Month: December 2025

Arista – VXLAN/EVPN BGP Unnumbered

nick Leave a comment

Another Arista VXLAN/EVPN lab but for this we will use eBGP Unnumbered for the underlay rather than OSPF. BGP Unnumbered uses IPv6 link local addresses for IPv4 next hops and is detailed in RFC5549.

https://datatracker.ietf.org/doc/html/rfc5549

eve-ng_export-20251228-192314Download

Spine1

hostname spine1
    
interface Ethernet1
no switchport
ipv6 enable
    
interface Ethernet2
no switchport
ipv6 enable

interface Ethernet3
no switchport
ipv6 enable

interface Loopback0
ip address 5.5.5.5/32

ip routing

ipv6 unicast-routing

router bgp 65400
router-id 5.5.5.5
no bgp default ipv4-unicast
neighbor LEAF peer group
neighbor LEAF local-as 65401 no-prepend replace-as
neighbor LEAF_OL peer group
neighbor LEAF_OL remote-as 65400
neighbor LEAF_OL update-source Loopback0
neighbor LEAF_OL route-reflector-client
neighbor LEAF_OL send-community extended
neighbor 7.7.7.7 peer group LEAF_OL
neighbor 8.8.8.8 peer group LEAF_OL
neighbor 9.9.9.9 peer group LEAF_OL
redistribute connected
neighbor interface Et1 peer-group LEAF remote-as 65403
neighbor interface Et2 peer-group LEAF remote-as 65404
neighbor interface Et3 peer-group LEAF remote-as 65405

address-family evpn
neighbor LEAF_OL activate

address-family ipv4
neighbor LEAF activate
neighbor LEAF next-hop address-family ipv6 originate

Spine2

hostname spine2

interface Ethernet1
switchport
ipv6 enable

interface Ethernet2
no switchport
ipv6 enable

interface Ethernet3
no switchport
ipv6 enable

interface Loopback0
ip address 6.6.6.6/32

ip routing

ipv6 unicast-routing
  
router bgp 65400
router-id 6.6.6.6
no bgp default ipv4-unicast
neighbor LEAF peer group
neighbor LEAF local-as 65402 no-prepend replace-as
neighbor LEAF_OL peer group
neighbor LEAF_OL remote-as 65400
neighbor LEAF_OL update-source Loopback0
neighbor LEAF_OL route-reflector-client
neighbor LEAF_OL send-community extended
neighbor 7.7.7.7 peer group LEAF_OL
neighbor 8.8.8.8 peer group LEAF_OL
neighbor 9.9.9.9 peer group LEAF_OL
redistribute connected
neighbor interface Et1 peer-group LEAF remote-as 65403
neighbor interface Et2 peer-group LEAF remote-as 65404
neighbor interface Et3 peer-group LEAF remote-as 65405

address-family evpn
neighbor LEAF_OL activate

address-family ipv4
neighbor LEAF activate
neighbor LEAF next-hop address-family ipv6 originate

Leaf1

hostname leaf1

vlan 1234
  
interface Ethernet1
no switchport
ipv6 enable
  
interface Ethernet2
no switchport
ipv6 enable
  
interface Ethernet3
switchport access vlan 1234
 
interface Loopback0
ip address 7.7.7.7/32

interface Vxlan1
vxlan source-interface Loopback0
vxlan udp-port 4789
vxlan vlan 1234 vni 1234
    
ip routing
    
ipv6 unicast-routing

router bgp 65400
router-id 7.7.7.7
no bgp default ipv4-unicast
neighbor SPINE peer group
neighbor SPINE local-as 65403 no-prepend replace-as
neighbor 5.5.5.5 remote-as 65400
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 send-community extended
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community extended
redistribute connected
neighbor interface Et1 peer-group SPINE remote-as 65401
neighbor interface Et2 peer-group SPINE remote-as 65402
!
vlan 1234
rd 8.8.8.8:1234
route-target both 65400:1234
redistribute learned
!
address-family evpn
neighbor 5.5.5.5 activate
neighbor 6.6.6.6 activate
!
address-family ipv4
neighbor SPINE activate
neighbor SPINE next-hop address-family ipv6 originate
no neighbor 5.5.5.5 activate
no neighbor 6.6.6.6 activate

Leaf2

hostname leaf2

vlan 1234,2468

interface Ethernet1
no switchport
ipv6 enable

interface Ethernet2
no switchport
ipv6 enable

interface Ethernet3
switchport access vlan 1234

interface Ethernet4
switchport access vlan 2468

interface Loopback0
ip address 8.8.8.8/32
 
interface Vxlan1
vxlan source-interface Loopback0
vxlan udp-port 4789
vxlan vlan 1234 vni 1234
vxlan vlan 2468 vni 2468

ip routing

ipv6 unicast-routing

router bgp 65400
router-id 8.8.8.8
no bgp default ipv4-unicast
neighbor SPINE peer group
neighbor SPINE local-as 65404 no-prepend replace-as
neighbor 5.5.5.5 remote-as 65400
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 send-community extended
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community extended
redistribute connected
neighbor interface Et1 peer-group SPINE remote-as 65401
neighbor interface Et2 peer-group SPINE remote-as 65402
    
vlan 1234
rd 8.8.8.8:1234
route-target both 65400:1234
redistribute learned

vlan 2468
rd 8.8.8.8:2468
route-target both 65400:2468
redistribute learned

address-family evpn
neighbor 5.5.5.5 activate
neighbor 6.6.6.6 activate

address-family ipv4
neighbor SPINE activate
neighbor SPINE next-hop address-family ipv6 originate
no neighbor 5.5.5.5 activate
no neighbor 6.6.6.6 activate

