Cisco | Nexus - Lab VXLAN - Done
IP Network (Underlay) i.e: IGP = PIM + BGP
VNI / VNID : VXLAN Overlay Network. i.e: NVE
VTEP = VXLAN Tunel End Point
NVE = Network Virtualization Edge
VNI / VNID = VXLAN Network Identifier
---------------------------------
Mgmtm Plane = SSH, Syslog, SNMP
Data Plane = Aktual Paket yg lewat
Control Plane = MAC address Table, ARP, Routing Table,
Protocol Data Plane:
VTEP IP:
Biasanya yg dipakai adalah IP loopback dengan prefix /32, di advertise pake routing IGP (ospf)
PIM (protocol Independet Multicast), fungsiny adalah:
- forward overlay's BUM trafik (biradcast, unicat dan multicast)
- semua VTEP multicast adalah pengirim danpenerima untukmasing VNI
-
==================
VERIFIKASI:
show ip pim neighbor
BERIKUT KONFIGURASI dari masing-maisng device
STEP-1: SPINE-01 | VXLAN Underlay
##CONFIG IP INTERFACE##
conf t
boot nxos bootflash:nxos.7.0.3.I5.2.bin
copy running-config startup-config
!
boot nxos bootflash:nxos.7.0.3.I5.2.bin
copy running-config startup-config
!
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
int lo0
ip add 192.168.0.1/32
ip router ospf UNDERLAY area 0
exit
interface ethernet1/1
no switchport
no shutdown
ip address 10.0.6.1/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
exit
int eth1/3
no shut
mtu 9150
no switchport
ip add 10.0.1.1/30
no shut
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
int eth1/4
no shut
mtu 9150
no switchport
ip add 10.0.2.1/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
int eth1/5
no shut
mtu 9150
no switchport
ip add 10.0.3.1/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
SPINE-02 (VXLAN Underlay)
##CONFIG IP INTERFACE##
conf t
boot nxos bootflash:nxos.7.0.3.I5.2.bin
copy running-config startup-config
!
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
int lo0
ip add 192.168.0.2/32
ip router ospf UNDERLAY area 0
exit
interface ethernet1/1
no switchport
no shutdown
ip address 10.0.6.2/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
exit
int eth1/3
no shut
mtu 9150
no switchport
ip add 10.0.4.1/30
no shut
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
int eth1/4
no shut
mtu 9150
no switchport
ip add 10.0.5.1/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
int eth1/5
no shut
mtu 9150
no switchport
ip add 10.0.6.1/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
router ospf UNDERLAY
system jumbomtu 9216
int lo0
ip add 192.168.0.1/32
ip router ospf UNDERLAY area 0
exit
interface ethernet1/1
no switchport
no shutdown
ip address 10.0.6.1/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
exit
int eth1/3
no shut
mtu 9150
no switchport
ip add 10.0.1.1/30
no shut
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
int eth1/4
no shut
mtu 9150
no switchport
ip add 10.0.2.1/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
int eth1/5
no shut
mtu 9150
no switchport
ip add 10.0.3.1/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
SPINE-02 (VXLAN Underlay)
##CONFIG IP INTERFACE##
conf t
boot nxos bootflash:nxos.7.0.3.I5.2.bin
copy running-config startup-config
!
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
int lo0
ip add 192.168.0.2/32
ip router ospf UNDERLAY area 0
exit
interface ethernet1/1
no switchport
no shutdown
ip address 10.0.6.2/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
exit
int eth1/3
no shut
mtu 9150
no switchport
ip add 10.0.4.1/30
no shut
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
int eth1/4
no shut
mtu 9150
no switchport
ip add 10.0.5.1/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
int eth1/5
no shut
mtu 9150
no switchport
ip add 10.0.6.1/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
LEAF-01 (VXLAN Underlay)
##CONFIG IP INTERFACE##
conf t
boot nxos bootflash:nxos.7.0.3.I5.2.bin
copy running-config startup-config
!
