EVPN-VXLAN with an IPv6 Underlay
SUMMARY This topic describes how to set up an IPv6 underlay for the VXLAN overlay tunneling in an EVPN-VXLAN fabric.
IPv6 Underlay Support in EVPN-VXLAN Fabrics
Ethernet VPNs (EVPNs) connect devices with Layer 2 virtual bridges. Virtual Extensible LANs (VXLANs) establish overlay tunnels that stretch the Layer 2 connections over a Layer 3 network. In EVPN-VXLAN network configurations, a leaf or spine device can function as a VXLAN gateway at Layer 2, Layer 3, or both layers. The underlay network for the VXLAN overlay can be an IPv4 or an IPv6 network. This topic describes using an IPv6 underlay instead of an IPv4 underlay.
- Benefits of Using an IPv6 Underlay with a VXLAN Overlay
- Platform Support
- Overview
- Underlay Routing Protocols with an IPv6 Underlay
- EVPN-VXLAN Features Supported with an IPv6 Underlay
- Limitations in IPv6 Underlay Support
Benefits of Using an IPv6 Underlay with a VXLAN Overlay
With an IPv6 underlay VXLAN tunnel configuration, you can take advantage of the expanded addressing capabilities and efficient packet processing that the IPv6 protocol offers.
Platform Support
For information on supported platforms and Junos releases, see Feature Explorer.
Overview
In EVPN-VXLAN installations, you configure a VXLAN overlay on Layer 2 or Layer 3 VXLAN gateway devices called virtual tunnel endpoints (VTEPs). The VXLAN overlay extends virtual tunnels between VTEPs over the underlying IP fabric. On supporting platforms, you can configure the IP underlay with IPv6 addressing to support the VXLAN overlay tunnels. For example:
When you use an IPv6 underlay, the VTEPs encapsulate VXLAN packets with an IPv6 outer header and tunnel the packets through an IPv6 underlay network.
IPv6 underlay configurations are similar to IPv4 underlay configurations, except you set the VTEP source addresses as IPv6 addresses. You also assign IPv6 addresses in the underlay and establish reachability using the IPv6 protocol.
Underlay Routing Protocols with an IPv6 Underlay
We've qualified an IPv6 underlay with the following routing protocols in the underlay configuration:
BGP—Internal BGP (iBGP) and external BGP (eBGP)
OSPFv3—Open Shortest Path First (OSPF) routing protocol for IPv6
EVPN-VXLAN Features Supported with an IPv6 Underlay
We support the following EVPN-VXLAN features with an IPv6 underlay:
-
EVPN Type 1, Type 2, Type 3, and Type 4 routes.
(QFX Series devices and ACX Series devices) EVPN Type 5 routes.
See EVPN Type 5 Route with VXLAN Encapsulation for EVPN-VXLAN for more about these EVPN route types.
-
(QFX Series switches only) Shared VTEP tunnels.
On QFX series switches, we support an EVPN-VXLAN IPv6 underlay only with MAC-VRF EVPN routing instances. The MAC-VRF implementation relies on the shared VTEP tunnels feature to avoid VTEP scaling issues on some devices. On the devices that require shared tunnels but don't have the feature enabled by default, when you configure an IPv6 underlay, you must enable the
shared-tunnelsoption at the[edit forwarding-options evpn-vxlan]hierarchy level. See MAC-VRF Routing Instance Type Overview for more about MAC-VRF instances.Note:After you configure the
shared-tunnelsoption, you must reboot the device for the setting to take effect. -
(All devices) VLAN-aware bundle, VLAN-based, and VLAN bundle Ethernet service types.
(MX Series routers, additionally) Port-based service, a VLAN bundle service where all VLANs for a port are part of the same VLAN bundle.
See Understanding VLAN-Aware Bundle and VLAN-Based Service for EVPN and MAC-VRF Routing Instance Type Overview for more about MAC-VRF instances and these service types.
-
All-active multihoming.
-
EVPN core isolation.
See Understanding When to Disable EVPN-VXLAN Core Isolation.
-
Bridged overlays.
-
IPv4 and IPv6 multicast data traffic with the following multicast modes in an EVPN-VXLAN network:
-
Centrally-routed multicast with local-remote forwarding mode—see Multicast Support in EVPN-VXLAN Overlay Networks.
-
Enhanced optimized intersubnet multicast (OISM) mode—see Overview of Enhanced OISM.
-
-
Layer 3 gateway functions in ERB and CRB overlays with IPv4 or IPv6 traffic.
-
Underlay and overlay load balancing.
See Load Balancing VXLAN Traffic and Dynamic Load Balancing in an EVPN-VXLAN Network.
-
Layer 3 protocols over IRB interfaces—BFD, BGP, OSPF.
-
(QFX5130-32CD, QFX5700, and ACX Series devices) EVPN Type 2 and Type 5 route coexistence.
-
Data center interconnect (DCI) over-the-top (OTT) full mesh only.
See Over-the-Top Data Center Interconnect in an EVPN Network for details on the OTT DCI method.
-
EVPN proxy ARP and ARP suppression, as well as EVPN proxy NDP and NDP suppression.
See EVPN Proxy ARP and ARP Suppression, and Proxy NDP and NDP Suppression for more information on these features.
-
Remote port mirroring and analyzers.
See MAC Filtering, Storm Control, and Port Mirroring Support in an EVPN-VXLAN Environment.
Limitations in IPv6 Underlay Support
Note the following limitations in IPv6 underlay support:
-
You can't mix IPv4 and IPv6 underlay configurations for the VXLAN overlays across the EVPN instances in the same fabric.
-
We don't support the Open vSwitch database (OVSDB) management protocol for IPv6 underlays.
-
(MX Series routers and EX9200 switches) We don't support EVPN Type 5 routes with an IPv6 underlay.
-
(QFX10002-60C switches) You can only use enterprise style interface configuration; we don't support service provider style interface configuration and Q-in-Q tunneling with IPv4 or IPv6 underlays on these switches.
-
You must use MAC-VRF routing instances with EVPN protocol and VXLAN encapsulation. We don't support IPv6 underlays with other instance types such as
evpn,evpn-vpws,virtual-switchor the default switching instance. -
We don't support IPv6 underlays with DCI for EVPN-VXLAN in the data center to EVPN-VXLAN in a WAN using the gateway interconnection model.
Configure an IPv6 Underlay with EVPN-VXLAN
This section describes the key steps to configure the IP underlay for the VXLAN tunnels in an EVPN-VXLAN fabric to use the IPv6 protocol (instead of an IPv4 underlay). You can use an IPv6 underlay in many different EVPN-VXLAN configurations and use cases. See Example: Configure an IPv6 Underlay for Layer 2 VXLAN Gateway Leaf Devices for a simple example that uses OSPFv3 in the underlay and iBGP for the overlay connectivity.
Keep the following configuration options and requirements in mind:
-
You can configure your EVPN-VXLAN fabric with any of the underlay routing protocols that support IPv6 underlays. See Underlay Routing Protocols with an IPv6 Underlay.
-
We support IPv6 underlays only with MAC-VRF routing instances in EVPN-VXLAN fabrics. You must configure your EVPN instances with VXLAN encapsulation in all MAC-VRF routing instances. The routing instances mentioned in the steps here are always EVPN-VXLAN MAC-VRF instances. See MAC-VRF Routing Instance Type Overview for more about MAC-VRF instances.
-
(ACX7100-32C, AX7100-48L, and ACX7024 devices only) If the network uses an IPv4 underlay and you're switching the configuration to an IPv6 underlay, first you need to:
-
Remove any existing VXLAN IPv4 underlay configuration items.
-
To enable an IPv6 underlay, you must configure the
vxlan-extendedsystem profile option on the device, as follows:set system packet-forwarding-options system-profile vxlan-extended
When you change the system profile, the Packet Forwarding Engine reboots. After the Packet Forwarding Engine comes back up, you can continue with the IPv6 VXLAN underlay configuration.
Note:If you switch a configuration from an IPv6 underlay to an IPv4 underlay, be sure to delete the
vxlan-extendedoption configuration item to restore the device to the default system profile as part of setting up the IPv4 underlay. -
To enable an IPv6 underlay for VXLAN tunneling, include these items in your EVPN-VXLAN fabric configuration: