EVPN with eBGP Between Leaf and Spine Configuration Example

EVPN with eBGP between leaf and spine. Spines are on a dedicated ASn, Each leaf is on separate ASn. MLAG peers share ASn.

Configuration Notes

Configure and apply IP Anycast on leafs (see IP and MAC Anycast, and configure IP address on tenant VLAN and enable IP forwarding.

EVI with manual RT is configured. Here is an example:

create bgp EVPN instance evi_1 
configure bgp EVPN instance evi_1 VXLAN vni 100 
create bgp EVPN instance evi_2 
configure bgp EVPN instance evi_2 VXLAN vni 200 
configure bgp EVPN instance evi_1 route-target both add 100:100 
configure bgp EVPN instance evi_2 route-target both add 200:200

MLAG peers share the same LTEP IP, ASNUM, but use different BGP router IDs.
BGP adjacency between MLAG peers is recommended for alternate path. (additional L3 VLAN between MLAG peers).
OSPF routes are exported to BGP on Spine1.
eBGP between leaf and spines. MLAG peers use ASNUM 10000; spines use ASNUM 20000; Leaf 3 uses ASNUM 30000.
Allow-as-in on leaf nodes (VTEPs). This is to ensure EVPN routes from other leaf nodes are not dropped due to BGP split horizon (ASPATH present in route).
BGP fast-external-fallover is enabled on all nodes.
Spines are configured with “next-hop-unchanged” for L2VPN-EVPN routes.
Static LACP MAC is configured on MLAG peers.
BGP maximum paths is set to 2 for this topology and IP route sharing is enabled.
ARP suppression is enabled on tenant VLANs.

Note

On SLX and other platforms “retain route-targets” should be enabled on spine/transit L3 nodes. ExtremeXOS by default retains all RTs and does not have a command to turn it off.

Leaf 1

#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-36
configure vr VR-Default add ports 1-36
configure vlan default delete ports 1,4-5,7,16,19,21
enable jumbo-frame ports all
create vlan "isc"
configure vlan isc tag 4000
create vlan "loop"
enable loopback-mode vlan loop
create vlan "mlagvtep"
enable loopback-mode vlan mlagvtep
create vlan "tenant"
configure vlan tenant tag 10
configure vlan tenant suppress arp-only
create vlan "trunk1_2"
configure vlan trunk1_2 tag 4001
create vlan "trunk1_3"
create vlan "trunk1_4"
create vlan "untagtenant"
configure vlan untagtenant suppress arp-only
configure ports 1 auto off speed 10000 duplex full
configure ports 2 auto off speed 10000 duplex full
configure ports 3 auto off speed 10000 duplex full
configure ports 4 auto off speed 10000 duplex full
configure ports 5 auto off speed 10000 duplex full
configure ports 6 auto off speed 10000 duplex full
configure ports 7 auto off speed 10000 duplex full
configure ports 8 auto off speed 10000 duplex full
configure ports 9 auto off speed 10000 duplex full
configure ports 10 auto off speed 10000 duplex full
configure ports 11 auto off speed 10000 duplex full
configure ports 12 auto off speed 10000 duplex full
configure ports 13 auto off speed 10000 duplex full
configure ports 14 auto off speed 10000 duplex full
configure ports 15 auto off speed 10000 duplex full
configure ports 16 auto off speed 10000 duplex full
configure ports 17 auto off speed 10000 duplex full
configure ports 18 auto off speed 10000 duplex full
configure ports 19 auto off speed 10000 duplex full
configure ports 20 auto off speed 10000 duplex full
configure ports 21 auto off speed 10000 duplex full
configure ports 22 auto off speed 10000 duplex full
configure ports 23 auto off speed 10000 duplex full
configure ports 24 auto off speed 10000 duplex full
configure ports 26 auto off speed 10000 duplex full
configure ports 27 auto off speed 10000 duplex full
configure ports 28 auto off speed 10000 duplex full
enable sharing 1 grouping 1 algorithm address-based L2 lacp
configure vlan Default add ports 2-3,6,8-15,17-18,20,22-36 untagged
configure vlan isc add ports 21 tagged
configure vlan tenant add ports 1,16,21 tagged
configure vlan trunk1_2 add ports 21 tagged
configure vlan trunk1_3 add ports 5 untagged
configure vlan trunk1_4 add ports 7 untagged
configure vlan untagtenant add ports 1,16,21 untagged
configure vlan isc ipaddress 172.16.1.0 255.255.255.254
configure vlan loop ipaddress 1.1.1.1 255.255.255.255
enable ipforwarding vlan loop
configure vlan Mgmt ipaddress 10.127.16.27 255.255.255.0
configure vlan mlagvtep ipaddress 1.1.1.200 255.255.255.255
enable ipforwarding vlan mlagvtep
configure vlan tenant ipaddress 10.1.100.100 255.255.255.0
enable ipforwarding vlan tenant
configure vlan trunk1_2 ipaddress 192.168.5.0 255.255.255.254
enable ipforwarding vlan trunk1_2
configure vlan trunk1_3 ipaddress 192.168.1.0 255.255.255.254
enable ipforwarding vlan trunk1_3
configure vlan trunk1_4 ipaddress 192.168.2.0 255.255.255.254
enable ipforwarding vlan trunk1_4
configure vlan untagtenant ipaddress 20.1.100.100 255.255.255.0
enable ipforwarding vlan untagtenant

