I have a Juniper MX router at the edge of EVPN/VXLAN domain.
Let's suppose that MX performs routing only, no any kind of switching/bridging instances on it. I want to exchange EVPN VRF routes (type5 pure routes from MX, type2 MAC+IP routes from the switches) between MX and other switches in the domain.
VRF configuration on MX:
root@MX-1# show routing-instances VRF3000
routing-options {
static {
route 0.0.0.0/0 discard;
}
}
protocols {
evpn {
ip-prefix-routes {
advertise direct-nexthop;
encapsulation vxlan;
vni 3000;
}
}
}
instance-type vrf;
interface lo0.3000;
route-distinguisher 2.2.2.2:3000;
vrf-target target:65001:3000;
vrf-table-label;
The problem is that MX does not import Type2 MAC+IP routes from switches into VRF3000.inet.0 table (but the same routes are into VRF3000.evpn.0)
root@MX-1# run show route table VRF3000.evpn.0 detail
VRF3000.evpn.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
2:1.1.1.1:100::0::50:01:00:05:00:00::192.168.0.2/304 MAC/IP (1 entry, 0 announced)
*BGP Preference: 170/-101
Route Distinguisher: 1.1.1.1:100
Next hop type: Indirect, Next hop index: 0
Address: 0xc12ae24
Next-hop reference count: 2
Source: 1.1.1.1
Protocol next hop: 1.1.1.1
Indirect next hop: 0x2 no-forward INH Session ID: 0x0
State: <Secondary Active Int Ext>
Local AS: 65001 Peer AS: 65001
Age: 39:01 Metric2: 2
Validation State: unverified
Task: BGP_65001.1.1.1.1
AS path: I
Communities: target:65001:100 target:65001:3000 encapsulation:vxlan(0x8) router-mac:50:01:00:04:00:07
Import Accepted
Route Label: 100
Route Label: 3000
ESI: 00:00:00:00:00:00:00:00:00:00
Localpref: 100
Router ID: 1.1.1.1
Primary Routing Table: bgp.evpn.0
root@MX-1> show route table VRF3000.inet.0 exact 192.168.0.2/32
root@MX-1>
As you can see, the route has the right route target for this VRF, but not imported as /32 into VRF3000.inet.0.
If I redistribute type2 route into type5 route on the far-end switch, MX will accept that type5 route into VRF3000.inet.0 and all will work fine. That's not a perfect solution, because I need to double all my /32 routes inside EVPN domain (1st time as type2 and 2nd time as type5). Maybe someone knows the way how to import type2 routes into VRF3000.inet.0?
Routing tables after redistribution type2 into type5 on the far-end switch:
root@MX-1> show route table VRF3000.inet.0 exact 192.168.0.2/32
VRF3000.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.0.2/32 *[EVPN/170] 00:00:08
> to 10.1.0.2 via ge-0/0/0.0
root@MX-1> show route table VRF3000.evpn.0 detail
5:1.1.1.1:3000::0::192.168.0.2::32/248 (1 entry, 1 announced)
*BGP Preference: 170/-101
Route Distinguisher: 1.1.1.1:3000
Next hop type: Indirect, Next hop index: 0
Address: 0xc12ae24
Next-hop reference count: 4
Source: 1.1.1.1
Protocol next hop: 1.1.1.1
Indirect next hop: 0x2 no-forward INH Session ID: 0x0
State: <Secondary Active Int Ext>
Local AS: 65001 Peer AS: 65001
Age: 1:20 Metric: 0 Metric2: 2
Validation State: unverified
Task: BGP_65001.1.1.1.1
Announcement bits (1): 0-VRF3000-EVPN-L3-context
AS path: ?
Communities: target:65001:1000 target:65001:3000 encapsulation:vxlan(0x8) router-mac:50:01:00:04:00:07
Import Accepted
Route Label: 3000
Overlay gateway address: 0.0.0.0
ESI 00:00:00:00:00:00:00:00:00:00
Localpref: 100
Router ID: 1.1.1.1
Primary Routing Table: bgp.evpn.0