LISP VXLAN Fabric Topology for a Campus Network
A campus network could be a building with a three-tier network or a group of buildings comprising multiple distribution blocks. The building blocks of a campus network are a set of interconnected Local Area Networks (LANs).
A LISP VXLAN-based fabric site could span a single large campus or multiple fabric sites within a campus.
This topology shows three buildings within a campus. The campus core switches operate as the fabric border and control plane nodes, creating the boundary of the fabric site. The intermediate nodes connect the fabric edge, border, and control plane nodes and provide the Layer 3 underlay for fabric overlay traffic.
Wired clients directly connect to the fabric edge nodes at the access layer. The shared services such as DNS, DHCP, IPAM, and so on are external to the fabric but reside in the global routing table of the campus network. For the endpoints that reside in the overlay virtual network, an inter-VRF route leaking is required to access the shared services in the global routing space. An upstream router provides the inter-VRF route leaking by importing and exporting the routes in different VRF tables to merge them. To maintain the isolation between the different overlay networks, VRF-lite extends from the fabric border nodes to the upstream routers. BGP is the protocol that is used between the fabric border and the upstream routers.
The Shared Services block provides a centralized unit for server and services management in the campus network. End user applications and services such as DNS, DHCP, and so on, are all managed within this Shared Services block.
A wireless controller is located external to the fabric and is connected to the Shared Services unit to manage the wireless clients. The wireless controller also provides Access Point (AP) image and configuration management, client session management, and mobility services.
An AP connects to a fabric edge node and is located in the default instance of the overlay. The AP establishes a CAPWAP control plane tunnel to the wireless controller and joins as local-mode AP. Wireless clients that successfully connect (authenticated and authorised) to an AP are placed in the overlay virtual network.