OTV (Overlay Transport Virtualization): 

• It is used for extending Layer 2 applications over distributed data centers, therefore it is a DCI i.e. Data Center Interconnect 

• This DCI can be deployed between sites without changing the existing design & configuration 

• With OTV, we can deploy virtual computing resources and clusters across geographically distributed data centers, delivering: Business resiliency, Transparent workload mobility & superior computing resource efficiencies 

• We will be able to extend the VLANs of datacenters over any transport such as Point to Point, MPLS, Internet, GRE etc. 

• OTV is configured on the edge devices and then tunnel is formed so that Layer2 networks can be extended 

• We can call it Layer2VPN over IPv4/IPv6 

• Minimum requirement is that L3 connectivity should exist between DCs 

• There are other DCIs as well apart from OTV like Dark Fiber, L2TPv3, Atom, VPLS but they have dependencies on one or another thing. OTV just needs IP connectivity between edge devices 

  • Dark Fiber (CWDM, DWDM) dedicated circuits, i.e. point to point 

  • L2TPv3 (Layer 2 Tunneling Protocol version 3) – It is not MPLS dependent, It can work on Internet as well. It just required IP connectivity 

  • Atom (Any Transport over MPLS) – It is MPLS specific DCI. It is Point to Point MPLS L2 VPN 

  • VPLS – It is point to Multipoint MPLS L2 VPN 

• If we have VLAN 90 in DC1 and VLAN 90 in DC2 separated by Layer3, and then if we apply OTV between DC1-DC2, after that Server of DC1 in VLAN90 will communicate with Server of DC2 in VLAN90 as if they are in same Vlan90 i.e. broadcast domain, courtesy OTV 

• It makes Datacenters appear on Single VLAN or Domain or as if there is only one DC 

• This very much helps virtually moving VMs from one to another DC in ESX environment 

  • VMotion technique is used for logically moving VMs from one to another Box. OTV is used for connecting VLANs 

• OTV does not allow flooding of Spanning tree to reduce the load in the network 

• OTV tunnel does not allow ARP Req/Reply or ICMPv6 Neighbor Discovery messages 

• It limits the failure of broadcast domain 

• Edge device is the device running OTV. Nexus switch and ASR1000 routers support OTV 

• AED (Authoritative Edge device) – It is an active forwarder for VLAN(s). Active forwarder when we have multiple Edge devices. It uses the concept of Odd/Even for load balancing of VLAN traffic. It helps in loop prevention 

• Extend VLAN – the VLAN being extended over OTV tunnel. VLAN 90 in this case 

• Site VLAN – It is the local VLAN used for syncing the control plane information of AEDs. It is an internal VLAN used for electing AED 

• Site Identifier – It is a unique ID per DC. This ID will be same on multiple AEDs of a single DC. It helps in loop prevention 

• Overlay Interface – It is a logical link or OTV tunnel Interface 

• OTV Join Interface – It is an actual physical link or L3 port channel used for routing upstream towards DCI. This cannot be SVI 

  • Jumbo frames has to be configured on these Join Interfaces, because fragmentation is not supported 

• OTV Control group – Multicast IP which is used for discovering other OTV sites in the control plane 

• OTV Data group – It is used for tunneling multicast traffic over OTV in data plane 

• OTV uses IS-IS routing protocol for forming a tree and neighborship 

• OTV automatically enables IS-IS once we configure OTV 

• IS-IS will be used for advertising Mac addresses in OTV unlike in FabricPath. Edge devices have control on what mac addresses will be forwarded over OTV tunnel 

• Note that SVI interfaces should not be created on VDC where OTV is configured. So, features like HSRP, VRRP & GLBP will not work on the VDC reserved for OTV 

• OTV requires separate license for functioning else we need to use grace period 

OTV Configuration: 

• Enable OTV on 7K switches: 

  #conf t 

  #feature otv 

• Form Trunk between 7K and 5K 

  #conf t 

  #int e3/4 

  #no shut 

  #switchport mode trunk 

  #end 

   

• Create VLAN 11 and 99. 99 is for site vlan 

  #conf t 

  #vlan 11 

  #name overlayvlan 

  #vlan 99 

  #name sitevlan 

• These VLANs are allowed on trunk by default 

• Configure OTV on 7K switches 

  #conf t 

  #otv site-vlan 99 

  #otv site-identifier 111.111.111 on 7K-1 

  Site identifier mismatch between edge devices within the same site will prevent OTV local adjacencies from coming up 

  #end 

   

  #conf t 

  #otv site-vlan 99 

  #otv site-identifier 222.222.222 on 7K-2 

  #end 

   

• Configure Virtual overlay link on 7K switches 

  #conf t 

  #interface e3/1 

  #ip igmp version 3 OTV needs join interfaces to be configured for IGMP version 3 for multicast overlays 

  #mtu 9216 Enabling jump frame as it does not do fragmentation 

  #end 

   

  #conf t 

  #interface overlay 1 

  #otv join-interface eth3/1 

  OTV needs join interfaces to be configured for IGMP version 3 for multicast overlays 

  #otv control-group 224.1.1.1 

  #otv data-group 232.1.1.0/24 This range belongs to SSM (Source Specific Multicast) 

  #otv extend-vlan 11 There can be more VLANs 

  #no shut To enable the interface 

  #end 

   

  #show run otv To see OTV configuration 

  #show otv To see OTV status 

  #show otv isis adjacency To see the other device 

  #show otv isis database  

  #show mac address-table vlan 11 

• Configure vlan 11 SVI on 5K switches, SVI cannot be configured on Edge devices (7K Switches) 

  #conf t 

  #interface vlan 11 

  #ip address 100.1.1.1/24 on 5K-1 

  #no shut 

  #end 

   

  #interface vlan 11 

  #ip address 100.1.1.2/24 on 5K-2 

  #no shut 

  #end 

• We should be able to ping from 100.1.1.1 to 100.1.1.2 and vice versa 

  5K-1#show ip arp we will see mac address of 100.1.1.2 

  5K-1#show mac address-table address <MAC> To see VLAN 11 and port  

   

  7K-1#show mac address-table address <MAC> To see VLAN 11 and port as overlay