Leaf3

hostname leaf3

vlan 2468

interface Ethernet1
no switchport
ipv6 enable

interface Ethernet2
no switchport
ipv6 enable

interface Ethernet4
switchport access vlan 2468
  
interface Loopback0
ip address 9.9.9.9/32

interface Vxlan1
vxlan source-interface Loopback0
vxlan udp-port 4789
vxlan vlan 2468 vni 2468

ip routing

ipv6 unicast-routing
    
router bgp 65400
router-id 9.9.9.9
no bgp default ipv4-unicast
neighbor SPINE peer group
neighbor SPINE local-as 65405 no-prepend replace-as
neighbor 5.5.5.5 remote-as 65400
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 send-community extended
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community extended
redistribute connected
neighbor interface Et1 peer-group SPINE remote-as 65401
neighbor interface Et2 peer-group SPINE remote-as 65402

vlan 2468
rd 8.8.8.8:2468
route-target both 65400:2468
redistribute learned

address-family evpn
neighbor 5.5.5.5 activate
neighbor 6.6.6.6 activate

address-family ipv4
neighbor SPINE activate
neighbor SPINE next-hop address-family ipv6 originate
no neighbor 5.5.5.5 activate
no neighbor 6.6.6.6 activate

VPCs 6 & 8 have been configured with IP addresses in the range 10.1.1.0/24 & VPCs 7 & 9 have addresses with the range 10.2.2.0/24. Both are able to ping their relevant counterpart in the same subnet. Also, BGP shows the relevant routes/MAC addresses have been learnt.

Juniper – IS-IS Unnumbered Ethernet Interfaces

nick Leave a comment

It’s been a while since a new lab was posted so let’s get back to it.

This lab is Segment Routing EVPN VPWS with IS-IS as the IGP but with a slight twist. None of the physical interfaces have an IP address and they borrow their IP from the Loopback. The below article explains the concept in more detail.

IS-IS and Unnumbered Ethernet Interfaces in Junos

eve-ng_export-20251220-143756Download

PE1

set chassis network-services enhanced-ip
set interfaces ge-0/0/0 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/0 unit 0 family iso
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/1 unit 0 family iso
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/2 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/2 unit 0 family iso
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces ge-0/0/3 vlan-tagging
set interfaces ge-0/0/3 encapsulation flexible-ethernet-services
set interfaces ge-0/0/3 unit 67 encapsulation vlan-ccc
set interfaces ge-0/0/3 unit 67 vlan-id 67
set interfaces lo0 unit 0 family inet address 5.5.5.5/32
set interfaces lo0 unit 0 family iso address 49.0000.5555.0000.0000.00
set routing-instances EVPN instance-type evpn-vpws
set routing-instances EVPN protocols evpn interface ge-0/0/3.67 vpws-service-id local 67
set routing-instances EVPN protocols evpn interface ge-0/0/3.67 vpws-service-id remote 76
set routing-instances EVPN interface ge-0/0/3.67
set routing-instances EVPN route-distinguisher 5.5.5.5:67
set routing-instances EVPN vrf-target target:65400:67
set routing-options router-id 5.5.5.5
set routing-options autonomous-system 65400
set protocols bgp group EVPN type internal
set protocols bgp group EVPN local-address 5.5.5.5
set protocols bgp group EVPN family evpn signaling
set protocols bgp group EVPN neighbor 9.9.9.9
set protocols isis interface ge-0/0/0.0 point-to-point
set protocols isis interface ge-0/0/1.0 point-to-point
set protocols isis interface ge-0/0/2.0 point-to-point
set protocols isis interface lo0.0
set protocols isis source-packet-routing srgb start-label 80000
set protocols isis source-packet-routing srgb index-range 1000
set protocols isis source-packet-routing node-segment ipv4-index 50
set protocols isis level 1 disable
set protocols isis level 2 wide-metrics-only
set protocols mpls interface ge-0/0/0.0
set protocols mpls interface ge-0/0/1.0
set protocols mpls interface ge-0/0/2.0
set protocols mpls interface lo0.0

PE2

set chassis network-services enhanced-ip
set interfaces ge-0/0/0 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/0 unit 0 family iso
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/1 unit 0 family iso
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/2 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/2 unit 0 family iso
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces lo0 unit 0 family inet address 6.6.6.6/32
set interfaces lo0 unit 0 family iso address 49.0000.6666.0000.0000.00
set routing-options router-id 6.6.6.6
set routing-options autonomous-system 65400
set protocols isis interface ge-0/0/0.0 point-to-point
set protocols isis interface ge-0/0/1.0 point-to-point
set protocols isis interface ge-0/0/2.0 point-to-point
set protocols isis interface lo0.0
set protocols isis source-packet-routing srgb start-label 80000
set protocols isis source-packet-routing srgb index-range 1000
set protocols isis source-packet-routing node-segment ipv4-index 60
set protocols isis level 1 disable
set protocols isis level 2 wide-metrics-only
set protocols mpls interface ge-0/0/0.0
set protocols mpls interface ge-0/0/1.0
set protocols mpls interface ge-0/0/2.0
set protocols mpls interface lo0.0

PE3

set chassis network-services enhanced-ip
set interfaces ge-0/0/0 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/0 unit 0 family iso
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/1 unit 0 family iso
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/2 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/2 unit 0 family iso
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces ge-0/0/3 vlan-tagging
set interfaces ge-0/0/3 encapsulation flexible-ethernet-services
set interfaces ge-0/0/3 unit 67 encapsulation vlan-ccc
set interfaces ge-0/0/3 unit 67 vlan-id 67
set interfaces lo0 unit 0 family inet address 7.7.7.7/32
set interfaces lo0 unit 0 family iso address 49.0000.7777.0000.0000.00
set interfaces lo0 unit 0 family mpls
set routing-instances EVPN instance-type evpn-vpws
set routing-instances EVPN protocols evpn interface ge-0/0/3.67 vpws-service-id local 76
set routing-instances EVPN protocols evpn interface ge-0/0/3.67 vpws-service-id remote 67
set routing-instances EVPN interface ge-0/0/3.67
set routing-instances EVPN route-distinguisher 7.7.7.7:67
set routing-instances EVPN vrf-target target:65400:67
set routing-options router-id 7.7.7.7
set routing-options autonomous-system 65400
set protocols bgp group EVPN type internal
set protocols bgp group EVPN local-address 7.7.7.7
set protocols bgp group EVPN family evpn signaling
set protocols bgp group EVPN neighbor 9.9.9.9
set protocols isis interface ge-0/0/0.0 point-to-point
set protocols isis interface ge-0/0/1.0 point-to-point
set protocols isis interface ge-0/0/2.0 point-to-point
set protocols isis interface lo0.0 passive
set protocols isis source-packet-routing srgb start-label 80000
set protocols isis source-packet-routing srgb index-range 1000
set protocols isis source-packet-routing node-segment ipv4-index 70
set protocols isis level 1 disable
set protocols isis level 2 wide-metrics-only
set protocols mpls interface ge-0/0/0.0
set protocols mpls interface ge-0/0/1.0
set protocols mpls interface lo0.0

PE4

set chassis network-services enhanced-ip
set interfaces ge-0/0/0 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/0 unit 0 family iso
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/1 unit 0 family iso
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/2 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/2 unit 0 family iso
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces lo0 unit 0 family inet address 8.8.8.8/32
set interfaces lo0 unit 0 family iso address 49.0000.8888.0000.0000.00
set interfaces lo0 unit 0 family mpls
set protocols isis interface ge-0/0/0.0 point-to-point
set protocols isis interface ge-0/0/1.0 point-to-point
set protocols isis interface ge-0/0/2.0 point-to-point
set protocols isis interface lo0.0
set protocols isis source-packet-routing srgb start-label 80000
set protocols isis source-packet-routing srgb index-range 1000
set protocols isis source-packet-routing node-segment ipv4-index 80
set protocols isis level 1 disable
set protocols isis level 2 wide-metrics-only
set protocols mpls interface ge-0/0/0.0
set protocols mpls interface ge-0/0/1.0
set protocols mpls interface lo0.0

RR

set chassis network-services enhanced-ip
set interfaces ge-0/0/1 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/1 unit 0 family iso
set interfaces ge-0/0/2 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/2 unit 0 family iso
set interfaces ge-0/0/3 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/3 unit 0 family iso
set interfaces ge-0/0/4 unit 0 family inet unnumbered-address lo0.0
set interfaces ge-0/0/4 unit 0 family iso
set interfaces lo0 unit 0 family inet address 9.9.9.9/32
set interfaces lo0 unit 0 family iso address 49.0000.9999.0000.0000.00
set routing-options resolution rib bgp.evpn.0 resolution-ribs inet.0
set routing-options router-id 9.9.9.9
set routing-options autonomous-system 65400
set protocols bgp group EVPN type internal
set protocols bgp group EVPN local-address 9.9.9.9
set protocols bgp group EVPN family evpn signaling
set protocols bgp group EVPN cluster 9.9.9.9
set protocols bgp group EVPN neighbor 5.5.5.5
set protocols bgp group EVPN neighbor 7.7.7.7
set protocols isis interface ge-0/0/1.0 point-to-point
set protocols isis interface ge-0/0/2.0 point-to-point
set protocols isis interface ge-0/0/3.0 point-to-point
set protocols isis interface ge-0/0/4.0 point-to-point
set protocols isis interface lo0.0
set protocols isis level 1 disable
set protocols isis level 2 wide-metrics-only

As usual, 2 Cisco devices have been used as CEs with OSPF configured on both.

Confirmation of VPWS instance.