1、#CiscoLive#CiscoLiveRaj Kumar Goli,Technical Marketing EngineerBRKENS-2092Building Scalable Fabrics with Catalyst 9000 SwitchesBGP EVPN in Enterprise Campus 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEnter your personal notes hereCisco Webex App Questions?Use Cisco We

2、bex App to chat with the speaker after the sessionFind this session in the Cisco Live Mobile AppClick“Join the Discussion”Install the Webex App or go directly to the Webex spaceEnter messages/questions in the Webex spaceHowWebex spaces will be moderated by the speaker until June 9,2023.12343https:/

3、2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicBRKENS-20923Agenda 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicWhat is BGP EVPN?BGP EVPN in Enterprise CampusUnderlay and Overlay NetworksScaling Multicast in FabricBGP EVPN InterworkingEVPN Fabric AutomationBRKENS

4、-20924 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLive16.10.110/18L2VNI ARP/ND SuppressionIngress ReplicationMPLS VPN Border Support16.11.13/19IPv6 Host SupportIPv6 DHCP RelayL2VNI Auto RD/RTL2 Leaf support16.12.16/19VPLS+EVPN L2 InterworkingMPLS+EVPN L3 InterworkingCatal

5、yst+Nexus+XR InteropBorder+Spine+Leaf RoleEVPN Multi-homing with SVLEVPN SNMP MIB support17.1.110/19Tenant Routed Multicast v4TRM+mVPN L3 InterworkingCentralized GatewayL2 Leaf ARP/ND SuppressionPer-VNI BUM Rate-limiter16.9.17/18L3VNIL2VNIMulticast ReplicationL2/L3 HandoffVXLAN QoSBGP EVPNBGP EVPN17

6、.3.16/20512 VNI SupportTenant Routed Multicast v6Wide Area Bonjour over EVPNmDNS over VXLAN17.4.111/20Private VLAN over EVPN17.6.17/21Isolated PVLAN SupportESI-Based Multihoming512 VNI ScaleMicro-location mDNSover VXLAN802.1Q Tunnel Mode17.7.111/21L3 TRM with MDT Data17.8.104/22Optimizing L2 Multica

7、st with IGMP/mld ProxyProtect Vlan over EVPN Fabric17.9.107/22BGP EVPN over IPsec17.10.111/22IPv6 UndelayL3TRM support with BGP EVPN over IPsecBGP EVPN Dynamic peeringBRKENS-2092517.11.103/23Dynamic BGP EVPN IPv4/mVPN peeringRT-2&RT-5 Route-MapPer-VLAN ESI EVPN Micro-Segmentation 2023 Cisco and/or i

8、ts affiliates.All rights reserved.Cisco Public#CiscoLive6BRKENS-2092EnterpriseHospitalityHealthcareEducationPublic SectorFinancialManufacturingTransportationMediaRetailBGP EVPN VXLAN FabricBGP EVPN VXLAN FabricCisco Catalyst 9000Cisco Catalyst 9000 2023 Cisco and/or its affiliates.All rights reserve

9、d.Cisco Public#CiscoLiveLayer2ExtensionSpanning-TreeIEEE 802.3adVPWS|VPLSLayer 3SegmentationMulti-VRFGRE TunnelMPLS VPNC9000C6800EVPNEVPNEvolutionEvolutionProduct transition drives architecture transitionsConvergence of traditional L2 overlay to simplified and scalable fabric Transition classic L3 o

10、verlays to enterprise-grade scalable fabricUnified end-to-end common fabric architecture reducing cost and complexityTraditional Network TransitionBGP EVPN VXLANVXLANCisco Catalyst 9000 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveVXLAN FrameClassical Ethernet Frame802.

11、1QVNIVXLANCRCPayloadDMACSMACEtype802.1QVLAN is expressed over 12 bits(802.1Q tag)UDP20B14B8B8B14B4B20B+8B+8B+14B*=50 Bytesof total overheadVXLAN leverages the VNI field with a total address space of 24 bitsThe VXLAN Network Identifier (VNI/VNID)is part of theVXLAN HeaderCRC(new)PayloadOriginal Layer

12、 2 FrameDMAC SMACEtypeOuterMACOuter IPMAC-in-UDP EncapsulationVXLAN OverviewBRKENS-20928 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveStandards based Overlay(VXLAN)with Standards based Control-Plane(BGP)Layer-2 MAC and Layer-3 IP information distribution by Control-Plan

13、e(BGP)Forwarding decision based on Control-Plane(minimizes flooding)Integrated Routing/Bridging(IRB)for Optimized Forwarding in theOverlayMulti-Tenancy At ScaleControlPlaneEVPN MP-BGP-RFC7432EVPN over NVO Tunnels(VXLAN)Provides Layer-2 and Layer-3 Overlays over simple IP NetworksData PlaneMulti-Prot

14、ocol LabelSwitching (MPLS)draft-ietf-l2vpn-evpnProvider BackboneBridges (PBB)draft-ietf-l2vpn-pbb-evpnNetwork Virtualization Overlay (NVO)draft-ietf-bess-evpn-overlayLeafSpineVXLAN with BGP EVPNBRKENS-20929 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveFabric-Domain-ALay

15、er 2802.1Q|VPLSLayer 3VRF|MPLSSITE-ASystem SupportModeCatalyst 9300L|9300|9300X SeriesStandalone|StackWiseCatalyst 9400|9400X SeriesStandalone|StackWise-VirtualCatalyst 9500|9500X SeriesStandalone|StackWise-VirtualCatalyst 9600|9600X SeriesStandalone|StackWise-VirtualSystem SupportModeAnyAnySystem S

16、upportModeCatalyst 9300 9600(9500-H/X&9600/X)Standalone|StackCatalyst 8000 Edge|ASR 1000Physical|VirtualNexus 9000StandaloneASR 9000StandaloneSystem SupportModeCatalyst 9300 9600(9500-H/X/9600/X)Standalone|StackCatalyst 8000 Edge|ASR 1000PhysicalNexus 9000StandaloneASR 9000StandaloneINTERMEDIATE:INT

17、ERMEDIATE:A Layer 2 or Layer 3(IP/MPLS)Underlay network system providing basic transport and forwarding plane.VTEP(LEAF):VTEP(LEAF):An origination and termination point of VXLAN enabled overlay network.SPINE:SPINE:An BGP EVPN reflects the L2/L3 VPN prefixes providing hierarchical neighbor peering,le

18、arning and distribution point.BORDERBORDER:A gateway point of between EVPN fabric and external network domain.System SupportModeNexus 9000StandaloneBORDERBORDER-GATEWAYGATEWAY:A gateway point of between two or more BGP EVPN administrative domain boundary.-RecommendedCatalyst EVPN Scale and Performan

19、ce MatrixCisco Catalyst BGP EVPN Configuration Guide Scale and Performance ChapterBGP EVPN System RoleBRKENS-209210BGP-EVPN in Campus 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEnterprise Campus BGP EVPN DriversIndustry StandardMulti-vendor IT strategyOne Fabric Archi

20、tectureUnified operation across Campus|DC|WANFlexible OverlayUse-case driven customize Overlay networks Types and TopologiesHierarchical Fabric DomainMulti-tier Overlay network architectureProven and ScalableBGP Protocol History.Minimum new learning curveBRKENS-209212 2023 Cisco and/or its affiliate

21、s.All rights reserved.Cisco Public#CiscoLive13Enterprise BGP EVPN Reference ArchitectureBRKENS-2092Industry StandardStandard-based FabricMulti-vendor interoperableBroad innovation adoptionUnified FabricCross-PIN single fabricExtensible beyond siteSimplified ManagementProvenReliable control-planeMult

22、i-protocol capabilitiesLess new learning-curveFlexibleComplex network solutionTailored L2/L3 overlaysDeep eco-system integrationHierarchicalNon-blocking architectureStructured&Scalable fabricHybrid system role supportWANDMZShared-ServicesDC EVPNDC ACIIP|MPLS|EVPNSD-WANInternetAPICACIACIACIACIACIACIA

23、CIACIACIACIEVPN Basics 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveLayer-2 VNI A15VXLAN ConstructsBRKENS-2092VLAN XLayer-3 VNI XSVI SVI X X 1 Layer-3 VNI per Tenant(VRF)for routing VNI X is used for routed packetsLayer-2 VNI BVLAN BSVISVIB BLayer-2 VNI CVLAN CSVISVIB B

24、VLAN ASVISVIA A 1 Layer-2 VNI per Layer-2 segment L2VNIs are used for bridged packetsL2VNIL3VNIVNI Virtual Network Identifier 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveLayer-2 VNI A16VXLAN ConstructsBRKENS-2092VLAN XLayer-3 VNI XSVI SVI X X 1 Layer-3 VNI per Tenant(V

25、RF)for routing VNI X is used for routed packetsLayer-2 VNI BVLAN BSVISVIB BLayer-2 VNI CVLAN CSVISVIB BVLAN ASVISVIA A 1 Layer-2 VNI per Layer-2 segment L2VNIs are used for bridged packetsL2VNIL3VNIL2VNI-GL2VNI-AL2VNI-FL2VNI-EL2VNI-DL2VNI-HL2VNI-BL2VNI-CVRF-XL2VNI-GL2VNI-AL2VNI-FL2VNI-EL2VNI-DL2VNI-

26、HL2VNI-BL2VNI-CVRF-YL2VNI-GL2VNI-AL2VNI-FL2VNI-EL2VNI-DL2VNI-HL2VNI-BL2VNI-CVRF-ZVNI Virtual Network Identifier 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveIGMP Sync routes(Join/Leave)MP-BGP EVPN Route Type(s)RFC 7432Type 1Type 2Type 3Type 4Ethernet Auto-Discovery(A-D)

27、routeMAC/IP advertisement route Inclusive Multicast RouteEVPN Ingress Replication(IR)(unicast mode for BUM)Ethernet Segment RouteRFC 9136Type 5IP Prefix Route Layer-3 VNI RouteRFC 9251Type 6Type 7Type 8Selective Multicast Ethernet Tag RouteIGMP Sync routes(Join/Leave)BRKENS-209217 2023 Cisco and/or

28、its affiliates.All rights reserved.Cisco Public#CiscoLiveVXLAN OverviewVLAN20Host DHost DMAC:0000.4444.4444IP:192.168.20.11L3 VXLAN TunnelRRRRVTEP-1VTEP-2VTEP-3VTEP-4Host AHost AMAC:0000.1111.1111IP:192.168.10.10VLAN10Host BHost BMAC:0000.2222.2222IP:192.168.10.11VLAN10L2 VXLAN TunnelBRKENS-2092Brid

29、geRoute18 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLivePacket Walk ARP RequestRRRRVTEP-1VTEP-2VTEP-3VTEP-4Host AHost AMAC:0000.1111.1111IP:192.168.10.10Host BHost BMAC:0000.2222.2222IP:192.168.10.11VLAN10VLAN10ARP Request for 192.168.10.11ARP Request for 192.168.10.11SM

30、AC:0000.1111.1111DMAC:FFFF.FFFF.FFFFARP Request for 192.168.10.11ARP Request for 192.168.10.11SMAC:0000.1111.1111DMAC:FFFF.FFFF.FFFFSIPSIPDIPDIPVXLANVXLANSMACSMACDMACDMACARP Request for ARP Request for 192.168.10.11192.168.10.1110.200.200.101239.0.0.1300010000.1111.1111FFFF.FFFF.FFFFBRKENS-209219 20

