Solutions Guide. Ethernet-based Network Virtualization for the Enterprise



Similar documents
Solutions Guide. Resilient Networking with EPSR

Allied Telesis provide virtual customer networks

Solution Network Virtualization. Allied Telesis - delivering value with Network Virtualization

Solutions Guide. High Availability IPv6

Software Defined Networking

The top 3 network management challenges

Network Security. Ensuring Information Availability. Security

National Hospital Organization Chiba Medical Center

Solutions Guide. Secure Remote Access. Allied Telesis provides comprehensive solutions for secure remote access.

St Mary MacKillop College

Penola Catholic College

Case Study Ministry of Agriculture, France

Military College of Electronic and Mechanical Engineering

Success Story. Kanaiwa Hospital

APPLICATION NOTE. Benefits of MPLS in the Enterprise Network

VCStack - Powerful Simplicity. Network Virtualization for Today's Business

How To Configure Some Basic OSPF Routing Scenarios. Introduction. Technical Guide. List of terms

How To Use An At9924 For A Long Distance Connection On A Powerline On A Ppltd Network (Powerline) On A Superfast Network (Networking) On An At 9924 (Powerplt) On The P

AlliedWare Plus OS How To Use sflow in a Network

Demonstrating the high performance and feature richness of the compact MX Series

Best Effort gets Better with MPLS. Superior network flexibility and resiliency at a lower cost with support for voice, video and future applications

Solutions Guide. Education Networks

November Defining the Value of MPLS VPNs

- Multiprotocol Label Switching -

Multi Protocol Label Switching (MPLS) is a core networking technology that

Implementing MPLS VPN in Provider's IP Backbone Luyuan Fang AT&T

For internal circulation of BSNLonly

MPLS: Key Factors to Consider When Selecting Your MPLS Provider

How To Understand The Benefits Of An Mpls Network

MPLS Implementation MPLS VPN

The Essential Guide to Deploying MPLS for Enterprise Networks

MPLS in Private Networks Is It a Good Idea?

ICTTEN6172A Design and configure an IP- MPLS network with virtual private network tunnelling

Building Trusted VPNs with Multi-VRF

IP/MPLS Networks for Public Safety

MikroTik RouterOS Introduction to MPLS. Prague MUM Czech Republic 2009

Implementing Cisco MPLS

Network Access Control (NAC)

A Migration Path to Software-Defined Networking (SDN) in an Enterprise Network

configure WAN load balancing

Top 14 best practices for building video surveillance networks

Sprint Global MPLS VPN IP Whitepaper

MPLS: Key Factors to Consider When Selecting Your MPLS Provider Whitepaper

AMPLS - Advanced Implementing and Troubleshooting MPLS VPN Networks v4.0

Reliable Airport IP Networks

How To Make A Network Secure

Overlay Networks and Tunneling Reading: 4.5, 9.4

Implementing Cisco Service Provider Next-Generation Edge Network Services **Part of the CCNP Service Provider track**

WHITEPAPER MPLS: Key Factors to Consider When Selecting Your MPLS Provider

IMPLEMENTING CISCO MPLS V2.3 (MPLS)

Network Virtualization Network Admission Control Deployment Guide

Configure Policy-based Routing

IP/MPLS-Based VPNs Layer-3 vs. Layer-2

IMPLEMENTING CISCO MPLS V3.0 (MPLS)

MPLS/IP VPN Services Market Update, United States

VPLS lies at the heart of our Next Generation Network approach to creating converged, simplified WANs.

Quidway MPLS VPN Solution for Financial Networks

CLOUD NETWORKING FOR ENTERPRISE CAMPUS APPLICATION NOTE

Demystifying Software-Defined Networking (SDN)

QoS Switching. Two Related Areas to Cover (1) Switched IP Forwarding (2) 802.1Q (Virtual LANs) and 802.1p (GARP/Priorities)

Addressing Inter Provider Connections With MPLS-ICI

The Keys for Campus Networking: Integration, Integration, and Integration

Transport for Enterprise VoIP Services

How Routers Forward Packets

Monitoring Service Delivery in an MPLS Environment

Evaluating Carrier-Class Ethernet Services

Enabling Solutions in Cloud Infrastructure and for Network Functions Virtualization

MPLS-Enabled Network Infrastructures

Simwood Carrier Ethernet

MPLS-based Virtual Private Network (MPLS VPN) The VPN usually belongs to one company and has several sites interconnected across the common service

IP Security and Surveillance Allied Telesis Enhanced IP Camera Video Surveillance Solutions

EVOLVING ENTERPRISE NETWORKS WITH SPB-M APPLICATION NOTE

Cisco Dynamic Multipoint VPN: Simple and Secure Branch-to-Branch Communications

Introducing Basic MPLS Concepts

Master Course Computer Networks IN2097

WHITE PAPER. Addressing Inter Provider Connections with MPLS-ICI CONTENTS: Introduction. IP/MPLS Forum White Paper. January Introduction...

