Skip to main content
Versa Networks

Configure an EVPN IRB Distributed Gateway

  1. Last updated
  2. Save as PDF

Versa-logo-release-icon.pngFor supported software information, click here.

Ethernet VPN (EVPN) enables connectivity among tenants and end devices that are on the same subnet, called intrasubnet forwarding, over an MPLS IP network. However, some situations require connectivity among tenants and end devices that are on different subnets, called intersubnet forwarding, while still maintaining the multihoming capabilities of EVPN. For these cases, you can use EVPN integrated routing and bridging (IRB).

EVPN IRB supports the following:

  • Symmetric IRB—The lookup operation is symmetric on both the ingress and egress provider edge (PE) devices. That is, both ingress and egress PE devices perform lookups on both MAC and IP addresses. The ingress PE device performs a MAC address lookup followed by an IP address lookup, and the egress PE device performs an IP address lookup followed by a MAC address lookup.
  • EVPN route type 5 for IP prefixes.
  • SD-WAN MPLS encapsulation for Layer 3 traffic.

For more information about EVPN IRB, see the IETF draft Integrated Routing and Bridging in EVPN.

To configure an EVPN IRB distributed gateway, you do the following:

  1. Create a virtual switch routing instance.
  2. Create a VRF routing instance.
  3. Associate the VRF to the EVPN core routing instance.

Create a Virtual Switch Routing Instance

The first step in configuring an EVPN IRB distributed gateway to is create a routing instance of type Virtual Switch that has the entire bridge-domain configuration. You can map a bridge domain to an IRB logical interface.

To create a virtual switch routing instance:

  1. In Director view:
    1. Select the Administration tab in the top menu bar.
    2. Select Appliances in the left menu bar.
    3. Select an appliance in the main pane. The view changes to Appliance view.
  2. Select the Configuration tab in the top menu bar.
  3. Select Networking > Virtual Switches in the left menu bar.
  4. Click the Add icon. In the Configure Virtual Switch popup window, select the Virtual Switch Details tab. In the Instance Type field, select Virtual Switch. Enter information for the remaining fields, as described in Configure a Virtual Switch with Bridge Domains and Bridge Interfaces.

    configure-virtual-switch-v2-border.png
  5. Click the Add icon in the Bridge Domains table. In the Add Bridge Domains popup window, select the IRB interface for the bridge domain. Enter information for the remaining fields, as described in Configure a Virtual Switch with Bridge Domains and Bridge Interfaces.

    map-BD-to-IRB-interface-border.png

Create a VRF Routing Instance

Secondly, you create a separate routing instance of type VRF, and then you associate the IRB interface for a bridge domain, which you defined in the virtual switch, with the VRF routing instance.

To create a VRF routing instance:

  1. In Director view:
    1. Select Administration tab in the top menu.
    2. Select Appliances in the left menu bar.
    3. Select an appliance in the main pane. The view changes to Appliance view.
  2. Select the Configuration tab in the top menu bar.
  3. Select Networking > Virtual Routers in the left menu bar.

    virtual-routers-dashboard-border.png
  4. Click the Add icon. In the Configure Virtual Router popup window, select the Virtual Router Details tab, and then in the Instance Name field, enter a name for the virtual router.

    configure-virtual-router-virtual-router-details.png
  5. Select the Redistribution Policies tab, select the General tab, and then click the Add icon.

    configure-virtual-router-redistribution-policies-tab-border.png
  6. In the Apply Distribution Policy popup window, enter a name for the policy, and then click the Add icon.

    add-redistribution-policy-border.png
  7. In the Add Redistribution Policy Add Term popup window, in the Term Name field, enter a name for the term.
  8. Select the Match tab, and then in the Protocol field select Direct.

    add-redistribution-policy-add-term-match-border.png
  9. Select the Action tab, and then in the Accept/Reject field, select Accept.

    add-redistribution-policy-add-term-action-border.png
  10. Click OK.
  11. Select the Redistribution Policies tab in the Configure Virtual Router popup window, select the Redistribute To tab, and then click the Add icon.

    redistribution-policies-redistribute-to-tab-border.png
  12. In the Add Redistribute To popup window, enter information for the following fields.

    add-redistribute-to.png
     
    Field Description
    From RIB Select inet-unicast-rib.
    Destination Select bgp.
    Policy Name Select the redistribution policy. The redistribution policy sends direct routes in the VRF to the remote PE devices as type 5 routes. IP bindings for a MAC address that are learned through ARP messages are advertised using the type 2 MAC/IP routes to remote PE devices.
  13. Click OK.

Associate the VRF with the EVPN Core Routing Instance

The last step is to associate the VRF with the EVPN core routing instance. Doing this allows the routes of VRF to be sent using BGP in the corresponding EVPN core instance. The EVPN core instance can be either EVPN MPLS or EVPN VXLAN.

To associate the VRF with an EVPN core routing instance:

  1. Configure an EVPN MPLS EVPN core routing instance:
    1. Navigate to the Configure Virtual Router popup window as described in Steps 1 through 4 in the previous section.
    2. In the Configure Virtual Router popup window, select the Virtual Router Details tab, and then enter information for the following fields

      EVPN-MPLS-core-instance-type-border.png
       
      Field Description
      VRF Core Instance Type Select EVPN MPLS.
      EVPN control routing instance Enter a name for the EVPN control routing instance.
      Interfaces/Networks Click the add-icon-black-on-white.png Add icon, and then select an interface. Optionally, click the add-icon-black-on-white.png Add icon again to add a network.
    3. Click OK.
  2. Configure an EVPN VXLAN VRF core routing instance:
    1. Navigate to the Configure Virtual Router popup window as described in Steps 1 through 4 in the previous section.
    2. In the Configure Virtual Router screen, select the Virtual Router Details tab, and enter information for the following fields.

      EVPN-VXLAN-core-instance-type-border.png
       
      Field Description
      VRF Core Instance Type Select EVPN VXLAN.
      EVPN control routing instance Enter a name for the EVPN control routing.
      VNI Enter the VNI number of the EVPN core virtual routing instance.
      Interfaces/Networks Click the add-icon-black-on-white.png Add icon, and thenselect an interface. Optionally, click the add-icon-black-on-white.png Add icon again to add a network.
    3. Click OK.

Verify an EVPN IRB Gateway

To verify the configuration of an EVPN IRB gateway:

  1. In Director view, select Monitor in the top menu bar.
  2. Select an organization in the Organization field.
  3. Select Devices, tand hen select a device in the main pane. The view changes to Appliance view.
  4. Select Networking > BGP > Advertised Prefixes.

    verify-EVPN-IRB-gateway-border.png
     
  5. Select a routing instance in the first drop-down list, and then select Layer 2 VPN/EVPN in the second drop-down list.

    The following screen displays Layer 2 VPN/EVPN routes for type 2 routes.

    verify-EVPN-IRB-gateway-route-type-2-border.png

    The following screen displays Layer 2 VPN/EVPN routes for type 5 routes.

    verify-EVPN-IRB-gateway-route-type-5-border.png

Supported Software Information

Releases 22.1.1 and later support all content described in this article.