31、23 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveARP Response for 192.168.10.11ARP Response for 192.168.10.11SMAC:0000.2222.2222DMAC:0000.1111.1111Packet Walk ARP ResponseRRRRVTEP-1VTEP-2VTEP-3VTEP-4Host AHost AMAC:0000.1111.1111IP:192.168.10.10Host BHost BMAC:0000.2222.2222I

32、P:192.168.10.11VLAN10VLAN10SIPSIPDIPDIPVXLANVXLANSMACSMACDMACDMACARP Response for ARP Response for 192.168.10.11192.168.10.1110.200.200.10310.200.200.0.2222.22220000.1111.1111ARP Response for 192.168.10.11ARP Response for 192.168.10.11SMAC:0000.2222.2222DMAC:0000.1111.1111BRKENS-209220 20

33、23 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveMAC/IP Advertisement route“MAC or MAC/IP host Advertisement(Route-Type 2)”21BRKENS-2092Host“A”attaches to Edge Device(VTEP)VTEP V1 advertises Host“A”reachability informationMAC and L2VNI mandatoryIP and L3VNI optionaldepending

34、on ARPAdditional Attributes advertisedMPLS Label 1(Layer-2 VNI)MPLS Label 2(Layer-3 VNI)Extended CommunitiesHost AMAC_A/IP_ARouteRouteTypeTypeMAC,IPMAC,IPL2VNIL2VNILayerLayer-3 VNI3 VNI(“VRF”)(“VRF”)NHNHEncapEncapSeqSeq2MAC_A,IP_A3000150001IP_V18:VXLAN0BRKENS-209221Host BMAC_B/IP_B 2023 Cisco and/or

35、 its affiliates.All rights reserved.Cisco Public#CiscoLiveProtocol Learning&Distribution“Subnet Route Advertisement(Route-Type 5)”VTEP VTEP 1 1VTEP VTEP 2 2VTEP VTEP 3 3VTEP VTEP 4 4VTEP VTEP 5 5RRRRIP Prefix RedistributionFrom“Direct”(connected),Static or dynamically learned RoutesVTEP V1 advertise

36、s local Subnet through redistribution of“Direct”(connected)routesIP Prefix,IP Prefix Length,and Layer-3 VNIAdditional route attributes advertisedMPLS Label(Layer-3 VNI)Extended CommunitiesMultiple VTEPs can announce same IP PrefixRouteRouteTypeTypeMAC,IPMAC,IPLayerLayer-3 VNI3 VNI(“VRF”)(“VRF”)NHNHE

37、ncapEncap5Subnet_A/2450001IP_V18:VXLANHost ASubnetA/24BRKENS-209222Host BSubnetB/24 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEfficient Layer 2 Broadcast domainIngress ReplicationMulticast Replication1 x Broadcast Packet4 x Unicast PacketsNo Multicast in Underlay1 x

38、Broadcast PacketSource1 x Multicast Packet2 mechanics to handle B Broadcast,U Unknown Unicast and Link-Local MMulticast(BUM):Ingress-Replication Convert each BUM packet to multiple Unicast packets and transmit to each remote VTEP Multicast-Replication Convert each BUM packet to single Multicast pack

39、ets and transmit in Underlay networkMulticast replication offers significant system,network and end-user level performance benefitsUnderlay Network 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveUnderlay Design ConsiderationsLeaf Layer Access Spine/RR Direct|Multi-hopUnde

40、rlay|Overlay IP gatewayECMP|MulticastL2|L3 Overlay supportLayer 3 AccessLeafSpineCisco StackWise-VirtualSVLSpineLeafLayer 2|3 DistributionSpineLeafLeaf Layer DistributionSpine/RR Direct|Multi-hopUnderlay|Overlay IP gatewayMEC|ECMP|MulticastL2|L3 Overlay supportLeaf Layer DistributionSpine/RR Direct|

41、Multi-hopUnderlay|Overlay IP gatewayFHRP|ECMP|MulticastL3 Overlay.No L2 ExtensionLayer 2Layer 3BRKENS-2092 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEVPN ESI Dual-HomeLeafSpineEVPN ESI Single-HomeSpineLeafActiveStandbyLeaf Layer DistributionSpine/RR Direct|Multi-hopP

42、er-ESI AnyCast GatewayPer-Leaf|ECMP|MulticastL2|L3 Overlay supportUnderlay Design ConsiderationsLeaf Layer DistributionSpine/RR Direct|Multi-hopPer-ESI AnyCast GatewayPer-VLAN|ECMP|MulticastL2|L3 Overlay supportESI Ethernet Segment IdentifierLayer 2Layer 3ESI-1ESI-1ESI-2ESI-2 2023 Cisco and/or its a

43、ffiliates.All rights reserved.Cisco Public#CiscoLiveESI Multihomed Per VLAN EnhancementFHRP with Underlay Routed Access Layer L2Distribution-IP gatewayUnderlay|FHRP at DistributionLeaf Layer DistributionSpine/RR Direct|Multi-hopFHRP Gateway|Per-VLAN ECMP|MulticastL3 Overlay supportLeafSpineFHRP with

44、 Overlay Routed LeafSpineL2+L3 Overlay(DAG)with ESILeaf Layer DistributionSpine/RR Direct|Multi-hopPer-EVI|VLAN Load balancingECMP|MulticastL2+L3 OverlayLeafSpineL2 Overlay with ESI Leaf Layer DistributionSpine/RR Direct|Multi-hopPer-EVI|Per-VLAN load balancingECMP|MulticastL2 Overlay supportUnderla

45、y VlanFHRPFHRPVlan 11Vlan 11FHRPFHRPL3 Overlay Routed VLANVlan 21Vlan 21L2+L3 Overlay VLAN with DAGVlan 31Vlan 31L2 Overlay Bridged VLANVlan 41Vlan 41BRKENS-209227 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveUnderlay IP Routed Network AlternativesUnderlayUnderlayIP Sta

46、ckIP StackFlexible Underlay IP Routed network design alternativesNative IPv4 underlay support to transport VXLANv4 over UDPNative IPv4 or IPv6 underlay support VXLANv4 or transition VXLANv6 over UDPDual-Stack IPv4|IPv6 Underlay+VXLANv4|v6 Overlay support for seamless migrationsIPv4LeafSpineIPv4IPv4V

47、XLANv4 UnderlayVXLANv4 UnderlayIPv6LeafSpineIPv6IPv6VXLANv6 UnderlayVXLANv6 Underlay 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveUnderlay IP Routed Network AlternativesSpineUnderlayUnderlayIP StackIP StackFlexible Underlay IP Routed network design alternativesNative IP

48、v4 underlay support to transport VXLANv4 over UDPNative IPv4 or IPv6 underlay support VXLANv4 or transition VXLANv6 over UDPDual-Stack IPv4|IPv6 Underlay+VXLANv4|v6 Overlay support for seamless migrationsVXLANv6 UnderlayVXLANv6 UnderlayDual-StackLeafIPv4+IPv6IPv4+IPv6VXLANv4 UnderlayVXLANv4 Underlay

49、VXLANv4 UnderlayVXLANv4 UnderlayDual-StackIPv4+IPv6IPv4+IPv6 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveUnderlay Unicast Routing Design AlternativesIGPIGPEIGRP|OSPF|IS-ISRRRRRRCRRCIPv4|IPv66500165001AF:L2VPN|mVPNAF:L2VPN|mVPNBGP650036500165002AF:L2VPN|mVPNAF:L2VPN|mVP

50、NIPv4|IPv6IPv4|IPv6IPv4|IPv6UnderlayUnderlayUnicastUnicastFlexible Underlay Unicast alternatives IGP|BGP|MPLS|IPSecPhysical/Virtual Spine RR support IOS-XE|NXOS|XRSecure link-layer underlay network encryption using MACSECUnderlay MTU size consideration.TCP MSS adjust supported.30 2023 Cisco and/or i

51、ts affiliates.All rights reserved.Cisco Public#CiscoLiveMPLS6500365001L2VPN|mVPNL2VPN|mVPNIPv4|IPv6IPv4|IPv6MPLSIPSec6500365001L2VPNL2VPNIPv4|IPv6IPv4|IPv6IPSecUnderlay Unicast Routing Design AlternativesUnderlayUnderlayUnicastUnicastFlexible Underlay Unicast alternatives IGP|BGP|MPLS|IPSecPhysical/

52、Virtual Spine RR support IOS-XE|NXOS|XRSecure link-layer underlay network encryption using MACSECUnderlay MTU size consideration.TCP MSS adjust supported.31 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveFlexConnect Mode WirelessLocal SwitchingIPv4|IPv6802.1QCAPWAPLocal S

53、witching SSIDLeafEVPNLocal Mode WirelessIPv4|IPv6CAPWAP802.1QCentral SwitchingCentral Switching SSIDEVPNLeafSeamlessSeamlessWirelessWirelessTransparent Wireless integration in fabric.Intact WLC and AP communication in Underlay Flexible SSID alternatives Central Switching,Local Switching,Central+Loca

54、l SwitchingFabric boundary initiates from Wireless Client IP gateway.Consistent Wired and Wireless network access control policy enforcement32Overlay Network Topologies 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveLeafSpineSingle Cluster Fabric ArchitectureSmall/mid siz

55、e fabric design alternativeSingle fabric domain with shared Spine system across all network blockDirect or multi-hop away iBGP or eBGP L2VPN peer supportFlexible overlay IPv4/v6 ECMP multipath supportShared SpineWANDMZShared-ServicesDC EVPNDC ACIIP|MPLS|EVPNSD-WANInternetAPICACIACIACIACIACIACIACIACI

56、ACIACIBRKENS-209234 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveLayer 3 Overlay VXLAN TunnelsLayer 2 Overlay VXLAN TunnelsLeafNonNon-HierarchicalHierarchicalFabricFabricNon-hierarchical dynamic overlay VXLAN tunnelsLayer 2/3 overlay topologies based on route-target pol

57、iciesLinear VN&Leaf growth may impact overall fabric domain scaleLimited Layer 2 flood control supportWANDMZShared-ServicesDC EVPNDC ACIIP|MPLS|EVPNSD-WANInternetAPICACIACIACIACIACIACIACIACIACIACINon-Hierarchical Fabric DesignL3 VXLAN TunnelL2 VXLAN TunnelBRKENS-2092 2023 Cisco and/or its affiliates

58、.All rights reserved.Cisco Public#CiscoLiveDistributedDistributedSpineSpineMid to large size fabric design alternativeSingle fabric domain with distributed RR clusters for high scale fabricRR cluster grouping for end-to-end simplified overlay fabric networkLimited Layer 2 overlay support.Overlay Mul

59、ticast(TRM)not supported.Multi Cluster Fabric DesignLeafSpineWANDMZShared-ServicesDC EVPNDC ACIIP|MPLS|EVPNSD-WANInternetAPICACIACIACIACIACIACIACIACIACIACI36 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveLayer 2 Overlay VXLAN TunnelsLayer 3 Overlay VXLAN TunnelsLayer 2 O

60、verlay VXLAN TunnelsLayer 3 Overlay VXLAN TunnelsLayer 3 Overlay VXLAN TunnelsHierarchical Fabric DesignLeafSpineWANDMZShared-ServicesDC EVPNDC ACIIP|MPLS|EVPNSD-WANInternetAPICACIACIACIACIACIACIACIACIACIACIDistributedDistributedSpineSpineMid to large size fabric design alternativeSingle fabric doma

61、in with distributed RR clusters for high scale fabricRR cluster grouping for end-to-end simplified overlay fabric networkLimited Layer 2 overlay support.Overlay Multicast(TRM)not supported.L3 VXLAN TunnelL2 VXLAN Tunnel37 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSIT

62、ESITE-2 2SITESITE-1 1WANInternetAPICACILeafSpineLeafSpineMultisiteMultisiteFabricFabricWell-structured fabric overlay solution for large EN/DC networksSingle fabric site representation enables scalable overlay network hierarchyGranular control of Layer 2 and Layer 3 overlay flood and routing control

63、 Seamless integration between Catalyst and Nexus 9K(Border-GW)Multi-Site Fabric Architecture38 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSITESITE-1 1SITESITE-2 2WANInternetAPICACILeafSpineLeafSpineMulti-Site Fabric ArchitectureLayer 2 Overlay VXLAN TunnelsLayer 3 Ove

64、rlay VXLAN TunnelsLayer 2 Overlay VXLAN TunnelsLayer 3 Overlay VXLAN TunnelsLayer 3 Overlay VXLAN TunnelsLayer 2 Overlay VXLAN TunnelsMultisiteMultisiteFabricFabricWell-structured fabric overlay solution for large EN/DC networksSingle fabric site representation enables scalable overlay network hiera

65、rchyGranular control of Layer 2 and Layer 3 overlay flood and routing control Seamless integration between Catalyst and Nexus 9K(Border-GW)L3 VXLAN TunnelL2 VXLAN Tunnel 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveLayer 3 OverlayL3 OverlayL3 OverlayDistributed Anycast

66、GatewayLeafLeafBorderBorderL3 OverlayLeafLeafBorderBorderL3 OverlayL2 OverlayFlexible Routing and Bridging Overlay TypesOverlay Overlay TypesTypesFour overlay network types support at any network layer pointRoute first.Bridge when-and-where need rule for scalable fabric architectureFeature rich Laye

67、r 3 overlay network support Unicast|Multicast IPv4|IPv6Scalable Layer 2 overlay solution with suppression,flood management and moreL3 VXLAN TunnelL2 VXLAN TunnelL3 OverlayL2 Overlay 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCentralized GatewayL2 OverlayLeafLeafBorder

68、BorderL3 OverlayGlobal RoutingLayer 2 OverlayLeafLeafBorderBorderL2 OverlayL2 OverlayFlexible Routing and Bridging Overlay TypesOverlay Overlay TypesTypesFour overlay network types support at any network layer pointRoute first.Bridge when-and-where need rule for scalable fabric architectureFeature r

69、ich Layer 3 overlay network support Unicast|Multicast IPv4|IPv6Scalable Layer 2 overlay solution with suppression,flood management and moreL3 VXLAN TunnelL2 VXLAN TunnelL3 OverlayL2 Overlay41 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveMACIPPayloadUnderlayMACIPPayloadU

70、n-Tag to Un-TagMACIPPayloadUn-Tag to TagAdaptableBridgingAny to any Layer 2 overlay bridging across fabricFlexible solution to address Enterprise end-users to SP multi-tenant use-cases 1:1 or n:1-Layer 2 VLAN to VNI mapping based on overlay transport requirementsMaintains 802.1P QoS with option to o

71、ptimize for enhanced application user-experienceMACIPPayloadUnderlayMACIPPayloadMACIPPayloadTag to TagMACIPPayloadUnderlayMACIPPayloadMACIPPayload802.1Q802.1Q802.1QBRKENS-209242 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveFlexible Routing and Bridging Overlay Topologie

72、sFull-MeshLeafBorderPartial-MeshLeafBorderSwitch Group|Single Switch|VN|Subnet|VLAN|Port|AppSegmentationSegmentationTailored Tailored TopologiTopologiesesL3 VXLAN TunnelL2 VXLAN TunnelPolicy driven Layer 2 and Layer 3 overlay network topologiesSimplified overlay network solution for broad Enterprise

73、 security use-casesGranular fabric overlay solution based on network access control policy Flexible central policy enforcement with external fabric domain43 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveHub&SpokePoint-to-PointFlexible Routing and Bridging Overlay Topolog

74、iesTailored Tailored TopologiesTopologiesL3 VXLAN TunnelL2 VXLAN TunnelPolicy driven Layer 2 and Layer 3 overlay network topologiesSimplified overlay network solution for broad Enterprise security use-casesGranular fabric overlay solution based on network access control policy Flexible central polic

75、y enforcement with external fabric domainBRKENS-209244 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveHub-n-SpokeLeafBorderVLANVNIBUM30130001IngressReplication3023000230330003Point-to-PointLeafVLANVNIBUM40140001IngressReplication4024000240340003Efficient Layer 2 Broadcast

76、 domainScalable Scalable L2 BUML2 BUML3 VXLAN TunnelL2 VXLAN TunnelPer L2VNI BUM replication-type support.Deterministic BUM traffic management with BUM Rate-LimiterBUM replication-type selection based on Layer 2 overlay topologyControlled Multicast BUM based on broadcast domain boundary(n x L2VNI ID

77、:1 Multicast Group)Simplified Ingress-Replication for point-to-point Layer 2 overlay fabric45 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveFull MeshVLANVNIBUM10110001MulticastGroup 310003VLANVNIGroup20120001MulticastGroup 320003VLANVNIBUM20120001Mu

78、lticastGroup 22022000220320003Partial MeshEfficient Layer 2 Broadcast domainScalable Scalable L2 BUML2 BUML3 VXLAN TunnelL2 VXLAN TunnelPer L2VNI BUM replication-type support.Deterministic BUM traffic management with BUM Rate-LimiterBUM replication-type selection based on Layer 2 overlay topologyCon

