We validate EVPN E-LAN on Express4-based platforms playing the role of PE. In this article, we will describe the various approaches, the configurations and the instance scaling.
Introduction
In this first article, we introduced the key concepts of EVPN, focusing on the E-LINE/VPWS aspects. Let's now cover in details EVPN E-LAN service implementation on the PTX with Junos EVO and 400GE platforms powered by Express 4 ASIC.
Figure 1 is a reference topology and Figure 2 further down gives more details on the configuration and the different cases covered including Single homed, Multi homed and Scaling of the test scenario on a live topology with the configuration and operational status for each case.
Figure 1: EVPN Topology – SingleHome / MultiHome
Test Topology
Below topology was used for testing different EVPN VPWS scenarios. The PTX platforms here are the DUT playing role of PEs and the CEs used in the topology are MX960 but there is a choice of using many other platforms like ACX/ MX fixed chassis/QFX and all of these are options for to test or deploy EVPN E-LAN in their respective network.
Device Name |
Model |
Software Version |
CE1 |
Hostname: R5-RE0 Model: mx960 |
21.1R1.11 |
PE1 |
Hostname: r1-RE0-re0 Model: ptx10008 |
22.2R2-202210200108.0-EVO |
PE2 |
Hostname: r2-RE0-re0 Model: ptx10008 |
22.2R2-202210200108.0-EVO |
PE3 |
Hostname: r3-RE0-re0 Model: ptx10008 |
22.2R2-202210200108.0-EVO |
PE4 |
Hostname: r4-RE0-re0 Model: ptx10008 |
22.2R2-202210200108.0-EVO |
CE2 |
Hostname: R7-RE0 Model: mx960 |
21.1R1.11 |
Underlay and Customer Equipment (CE) Configuration
All PE’s are configured using the OSPF and MPLS for underlay. The PEs are configured with fully meshed BGP session with “family evpn signalling” enabled to exchange the EVPN routes among each other. Sample configuration is covered as part of Underlay Configuration – MPLS towards the end of the document for reference. Also the CE configuration used during the testing is also covered towards the end for reference.
ESI-LAG vs MC-LAG
ESI-LAG supports all the feature that legacy MC-LAG support including the Active/ Active or Active/ Standby modes. With ESI-LAG we have the following advantages.
- More than 2 PEs is supported
- No requirement for ICL (inter chassis link)
- Integrated L3 Gateway support
- Standardized, interoperable inter-chassis protocol
- Everything handled using the BGP signalling
ESI Configuration
Ethernet Segment Identifier (ESI) is used to uniquely identify multi-homed Ethernet segments. Information about ESI in EVPN messages is encoded in NRLI itself, and distributed via ES-Import RT communities (RFC 7432, Section 7.6) in Type 4 messages as well, e.g.:
4:11.11.11.11:0::111111111111111111:11.11.11.11/296 ES (1 entry, 1 announced) <===== encoded ESI: Type 0, Value: 11:11:11:11:11:11:00:00:00
TSI:
Page 0 idx 0, (group ibgp type Internal) Type 1 val 0x56375d6c5030 (adv_entry)
Advertised metrics:
Flags: Nexthop Change
Nexthop: Self
Localpref: 100
AS path: [64512] I
Communities: es-import-target:11-11-11-11-11-11 <===== ES-IMPORT RT
Advertise: 00000003
Path 4:11.11.11.11:0::111111111111111111:11.11.11.11
These ES-Import RTs are generated from ESI, e.g.:
set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11
ESI has 10 bytes, ES-Import Route Target (RT) has space for 6 bytes of payload (useful info). Therefore, the first 6 most significant bytes from ESI payload are taken to generate ES-Import RT.
The first byte represents ESI Type (Type 0: "manually configured"), therefore in the above example 11:11:11:11:11:11 are taken from configured ESI and used to populate advertised ES-Import RT. ES-Import RT enables all the PEs connected to the same multi-homed site to import the Ethernet Segment (Type 4) routes.
Now, if we have the following ESIs configured on some interfaces, the ES-Import RT will be 00:00:00:11:11:11 with the ESI configured with 00:00:00:00:11:11:11:11:11:11 on PE1 and PE2 (in figure 2).
See below how to configure it.
set interfaces ae0 esi 00:00:00:00:11:11:11:11:11:11
Here is the output taken from the PE1 where the above is configured.
4:11.11.11.11:0::111111111111:11.11.11.11/296 ES (1 entry, 1 announced)
TSI:
Page 0 idx 0, (group ibgp type Internal) Type 1 val 0x56375d6c72c0 (adv_entry) <===== encoded ESI: Type 0, Value: 00:00:00:11:11:11:11:11:11:00:00:00
Advertised metrics:
Flags: Nexthop Change
Nexthop: Self
Localpref: 100
AS path: [64512] I
Communities: es-import-target:0-0-0-11-11-11 <===== ES-IMPORT RT
Advertise: 00000007
Path 4:11.11.11.11:0::111111111111:11.11.11.11
It is the same for all ESIs. All PEs will import these Type 4 routes, but later, based on the actual ESI encoded as part of NRLI in these Type 4 routes, and the actual ESI configured on some local interface, if there is no match, the route will not be used. From EVPN machinery perspective, it is OK, but not optimal. The most optimal (i.e. for control plane optimization), is to differentiate ESIs in the first 6 useful bytes (rather than use the last 3 bytes), so that generated ES-Import RT prevents these routes from even being imported on PEs that don’t need them.
EVPN E-LAN
EVPN-LAN is a framework for delivering multipoint-to-multipoint VPN service with the EVPN signalling mechanisms. E-LAN service allows service providers to offer services that manage the l2 learning very efficiently. In a multihoming scenario, the BUM is handled by the PE-DF, and the learned information is redistributed to other PEs in the network. The multihomed CE connects a customer site to two or more PE devices providing redundant services.
From a MEF standard perspective, there are two different services for EVPN-E-LAN
- EP-LAN (Ethernet Private LAN): offers a multipoint-to-multipoint ethernet virtual connection (EVC) between a dedicated UNI (User Network Interface). It is a Port-based service.
- EP-VLAN (Ethernet Virtual Private LAN): offers VLAN-based service multiplexing, multiple EVCs are paired per UNI.
EVPN E-LAN Instance types
Three types of instances supported across Juniper platforms for EVPN E-LAN.
- "MAC-VRF" instances: used to provision all 3 services (vlan-based, vlan-bundle, vlan-aware-bundle) associated with a single EVI.
- "EVPN" instances: used to provision vlan-based, vlan-bundle services for an EVI.
- "Virtual-Switch" instances: used to provision vlan-aware-bundle services for an EVI.
PTX based on Express4 running JUNOS EVO supports only MAC-VRF based instances. The table below lists different MPLS or VXLAN EVIs support for Juniper platforms including MX, ACX(Junos, EVO), and PTX (Junos, EVO). This content guides the user/operator to identify which platforms can interop with PTX.
Instance Type |
Platform/OS |
VLAN-Based |
VLAN-Bundle |
VLAN-Aware
|
MPLS
|
VXLAN
|
MPLS
|
VXLAN
|
MPLS
|
VXLAN
|
MAC-VRF |
PTX (EVO) |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
ACX (EVO) |
✓ |
✓ |
✓ |
✓ |
✕
|
✓ |
MX (JUNOS) |
✓
|
✓ |
✓ |
✓ |
✓ |
✓ |
EVPN |
PTX (EVO) |
✕ |
✕ |
✕ |
✕ |
✕ |
✕ |
ACX (EVO) |
✓ |
✕ |
✓ |
✕ |
✕ |
✕ |
MX (JUNOS) |
✓ |
✕ |
✓ |
✕ |
✕ |
✕ |
Virtual-Switch |
PTX (EVO) |
✕ |
✕ |
✕ |
✕ |
✕ |
✕ |
ACX (EVO) |
✕ |
✕ |
✕ |
✕ |
✓ |
✕ |
MX (JUNOS) |
✕ |
✕ |
✕ |
✕ |
✓ |
✓ |
Table 2: EVI Support - MAC-VRF vs EVPN vs VIRTUAL-SWITCH
EVPN E-LAN Services Behaviour per Instance Kind.
Table 3 below outlines the behaviour of each service model for EVPN E-LAN implementation not specific to PTX. It will be useful during interop with other Juniper platforms or even other Networking Equipment Manufacturers (NEM).
Feature |
MAC-VRF |
EVPN |
Virtual-Switch |
Control-word enabled by default |
✓ |
✕ |
✕ |
Normalization |
✓ |
✓ |
✕ |
No-normalization |
✓ |
✓ |
✕ |
Default normalisation behaviour |
No-normalization |
Normalization |
N/A |
Full Compliance with RFC7432 |
✓ |
✓ |
✓ |
Core Isolation |
✓ |
✓ |
✓ |
Table 3: Service Comparison for MAC-VRF vs EVPN vs VIRTUAL-SWITCH
EVPN E-LAN Services behaviour with the SP or EP Style of configuration
Service Provider (SP) style and Enterprise (EP) are different styles of configuring interfaces using Juniper devices. Table 4, below highlights the supported options available for configuring VLAN-id or vlan-id-list.
|
VLAN-based |
VLAN-Bundle |
VLAN-aware |
|
SP Style |
EP Style |
SP Style |
EP Style |
SP Style |
EP Style |
VLAN-id |
✓ |
✓ |
✓ |
✕ |
✓ |
✓ |
VLAN-id-list |
✕ |
✕ |
✓ |
✕ |
✕ |
✓ |
Table 4: Configuration SP vs EP Style - MAC-VRF
EVPN MAC-VRF
MAC-VRF unifies EVPN E-LAN services configuration across all Juniper platforms for EVPN-MPLS or EVPN-VXLAN. With this instance, the CLI knob “service-type” drives the requirements of the service under a single umbrella for the E-LAN services. These are driven by the service provider requirements, RFC compliance, and design choices.
MAC-VRF is not just about simplicity, it is RFC compliant and easier to interop. Also, with “instance-type mac-vrf”, the bridge domains will by default extended into EVPN, no need to configure an “extended-vlan-list”. Both Enterprise (EP) style and Service Provider (SP) style interfaces are supported in mac-vrf instance.
Listed below are the 3 different service types in MAC-VRF instance.
VLAN-based MAC-VRF Instance
VLAN-based service is a one-to-one mapping of the VLAN ID with the EVPN Instance (EVI). The MAC-VRF EVI corresponds one VLAN to a single flooding domain and single MAC learning domain to handle all the BUM and Unicast traffic. In certain cases, VLANs on two ends of the EVPN network may be Asymmetric and VLAN translation is required. There are different models of translation that can be used as listed below.
Figure 2: EVPN E-LAN VLAN-based
Table 5, below shows what VLAN translation actually means and how we can identify the VLAN ID from the routes advertised/learnt from other PEs.
Options |
Description |
Route Example |
No VLAN Translation, Ethernet tag = 0
|
This is a strict compliance of RFC7432 Section 6.1. The T2 route consists of Ethernet TAG=0 |
2:22.22.22.22:1::0::00:00:aa:00:00:00/304 MAC/IP |
No VLAN Translation, Ethernet-tag = non zero |
This is a partial compliance of RFC7432 Section 6.1. The T2 route consists of Ethernet TAG=non zero. In this case the VLANS facing Access & Core are symmetric. |
2:22.22.22.22:1::1::00:00:aa:00:00:00/304 MAC/IP |
VLAN Translation, Ethernet-tag = non zero |
This is a partial compliance of RFC7432 Section 6.1. The T2 route consists of Ethernet TAG=non zero. In this case the VLANS facing Access & Core are Asymmetric. And there needs to be a vlan Translation that needs to be done. |
2:22.22.22.22:1::1::00:00:aa:00:00:00/304 MAC/IP |
Table 5: VLAN-BASED Service translation options
VLAN-BUNDLE
MAC-VRF instance with service-type “VLAN-bundle” offers service with multiple bridge-domain/VLANs under it. The MAC-VRF EVPN Instance (EVI) corresponds one VLAN to a bridge table and the bridge domain created handles all the BUM and Unicast traffic within the Bridge domain. RFC7432 Section 6.2 covers this in detail.
Figure 4: EVPN E-LAN VLAN-BUNDLE
VLAN-bundle service, while maintaining a single MAC learning domain (single MAC table, single bridge domain), can be applied to multiple broadcast domains (multiple VLANs). This implies that in VLAN-bundle service MAC addresses must be unique across VLANs and there cannot be MAC overlap between VLANs. VLAN Bundle gives an option to the user to consolidate many VLANs of similar interest to be part of a single BD.
Figure 5: EVPN E-LAN VLAN-BUNDLE
VLAN-AWARE-BUNDLE
MAC-VRF instance with service-type “VLAN-aware” offers service with multiple bridge-domain/VLANs under it. This is similar to the “virtual-switch” routing instance in other platforms like MX/ACX.
Figure 6: EVPN E-LAN VLAN-AWARE
VLAN Aware bundle allows the consolidation of multiple broadcast domains in a single EVI. Each of the EVI can have various Bridge Domains (BD) and each VLAN can be associated with a separate BD. Thus, the MAC learning domains correspond to various bridge domains.
Figure 7: EVPN E-LAN VLAN-AWARE
EVPN vs MAC-VRF (Normalization)
Table 6 below provides guidelines on the interoperability between different Juniper platforms implementing VLAN-BASED service when to use instance-type EVPN or MAC-VRF.
|
EVPN |
MAC-VRF |
ethernet-tag-id |
Tagged set “vlan-id none” |
0 |
normalization |
Default behaviour |
With CLI under protocol evpn “set normalization” |
no normalization |
Using CLI config “set vlan-id none” “set no-normalization” |
Default Behaviour |
Table 6: Interop Configuration guidelines
With MAC-VRF, by default, control plane advertised routes with ethernet-tag-id = 0 for VLAN-based service. To interop with other Juniper platforms (Junos based), an evpn instance must be configured with “vlan-id none” and “protocol evpn no-normalization” for routing instance with “instance-type evpn”.
At the same time routing-instance on other platforms configured using “instance-type evpn” are configured in default mode, i.e., without “vlan-id none” and “protocol evpn no-normalization” then the MAC-VRF instance needs to be configuring with “normalize” tag.
EVPN E-LAN Test Scenarios
EVPN E-LAN VLAN-BASED
All four PEs in the topology present in Figure 2 are BGP-EVPN PE and have the EVPN MAC-VRF instance setup. These PEs discover each other in the network, establish the EVPN sessions and exchange the EVPN routes.
EVPN E-LAN (VLAN-based) SP Style vlan-id
Configuration - SP Style One-to-One mapping of BD to VLAN in A/A mode:
In Active/Active we need to bundle the UNI links from the CE node to the Multihomed PE so that the traffic is load balanced.
PE1 |
PE3 |
regress@r1-RE0-re0# show interfaces ae0 flexible-vlan-tagging; encapsulation flexible-ethernet-services; esi { 00:11:11:11:11:11:11:11:11:11; all-active; } aggregated-ether-options { lacp { active; system-id 00:00:00:00:11:01; } } unit 1 { encapsulation vlan-bridge; vlan-id 1; } {master}[edit] regress@r1-RE0-re0# show routing-instances evpn-vlan-based { instance-type mac-vrf; protocols { evpn; } service-type vlan-based; route-distinguisher 11.11.11.11:1; vrf-target target:11:1; vlans { bd1 { vlan-id 1; interface ae0.1; } } }
|
regress@r3-RE0-re0# show interfaces ae0 flexible-vlan-tagging; encapsulation flexible-ethernet-services; esi { 00:22:22:22:22:22:22:22:22:22; all-active; } aggregated-ether-options { lacp { inactive: active; system-id 00:00:00:00:22:01; } } unit 1 { encapsulation vlan-bridge; vlan-id 1; } {master}[edit] regress@r3-RE0-re0# show routing-instances evpn-vlan-based { instance-type mac-vrf; protocols { evpn; } service-type vlan-based; route-distinguisher 33.33.33.33:1; vrf-target target:11:1; vlans { bd1 { vlan-id 1; interface ae0.1; } } }
|
Operational - SP Style One to One mapping of BD to VLAN in A/A mode, on PE1:
regress@r1-RE0-re0> show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 11.11.11.11:0
Number of bridge domains: 0
Number of neighbors: 1
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
22.22.22.22 0 0 0 0 1
Instance: evpn-vlan-based
Route Distinguisher: 11.11.11.11:1
VLAN ID: 1
Per-instance MAC route label: 50378
Control word enabled
Duplicate MAC detection threshold: 5
Duplicate MAC detection window: 180
MAC database status Local Remote
MAC advertisements: 10 30
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 2 (2 up)
Interface name ESI Mode Status AC-Role
.local..53 00:00:00:00:00:00:00:00:00:00 single-homed Up Root
ae0.1 00:11:11:11:11:11:11:11:11:11 all-active Up Root
Number of IRB interfaces: 0 (0 up)
Number of protect interfaces: 0
Number of bridge domains: 1
VLAN Domain-ID Intfs/up IRB-intf Mode MAC-sync v4-SG-sync v6-SG-sync
1 1 1 Extended Enabled Disabled Disabled
Number of neighbors: 3
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
22.22.22.22 10 0 2 1 0
33.33.33.33 10 0 2 1 0
44.44.44.44 10 0 2 1 0
Number of ethernet segments: 2
ESI: 00:11:11:11:11:11:11:11:11:11
Status: Resolved by IFL ae0.1
Local interface: ae0.1, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote-PE MAC-label Aliasing-label Mode
22.22.22.22 48511 48511 all-active
DF Election Algorithm: MOD based
Designated forwarder: 22.22.22.22
Backup forwarder: 11.11.11.11
Last designated forwarder update: Nov 27 10:31:44
Advertised split horizon label: 50381
ESI: 00:22:22:22:22:22:22:22:22:22
Status: Resolved by NH 121299
Number of remote PEs connected: 2
Remote-PE MAC-label Aliasing-label Mode
33.33.33.33 48059 48059 all-active
44.44.44.44 50100 50100 all-active
SMET Forwarding: Disabled
{master}
regress@r1-RE0-re0> show mac-vrf forwarding instance
Information for routing instance and VLAN:
Flags (DL - disable learning, SE - stats enabled,
AD - packet action drop, LH - MAC limit hit,
MI - mac+ip limit hit)
Inst Logical Routing VLAN name Index IRB Flags Tag
type system instance index
RTT Default __juniper_private1__ 1
RTT Default default-switch 52
vlan Default default-switch default 1 1
RTT Default evpn-vlan-based 53
vlan Default evpn-vlan-based bd1 2 1
{master}
regress@r1-RE0-re0> show mac-vrf forwarding mac-table
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static, C - Control MAC
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)
Ethernet switching table : 20 entries, 20 learned
Routing instance : evpn-vlan-based
Vlan MAC MAC Age Logical NH RTR
name address flags interface Index ID
bd1 00:00:00:01:00:01 D - ae0.1 0 0
bd1 00:00:00:01:00:02 D - ae0.1 0 0
bd1 00:00:00:01:00:03 D - ae0.1 0 0
bd1 00:00:00:01:00:04 D - ae0.1 0 0
bd1 00:00:00:01:00:05 D - ae0.1 0 0
bd1 00:00:00:01:00:06 D - ae0.1 0 0
bd1 00:00:00:01:00:07 D - ae0.1 0 0
bd1 00:00:00:01:00:08 D - ae0.1 0 0
bd1 00:00:00:01:00:09 D - ae0.1 0 0
bd1 00:00:00:01:00:0a D - ae0.1 0 0
bd1 00:00:00:21:00:01 DC - 121299 121299
bd1 00:00:00:21:00:02 DC - 121299 121299
bd1 00:00:00:21:00:03 DC - 121299 121299
bd1 00:00:00:21:00:04 DC - 121299 121299
bd1 00:00:00:21:00:05 DC - 121299 121299
bd1 00:00:00:21:00:06 DC - 121299 121299
bd1 00:00:00:21:00:07 DC - 121299 121299
bd1 00:00:00:21:00:08 DC - 121299 121299
bd1 00:00:00:21:00:09 DC - 121299 121299
bd1 00:00:00:21:00:0a DC - 121299 121299
{master}
regress@r1-RE0-re0> show mac-vrf forwarding flood-group
FldGrp Name : __ves__+++1 MeshGrp Name: __ves__ Bd Name: default+1 Fgrp Flag: 0xc
Eamnh: 0x558413be3030 id: 0 Flags: 1
Flood Route : 0x558413be2d00 Flood Token : 0x30002/51 Fnh id : 0
FldGrp Name : __all_ces__+++1 MeshGrp Name: __all_ces__ Bd Name: default+1 Fgrp Flag: 0xa
Eamnh: 0x558413be3690 id: 0 Flags: 1
Flood Route : 0x558413be3360 Flood Token : 0x30003/51 Fnh id : 0
FldGrp Name : __mlp_flood__+++1 MeshGrp Name: __mlp_flood__ Bd Name: default+1 Fgrp Flag: 0x40c
Eamnh: 0x558413be3ce0 id: 0 Flags: 1
Flood Route : 0x558413be39c0 Flood Token : 0x20001/51 Fnh id : 0
FldGrp Name : __re_flood__+++1 MeshGrp Name: __re_flood__ Bd Name: default+1 Fgrp Flag: 0x4c
Eamnh: 0x558413be4340 id: 0 Flags: 1
Flood Route : 0x558413be4010 Flood Token : 0x40001/51 Fnh id : 0
FldGrp Name : __ves__+++2 MeshGrp Name: __ves__ Bd Name: bd1+1 Fgrp Flag: 0xc
Eamnh: 0x558414cc0710 id: 57020 Flags: 0
Flood Route : 0x558414c7a3a0 Flood Token : 0x30004/51 Fnh id : 57021
FldGrp Name : __all_ces__+++2 MeshGrp Name: __all_ces__ Bd Name: bd1+1 Fgrp Flag: 0xa
Eamnh: 0x558414cc06a0 id: 57017 Flags: 0
Flood Route : 0x558414a0de20 Flood Token : 0x30005/51 Fnh id : 57019
FldGrp Name : __mlp_flood__+++2 MeshGrp Name: __mlp_flood__ Bd Name: bd1+1 Fgrp Flag: 0x40c
Eamnh: 0x558414cc0630 id: 0 Flags: 1
Flood Route : 0x558413bf36b0 Flood Token : 0x20002/51 Fnh id : 0
FldGrp Name : __re_flood__+++2 MeshGrp Name: __re_flood__ Bd Name: bd1+1 Fgrp Flag: 0x4c
Eamnh: 0x558414cc05c0 id: 0 Flags: 1
Flood Route : 0x558414bfc0e0 Flood Token : 0x40002/51 Fnh id : 57018
{master}
regress@r1-RE0-re0> show mac-vrf forwarding statistics
Local interface: ae0.1, Index: 33205
Current MAC count: 10 (Limit 65536)
Traffic Screenshot showing traffic flowing:
EVPN E-LAN (VLAN-based) EP Style vlan-id
Configuration - EP Style One-to-One mapping of BD to VLAN in A/A mode:
In Active/Active, we need to bundle the UNI links from the CE node to the Multihomed PE so that the traffic is load balanced.
