• Tag : EVPN

 
 

Problem with EVPN type-5 packet forwarding on vEOS

Hello, I am testing a solution based on VXLAN EVPN, with Type-5 routes, with vEOS 4.23.0.1, but I am having some issues in packet forwarding. The routes are correctly propagated, but when I try to ping from a device connected to one node, on a device connected to another node, the ping does not work. I also tried a ping, with a forced source IP, from the vEOS machine itself, but it has problems too. LEAF-2 LEAF-2#sh ip route vrf gold VRF: gold Codes: C – connected, S – static, K – kernel, O – OSPF, IA – OSPF inter...
Continue reading →

EVPN VxLAN IPV6 Overlay TOI

Description Starting with EOS release 4.22.0F, the EVPN VXLAN L3 Gateway using EVPN IRB supports routing traffic from IPV6 host to another IPV6 host on a stretched Vxlan VLAN. This TOI explains the EOS configuration and show commands. Platform Compatibility Platform supporting ND Proxy and ND Suppression DCS-7280R/7280R2 DCS-7050CX3-32S-F DCS-7050SX3-48YC12-F ( Starting in 4.22.1F ) DCS-7050SX3-48YC8 ( Starting in 4.22.1F ) DCS-7050/7050X/7050X2 ( Starting in 4.22.1F ) DCS-7260X/7260X3 ( Starting in 4.22.1F ) DCS-7060X/7060X2 ( Starting in 4.21.1F ) DCS-7250 ( Starting in 4.22.1F ) DCS-7300/DCS-7320 ( Starting in 4.22.1F ) Platform not supporting ND Proxy, No ND Suppression  DCS-7020R...
Continue reading →

VLAN-aware bundle Addition/Removal of VLANs from VLAN set

Description In EVPN, when configuring the member VLANs for a VLAN-aware bundle, the existing configuration command only allows the specification of a VLAN range string, which replaces the previously configured VLAN range string.  This enhancement adds new syntax to add or remove additional VLANs from the currently configured VLAN-aware bundle VLAN list. Platform Compatibility Platform independent Configuration The existing configuration CLI for configuring the member VLANs in a VLAN-aware bundle is: vlan <range>   This takes a VLAN range-string and uses it to replace the currently configured VLAN range-string.  The updated CLI syntax is now: vlan [ add | remove...
Continue reading →

EVPN Control Plane Support for MSS

Description This feature enables support for Macro Segmentation Service (MSS) to insert security devices into the traffic path for VXLAN networks using an EVPN control plane. With this feature enabled, CVX will continue to monitor the network via NetDB state and will initiate intercept and offload rules. With this feature enabled, MAC and IP reachability information will be learned and distributed in user configured L2 domains via EVPN.   CVX will continue to use the Vxlan Controller Service to discover network state and distribute MAC reachability information in service L2 domains (MSS L2 only.) Platform Compatibility Platform Independent (Subject to...
Continue reading →

EVPN – MLAG single homed hosts

Description As described in the Multi-VTEP MLAG TOI, singly connected hosts can lead to suboptimal peer-link utilisation. By adding a local VTEP to each MLAG peer, the control plane is able to advertise singly connected hosts as being directly behind a specific local VTEP / MLAG peer. The multi-VTEP MLAG feature has been extended to add EVPN control plane support. VXLAN bridging (EVPN Type-2 and Type-3 routes) and routing (EVPN Type-5 routes and IRB) are supported by this feature. When multi-VTEP MLAG mode is enabled, outgoing EVPN route advertisements will contain a nexthop and router MAC extended community as summarized...
Continue reading →

EVPN peering not being established

I’m building an EVPN test network using GNS3 (v2.2.0) and vEOS-lab images (4.22.2.1F) basing the configuration on the EVPN Deployment guide. I’ve built a network with 2 pairs of leaf switches & a pair of spine switches (see image). The Underlay BGP network is established fine, and I can reach the endpoints correctly. However when I try and establish the eVPN overlay peerings between the leaf switches and the spines some links never proceed beyond ‘OpenConfirm’ state. spine1(config-router-bgp)#show bgp evpn summary BGP summary information for VRF default Router identifier 192.168.31.129, local AS number 65000.0 Neighbor Status Codes: m - Under...
Continue reading →

SSU support for L2 EVPN with VXLAN

Description Smart System Upgrade (SSU) aims to minimize traffic loss during a software upgrade. The Smart System Upgrade (SSU) process includes the core functionality of Accelerated Software Upgrade, plus additional optimizations that permit a hitless restart of several features. SSU leverages protocols capable of graceful restart to minimize traffic loss during upgrade. For protocols not capable of graceful restart, SSU generates control plane messages and buffers them in hardware to be slowly released when the control plane is offline. Additionally, under SSU, the forwarding ASIC does not get reset and ports do not flap. Starting EOS 4.22.1F SSU is now...
Continue reading →

EVPN mutlihoming w/ ESI

I stumbled upon this archived [post](https://www.reddit.com/r/Arista/comments/azubnz/mlag_or_esi/) while researching EVPN support specifically on the EVPN multihoming side using common ESIs to extend beyond 2 switches in a LAG. Also this is the only post I’ve found mentioning EVPN Multihoming – https://eos.arista.com/arista-layer-2-vtep-evpn-vxlan-route-type-1-support/ but is limited to using mlag only. Does anyone have any information on when there will be support for the EVPN ESI LAGs?

Does 7050SX support L3 vxlan evpn?

I am not able to import evpn from bgp vrf configuration on 7050SX, but able to do same on 7280R2. 7050SX-2(config-router-bgp-vrf-backup-tenant)#route-target import ? ASN(asplain):nn or ASN(asdot):nn or IP-address:nn Route Target Do you mind confirm that whether 7050SX support l3 evpn? Thank you!

BGP VPN and Inter-VRF Local Route Leaking Support for default VRF

Description This feature extends the BGP Layer 3 VPN Import/Export and VRF Route Leaking functionality to “default” VRF. Currently, these functionalities are only supported for non-default VRF. Please refer to this TOI for more details on the support for non-default VRF. EOS supports the following two types of VPN configurations and this feature is applicable for both. RFC 4364 BGP/MPLS L3 VPN (TOI Link) BGP L3 EVPN (TOI Link) This feature is available when configuring BGP in the multi-agent routing protocol model. Platform Compatibility DCS-7250 DCS-7050TX/SX/QX DCS-7060X DCS-7280R DCS-7500R Configuration Configuring BGP VPN in default VRF is similar to how it is...
Continue reading →

EVPN VXLAN All-Active Multihoming

Description Ethernet VPN (EVPN) networks normally require some measure of redundancy to reduce or eliminate the impact of outages and maintenance. RFC7432 [1] describes four types of route to be exchanged through EVPN, with a built-in multihoming mechanism for redundancy. Prior to EOS 4.22.0F, MLAG is available as a redundancy option for EVPN with VXLAN, but not multihoming. EVPN multihoming is a multi-vendor standards-based redundancy solution that does not require a dedicated peer link and allows for more flexible configurations than MLAG, supporting peering on a per interface level rather than a per device level. It also supports a mass...
Continue reading →

EVPN VxLAN IPV6 Overlay

Description Starting with EOS release 4.22.0F, the EVPN VXLAN L3 Gateway using EVPN IRB supports routing traffic from IPV6 host to another IPV6 host on a stretched Vxlan VLAN. This TOI explains the EOS configuration and show commands. Platform compatibility Platform Supporting ND Proxy and ND Suppression DCS-7280R/7280R2 DCS-7050CX3-32S-F DCS-7050SX3-48YC12-F ( Starting in 4.22.1F ) DCS-7050SX3-48YC8 ( Starting in 4.22.1F ) DCS-7050/7050X/7050X2 ( Starting in 4.22.1F ) DCS-7260X/7260X3 ( Starting in 4.22.1F ) DCS-7060X/7060X2 ( Starting in 4.21.1F ) DCS-7250 ( Starting in 4.22.1F ) DCS-7300/DCS-7320 ( Starting in 4.22.1F ) Platform Compatibility (No ND Proxy, No ND Suppression) DCS-7020R...
Continue reading →

EVPN MLAG Shared Router MAC

Description “MLAG Domain Shared Router MAC” is a new mechanism to introduce a new router MAC to be used for MLAG TOR Leaf pairs.  The user can have either explicitly configured MAC address of their choice or use the system generated MLAG system-id for this purpose.   When the MLAG shared MAC is set as the MLAG system ID value, the new shared MAC has the following properties: Unlike the bridge MAC which is different on each peer, this MLAG Domain shared router MAC has the same exact value on MLAG peers forming the same MLAG domain. This new shared...
Continue reading →

Layer 2 Data Center Interconnect – Reference Designs

Introduction VxLAN is a popular choice for extending Layer 2 both intra and inter DC using overlays. Arista offers multiple control plane choices for VxLAN: Static HER, CVX and EVPN. In this article, two approaches to designing a L2 DCI over a L3 underlay are discussed. High-level technical details of each design approach is described first, followed by a comparison of the two options along with their typical use cases. Design 1: Multi-domain Overlay In this design, two overlay domains are identified: DC Fabric domain: This is the VxLAN domain within the DC Layer 3 Leaf-Spine Fabric with Leafs acting...
Continue reading →

