Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

CisCon 2017 - I problemi di scalabilità delle tradizionali reti IP nei moderni datacenters

176 views

Published on

Al CisCon 2017, Ruben del Monte (Network Consulting Engineer in IT Global Consulting Srl, CCIE #54221) ha tenuto uno speech dal titolo "I problemi di scalabilità delle tradizionali reti IP nei moderni datacenters".
Abstract presente su http://www.ciscon.net/il-programma/

Published in: Technology
  • Be the first to comment

CisCon 2017 - I problemi di scalabilità delle tradizionali reti IP nei moderni datacenters

  1. 1. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS CisCon2017 I problemi di scalabilita’ delle tradizionali reti IP nei moderni datacenters relatore: Ruben Del Monte
  2. 2. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 2 • Ruben Del Monte, CCIE #54221 • Network Consulting Engineer c/o IT Global Consulting • Cisco Red Badge • Technical lead c/o Vodafone Group Datacenter, “Stabilization” programme
  3. 3. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 3 Cosa si intende per “scalare” (to scale) dal punto di vista delle infrastrutture IP • Aggiungere risorse in maniera organica e funzionale ad un’infrastruttura, in modo da aumentarne la capacita’ – erogazione di risorse • Replicare un certo numero di volte un dato elemento all’interno di un particolare contesto o configurazione, in modo da aumentare la funzionalita’ globale del contesto stesso – fruizione di risorse
  4. 4. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 4 Design IP tradizionale – standard corporate networks QFP QFP L3 – ROUTED DOMAIN L2 – SWITCHED DOMAIN CORE LAYER DISTRIBUTION LAYER ACCESS LAYER POD 1 POD 2 POD 3 FHRP GROUP A FHRP GROUP B FHRP GROUP C VLAN 100-150 VLAN 151-201 VLAN 202-252
  5. 5. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 5 Design IP tradizionale – adattato al Datacenter (scale out) QFP QFP L3 – ROUTED DOMAIN L2 – SWITCHED DOMAIN CORE LAYER DISTRIBUTION LAYER ACCESS LAYER POD 1 FHRP GROUP A FHRP GROUP B VLAN 100-150 VLAN 151-201
  6. 6. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 6 STP operations: bridge priority and port role election POD 2 D-BDG1 ROOT D-BDG2 D-BDG3 D-BDG4 D-BDG5 D-BDG6 L3 – ROUTED DOMAIN L2 – SWITCHED DOMAIN D D D D D R R R R RAltn Altn Altn Altn Altn Altn Altn Altn
  7. 7. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 7 STP operations: available paths (stable topology) POD 2 D-BDG1 ROOT D-BDG2 D-BDG3 D-BDG4 D-BDG5 D-BDG6 L3 – ROUTED DOMAIN L2 – SWITCHED DOMAIN D D D D D R R R R R
  8. 8. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 8 Le tecnologie ed il design IP tradizionali non scalano all’interno di una LAN di grosse dimensioni • Ethernet: tecnologia broadcast multi-access (any-to-any stateless transport) • Si adatta male a situazioni di asimmetria • Dipende da Spanning Tree per prevenire loops data-link • Spanning-tree comporta alcune (forti) limitazioni: • Diametro massimo 20 bridge • Deve convergere/ri-convergere • Dicotomie tra versioni diverse del protocollo • Un solo forwarding path • Complesso da mantenere, prono ad errori in topologie complesse • Alta affidabilita’ in L3 gateway vincolata ad FHRP (HSRP, GLBP, VRRP) • Max. 4 gateways (act/stby o act/act) • Accentua asimmetrie, amplificando gli effetti di unicast flooding • Failover basato su timers
  9. 9. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 9 VPC • Supportato da Nexus 3K, 5K, 6K , 7K, 9K • E’ necessaria solo la Base License • Multi-chassis Etherchannel su Cisco Nexus • Virtualizza il forwarding plane di due peers • Nella topologia L2 aggrega i due peers • I due peers mantengono control plane separati • Scale-UP, piu’ banda disponibile e resilienza • Evita single point of failure
  10. 10. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 10 VPC – peerings and link roles POD 55 L3 – ROUTED DOMAIN L2 – SWITCHED DOMAIN VPC PL VPC PKA VPC PKA VPC PL ROUTED INTERLINK INTERNAL ROUTING DOMAIN ROUTED LINK ROUTED LINK VPC VPC DISTRIBUTION SWITCHES – VPC PEERS ACCESS SWITCHES – VPC PEERS
  11. 11. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 11 VPC – logical topology (STP/HSRP perspective) POD 55 L3 – ROUTED DOMAIN L2 – SWITCHED DOMAIN D-BDG1/D-BDG2 STP ROOT, PEER- SWITCH ENABLED D R D-BDG3/D-BDG4 STP DESIGNATED, PEER-SWITCH ENABLED D-BDG1 HSRP ACTIVE D-BDG2 HSRP ACTIVE
  12. 12. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 12 FabricPath • Supportato da 5K, 6K, 7K (F linecards) • Necessaria ENHANCED LAYER 2 LICENSE • TRILL, implementazione Cisco proprietaria • MAC-in-MAC routing, preserva tag 802.1q • Cambia il design da 3-tier a CLOS fabric • Scale-OUT fino 768 nodi (rif. N7K SUP2-E) • Migliora il comportamento generale del data plane
  13. 13. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 13 FabricPath = MAC-in-MAC routing
  14. 14. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 14 FabricPath – CLOS fabric POD 1 FABRICPATH DOMAIN CLASSICAL ETHERNET DOMAIN SPINE SWITCHES LEAF SWITCHES SWID 1 SWID 2 SWID 11 SWID 12 SWID 21 SWID 22 SWID 31 SWID 32 ESWID 111 ESWID 211 ESWID 311 STP ROOT BRIDGE STP ROOT BRIDGE STP ROOT BRIDGE
  15. 15. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 15 FabricPath – multi-destination tree POD 1 FABRICPATH DOMAIN CLASSICAL ETHERNET DOMAIN SPINE SWITCHES LEAF SWITCHES SWID 1 SWID 2 SWID 11 SWID 12 SWID 21 SWID 22 SWID 31 SWID 32 ESWID 111 ESWID 211 ESWID 311 STP ROOT BRIDGE STP ROOT BRIDGE STP ROOT BRIDGE MDT1 ROOT MDT2 ROOT
  16. 16. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 16 FabricPath – internal/external routing POD 2 FABRICPATH DOMAIN CLASSICAL ETHERNET DOMAIN SPINE SWITCHES LEAF SWITCHES SUPER- SPINE SWITCHES POD-X EXTERNAL ROUTING DOMAIN QFP QFP SPINE1 ANYCAST HSRP ACTIVE SPINE2 ANYCAST HSRP ACTIVE SPINE3 ANYCAST HSRP ACTIVE SPINE4 ANYCAST HSRP ACTIVE ANYCAST HSRP SWID
  17. 17. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 17 Virtual Extensible LAN • Supportato da 3K (non tutte le serie), 5K, 6K, 7K, 9K • Necessaria Enterprise Service License • RFC 7348 • Virtualizza il data plane (overlay); incapsula trama ethernet in VXLAN header (UDP), senza preservare tag 802.1q • Design di riferimento per underlay network: • CLOS all’interno della stessa fabric • Indipendente in DCI o nel trasporto verso l’esterno • Scala fino a 128 VTEP nella stessa fabric (rif. N7K SUP2-E) • Consente inter-cloud on-premise oppure hybrid cloud = trasporto L2 diretto da DC a DC • Any-to-any stateless transport (Ethernet-wise)
  18. 18. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 18 Virtual Extensible LAN – EoVXLAN(oUDP)= OVERLAY
  19. 19. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 19 Virtual Extensible LAN – Flood-and-learn POD 1 VXLAN DOMAIN CLASSICAL ETHERNET DOMAIN SPINE SWITCHES LEAF SWITCHES Lo0 1.1.1.1/32 Lo0 1.1.1.2/32 Lo0 1.1.1.3/32 secondary – VTEP SOURCE Lo0 2.2.2.1/32 Lo0 2.2.2.2/32 Lo0 2.2.2.3/32 secondary – VTEP SOURCE Lo0 3.3.3.1/32 NVE 1 NVE 2 NVE 3 OSPF AREA 0.0.0.1 IP PIM SPARSE- MODE L3 GATEWAY: INTER-VNI ROUTING, EXTERNAL ROUTING DOMAIN Lo0 3.3.3.2/32 Lo0 3.3.3.3/32 secondary – VTEP SOURCE QFP QFP PIM SM ANYCAST RP PIM SM ANYCAST RP
  20. 20. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 20 Virtual Extensible LAN – Flood-and-learn – L3 routing option 1 – external L3 GW POD 1 VXLAN DOMAIN CLASSICAL ETHERNET DOMAIN SPINE SWITCHES LEAF SWITCHES NVE 1 NVE 2 NVE 3 QFP QFP VLAN 100 10.1.100.0/24 VNID 100100 Po1.100 HSRP ACTIVE Po1.200 HSRP STBY Po1.100 HSRP STDBY Po1.200 HSRP ACTIVE VNID 100100 100200 VLAN 200 10.1.200.0/24 VNID 100200
  21. 21. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 21 Virtual Extensible LAN – Flood-and-learn – L3 routing option 2 – FHRPoVXLAN – NK9 POD 1 VXLAN DOMAIN CLASSICAL ETHERNET DOMAIN LEAF SWITCHES NVE 1 NVE 2 NVE 3 VLAN 100 10.1.100.0/24 VNID 100100 VLAN 100 HSRP ACTIVE VLAN 200 HSRP STBY VLAN 100 HSRP STDBY VLAN 200 HSRP ACTIVE VLAN 200 10.1.200.0/24 VNID 100200 VXLAN DOMAIN CLASSICAL ETHERNET DOMAIN SPINE SWITCHES L3 GATEWAY: INTER-VNI ROUTING, EXTERNAL ROUTING DOMAIN
  22. 22. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 22 Virtual Extensible LAN – Flood-and-learn – OVERLAY POD 1 VXLAN DOMAIN CLASSICAL ETHERNET DOMAIN SPINE SWITCHES LEAF SWITCHES NVE 1 NVE 2 NVE 3 VLAN 200 10.1.200.0/24 VLAN 100 10.1.100.0/24 VNID 100100 Po1.100 HSRP ACTIVE Po1.200 HSRP STBY Po1.100 HSRP STDBY Po1.200 HSRP ACTIVE VNID 100100 100200 VNID 100200 QFP QFP
  23. 23. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 23 Virtual Extensible LAN – MP-BGP L2VPN EVPN = PROGRAMMABLE FABRIC POD 1 VXLAN DOMAIN CLASSICAL ETHERNET DOMAIN SPINE SWITCHES LEAF SWITCHES Lo0 1.1.1.1/32 Lo0 1.1.1.2/32 Lo0 1.1.1.3/32 secondary – VTEP SOURCE Lo0 2.2.2.1/32 Lo0 2.2.2.2/32 Lo0 2.2.2.3/32 secondary – VTEP SOURCENVE 1 NVE 2 NVE 3 OSPF AREA 0.0.0.1 IP PIM SPARSE- MODE EXTERNAL ROUTING DOMAIN BGP RR AFI L2VPN EVPN BGP RR AFI L2VPN EVPN BGP RR CLIENT AFI L2VPN EVPN AFI IPV4/IPV6 UNICAST VRF-AWARE (TENANT) ANYCAST GATEWAY ROUTE SUMMARIZATION BOUNDARY Lo0 3.3.3.3/32 secondary – VTEP SOURCE Lo0 3.3.3.1/32 Lo0 3.3.3.2/32 L3 routed link QFP QFP PIM SM ANYCAST RP PIM SM ANYCAST RP
  24. 24. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 24 Virtual Extensible LAN – MPBGP L2VPN EVPN: from multipod to hybrid cloud POD 11 DCI QFP QFP POD 22 QFP QFP WAN THIRD-PARTY CLOUD SITE 1 – AS 64513 SITE 2 – AS 64513 DCI MPLS IBGP-L2VP-EVPN SERVICE PROVIDER QFP QFP QFP QFP QFPQFP NEXUS 7.7K VPC LAYER3 PEER-ROUTER PEER-GATEWAY BGP-FREE NEXUS 7.7K VPC LAYER3 PEER-ROUTER PEER-GATEWAY BGP-FREE OSPF AREA 0.0.0.2 IP PIM SPARSE-MODE BGP RR AFI L2VPN EVPN BGP RR CLIENT AFI L2VPN EVPN AFI IPV4/IPV6 UNICAST VRF-AWARE (TENANT) ANYCAST GATEWAY OSPF AREA 0.0.0.1 IP PIM SPARSE-MODE BGP RR CLIENT AFI L2VPN EVPN AFI IPV4/IPV6 UNICAST VRF-AWARE (TENANT) ANYCAST GATEWAY BGP RR / RR CLIENT AFI L2VPN EVPN BGP RR AFI L2VPN EVPN BGP RR CLIENT AFI L2VPN EVPN BGP RR CLIENT AFI L2VPN EVPN BGP RR / RR CLIENT AFI L2VPN EVPN CRS1000V VIRTUALIZED ENVIRONMENT EBGP-L2VPN-EVPN PIM SM ANYCAST RP MSDP PIM SM ANYCAST RP MSDP MSDP MSDP
  25. 25. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS 25 Virtual Extensible LAN – MPBGP L2VPN EVPN: OVERLAY POD 11 DCI QFP QFP POD 22 QFP QFP WAN THIRD-PARTY CLOUD SITE 1 – AS 64513 SITE 2 – AS 64513 DCI VPLS IBGP-L2VP-EVPN SERVICE PROVIDER QFP QFP QFP QFP QFPQFP NEXUS 7.7K VPC LAYER3 PEER-ROUTER PEER-GATEWAY BGP-FREE NEXUS 7.7K VPC LAYER3 PEER-ROUTER PEER-GATEWAY BGP-FREE OSPF AREA 0.0.0.2 IP PIM SPARSE-MODE BGP RR AFI L2VPN EVPN BGP RR CLIENT AFI L2VPN EVPN AFI IPV4/IPV6 UNICAST VRF-AWARE (TENANT) ANYCAST GATEWAY OSPF AREA 0.0.0.1 IP PIM SPARSE-MODE BGP RR CLIENT AFI L2VPN EVPN AFI IPV4/IPV6 UNICAST VRF-AWARE (TENANT) ANYCAST GATEWAY BGP RR / RR CLIENT AFI L2VPN EVPN BGP RR AFI L2VPN EVPN BGP RR CLIENT AFI L2VPN EVPN BGP RR CLIENT AFI L2VPN EVPN BGP RR / RR CLIENT AFI L2VPN EVPN CRS1000V VIRTUALIZED ENVIRONMENT EBGP-L2VPN-EVPN PIM SM ANYCAST RP MSDP PIM SM ANYCAST RP MSDP MSDP MSDPVLAN 50 VNID 100050
  26. 26. www.itglobalconsult.it IT WORKING FOR YOUR BUSINESS Grazie per l’attenzione

×