Most networking engineers instantly take into consideration VXLAN and knowledge middle switches after they hear about EVPN. Whereas that’s probably the most hyped use case, EVPN standardization began in 2012 as a layer-2 VPN resolution on prime of MPLS transport attempting to merge the very best of VPLS and MPLS/VPN worlds.
If you wish to perceive how any know-how works, and what its quirks are, it’s a must to know the way it was designed for use. On this weblog publish we’ll begin that journey exploring the fundamentals of EVPN utilized in a easy MLPS community with three PE-routers:
Lab topology
The PE-routers are working Arista EOS. Their configuration is on the market on GitHub; you can even use netlab to recreate the lab.
After the lab is began, the EVPN BGP desk on all three PE-routers comprises an entry for each hooked up host (mac-ip, type-2 route), and an entry for each VLAN phase (imet or inclusive multicast Ethernet tag, type-3 route):
EVPN BGP desk on PE1
pe1#sh bgp evpn
BGP routing desk data for VRF default
Router identifier 10.0.0.1, native AS quantity 65000
Route standing codes: * - legitimate, > - lively, S - Stale, E - ECMP head, e - ECMP
c - Contributing to ECMP, % - Pending BGP convergence
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster Checklist, LL Nexthop - Hyperlink Native Nexthop
Community Subsequent Hop Metric LocPref Weight Path
* > RD: 10.0.0.3:1000 mac-ip 5254.0023.89db
10.0.0.3 - 100 0 i
* > RD: 10.0.0.1:1000 mac-ip 5254.005c.41af
- - - 0 i
* > RD: 10.0.0.3:1000 mac-ip 5254.005e.10e0
10.0.0.3 - 100 0 i
* > RD: 10.0.0.2:1000 mac-ip 5254.00f6.f9da
10.0.0.2 - 100 0 i
* > RD: 10.0.0.1:1000 imet 10.0.0.1
- - - 0 i
* > RD: 10.0.0.2:1000 imet 10.0.0.2
10.0.0.2 - 100 0 i
* > RD: 10.0.0.3:1000 imet 10.0.0.3
10.0.0.3 - 100 0 i
All EVPN routes have two attributes that ought to be very acquainted to the MPLS/VPN cognoscenti: a route distinguisher that’s used to make non-unique parts like MAC- or IP addresses globally distinctive, and route targets which can be used to import and export routes between VRFs. As we’re discussing a bridged topology immediately, these VRFs can be known as MAC-VRFs.
In easy VLAN bridging use circumstances, we normally use the loopback_ip:vlan_id type of the route distinguishers and bgp_asn:vlan_id type of the route targets, for instance:
Detailed view of an EBGP route
pe1#sh bgp evpn route-type imet 10.0.0.3 element
BGP routing desk data for VRF default
Router identifier 10.0.0.1, native AS quantity 65000
BGP routing desk entry for imet 10.0.0.3, Route Distinguisher: 10.0.0.3:1000
Paths: 1 obtainable
Native
10.0.0.3 from 10.0.0.3 (10.0.0.3)
Origin IGP, metric -, localpref 100, weight 0, legitimate, inside, greatest
Prolonged Neighborhood: Route-Goal-AS:65000:1000 TunnelEncap:tunnelTypeMpls
MPLS label: 435282
PMSI Tunnel: Ingress Replication, MPLS Label: 6964512, Leaf Info Required: false, Tunnel ID: 10.0.0.3
Let’s concentrate on the type-3 routes first. Egress nodes use them to promote each VLAN they’re related to along with an MLPS label that ingress nodes may use to ship BUM packets to that egress node. The kind-3 routes are utilized by ingress nodes (assuming the route goal within the EVPN route matches the import route goal) to construct replication timber – type-3 EVPN routes successfully construct a mesh of flooding pseudowires throughout an MPLS cloth
Full mesh of MPLS pseudowires between PE-routers bridging VLAN 1000
Every time an ingress node must flood a BUM packet, it sends a duplicate to each different node in the identical flooding area, normally utilizing a unique MPLS label stack for each egress node. Wanting on the imet EVPN routes on PE1, you’ll discover completely different MPLS labels (marketed by egress PE-router) and tunnel labels (marketed by LDP) in each route.
