What is EVPN-VXLAN?
(Ethernet VPN) EVPN-(Virtual Extensible LAN) VXLAN provides large enterprises a common framework used to manage their campus and data center networks. An EVPN-VXLAN architecture supports efficient Layer 2/Layer 3 network connectivity with scale, simplicity, and agility, while also reducing OpEx.
The rapidly growing use of mobile devices (including the growing number of Internet of Things (IoT) devices), social media, and collaboration tools, adds an increasing number of endpoints to a network. To provide endpoint flexibility, EVPN-VXLAN decouples the underlay network (physical topology) from the overlay network (virtual topology). By using overlays, you gain the flexibility of providing Layer 2/Layer 3 connectivity between endpoints across campus and data centers, while maintaining a consistent underlay architecture.
Benefits of EVPN-VXLAN
Deploying an EVPN-VXLAN framework provides the following benefits:
- Programmable allowing you to easily automate
- Open standards-based architecture ensures backwards and forwards interoperability
- Integrated and efficient Layer 2/Layer 3 connectivity with control plane-based learning
- Easy network scalability based on business needs
- Network segmentation inside, and across multiple campuses and data centers allowing you to securely separate traffic
- Minimized fault domain increases reliability of your network
- MAC address mobility provides flexible yet simple deployment capabilities
In traditional Layer 2 networks, reachability information is distributed in the data plane through flooding. With EVPN-VXLAN networks, this activity moves to the control plane.
EVPN is an extension to BGP that allows the network to carry endpoint reachability information such as Layer 2 MAC addresses and Layer 3 IP addresses. This control plane technology uses MP-BGP for MAC and IP address endpoint distribution, where MAC addresses are treated as routes. EVPN enables devices acting as VTEPs (see next section) to exchange reachability information with each other about their endpoints.
EVPN also provides multipath forwarding and redundancy through an all-active multihoming model. An endpoint or device can connect to two or more upstream devices and forward traffic using all the links. If a link or device fails, traffic continues to flow using the remaining active links.
Because MAC learning is now handled in the control plane, EVPN can support different data plane encapsulation technologies between EVPN-VXLAN-enabled switches. With EVPN-VXLAN architectures, VXLAN provides the overlay data plane encapsulation.
Network overlays are created by encapsulating traffic and tunneling it over a physical network. The VXLAN tunneling protocol encapsulates Layer 2 Ethernet frames in Layer 3 UDP packets, enabling Layer 2 virtual networks or subnets that can span the underlying physical Layer 3 network. The entity that performs VXLAN encapsulation and decapsulation is called a VXLAN tunnel endpoint (VTEP).
In a VXLAN overlay network, each Layer 2 subnet or segment is uniquely identified by a virtual network identifier (VNI). A VNI segments traffic the same way that a VLAN ID segments traffic - endpoints within the same virtual network can communicate directly with each other, while endpoints in different virtual networks require a device that supports inter-VNI (inter-VXLAN) routing.
EVPN-VXLAN in the Enterprise
With an EVPN-VXLAN-based campus architecture, enterprises can easily add more core, distribution, and access layer devices to a growing business without having to redesign with a new set of devices to update the architecture.