Cisco Nexus 9000 Series Configuration Manual page 24

Guidelines and Limitations for VXLAN
• Beginning with Cisco NX-OS Release 7.0(3)I6(1), VXLAN is supported on Cisco Nexus 3232C and
3264Q switches. Cisco Nexus 3232C and 3264Q switches do not support inter-VNI routing.
IGMP snooping on VXLAN enabled VLANs is not supported in Cisco Nexus 3232C and 3264Q switches.
VXLAN with flood and learn and Layer 2 EVPN is supported in Cisco Nexus 3232C and 3264Q switches.
• Bind NVE to a loopback address that is separate from other loopback addresses that are required by
Layer 3 protocols. A best practice is to use a dedicated loopback address for VXLAN. This best practice
should be applied not only for the VPC VXLAN deployment, but for all VXLAN deployments.
• When SVI is enabled on a VTEP (flood and learn or EVPN), make sure that ARP-ETHER TCAM is
carved using the hardware access-list tcam region arp-ether 256 CLI command. This is not applicable
to Cisco 9200 and 9300-EX Series switches and Cisco 9500 Series switches with 9700-EX line cards.
• show commands with the internal keyword are not supported.
• FEX ports do not support IGMP snooping on VXLAN VLANs.
• Beginning with Cisco NX-OS Release 7.0(3)I4(2), VXLAN is supported for the Cisco Nexus
93108TC-EX and 93180YC-EX switches and for Cisco Nexus 9500 Series switches with the X9732C-EX
line card.
• DHCP snooping (Dynamic Host Configuration Protocol snooping) is not supported on VXLAN VLANs.
• SPAN TX for VXLAN encapsulated traffic is not supported for the Layer 3 uplink interface.
• RACLs are not supported on Layer 3 uplinks for VXLAN traffic. Egress VACLs support is not available
for de-capsulated packets in the network to access direction on the inner payload.
As a best practice, use PACLs/VACLs for the access to the network direction.
• QoS classification is not supported for VXLAN traffic in the network to access direction on the Layer
3 uplink interface.
• The QoS buffer-boost feature is not applicable for VXLAN traffic.
• For 7.0(3)I1(2) and earlier, VXLAN SVI uplinks are not supported over underlying Layer 2 VPC ports.
• For 7.0(3)I1(2) and earlier, a VXLAN SVI uplink VLAN cannot be a member of the peer-link.
• For 7.0(3)I1(2), Cisco Nexus 9500 series switches do not support VXLAN tunnel endpoint functionality,
however they can be used as spines .
• VTEP does not support Layer 3 subinterface uplinks that carry VxLAN encapsulated traffic.
• Layer 3 interface uplinks that carry VxLAN encapsulated traffic do not support subinterfaces for
non-VxLAN encapsulated traffic.
• Non-VxLAN sub-interface VLANs cannot be shared with VxLAN VLANs.
• For 7.0(3)I2(1) and later, subinterfaces on 40G (ALE) uplink ports are not supported on VXLAN VTEPs.
• Point to multipoint Layer 3 and SVI uplinks are not supported. Since both uplink types can only be
enabled point-to-point, they cannot span across more than two switches.
• For 7.0(3)I2(1) and later, a FEX HIF (FEX host interface port) is supported for a VLAN that is extended
with VXLAN.
• In an ingress replication VPC setup, Layer 3 connectivity is needed between vPC peer devices. This
aids the traffic when the Layer 3 uplink (underlay) connectivity is lost for one of the vPC peers.
• Rollback is not supported on VXLAN VLANs that are configured with the port VLAN mapping feature.
Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 7.x
12
Configuring VXLAN