Preference-based and Non-revertive EVPN DF Election
This chapter provides information about Preference-based and Non-revertive EVPN DF Election.
Topics in this chapter include:
Applicability
This chapter was initially written based on SR OS Release 15.0.R3, but the CLI in the current edition corresponds to SR OS Release 21.2.R2. Preference-based and non-revertive EVPN Designated Forwarder (DF) election is supported in SR OS Release 15.0.R1, and later. This mechanism works for Ethernet Segments (ESs) and virtual ESs (vESs).
Overview
RFC 7432 defines the Designated Forwarder (DF) in (PBB-)EVPN networks as the PE that will forward the following packets to a multi-homed node:
Broadcast, Unknown unicast, and Multicast (BUM) traffic in an all-active multi-homing Ethernet Segment (ES)
BUM and unicast in a single-active multi-homing ES
For more information about vESs, see chapter Virtual Ethernet Segments.
Virtual Ethernet Segments shows a topology with two vESs.
Taking the Ethernet VPN Identifier (EVI) or ISID and the number of PEs in the ES as input, the RFC 7432 service-carving algorithm elects the DF from the list of candidate PEs that advertise the ES identifier (ESI). While this algorithm provides an automated and fair DF distribution across services in the ES, it does not allow the operator to control what PE is the DF for which service. In addition, in case of a DF failure, when the former DF comes back up, a new DF switchover will cause unnecessary packet loss (this mode of operation is called revertive). SR OS implements draft-ietf-bess-evpn-pref-df to give more control to the operator on the DF election and avoid the revertive mode.
In SR OS, in addition to the automated service-carving, the DF election can also be controlled by configuring a preference manually. Also, it is possible to force an on-demand DF switchover without reconfiguring the PEs in the ES. Furthermore, the non-revertive option prevents an automatic switchover when a new active PE can preempt the existing DF PE. The non-revertive option avoids service impact when an ES comes back up.
BGP-EVPN extended community for DF election shows the BGP-EVPN extended community defined for DF election and the different values described in draft-ietf-bess-evpn-pref-df.
The "Do not preempt" (DP) bit is set to enable the non-revertive option. When preference-based service carving is configured in the ES, DF type 2 is advertised along with a 2-byte preference value, which is 32767 by default.
Service carving can be configured in auto mode or manual mode. The preference can only be configured in manual mode.
*A:PE-2>config>service>system>bgp-evpn>eth-seg>service-carving# mode ?
- mode {auto|manual|off}
<auto|manual|off> : auto|manual|off
When manual mode is enabled, the following parameters can be configured to control which PE will be elected as DF:
*A:PE-2>config>service>system>bgp-evpn>eth-seg>service-carving# manual ?
- manual
[no] evi - Configure EVI range (primary for non-preference based DF
election and lowest-preference for preference based DF election)
[no] isid - Configure ISID range (primary for non-preference based DF
election and lowest-preference for preference based DF election)
[no] preference + Configure DF preference election information
The EVI and ISID ranges configured in the service-carving context do not need to be consistent with any ranges configured for virtual ESs.
When preference is configured manually, a preference value can be provided along with the non-revertive option:
*A:PE-2>config>service>system>bgp-evpn>eth-seg>service-carving>manual# preference ?
- no preference
- preference [create] [non-revertive]
<create> : keyword
<non-revertive> : keyword
value - Configure DF preference value
The preference-based EVPN DF election is as follows:
By default, all SAPs and spoke-SDPs on the configured ES select the highest-preference PE as DF; however, when the EVI or ISID ranges are configured in the ES, the lowest-preference PE is selected.
When the preference is equal, the DP bit is the tiebreaker: DP=1 wins over DP=0.
For equal preference and DP, the PE IP address is the tiebreaker: the lowest IP address wins.
Configuration
Example topology with all-active and single-active vESs shows the example topology with six nodes. EVPN-MPLS is configured between the core PE nodes. All-active vESs are configured between PE-2 and PE-3 and single-active vESs are configured between PE-4 and PE-5.
The initial configuration includes:
Cards, MDAs, ports
LAG 1 between MTU-1, PE-2, PE-3
Router interfaces
IS-IS (alternatively, OSPF could be used)
LDP
BGP is configured on the four core PEs with PE-2 as Route Reflector (RR). The BGP configuration on RR PE-2 is as follows:
# on RR PE-2:
configure
router
autonomous-system 64500
bgp
vpn-apply-import
vpn-apply-export
enable-peer-tracking
rapid-withdrawal
split-horizon
rapid-update evpn
group "internal"
family evpn
cluster 1.1.1.1
peer-as 64500
neighbor 192.0.2.3
exit
neighbor 192.0.2.4
exit
neighbor 192.0.2.5
exit
exit
VPLS 1 and VPLS 2 are configured on each node. The PEs have EVPN-MPLS enabled. The configuration on PE-2 is as follows:
# on PE-2:
configure
service
vpls 1 name "VPLS 1" customer 1 create
bgp
exit
bgp-evpn
evi 1
mpls bgp 1
ingress-replication-bum-label
ecmp 2
auto-bind-tunnel
resolution any
exit
no shutdown
exit
exit
stp
shutdown
exit
sap lag-1:1.1 create
no shutdown
exit
no shutdown
exit
vpls 2 name "VPLS 2" customer 1 create
bgp
exit
bgp-evpn
evi 2
mpls bgp 1
ingress-replication-bum-label
ecmp 2
auto-bind-tunnel
resolution any
exit
no shutdown
exit
exit
stp
shutdown
exit
sap lag-1:2.1 create
no shutdown
exit
no shutdown
exit
The configuration on the other PEs is similar; PE-4 and PE-5 have a spoke-SDP configured instead of a SAP. For an explanation of the configuration, see chapter EVPN for MPLS Tunnels.
Service carving: auto mode
On PE-2 and PE-3, the following all-active multi-homing vESs are configured:
# on PE-2, PE-3:
configure
service
system
bgp-evpn
ethernet-segment "vESI-23_1" virtual create
esi 01:00:00:00:00:23:01:00:00:01
es-activation-timer 3
service-carving
mode auto
exit
multi-homing all-active
lag 1
qinq
s-tag-range 1
exit
no shutdown
exit
ethernet-segment "vESI-23_2" virtual create
esi 01:00:00:00:00:23:02:00:00:01
es-activation-timer 3
service-carving
mode auto
exit
multi-homing all-active
lag 1
qinq
s-tag-range 2
exit
no shutdown
exit
The service carving mode is set to auto, so the DF election is based on a modulo function of the EVI and the number of DF candidates. In the vES "vESI-23_1", there are two DF candidates, PE-2 and PE-3, listed in that order because PE-2 has the lower system IP address, as follows:
*A:PE-3# show service system bgp-evpn ethernet-segment name "vESI-23_1" all
| match "EVI Information" post-lines 20
EVI Information
===============================================================================
EVI SvcId Actv Timer Rem DF
-------------------------------------------------------------------------------
1 1 0 yes
-------------------------------------------------------------------------------
Number of entries: 1
===============================================================================
-------------------------------------------------------------------------------
DF Candidate list
-------------------------------------------------------------------------------
EVI DF Address
-------------------------------------------------------------------------------
1 192.0.2.2
1 192.0.2.3
-------------------------------------------------------------------------------
Number of entries: 2
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
The first DF candidate from the list will be selected when the result of the modulo function equals 0; the second DF candidate when the result equals 1. The calculation is as follows:
The following shows that PE-2 is not the DF for VPLS 1, but it is the DF for VPLS 2:
*A:PE-2# show service id 1 ethernet-segment
===============================================================================
SAP Ethernet-Segment Information
===============================================================================
SAP Eth-Seg Status
-------------------------------------------------------------------------------
lag-1:1.1 vESI-23_1 NDF
===============================================================================
No sdp entries
No vxlan instance entries
*A:PE-2# show service id 2 ethernet-segment
===============================================================================
SAP Ethernet-Segment Information
===============================================================================
SAP Eth-Seg Status
-------------------------------------------------------------------------------
lag-1:2.1 vESI-23_2 DF
===============================================================================
No sdp entries
No vxlan instance entries
Instead of the preceding show commands, the following tools commands can be used:
*A:PE-2# tools dump service system bgp-evpn ethernet-segment "vESI-23_1" evi 1 df
[04/22/2021 15:20:08] Computed DF: 192.0.2.3 (Remote) (Boot Timer Expired: Yes)
*A:PE-2# tools dump service system bgp-evpn ethernet-segment "vESI-23_2" evi 2 df
[04/22/2021 15:20:08] Computed DF: 192.0.2.2 (This Node) (Boot Timer Expired: Yes)
Service carving: preference-based manual mode
To have more control, the vES can be configured in manual mode. The following reconfigures the vES "vESI-23_1" in manual mode, preference-based and revertive with preference 32767 (default) on PE-2 and 5000 on PE-3, whereas vES "vESI-23_2" is preference-based and non-revertive with preference 15000 on PE-2 and 20000 on PE-3.
An EVI range is configured for ES "vESI-23_2", but not for ES "vESI-23_1". When no EVI range is configured, the highest preference wins; for configured EVI ranges, the lowest preference wins. When there are no failures, PE-2 will be the DF for "vESI-23_1" (highest preference) and for "vESI-23_2" (lowest preference for configured EVI 2).
To modify the service-carving mode from auto to manual, the ES must be disabled first (shutdown). The following is configured on PE-2:
# on PE-2:
configure
service
system
bgp-evpn
ethernet-segment "vESI-23_1" virtual create
shutdown
service-carving
mode manual
manual
preference create
exit
exit
exit
no shutdown
exit
ethernet-segment "vESI-23_2" virtual create
shutdown
service-carving
mode manual
manual
preference non-revertive create
value 15000
exit
evi 2
exit
exit
no shutdown
exit
The keyword non-revertive is added for vES "vESI-23_2", but not for vES "vESI-23_1".
The following is configured on PE-3:
# on PE-3:
configure
service
system
bgp-evpn
ethernet-segment "vESI-23_1" virtual create
shutdown
service-carving
mode manual
manual
preference create
value 5000
exit
exit
exit
no shutdown
exit
ethernet-segment "vESI-23_2" virtual create
shutdown
service-carving
mode manual
manual
preference non-revertive create
value 20000
exit
evi 2
exit
exit
no shutdown
exit
For the single-active multi-homing vESs on PE-4 and PE-5, the same preferences are configured manually. The ES configuration on PE-4 is as follows:
# on PE-4:
configure
service
system
bgp-evpn
ethernet-segment "vESI-45_1" virtual create
esi 01:00:00:00:00:45:01:00:00:01
es-activation-timer 3
service-carving
mode manual
manual
preference create
exit
exit
exit
multi-homing single-active
sdp 46
vc-id-range 1
vc-id-range 500 to 501
no shutdown
exit
ethernet-segment "vESI-45_2" virtual create
esi 01:00:00:00:00:45:02:00:00:01
es-activation-timer 3
service-carving
mode manual
manual
preference non-revertive create
value 15000
exit
evi 2
exit
exit
multi-homing single-active
sdp 46
vc-id-range 2
no shutdown
exit
The ES configuration on PE-5 is as follows:
# on PE-5:
configure
service
system
bgp-evpn
ethernet-segment "vESI-45_1" virtual create
esi 01:00:00:00:00:45:01:00:00:01
es-activation-timer 3
service-carving
mode manual
manual
preference create
value 5000
exit
exit
exit
multi-homing single-active
sdp 56
vc-id-range 1
vc-id-range 500 to 501
no shutdown
exit
ethernet-segment "vESI-45_2" virtual create
esi 01:00:00:00:00:45:02:00:00:01
es-activation-timer 3
service-carving
mode manual
manual
preference non-revertive create
value 20000
exit
evi 2
exit
exit
multi-homing single-active
sdp 56
vc-id-range 2
no shutdown
exit
The preference configuration must be consistent across the PEs in the ES (manual or auto), otherwise the system reverts to the modulo-based DF election.
With preference-based DF election configured with default preference value 32767 and revertive, PE-4 sends the following BGP-EVPN update to the RR PE-2. The df-election extended community shows the DP=0 (revertive) and DF preference 32767.
# on PE-4:
47 2021/04/22 15:21:19.329 UTC MINOR: DEBUG #2001 Base Peer 1: 192.0.2.2
"Peer 1: 192.0.2.2: UPDATE
Peer 1: 192.0.2.2 - Send BGP UPDATE:
Withdrawn Length = 0
Total Path Attr Length = 71
Flag: 0x90 Type: 14 Len: 34 Multiprotocol Reachable NLRI:
Address Family EVPN
NextHop len 4 NextHop 192.0.2.4
Type: EVPN-ETH-SEG Len: 23 RD: 192.0.2.4:0
ESI: 01:00:00:00:00:45:01:00:00:01, IP-Len: 4 Orig-IP-Addr: 192.0.2.4
Flag: 0x40 Type: 1 Len: 1 Origin: 0
Flag: 0x40 Type: 2 Len: 0 AS Path:
Flag: 0x40 Type: 5 Len: 4 Local Preference: 100
Flag: 0xc0 Type: 16 Len: 16 Extended Community:
df-election::DF-Type:Preference/DP:0/DF-Preference:32767/AC:1
target:00:00:00:00:45:01
"
The following command shows the information in the preceding BGP-EVPN Ethernet-segment route for "vESI-45_1" sent by PE-4 to the RR PE-2:
*A:PE-4# show router bgp routes evpn eth-seg hunt
===============================================================================
BGP Router ID:192.0.2.4 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN Eth-Seg Routes
===============================================================================
---snip---
-------------------------------------------------------------------------------
RIB Out Entries
-------------------------------------------------------------------------------
Network : n/a
Nexthop : 192.0.2.4
To : 192.0.2.2
Res. Nexthop : n/a
Local Pref. : 100 Interface Name : NotAvailable
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : None
AIGP Metric : None IGP Cost : n/a
Connector : None
Community :
df-election::DF-Type:Preference/DP:0/DF-Preference:32767/AC:1
target:00:00:00:00:45:01
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 192.0.2.2
Origin : IGP
AS-Path : No As-Path
EVPN type : ETH-SEG
ESI : 01:00:00:00:00:45:01:00:00:01
Originator IP : 192.0.2.4
Route Dist. : 192.0.2.4:0
Route Tag : 0
Neighbor-AS : n/a
Orig Validation: N/A
Source Class : 0 Dest Class : 0
---snip---
The following command shows the DF preference election information for ES "vESI-45_1" with the preference mode revertive, the configured preference value on PE-4 (default 32767), and the operational preference value. No EVI ranges or ISID ranges are configured in this ES.
*A:PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_1"
===============================================================================
Service Ethernet Segment
===============================================================================
Name : vESI-45_1
Eth Seg Type : Virtual
Admin State : Enabled Oper State : Up
ESI : 01:00:00:00:00:45:01:00:00:01
Multi-homing : singleActive Oper Multi-homing : singleActive
ES SHG Label : 524276
Source BMAC LSB : <none>
Sdp Id : 46
ES Activation Timer : 3 secs
Oper Group : (Not Specified)
Svc Carving : manual Oper Svc Carving : manual
Cfg Range Type : lowest-pref
-------------------------------------------------------------------------------
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
revertive 32767 04/22/2021 15:21:19 32767 Disabled
-------------------------------------------------------------------------------
EVI Ranges: <none>
ISID Ranges: <none>
===============================================================================
The following command shows the DF preference election information for ES "vESI-45_2" with the preference mode non-revertive, the configured preference value on PE-4 (15000), and the operational preference value. The only configured EVI range is from 2 to 2. No ISID ranges are configured. For the configured EVI or ISID values, the lowest preference wins, as shown by the Cfg Range Type : lowest-pref parameter.
*A:PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_2"
===============================================================================
Service Ethernet Segment
===============================================================================
Name : vESI-45_2
Eth Seg Type : Virtual
Admin State : Enabled Oper State : Up
ESI : 01:00:00:00:00:45:02:00:00:01
Multi-homing : singleActive Oper Multi-homing : singleActive
ES SHG Label : 524275
Source BMAC LSB : <none>
Sdp Id : 46
ES Activation Timer : 3 secs
Oper Group : (Not Specified)
Svc Carving : manual Oper Svc Carving : manual
Cfg Range Type : lowest-pref
-------------------------------------------------------------------------------
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
non-revertive 15000 04/22/2021 15:21:19 15000 Enabled
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
EVI Ranges
-------------------------------------------------------------------------------
From To
-------------------------------------------------------------------------------
2 2
-------------------------------------------------------------------------------
ISID Ranges: <none>
===============================================================================
It is important to note that a router will prune a remote PE from the DF candidate list for an ES if it does not receive the corresponding Auto Discovery (AD) per-EVI and AD per-ES routes for that PE. A remote PE will not be shown in the DF Candidate list if its AD per-ES route is withdrawn. This is only true for EVPN. In PBB-EVPN, there are no AD routes, therefore the DF Candidate list is built out of the ES routes only.
DF election: higher preference prevails for non-configured EVI ranges
The PEs run the DF election per PE per EVI, and the elected DF for a service will activate the SAP/Spoke-SDP when the es-activation-timer expires. PE-4 is the DF in "vESI-45_1" used in VPLS 1, as follows. The EVI is not configured in ES "vESI-45_1", so the higher preference prevails. The ES "vESI-45_1" has (default) preference 32767 on PE-4 (DF) and preference 5000 on PE-5 (Non-Designated Forwarder (NDF)).
*A:PE-4# show service id 1 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
46:1 vESI-45_1 DF
===============================================================================
No vxlan instance entries
*A:PE-5# show service id 1 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
56:1 vESI-45_1 NDF
===============================================================================
No vxlan instance entries
The preference value can be modified on the fly on an active ES without the need to disable the ES (shutdown). This allows the user to force a new DF for the ES for maintenance operations on the former DF or other reasons.
DF election: lowest preference prevails for configured EVI ranges
ES "vESI-45_2" is configured with EVI 2, so the lowest preference prevails. The admin preference value is 15000 on PE-4 and 20000 on PE-5. Both PE-4 and PE-5 are DF candidates, but PE-4 has the lowest preference, so it will be the DF, as follows:
*A:PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_2" all
| match "EVI Ranges" post-lines 30
EVI Ranges
-------------------------------------------------------------------------------
From To
-------------------------------------------------------------------------------
2 2
-------------------------------------------------------------------------------
ISID Ranges: <none>
===============================================================================
===============================================================================
EVI Information
===============================================================================
EVI SvcId Actv Timer Rem DF
-------------------------------------------------------------------------------
2 2 0 yes
-------------------------------------------------------------------------------
Number of entries: 1
===============================================================================
-------------------------------------------------------------------------------
DF Candidate list
-------------------------------------------------------------------------------
EVI DF Address
-------------------------------------------------------------------------------
2 192.0.2.4
2 192.0.2.5
-------------------------------------------------------------------------------
Number of entries: 2
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
DF election: DP prevails when preferences are equal
In the preceding example, PE-4 was the DF in ES "vESI-45_1" because of the higher preference. The ES configuration is modified on PE-5 as follows: the preference is set to the default, which is equal to the preference on PE-4, and the non-revertive (do not preempt - DP) option enabled. The non-revertive keyword can only be configured at creation time. An attempt to modify this behavior afterward results in the following error message:
*A:PE-5>config>service>system>bgp-evpn>eth-seg>service-carving>manual#
preference non-revertive create
MINOR: CLI revertive mode can be specified only at creation time.
The existing preference first needs to be removed, which can only be done when the ES is disabled (shutdown); if not, the following error is raised:
*A:PE-5>config>service>system>bgp-evpn>eth-seg>service-carving>manual#
no preference
MINOR: SVCMGR #8074 Cannot delete preference - ethernet-segment not shut
The service carving in the ES is configured with default preference and non-revertive option, as follows:
# on PE-5:
configure
service
system
bgp-evpn
ethernet-segment "vESI-45_1" virtual create
ahutdown
service-carving
mode manual
manual
no preference
preference non-revertive create
exit
exit
exit
no shutdown
The ES configuration on PE-4 remains unchanged, so the behavior is revertive. PE-4 and PE-5 have the same preference (default 32767), but PE-5 is non-revertive and becomes the DF, as follows:
*A:PE-5# show service id 1 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
56:1 vESI-45_1 DF
===============================================================================
No vxlan instance entries
DF election: lowest IP address prevails when preferences and DP are equal
The vES configuration on PE-4 is modified by enabling the non-revertive option (after deleting the existing preference configuration), as follows:
# on PE-4:
configure
service
system
bgp-evpn
ethernet-segment "vESI-45_1" virtual create
shutdown
service-carving
mode manual
manual
no preference
preference non-revertive create
exit
exit
exit
no shutdown
PE-4 and PE-5 have an equal preference (32767) and non-revertive behavior. The tiebreaker for the DF selection is the IP address. PE-4 has the lower IP address and becomes the DF, as follows:
*A:PE-4# show service id 1 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
46:1 vESI-45_1 DF
===============================================================================
No vxlan instance entries
Service-carving configuration must be consistent
When the service carving on one of the PEs in the ES is configured in auto mode while one of the other PEs in the ES is configured in manual mode, the system reverts to modulo-based auto mode. The configuration of ES "vESI-45_1" remains unchanged on PE-4, but is modified on PE-5, as follows:
*A:PE-5#
configure
service
system
bgp-evpn
ethernet-segment "vESI-45_1" virtual create
shutdown
service-carving
manual no preference
mode auto
exit
no shutdown
ES "vESI-45_1" will operate in auto mode on PE-4 and on PE-5. The following show command on PE-4 shows that the ES is configured in manual mode, but operates in auto mode:
*A:PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_1"
===============================================================================
Service Ethernet Segment
===============================================================================
Name : vESI-45_1
Eth Seg Type : Virtual
Admin State : Enabled Oper State : Up
ESI : 01:00:00:00:00:45:01:00:00:01
Multi-homing : singleActive Oper Multi-homing : singleActive
ES SHG Label : 524274
Source BMAC LSB : <none>
Sdp Id : 46
ES Activation Timer : 3 secs
Oper Group : (Not Specified)
Svc Carving : manual Oper Svc Carving : auto
Cfg Range Type : lowest-pref
-------------------------------------------------------------------------------
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
non-revertive 32767 04/22/2021 15:34:52 32767 Enabled
-------------------------------------------------------------------------------
EVI Ranges: <none>
ISID Ranges: <none>
===============================================================================
The following command on PE-5 shows that the ES is configured in auto mode and operates in auto mode:
*A:PE-5# show service system bgp-evpn ethernet-segment name "vESI-45_1"
===============================================================================
Service Ethernet Segment
===============================================================================
Name : vESI-45_1
Eth Seg Type : Virtual
Admin State : Enabled Oper State : Up
ESI : 01:00:00:00:00:45:01:00:00:01
Multi-homing : singleActive Oper Multi-homing : singleActive
ES SHG Label : 524276
Source BMAC LSB : <none>
Sdp Id : 56
ES Activation Timer : 3 secs
Oper Group : (Not Specified)
Svc Carving : auto Oper Svc Carving : auto
Cfg Range Type : primary
===============================================================================
For the remainder of the chapter, the vES configuration for "vESI-45_1" on PE-4 and PE-5 is restored to the initial settings: the behavior is revertive; PE-4 has the default preference, and PE-5 has preference 5000. When there are no failures, PE-4 is the DF, because it has a higher preference.
Revertive behavior
When SDP 64 fails on MTU-6, PE-4 becomes the NDF for ES "vESI-45_1" and PE-5 will be the DF instead, as follows. The failure is emulated by disabling the SDP on MTU-6.
# on MTU-6:
configure
service
sdp 64
shutdown
When the PE is not a candidate DF because it cannot be used, the operational preference value equals 0, as follows:
*A:PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_1"
| match "DF Pref Election" post-lines 6
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
revertive 32767 04/22/2021 15:43:11 0 Disabled
-------------------------------------------------------------------------------
PE-5 is the only DF candidate in ES "vESI-45_1" for VPLS 1 :
*A:PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_1" evi 1
===============================================================================
EVI DF and Candidate List
===============================================================================
EVI SvcId Actv Timer Rem DF DF Last Change
-------------------------------------------------------------------------------
1 1 0 no 04/22/2021 15:43:32
===============================================================================
===============================================================================
DF Candidates Time Added
-------------------------------------------------------------------------------
192.0.2.5 04/22/2021 15:43:15
-------------------------------------------------------------------------------
Number of entries: 1
===============================================================================
PE-5 is the DF in "vESI-45_1" for VPLS 1:
*A:PE-5# show service id 1 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
56:1 vESI-45_1 DF
===============================================================================
No vxlan instance entries
The preference mode for this vES is revertive and the DF preference for PE-5 is 5000, as follows:
*A:PE-5# show service system bgp-evpn ethernet-segment name "vESI-45_1"
| match "DF Pref Election" post-lines 6
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
revertive 5000 04/22/2021 15:43:19 5000 Disabled
-------------------------------------------------------------------------------
When the failure is restored, the system reverts and PE-4 will again be the DF for "vESI-45_1" in VPLS 1.
# on MTU-6:
configure
service
sdp 64
no shutdown
*A:PE-4# show service id 1 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
46:1 vESI-45_1 DF
===============================================================================
No vxlan instance entries
Non-revertive behavior
When no failures have occurred, PE-4 is the DF for "vESI-45_2" because the lowest preference prevails for the configured EVI 2. The preference of PE-4 is 15000, which is lower than PE-5's preference of 20000.
*A:PE-4# show service id 2 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
46:2 vESI-45_2 DF
===============================================================================
No vxlan instance entries
A failure is simulated as follows:
# on MTU-6:
configure
service
sdp 64
shutdown
When SDP 64 on MTU-6 goes down, SDP 46 on PE-4 goes down which brings the vESs down on PE-4. PE-4 is no longer the DF for "vESI-45_2" and not even a DF candidate anymore. The operational preference value is 0.
*A:PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_2"
| match "DF Pref Election" post-lines 6
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
non-revertive 15000 04/22/2021 15:21:19 0 Disabled
-------------------------------------------------------------------------------
PE-5 becomes the DF for "vESI-45_2" in VPLS 2, as follows:
*A:PE-5# show service id 2 ethernet-segment
No sap entries
===============================================================================
SDP Ethernet-Segment Information
===============================================================================
SDP Eth-Seg Status
-------------------------------------------------------------------------------
56:2 vESI-45_2 DF
===============================================================================
No vxlan instance entries
*A:PE-5# show service system bgp-evpn ethernet-segment name "vESI-45_2"
| match "DF Pref Election" post-lines 6
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
non-revertive 20000 04/22/2021 15:21:27 20000 Enabled
-------------------------------------------------------------------------------
When the SDP is restored, the DF does not revert even though the list of DF candidates contains both PE-4 and PE-5. The preference mode is non-revertive; therefore, the DP bit has been set. PE-4 will not become the DF, as follows:
# on MTU-6:
configure
service
sdp 64
no shutdown
*A:PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_2" evi 2
===============================================================================
EVI DF and Candidate List
===============================================================================
EVI SvcId Actv Timer Rem DF DF Last Change
-------------------------------------------------------------------------------
2 2 0 no 04/22/2021 15:46:25
===============================================================================
===============================================================================
DF Candidates Time Added
-------------------------------------------------------------------------------
192.0.2.4 04/22/2021 15:47:32
192.0.2.5 04/22/2021 15:46:02
-------------------------------------------------------------------------------
Number of entries: 2
===============================================================================
The operational preference value on NDF PE-4 equals the preference value on DF PE-5, as follows. In this example, EVI 2 is included in the configured EVI range, so the lowest preference wins. To avoid the system reverting to the lower preference of 15000, the operational preference is raised to the value of 20000, which equals the preference of the current DF PE-5.
*A:PE-4# show service system bgp-evpn ethernet-segment name "vESI-45_2"
| match "DF Pref Election" post-lines 6
DF Pref Election Information
-------------------------------------------------------------------------------
Preference Preference Last Admin Change Oper Pref Do No
Mode Value Value Preempt
-------------------------------------------------------------------------------
non-revertive 15000 04/22/2021 15:21:19 20000 Disabled
-------------------------------------------------------------------------------
PE-4 checks its own administrative preference and compares it with the one of the Highest-PE and Lowest-PE that have DP=1 in their ES routes.
The Highest-PE is the PE with higher preference, using the DP bit (with DP=1 being better) and, after that, the lower PE-IP address as tie-breakers.
The Lowest-PE is the PE with lower preference, using the DP bit (with DP=1 being better) and, after that, the lower PE-IP address as tie-breakers.
Depending on this comparison, PE-4 will send the ES route with a preference and DP that may be different from its administrative values.
If PE-4's preference value is higher than the Highest-PE's, PE-4 will send the ES route with an 'in-use' operational preference equal to the Highest-PE's and DP=0.
If PE-4's preference value is lower than the Lowest-PE's, PE-4 will send the ES route with an 'in-use' operational preference equal to the Lowest-PE's and DP=0.
If PE-4's preference value is neither higher nor lower than the Highest-PE's or the Lowest-PE's respectively, PE-4 will send the ES route with its administrative [preference,DP]=[15000,1].
In this example, NDF PE-4 sends operational preference 20000 and DP=0, because its admin preference value was lower than the Lowest-PE's (PE-5), as follows:
# on PE-4:
195 2021/04/22 15:47:32.487 UTC MINOR: DEBUG #2001 Base Peer 1: 192.0.2.2
"Peer 1: 192.0.2.2: UPDATE
Peer 1: 192.0.2.2 - Send BGP UPDATE:
Withdrawn Length = 0
Total Path Attr Length = 71
Flag: 0x90 Type: 14 Len: 34 Multiprotocol Reachable NLRI:
Address Family EVPN
NextHop len 4 NextHop 192.0.2.4
Type: EVPN-ETH-SEG Len: 23 RD: 192.0.2.4:0
ESI: 01:00:00:00:00:45:02:00:00:01, IP-Len: 4 Orig-IP-Addr: 192.0.2.4
Flag: 0x40 Type: 1 Len: 1 Origin: 0
Flag: 0x40 Type: 2 Len: 0 AS Path:
Flag: 0x40 Type: 5 Len: 4 Local Preference: 100
Flag: 0xc0 Type: 16 Len: 16 Extended Community:
df-election::DF-Type:Preference/DP:0/DF-Preference:20000/AC:1
target:00:00:00:00:45:02
"
With equal operational preference, the current DF PE-5 sends DP=1, which is preferred over DP=0. The following output shows the BGP extended community of the ES routes for "vESI-45_2" in the RIB-In (received ES route from PE-5) and RIB-Out (sent ES route) on PE-4:
*A:PE-4# show router bgp routes evpn eth-seg hunt | match "target:00:00:00:00:45:02" pre-lines 2
Community : # in RIB-In
df-election::DF-Type:Preference/DP:1/DF-Preference:20000/AC:1
target:00:00:00:00:45:02
Community : # in RIB-Out
df-election::DF-Type:Preference/DP:0/DF-Preference:20000/AC:1
target:00:00:00:00:45:02
Either of the following events cause PE-4 to re-advertise its admin preference 15000 and DP=1:
DF PE-5 withdraws its ES route.
The admin preference for ES "vESI-45_2" on DF PE-5 is modified by configuration to a value preferred over PE-4's admin preference; in this case, to a value lower than 15000.
The admin preference value can be modified on ES "vESI-45_2" on DF PE-5 on the fly, as follows:
# on PE-5:
configure
service
system
bgp-evpn
ethernet-segment "vESI-45_2" virtual create
service-carving
manual
preference non-revertive create
value 10000
exit
The preference value 10000 is lower than 15000 and, therefore, preferred when the lowest preference wins. PE-5 remains DF, but now there is no need to modify the preference of PE-4, because the system does not need to revert. Therefore, PE-4 can send the admin preference 15000 and configured DP=1, as follows:
# on PE-4:
198 2021/04/22 15:55:30.795 UTC MINOR: DEBUG #2001 Base Peer 1: 192.0.2.2
"Peer 1: 192.0.2.2: UPDATE
Peer 1: 192.0.2.2 - Send BGP UPDATE:
Withdrawn Length = 0
Total Path Attr Length = 71
Flag: 0x90 Type: 14 Len: 34 Multiprotocol Reachable NLRI:
Address Family EVPN
NextHop len 4 NextHop 192.0.2.4
Type: EVPN-ETH-SEG Len: 23 RD: 192.0.2.4:0
ESI: 01:00:00:00:00:45:02:00:00:01, IP-Len: 4 Orig-IP-Addr: 192.0.2.4
Flag: 0x40 Type: 1 Len: 1 Origin: 0
Flag: 0x40 Type: 2 Len: 0 AS Path:
Flag: 0x40 Type: 5 Len: 4 Local Preference: 100
Flag: 0xc0 Type: 16 Len: 16 Extended Community:
df-election::DF-Type:Preference/DP:1/DF-Preference:15000/AC:1
target:00:00:00:00:45:02
"
Conclusion
Preference-based DF election offers more control over the DF Election and applies to regular ESs and vESs, either in single-active or in all-active multi-homing mode, in VPLS, I-VPLS, or Epipe services. The DF election is by default revertive, but when preference mode is chosen, it can be configured as non-revertive to reduce service impact.