Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or...

43
Cisco Public © 2011 Cisco and/or its affiliates. All rights reserved. 1 Cisco Expo Cisco Expo 2011 Overlay Transport Virtualization T-DC1/L3 Miroslav Brzek Systems Engineer [email protected]

Transcript of Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or...

Page 1: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved. 1Cisco Expo

Cisco Expo

2011

Overlay Transport Virtualization

T-DC1/L3

Miroslav Brzek

Systems Engineer

[email protected]

Page 2: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

2© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Challenges with traditional DCI LAN extension solutions

• OTV Architecture Principles

Control Plane and Data Plane

Failure Isolation

Multi-homing

MAC mobility

Configuration Examples

• OTV System Requirements

• OTV Deployment Options

• L2 Extension and Path Optimization Challenges

Page 3: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

3© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Flooding Based Learning

Traditional Layer 2 VPN technologies rely on flooding to propagate MAC reachability.

The flooding behavior causes failures to propagate to every site in the L2-VPN.

• Pseudo-wires and Tunnels Maintenance

Before any learning can happen a full mesh of pseudo-wires/tunnels must be in place.

Head-end replication for multicast and broadcast. Sub-optimal BW utilization.

• Multi-homing

Require additional protocols to support Multi-homing. STP is often extended across the sites of the Layer 2 VPN.

Malfunctions on one site will likely impact all sites on the VPN.

Page 4: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

4© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

Technology Pillars

OTV is a “MAC in IP” technique to extend Layer 2 domains

OVER ANY TRANSPORT

Protocol Learning

Built-in Loop Prevention

Preserve Failure

Boundary

Site Independence

Automated Multi-homing

Dynamic Encapsulation

No Pseudo-Wire State

Maintenance

Optimal Multicast

Replication

Multipoint Connectivity

Point-to-Cloud Model

First platform to support OTV starting with 5.0(3) release!

Nexus 7000

Page 5: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

5© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Challenges with traditional DCI LAN extension solutions

• OTV Architecture Principles

Control Plane and Data Plane

Failure Isolation

Multi-homing

MAC mobility

Configuration Examples

• OTV System Requirements

• OTV Deployment Options

• L2 Extension and Path Optimization Challenges

Page 6: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

6© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Edge Device: connects the site to the (WAN/MAN) core; responsible for performing all the OTV functions

• Internal Interfaces: interfaces of the Edge Devices that face the site. They behave as regular layer 2 interfaces.

• Join interface: interface of the Edge Device that faces the core. Typically point-to-point routed interface used by OTV to join the core multicast groups. Its IP address is used as the IP source address in the OTV encapsulation.

• Overlay Interface: logical multi-access multicast-capable interface. The overlay interface encapsulates Layer 2 frames in IP unicast or multicast headers.

OTV

Internal

Interfaces

CoreL2 L3

Join

Interface

Overlay

Interface

Page 7: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

7© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

Neighbor Discovery and Adjacency Formation

• Before any MAC address can be advertised the OTV Edge Devices must build a neighbor relationship with each other

• The neighbor relationship can be built over:

a multicast-enabled transport infrastructure

an unicast-only transport infrastructure

Page 8: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

8© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

Multicast-enabled

Transport

WestEast

South

OTV

OTV

Control Plane

OTV

Control Plane

OTV

Control

Plane

OTV OTV

IP AIGMP Report IGMP Report

IGM

P R

eport

IP B

IP C

Encap

2

OTV Hello3 Transport

Replication

IP A Mcast GOTV Hello IP A Mcast GOTV Hello

1

Decap

4

OTV Hello

IP A Mcast GOTV Hello

Decap

4

OTV Hello

IP A Mcast GOTV Hello

5

5

ASM Group

Neighbor Discovery over Multicast-Enabled Transport

Page 9: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

9© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

Multicast-enabled

Transport

WestEast

South

OTV

OTV

Control Plane

OTV

Control Plane

OTV

Control

Plane

OTV OTV

IP AIGMP Report IGMP Report

IGM

P R

eport

IP B

IP C

Encap7

OTV Hello

8 Core

Replication

IP C Mcast GOTV Hello

Decap

9

IP C Mcast GOTV Hello

Decap

9

The West Site sees that

the hello contains its ID.

