Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
Hi everyone,I am curious about the purpose of gateway community in EVPN BGP VXLAN when announcing gateway MAC IPI have a sample config on vQFX VTEP ( L2/L3 gateway):root@S1# show protocols evpn | display setset protocols evpn encapsulation vxlanset protocols evpn extended-vni-list allset protocols evpn default-gateway no-gateway-community
root@S1# show interfaces irb.700 | display setset interfaces irb unit 700 family inet address 172.17.1.1/24As expected , when I look at the capture, there is no gateway community announced for Typ2 MAC/IP route for gateway irb.700I modified the config to announce gateway MAC/IP type 2 route along with gateway community:root@S1# set protocols evpn default-gateway advertiseIndeed MAC/IP Type 2 route for irb.700 is announced along with gateway community but it carries no valuable info , so what is the point of announcing gateway community then?
This needs to be configured if virtual-gateway-address is configured. When anycast IP is used as the gateway, then MAC needs to synch between spines. MAC is synched by 'default gateway extended community' and this is enabled by default. However, when virtual-gateway-address is used, a VRRP based MAC "00:00:5e:00:01:01" is used on both the spines, so MAC synch is not needed. There is no need for 'default gateway extended community' . To stop the CLI knob, 'no-gateway-community' is used. If you do not use this knob, Leafs can program IRB MAC in PFE and can cause forwarding issues.
'default gateway extended community'
If anycast MAC (Statically Defined IRB Interface MAC Address on both spines) is used, then 'no-gateway-community' must be used.
set protocols evpn default-gateway no-gateway-community
If you do not want to advertise IRB MAC, then use 'do-not-advertise'
set protocols evpn default-gateway do-not-advertise
For more details, Kindly refer to the below document with working explamples: