Differences

This shows you the differences between two versions of the page.

--- cisco:switch:9500:cisco_catalyst_9500_series_manual [2025/07/30 15:32] – aperez
+++ cisco:switch:9500:cisco_catalyst_9500_series_manual [2025/09/11 01:08] (current) – aperez
@@ Line 1041: / Line 1041: @@
   * Confirm licensing and SDM support
   * Use **Static VXLAN** on Catalyst platforms without EVPN capability
+----
+===== VXLAN – Core Terminology and Nomenclature =====
+VXLAN (Virtual Extensible LAN) is a tunneling technology that enables Layer 2 overlay networks over Layer 3 IP infrastructures. Below is the essential terminology you need to master:
+----
+==== 🔑 1. VNI – VXLAN Network Identifier ====
+  * **Definition:** A 24-bit identifier that replaces the traditional VLAN ID.
+  * **Range:** 0 to 16,777,215 (2^24 - 1)
+  * **Purpose:** Uniquely identifies a VXLAN segment (like a VLAN but in overlay).
+  * **Example:**
+    VLAN 700 → VNI 10700
+----
+==== 🔑 2. VTEP – VXLAN Tunnel Endpoint ====
+  * **Definition:** The device that encapsulates/decapsulates VXLAN traffic.
+  * **Purpose:** Acts as the entry/exit point of VXLAN tunnels.
+  * **Key Point:** Each VTEP has a loopback or logical IP (used as tunnel endpoint).
+  * **Example:**
+    Cisco VTEP IP = `172.18.32.33`
+----
+==== 🔑 3. NVE – Network Virtualization Edge ====
+  * **Definition:** The logical interface that represents VXLAN capability.
+  * **Command Example (IOS-XE):**
+    ```bash
+    interface nve1
+     source-interface Loopback0
+     member vni 10700
+    ```
+  * **Note:** In NX-OS, you must use `feature nv overlay`; in IOS-XE it’s implicit.
+----
+==== 🔑 4. Bridge Domain (BD) ====
+  * **Definition:** A broadcast domain, equivalent to a VLAN at the overlay level.
+  * **In IOS-XE:** Binding is done via:
+    ```bash
+    l2 vni 10700 vlan 700
+    ```
+  * **In NX-OS:** It’s tied to a `bridge-domain` with its own config space.
+----
+==== 🔑 5. Ingress Replication ====
+  * **Purpose:** Defines how BUM (Broadcast, Unknown unicast, Multicast) traffic is replicated.
+  * **Modes:**
+    - `static`: manual peer definition
+    - `multicast`: uses multicast groups in the underlay
+----
+==== 🔑 6. Underlay vs Overlay ====
+  * **Underlay:**
+    - The physical IP network that connects VTEPs (e.g., `172.18.32.0/30`)
+    - Uses IGP or static routing
+  * **Overlay:**
+    - The logical L2 network created by VXLAN
+    - Carries tenant VLANs across routed core
+----
+==== 🔑 7. BUM – Broadcast, Unknown Unicast, Multicast ====
+  * **Definition:** Types of traffic replicated across all members in a segment.
+  * **Handled in VXLAN by:**
+    - Static `ingress-replication`
+    - Multicast (if supported by underlay)
+----
+==== 🧾 Summary Table ====
+^ Element         ^ Description                                 ^ Example                    ^
+| VLAN            | Traditional L2 segment                      | 700                        |
+| VNI             | VXLAN segment identifier                    | 10700                     |
+| VTEP (Local)    | Source tunnel endpoint                      | 172.18.32.33 (Cisco C9500)|
+| VTEP (Remote)   | Destination tunnel endpoint                 | 172.18.32.34 (Aruba 6300) |
+| NVE Interface   | VXLAN-capable logical interface             | `interface nve1`          |
+| Underlay        | Physical routed IP network                  | `172.18.32.32/30`         |
+| Overlay         | Virtual network over VXLAN                  | VNIs mapped to VLANs      |
+----
+==== ✅ VXLAN overlays  ====
+allow to:
+  * Stretch VLANs across L3 boundaries
+  * Enable mobility and segmentation
+  * Scale beyond 4094 VLAN limit using 16 million VNIs
+----
+----
+====== VXLAN Static Configuration – Cisco 9500 ⇄ Aruba 6300 ======
+=== 📘 Architecture Summary ===
