SlideShare a Scribd company logo

How to configure and manage cisco nexus switch

A
atingupta21

VXLAN (Virtual Extensible LAN) extends layer 2 networks over a layer 3 infrastructure, allowing for the flexible placement of workloads and supporting up to 16 million segments. It utilizes MAC-in-UDP encapsulation and operates with VXLAN Tunnel Endpoints (VTEPs) for encapsulation and decapsulation of packets between layer 2 and layer 3 interfaces. The control plane for VXLAN can be multicast-based or utilize MP-BGP EVPN for more efficient MAC address learning and reduced flooding in the network.

Education
1 of 38
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
How to configure and manage cisco nexus switch
VxLan
What is VxLan - Virtual Extensible LAN (VXLAN) - provides a way to extend Layer 2 networks across a Layer 3 infrastructure - uses MAC-in-UDP encapsulation and tunneling.
Benefits of VxLan - This feature enables virtualized and multitenant data center fabric designs over a shared common physical infrastructure. - Flexible placement of workloads across the data center fabric. It provides a way to extend Layer 2 segments over the underlying shared Layer 3 network infrastructure. workloads can be placed across physical pods in a single data center or even across several geographically divers data centers. - Higher scalability to allow more Layer 2 segments. VXLAN uses a 24-bit segment ID, the VXLAN network identifier (VNID). This allows a maximum of 16 million VXLAN segments to coexist in the same administrative domain. Traditional VLANs use a 12-bit segment ID that can support a maximum of 4096 VLANs. - Optimized utilization of available network paths in the underlying infrastructure. VXLAN packets are transferred through the underlying network based on their Layer 3 headers. They use ECMP routing and link aggregation protocols to use all available paths. In contrast, a Layer 2 network might block valid forwarding paths in order to avoid loops.
VxLan Header Format
VXLAN defines a MAC-in-UDP encapsulation scheme Original Layer 2 frame has a VXLAN header added Then placed in a UDP-IP packet. VXLAN uses an 8-byte VXLAN header that consists of a 24-bit VNID and a few reserved bits. The VXLAN header, together with the original Ethernet frame, go inside the UDP payload. The 24-bit VNID is used to identify Layer 2 segments and to maintain Layer 2 isolation between the segments. With all 24 bits in the VNID, VXLAN can support 16 million LAN segments.
Regular Ethernet Frame
VID = 12 bits Therefore, only 4096 vlans can be used Further some are reserved
VNID = 24 bits Therefore, 16 million VNI can be used
VxLan Terminology
How to configure and manage cisco nexus switch
VTEP VXLAN tunnel endpoints (VTEPs) are devices that terminate VXLAN tunnels. They perform VXLAN encapsulation and de-encapsulation. Each VTEP has two interfaces. One is a Layer 2 interface on the local LAN segment to support a local endpoint communication through bridging. The other is a Layer 3 interface on the IP transport network. The IP interface has a unique address that identifies the VTEP device in the transport network. The VTEP device uses this IP address to encapsulate Ethernet frames and transmit the packets on the transport network. A VTEP discovers other VTEP devices that share the same VNIs it has locally connected. It advertises the locally connected MAC addresses to its peers. It also learns remote MAC Address-to-VTEP mappings through its IP interface.
VTEP Interfaces
VxLan Underlay and Overlay
Underlying IP network, called underlay network, is independent of the VXLAN overlay. The underlay network forwards the VXLAN encapsulated packets based on the outer IP address header. The outer IP address header has the initiating VTEP's IP interface as the source IP address and the terminating VTEP's IP interface as the destination IP address. The purpose of the underlay in the VXLAN fabric is to advertise the reachability of VTEP and to give a fast and reliable transport for the VXLAN traffic
VxLan Overlay Types - L2 overlay - L3 overlay
VxLan Distributed Anycast gateway
Distributed Anycast Gateway refers to the use of default gateway addressing that uses the same IP and MAC address across all the leafs that are a part of a VNI. This ensures that every leaf can function as the default gateway for the workloads directly connected to it. The distributed Anycast Gateway functionality is used to facilitate flexible workload placement, and optimal traffic forwarding across the VXLAN fabric.
VxLan Control Plane
VxLan control Plane - Multicast Flood and Learn - MPBGP EVPN
Flood and Learn Multicast-Based Learning Control Plane When configuring VXLAN with a multicast based control plane, every VTEP configured with a specific VXLAN VNI joins the same multicast group. Each VNI could have its own multicast group, or several VNIs can share the same group. The multicast group is used to forward broadcast, unknown unicast, and multicast (BUM) traffic for a VNI. The multicast configuration must support Any-Source Multicast (ASM) or PIM BiDir. Learning VTEPs only learn local MAC addresses of devices that are directly connected to them. Remote MAC address to VTEP mappings are learned via conversational learning.
VXLAN MPBGP EVPN Control Plane When the local switch sees the new MAC/IP, it signals the new location to rest of the network. Eliminate or reduce flooding in the data center. Flooding is reduced by distributing MAC reachability information via MP-BGP EVPN to optimize flooding relating to L2 unknown unicast traffic. Optimization of reducing broadcasts associated with ARP is achieved by distributing the necessary information via MPBGP EVPN. The information is then cached at the access switches. The MPBGP EVPN control plane approach provides: • IP reachability information for endpoints • Distribution of host MAC reachability reduces unknown unicast flooding. • Distribution of host IP/MAC bindings helps local ARP suppression. • Host mobility. • A single address family (MPBGP EVPN) to distribute both L2 and L3 route reachability information.
VxLan vni mapping
Vlan to VNID mapping
Vlan to VNID mapping - different vlan mapping
Vlan to VNID mapping - Overlapping Vlan mapping across tenants
VRF to VNID mapping
Building Multicast VxLan
Steps to build Multicast Vxlan 1. Build underlay 2. Configure ip reachability between Vtep 3. Configure multicast to allow flood and learn 4. Configure nve
MP BGP Control Plane
MPBGP EVPN - Allows for vtep peer discovery and authentication - This control plane mechanism allows us to overcome security risks - Vtep 1st establishes BGP neighbor adjacency with other vteps / RRs - Then BGP updates includes vtep info and end host NLRI - When BGP updates are received, Peer List is also formed - This peer list is also used as Vtep Peer List for authorization
MPBGP EVPN steps - Step1: local vtep completes local learning - Step2: local vtep advertises learned info to remote vteps using BGP - Step3: local vtep also receives info from remote vteps using BGP
Comparison of control plane
Packet Flow
Vxlan Configuration commands
How to configure and manage cisco nexus switch
How to configure and manage cisco nexus switch
How to configure and manage cisco nexus switch

