English
Deutsch
Espaniol
VXLAN (Virtual Extensible LAN) is a type of encapsulation protocol that enables data center connectivity through tunneling to stretch existing Layer 2 connections over a Layer 3 network.
In data centers, VXLAN is considered the leading solution for creating overlay networks that reside at the top layer of the physical network and enable the use of virtual networks. The Virtual Extensible LAN (VXLAN) enables the virtualization of data center network infrastructure while meeting the needs of large, multi-tenant data centers by providing the necessary segmentation at scale.
How does it work?
VXLAN is an extension of VLAN. It is a type of network virtualization over layer 3 (NVO3) defined by the IETF. VXLAN encapsulates an L2 Ethernet frame (Layer 2) in a UDP (User Datagram Protocol) packet that can be transmitted over a Layer 3 network.
VXLAN is a tunneling technology that establishes a logical tunnel over an IP network between the destination and source network devices to encapsulate user-side Ethernet packets. These packets are then forwarded to the target network devices via the logical VXLAN tunnel.
The VXLAN tunneling protocol allows users to build virtualized Layer 2 segments or subnets that span physical Layer 3 networks. Each Layer 2 segment or subnet is represented by a unique VXLAN Network Identifier (VNI), which is used for traffic segmentation.
In VXLAN, the entity that performs the encapsulation and decapsulation of Layer 2 Ethernet packets is called a VXLAN tunnel endpoint or VTEP. If the devices at the endpoints do not qualify as VTEPs, we use network devices that tend to encapsulate and decapsulate data packets. These types of VTEPs are referred to as hardware VTEPs. Software VTEPs, on the other hand, reside in hypervisor hosts such as KVM hosts and support virtualized workloads.
What problems are solved by VXLAN?
Data centers have rapidly expanded their server virtualization over the last ten years, which has led to a significant increase in flexibility and agility. Virtualization and the decoupling of the physical network from the virtual network facilitate orchestration, automation and management.
Compared to VLANs, VXLAN not only allows you to segment your networks, but also solves scaling problems and offers advantages that virtual LANs (VLANs) cannot provide. Below are some of the key benefits of using VXLANs;
- In a management domain, you can theoretically create up to 16 million VXLANs (much more than 4094 VLANs).
- VXLANs provide network segmentation at the scale required by cloud developers to accommodate large numbers of tenants.
- With VXLANs, you can allocate resources between or within data centers and enable the migration of virtual machines between servers scattered in separate Layer 2 domains by tunneling traffic through Layer 3 networks.
- VXLAN provides a unified network topology, which improves network performance and reduces network complexity.
- By combining EVPN and VXLAN, you can significantly increase the network capacity of your data center. By combining VXLAN and EVPN, you can extend identical networks between different data centers with a single overlay so that they function as one.
- VXLAN provides enterprise-class security and a multi-tiered network that reduces deployment time from weeks to days and hours.
What are the main differences between VLAN and VXLAN?
VLAN is an established but outdated network isolation technology that enables the creation of approximately 4K virtual LAN networks. Therefore, VLAN cannot meet the increasing isolation requirements of medium to large data centers. In addition, each VLAN represents a small virtual layer 2 network that does not allow large-scale dynamic migration of virtual machines (VM).
With VXLAN, the above-mentioned disadvantages of VLAN are adequately solved. VXLAN establishes a logical tunnel between two network devices over the data center's central IP network and turns the entire data center network into a Layer 2 switch. VXLAN can identify up to 16 million tenants - much more than the 4K tenants that VLAN offers. VXLAN can therefore meet the requirements of large-scale, dynamic migration of virtual machines.
Conclusion:
VXLAN is an advanced encapsulation technology that creates logical tunnels to establish Layer 2 connections across two or more Layer 3 networks. VXLAN is an extension of VLAN, but differs from its predecessor in several ways. Unlike VLAN, VXLAN supports the migration of virtual machines between data centers. The ability of this technology to decouple the virtual part of the network from the physical part makes it an ideal solution for the dynamic distribution of resources between or within data centers.
