MPLS for the masses

EVPN/VXLAN outside the datacenter

How to create scalable campus and wan solutions with evpn/vxlan

Every year, the Itnog appointment is special. It is an opportunity to share something practical and engage in new challenges for those who want to collect them. This year, I decided to talk about the EVPN VXLAN combination in a campus and geographic context. The growing support of this technology by many vendors in different products, such as switches, routers, and now firewalls, has made this possibility real. It is now possible to create uniform solutions from the data center until access leveraging this technology.

Bgp is the answer, what is the question ?

Service insertions with BGP Flowspec

In my talk at ITNOG7 I presented “BGP FlowSpec Services beyond DDOS Mitigation” with the intention of proposing other uses of flowspec, as too often cataloged exclusively as a tool for managing DDOS.I built two services to achieve egress engineering and bidirectional traffic steering, using a combination of BGP Flowspec and MPLS L3VPN. Finally I described a framework for creating NFV services that can scale on service provider architectures. the slide with the requirements and proposed solution are eloquent:

Modern BGP Design

How to combine ORR, ADD-PATH and BGP PIC

The Wholesale Winery Tour 2022 was an opportunity to meet old and new friends, and to present something new. Given the interest of the topic, I repeated the presentation in a slightly more compact form to the wider audience of ITNOG6, receiving much appreciation here too. “Modern BGP Design” is a talk on how to overcome the stereotypes of traditional bgp design and combine new features using BGP as a real control-plane protocol.

A Switch as an Internet Border Router

FIRT with selective FIB Install

I had the opportunity to present at ITNOG on the web the use of a switch as an internet border router, and how to set up a distribution strategy within the backbone to reduce the routing information while maintaining an “almost optimal” routing. For the border router, I used a selective FIB installation in TCAM only for significant destinations. The wide availability of RAM on recent switches permits to hold the FIRT (Full Internet Routing Table) and tag with a BGP Community the relevant destination to be loaded into the FIB.

EVPN control-plane for overlay networks

I had the opportunity to talk about datacenter during ITNOG2 thank you guys! I talked about the use EVPN as control plane for overlay networks, and how to exploit them to create distributed services between different datacenters. I also mentioned the use of EVPN type-5 with proxy-arp to reduce distribution of mac-address routes and completely eliminate layer-2, while maintaining compatibility with current clustering and HA solutions based on layer-2 but now distributed in multiple datacenters.