Cisco VxLAN with BGP EVPN Part 2 Underlay and L2VNI configuration on IOS-XE

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello everyone welcome to season two in the previous section we have talked about the overview of VX land with BGP VPN control plane how it works and what are the different ways it can learn the MAC addresses from the remote switches we also briefly talked about the advantages of VX LAN over the traditional spanning tree we in the in this session we also talked briefly about the topology what you're going to use in the lab now in the coming sessions we are going to deep dive into the lab we are going to take a deeper look into how to build up a network with VX LAN eb pn bgp evpn we will take a look at the underlay first we will make sure that unicast is working we will configure the multicast and once we verify everything is working fine in the underlay we are going to move to VX land l2v ni configuration in the next session we will take a look at the l3 VNA configuration as well where we can route the packets between the VLANs and finally we will take a look at the route type v configuration where we can make the VX LAN network talk to any of type in it work and that that will pretty much conclude our our whole module here so before we get into the sea alive let me bring up the topology once more just to make sure your family with it so this is the topology what we have we have a V type one where we have a client connected it connects to a router in between which is acting as my route reflector BGP route reflector which is going to reflect the evpn routes from one v type to another we tip this is going to be all ibgp then we have V tip 2 so V tip 2 has client connected which is both in B than 10 and VLAN 20 we have V type 3 and beta for V tip 3 has a client connected which is having all which is in VLAN 20 then we dip for a client is connected which is external IP network this is neither in Valencian arborlon 20 shall be 2 for configuration we are going to take a look at that later on not right now the first task for us would be within the bus box we want to make sure that the vdf one can reach be tip to be tip 3 V 2 F 4 and the router reflector of course in the bitumen then we will configure the multicast as well we will configure this route reflector in between as a multicast around 0 point in M production Network you might want to have redundant route reflector I'm sorry it doesn't rendezvous point using the MSTP but here you don't need that you I mean in the lab environment just for the example I'm using only one and once that produced an then we will see how to configure the overlay now here and again just to reiterate the V type 1 it is connected to only VLAN 10 client it doesn't have any VLAN 20 and then on VD up 3 it doesn't have any be tab VLAN 10 it has only the client in VLAN 20 but only the B type 2 which has the clients both in VLAN 10 and VLAN 20 okay that's the final communication how it will be so the end goal is to make sure we can pin from 192 168 n dot 11 to this gender' 21 this will be the goal of l2 VNA configurations once we are done with the l3 very configuration we want to make sure we can pin from 10.11 to xx dot 21 as well and xx dot 31 as well and then vice versa okay alright let's now get into the CL eyes so and the in the left side the leftmost 1 this is my client what we talked about it is in it has different interface was configured in different in VR apps just to make sure I'm keeping it separate and I have simulated this particular device as a client of different clients it has different ports connected to all the different switches we have seen in between and it is basically emulated as a client then we have the beat up one then we have the router flitter we have beat up to be type 3 and beta 4 it is in the same order as you have seen in the topology now the first thing sure run interface look back zero I want to make sure that my V tapes they can talk to each other to the loopback I have configured the wispy of already there is nothing fancy in that that's the reason I didn't want to show it to you you can see that under under the loopback I have ways we have configured also in the physical interface which is connecting my we kept one to the router reflector and other connector connections we have physical connection and the logical layer three connections I have configured voice PF on those interfaces and finally if you do a show run section router wise PF you can see I have configured out or SPF and if I now try li separate even in the configuration nothing fancy here and we have the same configuration on all these four routers if you go to router for if you do a show run interface to geek 1:02 this is the interface which is network interface connecting the core facing the core and if you do a show run section router OSPF if you do a show run interface look back 0 you can see that I have configured to SPI here the same thing here or now the 3 if I do a show run section router base via show run interface look back 0 the same configuration you can see on pretty much all the devices here in between now if my roast beef is working I should be able to ping across them the loopback of the B type one is 1000 one they look back on Vita to is 1000 2 and so on so the loopback of beat f4 is 1000 for let me try to pin that with the source of my look back it is working let's test it for the B type 3 feet up to and also for the router flector which is 1000 in between okay at this time since my unique as basic connectivity is working fine the next step for me would be to contribute the multicast for multicast as I talked about we initially we will make the router thicker in between as a bond thickness rendezvous point so pretty much follow me to do on the other routers is first I'll go to config T on all the routers and I'll configure IP multicast routing after that I'll go to interface also under the loopback 0 I need to configure that because I'm using the loopback as a source and I need to configure IP in sparse mode here ok and then I will go to the respective interfaces which is cool facing interface and I will configure the IP PM sparse mode on this guy it would be poor channel 1 - poor channel 2 if you look at the topology if this PDF 2 has two interfaces sorry it has no portugal one poor channel 2 is what i need to configure this on for channel 2 IP PM sparse mode and then to keek 1:05 and 2 gig 1:06 will go to be type 3 in beta 3 on video for only 22 gig 1 0 2 on the router engagement which is route reflective on both portal 1 and portal do I need to configure this [Music] additionally since I want to make it a rout a rendezvous point I need to configure the RP candidate I'm using the BSL so that my tunnel can be configured dynamically now let me run this command show IP beam Part B mapping on all the routers and let's make sure that they all know about the rendezvous point now because this is important without that multicast is not going to work and this is 1000 9 V tip 1 V tip to 1000 9 V tip three 1000 9 V f4 1000 9 so you can see that all of them they can see that out reflector router as a rendezvous point as well so we can pretty much confirm that multicast basic configuration is done now at this point of time I think we are good enough to start building the V excellent over the configuration that we need let's take a quick look at the topology once more here you have 1 1 0 1 interface on B tip 1 let's focus on beat f1 first we will configure the required things here and after that we will copy the configuration we'll make the changes and we will put it on other vtf switches all we need to do is we need to first of course this port is definitely under a VLAN interface of villain 10 we will need to create l2 VPN EVP in instance for VLAN 10 we will need to configure the router targets because as you are going to exchange the routes through the evpn you need to make sure that you have the right route targets configured which you can use to import the routes this is pretty similar to your VPN IP vrf configuration you have the router to get configured and then you import the router target from the VPN before address family based on that outer gate have very similar concept here this is l2 we are talking about l2 Vienna we don't have any IP vrf but we have El TEB VPN instance and under that we will configure the router gates to achieve the similar kind of functionality and after that we will map the VLAN number the actual villain number ten with the V and I what we talked about in the first session and then finally we will configure the overlay so let's take a look at that in action what we have here in this sport this is actually port number one okay this is port number one you can see that this is connected to my switch this is basically immolated as a client if you do a show MAC address table interface keep one zero one you can see that I am just learning the one MAC address in began ten I need to go to l2 vbn evpn I need to define the router ID I'm going to do the loopback zero and the replication type is going to be static that's the only option I have in grace I cannot do actually even ingress is something what you do when you want to do ahead and replication but that's something we will not do here I will replicate inside static we want to map the replication multicast group we will going to bind that multicast group to one specific BNI we will look into that when we do the overlay configuration then we will configure the UPN instance this is instance number ten encapsulation is going to be VX LAN then you define the route targets both import and export this may this route target it has to match on all the V tapes where you want to configure or where you want to extend is broadcast domain to right you can give any name so this is for Valente and so let me give a name Jane : and then the BNI number let me choose the number one zero zero zero one zero in the water out rocket the route distinguisher I am NOT defining because it can be selected or it can be determined by the system itself automatically so I am going to skip it then we will go to VLAN configuration ten and then we need to map this VRI number two this VLAN she will do a member a VPN instance 10 and vni 1 0 0 0 1 0 this is my BNI number this is how I'm mapping it manually so VLAN 10 is now the BNI 1 0 0 10 so whenever my V type 1 is going to send the packet to V tip 2 for this particular client in VLAN 10 it is going to strip off VLAN 10 and it's going to put the V ni number 1 0 0 0 1 0 then on the remote side whenever it receives it it knows that if it means to be processed in VLAN 10 it will do the reverse mapping and that's what we are configuring manually here so quite a bit of manual configuration you need to put here so now that my European instance is built and my villain configuration is built as well I'll go to interface NV 1 this is going to be my overall interface like we do for tunnel 0 for GRE or maybe for dmvpn and interface overlay 1 for ot V here interface NV 1 which is network virtualization age you do a source interface look back 0 this is where this is the V tape source ID ok the host Chris ability protocol is BGP we are going to build the control plane based on the bgp evpn we need to map the member here the member via 9 1 0 0 0 1 0 it enter and then you need to define the multicast group what we talked about that application type if the V DEP one needs to send a broadcast packet to to the network over the IP then it will basically send it to a multicast group and then whoever is tuned to the group they will receive the traffic and that's the reason your multicast was needed to be working in the underlay so to 3900 on 0 I'm choosing any IP address I want and then finally doing a no-shit we will review the configuration what we are doing before that let me go to router bgp I already have some basic configuration built you can see that I have configured outer bgp 10 i have defined the neighbor 1000 9 i'm only defining it the router effector neighbored here i do not need to configure full mesh what I will do now is router bgp 10 I need to create a new address family which is l2 VPN evpn so if you have done VPLS you know that you can configure l2 VPN VPLS but here we are going to do a VPN when you can activate the neighbor which is the router reflector in my case and also we will do a send community both because all these router gates what you are talking about that the labels for the V and I this all will be mapped to your it'd be sent over as an external community so we have to make sure we do send community both and now if you look at the entire configuration what we have done show l2 VPN and VLAN configuration plus router bgp and env1 let me copy this configuration and let me put it in a notepad so if you if you not look at this this is all I have I have first configured the L 2 VPN a VPN I have defined that application type and the router ID then I have configured L 2 VPN instance specifically for banan 10 if I had multiple VLANs I in took I needed to configure the same thing for multiple instances we will do that when we do it on me tip 2 because we tip 2 has both VLAN 10 and VLAN 20 then I am going to map my Villa number with the vni number after that I configured the Oval interface I define the source interface as loopback 0 the host possibility protocol is my bgp evpn and then i'm going to bind the member vni with this multicast group the reason I need to define the multicast group is even though a VPN is going to advertise all the layer 2 information proactively but still if my host needs to send a broadcast packet let's say ARP then you will need to forward the packet to a group right or if there is any silent also you will need to forward the packet to the multicast group then under the router bgp 10 this part is already configured so I'm not doing this little still keep it here then address family enter VPN a VPN this is the only thing I'm adding I'm going to activate the member 1000 9 which is the route reflect our IP address and then the same community extended so let me write the configuration here on p1 on the p2 on the V tip - if you look at this topology on the V tip - since we have both the clients VLAN 10 and VLAN 20 I need to do the same thing but additionally for VLAN 20 as well let me try to edit it out here so so our router - what I will do I will keep this configuration same it is not going to be different since it also has a VLAN 20 local presence I will configure the instance 4-wheeler number 20 I will give a different router get name this to make sure I understand what is what for like what we mapped for we need to map the veena number for VLAN 20 as well the interface nv1 I need to configure the mapping for BNI 20 also you can use the same multicast group but you don't want to keep the flooding domain same for all the villains right so better to use another multicast group here under the router bgp the configuration is not going to be the same different because you are just configuring it for out reflector the router ID will be now 1000 - because I am going to configure this on V tip - so that's the configuration of the HP and globally then the instance number for billion ten beyond 20 then map it for both feelings in an VLAN 20 then you configure