• Nexus Dashboard
  • USER: admin
  • PASS: cisco.123
  • ND-1 Web Interface
  • ND-2 Web Interface
  • DEV Server
  • USER: cisco
  • PASS: cisco.123
  • ssh address: 10.0.208.17
  • VNC address: 10.0.208.17:5901
  • Switch Login
  • USER: admin
  • PASS: cisco.123
  • Site1-S1: 10.3.7.11
  • Site1-S2: 10.3.7.12
  • Site1-L1: 10.3.7.13
  • Site1-L2: 10.3.7.14
  • Site1-BL1: 10.3.7.15
  • Site1-BGW1: 10.3.7.16
  • Site2-S1: 10.3.7.17
  • Site2-L1: 10.3.7.18
  • Site2-BGW1: 10.3.7.19
  • Ext-Rtr: 10.3.7.10
  • Core-Rtr: 10.3.7.20
Site1 Fabric

Nexus Dashboard
  • Introduction
  • Nexus One Fabric
  • System Access
  • Site1 Fabric (Greenfield)
  • Validate Site1 Fabric
  • External L3
  • Validate ExtL3
  • Site2 Fabric (Brownfield)
  • Validate Site2 Fabric
  • Inter-Site Network
  • Unified Management
  • Fabric Groups
  • Validate MultiClstr Fabric
  • Network as Code

VXLAN EVPN Fabric Setup Guide

Initial Fabric Creation

Upon completing the preliminary setup, the primary objective is to establish your initial fabric utilizing a unified Data Center VXLAN EVPN fabric workflow, encompassing both the underlay and overlay configurations.

Fabric Type Overview

The fabric may be configured as either a Greenfield deployment, indicating a new implementation, or a Brownfield deployment, referring to an existing infrastructure. For this initial setup, the focus will be on creating a Greenfield VXLAN EVPN fabric.

Site1 Data Center Status

The Site1 Data Center remains unprovisioned, with the exception of a management IP address assigned to the mgmt0 interface. This lab environment utilizes Nexus 9300V and 9500V switches, hosted within a Cisco Modeling Labs (CML) framework.

Day 0 Configuration Steps

The initial "Day 0" phase of fabric lifecycle management for your Greenfield fabric involves defining critical fabric settings, including:

  • BGP Autonomous System Number (ASN)
  • Replication mode for Broadcast, Unknown Unicast, and Multicast (BUM) traffic
  • Underlay Interior Gateway Protocol (IGP)
  • Subnetting schemes for underlay interfaces
  • Virtual Tunnel Endpoint (VTEP) interfaces

Automation Framework

Fabric configuration is executed through a robust, flexible, and customizable automation framework. With minimal user input, the entire fabric can be provisioned with Cisco-recommended best-practice configurations in an efficient timeframe. Notably, the sole mandatory requirement for fabric activation in Nexus Dashboard (ND) is the configuration of the BGP ASN.

Customizable Fabric Settings

The suite of parameters available within the Fabric Settings interface empowers users to customize the fabric according to their preferred underlay provisioning options, ensuring alignment with specific operational requirements.

Step 1 - Navigate to Fabrics

  1. Click and expand Manage on sidebar
  2. Then click Fabrics

Step 2 - Launch Create Fabric

  1. Click Create Fabric



  2. Click Create New LAN fabric
  3. Click Next



  4. Click VxLAN
  5. Click Next

    6. NOTE: We will be using the default VXLAN EVPN fabric which is Data Center

Step 3 - Fabric Fabric Settings

In the Create Fabrics popup wizard:

  1. Name the fabric: Site1 and Under Location Type: Raleigh, US
  2. Set the BGP ASN to 65111
  3. Set the License Tier to Premier
  4. Then, click Next



  5. Click Submit



  6. Click View fabric details

Step 4 - Edit Fabric Setting Type

Now that you have created the initial fabric, we will show you how to modify some of the default fabric parameters for your knowledge in case you need to modify them in your production environment.

  1. Click Actions
  2. Then click Edit Fabric Settings



  3. Click Fabric Management

Step 5 - Define General Parameters

This next part of the workflow for creating a fabric is where you define the parameters that make up your fabric, both the underlay and the overlay. All these configuration parameters adhere to Cisco's best practices. As such, we will leverage several defaults that are part of the Easy Fabric template for an iBGP-based VXLAN EVPN fabric.

