Articles in this section

EVPN ARP/ND Suppression

phoebe_zeng 曾麗凰
  • Updated
Follow

Reference model:

  • Switch model name: AS7326-56X
  • Edgecore SONiC version: SONiC.Edgecore-SONiC_20200827_110345_ec201911_2020-aug_enhanced_178

Known issue:

  1. Creating VLAN-VNI mapping table (Procedure Step 5) will cause the container crash.
    Temporary workaround is by adding IP address on VLAN (Procedure step 2). 
  2. The VxLAN's operation status will always in "oper_down" even the VxLAN work normally.
  3. Doing config reload after adding suppression attribute in config_db.json file will cause VLAN operation down. Please do workaround procedure on step 7 below.

Example : EVPN ARP/ND suppression

Purpose: 

  • In order to suppress ARP request flooding on uplink port, switch will help to reply the ARP reply if the local EVPN database has the ARP entries.

Topology: 

Untitled__22_.png

Procedure: 

Step 1. Setup VLAN 10. Add Ethernet52 of both switches to VLAN 10. Please refer to VLAN & Inter-VLAN Routing article.

Step 2. Configure IP address to VLAN 10. In this example as shown on topology diagram above, configure the IP address to VLAN 10 of both switches. There's known issue as listed above which requires IP address on VLAN. Please refer to VLAN & Inter-VLAN Routing article. 

Step 3. Configure IP address to both Ethernet48 of both switches.

#SONiC01
admin@SONIC01:~$sudo config interface ip add Ethernet48 10.0.0.4/31
#SONiC02
admin@SONIC01:~$sudo config interface ip add Ethernet48 10.0.0.5/31

Step 4: Configure IP address to Loopback0 of both switches.

#SONiC01
admin@SONIC01:~$ sudo config interface ip remove Loopback0 10.1.0.1/32 
admin@SONIC01:~$ sudo config interface ip add Loopback0 1.1.1.1/32
#SONiC02
admin@SONIC02:~$ sudo config interface ip remove Loopback0 10.1.0.1/32 
admin@SONIC02:~$ sudo config interface ip add Loopback0 2.2.2.2/32

Step 5. Create VxLAN

#SONiC01

admin@SONIC01:~$sudo config vxlan add vtep 1.1.1.1                       → configuring VTEP_name (vtep) and its IP address 
admin@SONIC01:~$sudo config vxlan evpn_nvo add nvo vtep                  → create nvo_name (nvo) and bind it to VTEP_name (vtep)
admin@SONIC01:~$sudo config vxlan map add vtep 10 1000                   → mapping VNI 1000 to VLAN 10
admin@SONIC01:~$sudo config save -y
#SONiC02

admin@SONIC01:~$sudo config vxlan add vtep 2.2.2.2                       → configuring VTEP_name (vtep) and its IP address 
admin@SONIC01:~$sudo config vxlan evpn_nvo add nvo vtep                  → create nvo_name (nvo) and bind it to VTEP_name (vtep)
admin@SONIC01:~$sudo config vxlan map add vtep 10 1000                   → mapping VNI 1000 to VLAN 10
admin@SONIC01:~$sudo config save -y

Step 6. Establish BGP environment for EVPN.

#SONiC01

admin@7726:~$ vtysh                                                                                 → enter vtysh shell

Hello, this is FRRouting (version 7.2.1-sonic).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

sonic# configure terminal
sonic(config)#router bgp 65100                                               → assign BGP AS number
sonic(config-router)#neighbor 10.0.0.5 interface remote-as internal          → assign Ethernet48 IP address to connect via IBGP with peering on same AS
sonic(config-router)# address-family ipv4 unicast                            → Enter address-family ipv4
sonic(config-router-af)# network 1.1.1.1/32                                  → Announce 1.1.1.1 network
sonic(config-router-af)# exit
sonic(config-router)#address-family l2vpn evpn                               → enter EVPN setting
sonic(config-router-af)#neighbor 10.0.0.5 activate                           → activate EVPN for neighbor 10.0.0.5
sonic(config-router-af)#advertise-all-vni                                    → advertise all VNI routing
sonic(config-router-af)#exit
#SONiC02

admin@7726:~$ vtysh                                                                                 → enter vtysh shell

Hello, this is FRRouting (version 7.2.1-sonic).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

sonic# configure terminal
sonic(config)#router bgp 65100                                               → assign BGP AS number
sonic(config-router)#neighbor 10.0.0.4 interface remote-as internal          → assign Ethernet48 IP address to connect via IBGP with peering on same AS
sonic(config-router)# address-family ipv4 unicast                            → Enter address-family ipv4
sonic(config-router-af)# network 2.2.2.2/32                                  → Announce 2.2.2.2 network
sonic(config-router-af)# exit
sonic(config-router)#address-family l2vpn evpn                               → enter EVPN setting
sonic(config-router-af)#neighbor 10.0.0.4 activate                           → activate EVPN for neighbor 10.0.0.4
sonic(config-router-af)#advertise-all-vni                                    → advertise all VNI routing
sonic(config-router-af)#exit

Step 7. Enable ARP suppression on VLAN10. Please configure the same setting below to second switch.

admin@SONIC01:~$ sudo config neigh_suppress enable 10
admin@SONIC01:~$ sudo config save -y
admin@SONIC01:~$ sudo reboot

Note : Please do disable then enable ARP suppression after doing config reload (Please refer to workaround below). It's known issue as listed above that doing config reload after enabling ARP suppression may let VLAN operation down.

Workaround

admin@SONIC01:~$ sudo config neigh_suppress disable 10
admin@SONIC01:~$ sudo config neigh_suppress enable 10

 

 

Related articles

Comments

0 comments

Please sign in to leave a comment.