Guest

Data Center Interconnect

Cisco Advanced Virtual Private LAN Service: Unite Geographically Dispersed Data Centers

  • Viewing Options

  • PDF (470.5 KB)
  • Feedback

PB602184

Globalization, business process optimization, and the need for continuous computing operations motivate businesses to seek solutions that can both distribute and unite data centers over geographically dispersed locations. Geographically distributed data centers are desired for mutual backup to reduce interruption from a local disaster and also to facilitate data center maintenance. Ideally, computing operations are able to switch over transparently between sites, maintaining user sessions, application availability, and access to data resources. Virtual machine technology is increasingly used for distributed data center operations.

In this challenging environment, a solution that enables fast, reliable, high-capacity and highly scalable data center interconnection is essential. Such a solution is available with Virtual Private LAN Service (VPLS), a technology that provides Ethernet connectivity over packet-switched WANs. VPLS supports the connection of multiple sites in a single bridged domain over a managed IP or IP and Multiprotocol Label Switching (IP/MPLS) network. VPLS presents an Ethernet interface, simplifying the LAN-WAN boundary for enterprise customers and enabling rapid and flexible service provisioning. Data centers, each having their own Ethernet LAN, can be united in a virtual LAN (VLAN) over a WAN by using VPLS.
To meet these challenges, Cisco is introducing enhancements to accompany its standards-compliant VPLS implementation:

• Enhanced VPLS traffic load-balancing capabilities

• VPLS configuration simplifications

• Enhanced VPLS availability

A significant requirement and challenge in connecting data centers is the need to transport large volumes of IP traffic between sites. Cisco ® Advanced VPLS provides new tools for optimizing bandwidth utilization for environments with massive traffic flows.

Load Balancing Optimizes Bandwidth Resources

Load balancing is advantageous for two reasons: It optimizes resource use and it facilitates recovery from service interruptions. Equal-cost multipath (ECMP) is a load-balancing technique used in IP and IP/MPLS networks to reduce congestion and delay by distributing traffic flows across different paths on the basis of hashing on fields in the IP header or MPLS label stack. Routers at the network edge can also use ECMP techniques, allocating traffic across multiple egress interfaces to the network core.
Using a single command introduced in Cisco Advanced VPLS, load-balance flow, load balancing can be enabled on edge-router interfaces and applied to multiple paths across the network core. The advantage is that, while multiple IP flows are often aggregated over an Ethernet pseudowire, all the flows do not need to converge on the same path but can be balanced across different available paths. In addition, when the edge router is a Cisco Catalyst ® 6500/6800 Series Switch, the flows will be distributed over up to eight equal-cost egress interfaces.

Load Balancing Begins at the Edge

Edge routers typically have multiple core-facing interfaces available. Outgoing traffic is typically assigned to specific egress interfaces, which can result in imbalanced traffic loads across available interfaces. With the introduction of the new flow load-balancing command in Advanced VPLS, the edge router will assign a flow identity (or flow label) to each packet. Different flows within a pseudowire are assigned distinct flow labels, and all the packets of a particular, indivisible, flow receive the same flow label. This technique ensures in-order delivery of packets of each flow at the destination edge routers.
This flow classification can be based on Layer 2, 3, or 4 criteria, such as source and destination MAC addresses (separately or combined), or, similarly, port addresses and IP addresses, or the protocol ID, plus higher-layer flow-dependent fields such as Transmission Control Protocol and User Datagram Protocol (TCP/UDP) ports. The objective is to introduce a high degree of entropy in the flow label values so that hashing mechanisms in the edge and core routers distribute flows as evenly as possible over the egress interfaces and available ECMP paths. Note that this load balancing is based on indivisible flows of packets, not on raw packet counts.
Flow classification options for the first release of Cisco Advanced VPLS on the Cisco Catalyst 6500/6800 Series are shown in Table 1. In this release, the global PortChannel load-balancing configuration is used to classify flows to indicate the flow identity of each packet.

Table 1. Flow Classification for the First Release of Cisco Advanced VPLS on the Cisco Catalyst 6500/6800 Series

Classification Criteria

Selection Options

Source and/or destination MAC addresses

src-mac | dst-mac | src-dst-mac

Source and/or destination port addresses

src-port | dst-port | src-dst-port

Source and/or destination IP addresses

src-ip | dst-ip | src-dst-ip

Load Balancing Across the Core

IP/MPLS Networks

To fully utilize the bandwidth available in the network, Cisco Advanced VPLS uses the flow label assigned at ingress by edge routers to facilitate load balancing of flows within a pseudowire across ECMP paths. For an application such as data center interconnect (DCI), this approach achieves the important objective of load balancing across LAN extension paths. The new flow-label enable command tells the edge router to add a flow label to the MPLS label stack when performing pseudowire encapsulation. Figure 1 illustrates the insertion of a flow label into the MPLS label stack.

Figure 1. Flow-Aware Transport of Pseudowires in IP/MPLS Networks

Figure 2 shows how flow labels enable load balancing across an IP/MPLS network.

Figure 2. Advanced VPLS Load Balances Flows Across Multiple Equal-Cost Paths

To synchronize the ingress and egress edge routers for the imposition and disposition of flow labels, the routers can be identically provisioned manually, or Label Distribution Protocol (LDP) can used to signal the flow-label processing state.
Flow labels must be identically provisioned on both edge routers at the pseudowire endpoints. At first release Cisco Advanced VPLS, manual configuration is supported; LDP signaling will be supported in a future release.
Figure 3 shows that flow-labeled pseudowires deliver packets within each flow in proper sequence.

Figure 3. Advanced VPLS Load Balancing Reduces Congestion and Delay

IP Networks

In IP networks, load balancing will be supported across the IP core networks using Generic Routing Encapsulation (GRE), as shown in Figure 4. As in IP/MPLS networks, the flow-label enable command tells the edge routers to perform hash calculations on fields in the IP header to generate a flow label. As the edge router, the Cisco Catalyst 6500/6800 Series uses the hashing process to distribute the flows across multiple available egress interfaces. Across the IP core, GRE encapsulates the MPLS payload and tunnels pseudowire traffic over the network (MPLS over GRE). In this case, instead of an additional flow label being added, the flow label is inserted in the (optional) Key field of the GRE header. Load balancing across IP networks using GRE will be supported in a future release.

Figure 4. Flow-Aware Transport of Pseudowires Using GRE in IP Networks

Ease of Use

Cisco Advanced VPLS makes configuration of advanced router and network load balancing straightforward. The two new commands, load-balance flow and flow-label enable, turn on load-balancing hashing and flow-label imposition, respectively. Note that load balancing on the ingress edge router can be enabled even if load balancing across the network is not enabled.
The Cisco Advanced VPLS flow-label enable command inserts a flow label in the MPLS stack or GRE Key field. In addition, when a Cisco Catalyst 6500/6800 Series Switch is the edge router, the hash computation results in distribution of the flows across multiple egress interfaces, optimizing utilization of the interfaces and improving the customer's total cost of ownership (TCO). Additionally, the internal implementation on the Cisco Catalyst 6500/6800 Series provides failover in less than a second, increasing the availability of the protected services.
The new interface virtual-ethernet command provides a configuration more compatible with enterprise environments than the traditional xconnect vfi commands used in service provider environments.
The following two configuration examples contrast the new Cisco Advanced VPLS configuration with the current equivalent.

Example 1: Advanced VPLS Configuration

Example 1 introduces flow load balancing and flow-label imposition together with the compact virtual Ethernet configuration commands.
pseudowire-class cl1
encap mpls
! enable load-balancing on the edge router based on ECMP
! hashing
load-balance flow
! enable load balancing across the network core
! using flow labels
flow-label enable
interface virtual-ethernet 1
! transport configuration
transport vpls mesh
neighbor 2.2.2.2 pw-class cl1
neighbor 3.3.3.3 pw-class cl1
! service configuration
switchport
switchport mode trunk
switchport trunk allowed vlan 10, 20
Internally, this configuration is expanded by the virtual Ethernet module and mapped to the VPLS configuration below the system level to set up a VPLS transport mesh that is equivalent to the configuration shown in Example 2.

Example 2: Existing VPLS Configuration

The equivalent configuration shown in Example 2 uses the Layer 2 vfi and xconnect commands.
pseudowire-class cl1
encap mpls
! enable load-balancing on the edge router based on ECMP
! hashing
load-balance flow
! enable load balancing across the network core
! using flow labels
flow-label enable
l2 vfi dci-10 manual
vpn id 10
neighbor 2.2.2.2 pw-class cl1
neighbor 3.3.3.3 pw-class cl1
interface vlan 10
xconnect vfi dci-10
l2 vfi dci-20 manual
vpn id 20
neighbor 2.2.2.2 encap mpls
neighbor 3.3.3.3 encap mpls
interface vlan 20
xconnect vfi dci-20

Tunnel Mapping

In deployments using MPLS traffic engineering or IP GRE, tunnel interfaces can be specifically mapped to particular core-facing interfaces.
To configure routing by explicitly selected tunnels, use either the MPLS preferred-path tunnel selection option under pseudowire-class or the route-via option under the virtual-ethernet transport configuration. At first release, MPLS preferred-path tunnel selection is supported; the route-via option will be supported in a future release.

Operations, Administration, and Maintenance

LSP ping is not supported in the first release of flow-labeled traffic on pseudowires.
LSP trace is not supported when a multisegment pseudowire (MS-PW) contains flow-labeled segments.

Cisco Advanced VPLS: Powerful Yet Simple to Use

Cisco Advanced VPLS provides simple new commands that deliver powerful traffic flow load-balancing technology in IP and IP/MPLS networks. Load balancing in the network, integrated with Cisco Catalyst 6500/6800 Series Switches, optimizes resource utilization, improving customers' return on investment (ROI). It also facilitates recovery from service interruptions, increasing the availability of the protected services.
Cisco Advanced VPLS benefits service providers and enterprises by optimizing use of bandwidth in many deployment scenarios, including DCI applications for enterprises and for service provider-managed services.

Highlights of Cisco Ethernet and VPLS Connectivity

Table 2 summarizes the features that Cisco Advanced VPLS offers for Ethernet and VPLS Connectivity.

Table 2. Cisco Advanced VPLS Features for Ethernet and VPLS Connectivity

Technology

Feature

Cisco Catalyst 6500/6800 Series

Ethernet over MPLS (EoMPLS)

Base EoMPLS

Yes

High availability

Nonstop forwarding (NSF) and stateful switchover (SSO)

Pseudowire redundancy

Flow-based load balancing

Layer 2, 3, and 4 flows

VPLS

Base VPLS

Yes

High availability

NSF and SSO

VPLS MAC address withdrawal

Yes

Per-port MAC address limiting

Yes

Protocol-independent MAC address ACL filtering

Yes

Encapsulation

MPLS and GRE

Pseudowire signaling

Targeted LDP (T-LDP)

Hierarchical VPLS (H-VPLS) with MPLS edge

Yes

VPLS autodiscovery (Border Gateway Protocol [BGP] based)

-

Cisco Advanced VPLS

Command-line interface (CLI) simplification

Virtual Ethernet interface

Flow-based load balancing

Layer 2, 3, and 4 flows

Network provider edge redundancy

Virtual switching system (VSS) based

For More Information

Cisco Data Center Interconnect
http://www.cisco.com/go/dci.
Cisco Virtual Private LAN Services (VPLS) white papers http://www.cisco.com/en/US/products/ps6648/products_ios_protocol_option_home.html.