View
6
Download
0
Category
Preview:
Citation preview
VXLANDesignandDeployment
Aftab SiddiquiInternetSocietysiddiqui@isoc.org
Fundamentals
• VirtualeXtensible LAN(VXLAN)– definedunderRFC7348,co-authoredby:- CumulusNetworks,Arista,Broadcom,Cisco,RedHat,Vmware andIntel• VXLANoverlaysavirtualizedLayer2ontopofaLayer3networkallowingtheextensionofLayer2.• “MACinIP”Encapsulation• Layer2multi-pointtunnelingoverIPUDP• 50BytesHeader
• EnablesLayer2interconnectionacrossLayer3boundaries• TransparenttothephysicalIPnetwork• ProvidesLayer2scaleacrosstheLayer3IPfabric
Layer2Layer3
Layer2
Terminology
• VirtualTunnelEnd-point(VTEP).• TheVTEPactsastheentrypointforconnectinghostsintotheVXLANoverlaynetwork.• ThetaskoftheVTEPistoencap/decap withtheappropriateVXLANheader.• Itcanbeasoftwarevirtualswitchoraphysicalswitch.
• VirtualNetworkIdentifier(VNI)• A24-bitfieldaddedwithintheVXLANheader.• IdentifiestheLayer2segmentoftheencapsulatedEthernetframe• 16millionoptionsascompareto4000inVLAN
VTEP2CE1 VXLANVTEP1 CE2VLAN10
VLAN11
VLAN10
VLAN11
VNI10, VNI11
IP Network
WhyVXLAN
• SupportedinWideVarietyofPlatforms• Broadcom:TridentII/II+,Tomahawk• AristaNetworks,CiscoSystems,Dell,JuniperNetworks• WhiteLabel:BringYourOwnSwitch(BYOS)&PurchaseOperatingSystem(Cumulus,OcNOS &OtherstoFollow)• WidelyDeployedinManyNetworks
• SupportsPointtoPoint&Multi-Point• UDPHeader:• HashingWorksJustLikeAnyOtherUDPTraffic
• WideVendorSupport
VXLANPacket
Source:Cisco
VXLANPacket
VXLAN– withQinQ
VTEP2PE1 VXLANVTEP1 PE2S-Tag 600 S-Tag 600
VNI10, VNI11
IP Network
C-Tag 500 C-Tag 500
SW2(QinQ)PE1 SW1
(QinQ) PE2S-Tag 600 S-Tag 600
C-Tag 500 C-Tag 500Layer 2 Segment
VXLANPacket[QinQ]BeforeEncapsulation
AfterEncapsulation
UseCases:VXLAN– DataCenterInterconnect(DCI)• TointerconnectDataCentersacrossgeographicallydispersesites• Layer2connectivitybetweensites,providingVMmobilitybetweensites• WithintheDCforservermigrationbetweenPODs,forintegratingnewinfrastructure
Datacenter 1
Datacenter 2
Datacenter 3
VNI
VNI
VNI
UseCases:VXLAN– CloudProvider• ProviderlookingtosupportmultiplecustomersoverasharedL3infrastructure.• Wantstheflexibilitytodeploytenantresourcesacrossracks.• Layer2(VXLANbridging)requiredtostitchthetenant’sresources/appliancestogetheracrossracks.
• VRFcanbeusedtosegregatetenantrouting.• FabricVTEPthusonlyrequiredtoprovidelayer2VXLANbridgingservice
Layer 3 Fabric
VNI
VNI
TOR TOR TOR
VXLAN– Notforeverything
• Worksfine:• Routingprotocols• VLAN• QinQ• Multicast
• Doesn’tWork• LLDP(workslocallyonly)• LACP(workslocallyonly)• CoS Preservation• 802.1x
Summary
• OperationallySimpleEthernetLineServices• EliminateProtocolDependency&Complexity• ExpandVendorChoice
• Practical&EconomicalDeployments• DeployServicesOverLegacyNetworksorIPOnlyNetworks• DeployServicesOverOtherProvidersNetworks
• FutureUseCases:• RemoteTAPTransport• HubandSpokeELINEServices• MoreMobileManagementApplicationstodeliverSelfServices
AnyQuestions?
Recommended