Evpn Multi Homing

Date printed: 4/16/2018 IOS-XE EVPN MPLS Configuration guide, EDCS-11781407
IOS-XE 16.9.1 EVPN multi-homing white paper

The document describes EVPN operation, configurations, basic show and verification commands for EVPN
MPLS all-active multi-homing feature that is supported in IOS XE 16.9.1
Author Technology Area

Navdeep Sondh PI IOS/XE Infra
Zakir Ahmed PI IOS/XE Infra
Naazni Razeen PI Common Multi-OS IOS/XE
Bin Wang CRDC Eng Ent Routing
Siwei Wu CRDC Eng Ent Routing
Table of Contents
1 Introduction ...................................................................................................................................................... 3
1.1 Deliverables............................................................................................................................................. 3
Copyright 2017 Cisco Systems 1 Cisco Highly Confidential – Controlled Access A printed copy of this
document is considered uncontrolled. Refer to the online version for the controlled revision.
1.2 Non-Deliverables .................................................................................................................................... 3

1.3 Caveats/Limitations................................................................................................................................. 3
1.3.1 Outstanding defects/enhancements ..................................................................................................... 3
1.4 Feature Supported ................................................................................................................................... 4
1.4.1 Targeted scale numbers for 16.9.1 ...................................................................................................... 5
2 BGP MPLS based Ethernet VPN (EVPN) overview....................................................................................... 5
3 EVPN Operation .............................................................................................................................................. 5
4 Service Interface Types ................................................................................................................................... 8
4.1 VLAN based service interface: ............................................................................................................... 9
4.2 VLAN bundle service interface: ............................................................................................................. 9
4.3 VLAN aware service interface: ............................................................................................................... 9
5 EVPN Route-Types ....................................................................................................................................... 10
5.1 Route Type-1: Ethernet Auto-Discovery Route: ................................................................................... 10
5.2 Route Type-2: MAC/IP advertisement route ........................................................................................ 11
5.3 Route Type-3: Inclusive Multicast Ethernet Tag Route (IMET) .......................................................... 11
5.4 Route Type-4: Ethernet Segment route ................................................................................................. 11
6 EVPN multi-homing topology, configuration and verification ..................................................................... 12
6.1 Configuration examples: ....................................................................................................................... 13
6.1.1 How to configure L2VPN EVPN globally and EVI on IOS-XE Router: ......................................... 13
6.1.2 How to configure access interface on PE for EVPN Multi-homing all-active: ................................ 13
6.1.3 How to configure Bridge-domain on IOS-XE Router:...................................................................... 14
6.1.4 PE BGP configuration: ...................................................................................................................... 14
6.1.5 RR/Core Router BGP configuration:................................................................................................. 15
6.1.6 BGP Use case: eBGP support............................................................................................................ 16
6.1.7 Core Isolation .................................................................................................................................... 16
6.1.8 Nexus N9KV port-channel configuration ......................................................................................... 34
6.2 Detailed Show outputs: ......................................................................................................................... 34
6.2.1 Bridge-domain show outputs:............................................................................................................ 35
6.2.2 EVPN Manager show outputs: .......................................................................................................... 35
6.2.3 L2RIB show outputs .......................................................................................................................... 39
6.2.4 L2FIB show outputs .......................................................................................................................... 42
6.2.5 BGP show outputs ............................................................................................................................. 44
6.2.6 Ether-channel show outputs between CE and PE.............................................................................. 49
6.2.7 Platform show outputs ....................................................................................................................... 50
7 Troubleshooting ............................................................................................................................................. 61
7.1 Best practices and some corner cases: .................................................................................................. 62
8 Appendix ........................................................................................................................................................ 63
1 Introduction
This document provides details on the EVPN operation, configurations and verifications steps that are
needed to verify BGP MPLS based Ethernet VPN (EVPN). It also provides list of key show
commands needed to troubleshoot the technology. The document also contains best practices for
configuration and corner cases. EVPN multi-homing is targeted for IOS-XE 16.9.1 release and
supported on ASR1000/CSR1k platform(s).
1.1 Deliverables
The configuration, features and basic verification commands for EVPN multi-homing delivered in IOS
XE 16.9.1.
1.2 Non-Deliverables
This document is not positioned or intended to replace any CCO or other documents that may be
published by other team. In order to limit the size of the document, not all possible combinations of
show and debug commands will be listed. For ASR1000 specific related questions refer to alias csr-
asr1000. The document is not to be shared with customer(s) without TAC or Account team’s
approval.
1.3 Caveats/Limitations
 Only all-active redundancy mode (2 or 2+ PEs in the same redundancy group sharing the
same ESI and all forwarding traffic). Single-active mode is not supported in this release.
 Access-side flow based load balancing with multi-homing LAG “on mode” only. Any ether-
channel signaling is not supported in this release (LACP or PAgP).
 MAC mobility and duplication detection is not supported in this release.
 Per-EVI and per-MAC labeling is not supported. Only per-BD and per-CE labeling is supported.
 Interoperability with IOS-XR has not been tested in this release.
1.3.1 Outstanding defects/enhancements
Table below shows outstanding defects/enhancements for EVPN multi-homing that would be addressed in
16.10.1
Defect/Severity Brief description Use case impact Workaround, if any?

LACP not supported on No signaling supported on Only “mode on” can be
CSCvh70755/2 port-channel for multi- port-channel between PE used with no signaling
homing and CE. between PE and CE.
Trace-back seen when ESI
CSCvi73288/3 value of all zero received in Trace-back N/A
EAD per-ES route
Need support for type 0 ESI Needed to have inter-op
CSCvi97838/3 N/A
configuration with IOS-XR
BGP EAD-EVI output
CSCvh87546/6 without evi number shows Cosmetic issue N/A
ES routes
Covers the scenarios with
unsymmetrical Use symmetric
BUM traffic black-holing
CSCvi07428/6 configuration that can configuration on all the
scenarios
cause BUM traffic black- PE routers
holing
BGP generates EAD-ES
CSCvi82971/3 route for reserved ESI Not aligned with RFC N/A
values, all FFs
1.4 Feature Supported
Below is list of features supported in release 16.9.1.
 Service Interfaces: vlan based

 Service Interfaces vlan bundle
 Service Interfaces vlan aware
 DF Election
 Split Horizon
 Aliasing
 MAC mass withdraw for all-active redundancy mode
 Ingress Replication for BUM Traffic
 Core Isolation protection
 Flow based load balancing
 Control plane MAC learning on core side

 HA Multi-homing
1.4.1 Targeted scale numbers for 16.9.1

Table below shows the scaling details
Feature Scale supported Platform supported

Number of EVIs per box 4K ASR1K
Number of Bridge-domain per box 4K ASR1K
Number of MACs per Bridge-domain 64K ASR1K
Number of MACs per EVPN system 256K ASR1K
2 BGP MPLS based Ethernet VPN (EVPN) overview

E-VPN (RFC 7432) is an evolution of the current L2VPN VPLS solution that addresses the following
requirements:
 PE node redundancy with load-balancing based on L2/L3/L4 flows from CE to PE.
 Flow-based multi-pathing of traffic from local PE to remote PEs across core and vice-versa.
 Geo-redundant PE nodes with optimum unicast forwarding.
 Flexible redundancy grouping (i.e. a PE can be a member of multiple redundancy groups each
containing a different set of CEs).
 High number of PEs to support highly virtualized multi-tenant service provider and large enterprise
data centers require solutions that can address a high number of VLANs and MAC addresses.
3 EVPN Operation
Once the EVPN configuration is complete, PEs in the multi-homing group exchange IMET, EAD and ES
routes.
Each PE sends IMET (Route-type 3) routes to the other PEs so that the PEs can send BUM traffic. Each
PE advertises the PMSI P-Tunnel MPLS label in the IMET route.
Each PE in the multi-homing group sends its EAD routes to the other PEs and this route is used for
aliasing and split-horizon. For any access port involved in a multi-homing on a PE, an ESI must be
defined and associated with it. For this release, only type 3 ESI is supported (PE System MAC address
+ local discriminator).
There are two types of EAD routes. The per-EVI EAD route and per-ES EAD route to the other PEs.
The per-ES EAD route includes the ESI label extended community which indicates whether or not it’s all
active single-active configuration. The ESI label extended community also carries the ESI label to be
used for Split Horizon. The per-ES EAD route is also used for fast convergence in case failure in access
side Ethernet Segment
The per-EVI EAD route is used in conjunction with the Per-ES EAD for aliasing. Each PE in a multi-
homing group serving a CE may learn only a subset of MAC addresses on traffic ingress from CE, and
the MAC subsets learned by these PEs may not overlap with each other. Aliasing is the ability of a PE
to signal that it has reachability to an EVPN instance on a given ES even when it has learned no MAC
addresses from that EVI/ES. In an all-active multi-homing configuration, a remote PE that receives a
MAC advertisement route with considers the advertised MAC address to be reachable via all PEs that
have advertised reachability to that MAC address's EVI/ES.
For example, in the above diagram, traffic originated from CE3, PE4 will do the flow-based load balancing
between PE1, PE2 and PE3, based on the core side path list established according to EAD per EVI
routes received from these PEs for aliasing.
The ES routes are exchanged for Designated Forwarder (DF) election amongst PEs residing on the
same Ethernet segment in a multi-homing configuration. One PE in a multi-homing group serving CEs is
elected as the DF. The DF is the only PE in the multi-homing group that can forward BUM traffic to the
CE. This means for a given ES, each PE in the multi-homing group will be the DF for a certain number
of VLANs. When a PE receives a BUM packet from a remote PE and is the Designated Forwarder, for
the VLAN, the packet is flooded to the CEs, subject to split-horizon check. If the PE is not the Designated
Forwarder, the packet will be dropped.
EVPN relies on data plane to achieve the local MAC learning on access side and uses BGP to advertise
these MACs to remote EVPN PE peers. BGP MAC routes are only exchanged after local MAC learning.
Once a local MAC is leant via data plane, EVPN manager receives the MAC address. EVPN manager
then sends the MAC info to L2RIB. L2RIB then forwards the MAC info to BGP and L2FIB. L2FIB sends
the info to Bridge-domain to close the loop on the new MAC learning, BGP sends the MAC as a MAC
route to other EVPN PEs. EVPN route-type 2 or MAC routes are only sent to remote PEs once a local
MAC learn has occurred.
Once a remote PE receives the BGP MAC route, it sends the information to L2RIB. L2RIB forwards the
MAC information to L2FIB and EVPN mgr. L2FIB then forwards the info to bridge-domain to install the
remote MAC.
The following architecture block diagram provides a high-level view of the main components and modules
contributing to the EVPN feature.
BUM traffic is forwarded by imposing the label sent by the egress PEs in the BGP IMET route and then
forwarding the packet over an LSP to that PE.
For unicast packet forwarding, in the forwarding plane, the ingress PE needs to do a destination MAC
lookup in the mac-table of its corresponding bridge domain, impose a label advertised by a BGP next-
hop PE and then forward the packet over an LSP to that PE.
On the egress PE side, since this egress PE advertised the label which was imposed by the ingress PE,
when it receives a packet with that label, the egress PE could be to do a lookup in a bridge domain or to
forward directly to a next hop, etc depending on whether or not per-BD or per-CE labeling is used.
4 Service Interface Types
There are three types of access side service interfaces supported on XE:
4.1 VLAN based service interface:
In VLAN based service interface, each VLAN is associated to one bridge domain and one EVI.
4.2 VLAN bundle service interface:
In VLAN bundle service interface, multiple VLANs can associated to one bridge domain and one EVI.
4.3 VLAN aware service interface:
In VLAN aware service interface, each VLAN is still associated with only one BD, but there can be
multiple BDs associated with one EVI.
5 EVPN Route-Types
In EVPN multi-homing scenarios, route types 1,3 and 4 are advertised to discover other PEs and their
redundancy modes. Route-type 2 is used for MAC learning. EVPN introduces the concept of BGP MAC
routing and uses MP-BGP for learning the MAC addresses between the PEs. EVPN introduces four new
BGP route types (1 – 4) and communities.
5.1 Route Type-1: Ethernet Auto-Discovery Route:

