Overview of VXLAN

Definition

As defined by RFC 7348, VXLAN is a Network Virtualization over Layer 3 (NVO3) technology that uses MAC in User Datagram Protocol (MAC-in-UDP) to encapsulate packets.

Purpose

Server virtualization is a critical cloud computing technology, and has been widely deployed because it significantly reduces IT and operation and maintenance (O&M) costs and facilitates more flexible service deployment.

Figure 1 Server virtualization networking

On the network shown in Figure 1, one server is virtualized into multiple virtual machines (VMs), each of which acts as a host. However, the exponential increase in the number of hosts leads to the following problems on a virtual network:

• Network isolation capabilities are limited.

  Most networks use VLANs or virtual private networks (VPNs) for network isolation. However, these two network isolation technologies have the following limitations on large-scale virtualized networks:

  • The VLAN tag field, as defined in IEEE 802.1Q, has only 12 bits, and can only identify a maximum of 4096 VLANs, making it insufficient for identifying users on large Layer 2 networks.
  • VLANs or VPNs cannot support dynamic network adjustment on traditional Layer 2 networks.

• VM migration scope is limited by the network architecture.

  After VMs are started, they may need to be migrated from one server to another due to server resource problems (for example, CPU overload or insufficient memory). To ensure uninterrupted services during VM migration, the IP and MAC addresses of VMs must remain unchanged. To meet this requirement, the service network must be a Layer 2 network that provides multipath redundancy and reliability.

VXLAN addresses the above problems on large Layer 2 networks as follows:

• Limited network isolation capabilities

  VXLAN uses a VXLAN network identifier (VNI) field similar to the VLAN ID field defined in IEEE 802.1Q. The VNI field has 24 bits and can identify a maximum of 16M VXLAN segments theoretically.

• VM migration scope limitations imposed by network architecture

  When VXLAN is used to construct a large Layer 2 network, VM IP and MAC addresses can remain unchanged after VM migration.

Benefits

When server virtualization is widely deployed in data centers based on physical network infrastructure, VXLAN offers the following benefits:

• Supports a maximum of 16M VXLAN segments with 24-bit VNIs, so a data center can accommodate a large number of tenants.
• Extends Layer 2 networks using MAC-in-UDP encapsulation and decouples physical and virtual networks. Tenants can plan their own virtual networks, without being limited by the physical network IP addresses or broadcast domains. This greatly simplifies network management.