HomeNetworkingHuaweiL2 EVPN Implementation on Huawei Routers.

L2 EVPN Implementation on Huawei Routers.

L2 EVPN Implementation on Huawei Routers.

  • February 16, 2025
  • Posted by: James Majani
  • Categories: Huawei, Networking
No Comments

EVPN Basic concepts.

EVPN is a next-generation full-service bearer VPN solution. It subverts the traditional L2VPN’s mechanism of learning MAC addresses on the forwarding plane, introduces the control plane, and uses BGP extensions to transmit MAC address information. Based on MP-BGP, EVPN defines a series of new BGP EVPN route types that enable different sites to learn MAC addresses from each other.

BGP EVPN routes are classified into the following types:

Ethernet auto-discovery route/ Type 1 route
An Ethernet auto-discovery route advertises the reachability of the local PE to the MAC addresses of its connected sites. This route is mainly used in fast convergence, redundancy protection, aliasing, and split horizon scenarios to implement load balancing on a multi-homing network.

MAC/IP advertisement route/ Type 2 route
An EVPN MAC/IP route advertises the MAC address, IP address, and other information of sites. This eliminates the need to flood ARP requests on the network, thereby reducing the broadcast traffic volume on the network and saving bandwidth resources.

Inclusive multicast route/ Type 3 route
An inclusive multicast route advertises the address reachability of broadcast, unknown unicast, and multicast (BUM) traffic to implement mutual neighbor discovery in a broadcast domain. This enables the local PE to send BUM traffic received from CEs to the remote PE. Such a route also contains tunnel attributes that enable PEs to establish a tunnel between them for transmitting data plane traffic.

Ethernet segment route/ Type 4 route
An Ethernet segment route allows PEs connected to the same CE to discover each other. This route is mainly used for designated forwarder (DF) election. To prevent a CE multi-homed to multiple PEs from receiving duplicate traffic, only one PE is required to forward BUM traffic to the CE. Such a PE is elected among all PEs on the same Ethernet segment (ES) through DF election.

IP prefix route/ Type 5 route
An IP prefix route allows an EVPN to access the external network. EVPN advertises imported external routes as IP prefix routes.

EVPN has the following advantages over the traditional VPLS:

Broadcast traffic optimization. EVPN changes the traditional MAC address learning mode on the L2VPN data plane. It introduces the control plane to learn MAC addresses and IP addresses for data forwarding, implementing forwarding-control separation.

EVPN implements active-active, loop free, fast convergence and simplified O&M, resolving typical problems of traditional L2VPNS.

EVPN uses MP-BGP on the control plane and supports multiple types of tunnels on the data plane, i.e. MPLS, GRE and SRV6.

EVPN also supports automatic PE discovery.

Network Description.

EVPN needs to be configured on the network to implement L2 communication. S-1 is dual-homed to PE-1 and PE-2 and works in active-active mode through and E-Trunk. IP addresses of S-1 and S-2 are 192.168.2.1 and 192.168.2.2 respectively. The ESI of S-1 is 0000.1111.2222.1111.2222. The EVPN instance name is EVPNX, the RDs on PE-1, PE-2 and PE-4 are 65001:1, 65001:2 and 65001:4 respectively and RTs are 65001:11.

Step 1: Configure the backbone network to allow communication between the backbone nodes.

*******************************************PE-1
system-view
sysname PE-1
#
isis 1 
is-level level-2
cost-style wide
network-entity 49.0001.0100.0000.1001.00
is-name PE-1
#
interface Ethernet3/0/0
description *** To_P ***
undo shutdown
ip address 10.0.12.1 30 
isis enable 1 
#
interface LoopBack0
ip address 10.0.1.1 32
isis enable 1
#
commit
#
return

*******************************************PE-2
system-view
sysname PE-2
#
isis 1 
is-level level-2
cost-style wide
network-entity 49.0001.0200.0000.2002.00
is-name PE-2
#
interface Ethernet3/0/1
description *** To_P ***
undo shutdown
ip address 10.0.23.1 30 
isis enable 1 
#
interface LoopBack0
ip address 10.0.2.2 32
isis enable 1
#
commit
#
return

*******************************************P
system-view
sysname P
#
isis 1 
is-level level-2
cost-style wide
network-entity 49.0001.0300.0000.3003.00
is-name P
#
interface Ethernet3/0/0
description *** To_PE-1 ***
undo shutdown
ip address 10.0.12.2 30 
isis enable 1 
#
interface Ethernet3/0/1
description *** To_PE-2 ***
undo shutdown
ip address 10.0.23.2 30 
isis enable 1 
#
interface Ethernet3/0/2
description *** To_PE-4 ***
undo shutdown
ip address 10.0.34.2 30 
isis enable 1 
#
interface LoopBack0
ip address 10.0.3.3 32
isis enable 1
#
commit
#
return

*******************************************PE-4
system-view
sysname PE-4
#
isis 1 
is-level level-2
cost-style wide
network-entity 49.0001.0400.0000.4004.00
is-name PE-4
#
interface Ethernet3/0/2
description *** To_P ***
undo shutdown
ip address 10.0.34.1 30 
isis enable 1 
#
interface LoopBack0
ip address 10.0.4.4 32
isis enable 1
#
commit
#
return

Step 2: Configure MPLS and enable LDP to establish LDP LSPs on the backbone network.

*******************************************PE-1
system-view
#
mpls lsr-id 10.0.1.1
#
mpls
#
mpls ldp
#
interface Ethernet3/0/0
mpls
mpls ldp
#
commit
#return

*******************************************PE-2
system-view
#
mpls lsr-id 10.0.2.2
#
mpls
#
mpls ldp
#
interface Ethernet3/0/1
mpls
mpls ldp
#
commit
#return

*******************************************P
system-view
#
mpls lsr-id 10.0.3.3
#
mpls
#
mpls ldp
#
interface Ethernet3/0/0
mpls
mpls ldp
#
interface Ethernet3/0/1
mpls
mpls ldp
#
interface Ethernet3/0/2
mpls
mpls ldp
#
commit
#return

*******************************************PE-4
system-view
#
mpls lsr-id 10.0.4.4
#
mpls
#
mpls ldp
#
interface Ethernet3/0/2
mpls
mpls ldp
#
commit
#
return

Step 3: Configure BD EVPN instance on PEs.

*******************************************PE-1
system-view
#
evpn vpn-instance EVPNX bd-mode 
route-distinguisher 65001:1
vpn-target 65001:11
#
bridge-domain 10
evpn binding vpn-instance EVPNX
#
evpn source-address 10.0.1.1
#
commit
#
return

*******************************************PE-2
system-view
#
evpn vpn-instance EVPNX bd-mode 
route-distinguisher 65001:2
vpn-target 65001:11
#
bridge-domain 10
evpn binding vpn-instance EVPNX
#
evpn source-address 10.0.2.2
#
commit
#
return

*******************************************PE-4
system-view
#
evpn vpn-instance EVPNX bd-mode 
route-distinguisher 65001:4
vpn-target 65001:11
#
bridge-domain 10
evpn binding vpn-instance EVPNX
#
evpn source-address 10.0.4.4
#
commit
#
return

Step 4: Configure and ESI and E-Trunk to implement dual-homing active-active networking.

*******************************************PE-1
system-view
#
lacp e-trunk system-id 00e0-fc00-0000
lacp e-trunk priority 1
#
e-trunk 1 
peer-address 10.0.2.2 source-address 10.0.1.1
#
interface Eth-Trunk10
mode lacp-static 
e-trunk 1
e-trunk mode force-master
esi 0000.1111.2222.1111.2222
#
interface Eth-Trunk10.1 mode l2
encapsulation dot1q vid 2
rewrite pop single
bridge-domain 10
#
interface Ethernet3/0/1
eth-trunk 10
#
commit
#
return

*******************************************PE-2
system-view
#
lacp e-trunk system-id 00e0-fc00-0000
lacp e-trunk priority 1
#
e-trunk 1 
peer-address 10.0.1.1 source-address 10.0.2.2
#
interface Eth-Trunk10
mode lacp-static 
e-trunk 1
e-trunk mode force-master
esi 0000.1111.2222.1111.2222
#
interface Eth-Trunk10.1 mode l2
encapsulation dot1q vid 2
rewrite pop single
bridge-domain 10
#
interface Ethernet3/0/2
eth-trunk 10
#
commit
#
return

*******************************************PE-4
system-view
#
interface Ethernet3/0/1.1 mode l2
 encapsulation dot1q vid 2
 rewrite pop single
 bridge-domain 10
#
commit
#
return

The E-Trunk system ID of PE-1 and PE-2 must be the same.

Step 5: Configure local-remote FRR for MAC routes.

*******************************************PE-1
system-view
#
evpn
vlan-extend private enable
vlan-extend redirect enable
local-remote frr enable
#
commit
#
return

*******************************************PE-2
system-view
#
evpn
vlan-extend private enable
vlan-extend redirect enable
local-remote frr enable
#
commit
#
return

*******************************************PE-4
system-view
#
evpn
vlan-extend private enable
vlan-extend redirect enable
local-remote frr enable
#
commit
#
return

In CE multi-homing scenarios, MAC route redirection enables all PEs connected to the same CE to redirect the outbound interfaces of MAC routes destined for the CE to local AC interfaces. This function shortens forwarding paths and improves forwarding efficiency. If the AC interface on one of the PEs fails, the outbound interface of the associated MAC route can be quickly redirected so that traffic can be forwarded through another active PE, improving reliability.

Step 6: Establish BGP EVPN peer relationships.

*******************************************PE-1
system-view
#
bgp 65001
router-id 10.0.1.1
peer 10.0.2.2 as-number 65001
peer 10.0.2.2 connect-interface LoopBack0
peer 10.0.4.4 as-number 65001
peer 10.0.4.4 connect-interface LoopBack0
#
ipv4-family unicast 
undo snychronization
peer 10.0.2.2 enable
peer 10.0.4.4 enable
#
l2vpn-family evpn
policy vpn-target 
peer 10.0.2.2 enable
peer 10.0.4.4 enable
#
commit
#
return

*******************************************PE-2
system-view
#
bgp 65001
router-id 10.0.2.2
peer 10.0.1.1 as-number 65001
peer 10.0.1.1 connect-interface LoopBack0
peer 10.0.4.4 as-number 65001
peer 10.0.4.4 connect-interface LoopBack0
#
ipv4-family unicast 
undo snychronization
peer 10.0.1.1 enable
peer 10.0.4.4 enable
#
l2vpn-family evpn
policy vpn-target 
peer 10.0.1.1 enable
peer 10.0.4.4 enable
#
commit
#
return

*******************************************PE-4
system-view
#
bgp 65001
router-id 10.0.4.4
peer 10.0.1.1 as-number 65001
peer 10.0.1.1 connect-interface LoopBack0
peer 10.0.2.2 as-number 65001
peer 10.0.2.2 connect-interface LoopBack0
#
ipv4-family unicast 
undo snychronization
peer 10.0.1.1 enable
peer 10.0.2.2 enable
#
l2vpn-family evpn
policy vpn-target 
peer 10.0.1.1 enable
peer 10.0.2.2 enable
#
commit
#
return

Step 7: Configure S Switches.

*******************************************S-1
system-view
sysname S-1
#
vlan 2 
#
interface vlanif2
ip address 192.168.2.1 24 
#
interface Eth-Trunk10
description *** To_PEs ***
port link-type trunk
undo port trunk allow-pass vlan 1 
port trunk allow-pass vlan 2 
mode lacp-static
#
interface GE1/0/1
description *** To_PE-1 ***
eth-trunk 10
#
interface GE1/0/2
description *** To_PE-2 ***
eth-trunk 10
#
return


*******************************************S-2
system-view
sysname S-2
#
vlan 2 
#
interface vlanif2
ip address 192.168.2.2 24 
#
interface GE1/0/1
description *** To_PE-4 ***
port link-type trunk
undo port trunk allow-pass vlan 1 
port trunk allow-pass vlan 2
#
return

Sstep 8: Result confirmation.

PE-4 receives Type 3 routes ( Inclusive multicast routes) from PE1 and PE2 to forward BUM traffic.

Type 4 routes ( Ethernet Segment routes) carried by PE-1 and PE-2 carry the same ESI.

PE-1 sends the MAC address of S-1 to PE-4.

PE-1 and PE-2 advertise Type 1 routes ( MAC AD routes) to implement split horizon.



Leave a Reply

This website uses cookies and asks your personal data to enhance your browsing experience.
Ok, I agree Privacy Policy

Privacy Policy