PE1 |
PE3 |
regress@r1-RE0-re0# show interfaces ae0 esi { 00:00:00:00:11:11:11:11:11:11; all-active; } aggregated-ether-options { lacp { active; system-id 00:00:00:00:11:01; } } unit 0 { family ethernet-switching { interface-mode trunk; vlan { members v100; } } } regress@r1-RE0-re0# show routing-instances evpn-vlan-based instance-type mac-vrf; protocols { evpn; } service-type vlan-based; interface ae0.0; route-distinguisher 11.11.11.11:1; vrf-target target:11:1; vlans { v100 { vlan-id 100; } } regress@r1-RE0-re0# show vlans v100 { vlan-id 100; }
|
regress@r3-RE0-re0# show interfaces ae0 esi { 00:22:22:22:22:22:22:22:22:22; all-active; } aggregated-ether-options { lacp { inactive: active; system-id 00:00:00:00:22:01; } } unit 0 { family ethernet-switching { interface-mode trunk; vlan { members v100; } } } regress@r3-RE0-re0# show routing-instances evpn-vlan-based instance-type mac-vrf; protocols { evpn; } service-type vlan-based; interface ae0.0; route-distinguisher 33.33.33.33:1; vrf-target target:11:1; vlans { v100 { vlan-id 100; } }
regress@r3-RE0-re0# show vlans v100 { vlan-id 100; }
|
Operational - SP Style One to One mapping of BD to VLAN in A/A mode, on PE1:
regress@r1-RE0-re0# run show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 11.11.11.11:0
Number of bridge domains: 0
Number of neighbors: 1
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
22.22.22.22 0 0 0 0 1
Instance: evpn-vlan-based
Route Distinguisher: 11.11.11.11:1
VLAN ID: 100
Per-instance MAC route label: 1763
Control word enabled
Duplicate MAC detection threshold: 5
Duplicate MAC detection window: 180
MAC database status Local Remote
MAC advertisements: 2 4
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 2 (2 up)
Interface name ESI Mode Status AC-Role
.local..54 00:00:00:00:00:00:00:00:00:00 single-homed Up Root
ae0.0 00:00:00:00:11:11:11:11:11:11 all-active Up Root
Number of IRB interfaces: 0 (0 up)
Number of protect interfaces: 0
Number of bridge domains: 1
VLAN Domain-ID Intfs/up IRB-intf Mode MAC-sync v4-SG-sync v6-SG-sync
100 1 1 Extended Enabled Disabled Disabled
Number of neighbors: 3
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
22.22.22.22 2 0 2 1 0
33.33.33.33 1 0 2 1 0
44.44.44.44 1 0 2 1 0
Number of ethernet segments: 2
ESI: 00:00:00:00:11:11:11:11:11:11
Status: Resolved by IFL ae0.0
Local interface: ae0.0, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote-PE MAC-label Aliasing-label Mode
22.22.22.22 1594 1594 all-active
DF Election Algorithm: MOD based
Designated forwarder: 11.11.11.11
Backup forwarder: 22.22.22.22
Last designated forwarder update: Dec 25 23:07:11
Advertised split horizon label: 1766
ESI: 00:22:22:22:22:22:22:22:22:22
Status: Resolved by NH 25643
Number of remote PEs connected: 2
Remote-PE MAC-label Aliasing-label Mode
33.33.33.33 75 75 all-active
44.44.44.44 75 75 all-active
SMET Forwarding: Disabled
regress@r1-RE0-re0# run show evpn database
Instance: evpn-vlan-based
VLAN DomainId MAC address Active source Timestamp IP address
100 00:00:aa:00:00:00 00:00:00:00:11:11:11:11:11:11 Dec 25 23:00:32
100 00:00:bb:00:00:00 00:00:00:00:11:11:11:11:11:11 Dec 25 23:08:37
100 00:00:cc:00:00:00 00:22:22:22:22:22:22:22:22:22 Dec 25 23:08:37
regress@r1-RE0-re0# run show mac-vrf forwarding mac-table
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static, C - Control MAC
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)
Ethernet switching table : 3 entries, 3 learned
Routing instance : evpn-vlan-based
Vlan MAC MAC Age Logical NH RTR
name address flags interface Index ID
v100 00:00:aa:00:00:00 D - ae0.0 0 0
v100 00:00:bb:00:00:00 D - ae0.0 0 0
v100 00:00:cc:00:00:00 DC - 25643 25643
regress@r1-RE0-re0# run show mac-vrf forwarding instance
Information for routing instance and VLAN:
Flags (DL - disable learning, SE - stats enabled,
AD - packet action drop, LH - MAC limit hit,
MI - mac+ip limit hit)
Inst Logical Routing VLAN name Index IRB Flags Tag
type system instance index
RTT Default __juniper_private1__ 1
RTT Default default-switch 52
vlan Default default-switch default 1 1
vlan Default default-switch v100 46 100
RTT Default evpn-vlan-based 54
vlan Default evpn-vlan-based v100 47 100
Traffic Screenshot showing traffic flowing:
EVPN E-LAN VLAN-BUNDLE
All four PEs in the topology are BGP-EVPN PE and have the EVPN MAC-VRF instance setup. These PEs discover each other in the network, establish the EVPN sessions and exchange EVPN routes. The configuration below covers the EVPN Multihomed PEs scenario in Active-Active mode.
EVPN E-LAN (VLAN-Bundle) SP Style vlan-id
Configuration - SP Style Multiple VLANs mapping to BD in A/A mode:
In Active/Active, we need to bundle the UNI links from CE node to the Multi-homed PE so that the traffic is load balanced. Here, we have 2 VLAN-ids part of the same Ethernet Virtual Instance (EVI). However, in the multi-homed scenario, the Ethernet Segment Identifier (ESI) has to be defined individually for each IFLs. Otherwise, it throws an error “Multiple interfaces of same ESI can not be included in the routing instance evpn-vlan-bundle”
For a single/active scenario, the common ESI can be defined for both vlan-id in an EVI.
PE1 |
PE3 |
regress@r1-RE0-re0# show routing-instances evpn-vlan-bundle instance-type mac-vrf; protocols { evpn; } service-type vlan-bundle; route-distinguisher 11.11.11.11:1; vrf-target target:11:1; vlans { bd1 { interface ae0.1; interface ae0.2; } }
regress@r1-RE0-re0# show interfaces ae0 flexible-vlan-tagging; encapsulation flexible-ethernet-services; aggregated-ether-options { lacp { active; system-id 00:00:00:00:11:01; } } unit 1 { encapsulation vlan-bridge; vlan-id 1; esi { 00:11:11:11:11:11:11:11:11:11; all-active; } } unit 2 { encapsulation vlan-bridge; vlan-id 2; esi { 00:11:11:11:11:11:11:11:11:12; all-active; } }
|
regress@r3-RE0-re0# show routing-instances evpn-vlan-bundle instance-type mac-vrf; protocols { evpn; } service-type vlan-based; route-distinguisher 33.33.33.33:1; vrf-target target:11:1; vlans { bd1 { interface ae0.1; interface ae0.2; } } regress@r3-RE0-re0# show interfaces ae0 flexible-vlan-tagging; encapsulation flexible-ethernet-services; aggregated-ether-options { lacp { active; system-id 00:00:00:00:22:01;
} } unit 1 { encapsulation vlan-bridge; vlan-id 1; esi { 00:22:22:22:22:22:22:22:22:21; all-active; } } unit 2 { encapsulation vlan-bridge; vlan-id 2; esi { 00:22:22:22:22:22:22:22:22:22; all-active; } }
|
Operational - SP Style Multiple VLANs mapping to BD in A/A mode, on PE1:
regress@r1-RE0-re0# run show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 11.11.11.11:0
Number of bridge domains: 0
Number of neighbors: 1
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
22.22.22.22 0 0 0 0 2
Instance: evpn-vlan-bundle
Route Distinguisher: 11.11.11.11:1
Service interface type: VLAN-bundle service interface
Per-instance MAC route label: 50519
Per-instance multicast route label: 50521
Control word enabled
Duplicate MAC detection threshold: 5
Duplicate MAC detection window: 180
MAC database status Local Remote
MAC advertisements: 2 6
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 3 (3 up)
Interface name ESI Mode Status AC-Role
.local..53 00:00:00:00:00:00:00:00:00:00 single-homed Up Root
ae0.1 00:11:11:11:11:11:11:11:11:11 all-active Up Root
ae0.2 00:11:11:11:11:11:11:11:11:12 all-active Up Root
Number of IRB interfaces: 0 (0 up)
Number of protect interfaces: 0
Number of bridge domains: 1
VLAN Domain-ID Intfs/up IRB-intf Mode MAC-sync v4-SG-sync v6-SG-sync
None 2 2 Extended Enabled Disabled Disabled
Number of neighbors: 3
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
22.22.22.22 2 0 4 1 0
33.33.33.33 2 0 4 1 0
44.44.44.44 2 0 4 1 0
Number of ethernet segments: 4
ESI: 00:11:11:11:11:11:11:11:11:11
Status: Resolved by IFL ae0.1
Local interface: ae0.1, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote-PE MAC-label Aliasing-label Mode
22.22.22.22 48618 48618 all-active
DF Election Algorithm: MOD based
Designated forwarder: 11.11.11.11
Backup forwarder: 22.22.22.22
Last designated forwarder update: Dec 05 04:22:36
Advertised split horizon label: 50523
ESI: 00:11:11:11:11:11:11:11:11:12
Status: Resolved by IFL ae0.2
Local interface: ae0.2, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote-PE MAC-label Aliasing-label Mode
22.22.22.22 48618 48618 all-active
DF Election Algorithm: MOD based
Designated forwarder: 11.11.11.11
Backup forwarder: 22.22.22.22
Last designated forwarder update: Dec 05 04:22:37
Advertised split horizon label: 50525
ESI: 00:22:22:22:22:22:22:22:22:21
Status: Resolved by NH 121583
Number of remote PEs connected: 2
Remote-PE MAC-label Aliasing-label Mode
33.33.33.33 50 50 all-active
44.44.44.44 50220 50220 all-active
ESI: 00:22:22:22:22:22:22:22:22:22
Status: Resolved by NH 121582
Number of remote PEs connected: 2
Remote-PE MAC-label Aliasing-label Mode
33.33.33.33 50 50 all-active
44.44.44.44 50220 50220 all-active
SMET Forwarding: Disabled
{master}[edit]
regress@r1-RE0-re0# run show mac-vrf forwarding instance
Information for routing instance and VLAN:
Flags (DL - disable learning, SE - stats enabled,
AD - packet action drop, LH - MAC limit hit,
MI - mac+ip limit hit)
Inst Logical Routing VLAN name Index IRB Flags Tag
type system instance index
RTT Default __juniper_private1__ 1
RTT Default default-switch 52
vlan Default default-switch default 2 1
RTT Default evpn-vlan-bundle 53
vlan Default evpn-vlan-bundle bd1 3 MD NA
{master}[edit]
regress@r1-RE0-re0# run show mac-vrf forwarding mac-table
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static, C - Control MAC
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)
Ethernet switching table : 4 entries, 4 learned
Routing instance : evpn-vlan-bundle
Vlan MAC MAC Age Logical NH RTR
name address flags interface Index ID
bd1 00:00:00:01:00:01 D - ae0.1 0 0
bd1 00:00:00:11:00:01 D - ae0.2 0 0
bd1 00:00:00:21:00:01 DC - 121583 121583
bd1 00:00:00:31:00:01 DC - 121582 121582
{master}[edit]
regress@r1-RE0-re0# run show mac-vrf forwarding flood-group
FldGrp Name : __ves__+++2 MeshGrp Name: __ves__ Bd Name: default+1 Fgrp Flag: 0xc
Eamnh: 0x558414a0d220 id: 0 Flags: 1
Flood Route : 0x558415437b30 Flood Token : 0x30002/51 Fnh id : 0
FldGrp Name : __all_ces__+++2 MeshGrp Name: __all_ces__ Bd Name: default+1 Fgrp Flag: 0xa
Eamnh: 0x558414a1def0 id: 0 Flags: 1
Flood Route : 0x5584187c2250 Flood Token : 0x30003/51 Fnh id : 0
FldGrp Name : __mlp_flood__+++2 MeshGrp Name: __mlp_flood__ Bd Name: default+1 Fgrp Flag: 0x40c
Eamnh: 0x558415437b90 id: 0 Flags: 1
Flood Route : 0x55841a8b4ed0 Flood Token : 0x20002/51 Fnh id : 0
FldGrp Name : __re_flood__+++2 MeshGrp Name: __re_flood__ Bd Name: default+1 Fgrp Flag: 0x4c
Eamnh: 0x558414ffb740 id: 0 Flags: 1
Flood Route : 0x558414b61660 Flood Token : 0x40002/51 Fnh id : 0
FldGrp Name : __ves__+++3 MeshGrp Name: __ves__ Bd Name: bd1 Fgrp Flag: 0xc
Eamnh: 0x558414cc07f0 id: 57048 Flags: 0
Flood Route : 0x558414cc2160 Flood Token : 0x30004/51 Fnh id : 57049
FldGrp Name : __all_ces__+++3 MeshGrp Name: __all_ces__ Bd Name: bd1 Fgrp Flag: 0xa
Eamnh: 0x558414cc0550 id: 57044 Flags: 0
Flood Route : 0x558418243c70 Flood Token : 0x30005/51 Fnh id : 57045
FldGrp Name : __mlp_flood__+++3 MeshGrp Name: __mlp_flood__ Bd Name: bd1 Fgrp Flag: 0x40c
Eamnh: 0x558414cc04e0 id: 0 Flags: 1
Flood Route : 0x558414c7a3a0 Flood Token : 0x20003/51 Fnh id : 0
FldGrp Name : __re_flood__+++3 MeshGrp Name: __re_flood__ Bd Name: bd1 Fgrp Flag: 0x4c
Eamnh: 0x558414c69f80 id: 0 Flags: 1
Flood Route : 0x558414c12c20 Flood Token : 0x40003/51 Fnh id : 57046
{master}[edit]
regress@r1-RE0-re0# run show mac-vrf forwarding statistics
Local interface: ae0.1, Index: 33201
Current MAC count: 1 (Limit 65536)
Local interface: ae0.2, Index: 33200
Current MAC count: 1 (Limit 65536)
Traffic Screenshot showing traffic flowing:
EVPN E-LAN (VLAN-Bundle) SP Style vlan-id-list
Configuration - SP Style vlan-id-list in A/A mode
In Active/Active, we need to bundle the UNI links from CE node to the Multi-homed PE so that the traffic is load balanced. Here, we have VLAN-ID-LIST associated with the ae0.100 IFL which is attached to the Bridge Domain (BD) bd2 in Ethernet Virtual Instance (EVI). With just one IFL attached to bd2 in EVI, the ESI can be defined at IFD or IFL level.
For a single/active scenario, the common ESI can be defined for both vlan-id in an EVI.
PE1 |
PE3 |
regress@r1-RE0-re0# show routing-instances evpn-vlan-bundle instance-type mac-vrf; protocols { evpn; } service-type vlan-bundle; route-distinguisher 11.11.11.11:1; vrf-target target:11:1; vlans { bd2 { interface ae0.100; } }
regress@r1-RE0-re0# show interfaces ae0 flexible-vlan-tagging; encapsulation flexible-ethernet-services; esi { 00:11:11:11:11:11:11:11:11:11; all-active; } aggregated-ether-options { lacp { active; system-id 00:00:00:00:11:01; } } unit 100 { encapsulation vlan-bridge; vlan-id-list 100-110; }
|
regress@r3-RE0-re0# show routing-instances evpn-vlan-bundle instance-type mac-vrf; protocols { evpn; } service-type vlan-bundle; route-distinguisher 33.33.33.33:1; vrf-target target:11:1; vlans { bd2 { interface ae0.100; } }
regress@r3-RE0-re0# show interfaces ae0 flexible-vlan-tagging; encapsulation flexible-ethernet-services; esi { 00:22:22:22:22:22:22:22:22:22; all-active; } aggregated-ether-options { lacp { active; system-id 00:00:00:00:22:01; } } unit 100 { encapsulation vlan-bridge; vlan-id-list 100-110; }
|
Operational - SP Style vlan-id-list in A/A mode, on PE1:
regress@r1-RE0-re0# run show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 11.11.11.11:0
Number of bridge domains: 0
Number of neighbors: 1
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
22.22.22.22 0 0 0 0 1
Instance: evpn-vlan-bundle
Route Distinguisher: 11.11.11.11:1
Service interface type: VLAN-bundle service interface
Per-instance MAC route label: 16
Per-instance multicast route label: 25
Control word enabled
Duplicate MAC detection threshold: 5
Duplicate MAC detection window: 180
MAC database status Local Remote
MAC advertisements: 10 30
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 2 (2 up)
Interface name ESI Mode Status AC-Role
.local..53 00:00:00:00:00:00:00:00:00:00 single-homed Up Root
ae0.100 00:11:11:11:11:11:11:11:11:11 all-active Up Root
Number of IRB interfaces: 0 (0 up)
Number of protect interfaces: 0
Number of bridge domains: 1
VLAN Domain-ID Intfs/up IRB-intf Mode MAC-sync v4-SG-sync v6-SG-sync
None 1 1 Extended Enabled Disabled Disabled
Number of neighbors: 3
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
22.22.22.22 10 0 2 1 0
33.33.33.33 10 0 2 1 0
44.44.44.44 10 0 2 1 0
Number of ethernet segments: 2
ESI: 00:11:11:11:11:11:11:11:11:11
Status: Resolved by IFL ae0.100
Local interface: ae0.100, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote-PE MAC-label Aliasing-label Mode
22.22.22.22 17 17 all-active
DF Election Algorithm: MOD based
Designated forwarder: 11.11.11.11
Backup forwarder: 22.22.22.22
Last designated forwarder update: Dec 13 22:34:15
Advertised split horizon label: 19
ESI: 00:22:22:22:22:22:22:22:22:22
Status: Resolved by NH 25072
Number of remote PEs connected: 2
Remote-PE MAC-label Aliasing-label Mode
33.33.33.33 17 17 all-active
44.44.44.44 17 17 all-active
SMET Forwarding: Disabled
regress@r1-RE0-re0# run show mac-vrf forwarding mac-table
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static, C - Control MAC
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)
Ethernet switching table : 20 entries, 20 learned
Routing instance : evpn-vlan-bundle
Vlan MAC MAC Age Logical NH RTR
name address flags interface Index ID
bd2 00:00:aa:00:00:00 D - ae0.100 0 0
bd2 00:00:aa:00:00:01 D - ae0.100 0 0
<<Trimmed for concision
bd2 00:00:aa:00:00:08 D - ae0.100 0 0
bd2 00:00:aa:00:00:09 D - ae0.100 0 0
bd2 00:00:bb:00:00:00 DC - 25072 25072
bd2 00:00:bb:00:00:01 DC - 25072 25072
<<Trimmed for concision
bd2 00:00:bb:00:00:08 DC - 25072 25072
bd2 00:00:bb:00:00:09 DC - 25072 25072
{master}[edit]
regress@r1-RE0-re0# run show mac-vrf forwarding instance
Information for routing instance and VLAN:
Flags (DL - disable learning, SE - stats enabled,
AD - packet action drop, LH - MAC limit hit,
MI - mac+ip limit hit)
Inst Logical Routing VLAN name Index IRB Flags Tag
type system instance index
RTT Default __juniper_private1__ 1
RTT Default default-switch 52
vlan Default default-switch default 1 1
vlan Default default-switch v100-110-vlan-0100 2 100
RTT Default evpn-vlan-bundle 53
vlan Default evpn-vlan-bundle bd2 3 MD NA
regress@r1-RE0-re0# run show mac-vrf forwarding flood-group
FldGrp Name : __ves__+++1 MeshGrp Name: __ves__ Bd Name: default+1 Fgrp Flag: 0xc
Eamnh: 0x564aeaf4d990 id: 0 Flags: 1
Flood Route : 0x564aeaf4d450 Flood Token : 0x30002/51 Fnh id : 0
FldGrp Name : __all_ces__+++1 MeshGrp Name: __all_ces__ Bd Name: default+1 Fgrp Flag: 0xa
Eamnh: 0x564aeaf4db60 id: 0 Flags: 1
Flood Route : 0x564aeaf4db00 Flood Token : 0x30003/51 Fnh id : 0
FldGrp Name : __mlp_flood__+++1 MeshGrp Name: __mlp_flood__ Bd Name: default+1 Fgrp Flag: 0x40c
Eamnh: 0x564aeaf4dd30 id: 0 Flags: 1
Flood Route : 0x564aeaf4dcd0 Flood Token : 0x20001/51 Fnh id : 0
<<Trimmed for concision
FldGrp Name : __re_flood__+++3 MeshGrp Name: __re_flood__ Bd Name: bd2 Fgrp Flag: 0x4c
Eamnh: 0x564aeaf4ef70 id: 0 Flags: 1
Flood Route : 0x564aeaf4ef10 Flood Token : 0x40003/51 Fnh id : 57021
{master}[edit]
regress@r1-RE0-re0# run show evpn database
Instance: evpn-vlan-bundle
VLAN DomainId MAC address Active source Timestamp IP address
00:00:aa:00:00:00 00:11:11:11:11:11:11:11:11:11 Dec 13 22:29:24
00:00:aa:00:00:01 00:11:11:11:11:11:11:11:11:11 Dec 13 22:29:24
<<Trimmed for concision
00:00:aa:00:00:09 00:11:11:11:11:11:11:11:11:11 Dec 13 22:29:24
00:00:bb:00:00:00 00:22:22:22:22:22:22:22:22:22 Dec 13 22:39:47
00:00:bb:00:00:01 00:22:22:22:22:22:22:22:22:22 Dec 13 22:39:47
00:00:bb:00:00:02 00:22:22:22:22:22:22:22:22:22 Dec 13 22:39:47
<<Trimmed for concision
00:00:bb:00:00:09 00:22:22:22:22:22:22:22:22:22 Dec 13 22:39:47
Traffic Screenshot showing traffic flowing:
EVPN E-LAN (VLAN-Bundle) EP Style vlan-id-list
Configuration - EP Style vlan-id-list in A/A mode
In Active/Active we need to bundle the UNI links from CE node to the Multihomed PE so that the traffic is load balanced. Here we have VLAN-ID-LIST associated with the ae0.100 IFL which is attached to the Bridge Domain (BD) bd2 in Ethernet Virtual Instance (EVI). With just one IFL attached to bd2 in EVI, the ESI can be defined at IFD or IFL level.
