Juniper EVPN-VXLAN Data Center Interconnection

In this post, I will walk you through the deployment process of EVPN-VXLAN Data Center Interconnection.

Data Centers are interconnected via WAN links and BGP has been enabled as both the Overlay and Underlay routing protocols. Each device within the IP fabric is assigned a unique Autonomous System Number (ASN)

The underlay routing configuration ensures seamless reachability between all devices in the underlay the IP fabric. Overlay routing with VXLANs are reachable between VTEP across underlay IP fabric.

EVPN-VXLAN configuration is established between DC1 and DC2 data centers, and Extended VLANs are configured to span between the two data centers, enhancing the scope and flexibility of the network.

Here is the topology that I have designed and implemented:

DC1-SW1 

set interfaces ge-0/0/0 description TO-DC1-R1
set interfaces ge-0/0/0 unit 0 family inet address 192.168.253.2/30
set interfaces ge-0/0/1 description TO-DC1-SW2
set interfaces ge-0/0/1 unit 0 family inet address 192.168.253.9/30
set interfaces ge-0/0/2 description TO-DC1-SW3
set interfaces ge-0/0/2 gigether-options 802.3ad ae1
set interfaces ge-0/0/3 description TO-DC1-SW3
set interfaces ge-0/0/3 gigether-options 802.3ad ae1
set interfaces ge-0/0/4 description TO-SERVER-V10
set interfaces ge-0/0/4 gigether-options 802.3ad ae2
set interfaces ge-0/0/5 description TO-SERVER-V20
set interfaces ge-0/0/5 gigether-options 802.3ad ae3
set interfaces ae1 description TO-DC1-SW3
set interfaces ae1 esi 00:01:01:01:01:01:01:01:01:01
set interfaces ae1 esi all-active
set interfaces ae1 aggregated-ether-options lacp active
set interfaces ae1 aggregated-ether-options lacp system-id 01:01:01:01:01:01
set interfaces ae1 unit 0 family ethernet-switching interface-mode trunk
set interfaces ae1 unit 0 family ethernet-switching vlan members 20
set interfaces ae2 description TO-SERVER-V10
set interfaces ae2 esi 00:01:01:01:01:01:01:01:01:02
set interfaces ae2 esi all-active
set interfaces ae2 aggregated-ether-options lacp active
set interfaces ae2 aggregated-ether-options lacp system-id 01:01:01:01:01:02
set interfaces ae2 unit 0 family ethernet-switching interface-mode access
set interfaces ae2 unit 0 family ethernet-switching vlan members 10
set interfaces ae3 description TO-SERVER-V20
set interfaces ae3 esi 00:01:01:01:01:01:01:01:01:03
set interfaces ae3 esi all-active
set interfaces ae3 aggregated-ether-options lacp active
set interfaces ae3 aggregated-ether-options lacp system-id 01:01:01:01:01:03
set interfaces ae3 unit 0 family ethernet-switching interface-mode access
set interfaces ae3 unit 0 family ethernet-switching vlan members 20
set interfaces irb unit 10 virtual-gateway-accept-data
set interfaces irb unit 10 family inet address 10.204.10.2/24 preferred
set interfaces irb unit 10 family inet address 10.204.10.2/24 virtual-gateway-address 10.204.10.1
set interfaces irb unit 20 virtual-gateway-accept-data
set interfaces irb unit 20 family inet address 10.204.20.2/24 preferred
set interfaces irb unit 20 family inet address 10.204.20.2/24 virtual-gateway-address 10.204.20.1
set interfaces lo0 unit 0 family inet address 192.168.255.5/32
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 1 from interface lo0.0
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 1 then accept
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 2 from route-filter 10.204.0.0/16 orlonger
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 2 then accept
set policy-options policy-statement lb then load-balance per-packet
set routing-options router-id 192.168.255.5
set routing-options autonomous-system 65100
set routing-options forwarding-table export lb
set protocols bgp group OVERLAY type internal
set protocols bgp group OVERLAY local-address 192.168.255.5
set protocols bgp group OVERLAY family evpn signaling
set protocols bgp group OVERLAY neighbor 192.168.255.6
set protocols bgp group OVERLAY neighbor 192.168.255.7
set protocols bgp group OVERLAY neighbor 192.168.255.8
set protocols bgp group UNDERLAY type external
set protocols bgp group UNDERLAY export BGP-UNDERLAY-EXPORT
set protocols bgp group UNDERLAY local-as 65105
set protocols bgp group UNDERLAY neighbor 192.168.253.1 peer-as 65101
set protocols bgp group UNDERLAY neighbor 192.168.253.10 peer-as 65106
set protocols evpn encapsulation vxlan
set protocols evpn multicast-mode ingress-replication
set protocols evpn vni-options vni 5010 vrf-target target:10:10
set protocols evpn vni-options vni 5020 vrf-target target:20:20
set protocols evpn extended-vni-list 5010
set protocols evpn extended-vni-list 5020
set protocols lldp port-id-subtype interface-name
set protocols lldp port-description-type interface-alias
set protocols lldp interface all
set protocols rstp interface all
set switch-options vtep-source-interface lo0.0
set switch-options route-distinguisher 192.168.255.5:1
set switch-options vrf-target target:65100:65100
set vlans V10 vlan-id 10
set vlans V10 l3-interface irb.10
set vlans V10 vxlan vni 5010
set vlans V10 vxlan ingress-node-replication
set vlans V20 vlan-id 20
set vlans V20 l3-interface irb.20
set vlans V20 vxlan vni 5020
set vlans V20 vxlan ingress-node-replication
DC1-SW2 

set interfaces ge-0/0/0 description TO-DC1-R1
set interfaces ge-0/0/0 unit 0 family inet address 192.168.253.6/30
set interfaces ge-0/0/1 description TO-DC1-SW1
set interfaces ge-0/0/1 unit 0 family inet address 192.168.253.10/30
set interfaces ge-0/0/2 description TO-DC1-SW3
set interfaces ge-0/0/2 gigether-options 802.3ad ae1
set interfaces ge-0/0/3 description TO-DC1-SW3
set interfaces ge-0/0/3 gigether-options 802.3ad ae1
set interfaces ge-0/0/4 description TO-SERVER-V10
set interfaces ge-0/0/4 gigether-options 802.3ad ae2
set interfaces ge-0/0/5 description TO-SERVER-V20
set interfaces ge-0/0/5 gigether-options 802.3ad ae3
set interfaces ae1 description TO-DC1-SW3
set interfaces ae1 esi 00:01:01:01:01:01:01:01:01:01
set interfaces ae1 esi all-active
set interfaces ae1 aggregated-ether-options lacp active
set interfaces ae1 aggregated-ether-options lacp system-id 01:01:01:01:01:01
set interfaces ae1 unit 0 family ethernet-switching interface-mode trunk
set interfaces ae1 unit 0 family ethernet-switching vlan members 20
set interfaces ae2 description TO-SERVER-V10
set interfaces ae2 esi 00:01:01:01:01:01:01:01:01:02
set interfaces ae2 esi all-active
set interfaces ae2 aggregated-ether-options lacp active
set interfaces ae2 aggregated-ether-options lacp system-id 01:01:01:01:01:02
set interfaces ae2 unit 0 family ethernet-switching interface-mode access
set interfaces ae2 unit 0 family ethernet-switching vlan members 10
set interfaces ae3 description TO-SERVER-V20
set interfaces ae3 esi 00:01:01:01:01:01:01:01:01:03
set interfaces ae3 esi all-active
set interfaces ae3 aggregated-ether-options lacp active
set interfaces ae3 aggregated-ether-options lacp system-id 01:01:01:01:01:03
set interfaces ae3 unit 0 family ethernet-switching interface-mode access
set interfaces ae3 unit 0 family ethernet-switching vlan members 20
set interfaces irb unit 10 virtual-gateway-accept-data
set interfaces irb unit 10 family inet address 10.204.10.3/24 preferred
set interfaces irb unit 10 family inet address 10.204.10.3/24 virtual-gateway-address 10.204.10.1
set interfaces irb unit 20 virtual-gateway-accept-data
set interfaces irb unit 20 family inet address 10.204.20.3/24 preferred
set interfaces irb unit 20 family inet address 10.204.20.3/24 virtual-gateway-address 10.204.20.1
set interfaces lo0 unit 0 family inet address 192.168.255.6/32
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 1 from interface lo0.0
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 1 then accept
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 2 from route-filter 10.204.0.0/16 orlonger
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 2 then accept
set policy-options policy-statement lb then load-balance per-packet
set routing-options router-id 192.168.255.6
set routing-options autonomous-system 65100
set routing-options forwarding-table export lb
set protocols bgp group OVERLAY type internal
set protocols bgp group OVERLAY local-address 192.168.255.6
set protocols bgp group OVERLAY family evpn signaling
set protocols bgp group OVERLAY neighbor 192.168.255.5
set protocols bgp group OVERLAY neighbor 192.168.255.7
set protocols bgp group OVERLAY neighbor 192.168.255.8
set protocols bgp group UNDERLAY type external
set protocols bgp group UNDERLAY export BGP-UNDERLAY-EXPORT
set protocols bgp group UNDERLAY local-as 65105
set protocols bgp group UNDERLAY neighbor 192.168.253.5 peer-as 65101
set protocols bgp group UNDERLAY neighbor 192.168.253.9 peer-as 65105
set protocols evpn encapsulation vxlan
set protocols evpn multicast-mode ingress-replication
set protocols evpn vni-options vni 5010 vrf-target target:10:10
set protocols evpn vni-options vni 5020 vrf-target target:20:20
set protocols evpn extended-vni-list 5010
set protocols evpn extended-vni-list 5020
set protocols lldp port-id-subtype interface-name
set protocols lldp port-description-type interface-alias
set protocols lldp interface all
set protocols rstp interface all
set switch-options vtep-source-interface lo0.0
set switch-options route-distinguisher 192.168.255.6:1
set switch-options vrf-target target:65100:65100
set vlans V10 vlan-id 10
set vlans V10 l3-interface irb.10
set vlans V10 vxlan vni 5010
set vlans V10 vxlan ingress-node-replication
set vlans V20 vlan-id 20
set vlans V20 l3-interface irb.20
set vlans V20 vxlan vni 5020
set vlans V20 vxlan ingress-node-replication
DC2-SW1 

set interfaces ge-0/0/0 description TO-DC2-R1
set interfaces ge-0/0/0 unit 0 family inet address 192.168.253.14/30
set interfaces ge-0/0/1 description TO-DC2-SW2
set interfaces ge-0/0/1 unit 0 family inet address 192.168.253.21/30
set interfaces ge-0/0/2 description TO-DC2-SW3
set interfaces ge-0/0/2 gigether-options 802.3ad ae1
set interfaces ge-0/0/3 description TO-DC2-SW3
set interfaces ge-0/0/3 gigether-options 802.3ad ae1
set interfaces ge-0/0/4 description TO-SERVER-V10
set interfaces ge-0/0/4 gigether-options 802.3ad ae2
set interfaces ge-0/0/5 description TO-SERVER-V20
set interfaces ge-0/0/5 gigether-options 802.3ad ae3
set interfaces ae1 description TO-DC2-SW3
set interfaces ae1 esi 00:02:02:02:02:02:02:02:02:01
set interfaces ae1 esi all-active
set interfaces ae1 aggregated-ether-options lacp active
set interfaces ae1 aggregated-ether-options lacp system-id 02:02:02:02:02:01
set interfaces ae1 unit 0 family ethernet-switching interface-mode trunk
set interfaces ae1 unit 0 family ethernet-switching vlan members 20
set interfaces ae2 description TO-SERVER-V10
set interfaces ae2 esi 00:02:02:02:02:02:02:02:02:02
set interfaces ae2 esi all-active
set interfaces ae2 aggregated-ether-options lacp active
set interfaces ae2 aggregated-ether-options lacp system-id 02:02:02:02:02:02
set interfaces ae2 unit 0 family ethernet-switching interface-mode access
set interfaces ae2 unit 0 family ethernet-switching vlan members 10
set interfaces ae3 description TO-SERVER-V20
set interfaces ae3 esi 00:02:02:02:02:02:02:02:02:03
set interfaces ae3 esi all-active
set interfaces ae3 aggregated-ether-options lacp active
set interfaces ae3 aggregated-ether-options lacp system-id 01:01:01:01:01:03
set interfaces ae3 unit 0 family ethernet-switching interface-mode access
set interfaces ae3 unit 0 family ethernet-switching vlan members 20
set interfaces irb unit 10 virtual-gateway-accept-data
set interfaces irb unit 10 family inet address 10.204.10.4/24 preferred
set interfaces irb unit 10 family inet address 10.204.10.4/24 virtual-gateway-address 10.204.10.1
set interfaces irb unit 20 virtual-gateway-accept-data
set interfaces irb unit 20 family inet address 10.204.20.4/24 preferred
set interfaces irb unit 20 family inet address 10.204.20.4/24 virtual-gateway-address 10.204.20.1
set interfaces lo0 unit 0 family inet address 192.168.255.7/32
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 1 from interface lo0.0
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 1 then accept
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 2 from route-filter 10.204.0.0/16 orlonger
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 2 then accept
set policy-options policy-statement lb then load-balance per-packet
set routing-options router-id 192.168.255.7
set routing-options autonomous-system 65100
set routing-options forwarding-table export lb
set protocols bgp group OVERLAY type internal
set protocols bgp group OVERLAY local-address 192.168.255.7
set protocols bgp group OVERLAY family evpn signaling
set protocols bgp group OVERLAY neighbor 192.168.255.5
set protocols bgp group OVERLAY neighbor 192.168.255.6
set protocols bgp group OVERLAY neighbor 192.168.255.8
set protocols bgp group UNDERLAY type external
set protocols bgp group UNDERLAY export BGP-UNDERLAY-EXPORT
set protocols bgp group UNDERLAY local-as 65107
set protocols bgp group UNDERLAY neighbor 192.168.253.13 peer-as 65102
set protocols bgp group UNDERLAY neighbor 192.168.253.22 peer-as 65108
set protocols evpn encapsulation vxlan
set protocols evpn multicast-mode ingress-replication
set protocols evpn vni-options vni 5010 vrf-target target:10:10
set protocols evpn vni-options vni 5020 vrf-target target:20:20
set protocols evpn extended-vni-list 5010
set protocols evpn extended-vni-list 5020
set protocols lldp port-id-subtype interface-name
set protocols lldp port-description-type interface-alias
set protocols lldp interface all
set protocols rstp interface all
set switch-options vtep-source-interface lo0.0
set switch-options route-distinguisher 192.168.255.7:1
set switch-options vrf-target target:65100:65100
set vlans V10 vlan-id 10
set vlans V10 l3-interface irb.10
set vlans V10 vxlan vni 5010
set vlans V10 vxlan ingress-node-replication
set vlans V20 vlan-id 20
set vlans V20 l3-interface irb.20
set vlans V20 vxlan vni 5020
set vlans V20 vxlan ingress-node-replication
DC2-SW2 

set interfaces ge-0/0/0 description TO-DC2-R1
set interfaces ge-0/0/0 unit 0 family inet address 192.168.253.18/30
set interfaces ge-0/0/1 description TO-DC2-SW1
set interfaces ge-0/0/1 unit 0 family inet address 192.168.253.22/30
set interfaces ge-0/0/2 description TO-DC2-SW3
set interfaces ge-0/0/2 gigether-options 802.3ad ae1
set interfaces ge-0/0/3 description TO-DC2-SW3
set interfaces ge-0/0/3 gigether-options 802.3ad ae1
set interfaces ge-0/0/4 description TO-SERVER-V10
set interfaces ge-0/0/4 gigether-options 802.3ad ae2
set interfaces ge-0/0/5 description TO-SERVER-V20
set interfaces ge-0/0/5 gigether-options 802.3ad ae3
set interfaces ae1 description TO-DC2-SW3
set interfaces ae1 esi 00:02:02:02:02:02:02:02:02:01
set interfaces ae1 esi all-active
set interfaces ae1 aggregated-ether-options lacp active
set interfaces ae1 aggregated-ether-options lacp system-id 02:02:02:02:02:01
set interfaces ae1 unit 0 family ethernet-switching interface-mode trunk
set interfaces ae1 unit 0 family ethernet-switching vlan members 20
set interfaces ae2 description TO-SERVER-V10
set interfaces ae2 esi 00:02:02:02:02:02:02:02:02:02
set interfaces ae2 esi all-active
set interfaces ae2 aggregated-ether-options lacp active
set interfaces ae2 aggregated-ether-options lacp system-id 02:02:02:02:02:02
set interfaces ae2 unit 0 family ethernet-switching interface-mode access
set interfaces ae2 unit 0 family ethernet-switching vlan members 10
set interfaces ae3 description TO-SERVER-V20
set interfaces ae3 esi 00:02:02:02:02:02:02:02:02:03
set interfaces ae3 esi all-active
set interfaces ae3 aggregated-ether-options lacp active
set interfaces ae3 aggregated-ether-options lacp system-id 01:01:01:01:01:03
set interfaces ae3 unit 0 family ethernet-switching interface-mode access
set interfaces ae3 unit 0 family ethernet-switching vlan members 20
set interfaces irb unit 10 virtual-gateway-accept-data
set interfaces irb unit 10 family inet address 10.204.10.5/24 preferred
set interfaces irb unit 10 family inet address 10.204.10.5/24 virtual-gateway-address 10.204.10.1
set interfaces irb unit 20 virtual-gateway-accept-data
set interfaces irb unit 20 family inet address 10.204.20.5/24 preferred
set interfaces irb unit 20 family inet address 10.204.20.5/24 virtual-gateway-address 10.204.20.1
set interfaces lo0 unit 0 family inet address 192.168.255.8/32
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 1 from interface lo0.0
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 1 then accept
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 2 from route-filter 10.204.0.0/16 orlonger
set policy-options policy-statement BGP-UNDERLAY-EXPORT term 2 then accept
set policy-options policy-statement lb then load-balance per-packet
set routing-options router-id 192.168.255.8
set routing-options autonomous-system 65100
set routing-options forwarding-table export lb
set protocols bgp group OVERLAY type internal
set protocols bgp group OVERLAY local-address 192.168.255.8
set protocols bgp group OVERLAY family evpn signaling
set protocols bgp group OVERLAY neighbor 192.168.255.5
set protocols bgp group OVERLAY neighbor 192.168.255.6
set protocols bgp group OVERLAY neighbor 192.168.255.7
set protocols bgp group UNDERLAY type external
set protocols bgp group UNDERLAY export BGP-UNDERLAY-EXPORT
set protocols bgp group UNDERLAY local-as 65108
set protocols bgp group UNDERLAY neighbor 192.168.253.17 peer-as 65102
set protocols bgp group UNDERLAY neighbor 192.168.253.21 peer-as 65107
set protocols evpn encapsulation vxlan
set protocols evpn multicast-mode ingress-replication
set protocols evpn vni-options vni 5010 vrf-target target:10:10
set protocols evpn vni-options vni 5020 vrf-target target:20:20
set protocols evpn extended-vni-list 5010
set protocols evpn extended-vni-list 5020
set protocols lldp port-id-subtype interface-name
set protocols lldp port-description-type interface-alias
set protocols lldp interface all
set protocols rstp interface all
set switch-options vtep-source-interface lo0.0
set switch-options route-distinguisher 192.168.255.8:1
set switch-options vrf-target target:65100:65100
set vlans V10 vlan-id 10
set vlans V10 l3-interface irb.10
set vlans V10 vxlan vni 5010
set vlans V10 vxlan ingress-node-replication
set vlans V20 vlan-id 20
set vlans V20 l3-interface irb.20
set vlans V20 vxlan vni 5020
set vlans V20 vxlan ingress-node-replication

Comments

Post a Comment

Popular posts from this blog

Deployment of vMX with Dual REs and Multiple FPCs using EVE-NG

Image
In this post, I will guide you through the process of deploying vMX with dual REs and multiple FPCs using EVE-NG. To begin, you will need to download the vMX KVM bundle from the Juniper website. For this lab, we will be using Junos 21.4. Extract the vMX bundle: mkdir /opt/unetlab/addons/qemu/vmxvcp-21.4R3-S1.5-re0 mkdir /opt/unetlab/addons/qemu/vmxvcp-21.4R3-S1.5-re1 mkdir /opt/unetlab/addons/qemu/vmxvfp-21.4R3-S1.5-fpc0 mkdir /opt/unetlab/addons/qemu/vmxvfp-21.4R3-S1.5-fpc1 Copy the images to their respective directories: ## RE0 cp /root/vmx/images/junos-vmx-x86-64-21.4R3-S1.5.qcow2 /opt/unetlab/addons/qemu/vmxvcp-21.4R3-S1.5-re0/virtioa.qcow2 cp /root/vmx/images/vmxhdd.img /opt/unetlab/addons/qemu/vmxvcp-21.4R3-S1.5-re0/virtiob.qcow2 cp /root/vmx/images/metadata-usb-re0.img /opt/unetlab/addons/qemu/vmxvcp-21.4R3-S1.5-re0/virtioc.qcow2 ## RE1 cp /root/vmx/images/junos-vmx-x86-64-21.4R3-S1.5.qcow2 /opt/unetlab/addons/qemu/vmxvcp-21.4R3-S1.5-re1/virtioa.qcow2 cp /r...
Read more

BNG Redundancy for DHCP Subscribers on Juniper MX

Image
Recently, I encountered a challenge while assisting a customer who sought a solution for deploying a redundant DHCP service to accommodate DHCP subscribers on two MX routers. Unfortunately, Juniper website currently lacks resources or examples specifically addressing the deployment of a redundant DHCP service for DHCP subscribers. Therefore, I took the initiative to set up a lab environment comprising two vMX routers functioning as BNG routers (BNG-1 and BNG-2), along with an additional MX router operating as the DHCP server. Here is the topology that I have designed and implemented:   BNG-1 set system host-name BNG-1 set system services subscriber-management enable set system services subscriber-management redundancy interface xe-0/0/3.1492 virtual-inet-address 172.16.0.129 set system services subscriber-management redundancy interface xe-0/0/4.1493 virtual-inet-address 172.16.0.1 set system services subscriber-management redundancy protocol vrrp set system servic...
Read more