Ethernet Switching
Ethernet Switching

EVPN

[ Edited ]
a month ago

I have probably figured this out already, but it doesn't hurt to ask for confirmation here :-)

 

I started configuring EPVN instances because of a new subscriber setup we're going to use.

Customers connect to us with PPPoE, these requests are sent to a central PPPoE concentrator where the sessions establish.

Am I correct to assume that you can see an EVPN instance as a large switch accross multiple sites?

And also, that per connected interface only one MAC address can be learned and put in the evpn mac-table?

 

If a customer who enters the EVPN instance on a VLAN interface uses two QinQ PPPoE clients (one for data and one for voip for example) then only one of them can be established at a time, right?

I tested this with a test CPE and disabling one PPPoE client makes the other one establish.

 

Beeelze

7 REPLIES 7
Ethernet Switching

Re: EVPN

a month ago

#1 - I assume you are talking MX here?

#2 - I also assume you are using EVPN for control plane signalling (with BGP?) and PPPoE for transport?

 

If yes to above, I doubt this type of configuration is often used, and yours may actually be a one-off.

 

I am not sure why you think "that per connected interface only one MAC address can be learned and put in the evpn mac-table" this would be the case??

 

Was there some sort of Juniper documentation you were following to configure this set-up?  If yes, please forward URL link.

Ethernet Switching

Re: EVPN

[ Edited ]
a month ago

Hi rccpgm,

 

#1 A: yes I'm talking MX.

#2 A: yes, I'm using EVPN for control plane signalling with BGP, PPPoE is for transport

 

The reason for this post is because I'm trying to get a CPE establish two PPPoE connections on a MX router with subscriber management over EVPN. 

The two PPPoE connections enter an edge device on two logical subinterfaces (two units, let's say 3000 and 3001 with VLAN 3000 and 3001), these subinterfaces are part of the EVPN instance. 
I can only establish one PPPoE connection at a time, but not both. If I disable the working PPPoE connection, then the other gets Establish right away. 

Setup:

MX (with sub mgmt) ---- MX edge device ---- CPE

So from the CPE two VLANs enter the MX edge device in the EVPN instance.
Then in the EVPN instance, the VLANs get "resetted" and sent towards the MX with sub mgmt where the PPPoE server resided.
Sample config:

evpn-pppoe-01 {
    instance-type evpn;
    vlan-id none;
    interface xe-1/3/3.3000; (VLAN 3000 from CPE)
    interface xe-1/3/3.3001; (VLAN 3001 from CPE)
    interface ae10.150; (VLAN 150 towards MX sub mgmt)
    route-distinguisher 11111L:10150;
    vrf-target target:11111L:10150;
    protocols {
        evpn;
    }
}

I followed this link (first configuration).

Beeelze

Ethernet Switching

Re: EVPN

a month ago

I am not sure if/how this type of config should or will work.  Have you tried more standard PPPoE configuration from something like here?

 

https://www.juniper.net/documentation/en_US/junos/topics/topic-map/interfaces-configuring-pppoe.html

 

What I can tell you for sure, and dispite the URL link you used, but 95+% (maybe more like 99+%) of EVPN deployments and internal testing are with VXLAN and/or MPLS, with VXLAN the vaste majority.

 

Finding someone doing/trying the same thing, I believe, will be VERY difficult.  I hate having users be one-offs, so I highly suggest you look at not using EVPN for this solution, but something much more common.

 

My 2 cents worth.  HTH

Ethernet Switching

Re: EVPN

[ Edited ]
a month ago

Hello,

 


@Beeelzebub wrote:

 


I can only establish one PPPoE connection at a time, but not both. If I disable the working PPPoE connection, then the other gets Establish right away. 


 

 

Since Your CPE uses only 1 src MAC but has 2 VLANs, You probably see CPE MAC bouncing between xe-1/3/3.3000 and xe-1/3/3.3001 in EVPN instance every time Your CPE attempts to establish a 2nd PPPoE session, and quickly returning back to original xe-1/3/3.300x subinterface because of traffic or PPPoE Keepalives going across working connection. 

You need to create 2 EVPN routing-instances ("instance-type evpn"), or 1 EVPN virtual-switch with 2 VLANs to see 2 sumultaneous PPPoE sessions across 2 VLANs.

And that's assuming Your BNG supports 2 simultaneous sessions towards same MAC across dfferent VLANs.

If You want to be really cool, You can also try EVPN VLAN-Bundle (basically, passing traffic without looking at 802.1Q tags, MACs will be learned per physical interface) - which translates to:

1/ "instance-type evpn"

2/ no "vlan-id" under instance

3/ CPE-facing interface must be configured as untagged.

HTH

Thx
Alex 

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Ethernet Switching

Re: EVPN

a month ago

Glad someone knows PPPoE -Smiley Happy . Thanks

 


@aarseniev wrote:

Hello,

 


@Beeelzebub wrote:

 


I can only establish one PPPoE connection at a time, but not both. If I disable the working PPPoE connection, then the other gets Establish right away. 


 

 

Since Your CPE uses only 1 src MAC but has 2 VLANs, You probably see CPE MAC bouncing between xe-1/3/3.3000 and xe-1/3/3.3001 in EVPN instance every time Your CPE attempts to establish a 2nd PPPoE session, and quickly returning back to original xe-1/3/3.300x subinterface because of traffic or PPPoE Keepalives going across working connection. 

You need to create 2 EVPN routing-instances ("instance-type evpn"), or 1 EVPN virtual-switch with 2 VLANs to see 2 sumultaneous PPPoE sessions across 2 VLANs.

And that's assuming Your BNG supports 2 simultaneous sessions towards same MAC across dfferent VLANs.

If You want to be really cool, You can also try EVPN VLAN-Bundle (basically, passing traffic without looking at 802.1Q tags, MACs will be learned per physical interface) - which translates to:

1/ "instance-type evpn"

2/ no "vlan-id" under instance

3/ CPE-facing interface must be configured as untagged.

HTH

Thx
Alex 


 

Ethernet Switching

Re: EVPN

[ Edited ]
a month ago

@Alex, thanks for your clarification and confirmation. That's what I needed.

The setup I'm using is actually working quite well to be honest. 

 

There is one more issue I'm facing and I hope I can ask it here (or do I need to open another topic?).

The PPPoE server is connected to two MX5 devices.

Any CPE connected to those MX5 routers can establish PPPoE sessions.

Any CPE connected to a device further away can NOT establish PPPoE sessions.

 

I have attached a diagram how my setup is right now.

The MX5 routers connected to the PPPoE server learn the source MAC address from the remote PE device.

 

Any idea what I'm missing?

 

Screenshot 2019-08-21 at 13.32.49.png

 

Ethernet Switching

Re: EVPN

[ Edited ]
a month ago

Hello,

 


@Beeelzebub wrote:

 

Any CPE connected to a device further away can NOT establish PPPoE sessions.

<skip>

 

 

The MX5 routers connected to the PPPoE server learn the source MAC address from the remote PE device.

 

Any idea what I'm missing?

 

 


 

Things to check:

1/ MPLS (or VxLAN) transport path is available bidirectionally between all devices

2/ Type-3 (BUM) route is present in correct EVPN instance on all devices

3/ BGP Route Reflector is not doing Route Target Filtering for the EVPN routes 

 

HTH

Thx
Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !