Why BGP/MPLS VPN (aka 2547 VPNs) control plane? To answer this question, let me start by quoting from the blog posted by Pedro Marques:
“When we started working on network virtualization at Contrail, we took the approach that we should avoid inventing new things as much as possible.”
This statement illustrates the rather pragmatic approach taken by the Contrail team, as there are significant benefits, in terms of development and in terms of deployment and operational efforts in reusing existing technologies that have been widely deployed and proven to work.
BGP/MPLS VPN is such a technology. It has been around for more than a decade, has been successfully deployed by many service providers around the globe, and proven to deliver large scale VPN service.
Still, one may ask why did Contrail pick BGP/MPLS VPN rather than some other existing technology? To answer this question one must compare the problems that the Contrail solution needs to solve to the problems that are solved by BGP/MPLS VPN. While BGP/MPLS VPN does not solve all the problems that the Contrail solution has to solve, it does solve the majority of them, thus forming the foundation of the Contrail solution.
Here are few other reasons for selecting BGP/MPLS…
1. Ability to optimize inter-VM connectivity
There is one specific point about using BGP/MPLS VPN that I think deserves particular attention. BGP/MPLS VPNs provides the ability to construct arbitrary inter-site connectivity by manipulating routing import/export policies, with as fine granularity as a single site. The Contrail solution uses this approach to interconnect VMs without requiring traffic between these VMs to traverse a gateway. In a sense, the Contrail solution dispenses with the classical IP subnet model, where the hosts that are on the same IP subnet communicate without going through a gateway, while hosts on different IP subnets communicate through a gateway.
2. Simplifying the building of service chains
Another important point about using BGP/MPLS VPN is that by dynamically modifying the Next Hop of the VPN-IP routes the Contrail solution could force inter-VM traffic to traverse a service appliance. Repeatedly modifying the Next Hop of a given VPN-IP route allows the building of a chain of service appliances (aka “service chaining”).
3. Enabling Service Provides to expand value-added service to VPN customers
Furthermore, using BGP/MPLS VPN as the foundation of the Contrail solution facilitates a seamless integration of this solution with BGP/MPLS VPN. This enables service providers who offer VPN service based on BGP/MPLS VPN to expand this service offering by using the Contrail solution for providing virtual data centers as a value-add service to their VPN customers.