Cisco | LAB VXLAN (Full Config)
VXLAN = Virtual Extensible LAN
VID = VLAN ID
VNI = VXLAN Network Identifier
EVI = EVPN Virtual Instance
VTEP= XVLAN TUnnel End Point
STEP-1
VID = VLAN ID
VNI = VXLAN Network Identifier
EVI = EVPN Virtual Instance
VTEP= XVLAN TUnnel End Point
STEP-1
VXLAN EVPN WORKBOOK
======================
IGP CONFIGURATION
======================
SW-4 SPINE
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
interface lo0
ip address 10.0.0.14/32
ip router ospf UNDERLAY area 0
interface eth1/1
no switchport
mtu 9150
ip address 10.11.14.4/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/2
no switchport
mtu 9150
ip address 10.12.14.4/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/3
no switchport
mtu 9150
ip address 10.13.14.4/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
========================================================================
SW-5 SPINE
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
interface lo0
ip address 10.0.0.15/32
ip router ospf UNDERLAY area 0
interface eth1/1
no switchport
mtu 9150
ip address 10.11.15.5/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/2
no switchport
mtu 9150
ip address 10.12.15.5/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/3
no switchport
mtu 9150
ip address 10.13.15.5/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
======================
IGP CONFIGURATION
======================
SW-4 SPINE
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
interface lo0
ip address 10.0.0.14/32
ip router ospf UNDERLAY area 0
interface eth1/1
no switchport
mtu 9150
ip address 10.11.14.4/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/2
no switchport
mtu 9150
ip address 10.12.14.4/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/3
no switchport
mtu 9150
ip address 10.13.14.4/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
========================================================================
SW-5 SPINE
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
interface lo0
ip address 10.0.0.15/32
ip router ospf UNDERLAY area 0
interface eth1/1
no switchport
mtu 9150
ip address 10.11.15.5/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/2
no switchport
mtu 9150
ip address 10.12.15.5/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/3
no switchport
mtu 9150
ip address 10.13.15.5/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
VERIFICATION:
sh ip ospf nei
sh ip route ospf | i /32
ping [ip loopback neigbor] source interface loo0
========================================================================
SW-1 LEAF
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
interface lo0
ip address 10.1.1.11/32
ip router ospf UNDERLAY area 0
interface eth1/1
no switchport
mtu 9150
ip address 10.11.14.1/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/2
no switchport
mtu 9150
ip address 10.11.15.1/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
=======================================================================
SW-2 LEAF
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
interface lo0
ip address 10.1.1.12/32
ip router ospf UNDERLAY area 0
interface eth1/1
no switchport
mtu 9150
ip address 10.12.14.1/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/2
no switchport
mtu 9150
ip address 10.12.15.1/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
========================================================================
SW-3 LEAF
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
interface lo0
ip address 10.1.1.13/32
ip router ospf UNDERLAY area 0
interface eth1/1
no switchport
mtu 9150
ip address 10.13.14.1/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/2
no switchport
mtu 9150
ip address 10.13.15.1/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
VERIFICATION
show ip ospf neighbor
sh ip route ospf | i /32
ping [ip loopback neigbor] source interface loo0
========================================================================
SW-1 LEAF
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
interface lo0
ip address 10.1.1.11/32
ip router ospf UNDERLAY area 0
interface eth1/1
no switchport
mtu 9150
ip address 10.11.14.1/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/2
no switchport
mtu 9150
ip address 10.11.15.1/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
=======================================================================
SW-2 LEAF
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
interface lo0
ip address 10.1.1.12/32
ip router ospf UNDERLAY area 0
interface eth1/1
no switchport
mtu 9150
ip address 10.12.14.1/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/2
no switchport
mtu 9150
ip address 10.12.15.1/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
========================================================================
SW-3 LEAF
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
interface lo0
ip address 10.1.1.13/32
ip router ospf UNDERLAY area 0
interface eth1/1
no switchport
mtu 9150
ip address 10.13.14.1/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