Type-1 advertisement is used for achieving split-horizon, fast convergence and aliasing. EAD-ES and
EAD-EVI are the sub-types of route-type 1 used to achieve these functionalities. Fast convergence
allows PEs to change the next-hop adjacencies for all MACs associated with an ES and Aliasing allows
balancing traffic across multiple egress points. Type 1 route is advertised only if ES is set to a non-zero
value meaning type 1 routes are originated only for multi-homed sites. These routes are sent per ES and
carries the list of EVIs that belong to that ES.
auto ESI:
===========
type(1 byte) + (6 bytes) + ethernet segment number (3 bytes)
eg:
interface Ethernet0/1
evpn ethernet-segment 2
system-mac aabb.ccdd.eeff
Derived ESI for above config: 03AABBCCDDEEFF000002
EAD per ES route:

====================
[type][RD][ESI][tag-id]
auto-RD = IPv4 address:uniq number (starts with 1)
tag-id = 0xFFFFFFFF
auto-RT = AS-number:EVI-number
eg: [1][192.168.1.1:1][03ABCDABCDABC1000001][4294967295]
EAD per EVI route:

===================
[type][RD][ESI][tag-id]
auto-RD = IPv4 address:EVI-number
tag-id = 0 for VLAN based
tag-id = VLAN-number for VLAN bundle/aware
auto-RT = AS-number:EVI-number
eg: [1][192.168.1.1:1][03ABCDABCDABC1000001][0]
5.2 Route Type-2: MAC/IP advertisement route

Type-2 routes are used for advertising the MAC addresses and associated IP addresses. PE learns the
MAC addresses of the directly connected CEs via data plane learning mechanisms and it advertises to
other PEs through BGP NLRI using these type-2 MAC advertising route. The type 2 routes consists of
RD, ESI (zero of single homed and non-zero for multi-homed), MAC address and MPLS label associated
with the MAC and IP address which is optional.
5.3 Route Type-3: Inclusive Multicast Ethernet Tag Route (IMET)

This route establishes the connection for broadcast, unknown unicast and multicast (BUM) traffic from a
source PE to a remote PE and provides information about the P-tunnels that should be used for the BUM
traffic. When sending BUM frames, PEs can use ingress replication, P2MP or MP2MP LSPs. For this
implementation we use Ingress Replication. This route is advertised per VLAN per ESI.
5.4 Route Type-4: Ethernet Segment route

The Ethernet segment routes are needed in multi-homed scenarios which enables the discovery of PE
devices connected to the same Ethernet segment and also in designated forwarder (DF) election for
BUM traffic to the CE on a particular Ethernet segment. Once an ESI has been assigned for the Ethernet
segment for a multi-homed CE, it is advertised by the PE as BGP route type 4 with the ES-Import
extended community. The PEs whose import community matches with the ESI import community imports
this route and auto discover each other.
Type 4 ES route:
===================
[type][RD][ESI][IP-address length][originator-ip-address]
auto-RD = IPv4 address:ethernet-segment number
auto-RT = 0x0602:high order 6-octet ESI value
eg: [4][15.15.15.15:2][03AABBCCDDEEFF000002][32][15.15.15.15]/23
EVPN ES-IMPORT:0xAABB:0xCCDD:0xEEFF
6 EVPN multi-homing topology, configuration and verification

Below diagram represents the sample topology that will used for configuration, troubleshooting and
verification throughout the document. The configuration will cover VLAN-based, VLAN-bundled and
VLAN-aware service interface types.
ISIS IGP is configured within the core to provide reachability with iBGP peering using MP-BGP using
L2VPN EVPN address family. Switch1 and Switch2 are acting as customer edge devices in the below
topology.
Reference Platforms:
PE/P Routers: CSR1000V

Switch1/2: Nexus N9KV
6.1 Configuration examples:

This section covers the detailed configuration examples for EVPN Multi-homing all-active feature.
6.1.1 How to configure L2VPN EVPN globally and EVI on IOS-XE Router:
l2vpn evpn
replication-type ingress  Enables ingress replication label
router-id Loopback0  Configures L2VPN EVPN Router-ID
!
l2vpn evpn instance 10 vlan-based  Configures Vlan-based EVI 10
!
l2vpn evpn instance 20 vlan-bundle  Configures Vlan-bundled EVI 20
!
l2vpn evpn instance 30 vlan-aware  Configures Vlan-aware EVI 30
6.1.2 How to configure access interface on PE for EVPN Multi-homing all-active:
interface Port-channel1
no ip address
no negotiation auto
evpn ethernet-segment 1  Configures Ethernet Segment ID
identifier type 3 system-mac abcd.abcd.abc1  Configures system MAC
redundancy all-active  Configures redundancy mode (all-active/single-active)
service instance 10 ethernet  Enables service instance 10 under the physical interface
encapsulation dot1q 10
!
encapsulation dot1q 20-21
!
interface GigabitEthernet3
no ip address
negotiation auto
isis network point-to-point
isis three-way-handshake cisco
channel-group 1
6.1.3 How to configure Bridge-domain on IOS-XE Router:
bridge-domain 10
mac aging-time 30  Configures aging time for all MACs learnt under bridge-domain
member Port-channel1 service-instance 10  Links SI 10 on Port-channel1 with Bridge-domain 10

member evpn-instance 10  Links EVI 10 with Bridge-domain 10
!
bridge-domain 20
mac aging-time 30
member evpn-instance 20  Links EVI 20 with Bridge-domain 20
!
bridge-domain 30
mac aging-time 30
member evpn-instance 30 ethernet-tag 30  Links EVI 30 with Bridge-domain 30
6.1.4 PE BGP configuration:

router bgp 100
bgp router-id 192.168.1.1
bgp log-neighbor-changes
bgp graceful-restart
neighbor 192.168.1.4 remote-as 100
neighbor 192.168.1.4 update-source Loopback0
!
address-family ipv4
neighbor 192.168.1.4 activate
exit-address-family
!
address-family l2vpn evpn  Enables L2vpn evpn address family
neighbor 192.168.1.4 send-community both
neighbor 192.168.1.4 soft-reconfiguration inbound
exit-address-family
6.1.5 RR/Core Router BGP configuration:

router bgp 100
bgp router-id 192.168.1.4
bgp log-neighbor-changes
bgp graceful-restart
!
address-family ipv4
neighbor 192.168.1.1 route-reflector-client
exit-address-family
!
address-family l2vpn evpn  Enables L2vpn evpn address family

exit-address-family
6.1.6 BGP Use case: eBGP support
With eBGP, auto-RT is not supported, so we need to manually configure RT. In the above topology , all the PEs are
configured as iBGP peers. For this use case, we can configure PE5 as ebgp peer to RR. With ebgp , the next-hop gets
changed , so we need to configure next-hop-unchanged in RR
On RR under router bgp 100, change PE5 to be an ebgp peer

neighbor 192.168.1.6 ebgp-multihop 2
address-family l2vpn evpn

neighbor 192.168.1.6 next-hop-unchanged
On PE5 , do the same changes , PE5 is in AS 200

Router bgp 200
Neighbor 192.168.1.4 remote-as 00
Neighbor 192.168.1.4 ebgp-multihop 2
Neighbor 192.168.1.4 update-source loopback0
Configure manual RT on PE5 and import it on all the PE’s

L2vpn evpn instance 10 vlan-based
Route-target 200:5
6.1.7 Core Isolation
There may be situations where a PE loses connectivity to the Core. This might involve the core-facing interface on the PE
going to DOWN state or other upstream events resulting in BGP peering loss. All the BGP routes types 1, 2, 3 and 4 will
be withdrawn after the given timers expire. This will also alert the other PEs in the same Ethernet segment and there will
be a new DF election amongst the remaining PEs. However, the access side switch/node will not be aware of this event
since the multi-homed access interface on the PE will still be in UP state. This will result in traffic being black holed since
the access side switch will continue to forward traffic to the PE.
To remedy this scenario, the core isolation solution is implemented in IOS-XE. There are no extra EVPN configuration for
core isolation. In the event of a BGP peering being lost on the PE or core facing interface goes to DOWN state, the multi-
homed access interfaces on the PE are placed in “err-disabled” state by the IOS-XE. There are no configuration changes
made on these access interfaces. Since the access port is in DOWN state, the link partner on the access switch will also
be in DOWN state and the corresponding port-channel, on the switch, will detect that this member interface has gone
DOWN. Therefore, the Switch will stop forwarding traffic on this interface and load balance traffic amongst the remaining
member interfaces. Once the BGP peering is restored the “err-disabled” states are removed from the multi-homed
access interfaces.
For example, in the diagram below if, the int gig0/0/1 on RR goes DOWN the corresponding int g0/0/1 on PE1 will also go
to DOWN state.
Once the core facing interface is in DOWN state, the access ports will be placed in “err-disabled” state. In this instance,
gig 0/1/2 is a member of port-channel 10 and gig 0/1/4 is a member of port-channel 20 on PE1. The following table shows
the logs and state of the port-channel, member interfaces and etherchannel once the core isolation is detected and the
logs and state once the core isolation is remedied ( usually via administrator intervention) .
State before core isolation detection
PE1 :
PE1#sh run int port-channel 10

Building configuration...
Current configuration : 639 bytes

!
no ip address
load-interval 30
negotiation auto
identifier type 3 system-mac 0000.1020.1020
redundancy all-active
service instance 2 ethernet
!
!
!
!
!
!
!
!
end
PE1#sh run int gig 0/1/2


!
interface GigabitEthernet0/1/2
no ip address
load-interval 30
carrier-delay down msec 0
negotiation auto
channe


!
no ip address
negotiation auto
identifier type 3 system-mac adcd.effa.ffff
!
!
!


!
no ip address
negotiation auto
channel-group 20
end
PE1#sh etherchannel summary

Flags: D - down P/bndl - bundled in port-channel
I - stand-alone s/susp - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
M - not in use, minimum links not met

u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 3

Number of aggregators: 3
Group Port-channel Protocol Ports

------+-------------+-----------+-----------------------------------------------
10 Po10(RU) Gi0/1/2(P)
20 Po20(RU) Gi0/1/4(P)
30 Po30(RD)
RU - L3 port-channel UP State
SU - L2 port-channel UP state
P/bndl - Bundled
S/susp - Suspended
PE1#sh l2vpn evpn summary  This command is used to verify core isolation
L2VPN EVPN
EVPN Instances (excluding point-to-point): 9
VLAN Aware: 3
VLAN Based: 3
VLAN Bundle: 3
Bridge Domains: 9
BGP: ASN 100, address-family l2vpn evpn configured
Router ID: 10.5.5.5
Label Allocation Mode: Per-BD
Replication Type: Ingress
Forwarding State: UP  The output shows forwarding in UP state
MAC Duplication: seconds 180 limit 5
MAC Addresses: 25
Local: 12
Remote: 13
Duplicate: 0
IP Duplication: seconds 180 limit 5

IP Addresses: 0
Local: 0
Remote: 0
Duplicate: 0
Maximum number of Route Targets per EAD-ES route: 200
PE1#
PE1#sh l2fib evpn peers  This command is used to verify core isolation In this scenario we see evpn peers.
Peer Address RefCount
-------------------- --------
10.6.6.6 9
10.7.7.7 9
10.9.9.9 8
10.1.1.1 8
Switch :
Switch_1#sh etherchannel summary
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended

d - default port
A - formed by Auto LAG


------+-------------+-----------+-----------------------------------------------
5 Po5(SD) -
6 Po6(SU) - Gi1/1/1(P) Gi1/1/2(P) Gi1/1/3(P)
10 Po10(SD) -
12 Po12(SU) - Gi1/0/7(P) Gi1/0/9(P) Gi1/0/10(P)
Switch_1#
Core isolation detection and action :
In this instance, gig 0/0/1 on RR has gone to DOWN state
PE1 :
*Apr 26 17:37:12.100 EDT: %LINK-3-UPDOWN: Interface GigabitEthernet0/0/1, changed state to down
*Apr 26 17:37:12.101 EDT: %IOSXE_RP_ALARM-6-INFO: ASSERT CRITICAL GigabitEthernet0/0/1 Physical Port
Link Down
*Apr 26 17:37:12.103 EDT: %OSPF-5-ADJCHG: Process 1, Nbr 54.4.4.4 on GigabitEthernet0/0/1 from FULL to
DOWN, Neighbor Down: Interface down or detached
*Apr 26 17:37:13.100 EDT: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/1, changed

state to down
*Apr 26 17:37:12.100 EDT: %LINK-3-UPDOWN: SIP0/0: Interface GigabitEthernet0/0/1, changed state to down
*Apr 26 17:37:17.227 EDT: %EVPN-3-CORE_ISOLATION: Shutting down multi-homing access interface Port-
channel10
*Apr 26 17:37:17.227 EDT: %EVPN-3-CORE_ISOLATION: Shutting down multi-homing access interface Port-
channel20
*Apr 26 17:37:17.707 EDT: %LINK-5-CHANGED: Interface GigabitEthernet0/1/2, changed state to administratively
down
*Apr 26 17:37:17.709 EDT: GigabitEthernet0/1/2 taken out of port-channel10

state to down
*Apr 26 17:37:19.227 EDT: %LINK-5-CHANGED: Interface Port-channel10, changed state to administratively down
*Apr 26 17:37:19.238 EDT: %LINK-5-CHANGED: Interface Port-channel20, changed state to administratively down
*Apr 26 17:37:19.281 EDT: %LINK-5-CHANGED: Interface GigabitEthernet0/1/4, changed state to administratively
down
*Apr 26 17:37:19.282 EDT: GigabitEthernet0/1/4 taken out of port-channel20
*Apr 26 17:37:20.227 EDT: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel10, changed state to
down
down
state to down
*Apr 26 17:40:06.330 EDT: %BGP-3-NOTIFICATION: sent to neighbor 54.4.4.4 4/0 (hold time expired) 0 bytes
*Apr 26 17:40:06.330 EDT: %BGP-5-NBR_RESET: Neighbor 54.4.4.4 reset (BGP Notification sent)
*Apr 26 17:40:06.332 EDT: %BGP-5-ADJCHANGE: neighbor 54.4.4.4 Down BGP Notification sent
*Apr 26 17:40:06.332 EDT: %BGP_SESSION-5-ADJCHANGE: neighbor 54.4.4.4 L2VPN Evpn topology base removed
from session BGP Notification sent
*Apr 26 17:40:06.332 EDT: %BGP_SESSION-5-ADJCHANGE: neighbor 54.4.4.4 IPv4 Unicast topology base removed
from session BGP Notification sent
PE1#
PE1# sh interfaces port-channel 10

Port-channel10 is administratively down, line protocol is down (err-disabled)
Hardware is GEChannel, address is 001a.3045.0ac9 (bia 001a.3045.0ac9)
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 04:00:00
No. of active members in this channel: 0
No. of PF_JUMBO supported members in this channel : 1
Last input 00:00:40, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/0/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/0 (size/max)
30 second input rate 0 bits/sec, 0 packets/sec
30 second output rate 0 bits/sec, 0 packets/sec
1234941 packets input, 120252370 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
571946 packets output, 58843130 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
PE1# sh interfaces gigabitEthernet 0/1/2

GigabitEthernet0/1/2 is administratively down, line protocol is down (err-disabled)
Hardware is SPA-5X1GE-V2, address is 001a.3045.0ac9 (bia 001a.3045.0912)
Keepalive not supported
Full Duplex, 1000Mbps, link type is auto, media type is SX
output flow-control is off, input flow-control is off
Asymmetric Carrier-Delay Down Timer is 0 msec
Last input never, output never, output hang never
Last clearing of "show interface" counters 6d01h
30 second input rate 0 bits/sec, 0 packets/sec

30 second output rate 0 bits/sec, 0 packets/sec
PE1# sh interfaces port-channel 20

Port-channel20 is administratively down, line protocol is down (err-disabled)
Hardware is GEChannel, address is 001a.3045.0ad3 (bia 001a.3045.0ad3)
No. of PF_JUMBO supported members in this channel : 1
Last clearing of "show interface" counters never
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
PE1# sh interfaces gigabitEthernet 0/1/4
GigabitEthernet0/1/4 is administratively down, line protocol is down (err-disabled)

Hardware is SPA-5X1GE-V2, address is 001a.3045.0ad3 (bia 001a.3045.0914)
Full Duplex, 1000Mbps, link type is auto, media type is T
output flow-control is on, input flow-control is on
Last clearing of "show interface" counters 6d01h
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
PE1#


d - default port


------+-------------+-----------+-----------------------------------------------
10 Po10(RD) Gi0/1/2(D)
20 Po20(RD) Gi0/1/4(D)
30 Po30(RD)
P/bndl - Bundled
S/susp - Suspended


