VXLAN is the extension of VLAN, and it stands for Virtual Extension Local Area Network. This is an encapsulation protocol that provides the virtual L2 tunnel connection over the L3 Underlay.
We need this protocol because it resolves:
• Mobility (VMs can move anywhere from one data center to another location without any changes)
• Scalability (VLAN 4K to VXLAN 16 Million Logical Network)
• Encapsulation-related limitation.
It is most popular on new technologies of the Data Centre on a platform of NX-OS or ACI and supported by different vendors like Cisco, Juniper, Arista, etc.
Why Do We Need VXLAN Instead Of VLAN?
We know that VLAN is much easier to use but why do we still need VXLAN? We agree that VLANs are easier to use but as we know that day by day the number of new devices and related requirements are increasing so what happens when we would be needing more than 4K VLANs? This is when VXLAN enters as it can provide 16 million segments.
When we need to move our servers’ VMs or LAPTOPs from one location or DC to another location and for that we need to do a few configurations or modifications. To configure the VXLAN Anycast gateway, we must optimize
• Control Plan
• MAC learning
• BUM (Broadcast, Unknown Unicast, and Multicast) traffic replication
All these types of problems will be solved by VXLAN.
• VNI/VNID- VXLAN Network identifier, which is 24-Bits of segment ID this is replaced by VLAN (12-Bits).
• VTEP – Virtual Tunnel End Point, is used to encapsulate and decapsulate the VXLAN packets. VTEP is actually NVE virtual interface.
• NVE- Network Virtual Edge, is a logical tunnel interface that performs encapsulation and decapsulation.
VXLAN uses the Leaf-Spine Architecture, and it is providing the Virtual L2 tunnel connection on shared L3 underlay to carry the packets. VXLAN allows layer 2 multipathing.
BUM traffic is handled by VXLAN through multicast. Whenever VTEP has to send BUM traffic, it requires a Multicast group, and it will be sent only to the relevant group.
The total packet size of VXLAN is 54 Bytes (optional 4 Bytes). Below is the packet structure with packet details.
• Original Layer 2 Frame (Ethernet Payload) with added VXLAN Header. VXLAN Header includes VNI, VXLAN Flag & Reserved.
• Outer UDP Header which includes Source and VXLAN Ports Details, UDP Length, and Checksum.
• Outer IP Header which includes Source and Destination address of the VTEPs.
• Outer MAC Header which includes Source VTEP MAC address and Next-Hop MAC address. VLAN id also tags in this Header.
The Requirements to Configure The VXLAN
• Before configuring we need to ensure the device should support VXLAN.
• We need to verify the hardware and software specification as some of the devices require a reboot to activate the VXLAN.
• For Cisco Nexus switches we need to set switch mode Store-and-forward and then we need to reboot.
• All VXLAN related features should be enabled in Nexus and other vendors if applicable.
Basic Understanding of VXLAN Working Flow
• VTEP will receive ARP from the local host and assume a miss.
• VXLAN uses a multicast flood & learn mechanism to discover the Peer VTEPs.
• Ingress replication deploys when IP multicast is not used in-network.
• Use of MP-BGP L2VPN EVPN to prevent packet flooding.
Finally, we can say that the use of VXLAN is a very important step as it is implemented in the new technology of the Data Centers. The most common new technologies are ACI, DCNM, SDA, NX-OS, and VXLAN are needed for configuration. This shift is more popular nowadays if we see it from a Data Center perspective. VXLAN resolves many Data Centre issues and limitations like Scalability, Mobility, Agility, and it is very easy to use.
Network Consulting Engineer