RE: Can I do this in EVPN? (Multihome to more different CEs)

[Adam Thompson <athompson () merlin mb ca>]

The solution we've deployed is to use a VXLAN termination device at each location requiring multi-path redundancy.
Run VXLAN over isolated L3 domains, let IS-IS or OSPF handle path selection, including ECMP if desired.
If multi-chassis redundancy is required, pick a platform that can do MLAG or similar.

So for example, I have two sites with multiple VLANs needing to be interconnected, and for whatever reason I can't just 
use a LAG (distance, lack of transparent L2 service, whatever).
We would put an Arista 7k-series pizzabox at each end, one end could be an MLAG pair.  Terminate two L2 or L3 services 
on the singleton box, terminate each service onto one half of the MLAG pair at the other site.  Run an IGP (ideally 
IS-IS with BFD, but YMNV) and ECMP and happens automatically, as does handling single-path failures.
This could equally be a MLAG-to-MLAG setup if you have too much money and need to use some up.
Cisco vPC does essentially the same thing, as does Juniper's VC.  Extreme has something similar, too.
STP does not get transported across the VXLAN transport, so you now avoid all the inherent problems with long-distance 
or multi-site STP bridging.

-Adam

Adam Thompson
Consultant, Infrastructure Services
MERLIN
100 - 135 Innovation Drive
Winnipeg, MB R3T 6A8
(204) 977-6824 or 1-800-430-6404 (MB only)
https://www.merlin.mb.ca
Chat with me on Teams: athompson () merlin mb ca

> -----Original Message-----
> From: NANOG <nanog-bounces+athompson=merlin.mb.ca () nanog org> On
> Behalf Of Jason R. Rokeach via NANOG
> Sent: February 9, 2023 1:11 PM
> Cc: nanog () nanog org
> Subject: Re: Can I do this in EVPN? (Multihome to more different CEs)
>
> VPLS doesn't handle loop avoidance. At least, not apart from split
> horizon rules.
>
> I assume that them properly connecting routers only and doing dynamic
> routing over your service is out of the question? (Even _just_ doing
> this doesn't completely solve the challenge though.)
>
> It sounds to me like your customer is needing two separate services.
> One to provide connectivity to other sites at layer 2, and another to
> provide backup connectivity within their single campus at layer 2. I
> would suggest that you treat these as two separate services, because
> there's nothing in EVPN that's going to notice on the PE side of the
> equation that the customer has a break in the middle of their
> network.
> Maybe consider offering these two services in combination:
> 1) layer 2 VPN service (VPWS / single pseudowire) between the two
> sides of their campus. You would need to ensure L2CP transparency (or
> tunneling) for STP and they would need to run STP across the link to
> keep their campus whole
> 2) EVPN with ESI in single-active mode, as you had mentioned.
>
>
>
>
> ------- Original Message -------
> On Thursday, February 9th, 2023 at 11:56 AM, Simon Lockhart
> <simon () slimey org> wrote:
>
>
> >
>
> >
>
> > On Thu Feb 09, 2023 at 11:54:28AM -0500, Shawn L wrote:
>
> > > You should be able to setup a VPLS between 3 (or more) devices.
> Something like this --
> >
>
> >
>
> > [snip]
>
> > Thanks - I'm not committed to EVPN, so VPLS could work too. Would
> VPLS
> > handle loop avoidance for me? (i.e. if I have two VPLS PE
> connections into
> > the same broadcast domain on the customer side)
>
> > Simon
>
> _______________________
> Jason R. Rokeach
> m: 603.969.5549
> e: jason () rokea ch
> tg: jasonrokeach
>
>
> Sent with ProtonMail secure email. Get my PGP Public Key.