Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
786
Views
1
Helpful
4
Replies

EVPN VXLAN Layer 2 Data Center Interconnect Gateway

oeche
Level 1
Level 1

‎06-27-2023 03:21 PM

Hello Guys,

I have an AS9902 connection to a Nexus 9000v.

On the Nexus i have configure a VNI and a VLAN association. I also have configure a peering with the ASR9k.

On the ASR i have configure the EVPN VXLAN Layer 2 Data Center Interconnect Gateway. 

On the Nexus 9000v i have an ubuntu server on the vlan 10.

I try to ping the ASR9k on an IP also on the vlan 10 from the ubuntu server.

Configuration on the ASR

interface nve40
member vni 40002
host-reachability protocol bgp
!
overlay-encapsulation vxlan
source-interface Loopback40
anycast source-interface Loopback41
ingress-replication protocol bgp
!

Wed Jun 28 00:11:42.255 CEST
evpn
evi 32
!
evi 40
bgp
route-target import 65020:40
route-target export 65020:40
!
advertise-mac
bvi-mac
!
vni 40002 stitching
bgp
route-target import 200:40002
route-target export 200:40002
!
advertise-mac
!
!

 

l2vpn
bridge group bg1
bridge-domain bd2
routed interface BVI22
!
evi 40
!
member vni 40002
!
!
!

 

interface BVI22
host-routing
vrf 2222
ipv4 address 1.1.1.253 255.255.255.0
mac-address 1001.1001.11
!

 

=== On the Nexus ==

 

evpn
vni 40002 l2
route-target import auto

route-target export auto

vlan 10
vn-segment 40002

 

interface nve1
no shutdown
host-reachability protocol bgp
source-interface loopback100
member vni 40002
ingress-replication protocol bgp

 

Everything seem's to work fine.

The route are exchange between the ASR and the Nexus.

The MAC addresse table and the inclusive multicast route are there.

But the ASR seems to not take into account a VXLAN packet when it comes from the fabric.

one thing strange on the ASR :

show inter description

nv40 up not ready

 

If someone can help

Thanks in advance,

Labels:
4 Replies 4

M02@rt37
VIP
VIP

‎06-27-2023 10:39 PM

Hello @oeche,

Some ways for troubleshooting:

The output of "show interface description" on the ASR9k shows that "nv40" is "up not ready." This indicates that the NVE interface is up but not fully operational. You should investigate further to determine why the interface is not ready. Check the configuration of the NVE interface, including the source interface and any associated VRFs.

Ensure that the VXLAN tunnel configuration on both the Nexus 9000v and the ASR9k is correct. Verify that the source interfaces (Loopback40 on the ASR9k and loopback100 on the Nexus 9000v) are correctly specified. Additionally, confirm that the VNI (VXLAN Network Identifier) 40002 is consistent on both devices.

Verify that the BGP peering between the Nexus 9000v and the ASR9k is established and functioning correctly. Check the BGP neighbor status and ensure that the correct BGP address families (including EVPN) are being exchanged.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

M02@rt37
VIP
VIP

‎06-27-2023 10:40 PM

@oeche,

Other thing:

If the MAC addresses are not being learned correctly, review the ingress replication configuration on the ASR9k. Confirm that the appropriate VNI [40002] is configured for ingress replication and that the BGP peering is correctly established.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

oeche
Level 1
Level 1

‎06-28-2023 03:03 AM

Hi M02@rt37 ,

Thanks for your help.

On the ASR9k

Wed Jun 28 11:50:49.575 CEST
interface nve40
member vni 40002
host-reachability protocol bgp
!
overlay-encapsulation vxlan
source-interface Loopback40
anycast source-interface Loopback41
ingress-replication protocol bgp
!

Both inter lo40 and lo41 are routed and up.

The BGP session with the N9000v is UP and i received two route :

RP/0/RP0/CPU0:ASR9k#show bgp l2vpn evpn summary

10.154.255.238 0 65020 210090 103803 1038174 0 0 6d20h 36
10.154.255.240 0 65020 151203 40901 1038174 0 0 6d21h 36
18.18.18.18 0 200 3215 3664 1038174 0 0 17:57:19 2  ==> N9000v

Route Distinguisher: 15.15.15.15:32777
*> [2][0][48][5254.0014.6ebd][0]/104 => is the MAC @ of the ubuntu vn connected on the N9k 
18.18.18.18 0 200 i
*> [3][0][32][18.18.18.18]/80 => Mutlicast route from the N9k for ingress replication
18.18.18.18 0 200 i

 

RP/0/RP0/CPU0:ASR9k#show evpn evi bridge-domain bd2 mac
Wed Jun 28 11:56:52.969 CEST

VPN-ID Encap MAC address IP address Nexthop Label SID
---------- ---------- -------------- ---------------------------------------- --------------------------------------- -------- ---------------------------------------
40 MPLS 00cc.fceb.a820 :: 10.154.255.236 24062
40 MPLS 00cc.fceb.a820 :: 10.154.255.240 24187
40002 VXLAN 5254.0014.6ebd :: 18.18.18.18 40002

RP/0/RP0/CPU0:ASR9k#show evpn evi bridge-domain bd2 inclusive-multicast
Wed Jun 28 11:57:10.475 CEST

VPN-ID Encap EtherTag Originating IP
---------- ------ ---------- ----------------------------------------
40 MPLS 0 10.154.255.236
40 MPLS 0 10.154.255.237
40 MPLS 0 10.154.255.240 
40002 VXLAN 0 17.17.17.17 ==> Multicast label for ingress replication for VNI40002 for ASR9k
40002 VXLAN 0 18.18.18.18  ==> Multicast label for ingress replication for VNI40002 for N9k

On the ASR9k i configure a BVI 22 to try to join the Ubuntu VM on the VLAN it doesn't work ...

 

 

 

 

 

0 Helpful

sphere365
Level 1
Level 1

‎02-05-2024 03:29 AM

Hi, just wondering have you ever figured this out?

 

Cheers

0 Helpful
Customers Also Viewed These Support Documents