For a single/active scenario the common ESI can be defined for both vlan-id in an EVI.
PE1 |
PE3 |
regress@r1-RE0-re0# show routing-instances evpn-vlan-bundle instance-type mac-vrf; protocols { evpn; } service-type vlan-bundle; route-distinguisher 11.11.11.11:1; vrf-target target:11:1; interface ae0.0 vlans { v100-110 { vlan-id-list 100-110; } } regress@r1-RE0-re0# show interfaces ae0 esi { 00:11:11:11:11:11:11:11:11:11; all-active; } aggregated-ether-options { lacp { active; system-id 00:00:00:00:11:01; } } unit 0 { family ethernet-switching { interface-mode trunk; vlan { members v100-110; } } }
regress@r1-RE0-re0# show vlans v100-110 { vlan-id-list 100-110; }
|
regress@r3-RE0-re0# show routing-instances evpn-vlan-bundle instance-type mac-vrf; protocols { evpn; } service-type vlan-bundle; route-distinguisher 33.33.33.33:1; vrf-target target:11:1; interface ae0.0 vlans { v100-110 { vlan-id-list 100-110; }
} regress@r3-RE0-re0# show interfaces ae0 esi { 00:22:22:22:22:22:22:22:22:22; all-active; } aggregated-ether-options { lacp { active; system-id 00:00:00:00:22:01; } } unit 0 { family ethernet-switching { interface-mode trunk; vlan { members v100-110; } } } regress@r1-RE0-re0# show vlans v100-110 { vlan-id-list 100-110; }
|
Operation: EP Style vlan-id-list in A/A mode, on PE1:
regress@r1-RE0-re0# run show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 11.11.11.11:0
Number of bridge domains: 0
Number of neighbors: 1
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
22.22.22.22 0 0 0 0 1
Instance: evpn-vlan-bundle
Route Distinguisher: 11.11.11.11:1
Service interface type: VLAN-bundle service interface
Per-instance MAC route label: 1691
Control word enabled
Duplicate MAC detection threshold: 5
Duplicate MAC detection window: 180
MAC database status Local Remote
MAC advertisements: 10 30
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 2 (2 up)
Interface name ESI Mode Status AC-Role
.local..53 00:00:00:00:00:00:00:00:00:00 single-homed Up Root
ae0.0 00:00:00:00:11:11:11:11:11:11 all-active Up Root
Number of IRB interfaces: 0 (0 up)
Number of protect interfaces: 0
Number of bridge domains: 11
VLAN Domain-ID Intfs/up IRB-intf Mode MAC-sync v4-SG-sync v6-SG-sync
100 1 1 Extended Enabled Disabled Disabled
101 1 1 Extended Enabled Disabled Disabled
<<Trimmed for concision
109 1 1 Extended Enabled Disabled Disabled
110 1 1 Extended Enabled Disabled Disabled
Number of neighbors: 3
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
22.22.22.22 10 0 12 1 0
33.33.33.33 10 0 12 1 0
44.44.44.44 10 0 12 1 0
Number of ethernet segments: 2
ESI: 00:00:00:00:11:11:11:11:11:11
Status: Resolved by IFL ae0.0
Local interface: ae0.0, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote-PE MAC-label Aliasing-label Mode
22.22.22.22 1539 1540 all-active
DF Election Algorithm: MOD based
Designated forwarder: 11.11.11.11
Backup forwarder: 22.22.22.22
Last designated forwarder update: Dec 25 22:16:33
Advertised split horizon label: 1704
ESI: 00:22:22:22:22:22:22:22:22:22
Status: Resolved by NH 25608
Number of remote PEs connected: 2
Remote-PE MAC-label Aliasing-label Mode
44.44.44.44 38 39 all-active
33.33.33.33 34 35 all-active
SMET Forwarding: Disabled
regress@r1-RE0-re0# run show evpn database
Instance: evpn-vlan-bundle
VLAN DomainId MAC address Active source Timestamp IP address
100 00:00:aa:00:00:00 00:00:00:00:11:11:11:11:11:11 Dec 25 22:16:21
100 00:00:aa:00:00:01 00:00:00:00:11:11:11:11:11:11 Dec 25 22:16:21
100 00:00:aa:00:00:02 00:00:00:00:11:11:11:11:11:11 Dec 25 22:16:21
<<Trimmed for concision
100 00:00:aa:00:00:08 00:00:00:00:11:11:11:11:11:11 Dec 25 22:16:22
100 00:00:aa:00:00:09 00:00:00:00:11:11:11:11:11:11 Dec 25 22:16:22
100 00:00:bb:00:00:00 00:22:22:22:22:22:22:22:22:22 Dec 25 22:16:23
100 00:00:bb:00:00:01 00:22:22:22:22:22:22:22:22:22 Dec 25 22:16:23
<<Trimmed for baveity reason
100 00:00:bb:00:00:09 00:22:22:22:22:22:22:22:22:22 Dec 25 22:16:25
101 00:00:aa:00:00:01 00:00:00:00:11:11:11:11:11:11 Dec 25 22:16:21
102 00:00:aa:00:00:02 00:00:00:00:11:11:11:11:11:11 Dec 25 22:16:21
<<Trimmed for baveity reason
109 00:00:aa:00:00:09 00:00:00:00:11:11:11:11:11:11 Dec 25 22:16:22
regress@r1-RE0-re0# run show mac-vrf forwarding instance
Information for routing instance and VLAN:
Flags (DL - disable learning, SE - stats enabled,
AD - packet action drop, LH - MAC limit hit,
MI - mac+ip limit hit)
Inst Logical Routing VLAN name Index IRB Flags Tag
type system instance index
RTT Default __juniper_private1__ 1
RTT Default default-switch 52
vlan Default default-switch default 1 1
vlan Default default-switch v100-110-vlan-0100 35 100
vlan Default default-switch v100-110-vlan-0101 25 101
<<Trimmed for concision
vlan Default default-switch v100-110-vlan-0110 34 110
RTT Default evpn-vlan-bundle 53
vlan Default evpn-vlan-bundle v100-110-vlan-0100 36 MD 100
vlan Default evpn-vlan-bundle v100-110-vlan-0101 37 MD 101
<<Trimmed for concision
vlan Default evpn-vlan-bundle v100-110-vlan-0109 45 MD 109
vlan Default evpn-vlan-bundle v100-110-vlan-0110 46 MD 110
regress@r1-RE0-re0# run show mac-vrf forwarding mac-table
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static, C - Control MAC
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)
Ethernet switching table : 29 entries, 29 learned
Routing instance : evpn-vlan-bundle
Vlan MAC MAC Age Logical NH RTR
name address flags interface Index ID
v100-110-vlan-0100 00:00:aa:00:00:00 D - ae0.0 0 0
v100-110-vlan-0100 00:00:aa:00:00:01 DRC - ae0.0 0 0
v100-110-vlan-0100 00:00:aa:00:00:02 DRC - ae0.0 0 0
<<Trimmed for concision
v100-110-vlan-0100 00:00:aa:00:00:07 DRC - ae0.0 0 0
v100-110-vlan-0100 00:00:aa:00:00:08 DRC - ae0.0 0 0
v100-110-vlan-0100 00:00:aa:00:00:09 DRC - ae0.0 0 0
v100-110-vlan-0100 00:00:bb:00:00:00 DC - 25608 25608
v100-110-vlan-0100 00:00:bb:00:00:01 DC - 25608 25608
v100-110-vlan-0100 00:00:bb:00:00:02 DC - 25608 25608
<<Trimmed for concision
v100-110-vlan-0100 00:00:bb:00:00:09 DC - 25608 25608
v100-110-vlan-0101 00:00:aa:00:00:01 D - ae0.0 0 0
v100-110-vlan-0102 00:00:aa:00:00:02 D - ae0.0 0 0
v100-110-vlan-0103 00:00:aa:00:00:03 D - ae0.0 0 0
<<Trimmed for concision
v100-110-vlan-0109 00:00:aa:00:00:09 D - ae0.0 0 0
Traffic Screenshot showing traffic flowing
EVPN E-LAN VLAN-AWARE-BUNDLE
All four PEs in the topology are BGP-EVPN PE and have the EVPN MAC-VRF instance setup. These PEs discover each other in the network, establish the EVPN sessions and exchange EVPN routes.
The current configuration is with Active-Active for the Multihomed PEs.
EVPN E-LAN (VLAN-Aware) SP Style vlan-id
Configuration - SP Style One to One mapping of BD to VLAN in A/A mode:
In Active/Active we need to bundle the UNI links from CE node to the Multihomed PE, so that the traffic is load balanced.
