Reported via https://forum.vyos.io/t/bgp-l2vpn-evpn-and-individual-rd-and-rt-settings-for-each-vni/8158
Why does the system not allow setting individual rd and rt settings for each vni? FRR lets you do it.
After applying this patch I can create the required configuration:
--- /usr/libexec/vyos/conf_mode/protocols_bgp.py.orig 2021-12-03 15:33:10.137135615 +0000 +++ /usr/libexec/vyos/conf_mode/protocols_bgp.py 2021-12-03 15:33:24.355102005 +0000 @@ -255,15 +255,6 @@ tmp = dict_search(f'route_map.vpn.{export_import}', afi_config) if tmp: verify_route_map(tmp, bgp) - if afi in ['l2vpn_evpn'] and 'vrf' not in bgp: - # Some L2VPN EVPN AFI options are only supported under VRF - if 'vni' in afi_config: - for vni, vni_config in afi_config['vni'].items(): - if 'rd' in vni_config: - raise ConfigError('VNI route-distinguisher is only supported under EVPN VRF') - if 'route_target' in vni_config: - raise ConfigError('VNI route-target is only supported under EVPN VRF') - return None
show protocols bgp { address-family { l2vpn-evpn { advertise-all-vni vni 100 { advertise-svi-ip rd 64524:100 route-target { export 64512:1 import 64590:100 } }
Test
After removing above check (maybe from old FRR 7.5?) the following config:
set protocols bgp address-family l2vpn-evpn advertise-all-vni set protocols bgp address-family l2vpn-evpn rd '65412:100000' set protocols bgp address-family l2vpn-evpn vni 100 advertise-svi-ip set protocols bgp address-family l2vpn-evpn vni 100 rd '11:11' set protocols bgp address-family l2vpn-evpn vni 100 route-target export '64512:1' set protocols bgp address-family l2vpn-evpn vni 100 route-target import '64512:100' set protocols bgp address-family l2vpn-evpn vni 200 advertise-default-gw set protocols bgp address-family l2vpn-evpn vni 200 rd '1.1.1.1:200' set protocols bgp address-family l2vpn-evpn vni 200 route-target export '64512:201' set protocols bgp address-family l2vpn-evpn vni 200 route-target import '64512:200' set protocols bgp local-as '100'
renders:
! router bgp 100 no bgp ebgp-requires-policy no bgp default ipv4-unicast no bgp network import-check ! address-family ipv4 unicast distance 110 169.254.0.0/32 exit-address-family ! address-family ipv4 multicast distance 110 169.254.0.0/32 exit-address-family ! address-family ipv6 unicast distance 110 2001::/128 exit-address-family ! address-family ipv6 multicast distance 110 2001::/128 exit-address-family ! address-family l2vpn evpn advertise-all-vni vni 200 rd 1.1.1.1:200 route-target import 64512:200 route-target export 64512:201 advertise-default-gw exit-vni vni 100 rd 11:11 route-target import 64512:100 route-target export 64512:1 advertise-svi-ip exit-vni rd 65412:100000 exit-address-family exit !