[c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working

Gert Doering gert at greenie.muc.de
Thu Apr 30 14:25:26 EDT 2020 

Hi,

On Thu, Apr 30, 2020 at 01:14:12PM +0100, adamv0025 at netconsultings.com wrote:
> > On Sun, Mar 29, 2020 at 11:52:03AM +0200, Gert Doering wrote:
> > > I'm trying to make EVPN via VXLAN encapsulation work between two
> > > ASR9001 (with the goal of eventually making it work between ASR9001
> > > and Arista boxes, but right now I'm failing ASR9001 <-> ASR9001
> > > already).
>
> Would it be feasible to go the EVPN over MPLS route? Arista might support
> some basic MPLS forwarding (most Data-Centre switches do).

Hah!

As in: the Trident 2+/Trident 3 boxes *could* do MPLS P, but Arista says
that their MPLS capabilities are too limited so they do not provide any
MPLS support for these boxes.  Not sure if it actually could do enough
actual encap/decap for the MPLS PE bits required for EVPN/MPLS - but if
it can't even do P, no good asking.

The Jericho boxes can do "all of this", but given the price difference,
we run the "customer edge" on Trident boxes - no need for full tables
there, rarely a need for extra large buffers or detailed QoS ("these
links are never full").

OTOH, Trident 2+ does 802.1q<->VXLAN perfectly well, and T3 even does
"routed into VXLAN" without performance impact, so this is where the
journey is headed to.  Whether we like it or not.


Now, as a side note: of course ASR9k does VXLAN with multicast underlay
and "MAC learning from the data plane" just fine, but *this* is not
supported on the Arista side.  Of course.

Arista could statically configured VXLAN VTEP neighbours, but *that* is
not supported on the ASR9k side.  Of course.

So, EVPN/VXLAN was the promise "hey, we have an IETF standard here, and
both vendors claim to support it".  And of course some other BUs inside
Cisco actually support this.  Yeah.  (#include <rants/standard/cisco-bu>)


> Never understood this VXLAN nonsense in DC universe (not the comics), in SP
> space this was a solved problem and is a well-trodden path since ever -PWs,
> VPLS now EVPN (even with traffic engineering possibilities -you know the
> mice around elephant flows...)
> MPLS to DCs is my answer.

Unfortunately, vendors still think MPLS is something for people with
deep pockets... (like, Juniper charging tons of extra money for the
MPLS license for their QFX5k gear...)

I'm totally fine with MPLS...  we've run that for like 10+ years with
lots of cludges around our 6500/sup720s... (like, looped ports from
the box to itself to be able to EoMPLS-away a single VLAN which is
also routed on the box itself)

In the end, I do not really care.  The box config and the linkage 
between "boxes in the same distributed VLAN" is coming from the 
provisioning magic box, I just need to figure out which of the parts
actually work.

gert
-- 
"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
                             Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany                             gert at greenie.muc.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20200430/527c8191/attachment.sig>

More information about the cisco-nsp mailing list