Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

VXLAN: Enhancements and Network Integration

106 views

Published on

APRICOT 2014

Published in: Internet
  • Be the first to comment

  • Be the first to like this

VXLAN: Enhancements and Network Integration

  1. 1. © 2010 Juniper Networks, Inc. www.juniper.net VXLAN, Enhancements, and Network Integration Apricot 2014 - Malaysia Eddie Parra Principal Engineer, Juniper Networks Router Business Unit (RBU) eparra@juniper.net Legal  Disclaimer:  This  statement  of  product  direc2on  sets  forth  Juniper  Networks‘  current  inten2on,  and  is  subject  to  change  at  any  2me  without  no2ce.    No  purchases  are  con2ngent   upon  Juniper  Networks  delivering  any  feature  or  func2onality  depicted  on  this  statement.  
  2. 2. 2 Copyright © 2014 Juniper Networks, Inc. VARIOUS ENCAPSULATION METHODS   TRILL   Intel, Cisco, Brocade   IEEE 802.1aq   Huawei, ALU   FabricPath   Cisco   VCS   Brocade   Qfabric   Juniper   GRE   Ethernet-over-GRE   IP-IP   MPLS   MPLS over GRE   MPLS over UDP   L2TP   GTP-U   …etc FabricsOverlays Other   VXLAN   Cumulus, Arista,, Broadcom, Cisco, VMware, Citrix, Red Hat   NVGRE   Microsoft, Arista, HP, Broadcom, Juniper   STT   Nicira, Rackspace, eBay, Yahoo!   Geneve   VMware, Microsoft, Red Hat, Intel
  3. 3. 3 Copyright © 2014 Juniper Networks, Inc. VXLAN PLATFORM AND VENDOR SUPPORT Other T2 Platform Vendors Broadcom Trident 2 (aka “T2”) Platforms QFX5100-48S (1RU) 48x10 GbE 6x40 GbE QFX5100-96S (2RU) 96x10 GbE 8x40 GbE QFX5100-24Q 24x40 GbE 2 x Modules: 8x10 or 4x40 GbE Juniper MX-Series and EX9200
  4. 4. 4 Copyright © 2014 Juniper Networks, Inc. VXLAN ENCAPSULATION AND TERMINOLOGY VTEP Host-A Host-BRouter-A Router-B VXLAN VXLAN Segment VXLAN Tunnel End Point (VTEP) VXLAN Network Identifier (VNI) DA MAC SA MAC VXLAN IP DA MAC SA MAC DA MAC SA MAC IP IP/UDP VTEP VNIVNI VXLAN Encapsulation Terminology 1 2 3 DA MAC SA MAC IP
  5. 5. 5 Copyright © 2014 Juniper Networks, Inc. VIRTUAL EXTENSIBLE LOCAL AREA NETWORK (VXLAN)   Encapsulation Overview   Layer 2 Overlay scheme over Layer 3 network   Designed for VM-to-VM communication in mind   VXLAN should be transparent to end hosts   Provide L2 segmentation ability > 4096 VLANs   24 bit VXLAN Network Identifier (VNI)   16M VXLAN segments   Forwarding Overview   Data-Plane based learning and forwarding   VXLAN relies on Data-Plane learning of associated host MAC addresses to VTEP IP’s through source learning   Similar to Layer 2 with flood and learn Outer MAC DA Outer MAC SA Optional Outer 802.1Q Outer IP DA Outer IP SA Outer UDP VXLAN ID (24 Bits) Inner MAC DA Inner MAC SA Optional Inner 802.1Q Original Ethernet Payload FCS VXLAN Encapsulation Original Ethernet Frame
  6. 6. 6 Copyright © 2014 Juniper Networks, Inc. VXLAN: BROADCAST TRAFFIC EXPLAINED VTEP VTEP 1)  Host-A sends an ARP for Host-B. 2)  Router-A looks up the VNI association for Host-B. 3)  There is no entry and the ARP is VXLAN encapsulated and sent out to the IP multicast group per that VNI. 4)  Router-B receives the Multicast packet, verifies the validity of the VNI, and learns the inner source MAC of Host-A. 5)  Host-B receives the ARP and responds. 6)  Router-B looks up the VNI associated for Host-A, and VXLAN unicasts to Router-A. 7)  Router-A receives the unicast packet, verifies the validity of the VNI, and learns the inner source MAC of Host-B. Host-A Host-BRouter-A Router-B VXLAN Multicast Enabled
