ACE L3 Underlay

Page content

VXLAN/EVPN - BGP underlay

Design Options

using IGPs

In case you need IGPs choose IBGP as an overlay and any IGP (ospf, is-is, etc.) for the underlay.

using BGP in the underlay

If your vendor offers a easy and robust implementetion of EVPN over eBGP go for an eBGP-only EVPN implementation.

  • spine switches should not be involved in intra-fabric traffic forwarding
  • the BGP-next hop in an EVPN update must not be changed (next-hop-unchaganged) on the path between egress and ingress switch.
  • the BGP-next hop should always point to the egress fabric switch.

source: ipSpace bgp evpn

LAB topology

Lab Topo

Spine config

service routing protocols model multi-agent
!
interface Ethernet1
   no switchport
   ip address 10.0.0.1/30
interface Ethernet2
   no switchport
   ip address 10.0.0.5/30
interface Ethernet3
   no switchport
   ip address 10.0.0.9/30
interface Ethernet4
   no switchport
   ip address 10.0.0.13/30
interface Loopback 0
   ip address 10.0.255.1/32
!
router bgp 65100
   maximum-paths 2 ecmp 2
   neighbor leaf1 peer group
   neighbor leaf1 remote-as 65011
   neighbor leaf1 maximum-routes 12000
   neighbor leaf2 peer group
   neighbor leaf2 remote-as 65013
   neighbor leaf2 maximum-routes 12000
   neighbor leaf1 send-community
   neighbor leaf2 send-community
   neighbor 10.0.0.2 peer group leaf1
   neighbor 10.0.0.6 peer group leaf1
   neighbor 10.0.0.10 peer group leaf2
   neighbor 10.0.0.14 peer group leaf2
   redistribute connected
   !
   address-family ipv4
      network 10.0.0.1/32
      network 0.0.0.0/0

Leaf1a config

vlan 4093
   name mlag-ibgp
   trunk group mlag-peer
vlan 4094
   name mlag-peer
   trunk group mlag-peer
no spanning-tree vlan 4094
!
interface Ethernet1
   no switchport
   ip address 10.0.0.2/30
interface Ethernet2
   no switchport
   ip address 10.0.0.130/30
interface Ethernet3
   desc MLAG Peer
   switchport mode trunk
   switchport trunk group mlag-peer
   spanning-tree link-type point-to-point
interface Loopback 0
   ip address 10.0.255.11/32
interface vlan 4093
   ip address 10.0.249.0/31
   no autostate
   no shut
interface vlan 4094
   ip address 10.0.250.0/31
   no autostate
   no shut
!
mlag configuration
   domain-id leafs
   peer-link ethernet3
   local-interface vlan 4094
   peer address 10.0.250.1
   no shut
!
router bgp 65011
   router id 10.0.255.11
   maximum-paths 2 ecmp 2
   neighbor spines peer group
   neighbor spines remote-as 65001
   neighbor spines maximum-routes 12000
   neighbor ibgp-peer remote as 65011
   neighbor ibgp-peer maximum-routes 12000
   neighbor ibgp-peer next-hop-self
   neighbor 10.0.249.1 peer group ibgp-peer
   neighbor 10.0.0.1 peer group spines
   neighbor 10.0.1.1 peer group spines
   network 10.0.0.0/16
   network 10.0.255.11/32

use route maps for redistribution

ip prefix-list loopback0
   seq 10 permit 10.0.1.0/24 ge 32
!
route-map redist-l0 permit 10
   match ip address prefix-list loopback0
!

router bgp 650xx
   redistribute connected route-map redist-l0