Configuring EVPN Functions

EVPN VPWS is established based on the EVPN service architecture. Before configuring EVPN VPWS over MPLS, you need to configure EVPN functions.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run evpn vpn-instance vpn-instance-name vpws

    An EVPN VPWS instance is created, and the instance view is displayed.

  3. (Optional) Run description description-information

    A description is configured for the EVPN instance.

    Similar to a host name or an interface description, an EVPN instance description helps you memorize the EVPN instance.

  4. Run route-distinguisher route-distinguisher

    An RD is set for the EVPN instance.

    An EVPN instance takes effect only after an RD is configured for it. The RDs of different EVPN instances on the same PE must be different.

    After being configured, an RD cannot be modified but can be deleted. If the RD of an EVPN instance is deleted, VPN targets configured for the EVPN instance are also deleted.

  5. Run vpn-target vpn-target &<1-8> [ both | export-extcommunity | import-extcommunity ]

    One or multiple VPN targets are set for the EVPN instance.

    VPN targets are BGP extended community attributes used to control the acceptance and advertisement of EVPN routes. A maximum of eight import VPN targets and eight export VPN targets can be configured using the vpn-target command. To configure more VPN targets for an EVPN instance address family, run the vpn-target command multiple times.

  6. (Optional) Run filter-policy { acl-number | acl-name acl-name } export

    The EVPN instance is configured to filter MAC routes to be advertised.

    To precisely control EVPN routes, an export route-policy can be configured. An export route-policy filters routes before they are sent to other PEs.

  7. (Optional) Run filter-policy { acl-number | acl-name acl-name } import

    The EVPN instance is configured to filter MAC routes to be accepted.

    To precisely control EVPN routes, an import route-policy can be configured. An import route-policy filters routes that are received from other PEs.

  8. (Optional) Run tnl-policy policy-name

    A tunnel policy is applied to the EVPN instance.

    This configuration enables PEs to use TE tunnels to transmit data packets.

  9. Run quit

    Return to the system view.

  10. Run evpn source-address ip-address

    An EVPN source address is configured.

  11. (Optional) Configure an ESI. In EVPN VPWS dual-homing networking, an ESI must be configured on the PE interface connecting to a CE.
    1. Run the interface interface-type interface-number command to enter the interface view.
    2. Run the esi esi command to set an ESI.
    3. Run the quit command to return to the system view.
  12. Run bgp { as-number-plain | as-number-dot }

    The BGP view is displayed.

  13. Run peer ipv4-address as-number as-number

    A remote PE is specified as a BGP peer for the PE.

  14. Run peer ipv4-address connect-interface loopback interface-number

    The interface on which a TCP connection to the specified BGP peer is established is specified.

    A PE must use a loopback interface address with a 32-bit mask to establish an MP-IBGP peer relationship with the peer PE so that VPN routes can recurse to tunnels. The route to the local loopback interface is advertised to the peer PE using an IGP on the MPLS backbone network.

  15. (Optional) Run group group-name [ internal | external ]

    A peer group is created.

  16. Run l2vpn-family evpn

    The BGP-EVPN address family view is displayed.

  17. Run peer { ipv4-address | group-name } enable

    The device is enabled to exchange EVPN routes with a specified peer or peer group.

  18. (Optional) Run peer ipv4-address group group-name

    A BGP EVPN peer is added to the peer group.

    Adding BGP EVPN peers to peer groups simplifies BGP network configuration and management.

  19. (Optional) Run peer { ipv4-address | group-name } reflect-client

    An RR and its client are configured.

    If all PEs are in the same AS, you can configure an RR to reduce IBGP connections. The BGP device with the peer reflect-client command functions as an RR and treats the specified peer or peer group as a client.

  20. (Optional) Run timer df-delay seconds

    A DF election delay is configured.

    If a network is unstable, PE interfaces connecting to CEs will frequently alternate between up and down, resulting in repeated DF election and network performance deterioration. To prevent repeated DF election, run the timer df-delay command to set a longer DF election delay to improve network stability.

    In an EVPN dual-homing scenario where interface-based DF election is enabled, you need to run this command to set the delay for DF election to 0s, preventing the long-time existence of dual backup devices during a switchback from causing a traffic interruption.

  21. (Optional) Run peer { group-name | ipv4-address } mac-limit number [ percentage ] [ alert-only | idle-forever | idle-timeout times ]

    The maximum number of MAC routes allowed to be accepted from the specified peer or peer group is set.

    If an EVPN instance imports many inapplicable MAC routes from a peer or peer group and they account for a large proportion of the total number of MAC routes, you are advised to run this command to limit the maximum number of MAC routes that can be imported. If the imported MAC routes exceed the specified maximum number, the device displays an alarm, prompting you to check the validity of the MAC routes imported to the EVPN instance.

  22. (Optional) Perform the following operations to enable the device to advertise the routes carrying the large-community attribute to BGP EVPN peers.

    The large-community attribute can represent a whole 2-byte or 4-byte AS number, and contain two 4-byte LocalData IDs, facilitating the flexible application of route-policies. Before enabling the function to advertise the routes carrying the large-community attribute to BGP EVPN peers, configure the route-policy related to the large-community attribute and use the route-policy to set the large-community attribute.

    1. Run the peer { ipv4-address | group-name } route-policy route-policy-name export command to apply an export route-policy to filter routes to be advertised to a specified BGP EVPN peer or peer group.
    2. Run the peer { ipv4-address | group-name } advertise-large-community command to enable the device to advertise the routes carrying the large-community attribute to the specified BGP EVPN peer or peer group.

      If the routes carrying the large-community attribute do not need to be advertised to a specified BGP EVPN peer in a peer group, run the peer ipv4-address advertise-large-community disable command.

  23. (Optional) Run peer peerIpv4Addr path-attribute-treat attribute-id { id [ to id2 ] } &<1-255> { discard | withdraw | treat-as-unknown }

    A special mode is specified to process specified path attributes in received BGP EVPN Update messages.

    A BGP EVPN Update message contains various path attributes. If a local device receives Update messages containing malformed path attributes, the involved BGP EVPN sessions may flap. To enhance reliability, you can configure a special mode for processing specified path attributes in received BGP EVPN Update messages. The special mode can be:

    • Discards the specified path attributes.

    • Withdraws the routes with the specified path attributes.

    • Processes the specified attributes as unknown ones.

  24. Run commit

    The configuration is committed.

Parent Topic: Configuring EVPN VPWS over MPLS Functions
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >