NetArchitect AI
Get Started
Tools/Cisco DC Fabric Suite
Unified Fabric Designer

Cisco DC Fabric Suite

Design ACI, VXLAN/EVPN, or Classic vPC fabrics with capacity analysis, Cisco BoM & licensing, multi-vendor interop export, automation templates, and a generated change-validation runbook.

High-Level Design (HLD)
# High-Level Design (HLD) — EVPN-Fabric-01
_Generated by NetArchitect AI · Mode: **vxlan-evpn** · License: **advantage**_

## 1. Executive Summary
This document describes the high-level design for **EVPN-Fabric-01**, a Cisco data-center fabric built on a **spine-leaf VXLAN/EVPN** architecture. The fabric supports **128 server ports** at **25G** with **4:1** oversubscription against **100G** uplinks.

## 2. Design Principles
- **Resilience**: dual redundancy across 2 spines and 4 leafs.
- **Scalability**: Spine radix budget headroom of 26 ports for future leafs.
- **Segmentation**: 1 tenant VRF(s), 3 L2/L3 segments.
- **Standards alignment**: Cisco Validated Design (CVD) for vxlan-evpn, RFC 7432 (EVPN), RFC 8365 (VXLAN-EVPN).

## 3. Physical Topology
| Role | Model | Quantity |
| ---- | ----- | -------- |
| Spine | N9K-C9332C | 2 |
| Leaf  | N9K-C93180YC-FX3  | 4 |
| Border Leaf | N9K-C93180YC-FX3 | 2 |

## 4. Logical Architecture
- **Underlay**: OSPF on /31 point-to-point links from `10.1.0.0/16`.
- **Overlay**: BGP EVPN (AF L2VPN/EVPN) with iBGP route-reflection on spines (ASN 65100 for leafs).
- **VTEP**: Loopback1 in `10.2.0.0/24`; BGP-EVPN ingress replication.
- **Anycast Gateway**: distributed on every leaf (`fabric forwarding mode anycast-gateway`).

## 5. IP Addressing Plan
| Block | Purpose |
| ----- | ------- |
| 10.0.0.0/24 | Loopback0 (router-id, underlay) |
| 10.2.0.0/24 | Loopback1 (VTEP source) |
| 10.1.0.0/16 | P2P /31 underlay links |
| 10.255.0.0/24 | Out-of-band management |

## 6. Tenancy & Segmentation

### Tenant: PROD (VRF VRF-PROD)
| Segment | VLAN | VNI | Subnet | Gateway |
| ------- | ---- | --- | ------ | ------- |
| WEB | 110 | 10110 | 10.10.10.0/24 | 10.10.10.1 |
| APP | 120 | 10120 | 10.10.20.0/24 | 10.10.20.1 |
| DB | 130 | 10130 | 10.10.30.0/24 | 10.10.30.1 |

## 7. Capacity & Oversubscription
- Total server bandwidth: **3200 Gbps**
- Total uplink bandwidth: **800 Gbps**
- Oversubscription: **4:1**

**Warnings:**
- Oversubscription 4:1 exceeds 3:1 best-practice for east-west fabrics.

## 8. Operations & Assurance
- Telemetry: streaming (gNMI) to Nexus Dashboard / Insights.
- Change validation: pre/post-change runbook (auto-generated).
- Compliance baseline: Cisco DC best-practice checks (auto-generated).
Low-Level Design (LLD)
# Low-Level Design (LLD) — EVPN-Fabric-01
_Generated by NetArchitect AI · 2026-05-16_

