Guidelines and Limitations for VXLAN BGP EVPN
VXLAN BGP EVPN has the following guidelines and limitations:
-
SVI and sub-interfaces as core links are not supported along with Layer 2 GW configurations.
-
In a VXLAN EVPN setup, border leaves must use unique route distinguishers, preferably using auto rd command. It is not supported to have same route distinguishers in different border leaves.
-
ARP suppression is only supported for a VNI if the VTEP hosts the First-Hop Gateway (Distributed Anycast Gateway) for this VNI. The VTEP and the SVI for this VLAN have to be properly configured for the distributed anycast gateway operation, for example, global anycast gateway MAC address configured and anycast gateway feature with the virtual IP address on the SVI.
-
The show commands with the internal keyword are not supported.
-
DHCP snooping (Dynamic Host Configuration Protocol snooping) is not supported on VXLAN VLANs.
-
SPAN for VXLAN uplink interface is not supported.
-
RACLs are not supported on Layer 3 uplinks for VXLAN traffic.
-
RACLS and PACLs are not supported for VXLAN VLANs.
-
QoS classification is not supported for VXLAN VLANs.
-
Uplink ports can be of type Layer 3 interface, sub-interface, or a Layer 3 port-channel interface. However with Layer 2 GW sub-interface uplink ports are not supported.
-
For EBGP, it is recommended to use a single overlay EBGP EVPN session between loopbacks.
-
Bind NVE to a loopback address that is separate from other loopback addresses that are required by Layer 3 protocols. A best practice is to use a dedicated loopback address for VXLAN.
-
VXLAN BGP EVPN does not support an NVE interface in a non-default VRF.
-
It is recommended to configure a single BGP session over the loopback for an overlay BGP session.
-
The VXLAN UDP port number is used for VXLAN encapsulation. For Cisco Nexus NX-OS, the UDP port number is 4789. It complies with IETF standards and is not configurable.
-
VXLAN does not support co-existence with the MPLS feature.
-
VXLAN with Layer 3 VPN is not supported.
-
VXLAN with ingress replication is not supported.
-
MLD snooping is not supported on VXLAN VLANs.
-
DHCP snooping is not supported on VXLAN VLANs.