Arista Archives - Lab-It-Up

Arista – RSVP E-Tree

18 February 202618 February 2026 nick Leave a comment

We have previously done Arista labs with LDP and Segment Routing so now it’s the turn of RSVP and a bit of E-Tree. A Juniper device is used as a Route Reflector but you could use whatever you prefer.

https://www.arista.com/en/um-eos/eos-evpn-e-tree-for-mpls-and-vxlan

eve-ng_export-20260216-225552 Download

PE1

hostname pe1

vlan 358

interface Ethernet1
no switchport
ip address 1.1.1.1/30
isis enable 1
traffic-engineering
interface Ethernet2

switchport trunk allowed vlan 358
switchport mode trunk

interface Loopback0
ip address 5.5.5.5/32
isis enable 1

ip routing

mpls ip

router bgp 65400
router-id 5.5.5.5
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community extended

vlan-aware-bundle ETREE
rd 5.5.5.5:358
route-target both 65400:358
redistribute learned
vlan 358

address-family evpn
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 encapsulation mpls next-hop-self source-interface Loopback0

router traffic-engineering
rsvp
local-interface Loopback0
path DYNAMIC dynamic
tunnel 1
destination ip 7.7.7.7
path DYNAMIC
no shutdown
router-id ipv4 5.5.5.5

router isis 1
net 49.0000.5555.5555.5555.00
is-type level-2
address-family ipv4 unicast
traffic-engineering
no shutdown

mpls rsvp
no shutdown

set interfaces ge-0/0/0 unit 0 family inet address 1.1.1.2/30
set interfaces ge-0/0/0 unit 0 family iso
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet address 2.2.2.1/30
set interfaces ge-0/0/1 unit 0 family iso
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces lo0 unit 0 family inet address 6.6.6.6/32
set interfaces lo0 unit 0 family iso address 49.0000.6666.0000.0000.00
set interfaces lo0 unit 0 family mpls
set routing-options resolution rib bgp.evpn.0 resolution-ribs inet.0
set routing-options router-id 6.6.6.6
set routing-options autonomous-system 65400
set protocols bgp group RR type internal
set protocols bgp group RR local-address 6.6.6.6
set protocols bgp group RR family evpn signaling
set protocols bgp group RR cluster 6.6.6.6
set protocols bgp group RR neighbor 5.5.5.5
set protocols bgp group RR neighbor 7.7.7.7
set protocols isis interface ge-0/0/0.0
set protocols isis interface ge-0/0/1.0
set protocols isis interface lo0.0 passive
set protocols isis level 1 disable
set protocols isis level 2 wide-metrics-only
set protocols mpls interface ge-0/0/0.0
set protocols mpls interface ge-0/0/1.0
set protocols mpls interface lo0.0
set protocols rsvp interface ge-0/0/0.0
set protocols rsvp interface ge-0/0/1.0

PE2

hostname pe2

vlan 358
e-tree role leaf

interface Ethernet1
no switchport
ip address 2.2.2.2/30
isis enable 1
traffic-engineering

interface Ethernet2
switchport trunk allowed vlan 358
switchport mode trunk

interface Loopback0
ip address 7.7.7.7/32
isis enable 1

ip routing

mpls ip

router bgp 65400
router-id 7.7.7.7
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community extended

vlan-aware-bundle ETREE
rd 7.7.7.7:358
route-target both 65400:358
redistribute learned
vlan 358

address-family evpn
neighbor default encapsulation mpls next-hop-self source-interface Loopback0
neighbor 6.6.6.6 activate

router traffic-engineering
rsvp
local-interface Loopback0
path DYNAMIC dynamic
tunnel 1
destination ip 5.5.5.5
path DYNAMIC
no shutdown
router-id ipv4 7.7.7.7

router isis 1
net 49.0000.7777.7777.7777.00
is-type level-2
address-family ipv4 unicast
traffic-engineering
no shutdown

mpls rsvp
no shutdown

Confirmation that label switched path is up

and OSPF is up between the 2 Cisco CE devices

Arista – VXLAN/EVPN BGP Unnumbered

28 December 202513 February 2026 nick Leave a comment

Another Arista VXLAN/EVPN lab but for this we will use eBGP Unnumbered for the underlay rather than OSPF. BGP Unnumbered uses IPv6 link local addresses for IPv4 next hops and is detailed in RFC5549.

https://datatracker.ietf.org/doc/html/rfc5549

eve-ng_export-20251228-192314 Download

Spine1

hostname spine1
    
interface Ethernet1
no switchport
ipv6 enable
    
interface Ethernet2
no switchport
ipv6 enable

interface Ethernet3
no switchport
ipv6 enable

interface Loopback0
ip address 5.5.5.5/32

ip routing

ipv6 unicast-routing

router bgp 65400
router-id 5.5.5.5
no bgp default ipv4-unicast
neighbor LEAF peer group
neighbor LEAF local-as 65401 no-prepend replace-as
neighbor LEAF_OL peer group
neighbor LEAF_OL remote-as 65400
neighbor LEAF_OL update-source Loopback0
neighbor LEAF_OL route-reflector-client
neighbor LEAF_OL send-community extended
neighbor 7.7.7.7 peer group LEAF_OL
neighbor 8.8.8.8 peer group LEAF_OL
neighbor 9.9.9.9 peer group LEAF_OL
redistribute connected
neighbor interface Et1 peer-group LEAF remote-as 65403
neighbor interface Et2 peer-group LEAF remote-as 65404
neighbor interface Et3 peer-group LEAF remote-as 65405

address-family evpn
neighbor LEAF_OL activate

address-family ipv4
neighbor LEAF activate
neighbor LEAF next-hop address-family ipv6 originate

Spine2

hostname spine2

interface Ethernet1
switchport
ipv6 enable

interface Ethernet2
no switchport
ipv6 enable

interface Ethernet3
no switchport
ipv6 enable

interface Loopback0
ip address 6.6.6.6/32

ip routing

ipv6 unicast-routing
  
router bgp 65400
router-id 6.6.6.6
no bgp default ipv4-unicast
neighbor LEAF peer group
neighbor LEAF local-as 65402 no-prepend replace-as
neighbor LEAF_OL peer group
neighbor LEAF_OL remote-as 65400
neighbor LEAF_OL update-source Loopback0
neighbor LEAF_OL route-reflector-client
neighbor LEAF_OL send-community extended
neighbor 7.7.7.7 peer group LEAF_OL
neighbor 8.8.8.8 peer group LEAF_OL
neighbor 9.9.9.9 peer group LEAF_OL
redistribute connected
neighbor interface Et1 peer-group LEAF remote-as 65403
neighbor interface Et2 peer-group LEAF remote-as 65404
neighbor interface Et3 peer-group LEAF remote-as 65405

address-family evpn
neighbor LEAF_OL activate

address-family ipv4
neighbor LEAF activate
neighbor LEAF next-hop address-family ipv6 originate

Leaf1

hostname leaf1

vlan 1234
  
interface Ethernet1
no switchport
ipv6 enable
  
interface Ethernet2
no switchport
ipv6 enable
  
interface Ethernet3
switchport access vlan 1234
 
interface Loopback0
ip address 7.7.7.7/32

interface Vxlan1
vxlan source-interface Loopback0
vxlan udp-port 4789
vxlan vlan 1234 vni 1234
    
ip routing
    
ipv6 unicast-routing

router bgp 65400
router-id 7.7.7.7
no bgp default ipv4-unicast
neighbor SPINE peer group
neighbor SPINE local-as 65403 no-prepend replace-as
neighbor 5.5.5.5 remote-as 65400
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 send-community extended
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community extended
redistribute connected
neighbor interface Et1 peer-group SPINE remote-as 65401
neighbor interface Et2 peer-group SPINE remote-as 65402
!
vlan 1234
rd 8.8.8.8:1234
route-target both 65400:1234
redistribute learned
!
address-family evpn
neighbor 5.5.5.5 activate
neighbor 6.6.6.6 activate
!
address-family ipv4
neighbor SPINE activate
neighbor SPINE next-hop address-family ipv6 originate
no neighbor 5.5.5.5 activate
no neighbor 6.6.6.6 activate

