[j-nsp] EVPN/VXLAN experience (was: EX4600 or QFX5110)
Sebastian Wiesinger
sebastian at karotte.org
Mon Mar 25 05:58:40 EDT 2019
* Rob Foehl <rwf at loonybin.net> [2019-03-22 18:40]:
> Huh, that's potentially bad... Can you elaborate on the config a bit more?
> Are you hitting a limit around ~16k bridge domains total?
Well we're just putting VLANs on LACP trunks like this:
ae0 {
mtu 9216;
esi {
00:00:00:00:00:00:00:01:01:01;
all-active;
}
aggregated-ether-options {
lacp {
active;
system-id 00:00:00:01:01:01;
hold-time up 2;
}
}
unit 0 {
family ethernet-switching {
interface-mode trunk;
vlan {
members STORAGE1;
}
}
}
}
VLANs are configured "as ususal":
vlans {
STORAGE1 {
vlan-id 402;
vxlan {
vni 402;
}
}
}
If you have 30 AEs you will start hitting this when you put around 500
vlans on the vlan members list of all AEs.
What I find irritating are the warnings around the evpn configuration:
evpn {
## Warning: Encapsulation can only be configured for an EVPN instance
## Warning
encapsulation vxlan;
## Warning: multicast-mode can only be configured in a virtual switch instance
## Warning: Multicast mode can only be configured if route-distinguisher is configured
multicast-mode ingress-replication;
## Warning: Extended VNI list can only be configured in a virtual switch instance
extended-vni-list all;
}
This config works without problems and was the configuration we got
from Juniper in the beginning as well. Did not find an explanation for
the warnings when we initally provisioned this.
Regards
Sebastian
--
GPG Key: 0x58A2D94A93A0B9CE (F4F6 B1A3 866B 26E9 450A 9D82 58A2 D94A 93A0 B9CE)
'Are you Death?' ... IT'S THE SCYTHE, ISN'T IT? PEOPLE ALWAYS NOTICE THE SCYTHE.
-- Terry Pratchett, The Fifth Elephant
More information about the juniper-nsp
mailing list