Example: Configure an IPv6 Underlay for Layer 2 VXLAN Gateway Leaf Devices
Overview
Ethernet VPNs (EVPNs) enable you to connect customer sites using Layer 2 virtual bridges. Virtual Extensible LANs (VXLANs) establish overlay tunnels that stretch the Layer 2 connection over an intervening Layer 3 network. Like VLANs, VXLANs help provide network segmentation, but without the scaling limitation of traditional VLANs. EVPN with VXLAN encapsulation enables Layer 2 connectivity at scale.
The physical underlay network in EVPN-VXLAN installations is often a two-layer IP fabric that includes spine and leaf devices. In this design, the spine devices provide connectivity between the leaf devices and the leaf devices provide connectivity to attached hosts. In different overlay network configurations, the leaf or spine devices might function as either or both of the following:
-
Layer 2 gateways that handle traffic within a VXLAN.
-
Layer 3 gateways that handle traffic between VXLANs using integrated routing and bridging (IRB) interfaces.
On supported platforms, in either case, the underlay network for the VXLAN overlay can use the IPv6 protocol to take advantage of the extended addressing and other capabilities of IPv6.
This example shows a use case to configure an IPv6 underlay for the Layer 2 VXLAN gateway leaf devices in a simple EVPN-VXLAN fabric. In this use case, the EVPN-VXLAN fabric supports a bridged overlay with VXLAN tunnels between the leaf devices. The leaf devices connect to end systems that might be single homed or include EVPN multihoming for redundancy. The following figure shows a high-level view of the topology in this example:
The following list describes the main differences in how you set up an IPv6 underlay compared to setting up an IPv4 underlay:
-
You assign an IPv6 address to the loopback interface on the devices that serve as the Layer 2 or Layer 3 VXLAN gateway VTEPs.
-
ACX Series and QFX Series devices support an IPv6 VXLAN underlay only with MAC-VRF routing instances. (See MAC-VRF Routing Instance Type Overview for more information about using MAC-VRF routing instances.) As a result, you configure the EVPN instance as a MAC-VRF instance.
-
On ACX Series and QFX Series devices, you set the VTEP source interface as an IPv6 address. You also must assign IPv6 addresses to the EVPN core-facing interfaces for IP reachability with IPv6.
-
IPv6 protocols need a 32-bit router ID to function properly. The router ID you assign must be:
-
A 32-bit value as a 4-octet, unsigned, non-zero integer.
-
Unique within the routing domain.
-
-
You can’t mix IPv4 and IPv6 underlays in the same fabric, so you must configure an IPv6 underlay across all EVPN instances in the fabric.
Requirements
This example consists of a full mesh two-layer spine-and-leaf EVPN-VXLAN fabric with two spine devices and three leaf devices. You can configure the IPv6 underlay in this example using:
-
QFX Series switches that support this feature.
-
Junos OS Release 21.4R1 or later for QFX5120 switches and switches in the QFX10000 line, or Junos OS Evolved 22.3R1 or later for QFX5130-32CD and QFX5700 switches.
Note:We also support this feature in Junos OS Release 21.2R2 on QFX5120 switches and switches in the QFX10000 line and in Junos OS Evolved Release 23.4R1 on ACX7100-32C and ACX7100-48L devices .
The leaf devices can host multihomed or single homed end devices on the access side. This example illustrates configuring an Ethernet segment for EVPN multihoming on one leaf and a single homed end system interface on another leaf. However, the elements you configure for the IPv6 underlay are independent of the access-side configuration.
Topology
This example shows how to configure an IPv6 underlay on Leaf 1 and Leaf 3 for VXLAN overlay tunnels like those in Figure 1. The configuration uses OSPFv3 for IPv6 connectivity and iBGP with IPv6 neighbor addressing in a single autonomous system in the following topology:
Leaf 1 serves a customer edge switch that is multihomed to Leaf 1 and Leaf 2, so you would use a similar configuration on Leaf 2 to reach devices on that Ethernet segment.
In the example topology, Leaf 1 includes an aggregated Ethernet interface bundle for the connection to Spine 1. You configure the remaining spine and leaf connections on Leaf 1 and Leaf 3 as single interfaces. Leaf 3 includes an access-side interface configuration to a single-homed end system.
This example includes show commands you can run to verify IPv6 underlay operation. For simplicity, we show these verification commands and output only for Leaf 3. You see similar results from the same commands on the other leaf devices.
Configure Leaf 1
CLI Quick Configuration on Leaf 1
To quickly configure Leaf 1 with an IPv6 underlay according to Figure 2, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.
set interfaces xe-0/0/18:0 description "LINK-0 to SPINE-1" set interfaces xe-0/0/18:0 ether-options 802.3ad ae0 set interfaces xe-0/0/18:1 description "LINK-1 to SPINE-1" set interfaces xe-0/0/18:1 ether-options 802.3ad ae0 set interfaces ae0 aggregated-ether-options link-speed mixed set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 unit 0 family inet6 address 2001:db8::02:1:2/112 set interfaces xe-0/0/34:0 description "LINK to SPINE-2" set interfaces xe-0/0/34:0 unit 0 family inet6 address 2001:db8::12:1:2/112 set interfaces xe-0/0/0:0 description "NETWORK LINK" set interfaces xe-0/0/0:0 flexible-vlan-tagging set interfaces xe-0/0/0:0 encapsulation extended-vlan-bridge set interfaces xe-0/0/0:0 unit 100 vlan-id 100 set interfaces xe-0/0/0:0 unit 110 vlan-id 110 set interfaces lo0 unit 0 family inet6 address 2001:db8::2:1/128 primary set forwarding-options evpn-vxlan shared-tunnels set routing-instances USER_MVS1 instance-type mac-vrf set routing-instances USER_MVS1 protocols evpn encapsulation vxlan set routing-instances USER_MVS1 vtep-source-interface lo0.0 inet6 set routing-instances USER_MVS1 service-type vlan-aware set routing-instances USER_MVS1 route-distinguisher 64500:11000002 set routing-instances USER_MVS1 vrf-target target:64500:1110 set routing-instances USER_MVS1 vrf-target auto set routing-instances USER_MVS1 vlans V100 interface xe-0/0/0:0.100 set routing-instances USER_MVS1 vlans V100 vxlan vni 1100 set routing-instances USER_MVS1 vlans V110 interface xe-0/0/0:0.110 set routing-instances USER_MVS1 vlans V110 interface ae10.110 set routing-instances USER_MVS1 vlans V110 vxlan vni 1110 set protocols ospf3 area 0.0.0.0 interface xe-0/0/34:0.0 set protocols ospf3 area 0.0.0.0 interface ae0.0 set protocols ospf3 area 0.0.0.0 interface lo0.0 passive set routing-options router-id 192.168.2.1 set routing-options autonomous-system 64500 set protocols bgp group vteps type internal set protocols bgp group vteps local-address 2001:db8::2:1 set protocols bgp group vteps family evpn signaling set protocols bgp group vteps neighbor 2001:db8::1 set protocols bgp group vteps neighbor 2001:db8::1:1 set protocols bgp group vteps neighbor 2001:db8::3:1 set protocols bgp group vteps neighbor 2001:db8::4:1 set interfaces xe-0/0/26:0 description "TO CE-1" set interfaces xe-0/0/26:0 ether-options 802.3ad ae10 set interfaces ae10 flexible-vlan-tagging set interfaces ae10 encapsulation extended-vlan-bridge set interfaces ae10 esi 00:10:11:12:13:14:15:16:17:01 set interfaces ae10 esi all-active set interfaces ae10 aggregated-ether-options link-speed mixed set interfaces ae10 aggregated-ether-options lacp active set interfaces ae10 aggregated-ether-options lacp periodic fast set interfaces ae10 aggregated-ether-options lacp system-id 00:11:11:03:04:01 set interfaces ae10 unit 110 vlan-id 110
Step-by-Step Procedure on Leaf 1
-
Configure the interfaces for the EVPN fabric device connections. For illustrative purposes, in this example Leaf 1 connects to Spine 1 with an aggregated Ethernet (AE) interface bundle and to Spine 2 with a single interface.
set interfaces xe-0/0/18:0 description "LINK-0 to SPINE-1" set interfaces xe-0/0/18:0 ether-options 802.3ad ae0 set interfaces xe-0/0/18:1 description "LINK-1 to SPINE-1" set interfaces xe-0/0/18:1 ether-options 802.3ad ae0 set interfaces ae0 aggregated-ether-options link-speed mixed set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 unit 0 family inet6 address 2001:db8::02:1:2/112 set interfaces xe-0/0/34:0 description "LINK to SPINE-2" set interfaces xe-0/0/34:0 unit 0 family inet6 address 2001:db8::12:1:2/112
-
Configure an interface for network traffic and the associated VLANs. This example uses a service provider style interface configuration.
set interfaces xe-0/0/0:0 description "NETWORK LINK" set interfaces xe-0/0/0:0 flexible-vlan-tagging set interfaces xe-0/0/0:0 encapsulation extended-vlan-bridge set interfaces xe-0/0/0:0 unit 100 vlan-id 100 set interfaces xe-0/0/0:0 unit 110 vlan-id 110
-
Assign an IPv6 address to the loopback interface on this device.
set interfaces lo0 unit 0 family inet6 address 2001:db8::2:1/128 primary
-
(QFX5120 switches only) A device might have problems with VTEP scaling when the configuration uses multiple MAC-VRF instances. As a result, to avoid this problem, we require that you enable the shared tunnels feature on QFX5120 switches when setting up an IPv6 underlay. When you configure the
shared-tunnelsoption, the device minimizes the number of next-hop entries to reach remote VTEPs.Include the following statement to globally enable shared VXLAN tunnels on the device:
set forwarding-options evpn-vxlan shared-tunnels
Note:After you configure the shared-tunnels option, you must reboot the device for the setting to take effect.
The shared tunnels feature is enabled by default on QFX5130-32CD and QFX5700 switches, so you don't need to explicitly set this option on those switches.
This statement is optional on the QFX10000 line of switches, which can handle higher VTEP scaling.
(ACX7100-32C, AX7100-48L, and ACX7024 devices only) You can use enable an IPv4 or IPv6 underlay. If you are currently using an IPv4 underlay, and you want to use an IPv6 underlay instead, you will need to remove any existing VXLAN configurations first.
To enable an IPv6 underlay, enable the
vxlan-extendedstatement.set system packet-forwarding-options system-profile vxlan-extended
After you enable the
vxlan-extendedstatement, the packet forwarding engine (PFE) reboots. After the PFE comes back up, you can configure an underlay and overlay for the IPv6 VXLAN underlay. Once you have configured the IPv6 VXLAN underlay and overlay, your VXLAN deployment will be using an IPv6 underlay.(ACX7100-32C, AX7100-48L, and ACX7024 devices only) To go back to using an IPv4 underlay, enable the default system profile.
delete system packet-forwarding-options system-profile vxlan-extended
Apply your underlay and overlay configuration for your IPv4 VXLAN underlay configuration. After the PFE reboots, your VXLAN deployment will be using an IPv4 underlay.
-
Create an EVPN-VXLAN MAC-VRF instance. To use an IPv6 underlay, on ACX Series and QFX Series devices, you configure the device loopback interface as an IPv6 VTEP source interface. You configure the IPv6 underlay in a later step.
In this step you also configure the following elements in the MAC-VRF instance:
-
Set the VLAN-aware Ethernet service type so you can associate multiple VLANs with the instance.
-
Assign a route distinguisher for the instance.
-
Assign the route target.
We also set the
autoroute target option here, which uses one target for both import and export and helps to simplify the configuration.
set routing-instances USER_MVS1 instance-type mac-vrf set routing-instances USER_MVS1 protocols evpn encapsulation vxlan set routing-instances USER_MVS1 vtep-source-interface lo0.0 inet6 set routing-instances USER_MVS1 service-type vlan-aware set routing-instances USER_MVS1 route-distinguisher 64500:11000002 set routing-instances USER_MVS1 vrf-target target:64500:1110 set routing-instances USER_MVS1 vrf-target auto
-
-
Configure the VLANs associated with the MAC-VRF instance and VLAN to VNI mappings—in this example, VLAN 100 (VNI 1100) and VLAN 110 (VNI 1110). This step includes the access-side ESI interface in the instance as well (ae10, which you configure in the last step).
set routing-instances USER_MVS1 vlans V100 interface xe-0/0/0:0.100 set routing-instances USER_MVS1 vlans V100 vxlan vni 1100 set routing-instances USER_MVS1 vlans V110 interface xe-0/0/0:0.110 set routing-instances USER_MVS1 vlans V110 interface ae10.110 set routing-instances USER_MVS1 vlans V110 vxlan vni 1110
-
Set up the IPv6 underlay. This example uses OSPFv3 for the IPv6 underlay connectivity.
Note:You might alternatively use BGP (for example, external BGP [eBGP]) as the IPv6 underlay routing protocol.
set protocols ospf3 area 0.0.0.0 interface xe-0/0/34:0.0 set protocols ospf3 area 0.0.0.0 interface ae0.0 set protocols ospf3 area 0.0.0.0 interface lo0.0 passive
-
Set up the IPv6 overlay. This example uses internal BGP (iBGP) as the overlay routing protocol for EVPN with VXLAN tunneling. Our example is based on a pure IPv6 overlay. This means we must explicitly configure a router ID because there are no IPv4 addresses assigned to any interface. In this example, we configure the router ID as an arbitrary 32-bit integer in dotted quad notation.
Note:When running IPv6 routing protocols, you must configure a router ID for proper operation. The router ID must be a 4-octet unsigned non-zero integer that is unique in the routing domain.
For simplicity, the router ID is often set to match an IPv4 address on the router, typically a loopback address. While the router ID looks like an IPv4 address, there is no need for it to be routable, or that it be assigned to any interfaces on the device. In an IPv6-based overlay, we use the IPv6 loopback address for the VTEP local address.
set routing-options router-id 192.168.2.1 set routing-options autonomous-system 64500 set protocols bgp group vteps type internal set protocols bgp group vteps local-address 2001:db8::2:1 set protocols bgp group vteps family evpn signaling set protocols bgp group vteps neighbor 2001:db8::1 set protocols bgp group vteps neighbor 2001:db8::1:1 set protocols bgp group vteps neighbor 2001:db8::3:1 set protocols bgp group vteps neighbor 2001:db8::4:1
-
Set up an Ethernet segment (ESI) from Leaf 1 to CE 1, which is multihomed to Leaf 1 and Leaf 2. You would configure the ESI on Leaf 2 similarly. For simplicity, this example doesn't show the Leaf 2 configuration.
set interfaces xe-0/0/26:0 description "TO CE-1" set interfaces xe-0/0/26:0 ether-options 802.3ad ae10 set interfaces ae10 flexible-vlan-tagging set interfaces ae10 encapsulation extended-vlan-bridge set interfaces ae10 esi 00:10:11:12:13:14:15:16:17:01 set interfaces ae10 esi all-active set interfaces ae10 aggregated-ether-options link-speed mixed set interfaces ae10 aggregated-ether-options lacp active set interfaces ae10 aggregated-ether-options lacp periodic fast set interfaces ae10 aggregated-ether-options lacp system-id 00:11:11:03:04:01 set interfaces ae10 unit 110 vlan-id 110
Configure Leaf 3
CLI Quick Configuration on Leaf 3
To quickly configure Leaf 3 with an IPv6 underlay according to Figure 2, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.
set interfaces xe-0/0/18:0 description "LINK TO SPINE-1" set interfaces xe-0/0/18:0 unit 0 family inet6 address 2001:db8::04:1:2/112 set interfaces xe-0/0/70:0 description "LINK TO SPINE-2" set interfaces xe-0/0/70:0 unit 0 family inet6 address 2001:db8::14:1:2/112 set interfaces xe-0/0/35:3 description "NETWORK LINK" set interfaces xe-0/0/35:3 flexible-vlan-tagging set interfaces xe-0/0/35:3 native-vlan-id 110 set interfaces xe-0/0/35:3 encapsulation extended-vlan-bridge set interfaces xe-0/0/35:3 unit 100 vlan-id 100 set interfaces xe-0/0/35:3 unit 110 vlan-id 110 set interfaces lo0 unit 0 family inet6 address 2001:db8::4:1/128 primary set forwarding-options evpn-vxlan shared-tunnels set routing-instances USER_MVS1 instance-type mac-vrf set routing-instances USER_MVS1 protocols evpn encapsulation vxlan set routing-instances USER_MVS1 vtep-source-interface lo0.0 inet6 set routing-instances USER_MVS1 service-type vlan-aware set routing-instances USER_MVS1 route-distinguisher 64500:11000004 set routing-instances USER_MVS1 vrf-target target:64500:1110 set routing-instances USER_MVS1 vrf-target auto set routing-instances USER_MVS1 vlans V100 interface xe-0/0/35:3.100 set routing-instances USER_MVS1 vlans V100 vxlan vni 1100 set routing-instances USER_MVS1 vlans V110 interface xe-0/0/35:3.110 set routing-instances USER_MVS1 vlans V110 vxlan vni 1110 set protocols ospf3 area 0.0.0.0 interface xe-0/0/18:0.0 set protocols ospf3 area 0.0.0.0 interface xe-0/0/70:0.0 set protocols ospf3 area 0.0.0.0 interface lo0.0 passive set routing-options router-id 192.168.4.1 set routing-options autonomous-system 64500 set protocols bgp group vteps type internal set protocols bgp group vteps local-address 2001:db8::4:1 set protocols bgp group vteps family evpn signaling set protocols bgp group vteps neighbor 2001:db8::1 set protocols bgp group vteps neighbor 2001:db8::1:1 set protocols bgp group vteps neighbor 2001:db8::2:1 set protocols bgp group vteps neighbor 2001:db8::3:1
Step-by-Step Procedure on Leaf 3
-
Configure the interfaces for the EVPN fabric device connections from Leaf 3 to Spine 1 and Spine 2.
set interfaces xe-0/0/18:0 description "LINK TO SPINE-1" set interfaces xe-0/0/18:0 unit 0 family inet6 address 2001:db8::04:1:2/112 set interfaces xe-0/0/70:0 description "LINK TO SPINE-2" set interfaces xe-0/0/70:0 unit 0 family inet6 address 2001:db8::14:1:2/112
-
Configure an interface for network traffic and the associated VLANs. This example uses a service provider style interface configuration.
set interfaces xe-0/0/35:3 description "NETWORK LINK" set interfaces xe-0/0/35:3 flexible-vlan-tagging set interfaces xe-0/0/35:3 native-vlan-id 110 set interfaces xe-0/0/35:3 encapsulation extended-vlan-bridge set interfaces xe-0/0/35:3 unit 100 vlan-id 100 set interfaces xe-0/0/35:3 unit 110 vlan-id 110
-
Assign an IPv6 address to the loopback interface on this device ..
set interfaces lo0 unit 0 family inet6 address 2001:db8::4:1/128 primary
-
(QFX5120 switches only) A device might have problems with VTEP scaling when the configuration uses multiple MAC-VRF instances. As a result, to avoid this problem, we require that you enable the shared tunnels feature on QFX5120 switches when setting up an IPv6 underlay. When you configure the
shared-tunnelsoption, the device minimizes the number of next-hop entries to reach remote VTEPs.Include the following statement to globally enable shared VXLAN tunnels on the device:
set forwarding-options evpn-vxlan shared-tunnels
Note:The shared tunnels feature is enabled by default on QFX5130-32CD and QFX5700 switches, so you don't need to explicitly set this option on those switches.
This statement is optional on the QFX10000 line of switches, which can handle higher VTEP scaling.
(ACX7100-32C, AX7100-48L, and ACX7024 devices only) You can use enable an IPv4 or IPv6 underlay. If you are currently using an IPv4 underlay, and you want to use an IPv6 underlay instead, you will need to remove any existing VXLAN configurations first.
To enable an IPv6 underlay, enable the
vxlan-extendedstatement.set system packet-forwarding-options system-profile vxlan-extended
After you enable the
vxlan-extendedstatement, the packet forwarding engine (PFE) reboots. After the PFE comes back up, you can configure an underlay and overlay for the IPv6 VXLAN underlay. Once you have configured the IPv6 VXLAN underlay and overlay, your VXLAN deployment will be using an IPv6 underlay.(ACX7100-32C, AX7100-48L, and ACX7024 devices only) To go back to using an IPv4 underlay, enable the default system profile.
delete system packet-forwarding-options system-profile vxlan-extended
Apply your underlay and overlay configuration for your IPv4 VXLAN underlay configuration. After the PFE reboots, your VXLAN deployment will be using an IPv4 underlay.
-
Create an EVPN-VXLAN MAC-VRF instance. To use an IPv6 underlay, you configure the device loopback interface as an IPv6 VTEP source interface. You configure the IPv6 underlay in a later step.
In this step you also configure the following elements in the MAC-VRF instance:
-
Set the VLAN-aware Ethernet service type so you can associate multiple VLANs with the instance.
-
Assign a route distinguisher for the instance.
-
Assign the route target.
We also set the
autoroute target option here, which uses one target for both import and export and helps to simplify the configuration.set routing-instances USER_MVS1 instance-type mac-vrf set routing-instances USER_MVS1 protocols evpn encapsulation vxlan set routing-instances USER_MVS1 vtep-source-interface lo0.0 inet6 set routing-instances USER_MVS1 service-type vlan-aware set routing-instances USER_MVS1 route-distinguisher 64500:11000004 set routing-instances USER_MVS1 vrf-target target:64500:1110 set routing-instances USER_MVS1 vrf-target auto
-
-
Configure the VLANs associated with the MAC-VRF instance and VLAN to VNI mappings—in this example, VLAN 100 (VNI 1100) and VLAN 110 (VNI 1110).
set routing-instances USER_MVS1 vlans V100 interface xe-0/0/35:3.100 set routing-instances USER_MVS1 vlans V100 vxlan vni 1100 set routing-instances USER_MVS1 vlans V110 interface xe-0/0/35:3.110 set routing-instances USER_MVS1 vlans V110 vxlan vni 1110
-
Set up the IPv6 underlay. This example uses OSPFv3 for the IPv6 underlay connectivity.
Note:You might alternatively use BGP (for example, external BGP [eBGP]) as the IPv6 underlay routing protocol.
set protocols ospf3 area 0.0.0.0 interface xe-0/0/18:0.0 set protocols ospf3 area 0.0.0.0 interface xe-0/0/70:0.0 set protocols ospf3 area 0.0.0.0 interface lo0.0 passive
-
Set up the IPv6 overlay. This example uses using internal BGP (iBGP) as the overlay routing protocol for EVPN with VXLAN tunneling.
Note:Even though we use the IPv6 address family, you must configure a router ID for proper operation. The router ID must be a 4-octet unsigned non zero integer that is unique in the routing domain. You configure the router ID using dotted quad notation.
