Seeing as you're using the vrf-target auto feature under switch options, then you don't need to explicitly define the VNI target under protocols EVPN. However, by explicitly defining the VNI community you are simply overwriting the automatically derived community.
With regards to the import policy, the autoderived policy is automatically updated as you noted above. Meaning any VPN routes for that VNI that are received with the manual target are accepted. The autodervied export policy is not automatically updated. Although the default behaviour is to advertise the route anyway.
When using manual targets, you must ensure your remote devices are updated with an import policy to match your manual assignments. Otherwise they will not be imported into the switch instance. You'll see them in the BGP RIB-IN but they wont be imported to the EVPN database.
------------------------------
DANIEL HEARTY
Principal Engineer
------------------------------
Original Message:
Sent: 07-16-2021 23:34
From: Unknown User
Subject: Question about protocols evpn stanza options
If I have the following configuration
root@vQFX-3# show protocols evpn | display set set protocols evpn vni-options vni 102 vrf-target target:102:102set protocols evpn encapsulation vxlanset protocols evpn multicast-mode ingress-replicationset protocols evpn extended-vni-list 100set protocols evpn extended-vni-list 101set protocols evpn extended-vni-list 102{master:0}[edit]root@vQFX-3# show switch-options | display set set switch-options vtep-source-interface lo0.0set switch-options route-distinguisher 192.168.1.3:3set switch-options vrf-target target:1:1set switch-options vrf-target auto{master:0}[edit]
As I do not have export/import option under protocols evpn stanza, set protocols evpn vni-options vni 102 vrf-target target:102:102 will import and export, right ?
The following seems YES
root@vQFX-3# run show policy __vrf-import-autoderive-default-switch-internal__ Policy __vrf-import-autoderive-default-switch-internal__: Term 100: from community __vrf-community-default-switch-100-internal__ [target:65500:268435556 ] then accept Term 101: from community __vrf-community-default-switch-101-internal__ [target:65500:268435557 ] then accept Term bd-override-102: from community __vrf-community-bd-override-102-export-internal__ [target:102:102 ] then accept Term unnamed: from community __vrf-community-default-switch-common-internal__ [target:1:1 ] then accept Term unnamed: then reject
Appreciate any coaching !!
Original Message:
Sent: 07-16-2021 17:32
From: Unknown User
Subject: Question about protocols evpn stanza options
I came across the following from Juniper Docs.
vni-options vni vxlan-network-identifier { designated-forwarder-election-hold-time seconds; vrf-target { community; auto; import community-name; export community-name; }}
But I could not see auto and import/export options from my devices (QFX5100, QFX5200 and QFX10008 and vQFX.
Where can I see these options ?
the following line allows both import and export, right ?
set protocols evpn vni-options vni 100 vrf-target target:100:100
thanks !!