EVPN MPLS, as described in EVPN for MPLS Tunnels, uses ESI-labels to identify the BUM traffic sourced from a specified ES. The egress PE performs a label lookup to find the ESI label below the EVI label and to determine if a frame can be forwarded to a local ES. Because VXLAN does not support ESI-labels, or any MPLS label for that matter, the split-horizon filtering must be based on the tunnel source IP address. This also implies that the SAP-to-SAP forwarding rules must be changed when the SAPs belong to local ESs, irrespective of the DF state. This new forwarding is what RFC 8365 refers to as local bias. Figure 1 illustrates the local bias forwarding behavior.
Local bias is based on the following principles.
Every PE knows the IP addresses associated with the other PEs with which it has shared multihomed ESs.
When the PE receives a BUM frame from a VXLAN bind, it looks up the source IP address in the tunnel header and filters out the frame on all local interfaces connected to ESs that are shared with the ingress PE.
With this approach, the ingress PE must perform replication locally to all directly-attached ESs (regardless of the DF Election state) for all flooded traffic coming from the access interfaces. BUM frames received on any SAP are flooded to:
local non-ES SAPs and non-ES SDP-binds
local all-active ES SAPs (DF and NDF)
local single-active ES SDP-binds and SAPs (DF only)
EVPN-VXLAN destinations
As an example, in Figure 1, PE2 receives BUM traffic from Host-3 and it forwards it to the remote PEs and the local ES SAP, even though the SAP is in NDF state.
The following rules apply to egress PE forwarding for EVPN-VXLAN services.
The source VTEP is looked up for BUM frames received on EVPN-VXLAN.
If the source VTEP matches one of the PEs with which the local PE shares both an ES and a VXLAN service:
then the local PE is not forwarded to the shared ES local SAPs
the local PE forwards normally to ES SAPs unless they are in NDF state
Because there is no multicast label or multicast B-MAC in VXLAN, the egress PE only identifies BUM traffic using the customer MAC DA; as a result, BM or unknown MAC DAs identify BUM traffic.
For example, in Figure 1, PE3 receives BUM traffic on VXLAN. PE3 identifies the source VTEP as a PE with which two ESs are shared, therefore it does not forward the BUM frames to the two shared ESs. It forwards to the non-shared ES (Host-5) because it is in DF state. PE4 receives BUM traffic and forwards it based on normal rules because it does not share any ESs with PE2.
The following command can be used to check whether the local PE has enabled the local bias procedures for a specific ES:
A:PE-2# tools dump service system bgp-evpn ethernet-segment "ES-1" local-bias
-------------------------------------------------------------------------------
[04/01/2019 08:45:08] Vxlan Local Bias Information
----------------------------------------------------------------------+--------
Peer | Enabled
----------------------------------------------------------------------+--------
192.0.2.3 | Yes
-------------------------------------------------------------------------------