full-2qfx-4srv-evpnvxlan: only leafs!


https://www.inetzero.com/qfxmxevpn/


1- interface ( ethernet- )
2- routing option: RID, AS#,
3- BGP protocol + group + policies
4- EVPN protocols and policies
5- Switching options and policies
7- Vlan 
8- Access interfaces


vqfx1 IP, OSPF. BGP, MPLS and LDP
set system host-name vqfx1
delete interfaces xe-0/0/0.0 family inet dhcp
set interfaces xe-0/0/0 unit 0 family inet address 10.11.12.11/24
set interfaces xe-0/0/0 unit 0 family mpls
set protocols lldp interface all

set interfaces lo0.0 family inet address 11.11.11.11/32
#OSPF IGP Configuration
set protocols ospf area 0 interface xe-0/0/0
set protocols ospf area 0 interface lo0

set routing-options autonomous-system 65100
set routing-options router-id 11.11.11.11
set routing-options autonomous-system 65100
set routing-options forwarding-table export pfe-ecmp
set forwarding-options storm-control-profiles default all

set protocols bgp group iBGP local-address 11.11.11.11
set protocols bgp group iBGP type internal
set protocols bgp group iBGP neighbor 12.12.12.12
set protocols bgp group iBGP family evpn signaling

set protocols ldp interface xe-0/0/0.0
commit and-quit
vqfx2 IP,OSPF,BGP
set system host-name vqfx2
delete interfaces xe-0/0/0.0 family inet dhcp
set interfaces xe-0/0/0.0 family inet address 10.11.12.12/24
set interfaces lo0.0 family inet address 12.12.12.12/32
set protocols ospf area 0 interface xe-0/0/0
set protocols ospf area 0 interface lo0
set routing-options autonomous-system 65100
set protocols bgp group iBGP local-address 12.12.12.12
set protocols bgp group iBGP type internal
set protocols bgp group iBGP neighbor 11.11.11.11
set protocols bgp group iBGP family evpn signaling
commit and-quit

evpn
vagrant@vqfx1> show configuration | display set | except Juniper-qfx


set interfaces xe-0/0/1 unit 0 family ethernet-switching

# BGP and policy
set protocols bgp group iBGP type internal
set protocols bgp group iBGP local-address 11.11.11.11
set protocols bgp group iBGP import OVERLAY-IN
set protocols bgp group iBGP family evpn signaling
set protocols bgp group iBGP bfd-liveness-detection minimum-interval 350
set protocols bgp group iBGP bfd-liveness-detection multiplier 3
set protocols bgp group iBGP bfd-liveness-detection session-mode automatic
set protocols bgp group iBGP multipath
set protocols bgp group iBGP neighbor 12.12.12.12
set policy-options policy-statement OVERLAY-IN term reject-remote-gw from family evpn
set policy-options policy-statement OVERLAY-IN term reject-remote-gw from next-hop 12.12.12.12
set policy-options policy-statement OVERLAY-IN term reject-remote-gw from nlri-route-type 1
set policy-options policy-statement OVERLAY-IN term reject-remote-gw from nlri-route-type 2
set policy-options policy-statement OVERLAY-IN term reject-remote-gw then reject
set policy-options policy-statement OVERLAY-IN term accept-all then accept

# EVPN
set protocols evpn vni-options vni 9105 vrf-target export target:1:9105
set protocols evpn encapsulation vxlan
set protocols evpn multicast-mode ingress-replication
set protocols evpn extended-vni-list 9105

# RT/RD for default brideg
set switch-options vtep-source-interface lo0.0
set switch-options route-distinguisher 11.11.11.11:1
set switch-options vrf-import LEAF-IN
set switch-options vrf-target target:9999:9999
set policy-options policy-statement LEAF-IN term import_leaf_esi from community comm-leaf_esi
set policy-options policy-statement LEAF-IN term import_leaf_esi then accept
set policy-options policy-statement LEAF-IN term import_vni9105 from community com9105
set policy-options policy-statement LEAF-IN term import_vni9105 then accept
set policy-options policy-statement LEAF-IN term default then reject
set policy-options community com9105 members target:1:9105
set policy-options community comm-leaf_esi members target:9999:9999
set policy-options policy-statement pfe-ecmp then load-balance per-packet

