Hi, Short answer: no, you cannot avoid the bridge. You can however avoid the dummy interface. Long answer: the bridge is a requirement set by how vxlan works in general, and more specifically in the Linux kernel. VXLAN with BGP-EVPN works with type-2 and type-3 routes to announce VTEPS and remote MACs. On your machine, the kernel needs to store them in a way or another. And it so happens that it already had a mechanism for storing where a MAC has been seen, where it is and on which port: enter the FDB. Rather than duplicating this mechanism for VXLAN interfaces, kernel guys decided to extend bridges’ FDB to contain VXLAN type-2 and type-3 routes. When FRR receives one such route, it is sent over to the kernel, into the bridge’s FDB. You can see the entries with the `bridge fdb show` command, where you’ll see entries like 00:00:00:00:00:00 dev vxlan3052 dst 10.42.74.39 self permanent 00:00:00:00:00:00 dev vxlan3052 dst 10.42.74.167 self permanent 00:00:00:00:00:00 dev vxlan3052 dst 10.42.74.207 self permanent which are type-3 routes once inserted into the kernel, indicating that the vxlan3052 port of the parent bridge has several remote vteps (they will catch BUM packets), and entries like 02:00:00:aa:bb:cc dev vxlan3052 dst 10.42.78.167 self extern_learn 02:00:00:aa:bb:cc dev vxlan3052 extern_learn master br3052 which are type-2 routes once inserted into the kernel, in br3052’s fdb. it indicates to the bridge that the MAC 02:00:00:aa:bb:cc should be sent through it’s vxlan3052 port (just like any old bridge port), with the extra metadata of it being sent to a specific IP address. So to sum up, the bridge is required because it’s what holds evpn routes in the kernel. Alexis
Le 18 mai 2020 à 09:50, Erwan David <erwan@rail.eu.org> a écrit :
Hi,
I set up FRR routers as VTEP for a setting where all trafic on the vxlan will originate on the routers. I setup the BGP l2vpn evpn family address, but I cannot get FRR to announce its routes (type 2 or type 3) if the vxlan interface is not in bridge. I end up bridging it with a dummy interface, but for me it is an ugly workaround. Is there a way to avoid this bridge ?
-- Erwan David
_______________________________________________ frog mailing list frog@lists.frrouting.org https://lists.frrouting.org/listinfo/frog