Versions Compared

Version Old Version 26 New Version 27
Changes made by

Tracy Yang

Tracy Yang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Additional configuration is necessary to enable ARP/ND suppression, provision inter-subnet routing, and so on. The configuration depends on the deployment scenario. You can also configure various other BGP parameters depending on your network requirements.

Enable EVPN Between BGP Peers

The very basic steps needed to enable BGP EVPN between a BGP neighbor is as under.

...

The configuration below adds the evpn address family to the BGP neighbor address-family so that BGP peers activate exchanging EVPN routes with each other. After this configuration, the BGP still does not know about the local VNI's. 

Advertise All VNIs Through BGP

To allow BGP know about all VNIs or hosts associated with those local VNIs, enable the BGP control plane for all VNIs using the configuration shown below.

...

Note
titleNote

Only leaf switches that are VTEPs need this configuration. EVPN routes are still accepted from BGP peers as they reside in the global EVPN routing table, but are only made effective when the VNI corresponding to the received route is locally known.

Sample Configuration Topology with EVPN Symmetric Routing

Figure 1 shows our sample topology for EVPN symmetric routing. We have two routers with two servers connected to each router. 

...

Code Block
admin@router2# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching native-vlan-id 100
admin@router2# set interface gigabit-ethernet ge-1/1/2 disable true
admin@router2# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching native-vlan-id 2221
admin@router2# set interface gigabit-ethernet ge-1/1/10 family ethernet-switching native-vlan-id 1111
admin@router2# set interface gigabit-ethernet ge-1/1/10 family ethernet-switching port-mode "trunk"
admin@router2# set interface gigabit-ethernet ge-1/1/10 family ethernet-switching vlan members 2221
admin@router2# set interface gigabit-ethernet ge-1/1/10 family ethernet-switching vlan members 2222
admin@router2# set interface gigabit-ethernet ge-1/1/11 family ethernet-switching native-vlan-id 2222
admin@router2# set interface gigabit-ethernet ge-1/1/11 family ethernet-switching port-mode "trunk"
admin@router2# set interface gigabit-ethernet ge-1/1/11 family ethernet-switching vlan members 3333
admin@router2# set l3-interface loopback address 134.134.134.134 prefix-length 32
admin@router2# set l3-interface vlan-interface vlan2221 vrf "vrf1"
admin@router2# set l3-interface vlan-interface vlan2221 mtu 1450
admin@router2# set l3-interface vlan-interface vlan2221 address 21.1.1.134 prefix-length 24
admin@router2# set l3-interface vlan-interface vlan100 mtu 1450
admin@router2# set l3-interface vlan-interface vlan100 address 100.1.1.134 prefix-length 24
admin@router2# set l3-interface vlan-interface vlan100 address 100::134 prefix-length 64
admin@router2# set l3-interface vlan-interface vlan3333 vrf "vrf1"
admin@router2# set l3-interface vlan-interface vlan3333 mtu 1450
admin@router2# set l3-interface vlan-interface vlan3333 address 33.1.1.134 prefix-length 24
admin@router2# set l3-interface vlan-interface vlan1111 vrf "vrf1"
admin@router2# set l3-interface vlan-interface vlan1111 mtu 1450
admin@router2# set ip routing enable true
admin@router2# set ip vrf vrf1
admin@router2# set ip vrf vrf2
admin@router2# set evpn vrf vrf1 vni 9999
admin@router2# set protocols bgp local-as 134
admin@router2# set protocols bgp router-id 134.134.134.134
admin@router2# set protocols bgp peer-group fabric remote-as "external"
admin@router2# set protocols bgp neighbor 100.1.1.201 peer-group "fabric"
admin@router2# set protocols bgp ipv4-unicast network 134.134.134.134/32
admin@router2# set protocols bgp evpn advertise-all-vni
admin@router2# set protocols bgp evpn peer-group fabric activate
admin@router2# set protocols bgp vrf vrf1 local-as 134
admin@router2# set protocols bgp vrf vrf1 router-id 134.134.134.134
admin@router2# set protocols bgp vrf vrf1 ipv4-unicast network 33.1.1.0/24
admin@router2# set protocols bgp vrf vrf1 evpn advertise ipv4-unicast
admin@router2# set vlans vlan-id 100 l3-interface "vlan100"
admin@router2# set vlans vlan-id 1111 l3-interface "vlan1111"
admin@router2# set vlans vlan-id 2221 l3-interface "vlan2221"
admin@router2# set vlans vlan-id 2222 l3-interface "vlan2222"
admin@router2# set vlans vlan-id 3333 l3-interface "vlan3333"
admin@router2# set vxlans source-interface lo address 134.134.134.134
admin@router2# set vxlans vni-map-vlan true
admin@router2# set vxlans vni 9999 vlan 1111
admin@router2# set vxlans vni 22221 vlan 2221
admin@router2# set vxlans vni 22222 vlan 2222
admin@router2# set vxlans vni 33333 vlan 3333

ARP and Neighbor Discovery (ND) Suppression

By default, the ARP and Neighbor Discovery (ND) suppression is not enabled in PICOS. To enable ARP and ND suppression to control flooding caused by these two protocols, run the command set vxlans vni 22222 arp-nd-suppress disable false.

EVPN MAC Learning Process

Traditionally, MAC address learning in VXLANs is achieved through flooding. In EVPN where BGP is used as the control plane for VXLANs, the problem of flooding can be eliminated through sending EVPN Type-2 advertisement between VTEPs assuming the ARP and ND suppression is enabled. In Figure 2, when Host 1 is first plugged into R1, Host 1 will start sending ARP and other basic networking traffic like DHCP. When R1 receives a packet from Host 1 for the first time, it will record its MAC address in its local MAC address table. Also, R1 will advertise an EVPN Type-2 route to R2. The route includes the local EVPN instance of R1, the VTEP IP address, the Host 1 MAC address and the L2VNI.

...

                                               Figure 2.  MAC Learning and Packet Forwarding

Packet Forwarding Process

In the case of packet forwarding within the same subnet as depicted in Figure 2, both Host1 and Host2 belong to the same VNI. Host1 wants to send a packet to Host2.

  1. If Host1 doesn't have the MAC address of Host1, the MAC address can be learned through the MAC learning process described in the section above. Assuming that Host1 does have the MAC address of Host2, Host 1 sends the packet to R1 destined for Host2.
  2. R1 receives the packet and determines the VNI of Host1 based on the ingress interface configuration. R1 learned the Host2 MAC address and the outgoing interface is the VTEP 2.2.2.2 on R2.
  3. R1 then encapsulates the original packet from Host1 with the VXLAN header and sends it out.
  4. When the packet is received on R2, the outer VXLAN header is stripped off. R2 then searches its local MAC table and finds out the out going interface and delivers the original packet to Host2.


Verifying Configuration

To check the BGP state and neighbor status on Router 2, we will run the run show bgp neighbor command.

...