Data Center

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



Expand all | Collapse all

vrf-targt questions

  • 1.  vrf-targt questions

    Posted 04-11-2021 17:59
    I did evpn/vxlan lab in Juniper ADCX course

    The lab first asked to configure EVPN/vXLAN in a non vrf environment with the vrf-tagret in the switch-options stanza.

    Then a vrf is added and vrf-target is also configured in VRF.

    I configured different vrf-targets in both stanza on purpose to see which vrf-target is used. On the peers, I noticed vrf community received is from global vrf-target.

    Anyone can help me to understand which vrf-target should be used.

    As the training shows vrf-import and vrf-export in VRF stanza.

    thanks a lot !!!



  • 2.  RE: vrf-targt questions

    Posted 04-12-2021 10:46
    R-I type of VRF is for layer 3
    R-I type of Virtual-Switch is for layer 2 (ie...EVPN Vlan-Aware, EVPN-VxLAN, plain VLAN, etc...)

    If your working on a QFX, you can only have a single V-S where as on a MX you have have multiple.  The route-target(or import/export targets) are used to bring the appropriate routes or MACs into the appropriate instance.  So for EVPN-VxLAN you would have route targets which are for the layer 2 information and then for your VRF you have route targets for the layer 3 routes.  

    Now you may be wondering what the need for the VRF R-I....this would allow for you to have have multiple customers(instances) who routes (could be the same, ie...RFC1918s) will be in separate tables for isolation.  Also you may have some designs where certain L2 /L3 domains need to be service-chained (ie...firewalled) so you could use the R-I type of VRF to direct traffic to that service-chain.


  • 3.  RE: vrf-targt questions

    Posted 04-13-2021 09:55
    thanks a lot !

    My question is when I have vrf-target configured in switch-options stanza and vrf stanza, which one is supposed to be  exported ?

    in the following configuration, which vrf-target is exported ?
    set switch-options vtep-source-interface lo0.0
    set switch-options route-distinguisher 192.168.100.11:1
    set switch-options vrf-target target:65000:200
    
    set routing-instances Cust1 instance-type vrf
    set routing-instances Cust1 interface irb.10
    set routing-instances Cust1 interface irb.20
    set routing-instances Cust1 interface lo0.1
    set routing-instances Cust1 route-distinguisher 192.168.100.101:1
    set routing-instances Cust1 vrf-target target:65001:100
    ​
    when I  show route received-routes bgp x.x.x.x,  I saw the vrf-target from switch-options is exported from the its peer.

    Do that mean the vrf-target in vrf stanza can be anything ?



  • 4.  RE: vrf-targt questions

    Posted 04-13-2021 10:09
    They both get exported but for different types of routes.  The switch-options vrf-target is for the EVPN routes(so think MAC addresses as well as the other evpn route types), and the R-I VRF route-target is for the L3VPN routes.  If you do a show route advertising-protocol bgp X.X.X.X you will see the 2 different tables have routes being advertised from them.


  • 5.  RE: vrf-targt questions

    Posted 04-13-2021 11:10
    thanks a lot !!

    I will check it.
    When I show route received-routes bgp x.x.x.x on the peer, I only see the vrf-target configured from switch-options stanza.  I might miss the vrf-target from vrf stanza.