CCIE DATA CENTER VXLAN EVPN Basics

VXLAN EVPN

CREATED BY SALMAN ALHIARY, CCIE #56363

 VXLAN BGP EVPN Overview
▪ VXLAN requires a mechanism to know which end hosts are
behind which VTEP. This allows the VTEP to build the location-
identity mapping database.
• Identity: identifies an end host using its IP address, MAC address, …etc.
• Location: identifies the VTEP responsible for encapsulating and
decapsulating tunnel traffic for that end host.
▪ VXLAN F&L suffers from the scalability issue because it requires
flooding the traffic to learn about end hosts behind a VTEP.
▪ The use of MP-BGP and Ethernet VPN (EVPN) solves the
scalability issue in VXLAN F&L by minimizing the flooding.
▪ The BGP ‘L2VPN EVPN’ address family allows the host MAC, IP, VTEP’s IP:
10.1.1.52
network, VRF, and VTEP information to be carried over MP-BGP.
▪ The underlay network provides the reachability information to
reach the VTEP, while the overlay control protocol (MP-BGP
EVPN) distributes end-host information. Host H2
• Underlay: how to reach the VTEP’s IP? MAC- 0000.0000.2222
IP- 10.0.0.12
• Overlay: Behind which VTEP is the end-host MAC/IP located?

CREATED BY SALMAN ALHIARY, CCIE #56363

VXLAN BGP EVPN Overview (cont.)
▪ When a VTEP learns about a host behind its local segment (e.g.,
via ARP/DHCP), BGP EVPN distributes and provides this
information to other BGP EVPN–speaking VTEPs within the
underlay network.
▪ As long as the source VTEP continues to detect a host behind it,
an EVPN update message is not sent out. So, other VTEPs don’t
need to “age out” any remote host information.
▪ For BUM traffic forwarding, the sourcing VTEP is required to
send multi-destination traffic to multiple VTEPs, either using IP
multicast or ingress replication (head-end replication).
▪ MP-BGP EVPN has different route types; Cisco’s implementation
for VXLAN BGP EVPN uses route types 2,3, and 5. VTEP’s IP:
• Route Type-2 (MAC/IP Advertisement Route): provides end-host 10.1.1.52
reachability information; MAC address (mandatory) & host (/32) IP
address (optional).
• Route Type-3 (Inclusive Multicast Ethernet Tag Route): is used to create
the distribution list for ingress replication.
Host H2
• Route Type-5 (IP Route): provides IP prefix & prefix-length advertisement MAC- 0000.0000.2222
in EVPN IP- 10.0.0.12

CREATED BY SALMAN ALHIARY, CCIE #56363

VXLAN BGP EVPN RD & RT
▪ VRF allows overlapping IP addresses with isolated routing
domains.
▪ MP-BGP uses the Route Distinguisher (RD) to differentiate
between routes stored in the BGP tables.
• RD is 8 bytes (64 bits) and composed of three fields.
• Assign RD to each VRF and add RD to IP address to maintain uniqueness
among identical routes in different VRFs.
vrf context RED vrf context BLUE
rd 1:1 rd 2:2

VRF RED VRF BLUE

10.1.1.0/24 10.1.1.0/24

BGP VPN Table

1:1 10.1.1.0/24

2:2 10.1.1.0/24
CREATED BY SALMAN ALHIARY, CCIE #56363
VXLAN BGP EVPN RD & RT
▪ VRF allows overlapping IP addresses with isolated routing
domains.
▪ MP-BGP uses the Route Distinguisher (RD) to differentiate
between routes stored in the BGP tables.
• RD is 8 bytes (64 bits) and composed of three fields.
• Assign RD to each VRF and add RD to IP address to maintain uniqueness
among identical routes in different VRFs.
▪ MP-BGP uses a Route Target (RT), which is an extended BGP
community placed on a route to control the import and export
of BGP prefixes between VRFs.
• By using RTs, VRF routes are exported from BGP VRF into VPN Address Family
and vice versa.
• RT is 8 bytes (64 bits) with prefix:suffix notation.
▪ For simplification, Cisco provides automated derivation of RDs
and RTs.
• For RD, the format is RID:VRF-ID (RD, 10.0.0.11:3).
• For RT, the format is ASN:VNI (RT, 65501:50001).

CREATED BY SALMAN ALHIARY, CCIE #56363

 PIM Anycast RP or
VXLAN BGP EVPN 10.0.0.14/32
PIM Anycast
Bidir RPRP
Phantom
10.0.0.15/32

Components BGP RR

PIM enabled

• IGP Underlay Routing. BGP peering between

IGP OSPF/EIGRP/IS-IS
• Multicast Underlay Routing. Leafs & Spines Loopbacks
• BGP Underlay Control Plane.

VTEP IP VTEP IP VTEP IP

10.0.0.11/32 10.0.0.12/32 10.0.0.13/32

Host H1 Host H2 Host H3

MAC- 0000.0000.1111 MAC- 0000.0000.2222 MAC- 0000.0000.3333
IP – 192.168.10.1/24 IP – 192.168.10.2/24 IP – 192.168.10.3/24
VLAN 10 VLAN 10 VLAN 20
CREATED BY SALMAN ALHIARY, CCIE #56363
VXLAN BGP EVPN 10.0.0.14/32 10.0.0.15/32

Components
• IGP Underlay Routing.
• Multicast Underlay Routing. Overlay Networks
• BGP Underlay Control Plane.
• Advertise MP-BGP EVPN Routes:
VTEP IP VTEP IP VTEP IP
✓MAC to L2 VNI to VTEP mapping. 10.0.0.11/32 10.0.0.12/32 10.0.0.13/32
VRF > VXLAN L3-VNI 504030
✓IP to L3 VNI to VTEP mapping.
VLAN 10 > VXLAN L2-VNI 100010 VLAN 10 > VXLAN L2-VNI 100010 VLAN 20 > VXLAN L2-VNI 100020
• VXLAN Data Plane Encapsulation.

Host H1 Host H2 Host H3

MAC- 0000.0000.1111 MAC- 0000.0000.2222 MAC- 0000.0000.3333
IP – 192.168.10.1/24 IP – 192.168.10.2/24 IP – 192.168.10.3/24
VLAN 10 VLAN 10 VLAN 20
CREATED BY SALMAN ALHIARY, CCIE #56363
 Outer Header Inner Header
DMAC SMAC 802.1Q Etype Payload CRC

FCS
Outer MAC Header Outer IP Header Outer UDP Header VXLAN Header
Original Layer 2 Frame

Based on the Hash of the inner L2/L3/L4 headers

14 Bytes 20 Bytes 8 Bytes 8 Bytes

Destination MAC (NH Addr) VXLAN Flags

IP Header Misc. Data Source Port
RRRR1RRR
Source MAC (VTEP Addr)
Protocol 0x11 (UDP) VXLAN port Outer-Header
Reserved
UDP 4789
Ether Type (0x0800)
Header Checksum UDP Length VNI

Original Frame

Original Frame
VTEP’s Source IP
Checksum Reserved

VTEP’s Destination IP

VXLAN encapsulation adds (50) bytes of overhead 24-bits allows for 16M
20 Bytes + 8 Bytes + 8 Bytes + 14 Bytes = 50 Bytes possible segments

VXLAN Packet Structure

CREATED BY SALMAN ALHIARY, CCIE #56363
 VXLAN Header

VTEP’s IP: VTEP’s IP:

10.1.1.51 10.1.1.52

ICMP (Ping)
VLAN 10 VLAN 10

Host H1 Host H2
MAC- 001b.218d.3d98 MAC- 001b.2188.8075
IP- 10.0.0.11 IP- 10.0.0.12

VXLAN Packet Structure Example

CREATED BY SALMAN ALHIARY, CCIE #56363
Thanks for watching!

CREATED BY SALMAN ALHIARY, CCIE #56363