EVPN Virtual Private LAN Service (VPLS) is a Layer 2 VPN technology that uses MP-BGP to advertise EVPN routes in the control plane and MPLS for forwarding in the data plane. EVPN VPLS provides point-to-multipoint forwarding services for users with MAC address table lookup in VSIs.

EVPN VPLS network model

As shown in Figure 1, an EVPN VPLS network contains the following devices:

· Customer edge (CE)—Customer device directly connected to the service provider network.

· Provider edge (PE)—Service provider device connected to CEs. PEs provide access to the EVPN VPLS network and forward traffic between customer network sites by using public tunnels.

A PE uses ACs, PWs, tunnels, and VSIs to provide EVPN VPLS services.

· Attachment circuit (AC)—A physical or virtual link between a CE and a PE.

· Pseudowire (PW)—A virtual bidirectional connection between two PEs. A PW contains a pair of virtual links in opposite directions.

· Public tunnel—A connection that carries one or more PWs across the MPLS or IP backbone. A public tunnel can be an LSP, GRE, or MPLS TE tunnel.

· Virtual Switch Instance (VSI)—A virtual switch instance provides Layer 2 switching services for a VPLS instance (EVPN instance) on a PE. A VSI acts as a virtual switch that has all the functions of a conventional Ethernet switch, including source MAC address learning, MAC address aging, and flooding. VPLS uses VSIs to forward Layer 2 data packets in EVPN instances.

Figure 1 EVPN VPLS network

‌

Neighbor auto-discovery and PW establishment

In an EVPN VPLS network, PEs discover neighbors and establish PWs by using the following procedure:

1. The PEs assign two PW labels to each VSI for forwarding known unicast, broadcast, unknown unicast, and unknown multicast (BUM) packets.

2. Each PE advertises the PW labels to remote PEs as follows:

¡ Advertises the PW labels used for forwarding known unicast packets through MAC/IP prefix advertisement routes.

¡ Advertises the PW labels used for forwarding BUM traffic through Ethernet auto-discovery routes or IMET routes.

Those routes carry route targets.

3. Each PE matches the route targets in a received MAC/IP prefix advertisement route, Ethernet auto-discovery route, or IMET route with the import targets of the EVPN instance. If the route targets match the import targets, the PE establishes a unidirectional virtual connection based on the PE address and PW label information carried in the route.

PW establishment is finished when two virtual connections in opposite directions are established between two PEs.

MAC address learning, aging, and withdrawal

Source MAC address learning

A PE uses the MAC address table of a VSI to forward Layer 2 unicast traffic for that VSI.

A PE learns source MAC addresses in the following ways:

· Local MAC address learning—Learns the source MAC addresses of local CEs.

When the PE receives a frame from a local CE, it first identifies the VSI of the frame. Then, the PE adds the source MAC address of the frame (the MAC address of the local CE) to the MAC address table of the VSI. The output interface of the MAC address entry is the AC that receives the frame.

· Remote MAC address learning—Learns the source MAC addresses of remote CEs.

A PE advertises the MAC addresses of local CEs to remote PEs through BGP EVPN MAC/IP advertisement routes. When a remote PE receives the routes, it adds the received MAC addresses to the MAC address table of the corresponding VSI. The output interface is the PW between the PEs.

MAC address aging

· Local MAC address aging—The MAC address table uses an aging timer for each dynamic MAC address entry. If no packet is received from a MAC address before the aging timer expires, VPLS deletes the MAC address.

· Remote MAC address aging—Remote MAC addresses advertised through MAC/IP advertisement routes are not removed from the MAC address table until routes to withdraw the MAC addresses are received.

MAC address withdrawal

When an AC goes down, the PE deletes MAC addresses on the AC. Then it sends an LDP address withdrawal message to notify all other PEs in the EVPN instance to delete those MAC addresses.

Traffic forwarding and flooding

Unicast traffic forwarding

After a PE receives a unicast packet with a known destination MAC address from an AC, the PE searches the MAC address table of the VSI bound to the AC for packet forwarding.

· If the output interface in the entry is a PW, the PE inserts the PW label to the packet, and adds the public tunnel header to the packet. It then forwards the packet to the remote PE over the PW. If the public tunnel is an LSP or MPLS TE tunnel, each packet on the PW contains two labels. The inner label is the PW label, which identifies the PW and ensures that the packet is forwarded to the correct VSI. The outer label is the public LSP or MPLS TE tunnel label, which ensures that the packet is correctly forwarded to the remote PE.

· If the output interface in the entry is a local interface, the PE directly forwards the packet to the local interface.

After a PE receives a unicast packet with a known destination MAC address from a PW, the PE searches the MAC address table of the VSI bound to the PW for packet forwarding. The PE forwards the packet through the output interface in the matching MAC address entry.

Flooding

When a PE receives flood traffic from an AC in a VSI, it will flood the traffic to the following interfaces:

· All ACs in the VSI except for the incoming AC.

· All PWs associated with the VSI.

When a PE receives flood traffic from a PW, it will flood the traffic to all ACs in the VSI bound to the PW.

Full mesh and split horizon

A Layer 2 network requires a loop prevention protocol such as STP to avoid loops. However, a loop prevention protocol on PEs brings management and maintenance difficulties. Therefore, EVPN VPLS uses the following methods to prevent loops:

· Full mesh—Every two PEs in an EVPN instance must establish a PW. The PWs form a full mesh among PEs in the EVPN instance.

· Split horizon—A PE does not forward packets received from a PW to any other PWs in the same VSI but only forwards those packets to ACs.

EVPN VPLS multihoming

About EVPN VPLS multihoming

As shown in Figure 2, EVPN VPLS supports deploying multiple PEs at a site for redundancy and high availability. On the redundant PEs, Ethernet links connected to the site form an ES that is uniquely identified by an ESI. EVPN VPLS supports only dualhoming.

Figure 2 EVPN VPLS multihoming

‌

DF election

To prevent redundant PEs from sending duplicate flood traffic to a multihomed site, a designated forwarder (DF) is elected from the PEs to forward flood traffic to the local site. PEs that fail the election are assigned the backup designated forwarder (BDF) role. BDFs do not forward flood traffic to the local site.

Figure 3 DF election

DF election can be performed by using a VLAN tag-based algorithm or preference-based algorithm.

· VLAN tag-based DF election

PEs select a DF for each AC based on the VLAN tag and PE IP address as follows:

a. Arrange source IP addresses in Ethernet segment routes with the same ESI in ascending order and assign a sequence number to each IP address, starting from 0.

b. Divide the lowest VLAN ID permitted on an AC by the number of the redundant PEs, and match the reminder to the sequence numbers of IP addresses.

c. Assign the DF role to the PE that uses the IP address with the matching sequence number.

The following uses PE 1 and PE 2 in Figure 4 as an example to explain the DF election procedure:

d. PE 1 and PE 2 send Ethernet segment routes to each other.

e. The PEs assign sequence numbers 0 and 1 to IP addresses 1.1.1.1 and 2.2.2.2 in the Ethernet segment routes, respectively.

f. The PEs divide 4 (the lowest VLAN ID permitted by the ACs) by 2 (the number of redundant PEs), and match the reminder 0 to the sequence numbers of the IP addresses.

g. The DF role is assigned to PE 1 at 1.1.1.1.

Figure 4 VLAN tag-based DF election

· Preference-based DF election

PEs select a DF for each ES based on the DF election preference, the Don't Preempt Me (DP) bit in Ethernet segment routes, and PE IP address. The DP bit can be set to one of the following values:

¡ 1—Non-revertive mode is enabled for preference-based DF election (DF preemption is disabled). A DF retains its role when a new DF is elected.

¡ 0—Non-revertive mode is disabled for preference-based DF election (DF preemption is enabled).

Preference-based DF election uses the following rules to select a DF for an ES:

a. The PE with higher preference becomes the DF.

b. If two PEs have the same preference, the PE with the DP bit set to 1 becomes the DF.

c. If both of the PEs have the DP bit set to 1, the PE with a lower IP address becomes the DF.

As shown in Figure 5, PE 2 is the DF for ES 1, and PE 1 is the DF for ES 2.

Figure 5 Preference-based DF election

‌

Redundancy mode

The device supports single-active redundancy mode and all-active redundancy mode of EVPN VPLS multihoming.

· Single-active mode—This mode allows one of the redundant PEs to forward traffic. When the primary PE becomes unavailable because of device failure or link failure, traffic is switched to the secondary PE for forwarding.

· All-active mode—This mode allows all redundant PEs to a multihomed site to load share unicast traffic.

IP aliasing

In all-active redundancy mode, all redundant PEs of an ES advertise the ES to remote PEs through MP-BGP. IP aliasing allows a remote PE to add the IP addresses of all the redundant PEs as the next hops for the MAC or ARP information received from one of these PEs. This mechanism creates ECMP routes between the remote PE and the redundant PEs.

ARP flood suppression

ARP flood suppression reduces ARP request broadcasts by enabling a PE to reply to ARP requests on behalf of VMs.

As shown in Figure 6, this feature snoops ARP requests, ARP responses, and BGP EVPN routes to populate the ARP flood suppression table with local and remote MAC addresses. If an ARP request has a matching entry, the PE replies to the request on behalf of the VM. If no match is found, the PE floods the request to both local and remote sites.

Figure 6 ARP flood suppression

‌

ARP flood suppression uses the following workflow:

1. CE1 sends an ARP request to obtain the MAC address of CE 2.

2. PE 1 creates a suppression entry for CE 1, floods the ARP request to local CEs and remote PEs (PE 2 and PE 3) in the VSI, and sends the suppression entry to PE 2 and PE 3 through BGP EVPN. Unicast-mode flooding is used to illustrate the workflow.

3. PE 2 and PE 3 de-encapsulate the ARP request and broadcast the request to local CEs in the VSI.

4. CE 2 sends an ARP reply after it receives the ARP request.

5. PE 2 creates a suppression entry for CE 2, forwards the ARP reply to PE 1, and sends the suppression entry to PE 1 and PE 3 through BGP EVPN.

6. PE 1 de-encapsulates the ARP reply and forwards the ARP reply to CE 1.

7. CE 4 sends an ARP request to obtain the MAC address of CE 1.

8. PE 1 creates a suppression entry for CE 4 and replies to the ARP request.

9. CE 3 sends an ARP request to obtain the MAC address of CE 1.

10. PE 3 creates a suppression entry for CE 3 and replies to the ARP request.

Control word

The control word field is between the MPLS label stack and the Layer 2 data. It carries control information for the Layer 2 frame, for example, the sequence number.

The control word feature has the following functions:

· Avoids fragment disorder. In multipath forwarding, fragments received might be disordered. The control word feature reorders the fragments according to the sequence number carried in the control word field.

· Identifies the original payload length for packets that include padding.

The control word field is optional for EVPN VPLS. You can configure whether to carry the control word field in packets sent on PWs. If you enable the control word feature on PEs at both ends of a PW, packets transmitted on the PW carry the control word field. Otherwise, the packets do not carry the control word field.

L2VPN flow label

Packets carrying different types of traffic might be transmitted through the same PW and encapsulated with the same PW label. The P devices forward the traffic flows of a PW over the same path even if Equal Cost Multiple Paths (ECMPs) exist.

The L2VPN flow label feature can enable a P device to perform load sharing on packets based on the flow types.

After you configure this feature, the P and PE devices process packets as follows:

· When the ingress PE encapsulates a packet, it adds a flow label before it adds a PW label, as shown in Figure 7.

The ingress PE adds different flow labels for packets of different traffic types.

· The P devices perform load sharing on packets based on the flow labels.

· The egress PE removes both the PW and flow labels from a packet before forwarding the packet.

Figure 7 L2VPN flow label feature

‌

You can enable the flow label sending, receiving, or both sending and receiving capabilities on a PE.

· The sending capability enables a PE to send packets with flow labels. The PE adds a flow label before it adds a PW label to a packet during encapsulation.

· The receiving capability enables a PE to identify the flow label in a received packet and removes the flow label before forwarding the packet.

For two PEs to successfully negotiate the flow label capabilities, make sure one end has the sending capability and the other end has the receiving capability.

For EVPN VPLS, you must manually configure flow label capabilities for the local and remote PEs.

MAC mobility

MAC mobility refers to the movement of a VM or host from one ES to another. The source PE is unaware of the MAC move event. To notify other PEs of the change, the destination PE advertises a MAC/IP advertisement route for the MAC address. The source PE withdraws the old route for the MAC address after receiving the new route. The MAC/IP advertisement route has a sequence number that increases when the MAC address moves. The sequence number identifies the most recent move if the MAC address moves multiple times.

LDP or static PW ACs for EVPN PWs

This feature ensures that a traditional VPLS network and an EVPN VPLS network can communicate with each other. The LDP or static PWs in the VPLS network are configured as ACs to the EVPN VPLS network. These ACs are referred to as UPWs in the EVPN VPLS network. Packets can be forwarded between EVPN PWs and UPWs, so the VPLS and EVPN VPLS networks can communicate with each other.

With this feature, an LDP or static PW can be single-homed to an EVPN PW or two LDP or static PWs can be dual-homed to two EVPN PWs.

As shown in Figure 8, in the VPLS network, PE 1 is connected to PE 2 and PE 3 through LDP or static PWs. One of the PWs is the primary PW and the other PW is the backup PW. The PWs are UPWs. In the EVPN VPLS network, PE 4 is connected to PE 2 and PE 3 through EVPN PWs. The UPWs in the VPLS network act as ACs for the EVPN VPLS network. When PE 2 or PE 3 receives packets from the UPWs, it decapsulates MPLS encapsulation from the packets and looks up the MAC address table for a matching EVPN PW. Then, the PE adds MPLS encapsulation to the packets based on the EVPN PW and forwards the packets to PE 4. When PE 2 or PE 3 receives packets from an EVPN PW, it uses the same procedure to process the packets.

Figure 8 LDP or static PW ACs for EVPN PWs

Intercommunication between EVPN VXLAN and EVPN VPLS networks

Figure 9 shows a typical application scenario for intercommunication between EVPN VXLAN and EVPN VPLS networks. Two EVPN VXLAN networks are connected through an EVPN VPLS network. GW 1, GW 2, GW 3, and GW 4 are boundary devices of the EVPN VXLAN and EVPN VPLS networks. They reoriginate the MAC/IP advertisement routes generated in one network and advertise the routes to another network. Route advertisement across the EVPN VXLAN and EVPN VPLS networks enables intercommunication between the EVPN VXLAN and EVPN VPLS networks.

Figure 9 Application scenario for intercommunication between EVPN VXLAN and EVPN VPLS networks

As shown in Figure 9, GWs handle received MAC/IP advertisement routes as follows:

· When a GW receives a MAC/IP advertisement route from an EVPN VXLAN network, it reoriginates the route and advertises the route to the EVPN VPLS network. When the GW reoriginates the route, it performs the following operations:

a. Assigns and adds an MPLS label to the route.

b. Changes the encapsulation type of the route to MPLS encapsulation.

c. Changes the RD and route targets of the route.

· When a GW receives a MAC/IP advertisement route from the EVPN VPLS network, it reoriginates the route and advertises the route to the connected EVPN VXLAN network. When the GW reoriginates the route, it performs the following operations:

d. Looks up the VXLAN ID matching the route and adds the VXLAN ID to the route.

e. Changes the encapsulation type of the route to VXLAN encapsulation.

f. Changes the RD and route targets of the route.

After the GWs finish MAC address learning through MAC/IP advertisement routes, they add VXLAN or MPLS encapsulation to received packets according to the learned MAC address entries. Then, they forward the packets to an EVPN VXLAN network or the EVPN VPLS network.

For more information about configuring intercommunication between EVPN VXLAN and EVPN VPLS networks, see "Configuring EVPN VXLAN."

EVPN VPLS tasks at a glance

To configure EVPN VPLS, perform the following tasks:

1. Configuring a VSI

a. Creating a VSI

b. (Optional.) Configure VSI parameters

2. Configuring an EVPN instance

3. Mapping ACs to a VSI

¡ Mapping a Layer 3 interface to a VSI

4. Configuring BGP EVPN routes

a. Enabling BGP to advertise BGP EVPN routes

b. Enabling advertisement of MPLS-encapsulated BGP EVPN routes

c. (Optional.) Configuring optimal route selection and route advertisement settings

d. (Optional.) Configuring routing policy-based recursive lookup

e. (Optional.) Maintaining BGP sessions

5. (Optional.) Configuring a PW class

6. (Optional.) Configuring EVPN VPLS multihoming

a. Assigning an ESI to an interface

b. (Optional.) Configuring the DF election algorithm

c. (Optional.) Enabling AC state-based DF election

d. (Optional.) Setting the DF election delay

e. (Optional.) Enabling non-revertive mode for preference-based DF election

f. (Optional.) Configuring Ethernet segment route advertisement delay

g. (Optional.) Setting the advertisement delay timer for Ethernet auto-discovery routes

h. (Optional.) Disabling advertisement of EVPN multihoming routes

i. (Optional.) Enabling VSIs to ignore the state of ACs

j. (Optional.) Enabling the device to monitor the BGP peer status of another local edge device

7. (Optional.) Managing remote MAC address entries and remote ARP learning

¡ Disabling MAC address advertisement

¡ Enabling MAC mobility event suppression

¡ Disabling learning of MAC addresses from ARP or ND information

¡ Disabling ARP information advertisement

8. (Optional.) Configuring LDP or static PWs as ACs for EVPN PWs

9. (Optional.) Optimizing and maintaining an EVPN VPLS network:

¡ Enabling ARP flood suppression

¡ Testing the connectivity of an EVPN PW

Configuring a VSI

Creating a VSI

1. Enter system view.

system-view

2. Enable L2VPN.

l2vpn enable

By default, L2VPN is disabled.

3. Create a VSI and enter VSI view.

vsi vsi-name

4. Bring up the VSI.

undo shutdown

By default, a VSI is not administratively down.

Configure VSI parameters

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Configure a VSI description.

description text

By default, a VSI does not have a description.

4. Set the MTU of the VSI.

mtu mtu

The default MTU for a VSI is 1500 bytes.

5. Enable MAC address learning for the VSI.

mac-learning enable

By default, MAC address learning is enabled for a VSI.

Configuring an EVPN instance

About EVPN instance configuration

The BGP EVPN routes advertised by a PE carry the RD and route targets configured for the EVPN instance of the routes.

Configuring an EVPN instance created in VSI view

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Create an EVPN instance and enter VSI EVPN instance view.

evpn encapsulation mpls

4. Configure an RD for the EVPN instance.

route-distinguisher route-distinguisher

By default, no RD is configured for an EVPN instance.

5. Configure route targets for the EVPN instance.

vpn-target { vpn-target&<1-8> } [ both | export-extcommunity | import-extcommunity ]

By default, an EVPN instance does not have route targets.

Make sure the import targets of the EVPN instance do not match the export targets of VPN instances or the public instance, and vice versa.

6. (Optional.) Apply a PW class to the EVPN instance.

pw-class class-name

By default, no PW class is applied to an EVPN instance.

The specified PW class applies to all PWs in the EVPN instance.

7. (Optional.) Apply an export routing policy to the EVPN instance.

export route-policy route-policy

By default, no export routing policy is applied to an EVPN instance. The EVPN instance does not filter advertised routes.

8. (Optional.) Apply an import routing policy to the EVPN instance.

import route-policy route-policy

By default, no import routing policy is applied to an EVPN instance. The EVPN instance accepts a route when the export route targets of the route match local import route targets.

Mapping ACs to a VSI

Mapping a Layer 3 interface to a VSI

About this task

To assign the customer traffic on a Layer 3 interface to a VSI, map that interface to the VSI. The VSI uses its MAC address table to forward the customer traffic.

For more information about the commands in this task, see VPLS in MPLS Command Reference.

Procedure

1. Enter system view.

system-view

2. Enter Layer 3 interface view.

interface interface-type interface-number

3. Map the Layer 3 interface to a VSI.

xconnect vsi vsi-name [ access-mode { ethernet | vlan } ]

By default, a Layer 3 interface is not mapped to a VSI.

Configuring BGP EVPN routes

Restrictions and guidelines for BGP EVPN route advertisement

For more information about BGP commands in this task, see Layer 3—IP Routing Command Reference.

Enabling BGP to advertise BGP EVPN routes

1. Enter system view.

system-view

2. Configure a global router ID.

router id router-id

By default, no global router ID is configured.

3. Enable a BGP instance and enter BGP instance view.

bgp as-number [ instance instance-name ]

By default, BGP is disabled and no BGP instances exist.

4. Specify remote PEs as BGP peers.

peer { group-name | ipv4-address [ mask-length ] } as-number as-number

5. Create the BGP EVPN address family and enter BGP EVPN address family view.

address-family l2vpn evpn

6. Enable BGP to exchange BGP EVPN routes with a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } enable

By default, BGP does not exchange BGP EVPN routes with peers.

Enabling advertisement of MPLS-encapsulated BGP EVPN routes

About this task

Perform this task on PEs for them to establish PWs.

Procedure

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP EVPN address family view.

address-family l2vpn evpn

4. Enable MPLS encapsulation for the BGP EVPN routes advertised to a peer or peer group.

peer { group name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } advertise encap-type mpls

By default, BGP EVPN routes use VXLAN encapsulation.

Configuring optimal route selection and route advertisement settings

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP EVPN address family view.

address-family l2vpn evpn

4. Permit the local AS number to appear in routes from a peer or peer group and set the number of appearances.

peer { group-name | ipv4-address [ mask-length ] } allow-as-loop [ number ]

By default, the local AS number is not allowed in routes from peers.

5. Enable route target filtering for BGP EVPN routes.

policy vpn-target

By default, route target filtering is enabled for BGP EVPN routes.

6. Enable the device to filter advertised objects based on the first AS number in EBGP routes.

peer-as-check enable

By default, the device advertises a received EBGP route to all BGP peers except the peer that sends the EBGP route.

After you execute this command, the device checks the first AS number in the AS_Path attribute of an EBGP route when advertising the EBGP route to EBGP peers. The device will not advertise the EBGP route to the EBGP peers in that AS.

7. (Optional.) Set the optimal route selection delay timer. Choose one of the following tasks or both:

¡ Set the optimal route selection delay timer for all BGP routes in the current address family.

route-select delay delay-value

¡ Delay optimal route selection for a peer in the specified duration after the peer comes up.

route-select suppress on-peer-up milliseconds

By default, optimal route selection is not delayed.

8. (Optional.) Set the delay time for responding to recursive next hop changes.

nexthop recursive-lookup [ non-critical-event ] delay [ delay-value ]

By default, BGP responds to recursive next hop changes immediately.

9. Configure BGP route reflection settings:

a. Configure the device as an RR and specify a peer or peer group as its client.

peer { group-name | ipv4-address [ mask-length ] } reflect-client

By default, no RR or client is configured.

b. (Optional.) Enable BGP EVPN route reflection between clients.

reflect between-clients

By default, BGP EVPN route reflection between clients is enabled.

c. (Optional.) Configure the cluster ID of the RR.

reflector cluster-id { cluster-id | ipv4-address }

By default, an RR uses its own router ID as the cluster ID.

d. (Optional.) Create a reflection policy for the RR to filter reflected BGP EVPN routes.

rr-filter { ext-comm-list-number | ext-comm-list-name }

By default, an RR does not filter reflected BGP EVPN routes.

e. (Optional.) Create a reflection policy for the RR to filter reflected BGP EVPN routes.

reflect change-path-attribute

By default, an RR does not filter reflected BGP EVPN routes.

f. (Optional.) Add a peer or peer group to the nearby cluster.

peer { group-name | ipv4-address [ mask-length ] } reflect-nearby-group

By default, the nearby cluster does not have any peers or peer groups.

The RR does not change the next hop of routes reflected to peers or peer groups in the nearby cluster.

10. Configure the device to not change the next hop of routes advertised to an EBGP peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } next-hop-invariable

By default, the device uses its address as the next hop of routes advertised to EBGP peers.

11. Set a preferred value for routes received from a peer or peer group

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } preferred-value value

By default, the preferred value is 0 for routes received from a peer or peer group.

12. Prefer routes learned from the specified peer or peer group during optimal route selection.

peer { group-name | ipv4-address [ mask-length ] } high-priority

By default, BGP does not prefer routes learned from any peer or peer groups during optimal route selection.

13. Apply a routing policy to routes received from or advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } route-policy route-policy-name { export | import }

By default, no routing policies are applied to routes received from or advertised to peers or peer groups.

14. Advertise the COMMUNITY attribute to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } advertise-community

By default, the device does not advertise the COMMUNITY attribute to peers or peer groups.

15. Configure the BGP additional path feature.

a. Configure the BGP additional path capabilities.

peer { group-name | ipv4-address [ mask-length ] } additional-paths { receive | send } *

By default, no BGP additional path capabilities are configured.

b. Set the maximum number of Add-Path optimal routes that can be advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } advertise additional-paths best number

By default, a maximum number of one Add-Path optimal route can be advertised to a peer or peer group.

c. Set the maximum number of Add-Path optimal routes that can be advertised to all peers.

additional-paths select-best best-number

By default, a maximum number of one Add-Path optimal route can be advertised to all peers.

Configuring routing policy-based recursive lookup

About this task

Configure routing policy-based recursive lookup to control route recursion results, such as to prefer a path during route recursion or to ensure correctness of recursive routes.

If routing policy-based recursive lookup is configured, all recursive routes are filtered by using the specified routing policy. If no recursive route for a route matches a permit node in the routing policy, that route is considered unreachable and invalid.

To disable routing policy-based recursive lookup for the BGP routes learned from a specific peer or peer group, use the peer nexthop-recursive-policy disable command.

Restrictions and guidelines

The nexthop recursive-lookup route-policy command does not take effect on the routes learned from directly connected EBGP peers.

The protocol nexthop recursive-lookup command executed in RIB IPv4 or IPv6 address family view also takes effect on BGP routes of the BGP EVPN address family. If you execute both the nexthop recursive-lookup route-policy and protocol nexthop recursive-lookup commands, the nexthop recursive-lookup route-policy command is preferred for BGP EVPN routes.

For more information about the nexthop recursive-lookup route-policy and peer nexthop-recursive-policy disable commands, see BGP commands in Layer 3—IP Routing Command Reference.

For more information about the protocol nexthop recursive-lookup command, see IP routing basics commands in Layer 3—IP Routing Command Reference.

Procedure

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP EVPN address family view.

address-family l2vpn evpn

4. Configure routing policy-based recursive lookup.

nexthop recursive-lookup route-policy route-policy-name

By default, BGP does not perform routing policy-based recursive lookup.

IMPORTANT:

If no recursive route of the BGP EVPN address family matches a permit node in the specified routing policy, all BGP routes of this address family will become unreachable. To avoid traffic interruption, plan your desired recursive routes and configure the routing policy accordingly.

5. (Optional.) Disable routing policy-based recursive lookup for the BGP routes learned from a peer or peer group.

a. Return to BGP instance view.

quit

b. Exempt a peer or peer group from routing policy-based recursive lookup.

peer { group-name | ipv4-address [ mask-length ] } nexthop-recursive-policy disable

By default, routing policy-based recursive lookup takes effect on routes learned from all peers and peer groups.

For more information about this command, see BGP commands in Layer 3—IP Routing Command Reference.

The nexthop recursive-lookup route-policy and protocol nexthop recursive-lookup commands do not take effect on the exempted peers and peer groups.

Maintaining BGP sessions

Perform the following tasks in user view:

· Reset BGP sessions of the BGP EVPN address family.

reset bgp [ instance instance-name ] { as-number | ipv4-address [ mask-length ] | all | external | group group-name | internal } l2vpn evpn

· Soft-reset BGP sessions of the BGP EVPN address family.

refresh bgp [ instance instance-name ] { ipv4-address [ mask-length ] | all | external | group group-name | internal } { export | import } l2vpn evpn

Configuring a PW class

About this task

In a PW class, you can configure PW attributes such as the PW data encapsulation type, and whether to enable control word. To simplify PW attribute configuration for PWs, you can configure a PW class and apply the PW class to the PWs.

Restrictions and guidelines

As a best practice, configure the same data encapsulation type for the two ends of a PW.

For more information about PW class commands, see MPLS L2VPN in MPLS Command Reference.

Procedure

1. Enter system view.

system-view

2. Create a PW class and enter PW class view.

pw-class class-name

3. Enable control word.

control-word enable

By default, control word is disabled.

4. Specify the PW data encapsulation type.

pw-type { ethernet | vlan }

By default, the PW data encapsulation type is VLAN.

Configuring EVPN VPLS multihoming

Restrictions and guidelines for EVPN VPLS multihoming

In a multihomed site, AC configuration must be consistent on redundant PEs of the same ES.

You can assign ESIs to a main interface and its subinterfaces.

· If you assign an ESI to a subinterface, the subinterface-specific ESI and ES configuration take precedence over those configured on the main interface. The ES configuration includes the following:

¡ evpn df-election algorithm.

¡ evpn df-election preference.

¡ evpn df-election preference non-revertive.

¡ evpn timer es-delay.

· If you do not assign an ESI to a subinterface, it inherits the ESI and ES configuration (if configured) of the main interface. In this scenario, the ES configuration on the subinterface does not take effect.

