Multi-Vendor EVPN-VXLAN Network Automation

Modernizing campus and data center networks with Gluware

See how Gluware has been recognized by the industry

Introduction to EVPN

The Gluware® Intelligent Network Automation platform benefits enterprises at any stage in the network automation journey including automating EVPN. Traditionally, data centers used lots of Layer 2 links that spanned entire racks, rows, cages, and floors. These large L2 domains were not ideal for a data center, due to the slow convergence, unnecessary broadcasts, and difficulty in administering. L2 protocols like VLANs and Spanning Tree are used to provide scale and prevent loops but can be slow to converge and also cause broadcast storms. There have been several protocols that have attempted to address these issues. Virtual Extensible LAN (VXLAN), as an overlay technology, has emerged and begun to see rapid adoption in modern data centers for scaling and stretching Layer 2 networks over Layer 3 because of the scalability and agility it provides.

VXLAN is a standards-based (RFC 7348) tunneling mechanism that can take a Layer 2 frame or a Layer 3 packet, encapsulate it with an IP header and route it to some other VXLAN Tunnel Endpoint (VTEP) for decapsulation. VXLAN is often referred to as MAC-in-IP because fundamentally it is putting a MAC frame inside of an IP packet. The VXLAN header includes a 24-bit field called the VXLAN Network Identifier (VNI), which allows us to have up to 16 million layer 2 domain, significantly higher than the 4096 limit with classic VLANs.

MP-BGP Ethernet VPNs (EVPN) is a standards-based (RFC 7432) extension for BGP that provides a control plane for VXLAN (amongst other things) to deliver Layer 2 and Layer 3 VPN services. Using BGP as the control plane for VXLAN a single routing protocol with familiar concepts to manage new capabilities such as MAC address learning and VRF multi-tenancy while providing optimized equal-cost multi-path (ECMP) across data centers and within the enterprise.

EVPN-VXLAN offers the benefits of supporting traditional L2 based applications while offering the scale and efficiency of an L3 network. Running L2 virtual networks, known as overlays, over L3 physical networks can offer a way to modernize while still supporting legacy applications. While this technology offers the ability to support legacy applications and scale, it introduces significant management challenges to configure and maintain the underlay and overlay networks. Gluware’s intelligent network automation provides the power and flexibility to automate the entire deployment or just the components a customer requires. Having a management platform that provides centralized control is critical for scale and success.

Example EVPN Network using VXLAN Overlay in a Data Center

Gluware Intelligent Network Automation Solution for EVPN-VXLAN

  • Gluware Control base package includes Device Manager Application
  • Gluware Config Modeling Application
  • EVPN-VXLAN Reference Design feature package
    • Multi-vendor including support for Arista, Cisco and Juniper implementations (can add additional per customer requests)
    • Global settings for the EVPN domain
      • Spine nodes, leaf nodes
      • Underlay and overlay (BGP/OSPF protocols, ASNs, Areas, RRs…)
      • IP address management and assignment (offsets, model-based reservations planning, pools…)
      • Multicast groups, RPs,…
      • Anycast gateway MAC
    • Tenant settings for the VTEP domains
      • Tenant VRFs
      • Tenant VLANs
  • Additional optional components include: Config Drift and Audit App, OS Manager App, Workflows.

Leverage the Gluware EVPN Domain data-model to automate from day 0 to day N:

  • Add Leaf devices
  • Add Spine devices
  • Add tenant VRFs
  • Add tenant VLANs
  • Automatically update and synchronize all the devices in the fabric
  • Gluware manages and understands the interdependency of each construct

Features of Automating EVPN-VXLAN with Gluware

  • Intent-based, data-model driven and declarative Gluware automation ensuring each configuration change results in the intended state
  • Gluware provides an EVPN-VXLAN reference design that is flexible to be adapted to any implementation.
  • Brownfield and greenfield deployments are supported including the ability to automate without disrupting the existing network.
  • Using a REST-based API, Gluware can be fed external data and be run headless to implement network changes.
  • The Gluware application suite offers device inventory, config drift, config audit, OS management, workflows in addition to intent-based configuration management

Example EVPN-VXLAN Data-Model Gluware Uses to Automate Juniper CRB

The Gluware network automation platform can address any deployment model, delivering for standards-based leaf-level and the Juniper Centrally-Routed Bridging (CRB) option. Most vendors implement standards-based EVPN uses leaf-level routing which can simplify the configuration but does not leverage the power of the spine devices besides IP routing. The Juniper solution includes an additional architecture using CRB provides more flexibility and takes a lot of the packet processing burden off of the leaf devices, but does increase the configuration complexity involving changes to both spine and leaf nodes when making changes. If performed manually, adding a VLAN could require dozens of lines of CLI per related spine and 10-15 lines per each leaf device.

Gluware Automating Spine and Leaf Devices in an EVPN-VXLAN Data Center

With existing networks, there are often other existing components in the management plane which include monitoring, ticketing, resource management and more. Gluware is able to integrate with external systems via REST API, like an external IP Address Management (IPAM) solution which is used to manage IP address assignment, VLAN assignments and more. The Gluware REST API can be used to feed in the required variables, then applying them to the data-model and dynamically generating the required commands (CLI) for configuration on each device when provisioning a new VLAN. Since Gluare is able to aggregate all of the required data for the EVPN-VXLAN deployment it becomes the source of truth (SoT).