vxlanGlobal Config

feature vn-segment-vlan-based

Enables VLAN-based VXLAN network segmentation on the switch, allowing VLANs to be mapped to VXLAN segments.

Overview

The 'feature vn-segment-vlan-based' command enables VLAN-based VXLAN network segmentation on Cisco Nexus switches running NX-OS. VXLAN (Virtual Extensible LAN) is an overlay technology that extends Layer 2 networks over a Layer 3 underlay using MAC-in-UDP encapsulation. VLAN-based segmentation is one method of mapping traditional VLANs to VXLAN Network Identifiers (VNIs), allowing seamless integration of existing VLAN configurations into a VXLAN fabric. This command is a prerequisite for configuring VLAN-to-VNI mappings under the 'vlan configuration' mode. Without it, the switch will reject any VNI mapping commands. The feature is typically enabled on VTEPs (VXLAN Tunnel Endpoints) that need to bridge traffic between VLANs and VXLAN segments. In a typical data center fabric, this command is used on leaf switches that connect to servers. It is important to note that this feature is specific to NX-OS and is not available on Cisco IOS devices. Enabling it does not require a reload on most modern Nexus platforms, making it a non-disruptive operation. The command fits into the troubleshooting workflow by ensuring that the necessary feature is active before investigating VXLAN connectivity issues. If VNI mappings are not working, verifying that 'vn-segment-vlan-based' is enabled is a first step.

Syntax·Global Config
feature vn-segment-vlan-based

When to Use This Command

  • Enabling VXLAN bridging for VLAN-based overlay networks in a data center fabric.
  • Preparing the switch to map VLANs to VXLAN VNIs for tenant traffic isolation.
  • Activating the feature before configuring VLAN-to-VNI mappings under VLAN configuration mode.
  • Enabling the feature on a Nexus switch that will act as a VXLAN Tunnel Endpoint (VTEP).

Parameters

ParameterSyntaxDescription
Nonefeature vn-segment-vlan-basedThis command has no parameters. It simply enables the VLAN-based VXLAN segmentation feature on the switch.

Command Examples

Enable VXLAN VLAN-based segmentation

configure terminal feature vn-segment-vlan-based
switch(config)# feature vn-segment-vlan-base
d
switch(config)#

The command is entered in global configuration mode. No output indicates success; the feature is enabled.

Verify feature is enabled

show feature | include vn-segment
vn-segment-vlan-based          1          enabled

The output shows the feature name and its state. '1' indicates the feature instance number, and 'enabled' confirms it is active.

Understanding the Output

The 'show feature' command displays all features and their states. For 'vn-segment-vlan-based', the output includes the feature name, instance number, and status. A status of 'enabled' means the feature is active and ready for configuration. If the status shows 'disabled', the feature is not running and must be enabled using the 'feature vn-segment-vlan-based' command. There are no other fields to interpret; it's a simple on/off state.

Configuration Scenarios

Basic VXLAN VLAN-based Segmentation

A leaf switch in a VXLAN fabric needs to map VLAN 100 to VNI 10100 for tenant A traffic.

Topology

Leaf-1 (VTEP) connected to Server-1 (VLAN 100) and Spine switch (underlay).

Steps

  1. 1.Enable the feature: 'feature vn-segment-vlan-based'
  2. 2.Enter VLAN configuration mode: 'vlan 100'
  3. 3.Map VLAN to VNI: 'vn-segment 10100'
  4. 4.Exit and verify: 'show vxlan'
Configuration
! Enable VXLAN VLAN-based segmentation
feature vn-segment-vlan-based
! Configure VLAN 100 with VNI 10100
vlan 100
  vn-segment 10100

Verify: Use 'show vxlan vni' to confirm VNI 10100 is associated with VLAN 100.

Watch out: Ensure the VLAN exists before mapping; otherwise, the 'vn-segment' command will fail.

Troubleshooting with This Command

When troubleshooting VXLAN connectivity issues, the first step is to verify that the 'vn-segment-vlan-based' feature is enabled. Use 'show feature | include vn-segment' to check its status. If it is disabled, enable it with the 'feature vn-segment-vlan-based' command. After enabling, confirm that the VLAN-to-VNI mappings are configured correctly under the VLAN configuration mode. Use 'show vlan id <vlan-id>' to see if the VNI is associated. If the VNI does not appear, re-enter the VLAN configuration and apply the 'vn-segment' command. Also, check that the VNI is not already in use by another VLAN. On NX-OS, a VNI can only be mapped to one VLAN. If you encounter an error like 'VNI already in use', you must remove the existing mapping from the other VLAN. Additionally, ensure that the VXLAN feature itself is enabled ('feature nv overlay') and that the NVE interface is configured. The 'show vxlan' command provides a summary of all VNIs and their states. A common issue is that the VNI shows as 'down' because the NVE interface is not operational or the underlay routing is not working. In that case, check the NVE interface status and the IP connectivity to the remote VTEP. Finally, verify that the VLAN is allowed on the relevant interfaces and that the server is sending traffic. The 'feature vn-segment-vlan-based' command is a foundational step; without it, none of the VXLAN bridging configuration will work.

CCNA Exam Tips

1.

Remember that 'feature vn-segment-vlan-based' is a prerequisite for configuring VLAN-to-VNI mappings under 'vlan configuration' mode.

2.

On the CCNP Data Center exam, know that this feature is specific to NX-OS and is not present in Cisco IOS.

3.

Be aware that enabling this feature may require reloading the switch on some platforms, though on modern Nexus switches it is hitless.

Common Mistakes

Forgetting to enable the feature before attempting to configure VNI mappings, resulting in a 'feature not enabled' error.

Confusing this command with 'feature vn-segment' which is used for VXLAN routing; this command is for VLAN-based bridging.

Assuming the feature is enabled by default; it must be explicitly configured.

Platform Notes

This command is specific to Cisco NX-OS running on Nexus switches. It is not available on Cisco IOS or IOS-XE. On other platforms like Arista EOS, the equivalent command is 'vlan aware bundle' or 'vxlan vlan-vni mapping' under the VLAN configuration. On Juniper Junos, the equivalent is 'vlan vni' under the VLAN stanza. In NX-OS, this feature was introduced in version 6.1(2)I2(1) for Nexus 9000 series and later for other platforms. There is no 'no' form of this command; to disable it, you must use 'no feature vn-segment-vlan-based', but this will remove all VLAN-to-VNI mappings. On some older Nexus platforms, enabling this feature might require a reload, but on modern hardware it is hitless. Always check the release notes for your specific NX-OS version.

Practice for the CCNA 200-301

Test your knowledge with hundreds of CCNA practice questions covering all exam domains.

Practice CCNA Questions