• Code-Server
  • Code-Server
  • Nexus Dashboard
  • USER: admin
  • PASS: cisco.123
  • ND
  • Switch Login
  • USER: admin
  • PASS: cisco.123
  • site1-s1: 10.15.30.11
  • site1-l1: 10.15.30.12
  • site1-l2: 10.15.30.13
  • site1-bl1: 10.15.30.14
  • site1-bgw1: 10.15.30.15
  • site1-extrtr1: 10.15.30.16
  • site1-isn1: 10.15.30.17
  • site2-bgw-s1: 10.15.30.21
  • site2-l1: 10.15.30.22
  • site2-isn1: 10.15.30.23
  • GitLab
  • USER: pod30
  • PASS: c1sco.123
  • Gitlab
  • Test VM Login
  • USER: cisco
  • PASS: cisco.123
  • Serials
  • Get Serial Numbers
Fabric
Site2

Step 1 - Create Ansible Host Vars Directory for Site2 Fabric

Return to your Visual Studio Code Terminal window. Create the host_vars directory for your Site2 fabric. 


mkdir -p host_vars/site2-fabric

Step 2 - Create Site2 Fabric YAML File

For your site2-fabric fabric, create a file named fabric.nac.yml in the host_vars/site2-fabric directory. Since this VXLAN fabric is a small representation in this lab, all of your data model definition of the fabric can be contained to a single file. Similar data is used for the fabric, global and underlay sections of the model for this new fabric as was used for the Site1 fabric, but with different values. Switches are included in the topology section of the model, along with interface definitions. The two types of switches in this fabric are a border gateway spine and a leaf switch. 


touch ~/workspace/ndlab/nac/host_vars/site2-fabric/fabric.nac.yml
code-server -r ~/workspace/ndlab/nac/host_vars/site2-fabric/fabric.nac.yml




---

vxlan:
  fabric:
    name: site2-fabric
    type: VXLAN_EVPN
  global:
    ibgp:
      bgp_asn: "65002"
      route_reflectors: 2
      anycast_gateway_mac: 1234.5678.9000
      dns_servers:
        - ip_address: 10.0.249.16
          vrf: management
      ntp_servers:
        - ip_address: 10.81.254.131
          vrf: management
  underlay:
    general:
      routing_protocol: ospf
      underlay_routing_loopback_id: 0
      underlay_routing_protocol_tag: UNDERLAY
      underlay_vtep_loopback_id: 1
      replication_mode: multicast
    ipv4:
      fabric_interface_numbering: p2p
      subnet_mask: 31
      underlay_routing_loopback_ip_range: 10.22.0.0/22
      underlay_vtep_loopback_ip_range: 10.222.100.0/22
      underlay_rp_loopback_ip_range: 10.252.252.0/24
      underlay_subnet_ip_range: 10.2.0.0/16
    ospf:
      area_id: 0.0.0.0
    multicast:
      underlay_rp_loopback_id: 252
      rp_mode: asm
  topology:
    switches:
      - name: site2-bgw-s1
        serial_number: 90K2M0X2ZB9
        role: border_gateway_spine
        management:
          management_ipv4_address: 10.15.30.21
          default_gateway_v4: 10.15.30.1
      - name: site2-l1
        serial_number: 9B04S5PHXXO
        role: leaf
        management:
          management_ipv4_address: 10.15.30.22
          default_gateway_v4: 10.15.30.1
        interfaces:
          - name: Ethernet1/4
            description: To Server4 E1
            mode: access
            enabled: true
            mtu: jumbo
            speed: auto
            spanning_tree_portfast: true
          - name: Ethernet1/5
            description: To Server5 E1
            mode: access
            enabled: true
            mtu: jumbo
            speed: auto
            spanning_tree_portfast: true



Step 3 - Create Ansible Inventory File for ND Site2 Fabric

The Site2 inventory will leverage the same ND group and ND instance as the Site1 and External fabrics, but specify the Site2 fabric as a logical host. 


touch ~/workspace/ndlab/nac/hosts.site2.yml
cat << EOF > ~/workspace/ndlab/nac/hosts.site2.yml
---
# Inventory Information For Site2 Fabric
nd:
  hosts:
    site2-fabric:
      ansible_host: 10.15.0.98
EOF

Step 4 - Execute Ansible Playbook

Make sure you are in your root Ansible directory. 


cd ~/workspace/ndlab/nac

From the root Ansible project directory execute the following command: 


ansible-playbook -i hosts.site2.yml vxlan.yml

Upon a successful run of the playbook your output should look as follows: 

  <... SNIP ...>

  PLAY RECAP **************************************************************************************************************************************************************************
  site2-fabric               : ok=260  changed=35   unreachable=0    failed=0    skipped=1312 rescued=0    ignored=0


  PLAYBOOK RECAP **********************************************************************************************************************************************************************
  Playbook run took 0 days, 0 hours, 8 minutes, 19 seconds


