vxlan multisite

vivarock12 · ‎04-28-2019

Can VXLAN Multi site be done with only on border leaf?

Primary SITE

2 Spine and 4 Leaf

Secondary SITE

1 Spine and 2 Leaf

And im triying to have l2 redundancy.

Thanks for the help?

balaji.bandi · ‎04-28-2019

The solution is possible, again we are not sure your total environment. like topology and devices involved.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

vivarock12 · ‎04-28-2019

Thanks for the help.

Primary Site:

2 - Border LEAF

|

2 - SPINE

|

2 - Clients LEAF

Secondary Site:

1 - Border LEAF:

|

1 - SPINE

|

1 - Clients LEAF

Border LEAF are for External Connection to the DC, And would be use for the BGW and should I user one for the Primary or both?

Clients LEAF for Server.

Question this will give me a Redundant L2 and L3

Saludos,

Gerardo Andree Mejia

vivarock12 · ‎05-10-2019

here the topology al the nexus are Virtual machines on a VMware.

and the config is next:

SITE 1 spine

SPINE_SITE1# sh run

!Command: show running-config
!Running configuration last done at: Fri May 10 14:49:36 2019
!Time: Fri May 10 15:06:16 2019

version 9.2(3) Bios:version
hostname SPINE_SITE1
vdc SPINE_SITE1 id 1
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 511
limit-resource u4route-mem minimum 128 maximum 128
limit-resource u6route-mem minimum 96 maximum 96
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8

nv overlay evpn
feature ospf
feature bgp
feature pim
feature interface-vlan
feature vn-segment-vlan-based
feature nv overlay

username admin password 5 $5$WoQmtFHc$u5s4GMtkqKL2PMfpho6LQJmwCUwYkV.lGSwJpHUOAP
1 role network-admin
ip domain-lookup
system jumbomtu 9000
ip access-list a
10 permit ip 10.101.1.0 0.0.0.255 any
20 permit ip 10.101.12.0 0.0.0.255 any
evpn multisite border-gateway 101
delay-restore time 300
snmp-server user admin network-admin auth md5 0x51b17057bd12e6273fc6634ef5fa42c3
priv 0x51b17057bd12e6273fc6634ef5fa42c3 localizedkey
rmon event 1 description FATAL(1) owner PMON@FATAL
rmon event 2 description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 description ERROR(3) owner PMON@ERROR
rmon event 4 description WARNING(4) owner PMON@WARNING
rmon event 5 description INFORMATION(5) owner PMON@INFO

fabric forwarding anycast-gateway-mac 0000.1111.2222
ip route 0.0.0.0/0 172.16.1.1
ip route 10.102.1.0/24 172.16.1.1 name EQUIPOS_DC2
ip route 10.102.12.0/24 172.16.1.1 name EQUIPOS_DC2
ip pim rp-address 10.101.1.1 group-list 224.0.0.0/4
ip pim ssm range 232.0.0.0/8
vlan 1,12,1001-1002
vlan 12
vn-segment 121212
vlan 1001
vn-segment 900001
vlan 1002
vn-segment 900002

route-map NEXT-HOP-UNCHANGED permit 10
set ip next-hop unchanged
route-map a permit 10
match ip address a
route-map unchanged permit 10
set ip next-hop unchanged
vrf context TENANT-BANRURAL
vni 121212
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
vrf context management

interface Vlan1

interface Vlan12
no shutdown
vrf member TENANT-BANRURAL
ip forward

interface nve1
no shutdown
host-reachability protocol bgp
source-interface loopback0
global mcast-group 239.0.0.1 L2
multisite border-gateway interface loopback3
member vni 121212 associate-vrf
member vni 900001
multisite ingress-replication
ingress-replication protocol bgp
member vni 900002
multisite ingress-replication
ingress-replication protocol bgp

interface Ethernet1/1
description SPINE_SITE_XLEAF_SITE_1
no switchport
ip address 10.101.101.1/30
ip ospf network point-to-point
ip router ospf UNDERLAY_101 area 0.0.0.0
ip pim sparse-mode
evpn multisite fabric-tracking
no shutdown

interface Ethernet1/2
no switchport
ip address 172.16.1.2/30
ip router ospf DCI area 0.0.0.0
evpn multisite dci-tracking
no shutdown

interface mgmt0
vrf member management

interface loopback0
description Routing_ID_ANYCAST
ip address 10.101.1.1/32
ip router ospf UNDERLAY_101 area 0.0.0.0
ip pim sparse-mode

interface loopback1
description VTEP_ID
ip address 10.101.12.1/32
ip router ospf UNDERLAY_101 area 0.0.0.0
ip pim sparse-mode

interface loopback3
ip address 172.17.101.1/32
ip router ospf DCI area 0.0.0.0
ip pim sparse-mode
line console
line vty
boot nxos bootflash:/nxos.9.2.3.bin
router ospf DCI
router-id 172.17.101.1
router ospf UNDERLAY_101
router-id 10.101.1.1
network 10.101.1.1/32 area 0.0.0.0
network 10.101.12.1/32 area 0.0.0.0
network 10.101.101.0/30 area 0.0.0.0
router bgp 65101
router-id 10.101.1.1
address-family ipv4 unicast
address-family l2vpn evpn
nexthop route-map unchanged
template peer VTEP-PEERS
remote-as 65101
update-source loopback0
address-family ipv4 unicast
send-community
send-community extended
route-reflector-client
address-family l2vpn evpn
send-community
send-community extended
route-reflector-client
neighbor 10.101.1.2
inherit peer VTEP-PEERS
neighbor 172.17.102.1
remote-as 65102
update-source loopback3
ebgp-multihop 5
peer-type fabric-external
address-family l2vpn evpn
send-community
send-community extended
rewrite-evpn-rt-asn
evpn
vni 900001 l2
rd auto
route-target import auto
route-target export auto
vni 900002 l2
rd auto
route-target import auto
route-target export auto

SITE1 LEAF

LEAF_SITE1# sh run

!Command: show running-config
!Running configuration last done at: Fri May 10 14:36:40 2019
!Time: Fri May 10 15:09:38 2019

version 9.2(3) Bios:version
hostname LEAF_SITE1
vdc LEAF_SITE1 id 1
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 511
limit-resource u4route-mem minimum 128 maximum 128
limit-resource u6route-mem minimum 96 maximum 96
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8

nv overlay evpn
feature ospf
feature bgp
feature pim
feature interface-vlan
feature vn-segment-vlan-based
feature nv overlay

username admin password 5 $5$6aBohS/i$34DkDieA1YqeaGlG4SYKjdu9w9dOnWGwbY0Pupfkp.
6 role network-admin
ip domain-lookup
system jumbomtu 9000
copp profile strict
snmp-server user admin network-admin auth md5 0x8ce9aeb2b012737f11b5990925534af0
priv 0x8ce9aeb2b012737f11b5990925534af0 localizedkey
rmon event 1 description FATAL(1) owner PMON@FATAL
rmon event 2 description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 description ERROR(3) owner PMON@ERROR
rmon event 4 description WARNING(4) owner PMON@WARNING
rmon event 5 description INFORMATION(5) owner PMON@INFO

fabric forwarding anycast-gateway-mac 0000.1111.2222
ip route 0.0.0.0/0 10.101.101.1
ip route 10.102.1.0/24 10.101.101.1 name EQUIPOS_DC2
ip route 10.102.12.0/24 10.101.101.1 name EQUIPOS_DC2
ip pim rp-address 10.101.1.1 group-list 224.0.0.0/4
ip pim ssm range 232.0.0.0/8
vlan 1,12,1001-1002
vlan 12
vn-segment 121212
vlan 1001
vn-segment 900001
vlan 1002
vn-segment 900002

route-map unchanged permit 10
set ip next-hop unchanged
vrf context TENANT-BANRURAL
vni 121212
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
vrf context management

interface Vlan1

interface Vlan12
no shutdown
vrf member TENANT-BANRURAL
ip forward

interface Vlan1001
no shutdown
vrf member TENANT-BANRURAL
ip address 192.168.120.1/24
fabric forwarding mode anycast-gateway

interface Vlan1002
no shutdown
vrf member TENANT-BANRURAL
ip address 192.168.121.1/24
fabric forwarding mode anycast-gateway

interface nve1
no shutdown
host-reachability protocol bgp
source-interface loopback0
global mcast-group 239.0.0.1 L2
member vni 121212 associate-vrf
member vni 900001
ingress-replication protocol bgp
member vni 900002
ingress-replication protocol bgp

interface Ethernet1/1
description SPINE_SITE_XLEAF_SITE_1
no switchport
ip address 10.101.101.2/30
ip ospf network point-to-point
ip router ospf UNDERLAY_101 area 0.0.0.0
ip pim sparse-mode
no shutdown

interface Ethernet1/2
switchport access vlan 1001

interface mgmt0
vrf member management

interface loopback0
description Routing_ID_ANYCAST
ip address 10.101.1.2/32
ip router ospf UNDERLAY_101 area 0.0.0.0
ip pim sparse-mode

interface loopback1
description VTEP_ID
ip address 10.101.12.2/32
ip router ospf UNDERLAY_101 area 0.0.0.0
ip pim sparse-mode
line console
line vty
boot nxos bootflash:/nxos.9.2.3.bin
router ospf ISP_DCI
router-id 172.17.101.1
network 172.16.1.0/30 area 0.0.0.0
network 172.17.101.1/32 area 0.0.0.0
router ospf UNDERLAY_101
router-id 10.101.1.2
network 10.101.1.2/32 area 0.0.0.0
network 10.101.12.2/32 area 0.0.0.0
network 10.101.101.0/30 area 0.0.0.0
router bgp 65101
router-id 10.101.1.2
address-family ipv4 unicast
address-family l2vpn evpn
neighbor 10.101.1.1
remote-as 65101
update-source loopback0
address-family ipv4 unicast
send-community
send-community extended
address-family l2vpn evpn
send-community
send-community extended
vrf TENANT-BANRURAL
evpn
vni 900001 l2
rd auto
route-target import auto
route-target export auto
vni 900002 l2
rd auto
route-target import auto
route-target export auto

/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

SITE2_spine

sITE2_SPINE# sh run

!Command: show running-config
!Running configuration last done at: Fri May 10 14:48:46 2019
!Time: Fri May 10 15:06:20 2019

version 9.2(3) Bios:version
hostname SITE2_SPINE
vdc SITE2_SPINE id 1
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 511
limit-resource u4route-mem minimum 128 maximum 128
limit-resource u6route-mem minimum 96 maximum 96
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8

nv overlay evpn
feature ospf
feature bgp
feature pim
feature interface-vlan
feature vn-segment-vlan-based
feature nv overlay

username admin password 5 $5$GCQDA.HY$LDz1P9cPmzoij7ybOHbY1yo4lQZ0ly3HY5s.wEhYSc
6 role network-admin
ip domain-lookup
system jumbomtu 9000
ip access-list a
10 permit ip 10.102.1.0 0.0.0.255 any
20 permit ip 10.102.12.0 0.0.0.255 any
copp profile strict
evpn multisite border-gateway 102
delay-restore time 300
snmp-server user admin network-admin auth md5 0xf0bdbe1b1ed9d278f86e8659d0c681a2
priv 0xf0bdbe1b1ed9d278f86e8659d0c681a2 localizedkey
rmon event 1 description FATAL(1) owner PMON@FATAL
rmon event 2 description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 description ERROR(3) owner PMON@ERROR
rmon event 4 description WARNING(4) owner PMON@WARNING
rmon event 5 description INFORMATION(5) owner PMON@INFO

ip route 0.0.0.0/0 172.16.2.1
ip route 10.101.1.0/24 172.16.2.1 name EQUIPOS_DC1
ip route 10.101.12.0/24 172.16.2.1 name EQUIPOS_DC1
ip pim rp-address 10.102.1.1 group-list 224.0.0.0/4
ip pim ssm range 232.0.0.0/8
vlan 1,12,1001-1002
vlan 12
vn-segment 121212
vlan 1001
vn-segment 900001
vlan 1002
vn-segment 900002

route-map NEXT-HOP-UNCHANGED permit 10
set ip next-hop unchanged
route-map a permit 10
match ip address a
route-map unchanged permit 10
set ip next-hop unchanged
vrf context TENANT-BANRURAL
vni 121212
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
vrf context management

interface Vlan1

interface Vlan12
no shutdown
vrf member TENANT-BANRURAL
ip forward

interface nve1
no shutdown
host-reachability protocol bgp
source-interface loopback0
global mcast-group 239.0.0.1 L2
multisite border-gateway interface loopback4
member vni 121212 associate-vrf
member vni 900001
multisite ingress-replication
ingress-replication protocol bgp
member vni 900002
multisite ingress-replication
ingress-replication protocol bgp

interface Ethernet1/1
description SPINE_SITE_XLEAF_SITE_1
no switchport
ip address 10.102.102.1/30
ip ospf network point-to-point
ip router ospf UNDERLAY_102 area 0.0.0.0
ip pim sparse-mode
evpn multisite fabric-tracking
no shutdown

interface Ethernet1/2
no switchport
ip address 172.16.2.2/30
ip router ospf DCI area 0.0.0.0
evpn multisite dci-tracking
no shutdown

interface loopback0
description Routing_ID_ANYCAST
ip address 10.102.1.1/32
ip router ospf UNDERLAY_102 area 0.0.0.0

interface loopback1
description VTEP ID
ip address 10.102.12.1/32
ip router ospf UNDERLAY_102 area 0.0.0.0

interface loopback4
ip address 172.17.102.1/30
ip router ospf DCI area 0.0.0.0
ip pim sparse-mode
line console
line vty
boot nxos bootflash:/nxos.9.2.3.bin
router ospf DCI
router-id 172.17.102.1
router ospf UNDERLAY_102
router-id 10.102.1.1
network 10.102.1.1/32 area 0.0.0.0
network 10.102.102.0/30 area 0.0.0.0
router bgp 65102
router-id 10.102.1.1
address-family ipv4 unicast
address-family l2vpn evpn
nexthop route-map unchanged
template peer VTEP-PEERS
remote-as 65102
update-source loopback0
address-family ipv4 unicast
send-community
send-community extended
route-reflector-client
address-family l2vpn evpn
send-community
send-community extended
route-reflector-client
neighbor 10.102.1.2
inherit peer VTEP-PEERS
neighbor 172.17.101.1
remote-as 65101
update-source loopback4
ebgp-multihop 5
peer-type fabric-external
address-family l2vpn evpn
send-community
send-community extended
rewrite-evpn-rt-asn
evpn
vni 900001 l2
rd auto
route-target import auto
route-target export auto
vni 900002 l2
rd auto
route-target import auto
route-target export auto

SITE2_LEAF

SITE2_LEAF1# sh run

!Command: show running-config
!Running configuration last done at: Fri May 10 14:31:35 2019
!Time: Fri May 10 15:09:33 2019

version 9.2(3) Bios:version
hostname SITE2_LEAF1
vdc SITE2_LEAF1 id 1
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 511
limit-resource u4route-mem minimum 128 maximum 128
limit-resource u6route-mem minimum 96 maximum 96
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8

nv overlay evpn
feature ospf
feature bgp
feature pim
feature interface-vlan
feature vn-segment-vlan-based
feature nv overlay

