Virtual Ethernet Segments

SR OS supports virtual Ethernet Segments (vES) for EVPN multi-homing in accordance with draft-ietf-bess-evpn-virtual-eth-segment.

Regular ESs can only be associated with ports, LAGs, and SDPs, which satisfies the redundancy requirements for CEs that are directly connected to the ES PEs by a port, LAG, or SDP. However, this implementation does not work when an aggregation network exists between the CEs and the ES PEs, which requires different ESs to be defined for the port or LAG of the SDP.

Figure 1 shows an example of how CE1 and CE2 use all-active multi-homing to the EVPN-MPLS network despite the third-party Ethernet aggregation network to which they are connected.

Figure 1. All-Active Multi-Homing on vES

The ES association can be made in a more granular way by creating a vES. A vES can be associated with the following:

qtag-ranges on dot1q ports or LAGs
S-tag-ranges on qinq ports or LAGs
C-tag-ranges per s-tag on qinq ports or LAGs
VC-ID ranges on SDPs

The following CLI examples show the vES configuration options:

config>service>system>bgp-evpn#
...
ethernet-segment vES-1 virtual create
 lag 1 
 dot1q 
   qtag-range 100 to 200
...
ethernet-segment vES-2 virtual create
 port 1/1/1 
 qinq
   s-tag 1 c-tag-range 100 to 200
   s-tag-range 2 to 10
...
ethernet-segment vES-3 virtual create
 sdp 1 
 vc-id-range 1000 to 2000
...

Where:

The virtual keyword creates an ES as defined in draft-sajassi-bess-evpn-virtual-eth-segment. The configuration of the dot1q or qinq nodes is allowed only when the ES is created as virtual.
On the vES, the user must first create a port, LAG, or SDP before configuring a VLAN or VC-ID association. When added, the port/LAG type and encap-type is checked as follows:
- If the encap-type is dot1q, only the dot1q context configuration is allowed; the qinq context cannot be configured.
- If the encap-type is qinq, only the qinq node is allowed; the dot1q context cannot be configured.
- A dot1q, qinq, or vc-id range is required for the vES to become operationally active.
The dot1q qtag-range <qtag1> [to qtag1] command determines which VIDs are associated with the vES on a specific dot1q port or LAG. The group of SAPs that match the configured port/LAG and VIDs is part of the vES.
The qinq s-tag-range <qtag1> [to qtag1] command determines which outer VIDs are associated with the vES on the qinq port or LAG.
The qinq s-tag <qtag1> c-tag-range to <qtag2> [<qtag2>] command determines which inner c-tags per s-tag is associated with the vES on the qinq port or LAG.
The vc-id range <vcid> [to vc-id] command determines which VC ids are associated with the vES on the configured SDP.

Although qtag values 0, * and 1 to 4094 are allowed, the following considerations must be taken in to account when configuring a dot1q or qinq vES:

Up to 8 dot1q or qinq ranges may be configured in the same vES.

When configuring a qinq vES, a qtag included in a s-tag-range cannot be included in the s-tag qtag of the s-tag qtag1 c-tag-range qtag2 [to qtag2] command. For example, the following combination is not supported in the same vES:

s-tag-range 350 to 500
s-tag 500 c-tag-range 100 to 200

The following example shows a supported combination:

*A:PE75>config>service>system>bgp-evpn>eth-seg>qinq# info
----------------------------------------------
                s-tag-range 100 to 200
                s-tag-range 300 to 400
                s-tag 500 c-tag-range 100 to 200
                s-tag 600 c-tag-range 100 to 200
                s-tag 600 c-tag-range 150 to 200

vES associations that contain qtags <0, *, null> are special and treated as follows:
- When a special qtag value is configured in the from value of the range, the to value must be the same.
- qtag values <0, *> are only supported for the qtag-range and c-tag-range; they are not supported in the s-tag-range.
- The qtag ‟null” value is only supported in the c-tag-range if the s-tag is configured as ‟*”.

Table 1 lists examples of the supported qtag values between 1 to 4094.

Table 1. Examples of Supported qtag Values
vES Configuration for Port 1/1/1	SAP Association
dot1q qtag-range 100	1/1/1:100
dot1q qtag-range 100 to 102	1/1/1:100, 1/1/1:101, 1/1/1:102
qinq s-tag 100 c-tag-range 200	1/1/1:100.200
qinq s-tag-range 100	All the SAPs 1/1/1:100.x where: x is a value between 1 to 4094, 0, *
qinq s-tag-range 100 to 102	All SAPs 1/1/1:100.x, 1/1/1:101.x, 1/1/1:102.x where: x is a value between 1 to 4094, 0, *

Table 2 lists all the supported combinations that include qtag values <0, *, null>. Any other combination of these special values is not supported.

Table 2. Examples of Supported Combinations
vES Configuration for Port 1/1/1	SAP Association
dot1q qtag-range 0	1/1/1:0
dot1q qtag-range *	1/1/1:*
qinq s-tag 0 c-tag-range *	1/1/1:0.*
qinq s-tag * c-tag-range *	1/1/1:.
qinq s-tag * c-tag-range null	1/1/1:*.null
qinq s-tag x c-tag-range 0	1/1/1:x.0 where: x is a value between 1 to 4094
qinq s-tag x c-tag-range *	1/1/1:x.* where: x is a value between 1 to 4094

On vESs, the single-active and all-active modes are supported for EVPN-MPLS VPLS, Epipe, and PBB-EVPN services. Single-active multi-homing is supported on port and SDP-based vESs, and all-active multi-homing is only supported on LAG-based vESs.

The following considerations apply if the vES is used with PBB-EVPN services:

B-MAC allocation procedures are the same as the regular ES procedures.

Note: Two all-active vESs must use different ES B-MACs, even if they are defined in the same LAG.
The vES implements C-MAC flush procedures described in RFC 7623. Optionally, the ISID-based C-MAC flush can be used for cases where the single-active vES does not use ES B-MAC allocation.