Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[MX] EVPN Active/Active Multihoming Qualified for Enhanced-IP network-services mode Only

0

0

Article ID: KB35973 KB Last Updated: 24 Jun 2020Version: 1.0
Summary:

On MX series routers, the EVPN active/active multihoming feature is qualified for Enhanced-IP network-services mode only.

Symptoms:

BUM flooding behavior is erratic and split horizon (SH) violation is observed if MX routers are not configured for Enhanced-IP network-services mode when EVPN A/A multihoming is configured.

Note: In this example, the PEs are not configured with IRB L3 interfaces in the EVPN instance. Thus, they are not doing Proxy ARP or ARP suppression. The EVPN instance is pure L2, to illustrate the behavior.


Example of erratic behavior, and SH violation:

  • ARP Request (DMAC ff:ff:ff:ff:ff:ff) is sent from device H1 connected to CE1
  • ARP Request is flooded by CE1 on all ports in the same VLAN where the ARP Request was received, except the port connected to the device who originated the ARP Request - This is expected behaviour.
  • This includes the uplink ae0 double-homed toward PE1 (designated forwarder) and PE2 (non-DF).
  • ARP Request ingresses, for example, PE1 (designated forwarder) ae0 with non-zero ESI 00:01:01:01:01:01:01:01:01:01
  • ARP Request is flooded toward other local interfaces on same bridge domain by PE1 (DF) - This is expected behaviour.
  • ARP Request is also flooded by PE2 (non-DF) back into ae0 ESI 00:01:01:01:01:01:01:01:01:01 - This constitutes a Split Horizon (SH) violation.
  • MAC address of the H1 is thus re-learned by CE1 through ae0. MAC flaps between the port connected to H1 and ae0, the uplink double-homed to PE1 and PE2
Cause:
On MX series routers, the EVPN active/active multihoming feature is qualified for Enhanced-IP network-services mode only. This issue may not be observed with single-active multihoming.
Solution:

If EVPN A/A multihoming is desired, configure the MX routers for network-services Enhanced-IP.

Note: Depending on what mode the router is operating in, a full system reboot is required.

IMPORTANT: If the router has dual routing engines, make sure both routing engines are configured and operating in Enhanced IP mode. If Graceful Routing Engine Switchover (GRES) is configured, then commits should be synchronized automatically. But if GRES is not configured, then make sure you manually commit synchronize the configuration.

The following excerpt is from the technical documentation on EVPN A/A and enhanced IP mode: Example: Configuring EVPN Active-Active Multihoming

"Configure the MX Series router to operate in the enhanced-ip mode because the EVPN active-active functionality is supported on routers with MPCs and MIC interfaces only.
A system reboot is required on committing this configuration."
 
More on Enhanced-IP and the other modes:

Routers with Dual Routing Engines:

Change from IP Network Services mode to Enhanced IP Network Services mode. System reboot is required (PFE/FPCs).

[edit]
root@PE1# set chassis network-services enhanced-ip 

[edit]
root@PE1# commit and-quit synchronize 
commit complete
Exiting configuration mode

root@PE1> show chassis network-services 
Network Services Mode: Enhanced-IP

To verify in which mode the device booted up:

root@PE1> start shell user root

root@PE1:~ # sysctl -a | grep netsvc
net.netsvc: 2
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search