With the rapid development of cloud computing and virtualisation technologies, data centre networks are facing increasing challenges. Traditional network architectures have limitations in meeting the demands of large-scale data centres, particularly in terms of scalability, isolation, and flexibility. To overcome these limitations and provide better performance and scalability for data centre networks, VXLAN (Virtual Extensible LAN) has emerged as an innovative network virtualisation technology. This article will detail the principles and advantages of VXLAN, its applications in data centre networks, and help you understand the differences between VXLAN and VLAN.

The Power of VXLAN: Transforming Data Centre Networks

VXLAN is a network virtualisation technology designed to overcome the limitations of traditional Ethernet, offering enhanced scalability and isolation. It enables the creation of a scalable virtual network on existing infrastructure, allowing virtual machines (VMs) to move freely within a logical network, regardless of the underlying physical network topology. VXLAN achieves this by creating a virtual Layer 2 network over an existing IP network, encapsulating traditional Ethernet frames within UDP packets for transmission. This encapsulation allows VXLAN to operate on current network infrastructure without requiring extensive modifications.

VXLAN uses a 24-bit VXLAN Network Identifier (VNI) to identify virtual networks, allowing multiple independent virtual networks to coexist simultaneously. The destination MAC address of a VXLAN packet is replaced with the MAC address of the virtual machine or physical host within the VXLAN network, enabling communication between virtual machines. VXLAN also supports multipath transmission through MP-BGP EVPN and provides multi-tenant isolation within the network.

How it works

1. Encapsulation: When a virtual machine (VM) sends an Ethernet frame, the VXLAN module encapsulates it in a UDP packet. The source IP address of the packet is the IP address of the host where the VM resides, and the destination IP address is that of the remote endpoint of the VXLAN tunnel. The VNI field in the VXLAN header identifies the target virtual network. The UDP packet is then transmitted through the underlying network to reach the destination host.
2. Decapsulation: Upon receiving a VXLAN packet, the VXLAN module parses the UDP packet header to extract the encapsulated Ethernet frame. By examining the VNI field, the VXLAN module identifies the target virtual network and forwards the Ethernet frame to the corresponding virtual machine or physical host.

This process of encapsulation and decapsulation allows VXLAN to transparently transport Ethernet frames over the underlying network, while simultaneously providing logically isolated virtual networks.

Key Components

1. VXLAN Identifier (VNI): Used to distinguish different virtual networks, similar to a VLAN identifier.
2. VTEP (VXLAN Tunnel Endpoint): A network device responsible for encapsulating and decapsulating VXLAN packets, typically a switch or router.
3. Control Plane and Data Plane: The control plane is responsible for establishing and maintaining VXLAN tunnels, while the data plane handles the actual data transmission.

The Benefits of VXLAN: A Changer for Virtual Networks

VXLAN, as an emerging network virtualisation technology, offers several advantages in data centre networks:

1. Scalability

VXLAN uses a 24-bit VNI identifier, supporting up to 16,777,216 virtual networks, each with its own independent Layer 2 namespace. This scalability meets the demands of large-scale data centres and supports multi-tenant isolation.

2. Cross-Subnet Communication

Traditional Ethernet relies on Layer 3 routers for forwarding across different subnets. VXLAN, by using the underlying IP network as the transport medium, enables cross-subnet communication within virtual networks, allowing virtual machines to migrate freely without changing their IP addresses.

3. Flexibility

VXLAN can operate over existing network infrastructure without requiring significant modifications. It is compatible with current network devices and protocols, such as switches, routers, and BGP. This flexibility simplifies the creation and management of virtual networks.

4. Multipath Transmission

VXLAN leverages multipath transmission (MP-BGP EVPN) to achieve load balancing and redundancy in data centre networks. It can choose the optimal path for data transmission based on network load and path availability, providing better performance and reliability.

5. Security

VXLAN supports tunnel encryption, ensuring data confidentiality and integrity over the underlying IP network. Using secure protocols (like IPsec) or virtual private networks (VPNs), VXLAN can offer a higher level of data transmission security.

VXLAN vs. VLAN: Unveiling the Key Differences

VXLAN (Virtual Extensible LAN) and VLAN (Virtual Local Area Network) are two distinct network isolation technologies that differ significantly in their implementation, functionality, and application scenarios.

1. Implementation:

VLAN: VLAN is a Layer 2 (data link layer) network isolation technology that segments a physical network into different virtual networks using VLAN identifiers (VLAN IDs) configured on switches. VLANs use VLAN tags within a single physical network to identify and isolate different virtual networks, achieving isolation between different users or devices.  

VXLAN: VXLAN is a Layer 3 (network layer) network virtualisation technology that extends Layer 2 networks by creating virtual tunnels over an underlying IP network. VXLAN uses VXLAN Network Identifiers (VNIs) to identify different virtual networks and encapsulates original Ethernet frames within UDP packets to enable communication between virtual machines, overcoming physical network limitations.

2. Functionality:

VLAN: VLANs primarily provide Layer 2 network segmentation and isolation, allowing a single physical network to be divided into multiple virtual networks. Different VLANs are isolated from each other, enhancing network security and manageability.  

VXLAN: VXLAN not only provides Layer 2 network segmentation but also creates virtual networks over an underlying IP network, enabling extensive dynamic VM migration and inter-data centre communication. VXLAN offers greater network scalability and flexibility, making it suitable for large-scale cloud computing environments and virtualised data centres.

3. Application Scenarios:

VLAN: VLANs are suitable for small to medium-sized network environments, commonly found in enterprise LANs. They are mainly used for organisational user segmentation, security isolation, and traffic management.  

VXLAN: VXLAN is ideal for large data centre networks, especially in cloud computing environments and virtualised data centres. It supports large-scale dynamic VM migration, multi-tenant isolation, and network scalability, providing a more flexible and scalable network architecture.

These distinctions highlight how VXLAN and VLAN cater to different networking needs and environments, offering tailored solutions for varying levels of network complexity and scalability.

Enhancing Data Centres with VXLAN Technology

The application of VXLAN enhances the flexibility, efficiency, and security of data centre networks, forming a crucial part of modern data centre virtualisation. Here are some typical applications of VXLAN in data centres:

Virtual Machine Migration

VXLAN allows virtual machines to migrate freely between different physical hosts without changing IP addresses. This flexibility and scalability are vital for achieving load balancing, resource scheduling, and fault tolerance in data centres.

Multi-Tenant Isolation

By using different VNIs, VXLAN can divide a data centre into multiple independent virtual networks, ensuring isolation between different tenants. This isolation guarantees data security and privacy for tenants and allows each tenant to have independent network policies and quality of service guarantees.

Inter-Data Centre Connectivity

VXLAN can extend across multiple data centres, enabling the establishment of virtual network connections between them. This capability supports resource sharing, business expansion, and disaster recovery across data centres.

Cloud Service Providers

VXLAN helps cloud service providers build highly scalable virtualised network infrastructures. By using VXLAN, cloud service providers can offer flexible virtual network services and support resource isolation and security in multi-tenant environments.

Virtual Network Functions (VNF)

Combining VXLAN with Network Functions Virtualisation (NFV) enables the deployment and management of virtual network functions. VXLAN serves as the underlying network virtualisation technology, providing flexible network connectivity and isolation for VNFs, thus facilitating rapid deployment and elastic scaling of network functions.

Conclusion

In summary, VXLAN offers powerful scalability, flexibility, and isolation, providing new directions and solutions for the future development of data centre networks. By utilising VXLAN, data centres can achieve virtual machine migration, multi-tenant isolation, inter-data centre connectivity, and enhanced support for cloud service providers.

How FS Can Help

As an industry-leading provider of network solutions, FS offers a variety of high-performance data centre switches supporting multiple protocols, such as MLAG, EVPN-VXLAN, link aggregation, and LACP. FS switches come pre-installed with PicOS®, equipped with comprehensive SDN capabilities and the compatible AmpCon™ management software. This combination delivers a more resilient, programmable, and scalable network operating system (NOS) with lower TCO. The advanced PicOS® and AmpCon™ management platform enables data centre operators to efficiently configure, monitor, manage, and maintain modern data centre fabrics, achieving higher utilisation and reducing overall operational costs.

Register on the FS website now to enjoy customised solutions tailored to your needs, optimising your data centre for greater efficiency and benefits.