Leaf2

hostname leaf2

vlan 1234,2468

interface Ethernet1
no switchport
ipv6 enable

interface Ethernet2
no switchport
ipv6 enable

interface Ethernet3
switchport access vlan 1234

interface Ethernet4
switchport access vlan 2468

interface Loopback0
ip address 8.8.8.8/32
 
interface Vxlan1
vxlan source-interface Loopback0
vxlan udp-port 4789
vxlan vlan 1234 vni 1234
vxlan vlan 2468 vni 2468

ip routing

ipv6 unicast-routing

router bgp 65400
router-id 8.8.8.8
no bgp default ipv4-unicast
neighbor SPINE peer group
neighbor SPINE local-as 65404 no-prepend replace-as
neighbor 5.5.5.5 remote-as 65400
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 send-community extended
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community extended
redistribute connected
neighbor interface Et1 peer-group SPINE remote-as 65401
neighbor interface Et2 peer-group SPINE remote-as 65402
    
vlan 1234
rd 8.8.8.8:1234
route-target both 65400:1234
redistribute learned

vlan 2468
rd 8.8.8.8:2468
route-target both 65400:2468
redistribute learned

address-family evpn
neighbor 5.5.5.5 activate
neighbor 6.6.6.6 activate

address-family ipv4
neighbor SPINE activate
neighbor SPINE next-hop address-family ipv6 originate
no neighbor 5.5.5.5 activate
no neighbor 6.6.6.6 activate

Leaf3

hostname leaf3

vlan 2468

interface Ethernet1
no switchport
ipv6 enable

interface Ethernet2
no switchport
ipv6 enable

interface Ethernet4
switchport access vlan 2468
  
interface Loopback0
ip address 9.9.9.9/32

interface Vxlan1
vxlan source-interface Loopback0
vxlan udp-port 4789
vxlan vlan 2468 vni 2468

ip routing

ipv6 unicast-routing
    
router bgp 65400
router-id 9.9.9.9
no bgp default ipv4-unicast
neighbor SPINE peer group
neighbor SPINE local-as 65405 no-prepend replace-as
neighbor 5.5.5.5 remote-as 65400
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 send-community extended
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community extended
redistribute connected
neighbor interface Et1 peer-group SPINE remote-as 65401
neighbor interface Et2 peer-group SPINE remote-as 65402

vlan 2468
rd 8.8.8.8:2468
route-target both 65400:2468
redistribute learned

address-family evpn
neighbor 5.5.5.5 activate
neighbor 6.6.6.6 activate

address-family ipv4
neighbor SPINE activate
neighbor SPINE next-hop address-family ipv6 originate
no neighbor 5.5.5.5 activate
no neighbor 6.6.6.6 activate

VPCs 6 & 8 have been configured with IP addresses in the range 10.1.1.0/24 & VPCs 7 & 9 have addresses with the range 10.2.2.0/24. Both are able to ping their relevant counterpart in the same subnet. Also, BGP shows the relevant routes/MAC addresses have been learnt.

Arista – EVPN VPWS

27 November 202413 February 2026 nick Leave a comment

LDP is used for signalling and IS-IS for the IGP with P1 acting as a route reflector. 2 Cisco CE devices with OSPF configured on each.

https://www.arista.com/en/um-eos/eos-configuring-evpn#xx1117976

_Exports_eve-ng_export-20241127-105106 Download

PE1

service routing protocols model multi-agent

hostname pe1

interface Ethernet1
no switchport
ip address 1.1.1.1/30
isis enable 1

interface Ethernet2
no switchport
interface Ethernet2.909
encapsulation dot1q vlan 909

interface Loopback0
ip address 5.5.5.5/32
isis enable 1

ip routing

mpls ip

mpls ldp
no shutdown

patch panel
patch VPWS
connector 1 interface Ethernet2.909
connector 2 pseudowire bgp vpws PE2 pseudowire VPWS

router bgp 65400
router-id 5.5.5.5
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community

vpws PE2
rd 5.5.5.5:909
route-target import export evpn 65400:909
mpls control-word

pseudowire VPWS
evpn vpws id local 909 remote 910

address-family evpn
neighbor default encapsulation mpls next-hop-self source-interface Loopback0
neighbor 6.6.6.6 activate

router isis 1
net 49.0000.5555.5555.5555.00
is-type level-2
address-family ipv4 unicast

service routing protocols model multi-agent

hostname p1

interface Ethernet1
no switchport
ip address 1.1.1.2/30
isis enable 1

interface Ethernet2
no switchport
ip address 2.2.2.1/30
isis enable 1

interface Loopback0
ip address 6.6.6.6/32
isis enable 1

ip routing

mpls ip

mpls ldp
no shutdown

router bgp 65400
router-id 6.6.6.6
neighbor 5.5.5.5 remote-as 65400
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 route-reflector-client
neighbor 5.5.5.5 send-community
neighbor 7.7.7.7 remote-as 65400
neighbor 7.7.7.7 update-source Loopback0
neighbor 7.7.7.7 route-reflector-client
neighbor 7.7.7.7 send-community

address-family evpn
neighbor default encapsulation mpls next-hop-self source-interface Loopback0
neighbor 5.5.5.5 activate
neighbor 7.7.7.7 activate

router isis 1
net 49.0000.6666.6666.6666.00
is-type level-2
address-family ipv4 unicast

PE2

service routing protocols model multi-agent

hostname pe2

interface Ethernet1
no switchport
ip address 2.2.2.2/30
isis enable 1

interface Ethernet2
no switchport
interface Ethernet2.909
encapsulation dot1q vlan 909

interface Loopback0
ip address 7.7.7.7/32
isis enable 1

ip routing

mpls ip

mpls ldp
no shutdown

patch panel
patch VPWS
connector 1 interface Ethernet2.909
connector 2 pseudowire bgp vpws PE2 pseudowire VPWS

router bgp 65400
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community

vpws PE2
rd 7.7.7.7:909
route-target import export evpn 65400:909
mpls control-word

pseudowire VPWS
evpn vpws id local 910 remote 909

address-family evpn
neighbor default encapsulation mpls next-hop-self source-interface Loopback0
neighbor 6.6.6.6 activate

router isis 1
net 49.0000.7777.7777.7777.00
is-type level-2
address-family ipv4 unicast

OSPF is now up on the 2 Cisco CE devices, confirming layer 2 connectivity.

Arista – Segment Routing MPLS EVPN

7 April 202413 February 2026 nick Leave a comment

IS-IS used for the segment routing. 2 Cisco vIOS devices for the CE’s, with OSPF configured on each

https://www.arista.com/en/solutions/mpls-segment-routing

Exports_eve-ng_export-20240407-091304 Download

PE1

service routing protocols model multi-agent

hostname pe1
  
vlan 3333

interface Ethernet1
switchport trunk allowed vlan 3333
switchport mode trunk

interface Ethernet2
no switchport
ip address 1.1.1.1/30
isis enable 1

interface Loopback0
ip address 5.5.5.5/32
node-segment ipv4 index 10
isis enable 1
  
ip routing

mpls ip

router bgp 65400
router-id 5.5.5.5
neighbor 9.9.9.9 remote-as 65400
neighbor 9.9.9.9 update-source Loopback0
neighbor 9.9.9.9 rib-in pre-policy retain all
neighbor 9.9.9.9 send-community extended

vlan-aware-bundle customer1
rd 5.5.5.5:1
route-target both 65400:1
redistribute learned
vlan 3333

address-family evpn
neighbor default encapsulation mpls next-hop-self source-interface Loopback0
neighbor 9.9.9.9 activate

router isis 1
net 49.0000.5555.5555.5555.00
is-type level-2
segment-routing mpls
no shutdown
address-family ipv4 unicast

service routing protocols model multi-agent

hostname p1
  
interface Ethernet1
no switchport
ip address 1.1.1.2/30
isis enable 1

interface Ethernet2
no switchport
ip address 2.2.2.1/30
isis enable 1

interface Loopback0
ip address 6.6.6.6/32
node-segment ipv4 index 20
isis enable 1
  
ip routing

mpls ip

router isis 1
net 49.0000.6666.6666.6666.00
is-type level-2
segment-routing mpls
no shutdown
address-family ipv4 unicast

service routing protocols model multi-agent

hostname p2
  
interface Ethernet1
no switchport
ip address 2.2.2.2/30
isis enable 1

interface Ethernet2
no switchport
ip address 3.3.3.1/30
isis enable 1

interface Loopback0
ip address 7.7.7.7/32
node-segment ipv4 index 30
isis enable 1
  
ip routing

mpls ip

router isis 1
net 49.0000.7777.7777.7777.00
is-type level-2
segment-routing mpls
no shutdown
address-family ipv4 unicast

service routing protocols model multi-agent

hostname p3
  
interface Ethernet1
no switchport
ip address 3.3.3.2/30
isis enable 1
  
interface Ethernet2
no switchport
ip address 4.4.4.1/30
isis enable 1

interface Loopback0
ip address 8.8.8.8/32
node-segment ipv4 index 40
isis enable 1

ip routing

mpls ip

router isis 1
net 49.0000.8888.8888.8888.00
is-type level-2
segment-routing mpls
no shutdown
address-family ipv4 unicast

PE2

service routing protocols model multi-agent

hostname pe2
  
vlan 3333

interface Ethernet1
switchport trunk allowed vlan 3333
switchport mode trunk

interface Ethernet2
no switchport
ip address 4.4.4.2/30
isis enable 1

interface Loopback0
ip address 9.9.9.9/32
node-segment ipv4 index 50
isis enable 1
  
ip routing

mpls ip

router bgp 65400
router-id 9.9.9.9
neighbor 5.5.5.5 remote-as 65400
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 rib-in pre-policy retain all
neighbor 5.5.5.5 send-community extended

vlan-aware-bundle customer1
rd 9.9.9.9:1
route-target both 65400:1
redistribute learned
vlan 3333

address-family evpn
neighbor default encapsulation mpls next-hop-self source-interface Loopback0
neighbor 5.5.5.5 activate

router isis 1
net 49.0000.9999.9999.9999.00
is-type level-2
segment-routing mpls
no shutdown
address-family ipv4 unicast

OSPF should now be up between the 2 CE devices.

Arista L3VPN

18 February 202413 February 2026 nick Leave a comment

Another L3VPN and the usual topology. IS-IS in the underlay and BGP between PE’s & CE’s.

Exports_eve-ng_export-20240218-161836 Download

vEOS1

hostname veos1
  
vrf instance cust1

interface Ethernet1
no switchport
vrf cust1
ip address 10.1.1.1/30

interface Ethernet2
no switchport
ip address 1.1.1.1/30
isis enable 1
  
interface Loopback0
ip address 5.5.5.5/32
isis enable 1
  
ip routing
ip routing vrf cust1
  
mpls ip

mpls ldp
router-id interface Loopback0
no shutdown

router bgp 65400
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community extended

address-family ipv4
neighbor 6.6.6.6 activate

address-family vpn-ipv4
neighbor 6.6.6.6 activate
neighbor default encapsulation mpls next-hop-self source-interface Loopback0

vrf cust1
rd 5.5.5.5:1
route-target import vpn-ipv4 65400:1
route-target export vpn-ipv4 65400:1
neighbor 10.1.1.2 remote-as 65500
redistribute connected

router isis 1
net 49.0000.5555.5555.5555.00

address-family ipv4 unicast

vEOS2

hostname veos2
  
interface Ethernet1
no switchport
ip address 1.1.1.2/30
isis enable 1

interface Ethernet2
no switchport
ip address 2.2.2.1/30
isis enable 1

interface Loopback0
ip address 6.6.6.6/32
isis enable 1
  
ip routing

mpls ip

mpls ldp
router-id interface Loopback0
no shutdown

router bgp 65400
neighbor 5.5.5.5 remote-as 65400
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 route-reflector-client
neighbor 5.5.5.5 send-community extended
neighbor 7.7.7.7 remote-as 65400
neighbor 7.7.7.7 update-source Loopback0
neighbor 7.7.7.7 send-community extended

address-family ipv4
neighbor 5.5.5.5 activate
neighbor 7.7.7.7 activate

address-family vpn-ipv4
neighbor 5.5.5.5 activate
neighbor 7.7.7.7 activate
neighbor default encapsulation mpls next-hop-self source-interface Loopback0

router isis 1
net 49.0000.6666.6666.6666.00

address-family ipv4 unicast

vEOS3

hostname veos3
  
interface Ethernet1
no switchport
ip address 2.2.2.2/30
isis enable 1

interface Ethernet2
no switchport
ip address 3.3.3.1/30
isis enable 1

interface Loopback0
ip address 7.7.7.7/32
isis enable 1
  
ip routing

mpls ip

mpls ldp
router-id interface Loopback0
no shutdown

router bgp 65400
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 route-reflector-client
neighbor 6.6.6.6 send-community extended
neighbor 8.8.8.8 remote-as 65400
neighbor 8.8.8.8 update-source Loopback0
neighbor 8.8.8.8 route-reflector-client
neighbor 8.8.8.8 send-community extended

address-family ipv4
neighbor 6.6.6.6 activate
neighbor 8.8.8.8 activate

address-family vpn-ipv4
neighbor 6.6.6.6 activate
neighbor 8.8.8.8 activate
neighbor default encapsulation mpls next-hop-self source-interface Loopback0

router isis 1
net 49.0000.7777.7777.7777.00

address-family ipv4 unicast

vEOS4

hostname veos4
  
interface Ethernet1
no switchport
ip address 3.3.3.2/30
isis enable 1
  
interface Ethernet2
no switchport
ip address 4.4.4.1/30
isis enable 1

interface Loopback0
ip address 8.8.8.8/32
isis enable 1
  
ip routing

mpls ip

mpls ldp
router-id interface Loopback0
no shutdown

router bgp 65400
neighbor 7.7.7.7 remote-as 65400
neighbor 7.7.7.7 update-source Loopback0
neighbor 7.7.7.7 send-community extended
neighbor 9.9.9.9 remote-as 65400
neighbor 9.9.9.9 update-source Loopback0
neighbor 9.9.9.9 route-reflector-client
neighbor 9.9.9.9 send-community extended
  
address-family ipv4
neighbor 7.7.7.7 activate
neighbor 9.9.9.9 activate

address-family vpn-ipv4
neighbor 7.7.7.7 activate
neighbor 9.9.9.9 activate
neighbor default encapsulation mpls next-hop-self source-interface Loopback0

router isis 1
net 49.0000.8888.8888.8888.00

address-family ipv4 unicast

vEOS5

hostname veos5
  
vrf instance cust1

interface Ethernet1
no switchport
vrf cust1
ip address 10.10.10.1/30

interface Ethernet2
no switchport
ip address 4.4.4.2/30
isis enable 1

interface Loopback0
ip address 9.9.9.9/32
isis enable 1

ip routing
ip routing vrf cust1
  
mpls ip

mpls ldp
router-id interface Loopback0
no shutdown

router bgp 65400
neighbor 8.8.8.8 remote-as 65400
neighbor 8.8.8.8 update-source Loopback0
neighbor 8.8.8.8 send-community extended

address-family ipv4
neighbor 8.8.8.8 activate

address-family vpn-ipv4
neighbor 8.8.8.8 activate
neighbor default encapsulation mpls next-hop-self source-interface Loopback0

vrf cust1
rd 9.9.9.9:1
route-target import vpn-ipv4 65400:1
route-target export vpn-ipv4 65400:1
neighbor 10.10.10.2 remote-as 65500
redistribute connected

router isis 1
net 49.0000.9999.9999.9999.00
!
address-family ipv4 unicast

Cisco vIOS routers used as the CE’s. It doesn’t appear that Arista has the ‘as-override’ command so you will need to use ‘allowas-in’ on the CE’s otherwise routes from the opposing CE will not be imported. This is due to the AS already being in the path and is standard BGP loop protection.

Loopbacks of 11.11.11.11 (ce1) & 12.12.12.12 (ce2) have been configured on the CE’s, redistributed into BGP and visible in the opposing CE’s route table.

Arista VXLAN/EVPN

7 February 202413 February 2026 nick Leave a comment

Spine/leaf topology with OSPF underlay and Spines acting as Route Reflectors

https://www.arista.com/en/um-eos/eos-vxlan-configuration

EVE-NG Import file

Exports_eve-ng_export-20240207-173400 Download

Spine1

conf t

interface Ethernet1
no switchport
ip address 1.1.1.1/30
ip ospf area 0.0.0.0

interface Ethernet2
no switchport
ip address 2.2.2.1/30
ip ospf area 0.0.0.0
  
interface Ethernet3
no switchport
ip address 3.3.3.1/30
ip ospf area 0.0.0.0

interface Loopback0
ip address 5.5.5.5/32
ip ospf area 0.0.0.0

ip routing

router bgp 65400
neighbor SPINE peer group
neighbor SPINE remote-as 65400
neighbor SPINE update-source Loopback0
neighbor SPINE route-reflector-client
neighbor SPINE send-community extended
neighbor 7.7.7.7 peer group SPINE
neighbor 8.8.8.8 peer group SPINE
neighbor 9.9.9.9 peer group SPINE

address-family evpn
neighbor SPINE activate

router ospf 1
router-id 5.5.5.5

Spine2

conf t
interface Ethernet1
no switchport
ip address 11.11.11.1/30
ip ospf area 0.0.0.0
 
interface Ethernet2
no switchport
ip address 12.12.12.1/30
ip ospf area 0.0.0.0
  
interface Ethernet3
no switchport
ip address 13.13.13.1/30
ip ospf area 0.0.0.0

interface Loopback0
ip address 6.6.6.6/32
ip ospf area 0.0.0.0

ip routing

router bgp 65400
neighbor SPINE peer group
neighbor SPINE remote-as 65400
neighbor SPINE update-source Loopback0
neighbor SPINE route-reflector-client
neighbor SPINE send-community extended
neighbor 7.7.7.7 peer group SPINE
neighbor 8.8.8.8 peer group SPINE
neighbor 9.9.9.9 peer group SPINE

address-family evpn
neighbor SPINE activate

router ospf 1
router-id 6.6.6.6

Leaf1

conf t
vlan 1234

interface Ethernet1
no switchport
ip address 1.1.1.2/30
ip ospf area 0.0.0.0

interface Ethernet2
no switchport
ip address 11.11.11.2/30
ip ospf area 0.0.0.0
  
interface Ethernet3
switchport access vlan 1234

interface Loopback0
ip address 7.7.7.7/32
ip ospf area 0.0.0.0

interface Vxlan1
vxlan source-interface Loopback0
vxlan udp-port 4789
vxlan vlan 1234 vni 1234

ip routing

router bgp 65400
neighbor 5.5.5.5 remote-as 65400
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 send-community extended
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community extended

vlan 1234
rd 7.7.7.7:1
route-target both 65400:1
redistribute learned

address-family evpn
neighbor 5.5.5.5 activate
neighbor 6.6.6.6 activate

address-family ipv4
no neighbor 5.5.5.5 activate
no neighbor 6.6.6.6 activate
    
router ospf 1
router-id 7.7.7.7

Leaf2

conf t
vlan 1234,2468

interface Ethernet1
no switchport
ip address 2.2.2.2/30
ip ospf area 0.0.0.0
    
interface Ethernet2
no switchport
ip address 12.12.12.2/30
ip ospf area 0.0.0.0
    
interface Ethernet3
switchport access vlan 1234
   
interface Ethernet4
switchport access vlan 2468
    
interface Loopback0
ip address 8.8.8.8/32
ip ospf area 0.0.0.0

interface Vxlan1
vxlan source-interface Loopback0
vxlan udp-port 4789
vxlan vlan 1234 vni 1234
vxlan vlan 2468 vni 2468
 
ip routing

router bgp 65400
neighbor 5.5.5.5 remote-as 65400
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 send-community extended
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community extended
  
vlan 1234
rd 8.8.8.8:1
route-target both 65400:1
redistribute learned
    
vlan 2468
rd 8.8.8.8:2
route-target both 65400:2
redistribute learned

address-family evpn
neighbor 5.5.5.5 activate
neighbor 6.6.6.6 activate

address-family ipv4
no neighbor 5.5.5.5 activate
no neighbor 6.6.6.6 activate

router ospf 1
router-id 8.8.8.8

Leaf3

conf t
vlan 2468
    
interface Ethernet1
no switchport
ip address 3.3.3.2/30
ip ospf area 0.0.0.0
    
interface Ethernet2
no switchport
ip address 13.13.13.2/30
ip ospf area 0.0.0.0

interface Ethernet4
switchport access vlan 2468
    
interface Loopback0
ip address 9.9.9.9/32
ip ospf area 0.0.0.0
  
interface Vxlan1
vxlan source-interface Loopback0
vxlan udp-port 4789
vxlan vlan 2468 vni 2468
   
ip routing

router bgp 65400
neighbor 5.5.5.5 remote-as 65400
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 send-community extended
neighbor 6.6.6.6 remote-as 65400
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 send-community extended

vlan 2468
rd 8.8.8.8:2
route-target both 65400:2
redistribute learned

address-family evpn
neighbor 5.5.5.5 activate
neighbor 6.6.6.6 activate

address-family ipv4
no neighbor 5.5.5.5 activate
no neighbor 6.6.6.6 activate
    
router ospf 1
router-id 9.9.9.9

Confirm the BGP sessions have been established by running ‘show bgp evpn summary‘. Below output from leaf2.

vPC6 & vPC8 are in VLAN 1234. vPC7 & vPC9 are in VLAN 2468. Configure IP addresses from the same subnet to each vPC in each VLAN and you should have IP connectivity like below.