Virtual Extensible LAN -VXLAN
Why is it needed ?
As we move into cloud computing era with multi-tenant infrastructure, there are scalability concerns with only having 4094 networks acheived through VLANs/802.1q
Virtual Extensible LAN (VXLAN) can aid in alleviating the scalability concerns for larger environments.
VXLAN – Virtual Extensible Local Area Network
VXLAN Segment/Overlay network – VXLAN Layer 2 network over which VMs communicate
VNI – VXLAN Network Identifier (or VXLAN Segment ID)
VTEP – VXLAN Tunnel End Point – an entity which originates and terminates VXLAN tunnels
VXLAN Gateway – an entity which forwards traffic between VXLAN and non-VXLAN environments
How is it done ?
VXLAN is an Layer 2 overlay network over Layer 3 network.
It uses a VLAN-like encapsulation technique to encapsulate MAC-based OSI layer 2 Ethernet frames within layer 3 UDP packets, it is distinguished by a unique VXLAN Network Identifier(VNI).
Think of this as a logical network(Layer 2 network) capable of spanning across a layer 3 network.
Workflow for VM to VM communication
- Encapsulate network packet with UDP header comprising a 24 bit-VXLAN ID.
- UDP frame is again padded with a 802.1Q VLAN tag correlating to a participating ESX-VMkernel Interface.
- Each ESX host-VMkernel interface then becomes a Virtual tunnel Endpoint(VTEP) with VXLAN participants(Virtual Machines) behind it.
- Hosts VMKernel interfaces communicate with standard VLANs and know of Virtual Machine(VXLAN) behind each other by monitoring ARP requests and updating their MAC tables.
Lo and Behold now we have 16 million logical networks not in thousands and along with it brings the advantages that conventional 802.1Q brought to the table, in-terms of performance/segmentation.
Do note that this may become legacy soon, here is why http://tools.ietf.org/id/draft-gross-geneve-00.txt