Deployment Guide
Table Of Contents
- VXLAN and BGP EVPN Configuration Guide for Dell EMC SmartFabric OS10 Release 10.5.2
- VXLAN
- VXLAN concepts
- VXLAN as NVO solution
- Configure VXLAN
- L3 VXLAN route scaling
- DHCP relay on VTEPs
- View VXLAN configuration
- VXLAN MAC addresses
- Example: VXLAN with static VTEP
- Controller-provisioned VXLAN
- BGP EVPN for VXLAN
- BGP EVPN compared to static VXLAN
- VXLAN BGP EVPN operation
- Configure BGP EVPN for VXLAN
- BGP EVPN with VLT
- VXLAN BGP EVPN routing
- Example: VXLAN with BGP EVPN
- Example: VXLAN BGP EVPN — Multiple AS topology
- Example: VXLAN BGP EVPN — Centralized L3 gateway
- Example: VXLAN BGP EVPN — Border leaf gateway with asymmetric IRB
- Example: VXLAN BGP EVPN—Symmetric IRB
- Example - VXLAN BGP EVPN symmetric IRB with unnumbered BGP peering
- Example - Route leaking across VRFs in a VXLAN BGP EVPN symmetric IRB topology
- Example: Migrating from Asymmetric IRB to Symmetric IRB
- VXLAN MAC commands
- clear mac address-table dynamic nve remote-vtep
- clear mac address-table dynamic virtual-network
- show mac address-table count extended
- show mac address-table count nve
- show mac address-table count virtual-network
- show mac address-table extended
- show mac address-table nve
- show mac address-table virtual-network
- VXLAN BGP commands
- VXLAN commands
- hardware overlay-routing-profile
- interface virtual-network
- ip virtual-router address
- ip virtual-router mac-address
- member-interface
- nve
- remote-vtep
- show hardware overlay-routing-profile mode
- show interface virtual-network
- show nve remote-vtep
- show nve remote-vtep counters
- show nve vxlan-vni
- show virtual-network
- show virtual-network counters
- show virtual-network interface counters
- show virtual-network interface
- show virtual-network vlan
- show vlan (virtual network)
- source-interface loopback
- virtual-network
- virtual-network untagged-vlan
- vxlan-vni
- VXLAN EVPN commands
- Support resources
- Index
Configure the same VLTi VLAN ID on both VLT peers. You cannot use the ID of an existing VLAN on a VLT peer or the
reserved untagged VLAN ID. You can use the VLTi VLAN ID to assign tagged or untagged access interfaces to a virtual
network.
virtual-network vn-id
vlti-vlan vlan-id
● Although a VXLAN virtual network has no access port members that connect to downstream servers, you must configure
a switch-scoped VLAN or VLTi VLAN. The presence of this VLAN ensures that the VLTi link is added as a member of the
virtual network so that mis-hashed ARP packets received from the VXLAN tunnel reach the intended VLT node.
Best practices:
● If a VLT peer loses connectivity to the underlay L3 network, it continues to transmit routing traffic to the network through
the VLTi link on a dedicated L3 VLAN to the other VLT peer. Configure a L3 VLAN between VLT peers in the underlay
network and enable routing on the VLAN; for example:
OS10(config)# interface vlan4000
OS10(config-if-vl-4000)# no shutdown
OS10(config-if-vl-4000)# ip address 41.1.1.1/24
OS10(config-if-vl-4000)# ip ospf 1 area 0.0.0.0
● To reduce traffic loss when a VLT peer boots up and joins an existing VLT domain, or when the VLTi links fails and the VLT
peer is still up as detected by the VLT heartbeat, create an uplink state group. Configure all access VLT port channels on the
peer as upstream links. Configure all network-facing links as downstream link. For example:
OS10(config)# uplink-state-group 1
OS10(conf-uplink-state-group-1)# enable
OS10(conf-uplink-state-group-1)# downstream ethernet1/1/1-1/1/2
OS10(conf-uplink-state-group-1)# upstream port-channel 10
Configuration notes
All Dell EMC PowerSwitches except MX-Series, S4200-Series, S5200 Series, and Z9332F-ON:
To check mismatch of MAC address table entries between VLT peers, use the show vlt mac-inconsistency command. To
identify mismatches in VLT configuration on peer switches, use the show vlt domain-name mismatch command.
OS10# show vlt-mac-inconsistency
Checking Vlan 228 .. Found 7 inconsistencies .. Progress 100%
VLAN 128
----------
MAC 00:00:00:00:00:02 is missing from Node(s) 2
VLAN 1
----------
MAC 00:a0:c9:00:00:18 is missing from Node(s) 2
MAC 00:a0:c9:00:00:20 is missing from Node(s) 2
VLAN 131
----------
MAC 00:00:00:00:00:02 is missing from Node(s) 2
VLAN 132
----------
MAC 00:00:00:00:00:02 is missing from Node(s) 2
VLAN 135
----------
MAC 00:00:00:00:00:02 is missing from Node(s) 2
VLAN 137
----------
MAC 00:00:00:00:00:02 is missing from Node(s) 2
Run "show vlt d1 mismatch ..." commands to identify configuration issues
L3 VXLAN route scaling
The S4100-ON series, S5200-ON series, S4048T-ON, S4248-ON series, and S6010-ON switches support native VxLAN routing
— routing in and out of tunnels (RIOT). RIOT requires dedicated hardware resources reserved for overlay routing. You cannot
use these dedicated resources for underlay routing.
14
VXLAN