VXLAN

Can VXLAN be used as DR solution between 2 DR.

For Ex we have a servers in DC 1 which is the primary. The server is having IP Address 10.10.10.1 which is part of VLAN 10.

In case if this server is down or if this VLAN 10 is down can I bring the same VM in the DR DC 2 with the same host IP Addess using VXLAN.

How VXLAN helps in DR DC
LVL 1
SrikantRajeevAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Don JohnstonInstructorCommented:
It's possible.  VXLAN is basically a tunneling solution allowing you to join layer-2 networks across a layer-3 network.

However some vendors require multicast capable layer-3 networks.  For example, up until v7 NX-OS, Cisco did not support VXLAN on unicast layer-3 networks.
0
SrikantRajeevAuthor Commented:
In this case if the VM is moved from DC 1 to DC 2 & it maintains the same IP Address where will be the D.G  for that VLAN exists.
From my understanding with VXLAN the D.G will be still available in the Primary DC. So if the VM wants to communicate to other segment the traffic needs to pass to DC 1 & back to DC 2 since D.G is in Primary DC.

Let me know if my understanding is right.

Also in case if the primary DC fails how will the D.G will be made available in the DR DC.
0
Don JohnstonInstructorCommented:
From my understanding with VXLAN the D.G will be still available in the Primary DC. So if the VM wants to communicate to other segment the traffic needs to pass to DC 1 & back to DC 2 since D.G is in Primary DC.
Correct.
Also in case if the primary DC fails how will the D.G will be made available in the DR DC.
This is where FHRP's like VRRP or HSRP come into play.  But there are challenges in deploying these protocols in a layer-2 network which spans multiple sites.
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

SrikantRajeevAuthor Commented:
So if I implement VXLAN & in case if my primary DC fails how will the VLANs which are extended in the DR DC behaves.
0
Don JohnstonInstructorCommented:
I'm not sure that I understand the question.

If your primary DC fails, then none of the devices in that location will be accessible. The devices in the secondary DC will still be functioning. However, you will need to insure outside connectivity which means some type of routing failover such as BGP.
0
SrikantRajeevAuthor Commented:
My question is that since the D.G for that VLAN is in primary DC & once it is failed how the D.G will be available in the DR DC during that time for that VLAN.
0
Don JohnstonInstructorCommented:
Like I said before, you will need to use a FHRP like VRRP or HSRP to provide default gateway failover.
0
SrikantRajeevAuthor Commented:
so you mean we can have VRRP or HSRP for a particular VLAN be available in  both the DC.
For EX VLAN 10 which  is available in both the DC & it is extended using VXLAN

So by this will the D.G for this particular vLAN will it be available in both the DC or will it be available only in the Primary DC.
0
Don JohnstonInstructorCommented:
Here's the thing: VXLAN isn't really designed for multi-site VLAN extension.  It will work (if the underlying layer-3 network supports it), but it's really intended for intra-site use (i.e. multi-tendency).  For inter-site, OTV is the preferred solution.

But like I said, it will work.  The challenge with FHRP in these situations is that you end up with one active forwarder between the two sites.  So if your active forwarder is in DC1, that means the hosts at DC2 will be sending their traffic over to DC1 when going off-net. This is not exactly optimal.

But there are work-arounds if this behavior is undesirable.
0
SrikantRajeevAuthor Commented:
Thanks.
Could you please let me know what are the work around by which this could be avoided ?
Please let me know.
0
Don JohnstonInstructorCommented:
0
asavenerCommented:
Not sure why you would need a VXLAN for this functionality.  Why not just set up a VLAN with the same address space as the primary site, then give it a lower routing priority?  In the case of a primary site failure, the VLAN at the secondary site shows up in your routing tables, and you just power on your VMs at your backup site.
0
SrikantRajeevAuthor Commented:
@Don Johnston

The work around which you have sent is for the OTV. I will not be using OTV. I will be using VXLAN.
Need to know any work around for this to avoid the D.G issue,
0
Don JohnstonInstructorCommented:
There isn't one. Like I said before, VXLAN isn't really designed for multi-site VLAN extension.
0
asavenerCommented:
This kind of traffic tromboning is a known issue when using VXLAN for multi-site VLAN stretching.  Our Cisco SE described the 9K as leveraging LISP to solve this issue.
0
SrikantRajeevAuthor Commented:
If this is the case i dont see any benefit of using VXLAN as a disaster recovery solution.
0
Don JohnstonInstructorCommented:
Like I said before, VXLAN wasn't developed as a multi-site solution.
0
asavenerCommented:
Depends on how intelligent your routers are.  

VMware's VXLAN implementation, for example, places an intelligent router on each hypervisor.  You can use it to stretch a cluster geographically, because each hypervisor can direct the traffic appropriately.

Cisco VXLAN with LISP is pretty smart, too.

Here's a good start point:  Data Center Overlay Technologies



If you're wanting machines active at both physical locations, then something like VXLAN, OTV, VLAN tunnelling, etc. will be necessary.  If you just want a warm backup site pre-provisioned with the same address space, you can easily do it with routing protocols, as I said above.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SrikantRajeevAuthor Commented:
Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Virtualization

From novice to tech pro — start learning today.