VXLAN

 

Introduction: VXLAN

    Now a days the concept of network overlays is used and in network overlays people have gained interest in the past few years because of their potential to address some of the requirements which are beneficial for the enterprise networks. The network overlays are the different virtual networks of interconnected nodes that enable applications to be deployed without having to change any of the underlying networks.

                With time, there are lot of new encapsulation frame formats purpose-built for the data center, including Virtual Extensible LAN (VXLAN), Location/Identifier Separation Protocol (LISP). So, as we go through this post you will come to know some of the overlay transport protocols and they are.

• VXLAN: Virtual Extensible LAN
•  LISP: Locator/Identifier Separation Protocol

          Virtual Extensible LAN (VXLAN) and Location/Identifier Separation Protocol (LISP) are two new encapsulation frame types designed specifically for data centers.

 

What is VXLAN?

VXLAN is an extension to the Layer 2 VLAN. It was designed to provide the same VLAN functionality with greater extensibility and flexibility. VXLAN is an overlay encapsulation technology (network overlay and tunnelling technology) which allows us to extend Layer 2 across a Layer 3 routed infrastructure.

Main concern with VLANs is the limited address space. Each device can have around 4000 usable VLANs. This is an issue with service providers. They may have to maintain several VLANs per customer, which exhausts the address space quickly. To work around this VLAN ID’s can be reused on different switches, or technologies like Q-in-Q can be used.

VXLAN does not have this limitation. It uses a 24-bit header, which gives us about 16 million VNI’s to use. A VNI is the identifier for the LAN segment, like a VLAN ID. With an address space this large, an ID can be assigned to a customer, and it can remain unique across the entire network. VXLAN network identification (VNI) is assigned to each Layer 2 subnet to segment traffic.

In data centers, VXLAN is the most used protocol to create overlay networks that sit on top of the physical network, enabling the use of virtual networks. The VXLAN protocol supports the virtualization of the data center network while addressing the needs of multi-tenant data centers by providing the necessary segmentation on a large scale.

The VXLAN tunneling protocol that encapsulates Layer 2 Ethernet frames in Layer 3 UDP packets enables you to create virtualized Layer 2 subnets, or segments, that span physical Layer 3 networks. Each Layer 2 subnet is uniquely identified by a VXLAN network identifier (VNI) that segments traffic.

In other words, VXLAN defines a MAC-in-UDP encapsulation scheme where the original Layer 2 frame has a VXLAN header added and is then placed in a UDP-IP packet. With this MAC-in-UDP encapsulation, VXLAN tunnels the Layer 2 network over the Layer 3 network.

VXLAN has been widely adopted and is now used in many large enterprise networks for virtualization and cloud computing. It provides:

• A secure and efficient way to create virtual networks.
• Allowing for the creation of multi-tenant segmentation.
•  Efficient routing.
• Hardware-agnostic capabilities.
• With its widespread adoption, VXLAN has become an essential technology for network virtualization.

 As we have seen, VXLAN traffic is encapsulated before it is sent over the network. This creates stateless tunnels across the network, from the source switch to the destination switch. The encapsulation and decapsulation are handled by a component called a VTEP (VXLAN Tunnel End Point. a VTEP has an IP address in the underlay network. It also has one or more VNI’s associated with it. When frames from one of these VNI’s arrive at the Ingress VTEP, the VTEP encapsulates it with UDP and IP headers. The encapsulated packet is sent over the IP network to the Egress VTEP. When it arrives, the VTEP removes the IP and UDP headers, and delivers the frame as normal.