Posted on June 21, 2021 2:11 am
 |  Asked by Robbie Cao
 |  138 views
RESOLVED
0
0
Print Friendly, PDF & Email

I have 4 leaf ,2 border leaf ,2 routers as below. There are 3 VRFs in  leaf1-4. r1/r2 advertise default route 0/0 to bl1/2.

what vrf should I put gi1 in bl1/2?

Should I create 3 vrfs in bl1/2 too? or create the 4th vrf?

I want to advertise 0/0 to all vrfs so leaf1-4 know how to reach internet.

leaf1———– |

leaf2———–|spine1———– bl1 gi1———–r1

leaf3———–|spine2———– -bl2 gi1———–r2

leaf4———–|

 

0
Posted by Guohong Zhou
Answered on June 21, 2021 7:02 am

Hi Robbie,
You may create 1 VRF, say VRF-0, in bl1/2 and control access between bl1/2 and leaf1-4 via RT design. For example,
set import RT as 0:1 and export RT as 0:2 on bl1/2;
set import RT as 1:1 0:2 and export RT as 1:1 0:1 for VRF-1 on leaf1-4;
set import RT as 2:2 0:2 and export RT as 2:2 0:1 for VRF-2 on leaf1-4;
set import RT as 3:3 0:2 and export RT as 3:3 0:1 for VRF-3 on leaf1-4

0
Posted by Aniket Bhowmick
Answered on June 21, 2021 9:35 am

Hi Robbie

Thanks for posting your query on EOS forum!

So bl1/bl2 would receive a default route on gi1 interface and you want advertise that route in EVPN in all the vrfs.

First thing, can you please tell us know whether bl1/bl2 are Arista Router or not?

Assuming it is Arista:

  • You need to configure all the vrfs in the switch (don't yet assign it to any interface), using the command- "vrf instance <vrf_name>"
  • After that, configure any one vrf (out of the 3) on the gi1 interface of both bl1 and bl2.
  • Let's say the 3 vrfs are- "red", "green" and "blue" and you configured vrf "red" under gi1. After this you need to "leak" the default route from vrf "red" into vrf "green" and "blue".  You can control what route you want to leak and into which vrfs.
  • Before you leak the route, make sure you configure some SVIs into the vrf "green" and "blue" just to make sure the vrf is active (some interface should be present in the vrf). You can configure "no autostate" inside those SVIs which would bring up the SVI directly without the need to create the respective Vlans for those SVIs.
  • Once you have leaked the route successfully in vrf "green" and "blue", you can advertise those routes in the EVPN table. Make sure you have extended all the 3 vrfs between leaf1-4 and bl1-2 using EVPN/Vxlan. You need to provide a VNI (under "interface vxlan 1") for all the vrfs and also you need to specify the vrfs under router-bgp with correct rd/rt to import and export the routes in each vrf.
  • After that leaf1-4 would receive the default route in respective vrfs (red, green, blue), considering you have correctly configured "rd/rt" under "router bgp" for the respective vrfs on the leaf and bl devices.

For more information on "Route leaking":

  • You can leak routes using VPN table method- https://eos.arista.com/eos-4-21-3f/inter-vrf-local-route-leaking/
  • You can leak routes using "Vrf leak agent"- https://eos.arista.com/inter-vrf-local-route-leaking-using-vrf-leak-agent/

Information on L3EVPN/Vxlan (to extend a vrf):

  • https://eos.arista.com/eos-4-20-1f/evpn-irb-with-vxlan-underlay/
  • https://eos.arista.com/l3-evpn-vxlan-configuration-guide/

Further I would suggest to get in touch with your Arista SE  as well, who will have more visibility of your network and can guide you with the best configurations as per your network requirement.

Regards,

Aniket

0
Posted by Robbie Cao
Answered on June 22, 2021 3:53 am

Fully appreciate it.  It is very helpful

 

Post your Answer

You must be logged in to post an answer.