The first section is General Parameters where you define the fabric's BGP ASN, interface connectivity and peering type, i.e. p2p, Underlay routing protocol that can be OSPF or ISIS (OSPF for this lab), route-reflector count, Anycast Gateway MAC address shared by all leaf switches, etc. Again, you will leverage various defaults already adhereing to best practices, but some parameters need setting specific to this fabric:

  1. Set the Underlay Subnet IP Mask to 31 for point-to-point

Step 6 - Define Replication Parameters

The second section is Replication parameters where you define whether the fabric will use multicast or ingress replication for BUM (Broadcast, Unknown Unicast, and Multicast). You will use multicast for this lab. Again, you will leverage various defaults already adhereing to best practices, such as having two (2) Rendezvous-Points (RPs), but will set the parameter for RP Loopback identifier to make it specific to your Site1 fabric:

  1. Select Replication tab
  2. Change the RP Loopback interface to 251

Step 7 - Define VPC Parameters

The third section is VPC parameters where you define the overall VPC domain configuration and settings. For this lab, you will leverage the defaults for VPC as it already adheres to best practices for a VPC domain:

  1. Click VPC tab to view the vPC configuration options

Step 8 - Define Protocols Parameters

The fourth section is Protocols parameters where you define the Loopback interfaces that will be used for iBGP EVPN neighbor peering and VTEPs. Additionally, configuration parameters specific to the routing protocol selected for the underlay in General Parameters can be found here. Examples of these optional configuration settings include the routing protocol tag (the process number or name), the OSPF area number identifier, routing protocol authentication, etc. For this lab, keep the Loopback interfaces as 0 and 1 respectively as per best practice for a greenfield fabric. Also, leverage the defaults for OSPF keeping the OSPF process name as UNDERLAY and everything in area 0.

  1. Click Protocols to view the VTEP and underlay routing protocol configuration options

Step 9 - Define Security Parameters

The fifth section Security allows the user to create security policies in their network by leveraging Cisco best practices. This includeds configuring Security Groups (GPO) and MACsec parameters.

  1. Click Security

Step 10 - Define Advanced Parameters

The sixth section is Advanced parameters where you define the base configuration templates to be used. The templates that are selected are done so from choosing the Data Center VXLAN EVPN template when you started creating this fabric. It is in these templates where the Cisco best practices are embedded and highly reusable across switches and fabrics.

  1. Click the Advanced tab
  2. Scroll down until you find Greenfield Cleanup Option, then scroll down in the lab guide for the next instuctions and screenshot

  3. Set the Greenfield Cleanup Option to Enable from the dropdown
    4. This knob doesn't affect any function in this lab. For Greenfield, when this setting is disabled, a switch will be reloaded after first being imported into the fabric to bootup with clean configuration. However, it will take a longer amount of time. To save time in this lab, you can enable this option. When this option is enabled, The fabric will clean up the configuration on the switch with a best effort process without reloading the switch. For production networks, keep the option disabled to get a cleaner import.
  4. Scroll back up to the top of the Create Fabric wizard

Step 11 - Define Freeform

This section allows the end user to apply any type of configuration that it is not part of the original template. This section should only be used as a last resort in case ND is missing a template but with that being said, the process of creating a new template in ND is super easy as well.

Step 12 - Define Resources Parameters

The last required section is Resources parameters that defines the IP addressing pools to be used for the routing Loopbacks used for the iBGP EVPN peering, the VTEP Loopbacks, the Spine RP Loopbacks, and the physcial interfaces used for the entire underlay. The latter and how those IP addresses are dynamically allocated out of the underlay subnet pool is dictated by the subnet mask selected in General Parameters previously. Use the information below to set the IP range for each:

  1. Click the Resources tab
  2. Underlay Routing Loopback IP Range: 10.11.0.0/22
  3. Underlay VTEP Loopback IP Range: 10.111.0.0/22
  4. Underlay RP Loopback IP Range: 10.251.251.0/24
  5. Underlay Subnet IP Range: 10.1.0.0/16
  6. Scroll down until you find VRF Lite Deployment



  7. In the VRF Lite Deployment dropdown, select Back2Back&ToExternal
  8. Check the Auto Deploy for Peer checkbox
  9. Check the Auto Deploy Default VRF checkbox
  10. Set the VRF Lite Subnet IP Range to: 10.31.0.0/16
  11. Scroll back up to the top of the Create Fabric wizard

Step 13 - Define Manageability Parameters

The last section to update in this lab is the Manageability parameters that defines the DNS, NTP and syslog servers and how to reach them. These configurations apply to all the switches in the fabric. Use the information below to set the IP range for each:

  1. Click the Manageability tab
  2. DNS Server IP(s): 10.0.226.251
  3. DNS Server VRFs: management
  4. NTP Server IP(s): 10.81.254.202
  5. NTP Server VRFs: management

  6. Scroll Down and Click Save at the bottom right.

For further reference, the full details and breakdown of every fabric parameter option can be found here.

Continue to the next section to discover and import your Greenfield fabric switches into your Site1 fabric.