Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 1
OTV in CCIE Data Center Sunny LiYu Zhang – China TAC
CCIE# 16691
RS/Voice/SP/Security/DataCenter/Wireless
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 2
Agenda
CCIE Data Center Overview and Resources
OTV Architecture Principles
Overview
Terminology
Control Plane / Data Plane
Failure Isolation
Multi-Home
OTV Configuration Examples
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 3
Agenda
CCIE Data Center Overview and Resources
OTV Architecture Principles
Overview
Terminology
Control Plane / Data Plane
Failure Isolation
Multi-Home
OTV Configuration Examples
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 5
Cisco Unified Data Center
UNIFIED
MANAGEM
ENT
UNIFIED
FABRIC
UNIFIED
COMPUTI
NG
Cisco Unified Computing : UCS Cisco Unified Fabric : Nexus Cisco Unified Management : UCSM / Prime
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 6
Data Center Lab Exam
UCS C200 Series Server
UCS-6248 Fabric Interconnects
UCS-5108 Blade Chassis
MDS 9222i
Nexus7009
Nexus5548
Nexus2232
Nexus 2224
Nexus 1000v
Cisco Application Control Engine Appliance - ACE4710
所需的硬件设备
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 7
Data Center Lab Exam: Locations
Sydney
San Jose
RTP Brussels
Eight fixed CCIE Lab Locations for CCIE DC
Tokyo
Dubai
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 8
在线学习讲座 文档
讨论
官方博客和有用的信息
认证项目相关信息
8
学习资源:如何在CLN上找到
www.clnchina.com.cn
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 9
学习资源:思科服务支持社区 — CSC Cisco Support Community,是思科TS(Technical Services)部门为广大思科客户及合作伙
伴提供技术服务支持的新平台。在线答疑专家定期解决大家提出的问题。亦可通过“在线提
交Case”直接提交TAC服务请求,我们的技术支持专家会尽快为您解决。
www.csc-china.com.cn
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 10
Agenda
CCIE Data Center Overview and Resources
OTV Architecture Principles
Overview
Terminology
Control Plane / Data Plane
Failure Isolation
Path Optimization
OTV Configuration Examples
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 11
Overlay Transport Virtualization (OTV)
O
V
Overlay - A solution that is independent of the
infrastructure technology and services, flexible
over various inter-connect facilities
Transport - Transporting services for layer 2
and layer 3 Ethernet and IP traffic
Virtualization - Provides virtual connections,
connections that are in turn virtualized and
partitioned into VPNs, VRFs, VLANs
T
OTV delivers a virtual L2 transport over any L3 Infrastructure
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 12
Challenges with LAN Extensions Real Problems Solved by OTV
Extensions over any transport (IP, MPLS)
Failure boundary preservation
Site independence / isolation
Optimal BW utilization (no head-end replication)
Resiliency/multihoming
Built-in end-to-end loop prevention
Multisite connectivity (inter and intra DC)
Scalability
VLANs, sites, MACs
ARP, broadcasts/floods
South Data
Center
North Data
Center Fault
Domain
Fault
Domain
Fault
Domain
Fault
Domain
LAN Extension
Only 5 CLI commands
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 13
Overlay Transport Virtualization
OTV is a “MAC in IP” technique to extend Layer 2 domains
OVER ANY TRANSPORT
Technology Pillars
Protocol Learning
Built-in Loop Prevention
Preserve Failure
Boundary
Site Independence
Automated Multi-homing
Dynamic Encapsulation
No Pseudo-Wire State
Maintenance Optimal Multicast
Replication
Multipoint Connectivity
Point-to-Cloud Model
First platform to support OTV starting with 5.0(3) release!
Nexus 7000
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 14
Agenda
CCIE Data Center Overview and Resources
OTV Architecture Principles
Overview
Terminology
Control Plane / Data Plane
Failure Isolation
Multi-Home
OTV Configuration Examples
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 15
L2
L3
Transport Infrastructure*
OTV OTV
Terminology: “Edge Device” The Edge Device 是所有OTV功能实现的设备.
The Edge Device 可以位于站点中的核心层或分布层.
一个站点可以有多个OTV Edge Devices (多宿主).
* It can be owned by the Enterprise
or by the Service Provider
OTV Edge Device OTV Edge Device
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 16
L2
L3
Transport Infrastructure
OTV OTV
Terminology: “Internal Interfaces” The Internal Interfaces 是 Edge Devices 连接站点内部的接口,负责承载需要通过OTV传输的流量。(Extended VLAN)
Internal Interfaces 是传统的2层交换接口. OTV Internal Interfaces不需要进行任何的配置.
通常情况下,这些OTV Internal Interfaces 被配置为Layer 2 trunk接口,通过OTV进行扩展。
OTV Internal Interface =
OTV Internal
Interfaces
OTV Internal
Interfaces
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 17
L2
L3
Transport Infrastructure
OTV OTV
Terminology: “Join Interface”
Join interface 是 Edge Device 的上联接口。
Join Interface 通常是一个点到点的三层路由接口。这个接口可以是一个单一的物理接口,也可是由多个物理接口组成的以太网通道接口(PortChannel)
Join Interface 用来物理上加入整个OTV网络。
OTV Join Interface OTV Join Interface
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 18
Terminology: “Overlay Interface”
Overlay Interface 是一个逻辑(虚拟)接口,所有OTV的配置都在这个接口上体现。
Overlay Interface 支持多路访问,支持组播。It’s a logical multi-access multicast-capable interface.
Overlay Interface将站点内的2层帧封装在3层的IP单、组播数据包中,并发送到其他站点。
L2
L3
Transport Infrastructure
OTV OTV Overlay Interface Overlay Interface
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 19
OTV 报文 OTV在标准的IP封装增加了42字节
封装之后的OTV shim头部被附加在原来的IP头部之前,OTV shim头部包含了Overlay的信息 (vlan, overlay number, etc).
原来IP报文中的802.1Q头部被移除,并被拷贝到OTV shim头中
OTV sets the DF (Don’t Fragment) bit on all packets
42 Byte encapsulation (same as VPLSoGRE)
6B 6B 2B 20B 8B
DMAC SMAC Ether Type IP Header
Original Frame 4B CRC V
L
AN
OTV Shim
802.1Q DMAC SMAC Eth Payload
802.1Q
ToS
CoS
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 20
Agenda
CCIE Data Center Overview and Resources
OTV Architecture Principles
Overview
Terminology
Control Plane / Data Plan
Failure Isolation
Multi-Home
OTV Configuration Examples
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 21
OTV控制平面 邻居发现、邻接关系的形成
Edge Devices 建立邻接关系通过OTV控制平面实现。
Edge Devices 可以通过组播( multicast-enabled )和单播( unicast-only )的方式建立邻接关系,根据实际网络是否支持组播而定。OTV支持这两种模式。
West East
South
OTV
OTV
Control Plane
OTV
Control Plane
OTV
Control
Plane
OTV OTV
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 24
Multicast-enabled
Transport
West East
South
OTV
OTV
Control Plane
OTV
Control Plane
OTV
Control
Plane
OTV OTV
IP A IGMP Report IGMP Report
IGM
P
Report
IP B
IP C
Encap
2
OTV Hello 3 Transport
Replication
IP A Mcast G OTV Hello IP A Mcast G OTV Hello
1
OTV Control Plane 基于组播环境的邻居发现
Decap
4
OTV Hello
IP A Mcast G OTV Hello
Decap
4
OTV Hello
IP A Mcast G OTV Hello
5
5
ASM Group
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 25
Multicast-enabled
Transport
West East
South
OTV
OTV
Control Plane
OTV
Control Plane
OTV
Control
Plane
OTV OTV
IP A IGMP Report IGMP Report
IGM
P
Report
IP B
IP C
OTV Control Plane 基于组播环境的邻居发现
Encap 7
OTV Hello
8 Core
Replication
IP C Mcast G OTV Hello
Decap
9
IP C Mcast G OTV Hello
Decap
9
The West Site sees that
the hello contains its ID.
The OTV Adjacency is
Established
10
The South Site sends its
hello with West’s address
in the TLV
OTV Hello OTV Hello
6
ASM Group
From Bottom to
Top
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 26
创建MAC地址表 OTV控制层面
OTV周期性的更新MAC地址可达信息 (控制层面学习).
一旦OTV成功配置,MAC就在系统后台开始自动通告.
无需额外的配置工作
在不同的Edge Devices之间,OTV控制层面使用ISIS作为控制协议。控制全部自动生成,无需人工干预
Core
IP A IP B
IP C
West East
South
MAC Addresses Reachability
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 27
OTV Control Plane 基于组播环境的MAC地址更新
只要 Edge Device 学习到一个新的MAC地址,OTV控制层面会将其关联的VLAN ID和IP地址下一跳更新到远端.
IP下一条地址为 Edge Devices 的 join interface地址.
一个OTV的更新可以包含不同VLAN的多个MAC地址.
一个更新包使用和邻居发现同样方式到达所有OTV Edge Devices.
Core
IP A
West
East
3 New MACs are learned
on VLAN 100
Vlan 100 MAC A
Vlan 100 MAC B
Vlan 100 MAC C
South-East
VLAN MAC IF
100 MAC A IP A
100 MAC B IP A
100 MAC C IP A
4
OTV update is replicated
by the core 3
3
2
VLAN MAC IF
100 MAC A IP A
100 MAC B IP A
100 MAC C IP A
4
3 New MACs are learned
on VLAN 100
1
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 28
Unicast-Only
Transport
East
South
OTV
OTV
Control Plane
OTV
Control Plane
OTV
Control
Plane
OTV OTV
IP A IP B
IP C
OTV Control Plane 单播模式的邻居发现 (Unicast-Only Transport)
West Encap
3
OTV Hello
1 The West Site sends
a “hello”
oNL South , IP C East , IP B
2 Head-End
Replication
OTV Hello IP A IP C OTV Hello
IP A IP B OTV Hello
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 29
Unicast-Only
Transport
East
South
OTV
OTV
Control Plane
OTV
Control Plane
OTV
Control
Plane
OTV OTV
IP A IP B
IP C
OTV Control Plane 单播模式的邻居发现 (Unicast-Only Transport)
Decap
4
OTV Hello
IP A IP C OTV Hello
IP A IP C OTV Hello
Decap
4
OTV Hello The other sites received
the West site’s hello
5
5
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 30
OTV Data Plane: 站点内部流量
OTV OTV OTV OTV
MAC TABLE
VLAN MAC IF
100 MAC 1 Eth 2
100 MAC 2 Eth 1 Layer 2
Lookup
1
West
Site MAC 1
East
Site
1. Layer 2 lookup on the destination MAC address.
2. MAC 2 is reachable through Ethernet 1.
3. The frame is delivered to the destination.
MAC 2
MAC 1 MAC 2
Transport Infrastructure
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 31
Transport Infrastructure
OTV Data Plane: 站点间流量
OTV OTV OTV OTV
MAC TABLE
VLAN MAC IF
100 MAC 1 Eth 2
100 MAC 2 Eth 1
100 MAC 3 IP B
100 MAC 4 IP B
MAC 1 MAC 3
IP A IP B MAC 1 MAC 3
MAC TABLE
VLAN MAC IF
100 MAC 1 IP A
100 MAC 2 IP A
100 MAC 3 Eth 3
100 MAC 4 Eth 4
Layer 2
Lookup
5 IP A IP B MAC 1 MAC 3 MAC 1 MAC 3 Layer 2
Lookup
1 Encap
2 Decap
4
MAC 1 MAC 3 West
Site MAC 1 MAC 3
East
Site
1. Layer 2 lookup on the destination MAC. MAC 3 is reachable through IP B.
2. The Edge Device encapsulates the frame. 3. The transport delivers the packet to the
Edge Device on site East.
4. The Edge Device on site East receives and decapsulates the packet.
5. Layer 2 lookup on the original frame. MAC 3 is a local MAC.
6. The frame is delivered to the destination.
3
6
IP A IP B
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 32
单播模式OTV Adjacency Server Mode (邻居服务器模式)
1. One of the OTV Edge Devices (ED) is configured as an Adjacency Server (AS)*.
2. All EDs are configured to register to the AS: send their site-id and IP address.
3. The AS builds a list of neighbor IP addresses: overlay Neighbor List (oNL).
4. The AS unicasts the oNL to every neighbor.
5. Each node unicasts hellos and updates to every neighbor in the oNL.
IP A
Site 1
Site 2 Site 3
Site 4 Site 5
Unicast-Only
Transport
IP B IP C
IP D IP E Adjacency Server Mode
oNL Site 1, IP A Site 2, IP B Site 3, IP C Site 4, IP D Site 5, IP E
* A redundant pair may be configured
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 33
Agenda
CCIE Data Center Overview and Resources
OTV Architecture Principles
Overview
Terminology
Control Plane / Data Plane
Failure Isolation
Multi-Home
OTV Configuration Examples
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 34
L2
L3
OTV OTV
Spanning Tree 和 OTV 站点独立 OTV是站点透明设计:对STP的拓扑结构没有变化.
每个站点都保持其自身的STP设计.
这个是OTV内置的功能,无需额外配置.
