EVPN IP Aliasing for IP Prefix Routes
This chapter provides information about EVPN IP aliasing for IP prefix routes.
Topics in this chapter include:
Applicability
The information and the configuration in this chapter are based on SR OS Release 24.3.R3. IP aliasing for EVPN IP prefix routes in the interface-less (EVPN IFL) or interface-ful (EVPN IFF) models are supported in SR OS Release 22.10.R2, and later. IP aliasing for IP prefix routes in the EVPN IFL model over MPLS was already supported in SR OS Release 22.10.R1.
Overview
Draft-ietf-evpn-ip-aliasing describes IP aliasing for EVPN IP prefix routes, which allows nodes to load-balance flows to multiple nodes attached to the same prefix, even to IP addresses that are not advertised as next-hop in the EVPN IP prefix routes.
EVPN IP aliasing in an EVPN IFL model shows an example with a multi-rack Virtual Network Function (VNF) connected to four Top-Of-Rack (TOR) PEs, but only two EBGP sessions are established: one between 10.10.0.1—a loopback address in the VNF—and TOR-1 and one between 10.10.0.1 and TOR-4. A VPRN is configured on all nodes. On all four TOR nodes, a Layer 3 Ethernet segment (L3 ES) is configured, which is a virtual Ethernet Segment (vES) configured with VPRN next-hop 10.10.0.1 and the EVI value of the VPRN on the border leaf and TOR nodes. Both single-active and all-active vESs are supported, but in this chapter, only all-active vESs are used.
The configuration of the all-active vES contains EVI 10 for VPRN-10 and a VPRN next-hop equal to the EVPN IP alias 10.10.0.1, which is a loopback address in the VNF, as follows;
# on TOR-1, TOR-2, TOR-3, TOR-4:
configure {
service {
system {
bgp {
evpn {
ethernet-segment "AA-ES-23-10" {
admin-state enable
type virtual
esi 0x00000023100000000000
multi-homing-mode all-active
association {
vprn-next-hop 10.10.0.1 { # for EVPN IP aliasing
virtual-ranges {
evi 10 { } # = EVI in EVPN IFL VPRN-10
}
}
}
In this example, all TOR nodes can reach the VPRN next-hop 10.10.0.1 via a non-EVPN route, for example, via a static route. Only TOR-1 and TOR-4 in the L3 ES have an EBGP session with loopback address 10.10.0.1 in the VNF, but the load-balancing in the ECMP set is done over all four TOR nodes. All TOR nodes with reachability to the VPRN next-hop, via a non-EVPN route, advertise their attachment to the L3 ES using the EVPN auto-discovery (AD) per ES and AD per EVI routes in the VPRN service context. If a TOR (attached to the L3 ES) no longer has reachability to the VPRN next-hop via non-EVPN route, then the TOR withdraws its AD per ES and per EVI routes for the L3 ES.
TOR-1 and TOR-4 receive BGP PE-CE routes for prefix 172.16.10.11/32 with next-hop 10.10.0.1 from the VNF. This next-hop matches the configured VPRN next-hop in the L3 ES, which triggers TOR-1 and TOR-4 to encode the ESI of the L3 ES in the EVPN IP prefix routes for prefix 172.16.10.11/32. The border leaf node and all TOR nodes receive this EVPN IP prefix route and install the prefix 172.16.10.11/32 in the route table using the next-hops of the AD per EVI routes for the L3 ES.
When the border leaf node receives multiple flows toward a subscriber prefix 172.16.10.11, the traffic is sprayed over the ECMP links to the TOR nodes. TOR-2 and TOR-3 have installed the IP prefix routes for prefix 172.16.10.11 with a next-hop that they can reach via a non-EVPN route. Instead of routing the traffic toward 172.16.10.11 to either TOR-1 and TOR-4 that have advertised EVPN IP prefix routes for prefix 172.16.10.11, TOR-2 and TOR-3 route the traffic directly to a next-hop on an infrastructure processing unit (IPU) in the VNF.
Classic VPN routing—using BGP VPN routes rather than EVPN IP prefix routes—results in tromboning the traffic to TOR-1 or TOR-4. Traffic to 172.16.10.11 arriving at TOR-2 is routed to TOR-1 even if TOR-2 is directly connected to the VNF.
IP aliasing in EVPN IP prefix routes allows to use the connections between all TORs and the VNF efficiently. The border leaf node sprays the traffic to 172.16.10.11 over the ECMP set of four TOR nodes. Traffic to 172.16.10.11 arriving at TOR-2 is directly forwarded to the VNF without tromboning to TOR-1.
It is possible to configure weighted ECMP, but that is not documented in this chapter.
Configuration
Nodes in AS 64500 with IBGP sessions shows the example topology with border leaf node PE-1 and two TOR PEs (PE-2 and PE-3) in AS 64500. IBGP sessions are established between the three nodes for the EVPN address family. Later, EBGP will be configured between a VPRN on TOR node PE-2 and a VPRN on PE-4 and PE-5 in the VNF (not shown in the figure).
- cards, MDAs, ports
- router interfaces between PE-1, PE-2, and PE-3
- IS-IS as IGP between PE-1, PE-2, and PE-3
- SR-ISIS for MPLS between PE-1, PE-2, and PE-3
- SRv6 between PE-1, PE-2, and PE-3
BGP is configured for the EVPN address family; on PE-1 as follows:
# on PE-1:
configure {
router "Base" {
autonomous-system 64500
bgp {
vpn-apply-export true
vpn-apply-import true
rapid-withdrawal true
peer-ip-tracking true
split-horizon true
rapid-update {
evpn true
}
group "TOR" {
type internal
peer-as 64500
family {
evpn true
}
}
neighbor "192.0.2.2" {
group "TOR"
}
neighbor "192.0.2.3" {
group "TOR"
}
The BGP configuration on PE-2 and PE-3 is similar:
# on PE-2:
configure {
router "Base" {
autonomous-system 64500
bgp {
vpn-apply-export true
vpn-apply-import true
rapid-withdrawal true
peer-ip-tracking true
split-horizon true
rapid-update {
evpn true
}
group "BL" {
type internal
peer-as 64500
family {
evpn true
}
}
group "TOR" {
type internal
peer-as 64500
family {
evpn true
}
}
neighbor "192.0.2.1" {
group "BL"
}
neighbor "192.0.2.3" {
group "TOR"
}
}
EVPN IP aliasing for EVPN IFL over MPLS
EVPN IP alias for EVPN IFL VPRN-10 over MPLS shows an example with EVPN IP alias 10.10.0.1 used in VPRN-10.
Both TOR nodes PE-2 and PE-3 have direct connections to PE-4 and PE-5 in the VNF, but only TOR PE-2 has an EBGP session to the loopback 10.10.0.1 in the VNF. Both PE-2 and PE-3 can reach the loopback 10.10.0.1 via a non-EVPN route; in this case, via a static route configured in VPRN-10.
Only two nodes are used to simplify the example, but in real deployments, multiple nodes will be used. Typically, there will be N nodes with M BGP sessions from the VNF to the TORs, with N > M > 1. If there is only one single BGP session from the VNF and it goes down, the RT5 will be withdrawn.
Service configuration
The L3 ES must be a virtual ES. An attempt to configure a VPRN next-hop on a regular ES results in the following error message:
*[ex:/configure service system bgp evpn ethernet-segment "AA-ES-23-0" association]
A:admin@PE-2# vprn-next-hop 10.0.0.1
MINOR: MGMT_CORE #2203: configure service system bgp evpn ethernet-segment "AA-ES-23-0" association vprn-next-hop 10.0.0.1 - Invalid element - vprn-next-hop allowed only on virtual ethernet-segments
On PE-2 and PE-3, L3 ES "AA-ES-23-10" with ESI 00:00:00:23:10:00:00:00:00:00, VPRN next-hop 10.10.0.1, and EVI 10 is configured, as follows:
# on PE-2, PE-3:
configure {
service {
system {
bgp {
evpn {
ethernet-segment "AA-ES-23-10" {
admin-state enable
type virtual
esi 0x00000023100000000000
multi-homing-mode all-active
association {
vprn-next-hop 10.10.0.1 { # subject of EVPN IP aliasing
virtual-ranges {
evi 10 { } # EVI VPRN-10 on PE-1,PE-2, PE-3
}
}
}
The following command shows the details of the L3 ES "AA-ES-23-10":
[/]
A:admin@PE-3# show service system bgp-evpn ethernet-segment name "AA-ES-23-10"
===============================================================================
Service Ethernet Segment
===============================================================================
Name : AA-ES-23-10
Eth Seg Type : Virtual
Admin State : Enabled Oper State : Up
ESI : 00:00:00:23:10:00:00:00:00:00
Oper ESI : 00:00:00:23:10:00:00:00:00:00
Auto-ESI Type : None
AC DF Capability : Include
Multi-homing : allActive Oper Multi-homing : allActive
ES Split Horizon Label : None
ES Split Horizon Arg : None
Source BMAC LSB : None
Vprn NextHop : 10.10.0.1
ES Activation Timer : 3 secs (default)
Oper Group : (Not Specified)
Svc Carving : auto Oper Svc Carving : auto
Cfg Range Type : primary
-------------------------------------------------------------------------------
Vprn NextHop Evi Ranges
-------------------------------------------------------------------------------
From To Last Update
-------------------------------------------------------------------------------
10 10 07/11/2024 07:24:21
-------------------------------------------------------------------------------
===============================================================================
VPRN-10 is configured on all nodes; on border leaf PE-1 with ECMP 2, as follows:
# on PE-1:
configure {
service {
vprn "VPRN-10" {
admin-state enable
description "EVPN-IFL-MPLS"
service-id 10
customer "1"
ecmp 2
bgp-evpn {
mpls 1 {
admin-state enable
route-distinguisher "192.0.2.1:10"
evi 10
vrf-target {
community "target:64500:10"
}
auto-bind-tunnel {
resolution any
}
}
}
The EVI value 10 corresponds to the EVI value in the L3 ES and must also be configured in VPRN-10 on PE-2 and PE-3. The VPRN configuration on PE-2 and PE-3 includes a static route toward the loopback 10.10.0.1 in the VNF. The interface toward the VNF uses broadcast domain 11 (R-VPLS "BD-11"). BFD can be used for fast failure detection on the static route toward 10.10.0.1/32. On PE-2, loopback address 10.10.0.2 is configured in VPRN-10 and used as router ID in the BGP configuration. The configuration of BD-11 and VPRN-10 on PE-2 is as follows:
# on PE-2:
configure {
service {
vpls "BD-11" {
admin-state enable
description "broadcast domain 11 connected to VPRN-10"
service-id 11
customer "1"
routed-vpls {
}
sap 1/1/c3/1:10 {
}
sap 1/1/c4/1:10 {
}
}
vprn "VPRN-10" {
admin-state enable
description "EVPN-MPLS IFL VPRN-10 with static route to IP alias"
service-id 10
customer "1"
autonomous-system 64500
bgp-evpn {
mpls 1 {
admin-state enable
route-distinguisher "192.0.2.2:10"
evi 10
vrf-target {
community "target:64500:10"
}
auto-bind-tunnel {
resolution any
}
}
}
bgp {
router-id 10.10.0.2
rapid-withdrawal true
next-hop-resolution {
use-bgp-routes true
}
group "PE-CE" {
multihop 10
family {
ipv4 true
ipv6 true
}
}
neighbor "10.10.0.1" {
group "PE-CE"
type external
ebgp-default-reject-policy {
import false
export false
}
peer-as 64496
}
}
interface "int-BD-11-to-VNF" {
ipv4 {
bfd {
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.10.2.254
prefix-length 24
}
vrrp 1 {
backup [10.10.2.254]
owner true
passive true
}
}
vpls "BD-11" {
evpn {
arp {
learn-dynamic false
advertise dynamic {
}
}
}
}
}
interface "lo1" {
description "loopback used in EBGP session toward VNF"
loopback true
ipv4 {
bfd {
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.10.0.2
prefix-length 32
}
}
}
static-routes {
route 10.10.0.1/32 route-type unicast {
next-hop "10.10.2.4" {
admin-state enable
bfd-liveness true
}
next-hop "10.10.2.5" {
admin-state enable
bfd-liveness true
}
}
}
}
On PE-3, VPRN-10 does not include BGP and therefore, no local loopback interface needs to be configured. The configuration of BD-11 and VPRN-10 on PE-3 is as follows:
# on PE-3:
configure {
service {
vpls "BD-11" {
admin-state enable
description "broadcast domain 11 connected to VPRN-10"
service-id 11
customer "1"
routed-vpls {
}
sap 1/1/c3/1:10 {
}
sap 1/1/c4/1:10 {
}
info
}
vprn "VPRN-10" {
admin-state enable
description "EVPN-MPLS IFL VPRN-10 with static route to IP alias"
service-id 10
customer "1"
bgp-evpn {
mpls 1 {
admin-state enable
route-distinguisher "192.0.2.3:10"
evi 10
vrf-target {
community "target:64500:10"
}
auto-bind-tunnel {
resolution any
}
}
}
interface "int-BD-11-to-VNF" {
ipv4 {
primary {
address 10.10.3.254
prefix-length 24
}
vrrp 1 {
backup [10.10.3.254]
owner true
passive true
}
}
vpls "BD-11" {
evpn {
arp {
learn-dynamic false
advertise dynamic {
}
}
}
}
}
static-routes {
route 10.10.0.1/32 route-type unicast {
next-hop "10.10.3.4" {
admin-state enable
}
next-hop "10.10.3.5" {
admin-state enable
}
}
}
The nodes in the VNF, PE-4 and PE-5, have a similar configuration. In this example, the subscriber IP prefixes to be exported are configured on loopback addresses on PE-4 and PE-5. The configuration on PE-4 is as follows.
# on PE-4 (VNF):
configure {
policy-options {
prefix-list "subs-pfx-10" {
prefix 172.16.10.11/32 type exact {
}
prefix 172.16.10.12/32 type exact {
}
}
policy-statement "export-subs-pfx-10" {
entry 10 {
from {
prefix-list ["subs-pfx-10"]
protocol {
name [direct]
}
}
action {
action-type accept
}
}
}
}
service {
vprn "VPRN-10" {
admin-state enable
description "IP-alias-IFL-MPLS"
service-id 10
customer "1"
autonomous-system 64496
bgp {
rapid-withdrawal true
group "PE-CE" {
}
neighbor "10.10.0.2" {
group "PE-CE"
type external
peer-as 64500
ebgp-default-reject-policy {
import false
}
local-as {
as-number 64496
}
export {
policy ["export-subs-pfx-10"]
}
}
}
interface "int-subs-11" {
description "subscriber prefix to be exported"
loopback true
ipv4 {
primary {
address 172.16.10.11
prefix-length 32
}
}
}
interface "int-subs-12" {
description "subscriber prefix to be exported"
loopback true
ipv4 {
primary {
address 172.16.10.12
prefix-length 32
}
}
}
interface "int-to-PE-2" {
ipv4 {
bfd {
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.10.2.4 # on PE-5: 10.10.2.5
prefix-length 24
}
}
sap 1/1/c2/1:10 {
}
}
interface "int-to-PE-3" {
ipv4 {
primary {
address 10.10.3.4 # on PE-5: 10.10.3.5
prefix-length 24
}
}
sap 1/1/c1/1:10 {
}
}
interface "lo1" {
description "IP alias to be exported"
loopback true
ipv4 {
bfd {
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.10.0.1
prefix-length 32
}
}
}
static-routes {
route 10.10.0.2/32 route-type unicast {
next-hop "10.10.2.254" {
admin-state enable
bfd-liveness true
}
}
}
The BGP session in VPRN-10 on PE-5 remains down when the BGP session in VPRN-10 on PE-4 is established.
Verification
The VNF exports the subscriber prefixes 172.16.10.11/32 and 172.16.10.12/32 in EBGP toward PE-2. VPRN-10 on PE-2 receives the following BGP routes with next-hop 10.10.0.1 from its EBGP neighbor 10.10.0.1:
[/]
A:admin@PE-2# show router 10 bgp neighbor 10.10.0.1 received-routes
===============================================================================
BGP Router ID:10.10.0.2 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop (Router) Path-Id IGP Cost
As-Path Label
-------------------------------------------------------------------------------
u*>i 172.16.10.11/32 n/a None
10.10.0.1 None 1
64496 -
u*>i 172.16.10.12/32 n/a None
10.10.0.1 None 1
64496 -
-------------------------------------------------------------------------------
Routes : 2
===============================================================================
The VPRN route table on PE-2 shows a static route toward 10.10.0.1/32 with next-hop 10.10.2.4 and two BGP routes for the subscriber prefixes 172.16.10.11/32 and 172.16.10.12/32. These subscriber prefixes were advertised with next-hop 10.10.0.1 and this indirect next-hop is resolved to next-hop 10.10.2.4, therefore the subscriber prefix routes also have next-hop 10.10.2.4, as follows:
[/]
A:admin@PE-2# show router 10 route-table
===============================================================================
Route Table (Service: 10)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.10.0.1/32 Remote Static 00h02m54s 5
10.10.2.4 1
10.10.0.2/32 Local Local 00h03m09s 0
lo1 0
10.10.2.0/24 Local Local 00h03m09s 0
int-BD-11-to-VNF 0
10.10.3.0/24 Remote EVPN-IFL 00h03m02s 170
192.0.2.3 (tunneled:SR-ISIS:524295) 10
172.16.10.11/32 Remote BGP 00h02m06s 170
10.10.2.4 1
172.16.10.12/32 Remote BGP 00h02m06s 170
10.10.2.4 1
-------------------------------------------------------------------------------
No. of Routes: 6
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
===============================================================================
The next-hop 10.10.0.1 matches the VPRN next-hop configured in the L3 ES on PE-2. When the L3 ES is operationally up, PE-2 advertises EVPN IP prefix routes for the IP prefixes 172.16.10.11/32 and 172.16.10.12/32 with non-zero ESI and PE-1 receives the following IP prefix route for prefix 172.16.10.11/32 with ESI 00:00:00:23:10:00:00:00:00:00:
[/]
A:admin@PE-1# show router bgp routes evpn ip-prefix prefix 172.16.10.11/32
===============================================================================
BGP Router ID:192.0.2.1 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN IP-Prefix Routes
===============================================================================
Flag Route Dist. Prefix
Tag Gw Address
NextHop
Label
ESI
-------------------------------------------------------------------------------
u*>i 192.0.2.2:10 172.16.10.11/32
0 00:00:00:00:00:00
192.0.2.2
LABEL 524283
00:00:00:23:10:00:00:00:00:00
-------------------------------------------------------------------------------
Routes : 1
===============================================================================
When the L3 ES is down on PE-2, PE-1 receives this IP prefix route with ESI-0 instead, which implies that IP aliasing cannot be used and tromboning between the TOR nodes cannot be avoided.
When the L3 ES is up on PE-2 and PE-3, AD per EVI and AD per ES routes are advertised with ESI 00:00:00:23:10:00:00:00:00:00. PE-1 receives the following two EVPN AD routes from PE-2:
[/]
A:admin@PE-1# show router bgp routes evpn auto-disc rd 192.0.2.2:10
===============================================================================
BGP Router ID:192.0.2.1 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN Auto-Disc Routes
===============================================================================
Flag Route Dist. ESI NextHop
Tag Label
-------------------------------------------------------------------------------
u*>i 192.0.2.2:10 00:00:00:23:10:00:00:00:00:00 192.0.2.2
0 LABEL 524283
u*>i 192.0.2.2:10 00:00:00:23:10:00:00:00:00:00 192.0.2.2
MAX-ET LABEL 0
-------------------------------------------------------------------------------
Routes : 2
===============================================================================
When all-active mode is configured in the L3 ES, all peers that are part of the ES signal P=1 B=0 (primary, no backup) in the AD per EVI route. PE-1 receives the following AD per EVI route from PE-2:
[/]
A:admin@PE-1# show router bgp routes evpn auto-disc rd 192.0.2.2:10 hunt
===============================================================================
BGP Router ID:192.0.2.1 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN Auto-Disc Routes
===============================================================================
-------------------------------------------------------------------------------
RIB In Entries
-------------------------------------------------------------------------------
Network : n/a
Nexthop : 192.0.2.2
Path Id : None
From : 192.0.2.2
Res. Nexthop : 192.168.12.2
Local Pref. : 100 Interface Name : int-PE-1-PE-2
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : None
AIGP Metric : None IGP Cost : 10
Connector : None
Community : target:64500:10
l2-attribute:MTU: 0 F: 0 C: 0 P: 1 B: 0
bgp-tunnel-encap:MPLS
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 192.0.2.2
Origin : IGP
Flags : Used Valid Best
Route Source : Internal
AS-Path : No As-Path
EVPN type : AUTO-DISC
ESI : 00:00:00:23:10:00:00:00:00:00
Tag : 0
Route Dist. : 192.0.2.2:10
MPLS Label : LABEL 524283
Route Tag : 0
Neighbor-AS : n/a
DB Orig Val : N/A Final Orig Val : N/A
Source Class : 0 Dest Class : 0
Add Paths Send : Default
Last Modified : 00h03m10s
-------------------------------------------------------------------------------
---snip---
PE-1 also receives an AD per EVI route with ESI 00:00:00:23:10:00:00:00:00:00 and P:1 B:0 from PE-3:
[/]
A:admin@PE-1# show router bgp routes evpn auto-disc rd 192.0.2.3:10 hunt
===============================================================================
BGP Router ID:192.0.2.1 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN Auto-Disc Routes
===============================================================================
-------------------------------------------------------------------------------
RIB In Entries
-------------------------------------------------------------------------------
Network : n/a
Nexthop : 192.0.2.3
Path Id : None
From : 192.0.2.3
Res. Nexthop : 192.168.13.2
Local Pref. : 100 Interface Name : int-PE-1-PE-3
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : None
AIGP Metric : None IGP Cost : 10
Connector : None
Community : target:64500:10
l2-attribute:MTU: 0 F: 0 C: 0 P: 1 B: 0
bgp-tunnel-encap:MPLS
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 192.0.2.3
Origin : IGP
Flags : Used Valid Best
Route Source : Internal
AS-Path : No As-Path
EVPN type : AUTO-DISC
ESI : 00:00:00:23:10:00:00:00:00:00
Tag : 0
Route Dist. : 192.0.2.3:10
MPLS Label : LABEL 524283
Route Tag : 0
Neighbor-AS : n/a
DB Orig Val : N/A Final Orig Val : N/A
Source Class : 0 Dest Class : 0
Add Paths Send : Default
Last Modified : 00h08m33s
-------------------------------------------------------------------------------
---snip---
When PE-1 receives EVPN IP prefix routes with non-zero ESI, it installs the prefix in an ECMP set with next-hops provided by the received AD per EVI routes with P=1. The route table for VPRN-10 on PE-1 is as follows:
[/]
A:admin@PE-1# show router 10 route-table
===============================================================================
Route Table (Service: 10)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.10.0.1/32 Remote EVPN-IFL 00h09m14s 170
192.0.2.2 (tunneled:SR-ISIS:524291) 10
10.10.0.1/32 Remote EVPN-IFL 00h09m14s 170
192.0.2.3 (tunneled:SR-ISIS:524295) 10
10.10.0.2/32 Remote EVPN-IFL 00h09m29s 170
192.0.2.2 (tunneled:SR-ISIS:524291) 10
10.10.2.0/24 Remote EVPN-IFL 00h09m29s 170
192.0.2.2 (tunneled:SR-ISIS:524291) 10
10.10.3.0/24 Remote EVPN-IFL 00h09m22s 170
192.0.2.3 (tunneled:SR-ISIS:524295) 10
172.16.10.11/32 Remote EVPN-IFL 00h03m59s 170
192.0.2.2 (tunneled:SR-ISIS:524291) 10
172.16.10.11/32 Remote EVPN-IFL 00h03m59s 170
192.0.2.3 (tunneled:SR-ISIS:524295) 10
172.16.10.12/32 Remote EVPN-IFL 00h03m59s 170
192.0.2.2 (tunneled:SR-ISIS:524291) 10
172.16.10.12/32 Remote EVPN-IFL 00h03m59s 170
192.0.2.3 (tunneled:SR-ISIS:524295) 10
-------------------------------------------------------------------------------
No. of Routes: 9
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
===============================================================================
PE-3 receives two routes from PE-2 with ESI equal to the local ESI 00:00:00:23:10:00:00:00:00:00, as follows:
[/]
A:admin@PE-3# show router bgp routes evpn ip-prefix
===============================================================================
BGP Router ID:192.0.2.3 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN IP-Prefix Routes
===============================================================================
Flag Route Dist. Prefix
Tag Gw Address
NextHop
Label
ESI
-------------------------------------------------------------------------------
u*>i 192.0.2.2:10 10.10.2.0/24
0 00:00:00:00:00:00
192.0.2.2
LABEL 524283
ESI-0
u*>i 192.0.2.2:10 10.10.0.1/32
0 00:00:00:00:00:00
192.0.2.2
LABEL 524283
ESI-0
u*>i 192.0.2.2:10 10.10.0.2/32
0 00:00:00:00:00:00
192.0.2.2
LABEL 524283
ESI-0
u*>i 192.0.2.2:10 172.16.10.11/32
0 00:00:00:00:00:00
192.0.2.2
LABEL 524283
00:00:00:23:10:00:00:00:00:00
u*>i 192.0.2.2:10 172.16.10.12/32
0 00:00:00:00:00:00
192.0.2.2
LABEL 524283
00:00:00:23:10:00:00:00:00:00
-------------------------------------------------------------------------------
Routes : 5
===============================================================================
PE-2 advertises EVPN IP prefix route 172.16.10.11/32 with ESI 00:00:00:23:10:00:00:00:00:00, which is a local ES on PE-3, so PE-3 adds the route in the route table with the next-hop for prefix 10.10.0.1/32 of the L3 ES. Traffic toward 172.16.10.11 arriving at PE-3 is forwarded directly to the local ES destination. The next-hop of routes 10.10.0.1/32, 172.16.10.11/32, and 172.16.10.12/32 is 10.10.3.4, as follows:
[/]
A:admin@PE-3# show router 10 route-table
===============================================================================
Route Table (Service: 10)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.10.0.1/32 Remote Static 00h09m25s 5
10.10.3.4 1
10.10.0.2/32 Remote EVPN-IFL 00h09m21s 170
192.0.2.2 (tunneled:SR-ISIS:524294) 10
10.10.2.0/24 Remote EVPN-IFL 00h09m21s 170
192.0.2.2 (tunneled:SR-ISIS:524294) 10
10.10.3.0/24 Local Local 00h09m25s 0
int-BD-11-to-VNF 0
172.16.10.11/32 Remote EVPN-IFL 00h04m02s 170
10.10.3.4 1
172.16.10.12/32 Remote EVPN-IFL 00h04m02s 170
10.10.3.4 1
-------------------------------------------------------------------------------
No. of Routes: 6
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
===============================================================================
On PE-3, the extensive route information for prefix 172.16.10.12/32 shows the indirect next-hop 10.10.0.1 and the resolving next-hop 10.10.3.4, as follows:
[/]
A:admin@PE-3# show router 10 route-table 172.16.10.11/32 extensive
===============================================================================
Route Table (Service: 10)
===============================================================================
Dest Prefix : 172.16.10.11/32
Protocol : EVPN-IFL
Age : 00h04m02s
Preference : 170
Indirect Next-Hop : 10.10.0.1
VPN Next-Hop Index : 30
QoS : Priority=n/c, FC=n/c
Source-Class : 0
Dest-Class : 0
ECMP-Weight : N/A
Resolving Next-Hop : 10.10.3.4
Interface : int-BD-11-to-VNF
Metric : 1
ECMP-Weight : N/A
-------------------------------------------------------------------------------
No. of Destinations: 1
===============================================================================
EVPN IP aliasing for EVPN IFL over SRv6
EVPN IP alias for EVPN IFL VPRN-20 over SRv6 shows an example with EVPN IP alias 10.20.0.1 used in VPRN-20. Instead of MPLS tunnels, SRv6 tunnels are used.
Service configuration
On PE-2 and PE-3, L3 ES "AA-ES-23-20" with ESI 00:00:00:23:20:00:00:00:00:00, VPRN next-hop 10.20.0.1, and EVI 20 is configured, as follows:
# on PE-2, PE-3:
configure {
service {
system {
bgp {
evpn {
ethernet-segment "AA-ES-23-20" {
admin-state enable
type virtual
esi 00:00:00:23:20:00:00:00:00:00
multi-homing-mode all-active
association {
vprn-next-hop 10.20.0.1 { # EVPN IP alias
virtual-ranges {
evi 20 { } # VPRN-20 PE-1, PE-2, PE-3
}
}
}
}
On border leaf PE-1, VPRN-20 is configured with ECMP 2, as follows:
# on PE-1:
configure {
service {
vprn "VPRN-20" {
admin-state enable
description "IP-alias-IFL-SRv6"
service-id 20
customer "1"
ecmp 2
segment-routing-v6 1 {
locator "PE1-loc" {
function {
end-dt4 {
}
end-dt6 {
}
end-dt46 {
}
}
}
}
bgp-evpn {
segment-routing-v6 1 {
admin-state enable
route-distinguisher "192.0.2.1:20"
source-address 2001:db8::2:1
evi 20
vrf-target {
community "target:64500:20"
}
srv6 {
instance 1
default-locator "PE1-loc"
}
}
}
On TOR nodes PE-2 and PE-3, VPRN-20 uses broadcast domain BD-21 toward the VNF. Static routes are configured toward 10.20.0.1/32, which is a loopback interface in the VNF. On PE-2, a local loopback interface is configured with IP address 10.20.0.2, which serves as router ID in the BGP configuration of VPRN-20.
The configuration of VPRN-20 on PE-3 is similar, but without local loopback interface and without BGP.
The configuration is as follows:
# on PE-2:
configure {
service {
vpls "BD-21" {
admin-state enable
description "broadcast domain 21 connected to VPRN-20"
service-id 21
customer "1"
routed-vpls {
}
sap 1/1/c3/1:20 {
}
sap 1/1/c4/1:20 {
}
}
vprn "VPRN-20" {
admin-state enable
description "EVPN IFL over SRv6"
service-id 20
customer "1"
autonomous-system 64500
segment-routing-v6 1 {
locator "PE2-loc" {
function {
end-dt4 {
}
end-dt6 {
}
end-dt46 {
}
}
}
}
bgp-evpn {
segment-routing-v6 1 {
admin-state enable
route-distinguisher "192.0.2.2:20"
source-address 2001:db8::2:2 # on PE-3: 2001:db8::2:3
evi 20
vrf-target {
community "target:64500:20"
}
srv6 {
instance 1
default-locator "PE2-loc" # on PE-3: "PE3-loc"
}
}
}
bgp { # on PE-3: no BGP
router-id 10.20.0.2
rapid-withdrawal true
group "PE-CE" {
}
neighbor "10.20.0.1" {
group "PE-CE"
type external
peer-as 64496
ebgp-default-reject-policy {
import false
export false
}
local-as {
as-number 64500
}
}
}
interface "int-BD-21-to-VNF" {
ipv4 {
bfd { # on PE-3: no BFD
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.20.2.254 # on PE-3: 10.20.3.254
prefix-length 24
}
}
vpls "BD-21" {
}
}
interface "lo1" { # on PE-3: no loopback in VPRN-20
loopback true
ipv4 {
bfd {
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.20.0.2
prefix-length 32
}
}
}
static-routes {
route 10.20.0.1/32 route-type unicast {
next-hop "10.20.2.4" { # on PE-3: 10.20.3.4
admin-state enable
bfd-liveness true # on PE-3: no BFD
}
next-hop "10.20.2.5" { # on PE-3: 10.20.3.5
admin-state enable
bfd-liveness true # on PE-3: no BFD
}
}
}
The configuration of VPRN-20 on VNF nodes PE-4 and PE-5 is similar with the configuration of VPRN-10 on PE-4 and PE-5.
Verification
TOR node PE-2 receives the following BGP routes from its EBGP peer 10.20.0.1 in the VNF:
[/]
A:admin@PE-2# show router 20 bgp neighbor 10.20.0.1 received-routes
===============================================================================
BGP Router ID:10.20.0.2 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop (Router) Path-Id IGP Cost
As-Path Label
-------------------------------------------------------------------------------
u*>i 172.16.20.11/32 n/a None
10.20.0.1 None 1
64496 -
u*>i 172.16.20.12/32 n/a None
10.20.0.1 None 1
64496 -
-------------------------------------------------------------------------------
Routes : 2
===============================================================================
On PE-2, the route table for VPRN-20 is as follows:
[/]
A:admin@PE-2# show router 20 route-table
===============================================================================
Route Table (Service: 20)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.20.0.1/32 Remote Static 00h04m22s 5
10.20.2.4 1
10.20.0.2/32 Local Local 00h06m01s 0
lo1 0
10.20.2.0/24 Local Local 00h06m01s 0
int-BD-21-to-VNF 0
10.20.3.0/24 Remote EVPN-IFL 00h04m31s 170
2001:db8:aaaa:103:7b1d:b000:: (tunneled:SRV6) 10
172.16.20.11/32 Remote BGP 00h03m26s 170
10.20.2.4 1
172.16.20.12/32 Remote BGP 00h03m26s 170
10.20.2.4 1
-------------------------------------------------------------------------------
No. of Routes: 6
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
===============================================================================
On PE-2, the received BGP routes contain next-hop 10.20.0.1 which matches the L3 ES VPRN next-hop, so PE-2 advertises EVPN IP prefix routes with ESI 00:00:00:23:20:00:00:00:00:00. PE-1 receives the following EVPN IP prefix route for prefix 172.16.20.11/32:
[/]
A:admin@PE-1# show router bgp routes evpn ip-prefix prefix 172.16.20.11/32
===============================================================================
BGP Router ID:192.0.2.1 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN IP-Prefix Routes
===============================================================================
Flag Route Dist. Prefix
Tag Gw Address
NextHop
Label
ESI
-------------------------------------------------------------------------------
u*>i 192.0.2.2:20 172.16.20.11/32
0 00:00:00:00:00:00
192.0.2.2
504283
00:00:00:23:20:00:00:00:00:00
-------------------------------------------------------------------------------
Routes : 1
===============================================================================
When the L3 ES is operationally up, PE-2 and PE-3 advertise AD per ES and AD per EVI routes. PE-1 receives the following EVPN AD routes with ESI 00:00:00:23:20:00:00:00:00:00 from PE-2:
[/]
A:admin@PE-1# show router bgp routes evpn auto-disc rd 192.0.2.2:20
===============================================================================
BGP Router ID:192.0.2.1 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN Auto-Disc Routes
===============================================================================
Flag Route Dist. ESI NextHop
Tag Label
-------------------------------------------------------------------------------
u*>i 192.0.2.2:20 00:00:00:23:20:00:00:00:00:00 192.0.2.2
0 504283
u*>i 192.0.2.2:20 00:00:00:23:20:00:00:00:00:00 192.0.2.2
MAX-ET 0
-------------------------------------------------------------------------------
Routes : 2
===============================================================================
When PE-1 receives an EVPN IP prefix route with non-zero ESI, the prefix is installed in an ECMP set with next-hops equal to the SID provided by the received AD per EVI routes with P=1. PE-1 receives the following AD per EVI route from PE-2:
[/]
A:admin@PE-1# show router bgp routes evpn auto-disc rd 192.0.2.2:20 hunt
===============================================================================
BGP Router ID:192.0.2.1 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN Auto-Disc Routes
===============================================================================
-------------------------------------------------------------------------------
RIB In Entries
-------------------------------------------------------------------------------
Network : n/a
Nexthop : 192.0.2.2
Path Id : None
From : 192.0.2.2
Res. Nexthop : 192.168.12.2
Local Pref. : 100 Interface Name : int-PE-1-PE-2
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : None
AIGP Metric : None IGP Cost : 10
Connector : None
Community : target:64500:20
l2-attribute:MTU: 0 F: 0 C: 0 P: 1 B: 0
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 192.0.2.2
Origin : IGP
Flags : Used Valid Best
Route Source : Internal
AS-Path : No As-Path
EVPN type : AUTO-DISC
ESI : 00:00:00:23:20:00:00:00:00:00
Tag : 0
Route Dist. : 192.0.2.2:20
MPLS Label : 504283
Route Tag : 0
Neighbor-AS : n/a
DB Orig Val : N/A Final Orig Val : N/A
Source Class : 0 Dest Class : 0
Add Paths Send : Default
Last Modified : 00h02m52s
SRv6 TLV Type : SRv6 L3 Service TLV (5)
SRv6 SubTLV : SRv6 SID Information (1)
Sid : 2001:db8:aaaa:102::
Full Sid : 2001:db8:aaaa:102:7b1d:b000::
Behavior : End.DT4 (19)
SRv6 SubSubTLV : SRv6 SID Structure (1)
Loc-Block-Len : 48 Loc-Node-Len : 16
Func-Len : 20 Arg-Len : 0
Tpose-Len : 20 Tpose-offset : 64
-------------------------------------------------------------------------------
---snip---
PE-1 receives the following EVPN AD per EVI route from PE-3:
[/]
A:admin@PE-1# show router bgp routes evpn auto-disc rd 192.0.2.3:20 hunt
===============================================================================
BGP Router ID:192.0.2.1 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN Auto-Disc Routes
===============================================================================
-------------------------------------------------------------------------------
RIB In Entries
-------------------------------------------------------------------------------
Network : n/a
Nexthop : 192.0.2.3
Path Id : None
From : 192.0.2.3
Res. Nexthop : 192.168.13.2
Local Pref. : 100 Interface Name : int-PE-1-PE-3
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : None
AIGP Metric : None IGP Cost : 10
Connector : None
Community : target:64500:20
l2-attribute:MTU: 0 F: 0 C: 0 P: 1 B: 0
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 192.0.2.3
Origin : IGP
Flags : Used Valid Best
Route Source : Internal
AS-Path : No As-Path
EVPN type : AUTO-DISC
ESI : 00:00:00:23:20:00:00:00:00:00
Tag : 0
Route Dist. : 192.0.2.3:20
MPLS Label : 504283
Route Tag : 0
Neighbor-AS : n/a
DB Orig Val : N/A Final Orig Val : N/A
Source Class : 0 Dest Class : 0
Add Paths Send : Default
Last Modified : 00h10m37s
SRv6 TLV Type : SRv6 L3 Service TLV (5)
SRv6 SubTLV : SRv6 SID Information (1)
Sid : 2001:db8:aaaa:103::
Full Sid : 2001:db8:aaaa:103:7b1d:b000::
Behavior : End.DT4 (19)
SRv6 SubSubTLV : SRv6 SID Structure (1)
Loc-Block-Len : 48 Loc-Node-Len : 16
Func-Len : 20 Arg-Len : 0
Tpose-Len : 20 Tpose-offset : 64
-------------------------------------------------------------------------------
---snip---
The route table for VPRN-20 on PE-1 is as follows:
[/]
A:admin@PE-1# show router 20 route-table
===============================================================================
Route Table (Service: 20)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.20.0.1/32 Remote EVPN-IFL 00h11m09s 170
2001:db8:aaaa:102:7b1d:b000:: (tunneled:SRV6) 10
10.20.0.1/32 Remote EVPN-IFL 00h11m09s 170
2001:db8:aaaa:103:7b1d:b000:: (tunneled:SRV6) 10
10.20.0.2/32 Remote EVPN-IFL 00h12m49s 170
2001:db8:aaaa:102:7b1d:b000:: (tunneled:SRV6) 10
10.20.2.0/24 Remote EVPN-IFL 00h12m49s 170
2001:db8:aaaa:102:7b1d:b000:: (tunneled:SRV6) 10
10.20.3.0/24 Remote EVPN-IFL 00h11m19s 170
2001:db8:aaaa:103:7b1d:b000:: (tunneled:SRV6) 10
172.16.20.11/32 Remote EVPN-IFL 00h03m34s 170
2001:db8:aaaa:102:7b1d:b000:: (tunneled:SRV6) 10
172.16.20.11/32 Remote EVPN-IFL 00h03m34s 170
2001:db8:aaaa:103:7b1d:b000:: (tunneled:SRV6) 10
172.16.20.12/32 Remote EVPN-IFL 00h03m34s 170
2001:db8:aaaa:102:7b1d:b000:: (tunneled:SRV6) 10
172.16.20.12/32 Remote EVPN-IFL 00h03m34s 170
2001:db8:aaaa:103:7b1d:b000:: (tunneled:SRV6) 10
-------------------------------------------------------------------------------
No. of Routes: 9
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
===============================================================================
The route table for VPRN-20 on PE-3 shows that the route toward 10.20.0.1/32, 172.16.20.11/32, and 172.16.20.12/32 have next-hop 10.20.3.4, which corresponds to an interface in PE-4, so no tromboning to PE-2 takes place.
[/]
A:admin@PE-3# show router 20 route-table
===============================================================================
Route Table (Service: 20)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.20.0.1/32 Remote Static 00h11m22s 5
10.20.3.4 1
10.20.0.2/32 Remote EVPN-IFL 00h11m18s 170
2001:db8:aaaa:102:7b1d:b000:: (tunneled:SRV6) 10
10.20.2.0/24 Remote EVPN-IFL 00h11m18s 170
2001:db8:aaaa:102:7b1d:b000:: (tunneled:SRV6) 10
10.20.3.0/24 Local Local 00h11m22s 0
int-BD-21-to-VNF 0
172.16.20.11/32 Remote EVPN-IFL 00h03m37s 170
10.20.3.4 1
172.16.20.12/32 Remote EVPN-IFL 00h03m37s 170
10.20.3.4 1
-------------------------------------------------------------------------------
No. of Routes: 6
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
===============================================================================
EVPN IP aliasing for EVPN IFF over VXLAN
EVPN IP alias for EVPN IFF VPRN-30 over VXLAN shows an example with EVPN IP alias 10.30.0.1 used in VPRN-30.
R-VPLS "BD-3" is configured with EVI 3, which matches the EVI configured in the L3 ES.
Service configuration
On PE-2 and PE-3, L3 ES "AA-ES-23-3" is configured with ESI 00:00:00:23:03:00:00:00:00:00, VPRN next-hop 10.30.0.1, and EVI 3, as follows:
# on PE-2, PE-3:
configure {
service {
system {
bgp {
evpn {
ethernet-segment "AA-ES-23-3" {
admin-state enable
type virtual
esi 0x00000023030000000000
multi-homing-mode all-active
association {
vprn-next-hop 10.30.0.1 { # EVPN IP alias
virtual-ranges {
evi 3 { } # EVI in BD-3 on PE-1/2/3
}
}
}
}
}
On border leaf PE-1, R-VPLS "BD-3" and VPRN "VPRN-30" are configured as folllows:
# on PE-1:
configure {
service {
vpls "BD-3" {
admin-state enable
service-id 3
customer "1"
vxlan {
instance 1 {
vni 3
}
}
routed-vpls {
}
bgp 1 {
}
bgp-evpn {
evi 3
routes {
mac-ip {
advertise false
}
ip-prefix {
advertise true
}
}
vxlan 1 {
admin-state enable
vxlan-instance 1
}
}
}
vprn "VPRN-30" {
admin-state enable
description "IP alias IFF VXLAN"
service-id 30
customer "1"
ecmp 2
interface "int-to-BD-3" {
vpls "BD-3" {
evpn-tunnel {
}
}
}
}
On PE-2, R-VPLS "BD-3", R-VPLS "BD-31", and VPRN "VPRN-30" are configured as follows:
# on PE-2:
configure {
service {
vpls "BD-3" {
admin-state enable
description "IP-alias-IFF - EVI 3 is used in ES"
service-id 3
customer "1"
vxlan {
instance 1 {
vni 3
}
}
routed-vpls {
}
bgp 1 {
}
bgp-evpn {
evi 3
routes {
mac-ip {
advertise false
}
ip-prefix {
advertise true
domain-id "64500:3"
}
}
vxlan 1 {
admin-state enable
vxlan-instance 1
mh-mode network
routes {
auto-disc {
advertise true
}
}
}
}
}
vpls "BD-31" {
admin-state enable
service-id 31
customer "1"
routed-vpls {
}
sap 1/1/c3/1:30 {
}
sap 1/1/c4/1:30 {
}
}
vprn "VPRN-30" {
admin-state enable
description "IP-alias-IFF-VXLAN"
service-id 30
customer "1"
autonomous-system 64500
bgp {
rapid-withdrawal true
group "PE-CE" {
}
neighbor "10.30.0.1" {
group "PE-CE"
type external
peer-as 64496
ebgp-default-reject-policy {
import false
}
local-as {
as-number 64500
}
}
}
interface "int-BD-3" {
vpls "BD-3" {
evpn-tunnel {
}
}
}
interface "int-BD-31-to-VNF" {
ipv4 {
bfd {
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.30.2.254
prefix-length 24
}
}
vpls "BD-31" {
}
}
interface "lo1" {
loopback true
ipv4 {
bfd {
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.30.0.2
prefix-length 32
}
}
}
static-routes {
route 10.30.0.1/32 route-type unicast {
next-hop "10.30.2.4" {
admin-state enable
bfd-liveness true
}
next-hop "10.30.2.5" {
admin-state enable
bfd-liveness true
}
}
}
}
Similarly, on PE-3, R-VPLS "BD-3", R-VPLS "BD-31", and VPRN "VPRN-30" are configured, as follows:
# on PE-3:
onfigure {
service {
vpls "BD-3" {
admin-state enable
description "IP-alias-IFF - EVI 3 is used in ES"
service-id 3
customer "1"
vxlan {
instance 1 {
vni 3
}
}
routed-vpls {
}
bgp 1 {
}
bgp-evpn {
evi 3
routes {
mac-ip {
advertise false
}
ip-prefix {
advertise true
domain-id "64500:3"
}
}
vxlan 1 {
admin-state enable
vxlan-instance 1
mh-mode network
routes {
auto-disc {
advertise true
}
}
}
}
}
vpls "BD-31" {
admin-state enable
service-id 31
customer "1"
routed-vpls {
}
sap 1/1/c3/1:30 {
}
sap 1/1/c4/1:30 {
}
}
vprn "VPRN-30" {
admin-state enable
description "IP-alias-IFF-VXLAN"
service-id 30
customer "1"
autonomous-system 64500
interface "int-BD-3" {
vpls "BD-3" {
evpn-tunnel {
}
}
}
interface "int-BD-31-to-VNF" {
ipv4 {
primary {
address 10.30.3.254
prefix-length 24
}
}
vpls "BD-31" {
}
}
static-routes {
route 10.30.0.1/32 route-type unicast {
next-hop "10.30.3.4" {
admin-state enable
}
next-hop "10.30.3.5" {
admin-state enable
}
}
}
}
The configuration on PE-4 is as follows:
# on PE-4:
configure {
policy-options {
prefix-list "subs-pfx-30" {
prefix 172.16.30.11/32 type exact {
}
prefix 172.16.30.12/32 type exact {
}
}
policy-statement "export-subs-pfx-30" {
entry 10 {
from {
prefix-list ["subs-pfx-30"]
protocol {
name [direct]
}
}
action {
action-type accept
}
}
}
}
service {
vprn "VPRN-30" {
admin-state enable
service-id 30
customer "1"
autonomous-system 64496
bgp {
rapid-withdrawal true
group "PE-CE" {
}
neighbor "10.30.0.2" {
group "PE-CE"
type external
peer-as 64500
local-as {
as-number 64496
}
export {
policy ["export-subs-pfx-30"]
}
ebgp-default-reject-policy {
import false
}
}
}
interface "int-subs1" {
loopback true
ipv4 {
primary {
address 172.16.30.11
prefix-length 32
}
}
}
interface "int-subs2" {
loopback true
ipv4 {
primary {
address 172.16.30.12
prefix-length 32
}
}
}
interface "int-to-PE-2" {
ipv4 {
bfd {
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.30.2.4
prefix-length 24
}
}
sap 1/1/c2/1:30 {
}
}
interface "int-to-PE-3" {
ipv4 {
primary {
address 10.30.3.4
prefix-length 24
}
}
sap 1/1/c1/1:30 {
}
}
interface "lo1" {
loopback true
ipv4 {
bfd {
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.30.0.1
prefix-length 32
}
}
}
static-routes {
route 10.30.0.2/32 route-type unicast {
next-hop "10.30.2.254" {
admin-state enable
bfd-liveness true
}
}
}
}
The configuration on PE-5 is similar.
Verification
PE-2 receives the following BGP routes for the prefixes 172.16.30.11/32 and 172.16.30.12/32 with next-hop 10.40.0.1:
[/]
A:admin@PE-2# show router 30 bgp neighbor 10.30.0.1 received-routes
===============================================================================
BGP Router ID:192.0.2.2 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop (Router) Path-Id IGP Cost
As-Path Label
-------------------------------------------------------------------------------
u*>i 172.16.30.11/32 n/a None
10.30.0.1 None 1
64496 -
u*>i 172.16.30.12/32 n/a None
10.30.0.1 None 1
64496 -
-------------------------------------------------------------------------------
Routes : 2
===============================================================================
On PE-2, the route table for VPRN-30 is as follows:
[/]
A:admin@PE-2# show router 30 route-table
===============================================================================
Route Table (Service: 30)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.30.0.1/32 Remote Static 03h29m50s 5
10.30.2.4 1
10.30.0.2/32 Local Local 03h30m48s 0
lo1 0
10.30.2.0/24 Local Local 03h30m48s 0
int-BD-31-to-VNF 0
10.30.3.0/24 Remote EVPN-IFF 03h30m07s 169
int-BD-3 (ET-00:03:fe:ff:ff:40) 0
172.16.30.11/32 Remote BGP 03h29m21s 170
10.30.2.4 1
172.16.30.12/32 Remote BGP 03h29m21s 170
10.30.2.4 1
-------------------------------------------------------------------------------
No. of Routes: 6
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
===============================================================================
The VPRN next-hop 10.30.0.1 is configured in the L3 ES "AA-ES-23-3", so PE-2 advertises an EVPN IP prefix route with non-zero ESI for prefixes 172.16.30.11/32 and 172.16.30.12/32 when the L3 ES is operationally up. PE-1 receives the following EVPN IP prefix route for prefix 172.16.30.11/32:
[/]
A:admin@PE-1# show router bgp routes evpn ip-prefix prefix 172.16.30.11/32
===============================================================================
BGP Router ID:192.0.2.1 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN IP-Prefix Routes
===============================================================================
Flag Route Dist. Prefix
Tag Gw Address
NextHop
Label
ESI
-------------------------------------------------------------------------------
u*>i 192.0.2.2:3 172.16.30.11/32
0 00:02:fe:ff:ff:40
192.0.2.2
VNI 3
00:00:00:23:03:00:00:00:00:00
-------------------------------------------------------------------------------
Routes : 1
===============================================================================
When the L3 ES on PE-2 is operationally up, PE-2 advertises AD per EVI and AD per ES routes with ESI 00:00:00:23:03:00:00:00:00:00. PE-1 receives the following EVPN AD routes from PE-2:
[/]
A:admin@PE-1# show router bgp routes evpn auto-disc rd 192.0.2.2:3
===============================================================================
BGP Router ID:192.0.2.1 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN Auto-Disc Routes
===============================================================================
Flag Route Dist. ESI NextHop
Tag Label
-------------------------------------------------------------------------------
u*>i 192.0.2.2:3 00:00:00:23:03:00:00:00:00:00 192.0.2.2
0 VNI 3
u*>i 192.0.2.2:3 00:00:00:23:03:00:00:00:00:00 192.0.2.2
MAX-ET VNI 0
-------------------------------------------------------------------------------
Routes : 2
===============================================================================
The route table for VPRN-30 on PE-1 shows the following EVPN IFF routes. PE-1 installs prefixes 172.16.30.11/32 and 172.16.30.12/32 in ECMP sets with next-hop equal to the MAC next-hop of the backhaul VPLS "BD-3", as advertised in the received AD per EVI routes with P=1: PE-2 advertises MAC next-hop ET-00:02:fe:ff:ff:40 while PE-3 advertises MAC next-hop ET-00:03:fe:ff:ff:40 (ET stands for EVPN-Tunnel).
[/]
A:admin@PE-1# show router 30 route-table
===============================================================================
Route Table (Service: 30)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.30.0.1/32 Remote EVPN-IFF 03h34m22s 169
int-to-BD-3 (ET-00:02:fe:ff:ff:40) 0
10.30.0.1/32 Remote EVPN-IFF 03h34m22s 169
int-to-BD-3 (ET-00:03:fe:ff:ff:40) 0
10.30.0.2/32 Remote EVPN-IFF 03h35m20s 169
int-to-BD-3 (ET-00:02:fe:ff:ff:40) 0
10.30.2.0/24 Remote EVPN-IFF 03h35m20s 169
int-to-BD-3 (ET-00:02:fe:ff:ff:40) 0
10.30.3.0/24 Remote EVPN-IFF 03h34m39s 169
int-to-BD-3 (ET-00:03:fe:ff:ff:40) 0
172.16.30.11/32 Remote EVPN-IFF 00h02m13s 169
int-to-BD-3 (ET-00:02:fe:ff:ff:40) 0
172.16.30.11/32 Remote EVPN-IFF 00h02m13s 169
int-to-BD-3 (ET-00:03:fe:ff:ff:40) 0
172.16.30.12/32 Remote EVPN-IFF 00h02m13s 169
int-to-BD-3 (ET-00:02:fe:ff:ff:40) 0
172.16.30.12/32 Remote EVPN-IFF 00h02m13s 169
int-to-BD-3 (ET-00:03:fe:ff:ff:40) 0
-------------------------------------------------------------------------------
No. of Routes: 9
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
===============================================================================
In the route table for VPRN-30 on PE-3, the routes for prefix 10.30.0.1/32, 172.16.30.11/32, and 172.16.30.12/32 have next-hop 10.30.3.4, which is an interface IP address on PE-4 in the VNF:
[/]
A:admin@PE-3# show router 30 route-table
===============================================================================
Route Table (Service: 30)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.30.0.1/32 Remote Static 03h34m38s 5
10.30.3.4 1
10.30.0.2/32 Remote EVPN-IFF 03h34m36s 169
int-BD-3 (ET-00:02:fe:ff:ff:40) 0
10.30.2.0/24 Remote EVPN-IFF 03h34m36s 169
int-BD-3 (ET-00:02:fe:ff:ff:40) 0
10.30.3.0/24 Local Local 03h34m38s 0
int-BD-31-to-VNF 0
172.16.30.11/32 Remote EVPN-IFF 00h02m12s 169
10.30.3.4 0
172.16.30.12/32 Remote EVPN-IFF 00h02m12s 169
10.30.3.4 0
-------------------------------------------------------------------------------
No. of Routes: 6
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
===============================================================================
EVPN IP aliasing for EVPN IFF over MPLS
EVPN IP alias for EVPN IFF VPRN-40 over MPLS shows an example with EVPN IP alias 10.40.0.1 used in VPRN-40.
VPLS "BD-4" with EVPN tunnel is configured with EVI 4, which matches the EVI in the L3 ES.
Service configuration
On PE-2 and PE-3, L3 ES "AA-ES-23-4" is configured with ESI 00:00:00:23:04:00:00:00:00:00, VPRN next-hop 10.40.0.1, and EVI 4, as follows:
# on PE-2, PE-3:
configure {
service {
system {
bgp {
evpn {
ethernet-segment "AA-ES-23-4" {
admin-state enable
type virtual
esi 0x00000023040000000000
multi-homing-mode all-active
association {
vprn-next-hop 10.40.0.1 { # EVPN IP alias
virtual-ranges {
evi 4 { } # R-VPLS BD-4 in PE-1/2/3
}
}
}
}
The service configuration on PE-1 is as follows:
# on PE-1:
configure {
service {
vpls "BD-4" {
admin-state enable
description "EVI 4 is used in AA-ES-23-4 on TORs"
service-id 4
customer "1"
routed-vpls {
}
bgp 1 {
}
bgp-evpn {
evi 4
routes {
mac-ip {
advertise false
}
ip-prefix {
advertise true
}
}
mpls 1 {
admin-state enable
auto-bind-tunnel {
resolution any
}
}
}
}
vprn "VPRN-40" {
admin-state enable
description "IP alias IFF MPLS"
service-id 40
customer "1"
ecmp 2
interface "int-to-BD-4" {
vpls "BD-4" {
evpn-tunnel {
}
}
}
}
The service configuration on the TOR nodes PE-2 and PE-3 is as follows:
# on PE-2:
configure {
service {
vpls "BD-4" {
admin-state enable
description "IP-alias-IFF - EVI 4 is used in ES"
service-id 4
customer "1"
routed-vpls {
}
bgp 1 {
}
bgp-evpn {
evi 4
routes {
mac-ip {
advertise false
}
ip-prefix {
advertise true
}
}
mpls 1 {
admin-state enable
auto-bind-tunnel {
resolution any
}
}
}
}
vpls "BD-41" {
admin-state enable
service-id 41
customer "1"
routed-vpls {
}
sap 1/1/c3/1:40 {
}
sap 1/1/c4/1:40 {
}
}
vprn "VPRN-40" {
admin-state enable
description "IP-alias-IFF-MPLS"
service-id 40
customer "1"
autonomous-system 64500
bgp { # on PE-3: no BGP configuration in VPRN-40
rapid-withdrawal true
group "PE-CE" {
}
neighbor "10.40.0.1" {
group "PE-CE"
type external
peer-as 64496
ebgp-default-reject-policy {
import false
export false
}
local-as {
as-number 64500
}
}
}
interface "int-BD-4" {
vpls "BD-4" {
evpn-tunnel {
}
}
}
interface "int-BD-41-to-VNF" {
ipv4 {
bfd {
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.40.2.254 # on PE-3: 10.40.3.254
prefix-length 24
}
}
vpls "BD-41" {
}
}
interface "lo1" { # on PE-3: no loopback interface
loopback true
ipv4 {
bfd {
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.40.0.2
prefix-length 32
}
}
}
static-routes {
route 10.40.0.1/32 route-type unicast {
next-hop "10.40.2.4" { # on PE-3: 10.40.3.4
admin-state enable
bfd-liveness true
}
next-hop "10.40.2.5" { # on PE-3: 10.40.3.5
admin-state enable
bfd-liveness true
}
}
}
}
The configuration of VPRN-40 on PE-4 is as follows:
# on PE-4:
configure {
policy-options {
prefix-list "subs-pfx-40" {
prefix 172.16.40.11/32 type exact {
}
prefix 172.16.40.12/32 type exact {
}
}
policy-statement "export-subs-pfx-40" {
entry 10 {
from {
prefix-list ["subs-pfx-40"]
protocol {
name [direct]
}
}
action {
action-type accept
}
}
}
commit
info
}
service {
vprn "VPRN-40" {
admin-state enable
service-id 40
customer "1"
autonomous-system 64496
bgp {
rapid-withdrawal true
group "PE-CE" {
}
neighbor "10.40.0.2" {
group "PE-CE"
type external
peer-as 64500
local-as {
as-number 64496
}
export {
policy ["export-subs-pfx-40"]
}
ebgp-default-reject-policy {
import false
}
}
}
interface "int-subs1" {
loopback true
ipv4 {
primary {
address 172.16.40.11
prefix-length 32
}
}
}
interface "int-subs2" {
loopback true
ipv4 {
primary {
address 172.16.40.12
prefix-length 32
}
}
}
interface "int-to-PE-2" {
ipv4 {
bfd {
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.40.2.4
prefix-length 24
}
}
sap 1/1/c2/1:40 {
}
}
interface "int-to-PE-3" {
ipv4 {
primary {
address 10.40.3.4
prefix-length 24
}
}
sap 1/1/c1/1:40 {
}
}
interface "lo1" {
loopback true
ipv4 {
bfd {
admin-state enable
transmit-interval 1000
receive 1000
}
primary {
address 10.40.0.1
prefix-length 32
}
}
}
static-routes {
route 10.40.0.2/32 route-type unicast {
next-hop "10.40.2.254" {
admin-state enable
bfd-liveness true
}
}
}
}
Verification
PE-2 receives BGP routes with the subscriber prefixes 172.16.40.11/32 and 172.16.40.12/32 from EBGP peer 10.40.0.1, as follows:
[/]
A:admin@PE-2# show router 40 bgp neighbor 10.40.0.1 received-routes
===============================================================================
BGP Router ID:192.0.2.2 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop (Router) Path-Id IGP Cost
As-Path Label
-------------------------------------------------------------------------------
u*>i 172.16.40.11/32 n/a None
10.40.0.1 None 1
64496 -
u*>i 172.16.40.12/32 n/a None
10.40.0.1 None 1
64496 -
-------------------------------------------------------------------------------
Routes : 2
===============================================================================
The VPRN next-hop 10.40.0.1 is configured in the L3 ES, therefore, PE-2 advertises the prefixes in EVPN IP prefix routes with ESI 00:00:00:23:04:00:00:00:00:00. PE-1 receives the following IP prefix route for prefix 172.16.40.11/32:
[/]
A:admin@PE-1# show router bgp routes evpn ip-prefix prefix 172.16.40.11/32
===============================================================================
BGP Router ID:192.0.2.1 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN IP-Prefix Routes
===============================================================================
Flag Route Dist. Prefix
Tag Gw Address
NextHop
Label
ESI
-------------------------------------------------------------------------------
u*>i 192.0.2.2:4 172.16.40.11/32
0 00:02:fe:ff:ff:41
192.0.2.2
LABEL 524279
00:00:00:23:04:00:00:00:00:00
-------------------------------------------------------------------------------
Routes : 1
===============================================================================
When the L3 ES is operationally up on PE-2, PE-1 receives the following EVPN AD routes with ESI 00:00:00:23:04:00:00:00:00:00 from PE-2:
[/]
A:admin@PE-1# show router bgp routes evpn auto-disc rd 192.0.2.2:4
===============================================================================
BGP Router ID:192.0.2.1 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP EVPN Auto-Disc Routes
===============================================================================
Flag Route Dist. ESI NextHop
Tag Label
-------------------------------------------------------------------------------
u*>i 192.0.2.2:4 00:00:00:23:04:00:00:00:00:00 192.0.2.2
0 LABEL 524279
u*>i 192.0.2.2:4 00:00:00:23:04:00:00:00:00:00 192.0.2.2
MAX-ET LABEL 0
-------------------------------------------------------------------------------
Routes : 2
===============================================================================
For the EVPN IP prefix routes received with non-zero ESI, PE-1 installs the prefix in an ECMP set with next-hops equal to the MAC next-hop of the backhaul VPLS "BD-4", as provided in the received AD per EVI routes with P=1: PE-2 advertises MAC next-hop ET-00:02:fe:ff:ff:41 while PE-3 advertises MAC next-hop ET-00:03:fe:ff:ff:41. The route-table for VPRN-40 on PE-1 is as follows:
[/]
A:admin@PE-1# show router 40 route-table
===============================================================================
Route Table (Service: 40)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.40.0.1/32 Remote EVPN-IFF 00h07m06s 169
int-to-BD-4 (ET-00:03:fe:ff:ff:41) 0
10.40.0.1/32 Remote EVPN-IFF 00h07m06s 169
int-to-BD-4 (ET-00:02:fe:ff:ff:41) 0
10.40.0.2/32 Remote EVPN-IFF 00h20m51s 169
int-to-BD-4 (ET-00:02:fe:ff:ff:41) 0
10.40.2.0/24 Remote EVPN-IFF 00h07m09s 169
int-to-BD-4 (ET-00:02:fe:ff:ff:41) 0
10.40.3.0/24 Remote EVPN-IFF 00h35m29s 169
int-to-BD-4 (ET-00:03:fe:ff:ff:41) 0
172.16.40.11/32 Remote EVPN-IFF 00h03m28s 169
int-to-BD-4 (ET-00:03:fe:ff:ff:41) 0
172.16.40.11/32 Remote EVPN-IFF 00h03m28s 169
int-to-BD-4 (ET-00:02:fe:ff:ff:41) 0
172.16.40.12/32 Remote EVPN-IFF 00h03m28s 169
int-to-BD-4 (ET-00:03:fe:ff:ff:41) 0
172.16.40.12/32 Remote EVPN-IFF 00h03m28s 169
int-to-BD-4 (ET-00:02:fe:ff:ff:41) 0
-------------------------------------------------------------------------------
No. of Routes: 9
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
===============================================================================
The route table for VPRN-40 on PE-3 shows that the traffic toward 172.16.40.11/32 is forwarded to 10.40.3.4 on PE-4 in the VNF, without any tromboning to PE-2.
[/]
A:admin@PE-3# show router 40 route-table
===============================================================================
Route Table (Service: 40)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.40.0.1/32 Remote Static 00h35m27s 5
10.40.3.4 1
10.40.0.2/32 Remote EVPN-IFF 00h20m50s 169
int-BD-4 (ET-00:02:fe:ff:ff:41) 0
10.40.2.0/24 Remote EVPN-IFF 00h07m07s 169
int-BD-4 (ET-00:02:fe:ff:ff:41) 0
10.40.3.0/24 Local Local 00h35m27s 0
int-BD-41-to-VNF 0
172.16.40.11/32 Remote EVPN-IFF 00h03m26s 169
10.40.3.4 0
172.16.40.12/32 Remote EVPN-IFF 00h03m26s 169
10.40.3.4 0
-------------------------------------------------------------------------------
No. of Routes: 6
Flags: n = Number of times nexthop is repeated
B = BGP backup route available
L = LFA nexthop available
S = Sticky ECMP requested
===============================================================================
Conclusion
EVPN IP aliasing allows nodes to load-balance flows to multiple nodes attached to the same prefix, even if not all of them advertise reachability to the prefix in EVPN IP prefix routes. EVPN IP aliasing requires the use of an L3 ES, which is a vES configured with a VPRN next-hop and an EVI.