Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
108
Views
0
Helpful
0
Replies

On a Nexus switch, how many VRFs can I configure for symmetric IRB?

TheAnalyst
Level 1
Level 1

‎04-29-2025 07:09 AM

I am trying to add 2 vrfs to Nexus asuming that there are 2 different tenants connected to my leaf in EVPN VXLAN network. The thing is even when I add the second vpn, BGP only show one l2vni and the second vpn does not forward. Here is the configuration of one of the leafs and the next one is almost the same. Now is this a problem on EVE-NG or am I missing something?

L211# sh run

nv overlay evpn
feature bgp
feature pim
feature isis
feature fabric forwarding
feature interface-vlan
feature vn-segment-vlan-based
feature nv overlay


ip pim rp-address 2.2.2.2 group-list 224.0.0.0/4 bidir
ip pim ssm range 232.0.0.0/8
vlan 1,10,102,1001-1002
vlan 10
  vn-segment 10010010
vlan 102
  vn-segment 10020102
vlan 1001
  vn-segment 10011001
vlan 1002
  vn-segment 10021002

route-map ALL_DIRECT_PREFIXES_C1001 permit 10
route-map ALL_DIRECT_PREFIXES_C1002 permit 10


vrf context C1001
  vni 10011001
  rd auto
  address-family ipv4 unicast
    route-target both auto
    route-target both auto evpn
vrf context C1002
  vni 10021002
  ip pim ssm range 232.0.0.0/8
  rd auto
  address-family ipv4 unicast
    route-target both auto
    route-target both auto evpn

interface Vlan10
  no shutdown
  vrf member C1001
  ip address 10.0.10.211/24

interface Vlan102
  no shutdown
  vrf member C1002
  ip address 10.0.102.211/24
  ip pim sparse-mode

interface Vlan1001
  no shutdown
  vrf member C1001
  ip forward

interface Vlan1002
  no shutdown
  vrf member C1002
  ip forward

interface nve1
  no shutdown
  host-reachability protocol bgp
  source-interface loopback0
  member vni 10010010
    mcast-group 229.0.0.10
  member vni 10011001 associate-vrf
  member vni 10020102
    mcast-group 229.0.1.102
  member vni 10021002 associate-vrf

interface Ethernet1/1
  no switchport
  mtu 9216
  ip address 10.221.211.1/31
  ipv6 address use-link-local-only
  no isis hello-padding always
  isis network point-to-point
  ip router isis DC2
  ip pim sparse-mode
  no shutdown

interface Ethernet1/2
  no switchport
  mtu 9216
  ip address 10.222.211.1/31
  ipv6 address use-link-local-only
  no isis hello-padding always
  isis network point-to-point
  ip router isis DC2
  ip pim sparse-mode
  no shutdown

interface Ethernet1/30
  switchport mode trunk
  spanning-tree port type edge trunk

interface loopback0
  ip address 2.0.0.211/32
  ipv6 address 2001::211/128
  ip router isis DC2
  ip pim sparse-mode
icam monitor scale

router isis DC2
  net 00.0000.0000.0211.00
  is-type level-2

router bgp 2
  neighbor 2.0.0.221
    remote-as 2
    update-source loopback0
    address-family l2vpn evpn
      send-community
      send-community extended
  neighbor 2.0.0.222
    remote-as 2
    update-source loopback0
    address-family l2vpn evpn
      send-community
      send-community extended
  vrf C1001
    address-family ipv4 unicast
      redistribute direct route-map PERMIT_CONNECTED_C1001
  vrf C1002
    address-family ipv4 unicast
      redistribute direct route-map PERMIT_CONNECTED_C1002

evpn
  vni 10010010 l2
    rd auto
    route-target import auto
    route-target export auto
  vni 10020102 l2
    rd auto
    route-target import auto
    route-target export auto





L211# sh bgp l2 ev
BGP routing table information for VRF default, address family L2VPN EVPN
BGP table version is 5, Local Router ID is 2.0.0.211
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-i
njected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup, 2 - b
est2

   Network            Next Hop            Metric     LocPrf     Weight Path
Route Distinguisher: 2.0.0.212:3
*>i[5]:[0]:[0]:[24]:[10.0.20.0]/224
                      2.0.0.212                0        100          0 ?

Route Distinguisher: 2.0.0.211:3    (L3VNI 10011001)
*>l[5]:[0]:[0]:[24]:[10.0.10.0]/224
                      2.0.0.211                0        100      32768 ?
*>i[5]:[0]:[0]:[24]:[10.0.20.0]/224
                      2.0.0.212                0        100          0 ?


L211# sh nve vni
Codes: CP - Control Plane        DP - Data Plane          
       UC - Unconfigured         SA - Suppress ARP        
       SU - Suppress Unknown Unicast 
       Xconn - Crossconnect      
       MS-IR - Multisite Ingress Replication 
       HYB - Hybrid IRB mode
    
Interface VNI      Multicast-group   State Mode Type [BD/VRF]      Flags
--------- -------- ----------------- ----- ---- ------------------ -----
nve1      10010010 229.0.0.10        Up    CP   L2 [10]                 
nve1      10011001 n/a               Up    CP   L3 [C1001]              
nve1      10020102 229.0.1.102       Up    CP   L2 [102]                
nve1      10021002 n/a               Up    CP   L3 [C1002]              


L211# sh int nve1
nve1 is up
admin state is up,  Hardware: NVE
  MTU 9216 bytes
  Encapsulation VXLAN
  Auto-mdix is turned off
  RX
    ucast: 0 pkts, 0 bytes - mcast: 0 pkts, 0 bytes
  TX
    ucast: 16 pkts, 1770 bytes - mcast: 0 pkts, 0 bytes
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card