Configuration made in BGP EVPN address family view takes effect only on routes and peers of the BGP EVPN address family that are on the public network.

Examples

# Create the BGP EVPN address family and enter its view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn]

advertise evpn route

Use advertise evpn route to enable BGP EVPN route advertisement for the BGP VPNv4 or VPNv6 address family.

Use undo advertise evpn route to disable BGP EVPN route advertisement for the BGP VPNv4 or VPNv6 address family.

Syntax

advertise evpn route [ replace-rt ][ advertise-policy policy-name ]

undo advertise evpn route

Default

BGP EVPN routes are not advertised through the BGP VPNv4 or VPNv6 address family.

Views

BGP VPNv4 address family

BGP VPNv6 address family

Predefined user roles

network-admin

Parameters

replace-rt: Replaces the route targets of BGP EVPN routes with the route targets of BGP VPNv4 or VPNv6 routes. If you do not specify this keyword, route targets of BGP EVPN routes are not modified.

advertise-policy policy-name: Specifies a routing policy to filter the BGP EVPN routes to be advertised to BGP VPNv4 or VPNv6 peers. The policy-name argument specifies the routing policy name, a case-sensitive string of 1 to 63 characters. If you do not specify this option, all BGP EVPN routes are advertised to BGP VPNv4 or VPNv6 peers.

Usage guidelines

To enable communication between data centers interconnected through an MPLS L3VPN network, you must configure the BGP EVPN address family and the BGP VPNv4 or VPNv6 address family to exchange routes on EDs.

After you execute this command, the device advertises IP prefix advertisement routes and MAC/IP advertisement routes that contain host route information through the BGP VPNv4 or VPNv6 address family.

Examples

# Enable BGP EVPN route advertisement for the BGP VPNv4 address family.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] advertise evpn route

advertise l2vpn evpn

Use advertise l2vpn evpn to enable BGP EVPN route advertisement to the local site.

Use undo advertise l2vpn evpn to disable BGP EVPN route advertisement to the local site.

Syntax

advertise l2vpn evpn

undo advertise l2vpn evpn

Default

BGP EVPN route advertisement to the local site is enabled.

Views

BGP-VPN IPv4 unicast address family view

BGP-VPN IPv6 unicast address family view

Predefined user roles

network-admin

Usage guidelines

This command enables the device to advertise BGP EVPN routes to the local site after the device adds the routes to the routing table of a VPN instance. The BGP EVPN routes here are IP prefix advertisement routes and MAC/IP advertisement routes that contain ARP or ND information.

Examples

# Enable BGP EVPN route advertisement to the local site for VPN instance vpn1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] ip vpn-instance vpn1

[Sysname-bgp-default-vpn1] address-family ipv4

[Sysname-bgp-default-ipv4-vpn1] advertise l2vpn evpn

advertise l3vpn route

Use advertise l3vpn route to enable BGP VPNv4 or VPNv6 route advertisement for the BGP EVPN address family.

Use undo advertise l3vpn route to disable BGP VPNv4 or VPNv6 route advertisement for the BGP EVPN address family.

Syntax

advertise l3vpn route [ replace-rt ][ advertise-policy policy-name ]

undo advertise l3vpn route

Default

BGP VPNv4 or VPNv6 routes are not advertised through the BGP EVPN address family.

Views

BGP EVPN address family view

Predefined user roles

network-admin

Parameters

replace-rt: Replaces the route targets of BGP VPNv4 or VPNv6 routes with the route targets of BGP EVPN routes. If you do not specify this keyword, route targets of BGP VPNv4 or VPNv6 routes are not modified.

advertise-policy policy-name: Specifies a routing policy to filter the BGP VPNv4 or VPNv6 routes to be advertised to BGP EVPN peers. The policy-name argument specifies the routing policy name, a case-sensitive string of 1 to 63 characters. If you do not specify this option, all BGP VPNv4 or VPNv6 routes are advertised to BGP EVPN peers.

Usage guidelines

After you execute this command, the device advertises BGP VPNv4 or VPNv6 routes as IP prefix advertisement routes through the BGP EVPN address family.

Examples

# Enable BGP VPNv4 or VPNv6 route advertisement for the BGP EVPN address family.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn] advertise l3vpn route

arp mac-learning disable

Use arp mac-learning disable to disable a VSI EVPN instance from learning MAC addresses from ARP information.

Use undo arp mac-learning disable to restore the default.

Syntax

arp mac-learning disable

undo arp mac-learning disable

Default

An EVPN instance learns MAC addresses from ARP information.

Views

VSI EVPN instance view

Predefined user roles

network-admin

Usage guidelines

The MAC information and ARP information advertised by a remote VTEP overlap. To avoid duplication, use this command to disable the learning of MAC addresses from ARP information. EVPN will learn remote MAC addresses only from the MAC information advertised from remote sites.

Examples

# Disable a VSI EVPN instance from learning MAC addresses from ARP information.

<Sysname> system-view

[Sysname] vsi aaa

[Sysname-vsi-aaa] evpn encapsulation vxlan

[Sysname-vsi-aaa-evpn-vxlan] arp mac-learning disable

arp proxy-send enable

Use arp proxy-send enable to enable ARP request proxy.

Use undo arp proxy-send enable to disable ARP request proxy.

Syntax

arp proxy-send enable

undo arp proxy-send enable

Default

ARP request proxy is disabled on VSI interfaces.

Views

VSI interface view

Predefined user roles

network-admin

Usage guidelines

ARP request proxy allows a VSI interface to send an ARP request sourced from itself when the VTEP forwards an ARP request. This feature helps resolve certain communication issues.

In an EVPN VXLAN network, VM 1 and VM 2 are attached to VTEP 1 and VTEP 2, respectively, and the VMs are in the same subnet. The gateway interfaces of VM 1 and VM 2 are VSI-interface 1 on VTEP 1 and VSI-interface 2 on VTEP 2, respectively. The following conditions exist on the VTEPs:

· The VTEPs have established BGP EVPN neighbor relationships.

· EVPN is disabled from learning MAC addresses from ARP information.

· MAC address advertisement is disabled, and advertised MAC addresses are withdrawn.

· Remote-MAC address learning is disabled.

· Local proxy ARP is enabled on the VSI interfaces.

· The VSI interfaces use different IP addresses and MAC addresses.

In this network, when VM 1 attempts to communicate with VM 2, the following procedure occurs:

1. VM 1 sends an ARP request.

2. VTEP 1 learns the MAC address of VM 1 from the ARP request, replies to VM 1 on behalf of VM 2, and sends an ARP request to obtain the MAC address of VM 2.

3. VTEP 2 forwards the ARP request, and VM 2 replies to VTEP 1.

4. VTEP 2 forwards the ARP reply sent by VM 2 without learning the MAC address of VM 2 because EVPN is disabled from learning MAC addresses from ARP information.

5. VTEP 1 does not learn the MAC address of VM 2 because remote-MAC address learning is disabled.

As a result, VM 1 fails to communicate with VM 2.

For VM 1 to communicate with VM 2, enable ARP request proxy on VSI-interface 2 of VTEP 2. When receiving the ARP request sent by VTEP 1, VTEP 2 forwards it and sends an ARP request sourced from VSI-interface 2 simultaneously, and VM 2 replies to both ARP requests. Then, VTEP 2 learns the MAC address of VM 2 from the ARP reply destined from VSI-interface 2 and advertises the MAC address to VTEP 1 through BGP EVPN routes. In this way, VTEP 1 obtains the MAC address of VM 2, and VM 1 and VM 2 can communicate.

Examples

# Enable ARP request proxy on VSI-interface 100.

<Sysname> system-view

[Sysname] interface vsi-interface 100

[Sysname-vsi-interface100] arp proxy-send enable

Related commands

local-proxy-arp enable (Layer 3—IP Services Command Reference)

arp-advertising disable

Use arp-advertising disable to disable ARP information advertisement for a VSI EVPN instance.

Use undo arp-advertising disable to restore the default.

Syntax

arp-advertising disable

undo arp-advertising disable

Default

ARP information advertisement is enabled for a VSI EVPN instance.

Views

VSI EVPN instance view

Predefined user roles

network-admin

Usage guidelines

In an EVPN network with distributed gateways, you can disable ARP information advertisement for a VXLAN to save resources if all its user terminals use the same EVPN gateway device. The EVPN instance of the VXLAN will stop advertising ARP information through MAC/IP advertisement routes and withdraw advertised ARP information. When ARP information advertisement is disabled, user terminals in other VXLANs still can communicate with that VXLAN through IP prefix advertisement routes.

Examples

# Disable ARP information advertisement for a VSI EVPN instance.

<Sysname> system-view

[Sysname] vsi aaa

[Sysname-vsi-aaa] evpn encapsulation vxlan

[Sysname-vsi-aaa-evpn-vxlan] arp-advertising disable

dci enable

Use dci enable to enable DCI on an interface.

Use undo dci enable to disable DCI on an interface.

Syntax

dci enable

undo dci enable

Default

DCI is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

For EDs to automatically establish VXLAN-DCI tunnels, you must enable DCI on the Layer 3 interfaces that interconnect the EDs.

Subinterfaces of a DCI-enabled interface inherit configuration of the interface.

Examples

# Enable DCI on Twenty-FiveGigE 1/0/1.

<Sysname> system-view

[Sysname] interface twenty-fivegige 1/0/1

[Sysname-Twenty-FiveGigE1/0/1] dci enable

display bgp l2vpn evpn

Use display bgp l2vpn evpn to display BGP EVPN routes.

Syntax

display bgp [ instance instance-name ] l2vpn evpn [ peer { ipv4-address | ipv6-address } { advertised-routes | received-routes } [ statistics ] | [ route-distinguisher route-distinguisher | route-type { auto-discovery | es | imet | ip-prefix | mac-ip } ] * [ { evpn-route route-length | evpn-prefix } [ advertise-info ] | { ipv4-address | ipv6-address | mac-address } [ verbose ] ] | statistics ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays BGP EVPN routes for the default BGP instance.

peer { ipv4-address | ipv6-address }: Specifies a peer by its IPv4 address or IPv6 address.

advertised-routes: Specifies the routes advertised to the specified peer.

received-routes: Specifies the routes received from the specified peer.

statistics: Displays BGP EVPN route statistics.

route-distinguisher route-distinguisher: Specifies a route distinguisher (RD), a string of 3 to 21 characters. The RD can use one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number. For example, 65536:1. The AS number must be equal to or greater than 65536.

route-type: Specifies a route type.

auto-discovery: Specifies Ethernet auto-discovery routes.

es: Specifies Ethernet segment (ES) routes.

imet: Specifies inclusive multicast Ethernet tag (IMET) routes.

ip-prefix: Specifies IP prefix advertisement routes.

mac-ip: Specifies MAC/IP advertisement routes.

evpn-route: Specifies a BGP EVPN route, a case-insensitive string of 1 to 512 characters.

route-length: Specifies the route length in bits, in the range of 0 to 65535.

evpn-prefix: Specifies a BGP EVPN route in the format of evpn-route/route-length, a case-insensitive string of 1 to 512 characters.

advertise-info: Displays advertisement information for BGP EVPN routes.

ipv4-address: Specifies an IPv4 address.

ipv6-address: Specifies an IPv6 address.

mac-address: Specifies a MAC address in MAC/IP advertisement routes. If you specify the route-type keyword, to use this argument, you must also specify the mac-ip keyword.

verbose: Displays detailed information about BGP EVPN routes. If you do not specify this keyword, the command displays brief information about BGP EVPN routes.

Usage guidelines

If you do not specify any parameter, this command displays brief information about all BGP EVPN routes.

Examples

# Display brief information about all BGP EVPN routes.

<Sysname> display bgp l2vpn evpn

BGP local router ID is 8.8.8.8

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a - additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 3

Route distinguisher: 1:1

Total number of routes: 2

* >e Network : [2][0][48][0011-0022-0033][32][11.22.33.55]/136

NextHop : 1.1.1.2 LocPrf : 100

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: 20i

Route distinguisher of public instance: 1:15

Total number of routes: 1

* >i Network : [2][0][48][7010-0000-0001][0][0.0.0.0]/104

NextHop : 1.1.1.4 LocPrf : 100

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: 20i

Table 1 Command output

Field	Description
Status codes	Route status codes: · * - valid—Valid route. · > - best—Optimal route. · d - dampened—Dampened route. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. · a - additional-path—Add-Path optimal route.
Origin	Origin of the route: · i – IGP—Originated in the AS. The origin of routes advertised by using the network command is IGP. · e – EGP—Learned through EGP. · ? – incomplete—Unknown origin. The origin of routes redistributed from IGP protocols is incomplete.
Network	BGP EVPN route/route length. BGP EVPN routes are as follows: · [1][ESI][EthernetTagID] ¡ 1—Ethernet auto-discovery route. ¡ ESI—Ethernet segment identifier (ESI). ¡ EthernetTagID—Ethernet tag ID. · [2][EthernetTagID][MACLength][MAC][IPAddressLength][IPAddress] ¡ 2—MAC/IP advertisement route. ¡ EthernetTagID—Ethernet tag ID. ¡ MACLength—MAC address length. ¡ MAC—MAC address. ¡ IPAddressLength—IP address length. ¡ IPAddress—IP address. · [3][EthernetTagID][IPAddressLength][IPAddress] ¡ 3—IMET route. ¡ IPAddressLength—IP address length. ¡ IPAddress—IP address of the originating router. · [4][ESI][IPAddressLength][IPAddress] ¡ 4—ES route. ¡ ESI—ESI. ¡ IPAddressLength—IP address length. ¡ IPAddress—IP address of the originating router. · [5][EthernetTagID][IPAddressLength][IPAddress] ¡ 5—IP prefix advertisement route. ¡ EthernetTagID—Ethernet tag ID. ¡ IPAddressLength—IP address length. ¡ IPAddress—IP address of the originating router.
NextHop	Next hop IP address.
MED	Multi-Exit Discriminator (MED) attribute.
LocPrf	Local precedence.
OutLabel	Outgoing label.
PrefVal	Preferred value.
Path/Ogn	AS_PATH and ORIGIN attributes of the route.

‌

# Display detailed information about BGP EVPN route [1][0001.0203.0405.0607.0809][5]/120 with RD 1.1.1.1:100.

<Sysname> display bgp l2vpn evpn route-distinguisher 1.1.1.1:100 [1][0001.0203.0405.0607.0809][5] 120

BGP local router ID: 172.16.250.133

Local AS number: 100

Route distinguisher: 1.1.1.1:100

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of [1][0001.0203.0405.0607.0809][5]/120:

From : 10.1.1.2 (192.168.56.17)

Rely nexthop : 10.1.1.2

Original nexthop: 10.1.1.2

OutLabel : NULL

Ext-Community : <RT: 1:2>, <Encapsulation Type: VXLAN >, <ESI Label: Flag 0,

Label 1>

RxPathID : 0x0

TxPathID : 0x0

AS-path : 200

Origin : igp

Attribute value : MED 0, pref-val 0

State : valid, external, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

EVPN route type : Ethernet auto-discovery route

ESI : 0001.0203.0405.0607.0809

Ethernet tag ID : 5

MPLS label : 10

Table 2 Command output

Field	Description
Paths	Number of routes: · available—Number of valid routes. · best—Number of optimal routes.
From	IP address of the BGP peer that advertised the route.
Rely Nexthop	Next hop after route recursion. If no next hop is found, this field displays not resolved.
Original nexthop	Original next hop of the route. If the route was obtained from a BGP update message, the original next hop is the next hop IP address in the message.
OutLabel	Outgoing label of the route.
Ext-Community	Extended community attributes: · RT. · Encapsulation Type. · ESI Label.
RxPathID	Add-Path ID value of the received route. This field is not supported by the BGP EVPN address family.
TxPathID	Add-Path ID value of the sent route. This field is not supported by the BGP EVPN address family.
AS-path	AS_PATH attribute of the route. This attribute records the ASs the route has passed and avoids routing loops.
Origin	Origin of the route: · igp—Originated in the AS. The origin of routes advertised by using the network command is IGP. · egp—Learned through EGP. · incomplete—Unknown origin. The origin of routes redistributed from IGP protocols is incomplete.
Attribute value	Attributes of the route: · MED—MED value for the destination network. · localpref—Local preference value. · pref-val—Preferred value. · pre—Route preference value.
State	Current state of the route: · valid. · internal. · external. · local. · synchronize. · best. · bgp-rib-only—The route will not be flushed to the routing table. This field is displayed only in the detailed command output.
IP precedence	IP precedence in the range of 0 to 7. N/A indicates that the IP precedence is invalid.
QoS local ID	QoS local ID in the range of 1 to 4095. N/A indicates that the QoS local ID is invalid.
Traffic index	Traffic index in the range of 1 to 64. N/A indicates that the traffic index is invalid.
MPLS label	MPLS label. The current software version does not support this field.

‌

# Display detailed information about BGP EVPN route [2][5][48][0001-0203-0405][32][4.5.5.5]/136 with RD 1.1.1.1:100.

<Sysname> display bgp l2vpn evpn route-distinguisher 1.1.1.1:100 [2][5][48][0001-0203-0405][32][5.5.5.5] 136

BGP local router ID: 172.16.250.133

Local AS number: 100

Route distinguisher: 1.1.1.1:100

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of [2][5][48][0001-0203-0405][32][5.5.5.5]/136:

From : 10.1.1.2 (192.168.56.17)

Rely nexthop : 10.1.1.2

Original nexthop: 10.1.1.2

OutLabel : NULL

Ext-Community : <RT: 1:2>, <RT: 1:3>, <RT: 1:4>, <RT: 1:5>, <RT: 1:6>, <RT: 1:7

>, <Encapsulation Type: VXLAN>, <Router's Mac: 0006-0708-0910

>, <MAC Mobility: Flag 0, SeqNum 2>, <Default GateWay>

RxPathID : 0x0

TxPathID : 0x0

AS-path : 200

Origin : igp

Attribute value : MED 0, pref-val 0

State : valid, external, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

EVPN route type : MAC/IP advertisement route

ESI : 0001.0203.0405.0607.0809

Ethernet tag ID : 5

MAC address : 0001-0203-0405

IP address : 5.5.5.5/32

MPLS label1 : 10

MPLS label2 : 0

Table 3 Command output

Field	Description
Ext-Community	Extended community attributes: · RT. · Encapsulation Type. · Router's Mac. · MAC Mobility—MAC mobility. ¡ Flag—Indicates whether the MAC address can move. A value of 1 indicates that the MAC address cannot move, and a value of 0 indicates that the MAC address can move. ¡ SeqNum—Identifies the most recent move of the MAC address. · Default GateWay—Route for the default gateway. · MicroSegment-id—Microsegment ID attribute: ¡ Type—Microsegment ID type. ¡ ID—Microsegment ID.
MPLS label1	VXLAN ID used for Layer 2 forwarding.
MPLS label2	L3 VXLAN ID used for Layer 3 forwarding.

‌

# Display detailed information about BGP EVPN route [3][0][32][5.5.5.5]/80 with RD 1.1.1.1:100.

<Sysname> display bgp l2vpn evpn route-distinguisher 1.1.1.1:100 [3][0][32][4.5.5.5] 80

BGP local router ID: 172.16.250.133

Local AS number: 100

Route distinguisher: 1.1.1.1:100

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of [3][0][32][4.5.5.5]/80:

From : 10.1.1.2 (192.168.56.17)

Rely nexthop : 10.1.1.2

Original nexthop: 10.1.1.2

OutLabel : NULL

Ext-Community : <RT: 1:2>, <Encapsulation Type: VXLAN>

RxPathID : 0x0

TxPathID : 0x0

PMSI tunnel : Flag 0, TunnelType 6, Label 10, EndPointAddress 10.1.1.2

AS-path : 200

Origin : igp

Attribute value : MED 0,pref-val 0

State : valid, external, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

EVPN route type : Inclusive multicast Ethernet tag route

Ethernet tag ID : 0

Origin address : 5.5.5.5/32

Table 4 Command output

Field	Description
Ext-Community	Extended community attributes: · RT. · Encapsulation Type.
PMSI tunnel	P-Multicast Service Interface (PMSI) tunnel information: · Flag—This field is fixed at 0 in the current software version. · TunnelType—This field is fixed at 6 in the current software version, which represents a head-end replication tunnel. · Label—VXLAN ID. · EndPointAddress—Tunnel destination address.
Origin address	IP address of the originating router.

‌

# Display detailed information about BGP EVPN route [4][0000.0000.0000.0000.000a][32][4.5.5.5]/128 with RD 1.1.1.1:100.

<Sysname> display bgp l2vpn evpn route-distinguisher 1.1.1.1:100 [4][0000.0000.0000.0000.000a][32][4.5.5.5] 128

BGP local router ID: 172.16.250.133

Local AS number: 100

Route distinguisher: 1.1.1.1:100

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of [4][0000.0000.0000.0000.000a][32][4.5.5.5]/128:

From : 10.1.1.2 (192.168.56.17)

Rely nexthop : 10.1.1.2

Original nexthop: 10.1.1.2

OutLabel : NULL

Ext-Community : <RT: 1:2>, <Encapsulation Type: VXLAN>, <ES-Import RT: 1:1>

RxPathID : 0x0

TxPathID : 0x0

AS-path : 200

Origin : igp

Attribute value : MED 0,pref-val 0

State : valid, external, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

EVPN route type : Ethernet segment route

ESI : 0000.0000.0000.0000.000a

Origin address : 4.5.5.5/32

Table 5 Command output

Field	Description
Ext-Community	Extended community attributes: · RT. · Encapsulation Type. · ES-Import RT.
Origin address	IP address of the originating router.

Field

Description

Ext-Community

Extended community attributes:

· RT.

· Encapsulation Type.

· ES-Import RT.

Origin address

IP address of the originating router.

‌

# Display detailed information about BGP EVPN route [5][10][32][4.5.5.5]/80 with RD 1.1.1.1:100.

<Sysname> display bgp l2vpn evpn route-distinguisher 1.1.1.1:100 [5][10][32][4.5.5.5] 80

BGP local router ID: 172.16.250.133

Local AS number: 100

Route distinguisher: 1.1.1.1:100

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of [5][10][32][4.5.5.5]/80:

From : 10.1.1.2 (192.168.56.17)

Rely nexthop : 10.1.1.2

Original nexthop: 10.1.1.2

OutLabel : NULL

Ext-Community : <RT: 1:2>, <Encapsulation Type: VXLAN>, <Router's Mac:

0006-0708-0910>

RxPathID : 0x0

TxPathID : 0x0

AS-path : 200

Origin : igp

Attribute value : MED 0,pref-val 0

State : valid, external, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

EVPN route type : IP prefix advertisement route

ESI : 0000.0000.0000.0000.000a

Ethernet tag ID : 10

IP address : 4.5.5.5/32

Gateway address : 0.0.0.0

MPLS Label : 1

Table 6 Command output

Field	Description
Ext-Community	Extended community attributes: · RT. · Encapsulation Type. · Router's Mac.
IP address	IP address and prefix length.
MPLS Label	L3 VXLAN ID used for Layer 3 forwarding.

‌

display evpn auto-discovery

Use display evpn auto-discovery to display information about IPv4 peers that are automatically discovered through BGP.

Syntax

display evpn auto-discovery { { imet | mac-ip } [ peer ip-address] [ vsi vsi-name ] | macip-prefix [ nexthop next-hop ] [ count ] }

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

imet: Specifies IPv4 peers discovered through IMET routes.

mac-ip: Specifies IPv4 peers discovered through MAC/IP advertisement routes that do not carry L3 VXLAN IDs.

peer ip-address: Specifies a peer by its IPv4 address. If you do not specify this option, the command displays information about all automatically discovered IPv4 peers.

vsi vsi-name: Specifies a VSI by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays IPv4 peer information for all VSIs.

macip-prefix: Specifies IPv4 peers discovered through MAC/IP advertisement routes that carry L3 VXLAN IDs or IP prefix advertisement routes that carry L3 VXLAN IDs.

nexthop next-hop: Specifies a next hop. If you do not specify this option, the command displays IPv4 peer information for all next hops.

count: Displays the number of IPv4 peers. If you do not specify this keyword, the command displays detailed IPv4 peer information.

Examples

# Display information about IPv4 peers discovered through IMET routes.

<Sysname> display evpn auto-discovery imet

Total number of automatically discovered peers: 2

VSI name: vpna

EVPN instance: -

RD PE_address Tunnel_address Tunnel mode VXLAN ID

1:10 2.2.2.2 2.2.2.2 VXLAN 10

2:100 3.3.3.3 3.3.3.3 VXLAN 10

Table 7 Command output

Field	Description
EVPN instance	EVPN instance name. If the EVPN instance is created on a VSI, this field displays a hyphen (-). This field is supported only by EVPN VXLAN.
PE_address	Identifier of the remote VTEP on the VSI.
Tunnel_address	Tunnel destination IP address.
Tunnel mode	Tunnel mode: · VXLAN. · VXLAN-DCI.

# Display information about IPv4 peers discovered through MAC/IP advertisement routes that do not carry L3 VXLAN IDs.

<Sysname> display evpn auto-discovery mac-ip

Total number of automatically discovered peers: 1

VSI name: vpna

EVPN instance: -

Destination IP Source IP VXLAN ID Tunnel mode Tunnel name

6.6.6.6 1.1.1.9 100 VXLAN Tunnel1

Table 8 Command output

Field	Description
EVPN instance	EVPN instance name. If the EVPN instance is created on a VSI, this field displays a hyphen (-). This field is supported only by EVPN VXLAN.
Destination IP	Tunnel destination IP address.
Source IP	Tunnel source IP address.
Tunnel mode	Tunnel mode: · VXLAN. · VXLAN-DCI.

# Display information about IPv4 peers discovered through MAC/IP advertisement routes that carry L3 VXLAN IDs or IP prefix advertisement routes that carry L3 VXLAN IDs.

<Sysname> display evpn auto-discovery macip-prefix

Destination IP Source IP L3VNI Tunnel mode Outgoing interface

1.1.1.1 3.3.3.3 200 VXLAN Vsi-interface3

2.2.2.2 3.3.3.3 200 VXLAN Vsi-interface3

# Display the total number of IPv4 peers discovered through MAC/IP advertisement routes that carry L3 VXLAN IDs or IP prefix advertisement routes that carry L3 VXLAN IDs.

<Sysname> display evpn auto-discovery macip-prefix count

Total number of entries: 2

Table 9 Command output

Field	Description
Destination IP	Tunnel destination IP address.
Source IP	Tunnel source IP address.
L3VNI	L3 VXLAN ID used for Layer 3 forwarding.
Tunnel mode	VXLAN tunnel mode: · VXLAN. · VXLAN-DCI.
Outgoing interface	VSI interface associated with the L3 VXLAN ID.

‌

display evpn drni synchronized-mac

Use display evpn drni synchronized-mac to display DR-synchronized MAC address entries.

Syntax

display evpn drni synchronized-mac [ vsi vsi-name ] [ count ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

vsi vsi-name: Specifies a VSI name, a case-sensitive string of 1 to 31 characters. If you do not specify a VSI, this command displays MAC address entries for all VSIs.

count: Displays the number of MAC address entries that match the command. If you do not specify this keyword, the command displays detailed information about MAC address entries.

Usage guidelines

To ensure VM reachability information consistency in a DR system, DR member devices synchronize MAC address entries and ARP packets with each other through an IPL. This command displays the synchronized MAC address entries from a DR peer.

Examples

# Display all DR-synchronized MAC address entries.

<Sysname> display evpn drni synchronized-mac

VSI name: bbb

MAC address Link ID Interface

0000-0000-000a 1 BAGG10

0000-0000-0009 0 Tunnel1

# Display the total number of DR-synchronized MAC address entries.

<Sysname> display evpn drni synchronized-mac count

Total number of entries: 2

Table 10 Command output

Field	Description
Link ID	AC's or VXLAN tunnel's link ID on a VSI.
Interface	Outgoing interface name.

display evpn es

Use display evpn es to display EVPN ES information.

Syntax

display evpn es { local [ vsi vsi-name ] [ esi esi-id ] [ verbose ] | remote [ vsi vsi-name ] [ esi esi-id ] [ nexthop next-hop ] }

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

local: Specifies local ES information.

vsi vsi-name: Specifies a VSI by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays ES information about all VSIs.

esi esi-id: Specifies an ES by its ESI in XXXX.XXXX.XXXX.XXXX.XXXX format. Each X represents a hexadecimal digit. The ESI must begin with 00 and cannot be all zeros. If you do not specify this option, the command displays information about all ESs.

verbose: Displays detailed ES information. If you do not specify this keyword, the command displays brief ES information.

remote: Specifies remote ES information.

nexthop next-hop: Specifies a next hop. If you do not specify this option, the command displays ES information received from all next hops.

Examples

# Display brief information about local ESs of VSI vpna.

<Sysname> display evpn es local vsi vpna

Redundancy mode: A – All-active, S – Single-active

VSI name : vpna

ESI Tag ID DF address Mode State ESI label

0001.0002.0002.0002.0002 - 1.1.1.1 A Up 1000

0001.0002.0003.0004.0005 - 1.1.1.1 A Up 1001

0003.0003.0003.0003.0003 2 2.2.2.2 A Up 1002

# Display brief information about all local ESs.

<Sysname> display evpn es local

Redundancy mode: A – All-active, S – Single-active

VSI name : v1

EVPN instance: -

ESI Tag ID DF address Mode State ESI label

0003.0003.0003.0003.0003 1 1.1.1.1 A Up -

0003.0003.0003.0003.0003 3 3.3.3.3 A Up -

0003.0003.0003.0003.0003 10 2.2.2.2 A Up -

VSI name : vpna

ESI Tag ID DF address Mode State ESI label

0001.0002.0002.0002.0002 - 1.1.1.1 A Up 1000

0001.0002.0003.0004.0005 - 1.1.1.1 A Up 1001

0003.0003.0003.0003.0003 2 2.2.2.2 A Up 1002

Table 11 Command output

Field	Description
EVPN instance	EVPN instance name. If the EVPN instance is created on a VSI, this field displays a hyphen (-).
Tag ID	Ethernet tag ID.
DF address	Router ID of the VTEP elected as the DF.
Mode	Redundancy mode of the ES: · A—All-active mode. · S—Single-active mode.
State	State of the ES: · Up. · Down.
ESI label	ESI label.

# Display detailed information about all local ESs.

<Sysname> display evpn es local verbose

VSI name : v1

ESI : 0003.0003.0003.0003.0003

Interface : Twenty-FiveGigE1/0/1

Redundancy mode : All-active

State : Up

ACs :

Link ID Service instance ID Tag ID DF address ESI label

0 1 1 1.1.1.1 1000

1 3 3 3.3.3.3 1001

2 10 10 2.2.2.2 1002

VSI name : vpna

EVPN instance: -

ESI : 0001.0002.0002.0002.0002

Interface : Twenty-FiveGigE1/0/2

Redundancy mode : All-active

State : Up

ACs :

Link ID Service instance ID Tag ID DF address ESI label

1 - - 1.1.1.1 -

ESI : 0001.0002.0003.0004.0005

Interface : Twenty-FiveGigE1/0/3

Redundancy mode : All-active

State : Up

ACs :

Link ID Service instance ID Tag ID DF address ESI label

0 - - 1.1.1.1 -

ESI : 0003.0003.0003.0003.0003

Interface : Twenty-FiveGigE1/0/4

Redundancy mode : All-active

State : Up

ACs :

Link ID Service instance ID Tag ID DF address ESI label

2 2 2 2.2.2.2 -

Table 12 Command output

Field	Description
EVPN instance	EVPN instance name. If the EVPN instance is created on a VSI, this field displays a hyphen (-).
Redundancy mode	Redundancy mode of the ES: · All-active. · Single-active.
State	State of the ES: · Up. · Down. If the ES is not manually assigned an ESI, a hyphen (-) is displayed.
ACs	The VSI's ACs on the ES.
Link ID	The AC's link ID on the VSI.
Service instance ID	Ethernet service instance ID.
Tag ID	Ethernet tag ID.
DF address	Router ID of the VTEP elected as the DF.
ESI label	ESI label. For EVPN VXLAN, this field is invalid and displays a hyphen (-).

# Display information about remote ESs of all VSIs.

<Sysname> display evpn es remote

Control Flags: P – Primary, B – Backup, C - Control word

VSI name : v1

EVPN instance: -

ESI : 0003.0003.0003.0003.0003

A-D per ES routes :

Peer IP Remote Redundancy mode

1.1.1.1 All-active

A-D per EVI routes :

Tag ID Peer IP

1 1.1.1.1

3 1.1.1.1

10 1.1.1.1

VSI name : vpna

ESI : 0001.0000.0000.0000.0001

Ethernet segment routes :

1.1.1.1

3.3.3.3

A-D per ES routes :

Peer IP Remote Redundancy mode

1.1.1.1 All-active

3.3.3.3 All-active

A-D per EVI routes :

Tag ID Peer IP

- 1.1.1.1

- 3.3.3.3

ESI : 0001.0002.0003.0004.0005

Ethernet segment routes :

1.1.1.1

A-D per ES routes :

Peer IP Remote Redundancy mode

1.1.1.1 All-active

A-D per EVI routes :

Tag ID Peer IP

- 1.1.1.1

# Display remote ES information received from next hop 3.3.3.3 for VSI vpna.

<Sysname> display evpn es remote vsi vpna nexthop 3.3.3.3

Control Flags: P - Primary, B - Backup, C - Control word

VSI name : vpna

EVPN instance: -

ESI : 0001.0000.0000.0000.0001

Ethernet segment routes :

1.1.1.1

A-D per ES routes :

Peer IP Remote Redundancy mode

1.1.1.1 All-active

A-D per EVI routes :

Tag ID Peer IP

- 3.3.3.3

Table 13 Command output

Field	Description
EVPN instance	EVPN instance name. If the EVPN instance is created on a VSI, this field displays a hyphen (-).
Redundancy mode	Redundancy mode of the ES: · All-active. · Single-active.
Ethernet segment routes	Ethernet segment routes for the ES.
A-D per ES routes	A-D per Ethernet segment routes for the ES.
A-D per EVI routes	A-D per EVI routes for the ES.
Tag ID	Ethernet tag ID.
Peer IP	IP address of the remote peer.
Remote Redundancy mode	Redundancy mode of the remote ES: · All-active. · Single-active.
Control Flags	Layer 2 attributes control flags of the remote route: · P—Primary flag. · B—Backup flag. · C—Control word flag. This field is not supported in the current software version.

display evpn ipv6 auto-discovery

Use display evpn ipv6 auto-discovery to display information about IPv6 peers that are automatically discovered through BGP.

Syntax

display evpn ipv6 auto-discovery { imet [ peer ipv6-address ] [ vsi vsi-name ] | mac-ip | macip-prefix [ nexthop next-hop ] [ count ] }

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

imet: Specifies IPv6 peers discovered through IMET routes.

peer ipv6-address: Specifies a peer by its IPv6 address. If you do not specify this option, the command displays information about all automatically discovered IPv6 peers.

vsi vsi-name: Specifies a VSI by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays IPv6 peer information for all VSIs.

mac-ip: Specifies IPv6 peers discovered through MAC/IP advertisement routes that do not carry L3 VXLAN IDs.

macip-prefix: Specifies IPv6 peers discovered through MAC/IP advertisement routes that carry L3 VXLAN IDs or IP prefix advertisement routes that carry L3 VXLAN IDs.

nexthop next-hop: Specifies a next hop. If you do not specify this option, the command displays IPv6 peer information for all next hops.

count: Displays the number of IPv6 peers. If you do not specify this keyword, the command displays detailed IPv6 peer information.

Examples

# Display information about IPv6 peers discovered through IMET routes.

<Sysname> display evpn ipv6 auto-discovery imet

Total number of automatically discovered peers: 2

VSI name: vpna

RD : 1:10

PE address : 11::8

Tunnel address : 11::8

Tunnel mode : VXLAN

VXLAN ID : 10

RD : 2:100

PE address : 12::8

Tunnel address : 12::8

Tunnel mode : VXLAN

VXLAN ID : 10

Table 14 Command output

Field	Description
PE address	Identifier of the remote VTEP on the VSI.
Tunnel address	Tunnel destination IP address.
Tunnel mode	Tunnel mode: · VXLAN. · VXLAN-DCI.

# Display information about IPv6 peers discovered through MAC/IP advertisement routes that do not carry L3 VXLAN IDs.

<Sysname> display evpn ipv6 auto-discovery mac-ip

Total number of automatically discovered peers: 1

VSI name: vpna

Destination IP : 6:6::6:8

Source IP : 1:1::1:7

VXLAN ID : 100

Tunnel mode : VXLAN

Tunnel name : Tunnel1

Table 15 Command output

Field	Description
Destination IP	Tunnel destination IP address.
Source IP	Tunnel source IP address.
Tunnel mode	Tunnel mode. VXLAN represents a VXLAN tunnel.

# Display information about IPv6 peers discovered through MAC/IP advertisement routes that carry L3 VXLAN IDs or IP prefix advertisement routes that carry L3 VXLAN IDs.

<Sysname> display evpn ipv6 auto-discovery macip-prefix

Destination IP : 6:6::6:8

Source IP : 1:1::1:7

L3VNI : 100

Tunnel mode : VXLAN

OutInterface : Vsi-interface3

# Display the total number of IPv6 peers discovered through MAC/IP advertisement routes that carry L3 VXLAN IDs or IP prefix advertisement routes that carry L3 VXLAN IDs.

<Sysname> display evpn ipv6 auto-discovery macip-prefix count

Total number of entries: 1

Table 16 Command output

Field	Description
Destination IP	Tunnel destination IP address.
Source IP	Tunnel source IP address.
L3VNI	L3 VXLAN ID used for Layer 3 forwarding.
Tunnel mode	Tunnel mode: · VXLAN. · VXLAN-DCI.
OutInterface	VSI interface associated with the L3 VXLAN ID.

display evpn ipv6 route mac

Use display evpn ipv6 route mac to display IPv6 EVPN MAC address entries.

Syntax

display evpn ipv6 route mac [ local | remote ] [ vsi vsi-name ] [ count ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

local: Specifies local MAC address entries.

remote: Specifies remote MAC address entries.

vsi vsi-name: Specifies a VSI by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays MAC address entries for all VSIs.

count: Displays the number of MAC address entries. If you do not specify this keyword, the command displays detailed information about MAC address entries.

Usage guidelines

If you do not specify the local or remote keyword, this command displays both local and remote IPv6 EVPN MAC address entries.

Examples

# Display all IPv6 EVPN MAC address entries.

<Sysname> display evpn ipv6 route mac

Flags: D - Dynamic B - BGP L - Local active

G - Gateway S - Static M - Mapping I - Invalid

VSI name: vpna

MAC address Link ID/Name Flags Nexthop

0000-0000-000a 1 DL -

0000-0000-0009 Tunnel1 B 1::2

0001-2000-4000 - BI 1::3

# Display the total number of IPv6 EVPN MAC address entries.

<Sysname> display evpn ipv6 route mac count

Total number of entries: 3

Table 17 Command output

Field	Description
Link ID/Name	For a local MAC address, this field displays the AC's link ID on the VSI. For a remote MAC address, this field displays the tunnel interface name.
Flags	MAC address entry type: · D—The entry is dynamically learned. · B—The entry is learned from BGP EVPN routes. · L—The local entry is active. If this flag is not set and the B flag is set, the entry learned from BGP EVPN routes is active. · G—The entry for the gateway is active. · S—The static entry is active. · M—The entry from a remote VXLAN mapped to a local VXLAN is active. · I—The entry is invalid. Possible reasons: ¡ The VSI has been administratively shut down by using the shutdown command. ¡ The outgoing tunnel interface does not exist.
Nexthop	IP address of the remote VTEP. If the MAC address entry is a local entry, a hyphen (-) is displayed.

display evpn route arp

Use display evpn route arp to display EVPN ARP entries.

Syntax

display evpn route arp [ local | remote ] [ public-instance | vpn-instance vpn-instance-name ] [ count ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

local: Specifies local ARP entries.

remote: Specifies remote ARP entries.

public-instance: Specifies the public instance.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters.

count: Displays the number of ARP entries. If you do not specify this keyword, the command displays detailed information about ARP entries.

Usage guidelines

If you do not specify the local or remote keyword, this command displays both local and remote EVPN ARP entries.

If you do not specify the public-instance keyword or the vpn-instance vpn-instance-name option, this command displays EVPN ARP entries for the public instance and all VPN instances.

Examples

# Display all EVPN ARP entries.

<Sysname> display evpn route arp

Flags: D - Dynamic B - BGP L - Local active

G - Gateway S - Static M - Mapping I - Invalid

VPN instance: vpn1 Interface: Vsi-interface1

IP address MAC address Router MAC VSI index Flags

10.1.1.1 0003-0003-0003 a0ce-7e40-0400 0 GL

10.1.1.11 0001-0001-0001 a0ce-7e40-0400 0 DL

10.1.1.12 0001-0001-0011 a0ce-7e41-0401 0 B

10.1.1.13 0001-0001-0021 a0ce-7e42-0402 0 B

10.1.1.101 0001-0011-0101 a0ce-7e40-0400 0 SL

10.1.1.102 0001-0011-0102 0011-9999-0000 0 BS

Public instance Interface: Vsi-interface2

IP address MAC address Router MAC VSI index Flags

11.1.1.1 0033-0033-0033 a0ce-7e40-0400 0 GL

11.1.1.11 0011-0011-0011 a0ce-7e40-0400 0 DL

# Display the total number of EVPN ARP entries.

<Sysname> display evpn route arp count

Total number of entries: 8

Table 18 Command output

Field	Description
Interface	VSI interface.
Flags	ARP entry type: · D—The entry is dynamically learned. · B—The entry is learned from BGP EVPN routes. · L—The local entry is active. If this flag is not set and the B flag is set, the entry learned from BGP EVPN routes is active. · G—The entry for the gateway is active. · S—The static entry is active. · M—The entry from a remote VXLAN mapped to a local VXLAN is active. · I—The entry is invalid. Possible reasons: ¡ The VSI has been administratively shut down by using the shutdown command. ¡ The outgoing tunnel interface does not exist.

