Day 1 Configurations

Create a Layer 2 Network

Procedure

Step 1

In NDFC, navigate to LAN > Fabrics, if you are not there already.

A page showing all of the configured fabrics appears.

Step 2

Double-click the Enhanced Classic LAN fabric that you created using the procedures provided in Configure the Enhanced Classic LAN Fabric.

The Fabric Overview page for that fabric appears.

Step 3

Click the Networks tab.

Step 4

Create the Layer 2 network.

  1. In the Networks tab, click Actions > Create.

    The Create Network window appears.

  2. In the Create Network screen, enter the necessary information.

    • A default name for the Layer 2 network is automatically generated in the Network Name field, but you can change it, if necessary.

    • In the Layer 2 Only field, check the box to enable this option. This specifies that this network is Layer 2 only.

    • In the VLAN ID field, enter a value to use for the associated VLAN, or click Propose VLAN to have NDFC propose a VLAN ID for your Layer 2 network, based on the available resources (the range is customizable in Fabric Settings).

    • In the Network Template field, leave the default Network_Classic option selected.

      This is the correct template to use for the Layer 2 network.

    • The gateway for a Layer 2 network resides outside of the fabric; therefore, the IP addresses in the General Parameters page are left empty.

  3. Fill in the remaining fields as necessary for your Layer 2 network, if necessary.

  4. Click Create.

    You are returned to the Networks tab for the Enhanced Classic LAN fabric.

Step 5

Add the network to an interface group, if necessary.

Interface groups are useful if you are trying to deploy a network to a group of interfaces.

  1. In the Networks tab for the Enhanced Classic LAN fabric, click on the Layer 2 network that you just created, then click Actions > Add to Interface Group.

  2. Select the interface group that you want to add, or click Create Interface Group to create a new interface group to add.

    For more detailed procedures on adding a network to an interface group, see Interface Groups in the Cisco NDFC-Fabric Controller Configuration Guide .

Step 6

Attach the network.

Once you've created the Layer 2 network, you can attach it to host-facing ports on the Access switch, which will then allow the VLAN on these trunk or access ports and also on the vPC/port channel/standalone ports between the Access and Aggregation switches.

Determine if you want to perform a quick attach or a multi-attach.

  • If you want to perform a quick attach, where you will attach this network to the selected switches, follow these steps:

  1. In the Networks tab for the Enhanced Classic LAN fabric, double-click on the Layer 2 network that you just created.

  2. Click the Network Attachments tab.

  3. Locate the switches with aggregation shown in the Switch Role column and click the boxes next to those switches.

  4. Click Actions > Quick Attach, then go to Step 7.

  • If you want to perform a multi-attach:

  1. In the Networks tab for the Enhanced Classic LAN fabric, click on the Layer 2 network that you just created, then click Actions > Multi-Attach.

  2. Click the box next to each switch that you want to attach to the network, then click Next.

  3. Click the box next to each interface that you want to select, then select the interfaces using either Bulk Paste or View Interfaces.

    • If you select Bulk Paste, enter the interfaces to be pasted in the Interfaces List area, then click Save.

    • If you select View Interfaces, click the boxes next to the specific ports that you want to attach in the following screen, then click Save.

  4. In the Select Interfaces window, click Next.

  5. Make the necessary deployment selection in the next window, then click Save.

Step 7

Deploy the network.

In the Network Attachments window, select the networks that you just attached, then click Actions > Deploy.

Step 8

When the recalculation process is completed, click Deploy and verify that the status shown in the Config Status column shows as In-Sync.

What to do next

Create a Layer 3 network using the procedures provided in Create a Layer 3 Network.

Create a Layer 3 Network

A Layer 3 network can be in either a default or a custom VRF.

Before you begin

Procedure

Step 1

Navigate to the Networks tab for the Enhanced Classic LAN fabric, if you are not there already.

  1. In NDFC, navigate to LAN > Fabrics.

    A page showing all of the configured fabrics appears.

  2. Double-click the Enhanced Classic LAN fabric that you created using the procedures provided in Configure the Enhanced Classic LAN Fabric.

    The Fabric Overview page for that fabric appears.

  3. Click the Networks tab.

Step 2

Create the Layer 3 network.

  1. In the Networks tab, click Actions > Create.

    The Create Network window appears.

  2. In the Create Network screen, click the General Parameters tab and enter the necessary information.

    • Change the name for the Layer 3 network in the Network Name field, if necessary.

      The entry in the Network Name field is auto-populated but can be changed, if necessary.

    • In the Layer 2 Only field, verify that there is no check in the box so that this option is not enabled.

      You do not want the Layer 2 Only option enabled for a Layer 3 network.

  3. Determine if you want to use the default VRF or if you want to create a VRF for this Layer 3 network.

    • If you want to use the default VRF for this Layer 3 network, in the VRF Name field, choose default from the list of VRFs available. Go to 2.d.

    • Follow these steps if you want to create a custom VRF for this Layer 3 network:

      1. In the VRF Name field, click Create VRF.

        The Create VRF page appears.

        Change the name for the custom VRF for the Layer 3 network in the VRF Name field, if necessary. The entry in the VRF Name field is auto-populated but can be changed, if necessary.

      2. Click the General Parameters tab and enter the necessary information.

        (Optional) Enable the Enable Auto Peering over SVI Between VPC Aggregations option if desired, which enables per VRF iBGP or OSPF peering between Aggregation switches. Note that the protocol used is based on the VRF-Lite routing protocol configured in the Fabric setting.

      3. Click the Advanced tab and enter the necessary information.

        The settings in the Advanced area include options for BGP authentication, route maps, and static 0/0 configurations, where you could configure a default (0/0) route towards the core switch.

      4. Click Save to save the custom VRF for the Layer 3 network.

        You are returned to the Create Network page.

        Once this Layer 3 network is attached in the next step, if the Enable Auto Peering over SVI Between VPC Aggregations option is enabled, NDFC will create the configuration for an iBGP peering session or an OSPF neighborship between the Aggregation switches for this new VRF, including the VLAN ID and the IP address for the SVI.

  4. In the Create Network screen, enter the necessary information in the remaining fields in the General Parameters tab.

    • In the VLAN ID field, enter a value to use for the associated VLAN, or click Propose VLAN to have NDFC propose a VLAN ID for your Layer 3 network, based on the available resources (the range is customizable in Fabric Settings).

    • Define the gateway IP address in either the IPv4 Gateway/Netmask or the IPv6 Gateway/Netmask fields.

      You must define the IPv4 or IPv6 gateway IP address for the Layer 3 network. For these procedures, the gateway is the Aggregation switch within the fabric.

      Note

       

      For the next two fields in the General Parameters tab, note that you will be defining the active and standby devices in a later step in these procedures.

    • Define the interface address on the active/master device in either the Interface IPv4 addr on active or the Interface IPv6 addr on active fields.

    • Define the interface address on the standby/backup device in either the Interface IPv4 addr on standby or the Interface IPv6 addr on standby fields.

  5. In the Create Network screen, click the Advanced tab and enter the necessary information.

    Customize the First Hop Redundancy Protocol settings (either HSRP or VRRP, based on the fabric settings) in this page. You can determine which of the Aggregation switches will be used for the active and standby First Hop Redundancy Protocol when you attach the network.

  6. Fill in the remaining fields as necessary for your Layer 3 network.

  7. Click Create.

    The Networks page displays the newly created Layer 3 network and accompanying VRF.

Step 3

Add the network to an interface group, if necessary.

Interface groups are useful if you are trying to deploy a network to a group of interfaces.

  1. In the Networks tab for the Enhanced Classic LAN fabric, click on the Layer 3 network that you just created, then click Actions > Add to Interface Group.

  2. Select the interface group that you want to add, or click Create Interface Group to create a new interface group to add.

    For more detailed procedures on adding a network to an interface group, see Interface Groups in the Cisco NDFC-Fabric Controller Configuration Guide .

Step 4

Attach the network.

Once you've created the Layer 3 network, you can attach it to host-facing ports on the Access switch, which will then allow the VLAN on these trunk or access ports and also on the vPC/port channel/standalone ports between the Access and Aggregation switches.

Determine if you want to perform a quick attach or a multi-attach.

  • If you want to perform a quick attach, where you will attach this network to the selected switches, follow these steps:

  1. In the Networks tab for the Enhanced Classic LAN fabric, double-click on the Layer 3 network that you just created.

  2. Click the Network Attachments tab.

  3. Locate the switches with aggregation shown in the Switch Role column and click the boxes next to those switches.

  4. Click Actions > Quick Attach, then go to Step 5.

  • If you want to perform a multi-attach:

  1. In the Networks tab for the Enhanced Classic LAN fabric, click on the Layer 3 network that you just created, then click Actions > Multi-Attach.

  2. Click the box next to each switch that you want to attach to the network, then click Next.

  3. Click the box next to each interface that you want to select, then select the interfaces using either Bulk Paste or View Interfaces.

    • If you select Bulk Paste, enter the interfaces to be pasted in the Interfaces List area, then click Save.

    • If you select View Interfaces, click the boxes next to the specific ports that you want to attach in the following screen, then click Save.

  4. In the Select Interfaces window, click Next.

  5. Make the necessary deployment selection in the next window, then click Save.

Step 5

Deploy the network.

In the Network Attachments window, select the networks that you just attached, then click Actions > Deploy.

Step 6

When the recalculation process is completed, click Deploy and verify that the status shown in the Config Status column shows as In-Sync.

What to do next

Configure the VRF Lite extension using the procedures provided in Configure the VRF Lite Extension.

Configure the VRF Lite Extension

In these procedures, you will configure the VRF Lite extension between the Aggregation and Core switches. NDFC supports either automatic or manual configuration modes for VRF Lite between the Aggregation and Core switches. For this use case, we will configure VRF Lite using the automatic configuration.

You can go through the configurations in this section whether you have a three-tier topology or a two-tier (Collapsed Core) topology. However, in order to be able to configure the VRF Lite extension, you must have created a custom VRF for the Layer 3 network in Create a Layer 3 Network, rather than using a default VRF.

