Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Example: Configuring EVPN Active-Active Multihoming

This example shows how to configure Ethernet VPN (EVPN) for multihomed customer edge devices in the active-active redundancy mode, so the Layer 2 unicast traffic can be load-balanced across all the multihomed links on and toward the CE device.

Requirements

This example uses the following hardware and software components:

  • Five MX Series 5G Universal Routing Platforms with MPC interfaces only, where:

    • Three devices are configured as provider edge (PE) routers connected to a common multihomed customer site.

    • One device is configured as a remote PE router connected to a single-homed customer site.

  • Six customer edge (CE) devices, with one multihomed CE device and the rest of the CE devices being single-homed to each of the PE routers.

  • Junos OS Release 16.1 or later running on all the PE routers.

    Note:

    The EVPN multihoming active-active mode of operation is supported in Junos OS Releases 16.1 and later releases.

    Starting with Junos OS Release 16.1R4, EVPN multihoming active-active mode is supported on all EX9200 switches. For information about configuration specific to EX9200 switches, see Configuration on EX9200 Switches.

Before you begin:

  1. Configure the router interfaces.

  2. Configure IS-IS or any other IGP protocol.

  3. Configure BGP.

  4. Configure LDP.

  5. Configure MPLS.

  6. Configure RSVP MPLS LSP or GRE tunnels.

Overview and Topology

Starting with Junos OS Release 15.1, the EVPN solution on MX Series routers with MPC interfaces is extended to provide multihoming functionality in the active-active redundancy mode of operation. This feature enables load balancing of Layer 2 unicast traffic across all the multihomed links on and toward a customer edge device.

The EVPN active-active multihoming feature provides link-level and node-level redundancy along with effective utilization of resources.

To enable EVPN active-active multihoming, include the all-active statement at the [edit interfaces esi] hierarchy level.

In Figure 1, the core consists of four provider edge (PE) routers and a provider router (P) that is configured as a route reflector (RR). Router CE10 is multihomed to Routers PE1, PE2, and PE3. Each PE router is also connected to a single-homed customer site.

There are three routing instances running in the topology – VS-1, VS-2, and mhevpn, along with the default routing instance. The routing instances share nine VLANs with three ESIs each. The VS-1 and VS-2 routing instances are configured as a virtual switch type of routing instance, and the mhevpn routing instance is an EVPN routing instance.

Three aggregated bundles – ae0, ae1, and ae2 – are used to connect the multihomed CE device, CE10, to Routers PE1, PE2, and PE3. These aggregated bundles are configured for three ESIs each. The aggregated bundles, ae12 and ae13, are used to interconnect Routers PE1 and PE2, and PE1 and PE3, respectively.

Figure 1: EVPN Active-Active Multihoming TopologyEVPN Active-Active Multihoming Topology

For Active-Active redundancy, additional configurations are required in the “interconnect” stanza to enable DCI interconnection. For a default switch (switch-options) configuration, be sure to set the DCI under global protocols evpn: [edit global protocols evpn].

Protocols EVPN Example:

Note:

Configure this statement interconnect-multihoming-peer-gateways to contain a list of all DCI peers on the same DC.

The list can contain up to 64 peer gateway entries. Be sure to configure under the global protocol evpn stanza [edit global protocols evpn] and not under any mac-vrf setting [edit protocols evpn-vxlan-dc1 instance-type mac-vrf].

Configuration

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level, and then enter commit from configuration mode.

CE10

CE5

PE1

PE2

PE3

PE4

P (RR)

Procedure

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode.

To configure Router PE1:

Note:

Repeat this procedure for all other multihomed PE routers after modifying the appropriate interface names, addresses, and other parameters.

  1. Configure the MX Series router to operate in the enhanced-ip mode because the EVPN active-active functionality is supported on routers with MPCs and MIC interfaces only.

    A system reboot is required on committing this configuration.

  2. Specify the number of aggregated Ethernet interfaces to be created.

  3. Configure Router PE1 interfaces within the ae0 aggregated bundle toward the multihomed customer site, Router CE10.

    1. Assign interfaces ge-1/2/3 and ge-1/2/4 within the ae0 aggregated bundle.

    2. Configure the ae0 aggregated bundle parameters for VLAN tagging and encapsulation.

    3. Assign an ESI value for the first Ethernet segment and enable EVPN active-active multihoming for the ae0 aggregated bundle.

    4. Configure a trunk interface on the bridge network for the ae0 aggregated bundle.

  4. Configure the other Router PE1 interfaces toward the multihomed customer site, Router CE10.

    1. Configure the VLAN tagging and encapsulation parameters for the ge-1/2/2 PE1 interface.

    2. Assign an ESI value for the second Ethernet segment and enable EVPN active-active multihoming for the ge-1/2/2 PE1 interface.

    3. Configure a trunk interface on the bridge network for the ge-1/2/2 PE1 interface.

    4. Configure the VLAN tagging and encapsulation parameters for the ge-1/2/1 PE1 interface.

    5. Assign an ESI value for the third Ethernet segment and enable EVPN active-active multihoming for the ge-1/2/1 PE1 interface.

    6. Configure a trunk interface on the bridge network for the ge-1/2/1 PE1 interface.

  5. Configure Router PE1 interfaces toward Router PE2.

    1. Assign the interfaces ge-1/0/5 and ge-1/1/6 within the ae12 aggregated bundle.

    2. Specify the minimum number of links for the ae12 aggregated bundle to be labeled “up”.

    3. Assign an IP address for the ae12 aggregated bundle and enable MPLS and IS-IS protocol families on the bundle.

    4. Configure the VLAN tagging and encapsulation parameters for the ae12 aggregated bundle and assign VLAN ID 1200 for the bundle.

  6. Configure Router PE1 interfaces toward Router PE3.

    1. Assign the interfaces ge-1/0/3 and ge-1/0/4 within the ae13 aggregated bundle.

    2. Specify the minimum number of links for the ae13 aggregated bundle to be labeled “up”.

    3. Assign an IP address for the ae13 aggregated bundle and enable MPLS and IS-IS protocol families on the bundle.

    4. Configure the VLAN tagging and encapsulation parameters for the ae12 aggregated bundle and assign the inner and outer VLAN tags for the bundle.

  7. Configure the Router PE1 interface toward the single-homed customer site, Router CE1.

    1. Configure the VLAN tagging and encapsulation parameters for the ge-1/3/0 PE1 interface.

    2. Configure a trunk interface on the bridge network for the ge-1/3/0 PE1 interface.

  8. Configure the Router PE1 interface toward Router P (RR) and enable the MPLS and IS-IS protocol families for the interface.

  9. Configure an IRB interface for Router PE1.

  10. Configure the loopback interface for Router PE1.

  11. Assign a router ID and the autonomous system number for Router PE1.

  12. Assign a load-balancing policy to the forwarding table of Router PE1.

  13. Configure IS-IS on Router PE1.

  14. Configure an internal BGP group for Router PE1 to peer with route reflector, Router P.

  15. Enable EVPN signaling for the RR BGP group on Router PE1.

  16. Configure RSVP, LDP, MPLS, EVPN, and L2 learning on Router PE1.

  17. Configure label-switched paths between the PE routers.

  18. Configure MPLS paths from Router PE1 to other PE routers.

  19. Configure the load-balancing policy to enable load balancing per packet.

  20. Configure the first virtual switch routing instance.

    1. Configure the routing-instance type and assign Router PE1 interfaces to the routing instance.

    2. Configure the route distinguisher and the VPN routing and forwarding (VRF) target for the VS-1 routing instance.

    3. Configure EVPN and assign VLANs to the VS-1 routing instance.

    4. Configure the bridge domains and their associated VLANs and IRB interfaces for the VS-1 routing instance.

  21. Configure the second virtual switch routing instance.

    1. Configure the routing-instance type and assign Router PE1 interfaces to the routing instance.

    2. Configure the route distinguisher and the VPN routing and forwarding (VRF) target for the VS-2 routing instance.

    3. Configure EVPN and assign VLANs to the VS-2 routing instance.

    4. Configure the bridge domains and their associated VLANs for the VS-2 routing instance.

  22. Configure the multihomed EVPN routing instance.

    1. Configure the routing-instance type and assign VLANs and Router PE1 interfaces to the routing instance.

    2. Configure the route distinguisher and the VPN routing and forwarding (VRF) target for the mhevpn routing instance.

    3. Configure EVPN to the mhevpn routing instance.

  23. Configure the default routing instance.

    1. Configure the routing-instance type and assign IRB interfaces to the routing instance.

    2. Configure the route distinguisher and the VPN routing and forwarding (VRF) target for the vrf routing instance.

Configuration on EX9200 Switches

Step-by-Step Procedure

Several configuration statements used to configure active-active mode differ on EX9200 switches from those used on MX Series routers. This procedure shows which configuration statements are specific to EX9200 switches. All other configuration in this example applies both to EX9200 switches and MX Series routers.

