End Host And Subnet Route Distribution - Cisco Nexus 7000 Series Configuration Manual

Nx-os vxlan

Hide thumbs Also See for Nexus 7000 Series:

Command reference manual (1018 pages)

Reference manual (746 pages)

Configuration manual (536 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

page of 138

/ 138
Contents
Table of Contents
Bookmarks

Table of Contents

Configuring VXLAN BGP EVPN

• Efficient bandwidth utilization and resiliency with Active-Active multipathing

• Secure VTEPs

• BGP specific motivations

End Host and Subnet Route Distribution

Some pointers about end host MAC and IP route distribution in a VXLAN EVPN fabric are given below:

• The distributed anycast gateway also aids in supporting transparent VM mobility since post VM

move, the ARP cache entry for the default gateway is still valid.

VXLAN is supported with virtual PortChannel (vPC). This allows resiliency in connectivity for servers

attached to access switches with efficient utilization of available bandwidth. VXLAN with vPC is also

supported for access to aggregation (leaf switch to spine switch) connectivity, promoting a highly

available fabric.

In a VXLAN-EVPN fabric, traffic is only accepted from VTEPs whose information is learnt via the

BGP-EVPN control plane. Any VXLAN encapsulated traffic received from a VTEP that is not known

via the control plane will be dropped. In this way, this presents a secure fabric where traffic will only

be forwarded between VTEPs validated by the control plane. This is a major security hole in data-plane

based VXLAN flood-n-learn environments where a rogue VTEP has the potential of bringing down the

overlay network.

• Increased flexibility— EVPN address family carries both Layer-2 and Layer-3 reachability

information. So, you can build bridged overlays or routed overlays. While bridged overlays are

simpler to deploy, routed overlays are easier to scale out.

• Increased security— BGP authentication and security constructs provide more secure multi-tenancy.

• Improved convergence time— BGP being a hard-state protocol is inherently non-chatty and only

provides updates when there is a change. This greatly improves convergence time when network

failures occur.

• BGP Policies— Rich BGP policy constructs provide policy-based export and import of reachability

information. It is possible to constrain route updates where they are not needed thereby realizing

a more scalable fabric.

• Advantages of route reflectors— Increases scalability and reduces the need for a full mesh (coverage)

of BGP sessions.

A route reflector in an MP-BGP EVPN control plane acts as a central point for BGP sessions

between VTEPs. Instead of each VTEP peering with every other VTEP, the VTEPs peer with a

spine device designated as a route reflector. For redundancy purposes, an additional route reflector

is designated.

End Host and Subnet Route Distribution

Cisco Nexus 7000 Series NX-OS VXLAN Configuration Guide

Table of Contents

End Host And Subnet Route Distribution - Cisco Nexus 7000 Series Configuration Manual

End Host and Subnet Route Distribution

Related Manuals for Cisco Nexus 7000 Series

Related Content for Cisco Nexus 7000 Series

Table of Contents