Header Only - DO NOT REMOVE - Extreme Networks
Solved

ONA (Open Network Adapter)

  • 31 January 2019
  • 6 replies
  • 978 views

Hi everyone,

I have some misunderstanding about ONA (Open Network Adapter). If I have one main Site and
several Branches, can I use one VSP switch in Central Office and one ONA adapter per Branch if I`m
going to establish secure connection over the Internet between all of my Sites (hub-and-spoke topology)? Or I have to use some additional equipment in Branch Offices?

Maybe it`s a stupid question, but I can`t find any information about this adapter, even in EN
pricelist there is nothing alike this adapter.
icon

Best answer by Dilraj Singh Khalsa 1 February 2019, 13:59

Below is the thing:

Fabric Extend Allows you to tunnel your L2 VSNs, IP Shortcuts, and L3 VSNs over a non-SPB network. This could be a carrier network or another backbone network that is not running SPB. There is the IP tunnel method, which uses VXLAN header and that uses point-to-point tunnels. The MTU required size is 1594 or 1600 bytes. This is enforced. We do not do fragmentation on the VSP 7200 or VSP 8000. IS-IS interface won't come up if the connnection does not support this MTU size. If the carrier can not provide a large enough MTU, you will need to use the VSP 4000 with an ONA to perform packet fragmentation and reassembly.

The ONA is only used on the VSP 4000 for Fabric Extend. The VSP 4000 can support L2VSNs without ONA. The VSP 4000 doesn't have the computing power that the VSP 8000 and VSP 7200 have to support IP tunnels. The ONA allows packet fragmenting which is not supported supported on 7200 and 8000.

So Basically, VSP 7200 and 8000 support all FE capabilities except packet fragmentation. For that you need an VSP 4000 with ONA on both sides.

If the tunnels are exclusively L2 and intermediate devices support a 1600 byte MTU, you can use VSP 4000 without ONA

Hope this helps!

DILRAJ
View original

6 replies

Userlevel 2
Hi Artem,

VSP 7200, 8200 and 8400 can extend Fabric over IP using IP Tunneling based on VXLAN encapsulation but VSP 4000 does not natively support VXLAN tunneling and hence it needs an ONA to perform the tunneling function.

I hope this answers your question.

Regards,
DILRAJ
Hi Dilraj,

So I need at least one VSP 4000 with ONA adapter per each Location to perform tunnels?
Userlevel 2
If you plan to use VSP 4000 then yes you need ONA.
Userlevel 2
Below is the thing:

Fabric Extend Allows you to tunnel your L2 VSNs, IP Shortcuts, and L3 VSNs over a non-SPB network. This could be a carrier network or another backbone network that is not running SPB. There is the IP tunnel method, which uses VXLAN header and that uses point-to-point tunnels. The MTU required size is 1594 or 1600 bytes. This is enforced. We do not do fragmentation on the VSP 7200 or VSP 8000. IS-IS interface won't come up if the connnection does not support this MTU size. If the carrier can not provide a large enough MTU, you will need to use the VSP 4000 with an ONA to perform packet fragmentation and reassembly.

The ONA is only used on the VSP 4000 for Fabric Extend. The VSP 4000 can support L2VSNs without ONA. The VSP 4000 doesn't have the computing power that the VSP 8000 and VSP 7200 have to support IP tunnels. The ONA allows packet fragmenting which is not supported supported on 7200 and 8000.

So Basically, VSP 7200 and 8000 support all FE capabilities except packet fragmentation. For that you need an VSP 4000 with ONA on both sides.

If the tunnels are exclusively L2 and intermediate devices support a 1600 byte MTU, you can use VSP 4000 without ONA

Hope this helps!

DILRAJ
Thank you, Dilraj. Now it`s all clear to me!
DILRAJ, I just read this and have a similar customer request, and I just want to make sure this is right...I can make an FE tunnel over the Internet? (I have done it in a mesh type setup with MPLS and some 4450s and ONAs). So to test, if I take one 4450 and an ONA, put it in my house, take another, put it in my neighbors, use the correct addresses/default gateways...I should be able to bring up a tunnel, over the internet (not MPLS)? Is it secure? (I'm guessing yes) and is there a rate limit? Thanks for any help and for this thread!

Reply