Types of Fabric Extend Deployments

Fabric Extend over an MPLS IP-VPN provider WAN

The most common Fabric Extend deployment is a hub and spoke topology that connects the Main office over a service provider‘s MPLS IP VPN to multiple Branch offices. The following figure illustrates how the hub device on the main site establishes virtual tunnels with all of the spoke devices in the same domain. In this scenario, the traffic flows are bidirectional: from hub-to-spoke and spoke-to-hub.

Fabric Extend IP VPN Deployment Option

Note

If Fabric Extend with IPsec or fragmentation and reassembly is a requirement, depending on your requirements, you can use a mix of VSP 7400 Series or VSP 4900 Series with Fabric IPsec Gateway and XA1400 Series at the main and branch sites.

Fabric Extend over an MPLS VPLS/P2P-VPLS/E-LINE/P2P-VLAN provider network

Where the preceding hub and spoke deployment is over a Layer 3 MPLS IP-VPN, the following VPLS deployment is over a Layer 2 segment. This type of hub and spoke deployment extends the fabric over an MPLS Virtual Private LAN Service (VPLS) or Provider Backbone Bridging (PBB) Ethernet LAN (E-LINE) network. In this scenario, the SPB nodes are connected with a point-to-point Ethernet link.

Fabric Extend VPLS Deployment Option

Fabric Extend over an IP campus network

Some customers do not want to migrate their infrastructures to SPB immediately. They want to keep their existing IP core network and deploy SPB on the edge. In this scenario, Fabric Extend supports a fabric overlay on top of the existing campus infrastructure.

The following figure illustrates how this deployment supports any-to-any traffic with full-mesh tunnels between fabric nodes. The fabric nodes serve as campus switches, support routing into the IP infrastructure, and provide an overlay fabric that enables all fabric benefits.

Fabric Extend Full Mesh Campus Deployment Option

Fabric Extend over an MPLS PWE3/E-Line provider network

The following hub and spoke deployment over an MPLS Pseudowire or Ethernet Virtual Private Line (E-Line) uses service provider VLAN tunnels. Because you can map many (VID, port/mlt list) sets to an I-SID, this gives Service Providers the flexibility to let more than one customer use the same VLAN with different I-SIDs.

Note

The VSP 4450 Series switches in this type of deployment do not require an ONA because the tunnels are point-to-point VLAN connections, not VXLAN. Therefore, there is no need for an ONA to encapsulate a VXLAN header to SPB packets.

The following figure illustrates how two dedicated Backbone VLAN IDs (B-VIDs) are mapped from the hub to spoke sites. Logical IS-IS interfaces translate the B-VIDs and maps them to each of the branch provider VIDs.

For a detailed configuration example showing logical interfaces using B-VID translation to two different logical VLAN IDs, see Shortest Path Bridging (802.1aq) Technical Configuration Guide.

Fabric Extend Pseudowire Deployment Option

Fabric Extend over IPsec

The Fabric Extend over IPsec hub and remote deployment uses service provider VLAN tunnels and IPsec to provide permanent connections between locations. It is best used for site-to-site connections, such as connecting remote sites to the core network. Since IPsec works at the network layer, this type of configuration is not limited or dedicated to a particular application.

Note

FE over IPsec connectivity requires an XA1400 Series device on each end of the FE tunnel.

The following figure illustrates how the FE over IPsec deployment supports the site-to-site connections. It shows a Layer 3 core network where Fabric Extend uses IP tunneling by adding a VXLAN header to the SPBM packets. This can be over a third party IPv4 transport network such as MPLS IP-VPN or in a Campus IP backbone.

Fabric Extend over IPsec Deployment Option