  TASKS RECAP *************************************************************************************************************************************************************************
  Tuesday 27 January 2026  13:06:27 +0000 (0:00:00.072)       0:08:19.226 *******
  ===============================================================================
  cisco.nac_dc_vxlan.create : Add Fabric Devices in Nexus Dashboard ---------------------------------------------------------------------------------------------------------- 199.83s
  cisco.nac_dc_vxlan.deploy : Manage Fabric Deployment for iBGP VXLAN Fabric in Nexus Dashboard ------------------------------------------------------------------------------ 128.61s
  cisco.nac_dc_vxlan.create : Config-Save for iBGP VXLAN Fabric in Nexus Dashboard -------------------------------------------------------------------------------------------- 17.23s
  cisco.nac_dc_vxlan.create : Manage Fabric in Nexus Dashboard ---------------------------------------------------------------------------------------------------------------- 12.15s
  cisco.nac_dc_vxlan.deploy : Manage Fabric Deployment for iBGP VXLAN Fabric in Nexus Dashboard ------------------------------------------------------------------------------- 11.57s
  cisco.nac_dc_vxlan.create : Manage Interface All in Nexus Dashboard ---------------------------------------------------------------------------------------------------------- 3.01s
  cisco.nac_dc_vxlan.common : Display Flag Values ------------------------------------------------------------------------------------------------------------------------------ 2.17s
  cisco.nac_dc_vxlan.create : Build Switch Hostname Policy Payload from Data Model Update -------------------------------------------------------------------------------------- 1.89s
  cisco.nac_dc_vxlan.common : Get POAP Data From POAP Enabled Devices ---------------------------------------------------------------------------------------------------------- 1.88s
  cisco.nac_dc_vxlan.connectivity_check : Get Cisco Nexus Dashboard Fabric Controller Version ---------------------------------------------------------------------------------- 1.77s
  cisco.nac_dc_vxlan.common : Get Multisite Fabric Associations in Nexus Dashboard --------------------------------------------------------------------------------------------- 1.40s
  cisco.nac_dc_vxlan.remove : Get List of iBGP VXLAN Fabric Switches from Nexus Dashboard -------------------------------------------------------------------------------------- 1.25s
  cisco.nac_dc_vxlan.common : Build Fabric Creation Parameters From Template --------------------------------------------------------------------------------------------------- 0.99s
  cisco.nac_dc_vxlan.validate : Copy Service Model Data to Host ---------------------------------------------------------------------------------------------------------------- 0.91s
  cisco.nac_dc_vxlan.common : Retrieve NDFC Device Username and Password from Group Vars and update inv_config ----------------------------------------------------------------- 0.89s
  cisco.nac_dc_vxlan.common : Retrieve NDFC Device Username and Password from Group Vars and update inv_config ----------------------------------------------------------------- 0.88s
  cisco.nac_dc_vxlan.connectivity_check : Verify Authorization to Nexus Dashboard ---------------------------------------------------------------------------------------------- 0.80s
  cisco.nac_dc_vxlan.common : Build Fabric Switch Inventory List From Template ------------------------------------------------------------------------------------------------- 0.79s
  cisco.nac_dc_vxlan.common : Build Policy List From Template ------------------------------------------------------------------------------------------------------------------ 0.78s
  cisco.nac_dc_vxlan.common : Build vPC interface ------------------------------------------------------------------------------------------------------------------------------ 0.76s

  ROLES RECAP *************************************************************************************************************************************************************************
  Tuesday 27 January 2026  13:06:27 +0000 (0:00:00.077)       0:08:19.230 *******
  ===============================================================================
  create ---------------------------------------------------------------- 252.45s
  deploy ---------------------------------------------------------------- 141.75s
  common ----------------------------------------------------------------- 72.07s
  remove ----------------------------------------------------------------- 17.75s
  validate ---------------------------------------------------------------- 5.29s
  connectivity_check ------------------------------------------------------ 3.99s
  common_global ----------------------------------------------------------- 0.05s
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  total ----------------------------------------------------------------- 493.35s

Step 5 - Return to ND & Verify Site2 Fabric

  1. Return to ND in your browser where you should still be sitting at the Fabrics dashboard. You should see the fabric site2-fabric in the list of fabrics; click it.

    Note

    If your site2-fabric is not showing, please try clicking the Refresh button in the top-right of the Fabrics pane.



  2. Click the Inventory tab in the top navigation bar
  3. Click the Switches tab in the sub-navigation bar
  4. Verify you see the switches' Configuration sync status as In-Sync. If not, please click the Refresh button near the Actions button



  5. Click the Connectivity tab in the top navigation bar
  6. Click Interfaces in the sub-navigation bar
  7. Search for Interface == Ethernet1/4 and verify site2-l1 Ethernet1/4 is an access port.



  8. Close your site2-fabric by clicking the close (X) button in the top right corner of the window




Step 6 - Return to VSCode & Close All Open Tabs

Navigate back to your VSCode application.

  1. Right-Click on any open tab
  2. Select "Close All" from the drop-down menu


Please continue to the next section to create your Site1 ISN fabric, onboard an ISN switch, and configure the necessary policies to establish BGP peering between sites.