## 1. Device Inventory
| Hostname | Role | Model | Mgmt IP | Loopback0 |
| -------- | ---- | ----- | ------- | --------- |
| SPINE-01 | Spine | N9K-C9332C | 10.255.0.10/24 | 10.0.0.1/32 |
| SPINE-02 | Spine | N9K-C9332C | 10.255.0.11/24 | 10.0.0.2/32 |
| LEAF-01 | Leaf | N9K-C93180YC-FX3 | 10.255.0.12/24 | 10.0.0.3/32 |
| LEAF-02 | Leaf | N9K-C93180YC-FX3 | 10.255.0.13/24 | 10.0.0.4/32 |
| LEAF-03 | Leaf | N9K-C93180YC-FX3 | 10.255.0.14/24 | 10.0.0.5/32 |
| LEAF-04 | Leaf | N9K-C93180YC-FX3 | 10.255.0.15/24 | 10.0.0.6/32 |
| BL-01 | Border-Leaf | N9K-C93180YC-FX3 | 10.255.0.16/24 | 10.0.0.7/32 |
| BL-02 | Border-Leaf | N9K-C93180YC-FX3 | 10.255.0.17/24 | 10.0.0.8/32 |

## 2. Interface & Link Plan
Each leaf consumes **2** uplink ports (one per spine where possible). All fabric links use **/31** addressing from `10.1.0.0/16` and **MTU 9216** for jumbo + VXLAN overhead.

| Source | Source Port | Destination | Destination Port | Subnet | MTU |
| ------ | ----------- | ----------- | ---------------- | ------ | --- |
| SPINE-01 | Eth1/1 | LEAF-01 | Eth1/33 | 10.1.0.0/31 | 9216 |
| SPINE-01 | Eth1/2 | LEAF-02 | Eth1/33 | 10.1.0.2/31 | 9216 |
| SPINE-01 | Eth1/3 | LEAF-03 | Eth1/33 | 10.1.0.4/31 | 9216 |
| SPINE-01 | Eth1/4 | LEAF-04 | Eth1/33 | 10.1.0.6/31 | 9216 |
| SPINE-01 | Eth1/5 | BL-01 | Eth1/33 | 10.1.0.8/31 | 9216 |
| SPINE-01 | Eth1/6 | BL-02 | Eth1/33 | 10.1.0.10/31 | 9216 |
| SPINE-02 | Eth1/1 | LEAF-01 | Eth1/34 | 10.1.0.12/31 | 9216 |
| SPINE-02 | Eth1/2 | LEAF-02 | Eth1/34 | 10.1.0.14/31 | 9216 |
| SPINE-02 | Eth1/3 | LEAF-03 | Eth1/34 | 10.1.0.16/31 | 9216 |
| SPINE-02 | Eth1/4 | LEAF-04 | Eth1/34 | 10.1.0.18/31 | 9216 |
| SPINE-02 | Eth1/5 | BL-01 | Eth1/34 | 10.1.0.20/31 | 9216 |
| SPINE-02 | Eth1/6 | BL-02 | Eth1/34 | 10.1.0.22/31 | 9216 |

## 3. Routing Protocol Detail
- **Underlay**: OSPF area 0.0.0.0, network point-to-point.
- **Overlay**: BGP ASN 65100 (leafs); spines act as route-reflectors per spine ASN 65000+n.
- **AF**: `address-family l2vpn evpn` with `send-community both` and `route-reflector-client` on spines.
- **NVE**: source-interface Loopback1, host-reachability protocol bgp.

## 4. VLAN / VRF / VNI Map
| Tenant | VRF | VLAN | VNI L2 | VNI L3 | Subnet | Anycast GW |
| ------ | --- | ---- | ------ | ------ | ------ | ---------- |
| PROD | VRF-PROD | 110 | 10110 | 50000 | 10.10.10.0/24 | 10.10.10.1 |
| PROD | VRF-PROD | 120 | 10120 | 50000 | 10.10.20.0/24 | 10.10.20.1 |
| PROD | VRF-PROD | 130 | 10130 | 50000 | 10.10.30.0/24 | 10.10.30.1 |

## 5. Security & Policy
- ACL templates applied at leaf SVIs per segment (see configs).
- Control-plane policing (CoPP) uses NX-OS strict template.

## 6. Operational Parameters
- **MTU**: 9216 system-wide (fabric, NVE, SVIs).
- **ECMP**: maximum-paths 64 in BGP/EVPN, OSPF maximum-paths 8.
- **CoPP**: `strict` profile.
- **Telemetry**: model-driven gNMI to Nexus Dashboard.
- **Time**: NTP authenticated to 2 sources; PTP not in scope.