SlideShare ist ein Scribd-Unternehmen logo

Vxlan deep dive session rev0.5 final

Als PPTX, PDF herunterladen
KwonSun Bae
KwonSun Bae

VxLAN Presentation at KrDAG Seminar

Internet
1 von 34
Virtual eXtensible Local Area Network (VXLAN) RFC 7348 - A Framework for Overlaying Virtualized Layer 2 Networks over Layer 3 Networks CCIEx2 Security, Data Center 2014-10-25 KwonSun Bae.
Agenda • What is VXLAN? • Why use VXLAN? • Before the learn VXLAN.  Acronyms and Definitions. • VXLAN Overview.  VXLAN’s History. • VXLAN Deep Dive.  VXLAN Packet Flow  VTEP  VXLAN Frame Format • VXLAN Demo  Cisco VXLAN Configuration  VXLAN on vEOS  Packet Captures • VXLAN Overlay Comparisons (Options)
What is VXLAN?
VXLAN is ... • VXLAN  Virtual eXtensible Local Area Network • VXLAN’s goal is allowing dynamic large scale isolated virtual L2 networks to be created for virtualized and multi-tenant environments. • VXLAN is one protocol of Network overlay. • https://sites.google.com/site/amitsciscozone/home/data-center/vxlan
Why use VXLAN?
Why use VXLAN? • Traditionally, all data centers use VLANs to enforce Layer2 isolation. As data centers grow and needs arise for extending Layer2 networks across data center or may be beyond a data center, the shortcomings of VLANs are evident. These shortcomings are –  In a data center, there are requirements of thousands of VLANs to partition traffic in a multi-tenant environment sharing the same L2/L3 infrastructure for a Cloud Service Provider. The current limit of 4096 VLANs (some are reserved) is not enough.  Due to Server virtualization, each Virtual Machine (VM) requires a unique MAC address and an IP address. So, there are thousands of MAC table entries on upstream switches. This places much larger demand on table capacity of the switches.  VLANs are too restrictive in terms of distance and deployment. VTP can be used to deploy VLANs across the L2 switches but most people prefer to disable VTP due to its destructive nature.  Using STP to provide L2 loop free topology disables most redundant links. Hence, Equal- Cost Multi-Path (ECMP) is hard to achieve. However, ECMP is easy to achieve in IP network.
Why use VXLAN? • Data Center Grows (Server Side) https://www.arista.com/en/products/eos/cloud-scale-architecture/articletabs/0
Why use VXLAN? • Types of Overlay Edge Devices  VXLAN – VTEP Deployment Designs * Cisco Live 365 - LTRDCT-1223 - Implementing VXLAN in DataCenter
Before the learn VXLAN. Acronyms and Definitions
Acronyms and Definitions • PIM  Protocol Independent Multicast • SPB  Shortest Path Bridging • STP  Spanning Tree Protocol • ToR  Top of Rack • TRILL  Transparent Interconnection of Lots of Links • VLAN  Virtual Local Area Network • VM  Virtual Machine • VNI  VXLAN Network Identifier (or VXLAN Segment ID) • VTEP  VXLAN Tunnel End Point. An entity that originates and/or terminates VXLAN tunnels • VXLAN  Virtual eXtensible Local Area Network • VXLAN Segment  VXLAN Layer 2 overlay network over which VMs communicate • VXLAN Gateway  an entity that forwards traffic between VXLANs
VXLAN Overview.
VXLAN Operation. • http://www.definethecloud.net/vxlan-deep-divepart-2/
VXLAN History • https://datatracker.ietf.org/doc/rfc7348/history/
Important Diff from Previous • http://www.ietf.org/rfcdiff?url1=draft-mahalingam-dutt-dcops-vxlan- 02&url2=draft-mahalingam-dutt-dcops-vxlan-03  UDP Protocol NO fixed to 17 for IPv4  VXLAN Frame Format with IPv6 Outer Header added. • http://www.ietf.org/rfcdiff?url1=draft-mahalingam-dutt-dcops-vxlan- 03&url2=draft-mahalingam-dutt-dcops-vxlan-04  A well-known UDP port (4789) has been assigned by IANA for VXLAN. • http://www.ietf.org/rfcdiff?url1=draft-mahalingam-dutt-dcops-vxlan- 07&url2=draft-mahalingam-dutt-dcops-vxlan-08  VTEPs MUST not fragment VXLAN packets.
VXLAN Deep Dive.
VXLAN BUM Traffic over Transport Multicast • VXLAN BUM (Broadcast, Unknown Unicast and Multicast) traffic is transported over the VXLAN segment control multicast group. * Cisco Live 365 - LTRDCT-1223 - Implementing VXLAN in DataCenter
VXLAN VTEP Peer Discovery & Address Learning * Cisco Live 365 - LTRDCT-1223 - Implementing VXLAN in DataCenter
VXLAN Packet Forwarding Flow * Cisco Live 365 - LTRDCT-1223 - Implementing VXLAN in DataCenter
VXLAN Interface (VTEP) *http://www.definethecloud.net/vxlan-deep- dive/
VXLAN Frame Format * BRKDCT-2404 - VXLAN Deployment Models
VXLAN Demo.
Cisco VTEP Configuration Cisco NX-OS N9K Cisco NX-OS N1Kv + So Many Manual Tasks!! http://www.cisco.com/c/en/us/products/collateral/switch es/nexus-7000-series-switches/guide_c07-728863.html
External Network Layer 3 Network VXLAN on vEOS 10.183.100.1/24 VLAN 100 VXLAN VNI 20100 VTEP VTEP VTEP VLAN 101 VLAN 100 10.183.100.130 10.183.100.131 10.183.100.132 vEOS-C# ----------------------------------- vlan 100 interface Ethernet1 mtu 9000 no switchport ip address 1.1.12.2/24 ip pim sparse-mode interface Ethernet2 mtu 9000 no switchport ip address 1.1.13.2/24 ip pim sparse-mode interface Ethernet3 mtu 9000 switchport access vlan 100 interface Loopback0 ip address 1.1.1.3/32 interface Vxlan1 vxlan multicast-group 239.1.1.1 vxlan source-interface Loopback0 vxlan udp-port 4789 vxlan vlan 101 vni 100 All Devices for multicast ----------------------------------- ip pim rp-address 1.1.1.3 ip multicast-routing router ospf 1 router-id 1.1.1.x passive-interface default no passive-interface EthernetX network 0.0.0.0/0 area 0.0.0.0
External Network Layer 3 Network VXLAN on vEOS 10.183.100.1/24 VLAN 100 VXLAN VNI 20100 VTEP VTEP VTEP VLAN 101 VLAN 100 10.183.100.130 10.183.100.131 10.183.100.132 vEOS-A# ----------------------------------- vlan 101 interface Ethernet1 mtu 9000 no switchport ip address 1.1.12.2/24 ip pim sparse-mode interface Ethernet2 - 3 mtu 9000 switchport access vlan 101 interface Loopback0 ip address 1.1.1.1/32 interface Vxlan1 vxlan multicast-group 239.1.1.1 vxlan source-interface Loopback0 vxlan udp-port 4789 vxlan vlan 101 vni 100 vEOS-B# ----------------------------------- vlan 100 interface Ethernet1 mtu 9000 no switchport ip address 1.1.13.2/24 ip pim sparse-mode interface Ethernet2 mtu 9000 switchport access vlan 100 interface Loopback0 ip address 1.1.1.2/32 interface Vxlan1 vxlan multicast-group 239.1.1.1 vxlan source-interface Loopback0 vxlan udp-port 4789 vxlan vlan 100 vni 100
VXLAN on vEOS External Network Layer 3 Network 10.183.100.1/24 VLAN 100 VXLAN VNI 20100 VTEP VTEP VTEP VLAN 101 VLAN 100 10.183.100.130 10.183.100.131 10.183.100.132
Packet Capture - I
Packet Capture - II
Packet Capture - III
VXLAN Overlay Comparisons *Cisco Live 365 - BRKVIR-2014 - Architecting Scalable Clouds using VXLAN and N1kv
VXLAN / STT Stateless Transport Tunneling Protocol Similarities • IP Transport • IP Multicast  For broadcast and multicast frames • Port Channel Load Distribution  5 Tuple Hashing (UDP vs TCP) Differences • IETF Draft Authors  VXLAN: Cisco, VMware, Citrix, Red Hat, Broadcom, Arista  STT: Nicira • Encapsulation  VXLAN: UDP with 50 bytes  STT: “TCP-like” with 72 to 54 bytes (not uniform) * • Segment ID Size  VXLAN: 24 bit  STT: 64 bit • Firewall ACL can act on VXLAN UDP port  Firewalls will likely block STT since it has no TCP state machine handshake • Forwarding Logic  VXLAN: Flooding/Learning  STT: Not specified
VXLAN / NVGRE Network Virtualization using Generic Routing Encapsulation Similarities • IP Transport • IP Multicast  For broadcast and multicast frames • 24 Bit Segment ID Differences • IETF Draft Authors  VXLAN: Cisco, VMware, Citrix, Red Hat, Broadcom, Arista  STT: Microsoft, Intel, Dell, HP, Broadcom, Emulex, Arista • Encapsulation  VXLAN: UDP with 50 bytes  NVGRE: GRE with 42 bytes • Port Channel Load Distribution  VXLAN: UDP 5-tuple hashing  Most (if not all) current switches do not hash on the GRE header • Firewall ACL can act on VXLAN UDP port  Difficult for firewall to act on the GRE Protocol Type field • Forwarding Logic  VXLAN: Flooding/Learning  NVGRE: Not specified
VXLAN / OTV Overlay Transport Virtualization Similarities • Same UDP based encapsulation header  VXLAN does not use the OTV Overlay ID field • IP Multicast  For broadcast and multicast frames (optional for OTV) • 24 Bit Segment ID Differences • Forwarding Logic  VXLAN: Flooding/Learning  OTV: Uses the IS-IS protocol to advertise the MAC address to IP bindings • OTV can locally terminate ARP and doesn’t flood unknown MACs • OTV can use an adjacency server to eliminate the need for IP multicast • OTV is optimized for Data Center Interconnect to extend VLANs between or across data centers • VXLAN is optimized for intra-DC and multi-tenancy
VXLAN / LISP Locator / ID Separation Protocol Similarities • Same UDP based encapsulation header  VXLAN does not control flag bits or Nonce/MapVersion field  24 Bit Segment ID Differences • LISP carries IP packets, while VXLAN carries Ethernet frames • Forwarding Logic  VXLAN: Flooding/Learning  LISP: Uses a mapping system to register/resolve inner IP to outer IP mappings • IP Multicast is only required to carry host IP multicast traffic • LISP is designed to give IP address (Identifier) mobility / multi-homing and IP core route scalability • LISP can provide optimal traffic routing when Identifier IP addresses move to a different location
QnA

