[j-nsp] EVPN/VXLAN experience (was: EX4600 or QFX5110)

Mon Mar 25 08:31:06 EDT 2019

I dont see these warnings in 17.3R3
It looks like you should configure it under routing-instance type
virtual-switch

https://www.juniper.net/documentation/en_US/junos/topics/concept/evpn-virtual-switch-overview.html

Nitzan

On Mon, Mar 25, 2019 at 12:01 PM Sebastian Wiesinger <sebastian at karotte.org>
wrote:

> * Rob Foehl <rwf at loonybin.net> [2019-03-22 18:40]:
> > Huh, that's potentially bad...  Can you elaborate on the config a bit
> more?
> > Are you hitting a limit around ~16k bridge domains total?
>
> Well we're just putting VLANs on LACP trunks like this:
>
>     ae0 {
>         mtu 9216;
>         esi {
>             00:00:00:00:00:00:00:01:01:01;
>             all-active;
>         }
>         aggregated-ether-options {
>             lacp {
>                 active;
>                 system-id 00:00:00:01:01:01;
>                 hold-time up 2;
>             }
>         }
>         unit 0 {
>             family ethernet-switching {
>                 interface-mode trunk;
>                 vlan {
>                     members STORAGE1;
>                 }
>             }
>         }
>     }
>
> VLANs are configured "as ususal":
>
> vlans {
>     STORAGE1 {
>         vlan-id 402;
>         vxlan {
>             vni 402;
>         }
>     }
> }
>
>
> If you have 30 AEs you will start hitting this when you put around 500
> vlans on the vlan members list of all AEs.
>
> What I find irritating are the warnings around the evpn configuration:
>
>     evpn {
>         ## Warning: Encapsulation can only be configured for an EVPN
> instance
>         ## Warning
>         encapsulation vxlan;
>         ## Warning: multicast-mode can only be configured in a virtual
> switch instance
>         ## Warning: Multicast mode can only be configured if
> route-distinguisher is configured
>         multicast-mode ingress-replication;
>         ## Warning: Extended VNI list can only be configured in a virtual
> switch instance
>         extended-vni-list all;
>     }
>
> This config works without problems and was the configuration we got
> from Juniper in the beginning as well. Did not find an explanation for
> the warnings when we initally provisioned this.
>
> Regards
>
> Sebastian
>
> --
> GPG Key: 0x58A2D94A93A0B9CE (F4F6 B1A3 866B 26E9 450A  9D82 58A2 D94A 93A0
> B9CE)
> 'Are you Death?' ... IT'S THE SCYTHE, ISN'T IT? PEOPLE ALWAYS NOTICE THE
> SCYTHE.
>             -- Terry Pratchett, The Fifth Elephant
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>