#
# Module mcmgr configuration.
#
disable igmp snooping vlan "tenant"
disable igmp snooping vlan "untagtenant"

#
# Module vsm configuration.
#
create mlag peer "leaf2"
configure mlag peer "leaf2" ipaddress 172.16.1.1 vr VR-Default
configure mlag peer "leaf2" lacp-mac 00:00:de:ad:be:ef
enable mlag port 1 peer "leaf2" id 1

#
# Module bgp configuration.
#
configure bgp AS-number 10000
configure bgp routerid 1.1.1.1
configure bgp maximum-paths 2
enable bgp fast-external-fallover
configure bgp add network 1.1.1.1/32
configure bgp add network 1.1.1.200/32
create bgp neighbor 192.168.1.1 remote-AS-number 20000
enable bgp neighbor 192.168.1.1
create bgp neighbor 192.168.2.1 remote-AS-number 20000
enable bgp neighbor 192.168.2.1
create bgp neighbor 192.168.5.1 remote-AS-number 10000
enable bgp neighbor 192.168.5.1
configure bgp neighbor 192.168.1.1 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.1.1 capability l2vpn-EVPN
configure bgp neighbor 192.168.2.1 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.2.1 capability l2vpn-EVPN
configure bgp neighbor 192.168.5.1 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.5.1 capability l2vpn-EVPN
enable bgp export direct address-family ipv4-unicast
enable bgp
create bgp EVPN instance evi_1
configure bgp EVPN instance evi_1 VXLAN vni 100
create bgp EVPN instance evi_2
configure bgp EVPN instance evi_2 VXLAN vni 200
configure bgp EVPN instance evi_1 route-target both add 100:100
configure bgp EVPN instance evi_2 route-target both add 200:200
#
# Module otm configuration.
#
configure virtual-network local-endpoint ipaddress 1.1.1.200 vr "VR-Default"
create virtual-network "vni1" flooding standard
configure virtual-network "vni1" VXLAN vni 100
configure virtual-network "vni1" add vlan tenant
create virtual-network "vni2" flooding standard
configure virtual-network "vni2" VXLAN vni 200
configure virtual-network "vni2" add vlan untagtenant

Leaf 2

#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-72
configure vr VR-Default add ports 1-72
configure vlan default delete ports 1-72
enable jumbo-frame ports all
create vlan "isc"
configure vlan isc tag 4000
create vlan "loop"
enable loopback-mode vlan loop
create vlan "loop2"
enable loopback-mode vlan loop2
create vlan "mlagvtep"
enable loopback-mode vlan mlagvtep
create vlan "tenant"
configure vlan tenant tag 10
configure vlan tenant suppress arp-only
create vlan "trunk1_2"
configure vlan trunk1_2 tag 4001
create vlan "trunk2_3"
create vlan "trunk2_4"
create vlan "untagtenant"
configure vlan untagtenant suppress arp-only
configure ports 50 auto off speed 10000 duplex full
configure ports 51 auto off speed 10000 duplex full
configure ports 52 auto off speed 10000 duplex full
enable sharing 53 grouping 53-56 algorithm address-based L2 lacp
configure vlan isc add ports 66 tagged
configure vlan tenant add ports 4-5,53,66 tagged
configure vlan trunk1_2 add ports 66 tagged
configure vlan trunk2_3 add ports 57 untagged
configure vlan trunk2_4 add ports 49 untagged
configure vlan untagtenant add ports 4-5,53,66 untagged
configure vlan isc ipaddress 172.16.1.1 255.255.255.254
configure vlan loop ipaddress 2.2.2.2 255.255.255.255
enable ipforwarding vlan loop
configure vlan loop2 ipaddress 2.2.2.100 255.255.255.255
enable ipforwarding vlan loop2
configure vlan Mgmt ipaddress 10.127.16.19 255.255.255.0
configure vlan mlagvtep ipaddress 1.1.1.200 255.0.0.0
enable ipforwarding vlan mlagvtep
configure vlan tenant ipaddress 10.1.100.100 255.255.255.0
enable ipforwarding vlan tenant
configure vlan trunk1_2 ipaddress 192.168.5.1 255.255.255.254
enable ipforwarding vlan trunk1_2
configure vlan trunk2_3 ipaddress 192.168.3.0 255.255.255.254
enable ipforwarding vlan trunk2_3
configure vlan trunk2_4 ipaddress 192.168.4.0 255.255.255.254
enable ipforwarding vlan trunk2_4
configure vlan untagtenant ipaddress 20.1.100.100 255.255.255.0
enable ipforwarding vlan untagtenant
#
# Module mcmgr configuration.
#
disable igmp snooping vlan "tenant"
disable igmp snooping vlan "untagtenant"


#
# Module otm configuration.
#
configure virtual-network local-endpoint ipaddress 1.1.1.200 vr "VR-Default"
create virtual-network "vni1" flooding standard
configure virtual-network "vni1" VXLAN vni 100
configure virtual-network "vni1" add vlan tenant
create virtual-network "vni2" flooding standard
configure virtual-network "vni2" VXLAN vni 200
configure virtual-network "vni2" add vlan untagtenant

#
# Module bgp configuration.
#
#
configure bgp AS-number 10000
configure bgp routerid 2.2.2.2
configure bgp maximum-paths 2
enable bgp fast-external-fallover
configure bgp add network 1.1.1.200/32
configure bgp add network 2.2.2.2/32
create bgp neighbor 192.168.3.1 remote-AS-number 20000
enable bgp neighbor 192.168.3.1
create bgp neighbor 192.168.4.1 remote-AS-number 20000
enable bgp neighbor 192.168.4.1
create bgp neighbor 192.168.5.0 remote-AS-number 10000
enable bgp neighbor 192.168.5.0
configure bgp neighbor 192.168.3.1 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.3.1 capability l2vpn-EVPN
configure bgp neighbor 192.168.4.1 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.4.1 capability l2vpn-EVPN
configure bgp neighbor 192.168.5.0 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.5.0 capability l2vpn-EVPN
enable bgp export direct address-family ipv4-unicast
enable bgp
create bgp EVPN instance evi_1
configure bgp EVPN instance evi_1 VXLAN vni 100
create bgp EVPN instance evi_2
configure bgp EVPN instance evi_2 VXLAN vni 200
configure bgp EVPN instance evi_1 route-target both add 100:100
configure bgp EVPN instance evi_2 route-target both add 200:200
# Module vrrp configuration.
#
create vrrp vlan tenant vrid 1
configure vrrp vlan tenant vrid 1 priority 255
create vrrp vlan untagtenant vrid 1
configure vrrp vlan untagtenant vrid 1 priority 255
configure vrrp vlan tenant vrid 1 add 10.1.100.100
configure vrrp vlan untagtenant vrid 1 add 20.1.100.100
enable vrrp vlan tenant vrid 1
enable vrrp vlan untagtenant vrid 1

#
# Module vsm configuration.
#
create mlag peer "leaf1"
configure mlag peer "leaf1" ipaddress 172.16.1.0 vr VR-Default
configure mlag peer "leaf1" lacp-mac 00:00:de:ad:be:ef
enable mlag port 53 peer "leaf1" id 1

Leaf 3

#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-56
configure vr VR-Default add ports 1-56
configure vlan default delete ports 1,50-51
enable jumbo-frame ports all
create vlan "leaf3_trunk1"
create vlan "leaf3_trunk2"
create vlan "loop"
enable loopback-mode vlan loop
create vlan "tenant"
configure vlan tenant tag 10
configure vlan tenant suppress arp-only
create vlan "untagtenant"
configure vlan untagtenant suppress arp-only
configure ports 49 auto off speed 10000 duplex full
configure ports 50 auto off speed 10000 duplex full
configure ports 51 auto off speed 10000 duplex full
configure ports 52 auto off speed 10000 duplex full
configure ports 54 auto off speed 10000 duplex full
configure ports 55 auto off speed 10000 duplex full
configure ports 56 auto off speed 10000 duplex full
configure vlan Default add ports 2-49,52-56 untagged
configure vlan leaf3_trunk1 add ports 51 untagged
configure vlan leaf3_trunk2 add ports 50 untagged
configure vlan tenant add ports 1 tagged
configure vlan untagtenant add ports 1 untagged
configure vlan leaf3_trunk1 ipaddress 192.168.6.0 255.255.255.254
enable ipforwarding vlan leaf3_trunk1
configure vlan leaf3_trunk2 ipaddress 192.168.7.0 255.255.255.254
enable ipforwarding vlan leaf3_trunk2
configure vlan loop ipaddress 5.5.5.5 255.255.255.255
enable ipforwarding vlan loop
configure vlan Mgmt ipaddress 10.127.16.17 255.255.255.0
configure vlan tenant ipaddress 10.1.100.100 255.255.255.0
enable ipforwarding vlan tenant
configure vlan untagtenant ipaddress

# Module mcmgr configuration.
#
disable igmp snooping vlan "tenant"
disable igmp snooping vlan "untagtenant"

#
# Module otm configuration.
#
configure virtual-network local-endpoint ipaddress 5.5.5.5 vr "VR-Default"
create virtual-network "vni1" flooding standard
configure virtual-network "vni1" VXLAN vni 100
configure virtual-network "vni1" add vlan tenant
create virtual-network "vni2" flooding standard
configure virtual-network "vni2" VXLAN vni 200
configure virtual-network "vni2" add vlan untagtenant

#
# Module bgp configuration.
#
configure bgp AS-number 30000
configure bgp routerid 5.5.5.5
configure bgp maximum-paths 2
enable bgp fast-external-fallover
configure bgp restart both
configure bgp add network 5.5.5.5/32
create bgp neighbor 192.168.6.1 remote-AS-number 20000
enable bgp neighbor 192.168.6.1
create bgp neighbor 192.168.7.1 remote-AS-number 20000
enable bgp neighbor 192.168.7.1
configure bgp neighbor 192.168.6.1 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.6.1 capability l2vpn-EVPN
configure bgp neighbor 192.168.7.1 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.7.1 capability l2vpn-EVPN
enable bgp
create bgp EVPN instance evi_1
configure bgp EVPN instance evi_1 VXLAN vni 100
create bgp EVPN instance evi_2
configure bgp EVPN instance evi_2 VXLAN vni 200
configure bgp EVPN instance evi_1 route-target both add 100:100
configure bgp EVPN instance evi_2 route-target both add 200:200
#
# Module vrrp configuration.
#
create vrrp vlan tenant vrid 1
configure vrrp vlan tenant vrid 1 priority 255
create vrrp vlan untagtenant vrid 1
configure vrrp vlan untagtenant vrid 1 priority 255
configure vrrp vlan tenant vrid 1 add 10.1.100.100
configure vrrp vlan untagtenant vrid 1 add 20.1.100.100
enable vrrp vlan tenant vrid 1
enable vrrp vlan untagtenant vrid 1

Spine 1

configure vlan default delete ports all
configure vr VR-Default delete ports 1-128
configure vr VR-Default add ports 1-128
configure vlan default delete ports 33,57,89,105
enable jumbo-frame ports all
create vlan "leaf3_trunk1"
create vlan "loop"
enable loopback-mode vlan loop
create vlan "routed"
configure vlan routed tag 4030
create vlan "trunk1_3"
create vlan "trunk2_3"
configure vlan Default add ports 1-32,34-56,58-88,90-104,106-128 untagged
configure vlan leaf3_trunk1 add ports 89 untagged
configure vlan routed add ports 33 tagged
configure vlan trunk1_3 add ports 57 untagged
configure vlan trunk2_3 add ports 105 untagged
configure vlan leaf3_trunk1 ipaddress 192.168.6.1 255.255.255.254
enable ipforwarding vlan leaf3_trunk1
configure vlan loop ipaddress 3.3.3.100 255.0.0.0
enable ipforwarding vlan loop
configure vlan Mgmt ipaddress 10.127.16.24 255.255.255.0
configure vlan routed ipaddress 172.16.1.1 255.255.255.0
enable ipforwarding vlan routed
configure vlan trunk1_3 ipaddress 192.168.1.1 255.255.255.254
enable ipforwarding vlan trunk1_3
configure vlan trunk2_3 ipaddress 192.168.3.1 255.255.255.254
enable ipforwarding vlan trunk2_3

