Overview

About EVPN

Ethernet Virtual Private Network (EVPN) is a technology that bridges Layer 2 and routes Layer 3 VPN traffic across a shared provider environment. When extending Broadcast Domains (BDs), EVPN instances configured on Provider Edge (PE) routers act as virtual bridges, facilitating traffic between Customer Edge (CE) devices at different locations. Conversely, when connecting devices in different IP subnets, EVPN instances function as virtual routers, enabling inter-subnet forwarding for devices of the same tenant.

Essentially, PE routers exchange reachability information, encapsulate Layer 2 or Layer 3 traffic from CE devices, and forward it across the provider or data center (DC) network. EVPN is a standard technology in multi-tenant DCs (RFC 8365) and MPLS/Segment Routing networks (RFC 7432).

The SR Linux EVPN solution supports EVPN multi-tenant DCs using VXLAN as the data plane, and in service provider networks, using MPLS as the data plane.

About the service infrastructure for EVPN

The SR Linux infrastructure to support EVPN services uses network-instances of type MAC-VRF and IP-VRF, along with IRB interfaces. The MAC-VRF network-instance is associated with a network-instance of type default or ip-vrf via an Integrated Routing and Bridging (IRB) interface.

The following figure shows the relationship between an IRB interface and MAC-VRF, and IP-VRF network-instance types.

Figure 1. MAC-VRF, IRB interface, and IP-VRF

See Layer 2 services infrastructure for information about MAC-VRFs, IP-VRFs, and IRB interfaces in SR Linux.

About EVPN for Layer 2

The primary usage for EVPN for Layer 2 is the extension of a BD in overlay multi-tenant DCs or service provider networks. An example of this type of topology in DCs is shown in the following figure:

Figure 2. BD extension in overlay DCs

SR Linux features that support this topology fall into the following categories:

  • bridged subinterfaces, including:

    • default subinterfaces, configured with the parameter vlan-id optional, which capture untagged and non-explicitly configured VLAN-tagged frames on tagged subinterfaces
    • transparency of inner qtags not being used for service classification

  • EVPN control and data plane extensions, as described in RFC 8365 for VXLAN tunnels and in RFC 7432 for MPLS tunnels:

    • EVPN routes type MAC/IP and IMET (Inclusive Multicast Ethernet Tag) routes

    • VXLANv4 model for MAC-VRFs

    • MPLS model for MAC-VRFs

  • distributed security and protection, including:

    • an extension to the MAC duplication mechanism that can be applied to MACs received from EVPN

    • protection of static MACs

  • EVPN Layer 2 multihoming, including:

    • the Ethernet Segment (ES) model definition for all-active and single-active multihoming

    • interface-level reload-delay timers to avoid service impact when links recover

    • load-balancing and redundancy using aliasing, as in RFC 7432

See EVPN for Layer 2 ELAN services for information about the components of EVPN Layer 2 in SR Linux.

About EVPN for Layer 3

The primary usage for EVPN for VXLAN tunnels (Layer 3) is inter-subnet-forwarding for unicast traffic within the same tenant infrastructure. This type of topology is shown in the following figure:

The primary usage for EVPN for Layer 3 is inter-subnet-forwarding for unicast traffic within the same tenant infrastructure, which can use a shared provider network or a data center. An example of this type of topology in a data center is shown in the following figure:

Figure 3. Inter-subnet forwarding with EVPN Layer 3

SR Linux features that support this topology fall into the following categories:

  • EVPN Layer 3 control plane (mostly EVPN IP prefix routes or RT5s) and data plane, as described in RFC 9136

  • EVPN Layer 3 multihoming on MAC-VRFs with IRB interfaces that use anycast gateway IP and MAC addresses in all leafs attached to the same BD

  • host route mobility procedures to allow fast mobility of hosts between leaf nodes attached to the same BD

Other supported features include:

  • interface-less (IFL) model interoperability with unnumbered interface-ful (IFF) model

  • ECMP over EVPN

  • support for interface-level OAM (ping) in anycast deployments

EVPN for Layer 3 describes the components of EVPN Layer 3 in SR Linux.

About EVPN for multicast

The primary usage for EVPN for multicast is to forward IP multicast traffic from sources to receivers in an efficient way. An example of this type of service in data centers is shown in the following figure:

Figure 4. EVPN for multicast

SR Linux features that support this topology fall into the following categories:

  • IGMP/MLD snooping on MAC-VRFs
  • EVPN IGMP/MLD proxy support in MAC-VRFs, as described in RFC 9251
  • EVPN multihoming support on MAC-VRFs where IGMP/MLD snooping is enabled, and synchronization of the multicast states on all the PEs attached to the same Ethernet Segment, as described in RFC 9251

EVPN for multicast describes the components of EVPN multicast in SR Linux.