!
no ip address
load-interval 30
negotiation auto
identifier type 3 system-mac 0000.1020.1020
!
!
!
!
!
!
!
!
end
PE1#
PE1#
PE1#
PE1#

!
no ip address
load-interval 30
carrier-delay down msec 0
negotiation auto
channel-group 10
end
PE1#
PE1#
PE1#
PE1#

!
no ip address
negotiation auto
identifier type 3 system-mac adcd.effa.ffff
!
!
!
!
end
PE1#
PE1#
PE1#

!
no ip address
negotiation auto
channel-group 20
end
PE1#
PE1#sh l2vpn evpn summary

L2VPN EVPN
VLAN Aware: 3
VLAN Based: 3
VLAN Bundle: 3
Bridge Domains: 9
Router ID: 55.5.5.5
Forwarding State: DOWN  Here the forwarding state is in DOWN state
MAC Addresses: 0
Local: 0
Remote: 0
Duplicate: 0
IP Addresses: 0
Local: 0
Remote: 0
Duplicate: 0
PE1#
PE1#sh l2fib evpn peers  There are no EVPN peers

-------------------- --------
PE1#
Switch :
Switch_1#
*Apr 26 16:21:04.096: %IOSXE_INFRA-6-PROCPATH_CLIENT_HOG: IOS shim client 'ngwc fed bipc' has taken 1306
msec (runtime: 1264 msec) to process a 'unknown' message
*Apr 26 16:21:04.187: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/1/3, changed state to
down
*Apr 26 16:21:05.564: %IOSXE_INFRA-6-PROCPATH_CLIENT_HOG: IOS shim client 'ngwc fed bipc' has taken 1366
msec (runtime: 1283 msec) to process a 'unknown' message
down
*Apr 26 16:21:06.096: %LINK-3-UPDOWN: Interface GigabitEthernet1/1/3, changed state to down
*Apr 26 16:21:07.564: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/7, changed state to down
Switch_1#
Switch_1#sh etherchannel summary

d - default port


------+-------------+-----------+-----------------------------------------------
5 Po5(SD) -
6 Po6(SU) - Gi1/1/1(P) Gi1/1/2(P) Gi1/1/3(D) -> link partner on PE1 for gi1/1/3 is gig 0/1/2
10 Po10(SD) -
12 Po12(SU) - Gi1/0/7(D) Gi1/0/9(P) Gi1/0/10(P) -> link partner on PE1 for gi1/0/7 is gig 0/1/4
Switch_1#
Core isolation state not present anymore

In this example. Gig 0/0/1 interface on RR has returned to UP state
PE1
*Apr 26 18:49:49.866 EDT: %LINK-3-UPDOWN: Interface GigabitEthernet0/0/1, changed state to up

*Apr 26 18:49:49.867 EDT: %IOSXE_RP_ALARM-6-INFO: CLEAR CRITICAL GigabitEthernet0/0/1 Physical Port Link
Down
*Apr 26 18:49:49.864 EDT: %LINK-3-UPDOWN: SIP0/0: Interface GigabitEthernet0/0/1, changed state to up
state to up
*Apr 26 18:50:30.868 EDT: %OSPF-5-ADJCHG: Process 1, Nbr 54.4.4.4 on GigabitEthernet0/0/1 from LOADING to
FULL, Loading Done
*Apr 26 18:50:31.533 EDT: %BGP-5-NBR_RESET: Neighbor 54.4.4.4 active reset (BGP Notification sent)
*Apr 26 18:50:31.533 EDT: %BGP-5-ADJCHANGE: neighbor 54.4.4.4 Up
*Apr 26 18:50:31.563 EDT: %EVPN-5-CORE_CONNECTED: Bringing up multi-homing access interface Port-
channel10
*Apr 26 18:50:31.563 EDT: %EVPN-5-CORE_CONNECTED: Bringing up multi-homing access interface Port-
channel20
Apr 26 18:50:32.021 EDT: %LINK-3-UPDOWN: Interface GigabitEthernet0/1/2, changed state to up
*Apr 26 18:50:32.023 EDT: GigabitEthernet0/1/2 added as member-1 to port-channel10

state to up
*Apr 26 18:50:33.563 EDT: %LINK-3-UPDOWN: Interface Port-channel10, changed state to up
*Apr 26 18:50:33.644 EDT: %LINK-3-UPDOWN: Interface GigabitEthernet0/1/4, changed state to down
*Apr 26 18:50:33.644 EDT: %IOSXE_RP_ALARM-6-INFO: ASSERT CRITICAL GigabitEthernet0/1/4 Physical Port
Link Down
up
*Apr 26 18:50:35.573 EDT: %LINK-3-UPDOWN: Interface Port-channel20, changed state to down
*Apr 26 18:50:36.636 EDT: %LINK-3-UPDOWN: Interface GigabitEthernet0/1/4, changed state to up
*Apr 26 18:50:36.636 EDT: %IOSXE_RP_ALARM-6-INFO: CLEAR CRITICAL GigabitEthernet0/1/4 Physical Port Link
Down
*Apr 26 18:50:36.638 EDT: GigabitEthernet0/1/4 added as member-1 to port-channel20

state to up
up
PE1#sh interfaces port-channel 10

Port-channel10 is up, line protocol is up
Hardware is GEChannel, address is 001a.3045.0ac9 (bia 001a.3045.0ac9)
Member 0 : GigabitEthernet0/1/2 , Full-duplex, 1000Mb/s
--More--
PE1#sh interfaces gigabitEthernet 0/1/2

GigabitEthernet0/1/2 is up, line protocol is up
Hardware is SPA-5X1GE-V2, address is 001a.3045.0ac9 (bia 001a.3045.0912)
Full Duplex, 1000Mbps, link type is auto, media type is SX
output flow-control is off, input flow-control is off
Asymmetric Carrier-Delay Down Timer is 0 msec
--More—
PE1#sh interfaces port-channel 20

Port-channel20 is up, line protocol is up
Hardware is GEChannel, address is 001a.3045.0ad3 (bia 001a.3045.0ad3)
Member 0 : GigabitEthernet0/1/4 , Full-duplex, 1000Mb/s
--More—
PE1#sh interfaces gigabitEthernet 0/1/4

GigabitEthernet0/1/4 is up, line protocol is up
Hardware is SPA-5X1GE-V2, address is 001a.3045.0ad3 (bia 001a.3045.0914)
Full Duplex, 1000Mbps, link type is auto, media type is T
output flow-control is on, input flow-control is on
--More—
PE1#sh etherc
PE1#sh etherchannel su

d - default port


------+-------------+-----------+-----------------------------------------------
10 Po10(RU) Gi0/1/2(P)
20 Po20(RU) Gi0/1/4(P)
30 Po30(RD)
P/bndl - Bundled
S/susp - Suspended
PE1#
PE1#sh l2vpn evpn summary

L2VPN EVPN
VLAN Aware: 3
VLAN Based: 3
VLAN Bundle: 3
Bridge Domains: 9
Router ID: 10.5.5.5
Forwarding State: UP  Forwarding is UP
MAC Addresses: 25
Local: 12
Remote: 13
Duplicate: 0
IP Addresses: 0
Local: 0
Remote: 0
Duplicate: 0
PE1#sh l2fib evpn peers  EVPN peers are reestablished

-------------------- --------
10.6.6.6 9
10.7.7.7 9
10.9.9.9 8
10.1.1.1 8
PE1#
Switch:
Switch_1#
*Apr 26 17:34:19.245: %LINK-3-UPDOWN: Interface GigabitEthernet1/1/3, changed state to up
*Apr 26 17:34:22.458: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/7, changed state to up
up
up
EDI26#
EDI26#
EDI26#sh etherchannel summary

d - default port


------+-------------+-----------+-----------------------------------------------
5 Po5(SD) -
6 Po6(SU) - Gi1/1/1(P) Gi1/1/2(P) Gi1/1/3(P)
10 Po10(SD) -
12 Po12(SU) - Gi1/0/7(P) Gi1/0/9(P) Gi1/0/10(P)
Switch_1#
6.1.8 Nexus N9KV port-channel configuration

On the access side it is recommended to have a port-channel to load balance traffic coming from
access side to work with multi-homing all-active solution.
interface port-channel1
switchport mode trunk
channel-group 1
channel-group 1
channel-group 1
6.2 Detailed Show outputs:

This section covers the detailed show outputs for EVPN multi-homing all-active. The section covers
Bridge-domain, EVPN manager, L2RIB, L2FIB and BGP databases.
6.2.1 Bridge-domain show outputs:

Note: Below bridge-domain show output provides detailed information regarding the locally
learnt MAC, Interface on which it is learnt and Service instance information.
PE1#show bridge-domain 10 mac dynamic address

Port MAC Address
Po1 ServInst 10 000c.2911.6d2a  MAC learnt on port-channel 1 for service instance 10
Tag field in below output shows if a MAC is locally learnt, aliasing or remotely learnt.
dynamic_c  MAC learnt locally
static_a  Aliasing MAC
static_r  remotely learnt MAC
PE1#show bridge-domain 10
Bridge-domain 10 (2 ports in all)
State: UP Mac learning: Enabled
Aging-Timer: 30 second(s)  MAC aging timer for bridge-domain
Port-channel1 service instance 10
EVPN Instance 10
AED MAC address Policy Tag Age Pseudoport
- 000C.29F8.5078 forward static_r 0 OCE_PTR:0xe8e5dda0
- 000C.2911.6D2A forward dynamic_c 28 Port-channel1.EFP10
PE1#show bridge-domain 10
Bridge-domain 10 (2 ports in all)
State: UP Mac learning: Enabled
Aging-Timer: 30 second(s)
Port-channel1 service instance 10
EVPN Instance 10
- 000C.29F8.5078 forward static_r 0 OCE_PTR:0xe8e5dda0
- 000C.2911.6D2A forward static_a 0 Port-channel1.EFP10
6.2.2 EVPN Manager show outputs:

Note: The below output shows details about the number and type of EVIs configured on the
PE, number of bridge-domains configured and number of MACs learnt locally and remotely.
PE1#show l2vpn evpn summary

L2VPN EVPN

VLAN Aware: 1
VLAN Based: 1
VLAN Bundle: 1
Bridge Domains: 3
Router ID: 192.168.1.1
Forwarding State: UP
MAC Addresses: 6
Local: 3
Remote: 3
Duplicate: 0
IP Addresses: 0
Local: 0
Remote: 0
Duplicate: 0
Note: The below outputs shows details for all the ethernet-segments attached to the PE. The
details include type 3 ESI, Connected interface, Redundancy mode, split-horizon label and list
of forwarder PEs connected to the same ESI.
PE1#show l2vpn evpn ethernet-segment detail

EVPN Ethernet Segment ID: 03AB.CDAB.CDAB.C100.0001
Interface: Po1
Redundancy mode: all-active
DF election wait time: 3 seconds
Split Horizon label: 16
State: Ready
Ordinal: 0
RD: 192.168.1.1:1
Export-RTs: 100:10 100:20 100:30
Forwarder List: 192.168.1.1 192.168.1.2 192.168.1.3
Note: Below EVPN manager outputs shows the EVPN manager details regarding an EVI. Also
information regarding the Designated Forwarder (DF) election for an EVI can be retrieved. DF
is responsible for forwarding Broadcast, Unicast and Multicast (BUM) traffic on an ethernet
segment. Route-type 4 is used to carry this information.
PE1#show l2vpn evpn evi detail

EVPN instance: 10 (VLAN Based)  VLAN based EVI
RD: 192.168.1.1:10 (auto)  RD derived from Loopback0 EVPN Router-ID:EVI
number
Import-RTs: 100:10
Export-RTs: 100:10
Per-EVI Label: none
State: Established  EVI state
Encapsulation: mpls
Bridge Domain: 10
Ethernet-Tag: 0
BUM Label: 18
Per-BD Label: 19
State: Established  BD state
Pseudoports:  Access interface and DF election status for EVI 10
Port-channel1 service instance 10 (DF state: PE-to-CE BUM blocked)
EVPN instance: 20 (VLAN Bundle)  VLAN bundled EVI

RD: 192.168.1.1:20 (auto)
Import-RTs: 100:20
Export-RTs: 100:20
Per-EVI Label: none
State: Established
Encapsulation: mpls
Bridge Domain: 20
Ethernet-Tag: 0
BUM Label: 20
Per-BD Label: 21
State: Established
Pseudoports:
Port-channel1 service instance 20 (DF state: PE-to-CE BUM blocked)
EVPN instance: 30 (VLAN Aware)  VLAN aware EVI

RD: 192.168.1.1:30 (auto)
Import-RTs: 100:30
Export-RTs: 100:30
Per-EVI Label: none
State: Established
Encapsulation: mpls
Bridge Domain: 30
Ethernet-Tag: 30
BUM Label: 22
Per-BD Label: 23
State: Established
Pseudoports:  Elected DF for EVI 30
Port-channel1 service instance 30 (DF state: forwarding)
Note: Below output shows EVPN manager details regarding the bridge-domain 10.
PE1#show l2vpn evpn mac bridge-domain 10 detail

MAC Address: 000c.2911.6d2a
EVPN Instance: 10
Bridge Domain: 10
Ethernet Segment: 03AB.CDAB.CDAB.C100.0001  ESI number assigned to the MAC learnt on this
EFP
Ethernet Tag ID: 0
Next Hop(s): Port-channel1 service instance 10  MAC learnt locally on port-channel 1
3.3.3.3
Local Address: 0.0.0.0
Label: 17
Sequence Number: 0
MAC only present: Yes
MAC Duplication Detection: Timer not running
MAC Address: 000c.29f8.5078

EVPN Instance: 10
Bridge Domain: 10
Ethernet Segment: 03AB.CDAB.CDAB.C200.0002
Ethernet Tag ID: 0
Next Hop(s): 6.6.6.6
Label: 19
Sequence Number: 0
Note: Below output shows EVPN manager details regarding the EVI 10.
PE1#show l2vpn evpn mac evi 10 detail

MAC Address: 000c.2911.6d2a
EVPN Instance: 10
Bridge Domain: 10
Ethernet Tag ID: 0
Next Hop(s): Port-channel1 service instance 10
192.168.1.2
Label: 19
Sequence Number: 0
MAC Address: 000c.29f8.5078

EVPN Instance: 10
Bridge Domain: 10
Ethernet Tag ID: 0
Next Hop(s): 192.168.1.5
Label: 23
Sequence Number: 0
6.2.3 L2RIB show outputs

Note: Below output shows the components registered with L2RIB.
PE1#show l2rib producers

Producer (ID) Client ID Object Type Admin Dist Purge Time(sec) State
------------- --------- ----------- ---------- --------------- -----------
L2VPN( 9) 1 Topology 5 120 Converged
BGP( 5) 0 MAC 20 600 Converged
L2VPN( 9) 1 MAC 5 1800 Converged
BGP( 5) 0 EAD 20 600 Converged
L2VPN( 9) 1 EAD 6 120 Converged
BGP( 5) 0 IMET_ROUTE 20 600 Converged
L2VPN( 9) 1 IMET_ROUTE 6 120 Converged
BGP( 5) 0 MAC-IP 20 600 Converged
L2VPN( 9) 1 MAC-IP 6 1800 Converged
BGP( 5) 0 ES_ROUTE 20 600 Converged
L2VPN( 9) 1 ES_ROUTE 6 1800 Converged
Note: Below output shows EAD-ES Route-type 1 details in L2RIB database. The producer is
L2VPN if the PE has a local interface connected to the ESI. Information from a remote PE
connected to the same or different ESI is transported and produced by BGP.
PE1#sh l2route evpn ead per-es detail

Producer Name: L2VPN
ESI: 03AB.CDAB.CDAB.C100.0001
Redundancy Mode: all-active
Next Hop: Po1, SH label: 16, all-active, bucket numbers: 55,
Producer Name: BGP
Next Hop: 192.168.1.2, SH label: 16, all-active, bucket numbers: 24,
192.168.1.3, SH label: 16, all-active, bucket numbers: 24,
Producer Name: BGP

Next Hop: 192.168.1.5, SH label: 17, all-active, bucket numbers: 24,
192.168.1.6, SH label: 17, all-active, bucket numbers: 24,
Note: Below output shows the EAD-EVI Route-type 1 details for all the configured EVIs. The
details include configured EVI number, ETag, Producer (L2VPN/BGP), ESI number, Next-hop
and forwarding label.
PE1#sh l2route evpn ead per-evi

EVI ETag Prod ESI Next Hop(s) Label
----- ---------- ----- ------------------------ --------------- -------
10 0 L2VPN 03AB.CDAB.CDAB.C100.0001 Po1:10 17
10 0 BGP 03AB.CDAB.CDAB.C100.0001 192.168.1.2 19
192.168.1.3 19
10 0 BGP 03AB.CDAB.CDAB.C200.0002 192.168.1.5 19
192.168.1.6 19
20 0 BGP 03AB.CDAB.CDAB.C100.0001 192.168.1.2 21
192.168.1.3 21
20 0 BGP 03AB.CDAB.CDAB.C200.0002 192.168.1.5 21
192.168.1.6 21
30 30 BGP 03AB.CDAB.CDAB.C100.0001 192.168.1.2 23
192.168.1.3 23
30 30 BGP 03AB.CDAB.CDAB.C200.0002 192.168.1.5 23
192.168.1.6 23
Note: The below output shows Ethernet segment route-type 4 information in L2RIB database
used to elect designated forwarder for an ethernet-segment.
PE1#show l2route evpn es detail

Orig Router IP: 192.168.1.2
Producer: BGP
Ifindex: N/A
NFN Bitmap: 0
Producer: BGP
Ifindex: N/A
NFN Bitmap: 0
Producer: L2VPN
Ifindex: 0xD
NFN Bitmap: 0
Note: The below output shows the MAC produced by L2VPN locally and also learnt from BGP.
PE1#show l2route evpn mac mac-address 000c.2911.6d2a detail

EVPN Instance: 10
Ethernet Tag: 0
Producer Name: L2VPN
MAC Address: 000C.2911.6D2A
Num of MAC IP Route(s): 0
Sequence Number: 0
Flags: B(Stt)
Next Hop(s): Po1:10
EVPN Instance: 10
Ethernet Tag: 0
Producer Name: BGP
Sequence Number: 0
Flags: (Stt)
Next Hop(s): L:19 IP:192.168.1.2, L:19 IP:192.168.1.3
Note: Below output shows the MAC learnt as RT 2 from 192.168.1.2 but aliased to 3 resolved
next hops built using EAD-EVI Route-type 1.
PE5#show l2route evpn mac mac-address 000c.2911.6d2a detail

EVPN Instance: 10
Ethernet Tag: 0
Producer Name: BGP

Sequence Number: 0
Flags: B()
Next Hop(s): L:19 IP:192.168.1.2  RT 2 learnt from this
NH
Resolved Next Hops: L:19 IP:192.168.1.2, L:25 IP:192.168.1.1, L:19 IP:192.168.1.3  Path-list built using
RT 1
Note: The below outputs shows the Route-type 3 IMET tunnels created for each EVI.
PE1#sh l2route evpn imet

