基于MDC和Multi-Site網(wǎng)絡(luò)架構(gòu)設(shè)計(jì)指南_第1頁
基于MDC和Multi-Site網(wǎng)絡(luò)架構(gòu)設(shè)計(jì)指南_第2頁
基于MDC和Multi-Site網(wǎng)絡(luò)架構(gòu)設(shè)計(jì)指南_第3頁
基于MDC和Multi-Site網(wǎng)絡(luò)架構(gòu)設(shè)計(jì)指南_第4頁
基于MDC和Multi-Site網(wǎng)絡(luò)架構(gòu)設(shè)計(jì)指南_第5頁
已閱讀5頁,還剩44頁未讀, 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡(jiǎn)介

1、基于MDC和Multi-Site網(wǎng)絡(luò)架構(gòu)設(shè)計(jì)指南(配圖)技術(shù)創(chuàng)新,變革未來Service APrimary DC APrimary DC BIPA 2IPA 3IPA 1Public IP 2FWFWService APublic IP 1Database (active)Database (standby)Database backupInterworkingDisaster recovery DC CIP n+1Public IP 3FWService ADatabase (standby)Remote data backupGSLB + DNSGSLB + DNSwww.*.comRem

2、ote data backupGSLB + DNSIPA n+mIPA n兩地三中心場(chǎng)景示意業(yè)務(wù) A業(yè)務(wù) B業(yè)務(wù) C中心DC業(yè)務(wù) A業(yè)務(wù) C邊緣 DC業(yè)務(wù) A業(yè)務(wù) B邊緣 DC業(yè)務(wù) B業(yè)務(wù) C邊緣 DCDCI骨干網(wǎng)用戶用戶用戶用戶邊緣DC場(chǎng)景示意交換核心(Intranet)InternetExtranet數(shù)據(jù)中心互聯(lián) DCIPOD-1 生產(chǎn)區(qū)POD-2 測(cè)試區(qū)POD-3 容災(zāi)區(qū)MSTP.運(yùn)維管理區(qū)POD-N互聯(lián)網(wǎng)DMZ區(qū)POD-M外聯(lián)網(wǎng)DMZ區(qū)安全設(shè)備DC內(nèi)多POD場(chǎng)景示意DWDM/SDHSANServersOSNData disaster recoveryOSNIP/MPLSLayer 3

3、interconnectionVPLS/VXLANLayer 2 interconnectionServersDC ADC BNetworkNetworkInternetSAN跨數(shù)據(jù)中心互聯(lián)示意PEPEPFabric-GWFabric-GWPEPEPFabric-GWFabric-GWVLAN handoffVLAN handoffVXLAN隧道(PE之間VXLAN是Over MPLS)MPLS隧道VXLAN技術(shù)MPLS/VPLS技術(shù) 兩種大二層技術(shù)VPLS和VXLAN示意數(shù)據(jù)中心交換核心FW部署在每個(gè)PODPOD1POD3POD2機(jī)房1-資源池機(jī)房2-資源池機(jī)房3-資源池分布式VAS資源池?cái)?shù)

4、據(jù)中心交換核心POD1POD3POD2POD4機(jī)房2-業(yè)務(wù)資源池機(jī)房3-業(yè)務(wù)資源池機(jī)房4-VAS資源池FW部署在集中VAS資源池機(jī)房1-業(yè)務(wù)資源池集中式VAS資源池Service LeafFabric GWVTEPBorder LeafVTEPVTEPVTEPFabric GWVTEPBorder LeafVTEPVTEPVTEPServer LeafSpineServer LeafService LeafSpineInter-SiteIP NetworkVXLANBGP EVPNVXLANBGP EVPNBGP EVPN三段式VXLANVXLAN Multi-Site L3互通原理Segme

5、nt VXLAN實(shí)現(xiàn)L3互通示意圖 控制平面示意圖數(shù)據(jù)平面示意圖Border LeafPod nVTEPVTEPServerSpineLB FirewallVTEPService LeafServer LeafBorder LeafPod 1VTEPVTEPServerSpineLB FirewallVTEPService LeafServer LeafCore switchDC交換核心端到端VXLAN同一個(gè)物理資源池多Pod部署InternetInter-DC IP networkBorder LeafDC1VTEPVTEPServerSpineLB FirewallVTEPService

6、LeafServer LeafBorder LeafDC2VTEPVTEPServerSpineLB FirewallVTEPService LeafServer LeafInternet主備DC容災(zāi)端到端VXLAN同城多DC場(chǎng)景SDN controller (主 ) VXLANBGP EVPNInter-PodIP NetworkServer LeafServer LeafSDN controller(備) VMMServer poolVMMServer poolDC 1/Pod1DC n/Pod n業(yè)務(wù)控制層基礎(chǔ)設(shè)施層轉(zhuǎn)發(fā)實(shí)現(xiàn)層Multi-PoD方案整體架構(gòu)多Fabric編排組件 MDCF

7、abric 1Fabric nMDC方案架構(gòu)NCE-Fabric域控制器 Inter-SiteIP networkFabric GWFabric GWFabric GWFabric GWBGP EVPNBGP EVPNLeafLeafBGP EVPNNCE-Fabric域控制器 控制層基礎(chǔ)設(shè)施層轉(zhuǎn)發(fā)實(shí)現(xiàn)層業(yè)務(wù)編排層Segment VXLANL3 VXLANL3 VXLANL3 VXLAN (1) Transit VPC (2) L2/L3互通 (3) 安全策略統(tǒng)一控制Transit VPCSegment VXLANOpenStackOpenStackServer PoolServer Pool

8、基于MDC的Multi-Site方案架構(gòu)Fabric 1Fabric mSpineSpineLeafLeafLeafSpineSpineLeafLeafLeafiMaster NCE-Fabric niMaster NCE-Fabric 1MDCInter-SiteIP networkVMM 1VMM n1VMM 2VMM n2 iMaster NCE-Fabric對(duì)接VMM示意圖NCE-FabricNCE-FabricRestfulRestfulNCE-FabricRestfulMDCMDC獨(dú)立部署MDCNCE-FabricNCE-FabricRestfulRestfulNCE-Fabric

9、RestfulMDC-主MDCMDC-備數(shù)據(jù)同步MDC主備集群部署NCE-FabricNCE-FabricRestfulRestfulNCE-FabricRestfulMDC與Domain控制器合設(shè)部署MDC納管域控制器創(chuàng)建Transit Fabric配置全局資源Transit VNI創(chuàng)建Transit VPC創(chuàng)建Transit RouterLogicVAS關(guān)聯(lián)租戶LogicRouter(過墻時(shí)選LogicVAS)LogicRouterVPC1LogicPortLogicSwitchMDC預(yù)配置NCE-Fabric業(yè)務(wù)發(fā)放MDC業(yè)務(wù)發(fā)放VPC互通MDC業(yè)務(wù)發(fā)放流程MDCFabricGWFabr

10、icGWLeafLeafLeafLeafFWFWLBLBVXLANFabricGWFabricGWLeafLeafLeafLeafFWFWLBLBVXLANBorderLeafBorderLeafFabricGWFabricGWVXLANNCE-FabricTransit FabricNCE-FabricNCE-FabricTransit Fabric資源池TenantWeb-VPC LogicRouterLogicSwitchLogicPortEndportAPP-VPC LogicRouterLogicSwitchLogicPortEndportDB-VPC LogicRouterLogi

11、cSwitchLogicPortEndportLogicVASOverlay邏輯網(wǎng)絡(luò)模型LogicRouter1TransitRouterLogicRouter1TransitRouterTransitRouterLogicRouter2MDC(Transit VPC)LogicRouter2subnet1 /24subnet2 /24subnet1 /24subnet2 /24業(yè)務(wù)VPC互通邏輯模型VPC互通L3流量轉(zhuǎn)發(fā)Fabric 1Fabric GW ALeaf AVXLANFabric 2Fabric GW BLeaf BVXLANVM1VMsubnet1/24VM2subnet2/2

12、4VMVXLANsubnet2Fabric GW Asubnet2Fabric GW BVM2Leaf BVXLAN隧道終結(jié)點(diǎn)LogicRouter1TransitRouterLogicRouter2TransitRouterTransitRouterLogicRouter2MDC(Transit VPC)LogicVAS2LogicVAS1LogicRouter1LogicVAS1LogicVAS2Fabric1Fabric2subnet1 /24subnet2 /24subnet1 /24subnet2 /24VPC過墻互通VPC過墻L3互通流量轉(zhuǎn)發(fā) Fabric 1Fabric GW A

13、Leaf AVXLAN Fabric 2VM1VMsubnet1/24VM2subnet2/24VMVXLANsubnet2Service Leaf Asubnet2Fabric GW Bsubnet2Service Leaf BVXLAN隧道終結(jié)點(diǎn)Service Leaf AVXLANFW AFabric GW BLeaf BVXLANService Leaf BVXLANFW Bsubnet2Fabric GW AVM2Leaf BLogicRouter1TransitRouter專線接入點(diǎn)LogicRouter1TransitRouterTransitRouter專線接入點(diǎn)MDC(Tra

14、nsit VPC)ExternalCidrExternalCidrVPC訪問外部網(wǎng)絡(luò)邏輯模型VPC訪問外部網(wǎng)絡(luò)轉(zhuǎn)發(fā)流程Fabric 1Fabric GW ALeaf AVXLANFabric 2Fabric GW BBorder LeafVXLANVM1VMsubnet1/24VXLANExternalCidrExternalCidrFabric GW BExternalCidrBorder LeafVXLAN隧道終結(jié)點(diǎn)ExternalCidrCPE IPTransit VRFCPETransit VRFCPE公有云專線VRF handoffFabric GW ALogicRouter1Tra

15、nsitRouter公有云接入點(diǎn)LogicRouter1TransitRouterTransitRouter公有云接入點(diǎn)MDC(Transit VPC)LogicVAS1LogicVAS1Fabric1Fabric2ExternalCidrExternalCidrsubnet1 subnet1 VPC過墻訪問外部網(wǎng)絡(luò)邏輯模型 VPC過墻訪問外部網(wǎng)絡(luò)轉(zhuǎn)發(fā)過程 Fabric 1Fabric GW ALeaf AVXLAN Fabric 2VM1VMsubnet1/24VXLANExternalCidrService Leaf AExternalCidrFabric GW BExternalCidr

16、Border LeafService Leaf AVXLANFW AFabric GW BExternalCidrFabric GW ABorder LeafVXLANVXLAN隧道終結(jié)點(diǎn)ExternalCidrCPE IPTransit VRFCPETransit VRFCPE公有云專線VRF handoffExternalCidrLogicRouter1TransitRouter1TransitRouter2MDC(Transit VPC)TransitRouter1TransitRouter2LogicVAS1LogicRouter1TransitRouter1LogicVAS1Tran

17、sitRouter2LogicRouter2LogicRouter2Fabric1Fabric2VAS Fabricsubnet1 /24subnet2 /24subnet1 /24subnet2 /24業(yè)務(wù)VPC過集中式VAS互通邏輯模型 VPC過集中VAS互通轉(zhuǎn)發(fā)過程Fabric 1Fabric GW ALeaf AVXLANFabric 2Fabric GW CLeaf BVXLANVM1VMsubnet1/24VM2subnet2/24VMVXLAN隧道終結(jié)點(diǎn)VAS FabricFabric GW BService LeafVXLANFW AVXLANVXLAN下發(fā)靜態(tài)路由(目的為Su

18、bnet2)LogicRouter1TransitRouter1公有云接入點(diǎn)LogicRouter1TransitRouter1TransitRouter2公有云接入點(diǎn)MDC(Transit VPC)LogicVAS1TransitRouter2TransitRouter1TransitRouter2LogicVAS1Fabric1Fabric2VAS FabricExternalCidrExternalCidrsubnet1 /24subnet1 /24VPC過集中式VAS訪問外部網(wǎng)絡(luò)邏輯模型VPC過集中式VAS訪問外部網(wǎng)絡(luò)轉(zhuǎn)發(fā)過程Fabric 1Fabric GW ALeaf AVXLAN

19、 出口FabricFabric GW CVXLANVM1VMsubnet1/24VXLAN隧道終結(jié)點(diǎn)VAS FabricFabric GW BService LeafVXLANFW AVXLANVXLAN下發(fā)靜態(tài)路由(目的為Subnet2)Border LeafTransit VRFCPETransit VRFCPE公有云專線VRF handoffExternalCidrInternet/專線/公有云Inter-DC network Border LeafDC 1VTEPVTEPServerSpineLB FirewallVTEPService LeafServer LeafBorder Le

20、afDC 2VTEPVTEPServerLB FirewallVTEPService LeafServer LeafBorder LeafVTEPVTEPServerSpineLB FirewallVTEPService LeafServer LeafDC 3VTEPFabric GWVTEPFabric GWVTEPFabric GWMDCSpine多DC場(chǎng)景示意SpineSpineLeafLeafLeafLeafLeafLeafFabric-GWFabric-GWBorderLeafBorder LeafSpineSpineLeafLeafLeafLeafLeafLeafFabric-GW

21、Fabric-GWBorderLeafBorder LeafFabric-GWFabric-GWLeafLeafLeafLeafLeafLeafSpineSpineVXLANBorderLeafBorder LeafVXLANVXLANDC1DC2DC3BGP AS: 100BGP AS: 200BGP AS: 300多Fabric Overlay路由部署推薦Outer Ethernet headerOuter IP headerVXLAN headerInner Ethernet headerInner IP headerPayloadUDP headerVXLAN封裝格式Dest MACS

22、rc MACTPIDVLAN tagLength/Type66(2)(2)214/18 bytesIP Misc DataProtocolChecksumSrc IPDest IP9124420 bytesSrc PortDest PortUDP LengthChecksum22228 bytesVXLAN FlagsReservedVNIReserved13318 bytes50/54-byte overheadOriginal frameVXLAN報(bào)文封裝格式DC 1DC 2DC 3DatabaseDBDBDBAppAppAppAppWebWebWebWeb業(yè)務(wù)跨DC互通場(chǎng)景MDCFabr

23、icGWFabricGWLeafLeafLeafLeafFWFWLBLBVXLANFabricGWFabricGWLeafLeafLeafLeafFWFWLBLBVXLANTransit FabricNCE-FabricNCE-FabricTransit VPC1App-VPCWeb-VPCDC1DC2FabricGWFabricGWLeafLeafLeafLeafFWFWLBLBVXLANDB-AppDC3NCE-FabricTransit VPC2業(yè)務(wù)VPC互通示意圖Fabric2邊緣DC1中心DC Fabric1 POD-1 POD-n VXLAN1LeafSpineFabric-GW

24、VXLAN1VXLAN2VXLAN3VXLAN2NCE-FabricInter-DC networkPEPEFabric-GW MDCFabric3邊緣DC2VXLAN3LeafPE邊緣DC示意圖NCE-Fabric邊緣DC中心DCLeafvCenterESXi拉遠(yuǎn)NCE-Fabric與vCenter對(duì)接NCE-Fabric邊緣DCOpenStack/HCS控制節(jié)點(diǎn)AC插件中心DCNOVALeafOpenStack/HCS控制節(jié)點(diǎn)AC插件拉遠(yuǎn)拉遠(yuǎn)KVMNCE-Fabric與云平臺(tái)對(duì)接DCI骨干網(wǎng)DatabaseDBDBDBAppAppAppAppWebWebWebWeb邊緣DC1WebWebWebWeb中心DCAppAppAppApp邊緣DC2WebWebWebWebAppAppAppAppVPC1VPC2VPC3邊緣DC業(yè)務(wù)部署MDCFabricGWFabricGWLeafLeafLeafLeafFWFWLBLBV

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫(kù)網(wǎng)僅提供信息存儲(chǔ)空間,僅對(duì)用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。

最新文檔

評(píng)論

0/150

提交評(píng)論