Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
886
Views
5
Helpful
5
Replies

Default gateway in XvLAN

interfacedy
Spotlight
Spotlight

‎01-01-2023 09:29 AM - edited ‎01-01-2023 09:31 AM

Hi In VxLAN configuation. some of them are differenct with normal. for example, the below two PC do not need to configure default gateway. Its fine because both PC think they are in the same subnet and send traffic through a tunnel between two VTEP. but if these PC want to access other devices in different subnet, how to configure the default gateway? thanks

 

2.PNG

0 Helpful
5 Replies 5

MHM Cisco World
VIP
VIP

‎01-01-2023 09:36 AM

friend your example the PC have same Subnet so there is no need for GW. 
but if there are different then GW  can config in 
1- in both leaf VTEP 
2- in Spine 
3- in FW, do make FW inspect the traffic

0 Helpful

interfacedy
Spotlight
Spotlight

‎01-01-2023 11:15 AM

@MHM Cisco World Thanks for your reply. If PC01 ip address is 192.168.21.1, how can we configure the default gateway in VTEP01 , or leaf or other to access PC02? do you have link to share? 

pman
Spotlight
Spotlight

‎01-01-2023 11:59 AM - edited ‎01-01-2023 12:20 PM

Hi,

here is simple example for VXLAN configuring:

https://networklessons.com/cisco/ccnp-encor-350-401/vxlan-flood-and-learn-with-multicast

 

here is another example:

vtep2vtep.PNG

https://content.cisco.com/chapter.sjs?uri=/searchable/chapter/content/dam/en/us/td/docs/routers/csr1000/software/vxlan/m_csr-vxlan-support-book.html.xml

Multicast Example for Configuring the Cisco CSR 1000v as a VxLAN Layer 2 Gateway

In this example, multicast data packets are transported securely between source and destination routers, via Virtual Tunnel Endpoints VTEP1 and VTEP2.

VTEP1:

ip multicast-routing distributed
ip pim rp-address 10.1.1.1
interface loopback 1
    ip address 10.1.1.1 255.255.255.255
    ip pim sparse-dense mode
interface NVE 1
    no shutdown
    source interface loopback 1
    member VNI 5010 multicast-group 225.1.1.1 
interface GigabitEthernet 3    
    ip address 11.1.1.1 255.255.255.0
    ip pim sparse-dense-mode
interface GiagabitEthernet 1    
       service instance 1 ethernet
       encapsulation dot1q 100
bridge-domain 10
    member VNI 5010
    member GiagabitEthernet 1 service-instance 1

VTEP2:

ip multicast-routing distributed
ip pim rp-address 10.1.1.1
interface loopback 1
    ip address 12.1.1.1 255.255.255.255
    ip pim sparse-dense mode
interface NVE 1
    no shutdown
    source interface loopback 1
    member VNI 5010 multicast-group 225.1.1.1 
interface GigabitEthernet 3    
    ip address 15.1.1.1 255.255.255.0
    ip pim sparse-dense-mode
interface GiagabitEthernet 1    
    service instance 1 ethernet
    encapsulation dot1q 100
bridge-domain 10
    member VNI 5010
    member GiagabitEthernet 1 service-instance 1

Unicast Example for Configuring the Cisco CSR 1000v as a VxLAN Layer 2 Gateway

In this example, unicast data packets are transported securely between source and destination routers, via Virtual Tunnel Endpoints. This example is similar to the multicast example, except that it uses the unicast command member VNI 5010 instead of the multicast command member VNI 5010 multicast-group 225.1.1.1.

 

VTEP1:

interface loopback 1
    ip address 10.1.1.1 255.255.255.255
interface NVE 1
    no shutdown
    source interface loopback 1
    member VNI 5010
        ingress-replication 12.1.1.1
interface GigabitEthernet 3    
        ip address 11.1.1.1 255.255.255.0
interface GigabitEthernet 1    
        service instance 1 ethernet
        encapsulation dot1q 100
bridge-domain 10
    member VNI 5010
    member GigabitEthernet 1 service-instance 1

VTEP2:

interface loopback 1
    ip address 12.1.1.1 255.255.255.255
interface NVE 1
    no shutdown
    source interface loopback 1
    member VNI 5010
        ingress-replication 10.1.1.1
interface GigabitEthernet 3    
        ip address 15.1.1.1 255.255.255.0
interface GigabitEthernet 1    
        service instance 1 ethernet
        encapsulation dot1q 100
bridge-domain 10
    member VNI 5010
    member GiagabitEthernet 1 service-instance 1
0 Helpful

interfacedy
Spotlight
Spotlight

‎01-02-2023 07:59 AM - edited ‎01-02-2023 10:53 AM

If both PC01 and PC02 have a different subnet ip address, its possible for both PC01 and PC02 ping each other under this topology? 

@pman I think the configuration you mentioned above cannot answer the issue, right? 

 

0 Helpful

mlund
Level 7
Level 7

‎01-03-2023 02:37 AM

Hi

To configure default-gateway, configure this in both vtep

fabric forwarding anycast-gateway-mac 000a.000b.000c  <<<< this ensure both vtep have same mac-adress for GW

interface vlan <nr>

vrf member <name>

ip address 192.178.12.254/24

fabric forwarding mode anycast-gateway

with this config in both vtep, both client can locally reach its default gateway, and also if you move a client to other side the gw ip  and mac is the same 

/Mikael

0 Helpful
Customers Also Viewed These Support Documents