• Nexus Dashboard
  • USER: admin
  • PASS: cisco.123
  • ND
  • Switch Login
  • USER: admin
  • PASS: cisco.123
  • staging-spine1: 10.15.6.11
  • staging-leaf1: 10.15.6.12
  • staging-leaf2: 10.15.6.13
  • staging-leaf3: 10.15.6.14
  • staging-ext-rtr: 10.15.6.15
  • prod-spine1: 10.15.6.18
  • prod-leaf1: 10.15.6.19
  • prod-leaf2: 10.15.6.20
  • prod-leaf3: 10.15.6.21
  • prod-ext-rtr: 10.15.6.22
  • GitLab
  • USER: pod06
  • PASS: c1sco.123
  • Gitlab
  • Test VM Login
  • USER: cisco
  • PASS: cisco.123
  • staging-server1: 10.15.6.16
  • staging-server2: 10.15.6.17
  • prod-server1: 10.15.6.23
  • prod-server2: 10.15.6.24
  • Code-Server
  • Code-Server
  • Serials
  • Get Serial Numbers
vPC
VXLAN as Code

Step 1 - Create

With the devices added to the fabric, you can now create the vPC peering between staging-leaf1 and staging-leaf2. You will create a new file named vpc.nac.yml. This file will contain all of the necessary vPC configurations to establish the vPC peering for the leaf switches. The vPC settings such as peer-link Vlan and peer-keepalive VRF to use are defined under the vpc section of the global key. The actual vpc_peers are defined under the vpc_peers of the topology section. Again, this vPC peering configuration will be used by the Ansible playbook to create the vPC peering between the leaf switches. 


touch ~/workspace/ndfclab/nac/host_vars/fabric-stage/vpc.nac.yml
code-server -r ~/workspace/ndfclab/nac/host_vars/fabric-stage/vpc.nac.yml



      
---

vxlan:
  global:
    bgp_asn: "65001"
    vpc:
      peer_link_vlan: 3600
      peer_keep_alive: management
      auto_recovery_time: 240
      delay_restore_time: 150
      peer_link_port_channel_id: 500
      advertise_pip: true
      domain_id_range: 1-100
  topology:
    vpc_peers:
      - peer1: staging-leaf1
        peer2: staging-leaf2
        fabric_peering: true





Step 2 - Execute Ansible Playbook

Make sure you are in your root Ansible directory 


cd ~/workspace/ndfclab/nac

From the root Ansible project directory execute the following command: 


ansible-playbook -i hosts.stage.yml vxlan.yml --tags cr_manage_vpc_peers

Upon a successful run of the playbook your output should look as follows: 

  PLAY RECAP ********************************************************************************************************************************************************
  fabric-stage                      : ok=188  changed=28   unreachable=0    failed=0    skipped=393  rescued=0    ignored=0   


  PLAYBOOK RECAP ****************************************************************************************************************************************************
  Playbook run took 0 days, 0 hours, 0 minutes, 58 seconds


  TASKS RECAP *******************************************************************************************************************************************************
  Wednesday 07 May 2025  16:35:21 +0000 (0:00:00.268)       0:00:58.023 ********* 
  =============================================================================== 
  cisco.nac_dc_vxlan.create : Manage vPC Peering ------------------------------------------------------------------------------------------------------------- 1.94s
  cisco.nac_dc_vxlan.connectivity_check : Get Cisco NDFC Version --------------------------------------------------------------------------------------------- 1.82s
  cisco.nac_dc_vxlan.common : Get POAP Data From POAP Enabled Devices ---------------------------------------------------------------------------------------- 0.86s
  cisco.nac_dc_vxlan.validate : Copy Service Model Data to Host ---------------------------------------------------------------------------------------------- 0.84s
  cisco.nac_dc_vxlan.common : Build Fabric Creation Parameters From Template --------------------------------------------------------------------------------- 0.81s
  cisco.nac_dc_vxlan.connectivity_check : Verify Authorization to NDFC 10.15.0.26 on Port 443 ---------------------------------------------------------------- 0.74s
  cisco.nac_dc_vxlan.common : Build Policy List From Template ------------------------------------------------------------------------------------------------ 0.73s
  cisco.nac_dc_vxlan.common : Build VPC interface ------------------------------------------------------------------------------------------------------------ 0.71s
  cisco.nac_dc_vxlan.common : Retrieve NDFC Device Username and Password from Group Vars and update inv_config ----------------------------------------------- 0.71s
  cisco.nac_dc_vxlan.common : Build Networks Attach List From Template --------------------------------------------------------------------------------------- 0.69s
  cisco.nac_dc_vxlan.common : Build Interface ---------------------------------------------------------------------------------------------------------------- 0.66s
  cisco.nac_dc_vxlan.common : Build Interface ---------------------------------------------------------------------------------------------------------------- 0.66s
  cisco.nac_dc_vxlan.common : Build VRFs Attach List From Template ------------------------------------------------------------------------------------------- 0.66s
  cisco.nac_dc_vxlan.common : Build Links for vPC Peering ---------------------------------------------------------------------------------------------------- 0.65s
  cisco.nac_dc_vxlan.common : Build Loopback Interfaces List From Template ----------------------------------------------------------------------------------- 0.65s
  cisco.nac_dc_vxlan.common : Build Interface ---------------------------------------------------------------------------------------------------------------- 0.64s
  cisco.nac_dc_vxlan.common : Build Fabric Switch Inventory List From Template ------------------------------------------------------------------------------- 0.64s
  cisco.nac_dc_vxlan.common : Build sub_interface ------------------------------------------------------------------------------------------------------------ 0.64s
  cisco.nac_dc_vxlan.common : Build Edge Connections --------------------------------------------------------------------------------------------------------- 0.64s
  cisco.nac_dc_vxlan.common : Build VRFs Attach List From Template for loopback ------------------------------------------------------------------------------ 0.63s

  ROLES RECAP *******************************************************************************************************************************************************
  Wednesday 07 May 2025  16:35:21 +0000 (0:00:00.272)       0:00:58.026 ********* 
  =============================================================================== 
  common ----------------------------------------------------------------- 42.58s
  validate ---------------------------------------------------------------- 5.71s
  connectivity_check ------------------------------------------------------ 4.01s
  create ------------------------------------------------------------------ 3.63s
  common_global ----------------------------------------------------------- 0.06s
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
  total ------------------------------------------------------------------ 55.99s

Step 3 - Return to NDFC & Verify vPC Peering is Pending

The vPC peering should now be pre-staged between leaf1 and leaf2. Return to NDFC and verify.

In NDFC, you should still be on the Switches tab, if not:

  1. Click Switches in the top navigation bar
  2. Confirm you see the vPC Peer row populated for leaf1 and leaf2



Step 4 - Return to VSCode & Close All Open Tabs

On the keyword press Ctrl + K + W. This should close all open tabs to clear your workspace for the next section.


Continue to the next section to define the interfaces for the leaf switches in your fabric using VXLAN as Code.