Ethernet Virtual Private Network (evpn) Configuration Module¶
This configuration module configures the BGP EVPN address family on Nokia SR OS, Nokia SR Linux, Arista EOS and FRR. The module depends on the BGP module.
The current implementation of EVPN module supports:
VXLAN-based transport over IPv4 and MPLS-based transport
VLAN-Based Service (bridging of a single VLAN within an EVPN Instance)
VLAN-Aware Bundle Service (bridging of multiple related VLANs inside a single EVPN Instance)
Symmetric IRB
Table of Contents
Platform Support¶
The following table describes per-platform support of individual EVPN/VXLAN features:
| Operating system | VLAN-based service |
VLAN Bundle service |
Asymmetric IRB |
Symmetric IRB |
|---|---|---|---|---|
| Arista EOS | ✅ | ✅ | ❌ | ✅ |
| Cisco Nexus OS | ✅ | ❌ | ❌ | ✅ |
| Cumulus Linux | ✅ | ❌ | ❌ | ✅ |
| Dell OS 10 | ✅ | ❌ | ❌ | ✅ |
| FRR | ✅ | ❌ | ❌ | ✅ |
| Nokia SR Linux | ✅ | ✅ | ✅ | ✅ |
| Nokia SR OS | ✅ | ❌ | ✅ | ✅ |
| VyOS | ✅ | ❌ | ❌ | ✅ |
The following table describes per-platform support of individual EVPN/MPLS features:
| Operating system | VLAN-based service |
VLAN Bundle service |
Asymmetric IRB |
Symmetric IRB |
|---|---|---|---|---|
| Arista EOS | ✅ | ✅ | ❌ | ❌ |
Note
Arista EOS requires anycast gateway for EVPN/MPLS symmetric IRB configuration. Anycast gateway is not yet supported by netlab.
EVPN module supports three design paradigms:
IBGP with IGP
IBGP over EBGP
EBGP-only (requires manual configuration of RD/RT values on most platforms)
| Operating system | IBGP+IGP | BGP RR | EBGP-only | IBGP over EBGP |
IPv4 BGP transport |
IPv6 BGP transport |
|---|---|---|---|---|---|---|
| Arista EOS | ✅ | ✅ | ❌ | ❌ | ✅ | ❌ |
| Cisco Nexus OS | ✅ | ✅ | ❌ | ❌ | ✅ | ❌ |
| Cumulus Linux | ✅ | ✅ | ❌ | ❌ | ✅ | ❌ |
| Dell OS 10 | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
| FRR | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Nokia SR Linux | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ |
| Nokia SR OS | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| VyOS | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
Note
Nokia SR Linux supports iBGP EVPN sessions over BGP unnumbered with IPv6 link-local addresses, using IPv4 VXLAN routes with IPv6 next hops
While VyOS itself supports IPv6 transport for VXLAN, using static flooding with the vxlan module, this seems not working with EVPN, where an IPv4 VTEP is always announced by frr.
Dell OS10 only allows to configure the EVPN RD in the form
X.X.X.X:N. By default, netlab usesN:Mfor L3VNI, so on this platform the L3VNI RD is derived from the Router-ID and the VRF ID asrouter-id:vrf-id(and the one generated by netlab is not used).
Global EVPN Parameters¶
EVPN module supports these default/global/node parameters:
evpn.vrfs (global or node parameter): A list of EVPN-enabled VRFs. Default value with VXLAN transport: all global VRFs with evpn.transit_vni parameter. There is no default value with MPLS transport.
evpn.vlans (global or node parameter): A list of EVPN-enabled VLANs. Default value with VXLAN transport: all global VLANs with vni parameter. There is no default value with MPLS transport.
evpn.session (global or node parameter): A list of BGP session types on which the EVPN address family is enabled (default:
ibgp)evpn.as (global parameter): Autonomous system number to use for VLAN and VRF route targets. Default value: bgp.as (when set globally) or vrf.as.
evpn.vlan_bundle_service (global parameter): Use VLAN bundle service for VLANs within a VRF (default:
False)evpn.start_transit_vni (system default parameter) – the first symmetric IRB transit VNI, range 4096…16777215
evpn.start_transit_vlan (device-dependent node parameter) – the starting VLAN ID for VLANs used to map VXLAN transit VNIs
VLAN-Based Service Parameters¶
EVPN-related VLAN parameters are set on vlans dictionary. You can set the following parameters for every VLAN using VLAN-Based Service:
evpn.evi: EVPN Instance identifier.
evpn.rd: EVPN Instance route distinguisher (not checked at the moment). Default: bgp.router_id:evpn.evi
evpn.import and evpn.export: Import and export route targets (not checked at the moment).
EVPN configuration module sets the following default EVI/RD/RT values for VXLAN-enabled VLANs:
evpn.evi:
vlan-idevpn.rd:
router-id:evi(according to Section 7.9 of RFC 7432 as the evpn.evi is set to vlan.id)evpn.import and evpn.export:
as:vlan-id(according to Section 7.10 of RFC 7432 and Section 5.1.2.1 of RFC 8365)1
VLAN-Aware Bundle Service¶
VLAN-Aware Bundle Service is disabled by default and has to be enabled by setting evpn.vlan_bundle_service parameter to True. Although that parameter is a global/node parameter, it might not be a good idea to use different settings on different nodes.
VLAN-Aware Bundle Service uses VRF configuration (and thus requires VRF configuration module). All VLANs belonging to a single VRF are configured as a VLAN bundle, modeled as a single EVPN Instance. RD and RT values assigned by VRF module are used to configure the VLAN bundle; you can set evpn.evi VRF parameter to set the EVPN Instance identifier.
The default value of VRF EVPN Instance identifier is the vrf.id.
Integrated Routing and Bridging¶
IRB is configured whenever EVPN-enabled VLANs in a VRF contain IPv4 or IPv6 addresses:
Asymmetric IRB requires no extra parameters2
Symmetric IRB used with VXLAN transport needs a transit VNI that has to be set with the evpn.transit_vni parameter.
You can set the VRF EVI value with evpn.evi parameter.
The evpn.transit_vni parameter must specify a globally unique VNI value. It could be set to:
True: EVPN configuration module auto-assigns a unique VNI to the VRF.
An integer value: static VNI assignment, checked for uniqueness
Name of another VRF: the evpn.transit_vni value is copied from that VRF. Use this setting for complex topologies where VRFs with different connectivity requirements have to share the transit VXLAN segment.
- 1
The AS number used in EVPN route targets is described in Global EVPN Parameters.
- 2
Asymmetric IRB is only supported on Nokia SR OS at the moment