What Is EVPN, and How Does It Work?
Traditional VPNs create encrypted connections across public internet services via the network and transport layers of the OSI model, also known as Layer 3 and Layer 4. IP VPNs, meanwhile, leverage Layer 2 — the data link layer — to establish private connections.
EVPNs take a different approach. According to Syed Ahmed, advisory systems engineer at Dell Technologies, “an EVPN is a standards-based approach to create overlay networks that uses the Virtual Extensible LAN (VXLAN) protocol to provide data center connectivity using tunneling to stretch Layer 2 connections over an underlying Layer 3 network.”
In practice, this means that EVPNs leverage both Layer 2 and Layer 3 functions to deliver both connectivity and security.
“EVPN involves underlying network technology that connects everything together using a fabric network concept,” says Douglas Walsten, business solutions architect for education at Cisco. “The EVPN fabric network is built upon an architecture leveraged industrywide, the proven and scalable Border Gateway Protocols (BGP), and uses VXLAN encapsulation in the forwarding plane to maintain end-to-end overlay network segmentation.”
By using what’s known as an “all-active multihoming model,” EVPNs provide both multipath forwarding and redundancy, meaning that endpoints or devices can connect to two or more upstream devices, and forward traffic using all available links. As a result, individual device failures don’t impede the flow of traffic.
MORE ON EDTECH: Network upgrades support large schools with small IT staff.
Why Do They Matter for K–12 IT Leaders?
“For K–12 schools, virtual networking enables IT, or your building network provider, to deliver a consistent local network experience. The EVPN fabric technology simplifies underlying network infrastructure and builds converged, segmented, routed networks across single or multidomain IP networks,” says Walsten.
With EVPN-VXLAN fabric technology, K–12 IT leaders have the option to expand infrastructure without redesigning a new set of services.
“They can deploy a common set of policies and services across campuses with support for Layer 2 and Layer 3 VPNs,” Ahmed says. “By using a Layer 3–based underlay with an EVPN-VXLAN overlay, campus network operators can deploy much larger networks than are otherwise available with traditional Layer 2 Ethernet-based connections.”