Date post: | 08-Jan-2017 |
Category: |
Technology |
Upload: | robb-boyd |
View: | 1,162 times |
Download: | 2 times |
The Secrets to Scalable Multi-TenancyLukas Krattiger @CCIE21921
February, 2016
2© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
• Introduction• VXLAN with BGP EVPN• Multi-Tenancy• Summary
Agenda
3© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Introduction
4© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Overlay Based Data Center FabricsDesirable Attributes:
• Mobility • Segmentation• Scale• Automated & Programmable• Abstracted consumption models• Full Cross Sectional Bandwidth• Layer-2 + Layer-3 Connectivity• Physical + Virtual
RR RR
.…
5© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Overlay Based Data Center: Edge DevicesNetwork Overlays Hybrid OverlaysHost Overlays
• Virtual end-points only• Single admin domain• VXLAN, NVGRE, STT
• Physical and Virtual• Resiliency + Scale• X-Organizations/Federation• Open Standards
• Router/Switch end-points• Protocols for Resiliency/Loops• Traditional VPNs• VXLAN, OTV, VPLS, LISP, FP
Protocols
VV
Physical
Physical
VV
Flooding
Virtual
Virtual
Control PlaneV
V
Physical
Virtual
FYI
6© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Overlay Services• Layer 2
• Layer 3
• Layer 2 and Layer 3
Tunnel Encapsulation Underlay Transport Network
Control Plane• Peer Discovery mechanism
• Route Learning and Distribution– Local Learning– Remote Learning
Data Plane• Overlay Layer 2/Layer 3 Unicast traffic
• Overlay Broadcast, Unknown Unicast, Multicast traffic (BUM traffic) forwarding– Ingress Replication– Multicast
Understanding Overlay Technologies
7© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Underlay
Local LAN Segment
Physical Host
Local LAN Segment
Physical Host
Virtual Hosts
Local LAN Segment
Virtual Switch
Edge Device
Edge Device
Edge Device
IP Interface
IP Fabric Overlay Taxonomy (1)
8© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Local LAN Segment
Physical Host
Local LAN Segment
Physical Host
Virtual Hosts
Local LAN Segment
Virtual Switch
VTEP
VTEP
Overlay (VXLAN)
VTEP
VTEP – VXLAN Tunnel End-Point
VNI/VNID – VXLAN Network Identifier
Encapsulation
IP Fabric Overlay Taxonomy (2)
9© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
VXLAN with BGP EVPN
10© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Optimized Networks with VXLAN
10
Overlay(VXLAN)Integrated
Route/Bridge
Underlay
BGP(EVPN)
11© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
• Standards based Overlay (VXLAN) with Standards based Control-Plane (BGP)
• Layer-2 MAC and Layer-3 IP information distribution by Control-Plane (BGP)
• Forwarding decision based on Control-Plane (minimizes flooding)
• Integrated Routing/Bridging (IRB) for Optimized Forwarding in the Overlay
• Multi-Tenancy At Scale
What is VXLAN with BGP EVPN?
12© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Control- Plane
EVPN MP-BGP - RFC 7432(draft-ietf-l2vpn-evpn)
Data- Plane
Multi-Protocol Label Switching (MPLS)draft-ietf-l2vpn-evpn
Provider Backbone Bridges(PBB)
draft-ietf-l2vpn-pbb-evpn
Network Virtualization Overlay (NVO)
draft-ietf-bess-evpn-overlay
EVPN over NVO Tunnels (e.g. VXLAN) for Data Center Fabric encapsulations
Provides Layer 2 and Layer 3 Overlays over simple IP Networks
Ethernet VPN – EVPN
13© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
ID Title Category
RFC 7348 Virtual eXtensible Local Area Network Data Plane
RFC 7432 BGP MPLS based Ethernet VPNs EVPN Control Plane
draft-ietf-bess-evpn-overlay A Network Virtualization Overlay Solution using EVPN EVPN Control Plane
draft-ietf-bess-evpn-inter-subnet-forwarding Integrated Routing and Bridging in EVPN EVPN Control Plane
draft-ietf-bess-evpn-prefix-advertisement IP Prefix Advertisement in E-VPN EVPN Control Plane
Draft-tissa-nvo3-oam-fm NVO3 Fault Management Mgmt Plane (OAM)
IETF RFC & Drafts – Implemented by CiscoFYI
14© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
VXLAN Evolution with BGP EVPNProtocol Learning
• Uses MP-BGP with EVPN Address family
• Workload MAC and IP Addresses learnt by VXLAN Edge Devices (NVEs)
• Advertises Layer-2 and Layer-3 Address-to-VTEP Association
• Flood Prevention
• Optimized ARP forwarding
IP Services
• VXLAN Routing
• Distributed Anycast Gateway Multi-Tenancy
• Route Reflector for Scale
External Connectivity
• VXLAN Hardware Gateway Redundancy (VPC)
• Integrated physical and virtual Overlays (Hybrid Overlays)
• Inter-Pod Connectivity
• VXLAN Gateway to other Encaps/Networks
Multicast Independent*
• Overlay Control-Plane provides dynamic VTEP discovery
• Head-End Replication enables Unicast-only mode (aka ingress Replication)
*Multicast Independence requires the usage of the Overlay Control-Plane or static configuration
15© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Overlay with Optimized Routing
SpineRR RR
Leaf
.…
VV
VV
V
V
EVPN Control Plane -- Host and Subnet Route DistributionBGP Update
• Host-MAC• Host-IP• Internal IP Subnet• External Prefixes
RRRoute-Reflectors deployed for scaling purposes (iBGP)
BGP Adjacencies
Border
IP / MPLSWAN
16© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Overlay with Optimized Routing
SpineRR RR
Leaf
.…
VV
VV
V
V
EVPN Control Plane -- Host and Subnet Route DistributionBGP Update
• Host-MAC• Host-IP• Internal IP Subnet• External Prefixes
RRRoute-Reflectors deployed for scaling purposes (iBGP)
BGP Adjacencies
Border
IP / MPLSWAN
Scalable Multi-Tenancy with Multiprotocol BGP
EVPN Address-Family: Host MAC+IP, internal/external IP Subnets
BGP enhanced for Fast Convergence at Large Scale
Extensions for Fast and Seamless Host Mobility
Distributed Gateway with Traffic Flow Symmetry
ARP Suppression
17© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Distributed IP Anycast Gateway
SpineRR RR
Leaf
.…
VV
VV
V
V
SVI 200
SVI 100
SVI 100
SVI 100, Gateway IP: 192.168.1.1SVI 200, Gateway IP: 10.10.10.1
Host1MAC: AA:AA:AA:AA:AA:AAIP: 192.168.1.11VLAN 100VXLAN VNI 30001
Host3MAC: CC:CC:CC:CC:CC:CCIP: 192.168.1.33VLAN 100VXLAN VNI 30001
Host2MAC: BB:BB:BB:BB:BB:BBIP: 10.10.10.22VLAN 200VXLAN VNI 30002
bridge
route
18© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Distributed IP Anycast Gateway
SpineRR RR
Leaf
.…
VV
VV
V
V
SVI 200
SVI 100
SVI 100
SVI 100, Gateway IP: 192.168.1.1SVI 200, Gateway IP: 10.10.10.1
Host1MAC: AA:AA:AA:AA:AA:AAIP: 192.168.1.11VLAN 100VXLAN VNI 30001
Host3MAC: CC:CC:CC:CC:CC:CCIP: 192.168.1.33VLAN 100VXLAN VNI 30001
Host2MAC: BB:BB:BB:BB:BB:BBIP: 10.10.10.22VLAN 200VXLAN VNI 30002
bridge
route
Any Subnet Routed Anywhere – Any VTEP can serve any Subnet
Integrated Route & Bridge (IRB) - Route whenever you can, Bridge when needed
No Hairpinning – Optimized East/West and North/South Routing
Seamless Mobility - All Leaf share same Gateway MAC
Reduced Failure Domain – Layer-2/Layer-3 Boundary at Leaf
Optimal Scalability – Route Distributed & closest to the Host
19© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Multi-Destination TrafficIngress Replication
Unicast based Replication• Source VTEP sends unicast copy to every
Destination VTEP• Requires only Unicast• Simples way of Traffic Replication
Multicast
Multicast based Replication• Source VTEP sends single copy, Multicast
replicates it as needed• Leverages Multicast Routing (PIM)• Most optimal way of Traffic Replication
SpineRR
RR
Leaf
.…V
VV
VV
V
SpineRR
RR
Leaf
.…V
VV
VV
V
20© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Multi-Tenancy
21© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
• A mode of operation, where multiple independent instances (tenant) operate in a shared environment.
• Each instance (i.e. VRF/VLAN) is logically isolated, but physically integrated.
What is Multi-Tenancy
22© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Multi-Tenancy at Layer-2• Per-Switch VLAN-to-VNI
mapping
• Per-Port VLAN Significance
Multi-Tenancy at Layer-3• VRF-to-VNI mapping
• MP-BGP for scaling with VPNs
Where can we apply Multi-Tenancy
23© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Layer-2 Multi-Tenancy
SpineRR RR
Leaf
.…
VV
VV
V
VVLAN 100
VLAN 100Host1MAC: AA:AA:AA:AA:AA:AAIP: 192.168.1.11VLAN 100VXLAN VNI 30001
Host3MAC: CC:CC:CC:CC:CC:CCIP: 192.168.1.33VLAN 100VXLAN VNI 30001
bridge
24© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Layer-2 Multi-Tenancy – Bridge Domains
Host1MAC: AA:AA:AA:AA:AA:AAIP: 192.168.1.11VLAN 100VXLAN VNI 30001
Host3MAC: CC:CC:CC:CC:CC:CCIP: 192.168.1.33VLAN 100VXLAN VNI 30001
Leaf
VVVLAN 100 VLAN 100
VXLAN Overlay(VNI 30001)
Bridge Domain
25© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Layer-2 Multi-Tenancy – Bridge Domains
Host1MAC: AA:AA:AA:AA:AA:AAIP: 192.168.1.11VLAN 100VXLAN VNI 30001
Host3MAC: CC:CC:CC:CC:CC:CCIP: 192.168.1.33VLAN 100VXLAN VNI 30001
Leaf
VVVLAN 100 VLAN 100
VXLAN Overlay (VNI 30001)
Bridge Domain
The Bridge Domain is the Layer-2 Segment from Host to Host
In VXLAN, the Bridge Domain consists of three Components
1) The Ethernet Segment (VLAN), between Host and Switch
2) The Hardware Resources (Bridge Domain) within the Switch
3) The VXLAN Segment (VNI) between Switch and Switch
26© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
VLAN-to-VNI mapping
Host1MAC: AA:AA:AA:AA:AA:AAIP: 192.168.1.11VLAN 100VXLAN VNI 30001
Host3MAC: CC:CC:CC:CC:CC:CCIP: 192.168.1.33VLAN 100VXLAN VNI 30001
Leaf
VVVLAN 100 VLAN 100
VXLAN Overlay(VNI 30001)
Host2MAC: BB:BB:BB:BB:BB:BBIP: 192.168.1.22VLAN 100VXLAN VNI 30001
27© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Leaf#1vlan 100 vn-segment 30001
Leaf#2vlan 100 vn-segment 30001
• VLAN to VNI configuration on a per-switch basis
• VLAN becomes “Switch Local Identifier”
• VNI becomes “Network Global Identifier”
CLI Modes - VLAN based (per-Switch)FYI
28© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Per-Switch VLAN-to-VNI mapping
Host1MAC: AA:AA:AA:AA:AA:AAIP: 192.168.1.11VLAN 100VXLAN VNI 30001
Host3MAC: CC:CC:CC:CC:CC:CCIP: 192.168.1.33VLAN 200VXLAN VNI 30001
Leaf
VVVLAN 100 VLAN 200
VXLAN Overlay(VNI 30001)
Host2MAC: BB:BB:BB:BB:BB:BBIP: 192.168.1.22VLAN 100VXLAN VNI 30001
29© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Leaf#1vlan 100 vn-segment 30001
Leaf#2vlan 200 vn-segment 30001
• VLAN to VNI configuration on a per-switch basis
• VLAN becomes “Switch Local Identifier”
• VNI becomes “Network Global Identifier”
• 4k VLAN limitation has been removed
CLI Modes - VLAN based (per-Switch)FYI
30© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Per-Port VLAN-to-VNI mapping
Host1MAC: AA:AA:AA:AA:AA:AAIP: 192.168.1.11VLAN 100VXLAN VNI 30001
Host3MAC: CC:CC:CC:CC:CC:CCIP: 192.168.1.33VLAN 300VXLAN VNI 30001
Leaf
VVVLAN 100 VLAN 300
VXLAN Overlay(VNI 30001)
Host2MAC: BB:BB:BB:BB:BB:BBIP: 192.168.1.22VLAN 200VXLAN VNI 30001
VLAN 200
31© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Leaf#1vlan 2500 vn-segment 30001
interface Ethernet 1/8 switchport mode trunk switchport vlan mapping enable switchport vlan mapping 100 2500
interface Ethernet 1/9 switchport mode trunk switchport vlan mapping enable switchport vlan mapping 200 2500
CLI Modes - VLAN based (per-Port) FYI
32© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Leaf#1bridge-domain 100 member vni 30001
encapsulation profile vni VLAN100-30001 dot1q 100 vni 30001
encapsulation profile vni VLAN200-30001 dot1q 200 vni 30001
CLI Modes - Bridge-Domain based (per-Port)
interface Ethernet 1/8 no switchport service instance 1 vni encapsulation profile VLAN100-30001 default
interface Ethernet 1/9 no switchport service instance 1 vni encapsulation profile VLAN200-30001 default
FYI
33© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Layer-3 Multi-Tenancy
SpineRR RR
Leaf
.…
VV
VV
V
V
SVI 200
SVI 100
VRF-A (VNI 50001)VRF-B (VNI 50002)
SVI 100, Gateway IP: 192.168.1.1 (VRF-A)SVI 200, Gateway IP: 10.10.10.1 (VRF-B)SVI 300, Gateway IP: 172.16.1.1 (VRF-B)
Host1IP: 192.168.1.11 (VRF-A)VLAN 100
Host3IP: 172.16.1.33 (VRF-B)VLAN 300
Host2IP: 10.10.10.22 (VRF-B)VLAN 200
SVI 300
route
route
34© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Layer-3 Multi-Tenancy – VRF-VNI or L3VNI
Host1IP: 192.168.1.11 (VRF-A)VLAN 100
Host3IP: 172.16.1.33 (VRF-B)VLAN 300
Leaf
VVSVI 100
V
Host2IP: 10.10.10.22 (VRF-B)VLAN 200
SVI 200 SVI 300
VRF-A(VNI 50001)
VRF-B(VNI 50002)
Routing DomainVRF-B
Routing DomainVRF-A
35© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Layer-3 Multi-Tenancy – VRF-VNI or L3VNI
Host1IP: 192.168.1.11 (VRF-A)VLAN 100
Host3IP: 172.16.1.33 (VRF-B)VLAN 300
Leaf
VVVLAN 100
V
Host2IP: 10.10.10.22 (VRF-B)VLAN 200
SVI 200 SVI 300
VRF-A(VNI 50001)
VRF-B(VNI 50002)
Routing DomainVRF-B
Routing DomainVRF-A
The Routing Domain is the VRF owning multiple Subnets across multiple Switches
In VXLAN EVPN, the Routing Domain consists of three Components
1) The Routing Domains (VRF), local to the Switch
2) The Routing Domain (L3VNI) between the Switches
3) Multi-Protocol BGP with EVPN Address-Family
36© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Layer-3 Multi-Tenancy – VRF-Lite
Leaf
VVSVI 300SVI 200SVI 100
Subnet1IP: 192.168.1.0/24 (VRF-A)VLAN 100
Subnet2IP: 10.10.10.0/24 (VRF-B)VLAN 200
Subnet3IP: 172.16.1.0/24 (VRF-B)VLAN 300
Host4IP: 10.44.44.0/24 (VRF-A)VLAN 400
SVI 400
VLAN 1002
VLAN 1001Ethernet
37© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Layer-3 Multi-Tenancy – VRF-Lite
Leaf
VVSVI 300SVI 200SVI 100 SVI 400
VLAN 1002
VLAN 1001Ethernet
Subnet1IP: 192.168.1.0/24 (VRF-A)VLAN 100
Subnet2IP: 10.10.10.0/24 (VRF-B)VLAN 200
Subnet3IP: 172.16.1.0/24 (VRF-B)VLAN 300
Host4IP: 10.44.44.0/24 (VRF-A)VLAN 400
vrf context VRF-A
interface eth1/10.1001 encapsulation dot1q 1001 vrf member VRF-A ip address 10.1.1.1/24 ip router ospf 100 area 0.0.0.0
router ospf 100 vrf VRF-A
vrf context VRF-B
interface eth1/10.1002 encapsulation dot1q 1002 vrf member VRF-B ip address 10.2.2.1/24 ip router ospf 100 area 0.0.0.0
