Most VXLAN explanations wave their hands at the exact moment that matters: when a MAC address learned on one leaf becomes a route the rest of the fabric can use. That handoff is the whole point of eVPN.
Two planes, kept separate
VXLAN is the data plane — the encapsulation that carries a frame across an IP underlay. eVPN is the control plane — BGP carrying reachability so leaves don’t have to flood to learn.
- Data plane: original frame wrapped in VXLAN + UDP + IP, sourced and terminated at the VTEP.
- Control plane: MP-BGP with the L2VPN eVPN address family advertising MAC and IP reachability.
The moment a MAC becomes a route
A host sends a frame. The local leaf learns the source MAC on a port — ordinary L2 learning. Then eVPN does the interesting part:
1. leaf learns MAC on access port
2. leaf originates a Type-2 (MAC/IP) route
3. MP-BGP advertises it to every other VTEP
4. remote leaves install it, pointing at this VTEPFrom that point, any leaf can reach the host without flooding — it already has the route. That’s the line between “VLANs stretched with tunnels” and a real, scalable fabric.
Written by the 2× CCIE
Enterprise → cloud → AI networking. I write the breakdowns I wish I’d had. New field notes roughly twice a month.