EVPN routes are not being received from one site to another site.

search cancel

book

calendar_today

VMware NSX

EVPN routes received from an EVPN peer is not installed in the BGP or forwarding table
BGP Neighbor table shows pfxRcd column as 0.

Neighbor doppelganger V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt

##.##.##.## - 4 65208 36 30 0 0 0 00:23:22 0 13
##.##.##.## - 4 65208 36 30 0 0 0 00:23:23 0 13
Topology -- Site-1 VRF-T0 <--BGP--> Site-1 EVPN-T0 <----EVPN----> Site-2 EVPN-T0 <--BGP--> Site-2 VRF-T0
Routes being advertised from Site-1 EVPN-T0 have to be received on the Site-2 VRF-T0 via the Site-2 EVPN-T0. But it couldn't.
frr.log shows that the route update is being denied due to self mac
- 2025/06/26 10:16:26.030486 BGP: ##.##.##.## rcvd UPDATE about ##.##.##.##/32 IPv4 unicast -- DENIED due to: self mac;
  2025/06/26 10:16:26.030492 BGP: ##.##.##.## rcvd UPDATE about ##.##.##.##/27 IPv4 unicast -- DENIED due to: self mac;
  2025/06/26 10:16:26.030509 BGP: bgp_attr_ext_communities: router mac 02:50:56:##:##:10 is self mac

VMware NSX

The uplink interface MAC of site 2 collides with the EVPN RMAC of site 1. When the MAC collides, prefixes received with those RMACs are denied.

The respective uplink interface has to be re-created from the NSX UI Tier-0 interface configuration section to get a non-colliding MAC address.

Validation after interface re-creation

Step - 1 - Collect the site RMAC.

Step - 2 - Cross-check with the other site (site-2) BGP MAC hash

- - Make sure on the site-2 edge command vtysh -c "show bgp mac hash" doesn't have the RMAC of site-1, which was noted down in the previous step.
  - If the new interface has a new MAC, but the show bgp mac hash still holds the RMAC of site-1, put the edge into MM and exit to clear the table.

thumb_up Yes

thumb_down No