VXLAN IPv4 Unicast Config Understanding

bunjiega · ‎11-16-2022

I am trying to understand the VXLAN config the best I can before implementing, and I don't see much detail on this section with L3 routing:

vrf context TENANT1
   vni 100000
   rd auto
   address-family ipv4 unicast
      route-target both auto
      route-target both auto evpn

Specifically, why do we need this IPv4 config on a regular leaf if everything in the fabric routes based on the l2vpn address-family? Is this only needed on the BGW? Why is the 'evpn' under IPv4 here?

Likewise, inside the BGP configuration on the leaf there is something similar:

router bgp 65001
  log-neighbor-changes
  ...some code snipped...
  vrf TENANT1
    address-family ipv4 unicast
      redistribute direct route-map PERMIT-ALL

What is this IPv4 address-family doing on a normal (non-BGW) leaf node? Why redistribute everything into IPv4 when inside the fabric?

As a test, I removed both of these 2 configurations and routing continued to work (at least inside the fabric). Just curious as to how and when the IPv4 AF interacts with the L2VPN AF.

Thanks!

bunjiega · ‎12-14-2022

The best I can figure out so far is that the tenant routing table/VRF has only IPv4 routes. So all BGP L2VPN updates get converted/redistributed as an IPv4 route and then placed in the tenant VRF.

Example:

NX-3# sh ip route vrf TENANT1
IP Route Table for VRF "TENANT1"
...some routes omitted....

10.0.0.20/32, ubest/mbest: 1/0
    *via 150.1.4.4%default, [200/0], 03:19:39, bgp-65001, internal, tag 65001, s
egid: 100000 tunnelid: 0x96010404 encap: VXLAN
 
10.1.1.10/32, ubest/mbest: 1/0
    *via 150.1.4.4%default, [200/0], 03:18:56, bgp-65001, internal, tag 65001, s
egid: 100000 tunnelid: 0x96010404 encap: VXLAN

Here, these 2 routes were learned via BGP (evpn) but they are in the IPv4 routing table for the tenant.

If I am incorrect just let me know, thanks!