79、trolled Multicast BUM based on broadcast domain boundary(n x L2VNI ID:1 Multicast Group)Simplified Ingress-Replication for point-to-point Layer 2 overlay fabric46 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCampus UsersVRFBuilding Management VRFMacro Segmentation:No co

80、mmunication between VRFsMicro Segmentation:Second level Segmentation between groups within a VRFFabric Segmentation OptionsBRKENS-209247EVPN FabricCampus Users VRFEVPN FabricBuilding Management VRF 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSecurity Group Based Access

81、 Control Unique 16 bit(65K)Unique 16 bit(65K)tag assigned to unique roleunique role Represents privilege of the source user,device,or entityprivilege of the source user,device,or entity Tagged at ingress Tagged at ingress of TrustSec domainSGACLSGSecurity Group Tag Filtered(SGACL)at egress Filtered(

82、SGACL)at egress of TrustSec domain No IP address required in ACENo IP address required in ACE(IP address is bound to SGT)Policy(ACL)is distributed from central policy server(ISE)distributed from central policy server(ISE)or configured locally on TrustSec device Provides topology independenttopology

83、independent policy Flexible and scalable policy based on user role Centralized Policy Management Centralized Policy Management for Dynamic policy provisioning Reduced TCAM utilization due to SG ACL useBenefitsBenefitsBRKENS-209248 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#Cis

84、coLive0AAA/RADIUSAAA/RADIUSIdentity Service EngineOuter MAC Header Outer IP Header Outer UDP HeaderFCSOriginal Layer 2 FrameVXLAN HeaderVXLAN HeaderFLAGS 16 bitsG R R R I R R R R D R R A R R R SGT ID SGT ID 16 bits16 bitsVNI INSATANCE ID 24 BITSRSVD 8 BITSBGP EVPN Role based Access Contro

85、lAccess/LeafVTEPAccess/LeafVTEPSGT Propagation Role Based Access Control Scalable policy based on User roleDynamic or Static Policyenforcement Centralized Policy Management for Dynamic policy provisioningFinanceEngineeringBuilding ManagementEngineeringServersBMSFinancial DataSoftwareCisco IOS XE 17.

86、11.1EVPNCampus VRFCampus VRFBRKENS-209249VXLANGBP 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveInsideOutsideSummary RouteNetwork|Host RouteLeafLeafSpine BorderInsideOutsideDefault|Summary RouteNetwork|Host RouteLeafLeafSpine BorderSummary RouteDefault|Summary RouteDefau

87、lt|Summary RouteSecure VN ExtensionDesign 1 Stateful VN ExtensionSecure Shared ExtensionDesign 2 Stateful Global ExtensionBRKENS-209250Default|Summary RouteMulticast over VXLAN 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveMulticastMulticastUnderlay MulticastUnderlay Mul

88、ticastMulticast RP integrated on Spine or separate systemNon-overlapping Multicast Group for different purposeRecommended to large scale EVPN deploymentsDefault MDT Group Range for Overlay TRM MulticastLeafSpineUnderlayUnderlayGroupGroup-RangeRange-1 1BUMBUMGroupGroup-RangeRange-2 2OverlayOverlayGro

89、upGroup-RangeRange-3 3MulticastMulticastRPRPMulticast RoutingBRKENS-209252 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveLayer 3 OverlayLeafSpineVRFRPIPMDTBlueAnycastLo1:10.1.1.101239.1.1.101YellowAnycastLo2:10.2.1.101239.2.1.101GreenAnycastLo3:10.3.1.101239.3.1.10165001

90、mVPNDistributed Anycast RPLayer 3 OverlayLeafSpineVRFRPIPMDTBlueAnycastLo1:10.1.1.101239.1.1.101YellowAnycastLo2:10.2.1.101239.2.1.101GreenAnycastLo3:10.3.1.101239.3.1.10165001mVPNFabric Border RPSVLBorderRPRPRPRPRPRPRPOverlayOverlayRP DesignRP DesignStandard-based Multicast overlay network design s

91、upportFlexible Multicast RP design alternatives to address scale,performance,resiliencyAnyCast RP at Leaf or Border enables distributed Multicast administrative domains supporting unified routing policiesUnified Multicast RP between Underlay and Overlay RP supporting existing brownfield deployment m

92、odels53 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveLayer 3 OverlayLeafSpineVRFRPIPMDTBlueAnycastLo1:10.1.1.101239.1.1.101YellowAnycastLo2:10.2.1.101239.2.1.101GreenAnycastLo3:10.3.1.101239.3.1.10165001mVPNExternal Domain RPBorderRPMSDPIPRPGlobalEVPNOverlay RP DesignOv

93、erlay RP DesignStandard-based Multicast overlay network design supportFlexible Multicast RP design alternatives to address scale,performance,resiliencyAnyCast RP at Leaf or Border enables distributed Multicast administrative domains supporting unified routing policiesUnified Multicast RP between Und

94、erlay and Overlay RP supporting existing brownfield deployment modelsBRKENS-209254 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveLeafBlue VRF Default MDT:239.1.1.1EVPN TRM Multicast NetworkBorderSourceSource239.101.1.1239.101.1.1SourceSource239.101.1.2239.101.1.2Receiver

95、Receiver239.101.1.1239.101.1.1ReceiverReceiver239.101.1.1239.101.1.1DROPDROPDROPDROPDROPDROPDROPDROPNon-selective overlay Multicast replicationInessential core network bandwidth utilizationRedundant system resources utilizationLimited scale for dense network environmentChallengesChallengesTRM Defaul

96、t MDTBRKENS-209255 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveLeafBlue VRF Default MDT:239.1.1.1EVPN TRM Multicast NetworkBorderSourceSource239.101.1.1239.101.1.1SourceSource239.101.1.2239.101.1.2ReceiverReceiver239.101.1.1239.101.1.1ReceiverReceiver239.101.1.1239.101

