Layer 3 forwarding
EVPN uses EVPN gateways to provide Layer 3 forwarding services for hosts in VXLANs.
Integrated Routing and Bridging (IRB)
Integrated Routing and Bridging (IRB) is a solution which provides the routing operation to occur on the nearest VTEP for end hosts. The two forwarding models for IRB functionality are Asymmetric IRB and Symmetric IRB.
The current release supports Asymmetric Integrated Routing and Bridging (IRB) only.
Anycast gateway
To support inter-subnet forwarding on a VTEP, the VTEP acts as an IP Default Gateway from the perspective of the attached Tenant Systems, where the default gateway MAC and IP addresses are configured on each IRB interface associated with its subnet. All the VTEPs for a given tenant subnet use the same Anycast Default Gateway IP and MAC addresses. On each VTEP, the default Gateway IP and MAC addresses are configured on the IRB interfaces connecting to the Tenant Systems. Another option is to configure the same IP but different MACs across the VTEPs.
Anycast gateway configuration is done using the active-gateway command under an IRB interface. An example is as follows:
switch(config)# interface vlan 10
switch(config-if-vlan)# active-gateway ip 10.1.1.1 mac 00:00:02:02:02:02
Active-gateway configuration recommendations for an EVPN environment
The active gateway virtual IP configured must not be the same as the physical IP address of the interface.
Same active gateway virtual IP and physical IP must not be configured for an EVPN environment else it can lead to flooding of data traffic.
Physical IP addresses configured on the IRB interface on VSX-primary and VSX-secondary must be different.
Centralized EVPN gateway deployment—Uses one VTEP to provide Layer 3 forwarding for VXLANs. Typically, the gateway-collocated VTEP connects to other VTEPs and the external network.
Distributed EVPN gateway deployment—Deploys one EVPN gateway on each VTEP to provide Layer 3 forwarding for VXLANs at their respective sites. This design distributes the Layer 3 traffic load across VTEPs.
The current release only supports Centralized EVPN gateway deployment.