The OTV Adjacency is

Established

10

The South Site sends its

hello with West’s address

in the TLV

OTV Hello OTV Hello

6

ASM Group

From Bottom to

Top

Neighbor Discovery over Multicast-Enabled Transportc

Page 10: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

10© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

MAC Address Advertisements (Multicast-Enabled Transport)• Every time an Edge Device learns a new MAC address, the OTV control plane will

advertise it together with its associated VLAN IDs and IP next hop.

• The IP next hops are the addresses of the Edge Devices through which these MACs addresses are reachable in the core.

• A single OTV update can contain multiple MAC addresses for different VLANs.

• A single update reaches all neighbors, as it is encapsulated in the same ASM multicast group used for the neighbor discovery.

Core

IP A

West

East

3 New MACs are

learned on VLAN 100

Vlan 100 MAC A

Vlan 100 MAC B

Vlan 100 MAC C

South-East

VLAN MAC IF

100 MAC A IP A

100 MAC B IP A

100 MAC C IP A

4

OTV update is replicated

by the core3

3

2

VLAN MAC IF

100 MAC A IP A

100 MAC B IP A

100 MAC C IP A

4

3 New MACs are

learned on VLAN 100

1

Page 11: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

11© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

Transport

Infrastructure

OTV OTV OTV OTV

MAC TABLE

VLAN MAC IF

100 MAC 1 Eth 2

100 MAC 2 Eth 1

100 MAC 3 IP B

100 MAC 4 IP B

MAC 1 MAC 3

IP A IP BMAC 1 MAC 3

MAC TABLE

VLAN MAC IF

100 MAC 1 IP A

100 MAC 2 IP A

100 MAC 3 Eth 3

100 MAC 4 Eth 4

Layer 2

Lookup

5

IP A IP BMAC 1 MAC 3MAC 1 MAC 3Layer 2

Lookup

1 Encap

2

Decap

4

MAC 1 MAC 3West

SiteMAC 1

MAC 3East

Site

1. Layer 2 lookup on the destination MAC.

MAC 3 is reachable through IP B.

2. The Edge Device encapsulates the frame.

3. The transport delivers the packet to the

Edge Device on site East.

4. The Edge Device on site East

receives and decapsulates the

packet.

5. Layer 2 lookup on the original

frame. MAC 3 is a local MAC.

6. The frame is delivered to the

destination.

3

6

IP A IP B

Page 12: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

12© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• OTV encapsulation adds 42 Bytes to the packet IP MTU size

Outer IP Header and OTV Shim Header in addition to original L2 Header

• The outer IP header is followed by an OTV shim header, which contains information about the overlay (vlan, overlay number, etc).

• The 802.1Q header is extracted from the original frame and the VLAN field copied over into the OTV shim header.

• The OTV Edge Devices do NOT perform packet fragmenting and reassembling. A packet failing the MTU is dropped by the Forwarding Engine

42 Byte encapsulation

6B 6B 2B 20B 8B

DMAC SMACEther

Type IP Header

Original Frame 4B

CRC

VL

AN

OTV Shim

802.1Q

DMAC SMAC Eth Payload802.1Q

To

SC

oS

Page 13: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

13© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• OTV is able to leverage the multicast capabilities of the core.

• This is the summary of the Multicast groups used by OTV:

An ASM group used for neighbor discovery and to exchange MAC reachability.

A SSM group range to map the sites internal multicast groups to the mcast groups in the core, which will be leveraged to extend the mcast data traffic across the Overlay.

Page 14: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

14© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

OTV Adjacency Server

• The use of multicast in the core provides significant benefits:

Reduces the amount of hellos and updates OTV must issue

Streamlines neighbor discovery, site adds and removes

Optimizes the handling of broadcast and multicast data traffic

• However OTV provides a solution for deployments where the core does not support multicast.

• For these cases OTV uses the Adjacency Server Mode of operation.

One of the OTV Edge Devices will be configured as an Adjacency Server and it will be responsible for communicating the IP addresses where the other Edge Devices can be reached.

Page 15: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

15© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Challenges with traditional DCI LAN extension solutions

• OTV Architecture Principles

Control Plane and Data Plane

Failure Isolation

Multi-homing

MAC mobility

Configuration Examples

• OTV System Requirements

• OTV Deployment Options

• L2 Extension and Path Optimization Challenges

Page 16: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

16© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

L2

L3

OTV OTV

Site Independence• OTV does not affect the STP topology of the site and in these terms OTV is totally site

transparent.