Internetworking II: VPNs, MPLS, and Traffic Engineering

MP PLS VPN MPLS VPN. Prepared by Eng. Hussein M. Harb

Rohde & Schwarz R&S SITLine ETH VLAN Encryption Device Functionality & Performance Tests

Introduction to MPLS-based VPNs

Network Virtualization with the Cisco Catalyst 6500/6800 Supervisor Engine 2T

Analyzing MPLS from an ROI Perspective

AT&T Managed IP Network Service (MIPNS) MPLS Private Network Transport Technical Configuration Guide Version 1.0

Cisco Catalyst 3750 Metro Series Switches

SBSCET, Firozpur (Punjab), India

Virtual Private LAN Service (VPLS)

MPLS L2VPN (VLL) Technology White Paper

Table of Contents. Cisco Configuring a Basic MPLS VPN

Kushiro City Hospital, Japan, selects Allied Telesis to provide a powerful controlled access network in a medical environment.

APPLICATION NOTE 211 MPLS BASICS AND TESTING NEEDS. Label Switching vs. Traditional Routing

Transcription:

Solutions Guide Ethernet-based Network Virtualization for the Enterprise

Introduction The concept of Tunnelling Layer 2 and Layer 3 connections across a shared Layer 2 network used to be the preserve of network service providers. These days however, it is also common for an Enterprise network to be based around this model. It provides an effective solution in any number of situations where an Enterprise network consists of semi-autonomous entities that need to share common central connectivity. For example: connecting independent departments in a campus environment shared LAN services within a large hospital providing connectivity within an airport for airlines, retailers, regulatory agencies, and so on access to shared resources within a school district a municipal network connecting multiple local government agencies providing connectivity for tenants in an MTU or a retail mall In all of these cases, the key requirement is to build a single central network that allows individual entities to overlay their own virtual networks over this shared infrastructure. Invariably, the accompanying requirements are: Security - no data leakage between different Virtual Private Networks (VPNs) Resilience - rapid recovery in the event of link or node failure in the central network Flexibility - options to provide tunnelling at Layer 2 or Layer 3 Quality of service - low latency and very little traffic loss for real-time services Simplicity - easy to manage, and easy to troubleshoot At present, there is no established name for this type of network infrastructure. This document will refer to it as a Shared Layer 2 Backbone. Allied Telesis provides a robust, scalable Shared Layer 2 Backbone implementation that meets all of the requirements above, and more. List of terms Multiprotocol Label Switching (MPLS) A mechanism that directs data from one network node to the next based on short path labels rather than long network addresses, avoiding complex lookups in a routing table. Shared Layer 2 Backbone This document uses this term to refer to the concept of tunnelling Layer 2 and Layer 3 connections over a shared Layer 2 network. Virtual Routing and Forwarding (VRF) This technology allows multiple routing domains to co-exist within the same device at the same time. Routing domains are independent, so overlapping IP addresses can be used without causing conflict. This enables multiple virtual IP networks to exist independently on the same physical network. VLAN double tagging (Q-in-Q) A process in which an ethernet switch appends an extra VLAN tag onto packets that it receives on certain ports. This enables multiple VLANs to be tunneled across a layer-2 network, encapsulated within another VLAN 2 Ethernet-based Network Virtualization for the Enterprise alliedtelesis.com

Allied Telesis solution Allied Telesis have long recognized that future of the modern data network lies with IP over Ethernet. The steady decline in other protocols has been, and continues to be, inexorable. As such, IP and Ethernet are at the heart of the Allied Telesis implementation of the Shared Layer 2 Backbone. The tenant s VLAN structure is encapsulated in a single QinQ VLAN for secure high speed access across their own virtual network to other office space, the data center and Internet. VLAN A Management VLAN Sales B VLAN C Service The ability to support Layer 2 and Layer 3 VPNs using Allied Telesis equipment, requires an infrastructure that utilises the following 3 key technologies: 1. Virtual Routing and Forwarding Lite (VRF-lite) VLAN 3 x900-24xt Tenant 3 VLAN 3 x900-24xt VLAN 1 Tenant 1 VLAN 2 Tenant 2 This is required to maintain separation between the different IP networks within the Shared Layer 2 Backbone VLAN 3 VLAN 4 Tenant 3 x600-24ts 2. Ethernet Protected Switching Ring (EPSR) This provides path resiliency, with extremely rapid (50ms) recovery Data Center SwitchBlade x908 Tenant 4 3. VLAN Double Tagging This provides Layer 2 tunnelling across the shared backbone Tenant 1 Tenant 2 Tenant 3 Tenant 4 AR750S Router Internet The example on the right illustrates an implementation of this: Figure 1 Ethernet-based Network Virtualization for the Enterprise 3

