SlideShare a Scribd company logo
Overlay Networking withVXLAN	

Frankie Lim @ Arista.com
Needs for an Overlay Networks	

Logical Network (aka “Overlay” Network)	

§  NetworkVirtualization (SDN)	

§  Abstracts the virtualized environment form
the physical topology 	

§  Constructs Layer 2 tunnels across the physical
infrastructure 	

§  Tunnels provide connectivity between physical
and virtual end-points	

Physical Network (aka “Underlay” Network)	

§  Transparent to the overlay technology	

§  Allows the building of L3 infrastructure – No L2	

§  Physical provide the bandwidth and scale for the
communication	

§  Removes the scaling constraints of the physical
from the virtual	

Physical Infrastructure	

Overlay 	

Networks
Introducing VXLAN (RFC 7348)	

Virtual eXtensible LAN (VXLAN RFC 7348)	

§  IETF framework proposal, co-authored by Arista, Broadcom,
Cisco, Citrix Red Hat &VMware	

Provides Layer 2 “Overlay Networks” on top of a Layer 3
network	

§  “MAC in IP” Encapsulation	

§  Layer 2 multi-point tunneling over IP UDP	

Tunnel End-Points (VTEPs) perform encapsulation/decapsulation	

§  In Software e.g. Hypervisor vSwitch	

§  In Hardware e.g. Leaf Switches	

Enables Layer 2 interconnection across Layer 3 boundaries	

§  Transparent to the physical IP network	

§  Provides Layer 2 scale across the Layer 3 IP fabric	

§  Abstracts theVirtual connectivity from the physical IP
infrastructure	

§  e.g. EnablesVMotion, L2 clusters etc. across standards based
IP fabrics	

VM-1	

10.10.10.1/24	

VM-2	

20.20.20.1/24	

VM-3	

10.10.10.2/24	

VM-4	

20.20.20.2/24	

ESX host	

 ESX host	

Subnet A	

Layer 2 (e.g. forVM mobility,
storage access, clustering etc.) 	

Across Layer 3 subnets	

NAS	

20.20.20.324	

Load Balancer	

10.10.10.3/24	

Subnet B
VXLAN Terminology	

Virtual Tunnel End-point (VTEP) 	

§  Performs for VXLAN encapsulation & decapsulation of the
native frame 	

§  Adds the the appropriate VXLAN header. 	

§  Can be implemented on software virtual switch or a physical
switch.	

Virtual Tunnel Identifier (VTI)	

§  An IP interface used as the Source IP address for the
encapsulatedVXLAN traffic	

§  The destination IP address forVXLAN encapsulated traffic	

Virtual Network Identifier (VNI)	

§  A 24-bit field added within theVXLAN header. 	

§  Identifies the Layer 2 segment of the encapsulated Ethernet
frame	

VXLAN Header	

§  The IP/UDP VXLAN header added by theVTEP	

§  Uses a UDP source port based on a hash of the inner frame
to create entropy for ECMP	

Software	

VTEP	

Hardware
VTEPs	

VTEP	

IP address:	

x.x.x.x	

VTI-A	

VTI-B	

VTI-C	

VTEP	

VTEP	

IP address:	

z.z.z.z	

IP address:	

y.y.y.y	

VXLAN + IP/UDP header	

SRC IPVTI-A; DST IPVTI-C	

Logical Layer 2 Network	

VNI n.n
VXLAN Encapsulated Frame Format	

§  Ethernet header uses localVTEP MAC and default router MAC (14 bytes plus 4 optional 802.1Q
header)	

§  TheVXLAN encapsulation source/destination IP addresses are those of local/remoteVTI (20 bytes)	

§  UDP header, with SRC port hash of the inner Ethernets header, destination port IANA defined (8
bytes)	

•  Allows for ECMP load-balancing across the network core which isVXLAN unaware.	

§  24-bitVNI to scale up to 16 million for the Layer 2 domain or “Virtual Wires” (8 bytes)	

Src. 
MAC addr.	

Dest.
MAC addr.	

802.1Q.	

 Dest. IP	

 Src. IP	

 UDP	

VNI	

(24 bits)	

Payload	

 FCS	

Src. 
MAC addr.	

Dest.
MAC addr.	

Optional
802.1Q.	

Original Ethernet Payload
(including any IP headers etc.)	

VXLAN (IP-MAC) Encapsulation	

Ethernet Frame
VXLAN Overlay Networks	

Fixed Configuration, 	

Active-Active Layer 3 design
for scale, using well known
management tools/protocols	

Flexible VTEP Edge, 	

Mobile, agile, for flexible
provisioning via Cloud
Management Platforms (CMP)	

VXLAN Overlay Architecture configuration/flexibility at the edge, and transparency and
fix configuration in the IP fabric	

VXLANVNI 10	

VTEP	

 VTEP	

VXLANVNI 20	

VTEP
VLXANVTEP within the Hypervisor vSwitch	

§  VXLAN encapsulation  de-capsulation performed by the vSwitch 	

•  Encapsulation performed prior to packet hitting the “physical interface”	

•  Physical network is unaware of the encapsulated content	

-  Sees only IP headers	

§  External routing via decapsulation 
on the software switch	

-  Based onVNI toVLAN mapping	

128.218.11.x	

128.218.10.x	

10.10.1.4	

 10.10.1.5	

 10.10.1.6	

Locally Switched 	

Traffic is done without 	

encap/decap	

vSwitch is responsible 	

for encapsulation 
decapsulation ofVXLAN traffic
between hosts	

Software Router
Responsible for
external routing	

Physical 	

Infrastructure	

Virtual Switch
(VTEP)	

SWVTEP:	

VNI toVLAN 
translation	

Virtual Switch
(VTEP)
Switch basedVXLAN Gateway Architecture	

UDP 4729	

VTI 1	

10.10.1.1	

VTEP	

VNI 200	

 VNI 2000	

 VNI 20000	

VLAN 100	

 VLAN 200	

 VLAN 300	

 VLAN 400	

 VLAN 500	

Ethernet Ports
Port Channels	

Ethernet Ports
Port Channels	

Ethernet Ports
Port Channels	

Ethernet Ports
Port Channels	

Ethernet Ports
Port Channels	

Local Devices	

 Local Devices	

 Local Devices	

 Local Devices	

 Local Devices	

Ethernet Ports
Port Channels	

Spine/Leaf Switch
Ports	

 Ports	

Point  Multi-Point Tunnel Service	

UDP 4729	

1	

2.2.2.3	

VTEP	

VTEP	

Devices	

 Ports	

VLAN	

100	

Devices	

 Ports	

VLAN	

500	

VTI 	

2.2.2..1	

Devices	

 Ports	

VLAN	

200	

Devices	

 Ports	

VLAN	

300	

Devices	

 Ports	

VLAN	

400	

VTEP	

Ports	

Ports	

VTI 1	

2.2.2.2	

Ports	

Ports	

Ports	

UDP
4729	

Devices	

Devices	

Devices	

Devices	

Devices	

VNI 2000	

VNI	

200	

VNI	

2000	

VNI	

20000	

VNI	

200	

VNI	

2000	

Ports	

VNI 2000	

UDP
4729	

VLAN toVNI mappings are local to switch – inbuilt support forVLAN translation	

VLAN	

100	

VLAN	

500	

VLAN	

200	

VLAN	

300	

VLAN	

400	

VLAN 400	

Ports	

Devices	

Devices	

 Devices	

VLAN 500	

Ports	

VLAN 300	

Devices	

Ports	

VLAN 200	

Devices	

Ports	

VLAN 100	

Ports	

Devices	

Switch	

 Switch	

Switch
VXLAN – Control Plane
VXLAN Control Plane Options	

§  SDN Controller or Controller-less	

§  TheVXLAN control plane is used for MAC learning and packet flooding	

•  Mechanism to discover hosts residing behind remoteVTEPs	

•  How to discoverVTEPs and theirVNI membership 	

•  The mechanism used to forward Broadcast and multicast traffic within the Layer 2 segment (VNI) 	

IP Multicast Control
Plane
• VTEP join an associated IP
multicast group (s) for the
VNI(s)
• Unknown unicasts
forwarded to VTEPs in the
VNIs via IP multicast
• Support for Third-party
VTEP(s)
• Flood and learn and
requires IP multicast
support – limited
deployments
HeadEnd Replication
(HER)
• BUM traffic replicated to
each remote VTEPs in the
VNIs
• Replication carried out on
the ingress VTEP.
• Support for Third-party
VTEP(s)
• MAC learning still via flood
and learn but no
requirement for IP multicast
HER with Controller
• Local learnt MACs and VNI
binding published to
Controller
• Controller dynamically
distributes state to remote
VTEPs
• Support for Third-party
VTEP(s)
• Dynamic MAC distribution,
automated flood-list
provisioning
• HA Cluster support for
resiliency
eVPN Model
• BGP used to distribute local
MAC to IP bindings
between VTEPs
• Broadcast traffic handled
via IP multicast or HER
models
• Dynamic MAC distribution
and VNI learning,
configuration can be BGP
intensive
• Support for Third-party
VTEP(s)
VXLAN BUM Forwarding and Learning…	

§  The RFC Model	

•  RemoteVM MAC ßàVTEP association learnt via IP multicast	

•  VTEP with a givenVNI joins associated (*,G) group	

•  Broadcast, Unknown  Multicast traffic for aVNI sent to the IP multicast group	

•  LocalVTEP “learns” MAC to remoteVTEP IP bonding	

•  Once bonded traffic is unicast via standard Layer 3 protocol	

	

	

VM4@VNI10@VTEP-B	

VM5@VNI20@VTEP-B	

VM6@VNI30@VTEP-B	

VM7@VNI10@VTEP-C
VM8@VNI20@VTEP-C	

VM9@VNI30@VTEP-C	

	

Multicast (*,G) tree forVNI 10	

Multicast (*,G) tree forVNI 20	

Multicast (*,G) tree forVNI 20	

	

	

	

VM1	

VNI10	

VM2	

VNI20	

VM3	

VNI300	

VM4	

VNI10	

VM5	

VNI20	

VM6	

VNI30	

VM7	

VNI10	

VM8	

VNI20	

VM9	

VNI30	

VTEP-
A	

VTEP-
B	

VTEP-
C	

Requires an IP Multicast 
Enabled Physical Network!	

Note: Arista supports single (*,G) group + HER. All other platforms use HER
Unicast 	

toVTEP-4	

VTEP	
  flood	
  list	
  on	
  
VTEP-­‐1	
  
	
  VNI	
  2000	
  à	
  VTEP-­‐3	
  
	
  VNI	
  2000	
  à	
  VTEP-­‐4	
  
VTEP	
  flood	
  list	
  on	
  VTEP-­‐3	
  
	
  VNI	
  2000	
  à	
  VTEP-­‐1	
  
	
  VNI	
  2000	
  à	
  VTEP-­‐4	
  
VTEP	
  flood	
  list	
  on	
  VTEP-­‐4	
  
	
  VNI	
  2000	
  à	
  VTEP-­‐1	
  
	
  VNI	
  2000	
  à	
  VTEP-­‐3	
  
VTEP creates a unicast
frame for eachVTEP in
the flood-list	

of the specificVNI	

BUM traffic	

VTEP flood list manually 	

configured on eachVTEP 	

for eachVNI	

BUM traffic received 
locally onVTEP 	

VTEP learns inner MAC and maps
to the outer SRC IP (remoteVTEP) 	

Separate unicast on the wire for eachVTEP in theVNI	

1	

2	

3	

4	

VTEP
2	

VTEP
3	

VTEP
4	

VNI 2000	

VXLAN Head End Replication	

VTEP
1	

Unicast 	

toVTEP-3	

Eliminates the need for an IP Multicast Enabled Physical
Network!
VLAN	
  200	
  	
  Eth	
  2	
  
-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐	
  
VTEP	
  Config	
  
Source-­‐IP	
  1.1.1.2/32	
  
VLAN	
  500	
  à	
  VNI	
  2000	
  
Overlay Network	

§  VLAN toVNI mapping of aVTI is only locally significant	

•  Local 802.1QVLAN Tag is stripped prior toVXLAN encapsulation	

•  Allows for a singleVLAN tag to be mapped to differentVNIs on different switches	

•  ProvidingVLAN translation across aVNI and scale beyond the traditional 4k+VNIs	

VLAN	
  20	
  	
  Eth	
  2,	
  Eth3	
  
-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐	
  
VTEP	
  config	
  
VLAN	
  20	
  à	
  VNI	
  2000	
  
VLAN 20	

 VLAN 500 	

VNI 2000	

VLANs (1-3K) 	

POD significant)	

VLANs (1-3K) 	

POD significant)	

VLANs (1-3K) 	

POD significant)	

VNIs Mapping 	

5k-8K	

VNIs Mapping 	

9k-12K	

VNIs Mapping 	

12k-15K	

Scaling beyond 4KVLANs	

Across POD DC wide VNIs VLAN 3k +
VLAN Translation betweenVTEPs	

VTEP	

VTEP	

Eth 2	

Eth 2	

 Eth 3
SDN Controllers forVXLAN	

CVX + NSX
•  Centralized database of
physical infrastructure
collected on CVX
•  CVX state (MAC, VNIs, HW
VTEPs) shared with NSX 
•  Centralized provisioning and
controller via the NSX
controller
•  Solution for scalable dynamic
DCs with HW to SW VTEP
automation
•  Advantages within an ESXi
estate 
CloudVision	

eXchange	
  
CVX + Nuage
•  Centralized database of
physical infrastructure
collected on CVX
•  CVX state (MAC, VNIs, HW
VTEPs) shared with the VSC 
•  Centralized provisioning and
controller via the VSC
controller
•  Solution for scalable dynamic
DCs with HW to SW VTEP
automation
•  Targeted for a Zen, KVM
estate 
CVX + OpenStack
•  Centralized database of
physical infrastructure
collected on CVX
•  ML2 plugin for communication
between CVX and OpenStack 
•  Provisioning of the physical
infrastructure from OpenStack
•  Solution for small to medium
DCs with VTEP automation
•  Targeted for a Zen, KVM
estate 
CloudVision	

eXchange	
  
CloudVision	

eXchange	
  
OVSDB
 OVSDB
ML2 plugin
VXLAN – Layer 2 Services
VXLAN Bridging	

§  Provides layer 2 connectivity (P2P, P2M) over the layer 3 spine/leaf network	

§  Allowing any-to-any Layer 2 connectivity between DCs, racks, servers, devices,VMs	

§  Layer 2 connectivity provided byVXLAN encapsulation at the leaf nodes –VXLAN
VTEP(s) 	

Subnet/VLAN A 

Subnet/VLAN B 

Spine
Subnet/VLAN A 

Subnet/VLAN B 

VXLAN VNI – Layer 2
VXLAN VNI – Layer 2
Leaf
VTEP	

VTEP
VTEP	

VTEP
VXLAN Bridging Operation	

§  Standard local switching via theVLAN configuration on theVTEP	

§  Extend the Layer 2 domain by mapping theVLAN ID to theVXLAN VNI	

§  VLAN toVNI mapping is only locally significant, VLAN tag is not carried in the
VXLAN frame	

§  Host learnt on the remoteVTEP, VXLAN encapsulated by theVTEP and routed to
the remoteVTEP	

VLAN
10	

MAC-1	

MAC 2	

Leaf-1
Serv-1
MAC-1
VLAN 10 à VNI 1010
802.1Q
VLAN 10
L3 Backbone
VNI 1010
VNI 1010 - VLAN 20
Serv-2
MAC-2
Leaf-2
Inner Eth
Frame	

VNI 1010	

2.2.2.2	

2.2.2.1	

VLAN
20	

MAC-1	

MAC 2	

802.1Q
VLAN 20
Layer 2 Domain (eg,
193.10.10.0/24)
VTEP
2.2.2.2
Eth-49
 Eth-1
VTEP
2.2.2.1
Eth-1
 Eth-49
Active/
Active 
Dual-
homing
Rack-
1
VXLAN Bridging – Resiliency with dual-homing	

§  For host resiliency single LogicalVTEP can be created across the Active/Active
Dual-homing domain	

§  Providing active-activeVXLAN encap and decap across the two physical
switches	

VTI	

VTI	

Eth-1
Eth-1
VTI	

VTI	

Eth-1
Eth-1
L3 Backbone
VNI 1010
Inner Eth
Frame	

VNI 1010	

2.2.2.2	

2.2.2.1	

Rack-
2
VLAN 10	

MAC-1	

MAC 2	

VLAN 20	

MAC-1	

MAC 2	

VLAN 10 à VNI 1010
VNI 1010 - VLAN 20
Serv-1
MAC-1
Serv-2
MAC-2
Layer 2 Domain
VTEP
2.2.2.2
VTEP
2.2.2.1
Eth-49
Eth-49
Eth-49
Eth-49
Leaf-11
	

Leaf-12
Leaf-21
Leaf-22
Active/
Active 
Dual-
homing
S-VLAN to VNI mapping
•  Mapping of outer S-Tag to single
VNI
•  Inner C-Tag are transported within a
single VNI
•  The inner VLAN ID are carried on
VXLAN encap frame
•  Ability to transport all customer
VLANs across a single VXLAN point
to point link
Switchport mode dot1q-
tunnel
VXLAN Bridging -VLAN toVNI Service Mapping	

VLAN toVNI mapping	

•  One to One mapping betweenVLAN ID
and theVNI	

•  Mapping is only locally significant, 	

•  VLAN ID not carried onVXLAN encap
frame	

•  AllowsVLAN translation between
remoteVTEPs	

Port + VLAN to VNI mapping
•  Mapping traffic to a VNI based on a
combination of the ingress port and
it VLAN-ID
•  The VLAN ID is not carried on
VXLAN encap frame
•  Provides support for overlapping
VLANs within a single VTEP to be
mapped to different VNIs
Leaf-1
VNI 1020
VNI 1010	

VLAN
10
VLAN
20
VLAN 10 - VNI
1010
VLAN 20 à VNI
1020
Leaf-1
VTEP
VNI 1030
C-tag 10,20
VLAN 10,20
S-VLAN 30 - VNI
1030
Leaf-1
VTEP
VLAN 10
Eth-1 VLAN 10 - VNI 1010
Eth-2 VLAN 10 à VNI 1020
Eth-1 
VLAN 10
Eth-2 
VNI 1020
VNI 1010
VTEP
Eth-1 
VLAN 30
VXLAN Bridging – STP Behavior	

§  STP BPDU’s are not transported across theVXLAN tunnel	

§  Creating Separate STP domains within the local ports of eachVTEP	

Leaf-1
Serv-1
802.1Q
VLAN 10
L3 Backbone
VNI 1010	

Serv-2
Leaf-2
802.1Q
VLAN 10
Layer 2 Domain
Spanning Tree Domain 1
STP BPDU	

Root Bridge
leaf 1	

Cost 0	

VLAN 10 à VNI
1010
VNI 1010 à VLAN
10
STP BPDU	

Root Bridge
leaf 2	

Cost 0	

Spanning Tree Domain 2
VTEP
2.2.2.2
VTEP
2.2.2.1
Eth-1
 Eth-49
 Eth-49
 Eth-1
VXLAN Bridging – Quality of Service	

§  Standard ingress policy used to define DSCP of outer frame	

§  Trusted or Untrusted configuration of ingress interface used to derive outer CoS/DSCP
value 	

§  Any re-write action applied to only the inner frame NOT the outer frame	

§  Outer CoS value derived from the Traffic Class map	

Leaf-1
Eth-1
 Eth-49
DSCP Trusted Interface
CS1 (8)
DSCP to TC mapping : CS1 à TC 0
CS1 (8)
Outer 
CS1 (8)
inner
Leaf-1
Eth-1
 Eth-49
DSCP Untrusted Interface (with Re-write)

CS4 (32)
DSCP to TC mapping: CS3 à TC 3
TC to DSCP Rewrite : TC 3 à AF21 (18)
CS3 (24)
Outer 
AF21 (18)
inner
Default interface CoS = CS3 (24)
VTEP
 VTEP
VXLAN Bridging – Use Case 1	

Interconnect Islands within the DC or across geographically disperse sites 	

•  ProvidingVM workload mobility within DC and inter DCs	

•  Workload migration,VM bursting (eg hybrid cloud), business continuity across DCs	

	

DCI to provide Layer 2 connectivity 
between geographically disperse sites
Server migration POD interconnect for connectivity between DC’s PODs
Layer 2 Domain
 Layer 2 Domain
VNI
VNI
 802.1Q
VTEP
802.1Q
VTEP
VXLAN Bridging - Use case 2	

VXLAN as a Layer 2 Service within a Leaf Spine	

•  Interconnect disperse subnets with Layer 3 to 7 services – NFV service chaining	

•  Providing a logical multi-tiered network regardless of physical location 	

Server Leaf
 Server Leaf
 Tenant L3 Node
NFV
Services Leaf
Firewall
Load-balancer
Firewall
VNI 1010
VNI 1020
VNI 1030
Tenantslogical
Connectivity
VNI
Layer 2
VNI
 Layer 2
VNI
Spine
VTEP
VTEP
 VTEP
VTEP
VXLAN – Layer 3 Services
VXLAN Routing	

VXLAN Bridging Model	

§  Routing achieved via a centralized node	

§  Requiring a dedicated routing node
within the leaf-spine fabric	

§  Sub-optimal traffic forwarding to traffic
tromboning 	

VXLAN Routing model	

§  Routing achieved at the leaf LayerVTEP nodes	

§  No additional external routing nodes required	

§  Optimized routing with the reducing of traffic
tromboning	

§  Not supported by MPLS VLL/VPLS	

Server Leaf
Dedicated L3 Node
VNI 1010
 VNI 1030
Server Leaf
Server Leaf
Spine
Server Leaf
VNI 1010
VNI 1020
Route directly 
at the leaf
Server Leaf
 Server Leaf
Dedicated Router, sub-optimal forwarding
 Routing at the leaf, providing optimal
forwarding
VTEP
 VTEP
 VTEP
 VTEP
 VTEP
Spine
VTEP
 VTEP
 VTEP
 VTEP
What isVXLAN Routing?	

§  SVI configured on theVLAN which isVXLAN enabled 	

§  SVI can be placed in a non-defaultVRF to support overlapping IPs and multi-
tenancy	

§  NoteVXLAN routing support is required on the platform even when next-hop
host(s) are local 	

Serv-1
10.10.10.100 
GW 10.10.10.1
SVI VLAN 10
10.10.10.1
802.1Q
VLAN 10
SVI VLAN 20
10.10.20.1
Serv-2
10.10.20.100 
GW 10.10.20.1
VNI 1020
VXLAN
Bridging
Routing +
VXLAN Encap
802.1Q
VLAN 20
VTEP
2.2.2.2
VTEP
2.2.2.1
Leaf-1
Leaf-2
VXLAN Routing - Operation 	

10.10.10.100	

10.10.20.100	

VLAN 10	

MAC-1	

MAC -3	

VNI 1020	

10.10.10.100	

10.10.20.100	

VLAN 10	

MAC-4	

MAC-2	

VNI 1020	

2.2.2.2	

2.2.2.1	
  
10.10.10.100	

10.10.20.100	

VLAN 20	

MAC-4	

MAC -2	

1. SVI 10 Gateway for Serv-1.
Routes packet into subnet
10.10.20.0, resulting in a Src MAC
of MAC-4 and Dest MAC of
MAC-2
10.10.10.100	

10.10.20.100	

VLAN 20	

MAC-4	

MAC-2	

2. VTEP-1 learns Dest MAC
(MAC-2) via remote VTEP=2
(2.2.2.2). VXLAN encaps the
frame with a Dest-IP of 2.2.2.2 
3. VTEP-2 maps VNI 1020 to 
VLAN 20. MAC lookup of
MAC-2
points to Eth-6. VXLAN
header 
removed and forwarded to
Serv-2
4. Packet forward to
Serv-2 tagged based on
the Local VLAN to VNI
mapping
Serv-1
10.10.10.100 
GW 10.10.10.1
MAC-1
Serv-2
10.10.20.100 
GW 10.10.20.1
MAC-2
802.1Q
VLAN 20
802.1Q
VLAN 10
SVI VLAN 10
10.10.10.1
MAC-3
SVI VLAN 20
10.10.20.1
MAC-4
VNI 1020
VNI 1020 à VLAN
20
VXLAN Bridging
VTEP-1
2.2.2.1
VTEP-2
2.2.2.2
VXLAN Routing - Forwarding models for Trident2 platform	

§  Single re-circulation required.	

•  1st pass of ASIC to route frame	

•  2nd pass of ASIC forVXLAN encapsulation	

VXLAN Routing – Route and VXLAN encapsulation 
Local host to a remote host
VLAN 10 à VLAN 20 à VNI 1020
VLAN 10
VXLAN Routing – VXLAN de-encapsulate and route
Remote host routed to a local host and switch is the DFG for the remote host
VXLAN Routing – VXLAN de-encapsulate, route and VXLAN encapsulate
Switch is the DFG for two remote hosts on different subnets
§  Two re-circulations required.
•  1st pass of ASIC for VXLAN de-capsulation
•  2nd pass of ASIC to route of inner frame
•  3rd pass of ASIC for VXLAN encapsulation 
§  Single re-circulation required.
•  1st pass of ASIC for VXLAN de-
capsulation
•  2nd pass of ASIC to route of inner frame
VLAN 10 ß VLAN 20ß VNI 1020
VLAN 10
VNI 1010 à VLAN 10 à VLAN 20 à VNI 1020
VNI 1010
VNI 1020
VNI 1020
VNI 1020
VXLAN Routing – Forwarding Models	

Intel Fulcrum Alta platforms	

•  AllVXLAN routing functionality is achieved in a single pass	

•  No need for recirculation ports	

Broadcom Trident2,Tomahawk	

•  AllVXLAN routing functionality is achieved in mixed single and double passes	

•  Need for recirculation ports	

Broadcom Trident2+, ARAD, Jericho platforms	

•  AllVXLAN routing functionality is achieved in a single pass	

•  No need for recirculation ports
SummaryVXLAN	

§  Open standard RFC 7348 – multivendor support on software or hardware	

§  L2 extension over L3 network	

•  More reliable  scalable than L2 only QinQ,TRILL and PBB	

§  L2 over L3 services using switching TCO vs router MPLS TCO	

§  VXLANVTEP at host,VM, spine/leaf switches, load balancer – flexibility for
users and service providers	

§  Preference on hardware basedVXLAN - performance	

§  Use cases	

•  L2 extension over L3 routing network. MPLS not needed.	

•  Data Center Interconnect (DCI) for active-active DC	

•  Multi tender services chaining in hosted DC
Thank-you	

Frankie Lim @ Arista.com

More Related Content

What's hot

Demystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode seriesDemystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode series
Cumulus Networks
 
Understanding Open vSwitch
Understanding Open vSwitch Understanding Open vSwitch
Understanding Open vSwitch
YongKi Kim
 
VXLAN Practice Guide
VXLAN Practice GuideVXLAN Practice Guide
VXLAN Practice Guide
Prasenjit Sarkar
 
Virtualized network with openvswitch
Virtualized network with openvswitchVirtualized network with openvswitch
Virtualized network with openvswitch
Sim Janghoon
 
Open vSwitch Offload: Conntrack and the Upstream Kernel
Open vSwitch Offload: Conntrack and the Upstream KernelOpen vSwitch Offload: Conntrack and the Upstream Kernel
Open vSwitch Offload: Conntrack and the Upstream Kernel
Netronome
 
Advanced: 5G NR RRC Inactive State
Advanced: 5G NR RRC Inactive StateAdvanced: 5G NR RRC Inactive State
Advanced: 5G NR RRC Inactive State
3G4G
 
Cisco nx os
Cisco nx os Cisco nx os
Cisco nx os
Utpal Sinha
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Dive
rajdeep
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD)
KHNOG
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep dive
Trinath Somanchi
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch Introduction
HungWei Chiu
 
VXLAN Design and Deployment.pdf
VXLAN Design and Deployment.pdfVXLAN Design and Deployment.pdf
VXLAN Design and Deployment.pdf
NelAlv1
 
Deploying IPv6 on OpenStack
Deploying IPv6 on OpenStackDeploying IPv6 on OpenStack
Deploying IPv6 on OpenStack
Vietnam Open Infrastructure User Group
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
James Denton
 
Introduction to nexux from zero to Hero
Introduction to nexux  from zero to HeroIntroduction to nexux  from zero to Hero
Introduction to nexux from zero to Hero
Dhruv Sharma
 
Waris l2vpn-tutorial
Waris l2vpn-tutorialWaris l2vpn-tutorial
Waris l2vpn-tutorial
rakiva29
 
Cisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Cisco Live! :: Introduction to IOS XR for Enterprises and Service ProvidersCisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Cisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Bruno Teixeira
 
MPLS Presentation
MPLS PresentationMPLS Presentation
MPLS Presentation
Unni Kannan VijayaKumar
 
debugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitchdebugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitch
어형 이
 
Advanced: True Fixed-Mobile Convergence (FMC) with 5G
Advanced: True Fixed-Mobile Convergence (FMC) with 5GAdvanced: True Fixed-Mobile Convergence (FMC) with 5G
Advanced: True Fixed-Mobile Convergence (FMC) with 5G
3G4G
 

What's hot (20)

Demystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode seriesDemystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode series
 
Understanding Open vSwitch
Understanding Open vSwitch Understanding Open vSwitch
Understanding Open vSwitch
 
VXLAN Practice Guide
VXLAN Practice GuideVXLAN Practice Guide
VXLAN Practice Guide
 
Virtualized network with openvswitch
Virtualized network with openvswitchVirtualized network with openvswitch
Virtualized network with openvswitch
 
Open vSwitch Offload: Conntrack and the Upstream Kernel
Open vSwitch Offload: Conntrack and the Upstream KernelOpen vSwitch Offload: Conntrack and the Upstream Kernel
Open vSwitch Offload: Conntrack and the Upstream Kernel
 
Advanced: 5G NR RRC Inactive State
Advanced: 5G NR RRC Inactive StateAdvanced: 5G NR RRC Inactive State
Advanced: 5G NR RRC Inactive State
 
Cisco nx os
Cisco nx os Cisco nx os
Cisco nx os
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Dive
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD)
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep dive
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch Introduction
 
VXLAN Design and Deployment.pdf
VXLAN Design and Deployment.pdfVXLAN Design and Deployment.pdf
VXLAN Design and Deployment.pdf
 
Deploying IPv6 on OpenStack
Deploying IPv6 on OpenStackDeploying IPv6 on OpenStack
Deploying IPv6 on OpenStack
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
 
Introduction to nexux from zero to Hero
Introduction to nexux  from zero to HeroIntroduction to nexux  from zero to Hero
Introduction to nexux from zero to Hero
 
Waris l2vpn-tutorial
Waris l2vpn-tutorialWaris l2vpn-tutorial
Waris l2vpn-tutorial
 
Cisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Cisco Live! :: Introduction to IOS XR for Enterprises and Service ProvidersCisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
Cisco Live! :: Introduction to IOS XR for Enterprises and Service Providers
 
MPLS Presentation
MPLS PresentationMPLS Presentation
MPLS Presentation
 
debugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitchdebugging openstack neutron /w openvswitch
debugging openstack neutron /w openvswitch
 
Advanced: True Fixed-Mobile Convergence (FMC) with 5G
Advanced: True Fixed-Mobile Convergence (FMC) with 5GAdvanced: True Fixed-Mobile Convergence (FMC) with 5G
Advanced: True Fixed-Mobile Convergence (FMC) with 5G
 

Viewers also liked

33 - IDNOG03 - Guy Rosefelt (NSFOCUS) - Threat Intelligence
33 - IDNOG03  - Guy Rosefelt (NSFOCUS) - Threat Intelligence33 - IDNOG03  - Guy Rosefelt (NSFOCUS) - Threat Intelligence
33 - IDNOG03 - Guy Rosefelt (NSFOCUS) - Threat Intelligence
Indonesia Network Operators Group
 
