• Code-Server
  • Code-Server
  • Nexus Dashboard
  • USER: admin
  • PASS: cisco.123
  • ND
  • Switch Login
  • USER: admin
  • PASS: cisco.123
  • site1-s1: 10.15.30.11
  • site1-l1: 10.15.30.12
  • site1-l2: 10.15.30.13
  • site1-bl1: 10.15.30.14
  • site1-bgw1: 10.15.30.15
  • site1-extrtr1: 10.15.30.16
  • site1-isn1: 10.15.30.17
  • site2-bgw-s1: 10.15.30.21
  • site2-l1: 10.15.30.22
  • site2-isn1: 10.15.30.23
  • GitLab
  • USER: pod30
  • PASS: c1sco.123
  • Gitlab
  • Test VM Login
  • USER: cisco
  • PASS: cisco.123
  • Serials
  • Get Serial Numbers
ISN
Site2

Step 1 - Set Up Ansible Directory Structure Required for Site2 ISN

Return to your Visual Studio Code Terminal window. Create the host_vars directory for your Site2 ISN fabric. 


mkdir -p host_vars/site2-isn

Step 2 - Create Site2 ISN Fabric YAML File

For your site2-isn fabric, create a file named fabric.nac.yml in the host_vars/site2-isn directory. This fabric is also a small representation in this lab, so all of your data model definition of the fabric can be contained to a single file.

Make note that below in the data model, the multisite section is introduced.

You still define the topology of the fabric switches, interfaces, and policies as before. The interfaces defined on the ISN switch include a loopback interface for the route server and a routed interface to connect to Site1 ISN. In the policy section, an external BGP neighbor policy is defined to peer with Site1 ISN using an ND policy template. With regards to interface Ethernet1/3 in the diagram, this interface is not defined in the data model as the settings you will use for Multi-Site (MSD) will be applied automatically by ND when the Multi-Site extension is enabled later in the lab. 



touch ~/workspace/ndlab/nac/host_vars/site2-isn/fabric.nac.yml
code-server -r ~/workspace/ndlab/nac/host_vars/site2-isn/fabric.nac.yml




---

vxlan:
  fabric:
    name: site2-isn
    type: ISN
  multisite:
    isn:
      bgp_asn: "65201"
  topology:
    switches:
      - name: site2-isn1
        serial_number: 951DZIQ4Q9E
        role: core_router
        management:
          default_gateway_v4: 10.15.30.1
          management_ipv4_address: 10.15.30.23
        interfaces:
          - name: Loopback101
            mode: loopback
            description: Route Server Loopback
            enabled: true
            ipv4_address: 10.201.201.201
            ipv4_route_tag: 54321
          - name: Ethernet1/1
            mode: routed
            description: To Site1 ISN1 Eth1/1
            enabled: true
            ipv4_address: 10.0.0.1/31
  policy:
    policies:
      - name: ebgp_neighbor
        template_name: ext_bgp_neighbor
        template_vars:
          asn: "65201"
          NEIGHBOR_ASN: "65101"
          NEIGHBOR_IP: "10.0.0.0"
          IF_NAME: "Ethernet1/1"
          ENABLE_LOG_NEIGHBOR_CHANGE: true
    groups:
      - name: isn
        policies:
          - name: ebgp_neighbor
    switches:
      - name: site2-isn1
        groups:
          - isn

Step 3 - Create Ansible Inventory File for ND Site2 ISN Fabric

Like previous fabrics, Site2 ISN will leverage the same ND group and ND instance, but specify the Site2 ISN fabric as a logical host. 


touch ~/workspace/ndlab/nac/hosts.site2_isn.yml
cat << EOF >> ~/workspace/ndlab/nac/hosts.site2_isn.yml
---
# Inventory Information For Site2 ISN Fabric
nd:
  hosts:
    site2-isn:
      ansible_host: 10.15.0.98
EOF

Step 4 - Execute Ansible Playbook

Make sure you are in your root Ansible directory. 


cd ~/workspace/ndlab/nac

From the root Ansible project directory execute the following command: 


ansible-playbook -i hosts.site2_isn.yml vxlan.yml

Upon a successful run of the playbook your output should look as follows: 

  <... SNIP ...>

  PLAY RECAP **************************************************************************************************************************************************************************
  site2-isn                  : ok=199  changed=28   unreachable=0    failed=0    skipped=1377 rescued=0    ignored=0


  PLAYBOOK RECAP **********************************************************************************************************************************************************************
  Playbook run took 0 days, 0 hours, 3 minutes, 13 seconds


  TASKS RECAP *************************************************************************************************************************************************************************
  Tuesday 27 January 2026  13:43:18 +0000 (0:00:00.076)       0:03:13.777 *******
  ===============================================================================
  cisco.nac_dc_vxlan.create : Add Fabric Devices in Nexus Dashboard ----------------------------------------------------------------------------------------------------------- 41.81s
  cisco.nac_dc_vxlan.deploy : Manage Fabric Deployment for ISN Fabric in Nexus Dashboard -------------------------------------------------------------------------------------- 31.53s
  cisco.nac_dc_vxlan.deploy : Manage Fabric Deployment for ISN Fabric in Nexus Dashboard --------------------------------------------------------------------------------------- 5.78s
  cisco.nac_dc_vxlan.create : Manage Fabric in Nexus Dashboard ----------------------------------------------------------------------------------------------------------------- 3.98s
  cisco.nac_dc_vxlan.common : Display Flag Values ------------------------------------------------------------------------------------------------------------------------------ 2.16s
  cisco.nac_dc_vxlan.common : Get POAP Data From POAP Enabled Devices ---------------------------------------------------------------------------------------------------------- 1.80s
  cisco.nac_dc_vxlan.create : Manage Interface All in Nexus Dashboard ---------------------------------------------------------------------------------------------------------- 1.73s
  cisco.nac_dc_vxlan.connectivity_check : Get Cisco Nexus Dashboard Fabric Controller Version ---------------------------------------------------------------------------------- 1.69s
  cisco.nac_dc_vxlan.create : Manage Fabric Policies in Nexus Dashboard -------------------------------------------------------------------------------------------------------- 1.61s
  cisco.nac_dc_vxlan.remove : Get List of ISN Fabric Switches from Nexus Dashboard --------------------------------------------------------------------------------------------- 1.24s
  cisco.nac_dc_vxlan.create : Build Switch Hostname Policy Payload from Data Model Update -------------------------------------------------------------------------------------- 1.21s
  cisco.nac_dc_vxlan.common : Build Policy List From Template ------------------------------------------------------------------------------------------------------------------ 0.93s
  cisco.nac_dc_vxlan.validate : Copy Service Model Data to Host ---------------------------------------------------------------------------------------------------------------- 0.92s
  cisco.nac_dc_vxlan.common : Retrieve NDFC Device Username and Password from Group Vars and update inv_config ----------------------------------------------------------------- 0.88s
  cisco.nac_dc_vxlan.common : Retrieve NDFC Device Username and Password from Group Vars and update inv_config ----------------------------------------------------------------- 0.86s
  cisco.nac_dc_vxlan.connectivity_check : Verify Authorization to Nexus Dashboard ---------------------------------------------------------------------------------------------- 0.80s
  cisco.nac_dc_vxlan.common : Build Interface ---------------------------------------------------------------------------------------------------------------------------------- 0.76s
  cisco.nac_dc_vxlan.common : Build vPC interface ------------------------------------------------------------------------------------------------------------------------------ 0.76s
  cisco.nac_dc_vxlan.common : Build Fabric Switch Inventory List From Template ------------------------------------------------------------------------------------------------- 0.75s
  cisco.nac_dc_vxlan.common : Build sub_interface ------------------------------------------------------------------------------------------------------------------------------ 0.74s

  ROLES RECAP *************************************************************************************************************************************************************************
  Tuesday 27 January 2026  13:43:18 +0000 (0:00:00.083)       0:03:13.782 *******
  ===============================================================================
  create ----------------------------------------------------------------- 64.15s
  common ----------------------------------------------------------------- 59.57s
  deploy ----------------------------------------------------------------- 38.91s
  remove ----------------------------------------------------------------- 15.85s
  validate ---------------------------------------------------------------- 5.41s
  connectivity_check ------------------------------------------------------ 3.90s
  common_global ----------------------------------------------------------- 0.04s
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  total ----------------------------------------------------------------- 187.84s

Step 5 - Return to ND & Verify Site2 ISN Fabric

  1. Return to ND in your browser where you should still be sitting at the Fabrics dashboard. You should see the fabric site2-isn in the list of fabrics; click it.

    Note

    If your site2-isn is not showing, please try clicking the Refresh button in the top-right of the Fabrics pane.

  2. Click the Inventory tab in the top navigation bar
  3. Click the Switches tab in the sub-navigation bar
  4. Verify you see the switches' Configuration sync status as In-Sync. If not, please click the Refresh button near the Actions button


  5. Click the Connectivity tab in the top navigation bar
  6. Click Interfaces in the sub-navigation bar



  7. Close your site2-isn fabric by clicking the close (X) button in the top right corner of the window



  8. Between your ISN fabrics and devices, you now have established an eBGP IPv4 Unicast Address-Family peering:




Step 6 - Return to VSCode & Close All Open Tabs

Navigate back to your VSCode application.

  1. Right-Click on any open tab
  2. Select "Close All" from the drop-down menu


Please continue to the next section to model and bring all your fabrics into a Multi-Site (MSD) fabric group to manage overlay extensions between sites.