VXLAN routing with EVPN: asymmetric vs. symmetric model Cumulus Networks engineering blog

Consider the above instance. Host A desires to be in contact with Host B, which is located on a unique VLAN and a distinct rack, thus reachable via a unique VNI. Since Host B is on a special subnet from Host A, Host A sends the frame to its default gateway, that is Leaf01 this is in most cases an Anycast Gateway, but we can cover that in a later post. Leaf01 acknowledges that the destination MAC tackle is itself, looks up the routing table and routes the packet to the Green VNI while still on Leaf01. Leaf01 then tunnels the frame in the Green VNI to Leaf02.

Leaf02 gets rid of the VXLAN header from the frame, and bridges the frame to Host B. Likewise, the return site visitors would behave in a similar fashion. Host B sends a frame to Leaf02. Leaf02 acknowledges its own vacation spot MAC address and routes the packet to the Orange VNI on Leaf02. The packet is tunneled within the Orange VNI to Leaf01. Leaf01 gets rid of the VXLAN header from the frame and bridges it to Host A.

Generally, if you configure all VLANs/subnets/VNIs on all leafs anyway e. g. for mobility or ease of configuration, the asymmetric model is for you. It’s simpler to configure and doesn’t require extra VNIs to have to probably troubleshoot and may have a bit less latency. The uneven model will also work well in case your data center can be broken down into PODS with VLANs/subnets contained in a POD.

Each leaf within the POD is configured with all VLANs/subnets/VNIs in that local POD. Other PODS and outside networks may be accessible via EVPN outside routes EVPN external routing with the asymmetric model is supported in Cumulus Linux 3. 6 release – using the L3VNI for outside routing only.

See also  Google Linking Anonymous Browser Tracking with Identifiable Tracking Schneier on Security