EVPN imet routes on PE1
pe1#sh bgp evpn route-type imet element
BGP routing desk data for VRF default
Router identifier 10.0.0.1, native AS quantity 65000
BGP routing desk entry for imet 10.0.0.1, Route Distinguisher: 10.0.0.1:1000
Paths: 1 obtainable
Native
- from - (0.0.0.0)
Origin IGP, metric -, localpref -, weight 0, legitimate, native, greatest
Prolonged Neighborhood: Route-Goal-AS:65000:1000 TunnelEncap:tunnelTypeMpls
MPLS label: 415282
PMSI Tunnel: Ingress Replication, MPLS Label: 6644512, Leaf Info Required: false, Tunnel ID: 10.0.0.1
BGP routing desk entry for imet 10.0.0.2, Route Distinguisher: 10.0.0.2:1000
Paths: 1 obtainable
Native
10.0.0.2 from 10.0.0.2 (10.0.0.2)
Origin IGP, metric -, localpref 100, weight 0, legitimate, inside, greatest
Prolonged Neighborhood: Route-Goal-AS:65000:1000 TunnelEncap:tunnelTypeMpls
MPLS label: 425282
PMSI Tunnel: Ingress Replication, MPLS Label: 6804512, Leaf Info Required: false, Tunnel ID: 10.0.0.2
BGP routing desk entry for imet 10.0.0.3, Route Distinguisher: 10.0.0.3:1000
Paths: 1 obtainable
Native
10.0.0.3 from 10.0.0.3 (10.0.0.3)
Origin IGP, metric -, localpref 100, weight 0, legitimate, inside, greatest
Prolonged Neighborhood: Route-Goal-AS:65000:1000 TunnelEncap:tunnelTypeMpls
MPLS label: 435282
PMSI Tunnel: Ingress Replication, MPLS Label: 6964512, Leaf Info Required: false, Tunnel ID: 10.0.0.3
Based mostly on the above printout: every time PE1 must flood a BUM packet in VLAN 1000, it sends a duplicate towards PE2 with label stack 425282/6804512 and one other copy towards PE3 with label stack 435282/6964512.
The kind-3 EVPN routes present sufficient data to construct a extra scalable VPLS implementation, however EVPN goes a step additional: each egress PE-device advertises each locally-known MAC tackle (and related IPv4 or IPv6 tackle) with a type-2 EVPN route that carries its personal MPLS label.
An EVPN implementation would possibly resolve to make use of the identical MPLS label for flooding and unicast IP addresses, to make use of two labels (one for flooding, one for unicast), or to make use of a devoted label for each MAC tackle. The printout of type-2 routes marketed by PE3 makes it clear that Arista EOS implementation makes use of a single MPLS label (completely different from the flooding label) for unicast visitors:
EVPN type-2 routes for H3 and H4 as marketed by PE2
pe1#sh bgp evpn route-type mac-ip rd 10.0.0.3:1000 element
BGP routing desk data for VRF default
Router identifier 10.0.0.1, native AS quantity 65000
BGP routing desk entry for mac-ip 5254.0023.89db, Route Distinguisher: 10.0.0.3:1000
Paths: 1 obtainable
Native
10.0.0.3 from 10.0.0.3 (10.0.0.3)
Origin IGP, metric -, localpref 100, weight 0, legitimate, inside, greatest
Prolonged Neighborhood: Route-Goal-AS:65000:1000 TunnelEncap:tunnelTypeMpls
MPLS label: 435899 ESI: 0000:0000:0000:0000:0000
BGP routing desk entry for mac-ip 5254.005e.10e0, Route Distinguisher: 10.0.0.3:1000
Paths: 1 obtainable
Native
10.0.0.3 from 10.0.0.3 (10.0.0.3)
Origin IGP, metric -, localpref 100, weight 0, legitimate, inside, greatest
Prolonged Neighborhood: Route-Goal-AS:65000:1000 TunnelEncap:tunnelTypeMpls
MPLS label: 435899 ESI: 0000:0000:0000:0000:0000
The pliability of utilizing dynamically-built mesh of pseudowires to move L2VPN knowledge permits EVPN to reflect the capabilities of MPLS/VPN to help all types of loopy VPN topologies. It’s trivial to construct a typical companies VPN or a hub-and-spoke VPN (Provider Ethernet E-Tree service) – take my configurations and play with import/export route targets, or look ahead to the following weblog publish on this sequence.
Need to Know Extra?
Krzysztof Grzegorz Szarkowicz (the creator of MPLS within the SDN Period guide) described EVPN in MPLS-based environments within the EVPN Deep Dive webinar.
