Figure: EVPN-tunnel gateway IRB on the DC PE for an L3 EVPN/VXLAN DC shows an L3 connectivity model that optimizes the solution described in EVPN for VXLAN in IRB backhaul R-VPLS services and IP prefixes. Instead of regular IRB backhaul R-VPLS services for the connectivity of all the VPRN IRB interfaces, EVPN tunnels can be configured. The main advantage of using EVPN tunnels is that they do not need the configuration of IP addresses, as regular IRB R-VPLS interfaces do.
In addition to the ip-route-advertisement command, this model requires the configuration of the config>service>vprn>if>vpls <name> evpn-tunnel.
The example below shows a VPRN (500) with an EVPN-tunnel R-VPLS (504):
vprn 500 customer 1 create
ecmp 4
route-distinguisher 65071:500
vrf-target target:65000:500
interface "evi-504" create
vpls "evpn-vxlan-504"
evpn-tunnel
exit
exit
no shutdown
exit
vpls 504 name ‟evpn-vxlan-504” customer 1 create
allow-ip-int-bind
vxlan instance 1 vni 504 create
exit
bgp
route-distinguisher 65071:504
route-target export target:65000:504 import target:65000:504
exit
bgp-evpn
ip-route-advertisement
vxlan bgp 1 vxlan-instance 1
no shutdown
exit
exit
no shutdown
exit
A specified VPRN supports regular IRB backhaul R-VPLS services as well as EVPN tunnel R-VPLS services.
The process followed upon receiving a route-type 5 on a regular IRB R-VPLS interface differs from the one for an EVPN-tunnel type:
IRB backhaul R-VPLS VPRN interface:
When a route-type 2 that includes an IP prefix is received and it becomes active, the MAC/IP information is added to the FDB and ARP tables. This can be checked with the show router arp command and the show service id fdb detail command.
When route-type 5 is received and becomes active for the R-VPLS service, the IP prefix is added to the VPRN routing table, regardless of the existence of a route-type 2 that can resolve the gateway IP address. If a packet is received from the WAN side and the IP lookup hits an entry for which the gateway IP (IP next-hop) does not have an active ARP entry, the system uses ARP to get a MAC. If ARP is resolved but the MAC is unknown in the FDB table, the system floods into the TLS multicast list. Routes type 5 can be checked in the routing table with the show router route-table and show router fib commands.
EVPN tunnel R-VPLS VPRN interface:
When route-type 2 is received and becomes active, the MAC address is added to the FDB (only).
When a route-type 5 is received and active, the IP prefix is added to the VPRN routing table with next-hop equal to EVPN tunnel: GW-MAC.
For example, ET-d8:45:ff:00:01:35, where the GW-MAC is added from the GW-MAC extended community sent along with the route-type 5.
If a packet is received from the WAN side, and the IP lookup hits an entry for which the next-hop is a EVPN tunnel: GW-MAC, the system looks up the GW-MAC in the FDB. Usually a route-type 2 with the GW-MAC is previously received so that the GW-MAC can be added to the FDB. If the GW-MAC is not present in the FDB, the packet is dropped.
IP prefixes with GW-MACs as next-hops are displayed by the show router command, as shown below:
*A:PE71# show router 500 route-table
===============================================================================
Route Table (Service: 500)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.20.20.72/32 Remote BGP EVPN 00h23m50s 169
10.10.10.72 0
10.30.30.0/24 Remote BGP EVPN 01d11h30m 169
evi-504 (ET-d8:45:ff:00:01:35) 0
10.10.10.0/24 Remote BGP VPN 00h20m52s 170
192.0.2.69 (tunneled) 0
10.1.0.0/16 Remote BGP EVPN 00h22m33s 169
evi-504 (ET-d8:45:ff:00:01:35) 0
-------------------------------------------------------------------------------
No. of Routes: 4
The GW-MAC as well as the rest of the IP prefix BGP attributes are displayed by the show router bgp routes evpn ip-prefix command.
*A:Dut-A# show router bgp routes evpn ip-prefix prefix 3.0.1.6/32 detail
===============================================================================
BGP Router ID:10.20.1.1 AS:100 Local AS:100
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete, > - best, b - backup
===============================================================================
BGP EVPN IP-Prefix Routes
===============================================================================
-------------------------------------------------------------------------------
Original Attributes
Network : N/A
Nexthop : 10.20.1.2
From : 10.20.1.2
Res. Nexthop : 192.168.19.1
Local Pref. : 100 Interface Name : NotAvailable
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : 0
AIGP Metric : None
Connector : None
Community : target:100:1 mac-nh:00:00:01:00:01:02
bgp-tunnel-encap:VXLAN
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 10.20.1.2
Flags : Used Valid Best IGP
Route Source : Internal
AS-Path : No As-Path
EVPN type : IP-PREFIX
ESI : N/A Tag : 1
Gateway Address: 00:00:01:00:01:02
Prefix : 3.0.1.6/32 Route Dist. : 10.20.1.2:1
MPLS Label : 262140
Route Tag : 0xb
Neighbor-AS : N/A
Orig Validation: N/A
Source Class : 0 Dest Class : 0
Modified Attributes
Network : N/A
Nexthop : 10.20.1.2
From : 10.20.1.2
Res. Nexthop : 192.168.19.1
Local Pref. : 100 Interface Name : NotAvailable
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : 0
AIGP Metric : None
Connector : None
Community : target:100:1 mac-nh:00:00:01:00:01:02
bgp-tunnel-encap:VXLAN
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 10.20.1.2
Flags : Used Valid Best IGP
Route Source : Internal
AS-Path : 111
EVPN type : IP-PREFIX
ESI : N/A Tag : 1
Gateway Address: 00:00:01:00:01:02
Prefix : 3.0.1.6/32 Route Dist. : 10.20.1.2:1
MPLS Label : 262140
Route Tag : 0xb
Neighbor-AS : 111
Orig Validation: N/A
Source Class : 0 Dest Class : 0
-------------------------------------------------------------------------------
Routes : 1
===============================================================================
EVPN tunneling is also supported on IPv6 VPRN interfaces. When sending IPv6 prefixes from IPv6 interfaces, the GW-MAC in the route type 5 (IP-prefix route) is always zero. If no specific Global Address is configured on the IPv6 interface, the routes type 5 for IPv6 prefixes are always sent using the Link Local Address as GW-IP. The following example output shows an IPv6 prefix received through BGP EVPN.
*A:PE71# show router 30 route-table ipv6
===============================================================================
IPv6 Route Table (Service: 30)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
2001:db8:1000::/64 Local Local 00h01m19s 0
int-PE-71-CE-1 0
2001:db8:2000::1/128 Remote BGP EVPN 00h01m20s 169
fe80::da45:ffff:fe00:6a-"int-evi-301" 0
-------------------------------------------------------------------------------
No. of Routes: 2
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
===============================================================================
*A:PE71# show router bgp routes evpn ipv6-prefix prefix 2001:db8:2000::1/128 hunt
===============================================================================
BGP Router ID:192.0.2.71 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked
Origin codes : i - IGP, e - EGP, ? - incomplete, > - best, b - backup
===============================================================================
BGP EVPN IP-Prefix Routes
===============================================================================
-------------------------------------------------------------------------------
RIB In Entries
-------------------------------------------------------------------------------
Network : N/A
Nexthop : 192.0.2.69
From : 192.0.2.69
Res. Nexthop : 192.168.19.2
Local Pref. : 100 Interface Name : int-71-69
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : 0
AIGP Metric : None
Connector : None
Community : target:64500:301 bgp-tunnel-encap:VXLAN
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 192.0.2.69
Flags : Used Valid Best IGP
Route Source : Internal
AS-Path : No As-Path
EVPN type : IP-PREFIX
ESI : N/A Tag : 301
Gateway Address: fe80::da45:ffff:fe00:*
Prefix : 2001:db8:2000::1/128 Route Dist. : 192.0.2.69:301
MPLS Label : 0
Route Tag : 0
Neighbor-AS : N/A
Orig Validation: N/A
Source Class : 0 Dest Class : 0
Add Paths Send : Default
Last Modified : 00h41m17s
-------------------------------------------------------------------------------
RIB Out Entries
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Routes : 1
===============================================================================