Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
On 4/May/20 12:21, Gert Doering wrote: > This is *not* funny. > > The work that IETF/IDR is doing these days is truly and deeply scaring > me. "Hey, we have this nice reliable protocol to transport information > from here to there. Why not add tons of different other things we want > to be transported from routers to collectors, or between routers, to > BGP, because, you know, we can?". > > Trying to understand what a BGP speaker is doing is difficult enough > today. Or, for that matter, get an implementation right. I wasn't kidding. For years, I've been saying it won't be long until BGP is transporting DNS. Mark. signature.asc Description: OpenPGP digital signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
> Gert Doering > Sent: Monday, May 4, 2020 11:22 AM > > Hi, > > On Mon, May 04, 2020 at 11:36:09AM +0200, Mark Tinka wrote: > > Of course, all going over BGP :-). > > This is *not* funny. > > The work that IETF/IDR is doing these days is truly and deeply scaring me. > "Hey, we have this nice reliable protocol to transport information from here > to there. Why not add tons of different other things we want to be > transported from routers to collectors, or between routers, to BGP, because, > you know, we can?". > > Trying to understand what a BGP speaker is doing is difficult enough today. > Or, for that matter, get an implementation right. > Well how I see it is that no matter how hard IETF (or "IDR Elders") tries, certain percentage of junk always gets past the "short-sighted idea filter" and eventually makes it into and RFC. It's just these days there seem to be overall increase in junk ideas with hypes around let's put everything through BGP (or EVPN-VXLAN for that matter) -so I guess the filter gets overloaded and naturally the overall number of bad ideas that makes it through increases at times. To be fair to IETF folks though, On the latest IDR (virtual) session on march 30, a number of new "let's use BGP for..." ideas where straight up "slapped", yeah wasn't pretty (or professional in one case, in my opinion) - but I guess one gets pretty tired of stupid ideas after a while). adam ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
> On Mon, 4 May 2020 at 12:15, wrote: > > > Just my 0.01$ > > Can I get a refund? just come and collect a ningi in my shed on Kakafroon Kappa, but beware the vogon's. Yes, you'll get a free Pan Galactic Gargle Blaster. Juergen. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
Hi, On Mon, May 04, 2020 at 11:36:09AM +0200, Mark Tinka wrote: > Of course, all going over BGP :-). This is *not* funny. The work that IETF/IDR is doing these days is truly and deeply scaring me. "Hey, we have this nice reliable protocol to transport information from here to there. Why not add tons of different other things we want to be transported from routers to collectors, or between routers, to BGP, because, you know, we can?". Trying to understand what a BGP speaker is doing is difficult enough today. Or, for that matter, get an implementation right. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
On 4/May/20 11:23, Saku Ytti wrote: > > Can I get a refund? Can I mail it to your WFH :-)? Mark. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
On 4/May/20 11:17, Nick Hilliard wrote: > > > as long as you can encapsulate all that mess in json, I'm good. Well, I'll leave that up to my SDN to wrap into my Segment Routing and move it into my SD-WAN over my 5G :-). Mark. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
On 4/May/20 11:11, c...@marenda.net wrote: > Today everything must go over https (like dns, ...) > but do not forget to use XML to over bloat everything > and use at least TLS Rev. 9.11 . > > Will be punted into the dollar-note big cards (Hollerith) (80 Characters > wide) > Fragmentation will be managed by punting a "C" in Column 5 . > > So we will soon see MPLS over HTTPS with fancy XML-Schemes- > Network-devices will be CHROMOS-Browser-Devices, > Don't think of performance or saleable implementation in hardware, > When that would be ready, the standard has been obsoleted and replaced by Over course, all going over BGP :-). Mark. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
On 4/May/20 11:11, c...@marenda.net wrote: > Today everything must go over https (like dns, ...) but do not forget > to use XML to over bloat everything and use at least TLS Rev. 9.11 . > Will be punted into the dollar-note big cards (Hollerith) (80 Characters > wide) Fragmentation will be managed by punting a "C" in Column 5 . > So we will soon see MPLS over HTTPS with fancy XML-Schemes- > Network-devices will be CHROMOS-Browser-Devices, Don't think of > performance or saleable implementation in hardware, When that would be > ready, the standard has been obsoleted and replaced by Of course, all going over BGP :-). Mark. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
On Mon, 4 May 2020 at 12:15, wrote: > Just my 0.01$ Can I get a refund? -- ++ytti ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
