In a previous blog on Getting Started with Modern Data Center Fabrics, we discussed the common modern data center (DC) architecture of an IP fabric to provide base connectivity, overlaid with EVPN-VXLAN to provide end-to-end networking. We have also discussed various overlay design options, including Bridged Overlay, Centrally-routed Bridging (CRB), Edge-routed Bridging (ERB) and Collapsed Spine/Core. In this blog, we discuss data center interconnect (DCI).
What is Data Center Interconnect (DCI)?
It’s really not complicated – when multiple data centers are in use, it is a common requirement to interconnect them. For data centers using EVPN-VXLAN, enabling DCI functionality also using EVPN-VXLAN is a good choice as it provides a common protocol across the entire network.
Use Cases
Broadly speaking, there are two options for deploying DCI: Layer 2 and Layer 3.
A Layer 2 DCI – sometimes known as an “L2 stretch” – is a good option when you need a VLAN and its related IP subnet to stretch across two or more DCs. When using a L2 DCI, there are several design options to choose from.
One option is the ‘over-the-top’ interconnect model. As shown below, this approach extends the EVPN-VXLAN domain across the underlying transport network, providing a simple and flexible way to extend services. This option is popular because it provides reasonable scale and control and can be implemented with little to no coordination with the service provider.
Another option is the gateway interconnect model. Specifics here can vary, but in general, as shown below, this approach involves a hand-off at the DC edge. While this option is more operationally complex, it provides greater control and scalability for what is shared between sites, plus, it provides a point of control for inserting QoS and security.
In a Layer 3 DCI, VLANs and subnets are local to their own DC and not stretched. Inter-DC routing in an EVPN-VXLAN environment is achieved using the EVPN Type-5 route.
It’s also worth noting that you can use MPLS to enable DCI functionality by forming an IP VPN across the WAN.
As with any part of the network, you should consider how to secure the DCI. When connecting over the Internet consider IPsec; over private Layer 2 or dark fiber connections, consider MACsec.
Border Devices Enable DCI Functionality
As discussed in a previous blog, a DC’s border devices are the gateway to other networks such as the WAN or another data center. There are two design options for using border devices to provide DCI functionality: at the spine layer or at the leaf layer.
As shown below, spine devices can provide the interconnection point between DCs.
Or, as shown below, leaf devices can fill the role.
Implementing DCI Functionality
Your DCI design does not directly affect how you build the main DC architecture. As described in Getting Started with Modern Data Center Fabrics, the EVPN-VXLAN fabric configuration elements still include:
- BGP-based IP fabric as the underlay
- EVPN as the overlay control plane
- VXLAN as the overlay data plane
With these elements in place, the additional configuration to add DCI functionality can vary depending on your chosen design but is relatively straightforward:
- Setup underlay connectivity (typically using EBGP peering) between all border devices in both DCs
- Setup overlay connectivity (typically using EBGP or IBGP) to extend the EVPN overlay between the DCs
- Add routing instances and related elements on the border devices and/or wherever the relevant VTEPs terminate
With that, we’ve covered the basics for adding DCI functionality to your EVPN-VXLAN architecture. There are plenty of other details to consider but this will get you started. We’ll discuss other architecture elements in a future blog. In the meantime…
Keep Going
To learn more, we have a range of resources available.
Read it – Whitepapers and Tech Docs:
- IP Fabric EVPN-VXLAN Reference Architecture
- Data Center EVPN-VXLAN Fabric Architecture Guide
- Over-the-Top DCI in an EVPN Network
Learn it – Take a training class:
- Juniper Networks Design – Data Center (JND-DC)
- Data Center Fabric with EVPN and VXLAN (ADCX)
- All-access Training Pass
Try it – Get Hands-on with Juniper vLabs, a (free!) web-based lab environment that you can access any time to try Juniper products and features in a sandbox type environment, including an IP Fabric with EVPN-VXLAN topology.
