Switches, Hubs, and Modems

vlan over l3 mpls

 
pnobels
Contributor

vlan over l3 mpls

Hi,

i'm preparing a migration of our datacenter from hq to an external hosting company.  It's supposed to be a 'lift and shift'.

I'm not so sure yet

Our vm infrastructure will move to the hosting facility.  This means that some vlans will be needed at the hosting facility and the same vlans as well at hq.  For example a vm server which deals with security badges, while the badge readers themselves are still at hq.  This means i need to be able to extend those vlans over a l3 mpls.  If i don't do this, the only way around is add extra vlan and reconfigure.  But then it's no longer a 'lift and shift'.

Is there a technology available to implement something like that?  

And even if that technology exist, is this advisable?  Implementing something alike might cause extra overhead on a bandwidth limited connection (guess mpls max speed is 1 GBit).

1 REPLY 1
Ivan_B
HPE Pro

Re: vlan over l3 mpls

Hi @pnobels !

It all depends on what kind of CE devices (routers that keep IP routing peering with ISP's routers) do you have. What OS they are running (Comware-based, ArubaOS-CX based, ArubaOS-based) what is their model numbers. It is very important, because you need to build a Layer 2 overlay on the top of the L3 underlay (MPLS L3VPN in your case) and CE devices will be those who will arrange that link and play the role of endpoints of such tunnel, therefore it all depends on their capabilities and feature set.

If we speak about overlay technologies I am afraid you are quite limited here, but you can check if your CE devices support VXLAN (simple static tunnel without EVPN will be sufficient for your case) or EVI (legacy Comware-specific technology supported by some chassis-based switches). The rest widely known tunnelling technologies like GRE, IP-IP, interface-based IPsec, ADVPN won't help you as those tunnels connect IP networks, not differents parts of the same VLAN.

If you decide to go with VXLAN your CE routers should be configured as VTEPs for certain VLANs. VTEPs should have statically configured VXLAN tunnel between themselves. Also those VTEPs should be configured to map traffic from local VLAN (or several VLANs) to VSI and then forward that VSI traffic over the VXLAN tunnel.

If your choice will be EVI, then you will need to configure one device in each site to become EVI edge devices and configure those to "extend" VLANs that you need over the tunnel between both sites. Pretty similar concept to the VXLAN VTEPs, just different protocols and different encapsulation.

As for your question regarding MPLS link's bandwidth and overhead, it shouldn't be high. For VXLAN it is 50 bytes per packet, for EVI it is 46 bytes. From the data plane perspective both are implemented in hardware, so you should achieve 1 Gbps over that 1 Gbps link without any issue.

Hope this helps!

 

I am an HPE employee

Accept or Kudo