overlay transport virtualization - talk 2 cisco · 2011-05-16 · cisco expo © 2011 cisco and/or...
Post on 29-Jul-2020
12 Views
Preview:
TRANSCRIPT
Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved. 1Cisco Expo
Cisco Expo
2011
Overlay Transport Virtualization
T-DC1/L3
Miroslav Brzek
Systems Engineer
mibrzek@cisco.com
2© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Challenges with traditional DCI LAN extension solutions
• OTV Architecture Principles
Control Plane and Data Plane
Failure Isolation
Multi-homing
MAC mobility
Configuration Examples
• OTV System Requirements
• OTV Deployment Options
• L2 Extension and Path Optimization Challenges
3© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Flooding Based Learning
Traditional Layer 2 VPN technologies rely on flooding to propagate MAC reachability.
The flooding behavior causes failures to propagate to every site in the L2-VPN.
• Pseudo-wires and Tunnels Maintenance
Before any learning can happen a full mesh of pseudo-wires/tunnels must be in place.
Head-end replication for multicast and broadcast. Sub-optimal BW utilization.
• Multi-homing
Require additional protocols to support Multi-homing. STP is often extended across the sites of the Layer 2 VPN.
Malfunctions on one site will likely impact all sites on the VPN.
4© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
Technology Pillars
OTV is a “MAC in IP” technique to extend Layer 2 domains
OVER ANY TRANSPORT
Protocol Learning
Built-in Loop Prevention
Preserve Failure
Boundary
Site Independence
Automated Multi-homing
Dynamic Encapsulation
No Pseudo-Wire State
Maintenance
Optimal Multicast
Replication
Multipoint Connectivity
Point-to-Cloud Model
First platform to support OTV starting with 5.0(3) release!
Nexus 7000
5© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Challenges with traditional DCI LAN extension solutions
• OTV Architecture Principles
Control Plane and Data Plane
Failure Isolation
Multi-homing
MAC mobility
Configuration Examples
• OTV System Requirements
• OTV Deployment Options
• L2 Extension and Path Optimization Challenges
6© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Edge Device: connects the site to the (WAN/MAN) core; responsible for performing all the OTV functions
• Internal Interfaces: interfaces of the Edge Devices that face the site. They behave as regular layer 2 interfaces.
• Join interface: interface of the Edge Device that faces the core. Typically point-to-point routed interface used by OTV to join the core multicast groups. Its IP address is used as the IP source address in the OTV encapsulation.
• Overlay Interface: logical multi-access multicast-capable interface. The overlay interface encapsulates Layer 2 frames in IP unicast or multicast headers.
OTV
Internal
Interfaces
CoreL2 L3
Join
Interface
Overlay
Interface
7© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
Neighbor Discovery and Adjacency Formation
• Before any MAC address can be advertised the OTV Edge Devices must build a neighbor relationship with each other
• The neighbor relationship can be built over:
a multicast-enabled transport infrastructure
an unicast-only transport infrastructure
8© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
Multicast-enabled
Transport
WestEast
South
OTV
OTV
Control Plane
OTV
Control Plane
OTV
Control
Plane
OTV OTV
IP AIGMP Report IGMP Report
IGM
P R
eport
IP B
IP C
Encap
2
OTV Hello3 Transport
Replication
IP A Mcast GOTV Hello IP A Mcast GOTV Hello
1
Decap
4
OTV Hello
IP A Mcast GOTV Hello
Decap
4
OTV Hello
IP A Mcast GOTV Hello
5
5
ASM Group
Neighbor Discovery over Multicast-Enabled Transport
9© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
Multicast-enabled
Transport
WestEast
South
OTV
OTV
Control Plane
OTV
Control Plane
OTV
Control
Plane
OTV OTV
IP AIGMP Report IGMP Report
IGM
P R
eport
IP B
IP C
Encap7
OTV Hello
8 Core
Replication
IP C Mcast GOTV Hello
Decap
9
IP C Mcast GOTV Hello
Decap
9
The West Site sees that
the hello contains its ID.
