Deploy Layer3 EVPN over Segment Routing MPLS [Ospf / iBGP] in Nexus 3000

Available Languages

Download Options

  • PDF     (3.1 MB)
    View with Adobe Reader on a variety of devices
  • ePub     (3.3 MB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (1.4 MB)
    View on Kindle device or Kindle app on multiple devices
Updated:July 13, 2020
Document ID:215789

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes how to deploy/configure Layer3 EVPN over Segment Routing MPLS on Nexus 3000 products.

    Prerequisites

    Requirements

    Cisco recommends that you have knowledge of these topics:

    • Border Gateway Protocol (BGP)
    • L3VPN
    • EVPN
    • Segment Routing

    Components Used

    The information in this document is based on these software and hardware versions:

    • SPINE Hardware - N9K-C92160YC-X running with 9.2(3)
    • LEAF Hardware - N3K-C31108PC-V running with 9.3(3)

    The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

    Background Information

    MPLS L3VPN Recap

    A VPN is:

    • An IP-based network delivering private network services over a public infrastructure.

    • A set of sites that are allowed to communicate with each other privately over the Internet or other public or private networks.

    Conventional VPNs are created by configuring a full mesh of tunnels or permanent virtual circuits (PVCs) to all sites in a VPN. This type of VPN is not easy to maintain or expand, as adding a new site requires changing each edge device in the VPN.

    MPLS-based VPNs are created in Layer 3 and are based on the peer model. The peer model enables the service provider and the customer to exchange Layer 3 routing information. The service provider relays the data between the customer sites without customer involvement.

    MPLS VPNs are easier to manage and expand than conventional VPNs. When a new site is added to an MPLS VPN, only the edge router of the service provider that provides services to the customer site needs to be updated.

    These are the components of the MPLS VPN:

    • Provider (P) router—Router in the core of the provider network. PE routers run MPLS switching and do not attach VPN labels to routed packets. VPN labels are used to direct data packets to the correct private network or customer edge router.

    • PE router—Router that attaches the VPN label to incoming packets based on the interface or subinterface on which they are received, and also attaches the MPLS core labels. A PE router attaches directly to a CE router.

    • Customer (C) router—Router in the Internet service provider (ISP) or enterprise network.

    • Customer edge (CE) router—Edge router on the network of the ISP that connects to the PE router on the network. A CE router must interface with a PE router.

    Overview of EVPN with L3VPN (MPLS SR)

    Data Center (DC) deployments have adopted VXLAN EVPN (or) MPLS EVPN for its benefits such as EVPN control-plane learning, multitenancy, seamless mobility, redundancy, and easier POD additions. Similarly, the CORE is either a Label Distribution Protocol (LDP)-based MPLS L3VPN network or transitioning from the traditional MPLS L3VPN LDP-based underlay to a more sophisticated solution like Segment Routing (SR).

    Segment Routing is adopted for its benefits such as:

    • Unified IGP and MPLS control planes

    • Simpler traffic engineering methods

    • Easier configuration

    • SDN adoption

    EVPN (RFC 7432) is BGP MPLS-based solution that has been used for next-generation Ethernet services in a virtualized data center network. It uses several building blocks such as RD, RT, and VRF from existing MPLS technologies.

    L3 EVPN over SR which was introduced in NXOS 7.0(3)I6(1) release uses the EVPN Type-5 route with MPLS encapsulation. It offers Multi-tenant, Scalability, and High Performance for evolved data center services.

    Note: In DC, the data plane can be VXLAN or MPLS.

    Traditional MPLS L3 VPN MPLS L3 VPN over SR
    Main build blocks: RD, RT, and VRF  Main build blocks: RD, RT, and VRF
    Underlay Layer for Transport: IGP, LDP, and RSVP-TE Underlay Layer for Transport: IGP/BGP-LU and SR-TE
    Overlay Layer for Service: VPNv4 and VPNv6 Overlay Layer for Service: EVPN

    Limitations

    L2-EVPN is not supported in Nexus C31108PC-V, N9K Cloud-Scale is suitable for any SR deployment due to Scale considerations.

    Network Diagram

    Configuration

    High-Level Configuration 

    1. Install Features
    2. Configure IP address -Underlay
    3. Configure IGP -OSPF
    4. Configure MP-BGP
    5. Configure VLAN and EVPN Overlay
    6. Configure e-BGP between Hosts & LEAFs

    Verify

    Related Information

    TAC Authored

    Contributed by Cisco Engineers

    • Krishna Chockalingam
      Cisco TAC Engineer
    • Parthibhan Chinnaya
      Cisco TAC Engineer

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products