Mailing List Archive: evpn with vrf

evpn with vrf

Jan 15, 2019, 6:28 PM

Post #1 of 4 (918 views)

I wanted to share some thoughts and new experiences with you all,

I've been learning evpn in the lab in preparation for using it to connect a
couple data centers. I think this would be known as evpn-mpls (and not
evpn-vxlan, as I've heard "evpn-vxlan" mentioned in the same breath over and
over and over again in video's, conferences, etc. I began thinking evpn
didn't exist apart from the acronym "vxlan" but I'm pretty sure I understand
that vxlan is only one of a few different data planes that evpn can make use
of.. mpls, pbb, vxlan)

I think the evpn flavor I'm working with is known as "vlan-aware bundle
service" where you use routing-instance instance-type virtual-switch with
subordinate bridge-domains.I've also followed a book I was reading and added
a routing-instance instance-type vrf with the irb inside both routing
instances (this irb seems to be an integral part of the "glue" that
integrates these two instances together)

On the PE-CE edge interface, where mac addresses are traditionally learned,
I'm blown away at how evpn-learned mac addresses are automatically copied
into the vrf routing table as /32's and then of course once there, auto
exported using basic vrf route-targets. then the remote vrf-only pe's have a
/32 absolute way back to the host at the exact dc evpn pe where it was
advertised.

.I've read something about this a few times, but to see how it works is
eye-opening.

I have more to learn I'm sure. If you have anything to add, I'm all ears
..or, eyes, you know : )

-Aaron

_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: evpn with vrf [ In reply to ]

aaron1 at gvtc

Jun 10, 2019, 1:21 PM

Post #2 of 4 (861 views)

Permalink

Seems that I get an auto-export from evpn-learned destinations auto exported
as /32's into the vrf that the IRB is attached to.

Is this possibly with inet.0 global route table?

In other words, in a vrf table I see evpn-learned routes listed like this...

172.223.10.10/32 *[EVPN/7] 00:00:03
> via irb.0

... how would I get this same behavior if the irb.0 interface was in inet.0
routing domain and not vrf ?

-Aaron

Details.....

root@stlr-960-e> show evpn database
Instance: 10
VLAN DomainId MAC address Active source Timestamp
IP address
10 00:00:00:00:00:01 irb.0 Jun 10
15:13:59 172.223.10.1

172.223.10.5
10 00:50:79:66:68:21 ae141.0 Jun 10
15:12:06
10 00:50:79:66:68:23 ae141.0 Jun 10
15:10:53
10 02:05:86:71:f1:02 10.103.128.9 Jun 10
14:10:25

root@stlr-960-e> show route table one.inet.0

one.inet.0: 3 destinations, 4 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

172.223.10.0/24 *[Direct/0] 00:00:38
> via irb.0
[Direct/0] 00:00:38
> via irb.0
172.223.10.1/32 *[Local/0] 00:00:38
Local via irb.0
172.223.10.5/32 *[Local/0] 00:00:38
Local via irb.0

root@stlr-960-e> ping 172.223.10.10 routing-instance one
PING 172.223.10.10 (172.223.10.10): 56 data bytes
64 bytes from 172.223.10.10: icmp_seq=0 ttl=64 time=391.814 ms
64 bytes from 172.223.10.10: icmp_seq=1 ttl=64 time=118.886 ms
^C
--- 172.223.10.10 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 118.886/255.350/391.814/136.464 ms

root@stlr-960-e> show route table one.inet.0

one.inet.0: 4 destinations, 5 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

172.223.10.0/24 *[Direct/0] 00:00:58
> via irb.0
[Direct/0] 00:00:58
> via irb.0
172.223.10.1/32 *[Local/0] 00:00:58
Local via irb.0
172.223.10.5/32 *[Local/0] 00:00:58
Local via irb.0
172.223.10.10/32 *[EVPN/7] 00:00:03
> via irb.0

root@stlr-960-e>

root@stlr-960-e> ping 172.223.10.20 routing-instance one
PING 172.223.10.20 (172.223.10.20): 56 data bytes
64 bytes from 172.223.10.20: icmp_seq=0 ttl=64 time=437.254 ms
64 bytes from 172.223.10.20: icmp_seq=1 ttl=64 time=161.525 ms
^C
--- 172.223.10.20 ping statistics ---
3 packets transmitted, 2 packets received, 33% packet loss
round-trip min/avg/max/stddev = 161.525/299.389/437.254/137.865 ms

root@stlr-960-e> show route table one.inet.0

one.inet.0: 5 destinations, 6 routes (5 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

172.223.10.0/24 *[Direct/0] 00:01:11
> via irb.0
[Direct/0] 00:01:11
> via irb.0
172.223.10.1/32 *[Local/0] 00:01:11
Local via irb.0
172.223.10.5/32 *[Local/0] 00:01:11
Local via irb.0
172.223.10.10/32 *[EVPN/7] 00:00:16
> via irb.0
172.223.10.20/32 *[EVPN/7] 00:00:03
> via irb.0

root@stlr-960-e>

_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: evpn with vrf [ In reply to ]

jason-jnsp at lixfeld

Jun 10, 2019, 3:15 PM

Post #3 of 4 (861 views)

Permalink

So JunOS supports draft-rabadan-sajassi-bess-evpn-ipvpn-interworking-02 then?

