Redistributing OSPF into EVPN I was recently working on a lab for VXLAN/EVPN and was trying to simulate a connection to the outside world. For the lab, I was using OSPF to connect to the pretend ISP router, and wanted to redistribute that route into the EVPN-based fabric for a customer using our fabric. I got most of this to work fairly simply, but ran into issues redistributing the Gateway of last resort.…

Troubleshooting EVPN This is a page which shows some troubleshooting tips for EVPN. The strategy I like to use is “Local,Spine,Remote”, or ‘LSR’ to make it easy to remember. Before you get too far into the weeds, always first verify that you have BGP & EVPN neighborships. The below steps are useless if you do not have those fundamental pieces in place. Troubleshooting EVPN has similar steps to troubleshooting standard networking problems.…

EVPN Config Examples Leaf1 & Leaf2 (MLAH/iBGP Pair) Leaf 1 vlan 10 rd 65001:10010 route-target both 10010:10010 redistribute learned ! vlan 20 rd 65001:10020 route-target both 10020:10020 redistribute learned ! vlan 30 rd 65001:10030 route-target both 10030:10030 redistribute learned ! address-family evpn neighbor SPINEOVERLAY activate ! address-family ipv4 neighbor 10.10.1.1 activate neighbor 10.10.2.1 activate neighbor 172.16.4.2 activate network 1.1.1.1/32 ! vrf CUST1 rd 1.1.1.1:20010 route-target import evpn 20010:20010 route-target export evpn 20010:20010 redistribute connected !…

VXLAN Interface Sample Config Leaf1 Leaf1#show run int vxlan1 interface Vxlan1 vxlan source-interface Loopback0 //bind to lo0 vxlan udp-port 4789 //declare udp port vxlan vlan 10 vni 10010 vxlan vlan 20 vni 10020 // vlans 10,20,30 mapped to appropriate vni's vxlan vlan 30 vni 10030 vxlan vrf CUST1 vni 20010 //mapping the VRF's to a VNI vxlan vrf CUST2 vni 20020 Verification The VNI’s must match on each leaf, or you will end up with massive issues.…

BGP/EVPN Underlay Example Spine 1 router bgp 65000 router-id 5.5.5.5 no bgp default ipv4-unicast distance bgp 20 200 200 maximum-paths 3 ecmp 3 neighbor 10.10.1.2 remote-as 65001 neighbor 10.10.1.2 description Leaf1 neighbor 10.10.1.2 maximum-routes 12000 neighbor 10.10.1.6 remote-as 65001 neighbor 10.10.1.6 description Leaf2 neighbor 10.10.1.6 maximum-routes 12000 neighbor 10.10.1.10 remote-as 65002 neighbor 10.10.1.10 description Leaf3 neighbor 10.10.1.10 maximum-routes 12000 neighbor 10.10.1.14 remote-as 65003 neighbor 10.10.1.14 description Leaf4 neighbor 10.10.1.14 maximum-routes 12000 address-family ipv4 neighbor 10.…

EVPN Overlay Example Spine 1 router bgp 65000 router-id 5.5.5.5 no bgp default ipv4-unicast distance bgp 20 200 200 maximum-paths 3 ecmp 3 neighbor LEAFOVERLAY peer group neighbor LEAFOVERLAY next-hop-unchanged neighbor LEAFOVERLAY update-source Loopback0 neighbor LEAFOVERLAY ebgp-multihop neighbor LEAFOVERLAY send-community neighbor LEAFOVERLAY maximum-routes 0 neighbor 1.1.1.1 peer group LEAFOVERLAY neighbor 1.1.1.1 remote-as 65001 neighbor 1.1.1.1 description Leaf1 neighbor 2.2.2.2 peer group LEAFOVERLAY neighbor 2.2.2.2 remote-as 65001 neighbor 2.2.2.2 description LEAF2 neighbor 3.…

If possible, allocate a /24 for each Spine, and it’s correspinding Spine-Leaf Uplink. For example; * Spine1 = 10.10.1.0/24 * Spine2 = 10.10.2.0/24 * Spine3 = 10.10.3.0/24 * etc. Following this, a best practice is to make the uplinks /30’s, and make the spine have the first address in that /30. i.e, for 10.10.1.0/30 , the spine would have the .1 address and the leaf would have the .2 address. This allows for uniformity of the spines (i.…

Expanded notes for MLAG / iBGP Config See below config vlan 4093 name Mlag_iBGP trunk group MLAG vlan 4094 name MLAG_HB trunk group MLAG interface Vlan4093 no autostate ip address 172.16.4.1/30 //4.2 on adj leaf interface Vlan4094 no autostate ip address 172.16.40.1/30 //40.2 on adj Leaf ip virtual-router mac-address 00:1c:73:00:00:99 mlag configuration domain-id DomainLeaf1Leaf2 local-interface Vlan4094 peer-address 172.16.40.2 peer-link Port-Channel100 interface Port-Channel100 description Peer Link Leaf 1 and Leaf 2 switchport mode trunk switchport trunk group MLAG // matches trunk grou spec'd in vlan creation int e3-4 mtu 9214 channel group 100 mode active router bgp 65001 .…

EVPN/VXLAN Config Structure/ Skeleton 0 Enable EVPN with the following command service routing protocols model multi-agent 1. Add the Addresses to the devices / configure ports. The first step is to add the addresses to the appropriate locations. Each devices will need; Address on uplinks/downlinks Loopback0 address for EVPN overlay MLAG Devices will need additional addresses; 1 x VLAN SVI (normally 4094) for MLAG Heartbeat 1 x VLAN SVI (use 4093) for iBGP peering over the MLAG peer-link Additionally, you need to ensure the MTU is set to 9214 on ports, and they are set as ’no switchport’.…

EVPN Route Types Questions about the EVPN Route Types are pretty good interview questions for Network Engineers/ Architects. I keep forgetting the EVPN route types, so here is the EVPN route types explained so I can review them before an interview. I will separate them into their respective categories: “Standard” and “Multihoming” Standard The bread and butter of EVPN, EVPN Route Type 2 is used to advertise the MAC address of a host.…