Routing

EVPN ARP synchronization issue

  • 1.  EVPN ARP synchronization issue

    Posted 11-27-2020 06:20
      |   view attached

    Hello all,

    I have a LAB environment with EVPN setup with MPLS as a transport mechanism. My problem is non optimal inbound traffic. Details in the attachment. Below I put config from PE1 and PE2. 

    PE1:

    VRF and EVPN instance configuration

    instance-type vrf;
    interface irb.303;
    route-distinguisher 195.177.216.37:9873;
    vrf-target target:9873:9873;
    vrf-table-label;
    routing-options {
        interface-routes {
            rib-group inet DC-303;
        }
        static {
            route 0.0.0.0/0 next-table inet.0;
        }
    }
    instance-type evpn;
    vlan-id none;
    interface ae4.303;
    routing-interface irb.303;
    route-distinguisher 195.177.216.37:303;
    vrf-target target:303:303;
    protocols {
        evpn {
            interface-mac-limit {
                2000;
                packet-action drop;
            }
            interface ae4.303;
            encapsulation mpls;
            default-gateway no-gateway-community;
        }
    }

    PE2:

    VRF and EVPN instance configuration

    instance-type vrf;
    interface irb.303;
    route-distinguisher 185.11.128.57:9873;
    vrf-target target:9873:9873;
    vrf-table-label;
    routing-options {
        interface-routes {
            rib-group inet DC-303;
        }
        static {
            route 0.0.0.0/0 next-table inet.0;
        }
    }
    instance-type evpn;
    vlan-id none;
    interface ae4.303;
    routing-interface irb.303;
    route-distinguisher 185.11.128.57:303;
    vrf-target target:303:303;
    protocols {
        evpn {
            interface-mac-limit {
                2000;
                packet-action drop;
            }
            interface ae4.303;
            encapsulation mpls;
            default-gateway no-gateway-community;
        }
    }


    IRB configuration on PE1 router and PE2 router

    virtual-gateway-accept-data;
    family inet {
        address 185.11.128.34/29 {
            preferred;
            virtual-gateway-address 185.11.128.33;
        }
    }
    virtual-gateway-v4-mac 00:1f:12:ec:92:89;

    Diagnostic commands:

    PE1:
    ds1704@TOR-DC-R1> show evpn arp-table instance DC-303-SWR
    INET                MAC                Logical       Routing      Bridging
    address             address            interface     instance     domain
    185.11.128.36       80:ac:ac:f5:8b:01  irb.303       DC-303-SWR   __DC-303-SWR__
    ds1704@TOR-DC-R1> show route 185.11.128.36 table DC-303-RT.inet.0
    
    DC-303-RT.inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both
    
    185.11.128.36/32   *[EVPN/7] 00:57:07
                        > via irb.303
    

    PE2:

    ds1704@TOR-DC-R2> show evpn arp-table instance DC-303-SWR
    
    [empty]
    ds1704@TOR-DC-R2> show route 185.11.128.36 table DC-303-RT.inet.0
    
    DC-303-RT.inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both
    
    185.11.128.36/32   *[EVPN/7] 00:57:42
                        > to 91.204.160.84 via ae1.501, label-switched-path to_PE1
                          to 91.236.55.242 via ae2.506, label-switched-path Bypass->91.204.160.84

    I wonder if this is how it is supposed to work or maybe it is possible to change this behavior?  Everything else works fine.