Edge Device只在Internal Interfaces发送和接受BPUD,参与STP.
The BPDUs stop here
The BPDUs stop here
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 35
L2
L3
OTV OTV
未知单播和OTV 未知单播不会在不同的DC之间泛洪 OTV不会通过overlay接口,以泛洪的机制学习MAC地址.
OTV不会在overlay接口上转发未知单播数据帧。这是OTV内置的功能,不需要额外配置。
这些情况基于一个假设:接入终端不存在单向数据流或费对称数据流.
MAC TABLE
VLAN MAC IF
100 MAC 1 Eth1
100 MAC 2 IP B
- - -
MAC 1 MAC 3
No MAC 3 in the MAC Table
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 36
控制 ARP 流量 ARP 邻居发现 (ND:Neighbor-Discovery) 缓存
每个OTV的Edge Devices均通过侦听ARP回复数据来维护一个ARP缓存表.
第一个ARP请求将广播到所有站点,但以后同样的ARP请求丢将由Edge Devices本地回复.
跨越多个站点的ARP数据流将大幅减少.
Transport
Infrastructure
OTV
OTV
ARP Cache
MAC 1 IP A
MAC 2 IP B
ARP reply
2
First ARP
request (IP A)
1 Snoop & cache ARP reply
3
Subsequent ARP requests
(IP A)
4 ARP reply on behalf of
remote server (IP A)
5
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 37
Agenda
CCIE Data Center Overview and Resources
OTV Architecture Principles
Overview
Terminology
Control Plane / Data Plane
Failure Isolation
Multi-Home
OTV Configuration Examples
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 38
OTV对多宿主支持 基于VLAN的AED
OTV提供了一个无环路的多宿主选择机制,自动为每站点的每一个VLAN选择一个“指定转发设备”.
“指定转发设备”我们叫做“授权边缘设备” Authoritative Edge Device (AED).
对于站点多宿主的探测是完全自动的,不需要额外的协议和配置.
OTV将针对一组VLAN选举一个Edge Devices作为AED,站点内的Edge Devices通过“OTV site-vlan”发现对方
AED的作用:
针对VLAN的MAC地址通告
转发对应VLAN的数据
OTV
OTV
AED
Internal peering for AED election
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 39
OTV对多宿主支持 基于VLAN的负载均衡
AED是基于每站点,每VLAN的选举关系.
同一站点内所有VLAN将由不同的OTV Edge Devices承担.
在一个双归属的站点上,通过内置的算法决定AED(可以手动配置*):
Lower IS-IS System-ID (Ordinal 0) = 偶数VLANs
Higher IS-IS System-ID (Ordinal 1) =基数VLANs
Core
OTV
OTV
OTV
OTV
AED AED
AED AED
MAC TABLE
VLAN MAC IF
100 MAC 1 IP A
200 MAC 2 IP B IP A
IP B
*需要软件支持
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 40
Agenda
CCIE Data Center Overview and Resources
OTV Architecture Principles
Overview
Terminology
Control Plane / Data Plane
Failure Isolation
Multi-Home
OTV Configuration Examples
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 41
组播模式的OTV配置 OTV CLI Configuration (Multicast-enabled Transport)
interface Overlay0
otv join-interface Ethernet1/1
otv control-group 239.1.1.1
otv data-group 232.192.1.0/24
otv extend-vlan 100-150
otv site-vlan 99
Connects to the core. Used to join the Overlay network. Its IP address is used as source IP for the OTV encap
ASM/Bidir group in the core used for the OTV Control Plane.
SSM group range used to carry the site’s mcast traffic data.
Site VLANs being extended by OTV
VLAN used within the Site for communication between the site’s Edge Devices
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 42
组播模式OTV的配置 只需要5行配置就能运行OTV*
*不包含组播配置
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 43
单播模式的OTV配置 OTV CLI Configuration (Unicast-Only Transport)
interface Overlay0
otv join-interface Ethernet1/1
otv adjacency-server
or otv use-adjacency-server 10.10.10.10
otv extend-vlan 100-150
otv site-vlan 99
Connect to the core. Used to join the core mcast groups. Their IP addresses are used as source IP for the OTV encap
Configures this Edge device as an Adjacency Server
Use a remote Edge Device as the Adjacency Server (mutually exclusive with the previous line)
Site VLANs being extended by OTV
VLAN used within the Site for communication between the site’s Edge Devices
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public BRKDCT-2049_c1 44
单播模式OTV的配置 只需要4行配置就能运行OTV*
*不包含路由配置