interface eth1/2
no switchport
mtu 9150
ip address 10.13.15.1/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
no shutdown
VERIFICATION
show ip ospf neighbor
STEP-2
VXLAN EVPN WORKBOOK
======================
PIM CONFIGURATION
======================
SW-4 SPINE
feature pim
ip pim rp-address 10.4.5.1 group-list 225.0.0.0/24 bidir
interface lo1
ip address 10.4.5.2/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
ip pim sparse-mode
interface lo0
ip pim sparse-mode
interface eth1/1-3
ip pim sparse-mode
============================================================
SW-5 SPINE
feature pim
ip pim rp-address 10.4.5.1 group-list 225.0.0.0/24 bidir
interface lo1
ip address 10.4.5.2/28
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
ip pim sparse-mode
interface lo0
ip pim sparse-mode
interface eth1/1-3
ip pim sparse-mode
==============================================
SW-1 LEAF
feature pim
ip pim rp-address 10.4.5.1 group-list 225.0.0.0/24 bidir
interface lo0
ip pim sparse-mode
interface eth1/1-2
ip pim sparse-mode
========================================
SW-2 LEAF
feature pim
ip pim rp-address 10.4.5.1 group-list 225.0.0.0/24 bidir
interface lo0
ip pim sparse-mode
interface eth1/1-2
ip pim sparse-mode
==========================================
SW-3 LEAF
feature pim
ip pim rp-address 10.4.5.1 group-list 225.0.0.0/24 bidir
interface lo0
ip pim sparse-mode
interface eth1/1-2
ip pim sparse-mode
VERIFICATION
show ip pim neighbor
======================
PIM CONFIGURATION
======================
SW-4 SPINE
feature pim
ip pim rp-address 10.4.5.1 group-list 225.0.0.0/24 bidir
interface lo1
ip address 10.4.5.2/29
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
ip pim sparse-mode
interface lo0
ip pim sparse-mode
interface eth1/1-3
ip pim sparse-mode
============================================================
SW-5 SPINE
feature pim
ip pim rp-address 10.4.5.1 group-list 225.0.0.0/24 bidir
interface lo1
ip address 10.4.5.2/28
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
ip pim sparse-mode
interface lo0
ip pim sparse-mode
interface eth1/1-3
ip pim sparse-mode
==============================================
SW-1 LEAF
feature pim
ip pim rp-address 10.4.5.1 group-list 225.0.0.0/24 bidir
interface lo0
ip pim sparse-mode
interface eth1/1-2
ip pim sparse-mode
========================================
SW-2 LEAF
feature pim
ip pim rp-address 10.4.5.1 group-list 225.0.0.0/24 bidir
interface lo0
ip pim sparse-mode
interface eth1/1-2
ip pim sparse-mode
==========================================
SW-3 LEAF
feature pim
ip pim rp-address 10.4.5.1 group-list 225.0.0.0/24 bidir
interface lo0
ip pim sparse-mode
interface eth1/1-2
ip pim sparse-mode
VERIFICATION
show ip pim neighbor
STEP-3
VXLAN EVPN WORKBOOK
======================
BGP EVPN CONFIGURATION
======================
SW-4 SPINE
feature bgp
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 4.4.4.4
neighbor 10.1.1.0/24
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
route-reflector-client
===================================
SW-5 SPINE
feature bgp
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 5.5.5.5
neighbor 10.1.1.0/24
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
route-reflector-client
===================================
SW-1 LEAF
feature bgp
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 1.1.1.1
neighbor 10.0.0.14
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
neighbor 10.0.0.15
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
===================================
SW-2 LEAF
feature bgp
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 2.2.2.2
neighbor 10.0.0.14
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
neighbor 10.0.0.15
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
===================================
SW-3 LEAF
feature bgp
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 3.3.3.3
neighbor 10.0.0.14
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
neighbor 10.0.0.15
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
===================================
VERIFICATION
show bgp l2vpn evpn summary
======================
BGP EVPN CONFIGURATION
======================
SW-4 SPINE
feature bgp
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 4.4.4.4
neighbor 10.1.1.0/24
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
route-reflector-client
===================================
SW-5 SPINE
feature bgp
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 5.5.5.5
neighbor 10.1.1.0/24
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
route-reflector-client
===================================
SW-1 LEAF
feature bgp
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 1.1.1.1
neighbor 10.0.0.14
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
neighbor 10.0.0.15
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
===================================
SW-2 LEAF
feature bgp
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 2.2.2.2
neighbor 10.0.0.14
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
neighbor 10.0.0.15
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
===================================
SW-3 LEAF
feature bgp
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 3.3.3.3
neighbor 10.0.0.14
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
neighbor 10.0.0.15
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
===================================
VERIFICATION
show bgp l2vpn evpn summary
STEP-4
VXLAN EVPN WORKBOOK L2 FORWARDING
======================
VLAN TO L2VNI MAPPING CONFIGURATION
======================
SW-1 LEAF
feature vn-segment-vlan-based
vlan 10
vn-segment 100010
======================
SW-2 LEAF
feature vn-segment-vlan-based
vlan 10
vn-segment 100010
vlan 20
vn-segment 100020
======================
SW-3 LEAF
feature vn-segment-vlan-based
vlan 20
vn-segment 100020
======================
VLAN TO L2VNI MAPPING CONFIGURATION
======================
SW-1 LEAF
feature vn-segment-vlan-based
vlan 10
vn-segment 100010
======================
SW-2 LEAF
feature vn-segment-vlan-based
vlan 10
vn-segment 100010
vlan 20
vn-segment 100020
======================
SW-3 LEAF
feature vn-segment-vlan-based
vlan 20
vn-segment 100020
STEP-5
======================
DOWNLINK CONFIGURATION
======================
SW-1 LEAF
interface eth1/10-11
switchport mode access
switchport access vlan 10
======================
SW-2 LEAF
interface eth1/10
switchport mode access
switchport access vlan 10
interface eth1/11
switchport mode access
switchport access vlan 20
======================
SW-3 LEAF
interface eth1/10
switchport mode access
switchport access vlan 20
DOWNLINK CONFIGURATION
======================
SW-1 LEAF
interface eth1/10-11
switchport mode access
switchport access vlan 10
======================
SW-2 LEAF
interface eth1/10
switchport mode access
switchport access vlan 10
interface eth1/11
switchport mode access
switchport access vlan 20
======================
SW-3 LEAF
interface eth1/10
switchport mode access
switchport access vlan 20
STEP-6
======================
NVE INTERFACE CONFIGURATION
======================
SW-1 LEAF
interface nve1
host-reachability protocol bgp
source-interface loopback0
member vni 100010
mcast-group 225.0.0.10
no shutdown
======================
SW-2 LEAF
interface nve1
host-reachability protocol bgp
source-interface loopback0
member vni 100010
mcast-group 225.0.0.10
member vni 100020
mcast-group 225.0.0.20
no shutdown
======================
SW-3 LEAF
interface nve1
host-reachability protocol bgp
source-interface loopback0
member vni 100020
mcast-group 225.0.0.20
no shutdown
STEP-7
======================
L2VNI EVPN CONFIGURATION
======================
SW-1 LEAF
feature fabric forwarding
evpn
vni 100010 l2
rd auto
route-target import auto
route-target export auto
======================
SW-2 LEAF
feature fabric forwarding
evpn
vni 100010 l2
rd auto
route-target import auto
route-target export auto
vni 100020 l2
rd auto
route-target import auto
route-target export auto
======================
SW-3 LEAF
feature fabric forwarding
evpn
vni 100020 l2
rd auto
route-target import auto
route-target export auto
======================
NVE INTERFACE CONFIGURATION
======================
SW-1 LEAF
interface nve1
host-reachability protocol bgp
source-interface loopback0
member vni 100010
mcast-group 225.0.0.10
no shutdown
======================
SW-2 LEAF
interface nve1
host-reachability protocol bgp
source-interface loopback0
member vni 100010
mcast-group 225.0.0.10
member vni 100020
mcast-group 225.0.0.20
no shutdown
======================
SW-3 LEAF
interface nve1
host-reachability protocol bgp
source-interface loopback0
member vni 100020
mcast-group 225.0.0.20
no shutdown
STEP-7
======================
L2VNI EVPN CONFIGURATION
======================
SW-1 LEAF
feature fabric forwarding
evpn
vni 100010 l2
rd auto
route-target import auto
route-target export auto
======================
SW-2 LEAF
feature fabric forwarding
evpn
vni 100010 l2
rd auto
route-target import auto
route-target export auto
vni 100020 l2
rd auto
route-target import auto
route-target export auto
======================
SW-3 LEAF
feature fabric forwarding
evpn
vni 100020 l2
rd auto
route-target import auto
route-target export auto
VERIFIKASi
show bpg l2vpn evpn sum
Lalu set IP server-A dan Server-B yang terdapat di SW1-LEAF
Server-A
sudo route add -net 0.0.0.0/0 dev eth0 gw 192.168.10.254
sudo ifconfig eth0 192.168.10.10 netmask 255.255.255.0 up
show bpg l2vpn evpn sum
Lalu set IP server-A dan Server-B yang terdapat di SW1-LEAF
Server-A
sudo route add -net 0.0.0.0/0 dev eth0 gw 192.168.10.254
sudo ifconfig eth0 192.168.10.10 netmask 255.255.255.0 up
Server-B
sudo route add -net 0.0.0.0/0 dev eth0 gw 192.168.10.254
sudo ifconfig eth0 192.168.10.11 netmask 255.255.255.0 up
Server-C
sudo route add -net 0.0.0.0/0 dev eth0 gw 192.168.10.254
sudo ifconfig eth0 192.168.10.12 netmask 255.255.255.0 up
*Seharusnya antar server-A dan B sdh bisa reachabel ketika diping, akrena satu segment.
