Scribd
Upload
264 views6 pages

02 - VXLAN Part II. The Underlay Network - Unicast Routing

1. The document describes the underlay network for a VXLAN deployment using OSPF routing between four Cisco Nexus switches. 2. The edge switches act as VXLAN tunnel endpoints (VTEPs) to encapsulate and de-encapsulate traffic, while the core switches route packets between VTEPs. 3. OSPF is used for unicast routing in the underlay network to take advantage of features like equal-cost multipath (ECMP) load balancing.

Uploaded by

Nguyen Le
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
264 views6 pages

02 - VXLAN Part II. The Underlay Network - Unicast Routing

1. The document describes the underlay network for a VXLAN deployment using OSPF routing between four Cisco Nexus switches. 2. The edge switches act as VXLAN tunnel endpoints (VTEPs) to encapsulate and de-encapsulate traffic, while the core switches route packets between VTEPs. 3. OSPF is used for unicast routing in the underlay network to take advantage of features like equal-cost multipath (ECMP) load balancing.

Uploaded by

Nguyen Le
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

VXLAN Part II.

The Underlay network – Unicast Routing

Introduction

VXLAN is MAC-over-IP / UDP tunneling mechanism that allows the Layer2


segments to be stretched over the Layer3 network (Underlay/Transport).
In this chapter, I will show one possible design of the Underlay network. I
will also show basic configurations and monitor commands. At the end of
this article, you can find a mindmap for memory builder.

Our example network consists of four Cisco Nexus 9000 switches. The
edge switches Leaf-101 and Leaf-102 works as a VTEP (VXLAN Tunnel
Endpoint) devices. VTEPs are responsible for encapsulation of Ethernet
frames received from directly connected hosts with VXLAN header as well
as removing VXLAN header from the packet received from another VTEP
switch. Spine-11 and Spine-12 are the core switches. These switches are
not aware of hosts/VMs behind the VTEP Leaf switches, Spine switches
only route packet between VTEP switches.

Figure-1: Example topology

Routing protocols:

Routing protocols can be divided into three main groups; 1) Hop-count


(RIP), 2) Link-State (IS-IS, OSPF) and 3) Vector Based Protocols (EIGRP:
distance-vector and BGP: path-vector). Link-State protocols calculate the
best loop-free path through the network by using SPF algorithm. Link-
State protocols observe the link speed when calculating the best path.
Link-State protocols also support load sharing with equal cost links
(ECMP). When using the Link State protocol, each router in the routing
area has unified information about network topology, while EIGRP and RIP
believe what neighbor router tells them (routing by the rumor). BGP is
often used in an Underlay network, but unlike Link-State protocols, its
route selection is based on path attributes such as AS-path length, it does
not consider link speeds when selecting the best path. For these reasons,
I have chosen OSPF for Underlay routing (and I know it better than IS-
IS). 

IP addressing 
Inter-switch link:
All links between switches are Point-to-Point (P2P) links. It is common practice to
use network mask / 30 or / 31 on P2P links. Instead of using dedicated sub-network
between switches, I am going to use an unnumbered IP-addressing scheme where
link addresses are borrowed from the Loopback 0 interface.  

Loopback 0:
As already mentioned, Inter-switch links borrow the Loopback 0 ip
address. Loopback0 is also used for underlay routing and as an OSPF
RID. 

Loopback 100:
Is used as a VTEP address. We could use the Loopback 0 address for both
RID and VTEP address but by using dedicated VTEP IP-address, we can
remove the Leaf switch from the VXLAN domain by shutting down the
Loopback 100. In this way, we can remove the switch from the VXLAN
domain without removing it from the Underlay network and we can
investigate possible problems in the underlay network without disturbing
server traffic. 

Configuration examples
Note that “ip host” configurations in line four to eight are optional as well
the last line “name-lookup” under the OSPF configuration. By using those
optional commands, we get VTEP names on the “show ip ospf neighbor”
instead of RID IP-address.

