An EVPN routing cannot learn problem handling experience case

In the EVPN networking, Border is connected to the external network through VPC1 (VRFA). The VM belongs to VPC2 (VRFB) and hangs under the leaf. Border passes the routes learned from the external network to leaf through EVPN, and connects the two VPCs (using the BGP RT attribute to enable routes to learn from each other).

The remote Border device advertises the prefix route 1.1.1.0/24 through the EVPN control plane. The local leaf checks the system routing table of the VPN VRFB, but there is no such route.

1. Check whether the EVPN neighbor status between the device and the RR is normal. Established is the normal state.

2. Prefix routing is delivered through TYPE 5 routing messages. The sending and receiving of TYPE 5 prefix routing is controlled by the RT configured in the address-family ipv4 view under the ip vpn-instance instance. Second, you need to check whether the RT attributes configured at both ends meet the requirements for BGP route import (the RT attribute carried in the route must have at least one value belonging to the import-extcommunity list configured on the receiving end).

3. Check the EVPN TYPE5 route in BGP to check whether there is a prefix route advertised by the remote end. It can be seen from the following information that the remote prefix route can be received, and the status in the BGP routing table is also valid, and the optimal route is also calculated.

4. Check whether the prefix route is generated normally in the evpn routing-table table, and it is found that the above-mentioned prefix route is not generated. It can be seen from this that the problem occurs in the process of adding the route optimized by BGP to the evpn routing-table table.

5. View the detailed information of the above prefix routing. It is found that the route attributes carried in the following routes are normal, such as extended community attributes such as RT and L3VNI.

6. To generate a route in the routing table, the next hop of this route must be reachable. The EVPN networking is quite special. In the implementation of symmetric IRB forwarding, the next hop of the remote route is the loopback port address of the remote VTEP. The device needs to generate the arp entry of the next hop, and the MAC address in the arp entry is The Router's MAC: 84d9-0000-3908 value in the extended community attribute carried in the above detailed routing information. At the same time, the outgoing interface is the VSI interface of the L3VNI carried in the route. Check whether an ARP entry for the next hop is formed on the device. It can be seen from the following information that the device does not generate the next hop arp information, which eventually causes the routing to fail to take effect.

The IP address, MAC address and other information in ARP can be seen through the detailed information of the route that there is no problem, so you need to check whether the outbound interface of arp is configured correctly. Checking the device configuration found that the device is indeed not correctly configured with the VSI interface corresponding to L3VNI 25001. 

 Examples of correct configuration are:

Resolved after adding the relevant configuration of the L3VNI interface.