close
keyboard_arrow_left
Table of Contents
- play_arrow Features Common to EVPN-VXLAN, EVPN-MPLS, and EVPN-VPWS
- play_arrow Configuring Interfaces
- play_arrow MAC Address Features with EVPN Networks
- play_arrow Configuring Routing Instances for EVPN
- Configuring EVPN Routing Instances
- Configuring EVPN Routing Instances on EX9200 Switches
- MAC-VRF Routing Instance Type Overview
- EVPN Type 5 Route with VXLAN Encapsulation for EVPN-VXLAN
- EVPN Type 5 Route with MPLS encapsulation for EVPN-MPLS
- Understanding EVPN Pure Type 5 Routes
- Seamless VXLAN Stitching with Symmetric EVPN Type 2 Routes using Data Center Interconnect
- Symmetric Integrated Routing and Bridging with EVPN Type 2 Routes in EVPN-VXLAN Fabrics
- EVPN Type 2 and Type 5 Route Coexistence with EVPN-VXLAN
- Ingress Virtual Machine Traffic Optimization
- Tracing EVPN Traffic and Operations
- Migrating From BGP VPLS to EVPN Overview
- Configuring EVPN over Transport Class Tunnels
- Example: Configuring EVPN-VPWS over Transport Class Tunnels
- play_arrow Configuring Route Targets
- play_arrow Routing Policies for EVPN
- play_arrow Layer 3 Gateways with Integrated Routing and Bridging for EVPN Overlays
- play_arrow EVPN Multihoming
- EVPN Multihoming Overview
- EVPN Multihoming Designated Forwarder Election
- Understanding Automatically Generated ESIs in EVPN Networks
- Easy EVPN LAG (EZ-LAG) Configuration
- Configuring EVPN Active-Standby Multihoming to a Single PE Device
- Configuring EVPN-MPLS Active-Standby Multihoming
- Example: Configuring Basic EVPN-MPLS Active-Standby Multihoming
- Example: Configuring EVPN-MPLS Active-Standby Multihoming
- Example: Configuring Basic EVPN Active-Active Multihoming
- Example: Configuring EVPN Active-Active Multihoming
- Example: Configuring LACP for EVPN Active-Active Multihoming
- Example: Configuring LACP for EVPN VXLAN Active-Active Multihoming
- Example: Configuring an ESI on a Logical Interface With EVPN-MPLS Multihoming
- Configuring Dynamic List Next Hop
- play_arrow Link States and Network Isolation Conditions in EVPN Networks
- play_arrow EVPN Proxy ARP and ARP Suppression, and NDP and NDP Suppression
- play_arrow Configuring DHCP Relay Agents
- play_arrow High Availability in EVPN
- play_arrow Monitoring EVPN Networks
- play_arrow Layer 2 Control Protocol Transparency
-
- play_arrow EVPN-VXLAN
- play_arrow Overview
- Understanding EVPN with VXLAN Data Plane Encapsulation
- EVPN-over-VXLAN Supported Functionality
- Understanding VXLANs
- VXLAN Constraints on EX Series, QFX Series, PTX Series, and ACX Series Devices
- EVPN Over VXLAN Encapsulation Configuration Overview for QFX Series and EX4600 Switches
- Implementing EVPN-VXLAN for Data Centers
- PIM NSR and Unified ISSU Support for VXLAN Overview
- Routing IPv6 Data Traffic through an EVPN-VXLAN Network with an IPv4 Underlay
- Understanding How to Configure VXLANs and Layer 3 Logical Interfaces to Interoperate
- Understanding GBP Profiles
- play_arrow Configuring EVPN-VXLAN Interfaces
- Understanding Flexible Ethernet Services Support With EVPN-VXLAN
- EVPN-VXLAN Lightweight Leaf to Server Loop Detection
- Overlapping VLAN Support Using VLAN Translation in EVPN-VXLAN Networks
- Overlapping VLAN Support Using Multiple Forwarding Instances or VLAN Normalization
- Layer 2 Protocol Tunneling over VXLAN Tunnels in EVPN-VXLAN Bridged Overlay Networks
- MAC Filtering, Storm Control, and Port Mirroring Support in an EVPN-VXLAN Environment
- Example: Micro and Macro Segmentation using Group Based Policy in a VXLAN
- DHCP Smart Relay in EVPN-VXLAN
- play_arrow Configuring VLAN-Aware Bundle Services, VLAN-Based Services, and Virtual Switch Support
- play_arrow Load Balancing with EVPN-VXLAN Multihoming
- play_arrow Setting Up a Layer 3 VXLAN Gateway
- play_arrow Configuring an EVPN-VXLAN Centrally-Routed Bridged Overlay
- play_arrow Configuring an EVPN-VXLAN Edge-Routed Bridging Overlay
- play_arrow IPv6 Underlay for VXLAN Overlays
- play_arrow Multicast Features with EVPN-VXLAN
- Multicast Support in EVPN-VXLAN Overlay Networks
- Overview of Multicast Forwarding with IGMP Snooping or MLD Snooping in an EVPN-VXLAN Environment
- Example: Preserving Bandwidth with IGMP Snooping in an EVPN-VXLAN Environment
- Overview of Selective Multicast Forwarding
- Configuring the number of SMET Nexthops
- Assisted Replication Multicast Optimization in EVPN Networks
- Optimized Intersubnet Multicast in EVPN Networks
- play_arrow Configuring the Tunneling of Q-in-Q Traffic
- play_arrow Tunnel Traffic Inspection on SRX Series Devices
- play_arrow Fault Detection and Isolation in EVPN-VXLAN Fabrics
-
- play_arrow EVPN-MPLS
- play_arrow Overview
- play_arrow Convergence in an EVPN MPLS Network
- play_arrow Pseudowire Termination at an EVPN
- play_arrow Configuring the Distribution of Routes
- Configuring an IGP on the PE and P Routers on EX9200 Switches
- Configuring IBGP Sessions Between PE Routers in VPNs on EX9200 Switches
- Configuring a Signaling Protocol and LSPs for VPNs on EX9200 Switches
- Configuring Entropy Labels
- Configuring Control Word for EVPN-MPLS
- Understanding P2MPs LSP for the EVPN Inclusive Provider Tunnel
- Configuring Bud Node Support
- play_arrow Configuring VLAN Services and Virtual Switch Support
- play_arrow Configuring Integrated Bridging and Routing
- EVPN with IRB Solution Overview
- An EVPN with IRB Solution on EX9200 Switches Overview
- Anycast Gateways
- Configuring EVPN with IRB Solution
- Configuring an EVPN with IRB Solution on EX9200 Switches
- Example: Configuring EVPN with IRB Solution
- Example: Configuring an EVPN with IRB Solution on EX9200 Switches
- play_arrow Configuring IGMP or MLD Snooping with EVPN-MPLS
-
- play_arrow EVPN E-LAN Services
- play_arrow EVPN-VPWS
- play_arrow Configuring VPWS Service with EVPN Mechanisms
- Overview of VPWS with EVPN Signaling Mechanisms
- Control word for EVPN-VPWS
- Overview of Flexible Cross-Connect Support on VPWS with EVPN
- Overview of Headend Termination for EVPN VPWS for Business Services
- Configuring VPWS with EVPN Signaling Mechanisms
- Example: Configuring VPWS with EVPN Signaling Mechanisms
- FAT Flow Labels in EVPN-VPWS Routing Instances
- Configuring EVPN-VPWS over SRv6
- Configuring Micro-SIDs in EVPN-VPWS
-
- play_arrow EVPN-ETREE
- play_arrow Overview
- play_arrow Configuring EVPN-ETREE
-
- play_arrow PBB-EVPN
- play_arrow Configuring PBB-EVPN Integration
- play_arrow Configuring MAC Pinning for PBB-EVPNs
-
- play_arrow EVPN Standards
- play_arrow Supported EVPN Standards
-
- play_arrow VXLAN-Only Features
- play_arrow Flexible VXLAN Tunnels
- play_arrow Static VXLAN
-
- play_arrow Configuration Statements and Operational Commands
list Table of Contents
ON THIS PAGE
Example: Interconnecting EVPN-VXLAN Data Center Networks Through a WAN Running EVPN-based MPLS
date_range
20-Dec-24
This example shows how to interconnect EVPN-VXLAN data center networks through a WAN running EVPN-MPLS to leverage the benefits of EVPN as a Data Center Interconnect (DCI) solution.
Requirements
This example uses the following hardware and software components:
Four Juniper Networks MX Series routers to be configured as data center gateways and WAN edge routers.
Four Juniper Networks MX Series routers to be configured as top-of-rack (ToR) routers.
Six customer edge (CE) devices.
Six host devices connected to each CE device that has the capability to configure multiple VLANs.
One provider (P) router part of the EVPN-MPLS WAN network.
Junos OS Release 17.2 or later.
Overview
You can interconnect different data center networks running Ethernet VPN (EVPN) with Virtual extensible LAN (VXLAN) encapsulation through a WAN running MPLS-based EVPN using the logical tunnel (lt-) interface.
Figure 1 illustrates the interconnection of data center networks running EVPN with VXLAN encapsulation through a WAN running MPLS-based EVPN. For the purposes of this example, the MX Series routers acting as data center gateways and as WAN edge routers are named MX11, MX12, MX21, and MX22. The MX Series routers acting as top-of-rack (ToR) routers are named ToR11, ToR12, ToR21, and ToR22. The customer edge (CE) devices connected to the data center network 1 (DC1) are named CE1, CE2, and CE3. The customer edge (CE) devices connected to the data center network 2 (DC2) are named CE4, CE5, and CE6. The host devices connected to each CE device should be able to configure multiple host VLANs. The WAN provider router is named P.
Note:
CE devices are part of the logical system of ToR devices.
Figure 1: EVPN-VXLAN Data Center Interconnect Through
WAN Running EVPN-MPLS 
For the MX Series routers acting as data center gateways and WAN edge routers, configure the following information:
IRB interfaces, virtual gateway addresses, and loopback logical interfaces.
External BGP (EBGP) underlay connectivity between gateway and ToR routers, EVPN as the signaling protocol.
Routing policies to allow specific routes into the virtual-switch tables.
Routing instances (Layer 3 VRFs) for each virtual network, including a unique route-distinguisher, and a vrf-target value.
Virtual-switch instances (Layer 2 MAC-VRFs) for each virtual network, the VTEP source interface (always lo0.0), route distinguisher, and vrf-import policy.
EVPN protocol, encapsulation method, VNI list, and BUM traffic forwarding method for each virtual switch.
Bridge domain within each virtual switch that maps VNIDs to VLAN IDs, an IRB (Layer 3) interface, and the BUM forwarding method.
For the MX Series routers acting as top-of-rack (ToR) routers, configure the following information:
Host facing interfaces with VLANs, VLAN IDs, and loopback logical interfaces.
Link Aggregation Control Protocol (LACP)-enabled link aggregation group (LAG), Ethernet Segment ID (ESI), and
all-activemode.Multiprotocol external BGP (MP-EBGP) overlays between ToR and gateway routers using EVPN as the signaling protocol.
EVPN with VXLAN as the encapsulation method, extended-vni-list, multicast mode, and route targets for each VNI.
Vrf import policy, vtep-source-interface,
route-distinguisher, and vrf import and target information.VLANs, with VLAN IDs mapped to globally significant VNIs.
Note:
You can set the virtual gateway address as the default IPv4 or IPv6 gateway address for end hosts (virtual machines or servers).
Configuration
- CLI Quick Configuration
- Configuring ToR11
- Configuring ToR12
- Configuring Data Center Gateway and WAN Edge 1 Router (MX11)
- Configuring Data Center Gateway and WAN Edge 2 Router (MX12)
- Configuring Data Center Gateway and WAN Edge 3 Router (MX21)
- Configuring Data Center Gateway and WAN Edge 4 Router (MX22)
- Configuring ToR21
- Configuring ToR22
CLI Quick Configuration
To quickly configure this example, copy the
following commands, paste them into a text file, remove any line breaks,
change any details necessary to match your network configuration,
and then copy and paste the commands into the CLI at the [edit] hierarchy level.
ToR11
content_copy zoom_out_map
set system host-name ToR11 set logical-systems CE-2 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host-2" set logical-systems CE-2 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk set logical-systems CE-2 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-2 interfaces ge-1/1/6 unit 0 description "CONNECTED TO ToR11" set logical-systems CE-2 interfaces ge-1/1/6 unit 0 family bridge interface-mode trunk set logical-systems CE-2 interfaces ge-1/1/6 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-2 bridge-domains BD-1 domain-type bridge set logical-systems CE-2 bridge-domains BD-1 vlan-id 1 set logical-systems CE-2 bridge-domains BD-2 domain-type bridge set logical-systems CE-2 bridge-domains BD-2 vlan-id 2 set logical-systems CE-2 bridge-domains BD-3 domain-type bridge set logical-systems CE-2 bridge-domains BD-3 vlan-id 3 set logical-systems CE-2 bridge-domains BD-4 domain-type bridge set logical-systems CE-2 bridge-domains BD-4 vlan-id 4 set logical-systems CE-2 bridge-domains BD-5 domain-type bridge set logical-systems CE-2 bridge-domains BD-5 vlan-id 5 set chassis aggregated-devices ethernet device-count 1 set interfaces traceoptions file ToR11-DCD.log set interfaces traceoptions file size 10m set interfaces traceoptions flag all set interfaces ge-1/0/0 description "CONNECTED TO CE-1" set interfaces ge-1/0/0 gigether-options 802.3ad ae0 set interfaces ge-1/0/5 unit 0 description "CONNECTED TO MX–12" set interfaces ge-1/0/5 unit 0 family inet address 192.168.4.1/24 set interfaces ge-1/0/6 unit 0 description "CONNECTED TO CE-2" set interfaces ge-1/0/6 unit 0 family bridge interface-mode trunk set interfaces ge-1/0/6 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-1/1/1 unit 0 description "CONNECTED TO MX–11" set interfaces ge-1/1/1 unit 0 family inet address 192.168.3.1/24 set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR12" set interfaces ge-1/1/3 unit 0 family inet address 192.168.2.1/24 set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 aggregated-ether-options lacp periodic fast set interfaces ae0 aggregated-ether-options lacp system-id 11:11:11:11:11:11 set interfaces ae0 unit 0 family bridge interface-mode trunk set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 set interfaces lo0 unit 81 family inet address 192.0.2.11/32 set routing-options router-id 192.0.2.11 set routing-options autonomous-system 65100 set routing-options forwarding-table export evpn-pplb set protocols bgp local-as 65100 set protocols bgp group MX11 type external set protocols bgp group MX11 local-address 192.168.3.1 set protocols bgp group MX11 export LO set protocols bgp group MX11 export TEST set protocols bgp group MX11 peer-as 65400 set protocols bgp group MX11 neighbor 192.168.3.2 family inet unicast set protocols bgp group MX12 type external set protocols bgp group MX12 local-address 192.168.4.1 set protocols bgp group MX12 export LO set protocols bgp group MX12 export TEST set protocols bgp group MX12 peer-as 65500 set protocols bgp group MX12 neighbor 192.168.4.2 family inet unicast set protocols bgp group ToR12 type external set protocols bgp group ToR12 local-address 192.168.2.1 set protocols bgp group ToR12 export LO set protocols bgp group ToR12 export TEST set protocols bgp group ToR12 peer-as 65200 set protocols bgp group ToR12 local-as 65100 set protocols bgp group ToR12 neighbor 192.168.2.2 family inet unicast set protocols bgp group MX11-EVPN type external set protocols bgp group MX11-EVPN multihop ttl 2 set protocols bgp group MX11-EVPN multihop no-nexthop-change set protocols bgp group MX11-EVPN local-address 192.0.2.11 set protocols bgp group MX11-EVPN export TEST set protocols bgp group MX11-EVPN peer-as 65400 set protocols bgp group MX11-EVPN local-as 65100 set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling set protocols bgp group MX12-EVPN type external set protocols bgp group MX12-EVPN multihop ttl 2 set protocols bgp group MX12-EVPN multihop no-nexthop-change set protocols bgp group MX12-EVPN local-address 192.0.2.11 set protocols bgp group MX12-EVPN export TEST set protocols bgp group MX12-EVPN peer-as 65500 set protocols bgp group MX12-EVPN local-as 65100 set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling set protocols bgp group ToR12-EVPN type external set protocols bgp group ToR12-EVPN multihop ttl 2 set protocols bgp group ToR12-EVPN multihop no-nexthop-change set protocols bgp group ToR12-EVPN local-address 192.0.2.11 set protocols bgp group ToR12-EVPN export TEST set protocols bgp group ToR12-EVPN peer-as 65200 set protocols bgp group ToR12-EVPN local-as 65100 set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling set protocols l2-learning traceoptions file TOR11-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 192.0.2.11/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.81 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface ge-1/0/6.0 set routing-instances EVPN-VXLAN-1 interface ae0.0 set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.11:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR11-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
ToR12
content_copy zoom_out_map
set system host-name ToR12 set logical-systems CE-1 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 1" set logical-systems CE-1 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk set logical-systems CE-1 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-1 interfaces ae1 unit 0 description "CONNECTED TO ToR12" set logical-systems CE-1 interfaces ae1 unit 0 family bridge interface-mode trunk set logical-systems CE-1 interfaces ae1 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-1 bridge-domains BD-1 domain-type bridge set logical-systems CE-1 bridge-domains BD-1 vlan-id 1 set logical-systems CE-1 bridge-domains BD-2 domain-type bridge set logical-systems CE-1 bridge-domains BD-2 vlan-id 2 set logical-systems CE-1 bridge-domains BD-3 domain-type bridge set logical-systems CE-1 bridge-domains BD-3 vlan-id 3 set logical-systems CE-1 bridge-domains BD-4 domain-type bridge set logical-systems CE-1 bridge-domains BD-4 vlan-id 4 set logical-systems CE-1 bridge-domains BD-5 domain-type bridge set logical-systems CE-1 bridge-domains BD-5 vlan-id 5 set logical-systems CE-3 interfaces ge-1/1/7 unit 0 description "CONNECTED TO ToR12" set logical-systems CE-3 interfaces ge-1/1/7 unit 0 family bridge interface-mode trunk set logical-systems CE-3 interfaces ge-1/1/7 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-3 interfaces ge-1/1/9 unit 0 description "CONNECTED TO Host 3" set logical-systems CE-3 interfaces ge-1/1/9 unit 0 family bridge interface-mode trunk set logical-systems CE-3 interfaces ge-1/1/9 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-3 bridge-domains BD-1 domain-type bridge set logical-systems CE-3 bridge-domains BD-1 vlan-id 1 set logical-systems CE-3 bridge-domains BD-2 domain-type bridge set logical-systems CE-3 bridge-domains BD-2 vlan-id 2 set logical-systems CE-3 bridge-domains BD-3 domain-type bridge set logical-systems CE-3 bridge-domains BD-3 vlan-id 3 set logical-systems CE-3 bridge-domains BD-4 domain-type bridge set logical-systems CE-3 bridge-domains BD-4 vlan-id 4 set logical-systems CE-3 bridge-domains BD-5 domain-type bridge set logical-systems CE-3 bridge-domains BD-5 vlan-id 5 set chassis aggregated-devices ethernet device-count 2 set interfaces traceoptions file ToR12-DCD.log set interfaces traceoptions file size 10m set interfaces traceoptions flag all set interfaces ge-1/0/0 unit 0 description "CONNECTED TO MX11" set interfaces ge-1/0/0 unit 0 family inet address 192.168.6.1/24 set interfaces ge-1/0/4 unit 0 description "CONNECTED TO MX12" set interfaces ge-1/0/4 unit 0 family inet address 192.168.5.1/24 set interfaces ge-1/0/6 description "CONNECTED TO CE-1" set interfaces ge-1/0/6 gigether-options 802.3ad ae0 set interfaces ge-1/0/7 unit 0 description "CONNECTED TO CE-3" set interfaces ge-1/0/7 unit 0 family bridge interface-mode trunk set interfaces ge-1/0/7 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-1/1/0 description "CONNECTED TO ToR11" set interfaces ge-1/1/0 gigether-options 802.3ad ae1 set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR11" set interfaces ge-1/1/3 unit 0 family inet address 192.168.2.2/24 set interfaces ge-1/1/6 description "CONNECTED TO ToR12" set interfaces ge-1/1/6 gigether-options 802.3ad ae1 set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp system-id 11:11:11:11:11:11 set interfaces ae0 unit 0 family bridge interface-mode trunk set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces lo0 unit 82 family inet address 192.0.2.12/32 set routing-options router-id 192.0.2.12 set routing-options autonomous-system 65200 set routing-options forwarding-table export evpn-pplb set protocols bgp local-as 65200 set protocols bgp group MX11 type external set protocols bgp group MX11 local-address 192.168.6.1 set protocols bgp group MX11 export LO set protocols bgp group MX11 export TEST set protocols bgp group MX11 peer-as 65400 set protocols bgp group MX11 local-as 65200 set protocols bgp group MX11 neighbor 192.168.6.2 family inet unicast set protocols bgp group MX12 type external set protocols bgp group MX12 local-address 192.168.5.1 set protocols bgp group MX12 export LO set protocols bgp group MX12 export TEST set protocols bgp group MX12 peer-as 65500 set protocols bgp group MX12 local-as 65200 set protocols bgp group MX12 neighbor 192.168.5.2 family inet unicast set protocols bgp group ToR11 type external set protocols bgp group ToR11 local-address 192.168.2.2 set protocols bgp group ToR11 export LO set protocols bgp group ToR11 export TEST set protocols bgp group ToR11 peer-as 65100 set protocols bgp group ToR11 local-as 65200 set protocols bgp group ToR11 neighbor 192.168.2.1 family inet unicast set protocols bgp group MX11-EVPN type external set protocols bgp group MX11-EVPN multihop ttl 2 set protocols bgp group MX11-EVPN multihop no-nexthop-change set protocols bgp group MX11-EVPN local-address 192.0.2.12 set protocols bgp group MX11-EVPN export TEST set protocols bgp group MX11-EVPN peer-as 65400 set protocols bgp group MX11-EVPN local-as 65200 set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling set protocols bgp group MX12-EVPN type external set protocols bgp group MX12-EVPN multihop ttl 2 set protocols bgp group MX12-EVPN multihop no-nexthop-change set protocols bgp group MX12-EVPN local-address 192.0.2.12 set protocols bgp group MX12-EVPN export TEST set protocols bgp group MX12-EVPN peer-as 65500 set protocols bgp group MX12-EVPN local-as 65200 set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling set protocols bgp group ToR11-EVPN type external set protocols bgp group ToR11-EVPN multihop ttl 2 set protocols bgp group ToR11-EVPN multihop no-nexthop-change set protocols bgp group ToR11-EVPN local-address 192.0.2.12 set protocols bgp group ToR11-EVPN export TEST set protocols bgp group ToR11-EVPN peer-as 65100 set protocols bgp group ToR11-EVPN local-as 65200 set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling set protocols bgp group ToR12-EVPN export TEST set protocols l2-learning traceoptions file TOR12-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 192.0.2.12/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.82 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface ge-1/0/7.0 set routing-instances EVPN-VXLAN-1 interface ae0.0 set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.12:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR12-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
Data Center Gateway and WAN Edge 1 Router (MX11)
content_copy zoom_out_map
set system host-name MX11 set interfaces traceoptions file MX11-DCD.log set interfaces traceoptions file size 10m set interfaces traceoptions flag all set interfaces ge-1/1/1 unit 0 description "CONNECTED TO ToR11" set interfaces ge-1/1/1 unit 0 family inet address 192.168.3.2/24 set interfaces ge-5/1/0 unit 0 description "CONNECTED TO MX12" set interfaces ge-5/1/0 unit 0 family inet address 192.168.7.1/24 set interfaces lt-5/1/0 esi 00:22:22:22:22:22:22:22:22:22 set interfaces lt-5/1/0 esi all-active set interfaces lt-5/1/0 unit 0 peer-unit 1 set interfaces lt-5/1/0 unit 0 family bridge interface-mode trunk set interfaces lt-5/1/0 unit 0 family bridge vlan-id-list 1-5 set interfaces lt-5/1/0 unit 1 peer-unit 0 set interfaces lt-5/1/0 unit 1 family bridge interface-mode trunk set interfaces lt-5/1/0 unit 1 family bridge vlan-id-list 1-5 set interfaces ge-5/1/8 unit 0 description "CONNECTED TO ToR12" set interfaces ge-5/1/8 unit 0 family inet address 192.168.6.2/24 set interfaces ge-5/1/9 unit 0 description "CONNECTED TO P" set interfaces ge-5/1/9 unit 0 family inet address 203.0.1.1/24 set interfaces ge-5/1/9 unit 0 family mpls set interfaces irb unit 1 proxy-macip-advertisement set interfaces irb unit 1 virtual-gateway-esi 00:11:aa:aa:aa:aa:aa:aa:aa:aa set interfaces irb unit 1 virtual-gateway-esi all-active set interfaces irb unit 1 family inet address 10.11.1.12/24 virtual-gateway-address 10.11.1.10 set interfaces irb unit 2 proxy-macip-advertisement set interfaces irb unit 2 virtual-gateway-esi 00:11:bb:bb:bb:bb:bb:bb:bb:bb set interfaces irb unit 2 virtual-gateway-esi all-active set interfaces irb unit 2 family inet address 10.12.1.12/24 virtual-gateway-address 10.12.1.10 set interfaces irb unit 3 proxy-macip-advertisement set interfaces irb unit 3 virtual-gateway-esi 00:11:cc:cc:cc:cc:cc:cc:cc:cc set interfaces irb unit 3 virtual-gateway-esi all-active set interfaces irb unit 3 family inet address 10.13.1.12/24 virtual-gateway-address 10.13.1.10 set interfaces irb unit 4 proxy-macip-advertisement set interfaces irb unit 4 virtual-gateway-esi 00:11:dd:dd:dd:dd:dd:dd:dd:dd set interfaces irb unit 4 virtual-gateway-esi all-active set interfaces irb unit 4 family inet address 10.14.1.12/24 virtual-gateway-address 10.14.1.10 set interfaces irb unit 5 proxy-macip-advertisement set interfaces irb unit 5 virtual-gateway-esi 00:11:ee:ee:ee:ee:ee:ee:ee:ee set interfaces irb unit 5 virtual-gateway-esi all-active set interfaces irb unit 5 family inet address 10.15.1.12/24 virtual-gateway-address 10.15.1.10 set interfaces lo0 unit 84 family inet address 192.0.2.21/32 set interfaces lo0 unit 84 family mpls set routing-options router-id 192.0.2.21 set routing-options autonomous-system 65300 set routing-options forwarding-table export evpn-pplb set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls label-switched-path MX11-TO-MX12 to 192.0.2.22 set protocols mpls label-switched-path MX11-TO-P to 203.0.113.1 set protocols mpls label-switched-path MX11-TO-MX21 to 198.51.100.21 set protocols mpls label-switched-path MX11-TO-MX22 to 198.51.100.22 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp local-address 192.0.2.21 set protocols bgp local-as 65300 set protocols bgp group INT type internal set protocols bgp group INT local-address 192.0.2.21 set protocols bgp group INT family evpn signaling set protocols bgp group INT export TEST set protocols bgp group INT neighbor 203.0.113.1 set protocols bgp group MX12 type external set protocols bgp group MX12 local-address 192.168.7.1 set protocols bgp group MX12 export TEST set protocols bgp group MX12 export LO set protocols bgp group MX12 peer-as 65500 set protocols bgp group MX12 local-as 65400 set protocols bgp group MX12 neighbor 192.168.7.2 family inet unicast set protocols bgp group ToR11 type external set protocols bgp group ToR11 local-address 192.168.3.2 set protocols bgp group ToR11 import TEST set protocols bgp group ToR11 export TEST set protocols bgp group ToR11 export LO set protocols bgp group ToR11 peer-as 65100 set protocols bgp group ToR11 local-as 65400 set protocols bgp group ToR11 neighbor 192.168.3.1 family inet unicast set protocols bgp group ToR12 type external set protocols bgp group ToR12 local-address 192.168.6.2 set protocols bgp group ToR12 export TEST set protocols bgp group ToR12 export LO set protocols bgp group ToR12 peer-as 65200 set protocols bgp group ToR12 local-as 65400 set protocols bgp group ToR12 neighbor 192.168.6.1 family inet unicast set protocols bgp group MX12-EVPN type external set protocols bgp group MX12-EVPN multihop ttl 2 set protocols bgp group MX12-EVPN multihop no-nexthop-change set protocols bgp group MX12-EVPN local-address 192.0.2.21 set protocols bgp group MX12-EVPN export TEST set protocols bgp group MX12-EVPN peer-as 65500 set protocols bgp group MX12-EVPN local-as 65400 set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling set protocols bgp group ToR11-EVPN type external set protocols bgp group ToR11-EVPN multihop ttl 2 set protocols bgp group ToR11-EVPN multihop no-nexthop-change set protocols bgp group ToR11-EVPN local-address 192.0.2.21 set protocols bgp group ToR11-EVPN export TEST set protocols bgp group ToR11-EVPN peer-as 65100 set protocols bgp group ToR11-EVPN local-as 65400 set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling set protocols bgp group ToR12-EVPN type external set protocols bgp group ToR12-EVPN multihop ttl 2 set protocols bgp group ToR12-EVPN multihop no-nexthop-change set protocols bgp group ToR12-EVPN local-address 192.0.2.21 set protocols bgp group ToR12-EVPN export TEST set protocols bgp group ToR12-EVPN peer-as 65200 set protocols bgp group ToR12-EVPN local-as 65400 set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface ge-5/1/9.0 set protocols ospf area 0.0.0.0 interface lo0.84 passive set protocols l2-learning traceoptions file MX11-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO from protocol direct set policy-options policy-statement LO from route-filter 192.0.2.21/32 exact set policy-options policy-statement LO then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-MPLS-1 instance-type virtual-switch set routing-instances EVPN-MPLS-1 interface lt-5/1/0.0 set routing-instances EVPN-MPLS-1 route-distinguisher 192.0.2.21:100 set routing-instances EVPN-MPLS-1 vrf-target target:1:2 set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX11-EVPN-MPLS-1.log set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.84 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface lt-5/1/0.1 set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.21:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX11-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances VRF instance-type vrf set routing-instances VRF interface irb.1 set routing-instances VRF interface irb.2 set routing-instances VRF interface irb.3 set routing-instances VRF interface irb.4 set routing-instances VRF interface irb.5 set routing-instances VRF route-distinguisher 1:1 set routing-instances VRF vrf-target target:10:10
Data Center Gateway and WAN Edge 2 Router (MX12)
content_copy zoom_out_map
set system host-name MX12 set logical-systems P interfaces ge-1/0/0 unit 0 description "CONNECTED TO MX21" set logical-systems P interfaces ge-1/0/0 unit 0 family inet address 203.0.113.32/24 set logical-systems P interfaces ge-1/0/0 unit 0 family mpls set logical-systems P interfaces ge-1/0/2 unit 0 description "CONNECTED TO MX22" set logical-systems P interfaces ge-1/0/2 unit 0 family inet address 203.0.113.52/24 set logical-systems P interfaces ge-1/0/2 unit 0 family mpls set logical-systems P interfaces ge-1/1/1 unit 0 description "CONNECTED TO MX11" set logical-systems P interfaces ge-1/1/1 unit 0 family inet address 203.0.113.42/24 set logical-systems P interfaces ge-1/1/1 unit 0 family mpls set logical-systems P interfaces ge-1/1/6 unit 0 description "CONNECTED TO MX12" set logical-systems P interfaces ge-1/1/6 unit 0 family inet address 203.0.113.12/24 set logical-systems P interfaces ge-1/1/6 unit 0 family mpls set logical-systems P interfaces lo0 unit 86 family inet address 203.0.113.1/32 set logical-systems P interfaces lo0 unit 86 family mpls set logical-systems P protocols rsvp interface all set logical-systems P protocols mpls label-switched-path P-TO-MX11 from 203.0.113.1 set logical-systems P protocols mpls label-switched-path P-TO-MX11 to 192.0.2.21 set logical-systems P protocols mpls label-switched-path P-TO-MX12 to 192.0.2.22 set logical-systems P protocols mpls label-switched-path P-TO-MX21 to 198.51.100.21 set logical-systems P protocols mpls label-switched-path P-TO-MX22 to 198.51.100.22 set logical-systems P protocols mpls interface all set logical-systems P protocols bgp local-address 203.0.113.1 set logical-systems P protocols bgp local-as 65300 set logical-systems P protocols bgp group INT type internal set logical-systems P protocols bgp group INT import BLOCK-VXLAN-ROUTES-FROM-CORE set logical-systems P protocols bgp group INT family evpn signaling set logical-systems P protocols bgp group INT cluster 203.0.113.1 set logical-systems P protocols bgp group INT neighbor 192.0.2.21 set logical-systems P protocols bgp group INT neighbor 192.0.2.22 set logical-systems P protocols bgp group INT neighbor 198.51.100.21 set logical-systems P protocols bgp group INT neighbor 198.51.100.22 set logical-systems P protocols ospf traffic-engineering set logical-systems P protocols ospf area 0.0.0.0 interface all set logical-systems P protocols ospf area 0.0.0.0 interface lo0.86 set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 from protocol bgp set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 from community RT-CORE set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 then accept set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 from protocol bgp set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 from community RT-DC1 set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 then reject set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 from protocol bgp set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 from community RT-DC2 set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 then reject set logical-systems P policy-options community RT-CORE members target:1:2 set logical-systems P policy-options community RT-DC1 members target:1:1 set logical-systems P policy-options community RT-DC2 members target:1:3 set logical-systems P routing-options router-id 203.0.113.1 set logical-systems P routing-options autonomous-system 65300 set chassis fpc 1 pic 0 tunnel-services set interfaces traceoptions file MX12-DCD.log set interfaces traceoptions file size 10m set interfaces traceoptions flag all set interfaces lt-1/0/0 esi 00:22:22:22:22:22:22:22:22:22 set interfaces lt-1/0/0 esi all-active set interfaces lt-1/0/0 unit 0 peer-unit 1 set interfaces lt-1/0/0 unit 0 family bridge interface-mode trunk set interfaces lt-1/0/0 unit 0 family bridge vlan-id-list 1-5 set interfaces lt-1/0/0 unit 1 peer-unit 0 set interfaces lt-1/0/0 unit 1 family bridge interface-mode trunk set interfaces lt-1/0/0 unit 1 family bridge vlan-id-list 1-5 set interfaces ge-1/0/4 unit 0 description "CONNECTED TO ToR12" set interfaces ge-1/0/4 unit 0 family inet address 192.168.5.2/24 set interfaces ge-1/0/5 unit 0 description "CONNECTED TO ToR11" set interfaces ge-1/0/5 unit 0 family inet address 192.168.4.2/24 set interfaces ge-1/0/6 unit 0 description "CONNECTED TO P" set interfaces ge-1/0/6 unit 0 family inet address 203.0.113.11/24 set interfaces ge-1/0/6 unit 0 family mpls set interfaces ge-1/1/0 unit 0 description "CONNECTED TO MX11" set interfaces ge-1/1/0 unit 0 family inet address 192.168.7.2/24 set interfaces irb unit 1 proxy-macip-advertisement set interfaces irb unit 1 virtual-gateway-esi 00:11:aa:aa:aa:aa:aa:aa:aa:aa set interfaces irb unit 1 virtual-gateway-esi all-active set interfaces irb unit 1 family inet address 10.11.1.13/24 virtual-gateway-address 10.11.1.10 set interfaces irb unit 2 proxy-macip-advertisement set interfaces irb unit 2 virtual-gateway-esi 00:11:bb:bb:bb:bb:bb:bb:bb:bb set interfaces irb unit 2 virtual-gateway-esi all-active set interfaces irb unit 2 family inet address 10.12.1.13/24 virtual-gateway-address 10.12.1.10 set interfaces irb unit 3 proxy-macip-advertisement set interfaces irb unit 3 virtual-gateway-esi 00:11:cc:cc:cc:cc:cc:cc:cc:cc set interfaces irb unit 3 virtual-gateway-esi all-active set interfaces irb unit 3 family inet address 10.13.1.13/24 virtual-gateway-address 10.13.1.10 set interfaces irb unit 4 proxy-macip-advertisement set interfaces irb unit 4 virtual-gateway-esi 00:11:dd:dd:dd:dd:dd:dd:dd:dd set interfaces irb unit 4 virtual-gateway-esi all-active set interfaces irb unit 4 family inet address 10.14.1.13/24 virtual-gateway-address 10.14.1.10 set interfaces irb unit 5 proxy-macip-advertisement set interfaces irb unit 5 virtual-gateway-esi 00:11:ee:ee:ee:ee:ee:ee:ee:ee set interfaces irb unit 5 virtual-gateway-esi all-active set interfaces irb unit 5 family inet address 10.15.1.13/24 virtual-gateway-address 10.15.1.10 set interfaces lo0 unit 85 family inet address 192.0.2.22/32 set interfaces lo0 unit 85 family mpls set routing-options router-id 192.0.2.22 set routing-options autonomous-system 65300 set routing-options forwarding-table export evpn-pplb set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls label-switched-path MX12-TO-MX11 to 192.0.2.21 set protocols mpls label-switched-path MX12-TO-P to 203.0.113.1 set protocols mpls label-switched-path MX12-TO-MX21 to 198.51.100.21 set protocols mpls label-switched-path MX12-TO-MX22 to 198.51.100.22 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp local-address 192.0.2.22 set protocols bgp local-as 65300 set protocols bgp group INT type internal set protocols bgp group INT family evpn signaling set protocols bgp group INT export TEST set protocols bgp group INT neighbor 203.0.113.1 set protocols bgp group MX11 type external set protocols bgp group MX11 local-address 192.168.7.2 set protocols bgp group MX11 export TEST set protocols bgp group MX11 export LO set protocols bgp group MX11 peer-as 65400 set protocols bgp group MX11 local-as 65500 set protocols bgp group MX11 neighbor 192.168.7.1 family inet unicast set protocols bgp group ToR11 type external set protocols bgp group ToR11 local-address 192.168.4.2 set protocols bgp group ToR11 export TEST set protocols bgp group ToR11 export LO set protocols bgp group ToR11 peer-as 65100 set protocols bgp group ToR11 local-as 65500 set protocols bgp group ToR11 neighbor 192.168.4.1 family inet unicast set protocols bgp group ToR12 type external set protocols bgp group ToR12 local-address 192.168.5.2 set protocols bgp group ToR12 export TEST set protocols bgp group ToR12 export LO set protocols bgp group ToR12 peer-as 65200 set protocols bgp group ToR12 local-as 65500 set protocols bgp group ToR12 neighbor 192.168.5.1 family inet unicast set protocols bgp group MX11-EVPN type external set protocols bgp group MX11-EVPN multihop ttl 2 set protocols bgp group MX11-EVPN multihop no-nexthop-change set protocols bgp group MX11-EVPN local-address 192.0.2.22 set protocols bgp group MX11-EVPN export TEST set protocols bgp group MX11-EVPN peer-as 65400 set protocols bgp group MX11-EVPN local-as 65500 set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling set protocols bgp group ToR11-EVPN type external set protocols bgp group ToR11-EVPN multihop ttl 2 set protocols bgp group ToR11-EVPN multihop no-nexthop-change set protocols bgp group ToR11-EVPN local-address 192.0.2.22 set protocols bgp group ToR11-EVPN export TEST set protocols bgp group ToR11-EVPN peer-as 65100 set protocols bgp group ToR11-EVPN local-as 65500 set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling set protocols bgp group ToR12-EVPN type external set protocols bgp group ToR12-EVPN multihop ttl 2 set protocols bgp group ToR12-EVPN multihop no-nexthop-change set protocols bgp group ToR12-EVPN local-address 192.0.2.22 set protocols bgp group ToR12-EVPN export TEST set protocols bgp group ToR12-EVPN peer-as 65200 set protocols bgp group ToR12-EVPN local-as 65500 set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface ge-1/0/6.0 set protocols ospf area 0.0.0.0 interface lo0.85 passive set protocols l2-learning traceoptions file MX12-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO from protocol direct set policy-options policy-statement LO from route-filter 192.0.2.22/32 exact set policy-options policy-statement LO then accept set policy-options policy-statement TEST from protocol bgp set policy-options policy-statement TEST from protocol evpn set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-MPLS-1 instance-type virtual-switch set routing-instances EVPN-MPLS-1 interface lt-1/0/0.0 set routing-instances EVPN-MPLS-1 route-distinguisher 192.0.2.22:100 set routing-instances EVPN-MPLS-1 vrf-target target:1:2 set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX12-EVPN-MPLS-1.log set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.85 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface lt-1/0/0.1 set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.22:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX12-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances VRF instance-type vrf set routing-instances VRF interface irb.1 set routing-instances VRF interface irb.2 set routing-instances VRF interface irb.3 set routing-instances VRF interface irb.4 set routing-instances VRF interface irb.5 set routing-instances VRF route-distinguisher 1:1 set routing-instances VRF vrf-target target:10:10
Data Center Gateway and WAN Edge 3 Router (MX21)
content_copy zoom_out_map
set system host-name MX21 set interfaces ge-3/0/0 unit 0 description "CONNECTED TO MX22" set interfaces ge-3/0/0 unit 0 family inet address 192.168.13.1/24 set interfaces ge-3/1/0 unit 0 description "CONNECTED TO ToR22" set interfaces ge-3/1/0 unit 0 family inet address 192.168.8.1/24 set interfaces ge-5/0/0 unit 0 description "CONNECTED TO P" set interfaces ge-5/0/0 unit 0 family inet address 203.0.113.31/24 set interfaces ge-5/0/0 unit 0 family mpls set interfaces lt-5/0/0 esi 00:33:33:33:33:33:33:33:33:33 set interfaces lt-5/0/0 esi all-active set interfaces lt-5/0/0 unit 0 peer-unit 1 set interfaces lt-5/0/0 unit 0 family bridge interface-mode trunk set interfaces lt-5/0/0 unit 0 family bridge vlan-id-list 1-5 set interfaces lt-5/0/0 unit 1 peer-unit 0 set interfaces lt-5/0/0 unit 1 family bridge interface-mode trunk set interfaces lt-5/0/0 unit 1 family bridge vlan-id-list 1-5 set interfaces ge-5/0/1 unit 0 description "CONNECTED TO ToR21" set interfaces ge-5/0/1 unit 0 family inet address 192.168.9.1/24 set interfaces irb unit 1 proxy-macip-advertisement set interfaces irb unit 1 virtual-gateway-esi 00:22:aa:aa:aa:aa:aa:aa:aa:aa set interfaces irb unit 1 virtual-gateway-esi all-active set interfaces irb unit 1 family inet address 10.11.1.14/24 virtual-gateway-address 10.11.1.11 set interfaces irb unit 2 proxy-macip-advertisement set interfaces irb unit 2 virtual-gateway-esi 00:22:bb:bb:bb:bb:bb:bb:bb:bb set interfaces irb unit 2 virtual-gateway-esi all-active set interfaces irb unit 2 family inet address 10.12.1.14/24 virtual-gateway-address 10.12.1.11 set interfaces irb unit 3 proxy-macip-advertisement set interfaces irb unit 3 virtual-gateway-esi 00:22:cc:cc:cc:cc:cc:cc:cc:cc set interfaces irb unit 3 virtual-gateway-esi all-active set interfaces irb unit 3 family inet address 10.13.1.14/24 virtual-gateway-address 10.13.1.11 set interfaces irb unit 4 proxy-macip-advertisement set interfaces irb unit 4 virtual-gateway-esi 00:22:dd:dd:dd:dd:dd:dd:dd:dd set interfaces irb unit 4 virtual-gateway-esi all-active set interfaces irb unit 4 family inet address 10.14.1.14/24 virtual-gateway-address 10.14.1.11 set interfaces irb unit 5 proxy-macip-advertisement set interfaces irb unit 5 virtual-gateway-esi 00:22:ee:ee:ee:ee:ee:ee:ee:ee set interfaces irb unit 5 virtual-gateway-esi all-active set interfaces irb unit 5 family inet address 10.15.1.14/24 virtual-gateway-address 10.15.1.11 set interfaces lo0 unit 87 family inet address 198.51.100.21/32 set interfaces lo0 unit 87 family mpls set routing-options router-id 198.51.100.21 set routing-options autonomous-system 65300 set routing-options forwarding-table export evpn-pplb set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls label-switched-path MX21-TO-MX11 to 192.0.2.21 set protocols mpls label-switched-path MX21-TO-MX12 to 192.0.2.22 set protocols mpls label-switched-path MX21-TO-P to 203.0.113.1 set protocols mpls label-switched-path MX21-TO-MX22 to 198.51.100.22 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp local-address 198.51.100.21 set protocols bgp export TEST set protocols bgp local-as 65300 set protocols bgp group INT type internal set protocols bgp group INT local-address 198.51.100.21 set protocols bgp group INT family evpn signaling set protocols bgp group INT export TEST set protocols bgp group INT neighbor 203.0.113.1 set protocols bgp group MX22 type external set protocols bgp group MX22 local-address 192.168.13.1 set protocols bgp group MX22 export TEST set protocols bgp group MX22 export LO set protocols bgp group MX22 peer-as 64900 set protocols bgp group MX22 local-as 64800 set protocols bgp group MX22 neighbor 192.168.13.2 family inet unicast set protocols bgp group ToR21 type external set protocols bgp group ToR21 local-address 192.168.9.1 set protocols bgp group ToR21 export TEST set protocols bgp group ToR21 export LO set protocols bgp group ToR21 peer-as 64600 set protocols bgp group ToR21 local-as 64800 set protocols bgp group ToR21 neighbor 192.168.9.2 family inet unicast set protocols bgp group ToR22 type external set protocols bgp group ToR22 local-address 192.168.8.1 set protocols bgp group ToR22 export TEST set protocols bgp group ToR22 export LO set protocols bgp group ToR22 peer-as 64700 set protocols bgp group ToR22 local-as 64800 set protocols bgp group ToR22 neighbor 192.168.8.2 family inet unicast set protocols bgp group MX22-EVPN type external set protocols bgp group MX22-EVPN multihop ttl 2 set protocols bgp group MX22-EVPN multihop no-nexthop-change set protocols bgp group MX22-EVPN local-address 198.51.100.21 set protocols bgp group MX22-EVPN peer-as 64900 set protocols bgp group MX22-EVPN local-as 64800 set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling set protocols bgp group ToR21-EVPN type external set protocols bgp group ToR21-EVPN multihop ttl 2 set protocols bgp group ToR21-EVPN multihop no-nexthop-change set protocols bgp group ToR21-EVPN local-address 198.51.100.21 set protocols bgp group ToR21-EVPN peer-as 64600 set protocols bgp group ToR21-EVPN local-as 64800 set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling set protocols bgp group ToR22-EVPN type external set protocols bgp group ToR22-EVPN multihop ttl 2 set protocols bgp group ToR22-EVPN multihop no-nexthop-change set protocols bgp group ToR22-EVPN local-address 198.51.100.21 set protocols bgp group ToR22-EVPN peer-as 64700 set protocols bgp group ToR22-EVPN local-as 64800 set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface ge-5/0/0.0 set protocols ospf area 0.0.0.0 interface lo0.87 passive set protocols l2-learning traceoptions file MX21-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO from protocol direct set policy-options policy-statement LO from route-filter 198.51.100.21/32 exact set policy-options policy-statement LO then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-MPLS-1 instance-type virtual-switch set routing-instances EVPN-MPLS-1 interface lt-5/0/0.0 set routing-instances EVPN-MPLS-1 route-distinguisher 198.51.100.21:100 set routing-instances EVPN-MPLS-1 vrf-target target:1:2 set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX21-EVPN-MPLS-1.log set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.87 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface lt-5/0/0.1 set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.21:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX21-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances VRF instance-type vrf set routing-instances VRF interface irb.1 set routing-instances VRF interface irb.2 set routing-instances VRF interface irb.3 set routing-instances VRF interface irb.4 set routing-instances VRF interface irb.5 set routing-instances VRF route-distinguisher 1:1 set routing-instances VRF vrf-target target:10:10
Data Center Gateway and WAN Edge 4 Router (MX22)
content_copy zoom_out_map
set system host-name MX22 set interfaces xe-0/0/0 unit 0 description "CONNECTED TO ToR22" set interfaces xe-0/0/0 unit 0 family inet address 192.168.11.1/24 set interfaces xe-0/0/1 unit 0 description "CONNECTED TO ToR21" set interfaces xe-0/0/1 unit 0 family inet address 192.168.10.1/24 set interfaces ge-1/0/0 unit 0 description "CONNECTED TO MX21" set interfaces ge-1/0/0 unit 0 family inet address 192.168.13.2/24 set interfaces lt-1/0/0 esi 00:33:33:33:33:33:33:33:33:33 set interfaces lt-1/0/0 esi all-active set interfaces lt-1/0/0 unit 0 peer-unit 1 set interfaces lt-1/0/0 unit 0 family bridge interface-mode trunk set interfaces lt-1/0/0 unit 0 family bridge vlan-id-list 1-5 set interfaces lt-1/0/0 unit 1 peer-unit 0 set interfaces lt-1/0/0 unit 1 family bridge interface-mode trunk set interfaces lt-1/0/0 unit 1 family bridge vlan-id-list 1-5 set interfaces ge-1/0/2 unit 0 description "CONNECTED TO P" set interfaces ge-1/0/2 unit 0 family inet address 203.0.113.51/24 set interfaces ge-1/0/2 unit 0 family mpls set interfaces irb unit 1 proxy-macip-advertisement set interfaces irb unit 1 virtual-gateway-esi 00:22:aa:aa:aa:aa:aa:aa:aa:aa set interfaces irb unit 1 virtual-gateway-esi all-active set interfaces irb unit 1 family inet address 10.11.1.15/24 virtual-gateway-address 10.11.1.11 set interfaces irb unit 2 proxy-macip-advertisement set interfaces irb unit 2 virtual-gateway-esi 00:22:bb:bb:bb:bb:bb:bb:bb:bb set interfaces irb unit 2 virtual-gateway-esi all-active set interfaces irb unit 2 family inet address 10.12.1.15/24 virtual-gateway-address 10.12.1.11 set interfaces irb unit 3 proxy-macip-advertisement set interfaces irb unit 3 virtual-gateway-esi 00:22:cc:cc:cc:cc:cc:cc:cc:cc set interfaces irb unit 3 virtual-gateway-esi all-active set interfaces irb unit 3 family inet address 10.13.1.15/24 virtual-gateway-address 10.13.1.11 set interfaces irb unit 4 proxy-macip-advertisement set interfaces irb unit 4 virtual-gateway-esi 00:22:dd:dd:dd:dd:dd:dd:dd:dd set interfaces irb unit 4 virtual-gateway-esi all-active set interfaces irb unit 4 family inet address 10.14.1.15/24 virtual-gateway-address 10.14.1.11 set interfaces irb unit 5 proxy-macip-advertisement set interfaces irb unit 5 virtual-gateway-esi 00:22:ee:ee:ee:ee:ee:ee:ee:ee set interfaces irb unit 5 virtual-gateway-esi all-active set interfaces irb unit 5 family inet address 10.15.1.15/24 virtual-gateway-address 10.15.1.11 set interfaces lo0 unit 88 family inet address 198.51.100.22/32 set interfaces lo0 unit 88 family mpls set routing-options router-id 198.51.100.22 set routing-options autonomous-system 65300 set routing-options forwarding-table export evpn-pplb set protocols rsvp interface all set protocols rsvp interface fxp0.0 disable set protocols mpls label-switched-path MX22-TO-MX11 to 192.0.2.21 set protocols mpls label-switched-path MX22-TO-MX12 to 192.0.2.22 set protocols mpls label-switched-path MX22-TO-P to 203.0.113.1 set protocols mpls label-switched-path MX22-TO-MX21 to 198.51.100.21 set protocols mpls interface all set protocols mpls interface fxp0.0 disable set protocols bgp local-address 198.51.100.22 set protocols bgp export TEST set protocols bgp local-as 65300 set protocols bgp group INT type internal set protocols bgp group INT family evpn signaling set protocols bgp group INT export TEST set protocols bgp group INT neighbor 203.0.113.1 set protocols bgp group MX21 type external set protocols bgp group MX21 local-address 192.168.13.2 set protocols bgp group MX21 export TEST set protocols bgp group MX21 export LO set protocols bgp group MX21 peer-as 64800 set protocols bgp group MX21 local-as 64900 set protocols bgp group MX21 neighbor 192.168.13.1 family inet unicast set protocols bgp group ToR21 type external set protocols bgp group ToR21 local-address 192.168.10.1 set protocols bgp group ToR21 export TEST set protocols bgp group ToR21 export LO set protocols bgp group ToR21 peer-as 64600 set protocols bgp group ToR21 local-as 64900 set protocols bgp group ToR21 neighbor 192.168.10.2 family inet unicast set protocols bgp group ToR22 type external set protocols bgp group ToR22 local-address 192.168.11.1 set protocols bgp group ToR22 export TEST set protocols bgp group ToR22 export LO set protocols bgp group ToR22 peer-as 64700 set protocols bgp group ToR22 local-as 64900 set protocols bgp group ToR22 neighbor 192.168.11.2 family inet unicast set protocols bgp group MX21-EVPN type external set protocols bgp group MX21-EVPN multihop ttl 2 set protocols bgp group MX21-EVPN multihop no-nexthop-change set protocols bgp group MX21-EVPN local-address 198.51.100.22 set protocols bgp group MX21-EVPN peer-as 64800 set protocols bgp group MX21-EVPN local-as 64900 set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling set protocols bgp group ToR21-EVPN type external set protocols bgp group ToR21-EVPN multihop ttl 2 set protocols bgp group ToR21-EVPN multihop no-nexthop-change set protocols bgp group ToR21-EVPN local-address 198.51.100.22 set protocols bgp group ToR21-EVPN peer-as 64600 set protocols bgp group ToR21-EVPN local-as 64900 set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling set protocols bgp group ToR22-EVPN type external set protocols bgp group ToR22-EVPN multihop ttl 2 set protocols bgp group ToR22-EVPN multihop no-nexthop-change set protocols bgp group ToR22-EVPN local-address 198.51.100.22 set protocols bgp group ToR22-EVPN peer-as 64700 set protocols bgp group ToR22-EVPN local-as 64900 set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling set protocols ospf traffic-engineering set protocols ospf area 0.0.0.0 interface ge-1/0/2.0 set protocols ospf area 0.0.0.0 interface lo0.88 passive set protocols l2-learning traceoptions file MX22-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO from protocol direct set policy-options policy-statement LO from route-filter 198.51.100.22/32 exact set policy-options policy-statement LO then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-MPLS-1 instance-type virtual-switch set routing-instances EVPN-MPLS-1 interface lt-1/0/0.0 set routing-instances EVPN-MPLS-1 route-distinguisher 198.51.100.22:100 set routing-instances EVPN-MPLS-1 vrf-target target:1:2 set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX22-EVPN-MPLS-1.log set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.88 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface lt-1/0/0.1 set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.22:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX22-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 set routing-instances VRF instance-type vrf set routing-instances VRF interface irb.1 set routing-instances VRF interface irb.2 set routing-instances VRF interface irb.3 set routing-instances VRF interface irb.4 set routing-instances VRF interface irb.5 set routing-instances VRF route-distinguisher 1:1 set routing-instances VRF vrf-target target:10:10
ToR21
content_copy zoom_out_map
set system host-name ToR21 set logical-systems CE-4 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 4" set logical-systems CE-4 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk set logical-systems CE-4 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-4 interfaces ge-1/1/6 unit 0 description "CONNECTED TO ToR21" set logical-systems CE-4 interfaces ge-1/1/6 unit 0 family bridge interface-mode trunk set logical-systems CE-4 interfaces ge-1/1/6 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-4 bridge-domains BD-1 domain-type bridge set logical-systems CE-4 bridge-domains BD-1 vlan-id 1 set logical-systems CE-4 bridge-domains BD-2 domain-type bridge set logical-systems CE-4 bridge-domains BD-2 vlan-id 2 set logical-systems CE-4 bridge-domains BD-3 domain-type bridge set logical-systems CE-4 bridge-domains BD-3 vlan-id 3 set logical-systems CE-4 bridge-domains BD-4 domain-type bridge set logical-systems CE-4 bridge-domains BD-4 vlan-id 4 set logical-systems CE-4 bridge-domains BD-5 domain-type bridge set logical-systems CE-4 bridge-domains BD-5 vlan-id 5 set chassis aggregated-devices ethernet device-count 1 set interfaces traceoptions file ToR21-DCD.log set interfaces traceoptions file size 10m set interfaces traceoptions flag all set interfaces xe-0/0/0 unit 0 description "CONNECTED TO MX22" set interfaces xe-0/0/0 unit 0 family inet address 192.168.10.2/24 set interfaces ge-1/0/0 description "CONNECTED TO CE-5" set interfaces ge-1/0/0 gigether-options 802.3ad ae0 set interfaces ge-1/0/1 unit 0 description "CONNECTED TO MX21" set interfaces ge-1/0/1 unit 0 family inet address 192.168.9.2/24 set interfaces ge-1/0/6 unit 0 description "CONNECTED TO CE-4" set interfaces ge-1/0/6 unit 0 family bridge interface-mode trunk set interfaces ge-1/0/6 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR22" set interfaces ge-1/1/3 unit 0 family inet address 192.168.12.1/24 set interfaces ae0 esi 00:44:44:44:44:44:44:44:44:44 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 aggregated-ether-options lacp periodic fast set interfaces ae0 aggregated-ether-options lacp system-id 22:22:22:22:22:22 set interfaces ae0 unit 0 family bridge interface-mode trunk set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 set interfaces lo0 unit 90 family inet address 198.51.100.11/32 set routing-options router-id 198.51.100.11 set routing-options autonomous-system 64600 set routing-options forwarding-table export evpn-pplb set protocols bgp export TEST set protocols bgp local-as 64600 set protocols bgp group MX21 type external set protocols bgp group MX21 local-address 192.168.9.2 set protocols bgp group MX21 export LO set protocols bgp group MX21 export TEST set protocols bgp group MX21 peer-as 64800 set protocols bgp group MX21 local-as 64600 set protocols bgp group MX21 neighbor 192.168.9.1 family inet unicast set protocols bgp group MX22 type external set protocols bgp group MX22 local-address 192.168.10.2 set protocols bgp group MX22 export LO set protocols bgp group MX22 export TEST set protocols bgp group MX22 peer-as 64900 set protocols bgp group MX22 local-as 64600 set protocols bgp group MX22 neighbor 192.168.10.1 family inet unicast set protocols bgp group ToR22 type external set protocols bgp group ToR22 local-address 192.168.12.1 set protocols bgp group ToR22 export LO set protocols bgp group ToR22 export TEST set protocols bgp group ToR22 peer-as 64700 set protocols bgp group ToR22 local-as 64600 set protocols bgp group ToR22 neighbor 192.168.12.2 family inet unicast set protocols bgp group MX21-EVPN type external set protocols bgp group MX21-EVPN multihop ttl 2 set protocols bgp group MX21-EVPN multihop no-nexthop-change set protocols bgp group MX21-EVPN local-address 198.51.100.11 set protocols bgp group MX21-EVPN peer-as 64800 set protocols bgp group MX21-EVPN local-as 64600 set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling set protocols bgp group MX22-EVPN type external set protocols bgp group MX22-EVPN multihop ttl 2 set protocols bgp group MX22-EVPN multihop no-nexthop-change set protocols bgp group MX22-EVPN local-address 198.51.100.11 set protocols bgp group MX22-EVPN peer-as 64900 set protocols bgp group MX22-EVPN local-as 64600 set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling set protocols bgp group ToR22-EVPN type external set protocols bgp group ToR22-EVPN multihop ttl 2 set protocols bgp group ToR22-EVPN multihop no-nexthop-change set protocols bgp group ToR22-EVPN local-address 198.51.100.11 set protocols bgp group ToR22-EVPN peer-as 64700 set protocols bgp group ToR22-EVPN local-as 64600 set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling set protocols l2-learning traceoptions file TOR21-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 198.51.100.11/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.90 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface ge-1/0/6.0 set routing-instances EVPN-VXLAN-1 interface ae0.0 set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.11:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR21-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
ToR22
content_copy zoom_out_map
set system host-name ToR22 set logical-systems CE-5 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 5" set logical-systems CE-5 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk set logical-systems CE-5 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-5 interfaces ae1 unit 0 description "CONNECTED TO ToR21" set logical-systems CE-5 interfaces ae1 unit 0 family bridge interface-mode trunk set logical-systems CE-5 interfaces ae1 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-5 bridge-domains BD-1 domain-type bridge set logical-systems CE-5 bridge-domains BD-1 vlan-id 1 set logical-systems CE-5 bridge-domains BD-2 domain-type bridge set logical-systems CE-5 bridge-domains BD-2 vlan-id 2 set logical-systems CE-5 bridge-domains BD-3 domain-type bridge set logical-systems CE-5 bridge-domains BD-3 vlan-id 3 set logical-systems CE-5 bridge-domains BD-4 domain-type bridge set logical-systems CE-5 bridge-domains BD-4 vlan-id 4 set logical-systems CE-5 bridge-domains BD-5 domain-type bridge set logical-systems CE-5 bridge-domains BD-5 vlan-id 5 set logical-systems CE-6 interfaces ge-1/1/6 unit 0 description "CONNECTED TO ToR22" set logical-systems CE-6 interfaces ge-1/1/6 unit 0 family bridge interface-mode trunk set logical-systems CE-6 interfaces ge-1/1/6 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-6 interfaces ge-1/1/9 unit 0 description "CONNECTED TO Host 6" set logical-systems CE-6 interfaces ge-1/1/9 unit 0 family bridge interface-mode trunk set logical-systems CE-6 interfaces ge-1/1/9 unit 0 family bridge vlan-id-list 1-5 set logical-systems CE-6 bridge-domains BD-1 domain-type bridge set logical-systems CE-6 bridge-domains BD-1 vlan-id 1 set logical-systems CE-6 bridge-domains BD-2 domain-type bridge set logical-systems CE-6 bridge-domains BD-2 vlan-id 2 set logical-systems CE-6 bridge-domains BD-3 domain-type bridge set logical-systems CE-6 bridge-domains BD-3 vlan-id 3 set logical-systems CE-6 bridge-domains BD-4 domain-type bridge set logical-systems CE-6 bridge-domains BD-4 vlan-id 4 set logical-systems CE-6 bridge-domains BD-5 domain-type bridge set logical-systems CE-6 bridge-domains BD-5 vlan-id 5 set chassis aggregated-devices ethernet device-count 2 set interfaces traceoptions file ToR22-DCD.log set interfaces traceoptions file size 10m set interfaces traceoptions flag all set interfaces xe-0/0/0 unit 0 description "CONNECTED TO MX22" set interfaces xe-0/0/0 unit 0 family inet address 192.168.11.2/24 set interfaces ge-1/0/0 description "CONNECTED TO ToR21" set interfaces ge-1/0/0 gigether-options 802.3ad ae1 set interfaces ge-1/0/6 unit 0 description "CONNECTED TO CE-6" set interfaces ge-1/0/6 unit 0 family bridge interface-mode trunk set interfaces ge-1/0/6 unit 0 family bridge vlan-id-list 1-5 set interfaces ge-1/0/7 description "CONNECTED TO ToR22" set interfaces ge-1/0/7 gigether-options 802.3ad ae1 set interfaces ge-1/1/0 unit 0 description "CONNECTED TO MX21" set interfaces ge-1/1/0 unit 0 family inet address 192.168.8.2/24 set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR21" set interfaces ge-1/1/3 unit 0 family inet address 192.168.12.2/24 set interfaces ge-1/1/7 description "CONNECTED TO CE-5" set interfaces ge-1/1/7 gigether-options 802.3ad ae0 set interfaces ae0 esi 00:44:44:44:44:44:44:44:44:44 set interfaces ae0 esi all-active set interfaces ae0 aggregated-ether-options lacp active set interfaces ae0 aggregated-ether-options lacp periodic fast set interfaces ae0 aggregated-ether-options lacp system-id 22:22:22:22:22:22 set interfaces ae0 unit 0 family bridge interface-mode trunk set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces ae1 aggregated-ether-options lacp system-id 22:22:22:22:22:22 set interfaces lo0 unit 92 family inet address 198.51.100.12/32 set routing-options router-id 198.51.100.12 set routing-options autonomous-system 64700 set routing-options forwarding-table export evpn-pplb set protocols bgp export TEST set protocols bgp local-as 64700 set protocols bgp group MX21 type external set protocols bgp group MX21 local-address 192.168.8.2 set protocols bgp group MX21 export LO set protocols bgp group MX21 export TEST set protocols bgp group MX21 peer-as 64800 set protocols bgp group MX21 local-as 64700 set protocols bgp group MX21 neighbor 192.168.8.1 family inet unicast set protocols bgp group MX22 type external set protocols bgp group MX22 local-address 192.168.11.2 set protocols bgp group MX22 export LO set protocols bgp group MX22 export TEST set protocols bgp group MX22 peer-as 64900 set protocols bgp group MX22 local-as 64700 set protocols bgp group MX22 neighbor 192.168.11.1 family inet unicast set protocols bgp group ToR21 type external set protocols bgp group ToR21 local-address 192.168.12.2 set protocols bgp group ToR21 export LO set protocols bgp group ToR21 export TEST set protocols bgp group ToR21 peer-as 64600 set protocols bgp group ToR21 local-as 64700 set protocols bgp group ToR21 neighbor 192.168.12.1 family inet unicast set protocols bgp group MX21-EVPN type external set protocols bgp group MX21-EVPN multihop ttl 2 set protocols bgp group MX21-EVPN multihop no-nexthop-change set protocols bgp group MX21-EVPN local-address 198.51.100.12 set protocols bgp group MX21-EVPN peer-as 64800 set protocols bgp group MX21-EVPN local-as 64700 set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling set protocols bgp group MX22-EVPN type external set protocols bgp group MX22-EVPN multihop ttl 2 set protocols bgp group MX22-EVPN multihop no-nexthop-change set protocols bgp group MX22-EVPN local-address 198.51.100.12 set protocols bgp group MX22-EVPN peer-as 64900 set protocols bgp group MX22-EVPN local-as 64700 set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling set protocols bgp group ToR21-EVPN type external set protocols bgp group ToR21-EVPN multihop ttl 2 set protocols bgp group ToR21-EVPN multihop no-nexthop-change set protocols bgp group ToR21-EVPN local-address 198.51.100.12 set protocols bgp group ToR21-EVPN peer-as 64600 set protocols bgp group ToR21-EVPN local-as 64700 set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling set protocols l2-learning traceoptions file TOR22-L2ALD.log set protocols l2-learning traceoptions file size 10m set protocols l2-learning traceoptions level all set protocols l2-learning traceoptions flag all set policy-options policy-statement LO term 1 from protocol direct set policy-options policy-statement LO term 1 from route-filter 198.51.100.12/32 exact set policy-options policy-statement LO term 1 then accept set policy-options policy-statement TEST then community add NO-EXPORT set policy-options policy-statement evpn-pplb from protocol evpn set policy-options policy-statement evpn-pplb then load-balance per-packet set policy-options community NO-EXPORT members no-advertise set policy-options community NO-EXPORT members no-export set policy-options community NO-EXPORT members no-export-subconfed set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.92 set routing-instances EVPN-VXLAN-1 instance-type virtual-switch set routing-instances EVPN-VXLAN-1 interface ge-1/0/6.0 set routing-instances EVPN-VXLAN-1 interface ae0.0 set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.12:1 set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR22-EVPN-VXLAN-1.log set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
Configuring ToR11
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.
Configure the MX router as ToR11:
Set the system hostname.
content_copy zoom_out_map[edit] user@ToR11# set system host-name ToR11
Configure the interfaces and bridge domains on the CE2 device to enable Layer 2 connectivity.
content_copy zoom_out_map[edit] user@ToR11# set logical-systems CE-2 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 2" user@ToR11# set logical-systems CE-2 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk user@ToR11# set logical-systems CE-2 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 user@ToR11# set logical-systems CE-2 interfaces ge-1/1/6 unit 0 description "CONNECTED TO ToR11" user@ToR11# set logical-systems CE-2 interfaces ge-1/1/6 unit 0 family bridge interface-mode trunk user@ToR11# set logical-systems CE-2 interfaces ge-1/1/6 unit 0 family bridge vlan-id-list 1-5 user@ToR11# set logical-systems CE-2 bridge-domains BD-1 domain-type bridge user@ToR11# set logical-systems CE-2 bridge-domains BD-1 vlan-id 1 user@ToR11# set logical-systems CE-2 bridge-domains BD-2 domain-type bridge user@ToR11# set logical-systems CE-2 bridge-domains BD-2 vlan-id 2 user@ToR11# set logical-systems CE-2 bridge-domains BD-3 domain-type bridge user@ToR11# set logical-systems CE-2 bridge-domains BD-3 vlan-id 3 user@ToR11# set logical-systems CE-2 bridge-domains BD-4 domain-type bridge user@ToR11# set logical-systems CE-2 bridge-domains BD-4 vlan-id 4 user@ToR11# set logical-systems CE-2 bridge-domains BD-5 domain-type bridge user@ToR11# set logical-systems CE-2 bridge-domains BD-5 vlan-id 5
Configure trace options for the interfaces to enable trace logs.
content_copy zoom_out_map[edit] user@ToR11# set interfaces traceoptions file ToR11-DCD.log user@ToR11# set interfaces traceoptions file size 10m user@ToR11# set interfaces traceoptions flag all
Set the number of aggregated Ethernet interfaces.
content_copy zoom_out_map[edit] user@ToR11# set chassis aggregated-devices ethernet device-count 1
Configure the interfaces on the ToR11 device to connect to the MX12, CE-2, CE-1, ToR12, and MX11 devices to enable underlay connectivity.
content_copy zoom_out_map[edit] user@ToR11# set interfaces ge-1/0/0 description "CONNECTED TO CE-1" user@ToR11# set interfaces ge-1/0/0 gigether-options 802.3ad ae0 user@ToR11# set interfaces ge-1/0/5 unit 0 description "CONNECTED TO MX12" user@ToR11# set interfaces ge-1/0/5 unit 0 family inet address 192.168.4.1/24 user@ToR11# set interfaces ge-1/0/6 unit 0 description "CONNECTED TO CE-2" user@ToR11# set interfaces ge-1/0/6 unit 0 family bridge interface-mode trunk user@ToR11# set interfaces ge-1/0/6 unit 0 family bridge vlan-id-list 1-5 user@ToR11# set interfaces ge-1/1/1 unit 0 description "CONNECTED TO MX11" user@ToR11# set interfaces ge-1/1/1 unit 0 family inet address 192.168.3.1/24 user@ToR11# set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR12" user@ToR11# set interfaces ge-1/1/3 unit 0 family inet address 192.168.2.1/24
Configure a Link Aggregation Control Protocol (LACP)-enabled link aggregation group (LAG) interface towards the CE-1 end host device. The ESI value is globally unique across the entire EVPN domain. The
all-activeconfiguration enables ToR11 and ToR12 to forward traffic to, and from the CE devices, such that all CE links are actively used.content_copy zoom_out_map[edit] user@ToR11# set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 user@ToR11# set interfaces ae0 esi all-active user@ToR11# set interfaces ae0 aggregated-ether-options lacp active user@ToR11# set interfaces ae0 aggregated-ether-options lacp periodic fast user@ToR11# set interfaces ae0 aggregated-ether-options lacp system-id 11:11:11:11:11:11 user@ToR11# set interfaces ae0 unit 0 family bridge interface-mode trunk user@ToR11# set interfaces ae0 unit 0 family bridge vlan-id-list 1-5
Configure the loopback interface address and routing options.
content_copy zoom_out_map[edit] user@ToR11# set interfaces lo0 unit 81 family inet address 192.0.2.11/32 user@ToR11# set routing-options router-id 192.0.2.11 user@ToR11# set routing-options autonomous-system 65100
Apply the load balancing policy to the forwarding table.
content_copy zoom_out_map[edit] user@ToR11# set routing-options forwarding-table export evpn-pplb
Configure external BGP (EBGP) underlay connectivity between the ToR (ToR11 and ToR12) and gateway routers (MX11 and MX12).
content_copy zoom_out_map[edit] user@ToR11# set protocols bgp local-as 64100 user@ToR11# set protocols bgp group MX11 type external user@ToR11# set protocols bgp group MX11 local-address 192.168.3.1 user@ToR11# set protocols bgp group MX11 export LO user@ToR11# set protocols bgp group MX11 export TEST user@ToR11# set protocols bgp group MX11 peer-as 65400 user@ToR11# set protocols bgp group MX11 neighbor 192.168.3.2 family inet unicast user@ToR11# set protocols bgp group MX12 type external user@ToR11# set protocols bgp group MX12 local-address 192.168.4.1 user@ToR11# set protocols bgp group MX12 export LO user@ToR11# set protocols bgp group MX12 export TEST user@ToR11# set protocols bgp group MX12 peer-as 65500 user@ToR11# set protocols bgp group MX12 neighbor 192.168.4.2 family inet unicast user@ToR11# set protocols bgp group ToR12 type external user@ToR11# set protocols bgp group ToR12 local-address 192.168.2.1 user@ToR11# set protocols bgp group ToR12 export LO user@ToR11# set protocols bgp group ToR12 export TEST user@ToR11# set protocols bgp group ToR12 peer-as 65200 user@ToR11# set protocols bgp group ToR12 local-as 65100 user@ToR11# set protocols bgp group ToR12 neighbor 192.168.2.2 family inet unicast
Configure the external BGP (EBGP) overlay between the ToR (ToR11 and ToR12) and gateway routers (MX11 and MX12) and set EVPN as the signaling protocol.
Step-by-Step Procedure
Configure a MP-EBGP overlay to connect between ToR11 and MX11 using EVPN signaling.
content_copy zoom_out_map[edit] user@ToR11# set protocols bgp group MX11-EVPN type external user@ToR11# set protocols bgp group MX11-EVPN multihop ttl 2 user@ToR11# set protocols bgp group MX11-EVPN multihop no-nexthop-change user@ToR11# set protocols bgp group MX11-EVPN local-address 192.0.2.11 user@ToR11# set protocols bgp group MX11-EVPN export TEST user@ToR11# set protocols bgp group MX11-EVPN peer-as 65400 user@ToR11# set protocols bgp group MX11-EVPN local-as 65100 user@ToR11# set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling
Configure a MP-EBGP overlay to connect between ToR11 and MX12 using EVPN signaling.
content_copy zoom_out_map[edit] user@ToR11# set protocols bgp group MX12-EVPN type external user@ToR11# set protocols bgp group MX12-EVPN multihop ttl 2 user@ToR11# set protocols bgp group MX12-EVPN multihop no-nexthop-change user@ToR11# set protocols bgp group MX12-EVPN local-address 192.0.2.11 user@ToR11# set protocols bgp group MX12-EVPN export TEST user@ToR11# set protocols bgp group MX12-EVPN peer-as 65500 user@ToR11# set protocols bgp group MX12-EVPN local-as 65100 user@ToR11# set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling
Configure a MP-EBGP overlay to connect between ToR11 and ToR12 using EVPN signaling.
content_copy zoom_out_map[edit] user@ToR11# set protocols bgp group ToR12-EVPN type external user@ToR11# set protocols bgp group ToR12-EVPN multihop ttl 2 user@ToR11# set protocols bgp group ToR12-EVPN multihop no-nexthop-change user@ToR11# set protocols bgp group ToR12-EVPN local-address 192.0.2.11 user@ToR11# set protocols bgp group ToR12-EVPN export TEST user@ToR11# set protocols bgp group ToR12-EVPN peer-as 65200 user@ToR11# set protocols bgp group ToR12-EVPN local-as 65100 user@ToR11# set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling
Configure trace operations to track all Layer 2 address learning and forwarding properties.
content_copy zoom_out_map[edit] user@ToR11# set protocols l2-learning traceoptions file TOR11-L2ALD.log user@ToR11# set protocols l2-learning traceoptions file size 10m user@ToR11# set protocols l2-learning traceoptions level all user@ToR11# set protocols l2-learning traceoptions flag all
Configure routing policy to accept the direct loopback address route.
content_copy zoom_out_map[edit] user@ToR11# set policy-options policy-statement LO term 1 from protocol direct user@ToR11# set policy-options policy-statement LO term 1 from route-filter 192.0.2.11/32 exact user@ToR11# set policy-options policy-statement LO term 1 then accept
Configure the NO-EXPORT community.
content_copy zoom_out_map[edit] user@ToR11# set policy-options community NO-EXPORT members no-advertise user@ToR11# set policy-options community NO-EXPORT members no-export user@ToR11# set policy-options community NO-EXPORT members no-export-subconfed
Configure the load balancing and TEST policies.
content_copy zoom_out_map[edit] user@ToR11# set policy-options policy-statement TEST then community add NO-EXPORT user@ToR11# set policy-options policy-statement evpn-pplb from protocol evpn user@ToR11# set policy-options policy-statement evpn-pplb then load-balance per-packet
Configure EVPN routing instances for each virtual network. Define the VTEP source interface, route distinguisher (used to identify and advertise EVPN routes), and
vrf-target(exports and tags all routes for that local VRF using the defined route target). Configure the EVPN protocol, encapsulation method, VNI list, and BUM traffic forwarding method. Finally, configure a bridge domain for each virtual router that maps VNIDs to VLAN IDs, and identify the BUM forwarding method.content_copy zoom_out_map[edit] user@ToR11# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.81 user@ToR11# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@ToR11# set routing-instances EVPN-VXLAN-1 interface ge-1/0/6.0 user@ToR11# set routing-instances EVPN-VXLAN-1 interface ae0.0 user@ToR11# set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.11:1 user@ToR11# set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 user@ToR11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR11-EVPN-VXLAN-1.log user@ToR11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@ToR11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@ToR11# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@ToR11# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@ToR11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
Configuring ToR12
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.
Configure the MX router ToR12:
Set the system hostname.
content_copy zoom_out_map[edit] user@ToR12# set system host-name ToR12
Configure the interfaces and bridge domains on the CE-1 device to enable Layer 2 connectivity.
content_copy zoom_out_map[edit] user@ToR12# set logical-systems CE-1 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 1" user@ToR12# set logical-systems CE-1 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk user@ToR12# set logical-systems CE-1 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 user@ToR12# set logical-systems CE-1 interfaces ae1 unit 0 description "CONNECTED TO ToR12" user@ToR12# set logical-systems CE-1 interfaces ae1 unit 0 family bridge interface-mode trunk user@ToR12# set logical-systems CE-1 interfaces ae1 unit 0 family bridge vlan-id-list 1-5 user@ToR12# set logical-systems CE-1 bridge-domains BD-1 domain-type bridge user@ToR12# set logical-systems CE-1 bridge-domains BD-1 vlan-id 1 user@ToR12# set logical-systems CE-1 bridge-domains BD-2 domain-type bridge user@ToR12# set logical-systems CE-1 bridge-domains BD-2 vlan-id 2 user@ToR12# set logical-systems CE-1 bridge-domains BD-3 domain-type bridge user@ToR12# set logical-systems CE-1 bridge-domains BD-3 vlan-id 3 user@ToR12# set logical-systems CE-1 bridge-domains BD-4 domain-type bridge user@ToR12# set logical-systems CE-1 bridge-domains BD-4 vlan-id 4 user@ToR12# set logical-systems CE-1 bridge-domains BD-5 domain-type bridge user@ToR12# set logical-systems CE-1 bridge-domains BD-5 vlan-id 5
Configure the interfaces and bridge domains on the CE-3 device to enable Layer 2 connectivity.
content_copy zoom_out_map[edit] user@ToR12# set logical-systems CE-3 interfaces ge-1/1/7 unit 0 description "CONNECTED TO ToR12" user@ToR12# set logical-systems CE-3 interfaces ge-1/1/7 unit 0 family bridge interface-mode trunk user@ToR12# set logical-systems CE-3 interfaces ge-1/1/7 unit 0 family bridge vlan-id-list 1-5 user@ToR12# set logical-systems CE-3 interfaces ge-1/1/9 unit 0 description "CONNECTED TO Host 3" user@ToR12# set logical-systems CE-3 interfaces ge-1/1/9 unit 0 family bridge interface-mode trunk user@ToR12# set logical-systems CE-3 interfaces ge-1/1/9 unit 0 family bridge vlan-id-list 1-5 user@ToR12# set logical-systems CE-3 bridge-domains BD-1 domain-type bridge user@ToR12# set logical-systems CE-3 bridge-domains BD-1 vlan-id 1 user@ToR12# set logical-systems CE-3 bridge-domains BD-2 domain-type bridge user@ToR12# set logical-systems CE-3 bridge-domains BD-2 vlan-id 2 user@ToR12# set logical-systems CE-3 bridge-domains BD-3 domain-type bridge user@ToR12# set logical-systems CE-3 bridge-domains BD-3 vlan-id 3 user@ToR12# set logical-systems CE-3 bridge-domains BD-4 domain-type bridge user@ToR12# set logical-systems CE-3 bridge-domains BD-4 vlan-id 4 user@ToR12# set logical-systems CE-3 bridge-domains BD-5 domain-type bridge user@ToR12# set logical-systems CE-3 bridge-domains BD-5 vlan-id 5
Configure trace options for the interfaces to enable trace logs.
content_copy zoom_out_map[edit] user@ToR12# set interfaces traceoptions file ToR12-DCD.log user@ToR12# set interfaces traceoptions file size 10m user@ToR12# set interfaces traceoptions flag all
Set the number of aggregated Ethernet interfaces.
content_copy zoom_out_map[edit] user@ToR12# set chassis aggregated-devices ethernet device-count 2
Configure the interfaces on the ToR12 device to connect to the MX12, CE-2, CE-3, ToR11, and MX11 devices to enable underlay connectivity.
content_copy zoom_out_map[edit] user@ToR12# set interfaces ge-1/0/0 unit 0 description "CONNECTED TO MX11" user@ToR12# set interfaces ge-1/0/0 unit 0 family inet address 192.168.6.1/24 user@ToR12# set interfaces ge-1/0/4 unit 0 description "CONNECTED TO MX12" user@ToR12# set interfaces ge-1/0/4 unit 0 family inet address 192.168.5.1/24 user@ToR12# set interfaces ge-1/0/6 description "CONNECTED TO CE-1" user@ToR12# set interfaces ge-1/0/6 gigether-options 802.3ad ae0 user@ToR12# set interfaces ge-1/0/7 unit 0 description "CONNECTED TO CE-3" user@ToR12# set interfaces ge-1/0/7 unit 0 family bridge interface-mode trunk user@ToR12# set interfaces ge-1/0/7 unit 0 family bridge vlan-id-list 1-5 user@ToR12# set interfaces ge-1/1/0 description "CONNECTED TO ToR11" user@ToR12# set interfaces ge-1/1/0 gigether-options 802.3ad ae1 user@ToR12# set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR11" user@ToR12# set interfaces ge-1/1/3 unit 0 family inet address 192.168.2.2/24 user@ToR12# set interfaces ge-1/1/6 description "CONNECTED TO ToR12" user@ToR12# set interfaces ge-1/1/6 gigether-options 802.3ad ae1
Configure a Link Aggregation Control Protocol (LACP)-enabled link aggregation group (LAG) interface towards the CE-1 end host device. The ESI value is globally unique across the entire EVPN domain. The
all-activeconfiguration enables ToR11 and ToR12 to forward traffic to, and from the CE devices, such that all CE links are actively used.content_copy zoom_out_map[edit] user@ToR12# set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 user@ToR12# set interfaces ae0 esi all-active user@ToR12# set interfaces ae0 aggregated-ether-options lacp system-id 11:11:11:11:11:11 user@ToR12# set interfaces ae0 unit 0 family bridge interface-mode trunk user@ToR12# set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 user@ToR12# set interfaces ae1 aggregated-ether-options lacp active user@ToR12# set interfaces ae1 aggregated-ether-options lacp periodic fast
Configure the loopback interface address and routing options.
content_copy zoom_out_map[edit] user@ToR12# set interfaces lo0 unit 82 family inet address 192.0.2.12/32 user@ToR12# set routing-options router-id 192.0.2.12 user@ToR12# set routing-options autonomous-system 65200
Apply the load balancing policy to the forwarding table.
content_copy zoom_out_map[edit] user@ToR12# set routing-options forwarding-table export evpn-pplb
Configure the external BGP (EBGP) underlay connectivity between the ToR (ToR12 and ToR11) and gateway routers (MX11 and MX12).
content_copy zoom_out_map[edit] user@ToR12# set protocols bgp local-as 65200 user@ToR12# set protocols bgp group MX11 type external user@ToR12# set protocols bgp group MX11 local-address 192.168.6.1 user@ToR12# set protocols bgp group MX11 export LO user@ToR12# set protocols bgp group MX11 export TEST user@ToR12# set protocols bgp group MX11 peer-as 65400 user@ToR12# set protocols bgp group MX11 local-as 65200 user@ToR12# set protocols bgp group MX11 neighbor 192.168.6.2 family inet unicast user@ToR12# set protocols bgp group MX12 type external user@ToR12# set protocols bgp group MX12 local-address 192.168.5.1 user@ToR12# set protocols bgp group MX12 export LO user@ToR12# set protocols bgp group MX12 export TEST user@ToR12# set protocols bgp group MX12 peer-as 65500 user@ToR12# set protocols bgp group MX12 local-as 65200 user@ToR12# set protocols bgp group MX12 neighbor 192.168.5.2 family inet unicast user@ToR12# set protocols bgp group ToR11 type external user@ToR12# set protocols bgp group ToR11 local-address 192.168.2.2 user@ToR12# set protocols bgp group ToR11 export LO user@ToR12# set protocols bgp group ToR11 export TEST user@ToR12# set protocols bgp group ToR11 peer-as 65100 user@ToR12# set protocols bgp group ToR11 local-as 65200 user@ToR12# set protocols bgp group ToR11 neighbor 192.168.2.1 family inet unicast
Configure a multiprotocol external BGP (MP-EBGP) overlay between the ToR (ToR12 and ToR11) and gateway routers (MX11 and MX12) and set EVPN as the signaling protocol.
Step-by-Step Procedure
Configure a MP-EBGP overlay to connect between ToR12 and MX11 using EVPN signaling.
content_copy zoom_out_map[edit] user@ToR12# set protocols bgp group MX11-EVPN type external user@ToR12# set protocols bgp group MX11-EVPN multihop ttl 2 user@ToR12# set protocols bgp group MX11-EVPN multihop no-nexthop-change user@ToR12# set protocols bgp group MX11-EVPN local-address 192.0.2.12 user@ToR12# set protocols bgp group MX11-EVPN export TEST user@ToR12# set protocols bgp group MX11-EVPN peer-as 65400 user@ToR12# set protocols bgp group MX11-EVPN local-as 65200 user@ToR12# set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling
Configure a MP-EBGP overlay to connect between ToR12 and MX12 using EVPN signaling.
content_copy zoom_out_map[edit] user@ToR12# set protocols bgp group MX12-EVPN type external user@ToR12# set protocols bgp group MX12-EVPN multihop ttl 2 user@ToR12# set protocols bgp group MX12-EVPN multihop no-nexthop-change user@ToR12# set protocols bgp group MX12-EVPN local-address 192.0.2.12 user@ToR12# set protocols bgp group MX12-EVPN export TEST user@ToR12# set protocols bgp group MX12-EVPN peer-as 65500 user@ToR12# set protocols bgp group MX12-EVPN local-as 65200 user@ToR12# set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling
Configure a MP-EBGP overlay to connect between ToR12 and ToR11 using EVPN signaling.
content_copy zoom_out_map[edit] user@ToR12# set protocols bgp group ToR11-EVPN type external user@ToR12# set protocols bgp group ToR11-EVPN multihop ttl 2 user@ToR12# set protocols bgp group ToR11-EVPN multihop no-nexthop-change user@ToR12# set protocols bgp group ToR11-EVPN local-address 192.0.2.12 user@ToR12# set protocols bgp group ToR11-EVPN export TEST user@ToR12# set protocols bgp group ToR11-EVPN peer-as 65100 user@ToR12# set protocols bgp group ToR11-EVPN local-as 65200 user@ToR12# set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling user@ToR12# set protocols bgp group ToR12-EVPN export TEST
Configure trace operations to track all Layer 2 address learning and forwarding properties.
content_copy zoom_out_map[edit] user@ToR12# set protocols l2-learning traceoptions file TOR12-L2ALD.log user@ToR12# set protocols l2-learning traceoptions file size 10m user@ToR12# set protocols l2-learning traceoptions level all user@ToR12# set protocols l2-learning traceoptions flag all
Configure routing policy to accept the direct loopback address route.
content_copy zoom_out_map[edit] user@ToR12# set policy-options policy-statement LO term 1 from protocol direct user@ToR12# set policy-options policy-statement LO term 1 from route-filter 192.0.2.12/32 exact user@ToR12# set policy-options policy-statement LO term 1 then accept
Configure the NO-EXPORT community.
content_copy zoom_out_map[edit] user@ToR12# set policy-options community NO-EXPORT members no-advertise user@ToR12# set policy-options community NO-EXPORT members no-export user@ToR12# set policy-options community NO-EXPORT members no-export-subconfed
Configure the load balancing and TEST policies.
content_copy zoom_out_map[edit] user@ToR12# set policy-options policy-statement TEST then community add NO-EXPORT user@ToR12# set policy-options policy-statement evpn-pplb from protocol evpn user@ToR12# set policy-options policy-statement evpn-pplb then load-balance per-packet
Configure EVPN routing instances for each virtual network. Define the VTEP source interface, route distinguisher (used to identify and advertise EVPN routes), and
vrf-target(exports and tags all routes for that local VRF using the defined route target). Configure the EVPN protocol, encapsulation method, VNI list, and BUM traffic forwarding method. Finally, configure a bridge domain for each virtual router that maps VNIDs to VLAN IDs, and identify the BUM forwarding method.content_copy zoom_out_map[edit] user@ToR12# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.82 user@ToR12# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@ToR12# set routing-instances EVPN-VXLAN-1 interface ge-1/0/7.0 user@ToR12# set routing-instances EVPN-VXLAN-1 interface ae0.0 user@ToR12# set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.12:1 user@ToR12# set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR12-EVPN-VXLAN-1.log user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@ToR12# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@ToR12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
Configuring Data Center Gateway and WAN Edge 1 Router (MX11)
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.
Configure an MX Series router as the data center gateway and WAN edge router and name it as MX11:
Set the system hostname.
content_copy zoom_out_map[edit] user@MX11# set system host-name MX11
Configure the interfaces on the MX11 router (DC GW/WAN Edge1) to enable the underlay connectivity to the MX12, ToR11, ToR12, and P devices, which is the EVPN-VXLAN part of DC1 network.
content_copy zoom_out_map[edit] user@MX11# set interfaces ge-1/1/1 unit 0 description "CONNECTED TO ToR11" user@MX11# set interfaces ge-1/1/1 unit 0 family inet address 192.168.3.2/24 user@MX11# set interfaces ge-5/1/0 unit 0 description "CONNECTED TO MX12" user@MX11# set interfaces ge-5/1/0 unit 0 family inet address 192.168.7.1/24 user@MX11# set interfaces ge-5/1/8 unit 0 description "CONNECTED TO ToR12" user@MX11# set interfaces ge-5/1/8 unit 0 family inet address 192.168.6.2/24 user@MX11# set interfaces ge-5/1/9 unit 0 description "CONNECTED TO P" user@MX11# set interfaces ge-5/1/9 unit 0 family inet address 203.0.1.1/24 user@MX11# set interfaces ge-5/1/9 unit 0 family mpls
Configure external BGP (EBGP) underlay connectivity between the gateway routers (MX11 and MX12) and ToR (ToR11 and ToR12).
content_copy zoom_out_map[edit] user@MX11# set protocols bgp group MX12 type external user@MX11# set protocols bgp group MX12 local-address 192.168.7.1 user@MX11# set protocols bgp group MX12 export TEST user@MX11# set protocols bgp group MX12 export LO user@MX11# set protocols bgp group MX12 peer-as 65500 user@MX11# set protocols bgp group MX12 local-as 65400 user@MX11# set protocols bgp group MX12 neighbor 192.168.7.2 family inet unicast user@MX11# set protocols bgp group ToR11 type external user@MX11# set protocols bgp group ToR11 local-address 192.168.3.2 user@MX11# set protocols bgp group ToR11 import TEST user@MX11# set protocols bgp group ToR11 export TEST user@MX11# set protocols bgp group ToR11 export LO user@MX11# set protocols bgp group ToR11 peer-as 65100 user@MX11# set protocols bgp group ToR11 local-as 65400 user@MX11# set protocols bgp group ToR11 neighbor 192.168.3.1 family inet unicast user@MX11# set protocols bgp group ToR12 type external user@MX11# set protocols bgp group ToR12 local-address 192.168.6.2 user@MX11# set protocols bgp group ToR12 export TEST user@MX11# set protocols bgp group ToR12 export LO user@MX11# set protocols bgp group ToR12 peer-as 65200 user@MX11# set protocols bgp group ToR12 local-as 65400 user@MX11# set protocols bgp group ToR12 neighbor 192.168.6.1 family inet unicast
Configure a multiprotocol external BGP (MP-EBGP) overlay connectivity between the gateway routers (MX11 and MX12) and ToR (ToR11 and ToR12) and set EVPN as the signaling protocol.
content_copy zoom_out_map[edit] user@MX11# set protocols bgp group MX12-EVPN type external user@MX11# set protocols bgp group MX12-EVPN multihop ttl 2 user@MX11# set protocols bgp group MX12-EVPN multihop no-nexthop-change user@MX11# set protocols bgp group MX12-EVPN local-address 192.0.2.21 user@MX11# set protocols bgp group MX12-EVPN export TEST user@MX11# set protocols bgp group MX12-EVPN peer-as 65500 user@MX11# set protocols bgp group MX12-EVPN local-as 65400 user@MX11# set protocols bgp group MX12-EVPN neighbor 192.0.2.22 family evpn signaling user@MX11# set protocols bgp group ToR11-EVPN type external user@MX11# set protocols bgp group ToR11-EVPN multihop ttl 2 user@MX11# set protocols bgp group ToR11-EVPN multihop no-nexthop-change user@MX11# set protocols bgp group ToR11-EVPN local-address 192.0.2.21 user@MX11# set protocols bgp group ToR11-EVPN export TEST user@MX11# set protocols bgp group ToR11-EVPN peer-as 65100 user@MX11# set protocols bgp group ToR11-EVPN local-as 65400 user@MX11# set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling user@MX11# set protocols bgp group ToR12-EVPN type external user@MX11# set protocols bgp group ToR12-EVPN multihop ttl 2 user@MX11# set protocols bgp group ToR12-EVPN multihop no-nexthop-change user@MX11# set protocols bgp group ToR12-EVPN local-address 192.0.2.21 user@MX11# set protocols bgp group ToR12-EVPN export TEST user@MX11# set protocols bgp group ToR12-EVPN peer-as 65200 user@MX11# set protocols bgp group ToR12-EVPN local-as 65400 user@MX11# set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling
Configure integrated routing and bridging (IRB) interfaces that advertise the MAC and IP routes (MAC+IP type 2 routes) for hosts in the topology. The IRB configuration is the gateway for the VLANs on the hosts.
Step-by-Step Procedure
The following is the IRB gateway configuration for the VLAN-1 on MX11 (which is the host part of VLAN-1):
content_copy zoom_out_map[edit] user@MX11# set interfaces irb unit 1 proxy-macip-advertisement user@MX11# set interfaces irb unit 1 virtual-gateway-esi 00:11:aa:aa:aa:aa:aa:aa:aa:aa user@MX11# set interfaces irb unit 1 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 1 family inet address 10.11.1.12/24 virtual-gateway-address 10.11.1.10
The following is the IRB gateway configuration for the VLAN-2 on MX11 (which is the host part of VLAN-2):
content_copy zoom_out_map[edit] user@MX11# set interfaces irb unit 2 proxy-macip-advertisement user@MX11# set interfaces irb unit 2 virtual-gateway-esi 00:11:bb:bb:bb:bb:bb:bb:bb:bb user@MX11# set interfaces irb unit 2 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 2 family inet address 10.12.1.12/24 virtual-gateway-address 10.12.1.10
The following is the IRB gateway configuration for the VLAN-3 on MX11 (which is the host part of VLAN-3):
content_copy zoom_out_map[edit] user@MX11# set interfaces irb unit 3 proxy-macip-advertisement user@MX11# set interfaces irb unit 3 virtual-gateway-esi 00:11:cc:cc:cc:cc:cc:cc:cc:cc user@MX11# set interfaces irb unit 3 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 3 family inet address 10.13.1.12/24 virtual-gateway-address 10.13.1.10
The following is the IRB gateway configuration for the VLAN-4 on MX11 (which is the host part of VLAN-4):
content_copy zoom_out_map[edit] user@MX11# set interfaces irb unit 4 proxy-macip-advertisement user@MX11# set interfaces irb unit 4 virtual-gateway-esi 00:11:dd:dd:dd:dd:dd:dd:dd:dd user@MX11# set interfaces irb unit 4 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 4 family inet address 10.14.1.12/24 virtual-gateway-address 10.14.1.10
The following is the IRB gateway configuration for the VLAN-5 on MX11 (which is the host part of VLAN-5):
content_copy zoom_out_map[edit] user@MX11# set interfaces irb unit 5 proxy-macip-advertisement user@MX11# set interfaces irb unit 5 virtual-gateway-esi 00:11:ee:ee:ee:ee:ee:ee:ee:ee user@MX11# set interfaces irb unit 5 virtual-gateway-esi all-active user@MX11# set interfaces irb unit 5 family inet address 10.15.1.12/24 virtual-gateway-address 10.15.1.10
Configure trace operations to track all Layer 2 address learning and forwarding properties.
content_copy zoom_out_map[edit] user@MX11# set protocols l2-learning traceoptions file MX11-L2ALD.log user@MX11# set protocols l2-learning traceoptions file size 10m user@MX11# set protocols l2-learning traceoptions level all user@MX11# set protocols l2-learning traceoptions flag all
Configure routing policy to accept the direct loopback address route.
content_copy zoom_out_map[edit] user@MX11# set policy-options policy-statement LO from protocol direct user@MX11# set policy-options policy-statement LO from route-filter 192.0.2.21/32 exact user@MX11# set policy-options policy-statement LO then accept
Configure the NO-EXPORT community.
content_copy zoom_out_map[edit] user@MX11# set policy-options community NO-EXPORT members no-advertise user@MX11# set policy-options community NO-EXPORT members no-export user@MX11# set policy-options community NO-EXPORT members no-export-subconfed
Configure the load balancing and TEST policies.
content_copy zoom_out_map[edit] user@MX11# set policy-options policy-statement TEST then community add NO-EXPORT user@MX11# set policy-options policy-statement evpn-pplb from protocol evpn user@MX11# set policy-options policy-statement evpn-pplb then load-balance per-packet
Configure an ESI value on the logical tunnel interface. Use the same ESI value on all other gateway/WAN edge routers in the DC1 network.
content_copy zoom_out_map[edit] user@MX11# set interfaces lt-5/1/0 esi 00:22:22:22:22:22:22:22:22:22
Configure active-active multihoming on the logical tunnel interface by including the
all-activestatement.content_copy zoom_out_map[edit] user@MX11# set interfaces lt-5/1/0 esi all-active
Configure a pair of logical tunnel (lt-) interfaces on the MX11 gateway router to interconnect the EVPN-VXLAN instance of the data center network with the MPLS-based EVPN instance of the WAN. One logical tunnel (lt-) interface is configured as the access interface for EVPN-VXLAN and the other logical tunnel (lt-) interface is configured as the access interface for MPLS-based EVPN.
content_copy zoom_out_map[edit] user@MX11# set interfaces lt-5/1/0 unit 0 peer-unit 1 user@MX11# set interfaces lt-5/1/0 unit 0 family bridge interface-mode trunk user@MX11# set interfaces lt-5/1/0 unit 0 family bridge vlan-id-list 1-5 user@MX11# set interfaces lt-5/1/0 unit 1 peer-unit 0 user@MX11# set interfaces lt-5/1/0 unit 1 family bridge interface-mode trunk user@MX11# set interfaces lt-5/1/0 unit 1 family bridge vlan-id-list 1-5
Configure the loopback interface address and routing options.
content_copy zoom_out_map[edit] user@MX11# set interfaces lo0 unit 84 family inet address 192.0.2.21/32 user@MX11# set interfaces lo0 unit 84 family mpls user@MX11# set routing-options router-id 192.0.2.21 user@MX11# set routing-options autonomous-system 65300
Apply the load balancing policy to the forwarding table.
content_copy zoom_out_map[edit] user@MX11# set routing-options forwarding-table export evpn-pplb
Enable RSVP, MPLS, BGP, and OSPF protocols on the core interfaces. Create MPLS LSPs and specify the address of the other gateway and WAN edge routers (MX12, P, MX21, MX22).
content_copy zoom_out_map[edit] user@MX11# set protocols rsvp interface all user@MX11# set protocols rsvp interface fxp0.0 disable user@MX11# set protocols mpls label-switched-path MX11-TO-MX12 to 192.0.2.22 user@MX11# set protocols mpls label-switched-path MX11-TO-P to 203.0.113.1 user@MX11# set protocols mpls label-switched-path MX11-TO-MX21 to 198.51.100.21 user@MX11# set protocols mpls label-switched-path MX11-TO-MX22 to 198.51.100.22 user@MX11# set protocols mpls interface all user@MX11# set protocols mpls interface fxp0.0 disable user@MX11# set protocols bgp local-address 192.0.2.21 user@MX11# set protocols bgp local-as 65300 user@MX11# set protocols bgp group INT type internal user@MX11# set protocols bgp group INT local-address 192.0.2.21 user@MX11# set protocols bgp group INT family evpn signaling user@MX11# set protocols bgp group INT export TEST user@MX11# set protocols bgp group INT neighbor 203.0.113.1 user@MX11# set protocols ospf traffic-engineering user@MX11# set protocols ospf area 0.0.0.0 interface ge-5/1/9.0 user@MX11# set protocols ospf area 0.0.0.0 interface lo0.84 passive
Configure EVPN-based MPLS routing instances on the MX11 router for each virtual network. Define the route distinguisher (used to identify and advertise EVPN-MPLS routes) and
vrf-target(exports and tags all routes for that local VRF using the defined route target). Configure a bridge domain for each virtual router that maps VLAN IDs.content_copy zoom_out_map[edit] user@MX11# set routing-instances EVPN-MPLS-1 instance-type virtual-switch user@MX11# set routing-instances EVPN-MPLS-1 interface lt-5/1/0.0 user@MX11# set routing-instances EVPN-MPLS-1 route-distinguisher 192.0.2.21:100 user@MX11# set routing-instances EVPN-MPLS-1 vrf-target target:1:2 user@MX11# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX11-EVPN-MPLS-1.log user@MX11# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m user@MX11# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all user@MX11# set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 user@MX11# set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge user@MX11# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5
Configure EVPN-VXLAN routing instances on the MX11 router for each virtual network. Define the VTEP source interface, route distinguisher (used to identify and advertise EVPN routes), and
vrf-target(exports and tags all routes for that local VRF using the defined route target). Configure the EVPN protocol, encapsulation method, VNI list, and BUM traffic forwarding method. Finally, configure a bridge domain for each virtual router that maps VNIDs to VLAN IDs, and identify the BUM forwarding method.content_copy zoom_out_map[edit] user@MX11# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.84 user@MX11# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@MX11# set routing-instances EVPN-VXLAN-1 interface lt-5/1/0.1 user@MX11# set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.21:1 user@MX11# set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX11-EVPN-VXLAN-1.log user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@MX11# set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 user@MX11# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 user@MX11# set routing-instances VRF instance-type vrf user@MX11# set routing-instances VRF interface irb.1 user@MX11# set routing-instances VRF interface irb.2 user@MX11# set routing-instances VRF interface irb.3 user@MX11# set routing-instances VRF interface irb.4 user@MX11# set routing-instances VRF interface irb.5 user@MX11# set routing-instances VRF route-distinguisher 1:1 user@MX11# set routing-instances VRF vrf-target target:10:10
Configuring Data Center Gateway and WAN Edge 2 Router (MX12)
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.
Configure an MX Series router as the data center gateway and WAN edge router and name it as MX12:
Set the system hostname.
content_copy zoom_out_map[edit] user@MX12# set system host-name MX12
Configure the P device as the logical system of MX12 data center gateway and WAN edge router.
Step-by-Step Procedure
Configure the interfaces of the P device.
content_copy zoom_out_map[edit] user@MX12# set logical-systems P interfaces ge-1/0/0 unit 0 description "CONNECTED TO MX21" user@MX12# set logical-systems P interfaces ge-1/0/0 unit 0 family inet address 203.0.113.32/24 user@MX12# set logical-systems P interfaces ge-1/0/0 unit 0 family mpls user@MX12# set logical-systems P interfaces ge-1/0/2 unit 0 description "CONNECTED TO MX22" user@MX12# set logical-systems P interfaces ge-1/0/2 unit 0 family inet address 203.0.113.52/24 user@MX12# set logical-systems P interfaces ge-1/0/2 unit 0 family mpls user@MX12# set logical-systems P interfaces ge-1/1/1 unit 0 description "CONNECTED TO MX11" user@MX12# set logical-systems P interfaces ge-1/1/1 unit 0 family inet address 203.0.113.42/24 user@MX12# set logical-systems P interfaces ge-1/1/1 unit 0 family mpls user@MX12# set logical-systems P interfaces ge-1/1/6 unit 0 description "CONNECTED TO MX12" user@MX12# set logical-systems P interfaces ge-1/1/6 unit 0 family inet address 203.0.113.12/24 user@MX12# set logical-systems P interfaces ge-1/1/6 unit 0 family mpls
Enable RSVP, MPLS, BGP, and OSPF protocols on the core interfaces of the P device. Create MPLS LSPs and specify the address of the other gateway and WAN edge routers (MX11, MX12, MX21, MX22).
content_copy zoom_out_map[edit] user@MX12# set logical-systems P protocols rsvp interface all user@MX12# set logical-systems P protocols mpls label-switched-path P-TO-MX11 from 203.0.113.1 user@MX12# set logical-systems P protocols mpls label-switched-path P-TO-MX11 to 192.0.2.21 user@MX12# set logical-systems P protocols mpls label-switched-path P-TO-MX12 to 192.0.2.22 user@MX12# set logical-systems P protocols mpls label-switched-path P-TO-MX21 to 198.51.100.21 user@MX12# set logical-systems P protocols mpls label-switched-path P-TO-MX22 to 198.51.100.22 user@MX12# set logical-systems P protocols mpls interface all user@MX12# set logical-systems P protocols bgp local-address 203.0.113.1 user@MX12# set logical-systems P protocols bgp local-as 65300 user@MX12# set logical-systems P protocols bgp group INT type internal user@MX12# set logical-systems P protocols bgp group INT import BLOCK-VXLAN-ROUTES-FROM-CORE user@MX12# set logical-systems P protocols bgp group INT family evpn signaling user@MX12# set logical-systems P protocols bgp group INT cluster 203.0.113.1 user@MX12# set logical-systems P protocols bgp group INT neighbor 192.0.2.21 user@MX12# set logical-systems P protocols bgp group INT neighbor 192.0.2.22 user@MX12# set logical-systems P protocols bgp group INT neighbor 198.51.100.21 user@MX12# set logical-systems P protocols bgp group INT neighbor 198.51.100.22 user@MX12# set logical-systems P protocols ospf traffic-engineering user@MX12# set logical-systems P protocols ospf area 0.0.0.0 interface all user@MX12# set logical-systems P protocols ospf area 0.0.0.0 interface lo0.86
Configure the loopback interface address and routing options.
content_copy zoom_out_map[edit] user@MX12# set logical-systems P interfaces lo0 unit 86 family inet address 203.0.113.1/32 user@MX12# set logical-systems P interfaces lo0 unit 86 family mpls user@MX12# set logical-systems P routing-options router-id 203.0.113.1 user@MX12# set logical-systems P routing-options autonomous-system 65300
Configure the routing policy BLOCK-VXLAN-ROUTES-FROM-CORE.
content_copy zoom_out_map[edit] user@MX12# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 from protocol bgp user@MX12# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 from community RT-CORE user@MX12# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 1 then accept user@MX12# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 from protocol bgp user@MX12# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 from community RT-DC1 user@MX12# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 2 then reject user@MX12# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 from protocol bgp user@MX12# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 from community RT-DC2 user@MX12# set logical-systems P policy-options policy-statement BLOCK-VXLAN-ROUTES-FROM-CORE term 3 then reject
Configure the RT-CORE, RT-DC1 and RT-DC2 communities.
content_copy zoom_out_map[edit] user@MX12# set logical-systems P policy-options community RT-CORE members target:1:2 user@MX12# set logical-systems P policy-options community RT-DC1 members target:1:1 user@MX12# set logical-systems P policy-options community RT-DC2 members target:1:3
Configure trace options for the interfaces to enable trace logs.
content_copy zoom_out_map[edit] user@MX12# set interfaces traceoptions file MX12-DCD.log user@MX12# set interfaces traceoptions file size 10m user@MX12# set interfaces traceoptions flag all
Configure the interfaces on the MX12 router (DC GW/WAN Edge 2) to enable the underlay connectivity to the MX11, ToR12, ToR11, and P devices, which is the EVPN-VXLAN part of DC1 network.
content_copy zoom_out_map[edit] user@MX12# set interfaces ge-1/0/4 unit 0 description "CONNECTED TO ToR12" user@MX12# set interfaces ge-1/0/4 unit 0 family inet address 192.168.5.2/24 user@MX12# set interfaces ge-1/0/5 unit 0 description "CONNECTED TO TOR11" user@MX12# set interfaces ge-1/0/5 unit 0 family inet address 192.168.4.2/24 user@MX12# set interfaces ge-1/0/6 unit 0 description "CONNECTED TO P" user@MX12# set interfaces ge-1/0/6 unit 0 family inet address 203.0.113.11/24 user@MX12# set interfaces ge-1/0/6 unit 0 family mpls user@MX12# set interfaces ge-1/1/0 unit 0 description "CONNECTED TO MX11" user@MX12# set interfaces ge-1/1/0 unit 0 family inet address 192.168.7.2/24
Configure external BGP (EBGP) underlay connectivity between the gateway routers (MX11 and MX12) and ToR (ToR11 and ToR12).
content_copy zoom_out_map[edit] user@MX12# set protocols bgp group MX11 type external user@MX12# set protocols bgp group MX11 local-address 192.168.7.2 user@MX12# set protocols bgp group MX11 export TEST user@MX12# set protocols bgp group MX11 export LO user@MX12# set protocols bgp group MX11 peer-as 65400 user@MX12# set protocols bgp group MX11 local-as 65500 user@MX12# set protocols bgp group MX11 neighbor 192.168.7.1 family inet unicast user@MX12# set protocols bgp group ToR11 type external user@MX12# set protocols bgp group ToR11 local-address 192.168.4.2 user@MX12# set protocols bgp group ToR11 export TEST user@MX12# set protocols bgp group ToR11 export LO user@MX12# set protocols bgp group ToR11 peer-as 65100 user@MX12# set protocols bgp group ToR11 local-as 65500 user@MX12# set protocols bgp group ToR11 neighbor 192.168.4.1 family inet unicast user@MX12# set protocols bgp group ToR12 type external user@MX12# set protocols bgp group ToR12 local-address 192.168.5.2 user@MX12# set protocols bgp group ToR12 export TEST user@MX12# set protocols bgp group ToR12 export LO user@MX12# set protocols bgp group ToR12 peer-as 65200 user@MX12# set protocols bgp group ToR12 local-as 65500 user@MX12# set protocols bgp group ToR12 neighbor 192.168.5.1 family inet unicast
Configure a multiprotocol external BGP (MP-EBGP) overlay connectivity between the gateway routers (MX11 and MX12) and ToR (ToR11 and ToR12) and set EVPN as the signaling protocol.
content_copy zoom_out_map[edit] user@MX12# set protocols bgp group MX11-EVPN type external user@MX12# set protocols bgp group MX11-EVPN multihop ttl 2 user@MX12# set protocols bgp group MX11-EVPN multihop no-nexthop-change user@MX12# set protocols bgp group MX11-EVPN local-address 192.0.2.22 user@MX12# set protocols bgp group MX11-EVPN export TEST user@MX12# set protocols bgp group MX11-EVPN peer-as 65400 user@MX12# set protocols bgp group MX11-EVPN local-as 65500 user@MX12# set protocols bgp group MX11-EVPN neighbor 192.0.2.21 family evpn signaling user@MX12# set protocols bgp group ToR11-EVPN type external user@MX12# set protocols bgp group ToR11-EVPN multihop ttl 2 user@MX12# set protocols bgp group ToR11-EVPN multihop no-nexthop-change user@MX12# set protocols bgp group ToR11-EVPN local-address 192.0.2.22 user@MX12# set protocols bgp group ToR11-EVPN export TEST user@MX12# set protocols bgp group ToR11-EVPN peer-as 65100 user@MX12# set protocols bgp group ToR11-EVPN local-as 65500 user@MX12# set protocols bgp group ToR11-EVPN neighbor 192.0.2.11 family evpn signaling user@MX12# set protocols bgp group ToR12-EVPN type external user@MX12# set protocols bgp group ToR12-EVPN multihop ttl 2 user@MX12# set protocols bgp group ToR12-EVPN multihop no-nexthop-change user@MX12# set protocols bgp group ToR12-EVPN local-address 192.0.2.22 user@MX12# set protocols bgp group ToR12-EVPN export TEST user@MX12# set protocols bgp group ToR12-EVPN peer-as 65200 user@MX12# set protocols bgp group ToR12-EVPN local-as 65500 user@MX12# set protocols bgp group ToR12-EVPN neighbor 192.0.2.12 family evpn signaling
Configure integrated routing and bridging (IRB) interfaces that advertise the MAC and IP routes (MAC+IP type 2 routes) for hosts in the topology. The IRB configuration is the gateway for the VLANs on the hosts.
Step-by-Step Procedure
The following is the IRB gateway configuration for the VLAN-1 on MX12 (which is the host part of VLAN-1):
content_copy zoom_out_map[edit] user@MX12# set interfaces irb unit 1 proxy-macip-advertisement user@MX12# set interfaces irb unit 1 virtual-gateway-esi 00:11:aa:aa:aa:aa:aa:aa:aa:aa user@MX12# set interfaces irb unit 1 virtual-gateway-esi all-active user@MX12# set interfaces irb unit 1 family inet address 10.11.1.13/24 virtual-gateway-address 10.11.1.10
The following is the IRB gateway configuration for the VLAN-2 on MX12 (which is the host part of VLAN-2):
content_copy zoom_out_map[edit] user@MX12# set interfaces irb unit 2 proxy-macip-advertisement user@MX12# set interfaces irb unit 2 virtual-gateway-esi 00:11:bb:bb:bb:bb:bb:bb:bb:bb user@MX12# set interfaces irb unit 2 virtual-gateway-esi all-active user@MX12# set interfaces irb unit 2 family inet address 10.12.1.13/24 virtual-gateway-address 10.12.1.10
The following is the IRB gateway configuration for the VLAN-3 on MX12 (which is the host part of VLAN-3):
content_copy zoom_out_map[edit] user@MX12# set interfaces irb unit 3 proxy-macip-advertisement user@MX12# set interfaces irb unit 3 virtual-gateway-esi 00:11:cc:cc:cc:cc:cc:cc:cc:cc user@MX12# set interfaces irb unit 3 virtual-gateway-esi all-active user@MX12# set interfaces irb unit 3 family inet address 10.13.1.13/24 virtual-gateway-address 10.13.1.10
The following is the IRB gateway configuration for the VLAN-4 on MX12 (which is the host part of VLAN-4):
content_copy zoom_out_map[edit] user@MX12# set interfaces irb unit 4 proxy-macip-advertisement user@MX12# set interfaces irb unit 4 virtual-gateway-esi 00:11:dd:dd:dd:dd:dd:dd:dd:dd user@MX12# set interfaces irb unit 4 virtual-gateway-esi all-active user@MX12# set interfaces irb unit 4 family inet address 10.14.1.13/24 virtual-gateway-address 10.14.1.10
The following is the IRB gateway configuration for the VLAN-5 on MX12 (which is the host part of VLAN-5):
content_copy zoom_out_map[edit] user@MX12# set interfaces irb unit 5 proxy-macip-advertisement user@MX12# set interfaces irb unit 5 virtual-gateway-esi 00:11:ee:ee:ee:ee:ee:ee:ee:ee user@MX12# set interfaces irb unit 5 virtual-gateway-esi all-active user@MX12# set interfaces irb unit 5 family inet address 10.15.1.13/24 virtual-gateway-address 10.15.1.10
Configure trace operations to track all Layer 2 address learning and forwarding properties.
content_copy zoom_out_map[edit] user@MX12# set protocols l2-learning traceoptions file MX12-L2ALD.log user@MX12# set protocols l2-learning traceoptions file size 10m user@MX12# set protocols l2-learning traceoptions level all user@MX12# set protocols l2-learning traceoptions flag all
Configure routing policy to accept the direct loopback address route.
content_copy zoom_out_map[edit] user@MX12# set policy-options policy-statement LO from protocol direct user@MX12# set policy-options policy-statement LO from route-filter 192.0.2.22/32 exact user@MX12# set policy-options policy-statement LO then accept
Configure the NO-EXPORT community.
content_copy zoom_out_map[edit] user@MX12# set policy-options community NO-EXPORT members no-advertise user@MX12# set policy-options community NO-EXPORT members no-export user@MX12# set policy-options community NO-EXPORT members no-export-subconfed
Configure the load balancing and TEST policies.
content_copy zoom_out_map[edit] user@MX12# set policy-options policy-statement TEST then community add NO-EXPORT user@MX12# set policy-options policy-statement evpn-pplb from protocol evpn user@MX12# set policy-options policy-statement evpn-pplb then load-balance per-packet
Configure an ESI value on the logical tunnel interface. Use the same ESI value on all other gateway/WAN edge routers in the DC1 network.
content_copy zoom_out_map[edit] user@MX12# set interfaces lt-1/0/0 esi 00:22:22:22:22:22:22:22:22:22
Configure active-active multihoming on the logical tunnel interface by including the
all-activestatement.content_copy zoom_out_map[edit] user@MX12# set interfaces lt-1/0/0 esi all-active
Configure a pair of logical tunnel (lt-) interfaces on the MX12 gateway router to interconnect the EVPN-VXLAN instance of the data center network with the MPLS-based EVPN instance of the WAN. One logical tunnel (lt-) interface is configured as the access interface for EVPN-VXLAN and the other logical tunnel (lt-) interface is configured as the access interface for MPLS-based EVPN.
content_copy zoom_out_map[edit] user@MX12# set interfaces lt-1/0/0 unit 0 peer-unit 1 user@MX12# set interfaces lt-1/0/0 unit 0 family bridge interface-mode trunk user@MX12# set interfaces lt-1/0/0 unit 0 family bridge vlan-id-list 1-5 user@MX12# set interfaces lt-1/0/0 unit 1 peer-unit 0 user@MX12# set interfaces lt-1/0/0 unit 1 family bridge interface-mode trunk user@MX12# set interfaces lt-1/0/0 unit 1 family bridge vlan-id-list 1-5
Configure the loopback interface address and routing options.
content_copy zoom_out_map[edit] user@MX12# set interfaces lo0 unit 85 family inet address 192.0.2.22/32 user@MX12# set interfaces lo0 unit 85 family mpls user@MX12# set routing-options router-id 192.0.2.22 user@MX12# set routing-options autonomous-system 65300
Apply the load balancing policy to the forwarding table.
content_copy zoom_out_map[edit] user@MX12# set routing-options forwarding-table export evpn-pplb
Enable RSVP, MPLS, BGP, and OSPF protocols on the core interfaces. Create MPLS LSPs and specify the address of the other gateway and WAN edge routers (MX11, MX21, P, MX22).
content_copy zoom_out_map[edit] user@MX12# set protocols rsvp interface all user@MX12# set protocols rsvp interface fxp0.0 disable user@MX12# set protocols mpls label-switched-path MX12-TO-MX11 to 192.0.2.21 user@MX12# set protocols mpls label-switched-path MX12-TO-P to 203.0.113.1 user@MX12# set protocols mpls label-switched-path MX12-TO-MX21 to 198.51.100.21 user@MX12# set protocols mpls label-switched-path MX12-TO-MX22 to 198.51.100.22 user@MX12# set protocols mpls interface all user@MX12# set protocols mpls interface fxp0.0 disable user@MX12# set protocols bgp local-address 192.0.2.22 user@MX12# set protocols bgp local-as 65300 user@MX12# set protocols bgp group INT type internal user@MX12# set protocols bgp group INT family evpn signaling user@MX12# set protocols bgp group INT export TEST user@MX12# set protocols bgp group INT neighbor 203.0.113.1 user@MX12# set protocols ospf traffic-engineering user@MX12# set protocols ospf area 0.0.0.0 interface ge-1/0/6.0 user@MX12# set protocols ospf area 0.0.0.0 interface lo0.85 passive
Configure EVPN-based MPLS routing instances on the MX12 router for each virtual network. Define the route distinguisher (used to identify and advertise EVPN-MPLS routes) and
vrf-target(exports and tags all routes for that local VRF using the defined route target). Configure a bridge domain for each virtual router that maps VLAN IDs.content_copy zoom_out_map[edit] user@MX12# set routing-instances EVPN-MPLS-1 instance-type virtual-switch user@MX12# set routing-instances EVPN-MPLS-1 interface lt-1/0/0.0 user@MX12# set routing-instances EVPN-MPLS-1 route-distinguisher 192.0.2.22:100 user@MX12# set routing-instances EVPN-MPLS-1 vrf-target target:1:2 user@MX12# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX12-EVPN-MPLS-1.log user@MX12# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m user@MX12# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all user@MX12# set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 user@MX12# set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge user@MX12# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5
Configure EVPN-VXLAN routing instances on the MX12 router for each virtual network. Define the VTEP source interface, route distinguisher (used to identify and advertise EVPN routes), and
vrf-target(exports and tags all routes for that local VRF using the defined route target). Configure the EVPN protocol, encapsulation method, VNI list, and BUM traffic forwarding method. Finally, configure a bridge domain for each virtual router that maps VNIDs to VLAN IDs, and identify the BUM forwarding method.content_copy zoom_out_map[edit] user@MX12# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.85 user@MX12# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@MX12# set routing-instances EVPN-VXLAN-1 interface lt-1/0/0.1 user@MX12# set routing-instances EVPN-VXLAN-1 route-distinguisher 192.0.2.22:1 user@MX12# set routing-instances EVPN-VXLAN-1 vrf-target target:1:1 user@MX12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX12-EVPN-VXLAN-1.log user@MX12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@MX12# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@MX12# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@MX12# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@MX12# set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 user@MX12# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 user@MX12# set routing-instances VRF instance-type vrf user@MX12# set routing-instances VRF interface irb.1 user@MX12# set routing-instances VRF interface irb.2 user@MX12# set routing-instances VRF interface irb.3 user@MX12# set routing-instances VRF interface irb.4 user@MX12# set routing-instances VRF interface irb.5 user@MX12# set routing-instances VRF route-distinguisher 1:1 user@MX12# set routing-instances VRF vrf-target target:10:10
Configuring Data Center Gateway and WAN Edge 3 Router (MX21)
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.
Configure an MX Series router as the data center gateway and WAN edge router and name it as MX21:
Set the system hostname.
content_copy zoom_out_map[edit] user@MX21# set system host-name MX21
Configure the interfaces on the MX21 router (DC GW/WAN Edge 3) to enable the underlay connectivity to the MX22, ToR22, ToR21, and P devices, which is the EVPN-VXLAN part of DC2 network.
content_copy zoom_out_map[edit] user@MX21# set interfaces ge-3/0/0 unit 0 description "CONNECTED TO MX22" user@MX21# set interfaces ge-3/0/0 unit 0 family inet address 192.168.13.1/24 user@MX21# set interfaces ge-3/1/0 unit 0 description "CONNECTED TO ToR22" user@MX21# set interfaces ge-3/1/0 unit 0 family inet address 192.168.8.1/24 user@MX21# set interfaces ge-5/0/0 unit 0 description "CONNECTED TO P" user@MX21# set interfaces ge-5/0/0 unit 0 family inet address 203.0.113.31/24 user@MX21# set interfaces ge-5/0/0 unit 0 family mpls user@MX21# set interfaces ge-5/0/1 unit 0 description "CONNECTED TO ToR21" user@MX21# set interfaces ge-5/0/1 unit 0 family inet address 192.168.9.1/24
Configure external BGP (EBGP) underlay connectivity between the gateway routers (MX21 and MX22) and ToR (ToR21 and ToR22).
content_copy zoom_out_map[edit] user@MX21# set protocols bgp group MX22 type external user@MX21# set protocols bgp group MX22 local-address 192.168.13.1 user@MX21# set protocols bgp group MX22 export TEST user@MX21# set protocols bgp group MX22 export LO user@MX21# set protocols bgp group MX22 peer-as 64900 user@MX21# set protocols bgp group MX22 local-as 64800 user@MX21# set protocols bgp group MX22 neighbor 192.168.13.2 family inet unicast user@MX21# set protocols bgp group ToR21 type external user@MX21# set protocols bgp group ToR21 local-address 192.168.9.1 user@MX21# set protocols bgp group ToR21 export TEST user@MX21# set protocols bgp group ToR21 export LO user@MX21# set protocols bgp group ToR21 peer-as 64600 user@MX21# set protocols bgp group ToR21 local-as 64800 user@MX21# set protocols bgp group ToR21 neighbor 192.168.9.2 family inet unicast user@MX21# set protocols bgp group ToR22 type external user@MX21# set protocols bgp group ToR22 local-address 192.168.8.1 user@MX21# set protocols bgp group ToR22 export TEST user@MX21# set protocols bgp group ToR22 export LO user@MX21# set protocols bgp group ToR22 peer-as 64700 user@MX21# set protocols bgp group ToR22 local-as 64800 user@MX21# set protocols bgp group ToR22 neighbor 192.168.8.2 family inet unicast
Configure a multiprotocol external BGP (MP-EBGP) overlay connectivity between the gateway routers (MX21 and MX22) and ToR (ToR21 and ToR22) and set EVPN as the signaling protocol.
content_copy zoom_out_map[edit] user@MX21# set protocols bgp group MX22-EVPN type external user@MX21# set protocols bgp group MX22-EVPN multihop ttl 2 user@MX21# set protocols bgp group MX22-EVPN multihop no-nexthop-change user@MX21# set protocols bgp group MX22-EVPN local-address 198.51.100.21 user@MX21# set protocols bgp group MX22-EVPN peer-as 64900 user@MX21# set protocols bgp group MX22-EVPN local-as 64800 user@MX21# set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling user@MX21# set protocols bgp group ToR21-EVPN type external user@MX21# set protocols bgp group ToR21-EVPN multihop ttl 2 user@MX21# set protocols bgp group ToR21-EVPN multihop no-nexthop-change user@MX21# set protocols bgp group ToR21-EVPN local-address 198.51.100.21 user@MX21# set protocols bgp group ToR21-EVPN peer-as 64600 user@MX21# set protocols bgp group ToR21-EVPN local-as 64800 user@MX21# set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling user@MX21# set protocols bgp group ToR22-EVPN type external user@MX21# set protocols bgp group ToR22-EVPN multihop ttl 2 user@MX21# set protocols bgp group ToR22-EVPN multihop no-nexthop-change user@MX21# set protocols bgp group ToR22-EVPN local-address 198.51.100.21 user@MX21# set protocols bgp group ToR22-EVPN peer-as 64700 user@MX21# set protocols bgp group ToR22-EVPN local-as 64800 user@MX21# set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling
Configure integrated routing and bridging (IRB) interfaces that advertise the MAC and IP routes (MAC+IP type 2 routes) for hosts in the topology. The IRB configuration is the gateway for the VLANs on the hosts.
Step-by-Step Procedure
The following is the IRB gateway configuration for the VLAN-1 on MX21 (which is the host part of VLAN-1):
content_copy zoom_out_map[edit] user@MX21# set interfaces irb unit 1 proxy-macip-advertisement user@MX21# set interfaces irb unit 1 virtual-gateway-esi 00:22:aa:aa:aa:aa:aa:aa:aa:aa user@MX21# set interfaces irb unit 1 virtual-gateway-esi all-active user@MX21# set interfaces irb unit 1 family inet address 10.11.1.14/24 virtual-gateway-address 10.11.1.11
The following is the IRB gateway configuration for the VLAN-2 on MX21 (which is the host part of VLAN-2):
content_copy zoom_out_map[edit] user@MX21# set interfaces irb unit 2 proxy-macip-advertisement user@MX21# set interfaces irb unit 2 virtual-gateway-esi 00:22:bb:bb:bb:bb:bb:bb:bb:bb user@MX21# set interfaces irb unit 2 virtual-gateway-esi all-active user@MX21# set interfaces irb unit 2 family inet address 10.12.1.14/24 virtual-gateway-address 10.12.1.11
The following is the IRB gateway configuration for the VLAN-3 on MX21 (which is the host part of VLAN-3):
content_copy zoom_out_map[edit] user@MX21# set interfaces irb unit 3 proxy-macip-advertisement user@MX21# set interfaces irb unit 3 virtual-gateway-esi 00:22:cc:cc:cc:cc:cc:cc:cc:cc user@MX21# set interfaces irb unit 3 virtual-gateway-esi all-active user@MX21# set interfaces irb unit 3 family inet address 10.13.1.14/24 virtual-gateway-address 10.13.1.11
The following is the IRB gateway configuration for the VLAN-4 on MX21 (which is the host part of VLAN-4):
content_copy zoom_out_map[edit] user@MX21# set interfaces irb unit 4 proxy-macip-advertisement user@MX21# set interfaces irb unit 4 virtual-gateway-esi 00:22:dd:dd:dd:dd:dd:dd:dd:dd user@MX21# set interfaces irb unit 4 virtual-gateway-esi all-active user@MX21# set interfaces irb unit 4 family inet address 10.14.1.14/24 virtual-gateway-address 10.14.1.11
The following is the IRB gateway configuration for the VLAN-5 on MX21 (which is the host part of VLAN-5):
content_copy zoom_out_map[edit] user@MX21# set interfaces irb unit 5 proxy-macip-advertisement user@MX21# set interfaces irb unit 5 virtual-gateway-esi 00:22:ee:ee:ee:ee:ee:ee:ee:ee user@MX21# set interfaces irb unit 5 virtual-gateway-esi all-active user@MX21# set interfaces irb unit 5 family inet address 10.15.1.14/24 virtual-gateway-address 10.15.1.11
Configure trace operations to track all Layer 2 address learning and forwarding properties.
content_copy zoom_out_map[edit] user@MX21# set protocols l2-learning traceoptions file MX21-L2ALD.log user@MX21# set protocols l2-learning traceoptions file size 10m user@MX21# set protocols l2-learning traceoptions level all user@MX21# set protocols l2-learning traceoptions flag all
Configure routing policy to accept the direct loopback address route.
content_copy zoom_out_map[edit] user@MX21# set policy-options policy-statement LO from protocol direct user@MX21# set policy-options policy-statement LO from route-filter 198.51.100.21/32 exact user@MX21# set policy-options policy-statement LO then accept
Configure the NO-EXPORT community.
content_copy zoom_out_map[edit] user@MX21# set policy-options community NO-EXPORT members no-advertise user@MX21# set policy-options community NO-EXPORT members no-export user@MX21# set policy-options community NO-EXPORT members no-export-subconfed
Configure the load balancing and TEST policies.
content_copy zoom_out_map[edit] user@MX21# set policy-options policy-statement TEST then community add NO-EXPORT user@MX21# set policy-options policy-statement evpn-pplb from protocol evpn user@MX21# set policy-options policy-statement evpn-pplb then load-balance per-packet
Configure an ESI value on the logical tunnel interface. Use the same ESI value on all other gateway/WAN edge routers in the DC2 network.
content_copy zoom_out_map[edit] user@MX21# set interfaces lt-5/0/0 esi 00:33:33:33:33:33:33:33:33:33
Configure active-active multihoming on the logical tunnel interface by including the
all-activestatement.content_copy zoom_out_map[edit] user@MX21# set interfaces lt-5/0/0 esi all-active
Configure a pair of logical tunnel (lt-) interfaces on the MX21 gateway router to interconnect the EVPN-VXLAN instance of the data center network with the MPLS-based EVPN instance of the WAN. One logical tunnel (lt-) interface is configured as the access interface for EVPN-VXLAN and the other logical tunnel (lt-) interface is configured as the access interface for MPLS-based EVPN.
content_copy zoom_out_map[edit] user@MX21# set interfaces lt-5/0/0 unit 0 peer-unit 1 user@MX21# set interfaces lt-5/0/0 unit 0 family bridge interface-mode trunk user@MX21# set interfaces lt-5/0/0 unit 0 family bridge vlan-id-list 1-5 user@MX21# set interfaces lt-5/0/0 unit 1 peer-unit 0 user@MX21# set interfaces lt-5/0/0 unit 1 family bridge interface-mode trunk user@MX21# set interfaces lt-5/0/0 unit 1 family bridge vlan-id-list 1-5
Configure the loopback interface address and routing options.
content_copy zoom_out_map[edit] user@MX21# set interfaces lo0 unit 87 family inet address 198.51.100.21/32 user@MX21# set interfaces lo0 unit 87 family mpls user@MX21# set routing-options router-id 198.51.100.21 user@MX21# set routing-options autonomous-system 65300
Apply the load balancing policy to the forwarding table.
content_copy zoom_out_map[edit] user@MX21# set routing-options forwarding-table export evpn-pplb
Enable RSVP, MPLS, BGP, and OSPF protocols on the core interfaces. Create MPLS LSPs and specify the address of the other gateway and WAN edge routers (MX11, MX12, P, MX22).
content_copy zoom_out_map[edit] user@MX21# set protocols rsvp interface all user@MX21# set protocols rsvp interface fxp0.0 disable user@MX21# set protocols mpls label-switched-path MX21-TO-MX11 to 192.0.2.21 user@MX21# set protocols mpls label-switched-path MX21-TO-MX12 to 192.0.2.22 user@MX21# set protocols mpls label-switched-path MX21-TO-P to 203.0.113.1 user@MX21# set protocols mpls label-switched-path MX21-TO-MX22 to 198.51.100.22 user@MX21# set protocols mpls interface all user@MX21# set protocols mpls interface fxp0.0 disable user@MX21# set protocols bgp local-address 198.51.100.21 user@MX21# set protocols bgp export TEST user@MX21# set protocols bgp local-as 65300 user@MX21# set protocols bgp group INT type internal user@MX21# set protocols bgp group INT local-address 198.51.100.21 user@MX21# set protocols bgp group INT family evpn signaling user@MX21# set protocols bgp group INT export TEST user@MX21# set protocols bgp group INT neighbor 203.0.113.1 user@MX21# set protocols ospf traffic-engineering user@MX21# set protocols ospf area 0.0.0.0 interface ge-5/0/0.0 user@MX21# set protocols ospf area 0.0.0.0 interface lo0.87 passive
Configure EVPN-based MPLS routing instances on the MX21 router for each virtual network. Define the route distinguisher (used to identify and advertise EVPN-MPLS routes) and
vrf-target(exports and tags all routes for that local VRF using the defined route target). Configure a bridge domain for each virtual router that maps VLAN IDs.content_copy zoom_out_map[edit] user@MX21# set routing-instances EVPN-MPLS-1 instance-type virtual-switch user@MX21# set routing-instances EVPN-MPLS-1 interface lt-5/0/0.0 user@MX21# set routing-instances EVPN-MPLS-1 route-distinguisher 198.51.100.21:100 user@MX21# set routing-instances EVPN-MPLS-1 vrf-target target:1:2 user@MX21# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX21-EVPN-MPLS-1.log user@MX21# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m user@MX21# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all user@MX21# set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 user@MX21# set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge user@MX21# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5
Configure EVPN-VXLAN routing instances on the MX21 router for each virtual network. Define the VTEP source interface, route distinguisher (used to identify and advertise EVPN routes), and
vrf-target(exports and tags all routes for that local VRF using the defined route target). Configure the EVPN protocol, encapsulation method, VNI list, and BUM traffic forwarding method. Finally, configure a bridge domain for each virtual router that maps VNIDs to VLAN IDs, and identify the BUM forwarding method.content_copy zoom_out_map[edit] user@MX21# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.87 user@MX21# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@MX21# set routing-instances EVPN-VXLAN-1 interface lt-5/0/0.1 user@MX21# set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.21:1 user@MX21# set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 user@MX21# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX21-EVPN-VXLAN-1.log user@MX21# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@MX21# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@MX21# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@MX21# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@MX21# set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 user@MX21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 user@MX21# set routing-instances VRF instance-type vrf user@MX21# set routing-instances VRF interface irb.1 user@MX21# set routing-instances VRF interface irb.2 user@MX21# set routing-instances VRF interface irb.3 user@MX21# set routing-instances VRF interface irb.4 user@MX21# set routing-instances VRF interface irb.5 user@MX21# set routing-instances VRF route-distinguisher 1:1 user@MX21# set routing-instances VRF vrf-target target:10:10
Configuring Data Center Gateway and WAN Edge 4 Router (MX22)
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.
Configure an MX Series router as the data center gateway and WAN edge router and name it as MX22:
Set the system hostname.
content_copy zoom_out_map[edit] user@MX22# set system host-name MX22
Configure the interfaces on the MX22 router (DC GW/WAN Edge 4) to enable the underlay connectivity to the MX22, ToR21, MX21, and P devices, which is the EVPN-VXLAN part of DC2 network.
content_copy zoom_out_map[edit] user@MX22# set interfaces xe-0/0/0 unit 0 description "CONNECTED TO ToR22" user@MX22# set interfaces xe-0/0/0 unit 0 family inet address 192.168.11.1/24 user@MX22# set interfaces xe-0/0/1 unit 0 description "CONNECTED TO ToR21" user@MX22# set interfaces xe-0/0/1 unit 0 family inet address 192.168.10.1/24 user@MX22# set interfaces ge-1/0/0 unit 0 description "CONNECTED TO MX21" user@MX22# set interfaces ge-1/0/0 unit 0 family inet address 192.168.13.2/24 user@MX22# set interfaces ge-1/0/2 unit 0 description "CONNECTED TO P" user@MX22# set interfaces ge-1/0/2 unit 0 family inet address 203.0.113.51/24 user@MX22# set interfaces ge-1/0/2 unit 0 family mpls
Configure external BGP (EBGP) underlay connectivity between the gateway routers (MX21 and MX22) and ToR (ToR21 and ToR22).
content_copy zoom_out_map[edit] user@MX22# set protocols bgp group MX21 type external user@MX22# set protocols bgp group MX21 local-address 192.168.13.2 user@MX22# set protocols bgp group MX21 export TEST user@MX22# set protocols bgp group MX21 export LO user@MX22# set protocols bgp group MX21 peer-as 64800 user@MX22# set protocols bgp group MX21 local-as 64900 user@MX22# set protocols bgp group MX21 neighbor 192.168.13.1 family inet unicast user@MX22# set protocols bgp group ToR21 type external user@MX22# set protocols bgp group ToR21 local-address 192.168.10.1 user@MX22# set protocols bgp group ToR21 export TEST user@MX22# set protocols bgp group ToR21 export LO user@MX22# set protocols bgp group ToR21 peer-as 64600 user@MX22# set protocols bgp group ToR21 local-as 64900 user@MX22# set protocols bgp group ToR21 neighbor 192.168.10.2 family inet unicast user@MX22# set protocols bgp group ToR22 type external user@MX22# set protocols bgp group ToR22 local-address 192.168.11.1 user@MX22# set protocols bgp group ToR22 export TEST user@MX22# set protocols bgp group ToR22 export LO user@MX22# set protocols bgp group ToR22 peer-as 64700 user@MX22# set protocols bgp group ToR22 local-as 64900 user@MX22# set protocols bgp group ToR22 neighbor 192.168.11.2 family inet unicast
Configure a multiprotocol external BGP (MP-EBGP) overlay connectivity between the gateway routers (MX21 and MX22) and ToR (ToR21 and ToR22) and set EVPN as the signaling protocol.
content_copy zoom_out_map[edit] user@MX22# set protocols bgp group MX21-EVPN type external user@MX22# set protocols bgp group MX21-EVPN multihop ttl 2 user@MX22# set protocols bgp group MX21-EVPN multihop no-nexthop-change user@MX22# set protocols bgp group MX21-EVPN local-address 198.51.100.22 user@MX22# set protocols bgp group MX21-EVPN peer-as 64800 user@MX22# set protocols bgp group MX21-EVPN local-as 64900 user@MX22# set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling user@MX22# set protocols bgp group ToR21-EVPN type external user@MX22# set protocols bgp group ToR21-EVPN multihop ttl 2 user@MX22# set protocols bgp group ToR21-EVPN multihop no-nexthop-change user@MX22# set protocols bgp group ToR21-EVPN local-address 198.51.100.22 user@MX22# set protocols bgp group ToR21-EVPN peer-as 64600 user@MX22# set protocols bgp group ToR21-EVPN local-as 64900 user@MX22# set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling user@MX22# set protocols bgp group ToR22-EVPN type external user@MX22# set protocols bgp group ToR22-EVPN multihop ttl 2 user@MX22# set protocols bgp group ToR22-EVPN multihop no-nexthop-change user@MX22# set protocols bgp group ToR22-EVPN local-address 198.51.100.22 user@MX22# set protocols bgp group ToR22-EVPN peer-as 64700 user@MX22# set protocols bgp group ToR22-EVPN local-as 64900 user@MX22# set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling
Configure integrated routing and bridging (IRB) interfaces that advertise the MAC and IP routes (MAC+IP type 2 routes) for hosts in the topology. The IRB configuration is the gateway for the VLANs on the hosts.
Step-by-Step Procedure
The following is the IRB gateway configuration for the VLAN-1 on MX22 (which is the host part of VLAN-1):
content_copy zoom_out_map[edit] user@MX22# set interfaces irb unit 1 proxy-macip-advertisement user@MX22# set interfaces irb unit 1 virtual-gateway-esi 00:22:aa:aa:aa:aa:aa:aa:aa:aa user@MX22# set interfaces irb unit 1 virtual-gateway-esi all-active user@MX22# set interfaces irb unit 1 family inet address 10.11.1.15/24 virtual-gateway-address 10.11.1.11
The following is the IRB gateway configuration for the VLAN-2 on MX22 (which is the host part of VLAN-2):
content_copy zoom_out_map[edit] user@MX22# set interfaces irb unit 2 proxy-macip-advertisement user@MX22# set interfaces irb unit 2 virtual-gateway-esi 00:22:bb:bb:bb:bb:bb:bb:bb:bb user@MX22# set interfaces irb unit 2 virtual-gateway-esi all-active user@MX22# set interfaces irb unit 2 family inet address 10.12.1.15/24 virtual-gateway-address 10.12.1.11
The following is the IRB gateway configuration for the VLAN-3 on MX22 (which is the host part of VLAN-3):
content_copy zoom_out_map[edit] user@MX22# set interfaces irb unit 3 proxy-macip-advertisement user@MX22# set interfaces irb unit 3 virtual-gateway-esi 00:22:cc:cc:cc:cc:cc:cc:cc:cc user@MX22# set interfaces irb unit 3 virtual-gateway-esi all-active user@MX22# set interfaces irb unit 3 family inet address 10.13.1.15/24 virtual-gateway-address 10.13.1.11
The following is the IRB gateway configuration for the VLAN-4 on MX22 (which is the host part of VLAN-4):
content_copy zoom_out_map[edit] user@MX22# set interfaces irb unit 4 proxy-macip-advertisement user@MX22# set interfaces irb unit 4 virtual-gateway-esi 00:22:dd:dd:dd:dd:dd:dd:dd:dd user@MX22# set interfaces irb unit 4 virtual-gateway-esi all-active user@MX22# set interfaces irb unit 4 family inet address 10.14.1.15/24 virtual-gateway-address 10.14.1.11
The following is the IRB gateway configuration for the VLAN-5 on MX22 (which is the host part of VLAN-5):
content_copy zoom_out_map[edit] user@MX22# set interfaces irb unit 5 proxy-macip-advertisement user@MX22# set interfaces irb unit 5 virtual-gateway-esi 00:22:ee:ee:ee:ee:ee:ee:ee:ee user@MX22# set interfaces irb unit 5 virtual-gateway-esi all-active user@MX22# set interfaces irb unit 5 family inet address 10.15.1.15/24 virtual-gateway-address 10.15.1.11
Configure trace operations to track all Layer 2 address learning and forwarding properties.
content_copy zoom_out_map[edit] user@MX22# set protocols l2-learning traceoptions file MX22-L2ALD.log user@MX22# set protocols l2-learning traceoptions file size 10m user@MX22# set protocols l2-learning traceoptions level all user@MX22# set protocols l2-learning traceoptions flag all
Configure routing policy to accept the direct loopback address route.
content_copy zoom_out_map[edit] user@MX22# set policy-options policy-statement LO from protocol direct user@MX22# set policy-options policy-statement LO from route-filter 198.51.100.22/32 exact user@MX22# set policy-options policy-statement LO then accept
Configure the NO-EXPORT community.
content_copy zoom_out_map[edit] user@MX22# set policy-options community NO-EXPORT members no-advertise user@MX22# set policy-options community NO-EXPORT members no-export user@MX22# set policy-options community NO-EXPORT members no-export-subconfed
Configure the load balancing and TEST policies.
content_copy zoom_out_map[edit] user@MX22# set policy-options policy-statement TEST then community add NO-EXPORT user@MX22# set policy-options policy-statement evpn-pplb from protocol evpn user@MX22# set policy-options policy-statement evpn-pplb then load-balance per-packet
Configure an ESI value on the logical tunnel interface. Use the same ESI value on all other gateway/WAN edge routers in the DC2 network.
content_copy zoom_out_map[edit] user@MX22# set interfaces lt-1/0/0 esi 00:33:33:33:33:33:33:33:33:33
Configure active-active multihoming on the logical tunnel interface by including the
all-activestatement.content_copy zoom_out_map[edit] user@MX22# set interfaces lt-1/0/0 esi all-active
Configure a pair of logical tunnel (lt-) interfaces on the MX22 gateway router to interconnect the EVPN-VXLAN instance of the data center network with the MPLS-based EVPN instance of the WAN. One logical tunnel (lt-) interface is configured as the access interface for EVPN-VXLAN and the other logical tunnel (lt-) interface is configured as the access interface for MPLS-based EVPN.
content_copy zoom_out_map[edit] user@MX22# set interfaces lt-1/0/0 unit 0 peer-unit 1 user@MX22# set interfaces lt-1/0/0 unit 0 family bridge interface-mode trunk user@MX22# set interfaces lt-1/0/0 unit 0 family bridge vlan-id-list 1-5 user@MX22# set interfaces lt-1/0/0 unit 1 peer-unit 0 user@MX22# set interfaces lt-1/0/0 unit 1 family bridge interface-mode trunk user@MX22# set interfaces lt-1/0/0 unit 1 family bridge vlan-id-list 1-5
Configure the loopback interface address and routing options.
content_copy zoom_out_map[edit] user@MX22# set interfaces lo0 unit 88 family inet address 198.51.100.22/32 user@MX22# set routing-options router-id 198.51.100.22 user@MX22# set routing-options autonomous-system 65300
Apply the load balancing policy to the forwarding table.
content_copy zoom_out_map[edit] user@MX22# set routing-options forwarding-table export evpn-pplb
Enable RSVP, MPLS, BGP, and OSPF protocols on the core interfaces. Create MPLS LSPs and specify the address of the other gateway and WAN edge routers (MX11, MX12, P, MX21).
content_copy zoom_out_map[edit] user@MX22# set protocols rsvp interface all user@MX22# set protocols rsvp interface fxp0.0 disable user@MX22# set protocols mpls label-switched-path MX22-TO-MX11 to 192.0.2.21 user@MX22# set protocols mpls label-switched-path MX22-TO-MX12 to 192.0.2.22 user@MX22# set protocols mpls label-switched-path MX22-TO-P to 203.0.113.1 user@MX22# set protocols mpls label-switched-path MX22-TO-MX21 to 198.51.100.21 user@MX22# set protocols mpls interface all user@MX22# set protocols mpls interface fxp0.0 disable user@MX22# set protocols bgp local-address 198.51.100.22 user@MX22# set protocols bgp export TEST user@MX22# set protocols bgp local-as 65300 user@MX22# set protocols bgp group INT type internal user@MX22# set protocols bgp group INT family evpn signaling user@MX22# set protocols bgp group INT export TEST user@MX22# set protocols bgp group INT neighbor 203.0.113.1 user@MX22# set protocols ospf traffic-engineering user@MX22# set protocols ospf area 0.0.0.0 interface ge-1/0/2.0 user@MX22# set protocols ospf area 0.0.0.0 interface lo0.88 passive
Configure EVPN-based MPLS routing instances on the MX22 router for each virtual network. Define the route distinguisher (used to identify and advertise EVPN-MPLS routes) and
vrf-target(exports and tags all routes for that local VRF using the defined route target). Configure a bridge domain for each virtual router that maps VLAN IDs.content_copy zoom_out_map[edit] user@MX22# set routing-instances EVPN-MPLS-1 instance-type virtual-switch user@MX22# set routing-instances EVPN-MPLS-1 interface lt-1/0/0.0 user@MX22# set routing-instances EVPN-MPLS-1 route-distinguisher 198.51.100.22:100 user@MX22# set routing-instances EVPN-MPLS-1 vrf-target target:1:2 user@MX22# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file MX22-EVPN-MPLS-1.log user@MX22# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions file size 10m user@MX22# set routing-instances EVPN-MPLS-1 protocols evpn traceoptions flag all user@MX22# set routing-instances EVPN-MPLS-1 protocols evpn extended-vlan-list 1-5 user@MX22# set routing-instances EVPN-MPLS-1 protocols evpn default-gateway no-gateway-community user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 domain-type bridge user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-1 vlan-id 1 user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 domain-type bridge user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-2 vlan-id 2 user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 domain-type bridge user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-3 vlan-id 3 user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 domain-type bridge user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-4 vlan-id 4 user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 domain-type bridge user@MX22# set routing-instances EVPN-MPLS-1 bridge-domains BD-5 vlan-id 5
Configure EVPN-VXLAN routing instances on the MX22 router for each virtual network. Define the VTEP source interface, route distinguisher (used to identify and advertise EVPN routes), and
vrf-target(exports and tags all routes for that local VRF using the defined route target). Configure the EVPN protocol, encapsulation method, VNI list, and BUM traffic forwarding method. Finally, configure a bridge domain for each virtual router that maps VNIDs to VLAN IDs, and identify the BUM forwarding method.content_copy zoom_out_map[edit] user@MX22# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.88 user@MX22# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@MX22# set routing-instances EVPN-VXLAN-1 interface lt-1/0/0.1 user@MX22# set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.22:1 user@MX22# set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 user@MX22# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file MX22-EVPN-VXLAN-1.log user@MX22# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@MX22# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@MX22# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@MX22# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@MX22# set routing-instances EVPN-VXLAN-1 protocols evpn default-gateway no-gateway-community user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 routing-interface irb.1 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 routing-interface irb.2 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 routing-interface irb.3 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 routing-interface irb.4 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 routing-interface irb.5 user@MX22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5 user@MX22# set routing-instances VRF instance-type vrf user@MX22# set routing-instances VRF interface irb.1 user@MX22# set routing-instances VRF interface irb.2 user@MX22# set routing-instances VRF interface irb.3 user@MX22# set routing-instances VRF interface irb.4 user@MX22# set routing-instances VRF interface irb.5 user@MX22# set routing-instances VRF route-distinguisher 1:1 user@MX22# set routing-instances VRF vrf-target target:10:10
Configuring ToR21
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.
Configure the MX router as ToR21:
Set the system hostname.
content_copy zoom_out_map[edit] user@ToR21# set system host-name ToR21
Configure the interfaces and bridge domains on the CE4 device to enable Layer 2 connectivity.
content_copy zoom_out_map[edit] user@ToR21# set logical-systems CE-4 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 4" user@ToR21# set logical-systems CE-4 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk user@ToR21# set logical-systems CE-4 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 user@ToR21# set logical-systems CE-4 interfaces ge-1/1/6 unit 0 description "CONNECTED TO ToR21" user@ToR21# set logical-systems CE-4 interfaces ge-1/1/6 unit 0 family bridge interface-mode trunk user@ToR21# set logical-systems CE-4 interfaces ge-1/1/6 unit 0 family bridge vlan-id-list 1-5 user@ToR21# set logical-systems CE-4 bridge-domains BD-1 domain-type bridge user@ToR21# set logical-systems CE-4 bridge-domains BD-1 vlan-id 1 user@ToR21# set logical-systems CE-4 bridge-domains BD-2 domain-type bridge user@ToR21# set logical-systems CE-4 bridge-domains BD-2 vlan-id 2 user@ToR21# set logical-systems CE-4 bridge-domains BD-3 domain-type bridge user@ToR21# set logical-systems CE-4 bridge-domains BD-3 vlan-id 3 user@ToR21# set logical-systems CE-4 bridge-domains BD-4 domain-type bridge user@ToR21# set logical-systems CE-4 bridge-domains BD-4 vlan-id 4 user@ToR21# set logical-systems CE-4 bridge-domains BD-5 domain-type bridge user@ToR21# set logical-systems CE-4 bridge-domains BD-5 vlan-id 5
Configure trace options for the interfaces to enable trace logs.
content_copy zoom_out_map[edit] user@ToR21# set interfaces traceoptions file ToR21-DCD.log user@ToR21# set interfaces traceoptions file size 10m user@ToR21# set interfaces traceoptions flag all
Set the number of aggregated Ethernet interfaces.
content_copy zoom_out_map[edit] user@ToR21# set chassis aggregated-devices ethernet device-count 1
Configure the interfaces on the ToR21 device to connect to the MX22, CE-5, CE-4, ToR22, and MX21 devices to enable underlay connectivity.
content_copy zoom_out_map[edit] user@ToR21# set interfaces xe-0/0/0 unit 0 description "CONNECTED TO MX22" user@ToR21# set interfaces xe-0/0/0 unit 0 family inet address 192.168.10.2/24 user@ToR21# set interfaces ge-1/0/0 description "CONNECTED TO CE-5" user@ToR21# set interfaces ge-1/0/0 gigether-options 802.3ad ae0 user@ToR21# set interfaces ge-1/0/1 unit 0 description "CONNECTED TO MX21" user@ToR21# set interfaces ge-1/0/1 unit 0 family inet address 192.168.9.2/24 user@ToR21# set interfaces ge-1/0/6 unit 0 description "CONNECTED TO CE-4" user@ToR21# set interfaces ge-1/0/6 unit 0 family bridge interface-mode trunk user@ToR21# set interfaces ge-1/0/6 unit 0 family bridge vlan-id-list 1-5 user@ToR21# set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR22" user@ToR21# set interfaces ge-1/1/3 unit 0 family inet address 192.168.12.1/24
Configure a Link Aggregation Control Protocol (LACP)-enabled link aggregation group (LAG) interface towards the CE-5 end host device. The ESI value is globally unique across the entire EVPN domain. The
all-activeconfiguration enables ToR21 and ToR22 to forward traffic to, and from the CE devices, such that all CE links are actively used.content_copy zoom_out_map[edit] user@ToR21# set interfaces ae0 esi 00:44:44:44:44:44:44:44:44:44 user@ToR21# set interfaces ae0 esi all-active user@ToR21# set interfaces ae0 aggregated-ether-options lacp active user@ToR21# set interfaces ae0 aggregated-ether-options lacp periodic fast user@ToR21# set interfaces ae0 aggregated-ether-options lacp system-id 22:22:22:22:22:22 user@ToR21# set interfaces ae0 unit 0 family bridge interface-mode trunk user@ToR21# set interfaces ae0 unit 0 family bridge vlan-id-list 1-5
Configure the loopback interface address and routing options.
content_copy zoom_out_map[edit] user@ToR21# set interfaces lo0 unit 90 family inet address 198.51.100.11/32 user@ToR21# set routing-options router-id 198.51.100.11 user@ToR21# set routing-options autonomous-system 64600
Apply the load balancing policy to the forwarding table.
content_copy zoom_out_map[edit] user@ToR21# set routing-options forwarding-table export evpn-pplb
Configure external BGP (EBGP) underlay connectivity between the ToR (ToR21 and ToR22) and gateway routers (MX21 and MX22).
content_copy zoom_out_map[edit] user@ToR21# set protocols bgp export TEST user@ToR21# set protocols bgp local-as 64600 user@ToR21# set protocols bgp group MX21 type external user@ToR21# set protocols bgp group MX21 local-address 192.168.9.2 user@ToR21# set protocols bgp group MX21 export LO user@ToR21# set protocols bgp group MX21 export TEST user@ToR21# set protocols bgp group MX21 peer-as 64800 user@ToR21# set protocols bgp group MX21 local-as 64600 user@ToR21# set protocols bgp group MX21 neighbor 192.168.9.1 family inet unicast user@ToR21# set protocols bgp group MX22 type external user@ToR21# set protocols bgp group MX22 local-address 192.168.10.2 user@ToR21# set protocols bgp group MX22 export LO user@ToR21# set protocols bgp group MX22 export TEST user@ToR21# set protocols bgp group MX22 peer-as 64900 user@ToR21# set protocols bgp group MX22 local-as 64600 user@ToR21# set protocols bgp group MX22 neighbor 192.168.10.1 family inet unicast user@ToR21# set protocols bgp group ToR22 type external user@ToR21# set protocols bgp group ToR22 local-address 192.168.12.1 user@ToR21# set protocols bgp group ToR22 export LO user@ToR21# set protocols bgp group ToR22 export TEST user@ToR21# set protocols bgp group ToR22 peer-as 64700 user@ToR21# set protocols bgp group ToR22 local-as 64600 user@ToR21# set protocols bgp group ToR22 neighbor 192.168.12.2 family inet unicast
Configure a multiprotocol external BGP (MP-EBGP) overlay between the ToR (ToR21 and ToR22) and gateway routers (MX21 and MX22) and set EVPN as the signaling protocol.
Step-by-Step Procedure
Configure a MP-EBGP overlay to connect between ToR21 and MX21 using EVPN signaling.
content_copy zoom_out_map[edit] user@ToR21# set protocols bgp group MX21-EVPN type external user@ToR21# set protocols bgp group MX21-EVPN multihop ttl 2 user@ToR21# set protocols bgp group MX21-EVPN multihop no-nexthop-change user@ToR21# set protocols bgp group MX21-EVPN local-address 198.51.100.11 user@ToR21# set protocols bgp group MX21-EVPN peer-as 64800 user@ToR21# set protocols bgp group MX21-EVPN local-as 64600 user@ToR21# set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling
Configure a MP-EBGP overlay to connect between ToR21 and MX22 using EVPN signaling.
content_copy zoom_out_map[edit] user@ToR21# set protocols bgp group MX22-EVPN type external user@ToR21# set protocols bgp group MX22-EVPN multihop ttl 2 user@ToR21# set protocols bgp group MX22-EVPN multihop no-nexthop-change user@ToR21# set protocols bgp group MX22-EVPN local-address 198.51.100.11 user@ToR21# set protocols bgp group MX22-EVPN peer-as 64900 user@ToR21# set protocols bgp group MX22-EVPN local-as 64600 user@ToR21# set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling
Configure a MP-EBGP overlay to connect between ToR21 and ToR22 using EVPN signaling.
content_copy zoom_out_map[edit] user@ToR21# set protocols bgp group ToR22-EVPN type external user@ToR21# set protocols bgp group ToR22-EVPN multihop ttl 2 user@ToR21# set protocols bgp group ToR22-EVPN multihop no-nexthop-change user@ToR21# set protocols bgp group ToR22-EVPN local-address 198.51.100.11 user@ToR21# set protocols bgp group ToR22-EVPN peer-as 64700 user@ToR21# set protocols bgp group ToR22-EVPN local-as 64600 user@ToR21# set protocols bgp group ToR22-EVPN neighbor 198.51.100.12 family evpn signaling
Configure trace operations to track all Layer 2 address learning and forwarding properties.
content_copy zoom_out_map[edit] user@ToR21# set protocols l2-learning traceoptions file TOR21-L2ALD.log user@ToR21# set protocols l2-learning traceoptions file size 10m user@ToR21# set protocols l2-learning traceoptions level all user@ToR21# set protocols l2-learning traceoptions flag all
Configure routing policy to accept the direct loopback address route.
content_copy zoom_out_map[edit] user@ToR21# set policy-options policy-statement LO term 1 from protocol direct user@ToR21# set policy-options policy-statement LO term 1 from route-filter 198.51.100.11/32 exact user@ToR21# set policy-options policy-statement LO term 1 then accept
Configure the NO-EXPORT community.
content_copy zoom_out_map[edit] user@ToR21# set policy-options community NO-EXPORT members no-advertise user@ToR21# set policy-options community NO-EXPORT members no-export user@ToR21# set policy-options community NO-EXPORT members no-export-subconfed
Configure the load balancing and TEST policies.
content_copy zoom_out_map[edit] user@ToR21# set policy-options policy-statement TEST then community add NO-EXPORT user@ToR21# set policy-options policy-statement evpn-pplb from protocol evpn user@ToR21# set policy-options policy-statement evpn-pplb then load-balance per-packet
Configure EVPN routing instances for each virtual network. Define the VTEP source interface, route distinguisher (used to identify and advertise EVPN routes), and
vrf-target(exports and tags all routes for that local VRF using the defined route target). Configure the EVPN protocol, encapsulation method, VNI list, and BUM traffic forwarding method. Finally, configure a bridge domain for each virtual router that maps VNIDs to VLAN IDs, and identify the BUM forwarding method.content_copy zoom_out_map[edit] user@ToR21# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.90 user@ToR21# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@ToR21# set routing-instances EVPN-VXLAN-1 interface ge-1/0/6.0 user@ToR21# set routing-instances EVPN-VXLAN-1 interface ae0.0 user@ToR21# set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.11:1 user@ToR21# set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 user@ToR21# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR21-EVPN-VXLAN-1.log user@ToR21# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@ToR21# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@ToR21# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@ToR21# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@ToR21# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
Configuring ToR22
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.
Configure the MX router ToR22:
Set the system hostname.
content_copy zoom_out_map[edit] user@ToR22# set system host-name ToR22
Configure the interfaces and bridge domains on the CE-5 device to enable Layer 2 connectivity.
content_copy zoom_out_map[edit] user@ToR22# set logical-systems CE-5 interfaces ge-1/0/9 unit 0 description "CONNECTED TO Host 5" user@ToR22# set logical-systems CE-5 interfaces ge-1/0/9 unit 0 family bridge interface-mode trunk user@ToR22# set logical-systems CE-5 interfaces ge-1/0/9 unit 0 family bridge vlan-id-list 1-5 user@ToR22# set logical-systems CE-5 interfaces ae1 unit 0 description "CONNECTED TO ToR21" user@ToR22# set logical-systems CE-5 interfaces ae1 unit 0 family bridge interface-mode trunk user@ToR22# set logical-systems CE-5 interfaces ae1 unit 0 family bridge vlan-id-list 1-5 user@ToR22# set logical-systems CE-5 bridge-domains BD-1 domain-type bridge user@ToR22# set logical-systems CE-5 bridge-domains BD-1 vlan-id 1 user@ToR22# set logical-systems CE-5 bridge-domains BD-2 domain-type bridge user@ToR22# set logical-systems CE-5 bridge-domains BD-2 vlan-id 2 user@ToR22# set logical-systems CE-5 bridge-domains BD-3 domain-type bridge user@ToR22# set logical-systems CE-5 bridge-domains BD-3 vlan-id 3 user@ToR22# set logical-systems CE-5 bridge-domains BD-4 domain-type bridge user@ToR22# set logical-systems CE-5 bridge-domains BD-4 vlan-id 4 user@ToR22# set logical-systems CE-5 bridge-domains BD-5 domain-type bridge user@ToR22# set logical-systems CE-5 bridge-domains BD-5 vlan-id 5
Configure the interfaces and bridge domains on the CE-6 device to enable Layer 2 connectivity.
content_copy zoom_out_map[edit] user@ToR22# set logical-systems CE-6 interfaces ge-1/1/6 unit 0 description "CONNECTED TO ToR22" user@ToR22# set logical-systems CE-6 interfaces ge-1/1/6 unit 0 family bridge interface-mode trunk user@ToR22# set logical-systems CE-6 interfaces ge-1/1/6 unit 0 family bridge vlan-id-list 1-5 user@ToR22# set logical-systems CE-6 interfaces ge-1/1/9 unit 0 description "CONNECTED TO Host 6" user@ToR22# set logical-systems CE-6 interfaces ge-1/1/9 unit 0 family bridge interface-mode trunk user@ToR22# set logical-systems CE-6 interfaces ge-1/1/9 unit 0 family bridge vlan-id-list 1-5 user@ToR22# set logical-systems CE-6 bridge-domains BD-1 domain-type bridge user@ToR22# set logical-systems CE-6 bridge-domains BD-1 vlan-id 1 user@ToR22# set logical-systems CE-6 bridge-domains BD-2 domain-type bridge user@ToR22# set logical-systems CE-6 bridge-domains BD-2 vlan-id 2 user@ToR22# set logical-systems CE-6 bridge-domains BD-3 domain-type bridge user@ToR22# set logical-systems CE-6 bridge-domains BD-3 vlan-id 3 user@ToR22# set logical-systems CE-6 bridge-domains BD-4 domain-type bridge user@ToR22# set logical-systems CE-6 bridge-domains BD-4 vlan-id 4 user@ToR22# set logical-systems CE-6 bridge-domains BD-5 domain-type bridge user@ToR22# set logical-systems CE-6 bridge-domains BD-5 vlan-id 5
Configure trace options for the interfaces to enable trace logs.
content_copy zoom_out_map[edit] user@ToR22# set interfaces traceoptions file R7-DCD.log user@ToR22# set interfaces traceoptions file size 10m user@ToR22# set interfaces traceoptions flag all
Set the number of aggregated Ethernet interfaces.
content_copy zoom_out_map[edit] user@ToR22# set chassis aggregated-devices ethernet device-count 2
Configure the interfaces on the ToR22 device to connect to the MX22, CE-5, CE-6, ToR21, and MX21 devices to enable underlay connectivity.
content_copy zoom_out_map[edit] user@ToR22# set interfaces xe-0/0/0 unit 0 description "CONNECTED TO MX22" user@ToR22# set interfaces xe-0/0/0 unit 0 family inet address 192.168.11.2/24 user@ToR22# set interfaces ge-1/0/0 description "CONNECTED TO ToR21" user@ToR22# set interfaces ge-1/0/0 gigether-options 802.3ad ae1 user@ToR22# set interfaces ge-1/0/6 unit 0 description "CONNECTED TO CE-6" user@ToR22# set interfaces ge-1/0/6 unit 0 family bridge interface-mode trunk user@ToR22# set interfaces ge-1/0/6 unit 0 family bridge vlan-id-list 1-5 user@ToR22# set interfaces ge-1/0/7 description "CONNECTED TO ToR22" user@ToR22# set interfaces ge-1/0/7 gigether-options 802.3ad ae1 user@ToR22# set interfaces ge-1/1/0 unit 0 description "CONNECTED TO MX21" user@ToR22# set interfaces ge-1/1/0 unit 0 family inet address 192.168.8.2/24 user@ToR22# set interfaces ge-1/1/3 unit 0 description "CONNECTED TO ToR21" user@ToR22# set interfaces ge-1/1/3 unit 0 family inet address 192.168.12.2/24 user@ToR22# set interfaces ge-1/1/7 description "CONNECTED TO CE-5" user@ToR22# set interfaces ge-1/1/7 gigether-options 802.3ad ae0
Configure a Link Aggregation Control Protocol (LACP)-enabled link aggregation group (LAG) interface towards the CE-5 end host device. The ESI value is globally unique across the entire EVPN domain. The
all-activeconfiguration enables ToR21 and ToR22 to forward traffic to, and from the CE devices, such that all CE links are actively used.content_copy zoom_out_map[edit] user@ToR22# set interfaces ae0 esi 00:44:44:44:44:44:44:44:44:44 user@ToR22# set interfaces ae0 esi all-active user@ToR22# set interfaces ae0 aggregated-ether-options lacp active user@ToR22# set interfaces ae0 aggregated-ether-options lacp periodic fast user@ToR22# set interfaces ae0 aggregated-ether-options lacp system-id 22:22:22:22:22:22 user@ToR22# set interfaces ae0 unit 0 family bridge interface-mode trunk user@ToR22# set interfaces ae0 unit 0 family bridge vlan-id-list 1-5 user@ToR22# set interfaces ae1 aggregated-ether-options lacp active user@ToR22# set interfaces ae1 aggregated-ether-options lacp periodic fast user@ToR22# set interfaces ae1 aggregated-ether-options lacp system-id 22:22:22:22:22:22
Configure the loopback interface address and routing options.
content_copy zoom_out_map[edit] user@ToR22# set interfaces lo0 unit 92 family inet address 198.51.100.12/32 user@ToR22# set routing-options router-id 198.51.100.12 user@ToR22# set routing-options autonomous-system 64700
Apply the load balancing policy to the forwarding table.
content_copy zoom_out_map[edit] user@ToR22# set routing-options forwarding-table export evpn-pplb
Configure external BGP (EBGP) underlay connectivity between the ToR (ToR22 and ToR21) and gateway routers (MX21 and MX22).
content_copy zoom_out_map[edit] user@ToR22# set protocols bgp local-as 64700 user@ToR22# set protocols bgp group MX21 type external user@ToR22# set protocols bgp group MX21 local-address 192.168.8.2 user@ToR22# set protocols bgp group MX21 export LO user@ToR22# set protocols bgp group MX21 export TEST user@ToR22# set protocols bgp group MX21 peer-as 64800 user@ToR22# set protocols bgp group MX21 local-as 64700 user@ToR22# set protocols bgp group MX21 neighbor 192.168.8.1 family inet unicast user@ToR22# set protocols bgp group MX22 type external user@ToR22# set protocols bgp group MX22 local-address 192.168.11.2 user@ToR22# set protocols bgp group MX22 export LO user@ToR22# set protocols bgp group MX22 export TEST user@ToR22# set protocols bgp group MX22 peer-as 64900 user@ToR22# set protocols bgp group MX22 local-as 64700 user@ToR22# set protocols bgp group MX22 neighbor 192.168.11.1 family inet unicast user@ToR22# set protocols bgp group ToR21 type external user@ToR22# set protocols bgp group ToR21 local-address 192.168.12.2 user@ToR22# set protocols bgp group ToR21 export LO user@ToR22# set protocols bgp group ToR21 export TEST user@ToR22# set protocols bgp group ToR21 peer-as 64600 user@ToR22# set protocols bgp group ToR21 local-as 64700 user@ToR22# set protocols bgp group ToR21 neighbor 192.168.12.1 family inet unicast
Configure a multiprotocol external BGP (MP-EBGP) overlay between the ToR (ToR22 and ToR21) and gateway routers (MX21 and MX22) and set EVPN as the signaling protocol.
Step-by-Step Procedure
Configure a MP-EBGP overlay to connect between ToR22 and MX21 using EVPN signaling.
content_copy zoom_out_map[edit] user@ToR22# set protocols bgp group MX21-EVPN type external user@ToR22# set protocols bgp group MX21-EVPN multihop ttl 2 user@ToR22# set protocols bgp group MX21-EVPN multihop no-nexthop-change user@ToR22# set protocols bgp group MX21-EVPN local-address 198.51.100.12 user@ToR22# set protocols bgp group MX21-EVPN peer-as 64800 user@ToR22# set protocols bgp group MX21-EVPN local-as 64700 user@ToR22# set protocols bgp group MX21-EVPN neighbor 198.51.100.21 family evpn signaling
Configure a MP-EBGP overlay to connect between ToR22 and MX22 using EVPN signaling.
content_copy zoom_out_map[edit] user@ToR22# set protocols bgp group MX22-EVPN type external user@ToR22# set protocols bgp group MX22-EVPN multihop ttl 2 user@ToR22# set protocols bgp group MX22-EVPN multihop no-nexthop-change user@ToR22# set protocols bgp group MX22-EVPN local-address 198.51.100.12 user@ToR22# set protocols bgp group MX22-EVPN peer-as 64900 user@ToR22# set protocols bgp group MX22-EVPN local-as 64700 user@ToR22# set protocols bgp group MX22-EVPN neighbor 198.51.100.22 family evpn signaling
Configure a MP-EBGP overlay to connect between ToR22 and ToR21 using EVPN signaling.
content_copy zoom_out_map[edit] user@ToR22# set protocols bgp group ToR21-EVPN type external user@ToR22# set protocols bgp group ToR21-EVPN multihop ttl 2 user@ToR22# set protocols bgp group ToR21-EVPN multihop no-nexthop-change user@ToR22# set protocols bgp group ToR21-EVPN local-address 198.51.100.12 user@ToR22# set protocols bgp group ToR21-EVPN peer-as 64600 user@ToR22# set protocols bgp group ToR21-EVPN local-as 64700 user@ToR22# set protocols bgp group ToR21-EVPN neighbor 198.51.100.11 family evpn signaling
Configure trace operations to track all Layer 2 address learning and forwarding properties.
content_copy zoom_out_map[edit] user@ToR22# set protocols l2-learning traceoptions file TOR22-L2ALD.log user@ToR22# set protocols l2-learning traceoptions file size 10m user@ToR22# set protocols l2-learning traceoptions level all user@ToR22# set protocols l2-learning traceoptions flag all
Configure routing policy to accept the direct loopback address route.
content_copy zoom_out_map[edit] user@ToR22# set policy-options policy-statement LO term 1 from protocol direct user@ToR22# set policy-options policy-statement LO term 1 from route-filter 198.51.100.12/32 exact user@ToR22# set policy-options policy-statement LO term 1 then accept
Configure the NO-EXPORT community.
content_copy zoom_out_map[edit] user@ToR22# set policy-options community NO-EXPORT members no-advertise user@ToR22# set policy-options community NO-EXPORT members no-export user@ToR22# set policy-options community NO-EXPORT members no-export-subconfed
Configure the load balancing and TEST policies.
content_copy zoom_out_map[edit] user@ToR22# set policy-options policy-statement TEST then community add NO-EXPORT user@ToR22# set policy-options policy-statement evpn-pplb from protocol evpn user@ToR22# set policy-options policy-statement evpn-pplb then load-balance per-packet
Configure EVPN routing instances for each virtual network. Define the VTEP source interface, route distinguisher (used to identify and advertise EVPN routes), and
vrf-target(exports and tags all routes for that local VRF using the defined route target). Configure the EVPN protocol, encapsulation method, VNI list, and BUM traffic forwarding method. Finally, configure a bridge domain for each virtual router that maps VNIDs to VLAN IDs, and identify the BUM forwarding method.content_copy zoom_out_map[edit] user@ToR22# set routing-instances EVPN-VXLAN-1 vtep-source-interface lo0.92 user@ToR22# set routing-instances EVPN-VXLAN-1 instance-type virtual-switch user@ToR22# set routing-instances EVPN-VXLAN-1 interface ge-1/0/6.0 user@ToR22# set routing-instances EVPN-VXLAN-1 interface ae0.0 user@ToR22# set routing-instances EVPN-VXLAN-1 route-distinguisher 198.51.100.12:1 user@ToR22# set routing-instances EVPN-VXLAN-1 vrf-target target:1:3 user@ToR22# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file TOR22-EVPN-VXLAN-1.log user@ToR22# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions file size 10m user@ToR22# set routing-instances EVPN-VXLAN-1 protocols evpn traceoptions flag all user@ToR22# set routing-instances EVPN-VXLAN-1 protocols evpn encapsulation vxlan user@ToR22# set routing-instances EVPN-VXLAN-1 protocols evpn extended-vni-list 1-5 user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 domain-type bridge user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vlan-id 1 user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-1 vxlan vni 1 user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 domain-type bridge user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vlan-id 2 user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-2 vxlan vni 2 user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 domain-type bridge user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vlan-id 3 user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-3 vxlan vni 3 user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 domain-type bridge user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vlan-id 4 user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-4 vxlan vni 4 user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 domain-type bridge user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vlan-id 5 user@ToR22# set routing-instances EVPN-VXLAN-1 bridge-domains BD-5 vxlan vni 5
Verification
After you configure both the underlay and EVPN overlay we recommend that you verify that the configurations work as you intended.
- Verifying ToR11 Configuration
- Verifying ToR12 Configuration
- Verifying Data Center Gateway and WAN Edge 1 Router (MX11) Configuration
- Verifying Data Center Gateway and WAN Edge 2 Router (MX12) Configuration
- Verifying Data Center Gateway and WAN Edge 3 Router (MX21) Configuration
- Verifying Data Center Gateway and WAN Edge 4 Router (MX22) Configuration
- Verifying ToR21 Configuration
- Verifying ToR22 Configuration
Verifying ToR11 Configuration
Purpose
Verify that ToR11 is properly configured.
Action
Verify that the logical system interfaces and bridge domains on the CE2 device are properly configured to enable Layer 2 connectivity.
content_copy zoom_out_map
user@ToR11> show configuration logical-systems
CE-2 {
interfaces {
ge-1/0/9 {
unit 0 {
description "CONNECTED TO Host-2";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
ge-1/1/6 {
unit 0 {
description "CONNECTED TO ToR11";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
}
BD-2 {
domain-type bridge;
vlan-id 2;
}
BD-3 {
domain-type bridge;
vlan-id 3;
}
BD-4 {
domain-type bridge;
vlan-id 4;
}
BD-5 {
domain-type bridge;
vlan-id 5;
}
}
}Verify that the interfaces and trace options on ToR11 are configured properly to enable underlay connectivity to other ToR and gateway and WAN edge devices.
content_copy zoom_out_map
user@ToR11> show configuration interfaces
traceoptions {
file ToR11-DCD.log size 10m;
flag all;
}
ge-1/0/0 {
description "CONNECTED TO CE-1";
gigether-options {
802.3ad ae0;
}
}
ge-1/0/5 {
unit 0 {
description "CONNECTED TO MX12";
family inet {
address 192.168.4.1/24;
}
}
}
ge-1/0/6 {
unit 0 {
description "CONNECTED TO CE-2";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
ge-1/1/1 {
unit 0 {
description "CONNECTED TO MX11";
family inet {
address 192.168.3.1/24;
}
}
}
ge-1/1/3 {
unit 0 {
description "CONNECTED TO ToR12";
family inet {
address 192.168.2.1/24;
}
}
}
ae0 {
esi {
00:11:11:11:11:11:11:11:11:11;
all-active;
}
aggregated-ether-options {
lacp {
active;
periodic fast;
system-id 11:11:11:11:11:11;
}
}
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
lo0 {
unit 81 {
family inet {
address 192.0.2.11/32;
}
}
}Verify that the routing and load balancing options are properly configured.
content_copy zoom_out_map
user@ToR11> show configuration routing-options
router-id 192.0.2.11;
autonomous-system 65100;
forwarding-table {
export evpn-pplb;
}
Verify that the external BGP (EBGP) underlay and overlay protocols and Layer 2 address learning and forwarding properties are properly configured.
content_copy zoom_out_map
user@ToR11> show configuration protocols
bgp {
local-as 65100;
group MX11 {
type external;
local-address 192.168.3.1;
export [ LO TEST ];
peer-as 65400;
neighbor 192.168.3.2 {
family inet {
unicast;
}
}
}
group MX12 {
type external;
local-address 192.168.4.1;
export [ LO TEST ];
peer-as 65500;
neighbor 192.168.4.2 {
family inet {
unicast;
}
}
}
group ToR12 {
type external;
local-address 192.168.2.1;
export [ LO TEST ];
peer-as 65200;
local-as 65100;
neighbor 192.168.2.2 {
family inet {
unicast;
}
}
}
group MX11-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.11;
export TEST;
peer-as 65400;
local-as 65100;
neighbor 192.0.2.21 {
family evpn {
signaling;
}
}
}
group MX12-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.11;
export TEST;
peer-as 65500;
local-as 65100;
neighbor 192.0.2.22 {
family evpn {
signaling;
}
}
}
group ToR12-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.11;
export TEST;
peer-as 65200;
local-as 65100;
neighbor 192.0.2.12 {
family evpn {
signaling;
}
}
}
}
l2-learning {
traceoptions {
file TOR11-L2ALD.log size 10m;
level all;
flag all;
}
}Verify that the routing policies for the loopback address, load balancing, and TEST policies, and the community policy options are properly configured.
content_copy zoom_out_map
user@ToR11> show configuration policy-options
policy-statement LO {
term 1 {
from {
protocol direct;
route-filter 192.0.2.11/32 exact;
}
then accept;
}
}
policy-statement TEST {
then {
community add NO-EXPORT;
}
}
policy-statement evpn-pplb {
from protocol evpn;
then {
load-balance per-packet;
}
}
community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
Verify that the EVPN-VXLAN routing instances for each virtual network are properly configured.
content_copy zoom_out_map
user@ToR11> show configuration routing-instances
EVPN-VXLAN-1 {
vtep-source-interface lo0.81;
instance-type virtual-switch;
interface ge-1/0/6.0;
interface ae0.0;
route-distinguisher 192.0.2.11:1;
vrf-target target:1:1;
protocols {
evpn {
traceoptions {
file TOR11-EVPN-VXLAN-1.log size 10m;
flag all;
}
encapsulation vxlan;
extended-vni-list 1-5;
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
vxlan {
vni 1;
}
}
BD-2 {
domain-type bridge;
vlan-id 2;
vxlan {
vni 2;
}
}
BD-3 {
domain-type bridge;
vlan-id 3;
vxlan {
vni 3;
}
}
BD-4 {
domain-type bridge;
vlan-id 4;
vxlan {
vni 4;
}
}
BD-5 {
domain-type bridge;
vlan-id 5;
vxlan {
vni 5;
}
}
}
}Verifying ToR12 Configuration
Purpose
Verify that ToR12 is properly configured.
Action
Verify that the logical system interfaces and bridge domains on the CE1 and CE3 devices are properly configured to enable Layer 2 connectivity.
content_copy zoom_out_map
user@ToR12> show configuration logical-systems
CE-1 {
interfaces {
ge-1/0/9 {
unit 0 {
description "CONNECTED TO Host 1";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
ae1 {
unit 0 {
description "CONNECTED TO ToR12";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
}
BD-2 {
domain-type bridge;
vlan-id 2;
}
BD-3 {
domain-type bridge;
vlan-id 3;
}
BD-4 {
domain-type bridge;
vlan-id 4;
}
BD-5 {
domain-type bridge;
vlan-id 5;
}
}
}
user@ToR12> show configuration logical-systems
CE-3 {
interfaces {
ge-1/1/7 {
unit 0 {
description "CONNECTED TO ToR12";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
ge-1/1/9 {
unit 0 {
description "CONNECTED TO Host 3";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
}
BD-2 {
domain-type bridge;
vlan-id 2;
}
BD-3 {
domain-type bridge;
vlan-id 3;
}
BD-4 {
domain-type bridge;
vlan-id 4;
}
BD-5 {
domain-type bridge;
vlan-id 5;
}
}
}Verify that the interfaces and trace options on ToR12 are configured properly to enable underlay connectivity to other ToR and gateway and WAN edge devices.
content_copy zoom_out_map
user@ToR12>show configuration interfaces
traceoptions {
file ToR12-DCD.log size 10m;
flag all;
}
ge-1/0/0 {
unit 0 {
description "CONNECTED TO MX11";
family inet {
address 192.168.6.1/24;
}
}
}
ge-1/0/4 {
unit 0 {
description "CONNECTED TO MX12";
family inet {
address 192.168.5.1/24;
}
}
}
ge-1/0/6 {
description "CONNECTED TO CE-1";
gigether-options {
802.3ad ae0;
}
}
ge-1/0/7 {
unit 0 {
description "CONNECTED TO CE-3";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
ge-1/1/0 {
description "CONNECTED TO ToR11";
gigether-options {
802.3ad ae1;
}
}
ge-1/1/3 {
unit 0 {
description "CONNECTED TO ToR11";
family inet {
address 192.168.2.2/24;
}
}
}
ge-1/1/6 {
description "CONNECTED TO ToR12";
gigether-options {
802.3ad ae1;
}
}
ae0 {
esi {
00:11:11:11:11:11:11:11:11:11;
all-active;
}
aggregated-ether-options {
lacp {
system-id 11:11:11:11:11:11;
}
}
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
ae1 {
aggregated-ether-options {
lacp {
active;
periodic fast;
}
}
}
lo0 {
unit 82 {
family inet {
address 192.0.2.12/32;
}
}
}Verify that the routing and load balancing options are properly configured.
content_copy zoom_out_map
user@ToR12> show configuration routing-options
router-id 192.0.2.12;
autonomous-system 65200;
forwarding-table {
export evpn-pplb;
}
Verify that external BGP (EBGP) underlay and overlay protocols and Layer 2 address learning and forwarding properties are properly configured.
content_copy zoom_out_map
user@ToR12> show configuration protocols
bgp {
local-as 65200;
group MX11 {
type external;
local-address 192.168.6.1;
export [ LO TEST ];
peer-as 65400;
local-as 65200;
neighbor 192.168.6.2 {
family inet {
unicast;
}
}
}
group MX12 {
type external;
local-address 192.168.5.1;
export [ LO TEST ];
peer-as 65500;
local-as 65200;
neighbor 192.168.5.2 {
family inet {
unicast;
}
}
}
group ToR11 {
type external;
local-address 192.168.2.2;
export [ LO TEST ];
peer-as 65100;
local-as 65200;
neighbor 192.168.2.1 {
family inet {
unicast;
}
}
}
group MX11-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.12;
export TEST;
peer-as 65400;
local-as 65200;
neighbor 192.0.2.21 {
family evpn {
signaling;
}
}
}
group MX12-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.12;
export TEST;
peer-as 65500;
local-as 65200;
neighbor 192.0.2.22 {
family evpn {
signaling;
}
}
}
group ToR11-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.12;
export TEST;
peer-as 65100;
local-as 65200;
neighbor 192.0.2.11 {
family evpn {
signaling;
}
}
}
group ToR12-EVPN {
export TEST;
}
}
l2-learning {
traceoptions {
file TOR12-L2ALD.log size 10m;
level all;
flag all;
}
}
Verify that the routing policies for the loopback address, load balancing, and TEST policies, and the community policy options are properly configured.
content_copy zoom_out_map
user@ToR12> show configuration policy-options
policy-statement LO {
term 1 {
from {
protocol direct;
route-filter 192.0.2.12/32 exact;
}
then accept;
}
}
policy-statement TEST {
then {
community add NO-EXPORT;
}
}
policy-statement evpn-pplb {
from protocol evpn;
then {
load-balance per-packet;
}
}
community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
Verify that the EVPN-VXLAN routing instances for each virtual network are properly configured.
content_copy zoom_out_map
user@ToR12> show configuration routing-instances
EVPN-VXLAN-1 {
vtep-source-interface lo0.82;
instance-type virtual-switch;
interface ge-1/0/7.0;
interface ae0.0;
route-distinguisher 192.0.2.12:1;
vrf-target target:1:1;
protocols {
evpn {
traceoptions {
file TOR12-EVPN-VXLAN-1.log size 10m;
flag all;
}
encapsulation vxlan;
extended-vni-list 1-5;
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
vxlan {
vni 1;
}
}
BD-2 {
domain-type bridge;
vlan-id 2;
vxlan {
vni 2;
}
}
BD-3 {
domain-type bridge;
vlan-id 3;
vxlan {
vni 3;
}
}
BD-4 {
domain-type bridge;
vlan-id 4;
vxlan {
vni 4;
}
}
BD-5 {
domain-type bridge;
vlan-id 5;
vxlan {
vni 5;
}
}
}
}Verifying Data Center Gateway and WAN Edge 1 Router (MX11) Configuration
Purpose
Verify that MX11 is properly configured.
Action
Verify that the interfaces on the MX11 router (DC GW/WAN Edge1) are configured for the following:
Underlay connectivity to the MX12, ToR11, ToR12, and P devices, which is the EVPN-VXLAN part of DC1 network.
content_copy zoom_out_map
user@MX11> show configuration interfaces
traceoptions {
file MX11-DCD.log size 10m;
flag all;
}
ge-1/1/1 {
unit 0 {
description "CONNECTED TO ToR11";
family inet {
address 192.168.3.2/24;
}
}
}
ge-5/1/0 {
unit 0 {
description "CONNECTED TO MX12";
family inet {
address 192.168.7.1/24;
}
}
}
ge-5/1/8 {
unit 0 {
description "CONNECTED TO ToR12";
family inet {
address 192.168.6.2/24;
}
}
}
ge-5/1/9 {
unit 0 {
description "CONNECTED TO P";
family inet {
address 203.0.1.1/24;
}
family mpls;
}
}
Integrated routing and bridging (IRB) interfaces that advertise the MAC and IP routes (MAC+IP type 2 routes) for hosts in the topology. The IRB configuration is the gateway for the VLANs on the hosts.
content_copy zoom_out_map
user@MX11> show configuration interfaces
irb {
unit 1 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:aa:aa:aa:aa:aa:aa:aa:aa;
all-active;
}
family inet {
address 10.11.1.12/24 {
virtual-gateway-address 10.11.1.10;
}
}
}
unit 2 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:bb:bb:bb:bb:bb:bb:bb:bb;
all-active;
}
family inet {
address 10.12.1.12/24 {
virtual-gateway-address 10.12.1.10;
}
}
}
unit 3 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:cc:cc:cc:cc:cc:cc:cc:cc;
all-active;
}
family inet {
address 10.13.1.12/24 {
virtual-gateway-address 10.13.1.10;
}
}
}
unit 4 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:dd:dd:dd:dd:dd:dd:dd:dd;
all-active;
}
family inet {
address 10.14.1.12/24 {
virtual-gateway-address 10.14.1.10;
}
}
}
unit 5 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:ee:ee:ee:ee:ee:ee:ee:ee;
all-active;
}
family inet {
address 10.15.1.12/24 {
virtual-gateway-address 10.15.1.10;
}
}
}
}
An ESI value and active-active multihoming on the logical tunnel interface. Use the same ESI value on all other gateway/WAN edge routers in the DC1 network.
content_copy zoom_out_map
user@MX11> show configuration interfaces
lt-5/1/0 {
esi {
00:22:22:22:22:22:22:22:22:22;
all-active;
}
}
A pair of logical tunnel (lt-) interfaces on the MX11 gateway router to interconnect the EVPN-VXLAN instance of the data center network with the MPLS-based EVPN instance of the WAN. One logical tunnel (lt-) interface is configured as the access interface for EVPN-VXLAN and the other logical tunnel (lt-) interface is configured as the access interface for MPLS-based EVPN.
content_copy zoom_out_map
user@MX11> show configuration interfaces
lt-5/1/0 {
unit 0 {
peer-unit 1;
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
unit 1 {
peer-unit 0;
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
Loopback interface address.
content_copy zoom_out_map
user@MX11> show configuration interfaces
lo0 {
unit 84 {
family inet {
address 192.0.2.21/32;
}
family mpls;
}
}Verify that the routing options and load balancing are properly configured.
content_copy zoom_out_map
user@MX11> show configuration routing-options
router-id 192.0.2.21;
autonomous-system 65300;
forwarding-table {
export evpn-pplb;
}Verify that external BGP (EBGP) underlay and overlay protocols and RSVP, MPLS, BGP, and OSPF protocols are properly configured.
content_copy zoom_out_map
user@MX11> show configuration protocols
rsvp {
interface all;
interface fxp0.0 {
disable;
}
}
mpls {
label-switched-path MX11-TO-MX12 {
to 192.0.2.22;
}
label-switched-path MX11-TO-P {
to 203.0.113.1;
}
label-switched-path MX11-TO-MX21 {
to 198.51.100.21;
}
label-switched-path MX11-TO-MX22 {
to 198.51.100.22;
}
interface all;
interface fxp0.0 {
disable;
}
}
bgp {
local-address 192.0.2.21;
local-as 65300;
group INT {
type internal;
local-address 192.0.2.21;
family evpn {
signaling;
}
export TEST;
neighbor 203.0.113.1;
}
group MX12 {
type external;
local-address 192.168.7.1;
export [ TEST LO ];
peer-as 65500;
local-as 65400;
neighbor 192.168.7.2 {
family inet {
unicast;
}
}
}
group ToR11 {
type external;
local-address 192.168.3.2;
import TEST;
export [ TEST LO ];
peer-as 65100;
local-as 65400;
neighbor 192.168.3.1 {
family inet {
unicast;
}
}
}
group ToR12 {
type external;
local-address 192.168.6.2;
export [ TEST LO ];
peer-as 65200;
local-as 65400;
neighbor 192.168.6.1 {
family inet {
unicast;
}
}
}
group MX12-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.21;
export TEST;
peer-as 65500;
local-as 65400;
neighbor 192.0.2.22 {
family evpn {
signaling;
}
}
}
group ToR11-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.21;
export TEST;
peer-as 65100;
local-as 65400;
neighbor 192.0.2.11 {
family evpn {
signaling;
}
}
}
group ToR12-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.21;
export TEST;
peer-as 65200;
local-as 65400;
neighbor 192.0.2.12 {
family evpn {
signaling;
}
}
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface ge-5/1/9.0;
interface lo0.84 {
passive;
}
}
}
l2-learning {
traceoptions {
file MX11-L2ALD.log size 10m;
level all;
flag all;
}
}Verify that the routing policies for the loopback address, load balancing, and TEST policies, and the community policy options are properly configured.
content_copy zoom_out_map
user@MX11> show configuration policy-options
policy-statement LO {
from {
protocol direct;
route-filter 192.0.2.21/32 exact;
}
then accept;
}
policy-statement TEST {
then {
community add NO-EXPORT;
}
}
policy-statement evpn-pplb {
from protocol evpn;
then {
load-balance per-packet;
}
}
community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];Verify that the EVPN-based MPLS routing instances and EVPN-VXLAN routing instances are properly configured.
content_copy zoom_out_map
user@MX11> show configuration routing-instances
EVPN-MPLS-1 {
instance-type virtual-switch;
interface lt-5/1/0.0;
route-distinguisher 192.0.2.21:100;
vrf-target target:1:2;
protocols {
evpn {
traceoptions {
file MX11-EVPN-MPLS-1.log size 10m;
flag all;
}
extended-vlan-list 1-5;
default-gateway no-gateway-community;
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
}
BD-2 {
domain-type bridge;
vlan-id 2;
}
BD-3 {
domain-type bridge;
vlan-id 3;
}
BD-4 {
domain-type bridge;
vlan-id 4;
}
BD-5 {
domain-type bridge;
vlan-id 5;
}
}
}
EVPN-VXLAN-1 {
vtep-source-interface lo0.84;
instance-type virtual-switch;
interface lt-5/1/0.1;
route-distinguisher 192.0.2.21:1;
vrf-target target:1:1;
protocols {
evpn {
traceoptions {
file MX11-EVPN-VXLAN-1.log size 10m;
flag all;
}
encapsulation vxlan;
extended-vni-list 1-5;
default-gateway no-gateway-community;
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
routing-interface irb.1;
vxlan {
vni 1;
}
}
BD-2 {
domain-type bridge;
vlan-id 2;
routing-interface irb.2;
vxlan {
vni 2;
}
}
BD-3 {
domain-type bridge;
vlan-id 3;
routing-interface irb.3;
vxlan {
vni 3;
}
}
BD-4 {
domain-type bridge;
vlan-id 4;
routing-interface irb.4;
vxlan {
vni 4;
}
}
BD-5 {
domain-type bridge;
vlan-id 5;
routing-interface irb.5;
vxlan {
vni 5;
}
}
}
}
VRF {
instance-type vrf;
interface irb.1;
interface irb.2;
interface irb.3;
interface irb.4;
interface irb.5;
route-distinguisher 1:1;
vrf-target target:10:10;
}Verifying Data Center Gateway and WAN Edge 2 Router (MX12) Configuration
Purpose
Verify that MX12 is properly configured.
Action
Verify that the interfaces on the MX12 router (DC GW/WAN Edge2) are configured for the following:
Underlay connectivity to the MX11, ToR11, ToR12, and P devices, which is the EVPN-VXLAN part of DC1 network.
content_copy zoom_out_map
user@MX12> show configuration interfaces
traceoptions {
file MX12-DCD.log size 10m;
flag all;
}
ge-1/0/4 {
unit 0 {
description "CONNECTED TO ToR12";
family inet {
address 192.168.5.2/24;
}
}
}
ge-1/0/5 {
unit 0 {
description "CONNECTED TO ToR11";
family inet {
address 192.168.4.2/24;
}
}
}
ge-1/0/6 {
unit 0 {
description "CONNECTED TO P";
family inet {
address 203.0.113.11/24;
}
family mpls;
}
}
ge-1/1/0 {
unit 0 {
description "CONNECTED TO MX11";
family inet {
address 192.168.7.2/24;
}
}
}
Integrated routing and bridging (IRB) interfaces that advertise the MAC and IP routes (MAC+IP type 2 routes) for hosts in the topology. The IRB configuration is the gateway for the VLANs on the hosts.
content_copy zoom_out_map
user@MX12> show configuration interfaces
irb {
unit 1 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:aa:aa:aa:aa:aa:aa:aa:aa;
all-active;
}
family inet {
address 10.11.1.13/24 {
virtual-gateway-address 10.11.1.10;
}
}
}
unit 2 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:bb:bb:bb:bb:bb:bb:bb:bb;
all-active;
}
family inet {
address 10.12.1.13/24 {
virtual-gateway-address 10.12.1.10;
}
}
}
unit 3 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:cc:cc:cc:cc:cc:cc:cc:cc;
all-active;
}
family inet {
address 10.13.1.13/24 {
virtual-gateway-address 10.13.1.10;
}
}
}
unit 4 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:dd:dd:dd:dd:dd:dd:dd:dd;
all-active;
}
family inet {
address 10.14.1.13/24 {
virtual-gateway-address 10.14.1.10;
}
}
}
unit 5 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:11:ee:ee:ee:ee:ee:ee:ee:ee;
all-active;
}
family inet {
address 10.15.1.13/24 {
virtual-gateway-address 10.15.1.10;
}
}
}
}
An ESI value and active-active multihoming on the logical tunnel interface. Use the same ESI value on all other gateway/WAN edge routers in the DC1 network.
content_copy zoom_out_map
user@MX12> show configuration interfaces
lt-1/0/0 {
esi {
00:22:22:22:22:22:22:22:22:22;
all-active;
}
}
A pair of logical tunnel (lt-) interfaces on the MX12 gateway router to interconnect the EVPN-VXLAN instance of the data center network with the MPLS-based EVPN instance of the WAN. One logical tunnel (lt-) interface is configured as the access interface for EVPN-VXLAN and the other logical tunnel (lt-) interface is configured as the access interface for MPLS-based EVPN.
content_copy zoom_out_map
user@MX12> show configuration interfaces
lt-1/0/0 {
unit 0 {
peer-unit 1;
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
unit 1 {
peer-unit 0;
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
Loopback interface address.
content_copy zoom_out_map
user@MX12> show configuration interfaces
lo0 {
unit 85 {
family inet {
address 192.0.2.22/32;
}
family mpls;
}
}
}Verify that the routing options and load balancing are properly configured.
content_copy zoom_out_map
user@MX12> show configuration routing-options
router-id 192.0.2.22;
autonomous-system 65300;
forwarding-table {
export evpn-pplb;
}
Verify that external BGP (EBGP) underlay and overlay protocols and RSVP, MPLS, BGP, and OSPF protocols are properly configured.
content_copy zoom_out_map
user@MX12> show configuration protocols
rsvp {
interface all;
interface fxp0.0 {
disable;
}
}
mpls {
label-switched-path MX12-TO-MX11 {
to 192.0.2.21;
}
label-switched-path MX12-TO-P {
to 203.0.113.1;
}
label-switched-path MX12-TO-MX21 {
to 198.51.100.21;
}
label-switched-path MX12-TO-MX22 {
to 198.51.100.22;
}
interface all;
interface fxp0.0 {
disable;
}
}
bgp {
local-address 192.0.2.22;
local-as 65300;
group INT {
type internal;
family evpn {
signaling;
}
export TEST;
neighbor 203.0.113.1;
}
group MX11 {
type external;
local-address 192.168.7.2;
export [ TEST LO ];
peer-as 65400;
local-as 65500;
neighbor 192.168.7.1 {
family inet {
unicast;
}
}
}
group ToR11 {
type external;
local-address 192.168.4.2;
export [ TEST LO ];
peer-as 65100;
local-as 65500;
neighbor 192.168.4.1 {
family inet {
unicast;
}
}
}
group ToR12 {
type external;
local-address 192.168.5.2;
export [ TEST LO ];
peer-as 65200;
local-as 65500;
neighbor 192.168.5.1 {
family inet {
unicast;
}
}
}
group MX11-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.22;
export TEST;
peer-as 65400;
local-as 65500;
neighbor 192.0.2.21 {
family evpn {
signaling;
}
}
}
group ToR11-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.22;
export TEST;
peer-as 65100;
local-as 65500;
neighbor 192.0.2.11 {
family evpn {
signaling;
}
}
}
group ToR12-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 192.0.2.22;
export TEST;
peer-as 65200;
local-as 65500;
neighbor 192.0.2.12 {
family evpn {
signaling;
}
}
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface ge-1/0/6.0;
interface lo0.85 {
passive;
}
}
}
l2-learning {
traceoptions {
file MX12-L2ALD.log size 10m;
level all;
flag all;
}
}
Verify that the routing policies for the loopback address, load balancing, and TEST policies, and the community policy options are properly configured.
content_copy zoom_out_map
user@MX12> show configuration policy-options
policy-statement LO {
from {
protocol direct;
route-filter 192.0.2.22/32 exact;
}
then accept;
}
policy-statement TEST {
then {
community add NO-EXPORT;
}
}
policy-statement evpn-pplb {
from protocol evpn;
then {
load-balance per-packet;
}
}
community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
Verify that the EVPN-based MPLS routing instances and EVPN-VXLAN routing instances are properly configured.
content_copy zoom_out_map
user@MX12> show configuration routing-instances
EVPN-MPLS-1 {
instance-type virtual-switch;
interface lt-1/0/0.0;
route-distinguisher 192.0.2.22:100;
vrf-target target:1:2;
protocols {
evpn {
traceoptions {
file MX12-EVPN-MPLS-1.log size 10m;
flag all;
}
extended-vlan-list 1-5;
default-gateway no-gateway-community;
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
}
BD-2 {
domain-type bridge;
vlan-id 2;
}
BD-3 {
domain-type bridge;
vlan-id 3;
}
BD-4 {
domain-type bridge;
vlan-id 4;
}
BD-5 {
domain-type bridge;
vlan-id 5;
}
}
}
EVPN-VXLAN-1 {
vtep-source-interface lo0.85;
instance-type virtual-switch;
interface lt-1/0/0.1;
route-distinguisher 192.0.2.22:1;
vrf-target target:1:1;
protocols {
evpn {
traceoptions {
file MX12-EVPN-VXLAN-1.log size 10m;
flag all;
}
encapsulation vxlan;
extended-vni-list 1-5;
default-gateway no-gateway-community;
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
routing-interface irb.1;
vxlan {
vni 1;
}
}
BD-2 {
domain-type bridge;
vlan-id 2;
routing-interface irb.2;
vxlan {
vni 2;
}
}
BD-3 {
domain-type bridge;
vlan-id 3;
routing-interface irb.3;
vxlan {
vni 3;
}
}
BD-4 {
domain-type bridge;
vlan-id 4;
routing-interface irb.4;
vxlan {
vni 4;
}
}
BD-5 {
domain-type bridge;
vlan-id 5;
routing-interface irb.5;
vxlan {
vni 5;
}
}
}
}
VRF {
instance-type vrf;
interface irb.1;
interface irb.2;
interface irb.3;
interface irb.4;
interface irb.5;
route-distinguisher 1:1;
vrf-target target:10:10;
}
Verifying Data Center Gateway and WAN Edge 3 Router (MX21) Configuration
Purpose
Verify that MX21 is properly configured.
Action
Verify that the interfaces on the MX21 router (DC GW/WAN Edge3) are configured for the following:
Underlay connectivity to the MX22, ToR21, ToR22, and P devices, which is the EVPN-VXLAN part of DC1 network.
content_copy zoom_out_map
user@MX21> show configuration interfaces
ge-3/0/0 {
unit 0 {
description "CONNECTED TO MX22";
family inet {
address 192.168.13.1/24;
}
}
}
ge-3/1/0 {
unit 0 {
description "CONNECTED TO ToR22";
family inet {
address 192.168.8.1/24;
}
}
}
ge-5/0/0 {
unit 0 {
description "CONNECTED TO P";
family inet {
address 203.0.113.31/24;
}
family mpls;
}
}
ge-5/0/1 {
unit 0 {
description "CONNECTED TO ToR21";
family inet {
address 192.168.9.1/24;
}
}
}
Integrated routing and bridging (IRB) interfaces that advertise the MAC and IP routes (MAC+IP type 2 routes) for hosts in the topology. The IRB configuration is the gateway for the VLANs on the hosts.
content_copy zoom_out_map
user@MX21> show configuration interfaces
irb {
unit 1 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:22:aa:aa:aa:aa:aa:aa:aa:aa;
all-active;
}
family inet {
address 10.11.1.14/24 {
virtual-gateway-address 10.11.1.11;
}
}
}
unit 2 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:22:bb:bb:bb:bb:bb:bb:bb:bb;
all-active;
}
family inet {
address 10.12.1.14/24 {
virtual-gateway-address 10.12.1.11;
}
}
}
unit 3 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:22:cc:cc:cc:cc:cc:cc:cc:cc;
all-active;
}
family inet {
address 10.13.1.14/24 {
virtual-gateway-address 10.13.1.11;
}
}
}
unit 4 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:22:dd:dd:dd:dd:dd:dd:dd:dd;
all-active;
}
family inet {
address 10.14.1.14/24 {
virtual-gateway-address 10.14.1.11;
}
}
}
unit 5 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:22:ee:ee:ee:ee:ee:ee:ee:ee;
all-active;
}
family inet {
address 10.15.1.14/24 {
virtual-gateway-address 10.15.1.11;
}
}
}
}
An ESI value and active-active multihoming on the logical tunnel interface. Use the same ESI value on all other gateway/WAN edge routers in the DC1 network.
content_copy zoom_out_map
user@MX21> show configuration interfaces
lt-5/0/0 {
esi {
00:33:33:33:33:33:33:33:33:33;
all-active;
}
}
A pair of logical tunnel (lt-) interfaces on the MX21 gateway router to interconnect the EVPN-VXLAN instance of the data center network with the MPLS-based EVPN instance of the WAN. One logical tunnel (lt-) interface is configured as the access interface for EVPN-VXLAN and the other logical tunnel (lt-) interface is configured as the access interface for MPLS-based EVPN.
content_copy zoom_out_map
user@MX21> show configuration interfaces
lt-5/0/0 {
unit 0 {
peer-unit 1;
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
unit 1 {
peer-unit 0;
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
Loopback interface address.
content_copy zoom_out_map
user@MX21> show configuration interfaces
lo0 {
unit 87 {
family inet {
address 198.51.100.21/32;
}
family mpls;
}
}
Verify that the routing options and load balancing are properly configured.
content_copy zoom_out_map
user@MX21> show configuration routing-options
router-id 198.51.100.21;
autonomous-system 65300;
forwarding-table {
export evpn-pplb;
}
Verify that external BGP (EBGP) underlay and overlay protocols and RSVP, MPLS, BGP, and OSPF protocols are properly configured.
content_copy zoom_out_map
user@MX21> show configuration protocols
rsvp {
interface all;
interface fxp0.0 {
disable;
}
}
mpls {
label-switched-path MX21-TO-MX11 {
to 192.0.2.21;
}
label-switched-path MX21-TO-MX12 {
to 192.0.2.22;
}
label-switched-path MX21-TO-MX22 {
to 198.51.100.22;
}
label-switched-path MX21-TO-P {
to 203.0.113.1;
}
interface all;
interface fxp0.0 {
disable;
}
}
bgp {
local-address 198.52.100.21;
local-as 65300;
group INT {
type internal;
local-address 198.51.100.21;
family evpn {
signaling;
}
export TEST;
neighbor 203.0.113.1;
}
group MX22 {
type external;
local-address 192.168.13.1;
export [ TEST LO ];
peer-as 64900;
local-as 64800;
neighbor 192.168.13.2 {
family inet {
unicast;
}
}
}
group ToR21 {
type external;
local-address 192.168.9.1;
export [ TEST LO ];
peer-as 64600;
local-as 64800;
neighbor 192.168.9.2 {
family inet {
unicast;
}
}
}
group ToR22 {
type external;
local-address 192.168.8.1;
export [ TEST LO ];
peer-as 64700;
local-as 64800;
neighbor 192.168.8.2 {
family inet {
unicast;
}
}
}
group MX22-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 198.51.100.21;
peer-as 64900;
local-as 64800;
neighbor 198.51.100.22 {
family evpn {
signaling;
}
}
}
group ToR21-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 198.51.100.21;
peer-as 64600;
local-as 64800;
neighbor 198.51.100.11 {
family evpn {
signaling;
}
}
}
group ToR22-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 198.51.100.21;
peer-as 64700;
local-as 64800;
neighbor 198.51.100.12 {
family evpn {
signaling;
}
}
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface ge-5/0/0.0;
interface lo0.87 {
passive;
}
}
}
l2-learning {
traceoptions {
file MX21-L2ALD.log size 10m;
level all;
flag all;
}
}
Verify that the routing policies for the loopback address, load balancing, and TEST policies, and the community policy options are properly configured.
content_copy zoom_out_map
user@MX21> show configuration policy-options
policy-statement LO {
from {
protocol direct;
route-filter 198.51.100.21/32 exact;
}
then accept;
}
policy-statement TEST {
then {
community add NO-EXPORT;
}
}
policy-statement evpn-pplb {
from protocol evpn;
then {
load-balance per-packet;
}
}
community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
Verify that the EVPN-based MPLS routing instances and EVPN-VXLAN routing instances are properly configured.
content_copy zoom_out_map
user@MX21> show configuration routing-instances
EVPN-MPLS-1 {
instance-type virtual-switch;
interface lt-5/0/0.0;
route-distinguisher 198.51.100.21:100;
vrf-target target:1:2;
protocols {
evpn {
traceoptions {
file MX21-EVPN-MPLS-1.log size 10m;
flag all;
}
extended-vlan-list 1-5;
default-gateway no-gateway-community;
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
}
BD-2 {
domain-type bridge;
vlan-id 2;
}
BD-3 {
domain-type bridge;
vlan-id 3;
}
BD-4 {
domain-type bridge;
vlan-id 4;
}
BD-5 {
domain-type bridge;
vlan-id 5;
}
}
}
EVPN-VXLAN-1 {
vtep-source-interface lo0.87;
instance-type virtual-switch;
interface lt-5/0/0.1;
route-distinguisher 198.51.100.21:1;
vrf-target target:1:3;
protocols {
evpn {
traceoptions {
file MX21-EVPN-VXLAN-1.log size 10m;
flag all;
}
encapsulation vxlan;
extended-vni-list 1-5;
default-gateway no-gateway-community;
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
routing-interface irb.1;
vxlan {
vni 1;
}
}
BD-2 {
domain-type bridge;
vlan-id 2;
routing-interface irb.2;
vxlan {
vni 2;
}
}
BD-3 {
domain-type bridge;
vlan-id 3;
routing-interface irb.3;
vxlan {
vni 3;
}
}
BD-4 {
domain-type bridge;
vlan-id 4;
routing-interface irb.4;
vxlan {
vni 4;
}
}
BD-5 {
domain-type bridge;
vlan-id 5;
routing-interface irb.5;
vxlan {
vni 5;
}
}
}
}
VRF {
instance-type vrf;
interface irb.1;
interface irb.2;
interface irb.3;
interface irb.4;
interface irb.5;
route-distinguisher 1:1;
vrf-target target:10:10;
}
Verifying Data Center Gateway and WAN Edge 4 Router (MX22) Configuration
Purpose
Verify that MX22 is properly configured.
Action
Verify that the interfaces on the MX22 router (DC GW/WAN Edge4) are configured for the following:
Underlay connectivity to the MX21, ToR21, ToR22, and P devices, which is the EVPN-VXLAN part of DC1 network.
content_copy zoom_out_map
user@MX22> show configuration interfaces
xe-0/0/0 {
unit 0 {
description "CONNECTED TO ToR22";
family inet {
address 192.168.11.1/24;
}
}
}
xe-0/0/1 {
unit 0 {
description "CONNECTED TO ToR21";
family inet {
address 192.168.10.1/24;
}
}
}
ge-1/0/0 {
unit 0 {
description "CONNECTED TO MX21";
family inet {
address 192.168.13.2/24;
}
}
}
ge-1/0/2 {
unit 0 {
description "CONNECTED TO P";
family inet {
address 203.0.113.51/24;
}
family mpls;
}
}
Integrated routing and bridging (IRB) interfaces that advertise the MAC and IP routes (MAC+IP type 2 routes) for hosts in the topology. The IRB configuration is the gateway for the VLANs on the hosts.
content_copy zoom_out_map
user@MX22> show configuration interfaces
irb {
unit 1 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:22:aa:aa:aa:aa:aa:aa:aa:aa;
all-active;
}
family inet {
address 10.11.1.15/24 {
virtual-gateway-address 10.11.1.11;
}
}
}
unit 2 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:22:bb:bb:bb:bb:bb:bb:bb:bb;
all-active;
}
family inet {
address 10.12.1.15/24 {
virtual-gateway-address 10.12.1.11;
}
}
}
unit 3 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:22:cc:cc:cc:cc:cc:cc:cc:cc;
all-active;
}
family inet {
address 10.13.1.15/24 {
virtual-gateway-address 10.13.1.11;
}
}
}
unit 4 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:22:dd:dd:dd:dd:dd:dd:dd:dd;
all-active;
}
family inet {
address 10.14.1.15/24 {
virtual-gateway-address 10.14.1.11;
}
}
}
unit 5 {
proxy-macip-advertisement;
virtual-gateway-esi {
00:22:ee:ee:ee:ee:ee:ee:ee:ee;
all-active;
}
family inet {
address 10.15.1.15/24 {
virtual-gateway-address 10.15.1.11;
}
}
}
}
An ESI value and active-active multihoming on the logical tunnel interface. Use the same ESI value on all other gateway/WAN edge routers in the DC1 network.
content_copy zoom_out_map
user@MX22> show configuration interfaces
lt-1/0/0 {
esi {
00:33:33:33:33:33:33:33:33:33;
all-active;
}
}
A pair of logical tunnel (lt-) interfaces on the MX22 gateway router to interconnect the EVPN-VXLAN instance of the data center network with the MPLS-based EVPN instance of the WAN. One logical tunnel (lt-) interface is configured as the access interface for EVPN-VXLAN and the other logical tunnel (lt-) interface is configured as the access interface for MPLS-based EVPN.
content_copy zoom_out_map
user@MX22> show configuration interfaces
lt-1/0/0 {
unit 0 {
peer-unit 1;
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
unit 1 {
peer-unit 0;
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
Loopback interface address.
content_copy zoom_out_map
user@MX22> show configuration interfaces
lo0 {
unit 88 {
family inet {
address 198.51.100.22/32;
}
family mpls;
}
}
Verify that the routing options and load balancing are properly configured.
content_copy zoom_out_map
user@MX22> show configuration routing-options
router-id 198.51.100.22;
autonomous-system 65300;
forwarding-table {
export evpn-pplb;
}Verify that external BGP (EBGP) underlay and overlay protocols and RSVP, MPLS, BGP, and OSPF protocols are properly configured.
content_copy zoom_out_map
user@MX22> show configuration protocols
rsvp {
interface all;
interface fxp0.0 {
disable;
}
}
mpls {
label-switched-path MX22-TO-MX11 {
to 192.0.2.21;
}
label-switched-path MX22-TO-MX12 {
to 192.0.2.22;
}
label-switched-path MX22-TO-MX21 {
to 198.51.100.21;
}
label-switched-path MX22-TO-P {
to 203.0.113.1;
}
interface all;
interface fxp0.0 {
disable;
}
}
bgp {
local-address 198.51.100.22;
local-as 65300;
group INT {
type internal;
family evpn {
signaling;
}
export TEST;
neighbor 203.0.113.1;
}
group MX21 {
type external;
local-address 192.168.13.2;
export [ TEST LO ];
peer-as 64800;
local-as 64900;
neighbor 192.168.13.1 {
family inet {
unicast;
}
}
}
group ToR21 {
type external;
local-address 192.168.10.1;
export [ TEST LO ];
peer-as 64600;
local-as 64900;
neighbor 192.168.10.2 {
family inet {
unicast;
}
}
}
group ToR22 {
type external;
local-address 192.168.11.1;
export [ TEST LO ];
peer-as 64700;
local-as 64900;
neighbor 192.168.11.2 {
family inet {
unicast;
}
}
}
group MX21-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 198.51.100.22;
peer-as 64800;
local-as 64900;
neighbor 198.51.100.21 {
family evpn {
signaling;
}
}
}
}
group ToR21-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 198.51.100.22;
peer-as 64600;
local-as 64900;
neighbor 198.51.100.11 {
family evpn {
signaling;
}
}
}
group ToR22-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 198.51.100.22;
peer-as 64700;
local-as 64900;
neighbor 198.51.100.12 {
family evpn {
signaling;
}
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface ge-1/0/2.0;
interface lo0.88 {
passive;
}
}
}
l2-learning {
traceoptions {
file MX22-L2ALD.log size 10m;
level all;
flag all;
}
}
Verify that the routing policies for the loopback address, load balancing, and TEST policies, and the community policy options are properly configured.
content_copy zoom_out_map
user@MX22> show configuration policy-options
policy-statement LO {
from {
protocol direct;
route-filter 198.51.100.22/32 exact;
}
then accept;
}
policy-statement TEST {
then {
community add NO-EXPORT;
}
}
policy-statement evpn-pplb {
from protocol evpn;
then {
load-balance per-packet;
}
}
community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
Verify that the EVPN-based MPLS routing instances and EVPN-VXLAN routing instances are properly configured.
content_copy zoom_out_map
user@MX22> show configuration routing-instances
EVPN-MPLS-1 {
instance-type virtual-switch;
interface lt-1/0/0.0;
route-distinguisher 198.51.100.22:100;
vrf-target target:1:2;
protocols {
evpn {
traceoptions {
file MX22-EVPN-MPLS-1.log size 10m;
flag all;
}
extended-vlan-list 1-5;
default-gateway no-gateway-community;
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
}
BD-2 {
domain-type bridge;
vlan-id 2;
}
BD-3 {
domain-type bridge;
vlan-id 3;
}
BD-4 {
domain-type bridge;
vlan-id 4;
}
BD-5 {
domain-type bridge;
vlan-id 5;
}
}
}
EVPN-VXLAN-1 {
vtep-source-interface lo0.88;
instance-type virtual-switch;
interface lt-1/0/0.1;
route-distinguisher 198.51.100.22:1;
vrf-target target:1:3;
protocols {
evpn {
traceoptions {
file MX22-EVPN-VXLAN-1.log size 10m;
flag all;
}
encapsulation vxlan;
extended-vni-list 1-5;
default-gateway no-gateway-community;
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
routing-interface irb.1;
vxlan {
vni 1;
}
}
BD-2 {
domain-type bridge;
vlan-id 2;
routing-interface irb.2;
vxlan {
vni 2;
}
}
BD-3 {
domain-type bridge;
vlan-id 3;
routing-interface irb.3;
vxlan {
vni 3;
}
}
BD-4 {
domain-type bridge;
vlan-id 4;
routing-interface irb.4;
vxlan {
vni 4;
}
}
BD-5 {
domain-type bridge;
vlan-id 5;
routing-interface irb.5;
vxlan {
vni 5;
}
}
}
}
VRF {
instance-type vrf;
interface irb.1;
interface irb.2;
interface irb.3;
interface irb.4;
interface irb.5;
route-distinguisher 1:1;
vrf-target target:10:10;
}
Verifying ToR21 Configuration
Purpose
Verify that ToR21 is properly configured.
Action
Verify that the logical system interfaces and bridge domains on the CE4 device are properly configured to enable Layer 2 connectivity and to handle inter-VXLAN traffic.
content_copy zoom_out_map
user@ToR21> show configuration logical-systems
CE-4 {
interfaces {
ge-1/0/9 {
unit 0 {
description "CONNECTED TO Host 4";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
ge-1/1/6 {
unit 0 {
description "CONNECTED TO ToR21";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
}
BD-2 {
domain-type bridge;
vlan-id 2;
}
BD-3 {
domain-type bridge;
vlan-id 3;
}
BD-4 {
domain-type bridge;
vlan-id 4;
}
BD-5 {
domain-type bridge;
vlan-id 5;
}
}
}Verify that the interfaces and trace options on ToR21 are configured properly to enable underlay connectivity to other ToR and gateway and WAN edge devices.
content_copy zoom_out_map
user@ToR21>show configuration interfaces
traceoptions {
file ToR21-DCD.log size 10m;
flag all;
}
xe-0/0/0 {
unit 0 {
description "CONNECTED TO MX22";
family inet {
address 192.168.10.2/24;
}
}
}
ge-1/0/0 {
description "CONNECTED TO CE-5";
gigether-options {
802.3ad ae0;
}
}
ge-1/0/1 {
unit 0 {
description "CONNECTED TO MX21";
family inet {
address 192.168.9.2/24;
}
}
}
ge-1/0/6 {
unit 0 {
description "CONNECTED TO CE-4";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
ge-1/1/3 {
unit 0 {
description "CONNECTED TO ToR22";
family inet {
address 192.168.12.1/24;
}
}
}
ae0 {
esi {
00:44:44:44:44:44:44:44:44:44;
all-active;
}
aggregated-ether-options {
lacp {
active;
periodic fast;
system-id 22:22:22:22:22:22;
}
}
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
lo0 {
unit 90 {
family inet {
address 198.51.100.11/32;
}
}
}Verify that the routing and load balancing options are properly configured.
content_copy zoom_out_map
user@ToR21> show configuration routing-options
router-id 198.51.100.11;
autonomous-system 64600;
forwarding-table {
export evpn-pplb;
}
Verify that external BGP (EBGP) underlay and overlay protocols and Layer 2 address learning and forwarding properties are properly configured.
content_copy zoom_out_map
user@ToR21> show configuration protocols
bgp {
export TEST;
local-as 64600;
group MX21 {
type external;
local-address 192.168.9.2;
export [ LO TEST ];
peer-as 64800;
local-as 64600;
neighbor 192.168.9.1 {
family inet {
unicast;
}
}
}
group MX22 {
type external;
local-address 192.168.10.2;
export [ LO TEST ];
peer-as 64900;
local-as 64600;
neighbor 192.168.10.1 {
family inet {
unicast;
}
}
}
group ToR22 {
type external;
local-address 192.168.12.1;
export [ LO TEST ];
peer-as 64700;
local-as 64600;
neighbor 192.168.12.2 {
family inet {
unicast;
}
}
}
group MX21-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 198.51.100.11;
peer-as 64800;
local-as 64600;
neighbor 198.51.100.21 {
family evpn {
signaling;
}
}
}
group MX22-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 198.51.100.11;
peer-as 64900;
local-as 64600;
neighbor 198.51.100.22 {
family evpn {
signaling;
}
}
}
group ToR22-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 198.51.100.11;
peer-as 64700;
local-as 64600;
neighbor 198.51.100.12 {
family evpn {
signaling;
}
}
}
}
l2-learning {
traceoptions {
file TOR21-L2ALD.log size 10m;
level all;
flag all;
}
}Verify that the routing policies for the loopback address, load balancing, and TEST policies, and the community policy options are properly configured.
content_copy zoom_out_map
user@ToR21> show configuration policy-options
policy-statement LO {
term 1 {
from {
protocol direct;
route-filter 198.51.100.11/32 exact;
}
then accept;
}
}
policy-statement TEST {
then {
community add NO-EXPORT;
}
}
policy-statement evpn-pplb {
from protocol evpn;
then {
load-balance per-packet;
}
}
community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
Verify that the EVPN-VXLAN routing instances for each virtual network are properly configured.
content_copy zoom_out_map
user@ToR21> show configuration routing-instances
EVPN-VXLAN-1 {
vtep-source-interface lo0.90;
instance-type virtual-switch;
interface ge-1/0/6.0;
interface ae0.0;
route-distinguisher 198.51.100.11:1;
vrf-target target:1:3;
protocols {
evpn {
traceoptions {
file TOR21-EVPN-VXLAN-1.log size 10m;
flag all;
}
encapsulation vxlan;
extended-vni-list 1-5;
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
vxlan {
vni 1;
}
}
BD-2 {
domain-type bridge;
vlan-id 2;
vxlan {
vni 2;
}
}
BD-3 {
domain-type bridge;
vlan-id 3;
vxlan {
vni 3;
}
}
BD-4 {
domain-type bridge;
vlan-id 4;
vxlan {
vni 4;
}
}
BD-5 {
domain-type bridge;
vlan-id 5;
vxlan {
vni 5;
}
}
}
}Verifying ToR22 Configuration
Purpose
Verify that ToR22 is properly configured.
Action
Verify that the logical system interfaces and bridge domains on the CE5 and CE6 devices are properly configured to enable Layer 2 connectivity and to handle inter-VXLAN traffic.
content_copy zoom_out_map
user@ToR22> show configuration logical-systems
CE-5 {
interfaces {
ge-1/0/9 {
unit 0 {
description "CONNECTED TO Host 5";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
ae1 {
unit 0 {
description "CONNECTED TO ToR21";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
}
BD-2 {
domain-type bridge;
vlan-id 2;
}
BD-3 {
domain-type bridge;
vlan-id 3;
}
BD-4 {
domain-type bridge;
vlan-id 4;
}
BD-5 {
domain-type bridge;
vlan-id 5;
}
}
}
user@ToR22> show configuration logical-systems
CE-6 {
interfaces {
ge-1/1/6 {
unit 0 {
description "CONNECTED TO ToR22";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
ge-1/1/9 {
unit 0 {
description "CONNECTED TO Host 6";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
}
BD-2 {
domain-type bridge;
vlan-id 2;
}
BD-3 {
domain-type bridge;
vlan-id 3;
}
BD-4 {
domain-type bridge;
vlan-id 4;
}
BD-5 {
domain-type bridge;
vlan-id 5;
}
}
}Verify that the interfaces and trace options on ToR22 are configured properly to enable underlay connectivity to other ToR and gateway and WAN edge devices.
content_copy zoom_out_map
user@ToR22>show configuration interfaces
traceoptions {
file ToR22-DCD.log size 10m;
flag all;
}
xe-0/0/0 {
unit 0 {
description "CONNECTED TO MX22";
family inet {
address 192.168.11.2/24;
}
}
}
ge-1/0/0 {
description "CONNECTED TO ToR21";
gigether-options {
802.3ad ae1;
}
}
ge-1/0/6 {
unit 0 {
description "CONNECTED TO CE-6";
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
ge-1/0/7 {
description "CONNECTED TO ToR22";
gigether-options {
802.3ad ae1;
}
}
ge-1/1/0 {
unit 0 {
description "CONNECTED TO MX21";
family inet {
address 192.168.8.2/24;
}
}
}
ge-1/1/3 {
unit 0 {
description "CONNECTED TO ToR21";
family inet {
address 192.168.12.2/24;
}
}
}
ge-1/1/7 {
description "CONNECTED TO CE-5";
gigether-options {
802.3ad ae0;
}
}
ae0 {
esi {
00:44:44:44:44:44:44:44:44:44;
all-active;
}
aggregated-ether-options {
lacp {
active;
periodic fast;
system-id 22:22:22:22:22:22;
}
}
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list 1-5;
}
}
}
ae1 {
aggregated-ether-options {
lacp {
active;
periodic fast;
system-id 22:22:22:22:22:22;
}
}
}
lo0 {
unit 92 {
family inet {
address 198.51.100.12/32;
}
}
}Verify that the routing and load balancing options are properly configured.
content_copy zoom_out_map
user@ToR22> show configuration routing-options
router-id 198.51.100.12;
autonomous-system 64700;
forwarding-table {
export evpn-pplb;
}
Verify that external BGP (EBGP) underlay and overlay protocols and Layer 2 address learning and forwarding properties are properly configured.
content_copy zoom_out_map
user@ToR22> show configuration protocols
bgp {
export TEST;
local-as 64700;
group MX21 {
type external;
local-address 192.168.8.2;
export [ LO TEST ];
peer-as 64800;
local-as 64700;
neighbor 192.168.8.1 {
family inet {
unicast;
}
}
}
group MX22 {
type external;
local-address 192.168.11.2;
export [ LO TEST ];
peer-as 64900;
local-as 64700;
neighbor 192.168.11.1 {
family inet {
unicast;
}
}
}
group ToR21 {
type external;
local-address 192.168.12.2;
export [ LO TEST ];
peer-as 64600;
local-as 64700;
neighbor 192.168.12.1 {
family inet {
unicast;
}
}
}
group MX21-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 198.51.100.12;
peer-as 64800;
local-as 64700;
neighbor 198.51.100.21 {
family evpn {
signaling;
}
}
}
group MX22-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 198.51.100.12;
peer-as 64900;
local-as 64700;
neighbor 198.51.100.22 {
family evpn {
signaling;
}
}
}
group ToR21-EVPN {
type external;
multihop {
ttl 2;
no-nexthop-change;
}
local-address 198.51.100.12;
peer-as 64600;
local-as 64700;
neighbor 198.51.100.11 {
family evpn {
signaling;
}
}
}
}
l2-learning {
traceoptions {
file TOR22-L2ALD.log size 10m;
level all;
flag all;
}
}
Verify that the routing policies for the loopback address, load balancing, and TEST policies, and the community policy options are properly configured.
content_copy zoom_out_map
user@ToR22> show configuration policy-options
policy-statement LO {
term 1 {
from {
protocol direct;
route-filter 198.51.100.12/32 exact;
}
then accept;
}
}
policy-statement TEST {
then {
community add NO-EXPORT;
}
}
policy-statement evpn-pplb {
from protocol evpn;
then {
load-balance per-packet;
}
}
community NO-EXPORT members [ no-advertise no-export no-export-subconfed ];
Verify that the EVPN-VXLAN routing instances for each virtual network are properly configured.
content_copy zoom_out_map
user@ToR22> show configuration routing-instances
EVPN-VXLAN-1 {
vtep-source-interface lo0.92;
instance-type virtual-switch;
interface ge-1/0/6.0;
interface ae0.0;
route-distinguisher 198.51.100.12:1;
vrf-target target:1:3;
protocols {
evpn {
traceoptions {
file TOR22-EVPN-VXLAN-1.log size 10m;
flag all;
}
encapsulation vxlan;
extended-vni-list 1-5;
}
}
bridge-domains {
BD-1 {
domain-type bridge;
vlan-id 1;
vxlan {
vni 1;
}
}
BD-2 {
domain-type bridge;
vlan-id 2;
vxlan {
vni 2;
}
}
BD-3 {
domain-type bridge;
vlan-id 3;
vxlan {
vni 3;
}
}
BD-4 {
domain-type bridge;
vlan-id 4;
vxlan {
vni 4;
}
}
BD-5 {
domain-type bridge;
vlan-id 5;
vxlan {
vni 5;
}
}
}
}