EVPN VXLAN Design Guide

A Detailed Overview of the EVPN & VxLAN Protocols, Route Types, Use-Cases and Architectures 1. Introduction This document describes the operation and configuration of BGP EVPN Services over a VXLAN (Virtual eXtensible LAN) overlay on Arista platforms. The focus in this design guide is VxLAN as the protocol for the data-plane encapsulation for the overlay tunnels, and the functionality of the Multiprotocol BGP (MP-BGP) EVPN address-family for control plane signaling in the overlay.  MP-BGP EVPN is not only used for advertising MAC addresses, MAC and IP bindings and IP prefixes across the overlay; it provides efficiencies in the way learning...
Continue reading →

Arista Layer 2 VTEP EVPN VxLAN Route Type-1 Support

Arista Layer 2 VTEP EVPN Route Type-1 Support   Arista Layer 2 EVPN VTEP Inter-Operation With A/A Multi-homed Third-Party Layer 3 EVPN VXLAN VTEPs   Introduction   This document will explain the configurations required to support inter-working with EVPN VXLAN A/A multi-homed VTEPs, also known as L2 ECMP in VxLAN EVPN.   Currently, EOS uses MLAG is used to achieve Multi-homing in EVPN VxLAN Topologies, with an any-cast VxLAN VTEP configured on the MLAG pair, and as such does not need to support EVPN Multihoming Tx (Type-1 route generation). EOS can however install received Type-1 routes and can...
Continue reading →

Multi-Tenant EVPN VXLAN IRB Configuration & Verification Guide (iBGP Overlay eBGP Underlay)

Multi-Tenant EVPN VXLAN IRB Configuration & Verification Guide   Symmetric and Asymmetric IRB With VLAN Based and VLAN Aware Bundle Services Using an iBGP Overlay and eBGP Underlay Topology Logical Diagrams Tenant-A: Symmetric IRB Tenant-B: Asymmetric IRB Platform Support: https://www.arista.com/en/support/product-documentation/supported-features Topology Overview   In the symmetric and asymmetric IRB setups illustrated in the figures above;  for tenant-a four subnets are stretched across the two MLAG domains; with two subnets (vlan 10 – 10.10.10.0/24 and vlan 11 – 10.10.11.0/24) configured as a VLAN based service, and two other subnets (vlan 12 – 10.10.12.0/24 and vlan 13 – 10.10.13.0/24) as a vlan-aware...
Continue reading →

Multi-Tenant EVPN VXLAN IRB Configuration & Verification Guide (eBGP Overlay & Underlay)

Multi-Tenant EVPN VXLAN IRB Configuration & Verification Guide   Symmetric and Asymmetric IRB With VLAN Based and VLAN Aware Bundle Services Using an eBGP Overlay and eBGP Underlay Topology Logical Diagrams Tenant-A: Symmetric IRB Tenant-B: Asymmetric IRB Platform Support: https://www.arista.com/en/support/product-documentation/supported-features Topology Overview   In the symmetric and asymmetric IRB setups illustrated in the figures above;  for tenant-a four subnets are stretched across the two MLAG domains; with two subnets (vlan 10 – 10.10.10.0/24 and vlan 11 – 10.10.11.0/24) configured as a VLAN based service, and two other subnets (vlan 12 – 10.10.12.0/24 and vlan 13 – 10.10.13.0/24) as a vlan-aware...
Continue reading →

L3 EVPN VXLAN Configuration Guide

L3 EVPN VXLAN Configuration Guide   EVPN VXLAN Type-5 Layer 3 VPN  (With Dual-Homed Layer 2 and Layer 3 Sites) Overview Ethernet VPN (EVPN) is an extension of the BGP protocol introducing a new address family: L2VPN (address family number 25) / EVPN (subsequent address family number 70). It is used to exchange overlay MAC and IP address reachability information between BGP peers using type-2 routes, but additionally,  EVPN supports the exchange of layer 3 IPv4 and IPv6 overlay routes through the extensions described in (type 5 EVPN routes). An IP VRF is used on a VTEP router for...
Continue reading →

Spine-Leaf BGP EVPN Best Practice

Hello I’m seeking for a white paper\best practice document that can cover deploying a topology of spine-leaf data center. The points i’m seeking clarifications are 1. underlay L3 connectivity – is IGP required to be configured between spine and leafs. 2. is multicast a must between spine and leaf for control plan operation? (forwarding BUM packets?) 3. with vxlan, are there any problems using mlags? how can i advertise a certain MAC address is available from two different VTEPs and encapsulate into vxlan from both connections? 4. in terms of configuration, how can i deploy such a scenario? 5. unconventional as it...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: