Multihoming in a BGP EVPN VXLAN Fabric Configuration Guide, Cisco IOS XE 26.x.x and Later

PDF

Reference configuration for EVPN multihoming in BGP EVPN fabric networks

Updated: April 10, 2026

Want to summarize with AI?

Log in

Overview

Provides a reference configuration for EVPN multihoming with iBGP-based hierarchical BGP peering on Cisco Catalyst 9000 series switches.

This section provides EVPN multihoming with iBGP-based hierarchical BGP peering on Cisco Catalyst 9000 series switches.

The reference configurations for Cisco Catalyst 9000 series switches include the fabric device roles of leaf, spine, and border. Additionally, the border-spine device role is also supported.

These configuration examples incorporate various Cisco-validated best practices to support better scale and network resiliency.

iBGP-based network configuration

This section provides step-by-step configuration to implement EVPN multihoming with BGP EVPN fabric in an iBGP-based enterprise campus network. The underlay network built upon dynamic IGP routing protocols, such as OSPF in a multiarea network, is implemented to support large scale fabric networks with resiliency.

The following illustration shows an iBGP-based network design in a multi-tier physical network with divided unique fabric device-roles across each layer.

Figure 1. iBGP-based EVPN multihoming reference fabric network

iBGP-based EVPN multihoming reference fabric network

The following table provides Cisco-validated best practices to build a two-tier hierarchical iBGP peering between two Cisco Catalyst 9000 series switches in EVPN multihoming mode, and iBGP peering to a pair of spine switches.

Table 1. Two-tier hierarchical iBGP peering between a pair of spine switches

Step

Leaf1

Leaf 2

1: Global best practices

 
!  
system mtu 9100  
!  
port-channel load-balance 
  vlan-src-dst-mixed-ip-port  
ip cef load-sharing algorithm 
   include-ports  
 source destination protocol  
!  
ip tcp mss 8000  
ip tcp window-size 262144  
ip tcp path-mtu-discovery  
! 


!  
system mtu 9100  
!  
port-channel load-balance 
  vlan-src-dst-mixed-ip-port  
ip cef load-sharing algorithm 
   include-ports  
 source destination protocol  
!  
ip tcp mss 8000  
ip tcp window-size 262144  
ip tcp path-mtu-discovery  
!

2: Inter-ES Layer 3 EtherChannel

 
! 
interface Port-Channel 128  
 description CONNECTED TO EVPN 
    MH ES SWITCH 
 no switchport  
ip ospf network point-to-point  
 ip ospf multi-area 0  
 ip ospf 100 area 101  
 ip ospf 100 cost 10  
 carrier-delay msec 0  
 hold-queue 4094 in  
 hold-queue 4094 out  
 evpn multihoming core-tracking  
! 


! 
interface Port-Channel 128  
 description CONNECTED TO EVPN 
    MH ES SWITCH 
 no switchport  
ip ospf network point-to-point  
 ip ospf multi-area 0  
 ip ospf 100 area 101  
 ip ospf 100 cost 10  
 carrier-delay msec 0  
 hold-queue 4094 in  
 hold-queue 4094 out  
 evpn multihoming core-tracking  
!

3: IGP routing and core interfaces

 
!  
router ospf 100  
 router-id 10.200.255.101  
 max-metric router-lsa include-stub  
  summary-lsa external-lsa on-startup 
      wait-for-bgp   
 nsf cisco   
 fast-reroute per-prefix enable 
    prefix-priority low  
 area 101 stub no-summary  
 passive-interface default  
 no passive-interface Port-Channel 128  
 no passive-interface HundredGig1/0/49  
 no passive-interface HundredGig1/0/50  
!  
interface Loopback 0  
ip ospf 100 area 0  
!  
interface range HundredGig1/0/49-50  
 description CONNECTED TO SPINE DEVICES  
 ip ospf 100 area 0  
 ip ospf network point-to-point  
 carrier-delay msec 0  
 hold-queue 4094 in  
 hold-queue 4094 out  
 evpn multihoming core-tracking  
! 


!  
router ospf 100  
 router-id 10.200.255.102  
 max-metric router-lsa include-stub  
  summary-lsa external-lsa on-startup 
   wait-for-bgp   
 nsf cisco   
 fast-reroute per-prefix enable  
   prefix-priority low  
 area 101 stub no-summary  
 passive-interface default  
 no passive-interface Port-Channel 128  
 no passive-interface HundredGig1/0/49  
 no passive-interface HundredGig1/0/50  
!  
interface Loopback 0  
ip ospf 100 area 0  
!  
interface range HundredGig1/0/49-50  
 description CONNECTED TO SPINE DEVICES  
 ip ospf 100 area 0  
 ip ospf network point-to-point  
 carrier-delay msec 0  
 hold-queue 4094 in  
 hold-queue 4094 out  
 evpn multihoming core-tracking  
!

4: Inter-ES EVPN MH iBGP peering 

!  
router bgp 65101  
 template peer-policy  
  ES-PEER-POLICY  
  send-community both  
 !  
 template peer-session  
   ES-PEER-SESSION-POLICY  
  remote-as 65101  
  description EVPN-MH-DIST-1-PEER 
  update-source Loopback0  
  cluster-id 1.1.1.1 
  fall-over host-route  
 !  
 bgp router-id interface Loopback0  
 bgp log-neighbor-changes  
 bgp graceful-restart  
 no bgp default ipv4-unicast 
 bgp cluster-id 1.1.1.1  
 neighbor 10.200.255.102 
    inherit peer-session  
  ES-PEER-SESSION-POLICY  
 !  
 address-family l2vpn evpn  
  bgp nexthop trigger critical-delay 0  
  neighbor 10.200.255.102 activate  
  neighbor 10.200.255.102 
     send-community both  
  neighbor 10.200.255.102 inherit 
    peer-policy  
   ES-PEER-POLICY  
 ! 


!  
router bgp 65101  
 template peer-policy  
  ES-PEER-POLICY  
  send-community both  
 !  
 template peer-session  
   ES-PEER-SESSION-POLICY  
  remote-as 65101  
  description EVPN-MH-DIST-1-PEER 
  update-source Loopback0  
  cluster-id 1.1.1.1 
  fall-over host-route  
 !  
 bgp router-id interface Loopback0  
 bgp log-neighbor-changes  
 bgp graceful-restart  
 no bgp default ipv4-unicast 
 bgp cluster-id 1.1.1.1  
 neighbor 10.200.255.101 inherit 
    peer-session  
  ES-PEER-SESSION-POLICY  
 !  
 address-family l2vpn evpn  
  bgp nexthop trigger critical-delay 0  
  neighbor 10.200.255.101 activate  
  neighbor 10.200.255.101 send-community 
    both  
  neighbor 10.200.255.101 inherit 
     peer-policy  
   ES-PEER-POLICY  
 !

5: Fabric iBGP peering

 
! 
router bgp 65101 
 ! 
 template peer-policy EVPN-SPINE-PEER-POLICY 
  send-community both 
 ! 
 template peer-session 
    EVPN-SPINE-PEER-SESSION-POLICY 
  remote-as 65101 
  description EVPN-SPINE-PEER 
  log-neighbor-changes 
  update-source Loopback0 
  fall-over host-route 
 ! 
 neighbor 10.100.255.3 inherit peer-session 
    EVPN-SPINE-PEER-SESSION-POLICY 
 neighbor 10.100.255.4 inherit peer-session 
    EVPN-SPINE-PEER-SESSION-POLICY 
 ! 
 address-family l2vpn evpn 
  neighbor 10.100.255.3 activate 
  neighbor 10.100.255.3 send-community both 
  neighbor 10.100.255.3 inherit peer-policy 
    EVPN-SPINE-PEER-POLICY 
  neighbor 10.100.255.4 activate 
  neighbor 10.100.255.4 send-community both 
  neighbor 10.100.255.4 inherit peer-policy 
    EVPN-SPINE-PEER-POLICY 
 ! 


! 
router bgp 65101 
 ! 
 template peer-policy 
   EVPN-SPINE-PEER-POLICY 
  send-community both 
 ! 
 template peer-session 
   EVPN-SPINE-PEER-SESSION-POLICY 
  remote-as 65101 
  description EVPN-SPINE-PEER 
  log-neighbor-changes 
  update-source Loopback0 
  fall-over host-route 
 ! 
 neighbor 10.100.255.3 inherit peer-session 
   EVPN-SPINE-PEER-SESSION-POLICY 
 neighbor 10.100.255.4 inherit peer-session
   EVPN-SPINE-PEER-SESSION-POLICY 
 ! 
 address-family l2vpn evpn 
  neighbor 10.100.255.3 activate 
  neighbor 10.100.255.3 send-community both 
  neighbor 10.100.255.3 inherit peer-policy
    EVPN-SPINE-PEER-POLICY 
  neighbor 10.100.255.4 activate 
  neighbor 10.100.255.4 send-community both 
  neighbor 10.100.255.4 inherit peer-policy 
    EVPN-SPINE-PEER-POLICY 
 !

The following table provides step-by-step reference configurations, including Cisco validated best practices to configure iBGP peering between a pair of spine and border switches.

Table 2. iBGP peering between a pair of spine and border switches

Step

Spine 1 and Spine 2

Border 1 and Border 2

1: Global best practices

 
!  
system mtu 9100  
!  
port-channel load-balance 
  vlan-src-dst-mixed-ip-port  
ip cef load-sharing algorithm 
  include-ports  
 source destination protocol  
!  
ip tcp mss 8000  
ip tcp window-size 262144  
ip tcp path-mtu-discovery  
! 


!  
system mtu 9100  
!  
port-channel load-balance 
  vlan-src-dst-mixed-ip-port  
ip cef load-sharing algorithm 
  include-ports  
 source destination protocol  
!  
ip tcp mss 8000  
ip tcp window-size 262144  
ip tcp path-mtu-discovery  
!

2: IGP routing

 
Spine-1 
!  
router ospf 100  
 router-id 10.200.255.3  
 max-metric router-lsa include-stub  
  summary-lsa external-lsa on-startup 
   wait-for-bgp   
 nsf cisco   
 fast-reroute per-prefix enable 
   prefix-priority low  
passive-interface default  
 no passive-interface Port-Channel 128  
 no passive-interface HundredGig1/0/49  
 no passive-interface HundredGig1/0/50  
!	 
Spine-2 
!  
router ospf 100  
 router-id 10.200.255.4 
 max-metric router-lsa include-stub  
  summary-lsa external-lsa on-startup 
    wait-for-bgp   
 nsf cisco   
 fast-reroute per-prefix enable 
   prefix-priority low  
passive-interface default  
 no passive-interface Port-Channel 128  
 no passive-interface HundredGig1/0/1 
 no passive-interface HundredGig1/0/2 
 no passive-interface HundredGig1/0/3 
 no passive-interface HundredGig1/0/4  
! 


Border-1 
!  
router ospf 100  
 router-id 10.200.255.1 
 max-metric router-lsa include-stub  
  summary-lsa external-lsa on-startup 
   wait-for-bgp   
 nsf cisco   
 fast-reroute per-prefix enable 
   prefix-priority low  
passive-interface default  
 no passive-interface Port-Channel 128  
 no passive-interface HundredGig1/0/49  
 no passive-interface HundredGig1/0/50  
!	 
Border-2 
!  
router ospf 100  
 router-id 10.200.255.2 
 max-metric router-lsa include-stub  
  summary-lsa external-lsa on-startup 
    wait-for-bgp   
 nsf cisco   
 fast-reroute per-prefix enable 
   prefix-priority low  
passive-interface default  
 no passive-interface Port-Channel 128  
 no passive-interface HundredGig1/0/49  
 no passive-interface HundredGig1/0/50  
!

3: Core interfaces

 
!  
interface Loopback 0 
ip ospf 100 area 0  
!  
interface range HundredGig1/0/1-2 
 description CONNECTED TO EVPN MH 
   LEAF DEVICES  
 ip ospf 100 area 0  
 ip ospf network point-to-point  
 carrier-delay msec 0  
 hold-queue 4094 in  
 hold-queue 4094 out  
! 
interface range HundredGig1/0/3-4  
 description CONNECTED TO BORDER DEVICES  
 ip ospf 100 area 0  
 ip ospf network point-to-point  
 carrier-delay msec 0  
 hold-queue 4094 in  
 hold-queue 4094 out  
! 


! 
interface Loopback 0  
ip ospf 100 area 0  
!  
interface range HundredGig1/0/49-50  
 description CONNECTED TO SPINE DEVICES  
 ip ospf 100 area 0  
 ip ospf network point-to-point  
 carrier-delay msec 0  
 hold-queue 4094 in  
 hold-queue 4094 out  
!

4: Fabric BGP peering

 
! 
router bgp 65101 
 template peer-policy EVPN-LEAF-PEER-POLICY 
  send-community both 
  route-reflector-client 
 ! 
 template peer-session 
   EVPN-LEAF-BORDER-PEER-SESSION-POLICY 
  remote-as 65101 
  description EVPN-LEAF-PEER 
  log-neighbor-changes 
  update-source Loopback0 
  fall-over host-route 
 ! 
template peer-policy EVPN-BORDER-PEER-POLICY 
  send-community both 
  route-reflector-client 
 ! 
template peer-session 
   EVPN-BORDER-PEER-SESSION-POLICY 
  remote-as 65101 
  description EVPN-BORDER-PEER 
  log-neighbor-changes 
  update-source Loopback0 
  fall-over host-route 
 ! 
 bgp router-id interface Loopback0 
 no bgp client-to-client reflection 
    intra-cluster cluster-id 1.1.1.1 
 bgp log-neighbor-changes 
 bgp graceful-restart 
 no bgp default ipv4-unicast 
 neighbor 10.100.255.1 inherit peer-session 
   EVPN-BORDER-PEER-SESSION-POLICY 
 neighbor 10.100.255.2 inherit peer-session 
   EVPN-BORDER-PEER-SESSION-POLICY 
 neighbor 10.100.255.101 inherit peer-session 
   EVPN-LEAF-PEER-SESSION-POLICY 
 neighbor 10.100.255.101 cluster-id 1.1.1.1 
 neighbor 10.100.255.102 inherit peer-session 
   EVPN-LEAF-PEER-SESSION-POLICY 
 neighbor 10.100.255.102 cluster-id 1.1.1.1 
! 
address-family l2vpn evpn 
  bgp nexthop trigger critical-delay 0 
  neighbor 10.100.255.1 activate 
  neighbor 10.100.255.1 send-community both 
  neighbor 10.100.255.1 inherit peer-policy 
    EVPN-BORDER-PEER-POLICY 
  neighbor 10.100.255.2 activate 
  neighbor 10.100.255.2 send-community both 
  neighbor 10.100.255.2 inherit peer-policy 
    EVPN-BORDER-PEER-POLICY 
  neighbor 10.100.255.101 activate 
  neighbor 10.100.255.101 send-community both 
  neighbor 10.100.255.101 inherit peer-policy 
    EVPN-LEAF-PEER-POLICY 
  neighbor 10.100.255.102 activate 
  neighbor 10.100.255.102 send-community both 
  neighbor 10.100.255.102 inherit peer-policy 
    EVPN-LEAF-PEER-POLICY 
! 


! 
router bgp 65101 
 ! 
 template peer-policy EVPN-SPINE-PEER-POLICY 
  send-community both 
 ! 
 template peer-session 
   EVPN-SPINE-PEER-SESSION-POLICY 
  remote-as 65101 
  description EVPN-SPINE-PEER 
  log-neighbor-changes 
  update-source Loopback0 
  fall-over host-route 
 ! 
 neighbor 10.100.255.3 inherit peer-session 
   EVPN-SPINE-PEER-SESSION-POLICY 
 neighbor 10.100.255.4 inherit peer-session 
   EVPN-SPINE-PEER-SESSION-POLICY 
 ! 
 address-family l2vpn evpn 
  neighbor 10.100.255.3 activate 
  neighbor 10.100.255.3 send-community both 
  neighbor 10.100.255.3 inherit peer-policy 
    EVPN-SPINE-PEER-POLICY 
  neighbor 10.100.255.4 activate 
  neighbor 10.100.255.4 send-community both 
  neighbor 10.100.255.4 inherit peer-policy 
    EVPN-SPINE-PEER-POLICY 
 !