Skip to content


Tutorial name L2 EVPN-VXLAN with SR Linux
Lab components 3 SR Linux nodes
Resource requirements 2vCPU
4 GB
Containerlab topology file evpn01.clab.yml
Lab name evpn01
Packet captures EVPN IMET routes exchange, RT2 routes exchange with ICMP in datapath
Main ref documents RFC 7432 - BGP MPLS-Based Ethernet VPN
RFC 8365 - A Network Virtualization Overlay Solution Using Ethernet VPN (EVPN)
Nokia 7220 SR Linux Advanced Solutions Guide
Nokia 7220 SR Linux EVPN-VXLAN Guide
Version information1 containerlab:0.15.4, srlinux:21.6.1-250, docker-ce:20.10.2

Ethernet Virtual Private Network (EVPN) is a standard technology in multi-tenant Data Centers (DCs) and provides a control plane framework for many functions.
In this tutorial we will configure a VXLAN based Layer 2 EVPN service3 in a tiny CLOS fabric and at the same get to know SR Linux better!

The DC fabric that we will build for this tutorial consists of the two leaf switches (acting as Top-Of-Rack) and a single spine:

The two servers are connected to the leafs via an L2 interface. Service-wise the servers will appear to be on the same L2 network by means of the deployed EVPN Layer 2 service.

The tutorial will consist of the following major parts:

  • Fabric configuration - here we will configure the routing protocol in the underlay of a fabric to advertise the Virtual Tunnel Endpoints (VTEP) of the leaf switches.
  • EVPN configuration - this chapter is dedicated to the EVPN service configuration and validation.

Lab deployment#

To let you follow along the configuration steps of this tutorial we created a lab that you can deploy on any Linux VM:

The containerlab file that describes the lab topology is referenced below in full:

name: evpn01


      kind: srl
      type: ixrd2
      kind: srl
      type: ixrd2
      kind: srl
      type: ixrd3
      kind: linux
      kind: linux

    # inter-switch links
    - endpoints: ["leaf1:e1-49", "spine1:e1-1"]
    - endpoints: ["leaf2:e1-49", "spine1:e1-2"]
    # server links
    - endpoints: ["srv1:eth1", "leaf1:e1-1"]
    - endpoints: ["srv2:eth1", "leaf2:e1-1"]

Save2 the contents of this file under evpn01.clab.yml name and you are ready to deploy:

$ containerlab deploy -t evpn01.clab.yml
INFO[0000] Parsing & checking topology file: evpn01.clab.yml 
INFO[0000] Creating lab directory: /root/ 
INFO[0000] Creating root CA                             
INFO[0001] Creating container: srv2                  
INFO[0001] Creating container: srv1                  
INFO[0001] Creating container: leaf2                    
INFO[0001] Creating container: spine1                   
INFO[0001] Creating container: leaf1                    
INFO[0002] Creating virtual wire: leaf1:e1-49 <--> spine1:e1-1 
INFO[0002] Creating virtual wire: srv2:eth1 <--> leaf2:e1-1 
INFO[0002] Creating virtual wire: leaf2:e1-49 <--> spine1:e1-2 
INFO[0002] Creating virtual wire: srv1:eth1 <--> leaf1:e1-1 
INFO[0003] Writing /etc/hosts file                      

| # |        Name        | Container ID |              Image              | Kind  | Group |  State  |  IPv4 Address  |     IPv6 Address     |
| 1 | clab-evpn01-leaf1  | 4b81c65af558 |           | srl   |       | running | | 2001:172:20:20::7/64 |
| 2 | clab-evpn01-leaf2  | de000e791dd6 |           | srl   |       | running | | 2001:172:20:20::8/64 |
| 3 | clab-evpn01-spine1 | 231fd97d7e33 |           | srl   |       | running | | 2001:172:20:20::6/64 |
| 4 | clab-evpn01-srv1   | 3a2fa1e6e9f5 | | linux |       | running | | 2001:172:20:20::3/64 |
| 5 | clab-evpn01-srv2   | fb722453d715 | | linux |       | running | | 2001:172:20:20::5/64 |

A few seconds later containerlab finishes the deployment with providing a summary table that outlines connection details of the deployed nodes. In the "Name" column we have the names of the deployed containers and those names can be used to reach the nodes, for example to connect to the SSH of leaf1:

# default credentials admin:admin
ssh admin@clab-evpn01-leaf1

With the lab deployed we are ready to embark on our learn-by-doing EVPN configuration journey!


We advise the newcomers not to skip the SR Linux basic concepts chapter as it provides just enough4 details to survive in the configuration waters we are about to get.

  1. the following versions have been used to create this tutorial. The newer versions might work, but if they don't, please pin the version to the mentioned ones. 

  2. Or download it with curl -LO 

  3. Per RFC 8365 & RFC 7432 

  4. For a complete documentation coverage don't hesitate to visit our documentation portal