• Each site will have its own STP domain, which is separate and independent from the STP domains in other sites, even though all sites will be part of common Layer 2 domain.

• This functionality is built-in into OTV and as such no configuration is required to have it working.

• An Edge Device will send and receive BPDUs ONLY on the OTV Internal Interfaces.

The BPDUs

stop here

The BPDUs

stop here

Page 17: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

17© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

L2

L3

OTV OTV

No longer flooding storms across the DCI• OTV does not leverage flooding to propagate the learning of the MAC addresses across

the overlay.

• No more requirements to forward unknown unicast over the overlay, therefore its forwarding is suppressed.

• Any unknown unicasts that reach the OTV edge device will not be forwarded to the overlay. This is achieved without any additional configuration.

• The assumption here is that the end-points connected to the network are not silent or uni-

directional.

MAC TABLE

VLAN MAC IF

100 MAC 1 Eth1

100 MAC 2 IP B

- - -

MAC 1 MAC 3

No MAC 3 in the

MAC Table

Page 18: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

18© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

ARP Neighbor-Discovery (ND) Cache

• An ARP cache is maintained by every OTV edge device and is populated by snooping ARP replies.

• Initial ARP requests are broadcasted to all sites, but subsequent ARP requests are suppressed at the Edge Device and answered locally.

• OTV Edge Devices can thus reply to ARPs on behalf of remote hosts.

• ARP traffic spanning multiple sites can thus be significantly reduced.

Transport

Infrastructure

OTV

OTV

ARP Cache

MAC 1 IP A

MAC 2 IP B

ARP reply

2

First ARP

request (IP A)

1

Snoop & cache ARP reply

3

Subsequent ARP requests

(IP A)

4 ARP reply on behalf of

remote server (IP A)

5

Page 19: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

19© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• STP isolation – No configuration required

No BPDUs forwarded across the overlay

STP remains local to each site

• Unknown unicast isolation – No configuration required

No unknown unicast frames flooded onto the overlay

Assumption is that end stations are not silent

Option for selective unknown unicast flooding (for certain applications)

• Proxy ARP cache for remote-site hosts – On by default

• Broadcast can be controlled based on a white list as well as a rate limiting profile.

Summary

Page 20: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

20© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Challenges with traditional DCI LAN extension solutions

• OTV Architecture Principles

Control Plane and Data Plane

Failure Isolation

Multi-homing

MAC mobility

Configuration Examples

• OTV System Requirements

• OTV Deployment Options

• L2 Extension and Path Optimization Challenges

Page 21: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

21© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

Per VLAN Authoritative Edge Device

• The detection of the multi-homing is fully automated and it does not require additional protocols and configuration

• OTV provides loop-free multihoming by electing a designated forwarding device per site for each VLAN

• The designated forwarder is referred to as the Authoritative Edge Device (AED).

forwards traffic to and from the overlay

advertises MAC addresses for any given site/VLAN

• The Edge Devices at the site peer with each other on the internal interfaces to elect the AED. The peering takes place over the OTV “site-vlan”. It’s recommended to use a dedicated VLAN as site-vlan.

OTV

OTV

AED

Internal peering for

AED election

Page 22: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

22© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

AED and Broadcast/Multicast Handling

• Broadcast and multicast packets reach all Edge Devices within a site.

• The broadcast/multicast packet is replicated to all the Edge Devices on the overlay.

• Only the AED at each remote site will forward the packet from the overlay onto the site.

Core

OTV

OTV

OTV

AEDAED

Bcast

pkt

Broadcast

stops here

Broadcast

stops here

OTV

Page 23: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

23© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

Per-VLAN Load Balancing

• In each site OTV elects one of the Edge Devices to be the Authoritative Edge Device (AED) for a subset of the extended VLANs

• The assignment of the VLANs to a particular AED is all automated (though predictable) in the first release. User control will come later in future software releases.

• OTV allows different flows to use different edge devices when a site is multi-homed.

Core

OTV

OTV

OTV

OTV

AEDAED

AEDAED

MAC TABLE

VLAN MAC IF

100 MAC 1 IP A

101 MAC 2 IP B

IP A

IP B

Page 24: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

24© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Challenges with traditional DCI LAN extension solutions

• OTV Architecture Principles

Control Plane and Data Plane

Failure Isolation

Multi-homing

MAC mobility

Configuration Examples

• OTV System Requirements

• OTV Deployment Options

• L2 Extension and Path Optimization Challenges

Page 25: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

25© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

OTV

AED

AED

OTV

OTV

OTV

MAC X

MAC X

MAC X

MAC X

Server Moves

MAC X

Local MAC = Blue

Remote MAC = Red

AED

OTV

MAC X

MAC X

AED

OTVWest

West East

MAC X

AED

MAC X

OTV

OTV East

OTV

OTVWest

AED

OTV

OTV

MAC X

MAC X MAC X

East

AED detects

MAC X is now

local.AED advertises MAC X

with a metric of zero

MAC X

EDs in site West see MAC X advertisement with a

better metric from site East and change them to

remote MAC address.MAC X

MAC X

Page 26: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

26© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Challenges with traditional DCI LAN extension solutions

• OTV Architecture Principles

Control Plane and Data Plane

Failure Isolation

Multi-homing

MAC mobility

Configuration Examples

• OTV System Requirements

• OTV Deployment Options

• L2 Extension and Path Optimization Challenges

Page 27: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

27© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

OTV CLI Configuration (Multicast-enabled Transport)

interface Overlay0

otv join-interface Ethernet1/1

otv control-group 239.1.1.1

otv data-group 232.192.1.0/24

otv extend-vlan 100-150

otv site-vlan 99

Connects to the core. Used to join the Overlay network.

Its IP address is used as source IP for the OTV encap

ASM/Bidir group in the core used for the

OTV Control Plane.

SSM group range used to carry the site’s

mcast traffic data.

Site VLANs being extended by OTV

VLAN used within the Site for communication

between the site’s Edge Devices

Page 28: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

28© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Challenges with traditional DCI LAN extension solutions

• OTV Architecture Principles

Control Plane and Data Plane

Failure Isolation

Multi-homing

MAC mobility

Configuration Examples

• OTV System Requirements

• OTV Deployment Options

• L2 Extension and Path Optimization Challenges

Page 29: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

29© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• OTV is supported on all existing and new M1 series line cards. No hardware upgrade is required.

• The current F series (Layer2-only) modules will not support OTV natively

• The F module’s interface will only be able to function as “Internal Interfaces” from the OTV stand point

• OTV is part of the 5.0(3) Bogota Maintenance Software Release

• OTV is part of the new Transport Services (TRS) license. The NTE price for this license is $25,000.

• To help the OTV adoption at its early stage we are offering a limited time promotional license: “N7K-TRS-P1” for Transport Services for just $5,000.

• The OTV license is per-chassis

Page 30: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

30© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Challenges with traditional DCI LAN extension solutions

• OTV Architecture Principles

Control Plane and Data Plane

Failure Isolation

Multi-homing

MAC mobility

Configuration Examples

• OTV System Requirements

• OTV Deployment Options

• L2 Extension and Path Optimization Challenges

Page 31: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

31© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• The OTV Edge Device can be located at the Aggregation Layer as well as at the Core Layer depending on the network topology of the site

• There are some limitations to the OTV-SVI coexistence which must be taken into consideration when deploying OTV at the Aggregation Layer

• On the Nexus 7000 a given VLAN can either be associated with an SVI or extended using OTV. In other words, currently on a Nexus 7000 OTV cannot coexist with SVIs.

• The separation between OTV and SVIs can be provided through the topology or by using a separate VDC for the OTV DCI

Page 32: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

33© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Roles of the VDCs in the dual-vdc solution:

OTV

VDC

OTV

VDC

OTV VDCOTV Functionality

Aggregation VDCL2-L3 Separation - SVIs

STP Root/SecondaryvPC Peer

FHRPIGP to the CorePIM to the Core

Aggregation VDCL2-L3 Separation - SVIs

STP Root/SecondaryvPC Peer

FHRPIGP to the CorePIM to the Core

Page 33: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

34© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

Connecting the OTV VDC

• Two different deployment models are considered for the OTV VDC based on the availability of uplinks to the DCI Transport:

OTV Appliance on a Stick

Inline OTV Appliance

• From an OTV functionality prospective there is NOT difference between the two models. The Inline OTV Appliance can provide better convergence results

Join Interface

Internal Interface

OTV Appliance on a Stick

OTV

VDC

Common Uplinks to Transport

For Layer3 and DCI

L2

L3SVIs

Inline OTV Appliance

Uplinks to the

Layer3 Transport

Dedicated

Uplink for DCI

OTV

VDC

L2

L3SVIs

Page 34: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

35© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• OTV VDC Virtual Appliance at the Aggregation Layer

• OTV VDC participates to vPC or STP as per existing site design

• Single HSRP group (same VMAC, VIP) if needed

• IGMPv3 on the join interface link

• PIM enabled across the DCI

• Layer 3 Links across the DCI

• IGP Peering between all the 4 Nexus 7000

OTV

VDC

OTV

VDCOTV

VDC

OTV

VDC

IGP + PIM Peering

PIM Interface

L3 Join Interface

L2 Internal Interface

IGMPv3

Page 35: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

36© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

Assumption is that the Aggregation devices implement the Layer2-Layer3 separation and thus have SVIs configuration.

• If uplinks to the transport/core are available go with the OTV Virtual Bridge otherwise use the OTV Virtual Appliance approach.

• OTV VDC participates to vPC or STP as per existing site design

• PIM brought down to the Aggregation layer. PIM adjacencies with the WAN Edge devices

OTV

VDC

OTV

VDC

WAN/MAN

OTV

VDC

OTV

VDC

PIM Interface

L3 Join Interface

L2 Internal Interface

IGMPv3

OTV Virtual ApplianceOTV Virtual Bridge

Page 36: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

37© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Challenges with traditional DCI LAN extension solutions

• OTV Architecture Principles

Control Plane and Data Plane

Failure Isolation

Multi-homing

MAC mobility

Configuration Examples

• OTV System Requirements

• OTV Deployment Options

• L2 Extension and Path Optimization Challenges

Page 37: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

38© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

Optimal Routing Challenge

Pod A

WAN

Pod N

Ingress Routing Localization:

Clients-Server

Server-Server

Egress Routing Localization:

Server-Client Egress Routing Localization:

Server-Client

• Layer 2 extensions represent a challenge for optimal routing.

• Challenging placement of gateway and advertisement of routing prefix/subnet.

Page 38: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

39© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Egress traffic

FHRP isolation*

• Ingress traffic

DNS Based

DNS redirection with ACE/GSS

Routing Based

Route Injection

LISP (Locator/ID Separation Protocol) NS based Global Site Selection

Locator/ID Separation Protocol – LISP*

Host routing

* Briefly discussed in this presentation

Page 39: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

40© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• Extended VLAN typically has associated HSRP group

• Only one HSRP router active, with all servers pointing to HSRP VIP as default gateway

• Result: sub-optimal (trombone) routing

VLAN 10

VLAN 20

HSRP

Active

HSRP

Standby

HSRP

Listen

HSRP

Listen

HSRP Hellos

ARP

reply

ARP for

VIP

L3 Data

Routed

L3 Data

Page 40: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

41© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

• VACL drops HSRP

• VACL drops HSRP

• Route filter drops MAC advertHSRP

Active

HSRP

Standby

HSRP

Active

HSRP

Standby

• Filter FHRP with combination of VACL and OTV MAC route filter in OTV VDC

• Still have one HSRP group with one VIP, but now have active router at each site for optimal first-hop routing

• Native FHRP filtering in OTV planned for future release

VLAN 10

VLAN 20

HSRP

Hellos

ARP for

VIP

ARP

reply

OTV VIP

MAC Advert

L3 Data

Routed

L3 Data

Page 41: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

42© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

Real Problems Solved by OTV

• Extensions over any transport (IP, MPLS)

• Failure boundary preservation

• Site independence / isolation

• Optimal BW utilization (no head-end replication)

• Resiliency/multihoming

• Built-in end-to-end loop prevention

• Multisite connectivity (inter and intra DC)

• Scalability

VLANs, sites, MACs

ARP, broadcasts/floods

• Operations simplicity South

Data

Center

North

Data

CenterFault

Domain

Fault

Domain

Fault

Domain

Fault

Domain

LAN Extension

Only 5 CLIcommands

Page 42: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 43

Page 43: Overlay Transport Virtualization - Talk 2 Cisco · 2011-05-16 · Cisco Expo © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco Expo 2011 Overlay Transport

44© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo

Prosíme, ohodnoťte tuto přednášku.

T-DC1