RARE user and assistance email list

[Frédéric LOUI <>]

Hi !

> imho the best way is what calico does with the containers: put the 
> servicing ip to the
> node's lo interface and advertise it to the nearest box via bgp. it scales 
> well, eliminates
> the need for layer2, loadbalancing and redundancy works by design for it 
> and so on...


I really love calico simpleness as a CNI network plugin. It allows you to 
empower your K8 cluster with BGP.
Actually in calico model, each K8 worker is a BGP next-hop advertising IP 
aggregated prefix (see it as a PE that is advertising to a calico-RR) to the 
other nexthop.

But keep in mind that not all DC, are not using all Calico as network plugin, 
some like Flannel or others, One promising plugin is (Cisco) CONTIV
(I’ve never tested it because I was happy with Calico)

Just FYI, I ran a K8s cluster using Calico and replaced Calico-RR by 
freeRouter, which gave me "VRF-lite »  so from the same RR I could 
administrate several  K8s cluster

But yes, L2 can be eliminated. One thing why I like Calico is because it 
brings BGP all the way to the Tor so actually very easy for our NREN NOC 
because they already know BGP for decades. So operation is familiar !

À bientôt,
--  Frederic




> Le 3 sept. 2020 à 03:55, mc36 <> a écrit :
> 
> 
> 
> On 9/2/20 8:15 PM, Frédéric LOUI wrote:
>>> yes, but to be honest with you our mpls stack is more feature-rich.... :)
>> Of course, but in mind this was driven by industry / vendor influence. 
>> MPLS box has the reputation to be SP oriented with "SP price tag"
>> And MPLS is a technology unfamiliar to DC guys ...
>>> with this addition we can provide layer2 access on our ports and
>>> connect it to the evpn overlay through raw ip but that's it...
>> It should be then a recommended RARE Validated design: DCI via MPLS/EVPN 
>> overlay :)
> imho the best way is what calico does with the containers: put the 
> servicing ip to the
> node's lo interface and advertise it to the nearest box via bgp. it scales 
> well, eliminates
> the need for layer2, loadbalancing and redundancy works by design for it 
> and so on...
> 
> 
>>> if i had to choose then i would use only routed endpoints because
>>> "never trust a ethernet cable longer that 100 meters" [unknown engineer 
>>> at 3:45 am]
>> Not sure why people are so fond of L2, we had this previous discussion 
>> during the early days of LHCONE they really wanted a worldwide L2 network. 
>> Despite our advice/recommendation they implemented a worldwide L2. After 
>> 1/2 broadcast storm sparked from newly additional L2 node at the edge ( on 
>> top of the transatlantic subsea cable ) they came back to reason. We have 
>> now a world wide LHCONE VRF. Far from being perfect, but much better ...
>> À bientôt,
>> --  Frederic
>>> Le 2 sept. 2020 à 20:05, mc36 <> a écrit :
>>> 
>>> hi,
>>> yes, but to be honest with you our mpls stack is more feature-rich.... :)
>>> with this addition we can provide layer2 access on our ports and
>>> connect it to the evpn overlay through raw ip but that's it...
>>> if i had to choose then i would use only routed endpoints because
>>> "never trust a ethernet cable longer that 100 meters" [unknown engineer 
>>> at 3:45 am]
>>> regards,
>>> cs