username admin password 5 $5$TkZisnlL$fjPNZWVKwqCvSfRC775jzVYrgXeq.8Dr4qZec9uXNj
9 role network-admin
ip domain-lookup
system jumbomtu 9000
copp profile strict
snmp-server user admin network-admin auth md5 0x9f53aa2d952e6a7e7338e2e658c8c3dc
priv 0x9f53aa2d952e6a7e7338e2e658c8c3dc localizedkey
rmon event 1 description FATAL(1) owner PMON@FATAL
rmon event 2 description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 description ERROR(3) owner PMON@ERROR
rmon event 4 description WARNING(4) owner PMON@WARNING
rmon event 5 description INFORMATION(5) owner PMON@INFO

fabric forwarding anycast-gateway-mac 0000.1111.2222
ip route 0.0.0.0/0 10.102.102.1
ip route 10.101.1.0/24 10.102.102.1 name EQUIPOS_DC1
ip route 10.101.12.0/24 10.102.102.1 name EQUIPOS_DC1
ip pim rp-address 10.102.1.1 group-list 224.0.0.0/4
ip pim ssm range 232.0.0.0/8
vlan 1,12,1001-1002,1021-1022
vlan 12
vn-segment 121212
vlan 1001
vn-segment 900001
vlan 1002
vn-segment 900002
vlan 1021
vn-segment 9000021
vlan 1022
vn-segment 9000022

vrf context TENANT-BANRURAL
vni 121212
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
vrf context management

interface Vlan1

interface Vlan12
no shutdown
vrf member TENANT-BANRURAL
ip forward

interface Vlan1001
no shutdown
vrf member TENANT-BANRURAL
ip address 192.168.120.1/24
fabric forwarding mode anycast-gateway

interface Vlan1002
no shutdown
vrf member TENANT-BANRURAL
ip address 192.168.121.1/24
fabric forwarding mode anycast-gateway

interface Vlan1021
no shutdown
vrf member TENANT-BANRURAL
ip address 192.168.220.1/24
fabric forwarding mode anycast-gateway

interface Vlan1022
no shutdown
vrf member TENANT-BANRURAL
ip address 192.168.221.1/24
fabric forwarding mode anycast-gateway

interface nve1
no shutdown
host-reachability protocol bgp
source-interface loopback0
global mcast-group 239.0.0.1 L2
member vni 121212 associate-vrf
member vni 900001
ingress-replication protocol bgp
member vni 900002
ingress-replication protocol bgp
member vni 9000021
member vni 9000022

interface Ethernet1/1
description SPINE_SITE_XLEAF_SITE_1
no switchport
ip address 10.102.102.2/30
ip ospf network point-to-point
ip router ospf UNDERLAY_102 area 0.0.0.0
ip pim sparse-mode
no shutdown

interface Ethernet1/2
switchport access vlan 1001

interface loopback0
description Routing_ID_ANYCAST
ip address 10.102.1.2/32
ip router ospf UNDERLAY_102 area 0.0.0.0
ip pim sparse-mode

interface loopback1
description VTEP_ID
ip address 10.102.12.2/32
ip router ospf UNDERLAY_102 area 0.0.0.0
ip pim sparse-mode
line console
line vty
boot nxos bootflash:/nxos.9.2.3.bin
router ospf UNDERLAY_102
router-id 10.102.1.2
network 10.102.1.2/32 area 0.0.0.0
network 10.102.12.2/32 area 0.0.0.0
network 10.102.102.0/30 area 0.0.0.0
router bgp 65102
router-id 10.102.1.2
address-family ipv4 unicast
address-family l2vpn evpn
neighbor 10.102.1.1
remote-as 65102
update-source loopback0
address-family ipv4 unicast
send-community
send-community extended
address-family l2vpn evpn
send-community
send-community extended
vrf TENANT-BANRURAL
evpn
vni 900001 l2
rd auto
route-target import auto
route-target export auto
vni 900002 l2
rd auto
route-target import auto
route-target export auto
vni 9000021 l2
rd auto
route-target import auto
route-target export auto
vni 9000022 l2
rd auto
route-target import auto
route-target export auto