44 - IDNOG03 - LT - Rommy Kuntoro - G.Fast 1Gbps over Copper Cable, Are we r...
44 - IDNOG03  - LT - Rommy Kuntoro - G.Fast 1Gbps over Copper Cable, Are we r...44 - IDNOG03  - LT - Rommy Kuntoro - G.Fast 1Gbps over Copper Cable, Are we r...
44 - IDNOG03 - LT - Rommy Kuntoro - G.Fast 1Gbps over Copper Cable, Are we r...
Indonesia Network Operators Group
 
10 - IDNOG03 - Parlin Marius (IDNOG) Opening Speech
10 - IDNOG03 - Parlin Marius (IDNOG) Opening Speech10 - IDNOG03 - Parlin Marius (IDNOG) Opening Speech
10 - IDNOG03 - Parlin Marius (IDNOG) Opening Speech
Indonesia Network Operators Group
 
SDN & NFV Introduction (SDN NFV Day ITB 2016)
SDN & NFV Introduction (SDN NFV Day ITB 2016)SDN & NFV Introduction (SDN NFV Day ITB 2016)
SDN & NFV Introduction (SDN NFV Day ITB 2016)
SDNRG ITB
 
07 (IDNOG02) SDN Research activity in Institut Teknologi Bandung by Affan Bas...
07 (IDNOG02) SDN Research activity in Institut Teknologi Bandung by Affan Bas...07 (IDNOG02) SDN Research activity in Institut Teknologi Bandung by Affan Bas...
07 (IDNOG02) SDN Research activity in Institut Teknologi Bandung by Affan Bas...
Indonesia Network Operators Group
 
21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...
21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...
21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...
Indonesia Network Operators Group
 
99 - IDNOG03 - Valens Riyadi (IDNOG) Closing Speech
99 - IDNOG03 - Valens Riyadi (IDNOG) Closing Speech99 - IDNOG03 - Valens Riyadi (IDNOG) Closing Speech
99 - IDNOG03 - Valens Riyadi (IDNOG) Closing Speech
Indonesia Network Operators Group
 
22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...
22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...
22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...
Indonesia Network Operators Group
 
23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...
23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...
23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...
Indonesia Network Operators Group
 
12 - IDNOG03 - Hammam Riza (BPPT) Welcoming Speech
12 - IDNOG03 - Hammam Riza  (BPPT) Welcoming Speech12 - IDNOG03 - Hammam Riza  (BPPT) Welcoming Speech
12 - IDNOG03 - Hammam Riza (BPPT) Welcoming Speech
Indonesia Network Operators Group
 
How to Implement SDN Technology in ITB
How to Implement SDN Technology in ITBHow to Implement SDN Technology in ITB
How to Implement SDN Technology in ITB
SDNRG ITB
 
Atf 3 q15-6 - solutions for scaling the cloud computing network infrastructure
Atf 3 q15-6 - solutions for scaling the cloud computing network infrastructureAtf 3 q15-6 - solutions for scaling the cloud computing network infrastructure
Atf 3 q15-6 - solutions for scaling the cloud computing network infrastructure
Mason Mei
 
Linux Native VXLAN Integration - CloudStack Collaboration Conference 2013, Sa...
Linux Native VXLAN Integration - CloudStack Collaboration Conference 2013, Sa...Linux Native VXLAN Integration - CloudStack Collaboration Conference 2013, Sa...
Linux Native VXLAN Integration - CloudStack Collaboration Conference 2013, Sa...
Toshiaki Hatano
 
Using OVSDB and OpenFlow southbound plugins
Using OVSDB and OpenFlow southbound pluginsUsing OVSDB and OpenFlow southbound plugins
Using OVSDB and OpenFlow southbound plugins
OpenDaylight
 
10.) vxlan
10.) vxlan10.) vxlan
10.) vxlan
Jeff Green
 
OpenStack Congress and Datalog (English)
OpenStack Congress and Datalog (English)OpenStack Congress and Datalog (English)
OpenStack Congress and Datalog (English)
Motonori Shindo
 
L2 over l3 ecnaspsulations (english)
L2 over l3 ecnaspsulations (english)L2 over l3 ecnaspsulations (english)
L2 over l3 ecnaspsulations (english)
Motonori Shindo
 
Integration and Interoperation of existing Nexus networks into an ACI Archite...
Integration and Interoperation of existing Nexus networks into an ACI Archite...Integration and Interoperation of existing Nexus networks into an ACI Archite...
Integration and Interoperation of existing Nexus networks into an ACI Archite...
Cisco Canada
 
Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)
KHNOG
 
42 - IDNOG03 - LT - Akhmad Zaimi - Ansible Ease your config job
42 - IDNOG03  - LT - Akhmad Zaimi - Ansible Ease your config job42 - IDNOG03  - LT - Akhmad Zaimi - Ansible Ease your config job
42 - IDNOG03 - LT - Akhmad Zaimi - Ansible Ease your config job
Indonesia Network Operators Group
 

Viewers also liked (20)

33 - IDNOG03 - Guy Rosefelt (NSFOCUS) - Threat Intelligence
33 - IDNOG03  - Guy Rosefelt (NSFOCUS) - Threat Intelligence33 - IDNOG03  - Guy Rosefelt (NSFOCUS) - Threat Intelligence
33 - IDNOG03 - Guy Rosefelt (NSFOCUS) - Threat Intelligence
 
44 - IDNOG03 - LT - Rommy Kuntoro - G.Fast 1Gbps over Copper Cable, Are we r...
44 - IDNOG03  - LT - Rommy Kuntoro - G.Fast 1Gbps over Copper Cable, Are we r...44 - IDNOG03  - LT - Rommy Kuntoro - G.Fast 1Gbps over Copper Cable, Are we r...
44 - IDNOG03 - LT - Rommy Kuntoro - G.Fast 1Gbps over Copper Cable, Are we r...
 
10 - IDNOG03 - Parlin Marius (IDNOG) Opening Speech
10 - IDNOG03 - Parlin Marius (IDNOG) Opening Speech10 - IDNOG03 - Parlin Marius (IDNOG) Opening Speech
10 - IDNOG03 - Parlin Marius (IDNOG) Opening Speech
 
SDN & NFV Introduction (SDN NFV Day ITB 2016)
SDN & NFV Introduction (SDN NFV Day ITB 2016)SDN & NFV Introduction (SDN NFV Day ITB 2016)
SDN & NFV Introduction (SDN NFV Day ITB 2016)
 
07 (IDNOG02) SDN Research activity in Institut Teknologi Bandung by Affan Bas...
07 (IDNOG02) SDN Research activity in Institut Teknologi Bandung by Affan Bas...07 (IDNOG02) SDN Research activity in Institut Teknologi Bandung by Affan Bas...
07 (IDNOG02) SDN Research activity in Institut Teknologi Bandung by Affan Bas...
 
21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...
21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...
21 - IDNOG03 - Jimmy Halim (Cloudflare) - Brief Introduction of CloudFlare, t...
 
99 - IDNOG03 - Valens Riyadi (IDNOG) Closing Speech
99 - IDNOG03 - Valens Riyadi (IDNOG) Closing Speech99 - IDNOG03 - Valens Riyadi (IDNOG) Closing Speech
99 - IDNOG03 - Valens Riyadi (IDNOG) Closing Speech
 
22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...
22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...
22 - IDNOG03 - Christopher Lim (Mellanox) - Efficient Virtual Network for Ser...
 
23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...
23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...
23 - IDNOG03 - Affan Basalamah (ITB) Achmad Basuki (UNIBRAW) - Overview of In...
 
12 - IDNOG03 - Hammam Riza (BPPT) Welcoming Speech
12 - IDNOG03 - Hammam Riza  (BPPT) Welcoming Speech12 - IDNOG03 - Hammam Riza  (BPPT) Welcoming Speech
12 - IDNOG03 - Hammam Riza (BPPT) Welcoming Speech
 
How to Implement SDN Technology in ITB
How to Implement SDN Technology in ITBHow to Implement SDN Technology in ITB
How to Implement SDN Technology in ITB
 
Atf 3 q15-6 - solutions for scaling the cloud computing network infrastructure
Atf 3 q15-6 - solutions for scaling the cloud computing network infrastructureAtf 3 q15-6 - solutions for scaling the cloud computing network infrastructure
Atf 3 q15-6 - solutions for scaling the cloud computing network infrastructure
 
Linux Native VXLAN Integration - CloudStack Collaboration Conference 2013, Sa...
Linux Native VXLAN Integration - CloudStack Collaboration Conference 2013, Sa...Linux Native VXLAN Integration - CloudStack Collaboration Conference 2013, Sa...
Linux Native VXLAN Integration - CloudStack Collaboration Conference 2013, Sa...
 
Using OVSDB and OpenFlow southbound plugins
Using OVSDB and OpenFlow southbound pluginsUsing OVSDB and OpenFlow southbound plugins
Using OVSDB and OpenFlow southbound plugins
 
10.) vxlan
10.) vxlan10.) vxlan
10.) vxlan
 
OpenStack Congress and Datalog (English)
OpenStack Congress and Datalog (English)OpenStack Congress and Datalog (English)
OpenStack Congress and Datalog (English)
 
L2 over l3 ecnaspsulations (english)
L2 over l3 ecnaspsulations (english)L2 over l3 ecnaspsulations (english)
L2 over l3 ecnaspsulations (english)
 
Integration and Interoperation of existing Nexus networks into an ACI Archite...
Integration and Interoperation of existing Nexus networks into an ACI Archite...Integration and Interoperation of existing Nexus networks into an ACI Archite...
Integration and Interoperation of existing Nexus networks into an ACI Archite...
 
Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)
 
42 - IDNOG03 - LT - Akhmad Zaimi - Ansible Ease your config job
42 - IDNOG03  - LT - Akhmad Zaimi - Ansible Ease your config job42 - IDNOG03  - LT - Akhmad Zaimi - Ansible Ease your config job
42 - IDNOG03 - LT - Akhmad Zaimi - Ansible Ease your config job
 

Similar to 20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN

Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_
Jide Akintola JNCIE-M&T/SP #496 CCIE-SP#28552
 
PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...
PROIDEA
 
VXLAN Distributed Service Node
VXLAN Distributed Service NodeVXLAN Distributed Service Node
VXLAN Distributed Service Node
David Lapsley
 
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...
VMworld
 
VXLAN: Enhancements and Network Integration
VXLAN: Enhancements and Network Integration VXLAN: Enhancements and Network Integration
VXLAN: Enhancements and Network Integration
Eddie Parra
 
NSX-MH
NSX-MHNSX-MH
Virtualizing the Network to enable a Software Defined Infrastructure (SDI)
Virtualizing the Network to enable a Software Defined Infrastructure (SDI)Virtualizing the Network to enable a Software Defined Infrastructure (SDI)
Virtualizing the Network to enable a Software Defined Infrastructure (SDI)
Odinot Stanislas
 
MidoNet 101
MidoNet 101MidoNet 101
MidoNet 101
alexbikfalvi
 
VXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced ZoneVXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced Zone
Yoshikazu Nojima
 
VyOS Users Meeting #2, VyOSのVXLANの話
VyOS Users Meeting #2, VyOSのVXLANの話VyOS Users Meeting #2, VyOSのVXLANの話
VyOS Users Meeting #2, VyOSのVXLANの話
upaa
 
Osnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptxOsnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptx
M.Qasim Arham
 
VXLAN in the contemporary data center
VXLAN in the contemporary data centerVXLAN in the contemporary data center
VXLAN in the contemporary data center
Anthony Chow
 
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
Mark Smith
 
Contrail Enabler for agile cloud services
Contrail Enabler for agile cloud servicesContrail Enabler for agile cloud services
Contrail Enabler for agile cloud services
Juniper Networks (日本)
 
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebula Project
 
Atf 3 q15-5 - streamlining and automating virtual network control
Atf 3 q15-5 - streamlining and automating virtual network controlAtf 3 q15-5 - streamlining and automating virtual network control
Atf 3 q15-5 - streamlining and automating virtual network control
Mason Mei
 
Automate programmable fabric in seconds with an open standards based solution
Automate programmable fabric in seconds with an open standards based solutionAutomate programmable fabric in seconds with an open standards based solution
Automate programmable fabric in seconds with an open standards based solution
Tony Antony
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networking
yfauser
 
Technical introduction to MidoNet
Technical introduction to MidoNetTechnical introduction to MidoNet
Technical introduction to MidoNet
MidoNet
 
vPC techonology for full ha from dc core to baremetel server.
vPC techonology for full ha from dc core to baremetel server.vPC techonology for full ha from dc core to baremetel server.
vPC techonology for full ha from dc core to baremetel server.
Ajeet Singh
 

Similar to 20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN (20)

Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_
 
PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...
 
VXLAN Distributed Service Node
VXLAN Distributed Service NodeVXLAN Distributed Service Node
VXLAN Distributed Service Node
 
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...
VMworld 2013: Troubleshooting VXLAN and Network Services in a Virtualized Env...
 
VXLAN: Enhancements and Network Integration
VXLAN: Enhancements and Network Integration VXLAN: Enhancements and Network Integration
VXLAN: Enhancements and Network Integration
 
NSX-MH
NSX-MHNSX-MH
NSX-MH
 
Virtualizing the Network to enable a Software Defined Infrastructure (SDI)
Virtualizing the Network to enable a Software Defined Infrastructure (SDI)Virtualizing the Network to enable a Software Defined Infrastructure (SDI)
Virtualizing the Network to enable a Software Defined Infrastructure (SDI)
 
MidoNet 101
MidoNet 101MidoNet 101
MidoNet 101
 
VXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced ZoneVXLAN Integration with CloudStack Advanced Zone
VXLAN Integration with CloudStack Advanced Zone
 
VyOS Users Meeting #2, VyOSのVXLANの話
VyOS Users Meeting #2, VyOSのVXLANの話VyOS Users Meeting #2, VyOSのVXLANの話
VyOS Users Meeting #2, VyOSのVXLANの話
 
Osnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptxOsnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptx
 
VXLAN in the contemporary data center
VXLAN in the contemporary data centerVXLAN in the contemporary data center
VXLAN in the contemporary data center
 
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
 
Contrail Enabler for agile cloud services
Contrail Enabler for agile cloud servicesContrail Enabler for agile cloud services
Contrail Enabler for agile cloud services
 
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
OpenNebulaConf2018 - Scalable L2 overlay networks with routed VXLAN / BGP EVP...
 
Atf 3 q15-5 - streamlining and automating virtual network control
Atf 3 q15-5 - streamlining and automating virtual network controlAtf 3 q15-5 - streamlining and automating virtual network control
Atf 3 q15-5 - streamlining and automating virtual network control
 
Automate programmable fabric in seconds with an open standards based solution
Automate programmable fabric in seconds with an open standards based solutionAutomate programmable fabric in seconds with an open standards based solution
Automate programmable fabric in seconds with an open standards based solution
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networking
 
Technical introduction to MidoNet
Technical introduction to MidoNetTechnical introduction to MidoNet
Technical introduction to MidoNet
 
vPC techonology for full ha from dc core to baremetel server.
vPC techonology for full ha from dc core to baremetel server.vPC techonology for full ha from dc core to baremetel server.
vPC techonology for full ha from dc core to baremetel server.
 

More from Indonesia Network Operators Group

LT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your network
LT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your networkLT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your network
LT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your network
Indonesia Network Operators Group
 
LT03 IDNOG04 - Dewangga - IPv6 Implementation for End Users
LT03 IDNOG04 - Dewangga - IPv6 Implementation for End UsersLT03 IDNOG04 - Dewangga - IPv6 Implementation for End Users
LT03 IDNOG04 - Dewangga - IPv6 Implementation for End Users
Indonesia Network Operators Group
 
LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to d...
LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to d...LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to d...
LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to d...
Indonesia Network Operators Group
 
10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...
10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...
10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...
Indonesia Network Operators Group
 
09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive!
09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive! 09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive!
09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive!
Indonesia Network Operators Group
 
08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...
08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...
08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...
Indonesia Network Operators Group
 
07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation
07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation
07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation
Indonesia Network Operators Group
 
06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...
06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...
06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...
Indonesia Network Operators Group
 
05 - IDNOG04 - Bambang Gunawan (Juniper) - Segment Routing
05 - IDNOG04 - Bambang Gunawan (Juniper) - Segment Routing05 - IDNOG04 - Bambang Gunawan (Juniper) - Segment Routing
05 - IDNOG04 - Bambang Gunawan (Juniper) - Segment Routing
Indonesia Network Operators Group
 
04 - IDNOG04 - Charles Chiu (Skipio) - The Latest In G Fast
04 - IDNOG04 - Charles Chiu (Skipio) - The Latest In G Fast04 - IDNOG04 - Charles Chiu (Skipio) - The Latest In G Fast
04 - IDNOG04 - Charles Chiu (Skipio) - The Latest In G Fast
Indonesia Network Operators Group
 
03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...
03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...
03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...
Indonesia Network Operators Group
 
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
Indonesia Network Operators Group
 
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
Indonesia Network Operators Group
 
30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future
30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future
30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future
Indonesia Network Operators Group
 
31 - IDNOG03 - Bergas Bimo Branarto (GOJEK) - Scaling Gojek
31 - IDNOG03 - Bergas Bimo Branarto (GOJEK) - Scaling Gojek31 - IDNOG03 - Bergas Bimo Branarto (GOJEK) - Scaling Gojek
31 - IDNOG03 - Bergas Bimo Branarto (GOJEK) - Scaling Gojek
Indonesia Network Operators Group
 
32 - IDNOG03 - Lia Hestina (RIPE) - ATLAS Measurement
32 - IDNOG03  - Lia Hestina (RIPE) - ATLAS Measurement32 - IDNOG03  - Lia Hestina (RIPE) - ATLAS Measurement
32 - IDNOG03 - Lia Hestina (RIPE) - ATLAS Measurement
Indonesia Network Operators Group
 
34 - IDNOG03 - Fakrul Alam (APNIC) - Securing Global Routing System and Oper...
34 - IDNOG03  - Fakrul Alam (APNIC) - Securing Global Routing System and Oper...34 - IDNOG03  - Fakrul Alam (APNIC) - Securing Global Routing System and Oper...
34 - IDNOG03 - Fakrul Alam (APNIC) - Securing Global Routing System and Oper...
Indonesia Network Operators Group
 
41 - IDNOG03 - Ian Chu (Netflix) - Netflix Open Connect Delivery Architecture
41 - IDNOG03  - Ian Chu (Netflix) - Netflix Open Connect Delivery Architecture41 - IDNOG03  - Ian Chu (Netflix) - Netflix Open Connect Delivery Architecture
41 - IDNOG03 - Ian Chu (Netflix) - Netflix Open Connect Delivery Architecture
Indonesia Network Operators Group
 
40 - IDNOG03 - Bob Lau (Akamai) - BGP and Traffic Engineering
40 - IDNOG03  - Bob Lau (Akamai) - BGP and Traffic Engineering40 - IDNOG03  - Bob Lau (Akamai) - BGP and Traffic Engineering
40 - IDNOG03 - Bob Lau (Akamai) - BGP and Traffic Engineering
Indonesia Network Operators Group
 
43 - IDNOG03 - LT - Harijanto Pribadi - iBGP Confideration
43 - IDNOG03  - LT - Harijanto Pribadi - iBGP Confideration43 - IDNOG03  - LT - Harijanto Pribadi - iBGP Confideration
43 - IDNOG03 - LT - Harijanto Pribadi - iBGP Confideration
Indonesia Network Operators Group
 

More from Indonesia Network Operators Group (20)

LT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your network
LT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your networkLT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your network
LT04 IDNOG04 - Affan Basalamah (ITB) - Documenting your network
 
LT03 IDNOG04 - Dewangga - IPv6 Implementation for End Users
LT03 IDNOG04 - Dewangga - IPv6 Implementation for End UsersLT03 IDNOG04 - Dewangga - IPv6 Implementation for End Users
LT03 IDNOG04 - Dewangga - IPv6 Implementation for End Users
 
LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to d...
LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to d...LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to d...
LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to d...
 
10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...
10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...
10 - IDNOG04 - Enrico Hugo (Indonesia Honeynet Project) - The Rise of DGA Mal...
 
09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive!
09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive! 09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive!
09 - IDNOG04 - Low Kok Seng (Sigfox) - Make Mass IOT Come Alive!
 
08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...
08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...
08 - IDNOG04 - Anton Purba (Amandata) - On-Premise, Cloud or Hybrid? DDoS Mit...
 
07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation
07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation
07 - IDNOG04 - Leontinus Alpha Edison (Tokopedia) - Data Driven Innovation
 
06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...
06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...
06 - IDNOG04 - Dion Leung (Coriant) - Emerging Trends & Real Deployments for ...
 
05 - IDNOG04 - Bambang Gunawan (Juniper) - Segment Routing
05 - IDNOG04 - Bambang Gunawan (Juniper) - Segment Routing05 - IDNOG04 - Bambang Gunawan (Juniper) - Segment Routing
05 - IDNOG04 - Bambang Gunawan (Juniper) - Segment Routing
 
04 - IDNOG04 - Charles Chiu (Skipio) - The Latest In G Fast
04 - IDNOG04 - Charles Chiu (Skipio) - The Latest In G Fast04 - IDNOG04 - Charles Chiu (Skipio) - The Latest In G Fast
04 - IDNOG04 - Charles Chiu (Skipio) - The Latest In G Fast
 
03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...
03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...
03 - IDNOG04 - Hideyuki Sasaki (BBIX) - Introducing Internet Culture To The O...
 
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
 
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
14 - IDNOG03 - George Michaelson (APNIC) - IPV6-in-2016-IDNOG
 
30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future
30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future
30 - IDNOG03 - Setiaji (Pemda DKI) - Jakarta Smart City Journey & The Future
 
31 - IDNOG03 - Bergas Bimo Branarto (GOJEK) - Scaling Gojek
31 - IDNOG03 - Bergas Bimo Branarto (GOJEK) - Scaling Gojek31 - IDNOG03 - Bergas Bimo Branarto (GOJEK) - Scaling Gojek
31 - IDNOG03 - Bergas Bimo Branarto (GOJEK) - Scaling Gojek
 
32 - IDNOG03 - Lia Hestina (RIPE) - ATLAS Measurement
32 - IDNOG03  - Lia Hestina (RIPE) - ATLAS Measurement32 - IDNOG03  - Lia Hestina (RIPE) - ATLAS Measurement
32 - IDNOG03 - Lia Hestina (RIPE) - ATLAS Measurement
 
34 - IDNOG03 - Fakrul Alam (APNIC) - Securing Global Routing System and Oper...
34 - IDNOG03  - Fakrul Alam (APNIC) - Securing Global Routing System and Oper...34 - IDNOG03  - Fakrul Alam (APNIC) - Securing Global Routing System and Oper...
34 - IDNOG03 - Fakrul Alam (APNIC) - Securing Global Routing System and Oper...
 
41 - IDNOG03 - Ian Chu (Netflix) - Netflix Open Connect Delivery Architecture
41 - IDNOG03  - Ian Chu (Netflix) - Netflix Open Connect Delivery Architecture41 - IDNOG03  - Ian Chu (Netflix) - Netflix Open Connect Delivery Architecture
41 - IDNOG03 - Ian Chu (Netflix) - Netflix Open Connect Delivery Architecture
 
40 - IDNOG03 - Bob Lau (Akamai) - BGP and Traffic Engineering
40 - IDNOG03  - Bob Lau (Akamai) - BGP and Traffic Engineering40 - IDNOG03  - Bob Lau (Akamai) - BGP and Traffic Engineering
40 - IDNOG03 - Bob Lau (Akamai) - BGP and Traffic Engineering
 
43 - IDNOG03 - LT - Harijanto Pribadi - iBGP Confideration
43 - IDNOG03  - LT - Harijanto Pribadi - iBGP Confideration43 - IDNOG03  - LT - Harijanto Pribadi - iBGP Confideration
43 - IDNOG03 - LT - Harijanto Pribadi - iBGP Confideration
 

Recently uploaded

High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
shamrisumri
 
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptxDraya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
ashishkumarrana9
 
Bai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5 hot nhất
Bai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5  hot nhấtBai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5  hot nhất
Bai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5 hot nhất
Thiên Đường Tình Yêu
 
Dewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show caseDewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show case
DEWANSTUDIO.COM
 
Web development Platform Constraints.pptx
Web development Platform Constraints.pptxWeb development Platform Constraints.pptx
Web development Platform Constraints.pptx
ssuser2f6682
 
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
ffg01100
 
Megalive99 Situs Betting Online Gacor Terpercaya
Megalive99 Situs Betting Online Gacor TerpercayaMegalive99 Situs Betting Online Gacor Terpercaya
Megalive99 Situs Betting Online Gacor Terpercaya
Megalive99
 
Tarun Gaur On Data Breaches and Privacy Fears
Tarun Gaur On Data Breaches and Privacy FearsTarun Gaur On Data Breaches and Privacy Fears
Tarun Gaur On Data Breaches and Privacy Fears
Tarun Gaur
 
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
mahigarg2024#G05
 
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai AvailableChennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
shamrisumri
 
Corporate Minimal Newspaper Headline Style Newsletter.pptx
Corporate Minimal Newspaper Headline Style Newsletter.pptxCorporate Minimal Newspaper Headline Style Newsletter.pptx
Corporate Minimal Newspaper Headline Style Newsletter.pptx
byubyu7
 
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirtsJarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
exgf28
 
Information Systems Auditing, Controls and Assurance , tanapat limsaiprom
Information Systems Auditing, Controls and Assurance , tanapat limsaipromInformation Systems Auditing, Controls and Assurance , tanapat limsaiprom
Information Systems Auditing, Controls and Assurance , tanapat limsaiprom
TanapatLimsaiprom1
 
Build a Professional Resume using Canva , Tanapat Limsaiprom
Build a Professional Resume using Canva , Tanapat LimsaipromBuild a Professional Resume using Canva , Tanapat Limsaiprom
Build a Professional Resume using Canva , Tanapat Limsaiprom
TanapatLimsaiprom1
 
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
elbertablack
 
workbook and project U5 1ºsecundaria.pdf
workbook and project U5 1ºsecundaria.pdfworkbook and project U5 1ºsecundaria.pdf
workbook and project U5 1ºsecundaria.pdf
anya2024forgya
 
Why Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAEWhy Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAE
adelewhite125
 
Top 50 Telephone Conversation Sample Examples For IT Industries.pdf
Top 50 Telephone Conversation Sample Examples For IT Industries.pdfTop 50 Telephone Conversation Sample Examples For IT Industries.pdf
Top 50 Telephone Conversation Sample Examples For IT Industries.pdf
Krishna L
 
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
ffg01100
 
UMN degree offer diploma Transcript
UMN degree offer diploma TranscriptUMN degree offer diploma Transcript
UMN degree offer diploma Transcript
cenocb
 

Recently uploaded (20)

High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
High Profile Girls Call ServiCe Chennai XX00XXX00X Tanisha Best High Class Ch...
 
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptxDraya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
 
Bai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5 hot nhất
Bai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5  hot nhấtBai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5  hot nhất
Bai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5 hot nhất
 
Dewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show caseDewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show case
 
Web development Platform Constraints.pptx
Web development Platform Constraints.pptxWeb development Platform Constraints.pptx
Web development Platform Constraints.pptx
 
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
 
Megalive99 Situs Betting Online Gacor Terpercaya
Megalive99 Situs Betting Online Gacor TerpercayaMegalive99 Situs Betting Online Gacor Terpercaya
Megalive99 Situs Betting Online Gacor Terpercaya
 
Tarun Gaur On Data Breaches and Privacy Fears
Tarun Gaur On Data Breaches and Privacy FearsTarun Gaur On Data Breaches and Privacy Fears
Tarun Gaur On Data Breaches and Privacy Fears
 
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
 
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai AvailableChennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
 
Corporate Minimal Newspaper Headline Style Newsletter.pptx
Corporate Minimal Newspaper Headline Style Newsletter.pptxCorporate Minimal Newspaper Headline Style Newsletter.pptx
Corporate Minimal Newspaper Headline Style Newsletter.pptx
 
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirtsJarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
 
Information Systems Auditing, Controls and Assurance , tanapat limsaiprom
Information Systems Auditing, Controls and Assurance , tanapat limsaipromInformation Systems Auditing, Controls and Assurance , tanapat limsaiprom
Information Systems Auditing, Controls and Assurance , tanapat limsaiprom
 
Build a Professional Resume using Canva , Tanapat Limsaiprom
Build a Professional Resume using Canva , Tanapat LimsaipromBuild a Professional Resume using Canva , Tanapat Limsaiprom
Build a Professional Resume using Canva , Tanapat Limsaiprom
 
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
 
workbook and project U5 1ºsecundaria.pdf
workbook and project U5 1ºsecundaria.pdfworkbook and project U5 1ºsecundaria.pdf
workbook and project U5 1ºsecundaria.pdf
 
Why Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAEWhy Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAE
 
Top 50 Telephone Conversation Sample Examples For IT Industries.pdf
Top 50 Telephone Conversation Sample Examples For IT Industries.pdfTop 50 Telephone Conversation Sample Examples For IT Industries.pdf
Top 50 Telephone Conversation Sample Examples For IT Industries.pdf
 
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
 
UMN degree offer diploma Transcript
UMN degree offer diploma TranscriptUMN degree offer diploma Transcript
UMN degree offer diploma Transcript
 

