Sharing Resources Across Tenants Using "Shared Tenant"

  1. Resource: Phy port, l2-vni-range, l3-vni-range, vlan-range, num-vrf.
  2. Entity : PO, VRF, EPG
  3. Ownership of resources will continue to stay per tenant.
  4. Tenant construct will have a new attribute called “role = shared” and the tenant holds the resources/entities that CAN be shared across ALL the tenants.
  5. Resources/entities owned/created by the shared tenant will be available for use by ALL the other tenants and not with specific set of tenants.
  6. Tenant service can have one shared tenant to service all the shared resources.
  7. Shared tenant can own the resources: Ports, L3VNI
  8. Shared tenant can create the entities: Pos, VRFs
  9. Shared tenant will not be able to create EPG.
  10. Non-shared tenant cannot use the ports owned by shared tenant if the ports are already part of PO.
  11. Non-shared tenant cannot create the PO using the ports owned by the shared tenant.

Shared Port Usecase (L2 Handover)

Click to expand in new window
Shared Port Usecase

EFA Provisioning

efa tenant create --name tenant1 --l2-vni-range 101-110 --vlan-range 101-110,201-210 --port L-1[0/1]
efa tenant create --name tenant2 --l2-vni-range 111-120 --vlan-range 101-110,211-220 --port L-2[0/2]
efa tenant create --name tenant3 --l2-vni-range 121-130 --vlan-range 101-110,221-230 --port L-3[0/3]
efa tenant create --name tenant4 --l2-vni-range 131-140 --vlan-range 101-110,231-240 --port L-4[0/4]

efa tenant create --name SharedTenant --port BL-1[0/1],BL-2[0/1] --role shared

efa tenant epg create --name ten1epg1 -–tenant tenant1 --port L-1[0/1] --switchport-mode trunk --ctag-range 101-110 --l2-vni 101:101 --l2-vni 102:102 ….. --l2-vni 110:110
efa tenant epg create --name ten2epg1 -–tenant tenant2 --port L-2[0/2] --switchport-mode trunk --ctag-range 101-110 --l2-vni 101:111 --l2-vni 102:112 ….. --l2-vni 110:120
efa tenant epg create --name ten3epg1 –-tenant tenant3 --port L-3[0/3] --switchport-mode trunk --ctag-range 101-110 --l2-vni 101:121 --l2-vni 102:122 ….. --l2-vni 110:130
efa tenant epg create --name ten4epg1 --tenant tenant4 --port L-4[0/4] --switchport-mode trunk --ctag-range 101-110 --l2-vni 101:131 --l2-vni 102:132 ….. --l2-vni 110:140

efa tenant epg create --name ten1epg2 -–tenant tenant1 -–port BL-1[0/1],BL-2[0/1] --switchport-mode trunk --ctag-range 201-210 --l2-vni 201:101 --l2-vni 202:102 ….. --l2-vni 210:110
efa tenant epg create --name ten2epg2 -–tenant tenant2 -–port BL-1[0/1],BL-2[0/1] --switchport-mode trunk --ctag-range 211-220 --l2-vni 211:111 --l2-vni 212:112 ….. --l2-vni 220:120
efa tenant epg create --name ten3epg2 –-tenant tenant3 -–port BL-1[0/1],BL-2[0/1] --switchport-mode trunk --ctag-range 221-230 --l2-vni 221:121 --l2-vni 212:122 ….. --l2-vni 230:130
efa tenant epg create --name ten4epg2 –-tenant tenant4 -–port BL-1[0/1],BL-2[0/1] --switchport-mode trunk --ctag-range 231-240 --l2-vni 231:131 --l2-vni 212:132 ….. --l2-vni 240:140

Shared PO Usecase (L2 Handover)

Click to expand in new window
Shared PO Usecase (L2 Handover)

EFA Provisioning

efa tenant create --name SharedTenant --port BL-1[0/1],BL-2[0/1] -–l3-vni-range 1001-1010 –-vrf-count 10 --role shared 
efa tenant vrf create --name red --tenant SharedTenant
efa tenant epg create --name ten1epg1 --tenant tenant1 --port L-1[0/1] --switchport-mode trunk --ctag-range 101-102 --l2-vni 101:101 --l2-vni 102:102 --anycast-ip 101:10.10.10.1/24 --vrf red –-l3-vni 1001
efa tenant epg create --name ten2epg1 --tenant tenant2 --port L-2[0/2] --switchport-mode trunk --ctag-range 101-102 --l2-vni 101:111 --l2-vni 102:112 --anycast-ip 101:10.10.11.1/24 --vrf red -–l3-vni 1001
efa tenant epg create --name ten3epg1 --tenant tenant3 --port L-3[0/3] --switchport-mode trunk --ctag-range 101-102 --l2-vni 101:121 --l2-vni 102:122 --anycast-ip 101:10.10.12.1/24 --vrf red –-l3-vni 1001
efa tenant epg create --name ten1epg1 --tenant tenant4 --port L-4[0/4] --switchport-mode trunk --ctag-range 101-102 --l2-vni 101:131 --l2-vni 102:132 --anycast-ip 101:10.10.13.1/24 --vrf red -–l3-vni 1001

Shared PO Usecase (L3 Handoff)

Click to expand in new window
Topology Diagram

Switch Config

Click to expand in new window
L3 hand-off using BGP towards External Gateway: VRF1
Click to expand in new window
L3 hand-off using BGP towards External Gateway: VRF2

EFA Provisioning

efa tenant create --name tenant1 --l2-vni-range 1001-1010 --vlan-range 1001-1010 --port BL-1[0/11],BL-2[0/11] --l3-vni-range 10001-10010 --vrf-count 10
efa tenant create --name tenant2 --l2-vni-range 1101-1110 --vlan-range 1101-1110 --port BL-1[0/21],BL-2[0/21] --l3-vni-range 20001-20010 --vrf-count 10

efa tenant vrf create --name vrf1 --tenant Tenant1
efa tenant vrf create --name vrf2 --tenant Tenant2

efa tenant epg create --name ten1epg1 --tenant tenant1 --port BL-1[0/11] --switchport-mode trunk --ctag-range 1001 --l2-vni 1001:1001 --anycast-ip 1001:10.10.10.1/24 --vrf vrf1 –-l3-vni 1001
efa tenant epg create --name ten2epg1 --tenant tenant2 --port BL-1[0/21] --switchport-mode trunk --ctag-range 1101 --l2-vni 1101:1101 --anycast-ip 1101:10.10.11.1/24 --vrf vrf2 -–l3-vni 1002

efa tenant create --name SharedTenant --port BL-1[0/1-8],BL-2[0/1-8] --role shared

efa tenant po create --name po101 --tenant SharedTenant --speed 10Gbps --negotiation active -–port BL-1[0/1],BL-1[0/2] 
efa tenant po create --name po102 --tenant SharedTenant --speed 10Gbps --negotiation active -–port BL-1[0/3],BL-1[0/4]

VRF1

efa tenant epg create –-name ten1epg2 –-tenant tenant1 --type l3-handover --po po101 –-switchport-mode trunk –-ctag-range 101 -–vrf vrf1  –-local-ipv4-address 11.1.1.1/30 –-local-ipv6-address 2001:11:1:1::1/126 -–remote-ipv4-address 11.1.1.2 -–remote-ipv6-address 2001:11:1:1::2 --remote-as 4220000001 –-bfd -–bfd-interval 100 –-bfd-min-rx 200 –-bfd-multiplier 10

efa tenant epg create -–name ten1epg3 -–tenant tenant1 --type l3-handover --po po102 –-switchport-mode trunk –-ctag-range 201 -–vrf vrf1 –-local-ipv4-address 12.1.1.1/30 –-local-ipv6-address 2001:12:1:1::1/126 –-remote-ipv4-address 12.1.1.2 –-remote-ipv6-address 2001:12:1:1::2 --remote-as 4220000001 -–bfd –-bfd-interval 100 –-bfd-min-rx 200 –-bfd-multiplier 10

VRF2

efa tenant epg create -–name ten2epg2 –-tenant tenant2 --type l3-handover --po po101 –-switchport-mode trunk –-ctag-range 102 –-vrf vrf2  –-local-ipv4-address 11.2.1.1/30 –-local-ipv6-address 2001:11:2:1::1/126 -–remote-ipv4-address 11.2.1.2 –-remote-ipv6-address 2001:11:1:1::2 --remote-as 4220000001 –-bfd -–bfd-interval 100 –-bfd-min-rx 200 –-bfd-multiplier 10

efa tenant epg create –-name ten2epg3 -–tenant tenant2 --type l3-handover --po po102 –-switchport-mode trunk –-ctag-range 202 –-vrf vrf2 -–local-ipv4-address 12.2.1.1/30 –-local-ipv6-address 2001:12:2:1::1/126 –-remote-ipv4-address 12.2.1.2 –-remote-ipv6-address 2001:12:2:1::2 --remote-as 4220000001 –-bfd  –-bfd-interval 100 –-bfd-min-rx 200 –-bfd-multiplier 10