Xrdocs Io ncs5500 Tutorials BGP Evpn Configuration Ncs 5500 Part 1
Xrdocs Io ncs5500 Tutorials BGP Evpn Configuration Ncs 5500 Part 1
Save to PDF
O N T H I S PA G E
INTRODUCTION TO BGP-EVPN
C O N F I G U R I N G B G P E V P N C O N T R O L- P L A N E A N D I S I S S E G M E N T R O U T I N G F O R W A R D I N G P L A N E
R E F E R E N C E T O P O L O G Y:
Introduction to BGP-EVPN
EVPN is the next generation L2VPN technology, it provides layer-2 as well as layer-3 VPN services in a scalable and
simpli ed manner. The evolution of EVPN started due to the need of a scalable solution to bridge various layer-2 domains
and overcome the limitations faced by VPLS such as scalability, multi-homing and per- ow load balancing.
EVPN uses MAC addresses as routable addresses and distribute them to all participating PEs via MP-BGP EVPN control-
plane. EVPN is used for E-LAN, E-LINE, E-TREE services and provides data-plane and control-plane separation. This
allows the use of di erent encapsulation mechanisms in data plane while maintaining the same control-plane. In addition,
EVPN o ers many advantages over existing technologies, including more e cient load-balancing of VPN tra c. Some of
the prominent advantages are:
Scalability
Provisioning simplicity
Reduced operational complexity
In this and next few posts we will cover BGP-EVPN con guration, implementation and veri cation on NCS 5500 Platform
using IOS-XR. The goal of this tutorial is to provide familiarity to BGP-EVPN from con guration perspective and cover the
following use cases.
Con guring BGP EVPN control-plane and Segment Routing based forwarding plane
The EVPN network layer reachability information (NLRI) provides di erent route types. Following is the summary of the
route types and their usage.
Route Type Usage
0x1 Ethernet Auto-Discovery (A-D) Route MAC Mass-Withdraw, Aliasing (load balancing)
0x3 Inclusive Multicast Route Indicates interest of BUM tra c for attached L2 segments
0x4 Ethernet Segment Route Auto discovery of Multi-homed Ethernet Segments and Designated Forwarder (DF) Election
0x5 IP Pre x Route Advertises IP pre x for a subnet via EVPN address family
Note: We are using Spine Leaf Fabric example in the con guration but essentially a Leaf is a PE and Spine is a P router
as we are implementing MPLS forwarding plane with BGP-EVPN.
Con guring BGP EVPN control-plane and ISIS Segment Routing forwarding plane
In this post, we will con gure the BGP EVPN control-plane and ISIS Segment Routing based forwarding plane. This will
provide the basis to enable us for provisioning of EVPN based services using segment routing transport.
Reference Topology:
Con gure IGP routing protocol between Leafs and Spines. In this tutorial we are using ISIS as the underlay routing
protocol.
Following is a sample con g from Leaf-1 to implement ISIS routing protocol in the network. Similar con gs with relevant
Net address (shown in above table) and interfaces should be used on other devices to bring up the ISIS routing protocol
in the network. Don’t con gure ISIS on the links from host to leafs, these will be set up later as layer-2 links.
router isis 1
is-type level-2-only
net 49.0001.0000.0000.0001.00
nsr
log adjacency changes
address-family ipv4 unicast
metric-style wide
!
interface Bundle-Ether16
point-to-point
address-family ipv4 unicast
!
interface Bundle-Ether17
point-to-point
address-family ipv4 unicast
!
interface Loopback0
passive
address-family ipv4 unicast
!
Verify that the point-to-point interfaces between the spines and leafs and other devices in the network are up and the
ISIS routing adjacency is formed between the devices as per the topology. In this setup, ISIS routing protocol is
con gured on all the devices except the hosts, the host will be connected layer-2 dual-homed to the Leafs.
The “show isis neighbor” and “show route isis” commands can be used to verify that the adjacency is formed and the
routes of all the Leafs and Spines are learnt via ISIS.
Con gure Segment Routing protocol under ISIS routing protocol which enables MPLS on all the non-passive ISIS
interfaces. A pre x SID is associated with an IP pre x and is manually con gured from the segment routing global block
(SRGB) range of labels. It is con gured under the loopback interface with the loopback address of the node as the pre x.
The pre x SID is globally unique within the segment routing domain.
The Pre x-SID can be an absolute value or an indexed value. In this guide, we are con guring Pre x-SID as absolute
value. ISIS Segment Routing is con gured in the Fabric between Leafs and Spines.
Following is a sample con g to enable Segment Routing in the network. Similar con g with pre x-SID that is unique for
each device in the network, should be con gured on other devices (as per the above diagram) to enable ISIS Segment
Routing. In this con g pre x-SID is enabled on the “loopback 0” interface of the devices.
Spine-1:
router isis 1
address-family ipv4 unicast
segment-routing mpls
!
interface Loopback0
passive
address-family ipv4 unicast
prefix-sid absolute 16006
!
Spine-2:
router isis 1
address-family ipv4 unicast
segment-routing mpls
!
interface Loopback0
passive
address-family ipv4 unicast
prefix-sid absolute 16007
!
Verify that all devices that have ISIS Segment Routing con gured have advertised their pre x-SIDs. Also verify the pre x-
SIDs are learnt and programmed in the forwarding plane on each device. This output is collected from Spines; we can
see that the pre x-SID labels (identi ed by “Pfx”) of all the Leafs and other routers are learnt and programmed in the
forwarding plane along with their outgoing interfaces.
Spine-1:
Spine-2:
Below output shows traceroute from Leaf-1 to Leaf-5 using the loopback address. Trace from Leaf-1 reaches Leaf-5 via
Spines using label forwarding where Spine is the PHP for Leaf-5.
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/5/13 ms
RP/0/RP0/CPU0:Leaf-1#
MP-BGP with its various address families is used to transport speci c reachability information in the network. BGP’s
L2VPN-EVPN address family is capable of transporting tenant-aware/VRF-aware IP (Layer-3) and MAC (Layer-2)
reachability information in MP-BGP. BGP EVPN provides the learnt information to all the devices within the network
through a common control plane. BGP EVPN next-hops are going to be reachable via segment routing paths.
In this con guration guide to con gure EVPN in the Fabric, we will con gure iBGP EVPN, however eBGP EVPN can also
be con gured and is support on NCS 5500 routers. Spines are con gured as the BGP EVPN Route Re ectors. Leaf-1,
Leaf-2 and Leaf-5 will all be Route Re ector clients.
Spine-1:
Spine-2:
Use the following con guration and apply it to con gure the Leaf-1 Leaf-2 and Leaf-5 to form the BGP EVPN adjacency
between Leafs and Route Re ectors.
Leaf-1:
Leaf-2:
Use “show bgp l2vpn evpn summary” cli command to verify the evpn neighborship between Route Re ectors and Leafs.
Below output from the Spines show that the BGP EVPN neighborship is formed between the Leafs and the Route
Re ectors and the control-plane is up.
Spine-1:
Spine-2:
In this post we covered the con guration and veri cation of BGP-EVPN control-plane and ISIS-SR based MPLS
forwarding plane. In the next post we will leverage the EVPN control-plane and ISIS-SR to provision BGP-EVPN based
Multi-Homing of devices.
Tags: EVPN evpn iosxr NCS 5500 ncs5500
SHARE ON
Leave a Comment
4 Comments
1 Login
Name
M
Mesghali Rasoul − ⚑
3 months ago edited
Amazing document.
On the other hand, SR supports TI-LFA and using SR policy gives the capability of service
chaining in DC for FW, LB, ...
0 0 Reply ⥅
Josma − ⚑
4 years ago edited
y g
Since P routers must support EVPN, we can't have BGP Free core?
But, we could at least enable only AF for EVPN, no need for IPv4/6, VPNv4/6?
Edit:
What if we have multiple PE rings, all connected to P ring. Can we have MPLS only on the
P routers and RR's in the PE rings?
0 0 Reply ⥅
A
Ahmad Bilal > Josma
− ⚑
4 years ago
You dont need to have EVPN con gured on P routers. In above example I am
using P routers as RRs but you can have MPLS only on P routers with separate
dedicated RRs in the ring.
0 0 Reply ⥅
0 0 Reply ⥅
This site is maintained by Cisco Systems, Inc. employees. Powered by Jekyll & Minimal Mistakes.