*Cek ARP di SW1-LEAF
#sh mac address-table
*Cek ARP di SW1-LEAF
#sh mac address-table
STEP-8
Supaya bisa ngobrol antar vlan yang berbeda kita harus maping ke dalam VNI, kita mesti assign VNI-ID dalam L3-VNI-ID.
VXLAN EVPN WORKBOOK L3 FORWARDING
========================
VRF L3 VNI CONFIGURATION
========================
SW-1 LEAF
vrf context TENANT1
vni 50000
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
======================
SW-2 LEAF
vrf context TENANT1
vni 50000
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
======================
SW-3 LEAF
vrf context TENANT1
vni 50000
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
VXLAN EVPN WORKBOOK L3 FORWARDING
========================
VRF L3 VNI CONFIGURATION
========================
SW-1 LEAF
vrf context TENANT1
vni 50000
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
======================
SW-2 LEAF
vrf context TENANT1
vni 50000
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
======================
SW-3 LEAF
vrf context TENANT1
vni 50000
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
STEP-9
=====================================
VLAN TO L3 VNI MAPPING CONFIGURATION
=====================================
SW-1 LEAF
vlan 500
vn-segment 50000
======================
SW-2 LEAF
vlan 500
vn-segment 50000
======================
SW-3 LEAF
vlan 500
vn-segment 50000
STEP-10
==============================
ANYCAST GATEWAY CONFIGURATION
==============================
=====================================
VLAN TO L3 VNI MAPPING CONFIGURATION
=====================================
SW-1 LEAF
vlan 500
vn-segment 50000
======================
SW-2 LEAF
vlan 500
vn-segment 50000
======================
SW-3 LEAF
vlan 500
vn-segment 50000
STEP-10
==============================
ANYCAST GATEWAY CONFIGURATION
==============================
SW-1 LEAF
fabric forwarding anycast-gateway-mac 0000.1234.5678
======================
SW-2 LEAF
fabric forwarding anycast-gateway-mac 0000.1234.5678
======================
SW-3 LEAF
fabric forwarding anycast-gateway-mac 0000.1234.5678
fabric forwarding anycast-gateway-mac 0000.1234.5678
======================
SW-2 LEAF
fabric forwarding anycast-gateway-mac 0000.1234.5678
======================
SW-3 LEAF
fabric forwarding anycast-gateway-mac 0000.1234.5678
STEP-11
==================
SVI CONFIGURATION
==================
SW-1 LEAF
feature interface-vlan
interface vlan500
vrf member TENANT1
ip forward
no shutdown
interface vlan10
mtu 9150
vrf member TENANT1
ip address 192.168.10.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
======================
SW-2 LEAF
feature interface-vlan
interface vlan500
vrf member TENANT1
ip forward
no shutdown
interface vlan10
mtu 9150
vrf member TENANT1
ip address 192.168.10.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
interface vlan20
mtu 9150
vrf member TENANT1
ip address 192.168.20.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
======================
SW-3 LEAF
feature interface-vlan
interface vlan500
vrf member TENANT1
ip forward
no shutdown
interface vlan20
mtu 9150
vrf member TENANT1
ip address 192.168.20.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
STEP-12
=============================
NVE INTERFACE CONFIGURATION
=============================
SW-1 LEAF
interface nve1
member vni 50000 associate-vrf
===============================
SW-2 LEAF
interface nve1
member vni 50000 associate-vrf
===============================
SW-3 LEAF
interface nve1
member vni 50000 associate-vrf
STEP-13
==============================================
REDISTRIBUTE SVI SUBNET INTO BGP CONFIGURATION
Tujuanya adalah
==============================================
SW-1 LEAF
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT1
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
==============================================
SW-2 LEAF
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT1
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
==============================================
SW-3 LEAF
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT1
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
VERIFIKASI:
SW1-LEAF
ping 192.168.20.254 vrf TENANT1
sh bgp l2vpn evpn summary
Samapai disini konfigurasi sudah selesai. Lakukan pengetesan (verifikasi) dengan ping antar vlan yang ssama dengan vlan berbeda, dan seharunsya hasila sdh aman (reply).
==================
SVI CONFIGURATION
==================
SW-1 LEAF
feature interface-vlan
interface vlan500
vrf member TENANT1
ip forward
no shutdown
interface vlan10
mtu 9150
vrf member TENANT1
ip address 192.168.10.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
======================
SW-2 LEAF
feature interface-vlan
interface vlan500
vrf member TENANT1
ip forward
no shutdown
interface vlan10
mtu 9150
vrf member TENANT1
ip address 192.168.10.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
interface vlan20
mtu 9150
vrf member TENANT1
ip address 192.168.20.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
======================
SW-3 LEAF
feature interface-vlan
interface vlan500
vrf member TENANT1
ip forward
no shutdown
interface vlan20
mtu 9150
vrf member TENANT1
ip address 192.168.20.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
STEP-12
=============================
NVE INTERFACE CONFIGURATION
=============================
SW-1 LEAF
interface nve1
member vni 50000 associate-vrf
===============================
SW-2 LEAF
interface nve1
member vni 50000 associate-vrf
===============================
SW-3 LEAF
interface nve1
member vni 50000 associate-vrf
STEP-13
==============================================
REDISTRIBUTE SVI SUBNET INTO BGP CONFIGURATION
Tujuanya adalah
==============================================
SW-1 LEAF
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT1
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
==============================================
SW-2 LEAF
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT1
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
==============================================
SW-3 LEAF
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT1
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
VERIFIKASI:
SW1-LEAF
ping 192.168.20.254 vrf TENANT1
sh bgp l2vpn evpn summary
Samapai disini konfigurasi sudah selesai. Lakukan pengetesan (verifikasi) dengan ping antar vlan yang ssama dengan vlan berbeda, dan seharunsya hasila sdh aman (reply).
&&&&&&&& Success...!! &&&&&&
JIKA INIGN MENAMBAH TENAT BARU misal Tenant2
STEP-1
VXLAN EVPN WORKBOOK L2 FORWARDING
======================
VLAN TO L2VNI MAPPING CONFIGURATION
==============================
SW-1 LEAF
feature vn-segment-vlan-based
vlan 100
vn-segment 100100
======================
SW-2 LEAF
feature vn-segment-vlan-based
vlan 100
vn-segment 100100
vlan 200
vn-segment 100200
======================
SW-3 LEAF
feature vn-segment-vlan-based
vlan 200
vn-segment 100200
vlan 100
vn-segment 100100
======================
SW-2 LEAF
feature vn-segment-vlan-based
vlan 100
vn-segment 100100
vlan 200
vn-segment 100200
======================
SW-3 LEAF
feature vn-segment-vlan-based
vlan 200
vn-segment 100200
======================
DOWNLINK CONFIGURATION
======================
SW-1 LEAF
interface eth1/20-21
switchport mode access
switchport access vlan 100
======================
SW-2 LEAF
interface eth1/20
switchport mode access
switchport access vlan 100
interface eth1/21
switchport mode access
switchport access vlan 200
======================
SW-3 LEAF
interface eth1/20
switchport mode access
switchport access vlan 200
======================
DOWNLINK CONFIGURATION
======================
SW-1 LEAF
interface eth1/20-21
switchport mode access
switchport access vlan 100
======================
SW-2 LEAF
interface eth1/20
switchport mode access
switchport access vlan 100
interface eth1/21
switchport mode access
switchport access vlan 200
======================
SW-3 LEAF
interface eth1/20
switchport mode access
switchport access vlan 200
======================
NVE INTERFACE CONFIGURATION
======================
SW-1 LEAF
interface nve1
host-reachability protocol bgp
source-interface loopback0
member vni 100100
mcast-group 225.0.0.100
no shutdown
======================
SW-2 LEAF
interface nve1
host-reachability protocol bgp
source-interface loopback0
member vni 100100
mcast-group 225.0.0.100
member vni 100200
mcast-group 225.0.0.200
no shutdown
======================
SW-3 LEAF
interface nve1
host-reachability protocol bgp
source-interface loopback0
member vni 100200
mcast-group 225.0.0.200
no shutdown
======================