#
# Module bgp configuration.
#
#
configure bgp AS-number 20000
configure bgp routerid 3.3.3.3
configure bgp maximum-paths 2
enable bgp fast-external-fallover
create bgp neighbor 192.168.1.0 remote-AS-number 10000
enable bgp neighbor 192.168.1.0
create bgp neighbor 192.168.3.0 remote-AS-number 10000
enable bgp neighbor 192.168.3.0
create bgp neighbor 192.168.6.0 remote-AS-number 30000
enable bgp neighbor 192.168.6.0
enable bgp neighbor 192.168.1.0 capability l2vpn-EVPN
enable bgp neighbor 192.168.1.0 address-family l2vpn-EVPN next-hop-unchanged
enable bgp neighbor 192.168.3.0 capability l2vpn-EVPN
enable bgp neighbor 192.168.3.0 address-family l2vpn-EVPN next-hop-unchanged
enable bgp neighbor 192.168.6.0 capability l2vpn-EVPN
enable bgp neighbor 192.168.6.0 address-family l2vpn-EVPN next-hop-unchanged
enable bgp export ospf-extern1 address-family ipv4-unicast
enable bgp export ospf-extern2 address-family ipv4-unicast
enable bgp export ospf-inter address-family ipv4-unicast
enable bgp export ospf-intra address-family ipv4-unicast
enable bgp
# Module ospf configuration.
#
enable ospf
configure ospf add vlan routed area 0.0.0.0

Spine 2

#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-64
configure vr VR-Default add ports 1-64
configure vlan default delete ports 25,27,49
create vlan "leaf3_trunk2"
create vlan "loop"
enable loopback-mode vlan loop
create vlan "trunk1_4"
create vlan "trunk2_4"
configure ports 1 auto off speed 10000 duplex full
configure ports 2 auto off speed 10000 duplex full
configure ports 3 auto off speed 10000 duplex full
configure ports 4 auto off speed 10000 duplex full
configure ports 5 auto off speed 10000 duplex full
configure ports 6 auto off speed 10000 duplex full
configure ports 7 auto off speed 10000 duplex full
configure ports 8 auto off speed 10000 duplex full
configure ports 9 auto off speed 10000 duplex full
configure ports 10 auto off speed 10000 duplex full
configure ports 11 auto off speed 10000 duplex full
configure ports 12 auto off speed 10000 duplex full
configure ports 13 auto off speed 10000 duplex full
configure ports 14 auto off speed 10000 duplex full
configure ports 15 auto off speed 10000 duplex full
configure ports 16 auto off speed 10000 duplex full
configure ports 17 auto off speed 10000 duplex full
configure ports 18 auto off speed 10000 duplex full
configure ports 19 auto off speed 10000 duplex full
configure ports 20 auto off speed 10000 duplex full
configure ports 21 auto off speed 10000 duplex full
configure ports 22 auto off speed 10000 duplex full
configure ports 23 auto off speed 10000 duplex full
configure ports 24 auto off speed 10000 duplex full
configure ports 25 auto off speed 10000 duplex full
configure ports 26 auto off speed 10000 duplex full
configure ports 27 auto off speed 10000 duplex full
configure ports 28 auto off speed 10000 duplex full
configure ports 29 auto off speed 10000 duplex full
configure ports 30 auto off speed 10000 duplex full
configure ports 31 auto off speed 10000 duplex full
configure ports 32 auto off speed 10000 duplex full
configure ports 33 auto off speed 10000 duplex full
configure ports 34 auto off speed 10000 duplex full
configure ports 35 auto off speed 10000 duplex full
configure ports 36 auto off speed 10000 duplex full
configure ports 37 auto off speed 10000 duplex full
configure ports 38 auto off speed 10000 duplex full
configure ports 39 auto off speed 10000 duplex full
co

Switching

Routing

Wireless

Management & Automation

Analytics & Visibility

Security & Access Control

Remote

Cloud

Security

Machine Learning

Campus Fabric

Data Center Fabric

Internet of Things

Wi-Fi 6

Primary & Secondary Education (K-12)

Retail

Service Providers

Federal Government

Manufacturing

Higher Education

Healthcare

Hospitality

State & Local Government

Sports & Public Venues

Support Portal

Knowledge Base

Documentation

End of Sale

Policies & Warranties

Training & Courses

Maintenance Services

Premier Services

Professional Services

Managed Services