Traditional VLAN links have been proven insufficient to cope with rigid requirements of cloud providers – as they are reaping significant benefits by stretching Layer 2 over Layer 3 network to build large multitenant data centers. VXLAN (Virtual Extensible Local Area Network) technology is proposed to extend VLAN and overcome the limited scalability posed by VLAN. The VXLAN provides layer 2 connectivity extension across the layer 3 boundary, enabling large-scale virtualized and multitenant data center designs over a shared common physical infrastructure. This article sticks to the basics of VXLAN and the difference between VXLAN vs VLAN.
VXLAN is a network virtualization scheme that enables users to create a logical network for virtual machines (VMs) across different networks. That is to say, it allows you to create a layer 2 network on top of layer 3 through encapsulation. What to emphasize is that you could potentially create 16 million networks using VXLAN, compared to the 4096 VLANs. In this case, VXLAN technology enables network to support far more VLANs. As a result, more logical network isolation for large networks can house much more virtual machines.
VXLAN allows you to create smaller layer 2 domains that are connected over a layer 3 network. Which eliminates the need to use Spanning Tree Protocol (STP) to converge the topology – but with a more robust routing protocols in the layer 3 network. Without STP, none of your links are blocked, so you can obtain full value from all the ports you purchased. VXLAN also enables you to load-balance the traffic to get the best use of your available bandwidth. These all makes sense to maximize data center performance.
VXLAN makes a dramatic difference for building cloud data centers. It lays the foundation of a scalable cloud network – where lots of logical networks can be created in a timely manner. This therefore satisfies the needs of the most complex and dynamic cloud. VXLAN, in fact, has successfully pushed the boundary of virtual machine migration beyond layer 2 domain.
VXLAN uses Layer 3 multicast to support the transmission of multicast and broadcast traffic in the virtual network, while decoupling the virtual network from the physical infrastructure. In this environment, a VXLAN gateway device can be used to terminate the VXLAN tunnel and forward traffic to and from a physical network. Here are explanations assist in understanding VXLAN.
VXLAN gateway: A VXLAN gateway bridges traffic between VXLAN and non-VXLAN environments by becoming a virtual network endpoint. For example, it can link a traditional VLAN and a VXLAN network,
VXLAN segment: A VXLAN segment is a Layer 2 overlay network over which VMs communicate. Only VMs within the same VXLAN segment can communicate with each other.
VNI: The Virtual Network Identifier (VNI), also referred to as VXLAN segment ID. The system uses the VNI, along with the VLAN ID, to identify the appropriate tunnel.
VTEP: The VXLAN Tunnel Endpoint (VTEP) terminates a VXLAN tunnel. The same local IP address can be used for multiple tunnels.
VXLAN header: In addition to the UDP header, encapsulated packages include a VXLAN header, which carries a 24-bit VNI to uniquely identify Layer 2 segments within the overlay.
VXLAN is developed to provide the same Ethernet Layer 2 network services as VLAN does today, but with greater extensibility and flexibility. When it comes to segment your networks, VXLAN functions just like VLAN and possesses advantages VLAN don’t have. Here are the most significant benefits of using VXLANs.
- You can theoretically create as many as 16 million VXLANs in an administrative domain, as opposed to 4094 VLANs.
- VM can migrate between servers that exist in separate Layer 2 domains by tunneling the traffic over Layer 3 networks. So you can dynamically allocate resources within or between data centers without being constraint by Layer 3 boundaries.
- Flexible placement of multitenant segments: VXLAN extends Layer 2 segments over the underlying shared network infrastructure so that tenant workload can be placed across physical pods.
- Higher scalability to address more layer 2 segments: VXLAN uses a 24-bit segment ID, also known as the VXLAN network identifier (VNID), which enables up to 16 million VXLAN segments to coexist in the same administrative domain.
- Better utilization of available network paths in the underlying infrastructure: VXLAN packets are transferred through the underlying network based on its Layer 3 header and can take complete advantages of Layer 3 routing and link aggregation protocols to use all available paths.
When compared VXLAN vs VLAN, VXLAN is no doubt a better solution with evident benefits: sufficient links and capacity to handle massive traffic in cloud environment. VXLAN technology is meant to provide same services connected to Ethernet end systems that VLANs do today, while offer a means to stretch L2 network over a L3 network. VXLAN assures clean isolation between VMs and physical IP-based transport infrastructure, and enables unsurpassed reliability and scalability to network. Just remember that we need VXLAN termination in physical devices, such as switches, firewalls and load balancers before we can start considering large-scale deployments.