PE1 |
PE3 |
regress@r1-RE0-re0# show routing-instances evpn-vlan-aware instance-type mac-vrf; protocols { evpn; } service-type vlan-aware; route-distinguisher 11.11.11.11:1; vrf-target target:11:1; vlans { bd1 { vlan-id 1; interface ae0.1; } bd2 { vlan-id 2; interface ae0.2; } } regress@r1-RE0-re0# show interfaces ae0 flexible-vlan-tagging; encapsulation flexible-ethernet-services; esi { 00:11:11:11:11:11:11:11:11:11; all-active; } aggregated-ether-options { lacp { inactive: active; system-id 00:00:00:00:11:01; } } unit 1 { encapsulation vlan-bridge; vlan-id 1; } unit 2 { encapsulation vlan-bridge; vlan-id 2; }
|
regress@r3-RE0-re0# show routing-instances evpn-vlan-aware instance-type mac-vrf; protocols { evpn; } service-type vlan-aware; route-distinguisher 33.33.33.33:1; vrf-target target:11:1; vlans { bd1 { vlan-id 1; interface ae0.1; } bd2 { vlan-id 2; interface ae0.2; } }
regress@r3-RE0-re0# show interfaces ae0 flexible-vlan-tagging; encapsulation flexible-ethernet-services; esi { 00:22:22:22:22:22:22:22:22:22; all-active; } aggregated-ether-options { lacp { active; system-id 00:00:00:00:22:01; } } unit 1 { encapsulation vlan-bridge; vlan-id 1; } unit 2 { encapsulation vlan-bridge; vlan-id 2; }
|
Operational - SP Style One to One mapping of BD to VLAN in A/A mode, on PE1:
regress@r1-RE0-re0# run show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 11.11.11.11:0
Number of bridge domains: 0
Number of neighbors: 0
Instance: evpn-vlan-aware
Route Distinguisher: 11.11.11.11:1
Per-instance MAC route label: 50649
Control word enabled
Duplicate MAC detection threshold: 5
Duplicate MAC detection window: 180
MAC database status Local Remote
MAC advertisements: 2 0
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 3 (3 up)
Interface name ESI Mode Status AC-Role
.local..54 00:00:00:00:00:00:00:00:00:00 single-homed Up Root
ae0.1 00:11:11:11:11:11:11:11:11:11 all-active Up Root
ae0.2 00:11:11:11:11:11:11:11:11:11 all-active Up Root
Number of IRB interfaces: 0 (0 up)
Number of protect interfaces: 0
Number of bridge domains: 2
VLAN Domain-ID Intfs/up IRB-intf Mode MAC-sync v4-SG-sync v6-SG-sync
1 1 1 Extended Enabled Disabled Disabled
2 1 1 Extended Enabled Disabled Disabled
Number of neighbors: 1
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
44.44.44.44 0 0 3 2 0
Number of ethernet segments: 2
ESI: 00:11:11:11:11:11:11:11:11:11
Status: Resolved by IFL ae0.2
Local interface: ae0.1, Status: Up/Forwarding
DF Election Algorithm: MOD based
Designated forwarder: 11.11.11.11
Last designated forwarder update: Dec 05 10:03:04
Advertised split horizon label: 50661
ESI: 00:22:22:22:22:22:22:22:22:22
Status: Resolved per BD
Number of remote PEs connected: 1
Remote-PE MAC-label Aliasing-label Mode
44.44.44.44 0 0 all-active
Vlan: 1
Status: Resolved by NH 121646
Number of remote PEs connected: 1
Remote PE MAC label Aliasing label Mode
44.44.44.44 0 50248 all-active
Vlan: 2
Status: Resolved by NH 121647
Number of remote PEs connected: 1
Remote PE MAC label Aliasing label Mode
44.44.44.44 0 50249 all-active
SMET Forwarding: Disabled
regress@r1-RE0-re0# run show mac-vrf forwarding instance
Information for routing instance and VLAN:
Flags (DL - disable learning, SE - stats enabled,
AD - packet action drop, LH - MAC limit hit,
MI - mac+ip limit hit)
Inst Logical Routing VLAN name Index IRB Flags Tag
type system instance index
RTT Default __juniper_private1__ 1
RTT Default default-switch 52
vlan Default default-switch default 2 1
RTT Default evpn-vlan-aware 54
vlan Default evpn-vlan-aware bd1 3 1
vlan Default evpn-vlan-aware bd2 4 2
{master}[edit]
regress@r1-RE0-re0# run show mac-vrf forwarding mac-table
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static, C - Control MAC
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)
Ethernet switching table : 2 entries, 2 learned
Routing instance : evpn-vlan-aware
Vlan MAC MAC Age Logical NH RTR
name address flags interface Index ID
bd1 00:00:00:01:00:01 D - ae0.1 0 0
bd2 00:00:00:11:00:01 D - ae0.2 0 0
{master}[edit]
regress@r1-RE0-re0# run show mac-vrf forwarding flood
Name: default-switch
CEs: 0
VEs: 0
VLAN Name: default
Name: evpn-vlan-aware
CEs: 2
VEs: 0
VLAN Name: bd1
Flood Routes:
Prefix Type Owner NhType NhIndex
0x30006/51 FLOOD_GRP_COMP_NH __ves__ comp 57106
0x30007/51 FLOOD_GRP_COMP_NH __all_ces__ comp 57098
0x40003/51 FLOOD_GRP_COMP_NH __re_flood__ comp 57099
VLAN Name: bd2
Flood Routes:
Prefix Type Owner NhType NhIndex
0x30008/51 FLOOD_GRP_COMP_NH __ves__ comp 57107
0x30009/51 FLOOD_GRP_COMP_NH __all_ces__ comp 57100
0x40004/51 FLOOD_GRP_COMP_NH __re_flood__ comp 57101
{master}[edit]
regress@r1-RE0-re0# run show mac-vrf forwarding flood-group
FldGrp Name : __ves__+++2 MeshGrp Name: __ves__ Bd Name: default+1 Fgrp Flag: 0xc
Eamnh: 0x558414a0d220 id: 0 Flags: 1
Flood Route : 0x558415437b30 Flood Token : 0x30002/51 Fnh id : 0
FldGrp Name : __all_ces__+++2 MeshGrp Name: __all_ces__ Bd Name: default+1 Fgrp Flag: 0xa
Eamnh: 0x558414a1def0 id: 0 Flags: 1
Flood Route : 0x5584187c2250 Flood Token : 0x30003/51 Fnh id : 0
<<Trimmed for concision
{master}[edit]
regress@r1-RE0-re0# run show mac-vrf forwarding statistics
Local interface: ae0.2, Index: 33215
Current MAC count: 1 (Limit 65536)
Local interface: ae0.1, Index: 33214
Current MAC count: 1 (Limit 65536)
Traffic Screenshot showing traffic flowing:
EVPN E-LAN (VLAN-Aware) EP Style vlan-id-list
Configuration - EP Style vlan-id-list in A/A mode:
In Active/Active, we need to bundle the UNI links from CE node to the Multi-homed PE, so that the traffic is load balanced.
.
PE1 |
PE3 |
regress@r1-RE0-re0> show configuration interfaces ae0 esi { 00:11:11:11:11:11:11:11:11:11; all-active; } aggregated-ether-options { lacp { inactive: active; system-id 00:00:00:00:11:01; } } unit 0 { family ethernet-switching { interface-mode trunk; vlan { members v100-110; } } }
regress@r1-RE0-re0> show configuration routing-instances evpn-vlan-aware instance-type mac-vrf; protocols { evpn; } service-type vlan-aware; interface ae0.0; route-distinguisher 11.11.11.11:1; vrf-target target:11:1; vlans { v100-110 { vlan-id-list 100-110; } }
|
regress@r3-RE0-re0> show configuration interfaces ae0 esi { 00:22:22:22:22:22:22:22:22:22; all-active; } aggregated-ether-options { lacp { inactive: active; system-id 00:00:00:00:22:01; } } unit 0 { family ethernet-switching { interface-mode trunk; vlan { members v100-110; } } }
regress@r3-RE0-re0> show configuration routing-instances evpn-vlan-aware instance-type mac-vrf; protocols { evpn; } service-type vlan-aware; interface ae0.0; route-distinguisher 33.33.33.33:1; vrf-target target:11:1; vlans { v100-110 { vlan-id-list 100-110; } }
|
Operational - EP Style vlan-id-list in A/A mode, on PE1:
regress@r1-RE0-re0> show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 11.11.11.11:0
Number of bridge domains: 0
Number of neighbors: 1
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
22.22.22.22 0 0 0 0 1
Instance: evpn-vlan-aware
Route Distinguisher: 11.11.11.11:1
Per-instance MAC route label: 16
Control word enabled
Duplicate MAC detection threshold: 5
Duplicate MAC detection window: 180
MAC database status Local Remote
MAC advertisements: 10 30
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 2 (2 up)
Interface name ESI Mode Status AC-Role
.local..53 00:00:00:00:00:00:00:00:00:00 single-homed Up Root
ae0.0 00:11:11:11:11:11:11:11:11:11 all-active Up Root
Number of IRB interfaces: 0 (0 up)
Number of protect interfaces: 0
Number of bridge domains: 11
VLAN Domain-ID Intfs/up IRB-intf Mode MAC-sync v4-SG-sync v6-SG-sync
100 1 1 Extended Enabled Disabled Disabled
101 1 1 Extended Enabled Disabled Disabled
102 1 1 Extended Enabled Disabled Disabled
103 1 1 Extended Enabled Disabled Disabled
104 1 1 Extended Enabled Disabled Disabled
105 1 1 Extended Enabled Disabled Disabled
106 1 1 Extended Enabled Disabled Disabled
107 1 1 Extended Enabled Disabled Disabled
108 1 1 Extended Enabled Disabled Disabled
109 1 1 Extended Enabled Disabled Disabled
110 1 1 Extended Enabled Disabled Disabled
Number of neighbors: 3
Address MAC MAC+IP AD IM ES Leaf-label Remote-DCI-Peer
22.22.22.22 10 0 12 11 0
33.33.33.33 10 0 12 11 0
44.44.44.44 10 0 12 11 0
Number of ethernet segments: 2
ESI: 00:11:11:11:11:11:11:11:11:11
Status: Resolved by IFL ae0.0
Local interface: ae0.0, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote-PE MAC-label Aliasing-label Mode
22.22.22.22 0 0 all-active
Vlan: 100
Status: Resolved by IFL ae0.0
Number of remote PEs connected: 1
Remote PE MAC label Aliasing label Mode
22.22.22.22 17 17 all-active
Vlan: 101
Status: Resolved by IFL ae0.0
Number of remote PEs connected: 1
Remote PE MAC label Aliasing label Mode
22.22.22.22 18 18 all-active
<<Trimmed for baveity reason
DF Election Algorithm: MOD based
Designated forwarder: 11.11.11.11
Backup forwarder: 22.22.22.22
Last designated forwarder update: Dec 15 02:30:06
Advertised split horizon label: 28
ESI: 00:22:22:22:22:22:22:22:22:22
Status: Resolved per BD
Number of remote PEs connected: 2
Remote-PE MAC-label Aliasing-label Mode
33.33.33.33 0 0 all-active
44.44.44.44 0 0 all-active
Vlan: 100
Status: Resolved by NH 25197
Number of remote PEs connected: 2
Remote PE MAC label Aliasing label Mode
33.33.33.33 17 17 all-active
44.44.44.44 17 17 all-active
Vlan: 101
Status: Resolved by NH 25207
Number of remote PEs connected: 2
Remote PE MAC label Aliasing label Mode
33.33.33.33 18 18 all-active
44.44.44.44 18 18 all-active
<<Trimmed for concision
regress@r1-RE0-re0> show mac-vrf forwarding instance
Information for routing instance and VLAN:
Flags (DL - disable learning, SE - stats enabled,
AD - packet action drop, LH - MAC limit hit,
MI - mac+ip limit hit)
Inst Logical Routing VLAN name Index IRB Flags Tag
type system instance index
RTT Default __juniper_private1__ 1
RTT Default default-switch 52
vlan Default default-switch default 1 1
vlan Default default-switch v100-110-vlan-0100 2 100
RTT Default evpn-vlan-aware 53
vlan Default evpn-vlan-aware v100-110-vlan-0100 3 100
vlan Default evpn-vlan-aware v100-110-vlan-0101 4 101
vlan Default evpn-vlan-aware v100-110-vlan-0102 5 102
vlan Default evpn-vlan-aware v100-110-vlan-0103 6 103
vlan Default evpn-vlan-aware v100-110-vlan-0104 7 104
vlan Default evpn-vlan-aware v100-110-vlan-0105 8 105
vlan Default evpn-vlan-aware v100-110-vlan-0106 9 106
vlan Default evpn-vlan-aware v100-110-vlan-0107 10 107
vlan Default evpn-vlan-aware v100-110-vlan-0108 11 108
vlan Default evpn-vlan-aware v100-110-vlan-0109 12 109
vlan Default evpn-vlan-aware v100-110-vlan-0110 13 110
regress@r1-RE0-re0> show mac-vrf forwarding mac-table
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static, C - Control MAC
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)
Ethernet switching table : 20 entries, 20 learned
Routing instance : evpn-vlan-aware
Vlan MAC MAC Age Logical NH RTR
name address flags interface Index ID
v100-110-vlan-0100 00:00:aa:00:00:00 D - ae0.0 0 0
v100-110-vlan-0100 00:00:bb:00:00:00 DC - 25197 25197
v100-110-vlan-0101 00:00:aa:00:00:01 D - ae0.0 0 0
v100-110-vlan-0101 00:00:bb:00:00:01 DC - 25207 25207
v100-110-vlan-0102 00:00:aa:00:00:02 D - ae0.0 0 0
<<Trimmed for concision
v100-110-vlan-0109 00:00:aa:00:00:09 D - ae0.0 0 0
v100-110-vlan-0109 00:00:bb:00:00:09 DC - 25215 25215
regress@r1-RE0-re0> show mac-vrf forwarding flood-group
FldGrp Name : __ves__+++1 MeshGrp Name: __ves__ Bd Name: default+1 Fgrp Flag: 0xc
Eamnh: 0x55909ebe7690 id: 0 Flags: 1
Flood Route : 0x55909ebe7360 Flood Token : 0x30002/51 Fnh id : 0
FldGrp Name : __all_ces__+++1 MeshGrp Name: __all_ces__ Bd Name: default+1 Fgrp Flag: 0xa
Eamnh: 0x55909ebe7ce0 id: 0 Flags: 1
Flood Route : 0x55909ebe79c0 Flood Token : 0x30003/51 Fnh id : 0
FldGrp Name : __mlp_flood__+++1 MeshGrp Name: __mlp_flood__ Bd Name: default+1 Fgrp Flag: 0x40c
Eamnh: 0x55909ebe8340 id: 0 Flags: 1
Flood Route : 0x55909ebe8010 Flood Token : 0x20001/51 Fnh id : 0
FldGrp Name : __re_flood__+++1 MeshGrp Name: __re_flood__ Bd Name: default+1 Fgrp Flag: 0x4c
Eamnh: 0x55909ebe89a0 id: 0 Flags: 1
Flood Route : 0x55909ebe8670 Flood Token : 0x40001/51 Fnh id : 0
FldGrp Name : __ves__+++2 MeshGrp Name: __ves__ Bd Name: v100-110-vlan-0100+100 Fgrp Flag: 0xc
Eamnh: 0x55909fa6f340 id: 0 Flags: 1
Flood Route : 0x55909ebf7050 Flood Token : 0x30004/51 Fnh id : 0
<<Trimmed for brevity reasons
Traffic Screenshot showing traffic flowing.
EVPN E-LAN – 3300 Instance Scale Script
All the Express4 based platform supports 3300 E-LAN instances. Use the below script to generate configuration for E-LAN using vlan-based service type.
EVPN E-LAN 3300 instances Scaling - Script:
outervlan = 1
ifl =
local = 1
remote = 16001
file1 = open('r1.txt', 'w')
file2 = open('r2.txt', 'w')
file3 = open('r3.txt', 'w')
file4 = open('r4.txt', 'w')
file5 = open('r5.txt', 'w')
file6 = open('r7.txt', 'w')
while outervlan < 2:
innervlan = 1
while innervlan < 3301:
#print("set interfaces ae0 unit ", ifl, " vlan-tags outer ", outervlan, " inner ", innervlan)
#s = "set interfaces ae0 unit " + str(ifl) + " vlan-tags outer " + str(outervlan) + " inner " + str(innervlan) + "\n"
s = "set interfaces ae0 unit " + str(ifl) + " vlan-id " + str(innervlan) + "\n"
s0 = "set interfaces ae0 unit " + str(ifl) + " encapsulation vlan-bridge" + "\n"
s1 = "set routing-instances vlanbased-2k" + str(ifl) + " instance-type mac-vrf service-type vlan-based" + "\n"
s3 = "set routing-instances vlanbased-2k" + str(ifl) + " vrf-target target:11:" + str(ifl) + "\n"
s8 = "set interfaces ae0 unit " + str(ifl) + " encapsulation vlan-bridge" + "\n"
r1s2 = "set routing-instances vlanbased-2k" + str(ifl) + " route-distinguisher 1.11.11.11:" + str(ifl) + "\n"
r1s3 = "set routing-instances vlanbased-2k" + str(ifl) + " vlans bd" + str(ifl) + " vlan-id " + str(innervlan) + " interface ae0." + str(ifl) + "\n"
r1s4 = "set routing-instances vlanbased-2k" + str(ifl) + " protocols evpn \n"
r2s2 = "set routing-instances vlanbased-2k" + str(ifl) + " route-distinguisher 22.22.22.22:" + str(ifl) + "\n"
r2s3 = "set routing-instances vlanbased-2k" + str(ifl) + " vlans bd" + str(ifl) + " vlan-id " + str(innervlan) + " interface ae0." + str(ifl) + "\n"
r2s4 = "set routing-instances vlanbased-2k" + str(ifl) + " protocols evpn \n"
r3s2 = "set routing-instances vlanbased-2k" + str(ifl) + " route-distinguisher 33.33.33.33:" + str(ifl) + "\n"
r3s3 = "set routing-instances vlanbased-2k" + str(ifl) + " vlans bd" + str(ifl) + " vlan-id " + str(innervlan) + " interface ae0." + str(ifl) + "\n"
r3s4 = "set routing-instances vlanbased-2k" + str(ifl) + " protocols evpn \n"
r4s2 = "set routing-instances vlanbased-2k" + str(ifl) + " route-distinguisher 44.44.44.44:" + str(ifl) + "\n"
r4s3 = "set routing-instances vlanbased-2k" + str(ifl) + " vlans bd" + str(ifl) + " vlan-id " + str(innervlan) + " interface ae0." + str(ifl) + "\n"
r4s4 = "set routing-instances vlanbased-2k" + str(ifl) + " protocols evpn \n"
s5 = "set bridge-domains bd" + str(ifl) + " vlan-tags outer " + str(outervlan) + " inner " + str(innervlan) + "\n"
s6 = "set bridge-domains bd" + str(ifl) + " interface ae0." + str(ifl) + "\n"
s7 = "set bridge-domains bd" + str(ifl) + " bridge-options no-mac-learning" + "\n"
#r5s1 = "set interfaces ge-0/0/2 unit " + str(ifl) + " vlan-tags outer " + str(outervlan) + " inner " + str(innervlan) + "\n"
r5s1 = "set interfaces ge-0/0/2 unit " + str(ifl) + " vlan-id " + str(innervlan) + "\n"
r5s2 = "set interfaces ge-0/0/2 unit " + str(ifl) + " encapsulation vlan-bridge " + "\n"
r5s3 = "set bridge-domains bd" + str(ifl) + " interface ge-0/0/2." + str(ifl) + "\n"
#r7s1 = "set interfaces ge-0/0/0 unit " + str(ifl) + " vlan-tags outer " + str(outervlan) + " inner " + str(innervlan) + "\n"
r7s1 = "set interfaces ge-0/0/0 unit " + str(ifl) + " vlan-id " + str(innervlan) + "\n"
r7s2 = "set interfaces ge-0/0/0 unit " + str(ifl) + " encapsulation vlan-bridge " + "\n"
r7s3 = "set bridge-domains bd" + str(ifl) + " interface ge-0/0/0." + str(ifl) + "\n"
file1.write(s)
file1.write(s1)
file1.write(s3)
file1.write(s8)
file1.write(r1s2)
file1.write(r1s3)
file1.write(r1s4)
file2.write(s)
file2.write(s1)
file2.write(s3)
file2.write(s8)
file2.write(r2s2)
file2.write(r2s3)
file2.write(r2s4)
file3.write(s)
file3.write(s1)
file3.write(s3)
file3.write(s8)
file3.write(r3s2)
file3.write(r3s3)
file3.write(r3s4)
file4.write(s)
file4.write(s1)
file4.write(s3)
file4.write(s8)
file4.write(r4s2)
file4.write(r4s3)
file4.write(r4s4)
file5.write(s)
file5.write(s0)
file5.write(s5)
file5.write(s6)
file5.write(s7)
file5.write(r5s1)
file5.write(r5s2)
file5.write(r5s3)
file6.write(s)
file6.write(s0)
file6.write(s5)
file6.write(s6)
file6.write(s7)
file6.write(r7s1)
file6.write(r7s2)
file6.write(r7s3)
innervlan += 1
ifl += 1
local += 1
remote += 1
outervlan += 1
Configuration Snippets
Underlay Configuration – MPLS/OSPF:
PE1 |
PE2 |
regress@r1-re0# show interfaces et-0/0/1 { unit 0 { description to-r4; family inet { address 14.1.1.1/30; } family mpls; } } et-0/0/3 { unit 0 { description to-r2; family inet { address 12.1.1.1/30; } family mpls; } } et-0/0/5 { unit 0 { description to-r3; family inet { address 13.1.1.1/30; } family mpls; } } et-0/0/7 { description "To R5"; ether-options { 802.3ad ae0; } } lo0 { unit 0 { family inet { address 11.11.11.11/32; } } }
regress@r1-re0# show protocols bgp { group ibgp { type internal; local-address 11.11.11.11; family evpn { signaling; } neighbor 44.44.44.44; neighbor 33.33.33.33; neighbor 22.22.22.22; } } ldp { interface all; interface fxp0.0 { disable; } } mpls { interface all; interface fxp0.0 { disable; } } ospf { area 0.0.0.0 { interface et-0/0/1.0; interface et-0/0/3.0; interface et-0/0/5.0; interface lo0.0 { passive; } } } lldp { interface all; }
regress@r1-re0# show routing-options router-id 11.11.11.11; autonomous-system 64512;
|
regress@r2-re0# show interfaces et-0/0/1 { unit 0 { description to-r3; family inet { address 23.1.1.1/30; } family mpls; } } et-0/0/3 { unit 0 { description to-r1; family inet { address 12.1.1.2/30; } family mpls; } } et-0/0/5 { unit 0 { description to-r4; family inet { address 24.1.1.1/30; } family mpls; } } et-0/0/9 { description "To R5"; ether-options { 802.3ad ae0; } } lo0 { unit 0 { family inet { address 22.22.22.22/32; } } }
regress@r2-re0# show protocols bgp { group ibgp { type internal; local-address 22.22.22.22; family evpn { signaling; } neighbor 11.11.11.11; neighbor 44.44.44.44; neighbor 33.33.33.33; } } ldp { interface all; interface fxp0.0 { disable; } } mpls { interface all; interface fxp0.0 { disable; } } ospf { area 0.0.0.0 { interface et-0/0/1.0; interface et-0/0/3.0; interface et-0/0/5.0; interface lo0.0 { passive; } } } lldp { interface all; }
regress@r2-re0# show routing-options router-id 22.22.22.22; autonomous-system 64512;
|
PE3 |
PE4 |
regress@r3-re0# show interfaces et-0/0/1 { unit 0 { description to-r2; family inet { address 23.1.1.2/30; } family mpls; } } et-0/0/3 { unit 0 { description to-r1; family inet { address 13.1.1.2/30; } family mpls; } } et-0/0/5 { unit 0 { description to-r4; family inet { address 34.1.1.1/30; } family mpls; } } et-0/0/7 { description "To R7"; ether-options { 802.3ad ae0; } } lo0 { unit 0 { family inet { address 33.33.33.33/32; } } }
regress@r3-re0# show protocols bgp { group ibgp { type internal; local-address 33.33.33.33; family evpn { signaling; } neighbor 11.11.11.11; neighbor 22.22.22.22; neighbor 44.44.44.44; } } ldp { interface all; interface fxp0.0 { disable; } } mpls { interface all; interface fxp0.0 { disable; } } ospf { area 0.0.0.0 { interface et-0/0/1.0; interface et-0/0/3.0; interface et-0/0/5.0; interface lo0.0 { passive; } } } lldp { interface all; }
regress@r3-re0# show routing-options router-id 33.33.33.33; autonomous-system 64512;
|
regress@r4-re0# show interfaces et-0/0/1 { unit 0 { description to-r1; family inet { address 14.1.1.2/30; } family mpls; } } et-0/0/3 { unit 0 { description to-r2; family inet { address 24.1.1.2/30; } family mpls; } } et-0/0/5 { unit 0 { description to-r3; family inet { address 34.1.1.2/30; } family mpls; } } et-0/0/7 { description "To R7"; ether-options { 802.3ad ae0; } } lo0 { unit 0 { family inet { address 44.44.44.44/32; } } }