The OTV Adjacency is
Established
10
The South Site sends its
hello with West’s address
in the TLV
OTV Hello OTV Hello
6
ASM Group
From Bottom to
Top
Neighbor Discovery over Multicast-Enabled Transportc
10© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
MAC Address Advertisements (Multicast-Enabled Transport)• Every time an Edge Device learns a new MAC address, the OTV control plane will
advertise it together with its associated VLAN IDs and IP next hop.
• The IP next hops are the addresses of the Edge Devices through which these MACs addresses are reachable in the core.
• A single OTV update can contain multiple MAC addresses for different VLANs.
• A single update reaches all neighbors, as it is encapsulated in the same ASM multicast group used for the neighbor discovery.
Core
IP A
West
East
3 New MACs are
learned on VLAN 100
Vlan 100 MAC A
Vlan 100 MAC B
Vlan 100 MAC C
South-East
VLAN MAC IF
100 MAC A IP A
100 MAC B IP A
100 MAC C IP A
4
OTV update is replicated
by the core3
3
2
VLAN MAC IF
100 MAC A IP A
100 MAC B IP A
100 MAC C IP A
4
3 New MACs are
learned on VLAN 100
1
11© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
Transport
Infrastructure
OTV OTV OTV OTV
MAC TABLE
VLAN MAC IF
100 MAC 1 Eth 2
100 MAC 2 Eth 1
100 MAC 3 IP B
100 MAC 4 IP B
MAC 1 MAC 3
IP A IP BMAC 1 MAC 3
MAC TABLE
VLAN MAC IF
100 MAC 1 IP A
100 MAC 2 IP A
100 MAC 3 Eth 3
100 MAC 4 Eth 4
Layer 2
Lookup
5
IP A IP BMAC 1 MAC 3MAC 1 MAC 3Layer 2
Lookup
1 Encap
2
Decap
4
MAC 1 MAC 3West
SiteMAC 1
MAC 3East
Site
1. Layer 2 lookup on the destination MAC.
MAC 3 is reachable through IP B.
2. The Edge Device encapsulates the frame.
3. The transport delivers the packet to the
Edge Device on site East.
4. The Edge Device on site East
receives and decapsulates the
packet.
5. Layer 2 lookup on the original
frame. MAC 3 is a local MAC.
6. The frame is delivered to the
destination.
3
6
IP A IP B
12© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• OTV encapsulation adds 42 Bytes to the packet IP MTU size
Outer IP Header and OTV Shim Header in addition to original L2 Header
• The outer IP header is followed by an OTV shim header, which contains information about the overlay (vlan, overlay number, etc).
• The 802.1Q header is extracted from the original frame and the VLAN field copied over into the OTV shim header.
• The OTV Edge Devices do NOT perform packet fragmenting and reassembling. A packet failing the MTU is dropped by the Forwarding Engine
42 Byte encapsulation
6B 6B 2B 20B 8B
DMAC SMACEther
Type IP Header
Original Frame 4B
CRC
VL
AN
OTV Shim
802.1Q
DMAC SMAC Eth Payload802.1Q
To
SC
oS
13© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• OTV is able to leverage the multicast capabilities of the core.
• This is the summary of the Multicast groups used by OTV:
An ASM group used for neighbor discovery and to exchange MAC reachability.
A SSM group range to map the sites internal multicast groups to the mcast groups in the core, which will be leveraged to extend the mcast data traffic across the Overlay.
14© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
OTV Adjacency Server
• The use of multicast in the core provides significant benefits:
Reduces the amount of hellos and updates OTV must issue
Streamlines neighbor discovery, site adds and removes
Optimizes the handling of broadcast and multicast data traffic
• However OTV provides a solution for deployments where the core does not support multicast.
• For these cases OTV uses the Adjacency Server Mode of operation.
One of the OTV Edge Devices will be configured as an Adjacency Server and it will be responsible for communicating the IP addresses where the other Edge Devices can be reached.
15© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Challenges with traditional DCI LAN extension solutions
• OTV Architecture Principles
Control Plane and Data Plane
Failure Isolation
Multi-homing
MAC mobility
Configuration Examples
• OTV System Requirements
• OTV Deployment Options
• L2 Extension and Path Optimization Challenges
16© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
L2
L3
OTV OTV
Site Independence• OTV does not affect the STP topology of the site and in these terms OTV is totally site
transparent.
• Each site will have its own STP domain, which is separate and independent from the STP domains in other sites, even though all sites will be part of common Layer 2 domain.
• This functionality is built-in into OTV and as such no configuration is required to have it working.
• An Edge Device will send and receive BPDUs ONLY on the OTV Internal Interfaces.
The BPDUs
stop here
The BPDUs
stop here
17© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
L2
L3
OTV OTV
No longer flooding storms across the DCI• OTV does not leverage flooding to propagate the learning of the MAC addresses across
the overlay.
• No more requirements to forward unknown unicast over the overlay, therefore its forwarding is suppressed.
• Any unknown unicasts that reach the OTV edge device will not be forwarded to the overlay. This is achieved without any additional configuration.
• The assumption here is that the end-points connected to the network are not silent or uni-
directional.
MAC TABLE
VLAN MAC IF
100 MAC 1 Eth1
100 MAC 2 IP B
- - -
MAC 1 MAC 3
No MAC 3 in the
MAC Table
18© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
ARP Neighbor-Discovery (ND) Cache
• An ARP cache is maintained by every OTV edge device and is populated by snooping ARP replies.
• Initial ARP requests are broadcasted to all sites, but subsequent ARP requests are suppressed at the Edge Device and answered locally.
• OTV Edge Devices can thus reply to ARPs on behalf of remote hosts.
• ARP traffic spanning multiple sites can thus be significantly reduced.
Transport
Infrastructure
OTV
OTV
ARP Cache
MAC 1 IP A
MAC 2 IP B
ARP reply
2
First ARP
request (IP A)
1
Snoop & cache ARP reply
3
Subsequent ARP requests
(IP A)
4 ARP reply on behalf of
remote server (IP A)
5
19© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• STP isolation – No configuration required
No BPDUs forwarded across the overlay
STP remains local to each site
• Unknown unicast isolation – No configuration required
No unknown unicast frames flooded onto the overlay
Assumption is that end stations are not silent
Option for selective unknown unicast flooding (for certain applications)
• Proxy ARP cache for remote-site hosts – On by default
• Broadcast can be controlled based on a white list as well as a rate limiting profile.
Summary
20© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Challenges with traditional DCI LAN extension solutions
• OTV Architecture Principles
Control Plane and Data Plane
Failure Isolation
Multi-homing
MAC mobility
Configuration Examples
• OTV System Requirements
• OTV Deployment Options
• L2 Extension and Path Optimization Challenges
21© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
Per VLAN Authoritative Edge Device
• The detection of the multi-homing is fully automated and it does not require additional protocols and configuration
• OTV provides loop-free multihoming by electing a designated forwarding device per site for each VLAN
• The designated forwarder is referred to as the Authoritative Edge Device (AED).
forwards traffic to and from the overlay
advertises MAC addresses for any given site/VLAN
• The Edge Devices at the site peer with each other on the internal interfaces to elect the AED. The peering takes place over the OTV “site-vlan”. It’s recommended to use a dedicated VLAN as site-vlan.
OTV
OTV
AED
Internal peering for
AED election
22© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
AED and Broadcast/Multicast Handling
• Broadcast and multicast packets reach all Edge Devices within a site.
• The broadcast/multicast packet is replicated to all the Edge Devices on the overlay.
• Only the AED at each remote site will forward the packet from the overlay onto the site.
Core
OTV
OTV
OTV
AEDAED
Bcast
pkt
Broadcast
stops here
Broadcast
stops here
OTV
23© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
Per-VLAN Load Balancing
• In each site OTV elects one of the Edge Devices to be the Authoritative Edge Device (AED) for a subset of the extended VLANs
• The assignment of the VLANs to a particular AED is all automated (though predictable) in the first release. User control will come later in future software releases.
• OTV allows different flows to use different edge devices when a site is multi-homed.
Core
OTV
OTV
OTV
OTV
AEDAED
AEDAED
MAC TABLE
VLAN MAC IF
100 MAC 1 IP A
101 MAC 2 IP B
IP A
IP B
24© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Challenges with traditional DCI LAN extension solutions
• OTV Architecture Principles
Control Plane and Data Plane
Failure Isolation
Multi-homing
MAC mobility
Configuration Examples
• OTV System Requirements
• OTV Deployment Options
• L2 Extension and Path Optimization Challenges
25© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
OTV
AED
AED
OTV
OTV
OTV
MAC X
MAC X
MAC X
MAC X
Server Moves
MAC X
Local MAC = Blue
Remote MAC = Red
AED
OTV
MAC X
MAC X
AED
OTVWest
West East
MAC X
AED
MAC X
OTV
OTV East
OTV
OTVWest
AED
OTV
OTV
MAC X
MAC X MAC X
East
AED detects
MAC X is now
local.AED advertises MAC X
with a metric of zero
MAC X
EDs in site West see MAC X advertisement with a
better metric from site East and change them to
remote MAC address.MAC X
MAC X
26© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Challenges with traditional DCI LAN extension solutions
• OTV Architecture Principles
Control Plane and Data Plane
Failure Isolation
Multi-homing
MAC mobility
Configuration Examples
• OTV System Requirements
• OTV Deployment Options
• L2 Extension and Path Optimization Challenges
27© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
OTV CLI Configuration (Multicast-enabled Transport)
interface Overlay0
otv join-interface Ethernet1/1
otv control-group 239.1.1.1
otv data-group 232.192.1.0/24
otv extend-vlan 100-150
otv site-vlan 99
Connects to the core. Used to join the Overlay network.
Its IP address is used as source IP for the OTV encap
ASM/Bidir group in the core used for the
OTV Control Plane.
SSM group range used to carry the site’s
mcast traffic data.
Site VLANs being extended by OTV
VLAN used within the Site for communication
between the site’s Edge Devices
28© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Challenges with traditional DCI LAN extension solutions
• OTV Architecture Principles
Control Plane and Data Plane
Failure Isolation
Multi-homing
MAC mobility
Configuration Examples
• OTV System Requirements
• OTV Deployment Options
• L2 Extension and Path Optimization Challenges
29© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• OTV is supported on all existing and new M1 series line cards. No hardware upgrade is required.
• The current F series (Layer2-only) modules will not support OTV natively
• The F module’s interface will only be able to function as “Internal Interfaces” from the OTV stand point
• OTV is part of the 5.0(3) Bogota Maintenance Software Release
• OTV is part of the new Transport Services (TRS) license. The NTE price for this license is $25,000.
• To help the OTV adoption at its early stage we are offering a limited time promotional license: “N7K-TRS-P1” for Transport Services for just $5,000.
• The OTV license is per-chassis
30© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Challenges with traditional DCI LAN extension solutions
• OTV Architecture Principles
Control Plane and Data Plane
Failure Isolation
Multi-homing
MAC mobility
Configuration Examples
• OTV System Requirements
• OTV Deployment Options
• L2 Extension and Path Optimization Challenges
31© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• The OTV Edge Device can be located at the Aggregation Layer as well as at the Core Layer depending on the network topology of the site
• There are some limitations to the OTV-SVI coexistence which must be taken into consideration when deploying OTV at the Aggregation Layer
• On the Nexus 7000 a given VLAN can either be associated with an SVI or extended using OTV. In other words, currently on a Nexus 7000 OTV cannot coexist with SVIs.
• The separation between OTV and SVIs can be provided through the topology or by using a separate VDC for the OTV DCI
33© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Roles of the VDCs in the dual-vdc solution:
OTV
VDC
OTV
VDC
OTV VDCOTV Functionality
Aggregation VDCL2-L3 Separation - SVIs
STP Root/SecondaryvPC Peer
FHRPIGP to the CorePIM to the Core
Aggregation VDCL2-L3 Separation - SVIs
STP Root/SecondaryvPC Peer
FHRPIGP to the CorePIM to the Core
34© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
Connecting the OTV VDC
• Two different deployment models are considered for the OTV VDC based on the availability of uplinks to the DCI Transport:
OTV Appliance on a Stick
Inline OTV Appliance
• From an OTV functionality prospective there is NOT difference between the two models. The Inline OTV Appliance can provide better convergence results
Join Interface
Internal Interface
OTV Appliance on a Stick
OTV
VDC
Common Uplinks to Transport
For Layer3 and DCI
L2
L3SVIs
Inline OTV Appliance
Uplinks to the
Layer3 Transport
Dedicated
Uplink for DCI
OTV
VDC
L2
L3SVIs
35© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• OTV VDC Virtual Appliance at the Aggregation Layer
• OTV VDC participates to vPC or STP as per existing site design
• Single HSRP group (same VMAC, VIP) if needed
• IGMPv3 on the join interface link
• PIM enabled across the DCI
• Layer 3 Links across the DCI
• IGP Peering between all the 4 Nexus 7000
OTV
VDC
OTV
VDCOTV
VDC
OTV
VDC
IGP + PIM Peering
PIM Interface
L3 Join Interface
L2 Internal Interface
IGMPv3
36© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
Assumption is that the Aggregation devices implement the Layer2-Layer3 separation and thus have SVIs configuration.
• If uplinks to the transport/core are available go with the OTV Virtual Bridge otherwise use the OTV Virtual Appliance approach.
• OTV VDC participates to vPC or STP as per existing site design
• PIM brought down to the Aggregation layer. PIM adjacencies with the WAN Edge devices
OTV
VDC
OTV
VDC
WAN/MAN
OTV
VDC
OTV
VDC
PIM Interface
L3 Join Interface
L2 Internal Interface
IGMPv3
OTV Virtual ApplianceOTV Virtual Bridge
37© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Challenges with traditional DCI LAN extension solutions
• OTV Architecture Principles
Control Plane and Data Plane
Failure Isolation
Multi-homing
MAC mobility
Configuration Examples
• OTV System Requirements
• OTV Deployment Options
• L2 Extension and Path Optimization Challenges
38© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
Optimal Routing Challenge
Pod A
WAN
Pod N
Ingress Routing Localization:
Clients-Server
Server-Server
Egress Routing Localization:
Server-Client Egress Routing Localization:
Server-Client
• Layer 2 extensions represent a challenge for optimal routing.
• Challenging placement of gateway and advertisement of routing prefix/subnet.
39© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Egress traffic
FHRP isolation*
• Ingress traffic
DNS Based
DNS redirection with ACE/GSS
Routing Based
Route Injection
LISP (Locator/ID Separation Protocol) NS based Global Site Selection
Locator/ID Separation Protocol – LISP*
Host routing
* Briefly discussed in this presentation
40© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• Extended VLAN typically has associated HSRP group
• Only one HSRP router active, with all servers pointing to HSRP VIP as default gateway
• Result: sub-optimal (trombone) routing
VLAN 10
VLAN 20
HSRP
Active
HSRP
Standby
HSRP
Listen
HSRP
Listen
HSRP Hellos
ARP
reply
ARP for
VIP
L3 Data
Routed
L3 Data
41© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
• VACL drops HSRP
• VACL drops HSRP
• Route filter drops MAC advertHSRP
Active
HSRP
Standby
HSRP
Active
HSRP
Standby
• Filter FHRP with combination of VACL and OTV MAC route filter in OTV VDC
• Still have one HSRP group with one VIP, but now have active router at each site for optimal first-hop routing
• Native FHRP filtering in OTV planned for future release
VLAN 10
VLAN 20
HSRP
Hellos
ARP for
VIP
ARP
reply
OTV VIP
MAC Advert
L3 Data
Routed
L3 Data
42© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
Real Problems Solved by OTV
• Extensions over any transport (IP, MPLS)
• Failure boundary preservation
• Site independence / isolation
• Optimal BW utilization (no head-end replication)
• Resiliency/multihoming
• Built-in end-to-end loop prevention
• Multisite connectivity (inter and intra DC)
• Scalability
VLANs, sites, MACs
ARP, broadcasts/floods
• Operations simplicity South
Data
Center
North
Data
CenterFault
Domain
Fault
Domain
Fault
Domain
Fault
Domain
LAN Extension
Only 5 CLIcommands
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 43
44© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo Cisco Public© 2011 Cisco and/or its affiliates. All rights reserved.Cisco Expo
Prosíme, ohodnoťte tuto přednášku.
T-DC1
top related