Technology Comparison: Cisco Overlay Transport Virtualization and Virtual Private LAN Service as Enablers of LAN Extensions



Similar documents
Cisco Unified Computing Virtualization Services

Cisco Data Center Virtualization Assessment Service

Cisco Director Class SAN Planning and Design Service

Cisco Virtual Desktop Infrastructure Planning and Design Service

Release Notes for Cisco IronPort Security Plug-in 7.1

Collaboration: Know Your Enthusiasts and Laggards

Cisco Wide Area Application Services Optimizes Application Delivery from the Cloud

Data Centre Disaster Recovery and Business 4 Continuance

Medical Data Exchange A New Approach to Healthcare Interoperability

Cisco Data Center Architecture Assessment Service

Release Notes for Cisco IronPort Security Plug-in 7.2

Cisco Smar t Busines s Communications System IP Phone Por tfolio

PCI Compliance: Improve Payment Security

Cisco TelePresence Solutions

Accessibility Guidelines for Cisco Unified Contact Center Management Portal

Cisco UCS B200 M1 and UCS B250 M1 Blade Servers. Table 1 compares the features of the Cisco UCS B-Series Blade Servers.

Cisco IronPort M-Series Security Management Appliance

Cisco Data Center Business Continuity Planning Service

Best Practices for Monitoring Cisco Unity Devices with Cisco Unified Operations Manager

Cisco Unified Reporting Administration Guide

Cisco WAP4410N Wireless-N Access Point: PoE/Advanced Security Cisco Small Business Access Points

Configuring Cisco Unified Communications Manager for the NovaTec TransNova S3 Voice Gateway

Cisco Unified Attendant Console Backup and Restore Guide

Authentication on the Cisco IronPort Web Security Appliance

Cisco Aironet Dual Band MIMO Low Profile Ceiling Mount Antenna (AIR-ANT2451NV-R)

How To Use The Cisco Cisco Uu 560 (Cisco U560) For A Phone Or Computer (Cio 560)

Transferring Files Using HTTP or HTTPS

Configuring the SA 500 for Active Directory Authentication of VPN Clients 2. Establishing a SSL VPN Connection By Using a Different Port Number 35

Terminal Services Overview

How To Create A Security Solution For Retail Banking

Data Center Infrastructure Design Guide 2.1 Readme File

Cisco Small Form-Factor Pluggable Modules for Gigabit Ethernet Applications

Analog Channel Re-Creation Using the Digital Service Access Node

Meeting 21st-Century Healthcare Challenges: A Smart+Connected Health Approach

Cipher Suites and WEP

Cisco Unified Wireless IP Phone 7925G Accessory Guide

Design Guide for the Cisco Unified Videoconferencing Solution Using Desktop Component Release 7.1

Cisco Unified Videoconferencing 5100 & 5200 Series Products

Cisco Unified Wireless IP Phone 7925G Accessory Guide

Chapter 7 10 Gigabit Ethernet Connectivity with Microsoft Windows Servers

Cisco IronPort Hosted and Hybrid Hosted Security Services

Cisco AP 541N Wireless Access Point Part of the Cisco Small Business Pro Series

Cisco TelePresence System 3010

Cisco 100-Megabit Ethernet SFP Modules Compatibility Matrix

Hardware and System Software Specification for Cisco Unified Web and Interaction Manager

Cisco SA 500 Series Security Appliances

Cisco IronPort Encryption Appliance Release Notes

Cisco TelePresence System 3000

Cisco Fabric Manager 5.0: Visibility and Control for the Unified Data Center

Converging SAN and LAN Infrastructure with Fibre Channel over Ethernet for Efficient, Cost-Effective Data Centers

Connecting Cisco Serial High-Speed WAN Interface Cards

Danish Train Operator Gets Customer Service Back On Track

OVERLAYING VIRTUALIZED LAYER 2 NETWORKS OVER LAYER 3 NETWORKS

Next-Generation Cisco Unified Communications Platform Accelerates Return on Investment. White Paper

Release Notes for Cisco Support Tools Release 2.4(1)

Cisco Dynamic Workload Scaling Solution

Cisco Unified Contact Center Express Port Utilization Guide

Connecting Cisco Fast Ethernet ISDN PRI Network Modules to the Network

Cisco IronPort C370 for Medium-Sized Enterprises and Satellite Offices

Cisco IronPort X1070 Security System

HIGHLIGHTS. Executive Summary

How to Register, Start, and Access a Cisco Online Exam

This feature was introduced. This feature was integrated in Cisco IOS Release 12.2(11)T.

Cisco Smart Services for Small and Medium Business: Solutions for Your Success

Next-Generation Managed Services: A Window of Opportunity for Service Providers

Cisco TelePresence System 3200

Cisco Registered Envelope Recipient Guide

Constraining IP Multicast in a Switched Ethernet Network

Cisco TelePresence System 3210

Cisco Network Planning Solution Documentation Guide and Supplemental License Agreement

Cisco Unified IP Phone 6901 and 6911 User Guide for Cisco Unified Communications Manager 8.0 (SCCP)

System Message Logging

VPLS Technology White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date

ETHERNET VPN (EVPN) NEXT-GENERATION VPN FOR ETHERNET SERVICES

Production Software Within Manufacturing Reference Architectures

Cisco Small Business Solutions for Insurance Agencies.

Cisco Nexus 7000 Series NX-OS Layer 2 Switching Command Reference, Release 4.2

Virtual PortChannels: Building Networks without Spanning Tree Protocol

Cisco Cloud Security: Choosing the Right Security Deployment

Network Virtualization Network Admission Control Deployment Guide

Demonstrating the high performance and feature richness of the compact MX Series

Cisco Data Center Infrastructure Design Guide 2.1 Release Notes

Virtual Private LAN Service on Cisco Catalyst 6500/6800 Supervisor Engine 2T

Cisco Smart Care Services Questions and Answers About the Voice Quality Monitor Service

Cisco Aironet 5-GHz MIMO 6-dBi Patch Antenna (AIR-ANT5160NP-R)

Cisco WebEx Enabled TelePresence Configuration Guide

CHAPTER 10 LAN REDUNDANCY. Scaling Networks

CLOUD NETWORKING FOR ENTERPRISE CAMPUS APPLICATION NOTE

Cisco GLBP Load Balancing Options

BGP Multipath Load Sharing for Both ebgp and ibgp in an MPLS-VPN

VXLAN: Scaling Data Center Capacity. White Paper

Transforming Media Production with Digital Workflows

How To Install A Cisco Cisco Cs (Windows) On A Hard Drive With A Harddrive (Windows 3.3) On An External Hard Drive (Windows 2003) On Your Computer (Windows 2007)

Cisco Certified Network Professional - Routing & Switching

Expert Reference Series of White Papers. Planning for the Redeployment of Technical Personnel in the Modern Data Center

Securing Manufacturing Computing and Controller Assets

ETHERNET VPN (EVPN) OVERLAY NETWORKS FOR ETHERNET SERVICES

Cisco Dynamic Multipoint VPN: Simple and Secure Branch-to-Branch Communications

Top-Down Network Design

Transcription:

Technology Comparison: Cisco Overlay Transport Virtualization and Virtual Private LAN Service as Enablers of LAN Extensions What You Will Learn Geographically dispersed data centers provide added application resiliency and workload allocation flexibility. To gain these benefits, the network must provide Layer 2 and 3 and storage connectivity between data centers. Connectivity must be provided without compromising the autonomy of data centers or the stability of the overall network. The attributes of the Cisco Overlay Transport Virtualization (), Virtual Private LAN Service (), and Cisco s enhancements are compared in the context of the challenges posed when providing LAN extensions for enterprises. Solutions should: Be nondisruptive (transparent to the core and sites) Be transport agnostic Be multihomed and multipathed Preserve failure isolation between data centers Technology decision makers, IT managers, and network architects will find this document useful in understanding the merits of and. The Need for LAN Extensions Businesses face the challenge of providing very high availability for applications while maximizing infrastructure utilization and keeping operating expenses low. Applications must be available any time and anywhere with optimal response times. The deployment of geographically dispersed data centers allows the IT designer to put in place effective disasteravoidance and disaster-recovery mechanisms that increase the availability of the applications. Geographic dispersion also enables optimization of application response through improved facility placement and allows flexible mobility of workloads across data centers to avoid demand hotspots and fully utilize available capacity. To enable all the benefits of geographically dispersed data centers, the network must extend Layer 2 connectivity across the diverse locations. LAN extensions may be required at different layers in the data center to enable the resiliency and clustering mechanisms offered by the different applications at the web, application, and database layers. Also of importance are the Layer 3 and storage connectivity requirements. This document focuses on the Layer 2 connectivity requirements and how they are best met. LAN Extensions Compared to Layer 2 Transport Services Enterprises and service providers have different views on the use of Layer 2 virtual private networks (VPNs). Service providers have requirements that derive from their need to offer a very large number of Layer 2 VPNs as a transport service to a multitude of customers. The technical requirements of service providers are therefore very different from those of the enterprise seeking LAN extensions between data centers. was specifically designed to address the challenges of LAN extensions between data centers. To meet the technical challenges of a provider network, Cisco continues to provide innovative and industry-leading technology, offering transport services for which Multiprotocol Label Switching (MPLS) based technologies are optimized. 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 5

Just as service providers and enterprises face different challenges, they also require different solutions. Note that some enterprises are structured like service providers and may face some of the same challenges as service providers. Because some challenges are shared, Cisco has designed all MPLS and IP-based transport solutions to be compatible and complementary. For provider- like enterprises, the use of MPLS technologies across the organization can be beneficial, yet certain services may be better addressed by using an IP-based solution such as. For example, an enterprise may have an MPLS backbone that provides Layer 3 VPNs and traffic engineering services, while providing inter data center LAN extensions with. All traffic, including traffic, will benefit from MPLS-based services in the backbone (traffic engineering fast reroute [TE-FRR]) while optimal LAN extensions are provided by. Challenges of LAN Extensions Extending the LAN across multiple data centers creates a series of challenges that are different from the challenges faced by service providers providing transport services: Maintaining site independence: The extension of Layer 2 domains across multiple data centers can cause the data centers to share protocols and failures that would normally have been isolated when interconnecting data centers over an IP network. These failures propagate freely over the open Layer 2 flood domain. A solution that provides Layer 2 connectivity yet restricts the reach of the flood domain is necessary to contain failures and preserve the resiliency achieved by the use of multiple data centers. Transport independence: The nature of the transport between data centers varies depending on the location of the data centers and the availability and cost of services in the different areas. A cost-effective solution for the interconnection of data centers must be transport agnostic and give the network designer the flexibility to choose any transport between data centers based on business and operational preferences. An IP-capable transport is the most generalized offering and provides flexibility and enables long-reach connectivity. A solution capable of using an IP transport is expected to provide the most flexibility. Multihoming and end-to-end loop prevention: LAN extension techniques should provide a high degree of resiliency, and therefore multihoming of the Layer 2 sites onto the VPN is required. Mechanisms must be provided to prevent loops that may be induced when connecting bridged networks that are multihomed. Bandwidth utilization with replication, load balancing, and path diversity: When extending Layer 2 domains across data centers, the use of available bandwidth between data centers must be optimized to obtain the best connectivity at the lowest cost. Balancing the load across all available paths while providing resilient connectivity between the data center and the transport network requires added intelligence above and beyond that available in traditional Ethernet switching and Layer 2 VPNs. Multicast and broadcast traffic should also be replicated optimally to reduce bandwidth consumption. Scalability and topology independence: As LAN extensions are deployed in the data center, it is important to provide solutions that do not affect the network design and can therefore be deployed at any point in the topology. This flexibility will usually demand high scalability of the LAN extension solution as the number of edge devices increases as capabilities are pushed toward the data center access. VLAN and MAC address scalability: The extension of LANs between data centers requires the simultaneous extension of multiple VLANs. Furthermore, in some applications, duplicate VLAN IDs will be in use, and these must be carried independently of each other yet on a common LAN extension. As sites are interconnected, the number of MAC addresses involved will grow, since the MAC address space cannot be summarized; this can become a problem and limit the reach of the solution if not handled correctly. Complex operations: Layer 2 VPNs can provide extended Layer 2 connectivity across data centers, but will usually involve a mix of complex protocols, distributed provisioning, and an operationally intensive 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 5

hierarchical scaling model. A simple overlay protocol with built-in capability and point-to-cloud provisioning is crucial to reducing the cost of providing this connectivity. How and Meet the Challenges of LAN Extensions Table 1 summarizes the different ways that and meet the challenges of LAN extensions. Table 1. Comparison of and Preservation of Site Independence conveys MAC address reachability information in a control protocol. The flooding of unknown unicast traffic can be suppressed from the overlay as these are not required to trigger MAC address learning. Flooding anomalies are contained within a single site. The control protocol can carry MAC address to IP mappings and use them to populate the Address Resolution Protocol (ARP) cache on the different edge devices. Edge devices will serve as ARP proxies and allow the suppression of ARP broadcasts across the overlay. ARP storms will not propagate across sites. has built-in filtering capabilities to localize the most common linklocal networking protocols (Spanning Tree Protocol, VLAN Trunking Protocol [VTP], Hot Standby Router Protocol [HSRP], etc.) and prevent them from traversing the overlay. This feature prevents protocol failures from propagating across sites. The localization of First-Hop Resiliency Protocols (HSRP, Virtual Router Redundancy Protocol [VRRP], etc.) both isolates failures and helps ensure optimal routing. relies on flooding to propagate MAC address reachability information. Therefore, flooding cannot be prevented. does not have a control protocol capable of associating information with particular MAC addresses at an appropriate scale. Controlling ARP traffic and other network events is not practical without the addition of a control protocol. 1 allows the suppression of Spanning Tree Protocol and VLAN distribution protocols such as VTP and Generic VLAN Registration Protocol (GVRP). does not provide integrated mechanisms to maintain First Hop Resiliency Protocols such as HSRP, VRRP, or Gateway Load-Balancing Protocol (GLBP) localized. Transport Independence The overlay nature of allows it to work over any transport as long as this transport can forward IP packets. Any optimizations performed for IP in the transport will benefit the encapsulated traffic. requires a label-switched transport to function. This approach is best when an MPLS transport is available. When an MPLS transport is not available, variants such as over Generic Routing Encapsulation (GRE) allow the deployment of a solution over a mesh of IP GRE tunnels. Multihoming and End-to-End Loop Prevention As part of the control protocol, automatic detection of multihoming is included. This feature enables the multihoming of sites without requiring additional configuration or protocols. requires the addition of specific protocols to provide multihoming. Some examples of protocols that must be added to include Border Gateway Protocol (BGP) with multihoming extensions, Interchassis Communication Protocol (ICCP) and Multichassis Link Aggregation Control Protocol (MLACP), Cisco IOS Software Embedded Event Manager (EEM), and Multiple Spanning Tree (MST). Cisco eliminates the need for these protocols by using device clustering solutions that allow multihoming that is transparent to the cloud. With the use of virtual switching system (VSS) technology, a pair of provider edge devices can appear as a single device for the purpose of providing dual-active multihoming of sites without the need for any additional protocols. provides per-vlan single active edge device multihoming by default. When combined with virtual PortChannel (vpc), Cisco Layer 2 multipathing, or Transparent Interconnection of Lots of Links (TRILL) technology, can offer all-active multihoming. Up to 16 active edge devices can be used per site in, allowing continuity of Cisco Layer 2 multipathing and TRILL clouds as they are extended over. All multihoming schemes for focus on reducing the multiple provider-edge devices on a site to a single active device. Cisco benefits from the capability to consolidate two provider-edge devices into a single device using VSS to provide active-active dual homing. Bandwidth Utilization: Replication, Load Balancing, and Path Diversity uses native IP multicast to help ensure optimal replication of uses a full mesh of point-to-multipoint (P2MP) tunnels to prevent 1 IP-only LAN service (IPLS), because of its static nature, is not appropriate for the volume of hosts that must be handled per site in a LAN extension service. 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 5

multicast, broadcast, and signaling traffic. headers are defined to allow the core to hash traffic based on fivetuples of Layer 2, 3, and 4 information and distribute traffic over multiple paths to avoid polarization of encapsulated traffic. 2 allows effective load balancing of flows across the multiple edge devices available in an all-active multihomed deployment. Load balancing follows equal-cost multipath (ECMP) rules based on the information provided by the control protocol. Hashing is performed based on Layer 2 through 4 information. head-end replication of multicast traffic. The addition of FAT-pseudowire (FAT-PW) gives Cisco (and all MPLS services) an effective mechanism for distributing the load over multiple paths in the backbone based on Layer 2 through 4 information and thus avoiding tunnel polarization. Since is intrinsically single homed for all active-path forwarding purposes, per-flow load balancing is not possible in. Cisco overcomes this limitation by using VSS to provide dual-active provider-edge multihoming. Scalability and Topology Independence is designed to scale to a relatively large density of edge devices (in the hundreds). This capability is a critical element in deciding where in the data center the functions should be deployed. A convenient place to deploy the required edge devices is the aggregation layer in the data center network. This placement simplifies network design and operations by taking the existing Layer 2 domains directly into an overlay when required. Positioning the edge devices in the aggregation layer requires a solution capable of supporting a high number of edge devices, and provides the required scalability. Placing the edge devices elsewhere in the network (at the WAN edge, for example) would require additional hardware to extend the Layer 2 domains from the aggregation layer to the edge devices, increasing the network complexity and operational burden. is designed to include a few provider edge devices (40 to 60). If the number of provider edge devices is large, schemes like Hierarchical (H-) are required. Use of H- is equivalent to placing the provider edge devices at the data center edge and adding Ethernet over MPLS (EoMPLS) or IEEE QinQ to aggregate traffic to the provider edge devices. Clearly, there are many elements to be maintained in such a model, and this poses strict topological restrictions on the deployment of. The use of BGP signaling in enables greater scalability, does not require H-, and removes the topological constraints discussed. VLAN and MAC Address Scalability intrinsically carries traffic for multiple VLANs over a single overlay. has built-in hierarchical identifiers that allow the scaling of the VLAN ID space beyond the 4K VLANs possible in a single 802.1Q domain. can carry a single VLAN per instance. To multiplex multiple VLANs on a single instance, uses IEEE QinQ. To scale beyond 4K VLANs using a single instance, requires the assistance of external devices in the site to provide additional IEEE QinQ encapsulation that can be transported transparently in the single instance. Cisco is enhanced to support more than 4K per instance without the assistance of external devices and with a simplified configuration model. For the first release of, MAC addresses in the overlay are learned on all sites. However, VLANs can be scoped to the sites where they are relevant, which reduces the size of the tables based on the site. also can provide conversational programming of the forwarding tables to save relies on flooding, and therefore all MAC addresses are learned at all sites. Since multiple VLANs must be hidden from with IEEE QinQ encapsulation, VLAN scoping is not really an option and all MAC addresses are learned everywhere. valuable hardware memory space. 3 Cisco enables much more efficient handling of the IEEE 802.1Q headers, allowing VLAN pruning and benefiting MAC address scalability. Complex Operations provides a single protocol to address the different requirements posed by LAN extensions. provides autodiscovery mechanisms that are built into the single protocol and allow point-to-cloud provisioning with zero impact on existing sites. requires many protocols to address the different LAN extension challenges. BGP for autodiscovery; Label Distribution Protocol (LDP) for pseudowire establishment; BGP, ICCP, MLACP, and Cisco IOS EEM for multihoming; P2MP LDP for multicast distribution; BGP and Next-Hop Resolution Protocol (NHRP) for GRE tunnel establishment if is used over GRE; etc. Cisco simplifies much of this complexity by eliminating the need for some of these add-on protocols and concealing others behind an enterprise-class provisioning model. has been designed with automated processes and little need to use the command-line interface (CLI). Deployment of does not affect the existing network, and therefore can be transparently overlaid without losing site independence or altering the behavior of core or site protocols. Due to the proliferation of protocols, the CLI can be rather busy. Cisco has many enhancements to consolidate CLI operations and simplify operations. needs to be carefully designed into the network, which limits flexibility. Conclusion Cisco provides significant enhancements to and continues to invest in the development of innovative technologies for. Simultaneously, Cisco continues to achieve innovation with new technologies like that 2 User Datagram Protocol (UDP) headers for are not available at first customer shipment (FCS). 3 Feature will be available after FCS. 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 4 of 5

are the product of years of experience. Both technologies have their advantages and disadvantages for the specific application of LAN extensions in the data center interconnect (DCI) space, but provides a much simpler approach. For More Information Cisco Nexus 7000 Series Switches: http://www.cisco.com/go/nexus7000. Americas Headquarters Cisco Systems, Inc. San Jose, CA Asia Pacific Headquarters Cisco Systems (USA) Pte. Ltd. Singapore Europe Headquarters Cisco Systems International BV Amsterdam, The Netherlands Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at www.cisco.com/go/offices. CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card, and One Million Acts of Green are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, ilynx, IOS, iphone, IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0910R) Printed in USA C11-574984-00 01/10 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 5 of 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information