Posted on December 23, 2019 8:25 pm
 |  Asked by Martin
 |  128 views
0
0
Print Friendly, PDF & Email

Hello,
I was wondering, what MAC Address is expected in the show ip route vrf output:

Shouldn’t be the MLAG System ID/MAC addr mapped with the VTEP IP?
As you can see on the extract below, this is not the case.

Currently I am not able to ping between the nodes hosted by MLAG pair Leaf 3/4 and Leaf 7/8.

Example:
leaf3#sh ip route vrf gold

Leaf3 VTEP IP 10.0.255.12

sh mlag, leaf 3
system-id : 0e:71:41:76:d6:2b

leaf3#sh vxlan address-table
Vxlan Mac Address Table
———————————————————————-

Vlan Mac Address Type Prt Vtep Moves Last Move
—- ———– —- — —- —– ———
1008 0c71.4175.1fd0 EVPN Vx1 10.0.255.14 1 0:11:10 ago
1008 0c71.4176.d62b EVPN Vx1 10.0.255.12 1 0:11:10 ago

————————————————————————–

Leaf 7 VTEP IP 10.0.255.14

sh mlag, leaf 7
system-id : 0e:71:41:75:1f:d0

leaf7#sh vxlan address-table

Vxlan Mac Address Table
———————————————————————-

Vlan Mac Address Type Prt Vtep Moves Last Move
—- ———– —- — —- —– ———
1008 0c71.4176.d62b EVPN Vx1 10.0.255.12 1 0:08:35 ago
1008 0c71.41d6.b080 EVPN Vx1 10.0.255.14 1 0:08:27 ago

1
Posted by Shreyas Ruwala
Answered on December 23, 2019 9:49 pm

Hi Martin,

Please correct me it's L2 EVPN and communication is across vlan1008

AFAIK if router-mac is used, then below o/p is expected
As per my understanding and referring the design guide, the virtual router-mac needs to be same across MLAG VTEP pair

Design guide: https://eos.arista.com/eos-4-20-1f/evpn-irb-with-vxlan-underlay/#EVPN_Integrated_Routing_and_Bridging_IRB_with_VXLAN

Troubleshooting EVPN IRB with VXLAN: https://eos.arista.com/troubleshooting-evpn-irb-vxlan/

leaf4#sh ip route vrf gold

VRF name: gold
Codes: C - connected, S - static, K - kernel,
O - OSPF, IA - OSPF inter area, E1 - OSPF external type 1,
E2 - OSPF external type 2, N1 - OSPF NSSA external type 1,
N2 - OSPF NSSA external type2, B I - iBGP, B E - eBGP,
R - RIP, I L1 - ISIS level 1, I L2 - ISIS level 2,
O3 - OSPFv3, A B - BGP Aggregate, A O - OSPF Summary,
NG - Nexthop Group Static Route, V - VXLAN Control Service

Gateway of last resort is not set

C 10.42.42.0/24 is directly connected, Vlan42
B E 10.44.44.0/24 [1/0] via VTEP 10.0.255.14 VNI 100001 router-mac 0c:71:41:75:1f:d0
via VTEP 10.0.255.14 VNI 100001 router-mac 0c:71:41:d6:b0:80

leaf7#sh vxlan address-table

Vxlan Mac Address Table
----------------------------------------------------------------------

Vlan Mac Address Type Prt Vtep Moves Last Move
---- ----------- ---- --- ---- ----- ---------
1008 0c71.4176.d62b EVPN Vx1 10.0.255.12 1 0:08:35 ago
1008 0c71.41d6.b080 EVPN Vx1 10.0.255.14 1 0:08:27 ago
1008 0c71.41ef.b658 EVPN Vx1 10.0.255.12 1 0:08:27 ago
Total Remote Mac Addresses for this criterion: 3

leaf8#sh vxlan address-table
Vxlan Mac Address Table
----------------------------------------------------------------------

Vlan Mac Address Type Prt Vtep Moves Last Move
---- ----------- ---- --- ---- ----- ---------
1008 0c71.4175.1fd0 EVPN Vx1 10.0.255.14 1 0:07:42 ago
1008 0c71.4176.d62b EVPN Vx1 10.0.255.12 1 0:07:42 ago
1008 0c71.41ef.b658 EVPN Vx1 10.0.255.12 1 0:07:36 ago
Total Remote Mac Addresses for this criterion: 3

Look forward to your response

Sincerely,
Shreyas Ruwala
Technical Solutions Engineer - Arista Networks
Direct Support line: +1 919 352 9613 [10:00 AM to 16:00 EST] (GMT-4)
International Support line: +1 408 547 5502 or +44 207 023 9352
Toll-free Support line: +1 866 476 0000 (US), +44 808 234 0722 (UK)
Please call support if immediate assistance is required.
EVPN Webinar series: https://youtu.be/fzeHQF0msYM

0
Answered on December 24, 2019 8:06 am

Hello Martin,

Regarding your first question , considering that Type-5 routes are being used to advertise the 10.42.42.0/24 IP prefix from the Leaf pair 3/4 , if we do not have the "EVPN MLAG Shared Router MAC" configuration on the advertising pair , the EvpnRouterMac field in the Type 5 routes generated by Leaf pair 3/4 would have the individual system MAC and not the MLAG system-id. This would mean that there is a ECMP path from your leaf pair 7/8 towards this subnet with different destination router-mac values as seen in the "show ip route vrf gold" output :

leaf7#sh ip route vrf gold

B E 10.42.42.0/24 [1/0] via VTEP 10.0.255.12 VNI 100001 router-mac 0c:71:41:76:d6:2b
via VTEP 10.0.255.12 VNI 100001 router-mac 0c:71:41:ef:b6:58

leaf8#sh ip route vrf gold

B E 10.42.42.0/24 [1/0] via VTEP 10.0.255.12 VNI 100001 router-mac 0c:71:41:76:d6:2b
via VTEP 10.0.255.12 VNI 100001 router-mac 0c:71:41:ef:b6:58

In case you would like a single route on the pair 7/8 with the router-mac field as the mlag system-ID of the Leaf pair 3/4 , the below configuration would need to be added in the Vx1 interface configuration mode on the advertising router :

(config-if-Vx1)#vxlan virtual-router encapsulation mac-address mlag-system-id

You could find more details regarding the above command which was introduced in EOS 4.21.3F here : https://eos.arista.com/eos-4-21-3f/evpn-mlag-shared-router-mac/

Regarding your second question w.r.t when the above routes are in the routing table, the pings between the hosts from Leaf pair 3/4 to Leaf pair 7/8 not working for the prefixes advertised with Type 5 EVPN routes , this would work independent of the MLAG router mac configuration considering that you are running EOS 4.20.1F and above where EVPN IRB support was introduced.

0
Posted by Aniket Bhowmick
Answered on December 24, 2019 10:02 am

Hi Martin,

By default we do not send the MLAG system-id as the router-mac in any EVPN route-types. Each VTEP's (which are in MLAG) individual mac is sent.

However, we do have a feature by which we can advertise a MLAG shared mac (which is similar of advertising the MLAG System id). So two VTEPs in MLAG can be configured with the same MLAG shared router mac which would be advertised to remote peers.

For more information you can go through this article:
https://eos.arista.com/eos-4-21-3f/evpn-mlag-shared-router-mac/

Thanks,
Aniket

0
Posted by Vignesh
Answered on December 24, 2019 4:31 pm

HI MARTIN,

AS PER YOUR SCENARIO THE SYSTEM MAC OF THE SWITCH WHICH ADVERTISES THE TYPE-5 EVPN ROUTE IS EXPECTED TO BE SEEN IN THE SHOW IP ROUTE VRF GOLD TABLE. BUT ,YOU CAN MAKE THE SWITCH ADVERTISE MLAG SHARED MAC ADDRESS AS THE EVPN ROUTER MAC OF THE TYPE-5 EVPN ROUTE , IF YOU FOLLOW THE STEPS SPECIFIED IN THIS LINK BELOW

https://eos.arista.com/eos-4-21-3f/evpn-mlag-shared-router-mac/

PLEASE FEEL FREE TO POST ANY FOLLOW UP QUESTIONS , IF YOU HAVE ANY.

THANKS,

VIGNESH

Post your Answer

You must be logged in to post an answer.