Assigning an ESI to an interface

About this task

An ESI uniquely identifies an ES. The links on interfaces with the same ESI belong to the same ES. Traffic of the ES can be distributed among the links for load sharing.

Procedure

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Assign an ESI to the interface.

esi esi-id

By default, no ESI is assigned to an interface.

Configuring the DF election algorithm

About this task

At a multihomed EVPN network site, you can modify the DF election algorithm to control the DF election result.

Restrictions and guidelines

If ambiguous VLAN termination is enabled on a subinterface acting as an AC, do not configure the VLAN tag-based algorithm for DF election on the subinterface. Otherwise, traffic forwarding errors will occur.

You can configure the DF election algorithm in system view and in interface view. The global DF election algorithm takes effect on all ESs, and the interface-specific DF election algorithm takes effect only on the ESs on an interface. The interface-specific DF election algorithm takes precedence over the global DF election algorithm.

Configuring the DF election algorithm globally

1. Enter system view.

system-view

2. Configure the DF election algorithm.

evpn df-election algorithm algorithm

By default, the VLAN tag-based algorithm is used for DF election.

Configuring the DF election algorithm on an interface

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Configure the DF election algorithm.

evpn df-election algorithm algorithm

By default, the DF election algorithm specified in system view takes effect.

Configuring parameters for preference-based DF election

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Set the DF election preference.

evpn df-election preference preference

By default, the DF election preference is 32767.

The larger the value, the higher the preference.

Enabling AC state-based DF election

About this task

At a multihomed EVPN network site, all PEs in an ES participate in DF election by default, regardless of their AC states. If the AC on the PE elected as the DF is down, traffic forwarding will fail. You can configure this feature to resolve this issue.

After you configure this feature, a PE participates in DF election only when the AC on the PE is up. A PE determines that the AC on the remote PE is up only when it receives AD per ES and AD per EVI routes from the remote PE.

Restrictions and guidelines

This feature takes effect only when you enable this feature on all PEs in an ES.

Procedure

1. Enter system view.

system-view

2. Enable AC state-based DF election.

evpn df-election ac-influence enable

By default, AC state-based DF election is disabled.

Setting the DF election delay

About this task

The DF election can be triggered by site-facing interface status changes, redundant PE membership changes, and interface ESI changes. To prevent frequent DF elections from degrading network performance, set the DF election delay. The DF election delay defines the minimum interval allowed between two DF elections.

Procedure

1. Enter system view.

system-view

2. Set the DF election delay.

evpn multihoming timer df-delay delay-value

By default, the DF election delay is 3 seconds.

Enabling non-revertive mode for preference-based DF election

About this task

At a multihomed EVPN network site, configuration changes, device restarts, or process restarts will trigger DF re-election, and DF switchover might cause packet loss. You can configure this feature to resolve this issue.

For example, PE 1 and PE 2 are in the same ES, and PE 1 is the DF. When PE 1 restarts and PE 2 becomes the new DF, non-revertive mode for preference-based DF election works as follows:

· If PE 1 receives Ethernet segment routes from PE 2 after the restart, PE 1 compares the DF election preference in the Ethernet segment routes with the local DF election preference.

¡ If the local DF election preference is smaller than that in the received Ethernet segment routes, PE 1 uses the local DF election preference in the advertised Ethernet segment routes.

¡ If the local DF election preference is equivalent to that in the received Ethernet segment routes, PE 1 compares the IP addresses as follows:

- If PE 1's IP address is lower than PE 2's IP address, PE 1 uses the local DF election preference and the DP value of 0 in the advertised Ethernet segment routes.

- If PE 1's IP address is higher than PE 2's IP address, PE 1 uses the local DF election preference and the DP value of 1 in the advertised Ethernet segment routes.

¡ If the local DF election preference is larger than that in the received Ethernet segment routes, PE 1 uses the DF election preference in the received Ethernet segment routes and the DP value of 0 when advertising Ethernet segment routes.

· If PE 1 does not receive Ethernet segment routes from PE 2 after the restart, PE 1 uses the local DF election preference in the advertised Ethernet segment routes.

Restrictions and guidelines

As a best practice, configure this feature when the all-active redundancy mode is used, and do not configure this feature when the single-active redundancy mode is used.

When the DF restarts or the process restarts and a new DF is elected, the original DF will immediately advertise Ethernet segment routes after the restart to become the DF again. However, access-side connections restore slowly and packet loss might occur after DF switchover. To resolve this issue, configure this feature together with the Ethernet segment route advertisement delay feature on all PEs in an ES.

Procedure

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Enable non-revertive mode for preference-based DF election.

evpn df-election preference non-revertive

By default, non-revertive mode is disabled for preference-based DF election.

Configuring Ethernet segment route advertisement delay

About this task

When the DF restarts or the process restarts and a new DF is elected, the original DF will immediately advertise Ethernet segment routes after the restart to become the DF again. However, access-side connections restore slowly and packet loss might occur after DF switchover. To resolve this issue, perform this task to configure a PE to delay the advertisement of Ethernet segment routes.

Restrictions and guidelines

As a best practice, configure this feature when the all-active redundancy mode is used, and do not configure this feature when the single-active redundancy mode is used.

Procedure

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Configure Ethernet segment route advertisement delay when preference-based DF election is used.

evpn timer es-recovery recovery-time

By default, Ethernet segment route advertisement delay is disabled when preference-based DF election is used.

Setting the advertisement delay timer for Ethernet auto-discovery routes

About this task

The advertisement delay timer for Ethernet auto-discovery routes helps reduce the traffic loss caused by a PE reboot at a multihomed EVPN VPLS network site.

At a multihomed EVPN VPLS network site, CE 1 is dualhomed to PE 1 and PE 2 through an aggregate link or smart trunk, and PE 3 is at a remote site. PE 1 forwards all traffic sent from CE 1 to the remote site, and PE 3 forwards the traffic that the remote site sends to CE 1 to both PE 1 and PE 2. When PE 1 reboots, it advertises Ethernet auto-discovery routes that carry next hop information to PE 3. If PE 3 has not received the MAC/IP advertisement routes advertised by PE 2 when receiving the Ethernet auto-discovery routes, it will forward traffic to both PE 1 and PE 2. In this situation, PE 1 does not have MAC address entries for CE 1 and drops the traffic.

To resolve this issue, set the advertisement delay timer for Ethernet auto-discovery routes on the CE-facing interface of PE 1. This timer allows PE 3 to receive the MAC/IP advertisement routes advertised by PE 2 before the Ethernet auto-discovery routes advertised by PE 1 and update its MAC address table timely.

Procedure

1. Enter system view.

system-view

2. Enable interface view.

interface interface-type interface-number

3. Set the advertisement delay timer for Ethernet auto-discovery routes.

evpn timer ad-delay delay-time

By default, advertisement of Ethernet auto-discovery routes is not delayed.

Disabling advertisement of EVPN multihoming routes

About this task

EVPN multihoming routes include Ethernet auto-discovery routes and Ethernet segment routes.

In a multihomed EVPN network, perform this task on a redundant PE before you reboot it. This operation allows other PEs to refresh their EVPN routing table to prevent traffic interruption caused by the reboot.

Procedure

1. Enter system view.

system-view

2. Disable advertisement of EVPN multihoming routes and withdraw the EVPN multihoming routes that have been advertised to remote sites.

evpn multihoming advertise disable

By default, the device advertises EVPN multihoming routes.

Enabling VSIs to ignore the state of ACs

About this task

This task helps reduce the traffic loss caused by AC failure at a multihomed EVPN VPLS network site that uses single-active redundancy mode.

At a multihomed EVPN VPLS network site that uses single-active redundancy mode, CE 1 is dualhomed to PE 1 and PE 2 through a smart trunk. PE 1 is the primary PE, and PE 2 is the secondary PE. When the AC on PE 1 fails, PE 1 and PE 2 act as follows:

· PE 1 withdraws advertised Ethernet auto-discovery routes.

· PE 2 brings up its AC and advertises Ethernet auto-discovery routes to remote PEs.

The remote PEs switch traffic to the paths to PE 2 only after receiving the Ethernet auto-discovery routes advertised by PE 2, and traffic loss occurs during path switchover. To resolve this issue, enable VSIs to ignore the state of ACs on PE 2. This feature allows PE 2 to advertise Ethernet auto-discovery routes to remote PEs regardless of the state of ACs and speeds up path switchover when the AC on PE 1 fails.

Restrictions and guidelines for AC state ignore configuration

On a VSI, VSI-specific AC state ignore configuration takes precedence over global AC state ignore configuration.

Perform this task together with the feature of generating MAC address entries for received MAC/IP advertisement routes.

Enabling VSIs to ignore the state of ACs globally

1. Enter system view.

system-view

2. Enable VSIs to ignore the state of ACs globally.

l2vpn ignore-ac-state [ evpn-vpls ]

By default, VSIs does not ignore the state of ACs.

Configuring a VSI to ignore the state of ACs

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enable a VSI to ignore the state of ACs or disable a VSI from ignoring the state of ACs.

ignore-ac-state { enable | disable }

By default, a VSI uses the global AC state ignore configuration.

Enabling the device to monitor the BGP peer status of another local edge device

About this task

Perform this task on the CE-facing interfaces of the edge devices multihomed to a site to prevent device reboots from causing inter-site forwarding failure.

This task excludes unavailable edge devices from DF election at a multihomed site. After an edge device recovers from failure and brings up its CE-facing interface, it starts a delay timer and checks the status of the BGP peer specified in the evpn track peer command. If the BGP peer comes up before the timer expires, the edge device advertises Ethernet segment routes to the peer. If the BGP peer is still down when the timer expires, the edge device does not advertise Ethernet segment routes to the peer. The edge devices then perform DF election based on the Ethernet segment routes they have received.

Procedure

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Enable the device to monitor the BGP peer status of another local edge device.

evpn track peer { peer-ipv4-address | peer-ipv6-address }

By default, the device does not monitor the BGP peer status of the other edge devices at a multihomed site.

4. Enable Ethernet segment route advertisement delay and set the advertisement delay timer.

evpn timer es-delay delay-time

By default, advertisement of Ethernet segment routes is not delayed.

Managing remote MAC address entries and remote ARP learning

Disabling MAC address advertisement

About this task

The MAC information and ARP or ND information advertised by the PE overlap. To avoid duplication, disable MAC address advertisement and withdraw the MAC addresses advertised to remote PEs.

Procedure (EVPN instance created in VSI view)

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter VSI EVPN instance view.

evpn encapsulation mpls

4. Disable MAC address advertisement and withdraw advertised MAC addresses.

mac-advertising disable

By default, MAC address advertisement is enabled.

Enabling MAC mobility event suppression

About this task

On an EVPN VPLS network, misconfiguration of MAC addresses might cause two sites to contain the same MAC address. In this condition, the PEs at the two sites constantly synchronize and update EVPN MAC address entries and determine that MAC mobility events occur. As a result, an inter-site loop might occur, and the bandwidth is occupied by MAC entry synchronization traffic. To eliminate loops and suppress those MAC mobility events, enable MAC mobility event suppression on the PEs.

The MAC mobility event suppression feature allows a MAC address to move at most the specified number of times (MAC mobility suppression threshold) out of a site within a MAC mobility detection cycle. If the suppression threshold has been reached for a MAC address within a detection cycle, the PE at the site suppresses the subsequent move after the MAC address moves back to the site. In addition, the PE learns the MAC address but does not advertise the MAC address.

Restrictions and guidelines

After you execute the undo evpn route mac-mobility suppression command or when the MAC mobility suppression time expires, a PE acts as follows:

· Advertises MAC address entries immediately for the suppressed MAC address entries that have not aged out.

· Relearns the MAC addresses for the suppressed MAC address entries that have aged out and advertises the MAC address entries.

If both MAC address entry conflicts and ARP entry conflicts exist for a MAC address, you must enable both MAC mobility event suppression and ARP mobility event suppression. If you enable only MAC mobility event suppression, the system cannot suppress MAC mobility events for the MAC address.

Procedure

1. Enter system view.

system-view

2. Enable MAC mobility event suppression.

evpn route mac-mobility suppression [ detect-cycle detect-time | detect-threshold move-times | suppression-time [ suppression-time | permanent ] ] *

By default, MAC mobility event suppression is disabled.

Disabling learning of MAC addresses from ARP or ND information

About this task

The MAC information and ARP or ND information advertised by a remote PE overlap. To avoid duplication, disable the learning of MAC addresses from ARP or ND information. EVPN will learn remote MAC addresses only from the MAC information advertised from remote sites.

Procedure (EVPN instance created in VSI view)

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter VSI EVPN instance view.

evpn encapsulation mpls

4. Disable the EVPN instance from learning MAC addresses from ARP information.

arp mac-learning disable

By default, an EVPN instance learns MAC addresses from ARP information.

5. Disable the EVPN instance from learning MAC addresses from ND information.

nd mac-learning disable

By default, an EVPN instance learns MAC addresses from ND information.

Disabling ARP information advertisement

About this task

In an EVPN VPLS network, you can disable ARP information advertisement for an EVPN instance to save resources if all user terminals in the EVPN instance are attached to one PE. The EVPN instance will stop advertising ARP information through MAC/IP advertisement routes and withdraw advertised ARP information.

Procedure (EVPN instance created in VSI view)

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter VSI EVPN instance view.

evpn encapsulation mpls

4. Disable ARP information advertisement for the EVPN instance.

arp-advertising disable

By default, ARP information advertisement is enabled for an EVPN instance.

Configuring LDP or static PWs as ACs for EVPN PWs

About LDP or static PW AC configuration for EVPN PWs

Use this feature to ensure that a VPLS network and an EVPN VPLS network can communicate with each other.

Restrictions and guidelines for LDP or static PW AC configuration for EVPN PWs

As a best practice, set the same redundancy mode for the UPWs that use the same ESI at a multihomed site.

If the all-active redundancy mode is used at a multihomed site, you must enable the dual receive feature for PW redundancy on the multihomed PEs. To enable this feature, use the protection dual-receive command.

Make sure the access mode of ACs is the same as the data encapsulation type of LDP PWs or EVPN PW.

Prerequisites for LDP or static PW AC configuration for EVPN PWs

Complete the following tasks:

· In the VPLS network, complete VPLS settings on the PEs and set up LDP or static PWs.

· In the EVPN VPLS network, complete EVPN VPLS settings on the PEs and set up EVPN PWs.

Configuring LDP PWs as ACs for EVPN PWs

Restrictions and guidelines

Make sure the access mode of ACs is the same as the data encapsulation type of LDP PWs. To configure the data encapsulation type for an LDP PW, execute the pw-type command for the PW class used by the LDP PW. To configure the access mode for an AC, use the xconnect vsi command.

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter VSI EVPN instance view.

evpn encapsulation mpls

4. Return to VSI view.

quit

5. Configure the VSI to use LDP to establish LDP PWs, and enter VSI LDP signaling view.

pwsignaling ldp

By default, no PW signaling protocol is specified for a VSI.

6. Configure a VSI LDP PW, disables split horizon forwarding for the PW, and enter VSI LDP PW view.

peer ip-address [ pw-id pw-id ] no-split-horizon [ hub | ignore-standby-state | pw-class class-name | tunnel-policy tunnel-policy-name ] *

The LDP PW configured by using this command is called an UPW, which acts as an AC for the EVPN VPLS network.

For more information about this command, see VPLS commands in MPLS Command Reference.

7. (Optional.) Assign an ESI to the UPW.

esi esi-id

By default, no ESI is assigned to an UPW.

At a multihomed site, use this command on the PEs in the VPLS and EVPN VPLS networks.

For more information about this command, see EVPN commands in EVPN Command Reference.

8. (Optional.) Set the redundancy mode of the UPW.

evpn redundancy-mode { all-active | single-active }

By default, the redundancy mode is all-active.

At a multihomed site, use this command on the PEs in the VPLS and EVPN VPLS networks.

For more information about this command, see EVPN commands in EVPN Command Reference.

9. Configure a VSI LDP backup PW and enter its view.

backup-peer ip-address [ pw-id pw-id ] [ pw-class class-name | tunnel-policy tunnel-policy-name ] *

At a multihomed site, use this command on the multihomed PEs.

For more information about this command, see VPLS commands in MPLS Command Reference.

Configuring static PWs as ACs for EVPN PWs

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter VSI EVPN instance view.

evpn encapsulation mpls

4. Return to VSI view.

quit

5. Configure the VSI to establish static PWs and enter VSI static configuration view.

pwsignaling static

By default, no PW signaling protocol is specified for a VSI.

6. Configure a static PW, disable split horizon forwarding for the PW, and enter VSI static PW view.

peer ip-address [ pw-id pw-id ] in-label label-value out-label label-value no-split-horizon [ hub | pw-class class-name | tunnel-policy tunnel-policy-name ] *

The static PW configured by using this command is called an UPW, which acts as an AC for the EVPN VPLS network.

For more information about this command, see VPLS commands in MPLS Command Reference.

7. (Optional.) Assign an ESI to the UPW.

esi esi-id

By default, no ESI is assigned to an UPW.

At a multihomed site, use this command on the PEs in the VPLS and EVPN VPLS networks.

For more information about this command, see EVPN commands in EVPN Command Reference.

8. (Optional.) Set the redundancy mode of the UPW.

evpn redundancy-mode { all-active | single-active }

By default, the redundancy mode is all-active.

At a multihomed site, use this command on the PEs in the VPLS and EVPN VPLS networks.

For more information about this command, see EVPN commands in EVPN Command Reference.

9. Configure a VSI static backup PW and enter its view.

backup-peer ip-address [ pw-id pw-id ] in-label label-value out-label label-value [ pw-class class-name | tunnel-policy tunnel-policy-name ] *

At a multihomed site, use this command on the multihomed PEs.

For more information about this command, see VPLS commands in MPLS Command Reference.

Enabling ARP flood suppression

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enable ARP flood suppression.

arp suppression enable

By default, ARP flood suppression is disabled.

Testing the connectivity of an EVPN PW

Pinging a PW destination

About this task

Perform this task to test the connectivity of a PW when the PW has traffic loss or interruption issues in an EVPN VPLS network. The process of a ping operation is as follows:

1. The PW source PE sends MPLS echo requests that contain the PW labels of the PW to the PW destination PE based on the destination MAC address and VSI you specify.

2. The PW destination PE looks up the routing table and responds to the PW source PE with MPLS echo replies.

3. The PW source PE outputs packet statistics and the test result based on whether and when it receives MPLS echo replies.

Procedure

To test the connectivity of a PW, execute the following command in any view:

Tracing the path to a PW destination

About this task

Perform this task to locate failed nodes on the path for a PW that has traffic loss or interruption issues in an EVPN VPLS network. The process of a tracert operation is as follows:

1. The PW source PE sends MPLS echo requests that contain the PW labels of the PW to the PW destination PE based on the destination MAC address and VSI you specify. The TTL in the MPLS header of the requests is set to 1.

2. The first hop on the path responds to the PW source PE with a TTL-expired ICMP error message.

3. The PW source PE sends MPLS echo requests with the TTL set to 2 if the PE receives the TTL-expired ICMP error message or has not received any packets within the timeout period.

4. The second hop responds with a TTL-expired ICMP error message.

5. This process continues until an MPLS echo request reaches the PW destination PE or the maximum TTL value is reached. If an MPLS echo request reaches the PW destination PE, the PW destination PE sends an MPLS echo reply to the PW source PE.

6. The PW source PE outputs packet statistics and the test result based on the received ICMP error messages and on whether an MPLS echo reply is received.

