BGP EVPN

Why we need EVPN replacing VPLS ?

MAC Learning 

Traditional Ethernet based data plane flood and learn mechanism. (Flooding of broadcast, unknown Unicast and multicast traffic.) to disseminate MAC-Address information contained within customer site between PE routers within a MPLS domain.

EVPN uses a MP-BGP based on control plane to disseminate mac-address information contained within customer sites between PE. Also it learns MAC address in data plane in the local AC. But it relies on control plane MAC learning. This reduce the unicast flooding and implement a flush mechanism in BGP.

Scalability 

VPLS requires full mesh of PW between the PE to emulate a traditional ethernet like shared segment and consequently encounters scalability and manageability issues as the number of PE grows. 

EVPN consider less manageability and almost no scalability issues compared to VPLS due to use of MP-BGP to established peering between PE to exchange MAC address reachability information  

Signaling Protocol 

LDP and BGP in case of VPLS

BGP in case of EVPN

CE Multihoming 

VPLS only implements single active solution

EVPN implement two CE multihoming solutions :Single active (One active and N Standby) and all active (with known unicast per flow load balancing.  

L2 and L3 forwarding

VPLS L2 forwarding 

EVPN end points includes MAC and IP addresses enabling proxy arp function on EVPN PE routers thus further reducing the flooding across the EVPN backbone. 

Edge Multihoming (STP/ESI)

Implementing VPLS multihoming, STP BPDU should pass across the PW should pass across the PW which is complex. 

EVPN has built in support for edge multihoming based ESI (Ethernet Segment Identifier)

Technical Overview of EVPN 

Ethernet VPN introduced the concepts of BGP MAC routing. It uses MP-BGP for MAC learning between the provider edge router. 

Learning between PE and CE still done in the Data plane. 

The BGP control plane has the advantage of scalability and flexibility for MAC routing. 

EVPN provides the separation between the data plane and the control plane which allows it to use different encapsulation mechanism in the data plane while maintaining the same control plane. Within the L2VPN. 

Ethernet Auto Discovery Routes (Type 1 ):

Ethernet Auto Discovery routers are Type 1 mandatory routes and are used for achieving split horizon, fast convergence and aliasing. Only EVPN uses Type 1 routes PBB EVPN uses B MAC to achieve the same functionality. 

Multihomed PE advertised an auto discovery routes per Ethernet Segment with newly introduced ESI MPLS label extended community. PE recognizes other PE connected to the same ethernet segment after the Type 4 Ethernet Segment routes exchanged. All the multihomed and remote PE routers that are part of the EVI will import the auto discovery routes.

The Ethernet Auto Discovery routes is not needed when ESI=0. i.e when its single homed

When PE1 replicate BUM traffic its adds the ESI label advertised by PE2. When PE2 sees the ESI label its recognized that the packet was originated from the same ESI and drop it. 

Fast Convergence

BGP used for MAC advertisement routes, this could result in slow convergence in large scale environment based on the number of MAC routes that’s need to be withdrawn. 

To combat this slow convergence a level of indirection is introduced. In the event of a failure than withdrawn individual MAC routes, the ethernet A-D per ES route is withdrawn and any MAC routes pointing to that Ethernet segment are marked as invalid by the PE. This is similar to the BGP PIC in IP world. 

For instance PE1-CE1 link failed, PE1 to withdraw the Ethernet AD route. PE2 reruns the DF/NonDF election and become DF, if its wasn’t already. PE3 removes PE1 as a valid destination for all its MAC routes. 

Aliasing 

In case of multiple CE to multiple PE running multi chassis lag between them, its possible that only one PE learns the MAC addresses due to the nature if hashing. This means that only one PE learns the MAC address will advertise to remote PE even though there is more than one PE attached to the same segment. This behavior prevents load balancing to the CE.

In order to over come this shortcoming aliasing introduced. Aliasing allows a PE to signal that it has reachibility to a given Ethernet segment for a given EVI even though it hasn’t learnt any MAC address on that given EVI/ES. 

The ethernet A-D route used in this case is per EVI, which is different that the Ethernet A-D router per ES.

MAC Advertisement Route : Type 2  

Type 2 routes responsible for advertising MAC address reachability via MP-BGP to all other PE in a given EVPN instance. MAC advertisement routes are Type 2. 

Learning between PE and CE is still in the data plane. 

Once PE 1 learns the MAC M1, it advertises to other PE through BGP NLRI using MAC advertisement route. 

BGP MAC advertisement route contains RD, ESI (Which could be zero or non zero for multihomed cases) MAC address MPLS label associated with MAC, and the IP address field which is optional. 

Per EVI label Assignment : 

This is similar to per VRF label allocation mode in the IP world. A PE advertises single EVPN label for all the MAC addresses in a given EVI instance. This is most conservative way of allocating labels. This method requires additional lookup on the ingress PE.

Per MAC Label Assignment : 

This is similar to per prefix label allocation method. PE advertises unique EVPN labels for every MAC address. This is the most liberal way to allocating labels and the tradeoff is memory consumption and the possibility of running out of label space.  

Inclusive Multicast Route : Type 3 

When sending a BUM frames, PE can use ingress replication, P2MP or MP2MP (mLDP) LSP. 

Ingress replication

Every PE participating in an EVI will advertise its mcast label during its startup sequence via inclusive multicast routes. 

Inclusive Mcast routes are BGP route type 3. Once a PE has received mcast route from all other PE and a BUM frame arrives, the PE will do ingress replication by attaching the respective PE mcast label. 

Ethernet Segment Route ( Type 4 route ) : 

In case of multihomed CE device set of ethernet links comprise an ethernet segment. 

A unique ethernet segment identifier (ESI) number identifies this ethernet segment, which is manually configured or automatically derived. 

While a Ethernet segment Identifier of a single homed network ESI value is zero. 

A couple of different mechanism are available to derive ESI automatically such as snooping LACP packet or BPDU. Once the ESI for an Ethernet segment is assigned for a dual homed CE it is advertised by the PE s an Ethernet Segment route (Type 4) with newly introduced ES-Import extended community along with the other extended communities. 

All the PE are automatically imports the routes if the ESI value match ESI import community. 

This process refers to the auto discovery and allow PE connected o the same ethernet segment to auto discover each other. 

PE1 and PE2 has same ESI value, PE2 advertise its ESI value in the Ethernet Segment Route with ES 1 import community set to ES1. PE1 and PE3 receive that route but only PE1 will import that route since it has a matching ESI value. This ensure that the CE1 is connected to the same PE. 

After auto discovery the DF (Designated Forwarder) election happens for the multihomed CE. The PE that assume that DF role is responsible for forwarding the BUM frames on the given segment CE.

The DF election happens by the PE first building an ordered list of IP address of PE nodes in ascending order. 

PE given the ordinal which indicates its position in the list. 

Ordinal is derived (I) (V mod N) where V is Ethernet tag value associated with an EVPN instance and N is the Number of PE. 

Order List : 

Position PE

  0 PE1 (1.1.1.1)

  1 PE2 (2.2.2.2)

Ethernet TAG Value for EVPN instance Ethernet Tag ID Mod 2

300 0

301 1

PE1 becomes the DF for the Ethernet Tag 300 and PE2 becomes the DF for Ethernet tag 301.