Field

Description

Interface

VSI interface.

Flags

ARP entry type:

· D—The entry is dynamically learned.

· B—The entry is learned from BGP EVPN routes.

· L—The local entry is active. If this flag is not set and the B flag is set, the entry learned from BGP EVPN routes is active.

· G—The entry for the gateway is active.

· S—The static entry is active.

· M—The entry from a remote VXLAN mapped to a local VXLAN is active.

· I—The entry is invalid. Possible reasons:

¡ The VSI has been administratively shut down by using the shutdown command.

¡ The outgoing tunnel interface does not exist.

display evpn route arp suppression

Use display evpn route arp suppression to display EVPN ARP flood suppression entries.

Syntax

display evpn route arp suppression [ local | remote ] [ vsi vsi-name ] [ count ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

local: Specifies local ARP flood suppression entries.

remote: Specifies remote ARP flood suppression entries.

vsi vsi-name: Specifies a VSI by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays ARP flood suppression entries for all VSIs.

count: Displays the number of ARP flood suppression entries. If you do not specify this keyword, the command displays detailed information about ARP flood suppression entries.

Usage guidelines

If you do not specify the local or remote keyword, this command displays both local and remote EVPN ARP flood suppression entries.

Examples

# Display all EVPN ARP flood suppression entries.

<Sysname> display evpn route arp suppression

Flags: D - Dynamic B - BGP L - Local active

G - Gateway S - Static M - Mapping I - Invalid

VSI name: vpna

EVPN instance: -

IP address MAC address Flags Encap

10.1.1.12 0002-0002-0002 B VXLAN

10.1.1.13 0002-0002-0002 BI VXLAN

10.1.1.101 0001-0011-0101 BS VXLAN

10.1.1.102 0001-0011-0102 DL VXLAN

# Display the total number of ARP flood suppression entries.

<Sysname> display evpn route arp suppression count

Total number of entries: 4

Table 19 Command output

Field	Description
EVPN instance	EVPN instance name. If the EVPN instance is created on a VSI, this field displays a hyphen (-). This field is supported only by EVPN VXLAN.
Flags	ARP flood suppression entry type: · D—The entry is dynamically learned. · B—The entry is learned from BGP EVPN routes. · L—The local entry is active. If this flag is not set and the B flag is set, the entry learned from BGP EVPN routes is active. · G—The entry for the gateway is active. · S—The static entry is active. · M—The entry from a remote VXLAN mapped to a local VXLAN is active. · I—The entry is invalid. Possible reasons: ¡ The VSI has been administratively shut down by using the shutdown command. ¡ The outgoing tunnel interface does not exist.
Encap	Packet encapsulation type: VXLAN.

display evpn route arp-mobility

Use display evpn route arp-mobility to display EVPN ARP mobility information.

Syntax

display evpn route arp-mobility [ public-instance | vpn-instance vpn-instance-name ] [ ip ip-address ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

public-instance: Specifies the public instance.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters.

ip ip-address: Specifies an IPv4 address in dotted decimal notation. If you do not specify an IP address, this command displays ARP mobility information about all IP addresses of the public instance or MPLS L3VPN instance.

Usage guidelines

If you do not specify any parameters, this command displays ARP mobility information about the public instance and all VPN instances.

Examples

# Display EVPN ARP mobility information about the public instance and all VPN instances.

<Sysname> display evpn route arp-mobility

Flags: S - Suppressed, N - Not suppressed

Suppression threshold: 5

Detection cycle : 180s

VPN instance : vpn1

Interface : Vsi-interface1

IP address Seq number Moved from Flags Suppressed at

192.168.156.120 5 WGE1/0/1 S 17:24:33 2018/04/01

192.168.56.20 - - N -

Public instance

Interface : Vsi-interface2

IP address Seq number Moved from Flags Suppressed at

192.168.156.120 5 WGE1/0/2 S 17:24:33 2018/04/01

192.168.56.20 5 2.2.2.2 S 17:24:33 2018/04/01

Table 20 Command output

Field	Description
Suppression threshold	ARP mobility suppression threshold, which is the number of ARP moves from the local site to a remote site.
Detection cycle	ARP mobility detection cycle in seconds.
Seq number	ARP move sequence number.
Moved from	Source interface or source VTEP IP address for the ARP move.
Flags	Whether the ARP move was suppressed: · S—Suppressed. · N—Not suppressed.
Suppressed at	Time when the ARP move was suppressed.

Related commands

evpn route arp-mobility suppression

display evpn route mac

Use display evpn route mac to display IPv4 EVPN MAC address entries.

Syntax

display evpn route mac [ local | remote ] [ vsi vsi-name ] [ count ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

local: Specifies local MAC address entries.

remote: Specifies remote MAC address entries.

vsi vsi-name: Specifies a VSI by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays MAC address entries for all VSIs.

count: Displays the number of MAC address entries. If you do not specify this keyword, the command displays detailed information about MAC address entries.

Usage guidelines

If you do not specify the local or remote keyword, this command displays both local and remote IPv4 EVPN MAC address entries.

Examples

# Display all IPv4 EVPN MAC address entries.

<Sysname> display evpn route mac

Flags: D - Dynamic B - BGP L - Local active

G - Gateway S - Static M - Mapping I - Invalid

VSI name: bbb

EVPN instance: -

MAC address Link ID/Name Flags Encap Next hop

0000-0000-000a 1 DL VXLAN -

0000-0000-0009 Tunnel1 B VXLAN 2.2.2.2

0001-2000-4000 - BI VXLAN 3.3.3.3

# Display the total number of IPv4 EVPN MAC address entries.

<Sysname> display evpn route mac count

Total number of entries: 3

Table 21 Command output

Field	Description
EVPN instance	EVPN instance name. If the EVPN instance is created on a VSI, this field displays a hyphen (-).
Link ID/Name	For a local MAC address, this field displays the AC's link ID on the VSI. For a remote MAC address, this field displays the tunnel interface name.
Flags	MAC address entry type: · D—The entry is dynamically learned. · B—The entry is learned from BGP EVPN routes. · L—The local entry is active. If this flag is not set and the B flag is set, the entry learned from BGP EVPN routes is active. · G—The entry for the gateway is active. · S—The static entry is active. · M—The entry from a remote VXLAN mapped to a local VXLAN is active. · I—The entry is invalid. Possible reasons: ¡ The VSI has been administratively shut down by using the shutdown command. ¡ The outgoing tunnel interface does not exist.
Encap	Packet encapsulation type: VXLAN.
Next hop	IP address of the remote VTEP. If the MAC address entry is a local entry, a hyphen (-) is displayed.

display evpn route mac-mobility

Use display evpn route mac-mobility to display EVPN MAC mobility information.

Syntax

display evpn [ ipv6 ] route mac-mobility [ vsi vsi-name ] [ mac-address mac-address ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ipv6: Specifies IPv6 EVPN MAC mobility information. If you do not specify this keyword, the command displays IPv4 EVPN MAC mobility information.

vsi vsi-name: Specifies a VSI by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VSI, this command displays MAC mobility information about all VSIs.

mac-address mac-address: Specifies a MAC address in the format of H-H-H. You can omit the consecutive zeros at the beginning of each segment. For example, you can enter f-e2-1 for 000f-00e2-0001. If you do not specify a MAC address, this command displays MAC mobility information about all MAC addresses in the specified VSI or all VSIs.

Usage guidelines

If you do not specify any parameters, this command displays IPv4 EVPN MAC mobility information about all VSIs.

Examples

# Display IPv4 EVPN MAC mobility information about all VSIs.

<Sysname> display evpn route mac-mobility

Flags: S - Suppressed, N - Not suppressed

Suppression threshold: 5

Detection cycle : 180s

VSI name : vsia

EVPN instance : -

MAC address Seq number Moved from Flags Suppressed at

1000-0000-0000 10 WGE1/0/1 S 15:30:30 2018/03/30

1000-0000-0001 - - N -

VSI name : vsib

EVPN instance : -

MAC address Seq number Moved from Flags Suppressed at

1000-0000-0003 2 WGE1/0/2 N -

1000-0000-0005 10 5.5.5.5 S 17:24:33 2018/04/01

# Display IPv6 EVPN MAC mobility information about all VSIs.

<Sysname> display evpn ipv6 route mac-mobility

Flags: S - Suppressed, N - Not suppressed

Suppression threshold: 5

Detection cycle : 180s

VSI name : vpna

EVPN instance : -

MAC address : 1000-1000-1000

Sequence number : 5

Moved from : WGE1/0/1

Flags : S

Suppressed at : 15:30:30 2018/03/30

VSI name : vpnb

EVPN instance : -

MAC address : 1000-1000-1001

Sequence number : 5

Moved from : 1::1

Flags : S

Suppressed at : 15:30:30 2018/03/30

Table 22 Command output

Field	Description
Suppression threshold	MAC mobility suppression threshold, which is the number of MAC moves from the local site to a remote site.
Detection cycle	MAC mobility detection cycle in seconds.
EVPN instance	EVPN instance name. If the EVPN instance is created on a VSI, this field displays a hyphen (-).
Seq number/Sequence number	MAC move sequence number.
Moved from	Source interface or source VTEP IP address for the MAC move.
Flags	Whether the MAC move was suppressed: · S—Suppressed. · N—Not suppressed.
Suppressed at	Time when the MAC move was suppressed.

Related commands

evpn route mac-mobility suppression

display evpn route nd

Use display evpn route nd to display EVPN ND entries.

Syntax

display evpn route nd [ local | remote ] [ public-instance | vpn-instance vpn-instance-name ] [ count ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

local: Specifies local ND entries.

remote: Specifies remote ND entries.

public-instance: Specifies the public instance.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters.

count: Displays the number of ND entries. If you do not specify this keyword, the command displays detailed information about ND entries.

Usage guidelines

If you do not specify the local or remote keyword, this command displays both local and remote EVPN ND entries.

If you do not specify the public-instance keyword or the vpn-instance vpn-instance-name option, this command displays EVPN ND entries for the public instance and all VPN instances.

Examples

# Display all EVPN ND entries.

<Sysname> display evpn route nd

Flags: D - Dynamic B - BGP L - Local active

G - Gateway S - Static M - Mapping I - Invalid

VPN instance: vpn1 Interface: Vsi-interface1

IPv6 address : AD80:0300:1000:0050:0200:0300:0100:0012

MAC address : 0001-0001-0001 Router MAC : a0ce-7e40-0400

VSI index : 0 Flags : GL

IPv6 address : AD10:0300:1000:0020:0200:0300:0100:0022

MAC address : 0001-0001-0002 Router MAC : a0ce-7e40-0411

VSI index : 0 Flags : GL

Public instance Interface: Vsi-interface1

IPv6 address : BC80:0300:1000:0050:0200:0300:0100:0033

MAC address : 0002-0002-0001 Router MAC : a0ce-7e40-0422

VSI index : 0 Flags : GL

IPv6 address : BC10:0300:1000:0020:0200:0300:0100:0034

MAC address : 0002-0002-0002 Router MAC : a0ce-7e40-0433

VSI index : 0 Flags : GL

# Display the total number of EVPN ND entries.

<Sysname>display evpn route nd count

Total number of entries: 2

Table 23 Command output

Field	Description
Interface	VSI interface.
Flags	ND entry type: · D—The entry is dynamically learned. · B—The entry is learned from BGP EVPN routes. · L—The local entry is active. If this flag is not set and the B flag is set, the entry learned from BGP EVPN routes is active. · G—The entry for the gateway is active. · S—The static entry is active. This type is not supported in the current software version. · M—The entry from a remote VXLAN mapped to a local VXLAN is active. · I—The entry is invalid. Possible reasons: ¡ The VSI has been administratively shut down by using the shutdown command. ¡ The outgoing tunnel interface does not exist.

Field

Description

Interface

VSI interface.

Flags

ND entry type:

· D—The entry is dynamically learned.

· B—The entry is learned from BGP EVPN routes.

· L—The local entry is active. If this flag is not set and the B flag is set, the entry learned from BGP EVPN routes is active.

· G—The entry for the gateway is active.

· S—The static entry is active. This type is not supported in the current software version.

· M—The entry from a remote VXLAN mapped to a local VXLAN is active.

· I—The entry is invalid. Possible reasons:

¡ The VSI has been administratively shut down by using the shutdown command.

¡ The outgoing tunnel interface does not exist.

display evpn routing-table

Use display evpn routing-table to display the EVPN routing table for a VPN instance.

Syntax

display evpn routing-table [ ipv6 ] { public-instance | vpn-instance vpn-instance-name } [ count ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ipv6: Specifies IPv6 information. If you do not specify this keyword, the command displays IPv4 information.

public-instance: Specifies the public instance.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters.

count: Displays the number of entries in the routing table. If you do not specify this keyword, the command displays detailed information about the routing table.

Examples

# Display the EVPN IPv4 routing table for VPN instance vpn1.

<Sysname> display evpn routing-table vpn-instance vpn1

Flags: E - with valid ESI A – A-D ready L - Local ES exists

VPN instance name: vpn1 Local L3VNI: 7

IP address Nexthop Outgoing interface NibID Flags

10.1.1.11 1.1.1.1 Vsi-interface3 0x18000000 EAL

10.1.1.12 2.2.2.2 Vsi-interface3 0x18000001 EA

# Display the EVPN IPv4 routing table for the public instance.

<Sysname> display evpn routing-table public-instance

Flags: E - with valid ESI A – A-D ready L - Local ES exists

Public instance Local L3VNI: 3900

IP address Nexthop Outgoing interface NibID Flags

10.1.1.11 1.1.1.1 Vsi-interface3 0x18000000 EAL

10.1.1.12 2.2.2.2 Vsi-interface3 0x18000001 EA

# Display the number of EVPN route entries in the IPv4 routing table for VPN instance vpn1.

<Sysname> display evpn routing-table vpn-instance vpn1 count

Total number of entries: 2

# Display the EVPN IPv6 routing table for VPN instance vpna.

<Sysname> display evpn routing-table ipv6 vpn-instance vpna

VPN instance: vpna Local L3VNI: 7

IPv6 address : BC10:0300:1000:0020:0200:0300:0100:0034

Next hop : 1.1.1.1

Outgoing interface : Vsi-interface3

NibID : 0x18000000

IPv6 address : BC10:0300:1000:0020:0200:0300:0100:0035

Next hop : 2.2.2.2

Outgoing interface : Vsi-interface3

NibID : 0x18000001

Table 24 Command output

Field	Description
Local L3VNI	L3 VXLAN ID associated with the VPN instance or the public instance.
NibID	Next hop ID.
Flags	Flags of the route: · E—The route carries a valid ESI. · A—All Ethernet auto-discovery routes are received. The ECMP routes for the next hop can be issued. · L—An active local ESI exists. Remote routes are not issued. · -—The MAC/IP advertisement route does not have a valid ESI. ECMP routes are not supported.

display l2vpn forwarding evpn split-horizon

Use display l2vpn forwarding evpn split-horizon to display site-facing interfaces excluded from traffic forwarding by split horizon.

