Thursday, December 12, 2019

Switching from MPLS core to EVPN core

Now that quite a few vendors have BGP EVPN over VXLAN capable access switches, I'm wondering if anyone is doing their core network with these technologies?

We're currently running MPLS in our own network and routing between VRFs happens on the DC firewalls:

https://pasteboard.co/IKVL8wT.png

Each building has an aggregation switch that also talks MPLS towards the core, and terminates all the VLANs from the access layer. Access layer is L2.

We have lot's of different buildings and 50+ different segments for different use cases so just configuring L3 on the access layer would be somewhat nightmare to manage with all the ACLs etc. Also we would lose visibility over the traffic between the segments.

Wondering also how do you do traffic engineering, for example have workstations to use core link 1 in the picture and cameras to use link 2 as the primary path.

Not really here trying to solve any major issues but rather wondering how EVPN would work and how it would differ from running MPLS. Any thoughts?

Thanks!



No comments:

Post a Comment