fast convergence for VTEP4
(config-router)#address-family l2vpn evpn	Enter into L2VPN EVPN address family mode
(config-router-af)#neighbor 1.1.1.1 activate	Activate 1.1.1.1(VTEP1) into L2VPN EVPN address family mode
(config-router-af)#neighbor 2.2.2.2 activate	Activate 2.2.2.2(VTEP2) into L2VPN EVPN address family mode
(config-router-af)#neighbor 4.4.4.4 activate	Activate 4.4.4.4(VTEP4) into L2VPN EVPN address family mode
(config-router-af)#exit-address-family	Exit from L2VPN address family mode
(config-router)#exit	Exit from Router BGP mode and enter into config mode
(config)#commit	Commit the candidate configuration to running configuration

VRF Configuration:

(config)#mac vrf L2VRF1	Create MAC routing/forwarding instance with L2VRF1 name and enter into VRF mode
(config-vrf)#rd 5.5.5.5:11	Assign RD value
(config-vrf)#description MAC VRF RED	Give description to L2VRF1 as RED
(config-vrf)#route-target both 9.9.9.9:100	Assign route-target value for same for import and export. Should be same on all node for L2VRF1
(config-vrf)#exit	Exit from VRF mode
(config)#mac vrf L2VRF2	Create MAC routing/forwarding instance with L2VRF2 name and enter into VRF mode
(config-vrf)#rd 5.5.5.5:21	Assign RD value
(config-vrf)#route-target both 90.90.90.90:100	Assign route-target value for same for import and export
(config-vrf)#description MAC VRF BLUE	Give description to L2VRF2 as BLUE
(config-vrf)#exit	Exit from VRF mode
(config)#commit	Commit the candidate configuration to running configuration

VXLAN configuration:

(config)#nvo vxlan enable	Enable VXLAN
(config)#nvo vxlan vtep-ip-global 5.5.5.5	Configure Source vtep-IP-global configuration. Use loopback IP address
(config)#nvo vxlan id 101 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF1	Assign VRF for EVPN-BGP to carry EVPN route
(config-nvo)# vni-name VNI-101	Configure VNI name as VNI-101
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)#nvo vxlan id 201 ingress-replication inner-vid-disabled	Configure VXLAN Network identifier with/without inner-vid- disabled configure and enter into VXLAN tenant mode
(config-nvo)#vxlan host-reachability-protocol evpn-bgp L2VRF2	Assign vrf for EVPN-BGP to carry EVPN route
(config-nvo)# vni-name VNI-201	Configure VNI name as VNI-201
(config-nvo)#exit	Exit from VXLAN tenant mode and enter into configuration mode.
(config)# nvo vxlan access-if port-vlan xe48 10	Enable port-VLAN mapping i.e. access port to outer-vlan (SVLAN) - Multihomed access port
(config-nvo-acc-if)#map vnid 101	Map VXLAN Identified to access-port for VXLAN
(config-nvo-acc-if)# mac 0000.4444.1010 ip 11.11.11.201	Configure static MAC-IP
(config-nvo-acc-if)#exit	Exit from VXLAN access-interface mode and enter into configuration mode
(config)#commit	Commit the candidate configuration to running configuration

Switch1 (MH2)

Multihomed to 2-VTEPs (VTEP1 and VTEP2). It acts as Tenant system for VLAN1.20.

#configure terminal	Enter Configure mode.
(config)# bridge 1 protocol rstp vlan-bridge	Configure RSTP VLAN bridge
(config)# vlan database	Enter into VLAN database mode
(config)#vlan 2-20 bridge 1 state enable	Configure VLANs from 2-20 and associate with bridge 1
(config)#commit	Commit the candidate configuration to running configuration
(config)#interface xe7	Enter Interface mode for xe7
(config-if)#switchport	Make as L2 port by configuring switchport
(config-if)#bridge-group 1	Associate bridge 1 into interface
(config-if)# bridge-group 1 spanning-tree disable	Configure interface as STP disable
(config-if)# switchport mode trunk	Mode as trunk
(config-if)# switchport trunk allowed vlan add 2,10,20	Trunk allowed VLAN as 2.10.20
(config-if)#switchport trunk native vlan 2	Native VLAN as 2
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface po1	Enter Interface mode for po1
(config-if)#switchport	Make po1 as L2 port by configuring switchport
(config-if)#bridge-group 1	Associate po1 to bridge 1
(config-if)# bridge-group 1 spanning-tree disable	Configure po1 as STP disable
(config-if)# switchport mode trunk	Mode as trunk
(config-if)# switchport trunk allowed vlan add 2,10,20	Trunk allowed VLAN as 2.10.20
(config-if)#switchport trunk native vlan 2	Native VLAN as 2
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe3	Enter Interface mode for xe3
(config-if)#channel-group 1 mode active	Make it member port of po1
(config)#interface xe4	Enter Interface mode for xe4
(config-if)#channel-group 1 mode active	Make it member port of po1
(config)#exit	Exit from configuration mode
(config)#interface xe9	Enter Interface mode for xe9
(config-if)#channel-group 1 mode active	Make it member port of po1
(config)#interface xe10	Enter Interface mode for xe10
(config-if)#channel-group 1 mode active	Make it member port of po1
(config)#exit	Exit from configuration mode
(config)#interface vlan1.20	Enter Interface mode for VLAN1.20
(config-if)# ip address 21.21.21.2/24	Configure IP address
(config-if)#ipv6 address 21:21::21:2/48	Configure IPv6 address
(config-if)#exit	Exit from configuration mode
(config)#commit	Commit the candidate configuration to running configuration

Switch2 (SH5)

