Transcript MPLS in the Data Center

MPLS in the
Data Center
Achieve “Carrier-class” Network
Dependability and Reliability for
Business Critical Services
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Agenda
Brief MPLS Overview
Advantages of MPLS Networks
Why MPLS Is “Important” to Data Center Deployments
Deployment Scenarios
 Inter-Data Center Transport Network
 Network Segmentation for Compliance (VLAN-VRF)
 L2VPN for VLAN Extensions (VMotion for DRP)
Summary
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Many Enterprises Already Use MPLS…
MPLS PPVPN
Internal MPLS Deployment
 Private IP services
managed and delivered
by Service Provider
 MPLS deployed and/or
managed within the
Enterprise
You
Provider
MPLS Network
MPLS SuperCore
Private routing instance in
Service Provider PE Router
Copyright © 2008 Juniper Networks, Inc.
You
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
MPLS in the Data Center
MYTH
TRUTH
 “Deploying MPLS in the
enterprise is like swatting a
fly with a nuclear weapon.”
 MPLS was designed to
allow the largest networks
on the planet to scale their
topologies and services
 Many large enterprises
today face the same scaling
and management problems
as traditional providers
… and:
Sometimes you *do* need
a big fly-swatter.
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
What Is MPLS?
 Multi-Protocol Label Switching
• A suite of protocols developed to add transport and virtualization
capabilities to large IP networks
• Borrowed virtual circuit ideas from ATM
• But packet based (no SAR)
• Leverages standard IPv4 (or IPv6) control plane
• Manage MPLS networks using familiar protocols like
OSPF or Integrated IS-IS and BGP
 Label Switched Paths
• Adds switched virtual circuit layer to packet based networks
• A single LSP can span various media types
• Ethernet, ATM, Frame Relay, PPP/HDLC links (PoS, PDH)
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Two Layers of MPLS Functionality
 MPLS Label Switched Paths [Traffic Control]
• LSPs carry traffic between edge routers
• Individual LSPs are engineered using various Traffic Engineering
technologies (ERO or Dynamic TE)
• Various link/LSP protection mechanisms operate on LSP layer
(Fast-Reroute, Standby LSPs)
 MPLS VPN Layer [Virtualization]
• Ingress traffic mapped into specific LSPs
• “Customer” traffic encapsulated across MPLS core
• BGP/MPLS L3VPNs (RFC4364, formerly 2547bis)
• L2VPN or VPLS
• Pseudowire (draft-martini or CCC)
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
High-Level Network Infrastructure Mappings
VLAN Components
MPLS Components
 VLAN segmentation is localized
and limited in scale
 VLAN Tags (4 bytes)
• 16-bit PID, 3-bit Priority, 1-bit CFI,
12-bit VLAN ID








Layer 2 Segmentation
Spanning Tree Protocol
Active/Blocking
VLAN Trunking
VLAN ACLs
802.1p QoS Markings
Ethernet failures/repairs
…
Copyright © 2008 Juniper Networks, Inc.
 Allows network-wide
segmentation with large scale
 MPLS Label stack (4 bytes)
• 20-bit Label, 3-bit QoS (EXP), 1-bit
bottom of stack flag, 8-bit TTL field
 Layer 2 and Layer 3
Segmentation
 OSPF / LDP
 ECMP
 LSP Switching
 IP ACLs
 DSCP/EXP QoS Markings
 Fast Re-route capabilities & BFD
 …
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Agenda
Brief MPLS Overview
Advantages of MPLS Networks
Why MPLS Is “Important” to Data Center Deployments
Deployment Scenarios
 Inter-Data Center Transport Network
 Network Segmentation for Compliance (VLAN-VRF)
 L2VPN for VLAN Extensions (VMotion for DRP)
Summary
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
What’s So Great About MPLS?
MPLS Brings the Benefits of Circuits to IP
 Enables Consolidation of disparate networks onto a single
network
• Support best effort, enhanced delivery, and assured delivery service
levels for mixed use services
• Lowers capital and operational cost though convergence while
enabling application convergence
 Delivers Control through traffic segregation
• Regional-, departmental-, and project-oriented groups have control
over their network assets and configurations
• Traffic remains separate though multiple MPLS-based VPNs
 Provides Resiliency with fast reroute and traffic engineering
• MPLS-based traffic engineering enables a fine-tuning of the network
to deliver appropriate levels of services
• Enables sub-50 msec. reroute to maintain real-time traffic during a
node or link failure
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Agenda
Brief MPLS Overview
Advantages of MPLS Networks
Why MPLS Is “Important” to Data Center Deployments
Deployment Scenarios
 Inter-Data Center Transport Network
 Network Segmentation for Compliance (VLAN-VRF)
 L2VPN for VLAN Extensions (VMotion for DRP)
Summary
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Translating MPLS Benefits
to Business Impact
 Enterprises that have large private networks or business
critical Data Centers can leverage MPLS to create both
CapEx and OpEx cost savings
 Moving to an MPLS network provides business benefits
like improved network availability, performance, and
policy enforcement
 Enterprises should evaluate MPLS to determine if this is
the right opportunity to implement MPLS capable
hardware into their Data Center network
• In order to support business critical applications that require
highly-available, low-latency and “carrier-class” reliability with a
proven track record
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
The Legacy Network:
High Cost Resiliency
 Traditional private IP networks do not support “real time”
applications
• Routing tables do not converge fast enough to support sub
50-msec link and node failures
 The alternative is to deploy SONET/SDH to provide
sub-50 msec link and node failure detection and
re-routing
 This additional transport layer in the private WAN and
Data Center comes at a significant additional expense
Let’s look at an alternative…
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
The MPLS Resiliency Solution
 MPLS can be deployed without the additional cost and
complexity of SONET/SDH
• Dark fiber installations and/or Provider Ethernet services
 MPLS can be configured to support sub 50-msec link
and node failure detection and correction
• Fast Re-Route (FRR) provides “real time” re-routing over
back-up paths
• Bi-directional Forwarding Detection (BFD) provides early
detection of link and node failures
 The Result: MPLS provides a cost effective alternative
for the highly resilient network supporting “real-time”
communications
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
The Legacy Network:
Cost of Building Redundant Networks
 Integration of a new business entity or application in the Data
Center or maintaining separation among various businesses
• Rapidly changing requirements in a Data Center to add/move/remove
applications to support business functions worldwide
• Regulatory environments and business operations sometimes require
guarantees of business unit/subsidiary separation
 Traditional practices require separate physical and redundant
networks to be built
• Application X, Business Partner, Voice, Storage, PCI compliance, etc.
 Each separate and redundant network requires its own
•
•
•
•
•
Equipment (Networking, servers, etc.)
WAN access
Space andLet’s
power look at an alternative…
Provisioning
Management…making this an expensive proposition
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
The MPLS Network Solution
 MPLS enables one physical network to be configured and
operate as many separate virtual networks
• L2 or L3 VPN services
 New acquisitions and various applications can be added to the
network via MPLS VPNs
• Each subsidiary or application is allowed to operate as though each has a
private network…over a cost effective shared infrastructure
 MPLS allows for more control over network bandwidth
allocation per service/application while maintaining latency
requirements for critical applications
 The Result: Diverse needs of business units are satisfied
with virtualized networks that cost less and effectively
scale to support the largest enterprises
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Agenda
Brief MPLS Overview
Advantages of MPLS Networks
Why MPLS Is “Important” to Data Center Deployments
Deployment Scenarios
 Inter-Data Center Transport Network
 Network Segmentation for Compliance (VLAN-VRF)
 L2VPN for VLAN Extensions (VMotion for DRP)
Summary
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Drivers for MPLS in the Data Center:
Three Common Scenarios
 Inter-Data Center Transport Network
1
• Packet-based network that behaves like a traditional
transport layer
• Ex: replace existing SONET/DWDM links with MPLS
 Virtualized Network Core (Segmentation)
2
• Need for logical separation of network services
• Separation of L3 or L2 traffic across core network for business
service/application requirements or for compliance (VLAN to VRF)
 L2VPN Inter-Data Center Extensions
3
• Extend L2 domain across Data Centers
• Supporting VMware VMotion, DRP, etc.
• Both Transport and Virtualization requirements
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
1
Inter-Data Center Transport Network
 Large Enterprises need to engineer traffic between
consolidated Data Centers
• Most Critical applications
• Real-time Mainframe replication
• Disk / Database / Transaction Mirroring
• Fast-Reroute required to protect critical apps
 Traffic engineering
• Expensive high-bandwidth links consolidate previous SONET
links into single transport core
• Must allocate bandwidth to various applications
• Must protect latency of critical apps
 SuperCore is transport core only
• Strict demarc from existing WAN—No routing interaction
• All links exposed as point-to-point L2VPNs
• In-sourced carrier network to protect the “Crown Jewels”
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Inter-Data Center Transport Network
Applications
engineered into
LSPs across MPLS
SuperCore
Data Center
Corp WAN
Data Center
Data Center
Critical applications
protected by FastReroute Detour paths
and secondary LSPs
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Virtualized Network Core (Segmentation)
2
 MPLS VPN applications at the WAN Edge and Core/Aggregation
layer provide unique traffic separation capabilities
 L3VPNs
• Maintain separate L3 VPN connectivity across Data Centers via “super
core” network
• Can map VLAN to VRF to maintain consistent segmentation end-to-end
 VPLS and L2VPN
• Multipoint Virtual LAN networks across MPLS core
• Can extend VLAN segments across multiple locations for mirroring
or DRP
 Pseudo-wire Circuits
• Point-to-Point connections across MPLS core
• Ethernet Port or VLAN circuits
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Juniper Data Center Network Architecture
Collapsed Layers
 Single JUNOS
software
 Option to collapse
WAN and Core
Wan
Edge
 Easier to operate
and manage
 Reduced power,
cooling, and space
Core
Layer
Core
ONLY
Aggregation
Layer
Access
Layer
10 GbE (active)
10 GbE (standby)
1 GbE
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Juniper Data Center Network Architecture
Virtualization With JUNOS IP or MPLS
 Securely isolate
businesses and
applications with L3
VPNs
WAN Edge
VLANs (mapped into
VRFs)
 Traffic engineering
and end to end quality
of service from server
to server across DCs
MX – IP or MPLS L3 VPNs
consolidate separate
business units
Extend virtualization
per application with
MPLS in DC
Core
Layer
VLANs
Access
Layer
Trunk
VPN
Server VLAN
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
MPLS in the Data Center
LSR
LSR
LER
VPNs
DS TE
QoS
 MPLS’s leverage of L3 protocols makes it more robust + scalable than VLANs +
spanning trees for data center interior services
 Flexible traffic separation (VPNs) and traffic management (DS TE) open up new
virtualization options in DCs
 MPLS HA (node, link and path) add responsiveness + reliability to the traffic
management and scale
 Integration with WAN design (if only by similarity) can simplify performance
management and opex
 Could go all the way to access tier in some designs
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
3
L2VPN/VPLS for VLAN Extensions
 MPLS L2VPN/VPLS infrastructure at WAN edge and
Core/Aggregation layers provides easy management
of L2 extended domains across Data Centers
 Customer deployment scenarios include
• Data Mirroring, archiving and application standby for DRP
and business continuity planning
• Also growth in server virtualization and virtual machine
management across Data Centers
• Primarily VMware VMotion to move virtual machines/applications
across the network without losing information
• Moves could be in the local LAN, or across the MPLS core to
another Data Center for migration or DRP
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Archiving, Back-Up + Mirroring Between
Data Centers via VPLS
DC 1
Other Production
Traffic
Mirroring VLAN 1
Core
Mirroring VLAN 2
DC 2
 Mirroring + back-up hosts can live
in VLANs designed for that purpose
 VPLS-capable node is required at
aggregation/core tier
 Amount of bandwidth required can
be allocated + enforced
Mirroring VLAN 1
 Other production applications can
carry on in parallel
Mirroring VLAN 2
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Support for VMotion across Data Centers
DC 1
VM 1
Other Production
Traffic
Core
VM 2
DC 2
VM 1
VM 2
Copyright © 2008 Juniper Networks, Inc.
 L2VPN/VPLS path created in order to move
Virtual Machines across Data Centers
 Requirement to stay on same subnet
maintained end to end
 Bandwidth and latency requirements
enforced across network components
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Agenda
Brief MPLS Overview
Advantages of MPLS Networks
Why MPLS Is “Important” to Data Center Deployments
Deployment Scenarios
 Inter-Data Center Transport Network
 Network Segmentation for Compliance (VLAN-VRF)
 L2VPN for VLAN Extensions (VMotion for DRP)
Summary
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Summary
 MPLS in the Data Center provides great flexibility and
reliability for deploying business critical applications
• MPLS VPN simplifies the implementation and management of
application and business network segmentation requirements
• L2VPN/VPLS eases the implementation and support requirements
for L2 domains across multiple locations
• MPLS Traffic Engineering reduces the cost of transport network
deployments by using the same label technology over cheaper
Ethernet without compromising on reliability and convergence times
 MPLS on the WAN core and Data Center Core/
Aggregation Layers
• Enables consolidation of disparate networks onto a single network
• Delivers control through traffic segmentation
• Provides resiliency with fast reroute and traffic engineering
Copyright © 2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
Accelerating the Enterprise
Copyright © 2007
2008 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
‹#›
29