© 2008 Cisco Systems, Inc. All rights reserved. 1

Layer 2 Extensions for Data Center Interconnect with Catalyst 6500

Belmont Belmont ChiaChia

Consulting System EngineerConsulting System EngineerData Center Network ArchitectureData Center Network Architecture

Cisco Confidential 2© 2008 Cisco Systems, Inc. All rights reserved.

Agenda

Problem Statement

Transport Options1. Dark Fiber

2. MPLS

3. IP

Encryption

Cisco Confidential 3© 2008 Cisco Systems, Inc. All rights reserved.

Problem Statement

Why Layer 2 across Data Centers1. Geocluster

2. Legacy applications (hard-coded IP)

3. Redundant configurations (HSRP/VRRP, heartbeats, etc)

Provide layer 2 connectivity between data centers with:1. Redundant Paths

2. STP Isolation

3. Failover within

Cisco Confidential 4© 2008 Cisco Systems, Inc. All rights reserved.

DC Core

Aggregation

Access

DC Interconnect – Transport Options

Site A

Site D

Site B

Site C

Dark FiberMPLS

IP

Cisco Confidential 5© 2008 Cisco Systems, Inc. All rights reserved.

L2 Extension Transport Options

Dark Fiber – Applicable for Short Distances (< 100km)

MPLS– Applicable if Enterprise is ready to deploy MPLS in core– MPLS service can be self-deployed or as managed service from

SP (directly attached L2VPN or Carrier supporting Carrier)

IP– Applicable for majority of customers with no Dark Fiber or

MPLS

Cisco Confidential 6© 2008 Cisco Systems, Inc. All rights reserved.

Agenda

Problem Statement

Transport Options1. Dark Fiber

2. MPLS

3. IP

Encryption

Cisco Confidential 7© 2008 Cisco Systems, Inc. All rights reserved.

DC Core

Aggregation

Access

DC Interconnect – Dark Fiber

Site A

Site D

Site B

Site C

• Assumes dark fiber between sites

• Distance limitations are given by DWDM

• Number of sites can be 2 or more

Cisco Confidential 8© 2008 Cisco Systems, Inc. All rights reserved.

DC Core

Aggregation

Access

DC Interconnect – Dark Fiber

Site A

Site D

Site B

Site C

• Assumes dark fiber between sites

• Distance limitations are given by DWDM

• Number of sites can be 2 or more

Cisco Confidential 9© 2008 Cisco Systems, Inc. All rights reserved.

DC Interconnect – Dark Fiber

Site A

Site D

Site B

Site C

• Add 2 switches in main data centers

• Switches use separate lambda to interconnect

• These switches will form a VSS

• Use DWDM X2 to build VSL*

Cisco Confidential 10© 2008 Cisco Systems, Inc. All rights reserved.

A B

DC Interconnect – Dark Fiber

Site A

Site D

Site B

Site C

• Repeat similar principle for all sites

Cisco Confidential 11© 2008 Cisco Systems, Inc. All rights reserved.

Agenda

Problem Statement

Transport Options1. Dark Fiber

2. MPLS

3. IP

Encryption

Cisco Confidential 12© 2008 Cisco Systems, Inc. All rights reserved.

DC Core

Aggregation

Access

DC Interconnect – MPLS

Site A

Site D

Site B

Site C

EoMPLS / VPLSMPLS

Cisco Confidential 13© 2008 Cisco Systems, Inc. All rights reserved.

L2 extension Loop PreventionEoMPLS PW

LocalSTP

Backup PW into Core

LocalSTP

Site A Site B

with EEM to enable the backup PW

EoMPLS PW-redundancyLoop-free interconnexion for dual sites VLAN extension

Native Port xconnect

New solution under validation

Cisco Confidential 14© 2008 Cisco Systems, Inc. All rights reserved.

Per VLANalternate path

LocalSTP

Only Local STPPW redundancy into PE

LocalSTP

Site A

L2 Core L2 Core

Per VLANVFI

L2 extension Loop Prevention VPLS

Cisco Confidential 15© 2008 Cisco Systems, Inc. All rights reserved.

Layout for multiple DCs

Cisco Confidential 16© 2008 Cisco Systems, Inc. All rights reserved.

Agenda

Problem Statement

Transport Options1. Dark Fiber

2. MPLS

3. IP

Encryption

Cisco Confidential 17© 2008 Cisco Systems, Inc. All rights reserved.

DC Core

Aggregation

Access

DC Interconnect – IP

Site A Site B

EoMPLSoGRE / VPLSoGREGRE Tunnels

IP

Requires Whitney 2SIP-400 for WAN uplinks

Cisco Confidential 18© 2008 Cisco Systems, Inc. All rights reserved.

IP CoreIP Core

DC Interconnect using EoMPLSoGRE

GRE Tunnels

12.2(33)SXI feature

Edge only functionality using SIP400

Site A

Site BEoMPLSLSoGRE

EoMPLSoGRE

SIP-400

SIP-400

SiSi

SiSi

Cisco Confidential 19© 2008 Cisco Systems, Inc. All rights reserved.

DC Interconnect using VPLSoGRE

IP CoreIP Core

GRE Tunnel

s

12.2(33)SXI feature

Edge only functionality using SIP400

Site A

Site C

Site BVPLSoGRE

VPLSoGRE

VPLSoGRE

SIP-400

SIP-400

SIP-400

SiSi

SiSi

SiSi

Cisco Confidential 20© 2008 Cisco Systems, Inc. All rights reserved.

Agenda

Problem Statement

Transport Options1. Dark Fiber

2. MPLS

3. IP

Encryption

Cisco Confidential 21© 2008 Cisco Systems, Inc. All rights reserved.

Encrypted L2 extensionusing ATOMoGRE

Nowadays IPSec is the main encryption mecanismIPSEC requires IP packetsL2 are not IP packetsToday, no native L2oIP solution is existing

L2oGRE is acting as L2oIP and so can be encryptedEoMPLS for point to point solutionVPLS for multipoint solution

Requires either:Two boxes solution (one for L2VPNoGRE, one for IPSec)One box solution with a wrap cable

Cisco Confidential 22© 2008 Cisco Systems, Inc. All rights reserved.

VPLS o GRE o IPSEC in one boxwith wrap-cable

Crypto

GREVPLS PW

Wrap ports• ingres is SIP-400• egress is any port

SIP-400

VPN-SPA

VRFedge

VRFcore

Core port

any Ethernet port

GREL3

To integrate both function in one box:1. Use VRFs to isolate routing

• One VRF for edge link• One VRF for Core links

2. Wrap cable to connect SIP-400 toward VRF

Cisco Confidential 23© 2008 Cisco Systems, Inc. All rights reserved.

Key Takeaways

The Key Takeaways of this presentation are:Catalyst 6500 offers multiple solutions for extending Layer 2 between multiple Data Centers VSS with DWDM on Catalyst 6500 offers a 10G multipoint solutionATOMoGRE with SIP-400 offers a 1G multipoint solution for L2 extensions over a WAN with IP or MPLS coreL2 extension options on Catalyst 6500 are redundant, scalable and secure.