Cisco Nexus 9000 Series Configuration Manual page 28

Nx-os vxlan

Hide thumbs Also See for Nexus 9000 Series:

Configuration manual (562 pages)

Troubleshooting manual (126 pages)

Quick start configuration manual (6 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

page of 182

/ 182
Contents
Table of Contents
Bookmarks

Table of Contents

Guidelines and Limitations for VXLAN

• VPC peers must have identical configurations.

• For multicast, the VPC node that receives the (S, G) join from the RP (rendezvous point) becomes the

DF (designated forwarder). On the DF node, encap routes are installed for multicast.

Decap routes are installed based on the election of a decapper from between the VPC primary node and

the VPC secondary node. The winner of the decap election is the node with the least cost to the RP.

However, if the cost to the RP is the same for both nodes, the VPC primary node is elected.

The winner of the decap election has the decap mroute installed. The other node does not have a decap

route installed.

• On a VPC device, BUM traffic (broadcast, unknown-unicast, and multicast traffic) from hosts is replicated

on the peer-link. A copy is made of every native packet and each native packet is sent across the peer-link

to service orphan-ports connected to the peer VPC switch.

To prevent traffic loops in VXLAN networks, native packets ingressing the peer-link cannot be sent to

an uplink. However, if the peer switch is the encapper, the copied packet traverses the peer-link and is

sent to the uplink.

Note

• When peer-link is shut, the loopback interface used by NVE on the VPC secondary is brought down

and the status is Admin Shut. This is done so that the route to the loopback is withdrawn on the upstream

and that the upstream can divert all traffic to the VPC primary.

Note

• When peer-link is no-shut, the NVE loopback address is brought up again and the route is advertised

upstream, attracting traffic.

• For VPC, the loopback interface has 2 IP addresses: the primary IP address and the secondary IP address.

The primary IP address is unique and is used by Layer 3 protocols.

The secondary IP address on loopback is necessary because the interface NVE uses it for the VTEP IP

address. The secondary IP address must be same on both vPC peers.

• The VPC peer-gateway feature must be enabled on both peers.

As a best practice, use peer-switch, peer gateway, ip arp sync, ipv6 nd sync configurations for improved

convergence in VPC topologies.

Cisco Nexus 9000 Series NX-OS VXLAN Configuration Guide, Release 7.x

◦ Consistent VLAN to VN-segment mapping.

◦ Consistent NVE1 binding to the same loopback interface

◦ Using the same secondary IP address.

◦ Using different primary IP addresses.

◦ Consistent VNI to group mapping.

Each copied packet is sent on a special internal VLAN (VLAN 4041).

Orphans connected to the VPC secondary will experience loss of traffic for the period

that the peer-link is shut. This is similar to Layer 2 orphans in a VPC secondary of a

traditional VPC setup.

Configuring VXLAN

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Cisco Nexus 9000 Series Configuration Manual page 28

Hide quick links:

Related Manuals for Cisco Nexus 9000 Series

Related Products for Cisco Nexus 9000 Series

Table of Contents