Taxes & Accounting

BGP L3VPN Virtual PE Framework

Published
of 10
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Related Documents
Share
Description
BGP L3VPN Virtual PE Framework dra7- fang- l3vpn- virtual- pe- framework- 01 L. Fang, D. Ward, R. Fernando, D. Rao (Cisco) M. Napierala (AT&T) N. Bitar (Verizon) 11/09/2012 IETF 85, Atlanta MoUvaUon Service
Transcript
BGP L3VPN Virtual PE Framework dra7- fang- l3vpn- virtual- pe- framework- 01 L. Fang, D. Ward, R. Fernando, D. Rao (Cisco) M. Napierala (AT&T) N. Bitar (Verizon) 11/09/2012 IETF 85, Atlanta MoUvaUon Service Providers and large enterprises want to build virtual Private Clouds (vpcs) by leveraging exisung BGP IP VPNs [RFC 4364], and extending it deep into the Service networks. Why IP VPN? Is most deployed, extend to service network to complete vpc Supports rouung isolauon and traffic separauon at the edge Is mature technology with 14 yrs wide deployment and large customer bases Is proven to Scale (e.g. 7+ Million vpn routes in some network) Support end- to- end vpc, especially applicauons are mostly IP Rich policies for value added service creauon beyond simple connecuvity Virtual PE DefiniUon Virtual PE (vpe) A PE so7ware instance which can reside in any network or compute devices. A common place for vpe can be a service network end device, e.g., a server which supports muluple client/applicauon Virtual Machines (s), or a Top- of- Rack switch (ToR) in the Data Center. Another example can be a service node in a 3GPP network. The control and forwarding components of the vpe are decoupled, they may reside in the same physical device or in different physical devices. vpe Architecture Example of IP VPN vpe at the End Device Virtual RR (vrr) WAN edge Gateway MPLS Core WAN Network Gateway Service Network Fabric vpe ApplicaUon/ () Compute/ Storage/ Appliance 4 vpe on a Server Example - vpe L3 SW instance on server - vpe and relauonship: PE- - on vpe to isolate individual tenant rouung and traffic separauon vpe R Y G Server End- to- end L3VPN Overlay from Enterprise to SP DC with vpe in End Device Enterprise G Enterprise R DC Enterprise Network/DC PE Provider Networks PE RR P Not VPN aware MP- BGP RR PE PE Provider Network MP- BGP RR vrr vrr DC Gateway Controller / Orchestra8on DC infra Not VPN aware Gateway to vpe signaling opuons: 1) MP- BGP 2) Extensible messaging protocol 3) Controller Forwarding: IP, MPLS, others Provider DC Host Host Host Host Host Host Host vpe Server Control Plane Route Server 1. Distributed IP VPN control plane vpe parucipates in overlay BGP IP VPN control protocol: MP- BGP [RFC4364]. using extensible signaling messaging protocols can be alternauve, such technologies, e.g. XMPP, [I- D.iek- l3vpn- end- system]. 2. Centralized rouung controller vpe control plane and data plane are physically decoupled. The control plane direcung the data flow may reside elsewhere, such a centralized controller. The controller can be used for rouung informauon distribuuon, or directly insert the entries into FIB (details will be in next revision). 3. Route server can be anywhere 4. Use RR and RT Constrain [RFC4684] to scale. Data Plane VPN Forwarder 1. The VPN forwarder locauon opuons: 1) within the end device where the (e.g., applicauon/s) are. 2) in an external device which the end device connect to, for example, a Top of the Rack (ToR) in a data center. 2. ConsideraUons in design: Device capability Overall soluuon economics QoS/firewall/NAT placement OpUmal forwarding Latency and performance OperaUonal impact 3. EncapsulaUon 1) MPLS 2) IP / GRE tunnel [RFC4023] 3) Other IP network overlay encapsulauons eg. VXLAN, NVGRE. Inter- connecuon considerauons Must support connecuons with non- IP VPN soluuons. A clear demarcauon should be preserved at the inter- connecung points. Problems encountered in one domain should not impact other domains. Consider this scenario: Legacy layer 2 connecuvity must be supported in certain sites/s/s (which is a small percentage of total sites), and the rest sites/s/s need only L3 connecuvity. One may consider to use combined vpe and /virtual soluuon to solved the problem. Use L3VPN vpe for all sites with IP connecuvity, and use a physical or virtual (v, may reside on the end device) to aggregate the L2 sites which, for example, may be a single container in a data center. The /v can be considered as inter- connecung point, where the L2 network are terminated and the corresponding routes for connecuvity of the L2 network are inserted into L3VPN. The L2 aspect is transparent to the L3VPN in this case. Next Steps Address all comments on the list and in the meeung Issuing next revision soon a7er the IETF 85 Ask the WG if folks are interested to have this work as WG item
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks