Data Center

 View Only
last person joined: 10 days ago 

Ask questions and share experiences about Data Center Architecture and approaches.
  • 1.  Need EVPN-vXLAN virtual gateway assistance

    Posted 12-03-2020 19:42
    I have the following topology. vXLAN between vMX7 and vMX8 with two subnets  vlan 200 (vni 2000) 10.200.100.0/24 and vlan 201 (vni 2001) 10.201.100.0/24

    xe-0/0/1 on both QFXs shut down.


    vMX7
    root@vMX7# show routing-instances | display set
    set routing-instances vxlan-inst vtep-source-interface lo0.0
    set routing-instances vxlan-inst instance-type virtual-switch
    set routing-instances vxlan-inst interface ae0.0
    set routing-instances vxlan-inst interface ae1.0
    set routing-instances vxlan-inst route-distinguisher 10.200.0.7:7
    set routing-instances vxlan-inst vrf-target target:64513:64513
    set routing-instances vxlan-inst protocols evpn encapsulation vxlan
    set routing-instances vxlan-inst protocols evpn extended-vni-list all
    set routing-instances vxlan-inst bridge-domains BD200 vlan-id 200
    set routing-instances vxlan-inst bridge-domains BD200 vxlan vni 2000
    set routing-instances vxlan-inst bridge-domains BD201 vlan-id 201
    set routing-instances vxlan-inst bridge-domains BD201 vxlan vni 2001

    root@vMX7# show interfaces irb | display set
    set interfaces irb unit 200 virtual-gateway-accept-data
    set interfaces irb unit 200 family inet address 10.200.100.251/24 virtual-gateway-address 10.200.100.254
    set interfaces irb unit 201 virtual-gateway-accept-data
    set interfaces irb unit 201 family inet address 10.201.100.251/24 virtual-gateway-address 10.201.100.254

    vMX8
    root@vMX8# show routing-instances | display set
    set routing-instances vxlan-inst vtep-source-interface lo0.0
    set routing-instances vxlan-inst instance-type virtual-switch
    set routing-instances vxlan-inst interface ae0.0
    set routing-instances vxlan-inst interface ae1.0
    set routing-instances vxlan-inst route-distinguisher 10.200.0.8:8
    set routing-instances vxlan-inst vrf-target target:64513:64513
    set routing-instances vxlan-inst protocols evpn encapsulation vxlan
    set routing-instances vxlan-inst protocols evpn extended-vni-list all
    set routing-instances vxlan-inst bridge-domains BD200 vlan-id 200
    set routing-instances vxlan-inst bridge-domains BD200 routing-interface irb.200
    set routing-instances vxlan-inst bridge-domains BD200 vxlan vni 2000
    set routing-instances vxlan-inst bridge-domains BD201 vlan-id 201
    set routing-instances vxlan-inst bridge-domains BD201 routing-interface irb.201
    set routing-instances vxlan-inst bridge-domains BD201 vxlan vni 2001

    [edit]
    root@vMX8# show interfaces irb | display set
    set interfaces irb unit 200 virtual-gateway-accept-data
    set interfaces irb unit 200 family inet address 10.200.100.252/24 virtual-gateway-address 10.200.100.254
    set interfaces irb unit 201 virtual-gateway-accept-data
    set interfaces irb unit 201 family inet address 10.201.100.252/24 virtual-gateway-address 10.201.100.254

    Server-3 works fine
    Server-3#ping 10.200.100.254 re 1
    Type escape sequence to abort.
    Sending 1, 100-byte ICMP Echos to 10.200.100.254, timeout is 2 seconds:
    !
    Success rate is 100 percent (1/1), round-trip min/avg/max = 113/113/113 ms
    Server-3#ping 10.201.100.254 re 1
    Type escape sequence to abort.
    Sending 1, 100-byte ICMP Echos to 10.201.100.254, timeout is 2 seconds:
    !
    Success rate is 100 percent (1/1), round-trip min/avg/max = 112/112/112 ms

    But User-5 only works for one of them

    user-5#ping 10.200.100.254 re 1
    Type escape sequence to abort.
    Sending 1, 100-byte ICMP Echos to 10.200.100.254, timeout is 2 seconds:
    !
    Success rate is 100 percent (1/1), round-trip min/avg/max = 117/117/117 ms
    user-5#ping 10.201.100.254 re 1
    Type escape sequence to abort.
    Sending 1, 100-byte ICMP Echos to 10.201.100.254, timeout is 2 seconds:
    .
    Success rate is 0 percent (0/1)

    vMX8
    I do see the arp request coming in, but no reply

    root@vMX8# run monitor traffic interface ae1.0 no-resolve
    verbose output suppressed, use <detail> or <extensive> for full protocol decode
    Address resolution is OFF.
    Listening on ae1.0, capture size 96 bytes

    23:44:54.273292 In arp who-has 10.201.100.254 tell 10.201.100.2
    23:44:56.274329 In arp who-has 10.201.100.254 tell 10.201.100.2
    23:44:58.586347 In arp who-has 10.201.100.254 tell 10.201.100.2
    ^C

    What did I miss here ?    I like to make sure my configuration is OK,  sometimes, the vmware gives me some troubles.

    thanks in advance !!








  • 2.  RE: Need EVPN-vXLAN virtual gateway assistance

    Posted 12-03-2020 21:40
    After I added this line, the issue seems fixed.
    set routing-instances vxlan-inst protocols evpn default-gateway advertise

    But I do not fully understand why yet.  doing more tests.

    The original issue is vMX8 never replies arp request for one of the networks.
    but vMX7 replies both.

    Thanks for any insights in advance !!


  • 3.  RE: Need EVPN-vXLAN virtual gateway assistance

    Posted 12-03-2020 22:28
    Seems the software is not stable.
    I wiped all the configurations and did again.  the same configuration as the above, it works fine.