  1. To configure a trunk interface, include the family ethernet-switching statements instead of the family bridge statements in all occurrences.

  2. To configure the Layer 2 Ethernet switching domain, include the vlan members (vlan-id | name) statement instead of the vlan-id-list vlan-id statement in all occurrences.

  3. To configure the VLAN domain and associated VLANs for each routing instance, include the vlans name statement, instead of the bridge-domains statement in all occurrences.

  4. To configure the IRB interface in each routing instance, include the l3-interface irb-interface-name statement instead of the routing-interface statement in all occurrences.

Results

From configuration mode, confirm your configuration by entering the show chassis, show interfaces, show routing-options, show protocols, and show routing-instances commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Verification

Confirm that the configuration is working properly.

Verifying VPN Services in the Core

Purpose

Ensure that the protocols in the VPN core are functioning properly.

Action

From operational mode, enter the show isis adjacency command.

From operational mode, enter the show bgp summary command.

From operational mode, enter the show mpls lsp command.

From operational mode, enter the show interface ae* terse command.

Meaning

The protocols IS-IS, BGP and MPLS are up and running. The aggregated bundles configured on Router PE1 are up.

Verifying the EVPN Instance Status

Purpose

Verify the EVPN routing instances and their status.

Action

From operational mode, run the show evpn instance extensive command.

Meaning

The output provides the following information:

  • List of EVPN and virtual switch routing instances

  • Mode of operation of each interface

  • Neighbors of each routing instance

  • Number of different routes received from each neighbor

  • ESI attached to each routing instance

  • Number of Ethernet segments on each routing instance

  • DF election roles for each ESI in an EVI

  • VLAN ID and MAC labels for each routing instance

  • IRB interface details

  • Number of default gateway MAC addresses received for the virtual switch routing instance (VS-1 and VS-2)

Verifying the Autodiscovery Routes per Ethernet Segment

Purpose

Verify that the autodiscovery routes per Ethernet segment are received.

Action

From operational mode, run the show route table mhevpn.evpn.0 command.

Router PE1

Router PE2

Meaning

The remote type 1 autodiscovery route is received for the ESI attached to Router PE2, which is the other PE router connected to the multihomed CE device.

Verifying the Ethernet Segment Route

Purpose

Verify that the local and advertised autodiscovery routes per Ethernet segment and the Ethernet segment routes are received.

Action

From operational mode, run the show route table __default_evpn__.evpn.0 command.

Router PE1

Router PE2

Meaning

The output displays the local and remote type 1 (autodiscovery) and type 4 (Ethernet segment) routes.

Verifying the DF Status

Purpose

Confirm which PE router is the designated forwarder (DF) for each routing instance.

Action

From operational mode, run the show evpn instance designated-forwarder command.

Meaning

The designated forwarder is displayed for each routing instance and ESI.

Verifying the BDF Status

Purpose

Confirm which PE router is the backup designated forwarder (BDF) for each routing instance.

Action

From operational mode, run the show evpn instance backup-forwarder command.

Meaning

The backup designated forwarder is displayed for each routing instance and ESI.

Verifying the Remote IRB and Host IP

Purpose

Verify that the remote IRB IP and the host IP are received.

Action

Router PE1

From operational mode, run the show route table mhevpn command.

Router PE2

From operational mode, run the show route table mhevpn command.

Router PE3

From operational mode, run the show route table mhevpn command.

Meaning

The output displays the local and remote IRB interfaces. It also displays the local and remote hosts that are installed in the VRF table.

Change History Table

Feature support is determined by the platform and release you are using. Use Feature Explorer to determine if a feature is supported on your platform.

Release
Description
16.1R4
Starting with Junos OS Release 16.1R4, EVPN multihoming active-active mode is supported on all EX9200 switches.