More Related Content

PDF
VXLAN BGP EVPN: Technology Building Blocks
APNIC
 
PPTX
VXLAN_Presentation_overlay-technology.pptx
siya89308
 
PDF
Xpress path vxlan_bgp_evpn_appricot2019-v2_
Jide Akintola JNCIE-M&T/SP #496 CCIE-SP#28552
 
PDF
Virtual Extensible LAN (VXLAN)
KHNOG
 
PDF
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
Indonesia Network Operators Group
 
PPTX
VXLAN
SAliyev1
 
PDF
VXLAN Design and Deployment.pdf
NelAlv1
 
PDF
EVPN Introduction
Bangladesh Network Operators Group
 
VXLAN BGP EVPN: Technology Building Blocks
APNIC
 
VXLAN_Presentation_overlay-technology.pptx
siya89308
 
Xpress path vxlan_bgp_evpn_appricot2019-v2_
Jide Akintola JNCIE-M&T/SP #496 CCIE-SP#28552
 
Virtual Extensible LAN (VXLAN)
KHNOG
 
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
Indonesia Network Operators Group
 
VXLAN
SAliyev1
 
VXLAN Design and Deployment.pdf
NelAlv1
 
EVPN Introduction
Bangladesh Network Operators Group
 

Similar to How to configure and manage cisco nexus switch (20)

PPTX
Vxlan deep dive session rev0.5 final
KwonSun Bae
 
PPTX
VXLAN in Data Centers and use cases.pptx
abdullahteleng
 
PDF
PLNOG15: Is there something less complicated than connecting two LAN networks...
PROIDEA
 
PPTX
Automate programmable fabric in seconds with an open standards based solution
Tony Antony
 
PDF
Virtual Extensible LAN VXLAN A Practical guide to VXLAN solution Second Editi...
joteytaheer
 
