No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


CloudEngine 12800, 12800E, 8800, 7800, 6800, and 5800 Series Switches VXLAN Best Practices

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
VXLAN Overview

VXLAN Overview

This chapter describes the definition, purpose, and benefits of the Virtual eXtensible Local Area Network (VXLAN).


Defined in RFC 7348, VXLAN is a Network Virtualization over Layer 3 (NVO3) technology that uses MAC-in-UDP encapsulation.


As a widely deployed core cloud computing technology, server virtualization greatly reduces IT and O&M costs and improves service deployment flexibility.

Figure 1-1 Server virtualization

On the network shown in Figure1, a server is virtualized into multiple virtual machines (VMs), each of which functions as a host. A great increase in the number of hosts causes the following problems:

  • VM scale is limited by the network specification

    On a large legacy Layer 2 network, data packets are forwarded at Layer 2 based on MAC entries. However, the limit on the MAC table capacity consequently limits the number of VMs.

  • Network isolation capabilities are limited

    Most networks currently use VLANs to implement network isolation. However, the deployment of VLANs on large-scale virtualized networks has the following limitations:

    • The VLAN tag field defined in IEEE 802.1Q has only 12 bits and only supports a maximum of 4094 VLANs, which are insufficient to meet user identification requirements of large Layer 2 networks.
    • VLANs on legacy Layer 2 networks cannot adapt to dynamic network adjustment.
  • VM migration scope is limited by the network architecture

    After a VM is started, it may need to be migrated to a new server due to resource issues on the original server, for example, high CPU usage or inadequate memory resources. To ensure uninterrupted services during VM migration, the IP and MAC addresses of the VM must remain unchanged and the service network must be a Layer 2 network that provides multipathing redundancy backup and reliability.

VXLAN addresses the preceding problems on large Layer 2 networks in the following ways:

  • Eliminates VM scale limitations imposed by network specifications.

    VXLAN encapsulates data packets sent from VMs into UDP packets and encapsulates IP and MAC addresses used on the physical network into the outer headers. As a result, the network is only aware of the encapsulated parameters and not the inner data. This greatly reduces the MAC address specification requirements of large Layer 2 networks.

  • Provides greater network isolation capabilities.

    VXLAN uses a 24-bit network segment ID, called a VXLAN Network Identifier (VNI), to identify users. The VNI is similar to a VLAN ID, but supports a maximum of 16M VXLAN segments.

  • Eliminates VM migration scope limitations imposed by network architecture.

    VXLAN uses MAC-in-UDP encapsulation to extend Layer 2 networks. It encapsulates Ethernet packets into IP packets for transmission over routes, and does not need to know VMs' MAC addresses. Because there is no limitation on Layer 3 network architecture, Layer 3 networks are scalable and have strong automatic fault rectification and load balancing capabilities. This allows for VM migration irrespective of network architecture.


As server virtualization is being rapidly deployed on data centers based on physical network infrastructure, VXLAN offers the following benefits:

  • Supports a maximum of 16M VXLAN segments using 24-bit VNIs, allowing data centers to accommodate multiple tenants.
  • Removes the need for non-VXLAN network edge devices to identify the VM MAC addresses, reducing the number of MAC addresses that have to be learned and enhancing network performance.
  • Decouples physical and virtual networks by using MAC-in-UDP encapsulation to extend Layer 2 networks. Tenants can plan their own virtual networks, not limited by the physical network IP addresses or broadcast domains. This greatly simplifies network management.
Updated: 2018-07-02

Document ID: EDOC1100004176

Views: 19534

Downloads: 577

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next