• Nexus Dashboard
  • USER: admin
  • PASS: cisco.123
  • ND Web interface
  • DEV Server
  • USER: cisco
  • PASS: cisco.123
  • ssh address: 10.0.208.13
  • VNC address: 10.0.208.13:5901
  • Switch Login
  • USER: admin
  • PASS: cisco.123
  • Site1-S1: 10.3.3.11
  • Site1-S2: 10.3.3.12
  • Site1-L1: 10.3.3.13
  • Site1-L2: 10.3.3.14
  • Site1-BL1: 10.3.3.15
  • Site1-BGW1: 10.3.3.16
  • Site2-S1: 10.3.3.17
  • Site2-L1: 10.3.3.18
  • Site2-BGW1: 10.3.3.19
  • Ext-Rtr: 10.3.3.10
  • Core-Rtr: 10.3.3.20
Site1-L1
NDFC - Verify

Verify your Site1-L1 configuration.

Step 1 - Login to Site1-L1

The first device you will verify is your Site1-S1 switch. Login to your Site1-S1 switch using the copy command below and paste into your VSCode Terminal. When prompted, the password is cisco.123 .

If prompted to accept the RSA key fingerprint like below, type or copy yes then input the password above. 

    The authenticity of host '10.3.3.13 (10.3.3.13)' can't be established.
    RSA key fingerprint is SHA256:xneE+2XnZozaXwC/FgeYMRKJ4UhZV4iZD6QCD1u7gi8.
    Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
    Warning: Permanently added '10.3.3.13' (RSA) to the list of known hosts.
    User Access Verification
    Password:

Step 2 - Site1-L1: BlueVRF Route Table


show ip route vrf bluevrf

Output: 

    IP Route Table for VRF "bluevrf"
    '*' denotes best ucast next-hop
    '**' denotes best mcast next-hop
    '[x/y]' denotes [preference/metric]
    '%' in via output denotes VRF 
    
    0.0.0.0/0, ubest/mbest: 1/0
        *via 10.111.0.5%default, [200/0], 00:26:06, bgp-65111, internal, tag 65111, segid: 50000 tunnelid: 0xa6f0005 encap: VXLAN
     
    172.16.1.1/32, ubest/mbest: 1/0
        *via 10.111.0.5%default, [200/0], 00:24:49, bgp-65111, internal, tag 65333, segid: 50000 tunnelid: 0xa6f0005 encap: VXLAN
     
    192.168.11.0/24, ubest/mbest: 1/0, attached
        *via 192.168.11.1, Vlan2300, [0/0], 01:08:32, direct, tag 12345
    192.168.11.1/32, ubest/mbest: 1/0, attached
        *via 192.168.11.1, Vlan2300, [0/0], 01:08:32, local, tag 12345
    192.168.11.21/32, ubest/mbest: 1/0, attached
        *via 192.168.11.21, Vlan2300, [190/0], 00:18:16, hmm
    192.168.12.0/24, ubest/mbest: 1/0, attached
        *via 192.168.12.1, Vlan2301, [0/0], 01:08:32, direct, tag 12345
    192.168.12.1/32, ubest/mbest: 1/0, attached
        *via 192.168.12.1, Vlan2301, [0/0], 01:08:32, local, tag 12345
    192.168.12.22/32, ubest/mbest: 1/0, attached
        *via 192.168.12.22, Vlan2301, [190/0], 00:03:31, hmm

Step 3 - Site1-L1: BGP EVPN Neighbors


show bgp l2vpn evpn summary

Output: 

    BGP summary information for VRF default, address family L2VPN EVPN
    BGP router identifier 10.11.0.1, local AS number 65111
    BGP table version is 32, L2VPN EVPN config peers 2, capable peers 2
    10 network entries and 12 paths using 2440 bytes of memory
    BGP attribute entries [11/1892], BGP AS path entries [1/6]
    BGP community entries [0/0], BGP clusterlist entries [2/8]
    
    Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
    10.11.0.4       4 65111      80      71       32    0    0 01:06:31 2         
    10.11.0.5       4 65111      80      71       32    0    0 01:06:34 2

Step 4 - Site1-L1: EVPN Type-5 External Route for Ext-Rtr Loopback


show bgp l2vpn evpn 172.16.1.1

Output: 

    BGP routing table information for VRF default, address family L2VPN EVPN
    Route Distinguisher: 10.11.0.5:4
    BGP routing table entry for [5]:[0]:[0]:[32]:[172.16.1.1]/224, version 14
    Paths: (2 available, best #1)
    Flags: (0x000002) (high32 00000000) on xmit-list, is not in l2rib/evpn, is not in HW
    
      Advertised path-id 1
      Path type: internal, path is valid, is best path, no labeled nexthop
                 Imported to 2 destination(s)
                 Imported paths list: bluevrf L3-50000
      Gateway IP: 0.0.0.0
      AS-Path: 65333 , path sourced external to AS
        10.111.0.5 (metric 81) from 10.11.0.3 (10.11.0.3)
          Origin IGP, MED not set, localpref 100, weight 0
          Received label 50000
          Extcommunity: RT:65111:50000 ENCAP:8 Router MAC:5200.0030.1b08
          Originator: 10.11.0.5 Cluster list: 10.11.0.3 
    
      Path type: internal, path is valid, not best reason: Neighbor Address, no labeled nexthop
      Gateway IP: 0.0.0.0
      AS-Path: 65333 , path sourced external to AS
        10.111.0.5 (metric 81) from 10.11.0.4 (10.11.0.4)
          Origin IGP, MED not set, localpref 100, weight 0
          Received label 50000
          Extcommunity: RT:65111:50000 ENCAP:8 Router MAC:5200.0030.1b08
          Originator: 10.11.0.5 Cluster list: 10.11.0.4 
    
      Path-id 1 not advertised to any peer
    
    Route Distinguisher: 10.11.0.1:3    (L3VNI 50000)
    BGP routing table entry for [5]:[0]:[0]:[32]:[172.16.1.1]/224, version 15
    Paths: (1 available, best #1)
    Flags: (0x000002) (high32 00000000) on xmit-list, is not in l2rib/evpn, is not in HW
    
      Advertised path-id 1
      Path type: internal, path is valid, is best path, no labeled nexthop
                 Imported from 10.11.0.5:4:[5]:[0]:[0]:[32]:[172.16.1.1]/224 
      Gateway IP: 0.0.0.0
      AS-Path: 65333 , path sourced external to AS
        10.111.0.5 (metric 81) from 10.11.0.3 (10.11.0.3)
          Origin IGP, MED not set, localpref 100, weight 0
          Received label 50000
          Extcommunity: RT:65111:50000 ENCAP:8 Router MAC:5200.0030.1b08
          Originator: 10.11.0.5 Cluster list: 10.11.0.3 
    
      Path-id 1 not advertised to any peer

Step 5 - Site1-L1: Logout


exit