Fun Fact: At a recent networking conference we attended, a poll was taken and it was discovered that more people in the room knew what country Oslo was the capital of, than those that knew how VxLAN works.
Why VXLAN was Created
In all traditional data centers, VLANs (virtual local area networks) are used to enforce Layer 2 isolation. Over the past few decades, as data centers grew increasingly in size and technology, the need for extending Layer 2 networks across racks within a data center, and even across data centers of different geographical locations, grew. As a result, the limitations of VLANs made this task difficult to accomplish.
- In data centers and multi-tenancy environments, thousands of VLANs are needed. The limitation of 4094 VLANs that currently exist is not sufficient.
- Using STP (spanning-tree protocol) to provide loop-free networks in return disables most redundant links limiting bandwidth growth.
- VLANs are also restrictive in terms of distance and deployment. Routers do not extend Layer 2 broadcast, which leaves the engineer the traditional option of trunking the desired VLAN(s) through multiple switches and increasing the risk of potential network disaster.
VXLAN (Virtual Extensible LAN) addresses all the above limitations that engineers are faced with when using regular VLANs.
VXLAN is a Layer 2 overlay deployment over an existing Layer 3 network. It uses MAC Address-in-User Datagram Protocol (MAC-in-UDP) encapsulation to provide a means to extend Layer 2 segments across the data center network. VXLAN is designed to not only provide the same services and core functions that VLANs do today, but also provide a solution to extend the Layer 2 network over an existing Layer 3 network. This is called an “overlay”. An overlay network is a virtual network that is built on top of an existing Layer 2/Layer 3 network. VXLAN makes it easier for network engineers to scale a data center or cloud computing environment, while still being able to isolate tenant services.
In a multi-tenant environment, each tenant requires its own logical network, which in turn, requires its own Network Identification (NID). Traditionally, network engineers have used VLANs to accomplish the task of separating applications and tenants but with the scale limitation of a regular VLAN, only 4096 unique NIDs could be deployed at a given time. However, VXLAN extends the VLAN address space by adding a 24-bit segment and increasing the number of available NIDs (called VNIs) from 4094 to 16 million. This allows for millions of isolated Layer 2 VXLAN networks to co-exist on a common Layer 3 infrastructure.
- Flexible placement of multi-tenant segments throughout the data center. It provides a solution to extend Layer 2 segments over the underlying shared network infrastructure so that tenant workload can be placed across physical segments in the data center.
- Higher scalability to address more Layer 2 segments. VLANs use a 12-bit VLAN ID to address Layer 2 segments, which results in limiting scalability of only 4094 VLANs. VXLAN uses a 24-bit segment ID which enables up to 16 million VXLAN segments to coexist in the same common network infrastructure.
- Better utilization of available network paths in the underlying infrastructure. VLAN uses the Spanning-Tree Protocol for loop prevention, which ends up disabling half of the network links in a network by blocking redundant paths. In contrast, VXLAN packets are transferred through the underlying network based on its Layer 3 header and can take complete advantage of Layer 3 routing, equal-cost multipath (ECMP) routing, and link aggregation protocols to use all available paths.
VXLAN is a network overlay technology design for data center networks. It simply and easily provides massively increased scalability over regular VLAN IDs alone, while allowing for L2 adjacency over L3 networks. Learn more about our networking services and reach out to a Rahi Systems‘ expert to design your network architecture.