# EVPN/VXLAN

# Symmetric IRB

### AOS-CX EVPN/VXLAN Symmetric IRB

[![Screenshot 2025-06-02 at 1.41.43 PM.png](https://books.designlogic.net/uploads/images/gallery/2025-06/scaled-1680-/screenshot-2025-06-02-at-1-41-43-pm.png)](https://books.designlogic.net/uploads/images/gallery/2025-06/screenshot-2025-06-02-at-1-41-43-pm.png)


### Configuration for Route Reflector

> bfd  
> !  
> vlan 1280  
>  name data-1280  
> vlan 4020  
>  name vxlan-connect  
> evpn  
>  vlan 1280  
>  rd auto  
>  route-target export auto  
>  route-target import auto  
> interface 1/1/23  
>  no shutdown  
>  mtu 9198  
>  no routing  
>  vlan access 4020  
> interface 1/1/24  
>  no shutdown  
>  mtu 9198  
>  no routing  
>  vlan access 4020  
> interface loopback 1  
>  ip address 10.255.1.1/32  
>  ip ospf 1 area 0.0.0.0  
> interface vlan 4020  
>  ip mtu 9198  
>  ip address 172.16.1.10/24  
>  ip ospf 1 area 0.0.0.0  
>  no ip ospf passive  
> interface vxlan 1  
>  source ip 10.255.1.1  
>  no shutdown  
>  vni 1001280  
>  vlan 1280  
> router ospf 1  
>  router-id 10.255.1.1  
>  passive-interface default  
>  bfd all-interfaces  
>  redistribute connected  
>  area 0.0.0.0  
> router bgp 65001  
>  bgp router-id 10.255.1.1  
>  neighbor mcast-mdf peer-group  
>  neighbor mcast-mdf remote-as 65001  
>  neighbor mcast-mdf update-source loopback 1  
>  neighbor 10.255.1.2 peer-group mcast-mdf  
>  neighbor 10.255.1.3 peer-group mcast-mdf  
>  address-family l2vpn evpn  
>  neighbor mcast-mdf send-community both  
>  neighbor 10.255.1.2 route-reflector-client  
>  neighbor 10.255.1.2 activate  
>  neighbor 10.255.1.3 route-reflector-client  
>  neighbor 10.255.1.3 activate  
>  exit-address-family  
> !

### Configuration for leaf 1 switch VLAN 90

> bfd  
> vrf Data  
>  rd 65001:100  
>  route-target export 65001:100 evpn  
>  route-target import 65001:100 evpn  
> vlan 90  
>  name v90  
> vlan 1280  
>  name Data-1280  
> vlan 4020  
>  name vxlan-connect  
> virtual-mac 00:00:02:00:03:00  
> evpn  
>  vlan 90  
>  rd auto  
>  route-target export auto  
>  route-target import auto  
>  redistribute host-route  
>  vlan 1280  
>  rd auto  
>  route-target export auto  
>  route-target import auto  
> interface 1/1/11  
>  no shutdown  
>  no routing  
>  vlan access 90  
> interface 1/1/24  
>  no shutdown  
>  no routing  
>  mtu 9198  
>  vlan access 4020  
> interface loopback 1  
>  ip address 10.255.1.3/32  
>  ip ospf 1 area 0.0.0.0  
> interface vlan 90  
>  vrf attach Data  
>  ip address 192.168.90.1/24  
>  active-gateway ip mac 00:00:02:00:00:03  
>  active-gateway ip 192.168.90.1  
> interface vlan 1280  
>  ip address 10.128.0.251/24  
> interface vlan 4020  
>  ip mtu 9198  
>  ip address 172.16.1.30/24  
>  ip ospf 1 area 0.0.0.0  
> interface vxlan 1  
>  source ip 10.255.1.3  
>  no shutdown  
>  vni 1000090  
>  vlan 90  
>  vni 1001280  
>  vlan 1280  
>  vni 2000100  
>  vrf Data  
>  routing  
> !  
> router ospf 1  
>  router-id 10.255.1.3  
>  bfd all-interfaces  
>  area 0.0.0.0  
> router bgp 65001  
>  bgp router-id 10.255.1.3  
>  neighbor mcast-core peer-group  
>  neighbor mcast-core remote-as 65001  
>  neighbor mcast-core update-source loopback 1  
>  neighbor 10.255.1.1 peer-group mcast-core  
>  neighbor 10.255.1.2 peer-group mcast-core  
>  address-family l2vpn evpn  
>  neighbor mcast-core send-community both  
>  neighbor 10.255.1.1 activate  
>  exit-address-family  
> !  
>  vrf Data  
>  address-family ipv4 unicast  
>  redistribute connected  
>  exit-address-family  
> !

### Configuration for leaf 2 switch VLAN 91

> bfd  
> vrf Data  
>  rd 65001:100  
>  route-target export 65001:100 evpn  
>  route-target import 65001:100 evpn  
> vlan 91  
>  name v91  
> vlan 1280  
>  name data-1280  
> vlan 4020  
>  name vxlan-connect  
> virtual-mac 00:00:02:00:02:00  
> evpn  
>  vlan 91  
>  rd auto  
>  route-target export auto  
>  route-target import auto   
>  redistribute host-route  
>  vlan 1280  
>  rd auto  
>  route-target export auto  
>  route-target import auto  
> interface 1/1/11  
>  no shutdown  
>  no routing  
>  vlan access 91  
> interface 1/1/48  
>  no shutdown  
>  mtu 9198  
>  no routing  
>  vlan access 4020  
> interface loopback 1  
>  ip address 10.255.1.2/32  
>  ip ospf 1 area 0.0.0.0  
> interface vlan 91  
>  vrf attach Data  
>  ip address 192.168.91.1/24  
>  active-gateway ip mac 00:00:02:00:00:02  
>  active-gateway ip 192.168.91.1  
> interface vlan 4020  
>  ip mtu 9198  
>  ip address 172.16.1.20/24  
>  ip ospf 1 area 0.0.0.0  
>  no ip ospf passive  
> interface vxlan 1  
>  source ip 10.255.1.2  
>  no shutdown  
>  vni 1000091  
>  vlan 91  
>  vni 1001280  
>  vlan 1280  
>  vni 2000100  
>  vrf Data   
>  routing  
> !  
> router ospf 1  
>  router-id 10.255.1.2  
>  passive-interface default  
>  bfd all-interfaces  
>  redistribute connected  
>  area 0.0.0.0  
> router bgp 65001  
>  bgp router-id 10.255.1.2  
>  neighbor mcast-core peer-group  
>  neighbor mcast-core remote-as 65001  
>  neighbor mcast-core update-source loopback 1  
>  neighbor 10.255.1.1 peer-group mcast-core  
>  neighbor 10.255.1.3 peer-group mcast-core  
>  address-family l2vpn evpn  
>  neighbor mcast-core send-community both   
>  neighbor 10.255.1.1 activate  
>  exit-address-family  
> !  
>  vrf Data  
>  address-family ipv4 unicast  
>  redistribute connected  
>  exit-address-family  
> !