EVPN is an Ethernet VPN technology that extends layer 2 networks over a layer 3 underlay. It uses BGP as the control plane to distribute MAC addresses and Ethernet segment information between provider edge (PE) devices. EVPN supports various data plane encapsulations like MPLS, VXLAN, and NVGRE. It provides an integrated solution for layer 2 and layer 3 VPNs that addresses scaling challenges in traditional VPLS deployments.

1. EVPN Introduction
• Nurul Islam Roman, Optus, Australia

2. What is EVPN?
• Full form is Ethernet VPN
• Carry layer 2 traffic over (Overlay) a Layer 3 network (Underlay)
• In theory EVPN could use any data plane encapsulation method
• MPLS, VXLAN, MPLS-over-GRE/UDP etc
• In practise it is used with MPLS and VXLAN data plane encapsulation
so far.
• So EVPN is a control plane technology and data plane can be MPLS or
VXLAN

3. Traditional Network
• L2 Segmentation using VLAN
• Multiple VLAN on a switch
• One IP subnet for each VLAN
• SVI/Sub-if to do inter-VLAN routing

4. Challenges for New Demand
• Dot 1Q encap/Q-in-Q tunnel to
extend VLAN across multiple physical
Switches
• Redundant path is STP block
• Etherchannel to bundle multiple link
• No control plane to learn MAC
• Dataplane support MAC learning
(ARP)

5. Challenges for New Demand
• Expand L2 network across DC, Sites
or wider geographic region
• Can we extend the trunk link or is
this a practical solution?
• Current infrastructure is a routed
network and proven to be very
stable.
• Can a tunnelling technology address
these challenges?
• MAC address learning- Control Plane
• Data (Frame) forwarding- Data Plane

6. Do we already have a solution for these?
• Cisco FabricPath
• IETF TRILL (TRansparent
Interconnection of Lots of Links)
• Need a link state routing protocol
• VPWS/VPLS and so on
• BGP base to exchange label
• L2 MAC learning still data plane driven
• No large-scale deployment

7. VPLS (Martini & Kompella)Model
• Each tenant is represented by a VSI or similar
• Each VSI is an extended bridge domain within a
carrier MPLS network
• Full mesh VC tunnel among VSI
• MP-BGP l2-vpn address family control plane
protocol is to exchange VPN labels only
• Tunnel label and VC label
• MAC address learning is still
Flooding/Forwarding based
• Scaling issue for carrier network for large scale
deployment
• Bandwidth cost limiting the scale
• Need separate control plane protocol for L3
VPN

8. VPLS (Martini & Kompella)Model- Continue
• L2 and L3 VPN on different address
family
• VPNv4 AFI
• l2VPN AFI
• Client L2 and L3 gateways are not
integrated
• Gateway deployment design introduce
scalability issue for future growth
• Introduce new integrated control plane
protocol EVPN to address these
challenges

9. Will EVPN be a Replacement of Current L2
VPN Technologies?
• Current Layer 2 VPN technologies experiencing limitations
• VPWS, VPLS has scaling issues for large scale deployment
• Use dataplane forwarding to learn MAC address
• Routing services require separate config which sometime can cause hairpin
routing limitation
• Improved Network Efficiency
• No more data plane traffic to simulate ARP flooding instead use MP-BGP to
exchange MAC address via L3 underlay
• Integrated Layer 2/Layer 3 Functionality introducing IRB

10. Will EVPN be an Open Standard?
• There are a number of RFC covers EVPN technology
• BGP based widely used EVPN RFC is RFC7432
• A number of vendors started implementing EVPN since the early
stage of the RFC process.
• E.g. draft-ietf-l2vpn-evpn stage
• Juniper QFX, MX and EX product range
• Cisco Nexus product range
• Interoperability among the vendors are still a challenge

11. VxLAN

12. VxLAN Data Plane Encapsulation Protocol
• VXLAN - Virtual eXtensible Local Area Network
• VNI - VXLAN Network Identifier
• VXLAN Segment ID 24bit will map to VLAN ID
• VTEP -VXLAN Tunnel End Point
• A device (E.G. a PE) originates and/or terminates
VXLAN tunnels
• VXLAN Segment
• VXLAN Layer 2 overlay network span across VTEP
• VXLAN Gateway
• L2: Forward L2 traffic across same VLANs on VTEP
• L3: Forward L3 traffic between different VLAN on
VTEP

13. VxLAN Data Plane- Inside VxLAN Header
• 64 bit length
• VNI 24 bit
• I flag bit is set to 1
for valid VNI
• R flag is reserved
and need to be 0

14. VXLAN End Host Discovery
• Option 1: Flood & Learn
• Similar to VPLS, the original implementation
of VxLAN relies on the data plane flood and
learn discovery scheme.
• Option 2: Separate Control Plane Learning
• To address the scalability concern of flood and
learn discovery, other controller-less control
plane discovery scheme such BGP EVPN and
OVSDB have been defined by IETF
• Other SDN controller-based discovery scheme
such as Cisco APIC or Juniper Contrail is an
example.

15. EVPN Data Plane Encapsulation Options

16. MPLS Label for Data Plane Encapsulation
• Probably be a topic for future
bdNOG tutorial/Workshop

17. BGP EVPN Building Blocks
• EVPN – Ethernet VPN
• EVI -EVPN Instance
• Span customer EVPN across PE devices
• MAC-VRF
• Virtual Routing and Forwarding table for
MAC addresses on a PE
• IP-VRF
• Virtual Routing and Forwarding table for IP
addresses on a PE
• ES -Ethernet Segment
• Multihome customer site via a set of
Ethernet links
• DF –Designated Forwarder

18. BGP EVPN Building Blocks- Continue
• VTEP -VXLAN Tunnel End Point
• A device (E.G. a PE) originates
and/or terminates VXLAN tunnels
• NVE -Network Virtualization Edges
• Tunnel interface for VTEP
• NVGRE -Network Virtualization
using Generic Routing
Encapsulation

19. Overlay and Underlay Network
• Underlay
• The underlay is the Layer 3 IP network
that routes encapsulated frame/packet
as normal IP traffic
• Overlay
• An overlay network is a service built on
top of a physical network. It decouples
network services from the underlaying
infrastructure by further encapsulation
of packet/frame inside another packet

20. BUM Traffic
• Broadcast
• Unknown Unicast
• Multicast
• Two way to facilitate host MAC address
learning
• Flood & learn
• BGP EVPN control plane

21. BUM Traffic
• Flood and learn is old way
• BGP EVPN is new way
• Facilitate only for known MAC
• BUM traffic steel need a solution
• IP Multicast underlay. L2 VNI mapped to IP
multicast group. VTEP send PIM join/prune
message
• Enable Ingress Replication (IR) or Head-End
Replication (HER). Ingress router build as a flood
list to forward BUM traffic to all remote VTEP
(Recently introduced)

22. EVPN Service Model
• EVPN service model or deployment scenarios specifies 3 ways VLAN-to-
VNI Mapping can be achieved
1. VLAN-Based Service Interface
2. VLAN Bundle Service Interface / Port-Based Service Interface
3. VLAN-Aware Bundle Service Interface
• Most vendors however, only support option 1 and 3 from the list above

23. EVPN Service Model
1. VLAN-Based Service Interface
• Has a one-to-one mapping between a VLAN ID on the interface and a MAC-VRF
• EVPN instance consists of only a single broadcast domain.
2. VLAN Bundle Service Interface
• Has a many-to-one mapping between VLANs and a MAC-VRF, and the MAC-VRF consists of a single bridge
table.
• EVPN instance corresponds to multiple broadcast domains
3. VLAN-Aware Bundle Service Interface
• EVPN instance consists of multiple broadcast domains with
• Each VLAN having its own bridge table.

24. EVPN Route Types

25. EVPN Route Types 1
• Known as Ethernet Auto-Discovery
Route
• Used for remote VTEP auto discovery
• Used for advertising split-horizon label
• Provides fast convergence through
mass withdrawal
• An Ethernet Tag ID is a 32-bit field
containing either a 12-bit or 24-bit
identifier
• Identifies a particular broadcast domain
for instance VLAN in an EVPN instance.

26. EVPN Route Types 2
• Known as MAC/IP advertisement route
• Used to provides end-host reachability
information

27. EVPN Route Types 3
• Known as Inclusive Multicast Ethernet
Tag (IMET) route
• Used to create the distribution list for
ingress replication
• Used to set up paths for BUM traffic
per VLAN per EVI basis
• Used to discover the multicast tunnels
among the endpoints associated with a
given EVI

28. EVPN Route Types 4
• Known as Ethernet segment Route
• Used for Ethernet Segment auto-
discovery by allowing VNE with the
same ESI to discover each other
• It allows for designated forwarder (DF)
election

29. EVPN Route Types 5
• Known as IP Prefix Route
• Used to decouple IP Prefix from
MAC/IP route to provide IP prefix
advertisement

30. Distributed Anycast Gateway
• Gateway is closer to the end-hosts
• Eliminate traffic hair pinning and
unnecessary traffic backhauling to
centralized gateway
• Uses Anycast Gateway MAC (AGM)
address to prevent traffic block-holed
resulting from MAC mobility

31. Ethernet Segment Identifier (ESI) LAG
• Gateway is closer to the end-hosts
• Eliminate traffic hair pinning and
unnecessary traffic backhauling to
centralized gateway
• Use an Ethernet Segment Identifier to
tag the MAC on local interface
• Uses Anycast Gateway MAC (AGM)
address to prevent traffic block-holed
resulting from MAC mobility

32. Integrated Routing and Bridging (IRB)
• (IRB) allows the device in an EVPN to
perform both bridging and routing on
single bridge domain.
• Bridge domain performs bridging when
it forwards traffic to the same subnet &
VLAN
• Bridge Domain Interface performs
routing when it forwards traffic to a
different subnet & VLAN

33. Integrated Routing and Bridging (IRB)
• Two Types of IRB Operation
• Asymmetric IRB- via L2 VRF
• Symmetric IRB- via L3 VRF by exchanging routes

34. Hands on
• Lets do a quick LAB demo

35. Hands on
• L2 VPN

36. Lab Topology
• Two Spine
• Two Leaves
• Four Host
• Two VLANs
• VLAN 10
• VLAN 20
• Two Subnets
• VLAN 10: 10.10.1.0/24
• VLAN 20: 10.20.1.0/24

37. Underlay Config
• Interface
interface eth1/1
no switchport
ip unnumbered loop0
mtu 9216
no shut
interface eth1/2
no switchport
ip unnumbered loop0
mtu 9216
no shut
interface loopback 0
description *** VTEP ***
ip address 192.168.0.1/32

38. Underlay Config
• OSPF
router ospf OSPF_UNDERLAY
log-adjacency-change
interface loopback 0
ip router ospf
OSPF_UNDERLAY area 0.0.0.0
interface ethernet1/1-2
medium p2p
ip router ospf
OSPF_UNDERLAY area 0.0.0.0

39. Underlay Config
• Forward BUM Traffic using IP Multicast (PIM)
int loopback 1
ip address 1.2.3.4/32
ip router ospf OSPF_UNDERLAY area
0.0.0.0
ip pim sparse-mode
ip pim rp-address 1.2.3.4 group-list
224.0.0.0/4
ip pim ssm range 232.0.0.0/8
ip pim anycast-rp 1.2.3.4 192.168.0.1
ip pim anycast-rp 1.2.3.4 192.168.0.2
interface loopback 0
ip pim sparse-mode
interface e1/1-2
ip pim sparse-mode

40. Overlay Config- L2 VPN
• Spine to be used for overlay RR only
router bgp 64520
log-neighbor-changes
address-family ipv4 unicast
address-family l2vpn evpn
retain route-target all
template peer VXLAN_OVERLAY
remote-as 64520
update-source loop0
address-family ipv4 unicast
send-community extended
route-reflector-client
soft-reconfiguration inbound
address-family l2vpn evpn
send-community
send-community extended
route-reflector-client
neighbor 192.168.0.3
inherit peer VXLAN_OVERLAY
neighbor 192.168.0.4
inherit peer VXLAN_OVERLAY

41. Overlay Config- Leaf Contain Main EVPN Config
• Enable VTEP Interface
Interface nve1
no shut
host-reachability
protocol bgp
source-interface loop0
sh interface nve1
(Verify)

42. Overlay Config- Leaf Contain Main EVPN Config
• Verify VTEP Interface
Leaf-1# sh interface nve 1
nve1 is up
admin state is up, Hardware: NVE
MTU 9216 bytes
Encapsulation VXLAN
Auto-mdix is turned off
RX
ucast: 0 pkts, 0 bytes - mcast: 0 pkts, 0 bytes
TX
ucast: 0 pkts, 0 bytes - mcast: 0 pkts, 0 bytes

43. Overlay Config- Leaf Contain Main EVPN Config
• BGP EVPN Config
router bgp 64520
log-neighbor-changes
address-family ipv4
unicast
address-family l2vpn evpn
retain route-target all
template peer
VXLAN_RR_OVERLAY
remote-as 64520
update-source loop0

44. Overlay Config- Leaf Contain Main EVPN Config
• BGP EVPN Config
address-family ipv4 unicast
send-community extended
soft-reconfiguration
inbound
address-family l2vpn evpn
send-community
send-community extended
neighbor 192.168.0.1
inherit peer VXLAN_RR_OVERLAY
neighbor 192.168.0.2
inherit peer VXLAN_RR_OVERLAY

45. Overlay Config- Leaf Contain Main EVPN Config
• Verify BGP EVPN Signalling Status
Leaf-1# sh bgp ipv4 uni nei 192.168.0.1 | inc "Address
family L2VPN EVPN"
Address family L2VPN EVPN: advertised received
Leaf-1# sh bgp ipv4 uni nei 192.168.0.2 | inc "Address
family L2VPN EVPN"
Address family L2VPN EVPN: advertised received

46. Anycast Gateway
• Configuration & Verification
hardware access-list tcam region arp-ether 256
fabric forwarding anycast-gateway-mac 0000.0011.1234
Leaf-1# show fabric forwarding internal topo-info |
grep Anycast
Forward Mode : Anycast Gateway
Forward Mode : Anycast Gateway

47. Switch VLAN & VxLAN Related Config
• Required VLAN and VNI Map
vlan 10
vn-segment 100010
vlan 20
vn-segment 100020

48. Switch VLAN & VxLAN Related Config
• L2 Gateway
interface vlan10
no shutdown
ip address 10.10.1.254/24
fabric forwarding mode
anycast-gateway
interface vlan20
no shutdown
ip address 10.20.1.254/24
fabric forwarding mode
anycast-gateway

49. Switch VLAN & VxLAN Related Config
• L2 VRF/MAC VRF
evpn
vni 100010 l2
rd auto
route-target import auto
route-target export auto
evpn
vni 100020 l2
rd auto
route-target import auto
route-target export auto

50. Switch VLAN & VxLAN Related Config
• Access port config
interface e1/7
switchport mode access
switchport access vlan 10
no shut
interface e1/6
switchport mode access
switchport access vlan 20
no shut

51. Switch VLAN & VxLAN Related Config
• Verify L2VRF table for each VNI
Leaf-1# show bgp l2vpn evpn vni-id 100010
[*** Snip ***]
Network Next Hop Metric LocPrf Weight
Path
Route Distinguisher: 192.168.0.3:32777 (L2VNI 100010)
*>l[2]:[0]:[0]:[48]:[0050.7966.6805]:[0]:[0.0.0.0]/216
192.168.0.3 100 32768 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[0]:[0.0.0.0]/216
192.168.0.4 100 0 i
*>l[2]:[0]:[0]:[48]:[0050.7966.6805]:[32]:[10.10.1.1]/272
192.168.0.3 100 32768 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[32]:[10.10.1.2]/272
192.168.0.4 100 0 i

52. Switch VLAN & VxLAN Related Config
• Verify L2VRF table for each VNI
Leaf-1# show bgp l2vpn evpn vni-id 100020
[*** Snip ***]
Network Next Hop Metric LocPrf Weight
Path
Route Distinguisher: 192.168.0.3:32787 (L2VNI 100020)
*>l[2]:[0]:[0]:[48]:[0050.7966.6806]:[0]:[0.0.0.0]/216
192.168.0.3 100 32768 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[0]:[0.0.0.0]/216
192.168.0.4 100 0 i
*>l[2]:[0]:[0]:[48]:[0050.7966.6806]:[32]:[10.20.1.1]/272
192.168.0.3 100 32768 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[32]:[10.20.1.2]/272
192.168.0.4 100 0 i

53. Switch VLAN & VxLAN Related Config
• Verify MAC VRF Table
Leaf-1# sh system internal l2fwder mac
[*** Snip ***]
VLAN MAC Address Type age Secure NTFY Ports
---------+-----------------+--------+---------+------+----+------------------
* 20 0050.7966.6808 static - F F (0x47000001) nve-peer1
192.168
* 10 0050.7966.6805 dynamic 00:00:26 F F Eth1/7
G 20 5001.0003.0007 static - F F sup-eth1(R)
G 10 5001.0003.0007 static - F F sup-eth1(R)
* 20 0050.7966.6806 dynamic 00:03:56 F F Eth1/6
* 10 0050.7966.6807 static - F F (0x47000001) nve-peer1
192.168
G 555 5001.0003.0007 static - F F sup-eth1(R)
1 1 -00:00:00:11:12:34 - 1

54. Switch VLAN & VxLAN Related Config
• Verify MAC VRF Table
Leaf-2# sh system internal l2fwder mac
[*** Snip ***]
VLAN MAC Address Type age Secure NTFY Ports
---------+-----------------+--------+---------+------+----+------------------
* 20 0050.7966.6808 dynamic 00:04:57 F F Eth1/6
* 10 0050.7966.6805 static - F F (0x47000001) nve-peer1
192.168
G 20 5001.0003.0007 static - F F sup-eth1(R)
G 10 5001.0003.0007 static - F F sup-eth1(R)
* 20 0050.7966.6806 static - F F (0x47000001) nve-peer1
192.168
* 10 0050.7966.6807 dynamic 00:00:55 F F Eth1/7
G 555 5001.0003.0007 static - F F sup-eth1(R)
1 1 -00:00:00:11:12:34 - 1

55. Hands on
• L3 VPN

56. Overlay Config- L3 VPN
• L3 gateway VLAN & VNI
VLAN 555
vn-segment 500555

57. Overlay Config- L3 VPN
• L3 VRF config
vrf context CUST1
vni 500555
rd auto
address-family ipv4
unicast
route-target both auto
route-target both auto
evpn

58. Overlay Config- L3 VPN
• IRB Interface config
interface vlan 555
no shutdown
vrf member CUST1
ip forward

59. Overlay Config- L3 VPN
• Allow L3 VNI through the VTEP
interface nve1
member vni 500555
associate-vrf

60. Overlay Config- L3 VPN
• BGP config VRF context
router bgp 64520
vrf CUST1
log-neighbor-change
address-family ipv4
unicast
network 10.10.1.0/24
network 10.20.1.0/24
advertise l2vpn evpn

61. Overlay Config- L3 VPN
• Assign anycast GW to L3 VRF
interface vlan10
vrf member CUST1
ip address 10.10.1.254/24
fabric forwarding mode
anycast-gateway
interface vlan20
vrf member CUST1
ip address 10.20.1.254/24
fabric forwarding mode
anycast-gateway

62. Config Verification- L3 VPN
• Verify L3VRF table for each VNI
Leaf-1# show bgp l2vpn evpn vni-id 500555
[Snip]
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 192.168.0.3:3 (L3VNI 500555)
*>i[2]:[0]:[0]:[48]:[0050.7966.6807]:[32]:[10.10.1.2]/272
192.168.0.4 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6808]:[32]:[10.20.1.2]/272
192.168.0.4 100 0 i
* i[5]:[0]:[0]:[24]:[10.10.1.0]:[0.0.0.0]/224
192.168.0.4 100 0 i
*>l 192.168.0.3 100 32768 i
* i[5]:[0]:[0]:[24]:[10.20.1.0]:[0.0.0.0]/224
192.168.0.4 100 0 i
*>l 192.168.0.3 100 32768 i

63. Config Verification- L3 VPN
• Verify L3VRF table for each VNI
Leaf-2# show bgp l2vpn evpn vni-id 500555
[Snip]
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 192.168.0.4:3 (L3VNI 500555)
*>i[2]:[0]:[0]:[48]:[0050.7966.6805]:[32]:[10.10.1.1]/272
192.168.0.3 100 0 i
*>i[2]:[0]:[0]:[48]:[0050.7966.6806]:[32]:[10.20.1.1]/272
192.168.0.3 100 0 i
*>l[5]:[0]:[0]:[24]:[10.10.1.0]:[0.0.0.0]/224
192.168.0.4 100 32768 i
* i 192.168.0.3 100 0 i
*>l[5]:[0]:[0]:[24]:[10.20.1.0]:[0.0.0.0]/224
192.168.0.4 100 32768 i
* i 192.168.0.3 100 0 i

64. Hands on
• L3 VPN Juniper vQFX10K

65. Juniper vQFX10K- Config
• Underlay (Spine Interface)
set interfaces lo0 unit 0 description "*** SPINE LOOPBACK ***"
set interfaces lo0 unit 0 family inet address 172.16.0.1/32
set interfaces xe-0/0/0 mtu 9216
set interfaces xe-0/0/0 unit 0 description "SPINE-1-LEAF-1***"
set interfaces xe-0/0/0 unit 0 family inet address
192.168.0.1/30
set interfaces xe-0/0/1 mtu 9216
set interfaces xe-0/0/1 unit 0 description "SPINE-1-LEAF-2***"
set interfaces xe-0/0/1 unit 0 family inet address
192.168.0.5/30

66. Juniper vQFX10K- Config
• Underlay (Spine OSPF)
set routing-options router-id 172.16.0.1
set protocols ospf area 0.0.0.0 interface lo0.0
passive
set protocols ospf area 0.0.0.0 interface xe-0/0/0.0
set protocols ospf area 0.0.0.0 interface xe-0/0/0.0
interface-type p2p
set protocols ospf area 0.0.0.0 interface xe-0/0/1.0
set protocols ospf area 0.0.0.0 interface xe-0/0/1.0
interface-type p2p

67. Juniper vQFX10K- Config
• Underlay (Leaf Interface)
• Leaf 1
set interfaces lo0 unit 0 description "*** VTEP NEXT-HOP ***"
set interfaces lo0 unit 0 family inet address 172.16.1.1/32
set interfaces xe-0/0/0 mtu 9216
set interfaces xe-0/0/0 unit 0 description "SPINE-1-LEAF-1***"
set interfaces xe-0/0/0 unit 0 family inet address 192.168.0.2/30
• Leaf 2
set interfaces lo0 unit 0 description "*** VTEP NEXT-HOP ***"
set interfaces lo0 unit 0 family inet address 172.16.1.2/32
set interfaces xe-0/0/0 mtu 9216
set interfaces xe-0/0/0 unit 0 description "SPINE-1-LEAF-2***"
set interfaces xe-0/0/0 unit 0 family inet address 192.168.0.6/30

68. Juniper vQFX10K- Config
• Underlay (Leaf OSPF)
• Leaf 1
set routing-options router-id 172.16.1.1
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface xe-0/0/0.0
set protocols ospf area 0.0.0.0 interface xe-0/0/0.0 interface-
type p2p
• Leaf 2
set routing-options router-id 172.16.1.2
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface xe-0/0/0.0
set protocols ospf area 0.0.0.0 interface xe-0/0/0.0 interface-
type p2p

69. Juniper vQFX10K- Config
• Overlay (Leaf BGP)
• Leaf 1
set protocols bgp group OVERLAY type internal
set protocols bgp group OVERLAY local-address 172.16.1.1
set protocols bgp group OVERLAY family evpn signaling
set protocols bgp group OVERLAY neighbor 172.16.1.2 description LEAF-2
set protocols bgp group OVERLAY neighbor 172.16.1.2 peer-as 65500
set protocols bgp group OVERLAY neighbor 172.16.1.2 local-as 65500
• Leaf 2
set protocols bgp group OVERLAY type internal
set protocols bgp group OVERLAY local-address 172.16.1.2
set protocols bgp group OVERLAY family evpn signaling
set protocols bgp group OVERLAY neighbor 172.16.1.1 description LEAF-2
set protocols bgp group OVERLAY neighbor 172.16.1.1 peer-as 65500
set protocols bgp group OVERLAY neighbor 172.16.1.1 local-as 65500

70. Juniper vQFX10K- Config
• Overlay (Leaf VxLAN Encap)
• Leaf 1
set protocols evpn encapsulation vxlan
set protocols evpn multicast-mode ingress-replication
• Leaf 2
set protocols evpn encapsulation vxlan
set protocols evpn multicast-mode ingress-replication

71. Juniper vQFX10K- Config
• Overlay (Leaf L3 VRF Config)
• Leaf 1
set routing-instances CUST_A instance-type vrf
set routing-instances CUST_A interface irb.100
set routing-instances CUST_A interface lo0.1
set routing-instances CUST_A route-distinguisher 172.16.1.1:5000
set routing-instances CUST_A vrf-target target:300:5000
set routing-instances CUST_A protocols evpn ip-prefix-routes advertise direct-nexthop
set routing-instances CUST_A protocols evpn ip-prefix-routes encapsulation vxlan
set routing-instances CUST_A protocols evpn ip-prefix-routes vni 5000
• Leaf 2
set routing-instances CUST_A instance-type vrf
set routing-instances CUST_A interface irb.400
set routing-instances CUST_A interface lo0.1
set routing-instances CUST_A route-distinguisher 172.16.1.2:5000
set routing-instances CUST_A vrf-target target:300:5000
set routing-instances CUST_A protocols evpn ip-prefix-routes advertise direct-nexthop
set routing-instances CUST_A protocols evpn ip-prefix-routes encapsulation vxlan
set routing-instances CUST_A protocols evpn ip-prefix-routes vni 5000

72. Juniper vQFX10K- Config
• Overlay (Leaf Switch Option Config)
• Leaf 1
set switch-options vtep-source-interface lo0.0
set switch-options route-distinguisher 172.16.1.1:1
set switch-options vrf-target target:7777:7777
• Leaf 2
set switch-options vtep-source-interface lo0.0
set switch-options route-distinguisher 172.16.1.2:1
set switch-options vrf-target target:7777:7777

73. Juniper vQFX10K- Config
• Overlay (Leaf VLAN to VNI Map Config)
• Leaf 1
set vlans v100 vlan-id 100
set vlans v100 l3-interface irb.100
set vlans v100 vxlan vni 10010
set vlans v100 vxlan ingress-node-replication
• Leaf 2
set vlans v400 vlan-id 400
set vlans v400 l3-interface irb.400
set vlans v400 vxlan vni 10040
set vlans v400 vxlan ingress-node-replication

74. Juniper vQFX10K- Config
• Overlay (Leaf Host Switchport Config)
• Leaf 1
set interfaces irb unit 100 family inet address
10.10.10.254/24
set interfaces xe-0/0/11 unit 0 family ethernet-
switching vlan members v100
• Leaf 2
set interfaces irb unit 400 family inet address
40.40.40.254/24
set interfaces xe-0/0/11 unit 0 family ethernet-
switching vlan members v400

75. Question?