• Code-Server
  • Code-Server
  • Nexus Dashboard
  • USER: admin
  • PASS: cisco.123
  • ND
  • Switch Login
  • USER: admin
  • PASS: cisco.123
  • site1-s1: 10.15.9.11
  • site1-l1: 10.15.9.12
  • site1-l2: 10.15.9.13
  • site1-bl1: 10.15.9.14
  • site1-bgw1: 10.15.9.15
  • site1-extrtr1: 10.15.9.16
  • site1-isn1: 10.15.9.17
  • site2-bgw-s1: 10.15.9.21
  • site2-l1: 10.15.9.22
  • site2-isn1: 10.15.9.23
  • GitLab
  • USER: pod09
  • PASS: c1sco.123
  • Gitlab
  • Test VM Login
  • USER: cisco
  • PASS: cisco.123
  • Serials
  • Get Serial Numbers
ISN
Site1

Step 1 - Create Ansible Host Vars Directory for Site1 ISN

Return to your Visual Studio Code Terminal window. Create the host_vars directory for your Site1 ISN fabric. 


mkdir -p host_vars/site1-isn

Step 2 - Create Site1 ISN Fabric YAML File

For your site1-isn fabric, create a file named fabric.nac.yml in the host_vars/site1-isn directory. This fabric is also a small representation in this lab, so all of your data model definitions for the fabric can be contained in a single file.

Note that in the data model below, the multisite section is introduced.

You still define the topology of the fabric switches, interfaces, and policies as before. The interfaces defined on the ISN switch include a loopback interface for the route server and a routed interface to connect to the Site2 ISN. In the policy section, an external BGP neighbor policy is defined to peer with Site2 ISN using an ND policy template. Note that interface Ethernet1/3 shown in the diagram is not defined in the data model — ND will automatically configure it when you enable the Multi-Site extension later in the lab. 




touch ~/workspace/ndlab/nac/host_vars/site1-isn/fabric.nac.yml
code-server -r ~/workspace/ndlab/nac/host_vars/site1-isn/fabric.nac.yml

Copy and paste the following content into the fabric.nac.yml file that is now open in your VSCode editor. 


---

vxlan:
  fabric:
    name: site1-isn
    type: ISN
  multisite:
    isn:
      bgp_asn: "65101"
  topology:
    switches:
      - name: site1-isn1
        serial_number: 9FGWJ9WFIXY
        role: core_router
        management:
          default_gateway_v4: 10.15.9.1
          management_ipv4_address: 10.15.9.17
        interfaces:
          - name: Loopback101
            mode: loopback
            description: Route Server Loopback
            enabled: true
            ipv4_address: 10.101.101.101
            ipv4_route_tag: 54321
          - name: Ethernet1/1
            mode: routed
            description: To Site2 ISN1 Eth1/1
            enabled: true
            ipv4_address: 10.0.0.0/31
  policy:
    policies:
      - name: ebgp_neighbor
        template_name: ext_bgp_neighbor
        template_vars:
          asn: "65101"
          NEIGHBOR_ASN: "65201"
          NEIGHBOR_IP: "10.0.0.1"
          IF_NAME: "Ethernet1/1"
          ENABLE_LOG_NEIGHBOR_CHANGE: true
    groups:
      - name: isn
        policies:
          - name: ebgp_neighbor
    switches:
      - name: site1-isn1
        groups:
          - isn

Step 3 - Create Ansible Inventory File for ND Site1 ISN Fabric

Like previous fabrics, Site1 ISN will leverage the same ND group and ND instance, but specify the Site1 ISN fabric as a logical host. 


touch ~/workspace/ndlab/nac/hosts.site1_isn.yml
cat << EOF >> ~/workspace/ndlab/nac/hosts.site1_isn.yml
---
# Inventory Information For Site1 ISN Fabric
nd:
  hosts:
    site1-isn:
      ansible_host: 10.15.0.35
EOF

Step 4 - Execute Ansible Playbook

Make sure you are in your root Ansible directory. 


cd ~/workspace/ndlab/nac

From the root Ansible project directory execute the following command: 


ansible-playbook -i hosts.site1_isn.yml vxlan.yml

Upon a successful run of the playbook your output should look as follows: 

  <... SNIP ...>

  PLAY RECAP **************************************************************************************************************************************************************************
  site1-isn                  : ok=45   changed=4    unreachable=0    failed=0    skipped=20   rescued=0    ignored=0


