01-01-2023 09:29 AM - edited 01-01-2023 09:31 AM
Hi In VxLAN configuation. some of them are differenct with normal. for example, the below two PC do not need to configure default gateway. Its fine because both PC think they are in the same subnet and send traffic through a tunnel between two VTEP. but if these PC want to access other devices in different subnet, how to configure the default gateway? thanks
01-01-2023 09:36 AM
friend your example the PC have same Subnet so there is no need for GW.
but if there are different then GW can config in
1- in both leaf VTEP
2- in Spine
3- in FW, do make FW inspect the traffic
01-01-2023 11:15 AM
@MHM Cisco World Thanks for your reply. If PC01 ip address is 192.168.21.1, how can we configure the default gateway in VTEP01 , or leaf or other to access PC02? do you have link to share?
01-01-2023 11:59 AM - edited 01-01-2023 12:20 PM
Hi,
here is simple example for VXLAN configuring:
https://networklessons.com/cisco/ccnp-encor-350-401/vxlan-flood-and-learn-with-multicast
here is another example:
In this example, multicast data packets are transported securely between source and destination routers, via Virtual Tunnel Endpoints VTEP1 and VTEP2.
VTEP1:
ip multicast-routing distributed ip pim rp-address 10.1.1.1 interface loopback 1 ip address 10.1.1.1 255.255.255.255 ip pim sparse-dense mode interface NVE 1 no shutdown source interface loopback 1 member VNI 5010 multicast-group 225.1.1.1 interface GigabitEthernet 3
ip address 11.1.1.1 255.255.255.0 ip pim sparse-dense-mode interface GiagabitEthernet 1
service instance 1 ethernet encapsulation dot1q 100 bridge-domain 10 member VNI 5010 member GiagabitEthernet 1 service-instance 1
VTEP2:
ip multicast-routing distributed ip pim rp-address 10.1.1.1 interface loopback 1 ip address 12.1.1.1 255.255.255.255 ip pim sparse-dense mode interface NVE 1 no shutdown source interface loopback 1 member VNI 5010 multicast-group 225.1.1.1 interface GigabitEthernet 3
ip address 15.1.1.1 255.255.255.0 ip pim sparse-dense-mode interface GiagabitEthernet 1
service instance 1 ethernet encapsulation dot1q 100 bridge-domain 10 member VNI 5010 member GiagabitEthernet 1 service-instance 1
In this example, unicast data packets are transported securely between source and destination routers, via Virtual Tunnel Endpoints. This example is similar to the multicast example, except that it uses the unicast command member VNI 5010 instead of the multicast command member VNI 5010 multicast-group 225.1.1.1.
VTEP1:
interface loopback 1 ip address 10.1.1.1 255.255.255.255 interface NVE 1 no shutdown source interface loopback 1 member VNI 5010 ingress-replication 12.1.1.1 interface GigabitEthernet 3
ip address 11.1.1.1 255.255.255.0 interface GigabitEthernet 1
service instance 1 ethernet encapsulation dot1q 100 bridge-domain 10 member VNI 5010 member GigabitEthernet 1 service-instance 1
VTEP2:
interface loopback 1 ip address 12.1.1.1 255.255.255.255 interface NVE 1 no shutdown source interface loopback 1 member VNI 5010 ingress-replication 10.1.1.1 interface GigabitEthernet 3
ip address 15.1.1.1 255.255.255.0 interface GigabitEthernet 1
service instance 1 ethernet encapsulation dot1q 100 bridge-domain 10 member VNI 5010 member GiagabitEthernet 1 service-instance 1
01-02-2023 07:59 AM - edited 01-02-2023 10:53 AM
If both PC01 and PC02 have a different subnet ip address, its possible for both PC01 and PC02 ping each other under this topology?
@pman I think the configuration you mentioned above cannot answer the issue, right?
01-03-2023 02:37 AM
Hi
To configure default-gateway, configure this in both vtep
fabric forwarding anycast-gateway-mac 000a.000b.000c <<<< this ensure both vtep have same mac-adress for GW
interface vlan <nr>
vrf member <name>
ip address 192.178.12.254/24
fabric forwarding mode anycast-gateway
with this config in both vtep, both client can locally reach its default gateway, and also if you move a client to other side the gw ip and mac is the same
/Mikael
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide