Configuration examples of VLAN-Based EVPN service using MPLS Dataplane Encapsulation in Segment Routing-Enabled Juniper Network.
Complete Configuration Repository on GitHub:
https://github.com/bgphelp/blueprints/tree/master/evpn/vlan-based-mx
Network Prerequisites
In order to deploy EVPN MPLS-Based Service, you should have MPLS-enabled network with end-to-end LSP reachability between PE devices.
In this example, we will be leveraging IS-IS-based Segment Routing to build MPLS underlay infrastructure. You can also use more traditional approach by using LDP or RSVP-TE tunnels with IS-IS or OSPF IGP.
We will be using physical topology depicted below
PE devices are Juniper MX routers running 17.1R1.8.
P infrastructure is comprised of two Cisco-XR nodes running IOS XR 6.1.1 and Juniper P nodes running 17.1R1.8.
Route-Reflectors are Juniper nodes running vRR software version 16.2R1.6.
In the initial state, end-to-end LSPs are established between PE1, PE2 and PE3 devices, meaning that inet.3 table is populated with remote PEs’ loopback routes and corresponding labels.
For example:
root@PE1-vMX> show route 120.0.2.2 inet.0: 35 destinations, 37 routes (35 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 120.0.2.2/32 *[IS-IS/18] 09:10:11, metric 30 to 120.0.3.6 via ge-0/0/0.502 > to 120.0.3.8 via ge-0/0/0.504 inet.3: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 120.0.2.2/32 *[L-ISIS/14] 09:10:11, metric 30 to 120.0.3.6 via ge-0/0/0.502, Push 800202 > to 120.0.3.8 via ge-0/0/0.504, Push 800202 root@PE2-vMX> show route 120.0.2.1 inet.0: 66 destinations, 68 routes (57 active, 0 holddown, 9 hidden) + = Active Route, - = Last Active, * = Both 120.0.2.1/32 *[IS-IS/18] 09:12:35, metric 30 to 120.0.3.10 via ge-0/0/0.503 > to 120.0.3.12 via ge-0/0/0.505 inet.3: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 120.0.2.1/32 *[L-ISIS/14] 09:12:35, metric 30 to 120.0.3.10 via ge-0/0/0.503, Push 800201 > to 120.0.3.12 via ge-0/0/0.505, Push 800201
Design Goals
Our design goal is to establish Layer 2 end-to-end connectivity for four customer sites connected to three PE devices as show below. Common L3 subnet 1.1.1.0/24 will be configured on all CE devices.
Configuration Steps
IBGP Sessions
Configure IBGP Sessions between PE devices and Route-Reflectors. Enable Address Family EVPN
group IBGP-RR {
type internal;
local-address 120.0.2.1; <-- PE-Specific
family evpn {
signaling;
}
authentication-key "$9$5znCO1hKMXtuMX7-2gTz3"; ## SECRET-DATA
neighbor 120.0.1.1;
neighbor 120.0.1.2;
}
CE-facing port configuration
Configure customer-facing ports on PE devices
ge-0/0/1 { <--- Customer-Facing Port
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
unit 100 {
encapsulation vlan-bridge;
vlan-id 100;
}
Configure Bridge Domain
Configure Bridge domain for customer’s VLAN:
BD100 {
instance-type evpn;
interface ge-0/0/1.100;
route-distinguisher 120.0.2.1:100;
vrf-target target:100:100;
protocols {
evpn;
}
}
Service Verification Steps
IBGP Sessions
On the route-reflectors, make sure that all IBGP sessions are established and EVPN routes are being exchanged:
root@RR1> show bgp summary ... 120.0.2.1 100 15 9 0 2 4:36 Establ bgp.evpn.0: 1/1/1/0 120.0.2.2 100 102 91 0 0 41:17 Establ bgp.evpn.0: 1/1/1/0 120.0.2.5 100 22 16 0 3 7:19 Establ bgp.evpn.0: 1/1/1/0
Bridge Table is populated with CEs’ mac addresses
Summary Information:
root@PE1-vMX> show evpn database Instance: BD100 VLAN DomainId MAC address Active source 00:0c:29:4c:7d:59 ge-0/0/1.100 ... 00:0c:29:82:c2:a9 120.0.2.5 ... 00:0c:29:8a:79:e8 120.0.2.2 ... 00:0c:29:de:e3:64 120.0.2.2 ...
MAC Addresses to Labels Mapping
root@PE1-vMX> show evpn database extensive Instance: BD100 MAC address:: 00:0c:29:4c:7d:59 Source: ge-0/0/1.100, Rank: 1, Status: Active Timestamp: Mar 22 14:22:30 (0x58d288a6) State: <Local-MAC-Only Local-To-Remote-Adv-Allowed> MAC address:: 00:0c:29:82:c2:a9 Nexthop ID: 1048576 Source: 120.0.2.5, Rank: 1, Status: Active MAC label: 300096 Timestamp: Mar 22 14:22:31 (0x58d288a7) State: <Remote-To-Local-Adv-Done> MAC address:: 00:0c:29:8a:79:e8 Nexthop ID: 1048579 Source: 120.0.2.2, Rank: 1, Status: Active MAC label: 299776 Timestamp: Mar 22 14:31:31 (0x58d28ac3) State: <Remote-To-Local-Adv-Done> MAC address:: 00:0c:29:de:e3:64 Nexthop ID: 1048579 Source: 120.0.2.2, Rank: 1, Status: Active MAC label: 299776 Timestamp: Mar 22 14:31:31 (0x58d28ac3) State: <Remote-To-Local-Adv-Done>
EVPN Instance Information
root@PE1-vMX> show evpn instance BD100 extensive Instance: BD100 Route Distinguisher: 120.0.2.1:100 Service interface type: VLAN-bundle service interface Per-instance MAC route label: 299824 MAC database status Local Remote MAC advertisements: 1 3 MAC+IP advertisements: 0 0 Default gateway MAC advertisements: 0 0 ...
IBGP EVPN Advertisements towards Route-Reflectors
root@PE1-vMX> show route advertising-protocol bgp 120.0.1.1 extensive BD100.evpn.0: 7 destinations, 12 routes (7 active, 0 holddown, 0 hidden) * 2:120.0.2.1:100::0::00:0c:29:4c:7d:59/304 MAC/IP <-- Type 2 BGP group IBGP-RR type Internal Route Distinguisher: 120.0.2.1:100 Route Label: 299824 ESI: 00:00:00:00:00:00:00:00:00:00 Nexthop: Self Flags: Nexthop Change Localpref: 100 AS path: [100] I Communities: target:100:100 * 3:120.0.2.1:100::0::120.0.2.1/304 IM <-- Type 3 BGP group IBGP-RR type Internal Route Distinguisher: 120.0.2.1:100 Route Label: 299840 PMSI: Flags 0x0: Label 299840: Type INGRESS-REPLICATION 120.0.2.1 Nexthop: Self Flags: Nexthop Change Localpref: 100 AS path: [100] I Communities: target:100:100 PMSI: Flags 0x0: Label 299840: Type INGRESS-REPLICATION 120.0.2.1
Complete Configuration
Complete Configuration Repository on GitHub:
https://github.com/bgphelp/blueprints/tree/master/evpn/vlan-based-mx
For more information on EVPN, please refer to our other articles on this topic: