After having NDFC update your border leaf and provision your Ext-Rtr with initial configuration and then with your additional Loopback interface and BGP policy to inject a prefix, lets verify device configurations and test your Site1 fabric's external connectivity. For testing, you will make use of your Server1 connected to Site1-L1 for checking connectivity to the prefix advertised from your Ext-Rtr.
Verification will start with your border leaf.
The first device you will verify is your Site1-BL1 switch. Login to your Site1-S1 switch using the copy command below and paste into your VSCode Terminal. When prompted, the password is cisco.123 .
If prompted to accept the RSA key fingerprint like below, type or copy yes then input the password above.
The authenticity of host '10.3.3.15 (10.3.3.15)' can't be established.
RSA key fingerprint is SHA256:xneE+2XnZozaXwC/FgeYMRKJ4UhZV4iZD6QCD1u7gi8.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '10.3.3.15' (RSA) to the list of known hosts.
User Access Verification
Password:
show run interface ethernet 1/1-3 ; show run interface loopback0-1
Output:
!Command: show running-config interface Ethernet1/1-3
!Running configuration last done at: Wed Feb 1 18:15:03 2023
!Time: Wed Feb 1 18:17:32 2023
version 9.3(10) Bios:version
interface Ethernet1/1
description connected-to-Site1-S1-Ethernet1/3
no switchport
mtu 9216
ip address 10.1.0.11/31
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
ip pim sparse-mode
no shutdown
interface Ethernet1/2
description connected-to-Site1-S2-Ethernet1/3
no switchport
mtu 9216
ip address 10.1.0.12/31
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
ip pim sparse-mode
no shutdown
interface Ethernet1/3
no switchport
mtu 9216
no shutdown
interface Ethernet1/3.2
mtu 9216
encapsulation dot1q 2
vrf member bluevrf
ip address 10.31.0.2/30
no shutdown
!Command: show running-config interface loopback0-1
!Running configuration last done at: Wed Feb 1 18:15:03 2023
!Time: Wed Feb 1 18:17:32 2023
version 9.3(10) Bios:version
interface loopback0
description Routing loopback interface
ip address 10.11.0.5/32
ip router ospf UNDERLAY area 0.0.0.0
ip pim sparse-mode
interface loopback1
description VTEP loopback interface
ip address 10.111.0.5/32
ip router ospf UNDERLAY area 0.0.0.0
ip pim sparse-mode
show run ospf
Output:
!Command: show running-config ospf
!Running configuration last done at: Wed Feb 1 18:15:03 2023
!Time: Wed Feb 1 18:18:08 2023
version 9.3(10) Bios:version
feature ospf
router ospf UNDERLAY
router-id 10.11.0.5
interface loopback0
ip router ospf UNDERLAY area 0.0.0.0
interface loopback1
ip router ospf UNDERLAY area 0.0.0.0
interface Ethernet1/1
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
interface Ethernet1/2
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
show ip ospf neighbors
Output:
OSPF Process ID UNDERLAY VRF default
Total number of neighbors: 2
Neighbor ID Pri State Up Time Address Interface
10.11.0.4 1 FULL/ - 00:40:31 10.1.0.10 Eth1/1
10.11.0.5 1 FULL/ - 00:40:30 10.1.0.13 Eth1/2
show run pim
Output:
!Command: show running-config pim
!Running configuration last done at: Wed Feb 1 18:15:03 2023
!Time: Wed Feb 1 18:18:14 2023
version 9.3(10) Bios:version
feature pim
ip pim rp-address 10.251.251.1 group-list 239.1.1.0/25
ip pim ssm range 232.0.0.0/8
interface loopback0
ip pim sparse-mode
interface loopback1
ip pim sparse-mode
interface Ethernet1/1
ip pim sparse-mode
interface Ethernet1/2
ip pim sparse-mode
show ip pim neighbor
Output:
PIM Neighbor Status for VRF "default"
Neighbor Interface Uptime Expires DR Bidir- BFD ECMP Redirect
Priority Capable State Capable
10.1.0.10 Ethernet1/1 00:40:44 00:01:24 1 yes n/a no
10.1.0.13 Ethernet1/2 00:40:44 00:01:28 1 yes n/a no
show run bgp
Output:
!Command: show running-config bgp
!Running configuration last done at: Wed Feb 1 18:15:03 2023
!Time: Wed Feb 1 18:19:11 2023
version 9.3(10) Bios:version
feature bgp
router bgp 65111
router-id 10.11.0.5
neighbor 10.11.0.3
remote-as 65111
update-source loopback0
address-family l2vpn evpn
send-community
send-community extended
neighbor 10.11.0.4
remote-as 65111
update-source loopback0
address-family l2vpn evpn
send-community
send-community extended
vrf bluevrf
address-family ipv4 unicast
network 0.0.0.0/0
advertise l2vpn evpn
redistribute direct route-map fabric-rmap-redist-subnet
