EVPN with eBGP Between Leaf and Spine Configuration Example

EVPN with eBGP between leaf and spine. Spines are on a dedicated ASn, Each leaf is on separate ASn. MLAG peers share ASn.

Configuration Notes

Configure and apply IP Anycast on leafs (see IP and MAC Anycast, and configure IP address on tenant VLAN and enable IP forwarding.

EVI with manual RT is configured. Here is an example:

create bgp EVPN instance evi_1 
configure bgp EVPN instance evi_1 VXLAN vni 100 
create bgp EVPN instance evi_2 
configure bgp EVPN instance evi_2 VXLAN vni 200 
configure bgp EVPN instance evi_1 route-target both add 100:100 
configure bgp EVPN instance evi_2 route-target both add 200:200

MLAG peers share the same LTEP IP, ASNUM, but use different BGP router IDs.
BGP adjacency between MLAG peers is recommended for alternate path. (additional L3 VLAN between MLAG peers).
OSPF routes are exported to BGP on Spine1.
eBGP between leaf and spines. MLAG peers use ASNUM 10000; spines use ASNUM 20000; Leaf 3 uses ASNUM 30000.
Allow-as-in on leaf nodes (VTEPs). This is to ensure EVPN routes from other leaf nodes are not dropped due to BGP split horizon (ASPATH present in route).
BGP fast-external-fallover is enabled on all nodes.
Spines are configured with “next-hop-unchanged” for L2VPN-EVPN routes.
Static LACP MAC is configured on MLAG peers.
BGP maximum paths is set to 2 for this topology and IP route sharing is enabled.
ARP suppression is enabled on tenant VLANs.

Note

On SLX and other platforms “retain route-targets” should be enabled on spine/transit L3 nodes. ExtremeXOS by default retains all RTs and does not have a command to turn it off.

Leaf 1

#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-36
configure vr VR-Default add ports 1-36
configure vlan default delete ports 1,4-5,7,16,19,21
enable jumbo-frame ports all
create vlan "isc"
configure vlan isc tag 4000
create vlan "loop"
enable loopback-mode vlan loop
create vlan "mlagvtep"
enable loopback-mode vlan mlagvtep
create vlan "tenant"
configure vlan tenant tag 10
configure vlan tenant suppress arp-only
create vlan "trunk1_2"
configure vlan trunk1_2 tag 4001
create vlan "trunk1_3"
create vlan "trunk1_4"
create vlan "untagtenant"
configure vlan untagtenant suppress arp-only
configure ports 1 auto off speed 10000 duplex full
configure ports 2 auto off speed 10000 duplex full
configure ports 3 auto off speed 10000 duplex full
configure ports 4 auto off speed 10000 duplex full
configure ports 5 auto off speed 10000 duplex full
configure ports 6 auto off speed 10000 duplex full
configure ports 7 auto off speed 10000 duplex full
configure ports 8 auto off speed 10000 duplex full
configure ports 9 auto off speed 10000 duplex full
configure ports 10 auto off speed 10000 duplex full
configure ports 11 auto off speed 10000 duplex full
configure ports 12 auto off speed 10000 duplex full
configure ports 13 auto off speed 10000 duplex full
configure ports 14 auto off speed 10000 duplex full
configure ports 15 auto off speed 10000 duplex full
configure ports 16 auto off speed 10000 duplex full
configure ports 17 auto off speed 10000 duplex full
configure ports 18 auto off speed 10000 duplex full
configure ports 19 auto off speed 10000 duplex full
configure ports 20 auto off speed 10000 duplex full
configure ports 21 auto off speed 10000 duplex full
configure ports 22 auto off speed 10000 duplex full
configure ports 23 auto off speed 10000 duplex full
configure ports 24 auto off speed 10000 duplex full
configure ports 26 auto off speed 10000 duplex full
configure ports 27 auto off speed 10000 duplex full
configure ports 28 auto off speed 10000 duplex full
enable sharing 1 grouping 1 algorithm address-based L2 lacp
configure vlan Default add ports 2-3,6,8-15,17-18,20,22-36 untagged
configure vlan isc add ports 21 tagged
configure vlan tenant add ports 1,16,21 tagged
configure vlan trunk1_2 add ports 21 tagged
configure vlan trunk1_3 add ports 5 untagged
configure vlan trunk1_4 add ports 7 untagged
configure vlan untagtenant add ports 1,16,21 untagged
configure vlan isc ipaddress 172.16.1.0 255.255.255.254
configure vlan loop ipaddress 1.1.1.1 255.255.255.255
enable ipforwarding vlan loop
configure vlan Mgmt ipaddress 10.127.16.27 255.255.255.0
configure vlan mlagvtep ipaddress 1.1.1.200 255.255.255.255
enable ipforwarding vlan mlagvtep
configure vlan tenant ipaddress 10.1.100.100 255.255.255.0
enable ipforwarding vlan tenant
configure vlan trunk1_2 ipaddress 192.168.5.0 255.255.255.254
enable ipforwarding vlan trunk1_2
configure vlan trunk1_3 ipaddress 192.168.1.0 255.255.255.254
enable ipforwarding vlan trunk1_3
configure vlan trunk1_4 ipaddress 192.168.2.0 255.255.255.254
enable ipforwarding vlan trunk1_4
configure vlan untagtenant ipaddress 20.1.100.100 255.255.255.0
enable ipforwarding vlan untagtenant

#
# Module mcmgr configuration.
#
disable igmp snooping vlan "tenant"
disable igmp snooping vlan "untagtenant"

#
# Module vsm configuration.
#
create mlag peer "leaf2"
configure mlag peer "leaf2" ipaddress 172.16.1.1 vr VR-Default
configure mlag peer "leaf2" lacp-mac 00:00:de:ad:be:ef
enable mlag port 1 peer "leaf2" id 1

#
# Module bgp configuration.
#
configure bgp AS-number 10000
configure bgp routerid 1.1.1.1
configure bgp maximum-paths 2
enable bgp fast-external-fallover
configure bgp add network 1.1.1.1/32
configure bgp add network 1.1.1.200/32
create bgp neighbor 192.168.1.1 remote-AS-number 20000
enable bgp neighbor 192.168.1.1
create bgp neighbor 192.168.2.1 remote-AS-number 20000
enable bgp neighbor 192.168.2.1
create bgp neighbor 192.168.5.1 remote-AS-number 10000
enable bgp neighbor 192.168.5.1
configure bgp neighbor 192.168.1.1 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.1.1 capability l2vpn-EVPN
configure bgp neighbor 192.168.2.1 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.2.1 capability l2vpn-EVPN
configure bgp neighbor 192.168.5.1 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.5.1 capability l2vpn-EVPN
enable bgp export direct address-family ipv4-unicast
enable bgp
create bgp EVPN instance evi_1
configure bgp EVPN instance evi_1 VXLAN vni 100
create bgp EVPN instance evi_2
configure bgp EVPN instance evi_2 VXLAN vni 200
configure bgp EVPN instance evi_1 route-target both add 100:100
configure bgp EVPN instance evi_2 route-target both add 200:200
#
# Module otm configuration.
#
configure virtual-network local-endpoint ipaddress 1.1.1.200 vr "VR-Default"
create virtual-network "vni1" flooding standard
configure virtual-network "vni1" VXLAN vni 100
configure virtual-network "vni1" add vlan tenant
create virtual-network "vni2" flooding standard
configure virtual-network "vni2" VXLAN vni 200
configure virtual-network "vni2" add vlan untagtenant

Leaf 2

#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-72
configure vr VR-Default add ports 1-72
configure vlan default delete ports 1-72
enable jumbo-frame ports all
create vlan "isc"
configure vlan isc tag 4000
create vlan "loop"
enable loopback-mode vlan loop
create vlan "loop2"
enable loopback-mode vlan loop2
create vlan "mlagvtep"
enable loopback-mode vlan mlagvtep
create vlan "tenant"
configure vlan tenant tag 10
configure vlan tenant suppress arp-only
create vlan "trunk1_2"
configure vlan trunk1_2 tag 4001
create vlan "trunk2_3"
create vlan "trunk2_4"
create vlan "untagtenant"
configure vlan untagtenant suppress arp-only
configure ports 50 auto off speed 10000 duplex full
configure ports 51 auto off speed 10000 duplex full
configure ports 52 auto off speed 10000 duplex full
enable sharing 53 grouping 53-56 algorithm address-based L2 lacp
configure vlan isc add ports 66 tagged
configure vlan tenant add ports 4-5,53,66 tagged
configure vlan trunk1_2 add ports 66 tagged
configure vlan trunk2_3 add ports 57 untagged
configure vlan trunk2_4 add ports 49 untagged
configure vlan untagtenant add ports 4-5,53,66 untagged
configure vlan isc ipaddress 172.16.1.1 255.255.255.254
configure vlan loop ipaddress 2.2.2.2 255.255.255.255
enable ipforwarding vlan loop
configure vlan loop2 ipaddress 2.2.2.100 255.255.255.255
enable ipforwarding vlan loop2
configure vlan Mgmt ipaddress 10.127.16.19 255.255.255.0
configure vlan mlagvtep ipaddress 1.1.1.200 255.0.0.0
enable ipforwarding vlan mlagvtep
configure vlan tenant ipaddress 10.1.100.100 255.255.255.0
enable ipforwarding vlan tenant
configure vlan trunk1_2 ipaddress 192.168.5.1 255.255.255.254
enable ipforwarding vlan trunk1_2
configure vlan trunk2_3 ipaddress 192.168.3.0 255.255.255.254
enable ipforwarding vlan trunk2_3
configure vlan trunk2_4 ipaddress 192.168.4.0 255.255.255.254
enable ipforwarding vlan trunk2_4
configure vlan untagtenant ipaddress 20.1.100.100 255.255.255.0
enable ipforwarding vlan untagtenant
#
# Module mcmgr configuration.
#
disable igmp snooping vlan "tenant"
disable igmp snooping vlan "untagtenant"


#
# Module otm configuration.
#
configure virtual-network local-endpoint ipaddress 1.1.1.200 vr "VR-Default"
create virtual-network "vni1" flooding standard
configure virtual-network "vni1" VXLAN vni 100
configure virtual-network "vni1" add vlan tenant
create virtual-network "vni2" flooding standard
configure virtual-network "vni2" VXLAN vni 200
configure virtual-network "vni2" add vlan untagtenant

#
# Module bgp configuration.
#
#
configure bgp AS-number 10000
configure bgp routerid 2.2.2.2
configure bgp maximum-paths 2
enable bgp fast-external-fallover
configure bgp add network 1.1.1.200/32
configure bgp add network 2.2.2.2/32
create bgp neighbor 192.168.3.1 remote-AS-number 20000
enable bgp neighbor 192.168.3.1
create bgp neighbor 192.168.4.1 remote-AS-number 20000
enable bgp neighbor 192.168.4.1
create bgp neighbor 192.168.5.0 remote-AS-number 10000
enable bgp neighbor 192.168.5.0
configure bgp neighbor 192.168.3.1 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.3.1 capability l2vpn-EVPN
configure bgp neighbor 192.168.4.1 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.4.1 capability l2vpn-EVPN
configure bgp neighbor 192.168.5.0 allowas-in max-as-occurrence 3
enable bgp neighbor 192.168.5.0 capability l2vpn-EVPN
enable bgp export direct address-family ipv4-unicast
enable bgp
create bgp EVPN instance evi_1
configure bgp EVPN instance evi_1 VXLAN vni 100
create bgp EVPN instance evi_2
configure bgp EVPN instance evi_2 VXLAN vni 200
configure bgp EVPN instance evi_1 route-target both add 100:100
configure bgp EVPN instance evi_2 route-target both add 200:200
# Module vrrp configuration.
#
create vrrp vlan tenant vrid 1
configure vrrp vlan tenant vrid 1 priority 255
create vrrp vlan untagtenant vrid 1
configure vrr

Switching

Routing

Wireless

Management & Automation

Analytics & Visibility

Security & Access Control

Remote

Cloud

Security

Machine Learning

Campus Fabric

Data Center Fabric

Internet of Things

Wi-Fi 6

Primary & Secondary Education (K-12)

Retail

Service Providers

Federal Government

Manufacturing

Higher Education

Healthcare

Hospitality

State & Local Government

Sports & Public Venues

Support Portal

Knowledge Base

Documentation

End of Sale

Policies & Warranties

Training & Courses

Maintenance Services

Premier Services

Professional Services

Managed Services

EVPN with eBGP Between Leaf and Spine Configuration Example

Configuration Notes

Leaf 1

Leaf 2