Configuration example 1: Leaf-101.


hostname Leaf-101
feature ospf
!
ip host Leaf-101 192.168.0.101
ip host Leaf-102 192.168.0.102
ip host Spine-11 192.168.0.11
ip host Spine-12 192.168.0.12
!
interface Ethernet1/1
  no switchport
  medium p2p
  ip unnumbered loopback0
  ip ospf network point-to-point
  ip router ospf UNDERLAY-NET area
0.0.0.0
  no shutdown

interface Ethernet1/2
  no switchport
  medium p2p
  ip unnumbered loopback0
  ip ospf network point-to-point
  ip router ospf UNDERLAY-NET area
0.0.0.0
  no shutdown

interface loopback0
  description ** RID/Underlay **
  ip address 192.168.0.101/32
  ip router ospf UNDERLAY-NET area
0.0.0.0
!
interface loopback100
  description ** VTEP/Overlay **
  ip address 192.168.100.101/32
  ip router ospf UNDERLAY-NET area
0.0.0.0
!
router ospf UNDERLAY-NET
  router-id 192.168.0.101
  name-lookup

Configuration example 2: Spine-11.


hostname Spine-11
feature ospf

ip host Leaf-101 192.168.0.101


ip host Spine-12 192.168.0.12
ip host Spine-11 192.168.0.11
ip host Leaf-102 192.168.0.102
!
interface Ethernet1/1
  no switchport
  medium p2p
  ip unnumbered loopback0
  ip ospf network point-to-point
  ip router ospf UNDERLAY-NET area
0.0.0.0
  no shutdown

interface Ethernet1/2
  no switchport
  medium p2p
  ip unnumbered loopback0
  ip ospf network point-to-point
  ip router ospf UNDERLAY-NET area
0.0.0.0
  no shutdown

interface loopback0
  description ** RID/Underlay **
  ip address 192.168.0.11/32
  ip router ospf UNDERLAY-NET area
0.0.0.0
!
router ospf UNDERLAY-NET
  router-id 192.168.0.11
  name-lookup

Monitoring

Show command example 1: Leaf-101 – show ip ospf neighbors.

Leaf-101# sh ip ospf neighbors


 OSPF Process ID UNDERLAY-NET VRF default
 Total number of neighbors: 2
 Neighbor ID     Pri State            Up Time  Address         Interface
 Spine-11          1 FULL/ -          00:04:34 192.168.0.11    Eth1/1
 Spine-12          1 FULL/ -          00:03:24 192.168.0.12    Eth1/2

Show command example 2: Spine-11 – show ip ospf neighbors.

Spine-11# sh ip ospf neighbors


 OSPF Process ID UNDERLAY-NET VRF default
 Total number of neighbors: 2
 Neighbor ID     Pri State            Up Time 
Address         Interface
 Leaf-101          1 FULL/ -          00:05:18
192.168.0.101   Eth1/1
 Leaf-102          1 FULL/ -          00:04:32
192.168.0.102   Eth1/2

There are two equal costs links between the Leaf switches and OSPF will use both links.
Note! ECMP load sharing is based on 5-tuple (src/dst IP, Transport protocol and src/dst
ports of transport protocol). In VXLAN header, the only changing value is source UDP port
number, which is calculated from the inner frame. This way the traffic flows from hosts/VMs can
be differentiated and send over the different physical links.

Show command example 3: leaf-102 – show ip route ospf.

Leaf-102# sh ip route ospf


IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

192.168.0.11/32, ubest/mbest: 1/0


    *via 192.168.0.11, Eth1/1, [110/41], 00:05:39, ospf-UNDERLAY-NET,
intra
192.168.0.12/32, ubest/mbest: 1/0
    *via 192.168.0.12, Eth1/2, [110/41], 00:05:16, ospf-UNDERLAY-NET,
intra
192.168.0.101/32, ubest/mbest: 2/0
    *via 192.168.0.11, Eth1/1, [110/81], 00:05:16, ospf-UNDERLAY-NET,
intra
    *via 192.168.0.12, Eth1/2, [110/81], 00:05:16, ospf-UNDERLAY-NET,
intra
192.168.100.101/32, ubest/mbest: 2/0
    *via 192.168.0.11, Eth1/1, [110/81], 00:05:16, ospf-UNDERLAY-NET,
intra
    *via 192.168.0.12, Eth1/2, [110/81], 00:05:16, ospf-UNDERLAY-NET,
intra

VXLAN Unicast Routing Mind Map


Figure-2: Mind Map

You might also like