written by Asterfuison
With the development of the Internet, the number and scale of data centers have exploded. With the increasing of data center services and the demands of users, the functions of data centers become increasingly complex , while the operation and maintenance management become more and more difficult as well.
Due to the the consideration of data disaster recovery, enterprise branches establishment, and resource utilization, a large enterprise’s information system may be deployed in multiple regions. Then,interconnecting these data center sites to reduce management costs and flexibly expand services has become an important task for enterprises.
Ethernet VPN -Virtual Extensible LAN (EVPN-VXLAN) offers a common protocol for large corporations to manage their campus and data center networks. The EVPN-VXLAN architecture supports Layer 2/ 3 networking with simplicity, scalability, security and agility while effectively reducing OpEx.
Before EVPN appeared, there were VPWS (Virtual Private Wire Service) based on LDP; VPLS (Virtual Private LAN Service) based on LDP; VPLS based on BGP.
The main limitation of VPLS technology is that it requires MPLS network between sites. Its configuration is complex and maintenance workload is large. Especially LDP neighbors must be configured on all existing PEs at the same time when the capacity needs expanded. In addition, the control plane of VPLS is established through flooding, which is inefficient and wastes WAN bandwidth.
Then it comes to EVPN-VXLAN to instead of VPLS EVPN used for interconnection of data centers.
EVPN uses the MP-BGP mechanism. Before understanding fundamentals of EVPN-VXLAN, let’s review what is VPN.EVPN.VXLAN and why BGP-EVPN.
A VPN is to use a public network to set up a private network to enable communication between different sites within the same VPN, which needs a route-bearing protocol. EVPN is a L2VPN technology, EVPN also needs a bearer protocol. EVPN is proposed based on the existing BGP VPLS solution and referring to the architecture of BGP/MPLS L3 VPN. For EVPN, the control layer is MP-BGP, and EVPN can be regarded as an application built on MP-BGP.
The bearer protocol adopted BGP, the main reasons are:
1）The number of VPN routes in the network is very large, and BGP is the only routing protocol that supports a large number of routes;
2）At the same time, BGP is based on TCP and can exchange information between routers that are not directly connected, so that the routers of the core network do not have to contain VPN routing information;
3）BGP can also carry any information attached to the route, as an optional BGP property, any BGP router that does not understand these properties will be transparent forwarding them, which makes it easy to propagate routes between PE routers;
4）The most important thing is that the biggest advantage of BGP is that it has good scalability. If you need to add new attributes, only needs to define new attributes on the basis of the original ones.
VXLAN is an overlay technology that implements network virtualization. It uses the MAC in UDP tunnel encapsulation technology to expand Layer 3 data packets on a Layer 2 network.
VXLAN as an overlay technology is a core element in many software-defined network (SDN) topologies, but the control plane was not defined in the original VXLAN solution (RFC7348) .It performs VTEP discovery and MAC address learning through data plane traffic flooding, which results in many flooded traffic on the data center network.
In order to solve this problem, VXLAN introduces EVPN as the control plane. By exchanging BGP EVPN routes between VTEPs, the automatic discovery of VTEPs and the mutual advertisement of host information are realized, thereby avoiding unnecessary traffic flooding.
Specifically, EVPN routes through RT-3 to complete the automatic discovery of VTEP sites. Each site advertises its own VNI information, so that each VTEP device has the VXLAN information of the entire network and the relationship between VXLAN and the next hop. VTEP devices automatically build VXLAN tunnels with the next jump that has the same VXLAN as themselves，and associate this VXLAN tunnel with these same VXLANs.
In summary, EVPN – VXLAN combined data center network architecture, control plane uses MP-BGP to advertise EVPN routing information, data plane adopts VXLAN encapsulation to forward packets.
As a control plane for VXLAN, the network not only inherits the advantages of MP-BGP and VXLAN, but also addresses the problems faced by VXLAN virtual networks in the data center:
Positioning AsterNOS as an enterprise-level SONiC, AsterNOS has been leading the development in its feature enhancement. In 2018, Asterfusion supported the REST API before the community and subsequently realized the integration with the community mgmt-framework, providing the switch full-featured programmable API as the same management interface as the traditional command line to the automated operation and maintenance tools. AsterNOS has successively enhanced the community SONiC in terms of VXLAN, ARP Host Routing, BGP EVPN, and VLAG.
1.Support for multitenancy
2.Layer 2 and 3 integrated routing and bridging (IRB)
*>Centralized VxLAN Routing with EVPN
*>Distributed VxLAN Routing with EVPN
5.MAC mobility (simplified VM migration)
6.Inter-tenant Route Leaking
Based on the overlay of VXLAN – EVPN control plane, Asterfusion provides a solution for evolving campuses and secure automated data centers,which is an efficient and scalable way to build and connect multiple campuses and data centers.
By implementing powerful BGP/EVPN on Teralynx-based CX-N series cloud switches, Asterfusion provides optimized, seamless, and standard Layer 2/ 3 connectivity within today’s growing campuses and data centers . Asterfusion is taking full advantage of the potential EVPN-VXLAN technology to help enterprise to reduce OpEx.
Asterfusion Networks is the leading provider of open networking infrastructure solutions. We provide an open, disaggregated, and highly programmable network fabric for next generation data centers and campus with white-box switching.