EVPN Virtual Private LAN Service (VPLS) is a Layer 2 VPN technology that uses MP-BGP to advertise EVPN routes in the control plane and MPLS for forwarding in the data plane. EVPN VPLS provides point-to-multipoint forwarding services for users with MAC address table lookup in VSIs.

EVPN VPLS network model

As shown in Figure 1, an EVPN VPLS network contains the following devices:

· Customer edge (CE)—Customer device directly connected to the service provider network.

· Provider edge (PE)—Service provider device connected to CEs. PEs provide access to the EVPN VPLS network and forward traffic between customer network sites by using public tunnels.

A PE uses ACs, PWs, tunnels, and VSIs to provide EVPN VPLS services.

· Attachment circuit (AC)—A physical or virtual link between a CE and a PE.

· Pseudowire (PW)—A pair of unidirectional virtual connections in opposite directions between two PEs.

· Public tunnel—A connection that carries one or more PWs across the MPLS or IP backbone. A public tunnel can be an LSP, GRE, or MPLS TE tunnel.

· Virtual Switch Instance (VSI)—A virtual switch instance provides Layer 2 switching services for a VPLS instance (EVPN instance) on a PE. A VSI acts as a virtual switch that has all the functions of a conventional Ethernet switch, including source MAC address learning, MAC address aging, and flooding. VPLS uses VSIs to forward Layer 2 data packets in EVPN instances.

Figure 1 EVPN VPLS network

‌

Neighbor auto-discovery and PW establishment

A PE uses IMET routes to automatically discover neighbors and establish PWs. When a PE receives an IMET route in a VSI, it compares the export route targets of the route with the import route targets of the EVPN instance associated with the VSI. If they are match, the PE will establish a unidirectional virtual connection based on the PE address and PW label information carried in the route. PW establishment is finished when two virtual connections in opposite directions are established between two PEs.

MAC address learning, aging, and withdrawal

Source MAC address learning

A PE uses the MAC address table of a VSI to forward Layer 2 unicast traffic for that VSI.

A PE learns source MAC addresses in the following ways:

· Local MAC address learning—When the PE receives a frame from a local CE, it first identifies the VSI of the frame. Then, the PE adds the source MAC address of the frame (the MAC address of the local CE) to the MAC address table of the VSI. The output interface of the MAC address entry is the AC that receives the frame.

· Remote MAC address learning—A PE advertises the MAC addresses of local CEs to remote PEs through BGP EVPN MAC/IP advertisement routes. When a remote PE receives the routes, it adds the received MAC addresses to the MAC address table of the corresponding VSI. The output interface is the PW.

MAC address aging

· Local MAC address aging—The MAC address table uses an aging timer for each dynamic MAC address entry. If no packet is received from a MAC address before the aging timer expires, VPLS deletes the MAC address.

· Remote MAC address aging—Remote MAC addresses advertised through MAC/IP advertisement routes are not removed from the MAC address table until routes to withdraw the MAC addresses are received.

MAC address withdrawal

When an AC goes down, the PE deletes MAC addresses on the AC. Then it sends an LDP address withdrawal message to notify all other PEs in the EVPN instance to delete those MAC addresses.

Traffic forwarding and flooding

Unicast traffic forwarding

After a PE receives a unicast packet with a known destination MAC address from an AC, the PE searches the MAC address table of the VSI bound to the AC for packet forwarding.

· If the output interface in the entry is a PW, the PE inserts the PW label of the PW to the packet, and adds the public tunnel header to the packet. It then forwards the packet to the remote PE over the PW. If the public tunnel is an LSP or MPLS TE tunnel, each packet on the PW contains two labels. The inner label is the PW label, which identifies the PW and ensures that the packet is forwarded to the correct VSI. The outer label is the public LSP or MPLS TE tunnel label, which ensures that the packet is correctly forwarded to the remote PE.

· If the output interface in the entry is a local interface, the PE directly forwards the packet to the local interface.

After a PE receives a unicast packet with a known destination MAC address from a PW, the PE searches the MAC address table of the VSI bound to the PW for packet forwarding. The PE forwards the packet through the output interface in the matching MAC address entry.

Flooding

When a PE receives flood traffic from an AC in a VSI, it will flood the traffic to the following interfaces:

· All ACs in the VSI except for the incoming AC.

· All PWs associated with the VSI.

When a PE receives flood traffic from a PW, it will flood the traffic to all ACs in the VSI bound to the PW.

Full mesh and split horizon

A Layer 2 network requires a loop prevention protocol such as STP to avoid loops. However, a loop prevention protocol on PEs brings management and maintenance difficulties. Therefore, EVPN VPLS uses the following methods to prevent loops:

· Full mesh—Every two PEs in an EVPN instance must establish PWs. The PWs form a full mesh among PEs in the EVPN instance.

· Split horizon—A PE does not forward packets received from a PW to any other PWs in the same VSI but only forwards those packets to ACs.

EVPN VPLS multihoming

About EVPN VPLS multihoming

As shown in Figure 2, EVPN VPLS supports deploying multiple PEs at a site for redundancy and high availability. On the redundant PEs, Ethernet links connected to the site form an ES that is uniquely identified by an ESI. EVPN VPLS supports only dualhoming.

Figure 2 EVPN VPLS multihoming

‌

DF election

To prevent redundant PEs from sending duplicate flood traffic to a multihomed site, a designated forwarder (DF) is elected from the PEs to forward flood traffic to the local site. PEs that fail the election are assigned the backup designated forwarder (BDF) role. BDFs do not forward flood traffic to the local site.

Figure 3 DF election

DF election can be performed by using a VLAN tag-based algorithm or preference-based algorithm.

· VLAN tag-based DF election

PEs select a DF for each AC based on the VLAN tag and PE IP address as follows:

a. Arrange source IP addresses in Ethernet segment routes with the same ESI in ascending order and assign a sequence number to each IP address, starting from 0.

b. Divide the lowest VLAN ID permitted on an AC by the number of the redundant PEs, and match the reminder to the sequence numbers of IP addresses.

c. Assign the DF role to the PE that uses the IP address with the matching sequence number.

The following uses PE 1 and PE 2 in Figure 4 as an example to explain the DF election procedure:

a. PE 1 and PE 2 send Ethernet segment routes to each other.

b. The PEs assign sequence numbers 0 and 1 to IP addresses 1.1.1.1 and 2.2.2.2 in the Ethernet segment routes, respectively.

c. The PEs divide 4 (the lowest VLAN ID permitted by the ACs) by 2 (the number of redundant PEs), and match the reminder 0 to the sequence numbers of the IP addresses.

d. The DF role is assigned to PE 1 at 1.1.1.1.

Figure 4 VLAN tag-based DF election

· Preference-based DF election

PEs select a DF for each ES based on the DF election preference, the Don't Preempt Me (DP) bit in Ethernet segment routes, and PE IP address. The DP bit can be set to one of the following values:

¡ 1—Non-revertive mode is enabled for preference-based DF election (DF preemption is disabled). A DF retains its role when a new DF is elected.

¡ 0—Non-revertive mode is disabled for preference-based DF election (DF preemption is enabled).

Preference-based DF election uses the following rules to select a DF for an ES:

a. The PE with higher preference becomes the DF.

b. If two PEs have the same preference, the PE with the DP bit set to 1 becomes the DF.

c. If both of the PEs have the DP bit set to 1, the PE with a lower IP address becomes the DF.

As shown in Figure 5, PE 2 is the DF for ES 1, and PE 1 is the DF for ES 2.

Figure 5 Preference-based DF election

‌

Redundancy mode

The device supports single-active redundancy mode and all-active redundancy mode of EVPN VPLS multihoming.

· Single-active mode—This mode allows one of the redundant PEs to forward traffic. When the primary PE becomes unavailable because of device failure or link failure, traffic is switched to the secondary PE for forwarding.

· All-active mode—This mode allows all redundant PEs to a multihomed site to load share unicast traffic.

IP aliasing

In all-active redundancy mode, all redundant PEs of an ES advertise the ES to remote PEs through MP-BGP. IP aliasing allows a remote PE to add the IP addresses of all the redundant PEs as the next hops for the MAC or ARP information received from one of these PEs. This mechanism creates ECMP routes between the remote PE and the redundant PEs.

Local FRR for EVPN VPLS

As shown in Figure 6, CE 1 is dualhomed to PE 1 and PE 2, and PE 1 is the DF. When the AC on PE 1 fails, PE 1 deletes the corresponding MAC address entries and advertises the local unreachable event to PE 2 and remote PEs (PE 3 in this example). Then, the remote PEs will switch traffic destined for CE 1 to the tunnels to PE 2. This process takes some time. PE 1 might receive packets destined for CE 1 before the remote PEs are notified of the unreachable event and perform link switchover. In this situation, PE 1 drops the packets, because the AC's MAC address entries have been deleted. To resolve this issue, enable local FRR on PE 1. If an AC fails, PE 1 changes the output interface of the AC's MAC address entries to the index of the PW between PE 1 and PE 2. When receiving packets from remote PEs after its AC fails, PE 1 forwards the packets to PE 2 over the PW to prevent traffic loss.

Figure 6 Local FRR network diagram

‌

ARP flood suppression

ARP flood suppression reduces ARP request broadcasts by enabling a PE to reply to ARP requests on behalf of VMs.

As shown in Figure 7, this feature snoops ARP requests, ARP responses, and BGP EVPN routes to populate the ARP flood suppression table with local and remote MAC addresses. If an ARP request has a matching entry, the PE replies to the request on behalf of the VM. If no match is found, the PE floods the request to both local and remote sites.

Figure 7 ARP flood suppression

‌

ARP flood suppression uses the following workflow:

1. CE1 sends an ARP request to obtain the MAC address of CE 2.

2. PE 1 creates a suppression entry for CE 1, floods the ARP request to local CEs and remote PEs (PE 2 and PE 3) in the VSI, and sends the suppression entry to PE 2 and PE 3 through BGP EVPN. Unicast-mode flooding is used to illustrate the workflow.

3. PE 2 and PE 3 de-encapsulate the ARP request and broadcast the request to local CEs in the VSI.

4. CE 2 sends an ARP reply after it receives the ARP request.

5. PE 2 creates a suppression entry for CE 2, forwards the ARP reply to PE 1, and sends the suppression entry to PE 1 and PE 3 through BGP EVPN.

6. PE 1 de-encapsulates the ARP reply and forwards the ARP reply to CE 1.

7. CE 4 sends an ARP request to obtain the MAC address of CE 1.

8. PE 1 creates a suppression entry for CE 4 and replies to the ARP request.

9. CE 3 sends an ARP request to obtain the MAC address of CE 1.

10. PE 3 creates a suppression entry for CE 3 and replies to the ARP request.

Control word

The control word field is between the MPLS label stack and the Layer 2 data. It carries control information for the Layer 2 frame, for example, the sequence number.

The control word feature has the following functions:

· Avoids fragment disorder. In multipath forwarding, fragments received might be disordered. The control word feature reorders the fragments according to the sequence number carried in the control word field.

· Identifies the original payload length for packets that include padding.

The control word field is optional for EVPN VPLS. You can configure whether to carry the control word field in packets sent on PWs. If you enable the control word feature on PEs at both ends of a PW, packets transmitted on the PW carry the control word field. Otherwise, the packets do not carry the control word field.

MAC mobility

MAC mobility refers to the movement of a VM or host from one ES to another. The source PE is unaware of the MAC move event. To notify other PEs of the change, the destination PE advertises a MAC/IP advertisement route for the MAC address. The source PE withdraws the old route for the MAC address after receiving the new route. The MAC/IP advertisement route has a sequence number that increases when the MAC address moves. The sequence number identifies the most recent move if the MAC address moves multiple times.

EVPN E-tree

About EVPN E-tree

In an EVPN VPLS network, EVPN E-tree isolates unicast and flood traffic (broadcast, multicast, and unknown unicast) of ACs in the same EVPN instance based on the AC roles. With EVPN E-tree, the device isolates unicast and flood traffic of ACs in the same EVPN instance as follows:

· Leaf ACs can access root ACs.

· Leaf ACs cannot access each other.

· Root ACs can access each other and access leaf ACs.

Figure 8 EVPN E-tree network diagram

‌

Local traffic isolation

EVPN E-tree isolates traffic between local ACs on a PE as follows:

· When the PE receives packets from a leaf AC on a VSI, it forwards the packets only to root ACs on the VSI.

· When the PE receives packets from a root AC on a VSI, it forwards the packets to all local ACs on the VSI except the incoming AC.

Remote known unicast traffic isolation

With EVPN E-tree, PEs perform MAC address learning for hosts attached to leaf ACs as follows:

1. When a PE receives a packet from a leaf AC, it learns the source MAC address of the packet and adds the Leaf flag to the MAC address.

2. The PE advertises the MAC address to the remote PE in a MAC/IP advertisement route. The route carries the E-tree extended community attribute that contains the Leaf flag.

3. The remote PE adds the MAC address that carries the Leaf flag to the MAC address table.

When one PE receives a packet destined for a host on another PE from a local AC, it searches the MAC address table for the destination MAC address. If the entry of the destination MAC address has the Leaf flag and the packet is also from a leaf AC, the PE discards the packet. In other situations, the PE forwards the packet.

Remote flood traffic isolation

With EVPN E-tree, a PE assigns a Leaf label to the leaf ACs of each VSI. The PE adds the Leaf label to the E-tree extended community attribute in Ethernet auto-discovery routes and advertises the routes to remote PEs.

EVPN E-tree isolates flood traffic from one PE to another PE as follows:

1. When a PE receives a flood packet from a leaf AC on a VSI, it adds the Leaf label of that VSI to the packet, and then adds the private network label and public network label to the packet. After that, the PE forwards the packet to the remote PE.

2. The remote PE removes the private network label and public network label and finds the Leaf label. Then, the PE forwards the packet only to local root ACs on the same VSI.

LDP or static PW ACs for EVPN PWs

This feature ensures that a traditional VPLS network and an EVPN VPLS network can communicate with each other. The LDP or static PWs in the VPLS network are configured as ACs to the EVPN VPLS network. These ACs are referred to as UPWs in the EVPN VPLS network. Packets can be forwarded between EVPN PWs and UPWs, so the VPLS and EVPN VPLS networks can communicate with each other.

With this feature, an LDP or static PW can be single-homed to an EVPN PW or two LDP or static PWs can be dual-homed to two EVPN PWs.

As shown in Figure 9, in the VPLS network, PE 1 is connected to PE 2 and PE 3 through LDP or static PWs. One of the PWs is the primary PW and the other PW is the backup PW. The PWs are UPWs. In the EVPN VPLS network, PE 4 is connected to PE 2 and PE 3 through EVPN PWs. The UPWs in the VPLS network act as ACs for the EVPN VPLS network. When PE 2 or PE 3 receives packets from the UPWs, it decapsulates MPLS encapsulation from the packets and looks up the MAC address table for a matching EVPN PW. Then, the PE adds MPLS encapsulation to the packets based on the EVPN PW and forwards the packets to PE 4. When PE 2 or PE 3 receives packets from an EVPN PW, it uses the same procedure to process the packets.

Figure 9 LDP or static PW ACs for EVPN PWs

EVPN VPLS tasks at a glance

To configure EVPN VPLS, perform the following tasks:

1. Configuring a VSI

a. Creating a VSI

b. (Optional.) Configure VSI parameters

2. Configuring an EVPN instance

3. Mapping ACs to a VSI

¡ Mapping a Layer 3 interface to a VSI

¡ Mapping an Ethernet service instance to a VSI

4. Configuring BGP to advertise BGP EVPN routes

a. Enabling BGP to advertise BGP EVPN routes

b. Enabling advertisement of MPLS-encapsulated BGP EVPN routes

c. (Optional.) Configuring optimal route selection and route advertisement settings

d. (Optional.) Maintaining BGP sessions

5. (Optional.) Configuring a PW class

6. (Optional.) Configuring EVPN VPLS multihoming

a. Assigning an ESI to an interface

b. (Optional.) Configuring the DF election algorithm

c. (Optional.) Setting the DF election delay

d. (Optional.) Setting the advertisement delay timer for Ethernet auto-discovery routes

e. (Optional.) Configuring local FRR for EVPN VPLS

f. (Optional.) Generating MAC address entries for received MAC/IP advertisement routes

g. (Optional.) Enabling VSIs to ignore the state of ACs

h. (Optional.) Disabling advertisement of EVPN multihoming routes

i. (Optional.) Ignoring the Ethernet tag on advertisement of Ethernet auto-discovery and MAC/IP advertisement routes

j. (Optional.) Enabling the device to monitor the BGP peer status of another local edge device

7. (Optional.) Managing remote MAC address entries and remote ARP learning

¡ Disabling MAC address advertisement

¡ Disabling learning of MAC addresses from ARP information

¡ Disabling ARP information advertisement

8. (Optional.) Enabling conversational learning for remote ARP entries

9. (Optional.) Enabling EVPN E-tree

10. (Optional.) Optimizing and maintaining an EVPN VPLS network:

¡ Confining floods to the local site

¡ Enabling ARP flood suppression

¡ Enabling packet statistics for an AC

¡ Enabling SNMP notifications for L2VPN PW

Restrictions and guidelines: EVPN VPLS configuration

EVPN VPLS is mutually exclusive with EVPN-DCI dualhoming. Do not use the evpn edge group command in an EVPN VPLS network. For more information about EVPN-DCI dualhoming and the evpn edge group command, see "Configuring EVPN-DCI."

Configuring a VSI

Creating a VSI

1. Enter system view.

system-view

2. Enable L2VPN.

l2vpn enable

By default, L2VPN is disabled.

3. Create a VSI and enter VSI view.

vsi vsi-name

4. Bring up the VSI.

undo shutdown

By default, a VSI is not administratively down.

Configure VSI parameters

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Configure a VSI description.

description text

By default, a VSI does not have a description.

4. Set the MTU of the VSI.

mtu mtu

The default MTU for a VSI is 1500 bytes.

5. Set the maximum bandwidth for known unicast traffic of the VSI.

bandwidth bandwidth

By default, the maximum bandwidth is not limited for known unicast traffic of a VSI.

6. Set the broadcast, multicast, or unknown unicast bandwidth restraints of the VSI.

restrain { broadcast | multicast | unknown-unicast } bandwidth

The default for this command varies by device model.

7. Configure MAC address learning features for the VSI:

a. Enable MAC address learning for the VSI.

mac-learning enable

By default, MAC address learning is enabled for a VSI.

b. (Optional.) Set a limit for the VSI's MAC address table.

mac-table limit mac-limit

By default, no limit is set for a VSI's MAC address table.

c. (Optional.) Enable the VSI to drop source-unknown unicast frames if the MAC address table is full.

mac-table limit drop-unknown

By default, the VSI forwards source-unknown unicast frames without learning the source MAC address if the MAC address table is full.

Configuring an EVPN instance

About this task

The BGP EVPN routes advertised by a PE carry the RD and route targets configured for the EVPN instance of the routes.

You can configure routing policies in VSI EVPN instance view. An import routing policy is used for filtering the BGP EVPN routes received by the EVPN instance, and an export routing policy is used for filtering the BGP EVPN routes advertised by the EVPN instance.

Restrictions and guidelines

You can bind a VSI only to one EVPN instance.

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Create an EVPN instance and enter VSI EVPN instance view.

evpn encapsulation mpls

4. Configure an RD for the EVPN instance.

route-distinguisher route-distinguisher

By default, no RD is configured for an EVPN instance.

5. Configure route targets for the EVPN instance.

vpn-target { vpn-target&<1-8> | auto } [ both | export-extcommunity | import-extcommunity ]

By default, an EVPN instance does not have route targets.

