VXLAN
VXLAN is a network virtualization technology. As an important tool for modern network virtualization, it can build virtual networks on the existing network infrastructure and solve the limitations of VLAN in large-scale deployment. In this article, I will help you to understand what VXLAN is and its characteristics, to help you have a deeper understanding of VXLAN.
What is VXLAN
VXLAN stands for Virtual Extensible Local Area Network, which is the network virtualization technology standard of IETF. It builds multiple independent virtual networks based on the physical network, allowing multiple different users to share different virtual networks on the same physical network. The network traffic of these virtual networks is isolated, and each user cannot see the network traffic of another user. For example, the physical network is a large space, and VXLAN divides it into independent private spaces. Anything in the private space is known only to the user. Each VXLAN is like a private network segment in a shared physical network.
How Does VXLAN Work
The VXLAN tunneling protocol enables the creation of virtualized Layer 2 subnets on a physical Layer 3 network by encapsulating Layer 2 Ethernet frames in Layer 4 UDP packets, each with a unique VXLAN network identifier (VNI). The encapsulation and decapsulation of packets is handled by a VXLAN tunnel endpoint (VTEP), which can be a standalone network device such as a physical router or switch, or a virtual switch running on a server. The VTEP encapsulates the Ethernet frame into a VXLAN packet and sends it over the IP or Layer 3 network to the target VTEP, which then decapsulates the packet and forwards it to the target server. For devices that cannot act as a VTEP independently, such as bare metal servers, some hardware VTEPs (such as specific Juniper switches and routers) can handle the encapsulation and decapsulation of packets. In addition, VTEP can also be implemented in a hypervisor host (such as a kernel-based virtual machine (KVM)) to directly support virtualized environments. This type of VTEP is called a software VTEP.
Key Advantages of VXLAN
Because VXLAN encapsulates Layer 2 Ethernet frames in Layer 4 UDP packets, it can operate in any network environment that supports UDP transport. The physical location and geographical distance of the underlying network nodes will be a manageable factor as long as the VXLAN tunnel endpoint (VTEP) can correctly forward UDP packets from the encapsulation end to the decapsulation end.
When VXLAN is used in conjunction with EVPN, operators can build virtual networks using ports on any physical switch that supports the standard in the same Layer 3 network. For example, an operator can select one port from switch A, two ports from switch B, and another port from switch C to create a virtual network. To all connected devices, this network looks like a single physical network. Devices joining the virtual network will not be able to see any traffic in other VXLANs or the underlying network structure.
Application of VXLAN
The Spine-Leaf architecture is deployed in the data center network to realize a VXLAN-based data center. By adding MLAG, the reliability of the network architecture can be enhanced and its optimal performance can be ensured. At the same time, VXLAN can ensure flexible deployment of a wide range of virtual machine migration and user services. VXLAN can meet larger and more complex network requirements in applications such as large data centers and cloud computing.
Conclusion
As a key part of modern network architecture, VXLAN provides greater flexibility and scalability for large data centers and cloud computing applications and also brings more convenient management methods to network service providers. It divides the physical network into different virtual networks, each of which does not interfere with the other and cannot see other virtual network data, ensuring user security and preventing privacy leakage. If you have any questions about VXLAN, please feel free to contact QSFPTEK's CCIE/HCIE engineers at [email protected].
share
