EVPN MPLS VLAN-Based Configuration

Configuration examples of VLAN-Based EVPN service using MPLS Dataplane Encapsulation in Segment Routing-Enabled Juniper Network.

Complete Configuration Repository on GitHub:

https://github.com/bgphelp/blueprints/tree/master/evpn/vlan-based-mx

Network Prerequisites

In order to deploy EVPN MPLS-Based Service, you should have MPLS-enabled network with end-to-end LSP reachability between PE devices.

In this example, we will be leveraging IS-IS-based Segment Routing to build MPLS underlay infrastructure. You can also use more traditional approach by using LDP or RSVP-TE tunnels with IS-IS or OSPF IGP.

We will be using physical topology depicted below

Juniper VLAN-Based EVPN Topology
Juniper VLAN-Based EVPN Topology

PE devices are Juniper MX routers running 17.1R1.8.

P infrastructure is comprised of two Cisco-XR nodes running IOS XR 6.1.1 and Juniper P nodes running 17.1R1.8.

Route-Reflectors are Juniper nodes running vRR software version 16.2R1.6.

In the initial state, end-to-end LSPs are established between PE1, PE2 and PE3 devices, meaning that inet.3 table is populated with remote PEs’ loopback routes and corresponding labels.

For example:

[email protected]> show route 120.0.2.2

inet.0: 35 destinations, 37 routes (35 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

120.0.2.2/32       *[IS-IS/18] 09:10:11, metric 30
                      to 120.0.3.6 via ge-0/0/0.502
                    > to 120.0.3.8 via ge-0/0/0.504

inet.3: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

120.0.2.2/32       *[L-ISIS/14] 09:10:11, metric 30
                      to 120.0.3.6 via ge-0/0/0.502, Push 800202
                    > to 120.0.3.8 via ge-0/0/0.504, Push 800202


[email protected]-vMX> show route 120.0.2.1
inet.0: 66 destinations, 68 routes (57 active, 0 holddown, 9 hidden)
+ = Active Route, - = Last Active, * = Both

120.0.2.1/32       *[IS-IS/18] 09:12:35, metric 30
                      to 120.0.3.10 via ge-0/0/0.503
                    > to 120.0.3.12 via ge-0/0/0.505

inet.3: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

120.0.2.1/32       *[L-ISIS/14] 09:12:35, metric 30
                      to 120.0.3.10 via ge-0/0/0.503, Push 800201
                    > to 120.0.3.12 via ge-0/0/0.505, Push 800201

Design Goals

Our design goal is to establish Layer 2 end-to-end connectivity for four customer sites connected to three PE devices as show below. Common L3 subnet 1.1.1.0/24 will be configured on all CE devices.

Juniper VLAN-Based EVPN Topology on MX with CE
EVPN CE Connectivity

Configuration Steps

IBGP Sessions

Configure IBGP Sessions between PE devices and Route-Reflectors. Enable Address Family EVPN

group IBGP-RR {
    type internal;
    local-address 120.0.2.1;   <-- PE-Specific
    family evpn {
        signaling;
    }
    authentication-key "$9$5znCO1hKMXtuMX7-2gTz3"; ## SECRET-DATA
    neighbor 120.0.1.1;
    neighbor 120.0.1.2;
}

CE-facing port configuration

Configure customer-facing ports on PE devices

ge-0/0/1 {    <--- Customer-Facing Port 
    flexible-vlan-tagging;
    encapsulation flexible-ethernet-services;
    unit 100 {
        encapsulation vlan-bridge;
        vlan-id 100;
    }

Configure Bridge Domain

Configure Bridge domain for customer’s VLAN:

BD100 {
    instance-type evpn;
    interface ge-0/0/1.100;
    route-distinguisher 120.0.2.1:100;
    vrf-target target:100:100;
    protocols {
        evpn;
    }
}

Service Verification Steps

IBGP Sessions

On the route-reflectors, make sure that all IBGP sessions are established and EVPN routes are being exchanged:

[email protected]> show bgp summary
...

120.0.2.1     100      15          9       0       2        4:36 Establ
  bgp.evpn.0: 1/1/1/0

120.0.2.2     100     102         91       0       0       41:17 Establ
  bgp.evpn.0: 1/1/1/0

120.0.2.5     100     22         16       0       3        7:19 Establ
  bgp.evpn.0: 1/1/1/0

Bridge Table is populated with CEs’ mac addresses

Summary Information:

[email protected]> show evpn database
Instance: BD100
VLAN  DomainId  MAC address        Active source                  
                00:0c:29:4c:7d:59  ge-0/0/1.100     ...             
                00:0c:29:82:c2:a9  120.0.2.5        ...           
                00:0c:29:8a:79:e8  120.0.2.2        ...              
                00:0c:29:de:e3:64  120.0.2.2        ...              

 

MAC Addresses to Labels Mapping

[email protected]> show evpn database extensive
Instance: BD100

MAC address:: 00:0c:29:4c:7d:59
  Source: ge-0/0/1.100, Rank: 1, Status: Active
    Timestamp: Mar 22 14:22:30 (0x58d288a6)
    State: <Local-MAC-Only Local-To-Remote-Adv-Allowed>


MAC address:: 00:0c:29:82:c2:a9
Nexthop ID: 1048576
  Source: 120.0.2.5, Rank: 1, Status: Active
    MAC label: 300096
    Timestamp: Mar 22 14:22:31 (0x58d288a7)
    State: <Remote-To-Local-Adv-Done>


MAC address:: 00:0c:29:8a:79:e8
Nexthop ID: 1048579
  Source: 120.0.2.2, Rank: 1, Status: Active
    MAC label: 299776
    Timestamp: Mar 22 14:31:31 (0x58d28ac3)
    State: <Remote-To-Local-Adv-Done>


MAC address:: 00:0c:29:de:e3:64
Nexthop ID: 1048579
  Source: 120.0.2.2, Rank: 1, Status: Active
    MAC label: 299776
    Timestamp: Mar 22 14:31:31 (0x58d28ac3)
    State: <Remote-To-Local-Adv-Done>

 

EVPN Instance Information

[email protected]> show evpn instance BD100 extensive

Instance: BD100
  Route Distinguisher: 120.0.2.1:100
  Service interface type: VLAN-bundle service interface

  Per-instance MAC route label: 299824
  MAC database status                     Local  Remote
    MAC advertisements:                       1       3
    MAC+IP advertisements:                    0       0
    Default gateway MAC advertisements:       0       0

  ...

IBGP EVPN Advertisements towards Route-Reflectors

[email protected]> show route advertising-protocol bgp 120.0.1.1 extensive

BD100.evpn.0: 7 destinations, 12 routes (7 active, 0 holddown, 0 hidden)

* 2:120.0.2.1:100::0::00:0c:29:4c:7d:59/304 MAC/IP  <-- Type 2

 BGP group IBGP-RR type Internal
     Route Distinguisher: 120.0.2.1:100
     Route Label: 299824
     ESI: 00:00:00:00:00:00:00:00:00:00
     Nexthop: Self
     Flags: Nexthop Change
     Localpref: 100
     AS path: [100] I
     Communities: target:100:100


* 3:120.0.2.1:100::0::120.0.2.1/304 IM <-- Type 3
 BGP group IBGP-RR type Internal
     Route Distinguisher: 120.0.2.1:100
     Route Label: 299840
     PMSI: Flags 0x0: Label 299840: Type INGRESS-REPLICATION 120.0.2.1
     Nexthop: Self
     Flags: Nexthop Change
     Localpref: 100
     AS path: [100] I
     Communities: target:100:100
     PMSI: Flags 0x0: Label 299840: Type INGRESS-REPLICATION 120.0.2.1

Complete Configuration

Complete Configuration Repository on GitHub:

https://github.com/bgphelp/blueprints/tree/master/evpn/vlan-based-mx

For more information on EVPN, please refer to our other articles on this topic:

http://www.bgphelp.com/tag/evpn/

Leave a Reply

Your email address will not be published. Required fields are marked *