EVPN-VXLAN lab – basic L2 switching
My EVPN-VXLAN lab topology:
There is IP Fabric in DC1 (2 vMX and 2 vQFX), and 2 vMX_v14 to emulate CE devices. Each CE device connected to EVPN via LACP LAG ae0 (EVPN Active-Active ethernet segment on service side). vMX_old-1 also has sigle-homed interface ge-0/0/4 (just to show you the difference).
Each CE device split into two logical systems for more convenient testing of routing functionality (global device context for Vlan100 and logical-system second for Vlan200). You could also use virtual-router routing instances for that, if you prefer this way. The rest of CE config is pretty self-explanatory:
alex@MX1# show interfaces
ge-0/0/0 {
description vMX1;
gigether-options {
802.3ad ae0;
}
}
ge-0/0/1 {
description vMX2;
gigether-options {
802.3ad ae0;
}
}
ge-0/0/4 {
description vMX1_second;
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
mac 00:46:d3:04:fe:06;
}
ae0 {
description to_MC-LAG_vMX;
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
aggregated-ether-options {
lacp {
periodic slow;
}
}
unit 100 {
vlan-id 100;
family inet {
address 172.16.0.11/24;
}
family inet6 {
address 2001:dead:beef:100::11/64;
}
}
}
alex@MX1# show routing-options
rib inet6.0 {
static {
route ::/0 next-hop 2001:dead:beef:100::a;
}
}
static {
route 0.0.0.0/0 next-hop 172.16.0.254;
}
alex@MX1# show logical-systems
second {
interfaces {
ge-0/0/4 {
unit 200 {
vlan-id 200;
family inet {
address 172.16.1.111/24;
}
family inet6 {
address 2001:dead:beef:200::111/64;
}
}
}
ae0 {
unit 200 {
vlan-id 200;
family inet {
address 172.16.1.11/24;
}
family inet6 {
address 2001:dead:beef:200::11/64;
}
}
}
}
routing-options {
rib inet6.0 {
static {
route ::/0 next-hop 2001:dead:beef:200::a;
}
}
static {
route 0.0.0.0/0 next-hop 172.16.1.254;
}
}
}
alex@MX2# show interfaces
ge-0/0/0 {
description vQFX1;
gigether-options {
802.3ad ae0;
}
}
ge-0/0/1 {
description vQFX2;
gigether-options {
802.3ad ae0;
}
}
ae0 {
description to_MC-LAG_vQFX;
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
aggregated-ether-options {
lacp {
active;
periodic slow;
}
}
unit 100 {
vlan-id 100;
family inet {
address 172.16.0.22/24;
}
family inet6 {
address 2001:dead:beef:100::22/64;
}
}
}
alex@MX2# show routing-options
rib inet6.0 {
static {
route ::/0 next-hop 2001:dead:beef:100::a;
}
}
static {
route 0.0.0.0/0 next-hop 172.16.0.254;
}
alex@MX2# show logical-systems
second {
interfaces {
ae0 {
unit 200 {
vlan-id 200;
family inet {
address 172.16.1.22/24;
}
family inet6 {
address 2001:dead:beef:200::22/64;
}
}
}
}
routing-options {
rib inet6.0 {
static {
route ::/0 next-hop 2001:dead:beef:200::a;
}
}
static {
route 0.0.0.0/0 next-hop 172.16.1.254;
}
}
}
ge-0/0/0 {
description vMX1;
gigether-options {
802.3ad ae0;
}
}
ge-0/0/1 {
description vMX2;
gigether-options {
802.3ad ae0;
}
}
ge-0/0/4 {
description vMX1_second;
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
mac 00:46:d3:04:fe:06;
}
ae0 {
description to_MC-LAG_vMX;
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
aggregated-ether-options {
lacp {
periodic slow;
}
}
unit 100 {
vlan-id 100;
family inet {
address 172.16.0.11/24;
}
family inet6 {
address 2001:dead:beef:100::11/64;
}
}
}
alex@MX1# show routing-options
rib inet6.0 {
static {
route ::/0 next-hop 2001:dead:beef:100::a;
}
}
static {
route 0.0.0.0/0 next-hop 172.16.0.254;
}
alex@MX1# show logical-systems
second {
interfaces {
ge-0/0/4 {
unit 200 {
vlan-id 200;
family inet {
address 172.16.1.111/24;
}
family inet6 {
address 2001:dead:beef:200::111/64;
}
}
}
ae0 {
unit 200 {
vlan-id 200;
family inet {
address 172.16.1.11/24;
}
family inet6 {
address 2001:dead:beef:200::11/64;
}
}
}
}
routing-options {
rib inet6.0 {
static {
route ::/0 next-hop 2001:dead:beef:200::a;
}
}
static {
route 0.0.0.0/0 next-hop 172.16.1.254;
}
}
}
alex@MX2# show interfaces
ge-0/0/0 {
description vQFX1;
gigether-options {
802.3ad ae0;
}
}
ge-0/0/1 {
description vQFX2;
gigether-options {
802.3ad ae0;
}
}
ae0 {
description to_MC-LAG_vQFX;
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
aggregated-ether-options {
lacp {
active;
periodic slow;
}
}
unit 100 {
vlan-id 100;
family inet {
address 172.16.0.22/24;
}
family inet6 {
address 2001:dead:beef:100::22/64;
}
}
}
alex@MX2# show routing-options
rib inet6.0 {
static {
route ::/0 next-hop 2001:dead:beef:100::a;
}
}
static {
route 0.0.0.0/0 next-hop 172.16.0.254;
}
alex@MX2# show logical-systems
second {
interfaces {
ae0 {
unit 200 {
vlan-id 200;
family inet {
address 172.16.1.22/24;
}
family inet6 {
address 2001:dead:beef:200::22/64;
}
}
}
}
routing-options {
rib inet6.0 {
static {
route ::/0 next-hop 2001:dead:beef:200::a;
}
}
static {
route 0.0.0.0/0 next-hop 172.16.1.254;
}
}
}
So, we are done with boring standart CE config, let’s move on to more interesting stuff.
vQFX1 EVPN-VXLAN configuration:
alex@vQFX1# show switch-options
service-id 1;
vtep-source-interface lo0.0;
route-distinguisher 11.11.11.11:1;
vrf-target target:65000:1;
alex@vQFX1# show protocols evpn
encapsulation vxlan;
extended-vni-list [ 100 200 ];
multicast-mode ingress-replication;
alex@vQFX1# show vlans
v100 {
vlan-id 100;
vxlan {
vni 100;
ingress-node-replication;
}
}
v200 {
vlan-id 200;
vxlan {
vni 200;
ingress-node-replication;
}
}
alex@vQFX1# show interfaces
xe-0/0/0 {
description vMX1;
unit 0 {
family inet {
address 192.168.0.1/31;
}
}
}
xe-0/0/1 {
description vMX2;
unit 0 {
family inet {
address 192.168.0.5/31;
}
}
}
xe-0/0/2 {
description MX2;
ether-options {
802.3ad ae0;
}
}
ae0 {
description evpn;
esi {
00:00:00:00:00:11:11:11:11:11;
all-active;
}
aggregated-ether-options {
lacp {
active;
periodic slow;
system-id 00:00:00:11:11:11;
}
}
unit 0 {
family ethernet-switching {
interface-mode trunk;
vlan {
members [ v200 v100 ];
}
}
}
}
lo0 {
unit 0 {
family inet {
address 11.11.11.11/32;
}
}
}
alex@vQFX1# show protocols bgp
group underlay {
type external;
export direct;
local-as 65011;
multipath multiple-as;
neighbor 192.168.0.0 {
peer-as 65001;
}
neighbor 192.168.0.4 {
peer-as 65002;
}
}
group overlay {
type internal;
local-address 11.11.11.11;
family evpn {
signaling;
}
multipath;
neighbor 22.22.22.22;
neighbor 2.2.2.2;
neighbor 1.1.1.1;
}
alex@vQFX1# show routing-options
router-id 11.11.11.11;
autonomous-system 65000;
forwarding-table {
export lb;
}
service-id 1;
vtep-source-interface lo0.0;
route-distinguisher 11.11.11.11:1;
vrf-target target:65000:1;
alex@vQFX1# show protocols evpn
encapsulation vxlan;
extended-vni-list [ 100 200 ];
multicast-mode ingress-replication;
alex@vQFX1# show vlans
v100 {
vlan-id 100;
vxlan {
vni 100;
ingress-node-replication;
}
}
v200 {
vlan-id 200;
vxlan {
vni 200;
ingress-node-replication;
}
}
alex@vQFX1# show interfaces
xe-0/0/0 {
description vMX1;
unit 0 {
family inet {
address 192.168.0.1/31;
}
}
}
xe-0/0/1 {
description vMX2;
unit 0 {
family inet {
address 192.168.0.5/31;
}
}
}
xe-0/0/2 {
description MX2;
ether-options {
802.3ad ae0;
}
}
ae0 {
description evpn;
esi {
00:00:00:00:00:11:11:11:11:11;
all-active;
}
aggregated-ether-options {
lacp {
active;
periodic slow;
system-id 00:00:00:11:11:11;
}
}
unit 0 {
family ethernet-switching {
interface-mode trunk;
vlan {
members [ v200 v100 ];
}
}
}
}
lo0 {
unit 0 {
family inet {
address 11.11.11.11/32;
}
}
}
alex@vQFX1# show protocols bgp
group underlay {
type external;
export direct;
local-as 65011;
multipath multiple-as;
neighbor 192.168.0.0 {
peer-as 65001;
}
neighbor 192.168.0.4 {
peer-as 65002;
}
}
group overlay {
type internal;
local-address 11.11.11.11;
family evpn {
signaling;
}
multipath;
neighbor 22.22.22.22;
neighbor 2.2.2.2;
neighbor 1.1.1.1;
}
alex@vQFX1# show routing-options
router-id 11.11.11.11;
autonomous-system 65000;
forwarding-table {
export lb;
}
Notice vrf-target configuration. In this example I use the simplest possible variant – one vrf-target for all ES and VNI (vrf-target target:65000:1). I plan to test other variants of RT assignment later.
vQFX2 EVPN-VXLAN configuration:
alex@vQFX2# show switch-options
service-id 1;
vtep-source-interface lo0.0;
route-distinguisher 22.22.22.22:1;
vrf-target target:65000:1;
alex@vQFX2# show protocols evpn
encapsulation vxlan;
extended-vni-list [ 100 200 ];
multicast-mode ingress-replication;
alex@vQFX2# show vlans
v100 {
vlan-id 100;
vxlan {
vni 100;
ingress-node-replication;
}
}
v200 {
vlan-id 200;
vxlan {
vni 200;
ingress-node-replication;
}
}
alex@vQFX2# show interfaces
xe-0/0/0 {
description vMX2;
unit 0 {
family inet {
address 192.168.0.7/31;
}
}
}
xe-0/0/1 {
description vMX1;
unit 0 {
family inet {
address 192.168.0.3/31;
}
}
}
xe-0/0/2 {
description MX2;
ether-options {
802.3ad ae0;
}
}
ae0 {
description evpn;
esi {
00:00:00:00:00:11:11:11:11:11;
all-active;
}
aggregated-ether-options {
lacp {
active;
periodic slow;
system-id 00:00:00:11:11:11;
}
}
unit 0 {
family ethernet-switching {
interface-mode trunk;
vlan {
members [ v200 v100 ];
}
}
}
}
lo0 {
unit 0 {
family inet {
address 22.22.22.22/32;
}
}
}
alex@vQFX2# show protocols bgp
group underlay {
type external;
export direct;
local-as 65022;
multipath multiple-as;
neighbor 192.168.0.2 {
peer-as 65001;
}
neighbor 192.168.0.6 {
peer-as 65002;
}
}
group overlay {
type internal;
local-address 22.22.22.22;
family evpn {
signaling;
}
multipath;
neighbor 11.11.11.11;
neighbor 2.2.2.2;
neighbor 1.1.1.1;
}
alex@vQFX2# show routing-options
router-id 22.22.22.22;
autonomous-system 65000;
forwarding-table {
export lb;
}
service-id 1;
vtep-source-interface lo0.0;
route-distinguisher 22.22.22.22:1;
vrf-target target:65000:1;
alex@vQFX2# show protocols evpn
encapsulation vxlan;
extended-vni-list [ 100 200 ];
multicast-mode ingress-replication;
alex@vQFX2# show vlans
v100 {
vlan-id 100;
vxlan {
vni 100;
ingress-node-replication;
}
}
v200 {
vlan-id 200;
vxlan {
vni 200;
ingress-node-replication;
}
}
alex@vQFX2# show interfaces
xe-0/0/0 {
description vMX2;
unit 0 {
family inet {
address 192.168.0.7/31;
}
}
}
xe-0/0/1 {
description vMX1;
unit 0 {
family inet {
address 192.168.0.3/31;
}
}
}
xe-0/0/2 {
description MX2;
ether-options {
802.3ad ae0;
}
}
ae0 {
description evpn;
esi {
00:00:00:00:00:11:11:11:11:11;
all-active;
}
aggregated-ether-options {
lacp {
active;
periodic slow;
system-id 00:00:00:11:11:11;
}
}
unit 0 {
family ethernet-switching {
interface-mode trunk;
vlan {
members [ v200 v100 ];
}
}
}
}
lo0 {
unit 0 {
family inet {
address 22.22.22.22/32;
}
}
}
alex@vQFX2# show protocols bgp
group underlay {
type external;
export direct;
local-as 65022;
multipath multiple-as;
neighbor 192.168.0.2 {
peer-as 65001;
}
neighbor 192.168.0.6 {
peer-as 65002;
}
}
group overlay {
type internal;
local-address 22.22.22.22;
family evpn {
signaling;
}
multipath;
neighbor 11.11.11.11;
neighbor 2.2.2.2;
neighbor 1.1.1.1;
}
alex@vQFX2# show routing-options
router-id 22.22.22.22;
autonomous-system 65000;
forwarding-table {
export lb;
}
Pay attention to ae0 interface configuration in terms of active-active EVPN ES. Values of ESI ID and LACP system-id need to match between all member ports of this ES (vQFX1 and vQFX2 in this case).
And now to vMX side. vMX1 EVPN-VXLAN config:
alex@vMX1# show routing-options
router-id 1.1.1.1;
autonomous-system 65000;
forwarding-table {
export lb;
}
alex@vMX1# show protocols bgp
group underlay {
type external;
export direct;
local-as 65001;
multipath multiple-as;
neighbor 192.168.0.1 {
peer-as 65011;
}
neighbor 192.168.0.3 {
peer-as 65022;
}
}
group overlay {
type internal;
local-address 1.1.1.1;
family evpn {
signaling;
}
multipath;
neighbor 11.11.11.11;
neighbor 22.22.22.22;
neighbor 2.2.2.2;
}
alex@vMX1# show interfaces
ge-0/0/0 {
description MX1;
gigether-options {
802.3ad ae0;
}
}
ge-0/0/1 {
description vQFX1;
unit 0 {
family inet {
address 192.168.0.0/31;
}
}
}
ge-0/0/2 {
description vQFX2;
unit 0 {
family inet {
address 192.168.0.2/31;
}
}
}
ge-0/0/4 {
description MX1_second;
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list [ 100 200 ];
}
}
}
ae0 {
description evpn;
esi {
00:11:22:33:44:55:66:77:88:99;
all-active;
}
aggregated-ether-options {
lacp {
active;
periodic slow;
system-id 00:00:00:00:00:01;
}
}
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list [ 100 200 ];
}
}
}
lo0 {
unit 0 {
family inet {
address 1.1.1.1/32;
}
}
}
alex@vMX1# show routing-instances
evpn {
vtep-source-interface lo0.0;
instance-type virtual-switch;
interface ge-0/0/4.0;
interface ae0.0;
route-distinguisher 1.1.1.1:1;
vrf-target target:65000:1;
protocols {
evpn {
encapsulation vxlan;
extended-vni-list [ 100 200 ];
multicast-mode ingress-replication;
default-gateway no-gateway-community;
}
}
bridge-domains {
v100 {
vlan-id 100;
vxlan {
vni 100;
ingress-node-replication;
}
}
v200 {
vlan-id 200;
vxlan {
vni 200;
ingress-node-replication;
}
}
}
}
router-id 1.1.1.1;
autonomous-system 65000;
forwarding-table {
export lb;
}
alex@vMX1# show protocols bgp
group underlay {
type external;
export direct;
local-as 65001;
multipath multiple-as;
neighbor 192.168.0.1 {
peer-as 65011;
}
neighbor 192.168.0.3 {
peer-as 65022;
}
}
group overlay {
type internal;
local-address 1.1.1.1;
family evpn {
signaling;
}
multipath;
neighbor 11.11.11.11;
neighbor 22.22.22.22;
neighbor 2.2.2.2;
}
alex@vMX1# show interfaces
ge-0/0/0 {
description MX1;
gigether-options {
802.3ad ae0;
}
}
ge-0/0/1 {
description vQFX1;
unit 0 {
family inet {
address 192.168.0.0/31;
}
}
}
ge-0/0/2 {
description vQFX2;
unit 0 {
family inet {
address 192.168.0.2/31;
}
}
}
ge-0/0/4 {
description MX1_second;
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list [ 100 200 ];
}
}
}
ae0 {
description evpn;
esi {
00:11:22:33:44:55:66:77:88:99;
all-active;
}
aggregated-ether-options {
lacp {
active;
periodic slow;
system-id 00:00:00:00:00:01;
}
}
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list [ 100 200 ];
}
}
}
lo0 {
unit 0 {
family inet {
address 1.1.1.1/32;
}
}
}
alex@vMX1# show routing-instances
evpn {
vtep-source-interface lo0.0;
instance-type virtual-switch;
interface ge-0/0/4.0;
interface ae0.0;
route-distinguisher 1.1.1.1:1;
vrf-target target:65000:1;
protocols {
evpn {
encapsulation vxlan;
extended-vni-list [ 100 200 ];
multicast-mode ingress-replication;
default-gateway no-gateway-community;
}
}
bridge-domains {
v100 {
vlan-id 100;
vxlan {
vni 100;
ingress-node-replication;
}
}
v200 {
vlan-id 200;
vxlan {
vni 200;
ingress-node-replication;
}
}
}
}
vMX config is almost completely the same as on the vQFX side, but slightly different syntax.
vMX2 EVPN-VXLAN config:
alex@vMX2# show routing-options
router-id 2.2.2.2;
autonomous-system 65000;
forwarding-table {
export lb;
}
[edit]
alex@vMX2# show protocols bgp
group underlay {
type external;
export direct;
local-as 65002;
multipath multiple-as;
neighbor 192.168.0.5 {
peer-as 65011;
}
neighbor 192.168.0.7 {
peer-as 65022;
}
}
group overlay {
type internal;
local-address 2.2.2.2;
family evpn {
signaling;
}
neighbor 11.11.11.11;
neighbor 22.22.22.22;
neighbor 1.1.1.1;
}
alex@vMX2# show interfaces
ge-0/0/0 {
description MX1;
gigether-options {
802.3ad ae0;
}
}
ge-0/0/1 {
description vQFX2;
unit 0 {
family inet {
address 192.168.0.6/31;
}
}
}
ge-0/0/2 {
description vQFX1;
unit 0 {
family inet {
address 192.168.0.4/31;
}
}
}
ae0 {
description evpn;
esi {
00:11:22:33:44:55:66:77:88:99;
all-active;
}
aggregated-ether-options {
lacp {
active;
periodic slow;
system-id 00:00:00:00:00:01;
}
}
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list [ 100 200 ];
}
}
}
lo0 {
unit 0 {
family inet {
address 2.2.2.2/32;
}
}
}
alex@vMX2# show routing-instances
evpn {
vtep-source-interface lo0.0;
instance-type virtual-switch;
interface ae0.0;
route-distinguisher 2.2.2.2:1;
vrf-target target:65000:1;
protocols {
evpn {
encapsulation vxlan;
extended-vni-list [ 100 200 ];
multicast-mode ingress-replication;
default-gateway no-gateway-community;
}
}
bridge-domains {
v100 {
vlan-id 100;
vxlan {
vni 100;
ingress-node-replication;
}
}
v200 {
vlan-id 200;
vxlan {
vni 200;
ingress-node-replication;
}
}
}
}
router-id 2.2.2.2;
autonomous-system 65000;
forwarding-table {
export lb;
}
[edit]
alex@vMX2# show protocols bgp
group underlay {
type external;
export direct;
local-as 65002;
multipath multiple-as;
neighbor 192.168.0.5 {
peer-as 65011;
}
neighbor 192.168.0.7 {
peer-as 65022;
}
}
group overlay {
type internal;
local-address 2.2.2.2;
family evpn {
signaling;
}
neighbor 11.11.11.11;
neighbor 22.22.22.22;
neighbor 1.1.1.1;
}
alex@vMX2# show interfaces
ge-0/0/0 {
description MX1;
gigether-options {
802.3ad ae0;
}
}
ge-0/0/1 {
description vQFX2;
unit 0 {
family inet {
address 192.168.0.6/31;
}
}
}
ge-0/0/2 {
description vQFX1;
unit 0 {
family inet {
address 192.168.0.4/31;
}
}
}
ae0 {
description evpn;
esi {
00:11:22:33:44:55:66:77:88:99;
all-active;
}
aggregated-ether-options {
lacp {
active;
periodic slow;
system-id 00:00:00:00:00:01;
}
}
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list [ 100 200 ];
}
}
}
lo0 {
unit 0 {
family inet {
address 2.2.2.2/32;
}
}
}
alex@vMX2# show routing-instances
evpn {
vtep-source-interface lo0.0;
instance-type virtual-switch;
interface ae0.0;
route-distinguisher 2.2.2.2:1;
vrf-target target:65000:1;
protocols {
evpn {
encapsulation vxlan;
extended-vni-list [ 100 200 ];
multicast-mode ingress-replication;
default-gateway no-gateway-community;
}
}
bridge-domains {
v100 {
vlan-id 100;
vxlan {
vni 100;
ingress-node-replication;
}
}
v200 {
vlan-id 200;
vxlan {
vni 200;
ingress-node-replication;
}
}
}
}
This is basic EVPN-VXLAN configuration. If you can’t completely understand it, then read my previous posts about this topic (also there you will find references to all useful study materials).
Now it’s time to check, does it really work or not.
Let’s ping between CE interfaces on single Vlan:
alex@MX1# run ping 172.16.0.22 count 3
PING 172.16.0.22 (172.16.0.22): 56 data bytes
64 bytes from 172.16.0.22: icmp_seq=0 ttl=64 time=211.416 ms
64 bytes from 172.16.0.22: icmp_seq=1 ttl=64 time=210.633 ms
64 bytes from 172.16.0.22: icmp_seq=2 ttl=64 time=210.378 ms
--- 172.16.0.22 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 210.378/210.809/211.416/0.442 ms
alex@MX1# run ping 2001:dead:beef:100::22 count 3
PING6(56=40+8+8 bytes) 2001:dead:beef:100::11 --> 2001:dead:beef:100::22
16 bytes from 2001:dead:beef:100::22, icmp_seq=0 hlim=64 time=200.247 ms
16 bytes from 2001:dead:beef:100::22, icmp_seq=1 hlim=64 time=210.164 ms
16 bytes from 2001:dead:beef:100::22, icmp_seq=2 hlim=64 time=154.586 ms
--- 2001:dead:beef:100::22 ping6 statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/std-dev = 154.586/188.332/210.164/24.203 ms
alex@MX1# run ping 172.16.1.22 count 3 logical-system second
PING 172.16.1.22 (172.16.1.22): 56 data bytes
64 bytes from 172.16.1.22: icmp_seq=0 ttl=64 time=260.184 ms
64 bytes from 172.16.1.22: icmp_seq=1 ttl=64 time=268.486 ms
64 bytes from 172.16.1.22: icmp_seq=2 ttl=64 time=175.960 ms
--- 172.16.1.22 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 175.960/234.877/268.486/41.798 ms
alex@MX1# run ping 2001:dead:beef:200::22 count 3 logical-system second
PING6(56=40+8+8 bytes) 2001:dead:beef:200::11 --> 2001:dead:beef:200::22
16 bytes from 2001:dead:beef:200::22, icmp_seq=0 hlim=64 time=684.554 ms
16 bytes from 2001:dead:beef:200::22, icmp_seq=1 hlim=64 time=721.668 ms
16 bytes from 2001:dead:beef:200::22, icmp_seq=2 hlim=64 time=646.475 ms
--- 2001:dead:beef:200::22 ping6 statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/std-dev = 646.475/684.232/721.668/30.698 ms
alex@MX2# run ping 172.16.1.111 count 3 logical-system second
PING 172.16.1.111 (172.16.1.111): 56 data bytes
64 bytes from 172.16.1.111: icmp_seq=0 ttl=64 time=455.990 ms
64 bytes from 172.16.1.111: icmp_seq=1 ttl=64 time=495.740 ms
64 bytes from 172.16.1.111: icmp_seq=2 ttl=64 time=538.827 ms
--- 172.16.1.111 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 455.990/496.852/538.827/33.827 ms
alex@MX2# run ping 2001:dead:beef:200::111 count 3 logical-system second
PING6(56=40+8+8 bytes) 2001:dead:beef:200::22 --> 2001:dead:beef:200::111
16 bytes from 2001:dead:beef:200::111, icmp_seq=0 hlim=64 time=1685.475 ms
16 bytes from 2001:dead:beef:200::111, icmp_seq=1 hlim=64 time=1696.096 ms
16 bytes from 2001:dead:beef:200::111, icmp_seq=2 hlim=64 time=430.853 ms
--- 2001:dead:beef:200::111 ping6 statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/std-dev = 430.853/1270.808/1696.096/593.954 ms
PING 172.16.0.22 (172.16.0.22): 56 data bytes
64 bytes from 172.16.0.22: icmp_seq=0 ttl=64 time=211.416 ms
64 bytes from 172.16.0.22: icmp_seq=1 ttl=64 time=210.633 ms
64 bytes from 172.16.0.22: icmp_seq=2 ttl=64 time=210.378 ms
--- 172.16.0.22 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 210.378/210.809/211.416/0.442 ms
alex@MX1# run ping 2001:dead:beef:100::22 count 3
PING6(56=40+8+8 bytes) 2001:dead:beef:100::11 --> 2001:dead:beef:100::22
16 bytes from 2001:dead:beef:100::22, icmp_seq=0 hlim=64 time=200.247 ms
16 bytes from 2001:dead:beef:100::22, icmp_seq=1 hlim=64 time=210.164 ms
16 bytes from 2001:dead:beef:100::22, icmp_seq=2 hlim=64 time=154.586 ms
--- 2001:dead:beef:100::22 ping6 statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/std-dev = 154.586/188.332/210.164/24.203 ms
alex@MX1# run ping 172.16.1.22 count 3 logical-system second
PING 172.16.1.22 (172.16.1.22): 56 data bytes
64 bytes from 172.16.1.22: icmp_seq=0 ttl=64 time=260.184 ms
64 bytes from 172.16.1.22: icmp_seq=1 ttl=64 time=268.486 ms
64 bytes from 172.16.1.22: icmp_seq=2 ttl=64 time=175.960 ms
--- 172.16.1.22 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 175.960/234.877/268.486/41.798 ms
alex@MX1# run ping 2001:dead:beef:200::22 count 3 logical-system second
PING6(56=40+8+8 bytes) 2001:dead:beef:200::11 --> 2001:dead:beef:200::22
16 bytes from 2001:dead:beef:200::22, icmp_seq=0 hlim=64 time=684.554 ms
16 bytes from 2001:dead:beef:200::22, icmp_seq=1 hlim=64 time=721.668 ms
16 bytes from 2001:dead:beef:200::22, icmp_seq=2 hlim=64 time=646.475 ms
--- 2001:dead:beef:200::22 ping6 statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/std-dev = 646.475/684.232/721.668/30.698 ms
alex@MX2# run ping 172.16.1.111 count 3 logical-system second
PING 172.16.1.111 (172.16.1.111): 56 data bytes
64 bytes from 172.16.1.111: icmp_seq=0 ttl=64 time=455.990 ms
64 bytes from 172.16.1.111: icmp_seq=1 ttl=64 time=495.740 ms
64 bytes from 172.16.1.111: icmp_seq=2 ttl=64 time=538.827 ms
--- 172.16.1.111 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 455.990/496.852/538.827/33.827 ms
alex@MX2# run ping 2001:dead:beef:200::111 count 3 logical-system second
PING6(56=40+8+8 bytes) 2001:dead:beef:200::22 --> 2001:dead:beef:200::111
16 bytes from 2001:dead:beef:200::111, icmp_seq=0 hlim=64 time=1685.475 ms
16 bytes from 2001:dead:beef:200::111, icmp_seq=1 hlim=64 time=1696.096 ms
16 bytes from 2001:dead:beef:200::111, icmp_seq=2 hlim=64 time=430.853 ms
--- 2001:dead:beef:200::111 ping6 statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/std-dev = 430.853/1270.808/1696.096/593.954 ms
Excellent! CE’s have reachability to each other in single Vlan.
IRB functionality is topic for another post, for now let’s run a couple of show command to see what information is available.
