Alright, here we are for part three of the EVPN Lab – BGP Configuration. In our last configuration post EVPN Lab – Multicast Configuration we setup multicast in the underlay. Now we get to configure BGP so when we get to the next video and we are setting up VXLAN and EVPN, we don’t have to worry about setting up BGP and ensuring it’s working. Let’s get into this EVPN Lab – BGP Configuration!
What do we have to configure for this?
- ASN - 64512
- Peer with loopback20 addresses (10.10.10.x)
- Configure a router id with the address that is assigned to loopback 10
- Use Peer-Groups where applicable on the Spine switches to make the configuration easier to read
- Spine switches are going to be route reflectors
- Authenticate peers with password P@55w0rd!Like the others we are going to look at two devices for this configuration. We are going to look at a spine, that is being configured as a route-reflector, and we are going to use templates to make the configuration easier to read and we are going to configure Leaf-01
What are we working with?
The physical diagram was shared in our previous post {{ internal link }}. When we are done configuring BGP, the logical topology should look like this
Configuration
Spine-01
- Enable the BGP Feature
- Enable NV Overlay VPN
- Configure BGP with the following parameters
- The Router-ID is the address of Loopback10
- Configure a peer template named EVPN with the following
- Remote-As 64512
- update-source loopback20
- password P@55w0rd!
- Configure a peer-policy named EVPN-POLICY with the following
- send-community
- send-community extended
- route-reflector-client
- Configure the neighbors and assign the templates
feature bgp
nv overlay evpn
router bgp 64512
router-id 10.1.0.1
template peer EVPN
remote-as 64512
password 3 81edc54affecb0aa47801eedcd2db4af
update-source loopback20
template peer-policy EVPN-POLICY
send-community
send-community extended
route-reflector-client
neighbor 10.10.10.3
inherit peer EVPN
address-family l2vpn evpn
inherit peer-policy EVPN-POLICY 1
neighbor 10.10.10.4
inherit peer EVPN
address-family l2vpn evpn
inherit peer-policy EVPN-POLICY 1
neighbor 10.10.10.5
inherit peer EVPN
address-family l2vpn evpn
inherit peer-policy EVPN-POLICY 1
neighbor 10.10.10.6
inherit peer EVPN
address-family l2vpn evpn
inherit peer-policy EVPN-POLICY 1
neighbor 10.10.10.7
inherit peer EVPN
address-family l2vpn evpn
inherit peer-policy EVPN-POLICY 1
neighbor 10.10.10.8
inherit peer EVPN
address-family l2vpn evpn
inherit peer-policy EVPN-POLICY 1
neighbor 10.10.10.9
inherit peer EVPN
address-family l2vpn evpn
inherit peer-policy EVPN-POLICY 1Leaf-01
- Enable the BGP Feature
- Enable NV Overlay VPN
- Configure BGP with the following parameters
- The router-id of the BGP process is the loopback10 address
- Configure the neighbors toward the spine switches with
- Remote AS 64512
- Use loopback20 as the update source
- Use the session password P@55w0rd
- Configure the L2VPN EVPN address family with
- Send both types of communities
feature bgp
nv overlay evpn
router bgp 64512
router-id 10.1.0.3
neighbor 10.10.10.1
remote-as 64512
password P@55w0rd!
update-source loopback20
address-family l2vpn evpn
send-community
send-community extended
neighbor 10.10.10.2
remote-as 64512
password P@55w0rd!
update-source loopback20
address-family l2vpn evpn
send-community
send-community extendedVerification
Since the configuration is very similar, we are only going to look at the verifications from the Spine Switch point of view
show bgp l2vpn evpn summary
This is done to ensure that the neighbors are up and can exchange l2vpn evpn Network Layer Reachability Information (NLRI). You will see no prefixes being learned. This is by design since we are not advertising any networks into the evpn network yet.
Spine-01# show bgp l2vpn evpn summary
BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 10.1.0.1, local AS number 64512
BGP table version is 15, L2VPN EVPN config peers 7, capable peers 7
0 network entries and 0 paths using 0 bytes of memory
BGP attribute entries [0/0], BGP AS path entries [0/0]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.10.10.3 4 64512 12 18 15 0 0 00:02:49 0
10.10.10.4 4 64512 13 23 15 0 0 00:03:43 0
10.10.10.5 4 64512 12 13 15 0 0 00:06:04 0
10.10.10.6 4 64512 14 19 15 0 0 00:04:02 0
10.10.10.7 4 64512 13 18 15 0 0 00:03:24 0
10.10.10.8 4 64512 13 13 15 0 0 00:07:56 0
10.10.10.9 4 64512 14 14 15 0 0 00:02:33 0show bgp sessions
This is a good command to run to see who is the BGP server vs who is the BGP client in the off chance you are having connection issues
Spine-01# show bgp sessions
Total peers 7, established peers 7
ASN 64512
VRF default, local ASN 64512
peers 7, established peers 7, local router-id 10.1.0.1
State: I-Idle, A-Active, O-Open, E-Established, C-Closing, S-Shutdown
Neighbor ASN Flaps LastUpDn|LastRead|LastWrit St Port(L/R) Notif(S/R)
10.10.10.3 64512 1 00:03:14|00:00:13|00:00:13 E 23917/179 1/0
10.10.10.4 64512 2 00:04:09|00:00:08|00:00:08 E 51127/179 2/0
10.10.10.5 64512 0 00:06:30|00:00:29|00:00:29 E 179/15041 0/0
10.10.10.6 64512 1 00:04:27|00:00:26|00:00:26 E 56841/179 1/0
10.10.10.7 64512 1 00:03:50|00:00:49|00:00:49 E 32782/179 1/0
10.10.10.8 64512 0 00:08:21|00:00:20|00:00:20 E 49298/179 0/0
10.10.10.9 64512 1 00:02:59|00:00:58|00:00:58 E 179/43376 0/1Perfect, now we can check BGP off of the list! In the next one, we are going to configure what everyone came here for, VXLAN and EVPN! Let me know what you think so far either in the comments below or on my socials! Looking forward to the next one!