EVPN

EVPN (Ethernet VPN) provides a control-plane solution for VXLAN overlay networks on NX-OS, enabling scalable Layer 2 and Layer 3 connectivity across data center fabrics through BGP-based MAC and IP route advertisement. It manages per-VNI configuration including route distinguisher assignment, route target import/export policies for both auto-derived and explicitly defined targets, and table map filtering for route policy control. EVPN is essential for modern VXLAN fabric deployments, enabling distributed anycast gateway, ARP suppression, and seamless workload mobility across leaf switches.

Diagram

Classes

configuration (nxos.devices)

Name	Type	Constraint	Mandatory	Default Value
evpn	Class	`[evpn]`	No

evpn (nxos.devices.configuration)

Name	Type	Constraint	Mandatory	Default Value
vnis	List	`[vnis]`	No

vnis (nxos.devices.configuration.evpn)

Name	Type	Constraint	Mandatory
vni	Integer		Yes
rd	String		No
route_target_both_auto	Boolean	`true`, `false`	No
route_target_imports	List	String	No
route_target_exports	List	String	No
table_map	String		No
table_map_filter	Boolean	`true`, `false`	No

Examples

Example 1: L2 VNI with auto route targets for VXLAN bridging

nxos:
  devices:
    - name: LEAF1
      configuration:
        evpn:
          vnis:
            - vni: 10101
              rd: 10.1.100.3:10101
              route_target_both_auto: true
            - vni: 10102
              rd: 10.1.100.3:10102
              route_target_both_auto: true

Example 2: L2 and L3 VNIs with explicit route targets for multi-tenant fabric

nxos:
  devices:
    - name: LEAF1
      configuration:
        evpn:
          vnis:
            # L2 VNIs for bridged traffic
            - vni: 10101
              rd: 10.1.100.3:10101
              route_target_imports:
                - "65000:10101"
              route_target_exports:
                - "65000:10101"
            - vni: 10102
              rd: 10.1.100.3:10102
              route_target_imports:
                - "65000:10102"
              route_target_exports:
                - "65000:10102"
            # L3 VNIs for routed traffic per VRF
            - vni: 11010
              rd: 10.1.100.3:11010
              route_target_imports:
                - "65000:11010"
              route_target_exports:
                - "65000:11010"
            - vni: 11020
              rd: 10.1.100.3:11020
              route_target_imports:
                - "65000:11020"
              route_target_exports:
                - "65000:11020"

Example 3: EVPN VNIs with shared route targets for cross-leaf L2 stretching and table map filtering

nxos:
  devices:
    - name: LEAF2
      configuration:
        evpn:
          vnis:
            - vni: 10101
              rd: 10.1.100.4:10101
              route_target_both_auto: true
              table_map: EVPN-TABLE-MAP
              table_map_filter: true
            - vni: 10102
              rd: 10.1.100.4:10102
              route_target_both_auto: true
            - vni: 11010
              rd: 10.1.100.4:11010
              route_target_both_auto: true
            - vni: 11020
              rd: 10.1.100.4:11020
              route_target_both_auto: true