Active/Active Multihoming via EVPN-VXLAN in Arista

Active-Active-Multihoming

Multichassis LAG concept is common in datacenter environment. Arista called it MLAG. However, some customer can demand multi vendor environment. As you know, in MLAG/MCLAG/VPC environment, there is software restriction being familiar or same vendor should be, etc. But there is another concept that is Active-Active Multhioming which use Ethernet Segment Identifier.(ESI). ESI number is 10 bytes . In this environmet, you can use multi vendor. Simple mentality is advertisement these ESI number and mac addresses behind it. Each interface should has an ESI number. When you check our topology, there is no link between LEAFs pairs as in MLAG environment. There is EVPN-VXLAN design between Spine and Leafs here. In MLAG EVPN-VXLAN design, we were configuring loopback1 IPs in LEAFS pairs and they were same IP. This IPs were VXLAN tunnels IPs. So, redundancy were provided via this. You can read my previous post about it. But this is different in Active Active Multihoming EVPN-VXLAN design.

Most critical point is Loopbacks of Leafs for VXLAN tunnels are not same in this environment. Loopbacks will be different and VXLAN tunnels will be up with these loopbacks IPs. Only loopback0 is enough for this environment. But remember, there was loopback0 for EVPN and loopback1 in MLAG environment and loopback1 IPs were same in LEAF pair.

So there are different VXLAN tunnels.But, how mac addresses behind port-channel interfaces in LEAF1-LEAF2 pairs will be advertised if there is no MLAG environment and VXLAN tunnels are different? Imagine that one of tunnels were down and mac adress is on that down leaf. How will it be advertised to other tunnel when there is no MLAG connection on Leafs? Answer is ESI. Becase all mac address will be associated to common ESI number per interface and this ESI number will be advertised over different tunnels. So even if one tunnel is down, ESI number will continue over other tunnel. Then even if our LEAFS are single devices, it will be redundant. No software restriction, no MLAG cable between LEAFS, no vendor restriction.

Configuration Samples

I will not share underlay EVPN-VXLAN configuration here, please check above post that I linked for that. Connection between LEAFS and SPINEs are layer 3 and there is EBGP and EVPN.

Remember that loopback0 is both EVPN and VXLAN Tunnel source IP in active active multihoming.

LEAF1-2-3-4:

interface Vxlan1
vxlan source-interface Loopback0
vxlan udp-port 4789
vxlan vlan 100 vni 20100

ESI Configuration Sample

LEAF1-2

interface Port-Channel1
switchport mode trunk
!
evpn ethernet-segment
identifier 0050:0c00:0700:0700:0000--->manual generated.
route-target import 50:0c:00:07:00:07
lacp system-id 500c.0007.0007
–> this is random mac address. You can use mac of connected device. If you don’t add this lacp system ID, portchannel will not be up.

LEAF3-4

interface Port-Channel1
switchport mode trunk
!
evpn ethernet-segment
identifier 0050:0c00:0800:0700:0000---> manual generated
route-target import 50:0c:00:08:00:07
lacp system-id 500c.0008.0007
this is random mac address. You can use mac of connected device.If you don’t add this lacp system ID, portchannel will not be up.

Beneficial Commands

show bgp evpn summary

show bgp neighbors x.x.x.x evpn routes

show bgp neighbors x.x.x.x evpn advertised-routes

See below screenshot shows that next-hop includes ESI number of interface which advertises 500c.008e.0d05 mac adress of customer2.

Mahmut Aydin
CCIE R&S #63405

Leave a Reply

Top