> On Jun 10, 2019, at 4:21 PM, Aaron Gould <aaron1@gvtc.com> wrote:
>
> Seems that I get an auto-export from evpn-learned destinations auto exported
> as /32's into the vrf that the IRB is attached to.
>
> Is this possibly with inet.0 global route table?
>
> In other words, in a vrf table I see evpn-learned routes listed like this...
>
> 172.223.10.10/32 *[EVPN/7] 00:00:03
>> via irb.0
>
> ... how would I get this same behavior if the irb.0 interface was in inet.0
> routing domain and not vrf ?
>
> -Aaron
>
>
>
>
>
> Details.....
>
>
> root@stlr-960-e> show evpn database
> Instance: 10
> VLAN DomainId MAC address Active source Timestamp
> IP address
> 10 00:00:00:00:00:01 irb.0 Jun 10
> 15:13:59 172.223.10.1
>
> 172.223.10.5
> 10 00:50:79:66:68:21 ae141.0 Jun 10
> 15:12:06
> 10 00:50:79:66:68:23 ae141.0 Jun 10
> 15:10:53
> 10 02:05:86:71:f1:02 10.103.128.9 Jun 10
> 14:10:25
>
> root@stlr-960-e> show route table one.inet.0
>
> one.inet.0: 3 destinations, 4 routes (3 active, 0 holddown, 0 hidden)
> + = Active Route, - = Last Active, * = Both
>
> 172.223.10.0/24 *[Direct/0] 00:00:38
>> via irb.0
> [Direct/0] 00:00:38
>> via irb.0
> 172.223.10.1/32 *[Local/0] 00:00:38
> Local via irb.0
> 172.223.10.5/32 *[Local/0] 00:00:38
> Local via irb.0
>
> root@stlr-960-e> ping 172.223.10.10 routing-instance one
> PING 172.223.10.10 (172.223.10.10): 56 data bytes
> 64 bytes from 172.223.10.10: icmp_seq=0 ttl=64 time=391.814 ms
> 64 bytes from 172.223.10.10: icmp_seq=1 ttl=64 time=118.886 ms
> ^C
> --- 172.223.10.10 ping statistics ---
> 2 packets transmitted, 2 packets received, 0% packet loss
> round-trip min/avg/max/stddev = 118.886/255.350/391.814/136.464 ms
>
> root@stlr-960-e> show route table one.inet.0
>
> one.inet.0: 4 destinations, 5 routes (4 active, 0 holddown, 0 hidden)
> + = Active Route, - = Last Active, * = Both
>
> 172.223.10.0/24 *[Direct/0] 00:00:58
>> via irb.0
> [Direct/0] 00:00:58
>> via irb.0
> 172.223.10.1/32 *[Local/0] 00:00:58
> Local via irb.0
> 172.223.10.5/32 *[Local/0] 00:00:58
> Local via irb.0
> 172.223.10.10/32 *[EVPN/7] 00:00:03
>> via irb.0
>
> root@stlr-960-e>
>
> root@stlr-960-e> ping 172.223.10.20 routing-instance one
> PING 172.223.10.20 (172.223.10.20): 56 data bytes
> 64 bytes from 172.223.10.20: icmp_seq=0 ttl=64 time=437.254 ms
> 64 bytes from 172.223.10.20: icmp_seq=1 ttl=64 time=161.525 ms
> ^C
> --- 172.223.10.20 ping statistics ---
> 3 packets transmitted, 2 packets received, 33% packet loss
> round-trip min/avg/max/stddev = 161.525/299.389/437.254/137.865 ms
>
> root@stlr-960-e> show route table one.inet.0
>
> one.inet.0: 5 destinations, 6 routes (5 active, 0 holddown, 0 hidden)
> + = Active Route, - = Last Active, * = Both
>
> 172.223.10.0/24 *[Direct/0] 00:01:11
>> via irb.0
> [Direct/0] 00:01:11
>> via irb.0
> 172.223.10.1/32 *[Local/0] 00:01:11
> Local via irb.0
> 172.223.10.5/32 *[Local/0] 00:01:11
> Local via irb.0
> 172.223.10.10/32 *[EVPN/7] 00:00:16
>> via irb.0
> 172.223.10.20/32 *[EVPN/7] 00:00:03
>> via irb.0
>
> root@stlr-960-e>
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: evpn with vrf [ In reply to ]

aaron1 at gvtc

Jun 11, 2019, 3:09 PM

Post #4 of 4 (858 views)

Permalink

By the looks of it, seems so.

EVPN Interworking with IPVPN

draft-rabadan-sajassi-bess-evpn-ipvpn-interworking-02

Abstract

EVPN is used as a unified control plane for tenant network intra and

inter-subnet forwarding. When a tenant network spans not only EVPN

domains but also domains where IPVPN provides inter-subnet

forwarding, there is a need to specify the interworking aspects

between both EVPN and IPVPN domains, so that the end to end tenant

connectivity can be accomplished. This document specifies how EVPN

should interwork with VPN-IPv4/VPN-IPv6 and IPv4/IPv6 BGP families

for inter-subnet forwarding.

_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp