What is a Virtual Extensible LAN?
Virtual Extensible LAN (VXLAN) is a LAN segmentation and overlay solution. VXLAN is designed to provide up to 16 million layer 2 segments. It can be utilized to extend a layer 2 segment over underlying layer 3 network infrastructure. VXLAN uses 24-bits to identify a network segment, which is known as VXLAN network identifier.
VXLAN utilizes MAC-in-UDP encapsulation to provide connectivity across a layer 2 segment located in different parts of a network. This is accomplished by encapsulating the original layer two frame into VXLAN UDP-IP header. The VXLAN header consists of 20 bytes of IP header, 8 bytes of UDP header, and 8 bytes of VXLAN header.
The connectivity across VXLAN segments is provided by VXLAN tunnel endpoint(VTEP) devices. The source VTEP encapsulates layers 2 frames from endpoints on its local VXLAN segment, and transports them over the underlying IP network to far-end VXLAN segment. The far-end VTEP de-encapsulates the packet and forwards the layer two frame based on the source VXLAN Network Identifier.
IP multicast is used to transport layer 2 broadcast, unknown unicast, and multicast traffic from end-points in VXLAN. To avoid unnecessary replication of layer two traffic, it is recommended to use one-to-one mapping of VXLAN network identifier to multicast group address. VXLAN-toVLAN connectivity is provided by VXLAN gateway, which combines VXLAN segment and classical VLAN segment into one common layer 2 domain.
VXLAN Tunnel Endpoint and VXLAN gateway features are supported in hardware on most Cisco Nexus 9000 platforms. Detailed operational behavior of VXLAN is covered in IETF RFC 7348.
VXLAN provides standardized method to extend layer 2 segment across layer 3 network infrastructure, enabling flexible workload placements by way of layer two extension.