Does "Type VRF" and the default switch play ok together? QFX
In a nutshell, I do not want to convert the bridge overlay to mac-vrf.
Migration
|
Bridge Overlay ( Before )
|
Bridge overlay ( After )
|
Layer 3
( Before )
|
Layer 3 ( Afte
|
Core ( MX )
|
Type virtual switch
|
Type virtual switch ( will eventually be shutdown )
|
Type Virtual Router
|
Type VRF
( will eventually be shutdown )
|
Edge ( QFX )
|
Default switch ( no routing instance )
|
Default switch ( no routing instance )
|
N/A no Layer 3
|
Type VRF
|
I'm planning a customer migration of an EVPN VXLAN CRB design to ERB architecture.
This is currently configured as a virtual router and a virtual switch on the pair of core MX devices, and on the edge Just the default switch for the bridge overlay. This was the best practice at the time of deployment. There are several Layer3 routing instances for security on the core.
Most of the ERB examples from Juniper combine.
Instance type "vrf" with Instance type "mac-vrf"
The customer has a single bridged overlay. I can see no pressing need for mac-vrf. Changing this would be a huge challenge , probably requiring downtime for the whole network ( complete impossibility ).
I've tested this combination in a virtual environment ( EVE-NG ), and it works perfectly.
However, I would NOT wish to stray too far from what Juniper would consider their reference designs.
root@LAB-DIST-B_LAB# show routing-instances
CAMPUS-VRF {
instance-type vrf;
protocols {
evpn {
irb-symmetric-routing {
vni 100007;
}
ip-prefix-routes {
advertise direct-nexthop;
encapsulation vxlan;
vni 100007;
}
}
}
interface irb.778;
route-distinguisher 10.245.123.12:7;
vrf-target target:65123:7;
}
[edit]
root@LAB-DIST-B_LAB# show protocols evpn
encapsulation vxlan;
default-gateway no-gateway-community;
extended-vni-list all;
[edit]
root@LAB-DIST-B_LAB# show switch-options
vtep-source-interface lo0.0;
route-distinguisher 10.245.123.12:1;
vrf-import EVPN_IMPORT;
vrf-target {
target:65123:9999;
auto;
}
[edit]
root@LAB-DIST-B_LAB# show vlans
VLAN10 {
vlan-id 10;
vxlan {
vni 10;
}
}
VLAN1234 {
vlan-id 1234;
vxlan {
vni 1234;
}
}
------------------------------
JNCIE-ENT 907
------------------------------