Fabric Control Segment

FabricPath IS-IS Topology Discovery and Maintenance

FabricPath IS-IS is used as the link-state routing protocol in the DFA fabric. A single instance of FabricPath IS-IS runs in the fabric and carries switch reachability information for supporting multiple address families by leveraging MP-BGP. The native functionality supported by FabricPath IS-IS is leveraged for use in the DFA fabric. The primary functions include:

  • The computation of shortest, equal-cost multipaths between any two switches in the fabric.

  • The computation of multiple rooted distribution trees for the efficient and loop-free replication of multi-destination traffic within the fabric.

Switch IP address Resolution

The version 7.1(0)N1(1) of FabricPath IS-IS propagates the fabric-facing IPv4 and MAC address assigned through the fabric to each individual nodes within FabricPath IS-IS label switched paths (LSP). It thus provides IPv4 and IPv6 reachability among all the nodes within the fabric. It supports address resolution for the switch IP addresses, MAC address, and FabricPath switch ID which is used as encapsulation for switching data. It provides resilient multi-hop connectivity in the face of individual link or node failures, for both unicast paths and multi-destination trees.

Leaf, Border Leaf and Spine Common Commands
  1. For FabricPath, each switch needs a unique switch ID. FabricPath IS-IS requires the configuration of unique switch ID. The switch ID is a 12-bit value that identifies the switch in the FabricPath network. 
    
fabricpath switch-id $$SWITCH_ID$$
  2. Enable the FabricPath IS-IS feature along with the DFA fabric feature: 
    
install feature-set fabricpath
install feature-set fabric
feature-set fabricpath
feature-set fabric

feature fabric forwarding
feature interface-vlan
fabric forwarding identifier 1  //provides unique identification of a DFA fabric
  3. Setting up the fabric facing FabricPath interfaces. Change the default timers of scale for FabricPath IS-IS interface parameter. The BFD option for FabricPath can be enabled only through the BFD feature. For example (note that BFD is not mandatory): 
    
interface EthernetX/Y
switchport mode fabricpath
  fabricpath isis hello-interval 100
  fabricpath isis bfd
  fabricpath isis retransmit-interval 10
  fabricpath isis retransmit-throttle-interval 200

  4. Switch IP address Resolution

    FabricPath IS-IS propagates the fabric-facing IPv4 and MAC address assigned through the fabric to each individual nodes within FabricPath IS-IS label switched paths (LSP). It thus provides IPv4 and IPv6 reachability among all the nodes within the fabric. It supports address resolution for the switch IP addresses, MAC address, and FabricPath switch ID which is used as encapsulation for switching data. It provides resilient multi-hop connectivity in the face of individual link or node failures, for both unicast paths and multi-destination trees.

    Set up the control-segment for the fabric to host the MP-BGP session. This segment is referred as backbone VLAN. Enable the interface VLAN feature, as this enables to assign an IP address. The command fabric forwarding control-segment signals to FabricPath IS-IS to distribute the IP and MAC addresses binding of the switch. 
    
vlan $$BACKBONE_VLAN$$ 
  mode fabricpath 

interface vlan $$BACKBONE_VLAN$$
  no shutdown
  ip address $$BACKBONE_IP$$/$$BACKBONE_PREFIX$$
  ipv6 forward
  mtu 9192
  fabric forwarding control-segment
    For example: 
    
!control SVI
vlan 2
  mode fabricpath

interface Vlan 2
  no shutdown
  mtu 9192
  ip address 44.2.3.33/22
  ipv6 forward
  fabric forwarding control-segment

Spine Specific Configuration

Spine should be in transit mode. In transit mode the incoming and outgoing encapsulation is VN-Segment. Any change in transit mode requires a switch reload. 

fabricpath mode transit

Leaf and Border Leaf Configuration

Multi-tenancy lite version

VN-Segment feature to support the switch global mapping of a VLAN to a VN-Segment ID and vice-versa.

For example: 

feature vn-segment-vlan-based

Multi-tenancy full version

VN-Segment feature to support mapping of VN-Segment ID or VNI to a bridge-domain and vice-versa.

For example: 

feature vni

Note

Cisco NX-OS host attachment with auto-configuration at the border leaf is not supported.

The bridge-domain manager provides a CLI command to configure a bridge-domain as fabric control bridge-domain. The command used is fabric-control and has the following properties:

  • Allocated from carved out bridge-domain range

  • Only one bridge-domain or a VLAN can be of type fabric control

  • Created as type fabric control and mode FabricPath by default

  • Brought up on all FabricPath core ports in base topology and no explicit topology to VLAN configuration is needed


Note

Use of VLAN 1 as fabric control is not allowed.

You can delete fabric control bridge-domains. When you delete fabric control bridge-domains, all iBGP adjacencies will go down. In order to change, you must revert current fabric control bridge-domain to type USER and then convert existing bridge-domain to fabric control.

Following is an example of how a bridge-domain can be converted to fabric control: 


Switch(config)# bridge-domain 50
Switch(config-bd)# fabric-control

Switch(config)# bridge-domain 60
Switch(config-bd)# fabric-control

ERROR: bridge-domain 50 is already fabric-control. Cannot make bridge-domain 60 as fabric-control.

Following is an example of how a VLAN can be converted to fabric control: 


Switch(config)# vlan 10
Switch(config-vlan)# fabric-control

Switch(config)# vlan 20
Switch(config-vlan)# fabric-control

ERROR: vlan 10 is already fabric-control. Cannot make vlan 20 as fabric-control.

Fabric Control Segment Overview

DFA solution requires a transport protocol to help carry the IP to MAC mapping of the leaf switches to avoid having to use ARP. This information exchange is achieved using the FabricPath IS-IS protocol. The FabricPath IS-IS protocol continues to offer the Layer-2 address family functionality it offers for the FabricPath/TRILL solution. This functionality entails creating a mapping of switch ID to MAC addresses. Along with this FabricPath IS-IS also offers the Layer-3 address family functionality needed for BGP peers to successfully exchange peer information across the DFA fabric.

The IP address carried by FabricPath IS-IS is the one configured on the SVI referred to as control VLAN. The configuration is given below. In this case IP address 44.2.3.33 is distributed as the SVI is marked with the command fabric forwarding control-segment .

This IP address is used as the BGP end point when establishing the MP-BGP peering with the route reflector. It is also the BGP next hop of all routes advertised by this node: 

!control SVI
vlan 2
  mode fabricpath

interface Vlan 2
  no shutdown
  mtu 9192
  ip address 44.2.3.33/22
  ipv6 forward
  fabric forwarding control-segment