PDF
VxLAN.pdf
vinaykumar947680
 
PPT
Ethernet protocol
Tom Chou
 
PPTX
Vxlan control plane and routing
Wilfredzeng
 
PPTX
Introduction to vxlan
Mohammed Umair
 
DOCX
What is cisco bgp control plane for vxlan
IT Tech
 
PDF
VXLAN: Enhancements and Network Integration
Eddie Parra
 
PPTX
10.) vxlan
Jeff Green
 
PDF
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-Netzwerkstack
Maximilan Wilhelm
 
PPTX
VXLAN in the contemporary data center
Anthony Chow
 
PPTX
Branching out with SDN
APNIC
 
PPT
Vlan
sanss40
 
PDF
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebula Project
 
PDF
Virtual lan
Abhishek Kesharwani
 
PDF
Sharing session of cisco BRKDCN 1.6.4.5.pdf
pintudunia
 
PDF
Dell networking vxlan 2.3
Stanley Chan
 
Vxlan deep dive session rev0.5 final
KwonSun Bae
 
VXLAN in Data Centers and use cases.pptx
abdullahteleng
 
PLNOG15: Is there something less complicated than connecting two LAN networks...
PROIDEA
 
Automate programmable fabric in seconds with an open standards based solution
Tony Antony
 
Virtual Extensible LAN VXLAN A Practical guide to VXLAN solution Second Editi...
joteytaheer
 
VxLAN.pdf
vinaykumar947680
 
Ethernet protocol
Tom Chou
 
Vxlan control plane and routing
Wilfredzeng
 
Introduction to vxlan
Mohammed Umair
 
What is cisco bgp control plane for vxlan
IT Tech
 
VXLAN: Enhancements and Network Integration
Eddie Parra
 
10.) vxlan
Jeff Green
 
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-Netzwerkstack
Maximilan Wilhelm
 
VXLAN in the contemporary data center
Anthony Chow
 
Branching out with SDN
APNIC
 
Vlan
sanss40
 
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebula Project
 
Virtual lan
Abhishek Kesharwani
 
Sharing session of cisco BRKDCN 1.6.4.5.pdf
pintudunia
 
Dell networking vxlan 2.3
Stanley Chan
 
Ad

Recently uploaded (20)

PDF
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
PPTX
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
PPTX
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
PDF
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
PPTX
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
PPTX
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
PPTX
Pharma ospi slides which help in ospi learning
rameetkumar304
 
PPTX
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
PDF
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
PDF
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
PPTX
Institutional Correction lecture only . . .
limvtheghins
 
PDF
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
PDF
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
PDF
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
PDF
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
PDF
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
PPTX
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PPTX
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
Pharma ospi slides which help in ospi learning
rameetkumar304
 
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
Institutional Correction lecture only . . .
limvtheghins
 
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
Ad

How to configure and manage cisco nexus switch

  • 3. What is VxLan - Virtual Extensible LAN (VXLAN) - provides a way to extend Layer 2 networks across a Layer 3 infrastructure - uses MAC-in-UDP encapsulation and tunneling.
  • 4. Benefits of VxLan - This feature enables virtualized and multitenant data center fabric designs over a shared common physical infrastructure. - Flexible placement of workloads across the data center fabric. It provides a way to extend Layer 2 segments over the underlying shared Layer 3 network infrastructure. workloads can be placed across physical pods in a single data center or even across several geographically divers data centers. - Higher scalability to allow more Layer 2 segments. VXLAN uses a 24-bit segment ID, the VXLAN network identifier (VNID). This allows a maximum of 16 million VXLAN segments to coexist in the same administrative domain. Traditional VLANs use a 12-bit segment ID that can support a maximum of 4096 VLANs. - Optimized utilization of available network paths in the underlying infrastructure. VXLAN packets are transferred through the underlying network based on their Layer 3 headers. They use ECMP routing and link aggregation protocols to use all available paths. In contrast, a Layer 2 network might block valid forwarding paths in order to avoid loops.
  • 6. VXLAN defines a MAC-in-UDP encapsulation scheme Original Layer 2 frame has a VXLAN header added Then placed in a UDP-IP packet. VXLAN uses an 8-byte VXLAN header that consists of a 24-bit VNID and a few reserved bits. The VXLAN header, together with the original Ethernet frame, go inside the UDP payload. The 24-bit VNID is used to identify Layer 2 segments and to maintain Layer 2 isolation between the segments. With all 24 bits in the VNID, VXLAN can support 16 million LAN segments.
  • 8. VID = 12 bits Therefore, only 4096 vlans can be used Further some are reserved
  • 9. VNID = 24 bits Therefore, 16 million VNI can be used
  • 12. VTEP VXLAN tunnel endpoints (VTEPs) are devices that terminate VXLAN tunnels. They perform VXLAN encapsulation and de-encapsulation. Each VTEP has two interfaces. One is a Layer 2 interface on the local LAN segment to support a local endpoint communication through bridging. The other is a Layer 3 interface on the IP transport network. The IP interface has a unique address that identifies the VTEP device in the transport network. The VTEP device uses this IP address to encapsulate Ethernet frames and transmit the packets on the transport network. A VTEP discovers other VTEP devices that share the same VNIs it has locally connected. It advertises the locally connected MAC addresses to its peers. It also learns remote MAC Address-to-VTEP mappings through its IP interface.
  • 15. Underlying IP network, called underlay network, is independent of the VXLAN overlay. The underlay network forwards the VXLAN encapsulated packets based on the outer IP address header. The outer IP address header has the initiating VTEP's IP interface as the source IP address and the terminating VTEP's IP interface as the destination IP address. The purpose of the underlay in the VXLAN fabric is to advertise the reachability of VTEP and to give a fast and reliable transport for the VXLAN traffic
  • 16. VxLan Overlay Types - L2 overlay - L3 overlay
  • 18. Distributed Anycast Gateway refers to the use of default gateway addressing that uses the same IP and MAC address across all the leafs that are a part of a VNI. This ensures that every leaf can function as the default gateway for the workloads directly connected to it. The distributed Anycast Gateway functionality is used to facilitate flexible workload placement, and optimal traffic forwarding across the VXLAN fabric.
  • 20. VxLan control Plane - Multicast Flood and Learn - MPBGP EVPN
  • 21. Flood and Learn Multicast-Based Learning Control Plane When configuring VXLAN with a multicast based control plane, every VTEP configured with a specific VXLAN VNI joins the same multicast group. Each VNI could have its own multicast group, or several VNIs can share the same group. The multicast group is used to forward broadcast, unknown unicast, and multicast (BUM) traffic for a VNI. The multicast configuration must support Any-Source Multicast (ASM) or PIM BiDir. Learning VTEPs only learn local MAC addresses of devices that are directly connected to them. Remote MAC address to VTEP mappings are learned via conversational learning.
  • 22. VXLAN MPBGP EVPN Control Plane When the local switch sees the new MAC/IP, it signals the new location to rest of the network. Eliminate or reduce flooding in the data center. Flooding is reduced by distributing MAC reachability information via MP-BGP EVPN to optimize flooding relating to L2 unknown unicast traffic. Optimization of reducing broadcasts associated with ARP is achieved by distributing the necessary information via MPBGP EVPN. The information is then cached at the access switches. The MPBGP EVPN control plane approach provides: • IP reachability information for endpoints • Distribution of host MAC reachability reduces unknown unicast flooding. • Distribution of host IP/MAC bindings helps local ARP suppression. • Host mobility. • A single address family (MPBGP EVPN) to distribute both L2 and L3 route reachability information.
  • 24. Vlan to VNID mapping
  • 25. Vlan to VNID mapping - different vlan mapping
  • 26. Vlan to VNID mapping - Overlapping Vlan mapping across tenants
  • 27. VRF to VNID mapping
  • 29. Steps to build Multicast Vxlan 1. Build underlay 2. Configure ip reachability between Vtep 3. Configure multicast to allow flood and learn 4. Configure nve
  • 30. MP BGP Control Plane
  • 31. MPBGP EVPN - Allows for vtep peer discovery and authentication - This control plane mechanism allows us to overcome security risks - Vtep 1st establishes BGP neighbor adjacency with other vteps / RRs - Then BGP updates includes vtep info and end host NLRI - When BGP updates are received, Peer List is also formed - This peer list is also used as Vtep Peer List for authorization
  • 32. MPBGP EVPN steps - Step1: local vtep completes local learning - Step2: local vtep advertises learned info to remote vteps using BGP - Step3: local vtep also receives info from remote vteps using BGP