L2VPN EVPN VXLAN border leaf handoff with MPLS L3VPN peer
TOPOLOGY
REQUIREMENT
Reachability between L2VPN EVPN host 172.21.128.31 and L3VPN host 10.141.129.22.
CONFIGURATION
========
9500-2
========
ip multicast-routing
ip multicast-routing vrf EXPERIMENTAL
vlan 930
ip pim rp-address 172.21.129.38
vrf definition EXPERIMENTAL
rd 172.21.128.30:111
route-target export 64512:1110
route-target import 64512:1110
!
address-family ipv4
route-target export 64512:1110 stitching
route-target import 64512:1110 stitching
interface Loopback0
description device loopback
vrf forwarding EXPERIMENTAL
ip address 172.21.128.30 255.255.255.255
interface Loopback1
ip address 100.1.1.2 255.255.255.255
ip ospf 1 area 0
interface Loopback2
description VTEP Loopback
ip address 172.21.134.1 255.255.255.255
ip pim sparse-mode
ip ospf 10 area 0
l2vpn evpn
replication-type ingress
router-id Loopback2
interface nve1
no ip address
source-interface Loopback2
host-reachability protocol bgp
member vni 100930 vrf EXPERIMENTAL
vlan configuration 930
member vni 100930
router ospf 1
router-id 172.21.128.30
passive-interface default
no passive-interface TwentyFiveGigE1/0/3
no passive-interface Loopback1
network 100.1.1.2 0.0.0.0 area 0
network 172.16.0.84 0.0.0.0 area 0
router ospf 10
router bgp 64512
bgp log-neighbor-changes
neighbor 100.1.1.1 remote-as 64512
neighbor 100.1.1.1 update-source Loopback1
neighbor 172.21.129.38 remote-as 65198
neighbor 172.21.129.38 ebgp-multihop 5
neighbor 172.21.129.38 update-source Loopback2
!
address-family vpnv4
import l2vpn evpn re-originate stitching-rt
neighbor 100.1.1.1 activate
neighbor 100.1.1.1 send-community both
neighbor 100.1.1.1 next-hop-self
exit-address-family
!
address-family l2vpn evpn
import vpnv4 unicast re-originate
neighbor 172.21.129.38 activate
neighbor 172.21.129.38 send-community both
neighbor 172.21.129.38 soft-reconfiguration inbound
exit-address-family
!
address-family ipv4 vrf EXPERIMENTAL
advertise l2vpn evpn
redistribute connected
exit-address-family
==========================
c9500-10 / CAT-EVPN-PEER
==========================
ip multicast-routing
ip multicast-routing vrf EXPERIMENTAL10
vlan 930
ip pim rp-address 172.21.129.38
vrf definition EXPERIMENTAL
rd 172.21.128.30:111
route-target export 64512:1110
route-target import 64512:1110
!
address-family ipv4
route-target export 64512:1110 stitching
route-target import 64512:1110 stitching
exit-address-family
interface Loopback0
description device loopback
vrf forwarding EXPERIMENTAL
ip address 172.21.128.31 255.255.255.255
interface Loopback2
description VTEP Loopback
ip address 172.21.129.38 255.255.255.255
ip ospf 10 area 0
ip pim sparse-mode
interface Vlan930
vrf forwarding EXPERIMENTAL
ip unnumbered Loopback2
no autostate
vlan configuration 930
member vni 100930
interface nve1
no ip address
source-interface Loopback2
host-reachability protocol bgp
member vni 100930 vrf EXPERIMENTAL
interface TwentyFiveGigE1/0/45
no switchport
ip address 10.1.1.2 255.255.255.0
ip pim sparse-mode
ip ospf 10 area 0
router ospf 10
CAT-EVPN-PEER#
router bgp 65198
bgp log-neighbor-changes
neighbor 172.21.134.1 remote-as 64512
neighbor 172.21.134.1 ebgp-multihop 5
neighbor 172.21.134.1 update-source Loopback2
!
address-family l2vpn evpn
neighbor 172.21.134.1 activate
neighbor 172.21.134.1 send-community both
exit-address-family
!
address-family ipv4 vrf EXPERIMENTAL
advertise l2vpn evpn
redistribute connected
exit-address-family
==============
N-7706-PE
================
feature-set mpls
feature ospf
feature bgp
feature mpls l3vpn
feature mpls ldp
feature mpls l2vpn
vrf context EXPERIMENTAL
rd 172.21.128.244:111
address-family ipv4 unicast
route-target import 64512:1110
route-target export 64512:1110
address-family ipv6 unicast
route-target import 64512:1110
route-target export 64512:1110
interface Ethernet1/1
mpls ip
no ip redirects
ip address 172.16.0.29/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
no shutdown
interface loopback0
vrf member EXPERIMENTAL
ip address 10.141.129.22/24
interface loopback1
ip address 100.1.1.1/32
ip ospf network point-to-point
ip ospf advertise-subnet
ip router ospf UNDERLAY area 0.0.0.0
mpls ldp configuration
router-id Eth1/1
advertise-labels interface Eth1/1
advertise-labels for ldp
router ospf UNDERLAY
router-id 172.21.128.244
router bgp 64512
log-neighbor-changes
address-family vpnv4 unicast
address-family ipv4 unicast
neighbor 100.1.1.2 remote-as 64512
update-source loopback1
address-family vpnv4 unicast
send-community
send-community extended
address-family ipv4 unicast
neighbor 172.16.0.84 remote-as 64512
update-source loopback1
address-family vpnv4 unicast
send-community
send-community extended
address-family ipv4 unicast
vrf EXPERIMENTAL
address-family ipv4 unicast
network 10.141.129.0/24
network 10.141.129.22/31
============
N-7706-P
============
feature-set mpls
feature ospf
feature mpls ldp
feature lldp
interface Ethernet1/8
mpls ip
no ip redirects
ip address 172.16.0.30/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
no shutdown
interface Ethernet1/47
mpls ip
no ip redirects
ip address 172.16.0.85/28
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
no shutdown
mpls ldp configuration
advertise-labels interface Eth1/8
advertise-labels interface Eth1/48
advertise-labels for ldp
router ospf UNDERLAY
router-id 172.21.128.241
9500-2
========
ip multicast-routing
ip multicast-routing vrf EXPERIMENTAL
vlan 930
ip pim rp-address 172.21.129.38
vrf definition EXPERIMENTAL
rd 172.21.128.30:111
route-target export 64512:1110
route-target import 64512:1110
!
address-family ipv4
route-target export 64512:1110 stitching
route-target import 64512:1110 stitching
interface Loopback0
description device loopback
vrf forwarding EXPERIMENTAL
ip address 172.21.128.30 255.255.255.255
interface Loopback1
ip address 100.1.1.2 255.255.255.255
ip ospf 1 area 0
interface Loopback2
description VTEP Loopback
ip address 172.21.134.1 255.255.255.255
ip pim sparse-mode
ip ospf 10 area 0
l2vpn evpn
replication-type ingress
router-id Loopback2
interface nve1
no ip address
source-interface Loopback2
host-reachability protocol bgp
member vni 100930 vrf EXPERIMENTAL
vlan configuration 930
member vni 100930
router ospf 1
router-id 172.21.128.30
passive-interface default
no passive-interface TwentyFiveGigE1/0/3
no passive-interface Loopback1
network 100.1.1.2 0.0.0.0 area 0
network 172.16.0.84 0.0.0.0 area 0
router ospf 10
router bgp 64512
bgp log-neighbor-changes
neighbor 100.1.1.1 remote-as 64512
neighbor 100.1.1.1 update-source Loopback1
neighbor 172.21.129.38 remote-as 65198
neighbor 172.21.129.38 ebgp-multihop 5
neighbor 172.21.129.38 update-source Loopback2
!
address-family vpnv4
import l2vpn evpn re-originate stitching-rt
neighbor 100.1.1.1 activate
neighbor 100.1.1.1 send-community both
neighbor 100.1.1.1 next-hop-self
exit-address-family
!
address-family l2vpn evpn
import vpnv4 unicast re-originate
neighbor 172.21.129.38 activate
neighbor 172.21.129.38 send-community both
neighbor 172.21.129.38 soft-reconfiguration inbound
exit-address-family
!
address-family ipv4 vrf EXPERIMENTAL
advertise l2vpn evpn
redistribute connected
exit-address-family
==========================
c9500-10 / CAT-EVPN-PEER
==========================
ip multicast-routing
ip multicast-routing vrf EXPERIMENTAL10
vlan 930
ip pim rp-address 172.21.129.38
vrf definition EXPERIMENTAL
rd 172.21.128.30:111
route-target export 64512:1110
route-target import 64512:1110
!
address-family ipv4
route-target export 64512:1110 stitching
route-target import 64512:1110 stitching
exit-address-family
interface Loopback0
description device loopback
vrf forwarding EXPERIMENTAL
ip address 172.21.128.31 255.255.255.255
interface Loopback2
description VTEP Loopback
ip address 172.21.129.38 255.255.255.255
ip ospf 10 area 0
ip pim sparse-mode
interface Vlan930
vrf forwarding EXPERIMENTAL
ip unnumbered Loopback2
no autostate
vlan configuration 930
member vni 100930
interface nve1
no ip address
source-interface Loopback2
host-reachability protocol bgp
member vni 100930 vrf EXPERIMENTAL
interface TwentyFiveGigE1/0/45
no switchport
ip address 10.1.1.2 255.255.255.0
ip pim sparse-mode
ip ospf 10 area 0
router ospf 10
CAT-EVPN-PEER#
router bgp 65198
bgp log-neighbor-changes
neighbor 172.21.134.1 remote-as 64512
neighbor 172.21.134.1 ebgp-multihop 5
neighbor 172.21.134.1 update-source Loopback2
!
address-family l2vpn evpn
neighbor 172.21.134.1 activate
neighbor 172.21.134.1 send-community both
exit-address-family
!
address-family ipv4 vrf EXPERIMENTAL
advertise l2vpn evpn
redistribute connected
exit-address-family
==============
N-7706-PE
================
feature-set mpls
feature ospf
feature bgp
feature mpls l3vpn
feature mpls ldp
feature mpls l2vpn
vrf context EXPERIMENTAL
rd 172.21.128.244:111
address-family ipv4 unicast
route-target import 64512:1110
route-target export 64512:1110
address-family ipv6 unicast
route-target import 64512:1110
route-target export 64512:1110
interface Ethernet1/1
mpls ip
no ip redirects
ip address 172.16.0.29/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
no shutdown
interface loopback0
vrf member EXPERIMENTAL
ip address 10.141.129.22/24
interface loopback1
ip address 100.1.1.1/32
ip ospf network point-to-point
ip ospf advertise-subnet
ip router ospf UNDERLAY area 0.0.0.0
mpls ldp configuration
router-id Eth1/1
advertise-labels interface Eth1/1
advertise-labels for ldp
router ospf UNDERLAY
router-id 172.21.128.244
router bgp 64512
log-neighbor-changes
address-family vpnv4 unicast
address-family ipv4 unicast
neighbor 100.1.1.2 remote-as 64512
update-source loopback1
address-family vpnv4 unicast
send-community
send-community extended
address-family ipv4 unicast
neighbor 172.16.0.84 remote-as 64512
update-source loopback1
address-family vpnv4 unicast
send-community
send-community extended
address-family ipv4 unicast
vrf EXPERIMENTAL
address-family ipv4 unicast
network 10.141.129.0/24
network 10.141.129.22/31
============
N-7706-P
============
feature-set mpls
feature ospf
feature mpls ldp
feature lldp
interface Ethernet1/8
mpls ip
no ip redirects
ip address 172.16.0.30/30
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
no shutdown
interface Ethernet1/47
mpls ip
no ip redirects
ip address 172.16.0.85/28
ip ospf network point-to-point
ip router ospf UNDERLAY area 0.0.0.0
no shutdown
mpls ldp configuration
advertise-labels interface Eth1/8
advertise-labels interface Eth1/48
advertise-labels for ldp
router ospf UNDERLAY
router-id 172.21.128.241
VERIFICATION
L2VPN EVPN and NVE peering is UP.
CAT-EVPN-PEER#sh bgp l2vpn evpn summary
<>
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.21.134.1 4 64512 218 216 7 0 0 03:11:28 3
CAT-EVPN-PEER#sh nve peer
Interface VNI Type Peer-IP RMAC/Num_RTs eVNI state flags UP time
nve1 100930 L3CP 172.21.134.1 3473.2d93.d25f 100930 UP A/M/4 03:12:28
CAT-EVPN-PEER#sh ip route vrf EXPERIMENTAL 10.141.129.22
Routing Table: EXPERIMENTAL
Routing entry for 10.141.129.0/24
Known via "bgp 65198", distance 20, metric 0
Tag 64512, type external
Last update from 172.21.134.1 on Vlan930, 00:40:33 ago
Routing Descriptor Blocks:
* 172.21.134.1 (default), from 172.21.134.1, 00:40:33 ago, via Vlan930
Route metric is 0, traffic share count is 1
AS Hops 1
Route tag 64512
MPLS label: none
Reachability between L2VPN EVPN peers is established.
F241.07.05-C9500-2#ping vrf EXPERIMENTAL 172.21.128.31 sou loop0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.21.128.31, timeout is 2 seconds:
Packet sent with a source address of 172.21.128.30
!!!!!
F241.07.05-C9500-2#sh bgp l2vpn evpn summary
<>
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.21.129.38 4 65198 219 221 7 0 0 03:14:31 1
F241.07.05-C9500-2#sh bgp l2vpn evpn
BGP table version is 7, local router ID is 100.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path, L long-lived-stale,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 172.21.128.30:111 (default for vrf EXPERIMENTAL)
*>i [5][172.21.128.30:111][0][24][10.141.129.0]/17
100.1.1.1 100 0 i
*> [5][172.21.128.30:111][0][32][172.21.128.30]/17
0.0.0.0 0 32768 ?
*> [5][172.21.128.30:111][0][32][172.21.128.31]/17 <<<<<<
172.21.129.38 0 65198 ?
*> [5][172.21.128.30:111][0][32][172.21.134.62]/17
0.0.0.0 0 32768 ?
F241.07.05-C9500-2#sh bgp vpnv4 unicast all summ
<>
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
100.1.1.1 4 64512 49 53 11 0 0 00:43:02 1
F241.07.05-C9500-2#sh bgp vpnv4 unicast all
BGP table version is 11, local router ID is 100.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path, L long-lived-stale,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 172.21.128.30:111 (default for vrf EXPERIMENTAL)
AF-Private Import to Address-Family: L2VPN E-VPN, Pfx Count/Limit: 3/1000
*>i 10.141.129.0/24 100.1.1.1 100 0 i
*> 172.21.128.30/32 0.0.0.0 0 32768 ?
*> 172.21.128.31/32 172.21.129.38 0 65198 ? <<<<
*> 172.21.134.62/32 0.0.0.0 0 32768 ?
Route Distinguisher: 172.21.128.244:111
*>i 10.141.129.0/24 100.1.1.1 100 0 i
N-7706_PE-Router# sh bgp vpnv4 unicast
BGP routing table information for VRF default, address family VPNv4 Unicast
BGP table version is 63, Local Router ID is 100.1.1.1
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-i
njected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup, 2 - b
est2
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 172.21.128.30:111
*>i172.21.128.30/32 100.1.1.2 0 100 0 ?
*>i172.21.128.31/32 100.1.1.2 0 100 0 65198 ?
*>i172.21.134.62/32 100.1.1.2 0 100 0 ?
Route Distinguisher: 172.21.128.244:111 (VRF EXPERIMENTAL)
*>l10.141.129.0/24 0.0.0.0 100 32768 i
l10.141.129.22/31 0.0.0.0 100 32768 i
*>i172.21.128.30/32 100.1.1.2 0 100 0 ?
*>i172.21.128.31/32 100.1.1.2 0 100 0 65198 ? <<<<
*>i172.21.134.62/32 100.1.1.2 0 100 0 ?
Advertised L2VPN EVPN route into L3VPN topology and the route is present on the L3VPN peer now.
N-7706_PE-Router# sh bgp vpnv4 uni 172.21.128.31
BGP routing table information for VRF default, address family VPNv4 Unicast
Route Distinguisher: 172.21.128.30:111
BGP routing table entry for 172.21.128.31/32, version 98
Paths: (1 available, best #1)
Flags: (0x000002) (high32 00000000) on xmit-list, is not in urib, is not in HW
Advertised path-id 1
Path type: internal, path is valid, is best path
Imported to 1 destination(s)
Imported paths list: EXPERIMENTAL
AS-Path: 65198 , path sourced external to AS
100.1.1.2 (metric 9) from 100.1.1.2 (172.21.134.1)
Origin incomplete, MED 0, localpref 100, weight 0
Received label 16
Extcommunity: RT:64512:1110 ENCAP:8 Router MAC:3473.2d93.d4df <<<<
Connector Attribute: count=1
type 1 len 12 value 172.21.128.30:111:100.1.1.2
Path-id 1 not advertised to any peer
N-7706_PE-Router# sh ip route 172.21.128.31 vrf EXPERIMENTAL
IP Route Table for VRF "EXPERIMENTAL"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
172.21.128.31/32, ubest/mbest: 1/0 time
*via 100.1.1.2%default, [200/0], 00:01:35, bgp-64512, internal, tag 65198 <<<
Established reachability between L2VPN EVPN host 172.21.128.31 and L3VPN host 10.141.129.22.
N-7706_PE-Router# ping 172.21.128.31 vrf EXPERIMENTAL source 10.141.129.22
PING 172.21.128.31 (172.21.128.31) from 10.141.129.22: 56 data bytes
64 bytes from 172.21.128.31: icmp_seq=0 ttl=251 time=1.431 ms
64 bytes from 172.21.128.31: icmp_seq=1 ttl=251 time=0.987 ms
64 bytes from 172.21.128.31: icmp_seq=2 ttl=251 time=1.018 ms
64 bytes from 172.21.128.31: icmp_seq=3 ttl=251 time=0.998 ms
64 bytes from 172.21.128.31: icmp_seq=4 ttl=251 time=0.958 ms
PACKET CAPTURE ON C9500-10
Comments
Post a Comment