#vlan
set vlans bd9105 interface xe-0/0/1.0
set vlans bd9105 vxlan vni 9105
set vlans bd9105 vxlan ingress-node-replication
set vlans default vlan-id 1

set protocols igmp-snooping vlan default  ??????

vqfx2
set system host-name vqfx2


set system services ssh root-login allow
set system services netconf ssh
set system services rest http port 8080
set system services rest enable-explorer
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any

set interfaces xe-0/0/0 unit 0 family inet address 10.11.12.12/24
set interfaces xe-0/0/0 unit 0 family mpls
deactivate interfaces xe-0/0/0 unit 0 family mpls
set interfaces xe-0/0/1 description "to access"
set interfaces xe-0/0/1 unit 0 family ethernet-switching
set interfaces em0 unit 0 family inet dhcp
set interfaces em1 unit 0 family inet address 169.254.0.2/24
set interfaces lo0 unit 0 family inet address 12.12.12.12/32
set forwarding-options storm-control-profiles default all
set routing-options router-id 12.12.12.12
set routing-options autonomous-system 65100
set routing-options forwarding-table export pfe-ecmp
set protocols bgp group iBGP type internal
set protocols bgp group iBGP local-address 12.12.12.12
set protocols bgp group iBGP import OVERLAY-IN
set protocols bgp group iBGP family evpn signaling
set protocols bgp group iBGP local-as 65100
set protocols bgp group iBGP bfd-liveness-detection minimum-interval 350
set protocols bgp group iBGP bfd-liveness-detection multiplier 3
set protocols bgp group iBGP bfd-liveness-detection session-mode automatic
set protocols bgp group iBGP multipath
set protocols bgp group iBGP neighbor 11.11.11.11
#IGP
set protocols ospf area 0.0.0.0 interface xe-0/0/0.0
set protocols ospf area 0.0.0.0 interface lo0.0
set protocols ldp interface xe-0/0/0.0
deactivate protocols ldp
set protocols pim interface xe-0/0/0.0
#EVPN
set protocols evpn vni-options vni 9105 vrf-target target:1:9105
set protocols evpn encapsulation vxlan
set protocols evpn multicast-mode ingress-replication
set protocols evpn extended-vni-list 9105
#other protocol
set protocols lldp interface all
set protocols lldp interface xe-0/0/0
set protocols igmp-snooping vlan default
set policy-options policy-statement LEAF-IN term import_leaf_esi from community comm-leaf_esi
set policy-options policy-statement LEAF-IN term import_leaf_esi then accept
set policy-options policy-statement LEAF-IN term import_vni9105 from community com9105
set policy-options policy-statement LEAF-IN term import_vni9105 then accept
set policy-options policy-statement LEAF-IN term default then reject
set policy-options policy-statement OVERLAY-IN term reject-remote-gw from family evpn
set policy-options policy-statement OVERLAY-IN term reject-remote-gw from next-hop 11.11.11.11
set policy-options policy-statement OVERLAY-IN term reject-remote-gw from nlri-route-type 1
set policy-options policy-statement OVERLAY-IN term reject-remote-gw from nlri-route-type 2
set policy-options policy-statement OVERLAY-IN term reject-remote-gw then reject
deactivate policy-options policy-statement OVERLAY-IN term reject-remote-gw
set policy-options policy-statement OVERLAY-IN term accept-all then accept
set policy-options policy-statement pfe-ecmp then load-balance per-packet
set policy-options community com9105 members target:1:9105
set policy-options community comm-leaf_esi members target:9999:9999
set switch-options vtep-source-interface lo0.0
set switch-options route-distinguisher 12.12.12.12:1
set switch-options vrf-import LEAF-IN
set switch-options vrf-target target:9999:9999
set vlans bd9105 interface xe-0/0/1.0
set vlans bd9105 service-id 9105
set vlans bd9105 vxlan vni 9105
set vlans bd9105 vxlan ingress-node-replication
set vlans default vlan-id 1