Category: EVPN

Topology: regional/metro VXLAN EVPN fabric across multiple small branch offices and a regional hub with SD-WAN at all sites, with local direct Internet/Cloud traffic breakout at SD-WAN.

Expected traffic flow: internal traffic over VXLAN/EVPN over SD-WAN with local direct Internet/Cloud access at each branch. Additionally, the VTEP function is on the access switches at each location.

Can we use VXLAN with EVPN to implement a data center interconnect (DCI) between two data centers? Can we use it to reduce the failover time to below 50 msec?

We are running a multi-tenant DC network, spanning 3 sites. The network has three layers (per site): DC-LAN, DC-EDGE and DC-WAN-CORE. DC-EDGE is used for connecting all incoming circuits (internet, all sorts of wan connections). DC-LAN is used for connecting workloads. DC-WAN-CORE connects 3 sites together.

Right now, we are using MPLS-L3VPNs between DC-LAN, DC-EDGE and DC-WAN-CORE. DC-LAN (L2 part) is a traditional network with VPC and OTV.

We want to move to VXLAN/BGP-EVPN for DC-LAN. But what to do with DC-EDGE and DC-WAN-CORE? Still use MPLS (but with SR instead of LDP) or also use VXLAN/BGP-EVPN? In the last option, we could use (Cisco) N9k only boxes. In the first option, we could also use only N9k boxes, but then using real routers in the DC-EDGE makes more sense to have more routing capabilities and insights at the border of your network.