EVPN-VXLAN

What is EVPN-VXLAN?

EVPN-VXLAN is a networking technology that offers large enterprises a standardized framework to manage their campus and data center networks. It enables efficient connectivity at both Layer 2 and Layer 3 levels while also reducing operational costs.

With the increasing number of mobile devices, IoT devices, and collaboration tools, networks face the challenge of accommodating a large number of endpoints. EVPN-VXLAN addresses this by separating the physical network infrastructure (underlay) from the virtual network topology (overlay). By leveraging overlays, it provides flexibility in establishing Layer 2 and Layer 3 connectivity between endpoints across campus and data centers, while maintaining a consistent underlying network architecture.

Advantages of EVPN-VXLAN

Implementing an EVPN-VXLAN framework offers numerous advantages:

1. Automation and Programmability: EVPN-VXLAN enables easy automation and programmability, simplifying network operations and facilitating efficient management.

2. Interoperability: Its architecture follows open standards, ensuring interoperability with existing and future network infrastructure, promoting seamless integration.

3. Integrated Layer 2 and Layer 3 Connectivity: EVPN-VXLAN provides efficient and streamlined Layer 2 and Layer 3 connectivity with control plane-based learning, optimizing network performance.

4. Scalability: The framework supports flexible network scalability based on business requirements, allowing for smooth expansion and adaptation to evolving needs.

5. Network Segmentation: EVPN-VXLAN enables secure traffic separation within and across multiple campuses and data centers, enhancing data privacy and network security.

6. Enhanced Network Reliability: By minimizing the fault domain, EVPN-VXLAN increases network reliability, reducing the impact of failures and ensuring consistent network availability.

7. MAC Address Mobility: EVPN-VXLAN offers simple and flexible deployment capabilities by facilitating the mobility of MAC addresses, supporting the dynamic movement of endpoints.

8. Loop-Free Technology: EVPN-VXLAN leverages loop-free technology, eliminating the need for spanning tree protocol (STP) and enhancing network efficiency and stability.

9. Active-Active Redundancy: The framework supports active-active redundant links, fully utilizing network bandwidth and providing high availability for critical applications and services.

Understanding EVPN

In traditional Layer 2 networks, reachability information is distributed through data plane flooding. However, in EVPN networks, this functionality is moved to the control plane.

EVPN extends the Border Gateway Protocol (BGP) to carry endpoint reachability information, such as Layer 2 MAC addresses and Layer 3 IP addresses. It utilizes MP-BGP for the distribution of MAC and IP address endpoints, treating MAC addresses as routes.

Additionally, EVPN facilitates multipath forwarding and redundancy through an all-active multihoming model. Devices or endpoints can connect to multiple upstream devices and utilize all available links for traffic forwarding. In case of a link or device failure, traffic seamlessly continues using the remaining active links.

By handling MAC learning in the control plane, EVPN eliminates the flooding commonly associated with Layer 2 networks. Moreover, EVPN supports various data plane encapsulation technologies between EVPN-VXLAN-enabled switches, with VXLAN serving as the overlay data plane encapsulation.

Network overlays are created by encapsulating traffic and tunnelling it over a physical network. The VXLAN tunneling protocol encapsulates Layer 2 Ethernet frames within Layer 3 UDP packets, enabling the creation of Layer 2 virtual networks or subnets that can span the underlying Layer 3 physical network. Devices performing VXLAN encapsulation and decapsulation are referred to as VXLAN tunnel endpoints (VTEPs). EVPN facilitates the exchange of reachability information among VTEPs for their respective endpoints.

In a VXLAN overlay network, each Layer 2 subnet or segment is uniquely identified by a virtual network identifier (VNI). Similar to how a VLAN ID segments traffic, a VNI segments traffic within the same virtual network, allowing direct communication between endpoints. Endpoints in different virtual networks require a device that supports inter-VNI (inter-VXLAN) routing to enable communication.

EVPN-VXLAN in the Enterprise

Implementing a standards-based EVPN-VXLAN architecture offers significant advantages for enterprise campuses:

1. Simplified Scalability: Enterprises can seamlessly expand their network infrastructure by adding core, distribution, and access layer devices without the need for a complete architecture redesign. Leveraging a Layer 3 IP-based underlay with an EVPN-VXLAN overlay enables the deployment of larger networks compared to traditional Layer 2 Ethernet-based architectures.

2. Simplified VLAN Configuration: EVPN-VXLAN simplifies the configuration of VLANs across different buildings and sites, reducing operational complexity. It allows for the extension of the same VLANs across multiple locations, facilitating seamless connectivity and management.

3. Consistent Policy Deployment: EVPN-VXLAN enables enterprises to implement group-based policies, ensuring the deployment of a common set of policies and services across campuses. This approach reduces ACL/firewall filter complexity on switches throughout the enterprise network.

4. Enhanced Microsegmentation: Leveraging group-based policies, EVPN-VXLAN empowers enterprises to implement microsegmentation, providing granular control over which end-users or devices can communicate with devices across the campus network. This level of control enhances security and network isolation.

EVPN-VXLAN in the Data Center

In modern large-scale data centers, the adoption of an EVPN-VXLAN overlay on top of an IP fabric architecture offers numerous benefits.

The IP fabric architecture consolidates traditional networking layers into a streamlined spine-and-leaf structure, optimized for scalability. This two-tier Layer 3 network provides high resilience and low latency, serving as a robust underlay. It can be horizontally scaled out to accommodate increasing demands and ensure efficient data center operations.

The EVPN-VXLAN overlay complements the IP fabric by extending and interconnecting Layer 2 data center domains. It allows for the flexible placement of endpoints, such as servers or virtual machines, anywhere within the network, including across multiple data centers. This flexibility enables efficient workload distribution and seamless communication among resources within and between data centers.