Routing
Highlighted
Routing

EVPN: Traffic flows if L3 interface is available

‎01-02-2017 01:58 AM

Hi All,

 

I have an MPLS-EVPN infrastructure with 2x MX960 and 2x EX9200. 

On 1 device i have an active interface with gateway, on the other 3 the VLAN is extended and the irb interface added to the VRF/EVPN. However; There is no configuration on the interface except for a description or a static mac address.

 

Today i discovered the hard way that putting an interface in an VRF/EVPN  VLAN means that traffic can flow. 

Configuration looking like so;

 

set routing-instances HOSTING-EVPN bridge-domains VL833-Colo_Test routing-interface irb.833;
set routing-instances HOSTING-VRF interface irb.833;

set interfaces irb unit 833 family inet
set interfaces irb unit 833 mac 00:00:00:00:00:01

 

After i did this, i noticed internet traffic flowing in through this interface.

Router does not know global ARP:

 

show arp | match x.x.x.100

<empty response>

 

Router does know EVPN route:

 

username@pe01-re0> show route table HOSTING-EVPN | match x.x.x.100
2:x.x.x.4:14::833::00:0c:29:02:60:7d::x.x.x.100/304

 

This is not behaviour what i expected. Is this expected? If so; Why?

 

Thanks for thinking with me.

 

 

 

3 REPLIES 3
Highlighted
Routing

Re: EVPN: Traffic flows if L3 interface is available

‎01-02-2017 10:49 PM

EVPN ARP entries associated with learned MAC addresses will be listed under the below outputs.

 

 

show bridge evpn arp-table

show evpn arp-table

Highlighted
Routing

Re: EVPN: Traffic flows if L3 interface is available

‎01-04-2017 02:43 AM

Thanks for your response.

 

I checked but those commands do not give any output on routers where it shouldn't give any output. Still traffic seems to be able to flow into the VLAN on that router.

Highlighted
Routing

Re: EVPN: Traffic flows if L3 interface is available

‎01-05-2017 09:02 PM

- Entry in evpn arp-table/bridge evpn arp-table gets listed when lookup happens over irb. 

- In your case traffic from one vlan routed to a different network?

- Is this a single-homed or multi-homed EVPN setup? If this is a multi-homed setup, you may need to look at the redudant PE evpn arp-table/bridge evpn arp-table as well.