EVI ETAG Prod Router IP Addr Type Label Tunnel ID
----- ---------- ----- --------------- ----- ------- ---------------
10 0 BGP 192.168.1.2 6 22 192.168.1.2
10 0 BGP 192.168.1.3 6 22 192.168.1.3
10 0 BGP 192.168.1.5 6 22 192.168.1.5
10 0 BGP 192.168.1.6 6 22 192.168.1.6
10 0 L2VPN 192.168.1.1 6 18 192.168.1.1
20 0 BGP 192.168.1.2 6 20 192.168.1.2
20 0 BGP 192.168.1.3 6 20 192.168.1.3
20 0 BGP 192.168.1.5 6 20 192.168.1.5
20 0 BGP 192.168.1.6 6 20 192.168.1.6
20 0 L2VPN 192.168.1.1 6 20 192.168.1.1
30 30 BGP 192.168.1.2 6 18 192.168.1.2
30 30 BGP 192.168.1.3 6 18 192.168.1.3
30 30 BGP 192.168.1.5 6 18 192.168.1.5
30 30 BGP 192.168.1.6 6 18 192.168.1.6
30 30 L2VPN 192.168.1.1 6 22 192.168.1.1
6.2.4 L2FIB show outputs
PE1#show l2fib evpn ead local

Ethernet Segment ID Redundancy Mode SH Label
-------------------- ----- --------------- --------
03ABCDABCDABC1000001 1 all-active 16@Po1  Local ESI and connected interface
PE1#show l2fib evpn ead remote  Show remote ESIs and path-lists
Ethernet Segment Redundancy Mode Path List
-------------------- --------------- --------------------------------
03ABCDABCDABC1000001 all-active PL:2(2) T:EAD [None][email protected] ...
03ABCDABCDABC2000002 all-active PL:4(2) T:EAD [None][email protected] ...
PE1#show l2fib path-list 2

PathList ID :2
PathList Type : EAD
Ethernet Segment : 03ABCDABCDABC1000001
Path Count :2
Paths : [None][email protected]
: [None][email protected]

PathList ID :4
PathList Type : EAD
Path Count :2
Paths : [None][email protected]
: [None][email protected]
Note: The below outputs shows all the MACs learnt under L2FIB database. Connected interface
for local learns and resolved-path lists for remote learns can be seen.
PE5#show l2fib bridge-domain 10 detail

Bridge Domain : 10
Reference Count : 16
Replication ports count : 5
Unicast Address table size : 2
IP Multicast Prefix table size : 4
Flood List Information:

Olist: 9229, Ports: 5
Port Information:
BD_PORT Po1:10
MPLS_IR PL:797(1) T:IMET [IR][email protected]
Unicast Address table information :

000c.2911.6d2a MPLS_UC PL:1108(3) T:MAC [MAC][email protected] ...
000c.29f8.5078 BD_PORT Po1:10  MAC locally learnt on Port-channel 1
IP Multicast Prefix table information :

Source: *, Group: 224.0.0.0/4, IIF: Null, Adjacency: Olist: 9230, Ports: 0
Source: *, Group: 224.0.0.0/24, IIF: Null, Adjacency: Olist: 9229, Ports: 5
Source: *, Group: 224.0.1.39, IIF: Null, Adjacency: Olist: 9229, Ports: 5
Source: *, Group: 224.0.1.40, IIF: Null, Adjacency: Olist: 9229, Ports: 5
Note: The below outputs shows path-list created for the remote MAC 000c.2911.6d2a on PE5.
Show l2fib path-list CLI then can be used to look into the details. Path-list is used for remotely
learnt MACs only. Next-hop interface is used for forwarding locally learnt MAC traffic.
PE5#show l2fib bridge-domain 10 address unicast 000C.2911.6D2A

MAC Address : 000c.2911.6d2a
Reference Count :1
Epoch :0
Producer : BGP
Flags : None
Adjacency : MPLS_UC PL:1108(3) T:MAC [MAC][email protected] ...  Path-list created from RT 1

PathList ID : 1108
PathList Type : MAC
Path Count :3
Paths : [MAC][email protected]  Learnt from RT 2
: [EVI][email protected]  Aliasing from RT 1
: [EVI][email protected]  Aliasing from RT 1
6.2.5 BGP show outputs

Note: The below BGP outputs shows EAD-EVI route-type 1 for EVI 10. It also provides
information regarding the other PEs connected to the same ESI and have EVI 10 active.
PE1# show ip bgp l2vpn evpn evi 10 route-type 1

BGP routing table entry for [1][192.168.1.1:10][03ABCDABCDABC1000001][0]/23, version 109
Paths: (3 available, best #2, table evi_10)
Flag: 0x8000
Advertised to update-groups:
1
Refresh Epoch 4
Local, (received & used), imported path from [1][192.168.1.2:10][03ABCDABCDABC1000001][0]/23 (global)
192.168.1.2 (metric 30) (via default) from 192.168.1.4 (192.168.1.4)
Origin incomplete, metric 0, localpref 100, valid, internal, multipath
Rcvd Label: 19, Local Label: None
Extended Community: RT:100:10
Originator: 192.168.1.2, Cluster list: 192.168.1.4
rx pathid: 0, tx pathid: 0
Refresh Epoch 1
Local
:: (via default) from 0.0.0.0 (192.168.1.1)
Origin incomplete, localpref 100, weight 32768, valid, sourced, local, multipath, best
Rcvd Label: None, Local Label: 25
rx pathid: 0, tx pathid: 0x0
Refresh Epoch 3
Origin incomplete, metric 0, localpref 100, valid, internal, multipath(oldest)
Not advertised to any peer
Refresh Epoch 2
Origin incomplete, metric 0, localpref 100, valid, internal, multipath, best
Refresh Epoch 2
Note: The below output shows EAD-ES route-type 1 output for EVI 10 in BGP database.
PE1# show ip bgp l2vpn evpn route-type 1

Paths: (1 available, best #1, table EVPN-BGP-Table)
Refresh Epoch 6
Local, (received & used)
Origin incomplete, metric 0, localpref 100, valid, internal, best

Note: The below BGP route-type 4 outputs shows the information regarding the PEs that have
any ESI configured and active. PEs with same ESI contest to be the designated forwarder of
BUM traffic for the ESI using route-type 4.
PE1#sh ip bgp l2vpn evpn route-type 4

BGP routing table entry for [4][192.168.1.1:1][03ABCDABCDABC1000001][32][192.168.1.1]/23, version 99
1
Refresh Epoch 1
Local
:: (via default) from 0.0.0.0 (192.168.1.1)
Origin incomplete, localpref 100, weight 32768, valid, sourced, local, best
Extended Community: EVPN ES-IMPORT:0xABCD:0xABCD:0xABC1
Refresh Epoch 5
Refresh Epoch 5
Paths: (1 available, no best path)
Refresh Epoch 5
Local, (received-only)

Origin incomplete, metric 0, localpref 100, valid, internal
Paths: (1 available, no best path)
Refresh Epoch 5
Local, (received-only)
Origin incomplete, metric 0, localpref 100, valid, internal
Note: Below BGP route-type 2 details show details about MACs learnt under EVI 10 from all the
PEs. MAC 000C:2911:6D2A has 3 available paths. It is learnt locally on PE1 and also learnt from
PE2 and PE3. Similarly MAC 000C:29F8:5078 is learnt from PE4 and PE5 under EVI 10.
PE1#show ip bgp l2vpn evpn evi 10 route-type 2

BGP routing table entry for [2][192.168.1.1:10][0][48][000C29116D2A][0][*]/20, version 102
1
Refresh Epoch 1
Local
:: (via default) from 0.0.0.0 (192.168.1.1)
Origin incomplete, localpref 100, weight 32768, valid, sourced, local, multipath, best
EVPN ESI: 03ABCDABCDABC1000001, Label1 19
Refresh Epoch 2
Local, (received & used), imported path from [2][192.168.1.3:10][0][48][000C29116D2A][0][*]/20 (global)
Origin incomplete, metric 0, localpref 100, valid, internal, multipath
Refresh Epoch 2
Local, (received & used), imported path from [2][192.168.1.2:10][0][48][000C29116D2A][0][*]/20 (global)

BGP routing table entry for [2][192.168.1.1:10][0][48][000C29F85078][0][*]/20, version 66
Refresh Epoch 2
Local, (received & used), imported path from [2][192.168.1.6:10][0][48][000C29F85078][0][*]/20 (global)
Refresh Epoch 2
Local, (received & used), imported path from [2][192.168.1.5:10][0][48][000C29F85078][0][*]/20 (global)
Origin incomplete, metric 0, localpref 100, valid, internal, multipath, best
Note: Below output shows IMET route-type 3 details for EVI 10.
PE1#show ip bgp l2vpn evpn evi 10 route-type 3

BGP routing table entry for [3][192.168.1.1:10][0][32][192.168.1.1]/17, version 30
1
Refresh Epoch 1
Local
:: (via default) from 0.0.0.0 (192.168.1.1)
Origin incomplete, localpref 100, weight 32768, valid, sourced, local, best
PMSI Attribute: for EVPN, Flags: 0x0, Tunnel type: 6, length 4, label: 18 (vni 288) tunnel parameters: 0000 0000
Refresh Epoch 2
Local, (received & used), imported path from [3][192.168.1.2:10][0][32][192.168.1.2]/17 (global)
PMSI Attribute: for EVPN, Flags: 0x0, Tunnel type: 6, length 4, label: 22 (vni 352) tunnel parameters: C0A8 0102

Refresh Epoch 2
Refresh Epoch 2
Refresh Epoch 2
6.2.6 Ether-channel show outputs between CE and PE.

