[Enterprise SONiC] EVPN ARP/ND Suppression Follow

Overview:

ARP Suppression will help to reply the arp request if the arp exist in arp table. It could help to save the needless arp traffic.

• ARP Suppression run with vxlan solution.

Tested model & firmware version:

• Switch model name:

       AS5835-54X(T)       

       AS7362-56X

• Edgecore SONiC version: 

202006.4

202012.2

202111.3

Restriction

• Known issue: 
  • [SONIC-3452] In 202012 branch, "show neigh-suppress" command is removed.

ARP Suppression with SAG running on vxlan service

Topology:

Procedure:

Step 1. Init FRR and set the loopback interface(reference Management port and front port ipv4/ipv6 and FRR init)

Step 2. Create the Vlan and ip binding as topology

ND1:

admin@sonic:~$ sudo config vlan add 100
admin@sonic:~$ sudo config vlan member add -u 100 Ethernet0
admin@sonic:~$ sudo config interface ip add Vlan100 192.168.100.11/24
admin@sonic:~$ sudo config interface ip add Ethernet56 10.0.0.0/31

ND2:

admin@sonic:~$ sudo config vlan add 100
admin@sonic:~$ sudo config vlan member add 100 Ethernet0
admin@sonic:~$ sudo config interface ip add Vlan100 192.168.100.12/24
admin@sonic:~$ sudo config interface ip add Ethernet56 10.0.0.1/31

Step 3. Create Vxlan interface

ND1:

admin@sonic:~$ sudo config vxlan add vtep 1.1.1.1
admin@sonic:~$ sudo config vxlan evpn_nvo add nvo vtep
admin@sonic:~$ sudo config vxlan map add vtep 100 100

ND2:

admin@sonic:~$ sudo config vxlan add vtep 2.2.2.2
admin@sonic:~$ sudo config vxlan evpn_nvo add nvo vtep
admin@sonic:~$ sudo config vxlan map add vtep 100 100

Step 4. Enable ARP/ND suppress

ND1 and ND2:

admin@sonic:~$ sudo config neigh-suppress vlan 100 on

Step 5. Set the EVPN on FRR.

ND1:

sonic# configure
sonic(config)# router bgp 65100
sonic(config-router)# neighbor 10.0.0.1 remote-as internal
sonic(config-router)# bgp router-id 1.1.1.1
sonic(config-router)# address-family ipv4
sonic(config-router-af)# redistribute connected
sonic(config-router-af)# exit
sonic(config-router)# address-family l2vpn evpn
sonic(config-router-af)# advertise-all-vni
sonic(config-router-af)# neighbor 10.0.0.1 activate

ND2:

sonic# configure
sonic(config)# router bgp 65100
sonic(config-router)# neighbor 10.0.0.0 remote-as internal
sonic(config-router)# bgp router-id 2.2.2.2
sonic(config-router)# address-family ipv4
sonic(config-router-af)# redistribute connected
sonic(config-router-af)# exit
sonic(config-router)# address-family l2vpn evpn
sonic(config-router-af)# advertise-all-vni
sonic(config-router-af)# neighbor 10.0.0.0 activate

Step 6. Check the neighbor suppress

ND1:

admin@sonic:~$ show neigh-suppress vlan 100
  +---------+------------+---------------------+
  | VLAN    | STATUS     | ASSOCIATED_NETDEV   |
  +=========+============+=====================+
  | Vlan100 | Configured | vtep-100            |
  +---------+------------+---------------------+

ND2:

admin@sonic:~$ show neigh-suppress vlan 100
  +---------+------------+---------------------+
  | VLAN    | STATUS     | ASSOCIATED_NETDEV   |
  +=========+============+=====================+
  | Vlan100 | Configured | vtep-100            |
  +---------+------------+---------------------+

Step 7. Ping from Switch#1 to ND1

Step 8. Ping from Switch#2 to Switch1, we can't find arp request between Switch#1 from Switch#2. The ND2 will reply the arp request.