+^ Parameter               ^ Cisco 9500 (C9500SP1)         ^ Aruba 6300M (6300SP2)         ^
+| VTEP Loopback IP        | 172.22.32.1                    | 172.22.32.2                    |
+| Transport IP            | 172.18.32.33 (To Aruba)        | 172.18.32.34 (To Cisco)        |
+| Transport Interface     | Routed PtP /30 via TenG        | Routed PtP /30 via 1/1/12      |
+| OSPF Area               | 0                              | 0                              |
+| VXLAN Mode              | Static VXLAN                   | Static VXLAN                   |
+| VXLAN Interface         | `nve1`                         | `vxlan 1`                      |
+| VNIs                    | 10001, 10700–10732             | 10001, 10700–10732             |
+| Inter-VXLAN Bridging    | Not applicable                 | `static-all` or `static-evpn`  |
+----
+=== 🚀 Cisco 9500 Configuration ===
+==== 🔹 1. VTEP Loopback ====
+  interface Loopback0
+   ip address 172.22.32.1 255.255.255.255
+==== 🔹 2. Transport Interface ====
+  interface TenGigabitEthernet1/0/12
+   description Link to Aruba 6300
+   ip address 172.18.32.33 255.255.255.252
+   no shutdown
+==== 🔹 3. OSPF ====
+  router ospf 100
+   router-id 1.1.1.1
+   network 172.18.32.32 0.0.0.3 area 0
+   network 172.22.32.1 0.0.0.0 area 0
+==== 🔹 4. Static Route ====
+  ip route 172.22.32.2 255.255.255.255 172.18.32.34
+==== 🔹 5. NVE Interface ====
+  interface nve1
+   no shutdown
+   source-interface Loopback0
+   member vni 10001 ingress-replication 172.22.32.2
+   member vni 10700 ingress-replication 172.22.32.2
+   member vni 10712 ingress-replication 172.22.32.2
+   member vni 10730 ingress-replication 172.22.32.2
+   member vni 10732 ingress-replication 172.22.32.2
+==== 🔹 6. Bridge Domains ====
+  bridge-domain 1
+   member vni 10001
+  bridge-domain 700
+   member vni 10700
+  bridge-domain 712
+   member vni 10712
+  bridge-domain 730
+   member vni 10730
+  bridge-domain 732
+   member vni 10732
+----
+=== 🧩 Aruba 6300 Configuration ===
+==== 🔹 1. Loopback Interface ====
+  interface loopback 0
+   ip address 172.22.32.2/32
+==== 🔹 2. Transport Interface ====
+  interface 1/1/12
+   description Link to Cisco 9500
+   ip address 172.18.32.34/30
+   no shutdown
+==== 🔹 3. OSPF ====
+  router ospf
+   router-id 2.2.2.2
+   area 0.0.0.0
+     interface 1/1/12
+     interface loopback 0
+==== 🔹 4. Static Route ====
+  ip route 172.22.32.1/32 172.18.32.33
+==== 🔹 5. VXLAN Interface ====
+  interface vxlan 1
+   source 172.22.32.2
+   inter-vxlan-bridging-mode static-all
+==== 🔹 6. VNI to VLAN Mapping ====
+  vxlan vlan 1 vni 10001
+   vxlan vtep 172.22.32.1
+  vxlan vlan 700 vni 10700
+   vxlan vtep 172.22.32.1
+  vxlan vlan 712 vni 10712
+   vxlan vtep 172.22.32.1
+  vxlan vlan 730 vni 10730
+   vxlan vtep 172.22.32.1
+  vxlan vlan 732 vni 10732
+   vxlan vtep 172.22.32.1
+----
+=== 🧪 Validation Commands ===
+==== 🔸 Cisco 9500 ====
+  show nve interface nve1
+  show nve vni summary
+  show nve vni interface nve 1
+  show nve peers
+  ping 172.22.32.2 source 172.22.32.1
+  show mac address-table vlan 712
+==== 🔸 Aruba 6300 ====
+  show interface vxlan 1
+  show interface vxlan vni vteps
+  ping 172.22.32.1 source 172.22.32.2
+  show mac-address-table vlan 712
+=== ✅ Notes ===
+  * The VXLAN tunnels use **static replication** for simplicity and full control.
+  * Ensure **Loopback reachability** via static route or OSPF in both directions.
+  * For production EVPN deployment, BGP configuration will be required.
+----
+----
+{{ :aruba_networks:switch:6400:vxlan_cli_ap.pdf |}}
+{{pdfjs 46em >:aruba_networks:switch:6400:vxlan_cli_ap.pdf}}
+----
+----
+{{ :cisco:switch:9500:mtu_utm_switch_6400_9500.pdf |}}
+{{pdfjs 46em >:cisco:switch:9500:mtu_utm_switch_6400_9500.pdf}}
 ----
 ----