To achieve high reliability and redundant deployment, most enterprise networks and their data centers today span multiple physical sites in different geographic locations and deploy similar services on these sites, perform layer-2 communication between these sites. To achieve dynamic resource allocation and management between sites, virtual machines must be freely migrated between data centers. The virtual machine migration process is transparent to users and cannot change the IP address, therefore, L2 Networks must be interconnected between sites distributed in different regions.
Figure 1 layer-2 website Interconnection
Based on the existing service provider network and enterprise network, the Ethernet Virtual Interconnection technology provides flexible L2 Interconnection functions for scattered physical sites. The deployment of the EVI solution is very simple and cost-effective. You only need to deploy one or more devices that support the EVI function on the edge of the site. The enterprise network and service provider network do not need to be changed.
1 EVI Principle Analysis
1.1 Basic Concepts
EVI is an advanced MAC in IP technology used to implement L2VPN Technology Based on the IP core network. Through EVI technology, route and forwarding information is maintained on edge devices of the site, without changing the internal and core networks of the site.
The overall EVI network consists of the site network, overlapping network, and core network (2 ).
The primary site network is a two-layer network with independent business functions connected to the core network through one or more edge devices. It is usually managed and controlled by a single organization and consists of a host and a switching device, edge devices provide layer-2 switching between sites;
A hybrid overlapping network is a virtual network established between edge devices of a site. It provides layer-2 interconnection between site networks and notifies each other of the MAC addresses of all hosts and routers connected to the edge devices, interconnect multiple sites to form a larger L2 forwarding domain;
The ingress core network is a network that is primarily carried by IP routing devices to provide interconnection between site networks.
Figure 2 EVI Network Model
Overlapping networks enable VLAN expansion between different sites. They are mainly composed of overlapping interfaces and virtual connections, and carry Layer 2 Traffic of VLAN expansion between sites on the data plane, in the control plane, the MAC address accessibility information of hosts and routers is advertised between sites through the IGP protocol. In the management plane, the Neighbor Discovery protocol is used to realize automatic site discovery and simplify network configuration management. In addition, overlapping networks also implement ARP traffic optimization to reduce the bandwidth occupation of broadcast traffic.
Different VLANs carry different service functions, and the sites to be expanded are also different. In this way, overlapping networks support multiple Instance functions. The control plane protocol interaction between different instances and data plane traffic forwarding are completely isolated, the extension VLAN cannot overlap, and you can independently configure relevant network parameters for each instance, such as IGP time parameters and authentication parameters. Each instance represents a VPN, which is uniquely identified by the Network ID. 3. Three VPN instances are defined.
Figure 3 multi-instance overlapping network
EVI terminology
Edge device: the EVI switching device located at the edge of the site. It runs on the site network as a Layer 2 device and on the core network as a L3 device. It encapsulates packets from the site network to the core network and the core network to the site network.
Bearer interface: A layer-3 interface connected to the core network on an edge device. It is the source of packet transmitted in the core network after tunneling of the original ethereframe. The layer-3 interface has the IP address of the core network address space. It can be a layer-3 Ethernet port, layer-3 aggregation interface, VLAN virtual interface, and layer-3 loopback interface. Each overlapping network instance has a bearer interface, and different instances can share the same bearer interface.
Overlapping interface: a point-to-cloud interface connecting edge devices to a HUB on the same overlapping network instance, each overlapping network instance has this logical interface, which can copy broadcast and multicast packets and provide IP Encapsulation (including unicast and multicast encapsulation) For L2 frames from within the site, currently, only unicast is supported, and multicast encapsulation will be supported later ). This logical interface sends and receives packets through the bearer interface.
Virtual Connection: In the same overlapping network instance, a two-way virtual ethernet channel between edge devices completes transparent data transmission between edge devices. This channel is carried by the GRE tunnel. A tunnel can carry multiple virtual connections. You can use overlapping interfaces and IP addresses of remote edge devices to identify a virtual connection.
Neighbor Discovery Protocol: the EVI Neighbor Discovery Protocol (ENDP) is used to automatically discover sites and edge devices, establish and maintain virtual connections between edge devices, and interact with members of overlapping networks. This Protocol greatly simplifies network configuration and reduces the maintenance workload of network administrators.
Site ID: the edge devices of each site advertise the site ID information on the overlapping network. The site ID uniquely identifies a site. Edge devices with different sites cannot establish intra-site neighbors.