Back

VXLAN (Virtual Extensible LAN)

VXLAN, which stands for Virtual Extensible Local Area Network, is a network virtualization technology designed to address the scalability problems associated with large cloud computing deployments. It operates by encapsulating Layer 2 Ethernet frames within Layer 4 UDP datagrams, allowing for the creation of virtualized Layer 2 networks that can span across Layer 3 networks such as the Internet[1][2][3].


Key Features of VXLAN:


  1. Encapsulation: VXLAN encapsulates Layer 2 Ethernet frames in Layer 4 UDP packets, which enables the creation of virtualized Layer 2 subnets that can extend over physical Layer 3 networks[1][2][3].
  2. VXLAN Network Identifier (VNI): Each VXLAN segment is uniquely identified by a VXLAN Network Identifier (VNI), which is a 24-bit identifier allowing for up to 16 million virtual networks. This is a significant increase from the 4094 VLAN IDs available with traditional VLANs[1][2][3].
  3. VXLAN Tunnel Endpoints (VTEPs): VXLAN endpoints that terminate VXLAN tunnels may be either virtual or physical switch ports. These VTEPs are responsible for encapsulating and de-encapsulating the frames for transport across the IP network[2][3].
  4. Multicast Support: VXLAN can use multicast or unicast with head-end replication to flood broadcast, unknown-unicast, and multicast traffic[2].
  5. Large Scale: VXLAN is suitable for environments that require a large number of isolated Layer 2 networks, such as multi-tenant data centers or cloud environments[1][2].
  6. Compatibility with Existing Technologies: VXLAN can be used in conjunction with traditional VLANs and other network virtualization technologies like QinQ[1].


How VXLAN Works

VXLAN works by mapping a locally significant VLAN ID to an organizationally significant VNI. The devices that perform this mapping are known as VXLAN Tunnel End Points (VTEPs). These VTEPs encapsulate the original Ethernet frames with a VXLAN header and an IP header, allowing the frames to be routed across an IP network. When the encapsulated VXLAN packets reach the destination VTEP, they are decapsulated and the original frames are forwarded to the appropriate local network segment[3].


Use Cases for VXLAN

VXLAN is commonly used in modern network architectures such as EVPN, Cisco ACI, Cisco SD-Access, and VMware NSX to enable Layer 2 continuity between fabric edge devices. It allows for the flexible migration of virtual machines across data centers and the isolation of traffic for security purposes, such as separating IoT device traffic from production network application traffic[1][3].


Industry Adoption

The VXLAN specification was originally created by VMware, Arista Networks, and Cisco, and has since gained support from a broad range of industry players. It is officially documented by the IETF in RFC 7348[2].

In summary, VXLAN is a powerful technology that enables the creation of large-scale virtual networks over existing IP infrastructure, providing greater flexibility, scalability, and isolation for cloud and data center environments.


Citations:

[1] https://www.juniper.net/us/en/research-topics/what-is-vxlan.html

[2] https://en.wikipedia.org/wiki/Virtual_Extensible_LAN

[3] https://thisbridgeistheroot.com/blog/how-does-vxlan-work-and-why-is-it-being-used-everywhere

[4] https://networklessons.com/cisco/ccnp-encor-350-401/introduction-to-virtual-extensible-lan-vxlan

[5] https://www.ciscopress.com/articles/article.asp?p=2999385&seqNum=3

[6] https://info.support.huawei.com/info-finder/encyclopedia/en/VXLAN.html

[7] https://www.sdxcentral.com/networking/sdn/definitions/enterprise-data-center-networking/what-is-network-fabric-definition/what-is-vxlan/

[8] https://networkdirection.net/articles/routingandswitching/vxlanoverview/

Share: