VXLAN EVPN Just with L2VNI

Amit M. · ‎02-18-2020

Hi,

I have a question. If I configure my VTEPs just with L2VNIs (No vrfs, no svi, no l3vnis) to get reachability between hosts in the same subnet (just as an old switching environment approach), which is basically a MAC-MAC approach and no MAC-IP approach. Why in my BGP EVPN table im getting MACs + 0.0.0.0 routes and no IPs of the hosts as when there ir ARP resolution BGP EVPN will store that IP address in its table? With other vendors this is true:

Cisco BGP EVPN table all MACs with 0.0.0.0 (default gateway is outside the fabric)

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1.1.1.1:32777 (L2VNI 1000010)
*>l[2]:[0]:[0]:[48]:[0000.0c9f.f00a]:[0]:[0.0.0.0]/216
100.100.100.100 100 32768 i
*>e[2]:[0]:[0]:[48]:[fa16.3e8a.4ca8]:[0]:[0.0.0.0]/216
200.200.200.200 0 65020 i
* i 200.200.200.200 100 0 65020 i
*>l[2]:[0]:[0]:[48]:[fa16.3eba.945c]:[0]:[0.0.0.0]/216
100.100.100.100 100 32768 i

With other vendor in the same approach (no vrf, no SVI, no nothing, just L2VNIs) I obtain the IP address of the end host + its MAC and not 0.0.0.0 just like Cisco

VLAN MAC address Active source Timestamp IP address
100010 [omitted] 00:01:00:00:00:00:00:00:01:00 Feb 07 22:46:07 192.168.10.1
100010 [omitted] 00:02:00:00:00:00:00:00:01:00 Jan 20 20:45:51 192.168.10.2

Can someone explain me why or if im doing something wrong? I have reachability but its just wondering why I dont see IP address in that L2VNI whilst in another vendor I do...

Thanks!!!

Hector Gustavo Serrano Gutierrez · ‎02-18-2020

Hi @Amit M.

You are doing nothing wrong. This is expected behavior in Cisco NX-OS.

In the BGP L2VPN EVPN route type 2, the MAC address attribute is mandatory while the IP attribute is optional.

Since you don't have any SVI configured (not even the VRF nor the L3VNI), the VTEP does not populate the VRF's ARP table (because there is none) which is internally the source that is ultimately used by BGP to populate that field.

BGP L2VPN EVPN advertises the route type 2 to the rest of the VTEPS in the fabric including the host MAC address and VTEP's loopback IP address (among other relevant information).

Once correctly done, you can confirm in the VTEP receiving the route, the MAC address-table has installed it.

The entry would look similar to:

VTEP# show mac address-table vlan 123
Legend:
        * - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC
        age - seconds since last seen,+ - primary entry using vPC Peer-Link,
        (T) - True, (F) - False, C - ControlPlane MAC, ~ - vsan
   VLAN     MAC Address      Type      age     Secure NTFY Ports
---------+-----------------+--------+---------+------+----+------------------
C 123     0000.0c9f.f00a   dynamic  0         F      F    nve1(100.100.100.100)

You will probably find this Cisco Live presentation interesting BRKDCN-3378.

https://www.ciscolive.com/global/on-demand-library.html?search=BRKDCN-3378#/

https://www.ciscolive.com/c/dam/r/ciscolive/apjc/docs/2018/pdf/BRKDCN-3378.pdf

Regards.

Amit M. · ‎02-25-2020

Thanks!!