  7. 7. 7 Copyright © 2014 Juniper Networks, Inc. VXLAN INTEGRATION WITH EXISTING SERVICES Virtual-Switch.0 VLAN-ID: 101 Bridge-Domain.0 VLAN-ID: 100 LAN LAN VNI 100 LAN LAN VNI 101 IRB.0 IRB.1 L3VPN VPLS EVPN   Overview   Terminate (aka “Stitch”) VXLAN segments into existing network services, such as L3VPN, VPLS and E-VPN   Use routing/switch instances as centralized anchor points within a geography   Integration Areas   Data Center Interconnect (DCI)   Virtual Provide Cloud Gateway   Access to Edge   MBH, Business, Residential, Wholesale   Subtending nodes
  8. 8. 8 Copyright © 2014 Juniper Networks, Inc. INTER-VXLAN ROUTING VTEP VTEP Bridge-Domain or Virtual-Switch VXLAN,VNI#100 Use Cases:   Inter-Connecting   VXLAN Segments   L2 - VLANS   L3 – IRB   L2VPN / L3VPN   VPLS / E-VPN   Augment Merchant Silicon with In-House Silicon   Example: Trident-2 does not support the ability to route packets into VXLAN tunnels and vice versa based on payload IP header.   Controlled VTEP Broadcast Replication Router-B Router-C Router-A VXLAN,VNI#200 IRB VTEPVTEP
  9. 9. 9 Copyright © 2014 Juniper Networks, Inc. BROADCAST DOMAIN REPRESENTATION IRBL2 VNI 100 VNI 200 NH Broadcast Domain Layer-3 E-VPNVXLAN VLAN
  10. 10. 10 Copyright © 2014 Juniper Networks, Inc. UNICAST ONLY VXLAN Router-A Router-B Enhancements:   Broadcast replication using VXLAN Unicast   Endpoints are statically defined   In-line Data Plane learning and forwarding functions the same Use Cases:   No IP Multicast support between VTEPs   A static point-to-point deployment, whereby a given VNI only has two VTEPs   VXLAN communication must be secure using a mechanism that does not support IP Multicast Router-C VXLAN, VNI # 100 VXLAN, VNI # 200 No Multicast VTEP VTEP VTEP VTEP
  11. 11. 11 Copyright © 2014 Juniper Networks, Inc. CONTROL MODES VM VM VM VM VDS VTEP VTEP VM VM VM VM VDS VTEP VTEP   VXLAN IETF Draft based   Multicast for L2-BUM traffic   Or Unicast BUM replication   P2P tunnels built by the controller   Juniper Contrail or VMware NSX   OVSBD (or NETCONF)   Controller MAC Learning   Can be combined with Data Plane Control Controller Data Plane Based Control Plane Based VTEP VTEP
  12. 12. 12 Copyright © 2014 Juniper Networks, Inc. DAYONE GUIDE: VXLAN CASE STUDIES Tentatively Scheduled for May, 2014  Day One Guide   Native VXLAN with Multicast   PIM/OSPFv2   Unicast Only VXLAN   No Multicast   Inter-VXLAN Routing   Network Service Integration   VXLAN over IPSec Transport   IPsec Tunnel Mode
  13. 13. 13 Copyright © 2014 Juniper Networks, Inc. SUMMARY   VXLAN Consideration   Think beyond VXLAN’s design use cases   Use platform diversity to your advantage   Economics, Power, Space, …etc   JUNOS VXLAN Support   Target Release: JUNOS 14.1   May timeframe   Account teams can provide beta images   Feel free to email me accordingly
  14. 14. © 2010 Juniper Networks, Inc. www.juniper.net THANK YOU…
  15. 15. © 2010 Juniper Networks, Inc. www.juniper.net BACKUP SLIDES
  16. 16. 16 Copyright © 2014 Juniper Networks, Inc. REFERENCES Standards VXLAN: A Framework for Overlay Virtualized L2 Networks over L3 Networks http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-08 Generic Overlay OAM and Datapath Failure Detection http://www.ietf.org/id/draft-jain-nvo3-overlay-oam-01.txt The Open vSwitch Database (OVSDB) Management Protocol http://tools.ietf.org/html/rfc7047

×