Last week I touched on architectural choices for service providers (particularly Internet exchanges and colocation providers) for connecting customers to their networks. Virtual Private LAN Service (VPLS) is a mature option that allows enterprises to connect to the network and have all of their sites connected via pseudowires so that they can all be dealt with as if they were part of the same LAN.
This technology has been serving enterprises well for years, and has conveniences for the provider offering the service. In particular, there are many traffic engineering (TE) and operational, administrative, and management (OAM) knobs for VPLS.
An emerging, higher-scale and very flexible overlay choice is BGP-EVPN, which, while not yet ready for prime time in the SP space, is gathering interest because of its popularity in the enterprise. Due to its high scale, there is some gathering interest in colocation facilities and other SP data centers, but these are early days.
Relevance and Benefits of BGP-EVPN
BGP-EVPN connects groups of users using a virtual bridge by distributing MAC addresses in BGP updates. This provides non MPLS based MAC route distribution option, leveraging address familie in multiprotocol BGP.
BGP-EVPN provides advantages that suit the unique aspirations of larger and more demanding enterprise customers:
- MAC address mobility means location independence of endpoints and workloads
- Reducing deployment costs with a single service for reachability at Layers 2 and 3
- Dual-active multihoming and load balancing
- Broadcast and Unknown Unicast or Multicast (BUM) scale
The top benefit above means that enterprises can easily onboard tenants with overlapping VLANs and IP Subnets and can move workloads within and across data centers. In this era of MAC explosion (BYOD) and in terms of a VXLAN network identifier space, this architecture can scale to 16 million VLANs, as opposed to the 802.1q limit of 4096 VLANs.
How Can Brocade Workflow Composer Help?
The Network Essentials and Data Center Fabric automation suites in Brocade Workflow Composer support the creation and maintenance of BGP-EVPN services. Workflows in the Data Center Fabric suite include initial fabric configuration, tenant provisioning, edge port configuration, etc.
With BGP-EVPN deployed in a data center site, the leaf switches participate in the BGP-EVPN control- and data-plane operations. These are shown as BGP-EVPN instances (EVI) below (Figure 1).
Figure 1: An IP Fabric with a BGP-EVPN Overlay
These instances effectively define VPNs that can exist on multiple devices. They may represent tenants in a data center, and contain the addressability to a number of devices in disparate locations, but belonging to the same work groups or departments. MAC addresses and IP ranges are advertised along the solid blue virtual connections. The dashed connections are the physical underlay.
The Data Center Fabric Automation Suite
EVPN-related workflows that are automated by the Data Center Fabric automation suite include:
- Add a tenant endpoint with an IP address
- Create a Layer 2 tenant
- Create a Layer 3 tenant
- Provision an EVPN instance
Note: The Data Center Fabric automation suite is currently in Technical Preview, and as such is not yet supported by Brocade TAC.
The Network Essentials Automation Suite
The Network Essentials automation suite also provides many actions to support EVPN:
- Configure an “anycast” gateway
- Configure conversational ARP
- Configure conversational MAC learning
- Configure an EVPN instance
- Configure an EVPN VXLAN Tunnel Endpoint (VTEP)
- Create a Virtual Routing and Forwarding (VRF) instance
Note: As of today, the Network Essentials automation suite is Generally Available!
Call to Action
Also relevant as an introduction is the Workflow Composer Automation Suites at-a-glance document.