SR Linux services

Layer 2 services refers to the infrastructure implemented on SR Linux to support multiple virtual switches on the same system.

To do this, SR Linux uses a network instance of type mac-vrf, which functions as a broadcast domain. Each mac-vrf network instance builds a bridge table composed of MAC addresses that can be learned via the data path on network instance interfaces or via static configuration. You can configure the size of the bridge table for each mac-vrf network instance, as well as the aging for dynamically learned MAC addresses and other parameters related to the bridge table.

The mac-vrf network instance is associated with a network instance of type default or ip-vrf via an Integrated Routing and Bridging (IRB) interface. IRB interfaces enable inter-subnet forwarding.

MAC-VRF, IRB interface, and IP-VRF shows the relationship between an IRB interface and mac-vrf, and ip-vrf network instance types.

SR Linux also supports vpws network instances for point-to-point or ELINE services.

See the SR Linux VPN Services Guide for a description of Layer 2 services components and configuration examples.

EVPN for Layer 2 allows for the extension of a broadcast domain. To support this topology, SR Linux includes the following features:

• Bridged subinterface extensions, including a default subinterface that captures untagged and non-explicitly configured VLAN-tagged frames on tagged subinterfaces

• EVPN control and data plane extensions as described in RFC 8365 and RFC 7432

• Distributed security and protection

• EVPN L2 multi-homing, including the ES model definition for all-active and single-active multi-homing

SR Linux also supports static and TLDP-signaled pseudowires, which can be used on MAC-VRF and VPWS instances.

See the SR Linux VPN Services Guide for a description of supported features, basic configuration information, and EVPN L2 multihoming configuration examples.

SR Linux supports EVPN for Layer 3 for inter-subnet-forwarding for unicast traffic within the same tenant infrastructure. SR Linux features that support this topology fall into the following categories:

• EVPN L3 control plane (RT5) and data plane as described in draft-ietf-bess-evpn-prefix-advertisement

• EVPN L3 multi-homing on MAC-VRFs with IRB interfaces that use anycast GW IP and MAC addresses in all leafs attached to the same BD

• Host route mobility procedures to allow fast mobility of hosts between leaf nodes attached to the same BD

Other supported features include:

• Interface-less (IFL) model interoperability with unnumbered interface-ful (IFF) model

• ECMP over EVPN, including unequal ECMP, IP aliasing, and combined ECMP

• Support for interface-level OAM (ping) in anycast deployments

• EVPN interoperability with VLAN-aware bundle services

See the SR Linux VPN Services Guide for EVPN Layer 3 basic configuration information and examples.

IP-VPN services use a combination of MP-BGP and MPLS to distribute IPv4/v6 routing information and provide Layer 3 VPN services.

Each IP-VPN consists of a set of customer end points connected to one or more PE routers. Each associated PE router maintains a separate IP forwarding table for each IP-VPN instance. The PE routers exchange the routing information configured or learned from all customer sites via MP-BGP peering. Each route exchanged via the MP-BGP protocol includes a Route Distinguisher (RD), which identifies the IP-VPN association and handles any potential IP address overlap.

Multi-Protocol BGP (MP-BGP) is used to exchange the routes of a particular VPN among the PE routers that are attached to that VPN.

See the SR Linux VPN Services Guide for IP-VPN configuration information and examples.