Data Center

 View Only
last person joined: 19 days ago 

Ask questions and share experiences about Data Center Architecture and approaches.
  • 1.  EVPN-BGP-VXLAN What is the purpose of gateway community ?

    Posted 04-21-2023 23:23

    Hi everyone,
    I am curious about the purpose of gateway community in  EVPN  BGP VXLAN when announcing gateway MAC IP
    I have a sample config on vQFX VTEP ( L2/L3 gateway):
    root@S1# show protocols evpn | display set
    set protocols evpn encapsulation vxlan
    set protocols evpn extended-vni-list all
    set protocols evpn default-gateway no-gateway-community

    root@S1# show interfaces irb.700 | display set
    set interfaces irb unit 700 family inet address 172.17.1.1/24

    As expected , when I  look at the capture, there is no gateway community announced for Typ2 MAC/IP route for gateway irb.700

    I modified the config to announce gateway MAC/IP type 2 route along with gateway community:

    root@S1# set protocols evpn default-gateway advertise

    Indeed MAC/IP Type 2 route for irb.700 is announced  along with gateway community  but it carries no valuable info , so what is the point  of announcing gateway community then?




























    ------------------------------
    zee
    ------------------------------


  • 2.  RE: EVPN-BGP-VXLAN What is the purpose of gateway community ?

    Posted 06-01-2023 11:37

    Hi Lee,

    This needs to be configured if virtual-gateway-address is configured. When anycast IP is used as the gateway, then MAC needs to synch between spines. MAC is synched by 'default gateway extended community' and this is enabled by default. However, when virtual-gateway-address is used, a VRRP based MAC "00:00:5e:00:01:01" is used on both the spines, so MAC synch is not needed. There is no need for 'default gateway extended community' . To stop the CLI knob, 'no-gateway-community' is used.  If you do not use this knob, Leafs can program IRB MAC in PFE and can cause forwarding issues.

    If anycast MAC (Statically Defined IRB Interface MAC Address on both spines) is used, then 'no-gateway-community' must be used.

    set protocols evpn default-gateway no-gateway-community

    If you do not want to advertise IRB MAC, then use 'do-not-advertise'

    set protocols evpn default-gateway do-not-advertise
    For more details, Kindly refer to the below document with working explamples:
    https://www.juniper.net/documentation/us/en/software/junos/evpn-vxlan/topics/concept/evpn-ingress-vmto.html
    Regards,
    Vikas


    ------------------------------
    Vikas Dhawan
    ------------------------------