regress@r4-re0# show protocols bgp { group ibgp { type internal; local-address 44.44.44.44; family evpn { signaling; } neighbor 11.11.11.11; neighbor 22.22.22.22; neighbor 33.33.33.33; } } ldp { interface all; interface fxp0.0 { disable; } } mpls { interface all; interface fxp0.0 { disable; } } ospf { area 0.0.0.0 { interface et-0/0/1.0; interface et-0/0/3.0; interface et-0/0/5.0; interface lo0.0 { passive; } } } lldp { interface all; }
regress@r4-re0# show routing-options router-id 44.44.44.44; autonomous-system 64512;
|
Underlay Configuration – SR, ISIS:
PE1 |
PE2 |
regress@r1-re0# show interfaces et-0/0/1 { unit 0 { description to-r4; family inet { address 14.1.1.1/30; } family mpls; family iso; } } et-0/0/3 { unit 0 { description to-r2; family inet { address 12.1.1.1/30; } family mpls; family iso; } } et-0/0/5 { unit 0 { description to-r3; family inet { address 13.1.1.1/30; } family mpls; family iso; } } et-0/0/7 { description "To R5"; ether-options { 802.3ad ae0; } } lo0 { unit 0 { family inet { address 11.11.11.11/32; } family iso { address 49.0001.1111.1111.00 } } }
regress@r1-re0# show protocols bgp { group ibgp { type internal; local-address 11.11.11.11; family evpn { signaling; } neighbor 44.44.44.44; neighbor 33.33.33.33; neighbor 22.22.22.22; } } isis { interface all { point-to-point; } interface fxp0.0 { disable; } source-packet-routing { node-segment ipv4-index 1001; } level 2 wide-metrics-only; level 1 disable; } mpls { interface all; interface fxp0.0 { disable; } } lldp { interface all; }
regress@r1-re0# show routing-options router-id 11.11.11.11; autonomous-system 64512;
|
regress@r2-re0# show interfaces et-0/0/1 { unit 0 { description to-r3; family inet { address 23.1.1.1/30; } family mpls; family iso; } } et-0/0/3 { unit 0 { description to-r1; family inet { address 12.1.1.2/30; } family mpls; family iso; } } et-0/0/5 { unit 0 { description to-r4; family inet { address 24.1.1.1/30; } family mpls; family iso; } } et-0/0/9 { description "To R5"; ether-options { 802.3ad ae0; } } lo0 { unit 0 { family inet { address 22.22.22.22/32; } family iso { address 49.0001.2222.2222.00 } } }
regress@r2-re0# show protocols bgp { group ibgp { type internal; local-address 22.22.22.22; family evpn { signaling; } neighbor 11.11.11.11; neighbor 44.44.44.44; neighbor 33.33.33.33; } } isis { interface all { point-to-point; } interface fxp0.0 { disable; } source-packet-routing { node-segment ipv4-index 1002; } level 2 wide-metrics-only; level 1 disable; } mpls { interface all; interface fxp0.0 { disable; } } lldp { interface all; } regress@r2-re0# show routing-options router-id 22.22.22.22; autonomous-system 64512;
|
PE3 |
PE4 |
regress@r3-re0# show interfaces et-0/0/1 { unit 0 { description to-r2; family inet { address 23.1.1.2/30; } family mpls; family iso; } } et-0/0/3 { unit 0 { description to-r1; family inet { address 13.1.1.2/30; } family mpls; family iso; } } et-0/0/5 { unit 0 { description to-r4; family inet { address 34.1.1.1/30; } family mpls; family iso; } } et-0/0/7 { description "To R7"; ether-options { 802.3ad ae0; } } lo0 { unit 0 { family inet { address 33.33.33.33/32; } family iso { address 49.0001.3333.3333.00 } } }
regress@r3-re0# show protocols bgp { group ibgp { type internal; local-address 33.33.33.33; family evpn { signaling; } neighbor 11.11.11.11; neighbor 22.22.22.22; neighbor 44.44.44.44; } } isis { interface all { point-to-point; } interface fxp0.0 { disable; } source-packet-routing { node-segment ipv4-index 1003; } level 2 wide-metrics-only; level 1 disable; } mpls { interface all; interface fxp0.0 { disable; } } lldp { interface all; }
regress@r3-re0# show routing-options router-id 33.33.33.33; autonomous-system 64512;
|
regress@r4-re0# show interfaces et-0/0/1 { unit 0 { description to-r1; family inet { address 14.1.1.2/30; } family mpls; family iso; } } et-0/0/3 { unit 0 { description to-r2; family inet { address 24.1.1.2/30; } family mpls; family iso; } }
et-0/0/5 { unit 0 { description to-r3; family inet { address 34.1.1.2/30; } family mpls; family iso; } } et-0/0/7 { description "To R7"; ether-options { 802.3ad ae0; } } lo0 { unit 0 { family inet { address 44.44.44.44/32; } family iso { address 49.0001.4444.4444.00 } } }
regress@r4-re0# show protocols bgp { group ibgp { type internal; local-address 44.44.44.44; family evpn { signaling; } neighbor 11.11.11.11; neighbor 22.22.22.22; neighbor 33.33.33.33; } } isis { interface all { point-to-point; } interface fxp0.0 { disable; } source-packet-routing { node-segment ipv4-index 1004; } level 2 wide-metrics-only; level 1 disable; } mpls { interface all; interface fxp0.0 { disable; } } lldp { interface all; } regress@r4-re0# show routing-options router-id 44.44.44.44; autonomous-system 64512;
|
CE Configuration in EPL, A/A mode
CE1 |
CE2 |
regress@r5_re0# show interfaces ge-0/0/0 { description "To R2"; gigether-options { 802.3ad ae0; } } ge-0/0/1 { description "To R1"; gigether-options { 802.3ad ae0; } } ge-0/0/2 { description "To IXIA - (10.49.119.55)"; flexible-vlan-tagging; encapsulation flexible-ethernet-services; unit 0 { encapsulation ethernet-bridge; } } ae0 { description "Connected to PE1"; flexible-vlan-tagging; encapsulation flexible-ethernet-services; aggregated-ether-options { lacp { active; system-id 00:00:00:00:11:02; } } unit 1 { encapsulation ethernet-bridge; } }
|
regress@r7_re0# show interfaces ge-0/0/0 { description "To IXIA –“; flexible-vlan-tagging; encapsulation flexible-ethernet-services; unit 0 { encapsulation ethernet-bridge; } } ge-0/0/1 { description "To R3"; gigether-options { 802.3ad ae0; } } ge-0/0/2 { description "To R4"; gigether-options { 802.3ad ae0; } } ae0 { description "Connected to PE3-4"; flexible-vlan-tagging; encapsulation flexible-ethernet-services; aggregated-ether-options { lacp { active; } } unit 0 { encapsulation ethernet-bridge; } }
|
CE Configuration in EPL & Dual-Tag with A/A mode:
CE1 |
CE2 |
regress@R5-RE0> show configuration interfaces ge-0/0/0 { description "To R2"; gigether-options { 802.3ad ae0; } } ge-0/0/1 { description "To R1"; gigether-options { 802.3ad ae0; } } ge-0/0/2 { description "To IXIA"; flexible-vlan-tagging; encapsulation flexible-ethernet-services; unit 1 { encapsulation vlan-bridge; vlan-tags outer 1 inner 2; } } ae0 { description "Connected to PE1"; flexible-vlan-tagging; encapsulation flexible-ethernet-services; aggregated-ether-options { lacp { active; system-id 00:00:00:00:11:02; }
} unit 1 { encapsulation vlan-bridge; vlan-tags outer 1 inner 2; } }
regress@R5-RE0> show configuration bridge-domains bd1 { vlan-tags outer 1 inner 2; interface ae0.1; interface ge-0/0/2.1; bridge-options { no-mac-learning; } }
|
regress@R7-RE0> show configuration interfaces ge-0/0/0 { description "To IXXIA"; flexible-vlan-tagging; encapsulation flexible-ethernet-services; unit 1 { encapsulation vlan-bridge; vlan-tags outer 1 inner 2; } } ge-0/0/1 { description "To R3"; gigether-options { 802.3ad ae0; } } ge-0/0/2 { description "To R4"; gigether-options { 802.3ad ae0; } } ae0 { description "Connected to PE1"; flexible-vlan-tagging; encapsulation flexible-ethernet-services; aggregated-ether-options { lacp { active; system-id 00:00:00:00:22:02; } } unit 1 { encapsulation vlan-bridge; vlan-tags outer 1 inner 2; } } regress@R7-RE0> show configuration bridge-domains bd1 { vlan-tags outer 1 inner 2; interface ae0.1; interface ge-0/0/0.1; bridge-options { no-mac-learning; } }
|
Glossary
- BDF Backup Designated Forwarder
- BGP Border Gateway Protocol
- CE Customer Edge
- DF Designated Forwarder
- EPL Ethernet Private Line
- ESI Ethernet Segment Identifier
- EVI EVPN Instance
- EVPL Ethernet Virtual Private Line
- EVPN Ethernet VPN
- IRB Integrated Routing and Bridging
- MEF Metro Ethernet Forum
- LACP Link Aggregation Control Protocol
- LAG Link Aggregation
- NDF Non-Designated Forwarder
- PE Provider Edge
- VPN Virtual Private Network
- VPWS Virtual Private Wired Service
Acknowledgement
Thanks to Nicolas Fevrier, Vasily Mukhin, Anand Beedi for their feedback and review comments on this document.
Feedback
Revision History
Version |
Author(s) |
Date |
Comments |
1 |
Ramdas Machat |
January 2023 |
First public publication |
#Validation#PTXSeries