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
int lo0
ip add 192.168.10.1/32
ip router ospf UNDERLAY area 0
exit
int eth1/1
no shut
mtu 9150
no switchport
ip add 10.0.1.2/30
no shut
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
int eth1/2
no shut
mtu 9150
no switchport
ip add 10.0.4.2/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
##CONFIG IP INTERFACE##
conf t
boot nxos bootflash:nxos.7.0.3.I5.2.bin
copy running-config startup-config
!
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
int lo0
ip add 192.168.10.1/32
ip router ospf UNDERLAY area 0
exit
int eth1/1
no shut
mtu 9150
no switchport
ip add 10.0.1.2/30
no shut
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
int eth1/2
no shut
mtu 9150
no switchport
ip add 10.0.4.2/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
LEAF-02 (VXLAN Underlay)
##CONFIG IP INTERFACE##
conf t
boot nxos bootflash:nxos.7.0.3.I5.2.bin
copy running-config startup-config
!
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
int lo0
ip add 192.168.10.2/32
ip router ospf UNDERLAY area 0
exit
int eth1/1
no shut
mtu 9150
no switchport
ip add 10.0.2.2/30
no shut
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
int eth1/2
no shut
mtu 9150
no switchport
ip add 10.0.5.2/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
VERIFIKASI:
feature ospf
router ospf UNDERLAY
system jumbomtu 9216
int lo0
ip add 192.168.10.2/32
ip router ospf UNDERLAY area 0
exit
int eth1/1
no shut
mtu 9150
no switchport
ip add 10.0.2.2/30
no shut
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
int eth1/2
no shut
mtu 9150
no switchport
ip add 10.0.5.2/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0
exit
VERIFIKASI:
sh ip route ospf | i /32
sh ip ospf neig
sh ip route ospf-UNDERLAY
sh ip ospf neig
sh ip route ospf-UNDERLAY
STEP-2: PIM CONFIGURATION
SPINE-01
feature pim
ip pim rp-address 10.4.5.10 group-list 225.0.0.0/24 bidir
SPINE-01
feature pim
ip pim rp-address 10.4.5.10 group-list 225.0.0.0/24 bidir
ip pim rp-address 10.4.5.11 group-list 225.0.0.0/24 bidir
!
ip pim ssm range 232.0.0.0/8
!
interface lo1
ip address 10.4.5.10/32
ip pim sparse-mode
exit
interface lo0
ip pim sparse-mode
exit
interface eth1/3-5
ip pim sparse-mode
exit
!
ip pim ssm range 232.0.0.0/8
!
interface lo1
ip address 10.4.5.10/32
ip pim sparse-mode
exit
interface lo0
ip pim sparse-mode
exit
interface eth1/3-5
ip pim sparse-mode
exit
SPINE-02
feature pim
ip pim rp-address 10.4.5.11 group-list 225.0.0.0/24 bidir
ip pim rp-address 10.4.5.10 group-list 225.0.0.0/24 bidir
!
ip pim ssm range 232.0.0.0/8
!
interface lo1
ip address 10.4.5.11/32
ip pim sparse-mode
exit
interface lo0
ip pim sparse-mode
exit
interface eth1/3-5
ip pim sparse-mode
exit
VERIFIKASI:
SPNIE-1# sh ip pim neighbor
LEAF-01
feature pim
ip pim rp-address 10.4.5.10 group-list 225.0.0.0/24 bidir
ip pim rp-address 10.4.5.11 group-list 225.0.0.0/24 bidir
!
ip pim ssm range 232.0.0.0/8
!
interface lo0
ip pim sparse-mode
exit
interface eth1/1-2
ip pim sparse-mode
exit
LEAF-02
feature pim
ip pim rp-address 10.4.5.11 group-list 225.0.0.0/24 bidir
ip pim rp-address 10.4.5.10 group-list 225.0.0.0/24 bidir
!
ip pim ssm range 232.0.0.0/8
!
interface lo0
ip pim sparse-mode
exit
interface eth1/1-2
ip pim sparse-mode
exit
feature pim
ip pim rp-address 10.4.5.11 group-list 225.0.0.0/24 bidir
ip pim rp-address 10.4.5.10 group-list 225.0.0.0/24 bidir
!
