Blog

VXLAN: Virtual Extensible LAN

VXLAN (Virtual Extensible LAN) is a network virtualization technology that addresses scalability and segmentation limitations of traditional VLANs in modern data centers and cloud environments. VXLAN encapsulates Layer 2 Ethernet frames within UDP packets, allowing communication across Layer 3 networks.

Key Features of VXLAN:

  1. Extended Layer 2 Segmentation:
    • VLANs are limited to 4096 unique IDs due to the 12-bit VLAN ID field.
    • VXLAN uses a 24-bit VXLAN Network Identifier (VNI), allowing up to 16 million logical networks.
  2. Layer 2 over Layer 3:
    • VXLAN enables Layer 2 segments to span Layer 3 networks, making it possible to connect VMs and devices across different physical locations while maintaining Layer 2 connectivity.
  3. Encapsulation:
    • VXLAN encapsulates Ethernet frames within a UDP header, creating a VXLAN tunnel. This process is referred to as MAC-in-IP encapsulation.

VXLAN Packet Structure:

A VXLAN packet consists of:

  1. Outer Ethernet Header:
    • The source and destination MAC addresses of the VXLAN tunnel endpoints.
  2. Outer IP Header:
    • Encapsulates the packet with source and destination IPs of the VXLAN tunnel endpoints.
  3. Outer UDP Header:
    • Includes a destination port, typically set to 4789, the default for VXLAN.
  4. VXLAN Header:
    • Contains the VNI that identifies the VXLAN segment.
  5. Inner Ethernet Frame:
    • The original Layer 2 Ethernet frame being encapsulated.

VXLAN Components:

  1. VTEP (VXLAN Tunnel Endpoint):
    • A device (software or hardware) that performs VXLAN encapsulation and decapsulation.
    • Every VTEP has two interfaces:
      • Uplink Interface: Connects to the IP network (underlay).
      • Virtual Interface: Connects to the VXLAN segments (overlay).
  2. Underlay Network:
    • The physical Layer 3 network that transports encapsulated VXLAN packets.
  3. Overlay Network:
    • The logical Layer 2 network created by VXLAN.
  4. Multicast or Unicast:
    • VXLAN originally used multicast for forwarding unknown or broadcast traffic.
    • Modern implementations use unicast with controllers like EVPN for efficiency.

VXLAN in Action:

  1. Encapsulation:
    • A device in VLAN 100 sends a frame.
    • The VTEP maps VLAN 100 to VNI 5000 and encapsulates the frame with the VXLAN header.
  2. Routing in Underlay:
    • The encapsulated frame is routed across the underlay network using IP addresses.
  3. Decapsulation:
    • At the destination VTEP, the VXLAN header is removed, and the original Layer 2 frame is delivered.

Benefits of VXLAN:

  1. Scalability:
    • Supports more network segments than VLANs.
  2. Layer 2 Mobility:
    • Enables VM migration across different physical locations.
  3. Efficient Use of IP Networks:
    • Leverages Layer 3 routing for transport.
  4. Interoperability:
    • Works with existing Ethernet and IP infrastructures.

Common Use Cases:

  1. Cloud Data Centers:
    • Seamless VM migration and multi-tenancy.
  2. Hybrid Cloud Environments:
    • Connects private and public cloud resources.
  3. Large-Scale Virtual Networks:
    • Ideal for isolating workloads in highly virtualized environments.

Protocols and Enhancements:

Modern VXLAN deployments often use EVPN (Ethernet VPN) as a control plane to dynamically learn MAC addresses and VNIs. This eliminates the reliance on multicast in the underlay and improves scalability.

Leave a Reply