HOLY SMOKES!!! It's working!!
PROXY-ARP, PROXY-ARP, PROXY-ARP!!!! ping 10.150.10.150 routing-instance S4-10 source 10.150.10.4
PING 10.150.10.150 (10.150.10.150): 56 data bytes
64 bytes from 10.150.10.150: icmp_seq=0 ttl=64 time=209.060 ms
64 bytes from 10.150.10.150: icmp_seq=1 ttl=64 time=209.872 ms
64 bytes from 10.150.10.150: icmp_seq=2 ttl=64 time=218.420 ms
64 bytes from 10.150.10.150: icmp_seq=3 ttl=64 time=210.427 ms
^C
--- 10.150.10.150 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 209.060/211.945/218.420/3.770 ms
Now I got to figure out what configuration is unnecessary as I've configured so many different things in an attempt to make this work!!
YASMIN'S THE BEST!!! :)
Original Message:
Sent: 02-01-2021 10:55
From: Yasmin Lara
Subject: VRF.inet.0 route into bgp.evpn.0 - CBR Design
From your configuration this is what it seems you are doing, which honestly seems a little strange because the server is in the same subnet but is advertised by a router via BGP?
In this scenario, wouldn't the hosts assume that 10.150.10.150 is directly connected and ARP for the MAC address of 10.150.10.150? Do the hosts have an ARP entry to reach 10.150.10.150? Or do the hosts have a route to 10.150.10.150 pointing to 10.150.10.254?
proxy arp on the spine might help here.
Also, try this: set routing-options forwarding-table chained-composite-next-hop ingress evpn (just a wild guess). This command seems to does some magic with pure type 5 routes - it broke a few things in my setup the other day, because suddenly I had a bunch of /32 routes that I was not expecting and longest match took over ;-)
Regards,
------------------------------
Yasmin Lara
Juniper Ambassador
JNCIE-SP, JNCIE-ENT, JNCIE-DC, JNCIE-SEC
JNCDS-DC, JNCIA-DevOps, JNCIP-CLOUD, CCNP-ENT
Original Message:
Sent: 01-30-2021 16:22
From: Unknown User
Subject: VRF.inet.0 route into bgp.evpn.0 - CBR Design
I have been banging on this all week and have made some progress although I'm unsure if its correct or not. I've managed to be able to get the learned .150 address from within the VRF instances placed into EVPN as a type 5 route and learned on the leaf. I however can not ping the .150 from a host that's on the same subnet but in the EVPN-VXLAN instance. Each host whether in VRF or EVPN-VXLAN can ping the gateway on the irb interface.
Original Message:
Sent: 01-27-2021 23:53
From: Unknown User
Subject: VRF.inet.0 route into bgp.evpn.0 - CBR Design
Yasmin...this is great stuff, thank you!! I've tried to update the scenario drawing as best as I could using your drawing. The .150 host IP resides in the vrf (instance-type vrf) all while all others reside in the evpn-vxlan instance(instance-type Virt Sw.). I'm needing to make the .150 host accessible from the evpn-vxlan hosts. I have tried playing around rib-groups, import/export policies and had no luck. I've started playing around w/ some of the evpn ip-prefix-routes statement and have been able to create and populate the vrf.evpn.0 table and populate with the Type 5 .150 route, as well as see the evpn-vxlan hosts show up as Type 5s. In the vrf.inet.0 table I see the evpn-vxlan hosts(.2 and .4) as [EVPN/7] routes. I however can not seem to get the evpn-vxlan.evpn.0 table populated with the .150 host. I feel I may be making progress . Is there anything you have to do to get the Type 5s to appear as Type 2s or even just appear in the evpn-vlan virtual-switch instance?
Original Message:
Sent: 01-27-2021 15:42
From: Yasmin Lara
Subject: VRF.inet.0 route into bgp.evpn.0 - CBR Design
Well, at a high level we have something like this:
Where the remote hosts network is learned as l3vpn routes. I have not tested this, but I am wondering if some of the commands I am using under protocols evpn in the routing instance might help.
Regards,
------------------------------
Yasmin Lara
Juniper Ambassador
JNCIE-SP, JNCIE-ENT, JNCIE-DC, JNCIE-SEC
JNCDS-DC, JNCIA-DevOps, JNCIP-CLOUD, CCNP-ENT
Original Message:
Sent: 01-26-2021 22:30
From: Unknown User
Subject: VRF.inet.0 route into bgp.evpn.0 - CBR Design
Yasmin...thanks for the reply....I do have vrf-table-label configured for the vrf routing-instance. I'm questioning if this is even possible to do as I've tried numerous different ways but to no avail.
Original Message:
Sent: 01-25-2021 23:16
From: Yasmin Lara
Subject: VRF.inet.0 route into bgp.evpn.0 - CBR Design
Do you have vrf-table-label configured?
Regards,
------------------------------
Yasmin Lara
Juniper Ambassador
JNCIE-SP, JNCIE-ENT, JNCIE-DC, JNCIE-SEC
JNCDS-DC, JNCIA-DevOps, JNCIP-CLOUD, CCNP-ENT
Original Message:
Sent: 01-25-2021 15:18
From: Unknown User
Subject: VRF.inet.0 route into bgp.evpn.0 - CBR Design
I have a scenario where I need to get a /32 host route that exist in a instance-type VRF (vrf.inet.0) but this same vrf serves as the L3GW vrf for the evpn-vxlan instance(instance-type virtual-switch...(this is a vlan-aware instance)). I have all of the vxlan connectivity working inside the evpn-vxlan and the connectivity within the VRF is working, but I can not get this /32 host in the VRF to be accessible to the host inside the evpn-vxlan virtual-switch instance. The irb interface (when sourced) can ping host in each instance but not /32 host(vrf.inet.0) to host in evpn-vxlan instance(bgp.evpn.0). Is there a "knob" i'm missing? I've tried playing around w/ route-targets as well, but to no avail. Any insight/thoughts/help would be greatly appreciated!!