Virtual Extensible Local Area Network (VXLAN)
Virtual Extensible Local Area Network (VXLAN) is a network virtualization technology designed to address the limitations of traditional VLANs in large-scale data center environments and the cloud. It operates by encapsulating Layer 2 Ethernet frames within Layer 3 UDP packets, enabling the extension of Layer 2 networks over a Layer 3 infrastructure. This encapsulation allows for the creation of large-scale, logical Layer 2 networks across geographically dispersed data centers, which facilitates the movement of virtual machines (VMs) and workloads without reconfiguring the underlying physical network.
At its core, VXLAN provides a way to overcome the scalability limitations of traditional VLANs, which are restricted to a maximum of 4096 segments due to the 12-bit VLAN ID field. By using a 24-bit segment identifier known as a VXLAN Network Identifier (VNI), VXLAN can support up to 16 million distinct segments. This significant increase in segmentation capacity is crucial for modern cloud environments and large enterprise data centers, where thousands of tenants and millions of isolated networks might coexist.
The key mechanism that makes VXLAN powerful is its ability to perform Layer 2 encapsulation. In VXLAN, a Layer 2 Ethernet frame from a VM or host is encapsulated into a Layer 3 UDP packet. This packet includes an outer IP header, which can route across a Layer 3 network, and an outer UDP header, which facilitates the tunneling mechanism. The encapsulated packet is then transmitted over the existing Layer 3 infrastructure. This process allows for Layer 2 segments to be extended across different Layer 3 networks, creating a seamless and scalable virtual network that behaves as if all connected hosts are on the same local network. Figure 8-2 shows the Layer 2 encapsulation used with VXLAN technology.
)
Figure 8-2 VXLAN Encapsulation
One of the primary applications of VXLAN is in data center interconnect (DCI). DCI involves connecting multiple data centers to provide a unified infrastructure, allowing for efficient resource sharing, workload mobility, and disaster recovery. VXLAN is particularly suited for DCI because it enables the extension of Layer 2 networks over Layer 3 distances, thus facilitating the seamless migration of VMs and applications between data centers. This capability is crucial for businesses that need to maintain high availability and disaster resilience by distributing workloads across multiple locations.
VXLAN also integrates well with modern network management and automation tools, supporting dynamic and programmable networking. The VXLAN gateways or Virtual Tunnel Endpoints (VTEPs) play a critical role in encapsulating and decapsulating traffic and can be implemented in both hardware (switches) and software (hypervisors). This flexibility makes VXLAN an essential component in the architecture of software-defined networks (SDNs) and network functions virtualization (NFV), where it provides the necessary overlay networks that decouple virtual network management from physical network hardware.