the overlay where do you map the configuration and then in the BGP where you configure the router flexure and you define the address family for a TPM let me copy and let me paste the configuration into V tip number two now if you go to we tip number three if you look at the topology I have only be done 20 I don't need to have been ant in there so what I will do is I don't need to be lenten I will remove this for VLAN 20 this is all I need sorry I do not need VLAN 20 so you can see that quite a few reputation of the configuration if you have it built for one beat up you can easily edit and you can modify the other bit of configuration it will be 1000 3 I'm not going to do anything on beat f4 as I talked about we will take a look at that after we are done with the l3 VNA configuration so as of now that's pretty much all you need to do for me tip number 3 which is only villa number 20 will go to VF 3 I'll put it here now we need to make sure we configure this on the router to router reflect out of it or as well I already pre-configured that let me show you the configuration I have here there is no VX land specific configuration on the router vector just simple BGP on the routing and the multicast you can see I have defined a template for ibgp policy I configured that as a router flitter client sent community extended and then I have defined all the neighbors ten one with F 1 B 2 B 2 F 3 and Vita 4 and then I just defined them in the el-din the l3 VPN address family that's it now if you go to the Vita routers if you do a show bgp l 2 VPN evpn summary you can say that I have one neighbor up which is the router plectrum let's go to VM to me tip 3 beta for me therefore I have not configured sorry so we type 1 2 & 3 you can see your EVP and address families now build if you do a show env appear you can see your env interfaces up if you do a show and B and then if you keep the vni number 1 0 0 0 1 0 and detail it says that it is up in the layer to the layer - it says ipv4 is down because my I'm not doing any l3 BNI configuration right now but my this is my local VNA information ok it says about the packet counters if you do show the route the same command show V and n V 1 0 0 detail on bit number 2 you can do the same thing for 20 as well because here you have defined both 10 and 20 so now at this point of time if you want to ping from this client 10.11 to 10.20 1 which is behind b type 1 and we tip to let's see how it is working so if I go to this route guy this client here show IP ARP one eighty to one sixty eight dot 10.20 one there is nothing let me try to ping now 192 168 and not 21 and it is working if I do a show IP ARP this is the MAC address of my interface which is for 10.20 one if we go here and do a show BGP to tell to VPN a VPN you can see that this is my route distinguish a table which is 1000 won my IP address dot ten and you can see i have learnt to host routes one is 10.11 which is connected to me directly and you can see that it has nothing mentioned here which means it is my own on the own router who is Iowan who own that this is my wait because you know in BGP you followed always locally oriented route you put a weight of three two seven six eight that's what we have done here but if you look at 10.20 one which is a remote route you are learning it from the v tip number 1000 - that is the reason it is important to make sure you have connectivity to it between the v tips because now when the client when this v tip one is going to route the packet for this destination and this MAC address it is going to encapsulate the packet with our destination IP of 1000 - so if you don't have a disability there it's going to break similarly if you run the same command on all the software's here you could rule out number two you can see that on the router number two also be tip 2 also for this 1000 - it has learned 21 and 10.11 now if I go to this client here 10.20 row 21 let me see if I can reach 20 or 31 which is over site number three or maybe let me go to site number three and let me try to reach ten or 20 or 21 which is inside number two as you can see that I have configured all the although all the basically clients are on the same switch but it is all in the different DRS so xx dot 31 if I do show run interface 1:06 if I try to ping from this vrf to 192 168 20 or 21 which is behind another V tip this is working so at this part of time we can confirm that the l2 disability is there between all the V tips we depth sorry between all that lines here 10:00 to 11:00 it can reach 1021 and then 2021 it can reach 20 31 however if you now try to reach paying 100 to 160 8.20 dot 21 which is in another VN i you cannot reach that so for that we will need to configure the l3 VNA and then we will take a look at the configuration in the next session thank you for watching I will come back sure

Info

Channel: CiscoGuy_CCIE

Views: 4,936

Rating: undefined out of 5

Keywords: Cisco, vxlan, evpn, bgp, networking, overlay, catalyst 9k, ios-xe, configuration

Id: R_lAJNnri08

Channel Id: undefined

Length: 27min 0sec (1620 seconds)

Published: Sun May 17 2020