  PLAYBOOK RECAP ******************************************************************************************
  Playbook run took 0 days, 0 hours, 1 minutes, 45 seconds


  TASKS RECAP *********************************************************************************************
  Wednesday 03 June 2026  00:34:58 +0000 (0:00:00.058)       0:01:45.466 ******** 
  =============================================================================== 
  cisco.nac_dc_vxlan.create : Execute Create Resources -------------------------------------------- 59.91s
  cisco.nac_dc_vxlan.deploy : Execute Deploy of Resources ----------------------------------------- 29.62s
  cisco.nac_dc_vxlan.common : Build Resources ------------------------------------------------------ 2.33s
  cisco.nac_dc_vxlan.connectivity_check : Get Cisco Nexus Dashboard Fabric Controller Version ------ 1.70s
  cisco.nac_dc_vxlan.remove : Execute Remove Resources --------------------------------------------- 1.32s
  cisco.nac_dc_vxlan.deploy : Execute Deploy of Resources ------------------------------------------ 1.22s
  cisco.nac_dc_vxlan.validate : Copy Service Model Data to Host ------------------------------------ 0.81s
  cisco.nac_dc_vxlan.connectivity_check : Verify Authorization to Nexus Dashboard ------------------ 0.72s
  cisco.nac_dc_vxlan.validate : Copy Extended Service Model Data to Host --------------------------- 0.63s
  cisco.nac_dc_vxlan.validate : Stat Factory Defaults ---------------------------------------------- 0.55s
  cisco.nac_dc_vxlan.connectivity_check : Verify Connection to Nexus Dashboard --------------------- 0.54s
  cisco.nac_dc_vxlan.connectivity_check : Get Cisco Nexus Dashboard Version ------------------------ 0.43s
  cisco.nac_dc_vxlan.validate : Stat the Golden Service Model Data --------------------------------- 0.34s
  cisco.nac_dc_vxlan.validate : Stat the Extended Service Model Data ------------------------------- 0.34s
  cisco.nac_dc_vxlan.remove : Log Deploy During Remove Info Message -------------------------------- 0.26s
  cisco.nac_dc_vxlan.connectivity_check : Set Cisco Nexus Dashboard Fabric Controller Version Var --- 0.22s
  cisco.nac_dc_vxlan.common : Display Change Flag Values ------------------------------------------- 0.21s
  cisco.nac_dc_vxlan.validate : Role Entry Point - [cisco.nac_dc_vxlan.validate] ------------------- 0.21s
  cisco.nac_dc_vxlan.create : Display Create Resources Summary ------------------------------------- 0.21s
  cisco.nac_dc_vxlan.remove : Display Remove Resources Summary ------------------------------------- 0.21s

  ROLES RECAP *********************************************************************************************
  Wednesday 03 June 2026  00:34:58 +0000 (0:00:00.060)       0:01:45.467 ******** 
  =============================================================================== 
  create ----------------------------------------------------------------- 60.17s
  deploy ----------------------------------------------------------------- 30.97s
  validate ---------------------------------------------------------------- 5.31s
  connectivity_check ------------------------------------------------------ 3.80s
  common ------------------------------------------------------------------ 3.02s
  remove ------------------------------------------------------------------ 1.85s
  common_global ----------------------------------------------------------- 0.05s
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
  total ----------------------------------------------------------------- 105.17s

Step 5 - Return to ND & Verify Site1 ISN Fabric

  1. Return to ND in your browser where you should still be sitting at the Fabrics dashboard. You should see the fabric site1-isn in the list of fabrics; click it.

    Note

    If your site1-isn is not showing, please try clicking the Refresh button in the top-right of the Fabrics pane.

  2. Click the Inventory tab in the top navigation bar
  3. Click the Switches tab in the sub-navigation bar
  4. Verify that the Configuration sync status column shows In-Sync for your switches. If not, please click the refresh button to the right of the Actions button


  5. Click the Connectivity tab in the top navigation bar
  6. Click Interfaces in the sub-navigation bar



  7. Close your site1-isn fabric by clicking the close (X) button in the top right corner of the window




Step 6 - Return to VSCode & Close All Open Tabs

Navigate back to your VSCode application.

  1. Right-Click on any open tab
  2. Select "Close All" from the drop-down menu


Please continue to the next section to model and set up your Site2 ISN fabric.