cisco connect dubrovnik · cisco connect dubrovnik 27.-29.3.2019. global vision. local knowledge....
TRANSCRIPT
Cisco Connect Dubrovnik27.-29.3.2019.
Global vision.Local knowledge.
Dejan JaksicSytstems Engineer Service Providers28-3-2019
EVPN in Service Provider network
Agenda
• Planet EVPN motivation
• EVPN Basics
• Network Fabric Architecture
• EVPN-VPNv4 interconnect
• EVPN and VPLS seamless integration
• EVPN positioning in SP network
• Conclusion
Create New Revenue Streams• Network as a service through fabric
designs• E-LAN, E-LINE, E-TREE, L3, IRB
Services
Protect Investments• Unified Networks on single overlay• Simplify protocols and operations• Industry adoption and standardization
Deploy with Ease• Seamless Brownfield Integration• Same principles and operational
experience as IP VPNs
Increase Availability• Workload Mobility• Optimal forwarding• All-Active Redundancy with Fast
Convergence
Fast, Resilient, Flexible Unified Services
EVPN: Value Proposition
EVPN
EVPN Unified Services Attributes
Per-Flow Redundancy
and load-balancing
Fast Convergence
Optimal East-West traffic
delivery
Seamless Deployment
Workload Mobility
All-Active Multi-Homing
Access Services
EVPN
EVPN external Hub: https://e-vpn.io/
1973 1982 1983 1998 2006 2007 2008 2011 2015
Ethernet Begins
Ethernet II
IEEE802.3
IEEE802.1Q
EthernetOver MPLS
IETFVPLS
IEEE802.1ah(PBB)
IETFTRILL
IETFEVPN
Evolution of Ethernet
Stolen Data Center requirements J
• EVPN with a choice of data plane encapsulation (MPLS/SR, VxLAN, SRv6) is the designed technology to address these requirements.
§ Flexible service/workload placement
§ Multi-tenancy with L2 and L3 VPN
§ Optimal Forwarding, Workload mobility
§ Fast Convergence
§ Efficient bandwidth utilization
EVPN family introduces next generation solutions for Ethernet services• BGP control-plane for Ethernet Segment
and MAC distribution learning over MPLS and VXLAN data-plane
• Same principles and operational experience as in IP VPNs
No use of Pseudowires
Multi-vendor solutions
Cisco leader in industry standardization efforts (RFCs/Drafts)
What is EVPN?
EVPN-VPWS
P2P Multipoint
EVPN
EVPN RFC 7432
RFC 8214
RFC 7432
draft-ietf-bess-evpn-inter-subnet-forwarding
EVPN-IRB
ConceptsEthernet Segment
• Represents a ‘site’ connected to one or more PEs
• Uniquely identified by a 10-byte global Ethernet Segment Identifier (ESI)
• Could be a single device or an entire networkSingle-Homed Device (SHD)Multi-Homed Device (MHD)Single-Homed Network (SHN)Multi-Homed Network (MHN)
BGP Routes
• New SAFI [70]
• Routes serve control plane purposes, including:MAC address reachabilityMAC mass withdrawalSplit-Horizon label adv.AliasingMulticast endpoint discoveryRedundancy group discoveryDesignated forwarder electionIP address reachabilityL2/L3 Integration
EVPN Instance (EVI)
• EVI identifies a VPN in the network
• Encompass one or more bridge-domains, depending on service interface typePort-basedVLAN-based (shown above)VLAN-bundling
BGP Route Attributes
• New BGP extended communities defined
• Expand information carried in BGP routes, including:MAC address movesRedundancy modeMAC / IP bindings of a GWSplit-horizon label encodingData plane Encapsulation
PE
BD
BD
EVIEVI PE1
PE2
CE1
CE2
SHD
MHD
ESI1
ESI2
Route Types
[1] Ethernet Auto-Discovery (AD) Route
[2] MAC/IP Advertisement Route
[3] Inclusive Multicast Route
[4] Ethernet Segment Route
[5] IP Prefix Advertisement Route
Extended Communities
ESI MPLS Label
ES-Import
MAC Mobility
Default Gateway
Encapsulation
LDP
RSVP
IGP
BGP-LU
LDP
Intra-Domain CP
FRR or TE
Inter-Domain CP
L2/L3VPN Services
IGP with SR
BGP
IGP with SR
BGP-LU
Unified MPLS EPN 5.0Compass
Metro Fabric
Programmability
Provisioning NETCONFYANG
NETCONFYANG
Service Provider Network - Simplification Journey
BGP LDP BGP
https://xrdocs.io/design/
Bag of existing Protocols
NETCONF/YANGSSH
Next Gen. Protocols
SRv6 SR (MPLS)PCEPISISBGP (TE, LS)IP OAMEthernet OAMEVPN
Reducing operations complexity§ Simpler automation§ Simpler to repair§ Simpler integration§ Foundation for service Orchestration
Ethernet802.1Q, 802.1adIPv4PPPoEIPv6MPLSL2TPPWE3ISISOSPFRSVP-TELACPMC-LACP
MP-BGPLDPLDP-TEIP OAMMPLS OAMEthernet OAMSTPG.8032RADIUSSNMPSyslogNetflowSSH CLI/XMLHSRP/VRRP
Key enabler for
Drastic Network Protocols Reduction
Why was EVPN needed?Solving VPLS challenges for per-flow Redundancy
• Existing VPLS solutions do not offer an All-Active per-flow redundancy – VPLS technology lacks the capability of preventing L2 loops
• Looping of Traffic Flooded from PE (BUM)
• Duplicate Frames from Floods from the Core
• MAC Flip-Flopping over Pseudowire• E.g. Port-Channel Load-Balancing does not
produce a consistent hash-value for a frame with the same source MAC (e.g. non MAC based Hash-Schemes)
CE1
Echo !
M1 M2
PE1
PE2
PE3
PE4
CE2
CE1
M1 M2
PE1
PE2
PE3
PE4
CE2
Duplicate !
CE1
M1 M2
PE1
PE2
PE3
PE4
CE2MAC
Flip-Flop
• Network Operators have emerging needs in their network:• Data center interconnect operation (DCI)• Cloud and Services virtualization (DC)• Remove protocols and Network Simplification (ICCP, HSRP/VRRP) • Integration of Layer 2 and Layer 3 VPN Services
• What about PBB-EVPN?• ASR9k only and slowing down investments
Why was EVPN needed in 2016+?
EVPN is all about BGP Control Plane and Services!!!
A1 WAN/CoreAccess
PE1
PE2 DCI2
DCI1
Spin
eSp
ine
Leaf
Leaf
Leaf
VM
VM
VM
IP, IGP, MPLS (LDP), RSVP-TE, BGP-LU
L2/L3VPN (BGP,T-LDP) - VPLS, EoMPLS
IP, MPLS, L2
VPLS, OTV
L2, STP, VLAN
Trill, Fabric-Path
Service Provider NetworkData Center Network
IP, MPLS IP,MPLS,VXLAN IP,MPLS,VXLAN
Common BGP Control PlaneL3VPN – VPNv4/6, L2/3VPN – EVPN, EVPN-VPWS
Existing Solution:
Evolution:
overlap
Overlay
Underlay
Overlay
Underlay
From MAC Bridging to MAC Routing
MPLS Transport & BGP Service
PE2
PE1
CE1 MPLS
BGP Signaling
Data Plane
Transport MPLS Label
IP Packet
Service BGP Label
BGP Signaling BGP Signaling
PE4
PE3
CE2
PE2
PE1
CE1 MPLS
BGP Signaling
Data Plane
Transport MPLS Label
L2 Frame
Service BGP Label
PE4
PE3
CE2
BGP L3VPN BGP EVPN
IP Packet IP Packet L2 Frame L2 Frame
EVPN - Ethernet VPN• Concepts are same!!! Pick your side!
SP1 SP2
C1 C2VM VM VM VM
L1 L2 L3 L4
CE1
PE2
PE1
PE4
PE3
Pick your side!
• BGP integrates services with programmable SR transport• Common across L2 / L3 services
• Services Control Plane is BGP with different AF / SAFI
• Single Service Control Plane is easy to manage and troubleshoot• HUGE investment in existing VPNv4/6• EVPN doesn’t replace L3VPN VPNv4/6 - no technical reason to do it!
EVPN vs VPNv4/6 or BGP Control Plane?
• Multi-Homed All-Active Ethernet Access• Replacement of: mLACP, STP, T-LDP, BGP-AD, etc.
• Standards-based Multi-chassis / Cluster Control Plane• Replacement of: vPC, VSS, nVCluster, etc.• Replacement of: HSRP, VRRP, etc.
• Carrier Ethernet Today• E-LINE - 80% of SP’s L2VPN portfolio (PWs)• E-LAN - Smaller # of L2 Multipoint VPN services
• There isn’t other standard technology with Ethernet All-Active Multi-homing
EVPN Flavors
• EVPN should be door-opener for IOS XR in Next Generation CO (Network Fabric)• EVPN L2/L3 multipoint brings optimal forwarding, MAC mobility, all-active
MH access• BGP Control-Plane
• Simplifies DCI/Border-Leaf configuration and service provisioning• Provides common SLA signaling
EVPN - Positioning
EVPN - Ethernet VPN• Leafs run Multi-Protocol BGP to advertise & learn MAC/IP addresses over the
Network Fabric• MAC/IP addresses are advertised to rest of Leafs
SP SP
C CVM VM VM VM
L L L L
MAC/IP advertisement & learning via BGP EVPN NLRI
Data Plane learning from the hosts
All Active multi-homingEthernet Segment
Step 1: Step 2:XR CLI:
EVPN - Ethernet-Segment for Multi-Homing
SP1 SP2
C1 C2VM VM VM VM
L1 L2 L3 L4
Unique 10-byte global identifier per Ethernet Segment
The bundle on the Leafs connecting to a node should have Identical ES identifier (ESI)
Ethernet Segment represents a node connected multiple Leafs
EVPN – Designated Forwarder (DF)
SP1 SP2
C1 C2
L1 L2 L3 L4
Duplicate
Challenge: How to prevent duplicate copies of flooded traffic from being delivered to a multi-homed Ethernet Segment (BUM traffic)?
DFNDF
EVPN – Split Horizon
SP1 SP2
C1VM VM
L1 L2
Challenge: How to prevent flooded traffic from echoing back to a multi-homed Ethernet Segment?
Echo !
BUM Label
SH Label
Transport Label
EVPN – MAC Mass-Withdraw
SP1 SP2
C1 C2VM VM VM VM
L1 L2 L3 L4
ESI1 MAC1
MAC1 can NOT be reached via ESI1
MAC1 can be reached via ESI1
MAC1 à ESI1 à Leaf1 + Leaf2
Challenge: How to inform other Leafs of a failure affecting many MAC addresses quickly while the control-plane re-converges?
EVPN – BUM Ingress Replication
SP1 SP2
C1 C2VM VM VM VM
L1 L2 L3 L4
BUM
BUM BUM
BUM
BUM = Broadcast, Unknown unicast, Multicast
R35
R34
R39
R38
R37
R36
H2
H1
LACP
LACP
R36, R37, R38, R39 - EVPN StartupR36 - Example1. RT4: DF Election & Multi-Homed Ethernet
Segment Auto-Discovery
Service Carving: 100 modulo 2 = 0R36 is DF for EVI-100
ESI: 0036.3700.0000.0000.1100
RD: 1.1.1.36:1
Ext-Com: 3637.0000.0000 (RT)
RT-4 - DF Election
R35
R34
R39
R38
R37
R36
H2
H1
LACP
LACP
R36, R37, R38, R39 - EVPN StartupR36 - Example1. RT4: DF Election & Multi-Homed Ethernet
Segment Auto-Discovery2. RT1: Per ESI Ethernet Auto-Discovery
(Split-Horizon, Mass-Withdraw)
ESI: 0036.3700.0000.0000.1100
RD: 1.1.1.36:1
Ext-Com: Flag:0x00 All-ActiveSplit-Horizon Label: 64005
RT-1 - Per ESI Ethernet AD
Ext-Com: 1:100 (RT)
R35
R34
R39
R38
R37
R36
H2
H1
LACP
LACP
R36, R37, R38, R39 - EVPN StartupR36 - Example1. RT4: DF Election & Multi-Homed Ethernet
Segment Auto-Discovery2. RT1: Per ESI Ethernet Auto-Discovery
(Split-Horizon, Mass-Withdraw)3. RT3: Inclusive Multicast
RD: 1.1.1.36:100
RT-3 - Inclusive Multicast
Ext-Com: 1:100 (RT)
Ext-Com: Type 6 Ingress-ReplicationMulticast(BUM) Label: 64120
R35
R34
R39
R38
R37
R36
H2
H1
LACP
LACP
BUM Forwarding
1. RT4: DF Election & Multi-Homed Ethernet Segment Auto-Discovery
2. RT1: Per ESI Ethernet Auto-Discovery (Split-Horizon, Mass-Withdraw)
3. RT3: Inclusive Multicast
IRBUM - Traffic
Transport Label R38-9
BUM - Traffic
BUM Label R38-9/EVI100
R35
R34
R39
R38
R37
R36
H2
H1
LACP
LACP
BUM Forwarding
1. RT4: DF Election & Multi-Homed Ethernet Segment Auto-Discovery
2. RT1: Per ESI Ethernet Auto-Discovery (Split-Horizon, Mass-Withdraw)
3. RT3: Inclusive Multicast
IRBUM - Traffic
Transport Label R37
BUM - Traffic
BUM Label R37/EVI100
SH Label R37/ESIx
X
R35
R34
R39
R38
R37
R36
H2
H1
LACP
LACP
R36, R37, R38, R39 - EVPN StartupR36 - Example1. RT4: DF Election & Multi-Homed Ethernet
Segment Auto-Discovery2. RT1: Per ESI Ethernet Auto-Discovery
(Split-Horizon, Mass-Withdraw)3. RT3: Inclusive Multicast4. RT2: MAC Advertisement
ESI: 0036.3700.0000.0000.1100
RD: 1.1.1.36:100
RT-2 - MAC Advertisement
Ext-Com: 1:100 (RT)
MAC: 0062.ec71.fbd7
Label: 64004
L2 Frame SMAC: 0062.ec71.fbd7
per EVPN Bridge Domain label
R35
R34
R39
R38
R37
R36
H2
H1
LACP
LACP
Unicast Forwarding (looks familiar?)
1. RT4: DF Election & Multi-Homed Ethernet Segment Auto-Discovery
2. RT1: Per ESI Ethernet Auto-Discovery (Split-Horizon, Mass-Withdraw)
3. RT3: Inclusive Multicast4. RT2: MAC Advertisement
L2 Frame Flow1DMAC: H1
Transport Label R36
RT-2 MAC Label/EVI
L2 Frame Flow1DMAC: H1
L2 Frame Flow1DMAC: H1
EVPN Routes – Cheat Sheet
BD1
BVI1
VRF1
EVI1
BD2
BVI2
EVI2
Vlan1BE
1.1
BE1.2
BE1 - ESI1
Vlan2
PE1
PE1 – Advertises:RT-4 Ethernet Segment Route• I have ESI1 in case when someone needs this information for Designated Forwarder(DF) Election
RT-1 Per ESI Ethernet Auto-Discovery (AD) Route• I have ESI1• ESI1 is All-Active• AC with ESI1 is connected to EVI1 and EVI2• My Split Horizon Label for ESI1 is
RT-1 Per EVI Ethernet Auto-Discovery (AD) Route(s)• EVI1 per-EVI (Aliasing) Label is • EVI2 per-EVI (Aliasing) Label is
RT-3 Inclusive Multicast Route(s)• EVI1 Label for BUM traffic is • EVI2 Label for BUM traffic is
RT-2 MAC/IP Advertisement Route(s)• MAC-A/IP-A in EVI1 and IP-A in VRF1 via label • MAC-B/IP-B in EVI2 and IP-B in VRF1 via label
RT-5 Prefix Advertisement Route(s)• IPv4/6 prefix of BVI1 in VRF1 via label VRF1-AGGL• IPv4/6 prefix of BVI2 in VRF1 via label VRF1-AGGL
BE1-SHL
BE1-SHL
EVI1-L
EVI2-L
EVI1-BUML
EVI2-BUML
PE2
PE1
CE1 MPLS
BGP Signaling
Data Plane
Transport MPLS Label
L2 Frame
Service BGP Label
PE4
PE3
CE2
L2 Frame L2 Frame
MAC-AIP-A
MAC-BIP-B
VRF1 ARPIP-A MAC-A -> BVI1IP-B MAC-B -> BVI2
BD1 MACMAC-A -> BE1.1
BD2 MACMAC-B -> BE1.2
VRF1-AGGL
EVI1-BUML
EVI2-BUML
EVI1-L
EVI2-L
BE1-SHL
EVI1-L
EVI2-L
EVPN – Distributed Anycast Gateway
SP1 SP2
C3VM
L1 L2 L3 L4
C4VM
C1 C2VM VM
BVIGW
BVIGW
BVIGW
BVIGW
Identical Anycast Gateway Virtual IP and MAC address are configured on all the Leafs
Distributed Anycast Gateway serves as the gateway for connected hosts
All the BVIs perform active forwarding in contrast to active/standby like First-hop routing protocol
Purpose: Optimal intra and inter-subnet connectivity with seamless workload mobility
EVPN – IRB in Network Fabric
40
SP SP
CVM
L L L L
CVM
C CVM VM
GWGWGWGW
Inter-subnet Forwarding L3
--L2
Intra-subnet Forwarding
Subnet 1
Subnet 2
Routing CORE
Centralized vs. Distributed Routing
Distributed Routing (IOS XR)
Fabric
Leaf
BoarderLeaf
• Optimized forwarding of east-west traffic• ARP/MAC state localized to Leafs• Helps with horizontal scaling of DC
Centralized Routing
• All east<->west routed traffic traverses to centralized gateways• Centralized gateways have full ARP/MAC state in the DC• Scale challenge• We do NOT support this design!
Fabric
Leaf
Centralized GW
Subnet 1 Subnet 2 VLAN 1 VLAN 2
L2
L3
L2
L3
Symmetric IRB Asymmetric IRB
• Flexible workload placement – any subnet anywhere
• Bridge->Route/Route->Bridge (symmetric VNI in both directions)
• ARP/MAC state localized to Leafs• Helps with horizontal scaling of DC• Cisco supports ONLY this mode
• Egress subnet must be local• Bridge->Route->Bridge (Different (Asymmetric) VNI
depending on directions)• Ingress Leaf needs ARP/MAC state for every egress
leaf• Limits scale
FabricLeaf
BoarderLeaf
FabricLeaf
BoarderLeaf
Integrated Routing and Bridging
Symmetric IRB and Asymmetric IRB are NOT interoperable!
R35
R34
R39
R38
R37
R36
H2
H1
LACP
LACP
LR36, R37, R38, R39 - EVPN StartupR36 – Example L2/L3 service1. RT4: DF Election & Multi-Homed Ethernet
Segment Auto-Discovery2. RT1: Per ESI Ethernet Auto-Discovery
(Split-Horizon, Mass-Withdraw)3. RT3: Inclusive Multicast4. RT2: MAC/IP Advertisement
ESI: 0036.3700.0000.0000.1100
RD: 1.1.1.36:100
RT-2 - MAC Advertisement
Ext-Com: 1:100 (RT) + VRF RT
MAC: 0062.ec71.fbd7
Label: 64004(BD) + 64008(VRF)
L2 Frame SMAC: 0062.ec71.fbd7
IP: 192.168.1.10
IP Header SurceIP: 192.168.1.10
IRB
IRB
IRB
Anycast IRB 192.168.1.1/24
Anycast IRB 192.168.2.1/24
EVPN - load-balancing modes
CE
PE1 PE2
All-Active(per flow)
Single LAG at the CEVLAN goes to both PETraffic hashed per flowBenefits: Bandwidth, ConvergenceCan replace: vPC, VSS, nV cluster
CE
PE1 PE2
Single-Active(per VLAN)
Multiple LAGs at the CEVLAN active on single PETraffic hashed per VLANBenefits: QoS, Billing, PolicingCan replace: HSRP/VRRP
CE
PE1 PE2
Port-Active(per port)
Multiple LAGs at the CEPort active on single PETraffic hashed per portBenefits: Protocol SimplificationCan replace: ICCP MC-LAG
V1V1 V2V1 V1, V2
EVPN - load-balancing modes
CE1
PE1 PE2
Single-Flow-Active(access L2 GW)
Single LAG at the CEVLAN goes to both PEAccess takes care of L2 loopBenefits: Legacy support for STP,
REP, G.8032
H2H1
CE3CE2
EVPN-VPWS
CE
PE
PE
PE
PE
CE
• Benefits of EVPN applied to point-to-point services• No signaling of PWs. Instead signals MP2P LSPs instead
(like L3VPN)• All-active CE multi-homing (per-flow LB) - today• Single-active CE multi-homing (per-service LB) - roadmap
• Relies on a sub-set of EVPN routes to advertise Ethernet Segment and AC reachability• PE discovery & signaling via a single protocol – BGP• Per-EVI Ethernet Auto-Discovery route (RT1 only)!!!
EVPN – Flexible Cross-Connect ServiceChallenge: How to bring multiple access services from different sources using a single EVPN E-LINE tunnel?
A1
A2
CE2
CEn
CE1
PE
CE1
CE2
CEn
EVPN Forwarder PE
MUXDEMUX
VLAN translationNormalized VLANover unique tunnel
A1
Single MPLS label used
Flexible Cross-Connect Service: Head-End
A1
A2
CE2
PE1
PE2
PWHE
PWHECEn
CE1
VLANs VRFs
ELINE(single tunnel)
Purpose: Bring multiple ELINE services into Pseudo-wire Head-end termination
EVPN - L3 Multi-Homing using EVLAG
CE1
CE2
CE3
CE4
PE1
PE2
PE3
PE4
L3VPNor
EVPN
EVLAG EVLAG
AccessAccess
EVPN
Core / Metro Fabric
No ICCP!HSRP/VRRP/MC-LAG Replacement
BVI GW
BVI GW
Multi-homing is provided by EVPN (EVLAG) Determine DF/ NDF PESynchronization (ARP, IGMP, etc.)
EVPN - Anycast-PW
A1CE Anycast-PWA3 CE
Anycast-PW
AG
AG
AG
AG
EVPNAll-Active
Anycast-SID Anycast-SID
Core / Metro Fabric AccessAccess
EVPN - access VPWS (H-EVPN)Multi-Homed EVPN-VPWS - Roadmap
A1
A2
CE
A3
A4
CE
AG
AG
AG
AG
Core / Metro Fabric AccessAccess
EVPN-VPWS EVPN EVPN-VPWS
EVPN and VPNv4/6 Interconnect
Access CoreA
A
A
ABR
P
P
CE2 DC/CODCI/BL
LEAF
LEAF
CE1
BGP - L3VPN VPNv4/6 BGP - EVPN
S
S
• DCI/BL provides EVPN to VPNv4/6 stitching• DCI/BL participates in L3 Routing not in L2 Bridging• DCI/BL is mandatory, because of summarization!!!
EVPN and VPNv4/6 Interconnect
Access CoreA
A
A
ABR
P
P
CE2 CODCI/BL
LEAF
LEAF
CE1
BGP - L3VPN VPNv4/6 BGP - EVPN
S
S
• DCI/BL provides EVPN to VPNv4/6 stitching• DCI/BL participates in L3 Routing not in L2 Bridging• DCI/BL is mandatory, because of summarization!!!
RT2 MAC/IP = CE1/32
RT5 Prefix = prefix-CE1/24 RT5 Prefix = prefix-CE1/24
X
RT5 Prefix = prefix-CE2/24 RT5 Prefix = prefix-CE2/24
Interconnect
EVPN and VPNv4/6 Interconnect
DCI/BL
BGP - L3VPN VPNv4/6 BGP - EVPN
RT2 MAC/IP = CE1/32
RT5 Prefix = prefix-CE1/24 RT5 Prefix = prefix-CE1/24
X
RT5 Prefix = prefix-CE2/24 RT5 Prefix = prefix-CE2/24
VRF ARD DCI:0RT import/export: VRF A StitchingRT import/export: VRF A
RT: VRF A Stitching
RT: VRF A Stitching
RT: VRF A Stitching
RT: VRF A
RT: VRF A
EVPN and VPNv4/6 InterconnectEVPN to VPNv4/6 Re-Advertise
DCI/BL
BGP - L3VPN VPNv4/6 BGP - EVPN
RT2 MAC/IP = CE1/32
RT5 Prefix = prefix-CE1/24 RT5 Prefix = prefix-CE1/24
X
VRF ARD DCI:0RT import/export: VRF A StitchingRT import/export: VRF A
RT: VRF A Stitching
RT: VRF A StitchingRT: VRF A
router bgp 1address-family l2vpn evpnimport stitching-rt re-originateadvertise vpnv4 unicast re-originated stitching-rt!address-family vpnv4 unicastimport re-originate stitching-rtroute-policy rt2-filter outadvertise vpnv4 unicast re-originated!
DCI/BL - BGP Configuration
3. Filter RT2 => /32 Router
1. Import: RT: VRF A Stitching
2. Advertise to vpnv4: VRF A
EVPN and VPNv4/6 InterconnectVPNv4/6 to EVPN Re-Advertise
DCI/BL
BGP - L3VPN VPNv4/6 BGP - EVPN
RT5 Prefix = prefix-CE2/24 RT5 Prefix = prefix-CE2/24
VRF ARD DCI:0RT import/export: VRF A StitchingRT import/export: VRF A
RT: VRF A StitchingRT: VRF A
router bgp 1address-family l2vpn evpnimport stitching-rt re-originateadvertise vpnv4 unicast re-originated stitching-rt!address-family vpnv4 unicastimport re-originate stitching-rtroute-policy rt2-filter outadvertise vpnv4 unicast re-originated!
DCI/BL - BGP Configuration
1. Import: VRF A
2. Advertise to EVPN: RT: VRF A Stitching
VPLS & EVPN Seamless Integration - Migration
PE2
CE1
PE4
PE3
CE4CE2
CE3
VFI1PW_PE2 UPPW_PE3 UPPW_PE4 UP
BD1
MPLSPE1
VFI1 is by default in Split Horizon Group 1• SHG1 protects loops in MPLS Core• Full Mesh of pseudowires (PW) is required for Any-to-Any forwarding
Migrate VPLS Network to EVPN Network through Seamless Integration
VPLS & EVPN Seamless Integration - Migration
PE2
CE1
PE4
PE3
CE4CE2
CE3EVI1
VFI1PW_PE2 UPPW_PE3 UPPW_PE4 UPXSHG1
BD1
MPLSPE1
VFI1 is by default in Split Horizon Group 1• SHG1 protects loops in MPLS Core• Full Mesh of pseudowires(PW) is required for Any-to-Any forwarding
EVI1 is also by default in Split Horizon Group 1• PE1 doesn’t forward data between VFI1 and EVI1
VPLS & EVPN Seamless Integration - Migration
PE2
CE1
PE4
PE3
CE4CE2
CE3EVI1
VFI1PW_PE2 UPPW_PE3 DOWNPW_PE4 UPXSHG1
BD1
BGP EVPN
MPLSPE1
VFI1 is by default in Split Horizon Group 1• SHG1 protects loops in MPLS Core• Full Mesh of pseudowires(PW) is required for Any-to-Any forwarding
EVI1 is also by default in Split Horizon Group 1• PE1 doesn’t forward data between VFI1 and EVI1
PE1&PE3 run BGP EVPN• PW_PE3 goes DOWN• Data Forwarding between PE1 and PE3 via EVI1
EVPN – MVPN in the Network Fabric (in progress)
SP SP
L L L L
State syncin EVPN
IGMP Join / Leave
Receiver
C C
L3---L2
BL BLMVPN
IRB vrf(x)
EVI-y
EVI-x
evpnmcast Receiver
SourceVRF(x)
XR 6.6.1 - IGMP L2 EVPN state sync
EVPN – Service Layering
L L L
CE CEC C
L L L
SP SP
L L L
SP SP
L L L L
L L L
SP SP
L L L
SP SP
L L L L
SP SP
L L L L
SP SP
L L L
SP SP
L L L
SP SP
L L L L
SP SP
L L L L
Core
PE
PE
P
P
BL BL
PE
PE
AG
AG
A
A
CE
AggregationAccess
MulticastFXC
EVPN-HEE-TREE
P2P L2 Bridging
L3 RoutingIRB
“Shared or single tenant”
Service Provider NetworkCore
PE/P
PE/P
P
P
PE/P
PE/P
AG
AG
A
A
CE
Metro
A
A
AG
AG
A
A
CE
A
A
Metro
BGP/EVPN
o Distributed Anycast Gateway EVPN-IRB
o All-active Multi-Homing
o EVPN symmetric IRB
o EVPN L2 for east-west traffic
o EVPN L3 for north-south traffic
ü Seamless mobility
ü Optimal forwarding (east-west & north-south)
ü All-active multi-homing load-balancing
ü Allow virtualization of appliances
ü EVPN multi-services (E-LAN, E-LINE, IRB)
ü Optimal bandwidth utilization within fabric
SP Routing Use Case Representation
Access Core
Public Cloud
Internet
Direct Content
Edge
MOBILE EDGEMobile FH
Mobile BH
5G
4G
RPD
Enterprise
Residential
Network FabricAggregation
CIN
SP PEERINGMETRO AGG
SPINE
LEAF
TOR
IP or MPLS CORE
DCI
CLOUD PEERING
Peering
CABLE AGG
B2B EDGE
CABLE EDGE
RESIDENTIAL EDGE
BUS ACCESS
CELL SITE ROUTER
PRE-AGG
EVPN Applicability
Integrated Services
EVPN Advantages:
• All-active Multi-homing & PE load-balancing (ECMP)
• Fast convergence (link, node, MAC moves)
• Control-Place (BGP) learning. PWs are no longer used.
• Optimized Broadcast, Unknown-unicast, Multicast traffic delivery
Network Efficiency
• Choice of MPLS, VxLAN or SRv6 data plane encapsulation
• Support existing and new services types (E-LAN, E-Line, E-TREE)
• Peer PE auto-discovery. Redundancy group auto-sensing
• Fully support IPv4 and IPv6 in the data plane and control plane
Service Flexibility
Investment Protection • Open-Standard and Multi-vendor support
• Integrated Layer 2 and Layer 3 VPN services
• L3VPN-like principals and operational experience for scalability and control
• EVPN is an very important complement to BGP based services
• BGP is Unified Services Control Plane across SP Network
• EVPN All-Active Multihomed Service with Distributed Anycast Gateway & Integration to L3VPN simplifies SPDC/NextGen-MEC/WAN Integration
• Cisco 5G xHaul vision: Segment Routing for underlay data plane + BGP EVPN for control plane end to end!
Conclusion
Cisco xHaul whitepaper
EVPN in Service Provider network