Preference-based and Non-revertive EVPN DF Election
This chapter provides information about Preference-based and Non-revertive EVPN DF Election.
Topics in this chapter include:
Applicability
This chapter was initially written based on SR OS Release 15.0.R3, but the MD-CLI in the current edition corresponds to SR OS Release 21.2.R2. Preference-based and non-revertive EVPN Designated Forwarder (DF) election is supported in SR OS Release 15.0.R1, and later. This mechanism works for Ethernet Segments (ESs) and virtual ESs (vESs).
Overview
RFC 7432 defines the Designated Forwarder (DF) in (PBB-)EVPN networks as the PE that will forward the following packets to a multi-homed node:
-
Broadcast, Unknown unicast, and Multicast (BUM) traffic in an all-active multi-homing Ethernet Segment (ES)
-
BUM and unicast in a single-active multi-homing ES
For more information about vESs, see chapter Virtual Ethernet Segments.
Virtual Ethernet Segments shows a topology with two vESs.
Taking the Ethernet VPN Identifier (EVI) or ISID and the number of PEs in the ES as input, the RFC 7432 service-carving algorithm elects the DF from the list of candidate PEs that advertise the ES identifier (ESI). While this algorithm provides an automated and fair DF distribution across services in the ES, it does not allow the operator to control what PE is the DF for which service. In addition, in case of a DF failure, when the former DF comes back up, a new DF switchover will cause unnecessary packet loss (this mode of operation is called revertive). SR OS implements draft-ietf-bess-evpn-pref-df to give more control to the operator on the DF election and avoid the revertive mode.
In SR OS, in addition to the automated service-carving, the DF election can also be controlled by configuring a preference manually. Also, it is possible to force an on-demand DF switchover without reconfiguring the PEs in the ES. Furthermore, the non-revertive option prevents an automatic switchover when a new active PE can preempt the existing DF PE. The non-revertive option avoids service impact when an ES comes back up.
BGP-EVPN extended community for DF election shows the BGP-EVPN extended community defined for DF election and the different values described in draft-ietf-bess-evpn-pref-df.
The "Do not preempt" (DP) bit is set to enable the non-revertive option. When preference-based service carving is configured in the ES, DF type 2 is advertised along with a 2-byte preference value, which is 32767 by default.
Service carving can be configured in auto mode or manual mode. The preference can only be configured in manual mode.
*[ex:/configure service system bgp evpn ethernet-segment "vESI-23_1" df-election]
A:admin@PE-2# service-carving-mode ?
service-carving-mode <keyword>
<keyword> - (auto|manual|off)
Default - auto
Mode of service carving enabled per EVPN associated with this Ethernet segment entry
When manual mode is enabled, the following parameters can be configured to control which PE will be elected as DF:
*[ex:/configure service system bgp evpn ethernet-segment "vESI-23_1" df-election]
A:admin@PE-2# manual ?
manual
evi + Enter the evi list instance
isid + Enter the isid list instance
preference + Enable the preference context
The EVI and ISID ranges configured in the service-carving context do not need to be consistent with any ranges configured for virtual ESs.
When preference is configured manually, the mode can be configured as revertive (default) or non-revertive:
*[ex:/configure service system bgp evpn ethernet-segment "vESI-23_1" df-election manual preference]
A:admin@PE-2# mode ?
mode <keyword>
<keyword> - (revertive|non-revertive)
Default - revertive
'mode' is: immutable
Method used to elect the DF
Warning: Modifying this element recreates 'configure service system bgp evpn
ethernet-segment "vESI-23_1" df-election manual preference' automatically for the
new value to take effect.
The preference-based EVPN DF election is as follows:
-
By default, all SAPs and spoke-SDPs on the configured ES select the highest-preference PE as DF; however, when the EVI or ISID ranges are configured in the ES, the lowest-preference PE is selected.
-
When the preference is equal, the DP bit is the tiebreaker: DP=1 wins over DP=0.
-
For equal preference and DP, the PE IP address is the tiebreaker: the lowest IP address wins.
Configuration
Example topology with all-active and single-active vESs shows the example topology with six nodes. EVPN-MPLS is configured between the core PE nodes. All-active vESs are configured between PE-2 and PE-3 and single-active vESs are configured between PE-4 and PE-5.
The initial configuration includes:
-
Cards, MDAs, ports
-
LAG 1 between MTU-1, PE-2, PE-3
-
Router interfaces
-
IS-IS (alternatively, OSPF could be used)
-
LDP
BGP is configured on the four core PEs with PE-2 as Route Reflector (RR). The BGP configuration on RR PE-2 is as follows:
# on RR PE-2:
configure {
router "Base" {
autonomous-system 64500
bgp {
vpn-apply-export true
vpn-apply-import true
rapid-withdrawal true
peer-ip-tracking true
split-horizon true
rapid-update {
evpn true
}
group "internal" {
peer-as 64500
family {
evpn true
}
cluster {
cluster-id 1.1.1.1
}
}
neighbor "192.0.2.3" {
group "internal"
}
neighbor "192.0.2.4" {
group "internal"
}
neighbor "192.0.2.5" {
group "internal"
}
}
VPLS 1 and VPLS 2 are configured on each node. The PEs have EVPN-MPLS enabled. The configuration on PE-2 is as follows:
# on PE-2:
configure {
service {
vpls "VPLS 1" {
admin-state enable
service-id 1
customer "1"
bgp 1 {
}
bgp-evpn {
evi 1
mpls 1 {
admin-state enable
ingress-replication-bum-label true
ecmp 2
auto-bind-tunnel {
resolution any
}
}
}
sap lag-1:1.1 {
}
}
vpls "VPLS 2" {
admin-state enable
service-id 2
customer "1"
bgp 1 {
}
bgp-evpn {
evi 2
mpls 1 {
admin-state enable
ingress-replication-bum-label true
ecmp 2
auto-bind-tunnel {
resolution any
}
}
}
sap lag-1:2.1 {
}
}
The configuration on the other PEs is similar; PE-4 and PE-5 have a spoke-SDP configured instead of a SAP. For an explanation of the configuration, see chapter EVPN for MPLS Tunnels.
Service carving: auto mode
On PE-2 and PE-3, the following all-active multi-homing vESs are configured:
# on PE-2, PE-3:
configure {
service {
system {
bgp {
evpn {
ethernet-segment "vESI-23_1" {
admin-state enable
type virtual
esi 01:00:00:00:00:23:01:00:00:01
multi-homing-mode all-active
df-election {
es-activation-timer 3
service-carving-mode auto
}
association {
lag "lag-1" {
virtual-ranges {
qinq {
s-tag 1 {
end 1
}
}
}
}
}
}
ethernet-segment "vESI-23_2" {
admin-state enable
type virtual
esi 01:00:00:00:00:23:02:00:00:01
multi-homing-mode all-active
df-election {
es-activation-timer 3
service-carving-mode auto
}
association {
lag "lag-1" {
virtual-ranges {
qinq {
s-tag 2 {
end 2
}
}
}
}
}
}
The service carving mode is set to auto, so the DF election is based on a modulo function of the EVI and the number of DF candidates. In the vES "vESI-23_1", there are two DF candidates, PE-2 and PE-3, listed in that order because PE-2 has the lower system IP address, as follows:
[/]
A:admin@PE-3# show service system bgp-evpn ethernet-segment name "vESI-23_1" all
| match "EVI Information" post-lines 19
EVI Information
===============================================================================
EVI SvcId Actv Timer Rem DF
-------------------------------------------------------------------------------
1 1 0 yes
-------------------------------------------------------------------------------
Number of entries: 1
===============================================================================
-------------------------------------------------------------------------------
DF Candidate list
-------------------------------------------------------------------------------
EVI DF Address
-------------------------------------------------------------------------------
1 192.0.2.2
1 192.0.2.3
-------------------------------------------------------------------------------
Number of entries: 2
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
===============================================================================
The first DF candidate from the list will be selected when the result of the modulo function equals 0; the second DF candidate when the result equals 1. The calculation is as follows:
The following shows that PE-2 is not the DF for VPLS 1, but it is the DF for VPLS 2:
[/]
A:admin@PE-2# show service id 1 ethernet-segment
===============================================================================
SAP Ethernet-Segment Information
===============================================================================
SAP Eth-Seg Status
-------------------------------------------------------------------------------
lag-1:1.1 vESI-23_1 NDF
===============================================================================
No sdp entries
No vxlan instance entries
[/]
A:admin@PE-2# show service id 2 ethernet-segment
===============================================================================
SAP Ethernet-Segment Information
===============================================================================
SAP Eth-Seg Status
-------------------------------------------------------------------------------
lag-1:2.1 vESI-23_2 DF
===============================================================================
No sdp entries
No vxlan instance entries
Instead of the preceding show commands, the following tools commands can be used:
[/]
A:admin@PE-2# tools dump service system bgp-evpn ethernet-segment "vESI-23_1" evi 1 df
[04/26/2021 09:19:25] Computed DF: 192.0.2.3 (Remote) (Boot Timer Expired: Yes)
[/]
A:admin@PE-2# tools dump service system bgp-evpn ethernet-segment "vESI-23_2" evi 2 df
[04/26/2021 09:19:25] Computed DF: 192.0.2.2 (This Node) (Boot Timer Expired: Yes)
Service carving: preference-based manual mode
To have more control, the vES can be configured in manual mode. The following reconfigures the vES "vESI-23_1" in manual mode, preference-based and revertive with preference value 32767 (default) on PE-2 and 5000 on PE-3, whereas vES "vESI-23_2" is preference-based and non-revertive with preference value 15000 on PE-2 and 20000 on PE-3.
An EVI range is configured for ES "vESI-23_2", but not for ES "vESI-23_1". When no EVI range is configured, the highest preference wins; for configured EVI ranges, the lowest preference wins. When there are no failures, PE-2 will be the DF for "vESI-23_1" (highest preference) and for "vESI-23_2" (lowest preference for configured EVI 2).
On PE-2, the ESs are reconfigured as follows:
# on PE-2:
configure {
service {
system {
bgp {
evpn {
ethernet-segment "vESI-23_1" {
df-election {
service-carving-mode manual
manual {
preference {
}
}
}
}
ethernet-segment "vESI-23_2" {
df-election {
service-carving-mode manual
manual {
evi 2 {
end 2
}
preference {
mode non-revertive
value 15000
}
}
}
}
}
The non-revertive mode is configured for vES "vESI-23_2", but not for vES "vESI-23_1".
On PE-3, the ES configuration is modified as follows:
# on PE-3:
configure {
service {
system {
bgp {
evpn {
ethernet-segment "vESI-23_1" {
df-election {
service-carving-mode manual
manual {
preference {
value 5000
}
}
}
}
ethernet-segment "vESI-23_2" {
df-election {
service-carving-mode manual
manual {
evi 2 {
end 2
}
preference {
mode non-revertive
value 20000
}
}
}
}
}
For the single-active multi-homing vESs on PE-4 and PE-5, the same preferences are configured manually. The ES configuration on PE-4 is as follows:
# on PE-4:
configure {
service {
system {
bgp {
evpn {
ethernet-segment "vESI-45_1" {
admin-state enable
type virtual
esi 01:00:00:00:00:45:01:00:00:01
multi-homing-mode single-active
df-election {
es-activation-timer 3
service-carving-mode manual
manual {
preference {
}
}
}
association {
sdp 46 {
virtual-ranges {
vc-id 1 {
end 1
}
vc-id 500 {
end 501
}
}
}
}
}
ethernet-segment "vESI-45_2" {
admin-state enable
type virtual
esi 01:00:00:00:00:45:02:00:00:01
multi-homing-mode single-active
df-election {
es-activation-timer 3
service-carving-mode manual
manual {
evi 2 {
end 2
}
preference {
mode non-revertive
value 15000
}
}
}
association {
sdp 46 {
virtual-ranges {
vc-id 2 {
end 2
}
}
}
}
}
}
The ES configuration on PE-5 is as follows:
# on PE-5:
configure {
service {
system {
bgp {
evpn {
ethernet-segment "vESI-45_1" {
admin-state enable
type virtual
esi 01:00:00:00:00:45:01:00:00:01
multi-homing-mode single-active
df-election {
es-activation-timer 3
service-carving-mode manual
manual {
preference {
value 5000
}
}
}
association {
sdp 56 {
virtual-ranges {
vc-id 1 {
end 1
}
vc-id 500 {
end 501
}
}
}
}
}
ethernet-segment "vESI-45_2" {
admin-state enable
type virtual
esi 01:00:00:00:00:45:02:00:00:01
multi-homing-mode single-active
df-election {
es-activation-timer 3
service-carving-mode manual
manual {
evi 2 {
end 2
}
preference {
mode non-revertive
value 20000
}
}
}
association {
sdp 56 {
virtual-ranges {
vc-id 2 {
end 2
}
}
}
}
}
}
The preference configuration must be consistent across the PEs in the ES (manual or auto), otherwise the system reverts to the modulo-based DF election.
With preference-based DF election configured with default preference value 32767 and revertive, PE-4 sends the following BGP-EVPN update to the RR PE-2. The df-election extended community shows the DP=0 (revertive) and DF preference 32767.
# on PE-4:
60 2021/04/26 09:21:40.829 CEST MINOR: DEBUG #2001 Base Peer 1: 192.0.2.2
"Peer 1: 192.0.2.2: UPDATE
Peer 1: 192.0.2.2 - Send BGP UPDATE:
Withdrawn Length = 0
Total Path Attr Length = 71
Flag: 0x90 Type: 14 Len: 34 Multiprotocol Reachable NLRI:
Address Family EVPN
NextHop len 4 NextHop 192.0.2.4
Type: EVPN-ETH-SEG Len: 23 RD: 192.0.2.4:0
ESI: 01:00:00:00:00:45:01:00:00:01, IP-Len: 4 Orig-IP-Addr: 192.0.2.4
Flag: 0x40 Type: 1 Len: 1 Origin: 0
Flag: 0x40 Type: 2 Len: 0 AS Path:
Flag: 0x40 Type: 5 Len: 4 Local Preference: 100
Flag: 0xc0 Type: 16 Len: 16 Extended Community:
df-election::DF-Type:Preference/DP:0/DF-Preference:32767/AC:1
target:00:00:00:00:45:01
"
The following command shows the information in the preceding BGP-EVPN Ethernet-segment route for "vESI-45_1" sent by PE-4 to the RR PE-2:
[/]
A:admin@PE-4# show router bgp routes evpn eth-seg hunt
===============================================================================
BGP Router ID:192.0.2.4 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN Eth-Seg Routes
===============================================================================
---snip---
-------------------------------------------------------------------------------
RIB Out Entries
-------------------------------------------------------------------------------
Network : n/a
Nexthop : 192.0.2.4
To : 192.0.2.2
Res. Nexthop : n/a
Local Pref. : 100 Interface Name : NotAvailable
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : None
AIGP Metric : None IGP Cost : n/a
Connector : None
Community :
df-election::DF-Type:Preference/DP:0/DF-Preference:32767/AC:1
target:00:00:00:00:45:01
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 192.0.2.2
Origin : IGP
AS-Path : No As-Path
EVPN type : ETH-SEG
ESI : 01:00:00:00:00:45:01:00:00:01
Originator IP : 192.0.2.4
Route Dist. : 192.0.2.4:0
Route Tag : 0
Neighbor-AS : n/a
Orig Validation: N/A
Source Class : 0 Dest Class : 0
---snip---
The following command shows the DF preference election information for ES "vESI-45_1" with the preference mode revertive, the configured preference value on PE-4 (default 32767), and the operational preference value. No EVI ranges or ISID ranges are configured in this ES.
[/]
A:admin@PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_1"
===============================================================================
Service Ethernet Segment
===============================================================================
Name : vESI-45_1
Eth Seg Type : Virtual
Admin State : Enabled Oper State : Up
ESI : 01:00:00:00:00:45:01:00:00:01
Multi-homing : singleActive Oper Multi-homing : singleActive
ES SHG Label : 524276
Source BMAC LSB : <none>
Sdp Id : 46
ES Activation Timer : 3 secs
Oper Group : (Not Specified)
Svc Carving : manual Oper Svc Carving : manual
Cfg Range Type : lowest-pref
-------------------------------------------------------------------------------
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
revertive 32767 04/26/2021 09:21:41 32767 Disabled
-------------------------------------------------------------------------------
EVI Ranges: <none>
ISID Ranges: <none>
===============================================================================
The following command shows the DF preference election information for ES "vESI-45_2" with the preference mode non-revertive, the configured preference value on PE-4 (15000), and the operational preference value. The only configured EVI range is from 2 to 2. No ISID ranges are configured. For the configured EVI or ISID values, the lowest preference wins, as shown by the Cfg Range Type : lowest-pref parameter.
[/]
A:admin@PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_2"
===============================================================================
Service Ethernet Segment
===============================================================================
Name : vESI-45_2
Eth Seg Type : Virtual
Admin State : Enabled Oper State : Up
ESI : 01:00:00:00:00:45:02:00:00:01
Multi-homing : singleActive Oper Multi-homing : singleActive
ES SHG Label : 524275
Source BMAC LSB : <none>
Sdp Id : 46
ES Activation Timer : 3 secs
Oper Group : (Not Specified)
Svc Carving : manual Oper Svc Carving : manual
Cfg Range Type : lowest-pref
-------------------------------------------------------------------------------
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
non-revertive 15000 04/26/2021 09:21:41 15000 Enabled
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
EVI Ranges
-------------------------------------------------------------------------------
From To
-------------------------------------------------------------------------------
2 2
-------------------------------------------------------------------------------
ISID Ranges: <none>
===============================================================================
It is important to note that a router will prune a remote PE from the DF candidate list for an ES if it does not receive the corresponding Auto Discovery (AD) per-EVI and AD per-ES routes for that PE. A remote PE will not be shown in the DF Candidate list if its AD per-ES route is withdrawn. This is only true for EVPN. In PBB-EVPN, there are no AD routes, therefore the DF Candidate list is built out of the ES routes only.
DF election: higher preference prevails for non-configured EVI ranges
The PEs run the DF election per PE per EVI, and the elected DF for a service will activate the SAP/Spoke-SDP when the es-activation-timer expires. PE-4 is the DF in "vESI-45_1" used in VPLS 1, as follows. The EVI is not configured in ES "vESI-45_1", so the higher preference prevails. The ES "vESI-45_1" has (default) preference 32767 on PE-4 (DF) and preference 5000 on PE-5 (Non-Designated Forwarder (NDF)).
[/]
A:admin@PE-4# show service id 1 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
46:1 vESI-45_1 DF
===============================================================================
No vxlan instance entries
[/]
A:admin@PE-5# show service id 1 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
56:1 vESI-45_1 NDF
===============================================================================
No vxlan instance entries
The preference value can be modified on the fly on an active ES. This allows the user to force a new DF for the ES for maintenance operations on the former DF or other reasons.
DF election: lowest preference prevails for configured EVI ranges
ES "vESI-45_2" is configured with EVI 2, so the lowest preference prevails. The admin preference value is 15000 on PE-4 and 20000 on PE-5. Both PE-4 and PE-5 are DF candidates, but PE-4 has the lowest preference, so it will be the DF, as follows:
[/]
A:admin@PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_2" all
| match "EVI Range" post-lines 28
EVI Ranges
-------------------------------------------------------------------------------
From To
-------------------------------------------------------------------------------
2 2
-------------------------------------------------------------------------------
ISID Ranges: <none>
===============================================================================
===============================================================================
EVI Information
===============================================================================
EVI SvcId Actv Timer Rem DF
-------------------------------------------------------------------------------
2 2 0 yes
-------------------------------------------------------------------------------
Number of entries: 1
===============================================================================
-------------------------------------------------------------------------------
DF Candidate list
-------------------------------------------------------------------------------
EVI DF Address
-------------------------------------------------------------------------------
2 192.0.2.4
2 192.0.2.5
-------------------------------------------------------------------------------
Number of entries: 2
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
===============================================================================
DF election: DP prevails when preferences are equal
The service carving in the ES is configured with default preference and non-revertive option, as follows:
# on PE-5:
configure {
service {
system {
bgp {
evpn {
ethernet-segment "vESI-45_1" {
df-election {
es-activation-timer 3
service-carving-mode manual
manual {
preference {
mode non-revertive
delete value # default value: 32767
}
}
}
The ES configuration on PE-4 remains unchanged, so the behavior is revertive. PE-4 and PE-5 have the same preference (default 32767), but PE-5 is non-revertive and becomes the DF, as follows:
[/]
A:admin@PE-5# show service id 1 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
56:1 vESI-45_1 DF
===============================================================================
No vxlan instance entries
DF election: lowest IP address prevails when preferences and DP are equal
The vES configuration on PE-4 is modified by enabling the non-revertive option, as follows:
# on PE-4:
configure {
service {
system {
bgp {
evpn {
ethernet-segment "vESI-45_1" {
df-election {
manual {
preference {
mode non-revertive
}
}
}
PE-4 and PE-5 have an equal preference (default value = 32767) and non-revertive behavior. The tiebreaker for the DF selection is the IP address. PE-4 has the lower IP address and becomes the DF, as follows:
[/]
A:admin@PE-4# show service id 1 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
46:1 vESI-45_1 DF
===============================================================================
No vxlan instance entries
Service-carving configuration must be consistent
When the service carving on one of the PEs in the ES is configured in auto mode while one of the other PEs in the ES is configured in manual mode, the system reverts to modulo-based auto mode. The configuration of ES "vESI-45_1" remains unchanged on PE-4, but is modified on PE-5, as follows:
# on PE-5#
configure {
service {
system {
bgp {
evpn {
ethernet-segment "vESI-45_1" {
df-election {
service-carving-mode auto
delete manual
}
ES "vESI-45_1" will operate in auto mode on PE-4 and on PE-5. The following show command on PE-4 shows that the ES is configured in manual mode, but operates in auto mode:
[/]
A:admin@PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_1"
===============================================================================
Service Ethernet Segment
===============================================================================
Name : vESI-45_1
Eth Seg Type : Virtual
Admin State : Enabled Oper State : Up
ESI : 01:00:00:00:00:45:01:00:00:01
Multi-homing : singleActive Oper Multi-homing : singleActive
ES SHG Label : 524273
Source BMAC LSB : <none>
Sdp Id : 46
ES Activation Timer : 3 secs
Oper Group : (Not Specified)
Svc Carving : manual Oper Svc Carving : auto
Cfg Range Type : lowest-pref
-------------------------------------------------------------------------------
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
non-revertive 32767 04/26/2021 09:32:46 32767 Enabled
-------------------------------------------------------------------------------
EVI Ranges: <none>
ISID Ranges: <none>
===============================================================================
The following command on PE-5 shows that the ES is configured in auto mode and operates in auto mode:
[/]
A:admin@PE-5# show service system bgp-evpn ethernet-segment name "vESI-45_1"
===============================================================================
Service Ethernet Segment
===============================================================================
Name : vESI-45_1
Eth Seg Type : Virtual
Admin State : Enabled Oper State : Up
ESI : 01:00:00:00:00:45:01:00:00:01
Multi-homing : singleActive Oper Multi-homing : singleActive
ES SHG Label : 524276
Source BMAC LSB : <none>
Sdp Id : 56
ES Activation Timer : 3 secs
Oper Group : (Not Specified)
Svc Carving : auto Oper Svc Carving : auto
Cfg Range Type : primary
===============================================================================
For the remainder of the chapter, the vES configuration for "vESI-45_1" on PE-4 and PE-5 is restored to the initial settings. On PE-4, vESI-45_1" is configured with manual service-carving mode, reversive, and with default preference value (32767):
# on PE-4:
configure {
service {
system {
bgp {
evpn
ethernet-segment "vESI-45_1" {
df-election {
service-carving-mode manual
manual {
preference {
delete mode # default mode: revertive
}
}
On PE-5, "vESI-45_1" is configured with manual service-carving mode, reversive, and with preference value 5000:
# on PE-5:
configure {
service {
system {
bgp {
evpn
ethernet-segment "vESI-45_1" {
df-election {
service-carving-mode manual
manual {
preference {
value 5000
}
}
When there are no failures, PE-4 is the DF, because it has a higher preference.
Revertive behavior
When SDP 64 fails on MTU-6, PE-4 becomes the NDF for ES "vESI-45_1" and PE-5 will be the DF instead, as follows. The failure is emulated by disabling the SDP on MTU-6.
# on MTU-6:
configure {
service {
sdp 64 {
admin-state disable
When the PE is not a candidate DF because it cannot be used, the operational preference value equals 0, as follows:
[/]
A:admin@PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_1"
| match "DF Pref Election" post-lines 6
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
revertive 32767 04/26/2021 09:32:46 0 Disabled
-------------------------------------------------------------------------------
PE-5 is the only DF candidate in ES "vESI-45_1" for VPLS 1:
[/]
A:admin@PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_1"
evi evi-1 1
===============================================================================
EVI DF and Candidate List
===============================================================================
EVI SvcId Actv Timer Rem DF DF Last Change
-------------------------------------------------------------------------------
1 1 0 no 04/26/2021 09:37:32
===============================================================================
===============================================================================
DF Candidates Time Added
-------------------------------------------------------------------------------
192.0.2.5 04/26/2021 09:32:50
-------------------------------------------------------------------------------
Number of entries: 1
===============================================================================
PE-5 is the DF in "vESI-45_1" for VPLS 1:
[/]
A:admin@PE-5# show service id 1 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
56:1 vESI-45_1 DF
===============================================================================
No vxlan instance entries
The preference mode for this vES is revertive and the DF preference for PE-5 is 5000, as follows:
[/]
A:admin@PE-5# show service system bgp-evpn ethernet-segment name "vESI-45_1"
| match "DF Pref Election" post-lines 6
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
revertive 5000 04/26/2021 09:37:02 5000 Disabled
-------------------------------------------------------------------------------
When the failure is restored, the system reverts and PE-4 will again be the DF for "vESI-45_1" in VPLS 1.
# on MTU-6:
configure {
service {
sdp 64 {
admin-state enable
[/]
A:admin@PE-4# show service id 1 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
46:1 vESI-45_1 DF
===============================================================================
No vxlan instance entries
Non-revertive behavior
When no failures have occurred, PE-4 is the DF for "vESI-45_2" because the lowest preference prevails for the configured EVI 2. The preference of PE-4 is 15000, which is lower than PE-5's preference of 20000.
[/]
A:admin@PE-4# show service id 2 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
46:2 vESI-45_2 DF
===============================================================================
No vxlan instance entries
A failure is simulated as follows:
# on MTU-6:
configure {
service {
sdp 64 {
admin-state disable
When SDP 64 on MTU-6 goes down, SDP 46 on PE-4 goes down which brings the vESs down on PE-4. PE-4 is no longer the DF for "vESI-45_2" and not even a DF candidate anymore. The operational preference value is 0.
[/]
A:admin@PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_2"
| match "DF Pref Election" post-lines 6
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
non-revertive 15000 04/26/2021 09:21:41 0 Disabled
-------------------------------------------------------------------------------
PE-5 becomes the DF for "vESI-45_2" in VPLS 2, as follows:
[/]
A:admin@PE-5# show service id 2 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
56:2 vESI-45_2 DF
===============================================================================
No vxlan instance entries
[/]
A:admin@PE-5# show service system bgp-evpn ethernet-segment name "vESI-45_2"
| match "DF Pref Election" post-lines 6
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
non-revertive 20000 04/26/2021 09:21:50 20000 Enabled
-------------------------------------------------------------------------------
When the SDP is restored, the DF does not revert even though the list of DF candidates contains both PE-4 and PE-5. The preference mode is non-revertive; therefore, the DP bit has been set. PE-4 will not become the DF, as follows:
# on MTU-6:
configure {
service {
sdp 64 {
admin-state enable
[/]
A:admin@PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_2"
evi evi-1 2
===============================================================================
EVI DF and Candidate List
===============================================================================
EVI SvcId Actv Timer Rem DF DF Last Change
-------------------------------------------------------------------------------
2 2 0 no 04/26/2021 09:41:43
===============================================================================
===============================================================================
DF Candidates Time Added
-------------------------------------------------------------------------------
192.0.2.4 04/26/2021 09:43:17
192.0.2.5 04/26/2021 09:40:43
-------------------------------------------------------------------------------
Number of entries: 2
===============================================================================
The operational preference value on NDF PE-4 equals the preference value on DF PE-5, as follows. In this example, EVI 2 is included in the configured EVI range, so the lowest preference wins. To avoid the system reverting to the lower preference of 15000, the operational preference is raised to the value of 20000, which equals the preference of the current DF PE-5.
[/]
A:admin@PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_2"
| match "DF Pref Election" post-lines 6
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
non-revertive 15000 04/26/2021 09:21:41 20000 Disabled
-------------------------------------------------------------------------------
PE-4 checks its own administrative preference and compares it with the one of the Highest-PE and Lowest-PE that have DP=1 in their ES routes.
-
The Highest-PE is the PE with higher preference, using the DP bit (with DP=1 being better) and, after that, the lower PE-IP address as tie-breakers.
-
The Lowest-PE is the PE with lower preference, using the DP bit (with DP=1 being better) and, after that, the lower PE-IP address as tie-breakers.
Depending on this comparison, PE-4 will send the ES route with a preference and DP that may be different from its administrative values.
-
If PE-4's preference value is higher than the Highest-PE's, PE-4 will send the ES route with an 'in-use' operational preference equal to the Highest-PE's and DP=0.
-
If PE-4's preference value is lower than the Lowest-PE's, PE-4 will send the ES route with an 'in-use' operational preference equal to the Lowest-PE's and DP=0.
-
If PE-4's preference value is neither higher nor lower than the Highest-PE's or the Lowest-PE's respectively, PE-4 will send the ES route with its administrative [preference,DP]=[15000,1].
In this example, NDF PE-4 sends operational preference 20000 and DP=0, because its admin preference value was lower than the Lowest-PE's (PE-5), as follows:
# on PE-4:
148 2021/04/26 09:43:17.492 CEST MINOR: DEBUG #2001 Base Peer 1: 192.0.2.2
"Peer 1: 192.0.2.2: UPDATE
Peer 1: 192.0.2.2 - Send BGP UPDATE:
Withdrawn Length = 0
Total Path Attr Length = 71
Flag: 0x90 Type: 14 Len: 34 Multiprotocol Reachable NLRI:
Address Family EVPN
NextHop len 4 NextHop 192.0.2.4
Type: EVPN-ETH-SEG Len: 23 RD: 192.0.2.4:0
ESI: 01:00:00:00:00:45:02:00:00:01, IP-Len: 4 Orig-IP-Addr: 192.0.2.4
Flag: 0x40 Type: 1 Len: 1 Origin: 0
Flag: 0x40 Type: 2 Len: 0 AS Path:
Flag: 0x40 Type: 5 Len: 4 Local Preference: 100
Flag: 0xc0 Type: 16 Len: 16 Extended Community:
df-election::DF-Type:Preference/DP:0/DF-Preference:20000/AC:1
target:00:00:00:00:45:02
"
With equal operational preference, the current DF PE-5 sends DP=1, which is preferred over DP=0. The following output shows the BGP extended community of the ES routes for "vESI-45_2" in the RIB-In (received ES route from PE-5) and RIB-Out (sent ES route) on PE-4:
[/]
A:admin@PE-4# show router bgp routes evpn eth-seg hunt
| match "target:00:00:00:00:45:02" pre-lines 2
Community : # in RIB-In
df-election::DF-Type:Preference/DP:1/DF-Preference:20000/AC:1
target:00:00:00:00:45:02
Community : # in RIB-Out
df-election::DF-Type:Preference/DP:0/DF-Preference:20000/AC:1
target:00:00:00:00:45:02
Either of the following events cause PE-4 to re-advertise its admin preference 15000 and DP=1:
-
DF PE-5 withdraws its ES route.
-
The admin preference for ES "vESI-45_2" on DF PE-5 is modified by configuration to a value preferred over PE-4's admin preference; in this case, to a value lower than 15000.
The admin preference value can be modified on ES "vESI-45_2" on DF PE-5, as follows:
# on PE-5:
configure {
service {
system {
bgp {
evpn {
ethernet-segment "vESI-45_2" {
df-election {
manual {
preference {
mode non-revertive
value 10000
}
}
The preference value 10000 is lower than 15000 and, therefore, preferred when the lowest preference wins. PE-5 remains DF, but now there is no need to modify the preference of PE-4, because the system does not need to revert. Therefore, PE-4 can send the admin preference 15000 and configured DP=1, as follows:
# on PE-4:
151 2021/04/26 09:47:45.433 CEST MINOR: DEBUG #2001 Base Peer 1: 192.0.2.2
"Peer 1: 192.0.2.2: UPDATE
Peer 1: 192.0.2.2 - Send BGP UPDATE:
Withdrawn Length = 0
Total Path Attr Length = 71
Flag: 0x90 Type: 14 Len: 34 Multiprotocol Reachable NLRI:
Address Family EVPN
NextHop len 4 NextHop 192.0.2.4
Type: EVPN-ETH-SEG Len: 23 RD: 192.0.2.4:0
ESI: 01:00:00:00:00:45:02:00:00:01, IP-Len: 4 Orig-IP-Addr: 192.0.2.4
Flag: 0x40 Type: 1 Len: 1 Origin: 0
Flag: 0x40 Type: 2 Len: 0 AS Path:
Flag: 0x40 Type: 5 Len: 4 Local Preference: 100
Flag: 0xc0 Type: 16 Len: 16 Extended Community:
df-election::DF-Type:Preference/DP:1/DF-Preference:15000/AC:1
target:00:00:00:00:45:02
"
Conclusion
Preference-based DF election offers more control over the DF Election and applies to regular ESs and vESs, either in single-active or in all-active multi-homing mode, in VPLS, I-VPLS, or Epipe services. The DF election is by default revertive, but when preference mode is chosen, it can be configured as non-revertive to reduce service impact.