Static MAC address
You can specify a MAC address on a specific vtep by adding a static FDB table entry. Evpn gets these static FDB table entries, adds sticky flag in MAC / IP route, and informs the remote vtep that the table entry is a static table entry. Under Linux, you can use the following command to add static FDB table entries:
bridge fdb add 00:11:22:33:44:55 dev swp1 vlan 101 master staticAfter using this function, if you learn a host using the same Mac, an alarm will be generated.
Route filtering based on evpn route type using route map
In many scenarios, we only want to exchange certain types of routing table entries. For example, in a large-scale data center scenario, the data center is usually divided into multiple pods. Virtual machine migration is limited to pod, only prefix routing is performed between pod, so vtep between pod only needs to exchange evpn type-5 routing.
You can use the following command to set filtering according to evpn route type:
route-map map1 permit 1 match evpn route-type prefix !Evpn can also be filtered according to VNI and prefix.
IP address of publishing SVI
In the distributed asymmetric model, we use the same SVI IP / Mac pair on the same network segment on multiple vteps. If we use a unique IP address as the IP address of our SVI in the whole data center, then we can issue the IP / Mac type-2 of SVI to route to other vteps. This feature can be enabled by using the command translate SVI IP, which publishes the SVI IP / MAC address as the type-2 route. After the route is issued, the ARP suppression to the address can be effectively reduced. You cannot enable the translate SVI IP and translate default gw features at the same time.
router bgp 7675
bgp router-id 192.168.59.128 bgp bestpath as-path multipath-relax neighbor fabric peer-group neighbor fabric remote-as external neighbor 192.168.59.130 peer-group fabric ! address-family l2vpn evpn neighbor fabric activate advertise-all-vni advertise-svi-ip exit-address-family !This command can only be configured in the context of evpn VRF.
You can also enable only this feature for a specific VNI.
address-family l2vpn evpn
vni 10 advertise-svi-ip exit-address-familyExtended MAC mobility
FRR supports the IP and MAC of the host or virtual machine to move: including the IP / MAC address pair moving from one vtep to another vtep, including the same IP but different MAC address after moving, that is, from IP1 / Mac1 to IP1 / mac2 after moving, and the same Mac and different IP address after moving, that is, from IP1 / Mac1 to IP2 / Mac1 after moving. Evpn implements this function through the MAC mobility extended community. The extended community specifies how to calculate the mobile serial number when a move occurs.
This function is enabled by default and does not need to be configured outside. You can use the following command to view relevant information:
show evpn arp vni 10100 ip 10.1.1.74 IP: 10.1.1.74 Type: local State: active MAC: 44:39:39:ff:00:24 Local Seq: 2 Remote Seq: 3perhaps
70cf8caaa686# show evpn mac vni 10 mac 06:20:e4:53:a6:8a
MAC: 06:20:e4:53:a6:8a Auto Mac Local Seq: 0 Remote Seq: 0 Neighbors: 2.2.2.2 Inactive 70cf8caaa686#