c...@marenda.net wrote on 04/05/2020 10:11: So we will soon see MPLS over HTTPS with fancy XML-Schemes- Network-devices will be CHROMOS-Browser-Devices, Don't think of performance or saleable implementation in hardware, When that would be ready, the standard has been obsoleted and replaced by as long as you can encapsulate all that mess in json, I'm good. Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
>[...] > DC-folks# This STP sucks, let's MC-LAG/VSS everything, ok that sucks let's do > TRILL et, al., that sucked let's do VXLAN, wait, how do we do CP-based mac > learning? Let's do EVPN VXLAN, Oh has anyone reserved VXLAN header field > that can be used for micro-segmentation? Tumbleweed ... > SP-folks# no way we'll have STP to core, let's sue VPLS, that sucked let's use > EVPN/PBB-EVPN.. > > adam Today everything must go over https (like dns, ...) but do not forget to use XML to over bloat everything and use at least TLS Rev. 9.11 . Will be punted into the dollar-note big cards (Hollerith) (80 Characters wide) Fragmentation will be managed by punting a "C" in Column 5 . So we will soon see MPLS over HTTPS with fancy XML-Schemes- Network-devices will be CHROMOS-Browser-Devices, Don't think of performance or saleable implementation in hardware, When that would be ready, the standard has been obsoleted and replaced by Just my 0.01$ Juergen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
> From: Nick Hilliard > Sent: Thursday, April 30, 2020 7:14 PM > > adamv0...@netconsultings.com wrote on 30/04/2020 13:14: > > Never understood this VXLAN nonsense in DC universe (not the comics), > > in SP space this was a solved problem and is a well-trodden path since > > ever -PWs, > > everything has its use. PWs have major problems loadbalancing over multiple > links. > Yes back in the days, but one can use flow labels now, > Also the complexity of mpls + associated control plane is a drawback in > situations. > Well if you compare EVPN VXLAN -there's not that much of a difference compared to EVPN MPLS, oh and with VPN labels you get micro-segmentation for free and not as an afterthought. > Sometimes vxlan provides the required functionality. Why use a > more complicated protocol when a simpler one is a 100% match for your > requirements? > Futureproofing. DC-folks# This STP sucks, let's MC-LAG/VSS everything, ok that sucks let's do TRILL et, al., that sucked let's do VXLAN, wait, how do we do CP-based mac learning? Let's do EVPN VXLAN, Oh has anyone reserved VXLAN header field that can be used for micro-segmentation? Tumbleweed ... SP-folks# no way we'll have STP to core, let's sue VPLS, that sucked let's use EVPN/PBB-EVPN.. adam ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
On 4/29/20 12:23 PM, Sander Steffann wrote: > That combined with the whole mess with "your PSU and fan tray are not > compatible with the 64-bit OS a few years ago" makes me avoid the platform. We got bit by this, not just by the 64-bit thing, but when Cisco deprecated and stopped supporting the whole original chassis in favor of the V2 chassis. Like fork trucking a whole 1/2 rack DC powered chassis is easy to do or something you want to deal with. Big peeve when everything we were running in the chassis was still well within the power budget of what we had wired to the PEM's... yet, they wanted us to replace all of it to get is back under support. NEVER again. -- inoc.net!rblayzor XMPP: rblayzor.AT.inoc.net PGP: https://pgp.inoc.net/rblayzor/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
hi, On Thu, Apr 30, 2020 at 07:13:32PM +0100, Nick Hilliard wrote: > everything has its use. PWs have major problems loadbalancing over > multiple links. Also the complexity of mpls + associated control plane > is a drawback in situations. Sometimes vxlan provides the required > functionality. Why use a more complicated protocol when a simpler one > is a 100% match for your requirements? Which actually makes me wonder why I'm not ditching EVPN completely and going back to VXLAN with configured VTEPs on the Aristas - the system knows where it's peers are, and it MUCH MUCH simpler to figure out all the moving pieces... *sigh* (The idea behind using EVPN was twofold - one: it would interop with A9K. Ditch that. Two: if I add into the same VLAN/VXLAN mesh, I only need configure *that* node, and it will BGP-signal to all the other nodes "hey, I'm part of it!". OTOH, most affected VLANs will only ever see 2 or 3 clusters, and the provisioning knows which devices are part of it... meh) ((Now, if all these ugly hypervisors would actually speak EVPN/whatever, in a reasonably interoperable way, I could just leave the mess to them, and provide a default gateway in some place(s), not bothering with all this layer2 thinking at all. But that's not going to happen either)) Can I retire yet? gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
Hi, On Thu, Apr 30, 2020 at 01:14:12PM +0100, adamv0...@netconsultings.com wrote: > > On Sun, Mar 29, 2020 at 11:52:03AM +0200, Gert Doering wrote: > > > I'm trying to make EVPN via VXLAN encapsulation work between two > > > ASR9001 (with the goal of eventually making it work between ASR9001 > > > and Arista boxes, but right now I'm failing ASR9001 <-> ASR9001 > > > already). > > Would it be feasible to go the EVPN over MPLS route? Arista might support > some basic MPLS forwarding (most Data-Centre switches do). Hah! As in: the Trident 2+/Trident 3 boxes *could* do MPLS P, but Arista says that their MPLS capabilities are too limited so they do not provide any MPLS support for these boxes. Not sure if it actually could do enough actual encap/decap for the MPLS PE bits required for EVPN/MPLS - but if it can't even do P, no good asking. The Jericho boxes can do "all of this", but given the price difference, we run the "customer edge" on Trident boxes - no need for full tables there, rarely a need for extra large buffers or detailed QoS ("these links are never full"). OTOH, Trident 2+ does 802.1q<->VXLAN perfectly well, and T3 even does "routed into VXLAN" without performance impact, so this is where the journey is headed to. Whether we like it or not. Now, as a side note: of course ASR9k does VXLAN with multicast underlay and "MAC learning from the data plane" just fine, but *this* is not supported on the Arista side. Of course. Arista could statically configured VXLAN VTEP neighbours, but *that* is not supported on the ASR9k side. Of course. So, EVPN/VXLAN was the promise "hey, we have an IETF standard here, and both vendors claim to support it". And of course some other BUs inside Cisco actually support this. Yeah. (#include ) > Never understood this VXLAN nonsense in DC universe (not the comics), in SP > space this was a solved problem and is a well-trodden path since ever -PWs, > VPLS now EVPN (even with traffic engineering possibilities -you know the > mice around elephant flows...) > MPLS to DCs is my answer. Unfortunately, vendors still think MPLS is something for people with deep pockets... (like, Juniper charging tons of extra money for the MPLS license for their QFX5k gear...) I'm totally fine with MPLS... we've run that for like 10+ years with lots of cludges around our 6500/sup720s... (like, looped ports from the box to itself to be able to EoMPLS-away a single VLAN which is also routed on the box itself) In the end, I do not really care. The box config and the linkage between "boxes in the same distributed VLAN" is coming from the provisioning magic box, I just need to figure out which of the parts actually work. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
adamv0...@netconsultings.com wrote on 30/04/2020 13:14: Never understood this VXLAN nonsense in DC universe (not the comics), in SP space this was a solved problem and is a well-trodden path since ever -PWs, everything has its use. PWs have major problems loadbalancing over multiple links. Also the complexity of mpls + associated control plane is a drawback in situations. Sometimes vxlan provides the required functionality. Why use a more complicated protocol when a simpler one is a 100% match for your requirements? Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
> Gert Doering > Sent: Wednesday, April 29, 2020 4:22 PM > > remember me...? Fighting with this "simple task" since quite a few weeks... > > On Sun, Mar 29, 2020 at 11:52:03AM +0200, Gert Doering wrote: > > I'm trying to make EVPN via VXLAN encapsulation work between two > > ASR9001 (with the goal of eventually making it work between ASR9001 > > and Arista boxes, but right now I'm failing ASR9001 <-> ASR9001 already). > Would it be feasible to go the EVPN over MPLS route? Arista might support some basic MPLS forwarding (most Data-Centre switches do). Never understood this VXLAN nonsense in DC universe (not the comics), in SP space this was a solved problem and is a well-trodden path since ever -PWs, VPLS now EVPN (even with traffic engineering possibilities -you know the mice around elephant flows...) MPLS to DCs is my answer. adam ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
On 29/Apr/20 18:16, Saku Ytti wrote: > Just because the new NPU can do 40x400GE, doesn't mean we don't still > have applications for 1GE optimised devices with the same features and > functions as the latest and greatest chip. This! Mark. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
Hi, On Wed, Apr 29, 2020 at 07:16:29PM +0300, Saku Ytti wrote: > I think for Gert committing on such an old platform was matter of > density, no need for 9901 density, Right. 9001 is officially still supported, and while I could use a few more 10GE ports, it does what is needed in these POPs - namely, transport about ~6-8 Gbit/s (!!!) with a decent number of 10 Gbit/s ports (so we can go over 1 Gbit on each of them, even if the total throughput is not all that much), full BGP table, proper incoming anti-DDoS rate limiting (the usual reflective UDP crap). We're a small shop - our BGP edge is all 10Gbit/s, but due to "we want it distributed so no box has all the links" the total traffic in the box is much much lower than it could do - so the extra bang of the 9901 and the accompanying price tag makes it not very interesting. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
Hi, >> Oh, the joy of ASR9k… I'm so glad we have chosen another platform. > > I think this is a bit unfair, of course vendors drop support to older > platforms. Oh, I'm not commenting on something not being supported on older hardware. That's totally understandable. What does annoy me is the lack of documentation, the CLI accepting commands that aren't implemented without warning and stuff like that. That combined with the whole mess with "your PSU and fan tray are not compatible with the 64-bit OS a few years ago" makes me avoid the platform. Cheers, Sander signature.asc Description: Message signed with OpenPGP ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
Hi, On Wed, Apr 29, 2020 at 05:11:46PM +0100, Nick Hilliard wrote: > Gert Doering wrote on 29/04/2020 16:21: > > But anyway. In case someone stumbles across this thread in the archives - > > it's not implemented and not expected to work. > > now that this is documented, it's a feature, right? This is all just to save power consumption in the NPU! gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
On Wed, 29 Apr 2020 at 18:36, Sander Steffann wrote: > Oh, the joy of ASR9k… I'm so glad we have chosen another platform. I think this is a bit unfair, of course vendors drop support to older platforms. And this whole problem with tomahawk and lightspeed transition isn't exactly new news, this has been known for 5years or so. It's a balance between being an early adopter and being supported for many years. I think for Gert committing on such an old platform was matter of density, no need for 9901 density, and I think this is where vendors need to wake up. Less dense and lower speed interface doesn't mean we can get away with TH1 or such ASIC, we still need full-blown NPU, large FIB, large RIB, large buffers. Vendors should release 1GE, 10GE, 100GE, 400GE optimised front-plates with latest gen NPU when ever new NPU happens, so what if you have 1% of NPU capacity in the front-plate, that's good problem to have, you can maybe cost optimise bit, by accepting from fab NPU which has lot of cores broken, or book less off-chip memory for delay buffer (less front-plate, less off-chip memory). Just because the new NPU can do 40x400GE, doesn't mean we don't still have applications for 1GE optimised devices with the same features and functions as the latest and greatest chip. -- ++ytti ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
Gert Doering wrote on 29/04/2020 16:21: But anyway. In case someone stumbles across this thread in the archives - it's not implemented and not expected to work. now that this is documented, it's a feature, right? Nick ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
Hi, > After some more research, this is what came back today... > > "... Typhoon supports VXLAN EVPN features that were introduced up to > 6.2.2. Features that were introduced after 6.3.1 are not supported. > Ingress-replication bgp is not supported in Typhoon LCs" > > Which is slightly annoying, given that this seems to be not documented > anywhere AND that the ASR9001 is still not EOLed (as far as my google > fu can find)... > > But anyway. In case someone stumbles across this thread in the archives - > it's not implemented and not expected to work. Oh, the joy of ASR9k… I'm so glad we have chosen another platform. Cheers, Sander signature.asc Description: Message signed with OpenPGP ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] EVPN/VXLAN on ASR9001 - BGP announcements not working
Hi, remember me...? Fighting with this "simple task" since quite a few weeks... On Sun, Mar 29, 2020 at 11:52:03AM +0200, Gert Doering wrote: > I'm trying to make EVPN via VXLAN encapsulation work between two ASR9001 > (with the goal of eventually making it work between ASR9001 and Arista > boxes, but right now I'm failing ASR9001 <-> ASR9001 already). ... so, whatever I did, it wouldn't work. Unicast packets actually do work (provided the B end is not using ESIs, in that case I can see them in the "show evpn evi mac" table, but never in the hardware table), but most prominently, flooding never worked in the local AC --> VXLAN peers direction (while everything in BGP and EVPN and etc. was displaying the expected results). So, long story short, TAC time. XR TAC engineer (very competent) did not bother much with looking at my RDs and ESIs and what not, but looked at NPU packet drops instead - and lo and behold, packet drops in the "RSV_DROP_IPM4_ING_RTE_DROP" category, which could be identified as "yes, these are the ARP packets that are not flooded". After some more research, this is what came back today... "... Typhoon supports VXLAN EVPN features that were introduced up to 6.2.2. Features that were introduced after 6.3.1 are not supported. Ingress-replication bgp is not supported in Typhoon LCs" Which is slightly annoying, given that this seems to be not documented anywhere AND that the ASR9001 is still not EOLed (as far as my google fu can find)... But anyway. In case someone stumbles across this thread in the archives - it's not implemented and not expected to work. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/