In an IPv6 based overlay, we use the IPv6 loopback address for the VTEP local address.
set routing-options router-id 192.168.4.1 set routing-options autonomous-system 64500 set protocols bgp group vteps type internal set protocols bgp group vteps local-address 2001:db8::4:1 set protocols bgp group vteps family evpn signaling set protocols bgp group vteps neighbor 2001:db8::1 set protocols bgp group vteps neighbor 2001:db8::1:1 set protocols bgp group vteps neighbor 2001:db8::2:1 set protocols bgp group vteps neighbor 2001:db8::3:1
Verify the IPv6 Underlay on Leaf 3
Use the CLI commands in this section to verify the IPV6 underlay configuration is operational on the leaf devices in this example. This section shows the results from running these commands on Leaf 3.
This example includes show mac-vrf forwarding
command-name commands that display information for
MAC-VRF instance configurations. Most show mac-vrf forwarding
commands are aliases for the same command in the following command hierarchies that
you might use for the default switching instance or other instance types:
-
QFX Series switches—
show ethernet-switching command-name -
MX Series routers and EX9200 line of switches—
show l2-learning command-nameorshow bridge command-name
See MAC-VRF Routing Instance Type Overview for a full list of the MAC-VRF instance show commands and their mappings to the commands that display equivalent results for other instances.
On devices with multiple MAC-VRF EVPN instances, to avoid VTEP scaling issues, we
might require or recommend that you enable the shared tunnels feature. On some
platforms, shared tunnels are enabled by default. In this example, we enable shared
tunnels on the leaf devices using the set forwarding-options evpn-vxlan
shared-tunnels configuration statement. MAC-VRF show commands display
shared tunnel VTEP interfaces as
vtep-indexshared-tunnel-unit,
where:
-
index is the index associated with the MAC-VRF routing instance.
-
shared-tunnel-unit is the unit number associated with the shared tunnel remote VTEP logical interface.
For example:
vtep-7.32772
After you configure the shared-tunnels option, you must reboot
the device for the setting to take effect.
- Verify Peer Device Connectivity
- Verify VTEP Source Parameters
- Verify Remote VTEPs
- Verify MAC-VRF EVPN Instance Forwarding
Verify Peer Device Connectivity
Purpose
Check that the leaf device established BGP IPv6 connectivity to its peer spine and leaf devices in the fabric.
Action
Run the show bgp summary command on the leaf device:
user@leaf-3> show bgp summary
Threading mode: BGP I/O
Default eBGP mode: advertise - accept, receive - accept
Groups: 1 Peers: 5 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
bgp.evpn.0
33 33 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
2001:db8::1 64500 1428 1406 0 0 10:38:00 Establ
bgp.evpn.0: 10/10/10/0
USER_MVS1.evpn.0: 10/10/10/0
__default_evpn__.evpn.0: 0/0/0/0
2001:db8::1:1 64500 1435 1406 0 0 10:38:01 Establ
bgp.evpn.0: 10/10/10/0
USER_MVS1.evpn.0: 10/10/10/0
__default_evpn__.evpn.0: 0/0/0/0
2001:db8::2:1 64500 1578 1415 0 0 10:37:58 Establ
bgp.evpn.0: 5/5/5/0
USER_MVS1.evpn.0: 5/5/5/0
__default_evpn__.evpn.0: 0/0/0/0
2001:db8::3:1 64500 1483 1406 0 0 10:37:55 Establ
bgp.evpn.0: 3/3/3/0
USER_MVS1.evpn.0: 3/3/3/0
__default_evpn__.evpn.0: 0/0/0/0Meaning
Leaf 3 (IPv6 address 2001:db8::3:1 in Figure 2) sees its eBGP peer devices Spine 1 (2001:db8::1), Spine 2(2001:db8::1:1), Leaf 1(2001:db8::2:1) and Leaf 2 (2001:db8::3:1).
Verify VTEP Source Parameters
Purpose
View the configured IPv6 VTEP source interface(s).
Action
Run the show mac-vrf forwarding vxlan-tunnel-end-point
source command:
user@leaf-3> show mac-vrf forwarding vxlan-tunnel-end-point source
Logical System Name Id SVTEP-IP IFL L3-Idx SVTEP-Mode ELP-SVTEP-IP
<default> 0 2001:db8::4:1 lo0.0 0
L2-RTT Bridge Domain VNID Translation-VNID MC-Group-IP
USER_MVS1 V110 1110 ::
Meaning
The output shows you configured Leaf 3 with IPv6 VTEP source address 2001:db8::4:1 on the loopback port in MAC-VRF instance USER-MVS1 for VLAN V110, which you mapped to VNI 1110.
Verify Remote VTEPs
Purpose
Verify the device has forwarding information for the remote VTEPs.
Action
Run the show mac-vrf forwarding vxlan-tunnel-end-point
remote command:
user@leaf-3> show mac-vrf forwarding vxlan-tunnel-end-point remote
Logical System Name Id SVTEP-IP IFL L3-Idx SVTEP-Mode ELP-SVTEP-IP
<default> 0 2001:db8::4:1 lo0.0 0
RVTEP-IP IFL-Idx Interface NH-Id RVTEP-Mode ELP-IP Flags
2001:db8::1 612 vtep.32771 1758 RNVE
2001:db8::1:1 611 vtep.32770 1753 RNVE
2001:db8::2:1 613 vtep.32772 1759 RNVE
2001:db8::3:1 614 vtep.32773 1761 RNVE
RVTEP-IP L2-RTT IFL-Idx Interface NH-Id RVTEP-Mode ELP-IP Flags
2001:db8::1 USER_MVS1 671145987 vtep-7.32771 1758 RNVE
VNID MC-Group-IP
1110 ::
RVTEP-IP L2-RTT IFL-Idx Interface NH-Id RVTEP-Mode ELP-IP Flags
2001:db8::1:1 USER_MVS1 671145986 vtep-7.32770 1753 RNVE
VNID MC-Group-IP
1110 ::
RVTEP-IP L2-RTT IFL-Idx Interface NH-Id RVTEP-Mode ELP-IP Flags
2001:db8::2:1 USER_MVS1 671145988 vtep-7.32772 1759 RNVE
VNID MC-Group-IP
1110 ::
RVTEP-IP L2-RTT IFL-Idx Interface NH-Id RVTEP-Mode ELP-IP Flags
2001:db8::3:1 USER_MVS1 671145989 vtep-7.32773 1761 RNVE
VNID MC-Group-IP
1110 ::
Meaning
The output shows that Leaf 3 has forwarding information for remote IPv6 VTEPs on Leaf 1 (2001:db8::2:1) and Leaf 2 (2001:db8::3:1).
Verify MAC-VRF EVPN Instance Forwarding
Purpose
View the forwarding table for the configured MAC-VRF instance to see the interfaces for the remote VTEPs associated with the instance.
Action
Run the show mac-vrf forwarding mac-table instance
name command for the MAC-VRF instance in
this example, USER_MVS1:
user@leaf-3> show mac-vrf forwarding mac-table instance USER_MVS1
MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static
SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)
Ethernet switching table : 3 entries, 3 learned
Routing instance : USER_MVS1
Ethernet switching table : 3 entries, 3 learned
Routing instance : USER_MVS1
Vlan MAC MAC Logical SVLBNH/ Active
name address flags interface VENH Index source
V110 00:01:01:10:00:fe DRP esi.1754 05:00:00:02:9a:00:00:04:56:00
V110 54:4b:8c:d3:40:32 DRP vtep-7.32771 2001:db8::1
V110 84:03:28:50:3c:e0 DRP vtep-7.32770 2001:db8::1:1
Meaning
The output for this command shows the MAC addresses that were populated in the MAC table.