OTV

  1. Overlay transport virtualization (OTV)
    1. OTV timers
    2. Multicast transport
    3. Unicast transport
    4. OTV IS-IS
    5. FHRP

Overlay transport virtualization (OTV)

  • IS-IS, UDP 8472, GRE + MPLS (AToM)
  • MAC-in-UDP
  • data plane learning
  • does not forward BPDU, unknown unicast
  • ARP snooping
    • local ARP response
    • ARP aging must be lower that CAM aging
  • site VLAN
    • used to discover OTV edge on the same site
    • must not be in OTV
    • 1 site ≡ 1 site ID (part of IS-IS Hello)
  • authoritative edge device (AED)
    • OTV edge in Active state
    • election:
      • order number of AED – N: from highest to lowest system ID
      • if VLAN % edges = N, then edge N is AED
    • adjacency
      • site adjacency: site VLAN
      • overlay adjacency: over Join interface
      • neighbour ID = site ID + IS-IS ID
  • MTU += 42 bytes, DF bit
  • strips CRC and 802.1Q from frame: present in OTV header
    • CoS → shim header → CoS
    • inner DSCP → outer DSCP →× inner DSCP
  • incompatible with SVI (requires separate VDC)
(config)# feature otv
(config)# otv site-identifier <ID>

; VLAN 1 default
(config)# otv site-vlan <N>

; permit unknown unicast flood for specific MAC
(config)# otv flood mac <MAC> vlan <VLAN>
(config)# interface overlay <N>
(config-if-overlay)# otv join-interface <INTF>

; VLANs over OTV
(config-if-overlay)# otv extend-vlan <VLAN_LIST>

; on default
(config-if-overlay)# otv suppress-arp-nd
# show otv overlay
# show otv adjacency

OTV timers

  • ARP aging: 480s default
  • CAM aging: 1800s default
  • stale entry: 600s default
    • if adjacency server fails, time to store entry in cache
    • not triggered by IS-IS peer not refreshing its entry
; 8 mins default
(config-if-overlay)# otv arp-nd timeout <sec>

Multicast transport

  • IGMPv3, not PIM
    • ASM for control protocol (discovery, MAC exchange), bcast
    • SSM for mcast data traffic
  • PIM-BD in core
  • source edge creates mapping between SSM and mcast group: src VLAN and edge IP
  • destination edge sends GM-Update to source edge to update OIL
; ASM
(config-if-overlay)# otv control-group <ADDR>

; SSM range
(config-if-overlay)# otv data-group <RANGE>

Unicast transport

  • head-end replication on all edges to all edges
  • adjacency server
    • discovery only, does not participate in HREP
    • OTV edge list timeout – 10 mins
  • source edge announces source VLAN, mcast group, edge IP
  • destination edge sends GM-Update to source edge to update OIL
  • Overlay interface number ≡ VPN ID must match
; unicast transport, primary server
(config-if-overlay)# otv adjacency-server unicast-only

; unicast transport, secondary server
(config-if-overlay)# otv use-adjacency-server <IP1> unicast-only

; unicast transport, edge
(config-if-overlay)# otv use-adjacency-server <IP1> <IP2> unicast-only

OTV IS-IS

  • installs MAC in CAM on non-AED to accelarate convergence
  • non-AED create (S,G) for local source, send Join when receiver activates, but do no send actual traffic (AED responsibility)

FHRP

  • must be filtered, otherwise single GW for all sites or MAC flap
(config)# mac-list <LIST> seq <N> permit|deny <MAC> <MASK>
(config)# route-map <RMAP>
(config-route-map)# match mac-list <LIST>

(config)# otv-isis default
(config-router)# vpn Overlay1
(config-router-vrf)# redistribute filter route-map <RMAP>