Once an ether-channel is configured between a PE and CE, below show outputs can be used to
verify the correct behavior. In 16.9 release no port-channel signaling is supported. The port-channel
should be configured in “on mode” only.
Ether-channel state output on CE device.
CE1# show port-channel summary

Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
b - BFD Session Wait
S - Switched R - Routed
U - Up (port-channel)
p - Up in delay-lacp mode (member)
M - Not in use. Min-links not met
--------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
--------------------------------------------------------------------------------
1 Po1(SU) Eth NONE Eth1/1(P) Eth1/2(P) Eth1/3(P)
Ether-channel state output on PE device.
PE1#show etherchannel summary


d - default port


------+-------------+-----------+-----------------------------------------------
1 Po1(RU) Gi3(P)
P/bndl - Bundled
S/susp - Suspended
6.2.7 Platform show outputs

Note：Platform EVPN EFI/EFP show commands
<show platform ethernet fp> efp id [id] interface [name]
4RU#show pla sof ethernet fp active efp id 1 interface GigabitEthernet0/1/2

Forwarding Manager Ethernet Flow Points
EFP: ID: 1, DPIDB: 0x420011, Data Type: static

Interface: 12 (GigabitEthernet0/1/2)
QFPIDX: 21
QFPifname: GigabitEthernet0/1/2.EFP1
Flags: none
State: Up, Priority: 10
First tag encap: dot1q, vlan-type: 0x8100
vlan list: 10
Payload etype: none
DOT1AD Port Type: UNI
EVPN ES ID: 20, Label: 100, DF state: forward
Bridge-domain: 100, Split-Horizon: None
MAC-limit: 65536
Note：Platform mac/mpls prefix show commands
<show platform qfp cef-mpls> prefix mpls [evpn label]
4RU#show platform hardware qfp active feature cef-mpls prefix mpls 19

=== Gtrie Node ===
Gtrie Node Type: Tree Node

HW Content: : 8d100d4d 00000000 80000000 00000000
Gtrie Tree Node Type:: Search Trie Node
=== Gtrie Search Node ===
TN type 0, TN scan use 0, TN stride 6
TN inode exists 0, TN skip 0
TN zero perf real len: 0
TN par bl offset: 0
TN par bl len: 0
TBM Tree Array
TA NNodes 1, TA INode Exists 0, TN TNRefs 0x000055dcc72c8b88
TBM Tree Node Bitmap
Search Node Bitmap: 80 00 00 00 00 00 00 00
=== Gtrie Node ===
HW Content: : 8d5c000d 00000000 dc000000 00000000

TN par bl offset: 0
TN par bl len: 0
TBM Tree Array
TA NNodes 5, TA INode Exists 0, TN TNRefs 0x000055dcc73451b8
Search Node Bitmap: dc 00 00 00 00 00 00 00
=== Gtrie Node ===

HW Content: : 8d400305 00000000 0f000000 00000000
TN par bl offset: 0
TN par bl len: 0
TBM Tree Array
TA NNodes 4, TA INode Exists 0, TN TNRefs 0x000055dcc7344bc8
Search Node Bitmap: 1e 00 00 00 00 00 00 00
=== Gtrie Node ===
Gtrie Node Type: Leaf Node

HW Content: : 0a000000 000000b8 00000000 8cd805a0
for us: 0
dft route: 0
real intf: 0
hw use only: 0
overlay db query: 0
QPPB QoS Precedence valid: 0

QoS Precedence: 0
QPPB QoS Group valid: 0
QoS Group: 0
BGPPA Traffic Index valid: 0
BGPPA Traffic Index: 0
TBLF refcount: 0
TBLF application lf handle: 0
CTS src_sgt: 0
CTS dst_sgt: 0
Prefix Length: 0
Prefix:
Lisp local eid: 0
Lisp remote eid: 0
Lisp generalized SMR enabled: 0
Lisp locator status bits: 0
Lisp dynamic configured eid: 0
Lisp dynamic discovered eid: 0
tun_lookup_flags: 0000
vrf_id: 0
no broadcast addr: 0
nat addr: 0
connected interface rx uidb: 0
bgp sourced: 0
origin as: 0
peer as: 0
bgp next hop is v6: 0
bgp next hop address: :
=== OCE ===
OCE Type: EOS OCE, Number of children: 2

Next HW OCE Ptr: : 0x8cd80580, 0x8cd805c0
=== OCE ===
OCE Type: Label OCE, Number of children: 1

Label flags: : 64
Num Labels: : 1
Num Bk Labels: : 0
Out Labels: : 1048577
Out Backup Labels: :
Next HW OCE Ptr: : 0x8d3ba430
=== OCE ===
OCE Type: EVPN Decap OCE, Number of children: 0

=== OCE ===

Label flags: : 64
Num Labels: : 1
Num Bk Labels: : 0
Out Labels: : 1048577
Next HW OCE Ptr: : 0x8d3ba430
=== OCE ===
OCE Type: EVPN Decap OCE, Number of children: 0
Note：Platform evpn oce show commands
<show platform evpn fp> decap-oce
4RU#show pla sof evpn fp active decap-oce

Number of EVPN Decap OCE entries in the table: 2
Flags: C - control-word in use, S - sequence
ID Type EFI Flags* Drops Transmits

----------------------------------------------------------------
0xad BUM 0x420012 C, S 0 0
0xb1 Per-BD 0x420012 C, S 0 0
4RU#show pla sof evpn fp active decap-oce index 0xad

EVPN Decap OCE: id 0xad, path type MPLS, decap type BUM
EFI EFP: dpidx 0x420012
Flags*: C, S
Misc Info: CPP handle: 0x559278fa05c8 (om_id 397 created)
Transmits: pkt 0, byte 0
Drops: pkt 0, byte 0
<show platform evpn fp> encap-oce

4RU#show pla sof evpn fp active encap-oce
Number of EVPN Encap OCE entries in the table: 2
ID Type EFI Flags* Drops Transmits

----------------------------------------------------------------
0x182f IR 0x420012 C, S 0 0
0x1838 Unicast 0x420012 C, S 0 0
4RU#show pla sof evpn fp active encap

4RU#show pla sof evpn fp active encap-oce in
4RU#show pla sof evpn fp active encap-oce index 0x182f
EVPN Encap OCE: id 0x182f, path type MPLS, encap type IR

Next hop: 2.2.2.2
Next OCE: type LABEL, id 0x182e
Flags*: C, S
Misc Info: CPP handle: 0x559278f9f068 (om_id 7445 created)
4RU#show pla sof evpn fp active encap-oce index 0x1838

EVPN Encap OCE: id 0x1838, path type MPLS, encap type Unicast
Next OCE: type LABEL, id 0x1837
Flags*: C, S
Misc Info: CPP handle: 0x559278f9f6f8 (om_id 7464 created)
<show platform evpn fp> encap-oce index [id] detail
4RU#show pla sof evpn fp active encap-oce index 0x1838 de

=== OCE ===
OCE Type: EVPN Encap OCE, Number of children: 1

Flags: 0
Atom flags: 0
Next hop: 0.0.0.0
EFI Name: EFI1.4325394
Next hw oce ptr: 0x8cd80600
=== OCE ===

Label flags: : 0
Num Labels: : 1
Num Bk Labels: : 1
Out Labels: : 100
Out Backup Labels: : 100
Next HW OCE Ptr: : 0x8cd805a0
=== OCE ===
Label flags: : 65
Num Labels: : 1
Num Bk Labels: : 0
Out Labels: : 3
Next HW OCE Ptr: : 0x8cd804b0
=== OCE ===
OCE Type: Adjacency, Number of children: 0

Adj Type: : MPLS Adjacency
Encap Len: : 14
L3 MTU: : 1500
Adj Flags: : 0
Fixup Flags: : 0
Output UIDB: :
Interface Name: GigabitEthernet0/1/4
Encap: : 88 43 e1 e5 36 44 b4 14 89 06 8f 14 88 47
Next Hop Address: : 5.0.0.2
Next HW OCE Ptr: : 00000000
CM HW Ptr:: 1895825408
Fixup_Falgs_2: : 0
4RU#
4RU#show pla sof evpn fp active encap-oce index 0xc0 de

=== OCE ===
OCE Type: EVPN Encap OCE, Number of children: 1

Flags: 0000
Atom flags: 0000
Next hop: 0.0.0.0
EFI Name: EFI1.100.4325392
Next hw oce ptr: 0x8c280650
=== OCE ===
OCE Type: Loadbalance OCE, Number of children: 16

L3 Loadbalance Per-Packet: : 0
Number of LB Entries: : 16
Next Hash Index: : 0
Anti-polarising Factor: : 0x277bfe70
Flags: : 0
Load Balance Element
OCE Chain Pointer 0x8c280610, Per LBE Stats 0, Color 0

=== OCE ===

Label flags: : 0
Num Labels: : 1
Num Bk Labels: : 1
Out Labels: : 101
Next HW OCE Ptr: : 0x8c2805a0
=== OCE ===

Label flags: : 0
Num Labels: : 1
Num Bk Labels: : 0
Out Labels: : 0
Next HW OCE Ptr: : 0x8c280560
=== OCE ===

Encap Len: : 14
L3 MTU: : 1500
Adj Flags: : 0
Fixup Flags: : 0
Output UIDB: :
Encap: : 88 43 e1 e5 36 44 b4 14 89 06 8f 14 88 47
CM HW Ptr:: 2969567232
Fixup_Falgs_2: : 0
=== OCE ===

Label flags: : 0
Num Labels: : 1
Num Bk Labels: : 1
Out Labels: : 101
Next HW OCE Ptr: : 0x8c2805e0
=== OCE ===

Label flags: : 0
Num Labels: : 1
Num Bk Labels: : 0
Out Labels: : 0
Next HW OCE Ptr: : 0x8c280560
=== OCE ===

Encap Len: : 14
L3 MTU: : 1500
Adj Flags: : 0
Fixup Flags: : 0
Output UIDB: :
Encap: : 88 43 e1 e5 36 44 b4 14 89 06 8f 14 88 47
CM HW Ptr:: 2969567232
Fixup_Falgs_2: : 0
Note：Platform hardware BD show commands
<show platform qfp bd> datapath [bd_id]
4RU#show platform hardware qfp active feature bridge-domain datapath 100

QFP L2BD Bridge Domain information
BD id : 100
State enabled : Yes
Aging timeout (sec) : 300
Aging active entry : Yes
Max mac limit : 65536
Unkwn mac limit flood : Yes
mac_learn_enabled : Yes
mac_learn_controled : Yes
use_olist_for_unknown_unicast : Yes
arp_suppression_enabled : No
otv_aed_enabled : No
otv_enabled : No
evpn_enabled : Yes
mcast_snooping_enabled : No
Mac learned :2
BDI outer vtag : 00000000
BDI inner vtag : 00000000
Replication tree info:

Global replication : depth encode 0X2000001, (head 0X8CD7C410)
Split-horizon-group 0 : depth encode 00000000, (head 00000000)
Bridge Domain statistics
Total bridged pkts : 0 bytes: 0

Total unknown unicast pkts : 44784 bytes: 2866176
Total broadcasted pkts : 44784 bytes: 2866176
Total to BDI pkts : 0 bytes: 0
Total injected pkts : 0 bytes: 0
Total mac security drop pkts : 0 bytes: 0
Total source filter drop pkts : 0 bytes: 0
Total bfib policy drop pkts : 0 bytes: 0
Total replication start drop pkts : 0 bytes: 0
Total recycle tail drop pkts : 0 bytes: 0

Total static MAC move drop pkts : 0 bytes: 0
Total BD disabled drop pkts : 0 bytes: 0
Total STP state drop pkts : 0 bytes: 0
<show platform qfp bd> datapath [bd_id] flood-list
4RU#show platform hardware qfp active feature bridge-domain datapath 100 flood-list
Flood List for Bridge Domain 100:
GigabitEthernet0/1/2.EFP1
EFI1.4325405 EVPN [Remote:2.2.2.2]
EFI1.4325405 EVPN [Remote:3.3.3.3]
<show platform qfp bd> datapath [bd_id] mac-table [mac]

4RU#show platform hardware qfp active feature bridge-domain datapath 100 mac-table 0002.0002.0002
0 0002.0002.0002 forward static_r 0 EFI1.4325405, EVPN
EVPN encap oce info:
Remote:2.2.2.2, flags: 0x0
stats: all=0, drop=0
<show platform qfp bd> [data|client] [bd_id] interface [name]

4RU#show pla hard qfp ac fea bridge-domain client 100 interface GigabitEthernet0/1/2.EFP1
QFP L2BD client interface information
Name: GigabitEthernet0/1/2.EFP1, IF handle: 21, Enabled: Yes

BD id: 100
Input uIDB: 245748, Output uIDB: 245739
Split-horizon cfged: No, shg id: none
STP state: Blocked
Mac learn enabled: Yes
Mac security enabled: No
Max mac addr: 65536
Max mac addr limit:
BDI interface: No
efp circuit id: 0
To check the BD packet statistics :
4RU# show pla hard qfp ac feature bridge-domain datapath 1
BD id :1
State enabled : Yes
Aging timeout (sec) : 300

Aging active entry : Yes
Max mac limit : 65536
Unkwn mac limit flood : Yes
mac_learn_enabled : Yes
mac_learn_controled : No
use_olist_for_unknown_unicast : No
otv_aed_enabled : No
otv_enabled : No
mcast_snooping_enabled : No
feature: None
Mac learned :1
BDI outer vtag : 00000000
BDI inner vtag : 00000000
Replication tree info:

Global replication : depth encode 0X3000001, (head 0X8C4F5818)
Bridge Domain statistics
Total bridged pkts : 0 bytes: 0

Total unknown unicast pkts : 0 bytes: 0
Total broadcasted pkts : 33299 bytes: 1999912
Total to BDI pkts : 0 bytes: 0
Total injected pkts : 0 bytes: 0
Total mac security drop pkts : 0 bytes: 0
Total source filter drop pkts : 0 bytes: 0
Total bfib policy drop pkts : 0 bytes: 0
Total replication start drop pkts : 0 bytes: 0
Total recycle tail drop pkts : 0 bytes: 0
Total static MAC move drop pkts : 0 bytes: 0
Total BD disabled drop pkts : 0 bytes: 0
Total STP state drop pkts : 289 bytes: 21948
7 Troubleshooting
Apart from the detailed show outputs discussed in the previous section below is the list of debug
commands that can be useful while troubleshooting issues.
debug bridge-domain <number> mac table events
debug bridge-domain <number> mac table errors

debug bridge-domain <number> route message
debug bridge-domain <number> route events
debug bridge-domain <number> route errors
debug l2vpn evpn error

debug l2vpn evpn event
debug l2vpn evpn event detail
debug l2fib evpn l2rib

debug l2fib all
debug l2rib error

debug l2rib event
debug ip bgp all

debug ip bgp all events
debug ip bgp l2vpn evpn updates
debug ip bgp l2vpn evpn evi context detail
debug ip bgp l2vpn evpn evi event detail
7.1 Best practices and some corner cases:

1. Configuration/Unconfig has to be done in order :
Configuration order:
• Configure global EVPN parameters

• Configure Access interfaces. Evpn ethernet-segment and system-man can only be
configured in port-channel interfaces on the ASR1k.
• Configure Bridge-domain and it’s member interfaces
• Configure BGP
Unconfiguration Order:
• Unconfigure member interfaces and evpn instance from Bridge-domain

• Unconfigure channel-group from port-channel member interfaces
• Unconfigure Ethernet-segment/System Mac from port-channel access-interface.
• Unconfigure access interface
• Unconfigure AF under BGP

• Unconfigure EVPN parameters
2. It might take up to 60 seconds for an EVI to be cleaned up after deletion. During this time EVI will
be in delete pending state. This is due to BGP update timer which runs at 60 seconds interval.
EVI waits on for BGP routes to be cleared during that time.
3. To make sure you use the correct IP address for EVPN router-ID, configure a loopback interface
prior to configuring EVPN. If there is no loopback configured then EVPN would take the next
lowest physical IP address.
4. If the underlay is Segment-Routing. Make sure the EVPN Router-ID being used has a prefix-SID
advertised so that it can be reached by remote PEs using the SR label path.
5. ESI type 3 is the only type supported on IOS-XE in 16.9.1 release.

ESI is 10 Byte number constructed as: [Type (1B)][System-ID(6B)][Mandatory 0(1B)][Segment-
ID(2B)]
8 Appendix
Performance and scale numbers : https://wiki.cisco.com/display/EVPN/EVPN+Multi-homing
RFC 7432: https://tools.ietf.org/html/rfc7432
SFS: EDCS 1559672

Evpn Multi Homing

Uploaded by

Copyright:

Available Formats

Evpn Multi Homing

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Evpn Multi Homing

Uploaded by

Copyright:

Available Formats

Date printed: 4/16/2018 IOS-XE EVPN MPLS Configuration guide, EDCS-11781407

IOS-XE 16.9.1 EVPN multi-homing white paper

Author Technology Area

1.2 Non-Deliverables .................................................................................................................................... 3

1.3.1 Outstanding defects/enhancements

Defect/Severity Brief description Use case impact Workaround, if any?

1.4 Feature Supported

Below is list of features supported in release 16.9.1.

 Service Interfaces: vlan based

 Control plane MAC learning on core side

1.4.1 Targeted scale numbers for 16.9.1

Feature Scale supported Platform supported

2 BGP MPLS based Ethernet VPN (EVPN) overview

4 Service Interface Types

4.1 VLAN based service interface:

4.2 VLAN bundle service interface:

4.3 VLAN aware service interface:

5.1 Route Type-1: Ethernet Auto-Discovery Route:

EAD per ES route:

EAD per EVI route:

5.2 Route Type-2: MAC/IP advertisement route

5.3 Route Type-3: Inclusive Multicast Ethernet Tag Route (IMET)

5.4 Route Type-4: Ethernet Segment route

6 EVPN multi-homing topology, configuration and verification

PE/P Routers: CSR1000V

6.1 Configuration examples:

6.1.2 How to configure access interface on PE for EVPN Multi-homing all-active:

6.1.3 How to configure Bridge-domain on IOS-XE Router:

member Port-channel1 service-instance 10  Links SI 10 on Port-channel1 with Bridge-domain 10

6.1.4 PE BGP configuration:

6.1.5 RR/Core Router BGP configuration:

neighbor 192.168.1.6 send-community both

6.1.6 BGP Use case: eBGP support

On RR under router bgp 100, change PE5 to be an ebgp peer

neighbor 192.168.1.6 remote-as 200

address-family l2vpn evpn

On PE5 , do the same changes , PE5 is in AS 200

Configure manual RT on PE5 and import it on all the PE’s

6.1.7 Core Isolation

State before core isolation detection

PE1#sh run int port-channel 10

Current configuration : 639 bytes

PE1#sh run int gig 0/1/2

Current configuration : 134 bytes

PE1#sh run int port-channel 20

Current configuration : 399 bytes

PE1#sh run int gig 0/1/4

Current configuration : 89 bytes

PE1#sh etherchannel summary

M - not in use, minimum links not met

Number of channel-groups in use: 3

Group Port-channel Protocol Ports

IP Duplication: seconds 180 limit 5

M - not in use, minimum links not met

A - formed by Auto LAG

Number of channel-groups in use: 4

Group Port-channel Protocol Ports

Core isolation detection and action :

In this instance, gig 0/0/1 on RR has gone to DOWN state