How EVPN Transforms VXLAN: Simplify Config, Reduce Flooding, Boost Scalability

Understanding EVPN

The original VXLAN specification (RFC7348) lacked a control plane, requiring manual tunnel configuration and host address learning via traffic flooding, which caused excessive flood traffic and limited scalability. EVPN was introduced as the control plane for VXLAN to address these issues.

EVPN Overview

EVPN is a Layer‑2 VPN technology that replaces traditional MAC learning with a control plane using MP‑BGP extensions to distribute MAC information, aiming to replace other L2VPN methods such as BGP‑L2VPN (RFC6624), LDP‑L2VPN (RFC4906), and VPLS. It operates over IP or IP/MPLS backbones, providing virtual multipoint bridging between Layer‑2 domains.

EVPN Advantages

Simplified configuration: MP‑BGP enables automatic VTEP discovery, VXLAN tunnel creation, and association without manual setup.

Separation of control and data planes: The control plane publishes routing information while the data plane handles packet forwarding.

Multi‑homing support: Multiple VTEPs can connect a single site, improving bandwidth utilization.

Integrated Bridging and Routing (IRB): MP‑BGP can advertise both Layer‑2 MAC addresses and Layer‑3 routes, allowing VTEPs to perform both switching and routing.

What Is BGP EVPN?

BGP, particularly MP‑BGP, is the chosen control‑plane protocol for EVPN. It carries EVPN routes (NLRI) that convey MAC, IP, VNI, and VRF information, enabling efficient host learning and traffic forwarding.

BGP EVPN Route Types

EVPN defines five route types:

Type 1 – Ethernet Auto‑Discovery (AD) route for announcing Ethernet Segment (ES) information.

Type 2 – MAC/IP Advertisement route for announcing MAC and IP addresses.

Type 3 – Inclusive Multicast Ethernet Tag route for VTEP and VXLAN discovery.

Type 4 – Ethernet Segment route for ES and VTEP redundancy information.

Type 5 – IP Prefix route for advertising external IP prefixes.

BGP EVPN as VXLAN Control Plane

In a distributed VXLAN gateway deployment, the control plane establishes VXLAN tunnels and learns MAC addresses dynamically, while the forwarding plane handles intra‑subnet unicast, broadcast, unknown‑multicast (BUM) traffic, and inter‑subnet routing.

Subnet‑Internal VXLAN Tunnel Establishment

When two VTEPs have reachable IP addresses, they form a BGP EVPN peering, exchange Type 3 routes containing VNI and VTEP IP information, and dynamically create a VXLAN tunnel.

MAC Learning via EVPN

EVPN replaces data‑plane flooding with control‑plane MAC learning by propagating Type 2 routes between VTEPs, allowing remote MAC addresses to be learned without broadcast storms.

Inter‑Subnet Routing and ARP Suppression

Type 2 routes can also carry host IP prefixes, enabling host route advertisement. Type 5 routes are used for larger subnet prefixes. EVPN allows ARP broadcast suppression by converting ARP broadcasts to unicast using learned host information.

Data‑Plane Forwarding Process

Intra‑subnet traffic is forwarded at Layer‑2 between VTEPs. Known unicast packets are encapsulated and sent over the VXLAN tunnel. BUM traffic is replicated to all VTEPs in the same broadcast domain. Inter‑subnet traffic is routed by three‑layer VXLAN gateways, with spine nodes forwarding encapsulated packets without processing them.

Conclusion

EVPN leverages MP‑BGP to provide a scalable, efficient control plane for VXLAN, eliminating data‑plane MAC flooding, simplifying configuration, and supporting advanced features such as multi‑homing, IRB, and ARP suppression. Its applicability extends beyond data‑center traffic to emerging 5G networks and related use cases.