EVPN/Overlay and

Network Architecture

Satoru Matsushima

2

What Networks We Have…

Access WAN DC

3

Data Center MPLS

Backbone EthernetAccess

AccessNode

Aggregation Switch

PE PEToR/vSwitch

mLAGProtection w/ OAM

L2/L3 customers traffic

An E2E Architectural View of Network Service

NID

4

Data Center MPLS

Backbone EthernetAccess

L2/L3 VPN Label S-TAG3

LSP

AccessNode

Aggregation Switch

PE PEToR/vSwitch

mLAGProtection w/ OAM

S-TAG2

S-TAG1

E-LINE over MPLS(-TP)

L2/L3 customers traffic

VLAN Stack Aggregation on Access and Data-Center networks

An E2E Architectural View of Network Service

NID

S-TAG1ʼ

5

Issues of Tag-stacking based Ethernet Access

n VID Scalabilityl 0-4096 (12bits space)

l Stacking S-TAG works to enlarge VID space (12+12=24bits)

l But aggregation switches still need to be deployed for each 12bits VID space

n Deployment painsl Agg-switches become single point of failure that are increased as

network growth

l Deploying 1:1 Agg-switch redundancy works to spend more money

6

Data Center MPLS

Backbone EthernetAccess

L2/L3 VPN Label nvo3 tunnelLSP

Access NodeAggregation

Switch

PE PEToR/vSwitch

mLAGProtection w/ OAM

S-TAG2

S-TAG1

E-LINE over MPLS-TP

L2/L3 customers traffic

Emerging NVO3 and EVPN Control-plane to solve the issues

Getting over the issues of Ethernet networking

NID

S-TAG1ʼ

IP

EVPN EVPN

7

VPLS vs EVPN

VPLS (RFC4762) EVPN(RFC7432)

VPN Signaling LDP BGP MAC Learning Data-Plane BGP Policy PE-CE Multi-homing Single-Active All-Active

Convergence MAC Re-Learn BGP Update

BUM Ingress copy Multicast

8

Data Center MPLS

Backbone Ethernet Access

VPN Label

IP

VXLAN

LSP

AccessNode

IP Agg

PE PEToR/vSwitch

mLAGProtection w/ OAM

IP

nvo3 tunnel?

E-LINE over MPLS-TP

L2/L3 customers traffic

Can NVO3 relief the pains of Ethernet Access as well?

Getting over the issues of Ethernet networking

NID

EVPN EVPN

S-TAG

EVPN?

9

Challenges to deploy NVO3 into the Access

n Access-node might not be EVPN capablel Due to limited resources to reduce cost

l No MAC learning

l Is that Softbank specific?

n How does the PE find remote NVEs without BGP?l PPP/L2TP Signaling per tunnel? -> NO!

l Using controller? Is that scalable for 10K~ ANs deployment?

n Other issuesl Which encapsulation should be chose, e.g., VXLAN, GRE, etc.,

l Multicast?

10

IPv6 might help for NVE discovery

Domain PrefixAN-ID

Line Interface ID

UDPIPv6

HeaderVNI

MACHeader

C-VLAN

Payload

Remote NVE IPv6 address

VXLAN Encapsulation

0 63 127

i64-(i+j) j

i+j =< 24

FCS

Remote NVE address can be derived from VNID with mapped IPv6 prefix

11

Packet Flow and Format

IPv6 Network

AccessNode(AN)

PE

�������� ���������

����� ����� ������

0 � 63 � 127 �

i �64-(i+j) � j �

Dst: AN AddressSrc: PE Anycast

Line

��������������

� �����������

����� �

��������

i+j =< 24 �

���

Dst: PE AnycastSrc: AN Address

��������������

� �����������

����� �

��������

i+j =< 24 �

���

PE Anycast

AN-Address

WAN

12

Multi-homing w/ Anycast routing*

IPv6 Network

AccessNode(AN)

PE

Line

PE Anycast Address

WAN

AN-Address

More Resilient Connectivity than VLAN/Pseudo-Wire

EVPN/L3-VPNActive-ActiveRedundancy

* https://tools.ietf.org/html/draft-sajassi-bess-pbb-evpn-anycast-ip-tunnels-00

13

Data Center MPLS

Backbone IPv6

VPN Label

IPv6!

VXLAN

LSP

AccessNode

AggregationSwitches

PE PEToR/vSwitch

IPv6Routing

Protection w/ OAM

IPv6!

nvo3 tunnel

LSP

L2/L3 customers traffic

NVO3 Ethernet Access over IPv6-only Access Network

The Ambitious Network in the future

NID

EVPN EVPN

S-TAG

14

Summary

n  Pains exist not only in DC, but also in Access

n  NVO3 can help to relief the pain, but…l It depends on node’s capability and resource restriction

n  Utilizing IPv6 shall suite “Light Weight” overlay deployment for Ethernet Accessl without not only BGP but also any other signaling

n It’s Controversial for changing VNID semantics?l Don’t worry, MEF already did it for VID in E-Line. J

　　

Questions? Comments?