The Interconnect Ethernet Segment (I-ES) of network-interconnect-vxlan Ethernet Segment is described in Interconnect Ethernet-Segment Solution for Dual BGP Instance Services. I-ES’es are also supported on VPLS and R-VPLS services with two EVPN-VXLAN instances.
Figure 1 illustrates the use of an I-ES in a dual EVPN-VXLAN instance service.
Similar to (single-instance) EVPN-VXLAN all-active multi-homing, the BUM forwarding procedures follow the ‟Local Bias” behavior.
At the ingress PE these are the forwarding rules for EVPN-VXLAN services:
the no send-imet-ir-on-ndf or rx-discard-on-ndf bum command should be enabled so that the NDF does not forward any BUM traffic.
BUM frames received on any SAP or I-ES VXLAN binding are flooded to:
local non-ES and single-active DF ES SAPs
local all-active ES SAPs (DF and NDF)
EVPN-VXLAN destinations
BUM received on an I-ES vxlan binding follows SHG rules, for example, it can only be forwarded to EVPN-VXLAN destinations that belong to the other vxlan-instance (instance 2), therefore different SHG.
As an example, in Figure 1:
GW1 and GW2 are configured with no send-imet-ir-on-ndf.
TOR1 generates BUM traffic that only reaches GW1 (DF).
GW1 forwards to CE1 and EVPN-VXLAN destinations.
These are the forwarding rules at the egress PE:
The source VTEP is looked up for BUM frames received on EVPN-VXLAN.
If the source VTEP matches one of the PEs with which the local PE shares an ES _AND_ a VXLAN service:
Then the local PE does not forward to the shared local ES’es (this includes port, lag, or network-interconnect-vxlan ES’es). It forwards though to non-shared ES SAPs unless they are in NDF state.
Else, the local PE forwards normally to local ES’es unless they are in NDF state.
-
Note that because there is no multicast label or multicast B-MAC in VXLAN, the only way the egress PE can identify BUM traffic is by looking at the customer MAC DA. Therefore, BM or unknown MAC DAs identify BUM traffic.
As an example, in Figure 1:
GW2 receives BUM on EVPN-VXLAN. GW2 identifies the source VTEP as a PE with which the I-ES-1 is shared, therefore it does not forward the BUM frames to the local I-ES. It forwards to the non-shared ES and local SAPs though (CE2).
GW3 receives BUM on EVPN-VXLAN, however the source VTEP does not match any PE with which GW3 shares an ES. Hence GW3 forwards to all local ES’es that are DF, in other words, CE3.
The following configuration example shows how I-ES-1 would be provisioned on DGW1 and the association between I-ES to a specified VPLS service. A similar configuration would occur on DC GW2 in the I-ES.
I-ES configuration:
*A:GW1>config>service>system>bgp-evpn>eth-seg# info
----------------------------------------------
esi 00:23:23:23:23:23:23:00:00:01
service-carving
mode manual
manual
preference non-revertive create
value 150
exit
evi 101 to 200
exit
exit
multi-homing all-active
network-interconnect-vxlan 1
service-id
service-range 1
service-range 1000 to 1002
service-range 2000
exit
no shutdown
Service configuration:
*A:GW1>config>service>vpls# info
----------------------------------------------
vxlan instance 1 vni 1000 create
rx-discard-on-ndf bum
exit
vxlan instance 2 vni 1002 create
exit
bgp
route-target export target:64500:1000 import target:64500:1000
exit
bgp 2
route-distinguisher auto-rd
route-target export target:64500:1002 import target:64500:1002
exit
bgp-evpn
evi 1000
vxlan bgp 1 vxlan-instance 1
ecmp 2
default-route-tag 100
auto-disc-route-advertisement
no shutdown
exit
vxlan bgp 2 vxlan-instance 2
ecmp 2
default-route-tag 200
auto-disc-route-advertisement
mh-mode network
no shutdown
exit
exit
no shutdown
For information about how the EVPN routes are processed and advertised in a I-ES, see the Interconnect Ethernet-Segment Solution for Dual BGP Instance Services.