Switching

Expand all | Collapse all

Unable to communicate between VXLAN ports on same LEAF device

Jump to Best Answer
  • 1.  Unable to communicate between VXLAN ports on same LEAF device

    Posted 07-17-2019 01:39

    Hello,

     

    I am running a spine-leaf architecture within a residential estate to carry FTTH traffic between the internet service providers and their end-users. I am using the QFX5100-48S device for both the spine and leaf and running Junos version 17.3R3-S4. I have deployed EVPN-VXLAN as the overlay to deliver the services between the different end-points. I have successfully deployed services (single tag and double tag) between different leaf devices at different locations but the issue I am experiencing is as follows:

     

    I have an ISP whose NNI (ingress) and the FTTH OLT NNI (egress) terminate on the same leaf device. Both the ports have been configured as q-in-q with the packet flow ISP (any c-vlan) ->  Leaf-1 ge-0/0/3 (encapsulate c-vlan in s-vlan) -> Leaf-1 xe-0/0/0 (maintain s-vlan and c-vlan) -> FTTH OLT -> End-User. Both the ports are configured within the same VLAN and VNI.

     

    I am learning the mac addresses of the connected devices on each port but they are unable to send traffic between. The config being used is below.

     

    set interfaces xe-0/0/0 flexible-vlan-tagging
    set interfaces xe-0/0/0 encapsulation extended-vlan-bridge
    set interfaces xe-0/0/0 unit 3333 vlan-id 3333
    set interfaces xe-0/0/0 unit 3333 input-vlan-map pop
    set interfaces xe-0/0/0 unit 3333 output-vlan-map push

     

    set interfaces ge-0/0/3 flexible-vlan-tagging
    set interfaces ge-0/0/3 encapsulation extended-vlan-bridge
    set interfaces ge-0/0/3 unit 3333 vlan-id-list 1-4094


    set vlans S-VL3333 interface ge-0/0/3.3333
    set vlans S-VL3333 interface xe-0/0/0.3333
    set vlans S-VL3333 vxlan vni 53333
    set vlans S-VL3333 vxlan encapsulate-inner-vlan
    set vlans S-VL3333 vxlan ingress-node-replication

     

    set policy-options community COMM-S-VL3333 members target:64647:3333
    set policy-options policy-statement VRF-IMPORT-VXLAN term t1 from community COMM-S-VL3333
    set policy-options policy-statement VRF-IMPORT-VXLAN term t1 then accept
    set policy-options policy-statement VRF-IMPORT-VXLAN term t10000 then reject

    set protocols evpn extended-vni-list 53333 multicast-mode ingress-replication vni-options vni 53333 vrf-target export target:64647:3333

     

    Any assistance or advice would greatly appreciated. Thanks.



  • 2.  RE: Unable to communicate between VXLAN ports on same LEAF device

     
    Posted 07-17-2019 01:48

    Hi fibreweb-tech,

     

    Please try to add this config and test again:

    set protocols l2-learning decapsulate-accept-inner-vlan
     

    Hope this helps.

    Regards,
    -r.

    --------------------------------------------------

    If this solves your problem, please mark this post as "Accepted Solution."
    Kudos are always appreciated :).

     


  • 3.  RE: Unable to communicate between VXLAN ports on same LEAF device

    Posted 07-17-2019 06:38

    hi mriyaz,

     

    sorry I forget to mention that I already have this statement under the global l2-learning config. it made no difference.

     

    if i remove the interfaces from the vni / vxlan and run it as normal native ethernet ports, it works without any issues. so it looks like an issue with the vxlan config but i cant seem to isolate it.



  • 4.  RE: Unable to communicate between VXLAN ports on same LEAF device

     
    Posted 07-17-2019 01:58

    You may try to put the native-vlan as the outer vlan on the interfaces configuration.



  • 5.  RE: Unable to communicate between VXLAN ports on same LEAF device
    Best Answer

    Posted 07-17-2019 07:13

    Hi,

     

    Do you have a mix of VLANS with and without "encapsulate-inner-vlan" knob in the device? I remember about some inconsistency in such scenario. Can you please try deactivating and reactivating the "enacapsulate-inner-vlan" knob in both the vxlan 3300 and also globally in the l2-learning?

     

    Thanks,
    Gautham



  • 6.  RE: Unable to communicate between VXLAN ports on same LEAF device

     
    Posted 07-17-2019 10:15

    Hi @fibreweb-tech.  You wrote:

     

    I am using the QFX5100-48S device for both the spine and leaf and running Junos version 17.3R3-S4. I have deployed EVPN-VXLAN as the overlay to deliver the services between the different end-points.

     

    The QFX5100-48S only supports L2 VXLAN, and is actually not certified for combo spine/leaf operation, even if it might work.  I am not sure how you expect different VXLAN VNI's to talk to each other, as QFX5100 can not route VXLAN.

     

    QFX5110 and other products can, but not QFX5100.  See:

     

    https://www.juniper.net/documentation/en_US/junos/topics/concept/vxlan-constraints-qfx-series.html

     

    "(QFX5100, QFX5200, QFX5210, EX4300-48MP, and EX4600 switches) Routing traffic between different VXLANs is not supported."

     

    HTH, Rich

     



  • 7.  RE: Unable to communicate between VXLAN ports on same LEAF device

    Posted 07-22-2019 02:15

    hi gautham,

     

    thanks. yes i do have and i tried this and it seems to have rectified the issue.

     

    appreciate the help.