The most useful command is definitely the “show evpn instance extensive”:
alex@vMX1# run show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 1.1.1.1:0
Number of bridge domains: 0
Number of neighbors: 1
Address MAC MAC+IP AD IM ES Leaf-label
2.2.2.2 0 0 0 0 1
Instance: evpn
Route Distinguisher: 1.1.1.1:1
Encapsulation type: VXLAN
MAC database status Local Remote
MAC advertisements: 1 6
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 2 (2 up)
Interface name ESI Mode Status AC-Role
ae0.0 00:11:22:33:44:55:66:77:88:99 all-active Up Root
ge-0/0/4.0 00:00:00:00:00:00:00:00:00:00 single-homed Up Root
Number of IRB interfaces: 0 (0 up)
Number of bridge domains: 2
VLAN Domain ID Intfs / up IRB intf Mode MAC sync IM route label SG sync IM core nexthop
100 100 2 2 Extended Enabled 100 Disabled
200 200 2 2 Extended Enabled 200 Disabled
Number of neighbors: 3
Address MAC MAC+IP AD IM ES Leaf-label
2.2.2.2 2 0 2 2 0
11.11.11.11 2 0 2 2 0
22.22.22.22 2 0 2 2 0
Number of ethernet segments: 2
ESI: 00:00:00:00:00:11:11:11:11:11
Status: Resolved
Number of remote PEs connected: 2
Remote PE MAC label Aliasing label Mode
11.11.11.11 100 0 all-active
22.22.22.22 200 0 all-active
ESI: 00:11:22:33:44:55:66:77:88:99
Status: Resolved by IFL ae0.0
Local interface: ae0.0, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote PE MAC label Aliasing label Mode
2.2.2.2 200 0 all-active
Designated forwarder: 1.1.1.1
Backup forwarder: 2.2.2.2
Last designated forwarder update: Sep 09 19:06:27
Router-ID: 1.1.1.1
Source VTEP interface IP: 1.1.1.1
alex@vMX2# run show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 2.2.2.2:0
Number of bridge domains: 0
Number of neighbors: 1
Address MAC MAC+IP AD IM ES Leaf-label
1.1.1.1 0 0 0 0 1
Instance: evpn
Route Distinguisher: 2.2.2.2:1
Encapsulation type: VXLAN
MAC database status Local Remote
MAC advertisements: 2 5
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 1 (1 up)
Interface name ESI Mode Status AC-Role
ae0.0 00:11:22:33:44:55:66:77:88:99 all-active Up Root
Number of IRB interfaces: 0 (0 up)
Number of bridge domains: 2
VLAN Domain ID Intfs / up IRB intf Mode MAC sync IM route label SG sync IM core nexthop
100 100 1 1 Extended Enabled 100 Disabled
200 200 1 1 Extended Enabled 200 Disabled
Number of neighbors: 3
Address MAC MAC+IP AD IM ES Leaf-label
1.1.1.1 1 0 2 2 0
11.11.11.11 2 0 2 2 0
22.22.22.22 2 0 2 2 0
Number of ethernet segments: 2
ESI: 00:00:00:00:00:11:11:11:11:11
Status: Resolved
Number of remote PEs connected: 2
Remote PE MAC label Aliasing label Mode
11.11.11.11 100 0 all-active
22.22.22.22 100 0 all-active
ESI: 00:11:22:33:44:55:66:77:88:99
Status: Resolved by IFL ae0.0
Local interface: ae0.0, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote PE MAC label Aliasing label Mode
1.1.1.1 200 0 all-active
Designated forwarder: 1.1.1.1
Backup forwarder: 2.2.2.2
Last designated forwarder update: Sep 09 19:06:27
Router-ID: 2.2.2.2
Source VTEP interface IP: 2.2.2.2
alex@vQFX1# run show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 11.11.11.11:0
Number of bridge domains: 0
Number of neighbors: 1
22.22.22.22
Received routes
Ethernet Segment: 1
Instance: default-switch
Route Distinguisher: 11.11.11.11:1
Encapsulation type: VXLAN
MAC database status Local Remote
MAC advertisements: 2 5
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 1 (1 up)
Interface name ESI Mode Status
ae0.0 00:00:00:00:00:11:11:11:11:11 all-active Up
Number of IRB interfaces: 0 (0 up)
Number of bridge domains: 2
VLAN VNI Intfs / up IRB intf Mode MAC sync IM route label
100 100 1 1 Extended Enabled 100
200 200 1 1 Extended Enabled 200
Number of neighbors: 3
1.1.1.1
Received routes
MAC address advertisement: 1
MAC+IP address advertisement: 0
Inclusive multicast: 2
Ethernet auto-discovery: 2
2.2.2.2
Received routes
MAC address advertisement: 2
MAC+IP address advertisement: 0
Inclusive multicast: 2
Ethernet auto-discovery: 2
22.22.22.22
Received routes
MAC address advertisement: 2
MAC+IP address advertisement: 0
Inclusive multicast: 2
Ethernet auto-discovery: 2
Number of ethernet segments: 2
ESI: 00:00:00:00:00:11:11:11:11:11
Status: Resolved by IFL ae0.0
Local interface: ae0.0, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote PE MAC label Aliasing label Mode
22.22.22.22 200 0 all-active
Designated forwarder: 11.11.11.11
Backup forwarder: 22.22.22.22
ESI: 00:11:22:33:44:55:66:77:88:99
Status: Resolved
Number of remote PEs connected: 2
Remote PE MAC label Aliasing label Mode
2.2.2.2 200 0 all-active
1.1.1.1 200 0 all-active
Router-ID: 11.11.11.11
Source VTEP interface IP: 11.11.11.11
alex@vQFX2# run show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 22.22.22.22:0
Number of bridge domains: 0
Number of neighbors: 1
11.11.11.11
Received routes
Ethernet Segment: 1
Instance: default-switch
Route Distinguisher: 22.22.22.22:1
Encapsulation type: VXLAN
MAC database status Local Remote
MAC advertisements: 2 4
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 1 (1 up)
Interface name ESI Mode Status
ae0.0 00:00:00:00:00:11:11:11:11:11 all-active Up
Number of IRB interfaces: 0 (0 up)
Number of bridge domains: 2
VLAN VNI Intfs / up IRB intf Mode MAC sync IM route label
100 100 1 1 Extended Enabled 100
200 200 1 1 Extended Enabled 200
Number of neighbors: 3
1.1.1.1
Received routes
MAC address advertisement: 0
MAC+IP address advertisement: 0
Inclusive multicast: 2
Ethernet auto-discovery: 2
2.2.2.2
Received routes
MAC address advertisement: 2
MAC+IP address advertisement: 0
Inclusive multicast: 2
Ethernet auto-discovery: 2
11.11.11.11
Received routes
MAC address advertisement: 2
MAC+IP address advertisement: 0
Inclusive multicast: 2
Ethernet auto-discovery: 2
Number of ethernet segments: 2
ESI: 00:00:00:00:00:11:11:11:11:11
Status: Resolved by IFL ae0.0
Local interface: ae0.0, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote PE MAC label Aliasing label Mode
11.11.11.11 100 0 all-active
Designated forwarder: 11.11.11.11
Backup forwarder: 22.22.22.22
ESI: 00:11:22:33:44:55:66:77:88:99
Status: Resolved
Number of remote PEs connected: 2
Remote PE MAC label Aliasing label Mode
1.1.1.1 0 0 all-active
2.2.2.2 100 0 all-active
Router-ID: 22.22.22.22
Source VTEP interface IP: 22.22.22.22
Instance: __default_evpn__
Route Distinguisher: 1.1.1.1:0
Number of bridge domains: 0
Number of neighbors: 1
Address MAC MAC+IP AD IM ES Leaf-label
2.2.2.2 0 0 0 0 1
Instance: evpn
Route Distinguisher: 1.1.1.1:1
Encapsulation type: VXLAN
MAC database status Local Remote
MAC advertisements: 1 6
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 2 (2 up)
Interface name ESI Mode Status AC-Role
ae0.0 00:11:22:33:44:55:66:77:88:99 all-active Up Root
ge-0/0/4.0 00:00:00:00:00:00:00:00:00:00 single-homed Up Root
Number of IRB interfaces: 0 (0 up)
Number of bridge domains: 2
VLAN Domain ID Intfs / up IRB intf Mode MAC sync IM route label SG sync IM core nexthop
100 100 2 2 Extended Enabled 100 Disabled
200 200 2 2 Extended Enabled 200 Disabled
Number of neighbors: 3
Address MAC MAC+IP AD IM ES Leaf-label
2.2.2.2 2 0 2 2 0
11.11.11.11 2 0 2 2 0
22.22.22.22 2 0 2 2 0
Number of ethernet segments: 2
ESI: 00:00:00:00:00:11:11:11:11:11
Status: Resolved
Number of remote PEs connected: 2
Remote PE MAC label Aliasing label Mode
11.11.11.11 100 0 all-active
22.22.22.22 200 0 all-active
ESI: 00:11:22:33:44:55:66:77:88:99
Status: Resolved by IFL ae0.0
Local interface: ae0.0, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote PE MAC label Aliasing label Mode
2.2.2.2 200 0 all-active
Designated forwarder: 1.1.1.1
Backup forwarder: 2.2.2.2
Last designated forwarder update: Sep 09 19:06:27
Router-ID: 1.1.1.1
Source VTEP interface IP: 1.1.1.1
alex@vMX2# run show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 2.2.2.2:0
Number of bridge domains: 0
Number of neighbors: 1
Address MAC MAC+IP AD IM ES Leaf-label
1.1.1.1 0 0 0 0 1
Instance: evpn
Route Distinguisher: 2.2.2.2:1
Encapsulation type: VXLAN
MAC database status Local Remote
MAC advertisements: 2 5
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 1 (1 up)
Interface name ESI Mode Status AC-Role
ae0.0 00:11:22:33:44:55:66:77:88:99 all-active Up Root
Number of IRB interfaces: 0 (0 up)
Number of bridge domains: 2
VLAN Domain ID Intfs / up IRB intf Mode MAC sync IM route label SG sync IM core nexthop
100 100 1 1 Extended Enabled 100 Disabled
200 200 1 1 Extended Enabled 200 Disabled
Number of neighbors: 3
Address MAC MAC+IP AD IM ES Leaf-label
1.1.1.1 1 0 2 2 0
11.11.11.11 2 0 2 2 0
22.22.22.22 2 0 2 2 0
Number of ethernet segments: 2
ESI: 00:00:00:00:00:11:11:11:11:11
Status: Resolved
Number of remote PEs connected: 2
Remote PE MAC label Aliasing label Mode
11.11.11.11 100 0 all-active
22.22.22.22 100 0 all-active
ESI: 00:11:22:33:44:55:66:77:88:99
Status: Resolved by IFL ae0.0
Local interface: ae0.0, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote PE MAC label Aliasing label Mode
1.1.1.1 200 0 all-active
Designated forwarder: 1.1.1.1
Backup forwarder: 2.2.2.2
Last designated forwarder update: Sep 09 19:06:27
Router-ID: 2.2.2.2
Source VTEP interface IP: 2.2.2.2
alex@vQFX1# run show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 11.11.11.11:0
Number of bridge domains: 0
Number of neighbors: 1
22.22.22.22
Received routes
Ethernet Segment: 1
Instance: default-switch
Route Distinguisher: 11.11.11.11:1
Encapsulation type: VXLAN
MAC database status Local Remote
MAC advertisements: 2 5
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 1 (1 up)
Interface name ESI Mode Status
ae0.0 00:00:00:00:00:11:11:11:11:11 all-active Up
Number of IRB interfaces: 0 (0 up)
Number of bridge domains: 2
VLAN VNI Intfs / up IRB intf Mode MAC sync IM route label
100 100 1 1 Extended Enabled 100
200 200 1 1 Extended Enabled 200
Number of neighbors: 3
1.1.1.1
Received routes
MAC address advertisement: 1
MAC+IP address advertisement: 0
Inclusive multicast: 2
Ethernet auto-discovery: 2
2.2.2.2
Received routes
MAC address advertisement: 2
MAC+IP address advertisement: 0
Inclusive multicast: 2
Ethernet auto-discovery: 2
22.22.22.22
Received routes
MAC address advertisement: 2
MAC+IP address advertisement: 0
Inclusive multicast: 2
Ethernet auto-discovery: 2
Number of ethernet segments: 2
ESI: 00:00:00:00:00:11:11:11:11:11
Status: Resolved by IFL ae0.0
Local interface: ae0.0, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote PE MAC label Aliasing label Mode
22.22.22.22 200 0 all-active
Designated forwarder: 11.11.11.11
Backup forwarder: 22.22.22.22
ESI: 00:11:22:33:44:55:66:77:88:99
Status: Resolved
Number of remote PEs connected: 2
Remote PE MAC label Aliasing label Mode
2.2.2.2 200 0 all-active
1.1.1.1 200 0 all-active
Router-ID: 11.11.11.11
Source VTEP interface IP: 11.11.11.11
alex@vQFX2# run show evpn instance extensive
Instance: __default_evpn__
Route Distinguisher: 22.22.22.22:0
Number of bridge domains: 0
Number of neighbors: 1
11.11.11.11
Received routes
Ethernet Segment: 1
Instance: default-switch
Route Distinguisher: 22.22.22.22:1
Encapsulation type: VXLAN
MAC database status Local Remote
MAC advertisements: 2 4
MAC+IP advertisements: 0 0
Default gateway MAC advertisements: 0 0
Number of local interfaces: 1 (1 up)
Interface name ESI Mode Status
ae0.0 00:00:00:00:00:11:11:11:11:11 all-active Up
Number of IRB interfaces: 0 (0 up)
Number of bridge domains: 2
VLAN VNI Intfs / up IRB intf Mode MAC sync IM route label
100 100 1 1 Extended Enabled 100
200 200 1 1 Extended Enabled 200
Number of neighbors: 3
1.1.1.1
Received routes
MAC address advertisement: 0
MAC+IP address advertisement: 0
Inclusive multicast: 2
Ethernet auto-discovery: 2
2.2.2.2
Received routes
MAC address advertisement: 2
MAC+IP address advertisement: 0
Inclusive multicast: 2
Ethernet auto-discovery: 2
11.11.11.11
Received routes
MAC address advertisement: 2
MAC+IP address advertisement: 0
Inclusive multicast: 2
Ethernet auto-discovery: 2
Number of ethernet segments: 2
ESI: 00:00:00:00:00:11:11:11:11:11
Status: Resolved by IFL ae0.0
Local interface: ae0.0, Status: Up/Forwarding
Number of remote PEs connected: 1
Remote PE MAC label Aliasing label Mode
11.11.11.11 100 0 all-active
Designated forwarder: 11.11.11.11
Backup forwarder: 22.22.22.22
ESI: 00:11:22:33:44:55:66:77:88:99
Status: Resolved
Number of remote PEs connected: 2
Remote PE MAC label Aliasing label Mode
1.1.1.1 0 0 all-active
2.2.2.2 100 0 all-active
Router-ID: 22.22.22.22
Source VTEP interface IP: 22.22.22.22
You can find almost everything that you need in this output. Neighbors, interfaces, ESI, number of MACs.
Show MAC table:
alex@vMX1# run show bridge mac-table
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)
Routing instance : evpn
Bridging domain : v100, VLAN : 100
MAC MAC Logical Active
address flags interface source
00:05:86:71:18:c0 DR ae0.0
00:05:86:71:1f:c0 DR esi.569 00:00:00:00:00:11:11:11:11:11
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)
Routing instance : evpn
Bridging domain : v200, VLAN : 200
MAC MAC Logical Active
address flags interface source
00:05:86:71:18:c0 DR ae0.0
00:05:86:71:1f:c0 DR esi.569 00:00:00:00:00:11:11:11:11:11
00:46:d3:04:fe:06 D ge-0/0/4.0
alex@vMX2# run show bridge mac-table
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)
Routing instance : evpn
Bridging domain : v100, VLAN : 100
MAC MAC Logical Active
address flags interface source
00:05:86:71:18:c0 DL ae0.0
00:05:86:71:1f:c0 DR esi.568 00:00:00:00:00:11:11:11:11:11
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)
Routing instance : evpn
Bridging domain : v200, VLAN : 200
MAC MAC Logical Active
address flags interface source
00:05:86:71:18:c0 DL ae0.0
00:05:86:71:1f:c0 DR esi.568 00:00:00:00:00:11:11:11:11:11
00:46:d3:04:fe:06 D vtep.32769 1.1.1.1
alex@vQFX1# run show ethernet-switching table
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)
Ethernet switching table : 5 entries, 5 learned
Routing instance : default-switch
Vlan MAC MAC Logical Active
name address flags interface source
v100 00:05:86:71:18:c0 DR esi.1797 00:11:22:33:44:55:66:77:88:99
v100 00:05:86:71:1f:c0 DLR ae0.0
v200 00:05:86:71:18:c0 DR esi.1797 00:11:22:33:44:55:66:77:88:99
v200 00:05:86:71:1f:c0 DLR ae0.0
v200 00:46:d3:04:fe:06 D vtep.32770 1.1.1.1
alex@vQFX2# run show ethernet-switching table
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)
Ethernet switching table : 5 entries, 5 learned
Routing instance : default-switch
Vlan MAC MAC Logical Active
name address flags interface source
v100 00:05:86:71:18:c0 DR esi.1707 00:11:22:33:44:55:66:77:88:99
v100 00:05:86:71:1f:c0 DLR ae0.0
v200 00:05:86:71:18:c0 DR esi.1707 00:11:22:33:44:55:66:77:88:99
v200 00:05:86:71:1f:c0 DLR ae0.0
v200 00:46:d3:04:fe:06 D vtep.32770 1.1.1.1
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)
Routing instance : evpn
Bridging domain : v100, VLAN : 100
MAC MAC Logical Active
address flags interface source
00:05:86:71:18:c0 DR ae0.0
00:05:86:71:1f:c0 DR esi.569 00:00:00:00:00:11:11:11:11:11
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)
Routing instance : evpn
Bridging domain : v200, VLAN : 200
MAC MAC Logical Active
address flags interface source
00:05:86:71:18:c0 DR ae0.0
00:05:86:71:1f:c0 DR esi.569 00:00:00:00:00:11:11:11:11:11
00:46:d3:04:fe:06 D ge-0/0/4.0
alex@vMX2# run show bridge mac-table
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)
Routing instance : evpn
Bridging domain : v100, VLAN : 100
MAC MAC Logical Active
address flags interface source
00:05:86:71:18:c0 DL ae0.0
00:05:86:71:1f:c0 DR esi.568 00:00:00:00:00:11:11:11:11:11
MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)
Routing instance : evpn
Bridging domain : v200, VLAN : 200
MAC MAC Logical Active
address flags interface source
00:05:86:71:18:c0 DL ae0.0
00:05:86:71:1f:c0 DR esi.568 00:00:00:00:00:11:11:11:11:11
00:46:d3:04:fe:06 D vtep.32769 1.1.1.1
alex@vQFX1# run show ethernet-switching table
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)
Ethernet switching table : 5 entries, 5 learned
Routing instance : default-switch
Vlan MAC MAC Logical Active
name address flags interface source
v100 00:05:86:71:18:c0 DR esi.1797 00:11:22:33:44:55:66:77:88:99
v100 00:05:86:71:1f:c0 DLR ae0.0
v200 00:05:86:71:18:c0 DR esi.1797 00:11:22:33:44:55:66:77:88:99
v200 00:05:86:71:1f:c0 DLR ae0.0
v200 00:46:d3:04:fe:06 D vtep.32770 1.1.1.1
alex@vQFX2# run show ethernet-switching table
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)
Ethernet switching table : 5 entries, 5 learned
Routing instance : default-switch
Vlan MAC MAC Logical Active
name address flags interface source
v100 00:05:86:71:18:c0 DR esi.1707 00:11:22:33:44:55:66:77:88:99
v100 00:05:86:71:1f:c0 DLR ae0.0
v200 00:05:86:71:18:c0 DR esi.1707 00:11:22:33:44:55:66:77:88:99
v200 00:05:86:71:1f:c0 DLR ae0.0
v200 00:46:d3:04:fe:06 D vtep.32770 1.1.1.1
EVPN database:
alex@vMX1# run show evpn database
Instance: evpn
VLAN DomainId MAC address Active source Timestamp IP address
100 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 19:27:30
100 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 21:04:03
200 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 19:31:51
200 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 21:04:03
200 00:46:d3:04:fe:06 ge-0/0/4.0 Sep 09 21:06:15
alex@vMX2# run show evpn database
Instance: evpn
VLAN DomainId MAC address Active source Timestamp IP address
100 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 19:27:31
100 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 21:03:28
200 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 19:57:58
200 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 21:03:28
200 00:46:d3:04:fe:06 1.1.1.1 Sep 09 21:06:20
alex@vQFX1# run show evpn database
Instance: default-switch
VLAN VNI MAC address Active source Timestamp IP address
100 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 19:18:04
100 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 19:22:54
200 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 19:46:10
200 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 19:23:01
200 00:46:d3:04:fe:06 1.1.1.1 Sep 09 20:49:12
alex@vQFX2# run show evpn database
Instance: default-switch
VLAN VNI MAC address Active source Timestamp IP address
100 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 18:47:03
100 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 18:17:33
200 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 18:47:03
200 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 18:17:37
200 00:46:d3:04:fe:06 1.1.1.1 Sep 09 18:47:58
Instance: evpn
VLAN DomainId MAC address Active source Timestamp IP address
100 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 19:27:30
100 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 21:04:03
200 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 19:31:51
200 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 21:04:03
200 00:46:d3:04:fe:06 ge-0/0/4.0 Sep 09 21:06:15
alex@vMX2# run show evpn database
Instance: evpn
VLAN DomainId MAC address Active source Timestamp IP address
100 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 19:27:31
100 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 21:03:28
200 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 19:57:58
200 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 21:03:28
200 00:46:d3:04:fe:06 1.1.1.1 Sep 09 21:06:20
alex@vQFX1# run show evpn database
Instance: default-switch
VLAN VNI MAC address Active source Timestamp IP address
100 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 19:18:04
100 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 19:22:54
200 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 19:46:10
200 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 19:23:01
200 00:46:d3:04:fe:06 1.1.1.1 Sep 09 20:49:12
alex@vQFX2# run show evpn database
Instance: default-switch
VLAN VNI MAC address Active source Timestamp IP address
100 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 18:47:03
100 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 18:17:33
200 00:05:86:71:18:c0 00:11:22:33:44:55:66:77:88:99 Sep 09 18:47:03
200 00:05:86:71:1f:c0 00:00:00:00:00:11:11:11:11:11 Sep 09 18:17:37
200 00:46:d3:04:fe:06 1.1.1.1 Sep 09 18:47:58
EVPN routes in BGP table:
alex@vMX1# run show route table bgp.evpn.0
bgp.evpn.0: 19 destinations, 19 routes (19 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1:2.2.2.2:0::112233445566778899::FFFF:FFFF/192 AD/ESI
