No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Configuration Guide - VPN
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring BD-EVPN Functions

Configuring BD-EVPN Functions

Configuring bridge domain BD-EVPN functions involves configuring an EVPN instance in BD mode, creating a BD and binding an EVPN instance to the BD, configuring an L3VPN instance and binding it to a VBDIF interface, and configuring BGP EVPN peer relationships.

Usage Scenario

This section describes how to configure BD-EVPN functions. An EVPN in non-BD mode can only carry Layer 2 services, whereas a BD-EVPN can carry both Layer 2 and Layer 3 services.

Pre-configuration Tasks

Before configuring a BD-EVPN, complete the following tasks:

  • Configure an IGP on the backbone network to ensure IP connectivity.

  • Configure MPLS LDP LSPs or TE tunnels on the backbone network.

  • Configure Layer 2 connections between CEs and PEs.

Configuration Procedures

Figure 11-3 Flowchart for configuring BD-EVPN functions

Configuring an EVPN Instance in BD Mode

To implement service access based on a BD and manage EVPN routes, configure EVPN instances in BD mode on PEs.

Context

EVPN instances are used to isolate EVPN routes from public routes and isolate the routes of EVPN instances from each other. EVPN instances are required in all EVPN networking solutions.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run evpn vpn-instance vpn-instance-name bd-mode

    An EVPN instance in BD mode is created, and the EVPN instance view is displayed.

  3. (Optional) Run description description-information

    A description is configured for the EVPN instance.

    Similar to the description of a host name or an interface, the EVPN instance description helps users memorize the EVPN instance.

  4. Run route-distinguisher route-distinguisher

    An RD is configured for the EVPN instance.

    An EVPN instance takes effect only after an RD is configured for it. The RDs of different EVPN instances on the same PE must be different.

    NOTE:

    An RD cannot be modified after being configured but can be deleted. If the RD of an EVPN instance is deleted, VPN targets configured in the EVPN instance are also deleted.

  5. Run vpn-target vpn-target &<1-8> [ both | export-extcommunity | import-extcommunity ]

    VPN targets are configured for the EVPN instance.

    A VPN target is a BGP extended community attribute used to control the receiving and advertisement of EVPN routes. A maximum of eight VPN targets can be configured using a vpn-target command. To configure more VPN targets in the EVPN instance address family, run the vpn-target command several times.

    NOTE:

    An RT of an Ethernet segment route is generated using the middle six bytes of an ESI. For example, if the ESI is 0011.1001.1001.1001.1002, the Ethernet segment route uses 11.1001.1001.10 as its RT.

  6. (Optional) Run filter-policy { acl-number | acl-name acl-name } export

    The EVPN instance is configured to filter MAC advertisement routes to be advertised.

    To precisely control EVPN routes, an export route-policy must be configured. An export route-policy filters routes before they are advertised to other PEs.

  7. (Optional) Run filter-policy { acl-number | acl-name acl-name } import

    The EVPN instance is configured to filter MAC advertisement routes received.

    To precisely control EVPN routes, an import route-policy must also be configured. An import route-policy filters routes that are received from other PEs.

  8. (Optional) Run mac limit number [ simply-alert | mac-unchanged ]

    The maximum number of MAC addresses allowable is set for the EVPN instance.

    If a device imports a large number of MAC addresses, which consumes a lot of system resources, device running may be affected when the system processes many services. To improve system security and reliability, run the mac limit command to limit the number of MAC addresses to be imported into the EVPN instance. After this configuration, if the number of MAC addresses exceeds the preset value, an alarm is reported to prompt you to check the validity of existing MAC addresses.

    After the maximum number of MAC addresses allowed by an EVPN instance is set, you can run the mac threshold-alarm upper-limit upper-limit-value lower-limit lower-limit-value command to set the upper and lower thresholds for triggering MAC address alarms. The alarm generation and clearance help you detect threshold-crossing events of MAC addresses.

  9. (Optional) Run tnl-policy policy-name

    EVPN routes that can be imported into the VPN instance IPv4 address family are associated with a tunnel policy.

    This configuration allows data packets between PEs to be forwarded through a TE tunnel.

  10. Run commit

    The configuration is committed.

Configuring an EVPN Source Address

An EVPN source address uniquely identifies a PE in EVPN networking.

Context

The EVPN source address, which can be used to identify a PE on an EVPN, is part of EVPN route information. Configuring EVPN source addresses is a mandatory task for EVPN configuration.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run evpn source-address ip-address

    An EVPN source address is configured.

  3. Run commit

    The configuration is committed.

Configuring an ESI

Ethernet segment identifiers (ESIs) must be configured for PE interfaces connecting to CEs or BDs configured on PEs, and the same ESI must be configured for different PE interfaces connecting to the same CE or BDs on different PEs connecting to the same CE.

Context

PEs connecting to the same CE must have the same ESI configured. In this way, the PEs exchange routes that carry ESIs, so that a PE can discover other PEs connecting to the same CE as itself. This helps implement load balancing or FRR.

ESI-configured interfaces must be Up. Otherwise, Ethernet segment routes cannot be generated. In scenarios where a CE is dual-homed to PEs through an Eth-Trunk, an E-Trunk must be configured on the PEs to ensure that the two CE interfaces connecting to PEs are both Up.

An ESI can be obtained for an interface in the following ways:
  • Statically configured

  • Dynamically generated

Static configuration is recommended. Compared with dynamic ESI generation, static configuration allows EVPN to implement faster traffic switching during a DF election in a dual-homing scenario with active-active PEs.

NOTE:

The features required in an EVPN dual-homing scenario, such as fast convergence, split horizon, and DF election, all become invalid in a single-homing scenario. Therefore, configuring an ESI on a single-homed PE is optional.

Procedure

  • (Optional) Configure an E-Trunk.
    1. Run system-view

      The system view is displayed.

    2. Run e-trunk e-trunk-id

      An E-Trunk is configured, and the E-Trunk view is displayed.

    3. Run priority priority

      The E-Trunk priority is configured.

    4. Run peer-address peer-ip-address source-address source-ip-address

      IP addresses are configured for the local and peer ends of the E-Trunk.

    5. Run quit

      Return to the system view.

    6. Run interface eth-trunk trunk-id

      The view of an Eth-Trunk interface is displayed.

    7. Run e-trunk e-trunk-id

      The Eth-Trunk interface is added to the E-Trunk.

      One Eth-Trunk interface can be added only to one E-Trunk.

    8. (Optional) Run e-trunk mode force-master

      The working mode of the E-Trunk member interface is set to master. After this configuration, the dual-homed PEs are both master devices, implementing load balancing.

    9. Run quit

      Return to the system view.

    10. Run lacp e-trunk system-id mac-address

      An LACP system ID is configured for the E-Trunk.

      The LACP system IDs for the same E-Trunk must be the same.

    11. (Optional) Run lacp e-trunk priority priority

      An LACP system priority is configured for the E-Trunk.

      The LACP system priorities for the same E-Trunk must be the same.

    12. Run commit

      The configuration is committed.

  • Configure an interface to dynamically generate an ESI.
    1. Run system-view

      The system view is displayed.

    2. Run interface eth-trunk trunk-id

      The Eth-Trunk interface view is displayed.

    3. Run mode lacp-static

      The working mode of the Eth-Trunk interface is set to static LACP.

    4. Run commit

      The configuration is committed.

  • Manually configure an ESI for an interface. Perform this configuration if a VLAN is used to access an EVPN.
    1. Run system-view

      The system view is displayed.

    2. Run interface interface-type interface-number

      The view of an interface is displayed.

    3. Run esi esi

      An ESI is configured.

    4. Run commit

      The configuration is committed.

  • Manually configure an ESI in a BD. Perform this configuration if VXLAN is used to access an EVPN and the EVPN transmits ARP or MAC routes.
    1. Run system-view

      The system view is displayed.

    2. Run bridge-domain bd-id

      The view of a BD is displayed.

    3. Run esi esi

      An ESI is configured.

    4. Run commit

      The configuration is committed.

Configuring a BD and Binding an EVPN Instance to the BD

An EVPN instance in BD mode is only bound to a BD instead of an interface.

Context

An EVPN instance can be bound to a BD using a VXLAN Network Identifier (VNI) or using MPLS.

  • In VNI mode, an EVPN instance is bound to a BD after a VNI is configured. If an EVPN instance needs to access a VPLS network, the EVPN instance must be bound to a BD in VNI mode.
  • In MPLS mode, an EVPN instance is bound to a BD directly in the BD view.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run bridge-domain bd-id

    The view of the BD to which an EVPN instance will be bound is displayed.

  3. (Optional) Run vxlan vni vni-id split-horizon-mode

    A VNI is created and associated with the BD, and forwarding in split horizon mode is enabled.

  4. Run evpn binding vpn-instance evpn-name [ bd-tag bd-tag ]

    An EVPN instance is bound to the BD. By specifying different bd-tag values, you can bind multiple BDs with different VLANs to the same EVPN instance and isolate services in the BDs.

  5. Run quit

    Return to the system view.

  6. Run interface interface-type interface-number.subnum mode l2

    A Layer 2 sub-interface is created, and the sub-interface view is displayed.

    By default, no Layer 2 sub-interface is created.

    NOTE:

    Before running this command, ensure that the Layer 2 interface on which the Layer 2 sub-interface is to be created does not have the port link-type dot1q-tunnel command configuration. If this configuration exists, run the undo port link-type command to delete the configuration.

  7. Run encapsulation { dot1q [ vid low-pe-vid [ to high-pe-vid ] ] | untag | qinq [ vid pe-vid ce-vid { low-ce-vid [ to high-ce-vid ] | default } ] }

    An encapsulation type of packets allowed to pass through the Layer 2 sub-interface is specified.

    By default, an encapsulation type of packets allowed to pass through a Layer 2 sub-interface is not specified.

  8. Run rewrite pop { single | double }

    The traffic behavior is set to pop so that the Ethernet sub-interface removes VLAN tags from received packets.

    For single-tagged packets that a Layer 2 sub-interface receives, specify single to remove the tags from these packets.

    If the encapsulation type of packets has been set to QinQ, specify double in this step to remove double VLAN tags from the received packets.

  9. Run bridge-domain bd-id

    The Layer 2 sub-interface is added to the BD so that the sub-interface can transmit data packets through this BD.

    By default, no Layer 2 sub-interface is added to a BD.

  10. Run commit

    The configuration is committed.

Creating an L3VPN Instance and Binding It to a VBDIF Interface

If you want to use an EVPN to transmit Layer 3 services, you must configure an L3VPN instance and bind it to a VBDIF interface.

Context

To enable an EVPN to transmit Layer 3 services, configure an L3VPN instance and bind it to a VBDIF interface. After this configuration, the L3VPN instance can manage host routes received from the VBDIF interface.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ip vpn-instance vpn-instance-name

    A VPN instance is created, and the VPN instance view is displayed.

  3. Run ipv4-family

    The IPv4 address family is enabled for the VPN instance, and the VPN instance IPv4 address family view is displayed.

  4. Run route-distinguisher route-distinguisher

    An RD is configured for the VPN instance IPv4 address family.

  5. Run vpn-target vpn-target &<1-8> [ both | export-extcommunity | import-extcommunity ]

    VPN targets are configured for the VPN instance IPv4 address family to mutually import routes with the remote PE's L3VPN instance.

  6. Run vpn-target vpn-target &<1-8> [ both | export-extcommunity | import-extcommunity ] evpn

    VPN targets are configured for the VPN instance IPv4 address family to mutually import routes with the local EVPN instance.

  7. Run evpn mpls routing-enable

    EVPN is enabled to generate and advertise IP prefix routes and IRB routes.

  8. (Optional) Run tnl-policy policy-name evpn

    EVPN routes that can be imported into the VPN instance IPv4 address family are associated with a tunnel policy.

    This configuration allows Layer 3 service traffic between VMs in different DCs to be transmitted through a TE tunnel between the DCI-PEs.

  9. Run quit

    Exit from the VPN instance IPv4 address family view.

  10. Run quit

    Exit from the VPN instance view.

  11. Run interface vbdif bd-id

    A VBDIF interface is created, and the VBDIF interface view is displayed.

    By default, no VBDIF interface is created.

  12. Run ip binding vpn-instance vpn-instance-name

    The L3VPN instance is bound to the VBDIF interface.

  13. Run ip address ip-address { mask | mask-length } [ sub ]

    An IP address is configured for the VBDIF interface to implement Layer 3 interworking.

  14. (Optional) Run mac-address mac-address

    A MAC address is configured for the VBDIF interface.

  15. Run arp distribute-gateway enable

    Distributed gateway is enabled.

    After distributed gateway is enabled, the discards the ARP messages received from the network side and learns only ARP messages from the user side and generates host routes.

  16. Run either of the following commands to advertise host routes:

    • To advertise IRB routes, run the arp collect host enable command.

    • To advertise IP prefix routes, run the arp vlink-direct-route advertise [ route-policy route-policy-name ] command.

  17. Run commit

    The configuration is committed.

Configuring a BGP EVPN Peer Relationship

After two PEs establish a BGP EVPN peer relationship, they can exchange EVPN routes.

Context

In EVPN networking, PEs need to have BGP EVPN peer relationships established before they can exchange EVPN route information and implement communication between EVPN instances.

Perform the following steps on each PE.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run bgp as-number

    The BGP view is displayed.

  3. Run peer ipv4-address as-number as-number

    A BGP EVPN peer IP address is specified.

  4. Run peer ipv4-address connect-interface loopback interface-number

    The interface on which a TCP connection to the specified peer is to be established is specified.

    NOTE:

    A PE must use a loopback interface address with a 32-bit mask to set up an MP-IBGP peer relationship with the peer PE, so that VPN routes can be relayed to tunnels. The routes to the local loopback interface are advertised to the peer PE using an IGP on the MPLS backbone network.

  5. Run l2vpn-family evpn

    The BGP-EVPN address family view is displayed.

  6. Run peer { ipv4-address | group-name } enable

    The capability to exchange EVPN routes with the specified peer is enabled.

  7. (Optional) Run peer ipv4-address group group-name

    The BGP EVPN peer is added to a peer group.

    Adding BGP EVPN peers to peer groups simplifies BGP network configuration and management.

  8. (Optional) Run timer df-delay delay-value

    A DF election delay is configured.

    If the network is unstable, the PE interfaces connecting to a CE will frequently alternate between Up and Down, resulting in frequent DF elections. As a result, the network performance deteriorates. To prevent frequent DF elections, run the timer df-delay command to set a greater DF election delay. This ensures that the network remains stable.

    In an EVPN dual-homing scenario where interface-based DF election is enabled, you need to run this command to set the delay interval for DF election to 0s prevent the long-time existence of dual backup devices during switchback from causing a traffic interruption.

  9. (Optional) Run peer { group-name | ipv4-address } mac-limit number [ percentage ] [ alert-only | idle-forever | idle-timeout times ]

    The maximum number of MAC advertisement routes that can be received from each peer is configured.

    If an EVPN instance may import many invalid MAC advertisement routes from peers and these routes occupy a large proportion of the total MAC advertisement routes. If the received MAC advertisement routes exceed the specified maximum number, the system displays an alarm, instructing users to check the validity of the MAC advertisement routes received in the EVPN instance.

  10. Run commit

    The configuration is committed.

(Optional) Configuring a PE Redundancy Mode

A PE's redundancy mode determines whether the PE can work with other PEs in load-balancing mode.

Context

By default, EVPN PEs work in All-Active mode. If a CE is multi-homed to several EVPN PEs, these PEs will load-balance traffic. If you do not want an EVPN PE to work with other EVPN PEs in load-balancing mode, change its redundancy mode to Single-Active.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run evpn redundancy-mode single-active

    The Single-Active redundancy mode is configured.

  3. Run commit

    The configuration is committed.

(Optional) Configuring a BGP EVPN RR

Configuring a BGP EVPN RR helps reduce the number of required BGP EVPN peer relationships, and therefore saves network resources.

Context

In an AS where a NE serves as an RR, other NE can serve as RR clients. The clients establish BGP EVPN peer relationships with the RR. The RR and its clients form a cluster. The RR reflects routes among the clients, and therefore the clients do not need to establish IBGP connections.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run bgp as-number

    The BGP view is displayed.

  3. Run l2vpn-family evpn

    The BGP-EVPN address family view is displayed.

  4. Run peer { ipv4-address | group-name } reflect-client

    An RR and its clients are configured.

    The device where the peer reflect-client command is run serves as the RR and the specified peers or peer groups serve as clients.

  5. (Optional) Run undo reflect between-clients

    Route reflection between clients through the RR is disabled.

    By default, route reflection between the clients through the RR is enabled.

    If the clients of an RR have established full-mesh connections with each other, you can run the undo reflect between-clients command to disable route reflection between clients through the RR to reduce the link cost. The undo reflect between-clients command can only be run on an RR.

  6. (Optional) Run reflector cluster-id cluster-id

    A cluster ID is configured for the RR.

    If a cluster has multiple RRs, you can use this command to set the same cluster ID for these RRs to prevent routing loops.

    The reflector cluster-id command can only be run on an RR.

  7. Run commit

    The configuration is committed.

(Optional) Configuring BD-based Layer 2 Proxy ARP

When users access each other for the first time, they send ARP request packets. These packets are broadcast on Layer 2 networks, which may cause a broadcast storm. To address the problem, configure Layer 2 proxy ARP in a specified BD of a Layer 2 device.

Context

When a Layer 2 device receives an ARP request packet, it broadcasts the packet within a BD. If the Layer 2 device receives a large number of ARP request packets within a specified period and broadcasts the packets, excessive ARP request packets are forwarded on the EVPN, consuming excessive network resources and causing network congestion. As a result, the network performance deteriorates, and user services are affected. To address this problem, configure BD-based Layer 2 proxy ARP on the Layer 2 device. The basic principles of Layer 2 proxy ARP are as follows: A Layer 2 device listens to a received ARP packet and generates an ARP snooping entry to record the source user information (including the packet's source IP address, source MAC address, and inbound interface). After receiving an ARP request packet, the Layer 2 device takes the ARP entry learned in the BD and preferentially responds to the request based on information in the ARP snooping entry.

Perform the following steps on an EVPN Layer 2 device.

Procedure

  1. Run system-view

    The system view is displayed.

  2. (Optional) Run arp host ip-conflict-check period period-value retry-times retry-times-value

    The detection option for host IP address conflicts has been configured.

    By default, host IP address conflicts are detected within a period of 180 seconds and detection packets are allowed to be retransmitted for a maximum of five times.

  3. Run bridge-domain bd-id

    The BD view is displayed.

  4. Run arp l2-proxy enable

    Layer 2 proxy ARP has been enabled.

    By default, Layer 2 proxy ARP is disabled.

  5. (Optional) Run arp l2-proxy timeout expire-time

    An aging time has been configured for ARP snooping entries.

    By default, the aging time of ARP snooping entries is 900s.

    Each ARP snooping entry has a life cycle, which is called the aging time. If an ARP snooping entry is not updated before its aging time expires, the entry will be deleted. If the device stores a large number of ARP snooping entries, the CPU resources are wasted and ARP snooping entries for new users cannot be generated. To resolve this problem, perform this step to set an aging time, which allows ARP snooping entries to be updated regularly.

  6. Run arp collect host enable

    The function to collect host information by BD for EVPN MPLS has been enabled.

    By default, EVPN MPLS is not enabled to collect host information by BD.

  7. Run commit

    The configuration is committed.

(Optional) Configuring VBDIF Interface-based Layer 3 Proxy ARP

When users access each other for the first time, they send ARP request packets. These packets are broadcast on Layer 2 networks, which may cause a broadcast storm. To address the problem, configure Layer 3 proxy ARP on the VBDIF interface of a Layer 3 device.

Context

When a Layer 3 device receives an ARP request packet, it broadcasts the packet within a BD. If the Layer 3 device receives a large number of ARP request packets within a specified period and broadcasts the packets, excessive ARP request packets are forwarded on the EVPN, consuming excessive network resources and causing network congestion. As a result, the network performance deteriorates, and user services are affected. To address this problem, configure VBDIF interface-based Layer 3 proxy ARP on the Layer 3 device. The basic principles of Layer 3 proxy ARP are as follows: A Layer 3 device listens to a received ARP packet and generates an ARP snooping entry to record the source user information (including the packet's source IP address, source MAC address, and inbound interface). After receiving an ARP request packet, the Layer 3 device takes the ARP entry learned on the VBDIF interface and preferentially responds to the request based on information in the ARP snooping entry.

Perform the following steps on an EVPN Layer 3 device.

Procedure

  1. Run system-view

    The system view is displayed.

  2. (Optional) Run arp host ip-conflict-check period period-value retry-times retry-times-value

    The detection option for host IP address conflicts has been configured.

    By default, host IP address conflicts are detected within a period of 180 seconds and detection packets are allowed to be retransmitted for a maximum of five times.

  3. Run bridge-domain bd-id

    The BD view is displayed.

  4. Run arp l2-proxy enable

    Layer 2 proxy ARP has been enabled.

    By default, Layer 2 proxy ARP is disabled.

  5. (Optional) Run arp l2-proxy timeout expire-time

    An aging time has been configured for ARP snooping entries.

    By default, the aging time of ARP snooping entries is 900s.

    Each ARP snooping entry has a life cycle, which is called the aging time. If an ARP snooping entry is not updated before its aging time expires, the entry will be deleted. If the device stores a large number of ARP snooping entries, the CPU resources are wasted and ARP snooping entries for new users cannot be generated. To resolve this problem, perform this step to set an aging time, which allows ARP snooping entries to be updated regularly.

  6. Run quit

    The system view is displayed.

  7. Run interface vbdif bd-id

    A VBDIF interface is created, and the VBDIF interface view is displayed.

    By default, no VBDIF interface is created.

  8. Run arp collect host enable

    The function to collect host information by VBDIF interface for EVPN MPLS has been enabled.

    By default, EVPN MPLS is not enabled to collect host information by VBDIF interface.

  9. Run commit

    The configuration is committed.

Checking the Configurations

After configuring EVPN, check the operating status and information about EVPN functions.

Prerequisites

EVPN has been configured.

Procedure

  • Run the display default-parameter evpn command to check default EVPN configurations during EVPN initialization.
  • Run the display evpn vpn-instance [ name vpn-instance-name ] command to check EVPN instance information.
  • Run the display evpn vpn-instance name vpn-instance-name df result [ esi esi ] command to check the DF election result of an EVPN instance.
  • Run the display evpn vpn-instance name vpn-instance-name df-timer state command to check the DF timer status of an EVPN instance.
  • Run the display bgp evpn { all | vpn-instance vpn-instance-name } esi [ esi ] command to check information about the ESIs of a specified or all EVPN instances.
  • Run the display bgp evpn { all | route-distinguisher route-distinguisher | vpn-instance vpn-instance-name } routing-table [ { ad-route | es-route | inclusive-route | mac-route | prefix-route } prefix ] command to check information about EVPN routes.
  • Run the display bgp evpn all routing-table statistics command to check statistics about EVPN routes.
  • Run the display evpn mac routing-table command to check MAC route information about EVPN instances.
  • Run the display evpn mac routing-table limit command to check MAC address limits of EVPN instances.
  • Run the display evpn mac routing-table statistics command displays MAC route statistics of EVPN instances.
  • Run the display arp broadcast-suppress user bridge-domain bd-id command to check the ARP broadcast suppression table of a specified BD.
  • Run the display arp packet statistics bridge-domain bd-id command to check statistics about the ARP packets in a specified BD.

Example

Run the display default-parameter evpn command. The command output shows default EVPN configurations during EVPN initialization.

<HUAWEI> display default-parameter evpn
 EVPN Access Mode           : Port Access
 EVPN Interface Service Mode: Vlan Unaware
 Apply Label Mode           : Label Per Instance

Run the display evpn vpn-instance command on PEs. The command output shows EVPN instance information.

# Display information about the EVPN instance evpn1.

<HUAWEI> display evpn vpn-instance name evpn1
  EVPN-Instance Name              RD                    Address-family
  evpn1                           1:1                   evpn

Run the display evpn vpn-instance name vpn-instance-name df result [ esi esi ] command on PEs. The command output shows the DF election result of an EVPN instance.

# Display the DF election result of EVPN instance evpn1.

<HUAWEI> display evpn vpn-instance name evpn1 df result
ESI Count: 1

ESI: 0010.1010.1010.1010.1010

 GigabitEthernet0/1/0:
  Current State: IFSTATE_UP
  DF Result    : Primary

Run the display evpn vpn-instance name vpn-instance-name df-timer state command on PEs. The command output shows the DF timer status of an EVPN instance.

# Display the DF timer status of EVPN instance evpn1.

<HUAWEI> display evpn vpn-instance name evpn1 df-timer state
Ifindex                       Type                     Mode        TimerLeft(s)      
GigabitEthernet0/1/0          BRM_EVRF_IF_DF_TIMER     IDLE        -----            

Esi                           Type                     Mode        TimerLeft(s)      
0010.1010.1010.1010.1010      BRM_EVRF_ESI_DF_TIMER    IDLE        ----- 

Run the display bgp evpn peer [ ipv4-address ] command on PEs. The command output shows information about EVPN BGP peers.

# Display information about EVPN BGP peers.

<HUAWEI> display bgp evpn peer
 
 BGP local router ID : 0.0.0.0
 Local AS number : 100
 Total number of peers : 1                 Peers in established state : 0

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State  PrefRcv
  1.1.1.1         4          100    4456     3196     0 0045h29m Established        5

Run the display bgp evpn { all | vpn-instance vpn-instance-name } esi [ esi ] command. The command output shows information about the ESIs of all EVPN instances.

<HUAWEI> display bgp evpn all esi
Number of ESI for EVPN address family: 1

 ESI                                 IFName     
 0010.1010.1010.1010.1010            GigabitEthernet0/1/0

Number of ESI for evpn-instance c1: 1

 ESI                                 IFName     
 0010.1010.1010.1010.1010            GigabitEthernet0/2/0

Run the display bgp evpn all routing-table command on PEs. The command output shows information about EVPN routes.

<HUAWEI> display bgp evpn all routing-table
 Local AS number : 100

 BGP Local router ID is 1.1.1.1
 Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete


 EVPN address family:
 Number of A-D Routes: 1

 Route Distinguisher: 1:1
       Network(ESI/EthTagId)                                  NextHop
 *>    0010.1010.1010.1010.1010:0                             127.0.0.1       
   

 EVPN-Instance c1:
 Number of A-D Routes: 1
       Network(ESI/EthTagId)                                  NextHop
 *>    0010.1010.1010.1010.1010:0                             127.0.0.1      

 EVPN address family:
 Number of Inclusive Multicast Routes: 1

 Route Distinguisher: 1:1
       Network(EthTagId/IpAddrLen/OriginalIp)                 NextHop
 *>    0:32:1.1.1.1                                           127.0.0.1       
   

 EVPN-Instance c1:
 Number of Inclusive Multicast Routes: 1
       Network(EthTagId/IpAddrLen/OriginalIp)                 NextHop
 *>    0:32:1.1.1.1                                           127.0.0.1      

 EVPN address family:
 Number of ES Routes: 1

 Route Distinguisher: 1.1.1.1:0
       Network(ESI)                                           NextHop
 *>    0010.1010.1010.1010.1010                               127.0.0.1       
   

 EVPN-Instance c1:
 Number of ES Routes: 1
       Network(ESI)                                           NextHop
 *>    0010.1010.1010.1010.1010                               127.0.0.1      

Run the display bgp evpn all routing-table statistics command on PEs. The command output shows statistics about EVPN routes.

<HUAWEI> display bgp evpn all routing-table statistics
 Total number of routes from all PE: 6
 Number of A-D Routes: 2
 Number of Mac Routes: 0
 Number of Inclusive Multicast Routes: 2
 Number of ES Routes: 2

Run the display evpn mac routing-table command on a PE. The command output shows MAC route information about EVPN instances.

<HUAWEI> display evpn mac routing-table all-evpn-instance
 EVPN name: aaa
 MACs: 5        Entries: 5        

 MAC-Address           VLAN  PeerIP         Type      Interface           
 0601-0002-1111           0  2.2.2.2        Dynamic   --
 0601-0002-1112           0  2.2.2.2        Dynamic   --
 0601-0002-1113           0  2.2.2.2        Dynamic   --
 0601-0002-1114           0  2.2.2.2        Dynamic   --
 0601-0002-1115           0  2.2.2.2        Dynamic   --
------------------------------------------------------------------------------
 EVPN name: bbb
 MACs: 0         Entries: 0          

 MAC-Address           VLAN  PeerIP         Type      Interface

Run the display evpn mac routing-table limit command on a PE. The command output shows MAC address limits of an EVPN instance.

<HUAWEI> display evpn mac routing-table limit evpn-instance vpn1
 EVPN Instance Name: vpn1
 Limit-Type     Max-Limit    Upper-Limit  Lower-Limit  Current      
 Default        100          80           70           0            

Run the display evpn mac routing-table statistics command on a PE. The command output shows MAC route statistics of EVPN instances.

<HUAWEI> display evpn mac routing-table all-evpn-instance statistics
Summary Prefixes : 133
Protocol   route       active      added       deleted     freed
Local      0           0           0           0           0           
BGP        133         133         48659       48526       48526       
Total      133         133         48659       48526       48526
Run the display arp broadcast-suppress user bridge-domain bd-id command. The command output displays information about the ARP broadcast suppression table of a specified BD.
<HUAWEI> display arp broadcast-suppress user bridge-domain 10
Flags: S - Static, D - Dynamic, C - Conflict
Total:4
------------------------------------------------------------------------------------
IP Address      MAC Address      Vtep IP         Flags       Aging(M)      Interface
------------------------------------------------------------------------------------
10.1.1.5        0005-0005-0005   0.0.0.0         S           --            --              
10.1.1.1        3853-d121-0110   0.0.0.0         D           15            GigabitEthernet0/1/1.1
10.1.1.2        0002-0002-0002   0.0.0.0         D           15            GigabitEthernet0/1/1.2 
10.1.1.3        0001-0c01-0101   0.0.0.0         C           --            --              
Run the display arp packet statistics bridge-domain bd-id command. The command output displays statistics about the ARP packets in a specified BD.
<HUAWEI> display arp packet statistics bridge-domain 10
ARP Packets Received
  Total:                                        0
  ARP Pkt Revceive Request:                     0
  ARP Pkt Revceive Reply:                       0
  ARP Pkt Revceive Gratuitous:                  0
  Discard For Other:                            0
ARP Packets Sent
  Total:                                        0
  ARP Pkt Send Unicast:                         0
  ARP Pkt Send Broadcast:                       0
  ARP Pkt Send Gratuitous:                      0
  ARP Pkt Send L2 Proxy:                        0
Translation
Download
Updated: 2019-01-14

Document ID: EDOC1100058925

Views: 31961

Downloads: 59

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next