Vxlan Fabric With Bgp Evpn Control-plane Design Considerations Pdf Download !!BETTER!!

Fabric technology, provides wired and wireless campus networks with programmable overlays and easy-to-deploy network, permitting a physical network to host one or more logical networks to meet the design intent. In addition, fabric technology in the campus network enhances control of communications, providing segmentation and policy enforcement based on user identity and group membership. Segmentation is seamlessly integrated using Cisco Security Group, providing micro-segmentation for groups within a virtual network using Security Group tags (SGTs).

A fabric role is a LISP/VXLAN software construct running on physical hardware. These software constructs were designed with modularity and flexibility in mind. For example, a device can run a single role, or a device can also run multiple roles.

Vxlan Fabric With Bgp Evpn Control-plane Design Considerations Pdf Download

Download Zip 🔥 https://urllio.com/2y3BPO 🔥

This section describes the Enterprise Campus hierarchical network structure followed by traditional campus designs that use the distribution layer as the Layer 2/Layer 3 boundary (switched access). This traditional design is then contrasted against moving the Layer 2/Layer 3 boundary to the access layer (routed access), a requirement for LISP/VXLAN fabric, and finally discusses design considerations for Layer 3 routed access.

These hierarchical and modular networks models are referred to as the Cisco Enterprise Architecture Model and have been the foundation for building highly available, scalable, and deterministic networks for nearly two decades. The Enterprise Architecture Model separates the network into different functional areas called modules or blocks designed with hierarchical structures. The Enterprise Campus is traditionally defined with a three-tier hierarchy composed of the Core, Distribution, and Access Layers. In smaller networks, two-tiers are common with core and distribution collapsed into a single layer (collapsed core). The key idea is that each element in the hierarchy has a specific set of functions and services that it offers. The same key idea is referenced later in the fabric control plane node and border node design section.

LISP/VXLAN fabric networks start with the foundation of a well-design, highly available Layer 3 routed access foundation. For optimum convergence at the core and distribution layer, build triangles, not squares, to take advantage of equal-cost redundant paths for the best deterministic convergence. In Figure 10, the graphic on the left shows triangle topologies which are created by devices crosslinking with each other and with their upstream/downstream peers. The graphic on the right shows square topologies that are created when devices are not connected to both upstream/downstream peers. Square topologies should be avoided.

This section discusses design principles for specific LISP/VXLAN fabric device roles including edge nodes, control plane nodes, border nodes, Fabric in a Box. This section concludes with device platform role and capabilities discussion.

The following section discusses design consideration for specific features in LISP/VXLAN fabric. It begins with a discussion on multicast design, traditional multicast operations, and Rendezvous Point design and placement. Multicast forwarding in the fabric is discussed along with considerations regarding the Layer 2 flooding feature which relies on a multicast transport in the underlay. Next, Critical VLAN is described along with considerations for how it is deployed in LISP/VXLAN fabric.

The Rendezvous Point does not have to be deployed on a device within the fabric site. External devices can be designated as RPs for the multicast tree in a fabric site. The External RP address must be reachable in the VN routing table on the border nodes. External RP placement allows existing RPs in the network to be used with the fabric. In this way multicast can be enabled without the need for new MSDP connections. If RPs already exist in the network, using these external RPs is the preferred method to enable multicast. If Layer 2 flooding functionality is desired within a fabric, it would be good to restrict flooding within the fabric by having Border nodes as RPs.

Fabric-mode APs connect into a Default instance of LISP. This instance id is associated with the global routing table (GRT). This design allows the WLC to connect into the fabric site for AP management without needing to leak routes out of a VRF table.

In cases where the WLCs and APs cannot participate in the fabric, a traditional CUWN centralized design model is an option. In Centralized WLC deployment models, WLCs are placed at a central location in the enterprise network. With this deployment model, the CAPWAP tunnels between WLC and APs traverse the campus backbone network. In the over-the-top model, this means the wireless infrastructure uses the fabric as a transport but without the benefits of fabric integration.

External connectivity outside of the fabric site can have several possible variations, and these variations are based on underlying network design. For example, the fabric border node may be connected to an actual Internet edge router, an ISP device, a firewall, a services block switch, or some other routing infrastructure device. Each of these peer devices may be configured with a VRF-aware connection (VRF-lite) or may simply connect to the border node using the global routing table.

Shared services, as discussed in the earlier Routing Table section, may be deployed in a dedicated VRF or the global routing table, and shared services may be connected to a services block or be accessed through data center infrastructure. Internet access itself may be in a VRF, though is most commonly available in the global routing table. While each of these options are viable, though each present a different underlying network design that the fabric site must integrate with.

To support this route leaking responsibility, the device should be properly sized according to the number of VRFs, bandwidth and throughput requirements, and Layer 1 connectivity needs including port density and type. When the network has been designed with a services block, the services block switch can be used as the fusion device (VRF-aware peer) if it supports the criteria described above. Fusion devices should be deployed in pairs or as a multi-box, single logical box such as VSS, SVL, or vPC. When the fusion device is a logical unit, border nodes should be connected to both members of the logical pair as described in the later external considerations section.

An LISP/VXLAN fabric network begins with a foundation of the Cisco Enterprise Architecture Model with well-designed and planned hierarchical network structures that include modular and extensible network blocks as discussed in the LAN Design Principles section. On this foundation, the network is designing and configured using the Layer 3 routed access model.

Beyond the business needs, business drivers, and previous listed Design Considerations, additional technical factors must be considered. The results of these technical considerations craft the framework for the topology and equipment used in the network. These factors are multi-dimensional and must be considered holistically. The design strategy for LISP/VXLAN fabric is to maximize site size while minimizing site count. Each of the factors below could drive the need to deploy multiple, smaller fabric sites rather than one larger one.

High availability compliments site survivability. A site with single fabric border, control plane node, or wireless controller risks single failure points in the event of a device outage. When designing for high availability in a LISP/VXLAN network, it is important to understand that redundant devices do not increase the overall scale.

Designing Cisco LISP/VXLAN fabric site has flexibility to fit many environments, which means it is not a one- design-fits-all proposition. The scale of a fabric can be as small a single switch or switch stack or as big as one or more three-tier campus deployments. LISP/VXLAN fabric topologies should follow the same design principles and best practices associated with a hierarchical design, such splitting the network into modular blocks and distribution of functions.

Design elements should be created that can be replicated throughout the network by using modular designs. In general, LISP/VXLAN fabric topologies should be deployed as spoke networks with the fabric border node as the exit point hub for the spokes which are the access switches operating as edge nodes. As networks grow, varied physical topologies are used to accommodate requirements for specialized network services deployment.

In deployments with physical locations, customers use different templates for each of the different site types such as a large branch, a regional hub, headquarters, or small, remote office. The underlying design challenge is to look at existing network, deployment, and wiring, and propose a method to layer LISP/VXLAN fabric sites in these areas. This process can be simplified and streamlined by templatizing designs into reference models.

For very small deployments, a LISP/VXLAN fabric site is implemented using a two-tier design. The same design principles for a three-tier network are applicable, though there is no need for a distribution layer (intermediate nodes). In a very small site, high availability is provided in the fabric nodes by co-locating the border node and control plane node functionality on the collapsed core switches and deploying these as a pair. For both resiliency and alternative forwarding paths in the overlay and underlay, the collapsed core switches should be directly connected to each other with a crosslink.

For smaller deployments, a LISP/VXLAN fabric site is implemented using a two-tier design. The same design principles for a three-tier network applicable, though there is no need for an aggregation layer (intermediate nodes). In a small site, high availability is provided in the fabric nodes by co-locating the border node and control plane node functionality on the collapsed core switches and deploying these as a pair. For both resiliency and alternative forwarding paths in the overlay and underlay, the collapsed core switches should be directly connected to each other with a crosslink. 2351a5e196