EVPN
-
Support for detecting local and global loops in EVPN fabrics (QFX5130-32CD and QFX5700)—Starting in Junos OS Evolved Release 23.2R1, we've enhanced the duplicate MAC address detection feature to take a configured action when a duplicate MAC address is detected. Loops can occur when provider edge (PE) devices continuously forward frames back and forth to one another in the same broadcast domain.
To detect and resolve these loops, use the following statements at the
[edit routing-instances name protocols evpn duplicate-mac-detection]
hierarchy level on your peer devices:-
action <block | shutdown>
The
block
option blocks any packet that has the source MAC address or destination MAC address of the duplicate MAC address. Theshutdown
option shuts down the duplicate MAC address's local interface. -
include-local-moves
. This statement tracks duplicate MAC address movements that occur on local interfaces.
To manually clear the duplicate MAC addresses, issue the
clear evpn duplicate-mac-suppression <instance name | l2-domain-id | mac-address>
command.To manually recover the interface that was shut down, issue the
clear ethernet-switching recovery-timeout
command. -
-
Symmetric Type 2 EVPN-VXLAN to EVPN-VXLAN DCI stitching (QFX5130-32CD and QFX5700)—Starting in Junos OS Evolved Release 23.2R1, we support EVPN-VXLAN to EVPN-VXLAN symmetric Type 2 route stitching between data center networks using Data Center Interconnect (DCI). Your network can more efficiently interoperate with data center networks with other vendors that support symmetric Type 2 route stitching. Symmetric Type 2 route stitching means that VXLAN tunnel endpoint (VTEP) interfaces perform routing and bridging on both ingress and egress sides of the VXLAN tunnel. We also support group-based policy (GBP) tag propagation for both EVPN Type 2 and Type 5 routes over an EVPN-VXLAN stitched network.
[See Symmetric Integreated Routing and Bridging with EVPN Type 2 Routes in EVPN-VXLAN Fabrics.]
-
Domain path attribute for EVPN-VXLAN Type 5 stitching (QFX5130-32CD and QFX5700)—Starting in Junos OS Evolved Release 23.2R1, we support domain path with EVPN Type 5 routes. Domain path is a BGP attribute used along with EVPN Type 5 routes to identify domains through which routes have already passed.
[See domain-path-id.]
-
Hard interface shutdown when a device detects EVPN core isolation conditions (PTX10001-36MR, PTX10003, PTX10004, PTX10008, PTX10016, QFX5130-32CD, and QFX5700)—Starting in Junos OS Evolved Release 23.2R1, you can configure a device to bring associated interfaces down (hard shutdown) when the device detects an EVPN core isolation event. In the CLI:
-
Define a service tracking profile for detecting core isolation conditions.
-
Set the
link-down
service tracking action in the profile. -
Assign the profile to the interfaces you want the device to bring down after it detects a core isolation condition.
We support core isolation service tracking on:
-
Links to single-homed customer edge (CE) devices.
-
Ethernet segment identifier (ESI) LAG member interfaces to multihomed CE devices.
[See Layer 2 Interface Status Tracking and Shutdown Actions for EVPN Core Isolation Conditions, network-isolation and network-isolation-profile.]
-
-
Simplified configuration for ESI LAGs with EVPN dual homing (QFX5130-32CD and QFX5700)—Starting in Junos OS Evolved Release 23.2R1, we support a new CLI statement hierarchy level,
[edit services evpn]
. Using statements at this hierarchy level, you can specify the device attributes and other parameters to configure an Ethernet segment in an EVPN fabric. This new configuration simplifies setting up EVPN fabrics with Ethernet segment identifier (ESI) link aggregation groups (LAGs) for dual-homing peer provider edge (PE) devices.When you commit a configuration at this hierarchy level, the device automatically invokes commit scripts to create a corresponding configuration on the device. You must specify some mandatory elements. You can also include optional elements. For optional elements that you don't specify, the automatic configuration scripts automatically derive the optional elements (or the scripts use default parameters).
The resulting automatic configuration includes the applicable configuration stanzas corresponding to the different elements you specify at the
[edit services evpn]
hierarchy level.The new hierarchy includes options to override some defaults, and you can override auto-configured settings by manually configuring the related statements.