Procedure

Step 1

Verify that the necessary default configurations in the Resources page are set correctly for VRF Lite.

  1. In NDFC, navigate to LAN > Fabrics, if you are not there already.

    A page showing all of the configured fabrics appears.

  2. Double-click the Enhanced Classic LAN fabric that you created using the procedures provided in Configure the Enhanced Classic LAN Fabric.

    The Fabric Overview page for that fabric appears.

  3. Click Actions > Edit Fabric.

    The Edit Fabric page appears.

  4. Click the Resources tab.

  5. Verify that the necessary default configurations in the Resources page are set correctly for VRF Lite.

    • In the Agg-Core/Agg-Edge Connectivity field, verify that the Auto option is set.

      The Aggregation-Core peering protocol that will be used is based on the setting that you entered in the Routing Protocol field in Configure the Enhanced Classic LAN Fabric.

    • Check the box in the Auto Generate VRF Lite Configuration on Agg and Core/Edge field to enable this option.

      • If the Routing Protocol field is set to ebgp and you are using the Cisco Nexus 7000 or 9000 Series switches, or the Cisco Catalyst 9000 series switches for the Core layer, enabling the Auto Generate VRF Lite Configuration on Agg and Core/Edge option automatically generates the VRF Lite configuration on the Aggregation and Core switches.

      • If the Routing Protocol field is set to ospf and you are using the Cisco Nexus 7000 or 9000 Series switches for the Core layer, enabling the Auto Generate VRF Lite Configuration on Agg and Core/Edge option automatically generates the VRF Lite configuration on the Aggregation and Core switches.

      • In other cases, such as using Cisco ASR 9000 Series Aggregation Service Routers as the Core Router or Edge Router, then the VRF Lite intent and configurations will not be automatically generated on the Core Router or Edge Router. Instead, for each VRF, you must manually create a policy using the necessary policy.

Step 2

Verify that the links between the Aggregation and Core switches have the correct templates attached and the proper settings applied.

  1. Navigate back to the Fabric Overview page for the Enhanced Classic LAN fabric.

    The Overview page for that fabric appears.

  2. Click the Links tab.

  3. Locate the links from the Aggregation switches to the Core switches in this page.

    For example, you would have two Aggregation switches and one Core switch for this use case, so you would therefore locate these two links in this page:

    • The link between the first Aggregation switch and the Core switch

    • The link between the second Aggregation switch and the Core switch

  4. Click on the box next to the link between the first Aggregation switch and the Core switch, then click Actions > Edit.

    The Link Management - Edit Link page appears for this link.

  5. Verify that VRF_LITE is automatically selected in the Link Sub-Type field.

  6. Verify that all of the remaining parameters are automatically populated correctly, such as the source and destination fabrics, devices, and interfaces.

  7. (Optional) Repeat these steps for the remaining links from the Aggregation switches to the Core switches in this page, if you want additional verification.

    For example, since we have two Aggregation switches in this use case, you would click the link between the second Aggregation switch and the Core switch in this page, then repeat these steps to verify that the links between the second Aggregation switch and the Core switch have the correct templates attached and the proper settings applied.

Step 3

In the Fabric Overview page for the Enhanced Classic LAN fabric, click the VRFs tab.

Step 4

Double-click the custom VRF that you created for the Layer 3 network.

The VRF Overview page appears for this VRF.

Step 5

Click the VRF Attachments tab.

The VRF attachments for this VRF are displayed.

Step 6

Click the boxes next to the VRF attachments that you want to extend using VRF Lite and click Actions > Edit.

Step 7

In the Edit VRF Attachment page, make the necessary configurations to extend the VRF attachments using VRF Lite to attach the Aggregation switches to the Core switche.

  • Flip the switch to Attach at the top of the page.

  • In the Extend field, choose the VRF_LITE option.

  • Click Attach-All.

Click Save once you have completed the necessary configurations in the Edit VRF Attachment page. You are returned to the VRF Attachments page.

Step 8

Deploy the configuration using either of the two methods described below.

  • In the VRF Attachments page, select the two VRF attachments and click Actions > Deploy.

  • In the Fabric Overview page for the Enhanced Classic LAN fabric, click the Switches tab and click the boxes next to the two Aggregation switches, then click Actions > Deploy.

Step 9

If you created a External Connectivity Network fabric for the core tier using the procedures in Configure the External Connectivity Network Fabric, navigate back to LAN > Fabrics and double-click on the External Connectivity Network fabric.

You must perform the same operations on the External Connectivity Network fabric to enable the pending configurations for VRF Lite to also be pushed to the Core switches.

Step 10

In the Fabric Overview page for the External Connectivity Network fabric, click the Switches tab and click the box next to the Core switch, then click Actions > Deploy.

Step 11

Preview the configuration updates as the deployment process progresses.

You can click on the blue link in the Pending Config column to get additional information on the changes that are being configured for the Core switch.

Step 12

When the recalculation process is completed, click Deploy All and verify that the status shown in the Config Status column shows as In-Sync.