Cisco VXLAN EVPN backup circuit - MPLS

Started by LynK, May 31, 2019, 02:59:55 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

LynK

May 31, 2019, 02:59:55 AM
Hey guys,

Have any of you designed MPLS backup through a provider for leaf to spine communications? Any limitations?

Did you run the MPLS in the overlay vrf, or the default vrf?

Sys Admin: "You have a stuck route"
            Me: "You have an incorrect Default Gateway"

wintermute000

#1
June 04, 2019, 06:14:16 AM Last Edit: June 04, 2019, 06:18:12 AM by wintermute000
WHAT

Leaf-spine is a LAN topology. Are you seriously trying to split a leaf-spine across a WAN?

I'm not sure what you're talking about re: MPLS in the overlay.
- To my knowledge there is no way of carrying MPLS labels inside VXLAN
- If you're referring to L3VPN/IPVPN as "MPLS" (gah I hate that trend, stupid SD-WAN marketing) then surely if it works at all, its the underlay.

Most L3VPN provders run standard MTU (drop mike)

Aside from MTU and any performance issues you would get.... theoretically hte overlay can run over any L3 underlay.

But the entire thing is designed for deterministic E-W (assumes it... like how a random VTEP/NVE is selected as ARP source for silent host discovery). Would it ping? probably.

The concept of a backup is entirely against leaf-spine again, it assumes ECMP all paths equal and determinstic latency/hop count. But sure you could mess it up and have a preferred vs non-preferred path.

I suspect MTU alone stops the idea cold.

If you have a WAN, run a different leaf-spine on each side. If you must DCI, use a DCI technology like multi-site EVPN, or hand-off to DCI somehow. Or look at multi-pod topologies.  The yves louis series is excellent from an architectural POV, however, (and it acknowledges it in one article) it was written before multi-site was an option, which is by far the best option, if $$$ as you need dedicated border gateways.

Multipod - http://yves-louis.com/DCI/?p=1277
Multisite - https://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/white-paper-c11-739942.html

LynK

#2
June 04, 2019, 09:45:23 AM
Wintermute,

MTU is definitely the show stopper. Basically what we are discussing is create a separate VRF in our ISP MPLS environment, then advertise the vtep loopbacks through the MPLS at each site so BGP adjacencies can form over the MPLS if all physical connections get severed to the spine.

Sys Admin: "You have a stuck route"
            Me: "You have an incorrect Default Gateway"

wintermute000

#3
June 04, 2019, 05:11:13 PM
Sure it would work mtu aside but it would likely perform badly

deanwebb

#4
June 04, 2019, 05:24:08 PM
Quote from: wintermute000 on June 04, 2019, 05:11:13 PM
Sure it would work mtu aside but it would likely perform badly

This could be said of almost any arrangement that requires as many caveats as wintermute's outlined. Once it's no longer as simple as the vendor intended it to be, you can run into some strange territory that the gear is not prepared to deal with.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.
Print
Go Up Pages1
User actions