Cisco NX-OS EVPN-VXLAN: configuration walkthrough (Nexus 9000)

A working Cisco NX-OS EVPN-VXLAN configuration on Nexus 9000 in 7 steps. Tested pattern used in production fabrics.

Features to enable

feature ospf
feature bgp
feature pim
feature interface-vlan
feature vn-segment-vlan-based
feature nv overlay
feature fabric forwarding
nv overlay evpn

Underlay (OSPF + multicast or ingress replication)

router ospf UNDERLAY
  router-id 10.0.0.11
interface loopback0
  ip address 10.0.0.11/32
  ip router ospf UNDERLAY area 0

NVE interface and loopback

interface loopback1
  ip address 10.0.1.11/32
  ip router ospf UNDERLAY area 0
interface nve1
  no shutdown
  host-reachability protocol bgp
  source-interface loopback1

L2 VNI and L3 VNI

vlan 10
  vn-segment 10010
vlan 999
  vn-segment 50000  ! L3 VNI for VRF TENANT-A
vrf context TENANT-A
  vni 50000
  rd auto
  address-family ipv4 unicast
    route-target both auto evpn
interface nve1
  member vni 10010
    suppress-arp
    ingress-replication protocol bgp
  member vni 50000 associate-vrf

Anycast gateway

fabric forwarding anycast-gateway-mac 0000.2222.3333
interface vlan 10
  no shutdown
  vrf member TENANT-A
  ip address 10.10.10.1/24
  fabric forwarding mode anycast-gateway

BGP EVPN overlay

router bgp 65001
  neighbor 10.0.0.1 remote-as 65001
    update-source loopback0
    address-family l2vpn evpn
      send-community extended
  vrf TENANT-A
    address-family ipv4 unicast
      advertise l2vpn evpn

Verification

• show nve peers — VTEP adjacencies.
• show bgp l2vpn evpn summary — BGP EVPN sessions up.
• show l2route evpn mac all — MACs learned via EVPN.
• show ip route vrf TENANT-A — Type 5 routes installed.

Drill NX-OS EVPN troubleshooting in a TechLeague tournament.

Related reading

• Evpn Vxlan Explained
• How EVPN works: control plane, route types and forwarding
• VXLAN IRB: symmetric vs asymmetric, when to use which
• VTEP and VNI explained: the building blocks of VXLAN
• Cisco Aci Vs Nxos Vxlan