VXLAN is a network virtualization technology that constructs a virtual Layer 2 network over a Layer 3 network, implementing Layer 2 communication between VMs or hosts even when they are across data centers.
Similar to a traditional VLAN, a VXLAN allows for intra-VXLAN and inter-VXLAN communication.
In this post, I will try to simplify how Intra-VXLAN communication happens between two hosts in same broadcast domain (same VXLAN) but separated by L3 boundaries.
VXLAN does what a VLAN cannot do. It extends the broadcast domain over L3 boundaries while still maintaining L2 domain. It means the hosts in same VXLAN communicate as if they are connected to same L2 infrastructure. This is made possible by a number of VXLAN components.
VXLAN Network Identifier (VNI)
A VNI is similar to a VLAN ID on a traditional network, and it identifies a VXLAN segment. A VNI consists of 24 bits and supports up to 16 million tenants.
Broadcast Domain (BD)
Also referred to as Bridge Domain, used to allow Layer 2 communication between hosts in same VXLAN by mapping to a VNI. So, each BD is identified by one unique VNI. For example, BD 10 is mapped to VNI 100. A BD’s job is to restrict broadcasts to the same VXLAN.
Network Virtualization Edge (NVE)
An NVE is a network entity used to implement network virtualization functions. After packets are encapsulated and decapsulated through NVEs, a Layer 2 VXLAN can be established between NVEs over the basic Layer 3 network. Usually, a VTEP is the NVE.
VXLAN Tunnel Endpoints (VTEP)
A VTEP encapsulates and decapsulates VXLAN packets.
The source and destination IP addresses in a VXLAN packet are the IP addresses of the local and remote VTEPs, respectively. VXLAN tunnel is established between these two VTEPs. The source VTEP encapsulates packets and selects a tunnel to forward them. The corresponding destination VTEP decapsulates the received packets.
A VTEP also performs functions of L2 and L3 gateways. L2 gateway is used for intra-VXLAN communication and L3 gateway is required for inter-VXLAN communication.
Please remember all this VXLAN infrastructure is established on top of underlying network which is supposed to have end to end IP reachability. For this post, please just consider the VTEP cloud as an overlay network running on top of IP underlay network.
There are a lot of pieces to be stitched together to make VXLAN work but it has a lot of benefits and solves many problems.
Any Workload anywhere - across Layer 3 boundaries
Seamless VM Mobility
Scales up to 16 million segments
Leverages ECMP for optimal path usage over the transport network for efficient use of bandwidth.
Secure Multi-tenancy by having traffic & address isolation.
This was long, but I hope it was interesting and helpful!
Source (Author):