EVPN Virtual Private LAN Service (VPLS) is a Layer 2 VPN technology that uses MP-BGP to advertise EVPN routes in the control plane and MPLS for forwarding in the data plane. EVPN VPLS provides point-to-multipoint forwarding services for users with MAC address table lookup in VSIs.

EVPN VPLS network model

As shown in Figure 1, an EVPN VPLS network contains the following devices:

· Customer edge (CE)—Customer device directly connected to the service provider network.

· Provider edge (PE)—Service provider device connected to CEs. PEs provide access to the EVPN VPLS network and forward traffic between customer network sites by using public tunnels.

A PE uses ACs, PWs, tunnels, and VSIs to provide EVPN VPLS services.

· Attachment circuit (AC)—A physical or virtual link between a CE and a PE.

· Pseudowire (PW)—A virtual bidirectional connection between two PEs. A PW contains a pair of virtual links in opposite directions.

· Public tunnel—A connection that carries one or more PWs across the MPLS or IP backbone. A public tunnel can be an LSP or MPLS TE tunnel.

· Virtual Switch Instance (VSI)—A virtual switch instance provides Layer 2 switching services for a VPLS instance (EVPN instance) on a PE. A VSI acts as a virtual switch that has all the functions of a conventional Ethernet switch, including source MAC address learning, MAC address aging, and flooding. VPLS uses VSIs to forward Layer 2 data packets in EVPN instances.

Figure 1 EVPN VPLS network

‌

Neighbor auto-discovery and PW establishment

A PE uses Ethernet auto-discovery or IMET routes to automatically discover neighbors and establish PWs. When a PE receives an Ethernet auto-discovery or IMET route in a VSI, it compares the export route targets of the route with the import route targets of the EVPN instance associated with the VSI. If they are match, the PE will establish a unidirectional virtual link based on the PE address and PW label information carried in the route. PW establishment is finished when two virtual links in opposite directions are established between two PEs.

MAC address learning, aging, and withdrawal

Source MAC address learning

A PE uses the MAC address table of a VSI to forward Layer 2 unicast traffic for that VSI.

A PE learns source MAC addresses in the following ways:

· Local MAC address learning—When the PE receives a frame from a local CE, it first identifies the VSI of the frame. Then, the PE adds the source MAC address of the frame (the MAC address of the local CE) to the MAC address table of the VSI. The output interface of the MAC address entry is the AC that receives the frame.

· Remote MAC address learning—A PE advertises the MAC addresses of local CEs to remote PEs through BGP EVPN MAC/IP advertisement routes. When a remote PE receives the routes, it adds the received MAC addresses to the MAC address table of the corresponding VSI. The output interface is the PW between the PEs.

MAC address aging

· Local MAC address aging—The MAC address table uses an aging timer for each dynamic MAC address entry. If no packet is received from a MAC address before the aging timer expires, VPLS deletes the MAC address.

· Remote MAC address aging—Remote MAC addresses advertised through MAC/IP advertisement routes are not removed from the MAC address table until routes to withdraw the MAC addresses are received.

MAC address withdrawal

When an AC goes down, the PE deletes MAC addresses on the AC. Then it sends an LDP address withdrawal message to notify all other PEs in the EVPN instance to delete those MAC addresses.

Traffic forwarding and flooding

Unicast traffic forwarding

After a PE receives a unicast packet with a known destination MAC address from an AC, the PE searches the MAC address table of the VSI bound to the AC for packet forwarding.

· If the output interface in the entry is a PW, the PE inserts the PW label to the packet, and adds the public tunnel header to the packet. It then forwards the packet to the remote PE over the PW. If the public tunnel is an LSP or MPLS TE tunnel, each packet on the PW contains two labels. The inner label is the PW label, which identifies the PW and ensures that the packet is forwarded to the correct VSI. The outer label is the public LSP or MPLS TE tunnel label, which ensures that the packet is correctly forwarded to the remote PE.

· If the output interface in the entry is a local interface, the PE directly forwards the packet to the local interface.

After a PE receives a unicast packet with a known destination MAC address from a PW, the PE searches the MAC address table of the VSI bound to the PW for packet forwarding. The PE forwards the packet through the output interface in the matching MAC address entry.

Full mesh and split horizon

A Layer 2 network requires a loop prevention protocol to avoid loops. However, a loop prevention protocol on PEs brings management and maintenance difficulties. Therefore, EVPN VPLS uses the following methods to prevent loops:

· Full mesh—Every two PEs in an EVPN instance must establish a PW. The PWs form a full mesh among PEs in the EVPN instance.

· Split horizon—A PE does not forward packets received from a PW to any other PWs in the same VSI but only forwards those packets to ACs.

EVPN VPLS multihoming

About EVPN VPLS multihoming

As shown in Figure 2, EVPN VPLS supports deploying multiple PEs at a site for redundancy and high availability. On the redundant PEs, Ethernet links connected to the site form an ES that is uniquely identified by an ESI. EVPN VPLS supports only dualhoming.

Figure 2 EVPN VPLS multihoming

‌

DF election

To prevent redundant PEs from sending duplicate flood traffic to a multihomed site, a designated forwarder (DF) is elected from the PEs for each AC to forward flood traffic to the AC. PEs that fail the election are assigned the backup designated forwarder (BDF) role. BDFs of an AC do not forward flood traffic to the AC.

Redundant PEs at a site send Ethernet segment routes to one another to advertise ES and PE IP mappings. A PE accepts the Ethernet segment routes only when it is configured with an ESI. Then, the PEs select a DF for each AC based on the ES and PE IP mappings by using the following procedure:

1. Arrange source IP addresses in Ethernet segment routes with the same ESI in ascending order and assign a sequence number to each IP address, starting from 0.

2. Divide the lowest VLAN ID permitted on an AC by the number of the redundant PEs, and match the reminder to the sequence numbers of IP addresses.

3. Assign the DF role to the PE that uses the IP address with the matching sequence number.

The following uses the AC in Figure 3 as an example to explain the DF election procedure:

1. PE 1 and PE 2 send Ethernet segment routes to each other.

2. The PEs assign sequence numbers 0 and 1 to IP addresses 1.1.1.1 and 2.2.2.2 in the Ethernet segment routes, respectively.

3. The PEs divide 4 (the lowest VLAN ID permitted by the AC) by 2 (the number of redundant PEs), and match the reminder 0 to the sequence numbers of the IP addresses.

4. The DF role is assigned to PE 1 at 1.1.1.1.

Figure 3 DF election

‌

Redundancy mode

The device supports all-active redundancy mode of EVPN VPLS multihoming. This mode allows all redundant PEs to a multihomed site to load share unicast traffic.

IP aliasing

In all-active redundancy mode, all redundant PEs of an ES advertise the ES to remote PEs through MP-BGP. IP aliasing allows a remote PE to add the IP addresses of all the redundant PEs as the next hops for the MAC or ARP information received from one of these PEs. This mechanism creates ECMP routes between the remote PE and the redundant PEs.

Local FRR for EVPN VPLS

As shown in Figure 4, CE 1 is dualhomed to PE 1 and PE 2, and PE 1 is the DF. When the AC on PE 1 fails, PE 1 deletes the corresponding MAC address entries and advertises the local unreachable event to PE 2 and remote PEs (PE 3 in this example). Then, the remote PEs will switch traffic destined for CE 1 to the tunnels to PE 2. This process takes some time. PE 1 might receive packets destined for CE 1 before the remote PEs are notified of the unreachable event and perform link switchover. In this situation, PE 1 drops the packets, because the AC's MAC address entries have been deleted. To resolve this issue, enable local FRR on PE 1. If an AC fails, PE 1 changes the output interface of the AC's MAC address entries to the index of the PW between PE 1 and PE 2. When receiving packets from remote PEs after its AC fails, PE 1 forwards the packets to PE 2 over the PW to prevent traffic loss.

Figure 4 Local FRR network diagram

‌

MAC mobility

MAC mobility refers to the movement of a VM or host from one ES to another. The source PE is unaware of the MAC move event. To notify other PEs of the change, the destination PE advertises a MAC/IP advertisement route for the MAC address. The source PE withdraws the old route for the MAC address after receiving the new route. The MAC/IP advertisement route has a sequence number that increases when the MAC address moves. The sequence number identifies the most recent move if the MAC address moves multiple times.

EVPN VPLS tasks at a glance

To configure EVPN VPLS, perform the following tasks:

1. Configuring a VSI

a. Creating a VSI

b. (Optional.) Configure VSI parameters

2. Configuring an EVPN instance

3. Mapping ACs to a VSI

4. Configuring BGP to advertise BGP EVPN routes

a. Enabling BGP to advertise BGP EVPN routes

b. Enabling advertisement of MPLS-encapsulated BGP EVPN routes

c. (Optional.) Configuring optimal route selection and route advertisement settings

d. (Optional.) Maintaining BGP sessions

5. (Optional.) Configuring EVPN VPLS multihoming

a. Assigning an ESI to an interface

b. (Optional.) Setting the DF election delay

c. (Optional.) Setting the advertisement delay timer for Ethernet auto-discovery routes

d. (Optional.) Disabling advertisement of EVPN multihoming routes

e. (Optional.) Ignoring the Ethernet tag on advertisement of Ethernet auto-discovery and MAC/IP advertisement routes

f. (Optional.) Enabling the device to monitor the BGP peer status of another local edge device

6. (Optional.) Managing remote MAC address entries and remote ARP learning

¡ Disabling MAC address advertisement

¡ Disabling learning of MAC addresses from ARP information

7. (Optional.) Enabling EVPN E-tree

8. (Optional.) Enabling SNMP notifications for L2VPN PW

Configuring a VSI

Creating a VSI

1. Enter system view.

system-view

2. Enable L2VPN.

l2vpn enable

By default, L2VPN is disabled.

3. Create a VSI and enter VSI view.

vsi vsi-name

4. Bring up the VSI.

undo shutdown

By default, a VSI is not administratively down.

Configure VSI parameters

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Configure a VSI description.

description text

By default, a VSI does not have a description.

4. Set the MTU of the VSI.

mtu mtu

The default MTU for a VSI is 1500 bytes.

5. Set the maximum bandwidth for known unicast traffic of the VSI.

bandwidth bandwidth

By default, the maximum bandwidth is not limited for known unicast traffic of a VSI.

6. Configure MAC address learning features for the VSI:

a. Enable MAC address learning for the VSI.

mac-learning enable

By default, MAC address learning is enabled for a VSI.

b. (Optional.) Set a limit for the VSI's MAC address table.

mac-table limit mac-limit

By default, no limit is set for a VSI's MAC address table.

c. (Optional.) Enable the VSI to drop source-unknown unicast frames if the MAC address table is full.

mac-table limit drop-unknown

By default, the VSI forwards source-unknown unicast frames without learning the source MAC address if the MAC address table is full.

Configuring an EVPN instance

About this task

An EVPN instance acts as a VPLS instance in an EVPN VPLS network. The EVPN routes advertised by the PE carry the RD and route targets configured for the EVPN instance associated with a VSI.

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Create an EVPN instance and enter EVPN instance view.

evpn encapsulation mpls

4. Configure an RD for the EVPN instance.

route-distinguisher route-distinguisher

By default, no RD is configured for an EVPN instance.

5. Configure route targets for the EVPN instance.

vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]

By default, an EVPN instance does not have route targets.

Make sure the following requirements are met:

¡ The import targets of the EVPN instance do not match the export targets of the VPN instance associated with the VSI.

¡ The export targets of the EVPN instance do not match the import targets of the VPN instance associated with the VSI.

6. Apply a PW class to the EVPN instance.

pw-class class-name

By default, no PW class is applied to an EVPN instance.

The specified PW class applies to all PWs in the EVPN instance.

Mapping ACs to a VSI

Mapping a Layer 3 interface to a VSI

About this task

To assign the customer traffic on a Layer 3 interface to a VSI, map that interface to the VSI. The VSI uses its MAC address table to forward the customer traffic.

For more information about the commands in this task, see VPLS in MPLS Command Reference.

Procedure

1. Enter system view.

system-view

2. Enter Layer 3 interface view.

interface interface-type interface-number

3. Map the Layer 3 interface to a VSI.

xconnect vsi vsi-name [ access-mode { ethernet | vlan } ] [ track track-entry-number&<1-3> ]

By default, a Layer 3 interface is not mapped to a VSI.

Configuring BGP to advertise BGP EVPN routes

Restrictions and guidelines for BGP EVPN route advertisement

For more information about BGP commands in this task, see Layer 3—IP Routing Command Reference.

Enabling BGP to advertise BGP EVPN routes

1. Enter system view.

system-view

2. Configure a global router ID.

router id router-id

By default, no global router ID is configured.

3. Enable a BGP instance and enter BGP instance view.

bgp as-number [ instance instance-name ]

By default, BGP is disabled and no BGP instances exist.

4. Specify remote PEs as BGP peers.

peer { group-name | ipv4-address [ mask-length ] } as-number as-number

5. Create the BGP EVPN address family and enter BGP EVPN address family view.

address-family l2vpn evpn

6. Enable BGP to exchange BGP EVPN routes with a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } enable

By default, BGP does not exchange BGP EVPN routes with peers.

Enabling advertisement of MPLS-encapsulated BGP EVPN routes

About this task

Perform this task on PEs for them to establish PWs.

Procedure

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP EVPN address family view.

address-family l2vpn evpn

4. Enable MPLS encapsulation for the BGP EVPN routes advertised to a peer or peer group.

peer { group name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } advertise encap-type mpls

By default, BGP EVPN routes use VXLAN encapsulation.

Configuring optimal route selection and route advertisement settings

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP EVPN address family view.

address-family l2vpn evpn

4. Permit the local AS number to appear in routes from a peer or peer group and set the number of appearances.

peer { group-name | ipv4-address [ mask-length ] } allow-as-loop [ number ]

By default, the local AS number is not allowed in routes from peers.

5. Enable route target filtering for BGP EVPN routes.

policy vpn-target

By default, route target filtering is enabled for BGP EVPN routes.

6. (Optional.) Set the optimal route selection delay timer.

route-select delay delay-value

By default, the optimal route selection delay timer is 0 seconds, which means optimal route selection is not delayed.

7. (Optional.) Set the delay time for responding to recursive next hop changes.

nexthop recursive-lookup [ non-critical-event ] delay [ delay-value ]

By default, BGP responds to recursive next hop changes immediately.

8. Configure BGP route reflection settings:

a. Configure the device as an RR and specify a peer or peer group as its client.

peer { group-name | ipv4-address [ mask-length ] } reflect-client

By default, no RR or client is configured.

b. (Optional.) Enable BGP EVPN route reflection between clients.

reflect between-clients

By default, BGP EVPN route reflection between clients is enabled.

c. (Optional.) Configure the cluster ID of the RR.

reflector cluster-id { cluster-id | ipv4-address }

By default, an RR uses its own router ID as the cluster ID.

d. (Optional.) Create a reflection policy for the RR to filter reflected BGP EVPN routes.

rr-filter { ext-comm-list-number | ext-comm-list-name }

By default, an RR does not filter reflected BGP EVPN routes.

e. (Optional.) Create a reflection policy for the RR to filter reflected BGP EVPN routes.

reflect change-path-attribute

By default, an RR does not filter reflected BGP EVPN routes.

f. (Optional.) Add a peer or peer group to the nearby cluster.

peer { group-name | ipv4-address [ mask-length ] } reflect-nearby-group

By default, the nearby cluster does not have any peers or peer groups.

The RR does not change the next hop of routes reflected to peers or peer groups in the nearby cluster.

9. Configure the device to not change the next hop of routes advertised to an EBGP peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } next-hop-invariable

By default, the device uses its address as the next hop of routes advertised to EBGP peers.

10. Apply a routing policy to routes received from or advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } route-policy route-policy-name { export | import }

By default, no routing policies are applied to routes received from or advertised to peers or peer groups.

11. Advertise the COMMUNITY attribute to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } advertise-community

By default, the device does not advertise the COMMUNITY attribute to peers or peer groups.

12. Configure the BGP additional path feature.

¡ Configure the BGP additional path capabilities.

peer { group-name | ipv4-address [ mask-length ] } additional-paths { receive | send } *

By default, no BGP additional path capabilities are configured.

¡ Set the maximum number of Add-Path optimal routes that can be advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } advertise additional-paths best number

By default, a maximum number of one Add-Path optimal route can be advertised to a peer or peer group.

¡ Set the maximum number of Add-Path optimal routes that can be advertised to all peers.

additional-paths select-best best-number

By default, a maximum number of one Add-Path optimal route can be advertised to all peers.

Maintaining BGP sessions

Perform the following tasks in user view:

· Reset BGP sessions of the BGP EVPN address family.

reset bgp [ instance instance-name ] { as-number | ipv4-address [ mask-length ] | all | external | group group-name | internal } l2vpn evpn

· Soft-reset BGP sessions of the BGP EVPN address family.

refresh bgp [ instance instance-name ] { ipv4-address [ mask-length ] | all | external | group group-name | internal } { export | import } l2vpn evpn

Configuring a PW class

About this task

In a PW class, you can configure PW attributes such as the PW data encapsulation type, and whether to enable control word. To simplify PW attribute configuration for PWs, you can configure a PW class and apply the PW class to the PWs.

Restrictions and guidelines

Make sure the same data encapsulation type is configured for the two PEs that are connected by the same PW.

For correct PW setup, make sure the status of the control word feature is the same on the two PEs that are connected by the same PW.

For more information about PW class commands, see MPLS L2VPN in MPLS Command Reference.

Procedure

1. Enter system view.

system-view

2. Create a PW class and enter PW class view.

pw-class class-name

3. Enable control word.

control-word enable

By default, control word is disabled.

4. Specify the PW data encapsulation type.

pw-type { ethernet | vlan }

By default, the PW data encapsulation type is VLAN.

Configuring EVPN VPLS multihoming

Restrictions and guidelines for EVPN VPLS multihoming

In a multihomed site, AC configuration must be consistent on redundant PEs of the same ES.

Assigning an ESI to an interface

About this task

An ESI uniquely identifies an ES. The links on interfaces with the same ESI belong to the same ES. Traffic of the ES can be distributed among the links for load sharing.

Procedure

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Assign an ESI to the interface.

esi esi-id

By default, no ESI is assigned to an interface.

Setting the DF election delay

About this task

The DF election can be triggered by site-facing interface status changes, redundant PE membership changes, and interface ESI changes. To prevent frequent DF elections from degrading network performance, set the DF election delay. The DF election delay defines the minimum interval allowed between two DF elections.

Procedure

1. Enter system view.

system-view

2. Set the DF election delay.

evpn multihoming timer df-delay delay-value

By default, the DF election delay is 3 seconds.

Setting the advertisement delay timer for Ethernet auto-discovery routes

About this task

The advertisement delay timer for Ethernet auto-discovery routes helps reduce the traffic loss caused by a PE reboot at a multihomed EVPN VPLS network site.

At a multihomed EVPN VPLS network site, CE 1 is dualhomed to PE 1 and PE 2 through an aggregate link or smart trunk, and PE 3 is at a remote site. PE 1 forwards all traffic sent from CE 1 to the remote site, and PE 3 forwards the traffic that the remote site sends to CE 1 to both PE 1 and PE 2. When PE 1 reboots, it advertises Ethernet auto-discovery routes that carry next hop information to PE 3. If PE 3 has not received the MAC/IP advertisement routes advertised by PE 2 when receiving the Ethernet auto-discovery routes, it will forward traffic to both PE 1 and PE 2. In this situation, PE 1 does not have MAC address entries for CE 1 and drops the traffic.

To resolve this issue, set the advertisement delay timer for Ethernet auto-discovery routes on the CE-facing interface of PE 1. This timer allows PE 3 to receive the MAC/IP advertisement routes advertised by PE 2 before the Ethernet auto-discovery routes advertised by PE 1 and update its MAC address table timely.

Procedure

1. Enter system view.

system-view

2. Enable interface view.

interface interface-type interface-number

3. Set the advertisement delay timer for Ethernet auto-discovery routes.

evpn timer ad-delay delay-time

By default, advertisement of Ethernet auto-discovery routes is not delayed.

Disabling advertisement of EVPN multihoming routes

About this task

EVPN multihoming routes include Ethernet auto-discovery routes and Ethernet segment routes.

In a multihomed EVPN network, perform this task on a redundant PE before you reboot it. This operation allows other PEs to refresh their EVPN routing table to prevent traffic interruption caused by the reboot.

Procedure

1. Enter system view.

system-view

2. Disable advertisement of EVPN multihoming routes and withdraw the EVPN multihoming routes that have been advertised to remote sites.

evpn multihoming advertise disable

By default, the device advertises EVPN multihoming routes.

Ignoring the Ethernet tag on advertisement of Ethernet auto-discovery and MAC/IP advertisement routes

About this task

Perform this task on the redundant PEs at a dualhomed site.

This task enables the device to perform the following operations:

· Withdraw the Ethernet auto-discovery routes and MAC/IP advertisement routes that have been advertised.

· Set the Ethernet tag to 0 for the Ethernet auto-discovery routes and MAC/IP advertisement routes and re-advertise them.

After you configure ESIs for ACs on the redundant PEs at a dualhomed site, the PEs carry Ethernet tags in Ethernet auto-discovery and MAC/IP advertisement routes advertised to remote sites. If the remote peers are unable to identify Ethernet tags, you must perform this task on the redundant PEs to enable communication with the peers.

Restrictions and guidelines

After you assign an ESI to a Layer 3 main interface, its subinterfaces inherit the ESI if they do not have one. In addition, you must map two subinterfaces to different VSIs if the subinterfaces have the same ESI.

Procedure

1. Enter system view.

system-view

2. Enable the device to ignore the Ethernet tag when advertising Ethernet auto-discovery routes and MAC/IP advertisement routes.

evpn multihoming advertise ignore-ethernet-tag

By default, the device advertises Ethernet auto-discovery routes and MAC/IP advertisement routes that carry Ethernet tags.

Enabling the device to monitor the BGP peer status of another local edge device

About this task

Perform this task on the CE-facing interfaces of the edge devices multihomed to a site to prevent device reboots from causing inter-site forwarding failure.

This task excludes unavailable edge devices from DF election at a multihomed site. After an edge device recovers from failure and brings up its CE-facing interface, it starts a delay timer and checks the status of the BGP peer specified in the evpn track peer command. If the BGP peer comes up before the timer expires, the edge device advertises Ethernet segment routes to the peer. If the BGP peer is still down when the timer expires, the edge device does not advertise Ethernet segment routes to the peer. The edge devices then perform DF election based on the Ethernet segment routes they have received.

Procedure

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Enable the device to monitor the BGP peer status of another local edge device.

evpn track peer peer-address

By default, the device does not monitor the BGP peer status of the other edge devices at a multihomed site.

Managing remote MAC address entries and remote ARP learning

Disabling MAC address advertisement

About this task

The MAC information and ARP or ND information advertised by the PE overlap. To avoid duplication, disable MAC address advertisement and withdraw the MAC addresses advertised to remote PEs.

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter EVPN instance view.

evpn encapsulation mpls

4. Disable MAC address advertisement and withdraw advertised MAC addresses.

mac-advertising disable

By default, MAC address advertisement is enabled.

Disabling learning of MAC addresses from ARP information

About this task

The MAC information and ARP information advertised by a remote PE overlap. To avoid duplication, disable the learning of MAC addresses from ARP information. EVPN will learn remote MAC addresses only from the MAC information advertised from remote sites.

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter EVPN instance view.

evpn encapsulation mpls

4. Disable the EVPN instance from learning MAC addresses from ARP information.

arp mac-learning disable

By default, an EVPN instance learns MAC addresses from ARP information.

Enabling packet statistics for an AC

Restrictions and guidelines for AC packet statistics

For the ac statistics enable command to take effect on a Layer 3 interface, you must map the Layer 3 interface to a VSI. When you modify the VSI mapping, the packet statistics of the interface are cleared. To display the statistics, use the display l2vpn interface verbose command.

To clear packet statistics for ACs, use the reset l2vpn statistics ac command.

Enabling packet statistics for a Layer 3 interface

1. Enter system view.

system-view

2. Enter interface view.

¡ Enter Layer 3 Ethernet interface view.

interface interface-type interface-number

¡ Enter Layer 3 aggregate interface view.

interface route-aggregation interface-number

3. Enable packet statistics for the Layer 3 interface.

ac statistics enable

By default, the packet statistics feature is disabled for Layer 3 interfaces that act as ACs.

Enabling EVPN E-tree

About this task

Use EVPN E-tree to isolate traffic between ACs based on the AC roles. This feature can better control AC access and improve security.

Procedure

1. Enter system view.

system-view

2. Enter VSI view.

vsi vsi-name

3. Enter VSI EVPN instance view.

evpn encapsulation mpls

4. Enable EVPN E-tree.

e-tree enable

By default, EVPN E-tree is disabled.

5. Return to system view.

quit

6. Execute the following commands to configure a Layer 3 interface as a leaf AC:

a. Enter Layer 3 interface view.

interface interface-type interface-number

b. Configure the AC as a leaf AC.

xconnect vsi vsi-name leaf

If you do not specify the leaf keyword for an AC, the AC acts as a root AC.

Enabling SNMP notifications for L2VPN PWs

About this task

This feature enables L2VPN to generate SNMP notifications when PW deletions, PW switchovers, or PW status changes occur. For L2VPN event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

Procedure

1. Enter system view.

system-view

2. Enable SNMP notifications for L2VPN PWs.

snmp-agent trap enable l2vpn [ pw-delete | pw-switch | pw-up-down ] *

By default, SNMP notifications for L2VPN PWs are disabled.

Display and maintenance commands for EVPN VPLS

Execute display commands in any view.

For more information about the following BGP commands, see Layer 3—IP Routing Command Reference:

· display bgp group.

· display bgp peer.

· display bgp update-group.

Task	Command
Display BGP peer group information.	display bgp [ instance instance-name ] group l2vpn evpn [ group-name group-name ]
Display BGP EVPN routes.	display bgp [ instance instance-name ] l2vpn evpn [ peer ipv4-address { advertised-routes \| received-routes } [ statistics ] \| route-distinguisher route-distinguisher [ route-type { auto-discovery \| es \| imet \| ip-prefix \| mac-ip } ] [ evpn-route route-length [ advertise-info ] ] \| route-type { auto-discovery \| es \| imet \| ip-prefix \| mac-ip } \| statistics ]
Display BGP peer or peer group information.	display bgp [ instance instance-name ] peer l2vpn evpn [ ipv4-address mask-length \| { ipv4-address \| group-name group-name } log-info \| [ ipv4-address ] verbose ]
Display information about BGP update groups.	display bgp [ instance instance-name ] update-group l2vpn evpn [ ipv4-address ]
Display information about peers that are automatically discovered through BGP.	display evpn auto-discovery { { imet \| mac-ip } [ mpls ] [ peer ip-address] [ vsi vsi-name ] \| macip-prefix [ nexthop next-hop ] [ count ] }
Display EVPN ES information.	display evpn es { local [ vsi vsi-name ] [ esi esi-id ] [ verbose ] \| remote [ vsi vsi-name ] [ esi esi-id ] [ nexthop next-hop ] }
Display EVPN ARP entries.	display evpn route arp [ local \| remote ] [ vpn-instance vpn-instance-name ] [ count ]
Display EVPN MAC address entries.	display evpn route mac [ mpls ] [ local \| remote ] [ vsi vsi-name ] [ count ]
Display EVPN ND entries.	display evpn route nd [ local \| remote ] [ vpn-instance vpn-instance-name ] [ count ]
Display the routing table for a VPN instance.	display evpn routing-table vpn-instance vpn-instance-name [ count ]
Display EVPN VSI information.	display evpn vsi [ name vsi-name ] [ verbose ]
Display site-facing interfaces excluded from traffic forwarding by split horizon.	display l2vpn forwarding evpn split-horizon [ slot slot-number ]
Display information about EVPN VPLS forwarding.	display l2vpn forwarding evpn vsi [ name vsi-name ] [ slot slot-number ] [ verbose ]

‌

EVPN VPLS configuration examples

Example: Configuring EVPN VPLS between singlehomed sites

Network configuration

As shown in Figure 5, set up a path between PE 1 and PE 2 for the CEs in site 1 and site 2 to communicate through EVPN VPLS over the MPLS or IP backbone network.

Figure 5 Network diagram

‌

Device	Interface	IP address	Device	Interface	IP address
CE 1	GE1/0/12	10.1.1.10/24	P	Loop0	3.3.3.3/32
PE 1	Loop0	1.1.1.1/32		GE1/0/12	11.1.1.2/24
	GE1/0/12	N/A		GE1/0/13	11.1.2.2/24
	GE1/0/13	11.1.1.1/24	PE 2	Loop0	2.2.2.2/32
CE 2	GE1/0/12	10.1.1.20/24		GE1/0/12	N/A
				GE1/0/13	11.1.2.1/24

Procedure

1. Configure CE 1.

<CE1> system-view

[CE1] interface gigabitethernet 1/0/12

[CE1-GigabitEthernet1/0/12] ip address 10.1.1.10 24

[CE1-GigabitEthernet1/0/12] quit

2. Configure PE 1:

# Configure the LSR ID.

<PE1> system-view

[PE1] interface loopback 0

[PE1-LoopBack0] ip address 1.1.1.1 32

[PE1-LoopBack0] quit

[PE1] mpls lsr-id 1.1.1.1

# Enable L2VPN.

[PE1] l2vpn enable

# Enable global LDP.

[PE1] mpls ldp

[PE1-ldp] quit

# Configure GigabitEthernet 1/0/13 (the interface connected to the P device), and enable LDP on the interface.

[PE1] interface gigabitethernet 1/0/13

[PE1-GigabitEthernet1/0/13] ip address 11.1.1.1 24

[PE1-GigabitEthernet1/0/13] mpls enable

[PE1-GigabitEthernet1/0/13] mpls ldp enable

[PE1-GigabitEthernet1/0/13] quit

# Configure OSPF for LDP to create LSPs.

[PE1] ospf

[PE1-ospf-1] area 0

[PE1-ospf-1-area-0.0.0.0] network 11.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0

[PE1-ospf-1-area-0.0.0.0] quit

[PE1-ospf-1] quit

# Create an IBGP connection to PE 2, and enable BGP to advertise L2VPN information to PE 2.

[PE1] bgp 100

[PE1-bgp-default] peer 2.2.2.2 as-number 100

[PE1-bgp-default] peer 2.2.2.2 connect-interface loopback 0

[PE1-bgp-default] address-family l2vpn evpn

[PE1-bgp-default-evpn] peer 2.2.2.2 enable

[PE1-bgp-default-evpn] peer 2.2.2.2 advertise encap-type mpls

[PE1-bgp-default-evpn] quit

[PE1-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE1] vsi vpna

[PE1-vsi-vpna] evpn encapsulation mpls

[PE1-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE1-vsi-vpna-evpn-mpls] quit

[PE1-vsi-vpna] quit

# Map GigabitEthernet 1/0/12 (the interface connected to CE 1) to VSI vpna.

[PE1] interface gigabitethernet 1/0/12

[PE1-GigabitEthernet1/0/12] xconnect vsi vpna

[PE1-GigabitEthernet1/0/12] quit

3. Configure the P device:

# Configure the LSR ID.

<P> system-view

[P] interface loopback 0

[P-LoopBack0] ip address 3.3.3.3 32

[P-LoopBack0] quit

[P] mpls lsr-id 3.3.3.3

# Enable global LDP.

[P] mpls ldp

[P-ldp] quit

# Configure GigabitEthernet 1/0/12 (the interface connected to PE 1), and enable LDP on the interface.

[P] interface gigabitethernet 1/0/12

[P-GigabitEthernet1/0/12] ip address 11.1.1.2 24

[P-GigabitEthernet1/0/12] mpls enable

[P-GigabitEthernet1/0/12] mpls ldp enable

[P-GigabitEthernet1/0/12] quit

# Configure GigabitEthernet 1/0/13 (the interface connected to PE 2), and enable LDP on the interface.

[P] interface gigabitethernet 1/0/13

[P-GigabitEthernet1/0/13] ip address 11.1.2.2 24

[P-GigabitEthernet1/0/13] mpls enable

[P-GigabitEthernet1/0/13] mpls ldp enable

[P-GigabitEthernet1/0/13] quit

# Configure OSPF for LDP to create LSPs.

[P] ospf

[P-ospf-1] area 0

[P-ospf-1-area-0.0.0.0] network 11.1.1.0 0.0.0.255

[P-ospf-1-area-0.0.0.0] network 11.1.2.0 0.0.0.255

[P-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0

[P-ospf-1-area-0.0.0.0] quit

[P-ospf-1] quit

4. Configure PE 2:

# Configure the LSR ID.

<PE2> system-view

[PE2] interface loopback 0

[PE2-LoopBack0] ip address 2.2.2.2 32

[PE2-LoopBack0] quit

[PE2] mpls lsr-id 2.2.2.2

# Enable L2VPN.

[PE2] l2vpn enable

# Enable global LDP.

[PE2] mpls ldp

[PE2-ldp] quit

# Configure GigabitEthernet 1/0/13 (the interface connected to the P device), and enable LDP on the interface.

[PE2] interface gigabitethernet 1/0/13

[PE2-GigabitEthernet1/0/13] ip address 11.1.2.1 24

[PE2-GigabitEthernet1/0/13] mpls enable

[PE2-GigabitEthernet1/0/13] mpls ldp enable

[PE2-GigabitEthernet1/0/13] quit

# Configure OSPF for LDP to create LSPs.

[PE2] ospf

[PE2-ospf-1] area 0

[PE2-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0

[PE2-ospf-1-area-0.0.0.0] network 11.1.2.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] quit

[PE2-ospf-1] quit

# Create an IBGP connection to PE 1, and enable BGP to advertise L2VPN information to PE 1.

[PE2] bgp 100

[PE2-bgp-default] peer 1.1.1.1 as-number 100

[PE2-bgp-default] peer 1.1.1.1 connect-interface loopback 0

[PE2-bgp-default] address-family l2vpn evpn

[PE2-bgp-default-evpn] peer 1.1.1.1 enable

[PE2-bgp-default-evpn] peer 1.1.1.1 advertise encap-type mpls

[PE2-bgp-default-evpn] quit

[PE2-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE2] vsi vpna

[PE2-vsi-vpna] evpn encapsulation mpls

[PE2-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE2-vsi-vpna-evpn-mpls] quit

[PE2-vsi-vpna] quit

# Map GigabitEthernet 1/0/12 (the interface connected to CE 2) to VSI vpna.

[PE2] interface gigabitethernet 1/0/12

[PE2-GigabitEthernet1/0/12] xconnect vsi vpna

[PE2-GigabitEthernet1/0/12] quit

5. Configure CE 2.

<CE2> system-view

[CE2] interface gigabitethernet 1/0/12

[CE2-GigabitEthernet1/0/12] ip address 10.1.1.20 24

[CE2-GigabitEthernet1/0/12] quit

Verifying the configuration

# Verify that an EVPN PW has been established between PE 1 and PE 2.

[PE1] display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 1

1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI Name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

2.2.2.2 - 775127/775127 EVPN M 8 Up

# Display PW information on PE 2.

[PE2] display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 1

1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI Name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

1.1.1.1 - 775127/775127 EVPN M 8 Up

# Verify that CE 1 and CE 2 can ping each other. (Details not shown.)

Example: Configuring EVPN VPLS multihoming

Network configuration

As shown in Figure 6, configure EVPN VPLS for dualhomed site 1 and singlehomed site 2 to communicate over the MPLS or IP backbone network.

Figure 6 Network diagram

‌

Device	Interface	IP address	Device	Interface	IP address
PE 1	Loop0	192.1.1.1/32	CE 1	RAGG1	100.1.1.1/24
	GE1/0/12	N/A	CE 2	GE1/0/12	100.1.1.2/24
	GE1/0/13	10.1.1.1/24	PE 3	Loop0	192.3.3.3/32
	GE1/0/14	10.1.3.1/24		GE1/0/12	N/A
PE 2	Loop0	192.2.2.2/32		GE1/0/13	10.1.1.2/24
	GE1/0/12	N/A		GE1/0/14	10.1.2.2/24
	GE1/0/13	10.1.2.1/24
	GE1/0/14	10.1.3.2/24

Procedure

1. Configure CE 1:

# Create static Layer 3 aggregate interface 1 and assign it an IP address.

<CE1> system-view

[CE1] interface route-aggregation 1

[CE1-Route-Aggregation1] ip address 100.1.1.1 24

[CE1-Route-Aggregation1] quit

# Assign GigabitEthernet 1/0/12 and GigabitEthernet 1/0/13 to aggregation group 1.

[CE1] interface gigabitethernet 1/0/12

[CE1-GigabitEthernet1/0/12] port link-aggregation group 1

[CE1-GigabitEthernet1/0/12] quit

[CE1] interface gigabitethernet 1/0/13

[CE1-GigabitEthernet1/0/13] port link-aggregation group 1

[CE1-GigabitEthernet1/0/13] quit

2. Configure PE 1:

# Configure the LSR ID.

<PE1> system-view

[PE1] interface loopback 0

[PE1-LoopBack0] ip address 192.1.1.1 32

[PE1-LoopBack0] quit

[PE1] mpls lsr-id 192.1.1.1

# Enable L2VPN.

[PE1] l2vpn enable

# Enable global LDP.

[PE1] mpls ldp

[PE1-ldp] quit

# Configure GigabitEthernet 1/0/13 (the interface connected to PE 3), and enable LDP on the interface.

[PE1] interface gigabitethernet 1/0/13

[PE1-GigabitEthernet1/0/13] ip address 10.1.1.1 24

[PE1-GigabitEthernet1/0/13] mpls enable

[PE1-GigabitEthernet1/0/13] mpls ldp enable

[PE1-GigabitEthernet1/0/13] quit

# Configure GigabitEthernet 1/0/14 (the interface connected to PE 2), and enable LDP on the interface.

[PE1] interface gigabitethernet 1/0/14

[PE1-GigabitEthernet1/0/14] ip address 10.1.3.1 24

[PE1-GigabitEthernet1/0/14] mpls enable

[PE1-GigabitEthernet1/0/14] mpls ldp enable

[PE1-GigabitEthernet1/0/14] quit

# Configure OSPF for LDP to create LSPs.

[PE1] ospf

[PE1-ospf-1] area 0

[PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0] network 192.1.1.1 0.0.0.0

[PE1-ospf-1-area-0.0.0.0] quit

[PE1-ospf-1] quit

# Create IBGP connections to PE 2 and PE 3, and enable BGP to advertise routes to PE 2 and PE 3.

[PE1] bgp 100

[PE1-bgp-default] peer 192.2.2.2 as-number 100

[PE1-bgp-default] peer 192.2.2.2 connect-interface loopback 0

[PE1-bgp-default] peer 192.3.3.3 as-number 100

[PE1-bgp-default] peer 192.3.3.3 connect-interface loopback 0

[PE1-bgp-default] address-family l2vpn evpn

[PE1-bgp-default-evpn] peer 192.2.2.2 enable

[PE1-bgp-default-evpn] peer 192.3.3.3 enable

[PE1-bgp-default-evpn] peer 192.2.2.2 advertise encap-type mpls

[PE1-bgp-default-evpn] peer 192.3.3.3 advertise encap-type mpls

[PE1-bgp-default-evpn] quit

[PE1-bgp-default] quit

# Assign an ESI to GigabitEthernet 1/0/12.

[PE1] interface gigabitethernet 1/0/12

[PE1-GigabitEthernet1/0/12] esi 1.1.1.1.1

[PE1-GigabitEthernet1/0/12] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE1] vsi vpna

[PE1-vsi-vpna] evpn encapsulation mpls

[PE1-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE1-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE1-vsi-vpna-evpn-mpls] quit

[PE1-vsi-vpna] quit

# Map GigabitEthernet 1/0/12 (the interface connected to CE 1) to VSI vpna.

[PE1] interface gigabitethernet 1/0/12

[PE1-GigabitEthernet1/0/12] xconnect vsi vpna

[PE1-GigabitEthernet1/0/12] quit

3. Configure PE 2:

# Configure the LSR ID.

<PE2> system-view

[PE2] interface loopback 0

[PE2-LoopBack0] ip address 192.2.2.2 32

[PE2-LoopBack0] quit

[PE2] mpls lsr-id 192.2.2.2

# Enable L2VPN.

[PE2] l2vpn enable

# Enable global LDP.

[PE2] mpls ldp

[PE2-ldp] quit

# Configure GigabitEthernet 1/0/13 (the interface connected to PE 3), and enable LDP on the interface.

[PE2] interface gigabitethernet 1/0/13

[PE2-GigabitEthernet1/0/13] ip address 10.1.2.1 24

[PE2-GigabitEthernet1/0/13] mpls enable

[PE2-GigabitEthernet1/0/13] mpls ldp enable

[PE2-GigabitEthernet1/0/13] quit

# Configure GigabitEthernet 1/0/14 (the interface connected to PE 1), and enable LDP on the interface.

[PE2] interface gigabitethernet 1/0/14

[PE2-GigabitEthernet1/0/14] ip address 10.1.3.2 24

[PE2-GigabitEthernet1/0/14] mpls enable

[PE2-GigabitEthernet1/0/14] mpls ldp enable

[PE2-GigabitEthernet1/0/14] quit

# Configure OSPF for LDP to create LSPs.

[PE2] ospf

[PE2-ospf-1] area 0

[PE2-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 10.1.3.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0

[PE2-ospf-1-area-0.0.0.0] quit

[PE2-ospf-1] quit

# Create IBGP connections to PE 1 and PE 3, and enable BGP to advertise routes to PE 1 and PE 3.

[PE2] bgp 100

[PE2-bgp-default] peer 192.1.1.1 as-number 100

[PE2-bgp-default] peer 192.1.1.1 connect-interface loopback 0

[PE2-bgp-default] peer 192.3.3.3 as-number 100

[PE2-bgp-default] peer 192.3.3.3 connect-interface loopback 0

[PE2-bgp-default] address-family l2vpn evpn

[PE2-bgp-default-evpn] peer 192.1.1.1 enable

[PE2-bgp-default-evpn] peer 192.3.3.3 enable

[PE2-bgp-default-evpn] peer 192.1.1.1 advertise encap-type mpls

[PE2-bgp-default-evpn] peer 192.3.3.3 advertise encap-type mpls

[PE2-bgp-default-evpn] quit

[PE2-bgp-default] quit

# Assign an ESI to GigabitEthernet 1/0/12.

[PE2] interface gigabitethernet 1/0/12

[PE2-GigabitEthernet1/0/12] esi 1.1.1.1.1

[PE2-GigabitEthernet1/0/12] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE2] vsi vpna

[PE2-vsi-vpna] evpn encapsulation mpls

[PE2-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE2-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE2-vsi-vpna-evpn-mpls] quit

[PE2-vsi-vpna] quit

# Map GigabitEthernet 1/0/12 (the interface connected to CE 1) to VSI vpna.

[PE2] interface gigabitethernet 1/0/12

[PE2-GigabitEthernet1/0/12] xconnect vsi vpna

[PE2-GigabitEthernet1/0/12] quit

4. Configure PE 3:

# Configure the LSR ID.

<PE3> system-view

[PE3] interface loopback 0

[PE3-LoopBack0] ip address 192.3.3.3 32

[PE3-LoopBack0] quit

[PE3] mpls lsr-id 192.3.3.3

# Enable L2VPN.

[PE3] l2vpn enable

# Enable global LDP.

[PE3] mpls ldp

[PE3-ldp] quit

# Configure GigabitEthernet 1/0/13 (the interface connected to PE 1) and GigabitEthernet 1/0/14 (the interface connected to PE 2), and enable LDP on the interfaces.

[PE3] interface gigabitethernet 1/0/13

[PE3-GigabitEthernet1/0/13] ip address 10.1.1.2 24

[PE3-GigabitEthernet1/0/13] mpls enable

[PE3-GigabitEthernet1/0/13] mpls ldp enable

[PE3-GigabitEthernet1/0/13] quit

[PE3] interface gigabitethernet 1/0/14

[PE3-GigabitEthernet1/0/14] ip address 10.1.2.2 24

[PE3-GigabitEthernet1/0/14] mpls enable

[PE3-GigabitEthernet1/0/14] mpls ldp enable

[PE3-GigabitEthernet1/0/14] quit

# Configure OSPF for LDP to create LSPs.

[PE3] ospf

[PE3-ospf-1] area 0

[PE3-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0

[PE3-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255

[PE3-ospf-1-area-0.0.0.0] quit

[PE3-ospf-1] quit

# Create IBGP connections to PE 1 and PE 2, and enable BGP to advertise routes to PE 1 and PE 2.

[PE3] bgp 100

[PE3-bgp-default] peer 192.1.1.1 as-number 100

[PE3-bgp-default] peer 192.1.1.1 connect-interface loopback 0

[PE3-bgp-default] peer 192.2.2.2 as-number 100

[PE3-bgp-default] peer 192.2.2.2 connect-interface loopback 0

[PE3-bgp-default] address-family l2vpn evpn

[PE3-bgp-default-evpn] peer 192.1.1.1 enable

[PE3-bgp-default-evpn] peer 192.2.2.2 enable

[PE3-bgp-default-evpn] peer 192.1.1.1 advertise encap-type mpls

[PE3-bgp-default-evpn] peer 192.2.2.2 advertise encap-type mpls

[PE3-bgp-default-evpn] quit

[PE3-bgp-default] quit

# Create VSI vpna, create an EVPN instance on the VSI, enable MPLS encapsulation, and configure an RD and route targets for the EVPN instance.

[PE3] vsi vpna

[PE3-vsi-vpna] evpn encapsulation mpls

[PE3-vsi-vpna-evpn-mpls] route-distinguisher 1:1

[PE3-vsi-vpna-evpn-mpls] vpn-target 1:1 export-extcommunity

[PE3-vsi-vpna-evpn-mpls] vpn-target 1:1 import-extcommunity

[PE3-vsi-vpna-evpn-mpls] quit

[PE3-vsi-vpna] quit

# Map GigabitEthernet 1/0/12 (the interface connected to CE 2) to VSI vpna.

[PE3] interface gigabitethernet 1/0/12

[PE3-GigabitEthernet1/0/12] xconnect vsi vpna

[PE3-GigabitEthernet1/0/12] quit

5. Configure CE 2.

<CE2> system-view

[CE2] interface gigabitethernet 1/0/12

[CE2-GigabitEthernet1/0/12] ip address 100.1.1.2 24

[CE2-GigabitEthernet1/0/12] quit

Verifying the configuration

# Verify that PE 1 has established EVPN PWs to PE 2 and PE 3.

<PE1> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

1 up, 1 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.3.3.3 - 710263/710265 EVPN M 8 Up

192.2.2.2 - 710263/710124 EVPN M 9 Up

# Verify that PE 1 has local ES information.

<PE1> display evpn es local

Redundancy mode: A - All-active, S - Single-active

VSI name : vpna

ESI Tag ID DF address Mode State ESI label

0001.0001.0001.0001.0001 - 192.1.1.1 A Up 775128

# Verify that PE 1 has remote ES information.

<Sysname> display evpn es remote

Control Flags: P - Primary, B - Backup, C - Control word

VSI name : vpna

ESI : 0001.0001.0001.0001.0001

Ethernet segment routes :

192.2.2.2

A-D per ES routes :

Peer IP Remote Redundancy mode

192.2.2.2 All-active

A-D per EVI routes :

Tag ID Peer IP Control Flags

- 192.2.2.2 B

# Verify that PE 2 has established EVPN PWs to PE 1 and PE 3.

<PE2> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

1 up, 1 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.1.1.1 - 710124/710263 EVPN M 8 Up

192.3.3.3 - 710124/710265 EVPN M 9 Up

# Verify that PE 3 has established EVPN PWs to PE 1 and PE 2.

<PE3> display l2vpn pw

Flags: M - main, B - backup, E - ecmp, BY - bypass, H - hub link, S - spoke link

N - no split horizon, A - administration, ABY - ac-bypass

PBY - pw-bypass

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

VSI name: vpna

Peer PWID/RmtSite/SrvID In/Out Label Proto Flag Link ID State

192.1.1.1 - 710265/710263 EVPN M 8 Up

192.2.2.2 - 710265/710124 EVPN M 9 Up

# Verify that CE 1 and CE 2 can ping each other when the PW on PE 1 or PE 2 fails. (Details not shown.)

14-EVPN Configuration Guide

EVPN VPLS network model

Source MAC address learning

MAC address aging

MAC address withdrawal

Unicast traffic forwarding

About EVPN VPLS multihoming

Redundancy mode

MAC mobility

About this task

Procedure

About this task

Procedure

About this task

Procedure

About this task

Restrictions and guidelines

Procedure

Restrictions and guidelines for EVPN VPLS multihoming

About this task

Procedure

About this task

Procedure

About this task

Procedure

About this task

Procedure

About this task

Restrictions and guidelines

Procedure

About this task

Procedure

About this task

Procedure

About this task

Procedure

About this task

Procedure

Enabling SNMP notifications for L2VPN PWs

About this task

Procedure

Network configuration

Procedure

Verifying the configuration

Example: Configuring EVPN VPLS multihoming

Network configuration

Procedure

Verifying the configuration

Intelligent Terminal Products

Product Support Services

Technical Service Solutions

Resource Center

Policy

Online Help

Become a Partner

Partner Policy & Program

Global Learning

Partner Sales Resources

Service Business

News & Events

Contact Us