I want to use the EVPN-Multi homing feature on Juniper MX. The reason I want to use it is to provide resilience to some customers that only have a /30 IP address configured (unable to run VRRP with a /30) between the two routers. I'm trying to lab this up on 2 x Juniper MX5.
I'm use the following Juniper article for guidance.
AE0 is used for connectivity between the two routers for OSPF, BGP, MPLS (on a subinterface)
AE1 is where I want to put customer interfaces. I have configured one IP address on irb.107 on 100.100.100.1/30
Below are my configs:
Router1:
set interfaces ae0 flexible-vlan-tagging set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 aggregated-ether-options lacp periodic fast set interfaces ae0 unit 106 description "new iBGP connection to MX2" set interfaces ae0 unit 106 vlan-id 106 set interfaces ae0 unit 106 family inet address 2.1.1.1/30 set interfaces ae1 enable set interfaces ae1 flexible-vlan-tagging set interfaces ae1 encapsulation flexible-ethernet-services set interfaces ae1 esi 00:22:44:66:88:00:22:44:66:88 set interfaces ae1 esi single-active set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces ae1 unit 107 encapsulation vlan-bridge set interfaces ae1 unit 107 vlan-id 107 set interfaces irb unit 107 family inet address 100.100.100.1/30 set interfaces lo0 unit 0 family inet address 111.68.166.40/32 set routing-instances BETA instance-type evpn set routing-instances BETA vlan-id 107 set routing-instances BETA routing-interface irb.107 set routing-instances BETA interface ae1.107 set routing-instances BETA route-distinguisher 111.68.166.40:300 set routing-instances BETA vrf-target target:300:300 set protocols bgp group ibgp type internal set protocols bgp group ibgp local-address 111.68.166.40 set protocols bgp group ibgp family evpn signaling set protocols bgp group ibgp neighbor 111.68.166.48 set protocols mpls interface ae0.106 set protocols mpls interface lo0.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive set protocols ospf area 0.0.0.0 interface ae0.106 set protocols rsvp interface ae0.106 set routing-options router-id 111.68.166.40 set routing-options autonomous-system 6500 set routing-options forwarding-table chained-composite-next-hop ingress evpn Router2:
set interfaces ae0 flexible-vlan-tagging set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 aggregated-ether-options lacp periodic fast set interfaces ae0 unit 106 description "new iBGP connection to MX1" set interfaces ae0 unit 106 vlan-id 106 set interfaces ae0 unit 106 family inet address 2.1.1.2/30 set interfaces ae1 enable set interfaces ae1 flexible-vlan-tagging set interfaces ae1 encapsulation flexible-ethernet-services set interfaces ae1 esi 00:22:44:66:88:00:22:44:66:88 set interfaces ae1 esi single-active set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces ae1 unit 107 encapsulation vlan-bridge set interfaces ae1 unit 107 vlan-id 107 set interfaces irb unit 107 family inet address 100.100.100.1/30 set interfaces lo0 unit 0 family inet address 111.68.166.48/32 set routing-instances BETA instance-type evpn set routing-instances BETA protocols evpn set routing-instances BETA vlan-id 107 set routing-instances BETA routing-interface irb.107 set routing-instances BETA interface ae1.107 set routing-instances BETA route-distinguisher 111.68.166.48:300 set routing-instances BETA vrf-target target:300:300 set protocols bgp group ibgp type internal set protocols bgp group ibgp local-address 111.68.166.48 set protocols bgp group ibgp family evpn signaling set protocols bgp group ibgp neighbor 111.68.166.40 set protocols mpls interface ae0.106 set protocols mpls interface lo0.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive set protocols ospf area 0.0.0.0 interface ae0.106 set protocols rsvp interface ae0.106 set routing-options router-id 111.68.166.48 set routing-options autonomous-system 6500 set routing-options forwarding-table chained-composite-next-hop ingress evpn I only have 2 x MX5 devices so it will be a collapsed model compared to the example Juniper have given (no P router, only PE) From that article I'm choosing the bits which I think are relevant so it's possible I have configured something wrong.
iBGP peering is working correctly (BGP session is established) If I ping from a device on the same VLAN I can actually ping the IRB interface (100.100.100.1) but I'm pretty sure it's not working correctly. My problem is this. One of the routers is supposed to be the Designated Forwarder for the ESI and one is supposed to be the Backup Forwarder. If I do some troubleshooting commands I'm not seeing this. It's like each router is acting independently. For e.g. in the command output of :
show evpn instance extensive
I'm seeing two things which look wrong:
- Number of neighbours is showing as 0
- There is only "Designated forwarder:" and no backup.
Instance: BETA Route Distinguisher: 111.68.166.40:300 VLAN ID: 107 Per-instance MAC route label: 39 Duplicate MAC detection threshold: 5 Duplicate MAC detection window: 180 MAC database status Local Remote MAC advertisements: 2 0 MAC+IP advertisements: 1 0 Default gateway MAC advertisements: 1 0 Number of local interfaces: 2 (2 up) Interface name ESI Mode Status AC-Role .local..8 00:00:00:00:00:00:00:00:00:00 single-homed Up Root ae1.107 00:22:44:66:88:00:22:44:66:88 single-active Up Root Number of IRB interfaces: 1 (1 up) Interface name VLAN VNI Status L3 context irb.107 107 Up master Number of protect interfaces: 0 Number of bridge domains: 1 VLAN Domain-ID Intfs/up IRB-intf Mode MAC-sync IM-label v4-SG-sync IM-core-NH v6-SG-sync IM-core-NH Trans-ID 107 1 1 irb.107 Extended Enabled 47 Disabled Disabled Number of neighbors: 0 Number of ethernet segments: 1 ESI: 00:22:44:66:88:00:22:44:66:88 Status: Resolved by IFL ae1.107 Local interface: ae1.107, Status: Up/Forwarding DF Election Algorithm: MOD based Designated forwarder: 111.68.166.40 Last designated forwarder update: Oct 04 17:27:27 Advertised MAC label: 49 Advertised aliasing label: 49 Advertised split horizon label: 50 SMET Forwarding: Disabled Instance: __default_evpn__ Route Distinguisher: 111.68.166.40:0 Number of bridge domains: 0 Number of neighbors: 0 Any idea why this is happening? I can't see any obvious issues with the BGP config (iBGP peering is up) but it seems like it's not functioning for EVPN.
Any suggestions appreciated. First time setting this up.
Thanks
No comments:
Post a Comment