ip pim ssm range 232.0.0.0/8
!
interface lo1
ip address 10.4.5.11/32
ip pim sparse-mode
exit
interface lo0
ip pim sparse-mode
exit
interface eth1/3-5
ip pim sparse-mode
exit
VERIFIKASI:
SPNIE-1# sh ip pim neighbor
LEAF-01
feature pim
ip pim rp-address 10.4.5.10 group-list 225.0.0.0/24 bidir
ip pim rp-address 10.4.5.11 group-list 225.0.0.0/24 bidir
!
ip pim ssm range 232.0.0.0/8
!
interface lo0
ip pim sparse-mode
exit
interface eth1/1-2
ip pim sparse-mode
exit
LEAF-02
feature pim
ip pim rp-address 10.4.5.11 group-list 225.0.0.0/24 bidir
ip pim rp-address 10.4.5.10 group-list 225.0.0.0/24 bidir
!
ip pim ssm range 232.0.0.0/8
!
interface lo0
ip pim sparse-mode
exit
interface eth1/1-2
ip pim sparse-mode
exit
VERIFIKASI:
feature bgp
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 192.168.0.1
neighbor 192.168.10.0/24
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
route-reflector-client
exit
exit
SPINE-02
feature bgp
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 192.168.0.2
neighbor 192.168.10.0/24
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
route-reflector-client
exit
exit
DITAHAP INI ADLAH : Redistribute SVIs Subnets into BGP under VRF’s Address Family
LEAF-01
feature bgp
feature nv overlay
nv overlay evpn
!
router bgp 65001
router-id 192.168.10.1
neighbor 192.168.0.1
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
exit
!
neighbor 192.168.0.2
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
exit
exit
feature nv overlay
nv overlay evpn
!
router bgp 65001
router-id 192.168.10.1
neighbor 192.168.0.1
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
exit
!
neighbor 192.168.0.2
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
exit
exit
LEAF-02
feature bgp
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 192.168.10.2
neighbor 192.168.0.1
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
exit
neighbor 192.168.0.2
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
exit
exit
feature nv overlay
nv overlay evpn
router bgp 65001
router-id 192.168.10.2
neighbor 192.168.0.1
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
exit
neighbor 192.168.0.2
remote-as 65001
update-source lo0
address-family l2vpn evpn
send-community extended
exit
exit
VERIFIKASI:
SPNIE-1#
sh bgp l2vpn evpn sum
STEP-4: VXLAN EVPN Overlay Configuration (L2 forwarding):
4.1: Configure VLANs and map them to VNIs.
LEAF-01
feature vn-segment-vlan-based
vlan 10
vn-segment 100010
exit
vlan 20
vn-segment 100020
exit
LEAF-02
feature vn-segment-vlan-based
vlan 10
vn-segment 100010
exit
vlan 20
vn-segment 100020
exit
vlan 10
vn-segment 100010
exit
vlan 20
vn-segment 100020
exit
LEAF-02
feature vn-segment-vlan-based
vlan 10
vn-segment 100010
exit
vlan 20
vn-segment 100020
exit
STEP-5 : Configure downstream ports as access or trunk ports to end device (server).
LEAF-01
LEAF-01
interface eth1/3
no shut
switchport mode access
switchport access vlan 10
exit
!
interface eth1/4
no shut
switchport mode access
switchport access vlan 20
exit
LEAF-02
interface eth1/3
no shut
switchport mode access
switchport access vlan 10
exit
!
interface eth1/4
no shut
switchport mode access
switchport access vlan 20
exit
STEP-6 : Step 3: Configure the NVE interface with the required VNI members and configure necessary options such as multicast group and ARP suppression.
switchport mode access
switchport access vlan 10
exit
!
interface eth1/4
no shut
switchport mode access
switchport access vlan 20
exit
LEAF-02
interface eth1/3
no shut
switchport mode access
switchport access vlan 10
exit
!
interface eth1/4
no shut
switchport mode access
switchport access vlan 20
exit
STEP-6 : Step 3: Configure the NVE interface with the required VNI members and configure necessary options such as multicast group and ARP suppression.
