EVPN L2 VxLAN Configuration
Table of Contents
Example model & SONiC version:
- Aurora 830, Aurora 721, Aurora 621
- Netberg SONiC: sonic-broadcom-202311.n0
Configuring EVPN
Limitations:
- EVPN supports only IPv4 VTEP addresses.
Pre-configuration:
- Based on the default configuration and initial FRR config (refer to the FRRouting and config initialization piece).
- Create VLAN 100 and add Ethernet0 of Aurora nba621-1 and Ethernet0 of Aurora nba621-2 as untagged members to VLAN 100. Please refer to VLAN the & Inter-VLAN Routing article.
- Bind IP to Ethernet68 on switches (refer to the Port IP addresses piece).
Procedure :
1. Assign IP addresses to Loopback0 interfaces.
admin@nba621-1:~$ sudo config interface ip add Loopback0 10.10.10.1/32
admin@nba621-2:~$ sudo config interface ip add Loopback0 10.10.10.101/322. Establish BGP Session between Ethernet68 and announce the network.
Aurora nba621-1:
admin@nba621-1:~$ vtysh
Hello, this is FRRouting (version 8.5.1).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
nba621-1# configure terminal
nba621-1(config)# router bgp 65100
nba621-1(config-router)# bgp router-id 10.10.10.1
nba621-1(config-router)# neighbor 10.0.1.0 remote-as 65100
nba621-1(config-router)# address-family ipv4
nba621-1(config-router-af)# network 10.10.10.1/32
nba621-1(config-router-af)# end
nba621-1# write
nba621-1# exitAurora nba621-2:
admin@nba621-2:~$ vtysh
Hello, this is FRRouting (version 8.5.1).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
nba621-2# configure terminal
nba621-2(config)# router bgp 65100
nba621-2(config-router)# bgp router-id 10.10.10.101
nba621-2(config-router)# neighbor 10.0.1.1 remote-as 65100
nba621-2(config-router)# address-family ipv4
nba621-2(config-router-af)# network 10.10.10.101/32
nba621-2(config-router-af)# end
nba621-2# write
nba621-2# exit3. Create VxLANs
Aurora nba621-1:
admin@nba621-1:~$ sudo config vxlan add vtep 10.10.10.1 --> config vxlan add <vtepname> <src_ipv4>
admin@nba621-1:~$ sudo config vxlan evpn_nvo add nvo vtep --> config vxlan evpn_nvo add <nvoname> <vtepname>
admin@nba621-1:~$ sudo config vxlan map add vtep 100 1000 --> config vxlan map add <vtepname> <vlanid> <vnid>Aurora nba621-2:
admin@nba621-2:~$ sudo config vxlan add vtep 10.10.10.101
admin@nba621-2:~$ sudo config vxlan evpn_nvo add nvo vtep
admin@nba621-2:~$ sudo config vxlan map add vtep 100 1000- VNI (VxLAN Network Identifier) – uniquely identifies the VxLAN.
- VTEP (Virtual Tunnel End Point) – the entity that performs the encapsulation and decapsulation of packets.
- One switch can have only one VTEP with a unique identifier, such as the Loopback0 IP address.
- NVO (Network Virtualization Overlay) – only one NVO is allowed on one device.
We created VTEP named “vtep”, NVO named “nvo”, and VN Identifier (VNID) 1000.
4. Announce L2VPN EVPN routes.
Aurora nba621-1:
admin@nba621-1:~$ vtysh
Hello, this is FRRouting (version 8.5.1).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
nba621-1# configure terminal
nba621-1(config)# router bgp 65100
nba621-1(config-router)# address-family l2vpn evpn
nba621-1(config-router-af)# neighbor 10.0.1.0 activate
nba621-1(config-router-af)# advertise-all-vni
nba621-1(config-router-af)# end
nba621-1# write
nba621-1# exitAurora nba621-2:
admin@nba621-2:~$ vtysh
Hello, this is FRRouting (version 8.5.1).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
nba621-2# configure terminal
nba621-2(config)# router bgp 65100
nba621-2(config-router)# address-family l2vpn evpn
nba621-2(config-router-af)# neighbor 10.0.1.1 activate
nba621-2(config-router-af)# advertise-all-vni
nba621-2(config-router-af)# end
nba621-2# write
nba621-2# exit
Results
Check vxlan interface configuration
Aurora nba621-1:
admin@nba621-1:~$ show vxlan interface
VTEP Information:
VTEP Name : vtep, SIP : 10.10.10.1
NVO Name : nvo, VTEP : vtep
Source interface : Loopback0Aurora nba621-2:
admin@nba621-2:~$ show vxlan interface
VTEP Information:
VTEP Name : vtep, SIP : 10.10.10.101
NVO Name : nvo, VTEP : vtep
Source interface : Loopback0Check vxlan and VLAN mapping.
