Thanks Mr.jon , we are waiting for mpbgp vxlan video....your videos are really helpful...Thanks for everything brother...you have good content with quality...
Great video! Only thing I'm struggling with is finding documentation for a command like 'ip address virtual' for Cisco nexus9300v.10.1.1, as doing VRRP/HSRP over VXLAN would take up a lot of IP addresses if you plan on adding a bunch of leaf switches. Do you have any idea to what would be preferred in a scenario like this for the Cisco world?:)
Hey, Ash! Thanks a lot! :) The network software I'm using is called EVE-NG. I'm using the free Community edition which you can download for free here: www.eve-ng.net/ The illustrations are just using Windows "Snip & Sketch" with a drawing tablet. Hope that helps! -John
Great explanation. If you had 2x Nexus 5000 switches in one DC and two in another, both of them using Fabric Extenders. Say you wanted to do VXLAN across the DCI, would you need to do 4x VLAN tunnels, so Nexus1 to Nexus3, Nexus1 to Nexus4, Nexus2 to Nexus3 and Nexus2 to Nexus4?
Hey, M Haroon! Thanks for leaving your feedback. Great to get your thoughts! Yeah, I've got a backlog of videos I've got planned and BGP EVPN VXLAN is definitely one of them! :) -John
I have a gns3 lab topology like this : csr1000 as dmz router -> nexus 7K (2x) each as spine -> cisco IOU (4x) each as leaf -> each leaf have vm servers on it can it work? My laptop can't run 6 Nexus 7K lol Or do you have any advice? (looking for other topologies/alternative for learning vxlan for data center) Thank You!
I have cisco catalyst at HQ and Extreme everywhere else. I replicate all my virtual machines to a branch office but our DB app IP cannot be changed, so I need vxlan but I have no idea how.
Another excellent video! I am learning a lot from your channel and your explanation in simple terms helps a great deal. I am slowly diving in Data centre technologies and some times the new features can be overwhelming. Want your help in understanding if this will work without the Spine-Leaf architecture over an existing VPLS/MPLS infrastructure we have globally. So our underlay uses VPLS and we use BGP as the overlay. Can VXLAN work in this scenario as long as we have reachability across AS's to the VTEP ID's?
Hey, Antonio! Thanks so much, I really appreciate your feedback! Re: your question! VPLS is a layer 2 technology at heart ie with VPLS you wont get the ECMP, Arp Suppression, etc which is a huge benefit of VXLAN...whilst still providing the ability to offer L2 adjacency of course. What I think you want to be looking into would be MP-BGP VXLAN EVPN - that's the other (more complex but vastly more scalable) implementation of VXLAN. It doesn't rely on data plan learning so there's no need for large flooding between sites. Scales easily across ASs. I'll be doing a video on that soon too though :) In the meantime, I'd recommend this video as a good intro if you're interested in the technology! ruclips.net/video/O8wU1qNlsyI/видео.html Thanks again, man! -John
you could utilise encryption on your dynamic routing protocol(e.g OSPF authentication with HMAC-SHA integrity, OSPF TTL security checks to prevent remote attacks etc)
Hey, Julio! I actually can't remember the one I was using in that video since ive since remade my EVE-NG and readded all my images. But the Arista image I'm using now is: vEOS64-lab-4.23.2F + Aboot-veos-serial-8.0.0 Both available for free from the Arista website if you sign up! To setup I simply followed the EVE-NG website, with of course changing the name of the image to the ones I'm using. After that your VXLAN should work no problem (hopefully!) Give it a try and don't hesitate to message me back if you run into any more problems :) -John
@@IPvZero thank you for the quick response. I was able to get 4.22.4M running. I'll have to try 4.23 later today and see if I fat fingered something. Thank you!
@@johnmoff9324 no, the vxlan header has an entirely separate 24 bit field. You don’t need to map vxlans to vlans if the traffic never leaves the vxlan, which it should not.
Fantastic material John. I watched you ages ago with your Nornir stuff. You using this much? Anything new on the horizon? I’m finding the new workplace mind-blowing, networking has change a mile in two years and knowing protocols and how systems really communicate is so important. I work for a cloud provider and have done so much Linux networking some of my Cisco and Juniper knowledge has dropped. The JUNOS and iOS has changed loads. Anyhow, it’s like we need to be a technologists these days rather than a specialist like in the past.
The absurd complexity of vPC has made me really appreciate how elegant VXLAN is. Pure layer 3 everywhere is awesome.
Super video. Really explains VXLAN in simple terms. Thanks
Loved the pacing of your video. Really well done! Going to watch your evpn bgp video now. Thank you.
Really one of the best video explanation for vxlan topic
thanks bro
Clear and great explanation. Thumbs Up!
Your videos are so helpful. Thanks a lot! Looking forward to the one with MP-BGP!
Thanks so much, Adam! Really appreciate it :)
AWESOME ! Thanks for this, really made it plain and simple
Brilliant video! Many thanks
I never understand vxlan before until I saw this video. And ive seen many before this.
Hey Catharsis! Thanks so much. Glad you found it helpful :)
-John
thanks for sharing this video and nice explanation
Thanks Mr.jon , we are waiting for mpbgp vxlan video....your videos are really helpful...Thanks for everything brother...you have good content with quality...
Thanks Ashif! Have been very busy recently - will hopefully get MPBGP VXLAN done soon :)
Thank you! Well explained!
Excellent and well explained video.
Thanks, Alex!! :)
well explained . thank u so much
Great video!
Only thing I'm struggling with is finding documentation for a command like 'ip address virtual' for Cisco nexus9300v.10.1.1, as doing VRRP/HSRP over VXLAN would take up a lot of IP addresses if you plan on adding a bunch of leaf switches. Do you have any idea to what would be preferred in a scenario like this for the Cisco world?:)
Very good lec... for beginners ..
Great explanation!! Thank you!
Thanks, Anar! Great to hear your feedback :)
-John
helpful video, Kindly upload the one with high perfoirmance nexus switches/MP BGP
Hi There, This video Was great and really explained the topic. One question what software/program are you using? Looks great
Hey, Ash! Thanks a lot! :)
The network software I'm using is called EVE-NG. I'm using the free Community edition which you can download for free here: www.eve-ng.net/
The illustrations are just using Windows "Snip & Sketch" with a drawing tablet.
Hope that helps!
-John
Hey,
why did you not configured jumbo frame ? since you added the vxlan header to the original frame
by the way , great video!
Great explanation. If you had 2x Nexus 5000 switches in one DC and two in another, both of them using Fabric Extenders. Say you wanted to do VXLAN across the DCI, would you need to do 4x VLAN tunnels, so Nexus1 to Nexus3, Nexus1 to Nexus4, Nexus2 to Nexus3 and Nexus2 to Nexus4?
Hy!
Where is the part 2 you are talking in the video? Can you leave a link or smtg? For the Data Plane configuring.
I enjoy listening that acsent
Hi , thanks for an excellent video . very precised to the point. any plan to to make BGP EVPN video ? thanks
Hey, M Haroon! Thanks for leaving your feedback. Great to get your thoughts! Yeah, I've got a backlog of videos I've got planned and BGP EVPN VXLAN is definitely one of them!
:)
-John
@@IPvZero Also looking for this one! Thanks for this video though. Really helpful.
I have a gns3 lab topology like this :
csr1000 as dmz router -> nexus 7K (2x) each as spine -> cisco IOU (4x) each as leaf -> each leaf have vm servers on it
can it work?
My laptop can't run 6 Nexus 7K lol
Or do you have any advice? (looking for other topologies/alternative for learning vxlan for data center)
Thank You!