Tambahan:
Biasanya ketika input suppres-arp akan muncul error karena kita diminta untuk mengkonfig TCAM terlebih dahulu. Maka ketik command dibawah ini dimasing-masing switch
LEAF-01 dan LEAF-02.
hardware access-list tcam region span 0
hardware access-list tcam region vacl 0
hardware access-list tcam region arp-ether 256
hardware access-list tcam region span 0
hardware access-list tcam region vacl 0
hardware access-list tcam region arp-ether 256
Ditahap ini adalah : Configure the NVE Interface
LEAF-01
interface nve1
no shutdown
source-interface loopback0
host-reachability protocol bgp
member vni 100010
suppress-arp
mcast-group 239.0.0.10
member vni 100020
suppress-arp
mcast-group 239.0.0.20
member vni 500001 associate-vrf
exit
interface nve1
no shutdown
source-interface loopback0
host-reachability protocol bgp
member vni 100010
suppress-arp
mcast-group 239.0.0.10
member vni 100020
suppress-arp
mcast-group 239.0.0.20
member vni 500001 associate-vrf
exit
LEAF-02
interface nve1
no shutdown
source-interface loopback0
host-reachability protocol bgp
member vni 100010
suppress-arp
mcast-group 239.0.0.10
member vni 100020
suppress-arp
mcast-group 239.0.0.20
member vni 500001 associate-vrf
exit
VERIFIKASI:
interface nve1
no shutdown
source-interface loopback0
host-reachability protocol bgp
member vni 100010
suppress-arp
mcast-group 239.0.0.10
member vni 100020
suppress-arp
mcast-group 239.0.0.20
member vni 500001 associate-vrf
exit
VERIFIKASI:
STEP-7: Define the L2 VNIs under the EVPN configuration mode.
Noted: Di NXOS jika menggunakan LEAF seri N5K maka perlu install fitur tambahan:
feature fabric forwarding
hardware ethernet store and-forward-swithing
LEAF-01
install feature fabric
nv overlay evpn
!
evpn
vni 100010 l2
rd auto
route-target import auto
route-target export auto
!
vni 100020 l2
rd auto
route-target import auto
route-target export auto
exit
hardware ethernet store and-forward-swithing
LEAF-01
install feature fabric
nv overlay evpn
!
evpn
vni 100010 l2
rd auto
route-target import auto
route-target export auto
!
vni 100020 l2
rd auto
route-target import auto
route-target export auto
exit
VERIFKASI
LEAF-02
install feature fabric
feature fabric forwarding
hardware ethernet store and-forward-swithing
nv overlay evpn
!
vni 100010 l2
rd auto
route-target import auto
route-target export auto
!
vni 100020 l2
rd auto
route-target import auto
route-target export auto
exit
VERIFIKASI:
install feature fabric
feature fabric forwarding
hardware ethernet store and-forward-swithing
nv overlay evpn
!
vni 100010 l2
rd auto
route-target import auto
route-target export auto
!
vni 100020 l2
rd auto
route-target import auto
route-target export auto
exit
VERIFIKASI:
STEP 8 : Configure the VRF(s) with its L3 VNI
Noted: Ditahap ini adalah Configure the VRF-Shared VLAN dan Configure the Anycast Gateway MAC. Supaya
bisa ngobrol antar vlan yang berbeda kita harus maping ke dalam VNI,
kita mesti assign VNI-ID dalam L3-VNI-ID yaitu config VRF L3 VNI
CONFIGURATION
LEAF-01
fabric forwarding anycast-gateway-mac 0000.dc01.dc01
vlan 501
vn-segment 500001
vrf context TENANT1
vni 500001
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
exit
exit
LEAF-02
fabric forwarding anycast-gateway-mac 0000.dc01.dc01
vlan 501
vn-segment 500001
vrf context TENANT1
vni 500001
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
exit
fabric forwarding anycast-gateway-mac 0000.dc01.dc01
vlan 501
vn-segment 500001
vrf context TENANT1
vni 500001
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
exit
exit
LEAF-02
fabric forwarding anycast-gateway-mac 0000.dc01.dc01
vlan 501
vn-segment 500001
vrf context TENANT1
vni 500001
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
exit
STEP-10: SVI CONFIGURATION
LEAF-01
feature interface-vlan
interface vlan 501
no shutdown
vrf member TENANT1
ip forward
exit
LEAF-01
feature interface-vlan
interface vlan 501
no shutdown
vrf member TENANT1
ip forward
exit
Ditahap ini adalah: Configure the required SVIs
interface vlan10
no shutdown
mtu 9150
vrf member TENANT1
ip address 10.87.10.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
exit
!
interface vlan20
mtu 9150
vrf member TENANT1
ip address 10.87.20.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
exit
no shutdown
mtu 9150
vrf member TENANT1
ip address 10.87.10.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
exit
!
interface vlan20
mtu 9150
vrf member TENANT1
ip address 10.87.20.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
exit
LEAF-02
feature interface-vlan
interface vlan 501
no shutdown
vrf member TENANT1
ip forward
exit
interface vlan10
no shutdown
mtu 9150
vrf member TENANT1
ip address 10.87.10.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
exit
interface vlan20
no shutdown
mtu 9150
vrf member TENANT1
ip address 10.87.20.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
exit
STEP-13 : REEDISTRIBUTE SVI SUBNET INTO BGP CONFIGURATION
LEAF-01
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT1
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
LEAF-02
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT1
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
exit
VERIFIKASI:
sh l2route evpn mac-ip all
sh ip bgp vrf teNANT1
LEAF-01
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT1
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
LEAF-02
route-map OVERLAY_SUBNET permit 10
match tag 65846
router bgp 65001
vrf TENANT1
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
exit
VERIFIKASI:
sh l2route evpn mac-ip all
sh ip bgp vrf teNANT1
VERIFIKASI:
sh l2route evpn mac-ip all
VERIFIKASI:Cek Interface VLAN (SVI) vrf TENANT1
PING antar PC dan antar VLAN
####### SELESAI - SUKSES ########
JIKA MENAMBAH MULTI TENANT, MISAL BUAT TENANT-2
VLAN 100
VLAN 200
VLAN 100
VLAN 200
### ADD VLAN ##
===========================
LEAF-01
feature vn-segment-vlan-based
vlan 100
vn-segment 100100
exit
!
vlan 200
vn-segment 100200
exit
!
LEAF-02
feature vn-segment-vlan-based
vlan 100
vn-segment 100100
exit
!
vlan 200
vn-segment 100200
exit
##NVE INTERFACE CONFIGURATION##
====================================
LEAF-01
interface nve1
host-reachability protocol bgp
source-interface loopback0
member vni 100100
mcast-group 239.0.0.100
member vni 100200
mcast-group 239.0.0.200
member vni 500002 associate-vrf
exit
LEAF-02
interface nve1
host-reachability protocol bgp
source-interface loopback0
member vni 100100
mcast-group 239.0.0.100
member vni 100200
mcast-group 239.0.0.200
member vni 500002 associate-vrf
exit
L2VNI EVPN CONFIGURATION
=======================
LEAF-01
feature fabric forwarding
nv overlay evpn
!
evpn
vni 100100 l2
rd auto
route-target import auto
route-target export auto
!
vni 100200 l2
rd auto
route-target import auto
route-target export auto
LEAF-02
feature fabric forwarding
nv overlay evpn
!
evpn
vni 100100 l2
rd auto
route-target import auto
route-target export auto
!
