VXLAN EVPN not working on virtual Environment (EVE-NG)

vinodsharma07 · ‎01-29-2023

Hi,

I am working on a setup to test L2 connectivity across DC connected via L3 network. I have configured VXLAN with EVPN as control plane & using ingress replication instead of multicast for peer discovery and data connectivity. While I set this on actual hardware it is working, however same config is not working on virtual NXOS image on eve-ng. I looked at various blogs and it seems to be supported on virtual images.

BGP evpn peering are up, however not able to discover peers. Any help would be appreciated.

DC-1:

nv overlay evpn
feature ospf
feature bgp
feature pim
feature fabric forwarding
feature interface-vlan
feature vn-segment-vlan-based
feature nv overlay

!

fabric forwarding anycast-gateway-mac 0000.1111.2222
vlan 1,101,1000
vlan 101
vn-segment 900001
vlan 1000
vn-segment 5000

vrf context T-1
vni 900001
rd auto
address-family ipv4 unicast
route-target both auto
route-target both auto evpn

!

hardware access-list tcam region racl 512
hardware access-list tcam region arp-ether 256 double-wide

!

interface Vlan101
no shutdown
vrf member T-1
ip forward

interface Vlan1000
no shutdown
vrf member T-1
ip address 192.168.1.1/24
fabric forwarding mode anycast-gateway

interface nve1
no shutdown
host-reachability protocol bgp
source-interface loopback0
member vni 5000
suppress-arp
ingress-replication protocol bgp
member vni 900001 associate-vrf

interface Ethernet1/1

Description L3
no switchport
mtu 9216
ip address 10.10.1.1/30
ip router ospf 1 area 0.0.0.0
no shutdown

!

interface Ethernet1/7

Description Host-1
switchport access vlan 1000

!

Similar config on DC-2

!

DC-1# sh int nve1
nve1 is up
admin state is up, Hardware: NVE
MTU 9216 bytes
Encapsulation VXLAN
Auto-mdix is turned off
RX
ucast: 0 pkts, 0 bytes - mcast: 0 pkts, 0 bytes
TX
ucast: 0 pkts, 0 bytes - mcast: 0 pkts, 0 bytes
!
DC-1# sh vxlan
Vlan VN-Segment
==== ==========
101 900001
1000 5000
!
DC-1# sh nve vni
Codes: CP - Control Plane DP - Data Plane
UC - Unconfigured SA - Suppress ARP
SU - Suppress Unknown Unicast
Xconn - Crossconnect
MS-IR - Multisite Ingress Replication

Interface VNI Multicast-group State Mode Type [BD/VRF] Flags
--------- -------- ----------------- ----- ---- ------------------ -----
nve1 5000 UnicastBGP Up CP L2 [1000] SA
nve1 900001 n/a Up CP L3 [T-1]
!
DC-1# show bgp l2vpn evpn summ
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 10.0.0.1, local AS number 65535
BGP table version is 5, L2VPN EVPN config peers 1, capable peers 1
2 network entries and 2 paths using 488 bytes of memory
BGP attribute entries [2/344], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.0.0.2 4 65534 18 16 5 0 0 00:08:05 0
!
DC-1# sh nve peers
DC-1#

Network Diagram attached.

Paw_Paw · ‎01-30-2023

Can you sho the BGP EVPN Config?

I did it also in eve-ng with nxos-9.3.5 and it is working. It should be posssible

vinodsharma07 · ‎01-30-2023

Sorry. missed to add the BGP and evpn config:

!

router bgp 65535
router-id 10.0.0.1
neighbor 10.0.0.2
remote-as 65534
update-source loopback0
ebgp-multihop 5
address-family l2vpn evpn
send-community
send-community extended
vrf T-1
address-family ipv4 unicast
advertise l2vpn evpn

!
evpn
vni 5000 l2
rd auto
route-target import auto
route-target export auto

Paw_Paw · ‎01-30-2023

Ah I see, I did only iBGP environment. But I did a short look at the documentation. There are some difference in the configuration. For example, RT Configuration should be set manually. Maybe the links below can help.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/92x/vxlan-92x/configuration/guide/b-cisco-nexus-9000-series-nx-os-vxlan-configuration-guide-92x/b_Cisco_Nexus_9000_Series_NX-OS_VXLAN_Configuration_Guide_9x_chapter_0100.html

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjzzpj1ofH8AhVFh_0HHbl_DzIQFnoECAsQAQ&url=https%3A%2F%2Fwww.cisco.com%2Fc%2Fen%2Fus%2Ftd%2Fdocs%2Fswitches%2Flan%2Fcatalyst9500%2Fsoftware%2Frelease%2F16-10%2Fconfiguration_guid...

vinodsharma07 · ‎02-01-2023

This config is working on actual hardware, so config should be fine. I will try with iBGP today and confirm.