Ethernet VPN - Layer 2 Scalability
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Ethernet VPN - Layer 2 Scalability

on

  • 1,815 views

 

Statistics

Views

Total Views
1,815
Views on SlideShare
1,815
Embed Views
0

Actions

Likes
0
Downloads
110
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Ethernet VPN - Layer 2 Scalability Document Transcript

  • 1. Ethernet VPN Layer 2 Scalability Shivlu Jain 7/30/2012Shivlu Jain www.mplsvpn.info
  • 2. IntroductionMPLS (Multi-Protocol Label Switching) is matured technology & has widely been opted by most of theservice providers across the globe. Initially it has been deployed for fast switching but due to itsscalability, resiliency & protocol agnostic nature made it more successful across the network. MPLS notonly provides the wan connectivity but also acts as a platform for service providers to offer differentkind of services which can further be used for monetization purpose.VPLS (Virtual Private LAN Services) is one of the service offering in MPLS which helps to provide theextension of broadcast domain from one to multiple sites over the wan. VPLS became more popularafter the outburst of data center interconnects. The utmost reason for the extension of layer 2 domainsis workload mobility (Migration of Virtual machines from one data center to another), high availabilityclusters, and geographical redundancy.Current Challenges with VPLS 1. Scaling of thousands of MAC addresses (Single VM requires single mac address):- Virtualization applications are fueling the need of the mac-address in the network. A single server which can host hundreds of virtual machines and every machine consume one mac address which clearly justifies the scaling requirement of mac-address tables. 2. Optimal forwarding of multicast:- Multicast LSP can be formed in conjunction with VPLS but limited to point to multipoint which consumes more network resources as there is no defined set of parameters in VPLS to create multipoint to multipoint multicast LSPs. 3. MultiHoming:- VPLS supports Active/standby BGP multi homing model. MultiHoming with all active attached circuits is not possible. In contract, customer can utilize only 50% of the links in lieu of 100% payment. 4. C-Mac (Customer Mac) Transparency:- Current VPLS solution doesn’t support the transparency of customer mac address. 5. Fast Convergence for C-Mac Flushing:- In case of failure of virtual machines or physical servers, network re-convergence will occur which may lead to the mac flushing problems.Shivlu Jain www.mplsvpn.info
  • 3. Proposed SolutionEthernet Virtual Private Network (E-VPN) is the proposed solution to overcome the issues highlighted byVPLS. E-VPN uses the existing MPLS/IP backbone to transport the layer 2 connectivity among the variousdata centers which are part of same VPN. Being layer-2 extension, the solution treats the mac addressesas routable addresses and uses the existing MP-iBGP protocol to carry the customer mac addresses. In E-VPN, mac learning at the edge routers doesn’t occur in data plane but in the control plane consequencesmore control could be applied in terms of the learning mechanism. The process is similar to the IPVPN asmentioned in RFC 4364. The policy attributes specified in E-VPN are almost similar in MPLS VPN. RD andRT remains the same, but instead of virtual routing forwarding instance we have now Ethernet VPNInstance. The information about Ethernet TAG of EVI is advertised by the new BGP NLRI which is E-VPN. P2 P1 MES2 100 MES2 MES2 100 22 MES1 Destination EVPN Destination EVPN IGP Label MES2 100 20 MPLS CLOUD Destination EVPN IGP Label MES2 100 PHP MES2 100 21 Destination EVPN Destination EVPN IGP Label H2,M2 H1,M1 Source Destination Data Center P3 Data Center Cloud Cloud H1,M1 Traffic Forwarding From Host(H2,M2) To Host(H1,M1)Figure 1In EVPN, the mac learning could be of two types:- 1. Local Mac Learning 2. Remote Mac LearningIn local mac learning process, MPLS Edge Switch (MES) must support the local mac learning processthrough standard protocols. Once the local learning process gets complete, MES can advertise thelocally learn mac address to remote MES nodes via MP-iBGP. This process of receiving the remote macaddresses of attached customer via MP-iBGP is known as remote mac learning process.Shivlu Jain www.mplsvpn.info
  • 4. Solution for MultiHoming and Avoiding Layer 2 Loops in EVPNEthernet Segment ID (ESI) is used when Customer Edge device is multi homed to different MPLS EdgeSwitches as shown in Figure 2. It has new MPLS BGP Label Extended community which is used for splithorizon procedures in multi homing scenarios. As depicted in figure 2, host H1 has mac address of M1. Itsends the broadcast request to MES-1 and MES2. MES-1 and MES-2 identified that the request is comingfrom Extended Segment ID-1, so before replicating the frames both MESs will append a split horizonlabel on the frames. Once it will be done, frames get exchanged among the MESs. All MESs check the SHlabel and if found the same ESI-1 is directly attached, the traffic is silently dropped because a frameoriginated by a segment must not be received by the same segment. This technique helps to avoidloops in multi homing scenarios. Step-2 MES-1 will append split horizon(SH) label for multi destination and distributes over MP- Step-3 iBGP. MES-2,MES-3 and MES-3 will install that MES-4will use SH label route as nexy hop MES- Step-1 1 and MES-2 to perform split horizon H1,M1 sends broadcast filtering for frames request as source mac destines to ESI-1. M1 and destination as Broadcast MES-1 MES-3 ESI-1 Data Center Data Center Cloud/Enterprise MP-iBGP Full Mesh Cloud/Enterprise H1,M1 H2,M2 MES-2 MES-4 Step-1 H1,M1 sends broadcast request as source mac Step-2 M1 and destination as MES-2 will append split Step-3 Broadcast horizon(SH) label for MES-4 will install that multi destination and route as next hop MES- distributes over MP- 1 and MES-2 iBGP. MES-2,MES-3 and MES-4will use SH label to perform split horizon filtering for frames destines to ESI-1.Figure 2Shivlu Jain www.mplsvpn.info
  • 5. Note:- Split horizon label is only used for unknown unicast, multicast and broadcastRole of Designated ForwarderAs per figure 2, MES-3 and MES-4 will receive the multi destination frames via MP-iBGP for particularsegment. How will it be decided which MES has to forward the frames to downstream segment? OnlyDesignated Forwarder will forward the frames to particular segment and Designated forwarder electionis performed by each PE advertising the ESI in BGP route. All the non-Designated Forwarder MES willblock their respective port for that segment as shown in Figure 3. MES-3 is elected as Designated Forwarder(Highest IP Address) for ESI-2 segment. MES-1 MES-3 ESI-1 Data Center Data Center MP-iBGP ESI-2 Cloud/Enterprise Cloud/Enterprise Full Mesh H1,M1 X H2,M2 MES-2 MES-4 MES-4 is elected as non-Designated Designated Forwarder Election Forwarder for ESI-2 segment. So MES-4 port towards ESI-2 Segment will remain in blocking stateFigure 3Load BalancingAs per figure 3, MES-3 & MES-4 is receiving the update of host H1 with Mac M1 from MES-1 and MES-2with Ethernet segment of ESI-1. So MES-3 and MES-4 install the two routes in the ForwardingInformation Base. Once the traffic of M1 destination is received both the routers will do the loadbalancing during forwarding. The core will forward the traffic on the basics of next hop information forM1 which is MES-1 and MES-2.Shivlu Jain www.mplsvpn.info
  • 6. Scaling by using Provider Backbone Bridge (PBB)The EVPN scalability is achieved by using the existing technique of Provider Backbone Bridge aka PBB.Below are the advantages while using PBB in EVPN:- 1. Subnetting of C-MAC addresses is not possible. But by using PBB, B-MAC addresses can be subnetted easily which leads to mac address scalability. 2. In case of shifting of VM or local customer networks from one DC to another requires lot of mac flushing. But by using B-MAC that C-MAC flushing will become transparent which leads to fast convergence. 3. Per Site Policy Support by using B-MAC 4. Device MultiHoming 5. Network MultiHoming 6. C-MAC addresses need to be distributed in BGP but by using PBB-EVPN C-MAC advertisement could be limited by assigning multiple C-MAC addresses to single B-MAC address.ReferencesEVPN requirementhttp://tools.ietf.org/html/draft-sajassi-raggarwa-l2vpn-evpn-req-00BGP/MPLS IP VPNhttp://tools.ietf.org/html/rfc4364PBB-EVPNhttp://tools.ietf.org/html/draft-ietf-l2vpn-pbb-evpn-03VPLShttp://tools.ietf.org/html/rfc4762EVPhttp://tools.ietf.org/html/draft-ietf-l2vpn-evpn-00Shivlu Jain www.mplsvpn.info