Ask the Expert

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.

Expand all | Collapse all

Anyone can help to take a look at my topology to see any issues with it?

  • 1.  Anyone can help to take a look at my topology to see any issues with it?

    Posted 04-05-2021 20:26
    I have the following topology.
    I have four QFXs connected via EVPN/vXLAN.  The dotted lines show the peer relationship.  Based on my understanding, with the red line, a possible loop could occur. Without the red line, no loop could occur.  Am I right ?   As the BUM traffic advertised to the peer vtep would not be forwarded to other VTEPs.  Right ?

    With the Red line, A BUM from VTEP-3 might be learnt by VTEP-4 via the Red line, the loop then occurs. Right ?

    thanks for your insights and coaching !!


  • 2.  RE: Anyone can help to take a look at my topology to see any issues with it?

    Posted 04-25-2021 06:19
    Hi

    First let's have a look at the EVPN RFC 7432:

    "If a bridged network is multihomed to more than one PE in an EVPN network via switches, then the support of All-Active redundancy mode
    requires the bridged network to be connected to two or more PEs using a LAG.

    If a bridged network does not connect to the PEs using a LAG, then only one of the links between the bridged network and the PEs must be
    the active link for a given <ES, VLAN> or <ES, VLAN bundle>."

    Basically if it's multihomed it must be a LAG, if it's multihomed without a LAG it must be Active/Standby.

    In your topology the switch on the left should be connected using ESI-LAG to avoid any loops.

    The switches on the right should be stacked so they act as one logical device then multihomed using ESI-LAG.

    If they can't be stacked then the red line describes a common miswiring scenario. 
    This will trigger a MAC flap between QFX3 and QFX4, EVPN handles this with duplicate-address-detection:
    Changing Duplicate MAC Address Detection Settings | EVPN User Guide | Juniper Networks TechLibrary
    Note that DAD till only solve the control plane, BUM traffic will still loop between QFX3, QFX4 and the switches/red line behind.

    What you want to do here is to enable the new EVPN loop-detect feature on the ports facing the switches:
    loop-detect (EVPN) | EVPN User Guide | Juniper Networks TechLibrary

    Hope this helps.


    ------------------------------
    ROGER WIKLUND
    ------------------------------



  • 3.  RE: Anyone can help to take a look at my topology to see any issues with it?

    Posted 04-25-2021 17:26
    thanks a lot !!

    I tested and noticed the issues.