Data Center Overlays: Understanding VXLAN
How Virtual Extensible LAN (VXLAN) overcomes the 4,094 VLAN limit to provide massively scalable Layer 2 connectivity over Layer 3 networks.
Overview
Virtual Extensible LAN (VXLAN) is a network virtualization technology that addresses the scalability problems associated with large cloud computing deployments. It encapsulates Layer 2 Ethernet frames within Layer 3 UDP packets, creating a virtual overlay network on top of a physical underlay network.
The Problem
Traditional data centers use VLANs (Virtual Local Area Networks) to segregate traffic. However, the IEEE 802.1Q VLAN standard uses a 12-bit identifier, strictly limiting the network to a maximum of 4,094 VLANs. In a modern multi-tenant cloud environment (like AWS or massive enterprise datacenters) hosting hundreds of thousands of virtual machines, 4,094 network segments are completely insufficient. Additionally, stretching a traditional Layer 2 VLAN across different physical data centers causes massive Spanning Tree Protocol (STP) issues.
Solution and Configuration
VXLAN solves this by introducing a 24-bit identifier (the VXLAN Network Identifier - VNI), which allows for over 16 million unique isolated networks.
The Abstraction: When VM-A in Rack 1 wants to talk to VM-B in Rack 10 (on the same logical subnet but separated by Layer 3 routers), the local switch acts as a VTEP (VXLAN Tunnel Endpoint).
Technical Details
The VTEP takes the original Layer 2 Ethernet frame sent by VM-A, adds a VXLAN header containing the VNI, encapsulates it into a standard UDP/IP packet (using destination port 4789), and routes it across the physical Layer 3 network. When the packet reaches the VTEP at Rack 10, the VXLAN header is stripped off, and the original Layer 2 frame is delivered to VM-B. Neither VM realizes that their traffic traversed a complex Layer 3 routed network. Modern data center architectures almost universally deploy VXLAN paired with MP-BGP EVPN (Ethernet Virtual Private Network) to dynamically share MAC address routing information, eliminating the need for inefficient broadcast flooding.
Conclusion
VXLAN is the foundation of modern Software-Defined Networking (SDN) in data centers. It frees virtual machines from the physical constraints of racks and switches, allowing workloads to be seamlessly migrated (like VMware vMotion) across entire continents without changing their IP addresses.