Response: Vendors Pushing Stretched Layer-2

Got this response to my Stretched Layer-2 Revisited blog post. It’s too good not to turn it into a blog post ;)

Recently I feel like it's really vendors pushing layer 2 solutions, rather than us (enterprise customer) demanding it.

I had that feeling for years. Yes, there are environment with legacy challenges (running COBOL applications on OS/370 with emulated TN3270 terminals comes to mind), but in most cases it’s the vendors trying to peddle unique high-priced non-interoperable warez.

As example Cisco have been really aggressively pushing us to buy into their SDA solution.

Most of networking could be simplified and commoditized, and that scares the hell out of every vendor that hasn’t refocused on streamlined logistics, or decided to refocus on new stuff. They could either compete on price, or try to apply another layer of high-perceived-value abstraction on top of the commoditized infrastructure – in Cisco’s case ACI or SDA on top of data center or campus switches.

It’s a bit ironic that I first heard about Crossing the Chasm at a Cisco conference when they were still somewhere between innovators and early adopters phase, and now the full implication of the tail of the technology adoption lifecycle is biting them. They should have known better.

It currently seems to rely mostly on VXLAN overlays that let you stretch layer 2 domains. The selling point being you can click buttons in a GUI and just pretend its magic and not a layer 2 overlay.

To be honest, it’s not exactly layer-2 overlay, but mostly an IP mobility solution using interesting control plane, but that’s beyond the point.

I was told by someone from Cisco "you don't need to worry about what it's doing"... which sort of translated to "shut up and buy it".

In other words: stay on the left side of the Dunning-Kruger diagram, so you’ll be completely locked into what we’re doing. Oh, and maybe you won’t notice the guy behind the curtain, or how good (or not) we are when it’s time to fix the mess.

Large layer 2 domains are something we've been slowly moving away from for years, we no longer have the same reliance on layer 2 connectivity in the majority of the campus. Most of our legacy applications are long gone and in recent times we've been trying to ensure no "lazy" application are purchased.

Good for you. It’s so nice to see someone moving in the right direction.

Unfortunately, based on what I’m seeing the majority of enterprise environments happily prefer taking the blue pill and ignoring their competitors going in the right direction. Guess what – so did Barnes & Noble when Amazon was a tiny speck on the horizon. It seems they managed to recover from that blunder; others might not be so fortunate.


  1. There is no right or wrong direction. It always depends on your requirements.
    1. While I firmly believe in "understand the requirements, your architecture depends on them", what you're saying could be understood as equivalent to "evolution is just an alternate theory to intelligent design".

      Some things are plain wrong no matter what, it's just very hard to admit that sometimes, particularly if you invested too much into them.
    2. No, my intention was different. I just wanted to repeat what I've learned from you. As you might know repetition is the key to learning.
  2. We built an HQ office network based on layer-3/BGP in 2014. It runs perfectly fine. I even forgot how to troubleshoot it, because there is no need.
    1. I wonder how much this layer 3 campus network costs compared to a traditional layer 2 network?
  3. So we replace well understood layer-2 with vastly more complex layer-3 underlay with VXLAN overlay and when you need routing vrf with VXLAN. When it fails it no doubt fails complex. Yes it provides flexibility and apparently better workload mobility but there is a lot to be said for keeping it simple and understanding what happens under the hood, just look at ASDM for an example on how an ASA config can turn into a steaming pile of crap.
Add comment