VXLAN Routing with MLAG

VXLAN Routing with MLAG
https://eos.arista.com/vxlan-routing-with-mlag/

• VXLAN routing routes pkt based on IP address in inner header, not outer VXLAN header. 
• 有个示意图，可以帮助理解
• 在SW-1其实就是简单的Inter VLAN SVI routing
• 只是SVI-VLAN 20有个VTEP／VNI，所以可以Learn到DEST MAC of Svr2
• Srv-2‘s GW SVI-VLAN-20 is on VTEP-1/SW-1
• VNI 1020 链接左右的L2 Domain
• Routing Topologies
• Direct Routing - routing at 1st-hop leaf node for ALL subnets. 
• Indirect Routing - only route for ONE subnet, reduce amt of ARP/MAC resource on leaf
• Indirect is a derivative of direct
• Direct Routing
• works by creating anycast IP address:
• Leaf acts as GW, owns and responds ARP req
• 所有Leaf Config same "ip address virtual" and "ip virtual mac"
• ip address virtual 10.10.10.254/24
• No routing over an VLAN interface w/ "ip address virtual"
• VTEP w/ "ip address virtual" will fwd any ARP responses to virtual router MAC to all neighbor VTEPs via HER(head-replication). So neighbor VTEPs host same ARP tables. 
• in MLAG, ARP res to "virtual ip addr" are sync'ed with MLAG peer. 
• Note: ARP sync between MLAG is done via VXLAN agent, hence "ip virtual address" is ONLY supported with VXLAN config
• virtual VTEP:
• 每个Leaf都有Virtual IP addr + MAC, 所以都可以response ARP req. 
• 所以建立一个vVTEP. 不太明白
• ARP Timer
• Serv1 sends ARP req to VTEP1. By routing, VTEP1 would learn MAC of Serv4 via initial ARP req. 
• But not via subsequent bi-directional data traffic, because returning traffic could be ECMP'd to VTEP2, which also routes and rewrite SrcMAc of  inner pkt by VTEP2 mac. 
• To avoid MAC being flush (default timeout is 5 min), it is advised to config ARP aging timeout (default 4 hours) less than MAC timeout. 
• So force a ARP refresh and re-learning MAC. 
• Direct Routing Config:
• VTEP only needs to announce its loopback/end-point into BGP. 
• Then tenant subnets exit only on the leafs, NOT in BGP or on spines. 
• show vxlan address-table
• show mac address-table