97、.1.1Blue VRF Data MDT :239.1.2.1Blue VRF Data MDT :239.1.2.2DROPDROPDROPDROPDROPDROPDROPDROPStateful L2 Multicast Overlay networkIndustry-standard based control-planeApplicable to Centralized Gateway or Cross-Connect Overlay networksScale.Performance.Security.Key BenefitsKey BenefitsTRM Data MDTBRKE

98、NS-209256EVPN Fabric Interworking 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveBorderLeafEVPNDCEVPN MAC VRFEVPN IP VRFEVPN IP VRFFusion VRFBorderLeafEVPNDCEVPN MAC VRFEVPN IP VRFEVPN IP VRFGlobal VRFFusion VRF ExtranetEVPN|Non-EVPN VRF Route-LeakingGlobal VRF ExtranetGl

99、obal VRF Route-LeakingIntegratedIntegratedExtranetExtranetPolicy-based stateless extranet Unicast routingFlexible route-leaking solution-EVPN-EVPN|EVPN-Non EVPN VRF|EVPN-GlobalVarious external Unicast routing protocol handoffBRKENS-209258 2023 Cisco and/or its affiliates.All rights reserved.Cisco Pu

100、blic#CiscoLiveL2 VLAN HandoffExtended Bridge DomainEVPNBorderLeafSpineL2L2L2L2EVPNBorder|PELeafSpineL2L2VPLSLDPL2 VPLS HandoffExtended Bridge DomainIntegratedIntegratedExtranetExtranetTransparent EVPN handoff to Layer 2 or Layer 3 to traditional underlay segmented networksSeamless multi-domain inter

101、working at Border IP,MPLS VPN,EoMPLS/VPLS,SD-WAN,etc.Extendable Unicast|Multicast support for IPv4 and IPv6 between EVPN to external domainDedicated or collapsed system-role Leaf,Spine,Border,Border-Leaf,Border-Spine59 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveL3 VLA

102、N HandoffSegmented Routing DomainL3 Overlay HandoffExtended Routing DomainEVPNBorderLeafSpineL2L2L3L3L2L3EVPNBorderLeafSpineLDPL3L3MPLSSD-WANEVPNIntegratedIntegratedExtranetExtranetTransparent EVPN handoff to Layer 2 or Layer 3 to traditional underlay segmented networksSeamless multi-domain interwor

103、king at Border IP,MPLS VPN,EoMPLS/VPLS,SD-WAN,etc.Extendable Unicast|Multicast support for IPv4 and IPv6 between EVPN to external domainDedicated or collapsed system-role Leaf,Spine,Border,Border-Leaf,Border-Spine60 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSecure En

104、crypted FabricSingle Cluster Non-Hierarchical FabricEncrypted EVPN WAN FabricEncrypted EVPN WAN FabricDCInternetIPSpine BorderLeafHQBranch-1Branch-2Branch-3 Branch-4Branch-5Branch-6DCInternetSpine BorderLeafEVPN over IPSecHQBranch-1Branch-2Branch-3 Branch-4Branch-5Branch-6HQSpineLeafSecure Encrypted

105、 FabricMulti Cluster Hierarchical FabricEVPN over IPSecHigh performance Catalyst 9300-X/9400X IPsec underlay network solutionSimplified and scalable Layer 3 overlay fabric with integrated or co-located Spine/RRSingle fabric cluster across WAN or“stitch”to EVPN fabric at central-office Unicast|Multic

106、ast support for IPv4 and IPv6 in overlayEncrypted Encrypted EVPN Fabric EVPN Fabric 61 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveBGP-EVPN Overlays with IPv6 UnderlayIngress ReplicationOverlay-v4 UnicastOverlay-v6 UnicastSeamless Seamless IPv6 IPv6 MigrationMigrationM

107、ulticast ReplicationOverlay-v4 UnicastOverlay-v6 UnicastDual-StackV6 peers only Mixed:V4/V6 and Dual Stack VTEPsAll Dual Stack VTEPSIPv6BRKENS-209262 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveinterface Loopback0ip address 172.168.26.1 255.255.255.255ip ospf 100 area

108、0ipv6 address 2006:1:2/128ipv6 ospf 1 area 0!interface nve1no ip addressload-interval 30source-interface Loopback0host-reachability protocol bgpvxlan encapsulation dual-stack prefer-ipv4 underlay-mcast ipv4member vni 111110 ingress-replicationmember vni 222220 mcast-group 232.10.10.10 ff0e:12member

109、vni 110110 vrf CORPmember vni 220220 vrf GUESTSingle IPv4 VTEP&BGP PeeringDual Stack VTEP&BGP PeeringDual Stack VTEP&BGP PeeringVXLANv4VXLANv6VXLANv4VXLANv6VXLANv6BGP-EVPN Seamless Migration to IPv6 UnderlayUnicast traffic and BUM traffic with IR,dual stack VTEP will communicate with other IPv4 VTEP

110、;s using VXLANv4 and with other Dual Stack VTEP using VXLANv6BUM traffic with Multicast Replication:Underlay Multicast IPv4 is usedVXLANv4BUM Underlay McastSingle IPv4 VTEP&BGP PeeringDual Stack VTEP&BGP PeeringDual Stack VTEP&BGP PeeringVXLANv6VXLANv4BUM Underlay McastBRKENS-209263 2023 Cisco and/o

111、r its affiliates.All rights reserved.Cisco Public#CiscoLiveinterface Loopback0ip address 172.168.26.1 255.255.255.255ip ospf 100 area 0ipv6 address 2006:1:2/128ipv6 ospf 1 area 0!interface nve1no ip addressload-interval 30source-interface Loopback0host-reachability protocol bgpvxlan encapsulation du

112、al-stack prefer-ipv4 underlay-mcast ipv6member vni 111110 ingress-replicationmember vni 222220 mcast-group 232.10.10.10 ff0e:12member vni 110110 vrf CORPmember vni 220220 vrf GUESTSingle IPv4 VTEP&BGP PeeringDual Stack VTEP&BGP PeeringDual Stack VTEP&BGP PeeringVXLANv6VXLANv6VXLANv6VXLANv6BUM Underl

113、ay Mcastinterface Loopback0ipv6 address 2006:1:2/128ipv6 ospf 1 area 0!interface nve1no ip addressload-interval 30source-interface Loopback0host-reachability protocol bgpvxlan encapsulation ipv6member vni 111110 ingress-replicationmember vni 222220 mcast-group ff0e:12member vni 110110 vrf CORPmember

114、 vni 220220 vrf GUESTSingle IPv4 VTEP&BGP PeeringDual Stack VTEP&BGP PeeringDual Stack VTEP&BGP PeeringVXLANv6VXLANv6VXLANv6VXLANv6BUM Underlay McastOnce all VTPEs are Dual-stack capable,the underlay Mcast can be switched to ipv6 MulticastDual Stack VTEP migration to complete VXLANv6BGP-EVPN Seamles

115、s Migration to IPv6 UnderlayBRKENS-209264Automation 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveYANG Data ModelsNETCONF RESTCONFgNMIDevice FeaturesInterfaceBGPQoSACLSNMPOpenConfigCisco NativeConfiguration and OperationIntentIntent-based based Network InfrastructureNetw

116、ork InfrastructureThe NETCONF,RETCONF and gNMI are programmatic interfaces that provide additionalmethods for interfacing with the IOS XE deviceYANG data models define the data that is available for configuration and streaming telemetryIOS-XE IOS-XE/XR NX-OSIOS XE ProgrammabilityBRKENS-209266 2023 C

117、isco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSolution PlaybookPre-checksFrameworkFramework forfor prepre-checkschecksEg:License check,underlay reachabilitycheckOverlay configSolutionSolution levellevel deploymentdeploymentEg:Ipv4+Ipv6+TRMin a singleplaybookPost ChecksFramewor

118、kFramework forfor postpost-checkcheckEg:BGP status up/down,overlay pingchecksL3+L2vni addSameSame playbookplaybook toto addadd L L3 3/L/L2 2 VNIsVNIsEg:Add one or multiple L3/l2vni usingsame playbookSimple to UseSimple to Use Single playbook for complete solution Single inventory file to add Leaf/Sp

119、ine variablesEVPN Ansible Solution PlaybookBRKENS-209267 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveBGP EVPN Ansible AutomationDEMODEMOLEAF-1LEAF-2SPINE-1SPINE-2BGP EVPN FABRIC10.10.10.102001:10:10:10:1010.10.20.102001:10:10:20:10BRKENS-209268 2023 Cisco and/or its af

120、filiates.All rights reserved.Cisco Public#CiscoLive69BRKENS-2092 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveFeature specific PlaybooksAnsible Playbooks(https:/ a featureGet playbooks belowEVPN Ansible Feature level PlaybookBRKENS-209270 2023 Cisco and/or its affiliate

121、s.All rights reserved.Cisco Public#CiscoLiveEVPN Automation with TerraformTerraform Provider(https:/registry.terraform.io/providers/robertcsapo/ciscoevpn/1.0.1)Terraform Examples(https:/ 9000 EVPN Reference 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveBGP EVPN VXLAN Ove

122、rviewConfiguring EVPN VXLAN Layer 2 Overlay NetworkConfiguring EVPN VXLAN Layer 3 Overlay NetworkConfiguring EVPN VXLAN Integrated Routing and BridgingConfiguring Spine Switches in a BGP EVPN VXLAN FabricConfiguring DHCP Relay in a BGP EVPN VXLAN FabricConfiguring VXLAN-Aware Flexible NetFlowConfigu

123、ring Tenant Routed MulticastConfiguring EVPN VXLAN External ConnectivityCisco DNA Service for Bonjour OverviewConfiguring Cisco DNA Service for Bonjour over EVPN VXLAN Layer 3 Overlay NetworksTroubleshooting BGP EVPN VXLANFeature History and Information for BGP EVPN VXLANCompleted ChaptersCompleted

124、ChaptersCompleted ChaptersCompleted ChaptersMore Coming Soon More Coming Soon https:/ GuideBRKENS-209273 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLive Cisco Catalyst 9000 at-a-Glance Cisco Catalyst 9000 Family FAQ Catalyst 9000 Series-Cisco Community Catalyst 9000 Serie

125、s CiscoLive Librarycs.co/cat9kbookFREEWould You Like to Know More?Catalyst 9000 Series Enterprise SwitchesBRKENS-209274 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCisco Catalyst TV This channel is all about Cisco Catalyst Platforms and its services and software soluti

126、ons.Subscribe and Explore Playlists Catalyst Switching and Catalyst Programmability&Automation for videos and demos by the Technical Marketing Engineers on latest,relevant and exciting topics.https:/ 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveFill out your session sur

127、veys!Attendees who fill out a minimum of four session surveys and the overall event survey will get Cisco Live-branded socks(while supplies last)!These points help you get on the leaderboard and increase your chances of winning daily and grand prizesAttendees will also earn 100 points in the Cisco L

128、ive Challenge for every survey completed.BRKENS-209276 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicContinue your educationVisit the Cisco Showcase for related demosBook your one-on-oneMeet the Engineer meetingAttend the interactive education with DevNet,Capture the Flag,and Walk

129、-in LabsVisit the On-Demand Library for more sessions at www.CiscoL you#CiscoLive 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLive79Gamify your Cisco Live experience!Get points Get points for attending this session!for attending this session!Open the Cisco Events App.Click on Cisco Live Challenge in the side menu.Click on View Your Badges at the top.Click the+at the bottom of the screen and scan the QR code:How:123479 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicBRKENS-2092#CiscoLive