20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN

  • 2. Needs for an Overlay Networks Logical Network (aka “Overlay” Network) §  NetworkVirtualization (SDN) §  Abstracts the virtualized environment form the physical topology §  Constructs Layer 2 tunnels across the physical infrastructure §  Tunnels provide connectivity between physical and virtual end-points Physical Network (aka “Underlay” Network) §  Transparent to the overlay technology §  Allows the building of L3 infrastructure – No L2 §  Physical provide the bandwidth and scale for the communication §  Removes the scaling constraints of the physical from the virtual Physical Infrastructure Overlay Networks
  • 3. Introducing VXLAN (RFC 7348) Virtual eXtensible LAN (VXLAN RFC 7348) §  IETF framework proposal, co-authored by Arista, Broadcom, Cisco, Citrix Red Hat &VMware Provides Layer 2 “Overlay Networks” on top of a Layer 3 network §  “MAC in IP” Encapsulation §  Layer 2 multi-point tunneling over IP UDP Tunnel End-Points (VTEPs) perform encapsulation/decapsulation §  In Software e.g. Hypervisor vSwitch §  In Hardware e.g. Leaf Switches Enables Layer 2 interconnection across Layer 3 boundaries §  Transparent to the physical IP network §  Provides Layer 2 scale across the Layer 3 IP fabric §  Abstracts theVirtual connectivity from the physical IP infrastructure §  e.g. EnablesVMotion, L2 clusters etc. across standards based IP fabrics VM-1 10.10.10.1/24 VM-2 20.20.20.1/24 VM-3 10.10.10.2/24 VM-4 20.20.20.2/24 ESX host ESX host Subnet A Layer 2 (e.g. forVM mobility, storage access, clustering etc.) Across Layer 3 subnets NAS 20.20.20.324 Load Balancer 10.10.10.3/24 Subnet B
  • 4. VXLAN Terminology Virtual Tunnel End-point (VTEP) §  Performs for VXLAN encapsulation & decapsulation of the native frame §  Adds the the appropriate VXLAN header. §  Can be implemented on software virtual switch or a physical switch. Virtual Tunnel Identifier (VTI) §  An IP interface used as the Source IP address for the encapsulatedVXLAN traffic §  The destination IP address forVXLAN encapsulated traffic Virtual Network Identifier (VNI) §  A 24-bit field added within theVXLAN header. §  Identifies the Layer 2 segment of the encapsulated Ethernet frame VXLAN Header §  The IP/UDP VXLAN header added by theVTEP §  Uses a UDP source port based on a hash of the inner frame to create entropy for ECMP Software VTEP Hardware VTEPs VTEP IP address: x.x.x.x VTI-A VTI-B VTI-C VTEP VTEP IP address: z.z.z.z IP address: y.y.y.y VXLAN + IP/UDP header SRC IPVTI-A; DST IPVTI-C Logical Layer 2 Network VNI n.n
  • 5. VXLAN Encapsulated Frame Format §  Ethernet header uses localVTEP MAC and default router MAC (14 bytes plus 4 optional 802.1Q header) §  TheVXLAN encapsulation source/destination IP addresses are those of local/remoteVTI (20 bytes) §  UDP header, with SRC port hash of the inner Ethernets header, destination port IANA defined (8 bytes) •  Allows for ECMP load-balancing across the network core which isVXLAN unaware. §  24-bitVNI to scale up to 16 million for the Layer 2 domain or “Virtual Wires” (8 bytes) Src. MAC addr. Dest. MAC addr. 802.1Q. Dest. IP Src. IP UDP VNI (24 bits) Payload FCS Src. MAC addr. Dest. MAC addr. Optional 802.1Q. Original Ethernet Payload (including any IP headers etc.) VXLAN (IP-MAC) Encapsulation Ethernet Frame
  • 6. VXLAN Overlay Networks Fixed Configuration, Active-Active Layer 3 design for scale, using well known management tools/protocols Flexible VTEP Edge, Mobile, agile, for flexible provisioning via Cloud Management Platforms (CMP) VXLAN Overlay Architecture configuration/flexibility at the edge, and transparency and fix configuration in the IP fabric VXLANVNI 10 VTEP VTEP VXLANVNI 20 VTEP
  • 7. VLXANVTEP within the Hypervisor vSwitch §  VXLAN encapsulation de-capsulation performed by the vSwitch •  Encapsulation performed prior to packet hitting the “physical interface” •  Physical network is unaware of the encapsulated content -  Sees only IP headers §  External routing via decapsulation on the software switch -  Based onVNI toVLAN mapping 128.218.11.x 128.218.10.x 10.10.1.4 10.10.1.5 10.10.1.6 Locally Switched Traffic is done without encap/decap vSwitch is responsible for encapsulation decapsulation ofVXLAN traffic between hosts Software Router Responsible for external routing Physical Infrastructure Virtual Switch (VTEP) SWVTEP: VNI toVLAN translation Virtual Switch (VTEP)
  • 8. Switch basedVXLAN Gateway Architecture UDP 4729 VTI 1 10.10.1.1 VTEP VNI 200 VNI 2000 VNI 20000 VLAN 100 VLAN 200 VLAN 300 VLAN 400 VLAN 500 Ethernet Ports Port Channels Ethernet Ports Port Channels Ethernet Ports Port Channels Ethernet Ports Port Channels Ethernet Ports Port Channels Local Devices Local Devices Local Devices Local Devices Local Devices Ethernet Ports Port Channels Spine/Leaf Switch
  • 9. Ports Ports Point Multi-Point Tunnel Service UDP 4729 1 2.2.2.3 VTEP VTEP Devices Ports VLAN 100 Devices Ports VLAN 500 VTI 2.2.2..1 Devices Ports VLAN 200 Devices Ports VLAN 300 Devices Ports VLAN 400 VTEP Ports Ports VTI 1 2.2.2.2 Ports Ports Ports UDP 4729 Devices Devices Devices Devices Devices VNI 2000 VNI 200 VNI 2000 VNI 20000 VNI 200 VNI 2000 Ports VNI 2000 UDP 4729 VLAN toVNI mappings are local to switch – inbuilt support forVLAN translation VLAN 100 VLAN 500 VLAN 200 VLAN 300 VLAN 400 VLAN 400 Ports Devices Devices Devices VLAN 500 Ports VLAN 300 Devices Ports VLAN 200 Devices Ports VLAN 100 Ports Devices Switch Switch Switch
  • 11. VXLAN Control Plane Options §  SDN Controller or Controller-less §  TheVXLAN control plane is used for MAC learning and packet flooding •  Mechanism to discover hosts residing behind remoteVTEPs •  How to discoverVTEPs and theirVNI membership •  The mechanism used to forward Broadcast and multicast traffic within the Layer 2 segment (VNI) IP Multicast Control Plane • VTEP join an associated IP multicast group (s) for the VNI(s) • Unknown unicasts forwarded to VTEPs in the VNIs via IP multicast • Support for Third-party VTEP(s) • Flood and learn and requires IP multicast support – limited deployments HeadEnd Replication (HER) • BUM traffic replicated to each remote VTEPs in the VNIs • Replication carried out on the ingress VTEP. • Support for Third-party VTEP(s) • MAC learning still via flood and learn but no requirement for IP multicast HER with Controller • Local learnt MACs and VNI binding published to Controller • Controller dynamically distributes state to remote VTEPs • Support for Third-party VTEP(s) • Dynamic MAC distribution, automated flood-list provisioning • HA Cluster support for resiliency eVPN Model • BGP used to distribute local MAC to IP bindings between VTEPs • Broadcast traffic handled via IP multicast or HER models • Dynamic MAC distribution and VNI learning, configuration can be BGP intensive • Support for Third-party VTEP(s)
  • 12. VXLAN BUM Forwarding and Learning… §  The RFC Model •  RemoteVM MAC ßàVTEP association learnt via IP multicast •  VTEP with a givenVNI joins associated (*,G) group •  Broadcast, Unknown Multicast traffic for aVNI sent to the IP multicast group •  LocalVTEP “learns” MAC to remoteVTEP IP bonding •  Once bonded traffic is unicast via standard Layer 3 protocol VM4@VNI10@VTEP-B VM5@VNI20@VTEP-B VM6@VNI30@VTEP-B VM7@VNI10@VTEP-C VM8@VNI20@VTEP-C VM9@VNI30@VTEP-C Multicast (*,G) tree forVNI 10 Multicast (*,G) tree forVNI 20 Multicast (*,G) tree forVNI 20 VM1 VNI10 VM2 VNI20 VM3 VNI300 VM4 VNI10 VM5 VNI20 VM6 VNI30 VM7 VNI10 VM8 VNI20 VM9 VNI30 VTEP- A VTEP- B VTEP- C Requires an IP Multicast Enabled Physical Network! Note: Arista supports single (*,G) group + HER. All other platforms use HER
  • 13. Unicast toVTEP-4 VTEP  flood  list  on   VTEP-­‐1    VNI  2000  à  VTEP-­‐3    VNI  2000  à  VTEP-­‐4   VTEP  flood  list  on  VTEP-­‐3    VNI  2000  à  VTEP-­‐1    VNI  2000  à  VTEP-­‐4   VTEP  flood  list  on  VTEP-­‐4    VNI  2000  à  VTEP-­‐1    VNI  2000  à  VTEP-­‐3   VTEP creates a unicast frame for eachVTEP in the flood-list of the specificVNI BUM traffic VTEP flood list manually configured on eachVTEP for eachVNI BUM traffic received locally onVTEP VTEP learns inner MAC and maps to the outer SRC IP (remoteVTEP) Separate unicast on the wire for eachVTEP in theVNI 1 2 3 4 VTEP 2 VTEP 3 VTEP 4 VNI 2000 VXLAN Head End Replication VTEP 1 Unicast toVTEP-3 Eliminates the need for an IP Multicast Enabled Physical Network!
  • 14. VLAN  200    Eth  2   -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐   VTEP  Config   Source-­‐IP  1.1.1.2/32   VLAN  500  à  VNI  2000   Overlay Network §  VLAN toVNI mapping of aVTI is only locally significant •  Local 802.1QVLAN Tag is stripped prior toVXLAN encapsulation •  Allows for a singleVLAN tag to be mapped to differentVNIs on different switches •  ProvidingVLAN translation across aVNI and scale beyond the traditional 4k+VNIs VLAN  20    Eth  2,  Eth3   -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐   VTEP  config   VLAN  20  à  VNI  2000   VLAN 20 VLAN 500 VNI 2000 VLANs (1-3K) POD significant) VLANs (1-3K) POD significant) VLANs (1-3K) POD significant) VNIs Mapping 5k-8K VNIs Mapping 9k-12K VNIs Mapping 12k-15K Scaling beyond 4KVLANs Across POD DC wide VNIs VLAN 3k + VLAN Translation betweenVTEPs VTEP VTEP Eth 2 Eth 2 Eth 3
  • 15. SDN Controllers forVXLAN CVX + NSX •  Centralized database of physical infrastructure collected on CVX •  CVX state (MAC, VNIs, HW VTEPs) shared with NSX •  Centralized provisioning and controller via the NSX controller •  Solution for scalable dynamic DCs with HW to SW VTEP automation •  Advantages within an ESXi estate CloudVision eXchange   CVX + Nuage •  Centralized database of physical infrastructure collected on CVX •  CVX state (MAC, VNIs, HW VTEPs) shared with the VSC •  Centralized provisioning and controller via the VSC controller •  Solution for scalable dynamic DCs with HW to SW VTEP automation •  Targeted for a Zen, KVM estate CVX + OpenStack •  Centralized database of physical infrastructure collected on CVX •  ML2 plugin for communication between CVX and OpenStack •  Provisioning of the physical infrastructure from OpenStack •  Solution for small to medium DCs with VTEP automation •  Targeted for a Zen, KVM estate CloudVision eXchange   CloudVision eXchange   OVSDB OVSDB ML2 plugin
  • 16. VXLAN – Layer 2 Services
  • 17. VXLAN Bridging §  Provides layer 2 connectivity (P2P, P2M) over the layer 3 spine/leaf network §  Allowing any-to-any Layer 2 connectivity between DCs, racks, servers, devices,VMs §  Layer 2 connectivity provided byVXLAN encapsulation at the leaf nodes –VXLAN VTEP(s) Subnet/VLAN A Subnet/VLAN B Spine Subnet/VLAN A Subnet/VLAN B VXLAN VNI – Layer 2 VXLAN VNI – Layer 2 Leaf VTEP VTEP VTEP VTEP
  • 18. VXLAN Bridging Operation §  Standard local switching via theVLAN configuration on theVTEP §  Extend the Layer 2 domain by mapping theVLAN ID to theVXLAN VNI §  VLAN toVNI mapping is only locally significant, VLAN tag is not carried in the VXLAN frame §  Host learnt on the remoteVTEP, VXLAN encapsulated by theVTEP and routed to the remoteVTEP VLAN 10 MAC-1 MAC 2 Leaf-1 Serv-1 MAC-1 VLAN 10 à VNI 1010 802.1Q VLAN 10 L3 Backbone VNI 1010 VNI 1010 - VLAN 20 Serv-2 MAC-2 Leaf-2 Inner Eth Frame VNI 1010 2.2.2.2 2.2.2.1 VLAN 20 MAC-1 MAC 2 802.1Q VLAN 20 Layer 2 Domain (eg, 193.10.10.0/24) VTEP 2.2.2.2 Eth-49 Eth-1 VTEP 2.2.2.1 Eth-1 Eth-49
  • 19. Active/ Active Dual- homing Rack- 1 VXLAN Bridging – Resiliency with dual-homing §  For host resiliency single LogicalVTEP can be created across the Active/Active Dual-homing domain §  Providing active-activeVXLAN encap and decap across the two physical switches VTI VTI Eth-1 Eth-1 VTI VTI Eth-1 Eth-1 L3 Backbone VNI 1010 Inner Eth Frame VNI 1010 2.2.2.2 2.2.2.1 Rack- 2 VLAN 10 MAC-1 MAC 2 VLAN 20 MAC-1 MAC 2 VLAN 10 à VNI 1010 VNI 1010 - VLAN 20 Serv-1 MAC-1 Serv-2 MAC-2 Layer 2 Domain VTEP 2.2.2.2 VTEP 2.2.2.1 Eth-49 Eth-49 Eth-49 Eth-49 Leaf-11 Leaf-12 Leaf-21 Leaf-22 Active/ Active Dual- homing
  • 20. S-VLAN to VNI mapping •  Mapping of outer S-Tag to single VNI •  Inner C-Tag are transported within a single VNI •  The inner VLAN ID are carried on VXLAN encap frame •  Ability to transport all customer VLANs across a single VXLAN point to point link Switchport mode dot1q- tunnel VXLAN Bridging -VLAN toVNI Service Mapping VLAN toVNI mapping •  One to One mapping betweenVLAN ID and theVNI •  Mapping is only locally significant, •  VLAN ID not carried onVXLAN encap frame •  AllowsVLAN translation between remoteVTEPs Port + VLAN to VNI mapping •  Mapping traffic to a VNI based on a combination of the ingress port and it VLAN-ID •  The VLAN ID is not carried on VXLAN encap frame •  Provides support for overlapping VLANs within a single VTEP to be mapped to different VNIs Leaf-1 VNI 1020 VNI 1010 VLAN 10 VLAN 20 VLAN 10 - VNI 1010 VLAN 20 à VNI 1020 Leaf-1 VTEP VNI 1030 C-tag 10,20 VLAN 10,20 S-VLAN 30 - VNI 1030 Leaf-1 VTEP VLAN 10 Eth-1 VLAN 10 - VNI 1010 Eth-2 VLAN 10 à VNI 1020 Eth-1 VLAN 10 Eth-2 VNI 1020 VNI 1010 VTEP Eth-1 VLAN 30
  • 21. VXLAN Bridging – STP Behavior §  STP BPDU’s are not transported across theVXLAN tunnel §  Creating Separate STP domains within the local ports of eachVTEP Leaf-1 Serv-1 802.1Q VLAN 10 L3 Backbone VNI 1010 Serv-2 Leaf-2 802.1Q VLAN 10 Layer 2 Domain Spanning Tree Domain 1 STP BPDU Root Bridge leaf 1 Cost 0 VLAN 10 à VNI 1010 VNI 1010 à VLAN 10 STP BPDU Root Bridge leaf 2 Cost 0 Spanning Tree Domain 2 VTEP 2.2.2.2 VTEP 2.2.2.1 Eth-1 Eth-49 Eth-49 Eth-1
  • 22. VXLAN Bridging – Quality of Service §  Standard ingress policy used to define DSCP of outer frame §  Trusted or Untrusted configuration of ingress interface used to derive outer CoS/DSCP value §  Any re-write action applied to only the inner frame NOT the outer frame §  Outer CoS value derived from the Traffic Class map Leaf-1 Eth-1 Eth-49 DSCP Trusted Interface CS1 (8) DSCP to TC mapping : CS1 à TC 0 CS1 (8) Outer CS1 (8) inner Leaf-1 Eth-1 Eth-49 DSCP Untrusted Interface (with Re-write) CS4 (32) DSCP to TC mapping: CS3 à TC 3 TC to DSCP Rewrite : TC 3 à AF21 (18) CS3 (24) Outer AF21 (18) inner Default interface CoS = CS3 (24) VTEP VTEP
  • 23. VXLAN Bridging – Use Case 1 Interconnect Islands within the DC or across geographically disperse sites •  ProvidingVM workload mobility within DC and inter DCs •  Workload migration,VM bursting (eg hybrid cloud), business continuity across DCs DCI to provide Layer 2 connectivity between geographically disperse sites Server migration POD interconnect for connectivity between DC’s PODs Layer 2 Domain Layer 2 Domain VNI VNI 802.1Q VTEP 802.1Q VTEP
  • 24. VXLAN Bridging - Use case 2 VXLAN as a Layer 2 Service within a Leaf Spine •  Interconnect disperse subnets with Layer 3 to 7 services – NFV service chaining •  Providing a logical multi-tiered network regardless of physical location Server Leaf Server Leaf Tenant L3 Node NFV Services Leaf Firewall Load-balancer Firewall VNI 1010 VNI 1020 VNI 1030 Tenantslogical Connectivity VNI Layer 2 VNI Layer 2 VNI Spine VTEP VTEP VTEP VTEP
  • 25. VXLAN – Layer 3 Services
  • 26. VXLAN Routing VXLAN Bridging Model §  Routing achieved via a centralized node §  Requiring a dedicated routing node within the leaf-spine fabric §  Sub-optimal traffic forwarding to traffic tromboning VXLAN Routing model §  Routing achieved at the leaf LayerVTEP nodes §  No additional external routing nodes required §  Optimized routing with the reducing of traffic tromboning §  Not supported by MPLS VLL/VPLS Server Leaf Dedicated L3 Node VNI 1010 VNI 1030 Server Leaf Server Leaf Spine Server Leaf VNI 1010 VNI 1020 Route directly at the leaf Server Leaf Server Leaf Dedicated Router, sub-optimal forwarding Routing at the leaf, providing optimal forwarding VTEP VTEP VTEP VTEP VTEP Spine VTEP VTEP VTEP VTEP
  • 27. What isVXLAN Routing? §  SVI configured on theVLAN which isVXLAN enabled §  SVI can be placed in a non-defaultVRF to support overlapping IPs and multi- tenancy §  NoteVXLAN routing support is required on the platform even when next-hop host(s) are local Serv-1 10.10.10.100 GW 10.10.10.1 SVI VLAN 10 10.10.10.1 802.1Q VLAN 10 SVI VLAN 20 10.10.20.1 Serv-2 10.10.20.100 GW 10.10.20.1 VNI 1020 VXLAN Bridging Routing + VXLAN Encap 802.1Q VLAN 20 VTEP 2.2.2.2 VTEP 2.2.2.1 Leaf-1 Leaf-2
  • 28. VXLAN Routing - Operation 10.10.10.100 10.10.20.100 VLAN 10 MAC-1 MAC -3 VNI 1020 10.10.10.100 10.10.20.100 VLAN 10 MAC-4 MAC-2 VNI 1020 2.2.2.2 2.2.2.1   10.10.10.100 10.10.20.100 VLAN 20 MAC-4 MAC -2 1. SVI 10 Gateway for Serv-1. Routes packet into subnet 10.10.20.0, resulting in a Src MAC of MAC-4 and Dest MAC of MAC-2 10.10.10.100 10.10.20.100 VLAN 20 MAC-4 MAC-2 2. VTEP-1 learns Dest MAC (MAC-2) via remote VTEP=2 (2.2.2.2). VXLAN encaps the frame with a Dest-IP of 2.2.2.2 3. VTEP-2 maps VNI 1020 to VLAN 20. MAC lookup of MAC-2 points to Eth-6. VXLAN header removed and forwarded to Serv-2 4. Packet forward to Serv-2 tagged based on the Local VLAN to VNI mapping Serv-1 10.10.10.100 GW 10.10.10.1 MAC-1 Serv-2 10.10.20.100 GW 10.10.20.1 MAC-2 802.1Q VLAN 20 802.1Q VLAN 10 SVI VLAN 10 10.10.10.1 MAC-3 SVI VLAN 20 10.10.20.1 MAC-4 VNI 1020 VNI 1020 à VLAN 20 VXLAN Bridging VTEP-1 2.2.2.1 VTEP-2 2.2.2.2
  • 29. VXLAN Routing - Forwarding models for Trident2 platform §  Single re-circulation required. •  1st pass of ASIC to route frame •  2nd pass of ASIC forVXLAN encapsulation VXLAN Routing – Route and VXLAN encapsulation Local host to a remote host VLAN 10 à VLAN 20 à VNI 1020 VLAN 10 VXLAN Routing – VXLAN de-encapsulate and route Remote host routed to a local host and switch is the DFG for the remote host VXLAN Routing – VXLAN de-encapsulate, route and VXLAN encapsulate Switch is the DFG for two remote hosts on different subnets §  Two re-circulations required. •  1st pass of ASIC for VXLAN de-capsulation •  2nd pass of ASIC to route of inner frame •  3rd pass of ASIC for VXLAN encapsulation §  Single re-circulation required. •  1st pass of ASIC for VXLAN de- capsulation •  2nd pass of ASIC to route of inner frame VLAN 10 ß VLAN 20ß VNI 1020 VLAN 10 VNI 1010 à VLAN 10 à VLAN 20 à VNI 1020 VNI 1010 VNI 1020 VNI 1020 VNI 1020
  • 30. VXLAN Routing – Forwarding Models Intel Fulcrum Alta platforms •  AllVXLAN routing functionality is achieved in a single pass •  No need for recirculation ports Broadcom Trident2,Tomahawk •  AllVXLAN routing functionality is achieved in mixed single and double passes •  Need for recirculation ports Broadcom Trident2+, ARAD, Jericho platforms •  AllVXLAN routing functionality is achieved in a single pass •  No need for recirculation ports
  • 31. SummaryVXLAN §  Open standard RFC 7348 – multivendor support on software or hardware §  L2 extension over L3 network •  More reliable scalable than L2 only QinQ,TRILL and PBB §  L2 over L3 services using switching TCO vs router MPLS TCO §  VXLANVTEP at host,VM, spine/leaf switches, load balancer – flexibility for users and service providers §  Preference on hardware basedVXLAN - performance §  Use cases •  L2 extension over L3 routing network. MPLS not needed. •  Data Center Interconnect (DCI) for active-active DC •  Multi tender services chaining in hosted DC