Aurora nba621-1:
admin@nba621-1:~$ show vxlan vlanvnimap
+---------+-------+
| VLAN | VNI |
+=========+=======+
| Vlan100 | 1000 |
+---------+-------+
Total count : 1Aurora nba621-2:
admin@nba621-2:~$ show vxlan vlanvnimap
+---------+-------+
| VLAN | VNI |
+=========+=======+
| Vlan100 | 1000 |
+---------+-------+
Total count : 1Check the status for Vxlan tunneling.
Aurora nba621-1:
admin@nba621-1:~$ show vxlan tunnel
vxlan tunnel name source ip destination ip tunnel map name tunnel map mapping(vni -> vlan)
------------------- ----------- ---------------- ----------------- ---------------------------------
vtep 10.10.10.1 map_1000_Vlan100 1000 -> Vlan100Aurora nba621-2:
admin@nba621-2:~$ show vxlan tunnel
vxlan tunnel name source ip destination ip tunnel map name tunnel map mapping(vni -> vlan)
------------------- ----------- ---------------- ----------------- ---------------------------------
vtep 10.10.10.101 map_1000_Vlan100 1000 -> Vlan100admin@nba621-1:~$ show vxlan remotevtep
+------------+--------------+-------------------+--------------+
| SIP | DIP | Creation Source | OperStatus |
+============+==============+===================+==============+
| 10.10.10.1 | 10.10.10.101 | EVPN | oper_up |
+------------+--------------+-------------------+--------------+
Total count : 1admin@nba621-2:~$ show vxlan remotevtep
+--------------+------------+-------------------+--------------+
| SIP | DIP | Creation Source | OperStatus |
+==============+============+===================+==============+
| 10.10.10.101 | 10.10.10.1 | EVPN | oper_up |
+--------------+------------+-------------------+--------------+
Total count : 1Check learned MACs:
admin@nba621-1:~$ show mac
No. Vlan MacAddress Port Type
----- ------ ----------------- ---------- -------
1 100 B4:96:91:B3:C7:CB Ethernet0 Dynamic
Total number of entries 1admin@nba621-1:~$ show vxlan remotemac all
+--------+-------------------+--------------+-------+---------+
| VLAN | MAC | RemoteVTEP | VNI | Type |
+========+===================+==============+=======+=========+
| Vlan100 | b4:96:91:b3:c7:c8 | 10.10.10.101 | 1000 | dynamic |
+--------+-------------------+--------------+-------+---------+
Total count : 1admin@nba621-2:~$ show mac
No. Vlan MacAddress Port Type
----- ------ ----------------- ---------- -------
1 100 B4:96:91:B3:C7:C8 Ethernet0 Dynamic
Total number of entries 1admin@nba621-2:~$ show vxlan remotemac all
+--------+-------------------+--------------+-------+---------+
| VLAN | MAC | RemoteVTEP | VNI | Type |
+========+===================+==============+=======+=========+
| Vlan100 | b4:96:91:b3:c7:cb | 10.10.10.1 | 1000 | dynamic |
+--------+-------------------+--------------+-------+---------+
Total count : 1FRR status
BGP session:
nba621-1# show bgp ipv4 summary
IPv4 Unicast Summary (VRF default):
BGP router identifier 10.10.10.1, local AS number 65100 vrf-id 0
BGP table version 4
RIB entries 3, using 576 bytes of memory
Peers 1, using 725 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
10.0.1.0 4 65100 15 17 0 0 0 00:03:06 1 1 N/A
Total number of neighbors 1nba621-2# show bgp ipv4 summary
IPv4 Unicast Summary (VRF default):
BGP router identifier 10.10.10.101, local AS number 65100 vrf-id 0
BGP table version 6
RIB entries 3, using 576 bytes of memory
Peers 1, using 725 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
10.0.1.1 4 65100 44 41 0 0 0 00:03:06 1 1 N/A
Total number of neighbors 1EVPN BGP session
nba621-1# show bgp l2vpn evpn summary
BGP router identifier 10.10.10.1, local AS number 65100 vrf-id 0
BGP table version 0
RIB entries 3, using 576 bytes of memory
Peers 1, using 725 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
10.0.1.0 4 65100 17 19 0 0 0 00:05:42 2 2 N/A
Total number of neighbors 1nba621-2# show bgp l2vpn evpn summary
BGP router identifier 10.10.10.101, local AS number 65100 vrf-id 0
BGP table version 0
RIB entries 5, using 960 bytes of memory
Peers 1, using 725 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
10.0.1.1 4 65100 46 43 0 0 0 00:05:43 2 2 N/A
Total number of neighbors 1Underlay routing
nba621-1# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
f - OpenFabric,
> - selected route, * - FIB route, q - queued, r - rejected, b - backup
t - trapped, o - offload failure
K>* 0.0.0.0/0 [0/202] via 192.168.0.1, eth0, 00:30:35
C>* 10.0.1.0/31 is directly connected, Ethernet68, 00:27:54
C>* 10.10.10.1/32 is directly connected, Loopback0, 00:29:11
B>* 10.10.10.101/32 [200/0] via 10.0.1.0, Ethernet68, weight 1, 00:06:41
C>* 192.168.0.0/24 is directly connected, eth0, 00:30:35nba621-2# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
f - OpenFabric,
> - selected route, * - FIB route, q - queued, r - rejected, b - backup
t - trapped, o - offload failure
K>* 0.0.0.0/0 [0/202] via 192.168.0.1, eth0, 00:30:28
C>* 10.0.1.0/31 is directly connected, Ethernet68, 00:27:27
B>* 10.10.10.1/32 [200/0] via 10.0.1.1, Ethernet68, weight 1, 00:06:40
C>* 10.10.10.101/32 is directly connected, Loopback0, 00:29:07
C>* 192.168.0.0/24 is directly connected, eth0, 00:30:28VxLAN VNI
nba621-1# show evpn vni detail
VNI: 1000
Type: L2
Tenant VRF: default
VxLAN interface: vtep-100
VxLAN ifIndex: 69
SVI interface: Vlan100
SVI ifIndex: 68
Local VTEP IP: 10.10.10.1
Mcast group: 0.0.0.0
Remote VTEPs for this VNI:
10.10.10.101 flood: HER
Number of MACs (local and remote) known for this VNI: 2
Number of ARPs (IPv4 and IPv6, local and remote) known for this VNI: 0
Advertise-gw-macip: No
Advertise-svi-macip: Nonba621-2# show evpn vni detail
VNI: 1000
Type: L2
Tenant VRF: default
VxLAN interface: vtep-100
VxLAN ifIndex: 69
Local VTEP IP: 10.10.10.101
Mcast group: 0.0.0.0
Remote VTEPs for this VNI:
10.10.10.1 flood: HER
Number of MACs (local and remote) known for this VNI: 2
Number of ARPs (IPv4 and IPv6, local and remote) known for this VNI: 0
Advertise-gw-macip: No
Advertise-svi-macip: NoEVPN MAC learning
nba621-1# show evpn mac vni all
VNI 1000 #MACs (local and remote) 2
Flags: N=sync-neighs, I=local-inactive, P=peer-active, X=peer-proxy
MAC Type Flags Intf/Remote ES/VTEP VLAN Seq #'s
b4:96:91:b3:c7:c8 remote 10.10.10.101 0/0
b4:96:91:b3:c7:cb local Ethernet0 100 0/0nba621-2# show evpn mac vni all
VNI 1000 #MACs (local and remote) 3
Flags: N=sync-neighs, I=local-inactive, P=peer-active, X=peer-proxy
MAC Type Flags Intf/Remote ES/VTEP VLAN Seq #'s
b4:96:91:b3:c7:c8 local Ethernet0 100 0/0
b4:96:91:b3:c7:cb remote 10.10.10.1 0/0Type 2 EVPN routes
nba621-1# show bgp l2vpn evpn route type macip
BGP table version is 2, local router ID is 10.10.10.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
EVPN type-1 prefix: [1]:[EthTag]:[ESI]:[IPlen]:[VTEP-IP]:[Frag-id]
EVPN type-2 prefix: [2]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP]
EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP]
EVPN type-4 prefix: [4]:[ESI]:[IPlen]:[OrigIP]
EVPN type-5 prefix: [5]:[EthTag]:[IPlen]:[IP]
Network Next Hop Metric LocPrf Weight Path
Extended Community
Route Distinguisher: 10.10.10.1:4
*> [2]:[0]:[48]:[b4:96:91:b3:c7:cb]
10.10.10.1 32768 i
ET:8 RT:65100:1000
Route Distinguisher: 10.10.10.101:2
*>i[2]:[0]:[48]:[b4:96:91:b3:c7:c8]
10.10.10.101 100 0 i
RT:65100:1000 ET:8
Displayed 2 prefixes (2 paths) (of requested type)nba621-2# show bgp l2vpn evpn route type macip
BGP table version is 2, local router ID is 10.10.10.101
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
EVPN type-1 prefix: [1]:[EthTag]:[ESI]:[IPlen]:[VTEP-IP]:[Frag-id]
EVPN type-2 prefix: [2]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP]
EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP]
EVPN type-4 prefix: [4]:[ESI]:[IPlen]:[OrigIP]
EVPN type-5 prefix: [5]:[EthTag]:[IPlen]:[IP]
Network Next Hop Metric LocPrf Weight Path
Extended Community
Route Distinguisher: 10.10.10.1:4
*>i[2]:[0]:[48]:[b4:96:91:b3:c7:cb]
10.10.10.1 100 0 i
RT:65100:1000 ET:8
Route Distinguisher: 10.10.10.101:2
*> [2]:[0]:[48]:[b4:96:91:b3:c7:c8]
10.10.10.101 32768 i
ET:8 RT:65100:1000
Displayed 2 prefixes (2 paths) (of requested type)Type 3 EVPN routes
nba621-1# show bgp l2vpn evpn route type multicast
BGP table version is 2, local router ID is 10.10.10.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
EVPN type-1 prefix: [1]:[EthTag]:[ESI]:[IPlen]:[VTEP-IP]:[Frag-id]
EVPN type-2 prefix: [2]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP]
EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP]
EVPN type-4 prefix: [4]:[ESI]:[IPlen]:[OrigIP]
EVPN type-5 prefix: [5]:[EthTag]:[IPlen]:[IP]
Network Next Hop Metric LocPrf Weight Path
Extended Community
Route Distinguisher: 10.10.10.1:4
*> [3]:[0]:[32]:[10.10.10.1]
10.10.10.1 32768 i
ET:8 RT:65100:1000
Route Distinguisher: 10.10.10.101:2
*>i[3]:[0]:[32]:[10.10.10.101]
10.10.10.101 100 0 i
RT:65100:1000 ET:8
Displayed 2 prefixes (2 paths) (of requested type)nba621-2# show bgp l2vpn evpn route type multicast
BGP table version is 2, local router ID is 10.10.10.101
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
EVPN type-1 prefix: [1]:[EthTag]:[ESI]:[IPlen]:[VTEP-IP]:[Frag-id]
EVPN type-2 prefix: [2]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP]
EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP]
EVPN type-4 prefix: [4]:[ESI]:[IPlen]:[OrigIP]
EVPN type-5 prefix: [5]:[EthTag]:[IPlen]:[IP]
Network Next Hop Metric LocPrf Weight Path
Extended Community
Route Distinguisher: 10.10.10.1:4
*>i[3]:[0]:[32]:[10.10.10.1]
10.10.10.1 100 0 i
RT:65100:1000 ET:8
Route Distinguisher: 10.10.10.101:2
*> [3]:[0]:[32]:[10.10.10.101]
10.10.10.101 32768 i
ET:8 RT:65100:1000
Displayed 2 prefixes (2 paths) (of requested type)