Ethernet VPN (EVPN) is a modern and scalable technology designed to address the limitations of traditional Layer 2 VPNs, such as VPLS (Virtual Private LAN Service). EVPN ELAN (Ethernet LAN) is one of the service models provided by EVPN that allows multiple sites to connect as if they were on the same LAN, providing multipoint connectivity across an MPLS/IP network.
In traditional Ethernet LANs, MAC learning occurs at the data plane, which can lead to challenges in scalability, particularly in large and dynamic environments. EVPN ELAN addresses these challenges by introducing control-plane-based MAC learning and distribution, ensuring more efficient, scalable, and flexible network operations.
EVPN Route Types
In EVPN, BGP is used to advertise MAC addresses, IP addresses, and other relevant information through various route types. The main EVPN route types used in an EVPN ELAN service are:
Route Type 1: Ethernet Auto-Discovery (A-D) Route
This route type is used for auto-discovery of PE devices that participate in a specific EVPN instance. It provides a way for PE routers to discover each other and establish a control plane relationship. Route Type 1 is further divided into two types: Ethernet A-D per ESI and Ethernet A-D per EVI. Each serves different purposes within the EVPN architecture.
The Ethernet A-D route per ESI signals the reachability of a multi-homed Ethernet segment. It is key for fast convergence, such as in ‘mass withdraw’ scenarios, and plays a role in split-horizon filtering for active-active multi-homing.
The Ethernet A-D route per EVI facilitates the implementation of the Aliasing feature of EVPN associated with active-active multi-homing.
Route Type 2: MAC/IP Advertisement Route
This route type is responsible for advertising the MAC addresses (and optionally MAC+IP binding) learned by a PE router. It enables the distribution of MAC address information across the EVPN domain, allowing for efficient MAC learning and mobility. When a host moves from one site to another, the new PE router can quickly update the network about the host’s new location using this route type.
Route Type 3: Inclusive Multicast Ethernet Tag (IMET) Route
IMET routes are used for multicast and broadcast traffic within the EVPN instance. This route type is essential for optimizing the distribution of broadcast, unknown unicast, and multicast (BUM) traffic. IMET routes ensure that such traffic is only sent to PEs that have interested receivers, reducing unnecessary traffic in the network.
Route Type 4: Ethernet Segment Route
Ethernet Segment (ES) routes are used in multi-homed scenarios where a CE device is connected to more than one PE. Route Type 4 is crucial for electing a Designated Forwarder (DF) in such scenarios to prevent loops and ensure efficient traffic forwarding.
ISIS-SR with TI-LFA and MP-BGP (EVPN) Underlay
Sample ISIS-SR Configuration from PE1 device:
This includes the configuration for loopback and physical interfaces, along with the router’s ISIS-SR.
Sample MP-BGP RR Configuration from P2 device:
This includes the MP-BGP configuration on RR device.
Sample MP-BGP NON-RR Configuration from PE4 device:
This includes the MP-BGP configuration on Non-RR device.
Validation ISIS-SR:
This displays topology details including metrics and next-hop.
This ensure the MPLS Forwarding-table (FTN) entries installed for the loopback addresses of all routers in the network. Below command provides details such as the outbound label (out-label), outbound interface (out-interface), next-hop, and more. It is essential to perform this check on the source router.
This ensure the MPLS ILM-table (Incoming Label Mapping Table) entries installed for the loopback addresses of all routers in the network and the local links next-hop IP address. This command provides details such as the inbound label (in-label) outbound label (out-label), outbound interface (out-interface), next-hop, and more. It is essential to perform this check on the transit router.
This is to check network connectivity using MPLS ping commands.
Validation MP-BGP (EVPN):
This verifies BGP neighborship for L2VPN EVPN address family on RR and Non-RR device.
EVPN ELAN SH aka EVPN VPLS SH Overlay
Sample Configuration from PE4 device:
We start by enabling EVPN MPLS and assigning a VTEP global IP address, which typically matches the loopback IP address. Next, we set up the EVPN-ELAN identifier. We then map the VRF to the EVPN-ELAN identifier and associate the VPN ID with the access interface that connects to the CE device. Finally, we enable the BGP EVPN address family to the neighbor PE device to establish communication. BGP neighborship with remote PEs can be established directly or through a Route Reflector (RR). In our case, it is set up via an RR, with P2 acting as the Route Reflector.
Validation:
The command “show evpn mpls” checks the status of the connection, providing details such as whether the destination is single-homed or multi-homed with an ESI configured, the local and remote PE IP address, DF status.
The command “show evpn mpls tunnel” verifies the tunnel status between the PEs, including the EVPN ID and the tunnel’s uptime.
The command “show evpn mpls tunnel label” also provides the tunnel status, destination PE IP address, and EVPN ID. Additionally, it shows the local and remote service labels, the outgoing network interface, and the transport label used on the network interface.
The command “show evpn mpls mac-table” displays MAC addresses learned both locally and from remote destination PE devices.
The command “show bgp l2vpn evpn summary” checks the BGP L2VPN EVPN neighbor relationship with the remote PE, including the total number of prefixes received and details of the corresponding EVPN route types. If the BGP peering is established through a Route Reflector (RR), the prefixes will be learned via the RR.
The command “show bgp l2vpn evpn” displays the routes sent and received between the PE’s.
The command “show bgp l2vpn evpn mac-ip” displays the EVPN routes type 2 sent and received between the PE’s.
The command “show bgp l2vpn evpn mcast” displays the EVPN routes type 3 sent and received between the PE’s.
Finally, the “ping” command is used to verify end-to-end IP reachability between the CE devices.
EVPN ELAN MH aka EVPN VPLS MH Overlay
Sample Configuration from PE5 device:
In addition to the configuration used for EVPN ELAN SH, we need to enable multihoming for EVPN MPLS and respective hardware-profile filter on all the PEs that are multi-homed to the CE and assign a common ESI to the port channel interface connecting to the CE device.
Validation:
All validation commands are the same as those used for EVPN ELAN single-homed, with a few additional commands to verify the multihoming configuration. On PE5, we can observe the ESI value, indicating it is multi-homed. We have included outputs from PE4 (SH) and PE5 (MH) for a parallel view.
Conclusion
EVPN ELAN is a powerful and versatile solution for delivering multipoint Ethernet services over an IP-MPLS network. By leveraging BGP for MAC address distribution and using specific route types for different purposes, EVPN ELAN provides a scalable, resilient, and efficient network architecture. This makes it an ideal choice for modern data centers and service provider networks looking to offer advanced Ethernet services with the reliability and performance that businesses demand.
Next Topic: EVPN-ETREE: Single-Homed and Multi-Homed Solutions with ISIS-SR and TI-LFA.
Contact us today to learn how OcNOS can offer Segment Routing for your network.
Contact us today to learn how OcNOS can offer Segment Routing for your network.
Suraj Kumar Singh is Senior Solution Lead at IP Infusion.