Juniper Networks Presentation Template-US
Download
Report
Transcript Juniper Networks Presentation Template-US
E-VPN and Data Center
R. Aggarwal ([email protected])
Copyright © 2004 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
1
Reference Model and Terminology
DCS1
DCS2
DCB3
DCB1
DCS8
Data Center 1
DCS5
Data Center 3
“WAN”
DCS4
DCB2
Data Center 2
DC: Data Center
DCS: Data center switch
DCB4/DCS9
Data Center 4
Client Site BR
Client site
• Connected to Servers/VMs
DCB: Data center border router
• Could be co-located with DCS
“WAN” provides interconnect among DCs, and between DCs
and Client Site BR
Copyright © 2004 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
2
Data Center Interconnect: Layer 2
Extension
DCB3
VM4
VM1
DCS1
VM2
DCS2
Data Center 1
DCS8
DCB1
Data Center 3
VM7
VM3
DCS4
DCS5
VM6
“WAN”
DCB4/DCS9
VM8
DCB2
Data Center 2
VM5
Data Center 4
Client Site BR
VLAN1 (subnet1) stretches between DC1,
DC2, DC3 and DC4
Client site
VLAN2 (subnet2) is present only on DCS1
VLAN3 (subnet3) stretches between DC1 and DC2
VLAN stretch is required for cloud computing “resource fungibility”, redundancy etc.
Communication between VMs on different VLANs/subnets and between clients
and the VMs requires layer 3 routing
Copyright © 2004 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
3
BGP-MPLS E-VPNs for Data Center
Interconnect
BGP-MPLS based technology, one application of which is data center
interconnect between data center switches for intra-VLAN forwarding i.e.,
layer 2 extension
Why?
• Not all data center interconnect layer 2 extension requirements are
satisfied by existing MPLS technology such as VPLS
• E.g., minimizing flooding, active-active points of attachment, fast
edge protection, scale, etc.
How?
• Reuses several building blocks from existing BGP-MPLS technologies
• Requires extensions to existing BGP-MPLS technologies
• Draft-raggarwa-sajassi-l2vpn-evpn-01.txt
• Being pursued in the L2VPN WG
Copyright © 2004 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
4
E-VPN Reference Model
VPN A
Host -A1
MES 4
ESI 1,
VLAN1
VPN A
Host-A4
ESI 3, VLAN1
MES 2
EFI-A
ESI 1,
VLAN1
Host –A5
ESI 2,
VLAN2
MES 1
EFI-A
RR
EFI-A
ESI 4, VLAN2
EFI-B
ESI 5, VLAN1
Host-A3
EFI-B
VPN B
Ethernet
Switch-B3
VPN B
Host-B1
MES 3
VPN A
MES - MPLS Edge Switch; EFI – E-VPN Forwarding Instance; ESI – Ethernet
Segment Identifier (e.g., LAG identifier)
MESes are connected by an IP/MPLS infrastructure
Transport may be provided by MPLS P2P or MP2P LSPs and optionally
P2MP/MP2MP LSPs for “multicast”
Transport may be also be provided by IP/GRE Tunnels Proprietary and Confidential
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
5
Relating EVPN Reference Model to Data
Center Interconnect Reference Model
DCS2
DCS1
DCB3
DCB1
Data Center 1
DCS4
“WAN”
DCS8
Data Center 3
DCS5
DCB4/DCS9
Data Center 4
DCB2
Data Center 2
DCSes may act as MPLS Edge Switches (MES)
• DCSes may interconnect with DCBs using E-VPN
• DCSes are connected to hosts i.e., VMs
DCBs must participate in E-VPN although they may perform only
MPLS switching
WAN routers may or may not participate in E-VPN
Following slides will describe an overview of E-VPN and then apply EVPN to data center interconnect
Copyright © 2004 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
6
E-VPN Local MAC Address Learning
A MES must support local data plane learning using
vanilla ethernet learning procedures
• When a CE generates a data plane packet such as
an ARP request
MESes may learn the MAC addresses of hosts in the
control plane using extensions to protocols that run
between the MES and the hosts
MESes may learn the MAC addresses of hosts in the
management plane
Copyright © 2004 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
7
E-VPN Remote MAC Address Learning
E-VPN introduces the ability for an MES to advertise
locally learned MAC addresses in BGP to other MESes,
using principles borrowed from IP VPNs
E-VPN requires an MES to learn the MAC addresses of
CEs connected to other MESes in the control plane
using BGP
• Remote MAC addresses are not learned in the data
plane
Copyright © 2004 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
8
Remote MAC Address Learning in the BGP
Control Plane
Architectural Benefits
Increases the scale of MAC addresses and VLANs supported
• BGP capabilities such as constrained distribution, Route Reflectors, inter-AS
etc., are reused
Allows hosts to connect to multiple active points of attachment
Improves convergence in the event of certain network failures
Allow hosts to relocate within the same subnet without requiring renumbering
Minimizes flooding of unknown unicast packets
Minimizes flooding of ARP
• Rest of the presentation will focus on this
Control over which MAC addresses are learned by which devices
• Simplifies operations; enables flexible topologies etc.
Copyright © 2004 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
9
ARP Scaling Optimization: Approach
Minimize the radius of ARP request/response propagation
• Minimize the propagation radius of ARP request from a
server/Virtual Machine
• In the switching infrastructure in the data center
• Across data centers
• Respond to an ARP request from a server/VM as close to
the server/VM as possible
Requires a number of components
• See the following slide
Copyright © 2004 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
10
ARP Scaling Optimization: Proxy ARP
A network node as close to the server/VM, as possible,
performs “Proxy ARP” in response to ARP requests from the
server/VM
• The network node should ideally be the DCS
Which MAC address does the network node use to respond
to the ARP request?
• The answer depends on the forwarding paradigm used
by the node to forward packets within the VLAN
• MAC lookup based forwarding within the VLAN/subnet
– The solution in the following slides focuses on this
• IP address based forwarding within the VLAN/subnet
– Not discussed in the following slides
Copyright © 2004 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
11
ARP Scaling Optimization: The Role of E- VPN (1)
When MAC lookup based forwarding is used within a
VLAN/subnet
MESes perform Proxy ARP
An MES responds to an ARP request, for an IP
address, with the MAC address bound to the IP
address
• When the destination is in the same subnet as
the sender of the ARP request
• The ARP request is not forwarded to other
MESes
Copyright © 2004 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
12
ARP Scaling Optimization: The Role of E- VPN (2)
How does the MES learn the IP address bound to the MAC
address when the MAC address is remote?
• BGP MAC routes carry the IP address bound to the MAC
address
How does an MES learn the IP to MAC binding when the
MAC address is local?
• Control or management plane between MES and CEs or
data plane snooping
An MES advertises the local IP to MAC bindings in the MAC
routes
Copyright © 2004 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
13