VXLAN, BGP EVPN without myths and packet capture

OSPF
VXLAN, BGP EVPN without myths and packet capture
Topology A: IBGP for overlay and OSPF for underlay
192.168.1.11 192.168.1.22
Seyfi TOPUZ, BGP eVPN

Leaf_1
router bgp 65100
router-id 1.1.1.1
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 65100
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 ebgp-multihop 4
neighbor 2.2.2.2 send-community
!
vlan 10
rd 1.1.1.1:10
route-target import 10:1001
route-target export 10:1001
redistribute learned
!
address-family evpn
neighbor 2.2.2.2 activate
!
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 10 vni 1001
!
interface Ethernet2
switchport access vlan 10
Leaf_2
router bgp 65100
router-id 2.2.2.2
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 65100
neighbor 1.1.1.1 update-source Loopback0
neighbor 1.1.1.1 ebgp-multihop 4
neighbor 1.1.1.1 send-community
!
vlan 20
rd 2.2.2.2:10
redistribute learned
!
address-family evpn
neighbor 1.1.1.1 activate
!
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 20 vni 1001
!
interface Ethernet2
switchport access vlan 20
Spine
router ospf 1
network 3.3.3.3/32 area 0.0.0.0
network 10.0.13.0/29 area
0.0.0.0
network 10.0.32.0/29 area
0.0.0.0
max-lsa 12000
!

• This is the basic BGP EVPN topology, IGP used as underlay protocol and IBGP used as
overlay (Control Protocol).
• Spine is actually not spine, only hostname is spine. It’s a dummy router, running only
OSPF. it’s not BGP EVPN or VXLAN aware.
• If SPINE is “dummy” why we are using this router and why we are running OSPF on it?
o The answer is; I didn't want to change the topology for the other EVPN scenarios
and waste my time. You can connect Leaf_1 and Leaf_2 back to back and write
static routes for loopback IP addresses.
• Underlay IGP is not required or essential for the basic and simplest VXLAN topology.
• I chose iBGP but you can use eBGP for this topology.

Leaf_1#sh inte vxl 1
Vxlan1 is up, line protocol is up (connected)
Source interface is Loopback1 and is active with 11.11.11.11
Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is [10, 1001]
Headend replication flood vtep list is:
10 22.22.22.22
Leaf_1#sh vx vni
VNI to VLAN Mapping for Vxlan1
VNI VLAN Source Interface 802.1Q Tag
---------- ---------- ------------ --------------- ----------
1001 10 static Ethernet2 untagged
Vxlan1 10
Leaf_2#sh inte vxl 1
Vxlan1 is up, line protocol is up (connected)
Source interface is Loopback1 and is active with 22.22.22.22
Flood Mode is headend with Flood List Source: EVPN
Remote MAC learning via EVPN
VNI mapping to VLANs
Static VLAN to VNI mapping is [20, 1001]
Headend replication flood vtep list is:
20 11.11.11.11
Leaf_2#sh vx vni
VNI to VLAN Mapping for Vxlan1
VNI VLAN Source Interface 802.1Q Tag
---------- ---------- ------------ --------------- ----------
1001 20 static Ethernet2 untagged
Vxlan1 20
Please note, VLAN 10 and VLAN 20 are in same bridge domain, VNI
Leaf_2#sh bgp evpn route-type mac-ip
Router identifier 2.2.2.2, local AS number 65100
Network Next Hop Metric LocPref Weight Path
* > RD: 1.1.1.1:10 mac-ip 0050.7966.6805
11.11.11.11 - 100 0 i
* > RD: 2.2.2.2:10 mac-ip 0050.7966.6806
- - - 0 i
RD and MAC mathed

Leaf_1#sh bgp evpn route-type mac-ip
BGP routing table information for VRF default
Network Next Hop Metric LocPref Weight Path
When topology is idle, I mean, there is no interesting traffic, MAC IP table is empty.
After 1st ping from the VPC_1;
VPCS_1> arp
arp table is empty
VPCS_1> ping 192.168.1.22
84 bytes from 192.168.1.22 icmp_seq=1 ttl=64 time=36.578 ms
84 bytes from 192.168.1.22 icmp_seq=2 ttl=64 time=37.401 ms
VPCS> arp
00:50:79:66:68:06 192.168.1.22 expires in 117 seconds

From the previous slide we can understand:
• BGP type is Type Code: MP_REACH_NLRI (14)
• Router target sent , if it matches receiving router’s import policies, it will accept the BGP EVPN type 2
route.
router bgp 65100
router-id 2.2.2.2
vlan 20
rd 2.2.2.2:10
• The manner of route target and route distinguisher is similar to their usage in MPLS.
• Please note that mac address of PC1 advertised via BPG, so we say BGP is a control plane protocol.
• IN next slide you will see ARP packet encapsulated (suppressed in VXLAN).

ARP packet is encapsulated in VXLAN so there is no broadcast seen between locations & VTEPs.
But when you capture ARP packet in PC_2 interface, you will see the broadcast packet like you see in traditional networks.
VPC_1 > arp
00:50:79:66:68:06 192.168.1.22 expires in 114 seconds

• If underlay routing protocol is not mandatory, why all vendors in all
tutorials use an underlay protocol?
o It’s used for scalability.
• Is the BGP RR required when you are using BGP for underlay routing
protocol ?
o BGP RR is required for iBGP to get rid of full mesh topology.
o If you are establishing eBGP between Spine and Leaf switches
BGP RR is not required.
o Route updates received from iBGP peers do not advertised to
other iBGP routers.
• There is nothing special to BGP EVPN about RR.

VXLAN, BGP EVPN without myths and packet capture

More Related Content

What's hot

Similar to VXLAN, BGP EVPN without myths and packet capture

Recently uploaded

VXLAN, BGP EVPN without myths and packet capture