Layer 2 Extensions for
Data Center Interconnect
with Catalyst 6500
Belmont Chia
Consulting System Engineer
Data Center Network Architecture
© 2008 Cisco Systems, Inc. All rights reserved.
1
Agenda

Problem Statement

Transport Options
1. Dark Fiber
2. MPLS
3. IP

Encryption
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
2
Problem Statement

Why Layer 2 across Data Centers
1. Geocluster
2. Legacy applications (hard-coded IP)
3. Redundant configurations (HSRP/VRRP, heartbeats, etc)

Provide layer 2 connectivity between data centers with:
1. Redundant Paths
2. STP Isolation
3. Failover within <4 seconds
4. Load balancing
5. Scalable
6. Encryption (optional)
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
3
DC Interconnect – Transport Options
Site A
Site B
Dark Fiber
MPLS
IP
DC Core
Aggregation
Access
Site D
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
Site C
4
L2 Extension Transport Options
 Dark Fiber
– Applicable for Short Distances (< 100km)
 MPLS
– Applicable if Enterprise is ready to deploy MPLS in core
– MPLS service can be self-deployed or as managed service from
SP (directly attached L2VPN or Carrier supporting Carrier)
 IP
– Applicable for majority of customers with no Dark Fiber or
MPLS
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
5
Agenda

Problem Statement

Transport Options
1. Dark Fiber
2. MPLS
3. IP

Encryption
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
6
DC Interconnect – Dark Fiber
Site A
Site B
• Assumes dark fiber
between sites
• Distance limitations
are given by
DWDM
• Number of sites
can be 2 or more
DC Core
Aggregation
Access
Site D
Site C
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
7
DC Interconnect – Dark Fiber
Site A
Site B
• Add 2 switches in
main data centers
• Switches use
separate lambda to
interconnect
• These switches will
form a VSS
• Use DWDM X2 to
build VSL*
Site D
Site C
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
9
DC Interconnect – Dark Fiber
Site A
Site B
A
• Repeat similar
principle for all
sites
B
Site D
Site C
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
10
Agenda

Problem Statement

Transport Options
1. Dark Fiber
2. MPLS
3. IP

Encryption
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
11
DC Interconnect – MPLS
Site A
Site B
EoMPLS / VPLS
MPLS
DC Core
Aggregation
Access
Site D
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
Site C
12
L2 extension Loop Prevention
EoMPLS PW
with EEM to
enable the
backup PW
Site B
Site A
Backup PW into Core
Local
STP
Local
STP
EoMPLS PW-redundancy
Loop-free interconnexion for dual sites VLAN extension
Native Port xconnect
New solution under validation
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
13
L2 extension Loop Prevention
VPLS
Site A
L2 Core
Per VLAN
PerVFI
VLAN
alternate path
Only Local STP
PW redundancy into PE
Local
STP
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
L2 Core
Local
STP
14
Layout for multiple DCs
Data Center B
Core
Agg
Access
Core
Core
MPLS/VPLS
Agg
Agg
Access
Access
Data Center A
Data Center C
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
15
Agenda

Problem Statement

Transport Options
1. Dark Fiber
2. MPLS
3. IP

Encryption
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
16
DC Interconnect – IP
Site A
Site B
EoMPLSoGRE / VPLSoGRE
GRE Tunnels
IP
DC Core
Aggregation
Access
Requires Whitney 2
SIP-400 for WAN uplinks
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
17
DC Interconnect using EoMPLSoGRE
12.2(33)SXI feature
Edge only functionality using SIP400
SIP-400
IP Core
Site A
Si
EoMPLSLSoGRE
Site B
Si
SIP-400
EoMPLSoGRE
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
18
DC Interconnect using VPLSoGRE
12.2(33)SXI feature
SIP-400
Si
Edge only functionality using SIP400
Site C
VPLSoGRE
SIP-400
Site A
IP Core
Si
VPLSoGRE
Si
Site B
SIP-400
VPLSoGRE
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
19
Agenda

Problem Statement

Transport Options
1. Dark Fiber
2. MPLS
3. IP

Encryption
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
20
Encrypted L2 extension
using ATOMoGRE
 Nowadays IPSec is the main encryption mecanism
IPSEC requires IP packets
L2 are not IP packets
Today, no native L2oIP solution is existing
 L2oGRE is acting as L2oIP and so can be encrypted
EoMPLS for point to point solution
VPLS for multipoint solution
 Requires either:
Two boxes solution (one for L2VPNoGRE, one for IPSec)
One box solution with a wrap cable
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
21
VPLS o GRE o IPSEC in one box
with wrap-cable
VRF
core
L3
Core port
any Ethernet port
VPN-SPA
GRE
Crypto
VRF
edge
VPLS PW SIP-400
GRE
Wrap ports
• ingres is SIP-400
• egress is any port
To integrate both function in one box:
1. Use VRFs to isolate routing
• One VRF for edge link
• One VRF for Core links
2. Wrap cable to connect SIP-400 toward VRF
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
22
Key Takeaways
The Key Takeaways of this presentation are:
 Catalyst 6500 offers multiple solutions for extending
Layer 2 between multiple Data Centers
 VSS with DWDM on Catalyst 6500 offers a 10G
multipoint solution
 ATOMoGRE with SIP-400 offers a 1G multipoint
solution for L2 extensions over a WAN with IP or MPLS
core
 L2 extension options on Catalyst 6500 are redundant,
scalable and secure.
© 2008 Cisco Systems,Cisco
Inc. All
rights reserved.
Confidential
23