SR Linux services

SR Linux services facilitate EVPN-VXLAN deployments in data centers. Ethernet Virtual Private Network (EVPN), along with Virtual eXtensible LAN (VXLAN), is a technology that allows Layer 2 and Layer 3 traffic to be tunneled across an IP network.

The SR Linux EVPN-VXLAN solution supports using Layer 2 Broadcast Domains (BDs) in multi-tenant data centers using EVPN for the control plane and VXLAN as the data plane. It includes the following features:

  • EVPN for VXLAN tunnels (Layer 2), extending a BD in overlay multi-tenant DCs

  • EVPN for VXLAN tunnels (Layer 3), allowing inter-subnet-forwarding for unicast traffic within the same tenant infrastructure

These features are summarized in the following sections. See the SR Linux EVPN-VXLAN Guide for descriptions of supported features and configuration examples.

Layer 2 services

Layer 2 services refers to the infrastructure implemented on SR Linux to support multiple virtual switches on the same system.

To do this, SR Linux uses a network instance of type mac-vrf, which functions as a broadcast domain. Each mac-vrf network instance builds a bridge table composed of MAC addresses that can be learned via the data path on network instance interfaces or via static configuration. You can configure the size of the bridge table for each mac-vrf network instance, as well as the aging for dynamically learned MAC addresses and other parameters related to the bridge table.

The mac-vrf network instance is associated with a network instance of type default or ip-vrf via an Integrated Routing and Bridging (IRB) interface. IRB interfaces enable inter-subnet forwarding.

MAC-VRF, IRB interface, and IP-VRF shows the relationship between an IRB interface and mac-vrf, and ip-vrf network instance types.

Figure 1. MAC-VRF, IRB interface, and IP-VRF

See the ‟Layer 2 services infrastructure” chapter of the SR Linux EVPN-VXLAN Guide for a description of Layer 2 services components and configuration examples.

EVPN-VXLAN Layer 2

EVPN for VXLAN tunnels (Layer 2) allows for the extension of a BD in overlay multi-tenant DCs. To support this topology, SR Linux includes the following features:

  • Bridged subinterface extensions, including a default subinterface that captures untagged and non-explicitly configured VLAN-tagged frames on tagged subinterfaces

  • EVPN-VXLAN control and data plane extensions as described in RFC 8365

  • Distributed security and protection

  • EVPN L2 multi-homing, including the ES model definition for all-active and single-active multi-homing

See the ‟EVPN for VXLAN tunnels (Layer 2)” chapter of the SR Linux EVPN-VXLAN Guide for a description of supported features, basic configuration information, and EVPN L2 multi-homing configuration examples.

EVPN-VXLAN Layer 3

SR Linux supports EVPN for VXLAN tunnels (Layer 3) for inter-subnet-forwarding for unicast traffic within the same tenant infrastructure. SR Linux features that support this topology fall into the following categories:

  • EVPN-VXLAN L3 control plane (RT5) and data plane as described in draft-ietf-bess-evpn-prefix-advertisement

  • EVPN L3 multi-homing on MAC-VRFs with IRB interfaces that use anycast GW IP and MAC addresses in all leafs attached to the same BD

  • Host route mobility procedures to allow fast mobility of hosts between leaf nodes attached to the same BD

Other supported features include:

  • Interface-less (IFL) model interoperability with unnumbered interface-ful (IFF) model

  • ECMP over EVPN

  • Support for interface-level OAM (ping) in anycast deployments

  • EVPN interoperability with VLAN-aware bundle services

See the ‟EVPN for VXLAN tunnels (Layer 3)” chapter of the SR Linux EVPN-VXLAN Guide for EVPN Layer 3 basic configuration information and examples.