Recent Posts

Wednesday, 1 November 2017

VXLAN Configuration

Introduction

This document provides a high level overview of Virtual Extensible LAN (VXLAN) and a few configuration examples followed by verification commands and output.

Requirements

Cisco recommends that you have knowledge of these topics:
  • Multicast routing concepts such as Rendezvous Point (RP) and Platform Independent Multicast (PIM).
  • Virtual Port Channel (vPC) concepts.
This document assumes that the IP routing and multicast routing has been established prior to VXLAN configuration.

Components Used

The information in this document is based on these software and hardware versions:
  • Nexus 9396s as vPC Virtual Tunnel Endpoints (VTEPs) that run Version 7.0(3)I1(1b)
  • Nexus 3172 that runs Version 6.0(2)U5(1)
  • LAN_ENTERPRISE_SERVICES_PKG license installed
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Background Information

Terminology

VXLAN (Virtual Extensible LAN) - The technology that provides the same Ethernet Layer 2 network services as VLAN does today, but with greater extensibility and flexibility.
VNID (Vxlan Network Identifier) - 24 bit segment ID that defines the broadcast domain. Interchangeable with "VXLAN Segment ID".
VTEP (Virtual Tunnel Endpoint) - This is the device that does the encapsulation and de-encapsulation.
NVE (Network Virtual Interface) - Logical interface where the encapsulation and de-encapsulation occur.

What is VXLAN?

  • VXLAN is a technology which allows overlaying a Layer 2 (L2) network over a Layer 3 (L3) underlay with use of any IP routing protocol.
  • It uses MAC-in-UDP Encapsulation.
VXLAN solves three main problems:
  • 16M VNIs (broadcast domains) versus the 4K offered by traditional VLANs.
  • Allows L2 to be extended anywhere in an IP network.
  • Optimized flooding.

Why VXLAN?

  • VLAN Scalability - VXLAN extends the L2 Segment ID field to 24-bits, which potentially allows up to 16 million unique L2 segments over the same network.
  • L2 Segment Elasticity over L3 Boundary - VXLAN encapsulates an L2 frame in an IP-UDP header, which allows L2 adjacency across router boundaries.
  • Leverages multicast in the transport network in order to simulate flooding behavior for broadcast, unknown unicast, and multicast in the L2 segment.
  • Leverage Equal Cost Multi-pathing (ECMP) in order to achieve optimal path usage over the transport network.

Configure

Network Diagram

Configurations

These configurations are specific to the VXLAN portion of configuration. Note that 9396-A and B are in a vPC domain while 3172-A is not. These configurations assume full reachability to all L3 interfaces in the topology with the routing protocol of your choice. Open Shortest Path First (OSPF) was used in this example. It also assumes the multicast routing has been established over these same L3 interfaces.

3172-A


feature ospf
feature pim
feature vn-segment-vlan-based
feature nv overlay

vlan 10
  vn-segment 160010
vlan 20
  vn-segment 160020

interface nve1
  source-interface loopback1
  member vni 160010 mcast-group 231.1.1.1
  member vni 160020 mcast-group 231.1.1.1
  no shutdown
  
interface Ethernet1/3
  no switchport
  ip address 192.168.1.10/30
  ip router ospf 2 area 0.0.0.0
  ip pim sparse-mode

interface loopback1
  ip address 192.168.2.5/32
  ip router ospf 2 area 0.0.0.0
  ip pim sparse-mode
9396-A
feature ospf
feature pim
feature vn-segment-vlan-based
feature nv overlay

ip pim rp-address 192.168.1.100 group-list 224.0.0.0/4

vlan 1,10,20
vlan 10
  vn-segment 160010
vlan 20
  vn-segment 160020

vpc domain 1
  peer-switch
  peer-keepalive destination 10.122.140.99
  peer-gateway

interface port-channel1
  switchport mode trunk
  spanning-tree port type network
  vpc peer-link

interface port-channel48
  switchport mode trunk
  vpc 48  

interface nve1
  mtu 9216
  no shutdown
  source-interface loopback1
  member vni 160010 mcast-group 231.1.1.1
  member vni 160020 mcast-group 231.1.1.1

interface Ethernet1/7
  no switchport
  ip address 192.168.1.2/30
  ip router ospf 1 area 0.0.0.0
  ip pim sparse-mode
  no shutdown
  
interface loopback1
  ip address 192.168.2.2/32
  ip address 192.168.2.1/32 secondary
  ip router ospf 1 area 0.0.0.0
  ip pim sparse-mode





9396-B




feature ospf
feature pim
feature vn-segment-vlan-based
feature nv overlay

ip pim rp-address 192.168.1.100 group-list 224.0.0.0/4

vlan 1,10,20
vlan 10
  vn-segment 160010
vlan 20
  vn-segment 160020
  
vpc domain 1
  peer-switch
  peer-keepalive destination 10.122.140.98
  peer-gateway

interface port-channel1
  switchport mode trunk
  spanning-tree port type network
  vpc peer-link

interface port-channel48
  switchport mode trunk
  vpc 48
 
interface nve1
  mtu 9216
  no shutdown
  source-interface loopback1
  member vni 160010 mcast-group 231.1.1.1
  member vni 160020 mcast-group 231.1.1.1
    
interface Ethernet1/7
  no switchport
  ip address 192.168.1.6/30
  ip router ospf 1 area 0.0.0.0
  ip pim sparse-mode
  no shutdown
  
interface loopback1
  ip address 192.168.2.3/32
  ip address 192.168.2.1/32 secondary
  ip router ospf 1 area 0.0.0.0
  ip pim sparse-mode
-
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • IPv6 Static NAT Configuration
    IPv6 Static NAT Configuration Hi ! everyone on today we are going to learn about IPv6 static NAT configuration. Which will be shown as ...
  • IPv6 BGP Local preference
    Introduction This document explains the IPv6 Border Gateway Protocol (BGP) Local-Preference feature. Local preference is an indication t...
  • IPv6 NAT - Needed or not ?
    Hi everyone after a long break now we will see about do we need IPv6 NAT or not which will be discussed below. Network Address Translation (...