Ethernet VPN (EVPN)-based VXLAN overview

Ethernet VPN (EVPN) is a standards-based BGP control plane to advertise MAC addresses, MAC/IP bindings, IP Prefixes, and so on. The initial EVPN standard RFC 7432 defined the BGP EVPN control plane and specifies an MPLS data-plane. The control plane with an MPLS data plane was extended to consider additional data plane encapsulations models. These models include VXLAN, NVGRE, and MPLS over GRE which is detailed in RFC 8365. This section focuses on EVPN and its operation with a VXLAN data plane for building overlay networks.

Static VXLAN uses flood and learn (or ingress replication) to learn the MACs of the remote host, which involves manual configurations of remote VXLAN Tunnel End Points (VTEPs) in the flood list. MP-BGP EVPN is used to discover remote VTEPs and advertise MAC address and MAC/IP bindings in the VXLAN overlay, thus eliminating the flood and learn. MP-BGP supports a new EVPN Network Layer Reachability Information (NLRI) carried in BGP using Multiprotocol BGP Extensions with a newly defined Address Family Identifier (AFI) and Subsequent Address Family Identifier (SAFI). Route Distinguisher (RD) is a unique number prepended to the advertised address within the VRF, ensuring support for overlapping IP addresses and MACs across different tenants. Routes can be imported and exported across VLANs and VRFs using a BGP extended community called Route Target (RT) that are advertised along with the EVPN routes.

Configuring static VTEPs is not supported when EVPN is enabled.
VMware NSX-V integration and EVPN are mutually exclusive and cannot be configured together.
EVPN control pane is supported on the 6300, 6400, 8325, 8360, and 8400 switches.

See also Border Gateway Protocol (BGP) in the IP Routing Guide.