Datacenter Virtual Cross Connect

Kepernet supported the deployment of a datacenter virtual cross-connect architecture designed to provide point-to-point links between multiple datacenters.

Objective : extend the principle of the local cross-connect to remote sites in order to connect environments hosted across several datacenters without multiplying optical chains or increasing operational complexity.

This use case corresponds to a datacenter virtual cross-connect: a private Ethernet transport service between datacenters, provisioned over an architecture EVPN/VXLAN.

This approach makes it possible to deliver a private, segmented, and scalable transport service while retaining control over the datacenter infrastructure.

Context : from local cross-connect to virtual cross-connect

n a datacenter, it is common to use a meet-me-room (MMR) to establish links between different parties: a customer and an operator, two racks belonging to the same customer, a customer and a partner, or an infrastructure device and a network service.

This model is well understood within a single site: the datacenter provider deploys internal cabling, partial circuits, or cross-connects to link point A to point B.

The challenge appears when these points are no longer located in the same datacenter.

Several options can be used to connect two sites: dark fiber, WDM transport, QinQ, operator services or dedicated Ethernet extension. These solutions remain manageable when the number of links is limited, distances are reasonable, and the requirement is stable.

Things become more complex when point A must reach point B located in a third datacenter, itself accessible through an intermediate site.

Each new link then adds a chain of elements to order, connect, validate, and document:

Meet-me-root paths,
local cross-connects,
partial circuits,
WDM equipment and wavelength allocation,
optical budget constraints and insertion losses,
path documentation,
operations and monitoring of each segment.

This model can work for a few specific links. But it quickly reaches its limits as the number of tenants, sites, or services increases.

Each link becomes a technical assembly that must be maintained, with limited flexibility in the event of evolution, migration, or incident.

Possible approaches

Several approaches can address this need: purely photonic solutions, operator services, extended Layer 2 architectures, or Layer 3 network architectures with overlay.

In this use case, the selected approach was an EVPN/VXLAN architecture.

The goal was not to replace every physically dedicated optical use case, but to create a more flexible transport platform capable of delivering private links between sites with greater scalability.

This type of service must be reliable, segmented, operable, and scalable. The objective is not simply to carry traffic between two sites, but to provide a documented, industrialized, and maintainable transport service over time.

Datacenter Virtual Cross Connect solution

For confidentiality reasons, all information in this article is fictional. Only the technical concepts and generic network principles have been retained to illustrate the subject.

To address this challenge, Kepernet provided consulting, design, deployment, and documentation support for an EVPN/VXLAN architecture distributed across three sites.

Each site is equipped with a Nexus 9000 network device. The sites are interconnected through high-speed optical links using WDM DCO transport.

The architecture forms a compact EVPN/VXLAN fabric, adapted to a multi-site context. In this design, each device carries several roles that are usually separated in larger architectures: local termination, overlay transport, and inter-site border function.

This approach makes it possible to create segmented point-to-point services between datacenters, similar to a datacenter virtual cross-connect, without having to build a dedicated optical chain for every new link.

Once the architecture is in place, adding a new service no longer requires rebuilding an entire physical chain between sites.

The service is provisioned over the EVPN/VXLAN overlay with the parameters required to segment the link and transport it between the relevant endpoints.

EVPN/VXLAN also provides a more resilient architecture than a simple stack of independent physical links. If a link or path is lost, the architecture can converge and maintain the service through an alternative route.

Operational benefits

This architecture provides concrete benefits for both the datacenter provider and hosted tenants.

For the datacenter provider:

simplified provisioning and deployment of inter-site links;
reduced number of WDM services to maintain;
centralized service operations.

For hosted tenants:

private connectivity between multi-site environments;
protocol transparency;
traffic segmentation;
high-bandwidth capacity;
path resilience.

The different tenants consume connectivity between their environments without having to deal with the complexity of the underlying architecture.

Kepernet’s role

Kepernet handled the consulting, design, deployment and documentation of the architecture implemented across the three datacenters. The engagement consisted in transforming a multi-site private transport requirement into an operational service while taking into account both technical and operational constraints.

Result

This infrastructure provides a transport service between three datacenters.

It offers a solid technical foundation for delivering value-added network services to hosted tenants: private interconnection, multi-site extension, secure connectivity, segmentation and dedicated transport.

The datacenter no longer provides only hosting or local connectivity. It becomes an inter-site transport platform with centralized operations and controlled scalability.