Cisco's Overlay Transport Virtualization (OTV) is New, but has Potential

I Think Cisco Owes Me Some Royalties Though :-)

About five months ago, I harangued Cisco over their new "Validated Architecture for Long Distance VMotion". In short, I wasn't impressed with Cisco's solution for inter-datacenter L2 connectivity to support VMotion. Fast forward to Cisco's announcement this week of Overlay Transport Virtualization (OTV), its new software-based solution for inter-datacenter layer-2 connectivity. At a simplistic level, Cisco took my advice that I can fix anything with a tunnel and came up with OTV (which is why I think Cisco owes me some royalties....j/k). At a deeper level, Cisco took the time to provide what is needed in a L2 interconnect, but blocked all the bad stuff - ARP flooding, spanning tree protocol, unknown unicast frames, etc. This is done automatically by OTV. It shares MAC tables between the sites connected to the OTV "cloud" and forwards L2 frames inside OTV encapsulation (Ethernet over GRE to be specific). This has very interesting implications for us right now. As I've blogged about before, we have our new data center network based on the Nexus 7000s. We are upgrading our other corporate data center in the next six months with Nexus 7000s. Ultimately, these two bi-coastal data centers will be IT engines of the company. Corporate applications and disaster recovery will be mapped into either of these two corporate data centers. OTV provides a nice way to provide layer-2 connectivity between these data centers to use a single IP range, facilitate virtualization and data motion, and simplify DR activation should an event occur. Migrating applications could be easier also since IPs on servers and DNS would not need to change. However, there are some areas that need to be addressed which I am unable to determine right now. Cisco.com actually has a limited amount of information about OTV right now. First, while the OTV does provide a split-active FSRP (think HSRP) for optimized outbound traffic, I didn't see anything about subnet advertisement to the global routing table. Let's say our data center subnet is 10.255.0.0/16. We then build a new DC on the opposite side of the USA and extend the L2 boundary to the new DC using OTV. This new DC, which will also have devices in the 10.255.0.0/16 range, will also need to advertise subnets (or a single /16 for better summarization) to the global routing table. Now let's say Site #3 needs to communicate with server 10.255.100.25. Just looking at the diagram that traffic would probably follow the 10.255.0.0/16 advertisement into the east data center. Then does it ride the OTV tunnel to the west data center? That's inefficient for both delay and bandwidth utilization. This can be solved by leaking routes, at worst /32 host routes, into the global routing table. Then the Site #3 router would know to send packets directly to the west data center. Too bad this could explode your global routing tables. Plus, most MPLS service providers limit the number of routes you can advertise to them. This would never work if you have IP VPN services from an MPLS carrier. Cisco needs to address this issue in the future. It's a huge routing problem. Secondly, OTV needs to integrate - automatically - with load balancing. Real servers in a load balancing pool that move across the L2 tunnel need to become part of a VIP-pool in the new data center, not remain a part of the original data center's VIP pool. You could argue this change is no different than moving data storage when a VM moves, but load balancing is inherently a "network" service often provided by Cisco products. Thus, OTV should address is somehow; perhaps with XML integration with ACE or something. It will be interesting to watch OTV mature. It will be going on our roadmap this week to research in the near future.


Under the Covers with OTV OTV Main Page OTV Whitepaper OTV FAQ OTV vs VPLS New licensing model for OTV


More >From the Field blog entries:

How is the CCDE Coming Along?

IPv4 Space is Getting Low - Really Low

Cisco's on to Something with Borderless Networking

Taking Some Time Off From Blogging

Cisco ISR G2s - Just Another 3700-series?

Streaming My Hava Media Player to my iPhone via Verizon MiFi

  Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2010 IDG Communications, Inc.

IT Salary Survey: The results are in