maximum-paths ibgp 2
address-family ipv6 unicast
advertise l2vpn evpn
redistribute direct route-map fabric-rmap-redist-subnet
maximum-paths ibgp 2
neighbor 10.31.0.1
remote-as 65333
address-family ipv4 unicast
send-community
send-community extended
route-map extcon-rmap-filter out
vrf context bluevrf
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn
address-family ipv6 unicast
route-target both auto
route-target both auto evpn
show bgp l2vpn evpn summary
Output:
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 10.11.0.5, local AS number 65111
BGP table version is 59, L2VPN EVPN config peers 2, capable peers 2
14 network entries and 26 paths using 3896 bytes of memory
BGP attribute entries [20/3440], BGP AS path entries [1/6]
BGP community entries [0/0], BGP clusterlist entries [4/16]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.11.0.3 4 65111 90 67 59 0 0 01:00:57 8
10.11.0.4 4 65111 90 67 59 0 0 01:00:33 8
show run interface nve1
Output:
!Command: show running-config interface nve1
!Running configuration last done at: Wed Feb 1 18:15:03 2023
!Time: Wed Feb 1 18:20:06 2023
version 9.3(10) Bios:version
interface nve1
no shutdown
host-reachability protocol bgp
source-interface loopback1
member vni 50000 associate-vrf
show nve vni
Output:
Codes: CP - Control Plane DP - Data Plane
UC - Unconfigured SA - Suppress ARP
SU - Suppress Unknown Unicast
Xconn - Crossconnect
MS-IR - Multisite Ingress Replication
Interface VNI Multicast-group State Mode Type [BD/VRF] Flags
--------- -------- ----------------- ----- ---- ------------------ -----
nve1 50000 n/a Up CP L3 [bluevrf]
show run interface vlan 2000
Output:
!Command: show running-config interface Vlan2000
!No configuration change since last restart
!Time: Wed Feb 1 18:30:36 2023
version 9.3(10) Bios:version
interface Vlan2000
description BlueVRF
no shutdown
mtu 9216
vrf member bluevrf
no ip redirects
ip forward
ipv6 address use-link-local-only
no ipv6 redirects
show bgp ipv4 unicast summary vrf bluevrf
Output:
BGP summary information for VRF bluevrf, address family IPv4 Unicast
BGP router identifier 10.31.0.2, local AS number 65111
BGP table version is 18, IPv4 Unicast config peers 1, capable peers 1
5 network entries and 7 paths using 860 bytes of memory
BGP attribute entries [5/860], BGP AS path entries [1/6]
BGP community entries [0/0], BGP clusterlist entries [4/16]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.31.0.1 4 65333 12 11 18 0 0 00:05:19 1
show ip route vrf bluevrf
Output:
IP Route Table for VRF "bluevrf"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%' in via output denotes VRF
0.0.0.0/0, ubest/mbest: 1/0
*via 10.31.0.1, [1/0], 00:23:38, static
10.31.0.0/30, ubest/mbest: 1/0, attached
*via 10.31.0.2, Eth1/3.2, [0/0], 00:24:55, direct
10.31.0.2/32, ubest/mbest: 1/0, attached
*via 10.31.0.2, Eth1/3.2, [0/0], 00:24:55, local
172.16.1.1/32, ubest/mbest: 1/0
*via 10.31.0.1, [20/0], 00:23:33, bgp-65111, external, tag 65333
192.168.11.0/24, ubest/mbest: 1/0
*via 10.111.0.2%default, [200/0], 00:24:47, bgp-65111, internal, tag 65111, segid: 50000 tunnelid: 0xa6f0002 encap: VXLAN
192.168.11.21/32, ubest/mbest: 1/0
*via 10.111.0.2%default, [200/0], 00:17:00, bgp-65111, internal, tag 65111, segid: 50000 tunnelid: 0xa6f0002 encap: VXLAN
192.168.12.0/24, ubest/mbest: 1/0
*via 10.111.0.2%default, [200/0], 00:24:47, bgp-65111, internal, tag 65111, segid: 50000 tunnelid: 0xa6f0002 encap: VXLAN
192.168.12.22/32, ubest/mbest: 1/0
*via 10.111.0.2%default, [200/0], 00:02:15, bgp-65111, internal, tag 65111, segid: 50000 tunnelid: 0xa6f0002 encap: VXLAN
show bgp l2vpn evpn 172.16.1.1
Output:
BGP routing table information for VRF default, address family L2VPN EVPN
Route Distinguisher: 10.11.0.5:4 (L3VNI 50000)
BGP routing table entry for [5]:[0]:[0]:[32]:[172.16.1.1]/224, version 50
Paths: (1 available, best #1)
Flags: (0x000002) (high32 00000000) on xmit-list, is not in l2rib/evpn
Advertised path-id 1
Path type: local, path is valid, is best path, no labeled nexthop
Gateway IP: 0.0.0.0
AS-Path: 65333 , path sourced external to AS
10.111.0.5 (metric 0) from 0.0.0.0 (10.11.0.5)
Origin IGP, MED not set, localpref 100, weight 0
Received label 50000
Extcommunity: RT:65111:50000 ENCAP:8 Router MAC:5200.0030.1b08
Path-id 1 advertised to peers:
10.11.0.3 10.11.0.4
exit