VXLAN BGP EVPN – Basic Concepts – Underlay

Today we will be building the underlay for our VXLAN the underlay uses two different routing protocols BGP and one other of your choice (static, RIP, OSPF, EIGRP, IS-IS(Which is used by ACI)), I have chosen to use OSPF.

First step is to build the basic connectivity we will use VLSM I have chosen four main subnets:

  • 192.168.0.0/24 – this will be broken down into /32 ranges and assigned to loopback 0
  • 192.168.1.0/24 – this will be broken down into /32 ranges and assigned to loopback 1
  • 10.1.0.0/24 – this will be broken down into /30 ranges and assigned to Leaf links that connect to SPINE1
  • 10.2.0.0/24 – this will be broken down into /30 ranges and assigned to Leaf links that connect to SPINE2

Once base connectivity has been built we will start with OSPF this gives us our base routing connectivity for BGP, we are looking to only get Loopback 0 for each switch in the routing table on all switches.

SPINE1:

feature ospf

router ospf UNDERLAY
  router-id 192.168.0.1

interface loopback0
  ip router ospf UNDERLAY area 0.0.0.0

interface Ethernet1/1
  ip router ospf UNDERLAY area 0.0.0.0

interface Ethernet1/2
  ip router ospf UNDERLAY area 0.0.0.0

SPINE2:

feature ospf

router ospf UNDERLAY
  router-id 192.168.0.2

interface loopback0
  ip router ospf UNDERLAY area 0.0.0.0

interface Ethernet1/1
  ip router ospf UNDERLAY area 0.0.0.0

interface Ethernet1/2
  ip router ospf UNDERLAY area 0.0.0.0

LEAF1:

feature ospf

router ospf UNDERLAY
  router-id 192.168.0.3

interface loopback0
  ip router ospf UNDERLAY area 0.0.0.0

interface Ethernet1/1
  ip router ospf UNDERLAY area 0.0.0.0

interface Ethernet1/2
  ip router ospf UNDERLAY area 0.0.0.0

Leaf2:

feature ospf

router ospf UNDERLAY
  router-id 192.168.0.4

interface loopback0
  ip router ospf UNDERLAY area 0.0.0.0

interface Ethernet1/1
  ip router ospf UNDERLAY area 0.0.0.0

interface Ethernet1/2
  ip router ospf UNDERLAY area 0.0.0.0

Once this is finished make sure OSPF is in FULL/BDR state and that the loopbacks are in the routing table.

LEAF1# show ip route ospf
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

10.1.0.4/30, ubest/mbest: 1/0
    *via 10.1.0.2, Eth1/1, [110/80], 00:45:23, ospf-UNDERLAY, intra
10.2.0.4/30, ubest/mbest: 1/0
    *via 10.2.0.2, Eth1/2, [110/80], 00:45:14, ospf-UNDERLAY, intra
192.168.0.1/32, ubest/mbest: 1/0
    *via 10.1.0.2, Eth1/1, [110/41], 00:45:23, ospf-UNDERLAY, intra
     via 192.168.0.1, [200/0], 00:26:03, bgp-65536, internal, tag 65536 (hidden)
192.168.0.2/32, ubest/mbest: 1/0
    *via 10.2.0.2, Eth1/2, [110/41], 00:45:14, ospf-UNDERLAY, intra
     via 192.168.0.2, [200/0], 00:26:01, bgp-65536, internal, tag 65536 (hidden)
192.168.0.4/32, ubest/mbest: 2/0
    *via 10.1.0.2, Eth1/1, [110/81], 00:43:41, ospf-UNDERLAY, intra
    *via 10.2.0.2, Eth1/2, [110/81], 00:43:41, ospf-UNDERLAY, intra
     via 192.168.0.4, [200/0], 00:23:49, bgp-65536, internal, tag 65536 (hidden)

LEAF1# show ip ospf nei
 OSPF Process ID UNDERLAY VRF default
 Total number of neighbors: 2
 Neighbor ID     Pri State            Up Time  Address         Interface
 192.168.0.1       1 FULL/DR          00:45:34 10.1.0.2        Eth1/1 
 192.168.0.2       1 FULL/DR          00:45:25 10.2.0.2        Eth1/2 

Next we will build the BGP this is for the loopbacks only to make sure all leaf loopbacks are reachable from every switch. The Spine switches will act as Route Reflectors for the Leaf switches, remember the spines do not communicate with each other.