#configure terminal	Enter Configure mode.
(config)# bridge 1 protocol rstp vlan-bridge	Configure RSTP VLAN bridge
(config)# vlan database
(config)#vlan 2-20 bridge 1 state enable	Configure VLANs from 2-20 and associate with bridge 1
(config)#commit	Commit the candidate configuration to running configuration
(config)#interface xe22	Enter Interface mode for xe22
(config-if)#switchport	Make xe22 as L2 port by configuring switchport
(config-if)#bridge-group 1	Associate xe22 to bridge 1
(config-if)# bridge-group 1 spanning-tree disable	Configure xe22 as STP disable
(config-if)# switchport mode trunk	Mode as trunk
(config-if)# switchport trunk allowed vlan add 6,10,20	Trunk allowed VLAN as 6,.10 &.20
(config-if)#switchport trunk native vlan 6	Native VLAN as 6
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface sa1	Enter Interface mode for sa11
(config-if)#switchport	Make sa1 as L2 port by configuring switchport
(config-if)#bridge-group 1	Associate sa1 to bridge 1
(config-if)# bridge-group 1 spanning-tree disable	Configure sa1 as STP disable
(config-if)# switchport mode trunk	Mode as trunk
(config-if)# switchport trunk allowed vlan add 6,10,20	Trunk allowed VLAN as 2,.10.& 20
(config-if)#switchport trunk native vlan 6	Native VLAN as 6
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe3	Enter Interface mode for xe3
(config-if)# static-channel-group 1	Make it member port of sa1
(config)#interface xe4	Enter Interface mode for xe4
(config-if)# static-channel-group 1	Make it member port of sa1
(config)#exit	Exit from configuration mode
(config)#interface vlan1.20	Enter Interface mode for VLAN1.20
(config-if)# ip address 21.21.21.3/24	Configure IP address
(config-if)#ipv6 address 21:21::21:3/48	Configure IPv6 address
(config-if)#exit	Exit from configuration mode
(config)#commit	Commit the candidate configuration to running configuration

Spine-P3

Spine node where all VTEPs are connected.

Generic configuration:

#configure terminal	Enter Configure mode.
(config)#qos enable	Enabling qos
(config)#commit	Commit the candidate configuration to running configuration

Interface and loopback configuration:

(config)#interface lo	Enter Interface mode for lo
(config-if)#ip address 100.100.100.100/32 secondary	Configure loopback IP address as 100.100.100.100 for Spine-P3
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface po2	Enter Interface mode for po2
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe25	Enter Interface mode for xe25
(config-if)#channel-group 2 mode active	Make it member port of po2
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe26	Enter Interface mode for xe26
(config-if)#channel-group 2 mode active	Make it member port of po3
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface po2	Enter Interface mode for po2
(config-if)#ip address 100.11.11.2/24	Configure IP address as 100.11.11.2 on network side of VTEP1
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface po3	Enter Interface mode for po3
(config)#i switchport	Configure po3 as L2 interface
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe27	Enter Interface mode for xe27
(config-if)#channel-group 3 mode active	Make it member port of po3
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe28	Enter Interface mode for xe28
(config-if)#channel-group 3 mode active	Make it member port of po3
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)# bridge 1 protocol rstp vlan-bridge	Configure bridge 1
(config)# vlan database	Enter into VLAN database mode
(config)#vlan 2 bridge 1 state enable	Configure VLAN 2 as part of bridge 1
(config)#interface po3	Enter Interface mode for po3
(config-if)# bridge-group 1	Configure bridge 1 for po3
(config-if)# switchport mode trunk	Switchport mode as trunk
(config-if)# switchport trunk allowed vlan add 2	Trunk allowed VLAN 2
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config) interface vlan1.2	Enter into SVI port VLAN1.2
(config-if)#ip address 100.12.12.2/24	Configure IP address as 100.12.12.2 on network side of VTEP2
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface po4	Enter Interface mode for po4
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe7	Enter Interface mode for xe7
(config-if)#channel-group 4 mode active	Make it member port of po4
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#interface xe9	Enter Interface mode for xe9
(config-if)#channel-group 4 mode active	Make it member port of po4
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config) interface po4.4	Enter L3SI po4.4
(config-if)# encapsulation dot1q 4	Encapsulation as dot1q with VLAN 4
(config-if)#ip address 100.14.14.2/24	Configure IP address as 100.14.14.12 on network side of VTEP4
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config) interface xe40	Enter interface mode
(config-if)#ip address 100.15.15.1/24	Configure IP address as 100.15.15.1 on network side of VTEP5
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#commit	Commit the candidate configuration to running configuration

OSPF configuration:

(config)#router ospf 100	Enter into router OSPF mode
(config-router)#ospf router-id 100.100.100.100	Configure router-id as 100.100.100.100 (lo IP address)
(config-router)#network 100.100.100.100/32 area 0.0.0.0	Add 100.100.100.100 (lo IP address) network into area 0
(config-router)#network 100.11.11.0/24 area 0.0.0.0	Add 100.11.11.0 (VTEP1) network into area 0
(config-router)#network 100.12.12.0/24 area 0.0.0.0	Add 100.12.12.0 (VTEP2) network into area 0
(config-router)#network 100.14.14.0/24 area 0.0.0.0	Add 100.14.14.0 (VTEP4) network into area 0
(config-router)#network 100.15.15.0/24 area 0.0.0.0	Add 100.15.15.0 (VTEP5) network into area 0
(config-router)#bfd all-interfaces	Enabling bfd on all ospf interface for fast convergence
(config-if)#exit	Exit Interface mode and return to Configure mode.
(config)#commit	Commit the candidate configuration to running configuration

Last modified date: 10/20/2023