Realizing Layer-2 And Layer-3 Multi-Tenancy - Cisco Nexus 7000 Series Configuration Manual

Nx-os vxlan

Hide thumbs Also See for Nexus 7000 Series:

Command reference manual (1018 pages)

Reference manual (746 pages)

Configuration manual (536 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

page of 138

/ 138
Contents
Table of Contents
Bookmarks

Table of Contents

Realizing Layer-2 and Layer-3 Multi-Tenancy

• End host to ToR mapping information for each ToR is shared with every other ToR using BGP via a

• Specifically, within BGP, the EVPN address family is employed to carry MAC and IP address information

• VMs belonging to the same tenant might be many hops apart (though assigned with the same segment

• In order to accurately route/switch packets between end hosts in the data center, each participating ToR

VXLAN-EVPN fabric— The overlay protocol is VXLAN and BGP uses EVPN as the address family for

communicating end host MAC and IP addresses, so the fabric is referred thus.

Realizing Layer-2 and Layer-3 Multi-Tenancy

Using segment IDs or VNIs for multi tenancy in the VXLAN fabric

Typically, when a tenant is created, it is assigned a unique VNI referred to as the layer-3 VNI or the layer 3

segment ID. This serves as a unique identifier for tenant layer-3 context also referred to as the tenant VRF.

For each network created within the tenant, a unique identifier is assigned which is referred to as the layer-2

VNI or layer-2 segment-id. The VNIs all come from the same 2^24 – 1 pool represented by the 24-bit VNI

identifier carried in the VXLAN header.

Figure 5: VXLAN Packet Format

Some Segment ID/VNI pointers are given below:

• If a new VM or physical server for this tenant is added to the data center, it is associated with the same

• By confining server and end host identification of a specific tenant to a unique VNI (or few unique

• By ensuring that the VNI-to-end host mapping information on each ToR is updated and shared through

• Routing at the ToR/access layer facilitates a more scalable design, contains network failures, and enables

Traffic between servers in the same tenant network that is confined to the same subnet is bridged. In this case,

the VTEPs stamp the layer-2 VNI in the VXLAN header when the communication is between servers that

Cisco Nexus 7000 Series NX-OS VXLAN Configuration Guide

route reflector.

of the end hosts along with other information such as the network and tenant (aka VRF) to which they

belong. This allows optimal forwarding of both layer-2 and layer-3 traffic within the fabric.

ID/VNI), and there might be frequent movement and addition of end hosts. When a new VM comes up

or is moved between ToRs, the information is instantly updated into BGP by the detecting ToR thereby

ensuring that the updated reachability information is also known to every other ToR.

in a VXLAN cluster must be aware of the end hosts attached to it and also the end hosts attached to

other ToRs, in real time.

layer-3 VNI, regardless of the physical location. In addition, if it is part of a given tenant network, it is

assigned the same layer-2 VNI that identifies that network.

VNIs), segmentation and security are ensured.

the route reflector, the latest information is available through the VXLAN setup.

transparent mobility.

Configuring VXLAN BGP EVPN

Table of Contents

Realizing Layer-2 And Layer-3 Multi-Tenancy - Cisco Nexus 7000 Series Configuration Manual

Realizing Layer-2 and Layer-3 Multi-Tenancy

Related Manuals for Cisco Nexus 7000 Series

Related Content for Cisco Nexus 7000 Series

Table of Contents