What are the differences between VLAN and VXLAN? What are the application scenarios of VXLAN?

With the development of network technology, cloud computing has become a new trend in IT construction in major industries with its advantages in high system utilization, low labor/management costs, and flexibility/scalability. As one of the core technologies of cloud computing, server virtualization has also been increasingly used, greatly increasing the computing density of data centers; at the same time, in order to achieve flexible changes in business deployment, the demand for the systematic migration of virtual machines in the second-layer network is becoming more and more urgent. However, the traditional classic second- and third-layer networks can no longer fully meet these needs.

[[257835]]

For example, traditional VLAN (virtual local area network) technology can only support up to 4096 VLANs and can no longer meet the strict requirements of cloud providers. However, VXLAN (virtual extensible local area network) technology is popular because it can build large multi-tenant data centers by extending the second layer to the third layer network. This technology can effectively overcome the expansion limitations brought by VLAN.

1. What is VLAN?

1. VLAN concept:

Virtual Local Area Network is a concept involved in the implementation of switches and is defined by the 802.1Q standard. Since switches are network devices that work at the link layer, terminals connected to the same switch are in the same Layer 3 network and also in the same broadcast domain. When a switch is connected to a large number of terminals, when any terminal sends a broadcast message (for example, an ARP request), the message will be transmitted throughout the entire network.

2. VLAN advantages:

For large-scale networking scenarios, the proliferation of broadcast messages will have a great impact on network communications. VLAN technology provides a solution to this problem. VLAN divides the same network into multiple logical virtual subnets and stipulates that when a broadcast message is received, it is only broadcast in the VLAN to which it belongs to prevent the flooding of broadcast messages. VLAN technology implements the isolation of broadcast domains at the link layer level. A picture shows the role of VLAN:

Despite these advantages, its disadvantages are also obvious:

• The development of virtualization technology has prompted big data and cloud computing technology companies to use a single physical device to virtualize multiple virtual machines for networking. Therefore, the requirements for the number of VLANs supported are also increasing. In addition, VLAN technology only supports a maximum of 4094 VLANs, so it can no longer meet the demand.
• The business requirements of public cloud providers require that the physical network be leased to multiple different users. These users have different requirements for the network, and the networks leased by different users are likely to have overlapping IP addresses and MAC addresses. Traditional VLANs only solve the problem of isolating broadcast domains on the same link layer network, but do not involve the problem of network address overlap. Therefore, a new technology is needed to ensure effective communication even when there is address overlap in multiple tenant networks.

• The emergence of virtualization technology has increased the burden on switches. For large data centers, a single switch must support the communication connections of dozens of hosts to meet application requirements. Virtualization technology allows a single host to virtualize multiple virtual machines to run simultaneously, and each virtual machine has its own unique MAC address. In this way, in order to ensure that all virtual machines in the cluster can communicate normally, the switch must save the MAC address of each virtual machine, which results in an abnormally large MAC table in the switch, thus affecting the forwarding performance of the switch.

Based on the above requirements, VXLAN technology was proposed.

What is VXLAN?

1. VXLAN Concepts

Virtual extensible Local Area Network, virtual extended local area network. One of the NVO3 standard technologies defined by IETF, adopts MAC-in-UDP message encapsulation mode, and realizes the expansion of the Layer 2 network within the Layer 3 range by encapsulating the Layer 2 message with the Layer 3 protocol, meeting the migration and multi-tenant requirements of large Layer 2 virtual machines in the data center; VXLAN technology can build a Layer 2 virtual network based on the Layer 3 network structure, and through VLAN technology, network devices in different network segments can be integrated into the same logical link layer network. For end users, these network devices seem to be "really" deployed in the same link layer network.

That is, it can build large multi-tenant data centers by extending Layer 2 to Layer 3 networks, while separating virtual networks from physical infrastructure and achieving the highest network reliability and scalability. Therefore, you can create up to 16 million networks using VXLAN technology.

2. VXLAN terminology introduction:

• NVE: Network Virtualization Edge, a network device used to establish VxLAN tunnels;
• VTEP: VxLANtunnel End Point, VxLAN tunnel endpoint, refers to the NVE device endpoint IP that establishes the VxLAN tunnel, which can be used for static VxLAN configuration and dynamic VxLAN configuration;
• VNI: Virtual Network Identifier, virtual network ID, a VNI is a VxLAN broadcast domain, which implements VxLAN broadcast domain isolation, equivalent to the VLAN ID in VLAN;
• BD: BridgeDomain, defines a VxLAN broadcast domain, which can be configured with BDIF to implement cross-VxLAN routing. One BD uniquely maps to one VNI;
• VxLAN message format:

3. Advantages and limitations of VXLAN technology

Compared with VLAN technology, VXLAN technology has the following advantages:

• The 24-bit VNI field value can support more virtual networks, solving the problem of the upper limit of VLAN number being 4094.
• VXLAN technology uses tunnel technology to virtualize a Layer 2 network in a physical Layer 3 network. Terminals in the VXLAN network cannot perceive the VXLAN communication process, which decouples the logical network topology and the physical network topology to a certain extent. The configuration of the network topology is less dependent on the configuration of the physical device, making the configuration more flexible and convenient.
• VLAN technology only solves the problem of Layer 2 network broadcast domain segmentation, while VXLAN technology also has the feature of multi-tenant support. Through VXLAN segmentation, each tenant can independently network and communicate, and the problems of address allocation and address conflicts between multiple tenants are also solved.

In order to ensure the correctness of the VXLAN mechanism communication process, the rfc7348 standard stipulates that IP packets involved in VXLAN communication are not allowed to be fragmented. This requires that the link layer implementation of the physical network must provide a sufficiently large MTU value to ensure the smooth transmission of VXLAN packets. This can be understood as a limitation of the current VXLAN technology.

4. Application scenarios of VXLAN:

VXLAN is used in the migration of virtual machines between cloud data centers. For example, if an enterprise has virtual machines with different business applications in different data centers, the migration of virtual machines between data centers is often encountered. In order to ensure that the business is not interrupted during the migration of virtual machines, it is necessary to ensure that the IP address, MAC address and other parameters of the migrated virtual machine remain unchanged, which requires that the virtual machine belongs to the same Layer 2 network before and after the migration. If traditional methods are used to solve this problem, it may be necessary to purchase new physical devices to separate traffic, and it may cause problems such as VLAN disorganization, network loops, and system and management overhead.

In order to successfully achieve the migration of virtual machines without interrupting business, VXLAN technology can be used. VXLAN is a network virtualization technology of MAC in UDP. As long as the physical network supports IP forwarding, all end users reachable by IP routes can establish a large-scale Layer 2 network; configure VXLAN related information on the switch connected to the virtual machine, establish VXLAN tunnels and VXLAN gateways between the switches connected to the virtual machine, and through VXLAN tunnels and VXLAN gateways, virtual machines can be successfully migrated between different data centers, and the network is not perceived and business is not interrupted during the virtual machine migration process.

Application of VXLAN in SDN environment: In SDN environment, the corresponding relationship between the IP and VID of VXLAN can be realized through SDN controller. SDN controller can be used as ARP proxy device, which greatly improves the flexibility and scalability of VXLAN. Therefore, VXLAN technology can be widely used in SDN environment.