BRKMPL-2333 2014 San Francisco

EVPN & PBB-EVPN: the Next
Generation of MPLS-based L2VPN

BRKMPL-2333
Jose Liste (jliste@cisco.com)

Technical Marketing Engineer
Agenda
• Introduction
• Technical Overview
• Implementation
• Demonstration
• Summary
BRKMPL-2333 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Introduction
Next-Generation Solutions for L2VPN
Data Center Interconnect requirements were not fully addressed by current
L2VPN technologies
 Per-Flow Redundancy and Load Balancing
 Simplified Provisioning and Operation
 Optimal Forwarding
 Fast Convergence
 MAC Address Scalability
Ethernet Virtual Private Network (EVPN) and Provider Backbone Bridging

EVPN (PBB-EVPN) designed to address these requirements
Next-Generation Solutions for L2VPN
Solving VPLS challenges for per-flow Redundancy
• Existing VPLS solutions do not offer M1
CE1 PE1 PE3 CE2 M2
an All-Active per-flow redundancy

Echo !
• Looping of Traffic Flooded from PE

PE2 PE4
• Duplicate Frames from Floods from M1 CE1 CE2 Duplicate !

PE1 PE3
the Core
• MAC Flip-Flopping over Pseudowire
– E.g. Port-Channel Load-Balancing PE2 PE4
does not produce a consistent hash-
M1
value for a frame with the same CE1 PE1
MAC
PE3 CE2 M2
source MAC (e.g. non MAC based Flip-Flop
Hash-Schemes)
PE2 PE4
What is xEVPN?
• xEVPN family introduces next
generation solutions for Ethernet E-LAN E-LINE E-TREE
services
– BGP control-plane for Ethernet Segment
and MAC distribution and learning over
MPLS core
– Same principles and operational experience EVPN
of IP VPNs
• No use of Pseudowires
– Uses MP2P tunnels for unicast
– Multi-destination frame delivery via ingress
replication (via MP2P tunnels) or LSM
PBB- EVPN EVPN
EVPN VPWS E-TREE
• Multi-vendor solutions under IETF
standardization
xEVPN Business Advantages
Business Continuity • All-Active (per-flow) access load-balancing
• Fast convergence (link / node / MAC moves)
Service Robustness
• Control-plane (BGP) learning in the Core. PWs no longer used
Designed to Scale • Scalability of IP VPN. MAC address scalability
• Per-flow and per-service access load-balancing

CapEx Optimization • PE load-balancing (BGP multi-pathing). Access / core ECMP
Ease of Provision and • Peer PEs auto-discovery. Redundancy group auto-sensing

• Operational consistency with L3 IP VPN
Operation
• Support existing and new service types (E-LAN, E-Line, E-TREE,
Service Flexibility VLAN-aware bundling)
• Open standard
Investment Protection • Multi-vendor support
Ethernet VPN
Highlights
• Next generation solution for Ethernet
Control-plane address
multipoint (E-LAN) services Data-plane address advertisement / learning
learning from Access over Core
• PEs run Multi-Protocol BGP to advertise
& learn Customer MAC addresses (C- PE1 PE3
MACs) over Core VID 100

SMAC: M1
– Same operational principles of L3VPN DMAC: F.F.F
CE1 CE3
• Learning on PE Access Circuits via data-
plane transparent learning MPLS
C-MAC: C-MAC:
• No pseudowire full-mesh required M1 M2
– Unicast: use MP2P tunnels

– Multicast: use ingress replication over MP2P
tunnels or use LSM PE2 PE4
• Under standardization at IETF – draft- BGP MAC adv. Route

ietf-l2vpn-evpn EVPN NLRI
MAC M1 via PE1
PBB-EVPN PE
PBB Ethernet VPN PBB

Backbone EVPN
Edge Bridge
Highlights
• Next generation solution for Ethernet multipoint Control-plane address
Data-plane address
(E-LAN) services by combining Provider advertisement /
learning from Core
Backbone Bridging (PBB - IEEE 802.1ah) and learning over Core (B-
• Remote C-MAC to
MAC)
Ethernet VPN remote B-MAC binding
• Data-plane learning of local C-MACs and remote Data-plane address PE1 PE3
C-MAC to B-MAC binding learning from Access
• Local C-MAC to local B-MAC:
B-MAC binding B-M1 B-M2
• PEs run Multi-Protocol BGP to advertise local
Backbone MAC addresses (B-MACs) & learn CE1 CE3
remote B-MACs
MPLS
– Takes advantage of PBB encapsulation to simplify BGP
C-MAC:
control plane operation – faster convergence C-MAC:
MB
MA
– Lowers BGP resource usage (CPU, memory) on B-MAC: B-M2
deployed infrastructure (PEs and RRs) B-M1
• Under standardization at IETF – WG draft: draft- PE2 PE4

ietf-l2vpn-pbb-evpn
BGP MAC adv.
Route
EVPN NLRI
MAC B-M1 via PE2
To PBB or not to PBB?
• What is the value of combining PBB and
PBB
EVPN functions?
• Lower control-plane overhead than
EVPN alone
– PBB-EVPN uses only a sub-set of EVPN routes
– Simpler and Faster failure convergence for all-
active multi-homing scenarios
– Faster MAC move convergence handled in
data-plane
• Lower control-plane scale requirements

than EVPN alone
– BGP MAC advertisements for smaller
Backbone MAC (B-MAC) address space
– Requires less resources (CPU, memory) on
deployed infrastructure (PEs / RRs)
Technical Overview
Concepts and Operation
Concepts
EVPN Instance (EVI) BGP Route
Ethernet Segment BGP Routes
Attributes
SHD Route Types Extended Communities

CE1
BD EVI ESI1 PE1 [1] Ethernet Auto-Discovery (AD) Route ESI MPLS Label
[2] MAC Advertisement Route ES-Import

MHD CE2
[3] Inclusive Multicast Route MAC Mobility
EVI
BD
PE2
ESI2 [4] Ethernet Segment Route Default Gateway
PE
• EVI identifies a VPN in the • Represents a ‘site’ • EVPN and PBB-EVPN • New BGP extended
network connected to one or more define a single new BGP communities defined
• Encompass one or more PEs NLRI used to carry all • Expand information
bridge-domains, • Uniquely identified by a EVPN routes carried in BGP routes,
depending on service 10-byte global Ethernet • NLRI has a new SAFI (70) including:
interface type Segment Identifier (ESI) • Routes serve control MAC address moves
Port-based • Could be a single device plane purposes, C-MAC flush notification
VLAN-based (shown above) or an entire network including: Redundancy mode
VLAN-bundling Single-Homed Device (SHD) MAC address reachability MAC / IP bindings of a GW
VLAN aware bundling (NEW) Multi-Homed Device (MHD) MAC mass withdrawal Split-horizon label encoding
Single-Homed Network (SHN) Split-Horizon label adv.
Multi-Homed Network (MHN) Aliasing
Multicast endpoint discovery
Redundancy group discovery
Used by PBB-EVPN
BRKMPL-2333 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 13 Designated forwarder election
Provider Backbone Bridging (PBB)
Overview IB-BEB
• PBB (IEEE 802.1ah-2008) defines an I-comp
L2 Access
architecture that includes
L2 Core
– 224 service instances (I-SID) per B-VLAN I-comp B-comp
– MAC-in-MAC
CBP
I-comp
• I-Component PIP
– Learns & forwards using C-MACs
– Maintains a mapping table of C-MACs to B- B-DA / B-SA 12B
MACs B-DA / B-SA B-Tag 4B
– Performs PBB encap/decap on PIP

I-TAG I-TAG 6B
• B-Component C-DA / C-SA C-DA / C-SA C-DA / C-SA

– Learns & forwards using B-MACs
– Push / pop B-VLAN on CBP
IB-BEB = I-/B-comp Backbone Edge Bridge Customer Frame Customer Frame Customer Frame
I-SID = Backbone Service Instance Identifier
PIP = Provider Instance Port
CBP = Customer Backbone Port
PBB-EVPN Encapsulation
Traffic Direction
I-Component B-Component
EVPN
Ethernet BD
BD Forwarder
MPLS
Access I-SID X EVI aaa
DA (NH router)
SA
6B B-DA E-type (MPLS 0x8847)
6B B-SA PSN MPLS label 4B
24-bit I-SID
inside I-TAG 2B E-type (I-TAG 0x88E7) EVPN MPLS label EVPN MPLS label 4B
4B I-TAG Control Word Control Word 4B
DA DA
PBB Header PBB Header 18B
SA SA
E-type (802.1q 0x8100) 802.1q Tag (0x8100)
C-VID C-VID
Payload E-Type Payload E-Type Customer Frame Customer Frame
Payload Payload
PBB-EVPN Operation
Multicast Tunnel ID / Endpoint Discovery1
Inclusive Multicast
2
route signals MPLS
I-SID X Flood List
label to be used in the
Entry 1: PE 2 – label A downstream direction
X Y CE2
Entry 2: PE 3 – label B PE2
Entry 3: PE 4 – label C
PE1
PE3
RR X
BD
CE1 I-SID X BD EVPN

Forwarder
MPLS
EVI aaa CE3
BD
I-SID Y 1
2
At start-up, PEs send X Y
EVPN Inclusive Multicast
I-SID Y Flood List routes to signal I-SID
Entry 1: PE 2 – label D membership PE4 CE4
Entry 2: PE 4 – label E
(1) Ingress / Head Replication model shown
EVPN Inclusive Multicast route
PBB-EVPN Operation
B-MAC Reachability Advertisement MAC Advertisement
2 route signals MPLS
label to be used in the
L2 Routing Information Base (RIB) downstream direction
B-DA2; Next Hop PE2; label F
B-DA3; Next Hop PE3; label G CE2
B-DA4; Next Hop PE4; label H PE2
PE1 B-DA2
PE3
RR
B-DA3
BD
CE1 I-SID X BD EVPN

Forwarder
MPLS
B-DA1 EVI aaa CE3
BD
I-SID Y 1
At start-up, PEs send
B-DA4
EVPN MAC
Advertisement route for
local B-MAC/EVI PE4 CE4
EVPN MAC Advertisement route
PBB-EVPN Operation
Multi-Destination Traffic Forwarding (Per-ISID Ingress Replication)
1 3
CAM Table I-SID X
Multi-destination Traffic Entry1: C-MAC1a; B-DA1
I-SID X Flood List
• Unknown unicast X Y
Entry 1: PE 2 – label A CE2
• Broadcast CAM Table I-SID Y
Entry 2: PE 3 – label B
• Multicast PE2
Entry1: C-MAC1b; B-DA1
Entry 3: PE 4 – label C
PE1
SA: C-MAC1a PE3
DA: FFFF.FFFF.FFFF
SA: C-MAC1b X
DA: FFFF.FFFF.FFFF
BD
CE1 I-SID X BD EVPN

Forwarder
MPLS
C-MAC1a B-DA1 BD
EVI aaa CE3
C-MAC1b
I-SID Y
2
Ingress replication X Y
I-SID Y Flood List with Per-ISID flooding
Entry 1: PE 2 – label D 3 copies for I-SID X
PE4 CE4
Entry 2: PE 4 – label E 2 copies for I-SID Y
PBB-EVPN Operation
Known Unicast Traffic Forwarding
1 L2 Routing Information Base (RIB)
Known Unicast Traffic CAM Table I-SID X B-DA2; Next Hop PE2; label F
Entry1: C-MAC1a; local B-DA3; Next Hop PE3; label G CE2
C-MAC2
Entry2: C-MAC2; B-DA2 Lookup B-DA4; Next Hop PE4; label H PE2
Entry3: C-MAC4; B-DA4
PE1 B-DA2
SA: C-MAC1a Lookup PE3
DA: C-MAC2
SA: C-MAC1a
DA: C-MAC4
BD
CE1 I-SID X BD EVPN

Forwarder
MPLS
C-MAC1a B-DA1 BD
EVI aaa
I-SID Y
2
B-DA4
Known Unicast
delivered to specific C-MAC4
remote PEs PE4 CE4
Technical Overview
Multi-Homing
PBB-EVPN
Duplicate !
Multi-Homing Requirements
PE PE
• Designated Forwarder (DF) Election with Service
Carving
– Prevent duplicate delivery of flooded frames (multicast,
broadcast, unknown unicast) PE PE
– Non-DF ports are blocked for flooded traffic
– Uses BGP Ethernet Segment Route to trigger DF
election Echo !
• Split Horizon for Ethernet Segment PE PE

– Prevent looping of traffic originated from a multi-homed
segment
– Performed based on B-MAC source address rather than PE PE
E-VPN’s Ethernet Segment Identifier (ESI) MPLS Label
• Aliasing
B-M1
– PEs connected to the same multi-homed Ethernet PE PE
Segment advertise the same B-MAC address BGP route
– Remote PEs use these MAC Route advertisements for (B-M1)
aliasing load-balancing traffic destined to C-MACs
reachable via a given B-MAC PE
B-M1
PBB-EVPN
Multi-Homing Requirements (cont.) FLUSH
• MAC Flush Notification towards Core and Access B-M1

PE BGP route PE
networks
– Allows flushing to occur on local and remote devices in
X (B-M1)
order to trigger subsequent flooding needed to recover
from failures
PE
– Applicable to DHD/MHD with Single-Active (per-Service) FLUSH B-M2
load balancing
– Flushing indication to remote PEs uses a re-adv. of a
BGP MAC Advertisement Route with an incremented
seq. number in the MAC Mobility extended community
– Flushing indication to local devices could use MST TCN
or MVRP message
PBB-EVPN
Multi-Homing Scenarios
• Single Home Device / Single Home
Network scenarios Single Home Device (SHD)
Single Home Network (SHN)
• PE attached to Ethernet Segment

using bundle or physical interfaces CE1
ESI: Null
B-MAC:PE1
B-M1
• Null Ethernet Segment Identifier VID X
MPLS
(ESI) used for SHD / SHN Core
CE2
• For single-homed sites, either ESI: Null

B-MAC:
VID Y B-M1
assign unique B-MAC per site or
share common B-MAC for all single-
homed sites on a given PE (e.g.
chassis PBB backplane address)
PBB-EVPN
Multi-Homing Scenarios – All-Active Load-Balancing
• Dual Home Device / Multi Home Device1
scenarios and All-Active LB Dual Home Device (DHD)
All-Active Load-Balancing
– A.k.a. Active / Active per-flow (AApF) LB
– Both PEs forward traffic associated with a given PE1
PE1 and PE2 use same
PBB I-SID BMAC 1 B-MAC / same ESI for a
Single Bundle ESI W shared segment
VID X
• PEs attached to Ethernet Segment using configured on CE1
CE1
bundle interfaces MPLS
Core
– Single bundle (manual or LACP) configured on
CE VID X
BMAC 1
• PEs on same segment must share the ESI W
same source B-MAC and ESI PE2

Both PEs forward
– ESI and B-MAC auto-sensed from CE LACP traffic from the same
information service (PBB I-SID)
• DF election (manual or automatic)

(1) Standard does not limit solution to only dual homing
PBB-EVPN
Multi-Homing Scenarios – Single-Active Load-Balancing
• Dual Home Device / Multi Home Device1
scenarios and Single-Active load- Dual Home Device (DHD)
balancing Single-Active Load-Balancing
– A.k.a. Active / Active per-service (AApS) LB PE1 forwards traffic

PE1
PE1 and PE2 use unique
– Only one PE forwards all traffic associated with from I-SID assigned to BMAC 1 B-MAC each and same
vlan X ESI W ESI for a shared segment
a given PBB I-SID VID X
CE1
• PEs attached to Ethernet Segment using Separate Bundles
MPLS
Core
physical or bundle interfaces configured on CE1
– Multiple bundles configured on CE VID Y

BMAC 2
ESI W
• Different B-MAC and Identical ESI must
be used on PBB-EVPN PEs PE2
PE2 forwards traffic
from I-SID assigned to
• Per service (I-SID) carving and DF vlan Y
election (manual or automatic)
(1) Standard does not limit solution to only dual homing
Technical Overview
Life of a Packet / Failure / Operational scenarios
PBB-EVPN Life of a Packet
Ingress Replication – Multi-destination Traffic Forwarding
PE1 receives broadcast Mcast MPLS
During start-up sequence, traffic from CE1. PE1 PSN MPLS label Label assigned by
PE1, PE2, PE3, PE4 sent adds PBB encapsulation to reach PE3 PE3 for incoming
Inclusive Multicast route and forwards it using BUM traffic on a
which include Mcast label ingress replication – 3 given EVI
copies created PE3 – as DF, it
forwards BUM
PE1 PE3 PE1 PE3 traffic towards
VID 100 segment
SMAC: M1
DMAC: F.F.F
B-M1 B-M2 B-M1 B-M2
L3 PBB
CE1 CE3 CE1 CE3

L2 PBB
MPLS MPLS
L4 PBB
PE 2 Inclusive Multicast B-M2

B-M1
B-M2
B-M1
Route
RD = RD-2a
PE4 – non-DF for
PMSI Tunnel Attribute PE2 PE4 PE2 PE4 given I-SID drops
PE2 – drops BUM PE3 MAC Table BUM traffic
Tunnel Type = Ing. Repl. traffic originated I-SID xyz
Label = L2 Mcast MPLS Label – used to on same source
transmit BUM traffic - B-MAC (B-M1) C-MAC B-MAC Data-plane based
RT ext. community downstream assigned (for MAC learning for C-
M1 B-M1
RT-a ingress replication) MAC / B-MAC
BRKMPL-2333 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 27 association
PBB-EVPN Life of a Packet (cont.)
All-Active Load-Balancing from CE
PE3 MAC Route
ESI == 0 used for PE1 forwards traffic to
RD = RD-3a
MP2P VPN Label – Single Home Device M3 using B-MAC B-M3 PSN MPLS label MP2P VPN Label
downstream allocated label ESI = 0 towards PE3 to reach PE3 assigned by PE3
used by other PEs to send MAC = B-M3 MAC advertised for incoming traffic
traffic to advertised MAC by route for target EVI
Label = L3
RT ext. community
PE1 PE1
RT-a
VID 100
SMAC: M1
B-M1 DMAC: M3 B-M1
PE3 PE3
L3 PBB
CE1 CE3 CE1 CE3
MPLS MPLS
B-M3 B-M3
B-M1 VID 100 B-M1 L3 PBB

SMAC: M2
DMAC: M3
PE2 PE2
PE 1 / PE2 RIB Path List PE1 / PE2 MAC Table PE2 forwards traffic to
I-SID xyz M3 using B-MAC B-M3
VPN MAC ESI NH
C-MAC B-MAC towards PE3
RT-a B-M3 0 PE3
M3 B-M3
PBB-EVPN Failure Scenarios / Convergence
Link / Segment Failure – All-Active Load-Balancing
2
PE1 withdraws B-MAC
advertised for failed
1 segment (B-M1)
PE1 detects failure
of one of its
attached segments PE1 PE3
B-M1 B-M2
CE1 CE3
2 MPLS
PE1 withdraws Ethernet
Segment Route At idle state, PE3, PE4
B-M2
B-M1 install two (2) next
hops for B-MAC B-M1 3
PE3 / PE4
4 PE2 PE4
remove PE1 from
PE2 reruns DF election. PE3, PE4 RIB Path List path list for B-
Becomes DF for all I- MAC (B-M1)
SIDs on segment VPN MAC ESI NH
RT-a B-M1 n/a PE1
PE2
PBB-EVPN Operational Scenarios
4
MAC Mobility 3 MAC Mobility event handled entirely by data- After move, host sends
Host M1 moves Gratuitous/Reverse ARP at
1 from CE1 to CE3’s
plane learning new location, PE3 updates
PE1 learns C-MAC M1 on local location C-MAC M1 location (local
port.) PE3 also forwards
port and forwards across core 2 5 across core according to C-
according to C-MAC DA to Via data-plane Via data-plane
Remote B-MAC mapping MAC DA to Remote B-MAC
learning, PE3 learns learning, PE1 mapping
C-MAC M1 via B- updates C-MAC M1
MAC B-M1 location (via B-MAC
PE1 PE3 B-M2) PE1 PE3
VID 100 1 4 VID 100
SMAC: M1 SMAC: M1
DMAC: M2 B-M1 B-M2 B-M1 B-M2 DMAC: F.F.F
L3 L4 PBB
CE1 L1 L2 PBB CE3 CE1 CE3
M1
MPLS M1 MPLS M1
B-M2 B-M2
B-M1 B-M1
PE1 MAC Table PE3 MAC Table

I-SID xyz PE2 PE4 I-SID xyz PE2 PE4
PE1 MAC Table PE3 MAC Table
C-MAC B-MAC C-MAC B-MAC
I-SID xyz I-SID xyz
M1 - M1 B-M1
C-MAC B-MAC C-MAC B-MAC
1 2
M1 B-M2 M1 -
5 4
PBB-EVPN in Cisco ASR9000
Introducing PBB-EVPN in Cisco ASR 9000
• Introducing the next-generation of
L2VPNs – Provider Backbone
Bridging Ethernet VPN (PBB-EVPN)
• Support across Cisco ASR 9000
series router family
– From ASR9001-S to ASR9922
• Support starting with Cisco IOS-XR
release 4.3.21 (FCS 09/2013)
• Enhanced Ethernet Line Cards
(Typhoon) required as Ingress and
Egress linecards
(1) PBB-EVPN support started in IOS-XR 4.3.2 and 5.1.1 releases

PBB-EVPN Model
Cisco ASR 9000 I-Component:
PBB Edge B-Component:
Bridges Domain PBB Core
Bridges Domain
Interface (Physical / Bundle)

Ethernet Segment Identifier BD-1
(ESI)
I-SID X BD-4
Source B-MAC
BD-2 EVI aaa
Ethernet Flow Points
EVPN
MPLS
(EFP) (Layer2 sub-if) I-SID Y
Forwarder
BD-3 BD-5
I-SID Z EVI bbb
Connecting with
PBB-EVPN Model existing services
Cisco ASR 9000 I-Component:
B-Component: VPLS VFI
PBB Edge
PBB Core (PBB-VPLS)1
EoMPLS PW Bridges Domain
Bridges Domain
BD-1 VFI
I-SID X BD-4
BD-2 EVI aaa

EVPN
MPLS
I-SID Y
Forwarder
BD-3 BD-5
VPLS VFI I-SID Z EVI bbb

VFI
(1) Co-existence of VPLS VFI and EVI under same Core BD in IOS-XR 5.1.2
MINIMAL
PBB-EVPN Single Home Device (SHD) Configuration
PE1 Chassis B-MAC SA

Null ESI
interface Bundle-Ether1.777 l2transport Auto RD for Segment Route
encapsulation dot1q 777 Auto RT for EVI
Auto RD for EVI
l2vpn
bridge group gr1 PBB I-component
bridge-domain bd1 Includes I-SID assignment PE1
interface Bundle-Ether1.777 Bundle-
CE1 Eth1.777
pbb edge i-sid 256 core-bridge core_bd1 MPLS
PBB B-component Core
bridge group gr2 No need to define B-VLAN
bridge-domain core_bd1 Mandatory - Globally
pbb core unique identifier for all PEs
evpn evi 1000 in a given EVI
router bgp 64
bgp router-id 1.100.100.100
address-family l2vpn evpn
! BGP configuration with
neighbor 2.100.100.100 new EVPN AF
remote-as 64 Note: MPLS / LDP configuration
update-source Loopback0 required on core-facing interfaces (not
address-family l2vpn evpn shown)
PBB-EVPN in Cisco ASR9000
Multi-Homing Use Cases
PBB-EVPN
ASR9000 – Supported Access Multi-Homing scenarios
Single Home Device (SHD) Dual Home Device (DHD) Dual Home Device (DHD)
Single Home Network (SHN) All-Active (Per-Flow) LB Single-Active (Per-Service) LB
PE1 PE1
CE1 BMAC 1 BMAC 1

ESI W ESI W
ESI PE1 VID X VID X
Null CE1 CE1
VID X MPLS MPLS MPLS
Core Core Core
CE2
ESI
Null VID X VID Y
VID X BMAC 1 BMAC 2
ESI W ESI W
PE2 PE2
• Per service (I-SID) carving

• Ideal for Data (manual or automatic)
Center • CE flush via STP TCN /
deployments MVRP
PBB-EVPN
ASR9000 – Supported Access Multi-Homing scenarios (cont.)
Dual Home Network (DHN) Dual Home Network (DHN) Single-Home / Dual Home
ITU-T G.8032 REP Device with nV Satellite
PE1 ESI PE1
CE1 ESI CE1 CE1
VID X Null Null
VID X
nV Sat A
VID Y
VID Y PE1
R-APS REP- CE2
MPLS REP Edge No
REP Neighbor
REP-AG MPLS
AG
G.8032 Core Core
Open Sub-ring
RPL
Link VID X
nV Host
VID X
CE3
ALT VID Y nV Sat B
VID Y
CE2 ESI port CE2 ESI
Null PE2 Null PE2
Ring operation controlled

PBB-EVPN support on nV
by access protocol
Satellite deployments
(G.8032 / REP)
PBB-EVPN
ASR9000 – Supported Access Multi-Homing scenarios (cont.)
Multi Home Device (MHD) Multi Home Device (MHD)

All-Active (Per-Flow) LB Single-Active (Per-Service) LB
PE1 PE1
BMAC 1 BMAC 1
ESI W VID X
ESI W
VID X
CE1 CE1
BMAC 1 BMAC 2
ESI W MPLS ESI W MPLS
VID X
Core Core
VID Y
PE2 PE2
VID X
VID Z
BMAC 1 BMAC 3
ESI W ESI W
PE3 PE3
More than two (2) PEs

in redundancy group
Demonstration
Demonstration Topology
Focus of Demonstration
DHD
Active/Active
Three (3) E-LAN
per Flow Lo0 14.14.14.5
services between
PE1 CE-1, CE-2, CE-3
TG CE2 ASR9006
Lo0 14.14.14.7
P EVI 111 P
PE3
ASR9006 CE3
TG
I-SID
111010
I-SID
111020
I-SID
SHD 111030
SHD with
TG Bundle
PE2
ASR9001 P
CE1 P
Lo0 14.14.14.6
Legend:
SHD = Single-Home Device
DHD = Dual-Home Device
TG = Traffic Generator
Summary
Summary
• EVPN / PBB-EVPN are next-generation L2VPN solutions based on BGP control-
plane for MAC distribution/learning over the core
• EVPN / PBB-EVPN were designed to address following requirements:
– All-active Redundancy and Load Balancing
– Simplified Provisioning and Operation
– Optimal Forwarding
– Fast Convergence
• In addition, PBB-EVPN and its inherent MAC-in-MAC hierarchy provides:
– Simplified control plane operation and faster (data-plane driven) convergence
– Lower control-plane scale requirements (BGP CPU and memory)
– MAC address Scalability
• EVPN / PBB-EVPN applicability goes beyond DCI into Carrier Ethernet use
cases
References
• Cisco.com PBB-EVPN User Documentation:
http://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r5-
1/lxvpn/configuration/guide/lesc51x/lesc51pbb.html
• (Video / Slides) Cisco Live 365: BRKMPL-2333: E-VPN and PBB-EVPN: The
Next Generation of MPLS-Based Layer 2 VPN (2014 Milan)
https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=76547
MPLS Sessions at Cisco Live
• BRKMPL-1100 Introduction to MPLS
• BRKMPL-2100 Deploying MPLS Traffic Engineering
• BRKMPL-2101 Deploying MPLS-based Layer 2 Virtual Private Networks
• BRKMPL-2102 Deploying MPLS-based IP VPNs
• BRKMPL-2108 Designing MPLS in Next Generation Data Center: A Case Study
• BRKMPL-2333 E-VPN & PBB-EVPN: the Next Generation of MPLS-based L2VPN
• BRKMPL-3101 Advanced Topics and Future Directions in MPLS
• LTRMPL-2102 Enterprise Network Virtualization using IP and MPLS Technologies: Introduction
• LTRMPL-3102 Enterprise Network Virtualization using IP and MPLS Technologies: Advanced
• TECMPL-3100 Unified MPLS - An architecture for Advanced IP NGN Scale
• TECMPL-3200 SDN WAN Orchestration in MPLS and Segment Routing Networks
Participate in the “My Favorite Speaker” Contest
Promote Your Favorite Speaker and You Could be a Winner
• Promote your favorite speaker through Twitter and you could win $200 of Cisco
Press products (@CiscoPress)
• Send a tweet and include
– Your favorite speaker’s Twitter handle @jliste2002
– Two hashtags: #CLUS #MyFavoriteSpeaker
• You can submit an entry for more than one of your “favorite” speakers
• Don’t forget to follow @CiscoLive and @CiscoPress
• View the official rules at http://bit.ly/CLUSwin
Complete Your Online Session Evaluation
• Give us your feedback and you
could win fabulous prizes. Winners
announced daily.
• Complete your session evaluation
through the Cisco Live mobile app
or visit one of the interactive kiosks
located throughout the convention
center.
Don’t forget: Cisco Live sessions will be available

for viewing on-demand after the event at
CiscoLive.com/Online
Continue Your Education
• Demos in the Cisco Campus
• Walk-in Self-Paced Labs
• Table Topics
• Meet the Engineer 1:1 meetings
PBB-EVPN Shipping Features
IOS-XR 4.3.2 – Aug 2013 XR 5.1.2 – Apr 2014
ASR9K1 PBB-EVPN Introduction PBB-EVPN Enhancement
• Port, VLAN, VLAN-bundle Mode • MAC Security on PBB-EVPN
• PE Auto-discovery • PBB-EVPN and PBB-VPLS Seamless Integration
• Ethernet Segment Identifier Auto-config w/ LACP
• Single-homing
• Single-active Multi-homing
• All-active Multi-homing
• Access Redundancy w/ LACP, G.8032, MST, nV
Cluster
• Designated Forwarding (DF) election
• MAC Mobility
• Multicast Ingress Replication
• BGP ISSU and NSR
• BGP Route Reflector (RR) for PBB-EVPN
IOS XE 3.11 – Nov 2013

ASR1K • BGP Route Reflector (RR) for PBB-EVPN
(1) Requires use of Enhanced Ethernet Linecards (Typhoon) for access-facing and core-facing interfaces
BGP Routes and Attributes
BGP Routes
Overview
• EVPN defines a single new BGP NLRI used to carry all EVPN routes
– EVPN NLRI carried in MP_REACH_NLRI and MP_UNREACH_NLRI BGP attributes
defined in RFC4760
– EVPN NLRI shared by EVPN and PBB-EVPN with common EVPN SAFI (70)
• BGP Capabilities Advertisement used to ensure that two speakers support
EVPN NLRI (per RFC4760)
[1] Ethernet Auto-Discovery (AD) Route
[2] MAC Advertisement Route
1 byte Route Type
[3] Inclusive Multicast Route
1 byte Length
[4] Ethernet Segment Route
Variable Route Type Specific
EVPN NLRI
BGP Routes
Route Types and Usage
Route Purpose EVPN PBB-EVPN
Ethernet Auto- • MAC Mass-Withdraw

Discovery (A-D) • Aliasing (encodes Aliasing label)
✔ Not Needed1
Route • Split-Horizon Filtering (encodes SH
label)
MAC
• Advertise MAC Address Reachability
Advertisement ✔ ✔
• Advertise IP/MAC Bindings
Route
Inclusive Multicast
Route • Multicast Tunnel Endpoint Discovery ✔ ✔
Ethernet Segment • Redundancy Group Discovery

Route ✔ ✔
• Designated Forwarder (DF) Election
(1) Aliasing,
BRKMPL-2333 split-horizon
© 2014 Ciscoand fastitsconvergence
and/or is achieved
affiliates. All rights reserved.through usePublic
Cisco of shared B-MAC
55 /per segment for PEs on same redundancy group
BGP Routes
Route Attributes and Usage
Route
Attribute Purpose
Applicability
ESI MPLS Label • Encode Split-Horizon Label for Ethernet Ethernet A-D
Extended Community Segment Route
• Indicate Redundancy Mode (Single-Active vs.
All-Active)
ES-Import Extended • Limit the import scope of the Ethernet Segment Ethernet
Community routes Segment Route
MAC Mobility Extended • EVPN: Indicate that a MAC address has moved MAC
Community from one segment to another across PEs1 Advertisement
• PBB-EVPN: Signal C-MAC address flush Route
notification
Default Gateway • Indicate the MAC/IP bindings of a gateway MAC
Extended Community Advertisement
Route
(1) MAC
BRKMPL-2333 (C-MAC) move
© 2014 events
Cisco and/ordo
its not require
affiliates. any control
All rights plane involvement
reserved. Cisco Public with PBB-EVPN
56
PBB-EVPN IOS-XR Implementation
Configuration and Examples
MINIMAL
PBB-EVPN Single Home Device (SHD) Configuration
Chassis B-MAC SA
Null ESI
Auto RD for Segment Route
PE1 Auto RT for EVI
interface Bundle-Ether1.777 l2transport Auto RD for EVI
encapsulation dot1q 777
l2vpn
PBB I-component PE1
bridge group gr1
bridge-domain bd1 Includes I-SID assignment CE1
Bundle-
Eth1.777
interface Bundle-Ether1.777 MPLS
pbb edge i-sid 256 core-bridge core_bd1 Core
PBB B-component
bridge group gr2 No need to define B-VLAN
bridge-domain core_bd1
pbb core
Mandatory - Globally
evpn evi 1000 unique identifier for all PEs
in a given EVI
router bgp 64
!
neighbor 2.100.100.100 BGP configuration with
remote-as 64 new EVPN AF
update-source Loopback0 Note: MPLS / LDP configuration
address-family l2vpn evpn required on core-facing interfaces (not
shown)
PBB-EVPN Single Home Device (SHD) with PW access
PE1
l2vpn
PBB I-component includes:
bridge group gr1
bridge-domain bd1 - Access PW
neighbor 14.14.14.10 pw-id 111010 - I-SID assignment PW
PE1
! VC ID 111010
pbb edge i-sid 256 core-bridge core_bd1 CE1
MPLS
PBB B-component MPLS Core
bridge group gr2
bridge-domain core_bd1 No need to define B-VLAN
PEx
pbb core Mandatory - Globally 14.14.14.10
evpn evi 1000
unique identifier for all PEs
router bgp 64 in a given EVI
!
neighbor 2.100.100.100
remote-as 64 BGP configuration with
update-source Loopback0 new EVPN AF
Note: MPLS / LDP configuration
required on core-facing interfaces (not
shown)
MINIMAL
PBB-EVPN Dual Home Device (DHD) Configuration
All-Active (per-FLOW) Load-Balancing Auto-sensed B-MAC SA

Auto-sensed ESI
PE1
redundancy iccp group 66 Auto RD for Segment Route
mlacp node 1 Auto RT for EVI
mlacp system priority 1 Auto RD for EVI PE1
mlacp system mac 0111.0222.0111 A/A Per-flow LB (default)
mode singleton
Auto DF / service carving Bundle-
backbone interface GigabitEthernet 0/0/0/1 Eth25.1 Gig0/0/0/1
interface Bundle-Ether25 PE2 should use same RG #
mlacp iccp-group 66 CE1
PE2 should use different mlacp
MPLS
interface Bundle-Ether25.1 l2transport node id Core
encapsulation dot1q 777 PE2 should use same mlacp
l2vpn system mac and system priority
bridge group gr1 Bundle-
bridge-domain bd1 Eth25.1
interface Bundle-Ether25.1 ICCP in singleton mode (i.e.No
pbb edge i-sid 256 core-bridge core_bd1 peer neighbor configuration) PE2
bridge group gr2

bridge-domain core_bd1 PBB I-component and B-
pbb core component configuration. ISIDs
evpn evi 1000
must match on both PEs
router bgp 64 No need to define B-VLAN
Note: MPLS / LDP configuration
address-family l2vpn evpn Mandatory EVI ID configuration required on core-facing interfaces (not
neighbor 2.100.100.100 shown)
remote-as 64 BGP configuration with
address-family l2vpn evpn new EVPN AF
MINIMAL
PBB-EVPN Dual Home Device (DHD) Configuration
Single-Active (per-Service) Load-Balancing and Dynamic Service Carving

Chassis B-MAC SA (def.)
Manual ESI
PE1 Auto RD for Segment Route
interface Bundle-Ether25.1 l2transport Auto RT for EVI PE1
encapsulation dot1q 777 Auto RD for EVI
evpn A/A Per-Service LB Bundle-
Eth25
interface Bundle-Ether25 Auto Service Carving (def.)
ethernet-segment
identifier system-priority 1 system-id 0300.0b25.00ce
A/A per-service (per-ISID) CE1
load-balancing-mode per-service load balancing with MPLS
l2vpn dynamic Service Carving Core
bridge group gr1 ESI must match on both
bridge-domain bd1 PEs
interface Bundle-Ether25.1 Bundle-
pbb edge i-sid 256 core-bridge core_bd1 Eth25
PBB I-component and B-
bridge group gr2 PE2
component configuration.
bridge-domain core_bd1
pbb core
ISIDs must match on both
evpn evi 1000 PEs
router bgp 64
No need to define B-VLAN
bgp router-id 1.100.100.100 Mandatory EVI ID
address-family l2vpn evpn configuration Note: MPLS / LDP configuration
neighbor 2.100.100.100 required on core-facing interfaces (not
remote-as 64
address-family l2vpn evpn BGP configuration with shown). ICCP (singleton) config (not
new EVPN AF shown)
Acronyms— IP and MPLS
Acronym Description Acronym Description
AC Attachment Circuit PW Pseudo-Wire
AS Autonomous System PWE3 Pseudo-Wire End-to-End Emulation
BFD Bidirectional Failure Detection QoS Quality of Service
CoS Class of Service RD Route Distinguisher
ECMP Equal Cost Multipath RIB Routing Information Base
EoMPLS Ethernet over MPLS RR Route Reflector
EVPN Ethernet Virtual Private Network RSVP Resource Reservation Protocol
EVI EVPN Instance RSVP-TE RSVP based Traffic Engineering
FRR Fast Re-Route RT Route Target
IGP Interior Gateway Protocol TE Traffic Engineering
LDP Label Distribution Protocol tLDP Targeted LDP
LER Label Edge Router VC Virtual Circuit
LFIB Labeled Forwarding Information Base VCID VC Identifier
LSM Label Switched Multicast VFI Virtual Forwarding Instance
LSP Label Switched Path VPLS Virtual Private LAN Service
LSR Label Switching Router VPN Virtual Private Network
MPLS Multi-Protocol Label Switching VPWS Virtual Private Wire Service
NLRI Network Layer Reachability Information VRF Virtual Route Forwarding Instance
PSN Packet Switch Network VSI Virtual Switching Instance
Acronyms— Ethernet/Bridging
ACL Access Control List MVRP Multiple VLAN Registration Protocol
BD Bridge Domain PE Provider Edge device
BPDU Bridge Protocol Data Unit PoA Point of Attachment
CE Customer Equipment (Edge) REP Resilient Ethernet Protocol
C-VLAN / CE- REP-AG REP Access Gateway
Customer / CE VLAN
VLAN
RG Redundancy Group
CoS Class of Service
STP Spanning Tree Protocol
DHD Dual Homed Device
LACP Link Aggregation Control Protocol
LAN Local Area Network
MEF Metro Ethernet Forum
MEN Metro Ethernet Network
MIRP Multiple I-Tag Registration Protocol
mLACP Multi-Chassis LACP
MST / MSTP Multiple Instance STP
MSTG-AG MST Access Gateway
Acronyms— Provider Backbone Bridging
B-BEB B-Component BEB I-BEB I-Component BEB
BCB Backbone Core Bridge IEEE Institute of Electrical and Electronics Engineers
B-DA Backbone Destination Address
I-SID Instance Service Identifier
BEB Backbone Edge Bridge
I-Tag I-SID Tag
B-MAC Backbone MAC Address
MAC Media Access Control
B-SA Backbone Source Address
B-Tag B-VLAN Tag N-PE Network-facing Provider Edge device
B-VLAN Backbone VLAN PB Provider Bridge
C-DA Customer Destination Address PBB Provider Backbone Bridge / Bridging
CE Customer Equipment (Edge) PBBN Provider Backbone Bridging Network
C-MAC Customer MAC Address PBN Provider Bridging Network
C-SA Customer Source Address PE Provider Edge device
80 C-VLAN Tag Q-in-Q VLAN tunneling using two 802.1Q tags
C-VLAN / CE- SA Source MAC Address
Customer / CE VLAN
VLAN S-Tag S-VLAN Tag
DA Destination MAC Address S-VLAN Service VLAN (Provider VLAN)
FCS Frame Check Sequence UNI User to Network Interface
IB-BEB Combined I-Component & B-Component BEB U-PE User-facing Provider Edge device
VLAN Virtual LAN

BRKMPL-2333 2014 San Francisco

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BRKMPL-2333 2014 San Francisco

Uploaded by

Copyright:

Available Formats

EVPN & PBB-EVPN: the Next

Generation of MPLS-based L2VPN

Jose Liste (jliste@cisco.com)

Ethernet Virtual Private Network (EVPN) and Provider Backbone Bridging

an All-Active per-flow redundancy

• Looping of Traffic Flooded from PE

• Duplicate Frames from Floods from M1 CE1 CE2 Duplicate !

source MAC (e.g. non MAC based Flip-Flop

• Per-flow and per-service access load-balancing

Ease of Provision and • Peer PEs auto-discovery. Redundancy group auto-sensing

MACs) over Core VID 100

• No pseudowire full-mesh required M1 M2

– Unicast: use MP2P tunnels

• Under standardization at IETF – draft- BGP MAC adv. Route

PBB Ethernet VPN PBB

• Under standardization at IETF – WG draft: draft- PE2 PE4

• Lower control-plane scale requirements

SHD Route Types Extended Communities

[2] MAC Advertisement Route ES-Import

• PBB (IEEE 802.1ah-2008) defines an I-comp

– Performs PBB encap/decap on PIP

• B-Component C-DA / C-SA C-DA / C-SA C-DA / C-SA

CE1 I-SID X BD EVPN

CE1 I-SID X BD EVPN

CE1 I-SID X BD EVPN

CE1 I-SID X BD EVPN

• Split Horizon for Ethernet Segment PE PE

• MAC Flush Notification towards Core and Access B-M1

• PE attached to Ethernet Segment

• For single-homed sites, either ESI: Null

same source B-MAC and ESI PE2

• DF election (manual or automatic)

– A.k.a. Active / Active per-service (AApS) LB PE1 forwards traffic

– Multiple bundles configured on CE VID Y

CE1 CE3 CE1 CE3

PE 2 Inclusive Multicast B-M2

B-M1 VID 100 B-M1 L3 PBB

PE1 MAC Table PE3 MAC Table

(1) PBB-EVPN support started in IOS-XR 4.3.2 and 5.1.1 releases

Interface (Physical / Bundle)

I-SID Z EVI bbb

BD-2 EVI aaa

VPLS VFI I-SID Z EVI bbb

PE1 Chassis B-MAC SA

CE1 BMAC 1 BMAC 1

• Per service (I-SID) carving

Ring operation controlled

Multi Home Device (MHD) Multi Home Device (MHD)

More than two (2) PEs

Don’t forget: Cisco Live sessions will be available

IOS XE 3.11 – Nov 2013

Variable Route Type Specific

Route Purpose EVPN PBB-EVPN

Ethernet Auto- • MAC Mass-Withdraw

Ethernet Segment • Redundancy Group Discovery

All-Active (per-FLOW) Load-Balancing Auto-sensed B-MAC SA

bridge group gr2

Single-Active (per-Service) Load-Balancing and Dynamic Service Carving

MST / MSTP Multiple Instance STP

MSTG-AG MST Access Gateway

You might also like