What is VXLAN?
You may have heard of VXLAN technology and you are wondering what is VXLAN? Generally, Virtual extensible Local Area Network (VXLAN) is a tunneling protocol that tunnels Ethernet (layer 2) traffic over an IP (layer 3) network.
Traditional layer 2 in three-tier network layers consist of several main issues that needs to much time and energy to manage by network admins, such as Spanning-tree, limited amount of VLANs that provides network segmentation and large MAC address tables. While Spanning-tree blocks any redundant links to avoid loops and create a loop-free topology, it also means we pay for links we can’t use.
Moreover, VLAN ID includes 12-bit, which means only 4094 available VLANs can be an issue for data centers. Furthermore, Because of exponentially growth of server virtualization, the number of addresses in the MAC address tables of our switches has grown. There are too many running virtualized servers on data centers while each VM has a virtual NIC and a virtual MAC address. The switch has to learn many MAC addresses on a single switch port. These challenges require a new solution to ease things on the network.
To address all these challenges, VXLAN uses an overlay and underlay network. An overlay network is a virtual network that runs on top of a physical underlay network. With VXLAN, the overlay operates as an Ethernet layer 2 and the underlay network is a layer 3 IP network which is also known as transport network. The underlay’s task is to transfer data between devices.
In this architecture we can use layer 3 instead of layer 2 which provides flexible protocols like IGP, OSPF or EIGRP to traffic load balancing on redundant links. Independency is another pro of this method. The virtual overlay network requires an underlay network though, changes in the overlay network won’t affect the underlay network. You can add and remove links in the underlay network, and as long as your routing protocol can reach the destination, your overlay network will remain unchanged.
Also, The VXLAN Network Identifier (VNI) plays a same role as the VLAN ID for regular VLANs. We use 24 bits for the VNI, which provides a vast number of VLANs that we can use, compared to those 4094 VLANs with a 12-bit VLAN ID. We can make many of VXLANs which enables large service providers with even thousands of customers to use as many as VXLANs per customer as needed.
In this new technology, The VXLAN tunnel endpoint (VTEP) is used for encapsulating and de-encapsulating layer 2 traffic. This device is the connection between the overlay and the underlay network. The VTEP can be deployed in both Software (host-based) and Hardware (gateway) ways.
Some hypervisors use virtual switches, and some of them support VXLAN and can be implemented as a software VTEP. A hardware VTEP is a network device like router, switch and etc., which supports VXLAN. A hardware VTEP is also a VXLAN gateway as it combines a regular VLAN and VXLAN segment into a single layer 2 domain. Some switches have VXLAN support with ASICs, offering better VXLAN performance than a software VTEP.