Cisco Nexus 7000 OTV configuration

Another post, this time about the basic OTV configuration on a Nexus 7000.
The OTV configuration has the be made on a different switch (or VDC) where no SVI’s are configured for the VLAN’s you want to extend to the other site.
First of all some terminology:
  • Edge device: This device performs layer 2 activities (to the internal network) and OTV transportation to the other site(s).
  • Transport network: This is the network (can be layer 3) that connects all the sites. This is your WAN connection, possible managed by your service provider.
  • Join interface: This is the uplink interface on the edge device that is connected to the transport network.
  • Internal interface: This is the interface on the edge device that is connected to the internal network.
  • Overlay interface: This is a logical interface, with support for multi access, multicast. This interface encapsulates layer 2 frames in IP headers (also ‘MAC routing’)
  • Overlay network: A logical network that connects all sites together and uses MAC routing for interconnecting the sites.
  • Site: Your (layer 2) network on a location. In most cases, this is one of your datacenters.
For a technical deep dive, I’ll refer to the Cisco OTV design and configuration guides.
Let’s get this up and running!
The network layout in this testlab looks like this:
Let’s add a few test VLANs on switch 1 and 2 and a SVI for VLAN2:
switch1(config)# vlan 1-4,99
switch1(config-vlan)# exit
Repeat the same steps for switch2!
Creating a SVI:
switch1(config)# feature interface-vlan
switch1(config)# int vlan 2
switch1(config-if)# ip add 10.0.0.1 255.255.255.0

switch2(config)# feature interface-vlan
switch2(config)# int vlan 2
switch2(config-if)# ip add 10.0.0.2 255.255.255.0
Because of the fact that we’re using a SVI on a VLAN we want to extend, we have to create a VDC for the OTV configuration and allocate some ports to this VDC:
switch1(config)#vdc otv1
switch1(config-vdc)#allocate interface Ethernet1/25,Ethernet1/27,Ethernet1/29,Ethernet1/31
switch1(config-vdc)#allocate interface Ethernet10/2
Repeat the same steps for switch2!
Let’s add start the configuring the OTV configuration itself.
First, enter the VDC otv1:
switch1(config)# switchto vdc otv1
We’re in a new prompt:
switch1-otv1#
First, enable the otv feature
switch1-otv1(config)#feature otv
Prepare the join interface:
switch1-otv1(config)# interface Ethernet1/25
switch1-otv1(config-if)# ip address 192.168.1.1/24
switch1-otv1(config-if)# ip igmp version 3
switch1-otv1(config-if)#no shutdown
Switch2-otv2 will be configured with ip address 192.168.1.2/24
Create a overlay interface:
switch1-otv1(config)# interface overlay 1
switch1-otv1(config-if-overlay)# otv join-interface Ethernet1/25
switch1-otv1(config-if-overlay)# otv control-group 239.1.1.1
switch1-otv1(config-if-overlay)# otv data-group 232.1.1.0/28
switch1-otv1(config-if-overlay)# otv extend-vlan 2-99
switch1-otv1(config-if-overlay)# no shutdown
The overlay configuration is identical for switch2-otv2.
We’ve extended vlan range 2-99 to the other site.
Last but not least, configure a site-id. This site-id is local per site! Configure on each site a different site-id.
switch1-otv1(config)# otv site-identifier 0x1
switch2-otv2(config)# otv site-identifier 0x2
Don’t forget to create a trunk between the OTV VDC and the primairy VDC for the extended vlans.
And we’re done!
Let’s verify:
switch1-otv1(config)# sh otv overlay 1

OTV Overlay Information
Site Identifier 0000.0000.0002

Overlay interface Overlay1

VPN name            : Overlay1
VPN state           : UP
Extended vlans      : 2-99 (Total:98)
Control group       : 239.1.1.1
Data group range(s) : 232.1.1.0/28
Join interface(s)   : Eth1/25 (192.168.1.1)
Site vlan           : 100 (up)
AED-Capable         : Yes
Capability          : Multicast-Reachable

switch2-otv1(config)# sh otv route

OTV Unicast MAC Routing Table For Overlay1

VLAN MAC-Address     Metric  Uptime    Owner      Next-hop(s)
---- --------------  ------  --------  ---------  -----------
   2 4055.3906.9341  1       01:56:34  site       Ethernet10/2
   2 64a0.e73f.3e41  42      01:56:34  overlay    switch1-otv2
And try a end to end ping between the two SVIs:
switch2(config)# ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1): 56 data bytes
64 bytes from 10.0.0.1: icmp_seq=0 ttl=254 time=1.421 ms
64 bytes from 10.0.0.1: icmp_seq=1 ttl=254 time=0.891 ms
64 bytes from 10.0.0.1: icmp_seq=2 ttl=254 time=0.86 ms
64 bytes from 10.0.0.1: icmp_seq=3 ttl=254 time=0.863 ms
64 bytes from 10.0.0.1: icmp_seq=4 ttl=254 time=0.813 ms— 10.0.0.1 ping statistics —
5 packets transmitted, 5 packets received, 0.00% packet loss
round-trip min/avg/max = 0.813/0.969/1.421 ms
Life is good :)