Module 2: Verify VXLAN Bridging & Routing
In this module we’re going to leverage a pre-configured ESXi management interface to issue simultaneous ping tests for intra-VXLAN and inter-VXLAN routing verification to your VNI default gateways in your Tenant.
- Return now to the successfully booted ESXi hosts. Press F2 on your first ESXi host and login.
Login Name: root
Password: cisco.123
- Using the down arrow key, arrow down to Test Management Network and press Enter:
- Verify IP connectivity to both your Anycast Gateways.
| Tenant | Default Gateway |
|---|---|
Return to your Nexus 9300 Series Switches for the VXLAN verifications.
- Use
show l2route evpn mac-ip allto verify L2RIB EVPN learning:
POD-0-Leaf-# show l2route evpn mac-ip all
Topology ID Mac Address Prod Host IP Next Hop (s)
----------- -------------- ---- --------------------------------------- ---------------
11 0025.b500.aa00 HMM 10.0.11.01 N/A
11 0025.b509.aa00 BGP 10.0.11.91 9.9.9.56
12 0025.b500.aa02 HMM 10.0.12.01 N/A
12 0025.b509.aa02 BGP 10.0.12.91 9.9.9.56
21 0025.b500.ba00 HMM 20.0.21.01 N/A
21 0025.b509.ba00 BGP 20.0.21.91 9.9.9.56
22 0025.b500.ba02 HMM 20.0.22.01 N/A
22 0025.b509.ba02 BGP 20.0.22.91 9.9.9.56
POD-0-Leaf-#
Lets examine the MultiPod host routes learned from our pre-configured Pod9.
- On the VTEPs verify NVE peers using
show nve peers. As more PODs are configured, this list of peers should grow. You will see POD-9 by default:
POD-0-Leaf-# show nve peers
Interface Peer-IP State LearnType Uptime Router-Mac
--------- --------------- ----- --------- -------- -----------------
nve1 9.9.9.56 Up CP 00:03:56 64f6.9def.008d
POD-0-Leaf-#
- Verify VTEP MP-BGP EVPN summary information using
show bgp l2vpn evpn summary:
POD--Leaf-A# show bgp l2vpn evpn summary
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 0.0.0.4, local AS number 65000
BGP table version is 1072, L2VPN EVPN config peers 2, capable peers 2
32 network entries and 60 paths using 7024 bytes of memory
BGP attribute entries [16/2496], BGP AS path entries [1/6]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
0.0.0.1 4 65000 65566 65358 1072 0 0 6w3d 16
0.0.0.2 4 65000 65439 65320 1072 0 0 6w3d 16
POD-0-Leaf-A#
- On the VTEPs verify routes within your Tenant using
show ip route vrf tenant-b:
POD-0-Leaf-B# show ip route vrf tenant-b
IP Route Table for VRF "tenant-b"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%< string>' in via output denotes VRF < string>
20.0.21.0/24, ubest/mbest: 1/0, attached
*via 20.0.21.1, Vlan21, [0/0], 01:37:25, direct
20.0.21.1/32, ubest/mbest: 1/0, attached
*via 20.0.21.1, Vlan21, [0/0], 01:37:25, local
20.0.21.91/32, ubest/mbest: 1/0
*via 9.9.9.56%default, [200/0], 00:01:04, bgp-65001, internal,
tag 65009 (evpn) segid: 20020 tunnelid: 0x9090905 encap: VXLAN
20.0.22.0/24, ubest/mbest: 1/0, attached
*via 20.0.22.1, Vlan22, [0/0], 01:37:24, direct
20.0.22.1/32, ubest/mbest: 1/0, attached
*via 20.0.22.1, Vlan22, [0/0], 01:37:24, local
20.0.22.91/32, ubest/mbest: 1/0
*via 9.9.9.56%default, [200/0], 00:01:21, bgp-65001, internal,
tag 65009 (evpn) segid: 20020 tunnelid: 0x9090905 encap: VXLAN
POD-0-Leaf-B#
- Verify the IP connectivity between your pod and the preconfigured POD-9 using your extended tenant overlay with VXLAN Multi-Pod.
| Tenant | Default Gateway |
|---|---|
Upon successful pings you will have performed VXLAN bridging and routing. You can view example Wireshark pcaps below (Note: these were taken from Pod1 Tenant-A; simply replace the annotations with your VNI(s), IP address(es), and MAC address(es):
VXLAN Bridging pcap:
VXLAN Routing pcap:
Congratulations on completing the Cisco Data Center – Instructor-Led Lab
If you wish to proceed please speak with an instructor!
If you have time remaining in the lab you can perform Optional Lab 9 – OTV. If you would like to perform this please speak with an instructor. We will work with you to use an NXAPI Python script to backout the VXLAN Multi-Pod configuration, otherwise you will have a loop!. If you compelte Optional Lab 9 – OTV you will leverage the proven OTV as a DCI to extend between VXLAN data centers.