Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ACX] ACX5448 needs chassis-mode "enhanced-ip" to correctly forward EVPN traffic

0

0

Article ID: KB35710 KB Last Updated: 28 Apr 2020Version: 1.0
Summary:

Starting in Junos OS Release 19.2R1, ACX5448 Series devices support EVPN with VXLAN encapsulation and EVPN with MPLS encapsulation.

This article clarifies that EVPN traffic will be flooded to all remote PEs instead of being unicast to a single PE if enhanced-ip mode is not used while configuring EVPN with VXLAN encapsulation or EVPN with MPLS encapsulation in ACX5448 Series devices.

 

Symptoms:

Topology

In a VPN environment (as shown above):

  • Through EVPN BGP advertisement, ACX5448 will learn the remote MAC address “00:00:00:00:00:11” from PE1. Similarly, MAC address “00:00:00:00:00:33” will be learned on PE1.

  • Traffic from MAC33 to MAC11 shall be sent from ACX to only PE1 by utilizing the xe-0/0/0 link.

  • However, the missing “enhanced-ip” configuration on ACX5448 will cause unicast traffic to be flooded to all remote PEs.

  • In such case, we see traffic to MAC11 being sent on links xe-0/0/0 and ae2.

Before Configuration Change

The next-hops are RNH_LE and the pip0 interface is missing:

[edit]
user@router# run show route forwarding-table family evpn
Routing table: EVPN-Set-15-1.evpn
EVPN:
Enabled protocols: Single VLAN, ACKed by all peers, EVPN, ARP/NDP suppression,
Destination        Type RtRef Next hop           Type Index    NhRef Netif
default            perm     0                    dscd      654     1
00:00:17:91:00:40/48 user     0                 chain 14647294     2
00:00:17:91:00:50/48 user     0                 chain 14647295     2

LNX-FPC0(router vty)# show route bridge

BRIDGE Route Table 1808, default-switch.1808, 0x8 FRR: FALSE: BUM hashing: FALSE del CW: FALSE
BD-ID  Mesh-Group L2Token  NH Type   NH ID  Interface
-----  ---------- -------  -------   ------ ---------

BRIDGE Route Table 1809, EVPN-Set-15-1.1809, 0x4000 FRR: FALSE: BUM hashing: FALSE del CW: FALSE
BD-ID  Mesh-Group L2Token  NH Type   NH ID  Interface
-----  ---------- -------  -------   ------ ---------
00002    00000  00:00:17:91:00:40/80    RNH_LE 14647294 rifl 0

00002    00000  00:00:17:91:00:50/80    RNH_LE 14647295 rifl 0 

LNX-FPC0(router vty)# show nhdb id 14647294
   ID      Type      Interface    Next Hop Addr    Protocol       Encap     MTU               Flags  PFE internal Flags
-----  --------  -------------  ---------------  ----------  ------------  ----  ------------------  ------------------
14647294    RNH_LE  -              fe:ff:1f:00:00:00
                                                          -             -     0  0x0000000000000004  0x0000000000000000

LNX-FPC0(router vty)# show nhdb id 14647294 recursive
14647294(RNH_LE, ifl:0:-, pfe-id:0)

 

Solution:

To resolve the issue, add the enhanced-ip configuration as shown below: 

user@router# set chassis network-services enhanced-ip

[edit]
user@router#

[edit]
user@router# show | compare rollback 1
[edit chassis]
+  network-services enhanced-ip;

After Configuration Change

user@router# run show route forwarding-table family evpn
Routing table: EVPN-Set-15-1.evpn
EVPN:
Enabled protocols: Single VLAN, ACKed by all peers, EVPN, ARP/NDP suppression,
Destination        Type RtRef Next hop           Type Index    NhRef Netif
default            perm     0                    dscd      655     1
00:00:17:91:00:40/48 user     0                  indr  2097155     3
                               10.21.60.0        Push 299776      881     2 xe-0/0/0.0
00:00:17:91:00:50/48 user     0                  indr  2097151     3
                                                  ulst  2097150     2
                               10.60.61.1        Push 299776      871     2 ae0.0
                               10.21.60.0        Push 299776, Push 299904(top)      872     2 xe-0/0/0.0
 

LNX-FPC0(router vty)# show route bridge

BRIDGE Route Table 1808, default-switch.1808, 0x8 FRR: FALSE: BUM hashing: FALSE del CW: FALSE
BD-ID  Mesh-Group L2Token  NH Type   NH ID  Interface
-----  ---------- -------  -------   ------ ---------

BRIDGE Route Table 1812, EVPN-Set-15-1.1812, 0x4000 FRR: FALSE: BUM hashing: FALSE del CW: FALSE
BD-ID  Mesh-Group L2Token  NH Type   NH ID  Interface
-----  ---------- -------  -------   ------ ---------
00004    00000  00:00:17:91:00:40/80 rifl pip0.2097155

00004    00000  00:00:17:91:00:50/80 rifl pip0.2097151
 
LNX-FPC0(router vty)# show nhdb id 2097155 recursive
2097155(Indirect, VPLS, ifl:97:xe-0/0/0.0, pfe-id:0, i-ifl:0:-)
     881(Unicast, VPLS->MPLS, ifl:97:xe-0/0/0.0, pfe-id:0)

LNX-FPC0(router vty)# show nhdb id 2097151 recursive
2097151(Indirect, VPLS, ifl:95:ae0.0, pfe-id:0, i-ifl:0:-)
     2097150(Unilist, IPv4, ifl:0:-, pfe-id:0)
         871(Unicast, VPLS->MPLS, ifl:95:ae0.0, pfe-id:0)
         872(Unicast, VPLS->MPLS, ifl:97:xe-0/0/0.0, pfe-id:0)

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search