router ospf 100 vrf VRF-B
vrf context VRF-B
interface eth1/10.1002 encapsulation dot1q 1002 vrf member VRF-B ip address 10.2.2.2/24 ip router ospf 100 area 0.0.0.0
router ospf 100 vrf VRF-B
vrf context VRF-A
interface eth1/10.1001 encapsulation dot1q 1001 vrf member VRF-A ip address 10.1.1.2/24 ip router ospf 100 area 0.0.0.0
router ospf 100 vrf VRF-A
FYI
38© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Layer-3 Multi-Tenancy – MPLS L3VPN
Leaf
VVSVI 300SVI 200SVI 100 SVI 400
VPN Label “Red”
VPN Label “Blue”MPLS
Subnet1IP: 192.168.1.0/24 (VRF-A)VLAN 100
Subnet2IP: 10.10.10.0/24 (VRF-B)VLAN 200
Subnet3IP: 172.16.1.0/24 (VRF-B)VLAN 300
Host4IP: 10.44.44.0/24 (VRF-A)VLAN 400
39© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Layer-3 Multi-Tenancy – MPLS L3VPN
Leaf
VVSVI 300SVI 200SVI 100 SVI 400
VPN Label “Red”
VPN Label “Blue”MPLS
Subnet1IP: 192.168.1.0/24 (VRF-A)VLAN 100
Subnet2IP: 10.10.10.0/24 (VRF-B)VLAN 200
Subnet3IP: 172.16.1.0/24 (VRF-B)VLAN 300
Host4IP: 10.44.44.0/24 (VRF-A)VLAN 400
vrf context VRF-A rd 1.1.1.1:100 address-family ipv4 unicast route-target import 100:100 route-target export 100:100
vrf context VRF-B rd 1.1.1.1:200 address-family ipv4 unicast route-target import 200:200 route-target export 200:200
vrf context VRF-B rd 1.1.1.2:200 address-family ipv4 unicast route-target import 200:200 route-target export 200:200
vrf context VRF-A rd 1.1.1.2:100 address-family ipv4 unicast route-target import 100:100 route-target export 100:100
router bgp 65500 address-family ipv4 unicast neighbor 1.1.1.2 remote-as 65500 address-family vpnv4 unicast send-community extended vrf VRF-A address-family ipv4 unicast vrf VRF-B address-family ipv4 unicast
router bgp 65500 address-family ipv4 unicast neighbor 1.1.1.1 remote-as 65500 address-family vpnv4 unicast send-community extended vrf VRF-A address-family ipv4 unicast vrf VRF-B address-family ipv4 unicast
FYI
40© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Layer-3 Multi-Tenancy – VXLAN EVPN
Leaf
VVSVI 300SVI 200SVI 100
Host1MAC: AA:AA:AA:AA:AA:AAIP: 192.168.1.11 (VRF-A)VLAN 100VXLAN VNI 30001
Host2MAC: BB:BB:BB:BB:BB:BBIP: 10.10.10.22 (VRF-B)VLAN 200VXLAN VNI 30002
Host3MAC: CC:CC:CC:CC:CC:CCIP: 172.16.1.33 (VRF-B)VLAN 300VXLAN VNI 30003
Host4MAC: DD:DD:DD:DD:DD:DDIP: 10.44.44.44 (VRF-A)VLAN 400VXLAN VNI 30004
SVI 400
L3VNI 50002
L3VNI 50001VXLAN
41© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Layer-3 Multi-Tenancy – VXLAN EVPN
Leaf
VVSVI 300SVI 200SVI 100 SVI 400
L3VNI 50002
L3VNI 50001VXLAN
Host1MAC: AA:AA:AA:AA:AA:AAIP: 192.168.1.11 (VRF-A)VLAN 100VXLAN VNI 30001
Host2MAC: BB:BB:BB:BB:BB:BBIP: 10.10.10.22 (VRF-B)VLAN 200VXLAN VNI 30002
Host3MAC: CC:CC:CC:CC:CC:CCIP: 172.16.1.33 (VRF-B)VLAN 300VXLAN VNI 30003
Host4MAC: DD:DD:DD:DD:DD:DDIP: 10.44.44.44 (VRF-A)VLAN 400VXLAN VNI 30004
vrf context VRF-A vni 50001 rd auto address-family ipv4 unicast route-target both auto route-target both auto evpn
vrf context VRF-B vni 50002 rd auto address-family ipv4 unicast route-target both auto route-target both auto evpn
vrf context VRF-B vni 50002 rd auto address-family ipv4 unicast route-target both auto route-target both auto evpn
vrf context VRF-A vni 50001 rd auto address-family ipv4 unicast route-target both auto route-target both auto evpn
router bgp 65500 address-family ipv4 unicast neighbor 1.1.1.2 remote-as 65500 address-family l2vpn evpn send-community extended vrf VRF-A address-family ipv4 unicast advertise l2vpn evpn vrf VRF-B address-family ipv4 unicast advertise l2vpn evpn
router bgp 65500 address-family ipv4 unicast neighbor 1.1.1.1 remote-as 65500 address-family l2vpn evpn send-community extended vrf VRF-A address-family ipv4 unicast advertise l2vpn evpn vrf VRF-B address-family ipv4 unicast advertise l2vpn evpn
42© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Integrated Route & Bridge + Multi-Tenancy
SpineRR RR
Leaf
.…
VV
VV
V
V
SVI 200
SVI 100
SVI 100Host1MAC: AA:AA:AA:AA:AA:AAIP: 192.168.1.11VLAN 100VXLAN VNI 30001
Host3MAC: CC:CC:CC:CC:CC:CCIP: 192.168.1.33VLAN 100VXLAN VNI 30001
Host2MAC: BB:BB:BB:BB:BB:BBIP: 10.10.10.22VLAN 200VXLAN VNI 30002
bridgeL2VNI 30001
routeL3VNI 50001
VRF-A (VNI 50001)
SVI 100, Gateway IP: 192.168.1.1 (VRF-A)SVI 200, Gateway IP: 10.10.10.1 (VRF-A)
43© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Integrated Route & Bridge + Multi-Tenancy
SpineRR RR
Leaf
.…
VV
VV
V
V
SVI 200
SVI 100
SVI 100Host1MAC: AA:AA:AA:AA:AA:AAIP: 192.168.1.11 (VRF-A)VLAN 100VXLAN VNI 30001
Host3MAC: CC:CC:CC:CC:CC:CCIP: 192.168.1.33 (VRF-A)VLAN 100VXLAN VNI 30001
Host2MAC: BB:BB:BB:BB:BB:BBIP: 10.10.10.22 (VRF-A)VLAN 200VXLAN VNI 30002
VRF-A (VNI 50001)
SVI 100, Gateway IP: 192.168.1.1 (VRF-A)SVI 200, Gateway IP: 10.10.10.1 (VRF-A)
44© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Summary
45© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
Hardware and Software Support
SpineRR RR
Leaf
.…
VV
VV
V
V
Nexus 9300 / Nexus 9500 – Leaf, Spine (RR), Border [Shipping]
Nexus 7000/7700 with F3 I/O Modules – Spine (RR), Layer-3 & LISP Border [Shipping]
Nexus 7000/7700 with F3 I/O Modules – Leaf, MPLS Border [Roadmap]
Nexus 5600 – Leaf, Spine (RR), Border [Roadmap]
ASR 9000 – Border [Roadmap]
FYI
46© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
• VXLAN EVPN provides a scalable Multi-Tenancy architecture• Integrated Route and Bridging provides routing granularity from
Subnet down to Host level• Optimized forwarding based on VXLAN Encapsulation with BGP
EVPN reachability protocol• Routing when you can, Bridging when you need• Moving away from Flood&Learn to a more scalable Solution• ACI provides same functions plus Automation plus, plus, plus
Summary
47© 2015 Cisco and/or its affiliates. All rights reserved. TechwiseTV
• Cisco Application Centric Infrastructure• http://www.cisco.com/go/ACI
• Cisco Nexus 9000 Series Switches - VXLAN Network with MP-BGP EVPN Control Plane• http://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/guide-c0
7-734107.html
• Cisco Nexus 7000: VXLAN BGP EVPN• http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/vxlan/configuration/guide/b
_NX-OS_VXLAN_Configuration_Guide/configuring_vxlan_bgp_evpn.html
Additional Resources