vni 100200 l2
rd auto
route-target import auto
route-target export auto
VRF OVERLAY L3 ROUTING CONFIGURATION DAN VNI MAPPING
=====================================================
LEAF-01
fabric forwarding anycast-gateway-mac 0000.dc01.dc01
vlan 502
vn-segment 500002
vrf context TENANT2
vni 500002
ip pim ssm range 232.0.0.0/8
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
exit
exit
LEAF-02
fabric forwarding anycast-gateway-mac 0000.dc01.dc01
vlan 502
vn-segment 500002
vrf context TENANT2
vni 500002
ip pim ssm range 232.0.0.0/8
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
exit
exit
SVI INTERFACE CONFIGURATION
===============================
LEAF-01
feature interface-vlan
interface vlan 502
no shutdown
vrf member TENANT2
ip forward
exit
interface vlan 100
no shutdown
mtu 9150
vrf member TENANT2
ip address 10.87.100.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
exit
!
interface vlan 200
mtu 9150
vrf member TENANT2
ip address 10.87.200.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
exit
LEAF-02
feature interface-vlan
interface vlan 502
no shutdown
vrf member TENANT2
ip forward
exit
interface vlan 100
no shutdown
mtu 9150
vrf member TENANT2
ip address 10.87.100.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
exit
!
interface vlan 200
mtu 9150
vrf member TENANT2
ip address 10.87.200.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
exit
REEDISTRIBUTE SVI SUBNET INTO BGP CONFIGURATION
==============================================
LEAF-01
route-map OVERLAY_SUBNET permit 20
match tag 65846
router bgp 65002
vrf TENANT2
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
LEAF-02
route-map OVERLAY_SUBNET permit 20
match tag 65846
router bgp 65002
vrf TENANT2
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
exit
DOWNLINK INTERFACE CONFIGURATION
===============================
LEAF-01
interface eth1/5
switchport mode access
switchport access vlan 100
exit
!
interface eth1/6
switchport mode access
switchport access vlan 200
LEAF-02
interface eth1/5
switchport mode access
switchport access vlan 100
exit
!
interface eth1/6
switchport mode access
switchport access vlan 200
LEAF-01
fabric forwarding anycast-gateway-mac 0000.dc01.dc01
vlan 502
vn-segment 500002
vrf context TENANT2
vni 500002
ip pim ssm range 232.0.0.0/8
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
exit
exit
LEAF-02
fabric forwarding anycast-gateway-mac 0000.dc01.dc01
vlan 502
vn-segment 500002
vrf context TENANT2
vni 500002
ip pim ssm range 232.0.0.0/8
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
exit
exit
SVI INTERFACE CONFIGURATION
===============================
LEAF-01
feature interface-vlan
interface vlan 502
no shutdown
vrf member TENANT2
ip forward
exit
interface vlan 100
no shutdown
mtu 9150
vrf member TENANT2
ip address 10.87.100.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
exit
!
interface vlan 200
mtu 9150
vrf member TENANT2
ip address 10.87.200.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
exit
LEAF-02
feature interface-vlan
interface vlan 502
no shutdown
vrf member TENANT2
ip forward
exit
interface vlan 100
no shutdown
mtu 9150
vrf member TENANT2
ip address 10.87.100.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
exit
!
interface vlan 200
mtu 9150
vrf member TENANT2
ip address 10.87.200.1/24 tag 65846
ip pim sparse-mode
fabric forwarding mode anycast-gateway
no shutdown
exit
REEDISTRIBUTE SVI SUBNET INTO BGP CONFIGURATION
==============================================
LEAF-01
route-map OVERLAY_SUBNET permit 20
match tag 65846
router bgp 65002
vrf TENANT2
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
LEAF-02
route-map OVERLAY_SUBNET permit 20
match tag 65846
router bgp 65002
vrf TENANT2
address-family ipv4 unicast
redistribute direct route-map OVERLAY_SUBNET
exit
DOWNLINK INTERFACE CONFIGURATION
===============================
LEAF-01
interface eth1/5
switchport mode access
switchport access vlan 100
exit
!
interface eth1/6
switchport mode access
switchport access vlan 200
LEAF-02
interface eth1/5
switchport mode access
switchport access vlan 100
exit
!
interface eth1/6
switchport mode access
switchport access vlan 200
Posting Komentar untuk "Cisco | Nexus - Lab VXLAN - Done"