Junos OS

Expand all | Collapse all

EVPN IRB interface

  • 1.  EVPN IRB interface

    Posted 11-03-2020 16:27

    hello,

    i'm in trouble getting irb interface work inside EVPN, mi architecture is simple because there are 2 MX routers and at the end of the vpn there are switches in bot locations.

    the problem if i can ping from irb interface from one router i cannot ping the other.... maybe i miss something but i remeber that this conf works:

     

    R!
    
    EVPN {
        instance-type virtual-switch;
        route-distinguisher 1111:200;
        vrf-target target:1111:200;
        protocols {
            evpn {
                extended-vlan-list 200;
            }
        }
        bridge-domains {
            BD200 {
                vlan-id 200;
                interface ge-0/0/2.200;
                routing-interface irb.200;
            }
        }
    }
    
    ge-0/0/2 {
        flexible-vlan-tagging;
        native-vlan-id 200;
        encapsulation flexible-ethernet-services;
        unit 200 {
            encapsulation vlan-bridge;
            vlan-id 200;
        }
    }
    
    irb {
        unit 200 {
            family inet {
                address 10.10.0.170/24;
            }
            mac 00:00:0a:01:01:64;
        }                                   
    }
    
    R2
    
    EVPN {
        instance-type virtual-switch;
        route-distinguisher 1111:200;
        vrf-target target:1111:200;
        protocols {
            evpn {
                extended-vlan-list 200;
            }
        }
        bridge-domains {
            BD200 {
                vlan-id 200;
                interface ge-0/0/2.200;
                routing-interface irb.200;
            }
        }
    }
    
    ge-0/0/2 {
        flexible-vlan-tagging;
        native-vlan-id 200;
        encapsulation flexible-ethernet-services;
        unit 200 {
            encapsulation vlan-bridge;
            vlan-id 200;
        }
    }
    
    irb {
        unit 200 {
            family inet {
                address 10.10.0.171/24;
            }
            mac 00:00:0a:02:02:c8;
        }                                   
    }
    

     

    all devices at the ends work perfect but i cannot reach all the IRB interface inside the 2 router, if i ping from 1 end to the direct attach devices ping ok from IRB but not trough VPN.

     

    Instance: EVPN
      Route Distinguisher: 1111:200
      Per-instance MAC route label: 299904
      Per-instance multicast route label: 299920
      MAC database status                Local  Remote
        Total MAC addresses:                 2       4
        Default gateway MAC addresses:       1       1
      Number of local interfaces: 1 (1 up)
        Interface name  ESI                            Mode             SH label
        ge-0/0/0.200    00:00:00:00:00:00:00:00:00:00  single-homed   
      Number of IRB interfaces: 1 (1 up)
        Interface name  L3 context
        irb.200         Not assigned                     
      Number of neighbors: 1
        193.193.193.193
          Received routes
            MAC address advertisement:              4
            MAC+IP address advertisement:           1
            Inclusive multicast:                    1
            Ethernet auto-discovery:                0
      Number of ethernet segments: 0

    the strange thing is that irb not get L3 context

     

    instead in the past ways i got it like this:

     

      Number of IRB interfaces: 1 (1 up)
        Interface name  VLAN   VNI    Status  L3 context
        irb.100         100            Up     master
      Number of bridge domains: 1
        VLAN  Domain ID   Intfs / up    IRB intf   Mode             MAC sync  IM route label  SG sync  IM core nexthop
        100                  1    1     irb.100    Extended         Enabled   21   

    can you advice? 

     

    release 17.2R3.4

     

    Thanks a lot

     

     



  • 2.  Re: EVPN IRB interface

    Posted 11-03-2020 18:32

    Try to add ESI for these interfaces and configure them as all-active, something like this.

     

     

    esi {
        00:02:01:00:13:00:00:00:00:05;
        all-active;
    }
    

     

     

     

    After these changes irb interfaces on moth MX should be UP. 

    P.S. 17.2 is not the best version for evpn testing on MX, try with one of suggested releases



  • 3.  Re: EVPN IRB interface

    Posted 11-03-2020 21:03

    Hello,

    By default, IRB MAC+IP route when tagged with DG community, results in frames addressed to remote IRB being intercepted by local IRB. This works as designed.

    Try this line instead

     

    set routing-instances EVPN protocols evpn default-gateway no-gateway-community

     

    HTH

    Thx

    Alex

     



  • 4.  Re: EVPN IRB interface

    Posted 11-04-2020 01:26

    hello guys, both irb interface on the two mx are up and running but they haven't l3 context inside the EVPN instance.

     

    without you suggestions in some working box i have correct irb ping, infact if i show arp-table on evpn i got this result.

     

    INET                MAC                Logical       Routing      Bridging
    address             address            interface     instance     domain
    10.10.0.170         00:00:01:01:01:64  irb.200       EVPN         __EVPN__
    10.10.0.171         00:00:0a:02:02:c8                EVPN         __EVPN__
    

     the configuration are exactly the same, i'm lost at this point... let me know if you have another advice

     

    thanks again