evpn-vxlan
Syntax
evpn-vxlan {
gbp {
ingress-enforcement;
tag-only-policy;
}
host-originated-packets {
gbp-src-tag gbp-src-tag;
}
}Hierarchy Level
[edit forwarding-options] [edit logical-systems name routing-instances name forwarding-options]
Description
You can:
-
Enable the
evpn-vxlan gbp ingress-enforcementstatement to configure policy enforcement at the ingress node. -
Enable the
evpn-vxlan gbp tag-only-policystatement to allow only GBP source and destination tags as matches in Group Based Policy (GBP) policy. Configuring the IPv4 and IPv6 L4 filters can reduce the supported GBP scale. These matches are supported by default, however on the EX4650 series, QFX5120-32C, and QFX5120-48Y switches, you can use theset forwarding-options evpn-vxlan gbp tag-only-policyto allow only GBP source and destination tags as matches in GBP policy. -
Enable the
evpn-vxlan host-originated-packets gbp-src-tag gbp-src-tagstatement to insert the GBP source tag in all host generated packets.
Options
| gbp ingress-enforcement |
Enable GBP ingress policy enforcement. |
| gbp tag-only-policy |
Allow only GBP source and destination tags as matches in GBP policy enforcement. The Packet Forwarding Engine (PFE) restarts when you issue a set/delete of the statement. |
| host-originated-packets gbp-src-tag gbp-src-tag |
GBP source tag for host originated packets (range is 1 through 65535). |
Default
Not enabled
Required Privilege Level
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 22.4R1 for supported EX4100, EX4400, EX4650, and QFX5120 Series switches.
tag-only-policy option introduced in 23.2R1 for the
QFX5120-48YM, QFX5120-48Y, and EX4650-48Y Series switches.