Ethernet VPN (EVPN) is revolutionizing how organizations manage their networking needs, particularly in complex environments where efficient data transport and flexible architectures are paramount. Among its various service offerings, EVPN E-TREE (Ethernet Tree) stands out as a specialized solution designed for applications requiring optimized multicast and point-to-multipoint communication. This technology provides a robust framework for delivering Layer 2 (L2) services across a variety of deployment scenarios, such as data centers, enterprise networks, and service provider infrastructures.
EVPN E-TREE is an Ethernet service designed to provide point-to-multipoint connectivity while maintaining strict traffic separation and control. Unlike traditional Ethernet services that allow all-to-all communication, EVPN E-TREE enables selective communication among endpoints, making it ideal for applications that require a tree-like architecture.
ISIS-SR with TI-LFA and MP-BGP (EVPN) Underlay
Sample ISIS-SR Configuration from PE1 device:
This includes the configuration for loopback and physical interfaces, along with the router’s ISIS-SR.
Sample MP-BGP RR Configuration from P2 device:
This includes the MP-BGP configuration on RR device.
Sample MP-BGP NON-RR Configuration from PE4 device:
This includes the MP-BGP configuration on Non-RR device.
Validation ISIS-SR:
This displays topology details including metrics and next-hop.
This ensure the MPLS Forwarding-table (FTN) entries installed for the loopback addresses of all routers in the network. Below command provides details such as the outbound label (out-label), outbound interface (out-interface), next-hop, and more. It is essential to perform this check on the source router.
This ensures the MPLS ILM-table (Incoming Label Mapping Table) entries installed for the loopback addresses of all routers in the network and the local links next-hop IP address. This command provides details such as the inbound label (in-label) outbound label (out-label), outbound interface (out-interface), next-hop, and more. It is essential to perform this check on the transit router.
This is to check network connectivity using MPLS ping commands.
Validation MP-BGP (EVPN):
This verifies BGP neighborship for L2VPN EVPN address family on RR and Non-RR device.
EVPN ETREE SH Overlay
Sample Configuration from PE4 (Spoke SH) device & P3 (Hub) device:
We start by enabling EVPN MPLS and assigning a VTEP global IP address, which typically matches the loopback IP address. Next, we set up the EVPN identifier and use the etree-leaf keyword on all spoke/leaf nodes. We then map the VRF to the EVPN identifier and associate the VPN ID with the access interface that connects to the CE device. Finally, we enable the BGP EVPN address family to the neighbor PE device to establish communication. We have included outputs from PE4 (spoke) and P3 (hub) for a parallel view.
Validation:
The command “show evpn mpls” checks the status of the connection, providing details such as whether the destination is single-homed or multi-homed with an ESI configured, the remote PE IP address, and DF status.
The command “show evpn mpls tunnel” verifies the tunnel status between the PEs, including the EVPN ID, the tunnel’s uptime and local/remote leaf details.
The command “show evpn mpls tunnel label” also provides the tunnel status, destination PE IP address, and EVPN ID. Additionally, it shows the local and remote service labels, the outgoing network interface, and the transport label used on the network interface.
The command “show bgp l2vpn evpn summary” checks the BGP L2VPN EVPN neighbor relationship with the remote PE, including the total number of prefixes received and details of the corresponding EVPN route types. If the BGP peering is established through a Route Reflector (RR), the prefixes will be learned via the RR.
The command “show bgp l2vpn evpn” displays the routes sent and received between the PEs.
The command “show bgp l2vpn evpn mac-ip” displays the EVPN routes type 2 sent and received between the PEs.
The command “show bgp l2vpn evpn mcast” displays the EVPN routes type 3 sent and received between the PEs.
Finally, the “ping” command is used to verify end-to-end IP reachability between the CE devices.
EVPN ETREE MH Overlay
Sample Configuration from PE5 (Spoke MH) device & P3 (Hub) device:
In addition to the configuration used for EVPN ETREE SH, we need to enable multihoming for EVPN MPLS and respective hardware-profile filter on all the PEs that are multi-homed to the CE and assign a common ESI to the port channel interface connecting to the CE device.
Validation:
All validation commands are the same as those used for EVPN ETREE single-homed, with a few additional commands to verify the multihoming configuration. On PE5, we can observe the ESI value, indicating it is multi-homed. We have included outputs from PE5 (Spoke MH) and P3 (Hub) for a parallel view.
Conclusion
EVPN E-TREE provides a secure and efficient Ethernet networking solution through its point-to-multipoint connectivity and strict traffic separation. This technology enhances security and traffic management, making it ideal for applications that require controlled communication. As the demand for effective networking solutions grows, adopting EVPN E-TREE enables organizations to build resilient infrastructures that can meet future challenges and opportunities.
Next Topic: EVPN-L3VPN over ISIS-SR and TI-LFA.
Contact us today to learn how OcNOS can offer EVPN solutions for your network.
Suraj Kumar Singh is Senior Solution Lead at IP Infusion.