Network segmentation has usually been provided by VLANs that are standardized under the IEEE 802.1Q group. However, using these traditional VLANs has become a limiting factor and a handicap to IT personnel, not scaling to current day large requirements due to underutilized available network links, inflexible placement of network devices in the data center network design, and the upper limit of 4096 VLANs not sufficient for today's virtualization infrastructure, with Data Centers hosting thousands of hosts each hosting thousands of VMs.
VXLAN provides the same Ethernet Layer 2 network services as a traditional VLAN but facilitates greater extensibility and flexibility. VXLAN has lots of advantages when compared to a regular VLAN:
VXLAN is a Layer 2 overlay scheme over a Layer 3 network. VXLAN uses MAC Address-in-User Datagram Protocol (MAC-in-UDP) encapsulation to facilitate extending Layer 2 segments across the network in the data center. VXLAN is specifically an Ethernet in UDP channel. It provides support to stage a flexible, large-scale multi-tenant environment over a common, shared physical infrastructure. The transport protocol over the physical data center network is IP combined with UDP.
The VXLAN design scheme is such that there is a MAC-in-UDP encapsulation, with the original Layer 2 frame having a VXLAN header added and then placed in a UDP-IP packet. With this MAC-in-UDP encapsulation, VXLAN tunnels Layer 2 network over a Layer 3 network.
VXLAN is standards-based:
RFC 7348 --- Virtual eXtensible Local Area Network (VXLAN), a Framework for Overlaying Virtualized Layer 2 Networks over Layer 3 Networks.
Allows Layer 2 multipathing
* Does not need Spanning Tree Protocol for loop prevention
* Uses Layer 3 ECMP over fabric
* Logic similar to FabricPath
Includes scaling enhancements
* Optimizations for control plane, MAC learning, ARP tables, BUM replication (Broadcast, Unicast and Multicast).
Does not break Layer 2 adjacency requirements
* Allows for any to any stateless Layer 2 and Layer 3 transport, Eg., vMotion.
Allows for multi-tenancy
* Separation of customer traffic over shared underlay fabric
* Allows for overlapping Layer 2 and Layer 3 addresses
VXLAN provides the same Ethernet Layer 2 network services as a traditional VLAN but facilitates greater extensibility and flexibility. VXLAN has lots of advantages when compared to a regular VLAN:
- The flexibility to place multi-tenant segments throughout the Data Center. You can extend Layer 2 network segments across the underlying network infrastructure so that tenant workloads can be stationed across physical PODs in the data center.
- Greater scalability to address more Layer 2 segments. Conventional VLANs use a 12-bit VLAN ID to process Layer 2 segments which can yield a maximum of 4096 VLANs. VXLAN uses a 24-bit segment ID (called VNID) that enables up to 16,777,216 VXLAN segments to live in the same administrative domain. As you can see, 16 million is essentially infinite, for all practical purposes.
- Higher utilization and data throughput in the available network paths in the underlying wires. The traditional VLAN implements Spanning Tree Protocol to prevent loops however the trade-off there is that we are wasting half the network links by throwing a tree and blocking redundant paths even though we continue to pay for those expensive lines. It's an Active/Passive instead of an Active/Active proposition that we have to live with. On the contrary, VXLAN packets are transmitted through the underlying network based on its Layer 3, and not Layer 2, header and can take full advantage of Layer 3 routing, ECMP i.e. Equal Cost Multi-Pathing routing, and link aggregation to use all available links.
VXLAN is a Layer 2 overlay scheme over a Layer 3 network. VXLAN uses MAC Address-in-User Datagram Protocol (MAC-in-UDP) encapsulation to facilitate extending Layer 2 segments across the network in the data center. VXLAN is specifically an Ethernet in UDP channel. It provides support to stage a flexible, large-scale multi-tenant environment over a common, shared physical infrastructure. The transport protocol over the physical data center network is IP combined with UDP.
The VXLAN design scheme is such that there is a MAC-in-UDP encapsulation, with the original Layer 2 frame having a VXLAN header added and then placed in a UDP-IP packet. With this MAC-in-UDP encapsulation, VXLAN tunnels Layer 2 network over a Layer 3 network.
RFC 7348 --- Virtual eXtensible Local Area Network (VXLAN), a Framework for Overlaying Virtualized Layer 2 Networks over Layer 3 Networks.
Allows Layer 2 multipathing
* Does not need Spanning Tree Protocol for loop prevention
* Uses Layer 3 ECMP over fabric
* Logic similar to FabricPath
Includes scaling enhancements
* Optimizations for control plane, MAC learning, ARP tables, BUM replication (Broadcast, Unicast and Multicast).
Does not break Layer 2 adjacency requirements
* Allows for any to any stateless Layer 2 and Layer 3 transport, Eg., vMotion.
Allows for multi-tenancy
* Separation of customer traffic over shared underlay fabric
* Allows for overlapping Layer 2 and Layer 3 addresses
No comments:
Post a Comment