This topic is to discuss the following lesson:
Can you explain this but using 2 or more spine switches?
Hello Dimas
The configuration doesn’t change much if you add more spine switches. The Leaf switch configurations remain the same. If you have two or more spine switches, you simply have to ensure that you have configured EVPN as the overlay, and that you have configured BGP using the L2VPN EVPN address family. As long as BGP has converged, your network will function.
This is an excellent exercise that you can try out in an emulator. It will definitely help you to gain a deeper understanding of the intricacies involved in VXLAN MP-BGP EVPN configurations. If you do so, let us know how you get along!
I hope this has been helpful!
Laz
You can also use this topology:
I’m breaking down the different VXLAN topics into separate examples. If we only need one spine switch to explain a topic, I’ll use one. We’ll add more complex topologies where we combine different topics later.
Rene
Sholdn’t be member vni 10020 under nve on Leaf2 config? 10010 is written.
Hello Funda
You are correct. Under the final configurations for each device, the member vni command should show a value of 10020 and not 10010 as is indicated. The values are correct in the lesson, but not inthe final config. I will let Rene know to make the correction.
Thanks for pointing that out!
Laz
1 Like
How would you recommend building a WAN to interconnect multiple fabrics ,strictly l3vni, that span across different physical datacenters
Hello Nicolas
There are various ways to implement such a topology, and which you will choose will depend upon many additional factors. You do mention however that you want to use Layer 3 communication across multiple VNIs, so you are talking about a VXLAN topology.
Note that VXLAN is typically used within datacenters and cloud infrastructure which typically have very high speed and highly reliable communication paths. If you want to span VXLAN across WAN links, those WAN links should be high throughput robust links too. For this reason, using MPLS or SD-WAN with a reliable physical infrastructure is a good approach. If you would like something more specific, can you share with us more details about the topology and purpose of your network? That will help to zero in on technologies that will suit your requirements.
I hope this has been helpful!
Laz
HI Laz,
Thanks for the input. Any reason why you would run VXLAN over MPLS as opposed to doing something like evpn multsite with point-to-point links that connect border gateways leveraging some type of full-mesh eBGP? In a particular cisco white paper they mentioned using a route server. https://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/white-paper-c11-739942.html
Notice below I have two Leaf Border GWs that are connected to the spines and between border gateways. We want to run VXLAN so that layer 3 communication between each respective VLAN in each DC can take place
I’ve read a few articles about evpn multisite but it seems the recommendation is to only go with that approach when you have 2 DCs , not 3 or anything more…
Hello Nicolas
Your questions require a little bit more insight than just responding to them in a forum post, so I created a NetworkLessons note on the topic of choosing a technology for a multi-datacenter topology.
Concerning your particular diagram, which includes border gateways between the DCs, the VXLAN over MPLS approach with route servers would probably work efficiently for this setup. This ensures that the Layer 3 connectivity across VLANs between all DCs is handled cleanly without introducing additional EVPN MS complexity, especially with the higher number of DCs.
On the contrary, EVPN multisite could become challenging as you expand to three or more data centers.
I hope this and the NetworkLessons note have been helpful for you!
Laz
Greetings,
can you build the same topology but without Mcast?
Hello Aqeel
In this lesson, multicast was not employed. As stated by Rene, you don’t need multicast for this particular topology because we are only initiating inter-VNI traffic, which means such traffic will be routed.
However, if you were to create such a topology and you had intra-VNI traffic (i.e. traffic within the same Layer 2 domain across multiple VTEPs) you would still need multicast. Not to learn the MAC addresses, since that is taken care of by MP-BGP EVPN. But to deal with the rest of the BUM traffic (Broadcast, Unknown unicast, and Multicast) that may exist on the network. More about this can be found in the introduction to this lesson:
I hope this has been helpful!
Laz
Hi Laz,
thanks for the reply.
what about the command mcast-group 239.1.1.1 under the nve 1 interface, why do I need it ?
Hello Aqeel
Indeed you are correct. In this lesson, Rene has configured the mcast-group command in the NVE1 interface to acomodate BUM traffic. However, it is possible to eliminate this if you use static ingress replication. The mcast-group command would be replaced by the following in the NVE interfaces of all partipating Leaf switches:
LEAF1(config-if-nve-vni)# ingress-replication protocol static
LEAF1(config-if-nve-vni-ingr-rep)# peer-ip 2.2.2.2
Details about this can be found in the following lesson:
I hope this has been helpful!
Laz
Hi Laz,
thanks for the reply.
what if i replace it with ‘ingress-replication protocol bgp’ , in this case, I will not need static peer or Mcast? correct.
also can you add a senario on how we can use evpn with RD and RT configuration?
Hello Aqeel
Yes, using ingress-replication protocol bgp under the NVE interface eliminates the need for static VTEP peer definitions or multicast infrastructure. This however requires that you have set up BGP EVPN.
BGP EVPN learns VTEP IPs dynamically through the EVPN route-type 3 (Inclusive Multicast Ethernet Tag) advertisements. Each VTEP announces its reachability, and peers auto-populate their NVE peer tables.
You can make your suggestion to Rene directly using the following page:
There you will find all of the suggestions made by our users, and you may find that others have made similar suggestions, so you can add your voice to theirs.
I hope this has been helpful!
Laz
Laz,
Thanks and appreciate your quick and helpful respond.