L2VNI EVPN CONFIGURATION
======================
SW-1 LEAF
feature fabric forwarding
evpn
vni 100100 l2
rd auto
route-target import auto
route-target export auto
======================
SW-2 LEAF
feature fabric forwarding
evpn
vni 100100 l2
rd auto
route-target import auto
route-target export auto
vni 100200 l2
rd auto
route-target import auto
route-target export auto
======================
SW-3 LEAF
feature fabric forwarding
evpn
vni 100200 l2
rd auto
route-target import auto
route-target export auto
STEP-2
VXLAN EVPN WORKBOOK L3 FORWARDING
========================
VRF L3 VNI CONFIGURATION
========================
SW-1 LEAF
vrf context TENANT2
vni 50001
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
======================
SW-2 LEAF
vrf context TENANT2
vni 50001
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
======================
SW-3 LEAF
vrf context TENANT2
vni 50001
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
=====================================
VLAN TO L3 VNI MAPPING CONFIGURATION
=====================================
SW-1 LEAF
vlan 501
vn-segment 50001
======================
SW-2 LEAF
vlan 501
vn-segment 50001
======================
SW-3 LEAF
vlan 501
vn-segment 50001
==============================
ANYCAST GATEWAY CONFIGURATION
==============================
SW-1 LEAF
fabric forwarding anycast-gateway-mac aaaa.1234.5678
======================
SW-2 LEAF
fabric forwarding anycast-gateway-mac aaaa.1234.5678
======================
SW-3 LEAF
fabric forwarding anycast-gateway-mac aaaa.1234.5678
==================
SVI CONFIGURATION
==================
SW-1 LEAF
feature interface-vlan
interface vlan501
vrf member TENANT2
ip forward
no shutdown
interface vlan100
mtu 9150
vrf member TENANT2
ip address 192.168.100.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
======================
SW-2 LEAF
feature interface-vlan
interface vlan501
vrf member TENANT2
ip forward
no shutdown
interface vlan100
mtu 9150
vrf member TENANT2
ip address 192.168.100.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
interface vlan200
mtu 9150
vrf member TENANT2
ip address 192.168.200.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
======================
SW-3 LEAF
feature interface-vlan
interface vlan501
vrf member TENANT2
ip forward
no shutdown
interface vlan200
mtu 9150
vrf member TENANT2
ip address 192.168.200.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
=============================
NVE INTERFACE CONFIGURATION
=============================
SW-1 LEAF
interface nve1
member vni 50001 associate-vrf
===============================
SW-2 LEAF
interface nve1
member vni 50001 associate-vrf
===============================
SW-3 LEAF
interface nve1
member vni 50001 associate-vrf
===============================
REDISTRIBUTE SVI SUBNET INTO BGP CONFIGURATION
================================
SW-1 LEAF
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT2
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
==========================
SW-2 LEAF
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT2
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
==============================
SW-3 LEAF
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT2
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
---------SELESAI----------------
========================
VRF L3 VNI CONFIGURATION
========================
SW-1 LEAF
vrf context TENANT2
vni 50001
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
======================
SW-2 LEAF
vrf context TENANT2
vni 50001
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
======================
SW-3 LEAF
vrf context TENANT2
vni 50001
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
=====================================
VLAN TO L3 VNI MAPPING CONFIGURATION
=====================================
SW-1 LEAF
vlan 501
vn-segment 50001
======================
SW-2 LEAF
vlan 501
vn-segment 50001
======================
SW-3 LEAF
vlan 501
vn-segment 50001
==============================
ANYCAST GATEWAY CONFIGURATION
==============================
SW-1 LEAF
fabric forwarding anycast-gateway-mac aaaa.1234.5678
======================
SW-2 LEAF
fabric forwarding anycast-gateway-mac aaaa.1234.5678
