E-VPN and Data Center

R. Aggarwal (rahul@juniper.net)

Copyright 2004 Juniper Networks, Inc.

Proprietary and Confidential

www.juniper.net

Reference Model and Terminology

DCS1

DCS2

DCB3

DCB1

DCS8

Data Center 1
DCS4

DCS5

Data Center 3

WAN

DCB4/DCS9

DCB2
Data Center 2

DC: Data Center

DCS: Data center switch

Data Center 4
Client Site BR
Client site

Connected to Servers/VMs

DCB: Data center border router

Could be co-located with DCS

WAN provides interconnect among DCs, and

between DCs and Client Site BR

Copyright 2004 Juniper Networks, Inc.

Proprietary and Confidential www.juniper.net

Data Center Interconnect: Layer 2

Extension
DCS2
Data Center 1

VM2
VM3

DCS4

DCS5

DCB3

VM4

DCS1

VM1

DCS8

DCB1

VM6

Data Center 3
VM7

WAN

DCB2
Data Center 2

VM5

DCB4/DCS9
VM8

Data Center 4
Client Site BR

VLAN1 (subnet1) stretches between

DC1, DC2, DC3 and DC4

VLAN2 (subnet2) is present only on

DCS1
VLAN3 (subnet3) stretches between DC1 and DC2

VLAN stretch is required for cloud computing resource fungibility,

redundancy etc.

Communication between VMs on different VLANs/subnets and

between clients and the VMs requires layer 3 routing

Copyright 2004 Juniper Networks, Inc.

Client site

Proprietary and Confidential www.juniper.net

BGP-MPLS E-VPNs for Data Center

Interconnect
BGP-MPLS based technology, one application of which is data
center interconnect between data center switches for intraVLAN forwarding i.e., layer 2 extension
Why?
Not all data center interconnect layer 2 extension
requirements are satisfied by existing MPLS technology
such as VPLS
E.g., minimizing flooding, active-active points of
attachment, fast edge protection, scale, etc.
How?
Reuses several building blocks from existing BGP-MPLS
technologies
Requires extensions to existing BGP-MPLS technologies
Draft-raggarwa-sajassi-l2vpn-evpn-01.txt
Being pursued in the L2VPN WG

Copyright 2004 Juniper Networks, Inc.

Proprietary and Confidential www.juniper.net

E-VPN Reference Model

VPN A
Host -A1
VPN A
ESI 1,
VLAN1
Host A5
ESI 2,
VLAN2
MES 1
VPN B

MES 4

ESI 1,
VLAN1

EFI-A

Host-A4
ESI 3, VLAN1

EFI-A

RR

Ethernet
Switch-B3
VPN B

MES 2

EFI-A

ESI 4, VLAN2
EFI-B

ESI 5, VLAN1
Host-A3

EFI-B

Host-B1

MES 3

VPN A

MES - MPLS Edge Switch; EFI E-VPN Forwarding Instance; ESI

Ethernet Segment Identifier (e.g., LAG identifier)

MESes are connected by an IP/MPLS infrastructure

Transport may be provided by MPLS P2P or MP2P LSPs and

optionally P2MP/MP2MP LSPs for multicast

Transport may be also be provided by IP/GRE Tunnels

Copyright 2004 Juniper Networks, Inc.

Proprietary and Confidential www.juniper.net

Relating EVPN Reference Model to Data

Center Interconnect Reference Model
DCS2

DCS1

Data Center 1

DCS4

Data Center 3

WAN

DCS5

Data Center 2

DCS8

DCB3

DCB1

DCB4/DCS9
Data Center 4

DCB2

DCSes may act as MPLS Edge Switches (MES)

DCSes may interconnect with DCBs using E-VPN

DCSes are connected to hosts i.e., VMs

DCBs must participate in E-VPN although they may

perform only MPLS switching

WAN routers may or may not participate in E-VPN

Following slides will describe an overview of E-VPN and

then apply E-VPN to data center interconnect

Copyright 2004 Juniper Networks, Inc.

Proprietary and Confidential www.juniper.net

E-VPN Local MAC Address Learning

A MES must support local data plane learning
using vanilla ethernet learning procedures
When a CE generates a data plane packet
such as an ARP request
MESes may learn the MAC addresses of hosts
in the control plane using extensions to
protocols that run between the MES and the
hosts
MESes may learn the MAC addresses of hosts
in the management plane

Copyright 2004 Juniper Networks, Inc.

Proprietary and Confidential www.juniper.net

E-VPN Remote MAC Address Learning

E-VPN introduces the ability for an MES to
advertise locally learned MAC addresses in
BGP to other MESes, using principles
borrowed from IP VPNs
E-VPN requires an MES to learn the MAC
addresses of CEs connected to other MESes in
the control plane using BGP
Remote MAC addresses are not learned in
the data plane

Copyright 2004 Juniper Networks, Inc.

Proprietary and Confidential www.juniper.net

Remote MAC Address Learning in the BGP

Control Plane
Architectural Benefits

Increases the scale of MAC addresses and VLANs supported

BGP capabilities such as constrained distribution, Route
Reflectors, inter-AS etc., are reused

Allows hosts to connect to multiple active points of attachment

Improves convergence in the event of certain network failures

Allow hosts to relocate within the same subnet without requiring

renumbering

Minimizes flooding of unknown unicast packets

Minimizes flooding of ARP

Rest of the presentation will focus on this

Control over which MAC addresses are learned by which devices

Simplifies operations; enables flexible topologies etc.

Copyright 2004 Juniper Networks, Inc.

Proprietary and Confidential www.juniper.net

ARP Scaling Optimization: Approach

Minimize the radius of ARP request/response
propagation
Minimize the propagation radius of ARP request
from a server/Virtual Machine
In the switching infrastructure in the data center
Across data centers

Respond to an ARP request from a server/VM

as close to the server/VM as possible
Requires a number of components
See the following slide

Copyright 2004 Juniper Networks, Inc.

Proprietary and Confidential www.juniper.net

10

ARP Scaling Optimization: Proxy ARP

A network node as close to the server/VM, as
possible, performs Proxy ARP in response to
ARP requests from the server/VM
The network node should ideally be the DCS
Which MAC address does the network node use to
respond to the ARP request?
The answer depends on the forwarding
paradigm used by the node to forward packets
within the VLAN
MAC lookup based forwarding within the VLAN/subnet
The solution in the following slides focuses on this

IP address based forwarding within the VLAN/subnet

Not discussed in the following slides

Copyright 2004 Juniper Networks, Inc.

Proprietary and Confidential www.juniper.net

11

ARP Scaling Optimization: The Role of E- VPN (1)

When MAC lookup based forwarding is used within
a VLAN/subnet

MESes perform Proxy ARP

An MES responds to an ARP request, for an
IP address, with the MAC address bound to
the IP address
When the destination is in the same
subnet as the sender of the ARP request
The ARP request is not forwarded to
other MESes

Copyright 2004 Juniper Networks, Inc.

Proprietary and Confidential www.juniper.net

12

ARP Scaling Optimization: The Role of E- VPN (2)

How does the MES learn the IP address bound to
the MAC address when the MAC address is
remote?
BGP MAC routes carry the IP address bound to
the MAC address
How does an MES learn the IP to MAC binding
when the MAC address is local?
Control or management plane between MES
and CEs or data plane snooping
An MES advertises the local IP to MAC bindings in
the MAC routes

Copyright 2004 Juniper Networks, Inc.

Proprietary and Confidential www.juniper.net

13