EVPN Introduction


EVPN is a standards-based BGP control plane to advertise MAC addresses, MAC and IP bindings and

IP Prefixes. It can be used for both layer 2 services including p2p services and p2mp services and layer 3 services. First standards for EVPN defined to usage over MPLS (including SR-MPLS) data plane but it is also possible to use over VxLAN, NVGRE, MPLS over GRE. Most common use case for data centers will be usage of EVPN over VxLAN Data plane.

The beauty of EVPN is, it provides single control plane solution for both Layer 2 and Layer 2 services across the multiple data planes. From the simplicity and automation point of view this seems like one of the biggest advantage of EVPN. Here are some more benefits of EVPN;

EVPN uses extended BGP to implement MAC address learning and advertisement on the control plane instead of on the data plane. This function allows a device to manage MAC addresses in the same way as it manages routes, implementing load balancing between EVPN routes with the same destination MAC address but different next hops.

EVPN does not require PEs on the ISP backbone network to be fully meshed. PEs on an EVPN use BGP to communicate, and BGP provides the route reflection function. PEs can establish BGP peer relationships only with RRs deployed on the ISP backbone network, with RRs reflecting EVPN routes. This implementation significantly reduces network complexity and minimizes the number of network signaling messages.

It uses MP-BGP with route-targets and route-distinguishers for both layer 2 and layer 3 services, that’s why it is easy to understand if you are already familiar with BGP based MPLS VPNs.

Using BGP control plane to learn and advertise MAC address information eliminates lots of unnecessary flooding.

EVPN enables PEs to use ARP to learn the local MAC addresses and use MAC address advertisement routes to learn remote MAC addresses and IP addresses corresponding to these MAC addresses, and store them locally. After receiving another ARP request, a PE searches the locally cached MAC address and IP address based on the destination IP address in the ARP request. If the corresponding information is found, the PE returns an ARP reply packet. This prevents ARP request packets from being broadcast to other PEs, therefore reducing network resource consumption.

Supports Active – Active multi homing of end devices. Current layer 2 vpn services can’t provide this option.

Here are some definitions for EVPN. Some of them inherited from classic BGP based MPLS L3VPNs.

EVPN Instance: A logical switch within the EVPN domain. Similar VPN Instance for MPLS L3VPN services.

Ethernet Segment Identifier (ESI): Each Ethernet segment needs a unique identifier in an EVPN. When a customer site is connected to one or more PEs via a set of Ethernet links, each Ethernet segment (ES) is identified by a unique non-zero identifier called an Ethernet Segment Identifier (ESI).

Ethernet Tag ID: An Ethernet Tag ID is a 32-bit field containing either a 12-bit or  24-bit identifier that identifies a particular broadcast domain (VLAN) in an EVPN instance.

MAC-VRF: A Virtual Routing and Forwarding table for storing Media Access Control (MAC) Address information for a specific tenant.

Route Targets: Route Targets are used to control the import and export of routes across VRFs. EVPN routes are advertised with Route-Target (RT). As you probably know route targets are extended BGP communities.

Route Distinguishers: Unique number planned and assigned for VRFs. They are prepended to the advertised address within the VRF, ensuring support for overlapping IP Addresses and MACs across different tenants. BGP EVPN updates are sent with AFI=25 and SAFI=70. In order for two BGP speakers to exchange labeled EVPN NLRI, they must use BGP Capabilities Advertisements to ensure that they both are capable of properly processing such NLRI.

EVPN Route Types:

Type-1 Route: Ethernet A-D route: It is used to carry ESI, Ethernet Tag ID and Route distinguisher.

Type-2 Route: Host advertisement Route: This type is sed to advertise the reachability of a MAC address, or optionally a MAC and IP binding as learnt by a specific EVI. Optional advertisement of IP address information can be used to suppress ARP broadcasts.

Type-3 Route: Inclusive Multicast route: The type-3 route is used to advertise the membership of a specific layer 2 domain (VNI within the VXLAN domain). It allows dynamic discovery of remote VTEPs in a specific VNI. By this dynamic discovery node can collect ingress flood list for BUM traffic.

Type-4 Route: Ethernet Segment Route: The type-4 route is specific to VTEPs supporting the EVPN multihoming model, for active-active and active-standby forwarding. The route is used to discover VTEPs which are attached to the same shared Ethernet Segment. Additionally, this route type is used in the Designated Forwarder (DF) election process.

Type-5 Route: IP-prefix route advertisement: The type-5 route is used to advertise IP prefixes rather the MAC and IP hosts addresses of the type-2 route. This advertisement of prefixes into the EVPN domain provides the ability to build classic layer 3 VPN topologies.

EVPN Data Plane Options

EVPN can work on several data planes and additional data plane encapsulation community is advertised with BGP updates.

About: fabricplane