MPLS in the Data Center
advertisement
MPLS in the Data Center Achieve “Carrier-class” Network Dependability and Reliability for Business Critical Services Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Agenda Brief MPLS Overview Advantages of MPLS Networks Why MPLS Is “Important” to Data Center Deployments Deployment Scenarios Inter-Data Center Transport Network Network Segmentation for Compliance (VLAN-VRF) L2VPN for VLAN Extensions (VMotion for DRP) Summary Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Many Enterprises Already Use MPLS… MPLS PPVPN Internal MPLS Deployment Private IP services managed and delivered by Service Provider MPLS deployed and/or managed within the Enterprise You Provider MPLS Network MPLS SuperCore Private routing instance in Service Provider PE Router Copyright © 2008 Juniper Networks, Inc. You Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise MPLS in the Data Center MYTH TRUTH “Deploying MPLS in the enterprise is like swatting a fly with a nuclear weapon.” MPLS was designed to allow the largest networks on the planet to scale their topologies and services Many large enterprises today face the same scaling and management problems as traditional providers … and: Sometimes you *do* need a big fly-swatter. Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise What Is MPLS? Multi-Protocol Label Switching • A suite of protocols developed to add transport and virtualization capabilities to large IP networks • Borrowed virtual circuit ideas from ATM • But packet based (no SAR) • Leverages standard IPv4 (or IPv6) control plane • Manage MPLS networks using familiar protocols like OSPF or Integrated IS-IS and BGP Label Switched Paths • Adds switched virtual circuit layer to packet based networks • A single LSP can span various media types • Ethernet, ATM, Frame Relay, PPP/HDLC links (PoS, PDH) Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Two Layers of MPLS Functionality MPLS Label Switched Paths [Traffic Control] • LSPs carry traffic between edge routers • Individual LSPs are engineered using various Traffic Engineering technologies (ERO or Dynamic TE) • Various link/LSP protection mechanisms operate on LSP layer (Fast-Reroute, Standby LSPs) MPLS VPN Layer [Virtualization] • Ingress traffic mapped into specific LSPs • “Customer” traffic encapsulated across MPLS core • BGP/MPLS L3VPNs (RFC4364, formerly 2547bis) • L2VPN or VPLS • Pseudowire (draft-martini or CCC) Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise High-Level Network Infrastructure Mappings VLAN Components MPLS Components VLAN segmentation is localized and limited in scale VLAN Tags (4 bytes) • 16-bit PID, 3-bit Priority, 1-bit CFI, 12-bit VLAN ID Layer 2 Segmentation Spanning Tree Protocol Active/Blocking VLAN Trunking VLAN ACLs 802.1p QoS Markings Ethernet failures/repairs … Copyright © 2008 Juniper Networks, Inc. Allows network-wide segmentation with large scale MPLS Label stack (4 bytes) • 20-bit Label, 3-bit QoS (EXP), 1-bit bottom of stack flag, 8-bit TTL field Layer 2 and Layer 3 Segmentation OSPF / LDP ECMP LSP Switching IP ACLs DSCP/EXP QoS Markings Fast Re-route capabilities & BFD … Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Agenda Brief MPLS Overview Advantages of MPLS Networks Why MPLS Is “Important” to Data Center Deployments Deployment Scenarios Inter-Data Center Transport Network Network Segmentation for Compliance (VLAN-VRF) L2VPN for VLAN Extensions (VMotion for DRP) Summary Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise What’s So Great About MPLS? MPLS Brings the Benefits of Circuits to IP Enables Consolidation of disparate networks onto a single network • Support best effort, enhanced delivery, and assured delivery service levels for mixed use services • Lowers capital and operational cost though convergence while enabling application convergence Delivers Control through traffic segregation • Regional-, departmental-, and project-oriented groups have control over their network assets and configurations • Traffic remains separate though multiple MPLS-based VPNs Provides Resiliency with fast reroute and traffic engineering • MPLS-based traffic engineering enables a fine-tuning of the network to deliver appropriate levels of services • Enables sub-50 msec. reroute to maintain real-time traffic during a node or link failure Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Agenda Brief MPLS Overview Advantages of MPLS Networks Why MPLS Is “Important” to Data Center Deployments Deployment Scenarios Inter-Data Center Transport Network Network Segmentation for Compliance (VLAN-VRF) L2VPN for VLAN Extensions (VMotion for DRP) Summary Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Translating MPLS Benefits to Business Impact Enterprises that have large private networks or business critical Data Centers can leverage MPLS to create both CapEx and OpEx cost savings Moving to an MPLS network provides business benefits like improved network availability, performance, and policy enforcement Enterprises should evaluate MPLS to determine if this is the right opportunity to implement MPLS capable hardware into their Data Center network • In order to support business critical applications that require highly-available, low-latency and “carrier-class” reliability with a proven track record Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise The Legacy Network: High Cost Resiliency Traditional private IP networks do not support “real time” applications • Routing tables do not converge fast enough to support sub 50-msec link and node failures The alternative is to deploy SONET/SDH to provide sub-50 msec link and node failure detection and re-routing This additional transport layer in the private WAN and Data Center comes at a significant additional expense Let’s look at an alternative… Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise The MPLS Resiliency Solution MPLS can be deployed without the additional cost and complexity of SONET/SDH • Dark fiber installations and/or Provider Ethernet services MPLS can be configured to support sub 50-msec link and node failure detection and correction • Fast Re-Route (FRR) provides “real time” re-routing over back-up paths • Bi-directional Forwarding Detection (BFD) provides early detection of link and node failures The Result: MPLS provides a cost effective alternative for the highly resilient network supporting “real-time” communications Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise The Legacy Network: Cost of Building Redundant Networks Integration of a new business entity or application in the Data Center or maintaining separation among various businesses • Rapidly changing requirements in a Data Center to add/move/remove applications to support business functions worldwide • Regulatory environments and business operations sometimes require guarantees of business unit/subsidiary separation Traditional practices require separate physical and redundant networks to be built • Application X, Business Partner, Voice, Storage, PCI compliance, etc. Each separate and redundant network requires its own • • • • • Equipment (Networking, servers, etc.) WAN access Space andLet’s power look at an alternative… Provisioning Management…making this an expensive proposition Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise The MPLS Network Solution MPLS enables one physical network to be configured and operate as many separate virtual networks • L2 or L3 VPN services New acquisitions and various applications can be added to the network via MPLS VPNs • Each subsidiary or application is allowed to operate as though each has a private network…over a cost effective shared infrastructure MPLS allows for more control over network bandwidth allocation per service/application while maintaining latency requirements for critical applications The Result: Diverse needs of business units are satisfied with virtualized networks that cost less and effectively scale to support the largest enterprises Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Agenda Brief MPLS Overview Advantages of MPLS Networks Why MPLS Is “Important” to Data Center Deployments Deployment Scenarios Inter-Data Center Transport Network Network Segmentation for Compliance (VLAN-VRF) L2VPN for VLAN Extensions (VMotion for DRP) Summary Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Drivers for MPLS in the Data Center: Three Common Scenarios Inter-Data Center Transport Network 1 • Packet-based network that behaves like a traditional transport layer • Ex: replace existing SONET/DWDM links with MPLS Virtualized Network Core (Segmentation) 2 • Need for logical separation of network services • Separation of L3 or L2 traffic across core network for business service/application requirements or for compliance (VLAN to VRF) L2VPN Inter-Data Center Extensions 3 • Extend L2 domain across Data Centers • Supporting VMware VMotion, DRP, etc. • Both Transport and Virtualization requirements Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise 1 Inter-Data Center Transport Network Large Enterprises need to engineer traffic between consolidated Data Centers • Most Critical applications • Real-time Mainframe replication • Disk / Database / Transaction Mirroring • Fast-Reroute required to protect critical apps Traffic engineering • Expensive high-bandwidth links consolidate previous SONET links into single transport core • Must allocate bandwidth to various applications • Must protect latency of critical apps SuperCore is transport core only • Strict demarc from existing WAN—No routing interaction • All links exposed as point-to-point L2VPNs • In-sourced carrier network to protect the “Crown Jewels” Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Inter-Data Center Transport Network Applications engineered into LSPs across MPLS SuperCore Data Center Corp WAN Data Center Data Center Critical applications protected by FastReroute Detour paths and secondary LSPs Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Virtualized Network Core (Segmentation) 2 MPLS VPN applications at the WAN Edge and Core/Aggregation layer provide unique traffic separation capabilities L3VPNs • Maintain separate L3 VPN connectivity across Data Centers via “super core” network • Can map VLAN to VRF to maintain consistent segmentation end-to-end VPLS and L2VPN • Multipoint Virtual LAN networks across MPLS core • Can extend VLAN segments across multiple locations for mirroring or DRP Pseudo-wire Circuits • Point-to-Point connections across MPLS core • Ethernet Port or VLAN circuits Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Juniper Data Center Network Architecture Collapsed Layers Single JUNOS software Option to collapse WAN and Core Wan Edge Easier to operate and manage Reduced power, cooling, and space Core Layer Core ONLY Aggregation Layer Access Layer 10 GbE (active) 10 GbE (standby) 1 GbE Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Juniper Data Center Network Architecture Virtualization With JUNOS IP or MPLS Securely isolate businesses and applications with L3 VPNs WAN Edge VLANs (mapped into VRFs) Traffic engineering and end to end quality of service from server to server across DCs MX – IP or MPLS L3 VPNs consolidate separate business units Extend virtualization per application with MPLS in DC Core Layer VLANs Access Layer Trunk VPN Server VLAN Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise MPLS in the Data Center LSR LSR LER VPNs DS TE QoS MPLS’s leverage of L3 protocols makes it more robust + scalable than VLANs + spanning trees for data center interior services Flexible traffic separation (VPNs) and traffic management (DS TE) open up new virtualization options in DCs MPLS HA (node, link and path) add responsiveness + reliability to the traffic management and scale Integration with WAN design (if only by similarity) can simplify performance management and opex Could go all the way to access tier in some designs Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise 3 L2VPN/VPLS for VLAN Extensions MPLS L2VPN/VPLS infrastructure at WAN edge and Core/Aggregation layers provides easy management of L2 extended domains across Data Centers Customer deployment scenarios include • Data Mirroring, archiving and application standby for DRP and business continuity planning • Also growth in server virtualization and virtual machine management across Data Centers • Primarily VMware VMotion to move virtual machines/applications across the network without losing information • Moves could be in the local LAN, or across the MPLS core to another Data Center for migration or DRP Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Archiving, Back-Up + Mirroring Between Data Centers via VPLS DC 1 Other Production Traffic Mirroring VLAN 1 Core Mirroring VLAN 2 DC 2 Mirroring + back-up hosts can live in VLANs designed for that purpose VPLS-capable node is required at aggregation/core tier Amount of bandwidth required can be allocated + enforced Mirroring VLAN 1 Other production applications can carry on in parallel Mirroring VLAN 2 Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Support for VMotion across Data Centers DC 1 VM 1 Other Production Traffic Core VM 2 DC 2 VM 1 VM 2 Copyright © 2008 Juniper Networks, Inc. L2VPN/VPLS path created in order to move Virtual Machines across Data Centers Requirement to stay on same subnet maintained end to end Bandwidth and latency requirements enforced across network components Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Agenda Brief MPLS Overview Advantages of MPLS Networks Why MPLS Is “Important” to Data Center Deployments Deployment Scenarios Inter-Data Center Transport Network Network Segmentation for Compliance (VLAN-VRF) L2VPN for VLAN Extensions (VMotion for DRP) Summary Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Summary MPLS in the Data Center provides great flexibility and reliability for deploying business critical applications • MPLS VPN simplifies the implementation and management of application and business network segmentation requirements • L2VPN/VPLS eases the implementation and support requirements for L2 domains across multiple locations • MPLS Traffic Engineering reduces the cost of transport network deployments by using the same label technology over cheaper Ethernet without compromising on reliability and convergence times MPLS on the WAN core and Data Center Core/ Aggregation Layers • Enables consolidation of disparate networks onto a single network • Delivers control through traffic segmentation • Provides resiliency with fast reroute and traffic engineering Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› Accelerating the Enterprise Copyright © 2007 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net ‹#› 29
