Yeah, looking back at your original comments... "I get no packets on ge-0/0/3.90, no MAC learning" ...you have to solve that first. if PE-CE mechanism isn't learning reachability information (in this case, basic learned mac addresses from received frames), then the MP-IBGP AF (EVPN) won't subsequently advertised that NLRI.
Original Message:
Sent: 03-30-2026 13:06
From: BRADLEY RIAPOLOV
Subject: EVPN on vMX (JCL/ESXi): Tagged AC not receiving VLAN frames (no Type 2 routes)
Aaron, thank you. Removed family bridge, but made no difference, still no Type 2 routes. Thank you for trying to help me.
------------------------------
BRADLEY RIAPOLOV
Original Message:
Sent: 03-26-2026 08:25
From: aaron.gould
Subject: EVPN on vMX (JCL/ESXi): Tagged AC not receiving VLAN frames (no Type 2 routes)
i have a similar config to yours, except mine doesn't have "set interfaces ge-0/0/3 unit 90 family bridge"
maybe remove that and see what happens
set interfaces ae141 flexible-vlan-tagging
set interfaces ae141 encapsulation flexible-ethernet-services
set interfaces ae141 aggregated-ether-options lacp active
...
set interfaces ae141 unit 210 encapsulation vlan-bridge
set interfaces ae141 unit 210 vlan-id 210
set routing-instances my-evpn-01-vxlan bridge-domains bridge-0210 vlan-id 210
set routing-instances my-evpn-01-vxlan bridge-domains bridge-0210 interface ae141.210
set routing-instances my-evpn-01-vxlan bridge-domains bridge-0210 routing-interface irb.210
set routing-instances my-evpn-01-vxlan bridge-domains bridge-0210 vxlan vni 10210
root@960> show bridge evpn arp-table instance my-evpn-01-vxlan bridge-domain bridge-0210
INET MAC Logical Routing Bridging
address address interface instance domain
139.139.253.1 00:00:00:00:00:d2 irb.210 my-evpn-01-vxlan bridge-0210
139.139.253.5 24:bf:cb:24:08:05 vtep.32770 my-evpn-01-vxlan bridge-0210
139.139.253.9 76:a3:dc:26:08:05 ae141.210 my-evpn-01-vxlan bridge-0210
root@960> show bridge mac-table instance my-evpn-01-vxlan bridge-domain bridge-0210
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC, P -Pinned MAC)
Routing instance : my-evpn-01-vxlan
Bridging domain : bridge-0210, VLAN : 210
MAC MAC Logical Active
address flags interface source
24:bf:cb:24:07:dc DR vtep.32770 123.123.128.5
24:bf:cb:24:08:05 DR vtep.32770 123.123.128.5
76:a3:dc:26:08:05 D ae141.210
root@960> show route table my-evpn-01-vxlan.evpn.0 evpn-ethernet-tag-id 10210 active-path terse | except ^\*
my-evpn-01-vxlan.evpn.0: 14 destinations, 22 routes (14 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
A V Destination P Prf Metric 1 Metric 2 Next hop AS path
2:123.123.128.5:5001::10210::00:00:00:00:00:d2/304 MAC/IP
2:123.123.128.5:5001::10210::24:bf:cb:24:07:dc/304 MAC/IP
2:123.123.128.5:5001::10210::24:bf:cb:24:08:05/304 MAC/IP
2:123.123.128.9:5001::10210::00:00:00:00:00:d2/304 MAC/IP
2:123.123.128.9:5001::10210::76:a3:dc:26:08:05/304 MAC/IP
2:123.123.128.5:5001::10210::00:00:00:00:00:d2::139.139.253.1/304 MAC/IP
2:123.123.128.5:5001::10210::24:bf:cb:24:08:05::139.139.253.5/304 MAC/IP
2:123.123.128.9:5001::10210::00:00:00:00:00:d2::139.139.253.1/304 MAC/IP
2:123.123.128.9:5001::10210::76:a3:dc:26:08:05::139.139.253.9/304 MAC/IP
3:123.123.128.5:5001::10210::123.123.128.5/248 IM
3:123.123.128.9:5001::10210::123.123.128.9/248 IM
root@960> show l2-learning vxlan-tunnel-end-point remote ip 123.123.128.5
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC , P -Pinned MAC)
Logical system : <default>
Routing instance : my-evpn-01-vxlan
Bridging domain : bridge-0210+210, VLAN : 210
VXLAN ID : 10210, Multicast Group IP : 0.0.0.0
Remote VTEP : 123.123.128.5, Nexthop ID : 865
MAC MAC Logical Remote VTEP
address flags interface IP address
24:bf:cb:24:07:dc DR vtep.32770 123.123.128.5
24:bf:cb:24:08:05 DR vtep.32770 123.123.128.5
------------------------------
- Aaron
Original Message:
Sent: 03-20-2026 07:59
From: BRADLEY RIAPOLOV
Subject: EVPN on vMX (JCL/ESXi): Tagged AC not receiving VLAN frames (no Type 2 routes)
Hi all,
Running into something odd with EVPN on vMX in the open labs and wondering if anyone's seen this before.
I've got a simple EVPN L2 service (instance-type evpn, vlan-id 90) between two PEs. Control plane looks fine - Type 3 IM routes are there between PEs.
If I use an untagged AC (encapsulation ethernet-bridge, unit 0), everything works as expected -MAC learning happens, Type 2 (MAC/IP) routes show up, end-to-end traffic is fine, but when I switch to a tagged AC:
set interfaces ge-0/0/3 flexible-vlan-tagging
set interfaces ge-0/0/3 encapsulation flexible-ethernet-services
set interfaces ge-0/0/3 unit 90 encapsulation vlan-bridge
set interfaces ge-0/0/3 unit 90 vlan-id 90
set interfaces ge-0/0/3 unit 90 family bridge
I get no packets on ge-0/0/3.90, no MAC learning, and only Type 3 routes (no Type 2)
The physical interface shows traffic, but VLAN tagged frames stay at 0, so it looks like the PE never actually sees tagged frames.
CEs are configured with VLAN 90 subinterfaces and are sending traffic.
Feels like something in JCL / ESXi is stripping or not passing 802.1Q tags properly.
Has anyone hit this with vMX in JCL or similar setups?
Anything specific needed on the hypervisor side (trunk mode, VLAN 4095, TPID quirks, etc.) to make tagged EVPN ACs work?
Cheers
------------------------------
BRADLEY RIAPOLOV
------------------------------