Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

proxy-macip-advertisement

Syntax

Hierarchy Level

Description

Enable the proxy advertisement feature on a QFX Series switch that can function as a Layer 3 (L3) gateway. With this feature enabled, the L3 gateway advertises the MAC and IP routes (EVPN Type 2 MAC-IP routes) on behalf of Layer 2 (L2) Virtual Extensible LAN (VXLAN) gateways.

In an Ethernet VPN-VXLAN (EVPN-VXLAN) centrally-routed bridging (CRB) overlay, spine devices typically function as L3 VXLAN gateways, and leaf devices typically function as L2 gateways. In this overlay network, the L2 VXLAN gateways can advertise only the EVPN Type 2 MAC routes for the attached hosts. Because the L2 gateways are unable to resolve the MAC-IP bindings for the hosts, each of the L3 gateways rely on the Address Resolution Protocol (ARP) and the Neighbor Discovery Protocol (NDP) to discover and install the bindings.

For example, an L3 gateway receives a host MAC route advertisement from an L2 gateway, and ARP and NDP resolve the MAC-IP bindings. The L3 gateway in turn advertises the host MAC and IP routes along with the next hop, which is set to the L2 gateway to which the host is attached. Upon receiving this advertisement, L2 and 3 gateways in the topology install the MAC-IP bindings along with the associated next hops. Then when a gateway device receives a packet with a destination MAC that matches an address in its MAC table, the gateway does the following:

  • Checks the next hop associated with the MAC address

  • Forwards the packet directly to the L2 gateway to which the host is attached.

As a result, the packet doesn't need to be sent first to an L3 gateway that then forwards the packet to the L2 gateway.

Enable this feature in a CRB overlay fabric. With the proxy-macip-advertisement setting, the L3 gateway device manages learning and aging for the ARP and NDP entries. By default, the L3 gateway does not refresh the ARP and NDP entries. As a result, the MAC-IP bindings on the spine devices expire after a timeout interval. Upon receiving the next IPv4 or IPv6 packet after the MAC-IP entry expires, the spine devices tries to resolve the MAC-IP binding again using ARP (for IPv4 packets) or NDP (for IPv6 packets). The spine device might drop traffic until it records the new MAC-IP binding.

Note:

We support the proxy-macip-advertisement statement on Junos OS devices only. In an EVPN CRB overlay fabric with a mix of Junos OS and Junos OS Evolved spine devices, if you configure any Junos OS spine devices with the proxy-macip-advertisement statement, you must also configure the EVPN leaf devices with the crb-proxy-mac option at the [edit protocols l2-learning] hierarchy level. See crb-proxy-mac for details.

We recommend that you don't use this feature in an EVPN-VXLAN edge-routed bridging overlay (ERB) fabric with anycast IRB addresses. If you set this option in ERB fabrics, the device can have IP reachability issues because remote ARP entries are deleted when the entries age out. With anycast IRB addresses, ARP replies don’t reach the device that initiated the ARP request.

Required Privilege Level

interface—To view this statement in the configuration

interface-control—To add this statement to the configuration

Release Information

Statement introduced in Junos OS Release 15.1X53-D60.