What is EVPN-VXLAN?
evpn vxlan解释说明
EVPN-VXLAN refers to a network fabric that extends layer 2 connectivity as a network overlay over an existing physical network. It is an open standards technology that creates more agile, secure, and scalable networks in campuses and data centers. EVPN-VXLAN consists of:
- Ethernet VPN (EVPN) which is used as the overlay control plane and provides virtual connectivity between different layer 2/3 domains over an IP or MPLS network.
- 虚拟可扩展LAN(VXLAN),一个公共网络虚拟化叠加协议,将第2层网络地址空间扩展到4,000到1600万。
EVPN-VXLAN如何工作
EVPN-VXLAN使企业能够使用第2层虚拟桥接来连接地理上分散的位置。EVPN-VXLAN提供云服务提供商所需的规模,并且通常是数据中心互连的首选技术。
EVPN作为叠加层,支持多租户,并且是高度可扩展的,通常使用来自不同数据中心的资源来提供单一服务。它可以为虚拟网络中的设备提供二层与物理基础设施的连接,也可以提供第3层路由的设备。
因为它用作覆盖网络的MAC地址学习控制平面,所以EVPN可以支持不同的数据平面封装技术。这种灵活性对于不严格基于MPLS的网络织物尤其吸引力。
VxLAN封装在第3层UDP数据包中的第2层以太网帧,表示虚拟层2子网可以跨越层面3网络。VXLAN网络标识符(VNI)用于将每个第2层子网分段到传统的VLAN ID。
A VXLAN tunnel endpoint (VTEP) is a VXLAN-capable device that encapsulates and de-encapsulates packets. In the physical network, a switch typically functions as a layer 2 or layer 3 VXLAN gateway and is considered a hardware VTEP. The virtual network equivalents are known as software VTEPs, which are hosted in hypervisors such as VMware ESXi or vSphere.
The rise of EVPN-VXLAN
EVPN-VXLAN has emerged as a popular networking framework largely due to the limitations of traditional VLAN-based networks.
Within campus environments, the proliferation of endpoints due to BYOD, workplace mobility, and IoT is driving a need for more fine-grained segmentation strategies to separate different profiles of users, devices, and traffic.
It’s a similar story in data centers, where more and more workloads are being deployed to support digital transformation. IT needs to protect and manage workloads on an individual basis while preventing hackers from moving laterally from server to server if a breach occurs.
用Aruba CX构建EVPN-VXLAN结构
The Aruba CX Switching Portfolio is designed for the evolving, complex demands of modern campus and data center networks, including EVPN-VXLAN-based fabrics. Based on a distributed, non-blocking architecture, Aruba CX switches deliver true wired speed performance from 1GbE to 100GbE.
Aruba CX switches that support EVPN-VXLAN include:
- Aruba CX 6300.: Built-in 10/25GbE uplinks (50GbE DAC) and support for up to 10-member stacking
- Aruba CX 6400:模块化5或10插槽开关,容量高达28tbps
- Aruba CX 8325: A 1U switch with 1/10/25/40/100GbE connectivity ideal for leaf or spine switches
- 阿鲁巴CX 8360.:高性能1/10 / 25/40/100GBE连接,紧凑的1U形状因子
- Aruba CX 8400:8插槽模块开关,最多可容纳19.2Tbps容量,适用于校园内核
- (Static VXLAN supported onCX 6200。)
All Aruba CX switches are powered byAOS-CX,一个云原生操作系统,简化了EVPN-VXLAN面料的管理:
- Turnkey automation to accelerate built-outs and ongoing network-wide changes.
- 分布式分析以主动检测和解决问题。
- 即使在升级期间,始终是用于弹性和零停机时间的始终展开的基础架构。
The Advantages of EVPN-VXLAN
Enterprises using EVPN-VXLAN gain the following benefits:
Flexibility:EVPN-VXLAN supports multiple protocols and shares common architectural elements with other common network services like VPNs, making it easy to integrate into existing networks.
Greater scalability:An EVPN-VXLAN-based architecture enables enterprises to easily add new switches without requiring any redesigns of the underlay network.
增强安全性:细分割使得它限制交通flows between every connected element in the network, hardening security postures and limiting the blast radius of attacks.
Better performance and resiliency:Latency between network devices is more predictable, especially in spine-leaf architectures, and failure of a single spine or leaf doesn’t have as large an impact on overall fabric performance.
Related resources