Parameter	Description
export-extcommunity	Do not specify the same export targets for the EVPN instances of different VSIs. Do not specify the same export targets for the EVPN instances created in different views (system view, VSI view, VPN instance view, public instance view, and cross-connect group view). As a best practice, the export targets configured for the following objects do not match the import targets configured for the EVPN instances created in cross-connect group view: · VPN instances. · The public instance. · EVPN instances created in VSI view, VPN instance view, and public instance view.
import-extcommunity	As a best practice, the import targets configured for the following objects do not match the export targets configured for the EVPN instances created in cross-connect group view: · VPN instances. · The public instance. · EVPN instances created in VSI view, VPN instance view, and public instance view.

Parameter

Description

export-extcommunity

Do not specify the same export targets for the EVPN instances of different VSIs.

Do not specify the same export targets for the EVPN instances created in different views (system view, VSI view, VPN instance view, public instance view, and cross-connect group view).

As a best practice, the export targets configured for the following objects do not match the import targets configured for the EVPN instances created in cross-connect group view:

· VPN instances.

· The public instance.

· EVPN instances created in VSI view, VPN instance view, and public instance view.

import-extcommunity

As a best practice, the import targets configured for the following objects do not match the export targets configured for the EVPN instances created in cross-connect group view:

· VPN instances.

· The public instance.

· EVPN instances created in VSI view, VPN instance view, and public instance view.

6. (Optional.) Apply a PW class to the EVPN instance.

pw-class class-name

By default, no PW class is applied to an EVPN instance.

The specified PW class applies to all PWs in the EVPN instance.

7. (Optional.) Apply a tunnel policy to the EVPN instance.

tunnel-policy tunnel-policy-name

By default, no tunnel policy is applied to an EVPN instance.

8. (Optional.) Apply an export routing policy to the EVPN instance.

export route-policy route-policy

By default, no export routing policy is applied to an EVPN instance. The EVPN instance does not filter advertised routes.

9. (Optional.) Apply an import routing policy to the EVPN instance.

import route-policy route-policy

By default, no import routing policy is applied to an EVPN instance. The EVPN instance accepts a route when the export route targets of the route match local import route targets.

Mapping ACs to a VSI

Mapping a Layer 3 interface to a VSI

About this task

To assign the customer traffic on a Layer 3 interface to a VSI, map that interface to the VSI. The VSI uses its MAC address table to forward the customer traffic.

For more information about the commands in this task, see VPLS in MPLS Command Reference.

Procedure

1. Enter system view.

system-view

2. Enter Layer 3 interface view.

interface interface-type interface-number

3. Map the Layer 3 interface to a VSI.

xconnect vsi vsi-name [ access-mode { ethernet | vlan } ] [ track track-entry-number&<1-3> ]

By default, a Layer 3 interface is not mapped to a VSI.

Mapping an Ethernet service instance to a VSI

About this task

An Ethernet service instance matches a list of VLANs on a site-facing interface by using a frame match criterion. The frame match criterion specifies the characteristics of traffic from the VLANs, such as tagging status and VLAN IDs. The PE assigns traffic from the VLANs to a VSI by mapping the Ethernet service instance to the VSI. The VSI performs Layer 2 forwarding for the VLANs based on its MAC address table.

For more information about the commands in this task, see VPLS in MPLS Command Reference.

Restrictions and guidelines

An Ethernet service instance can contain only one match criterion. To change the match criterion, you must remove the original criterion first. When you remove the match criterion in an Ethernet service instance, the mapping between the service instance and the VSI is removed automatically.

Procedure

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 2 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 2 aggregate interface view.

interface bridge-aggregation interface-number

3. Create an Ethernet service instance and enter Ethernet service instance view.

service-instance instance-id

4. Choose one option to configure a frame match criterion.

¡ Match frames with the specified inner VLAN tags.

encapsulation c-vid { vlan-id | vlan-id-list }

¡ Match frames with the specified outer VLAN tags.

encapsulation s-vid { vlan-id | vlan-id-list } [ only-tagged ]

¡ Match frames with the specified inner and outer VLAN tags.

encapsulation s-vid vlan-id c-vid { vlan-id-list | all }

¡ Match any VLAN tagged or untagged frames.

encapsulation { tagged | untagged }

¡ Match frames that do not match any other service instance on the interface.

encapsulation default

An interface can contain only one Ethernet service instance that uses the default match criterion.

An Ethernet service instance that uses the default match criterion matches any frames if it is the only instance on the interface.

By default, an Ethernet service instance does not contain a frame match criterion.

5. Map the Ethernet service instance to a VSI.

xconnect vsi vsi-name [ access-mode { ethernet | vlan } ] [ track track-entry-number&<1-3> ]

By default, an Ethernet service instance is not mapped to a VSI.

Configuring BGP to advertise BGP EVPN routes

Restrictions and guidelines for BGP EVPN route advertisement

For more information about BGP commands in this task, see Layer 3—IP Routing Command Reference.

Enabling BGP to advertise BGP EVPN routes

1. Enter system view.

system-view

2. Configure a global router ID.

router id router-id

By default, no global router ID is configured.

3. Enable a BGP instance and enter BGP instance view.

bgp as-number [ instance instance-name ]

By default, BGP is disabled and no BGP instances exist.

4. Specify remote PEs as BGP peers.

peer { group-name | ipv4-address [ mask-length ] } as-number as-number

5. Create the BGP EVPN address family and enter BGP EVPN address family view.

address-family l2vpn evpn

6. Enable BGP to exchange BGP EVPN routes with a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } enable

By default, BGP does not exchange BGP EVPN routes with peers.

Enabling advertisement of MPLS-encapsulated BGP EVPN routes

About this task

Perform this task on PEs for them to establish PWs.

Procedure

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP EVPN address family view.

address-family l2vpn evpn

4. Enable MPLS encapsulation for the BGP EVPN routes advertised to a peer or peer group.

peer { group name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } advertise encap-type mpls

By default, BGP EVPN routes use VXLAN encapsulation.

Configuring optimal route selection and route advertisement settings

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP EVPN address family view.

address-family l2vpn evpn

4. Permit the local AS number to appear in routes from a peer or peer group and set the number of appearances.

peer { group-name | ipv4-address [ mask-length ] } allow-as-loop [ number ]

By default, the local AS number is not allowed in routes from peers.

5. Enable route target filtering for BGP EVPN routes.

policy vpn-target

By default, route target filtering is enabled for BGP EVPN routes.

6. Set a high priority for BGP routes learned from a peer or peer group during optimal route selection.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } high-priority

By default, BGP does not prefer routes learned from any peer or peer groups during optimal route selection.

7. Configure BGP route reflection settings:

a. Configure the device as an RR and specify a peer or peer group as its client.

peer { group-name | ipv4-address [ mask-length ] } reflect-client

By default, no RR or client is configured.

b. (Optional.) Enable BGP EVPN route reflection between clients.

reflect between-clients

By default, BGP EVPN route reflection between clients is enabled.

c. (Optional.) Configure the cluster ID of the RR.

reflector cluster-id { cluster-id | ipv4-address }

By default, an RR uses its own router ID as the cluster ID.

d. (Optional.) Create a reflection policy for the RR to filter reflected BGP EVPN routes.

rr-filter { ext-comm-list-number | ext-comm-list-name }

By default, an RR does not filter reflected BGP EVPN routes.

e. (Optional.) Create a reflection policy for the RR to filter reflected BGP EVPN routes.

reflect change-path-attribute

By default, an RR does not filter reflected BGP EVPN routes.

8. Configure the device to not change the next hop of routes advertised to an EBGP peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } next-hop-invariable

By default, the device uses its address as the next hop of routes advertised to EBGP peers.

9. Apply a routing policy to routes received from or advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } route-policy route-policy-name { export | import }

By default, no routing policies are applied to routes received from or advertised to peers or peer groups.

10. Advertise the COMMUNITY attribute to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } advertise-community

By default, the COMMUNITY attribute is not advertised to a peer or peer group.

11. Configure the BGP additional path feature.

¡ Configure the BGP additional path capabilities.

peer { group-name | ipv4-address [ mask-length ] } additional-paths { receive | send } *

By default, no BGP additional path capabilities are configured.

¡ Set the maximum number of Add-Path optimal routes that can be advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } advertise additional-paths best number

By default, a maximum number of one Add-Path optimal route can be advertised to a peer or peer group.

¡ Set the maximum number of Add-Path optimal routes that can be advertised to all peers.

additional-paths select-best best-number

By default, a maximum number of one Add-Path optimal route can be advertised to all peers.

Maintaining BGP sessions

Perform the following tasks in user view:

· Reset BGP sessions of the BGP EVPN address family.

reset bgp [ instance instance-name ] { as-number | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | all | external | group group-name | internal } l2vpn evpn

· Soft-reset BGP sessions of the BGP EVPN address family.

refresh bgp [ instance instance-name ] { ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | all | external | group group-name | internal } { export | import } l2vpn evpn

Configuring a PW class

About this task

In a PW class, you can configure PW attributes such as the PW data encapsulation type, and whether to enable control word. To simplify PW attribute configuration for PWs, you can configure a PW class and apply the PW class to the PWs.

Restrictions and guidelines

Make sure the same data encapsulation type is configured for the two PEs that are connected by the same PW.

For correct PW setup, make sure the status of the control word feature is the same on the two PEs that are connected by the same PW.

For more information about PW class commands, see MPLS L2VPN in MPLS Command Reference.

Procedure

1. Enter system view.

system-view

2. Create a PW class and enter PW class view.

pw-class class-name

3. Enable control word.

control-word enable

By default, control word is disabled.

4. Specify the PW data encapsulation type.

pw-type { ethernet | vlan }

By default, the PW data encapsulation type is VLAN.

Support for parameters in this command depends on device model.

Configuring EVPN VPLS multihoming

Restrictions and guidelines for EVPN VPLS multihoming

In a multihomed site, AC configuration must be consistent on redundant PEs of the same ES.

You can assign an ESI to a main interface or a subinterface.

· For a subinterface, the ESI assigned to the subinterface takes precedence over that assigned to its main interface. If an ESI is assigned to a subinterface, the ES-related settings configured on the subinterface take effect, including the evpn df-election algorithm, evpn df-election preference, evpn df-election preference non-revertive, and evpn timer es-delay commands.

· If you assign an ESI only to a main interface, its subinterfaces inherit the ESI and ES settings of the main interface. The ES-related settings configured on the subinterface cannot take effect.

Assigning an ESI to an interface

About this task

An ESI uniquely identifies an ES. The links on interfaces with the same ESI belong to the same ES. Traffic of the ES can be distributed among the links for load sharing.

Procedure

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 2 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 2 aggregate interface view.

interface bridge-aggregation interface-number

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Assign an ESI to the interface.

esi esi-id

By default, no ESI is assigned to an interface.

Configuring the DF election algorithm

About this task

At a multihomed EVPN network site, you can modify the DF election algorithm to control the DF election result.

Restrictions and guidelines

You can configure the DF election algorithm in system view and in interface view. The global DF election algorithm takes effect on all ESs, and the interface-specific DF election algorithm takes effect only on the ESs on an interface. The interface-specific DF election algorithm takes precedence over the global DF election algorithm.

Configuring the DF election algorithm globally

1. Enter system view.

system-view

2. Configure the DF election algorithm.

evpn df-election algorithm algorithm

By default, the VLAN tag-based algorithm is used for DF election.

Configuring the DF election algorithm on an interface

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 2 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 2 aggregate interface view.

interface bridge-aggregation interface-number

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Configure the DF election algorithm.

evpn df-election algorithm algorithm

By default, the DF election algorithm specified in system view takes effect.

Configuring parameters for preference-based DF election

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 2 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 2 aggregate interface view.

interface bridge-aggregation interface-number

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Set the DF election preference.

evpn df-election preference preference

By default, the DF election preference is 32767.

The larger the value, the higher the preference.

4. (Optional.) Enable non-revertive mode for preference-based DF election.

evpn df-election preference non-revertive

By default, non-revertive mode is disabled for preference-based DF election.

Setting the DF election delay

About this task

The DF election can be triggered by site-facing interface status changes, redundant PE membership changes, and interface ESI changes. To prevent frequent DF elections from degrading network performance, set the DF election delay. The DF election delay defines the minimum interval allowed between two DF elections.

Procedure

1. Enter system view.

system-view

2. Set the DF election delay.

evpn multihoming timer df-delay delay-value

By default, the DF election delay is 3 seconds.

Setting the advertisement delay timer for Ethernet auto-discovery routes

About this task

The advertisement delay timer for Ethernet auto-discovery routes helps reduce the traffic loss caused by a PE reboot at a multihomed EVPN VPLS network site.

At a multihomed EVPN VPLS network site, CE 1 is dualhomed to PE 1 and PE 2 through an aggregate link or smart trunk, and PE 3 is at a remote site. PE 1 forwards all traffic sent from CE 1 to the remote site, and PE 3 forwards the traffic that the remote site sends to CE 1 to both PE 1 and PE 2. When PE 1 reboots, it advertises Ethernet auto-discovery routes that carry next hop information to PE 3. If PE 3 has not received the MAC/IP advertisement routes advertised by PE 2 when receiving the Ethernet auto-discovery routes, it will forward traffic to both PE 1 and PE 2. In this situation, PE 1 does not have MAC address entries for CE 1 and drops the traffic.

To resolve this issue, set the advertisement delay timer for Ethernet auto-discovery routes on the CE-facing interface of PE 1. This timer allows PE 3 to receive the MAC/IP advertisement routes advertised by PE 2 before the Ethernet auto-discovery routes advertised by PE 1 and update its MAC address table timely.

Procedure

1. Enter system view.

system-view

2. Enable interface view.

interface interface-type interface-number

3. Set the advertisement delay timer for Ethernet auto-discovery routes.

evpn timer ad-delay delay-time

By default, advertisement of Ethernet auto-discovery routes is not delayed.

Configuring local FRR for EVPN VPLS

About this task

Local fast reroute (FRR) enables two PEs at a multihomed EVPN VPLS network site to set up a PW between them. This feature helps reduce the traffic loss caused by AC failure.

Restrictions and guidelines

On an EVPN instance, EVPN instance-specific local FRR configuration takes precedence over global local FRR configuration.

If you have executed the evpn frr local enable command on an EVPN instance, the undo evpn multihoming vpls-frr local command does not disable local FRR for the EVPN instance.

Perform this task on redundant PEs at a multihomed EVPN VPLS network site.

Enabling local FRR globally

1. Enter system view.

system-view

2. Enable local FRR globally for EVPN VPLS.

evpn multihoming vpls-frr local

By default, local FRR is disabled globally for EVPN VPLS.

Configuring local FRR on an EVPN instance created in VSI view

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter VSI EVPN instance view.

evpn encapsulation mpls

4. Configure local FRR on the EVPN instance.

evpn frr local { disable | enable }

By default, an EVPN instance uses the global local FRR configuration of EVPN VPLS.

Generating MAC address entries for received MAC/IP advertisement routes

About this task

This task helps reduce the traffic loss caused by AC failure at a dualhomed EVPN VPLS network site.

At a multihomed EVPN VPLS network site, CE 1 is dualhomed to PE 1 and PE 2 through an aggregate link or smart trunk, and PE 3 is at a remote site. PE 1 forwards all traffic sent from CE 1 to the remote site, and PE 3 forwards the traffic that the remote site sends to CE 1 to both PE 1 and PE 2. When the AC on PE 1 fails, PE 1 withdraws the MAC/IP advertisement routes advertised to PE 2 and PE 3. In this situation, PE 3 does not have MAC address entries for CE 1 until PE 2 learns MAC address entries for CE 1 and advertises them to PE 3. As a result, traffic interruption occurs.

To resolve this issue, perform this task on PE 2. When receiving the MAC/IP advertisement routes advertised by PE 1, PE 2 generates MAC address entries for the routes and advertises the entries to PE 3. PE 3 can use those MAC address entries to forward traffic to CE 1 when the AC on PE 1 fails.

Prerequisites

You must enable FRR for EVPN VPLS before you perform this task.

Procedure

1. Enter system view.

system-view

2. Enable the device to generate MAC address entries for received MAC/IP advertisement routes.

evpn multihoming re-originated mac

By default, the device does not generate MAC address entries for received MAC/IP advertisement routes.

Enabling VSIs to ignore the state of ACs

About this task

This task helps reduce the traffic loss caused by AC failure at a multihomed EVPN VPLS network site that uses single-active redundancy mode.

At a multihomed EVPN VPLS network site that uses single-active redundancy mode, CE 1 is dualhomed to PE 1 and PE 2 through a smart trunk. PE 1 is the primary PE, and PE 2 is the secondary PE. When the AC on PE 1 fails, PE 1 and PE 2 act as follows:

· PE 1 withdraws advertised Ethernet auto-discovery routes.

· PE 2 brings up its AC and advertises Ethernet auto-discovery routes to remote PEs.

The remote PEs switch traffic to the paths to PE 2 only after receiving the Ethernet auto-discovery routes advertised by PE 2, and traffic loss occurs during path switchover. To resolve this issue, enable VSIs to ignore the state of ACs on PE 2. This feature allows PE 2 to advertise Ethernet auto-discovery routes to remote PEs regardless of the state of ACs and speeds up path switchover when the AC on PE 1 fails.

Restrictions and guidelines for AC state ignore configuration

On a VSI, VSI-specific AC state ignore configuration takes precedence over global AC state ignore configuration.

If you have executed the ignore-ac-state enable command on a VSI, the undo l2vpn ignore-ac-state command does not disable the VSI from ignoring the state of ACs.

Perform this task together with the feature of generating MAC address entries for received MAC/IP advertisement routes.

Enabling VSIs to ignore the state of ACs globally

1. Enter system view.

system-view

2. Enable VSIs to ignore the state of ACs globally.

l2vpn ignore-ac-state

By default, VSIs does not ignore the state of ACs.

Configuring a VSI to ignore the state of ACs

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enable a VSI to ignore the state of ACs or disable a VSI from ignoring the state of ACs.

ignore-ac-state { enable | disable }

By default, a VSI uses the global AC state ignore configuration.

Disabling advertisement of EVPN multihoming routes

About this task

EVPN multihoming routes include Ethernet auto-discovery routes and Ethernet segment routes.

In a multihomed EVPN network, perform this task on a redundant PE before you reboot it. This operation allows other PEs to refresh their EVPN routing table to prevent traffic interruption caused by the reboot.

Procedure

1. Enter system view.

system-view

2. Disable advertisement of EVPN multihoming routes and withdraw the EVPN multihoming routes that have been advertised to remote sites.

evpn multihoming advertise disable

By default, the device advertises EVPN multihoming routes.

Ignoring the Ethernet tag on advertisement of Ethernet auto-discovery and MAC/IP advertisement routes

About this task

Perform this task on the redundant PEs at a dualhomed site.

This task enables the device to perform the following operations:

· Withdraw the Ethernet auto-discovery routes and MAC/IP advertisement routes that have been advertised.

· Set the Ethernet tag to 0 for the Ethernet auto-discovery routes and MAC/IP advertisement routes and re-advertise them.

After you configure ESIs for ACs on the redundant PEs at a dualhomed site, the PEs carry Ethernet tags in Ethernet auto-discovery and MAC/IP advertisement routes advertised to remote sites. If the remote peers are unable to identify Ethernet tags, you must perform this task on the redundant PEs to enable communication with the peers.

Restrictions and guidelines

After you assign an ESI to a Layer 2 Ethernet or aggregate interface, you must map the Ethernet service instances created on the interface to different VSIs. If two interfaces use the same ESI, you must map the Ethernet service instances created on them to different VSIs.

After you assign an ESI to a Layer 3 main interface, its subinterfaces inherit the ESI if they do not have one. In addition, you must map two subinterfaces to different VSIs if the subinterfaces have the same ESI.

Procedure

1. Enter system view.

system-view

2. Enable the device to ignore the Ethernet tag when advertising Ethernet auto-discovery routes and MAC/IP advertisement routes.

evpn multihoming advertise ignore-ethernet-tag

By default, the device advertises Ethernet auto-discovery routes and MAC/IP advertisement routes that carry Ethernet tags.

Enabling the device to monitor the BGP peer status of another local edge device

About this task

Perform this task on the CE-facing interfaces of the edge devices multihomed to a site to prevent device reboots from causing inter-site forwarding failure.

This task excludes unavailable edge devices from DF election at a multihomed site. After an edge device recovers from failure and brings up its CE-facing interface, it starts the advertisement delay timer for Ethernet segment routes and checks the status of the BGP peer specified in the evpn track peer command. If the BGP peer comes up before the timer expires, the edge device advertises Ethernet segment routes to the peer. If the BGP peer is still down when the timer expires, the edge device does not advertise Ethernet segment routes to the peer. The edge devices then perform DF election based on the Ethernet segment routes they have received.

Procedure

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 2 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 2 aggregate interface view.

interface bridge-aggregation interface-number

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Enable the device to monitor the BGP peer status of another local edge device.

evpn track peer peer-address

By default, the device does not monitor the BGP peer status of the other edge devices at a multihomed site.

4. Set the advertisement delay timer for Ethernet segment routes.

evpn timer es-delay delay-time

By default, advertisement of Ethernet segment routes is not delayed.

Managing remote MAC address entries and remote ARP learning

Disabling MAC address advertisement

About this task

The MAC information and ARP information advertised by the PE overlap. To avoid duplication, disable MAC address advertisement and withdraw the MAC addresses advertised to remote PEs.

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter VSI EVPN instance view.

evpn encapsulation mpls

4. Disable MAC address advertisement and withdraw advertised MAC addresses.

mac-advertising disable

By default, MAC address advertisement is enabled.

Disabling learning of MAC addresses from ARP information

About this task

The MAC information and ARP information advertised by a remote PE overlap. To avoid duplication, disable the learning of MAC addresses from ARP information. EVPN will learn remote MAC addresses only from the MAC information advertised from remote sites.

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter VSI EVPN instance view.

evpn encapsulation mpls

4. Disable the EVPN instance from learning MAC addresses from ARP information.

arp mac-learning disable

By default, an EVPN instance learns MAC addresses from ARP information.

Disabling ARP information advertisement

About this task

In an EVPN VPLS network, you can disable ARP information advertisement for an EVPN instance to save resources if all user terminals in the EVPN instance are attached to one PE. The EVPN instance will stop advertising ARP information through MAC/IP advertisement routes and withdraw advertised ARP information.

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter VSI EVPN instance view.

evpn encapsulation mpls

4. Disable ARP information advertisement for the EVPN instance.

arp-advertising disable

By default, ARP information advertisement is enabled for an EVPN instance.

Enabling conversational learning for remote ARP entries

About this task

By default, the device issues a remote ARP entry to the hardware after the ARP information is advertised to the local site by BGP EVPN routes. This feature enables the device to issue a remote ARP entry to the hardware only when the entry is required for packet forwarding. This feature saves hardware resources on the device.

After you enable this feature, the device periodically examines whether the ARP entries are used for packet forwarding. An ARP entry is deleted if its aging timer expires.

When a large number of remote ARP entries exist, set an appropriate aging timer to avoid traffic interruption caused by the aging of ARP entries. As a best practice, set the aging timer value higher than or equal to the number of remote ARP entries divided by 200.

Restrictions and guidelines

Use this feature only on an EVPN network.

Procedure

1. Enter system view.

system-view

2. Enable conversational learning for remote ARP entries.

arp forwarding-conversational-learning [ aging aging-time ]

By default, conversational learning is disabled for remote ARP entries.

Enabling EVPN E-tree

About this task

Use EVPN E-tree to isolate traffic between ACs based on the AC roles. This feature can better control AC access and improve security.

Restrictions and guidelines

Inter-site EVPN E-tree controls communication between local ACs and remote ACs. You do not need to enable this feature if you want to control communication between local ACs.

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter VSI EVPN instance view.

evpn encapsulation mpls

4. Enable inter-site EVPN E-tree.

e-tree enable

By default, inter-site EVPN E-tree is disabled.

5. Return to system view.

quit

6. Execute the following commands to configure a Layer 3 interface as a leaf AC:

a. Enter Layer 3 interface view.

interface interface-type interface-number

b. Configure the AC as a leaf AC.

xconnect vsi vsi-name leaf

If you do not specify the leaf keyword for an AC, the AC acts as a root AC.

7. Execute the following commands to configure an Ethernet service instance as a leaf AC:

a. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view.

interface interface-type interface-number

b. Enter Ethernet service instance view.

service-instance instance-id

c. Configure the AC as a leaf AC.

xconnect vsi vsi-name leaf

If you do not specify the leaf keyword for an AC, the AC acts as a root AC.

Configuring LDP or static PWs as ACs for EVPN PWs

About LDP or static PW AC configuration for EVPN PWs

Use this feature to ensure that a VPLS network and an EVPN VPLS network can communicate with each other.

Restrictions and guidelines for LDP or static PW AC configuration for EVPN PWs

As a best practice, set the same redundancy mode for the UPWs that use the same ESI at a multihomed site.

If the all-active redundancy mode is used at a multihomed site, you must enable the dual receive feature for PW redundancy on the multihomed PEs. To enable this feature, use the protection dual-receive command.

Prerequisites for LDP or static PW AC configuration for EVPN PWs

Complete the following tasks:

· In the VPLS network, complete VPLS settings on the PEs and set up LDP or static PWs.

· In the EVPN VPLS network, complete EVPN VPLS settings on the PEs and set up EVPN PWs.

Configuring LDP PWs as ACs for EVPN PWs

Restrictions and guidelines

The data encapsulation type of an LDP PW must be the same as the access mode of the ACs mapped to the same VSI as the LDP PW. If they are different, perform one of the following tasks:

· Use the pw-type command on the PW class to which the LDP PW belongs to change the PW data encapsulation type.

· Use the xconnect vsi command on the ACs and specify the access-mode parameter in the command to change the access mode of the ACs.

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter VSI EVPN instance view.

evpn encapsulation mpls

4. Return to VSI view.

quit

5. Configure the VSI to use LDP to establish LDP PWs, and enter VSI LDP signaling view.

pwsignaling ldp

By default, no PW signaling protocol is specified for a VSI.

6. Configure a VSI LDP PW, disables split horizon forwarding for the PW, and enter VSI LDP PW view.

peer ip-address [ pw-id pw-id ] no-split-horizon [ hub | ignore-standby-state | pw-class class-name | tunnel-policy tunnel-policy-name ] *

The LDP PW configured by using this command is called an UPW, which acts as an AC for the EVPN VPLS network.

For more information about this command, see VPLS commands in MPLS Command Reference.

7. (Optional.) Assign an ESI to the UPW.

esi esi-id

By default, no ESI is assigned to an UPW.

At a multihomed site, use this command on the PEs in the VPLS and EVPN VPLS networks.

For more information about this command, see EVPN commands in EVPN Command Reference.

8. (Optional.) Set the redundancy mode of the UPW.

evpn redundancy-mode { all-active | single-active }

By default, the redundancy mode is all-active.

At a multihomed site, use this command on the PEs in the VPLS and EVPN VPLS networks.

For more information about this command, see EVPN commands in EVPN Command Reference.

9. Configure a VSI LDP backup PW and enter its view.

backup-peer ip-address [ pw-id pw-id ] [ pw-class class-name | tunnel-policy tunnel-policy-name ] *

At a multihomed site, use this command on the multihomed PEs.

For more information about this command, see VPLS commands in MPLS Command Reference.

Configuring static PWs as ACs for EVPN PWs

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter VSI EVPN instance view.

evpn encapsulation mpls

4. Return to VSI view.

quit

5. Configure the VSI to establish static PWs and enter VSI static configuration view.

pwsignaling static

By default, no PW signaling protocol is specified for a VSI.

6. Configure a static PW, disable split horizon forwarding for the PW, and enter VSI static PW view.

peer ip-address [ pw-id pw-id ] in-label label-value out-label label-value no-split-horizon [ hub | pw-class class-name | tunnel-policy tunnel-policy-name ] *

The static PW configured by using this command is called an UPW, which acts as an AC for the EVPN VPLS network.

For more information about this command, see VPLS commands in MPLS Command Reference.

7. (Optional.) Assign an ESI to the UPW.

esi esi-id

By default, no ESI is assigned to an UPW.

At a multihomed site, use this command on the PEs in the VPLS and EVPN VPLS networks.

For more information about this command, see EVPN commands in EVPN Command Reference.

8. (Optional.) Set the redundancy mode of the UPW.

evpn redundancy-mode { all-active | single-active }

By default, the redundancy mode is all-active.

At a multihomed site, use this command on the PEs in the VPLS and EVPN VPLS networks.

For more information about this command, see EVPN commands in EVPN Command Reference.

9. Configure a VSI static backup PW and enter its view.

backup-peer ip-address [ pw-id pw-id ] in-label label-value out-label label-value [ pw-class class-name | tunnel-policy tunnel-policy-name ] *

At a multihomed site, use this command on the multihomed PEs.

For more information about this command, see VPLS commands in MPLS Command Reference.

Confining floods to the local site

About this task

By default, the PE floods broadcast, unknown unicast, and unknown multicast frames received from the local site to the following interfaces in the frame's VSI:

· All site-facing interfaces except for the incoming interface.

· All PWs.

To confine a kind of flood traffic to the site-facing interfaces, disable flooding for that kind of flood traffic on the VSI. The VSI will not flood the corresponding frames to PWs.

To exclude a remote MAC address from the flood suppression done by using this feature, enable selective flood for the MAC address. The PE will flood the frames destined for the MAC address to remote sites.

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Disable flooding for the VSI.

flooding disable

By default, flooding is enabled for a VSI.

4. (Optional.) Enable selective flood for a MAC address.

selective-flooding mac-address mac-address

Enabling ARP flood suppression

About this task

Use ARP flood suppression to reduce ARP request broadcasts.

The aging timer is fixed at 25 minutes for ARP flood suppression entries. If the flooding disable command is configured, set the MAC aging timer to a higher value than the aging timer for ARP flood suppression entries on all PEs. This setting prevents the traffic blackhole that occurs when a MAC address entry ages out before its ARP flood suppression entry ages out. To set the MAC aging timer, use the mac-address timer command.

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enable ARP flood suppression.

arp suppression enable

By default, ARP flood suppression is disabled.

Enabling packet statistics for an AC

Restrictions and guidelines for AC packet statistics

For the ac statistics enable command to take effect on a Layer 3 interface, you must map the Layer 3 interface to a VSI. When you modify the VSI mapping, the packet statistics of the interface are cleared. To display the statistics, use the display l2vpn interface verbose command.

For the statistics enable command to take effect on an Ethernet service instance, you must configure a frame match criterion for the Ethernet service instance and map it to a VSI. When you modify the frame match criterion or VSI mapping, the packet statistics of the instance are cleared. To display the statistics, use the display l2vpn service-instance verbose command.

To clear packet statistics for ACs, use the reset l2vpn statistics ac command.

Enabling packet statistics for a Layer 3 interface

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Enable packet statistics for the Layer 3 interface.

ac statistics enable

By default, the packet statistics feature is disabled for Layer 3 interfaces that act as ACs.

Enabling packet statistics for an Ethernet service instance

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 2 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 2 aggregate interface view.

interface bridge-aggregation interface-number

3. Enter Ethernet service instance view.

service-instance instance-id

4. Enable packet statistics for the Ethernet service instance.

statistics enable

By default, the packet statistics feature is disabled for all Ethernet service instances.

Enabling SNMP notifications for L2VPN PWs

About this task

This feature enables L2VPN to generate SNMP notifications when PW deletions, PW switchovers, or PW status changes occur. For L2VPN event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

Procedure

1. Enter system view.

system-view

2. Enable SNMP notifications for L2VPN PWs.

snmp-agent trap enable l2vpn [ pw-delete | pw-switch | pw-up-down ] *

By default, SNMP notifications for L2VPN PWs are disabled.

For more information about this command, see VPLS commands in MPLS Command Reference.

Display and maintenance commands for EVPN VPLS

Execute display commands in any view and reset commands in user view.

For more information about the following BGP commands, see Layer 3—IP Routing Command Reference:

· display bgp group.

· display bgp peer.

· display bgp update-group.

Task	Command
Display BGP peer group information.	display bgp [ instance instance-name ] group l2vpn evpn [ group-name group-name ]
Display BGP EVPN routes.	display bgp [ instance instance-name ] l2vpn evpn [ peer { ipv4-address \| ipv6-address } { advertised-routes \| received-routes } [ statistics ] \| [ route-distinguisher route-distinguisher \| route-type { auto-discovery \| es \| imet \| mac-ip } ] * [ { evpn-route route-length \| evpn-prefix } [ advertise-info ] \| ipv4-address \| ipv6-address \| mac-address ] \| statistics ]
Display BGP peer or peer group information.	display bgp [ instance instance-name ] peer l2vpn evpn [ ipv4-address mask-length \| { ipv4-address \| group-name group-name } log-info \| [ ipv4-address ] verbose ]
Display information about BGP update groups.	display bgp [ instance instance-name ] update-group l2vpn evpn [ ipv4-address ]
Display information about peers that are automatically discovered through BGP.	display evpn auto-discovery { { imet \| mac-ip } [ mpls ] [ peer ip-address] [ vsi vsi-name ] \| macip-prefix [ nexthop next-hop ] [ count ] }
Display EVPN ES information.	display evpn es { local [ count \| [ vsi vsi-name ] [ esi esi-id ] [ verbose ] ] \| remote [ vsi vsi-name ] [ esi esi-id ] [ nexthop next-hop ] [ verbose ] }
Display EVPN ARP entries.	display evpn route arp [ local \| remote ] [ public-instance \| vpn-instance vpn-instance-name ] [ count ]
Display ARP flood suppression entries.	display evpn route arp suppression [ mpls \| vxlan ] [ local \| remote ] [ vsi vsi-name ] [ count ]
Display EVPN MAC address entries.	display evpn route mac [ mpls \| vxlan ] [ local \| remote ] [ vsi vsi-name ] [ count ]
Display the routing table for a VPN instance.	display evpn routing-table { public-instance \| vpn-instance vpn-instance-name } [ count ]
Display EVPN instance information.	display evpn instance [ vsi vsi-name ] [ verbose ]
Display site-facing interfaces excluded from traffic forwarding by split horizon.	Centralized devices: display l2vpn forwarding evpn split-horizon { ac interface interface-type interface-number \| ac interface interface-type interface-number service-instance instance-id \| tunnel tunnel-number } Distributed devices in standalone mode:Centralized IRF devices: display l2vpn forwarding evpn split-horizon { ac interface interface-type interface-number \| ac interface interface-type interface-number service-instance instance-id \| tunnel tunnel-number } [ slot slot-number [ cpu cpu-number ] ] Distributed devices in IRF mode: display l2vpn forwarding evpn split-horizon { ac interface interface-type interface-number \| ac interface interface-type interface-number service-instance instance-id \| tunnel tunnel-number } [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Display information about EVPN VPLS forwarding.	Centralized devices: display l2vpn forwarding evpn vsi [ name vsi-name ] [ verbose ] Distributed devices in standalone mode:Centralized IRF devices: display l2vpn forwarding evpn vsi [ name vsi-name ] [ slot slot-number [ cpu cpu-number ] ] [ verbose ] Distributed devices in IRF mode: display l2vpn forwarding evpn vsi [ name vsi-name ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] [ verbose ]

‌

EVPN VPLS configuration examples (on routers)

Example: Configuring EVPN VPLS between singlehomed sites

Network configuration

As shown in Figure 10, set up a path between PE 1 and PE 2 for the CEs in site 1 and site 2 to communicate through EVPN VPLS over the MPLS or IP backbone network.

Figure 10 Network diagram

‌

Device	Interface	IP address	Device	Interface	IP address
CE 1	GE1/0/1	10.1.1.10/24	P	Loop0	3.3.3.3/32
PE 1	Loop0	1.1.1.1/32		GE1/0/1	11.1.1.2/24
	GE1/0/1	N/A		GE1/0/2	11.1.2.2/24
	GE1/0/2	11.1.1.1/24	PE 2	Loop0	2.2.2.2/32
CE 2	GE1/0/1	10.1.1.20/24		GE1/0/1	N/A
				GE1/0/2	11.1.2.1/24

Procedure

1. Configure CE 1.

<CE1> system-view

[CE1] interface gigabitethernet 1/0/1

[CE1-GigabitEthernet1/0/1] ip address 10.1.1.10 24

[CE1-GigabitEthernet1/0/1] quit

2. Configure PE 1:

# Configure the LSR ID.

<PE1> system-view

[PE1] interface loopback 0

[PE1-LoopBack0] ip address 1.1.1.1 32

[PE1-LoopBack0] quit

[PE1] mpls lsr-id 1.1.1.1

# Enable L2VPN.

[PE1] l2vpn enable

# Enable global LDP.

[PE1] mpls ldp

[PE1-ldp] quit

# Configure GigabitEthernet 1/0/2 (the interface connected to the P device), and enable LDP on the interface.

[PE1] interface gigabitethernet 1/0/2

[PE1-GigabitEthernet1/0/2] ip address 11.1.1.1 24

[PE1-GigabitEthernet1/0/2] mpls enable

[PE1-GigabitEthernet1/0/2] mpls ldp enable

[PE1-GigabitEthernet1/0/2] quit

# Configure OSPF for LDP to create LSPs.

[PE1] ospf

[PE1-ospf-1] area 0

[PE1-ospf-1-area-0.0.0.0] network 11.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0

[PE1-ospf-1-area-0.0.0.0] quit

[PE1-ospf-1] quit

# Create an IBGP connection to PE 2, and enable BGP to advertise L2VPN information to PE 2.

[PE1] bgp 100

[PE1-bgp-default] peer 2.2.2.2 as-number 100

[PE1-bgp-default] peer 2.2.2.2 connect-interface loopback 0

[PE1-bgp-default] address-family l2vpn evpn

[PE1-bgp-default-evpn] peer 2.2.2.2 enable

[PE1-bgp-default-evpn] peer 2.2.2.2 advertise encap-type mpls

[PE1-bgp-default-evpn] quit

[PE1-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE1] vsi vpna

[PE1-vsi-vpna] evpn encapsulation mpls

[PE1-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE1-vsi-vpna-evpn-mpls] quit

