39 – DCNM 11.1 and VXLAN EVPN Multi-Site Update

Dear Network experts,

It took a while to post this update on DCNM 11.1 due to other priorities, but I should admit it’s a pity due to all the great features that came with DCNM 11.1. As mentioned in the previous post, DCNM 11.1 brings a lot of great improvements.

Hereafter is a summary of the top LAN fabric enhancements for VXLAN Multi-Site deployment that comes with DCNM 11.1 for LAN Fabric. Notice that many other new features and improvements come with 11.1. Please feel free to look at the Release-note for an exhaustive list of New Features and Enhancements in Cisco DCNM, Release 11.1(1).

Instead of describing in details all those new features, I think that a series of videos can be more efficient to understand those functionalities through specific demos. Please notice that I’m not covering all the features of DCNM 11.1 such as analytics, telemetry, compute monitoring, backup and restore, etc.; the main focus for this post is around VXLAN EVPN Multi-Site. I will provide a demo on VRF-Lite connection to the outside the the fabric in a next post.

The series of following demos rely on the same VXLAN EVPN Multi-Site infrastructure that I used for the previous post 38. Hence, you can can also compare and see the evolution of DCNM 11.1 for those particular functions.

Please feel free to make any comment or ask any questions if one of the following sections is not clear enough, and I will try to provide you with the needed information.

Brownfield Migration

  • Transition an existing VXLAN fabric management into DCNM.

The network manager can now import directly to DCNM 11.1 an existing VXLAN EVPN Fabric while the DC network continues to provide connectivity to production endpoints. Typically, the original VXLAN fabric has been previously created and managed through manual CLI configurations or custom automation scripts. With this new software release, the Network manager can import an existing VXLAN network and start managing the fabric through DCNM. All configurations, as well as logical Networks and VRFs  are preserved. The migration happens without interruption. After the migration, the initial configurations of the VXLAN Fabric underlay and overlay networks will be managed by DCNM and new devices, Networks and VRFs can be added afterward seamlessly.

The 1st demo shows how to import an existing Brownfield VXLAN EVPN Fabric while maintaining the Networks and VRFs


Fabric Builder, fabric devices and fabric underlay networks

  • Configuration Compliance displays side-by-side the current and pending configuration before deployment.
  • vPC support for VXLAN Multi-Site Border Gateway (BGWs) and standalone fabrics have been added.

The second demo shows how to create a new Greenfield VXLAN fabric from the ground up. The process is quite similar to what illustrated in the previous post for DCNM 11.0; however, several improvements have been added such as the configuration compliance that allows to compare side by side the current setup and the expected configuration. Also, new roles can be assigned to Spine and Border Leaf nodes extending the support for additional topologies, including:

  • Multi-Site Border Gateways deployed on the Spine nodes (Border Spines).
  • The new vPC Border Gateway mode, allowing to locally connect endpoints (single- or dual-homed attached) at Layer 2 to the same vPC pair of switches where the VXLAN Multi-site is initiated (coexistence of Border Gateway and Compute leaf roles).


External Fabric

The external fabric can be created to include network devices (switches and routers) that offer Layer 3 connectivity services to the fabric (for both north-south and east-west communication).

  • Inter-Fabric Connections (IFCs) can be automatically created to/from those external devices and the fabric border switches.
  • The external fabric devices can have two roles: Edge Router (used to establish VRF-Lite connectivity required for north-south communication) and Core Router (representing the inter-site network devices allowing to establish east-west VXLAN data-plane communication between sites).

The following demo  illustrates how to import an External Layer 3 Network interconnecting the VXLAN EVPN Fabrics. Routers, link connectivity as well as the topology are automatically discovered and imported into DCNM.

Notice that the devices belonging to the external fabric can be managed by DCNM (this applies to Cisco Nexus devices only).


VXLAN EVPN Multi-Site Domain

The fourth video shows how DCNM 11.1 allows to quickly deploy a VXLAN EVPN Multi-Site infrastructure by moving the existing VXLAN Fabrics into an active Multi-site Domain. The underlay and overlay network configurations for the Inter-Fabric Connection (BGWs <=> Core-routers) is made automatically by DCNM, either using a peer to peer link establishment for the underlay and a full-mesh establishment for the overlay network or using a Router Server for eBGP (functioning like a traditional Route Reflector normally used for iBGP peering) located in the Layer 3 core network.


Overlay Network/VRF provisioning & Interfaces

  • Port-channels, vPCs, sub-interfaces, and loopback interfaces can be added and modified with an external fabric devices.
  • Cisco DCNM 11.1(1) specific template enhancements are made for interfaces.
  • Networks and VRFs deployment can be deployed automatically at the Multi-site Domain level from Site to Site in one single action.

Finally, the last video shows how DCNM can simplify the deployment for Network and VRF extension across both sites, in few clicks.

Just amazing 🙂

Hope you will enjoy these few demos

Thank you, yves

2 Responses to 39 – DCNM 11.1 and VXLAN EVPN Multi-Site Update

  1. RobertJB says:

    Does DCNM 11.1 with multi-site provide support for a BorderPEs with l3vpn mpls hand-off as explained here: https://www.cisco.com/c/dam/en/us/products/collateral/switches/nexus-7000-series-switches/white-paper-c11-737109.pdf

    • Yves says:

      Hi Robert, fair question.

      Currently DCNM doesn’t fully support the function of BorderPE with the N7k. The plan is to get BorderPE supported with N3600-R & N9500-R series in next release but I don’t have the date.
      Ping me unicast if you need to get further updates with this function (NXOS + DCNM).

      Best regards, yves

