member vni [id] ingress-replication protocol bgp
Configures a VNI member under an NVE interface to use ingress replication with BGP as the control plane for VXLAN.
Overview
The 'member vni [id] ingress-replication protocol bgp' command is used in Cisco NX-OS to associate a VXLAN Network Identifier (VNI) with an NVE (Network Virtualization Edge) interface and specify that ingress replication should be used with BGP as the control plane protocol. This command is a critical part of configuring VXLAN EVPN (Ethernet VPN) fabrics, which are widely deployed in modern data centers for network virtualization and overlay networking.
VXLAN (Virtual Extensible LAN) is an overlay technology that encapsulates Layer 2 frames in UDP packets to extend Layer 2 segments across a Layer 3 underlay network. Ingress replication is a method for handling BUM (Broadcast, Unknown Unicast, and Multicast) traffic where the ingress VTEP (VXLAN Tunnel Endpoint) replicates packets to all remote VTEPs in the same VNI. BGP EVPN serves as the control plane to distribute MAC/VTEP reachability information, enabling efficient forwarding and reducing the need for multicast in the underlay.
On Cisco Nexus switches running NX-OS, this command is entered in NVE configuration mode (interface nve1). It is typically used when building a VXLAN EVPN fabric with a spine-leaf topology. The command replaces older methods like multicast-based replication or static ingress replication. It is essential for enabling BGP EVPN to dynamically learn remote VTEPs and MAC addresses for the specified VNI.
In troubleshooting workflows, verifying this command's configuration is the first step when VNI connectivity issues arise. Use 'show nve vni' to confirm the VNI is up and using BGP control plane. If the VNI is down or not using BGP, check the NVE interface status, BGP EVPN configuration, and ensure the VNI is defined in the EVPN address-family.
member vni <vni-id> ingress-replication protocol bgpWhen to Use This Command
- Enabling BGP EVPN control plane for VXLAN VNI in a spine-leaf fabric.
- Configuring ingress replication for a specific VNI to reduce multicast dependency.
- Replacing multicast-based replication with BGP-driven ingress replication for VXLAN.
- Adding a new tenant VNI to an existing NVE interface with BGP EVPN.
Parameters
| Parameter | Syntax | Description |
|---|---|---|
| vni-id | <1-16777215> | The VXLAN Network Identifier (VNI) that identifies the Layer 2 segment. Must match the VNI configured under the VLAN or EVPN instance. Range is 1 to 16777215. |
| ingress-replication | ingress-replication | Specifies that ingress replication is used for BUM traffic. This is the recommended method for VXLAN EVPN fabrics. |
| protocol bgp | protocol bgp | Specifies BGP as the control plane protocol for the VNI. BGP EVPN is used to exchange MAC/VTEP information and enable dynamic ingress replication. |
Command Examples
Configure VNI 10000 with BGP ingress replication
member vni 10000 ingress-replication protocol bgpThis command configures VNI 10000 under the NVE interface to use ingress replication with BGP as the control plane protocol. No output is shown upon success.
Verify VNI configuration on NVE interface
show nve vni 10000Interface: nve1, VNI: 10000 VNI State: Up Replication: Ingress Control Plane: BGP Peer List: 10.1.1.1 10.1.1.2
The output shows VNI 10000 is up, using ingress replication with BGP control plane, and has two BGP EVPN peers (10.1.1.1 and 10.1.1.2) for this VNI.
Understanding the Output
The 'show nve vni' command displays the operational state of VNIs configured under the NVE interface. Key fields include: VNI State (Up/Down) indicates whether the VNI is operational; Replication shows the replication mode (Ingress or Multicast); Control Plane indicates the protocol used (BGP or Static); Peer List shows the remote VTEP IPs learned via BGP EVPN for this VNI. A healthy state shows VNI State as Up, Replication as Ingress, Control Plane as BGP, and a populated Peer List. If the VNI is Down, check NVE interface status or BGP EVPN configuration. An empty Peer List suggests BGP EVPN sessions are not established or routes are not being exchanged.
Configuration Scenarios
Basic VXLAN EVPN VNI Configuration
Configuring a leaf switch in a VXLAN EVPN fabric to support a tenant VNI 10000.
Topology
Leaf1 (10.1.1.1) --- Spine --- Leaf2 (10.1.1.2)Steps
- 1.Enable required features: 'feature nv overlay', 'feature vn-segment-vlan-based', 'feature bgp'.
- 2.Configure BGP EVPN address-family and peerings.
- 3.Create VLAN 100 and map to VNI 10000: 'vlan 100', 'vn-segment 10000'.
- 4.Enter NVE interface configuration: 'interface nve1'.
- 5.Configure source interface: 'source-interface loopback0'.
- 6.Add VNI member: 'member vni 10000 ingress-replication protocol bgp'.
! Enable features feature nv overlay feature vn-segment-vlan-based feature bgp ! VLAN to VNI mapping vlan 100 vn-segment 10000 ! NVE interface interface nve1 source-interface loopback0 member vni 10000 ingress-replication protocol bgp
Verify: Use 'show nve vni 10000' to verify VNI is up and using BGP control plane. Use 'show bgp l2vpn evpn summary' to check BGP EVPN sessions.
Watch out: Ensure the VNI ID matches between VLAN mapping and NVE member command. Also, the source-interface must be reachable from remote VTEPs.
Troubleshooting with This Command
When troubleshooting VXLAN EVPN with ingress replication and BGP, the 'member vni' command is a key configuration point. Start by verifying the NVE interface is up with 'show interface nve1'. Then check the VNI state with 'show nve vni [vni-id]'. If the VNI is down, ensure the VLAN-to-VNI mapping exists and the VLAN is active. If the VNI is up but no peers are listed, check BGP EVPN sessions with 'show bgp l2vpn evpn summary'. Ensure BGP is configured with the correct address-family l2vpn evpn and that neighbor relationships are established. Also verify that the remote VTEPs have the same VNI configured and that the underlay routing (e.g., OSPF or IS-IS) is working. If the VNI shows 'Replication: Ingress' but 'Control Plane: Static', it means the 'protocol bgp' keyword was omitted; reconfigure the member command. Use 'show running-config interface nve1' to confirm the configuration. For BUM traffic issues, check 'show nve vni [vni-id] detail' to see the peer list and ensure all expected remote VTEPs are present. If peers are missing, verify that the EVPN routes are being advertised and received using 'show bgp l2vpn evpn route-type 3' (IMET routes).
CCNA Exam Tips
Remember that 'ingress-replication protocol bgp' is required for BGP EVPN control plane; without it, the VNI uses multicast or static replication.
In CCNP Enterprise, know that NVE interface configuration is part of VXLAN EVPN fabric setup.
Be aware that the VNI ID must match the Layer 2 VNI defined in the EVPN configuration.
Common Mistakes
Forgetting to enable 'feature nv overlay' and 'feature vn-segment-vlan-based' before configuring NVE.
Using 'member vni' without specifying 'ingress-replication protocol bgp', defaulting to multicast replication.
Configuring the command under wrong mode (e.g., interface config instead of NVE config).
Platform Notes
On Cisco NX-OS (Nexus), the NVE interface is a virtual interface that must be explicitly created. The 'member vni' command is only available in NVE configuration mode. Unlike Cisco IOS XE, NX-OS requires separate feature enablement ('feature nv overlay', 'feature vn-segment-vlan-based'). The command syntax is consistent across Nexus 9000, 7000, and 3000 series switches running NX-OS. In earlier NX-OS versions, ingress replication without BGP was configured using 'member vni [id] ingress-replication' (static). The addition of 'protocol bgp' enables BGP EVPN control plane. On Cisco IOS XE, the equivalent command is 'member vni [id] ingress-replication' under the NVE interface, but BGP EVPN configuration differs. For multicast-based replication, use 'member vni [id] mcast-group [group-ip]' instead. Always check the NX-OS version for specific command support; BGP EVPN is supported from NX-OS 7.0(3)I1(1) onwards.
Practice for the CCNA 200-301
Test your knowledge with hundreds of CCNA practice questions covering all exam domains.
Practice CCNA Questions