[PE1-vsi-vpna] quit

# Map GigabitEthernet 1/0/1 (the interface connected to CE 1) to VSI vpna.

[PE1] interface gigabitethernet 1/0/1

[PE1-GigabitEthernet1/0/1] xconnect vsi vpna

[PE1-GigabitEthernet1/0/1] quit

3. Configure the P device:

# Configure the LSR ID.

<P> system-view

[P] interface loopback 0

[P-LoopBack0] ip address 3.3.3.3 32

[P-LoopBack0] quit

[P] mpls lsr-id 3.3.3.3

# Enable global LDP.

[P] mpls ldp

[P-ldp] quit

# Configure GigabitEthernet 1/0/1 (the interface connected to PE 1), and enable LDP on the interface.

[P] interface gigabitethernet 1/0/1

[P-GigabitEthernet1/0/1] ip address 11.1.1.2 24

[P-GigabitEthernet1/0/1] mpls enable

[P-GigabitEthernet1/0/1] mpls ldp enable

[P-GigabitEthernet1/0/1] quit

# Configure GigabitEthernet 1/0/2 (the interface connected to PE 2), and enable LDP on the interface.

[P] interface gigabitethernet 1/0/2

[P-GigabitEthernet1/0/2] ip address 11.1.2.2 24

[P-GigabitEthernet1/0/2] mpls enable

[P-GigabitEthernet1/0/2] mpls ldp enable

[P-GigabitEthernet1/0/2] quit

# Configure OSPF for LDP to create LSPs.

[P] ospf

[P-ospf-1] area 0

[P-ospf-1-area-0.0.0.0] network 11.1.1.0 0.0.0.255

[P-ospf-1-area-0.0.0.0] network 11.1.2.0 0.0.0.255

[P-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0

[P-ospf-1-area-0.0.0.0] quit

[P-ospf-1] quit

4. Configure PE 2:

# Configure the LSR ID.

<PE2> system-view

[PE2] interface loopback 0

[PE2-LoopBack0] ip address 2.2.2.2 32

[PE2-LoopBack0] quit

[PE2] mpls lsr-id 2.2.2.2

# Enable L2VPN.

[PE2] l2vpn enable

# Enable global LDP.

[PE2] mpls ldp

[PE2-ldp] quit

# Configure GigabitEthernet 1/0/2 (the interface connected to the P device), and enable LDP on the interface.

[PE2] interface gigabitethernet 1/0/2

[PE2-GigabitEthernet1/0/2] ip address 11.1.2.1 24

[PE2-GigabitEthernet1/0/2] mpls enable

[PE2-GigabitEthernet1/0/2] mpls ldp enable

[PE2-GigabitEthernet1/0/2] quit

# Configure OSPF for LDP to create LSPs.

[PE2] ospf

[PE2-ospf-1] area 0

[PE2-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0

[PE2-ospf-1-area-0.0.0.0] network 11.1.2.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] quit

[PE2-ospf-1] quit

# Create an IBGP connection to PE 1, and enable BGP to advertise L2VPN information to PE 1.

[PE2] bgp 100

[PE2-bgp-default] peer 1.1.1.1 as-number 100

[PE2-bgp-default] peer 1.1.1.1 connect-interface loopback 0

[PE2-bgp-default] address-family l2vpn evpn

[PE2-bgp-default-evpn] peer 1.1.1.1 enable

[PE2-bgp-default-evpn] peer 1.1.1.1 advertise encap-type mpls

[PE2-bgp-default-evpn] quit

[PE2-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE2] vsi vpna

[PE2-vsi-vpna] evpn encapsulation mpls

[PE2-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE2-vsi-vpna-evpn-mpls] quit

[PE2-vsi-vpna] quit

# Map GigabitEthernet 1/0/1 (the interface connected to CE 2) to VSI vpna.

[PE2] interface gigabitethernet 1/0/1

[PE2-GigabitEthernet1/0/1] xconnect vsi vpna

[PE2-GigabitEthernet1/0/1] quit

5. Configure CE 2.

<CE2> system-view

[CE2] interface gigabitethernet 1/0/1

[CE2-GigabitEthernet1/0/1] ip address 10.1.1.20 24

[CE2-GigabitEthernet1/0/1] quit

Verifying the configuration

# Verify that an EVPN PW has been established between PE 1 and PE 2.

[PE1] display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 1

1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI Name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

2.2.2.2 - 775127/775127 EVPN M 8 Up

# Display PW information on PE 2.

[PE2] display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 1

1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI Name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

1.1.1.1 - 775127/775127 EVPN M 8 Up

# Verify that CE 1 and CE 2 can ping each other. (Details not shown.)

Example: Configuring EVPN VPLS multihoming (access through aggregate links)

Network configuration

As shown in Figure 11, configure EVPN VPLS for dualhomed site 1 and singlehomed site 2 to communicate over the MPLS or IP backbone network.

Figure 11 Network diagram

‌

Device	Interface	IP address	Device	Interface	IP address
PE 1	Loop0	192.1.1.1/32	CE 1	RAGG1	100.1.1.1/24
	GE1/0/1	N/A	CE 2	GE1/0/1	100.1.1.2/24
	GE1/0/2	10.1.1.1/24	PE 3	Loop0	192.3.3.3/32
	GE1/0/3	10.1.3.1/24		GE1/0/1	N/A
PE 2	Loop0	192.2.2.2/32		GE1/0/2	10.1.1.2/24
	GE1/0/1	N/A		GE1/0/3	10.1.2.2/24
	GE1/0/2	10.1.2.1/24
	GE1/0/3	10.1.3.2/24

Procedure

1. Configure CE 1:

# Create static Layer 3 aggregate interface 1 and assign it an IP address.

<CE1> system-view

[CE1] interface route-aggregation 1

[CE1-Route-Aggregation1] ip address 100.1.1.1 24

[CE1-Route-Aggregation1] quit

# Assign GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2 to aggregation group 1.

[CE1] interface gigabitethernet 1/0/1

[CE1-GigabitEthernet1/0/1] port link-aggregation group 1

[CE1-GigabitEthernet1/0/1] quit

[CE1] interface gigabitethernet 1/0/2

[CE1-GigabitEthernet1/0/2] port link-aggregation group 1

[CE1-GigabitEthernet1/0/2] quit

2. Configure PE 1:

# Configure the LSR ID.

<PE1> system-view

[PE1] interface loopback 0

[PE1-LoopBack0] ip address 192.1.1.1 32

[PE1-LoopBack0] quit

[PE1] mpls lsr-id 192.1.1.1

# Enable L2VPN.

[PE1] l2vpn enable

# Enable global LDP.

[PE1] mpls ldp

[PE1-ldp] quit

# Configure GigabitEthernet 1/0/2 (the interface connected to PE 3), and enable LDP on the interface.

[PE1] interface gigabitethernet 1/0/2

[PE1-GigabitEthernet1/0/2] ip address 10.1.1.1 24

[PE1-GigabitEthernet1/0/2] mpls enable

[PE1-GigabitEthernet1/0/2] mpls ldp enable

[PE1-GigabitEthernet1/0/2] quit

# Configure GigabitEthernet 1/0/3 (the interface connected to PE 2), and enable LDP on the interface.

[PE1] interface gigabitethernet 1/0/3

[PE1-GigabitEthernet1/0/3] ip address 10.1.3.1 24

[PE1-GigabitEthernet1/0/3] mpls enable

[PE1-GigabitEthernet1/0/3] mpls ldp enable

[PE1-GigabitEthernet1/0/3] quit

# Configure OSPF for LDP to create LSPs.

[PE1] ospf

[PE1-ospf-1] area 0

[PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 192.1.1.1 0.0.0.0

[PE1-ospf-1-area-0.0.0.0] quit

[PE1-ospf-1] quit

# Create IBGP connections to PE 2 and PE 3, and enable BGP to advertise routes to PE 2 and PE 3.

[PE1] bgp 100

[PE1-bgp-default] peer 192.2.2.2 as-number 100

[PE1-bgp-default] peer 192.2.2.2 connect-interface loopback 0

[PE1-bgp-default] peer 192.3.3.3 as-number 100

[PE1-bgp-default] peer 192.3.3.3 connect-interface loopback 0

[PE1-bgp-default] address-family l2vpn evpn

[PE1-bgp-default-evpn] peer 192.2.2.2 enable

[PE1-bgp-default-evpn] peer 192.3.3.3 enable

[PE1-bgp-default-evpn] peer 192.2.2.2 advertise encap-type mpls

[PE1-bgp-default-evpn] peer 192.3.3.3 advertise encap-type mpls

[PE1-bgp-default-evpn] quit

[PE1-bgp-default] quit

# Assign an ESI to GigabitEthernet 1/0/1.

[PE1] interface gigabitethernet 1/0/1

[PE1-GigabitEthernet1/0/1] esi 1.1.1.1.1

[PE1-GigabitEthernet1/0/1] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE1] vsi vpna

[PE1-vsi-vpna] evpn encapsulation mpls

[PE1-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE1-vsi-vpna-evpn-mpls] quit

[PE1-vsi-vpna] quit

# Map GigabitEthernet 1/0/1 (the interface connected to CE 1) to VSI vpna.

[PE1] interface gigabitethernet 1/0/1

[PE1-GigabitEthernet1/0/1] xconnect vsi vpna

[PE1-GigabitEthernet1/0/1] quit

3. Configure PE 2:

# Configure the LSR ID.

<PE2> system-view

[PE2] interface loopback 0

[PE2-LoopBack0] ip address 192.2.2.2 32

[PE2-LoopBack0] quit

[PE2] mpls lsr-id 192.2.2.2

# Enable L2VPN.

[PE2] l2vpn enable

# Enable global LDP.

[PE2] mpls ldp

[PE2-ldp] quit

# Configure GigabitEthernet 1/0/2 (the interface connected to PE 3), and enable LDP on the interface.

[PE2] interface gigabitethernet 1/0/2

[PE2-GigabitEthernet1/0/2] ip address 10.1.2.1 24

[PE2-GigabitEthernet1/0/2] mpls enable

[PE2-GigabitEthernet1/0/2] mpls ldp enable

[PE2-GigabitEthernet1/0/2] quit

# Configure GigabitEthernet 1/0/3 (the interface connected to PE 1), and enable LDP on the interface.

[PE2] interface gigabitethernet 1/0/3

[PE2-GigabitEthernet1/0/3] ip address 10.1.3.2 24

[PE2-GigabitEthernet1/0/3] mpls enable

[PE2-GigabitEthernet1/0/3] mpls ldp enable

[PE2-GigabitEthernet1/0/3] quit

# Configure OSPF for LDP to create LSPs.

[PE2] ospf

[PE2-ospf-1] area 0

[PE2-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0

[PE2-ospf-1-area-0.0.0.0] quit

[PE2-ospf-1] quit

# Create IBGP connections to PE 1 and PE 3, and enable BGP to advertise routes to PE 1 and PE 3.

[PE2] bgp 100

[PE2-bgp-default] peer 192.1.1.1 as-number 100

[PE2-bgp-default] peer 192.1.1.1 connect-interface loopback 0

[PE2-bgp-default] peer 192.3.3.3 as-number 100

[PE2-bgp-default] peer 192.3.3.3 connect-interface loopback 0

[PE2-bgp-default] address-family l2vpn evpn

[PE2-bgp-default-evpn] peer 192.1.1.1 enable

[PE2-bgp-default-evpn] peer 192.3.3.3 enable

[PE2-bgp-default-evpn] peer 192.1.1.1 advertise encap-type mpls

[PE2-bgp-default-evpn] peer 192.3.3.3 advertise encap-type mpls

[PE2-bgp-default-evpn] quit

[PE2-bgp-default] quit

# Assign an ESI to GigabitEthernet 1/0/1.

[PE2] interface gigabitethernet 1/0/1

[PE2-GigabitEthernet1/0/1] esi 1.1.1.1.1

[PE2-GigabitEthernet1/0/1] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE2] vsi vpna

[PE2-vsi-vpna] evpn encapsulation mpls

[PE2-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE2-vsi-vpna-evpn-mpls] quit

[PE2-vsi-vpna] quit

# Map GigabitEthernet 1/0/1 (the interface connected to CE 1) to VSI vpna.

[PE2] interface gigabitethernet 1/0/1

[PE2-GigabitEthernet1/0/1] xconnect vsi vpna

[PE2-GigabitEthernet1/0/1] quit

4. Configure PE 3:

# Configure the LSR ID.

<PE3> system-view

[PE3] interface loopback 0

[PE3-LoopBack0] ip address 192.3.3.3 32

[PE3-LoopBack0] quit

[PE3] mpls lsr-id 192.3.3.3

# Enable L2VPN.

[PE3] l2vpn enable

# Enable global LDP.

[PE3] mpls ldp

[PE3-ldp] quit

# Configure GigabitEthernet 1/0/2 (the interface connected to PE 1) and GigabitEthernet 1/0/3 (the interface connected to PE 2), and enable LDP on the interfaces.

[PE3] interface gigabitethernet 1/0/2

[PE3-GigabitEthernet1/0/2] ip address 10.1.1.2 24

[PE3-GigabitEthernet1/0/2] mpls enable

[PE3-GigabitEthernet1/0/2] mpls ldp enable

[PE3-GigabitEthernet1/0/2] quit

[PE3] interface gigabitethernet 1/0/3

[PE3-GigabitEthernet1/0/3] ip address 10.1.2.2 24

[PE3-GigabitEthernet1/0/3] mpls enable

[PE3-GigabitEthernet1/0/3] mpls ldp enable

[PE3-GigabitEthernet1/0/3] quit

# Configure OSPF for LDP to create LSPs.

[PE3] ospf

[PE3-ospf-1] area 0

[PE3-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0

[PE3-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] quit

[PE3-ospf-1] quit

# Create IBGP connections to PE 1 and PE 2, and enable BGP to advertise routes to PE 1 and PE 2.

[PE3] bgp 100

[PE3-bgp-default] peer 192.1.1.1 as-number 100

[PE3-bgp-default] peer 192.1.1.1 connect-interface loopback 0

[PE3-bgp-default] peer 192.2.2.2 as-number 100

[PE3-bgp-default] peer 192.2.2.2 connect-interface loopback 0

[PE3-bgp-default] address-family l2vpn evpn

[PE3-bgp-default-evpn] peer 192.1.1.1 enable

[PE3-bgp-default-evpn] peer 192.2.2.2 enable

[PE3-bgp-default-evpn] peer 192.1.1.1 advertise encap-type mpls

[PE3-bgp-default-evpn] peer 192.2.2.2 advertise encap-type mpls

[PE3-bgp-default-evpn] quit

[PE3-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE3] vsi vpna

[PE3-vsi-vpna] evpn encapsulation mpls

[PE3-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE3-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE3-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE3-vsi-vpna-evpn-mpls] quit

[PE3-vsi-vpna] quit

# Map GigabitEthernet 1/0/1 (the interface connected to CE 2) to VSI vpna.

[PE3] interface gigabitethernet 1/0/1

[PE3-GigabitEthernet1/0/1] xconnect vsi vpna

[PE3-GigabitEthernet1/0/1] quit

5. Configure CE 2.

<CE2> system-view

[CE2] interface gigabitethernet 1/0/1

[CE2-GigabitEthernet1/0/1] ip address 100.1.1.2 24

[CE2-GigabitEthernet1/0/1] quit

Verifying the configuration

# Verify that PE 1 has established EVPN PWs to PE 2 and PE 3.

<PE1> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.3.3.3 - 710263/710265 EVPN M 8 Up

192.2.2.2 - 710263/710124 EVPN M 9 Up

# Verify that PE 1 has local ES information.

<PE1> display evpn es local

Redundancy mode: A - All-active, S - Single-active

VSI name : vpna

ESI Tag ID DF address Mode State ESI label

0001.0001.0001.0001.0001 - 192.1.1.1 A Up 775128

# Verify that PE 1 has remote ES information.

<Sysname> display evpn es remote

Control Flags: P - Primary, B - Backup, C - Control word

VSI name : vpna

ESI : 0001.0001.0001.0001.0001

Ethernet segment routes :

192.2.2.2

A-D per ES routes :

Peer IP Remote Redundancy mode

192.2.2.2 All-active

A-D per EVI routes :

Tag ID Peer IP Control Flags

- 192.2.2.2 B

# Verify that PE 2 has established EVPN PWs to PE 1 and PE 3.

<PE2> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.1.1.1 - 710124/710263 EVPN M 8 Up

192.3.3.3 - 710124/710265 EVPN M 9 Up

# Verify that PE 3 has established EVPN PWs to PE 1 and PE 2.

<PE3> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.1.1.1 - 710265/710263 EVPN M 8 Up

192.2.2.2 - 710265/710124 EVPN M 9 Up

# Verify that CE 1 and CE 2 can ping each other when the PW on PE 1 or PE 2 fails. (Details not shown.)

Example: Configuring EVPN VPLS multihoming (access through an S-Trunk system)

Network configuration

As shown in Figure 12, configure EVPN VPLS for dualhomed site 1 and singlehomed site 2 to communicate over the MPLS or IP backbone network. Configure PE 1 and PE 2 to form an S-Trunk system.

Figure 12 Network diagram

‌

Device	Interface	IP address	Device	Interface	IP address
PE 1	Loop0	192.1.1.1/32	CE 1	RAGG1	100.1.1.1/24
	GE1/0/1	-	CE 2	GE1/0/1	100.1.1.2/24
	GE1/0/2	10.1.1.1/24	PE 3	Loop0	192.3.3.3/32
	GE1/0/3	10.1.3.1/24		GE1/0/1	-
PE 2	Loop0	192.2.2.2/32		GE1/0/2	10.1.1.2/24
	GE1/0/1	-		GE1/0/3	10.1.2.2/24
	GE1/0/2	10.1.2.1/24
	GE1/0/3	10.1.3.2/24

Procedure

1. Configure CE 1:

# Create dynamic Layer 3 aggregate interface 1 and assign it an IP address.

<CE1> system-view

[CE1] interface route-aggregation 1

[CE1-Route-Aggregation1] link-aggregation mode dynamic

[CE1-Route-Aggregation1] ip address 100.1.1.1 24

[CE1-Route-Aggregation1] quit

# Assign GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2 to aggregation group 1.

[CE1] interface gigabitethernet 1/0/1

[CE1-GigabitEthernet1/0/1] port link-aggregation group 1

[CE1-GigabitEthernet1/0/1] quit

[CE1] interface gigabitethernet 1/0/2

[CE1-GigabitEthernet1/0/2] port link-aggregation group 1

[CE1-GigabitEthernet1/0/2] quit

2. Configure PE 1:

# Configure the LSR ID.

<PE1> system-view

[PE1] interface loopback 0

[PE1-LoopBack0] ip address 192.1.1.1 32

[PE1-LoopBack0] quit

[PE1] mpls lsr-id 192.1.1.1

# Enable L2VPN.

[PE1] l2vpn enable

# Enable global LDP.

[PE1] mpls ldp

[PE1-ldp] quit

# Configure GigabitEthernet 1/0/2 (the interface connected to PE 3), and enable LDP on the interface.

[PE1] interface gigabitethernet 1/0/2

[PE1-GigabitEthernet1/0/2] ip address 10.1.1.1 24

[PE1-GigabitEthernet1/0/2] mpls enable

[PE1-GigabitEthernet1/0/2] mpls ldp enable

[PE1-GigabitEthernet1/0/2] quit

# Configure GigabitEthernet 1/0/3 (the interface connected to PE 2), and enable LDP on the interface.

[PE1] interface gigabitethernet 1/0/3

[PE1-GigabitEthernet1/0/3] ip address 10.1.3.1 24

[PE1-GigabitEthernet1/0/3] mpls enable

[PE1-GigabitEthernet1/0/3] mpls ldp enable

[PE1-GigabitEthernet1/0/3] quit

# Configure OSPF for LDP to create LSPs.

[PE1] ospf

[PE1-ospf-1] area 0

[PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 192.1.1.1 0.0.0.0

[PE1-ospf-1-area-0.0.0.0] quit

[PE1-ospf-1] quit

# Create IBGP connections to PE 2 and PE 3, and enable BGP to advertise routes to PE 2 and PE 3.

[PE1] bgp 100

[PE1-bgp-default] peer 192.2.2.2 as-number 100

[PE1-bgp-default] peer 192.2.2.2 connect-interface loopback 0

[PE1-bgp-default] peer 192.3.3.3 as-number 100

[PE1-bgp-default] peer 192.3.3.3 connect-interface loopback 0

[PE1-bgp-default] address-family l2vpn evpn

[PE1-bgp-default-evpn] peer 192.2.2.2 enable

[PE1-bgp-default-evpn] peer 192.3.3.3 enable

[PE1-bgp-default-evpn] peer 192.2.2.2 advertise encap-type mpls

[PE1-bgp-default-evpn] peer 192.3.3.3 advertise encap-type mpls

[PE1-bgp-default-evpn] quit

[PE1-bgp-default] quit

# Configure S-Trunk to set up a multichassis aggregate link to CE 1.

[PE1] lacp system-priority 10

[PE1] lacp system-mac 1-1-1

[PE1] lacp system-number 1

[PE1] s-trunk id 1

[PE1-s-trunk1] s-trunk ip destination 10.1.3.2 source 10.1.3.1

[PE1-s-trunk1] quit

[PE1] interface route-aggregation 1

[PE1-Route-Aggregation1] link-aggregation mode dynamic

[PE1-Route-Aggregation1] s-trunk 1

[PE1-Route-Aggregation1] s-trunk port-role primary

[PE1-Route-Aggregation1] quit

[PE1] interface gigabitethernet 1/0/1

[PE1-GigabitEthernet1/0/1] port link-aggregation group 1

[PE1-GigabitEthernet1/0/1] quit

# On Route-Aggregation 1, configure an ESI and enable all-active redundancy mode.

[PE1] interface route-aggregation 1

[PE1-Route-Aggregation1] esi 1.1.1.1.1

[PE1-Route-Aggregation1] evpn redundancy-mode all-active

[PE1-Route-Aggregation1] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE1] vsi vpna

[PE1-vsi-vpna] evpn encapsulation mpls

[PE1-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE1-vsi-vpna-evpn-mpls] quit

[PE1-vsi-vpna] quit

# Map Route-Aggregation 1 (the interface connected to CE 1) to VSI vpna.

[PE1] interface route-aggregation 1

[PE1-Route-Aggregation1] xconnect vsi vpna

[PE1-Route-Aggregation1] quit

3. Configure PE 2:

# Configure the LSR ID.

<PE2> system-view

[PE2] interface loopback 0

[PE2-LoopBack0] ip address 192.2.2.2 32

[PE2-LoopBack0] quit

[PE2] mpls lsr-id 192.2.2.2

# Enable L2VPN.

[PE2] l2vpn enable

# Enable global LDP.

[PE2] mpls ldp

[PE2-ldp] quit

# Configure GigabitEthernet 1/0/2 (the interface connected to PE 3), and enable LDP on the interface.

[PE2] interface gigabitethernet 1/0/2

[PE2-GigabitEthernet1/0/2] ip address 10.1.2.1 24

[PE2-GigabitEthernet1/0/2] mpls enable

[PE2-GigabitEthernet1/0/2] mpls ldp enable

[PE2-GigabitEthernet1/0/2] quit

# Configure GigabitEthernet 1/0/3 (the interface connected to PE 1), and enable LDP on the interface.

[PE2] interface gigabitethernet 1/0/3

[PE2-GigabitEthernet1/0/3] ip address 10.1.3.2 24

[PE2-GigabitEthernet1/0/3] mpls enable

[PE2-GigabitEthernet1/0/3] mpls ldp enable

[PE2-GigabitEthernet1/0/3] quit

# Configure OSPF for LDP to create LSPs.

[PE2] ospf

[PE2-ospf-1] area 0

[PE2-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0

[PE2-ospf-1-area-0.0.0.0] quit

[PE2-ospf-1] quit

# Create IBGP connections to PE 1 and PE 3, and enable BGP to advertise routes to PE 1 and PE 3.

[PE2] bgp 100

[PE2-bgp-default] peer 192.1.1.1 as-number 100

[PE2-bgp-default] peer 192.1.1.1 connect-interface loopback 0

[PE2-bgp-default] peer 192.3.3.3 as-number 100

[PE2-bgp-default] peer 192.3.3.3 connect-interface loopback 0

[PE2-bgp-default] address-family l2vpn evpn

[PE2-bgp-default-evpn] peer 192.1.1.1 enable

[PE2-bgp-default-evpn] peer 192.3.3.3 enable

[PE2-bgp-default-evpn] peer 192.1.1.1 advertise encap-type mpls

[PE2-bgp-default-evpn] peer 192.3.3.3 advertise encap-type mpls

[PE2-bgp-default-evpn] quit

[PE2-bgp-default] quit

# Configure S-Trunk to set up a multichassis aggregate link to CE 1.

[PE2] lacp system-priority 10

[PE2] lacp system-mac 1-1-1

[PE2] lacp system-number 2

[PE2] s-trunk id 1

[PE2-s-trunk1] s-trunk ip destination 10.1.3.1 source 10.1.3.2

[PE2-s-trunk1] quit

[PE2] interface route-aggregation 1

[PE2-Route-Aggregation1] link-aggregation mode dynamic

[PE2-Route-Aggregation1] s-trunk 1

[PE2-Route-Aggregation1] s-trunk port-role primary

[PE2-Route-Aggregation1] quit

[PE2] interface gigabitethernet 1/0/1

[PE2-GigabitEthernet1/0/1] port link-aggregation group 1

[PE2-GigabitEthernet1/0/1] quit

# On Route-Aggregation 1, configure an ESI and enable all-active redundancy mode.

[PE2] interface route-aggregation 1

[PE2-Route-Aggregation1] esi 1.1.1.1.1

[PE2-Route-Aggregation1] evpn redundancy-mode all-active

[PE2-Route-Aggregation1] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE2] vsi vpna

[PE2-vsi-vpna] evpn encapsulation mpls

[PE2-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE2-vsi-vpna-evpn-mpls] quit

[PE2-vsi-vpna] quit

# Map Route-Aggregation 1 (the interface connected to CE 1) to VSI vpna.

[PE2] interface route-aggregation 1

[PE2-Route-Aggregation1] xconnect vsi vpna

[PE2-Route-Aggregation1] quit

4. Configure PE 3:

# Configure the LSR ID.

<PE3> system-view

[PE3] interface loopback 0

[PE3-LoopBack0] ip address 192.3.3.3 32

[PE3-LoopBack0] quit

[PE3] mpls lsr-id 192.3.3.3

# Enable L2VPN.

[PE3] l2vpn enable

# Enable global LDP.

[PE3] mpls ldp

[PE3-ldp] quit

# Configure GigabitEthernet 1/0/2 (the interface connected to PE 1) and GigabitEthernet 1/0/3 (the interface connected to PE 2), and enable LDP on the interfaces.

[PE3] interface gigabitethernet 1/0/2

[PE3-GigabitEthernet1/0/2] ip address 10.1.1.2 24

[PE3-GigabitEthernet1/0/2] mpls enable

[PE3-GigabitEthernet1/0/2] mpls ldp enable

[PE3-GigabitEthernet1/0/2] quit

[PE3] interface gigabitethernet 1/0/3

[PE3-GigabitEthernet1/0/3] ip address 10.1.2.2 24

[PE3-GigabitEthernet1/0/3] mpls enable

[PE3-GigabitEthernet1/0/3] mpls ldp enable

[PE3-GigabitEthernet1/0/3] quit

# Configure OSPF for LDP to create LSPs.

[PE3] ospf

[PE3-ospf-1] area 0

[PE3-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0

[PE3-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] quit

[PE3-ospf-1] quit

# Create IBGP connections to PE 1 and PE 2, and enable BGP to advertise routes to PE 1 and PE 2.

[PE3] bgp 100

[PE3-bgp-default] peer 192.1.1.1 as-number 100

[PE3-bgp-default] peer 192.1.1.1 connect-interface loopback 0

[PE3-bgp-default] peer 192.2.2.2 as-number 100

[PE3-bgp-default] peer 192.2.2.2 connect-interface loopback 0

[PE3-bgp-default] address-family l2vpn evpn

[PE3-bgp-default-evpn] peer 192.1.1.1 enable

[PE3-bgp-default-evpn] peer 192.2.2.2 enable

[PE3-bgp-default-evpn] peer 192.1.1.1 advertise encap-type mpls

[PE3-bgp-default-evpn] peer 192.2.2.2 advertise encap-type mpls

[PE3-bgp-default-evpn] quit

[PE3-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE3] vsi vpna

[PE3-vsi-vpna] evpn encapsulation mpls

[PE3-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE3-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE3-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE3-vsi-vpna-evpn-mpls] quit

[PE3-vsi-vpna] quit

# Map GigabitEthernet 1/0/1 (the interface connected to CE 2) to VSI vpna.

[PE3] interface gigabitethernet 1/0/1

[PE3-GigabitEthernet1/0/1] xconnect vsi vpna

[PE3-GigabitEthernet1/0/1] quit

5. Configure CE 2.

<CE2> system-view

[CE2] interface gigabitethernet 1/0/1

[CE2-GigabitEthernet1/0/1] ip address 100.1.1.2 24

[CE2-GigabitEthernet1/0/1] quit

Verifying the configuration

# Verify that PE 1 has established EVPN PWs to PE 2 and PE 3.

<PE1> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.3.3.3 - 710263/710265 EVPN M 8 Up

192.2.2.2 - 710263/710124 EVPN M 9 Up

# Verify that PE 1 has local ES information.

<PE1> display evpn es local

Redundancy mode: A - All-active, S - Single-active

VSI name : vpna

ESI Tag ID DF address Mode State ESI label

0001.0001.0001.0001.0001 - 192.1.1.1 A Up 775128

# Verify that PE 1 has remote ES information.

<Sysname> display evpn es remote

Control Flags: P - Primary, B - Backup, C - Control word

VSI name : vpna

ESI : 0001.0001.0001.0001.0001

Ethernet segment routes :

192.2.2.2

A-D per ES routes :

Peer IP Remote Redundancy mode

192.2.2.2 All-active

A-D per EVI routes :

Tag ID Peer IP Control Flags

- 192.2.2.2 B

# Verify that PE 2 has established EVPN PWs to PE 1 and PE 3.

<PE2> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.1.1.1 - 710124/710263 EVPN M 8 Up

192.3.3.3 - 710124/710265 EVPN M 9 Up

# Verify that PE 3 has established EVPN PWs to PE 1 and PE 2.

<PE3> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.1.1.1 - 710265/710263 EVPN M 8 Up

192.2.2.2 - 710265/710124 EVPN M 9 Up

# Verify that CE 1 and CE 2 can ping each other when the PW on PE 1 or PE 2 fails. (Details not shown.)

Example: Configuring local FRR for EVPN VPLS

Network configuration

As shown in Figure 13:

· CE 1 is dualhomed to PE 1 and PE 2 through an aggregate link.

· Configure EVPN VPLS on PE 1, PE 2, and PE 3 for CE 1 and CE 2 to communicate at Layer 2 over the backbone network.

· Enable local FRR on PE 1 and PE 2 to prevent traffic loss caused by AC failure.

Figure 13 Network diagram

‌

Table 1 Interface and IP address assignment

Device	Interface	IP address	Device	Interface	IP address
PE 1	Loop0	192.1.1.1/32	CE 1	GE1/0/1	100.1.1.1/24
	GE1/0/1	-	CE 2	GE1/0/1	100.1.1.2/24
	GE1/0/2	10.1.1.1/24	PE 3	Loop0	192.3.3.3/32
	GE1/0/3	10.1.3.1/24		GE1/0/1	-
PE 2	Loop0	192.2.2.2/32		GE1/0/2	10.1.1.2/24
	GE1/0/1	-		GE1/0/3	10.1.2.2/24
	GE1/0/2	10.1.2.1/24
	GE1/0/3	10.1.3.2/24

‌

Procedure

1. Configure CE 1:

# Create dynamic Layer 3 aggregate interface Route-Aggregation 1 and assign it an IP address.

<CE1> system-view

[CE1] interface route-aggregation 1

[CE1-Route-Aggregation1] link-aggregation mode dynamic

[CE1-Route-Aggregation1] ip address 100.1.1.1 24

[CE1-Route-Aggregation1] quit

# Assign GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2 to aggregation group 1.

[CE1] interface gigabitethernet 1/0/1

[CE1-GigabitEthernet1/0/1] port link-aggregation group 1

[CE1-GigabitEthernet1/0/1] quit

[CE1] interface gigabitethernet 1/0/2

[CE1-GigabitEthernet1/0/2] port link-aggregation group 1

[CE1-GigabitEthernet1/0/2] quit

2. Configure PE 1:

# Configure an LSR ID.

<PE1> system-view

[PE1] interface loopback 0

[PE1-LoopBack0] ip address 192.1.1.1 32

[PE1-LoopBack0] quit

[PE1] mpls lsr-id 192.1.1.1

# Enable L2VPN.

[PE1] l2vpn enable

# Enable global LDP.

[PE1] mpls ldp

[PE1-ldp] quit

# Configure GigabitEthernet 1/0/2 (the interface connected to PE3), and enable MPLS and LDP on the interface.

[PE1] interface gigabitethernet 1/0/2

[PE1-GigabitEthernet1/0/2] ip address 10.1.1.1 24

[PE1-GigabitEthernet1/0/2] mpls enable

[PE1-GigabitEthernet1/0/2] mpls ldp enable

[PE1-GigabitEthernet1/0/2] quit

# Configure GigabitEthernet 1/0/3 (the interface connected to PE 2), and enable MPLS and LDP on the interface.

[PE1] interface gigabitethernet 1/0/3

[PE1-GigabitEthernet1/0/3] ip address 10.1.3.1 24

[PE1-GigabitEthernet1/0/3] mpls enable

[PE1-GigabitEthernet1/0/3] mpls ldp enable

[PE1-GigabitEthernet1/0/3] quit

# Configure OSPF for LDP to create LSPs.

[PE1] ospf

[PE1-ospf-1] area 0

[PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 192.1.1.1 0.0.0.0

[PE1-ospf-1-area-0.0.0.0] quit

[PE1-ospf-1] quit

# Configure PE 1 to establish IBGP peer relationships with PE 2 and PE 3, and configure BGP to advertise BGP EVPN routes.

[PE1] bgp 100

[PE1-bgp-default] peer 192.2.2.2 as-number 100

[PE1-bgp-default] peer 192.2.2.2 connect-interface loopback 0

[PE1-bgp-default] peer 192.3.3.3 as-number 100

[PE1-bgp-default] peer 192.3.3.3 connect-interface loopback 0

[PE1-bgp-default] address-family l2vpn evpn

[PE1-bgp-default-evpn] peer 192.2.2.2 enable

[PE1-bgp-default-evpn] peer 192.3.3.3 enable

[PE1-bgp-default-evpn] peer 192.2.2.2 advertise encap-type mpls

[PE1-bgp-default-evpn] peer 192.3.3.3 advertise encap-type mpls

[PE1-bgp-default-evpn] quit

[PE1-bgp-default] quit

# Configure a smart trunk to establish an aggregate link across PE 1 and PE 2.

[PE1] lacp system-priority 10

[PE1] lacp system-mac 1-1-1

[PE1] lacp system-number 1

[PE1] s-trunk id 1

[PE1-s-trunk1] s-trunk ip destination 10.1.3.2 source 10.1.3.1

[PE1-s-trunk1] quit

[PE1] interface route-aggregation 1

[PE1-Route-Aggregation1] link-aggregation mode dynamic

[PE1-Route-Aggregation1] s-trunk 1

[PE1-Route-Aggregation1] quit

[PE1] interface gigabitethernet 1/0/1

[PE1-GigabitEthernet1/0/1] port link-aggregation group 1

[PE1-GigabitEthernet1/0/1] quit

# Create VSI vpna, create an EVPN instance on it, and enable MPLS encapsulation. Configure an RD and route targets for the EVPN instance.

[PE1] vsi vpna

[PE1-vsi-vpna] evpn encapsulation mpls

[PE1-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE1-vsi-vpna-evpn-mpls] quit

[PE1-vsi-vpna] quit

# Assign an ESI to Route-Aggregation 1.

[PE1] interface route-aggregation 1

[PE1-Route-Aggregation1] esi 1.1.1.1.1

# Map Route-Aggregation 1 to VSI vpna.

[PE1-Route-Aggregation1] xconnect vsi vpna

[PE1-Route-Aggregation1] quit

# Enable local FRR for EVPN VPLS globally.

[PE1] evpn multihoming vpls-frr local

3. Configure PE 2:

# Configure an LSR ID.

<PE2> system-view

[PE2] interface loopback 0

[PE2-LoopBack0] ip address 192.2.2.2 32

[PE2-LoopBack0] quit

[PE2] mpls lsr-id 192.2.2.2

# Enable L2VPN.

[PE2] l2vpn enable

# Enable global LDP.

[PE2] mpls ldp

[PE2-ldp] quit

# Configure GigabitEthernet 1/0/2 (the interface connected to PE 3), and enable MPLS and LDP on the interface.

[PE2] interface gigabitethernet 1/0/2

[PE2-GigabitEthernet1/0/2] ip address 10.1.2.1 24

[PE2-GigabitEthernet1/0/2] mpls enable

[PE2-GigabitEthernet1/0/2] mpls ldp enable

[PE2-GigabitEthernet1/0/2] quit

# Configure GigabitEthernet 1/0/3 (the interface connected to PE 1), and enable MPLS and LDP on the interface.

[PE2] interface gigabitethernet 1/0/3

[PE2-GigabitEthernet1/0/3] ip address 10.1.3.2 24

[PE2-GigabitEthernet1/0/3] mpls enable

[PE2-GigabitEthernet1/0/3] mpls ldp enable

[PE2-GigabitEthernet1/0/3] quit

# Configure OSPF for LDP to create LSPs.

[PE2] ospf

[PE2-ospf-1] area 0

[PE2-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0

[PE2-ospf-1-area-0.0.0.0] quit

[PE2-ospf-1] quit

# Configure PE 2 to establish IBGP peer relationships with PE 1 and PE 3, and configure BGP to advertise BGP EVPN routes.

[PE2] bgp 100

[PE2-bgp-default] peer 192.1.1.1 as-number 100

[PE2-bgp-default] peer 192.1.1.1 connect-interface loopback 0

[PE2-bgp-default] peer 192.3.3.3 as-number 100

[PE2-bgp-default] peer 192.3.3.3 connect-interface loopback 0

[PE2-bgp-default] address-family l2vpn evpn

[PE2-bgp-default-evpn] peer 192.1.1.1 enable

[PE2-bgp-default-evpn] peer 192.3.3.3 enable

[PE2-bgp-default-evpn] peer 192.1.1.1 advertise encap-type mpls

[PE2-bgp-default-evpn] peer 192.3.3.3 advertise encap-type mpls

[PE2-bgp-default-evpn] quit

[PE2-bgp-default] quit

# Configure a smart trunk to establish an aggregate link across PE 1 and PE 2.

[PE2] lacp system-priority 10

[PE2] lacp system-mac 1-1-1

[PE2] lacp system-number 2

[PE2] s-trunk id 1

[PE2-s-trunk1] s-trunk ip destination 10.1.3.1 source 10.1.3.2

[PE2-s-trunk1] quit

[PE2] interface route-aggregation 1

[PE2-Route-Aggregation1] link-aggregation mode dynamic

[PE2-Route-Aggregation1] s-trunk 1

[PE2-Route-Aggregation1] quit

[PE2] interface gigabitethernet 1/0/1

[PE2-GigabitEthernet1/0/1] port link-aggregation group 1

[PE2-GigabitEthernet1/0/1] quit

# Create VSI vpna, create an EVPN instance on it, and enable MPLS encapsulation. Configure an RD and route targets for the EVPN instance.

[PE2] vsi vpna

[PE2-vsi-vpna] evpn encapsulation mpls

[PE2-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE2-vsi-vpna-evpn-mpls] quit

[PE2-vsi-vpna] quit

# Assign an ESI to Route-Aggregation 1.

[PE2] interface route-aggregation 1

[PE2-Route-Aggregation1] esi 1.1.1.1.1

# Map Route-Aggregation 1 to VSI vpna.

[PE2-Route-Aggregation1] xconnect vsi vpna

[PE2-Route-Aggregation1] quit

# Enable local FRR for EVPN VPLS globally.

[PE2] evpn multihoming vpls-frr local

4. Configure PE 3:

# Configure an LSR ID.

<PE3> system-view

[PE3] interface loopback 0

[PE3-LoopBack0] ip address 192.3.3.3 32

[PE3-LoopBack0] quit

[PE3] mpls lsr-id 192.3.3.3

# Enable L2VPN.

[PE3] l2vpn enable

# Enable global LDP.

[PE3] mpls ldp

[PE3-ldp] quit

# Configure GigabitEthernet 1/0/2 (the interface connected to PE 1), and enable MPLS and LDP on the interface.

[PE3] interface gigabitethernet 1/0/2

[PE3-GigabitEthernet1/0/2] ip address 10.1.1.2 24

[PE3-GigabitEthernet1/0/2] mpls enable

[PE3-GigabitEthernet1/0/2] mpls ldp enable

[PE3-GigabitEthernet1/0/2] quit

# Configure GigabitEthernet 1/0/3 (the interface connected to PE 2), and enable MPLS and LDP on the interface.

[PE3] interface gigabitethernet 1/0/3

[PE3-GigabitEthernet1/0/3] ip address 10.1.2.2 24

[PE3-GigabitEthernet1/0/3] mpls enable

[PE3-GigabitEthernet1/0/3] mpls ldp enable

[PE3-GigabitEthernet1/0/3] quit

# Configure OSPF for LDP to create LSPs.

[PE3] ospf

[PE3-ospf-1] area 0

[PE3-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0

[PE3-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] quit

[PE3-ospf-1] quit

# Configure PE 3 to establish IBGP peer relationships with PE 1 and PE 2, and configure BGP to advertise EVPN routes.

[PE3] bgp 100

[PE3-bgp-default] peer 192.1.1.1 as-number 100

[PE3-bgp-default] peer 192.1.1.1 connect-interface loopback 0

[PE3-bgp-default] peer 192.2.2.2 as-number 100

[PE3-bgp-default] peer 192.2.2.2 connect-interface loopback 0

[PE3-bgp-default] address-family l2vpn evpn

[PE3-bgp-default-evpn] peer 192.1.1.1 enable

[PE3-bgp-default-evpn] peer 192.2.2.2 enable

[PE3-bgp-default-evpn] peer 192.1.1.1 advertise encap-type mpls

[PE3-bgp-default-evpn] peer 192.2.2.2 advertise encap-type mpls

[PE3-bgp-default-evpn] quit

[PE3-bgp-default] quit

# Create VSI vpna, create an EVPN instance on it, and enable MPLS encapsulation. Configure an RD and route targets for the EVPN instance.

[PE3] vsi vpna

[PE3-vsi-vpna] evpn encapsulation mpls

[PE3-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE3-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE3-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE3-vsi-vpna-evpn-mpls] quit

[PE3-vsi-vpna] quit

# Map GigabitEthernet 1/0/1 to VSI vpna.

[PE3] interface gigabitethernet 1/0/1

[PE3-GigabitEthernet1/0/1] xconnect vsi vpna

[PE3-GigabitEthernet1/0/1] quit

5. Configure CE 2.

<CE2> system-view

[CE2] interface gigabitethernet 1/0/1

[CE2-GigabitEthernet1/0/1] ip address 100.1.1.2 24

[CE2-GigabitEthernet1/0/1] quit

Verifying the configuration

1. Verify PW information:

# Verify that PE 1 has established PWs with PE 3 and PE 2.

<PE1> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.3.3.3 - 710263/710265 EVPN M 8 Up

192.2.2.2 - 710263/710124 EVPN M 9 Up

# Verify that PE 2 has established PWs with PE 1 and PE 3.

<PE2> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.1.1.1 - 710124/710263 EVPN M 8 Up

192.3.3.3 - 710124/710265 EVPN M 9 Up

# Verify that PE 3 has established PWs with PE 1 and PE 2.

<PE3> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.1.1.1 - 710265/710263 EVPN M 8 Up

192.2.2.2 - 710265/710124 EVPN M 9 Up

2. Verify ES information:

# Display local ES information on PE 1.

<PE1> display evpn es local

Redundancy mode: A - All-active, S - Single-active

VSI name : vpna

ESI Tag ID DF address Mode State ESI label

0001.0001.0001.0001.0001 - 192.1.1.1 A Up 775128

# Display remote ES information on PE 1.

<Sysname> display evpn es remote

Control Flags: P - Primary, B - Backup, C - Control word

VSI name : vpna

ESI : 0001.0001.0001.0001.0001

Ethernet segment routes :

192.2.2.2

A-D per ES routes :

Peer IP Remote Redundancy mode

192.2.2.2 All-active

A-D per EVI routes :

Tag ID Peer IP Control Flags

- 192.2.2.2 B

3. Verify that CE 1 and CE 2 can ping each other when all PWs are up and when a PW is down. (Details not shown.)

Example: Configuring LDP PWs as ACs for EVPN PWs

Network configuration

As shown in Figure 14:

· PE 1 and PE 2 are edge devices on both the VPLS network and EVPN VPLS network.

· PE 1, PE 2, and PE 4 use LDP to establish LDP PWs.

· On PE 1 and PE 2, configure LDP PWs as UPWs (ACs) for EVPN PWs to ensure that the VPLS and EVPN VPLS networks can communicate with each other.

· PE 4 is dual-homed to PE 1 and PE 2 through two LDP PWs (UPWs).

Figure 14 Network diagram

‌

Device	Interface	IP address	Device	Interface	IP address
PE 1	Loop0	1.1.1.9/32	PE 3	Loop0	3.3.3.9/32
	GE1/0/1	10.1.1.1/24		GE1/0/1	-
	GE1/0/2	30.1.1.1/24		GE1/0/2	30.1.1.3/24
	GE1/0/3	10.1.3.1/24		GE1/0/3	10.1.2.3/24
PE 2	Loop0	2.2.2.9/32	PE 4	Loop0	4.4.4.9/32
	GE1/0/1	20.1.1.2/24		GE1/0/3	-
	GE1/0/2	10.1.2.2/24		GE1/0/1	10.1.1.4/24
	GE1/0/3	10.1.3.2/24		GE1/0/2	20.1.1.4/24
CE 1	GE1/0/1	100.1.1.1/32	CE 2	GE1/0/1	100.1.1.2/32

Procedure

1. Configure CE 1:

# Configure an IP address and mask for GigabitEthernet 1/0/1.

<CE1> system-view

[CE1] interface gigabitethernet 1/0/1

[CE1-GigabitEthernet1/0/1] ip address 100.1.1.1 24

[CE1-GigabitEthernet1/0/1] quit

2. Configure PE 4:

# Configure MPLS basic capabilities.

<PE4> system-view

[PE4] interface loopback 0

[PE4-LoopBack0] ip address 1.1.1.9 32

[PE4-LoopBack0] quit

[PE4] mpls lsr-id 1.1.1.9

# Enable LDP globally.

[PE4] mpls ldp

[PE4-ldp] quit

# Enable L2VPN.

[PE4] l2vpn enable

# Configure GigabitEthernet 1/0/1, the interface connected to PE 1.

[PE4] interface gigabitethernet 1/0/1

[PE4-GigabitEthernet1/0/1] ip address 10.1.1.4 24

[PE4-GigabitEthernet1/0/1] ospf 1 area 0

[PE4-GigabitEthernet1/0/1] mpls enable

[PE4-GigabitEthernet1/0/1] mpls ldp enable

[PE4-GigabitEthernet1/0/1] undo shutdown

[PE4-GigabitEthernet1/0/1] quit

# Configure GigabitEthernet 1/0/2, the interface connected to PE 2.

[PE4] interface gigabitethernet 1/0/2

[PE4-GigabitEthernet1/0/2] ip address 20.1.1.4 24

[PE4-GigabitEthernet1/0/2] ospf 1 area 0

[PE4-GigabitEthernet1/0/2] mpls enable

[PE4-GigabitEthernet1/0/2] mpls ldp enable

[PE4-GigabitEthernet1/0/2] undo shutdown

[PE4-GigabitEthernet1/0/2] quit

# Configure VSI vpna to use LDP to establish LDP PWs. The LDP PW between PE 1 and PE 4 is the primary PW and the LDP PW between PE 2 and PE 4 is the backup PW. Enable the dual receive feature for PW redundancy.

[PE4] vsi vpna

[PE4-vsi-vpna] protection dual-receive

[PE4-vsi-vpna] pwsignaling ldp

[PE4-vsi-vpna-ldp] peer 1.1.1.9 pw-id 500

[PE4-vsi-vpna-ldp-1.1.1.9-500] backup-peer 2.2.2.9 pw-id 500

[PE4-vsi-vpna-ldp-1.1.1.9-500-backup] quit

[PE4-vsi-vpna-ldp-1.1.1.9-500] quit

[PE4-vsi-vpna-ldp] quit

[PE4-vsi-vpna] quit

# Map GigabitEthernet 1/0/3 to VSI vpna.

[PE4] interface gigabitethernet 1/0/3

[PE4-GigabitEthernet1/0/3] xconnect vsi vpna

[PE4-GigabitEthernet1/0/3] quit

3. Configure PE 1:

# Configure interface Loopback 0.

<PE1> system-view

[PE1] interface loopback 0

[PE1-LoopBack1] ip address 1.1.1.9 32

[PE1-LoopBack1] quit

# Configure MPLS basic capabilities.

[PE1] mpls lsr-id 1.1.1.9

# Enable LDP globally.

[PE1] mpls ldp

[PE1-ldp] quit

# Enable L2VPN.

[PE1] l2vpn enable

# Run OSPF on PE 1 to set up LSPs.

[PE1] ospf

[PE1-ospf-1] area 0

[PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0

[PE1-ospf-1] quit

# Configure GigabitEthernet 1/0/1, the interface connected to PE 4.

[PE1] interface gigabitethernet 1/0/1

[PE1-GigabitEthernet1/0/1] ip address 10.1.1.1 24

[PE1-GigabitEthernet1/0/1] mpls enable

[PE1-GigabitEthernet1/0/1] mpls ldp enable

[PE1-GigabitEthernet1/0/1] undo shutdown

[PE1-GigabitEthernet1/0/1] quit

# Configure GigabitEthernet 1/0/2, the interface connected to PE 3.

[PE1] interface gigabitethernet 1/0/2

[PE1-GigabitEthernet1/0/2] ip address 30.1.1.1 24

[PE1-GigabitEthernet1/0/2] mpls enable

[PE1-GigabitEthernet1/0/2] mpls ldp enable

[PE1-GigabitEthernet1/0/2] undo shutdown

[PE1-GigabitEthernet1/0/2] quit

# ConfigureGigabitEthernet 1/0/3, the interface connected to PE 2.

[PE1] interface gigabitethernet 1/0/3

[PE1-GigabitEthernet1/0/3] ip address 10.1.3.1 24

[PE1-GigabitEthernet1/0/3] mpls enable

[PE1-GigabitEthernet1/0/3] mpls ldp enable

[PE1-GigabitEthernet1/0/3] undo shutdown

[PE1-GigabitEthernet1/0/3] quit

# Establish IBGP connections to PE 2 and PE 3, and enable BGP EVPN to advertise route information to PE 2 and PE 3.

[PE1] bgp 100

[PE1-bgp-default] peer 2.2.2.9 as-number 100

[PE1-bgp-default] peer 2.2.2.9 connect-interface loopback 0

[PE1-bgp-default] peer 3.3.3.9 as-number 100

[PE1-bgp-default] peer 3.3.3.9 connect-interface loopback 0

[PE1-bgp-default] address-family l2vpn evpn

[PE1-bgp-default-evpn] peer 2.2.2.9 enable

[PE1-bgp-default-evpn] peer 3.3.3.9 enable

[PE1-bgp-default-evpn] peer 2.2.2.9 advertise encap-type mpls

[PE1-bgp-default-evpn] peer 3.3.3.9 advertise encap-type mpls

[PE1-bgp-default-evpn] quit

[PE1-bgp-default] quit

# Create a PW class and set the PW data encapsulation type to Ethernet for the PW class.

[PE1] pw-class aaa

[PE1-pw-aaa] pw-type ethernet

[PE1-pw-aaa] quit

# Create VSI vpna, create an EVPN instance for it, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE1] vsi vpna

[PE1-vsi-vpna] evpn encapsulation mpls

[PE1-vsi-vpna-evpn-srv6] route-distinguisher 1:1

[PE1-vsi-vpna-evpn-srv6] vpn-target 1:1 export-extcommunity

[PE1-vsi-vpna-evpn-srv6] vpn-target 1:1 import-extcommunity

[PE1-vsi-vpna-evpn-srv6] quit

# Configure VSI vpna to use LDP to establish LDP PWs. Configure PE 1 to establish an UPW with PE 4, assign an ESI to the UPW, and set the redundancy mode of the UPW to all-active.

[PE1-vsi-vpna] pwsignaling ldp

[PE1-vsi-vpna-ldp] peer 4.4.4.9 pw-id 500 no-split-horizon pw-class aaa

[PE1-vsi-vpna-ldp-4.4.4.9-500] esi 1.1.1.1.1

[PE1-vsi-vpna-ldp-4.4.4.9-500] evpn redundancy-mode all-active

[PE1-vsi-vpna-ldp-4.4.4.9-500] quit

[PE1-vsi-vpna-ldp] quit

[PE1-vsi-vpna] quit

4. Configure PE 2:

# Configure MPLS basic capabilities.

<PE2> system-view

[PE2] interface loopback 0

[PE2-LoopBack0] ip address 2.2.2.9 32

[PE2-LoopBack0] quit

[PE2] mpls lsr-id 2.2.2.9

# Enable LDP globally.

[PE2] mpls ldp

[PE2-ldp] quit

# Enable L2VPN.

[PE2] l2vpn enable

# Run OSPF on PE 2 to set up LSPs.

[PE2] ospf

[PE2-ospf-1] area 0

[PE2-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0

[PE2-ospf-1] quit

# Configure GigabitEthernet 1/0/3, the interface connected to PE 1.

[PE2] interface gigabitethernet 1/0/3

[PE2-GigabitEthernet1/0/3] ip address 10.1.3.2 24

[PE2-GigabitEthernet1/0/3] mpls enable

[PE2-GigabitEthernet1/0/3] mpls ldp enable

[PE2-GigabitEthernet1/0/3] undo shutdown

[PE2-GigabitEthernet1/0/3] quit

# Configure GigabitEthernet 1/0/2, the interface connected to PE 3.

[PE2] interface gigabitethernet 1/0/2

[PE2-GigabitEthernet1/0/2] ip address 10.1.2.1 24

[PE2-GigabitEthernet1/0/2] mpls enable

[PE2-GigabitEthernet1/0/2] mpls ldp enable

[PE2-GigabitEthernet1/0/2] undo shutdown

[PE2-GigabitEthernet1/0/2] quit

# Configure GigabitEthernet 1/0/1, the interface connected to PE 4.

[PE2] interface gigabitethernet 1/0/1

[PE2-GigabitEthernet1/0/1] ip address 20.1.1.2 24

[PE2-GigabitEthernet1/0/1] mpls enable

[PE2-GigabitEthernet1/0/1] mpls ldp enable

[PE2-GigabitEthernet1/0/1] undo shutdown

[PE2-GigabitEthernet1/0/1] quit

# Establish IBGP connections to PE 1 and PE 3 and enable BGP EVPN to advertise route information to PE 1 and PE 3.

[PE2] bgp 100

[PE2-bgp-default] peer 1.1.1.9 as-number 100

[PE2-bgp-default] peer 1.1.1.9 connect-interface loopback 0

[PE2-bgp-default] peer 3.3.3.9 as-number 100

[PE2-bgp-default] peer 3.3.3.9 connect-interface loopback 0

[PE2-bgp-default] address-family l2vpn evpn

[PE2-bgp-default-evpn] peer 1.1.1.9 enable

[PE2-bgp-default-evpn] peer 3.3.3.9 enable

[PE2-bgp-default-evpn] peer 1.1.1.9 advertise encap-type mpls

[PE2-bgp-default-evpn] peer 3.3.3.9 advertise encap-type mpls

[PE2-bgp-default-evpn] quit

[PE2-bgp-default] quit

# Create a PW class and set the PW data encapsulation type to Ethernet for the PW class.

[PE2] pw-class aaa

[PE2-pw-aaa] pw-type ethernet

[PE2-pw-aaa] quit

# Create VSI vpna, create an EVPN instance for it, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE2] vsi vpna

[PE2-vsi-vpna] evpn encapsulation mpls

[PE2-vsi-vpna-evpn-srv6] route-distinguisher 1:1

[PE2-vsi-vpna-evpn-srv6] vpn-target 1:1 export-extcommunity

[PE2-vsi-vpna-evpn-srv6] vpn-target 1:1 import-extcommunity

[PE2-vsi-vpna-evpn-srv6] quit

# Configure VSI vpna to use LDP to establish LDP PWs. Configure PE 2 to establish an UPW with PE 4, assign an ESI to the UPW, and set the redundancy mode of the UPW to all-active.

[PE2] vsi vpna

[PE2-vsi-vpna] pwsignaling ldp

[PE2-vsi-vpna-ldp] peer 1.1.1.9 pw-id 500 no-split-horizon pw-class aaa

[PE2-vsi-vpna-ldp-1.1.1.9-500] esi 1.1.1.1.1

[PE2-vsi-vpna-ldp-1.1.1.9-500] evpn redundancy-mode all-active

[PE2-vsi-vpna-ldp-1.1.1.9-500] quit

[PE2-vsi-vpna-ldp] quit

[PE2-vsi-vpna] quit

5. Configure PE 3:

# Configure MPLS basic capabilities.

<PE3> system-view

[PE3] interface loopback 0

[PE3-LoopBack0] ip address 3.3.3.9 32

[PE3-LoopBack0] quit

[PE1] mpls lsr-id 3.3.3.9

# Enable LDP globally.

[PE1] mpls ldp

[PE1-ldp] quit

# Enable L2VPN.

[PE3] l2vpn enable

# Run OSPF on PE 3 to set up LSPs.

[PE3] ospf

[PE3-ospf-1] area 0

[PE3-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0

[PE3-ospf-1] quit

# Configure GigabitEthernet 1/0/2, the interface connected to PE 1.

[PE3] interface gigabitethernet 1/0/2

[PE3-GigabitEthernet1/0/2] ip address 30.1.1.3 24

[PE3-GigabitEthernet1/0/2] undo shutdown

[PE3-GigabitEthernet1/0/2] quit

# Configure GigabitEthernet 1/0/3, the interface connected to PE 2.

[PE3] interface gigabitethernet 1/0/3

[PE3-GigabitEthernet1/0/3] ip address 10.1.2.3 24

[PE3-GigabitEthernet1/0/3] undo shutdown

[PE3-GigabitEthernet1/0/3] quit

# Establish IBGP connections to PE 1 and PE 2, and enable BGP EVPN to advertise route information to PE 1 and PE 2.

[PE3] bgp 100

[PE3-bgp-default] peer 1.1.1.9 as-number 100

[PE3-bgp-default] peer 1.1.1.9 connect-interface loopback 0

[PE3-bgp-default] peer 2.2.2.9 as-number 100

[PE3-bgp-default] peer 2.2.2.9 connect-interface loopback 0

[PE3-bgp-default] address-family l2vpn evpn

[PE3-bgp-default-evpn] peer 1.1.1.9 enable

[PE3-bgp-default-evpn] peer 2.2.2.9 enable

[PE3-bgp-default-evpn] peer 1.1.1.9 advertise encap-type mpls

[PE3-bgp-default-evpn] peer 2.2.2.9 advertise encap-type mpls

[PE3-bgp-default-evpn] quit

[PE3-bgp-default] quit

# Create VSI vpna, create an EVPN instance for it, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE3] vsi vpna

[PE3-vsi-vpna] evpn encapsulation mpls

[PE3-vsi-vpna-evpn-srv6] route-distinguisher 1:1

[PE3-vsi-vpna-evpn-srv6] vpn-target 1:1 export-extcommunity

[PE3-vsi-vpna-evpn-srv6] vpn-target 1:1 import-extcommunity

[PE3-vsi-vpna-evpn-srv6] quit

# Map GigabitEthernet 1/0/1 to VSI vpna.

[PE3] interface gigabitethernet 1/0/1

[PE3-GigabitEthernet1/0/1] xconnect vsi vpna

[PE3-GigabitEthernet1/0/1] quit

6. Configure CE 2.

<CE2> system-view

[CE2] interface gigabitethernet 1/0/1

[CE2-GigabitEthernet1/0/1] ip address 100.1.1.2 24

[CE2-GigabitEthernet1/0/1] quit

Verifying the configuration

# On PE 1, display PW information. Verify that PE 1 has established an LDP PW with PE 4 and EVPN PWs with PE 2 and PE 3.

<PE1> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 3

3 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI Name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

4.4.4.9 500 1147/- LDP MN 8 Up

2.2.2.9 - 1148/1148 EVPN M 9 Up

3.3.3.9 - 1148/1149 EVPN M 10 Up

# On PE 1, display local ES information. Verify that the LDP PW (UPW) has multihoming settings.

<PE1> display evpn es local verbose

VSI name : vpna

ESI : 0001.0001.0001.0001.0001

Interface : -

Redundancy mode : All-active

State : Up

UPWs :

Link ID Service instance ID Tag ID DF address ESI label

8 - - - 1146

# Display information on PE 2 in the same way as information is displayed on PE 1. (Details not shown.)

# Verify that CE 1 and CE 2 can ping each other. (Details not shown.)

EVPN VPLS configuration examples (on switches)

Example: Configuring EVPN VPLS between singlehomed sites

Network configuration

As shown in Figure 15, set up a path between PE 1 and PE 2 for the CEs in VLAN 10 of site 1 and site 2 to communicate through EVPN VPLS over the MPLS or IP backbone network.

Figure 15 Network diagram

‌

Device	Interface	IP address	Device	Interface	IP address
CE 1	Vlan-int10	10.1.1.10/24	P	Loop0	3.3.3.3/32
PE 1	Loop0	1.1.1.1/32		Vlan-int23	11.1.1.2/24
	Vlan-int23	11.1.1.1/24		Vlan-int26	11.1.2.2/24
CE 2	Vlan-int10	10.1.1.20/24	PE 2	Loop0	2.2.2.2/32
				Vlan-int26	11.1.2.1/24

Prerequisites

Create VLANs on all devices and assign interfaces to the VLANs.

Procedure

1. Configure CE 1.

<CE1> system-view

[CE1] interface vlan-interface 10

[CE1-Vlan-interface10] ip address 10.1.1.10 24

[CE1-Vlan-interface10] quit

2. Configure PE 1:

# Configure the LSR ID.

<PE1> system-view

[PE1] interface loopback 0

[PE1-LoopBack0] ip address 1.1.1.1 32

[PE1-LoopBack0] quit

[PE1] mpls lsr-id 1.1.1.1

# Enable L2VPN.

[PE1] l2vpn enable

# Enable global LDP.

[PE1] mpls ldp

[PE1-ldp] quit

# Configure VLAN-interface 23 (the interface connected to the P device), and enable LDP on the interface.

[PE1] interface vlan-interface 23

[PE1-Vlan-interface23] ip address 11.1.1.1 24

[PE1-Vlan-interface23] mpls enable

[PE1-Vlan-interface23] mpls ldp enable

[PE1-Vlan-interface23] quit

# Configure OSPF for LDP to create LSPs.

[PE1] ospf

[PE1-ospf-1] area 0

[PE1-ospf-1-area-0.0.0.0] network 11.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0

[PE1-ospf-1-area-0.0.0.0] quit

[PE1-ospf-1] quit

# Create an IBGP connection to PE 2, and enable BGP to advertise L2VPN information to PE 2.

[PE1] bgp 100

[PE1-bgp-default] peer 2.2.2.2 as-number 100

[PE1-bgp-default] peer 2.2.2.2 connect-interface loopback 0

[PE1-bgp-default] address-family l2vpn evpn

[PE1-bgp-default-evpn] peer 2.2.2.2 enable

[PE1-bgp-default-evpn] peer 2.2.2.2 advertise encap-type mpls

[PE1-bgp-default-evpn] quit

[PE1-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE1] vsi vpna

[PE1-vsi-vpna] evpn encapsulation mpls

[PE1-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE1-vsi-vpna-evpn-mpls] quit

[PE1-vsi-vpna] quit

# Configure Ethernet service instance 1000 to match VLAN 10 on GigabitEthernet 1/0/1 (the interface connected to CE 1).

[PE1] interface gigabitethernet 1/0/1

[PE1-GigabitEthernet1/0/1] service-instance 1000

[PE1-GigabitEthernet1/0/1-srv1000] encapsulation s-vid 10

# Map Ethernet service instance 1000 to VSI vpna.

[PE1-GigabitEthernet1/0/1-srv1000] xconnect vsi vpna

[PE1-GigabitEthernet1/0/1-srv1000] quit

[PE1-GigabitEthernet1/0/1] quit

3. Configure the P device:

# Configure the LSR ID.

<P> system-view

[P] interface loopback 0

[P-LoopBack0] ip address 3.3.3.3 32

[P-LoopBack0] quit

[P] mpls lsr-id 3.3.3.3

# Enable global LDP.

[P] mpls ldp

[P-ldp] quit

# Configure VLAN-interface 23 (the interface connected to PE 1), and enable LDP on the interface.

[P] interface vlan-interface 23

[P-Vlan-interface23] ip address 11.1.1.2 24

[P-Vlan-interface23] mpls enable

[P-Vlan-interface23] mpls ldp enable

[P-Vlan-interface23] quit

# Configure VLAN-interface 26 (the interface connected to PE 2), and enable LDP on the interface.

[P] interface vlan-interface 26

[P-Vlan-interface26] ip address 11.1.2.2 24

[P-Vlan-interface26] mpls enable

[P-Vlan-interface26] mpls ldp enable

[P-Vlan-interface26] quit

# Configure OSPF for LDP to create LSPs.

[P] ospf

[P-ospf-1] area 0

[P-ospf-1-area-0.0.0.0] network 11.1.1.0 0.0.0.255

[P-ospf-1-area-0.0.0.0] network 11.1.2.0 0.0.0.255

[P-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0

[P-ospf-1-area-0.0.0.0] quit

[P-ospf-1] quit

4. Configure PE 2:

# Configure the LSR ID.

<PE2> system-view

[PE2] interface loopback 0

[PE2-LoopBack0] ip address 2.2.2.2 32

[PE2-LoopBack0] quit

[PE2] mpls lsr-id 2.2.2.2

# Enable L2VPN.

[PE2] l2vpn enable

# Enable global LDP.

[PE2] mpls ldp

[PE2-ldp] quit

# Configure VLAN-interface 26 (the interface connected to the P device), and enable LDP on the interface.

[PE2] interface vlan-interface 26

[PE2-Vlan-interface26] ip address 11.1.2.1 24

[PE2-Vlan-interface26] mpls enable

[PE2-Vlan-interface26] mpls ldp enable

[PE2-Vlan-interface26] quit

# Configure OSPF for LDP to create LSPs.

[PE2] ospf

[PE2-ospf-1] area 0

[PE2-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0

[PE2-ospf-1-area-0.0.0.0] network 11.1.2.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] quit

[PE2-ospf-1] quit

# Create an IBGP connection to PE 1, and enable BGP to advertise L2VPN information to PE 1.

[PE2] bgp 100

[PE2-bgp-default] peer 1.1.1.1 as-number 100

[PE2-bgp-default] peer 1.1.1.1 connect-interface loopback 0

[PE2-bgp-default] address-family l2vpn evpn

[PE2-bgp-default-evpn] peer 1.1.1.1 enable

[PE2-bgp-default-evpn] peer 1.1.1.1 advertise encap-type mpls

[PE2-bgp-default-evpn] quit

[PE2-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE2] vsi vpna

[PE2-vsi-vpna] evpn encapsulation mpls

[PE2-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE2-vsi-vpna-evpn-mpls] quit

[PE2-vsi-vpna] quit

# Configure Ethernet service instance 1000 to match VLAN 10 on GigabitEthernet 1/0/1 (the interface connected to CE 2).

[PE2] interface gigabitethernet 1/0/1

[PE2-GigabitEthernet1/0/1] service-instance 1000

[PE2-GigabitEthernet1/0/1-srv1000] encapsulation s-vid 10

# Map Ethernet service instance 1000 to VSI vpna.

[PE2-GigabitEthernet1/0/1-srv1000] xconnect vsi vpna

[PE2-GigabitEthernet1/0/1-srv1000] quit

[PE2-GigabitEthernet1/0/1] quit

5. Configure CE 2.

<CE2> system-view

[CE2] interface vlan-interface 10

[CE2-Vlan-interface10] ip address 10.1.1.20 24

[CE2-Vlan-interface10] quit

Verifying the configuration

# Verify that an EVPN PW has been established between PE 1 and PE 2.

[PE1] display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 1

1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

2.2.2.2 - 775127/775127 EVPN M 8 Up

# Verify that the PW is created on PE 2.

<PE2> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 1

1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

1.1.1.1 - 775127/775127 EVPN M 8 Up

# Verify that CE 1 and CE 2 can ping each other. (Details not shown.)

Example: Configuring EVPN VPLS multihoming

Network configuration

As shown in Figure 16, configure EVPN VPLS for dualhomed site 1 and singlehomed site 2 to communicate over the MPLS or IP backbone network.

Figure 16 Network diagram

‌

Device	Interface	IP address	Device	Interface	IP address
PE 1	Loop0	192.1.1.1/32	CE 1	Vlan-int10	100.1.1.1/24
	GE1/0/1	N/A	CE 2	Vlan-int10	100.1.1.2/24
	Vlan-int13	10.1.1.1/24	PE 3	Loop0	192.3.3.3/32
	Vlan-int11	10.1.3.1/24		GE1/0/1	N/A
PE 2	Loop0	192.2.2.2/32		Vlan-int13	10.1.1.2/24
	GE1/0/1	N/A		Vlan-int23	10.1.2.2/24
	Vlan-int23	10.1.2.1/24
	Vlan-int11	10.1.3.2/24

Prerequisites

Create VLANs on all devices and assign interfaces to the VLANs.

Procedure

1. Configure CE 1:

# Create VLAN-interface 10 and assign it an IP address.

<CE1> system-view

[CE1] interface vlan-interface 10

[CE1-Vlan-interface10] ip address 100.1.1.1 24

[CE1-Vlan-interface10] quit

2. Configure PE 1:

# Configure the LSR ID.

<PE1> system-view

[PE1] interface loopback 0

[PE1-LoopBack0] ip address 192.1.1.1 32

[PE1-LoopBack0] quit

[PE1] mpls lsr-id 192.1.1.1

# Enable L2VPN.

[PE1] l2vpn enable

# Enable global LDP.

[PE1] mpls ldp

[PE1-ldp] quit

# Configure VLAN-interface 13 (the interface connected to PE 3), and enable LDP on the interface.

[PE1] interface vlan-interface 13

[PE1-Vlan-interface13] ip address 10.1.1.1 24

[PE1-Vlan-interface13] mpls enable

[PE1-Vlan-interface13] mpls ldp enable

[PE1-Vlan-interface13] quit

# Configure VLAN-interface 11 (the interface connected to PE 2), and enable LDP on the interface.

[PE1] interface vlan-interface 11

[PE1-Vlan-interface11] ip address 10.1.3.1 24

[PE1-Vlan-interface11] mpls enable

[PE1-Vlan-interface11] mpls ldp enable

[PE1-Vlan-interface11] quit

# Configure OSPF for LDP to create LSPs.

[PE1] ospf

[PE1-ospf-1] area 0

[PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 192.1.1.1 0.0.0.0

[PE1-ospf-1-area-0.0.0.0] quit

[PE1-ospf-1] quit

# Create IBGP connections to PE 2 and PE 3, and enable BGP to advertise routes to PE 2 and PE 3.

[PE1] bgp 100

[PE1-bgp-default] peer 192.2.2.2 as-number 100

[PE1-bgp-default] peer 192.2.2.2 connect-interface loopback 0

[PE1-bgp-default] peer 192.3.3.3 as-number 100

[PE1-bgp-default] peer 192.3.3.3 connect-interface loopback 0

[PE1-bgp-default] address-family l2vpn evpn

[PE1-bgp-default-evpn] peer 192.2.2.2 enable

[PE1-bgp-default-evpn] peer 192.3.3.3 enable

[PE1-bgp-default-evpn] peer 192.2.2.2 advertise encap-type mpls

[PE1-bgp-default-evpn] peer 192.3.3.3 advertise encap-type mpls

[PE1-bgp-default-evpn] quit

[PE1-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE1] vsi vpna

[PE1-vsi-vpna] evpn encapsulation mpls

[PE1-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE1-vsi-vpna-evpn-mpls] quit

[PE1-vsi-vpna] quit

# Configure Ethernet service instance 1000 to match VLAN 10 on GigabitEthernet 1/0/1 (the interface connected to CE 1).

[PE1] interface gigabitethernet 1/0/1

[PE1-GigabitEthernet1/0/1] service-instance 1000

[PE1-GigabitEthernet1/0/1-srv1000] encapsulation s-vid 10

# Map GigabitEthernet 1/0/1 to VSI vpna.

[PE1-GigabitEthernet1/0/1-srv1000] xconnect vsi vpna

[PE1-GigabitEthernet1/0/1-srv1000] quit

# Assign an ESI to GigabitEthernet 1/0/1.

[PE1-GigabitEthernet1/0/1] esi 1.1.1.1.1

[PE1-GigabitEthernet1/0/1] quit

3. Configure PE 2:

# Configure the LSR ID.

<PE2> system-view

[PE2] interface loopback 0

[PE2-LoopBack0] ip address 192.2.2.2 32

[PE2-LoopBack0] quit

[PE2] mpls lsr-id 192.2.2.2

# Enable global LDP.

[PE2] mpls ldp

[PE2-ldp] quit

# Configure VLAN-interface 23 (the interface connected to PE 3), and enable LDP on the interface.

[PE2] interface vlan-interface 23

[PE2-Vlan-interface23] ip address 10.1.2.1 24

[PE2-Vlan-interface23] mpls enable

[PE2-Vlan-interface23] mpls ldp enable

[PE2-Vlan-interface23] quit

# Configure VLAN-interface 11 (the interface connected to PE 2), and enable LDP on the interface.

[PE2] interface vlan-interface 11

[PE2-Vlan-interface11] ip address 10.1.3.2 24

[PE2-Vlan-interface11] mpls enable

[PE2-Vlan-interface11] mpls ldp enable

[PE2-Vlan-interface11] quit

# Configure OSPF for LDP to create LSPs.

[PE2] ospf

[PE2-ospf-1] area 0

[PE2-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0

[PE2-ospf-1-area-0.0.0.0] quit

[PE2-ospf-1] quit

# Create IBGP connections to PE 1 and PE 3, and enable BGP to advertise routes to PE 1 and PE 3.

[PE2] bgp 100

[PE2-bgp-default] peer 192.1.1.1 as-number 100

[PE2-bgp-default] peer 192.1.1.1 connect-interface loopback 0

[PE2-bgp-default] peer 192.3.3.3 as-number 100

[PE2-bgp-default] peer 192.3.3.3 connect-interface loopback 0

[PE2-bgp-default] address-family l2vpn evpn

[PE2-bgp-default-evpn] peer 192.1.1.1 enable

[PE2-bgp-default-evpn] peer 192.3.3.3 enable

[PE2-bgp-default-evpn] peer 192.1.1.1 advertise encap-type mpls

[PE2-bgp-default-evpn] peer 192.3.3.3 advertise encap-type mpls

[PE2-bgp-default-evpn] quit

[PE2-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE2] vsi vpna

[PE2-vsi-vpna] evpn encapsulation mpls

[PE2-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE2-vsi-vpna-evpn-mpls] quit

[PE2-vsi-vpna] quit

# Configure Ethernet service instance 1000 to match VLAN 10 on GigabitEthernet 1/0/1 (the interface connected to CE 1).

[PE2] interface gigabitethernet 1/0/1

[PE2-GigabitEthernet1/0/1] service-instance 1000

[PE2-GigabitEthernet1/0/1-srv1000] encapsulation s-vid 10

# Map Ethernet service instance 1000 to VSI vpna.

[PE2-GigabitEthernet1/0/1-srv1000] xconnect vsi vpna

[PE2-GigabitEthernet1/0/1-srv1000] quit

[PE2-GigabitEthernet1/0/1] quit

# Assign an ESI to GigabitEthernet 1/0/1.

[PE2-GigabitEthernet1/0/1] esi 1.1.1.1.1

[PE2-GigabitEthernet1/0/1] quit

4. Configure PE 3:

# Configure the LSR ID.

<PE3> system-view

[PE3] interface loopback 0

[PE3-LoopBack0] ip address 192.3.3.3 32

[PE3-LoopBack0] quit

[PE3] mpls lsr-id 192.3.3.3

# Enable L2VPN.

[PE3] l2vpn enable

# Enable global LDP.

[PE3] mpls ldp

[PE3-ldp] quit

# Configure VLAN-interface 13 (the interface connected to PE 1) and VLAN-interface 23 (the interface connected to PE 2), and enable LDP on the interfaces.

[PE3] interface vlan-interface13

[PE3-Vlan-interface13] ip address 10.1.1.2 24

[PE3-Vlan-interface13] mpls enable

[PE3-Vlan-interface13] mpls ldp enable

[PE3-Vlan-interface13] quit

[PE3] interface vlan-interface23

[PE3-Vlan-interface23] ip address 10.1.2.2 24

[PE3-Vlan-interface23] mpls enable

[PE3-Vlan-interface23] mpls ldp enable

[PE3-Vlan-interface23] quit

# Configure OSPF for LDP to create LSPs.

[PE3] ospf

[PE3-ospf-1] area 0

[PE3-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0

[PE3-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] quit

[PE3-ospf-1] quit

# Create IBGP connections to PE 1 and PE 2, and enable BGP to advertise routes to PE 1 and PE 2.

[PE3] bgp 100

[PE3-bgp-default] peer 192.1.1.1 as-number 100

[PE3-bgp-default] peer 192.1.1.1 connect-interface loopback 0

[PE3-bgp-default] peer 192.2.2.2 as-number 100

[PE3-bgp-default] peer 192.2.2.2 connect-interface loopback 0

[PE3-bgp-default] address-family l2vpn evpn

[PE3-bgp-default-evpn] peer 192.1.1.1 enable

[PE3-bgp-default-evpn] peer 192.2.2.2 enable

[PE3-bgp-default-evpn] peer 192.1.1.1 advertise encap-type mpls

[PE3-bgp-default-evpn] peer 192.2.2.2 advertise encap-type mpls

[PE3-bgp-default-evpn] quit

[PE3-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE3] vsi vpna

[PE3-vsi-vpna] evpn encapsulation mpls

[PE3-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE3-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE3-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE3-vsi-vpna-evpn-mpls] quit

# Configure Ethernet service instance 1000 to match VLAN 10 on GigabitEthernet 1/0/1 (the interface connected to CE 1).

[PE3] interface gigabitethernet 1/0/1

[PE3-GigabitEthernet1/0/1] service-instance 1000

[PE3-GigabitEthernet1/0/1-srv1000] encapsulation s-vid 10

# Map Ethernet service instance 1000 to VSI vpna.

[PE3-GigabitEthernet1/0/1-srv1000] xconnect vsi vpna

[PE3-GigabitEthernet1/0/1-srv1000] quit

[PE3-GigabitEthernet1/0/1] quit

5. Configure CE 2.

<CE2> system-view

[CE2] interface vlan-interface 10

[CE2-Vlan-interface10] ip address 100.1.1.2 24

[CE2-Vlan-interface10] quit

Verifying the configuration

# Verify that PE 1 has established EVPN PWs to PE 2 and PE 3.

<PE1> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.3.3.3 - 710263/710265 EVPN M 8 Up

192.2.2.2 - 710263/710124 EVPN M 9 Up

# Verify that PE 1 has local ES information.

<PE1> display evpn es local

Redundancy mode: A - All-active, S - Single-active

VSI name : vpna

ESI Tag ID DF address Mode State ESI label

0001.0001.0001.0001.0001 - 192.1.1.1 A Up 775128

# Verify that PE 1 has remote ES information.

<Sysname> display evpn es remote

Control Flags: P - Primary, B - Backup, C - Control word

VSI name : vpna

ESI : 0001.0001.0001.0001.0001

Ethernet segment routes :

192.2.2.2

A-D per ES routes :

Peer IP Remote Redundancy mode

192.2.2.2 All-active

A-D per EVI routes :

Tag ID Peer IP Control Flags

- 192.2.2.2 B

# Verify that PE 2 has established EVPN PWs to PE 1 and PE 3.

<PE2> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.1.1.1 - 710124/710263 EVPN M 8 Up

192.3.3.3 - 710124/710265 EVPN M 9 Up

# Verify that PE 3 has established EVPN PWs to PE 1 and PE 2.

<PE3> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.1.1.1 - 710265/710263 EVPN M 8 Up

192.2.2.2 - 710265/710124 EVPN M 9 Up

# Verify that CE 1 and CE 2 can ping each other when the PW on PE 1 or PE 2 fails. (Details not shown.)

Example: Configuring LDP PWs as ACs for EVPN PWs

Network configuration

As shown in Figure 17:

· PE 1 and PE 2 are edge devices on both the VPLS network and EVPN VPLS network.

· PE 1, PE 2, and PE 4 use LDP to establish LDP PWs.

· On PE 1 and PE 2, configure LDP PWs as UPWs (ACs) for EVPN PWs to ensure that the VPLS and EVPN VPLS networks can communicate with each other.

· PE 4 is dual-homed to PE 1 and PE 2 through two LDP PWs (UPWs).

Figure 17 Network diagram

‌

Device	Interface	IP address	Device	Interface	IP address
PE 1	Loop0	1.1.1.9/32	PE 3	Loop0	3.3.3.9/32
	Vlan-int15	10.1.1.1/24		GE1/0/1	-
	Vlan-int13	30.1.1.1/24		Vlan-int13	30.1.1.3/24
	Vlan-int11	10.1.3.1/24		Vlan-int23	10.1.2.3/24
PE 2	Loop0	2.2.2.9/32	PE 4	Loop0	4.4.4.9/32
	Vlan-int26	20.1.1.2/24		GE1/0/1	-
	Vlan-int23	10.1.2.2/24		Vlan-int15	10.1.1.4/24
	Vlan-int11	10.1.3.2/24		Vlan-int26	20.1.1.4/24
CE 1	Vlan-int10	100.1.1.1/24	CE 2	Vlan-int10	100.1.1.2/24

Prerequisites

Create VLANs on all devices and assign interfaces to the VLANs.

Procedure

1. Configure CE 1:

# Configure an IP address and mask for VLAN-interface 10.

<CE1> system-view

[CE1] interface vlan-interface10

[CE1-Vlan-interface10] ip address 100.1.1.1 24

[CE1-Vlan-interface10] quit

2. Configure PE 4:

# Configure MPLS basic capabilities.

<PE4> system-view

[PE4] interface loopback 0

[PE4-LoopBack0] ip address 1.1.1.9 32

[PE4-LoopBack0] quit

[PE4] mpls lsr-id 1.1.1.9

# Enable LDP globally.

[PE4] mpls ldp

[PE4-ldp] quit

# Enable L2VPN.

[PE4] l2vpn enable

# Configure VLAN-interface 15, the interface connected to PE 1.

[PE4] interface vlan-interface 15

[PE4-Vlan-interface15] ip address 10.1.1.4 24

[PE4-Vlan-interface15] ospf 1 area 0

[PE4-Vlan-interface15] mpls enable

[PE4-Vlan-interface15] mpls ldp enable

[PE4-Vlan-interface15] undo shutdown

[PE4-Vlan-interface15] quit

# Configure VLAN-interface 26, the interface connected to PE 2.

[PE4] interface vlan-interface 26

[PE4-Vlan-interface26] ip address 20.1.1.4 24

[PE4-Vlan-interface26] ospf 1 area 0

[PE4-Vlan-interface26] mpls enable

[PE4-Vlan-interface26] mpls ldp enable

[PE4-Vlan-interface26] undo shutdown

[PE4-Vlan-interface26] quit

[PE4] vsi vpna

[PE4-vsi-vpna] protection dual-receive

[PE4-vsi-vpna] pwsignaling ldp

[PE4-vsi-vpna-ldp] peer 1.1.1.9 pw-id 500

[PE4-vsi-vpna-ldp-1.1.1.9-500] backup-peer 2.2.2.9 pw-id 500

[PE4-vsi-vpna-ldp-1.1.1.9-500-backup] quit

[PE4-vsi-vpna-ldp-1.1.1.9-500] quit

[PE4-vsi-vpna-ldp] quit

[PE4-vsi-vpna] quit

# Create Ethernet service instance 10 on GigabitEthernet 1/0/1, configure the Ethernet service instance to match VLAN 10, and map the Ethernet service instance to VSI vpna.

[PE4] interface gigabitethernet 1/0/1

[PE4-GigabitEthernet1/0/1] service-instance 10

[PE4-GigabitEthernet1/0/1-srv10] encapsulation s-vid 10

[PE4-GigabitEthernet1/0/1-srv10] xconnect vsi vpna

[PE4-GigabitEthernet1/0/1-srv10] quit

3. Configure PE 1:

# Configure interface Loopback 0.

<PE1> system-view

[PE1] interface loopback 0

[PE1-LoopBack1] ip address 1.1.1.9 32

[PE1-LoopBack1] quit

# Configure MPLS basic capabilities.

[PE1] mpls lsr-id 1.1.1.9

# Enable LDP globally.

[PE1] mpls ldp

[PE1-ldp] quit

# Enable L2VPN.

[PE1] l2vpn enable

# Run OSPF on PE 1 to set up LSPs.

[PE1] ospf

[PE1-ospf-1] area 0

[PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0

[PE1-ospf-1] quit

# Configure VLAN-interface 13, the interface connected to PE 3.

[PE1] interface vlan-interface 13

[PE1-Vlan-interface13] ip address 30.1.1.1 24

[PE1-Vlan-interface13] mpls enable

[PE1-Vlan-interface13] mpls ldp enable

[PE1-Vlan-interface13] quit

# Configure VLAN-interface 11, the interface connected to PE 2.

[PE1] interface vlan-interface 11

[PE1-Vlan-interface11] ip address 10.1.3.1 24

[PE1-Vlan-interface11] mpls enable

[PE1-Vlan-interface11] mpls ldp enable

[PE1-Vlan-interface11] quit

# Configure VLAN-interface 15, the interface connected to PE 4.

[PE1] interface vlan-interface 15

[PE1-Vlan-interface15] ip address 10.1.1.1 24

[PE1-Vlan-interface15] mpls enable

[PE1-Vlan-interface15] mpls ldp enable

[PE1-Vlan-interface15] quit

# Establish IBGP connections to PE 2 and PE 3, and enable BGP EVPN to advertise route information to PE 2 and PE 3.

[PE1] bgp 100

[PE1-bgp-default] peer 2.2.2.9 as-number 100

[PE1-bgp-default] peer 2.2.2.9 connect-interface loopback 0

[PE1-bgp-default] peer 3.3.3.9 as-number 100

[PE1-bgp-default] peer 3.3.3.9 connect-interface loopback 0

[PE1-bgp-default] address-family l2vpn evpn

[PE1-bgp-default-evpn] peer 2.2.2.9 enable

[PE1-bgp-default-evpn] peer 3.3.3.9 enable

[PE1-bgp-default-evpn] peer 2.2.2.9 advertise encap-type mpls

[PE1-bgp-default-evpn] peer 3.3.3.9 advertise encap-type mpls

[PE1-bgp-default-evpn] quit

[PE1-bgp-default] quit

# Create VSI vpna, create an EVPN instance for it, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE1] vsi vpna

[PE1-vsi-vpna] evpn encapsulation mpls

[PE1-vsi-vpna-evpn-srv6] route-distinguisher 1:1

[PE1-vsi-vpna-evpn-srv6] vpn-target 1:1 export-extcommunity

[PE1-vsi-vpna-evpn-srv6] vpn-target 1:1 import-extcommunity

[PE1-vsi-vpna-evpn-srv6] quit

# Configure VSI vpna to use LDP to establish LDP PWs. Configure PE 1 to establish an UPW with PE 4, assign an ESI to the UPW, and set the redundancy mode of the UPW to all-active.

[PE1-vsi-vpna] pwsignaling ldp

[PE1-vsi-vpna-ldp] peer 4.4.4.9 pw-id 500 no-split-horizon

[PE1-vsi-vpna-ldp-4.4.4.9-500] esi 1.1.1.1.1

[PE1-vsi-vpna-ldp-4.4.4.9-500] evpn redundancy-mode all-active

[PE1-vsi-vpna-ldp-4.4.4.9-500] quit

[PE1-vsi-vpna-ldp] quit

[PE1-vsi-vpna] quit

4. Configure PE 2:

# Configure MPLS basic capabilities.

<PE2> system-view

[PE2] interface loopback 0

[PE2-LoopBack0] ip address 2.2.2.9 32

[PE2-LoopBack0] quit

[PE2] mpls lsr-id 2.2.2.9

# Enable LDP globally.

[PE2] mpls ldp

[PE2-ldp] quit

# Enable L2VPN.

[PE2] l2vpn enable

# Run OSPF on PE 2 to set up LSPs.

[PE2] ospf

[PE2-ospf-1] area 0

[PE2-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0

[PE2-ospf-1] quit

# Configure VLAN-interface 23, the interface connected to PE 3.

[PE2] interface vlan-interface 23

[PE2-Vlan-interface23] ip address 10.1.2.2 24

[PE2-Vlan-interface23] mpls enable

[PE2-Vlan-interface23] mpls ldp enable

[PE2-Vlan-interface23] quit

# Configure VLAN-interface 11, the interface connected to PE 1.

[PE2] interface vlan-interface 11

[PE2-Vlan-interface11] ip address 10.1.3.2 24

[PE2-Vlan-interface11] mpls enable

[PE2-Vlan-interface11] mpls ldp enable

[PE2-Vlan-interface11] quit

# Configure VLAN-interface 26, the interface connected to PE 4.

[PE2] interface vlan-interface 26

[PE2-Vlan-interface26] ip address 20.1.1.2 24

[PE2-Vlan-interface26] mpls enable

[PE2-Vlan-interface26] mpls ldp enable

[PE2-Vlan-interface26] quit

# Establish IBGP connections to PE 1 and PE 3 and enable BGP EVPN to advertise route information to PE 1 and PE 3.

[PE2] bgp 100

[PE2-bgp-default] peer 1.1.1.9 as-number 100

[PE2-bgp-default] peer 1.1.1.9 connect-interface loopback 0

[PE2-bgp-default] peer 3.3.3.9 as-number 100

[PE2-bgp-default] peer 3.3.3.9 connect-interface loopback 0

[PE2-bgp-default] address-family l2vpn evpn

[PE2-bgp-default-evpn] peer 1.1.1.9 enable

[PE2-bgp-default-evpn] peer 3.3.3.9 enable

[PE2-bgp-default-evpn] peer 1.1.1.9 advertise encap-type mpls

[PE2-bgp-default-evpn] peer 3.3.3.9 advertise encap-type mpls

[PE2-bgp-default-evpn] quit

[PE2-bgp-default] quit

# Create VSI vpna, create an EVPN instance for it, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE2] vsi vpna

[PE2-vsi-vpna] evpn encapsulation mpls

[PE2-vsi-vpna-evpn-srv6] route-distinguisher 1:1

[PE2-vsi-vpna-evpn-srv6] vpn-target 1:1 export-extcommunity

[PE2-vsi-vpna-evpn-srv6] vpn-target 1:1 import-extcommunity

[PE2-vsi-vpna-evpn-srv6] quit

# Configure VSI vpna to use LDP to establish LDP PWs. Configure PE 2 to establish an UPW with PE 4, assign an ESI to the UPW, and set the redundancy mode of the UPW to all-active.

[PE2] vsi vpna

[PE2-vsi-vpna] pwsignaling ldp

[PE2-vsi-vpna-ldp] peer 1.1.1.9 pw-id 500 no-split-horizon

[PE2-vsi-vpna-ldp-1.1.1.9-500] esi 1.1.1.1.1

[PE2-vsi-vpna-ldp-1.1.1.9-500] evpn redundancy-mode all-active

[PE2-vsi-vpna-ldp-1.1.1.9-500] quit

[PE2-vsi-vpna-ldp] quit

[PE2-vsi-vpna] quit

5. Configure PE 3:

# Configure MPLS basic capabilities.

<PE3> system-view

[PE3] interface loopback 0

[PE3-LoopBack0] ip address 3.3.3.9 32

[PE3-LoopBack0] quit

[PE1] mpls lsr-id 3.3.3.9

# Enable LDP globally.

[PE1] mpls ldp

[PE1-ldp] quit

# Enable L2VPN.

[PE3] l2vpn enable

# Run OSPF on PE 3 to set up LSPs.

[PE3] ospf

[PE3-ospf-1] area 0

[PE3-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0

[PE3-ospf-1] quit

# Configure VLAN-interface 13, the interface connected to PE 1.

[PE3] interface vlan-interface 13

[PE3-Vlan-interface13] ip address 30.1.1.3 24

[PE3-Vlan-interface13] mpls enable

[PE3-Vlan-interface13] mpls ldp enable

[PE3-Vlan-interface13] quit

# Configure VLAN-interface 23, the interface connected to PE 2.

[PE3] interface vlan-interface23

[PE3-Vlan-interface23] ip address 10.1.2.3 24

[PE3-Vlan-interface23] mpls enable

[PE3-Vlan-interface23] mpls ldp enable

[PE3-Vlan-interface23] quit

# Establish IBGP connections to PE 1 and PE 2, and enable BGP EVPN to advertise route information to PE 1 and PE 2.

[PE3] bgp 100

[PE3-bgp-default] peer 1.1.1.9 as-number 100

[PE3-bgp-default] peer 1.1.1.9 connect-interface loopback 0

[PE3-bgp-default] peer 2.2.2.9 as-number 100

[PE3-bgp-default] peer 2.2.2.9 connect-interface loopback 0

[PE3-bgp-default] address-family l2vpn evpn

[PE3-bgp-default-evpn] peer 1.1.1.9 enable

[PE3-bgp-default-evpn] peer 2.2.2.9 enable

[PE3-bgp-default-evpn] peer 1.1.1.9 advertise encap-type mpls

[PE3-bgp-default-evpn] peer 2.2.2.9 advertise encap-type mpls

[PE3-bgp-default-evpn] quit

[PE3-bgp-default] quit

# Create VSI vpna, create an EVPN instance for it, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE3] vsi vpna

[PE3-vsi-vpna] evpn encapsulation mpls

[PE3-vsi-vpna-evpn-srv6] route-distinguisher 1:1

[PE3-vsi-vpna-evpn-srv6] vpn-target 1:1 export-extcommunity

[PE3-vsi-vpna-evpn-srv6] vpn-target 1:1 import-extcommunity

[PE3-vsi-vpna-evpn-srv6] quit

# Create Ethernet service instance 10 on GigabitEthernet 1/0/1, configure the Ethernet service instance to match VLAN 10, and map the Ethernet service instance to VSI vpna.

[PE3] interface gigabitethernet 1/0/1

[PE3-GigabitEthernet1/0/1] service-instance 10

[PE3-GigabitEthernet1/0/1-srv10] encapsulation s-vid 10

[PE3-GigabitEthernet1/0/1-srv10] xconnect vsi vpna

6. Configure CE 2.

<CE2> system-view

[CE2] interface vlan-interface 10

[CE2-Vlan-interface10] ip address 100.1.1.2 24

[CE2-Vlan-interface10] quit

Verifying the configuration

# On PE 1, display PW information. Verify that PE 1 has established an LDP PW with PE 4 and EVPN PWs with PE 2 and PE 3.

<PE1> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 3

3 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI Name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

4.4.4.9 500 1147/- LDP MN 8 Up

2.2.2.9 - 1148/1148 EVPN M 9 Up

3.3.3.9 - 1148/1149 EVPN M 10 Up

# On PE 1, display local ES information. Verify that the LDP PW (UPW) has multihoming settings.

<PE1> display evpn es local verbose

VSI name : vpna

ESI : 0001.0001.0001.0001.0001

Interface : -

Redundancy mode : All-active

State : Up

UPWs :

Link ID Service instance ID Tag ID DF address ESI label

8 - - - 1146

# Display information on PE 2 in the same way as information is displayed on PE 1. (Details not shown.)

# Verify that CE 1 and CE 2 can ping each other. (Details not shown.)

22-EVPN Configuration Guide

EVPN VPLS network model

Source MAC address learning

MAC address aging

MAC address withdrawal

Unicast traffic forwarding

Flooding

About EVPN VPLS multihoming

Redundancy mode

Control word

About EVPN E-tree

Local traffic isolation

Remote known unicast traffic isolation

Remote flood traffic isolation

About this task

Restrictions and guidelines

Procedure

About this task

Procedure

About this task

Restrictions and guidelines

Procedure

About this task

Procedure

About this task

Restrictions and guidelines

Procedure

Restrictions and guidelines for EVPN VPLS multihoming

About this task

Procedure

About this task

Restrictions and guidelines

Configuring the DF election algorithm globally

Configuring the DF election algorithm on an interface

Configuring parameters for preference-based DF election

About this task

Procedure

About this task

Procedure

About this task

Restrictions and guidelines

Enabling local FRR globally

Configuring local FRR on an EVPN instance created in VSI view

About this task

Prerequisites

Procedure

About this task

Restrictions and guidelines for AC state ignore configuration

Enabling VSIs to ignore the state of ACs globally

Configuring a VSI to ignore the state of ACs

About this task

Procedure

About this task

Restrictions and guidelines

Procedure

About this task

Procedure

About this task

Procedure

About this task

Procedure

About this task

Procedure

Enabling conversational learning for remote ARP entries

About this task

Restrictions and guidelines

Procedure

About this task

Restrictions and guidelines

Procedure

Configuring LDP or static PWs as ACs for EVPN PWs

Restrictions and guidelines for LDP or static PW AC configuration for EVPN PWs

Configuring LDP PWs as ACs for EVPN PWs

Restrictions and guidelines

Procedure

About this task

Procedure

About this task

Procedure

Enabling SNMP notifications for L2VPN PWs