Routing

 View Only
last person joined: 9 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.
Expand all | Collapse all

EVPN/VXLAN, hosts cannot communicate between routing instances on the same switch

  • 1.  EVPN/VXLAN, hosts cannot communicate between routing instances on the same switch

    Posted 05-29-2023 09:11

    Hi,

    I have the following config:

    set interfaces xe-0/0/0 unit 0 family inet address 10.1.2.2/24
    set interfaces xe-0/0/1 unit 0 family inet address 10.1.3.2/24
    set interfaces xe-0/0/2 unit 0 family ethernet-switching interface-mode trunk
    set interfaces xe-0/0/2 unit 0 family ethernet-switching vlan members 101
    set interfaces xe-0/0/3 unit 0 family ethernet-switching interface-mode trunk
    set interfaces xe-0/0/3 unit 0 family ethernet-switching vlan members 103
    set interfaces em0 unit 0 family inet address 192.168.0.203/24
    set interfaces em1 unit 0 family inet address 169.254.0.2/24
    set interfaces irb unit 101 proxy-macip-advertisement
    set interfaces irb unit 101 virtual-gateway-accept-data
    set interfaces irb unit 101 family inet address 1.1.1.4/24 virtual-gateway-address 1.1.1.254
    set interfaces irb unit 103 proxy-macip-advertisement
    set interfaces irb unit 103 virtual-gateway-accept-data
    set interfaces irb unit 103 family inet address 3.3.3.2/24 virtual-gateway-address 3.3.3.254
    set interfaces lo0 unit 0 family inet address 10.0.0.4/32
    set interfaces lo0 unit 1 family inet address 10.1.0.4/24
    set interfaces lo0 unit 3 family inet address 10.3.0.4/24
    set forwarding-options storm-control-profiles default all
    set policy-options policy-statement IMPORT term 1 from route-filter 1.1.1.0/24 orlonger
    set policy-options policy-statement IMPORT term 1 from route-filter 3.3.3.0/24 orlonger
    set policy-options policy-statement V101 then community add V10100
    set policy-options policy-statement V101 then accept
    set policy-options policy-statement V101_accept from community V10100
    set policy-options policy-statement V101_accept then accept
    set policy-options policy-statement V103 from interface irb.103
    set policy-options policy-statement V103 then community add V10300
    set policy-options policy-statement V103 then accept
    set policy-options policy-statement V103_accept from community V10300
    set policy-options policy-statement V103_accept then accept
    set policy-options community V10100 members target:1:10100
    set policy-options community V10300 members target:1:10300
    set routing-instances LF1_101 protocols evpn ip-prefix-routes advertise direct-nexthop
    set routing-instances LF1_101 protocols evpn ip-prefix-routes encapsulation vxlan
    set routing-instances LF1_101 protocols evpn ip-prefix-routes vni 11111
    set routing-instances LF1_101 instance-type vrf
    set routing-instances LF1_101 interface irb.101
    set routing-instances LF1_101 interface lo0.1
    set routing-instances LF1_101 route-distinguisher 10.1.0.4:10100
    set routing-instances LF1_101 vrf-import V103_accept
    set routing-instances LF1_101 vrf-target target:1:10100
    set routing-instances LF1_103 protocols evpn ip-prefix-routes advertise direct-nexthop
    set routing-instances LF1_103 protocols evpn ip-prefix-routes encapsulation vxlan
    set routing-instances LF1_103 protocols evpn ip-prefix-routes vni 33333
    set routing-instances LF1_103 instance-type vrf
    set routing-instances LF1_103 interface irb.103
    set routing-instances LF1_103 interface lo0.3
    set routing-instances LF1_103 route-distinguisher 10.3.0.4:10300
    set routing-instances LF1_103 vrf-import V101_accept
    set routing-instances LF1_103 vrf-target target:1:10300
    set routing-options router-id 10.0.0.4
    set routing-options autonomous-system 666
    set protocols ospf area 0.0.0.0 interface xe-0/0/0.0
    set protocols ospf area 0.0.0.0 interface xe-0/0/1.0
    set protocols ospf area 0.0.0.0 interface lo0.0 passive
    set protocols evpn encapsulation vxlan  
    set protocols evpn default-gateway no-gateway-community
    set protocols evpn extended-vni-list all
    set protocols bgp group EVPN type internal
    set protocols bgp group EVPN local-address 10.0.0.4
    set protocols bgp group EVPN family evpn signaling
    set protocols bgp group EVPN export IMPORT
    set protocols bgp group EVPN neighbor 10.0.0.1
    set protocols bgp group EVPN neighbor 10.0.0.2
    set protocols bgp group EVPN neighbor 10.0.0.3
    set switch-options vtep-source-interface lo0.0
    set switch-options route-distinguisher 10.0.0.4:1
    set switch-options vrf-target target:666:101
    set vlans CENTER vlan-id 103
    set vlans CENTER l3-interface irb.103
    set vlans CENTER vxlan vni 10300
    set vlans LEFT vlan-id 101
    set vlans LEFT l3-interface irb.101
    set vlans LEFT vxlan vni 10100

    Hosts from LF1_101 cannot communicate with hosts in LF1_103, don't understand what I am missing.
    There is another host on another switch, that can communicate freely with LF1_103 and LF101.

    LF1_101.inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both
     
    1.1.1.0/24         *[Direct/0] 00:42:11
                        >  via irb.101
    1.1.1.3/32         *[EVPN/7] 00:41:25
                        >  via irb.101
    1.1.1.4/32         *[Local/0] 00:42:11
                           Local via irb.101
    1.1.1.254/32       *[Local/0] 00:42:11
                           Local via irb.101
    10.1.0.0/24        *[Direct/0] 00:42:12
                        >  via lo0.1
    10.1.0.4/32        *[Local/0] 00:42:12
                           Local via lo0.1
     
    LF1_103.inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both
     
    1.1.1.0/24         *[EVPN/170] 00:13:48
                        >  to 10.1.2.1 via xe-0/0/0.0
                           to 10.1.3.1 via xe-0/0/1.0
    3.3.3.0/24         *[Direct/0] 00:42:11
                        >  via irb.103
    3.3.3.1/32         *[EVPN/7] 00:40:36
                        >  via irb.103
    3.3.3.2/32         *[Local/0] 00:42:11
                           Local via irb.103
    3.3.3.254/32       *[Local/0] 00:42:11
                           Local via irb.103
    10.1.0.0/24        *[EVPN/170] 00:13:48
                           to 10.1.2.1 via xe-0/0/0.0
                        >  to 10.1.3.1 via xe-0/0/1.0
    10.3.0.0/24        *[Direct/0] 00:42:12 
                        >  via lo0.3
    10.3.0.4/32        *[Local/0] 00:42:12
                           Local via lo0.3


    So, ubuntu 1 can communicate with everyone and viceversa.
    Ubuntu 3 and 2 cannot communicate with eachother.


    ------------------------------
    ALEXANDRU MINZAT
    ------------------------------


  • 2.  RE: EVPN/VXLAN, hosts cannot communicate between routing instances on the same switch

    Posted 05-30-2023 04:40

    Fixed it, what i did:

    delete routing-instances LF1_101 protocols evpn ip-prefix-routes advertise direct-nexthop
    delete routing-instances LF1_101 protocols evpn ip-prefix-routes encapsulation vxlan
    delete routing-instances LF1_101 protocols evpn ip-prefix-routes vni 11111
     
    delete routing-instances LF1_103 protocols evpn ip-prefix-routes advertise direct-nexthop
    delete routing-instances LF1_103 protocols evpn ip-prefix-routes encapsulation vxlan
    delete routing-instances LF1_103 protocols evpn ip-prefix-routes vni 33333


    set protocols evpn vni-options vni 10100 vrf-target target:1:10100
    set protocols evpn vni-options vni 10300 vrf-target target:1:10300

    set routing-instances LF1_101 routing-options auto-export
    set routing-instances LF1_103 routing-options auto-export

    Now the routes are shared correctly between routing tables



    ------------------------------
    ALEXANDRU MINZAT
    ------------------------------