On Fri, Apr 19, 2019 at 5:06 AM <[email protected]> wrote: > > > Tarko Tikan > > Sent: Thursday, April 18, 2019 10:14 AM > > > > hey, > > > > > You have effectively created L2 loop over EVPN, so to cut it you need > > > a link between bridged network and EVPN to be a single link. There is > > > no STP in EVPN. > > > > To be fair it's not a full loop but only BUM traffic will loop back to > other PE. > > > Yes but there should be an MPLS label associated with that traffic that says > to the other PE -do not send this traffic back to LAN -cause it's the same > site.
The problem is actually in the other side: the LAN would send BUM traffic sourced from the router back to the other router port, and BUM traffic sourced from the LAN to both router ports. Two sites configured like this in an evpn would cause such traffic to loop infinitely, since Ethernet has no TTL. Three sites would get you to the point of exponential packet duplication where a single broadcast packet could fill your pipes and keep them full until you intervene (or something dies). Allowing a MAC to appear on multiple ports would add a _lot_ of complexity to ethernet (current hardware doesn't support it), and could often result in traffic taking a suboptimal path (since switches only know they saw this source MAC on that port -- not how far away it is). You would need a routing protocol running at layer 2 to solve these issues. Remember that ethernet was initially designed using shared media, and the MAC address was used to allow your NIC to ignore traffic that was being sent to other hosts (to save CPU). The fact that they managed to shoehorn switching in there without re-writing the protocol is magical, but we are still living with some inherent limitations. -- Eldon _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