*[BGP/170] 01:40:39, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
to 192.168.0.1 via ge-0/0/1.0
> to 192.168.0.3 via ge-0/0/2.0
1:2.2.2.2:1::112233445566778899::0/192 AD/EVI
*[BGP/170] 01:40:40, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
to 192.168.0.1 via ge-0/0/1.0
> to 192.168.0.3 via ge-0/0/2.0
1:11.11.11.11:0::1111111111::FFFF:FFFF/192 AD/ESI
*[BGP/170] 01:14:26, localpref 100, from 11.11.11.11
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
1:11.11.11.11:1::1111111111::0/192 AD/EVI
*[BGP/170] 01:14:28, localpref 100, from 11.11.11.11
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
1:22.22.22.22:0::1111111111::FFFF:FFFF/192 AD/ESI
*[BGP/170] 00:08:11, localpref 100, from 22.22.22.22
AS path: I, validation-state: unverified
> to 192.168.0.3 via ge-0/0/2.0
1:22.22.22.22:1::1111111111::0/192 AD/EVI
*[BGP/170] 00:08:11, localpref 100, from 22.22.22.22
AS path: I, validation-state: unverified
> to 192.168.0.3 via ge-0/0/2.0
2:2.2.2.2:1::100::00:05:86:71:18:c0/304 MAC/IP
*[BGP/170] 01:19:20, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
to 192.168.0.1 via ge-0/0/1.0
> to 192.168.0.3 via ge-0/0/2.0
2:2.2.2.2:1::200::00:05:86:71:18:c0/304 MAC/IP
*[BGP/170] 01:14:59, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
to 192.168.0.3 via ge-0/0/2.0
2:11.11.11.11:1::100::00:05:86:71:1f:c0/304 MAC/IP
*[BGP/170] 01:14:22, localpref 100, from 11.11.11.11
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
2:11.11.11.11:1::200::00:05:86:71:1f:c0/304 MAC/IP
*[BGP/170] 01:14:24, localpref 100, from 11.11.11.11
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
2:22.22.22.22:1::100::00:05:86:71:1f:c0/304 MAC/IP
*[BGP/170] 00:08:11, localpref 100, from 22.22.22.22
AS path: I, validation-state: unverified
> to 192.168.0.3 via ge-0/0/2.0
2:22.22.22.22:1::200::00:05:86:71:1f:c0/304 MAC/IP
*[BGP/170] 00:08:11, localpref 100, from 22.22.22.22
AS path: I, validation-state: unverified
> to 192.168.0.3 via ge-0/0/2.0
3:2.2.2.2:1::100::2.2.2.2/248 IM
*[BGP/170] 01:25:31, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
to 192.168.0.3 via ge-0/0/2.0
3:2.2.2.2:1::200::2.2.2.2/248 IM
*[BGP/170] 01:25:31, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
to 192.168.0.1 via ge-0/0/1.0
> to 192.168.0.3 via ge-0/0/2.0
3:11.11.11.11:1::100::11.11.11.11/248 IM
*[BGP/170] 01:14:26, localpref 100, from 11.11.11.11
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
3:11.11.11.11:1::200::11.11.11.11/248 IM
*[BGP/170] 01:14:26, localpref 100, from 11.11.11.11
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
3:22.22.22.22:1::100::22.22.22.22/248 IM
*[BGP/170] 00:08:11, localpref 100, from 22.22.22.22
AS path: I, validation-state: unverified
> to 192.168.0.3 via ge-0/0/2.0
3:22.22.22.22:1::200::22.22.22.22/248 IM
*[BGP/170] 00:08:11, localpref 100, from 22.22.22.22
AS path: I, validation-state: unverified
> to 192.168.0.3 via ge-0/0/2.0
4:2.2.2.2:0::112233445566778899:2.2.2.2/296 ES
*[BGP/170] 01:40:39, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
to 192.168.0.3 via ge-0/0/2.0
bgp.evpn.0: 19 destinations, 19 routes (19 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1:2.2.2.2:0::112233445566778899::FFFF:FFFF/192 AD/ESI
*[BGP/170] 01:40:39, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
to 192.168.0.1 via ge-0/0/1.0
> to 192.168.0.3 via ge-0/0/2.0
1:2.2.2.2:1::112233445566778899::0/192 AD/EVI
*[BGP/170] 01:40:40, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
to 192.168.0.1 via ge-0/0/1.0
> to 192.168.0.3 via ge-0/0/2.0
1:11.11.11.11:0::1111111111::FFFF:FFFF/192 AD/ESI
*[BGP/170] 01:14:26, localpref 100, from 11.11.11.11
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
1:11.11.11.11:1::1111111111::0/192 AD/EVI
*[BGP/170] 01:14:28, localpref 100, from 11.11.11.11
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
1:22.22.22.22:0::1111111111::FFFF:FFFF/192 AD/ESI
*[BGP/170] 00:08:11, localpref 100, from 22.22.22.22
AS path: I, validation-state: unverified
> to 192.168.0.3 via ge-0/0/2.0
1:22.22.22.22:1::1111111111::0/192 AD/EVI
*[BGP/170] 00:08:11, localpref 100, from 22.22.22.22
AS path: I, validation-state: unverified
> to 192.168.0.3 via ge-0/0/2.0
2:2.2.2.2:1::100::00:05:86:71:18:c0/304 MAC/IP
*[BGP/170] 01:19:20, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
to 192.168.0.1 via ge-0/0/1.0
> to 192.168.0.3 via ge-0/0/2.0
2:2.2.2.2:1::200::00:05:86:71:18:c0/304 MAC/IP
*[BGP/170] 01:14:59, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
to 192.168.0.3 via ge-0/0/2.0
2:11.11.11.11:1::100::00:05:86:71:1f:c0/304 MAC/IP
*[BGP/170] 01:14:22, localpref 100, from 11.11.11.11
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
2:11.11.11.11:1::200::00:05:86:71:1f:c0/304 MAC/IP
*[BGP/170] 01:14:24, localpref 100, from 11.11.11.11
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
2:22.22.22.22:1::100::00:05:86:71:1f:c0/304 MAC/IP
*[BGP/170] 00:08:11, localpref 100, from 22.22.22.22
AS path: I, validation-state: unverified
> to 192.168.0.3 via ge-0/0/2.0
2:22.22.22.22:1::200::00:05:86:71:1f:c0/304 MAC/IP
*[BGP/170] 00:08:11, localpref 100, from 22.22.22.22
AS path: I, validation-state: unverified
> to 192.168.0.3 via ge-0/0/2.0
3:2.2.2.2:1::100::2.2.2.2/248 IM
*[BGP/170] 01:25:31, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
to 192.168.0.3 via ge-0/0/2.0
3:2.2.2.2:1::200::2.2.2.2/248 IM
*[BGP/170] 01:25:31, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
to 192.168.0.1 via ge-0/0/1.0
> to 192.168.0.3 via ge-0/0/2.0
3:11.11.11.11:1::100::11.11.11.11/248 IM
*[BGP/170] 01:14:26, localpref 100, from 11.11.11.11
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
3:11.11.11.11:1::200::11.11.11.11/248 IM
*[BGP/170] 01:14:26, localpref 100, from 11.11.11.11
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
3:22.22.22.22:1::100::22.22.22.22/248 IM
*[BGP/170] 00:08:11, localpref 100, from 22.22.22.22
AS path: I, validation-state: unverified
> to 192.168.0.3 via ge-0/0/2.0
3:22.22.22.22:1::200::22.22.22.22/248 IM
*[BGP/170] 00:08:11, localpref 100, from 22.22.22.22
AS path: I, validation-state: unverified
> to 192.168.0.3 via ge-0/0/2.0
4:2.2.2.2:0::112233445566778899:2.2.2.2/296 ES
*[BGP/170] 01:40:39, localpref 100, from 2.2.2.2
AS path: I, validation-state: unverified
> to 192.168.0.1 via ge-0/0/1.0
to 192.168.0.3 via ge-0/0/2.0
So, this is basic L2 functionality of EVPN-VXLAN.
Config is pretty big, but nothing hard if you know what you doing and do it piece by piece.
In the next posts I’ll write about various methods of RT assignment and IRB functionality.
One thought on “EVPN-VXLAN lab – basic L2 switching”
While enabling evpn in vmx.. I am getting l2ald error
root@Leaf1# commit
[edit routing-instances]
‘evpn’
l2ald: service-id must be configured for rtt:evpn with MCAE
error: configuration check-out failed
edit]
root@Leaf1# edit routing-instances
[edit routing-instances]
root@Leaf1# show | display set
set routing-instances evpn vtep-source-interface lo0.0
set routing-instances evpn instance-type virtual-switch
set routing-instances evpn interface ae1.0
set routing-instances evpn route-distinguisher 9.0.0.112:65112
set routing-instances evpn vrf-target target:65000:1
set routing-instances evpn protocols evpn encapsulation vxlan
set routing-instances evpn protocols evpn extended-vni-list 100
set routing-instances evpn protocols evpn extended-vni-list 200
set routing-instances evpn protocols evpn multicast-mode ingress-replication
set routing-instances evpn protocols evpn default-gateway no-gateway-community
set routing-instances evpn bridge-domains v100 vlan-id 100
set routing-instances evpn bridge-domains v100 vxlan vni 100
set routing-instances evpn bridge-domains v100 vxlan ingress-node-replication
set routing-instances evpn bridge-domains v200 vlan-id 200
set routing-instances evpn bridge-domains v200 vxlan vni 200
set routing-instances evpn bridge-domains v200 vxlan ingress-node-replication