Data Center & Cloud Networking

Modern networks have shifted away from traditional 3-tier architectures (Core-Dist-Access) towards highly scalable, non-blocking Clos topologies (Leaf-Spine).

1. The Shift: 3-Tier vs Leaf-Spine

Traditional 3-Tier (North-South Traffic)

Designed for client-to-server traffic. Typically used STP to block redundant links, wasting bandwidth.

Core: High-speed backbone.
Aggregation/Distribution: Policy enforcement, inter-VLAN routing.
Access: Where servers connect.
Problem: Latency is unpredictable for server-to-server (East-West) traffic. If two servers are on different access switches, traffic must hair-pin up to the Core.

Leaf-Spine (East-West Traffic)

Designed for modern applications (microservices, virtualization) where servers talk mostly to each other.

[SPINE 1] [SPINE 2] [SPINE 3] [SPINE 4] | \ / | \ / | \ / | | \ / | \ / | \ / | | \ / | \ / | \ / | [LEAF 1] [LEAF 2] [LEAF 3] [LEAF 4] [LEAF 5] [LEAF 6] | | | | | | [SERVER] [SERVER] [SERVER] [SERVER] [SERVER] [SERVER]

Clos Topology: Every Leaf connects to every Spine. No Spines connect to each other. No Leaves connect to each other.
Deterministic Latency: Any server is exactly 3 hops away from any other server (Leaf -> Spine -> Leaf).
Active-Active: No STP blocking. Equal-Cost Multi-Path (ECMP) routing utilizes all links simultaneously.
Scalability: Need more bandwidth? Add another Spine. Need more ports? Add another Leaf.

2. VXLAN (Virtual Extensible LAN)

Traditional VLANs (802.1Q) are limited to 4,096 IDs. In cloud environments with millions of tenants, this is insufficient. VXLAN is an Overlay technology.

Encapsulation: Wraps the original Layer 2 frame inside a UDP packet (Port 4789).
VNI (VXLAN Network Identifier): 24-bit ID. Supports 16 million logical segments.
Underlay: The physical IP network (Leaf-Spine) that transports the VXLAN packets. It just sees UDP traffic.
VTEP (VXLAN Tunnel End Point): The device (usually a Leaf switch or Hypervisor) that encapsulates/decapsulates the traffic.

            Outer Eth
            MAC
        
            Outer IP
            IP
        
            UDP
            4789
        
            VXLAN Header
            VNI
        
            Original L2 Frame
            Payload (Inner MAC + IP + Data)

3. EVPN (Ethernet VPN)

VXLAN provides the data plane (packet format), but how do VTEPs know where MAC addresses live? Originally, VXLAN used "Flood and Learn" (multicast), which is inefficient.

EVPN is the Control Plane for VXLAN. It uses MP-BGP (Multi-Protocol BGP) to advertise MAC and IP addresses between VTEPs.

Engineer's Notebook: Why EVPN?

ARP Suppression: The local Leaf switch answers ARP requests for remote hosts because it already knows the MAC via BGP. This drastically reduces broadcast traffic.

VM Mobility: When a VM moves from Leaf 1 to Leaf 2, BGP instantly updates the route, redirecting traffic without packet loss.

EVPN Route Types

Type	Name	Purpose
Type 2	MAC/IP Advertisement	"Host A with MAC X and IP Y is behind VTEP Z." (Most common).
Type 3	Inclusive Multicast	Sets up the flooding tree for BUM traffic (Broadcast, Unknown Unicast, Multicast).
Type 5	IP Prefix Route	Advertises external subnets (like the Internet or WAN) into the fabric.