VXLAN
VXLAN is a Network Virtualization over Layer 3 (NVO3) technology defined by IETF and adopts the MAC-in-UDP packet encapsulation mode. In Figure 7-2, a virtual tunnel end point (VTEP) adds a VXLAN header to the original packet, which is then encapsulated into a UDP header. Finally, an outer IP header and an outer MAC header are added to the packet. The packet is then forwarded in accordance with standard Layer 2 and Layer 3 forwarding processes on the bearer network.
The following figure shows the overlay network architecture based on VXLAN technology.
- VTEP
A VTEP is an edge device on a VXLAN network. It is the start or end point of a VXLAN tunnel and is responsible for encapsulating and decapsulating VXLAN packets. VTEPs can be deployed on access switches or vSwitches (virtual switches on servers).
- VNI
A VXLAN Network Identifier (VNI) is a network identifier similar to a VLAN ID and is used to identify a VXLAN Layer 2 network. A VNI represents a VXLAN segment. VMs in different VXLAN segments cannot communicate with each other at Layer 2.
- VXLAN tunnel
A VXLAN tunnel is a logical tunnel established between two VTEPs for transmitting VXLAN packets. Service packets are encapsulated with VXLAN, UDP, and IP headers (in that order) in the VXLAN tunnel. They are then transparently forwarded to the remote VTEP at Layer 3. The remote VTEP decapsulates the packets received.
VXLAN Packet Forwarding Process
The following describes the packet forwarding process on a VXLAN network for VMs on the same subnet.
- VM1 sends a packet destined for VM2.
- After receiving the packet, VTEP1 performs VXLAN encapsulation. The IP address of VTEP2 is the destination IP address in the outer IP header added to the packet. VTEP1 transmits the encapsulated packet to VTEP2 through the IP network based on the outer MAC address and IP address of the packet.
- VTEP2 decapsulates the received packet, obtains the original packet sent by VM1, and forwards the packet to VM2.