Routing

Expand all | Collapse all

How to provide security in an EVPN/ VXLAN environment when using a controllerless overlay?

Jump to Best Answer
  • 1.  How to provide security in an EVPN/ VXLAN environment when using a controllerless overlay?

     
    Posted 10-05-2020 07:10

    I am mainly interested to know two things:

     

    1. How is security enforced between devices that are part of the same VNI?

    2. How is security enforced between devices that are part of different VNI’s?



  • 2.  Re: How to provide security in an EVPN/ VXLAN environment when using a controllerless overlay?

     
    Posted 10-05-2020 12:23

    Hi 

     

     


    If this solves your problem, please mark this post as "Accepted Solution" so we can help others too \:)/

    Regards,

     

    Lil Dexx
    JNCIE-ENT#863, 3X JNCIP-[SP-ENT-DC], 4X JNCIA [cloud-DevOps-Junos-Design], Champions Ingenius, SSYB



  • 3.  Re: How to provide security in an EVPN/ VXLAN environment when using a controllerless overlay?

     
    Posted 10-14-2020 17:36
    Hi Dexx,

    Sorry for my late response, was having issues with account access which finally got resolved.

    Would it be possible to share reference material specific to firewall filters being used to control inter-vni and intra-vni traffic?

    Besides using firewall filters, is there a way to insert a stateful firewall, to control intra-vni and inter-vni traffic?

    Many thanks


  • 4.  Re: How to provide security in an EVPN/ VXLAN environment when using a controllerless overlay?
    Best Answer

     
    Posted 10-15-2020 15:54

    Hey

     

     


    If this solves your problem, please mark this post as "Accepted Solution" so we can help others too \:)/

     

    Regards,

     

    Lil Dexx
    JNCIE-ENT#863, 3X JNCIP-[SP-ENT-DC], 4X JNCIA [cloud-DevOps-Junos-Design], Champions Ingenius, SSYB

     

     



  • 5.  RE: Re: How to provide security in an EVPN/ VXLAN environment when using a controllerless overlay?

     
    Posted 11 days ago
    Thanks Dex, appreciate your help.