Abstract: Support is provided for flexible algorithms, used by the border gateway protocol (BGP) route selection process, in the context of segment routing (SR) Prefix segment identifiers (SIDS) advertised using BGP.

Abstract: A first provider edge device may receive device information from a second provider edge device included in an Ethernet virtual private network (EVPN). The device information may identify a media access control (MAC) address and may indicate that the device is connected to the second provider edge device. The first provider edge device may receive data transmitted by the device and may determine, based on information included in the data, that the device has moved from the second provider edge device to the first provider edge device. The first provider edge device may generate a data packet including mobility information indicating that the device has moved to the first provider edge device. The first provider edge device may transmit, via a data plane of the EVPN, the data packet to the second provider edge device to permit the second provider edge device to update routing information for the device.

Abstract: Techniques are described for supporting multiple virtual networks over an underlay network. The techniques may provide support for network slicing and enhanced virtual private networks (VPNs) over the underlay network. In general, the techniques include allocating a subset of resources (e.g., nodes and/or links) of the underlay network to a particular virtual network, and advertising the subset of resources to provider edge (PE) routers that are participating in the virtual network. A network controller device may advertise the subset of resources for the virtual network to the respective PE routers using BGP-LS (Border Gateway Protocol-Link State). Based on the advertisements, each of the PE routers generates a restricted view of the full underlay network topology for the virtual network and, thus, only uses the subset of resources in the restricted view to generate routing and forwarding tables for the virtual network.

Abstract: Techniques are described for supporting multiple virtual networks over an underlay network. The techniques may provide support for network slicing and enhanced virtual private networks (VPNs) over the underlay network. In general, the techniques include allocating a subset of resources (e.g., nodes and/or links) of the underlay network to a particular virtual network, and advertising the subset of resources to provider edge (PE) routers that are participating in the virtual network. A network controller device may advertise the subset of resources for the virtual network to the respective PE routers using BGP-LS (Border Gateway Protocol-Link State). Based on the advertisements, each of the PE routers generates a restricted view of the full underlay network topology for the virtual network and, thus, only uses the subset of resources in the restricted view to generate routing and forwarding tables for the virtual network.

Abstract: A provider edge (PE) device may determine a first identifier, corresponding to a first connection for a first service, and a second identifier, corresponding to a second connection for a second service, where the first connection is between a first customer edge (CE) device and the PE device, and the second connection is between a second CE device and the PE device. The PE device may advertise a first route, associated with the first service, based on the first identifier and a label corresponding to a network instance. The PE device may advertise a second route, associated with the second service, based on the second identifier and the label. The PE device may determine that the first connection is unavailable, and withdraw advertisement of the first route, while maintaining advertisement of the second route, to indicate, to a remote PE device, that the first connection is unavailable.

Abstract: The disclosed computer-implemented method for preventing tromboning in inter-subnet traffic within data center architectures may include (1) detecting, at a leaf node of a data center, a route advertisement that advertises a route to a spine node of another data center that interfaces with the data center, (2) identifying, at the leaf node, an IP identifier of the spine node included in the route advertisement, (3) determining, at the leaf node, that the route corresponds to the spine node based at least in part on the IP identifier identified in the route advertisement, and then in response to determining that the route corresponds to the spine node, (4) rejecting the route to the spine node at the leaf node such that the leaf node does not learn the route to the spine node. Various other methods, systems, and apparatuses are also disclosed.

Abstract: A device may receive, from a first device associated with a first LAN, network traffic destined for a second LAN. The device may provide the first LAN with access to a core network. The device may not provide the second LAN with access to the core network. The device may identify, based on the network traffic, a Layer 3 address associated with a second device. The second device may be associated with the second LAN. The device may determine that the first device is categorized as a leaf device within an Ethernet Tree provided by the device. The device may determine, based on the Layer 3 address, that the second device is categorized as a leaf device within the Ethernet Tree. The device may drop the network traffic based on determining that the first device and the second device are categorized as leaf devices within the Ethernet Tree.

Abstract: Techniques are disclosed for handling withdrawals of Border Gateway Protocol (BGP) join synch routes used to synchronize multicast group join requests. In one example, a first provider edge (PE) router of a plurality of PE routers on an Ethernet segment of an Ethernet Virtual Private Network (EVPN) receives, from a second PE router, a withdrawal of a BGP join synch route. In response, the first PE router determines whether a disruption event or a multicast state timeout event at the second PE router caused the withdrawal. If the disruption event caused the withdrawal, the first PE router retains a multicast state for the multicast group and forwards multicast traffic for the multicast group to a customer edge (CE) router multi-homed to the plurality of the PE routers. If the multicast state timeout event caused the withdrawal, the first PE router deletes the multicast state and stops forwarding the multicast traffic.

Abstract: The techniques of this disclosure may improve multicast forwarding in an Ethernet Virtual Private Network when delivering multicast traffic to receivers on a different IP subnet than the multicast source. A method may include configuring first and second layer-2 domains to forward network traffic; configuring a first layer-3 Integrated Routing and Bridging (IRB) interface for the first layer-2 domain and a second layer-3 IRB interface for the second layer 2 domain; receiving a multicast packet from a multicast source device, the multicast source device being included in the first layer-2 domain, the multicast packet having a multicast receiver device in the second layer-2 domain; and forwarding, using the first and second layer-3 IRB interfaces, the multicast packet to the multicast receiver device, without receiving the multicast packet from another provider edge router that has been elected as the designated router on the second IRB interface for the second layer-2 domain.

Abstract: Techniques are disclosed for handling withdrawals of Border Gateway Protocol (BGP) join synch routes used to synchronize multicast group join requests. In one example, a first provider edge (PE) router of a plurality of PE routers on an Ethernet segment of an Ethernet Virtual Private Network (EVPN) receives, from a second PE router, a withdrawal of a BGP join synch route. In response, the first PE router determines whether a disruption event or a multicast state timeout event at the second PE router caused the withdrawal. If the disruption event caused the withdrawal, the first PE router retains a multicast state for the multicast group and forwards multicast traffic for the multicast group to a customer edge (CE) router multi-homed to the plurality of the PE routers. If the multicast state timeout event caused the withdrawal, the first PE router deletes the multicast state and stops forwarding the multicast traffic.

Abstract: Techniques are described for utilizing Protocol Independent Multicast Sparse Mode (PIM-SM) to transport BUM (broadcast, unknown unicast, and multicast) traffic in a Virtual Extensible LAN (VXLAN) underlay of a data center, where the BUM traffic is received on active-active, multi-homed Ethernet virtual private network (EVPN) interconnects between multiple physical data centers. For example, the techniques may readily be applied to support usage of PIM-SM where provider edge (PE) routers of the EVPN operate as gateways between the EVPN and the VXLAN spanning the data center interconnect.

Abstract: In general, techniques are described for extending routing protocol advertisements to include respective attributes of constituent links of an aggregation group. In one example, a network device includes a management interface that receives configuration information that specifies first and second constituent links for a layer two (L2) aggregated interface. The first and second constituent links are physical links connected to respective physical interfaces of forwarding units of the network device. A routing protocol daemon of the control unit generates a link state message that specifies layer three (L3) routing information associated with the aggregated interface and further specifies an attribute of the first constituent link and an attribute of the second constituent link. The routing protocol daemon sends the link state message from the network device to another network device of the network in accordance with a routing protocol.

Abstract: The techniques described are directed to providing mass withdrawal of media access control (MAC) routes for network devices in an Ethernet virtual private network data center interconnect (EVPN DCI). MAC routes to reach the learned MAC addresses are stored in routing tables with corresponding top-of-rack Ethernet segment identifier (TOR-ESI) values that represent the Ethernet segments from where the MAC addresses were learned. A provider edge (PE) network device may configure and advertise a virtual Ethernet segment identifier (vESI) that includes a plurality of TOR-ESI values. As Ethernet segments of the data center become unavailable, the corresponding TOR-ESI values may be withdrawn from the vESI to form an updated vESI. In this way, MAC routes having a TOR-ESI value that was withdrawn from the vESI may be removed from the routing tables in each of the network devices.

Abstract: A device may transmit, to one or more network devices of a portion of a network, information indicating that the device is configured to perform a static designated forwarder election procedure. The device may determine that the one or more network devices of the portion of the network are each configured to perform the static designated forwarder election procedure. The device may enable a static designated forwarder configuration of the device based on determining that the one or more network devices of the portion of the network are each configured to perform the static designated forwarder election procedure.

Abstract: Techniques are described for utilizing Protocol Independent Multicast Sparse Mode (PIM-SM) to transport BUM (broadcast, unknown unicast, and multicast) traffic in a Virtual Extensible LAN (VXLAN) underlay of a data center, where the BUM traffic is received on active-active, multi-homed Ethernet virtual private network (EVPN) interconnects between multiple physical data centers. For example, the techniques may readily be applied to support usage of PIM-SM where provider edge (PE) routers of the EVPN operate as gateways between the EVPN and the VXLAN spanning the data center interconnect.

Abstract: In some examples, a computing device comprises a first service function instance to apply a service function and a service function forwarder to: receive a first layer 3 routing protocol route advertisement that includes service function instance data for a second service function instance, the service function instance data indicating a service function type and a service identifier for the service function instance; receive a second layer 3 routing protocol route advertisement that includes service function chain data for a service function chain, the service function chain data indicating a service path identifier and one or more service function items; and send, to the second service function instance and based at least on determining a service function item of the one or more service function items indicates the second service function instance, a packet classified to the service function chain.

Abstract: The techniques described are directed to providing mass withdrawal of media access control (MAC) routes for network devices in an Ethernet virtual private network data center interconnect (EVPN DCI). MAC routes to reach the learned MAC addresses are stored in routing tables with corresponding top-of-rack Ethernet segment identifier (TOR-ESI) values that represent the Ethernet segments from where the MAC addresses were learned. A provider edge (PE) network device may configure and advertise a virtual Ethernet segment identifier (vESI) that includes a plurality of TOR-ESI values. As Ethernet segments of the data center become unavailable, the corresponding TOR-ESI values may be withdrawn from the vESI to form an updated vESI. In this way, MAC routes having a TOR-ESI value that was withdrawn from the vESI may be removed from the routing tables in each of the network devices.

Abstract: In general, techniques are described for configuring a provider edge (PE) network device of an Ethernet virtual private network (EVPN) to use a common traffic engineering label (e.g., MPLS label) for different EVPN route types associated with the same EVPN. In some examples, the techniques include sending a first layer three (L3) control plane message that indicates a label-switched network protocol label that corresponds to a first EVPN route type, wherein the first L3 control plane message indicates that a first PE network device is reachable in the L2 segment. The techniques may include performing L2 address learning to determine at least one L2 address associated with the layer two segment of the EVPN. The techniques may include sending a second L3 control plane message that indicates the same label included in the first L3 control plane message corresponds to a second EVPN route type.

Abstract: The disclosed computer-implemented method for preventing tromboning in inter-subnet traffic within data center architectures may include (1) detecting, at a leaf node of a data center, a route advertisement that advertises a route to a spine node of another data center that interfaces with the data center, (2) identifying, at the leaf node, an IP identifier of the spine node included in the route advertisement, (3) determining, at the leaf node, that the route corresponds to the spine node based at least in part on the IP identifier identified in the route advertisement, and then in response to determining that the route corresponds to the spine node, (4) rejecting the route to the spine node at the leaf node such that the leaf node does not learn the route to the spine node. Various other methods, systems, and apparatuses are also disclosed.

Abstract: A device may receive, from a first device associated with a first LAN, network traffic destined for a second LAN. The device may provide the first LAN with access to a core network. The device may not provide the second LAN with access to the core network. The device may identify, based on the network traffic, a Layer 3 address associated with a second device. The second device may be associated with the second LAN. The device may determine that the first device is categorized as a leaf device within an Ethernet Tree provided by the device. The device may determine, based on the Layer 3 address, that the second device is categorized as a leaf device within the Ethernet Tree. The device may drop the network traffic based on determining that the first device and the second device are categorized as leaf devices within the Ethernet Tree.