Configuring an EVPN Instance

Procedure

1. Run system-view

   The system view is displayed.

2. Run evpn vpn-instance vpn-instance-name

   An EVPN instance is created, and its view is displayed.

3. (Optional) Run description description-information

   A description is configured for the EVPN instance.

   Similar to a host name or an interface description, an EVPN instance description helps you memorize the EVPN instance.

4. Run route-distinguisher route-distinguisher

   An RD is set for the EVPN instance.

   An EVPN instance takes effect only after an RD is configured for it. The RDs of different EVPN instances on the same PE must be different.

   

   After being configured, an RD cannot be modified but can be deleted. If the RD of an EVPN instance is deleted, VPN targets configured for the EVPN instance are also deleted.

5. Run vpn-target vpn-target &<1-8> [ both | export-extcommunity | import-extcommunity ]

   One or multiple VPN targets are configured for the EVPN instance.

   VPN targets are BGP extended community attributes used to control the import and export of EVPN routes. A maximum of eight import VPN targets and eight export VPN targets can be configured each time the vpn-target command is run. To configure more VPN targets for an EVPN instance address family, run the vpn-target command multiple times.

   

   An RT of an Ethernet segment route is generated using the middle 6 bytes of an ESI. For example, if the ESI is 0011.1001.1001.1001.1002, the Ethernet segment route uses 11.1001.1001.10 as its RT.

6. (Optional) Run filter-policy { acl-number | acl-name acl-name } export

   The device is enabled to filter EVPN routes to be advertised.

   To precisely control EVPN routes, an export route-policy must be configured. An export route-policy filters routes before they are sent to other PEs.

7. (Optional) Run filter-policy { acl-number | acl-name acl-name } import

   The EVPN instance is configured to filter received EVPN routes.

   To precisely control EVPN routes, an import route-policy must be configured. An import route-policy filters routes that are received from other PEs.

8. (Optional) Run mac limit number [ simply-alert | mac-unchanged ]

   The maximum number of MAC addresses allowed in the EVPN instance is set.

   A device consumes more system resources as it learns more MAC addresses, meaning that the device may fail to operate when busy processing services. To limit the maximum number of MAC addresses allowed in an EVPN instance and thereby improving device security and reliability, run the mac limit command. After this configuration, if the number of MAC addresses exceeds the preset value, an alarm is triggered to prompt you to check the validity of existing MAC addresses.

   After the maximum number of MAC addresses allowed by an EVPN instance is configured, you can run the mac threshold-alarm upper-limit upper-limit-value lower-limit lower-limit-value command to configure an alarm threshold for MAC addresses allowed by the EVPN instance. The alarm generation and clearance help a device detect threshold-crossing events of MAC addresses.

9. (Optional) Run tnl-policy policy-name

   A tunnel policy is applied to the EVPN instance.

   This configuration enables PEs to use TE tunnels to transmit data packets.

10. (Optional) Run isolate spoken

    The forwarding isolation function is enabled for the EVPN instance.

    When users with the same service are bound to the same EVPN instance, you can configure the forwarding isolation function for the EVPN instance to prevent mutual access between users.

11. (Optional) Run reserve-interface fast-switch enable

    The reserve-interface fast switching function is enabled.

    When the master interface board fails, you can perform this step to enable the fast switchover of reserved interfaces so that broadcast traffic can be quickly switched to the backup interface board.

12. Run commit

    The configuration is committed.