Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9615
Views
5
Helpful
4
Replies

ACI VXLAN/VNID

Go to solution
manu3
Level 1
Level 1

‎04-06-2018 02:27 PM - edited ‎03-01-2019 05:31 AM

Everywhere in ACI documentation we can see many explanation about the purpose of using different VNID types on ACI Fabric:

- VNID as Private Network

- VNID as Bridge Domain

- VNID as EPG

Moreover, on the Student Guide I found some other explanations about when the different VNID types are used, for example:

- VNID as Bridge Domain is used whena multicast packet is forward

 

I thought I got the purpose of the VNIDs, but with all these explanations I'm lost, I wonder :

1- When is created an EPG,a BD or a VRF on APIC and then deployed on all leafs of a single Fabric, are the associated VNIDs the same within each leafs?

2- When a unicast packet is forward from Host1/BD1/VRF1/Leaf01) to Host2/BD1/VRF1(Leaf02): which VNID is used on VXLAN header ?

3 -When a unicast packet is sent from Host1/BD1/VRF1(Leaf01) to Host2/BD2/VRF1(Leaf02): which VNID is used on VXLAN header ?

4 - When a unicast packet is sent from Host1/BD1/VRF1(Leaf01) to Host2/BD2/VRF2(Leaf02): which VNID is used on VXLAN header ?

5 - For all these cases, if it's a multicast packet: which VNI is use on VXLAN header ?

 

Edit: 6 - What is the impact of using leaf as default Gateway, or an external default gateway ? (L3out)

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
richmond
Level 1
Level 1

‎04-07-2018 03:47 AM - edited ‎04-07-2018 03:47 AM

When the traffic is bridged then the BD VNID is used. 

 

When the the traffic is routed the VRF VNID is used. 

 

The VNIDs are the same on all the leaves as they identify to which VRF or BD the traffic belongs for routing or switching operations to take place. 

View solution in original post

4 Replies 4

Go to solution
richmond
Level 1
Level 1

‎04-07-2018 03:47 AM - edited ‎04-07-2018 03:47 AM

When the traffic is bridged then the BD VNID is used. 

 

When the the traffic is routed the VRF VNID is used. 

 

The VNIDs are the same on all the leaves as they identify to which VRF or BD the traffic belongs for routing or switching operations to take place. 

Go to solution
manu3
Level 1
Level 1
In response to richmond

‎04-08-2018 04:48 AM

Hi Richmond,

Thank you for your feedback, are you absolutely sure about this ?

That’s what I thought at the beginning, but in the official Cisco student guide we can read these things:

*The VNID is used as Private Network Identifier if any of the following conditions are met:
- IP forwarding is enabled for the bridge domain (default)
- Any packet is routed (forwarded to the default gateway MAC) when bridge domain is configured for non IP forwarding
- Any packet is forwarded to the spine proxy for address resolution
- Any unicast pAddress Resolution Protocole (ARP) packet is forwarded to the target host (technically not a routed packet frame but within the fabric forwarded according to the ARP IP address).

*The VNID is used as Bridge Domain Identifier if any of the following conditions are met:
- A multicast packet is forwarded
- Any packet is forwarded when IP version 6 (IPV6) is enabled in the virtual routing and forwarding instance (VRF) or context. IPv6 will follow IP version 4 (IPv4) behavior with support of IPv6 tenant forwarding

*The VNID is used as End Point Group (EPG) Identifier if any of the following conditions are met:
- A frame is forwarded to a service appliance in standard or traditional IP service chaining mode
- A packet originates or is destined to a VXLAN-enabled hypervisor virtual switch.

So i’m a bit confused, I wonder if what is written is not a big mistake ?
0 Helpful

Go to solution
richmond
Level 1
Level 1
In response to manu3

‎04-08-2018 03:32 PM

I haven't looked at the doco for a while but from memory these are the basic rules.

 

The text from the student guide looks like it might have some missing information. E.g. The VRF VNID won't be used if the BD has IP routing enabled but the packet requires switching inside the BD. In this case it will use the BD VNID. Perhaps it does use the VRF VNID when using spine proxy in the case where the destination endpoint is not in the local station table... not sure on that front.

 

Here you can see an example of how traffic inside a BD uses the BD VNID:

https://www.cisco.com/c/en/us/support/docs/switches/nexus-9336pq-aci-spine-switch/118930-technote-aci-00.html

 

Single BD/Single EPG with Two Endpoints on Different Leafs

The VXLAN ID for that BD is 15761386, so this is the ID that is placed into the VXLAN packet. 

 

 

0 Helpful

Go to solution
manu3
Level 1
Level 1
In response to richmond

‎04-10-2018 04:46 AM

Thank you a lot for your help!

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License