How it works This section examines in more detail how each of the 3 key technologies contributes to the solution. 1. VRF-Lite provides Layer 3 virtualisation VRF-Lite enables completely separate IP networks to be overlaid on the same physical infrastructure. The network s routers maintain separate routing tables for individual IP networks, and separate instances of routing protocols (OSPF, RIP or BGP) to populate the separate routing tables. The IP networks, referred to as VRF instances, operate as completely functioning routing domains, with routes that are dynamically exchanged within each domain. However, the VRF-Lite functionality on the Allied Telesis Layer 3 switches ensures total separation between the different routing domains. The following example shows Allied Telesis -series switches performing VRF-lite, and thus acting as the Provider Edge (PE) switches in the Shared Layer 2 Backbone: Virtual Network #3 Virtual Network #2 Virtual Network #1 Physical Network Figure 2 4 Ethernet-based Network Virtualization for the Enterprise alliedtelesis.com

Different VRF instances are connected to different ports on the customer-facing side of the switch. The VRF instances are each associated with a VLAN, so that on the provider side of the switch, the VLAN tags on the packets indicate which VRF they are associated with. The following example illustrates this: VLAN Tag 30 VRF 30 packet VLAN Tag 10 VLAN Tag 20 VRF 10 packet VRF 20 packet VRF Instance 30 VRF Instance 20 Provider side VRF Instance 10 Customer side Figure 3 Quality of Service (QoS) marking can be applied to the packets as they are Layer 3 switched within the VRF instances. Policies defined in the PE switches determine the CoS values that are inserted into the packets VLAN tags. The switches within the shared Layer 2 backbone then apply QoS (I.e. prioritization, policing, and shaping) based on these CoS values. Ethernet-based Network Virtualization for the Enterprise 5

2. EPSR provides a resilient Layer 2 network EPSR provides a highly responsive resilient Layer 2 network. Based on Ethernet rings, with EPSR your network can recover from lost nodes or links in 50ms or less. This provides the level of resilience required for real time applications. Simple to set up, and with very little operational overhead, EPSR uses a simple Ethernet-based protocol to protect Layer 2 rings. The EPSR-based backbone is very flexible: There is no limit on the number of nodes in an EPSR ring. The topology can consist of multiple rings, using EPSR superloop. The links in a ring can be copper or fibre, and of any bandwidth. Copper links and fibre links can exist in the same ring. Links in the ring can be aggregated. A variety of Allied Telesis products, stacked or unstacked, can be joined in an EPSR ring As well as being flexible in design, the backbone is simple to expand - you can add new nodes or more bandwidth with almost no service interruption. Data that is allocated per-vrf VLAN tags can be transported through this resilient backbone without any extra tagging or encapsulation. The following diagram shows pair of EPSR rings with VRF routers attached. The coloured paths show the routes that different VRFs use to traverse the EPSR rings. EPSR Ring VRF 1 VRF 2 1 2 Figure 4 6 Ethernet-based Network Virtualization for the Enterprise alliedtelesis.com

3. Layer 2 tunnelling with VLAN double tagging Routing traffic across the shared backbone using L3 VPNs does not suit all situations - in some cases, it is preferable to simply tunnel VLANs directly across the backbone. The Allied Telesis solution supports this with VLAN double tagging (Q-in-Q). You can provision double tagging on a per-port basis, and it can be performed on the same Layer 3 switches that are providing VRF-lite routing. The following diagram illustrates 3 switches that are connected to an EPSR ring. One switch is performing double tagging and VRF. Double-tagged traffic goes to one of the other switches, and the VRF traffic goes to the other. EPSR Ring VRF routed traffic Double tagged traffic Figure 5 Ethernet-based Network Virtualization for the Enterprise 7

SBx908 Scalable design options The family of switches can themselves form the shared backbone, or they can provide a distribution layer that feeds into a Layer 2 backbone consisting of highly reliable components. For example, x908 stacks, an SBx8100 chassis, or an imap chassis if street side deployment is required. The diagram to the right shows an EPSR ring of switches with combined districbution and back bone layers: Figure 6: Combined distribution and back bone Combined distribution and back bone The diagram below shows switches connecting into an EPSR ring consisting of an x908 stack, a SwitchBlade x8100 chassis, and an imap, with separate distribution and back bone layers: SBx8100 imap Figure 7: Separate distribution and back bone layers 8 Ethernet-based Network Virtualization for the Enterprise alliedtelesis.com

Comparison with MPLS A number of enterprises have employed MPLS to implement their shared Layer 2 backbone. This section compares the Allied Telesis IP-over-Ethernet solution with an MPLS-based solution. It shows the claimed benefits of an MPLS-based solution, and considers whether or not it really does have an advantage over the IP-over-ethernet solution. Table 1: MPLS claims and reponses claim made foe mpls solution Switching in the backbone is the most efficient, as it is based on just the MPLS label. response In a pure Ethernet backbone, switching is based only on VLAN tagging, which is equally as efficient. MPLS hides IP addressing, so separate networks that use overlapping IP address ranges can share the same backbone switches. MPLS is a multi-protocol solution, so protocols other than IP can be transported across the backbone. The key enabling technology for the separation of IP domains is VRF. It is just as effective to use VLAN tagging to confine traffic into VRF instances as it is to use MPLS labels. VLAN double-tagging is equally as multi-protocol as MPLS. The process of using a VLAN to encapsulate another VLAN for transportation across the backbone places no restriction on any higher-layer protocols being carried within the encapsulated VLAN. MPLS sets up label paths automatically, without any need to statically configure the path. Although the VLAN membership must be statically configured on backbone network ports, two points should be considered: 1. Configuring VLAN membership on ports is very simple, and can even be scripted. 2. In an Enterprise, the addition of a new entity in need of network separation is not a frequent event. So, in an Enterprise network, the total operational cost saving provided by MPLS s automatic path creation is very little. MPLS provides QoS functionality. Ethernet CoS marking enables QoS to be applied to different traffic types. In the end, the QoS marking scheme is not important. The important factors in QoS are: 1. the richness of the policy engines in the distribution switches, and 2. the power of the prioritization, policing and shaping features in the backbone switches. These factors are agnostic to which protocol is carrying the QoS marking in the packets. MPLS can quickly re-route around broken links. EPSR is an extremely effective mechanism for link recovery. Advantages of an IP-over-Ethernet solution There are many advantages of an IP-over-Ethernet solution. The Allied Telesis solution is simple, reliable and effective. The major advantage is simplicity. Using MPLS in the backbone network adds an extra layer of complexity for no value. VLAN tagging is a simple and familiar technology. Given that mapping tunnels onto VLAN tags provides and effective solution, there is no need to employ another separate protocol for applying labels to tunnelled traffic. Static configuration of VLAN membership on backbone ports avoids the need to understand and troubleshoot any path establishment protocol. Backbone switch configuration can be kept very simple. Additionally, using a pure IP-over-Ethernet solution lets you avoid being locked into having to use MPLS-capable equipment. Removing unnecessary elements from the solution, and keeping with more universal technologies broadens the range of options for equipment to use in the shared network. Ethernet-based Network Virtualization for the Enterprise 9

About Allied Telesis, Inc. Allied Telesis is a leading global provider of high-quality, flexible, and interoperable network solutions. Founded in 1987 and publicly held in Japan, the Company operates manufacturing, R&D, support, and sales offices worldwide, servicing customers in key markets including government, healthcare, defense, education, retail, hospitality and network service providers. Allied Telesis provides standards-based, reliable video, voice and data network solutions for mission-critical applications. Delivering high-performance, future-proof and fully endto-end solutions, Allied Telesis works closely with customers and partners worldwide to build lasting relationships, partnerships and alliances. For further information visit us online at alliedtelesis.com Americas Headquarters 19800 North Creek Parkway Suite 100 Bothell WA 98011 USA T: +1 800 424 4284 F: +1 425 481 3895 Asia-Pacific Headquarters 11 Tai Seng Link Singapore 534182 T: +65 6383 3832 F: +65 6383 3830 EMEA & CSA Operations Incheonweg 7 1437 EK Rozenburg The Netherlands T: +31 20 7950020 F: +31 20 7950021 alliedtelesis.com 2013 Allied Telesis Inc. All rights reserved. Information in this document is subject to change without notice. All company names, logos, and product designs that are trademarks or registered trademarks are the property of their respective owners. C618-31030-00 RevA

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information