QFX EVPN basic config
The overall structure of QFX5100 EVPN-VXLAN configuration is almost identical to MX configuration, but QFX configuration statements are scattered across three different stanzas: switch-options, protocols evpn and vlans.
First is the switch-options config:
set switch-options vtep-source-interface lo0.0
set switch-options route-distinguisher 10.0.0.3:1
set switch-options vrf-import EVPN_VRF_IMPORT
set switch-options vrf-target target:65000:2
set switch-options vrf-target auto ### depends on AS number in routing-options
set switch-options route-distinguisher 10.0.0.3:1
set switch-options vrf-import EVPN_VRF_IMPORT
set switch-options vrf-target target:65000:2
set switch-options vrf-target auto ### depends on AS number in routing-options
Vtep-source-interface and route-target policices are configured here.
Configuration of vrf-import policy:
set policy-options policy-statement EVPN_VRF_IMPORT term switch_options_comm from community switch_options_comm
set policy-options policy-statement EVPN_VRF_IMPORT term switch_options_comm then accept
set policy-options community switch_options_comm members target:65000:2 ### switch-options route-target
set policy-options policy-statement EVPN_VRF_IMPORT term cust0001 from community cust0001
set policy-options policy-statement EVPN_VRF_IMPORT term cust0001 then accept
set policy-options community cust0001 members target:10003:1 ### VNI 1 route-target
set policy-options policy-statement EVPN_VRF_IMPORT term switch_options_comm then accept
set policy-options community switch_options_comm members target:65000:2 ### switch-options route-target
set policy-options policy-statement EVPN_VRF_IMPORT term cust0001 from community cust0001
set policy-options policy-statement EVPN_VRF_IMPORT term cust0001 then accept
set policy-options community cust0001 members target:10003:1 ### VNI 1 route-target
I’ll write separate post later about VNI route-target community assignments (automatic vs manual route-target).
Next is the protocols EVPN configuration:
set protocols evpn encapsulation vxlan
set protocols evpn multicast-mode ingress-replication
set protocols evpn vni-options vni 1 vrf-target export target:10003:1 ### don’t need if vrf-target auto in use
set protocols evpn extended-vni-list [ 1 2 5 6 ] | All
set protocols evpn multicast-mode ingress-replication
set protocols evpn vni-options vni 1 vrf-target export target:10003:1 ### don’t need if vrf-target auto in use
set protocols evpn extended-vni-list [ 1 2 5 6 ] | All
Note extended-vni-list and encapsulation vxlan statements.
And VLAN configuration:
set vlans v0001 vlan-id 1
set vlans v0001 vxlan vni 1
set vlans v0001 vxlan ingress-node-replication
set vlans v0001 vxlan vni 1
set vlans v0001 vxlan ingress-node-replication
Just assign VXLAN VNI to VLAN.
Interface configuration (part of All-Active Ethernet Segment):
set interfaces xe-0/0/0 ether-options 802.3ad ae0
set interfaces ae0 esi 00:00:00:ab:cd:00:01:00:00:01 #should be identical for all links of that ES
set interfaces ae0 esi all-active
set interfaces ae0 aggregated-ether-options lacp active
set interfaces ae0 aggregated-ether-options lacp system-id 00:11:00:00:00:01 #should be identical for all links of that ES
set interfaces ae0 unit 0 family ethernet-switching interface-mode trunk
set interfaces ae0 unit 0 family ethernet-switching vlan members [ 1 2 5 6 ]
set interfaces ae0 esi 00:00:00:ab:cd:00:01:00:00:01 #should be identical for all links of that ES
set interfaces ae0 esi all-active
set interfaces ae0 aggregated-ether-options lacp active
set interfaces ae0 aggregated-ether-options lacp system-id 00:11:00:00:00:01 #should be identical for all links of that ES
set interfaces ae0 unit 0 family ethernet-switching interface-mode trunk
set interfaces ae0 unit 0 family ethernet-switching vlan members [ 1 2 5 6 ]
Some useful show commands:
show interfaces vtep
show ethernet-switching vxlan-tunnel-end-point source
show ethernet-switching vxlan-tunnel-end-point remote
show ethernet-switching table
show ethernet-switching vxlan-tunnel-end-point remote mac-table
show ethernet-switching vxlan-tunnel-end-point source
show ethernet-switching vxlan-tunnel-end-point remote
show ethernet-switching table
show ethernet-switching vxlan-tunnel-end-point remote mac-table