LISP (Locator/ID Separation Protocol) – Part I

This is first blog about the LISP (Locator/ID Separation Protocol) defined in RFC 6830 https://tools.ietf.org/html/rfc6830, which is a future reach routing architecture. First I am going to provide some information about the LISP and then focus on some practical examples for LISP-to-LISP site communication. The LISP separates the location from the identity, in other word it separates the end user device identifiers (EID) from the routing locators (RLOC). Let’s look at some main components of the LISP. The following are some of the key components that build the LISP architecture:

Continue reading

Citrix SD-WAN – part 2

In this blog I will describe how to setup and configure BGP between Citrix SD-WAN appliance and rest of the network infrastructure when deploying Citrix SD-WAN in gateway deployment. Also I am going to show how to create custom rule to match specific flow and steer such traffic over virtual path

I am going to use below topology to setup BGP for SD-WAN in in-line deployment and test some its functionalities.

Let’s configure BGP at DC site first, for Branch side process will be exactly the same. To configure dynamic BGP peering go to Configuration->Connections->BGP enable BGP process, provide BGP router-id and AS number. Make sure that Advertise Citrix SD-WAN Routes option is tick, otherwise routes which are learned on the Citrix appliance won’t be advertised to other BGP peers.

Continue reading

Citrix SD-WAN basic deployment part 1

In this blog I will show you how to deployed basic Citrix SD-WAN. To demonstrate this I am going to use simple below topology.

First you have to create new configuration and to do so go to Configuration->Virtual WAN->Configuration Editor and press New to start new configuration. Then you can save this configuration file with default name or you can create your own.

The next step is to define new Sites and in this example for simplicity one site is called DC and the other is called Branch. Navigate to Configuration Editor – > Sites, and click the “+” Add button to create new sites. First lets start with DC. This example is based on the virtual appliance VPX but in real scenario you have to pickup your specific model. DC site is configured as primary MCN and branch as client.

Continue reading

Arista BGP EVPN+VXLAN for DCI

In this post I will go through the BGP EVPN + VXLAN for Data Center Interconnect with Arista switches. VXLAN provides the ability to decouple and abstract the logical topology by using MAC in IP encapsulation, from the physical underlay network. The VXLAN is describes in the RFC 7348 where you can read more about this technology. The initial VXLAN standard describe a multicast flood-and -learn for the overlay broadcast, unknown unicast and multicast traffic. Such flooding introduces some scalability concerns and to overcome the limitation of the flood-and-learn VXLAN the BGP EVPN can be used as the control-plane for VXLAN. The BGP EVPN has been define as the standard control-plane in the RFC 7432 for VXLAN overlays. The MP-BGP EVPN control-plane provides VTEP peer discovery and end-host reachability information across the fabric. In addition MP-BGP EVPN inherits multitenancy supports with VRF construct.

Continue reading

Segment Routing L3VPN and TE

In my previous post Segment Routing I described basic concept of SR and how it works from data-plane and control-plane perspective. In this article I am going to focus how SR interact with L3VPN and MPLS TE. To do so I am going to use below network topology with Cisco IOS-XE 16.10.

L3VPN SR

The L3VPN configuration with SR is no different than traditional MPLS L3VPN deployment apart there is no LDP requirement. The CSR3 is configured as VPNv4 RR and basic VRF configuration is on each PE router.

This is configuration on the CSR1, no fancy stuff just simple VPNv4 configuration for BGP and redistribution connected into the VRF.

Continue reading

New Year 2019

It’s a new year where new opportunities and challenges can show up on the horizon. It seems like a lot of things is happening around networking so I decide to start my blog, where I can describe new technologies, show some use cases and configuration.

Segment Routing

Segment routing (SR) is describe in RFC 8402 and offer flexible way to provide traffic engineering based on the source routing. With SR there is no longer needs to maintain a per-application and per-flow state, and traffic can obey the forwarding instruction provided in the packet.

SR relies on some extension to the routing protocols ISIS and OSPF. The SR can support any type of control plane such as distributed, centralized or hybrid.

Each control plane model provide different set of capabilities and how instructions are allocated and signaled. In a distributed scenario, the segments are allocated and signaled by IS-IS or OSPF or BGP and each node individually decides how to proceed with a packet.

Continue reading