Empfohlen

Introduction to vxlan
Introduction to vxlanIntroduction to vxlan
Introduction to vxlanMohammed Umair
 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routingWilfredzeng
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksAPNIC
 
VXLAN
VXLANVXLAN
VXLANSAliyev1
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
 
Mpls L3_vpn
Mpls L3_vpnMpls L3_vpn
Mpls L3_vpnReza Farahani
 
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLANIndonesia Network Operators Group
 
EVPN Introduction
EVPN IntroductionEVPN Introduction
EVPN IntroductionBangladesh Network Operators Group
 

Empfohlen

Introduction to vxlan
Introduction to vxlanIntroduction to vxlan
Introduction to vxlanMohammed Umair
 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routingWilfredzeng
 
VXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksVXLAN BGP EVPN: Technology Building Blocks
VXLAN BGP EVPN: Technology Building BlocksAPNIC
 
VXLAN
VXLANVXLAN
VXLANSAliyev1
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
 
Mpls L3_vpn
Mpls L3_vpnMpls L3_vpn
Mpls L3_vpnReza Farahani
 
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLAN
20 - IDNOG03 - Franki Lim (ARISTA) - Overlay Networking with VXLANIndonesia Network Operators Group
 
EVPN Introduction
EVPN IntroductionEVPN Introduction
EVPN IntroductionBangladesh Network Operators Group
 
Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)KHNOG
 
Demystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode seriesDemystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode seriesCumulus Networks
 
Implementing cisco mpls
Implementing cisco mplsImplementing cisco mpls
Implementing cisco mplsMatiullah Jamil
 
MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)JuHwan Lee
 
Juniper mpls best practice part 2
Juniper mpls best practice part 2Juniper mpls best practice part 2
Juniper mpls best practice part 2Febrian ‎
 
MPLS L3 VPN Deployment
MPLS L3 VPN DeploymentMPLS L3 VPN Deployment
MPLS L3 VPN DeploymentAPNIC
 
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]APNIC
 
VPLS Fundamental
VPLS FundamentalVPLS Fundamental
VPLS FundamentalReza Farahani
 
Operationalizing EVPN in the Data Center: Part 2
Operationalizing EVPN in the Data Center: Part 2Operationalizing EVPN in the Data Center: Part 2
Operationalizing EVPN in the Data Center: Part 2Cumulus Networks
 
VXLAN Practice Guide
VXLAN Practice GuideVXLAN Practice Guide
VXLAN Practice GuidePrasenjit Sarkar
 
Vpc notes
Vpc notesVpc notes
Vpc notesKrunal Shah
 
Bgp tutorial for ISP
Bgp tutorial for ISPBgp tutorial for ISP
Bgp tutorial for ISPWahyu Nasution
 
Inter as vpn option c
Inter as vpn option c Inter as vpn option c
Inter as vpn option c Goerge Micheal Gerges
 
Ethernet VPN (EVPN) EVerything Provider Needs
Ethernet VPN (EVPN) EVerything Provider NeedsEthernet VPN (EVPN) EVerything Provider Needs
Ethernet VPN (EVPN) EVerything Provider NeedsCSUC - Consorci de Serveis Universitaris de Catalunya
 
Access Network Evolution
Access Network Evolution Access Network Evolution
Access Network Evolution Cisco Canada
 
Juniper mpls best practice part 1
Juniper mpls best practice part 1Juniper mpls best practice part 1
Juniper mpls best practice part 1Febrian ‎
 
Bgp
BgpBgp
BgpFebrian ‎
 
VXLAN Design and Deployment.pdf
VXLAN Design and Deployment.pdfVXLAN Design and Deployment.pdf
VXLAN Design and Deployment.pdfNelAlv1
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) KHNOG
 
Inter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentInter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentBangladesh Network Operators Group
 
PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...PROIDEA
 
Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Jide Akintola JNCIE-M&T/SP #496 CCIE-SP#28552
 

Weitere ähnliche Inhalte

Was ist angesagt?

Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)KHNOG
 
Demystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode seriesDemystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode seriesCumulus Networks
 
MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)JuHwan Lee
 
Juniper mpls best practice part 2
Juniper mpls best practice part 2Juniper mpls best practice part 2
Juniper mpls best practice part 2Febrian ‎
 
MPLS L3 VPN Deployment
MPLS L3 VPN DeploymentMPLS L3 VPN Deployment
MPLS L3 VPN DeploymentAPNIC
 
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]APNIC
 
Operationalizing EVPN in the Data Center: Part 2
Operationalizing EVPN in the Data Center: Part 2Operationalizing EVPN in the Data Center: Part 2
Operationalizing EVPN in the Data Center: Part 2Cumulus Networks
 
Access Network Evolution
Access Network Evolution Access Network Evolution
Access Network Evolution Cisco Canada
 
Juniper mpls best practice part 1
Juniper mpls best practice part 1Juniper mpls best practice part 1
Juniper mpls best practice part 1Febrian ‎
 
VXLAN Design and Deployment.pdf
VXLAN Design and Deployment.pdfVXLAN Design and Deployment.pdf
VXLAN Design and Deployment.pdfNelAlv1
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) KHNOG
 

Was ist angesagt? (20)

Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)
 
Demystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode seriesDemystifying EVPN in the data center: Part 1 in 2 episode series
Demystifying EVPN in the data center: Part 1 in 2 episode series
 
Implementing cisco mpls
Implementing cisco mplsImplementing cisco mpls
Implementing cisco mpls
 
MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)MP BGP-EVPN 실전기술-1편(개념잡기)
MP BGP-EVPN 실전기술-1편(개념잡기)
 
Juniper mpls best practice part 2
Juniper mpls best practice part 2Juniper mpls best practice part 2
Juniper mpls best practice part 2
 
MPLS L3 VPN Deployment
MPLS L3 VPN DeploymentMPLS L3 VPN Deployment
MPLS L3 VPN Deployment
 
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
 
VPLS Fundamental
VPLS FundamentalVPLS Fundamental
VPLS Fundamental
 
Operationalizing EVPN in the Data Center: Part 2
Operationalizing EVPN in the Data Center: Part 2Operationalizing EVPN in the Data Center: Part 2
Operationalizing EVPN in the Data Center: Part 2
 
VXLAN Practice Guide
VXLAN Practice GuideVXLAN Practice Guide
VXLAN Practice Guide
 
Vpc notes
Vpc notesVpc notes
Vpc notes
 
Bgp tutorial for ISP
Bgp tutorial for ISPBgp tutorial for ISP
Bgp tutorial for ISP
 
Inter as vpn option c
Inter as vpn option c Inter as vpn option c
Inter as vpn option c
 
Ethernet VPN (EVPN) EVerything Provider Needs
Ethernet VPN (EVPN) EVerything Provider NeedsEthernet VPN (EVPN) EVerything Provider Needs
Ethernet VPN (EVPN) EVerything Provider Needs
 
Access Network Evolution
Access Network Evolution Access Network Evolution
Access Network Evolution
 
Juniper mpls best practice part 1
Juniper mpls best practice part 1Juniper mpls best practice part 1
Juniper mpls best practice part 1
 
Bgp
BgpBgp
Bgp
 
VXLAN Design and Deployment.pdf
VXLAN Design and Deployment.pdfVXLAN Design and Deployment.pdf
VXLAN Design and Deployment.pdf
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD)
 
Inter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentInter-AS MPLS VPN Deployment
Inter-AS MPLS VPN Deployment
 

Ähnlich wie Vxlan deep dive session rev0.5 final

PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...PROIDEA
 
Automate programmable fabric in seconds with an open standards based solution
Automate programmable fabric in seconds with an open standards based solutionAutomate programmable fabric in seconds with an open standards based solution
Automate programmable fabric in seconds with an open standards based solutionTony Antony
 
VXLAN Distributed Service Node
VXLAN Distributed Service NodeVXLAN Distributed Service Node
VXLAN Distributed Service NodeDavid Lapsley
 
Navigating dc architectures tech&sales
Navigating dc architectures tech&salesNavigating dc architectures tech&sales
Navigating dc architectures tech&salesEric Zhaohui Ji
 
Network Virtualization for Cloud Services Infrastructure
Network Virtualization for Cloud Services InfrastructureNetwork Virtualization for Cloud Services Infrastructure
Network Virtualization for Cloud Services InfrastructureShahryar Ali
 
VMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's BackboneVMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's BackboneVMworld
 
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewCISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewAmeen Wayok
 
vPC techonology for full ha from dc core to baremetel server.
vPC techonology for full ha from dc core to baremetel server.vPC techonology for full ha from dc core to baremetel server.
vPC techonology for full ha from dc core to baremetel server.Ajeet Singh
 
PLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDNPLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDNPROIDEA
 
Ccna3 mod9-vtp
Ccna3 mod9-vtpCcna3 mod9-vtp
Ccna3 mod9-vtpjmdoger
 
Osnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptxOsnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptxM.Qasim Arham
 
Operators experience and perspective on SDN with VLANs and L3 Networks
Operators experience and perspective on SDN with VLANs and L3 NetworksOperators experience and perspective on SDN with VLANs and L3 Networks
Operators experience and perspective on SDN with VLANs and L3 NetworksJakub Pavlik
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networkingyfauser
 
VLAN Trunking Protocol
VLAN Trunking ProtocolVLAN Trunking Protocol
VLAN Trunking ProtocolNetwax Lab
 

Ähnlich wie Vxlan deep dive session rev0.5 final (20)

PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...PLNOG15: Is there something less complicated than connecting two LAN networks...
PLNOG15: Is there something less complicated than connecting two LAN networks...
 
Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_Xpress path vxlan_bgp_evpn_appricot2019-v2_
Xpress path vxlan_bgp_evpn_appricot2019-v2_
 
Automate programmable fabric in seconds with an open standards based solution
Automate programmable fabric in seconds with an open standards based solutionAutomate programmable fabric in seconds with an open standards based solution
Automate programmable fabric in seconds with an open standards based solution
 
VXLAN Distributed Service Node
VXLAN Distributed Service NodeVXLAN Distributed Service Node
VXLAN Distributed Service Node
 
Navigating dc architectures tech&sales
Navigating dc architectures tech&salesNavigating dc architectures tech&sales
Navigating dc architectures tech&sales
 
Network Virtualization for Cloud Services Infrastructure
Network Virtualization for Cloud Services InfrastructureNetwork Virtualization for Cloud Services Infrastructure
Network Virtualization for Cloud Services Infrastructure
 
VMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's BackboneVMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's Backbone
 
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewCISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
CISCO Virtual Private LAN Service (VPLS) Technical Deployment Overview
 
vPC techonology for full ha from dc core to baremetel server.
vPC techonology for full ha from dc core to baremetel server.vPC techonology for full ha from dc core to baremetel server.
vPC techonology for full ha from dc core to baremetel server.
 
PLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDNPLNOG 13: Nicolai van der Smagt: SDN
PLNOG 13: Nicolai van der Smagt: SDN
 
Opencontrail network virtualization
Opencontrail network virtualizationOpencontrail network virtualization
Opencontrail network virtualization
 
Network virtualization
Network virtualizationNetwork virtualization
Network virtualization
 
Ccna3 mod9-vtp
Ccna3 mod9-vtpCcna3 mod9-vtp
Ccna3 mod9-vtp
 
Osnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptxOsnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptx
 
ENCOR_Capitulo 1.pptx
ENCOR_Capitulo 1.pptxENCOR_Capitulo 1.pptx
ENCOR_Capitulo 1.pptx
 
Operators experience and perspective on SDN with VLANs and L3 Networks
Operators experience and perspective on SDN with VLANs and L3 NetworksOperators experience and perspective on SDN with VLANs and L3 Networks
Operators experience and perspective on SDN with VLANs and L3 Networks
 
Linux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack NetworkingLinux Tag 2014 OpenStack Networking
Linux Tag 2014 OpenStack Networking
 
NSX-MH
NSX-MHNSX-MH
NSX-MH
 
VLAN Trunking Protocol
VLAN Trunking ProtocolVLAN Trunking Protocol
VLAN Trunking Protocol
 
10 sdn-vir-6up
10 sdn-vir-6up10 sdn-vir-6up
10 sdn-vir-6up
 

Kürzlich hochgeladen

Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirtrahman018755
 
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceReal Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceEscorts Call Girls
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtrahman018755
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...tanu pandey
 
Al Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiAl Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiEscorts Call Girls
 
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft DatingDubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Datingkojalkojal131
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...SUHANI PANDEY
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...Neha Pandey
 
Enjoy Night⚡Call Girls Samalka Delhi >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Samalka Delhi >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Samalka Delhi >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Samalka Delhi >༒8448380779 Escort ServiceDelhi Call girls
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...Escorts Call Girls
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445ruhi
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...SUHANI PANDEY
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLimonikaupta
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Call Girls in Nagpur High Profile
 

Kürzlich hochgeladen (20)

Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceReal Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
 
Al Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiAl Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls Dubai
 
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft DatingDubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
 
Enjoy Night⚡Call Girls Samalka Delhi >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Samalka Delhi >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Samalka Delhi >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Samalka Delhi >༒8448380779 Escort Service
 
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 

Vxlan deep dive session rev0.5 final

  • 1. Virtual eXtensible Local Area Network (VXLAN) RFC 7348 - A Framework for Overlaying Virtualized Layer 2 Networks over Layer 3 Networks CCIEx2 Security, Data Center 2014-10-25 KwonSun Bae.
  • 2. Agenda • What is VXLAN? • Why use VXLAN? • Before the learn VXLAN.  Acronyms and Definitions. • VXLAN Overview.  VXLAN’s History. • VXLAN Deep Dive.  VXLAN Packet Flow  VTEP  VXLAN Frame Format • VXLAN Demo  Cisco VXLAN Configuration  VXLAN on vEOS  Packet Captures • VXLAN Overlay Comparisons (Options)
  • 4. VXLAN is ... • VXLAN  Virtual eXtensible Local Area Network • VXLAN’s goal is allowing dynamic large scale isolated virtual L2 networks to be created for virtualized and multi-tenant environments. • VXLAN is one protocol of Network overlay. • https://sites.google.com/site/amitsciscozone/home/data-center/vxlan
  • 6. Why use VXLAN? • Traditionally, all data centers use VLANs to enforce Layer2 isolation. As data centers grow and needs arise for extending Layer2 networks across data center or may be beyond a data center, the shortcomings of VLANs are evident. These shortcomings are –  In a data center, there are requirements of thousands of VLANs to partition traffic in a multi-tenant environment sharing the same L2/L3 infrastructure for a Cloud Service Provider. The current limit of 4096 VLANs (some are reserved) is not enough.  Due to Server virtualization, each Virtual Machine (VM) requires a unique MAC address and an IP address. So, there are thousands of MAC table entries on upstream switches. This places much larger demand on table capacity of the switches.  VLANs are too restrictive in terms of distance and deployment. VTP can be used to deploy VLANs across the L2 switches but most people prefer to disable VTP due to its destructive nature.  Using STP to provide L2 loop free topology disables most redundant links. Hence, Equal- Cost Multi-Path (ECMP) is hard to achieve. However, ECMP is easy to achieve in IP network.
  • 7. Why use VXLAN? • Data Center Grows (Server Side) https://www.arista.com/en/products/eos/cloud-scale-architecture/articletabs/0
  • 8. Why use VXLAN? • Types of Overlay Edge Devices  VXLAN – VTEP Deployment Designs * Cisco Live 365 - LTRDCT-1223 - Implementing VXLAN in DataCenter
  • 9. Before the learn VXLAN. Acronyms and Definitions
  • 10. Acronyms and Definitions • PIM  Protocol Independent Multicast • SPB  Shortest Path Bridging • STP  Spanning Tree Protocol • ToR  Top of Rack • TRILL  Transparent Interconnection of Lots of Links • VLAN  Virtual Local Area Network • VM  Virtual Machine • VNI  VXLAN Network Identifier (or VXLAN Segment ID) • VTEP  VXLAN Tunnel End Point. An entity that originates and/or terminates VXLAN tunnels • VXLAN  Virtual eXtensible Local Area Network • VXLAN Segment  VXLAN Layer 2 overlay network over which VMs communicate • VXLAN Gateway  an entity that forwards traffic between VXLANs
  • 12. VXLAN Operation. • http://www.definethecloud.net/vxlan-deep-divepart-2/
  • 13. VXLAN History • https://datatracker.ietf.org/doc/rfc7348/history/
  • 14. Important Diff from Previous • http://www.ietf.org/rfcdiff?url1=draft-mahalingam-dutt-dcops-vxlan- 02&url2=draft-mahalingam-dutt-dcops-vxlan-03  UDP Protocol NO fixed to 17 for IPv4  VXLAN Frame Format with IPv6 Outer Header added. • http://www.ietf.org/rfcdiff?url1=draft-mahalingam-dutt-dcops-vxlan- 03&url2=draft-mahalingam-dutt-dcops-vxlan-04  A well-known UDP port (4789) has been assigned by IANA for VXLAN. • http://www.ietf.org/rfcdiff?url1=draft-mahalingam-dutt-dcops-vxlan- 07&url2=draft-mahalingam-dutt-dcops-vxlan-08  VTEPs MUST not fragment VXLAN packets.
  • 16. VXLAN BUM Traffic over Transport Multicast • VXLAN BUM (Broadcast, Unknown Unicast and Multicast) traffic is transported over the VXLAN segment control multicast group. * Cisco Live 365 - LTRDCT-1223 - Implementing VXLAN in DataCenter
  • 17. VXLAN VTEP Peer Discovery & Address Learning * Cisco Live 365 - LTRDCT-1223 - Implementing VXLAN in DataCenter
  • 18. VXLAN Packet Forwarding Flow * Cisco Live 365 - LTRDCT-1223 - Implementing VXLAN in DataCenter
  • 19. VXLAN Interface (VTEP) *http://www.definethecloud.net/vxlan-deep- dive/
  • 20. VXLAN Frame Format * BRKDCT-2404 - VXLAN Deployment Models
  • 22. Cisco VTEP Configuration Cisco NX-OS N9K Cisco NX-OS N1Kv + So Many Manual Tasks!! http://www.cisco.com/c/en/us/products/collateral/switch es/nexus-7000-series-switches/guide_c07-728863.html
  • 23. External Network Layer 3 Network VXLAN on vEOS 10.183.100.1/24 VLAN 100 VXLAN VNI 20100 VTEP VTEP VTEP VLAN 101 VLAN 100 10.183.100.130 10.183.100.131 10.183.100.132 vEOS-C# ----------------------------------- vlan 100 interface Ethernet1 mtu 9000 no switchport ip address 1.1.12.2/24 ip pim sparse-mode interface Ethernet2 mtu 9000 no switchport ip address 1.1.13.2/24 ip pim sparse-mode interface Ethernet3 mtu 9000 switchport access vlan 100 interface Loopback0 ip address 1.1.1.3/32 interface Vxlan1 vxlan multicast-group 239.1.1.1 vxlan source-interface Loopback0 vxlan udp-port 4789 vxlan vlan 101 vni 100 All Devices for multicast ----------------------------------- ip pim rp-address 1.1.1.3 ip multicast-routing router ospf 1 router-id 1.1.1.x passive-interface default no passive-interface EthernetX network 0.0.0.0/0 area 0.0.0.0
  • 24. External Network Layer 3 Network VXLAN on vEOS 10.183.100.1/24 VLAN 100 VXLAN VNI 20100 VTEP VTEP VTEP VLAN 101 VLAN 100 10.183.100.130 10.183.100.131 10.183.100.132 vEOS-A# ----------------------------------- vlan 101 interface Ethernet1 mtu 9000 no switchport ip address 1.1.12.2/24 ip pim sparse-mode interface Ethernet2 - 3 mtu 9000 switchport access vlan 101 interface Loopback0 ip address 1.1.1.1/32 interface Vxlan1 vxlan multicast-group 239.1.1.1 vxlan source-interface Loopback0 vxlan udp-port 4789 vxlan vlan 101 vni 100 vEOS-B# ----------------------------------- vlan 100 interface Ethernet1 mtu 9000 no switchport ip address 1.1.13.2/24 ip pim sparse-mode interface Ethernet2 mtu 9000 switchport access vlan 100 interface Loopback0 ip address 1.1.1.2/32 interface Vxlan1 vxlan multicast-group 239.1.1.1 vxlan source-interface Loopback0 vxlan udp-port 4789 vxlan vlan 100 vni 100
  • 25. VXLAN on vEOS External Network Layer 3 Network 10.183.100.1/24 VLAN 100 VXLAN VNI 20100 VTEP VTEP VTEP VLAN 101 VLAN 100 10.183.100.130 10.183.100.131 10.183.100.132
  • 29. VXLAN Overlay Comparisons *Cisco Live 365 - BRKVIR-2014 - Architecting Scalable Clouds using VXLAN and N1kv
  • 30. VXLAN / STT Stateless Transport Tunneling Protocol Similarities • IP Transport • IP Multicast  For broadcast and multicast frames • Port Channel Load Distribution  5 Tuple Hashing (UDP vs TCP) Differences • IETF Draft Authors  VXLAN: Cisco, VMware, Citrix, Red Hat, Broadcom, Arista  STT: Nicira • Encapsulation  VXLAN: UDP with 50 bytes  STT: “TCP-like” with 72 to 54 bytes (not uniform) * • Segment ID Size  VXLAN: 24 bit  STT: 64 bit • Firewall ACL can act on VXLAN UDP port  Firewalls will likely block STT since it has no TCP state machine handshake • Forwarding Logic  VXLAN: Flooding/Learning  STT: Not specified
  • 31. VXLAN / NVGRE Network Virtualization using Generic Routing Encapsulation Similarities • IP Transport • IP Multicast  For broadcast and multicast frames • 24 Bit Segment ID Differences • IETF Draft Authors  VXLAN: Cisco, VMware, Citrix, Red Hat, Broadcom, Arista  STT: Microsoft, Intel, Dell, HP, Broadcom, Emulex, Arista • Encapsulation  VXLAN: UDP with 50 bytes  NVGRE: GRE with 42 bytes • Port Channel Load Distribution  VXLAN: UDP 5-tuple hashing  Most (if not all) current switches do not hash on the GRE header • Firewall ACL can act on VXLAN UDP port  Difficult for firewall to act on the GRE Protocol Type field • Forwarding Logic  VXLAN: Flooding/Learning  NVGRE: Not specified
  • 32. VXLAN / OTV Overlay Transport Virtualization Similarities • Same UDP based encapsulation header  VXLAN does not use the OTV Overlay ID field • IP Multicast  For broadcast and multicast frames (optional for OTV) • 24 Bit Segment ID Differences • Forwarding Logic  VXLAN: Flooding/Learning  OTV: Uses the IS-IS protocol to advertise the MAC address to IP bindings • OTV can locally terminate ARP and doesn’t flood unknown MACs • OTV can use an adjacency server to eliminate the need for IP multicast • OTV is optimized for Data Center Interconnect to extend VLANs between or across data centers • VXLAN is optimized for intra-DC and multi-tenancy
  • 33. VXLAN / LISP Locator / ID Separation Protocol Similarities • Same UDP based encapsulation header  VXLAN does not control flag bits or Nonce/MapVersion field  24 Bit Segment ID Differences • LISP carries IP packets, while VXLAN carries Ethernet frames • Forwarding Logic  VXLAN: Flooding/Learning  LISP: Uses a mapping system to register/resolve inner IP to outer IP mappings • IP Multicast is only required to carry host IP multicast traffic • LISP is designed to give IP address (Identifier) mobility / multi-homing and IP core route scalability • LISP can provide optimal traffic routing when Identifier IP addresses move to a different location
  • 34. QnA