EVPN VXLAN Fundamentals

Introduction

Ethernet virtual private network (EVPN) is a VPN technology used for Layer 2 internetworking. EVPN is similar to BGP/MPLS IP VPN. EVPN defines a new type of BGP network layer reachability information (NLRI), called the EVPN NLRI. The EVPN NLRI defines new BGP EVPN routes to implement MAC address learning and advertisement between Layer 2 networks at different sites.

VXLAN does not provide a control plane, and VTEP discovery and host information (IP and MAC addresses, VNIs, and gateway VTEP IP address) learning are implemented by traffic flooding on the data plane, resulting in high traffic volumes on DC networks. To address this problem, VXLAN uses EVPN as the control plane. EVPN allows VTEPs to exchange BGP EVPN routes to implement automatic VTEP discovery and host information advertisement, preventing unnecessary traffic flooding.

In summary, EVPN introduces several new types of BGP EVPN routes through BGP extension to advertise VTEP addresses and host information. In this way, EVPN applied to VXLAN networks enables VTEP discovery and host information learning on the control plane instead of on the data plane.

BGP EVPN Routes

EVPN NLRI defines the following BGP EVPN route types applicable to the VXLAN control plane:

Type 2 Route: MAC/IP Route

Figure 1 shows the format of a MAC/IP route.

Figure 1 Format of a MAC/IP route

Table 1 describes the meaning of each field.

**Table 1** Fields of a MAC/IP route
Field	Description
Route Distinguisher	RD value set in an EVI
Ethernet Segment Identifier	Unique ID for defining the connection between local and remote devices
Ethernet Tag ID	VLAN ID configured on the device
MAC Address Length	Length of the host MAC address carried in the route
MAC Address	Host MAC address carried in the route
IP Address Length	Length of the host IP address carried in the route
IP Address	Host IP address carried in the route
MPLS Label1	L2VNI carried in the route
MPLS Label2	L3VNI carried in the route

MAC/IP routes function as follows on the VXLAN control plane:

MAC address advertisement

To implement Layer 2 communication between intra-subnet hosts, the source and remote VTEPs must learn the MAC addresses of the hosts. The VTEPs function as BGP EVPN peers to exchange MAC/IP routes so that they can obtain the host MAC addresses. The MAC Address field identifies the MAC address of a host.
ARP advertisement

A MAC/IP route can carry both the MAC and IP addresses of a host, and therefore can be used to advertise ARP entries between VTEPs. The MAC Address field identifies the MAC address of the host, whereas the IP Address field identifies the IP address of the host. This type of MAC/IP route is called the ARP route.
IP route advertisement

In distributed VXLAN gateway scenarios, to implement Layer 3 communication between inter-subnet hosts, the source and remote VTEPs that function as Layer 3 gateways must learn the host IP routes. The VTEPs function as BGP EVPN peers to exchange MAC/IP routes so that they can obtain the host IP routes. The IP Address field identifies the destination address of the IP route. In addition, the MPLS Label2 field must carry the L3VNI. This type of MAC/IP route is called the integrated routing and bridging (IRB) route.

An ARP route carries host MAC and IP addresses and an L2VNI. An IRB route carries host MAC and IP addresses, an L2VNI, and an L3VNI. Therefore, IRB routes carry ARP routes and can be used to advertise IP routes as well as ARP entries.
Host IPv6 route advertisement

In a distributed gateway scenario, to implement Layer 3 communication between hosts on different subnets, the VTEPs (functioning as Layer 3 gateways) must learn host IPv6 routes from each other. To achieve this, VTEPs functioning as BGP EVPN peers exchange MAC/IP routes to advertise host IPv6 routes to each other. The IP Address field carried in the MAC/IP routes indicates the destination addresses of host IPv6 routes, and the MPLS Label2 field must carry an L3VNI. MAC/IP routes in this case are also called IRBv6 routes.

An ND route carries host MAC and IPv6 addresses and an L2VNI. An IRBv6 route carries host MAC and IPv6 addresses, an L2VNI, and an L3VNI. Therefore, IRBv6 routes carry ND routes and can be used to advertise both host IPv6 routes and ND entries.

Type 3 Route: Inclusive Multicast Route

An inclusive multicast route comprises a prefix and a PMSI attribute. Figure 2 shows the format of an inclusive multicast route.

Figure 2 Format of an inclusive multicast route

Table 2 describes the meaning of each field.

**Table 2** Fields of an inclusive multicast route
Field	Description
Route Distinguisher	RD value set in an EVI.
Ethernet Tag ID	VLAN ID, which is all 0s in this type of route.
IP Address Length	Length of the local VTEP's IP address carried in the route.
Originating Router's IP Address	Local VTEP's IP address carried in the route.
Flags	Flags indicating whether leaf node information is required for the tunnel. This field is inapplicable in VXLAN scenarios.
Tunnel Type	Tunnel type carried in the route. The value can only be 6, representing Ingress Replication in VXLAN scenarios. It is used for BUM packet forwarding.
MPLS Label	L2VNI carried in the route.
Tunnel Identifier	Tunnel identifier carried in the route. This field is the local VTEP's IP address in VXLAN scenarios.

Inclusive multicast routes are used on the VXLAN control plane for automatic VTEP discovery and dynamic VXLAN tunnel establishment. VTEPs that function as BGP EVPN peers transmit L2VNIs and VTEPs' IP addresses through inclusive multicast routes. The originating router's IP Address field identifies the local VTEP's IP address; the MPLS Label field identifies an L2VNI. If the remote VTEP's IP address is reachable at Layer 3, a VXLAN tunnel to the remote VTEP is established. In addition, the local end creates a VNI-based ingress replication list and adds the peer VTEP IP address to the list for subsequent BUM packet forwarding.

Type 5 Route: IP Prefix Route

Figure 3 shows the format of an IP prefix route.

Figure 3 Format of an IP prefix route

Table 3 describes the meaning of each field.

**Table 3** Fields of an IP prefix route
Field	Description
Route Distinguisher	RD value set in a VPN instance
Ethernet Segment Identifier	Unique ID for defining the connection between local and remote devices
Ethernet Tag ID	Currently, this field can only be set to 0
IP Prefix Length	Length of the IP prefix carried in the route
IP Prefix	IP prefix carried in the route
GW IP Address	Default gateway address
MPLS Label	L3VNI carried in the route

An IP prefix route can carry either a host IP address or a network segment address.

When carrying a host IP address, the route is used for IP route advertisement in distributed VXLAN gateway scenarios, which functions the same as an IRB route on the VXLAN control plane.
When carrying a network segment address, the route can be advertised to allow hosts on a VXLAN network to access the specified network segment or external network.