Three-byte EVI in EVPN Services
This chapter provides information about the three-byte EVI in EVPN services.
Topics in this chapter include:
Applicability
The information and configuration in this chapter are based on SR OS Release 22.10.R1. The three-byte EVI is supported in EVPN services in SR OS Release 21.10.R1 and later. Three-byte EVI values can be configured in VPLS, R-VPLS, B-VPLS, and Epipe services for MPLS, VXLAN, and SRv6 instances.
Overview
- service route target (RT) auto-derivation – autonomous system number (ASN):EVI; for example, 64496:10
- service route distinguisher (RD) auto-derivation – system IP address:EVI; for example, 192.0.2.1:10
- designated forwarder (DF) election, as described in the Preference-based and Non-revertive EVPN DF Election chapter
However, in large networks, more than 65535 EVI values are required if the EVI is desired to be unique network-wide. The three-byte EVI provides up to 16777215 values and is supported in SR OS Release 21.10.R1 and later.
All DF election procedures support the extended EVI range. The RD auto-derivation is only possible for the two-byte EVI; the RT auto-derivation for the three-byte EVI can be enabled with the evi-three-byte-auto-rd command.
Auto-derived RT
Auto-derived RT in RFC 8365 shows the RT auto-derivation for configured EVI values in the range up to 16777215.
- the global administrator field, which contains (the lower two octets of) the autonomous system number (ASN)
- the single-bit field A, which indicates if the RT is auto-derived: A=0 for auto-derivation
- the three-bit type field, which indicates the space in which the
three-byte service ID is defined:
- 0: VID (802.1Q VLAN ID)
- 1: VXLAN
- 2: NVGRE
- 3: I-SID
- 4: EVI
- 5: dual-VID (QinQ VLAN ID)
- the four-bit D-ID field, which encodes the domain ID. For type 4 (EVI), the D-ID corresponds to the BGP instance ID in the EVPN service.
- the three-octet service ID, which is set to the EVI (for type 4)
- ASN 64496
- EVI 100002 (0x186A2)
- BGP 1 for EVPN-VXLAN; BGP 2 for EVPN-MPLS
- evi-three-byte-auto-rt enabled
- 64496:1090619042 (0x410186A2) for BGP 1
- 64496:1107396258 (0x420186A2) for BGP 2
The RT can also be configured manually, for example, 64496:100002. A manually configured RT has precedence over an auto-derived RT.
Auto-derived RD
Each BGP instance in an EVPN service has an RD. Only for EVI values smaller than or equal to 65535, the RD for BGP instance 1 can be auto-derived out of the system IP address and the EVI, for example, 192.0.2.2:10. EVI values greater than 65535 do not generate RDs automatically.
- manually configured RD or auto-RD take precedence when configured,
- if there is no manual RD or auto-RD configuration, the RD is derived from the bgp-ad>vpls-id,
- if there is no manual RD, auto-RD, or VPLS ID configuration, the RD is derived from the EVI for EVI values up to 65535 and except for bgp-mh which does not support EVI-derived RD,
*A:PE-1>config>service>vpls>bgp-evpn>vxlan$ no shutdown
MINOR: SVCMGR #6554 no route-distinguisher configured - missing route-distinguisher or vpls-id or evi or evi is 3-byte
The RD configuration can be changed dynamically. When the RD changes, the active routes for the service are withdrawn and readvertised with the new RD.
EVI RT set for AD per-ES routes
As described in the EVPN for MPLS Tunnels chapter, Auto-discovery per Ethernet segment (AD per-ES) routes carry the ESI label and the multi-homing mode. When multiple EVIs are defined in an ES, the AD per-ES routes can be aggregated.
EVI RT set for AD per-ES routes with two-byte EVI
- EVIs from 1 to 128 – comm-val = 1
- EVIs from 129 to 256 – comm-val = 2
- ...
- EVIs from 65409 to 65535 – comm-val = 512
EVI RT set for AD per-ES routes with three-byte EVI
- EVIs from 1 to 257 – comm-val = 1
- EVIs from 258 to 514 – comm-val = 2
- ...
- EVIs from 16776961 to 16777215 – comm-val = 65281
Configuration
- cards, MDAs, ports
- router interfaces
- IS-IS level 2 between core PEs PE-2, PE-3, PE-4, PE-5, and RR-7
- IS-IS level 1 between PE-1, PE-2, and PE-3
- IS-IS level 1 between PE-6, PE-4, and PE-5
- SR-ISIS between core PEs PE-2, PE-3, PE-4, and PE-5
The BGP configuration and the used policies for dual-instance VPLSs in ESs are described in the EVPN Interconnect Ethernet Segmentschapter. Policies are required to prevent loops. RR-7 acts as route reflector for the core PEs PE-2, PE-3, PE-4, and PE-5. The policy and BGP configuration on PE-2 is as follows:
# on PE-2:
configure
router Base
policy-options
begin
community "vxlan"
members "bgp-tunnel-encap:VXLAN"
exit
community "SOO-DCGW-23"
members "origin:64500:23"
exit
policy-statement "allow only mpls"
entry 10
from
community "vxlan"
family evpn
exit
action drop
exit
exit
exit
policy-statement "allow only vxlan"
entry 10
from
community "vxlan"
family evpn
exit
action accept
exit
exit
default-action drop
exit
exit
policy-statement "drop SOO-DCGW-23"
entry 10
from
community "SOO-DCGW-23"
family evpn
exit
action drop
exit
exit
exit
policy-statement "add SOO to vxlan routes"
entry 10
from
community "vxlan"
family evpn
exit
action accept
community add "SOO-DCGW-23"
exit
exit
default-action accept
exit
exit
commit
exit
autonomous-system 64496
bgp
vpn-apply-import
vpn-apply-export
enable-peer-tracking
rapid-withdrawal
split-horizon
rapid-update evpn
group "WAN"
family evpn
peer-as 64496
export "allow only mpls"
neighbor 192.0.2.7
exit
exit
group "access1"
family evpn
peer-as 64496
export "allow only vxlan"
neighbor 192.0.2.1
exit
neighbor 192.0.2.3
import "drop SOO-DCGW-23"
export "add SOO to vxlan routes"
exit
exit
exit
The all-active interconnect ES "I-ES23" is configured on PE-2 and PE-3; the single-active interconnect ES "I-ES45" is configured on PE-4 and PE-5. VPLS 1 with EVI 1 (0x1) and VPLS 2 with EVI 100002 (0x186A2) are configured on all PEs. Both VPLSs have BGP 1 for VXLAN and BGP 2 for MPLS (SR-ISIS) in the core. For VPLS 1, no extended EVI range is required. The RD can be auto-derived for BGP instance 1, but not for BGP instance 2. For VPLS 2, the EVI is greater than 65535, so the RD must always be configured (manual configuration or auto-RD). The RT is auto-derived in VPLS 1 and VPLS 2. For VPLS 2, the evi-three-byte-auto-rt command is configured to enable auto-derivation of RTs for EVI values up to 16777215. On all core PEs, evi-rt-set is enabled for the aggregation of AD per-ES routes. The service configuration on PE-2 is as follows:
# on PE-2:
configure
service
system
bgp-auto-rd-range 192.0.2.2 comm-val 2000 to 2999
bgp-evpn
ad-per-es-route-target evi-rt-set route-distinguisher 10.0.2.2 extended-evi-range
ethernet-segment "I-ES23" virtual create
esi 00:00:00:00:00:23:23:00:00:01
service-carving
mode manual
manual
preference non-revertive create
value 150
exit
evi 1 to 200000
exit
exit
multi-homing all-active
network-interconnect-vxlan 1
service-id
service-range 1 to 2
exit
no shutdown
exit
exit
exit
vpls 1 name "VPLS-1" customer 1 create
vxlan instance 1 vni 1 create
exit
bgp
# route-distinguisher 192.0.2.2:1 # will be auto-derived
exit
bgp 2
route-distinguisher auto-rd
exit
bgp-evpn
evi 1
vxlan bgp 1 vxlan-instance 1
no shutdown
exit
mpls bgp 2
ingress-replication-bum-label
ecmp 2
auto-bind-tunnel
resolution-filter
sr-isis
exit
resolution filter
exit
no shutdown
exit
exit
stp
shutdown
exit
no shutdown
exit
vpls 2 name "VPLS-2" customer 1 create
vxlan instance 1 vni 2 create
exit
bgp
route-distinguisher auto-rd # RD cannot be auto-derived from EVI
exit
bgp 2
route-distinguisher auto-rd
exit
bgp-evpn
evi 100002
vxlan bgp 1 vxlan-instance 1
evi-three-byte-auto-rt
no shutdown
exit
mpls bgp 2
ingress-replication-bum-label
ecmp 2
auto-bind-tunnel
resolution any
exit
evi-three-byte-auto-rt
no shutdown
exit
exit
stp
shutdown
exit
no shutdown
exit
When configuring the evi-rt-set command, the RD must be different from the RD in the auto-rd range. If not, the following error message is raised:
*A:PE-2>config>service>system>bgp-evpn# ad-per-es-route-target evi-rt-set route-distinguisher 192.0.2.2 extended-evi-range
MINOR: SVCMGR #7905 Range is in use - auto-rd range exists with same ip-address
The following command shows the RD and RT values for both BGP instances in VPLS 1 on PE-2:
*A:PE-2# show service id 1 bgp
===============================================================================
BGP Information
===============================================================================
Bgp Instance : 1
Vsi-Import : None
Vsi-Export : None
Route Dist : None
Oper Route Dist : 192.0.2.2:1
Oper RD Type : derivedEvi
Rte-Target Import : None Rte-Target Export: None
Oper RT Imp Origin : derivedEvi Oper RT Import : 64496:1
Oper RT Exp Origin : derivedEvi Oper RT Export : 64496:1
ADV Service MTU : -1
Bgp Instance : 2
Vsi-Import : None
Vsi-Export : None
Route Dist : auto-rd
Oper Route Dist : 192.0.2.2:2000
Oper RD Type : auto
Rte-Target Import : None Rte-Target Export: None
Oper RT Imp Origin : derivedEvi Oper RT Import : 64496:1
Oper RT Exp Origin : derivedEvi Oper RT Export : 64496:1
ADV Service MTU : -1
PW-Template Id : None
-------------------------------------------------------------------------------
===============================================================================
RD 192.0.2.2:1 for BGP instance 1 is auto-derived whereas RD 192.0.2.2:2000 for BGP instance 2 is the result of auto-RD. RT 64496:1 is auto-derived based on the system IP address and the EVI. It is possible to configure evi-three-byte-auto-rt in VPLS 1, even though the EVI value is smaller than 65535. To reconfigure VPLS 1 with evi-three-byte-auto-rd in both BGP instances, EVPN-VXLAN and EVPN-MPLS must be disabled, as follows:
# on PE-2:
configure
service
vpls "VPLS-1"
bgp-evpn
vxlan bgp 1
shutdown
evi-three-byte-auto-rt
no shutdown
exit
mpls bgp 2
shutdown
evi-three-byte-auto-rt
no shutdown
exit
exit
In this case, the auto-derivation is based on RFC 8365 and the value is 64496:1090519041 (0x41000001) for BGP 1 and 64496:1107296257 (0x42000001) for BGP 2.
*A:PE-2# show service id 1 bgp
===============================================================================
BGP Information
===============================================================================
Bgp Instance : 1
Vsi-Import : None
Vsi-Export : None
Route Dist : None
Oper Route Dist : 192.0.2.2:1
Oper RD Type : derivedEvi
Rte-Target Import : None Rte-Target Export: None
Oper RT Imp Origin : derivedEvi Oper RT Import : 64496:1090519041
Oper RT Exp Origin : derivedEvi Oper RT Export : 64496:1090519041
ADV Service MTU : -1
Bgp Instance : 2
Vsi-Import : None
Vsi-Export : None
Route Dist : auto-rd
Oper Route Dist : 192.0.2.2:2000
Oper RD Type : auto
Rte-Target Import : None Rte-Target Export: None
Oper RT Imp Origin : derivedEvi Oper RT Import : 64496:1107296257
Oper RT Exp Origin : derivedEvi Oper RT Export : 64496:1107296257
ADV Service MTU : -1
PW-Template Id : None
-------------------------------------------------------------------------------
===============================================================================
The auto-derived RTs on the other nodes are the same as on PE-2 when the BGP instance is the same. On PE-2, PE-3, PE-4, and PE-5, BGP 1 is for VXLAN and BGP 2 is for MPLS in the core. That way, EVPN messages can be exchanged in BGP instance 2 between the core PEs.
AD per-ES aggregation is enabled on the core nodes. The following command on PE-2 shows one AD per-ES with RD 10.0.2.4:390 (10.0.2.4 is the RD configured for evi-rt-set and 390 is the comm-val value for the EVI range from 99974 to 100230) and one AD per-EVI with RD 192.0.2.4:2002 (auto-RD).
*A:PE-2# show router bgp routes evpn auto-disc detail
===============================================================================
BGP Router ID:192.0.2.2 AS:64496 Local AS:64496
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN Auto-Disc Routes
===============================================================================
---snip---
## AD per-ES
Network : n/a
Nexthop : 192.0.2.4
Path Id : None
From : 192.0.2.7
Res. Nexthop : 192.168.24.2
Local Pref. : 100 Interface Name : int-PE-2-PE-4
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : None
AIGP Metric : None IGP Cost : 10
Connector : None
Community : target:64496:1107396258 # auto-derived RT
esi-label:524271/Single-Active
Cluster : 192.0.2.7
Originator Id : 192.0.2.4 Peer Router Id : 192.0.2.7
Flags : Used Valid Best IGP
Route Source : Internal
AS-Path : No As-Path
EVPN type : AUTO-DISC
ESI : 00:00:00:00:00:45:45:00:00:01
Tag : MAX-ET # AD per-ES has MAX-ET
Route Dist. : 10.0.2.4:390 # RD for evi-rt-set
MPLS Label : LABEL 0
Route Tag : 0
Neighbor-AS : n/a
Orig Validation: N/A
Source Class : 0 Dest Class : 0
Add Paths Send : Default
Last Modified : 00h02m48s
---snip---
## AD per-EVI
Network : n/a
Nexthop : 192.0.2.4
Path Id : None
From : 192.0.2.7
Res. Nexthop : 192.168.24.2
Local Pref. : 100 Interface Name : int-PE-2-PE-4
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : None
AIGP Metric : None IGP Cost : 10
Connector : None
Community : target:64496:1107396258 bgp-tunnel-encap:MPLS # auto-RT
Cluster : 192.0.2.7
Originator Id : 192.0.2.4 Peer Router Id : 192.0.2.7
Flags : Used Valid Best IGP
Route Source : Internal
AS-Path : No As-Path
EVPN type : AUTO-DISC
ESI : 00:00:00:00:00:45:45:00:00:01
Tag : 0 # AD per-EVI has Ethernet tag 0
Route Dist. : 192.0.2.4:2002 # RD for BGP 2 in VPLS 2
MPLS Label : LABEL 524268
Route Tag : 0
Neighbor-AS : n/a
Orig Validation: N/A
Source Class : 0 Dest Class : 0
Add Paths Send : Default
Last Modified : 00h06m56s
Example topology with VPLS 4 and Epipe 5 shows an example topology with EVPN-MPLS in the core, all-active ES "vESI-23" on PE-2 and PE-3, and single-active ES "vESI-45" on PE-4 and PE-5. VPLS 4 with EVI 100004 is configured on all PEs with manually configured RD and RT.
The configuration on PE-2 is as follows:
# on PE-2:
configure
service
system
bgp-evpn
ethernet-segment "vESI-23" virtual create
esi 01:00:00:00:00:23:03:04:00:01
es-activation-timer 3
service-carving
mode auto
exit
multi-homing all-active
lag 1
dot1q
q-tag-range 3 to 10
exit
no shutdown
exit
exit
exit
vpls 4 name "VPLS-4" customer 1 create
bgp
route-distinguisher 192.0.2.2:4
route-target export target:64496:100004 import target:64496:100004
exit
bgp-evpn
evi 100004
mpls bgp 1
ingress-replication-bum-label
ecmp 2
auto-bind-tunnel
resolution any
exit
# evi-three-byte-auto-rt # not required - manual RT
no shutdown
exit
exit
stp
shutdown
exit
sap lag-1:4 create
no shutdown
exit
no shutdown
exit
With the configured RD 192.0.2.2:4 and RT 64496:100004, the following BGP information is retrieved on PE-2 for VPLS 4:
*A:PE-2# show service id 4 bgp
===============================================================================
BGP Information
===============================================================================
Bgp Instance : 1
Vsi-Import : None
Vsi-Export : None
Route Dist : 192.0.2.2:4
Oper Route Dist : 192.0.2.2:4
Oper RD Type : configured
Rte-Target Import : 64496:100004 Rte-Target Export: 64496:100004
Oper RT Imp Origin : configured Oper RT Import : 64496:100004
Oper RT Exp Origin : configured Oper RT Export : 64496:100004
ADV Service MTU : -1
PW-Template Id : None
-------------------------------------------------------------------------------
===============================================================================
Epipe 5 is configured on all PEs with EVI 100005 (0x186A5) and evi-three-byte-auto-rt enabled. The configuration on PE-2 is as follows:
# on PE-2:
configure
service
epipe 5 name "Epipe-5" customer 1 create
bgp
route-distinguisher auto-rd
exit
bgp-evpn
local-attachment-circuit AC-ESI-23-PE-1 create
eth-tag 231
exit
remote-attachment-circuit AC-ESI-45-PE-6 create
eth-tag 456
exit
evi 100005
mpls bgp 1
ecmp 2
auto-bind-tunnel
resolution any
exit
evi-three-byte-auto-rt
no shutdown
exit
exit
sap lag-1:5 create
no shutdown
exit
no shutdown
The auto-derived RT is 64496:1090619045 (0x410186A5):
*A:PE-2# show service id 5 bgp
===============================================================================
BGP Information
===============================================================================
Vsi-Import : None
Vsi-Export : None
Route Dist : auto-rd
Oper Route Dist : 192.0.2.2:2003
Oper RD Type : auto
Rte-Target Import : None Rte-Target Export: None
Oper RT Imp Origin : derivedEvi Oper RT Import : 64496:1090619045
Oper RT Exp Origin : derivedEvi Oper RT Export : 64496:1090619045
ADV Service MTU : -1
PW-Template Id : None
-------------------------------------------------------------------------------
===============================================================================
Instead of VXLAN or MPLS, SRv6 can be used too. As an example,VPLS 6 with EVI 100006 (0x186A6) is configured on PE-1, PE-2, PE-4, and PE-6. SRv6 is configured between PE-4 and PE-6, as described in the Segment Routing over IPv6 chapter in the 7750 SR and 7950 XRS Segment Routing and PCE Advanced Configuration Guide for Classic CLI. The configuration on PE-2 is as follows:
# on PE-2
configure
service
vpls 6 name "VPLS-6" customer 1 create
vxlan instance 1 vni 6 create
exit
segment-routing-v6 1 create
locator "PE-2_loc"
function
end-dt2u
end-dt2m
exit
exit
exit
bgp
route-distinguisher auto-rd
exit
bgp 2
route-distinguisher auto-rd
exit
bgp-evpn
evi 100006
vxlan bgp 1 vxlan-instance 1
evi-three-byte-auto-rt
no shutdown
exit
segment-routing-v6 bgp 2 srv6-instance 1 default-locator "PE-2_loc" create
ecmp 2
evi-three-byte-auto-rt
no shutdown
exit
exit
stp
shutdown
exit
no shutdown
exit
On PE-2, RT 64496:1090619046 (0x410186A6) is auto-derived for BGP 1 and RT 64496:1107396262 (0x420186A6) for BGP 2:
*A:PE-2# show service id 6 bgp
===============================================================================
BGP Information
===============================================================================
Bgp Instance : 1
Vsi-Import : None
Vsi-Export : None
Route Dist : auto-rd
Oper Route Dist : 192.0.2.2:2004
Oper RD Type : auto
Rte-Target Import : None Rte-Target Export: None
Oper RT Imp Origin : derivedEvi Oper RT Import : 64496:1090619046
Oper RT Exp Origin : derivedEvi Oper RT Export : 64496:1090619046
ADV Service MTU : -1
Bgp Instance : 2
Vsi-Import : None
Vsi-Export : None
Route Dist : auto-rd
Oper Route Dist : 192.0.2.2:2005
Oper RD Type : auto
Rte-Target Import : None Rte-Target Export: None
Oper RT Imp Origin : derivedEvi Oper RT Import : 64496:1107396262
Oper RT Exp Origin : derivedEvi Oper RT Export : 64496:1107396262
ADV Service MTU : -1
PW-Template Id : None
-------------------------------------------------------------------------------
===============================================================================
Conclusion
In large networks, a three-byte EVI can be required as a unique identifier for services. RTs can be auto-derived based on a three-byte EVI, but RDs cannot be auto-derived that way.