Ethernet VPN: On the way to becoming the standard for network traffic
Ethernet services play a key role in computer centre and cloud environments. In the last few years EVPN (Ethernet Virtual Private Network) has evolved alongside MPLS into a standard for data traffic between computer centres, campus and branch networks or cloud environments. That is because EVPN provides flexibility, stability and scalability.
Ever more requirements are being placed on networks: the number of connected devices and the amount of data being transmitted are growing rapidly; most business processes have been digitalised and cloud services further increase the load on the network. And then there is a whole range of options for providing business applications. Some run in the cloud or in a computer centre, some application on the campus network or at just one location, some are encapsulated in containers or are run on virtual machines. In addition to these modern applications, most applications also have, older, non-modular applications in parallel, often running on classical servers. This means the network must be flexible enough to combine these two worlds while also being equipped for the future.
In most cases, the applications run, or ran, on a Layer 2 network (backup layer in the OSI network model). However, this often leads to problems in terms of stability, scalability and optimal utilisation of the available resources. The reason is that the protocols used, such as Spanning Tree for example, are prone to error and generate a lot of data traffic of their own. Protocols on Layer 3 (network layer) are simpler and more efficient to scale.
However, when a virtual Layer 3 network is combined with a physical Layer 2 network, modern technology is put into an existing infrastructure. That is why an overlay product is necessary to continue meeting the requirements of the connected systems. This is normally the VXLAN protocol (Virtual Extensible LAN) for mapping logical Layer 2 networks in Layer 3 technologies and across IP network structures. As overlays allow new applications to be run on older infrastructures, environments are created that are both future-oriented and upward compatible. EVPN plays a key role here as a control plane for overlay networks with VXLAN.
EVPN supports Layer 2 and Layer 3
EVPN is also referred to as Ethernet-VPN. The objective of EVPN is to create multiple VPN-Ethernet networks on the basis of the same physical infrastructure. That means, as long as older applications still require Layer 2 connectivity, EVPN connects them up in their own virtual networks via tunnels. EVPN supports both Layer 3 virtualisation for newer applications and Layer 2 connectivity for older applications.
As the EVPN control plane is based on the Border Gateway Protocol (BGP), it can transport Layer 2 MAC and Layer 3 IP information at the same time. It is similar to the familiar MPLS/VPN control plane but also supports Layer 2 (MAC addresses) and Layer 3 (Ipv4 and Ipv6 addresses and prefixes).
Because this enables those MAC and IP addresses to be identified that are easy to reach, this flexible architecture allows optimised routing and switching within a network. With the aid of EVPN, firms can set up virtual tunnels to encapsulate data, transport it to its destination and then decapsulate it. EVPN-VXLAN allows old and new applications to be run on the same infrastructure. It also allows the standardisation of operation across different configurations.
Benefits of EVPN
EVPN-VXLAN enables flexibility for endpoints by separating the overlay network (virtual topology) from the underlay network (physical topology). By using overlays, companies can provide efficient Layer 2/Layer 3 connections between endpoints across computer centres while retaining the existing underlay architecture. Point-to-point, point-to-multipoint and any-to-any topologies can be realised with Ethernet VPN. With VXLAN, EVPN also boosts flexibility, stability and scalability, regardless of the size of the network. Anything can be implemented from a small infrastructure with a few switches through to a computer centre with a hundred racks.
Here are the key benefits of EVPN at a glance:
- Open and programmable standard-based architecture
- Integrated and efficient Layer 2/Layer 3 connectivity
- Network can be segmented across multiple computer centres
- Simple scalability
- Mobility of MAC addresses
- Cost benefits: As Ethernet infrastructure is usually already in place in companies, they save further investment. Ethernet bandwidths are less expensive than traditional WAN bandwidths. The price is further reduced as, with Ethernet VPN, only one connection to the network is needed for each additional site.
- Configuration: With Ethernet VPN, companies have the option of integrating add-on services into the network and combining them in any way they wish. Together with quality of service, applications can be given different priorities, disaster recovery solutions can be mapped more easily and remote management made simpler.
EVPN products from Juniper and Cisco
It goes without saying that key vendors such as Cisco or Juniper support EVPN and VXLAN.
For example, Cisco ACI (Application Centric Infrastructure), the solution for computer centres and SDN architecture (Software Defined Networking), works in the background with EVPN and VXLAN. Cisco has also integrated Ethernet VPN as a feature in the NX-OS of the Nexus 9000 Switches as well as in the routers of the Cisco ASR 9000 series.
Juniper has a campus solution based on a VXLAN overlay with EVPN control plane in its portfolio. The company has also integrated EVPN into the switches of the QFX series, switches of the EX series and routers of the MX series.