About VXLAN EVPN Multi-Site
The VXLAN EVPN Multi-Site solution uses border gateways is either anycast or virtual port channel configuration in the data plane to terminate and interconnect overly domains.
The border gateways provide the network control boundary that is necessary for traffic enforcement and failure containment functionality.
In the control plane, BGP sessions between the border gateways rewrite the next hop information of EVPN routes and re-originate them. VXLAN Tunnel Endpoints (VTEPs) are only aware of their overlay domain internal neighbors including the border gateways. All routes external to the fabric have a next hop on the border gateways for Layer 2 and Layer 3 traffic.
The VXLAN EVPN Multi-Site feature is a solution to interconnect two or more BGP-based Ethernet VPN (EVPN) site's fabrics in a scalable fashion over an IP-only network.
The Border Gateway (BG) is the node that interacts with nodes within a site and with nodes that are external to the site. For example, in a leaf-spine data center fabric, it can be a leaf, a spine, or a separate device acting as a gateway to interconnect the sites.
The VXLAN EVPN Multi-Site feature can be conceptualized as multiple site-local EVPN control planes and IP forwarding domains interconnected via a single common EVPN control and IP forwarding domain. Every EVPN node is identified with a unique site-scope identifier. A site-local EVPN domain consists of EVPN nodes with the same site identifier. Border Gateways on one hand are also part of site-specific EVPN domain and on the other hand a part of a common EVPN domain to interconnect with Border Gateways from other sites. For a given site, these Border Gateways facilitate site-specific nodes to visualize all other sites to be reachable only via them. This would mean:
-
Site-local bridging domains are interconnected only via Border Gateways with bridging domains from other sites.
-
Site-local routing domains are interconnected only via Border Gateways with routing domains from other sites.
-
Site-local flood domains are interconnected only via Border Gateways with flood domains from other sites.
Selective Advertisement is defined as the configuration of the per-tenant information on the border gateway. Specifically, this means IP-VRF or MAC-VRF (EVPN Instance). In cases where External Connectivity (VRF-lite) and EVPN Multi-Site co-exist on the same border gateway, the advertisements are always enabled.