======================
SW-3 LEAF
fabric forwarding anycast-gateway-mac aaaa.1234.5678
==================
SVI CONFIGURATION
==================
SW-1 LEAF
feature interface-vlan
interface vlan501
vrf member TENANT2
ip forward
no shutdown
interface vlan100
mtu 9150
vrf member TENANT2
ip address 192.168.100.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
======================
SW-2 LEAF
feature interface-vlan
interface vlan501
vrf member TENANT2
ip forward
no shutdown
interface vlan100
mtu 9150
vrf member TENANT2
ip address 192.168.100.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
interface vlan200
mtu 9150
vrf member TENANT2
ip address 192.168.200.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
======================
SW-3 LEAF
feature interface-vlan
interface vlan501
vrf member TENANT2
ip forward
no shutdown
interface vlan200
mtu 9150
vrf member TENANT2
ip address 192.168.200.254/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
=============================
NVE INTERFACE CONFIGURATION
=============================
SW-1 LEAF
interface nve1
member vni 50001 associate-vrf
===============================
SW-2 LEAF
interface nve1
member vni 50001 associate-vrf
===============================
SW-3 LEAF
interface nve1
member vni 50001 associate-vrf
===============================
REDISTRIBUTE SVI SUBNET INTO BGP CONFIGURATION
================================
SW-1 LEAF
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT2
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
==========================
SW-2 LEAF
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT2
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
==============================
SW-3 LEAF
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT2
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
---------SELESAI----------------
JIKA INGIN KONFIGURASI vPC
SW1-LEAF
feature vpc
interface mgmt0
ip address 10.1.2.1/24
no shutdown
vpc domain 1
peer-keepalive destination 10.1.2.2 source 10.1.2.1
peer-switch
peer-gateway
feature lacp
interface eth1/1
channel-group 1 mode active
interface eth1/2
channel-group 1 mode active
interface port-channel 1
switchport mode trunk
vpc peer-link
interface eth1/3
channel-group 2 mode active
no shutdown
interface port-channel 2
switchport mode trunk
switchport trunk allowed vlan all
vpc 2
no shutdown
SW2-LEAF
feature vpc
interface mgmt0
ip address 10.1.2.2/24
no shutdown
vpc domain 1
peer-keepalive destination 10.1.2.1 source 10.1.2.2
peer-switch
peer-gateway
feature lacp
interface eth1/1
channel-group 1 mode active
interface eth1/2
channel-group 1 mode active
interface port-channel 1
switchport mode trunk
vpc peer-link
interface eth1/3
channel-group 2 mode active
no shutdown
interface port-channel 2
switchport mode trunk
switchport trunk allowed vlan all
vpc 2
no shutdown
IOSv-L2
interface range gi0/0-1
channel-group 2 mode active
no shutdown
interface port-channel 2
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan all
no shutdown
feature vpc
interface mgmt0
ip address 10.1.2.1/24
no shutdown
vpc domain 1
peer-keepalive destination 10.1.2.2 source 10.1.2.1
peer-switch
peer-gateway
feature lacp
interface eth1/1
channel-group 1 mode active
interface eth1/2
channel-group 1 mode active
interface port-channel 1
switchport mode trunk
vpc peer-link
interface eth1/3
channel-group 2 mode active
no shutdown
interface port-channel 2
switchport mode trunk
switchport trunk allowed vlan all
vpc 2
no shutdown
SW2-LEAF
feature vpc
interface mgmt0
ip address 10.1.2.2/24
no shutdown
vpc domain 1
peer-keepalive destination 10.1.2.1 source 10.1.2.2
peer-switch
peer-gateway
feature lacp
interface eth1/1
channel-group 1 mode active
interface eth1/2
channel-group 1 mode active
interface port-channel 1
switchport mode trunk
vpc peer-link
interface eth1/3
channel-group 2 mode active
no shutdown
interface port-channel 2
switchport mode trunk
switchport trunk allowed vlan all
vpc 2
no shutdown
IOSv-L2
interface range gi0/0-1
channel-group 2 mode active
no shutdown
interface port-channel 2
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan all
no shutdown
Posting Komentar untuk "Cisco | LAB VXLAN (Full Config)"