Procedure

To trace the path to a PW destination and locate failed nodes on the path, execute the following command in any view:

Verifying and maintaining EVPN VPLS

Displaying BGP EVPN running status and statistics information

Perform display tasks in any view.

· Display BGP peer group information.

display bgp [ instance instance-name ] group l2vpn evpn [ group-name group-name ]

For more information about this command, see basic BGP commands in Layer 3—IP Routing Command Reference.

· Display BGP peer or peer group information.

display bgp [ instance instance-name ] peer l2vpn evpn [ ipv4-address mask-length | { ipv4-address | group-name group-name } log-info | [ ipv4-address ] verbose ]

For more information about this command, see basic BGP commands in Layer 3—IP Routing Command Reference.

· Display information about BGP update groups.

display bgp [ instance instance-name ] update-group l2vpn evpn [ ipv4-address ]

For more information about this command, see basic BGP commands in Layer 3—IP Routing Command Reference.

· Display information about peers that are automatically discovered through BGP.

display evpn auto-discovery { { imet | mac-ip } [ mpls ] [ peer ip-address] [ vsi vsi-name ] | macip-prefix [ nexthop next-hop ] [ count ] }

· Display BGP EVPN routes.

display bgp [ instance instance-name ] l2vpn evpn [ peer { ipv4-address | ipv6-address } { advertised-routes | received-routes } [ statistics ] | [ route-distinguisher route-distinguisher | route-type { auto-discovery | es | imet | mac-ip } ] * [ { evpn-route route-length | evpn-prefix } [ advertise-info | as-path | cluster-list | community | ext-community ] | ipv4-address | ipv6-address | mac-address ] | statistics ]

display bgp [ instance instance-name ] l2vpn evpn [ route-distinguisher route-distinguisher ] [ statistics ] community [ community-number&<1-32> | aa:nn&<1-32> ] [ internet | no-advertise | no-export | no-export-subconfed ] [ whole-match ]

display bgp [ instance instance-name ] l2vpn evpn [ route-distinguisher route-distinguisher ] [ statistics ] community-list { basic-community-list-number | comm-list-name | adv-community-list-number } [ whole-match ]

display bgp [ instance instance-name ] l2vpn evpn [ route-distinguisher route-distinguisher ] [ statistics ] ext-community [ bandwidth link-bandwidth-value | rt route-target | soo site-of-origin | color color ]&<1-32> [ whole-match ]

· Display EVPN instance information.

display evpn instance [ name instance-name | vsi vsi-name ]

· Display VSI information.

display l2vpn vsi [ name vsi-name | evpn-vpls ] [ count | verbose ]

· Display the routing table for a VPN instance.

display evpn routing-table [ ipv6 ] { public-instance | vpn-instance vpn-instance-name } [ count ]

· Display DF election information.

display evpn df-election [ vsi vsi-name ] [ esi esi-id ]

Displaying MAC address entries

Display EVPN MAC address entries in any view.

display evpn route mac [ mpls ] [ local | remote ] [ vsi vsi-name ] [ mac-address mac-address ] [ count ]

EVPN VPLS configuration examples

Example: Configuring EVPN VPLS between singlehomed sites

Network configuration

As shown in Figure 10, set up a path between PE 1 and PE 2 for the CEs in site 1 and site 2 to communicate through EVPN VPLS over the MPLS or IP backbone network.

Figure 10 Network diagram

‌

Device	Interface	IP address	Device	Interface	IP address
CE 1	GE0/0/1	10.1.1.10/24	P	Loop0	3.3.3.3/32
PE 1	Loop0	1.1.1.1/32		GE0/0/1	11.1.1.2/24
	GE0/0/1	N/A		GE0/0/2	11.1.2.2/24
	GE0/0/2	11.1.1.1/24	PE 2	Loop0	2.2.2.2/32
CE 2	GE0/0/1	10.1.1.20/24		GE0/0/1	N/A
				GE0/0/2	11.1.2.1/24

Procedure

1. Configure CE 1.

<CE1> system-view

[CE1] interface gigabitethernet 0/0/1

[CE1-GigabitEthernet0/0/1] ip address 10.1.1.10 24

[CE1-GigabitEthernet0/0/1] quit

2. Configure PE 1:

# Configure the LSR ID.

<PE1> system-view

[PE1] interface loopback 0

[PE1-LoopBack0] ip address 1.1.1.1 32

[PE1-LoopBack0] quit

[PE1] mpls lsr-id 1.1.1.1

# Enable L2VPN.

[PE1] l2vpn enable

# Enable global LDP.

[PE1] mpls ldp

[PE1-ldp] quit

# Configure GigabitEthernet 0/0/2 (the interface connected to the P device), and enable LDP on the interface.

[PE1] interface gigabitethernet 0/0/2

[PE1-GigabitEthernet0/0/2] ip address 11.1.1.1 24

[PE1-GigabitEthernet0/0/2] mpls enable

[PE1-GigabitEthernet0/0/2] mpls ldp enable

[PE1-GigabitEthernet0/0/2] undo shutdown

[PE1-GigabitEthernet0/0/2] quit

# Configure OSPF for LDP to create LSPs.

[PE1] ospf

[PE1-ospf-1] area 0

[PE1-ospf-1-area-0.0.0.0] network 11.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0

[PE1-ospf-1-area-0.0.0.0] quit

[PE1-ospf-1] quit

# Create an IBGP connection to PE 2, and enable BGP to advertise L2VPN information to PE 2.

[PE1] bgp 100

[PE1-bgp-default] peer 2.2.2.2 as-number 100

[PE1-bgp-default] peer 2.2.2.2 connect-interface loopback 0

[PE1-bgp-default] address-family l2vpn evpn

[PE1-bgp-default-evpn] peer 2.2.2.2 enable

[PE1-bgp-default-evpn] peer 2.2.2.2 advertise encap-type mpls

[PE1-bgp-default-evpn] quit

[PE1-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE1] vsi vpna

[PE1-vsi-vpna] evpn encapsulation mpls

[PE1-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE1-vsi-vpna-evpn-mpls] quit

[PE1-vsi-vpna] quit

# Map GigabitEthernet 0/0/1 (the interface connected to CE 1) to VSI vpna.

[PE1] interface gigabitethernet 0/0/1

[PE1-GigabitEthernet0/0/1] xconnect vsi vpna

[PE1-GigabitEthernet0/0/1] quit

3. Configure the P device:

# Configure the LSR ID.

<P> system-view

[P] interface loopback 0

[P-LoopBack0] ip address 3.3.3.3 32

[P-LoopBack0] quit

[P] mpls lsr-id 3.3.3.3

# Enable global LDP.

[P] mpls ldp

[P-ldp] quit

# Configure GigabitEthernet 0/0/1 (the interface connected to PE 1), and enable LDP on the interface.

[P] interface gigabitethernet 0/0/1

[P-GigabitEthernet0/0/1] ip address 11.1.1.2 24

[P-GigabitEthernet0/0/1] mpls enable

[P-GigabitEthernet0/0/1] mpls ldp enable

[P-GigabitEthernet0/0/1] undo shutdown

[P-GigabitEthernet0/0/1] quit

# Configure GigabitEthernet 0/0/2 (the interface connected to PE 2), and enable LDP on the interface.

[P] interface gigabitethernet 0/0/2

[P-GigabitEthernet0/0/2] ip address 11.1.2.2 24

[P-GigabitEthernet0/0/2] mpls enable

[P-GigabitEthernet0/0/2] mpls ldp enable

[P-GigabitEthernet0/0/2] undo shutdown

[P-GigabitEthernet0/0/2] quit

# Configure OSPF for LDP to create LSPs.

[P] ospf

[P-ospf-1] area 0

[P-ospf-1-area-0.0.0.0] network 11.1.1.0 0.0.0.255

[P-ospf-1-area-0.0.0.0] network 11.1.2.0 0.0.0.255

[P-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0

[P-ospf-1-area-0.0.0.0] quit

[P-ospf-1] quit

4. Configure PE 2:

# Configure the LSR ID.

<PE2> system-view

[PE2] interface loopback 0

[PE2-LoopBack0] ip address 2.2.2.2 32

[PE2-LoopBack0] quit

[PE2] mpls lsr-id 2.2.2.2

# Enable L2VPN.

[PE2] l2vpn enable

# Enable global LDP.

[PE2] mpls ldp

[PE2-ldp] quit

# Configure GigabitEthernet 0/0/2 (the interface connected to the P device), and enable LDP on the interface.

[PE2] interface gigabitethernet 0/0/2

[PE2-GigabitEthernet0/0/2] ip address 11.1.2.1 24

[PE2-GigabitEthernet0/0/2] mpls enable

[PE2-GigabitEthernet0/0/2] mpls ldp enable

[PE2-GigabitEthernet0/0/2] undo shutdown

[PE2-GigabitEthernet0/0/2] quit

# Configure OSPF for LDP to create LSPs.

[PE2] ospf

[PE2-ospf-1] area 0

[PE2-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0

[PE2-ospf-1-area-0.0.0.0] network 11.1.2.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] quit

[PE2-ospf-1] quit

# Create an IBGP connection to PE 1, and enable BGP to advertise L2VPN information to PE 1.

[PE2] bgp 100

[PE2-bgp-default] peer 1.1.1.1 as-number 100

[PE2-bgp-default] peer 1.1.1.1 connect-interface loopback 0

[PE2-bgp-default] address-family l2vpn evpn

[PE2-bgp-default-evpn] peer 1.1.1.1 enable

[PE2-bgp-default-evpn] peer 1.1.1.1 advertise encap-type mpls

[PE2-bgp-default-evpn] quit

[PE2-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE2] vsi vpna

[PE2-vsi-vpna] evpn encapsulation mpls

[PE2-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE2-vsi-vpna-evpn-mpls] quit

[PE2-vsi-vpna] quit

# Map GigabitEthernet 0/0/1 (the interface connected to CE 2) to VSI vpna.

[PE2] interface gigabitethernet 0/0/1

[PE2-GigabitEthernet0/0/1] xconnect vsi vpna

[PE2-GigabitEthernet0/0/1] quit

5. Configure CE 2.

<CE2> system-view

[CE2] interface gigabitethernet 0/0/1

[CE2-GigabitEthernet0/0/1] ip address 10.1.1.20 24

[CE2-GigabitEthernet0/0/1] quit

Verifying the configuration

# Verify that an EVPN PW has been established between PE 1 and PE 2.

[PE1] display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 1

1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI Name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

2.2.2.2 - 775127/775127 EVPN M 8 Up

# Display PW information on PE 2.

[PE2] display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 1

1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI Name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

1.1.1.1 - 775127/775127 EVPN M 8 Up

# Verify that CE 1 and CE 2 can ping each other. (Details not shown.)

Example: Configuring EVPN VPLS multihoming

Example: Configuring LDP PWs as ACs for EVPN PWs

Network configuration

As shown in Figure 11:

· PE 1 and PE 2 are edge devices on both the VPLS network and EVPN VPLS network.

· PE 1, PE 2, and PE 4 use LDP to establish LDP PWs.

· On PE 1 and PE 2, configure LDP PWs as UPWs (ACs) for EVPN PWs to ensure that the VPLS and EVPN VPLS networks can communicate with each other.

· PE 4 is dual-homed to PE 1 and PE 2 through two LDP PWs (UPWs).

Figure 11 Network diagram

‌

Device	Interface	IP address	Device	Interface	IP address
PE 1	Loop0	1.1.1.9/32	PE 3	Loop0	3.3.3.9/32
	GE0/0/1	10.1.1.1/24		GE0/0/1	-
	GE0/0/2	30.1.1.1/24		GE0/0/2	30.1.1.3/24
	GE0/0/3	10.1.3.1/24		GE0/0/3	10.1.2.3/24
PE 2	Loop0	2.2.2.9/32	PE 4	Loop0	4.4.4.9/32
	GE0/0/1	20.1.1.2/24		GE0/0/3	-
	GE0/0/2	10.1.2.2/24		GE0/0/1	10.1.1.4/24
	GE0/0/3	10.1.3.2/24		GE0/0/2	20.1.1.4/24
CE 1	GE0/0/1	100.1.1.1/32	CE 2	GE0/0/1	100.1.1.2/32

Procedure

1. Configure CE 1:

# Configure an IP address and mask for GigabitEthernet 0/0/1.

<CE1> system-view

[CE1] interface gigabitethernet 0/0/1

[CE1-GigabitEthernet0/0/1] ip address 100.1.1.1 24

[CE1-GigabitEthernet0/0/1] quit

2. Configure PE 4:

# Configure MPLS basic capabilities.

<PE4> system-view

[PE4] interface loopback 0

[PE4-LoopBack0] ip address 1.1.1.9 32

[PE4-LoopBack0] quit

[PE4] mpls lsr-id 1.1.1.9

# Enable LDP globally.

[PE4] mpls ldp

[PE4-ldp] quit

# Enable L2VPN.

[PE4] l2vpn enable

# Configure GigabitEthernet 0/0/1, the interface connected to PE 1.

[PE4] interface gigabitethernet 0/0/1

[PE4-GigabitEthernet0/0/1] ip address 10.1.1.4 24

[PE4-GigabitEthernet0/0/1] ospf 1 area 0

[PE4-GigabitEthernet0/0/1] mpls enable

[PE4-GigabitEthernet0/0/1] mpls ldp enable

[PE4-GigabitEthernet0/0/1] undo shutdown

[PE4-GigabitEthernet0/0/1] quit

# Configure GigabitEthernet 0/0/2, the interface connected to PE 2.

[PE4] interface gigabitethernet 0/0/2

[PE4-GigabitEthernet0/0/2] ip address 20.1.1.4 24

[PE4-GigabitEthernet0/0/2] ospf 1 area 0

[PE4-GigabitEthernet0/0/2] mpls enable

[PE4-GigabitEthernet0/0/2] mpls ldp enable

[PE4-GigabitEthernet0/0/2] undo shutdown

[PE4-GigabitEthernet0/0/2] quit

# Configure VSI vpna to use LDP to establish LDP PWs. The LDP PW between PE 1 and PE 4 is the primary PW and the LDP PW between PE 2 and PE 4 is the backup PW. Enable the dual receive feature for PW redundancy.

[PE4] vsi vpna

[PE4-vsi-vpna] protection dual-receive

[PE4-vsi-vpna] pwsignaling ldp

[PE4-vsi-vpna-ldp] peer 1.1.1.9 pw-id 500

[PE4-vsi-vpna-ldp-1.1.1.9-500] backup-peer 2.2.2.9 pw-id 500

[PE4-vsi-vpna-ldp-1.1.1.9-500-backup] quit

[PE4-vsi-vpna-ldp-1.1.1.9-500] quit

[PE4-vsi-vpna-ldp] quit

[PE4-vsi-vpna] quit

# Map GigabitEthernet 0/0/3 to VSI vpna.

[PE4] interface gigabitethernet 0/0/3

[PE4-GigabitEthernet0/0/3] xconnect vsi vpna

[PE4-GigabitEthernet0/0/3] quit

3. Configure PE 1:

# Configure interface Loopback 0.

<PE1> system-view

[PE1] interface loopback 0

[PE1-LoopBack1] ip address 1.1.1.9 32

[PE1-LoopBack1] quit

# Configure MPLS basic capabilities.

[PE1] mpls lsr-id 1.1.1.9

# Enable LDP globally.

[PE1] mpls ldp

[PE1-ldp] quit

# Enable L2VPN.

[PE1] l2vpn enable

# Run OSPF on PE 1 to set up LSPs.

[PE1] ospf

[PE1-ospf-1] area 0

[PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0

[PE1-ospf-1] quit

# Configure GigabitEthernet 0/0/1, the interface connected to PE 4.

[PE1] interface gigabitethernet 0/0/1

[PE1-GigabitEthernet0/0/1] ip address 10.1.1.1 24

[PE1-GigabitEthernet0/0/1] mpls enable

[PE1-GigabitEthernet0/0/1] mpls ldp enable

[PE1-GigabitEthernet0/0/1] undo shutdown

[PE1-GigabitEthernet0/0/1] quit

# Configure GigabitEthernet 0/0/2, the interface connected to PE 3.

[PE1] interface gigabitethernet 0/0/2

[PE1-GigabitEthernet0/0/2] ip address 30.1.1.1 24

[PE1-GigabitEthernet0/0/2] mpls enable

[PE1-GigabitEthernet0/0/2] mpls ldp enable

[PE1-GigabitEthernet0/0/2] undo shutdown

[PE1-GigabitEthernet0/0/2] quit

# ConfigureGigabitEthernet 0/0/3, the interface connected to PE 2.

[PE1] interface gigabitethernet 0/0/3

[PE1-GigabitEthernet0/0/3] ip address 10.1.3.1 24

[PE1-GigabitEthernet0/0/3] mpls enable

[PE1-GigabitEthernet0/0/3] mpls ldp enable

[PE1-GigabitEthernet0/0/3] undo shutdown

[PE1-GigabitEthernet0/0/3] quit

# Establish IBGP connections to PE 2 and PE 3, and enable BGP EVPN to advertise route information to PE 2 and PE 3.

[PE1] bgp 100

[PE1-bgp-default] peer 2.2.2.9 as-number 100

[PE1-bgp-default] peer 2.2.2.9 connect-interface loopback 0

[PE1-bgp-default] peer 3.3.3.9 as-number 100

[PE1-bgp-default] peer 3.3.3.9 connect-interface loopback 0

[PE1-bgp-default] address-family l2vpn evpn

[PE1-bgp-default-evpn] peer 2.2.2.9 enable

[PE1-bgp-default-evpn] peer 3.3.3.9 enable

[PE1-bgp-default-evpn] peer 2.2.2.9 advertise encap-type mpls

[PE1-bgp-default-evpn] peer 3.3.3.9 advertise encap-type mpls

[PE1-bgp-default-evpn] quit

[PE1-bgp-default] quit

# Create a PW class and set its data encapsulation type to Ethernet.

[PE1] pw-class aaa

[PE1-pw-class-aaa] pw-type ethernet

[PE1-pw-class-aaa] quit

# Create VSI vpna, create an EVPN instance for it, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE1] vsi vpna

[PE1-vsi-vpna] evpn encapsulation mpls

[PE1-vsi-vpna-evpn-srv6] route-distinguisher 1:1

[PE1-vsi-vpna-evpn-srv6] vpn-target 1:1 export-extcommunity

[PE1-vsi-vpna-evpn-srv6] vpn-target 1:1 import-extcommunity

[PE1-vsi-vpna-evpn-srv6] quit

# Configure VSI vpna to use LDP to establish LDP PWs. Configure PE 1 to establish an UPW with PE 4, assign an ESI to the UPW, and set the redundancy mode of the UPW to all-active.

[PE1-vsi-vpna] pwsignaling ldp

[PE1-vsi-vpna-ldp] peer 4.4.4.9 pw-id 500 no-split-horizon pw-class aaa

[PE1-vsi-vpna-ldp-4.4.4.9-500] esi 1.1.1.1.1

[PE1-vsi-vpna-ldp-4.4.4.9-500] evpn redundancy-mode all-active

[PE1-vsi-vpna-ldp-4.4.4.9-500] quit

[PE1-vsi-vpna-ldp] quit

[PE1-vsi-vpna] quit

4. Configure PE 2:

# Configure MPLS basic capabilities.

<PE2> system-view

[PE2] interface loopback 0

[PE2-LoopBack0] ip address 2.2.2.9 32

[PE2-LoopBack0] quit

[PE2] mpls lsr-id 2.2.2.9

# Enable LDP globally.

[PE2] mpls ldp

[PE2-ldp] quit

# Enable L2VPN.

[PE2] l2vpn enable

# Run OSPF on PE 2 to set up LSPs.

[PE2] ospf

[PE2-ospf-1] area 0

[PE2-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0

[PE2-ospf-1] quit

# Configure GigabitEthernet 0/0/3, the interface connected to PE 1.

[PE2] interface gigabitethernet 0/0/3

[PE2-GigabitEthernet0/0/3] ip address 10.1.3.2 24

[PE2-GigabitEthernet0/0/3] mpls enable

[PE2-GigabitEthernet0/0/3] mpls ldp enable

[PE2-GigabitEthernet0/0/3] undo shutdown

[PE2-GigabitEthernet0/0/3] quit

# Configure GigabitEthernet 0/0/2, the interface connected to PE 3.

[PE2] interface gigabitethernet 0/0/2

[PE2-GigabitEthernet0/0/2] ip address 10.1.2.1 24

[PE2-GigabitEthernet0/0/2] mpls enable

[PE2-GigabitEthernet0/0/2] mpls ldp enable

[PE2-GigabitEthernet0/0/2] undo shutdown

[PE2-GigabitEthernet0/0/2] quit

# Configure GigabitEthernet 0/0/1, the interface connected to PE 4.

[PE2] interface gigabitethernet 0/0/1

[PE2-GigabitEthernet0/0/1] ip address 20.1.1.2 24

[PE2-GigabitEthernet0/0/1] mpls enable

[PE2-GigabitEthernet0/0/1] mpls ldp enable

[PE2-GigabitEthernet0/0/1] undo shutdown

[PE2-GigabitEthernet0/0/1] quit

# Establish IBGP connections to PE 1 and PE 3 and enable BGP EVPN to advertise route information to PE 1 and PE 3.

[PE2] bgp 100

[PE2-bgp-default] peer 1.1.1.9 as-number 100

[PE2-bgp-default] peer 1.1.1.9 connect-interface loopback 0

[PE2-bgp-default] peer 3.3.3.9 as-number 100

[PE2-bgp-default] peer 3.3.3.9 connect-interface loopback 0

[PE2-bgp-default] address-family l2vpn evpn

[PE2-bgp-default-evpn] peer 1.1.1.9 enable

[PE2-bgp-default-evpn] peer 3.3.3.9 enable

[PE2-bgp-default-evpn] peer 1.1.1.9 advertise encap-type mpls

[PE2-bgp-default-evpn] peer 3.3.3.9 advertise encap-type mpls

[PE2-bgp-default-evpn] quit

[PE2-bgp-default] quit

# Create a PW class and set its data encapsulation type to Ethernet.

[PE2] pw-class aaa

[PE2-pw-class-aaa] pw-type ethernet

[PE2-pw-class-aaa] quit

# Create VSI vpna, create an EVPN instance for it, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE2] vsi vpna

[PE2-vsi-vpna] evpn encapsulation mpls

[PE2-vsi-vpna-evpn-srv6] route-distinguisher 1:1

[PE2-vsi-vpna-evpn-srv6] vpn-target 1:1 export-extcommunity

[PE2-vsi-vpna-evpn-srv6] vpn-target 1:1 import-extcommunity

[PE2-vsi-vpna-evpn-srv6] quit

# Configure VSI vpna to use LDP to establish LDP PWs. Configure PE 2 to establish an UPW with PE 4, assign an ESI to the UPW, and set the redundancy mode of the UPW to all-active.

[PE2] vsi vpna

[PE2-vsi-vpna] pwsignaling ldp

[PE2-vsi-vpna-ldp] peer 1.1.1.9 pw-id 500 no-split-horizon pw-class aaa

[PE2-vsi-vpna-ldp-1.1.1.9-500] esi 1.1.1.1.1

[PE2-vsi-vpna-ldp-1.1.1.9-500] evpn redundancy-mode all-active

[PE2-vsi-vpna-ldp-1.1.1.9-500] quit

[PE2-vsi-vpna-ldp] quit

[PE2-vsi-vpna] quit

5. Configure PE 3:

# Configure MPLS basic capabilities.

<PE3> system-view

[PE3] interface loopback 0

[PE3-LoopBack0] ip address 3.3.3.9 32

[PE3-LoopBack0] quit

[PE1] mpls lsr-id 3.3.3.9

# Enable LDP globally.

[PE1] mpls ldp

[PE1-ldp] quit

# Enable L2VPN.

[PE3] l2vpn enable

# Run OSPF on PE 3 to set up LSPs.

[PE3] ospf

[PE3-ospf-1] area 0

[PE3-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0

[PE3-ospf-1] quit

# Configure GigabitEthernet 0/0/2, the interface connected to PE 1.

[PE3] interface gigabitethernet 0/0/2

[PE3-GigabitEthernet0/0/2] ip address 30.1.1.3 24

[PE3-GigabitEthernet0/0/2] undo shutdown

[PE3-GigabitEthernet0/0/2] quit

# Configure GigabitEthernet 0/0/3, the interface connected to PE 2.

[PE3] interface gigabitethernet 0/0/3

[PE3-GigabitEthernet0/0/3] ip address 10.1.2.3 24

[PE3-GigabitEthernet0/0/3] undo shutdown

[PE3-GigabitEthernet0/0/3] quit

# Establish IBGP connections to PE 1 and PE 2, and enable BGP EVPN to advertise route information to PE 1 and PE 2.

[PE3] bgp 100

[PE3-bgp-default] peer 1.1.1.9 as-number 100

[PE3-bgp-default] peer 1.1.1.9 connect-interface loopback 0

[PE3-bgp-default] peer 2.2.2.9 as-number 100

[PE3-bgp-default] peer 2.2.2.9 connect-interface loopback 0

[PE3-bgp-default] address-family l2vpn evpn

[PE3-bgp-default-evpn] peer 1.1.1.9 enable

[PE3-bgp-default-evpn] peer 2.2.2.9 enable

[PE3-bgp-default-evpn] peer 1.1.1.9 advertise encap-type mpls

[PE3-bgp-default-evpn] peer 2.2.2.9 advertise encap-type mpls

[PE3-bgp-default-evpn] quit

[PE3-bgp-default] quit

# Create VSI vpna, create an EVPN instance for it, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE3] vsi vpna

[PE3-vsi-vpna] evpn encapsulation mpls

[PE3-vsi-vpna-evpn-srv6] route-distinguisher 1:1

[PE3-vsi-vpna-evpn-srv6] vpn-target 1:1 export-extcommunity

[PE3-vsi-vpna-evpn-srv6] vpn-target 1:1 import-extcommunity

[PE3-vsi-vpna-evpn-srv6] quit

# Map GigabitEthernet 0/0/1 to VSI vpna.

[PE3] interface gigabitethernet 0/0/1

[PE3-GigabitEthernet0/0/1] xconnect vsi vpna

[PE3-GigabitEthernet0/0/1] quit

6. Configure CE 2.

<CE2> system-view

[CE2] interface gigabitethernet 0/0/1

[CE2-GigabitEthernet0/0/1] ip address 100.1.1.2 24

[CE2-GigabitEthernet0/0/1] quit

Verifying the configuration

# On PE 1, display PW information. Verify that PE 1 has established an LDP PW with PE 4 and EVPN PWs with PE 2 and PE 3.

<PE1> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 3

3 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI Name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

4.4.4.9 500 1147/- LDP MN 8 Up

2.2.2.9 - 1148/1148 EVPN M 9 Up

3.3.3.9 - 1148/1149 EVPN M 10 Up

# On PE 1, display local ES information. Verify that the LDP PW (UPW) has multihoming settings.

<PE1> display evpn es local verbose

VSI name : vpna

ESI : 0001.0001.0001.0001.0001

Interface : -

Redundancy mode : All-active

State : Up

UPWs :

Link ID Service instance ID Tag ID DF address ESI label

8 - 0 - 1146

# Display information on PE 2 in the same way as information is displayed on PE 1. (Details not shown.)

# Verify that CE 1 and CE 2 can ping each other. (Details not shown.)

13-EVPN Configuration Guide

EVPN VPLS network model

Source MAC address learning

MAC address aging

MAC address withdrawal

Unicast traffic forwarding

Flooding

About EVPN VPLS multihoming

DF election

Redundancy mode

Control word

Intercommunication between EVPN VXLAN and EVPN VPLS networks

About this task

Procedure

About this task

Procedure

About this task

Restrictions and guidelines

Procedure

About this task

Restrictions and guidelines

Procedure

Restrictions and guidelines for EVPN VPLS multihoming

About this task

Procedure

About this task

Restrictions and guidelines

Configuring the DF election algorithm globally

Configuring the DF election algorithm on an interface

Configuring parameters for preference-based DF election

About this task

Restrictions and guidelines

Procedure

About this task

Procedure

About this task

Restrictions and guidelines

Procedure

About this task

Restrictions and guidelines

Procedure

About this task

Procedure

About this task

Procedure

About this task

Restrictions and guidelines for AC state ignore configuration

Enabling VSIs to ignore the state of ACs globally

Configuring a VSI to ignore the state of ACs

About this task

Procedure

About this task

Procedure (EVPN instance created in VSI view)

About this task

Restrictions and guidelines

Procedure

About this task

Procedure (EVPN instance created in VSI view)

About this task

Procedure (EVPN instance created in VSI view)

Configuring LDP or static PWs as ACs for EVPN PWs

Restrictions and guidelines for LDP or static PW AC configuration for EVPN PWs

Configuring LDP PWs as ACs for EVPN PWs

Restrictions and guidelines

Procedure

Procedure

About this task

Procedure

About this task

Procedure

Network configuration

Procedure

Verifying the configuration

Network configuration

Procedure

Verifying the configuration

Intelligent Terminal Products

Product Support Services

Technical Service Solutions

Resource Center