SPINE1:

feature bgp

router bgp 65536
  address-family ipv4 unicast
    network 192.168.0.1/32
    network 192.168.1.1/32
  neighbor 192.168.0.3
    remote-as 65536
    update-source loopback0
    address-family ipv4 unicast
      route-reflector-client
  neighbor 192.168.0.4
    remote-as 65536
    update-source loopback0
    address-family ipv4 unicast
      route-reflector-client

SPINE2:

feature bgp

router bgp 65536
  address-family ipv4 unicast
    network 192.168.0.2/32
    network 192.168.1.2/32
  neighbor 192.168.0.3
    remote-as 65536
    update-source loopback0
    address-family ipv4 unicast
      route-reflector-client
  neighbor 192.168.0.4
    remote-as 65536
    update-source loopback0
    address-family ipv4 unicast
      route-reflector-client

Leaf1:

feature bgp

router bgp 65536
  address-family ipv4 unicast
    network 192.168.0.3/32
    network 192.168.1.3/32
  neighbor 192.168.0.1
    remote-as 65536
    update-source loopback0
    address-family ipv4 unicast
  neighbor 192.168.0.2
    remote-as 65536
    update-source loopback0
    address-family ipv4 unicast

Leaf2:

feature bgp

router bgp 65536
  address-family ipv4 unicast
    network 192.168.0.4/32
    network 192.168.1.4/32
  neighbor 192.168.0.1
    remote-as 65536
    update-source loopback0
    address-family ipv4 unicast
  neighbor 192.168.0.2
    remote-as 65536
    update-source loopback0
    address-family ipv4 unicast

Once that is completed make sure the Leaf’s have established neighbor-ship to the SPINE’s:

LEAF1# show ip bgp sum
BGP summary information for VRF default, address family IPv4 Unicast
BGP router identifier 192.168.0.3, local AS number 65536
BGP table version is 15, IPv4 Unicast config peers 2, capable peers 2
8 network entries and 10 paths using 2040 bytes of memory
BGP attribute entries [4/656], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [2/8]

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
192.168.0.1     4 65536      44      41       15    0    0 00:35:10 4         
192.168.0.2     4 65536      44      41       15    0    0 00:35:09 4         
LEAF1# show ip route bgp
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

192.168.1.1/32, ubest/mbest: 1/0
    *via 192.168.0.1, [200/0], 00:35:15, bgp-65536, internal, tag 65536
192.168.1.2/32, ubest/mbest: 1/0
    *via 192.168.0.2, [200/0], 00:35:13, bgp-65536, internal, tag 65536
192.168.1.4/32, ubest/mbest: 1/0
    *via 192.168.0.4, [200/0], 00:33:01, bgp-65536, internal, tag 65536

That’s pretty much it for building the UNDERLAY.

VXLAN BGP EVPN – Basic Concepts – Spine/Leaf Architecture

VXLAN BGP EVPN – Basic Concepts – Spine/Leaf Architecture

As part of my studies for CCIE Datacenter, I am reviewing VXLAN BGP EVPN. Part of learning this subject is learning what Spine/Leaf Architecture is.

The easiest way to explain Spine/Leaf Architecture is a two tier design approach, where Access/DC Switches are each homed to a Spine, the spines normally do not touch each other, but in reality this doesn’t mean they can’t we will cover that later but lets stay with the common approach. Nothing touches the spine except the leaf and the leaf is what everything connects to. This architecture is built heavily on routing and multicast. VXLAN BGP EVPN is a layer 2 overlay with layer 3 redundant gateways.

Since I like to use VIRL for my testing I build a simple spine/leaf architecture that we will be using for the introduction of learning this.

You can see from the design above that Leaf’s only connect to Spine’s and Spine’s only connect to Leaf’s, Leaf’s never connect to Leaf’s and Spine’s never connect to Spine’s. Now you may ask what about VPC we will cover that later but in a Spine/Leaf Architecture you use VPC Fabric Peering instead of Direct Peering.

Well that is pretty much all for Spine/Leaf Architecture if you are want to learn more please reference the Cisco Web sites and a great book that I read to learn about VXLAN BGP EVPN is “Building DataCenters with VXLAN BGP EVPN