Syntax

display l2vpn forwarding evpn split-horizon { ac interface interface-type interface-number service-instance instance-id | tunnel tunnel-number } slot slot-number

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ac interface interface-type interface-number service-instance instance-id: Specifies an Ethernet service instance on a Layer 2 interface. The interface-type interface-number argument specifies the interface by its type and number. The instance-id argument specifies the Ethernet service instance by its ID in the range of 1 to 4096. These parameters apply to EVPN VPLS.

tunnel tunnel-number: Specifies a VXLAN tunnel interface number. The value range for the tunnel-number argument is 0 to 15359. If you do not specify this option, the command displays all site-facing interfaces excluded from traffic forwarding by split horizon. This option applies to EVPN VXLAN.

slot slot-number: Specifies an IRF member device by its member ID.

Examples

# Display site-facing interfaces excluded from traffic forwarding for Tunnel 0.

<Sysname> display l2vpn forwarding evpn split-horizon tunnel 0

Tunnel name: 0

Total number of filtered interfaces: 2

Filtered interfaces:

WGE1/0/1

WGE1/0/2

Table 25 Command output

Field	Description
Tunnel name	VXLAN tunnel interface name.
Filtered interfaces	Site-facing interfaces that do not forward the flood traffic received from the VXLAN tunnel.

esi

Use esi to assign an ESI to an interface.

Use undo esi to restore the default.

Syntax

esi esi-id

undo esi

Default

No ESI is assigned to an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

esi-id: Specifies an ES by its ESI in XXXX.XXXX.XXXX.XXXX.XXXX format. Each X represents a hexadecimal digit. The ESI must begin with 00 and cannot be all zeros.

Usage guidelines

An ESI uniquely identifies an ES. The links on interfaces with the same ESI belong to the same ES. Traffic of the ES can be distributed among the links for load sharing.

To modify the ESI of an interface, first use the undo esi command to delete the original ESI.

Examples

# Assign ESI 0000.0001.0002.0003.0004 to Twenty-FiveGigE 1/0/1.

<Sysname> system-view

[Sysname] interface twenty-fivegige 1/0/1

[Sysname-Twenty-FiveGigE1/0/1] esi 0000.0001.0002.0003.0004

evpn drni group

Use evpn drni group to enable EVPN distributed relay and specify the virtual VTEP address.

Use undo evpn drni group to restore the default.

Syntax

evpn drni group { virtual-vtep-ipv4 | virtual-vtep-ipv6 }

undo evpn drni group

Default

EVPN distributed relay is disabled.

Views

System view

Predefined user roles

network-admin

Parameters

virtual-vtep-ipv4: Specifies the virtual IPv4 VTEP address.

virtual-vtep-ipv6: Specifies the virtual IPv6 VTEP address. This argument is supported only in Release 6616 and later.

Usage guidelines

EVPN distributed relay virtualizes two VTEPs, EDs, or EVPN gateways into one DR system to avoid single points of failure. The VTEPs, EDs, or EVPN gateways use a virtual VTEP address to establish VXLAN tunnels or VXLAN-DCI tunnels to remote devices.

For the device to re-establish VXLAN tunnels, you must execute the address-family l2vpn evpn command in BGP instance view after you enable or disable EVPN distributed relay.

To modify the virtual VTEP address, you must first delete the original virtual VTEP address.

EVPN distributed relay is mutually exclusive with EVPN-DCI dual-homing. Do not use the evpn edge group and evpn drni group commands together.

The evpn drni group and evpn drni local commands must specify three IPv4 or IPv6 addresses. Mixed use of IPv4 and IPv6 addresses is not allowed.

Examples

# Enable EVPN distributed relay and specify the virtual VTEP address as 1.1.1.1.

<Sysname> system-view

[Sysname] evpn drni group 1.1.1.1

Related commands

evpn edge group

evpn drni local

Use evpn drni local to specify the IP addresses of the VTEPs in a DR system.

Use undo evpn drni local to restore the default.

NOTE:

The evpn drni local local-ipv6-address remote remote-ipv6-address command is supported only in Release 6616 and later.

Syntax

evpn drni local local-ipv4-address remote remote-ipv4-address

evpn drni local local-ipv6-address remote remote-ipv6-address

undo evpn drni local

Default

The IP addresses of the VTEPs in a DR system are not specified.

Views

System view

Predefined user roles

network-admin

Parameters

local-ipv4-address: Specifies the IPv4 address of the local VTEP.

local-ipv6-address: Specifies the IPv6 address of the local VTEP.

remote remote-ip: Specifies the IP address of the peer VTEP.

remote-ipv4-address: Specifies the IPv4 address of the peer VTEP.

remote-ipv6-address: Specifies the IPv6 address of the peer VTEP.

Usage guidelines

An AC that is attached to only one of the VTEPs in a DR system is called a single-armed AC. After you use this command, each VTEP in a DR system changes the next hop of the routes for single-armed ACs to its local VTEP IP address when advertising the routes. This ensures that the traffic of a single-armed AC is forwarded to its attached VTEP. When a VTEP receives BGP EVPN routes from the peer VTEP IP address specified by using this command, it does not set up a VXLAN tunnel to the peer VTEP.

You must execute this command if single-armed ACs are attached to a DR system that uses an Ethernet aggregate link as the IPL. You do not need to execute this command on a DR system that uses a VXLAN tunnel as the IPL. In such a DR system, a VTEP uses the source IP address of the IPL as the next hop of routes for single-armed ACs to ensure correct traffic forwarding.

When you execute this command, make sure the IP address of the local VTEP belongs to a local interface. Make sure the local VTEP IP address and peer VTEP IP address are reversed on the VTEPs in a DR system.

Do not use this command on EDs.

The evpn drni group and evpn drni local commands must specify three IPv4 or IPv6 addresses. Mixed use of IPv4 and IPv6 addresses is not allowed.

Examples

# Specify the IP addresses of the local and peer VTEPs in the DR system as 2.2.2.2 and 3.3.3.3, respectively.

<Sysname> system-view

[Sysname] evpn drni local 2.2.2.2 remote 3.3.3.3

evpn edge group

Use evpn edge group to configure a virtual ED address.

Use undo evpn edge group to restore the default.

Syntax

evpn edge group group-ip { group-ipv4 | group-ipv6 }

undo evpn edge group

Default

No virtual ED address is configured.

Views

System view

Predefined user roles

network-admin

Parameters

group-ipv4: Specifies the IPv4 virtual ED address.

group-ipv6: Specifies the IPv6 virtual ED address.

Usage guidelines

For high availability and load sharing, you can deploy two EDs at a data center. To virtualize the redundant EDs into one device, you must configure the same virtual ED address on them. The redundant EDs use the virtual ED address to establish tunnels with VTEPs and remote EDs.

Redundant EDs cannot provide access service for local VMs. They can act only as EDs. For correct communication, do not redistribute external routes on only one of the redundant EDs. However, you can redistribute the same external routes on both EDs.

On a redundant ED, the virtual ED address must be the IP address of a loopback interface, and it cannot be the BGP peer IP address of the ED.

EVPN-DCI dual-homing is mutually exclusive with EVPN distributed relay. Do not use the evpn edge group and evpn drni group commands together.

Examples

# Configure 1.2.3.4 as the virtual ED address.

<Sysname> system-view

[Sysname] evpn edge group 1.2.3.4

Related commands

evpn drni group

evpn encapsulation

Use evpn encapsulation to create an EVPN instance on a VSI and enter its view, or enter the view of the existing EVPN instance on a VSI.

Use undo evpn encapsulation to restore the default.

Syntax

evpn encapsulation vxlan

undo evpn encapsulation

Default

No EVPN instance exists.

Views

VSI view

Predefined user roles

network-admin

Parameters

vxlan: Specifies VXLAN encapsulation.

Usage guidelines

Before you can configure EVPN settings for a VSI, you must create an EVPN instance on it.

Examples

# Create an EVPN instance on VSI aaa and enter its view.

<Sysname> system-view

[Sysname] vsi aaa

[Sysname-vsi-aaa] evpn encapsulation vxlan

[Sysname-vsi-aaa-evpn-vxlan]

evpn global-mac

Use evpn global-mac to configure the EVPN global MAC address.

Use undo evpn global-mac to restore the default.

Syntax

evpn global-mac mac-address

undo evpn global-mac

Default

No EVPN global MAC address is configured.

Views

System view

Predefined user roles

network-admin

Parameters

mac-address: Specifies a MAC address in H-H-H format. Do not specify a multicast MAC address, broadcast MAC address, or all-zeros MAC address.

Usage guidelines

The EVPN global MAC address is used only by VSI interfaces associated with an L3 VXLAN ID.

For a VSI interface associated with an L3 VXLAN ID, the MAC address assigned to it by using the mac-address command takes precedence over the EVPN global MAC address.

Examples

# Configure the EVPN global MAC address as 0001-0001-0001.

<Sysname> system-view

[Sysname] evpn global-mac 1-1-1

evpn irb asymmetric

Use evpn irb asymmetric to enable asymmetric IRB for EVPN VXLAN.

Use undo evpn irb asymmetric to restore the default.

NOTE:

This command is supported only in Release 6616 and later.

Syntax

evpn irb asymmetric [ route-policy route-policy-name ]

undo evpn irb asymmetric

Default

Symmetric IRB is enabled for EVPN VXLAN.

Views

System view

Predefined user roles

network-admin

Parameters

route-policy route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters. The device will perform asymmetric IRB forwarding on the packets that match this routing policy. If you do not specify a routing policy or the specified routing policy does not exist, asymmetric IRB takes effect on all packets.

Usage guidelines

Use this command to set the IRB mode for EVPN VXLAN.

Examples

# Enable asymmetric IRB for EVPN VXLAN.

<Sysname> system-view

[Sysname] evpn irb asymmetric

evpn mac-ip advertise distributed-gateway

Use evpn mac-ip advertise distributed-gateway to enable the device to advertise ARP information for the distributed EVPN gateway interfaces through MAC/IP advertisement routes.

Use undo evpn mac-ip advertise distributed-gateway to disable the device from advertising ARP information for the distributed EVPN gateway interfaces through MAC/IP advertisement routes.

NOTE:

This command is supported only in Release 6635 and later.

Syntax

evpn mac-ip advertise distributed-gateway

undo evpn mac-ip advertise distributed-gateway

Default

By default, the device does not advertise ARP information for the distributed EVPN gateway interfaces through MAC/IP advertisement routes.

Views

System view

Predefined user roles

network-admin

Usage guidelines

If a distributed EVPN gateway has downstream VTEPs attached, the gateway advertises ARP information for gateway interfaces through IP prefix advertisement routes. Because the VTEPs do not have gateway configuration, they cannot learn the ARP information for the gateway interfaces or forward traffic to the gateway. For the VTEPs to learn ARP information for the gateway interfaces, enable the distributed EVPN gateway to advertise ARP information for the gateway interfaces through MAC/IP advertisement routes.

The device advertises only ARP information for the distributed EVPN gateway interfaces through MAC/IP advertisement routes.

Examples

# Enable the device to advertise ARP information for the distributed EVPN gateway interfaces through MAC/IP advertisement routes.

<Sysname> system-view

[Sysname] evpn mac-ip advertise distributed-gateway

evpn multihoming advertise disable

Use evpn multihoming advertise disable to disable advertisement of EVPN multihoming routes and withdraw the EVPN multihoming routes that have been advertised to remote sites.

Use undo evpn multihoming advertise disable to restore the default.

Syntax

evpn multihoming advertise disable

undo evpn multihoming advertise disable

Default

The device advertises EVPN multihoming routes.

Views

System view

Predefined user roles

network-admin

Usage guidelines

EVPN multihoming routes include Ethernet auto-discovery routes and Ethernet segment routes.

In a multihomed EVPN network, execute this command on a redundant VTEP before you reboot it. This operation allows other VTEPs to refresh their EVPN routing table to prevent traffic interruption caused by the reboot.

Examples

# Disable advertisement of EVPN multihoming routes and withdraw the EVPN multihoming routes that have been advertised to remote sites.

<Sysname> system-view

[Sysname] evpn multihoming advertise disable

evpn multihoming timer df-delay

Use evpn multihoming timer df-delay to set the DF election delay.

Use undo evpn multihoming timer df-delay to restore the default.

Syntax

evpn multihoming timer df-delay delay-value

undo evpn multihoming timer df-delay

Default

The DF election delay is 3 seconds.

Views

System view

Predefined user roles

network-admin

Parameters

delay-value: Specifies the DF election delay, in the range of 1 to 1200 seconds.

Usage guidelines

DF election delay defines the minimum interval allowed between two DF elections.

The DF election can be triggered by site-facing interface status changes, redundant VTEP membership changes, and interface ESI changes. To prevent frequent DF elections from degrading network performance, set the DF election delay.

Examples

# Set the DF election delay to 5 seconds.

<Sysname> system-view

[Sysname] evpn multihoming timer df-delay 5

evpn route arp-mobility suppression

Use evpn route arp-mobility suppression to enable ARP mobility event suppression.

Use undo evpn route arp-mobility suppression to disable ARP mobility event suppression.

Syntax

evpn route arp-mobility suppression

undo evpn route arp-mobility suppression

Default

ARP mobility event suppression is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

On an EVPN VXLAN network, misconfiguration of IP addresses might cause two sites to contain the same IP address. In this condition, VTEPs at the two sites constantly synchronize and update EVPN ARP entries and determine that ARP mobility events occur. As a result, an inter-site loop might occur, and the bandwidth is occupied by ARP entry synchronization traffic. To eliminate loops and suppress those ARP mobility events, enable ARP mobility event suppression on the VTEPs. This feature allows an IP address to move at most four times from a site within 180 seconds. If an IP address moves more than four times within 180 seconds, the VTEP at the site will suppress the excess ARP mobility events and will not advertise ARP information for the IP address.

After you execute the undo evpn route arp-mobility suppression command, a VTEP acts as follows:

· Advertises ARP information immediately for the suppressed ARP entries that have not aged out.

· Relearns ARP information for the suppressed ARP entries that have aged out and advertises the ARP information.

ARP mobility event suppression takes effect only on the following networks:

· EVPN VXLAN network enabled with ARP flood suppression.

· EVPN VXLAN network configured with distributed VXLAN IP gateways.

Examples

# Enable ARP mobility event suppression.

<Sysname> system-view

[Sysname] evpn route arp-mobility suppression

Related commands

display evpn route arp-mobility

evpn route mac-mobility suppression

Use evpn route mac-mobility suppression to enable MAC mobility event suppression.

Use undo evpn route mac-mobility suppression to disable MAC mobility event suppression.

Syntax

evpn route mac-mobility suppression

undo evpn route mac-mobility suppression

Default

MAC mobility event suppression is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

On an EVPN VXLAN network, misconfiguration of MAC addresses might cause two sites to contain the same MAC address. In this condition, VTEPs at the two sites constantly synchronize and update EVPN MAC entries and determine that MAC mobility events occur. As a result, an inter-site loop might occur, and the bandwidth is occupied by MAC entry synchronization traffic. To eliminate loops and suppress those MAC mobility events, enable MAC mobility event suppression on the VTEPs. This feature allows an IP address to move at most four times from a site within 180 seconds. If an IP address moves more than four times within 180 seconds, the VTEP at the site will suppress the excess MAC mobility events and will not advertise information about the MAC address.

After you execute the undo evpn route mac-mobility suppression command, a VTEP acts as follows:

· Advertises MAC address entries immediately for the suppressed MAC address entries that have not aged out.

· Relearns the MAC addresses for the suppressed MAC address entries that have aged out and advertises the MAC address entries.

Examples

# Enable MAC mobility event suppression.

<Sysname> system-view

[Sysname] evpn route mac-mobility suppression

Related commands

display evpn route mac-mobility

evpn span-segment disable

Use evpn span-segment disable to disable a VSI interface from learning ARP or ND information that does not belong to its subnet from MAC/IP advertisement routes.

Use undo evpn span-segment disable to restore the default.

Syntax

evpn span-segment { arp-learning | nd-learning } disable

undo evpn span-segment { arp-learning | nd-learning } disable

Default

On a centralized EVPN gateway, a VSI interface can learn the ARP or ND information that does not belong to its subnet from MAC/IP advertisement routes.

Views

VSI interface view

Predefined user roles

network-admin

Parameters

arp-learning: Disables ARP learning.

nd-learning: Disables ND learning.

Usage guidelines

On an EVPN VXLAN network deployed with a centralized EVPN gateway, VM 1 and VM 2 belong to the same VXLAN in subnet 10.1.1.0/24. The gateway interface is VSI-interface 1 and the gateway is connected to external Layer 3 network 10.1.2.0/24. The VTEP to which VM 2 is attached is configured with ARP or ND flood suppression. The IP address of VM 2 is mistakenly configured as an IP address in subnet 10.1.2.0/24 (for example, 10.1.2.2). In this situation, the VTEP connected to VM 2 advertises MAC/IP advertisement routes that contain ARP or ND information to the gateway. The IP address and MAC address in the routes are the IP address and MAC address of VM 2, respectively. The gateway learns the ARP or ND information and issues the information to the forwarding table. When VM 1 visits 10.1.2.2 in the external network, the gateway will forward the traffic to VM 2. As a result, VM 1 cannot visit 10.1.2.2.

To resolve the above issue, perform this task on the VSI interface to disable the VSI interface from learning ARP or ND information across subnets from MAC/IP advertisement routes.

Examples

# Disable a VSI-interface 1 from learning ARP or ND information that does not belong to its subnet from MAC/IP advertisement routes.

<Sysname> system-view

[Sysname] interface vsi-interface 1

[Sysname-Vsi-interface1] evpn span-segment arp-learning disable

export route-policy

Use export route-policy to apply an export routing policy to EVPN on a VPN instance.

Use undo export route-policy to restore the default.

Syntax

export route-policy route-policy

undo export route-policy

Default

No export routing policy is applied to EVPN on a VPN instance.

Views

VPN instance EVPN view

Predefined user roles

network-admin

Parameters

route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

You can specify an export routing policy to filter advertised routes or modify their route attributes for EVPN.

If you execute this command multiple times, the most recent configuration takes effect.

EVPN can use an export routing policy specified in VPN instance view or in VPN instance EVPN view. Export routing policy configuration in VPN instance EVPN view takes precedence over that in VPN instance view.

Examples

# Apply export routing policy poly-1 to EVPN on VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] address-family evpn

[Sysname-vpn-evpn-vpn1] export route-policy poly-1

Related commands

route-policy (Layer 3—IP Routing Command Reference)

import evpn mac-ip

Use import evpn mac-ip to enable the device to redistribute received MAC/IP advertisement routes that contain ARP or ND information into a BGP unicast routing table.

Use undo import evpn mac-ip to disable the device from redistributing received MAC/IP advertisement routes that contain ARP or ND information into a BGP unicast routing table.

Syntax

import evpn mac-ip

undo import evpn mac-ip

Default

MAC/IP advertisement routes that contain ARP or ND information are not redistributed into any BGP unicast routing table.

Views

BGP IPv4 unicast address family view

BGP IPv6 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP-VPN IPv6 unicast address family view

Predefined user roles

network-admin

Usage guidelines

This command enables the device to redistribute received MAC/IP advertisement routes that contain ARP or ND information into a BGP unicast routing table.

· If you use this command in BGP IPv4 or IPv6 unicast address family view, the device will redistribute the routes into the BGP IPv4 or IPv6 unicast routing table. In addition, the device will advertise the routes to the local site.

· If you use this command in BGP-VPN IPv4 or IPv6 unicast address family view, the device will redistribute the routes into the BGP-VPN IPv4 or IPv6 unicast routing table of the corresponding VPN instance. To advertise the routes to the local site, you must configure the advertise l2vpn evpn command.

Examples

# Redistribute received MAC/IP advertisement routes into the BGP-VPN IPv4 unicast routing table of VPN instance vpna.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] ip vpn-instance vpna

[Sysname-bgp-default-vpna] address-family ipv4

[Sysname-bgp-default-ipv4-vpna] import evpn mac-ip

Related commands

advertise l2vpn evpn

import route-policy

Use import route-policy to apply an import routing policy to EVPN on a VPN instance.

Use undo import route-policy to restore the default.

Syntax

import route-policy route-policy

undo import route-policy

Default

No import routing policy is applied to EVPN on a VPN instance. The VPN instance accepts a route when the export route targets of the route match local import route targets.

Views

VPN instance EVPN view

Predefined user roles

network-admin

Parameters

route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

You can specify an import routing policy to filter received routes or modify their route attributes for EVPN.

If you execute this command multiple times, the most recent configuration takes effect.

EVPN can use an import routing policy specified in VPN instance view or in VPN instance EVPN view. Import routing policy configuration in VPN instance EVPN view takes precedence over that in VPN instance view.

Examples

# Apply import routing policy poly-1 to EVPN on VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] address-family evpn

[Sysname-vpn-evpn-vpn1] import route-policy poly-1

Related commands

route-policy (Layer 3—IP Routing Command Reference)

ip forwarding-conversational-learning

Use ip forwarding-conversational-learning to enable conversational learning for host route FIB entries.

Use undo ip forwarding-conversational-learning to disable conversational learning for host route FIB entries.

Syntax

ip forwarding-conversational-learning [ aging aging-time ]

undo ip forwarding-conversational-learning

Default

Conversational learning is disabled for host route FIB entries.

Views

System view

Predefined user roles

network-admin

Parameters

aging aging-time: Specifies an aging timer in minutes for host route FIB entries, in the range of 60 to 1440. The default value is 60.

Usage guidelines

Use this command only on an EVPN network.

By default, the device issues a host route FIB entry to the hardware after the entry is generated. This feature enables the device to issue a host route FIB entry to the hardware only when the entry is required for packet forwarding. This feature saves hardware resources on the device.

Set an appropriate aging timer for host route FIB entries according to your network. A much longer or shorter aging timer will degrade the device performance.

· If the aging timer is too long, the device will save many outdated host route FIB entries and fail to accommodate the most recent network changes. These entries cannot be used for correct packet forwarding and exhaust FIB resources.

· If the aging timer is too short, the device will delete the valid host route FIB entries that can still be effective for packet forwarding. As a result, FIB entry flapping will occur, and the device performance will be affected.

Examples

# Enable conversational learning for host route FIB entries.

<Sysname> system-view

[Sysname] ip forwarding-conversational-learning

ip-prefix-route generate disable

Use ip-prefix-route generate disable to disable generation of IP prefix advertisement routes for the subnets of a VSI interface.

Use undo ip-prefix-route generate disable to enable generation of IP prefix advertisement routes for the subnets of a VSI interface.

Syntax

ip-prefix-route generate disable

undo ip-prefix-route generate disable

Default

The device only generates MAC/IP advertisement routes for a VSI interface that provides centralized VXLAN IP gateway service. The device generates IP prefix advertisement routes for the subnets of a VSI interface that provides distributed VXLAN IP gateway service.

Views

VSI interface view

Predefined user roles

network-admin

Usage guidelines

This command takes effect only on a VSI interface that provides distributed VXLAN IP gateway service (configured by using the distributed-gateway local command). It does not take effect on VSI interfaces that provide centralized VXLAN IP gateway service.

Examples

# Disable generation of IP prefix advertisement routes for the subnets of VSI-interface 1.

<Sysname> system-view

[Sysname] interface vsi-interface 1

[Sysname-Vsi-interface1] ip-prefix-route generate disable

ipv6 forwarding-conversational-learning

Use ipv6 forwarding-conversational-learning to enable conversational learning for IPv6 host route FIB entries.

Use undo ipv6 forwarding-conversational-learning to disable conversational learning for IPv6 host route FIB entries.

Syntax

ipv6 forwarding-conversational-learning [ aging aging-time ]

undo ipv6 forwarding-conversational-learning

Default

Conversational learning is disabled for IPv6 host route FIB entries.

Views

System view

Predefined user roles

network-admin

Parameters

aging aging-time: Sets an aging timer in minutes for IPv6 host route FIB entries, in the range of 60 to 1440. The default value is 60.

Usage guidelines

Use this command only on an EVPN network.

By default, the device issues an IPv6 host route FIB entry to the hardware after the entry is generated. This feature enables the device to issue an IPv6 host route FIB entry to the hardware only when the entry is required for packet forwarding. This feature saves hardware resources on the device.

Set an appropriate aging timer for IPv6 host route FIB entries according to your network. A much longer or shorter aging timer will degrade the device performance.

· If the aging timer is too long, the device will save many outdated IPv6 host route FIB entries and fail to accommodate the most recent network changes. These entries cannot be used for correct packet forwarding and exhaust FIB resources.

· If the aging timer is too short, the device will delete the valid IPv6 host route FIB entries that can still be effective for packet forwarding. As a result, FIB entry flapping will occur, and the device performance will be affected.

Examples

# Enable conversational learning for IPv6 host route FIB entries and set the entry aging timer to 80 minutes.

<Sysname> system-view

[Sysname] ipv6 forwarding-conversational-learning aging 80

ipv6 nd ra tunnel-broadcast enable

Use ipv6 nd ra tunnel-broadcast enable to enable a VSI interface to send RA messages over VXLAN tunnels.

Use undo ipv6 nd ra tunnel-broadcast enable to disable a VSI interface from sending RA messages over VXLAN tunnels.

NOTE:

This command is supported only in Release 6635 and later.

Syntax

ipv6 nd ra tunnel-broadcast enable

undo ipv6 nd ra tunnel-broadcast enable

Default

A VSI interface uses the global RA message tunneling configuration.

Views

VSI interface view

Predefined user roles

network-admin

Usage guidelines

By default, a distributed EVPN gateway drops the RS messages received from VXLAN tunnels and periodically advertises RA messages only to the local site. As a result, a distributed EVPN gateway does not send RA messages over VXLAN tunnels, and remote gateways cannot update information about the gateway based on RA messages. To resolve the issue, use this command to enable distributed EVPN gateways to advertise RA messages over VXLAN tunnels.

For this command to take effect, you must use the undo ipv6 nd ra halt command to disable RA message suppression on VSI interfaces. The intervals at which VSI interfaces advertise RA messages over VXLAN tunnels are determined by the ipv6 nd ra interval command. For more information about the undo ipv6 nd ra halt and ipv6 nd ra interval commands, see IPv6 basics in Layer 3—IP Services Command Reference.

Examples

# Enable VSI-interface 100 to send RA messages over VXLAN tunnels.

<Sysname> system-view

[Sysname] interface vsi-interface 100

[Sysname-Vsi-interface100] ipv6 nd ra tunnel-broadcast enable

Related commands

ipv6 nd ra interval

l2vpn drni peer-link ac-match-rule vxlan-mapping

Use l2vpn drni peer-link ac-match-rule vxlan-mapping to enable the device to create frame match criteria based on VXLAN IDs for the dynamic ACs on the Ethernet aggregate link IPL.

Use undo l2vpn drni peer-link ac-match-rule vxlan-mapping to restore the default.

NOTE:

This command is supported only in Release 6616 and later.

Syntax

l2vpn drni peer-link ac-match-rule vxlan-mapping

undo l2vpn drni peer-link ac-match-rule vxlan-mapping

Default

On a DR system that uses an Ethernet aggregate link as the IPL, dynamic ACs on the IPL use frame match criteria that are identical to those of site-facing ACs.

Views

System view

Predefined user roles

network-admin

Usage guidelines

By default, if a DR system uses an Ethernet aggregate link as the IPL, each DR member device creates a dynamic AC on the IPL when an AC is configured on a site-facing interface. The dynamic AC and the site-facing AC have the same frame match criteria and VSI mapping. If two site-facing ACs on different interfaces have the same frame match criteria but different VSI mappings, the dynamic ACs created for the site-facing ACs will conflict with each other. To prevent this issue, enable the DR member devices to create frame match criteria based on VXLAN IDs for the dynamic ACs on the IPL.

With this command configured, a DR member device creates dynamic ACs on the IPL and maps them to the VSIs of VXLANs after the VXLANs are created. The matching VLAN IDs in frame match criteria are calculated for the dynamic ACs according to the following rules:

· Outer VLAN ID = VXLAN ID / 4094 + 1.

· Inner VLAN ID = VXLAN ID % 4094 + 1.

· If the calculated outer VLAN ID of a dynamic AC is the PVID of the IPP, the device uses the calculated inner VLAN ID as the outer VLAN ID. The device does not add a matching inner VLAN ID to the frame match criterion of the dynamic AC.

After you execute this command, do not create VXLANs with IDs larger than 16000000.

This command deletes existing dynamic ACs from IPPs and takes effect on all VXLANs.

Examples

# Enable the device to create frame match criteria based on VXLAN IDs for the dynamic ACs on the Ethernet aggregate link IPL.

<Sysname> system-view

[Sysname] l2vpn drni peer-link ac-match-rule vxlan-mapping

l3-vni

Use l3-vni to configure an L3 VXLAN ID for a VSI interface or for the public instance.

Use undo l3-vni to remove the L3 VXLAN ID for a VSI interface or for the public instance.

Syntax

l3-vni vxlan-id

undo l3-vni

Default

No L3 VXLAN ID is configured for a VSI interface or for the public instance.

Views

VSI interface view

Public instance view

Predefined user roles

network-admin

Parameters

vxlan-id: Specifies a VXLAN ID. The value range for this argument is 0 to 16777215.

Usage guidelines

On distributed EVPN gateways, you must configure L3 VXLAN IDs for the gateways to differentiate traffic of different VPN instances.

To forward Layer 3 traffic of a VPN instance, you must assign an L3 VXLAN ID to the VSI interface of the VPN instance. To forward Layer 3 traffic of the public network, you must assign the same L3 VXLAN ID to the public instance and the VSI interface of the public instance.

To modify the L3 VXLAN ID for the public instance, you must first delete the original L3 VXLAN ID.

The L3 VXLAN ID specified by using this command cannot be the same as any VXLAN ID specified by using the mapping vni command.

Examples

# Configure the L3 VXLAN ID as 1000 for VSI-interface 100.

<Sysname> system-view

[Sysname] interface vsi-interface 100

[Sysname-Vsi-interface100] l3-vni 1000

mac-address forwarding-conversational-learning

Use mac-address forwarding-conversational-learning to enable conversational learning for remote MAC address entries.

Use undo mac-address forwarding-conversational-learning to disable conversational learning for remote MAC address entries.

Syntax

mac-address forwarding-conversational-learning

undo mac-address forwarding-conversational-learning

Default

Conversational learning is disabled for remote MAC address entries.

Views

System view

Predefined user roles

network-admin

Usage guidelines

Use this command only on an EVPN network.

By default, the device issues a remote MAC address entry to the hardware after the remote MAC address is advertised to the local site by BGP EVPN routes. This feature enables the device to issue a remote MAC address entry to the hardware only when the entry is required for packet forwarding. This feature saves hardware resources on the device.

With this feature enabled, the device generates a blackhole MAC address entry for an unknown MAC address if receiving 50 frames destined for that MAC address within the MAC aging time. For more information about the MAC aging time and blackhole MAC address entries, see MAC address table configuration in Layer 2—LAN Switching Configuration Guide.

Examples

# Enable conversational learning for remote MAC address entries.

<Sysname> system-view

[Sysname] mac-address forwarding-conversational-learning

mac-advertising disable

Use mac-advertising disable to disable MAC address advertisement and withdraw advertised MAC addresses.

Use undo mac-advertising disable to restore the default.

Syntax

mac-advertising disable

undo mac-advertising disable

Default

MAC address advertisement is enabled.

Views

VSI EVPN instance view

Predefined user roles

network-admin

Usage guidelines

The MAC information and ARP information advertised by the VTEP overlap. To avoid duplication, use this command to disable MAC address advertisement and withdraw the MAC addresses advertised to remote VTEPs.

Examples

# Disable MAC address advertisement and withdraw advertised MAC addresses for a VSI EVPN instance.

<Sysname> system-view

[Sysname] vsi aaa

[Sysname-vsi-aaa] evpn encapsulation vxlan

[Sysname-vsi-aaa-evpn-vxlan] mac-advertising disable

mapping vni

Use mapping vni to map a local VXLAN to a remote VXLAN.

Use undo mapping vni to restore the default.

Syntax

mapping vni vxlan-id

undo mapping vni

Default

A local VXLAN is not mapped to any remote VXLAN.

Views

VSI EVPN instance view

Predefined user roles

network-admin

Parameters

vxlan-id: Specifies a remote VXLAN ID. The value range for this argument is 0 to 16777215.

Usage guidelines

The VXLAN mapping feature provides Layer 2 connectivity for a tenant subnet that uses different VXLAN IDs in multiple data centers.

VXLAN mapping includes the following types:

· Non-intermediate VXLAN mapping—When two data centers use different VXLAN IDs for a subnet, map the local VXLAN to the remote VXLAN on the ED of one data center. For example, for VXLAN 10 of data center 1 to communicate with VXLAN 20 of data center 2, map VXLAN 10 to VXLAN 20 on the ED of data center 1.

· Intermediate VXLAN mapping—When multiple data centers use different VXLAN IDs for a subnet, map the VXLANs to an intermediate VXLAN on all EDs. For example, data center 1 uses VXLAN 10, data center 2 uses VXLAN 20, and data center 3 uses VXLAN 30. To provide connectivity for the VXLANs, map them to intermediate VXLAN 500 on EDs of the data centers. You must use intermediate VXLAN mapping if more than two data centers use different VXLAN IDs. The intermediate VXLAN can be used only for VXLAN mapping, and it cannot be used for common VXLAN services.

You must create mapped remote VXLANs on the device, create an EVPN instance for each remote VXLAN, and configure RD and route target settings for the EVPN instances.

The mapped remote VXLAN ID cannot be any L3 VXLAN ID specified by using the l3-vni command or the reserved VXLAN ID specified by using the reserved vxlan command.

Examples

# Map local VXLAN 100 to remote VXLAN 200.

<Sysname> system-view

[Sysname] vsi aaa

[Sysname-vsi-aaa] vxlan 100

[Sysname-vsi-aaa-vxlan-100] quit

[Sysname-vsi-aaa] evpn encapsulation vxlan

[Sysname-vsi-aaa-evpn-vxlan] mapping vni 200

Related commands

reserved vxlan (VXLAN Command Reference)

mapping-vni remove vpn-target

Use mapping-vni remove vpn-target to remove the route targets of VPN instances from BGP EVPN routes for mapped remote VXLANs.

Use undo mapping-vni remove vpn-target to restore the default.

NOTE:

This command is supported only in Release 6616 and later.

Syntax

mapping-vni remove vpn-target

undo mapping-vni remove vpn-target

Default

The device does not remove the route targets of VPN instances from BGP EVPN routes for mapped remote VXLANs.

Views

BGP EVPN address family view

Predefined user roles

network-admin

Usage guidelines

This command enables an EVPN-DCI ED to remove the route targets of the VPN instances with L3 VXLAN IDs associated from BGP EVPN routes when the ED performs VXLAN mapping. It prevents remote EDs from adding the BGP EVPN routes for mapped remote VXLANs to the routing tables of VPN instances. If only Layer 2 connectivity is required between data centers, use this command on the EDs of the data centers to disable Layer 3 forwarding.

If the peer re-originated and mapping vni commands are used together on an ED, the ED advertises both original and reoriginated BGP EVPN routes that carry different VXLAN IDs. To avoid forwarding failure, use the mapping-vni remove vpn-target command to remove the route targets of VPN instances from the original BGP EVPN routes. This allows remote EDs to add only the reoriginated BGP EVPN routes to the routing tables of VPN instances.

Examples

# Remove the route targets of VPN instances from BGP EVPN routes for mapped remote VXLANs.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn] mapping-vni remove vpn-target

Related commands

mapping vni

peer re-originated

nd mac-learning disable

Use nd mac-learning disable to disable a VSI EVPN instance from learning MAC addresses from ND information.

Use undo nd mac-learning disable to restore the default.

Syntax

nd mac-learning disable

undo nd mac-learning disable

Default

A VSI EVPN instance learns MAC addresses from ND information.

Views

VSI EVPN instance view

Predefined user roles

network-admin

Usage guidelines

The MAC information and ND information advertised by a remote VTEP overlap. To avoid duplication, use this command to disable the learning of MAC addresses from ND information. EVPN will learn remote MAC addresses only from the MAC information advertised from remote sites.

Examples

# Disable a VSI EVPN instance from learning MAC addresses from ND information.

<Sysname> system-view

[Sysname] vsi aaa

[Sysname-vsi-aaa] evpn encapsulation vxlan

[Sysname-vsi-aaa-evpn-vxlan] nd mac-learning disable

nexthop evpn-drni group-address

Use nexthop evpn-drni group-address to enable the device to replace the next hop in advertised BGP EVPN routes with the virtual VTEP address.

Use nexthop evpn-drni group-address to restore the default.

NOTE:

This command is supported only in Release 6616 and later.

Syntax

nexthop evpn-drni group-address

undo nexthop evpn-drni group-address

Default

When advertising BGP EVPN routes to an EBGP peer or peer group, the device replaces the next hop with the IP address of the source interface used to establish BGP sessions. When advertising EBGP routes to an IBGP peer or peer group, the device does not modify the next hop.

Views

BGP EVPN address family view

Predefined user roles

network-admin

Usage guidelines

When you use DRNI on EDs in an EVPN-DCI network, you must enable the EDs to replace the next hop in advertised BGP EVPN routes with the virtual VTEP address.

Examples

# Enable the device to replace the next hop in advertised BGP EVPN routes with the virtual VTEP address.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn] nexthop evpn-drni group-address

peer advertise evpn-route suppress

Use peer advertise evpn-route suppress to suppress the advertisement of specific BGP EVPN routes to a peer or peer group.

Use undo peer advertise evpn-route suppress to restore the default.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } advertise evpn-route suppress { ip-prefix | mac-ip }

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } advertise evpn-route suppress { ip-prefix | mac-ip }

Default

Advertisement of BGP EVPN routes is not suppressed.

Views

BGP EVPN address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must exist.

ipv4-address: Specifies a peer by its IPv4 address. The peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. To specify a subnet, you must specify both the ipv4-address and mask-length arguments.

ipv6-address: Specifies a peer by its IPv6 address. The peer must exist.

prefix-length: Specifies a prefix length in the range of 0 to 128. To specify a subnet, you must specify both the ipv6-address and prefix-length arguments.

ip-prefix: Suppresses IP prefix advertisement routes.

mac-ip: Suppresses MAC/IP advertisement routes.

Usage guidelines

To reduce the number of BGP EVPN routes on EDs of an EVPN-DCI network, suppress the advertisement of specific BGP EVPN routes on the EDs.

If two VSI interfaces on EVPN gateways of different data centers use the same IP address, do not suppress the advertisement of MAC/IP advertisement routes on the EDs of the data centers. If you suppress the advertisement of these routes, the EDs cannot communicate with each other.

Examples

# Suppress the IP prefix advertisement routes advertised to peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn] peer 1.1.1.1 advertise evpn-route suppress ip-prefix

peer advertise original-route

Use peer advertise original-route to enable the device to advertise original BGP EVPN routes to a peer or peer group.

Use undo peer advertise original-route to disable the device from advertising original BGP EVPN routes to a peer or peer group.

NOTE:

This command is supported only in Release 6616 and later.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } advertise original-route

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } advertise original-route

Default

The device advertises only reoriginated BGP EVPN routes to peers and peer groups after the peer re-originated command is executed.

Views

BGP EVPN address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must exist.

ipv4-address: Specifies a peer by its IPv4 address. The peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. To specify a subnet, you must specify both the ipv4-address and mask-length arguments.

ipv6-address: Specifies a peer by its IPv6 address. The peer must exist.

prefix-length: Specifies a prefix length in the range of 0 to 128. To specify a subnet, you must specify both the ipv6-address and prefix-length arguments.

Usage guidelines

For this command to take effect on an ED, first execute the peer re-originated command.

In an EVPN-DCI network, an ED configured with the peer re-originated command advertises only reoriginated BGP EVPN routes. For the ED to advertise both original and reoriginated BGP EVPN routes to a peer or peer group, execute the peer advertise original-route command on the ED.

Examples

# Enable the device to advertise original BGP EVPN routes to peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn] peer 1.1.1.1 advertise original-route

Related commands

peer re-originated

peer suppress re-originated

peer default-gateway no-advertise

Use peer default-gateway no-advertise to remove the default-gateway extended community attribute from the EVPN gateway routes advertised to a peer or peer group.

Use undo peer default-gateway no-advertise to restore the default.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } default-gateway no-advertise

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } default-gateway no-advertise

Default

EVPN gateway routes advertised to peers and peer groups contain the default-gateway extended community attribute.

Views

BGP EVPN address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must exist.

ipv4-address: Specifies a peer by its IPv4 address. The peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. To specify a subnet, you must specify both the ipv4-address and mask-length arguments.

ipv6-address: Specifies a peer by its IPv6 address. The peer must exist.

prefix-length: Specifies a prefix length in the range of 0 to 128. To specify a subnet, you must specify both the ipv6-address and prefix-length arguments.

Usage guidelines

An EVPN gateway route is the route for the IP address of a VSI interface on an EVPN gateway. By default, the EVPN gateway routes advertised by an EVPN gateway contain the default-gateway extended community attribute. The EVPN gateway routes with that attribute cannot be used as ECMP routes. You can use this command to remove the default-gateway extended community attribute from EVPN gateway routes for the routes to be used for load sharing.

Examples

# Remove the default-gateway extended community attribute from the EVPN gateway routes advertised to peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn] peer 1.1.1.1 default-gateway no-advertise

peer next-hop-invariable

Use peer next-hop-invariable to configure the device to not change the next hop of routes advertised to an EBGP peer or peer group.

Use undo peer next-hop-invariable to configure the device to use its address as the next hop of routes advertised to an EBGP peer or peer group.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } next-hop-invariable

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } next-hop-invariable

Default

The device uses its address as the next hop of routes advertised to EBGP peers or peer groups.

Views

BGP EVPN address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters.

ipv4-address: Specifies a peer by its IPv4 address.

mask-length: Specifies a mask length in the range of 0 to 32. To specify a subnet, you must specify both the ipv4-address and mask-length arguments.

ipv6-address: Specifies a peer by its IPv6 address. The peer must exist.

prefix-length: Specifies a prefix length in the range of 0 to 128. To specify a subnet, you must specify both the ipv6-address and prefix-length arguments.

Usage guidelines

When you use this command and the peer next-hop-local command, follow these restrictions:

· The peer next-hop-invariable command is exclusive with the peer next-hop-local command. You can execute only one of these commands for a peer or peer group.

· If you have executed the peer next-hop-invariable command for a peer group, you cannot execute the peer next-hop-local command for any peer in the peer group.

· When you execute the peer next-hop-local command for a peer group whose members already have the peer next-hop-invariable setting, the peer next-hop-local command overwrites that setting.

The next hop in BGP EVPN routes is the IP address of the originating VTEP. By default, the device replaces the next hop of IBGP routes with its address when advertising the routes to an EBGP peer. If the device is a transport network device, it will modify the next hop of BGP EVPN routes. For VTEPs to learn one another's IP address, you must configure the device to not change the next hop of routes advertised to EBGP peers.

Examples

# Configure the device to not change the next hop of routes advertised to EBGP peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn] peer 1.1.1.1 next-hop-invariable

Related commands

peer next-hop-local (Layer 3—IP Routing Command Reference)

peer re-originated

Use peer re-originated to modify the information in received BGP EVPN routes.

Use undo peer re-originated to restore the default.

NOTE:

This command is supported only in Release 6616 and later.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } re-originated [ imet | ip-prefix | mac-ip ] [ replace-rt ]

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } re-originated [ imet | ip-prefix | mac-ip ]

Default

The device does not modify the BGP EVPN routes that are received from peers or peer groups.

Views

BGP EVPN address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must exist.

ipv4-address: Specifies a peer by its IPv4 address. The peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. To specify a subnet, you must specify both the ipv4-address and mask-length arguments.

ipv6-address: Specifies a peer by its IPv6 address. The peer must exist.

prefix-length: Specifies a prefix length in the range of 0 to 128. To specify a subnet, you must specify both the ipv6-address and prefix-length arguments.

imet: Specifies IMET routes.

ip-prefix: Specifies IP prefix advertisement routes.

mac-ip: Specifies MAC/IP advertisement routes.

replace-rt: Replaces the L3 VXLAN ID, RD, and route targets of BGP EVPN routes with those of the matching local VPN instance. If you do not specify this keyword, only the L3 VXLAN ID and RD will be replaced.

Usage guidelines

In an EVPN-DCI network, use this command to hide the L3 VXLAN IDs of data centers or enable communication between data centers that use different L3 VXLAN IDs or route targets.

After you execute this command on an ED, the ED performs the following operations after receiving BGP EVPN routes:

1. Matches the route targets of the routes with the import route targets of local VPN instances.

2. Replaces the L3 VXLAN ID, RD, and route targets of the routes with those of the matching local VPN instance.

3. Advertises the routes to a VTEP or remote ED.

After you execute this command, an ED advertises only modified BGP EVPN routes. The original BGP EVPN routes are not advertised. To advertise the original BGP EVPN routes, use the peer advertise original-route command.

If the RD of a received BGP EVPN route is identical to the RD of the matching local VPN instance, an ED does not replace the L3 VXLAN ID and route targets of the route or regenerate the route. As a result, the ED does not advertise the route. As a best practice, assign unique RDs to VPN instances on different EVPN gateways and EDs if you use the peer re-originated command.

If you do not specify a route type, this command applies to IP prefix advertisement routes.

Examples

# Replace the L3 VXLAN ID, RD, and route targets of received IP prefix advertisement routes.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn] peer 1.1.1.1 re-originated replace-rt

Related commands

peer advertise original-route

peer suppress re-originated

peer router-mac-local

Use peer router-mac-local to enable route router MAC replacement for a peer or peer group.

Use undo peer router-mac-local to cancel route router MAC replacement configuration for a peer or peer group.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } router-mac-local

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } router-mac-local

Default

The device does not modify the router MAC address of routes before advertising the routes.

Views

BGP EVPN address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must exist.

ipv4-address: Specifies a peer by its IPv4 address. The peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. To specify a subnet, you must specify both the ipv4-address and mask-length arguments

ipv6-address: Specifies a peer by its IPv6 address. The peer must exist.

prefix-length: Specifies a prefix length in the range of 0 to 128. To specify a subnet, you must specify both the ipv6-address and prefix-length arguments.

Usage guidelines

This command enables an ED to use its router MAC address to replace the router MAC address of routes received from and advertised to a peer or peer group in the local data center. The router MAC replacement process is as follows:

· For routes received from the peer or peer group, the ED performs router MAC replacement and advertises the routes to remote EDs.

· For routes received from a remote data center, the ED performs router MAC replacement and advertises the routes to the peer or peer group.

Examples

# In BGP EVPN address family view, enable route router MAC replacement for peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn] peer 1.1.1.1 router-mac-local

peer suppress re-originated

Use peer suppress re-originated to suppress advertisement of reoriginated BGP EVPN routes to a peer or peer group.

Use undo peer suppress re-originated to disable suppression of reoriginated BGP EVPN route advertisement to a peer or peer group.

NOTE:

This command is supported only in Release 6616 and later.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } suppress re-originated { imet | ip-prefix | mac-ip }

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } suppress re-originated { imet | ip-prefix | mac-ip }

Default

The device advertises reoriginated BGP EVPN routes to peers and peer groups after the peer re-originated command is executed.

Views

BGP EVPN address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must exist.

ipv4-address: Specifies a peer by its IPv4 address. The peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. To specify a subnet, you must specify both the ipv4-address and mask-length arguments.

ipv6-address: Specifies a peer by its IPv6 address. The peer must exist.

prefix-length: Specifies a prefix length in the range of 0 to 128. To specify a subnet, you must specify both the ipv6-address and prefix-length arguments.

imet: Specifies IMET routes.

ip-prefix: Specifies IP prefix advertisement routes.

mac-ip: Specifies MAC/IP advertisement routes.

Usage guidelines

An ED configured with the peer re-originated and peer advertise original-route commands advertises both original and reoriginated BGP EVPN routes. For the ED to advertise only original BGP EVPN routes to a peer or peer group, execute the peer suppress re-originated command on the ED.

Examples

# Suppress advertisement of reoriginated IP prefix advertisement routes to peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn] peer 1.1.1.1 suppress re-originated ip-prefix

Related commands

peer advertise original-route

peer re-originated

policy vpn-target

Use policy vpn-target to enable route target filtering for BGP EVPN routes.

Use undo policy vpn-target to disable route target filtering for BGP EVPN routes.

Syntax

policy vpn-target

undo policy vpn-target

Default

Route target filtering is enabled for BGP EVPN routes.

Views

BGP EVPN address family view

Predefined user roles

network-admin

Usage guidelines

When route target filtering is enabled for BGP EVPN routes, the EVPN routing table accepts only BGP EVPN routes of which the export route targets match the local import route targets. If the device must save all BGP EVPN routes, use the undo policy vpn-target command to disable route target filtering for BGP EVPN routes.

Examples

# Disable route target filtering for BGP EVPN routes.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn] undo policy vpn-target

route-distinguisher

Use route-distinguisher to configure an RD for an EVPN instance or the public instance.

Use undo route-distinguisher to restore the default.

Syntax

In public instance view:

route-distinguisher route-distinguisher

undo route-distinguisher

In VSI EVPN instance view:

route-distinguisher { route-distinguisher | auto [ router-id ] }

undo route-distinguisher

Default

No RD is configured for an EVPN instance or the public instance.

Views

Public instance view

VSI EVPN instance view

Predefined user roles

network-admin

Parameters

route-distinguisher: Specifies an RD, a string of 3 to 21 characters. The RD cannot be all zeros and can use one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number. For example, 65536:1. The AS number must be equal to or greater than 65536.

auto: Automatically generates an RD in the N:VXLAN ID format. The initial value of N is 1. If N:VXLAN ID is already in use, the system increases the value of N by 1 until the RD is available.

router-id: Automatically generates an RD based on the router ID in the Router ID:N format. The initial value of N is 1. If Router ID:N is already in use, the system increases the value of N by 1 until the RD is available. If you do not specify this keyword with the auto keyword, the system automatically generates an RD based on the VXLAN ID in the N:VXLAN ID format.

Usage guidelines

EVPN uses MP-BGP to advertise BGP EVPN routes for automatic VTEP discovery, MAC reachability information advertisement, and host route advertisement. MP-BGP uses the RD to differentiate BGP EVPN routes of different EVPN instances.

To modify the RD of the public instance, first execute the undo route-distinguisher command to remove the original RD.

Examples

# Configure 22:1 as the RD of the EVPN instance on VSI aaa.

<Sysname> system-view

[Sysname] vsi aaa

[Sysname-vsi-aaa] evpn encapsulation vxlan

[Sysname-vsi-aaa-evpn-vxlan] route-distinguisher 22:1

rr-filter

Use rr-filter to create a route reflector (RR) reflection policy.

Use undo rr-filter to restore the default.

Syntax

rr-filter ext-comm-list-number

undo rr-filter

Default

An RR does not filter reflected BGP EVPN routes.

Views

BGP EVPN address family view

Predefined user roles

network-admin

Parameters

ext-comm-list-number: Specifies an extended community attribute list by its number in the range of 1 to 65535.

Usage guidelines

This command enables an RR to reflect only received BGP EVPN routes that match the attributes in the specified extended community attribute list.

If a cluster contains multiple RRs, you can configure different reflection policies on the RRs for load sharing among the RRs.

For more information about the extended community attribute list, see Layer 3—IP Routing Configuration Guide.

Examples

# Configure a reflection policy for the device to reflect BGP EVPN routes that match extended community attribute list 10.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn] rr-filter 10

Related commands

ip extcommunity-list (Layer 3—IP Routing Command Reference)

vpn-route cross multipath

Use vpn-route cross multipath to enable ECMP VPN route redistribution.

Use undo vpn-route cross multipath to disable ECMP VPN route redistribution.

Syntax

vpn-route cross multipath

undo vpn-route cross multipath

Default

ECMP VPN route redistribution is disabled. If multiple routes have the same prefix and RD, BGP only imports the optimal route into the EVPN routing table.

Views

BGP EVPN address family view

Predefined user roles

network-admin

Usage guidelines

ECMP VPN route redistribution enables BGP to import all routes that have the same prefix and RD into the EVPN routing table.

Examples

# Enable ECMP VPN route redistribution.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn evpn

[Sysname-bgp-default-evpn] vpn-route cross multipath

vpn-target

Use vpn-target to configure route targets for EVPN.

Use undo vpn-target to delete route targets for EVPN.

Syntax

In VSI EVPN instance view:

vpn-target { vpn-target&<1-8> | auto } [ both | export-extcommunity | import-extcommunity ]

undo vpn-target { vpn-target&<1-8> | auto | all } [ both | export-extcommunity | import-extcommunity ]

VPN instance EVPN view, public instance view, public instance IPv4 address family view, public instance IPv6 address family view, or public instance EVPN view:

vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]

undo vpn-target { all | vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ] }

Default

EVPN does not have route targets.

Views

VSI EVPN instance view

VPN instance EVPN view

Public instance view

Public instance EVPN view

Public instance IPv4 address family view

Public instance IPv6 address family view

Predefined user roles

network-admin

Parameters

vpn-target&<1-8>: Specifies a space-separated list of up to eight route targets. Each route target is a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number. For example, 65536:1. The AS number must be equal to or greater than 65536.

auto: Automatically generates a route target in the format of BGP AS number:VXLAN ID.

both: Uses the specified route targets as both import and export targets. If you do not specify the both, export-extcommunity, or import-extcommunity keyword, the both keyword applies.

export-extcommunity: Uses the specified route targets as export targets.

import-extcommunity: Uses the specified route targets as import targets.

all: Specifies all route targets.

Usage guidelines

EVPN uses MP-BGP to advertise BGP EVPN routes for automatic VTEP discovery, MAC reachability information advertisement, and host route advertisement. MP-BGP uses route targets to control the advertisement and acceptance of BGP EVPN routes.

A VTEP sets the export targets for BGP EVPN routes before advertising the routes to remote VTEPs. The VTEP checks the export targets of BGP EVPN routes from remote VTEPs and imports only BGP EVPN routes of which the export targets match the local import targets.

If you execute this command multiple times, all configured route targets take effect.

Examples

# Configure import route targets 10:1, 100:1, and 1000:1 for the EVPN instance on VSI aaa.

<Sysname> system-view

[Sysname] vsi aaa

[Sysname-vsi-aaa] evpn encapsulation vxlan

[Sysname-vsi-aaa-evpn-vxlan] vpn-target 10:1 100:1 1000:1 import-extcommunity

16-EVPN Command Reference

EVPN commands

address-family evpn (VPN instance view)

display evpn drni synchronized-mac

display evpn ipv6 auto-discovery

evpn encapsulation

evpn global-mac

evpn mac-ip advertise distributed-gateway

nd mac-learning disable

rr-filter

Cloud & AI

InterConnect

Intelligent Terminal Products

Product Support Services

Technical Service Solutions

Resource Center

Policy

Online Help

Become a Partner

Partner Resources

Partner Business Management

Company Information

News & Events

Contact Us