Hi John, thank you for your video recommendation link/tip from 2016 Lukas Krattiger. That helped me, too :-) Kind Regards, Scottie
Thanks for the video, I see nothing configured on Spine switches here
Hi..great video! Which images did you use in EVE?
Brill thank you
Hey John , where is the control plane video ? pls
I have cisco catalyst at HQ and Extreme everywhere else. I replicate all my virtual machines to a branch office but our DB app IP cannot be changed, so I need vxlan but I have no idea how.
Really nice..👍
Thanks, NirodRanjan! Great to hear your feedback!!
What for a Machine is the vEO3, we have a Cisco Switch 9200 and i cannot do a int VXLAN 1
replication-type ingress command not found is that a problem in my version ?
Interface vxlan command is not working. Please advise how to enable the feature.
Another excellent video! I am learning a lot from your channel and your explanation in simple terms helps a great deal. I am slowly diving in Data centre technologies and some times the new features can be overwhelming. Want your help in understanding if this will work without the Spine-Leaf architecture over an existing VPLS/MPLS infrastructure we have globally. So our underlay uses VPLS and we use BGP as the overlay. Can VXLAN work in this scenario as long as we have reachability across AS's to the VTEP ID's?
Hey, Antonio! Thanks so much, I really appreciate your feedback!
Re: your question! VPLS is a layer 2 technology at heart ie with VPLS you wont get the ECMP, Arp Suppression, etc which is a huge benefit of VXLAN...whilst still providing the ability to offer L2 adjacency of course. What I think you want to be looking into would be MP-BGP VXLAN EVPN - that's the other (more complex but vastly more scalable) implementation of VXLAN. It doesn't rely on data plan learning so there's no need for large flooding between sites. Scales easily across ASs.
I'll be doing a video on that soon too though :)
In the meantime, I'd recommend this video as a good intro if you're interested in the technology!
ruclips.net/video/O8wU1qNlsyI/видео.html
Thanks again, man!
-John
good video. How to encrypt(secure) the traffic in leaf-spine network?
you could utilise encryption on your dynamic routing protocol(e.g OSPF authentication with HMAC-SHA integrity, OSPF TTL security checks to prevent remote attacks etc)
I just found your video and help me a lot, thanks from Indonesia.. could you please make translation on yt for make it easier 😁
Question for ya, What Arista image and serial iso did you end up using? I cant get mine to work! Thanks in advance!
Hey, Julio! I actually can't remember the one I was using in that video since ive since remade my EVE-NG and readded all my images.
But the Arista image I'm using now is:
vEOS64-lab-4.23.2F
+
Aboot-veos-serial-8.0.0
Both available for free from the Arista website if you sign up!
To setup I simply followed the EVE-NG website, with of course changing the name of the image to the ones I'm using. After that your VXLAN should work no problem (hopefully!)
Give it a try and don't hesitate to message me back if you run into any more problems :)
-John
@@IPvZero thank you for the quick response. I was able to get 4.22.4M running. I'll have to try 4.23 later today and see if I fat fingered something. Thank you!
Hello. Which IOS for doing this topo please ? Thanks
Can you give me the config file please?
Hi John, is VXLAN essentially doing the same thing as L2VPNs in MPLS or there is a technical advantage of using VXLAN particularly?
Vxlan supports 24 million distinct vlans, so that is an advantage
 if they are still mapped to the same 4094 vlans whats the advantage there?
@@johnmoff9324 no, the vxlan header has an entirely separate 24 bit field. You don’t need to map vxlans to vlans if the traffic never leaves the vxlan, which it should not.
Fantastic material John. I watched you ages ago with your Nornir stuff. You using this much? Anything new on the horizon? I’m finding the new workplace mind-blowing, networking has change a mile in two years and knowing protocols and how systems really communicate is so important. I work for a cloud provider and have done so much Linux networking some of my Cisco and Juniper knowledge has dropped. The JUNOS and iOS has changed loads. Anyhow, it’s like we need to be a technologists these days rather than a specialist like in the past.
mtu?