Mailing List Archive

EVPN - BGP attribute propagation on MXes
Hi folks,

Does anyone have implemented BGP attribute propagation using EVPN route
type-5?
We're trying to get BGP community propagation over an EVPN L3VNI, but so
far we had no luck. I've no idea if there's any knob to enable this.

Our use-case is to connect BGP islands through an EVPN backbone, and we
expect BGP attributes, such as communities, to be propagated over the
backbone. Pretty much standard IP-VPN behavior. Also referenced here:
https://tools.ietf.org/html/draft-rabadan-sajassi-bess-evpn-ipvpn-interworking-02#section-4.2

I'm not sure if this is actually supported on Juniper. We're
running 17.3R3-S2.2.

Best,
Guillermo
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: EVPN - BGP attribute propagation on MXes [ In reply to ]
? 1 juillet 2019 16:38 +02, Guillermo Fernando Cotone <guillermo.cotone@gmail.com>:

> Does anyone have implemented BGP attribute propagation using EVPN route
> type-5?
> We're trying to get BGP community propagation over an EVPN L3VNI, but so
> far we had no luck. I've no idea if there's any knob to enable this.
>
> Our use-case is to connect BGP islands through an EVPN backbone, and we
> expect BGP attributes, such as communities, to be propagated over the
> backbone. Pretty much standard IP-VPN behavior. Also referenced here:
> https://tools.ietf.org/html/draft-rabadan-sajassi-bess-evpn-ipvpn-interworking-02#section-4.2
>
> I'm not sure if this is actually supported on Juniper. We're
> running 17.3R3-S2.2.

We didn't had any luck either with 18.1R3-S5 on QFX. I didn't push the
issue to JTAC as we have found another way to implement what we wanted.
--
He jests at scars who never felt a wound.
-- Shakespeare, "Romeo and Juliet, II. 2"
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: EVPN - BGP attribute propagation on MXes [ In reply to ]
> Guillermo Fernando Cotone
> Sent: Monday, July 1, 2019 3:39 PM
>
> Hi folks,
>
> Does anyone have implemented BGP attribute propagation using EVPN
> route type-5?
> We're trying to get BGP community propagation over an EVPN L3VNI, but so
> far we had no luck. I've no idea if there's any knob to enable this.
>
> Our use-case is to connect BGP islands through an EVPN backbone, and we
> expect BGP attributes, such as communities, to be propagated over the
> backbone. Pretty much standard IP-VPN behavior. Also referenced here:
> https://tools.ietf.org/html/draft-rabadan-sajassi-bess-evpn-ipvpn-
> interworking-02#section-4.2
>
> I'm not sure if this is actually supported on Juniper. We're running
17.3R3-
> S2.2.
>
I'm sorry, we discovered too many "you're router might explode TM" bugs in
the recent SURR (again) so nope still don't feel at all comfortable to run
EVPN on Junos in production.
This is our 3rd code upgrade over the years where we're trying to get EVPN
working as its supposed to, but I'm starting to think that Juniper is just
not the right vendor for running EVPN, they will get there eventually, just
not ready, still.

adam

_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: EVPN - BGP attribute propagation on MXes [ In reply to ]
Hello,

On 01/07/2019 15:38, Guillermo Fernando Cotone wrote:
> Our use-case is to connect BGP islands through an EVPN backbone, and we
> expect BGP attributes, such as communities, to be propagated over the
> backbone. Pretty much standard IP-VPN behavior. Also referenced here:
> https://tools.ietf.org/html/draft-rabadan-sajassi-bess-evpn-ipvpn-interworking-02#section-4.2
>
> I'm not sure if this is actually supported on Juniper. We're
> running 17.3R3-S2.2.

Are You terminating PE-CE BGP on IRB interface on PE side? This is
supported from  19.2R1

https://www.juniper.net/documentation/en_US/junos/information-products/topic-collections/release-notes/19.2/jd0e4828.html#jd0e4903


Thanks

Alex

_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: EVPN - BGP attribute propagation on MXes [ In reply to ]
Hi Alexander,

Not really.
BGP route propagation works and some attributes are preserved, e.g. as-path
and local-preference, but not the attached communities.
It looks like they are doing implicitly —in juniper syntax— "then community
*set* EVPN-EXT-COMM" instead of "*add*" while importing BGP routes into EVPN
.

Best,
Guillermo

On Wed, Jul 3, 2019 at 10:55 AM Alexander Arseniev <arseniev@btinternet.com>
wrote:

> Hello,
> On 01/07/2019 15:38, Guillermo Fernando Cotone wrote:
>
> Our use-case is to connect BGP islands through an EVPN backbone, and we
> expect BGP attributes, such as communities, to be propagated over the
> backbone. Pretty much standard IP-VPN behavior. Also referenced here:https://tools.ietf.org/html/draft-rabadan-sajassi-bess-evpn-ipvpn-interworking-02#section-4.2
>
> I'm not sure if this is actually supported on Juniper. We're
> running 17.3R3-S2.2.
>
> Are You terminating PE-CE BGP on IRB interface on PE side? This is
> supported from 19.2R1
>
>
> https://www.juniper.net/documentation/en_US/junos/information-products/topic-collections/release-notes/19.2/jd0e4828.html#jd0e4903
>
> Thanks
>
> Alex
>
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: EVPN - BGP attribute propagation on MXes [ In reply to ]
Adam, sorry to disagree but I have a number of very successful EVPN/VXLAN deployments, all running 18.1R3-S[something]. Yes EVPN is new, but becoming more and more a Junos standard deployment every day. At least IMHO. Documentation needs a lot of catching up, so today some form of PS engagement by either Juniper [knowledgeable] Partner or Juniper PS often needed.

As for Type 5, this command maybe needed. This depends on specific platform, but can be set on all without any concern:

set routing-options forwarding-table chained-composite-next-hop ingress evpn

This is pre-19.1. From 19.1forward this should be a Junos-default setting for all platforms that support EVPN.

HTH, Rich

Richard McGovern
Sr Sales Engineer, Juniper Networks
978-618-3342

I’d rather be lucky than good, as I know I am not good
I don’t make the news, I just report it


?On 7/3/19, 2:36 AM, "adamv0025@netconsultings.com" <adamv0025@netconsultings.com> wrote:

> Guillermo Fernando Cotone
> Sent: Monday, July 1, 2019 3:39 PM
>
> Hi folks,
>
> Does anyone have implemented BGP attribute propagation using EVPN
> route type-5?
> We're trying to get BGP community propagation over an EVPN L3VNI, but so
> far we had no luck. I've no idea if there's any knob to enable this.
>
> Our use-case is to connect BGP islands through an EVPN backbone, and we
> expect BGP attributes, such as communities, to be propagated over the
> backbone. Pretty much standard IP-VPN behavior. Also referenced here:
> https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Drabadan-2Dsajassi-2Dbess-2Devpn-2Dipvpn-2D&d=DwICAg&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=cViNvWbwxCvdnmDGDIbWYLiUsu8nisqLYXmd-x445bc&m=T6w2urFHFvXBxD29C0gFgfVkJh4B5x15Sv7j8BgLnFE&s=eJazdQ5Wm-axp47OtXLhuRBSVptRcnwDteGnYIacfRg&e=
> interworking-02#section-4.2
>
> I'm not sure if this is actually supported on Juniper. We're running
17.3R3-
> S2.2.
>
I'm sorry, we discovered too many "you're router might explode TM" bugs in
the recent SURR (again) so nope still don't feel at all comfortable to run
EVPN on Junos in production.
This is our 3rd code upgrade over the years where we're trying to get EVPN
working as its supposed to, but I'm starting to think that Juniper is just
not the right vendor for running EVPN, they will get there eventually, just
not ready, still.

adam




_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: EVPN - BGP attribute propagation on MXes [ In reply to ]
Hello Guillermo-

I had a somewhat similar issue. For me I was trying to add a normal bgp community in vrf-export to an E-VPN instance. This config caused RPD core dumps in 18.2 although it worked as I had hoped in 16.1. JTAC reported at the time: "... using vrf-export in EVPN instance with non-rt target is not yet supported. Please don’t use it until it is officially targeted at 19.4 ... "

-Michael

> -----Original Message-----
> From: juniper-nsp <juniper-nsp-bounces@puck.nether.net> On Behalf Of
> Guillermo Fernando Cotone
> Sent: Wednesday, July 3, 2019 4:16 AM
> To: Alexander Arseniev <arseniev@btinternet.com>
> Cc: Juniper List <juniper-nsp@puck.nether.net>
> Subject: Re: [j-nsp] EVPN - BGP attribute propagation on MXes
>
> Hi Alexander,
>
> Not really.
> BGP route propagation works and some attributes are preserved, e.g. as-
> path
> and local-preference, but not the attached communities.
> It looks like they are doing implicitly —in juniper syntax— "then community
> *set* EVPN-EXT-COMM" instead of "*add*" while importing BGP routes into
> EVPN
> .
>
> Best,
> Guillermo
>
> On Wed, Jul 3, 2019 at 10:55 AM Alexander Arseniev
> <arseniev@btinternet.com>
> wrote:
>
> > Hello,
> > On 01/07/2019 15:38, Guillermo Fernando Cotone wrote:
> >
> > Our use-case is to connect BGP islands through an EVPN backbone, and we
> > expect BGP attributes, such as communities, to be propagated over the
> > backbone. Pretty much standard IP-VPN behavior. Also referenced
> here:https://tools.ietf.org/html/draft-rabadan-sajassi-bess-evpn-ipvpn-
> interworking-02#section-4.2
> >
> > I'm not sure if this is actually supported on Juniper. We're
> > running 17.3R3-S2.2.
> >
> > Are You terminating PE-CE BGP on IRB interface on PE side? This is
> > supported from 19.2R1
> >
> >
> > https://www.juniper.net/documentation/en_US/junos/information-
> products/topic-collections/release-notes/19.2/jd0e4828.html#jd0e4903
> >
> > Thanks
> >
> > Alex
> >
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: EVPN - BGP attribute propagation on MXes [ In reply to ]
Hi,

To update everyone on this thread Juniper official answer is that this is
not currently supported, "standard communities cannot be carried over EVPN
type-5 advertisements". There's an internal PR (1397851) to investigate
whether this feature could be applied.

If you would like to see this feature in future releases, make sure to
contact your SEs.

Best,
Guillermo

On Fri, Jul 5, 2019 at 3:59 PM Michael Hare <michael.hare@wisc.edu> wrote:

> Hello Guillermo-
>
> I had a somewhat similar issue. For me I was trying to add a normal bgp
> community in vrf-export to an E-VPN instance. This config caused RPD core
> dumps in 18.2 although it worked as I had hoped in 16.1. JTAC reported at
> the time: "... using vrf-export in EVPN instance with non-rt target is not
> yet supported. Please don’t use it until it is officially targeted at 19.4
> ... "
>
> -Michael
>
> > -----Original Message-----
> > From: juniper-nsp <juniper-nsp-bounces@puck.nether.net> On Behalf Of
> > Guillermo Fernando Cotone
> > Sent: Wednesday, July 3, 2019 4:16 AM
> > To: Alexander Arseniev <arseniev@btinternet.com>
> > Cc: Juniper List <juniper-nsp@puck.nether.net>
> > Subject: Re: [j-nsp] EVPN - BGP attribute propagation on MXes
> >
> > Hi Alexander,
> >
> > Not really.
> > BGP route propagation works and some attributes are preserved, e.g. as-
> > path
> > and local-preference, but not the attached communities.
> > It looks like they are doing implicitly —in juniper syntax— "then
> community
> > *set* EVPN-EXT-COMM" instead of "*add*" while importing BGP routes into
> > EVPN
> > .
> >
> > Best,
> > Guillermo
> >
> > On Wed, Jul 3, 2019 at 10:55 AM Alexander Arseniev
> > <arseniev@btinternet.com>
> > wrote:
> >
> > > Hello,
> > > On 01/07/2019 15:38, Guillermo Fernando Cotone wrote:
> > >
> > > Our use-case is to connect BGP islands through an EVPN backbone, and we
> > > expect BGP attributes, such as communities, to be propagated over the
> > > backbone. Pretty much standard IP-VPN behavior. Also referenced
> > here:https://tools.ietf.org/html/draft-rabadan-sajassi-bess-evpn-ipvpn-
> > interworking-02#section-4.2
> > >
> > > I'm not sure if this is actually supported on Juniper. We're
> > > running 17.3R3-S2.2.
> > >
> > > Are You terminating PE-CE BGP on IRB interface on PE side? This is
> > > supported from 19.2R1
> > >
> > >
> > > https://www.juniper.net/documentation/en_US/junos/information-
> > products/topic-collections/release-notes/19.2/jd0e4828.html#jd0e4903
> > >
> > > Thanks
> > >
> > > Alex
> > >
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp@puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
>
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp