EVPN interoperability with VLAN-aware bundle services
RFC 7432 defines VLAN-aware bundle services as those EVPN instances that consist of multiple broadcast domains. On SR Linux, a broadcast domain instance on a leaf node is identified by a MAC-VRF, and a MAC-VRF can contain only one broadcast domain. However, SR Linux supports an interoperability mode so that SR Linux leaf nodes can be attached to VLAN-aware bundle broadcast domains along with other third-party routers.
The following figure shows a configuration that features interoperability between SR Linux systems and a third-party device configured with VLAN-aware bundle services.
In this configuration, Leaf-1 and Leaf-2 are SR Linux systems, and Leaf-4 is a third-party device that supports VLAN-aware bundle services. On Leaf-4, MAC-VRF1 is configured with two broadcast domains (BDs), BD-200 and BD-201. BD-200 and BD-201 are configured with the corresponding VLAN ID value (encoded as Ethernet Tag ID in the EVPN routes) and the VNI.
To allow Leaf-1 and Leaf-2 to interoperate with Leaf-4, the SR Linux devices are configured to advertise a non-zero Ethernet Tag ID in the EVPN routes, and process the Ethernet Tag ID in EVPN routes received for the MAC-VRF. When this Ethernet Tag ID is configured, all MAC-VRFs of the same “bundle” have the same import/export route target (RT), but different route distinguisher (RD), Ethernet Tag ID, and VXLAN VNI.
The Ethernet Tag ID can be set to a value in the range 0–16777215 (24-bit value). When
the Ethernet Tag ID is set to a non-zero value, MAC/IP, IMET, and AD per-EVI routes for
the MAC-VRF are advertised encoding the Ethernet Tag ID (configured with the
vlan-aware-bundle-eth-tag parameter) into the
ethernet-tag-id
field of the routes. To interoperate in a
VLAN-aware bundle broadcast domain where there are multiple vendors and multi-homed CEs,
all the vendors must advertise and process the AD per-EVI routes as per RFC 8584, where
an AD per-EVI route is advertised per broadcast domain for the ES. SR Linux is fully
compliant with RFC 8584.
For received routes, BGP processes the routes as usual, and imports them based on the
import route-target. The ethernet-tag-id
is part of the route-key, so
BGP may keep multiple routes with same RD/RT/prefix but different
ethernet-tag-id
. For the routes imported in a specific MAC-VRF,
only those routes whose ethernet-tag-id
matches the locally configured
Ethernet Tag ID are processed.
- MAC-VRF network-instances
- MAC-VRF network-instances with IRB interfaces
- MAC-VRF with multi-homing, for Layer 2 and Layer 3
Configuring the Ethernet Tag ID for VLAN-aware bundle interoperability
To configure VLAN-aware bundle interoperability for SR Linux, you specify a value for the vlan-aware-bundle-eth-tag parameter.
When the vlan-aware-bundle-eth-tag is set to a non-zero value,
routes are accepted only when the incoming ethernet-tag-id
matches
the configured value, for all route types imported in the MAC-VRF.
When the vlan-aware-bundle-eth-tag is set to zero (the default value):
- All received routes with
ethernet-tag-id = 0
are accepted (irrespective of type). - For received routes with a non-zero
ethernet-tag-id
value, IMET and MAC/IP routes for the VXLAN instance are always accepted. - AD per-EVI routes with a non-zero ethernet-tag-id are rejected.
The following example configures a value for the
vlan-aware-bundle-eth-tag parameter. All the EVPN routes
advertised for the MAC-VRF contain this value in the
ethernet-tag-id
field.
--{ * candidate shared default }--[ ]--
# info network-instance mac_vrf_1 protocols bgp-evpn bgp-instance 1 routes
network-instance mac_vrf_1 {
protocols {
bgp-evpn {
bgp-instance 1 {
routes {
bridge-table {
vlan-aware-bundle-eth-tag 1
}
}
}
}
}
}
Displaying the Ethernet Tag ID for VLAN-aware bundle interoperability
Use the show network-instance command to display the value configured for the vlan-aware-bundle-eth-tag parameter.
--{ * candidate shared default }--[ ]--
# show network-instance mac_vrf_1 protocols bgp-evpn bgp-instance 1
================================================================================================
Net Instance : mac_vrf_1
bgp Instance 1 is enabled and up
------------------------------------------------------------------------------------------------
VXLAN-Interface : vxlan1.1
evi : 1
ecmp : 2
default-admin-tag : 0
oper-down-reason : N/A
EVPN Routes
Next hop : 10.20.1.3/32 (network-instance "default" system0.0
IPv4 address)
VLAN Aware Bundle Ethernet tag : 1
MAC/IP Routes : enabled
IMET Routes : enabled, originating-ip 10.20.1.3/32
===============================================================================================