Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Overlay Fabric Overview
The distributed overlay fabric is a group of AOS-CX Switches that are part of the BGP Border Gateway Protocol. BGP is a routing protocol for exchanging data and information between different host gateways or autonomous systems on the Internet. -EVPN VXLAN overlay. The overlay fabric is created by configuring VXLAN tunnels between Stub and Edge Switches. The ArubaOS 10 Gateways also participate in the overlay fabric, using static VXLAN tunnels to the Stub VTEP. HPE Aruba Networking Central allows you to configure the overlay fabric on top of a virtual network using AOS-CX Switches. You can assign a list of fabric person as such as Border VTEP, Route Reflectors, Edge VTEP, or Stub VTEP to the overlay fabric.
Fabrics requires HPE Aruba Networking Central Advanced Switch Licenses for all switches. A notification message is displayed indicating that a valid advanced license is required for this feature. You can acknowledge the message by clicking the close button. The notification message is user-specific. Once the message is closed, it will not be displayed for the same user, but for other users, the message will be displayed. For more information, refer to the AOS-CX switches Feature Pack Ordering Guide and EULA.
Fabric Design
Aruba Central NetConductor provides two types of Fabric Design options Routed-Access and Scaled-Access Design.
-
The Routed-Access Fabric Design offers:
-
Layer 3 Routed Access network.
-
Eliminates L2 Spanning Tree complexity at the edge.
-
Small to Medium deployment sizes.
-
Authentication and Group-based Policy at the Access (Edge) layer.
-
Supports all fabric personas supported in Aruba Central NetConductor except Extended Edge.
-
-
The Scaled-Access Design Fabric Design offers:
-
Layer 3 Routed Access till Access-Aggregation layer.
-
Routed with L2 Multi-Chassis between Access-Aggregation and Access layers.
-
Orchestrated Static VXLAN between Access-Aggregation and Access layers.
-
Scales to high number of VRFs and access switches (32 VRFs with upto 32 Access-aggregation and 1000 extended-edge nodes).
-
Scales to extremely large deployment sizes.
-
Authentication and Group-based Policy at the Access (extended-edge) layer.
-
Supports all fabric personas supported in Aruba Central NetConductor.
-
Fabric Personas
This section describes the different fabric personas and their functions in the HPE Aruba Networking Central On-Premises BGP EVPN overlay fabric workflow.
- Border VTEP—Refers to a Gateway or an external facing device from the overlay fabric to the external network. Border VTEP participates in the Layer 3 VNI or VRF but does not have overlay VLANs or SVIs configured on this device.
- Route Reflector—Refers to a concept that is specific to iBGP that uses to optimize route propagation. Route reflector reduces the configuration required on all the devices and optimizes the way BGP sessions establishes. In a typical scenario, every edge device in the network peers with every other edge device. To avoid this, a route reflector is introduced where all the devices in the overlay fabric peer with the route reflector. Optimizing the configuration and route distribution. Core Switches are generally used as route reflectors in an overlay fabric.
- Edge VTEP—Refers to a traditional access Layer where the clients are onboarded. It is also the Layer 3 Gateway for all the clients that are associated with it. Edge VTEP typically has the SVI interface, and it is the entry point of all the wired clients onto the BGP EVPN overlay fabric.
- Stub VTEP—Supports static VXLAN and EVPN VXLAN. Stub VTEP is used to establish static VXLAN tunnel to the Gateway and EVPN-VXLAN towards the overlay fabric. Stub VTEP helps to carry role information between EVPN-VXLAN overlay fabric and devices like Gateway that only support Static VXLAN.
- Extended Edge—Supports VXLAN extended to 6000 series platforms, including the HPE Aruba Networking CX-6200 switches supporting Micro-segmentation and Group-based Policy. Aruba CX 6200 Switch performs authentication, authorization, VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. , Role assignment and Group-based Policy enforcement. The switch connects to Edge or Stub node via trunk or LAG Link Aggregation Group . A LAG combines a number of physical ports together to make a single high-bandwidth data path. LAGs can connect two switches to provide a higher-bandwidth connection to a public network. (MC-LAG) interface for underlay reachability. The Upstream Edge (or) Stub node provisioned with overlay network segment anycast-gateway registers client to BGP EVPN control plane and relays Role information between static VXLAN (from 6200) and dynamic VXLAN tunnels (rest of the Fabric).
For more information, see the topics listed below: