Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Configuring Optional Add-Ins to the EVPN-VXLAN Fabric With ERB

 

This section shows how to configure optional features for an EVPN-VXLAN fabric.

How to Configure DHCP

Requirements

Configure DHCP on the following devices that you configured in the How to Configure an EVPN-VXLAN Fabric for a Campus Network With ERB configuration example:

  • Two EX4650 switches as distribution devices. Software version: Junos OS Release 20.1R1S1.

  • An external server. In this example, we use a EX4600 switch running Junos OS Release 18.4R1.

Overview

Use this section to configure DHCP on the network. To avoid flooding the network with DHCP discover packets, configure DHCP on an interface in a VRF routing instance. Both distribution devices are configured with EVPN multihoming (also called ESI-LAG) to act as a DHCP stateless relay to a Layer 3 reachable external DHCP server. This provides redundant connectivity and help maintain DHCP services if one of the core devices fail. The link between the server and the distribution layer is an ESI. Figure 1 shows the virtual network topology with a DHCP server.

Figure 1: Overlay Virtual Network Topology with a DHCP Server
 Overlay
Virtual Network Topology with a DHCP Server

Configuration on Distribution -1

Step-by-Step Procedure

  1. Configure the distribution device to act as a DHCP relay only. It will not maintain a binding table.
  2. Create a server group and specify the IP address of the DHCP server.
  3. Specify the new server group as the active server group.
  4. Suppress the installation of access, access-internal, or destination routes during client binding during the JDHCPD process.
  5. Set the broadcast bit to one for all types of DHCP messages at all times. If you do not configure this option, some clients will set the bit to zero before sending the message, which is not preferable.
  6. Configure the IRBs to connect to the related VLANs and subnets and provide DHCP services to those clients.
    Note

    In this step, you can include any IRB that is part of the routing instance.

  7. Configure an ESI-LAG interface between the core devices and the external DHCP server running on a EX4600 switch. The virtual-gateway-accept-data allows the system to respond to PING and other traffic when it is destined for the virtual-gateway-address.

Configuration on Distribution -2

Step-by-Step Procedure

  1. Configure the distribution device to act as a DHCP relay only. It will not maintain a binding table.
  2. Create a server group and specify the IP address of the DHCP server.
  3. Specify the new server group as the active server group.
  4. Suppress the installation of access, access-internal, or destination routes during client binding during the JDHCPD process.
  5. Set the broadcast bit to one for all types of DHCP messages at all times. If you do not configure this option, some clients will set the bit to zero before sending the message, which is not preferable.
  6. Configure the IRBs to connect to the related VLANs and subnets and provide DHCP services to those clients.
    Note

    In this step, you can include any IRB that is part of the routing instance.

  7. Configure the EX4600 switch to act as the DHCP server.Note

    In your network, the DHCP server may be an external device.

  8. On the EX4600 switch acting as the DHCP server, verify that the DHCP clients are successfully being assigned IP addresses.Note

    The hosts shown in this output are behind the access devices and connected to them through a traffic generator. When the hosts send a DHCP request, it is sent across the access, distribution, and core devices, and the IP addresses are relayed back from the server.

You have now verified that DHCP is configured on your devices.

Connect Multiple Campus Deployments with EVPN Type-5 Route

EVPN is a flexible solution that uses Layer 2 overlays to interconnect buildings within a campus. VXLAN is an overlay technology that encapsulates MAC frames into a UDP header at Layer 2. Communication is established between two virtual tunnel endpoints (VTEPs). VTEPs encapsulate the client traffic into a VXLAN header, as well as strip off the encapsulation. Clients can only communicate with each other when they belong to the same VXLAN segment. A 24-bit virtual network identifier (VNID) uniquely identifies the VXLAN segment. This enables having the same MAC frames across multiple VXLAN segments without traffic crossover.

When a Bridge Domain (BD) is not L2 extended across campuses, the IP subnet belonging to the BD is confined within a single campus. If all BDs within each campus network satisfy this requirement, there is no longer a need to advertise MAC+IP route for each tenant between campuses as host routes for the tenants can be aggregated. Thus the L2 inter-campus connectivity issue can be simply transformed to an inter-campus L3 IP prefix reachability issue.

With EVPN type-5 IP prefix route advertises the IP prefixes between the campuses. Unlike the type-2 EVPN MAC advertisement route, the EVPN type-5 IP prefix route separates the host MAC address from its IP address and provides a clean advertisement of an IP prefix for the bridge domain.

Advantages of Using EVPN Pure Type-5 Routing

There are two main advantages for using EVPN pure type-5 routing:

  • No need to exchange all host routes between data center locations. This results in smaller requirements for the routing information base (RIB), also known as the routing table, and the forwarding information base (FIB), also known as the forwarding table.

  • No need to use multiple protocol families, such as both EVPN and an L3 VPN, to advertise L2 and L3 reachability information.

In this example, we have two campus networks, where we have networks for employee, guest and IOT mapped to VLANS 101, 102, 201, 202, 301 and 302 in campus-1 with subnets 192.168.x.x and subnet 10.10.x.x in campus-2.

Figure 2: Multiple Campus Deployment topology
Multiple Campus Deployment topology

Table 1: Campus - 1 Details

Virtual Network

Wired Network

Wireless Network

VRF

Route Distinguisher

Employees

IRB: 101

Subnet: 192.168.101.3/24

IRB: 102

Subnet: 192.168.102.3/24

JNPR_1_VRF

102

Guests

IRB: 201

Subnet: 192.168.201.3/24

IRB: 202

Subnet: 192.168.202.3/24

JNPR_2_VRF

202

IoT Devices

IRB: 301

Subnet: 192.168.210.3/24

IRB: 302

Subnet: 192.168.212.3/24

JNPR_3_VRF

302

Table 2: Campus - 2 Details

Virtual Network

Wired Network

Wireless Network

VRF

Route Distinguisher

Employees

IRB: 101

Subnet: 10.10.101.3/24

IRB: 102

Subnet: 10.10.102.3/24

JNPR_1_VRF

102

Guests

IRB: 201

Subnet: 10.10.201.3/24

IRB: 202

Subnet: 10.10.202.3/24

JNPR_2_VRF

202

IoT Devices

IRB: 301

Subnet: 10.10.210.3/24

IRB: 302

Subnet: 10.10.212.3/24

JNPR_3_VRF

302

Campus 1 : Distribution 1

Step-by-Step Procedure

  1. Configure the IRB interfaces for 101,102, 201, 202, 301, and 302 routing instances.
  2. Configure the VLANs and VNI interfaces.
  3. Configure the aggregated interfaces.
  4. Configure EVPN Type 5 for the JNPR_1_VRF, JNPR_2_VRF, and JNPR_3_VRF routing instances.

Campus 1 : Distribution 2

Step-by-Step Procedure

  1. Configure the IRB interfaces for 101,102, 201, 202, 301, and 302 routing instances.
  2. Configure the VLANs and VNI interfaces.
  3. Configure the aggregated interfaces.
  4. Configure EVPN Type 5 for the JNPR_1_VRF, JNPR_2_VRF, and JNPR_3_VRF routing instances.
  5. Configure the VLANs.

Campus 2: Distribution 3

Step-by-Step Procedure

  1. Configure the IRB interfaces for 101,102, 201, 202, 301, and 302 routing instances.
  2. Configure the VLANs and VNI interfaces.
  3. Configure the aggregated interfaces.
  4. Configure EVPN Type 5 for the JNPR_1_VRF, JNPR_2_VRF, and JNPR_3_VRF routing instances.

Campus 2: Distribution 4

Step-by-Step Procedure

  1. Configure the IRB interfaces for 101,102, 201, 202, 301, and 302 routing instances.
  2. Configure the VLANs and VNI interfaces.
  3. Configure the aggregated interfaces.
  4. Configure EVPN Type 5 for the JNPR_1_VRF, JNPR_2_VRF, and JNPR_3_VRF routing instances.
  5. Configure the VLANs.

Verification (Campus 1)

Purpose

Verify campus-1 distribution-1.

Action

Verification (Campus 2)

Purpose

Verify campus-2 distribution-4.

Action

WHAT'S NEXT

Juniper’s Campus solution, based on a VXLAN overlay with EVPN control plane, is an efficient and scalable way to build and interconnect multiple campuses across a core network. With a robust BGP/EVPN implementation Juniper is well-positioned to harness the full potential of EVPN technology.

For more information on available EVPN features and how to configure them, see EVPN User Guide.