Download DAY ONE: USING ETHERNET VPNS FOR DATA CENTER INTERCONNECT PDF

TitleDAY ONE: USING ETHERNET VPNS FOR DATA CENTER INTERCONNECT
File Size2.9 MB
Total Pages86
Table of Contents
                            Front Cover
Back Cover
Title Page & Table of Contents
Copyright & About the Author
Frontmatter
	Audience
	What You Need to Know Before Reading This Book
	What You Will Learn by Reading This Book
	Terminology
Get the Complete Configurations
Juniper Networks Proof of Concept (POC) Labs
Chapter 1: About Ethernet VPNs (EVPN)
	EVPN for DCI
	Other Applications - EVPN with NVO
	Get Ready to Implement EVPN
Chapter 2: Configuring EVPN
	The Test Network
	Configuration
Chapter 3: Verification
	Access
	Multi-homing
	Inclusive Multicast
	Layer 2 Operations
	Layer 3 Operations
	MP-BGP EVPN Route Summary
Chapter 4: High Availability Tests
	Access Link
	Node
	High Availability Test Summary
Conclusion
Get the Config Files Here
                        
Document Text Contents
Page 1

Juniper Proof of Concept Labs (POC)

EVPN is a new standards-based technology

that addresses the networking challenges

presented by interconnected data centers.

Follow the POC Labs topology for testing

EVPN starting with all the configurations,

moving on to verification procedures, and

concluding with high availability testing.

It’s all here for you to learn and duplicate.

By Victor Ganjian

DAY ONE: USING ETHERNET VPNS FOR
DATA CENTER INTERCONNECT

Page 2

Juniper Networks Books are singularly focused on network productivity and efficiency. Peruse the
complete library at www.juniper.net/books.

Published by Juniper Networks Books

DAY ONE: USING ETHERNET VPNS FOR
DATA CENTER INTERCONNECT

Today’s virtualized data centers are typically deployed at geographically diverse sites in
order to optimize the performance of application delivery to end users, and to maintain
high availability of applications in the event of site disruption. Realizing these benefits
requires the extension of Layer 2 connectivity across data centers, also known as Data
Center Interconnect (DCI), so that virtual machines (VMs) can be dynamically migrat-
ed between the different sites. To support DCI, the underlying network is also relied
upon to ensure that traffic flows to and from the VMs are forwarded along the most
direct path, before, as well as after migration; that bandwidth on all available links is
efficiently utilized; and, that the network recovers quickly to minimize downtime in the
event of a link or node failure.

EVPN is a new technology that has attributes specifically designed to address the net-
working requirements of interconnected data centers. And Day One: Using Ethernet
VPNs for Data Center Interconnect is a proof of concept straight from Juniper’s Proof of
Concept Labs (POC Labs). It supplies a sample topology, all the configurations, and the
validation testing, as well as some high availability tests.

ISBN 978-1941441046

9 781941 441046

5 1 6 0 0

“EVPN was recently published as a standard by IETF as RFC 7432, and a few days later it

has its own Day One book! Victor Ganjian has written a useful book for anyone planning,

deploying, or scaling out their data center business.”

John E. Drake, Distinguished Engineer, Juniper Networks, Co-Author of RFC 7432: EVPN

“Ethernet VPN (EVPN) delivers a wide range of benefits that directly impact the bottom

line of service providers and enterprises alike. However, adopting a new protocol is always

a challenging task. This Day One book eases the adoption of EVPN technology by showing

how EVPN’s advanced concepts work and then supplying validated configurations that can

be downloaded to create a working network. This is a must read for all engineers looking

to learn and deploy EVPN technologies.”

Sachin Natu, Director, Product Management, Juniper Networks

Page 43

Chapter 3: Verification 43

Flags: Is-Primary, Trunk-Mode

The multi-homed status of the corresponding interfaces on PE12, the
non-DF, are Blocking BUM Traffic to ESI:

[email protected]> show interfaces ae0.100 detail | find EVPN
EVPN multi-homed status: Blocking BUM Traffic to ESI, EVPN multi-homed ESI Split
Horizon Label: 299888
Flags: Is-Primary

[email protected]> show interfaces ae0.200 detail | find EVPN
EVPN multi-homed status: Blocking BUM Traffic to ESI, EVPN multi-homed ESI Split
Horizon Label: 299888
Flags: Is-Primary, Trunk-Mode

Auto-Discovery per ESI and per EVI

In a multi-homed configuration, each PE router advertises two types of
Auto-Discovery routes to all other PEs via MP-BGP. These advertise-
ments are referred to as Auto-Discovery per ESI and Auto-Discovery
per EVI.

Auto-Discovery per ESI

The Auto-Discovery per ESI route is used for fast convergence and for
preventing the looping of BUM traffic. It is a mandatory route that is
advertised by both multi-homed PEs connected to the ES. The adver-
tised route includes the following data:

� A list of Route Targets corresponding to the EVPN instances
associated with the ESI

� The ESI value

� ESI Label Extended Community – contains an MPLS Split
Horizon label and the multi-homing mode, single-active or
all-active

When a remote PE router that is configured with matching route
targets, or EVPN instances, receives this advertisement, it has a view of
the multi-homing connectivity of the advertising PEs. One benefit here
is for fast convergence, also known as MAC Mass Withdraw. In the
event a multi-homed PE loses its local link towards the CE, it with-
draws this route. This signals to the remote PEs to either invalidate or
adjust the next hop of all MAC addresses that correspond to the
advertising PE’s failed Ethernet Segment. This is more efficient than
requiring the PE to withdraw each individual MAC address in which
case the convergence time would be dependent on the scale, or total
number, of MAC addresses.

Page 44

44 Day One: Using Ethernet VPNs for Data Center Interconnect

The MPLS Split Horizon label, also called the ESI MPLS label, is used
to prevent looping of multi-destination traffic amongst multi-homed
PE peers, also known as Split Horizon Filtering. In an all-active
multi-homing topology, when a non-DF PE forwards a BUM packet to
its peer DF PE, it first pushes this received label onto the packet. Then
it pushes the Inclusive Multicast label (see the Inclusive Multicast
section below) followed by the transport label to reach the loopback of
the destination peer PE.

Figure 3.1 MPLS Encapsulation of BUM Traffic by non-DF PE

When the DF PE receives and inspects the MPLS labels in the packet, it
recognizes the Split Horizon label it previously advertised and does not
forward the packet back to the CE.

Auto-Discovery per EVI

The Auto-Discovery per EVI route is an optional route that is adver-
tised by the multi-homed PEs. In an all-active multi-homed scenario
this route is used to implement the EVPN aliasing, or load balancing,
feature that has been mentioned previously. For example, one of the
multi-homed PEs could be advertising all, or a majority of the MAC
addresses learned from the CE, to the remote PEs. The remote PEs in
turn would only send traffic to the advertising PE. Aliasing allows the
other multi-homed peer PE, which may not have learned/advertised
any MAC addresses, to also receive traffic from remote PEs destined to
the common ES.

In single-active multi-homed mode this route is used to implement a
similar Backup-path feature. In this case, a remote PE sends traffic to
the multi-homed PE that is the DF and installs a backup forwarding
entry pointing to the non-DF PE.

The Auto-Discovery per EVI route includes the following key param-
eters:

� The Route Target corresponding to the EVI

Page 85

Chapter 4: High Availability Tests 85

interface is initialized the forwarding state in the VRF is popu-
lated and traffic is forwarded.

� Routed traffic flows from Data Center 2 to Data Center 1
recovered in 354 ms. Once the access interface on PE11 comes up
the PEs in Data Center 2 receive EVPN updates from PE11 and
update the entries in their IP VPN VRFs to utilize the new next
hop.

� Layer 2 traffic flows are minimally impacted, 2 ms outbound to
Data Center 2 and 55 ms inbound from Data Center 2.

� All other traffic flows are not affected.

High Availability Test Summary

The following tables summarizes the worst-case packet loss for each
high availability test. The results are categorized by traffic type, Layer
2 versus Layer 3, by traffic direction, inbound versus outbound, and by
site, data centers and the remote site.

Table 4.1 Summary of High Availability Test Results

Test Case

DC1
Outbound
L2 Flows
to DC2

DC1
Inbound
L2 Flows
from DC2

DC1
Outbound
L3 Flows
to DC2

DC1
Inbound
L3 Flows
from DC2

DC1
Outbound
L3 Flows to
Remote Site

DC1
Inbound L3
Flows from
Remote Site

Access Link
Failure

109 ms 345 ms 116 ms 1.17 sec 109 ms 2.19 sec

Access Link
Recovery

0 0 1 ms 144 ms 0 0

Node
Failure

155 ms 80 ms 155 ms 1.88 sec 155 ms 876 ms

Node
Recovery

2 ms 55 ms 509 ms 354 ms 18 ms 0

Page 86

86 Day One: Using Ethernet VPNs for Data Center Interconnect

Conclusion

The Proof of Concept testing of EVPN in Juniper’s POC Labs
demonstrates its applicability for use as a DCI technology. The control
plane-based learning of MAC addresses enables many significant
features such as all-active multi-homing for increased resilience and
traffic load balancing, as well as MAC mobility. The seamless
integration of routing capabilities provides efficient forwarding of
inbound and outbound traffic flows on the most optimal path, even
when a host is migrated from one data center to another. Finally, the
high availability testing shows that the solution is resilient and recovers
quickly upon a link and node failure and restoration events.

REMEMBER The configuration files for all devices used in this POC Lab Day One
book can be found on this book’s landing page at http://www.juniper.
net/dayone. The author has also set up a Dropbox download for those
readers not logging onto the Day One website, at: https://dl.dropbox-
usercontent.com/u/18071548/evpn-configs.zip. Note that this URL is
not under control of the author and may change over the print life of
this book.

http://www.juniper.net/dayone
http://www.juniper.net/dayone
https://dl.dropboxusercontent.com/u/18071548/evpn-configs.zip
https://dl.dropboxusercontent.com/u/18071548/evpn-configs.zip

Similer Documents